Context Navigation

← Previous Period
Next Period →

Timeline

Oct 19, 2021:

11:41 PM Changeset in webkit [284519] by graouts@webkit.org

7 edits in trunk

Support more CSS properties for ::marker
https://bugs.webkit.org/show_bug.cgi?id=231972

Reviewed by Simon Fraser.

LayoutTests/imported/w3c:

Mark WPT progressions.

web-platform-tests/css/css-pseudo/marker-computed-content-expected.txt:
web-platform-tests/css/css-pseudo/marker-default-styles-expected.txt:
web-platform-tests/css/css-pseudo/parsing/marker-supported-properties-expected.txt:
web-platform-tests/css/css-pseudo/parsing/marker-supported-properties-in-animation-expected.txt:

Source/WebCore:

Support additional text properties for ::marker.

style/PropertyAllowlist.cpp:

(WebCore::Style::isValidMarkerStyleProperty):

10:16 PM Changeset in webkit [284518] by Ben Nham

31 edits
2 copies
1 move in trunk

Add NetworkProcess stubs for push subscriptions
https://bugs.webkit.org/show_bug.cgi?id=231922

Reviewed by Youenn Fablet.

Source/WebCore:

Both PushManager and PushSubscription now send their subscription requests to NetworkProcess
via ServiceWorkerRegistration => ServiceWorkerContainer => SWClientConnection.

Headers.cmake:
Modules/push-api/PushManager.cpp:

(WebCore::PushManager::subscribe):
(WebCore::PushManager::getSubscription):
(WebCore::PushManager::permissionState):

Modules/push-api/PushPermissionState.h:
Modules/push-api/PushSubscription.cpp:

(WebCore::PushSubscription::PushSubscription):
(WebCore::PushSubscription::unsubscribe):

Modules/push-api/PushSubscription.h:
Modules/push-api/PushSubscriptionData.cpp:

(WebCore::PushSubscriptionData::isolatedCopy const):

Modules/push-api/PushSubscriptionData.h:

(WebCore::PushSubscriptionData::encode const):
(WebCore::PushSubscriptionData::decode):

Modules/push-api/PushSubscriptionOptions.cpp:

(WebCore::PushSubscriptionOptions::PushSubscriptionOptions):
(WebCore::PushSubscriptionOptions::userVisibleOnly const):

Modules/push-api/PushSubscriptionOptions.h:
Sources.txt:
WebCore.xcodeproj/project.pbxproj:
testing/Internals.cpp:

(WebCore::Internals::createPushSubscription):

testing/Internals.h:
testing/Internals.idl:
workers/service/SWClientConnection.h:
workers/service/ServiceWorkerContainer.cpp:

(WebCore::createPushSubscriptionFromData):
(WebCore::ServiceWorkerContainer::subscribeToPushService):
(WebCore::ServiceWorkerContainer::unsubscribeFromPushService):
(WebCore::ServiceWorkerContainer::getPushSubscription):
(WebCore::ServiceWorkerContainer::getPushPermissionState):

workers/service/ServiceWorkerContainer.h:
workers/service/ServiceWorkerRegistration.cpp:

(WebCore::ServiceWorkerRegistration::subscribeToPushService):
(WebCore::ServiceWorkerRegistration::unsubscribeFromPushService):
(WebCore::ServiceWorkerRegistration::getPushSubscription):
(WebCore::ServiceWorkerRegistration::getPushPermissionState):

workers/service/ServiceWorkerRegistration.h:
workers/service/ServiceWorkerRegistration.idl:
workers/service/WorkerSWClientConnection.cpp:

(WebCore::WorkerSWClientConnection::~WorkerSWClientConnection):
(WebCore::WorkerSWClientConnection::subscribeToPushService):
(WebCore::WorkerSWClientConnection::unsubscribeFromPushService):
(WebCore::WorkerSWClientConnection::getPushSubscription):
(WebCore::WorkerSWClientConnection::getPushPermissionState):

workers/service/WorkerSWClientConnection.h:

Source/WebKit:

Added stubs in NetworkProcess for push subscription-related IPC. Currently the stubs return
that subscribing is unsupported and that there are no active push subscriptions.

NetworkProcess/ServiceWorker/WebSWServerConnection.cpp:

(WebKit::WebSWServerConnection::subscribeToPushService):
(WebKit::WebSWServerConnection::unsubscribeFromPushService):
(WebKit::WebSWServerConnection::getPushSubscription):
(WebKit::WebSWServerConnection::getPushPermissionState):

NetworkProcess/ServiceWorker/WebSWServerConnection.h:
NetworkProcess/ServiceWorker/WebSWServerConnection.messages.in:
WebProcess/Storage/WebSWClientConnection.cpp:

(WebKit::WebSWClientConnection::subscribeToPushService):
(WebKit::WebSWClientConnection::unsubscribeFromPushService):
(WebKit::WebSWClientConnection::getPushSubscription):
(WebKit::WebSWClientConnection::getPushPermissionState):

WebProcess/Storage/WebSWClientConnection.h:

LayoutTests:

Modify PushSubscription tests to pass in a ServiceWorkerRegistration.

http/wpt/push-api/emptyWorker.js: Renamed from LayoutTests/http/wpt/push-api/pushManager-worker.js.
http/wpt/push-api/pushManager.any.js:

(else.promise_test.async test):

http/wpt/push-api/pushSubscription.https.any-expected.txt:
http/wpt/push-api/pushSubscription.https.any.js:

(promise_test.async test):
(promise_test):
(test): Deleted.

9:49 PM Changeset in webkit [284517] by commit-queue@webkit.org

3 edits in trunk/Source/WebKit

Fix build break after r284406 if ENABLE_SERVICE_WORKER=OFF
https://bugs.webkit.org/show_bug.cgi?id=231968

Patch by Jigen Zhou <jigen.zhou@sony.com> on 2021-10-19
Reviewed by Don Olmstead.

r284406 made m_isServiceWorkerPage of WebPageProxy not available if !ENABLE(SERVICE_WORKER),
but the change was incomplete and can cause build failure if ENABLE_SERVICE_WORKER=OFF.
This patch avoids accessing m_isServiceWorkerPage if !ENABLE(SERVICE_WORKER) in WebPageProxy
methods isServiceWorkerPage, loadDataWithNavigationShared, and resetStateAfterProcessExited.

UIProcess/WebPageProxy.cpp:
UIProcess/WebPageProxy.h:

8:25 PM Changeset in webkit [284516] by don.olmstead@sony.com

14 edits in trunk/Source

Non-unified build fixes, mid October 2021 edition
https://bugs.webkit.org/show_bug.cgi?id=231915

Unreviewed non-unified build fixes.

Source/WebCore:

animation/KeyframeEffectStack.cpp:
bindings/js/JSDOMWindowBase.cpp:
dom/ActiveDOMObject.cpp:
html/DOMFormData.cpp:
html/HTMLDialogElement.cpp:
html/HTMLOutputElement.cpp:
html/ResetInputType.cpp:
page/DragController.cpp:
page/EventHandler.cpp:
rendering/updating/RenderTreeBuilderFirstLetter.cpp:

Source/WebKit:

NetworkProcess/PrivateClickMeasurement/PrivateClickMeasurementConnection.cpp:
WebProcess/GPU/graphics/RemoteDisplayListRecorderProxy.cpp:

8:03 PM Changeset in webkit [284515] by commit-queue@webkit.org

2 edits in trunk/Source/WebCore

r284315 can cause build break.
https://bugs.webkit.org/show_bug.cgi?id=231923

Patch by Jigen Zhou <jigen.zhou@sony.com> on 2021-10-19
Reviewed by Michael Catanzaro.

Class 'WebCore::RenderBlockFlow' was forward declared in header file
InlineIteratorLogicalOrderTraversal.h, but template
leafBoxesInLogicalOrder that was added by r284315 has access to RenderBlockFLow's method
style() and can cause build break in our local webkit build.

The build can be fixed when the concreate declaration of class
RenderBlockFlow is included in InlineIteratorLogicalOrderTraversal.h.

layout/integration/InlineIteratorLogicalOrderTraversal.h:

5:58 PM Changeset in webkit [284514] by Alan Coon

1 copy in tags/Safari-612.3.1

Tag Safari-612.3.1.

5:40 PM Changeset in webkit [284513] by Tadeu Zagallo

10 edits in trunk/Source/JavaScriptCore

Address post-landing feedback to wasm exceptions
https://bugs.webkit.org/show_bug.cgi?id=231973

Reviewed by Saam Barati.

Address comments left by Saam in https://bugs.webkit.org/show_bug.cgi?id=229681
after the patch landed. This includes deleting some unused code, and renaming a
couple variables and methods, but the biggest change is copying the callee saves
to VMEntry in the llint rethrow.

interpreter/Interpreter.cpp:

(JSC::CatchInfo::CatchInfo):
(JSC::UnwindFunctor::operator() const):

interpreter/Interpreter.h:

(JSC::CatchInfo::CatchInfo): Deleted.

jit/JSInterfaceJIT.h:

(JSC::JSInterfaceJIT::convertCalleeToVM): Deleted.

llint/WebAssembly.asm:
wasm/WasmB3IRGenerator.cpp:

(JSC::Wasm::B3IRGenerator::ControlData::ControlData):
(JSC::Wasm::B3IRGenerator::ControlData::tryDepth const):
(JSC::Wasm::B3IRGenerator::connectControlAtEntrypoint):
(JSC::Wasm::B3IRGenerator::addLoop):
(JSC::Wasm::B3IRGenerator::addTry):
(JSC::Wasm::B3IRGenerator::preparePatchpointForExceptions):
(JSC::Wasm::B3IRGenerator::emitCatchImpl):
(JSC::Wasm::B3IRGenerator::addDelegateToUnreachable):
(JSC::Wasm::B3IRGenerator::addThrow):
(JSC::Wasm::B3IRGenerator::addRethrow):
(JSC::Wasm::B3IRGenerator::addEndToUnreachable):
(JSC::Wasm::B3IRGenerator::connectControlEntry): Deleted.

wasm/WasmCallee.h:

(JSC::Wasm::Callee::llintFunctionCodeBlock const):
(JSC::Wasm::Callee::functionCodeBlock const): Deleted.

wasm/WasmLLIntGenerator.cpp:

(JSC::Wasm::LLIntGenerator::unifyValuesWithBlock):
(JSC::Wasm::LLIntGenerator::addTry):
(JSC::Wasm::LLIntGenerator::addThrow):
(JSC::Wasm::LLIntGenerator::repatch): Deleted.

wasm/WasmOperations.cpp:

(JSC::Wasm::JSC_DEFINE_JIT_OPERATION):

wasm/WasmOperations.h:

5:30 PM Changeset in webkit [284512] by Ross Kirsling

8 edits in trunk

[CMake] Align OptionsMac with Xcode build
https://bugs.webkit.org/show_bug.cgi?id=231982

Reviewed by Don Olmstead.

Source/cmake/OptionsMac.cmake:

Ensure that the listed options (1) are not redundant with the defaults in WebKitFeatures.cmake and
(2) match the options for the Xcode build as closely as possible.

Source/cmake/WebKitFeatures.cmake:

Remove an outdated feature, ENABLE_APPLE_PAY_SESSION_V9,
and let ENABLE_MAC_GESTURE_EVENTS be handled by PlatformEnable, since it depends on USE_APPLE_INTERNAL_SDK.

Source/WebCore:

PlatformMac.cmake:

Add support for new files.

platform/mediastream/cocoa/DisplayCaptureSourceCocoa.cpp:

Fix for r284295 -- ReplayKit is iOS and its headers shouldn't be included on Mac.

Source/WebKit:

CMakeLists.txt:

Enable -fobjc-weak to support r284329.

5:16 PM Changeset in webkit [284511] by Ben Nham

2 edits in trunk/Source/WebCore

Unreviewed build fix for non-unified build.

Modules/webaudio/RealtimeAnalyser.h:

4:56 PM Changeset in webkit [284510] by Chris Dumez

98 edits
12 adds
11 deletes in trunk/LayoutTests

Resync COOP /COEP WPT tests from upstream WPT
https://bugs.webkit.org/show_bug.cgi?id=231746

Reviewed by Geoffrey Garen.

LayoutTests/imported/w3c:

Resync COOP /COEP WPT tests from upstream WPT 207e223d74fdc1f1.

web-platform-tests/html/cross-origin-embedder-policy/*: Updated.
web-platform-tests/html/cross-origin-opener-policy/*: Updated.

LayoutTests:

Resync COOP /COEP WPT tests from upstream WPT 6ccfe6fafab233e.

TestExpectations:
tests-options.json:

4:54 PM Changeset in webkit [284509] by Alan Coon

2 edits in branches/safari-613.1.6-branch/Source/WebCore/PAL

Cherry-pick r284494. rdar://problem/84439983

REGRESSION (r284220): [PAL] TCCSPI.h should be a project header, not a private header
<https://webkit.org/b/231977>
<rdar://problem/84425384>

Reviewed by Wenson Hsieh.

PAL.xcodeproj/project.pbxproj:
Change TCCSPI.h from a private header to a project header. PAL uses a build phase script to install its headers.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@284494 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4:34 PM Changeset in webkit [284508] by Russell Epstein

2 edits in branches/safari-613.1.6-branch/Source/WebKit

Cherry-pick r284489. rdar://problem/84439180

WebAuthn Platform UI callbacks are not guaranteed to happen on the main thread
https://bugs.webkit.org/show_bug.cgi?id=231963
<rdar://84420452>

Patch by Garrett Davidson <garrett_davidson@apple.com> on 2021-10-19
Reviewed by Brent Fulgham.

The clearanceHandler is not guaranteed to happen on the main thread, but weakThis.get() needs to happen there.

proxy needs to stay alive for the whole transaction, otherwise it will tear down the connection and cancel the request, so explicitly capture it everywhere.

Start logging if we get an error from clearanceHandler.

Covered by existing tests.

UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm: (WebKit::WebAuthenticatorCoordinatorProxy::performRequest):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@284489 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4:14 PM Changeset in webkit [284507] by ap@apple.com

6 edits in trunk/Source

Eagerly resolve python3 path in Makefiles
https://bugs.webkit.org/show_bug.cgi?id=231979

Reviewed by Jonathan Bedard.

DerivedSources.make:

3:48 PM Changeset in webkit [284506] by sbarati@apple.com

2 edits in trunk/Source/JavaScriptCore

canDoFastSpread should also check that the Structure is from the global object we're watching
https://bugs.webkit.org/show_bug.cgi?id=231976
<rdar://84340372>

Reviewed by Keith Miller.

dfg/DFGGraph.cpp:

(JSC::DFG::Graph::canDoFastSpread):

3:37 PM Changeset in webkit [284505] by Adrian Perez de Castro

3 edits in releases/WebKitGTK/webkit-2.34/Source/WebCore

Merge r284239 - [WPE][GTK] Update user agent browser versions
https://bugs.webkit.org/show_bug.cgi?id=231772

Patch by Michael Catanzaro <Michael Catanzaro> on 2021-10-15
Reviewed by Carlos Garcia Campos.

platform/UserAgentQuirks.cpp:

(WebCore::UserAgentQuirks::stringForQuirk):

platform/glib/UserAgentGLib.cpp:

(WebCore::buildUserAgentString):

3:37 PM Changeset in webkit [284504] by Adrian Perez de Castro

3 edits in releases/WebKitGTK/webkit-2.34/Source/WebCore

Merge r284091 - [GStreamer] Crash in WebCore::MediaPlayerPrivateGStreamer::sourceSetup when loading reddit video
https://bugs.webkit.org/show_bug.cgi?id=231519

Patch by Philippe Normand <pnormand@igalia.com> on 2021-10-13
Reviewed by Xabier Rodriguez-Calvar.

Since this GStreamer commit:
https://gitlab.freedesktop.org/gstreamer/gst-plugins-base/-/commit/52bca104e447309898ca8904b3914211ec7d4114

and starting from GStreamer 1.20, the playbin::source-setup signal is emitted before the
source element is added to the pipeline, so this gave us the opportunity to refactor our
code handling the downloadbuffer configuration, using the existing deep-element-added signal
handler.

platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

(WebCore::MediaPlayerPrivateGStreamer::~MediaPlayerPrivateGStreamer):
(WebCore::MediaPlayerPrivateGStreamer::sourceSetup):
(WebCore::MediaPlayerPrivateGStreamer::configureDownloadBuffer):
(WebCore::MediaPlayerPrivateGStreamer::createGSTPlayBin):
(WebCore::MediaPlayerPrivateGStreamer::uriDecodeBinElementAddedCallback): Deleted.

platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:

3:37 PM Changeset in webkit [284503] by Adrian Perez de Castro

4 edits in releases/WebKitGTK/webkit-2.34/Source

Merge r284132 - [GTK] Opening emoji chooser crashes UI process with GTK 3.24.30
https://bugs.webkit.org/show_bug.cgi?id=228664

Reviewed by Michael Catanzaro.

Instead of providing a copy of the emoji chooser widget, use GLib's
introspection features and a little sprinkle of knowledge about how
GTK works in order to obtain the type code of the GtkEmojiChooser
widget included with GTK. This ensures that a working widget is
always used, regardless of the current GTK version.

No new tests needed.

UIProcess/API/gtk/WebKitEmojiChooser.cpp:

(webkitEmojiChooserNew):
(): Deleted.
(webkitEmojiChooserAddEmoji): Deleted.
(webkitEmojiChooserAddRecentItem): Deleted.
(emojiActivated): Deleted.
(emojiDataHasVariations): Deleted.
(webkitEmojiChooserShowVariations): Deleted.
(emojiLongPressed): Deleted.
(emojiPressed): Deleted.
(emojiPopupMenu): Deleted.
(verticalAdjustmentChanged): Deleted.
(webkitEmojiChooserSetupSectionBox): Deleted.
(scrollToSection): Deleted.
(webkitEmojiChooserSetupSectionButton): Deleted.
(webkitEmojiChooserSetupRecent): Deleted.
(webkitEmojiChooserEnsureEmptyResult): Deleted.
(webkitEmojiChooserSearchChanged): Deleted.
(webkitEmojiChooserSetupFilters): Deleted.
(webkitEmojiChooserSetupEmojiSections): Deleted.
(webkitEmojiChooserInitializeEmojiMaxWidth): Deleted.
(webkitEmojiChooserConstructed): Deleted.
(webkitEmojiChooserShow): Deleted.
(webkit_emoji_chooser_class_init): Deleted.

UIProcess/API/gtk/WebKitEmojiChooser.h:

3:37 PM Changeset in webkit [284502] by Adrian Perez de Castro

2 edits
1 add in releases/WebKitGTK/webkit-2.34/Source/WebKit

Merge r284451 - Update seccomp filters with latest changes from flatpak
https://bugs.webkit.org/show_bug.cgi?id=231479

Patch by Michael Catanzaro <Michael Catanzaro> on 2021-10-19
Reviewed by Adrian Perez de Castro.

Additionally, let's fix a minor inconsistency in our error-handling code: all but one of
our codepaths carefully free and close resources, but the process is about to crash so
there's not really any reason to do so. The code is slightly simpler if we don't bother.

The seemingly-extraneous include order changes are required to placate the style checker.

UIProcess/Launcher/glib/BubblewrapLauncher.cpp:

(WebKit::seccompStrerror):
(WebKit::setupSeccomp):

UIProcess/Launcher/glib/Syscalls.h: Added.

3:35 PM WebKitGTK/2.34.x edited by Adrian Perez de Castro

(diff)

2:53 PM Changeset in webkit [284501] by ysuzuki@apple.com

2 edits in trunk/Source/WTF

Remove old GCC workaround for Allocator
https://bugs.webkit.org/show_bug.cgi?id=231978

Reviewed by Darin Adler.

This is for old GCC. Since our GCC baseline is 8.3.0, this is no longer necessary.

wtf/FastMalloc.h:

(WTF::FastAllocator::deallocate):
(WTF::FastAllocator::construct): Deleted.
(WTF::FastAllocator::destroy): Deleted.
(WTF::FastAllocator::max_size const): Deleted.
(WTF::FastAllocator::select_on_container_copy_construction const): Deleted.

2:46 PM Changeset in webkit [284500] by Russell Epstein

1 copy in tags/Safari-613.1.5.2

Tag Safari-613.1.5.2.

2:46 PM Changeset in webkit [284499] by Alan Coon

5 edits
4 adds in branches/safari-613.1.6-branch

Cherry-pick r284490. rdar://problem/84434069

Regression(r284336): [ iOS 15 ] system-preview/badge.html is image failing
https://bugs.webkit.org/show_bug.cgi?id=231916

Reviewed by Antti Koivisto.
Source/WebCore:

In r284336 I made clip-path not apply to non-RenderBoxes, which disabled it on inlines,
breaking the system-preview/badge.html test.

The spec says it applies to all elements, so this behavior change was incorrect.

Revert back to using calculateLayerBounds() as the fallback rect to use for inlines, and add
tests for this. This rectangle is obviously incorrect (for example, it's affected by text
shadow), but leave it for now until https://github.com/w3c/csswg-drafts/issues/6383 is
resolved.

I also failed to see that computeClipPath() was already computing the reference box
internally, so clean up the code with some comments to make it more clear that the result of
calculateLayerBounds() is used only as the fallback for inlines, as well as for the buffer
bounds for the applyClippingToContext() code path.

Tests: css3/masking/clip-path-on-inline.html

css3/masking/clip-path-on-split-inline.html

rendering/RenderLayer.cpp: (WebCore::RenderLayer::computeClipPath const): (WebCore::RenderLayer::setupClipPath):
rendering/RenderLayer.h:
rendering/RenderLayerBacking.cpp: (WebCore::RenderLayerBacking::updateMaskingLayerGeometry):

LayoutTests:

Tests for clip-path on a single-box inline, and a split inline.

css3/masking/clip-path-on-inline-expected.html: Added.
css3/masking/clip-path-on-inline.html: Added.
css3/masking/clip-path-on-split-inline-expected.html: Added.
css3/masking/clip-path-on-split-inline.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@284490 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:44 PM Changeset in webkit [284498] by Jonathan Bedard

6 edits in trunk/Tools

[webkitscmpy] Override http url with ssh url
https://bugs.webkit.org/show_bug.cgi?id=231965
<rdar://problem/84422393>

Reviewed by Ryan Haddad.

Tools/Scripts/libraries/webkitscmpy/setup.py: Bump version.
Tools/Scripts/libraries/webkitscmpy/webkitscmpy/init.py: Ditto.
Tools/Scripts/libraries/webkitscmpy/webkitscmpy/local/git.py:

(Git): Exclude / from hostname.

Tools/Scripts/libraries/webkitscmpy/webkitscmpy/program/setup.py:

(Setup.git): Prompt user to switch to ssh checkout.

Tools/Scripts/libraries/webkitscmpy/webkitscmpy/test/setup_unittest.py:

Canonical link: https://commits.webkit.org/243250@main

2:41 PM Changeset in webkit [284497] by Alan Coon

2 edits
1 delete in branches/safari-613.1.6-branch/Source/WebKit

Cherry-pick r284495. rdar://problem/84433820

Unreviewed, reverting r284099.
https://bugs.webkit.org/show_bug.cgi?id=231984

Introduced build failure

Reverted changeset:

"[iOS] Stop including 'util.sb' in the WebContent process'
sandbox"
https://bugs.webkit.org/show_bug.cgi?id=231570
https://commits.webkit.org/r284099

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@284495 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:40 PM Changeset in webkit [284496] by Russell Epstein

8 edits in branches/safari-613.1.5-branch/Source

Versioning.

WebKit-7613.1.5.2

2:37 PM Changeset in webkit [284495] by commit-queue@webkit.org

2 edits
1 delete in trunk/Source/WebKit

Unreviewed, reverting r284099.
https://bugs.webkit.org/show_bug.cgi?id=231984

Introduced build failure

Reverted changeset:

"[iOS] Stop including 'util.sb' in the WebContent process'
sandbox"
https://bugs.webkit.org/show_bug.cgi?id=231570
https://commits.webkit.org/r284099

2:10 PM Changeset in webkit [284494] by ddkilzer@apple.com

2 edits in trunk/Source/WebCore/PAL

REGRESSION (r284220): [PAL] TCCSPI.h should be a project header, not a private header
<https://webkit.org/b/231977>
<rdar://problem/84425384>

Reviewed by Wenson Hsieh.

PAL.xcodeproj/project.pbxproj:
Change TCCSPI.h from a private header to a project header. PAL uses a build phase script to install its headers.

1:58 PM Changeset in webkit [284493] by Ayumi Kojima

2 edits in trunk/LayoutTests

Regression(r283935 - r283938): [ macOS wk1 ] imported/w3c/web-platform-tests/html/semantics/interactive-elements/the-dialog-element/dialog-autofocus-multiple-times.html is a flaky failure.
https://bugs.webkit.org/show_bug.cgi?id=231918

Unreviewed test gardening.

platform/mac-wk1/TestExpectations:

1:46 PM Changeset in webkit [284492] by Ryan Haddad

3 edits in trunk/Tools

[EWS] Move EWS bots to iOS 15 / watchOS 8 / tvOS 15
https://bugs.webkit.org/show_bug.cgi?id=231925

Reviewed by Jonathan Bedard.

CISupport/ews-build/config.json:
CISupport/ews-build/factories_unittest.py:

(TestExpectedBuildSteps):

1:36 PM Changeset in webkit [284491] by Jonathan Bedard

2 edits in trunk/Tools

[webkitscmpy] Generate commit message template (Follow-up fix)
https://bugs.webkit.org/show_bug.cgi?id=231023
<rdar://problem/83722871>

Unreviewed follow-up fix.

Scripts/libraries/webkitscmpy/webkitscmpy/init.py: MarkupSafe is imported as markupsafe.

1:34 PM Changeset in webkit [284490] by Simon Fraser

5 edits
4 adds in trunk

Regression(r284336): [ iOS 15 ] system-preview/badge.html is image failing
https://bugs.webkit.org/show_bug.cgi?id=231916

Reviewed by Antti Koivisto.
Source/WebCore:

In r284336 I made clip-path not apply to non-RenderBoxes, which disabled it on inlines,
breaking the system-preview/badge.html test.

The spec says it applies to all elements, so this behavior change was incorrect.

Revert back to using calculateLayerBounds() as the fallback rect to use for inlines, and add
tests for this. This rectangle is obviously incorrect (for example, it's affected by text
shadow), but leave it for now until https://github.com/w3c/csswg-drafts/issues/6383 is
resolved.

I also failed to see that computeClipPath() was already computing the reference box
internally, so clean up the code with some comments to make it more clear that the result of
calculateLayerBounds() is used only as the fallback for inlines, as well as for the buffer
bounds for the applyClippingToContext() code path.

Tests: css3/masking/clip-path-on-inline.html

css3/masking/clip-path-on-split-inline.html

rendering/RenderLayer.cpp:

(WebCore::RenderLayer::computeClipPath const):
(WebCore::RenderLayer::setupClipPath):

rendering/RenderLayer.h:
rendering/RenderLayerBacking.cpp:

(WebCore::RenderLayerBacking::updateMaskingLayerGeometry):

LayoutTests:

Tests for clip-path on a single-box inline, and a split inline.

css3/masking/clip-path-on-inline-expected.html: Added.
css3/masking/clip-path-on-inline.html: Added.
css3/masking/clip-path-on-split-inline-expected.html: Added.
css3/masking/clip-path-on-split-inline.html: Added.

1:32 PM Changeset in webkit [284489] by commit-queue@webkit.org

2 edits in trunk/Source/WebKit

WebAuthn Platform UI callbacks are not guaranteed to happen on the main thread
https://bugs.webkit.org/show_bug.cgi?id=231963
<rdar://84420452>

Patch by Garrett Davidson <garrett_davidson@apple.com> on 2021-10-19
Reviewed by Brent Fulgham.

The clearanceHandler is not guaranteed to happen on the main thread, but

weakThis.get() needs to happen there.

proxy needs to stay alive for the whole transaction, otherwise it will tear

down the connection and cancel the request, so explicitly capture it everywhere.

Start logging if we get an error from clearanceHandler.

Covered by existing tests.

UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm:

(WebKit::WebAuthenticatorCoordinatorProxy::performRequest):

1:15 PM Changeset in webkit [284488] by Alan Coon

1 copy in tags/Safari-612.2.9.1.22

Tag Safari-612.2.9.1.22.

1:11 PM Changeset in webkit [284487] by Alan Coon

2 edits in branches/safari-612.2.9.1-branch/Source/WebKit

Cherry-pick r283430. rdar://problem/84428809

Use DYLD_FRAMEWORK_PATH instead of DYLD_VERSIONED_FRAMEWORK_PATH on Safari Big Sur
https://bugs.webkit.org/show_bug.cgi?id=231058

Patch by Remy Demarest <rdemarest@apple.com> on 2021-10-01
Reviewed by David Kilzer.

Modify the DYLD environment variable that is used when compiling with staged frameworks.
We want to use DYLD_VERSIONED_FRAMEWORK_PATH to define the search path of the frameworks
for DYLD because this makes launching Safari and its child processes faster. However,
on Apple Silicon Big Sur using that environment variable does not work and results in Safari
loading frameworks from the System folder rather than from the StagedFrameworks/Safari
folder, this is because dyld on M1 does not look up that variable properly. To make sure
we actually load the frameworks from the desired location, we need to use DYLD_FRAMEWORK_PATH
instead, this makes dyld perform more stat() calls than usual to link the frameworks hence
why we prefer the other variable, but this is the only way to workaround the issue in
Big Sur on M1. In Monterey and above, this bug will be fixed in dyld so we only need this
variable before macOS 11.

Override OTHER_LDFLAGS_VERSIONED_FRAMEWORK_PATH_YES based on SDK and architecture to use
DYLD_FRAMEWORK_PATH instead of DYLD_VERSIONED_FRAMEWORK_PATH when building for macOS 11 and arm64.

Configurations/BaseTarget.xcconfig:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@283430 268f45cc-cd09-0410-ab3c-d52691b4dbfc

1:08 PM Changeset in webkit [284486] by Alan Coon

8 edits in branches/safari-612.2.9.1-branch/Source

Versioning.

WebKit-7612.2.9.1.22

1:07 PM Changeset in webkit [284485] by Jonathan Bedard

8 edits
4 adds in trunk/Tools

[webkitscmpy] Generate commit message template
https://bugs.webkit.org/show_bug.cgi?id=231023
<rdar://problem/83722871>

Reviewed by Dewei Zhu.

Tools/Scripts/git-webkit: Use prepare-ChangeLog to generate commit messages.
Tools/Scripts/hooks/prepare-commit-msg: Added.
Tools/Scripts/libraries/webkitscmpy/setup.py: Bump version, add jinja.
Tools/Scripts/libraries/webkitscmpy/webkitscmpy/init.py: Ditto.
Tools/Scripts/libraries/webkitscmpy/webkitscmpy/mocks/local/git.py:

(Git.init): Add unbound status mock.

Tools/Scripts/libraries/webkitscmpy/webkitscmpy/program/init.py:

(main): Pass hooks to sub-programs.

Tools/Scripts/libraries/webkitscmpy/webkitscmpy/program/setup.py:

(Setup.git): iterate through the directory of provided hooks and render with jinja2.

Tools/Scripts/libraries/webkitscmpy/webkitscmpy/test/hooks/prepare-commit-msg: Added.
Tools/Scripts/libraries/webkitscmpy/webkitscmpy/test/setup_unittest.py:

(TestSetup.test_commit_message):
Canonical link: https://commits.webkit.org/243242@main

1:05 PM Changeset in webkit [284484] by Russell Epstein

12 edits
2 copies
2 moves
1 delete in branches/safari-613.1.6-branch

Cherry-pick r284483. rdar://problem/84428759

LayoutTests/imported/w3c:
Origin of opaque blob: URLs ends up as empty string
https://bugs.webkit.org/show_bug.cgi?id=231942

Patch by Alex Christensen <achristensen@webkit.org> on 2021-10-19
Reviewed by Tim Horton.

web-platform-tests/url/a-element-expected.txt:
web-platform-tests/url/a-element-origin-expected.txt:
web-platform-tests/url/a-element-origin-xhtml-expected.txt:
web-platform-tests/url/a-element-xhtml-expected.txt:
web-platform-tests/url/resources/urltestdata.json:
web-platform-tests/url/url-constructor.any-expected.txt:
web-platform-tests/url/url-constructor.any.worker-expected.txt:
web-platform-tests/url/url-origin.any-expected.txt:
web-platform-tests/url/url-origin.any.worker-expected.txt:

Source/WebCore:
Fix leak of CGColorSpaceRef in FilterEffectRendererCoreImage::sharedCIContext()
<https://webkit.org/b/231902>
<rdar://problem/84375203>

Patch by David Kilzer <ddkilzer@apple.com> on 2021-10-19
Reviewed by Wenson Hsieh.

platform/graphics/coreimage/FilterEffectRendererCoreImage.mm: (WebCore::FilterEffectRendererCoreImage::sharedCIContext):
Use adoptCF() to fix the leak.

Source/WebKit:
REGRESSION (r284079): fast/canvas/gradient-with-clip.html and fast/canvas/gradient-text-with-shadow.html are flaky failures
https://bugs.webkit.org/show_bug.cgi?id=231681
rdar://84202478

Patch by Wenson Hsieh <Wenson Hsieh> on 2021-10-19
Reviewed by Kimmo Kinnunen.

These tests occasionally fail when we time out while waiting for the pixel buffer to be populated underneath
RemoteImageBufferProxy::getPixelBuffer; this happens because the GPU process sometimes halts (and never
resumes) while processing stream messages, and consequently never ends up processing the GetPixelBuffer IPC
stream message that's necessary to populate the shared memory buffer for GetPixelBuffer.

This, in turn, happens when the IPC stream buffer is about to exhaust all available capacity (i.e. the write
cursor is nearing the end of the 2MB buffer), and as a result, we send messages that would normally be encoded
in the IPC stream as out-of-line IPC messages instead, which are received in the GPU process on the IPC thread
and appended to the receive queue corresponding to the destination ID in Connection::processIncomingMessage().

If we happen to have sent RemoteRenderingBackend::CreateImageBuffer(a) right before exhausting capacity and
sending out-of-line messages targeting the RemoteDisplayListRecorder corresponding to the newly created image
buffer a, we'll end up with a race condition where the IPC thread may receive the out-of-line messages meant
for the new remote display list destination *before* the new remote display list has added itself as an IPC
receive queue by calling into StreamServerConnection::startReceivingMessages().

In this particular scenario (where we "lose" the race), Connection::processIncomingMessage will skip past the
early return where it would normally find its corresponding receive queue via m_receiveQueues.get(*message),
and instead falls through to Connection::SyncMessageState::processIncomingMessage(), which will attempt to
dispatch the incoming message to the Connection's client (GPUConnectionToWebProcess). Of course, the
GPUConnectionToWebProcess isn't aware of how to process this incoming message, so it simply gets dropped. By the
time the receive queue is added for the new RemoteDisplayListRecorder, we'll observe a ProcessOutOfStreamMessage
and end up waiting forever for this out-of-line message to be added to the receive queue, but this never ends up
happening because it has already been received and dropped by GPUConnectionToWebProcess.

To address the flaky tests in the short term, we work around this issue by making CreateImageBuffer a sync
message, so we guarantee that any subsequent messages sent to the image buffer's RemoteDisplayListRecorder will
not be dropped. In the (slightly) longer term, we should turn this back into an async stream message, and add a
mechanism to redirect all receiver-less RemoteDisplayListRecorder messages to a separate queue.

GPUProcess/graphics/RemoteRenderingBackend.cpp: (WebKit::RemoteRenderingBackend::createImageBuffer):
GPUProcess/graphics/RemoteRenderingBackend.h:
GPUProcess/graphics/RemoteRenderingBackend.messages.in:

Make CreateImageBuffer a synchronous stream message for now.

WebProcess/GPU/graphics/RemoteRenderingBackendProxy.cpp: (WebKit::RemoteRenderingBackendProxy::createRemoteImageBuffer):

LayoutTests:
Resync web-platform-tests/reporting from upstream
https://bugs.webkit.org/show_bug.cgi?id=231957

Reviewed by Alex Christensen.

Resync web-platform-tests/reporting from upstream 207e223d74fdc1f1.

TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@284483 268f45cc-cd09-0410-ab3c-d52691b4dbfc

1:00 PM Changeset in webkit [284483] by Chris Dumez

12 edits
2 copies
2 moves
1 delete in trunk

LayoutTests/imported/w3c:
Origin of opaque blob: URLs ends up as empty string
https://bugs.webkit.org/show_bug.cgi?id=231942

Patch by Alex Christensen <achristensen@webkit.org> on 2021-10-19
Reviewed by Tim Horton.

web-platform-tests/url/a-element-expected.txt:
web-platform-tests/url/a-element-origin-expected.txt:
web-platform-tests/url/a-element-origin-xhtml-expected.txt:
web-platform-tests/url/a-element-xhtml-expected.txt:
web-platform-tests/url/resources/urltestdata.json:
web-platform-tests/url/url-constructor.any-expected.txt:
web-platform-tests/url/url-constructor.any.worker-expected.txt:
web-platform-tests/url/url-origin.any-expected.txt:
web-platform-tests/url/url-origin.any.worker-expected.txt:

Source/WebCore:
Fix leak of CGColorSpaceRef in FilterEffectRendererCoreImage::sharedCIContext()
<https://webkit.org/b/231902>
<rdar://problem/84375203>

Patch by David Kilzer <ddkilzer@apple.com> on 2021-10-19
Reviewed by Wenson Hsieh.

platform/graphics/coreimage/FilterEffectRendererCoreImage.mm:

(WebCore::FilterEffectRendererCoreImage::sharedCIContext):

Use adoptCF() to fix the leak.

Source/WebKit:
REGRESSION (r284079): fast/canvas/gradient-with-clip.html and fast/canvas/gradient-text-with-shadow.html are flaky failures
https://bugs.webkit.org/show_bug.cgi?id=231681
rdar://84202478

Patch by Wenson Hsieh <Wenson Hsieh> on 2021-10-19
Reviewed by Kimmo Kinnunen.

These tests occasionally fail when we time out while waiting for the pixel buffer to be populated underneath
RemoteImageBufferProxy::getPixelBuffer; this happens because the GPU process sometimes halts (and never
resumes) while processing stream messages, and consequently never ends up processing the GetPixelBuffer IPC
stream message that's necessary to populate the shared memory buffer for GetPixelBuffer.

This, in turn, happens when the IPC stream buffer is about to exhaust all available capacity (i.e. the write
cursor is nearing the end of the 2MB buffer), and as a result, we send messages that would normally be encoded
in the IPC stream as out-of-line IPC messages instead, which are received in the GPU process on the IPC thread
and appended to the receive queue corresponding to the destination ID in Connection::processIncomingMessage().

If we happen to have sent RemoteRenderingBackend::CreateImageBuffer(a) right before exhausting capacity and
sending out-of-line messages targeting the RemoteDisplayListRecorder corresponding to the newly created image
buffer a, we'll end up with a race condition where the IPC thread may receive the out-of-line messages meant
for the new remote display list destination *before* the new remote display list has added itself as an IPC
receive queue by calling into StreamServerConnection::startReceivingMessages().

In this particular scenario (where we "lose" the race), Connection::processIncomingMessage will skip past the
early return where it would normally find its corresponding receive queue via m_receiveQueues.get(*message),
and instead falls through to Connection::SyncMessageState::processIncomingMessage(), which will attempt to
dispatch the incoming message to the Connection's client (GPUConnectionToWebProcess). Of course, the
GPUConnectionToWebProcess isn't aware of how to process this incoming message, so it simply gets dropped. By the
time the receive queue is added for the new RemoteDisplayListRecorder, we'll observe a ProcessOutOfStreamMessage
and end up waiting forever for this out-of-line message to be added to the receive queue, but this never ends up
happening because it has already been received and dropped by GPUConnectionToWebProcess.

To address the flaky tests in the short term, we work around this issue by making CreateImageBuffer a sync
message, so we guarantee that any subsequent messages sent to the image buffer's RemoteDisplayListRecorder will
not be dropped. In the (slightly) longer term, we should turn this back into an async stream message, and add a
mechanism to redirect all receiver-less RemoteDisplayListRecorder messages to a separate queue.

GPUProcess/graphics/RemoteRenderingBackend.cpp:

(WebKit::RemoteRenderingBackend::createImageBuffer):

GPUProcess/graphics/RemoteRenderingBackend.h:
GPUProcess/graphics/RemoteRenderingBackend.messages.in:

Make CreateImageBuffer a synchronous stream message for now.

WebProcess/GPU/graphics/RemoteRenderingBackendProxy.cpp:

(WebKit::RemoteRenderingBackendProxy::createRemoteImageBuffer):

LayoutTests:
Resync web-platform-tests/reporting from upstream
https://bugs.webkit.org/show_bug.cgi?id=231957

Reviewed by Alex Christensen.

Resync web-platform-tests/reporting from upstream 207e223d74fdc1f1.

TestExpectations:

12:59 PM Changeset in webkit [284482] by Russell Epstein

12 edits
2 copies
2 moves
1 delete in branches/safari-612-branch

Revert r283931. rdar://problem/83953710

12:56 PM Changeset in webkit [284481] by ddkilzer@apple.com

2 edits in trunk/Source/WebCore

Fix leak of CGColorSpaceRef in FilterEffectRendererCoreImage::sharedCIContext()
<https://webkit.org/b/231902>
<rdar://problem/84375203>

Reviewed by Wenson Hsieh.

platform/graphics/coreimage/FilterEffectRendererCoreImage.mm:

(WebCore::FilterEffectRendererCoreImage::sharedCIContext):

Use adoptCF() to fix the leak.

12:49 PM Changeset in webkit [284480] by Chris Dumez

2 edits in trunk/Source/JavaScriptCore

[clang 13] Suppress sign comparison warnings
https://bugs.webkit.org/show_bug.cgi?id=231188
<rdar://problem/84110570>

Reviewed by Alex Christensen.

inspector/remote/socket/RemoteInspectorSocket.cpp:

(Inspector::RemoteInspector::backendCommands const):

12:39 PM Changeset in webkit [284479] by Jonathan Bedard

7 edits in trunk/Tools

[webkitscmpy] Filter approvers by status
https://bugs.webkit.org/show_bug.cgi?id=231843
<rdar://problem/84320934>

Reviewed by Dewei Zhu.

If a project defines statuses for it's contributors, we only want
to allow reviewers to approve changes.

Scripts/libraries/webkitscmpy/webkitscmpy/contributor.py:

(Contributor): Add reviewer status.
(Contributor.Mapping.load): Keep track of possible statuses.
(Contributor.Mapping.init): Ditto.
(Contributor.Mapping.add): Ditto.

Scripts/libraries/webkitscmpy/webkitscmpy/remote/bitbucket.py:

(BitBucket.PRGenerator.PullRequest): If a project defines a reviewer status, enforce it.

Scripts/libraries/webkitscmpy/webkitscmpy/remote/git_hub.py:

(GitHub.PRGenerator._contributor): Handle case where no name is defined.
(GitHub.PRGenerator.reviewers): If a project defines a reviewer status, enforce it.

Scripts/libraries/webkitscmpy/webkitscmpy/test/pull_request_unittest.py:

12:28 PM Changeset in webkit [284478] by commit-queue@webkit.org

12 edits in trunk

Origin of opaque blob: URLs ends up as empty string
https://bugs.webkit.org/show_bug.cgi?id=231942

Patch by Alex Christensen <achristensen@webkit.org> on 2021-10-19
Reviewed by Tim Horton.

LayoutTests/imported/w3c:

web-platform-tests/url/a-element-expected.txt:
web-platform-tests/url/a-element-origin-expected.txt:
web-platform-tests/url/a-element-origin-xhtml-expected.txt:
web-platform-tests/url/a-element-xhtml-expected.txt:
web-platform-tests/url/resources/urltestdata.json:
web-platform-tests/url/url-constructor.any-expected.txt:
web-platform-tests/url/url-constructor.any.worker-expected.txt:
web-platform-tests/url/url-origin.any-expected.txt:
web-platform-tests/url/url-origin.any.worker-expected.txt:

Source/WebCore:

It should be "null" instead of "".
This matches Chrome and Firefox.
Covered by a PR to WPT included in this patch.

page/SecurityOrigin.cpp:

(WebCore::shouldTreatAsUniqueOrigin):

12:16 PM Changeset in webkit [284477] by Chris Dumez

12 edits
49 adds in trunk/LayoutTests

Resync web-platform-tests/reporting from upstream
https://bugs.webkit.org/show_bug.cgi?id=231957

Reviewed by Alex Christensen.

Resync web-platform-tests/reporting from upstream 207e223d74fdc1f1.

LayoutTests/imported/w3c:

web-platform-tests/reporting/*: Updated.

LayoutTests:

TestExpectations:

12:09 PM Changeset in webkit [284476] by Wenson Hsieh

8 edits in trunk

REGRESSION (r284079): fast/canvas/gradient-with-clip.html and fast/canvas/gradient-text-with-shadow.html are flaky failures
https://bugs.webkit.org/show_bug.cgi?id=231681
rdar://84202478

Reviewed by Kimmo Kinnunen.

Source/WebKit:

GPUProcess/graphics/RemoteRenderingBackend.cpp:

(WebKit::RemoteRenderingBackend::createImageBuffer):

GPUProcess/graphics/RemoteRenderingBackend.h:
GPUProcess/graphics/RemoteRenderingBackend.messages.in:

Make CreateImageBuffer a synchronous stream message for now.

WebProcess/GPU/graphics/RemoteRenderingBackendProxy.cpp:

(WebKit::RemoteRenderingBackendProxy::createRemoteImageBuffer):

LayoutTests:

Remove the flaky failure entries in test expectations. See WebKit2 ChangeLog for more details.

platform/ios-wk2/TestExpectations:
platform/mac-wk2/TestExpectations:

11:56 AM Changeset in webkit [284475] by commit-queue@webkit.org

2 edits in trunk/LayoutTests

[GTK] Update test expectations for still-failing CSS web platform tests
https://bugs.webkit.org/show_bug.cgi?id=231964

Unreviewed test gardening.

Patch by Arcady Goldmints-Orlov <Arcady Goldmints-Orlov> on 2021-10-19

platform/gtk/TestExpectations:

11:54 AM Changeset in webkit [284474] by achristensen@apple.com

3 edits in trunk/Tools

Fix iOS API tests after r284304
https://bugs.webkit.org/show_bug.cgi?id=231829

Part of the original commit that told the tests to continue doing what they were doing before was omitted.
This commits that.

TestWebKitAPI/Tests/WebKitCocoa/EventAttribution.mm:

(TestWebKitAPI::TEST):

TestWebKitAPI/Tests/WebKitCocoa/PrivateClickMeasurement.mm:

(webViewWithResourceLoadStatisticsEnabledInNetworkProcess):

11:43 AM Changeset in webkit [284473] by wilander@apple.com

3 edits in trunk/LayoutTests

http/tests/resourceLoadStatistics/sandboxed-nesting-iframe-with-non-sandboxed-iframe-redirect-ip-to-localhost-to-ip.html is a flaky failure
https://bugs.webkit.org/show_bug.cgi?id=231379
<rdar://problem/83991245>

Reviewed by Chris Dumez.

http/tests/resourceLoadStatistics/resources/redirect.py:

Added the response header 'Cache-Control: no-cache, no-store'.
Historically, we've had problems with redirects getting cached
so that they don't hit the network. In this particular case,
the same redirect is being done in different orders and might
fall into the cache trap.

platform/mac-wk2/TestExpectations:

Removed [Pass Failure] expectation for sandboxed-nesting-iframe-with-non-sandboxed-iframe-redirect-ip-to-localhost-to-ip.html.

11:41 AM Changeset in webkit [284472] by youenn@apple.com

13 edits in trunk

Guarantee order of WebSocket events in case of being resumed
https://bugs.webkit.org/show_bug.cgi?id=231664

Reviewed by Chris Dumez.

LayoutTests/imported/w3c:

web-platform-tests/websockets/interfaces/WebSocket/close/close-nested-expected.txt:
web-platform-tests/websockets/interfaces/WebSocket/readyState/003-expected.txt:

Source/WebCore:

Introduce a WebSocket task source as per spec.
This aligns with https://html.spec.whatwg.org/multipage/web-sockets.html where the user agent is expected to a queue task
when closing handshake is started and so on.

By queuing an event loop task to fire WebSocket events, we ensure ordering of events even in case of resuming, while simplifying the implementation.
This makes it use the event loop which is extra nice if we resolve promises in event listeners.

A follow-up patch should refactor code so that WebSocket::didReceiveMessageError can directly fire the close event without having to wait for a didClose call.

Covered by existing tests.

Modules/websockets/WebSocket.cpp:

(WebCore::WebSocket::WebSocket):
(WebCore::WebSocket::suspend):
(WebCore::WebSocket::resume):
(WebCore::WebSocket::stop):
(WebCore::WebSocket::dispatchOrQueueEvent):
(WebCore::WebSocket::resumeTimerFired): Deleted.

Modules/websockets/WebSocket.h:
Modules/websockets/WebSocketChannel.cpp:

(WebCore::WebSocketChannel::send):

dom/TaskSource.h:

Source/WebKit:

We no longer need to handle resume/suspend in WebSocketChannel layer since WebSocket will deal with itself by enqueuing a task in the event loop.

WebProcess/Network/WebSocketChannel.cpp:

(WebKit::WebSocketChannel::disconnect):
(WebKit::WebSocketChannel::didConnect):
(WebKit::WebSocketChannel::didReceiveText):
(WebKit::WebSocketChannel::didReceiveBinaryData):
(WebKit::WebSocketChannel::didClose):
(WebKit::WebSocketChannel::didReceiveMessageError):
(WebKit::WebSocketChannel::suspend):
(WebKit::WebSocketChannel::resume):
(WebKit::WebSocketChannel::didSendHandshakeRequest):
(WebKit::WebSocketChannel::didReceiveHandshakeResponse):
(WebKit::WebSocketChannel::enqueueTask): Deleted.

WebProcess/Network/WebSocketChannel.h:

LayoutTests:

http/tests/websocket/tests/hybi/inspector/send-and-receive.html:

The WebSocket server was racing to close the connection with the User Agent.
The patch queueing a task to fire events is further amplifying this race.
To make the test non flaky, we use an echo server that waits for User Agent to close the connection.

11:40 AM Changeset in webkit [284471] by commit-queue@webkit.org

2 edits in trunk

Add AX team GitHub usernames to contributors.json
https://bugs.webkit.org/show_bug.cgi?id=231966

Patch by Tyler Wilcock <Tyler Wilcock> on 2021-10-19
Reviewed by Chris Fleizach.

metadata/contributors.json:

Add Chris Fleizach's and Andres Gonzalez's GitHub usernames. Add Tyler
Wilcock as a contributor. Run validate-committer-lists --canonicalize
to fix some style issues.

11:37 AM Changeset in webkit [284470] by Alan Coon

15 edits
4 adds in branches/safari-613.1.6-branch

Cherry-pick r284466. rdar://problem/84424869

REGRESSION(r284313): ::marker accelerated animations are broken
https://bugs.webkit.org/show_bug.cgi?id=231906
<rdar://problem/84383279>

Reviewed by Antti Koivisto.

LayoutTests/imported/w3c:

WPT now reflect that we correctly do not animate the opacity property and correctly account for
other ineffective properties on ::marker, such as line-height.

web-platform-tests/css/css-pseudo/marker-animate-expected.txt:
web-platform-tests/css/css-pseudo/parsing/marker-supported-properties-in-animation-expected.txt:

Source/WebCore:

Test: webanimations/marker-opacity-animation-no-effect.html

We incorrectly supported animations for all known CSS properties on a ::marker since we added
support for animation of ::marker, and with r284313 we started returning the correct renderer
for ::marker pseudo-elements which meant that accelerated opacity animations started running
for the first time.

We now correctly ignore disallowed properties for ::marker when animating with those changes.

First, in Style::Resolver::styleForKeyframe(), we pass the relevant allowlist to the MatchResult's
authorDeclarations when adding the keyframe properties.

Then, in KeyframeEffect::isCurrentlyAffectingProperty() we call isValidMarkerStyleProperty() in
case we're being called for a ::marker pseudo-element.

To be able to obtain the allowlist and call isValidMarkerStyleProperty() in those two questions,
we had to refactor the related code into a dedicated PropertyAllowlist file and enum.

Sources.txt:
WebCore.xcodeproj/project.pbxproj:
animation/KeyframeEffect.cpp: (WebCore::KeyframeEffect::isCurrentlyAffectingProperty const):
style/ElementRuleCollector.cpp: (WebCore::Style::ElementRuleCollector::transferMatchedRules):
style/ElementRuleCollector.h:
style/PropertyAllowlist.cpp: Added. (WebCore::Style::propertyAllowlistForPseudoId): (WebCore::Style::isValidMarkerStyleProperty): (WebCore::Style::isValidCueStyleProperty):
style/PropertyAllowlist.h: Added.
style/PropertyCascade.cpp: (WebCore::Style::PropertyCascade::addMatch): (WebCore::Style::isValidMarkerStyleProperty): Deleted. (WebCore::Style::isValidCueStyleProperty): Deleted.
style/RuleData.cpp: (WebCore::Style::determinePropertyAllowlist): (WebCore::Style::RuleData::RuleData): (WebCore::Style::determinePropertyAllowlistType): Deleted.
style/RuleData.h: (WebCore::Style::RuleData::propertyAllowlist const): (): Deleted. (WebCore::Style::RuleData::propertyAllowlistType const): Deleted.
style/StyleResolver.cpp: (WebCore::Style::Resolver::styleForKeyframe):

LayoutTests:

Add a new test that checks we do not visually account for an opacity animation on a ::marker
pseudo-element.

webanimations/marker-opacity-animation-no-effect-expected.html: Added.
webanimations/marker-opacity-animation-no-effect.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@284466 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:15 AM WebKitGTK/Debugging edited by Michael Catanzaro

WebKitGTK+ -> WebKitGTK (diff)

11:14 AM WebKitGTK/Releasing edited by Michael Catanzaro

WebKitGTK+ -> WebKitGTK (diff)

11:14 AM EnvironmentVariables edited by Michael Catanzaro

WebKitGTK+ -> WebKitGTK (diff)

11:13 AM WebKitGtkLayoutTests edited by Michael Catanzaro

WebKitGTK+ -> WebKitGTK (diff)

11:04 AM Changeset in webkit [284469] by Ayumi Kojima

2 edits in trunk/LayoutTests

[ iOS ] http/tests/cache/disk-cache/redirect-chain-limits.html is a flaky timeout.
https://bugs.webkit.org/show_bug.cgi?id=231630

Unreviewed test gardening.

platform/ios-wk2/TestExpectations:

11:00 AM Changeset in webkit [284468] by Ayumi Kojima

3 edits in trunk/LayoutTests

[ iOS ] imported/w3c/web-platform-tests/html/canvas/element/manual tests, fast/canvas/canvas-createPattern-video-modify.html and media/video-canvas-createPattern.html are failing.
https://bugs.webkit.org/show_bug.cgi?id=231959

Unreviewed test gardening.

platform/ipad/TestExpectations:
platform/mac/TestExpectations:

10:36 AM Changeset in webkit [284467] by ysuzuki@apple.com

2 edits in trunk/Source/JavaScriptCore

Wasm Table can take arbitrary default value
https://bugs.webkit.org/show_bug.cgi?id=231933
rdar://84327812

Reviewed by Robin Morisset.

wasm/WasmTable.cpp:

(JSC::Wasm::Table::grow):

10:18 AM Changeset in webkit [284466] by graouts@webkit.org

15 edits
4 adds in trunk

REGRESSION(r284313): ::marker accelerated animations are broken
https://bugs.webkit.org/show_bug.cgi?id=231906
<rdar://problem/84383279>

Reviewed by Antti Koivisto.

LayoutTests/imported/w3c:

WPT now reflect that we correctly do not animate the opacity property and correctly account for
other ineffective properties on ::marker, such as line-height.

web-platform-tests/css/css-pseudo/marker-animate-expected.txt:
web-platform-tests/css/css-pseudo/parsing/marker-supported-properties-in-animation-expected.txt:

Source/WebCore:

Test: webanimations/marker-opacity-animation-no-effect.html

We incorrectly supported animations for all known CSS properties on a ::marker since we added
support for animation of ::marker, and with r284313 we started returning the correct renderer
for ::marker pseudo-elements which meant that accelerated opacity animations started running
for the first time.

We now correctly ignore disallowed properties for ::marker when animating with those changes.

First, in Style::Resolver::styleForKeyframe(), we pass the relevant allowlist to the MatchResult's
authorDeclarations when adding the keyframe properties.

Then, in KeyframeEffect::isCurrentlyAffectingProperty() we call isValidMarkerStyleProperty() in
case we're being called for a ::marker pseudo-element.

To be able to obtain the allowlist and call isValidMarkerStyleProperty() in those two questions,
we had to refactor the related code into a dedicated PropertyAllowlist file and enum.

Sources.txt:
WebCore.xcodeproj/project.pbxproj:
animation/KeyframeEffect.cpp:

(WebCore::KeyframeEffect::isCurrentlyAffectingProperty const):

style/ElementRuleCollector.cpp:

(WebCore::Style::ElementRuleCollector::transferMatchedRules):

style/ElementRuleCollector.h:
style/PropertyAllowlist.cpp: Added.

(WebCore::Style::propertyAllowlistForPseudoId):
(WebCore::Style::isValidMarkerStyleProperty):
(WebCore::Style::isValidCueStyleProperty):

style/PropertyAllowlist.h: Added.
style/PropertyCascade.cpp:

(WebCore::Style::PropertyCascade::addMatch):
(WebCore::Style::isValidMarkerStyleProperty): Deleted.
(WebCore::Style::isValidCueStyleProperty): Deleted.

style/RuleData.cpp:

(WebCore::Style::determinePropertyAllowlist):
(WebCore::Style::RuleData::RuleData):
(WebCore::Style::determinePropertyAllowlistType): Deleted.

style/RuleData.h:

(WebCore::Style::RuleData::propertyAllowlist const):
(): Deleted.
(WebCore::Style::RuleData::propertyAllowlistType const): Deleted.

style/StyleResolver.cpp:

(WebCore::Style::Resolver::styleForKeyframe):

LayoutTests:

Add a new test that checks we do not visually account for an opacity animation on a ::marker
pseudo-element.

webanimations/marker-opacity-animation-no-effect-expected.html: Added.
webanimations/marker-opacity-animation-no-effect.html: Added.

10:01 AM Changeset in webkit [284465] by commit-queue@webkit.org

6 edits in trunk

Use JSONValues instead of a JSC::VM to parse WKContentRuleLists
https://bugs.webkit.org/show_bug.cgi?id=231704

Patch by Alex Christensen <achristensen@webkit.org> on 2021-10-19
Reviewed by Brady Eidson.

Source/WebCore:

This makes the parser much simpler and easier to see what is going on.
It probably also saves some memory because we don't need to make a VM just to parse JSON.
Covered by existing tests. There are extensive tests for invalid input, and there is only
one change in the error reported: we used to say the top level has to be an object, then
we would say that it has to be an array. JavaScript arrays are objects, but JSON arrays aren't.
Valid input continues to parse the same, and invalid input continues to fail to parse, but the
error is more accurate now.

contentextensions/ContentExtensionError.cpp:

(WebCore::ContentExtensions::contentExtensionErrorCategory):

contentextensions/ContentExtensionError.h:
contentextensions/ContentExtensionParser.cpp:

(WebCore::ContentExtensions::getStringList):
(WebCore::ContentExtensions::getDomainList):
(WebCore::ContentExtensions::getTypeFlags):
(WebCore::ContentExtensions::loadTrigger):
(WebCore::ContentExtensions::loadAction):
(WebCore::ContentExtensions::loadRule):
(WebCore::ContentExtensions::loadEncodedRules):
(WebCore::ContentExtensions::parseRuleList):

Tools:

TestWebKitAPI/Tests/WebCore/ContentExtensions.cpp:

(TestWebKitAPI::TEST_F):

9:54 AM Changeset in webkit [284464] by Ayumi Kojima

3 edits in trunk/LayoutTests

[ iOS Win ] editing/selection/modal-dialog-select-paragraph.html is failing.
https://bugs.webkit.org/show_bug.cgi?id=231962

Unreviewed test gardening.

platform/ios-wk2/TestExpectations:
platform/win/TestExpectations:

9:44 AM Changeset in webkit [284463] by achristensen@apple.com

2 edits in trunk/Tools

Re-disable WebKit.HTTPSProxy API test on iOS
https://bugs.webkit.org/show_bug.cgi?id=231396

Yesterday's attempt at making it not time out does not appear to have worked.

TestWebKitAPI/Tests/WebKitCocoa/Proxy.mm:

9:41 AM Changeset in webkit [284462] by ysuzuki@apple.com

2 edits in trunk/Tools

DumpRenderTree should not use WK methods
https://bugs.webkit.org/show_bug.cgi?id=231910

Reviewed by Alex Christensen.

DumpRenderTree functions can be called on WebThread if ios simulator is used.
If we first use WK functions on that, it causes WebKit initialization on non
main thread. We should not mix WK functions with DumpRenderTree.

DumpRenderTree/mac/DumpRenderTree.mm:

(dumpFramesAsText):

9:39 AM Changeset in webkit [284461] by Ayumi Kojima

2 edits in trunk/LayoutTests

[ iOS ] fast/inline/inline-background-clip-text-multiline.html is image failing.
https://bugs.webkit.org/show_bug.cgi?id=231961

Unreviewed test gardening.

platform/ios-wk2/TestExpectations:

9:37 AM Changeset in webkit [284460] by Chris Dumez

2 edits in trunk/Source/JavaScriptCore

Unreviewed build fix.

DerivedSources-input.xcfilelist:

9:30 AM Changeset in webkit [284459] by Chris Dumez

2 edits in trunk/Source/WebCore

Drop assertion in RegistrationDatabase::importRecords()
https://bugs.webkit.org/show_bug.cgi?id=231960

Reviewed by Alex Christensen.

Drop assertion in RegistrationDatabase::importRecords(). This can happen when deleting service
worker scripts on disk but not clearing the service worker database.
The code properly deal with this so there is no need to crash in debug builds.

workers/service/server/RegistrationDatabase.cpp:

(WebCore::RegistrationDatabase::importRecords):

9:24 AM Changeset in webkit [284458] by ddkilzer@apple.com

2 edits in trunk/Source/WebKit

Follow-up #2: WebKit::LocalConnection::createCredentialPrivateKey leaks an NSMutableDictionary
<https://webkit.org/b/231814>
<rdar://problem/84307054>

Unreviewed follow-up to address Darin's comment.

UIProcess/WebAuthentication/Cocoa/LocalConnection.mm:

(WebKit::LocalConnection::createCredentialPrivateKey const):

Use WTFMove() to avoid ref count churn.

9:23 AM Changeset in webkit [284457] by Ayumi Kojima

2 edits in trunk/LayoutTests

[ iOS ] imported/w3c/web-platform-tests/html/canvas/element/manual/wide-gamut-canvas/canvas-display-p3-drawImage- tests are failing.
https://bugs.webkit.org/show_bug.cgi?id=231959

Unreviewed test gardening.

platform/ios-wk2/TestExpectations:

9:00 AM Changeset in webkit [284456] by fpizlo@apple.com

2 edits in trunk/Source/WTF

StringBuffer should really know that strings might be 8-bit
https://bugs.webkit.org/show_bug.cgi?id=231937

Reviewed by Yusuke Suzuki.

We somehow forgot to change this to use CharType instead of UChar.

wtf/text/StringBuffer.h:

(WTF::StringBuffer::resize):

8:38 AM Changeset in webkit [284455] by commit-queue@webkit.org

3 edits in trunk/Source/WebCore

AX: Fix broken spec links in AccessibilityObject.cpp and AccessibilityTree.cpp
https://bugs.webkit.org/show_bug.cgi?id=231932

Patch by Tyler Wilcock <Tyler Wilcock> on 2021-10-19
Reviewed by Chris Fleizach.

Fix broken spec links.

accessibility/AccessibilityObject.cpp:

(WebCore::initializeRoleMap):
(WebCore::AccessibilityObject::buttonRoleType const):

accessibility/AccessibilityTree.cpp:

(WebCore::AccessibilityTree::isTreeValid const):

8:17 AM Changeset in webkit [284454] by ddkilzer@apple.com

3 edits in trunk/Source/WebCore

Fix leak of object returned from MTLCreateSystemDefaultDevice()
<https://webkit.org/b/231899>
<rdar://problem/84373621>

Reviewed by Anders Carlsson.

platform/graphics/cocoa/GraphicsContextGLOpenGLCocoa.mm:

(WebCore::platformSupportsMetal):

testing/Internals.mm:

(WebCore::Internals::platformSupportsMetal):

Use adoptNS() to fix the leak.

8:05 AM WebKitGTK/2.34.x edited by Michael Catanzaro

(diff)

8:05 AM WebKitGTK/2.32.x edited by Michael Catanzaro

(diff)

7:51 AM Changeset in webkit [284453] by Chris Dumez

62 edits in trunk/Source

cachedCGColor() and nsColor() should return smart pointers
https://bugs.webkit.org/show_bug.cgi?id=231909

Reviewed by Tim Horton.

r276283 attempted to make cachedCGColor() and nsColor() thread-safe but the fix was incomplete
since those functions return unretained objects that can be released from the cache on any
other thread. This patch updates cachedCGColor() and nsColor() to return a RetainPtr to address
the issue.

Source/WebCore:

accessibility/mac/WebAccessibilityObjectWrapperMac.mm:

(AXAttributeStringSetStyle):

editing/cocoa/FontAttributesCocoa.mm:

(WebCore::FontAttributes::createDictionary const):

editing/cocoa/FontShadowCocoa.mm:

(WebCore::FontShadow::createShadow const):

editing/cocoa/HTMLConverter.mm:

(HTMLConverter::convert):
(HTMLConverter::_colorForElement):
(HTMLConverter::computedAttributesForElement):
(HTMLConverter::_fillInBlock):
(HTMLConverter::_processElement):
(WebCore::editingAttributedString):

platform/graphics/Color.h:
platform/graphics/avfoundation/objc/LocalSampleBufferDisplayLayer.mm:

(WebCore::LocalSampleBufferDisplayLayer::initialize):

platform/graphics/ca/PlatformCALayer.cpp:

(WebCore::PlatformCALayer::drawTextAtPoint const):

platform/graphics/ca/cocoa/PlatformCAFiltersCocoa.mm:

(WebCore::PlatformCAFilters::setFiltersOnLayer):

platform/graphics/ca/cocoa/PlatformCALayerCocoa.mm:

(WebCore::PlatformCALayerCocoa::setBackgroundColor):
(WebCore::PlatformCALayerCocoa::setBorderColor):

platform/graphics/cg/ColorCG.cpp:

(WebCore::cachedCGColor):

platform/graphics/cg/GradientCG.cpp:

(WebCore::Gradient::createCGGradient):

platform/graphics/cg/GraphicsContextCG.cpp:

(WebCore::setCGFillColor):
(WebCore::setCGShadow):
(WebCore::GraphicsContextCG::didUpdateState):

platform/graphics/cocoa/ColorCocoa.h:
platform/graphics/cocoa/ColorCocoa.mm:

(WebCore::platformColor):

platform/graphics/cocoa/FontCacheCoreText.cpp:

(WebCore::addAttributesForCustomFontPalettes):

platform/graphics/cocoa/GraphicsContextCocoa.mm:

(WebCore::drawFocusRingAtTime):
(WebCore::colorForMarkerLineStyle):
(WebCore::GraphicsContextCG::drawDotsForDocumentMarker):

platform/graphics/mac/ColorMac.h:
platform/graphics/mac/ColorMac.mm:

(WTF::RetainPtr<NSColor>>::createValueForKey):
(WebCore::nsColor):

platform/mac/LocalDefaultSystemAppearance.mm:

(WebCore::LocalDefaultSystemAppearance::LocalDefaultSystemAppearance):

platform/mac/PlatformPasteboardMac.mm:

(WebCore::PlatformPasteboard::setColor):

platform/mac/ScrollbarThemeMac.mm:

(WebCore::ScrollbarThemeMac::setUpOverhangAreaBackground):

platform/mac/ThemeMac.mm:

(WebCore::drawCellFocusRingWithFrameAtTime):

rendering/RenderThemeMac.mm:

(WebCore::AttachmentLayout::layOutTitle):
(WebCore::AttachmentLayout::layOutSubtitle):

testing/cocoa/WebViewVisualIdentificationOverlay.mm:

(-[WebViewVisualIdentificationOverlay initWithWebView:kind:deprecated:]):
(drawPattern):

Source/WebKit:

Shared/RemoteLayerTree/RemoteLayerTreePropertyApplier.mm:

(WebKit::cgColorFromColor):
(WebKit::RemoteLayerTreePropertyApplier::applyPropertiesToLayer):

UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView themeColor]):
(-[WKWebView underPageBackgroundColor]):
(-[WKWebView _pageExtendedBackgroundColor]):
(-[WKWebView _sampledPageTopColor]):

UIProcess/API/Cocoa/_WKApplicationManifest.mm:

(-[_WKApplicationManifest themeColor]):

UIProcess/API/mac/WKView.mm:

(-[WKView underlayColor]):
(-[WKView _pageExtendedBackgroundColor]):

UIProcess/API/mac/WKWebViewMac.mm:

(-[WKWebView _underlayColor]):

UIProcess/Cocoa/WebViewImpl.h:
UIProcess/Cocoa/WebViewImpl.mm:

(WebKit::WebViewImpl::updateTextTouchBar):
(WebKit::WebViewImpl::underlayColor const):
(WebKit::WebViewImpl::pageExtendedBackgroundColor const):

UIProcess/PDF/WKPDFHUDView.mm:

(-[WKPDFHUDView _setupLayer:]):

UIProcess/mac/WebColorPickerMac.mm:

(WebKit::WebColorPickerMac::setSelectedColor):
(WebKit::WebColorPickerMac::showColorPicker):
(-[WKColorPopoverMac setAndShowPicker:withColor:suggestions:]):

WebProcess/WebPage/mac/WebPageMac.mm:

(WebKit::WebPage::setAccentColor):

WebProcess/cocoa/VideoFullscreenManager.mm:

(WebKit::VideoFullscreenManager::enterVideoFullscreenForVideoElement):

Source/WebKitLegacy/mac:

DOM/DOMRGBColor.mm:

(-[DOMRGBColor color]):

WebView/WebFrame.mm:

(-[WebFrame _bodyBackgroundColor]):

WebView/WebView.mm:

(-[WebView updateTextTouchBar]):

7:45 AM Changeset in webkit [284452] by Alan Bujtas

4 edits in trunk/Source/WebCore

[LFC][IFC] Rename Line::removeCollapsibleContent to removeTrimmableContent
https://bugs.webkit.org/show_bug.cgi?id=231930

Reviewed by Antti Koivisto.

"Trimming" is closer to spec language.

layout/formattingContexts/inline/InlineLine.cpp:

(WebCore::Layout::Line::removeTrimmableContent):
(WebCore::Layout::Line::removeCollapsibleContent): Deleted.

layout/formattingContexts/inline/InlineLine.h:
layout/formattingContexts/inline/InlineLineBuilder.cpp:

(WebCore::Layout::LineBuilder::close):

7:27 AM Changeset in webkit [284451] by commit-queue@webkit.org

2 edits
1 add in trunk/Source/WebKit

Update seccomp filters with latest changes from flatpak
https://bugs.webkit.org/show_bug.cgi?id=231479

Patch by Michael Catanzaro <Michael Catanzaro> on 2021-10-19
Reviewed by Adrian Perez de Castro.

The seemingly-extraneous include order changes are required to placate the style checker.

UIProcess/Launcher/glib/BubblewrapLauncher.cpp:

(WebKit::seccompStrerror):
(WebKit::setupSeccomp):

UIProcess/Launcher/glib/Syscalls.h: Added.

7:25 AM Changeset in webkit [284450] by commit-queue@webkit.org

2 edits in trunk/LayoutTests

Unskip passing flex-basis: content + aspect ratio WPT tests
https://bugs.webkit.org/show_bug.cgi?id=231947

Patch by Rob Buis <rbuis@igalia.com> on 2021-10-19
Reviewed by Sergio Villar Senin.

Unskip passing flex-basis: content + aspect ratio WPT tests. These test cases did not work
before because there was no support for flex-basis: content, but since r284440 they pass.

TestExpectations:

7:17 AM Changeset in webkit [284449] by youenn@apple.com

7 edits in trunk

[ wk2 ] 2 page-cache layout-tests are flakey crashing
https://bugs.webkit.org/show_bug.cgi?id=224558
<rdar://problem/76652825>

Reviewed by Eric Carlson.

Source/WebCore:

Covered by updated test.

Modules/mediastream/PeerConnectionBackend.cpp:

srflx candidates can be exposed even in case of filtering enabled.

testing/MockLibWebRTCPeerConnection.cpp:

Backend should now handle the mDNS filtering itself.

LayoutTests:

fast/mediastream/RTCPeerConnection-icecandidate-event-expected.txt: Rebasing after mock changes.
platform/mac-wk2/TestExpectations:
webrtc/peerconnection-new-candidate-page-cache.html:

6:46 AM Changeset in webkit [284448] by commit-queue@webkit.org

5 edits
4 adds in trunk

[css-scroll-snap] Triggering a layout during scroll causes jittery scrolling on iOS
https://bugs.webkit.org/show_bug.cgi?id=173887
<rdar://problem/67153673>

Patch by Martin Robinson <mrobinson@igalia.com> on 2021-10-19
Reviewed by Simon Fraser.

Source/WebKit:

Tests: fast/scrolling/ios/scroll-snap-with-relayouts-horizontal.html

fast/scrolling/ios/scroll-snap-with-relayouts-vertical.html

Ensure that when the root node is scrolling, it is added to the list of nodes
with an active user scroll. This prevents the web process from resnapping during
layout when the user is actively scrolling.

UIProcess/API/ios/WKWebViewIOS.mm:

(-[WKWebView scrollViewWillBeginDragging:]): Call RemoteScrollingCoordinatorProxy::setRootNodeIsInUserScroll
when a scdroll starts and ends.

UIProcess/RemoteLayerTree/RemoteScrollingCoordinatorProxy.h: Added method declaration.
UIProcess/RemoteLayerTree/ios/RemoteScrollingCoordinatorProxyIOS.mm:

(WebKit::RemoteScrollingCoordinatorProxy::setRootNodeIsInUserScroll): Added setRootNodeIsInUserScroll method.

LayoutTests:

fast/scrolling/ios/scroll-snap-with-relayouts-horizontal-expected.txt: Added.
fast/scrolling/ios/scroll-snap-with-relayouts-horizontal.html: Added.
fast/scrolling/ios/scroll-snap-with-relayouts-vertical-expected.txt: Added.
fast/scrolling/ios/scroll-snap-with-relayouts-vertical.html: Added.

6:40 AM Changeset in webkit [284447] by commit-queue@webkit.org

32 edits in trunk

Remove support for some SVG properties
https://bugs.webkit.org/show_bug.cgi?id=227897

Patch by Rob Buis <rbuis@igalia.com> on 2021-10-19
Reviewed by Simon Fraser.

LayoutTests/imported/w3c:

Adjust test expectations to removed properties.

web-platform-tests/css/css-cascade/all-prop-initial-xml-expected.txt:
web-platform-tests/css/cssom/cssstyledeclaration-csstext-expected.txt:
web-platform-tests/css/cssom/getComputedStyle-detached-subtree-expected.txt:

Source/WebCore:

Remove support for the SVG properties color-profile, color-rendering
and enable-background. We never had support for these apart from parsing
them and they are removed from the SVG2 specification.

css/CSSComputedStyleDeclaration.cpp:

(WebCore::ComputedStyleExtractor::valueForPropertyInStyle):

css/CSSProperties.json:
css/SVGCSSComputedStyleDeclaration.cpp:

(WebCore::ComputedStyleExtractor::svgPropertyValue):

css/SVGCSSValueKeywords.in:
css/parser/CSSParserFastPaths.cpp:

(WebCore::CSSParserFastPaths::isValidKeywordPropertyAndValue):
(WebCore::CSSParserFastPaths::isKeywordPropertyID):

rendering/style/SVGRenderStyle.cpp:

(WebCore::SVGRenderStyle::diff const):

rendering/style/SVGRenderStyle.h:

(WebCore::SVGRenderStyle::setColorInterpolationFilters):
(WebCore::SVGRenderStyle::colorInterpolationFilters const):
(WebCore::SVGRenderStyle::setBitDefaults):
(WebCore::SVGRenderStyle::InheritedFlags::operator== const):
(WebCore::SVGRenderStyle::setColorRendering): Deleted.
(WebCore::SVGRenderStyle::colorRendering const): Deleted.

svg/SVGElement.cpp:

(WebCore::createAttributeNameToCSSPropertyIDMap):

svg/properties/SVGPropertyAnimatorFactory.h:

(WebCore::SVGPropertyAnimatorFactory::attributeAnimatorCreator):

svg/svgattrs.in:

LayoutTests:

Adjust test expectations to removed properties.

fast/css/getComputedStyle/computed-style-expected.txt:
fast/css/getComputedStyle/computed-style-without-renderer-expected.txt:
platform/glib/fast/css/getComputedStyle/computed-style-expected.txt:
platform/glib/fast/css/getComputedStyle/computed-style-without-renderer-expected.txt:
platform/glib/svg/css/getComputedStyle-basic-expected.txt:
platform/gtk/imported/w3c/web-platform-tests/css/cssom/cssstyledeclaration-csstext-expected.txt:
platform/ios-wk2/imported/w3c/web-platform-tests/css/cssom/cssstyledeclaration-csstext-expected.txt:
platform/ios-wk2/imported/w3c/web-platform-tests/css/cssom/getComputedStyle-detached-subtree-expected.txt:
platform/ios/fast/css/getComputedStyle/computed-style-expected.txt:
platform/ios/fast/css/getComputedStyle/computed-style-without-renderer-expected.txt:
platform/ios/svg/css/getComputedStyle-basic-expected.txt:
platform/mac/fast/css/getComputedStyle/computed-style-expected.txt:
platform/mac/fast/css/getComputedStyle/computed-style-without-renderer-expected.txt:
platform/mac/svg/css/getComputedStyle-basic-expected.txt:
platform/wpe/imported/w3c/web-platform-tests/css/cssom/cssstyledeclaration-csstext-expected.txt:
svg/css/getComputedStyle-basic-expected.txt:

6:20 AM Changeset in webkit [284446] by Adrian Perez de Castro

1 copy in releases/WPE WebKit/webkit-2.34.0

WPE WebKit 2.34.0

6:19 AM Changeset in webkit [284445] by Adrian Perez de Castro

4 edits in releases/WebKitGTK/webkit-2.34

Unreviewed. Update OptionsWPE.cmake and NEWS for the 2.34.0 release

Source/cmake/OptionsWPE.cmake: Bump version numbers.

Source/WebKit:

wpe/NEWS: Add release notes for 2.34.0.

4:52 AM Changeset in webkit [284444] by youenn@apple.com

12 edits
2 copies
2 adds in trunk

getDisplayMedia MediaStreamTrack.applyConstraints behavior regressed in Safari 15
https://bugs.webkit.org/show_bug.cgi?id=231286
<rdar://problem/83930865>

Reviewed by Eric Carlson.

Source/WebKit:

Display tracks are different in that they do not have presets.
Revert back to directly linking the WebProcess track with the remote display source without going through RealtimeVideoSource.
This restores past behavior.
Refactoring of UserMediaCaptureManager to use a single map.
We do not yet support cloning tracks to get different sizes, this should be done as a follow-up.

Covered by fast/mediastream/getDisplayMedia-size.html.

SourcesCocoa.txt:
WebKit.xcodeproj/project.pbxproj:
WebProcess/cocoa/RemoteCaptureSampleManager.cpp:
WebProcess/cocoa/RemoteCaptureSampleManager.h:
WebProcess/cocoa/RemoteRealtimeAudioSource.cpp:
WebProcess/cocoa/RemoteRealtimeAudioSource.h:
WebProcess/cocoa/RemoteRealtimeDisplaySource.cpp: Added.
WebProcess/cocoa/RemoteRealtimeDisplaySource.h: Added.
WebProcess/cocoa/RemoteRealtimeVideoSource.cpp:
WebProcess/cocoa/UserMediaCaptureManager.cpp:
WebProcess/cocoa/UserMediaCaptureManager.h:

LayoutTests:

fast/mediastream/getDisplayMedia-size-expected.txt: Added.
fast/mediastream/getDisplayMedia-size.html: Added.
platform/ios/TestExpectations: Added.

4:05 AM Changeset in webkit [284443] by youenn@apple.com

25 edits
3 copies
3 moves
2 adds in trunk

Expose MediaCapabilities to Workers
https://bugs.webkit.org/show_bug.cgi?id=231574

Reviewed by Eric Carlson.

LayoutTests/imported/w3c:

Allow running encoding tests in workers as well as in window.

web-platform-tests/media-capabilities/decodingInfo.any.worker-expected.txt:
web-platform-tests/media-capabilities/encodingInfo.any-expected.txt: Added.
web-platform-tests/media-capabilities/encodingInfo.any.html: Added.
web-platform-tests/media-capabilities/encodingInfo.any.js: Added.
web-platform-tests/media-capabilities/encodingInfo.any.worker-expected.txt: Added.
web-platform-tests/media-capabilities/encodingInfo.any.worker.html: Added.
web-platform-tests/media-capabilities/encodingInfo-expected: Removed.
web-platform-tests/media-capabilities/encodingInfo.html: Removed.
web-platform-tests/media-capabilities/idlharness.any.worker-expected.txt:

Source/WebCore:

Expose Media Capabilities to workers by hopping to main thread and using worker responsible document for gathering Media Capabilities, then hopping back to worker.
MediaCapabilities will store the promises when waiting for media capabilities gathering by document.

We remove CustomEnabled since it is not supported in Workers and we are now exposing encoding info for WebRTC anyway.

Tests: imported/w3c/web-platform-tests/media-capabilities/encodingInfo.any.html

imported/w3c/web-platform-tests/media-capabilities/encodingInfo.any.worker.html

CMakeLists.txt:
DerivedSources-input.xcfilelist:
DerivedSources-output.xcfilelist:
DerivedSources.make:
Modules/mediacapabilities/MediaCapabilities.cpp:
Modules/mediacapabilities/MediaCapabilities.h:
Modules/mediacapabilities/MediaCapabilities.idl:
Modules/mediacapabilities/NavigatorMediaCapabilities.cpp:
Modules/mediacapabilities/NavigatorMediaCapabilities.h:
Modules/mediacapabilities/WorkerNavigator+MediaCapabilities.idl: Added.
Modules/mediacapabilities/WorkerNavigatorMediaCapabilities.cpp: Added.
Modules/mediacapabilities/WorkerNavigatorMediaCapabilities.h: Added.
Sources.txt:
WebCore.xcodeproj/project.pbxproj:
dom/ScriptExecutionContext.cpp:
dom/ScriptExecutionContext.h:
platform/MediaCapabilitiesDecodingInfo.h:
platform/MediaCapabilitiesEncodingInfo.h:
platform/MediaCapabilitiesInfo.h:
platform/mediacapabilities/AudioConfiguration.h:
platform/mediacapabilities/MediaConfiguration.h:
platform/mediacapabilities/MediaDecodingConfiguration.h:
platform/mediacapabilities/MediaEncodingConfiguration.h:
platform/mediacapabilities/VideoConfiguration.h:

4:03 AM Changeset in webkit [284442] by youenn@apple.com

6 edits in trunk

Close peer connection sockets when entering page cache
https://bugs.webkit.org/show_bug.cgi?id=231890

Reviewed by Eric Carlson.

Source/WebKit:

We proactively close all peer connection sockets when entering page cache.
This makes peer connection go to disconnected and then failed state.
Covered by updated tests.

WebProcess/Network/webrtc/LibWebRTCSocket.cpp:

LayoutTests:

webrtc/peerconnection-page-cache-long.html:
webrtc/peerconnection-page-cache.html:

3:21 AM Changeset in webkit [284441] by svillar@igalia.com

2 edits in trunk

Add my github username to contributors.json

Unreviewed.

metadata/contributors.json:

3:14 AM Changeset in webkit [284440] by svillar@igalia.com

20 edits in trunk

[css-flexbox] Add flex-basis: content support
https://bugs.webkit.org/show_bug.cgi?id=221479
LayoutTests/imported/w3c:

Reviewed by Javier Fernandez.

Fixed 6 subtest expectations. All of them working fine now.

web-platform-tests/css/css-flexbox/parsing/flex-basis-computed-expected.txt:
web-platform-tests/css/css-flexbox/parsing/flex-basis-valid-expected.txt:
web-platform-tests/css/css-flexbox/parsing/flex-shorthand-expected.txt:

Source/WebCore:

Reviewed by Javier Fernandez.

Add support for the content keyword as a valid value for the flex-basis property.
It indicates an automated size based on the contents of the flex item. It's typically
equivalent to the max-content size but it has some adjustments for aspect ratios,
orthogonal flows and intrinsic sizing constraints.

Apart from adding the parsing support, it required very little adjustments in the
flexbox code after the refactoring in r284359.

This makes WebKit pass all of the flex-basis:content tests in WPT. We're talking
about 6 tests testing the feature and 6 subtests related to parsing.

css/CSSPrimitiveValue.cpp:

(WebCore::CSSPrimitiveValue::CSSPrimitiveValue): Handle Content in switch.
(WebCore::CSSPrimitiveValue::init): Initialization for content CSS value.

css/CSSProperties.json:
css/LengthFunctions.cpp: Replaced LengthOrAuto by LengthSizing.

(WebCore::valueForLength): Handle Content in switch.
(WebCore::floatValueForLength): Ditto.

css/LengthFunctions.h:

(WebCore::minimumValueForLength): Ditto.

css/calc/CSSCalcValue.cpp:

(WebCore::createCSS): Ditto.

css/parser/CSSPropertyParser.cpp:

(WebCore::consumeFlexBasis): Consume CSSValueContent.
(WebCore::CSSPropertyParser::consumeFlex): Ditto.

platform/Length.cpp:

(WebCore::operator<<): Added printing support for content.

platform/Length.h:

(WebCore::Length::initialize): Added enum for content.
(WebCore::Length::isContent const): New method.

rendering/RenderBox.cpp:

(WebCore::RenderBox::computeReplacedLogicalWidthUsing const): Handle content in switch.

rendering/RenderFlexibleBox.cpp:

(WebCore::RenderFlexibleBox::childMainSizeIsDefinite): Treat content as indefinite lenght.
(WebCore::RenderFlexibleBox::childHasComputableAspectRatioAndCrossSizeIsConsideredDefinite):
Flex basis must be either auto or content.
(WebCore::RenderFlexibleBox::computeFlexBaseSizeForChild): Compute flex-basis using max-content
if flex-basis:content is specified.

style/StyleBuilderConverter.h:

(WebCore::Style::BuilderConverter::convertLengthSizing): Handle content in switch.

Source/WebKit:

<rdar://problem/74279369>

Reviewed by Javier Fernandez.

Handle LengthType::Content in encode/decode functions.

Shared/WebCoreArgumentCoders.cpp:

(IPC::ArgumentCoder<Length>::encode):
(IPC::ArgumentCoder<Length>::decode):

LayoutTests:

Reviewed by Javier Fernandez.

TestExpectations: Unskipped 6 tests that are now passing.

1:35 AM Changeset in webkit [284439] by Cameron McCormack

66 edits
22 adds
2 deletes in trunk

Ensure CanvasRenderingContext2D.drawImage(video) uses the right color space
https://bugs.webkit.org/show_bug.cgi?id=229025
<rdar://problem/81828490>

Reviewed by Sam Weinig.

LayoutTests/imported/w3c:

Add some new WPTs for drawImage(video).

web-platform-tests/html/canvas/element/manual/imagebitmap/createImageBitmap-drawImage.html:
web-platform-tests/html/canvas/element/manual/imagebitmap/createImageBitmap-flipY.html:

Updated tests to check that video color space conversion is done
correctly.

web-platform-tests/html/canvas/element/manual/wide-gamut-canvas/canvas-display-p3-drawImage-ImageBitmap-video-expected.txt: Added.
web-platform-tests/html/canvas/element/manual/wide-gamut-canvas/canvas-display-p3-drawImage-ImageBitmap-video.html: Added.
web-platform-tests/html/canvas/element/manual/wide-gamut-canvas/canvas-display-p3-drawImage-video-expected.txt: Added.
web-platform-tests/html/canvas/element/manual/wide-gamut-canvas/canvas-display-p3-drawImage-video.html: Added.
web-platform-tests/html/canvas/element/manual/wide-gamut-canvas/canvas-display-p3.js:

(pixelsApproximatelyEqual): Tweaked threshold to pass video tests on iOS.

web-platform-tests/html/canvas/element/manual/wide-gamut-canvas/resources/Rec2020-222000000.mp4: Added.
web-platform-tests/html/canvas/element/manual/wide-gamut-canvas/resources/Rec2020-222000000.webm: Added.
web-platform-tests/html/canvas/element/manual/wide-gamut-canvas/resources/Rec2020-3FF000000.mp4: Added.
web-platform-tests/html/canvas/element/manual/wide-gamut-canvas/resources/Rec2020-3FF000000.webm: Added.
web-platform-tests/html/canvas/element/manual/wide-gamut-canvas/resources/sRGB-BB0000.mp4: Added.
web-platform-tests/html/canvas/element/manual/wide-gamut-canvas/resources/sRGB-BB0000.webm: Added.
web-platform-tests/html/canvas/element/manual/wide-gamut-canvas/resources/sRGB-FF0100.mp4: Added.
web-platform-tests/html/canvas/element/manual/wide-gamut-canvas/resources/sRGB-FF0100.webm: Added.

Source/WebCore:

When GPU process media handling is disabled (and in the GPU process
when it is handling a NativeImageForCurrentTime message),
MediaPlayer::nativeImageForCurrentTime is used to get the video frame
image. We make this return an image with the right color space on
Apple platforms in PixelBufferConformerCV::createImageFromPixelBuffer.

For now, we avoid using the correct color space when passing
HTMLVideoElements to WebGLRenderingContext.texImage2D. The
specification is unclear about what color space the texture data
should be in, and implementations are currently interoperable in not
converting the RGB color space of the video (such as Rec.601, Rec.709,
etc.) into sRGB. To avoid the conversion, and effectively reinterpret
the video RGB colors as sRGB, we make the ImageBuffer the video is
drawn into have a matching color space, as it's the raw RGB values
from the ImageBuffer that are uploade as the texture.

(An alternative to this could be passing an argument through
nativeImageForCurrentTime and paintCurrentFrameInContext, which says
to avoid doing the conversion from video RGB to sRGB, but that needs a
fair amount of plumbing.)

If https://github.com/KhronosGroup/WebGL/issues/2165 is resolved, the
changes to LRUImageBufferCache in this commit can be reverted, so that
video frames are drawn into sRGB ImageBuffers again. (We'd also need
something to make the copyToPlatformTexture() call in
texImageSourceHelper do the correct color conversion somehow.)

The now differing behavior between CanvasRenderingContext2D.drawImage
and WebGLRenderingContext.texImage2D means that the WebGL conformance
suite textures/misc/texture-corner-case-videos.html test fails, since
it checks for incorrect 2D canvas video frame color conversion.

Tests: imported/w3c/web-platform-tests/html/canvas/element/manual/wide-gamut-canvas/canvas-display-p3-drawImage-ImageBitmap-video.html

imported/w3c/web-platform-tests/html/canvas/element/manual/wide-gamut-canvas/canvas-display-p3-drawImage-video.html

html/HTMLVideoElement.cpp:

(WebCore::HTMLVideoElement::colorSpace const): New function that
exposes the color space of the current frame of the video.

html/HTMLVideoElement.h:
html/ImageBitmap.cpp:

(WebCore::ImageBitmap::createPromise): Create the ImageBuffer in a
color space that matches the video, not always sRGB.

html/canvas/WebGLRenderingContextBase.cpp:

(WebCore::WebGLRenderingContextBase::drawImageIntoBuffer):
(WebCore::WebGLRenderingContextBase::videoFrameToImage): Use an
ImageBuffer whose color space matches the video frame's color space.
(WebCore::WebGLRenderingContextBase::LRUImageBufferCache::imageBuffer):
Add a DestinationColorSpace argument, so that the LRU cache is keyed
off both size and color space.

html/canvas/WebGLRenderingContextBase.h:
platform/cocoa/CoreVideoSoftLink.cpp:
platform/cocoa/CoreVideoSoftLink.h: Add SPIs that let us get or

compute a CGColorSpace from a CVPixelBuffer. Remove
CVImageBufferGetColorSpace, which is unsused.

platform/graphics/MediaPlayer.cpp:

(WebCore::MediaPlayer::colorSpace):

platform/graphics/MediaPlayer.h:
platform/graphics/MediaPlayerPrivate.h:

(WebCore::MediaPlayerPrivateInterface::colorSpace):

platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.h:
platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp:

(WebCore::MediaPlayerPrivateAVFoundationCF::colorSpace):

platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.h:
platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:

(WebCore::MediaPlayerPrivateAVFoundationObjC::colorSpace): Expose the
color space of the current image. While we strictly only need the pixel
buffer to be up to date, we call updateLastImage() since it has the
UpdateSynchronously behavior, and the caller to colorSpace() will use
the image soon anyway.

platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:

(WebCore::MediaPlayerPrivateMediaSourceAVFObjC::colorSpace):

platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h:
platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:

(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::colorSpace):

platform/graphics/cg/ColorSpaceCG.h:
platform/graphics/cv/CVUtilities.h:
platform/graphics/cv/CVUtilities.mm:

(WebCore::createCGColorSpaceForCVPixelBuffer): New function to produce
a CGColorSpace for a CVPixelBuffer. On macOS, this is stored as an
attachment on the CVPixelBuffer. On iOS, we must call SPI to create a
CGColorSpace based on the other color space information in the
attachments. (It's possible we should cache the results of this
function for a given set of color space attachments, since
CVImageBufferCreateColorSpaceFromAttachments can end up creating a new
CGColorSpace object every time it's called.)

platform/graphics/cv/PixelBufferConformerCV.cpp:

(WebCore::PixelBufferConformerCV::createImageFromPixelBuffer): Create
the CGImage in a color space matching the CVPixelBuffer.

platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

(WebCore::MediaPlayerPrivateGStreamer::colorSpace):

platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
platform/graphics/holepunch/MediaPlayerPrivateHolePunch.h:
platform/graphics/win/MediaPlayerPrivateMediaFoundation.cpp:

(WebCore::MediaPlayerPrivateMediaFoundation::colorSpace):

platform/graphics/win/MediaPlayerPrivateMediaFoundation.h:
platform/mock/mediasource/MockMediaPlayerMediaSource.cpp:

(WebCore::MockMediaPlayerMediaSource::colorSpace):

platform/mock/mediasource/MockMediaPlayerMediaSource.h:
svg/graphics/SVGImage.cpp:

(WebCore::SVGImage::drawInternal):

Source/WebKit:

When GPU process media handling is enabled, ctx.drawImage(video)
calls work by sending a NativeImageForCurrentTime message to the GPU
process, which returns an IOSurface around which a CGImage is created.
There's no good way to get the color space off the IOSurface, so we
add a second return argument to NativeImageForCurrentTime to indicate
the color space used.

ImageBitmap creates an ImageBuffer for that image to be painted into,
and for that we also need to know the color space of the video. The
code that sends NativeImageForCurrentTime and then paints the
resulting image into the GraphicsContext is further down. So we add
a separate IPC message that gets the color space of the video's
current frame. (It would be better if we could avoid a second
synchronous IPC message call, but either ImageBitmap's scaling and
cropping code, or the ImageBuffer creation call, would need to be moved
down into MediaPlayerPrivateRemote::paintCurrentFrameInContext, which
doesn't seem like the right place for it.)

GPUProcess/media/RemoteImageDecoderAVFProxy.cpp:

(WebKit::RemoteImageDecoderAVFProxy::createFrameImageAtIndex):

GPUProcess/media/RemoteImageDecoderAVFProxy.h:
GPUProcess/media/RemoteMediaPlayerProxy.h:
GPUProcess/media/RemoteMediaPlayerProxy.messages.in:
GPUProcess/media/cocoa/RemoteMediaPlayerProxyCocoa.mm:

(WebKit::RemoteMediaPlayerProxy::nativeImageForCurrentTime):
(WebKit::RemoteMediaPlayerProxy::colorSpace):

WebProcess/GPU/media/MediaPlayerPrivateRemote.cpp:

(WebKit::MediaPlayerPrivateRemote::colorSpace):

WebProcess/GPU/media/MediaPlayerPrivateRemote.h:
WebProcess/GPU/media/cocoa/MediaPlayerPrivateRemoteCocoa.mm:

(WebKit::MediaPlayerPrivateRemote::nativeImageForCurrentTime): Add a
second return argument to NativeImageForCurrentTime to indicate the
color space of the returned IOSurface.
(WebKit::MediaPlayerPrivateRemote::colorSpace): Add a new IPC message to
get the color space of a video's current frame.

Source/WTF:

wtf/PlatformHave.h: Add HAVE_CVBUFFERCOPYATTACHMENTS.

LayoutTests:

TestExpectations:

texture-corner-case-videos.html relies on incorrect color space handling
with drawImage() on a 2D canvas and so now fails.

platform/glib/TestExpectations:
platform/ios-14/TestExpectations:
platform/ios-device/TestExpectations:
platform/ios/TestExpectations:
platform/mac-wk2/TestExpectations:
platform/mac/TestExpectations:

New tests pass only on macOS Monterey+ and iOS 15+.

fast/canvas/canvas-createPattern-video-loading-expected.txt:
fast/canvas/canvas-createPattern-video-loading.html:
fast/canvas/canvas-createPattern-video-modify-expected.txt:
fast/canvas/canvas-createPattern-video-modify.html:
media/video-canvas-createPattern-expected.txt:
media/video-canvas-createPattern.html:
media/video-canvas-drawing-output-expected.txt:
media/video-canvas-drawing-output.html:
media/video-orientation-canvas-expected.txt:
media/video-orientation-canvas.html:

Update some tests to check for correctly converted color values.

platform/mac/media/video-canvas-createPattern-expected.png: Removed.
platform/wpe/media/video-canvas-createPattern-expected.png: Removed.

platform/mac-wk1/imported/w3c/web-platform-tests/html/canvas/element/manual/imagebitmap/createImageBitmap-flipY-expected.txt:

An existing failure that changed a bit. This is
https://bugs.webkit.org/show_bug.cgi?id=231001.

1:06 AM Changeset in webkit [284438] by Kyle Piddington

5 edits in trunk/Source/WebCore

Query EGL_BIND_TO_TEXTURE_TARGET_ANGLE to determine 2D/rectangular texture usage
https://bugs.webkit.org/show_bug.cgi?id=231468

Refactor GraphicsContextGLCocoa to hold a reference to
BIND_TO_TEXTURE_TARGET. This refactor is neccesary to support dropping
TEXTURE_RECT support from the Metal backend, as support is incomplete, and unnecessary

Reviewed by Kenneth Russell.

Modules/webxr/WebXROpaqueFramebuffer.cpp:

(WebCore::WebXROpaqueFramebuffer::startFrame):

platform/graphics/cocoa/GraphicsContextGLOpenGLCocoa.mm:

(WebCore::GraphicsContextGLOpenGL::~GraphicsContextGLOpenGL):
(WebCore::GraphicsContextGLOpenGL::drawingBufferTextureTarget):
(WebCore::GraphicsContextGLOpenGL::drawingBufferTextureTargetQueryForDrawingTarget):
(WebCore::GraphicsContextGLOpenGL::EGLDrawingBufferTextureTargetForDrawingTarget):
(WebCore::GraphicsContextGLOpenGL::allocateAndBindDisplayBufferBacking):
(WebCore::GraphicsContextGLOpenGL::bindDisplayBufferBacking):
(WebCore::GraphicsContextGLOpenGL::readCompositedResults):
(WebCore::GraphicsContextGLOpenGL::drawingBufferTextureTargetQuery): Deleted.
(WebCore::GraphicsContextGLOpenGL::EGLDrawingBufferTextureTarget): Deleted.

platform/graphics/cv/GraphicsContextGLCVANGLE.cpp:

(WebCore::GraphicsContextGLCVANGLE::GraphicsContextGLCVANGLE):
(WebCore::GraphicsContextGLCVANGLE::copyPixelBufferToTexture):

platform/graphics/opengl/GraphicsContextGLOpenGL.h:

Oct 18, 2021:

11:45 PM Changeset in webkit [284437] by graouts@webkit.org

23 edits
2 adds in trunk

box-shadow and text-shadow do not yield float values while interpolating
https://bugs.webkit.org/show_bug.cgi?id=230347
<rdar://problem/83319111>

Reviewed by Simon Fraser.

LayoutTests/imported/w3c:

Add some new WPT tests for float and calc() values for box-shadow and text-shadow while
interpolating and update output for still-failing composite operations tests. The new tests
have already landed in WPT with https://github.com/web-platform-tests/wpt/pull/30823.

web-platform-tests/css/css-backgrounds/animations/box-shadow-composition-expected.txt:
web-platform-tests/css/css-backgrounds/animations/box-shadow-interpolation-expected.txt:
web-platform-tests/css/css-backgrounds/animations/box-shadow-interpolation.html:
web-platform-tests/css/css-backgrounds/box-shadow-calc-expected.html: Added.
web-platform-tests/css/css-backgrounds/box-shadow-calc.html: Added.
web-platform-tests/css/css-transitions/animations/text-shadow-composition-expected.txt:
web-platform-tests/css/css-transitions/animations/text-shadow-interpolation-expected.txt:
web-platform-tests/css/css-transitions/animations/text-shadow-interpolation.html:

Source/WebCore:

ShadowData members used integer values rather than floats and thus could not represent
float values while interpolating. We now use float values.

Test: imported/w3c/web-platform-tests/css/css-backgrounds/box-shadow-calc.html

animation/CSSPropertyAnimation.cpp:

(WebCore::blendFunc):
(WebCore::shadowForBlending):

css/CSSComputedStyleDeclaration.cpp:

(WebCore::ComputedStyleExtractor::valueForFilter):

display/css/DisplayBoxDecorationPainter.cpp:

(WebCore::Display::BoxDecorationPainter::paintBoxShadow const):

editing/Editor.cpp:

(WebCore::Editor::fontAttributesAtSelectionStart):

platform/LengthPoint.h:

(WebCore::LengthPoint::isZero const):

platform/mac/WebCoreNSFontManagerExtras.mm:

(WebCore::computedFontAttributeChanges):

rendering/LegacyEllipsisBox.cpp:

(WebCore::LegacyEllipsisBox::paint):

rendering/RenderBoxModelObject.cpp:

(WebCore::applyBoxShadowForBackground):
(WebCore::RenderBoxModelObject::boxShadowShouldBeAppliedToBackground const):
(WebCore::RenderBoxModelObject::paintBoxShadow):

rendering/TextBoxPainter.cpp:

(WebCore::TextBoxPainter::debugTextShadow const):

rendering/TextDecorationPainter.cpp:

(WebCore::TextDecorationPainter::paintTextDecoration):

rendering/TextPainter.cpp:

(WebCore::ShadowApplier::shadowIsCompletelyCoveredByText):

rendering/style/RenderStyle.cpp:

(WebCore::RenderStyle::setTextShadow):
(WebCore::RenderStyle::shadowExtent):
(WebCore::RenderStyle::shadowInsetExtent):
(WebCore::RenderStyle::getShadowHorizontalExtent):
(WebCore::RenderStyle::getShadowVerticalExtent):

rendering/style/ShadowData.cpp:

(WebCore::ShadowData::ShadowData):
(WebCore::calculateShadowExtent):

rendering/style/ShadowData.h:

(WebCore::ShadowData::ShadowData):
(WebCore::ShadowData::x const):
(WebCore::ShadowData::y const):
(WebCore::ShadowData::location const):
(WebCore::ShadowData::radius const):
(WebCore::ShadowData::paintingExtent const):
(WebCore::ShadowData::spread const):

style/StyleBuilderCustom.h:

(WebCore::Style::BuilderCustom::applyTextOrBoxShadowValue):

11:32 PM Changeset in webkit [284436] by Cameron McCormack

6 edits
4 adds in trunk

Make createImageBitmap() take EXIF orientation into account correctly
https://bugs.webkit.org/show_bug.cgi?id=231063
<rdar://problem/83753956>

Reviewed by Myles Maxfield and Said Abou-Hallawa.

LayoutTests/imported/w3c:

web-platform-tests/html/canvas/element/manual/imagebitmap/createImageBitmap-exif-orientation-expected.txt: Added.
web-platform-tests/html/canvas/element/manual/imagebitmap/createImageBitmap-exif-orientation.html: Added.
web-platform-tests/html/canvas/element/manual/imagebitmap/resources/squares.jpg: Added.

Source/WebCore:

Test: imported/w3c/web-platform-tests/html/canvas/element/manual/imagebitmap/createImageBitmap-exif-orientation.html

This makes us treat {imageOrientation:"none"} as meaning "apply EXIF
orientation without any additional transformation", and
{imageOrientation:"flipY"} as meaning "apply EXIF orientation and then
apply an additional vertical flip". This behavior matches Firefox;
https://github.com/whatwg/html/issues/7210 is open on clarifying this
behavior in the HTML spec.

html/ImageBitmap.cpp:

(WebCore::ImageBitmap::createPromise):
(WebCore::ImageBitmap::createFromBuffer):
(WebCore::imageOrientationForOrientation): Deleted.

html/ImageBitmapOptions.h:

(WebCore::ImageBitmapOptions::resolvedImageOrientation const):

html/ImageBitmapOptions.idl:
platform/graphics/ImageOrientation.h:

(WebCore::ImageOrientation::withFlippedY const):

9:07 PM Changeset in webkit [284435] by commit-queue@webkit.org

29 edits
12 adds in trunk

JSTests:
Test coverage for JSC shadow realms implementation
https://bugs.webkit.org/show_bug.cgi?id=230602

Patch by Phillip Mates <Phillip Mates> on 2021-10-18
Reviewed by Yusuke Suzuki.

modules/import-meta-syntax.js:

(shouldThrow):

stress/eval-indirect.js: Added.

(shouldBe):
(shouldThrow):

stress/import-syntax.js:
stress/resources/shadow-realm-example-module.js: Added.

(putInGlobal):
(getFromGlobal):
(getAnObject):
(getCallCount):

stress/shadow-realm-evaluate.js: Added.

(shouldBe):
(shouldThrow):
(assertionFn):
(shouldBe.String):
(shouldBe.globalObjectFor.doEval):
(shouldBe.globalObjectFor):

stress/shadow-realm-import-value.js: Added.

(shouldBe):
(shouldThrow):
(async shouldThrowAsync):
(async const):
(doImport):

stress/shadow-realm.js: Added.

(shouldBe):
(throw.new.Error):

test262/config.yaml:

Source/JavaScriptCore:
shadow realms implementation
https://bugs.webkit.org/show_bug.cgi?id=230602

Patch by Phillip Mates <Phillip Mates> on 2021-10-18
Reviewed by Yusuke Suzuki.

Implementation of the Shadow Realms proposal (stage 3 in TC39) [1]

Main APIs added are

new ShadowRealm() creates an object that has its own global object and module graph.
ShadowRealm.prototype.evaluate(sourceText) this allows for evaluating code in the context of the realm, which has its own module graph and global object.
ShadowRealm.prototype.importValue(specifier, exportName) this allows importing module exports in the the context of the realm, which has its own module graph and global object.

The main detail of the Shadow Realm implementation is that values
passed between realms must be either primitives or wrapped callables.
Wrapped callables themselves are callables that check that their
arguments and return values are also either primitives or wrapped
callables. This detail is implemented via JS builtins + a few new
intrinsics.

Can be enabled using --useShadowRealm=true

[1]: https://github.com/tc39/proposal-shadowrealm

CMakeLists.txt:
DerivedSources-input.xcfilelist:
DerivedSources-output.xcfilelist:
DerivedSources.make:
JavaScriptCore.xcodeproj/project.pbxproj:
Sources.txt:
builtins/BuiltinNames.h:
builtins/ShadowRealmPrototype.js: Added.

(globalPrivate.wrap.wrapped):
(globalPrivate.wrap):
(evaluate):
(importValue):

bytecode/BytecodeIntrinsicRegistry.h:
bytecode/LinkTimeConstant.h:
bytecompiler/BytecodeGenerator.h:

(JSC::BytecodeGenerator::emitIsShadowRealm):

bytecompiler/NodesCodegen.cpp:
jsc.cpp:

(JSC_DEFINE_HOST_FUNCTION):

parser/Parser.cpp:

(JSC::Parser<LexerType>::parseMemberExpression):

runtime/CommonIdentifiers.h:
runtime/IndirectEvalExecutable.cpp:

(JSC::IndirectEvalExecutable::createImpl):
(JSC::IndirectEvalExecutable::create):
(JSC::IndirectEvalExecutable::tryCreate):

runtime/IndirectEvalExecutable.h:
runtime/JSGlobalObject.cpp:

(JSC::JSGlobalObject::init):
(JSC::JSGlobalObject::visitChildrenImpl):
(JSC::JSGlobalObject::createWithCustomMethodTable):

runtime/JSGlobalObject.h:

(JSC::JSGlobalObject::shadowRealmPrototype const):
(JSC::JSGlobalObject::shadowRealmStructure const):

runtime/JSGlobalObjectFunctions.cpp:

(JSC::JSC_DEFINE_HOST_FUNCTION):

runtime/JSType.cpp:

(WTF::printInternal):

runtime/JSType.h:
runtime/OptionsList.h:
runtime/ShadowRealmConstructor.cpp: Added.

(JSC::ShadowRealmConstructor::ShadowRealmConstructor):
(JSC::ShadowRealmConstructor::finishCreation):
(JSC::JSC_DEFINE_HOST_FUNCTION):

runtime/ShadowRealmConstructor.h: Added.
runtime/ShadowRealmObject.cpp: Added.

(JSC::ShadowRealmObject::ShadowRealmObject):
(JSC::ShadowRealmObject::visitChildrenImpl):
(JSC::ShadowRealmObject::create):
(JSC::ShadowRealmObject::finishCreation):

runtime/ShadowRealmObject.h: Added.
runtime/ShadowRealmPrototype.cpp: Added.

(JSC::ShadowRealmPrototype::ShadowRealmPrototype):
(JSC::ShadowRealmPrototype::finishCreation):
(JSC::JSC_DEFINE_HOST_FUNCTION):

runtime/ShadowRealmPrototype.h: Added.
runtime/VM.cpp:
runtime/VM.h:

8:51 PM Changeset in webkit [284434] by Jean-Yves Avenard

3 edits
3 adds in trunk

WebM with invalid size should fail to load with error
https://bugs.webkit.org/show_bug.cgi?id=231886
rdar://77969801

Reviewed by Jer Noble.

Source/WebCore:

libwebm for some elements are using a std::string or a std::vector<uint8_t>
to store their content. Those have infallible memory allocators.
We limit the size we allow the parser to use to some reasonable values.

Test: media/media-webm-invalid-check.html

platform/graphics/cocoa/SourceBufferParserWebM.cpp:

(WebCore::SourceBufferParserWebM::OnElementBegin):

LayoutTests:

media/content/invalid-size.webm: Added.
media/media-webm-invalid-check-expected.txt: Added.
media/media-webm-invalid-check.html: Added.

8:43 PM Changeset in webkit [284433] by Cameron McCormack

3 edits in trunk/Source/ThirdParty/libwebrtc

Always set color space for incoming H.264/265 streams
https://bugs.webkit.org/show_bug.cgi?id=231881
<rdar://problem/84350707>

Reviewed by Youenn Fablet.

Followup from https://bugs.webkit.org/show_bug.cgi?id=231353. In some
configurations, the "ColorInfoGuessedBy" attachment is not set on the
CVPixelBuffers coming out of the VTDecompressionSession, but the
guessed, incorrect color space attachments are still there. Since we
currently always have an sRGB stream, don't bother looking for
"ColorInfoGuessedBy".

Source/webrtc/sdk/objc/components/video_codec/RTCVideoDecoderH264.mm:

(overrideColorSpaceAttachments):
(decompressionOutputCallback):
(overrideColorSpaceAttachmentsIfNeeded): Deleted.

Source/webrtc/sdk/objc/components/video_codec/RTCVideoDecoderH265.mm:

(overrideColorSpaceAttachments):
(h265DecompressionOutputCallback):
(overrideColorSpaceAttachmentsIfNeeded): Deleted.

8:36 PM Changeset in webkit [284432] by Alan Bujtas

5 edits in trunk/Source/WebCore

[LFC][IFC] Adjust the logical right side of the line when box-decoration-break: clone is present
https://bugs.webkit.org/show_bug.cgi?id=231873

Reviewed by Antti Koivisto.

This patch adds support for "box-decoration-break: clone" cases when the inline box is either not line spanning or
it shows up first on the line.

layout/formattingContexts/inline/InlineLine.cpp:

(WebCore::Layout::Line::initialize):
(WebCore::Layout::Line::appendInlineBoxStart):
(WebCore::Layout::Line::appendInlineBoxEnd):
(WebCore::Layout::Line::appendTextContent):

layout/formattingContexts/inline/InlineLine.h:

(WebCore::Layout::Line::contentLogicalRight const):
(WebCore::Layout::Line::inlineBoxListWithClonedDecorationEnd const):
(WebCore::Layout::Line::lineSpanningInlineBoxRunEnds const): Deleted.

layout/formattingContexts/inline/InlineLineBoxBuilder.cpp:

(WebCore::Layout::LineBoxBuilder::constructAndAlignInlineLevelBoxes):

layout/formattingContexts/inline/InlineLineBuilder.cpp:

(WebCore::Layout::LineBuilder::handleInlineContent):

8:31 PM Changeset in webkit [284431] by sihui_liu@apple.com

1 edit in branches/safari-612-branch/Source/WTF/Scripts/Preferences/WebPreferencesExperimental.yaml

Apply patch rdar://84349729

8:30 PM Changeset in webkit [284430] by sihui_liu@apple.com

1 edit in branches/safari-612-branch/Source/WTF/Scripts/Preferences/WebPreferencesExperimental.yaml

Apply patch rdar://84349729

8:16 PM Changeset in webkit [284429] by commit-queue@webkit.org

10 edits in trunk

Unreviewed, reverting r284413.
https://bugs.webkit.org/show_bug.cgi?id=231936

BrokeSafariBuildByAddingANewEnum

Reverted changeset:

"[WebAuthn] Obtain consent to create new credential when
platform authenticator in excludedCredentials"
https://bugs.webkit.org/show_bug.cgi?id=219813
https://commits.webkit.org/r284413

7:55 PM Changeset in webkit [284428] by commit-queue@webkit.org

16 edits
1 delete in trunk/Source

Unreviewed, reverting r284240.
https://bugs.webkit.org/show_bug.cgi?id=231931

NeedDifferentArchitectureToWorkWithWebpushd

Reverted changeset:

"WebKit Managed Notifications: Skeleton NotificationProvider."
https://bugs.webkit.org/show_bug.cgi?id=231786
https://commits.webkit.org/r284240

7:44 PM Changeset in webkit [284427] by Wenson Hsieh

5 edits in trunk/Source/WebKit

GPU process occasionally crashes under StreamConnectionWorkQueue::processStreams() in layout tests
https://bugs.webkit.org/show_bug.cgi?id=231897

Reviewed by Simon Fraser.

Certain layout tests (e.g. in LayoutTests/compositing) currently cause the GPU process to crash on the remote
rendering backend thread ("RemoteRenderingBackend work queue") in StreamConnectionWorkQueue::processStreams().
This happens because the dispatch() call to delete cached resources underneath ~RemoteRenderingBackend()
may fire after the destructor is finished running (thereby destroying m_workQueue itself). This leaves the
stream work queue in a bad state and causes various crashes when the function is eventually dispatched.

Since StreamConnectionWorkQueue is already ThreadSafeRefCounted, it doesn't make sense to directly store
StreamConnectionWorkQueue as a member of RemoteRenderingBackend; to fix these crashes, we make m_workQueue on
RemoteRenderingBackend a strong Ref, and additionally make StreamConnectionWorkQueue::processStreams() protect
itself to avoid destroying the work queue in the middle of processing.

GPUProcess/graphics/RemoteRenderingBackend.cpp:

Drive-by fix: remove an unnecessary header include.

(WebKit::RemoteRenderingBackend::RemoteRenderingBackend):
(WebKit::RemoteRenderingBackend::~RemoteRenderingBackend):

Ensure that the work queue is protected through the final dispatch call that deletes cached resources, and also
explicitly stop() the work queue when this is done to ensure that the thread permanently stops waiting for
additional work.

(WebKit::RemoteRenderingBackend::dispatch):

GPUProcess/graphics/RemoteRenderingBackend.h:

Replace the IPC::StreamConnectionWorkQueue member with a Ref instead, so that it isn't immediately destroyed
when the rendering backend is destroyed, and can instead be protected by strong references on the stack.

Platform/IPC/StreamConnectionWorkQueue.cpp:

(IPC::StreamConnectionWorkQueue::processStreams):

Platform/IPC/StreamConnectionWorkQueue.h:

Add a boilerplate StreamConnectionWorkQueue::create() function that returns a Ref.

7:18 PM Changeset in webkit [284426] by Russell Epstein

3 edits
1 add in branches/safari-612-branch

Cherry-pick r284348. rdar://problem/84398090

[JSC] PutByVal's child5 should be KnownInt32Use / Int52RepUse in FTL
https://bugs.webkit.org/show_bug.cgi?id=231884
rdar://84357099

Reviewed by Robin Morisset.

JSTests:

stress/put-by-val-known-int32.js: Added. (new.Uint8Array.1000000.map):

Source/JavaScriptCore:

The child5 of PutByVal should be KnownInt32Use or Int52RepUse.

ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::compilePutByVal):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@284348 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6:55 PM Changeset in webkit [284425] by sihui_liu@apple.com

14 edits
5 adds in branches/safari-612-branch

Apply patch rdar://84349747

6:55 PM Changeset in webkit [284424] by sihui_liu@apple.com

28 edits
4 copies
4 adds in branches/safari-612-branch

Apply patch rdar://84349752

6:54 PM Changeset in webkit [284423] by sihui_liu@apple.com

65 edits
2 copies
8 adds in branches/safari-612-branch

Apply patch rdar://84349736

6:43 PM Changeset in webkit [284422] by ddkilzer@apple.com

1 edit
1 delete in trunk/Source/WebInspectorUI

Web Inspector: Remove Source/WebInspectorUI/UserInterface/Controllers/WebInspectorExtensionController.js.orig
<https://webkit.org/b/231896>

Reviewed by BJ Burg.

UserInterface/Controllers/WebInspectorExtensionController.js.orig: Remove.

5:51 PM Changeset in webkit [284421] by eric.carlson@apple.com

5 edits in trunk/Source/WebCore

[macOS] Refactor CGDisplayStreamCaptureSource::createDisplayStream
https://bugs.webkit.org/show_bug.cgi?id=231920
<rdar://problem/84393654>

Reviewed by Jer Noble.

No new tests, no functional change.

platform/mediastream/mac/CGDisplayStreamCaptureSource.cpp:

(WebCore::CGDisplayStreamCaptureSource::startDisplayStream): Don't pass the frame
available handler or capture queue to createDisplayStream.
(WebCore::CGDisplayStreamCaptureSource::frameAvailableHandler): Remove a blank line.
(WebCore::CGDisplayStreamCaptureSource::captureQueue): New accessor.

platform/mediastream/mac/CGDisplayStreamCaptureSource.h:

platform/mediastream/mac/CGDisplayStreamScreenCaptureSource.h:
platform/mediastream/mac/CGDisplayStreamScreenCaptureSource.mm:

(WebCore::CGDisplayStreamScreenCaptureSource::createDisplayStream): Parameters removed.

5:49 PM Changeset in webkit [284420] by achristensen@apple.com

3 edits in trunk/Source/WebCore

Remove "using namespace XPath;" from XPathGrammar.cpp
https://bugs.webkit.org/show_bug.cgi?id=231318

Reviewed by Chris Dumez.

I did this by editing XPathGrammar.y and re-running bison.
We have the output of bison checked in to our repo to not have bison as a build dependency of WebKit.

xml/XPathGrammar.cpp:

(xpathyylex):
(xpathyyerror):
(yysyntax_error):

xml/XPathGrammar.y:
xml/XPathResult.cpp:

(WebCore::XPathResult::XPathResult):

5:48 PM Changeset in webkit [284419] by Jonathan Bedard

14 edits
1 add
4 deletes in trunk/Tools

Unreviewed, reverting r284399.

Breaks commit message generation

Reverted changeset:

"[webkitperl] Stop using LoadAsModule.pm"
https://bugs.webkit.org/show_bug.cgi?id=231868
https://commits.webkit.org/r284399

5:44 PM Changeset in webkit [284418] by achristensen@apple.com

11 edits
2 deletes in trunk

Remove TCPServer
https://bugs.webkit.org/show_bug.cgi?id=231912

Reviewed by Chris Dumez.

Source/WTF:

wtf/PlatformHave.h:

Tools:

It has been replaced by HTTPServer, which doesn't time out in its destructor when not everything is perfect,
and which does its logic on the main thread. It also doesn't use boringssl directly, so we can compile it on watchOS and tvOS.

TestWebKitAPI/Sources.txt:
TestWebKitAPI/TCPServer.cpp: Removed.
TestWebKitAPI/TCPServer.h: Removed.
TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
TestWebKitAPI/Tests/WebKitCocoa/Challenge.mm:

(testCertificate):
(testIdentity):

TestWebKitAPI/Tests/WebKitCocoa/ContentRuleListNotification.mm:

(TEST):

TestWebKitAPI/Tests/WebKitCocoa/HSTS.mm:

(TestWebKitAPI::hstsWebViewAndDelegate):
(TestWebKitAPI::hstsServer):
(TestWebKitAPI::TEST):
(TestWebKitAPI::hasRadar80550123): Deleted.

TestWebKitAPI/Tests/WebKitCocoa/Proxy.mm:
TestWebKitAPI/Tests/WebKitCocoa/ServiceWorkerTCPServer.h:

(ServiceWorkerTCPServer::respondToRequests):

TestWebKitAPI/cocoa/HTTPServer.h:
TestWebKitAPI/cocoa/HTTPServer.mm:

(TestWebKitAPI::HTTPServer::testCertificate):
(TestWebKitAPI::HTTPServer::testPrivateKey):

5:35 PM Changeset in webkit [284417] by Jonathan Bedard

2 edits in trunk/Tools

[Python-3] Invoke webkit-patch with Python 3 by default (Revert)
https://bugs.webkit.org/show_bug.cgi?id=231591
<rdar://problem/84153640>

Reverted to fix webkitbot.

Scripts/webkit-patch:

5:14 PM Changeset in webkit [284416] by Russell Epstein

1 copy in tags/Safari-613.1.5.1

Tag Safari-613.1.5.1.

5:14 PM Changeset in webkit [284415] by Eric Hutchison

2 edits in trunk/LayoutTests

[ Mac ] inspector/css/modify-css-property.html is a flaky failure.
https://bugs.webkit.org/show_bug.cgi?id=231924.

Unreviewed test gardening.

platform/mac/TestExpectations:

5:12 PM Changeset in webkit [284414] by Ayumi Kojima

2 edits in trunk/LayoutTests

Unreviewed test gardening.

platform/mac-wk1/TestExpectations:

5:07 PM Changeset in webkit [284413] by commit-queue@webkit.org

9 edits in trunk

[WebAuthn] Obtain consent to create new credential when platform authenticator in excludedCredentials
https://bugs.webkit.org/show_bug.cgi?id=219813
<rdar://problem/72484635>

Currently, whenever the platform authenticator is within excludedCredentials during makeCredential we
always return NotAllowedError and merely flash a consent screen. This does not match the spec per Step 3.1
of makeCredential (https://w3c.github.io/webauthn/#sctn-op-make-cred). Instead, we should always obtain consent
and return a different error depending on consent was obtained.

Source/WebKit:

A fixme to add this was inadvertently removed in https://bugs.webkit.org/attachment.cgi?id=393180&action=prettypatch

Patch by John Pascoe <J Pascoe> on 2021-10-18
Reviewed by Brent Fulgham.

Added api test TestWebKitAPI.WebAuthenticationPanel.LADuplicateCredentialWithConsent

UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h:
UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm:

(WebKit::LocalAuthenticator::makeCredential):

UIProcess/WebAuthentication/Cocoa/WebAuthenticationPanelClient.mm:

(WebKit::wkWebAuthenticationPanelUpdate):

UIProcess/WebAuthentication/WebAuthenticationFlags.h:

Tools:

This adds a test to confirm a different path is taken whenever consent is obtained.

Patch by John Pascoe <J Pascoe> on 2021-10-18
Reviewed by Brent Fulgham.

TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm:

(-[TestWebAuthenticationPanelDelegate panel:updateWebAuthenticationPanel:]):
(TestWebKitAPI::TEST):

5:06 PM Changeset in webkit [284412] by Russell Epstein

3 edits in branches/safari-612-branch/Source/JavaScriptCore

Cherry-pick r284369. rdar://problem/84394405

[JSC] Use USE(LARGE_TYPED_ARRAY)
https://bugs.webkit.org/show_bug.cgi?id=231885

Reviewed by Sam Weinig.

Fix USE(ADDRESS64) with USE(LARGE_TYPED_ARRAY). USE(ADDRESS64) is not correct (it should be CPU(ADDRESS64)).
It is coverted by JSTests/stress/typed-array-large-eventually-oob.js.

dfg/DFGSpeculativeJIT64.cpp: (JSC::DFG::SpeculativeJIT::compile):
ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::compileCompareStrictEq):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@284369 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5:06 PM Changeset in webkit [284411] by Russell Epstein

6 edits
1 copy in branches/safari-612-branch/Source

Apply patch. rdar://problem/84351866

4:54 PM Changeset in webkit [284410] by Eric Hutchison

2 edits in trunk/LayoutTests

[ Windows EWS ] http/wpt/webxr/xrHandInput_gc.html is failing.
https://bugs.webkit.org/show_bug.cgi?id=231921.

Unreviewed test gardening.

platform/win/TestExpectations:

4:53 PM Changeset in webkit [284409] by commit-queue@webkit.org

3 edits in trunk/Tools

[ iOS15 ] TestWebKitAPI.WebKit.HTTPSProxy is a flaky, but frequent, timeout
https://bugs.webkit.org/show_bug.cgi?id=231396

Patch by Alex Christensen <achristensen@webkit.org> on 2021-10-18
Reviewed by Chris Dumez.

Something was happening that was very timing dependent that was causing this test to time out.
I think it was because the proxy framer was receiving an incomplete HTTP request.
To fix this, I look at the bytes received and if it wasn't a complete HTTP request, wait for the rest of the message.
I was unable to reproduce the timeout after this change and only rarely reproduced the timeout without this change.

TestWebKitAPI/Tests/WebKitCocoa/Proxy.mm:

(TestWebKitAPI::TEST):

TestWebKitAPI/cocoa/HTTPServer.mm:

(TestWebKitAPI::proxyDefinition):

4:50 PM Changeset in webkit [284408] by Russell Epstein

2 edits in branches/safari-613.1.5-branch/Source/WebKit

Cherry-pick r284209. rdar://problem/84218823

[macOS] Crash on WP startup
https://bugs.webkit.org/show_bug.cgi?id=231773
<rdar://84218823>

Unreviewed partial revert of https://trac.webkit.org/r283375.

WebProcess/com.apple.WebProcess.sb.in:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@284209 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4:41 PM Changeset in webkit [284407] by Russell Epstein

8 edits in branches/safari-613.1.5-branch/Source

Versioning.

WebKit-7613.1.5.1

3:21 PM Changeset in webkit [284406] by Chris Dumez

14 edits in trunk

Add a callback to know when the service worker loads via -[WKWebView _loadServiceWorker:]
https://bugs.webkit.org/show_bug.cgi?id=231771
<rdar://problem/84274364>

Reviewed by Alex Christensen.

Source/WebCore:

loader/FrameLoaderClient.h:
workers/service/ServiceWorkerContainer.cpp:

(WebCore::ServiceWorkerContainer::willSettleRegistrationPromise):
(WebCore::ServiceWorkerContainer::jobFailedWithException):
(WebCore::ServiceWorkerContainer::jobResolvedWithRegistration):
(WebCore::ServiceWorkerContainer::jobFailedLoadingScript):

workers/service/ServiceWorkerContainer.h:

Source/WebKit:

UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView _loadServiceWorker:completionHandler:]):
(-[WKWebView _loadServiceWorker:]): Deleted.

UIProcess/API/Cocoa/WKWebViewPrivate.h:
UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::didFailProvisionalLoadForFrameShared):
(WebKit::WebPageProxy::didFinishServiceWorkerPageRegistration):
(WebKit::WebPageProxy::didFailLoadForFrame):
(WebKit::WebPageProxy::resetStateAfterProcessExited):
(WebKit::WebPageProxy::loadServiceWorker):

UIProcess/WebPageProxy.h:
UIProcess/WebPageProxy.messages.in:
WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:

(WebKit::WebFrameLoaderClient::didFinishServiceWorkerPageRegistration):

WebProcess/WebCoreSupport/WebFrameLoaderClient.h:

Tools:

Add API test coverage.

TestWebKitAPI/Tests/WebKitCocoa/ServiceWorkerBasic.mm:

3:21 PM Changeset in webkit [284405] by commit-queue@webkit.org

4 edits in trunk/Tools

[webkitperl] Fix webkitperl on Windows
https://bugs.webkit.org/show_bug.cgi?id=231374

Patch by Basuke Suzuki <basuke@mac.com> on 2021-10-18
Reviewed by Fujii Hironori.

Set WEBKIT_LIBRARIES environment variable before run if it is not defined.
Shell-style environment variables settings are not available on Windows. Replace them by setting
%ENV directly.

Scripts/test-webkitperl:
Scripts/webkitperl/auto-version_unittest/autoVersionTests.pl:
Scripts/webkitperl/auto-version_unittest/versionStampTests.pl:

3:20 PM Changeset in webkit [284404] by Chris Dumez

39 edits
3 adds
1 delete in trunk/LayoutTests/imported/w3c

Resync web-platform-tests/tools from upstream
https://bugs.webkit.org/show_bug.cgi?id=231907

Reviewed by Alex Christensen.

Resync web-platform-tests/tools from upstream 4250f160c0cb9ef2caba63.

web-platform-tests/tools/*: Updated.

2:45 PM Changeset in webkit [284403] by Russell Epstein

83 edits
8 copies
40 adds in branches/safari-612-branch

Apply patch. rdar://problem/84351845

2:42 PM Changeset in webkit [284402] by Chris Dumez

10 edits
10 adds in trunk/LayoutTests/imported/w3c

Resync web-platform-tests/common from upstream
https://bugs.webkit.org/show_bug.cgi?id=231908

Reviewed by Alex Christensen.

Resync web-platform-tests/common from upstream 4250f160c0cb9ef2caba63.

web-platform-tests/common/*: Updated.

2:38 PM Changeset in webkit [284401] by Russell Epstein

91 edits
4 adds in branches/safari-612-branch

Cherry-pick r284230. rdar://problem/84351866

Allow WASM to use up to 4GB
https://bugs.webkit.org/show_bug.cgi?id=229353
rdar://81603447

Reviewed by Yusuke Suzuki.

JSTests:

The big-wasm-memory/wasm-memory-requested... tests used to simply expect an OOM at 2GB.
They now expect success at 4GB, and failure at 4GB+1.
The exceptions they expect are now more specific, as previously there was a rounding issue that was causing the specific exceptions not to be thrown (resulting in the generic OOM exception later in the code).
Finally I made them only run on 64-bit platforms since we don't support typed arrays >=2GB on 32-bits, and I made them only run in one configuration since they can take a little bit of time.

I also added a few new tests, specifically checking our handling of large typed arrays, and especially of indices above INT32_MAX.

stress/big-wasm-memory-grow-no-max.js: (test):
stress/big-wasm-memory-grow.js: (test):
stress/big-wasm-memory.js: (test):
stress/typed-array-always-large.js: Added. (getArrayLength): (getByVal): (putByVal): (test):
stress/typed-array-eventually-large.js: Added. (getArrayLength): (getByVal): (putByVal): (test):
stress/typed-array-large-eventually-oob.js: Added. (getArrayLength): (getByVal): (putByVal): (test):
wasm/regress/wasm-memory-requested-more-than-MAX_ARRAY_BUFFER_SIZE-2.js:
wasm/regress/wasm-memory-requested-more-than-MAX_ARRAY_BUFFER_SIZE.js:

Source/JavaScriptCore:

While increasing MAX_ARRAY_BUFFER_SIZE to 4GB was easy, it was not remotely the only thing required to get this to work:

4GB is not representable in a uint32_t, so I changed all length of ArrayBuffer/TypedArray/etc.. to being UCPURegister.
This also required changing NewTypedArray in all of LLInt/Baseline/DFG/FTL to accept a non-int32 size.

In order to avoid performance regressions, I had to add speculation in the DFG/FTL, which now have two versions of NewTypedArray (one that takes an Int32 and one that takes a StrictInt52)

Similarly, GetArrayLength and GetTypedArrayByteOffset now can either return an Int32 or a larger number.

I also had to split them in the DFG/FTL, see GetTypedArrayLengthAsInt52 and GetTypedArrayByteOffsetAsInt52 for examples

In turns, I had to add CheckInBoundsInt52 since CheckInBounds could not accept the result of GetTypedArrayLengthAsInt52
I modified the runtime functions for GetByVal/PutByVal/DataViewGet/DataViewSet/AtomicsXXX to accept non-Int32 indices, since for {Int8/UInt8/UInt8Clamped}Array, a maximum size of 4GB implies indices > 2B.
I added a "mayBeLargeTypedArray" bit to ArrayProfile/UnlinkedArrayProfile/DFG::ArrayMode to track whether such a non-Int32 index was seen to allow proper speculation and specialization of fast paths in the DFG/FTL.

I then updated the runtime functions used by the slow paths to correctly update it.

Unfortunately I ran out of time to add all the speculations/update all the fast paths.
So the following will have to wait for a follow-up patch:

Accepting large indices in the fast path of GetByVal in the LLInt
Accepting large indices in the fast paths generated by AccessCase/PolymorphicAccess
Accepting large indices in the fast paths generated by the DFG/FTL for each of GetByVal/PutByVal/DataViewGet/DataViewSet/AtomicsXXX

The current patch is functional, it will just have dreadful performance if trying to use indices >2B in a {Int8/UInt8/UInt8Clamped}Array.

Other minor changes in this patch:

Fixed an undefined behavior in ArrayBuffer::createInternal where memcpy could be called on nullptr (the spec explicitly bans this even when length is 0)
Replaced some repetitive and error-prone bounds checking by calls to WTF::isSumSmallerThanOrEqual, which is clearer, shorter, and reuse CheckedArithmetic facilities to avoid overflow issues.
Fixed a variety of obsolete comments
Added support for branch64(RelationalCondition cond, RegisterID left, Imm64 right)

(there was already support for the same but with TrustedImm64)

Made various AbstractMacroAssembler function constexpr as part of the previous point

assembler/AbstractMacroAssembler.cpp:
assembler/AbstractMacroAssembler.h: (JSC::AbstractMacroAssembler::TrustedImmPtr::TrustedImmPtr): (JSC::AbstractMacroAssembler::TrustedImmPtr::asIntptr): (JSC::AbstractMacroAssembler::TrustedImmPtr::asPtr): (JSC::AbstractMacroAssembler::ImmPtr::ImmPtr): (JSC::AbstractMacroAssembler::ImmPtr::asTrustedImmPtr): (JSC::AbstractMacroAssembler::TrustedImm32::TrustedImm32): (JSC::AbstractMacroAssembler::Imm32::Imm32): (JSC::AbstractMacroAssembler::Imm32::asTrustedImm32 const): (JSC::AbstractMacroAssembler::TrustedImm64::TrustedImm64): (JSC::AbstractMacroAssembler::Imm64::Imm64): (JSC::AbstractMacroAssembler::Imm64::asTrustedImm64 const): (JSC::AbstractMacroAssembler::canBlind): (JSC::AbstractMacroAssembler::shouldBlindForSpecificArch):
assembler/MacroAssembler.h: (JSC::MacroAssembler::branch64):
assembler/MacroAssemblerARM64.h: (JSC::MacroAssemblerARM64::shouldBlindForSpecificArch): (JSC::MacroAssemblerARM64::branch64):
assembler/MacroAssemblerARM64E.h: (JSC::MacroAssemblerARM64E::untagArrayPtrLength64): (JSC::MacroAssemblerARM64E::untagArrayPtrLength32): Deleted.
assembler/MacroAssemblerX86Common.h: (JSC::MacroAssemblerX86Common::canBlind): (JSC::MacroAssemblerX86Common::shouldBlindForSpecificArch):
bytecode/AccessCase.cpp: (JSC::AccessCase::needsScratchFPR const): (JSC::AccessCase::generateWithGuard):
bytecode/ArrayProfile.h: (JSC::ArrayProfile::setMayBeLargeTypedArray): (JSC::ArrayProfile::mayBeLargeTypedArray const): (JSC::UnlinkedArrayProfile::UnlinkedArrayProfile): (JSC::UnlinkedArrayProfile::update):
dfg/DFGAbstractInterpreterInlines.h: (JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
dfg/DFGArgumentsEliminationPhase.cpp:
dfg/DFGArrayMode.cpp: (JSC::DFG::ArrayMode::refine const):
dfg/DFGArrayMode.h: (JSC::DFG::ArrayMode::ArrayMode): (JSC::DFG::ArrayMode::mayBeLargeTypedArray const): (JSC::DFG::ArrayMode::withType const): (JSC::DFG::ArrayMode::withSpeculation const): (JSC::DFG::ArrayMode::withConversion const): (JSC::DFG::ArrayMode::withTypeAndConversion const): (JSC::DFG::ArrayMode::withArrayClassAndSpeculationAndMayBeLargeTypedArray const): (JSC::DFG::ArrayMode::speculationFromProfile): (JSC::DFG::ArrayMode::withSpeculationFromProfile const): (JSC::DFG::ArrayMode::withProfile const): (JSC::DFG::ArrayMode::operator== const): (JSC::DFG::ArrayMode::withArrayClass const): Deleted.
dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::handleIntrinsicGetter):
dfg/DFGClobberize.h: (JSC::DFG::clobberize):
dfg/DFGCommon.h: (JSC::DFG::enableInt52):
dfg/DFGConstantFoldingPhase.cpp: (JSC::DFG::ConstantFoldingPhase::foldConstants):
dfg/DFGDoesGC.cpp: (JSC::DFG::doesGC):
dfg/DFGFixupPhase.cpp: (JSC::DFG::FixupPhase::fixupNode): (JSC::DFG::FixupPhase::convertToGetArrayLength): (JSC::DFG::FixupPhase::prependGetArrayLength): Deleted.
dfg/DFGGenerationInfo.h:
dfg/DFGHeapLocation.cpp: (WTF::printInternal):
dfg/DFGHeapLocation.h:
dfg/DFGIntegerRangeOptimizationPhase.cpp:
dfg/DFGNode.h: (JSC::DFG::Node::hasStorageChild const): (JSC::DFG::Node::storageChildIndex): (JSC::DFG::Node::hasArrayMode):
dfg/DFGNodeType.h:
dfg/DFGOperations.cpp: (JSC::DFG::putByVal): (JSC::DFG::newTypedArrayWithSize): (JSC::DFG::JSC_DEFINE_JIT_OPERATION):
dfg/DFGOperations.h:
dfg/DFGPredictionPropagationPhase.cpp:
dfg/DFGSSALoweringPhase.cpp: (JSC::DFG::SSALoweringPhase::handleNode): (JSC::DFG::SSALoweringPhase::lowerBoundsCheck):
dfg/DFGSafeToExecute.h: (JSC::DFG::safeToExecute):
dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::jumpForTypedArrayOutOfBounds): (JSC::DFG::SpeculativeJIT::emitTypedArrayBoundsCheck): (JSC::DFG::SpeculativeJIT::compileGetByValOnIntTypedArray): (JSC::DFG::SpeculativeJIT::compilePutByValForIntTypedArray): (JSC::DFG::SpeculativeJIT::compileGetByValOnFloatTypedArray): (JSC::DFG::SpeculativeJIT::compilePutByValForFloatTypedArray): (JSC::DFG::SpeculativeJIT::cageTypedArrayStorage): (JSC::DFG::SpeculativeJIT::compileGetTypedArrayByteOffset): (JSC::DFG::SpeculativeJIT::compileGetArrayLength): (JSC::DFG::SpeculativeJIT::compileNewTypedArrayWithSize): (JSC::DFG::SpeculativeJIT::emitNewTypedArrayWithSizeInRegister): (JSC::DFG::SpeculativeJIT::compileNewTypedArray):
dfg/DFGSpeculativeJIT.h:
dfg/DFGSpeculativeJIT32_64.cpp: (JSC::DFG::SpeculativeJIT::compileGetByVal): (JSC::DFG::SpeculativeJIT::compile):
dfg/DFGSpeculativeJIT64.cpp: (JSC::DFG::SpeculativeJIT::compileNewTypedArrayWithInt52Size): (JSC::DFG::SpeculativeJIT::compileGetTypedArrayLengthAsInt52): (JSC::DFG::SpeculativeJIT::compileGetTypedArrayByteOffsetAsInt52): (JSC::DFG::SpeculativeJIT::compile):
dfg/DFGTypeCheckHoistingPhase.cpp: (JSC::DFG::TypeCheckHoistingPhase::identifyRedundantStructureChecks): (JSC::DFG::TypeCheckHoistingPhase::identifyRedundantArrayChecks):
dfg/DFGValidate.cpp:
ftl/FTLCapabilities.cpp: (JSC::FTL::canCompile):
ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::validateAIState): (JSC::FTL::DFG::LowerDFGToB3::compileNode): (JSC::FTL::DFG::LowerDFGToB3::emitGetTypedArrayByteOffsetExceptSettingResult): (JSC::FTL::DFG::LowerDFGToB3::compileGetTypedArrayByteOffset): (JSC::FTL::DFG::LowerDFGToB3::compileGetTypedArrayByteOffsetAsInt52): (JSC::FTL::DFG::LowerDFGToB3::compileGetArrayLength): (JSC::FTL::DFG::LowerDFGToB3::compileGetTypedArrayLengthAsInt52): (JSC::FTL::DFG::LowerDFGToB3::compileCheckInBoundsInt52): (JSC::FTL::DFG::LowerDFGToB3::compilePutByVal): (JSC::FTL::DFG::LowerDFGToB3::compileNewTypedArray): (JSC::FTL::DFG::LowerDFGToB3::emitNewTypedArrayWithSize): (JSC::FTL::DFG::LowerDFGToB3::compileCompareStrictEq):
ftl/FTLOutput.h: (JSC::FTL::Output::load64NonNegative):
jit/IntrinsicEmitter.cpp: (JSC::IntrinsicGetterAccessCase::emitIntrinsicGetter):
jit/JITOperations.cpp: (JSC::putByVal): (JSC::getByVal):
llint/LLIntOfflineAsmConfig.h:
llint/LLIntSlowPaths.cpp: (JSC::LLInt::getByVal): (JSC::LLInt::LLINT_SLOW_PATH_DECL):
llint/LowLevelInterpreter.asm:
llint/LowLevelInterpreter32_64.asm:
llint/LowLevelInterpreter64.asm:
runtime/ArrayBuffer.cpp: (JSC::SharedArrayBufferContents::SharedArrayBufferContents): (JSC::ArrayBufferContents::ArrayBufferContents): (JSC::ArrayBufferContents::tryAllocate): (JSC::ArrayBuffer::create): (JSC::ArrayBuffer::createAdopted): (JSC::ArrayBuffer::createFromBytes): (JSC::ArrayBuffer::tryCreate): (JSC::ArrayBuffer::createUninitialized): (JSC::ArrayBuffer::tryCreateUninitialized): (JSC::ArrayBuffer::createInternal): (JSC::ArrayBuffer::clampValue): (JSC::ArrayBuffer::clampIndex const): (JSC::ArrayBuffer::sliceWithClampedIndex const):
runtime/ArrayBuffer.h: (JSC::ArrayBufferContents::sizeInBytes const): (JSC::ArrayBuffer::byteLength const): (JSC::ArrayBuffer::gcSizeEstimateInBytes const):
runtime/ArrayBufferView.cpp: (JSC::ArrayBufferView::ArrayBufferView):
runtime/ArrayBufferView.h: (JSC::ArrayBufferView::byteOffset const): (JSC::ArrayBufferView::byteLength const): (JSC::ArrayBufferView::verifyByteOffsetAlignment): (JSC::ArrayBufferView::verifySubRangeLength): (JSC::ArrayBufferView::clampOffsetAndNumElements): (JSC::ArrayBufferView::setImpl): (JSC::ArrayBufferView::setRangeImpl): (JSC::ArrayBufferView::getRangeImpl): (JSC::ArrayBufferView::zeroRangeImpl): (JSC::ArrayBufferView::calculateOffsetAndLength): Deleted.
runtime/AtomicsObject.cpp:
runtime/DataView.cpp: (JSC::DataView::DataView): (JSC::DataView::create):
runtime/DataView.h:
runtime/GenericTypedArrayView.h:
runtime/GenericTypedArrayViewInlines.h: (JSC::GenericTypedArrayView<Adaptor>::GenericTypedArrayView): (JSC::GenericTypedArrayView<Adaptor>::create): (JSC::GenericTypedArrayView<Adaptor>::tryCreate): (JSC::GenericTypedArrayView<Adaptor>::createUninitialized): (JSC::GenericTypedArrayView<Adaptor>::tryCreateUninitialized): (JSC::GenericTypedArrayView<Adaptor>::subarray const): Deleted.
runtime/JSArrayBufferView.cpp: (JSC::JSArrayBufferView::ConstructionContext::ConstructionContext): (JSC::JSArrayBufferView::byteLength const): (JSC::JSArrayBufferView::slowDownAndWasteMemory): (JSC::JSArrayBufferView::possiblySharedImpl):
runtime/JSArrayBufferView.h: (JSC::JSArrayBufferView::sizeOf): (JSC::JSArrayBufferView::ConstructionContext::length const): (JSC::JSArrayBufferView::length const):
runtime/JSArrayBufferViewInlines.h: (JSC::JSArrayBufferView::byteOffsetImpl): (JSC::JSArrayBufferView::byteOffset): (JSC::JSArrayBufferView::byteOffsetConcurrently):
runtime/JSCJSValue.h:
runtime/JSCJSValueInlines.h: (JSC::JSValue::toIndex const): (JSC::JSValue::toTypedArrayIndex const):
runtime/JSDataView.cpp: (JSC::JSDataView::create): (JSC::JSDataView::createUninitialized): (JSC::JSDataView::set): (JSC::JSDataView::setIndex):
runtime/JSDataView.h:
runtime/JSDataViewPrototype.cpp: (JSC::getData): (JSC::setData):
runtime/JSGenericTypedArrayView.h:
runtime/JSGenericTypedArrayViewConstructorInlines.h: (JSC::constructGenericTypedArrayViewWithArguments): (JSC::constructGenericTypedArrayViewImpl):
runtime/JSGenericTypedArrayViewInlines.h: (JSC::JSGenericTypedArrayView<Adaptor>::create): (JSC::JSGenericTypedArrayView<Adaptor>::createWithFastVector): (JSC::JSGenericTypedArrayView<Adaptor>::createUninitialized): (JSC::JSGenericTypedArrayView<Adaptor>::validateRange): (JSC::JSGenericTypedArrayView<Adaptor>::setWithSpecificType): (JSC::JSGenericTypedArrayView<Adaptor>::set):
runtime/JSObject.h: (JSC::JSObject::putByIndexInline): (JSC::JSObject::tryGetIndexQuickly const): (JSC::JSObject::trySetIndexQuickly): (JSC::JSObject::canSetIndexQuickly): Deleted.
runtime/JSObjectInlines.h: (JSC::JSObject::getIndexQuicklyForTypedArray const): (JSC::JSObject::setIndexQuicklyForArrayStorageIndexingType): (JSC::JSObject::trySetIndexQuicklyForTypedArray): (JSC::JSObject::canSetIndexQuicklyForTypedArray const): Deleted.
runtime/Operations.h: (JSC::getByValWithIndex):
wasm/WasmPageCount.h:

Source/WebCore:

Some parts of WebCore use TypedArrays, and would not build after I made the length() function on typed arrays return UCPURegister instead of uint32_t.
Most fixes were trivial, the only exception is SerializedScriptValue.cpp, where I had to increment the version number, as ArrayBuffer (and ArrayBufferViews) now write/read their length in a 64-bit field (and same for the byteOffset of ArrayBufferView).

I also had to add a test in PixelBuffer.cpp that the size of the ArrayBuffer it will try to allocate is < INT32_MAX.
Otherwise, the test LayoutTests/fast/shapes/shape-outside-floats/shape-outside-imagedata-overflow.html which checks that very large images are properly rejected without crashing, would timeout.

No new tests, as the code is already extensively covered by existing tests, and I implemented no new features.

Modules/webaudio/AudioBuffer.cpp: (WebCore::AudioBuffer::copyFromChannel): (WebCore::AudioBuffer::copyToChannel):
Modules/webaudio/RealtimeAnalyser.cpp: (WebCore::RealtimeAnalyser::getByteFrequencyData): (WebCore::RealtimeAnalyser::getFloatTimeDomainData): (WebCore::RealtimeAnalyser::getByteTimeDomainData):
bindings/js/SerializedScriptValue.cpp: (WebCore::CloneSerializer::dumpArrayBufferView): (WebCore::CloneSerializer::dumpImageBitmap): (WebCore::CloneSerializer::dumpIfTerminal): (WebCore::CloneDeserializer::readArrayBufferImpl): (WebCore::CloneDeserializer::readArrayBuffer): (WebCore::CloneDeserializer::readArrayBufferViewImpl): (WebCore::CloneDeserializer::readArrayBufferView):
bindings/js/SerializedScriptValue.h: (WebCore::SerializedScriptValue::encode const): (WebCore::SerializedScriptValue::decode):
fileapi/NetworkSendQueue.cpp: (WebCore::NetworkSendQueue::enqueue):
platform/graphics/PixelBuffer.cpp: (WebCore::PixelBuffer::tryCreate):
platform/graphics/iso/ISOBox.h:

Source/WTF:

Made some of CheckedArithmetic constexpr, and added isSumSmallerThanOrEqual since it is a commonly used test in ArrayBuffer and easy to get wrong in terms of overflow.

wtf/CheckedArithmetic.h: (WTF::isInBounds): (WTF::convertSafely): (WTF::isSumSmallerThanOrEqual):

LayoutTests:

Rebaselined three following tests as different or fewer error messages appear on the console.
Also changed currentVersion in serialized-script-value.html from 9 to 10.

fast/canvas/canvas-getImageData-invalid-result-buffer-crash-expected.txt:
fast/storage/serialized-script-value.html:
webaudio/OfflineAudioContext-bad-buffer-crash-expected.txt:
webaudio/OfflineAudioContext/bad-buffer-length-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@284230 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:28 PM Changeset in webkit [284400] by Russell Epstein

13 edits in branches/safari-612-branch

Apply patch. rdar://problem/84313358

2:17 PM Changeset in webkit [284399] by basuke.suzuki@sony.com

14 edits
2 copies
3 adds
1 delete in trunk/Tools

[webkitperl] Stop using LoadAsModule.pm
https://bugs.webkit.org/show_bug.cgi?id=231868

Reviewed by Jonathan Bedard.

This module load a script file as module with a bit tricky way. It prevents the proper
usage of package after all. The purpose of this module is to test routines defined in the
script. It just be wrong with such way. If you have something to test, it should be separated
as a module and be imported to the script. Then unit test can load the module and can test
without any sort of trouble.

Scripts/filter-build-webkit:

(setOutputFormatOption):
(shouldShowSubsequentLine): Moved to webkitperl/build/output.pm.
(shouldIgnoreLine): Ditto.

Scripts/prepare-ChangeLog:

(generateFunctionLists):
(fetchBugXMLData):
(openChangeLogs):
(method_decl_to_selector):
(diffCommand):
(statusCommand):
(propertyChangeDescription):
(normalizeLineEndings):
(actuallyGenerateFunctionLists): Moved to webkitperl/changelog.
(computeModifiedFunctions): Ditto.
(fetchBugDescriptionFromBugXMLData): Ditto.
(fetchRadarURLFromBugXMLData): Ditto.
(get_function_line_ranges): Ditto.
(get_function_line_ranges_for_cpp): Ditto.
(delete_namespaces_from_ranges_for_cpp): Ditto.
(is_function_in_namespace): Ditto.
(get_function_line_ranges_for_java): Ditto.
(get_function_line_ranges_for_javascript): Ditto.
(get_function_line_ranges_for_perl): Ditto.
(get_function_line_ranges_for_python): Ditto.
(get_selector_line_ranges_for_css): Ditto.
(get_function_line_ranges_for_swift): Ditto.
(parseSwiftFunctionArgs): Ditto.
(attributeCommand): Ditto.
(extractLineRangeAfterChange): Ditto.
(extractLineRangeBeforeChange): Ditto.
(decodeEntities): Ditto.

Scripts/run-leaks:

(main):
(removeMatchingRecords):
(runLeaks): Moved to webkitperl/leaks.pm.
(parseLeaksOutput): Ditto.
(reportError): Deleted. Use Carp::croak instead.

Scripts/webkitdirs.pm:

(determineBaseProductDir):
(determineCurrentSVNRevision):
(chdirWebKit):
(determineSourceDir): Moved to webkitperl/dirs.pm.
(setSourceDir): Ditto.
(sourceDir): Ditto.

Scripts/webkitperl/LoadAsModule.pm: Removed.
Scripts/webkitperl/build/output.pm: Extracted from Tools/Scripts/filter-build-webkit.

(shouldShowSubsequentLine):
(shouldIgnoreLine):

Scripts/webkitperl/changelog.pm: Extracted from Tools/Scripts/prepare-ChangeLog.

(actuallyGenerateFunctionLists):
(extractLineRangeAfterChange):
(extractLineRangeBeforeChange):
(attributeCommand):
(fetchBugDescriptionFromBugXMLData):
(fetchRadarURLFromBugXMLData):
(computeModifiedFunctions):
(get_function_line_ranges):
(get_function_line_ranges_for_cpp):
(delete_namespaces_from_ranges_for_cpp):
(is_function_in_namespace):
(get_function_line_ranges_for_java):
(get_function_line_ranges_for_javascript):
(get_function_line_ranges_for_perl):
(get_function_line_ranges_for_python):
(get_selector_line_ranges_for_css):
(get_function_line_ranges_for_swift):
(parseSwiftFunctionArgs):
(decodeEntities):

Scripts/webkitperl/dirs.pm: Extracted from Tools/Scripts/webkitdirs.

(sourceDir):
(setSourceDir):
(determineSourceDir):

Scripts/webkitperl/filter-build-webkit_unittest/shouldIgnoreLine_unittests.pl:
Scripts/webkitperl/leaks.pm: Copied from Tools/Scripts/run-leaks.

(runLeaks):
(parseLeaksOutput):

Scripts/webkitperl/prepare-ChangeLog_unittest/extractLineRangeBeforeAndAfterChange.pl:
Scripts/webkitperl/prepare-ChangeLog_unittest/fetchRadarURLFromBugXMLData.pl:
Scripts/webkitperl/prepare-ChangeLog_unittest/filenameWithParentheses.pl:
Scripts/webkitperl/prepare-ChangeLog_unittest/generateFunctionLists.pl:
Scripts/webkitperl/prepare-ChangeLog_unittest/parser_unittests.pl:

(convertAbsolutePathToRelativeUnixPath):

Scripts/webkitperl/run-leaks_unittest/run-leaks-report-v1.0.pl:
Scripts/webkitperl/run-leaks_unittest/run-leaks-report-v2.0-new.pl:
Scripts/webkitperl/run-leaks_unittest/run-leaks-report-v2.0-old.pl:

1:51 PM Changeset in webkit [284398] by Jonathan Bedard

4 edits in trunk/Tools

[run-api-tests] Use temporary symlink when listing tests
https://bugs.webkit.org/show_bug.cgi?id=230560

Reviewed by Dewei Zhu.

Scripts/webkitpy/api_tests/manager.py:

(Manager._collect_tests): Copy binary when listing tests to make debuging easier.

Scripts/webkitpy/common/system/filesystem.py:

(FileSystem.copyfile): Return copyfile result.
(FileSystem.copymode): Invoke shutil.copymode.

Scripts/webkitpy/common/system/filesystem_mock.py:

(MockFileSystem.copymode):

1:50 PM Changeset in webkit [284397] by svillar@igalia.com

4 edits in trunk

[css-flexbox] Do not clamp flex base size with {min|max}-{height|width}
https://bugs.webkit.org/show_bug.cgi?id=225590
<rdar://problem/78100329>

Reviewed by Manuel Rego Casasnovas.

Source/WebCore:

When computing flex base size we should not clamp it with neither min-{height|width}
nor max-{height|width}. That would be done later and will be called the hypothetical
main size.

For most of the cases we were already doing it, however there are some particular cases
in which we have to call the generic layout code which does clamp the sizes using min
and max sizes. In order to make those code paths work, we reset the min|max values to
their initial ones (so they effectively become inactive) and then we set the original
values back after computing the base size.

This is a reland of r279271 which was pretty similar but caused a visual regression in
GMail. After r284359 this is no longer a problem of this patch.

This fixes 3 WPT flexbox tests.

rendering/RenderFlexibleBox.cpp:

(WebCore::ScopedUnboundedBoxWithFlexBasisAsChildMainSize::ScopedUnboundedBoxWithFlexBasisAsChildMainSize):
renamed from ScopedFlexBasisAsChildMainSize. Resets min|max-size to their initial values.
(WebCore::ScopedUnboundedBoxWithFlexBasisAsChildMainSize::~ScopedUnboundedBoxWithFlexBasisAsChildMainSize):
ditto. Restores min|max-size original values.
(WebCore::RenderFlexibleBox::computeFlexBaseSizeForChild):
(WebCore::ScopedFlexBasisAsChildMainSize::ScopedFlexBasisAsChildMainSize): Deleted.
(WebCore::ScopedFlexBasisAsChildMainSize::~ScopedFlexBasisAsChildMainSize): Deleted.

LayoutTests:

TestExpectations: Unskipped 3 tests that are now passing.

1:41 PM Changeset in webkit [284396] by sbarati@apple.com

2 edits in trunk/Source/JavaScriptCore

Don't load metadata base pointer in EXTRA_CTI_THUNKS
https://bugs.webkit.org/show_bug.cgi?id=231850

Reviewed by Yusuke Suzuki.

We were loading the metadata table base pointer dynamically. But in
unlinked baseline JIT, it's already pinned in a register. Let's just
use the register instead of recomputing what's already there. This is
a small speedup in throughput of unlinked baseline JIT code for scope
operations.

jit/JITPropertyAccess.cpp:

(JSC::JIT::generateOpResolveScopeThunk):
(JSC::JIT::generateOpGetFromScopeThunk):

1:34 PM Changeset in webkit [284395] by Andres Gonzalez

2 edits in trunk/Tools

Set isolated tree mode to secondary AX thread in LayoutTests.
https://bugs.webkit.org/show_bug.cgi?id=231763

Reviewed by Chris Fleizach.

Isolated tree mode was enabled for LayoutTests but set to run on the
main thread. Change it to run on the AX thread.

WebKitTestRunner/InjectedBundle/mac/AccessibilityControllerMac.mm:

(WTR::AccessibilityController::updateIsolatedTreeMode):

1:25 PM Changeset in webkit [284394] by Russell Epstein

2 edits in branches/safari-613.1.6-branch/Source/WebKit

Cherry-pick r284382. rdar://problem/84384768

Web process occasionally crashes under RemoteDisplayListRecorderProxy::recordRestore()
https://bugs.webkit.org/show_bug.cgi?id=231900

Reviewed by Tim Horton.

It's apparently possible for a RemoteImageBufferProxy in the web process to outlive RemoteRenderingBackendProxy.
Before the IPC stream refactoring in r284079, we were robust against this possibility because
RemoteImageBufferProxy checked for a null rendering backend in canAppendItemOfType and returned false, which
prevented us from trying to call into the rendering backend. However, I accidentally omitted this null check
in the new RemoteDisplayListRecorderProxy, which currently assumes that m_renderingBackend is always non-null
when sending any IPC stream messages.

Fix this crash by restoring the null check for the weak m_renderingBackend pointer. I only observed this crash
once locally and, unfortunately, haven't been able to come up with a test case that consistently reproduces it.

WebProcess/GPU/graphics/RemoteDisplayListRecorderProxy.h: (WebKit::RemoteDisplayListRecorderProxy::send):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@284382 268f45cc-cd09-0410-ab3c-d52691b4dbfc

1:08 PM Changeset in webkit [284393] by Russell Epstein

21 edits
1 add in branches/safari-612-branch

Cherry-pick r283238. rdar://problem/83955650

MediaStream canvas.captureStream() fails for WebGL
https://bugs.webkit.org/show_bug.cgi?id=230613
<rdar://82307293>

Patch by Kimmo Kinnunen <kkinnunen@apple.com> on 2021-09-29
Reviewed by Youenn Fablet.

.:

Add a manual test to interact with media stream
captureStream() behavior until the implementation is
testable.

ManualTests/mediastream/mediastream-canvas-to-video.html: Added.

Source/WebCore:

Remove previous incorrect behavior of turning on "preservesDrawingBuffer"
and sampling the drawing buffer. The drawing buffer is not what should
ever be touched, rather it's the display buffer that should be available.

Implement sampling of WebGL display buffer for
media stream capture. The upon sampling, obtain a shared
reference to the
display buffer, passes it to media sample consuming process and mark
the WebGL context display buffer non-eligible for recycling as
new drawing buffer.

Currently the implementation is displayed correctly for
WebGL contents that is premultiplied. Unpremultiplied
content is fixed in the associated bugs.

Note: there are bugs preventing robust use of the API,
listed in the associated bugs. As such, testing is not expanded
in this bug.

Tested by
ManualTests/mediastream/mediastream-canvas-to-video.html (added)

https://webrtc.github.io/samples/src/content/capture/canvas-video/
(Refresh the page or hide the window until MediaPlayer initialization
flakyness lets rendering happen)

The test LayoutTests/fast/mediastream/captureStream/canvas3d.html
cannot yet be used to test the implementation as the rest of the
captureStream() and playback implementation is so flaky.

Modules/mediastream/CanvasCaptureMediaStreamTrack.cpp: (WebCore::CanvasCaptureMediaStreamTrack::Source::canvasChanged):
html/HTMLCanvasElement.cpp: (WebCore::HTMLCanvasElement::toMediaSample):
html/canvas/WebGLRenderingContextBase.cpp: (WebCore::WebGLRenderingContextBase::paintCompositedResultsToMediaSample):
html/canvas/WebGLRenderingContextBase.h: (WebCore::WebGLRenderingContextBase::isPreservingDrawingBuffer const):
platform/graphics/GraphicsContextGL.cpp:
platform/graphics/GraphicsContextGL.h:
platform/graphics/RemoteGraphicsContextGLProxyBase.cpp: (WebCore::RemoteGraphicsContextGLProxyBase::paintCompositedResultsToMediaSample):
platform/graphics/RemoteGraphicsContextGLProxyBase.h:
platform/graphics/avfoundation/objc/MediaSampleAVFObjC.h:
platform/graphics/avfoundation/objc/MediaSampleAVFObjC.mm: (WebCore::MediaSampleAVFObjC::createImageSample):
platform/graphics/cocoa/GraphicsContextGLIOSurfaceSwapChain.cpp: (WebCore::GraphicsContextGLIOSurfaceSwapChain::present):
platform/graphics/cocoa/GraphicsContextGLIOSurfaceSwapChain.h:
platform/graphics/cocoa/GraphicsContextGLOpenGLCocoa.mm: (WebCore::GraphicsContextGLOpenGL::paintCompositedResultsToMediaSample):
platform/graphics/cocoa/RemoteGraphicsContextGLProxyBaseCocoa.mm: (WebCore::RemoteGraphicsContextGLProxyBase::paintCompositedResultsToMediaSample):
platform/graphics/opengl/GraphicsContextGLOpenGL.cpp: (WebCore::GraphicsContextGLOpenGL::paintCompositedResultsToMediaSample):
platform/graphics/opengl/GraphicsContextGLOpenGL.h:

LayoutTests:

Add new expectations, a warning was removed.
CONSOLE MESSAGE: Turning drawing buffer preservation for the WebGL canvas being captured

fast/mediacapturefromelement/CanvasCaptureMediaStream-webgl-events-expected.txt:
fast/mediastream/captureStream/canvas3d-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@283238 268f45cc-cd09-0410-ab3c-d52691b4dbfc

12:59 PM Changeset in webkit [284392] by Russell Epstein

14 edits
2 adds
1 delete in branches/safari-612-branch/Source

Apply patch. rdar://problem/84124701

12:59 PM Changeset in webkit [284391] by Russell Epstein

12 edits in branches/safari-612-branch/Source

Apply patch. rdar://problem/84124706

12:33 PM Changeset in webkit [284390] by sihui_liu@apple.com

32 edits
3 copies
4 adds in branches/safari-612-branch

Apply patch rdar://84349756

12:33 PM Changeset in webkit [284389] by sihui_liu@apple.com

1 edit in branches/safari-612-branch/Source/WebKit/NetworkProcess/storage/FileSystemStorageError.h

Apply patch rdar://84351861

12:29 PM Changeset in webkit [284388] by commit-queue@webkit.org

4 edits in trunk

[ iOS15 Monterey ] TestWTF.WTF_URLExtras.URLExtras is a constant failure
https://bugs.webkit.org/show_bug.cgi?id=231454

Patch by Alex Christensen <achristensen@webkit.org> on 2021-10-18
Reviewed by Chris Dumez.

Source/WTF:

wtf/PlatformHave.h:

Tools:

The behavior of NSURL changed to disallow empty punycode in the host.
This is fine, but we need to update our test expectations.

TestWebKitAPI/Tests/WTF/cocoa/URLExtras.mm:

(TestWebKitAPI::TEST):

11:55 AM Changeset in webkit [284387] by commit-queue@webkit.org

7 edits
4 adds in trunk

AX: Return AXEmptyGroup subrole for groups with no accessible content
https://bugs.webkit.org/show_bug.cgi?id=231528

Patch by Tyler Wilcock <Tyler Wilcock> on 2021-10-18
Reviewed by Andres Gonzalez.

Source/WebCore:

Return a subrole of "AXEmptyGroup" for groups without any exposed
children. WebKit can calculate this more efficiently than AX clients,
so it makes more sense to do here.

Test: accessibility/mac/empty-group-computation.html

accessibility/mac/WebAccessibilityObjectWrapperMac.mm:

(-[WebAccessibilityObjectWrapper subrole]):

LayoutTests:

accessibility/mac/aria-divs-not-ignored-expected.txt:
accessibility/mac/aria-divs-not-ignored.html:

Expect a subrole of AXEmptyGroup because this group has no content.

accessibility/roles-exposed.html:

Changed some math testcases to use valid MathML markup. Otherwise
they'd be considered to have no children, and therefore be given
a subrole of AXEmptyGroup, which is not what this test is intended
to exercise.

accessibility/mac/empty-group-computation-expected.txt: Added.
accessibility/mac/empty-group-computation.html: Added.

platform/mac/accessibility/lists-expected.txt: Added.
platform/mac/accessibility/plugin-expected.txt: Added.

Add these Mac-specific expectations for these tests because this patch
only causes Mac to expose the AXEmptyGroup subrole.

platform/mac/accessibility/svg-element-with-aria-role-expected.txt:

Add an expected subrole of AXEmptyGroup.

10:53 AM Changeset in webkit [284386] by Ayumi Kojima

5 edits in trunk/LayoutTests

[ iOS 15 ] Rebaselining 4 fast tests.
https://bugs.webkit.org/show_bug.cgi?id=231901

Unreviewed test gardening.

platform/ios/fast/backgrounds/border-radius-split-background-expected.txt:
platform/ios/fast/backgrounds/border-radius-split-background-image-expected.txt:
platform/ios/fast/borders/border-styles-split-expected.txt:
platform/ios/fast/text/basic/015-expected.txt:

10:30 AM Changeset in webkit [284385] by Russell Epstein

14 edits in branches/safari-613.1.6-branch/Source

Cherry-pick r284383. rdar://problem/84377173

Revert r284216
https://webkit.org/b/231523
<rdar://84342878>

Source/WebCore:

CMakeLists.txt:
Configurations/WebCore.xcconfig:
Sources.txt:
SourcesCocoa.txt:
WebCore.xcodeproj/project.pbxproj:

Source/WebKit:

There is an internal build configuration that doesn't know how to find libWebCoreStatic.a
and I have reason to believe that this is not necessary anyways.

Configurations/adattributiond.xcconfig:
Shared/API/Cocoa/WKMain.h:
Shared/API/Cocoa/WKMain.mm: (WKAdAttributionDaemonMain):
Sources.txt:
SourcesCocoa.txt:
WebKit.xcodeproj/project.pbxproj:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@284383 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:29 AM Changeset in webkit [284384] by Ayumi Kojima

1 edit
4 deletes in trunk/LayoutTests

Unreviewed, reverting r284377.

Reverting because the expected.txt files are in the wrong
folders for rebaselining

Reverted changeset:

"[ iOS 15 ] Rebaselining 4 fast tests."
https://bugs.webkit.org/show_bug.cgi?id=231901
https://commits.webkit.org/r284377

10:25 AM Changeset in webkit [284383] by achristensen@apple.com

14 edits in trunk/Source

Revert r284216
https://webkit.org/b/231523
<rdar://84342878>

Source/WebCore:

CMakeLists.txt:
Configurations/WebCore.xcconfig:
Sources.txt:
SourcesCocoa.txt:
WebCore.xcodeproj/project.pbxproj:

Source/WebKit:

There is an internal build configuration that doesn't know how to find libWebCoreStatic.a
and I have reason to believe that this is not necessary anyways.

Configurations/adattributiond.xcconfig:
Shared/API/Cocoa/WKMain.h:
Shared/API/Cocoa/WKMain.mm:

(WKAdAttributionDaemonMain):

Sources.txt:
SourcesCocoa.txt:
WebKit.xcodeproj/project.pbxproj:

10:19 AM Changeset in webkit [284382] by Wenson Hsieh

2 edits in trunk/Source/WebKit

Web process occasionally crashes under RemoteDisplayListRecorderProxy::recordRestore()
https://bugs.webkit.org/show_bug.cgi?id=231900

Reviewed by Tim Horton.

It's apparently possible for a RemoteImageBufferProxy in the web process to outlive RemoteRenderingBackendProxy.
Before the IPC stream refactoring in r284079, we were robust against this possibility because
RemoteImageBufferProxy checked for a null rendering backend in canAppendItemOfType and returned false, which
prevented us from trying to call into the rendering backend. However, I accidentally omitted this null check
in the new RemoteDisplayListRecorderProxy, which currently assumes that m_renderingBackend is always non-null
when sending any IPC stream messages.

Fix this crash by restoring the null check for the weak m_renderingBackend pointer. I only observed this crash
once locally and, unfortunately, haven't been able to come up with a test case that consistently reproduces it.

WebProcess/GPU/graphics/RemoteDisplayListRecorderProxy.h:

(WebKit::RemoteDisplayListRecorderProxy::send):

10:18 AM Changeset in webkit [284381] by Russell Epstein

1 copy in branches/safari-613.1.6-branch

New branch.

10:17 AM Changeset in webkit [284380] by Antti Koivisto

7 edits
2 adds in trunk

background-clip:text doesn't paint correctly for inline box spanning multiple lines
https://bugs.webkit.org/show_bug.cgi?id=231891

Reviewed by Alan Bujtas.

Source/WebCore:

'background-clip: text' paints to a wrong position if the inline box spans multiple lines.

Test: fast/inline/inline-background-clip-text-multiline.html

rendering/InlineBoxPainter.cpp:

(WebCore::InlineBoxPainter::paintFillLayer):

rendering/RenderBox.cpp:

(WebCore::RenderBox::paintFillLayer):

rendering/RenderBoxModelObject.cpp:

(WebCore::RenderBoxModelObject::getBackgroundRoundedRect const):
(WebCore::RenderBoxModelObject::backgroundRoundedRectAdjustedForBleedAvoidance const):

No need to pass box size separately as it now always matches the passed in border rect.

(WebCore::RenderBoxModelObject::paintFillLayerExtended):

The 'rect' parameter used to be either the border box rect of the box being painted or,
in the case of multiline inline box background image, the image strip being painted.

Make the 'rect' parameter to always be the border box and pass the background image strip
separately.

Use the background image strip only during background image painting.

rendering/RenderBoxModelObject.h:

(WebCore::RenderBoxModelObject::paintFillLayerExtended):

LayoutTests:

fast/inline/inline-background-clip-text-multiline-expected.html: Added.
fast/inline/inline-background-clip-text-multiline.html: Added.

10:16 AM Changeset in webkit [284379] by Russell Epstein

8 edits in trunk/Source

Versioning.

WebKit-7613.1.7

10:14 AM Changeset in webkit [284378] by Jonathan Bedard

2 edits in trunk/Tools

[webkitscmpy] Allow repositories to define custom setup commands (Follow0-up)
https://bugs.webkit.org/show_bug.cgi?id=231345
<rdar://problem/83960249>

Unreviewed follow-up fix.

Scripts/git-webkit: Do not specify OpenSource in Tools/Scripts path.

9:21 AM Changeset in webkit [284377] by Ayumi Kojima

1 edit
4 adds in trunk/LayoutTests

[ iOS 15 ] Rebaselining 4 fast tests.
https://bugs.webkit.org/show_bug.cgi?id=231901

Unreviewed test gardening.

fast/backgrounds/border-radius-split-background-expected.txt: Added.
fast/backgrounds/border-radius-split-background-image-expected.txt: Added.
fast/borders/border-styles-split-expected.txt: Added.
fast/text/basic/015-expected.txt: Added.

9:11 AM Changeset in webkit [284376] by achristensen@apple.com

2 edits in trunk/Tools

Regression (r284304) : [ iOS 15 Release ] http/tests/privateClickMeasurement tests are failing
https://bugs.webkit.org/show_bug.cgi?id=231898

Use the SPI I made to keep the tests having old behavior of using the network process instead of the daemon.

WebKitTestRunner/TestController.cpp:

(WTR::TestController::configureWebsiteDataStoreTemporaryDirectories):

9:07 AM Changeset in webkit [284375] by sihui_liu@apple.com

30 edits
2 copies
5 adds in branches/safari-612-branch

Apply patch rdar://83954608

8:49 AM Changeset in webkit [284374] by Simon Fraser

2 edits
1 move
4 deletes in trunk/LayoutTests

Cleanup css3/filters/backdrop/backdrop-filter-with-clip-path.html expected results
https://bugs.webkit.org/show_bug.cgi?id=217804

Reviewed by Alexey Proskuryakov.

Change the test to use invert() instead of blur() on backdrop-filter.

Test still fails on iOS; looks like some pixel snapping issues.

css3/filters/backdrop/backdrop-filter-with-clip-path-expected.html: Renamed from LayoutTests/platform/ios/css3/filters/backdrop/backdrop-filter-with-clip-path-expected.html.
css3/filters/backdrop/backdrop-filter-with-clip-path-expected.txt: Removed.
css3/filters/backdrop/backdrop-filter-with-clip-path.html:
platform/glib/css3/filters/backdrop/backdrop-filter-with-clip-path-expected.txt: Removed.
platform/mac/css3/filters/backdrop/backdrop-filter-with-clip-path-expected.png: Removed.
platform/wpe/css3/filters/backdrop/backdrop-filter-with-clip-path-expected.txt: Removed.

8:30 AM Changeset in webkit [284373] by ddkilzer@apple.com

4 edits in trunk/Source

Bug 231882: WebKit::GPUConnectionToWebProcess::setTCCIdentity() leaks a tcc_identity_t
<https://webkit.org/b/231882>
<rdar://problem/84350854>

Reviewed by Chris Dumez.

Source/WebCore/PAL:

pal/spi/cocoa/TCCSPI.h:
Properly declare tcc_identity_t as an OSObject.

Source/WebKit:

GPUProcess/cocoa/GPUConnectionToWebProcessCocoa.mm:

(WebKit::GPUConnectionToWebProcess::setTCCIdentity):

Use WTF::adoptOSObject() to fix the leak.
Expand the scope of !PLATFORM(MACCATALYST) since none of this code needs to run on the MacCatalyst platform.

7:57 AM Changeset in webkit [284372] by Ms2ger@igalia.com

2 edits in trunk

Add my github username to contributors.json
https://bugs.webkit.org/show_bug.cgi?id=231893

Unreviewed.

metadata/contributors.json:

7:57 AM Changeset in webkit [284371] by commit-queue@webkit.org

23 edits
3 adds in trunk/Source

Cocoa GraphicsContextGLOpenGL should not use WebGLLayer
https://bugs.webkit.org/show_bug.cgi?id=231804

Patch by Kimmo Kinnunen <kkinnunen@apple.com> on 2021-10-18
Reviewed by Dean Jackson.

Source/WebCore:

Move the "swap chain", e.g. the display buffer IOSurface
from WebGLLayer to GraphicsContextGLOpenGL.
Instantiate WebGLLayer only in new class WebProcessGraphicsContextGLOpenGL,
which is used when WebGL is run in-process in WebContent process.
Simply set the CALayer.contents when new display buffer is ready and
call "setNeedsDisplay" directly.

No new tests, a refactor.

PlatformMac.cmake:
SourcesCocoa.txt:
WebCore.xcodeproj/project.pbxproj:
platform/graphics/RemoteGraphicsContextGLProxyBase.h:
platform/graphics/cocoa/GraphicsContextGLOpenGLCocoa.mm:

(WebCore::GraphicsContextGLOpenGL::GraphicsContextGLOpenGL):
(WebCore::GraphicsContextGLOpenGL::~GraphicsContextGLOpenGL):
(WebCore::GraphicsContextGLOpenGL::isValid const):
(WebCore::GraphicsContextGLOpenGL::reshapeDisplayBufferBacking):
(WebCore::GraphicsContextGLOpenGL::prepareForDisplay):
(WebCore::GraphicsContextGLOpenGL::readCompositedResults):
(WebCore::GraphicsContextGLOpenGL::paintCompositedResultsToMediaSample):
(WebCore::GraphicsContextGLOpenGL::create): Deleted.
(WebCore::GraphicsContextGLOpenGL::createForGPUProcess): Deleted.
GraphicsContextGLOpenGL for GPUProcess is now a new class, described
in WebKit ChangeLog.

platform/graphics/cocoa/RemoteGraphicsContextGLProxyBaseCocoa.mm:

(WebCore::RemoteGraphicsContextGLProxyBase::platformInitialize):
(WebCore::RemoteGraphicsContextGLProxyBase::paintCompositedResultsToMediaSample):
(WebCore::RemoteGraphicsContextGLProxyBase::platformSwapChain): Deleted.

platform/graphics/cocoa/WebGLLayer.h:
platform/graphics/cocoa/WebGLLayer.mm:

(-[WebGLLayer initWithDevicePixelRatio:contentsOpaque:]):
(-[WebGLLayer display]):
(-[WebGLLayer swapChain]): Deleted.
(-[WebGLLayer prepareForDisplay]): Deleted.
(WebGLLayerSwapChain::present): Deleted.
CALayer.contents and setNeedsDisplay is called directly when
a graphics context has new display buffer.

platform/graphics/cocoa/WebProcessGraphicsContextGLOpenGLCocoa.mm: Added.

(WebCore::GraphicsContextGLOpenGL::create):

platform/graphics/opengl/GraphicsContextGLOpenGL.cpp:

(WebCore::GraphicsContextGLOpenGL::isValid const):
Add a new function that checks if the constructor exited early.
Before, m_contextObj would be consulted but this is not protected
so it's not so useful. Also it wasn't very accurate, as some constructor
early exists ran after m_contextObj was set. Use m_texture to detect
fully constructed object for now.

platform/graphics/opengl/GraphicsContextGLOpenGL.h:
platform/graphics/texmap/GraphicsContextGLTextureMapper.cpp:

(WebCore::GraphicsContextGLOpenGL::create):
(WebCore::GraphicsContextGLOpenGL::createForGPUProcess): Deleted.
GraphicsContextGLOpenGL for GPUProcess is now a new class, described
in WebKit ChangeLog. Remove the HostWindow arguments for
GraphicsContextGLOpenGL, it's not used.

Source/WebKit:

Implement changes so that GPU process side GraphicsContextGLOpenGL,
the new class GPUProcessGraphicsContextGL, does not use
WebGLLayer. Instead, the swap chain is in GraphicsContextGLOpenGL
and the GPUProcessGraphicsContextGL exposes a function to extract
the display buffer out to be sent to WebContent process.

GPUProcess/graphics/GPUProcessGraphicsContextGL.h: Added.

Add a simpler class for GPUProcess side GraphicsContextGLOpenGL
instance, one that can get the display buffer from the instance.

GPUProcess/graphics/RemoteGraphicsContextGL.h:
GPUProcess/graphics/RemoteGraphicsContextGLCocoa.cpp:

(WebKit::RemoteGraphicsContextGLCocoa::platformWorkQueueInitialize):
(WebKit::RemoteGraphicsContextGLCocoa::prepareForDisplay):

GPUProcess/graphics/RemoteGraphicsContextGLWin.cpp:

(WebKit::RemoteGraphicsContextGLWin::platformWorkQueueInitialize):

SourcesCocoa.txt:
WebKit.xcodeproj/project.pbxproj:
WebProcess/GPU/graphics/RemoteGraphicsContextGLProxy.cpp:

(WebKit::RemoteGraphicsContextGLProxy::~RemoteGraphicsContextGLProxy):
(WebKit::RemoteGraphicsContextGLProxy::prepareForDisplay):
Move Cocoa implemenation to an Objective-C++ file.

WebProcess/GPU/graphics/cocoa/RemoteGraphicsContextGLProxyCocoa.mm: Added.

(WebKit::RemoteGraphicsContextGLProxy::prepareForDisplay):
Set the display buffer contents directly to the WebGLLayer after
prepare.

WebProcess/InjectedBundle/API/mac/WKWebProcessPlugInBrowserContextController.mm:
WebProcess/Plugins/PDF/PDFPluginPasswordField.mm:
WebProcess/WebPage/RemoteLayerTree/PlatformCALayerRemoteModelHosting.mm:

(WebKit::PlatformCALayerRemoteModelHosting::dumpAdditionalProperties):
Unified build fixes.

6:18 AM Changeset in webkit [284370] by Carlos Garcia Campos

8 edits
2 adds in trunk/Source

[GLIB] Simplify SleepDisabler by checking if we are under sandbox
https://bugs.webkit.org/show_bug.cgi?id=231670

Reviewed by Adrian Perez de Castro.

Source/WebCore/PAL:

Current implementation always tries to connect to ScreenSaver interface and if that fails tries with the portal
one. It's simpler to check if we are under sandbox and it avoids a connection that we know is always going to
fail.

pal/system/glib/SleepDisablerGLib.cpp:

(PAL::SleepDisablerGLib::SleepDisablerGLib):
(PAL::SleepDisablerGLib::acquireInhibitor):
(PAL::SleepDisablerGLib::releaseInhibitor):
(PAL::SleepDisablerGLib::acquireInhibitorViaScreenSaverProxy): Deleted.
(PAL::SleepDisablerGLib::acquireInhibitorViaInhibitPortalProxy): Deleted.
(PAL::SleepDisablerGLib::releaseInhibitorViaScreenSaverProxy): Deleted.
(PAL::SleepDisablerGLib::releaseInhibitorViaInhibitPortalProxy): Deleted.

pal/system/glib/SleepDisablerGLib.h:

Source/WebKit:

Move functions to check if running inside a sandbox to WTF.

UIProcess/Launcher/glib/ProcessLauncherGLib.cpp:

(WebKit::isInsideDocker): Deleted.
(WebKit::isInsideFlatpak): Deleted.
(WebKit::isInsideSnap): Deleted.

Source/WTF:

Move function to check if running inside a sandbox and add shouldUsePortal() to check whether portal sandbox
should be used. WEBKIT_USE_PORTAL environment variable can be used to force the use of portals when not running
under the sandbox.

wtf/PlatformGTK.cmake:
wtf/PlatformWPE.cmake:
wtf/glib/Sandbox.cpp: Added.

(WTF::isInsideFlatpak):
(WTF::isInsideDocker):
(WTF::isInsideSnap):
(WTF::shouldUsePortal):

wtf/glib/Sandbox.h: Added.

6:17 AM Changeset in webkit [284369] by ysuzuki@apple.com

3 edits in trunk/Source/JavaScriptCore

[JSC] Use USE(LARGE_TYPED_ARRAY)
https://bugs.webkit.org/show_bug.cgi?id=231885

Reviewed by Sam Weinig.

Fix USE(ADDRESS64) with USE(LARGE_TYPED_ARRAY). USE(ADDRESS64) is not correct (it should be CPU(ADDRESS64)).
It is coverted by JSTests/stress/typed-array-large-eventually-oob.js.

dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileCompareStrictEq):

6:07 AM Changeset in webkit [284368] by Philippe Normand

21 edits in trunk

[GStreamer] fast/mediastream/video-rotation tests are failing due to missing TestController::takeViewPortSnapshot
https://bugs.webkit.org/show_bug.cgi?id=231059

Reviewed by Xabier Rodriguez-Calvar.

Source/WebCore:

Add video orientation and mirroring support to the GStreamer mock video source, all the way
to the media player. The video sink had to be adapted, to catch tag events and trigger
orientation update in the player.

platform/graphics/gstreamer/GLVideoSinkGStreamer.cpp:

(webKitGLVideoSinkSetMediaPlayerPrivate):

platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

(WebCore::getVideoOrientation):
(WebCore::MediaPlayerPrivateGStreamer::updateVideoOrientation):
(WebCore::MediaPlayerPrivateGStreamer::updateVideoSizeAndOrientationFromCaps):

platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
platform/graphics/gstreamer/MediaSampleGStreamer.cpp:

(WebCore::MediaSampleGStreamer::MediaSampleGStreamer):
(WebCore::MediaSampleGStreamer::createImageSample):

platform/graphics/gstreamer/MediaSampleGStreamer.h:

(WebCore::MediaSampleGStreamer::create):
(WebCore::MediaSampleGStreamer::createImageSample):

platform/mediastream/gstreamer/GStreamerMediaStreamSource.cpp:
platform/mediastream/gstreamer/MockRealtimeVideoSourceGStreamer.cpp:

(WebCore::MockRealtimeVideoSourceGStreamer::updateSampleBuffer):

Source/WebKit:

Implement setOrientationForMediaCapture for GStreamer ports. Because media capture runs in
the WebProcess for those ports, we need a new IPC message, sent from the UIProcess to the
WebProcess.

UIProcess/API/C/WKPage.cpp:

(WKPageSetMockCameraOrientation):
(WKPageIsMockRealtimeMediaSourceCenterEnabled):

UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::setOrientationForMediaCapture):

WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::setOrientationForMediaCapture):

WebProcess/WebPage/WebPage.h:
WebProcess/WebPage/WebPage.messages.in:

Tools:

Implement takeViewPortSnapshot for WPE and GTK, the WebView snapshot is exported to PNG and
serialized as a data URL.

WebKitTestRunner/TestController.cpp:
WebKitTestRunner/gtk/TestControllerGtk.cpp:

(WTR::TestController::takeViewPortSnapshot):

WebKitTestRunner/wpe/TestControllerWPE.cpp:

(WTR::TestController::takeViewPortSnapshot):

LayoutTests:

The video-rotation.html test was prone to flakyness in GStreamer ports, so a few changes were made:

don't append canvas to the page, that can "poison" future viewport snapshots
wait for a timeupdate before checking the first snapshot, that gives us some margin, so

the player might have repainted

catch validation errors so they're not logged to the console, that would introduce result

diffs in case the first validation was not successful

try at most 100 validations attempts. Ideally it would be nicer to rely on the

requestVideoFrameCallback API for this.

fast/mediastream/video-rotation.html:
platform/glib/TestExpectations:

5:43 AM Changeset in webkit [284367] by Carlos Garcia Campos

10 edits
1 add in trunk

[GTK][a11y] Add implementation of component interface when building with ATSPI
https://bugs.webkit.org/show_bug.cgi?id=230257

Reviewed by Adrian Perez de Castro.

Source/WebCore:

SourcesGTK.txt:
accessibility/atspi/AccessibilityAtspiEnums.h:
accessibility/atspi/AccessibilityObjectAtspi.cpp:

(WebCore::AccessibilityObjectAtspi::interfacesForObject):
(WebCore::AccessibilityObjectAtspi::path):
(WebCore::AccessibilityObjectAtspi::buildInterfaces const):

accessibility/atspi/AccessibilityObjectComponentAtspi.cpp: Added.

(WebCore::AccessibilityObjectAtspi::hitTest const):
(WebCore::AccessibilityObjectAtspi::elementRect const):
(WebCore::AccessibilityObjectAtspi::focus const):
(WebCore::AccessibilityObjectAtspi::opacity const):
(WebCore::AccessibilityObjectAtspi::scrollToMakeVisible const):
(WebCore::AccessibilityObjectAtspi::scrollToPoint const):

accessibility/atspi/AccessibilityRootAtspi.cpp:

(WebCore::AccessibilityRootAtspi::registerObject):
(WebCore::AccessibilityRootAtspi::serialize const):
(WebCore::AccessibilityRootAtspi::frameRect const):

accessibility/atspi/AccessibilityRootAtspi.h:
accessibility/atspi/xml/Component.xml:

Tools:

Add unit tests for component interface.

TestWebKitAPI/Tests/WebKitGtk/TestWebKitAccessibility.cpp:

(testComponentHitTest):
(testComponentScrollTo):
(beforeAll):

5:26 AM Changeset in webkit [284366] by ntim@apple.com

15 edits
2 adds in trunk

Fix mouse selection on modal <dialog> text nodes
https://bugs.webkit.org/show_bug.cgi?id=231741

Reviewed by Antti Koivisto.

Tests:

editing/selection/modal-dialog-select-paragraph.html (tests this bug)
imported/w3c/web-platform-tests/inert/inert-node-is-unselectable.tentative.html (tests what

the canStartSelection check was supposed to fix)

The inert check in Node::canStartSelection() was too restrictive, which caused this bug to happen because
we set the root node as inert and then reset it for the modal <dialog> itself, causing the text in the
<dialog> to be unselectable. Instead, just mirror how -webkit-user-select: none; is implemented by
introducing RenderStyle::userSelectIncludingInert().

Source/WebCore:

dom/Node.cpp:

(WebCore::computeEditabilityFromComputedStyle):
(WebCore::Node::canStartSelection const):

dom/Position.cpp:

(WebCore::Position::nodeIsUserSelectNone):
(WebCore::Position::nodeIsUserSelectAll):
(WebCore::Position::isCandidate const):
(WebCore::Position::nodeIsInertOrUserSelectNone): Deleted.

dom/Position.h:
dom/PositionIterator.cpp:

(WebCore::PositionIterator::isCandidate const):

page/EventHandler.cpp:

(WebCore::EventHandler::updateSelectionForMouseDownDispatchingSelectStart):
(WebCore::EventHandler::canMouseDownStartSelect):
(WebCore::EventHandler::selectCursor):

page/Frame.cpp:

(WebCore::Frame::rangeForPoint):

rendering/RenderElement.cpp:

(WebCore::RenderElement::selectionColor const):
(WebCore::RenderElement::selectionBackgroundColor const):

rendering/RenderLayer.cpp:

(WebCore::RenderLayer::calculateClipRects const):

rendering/RenderObject.cpp:

(WebCore::RenderObject::collectSelectionGeometriesInternal):

rendering/style/RenderStyle.h:

(WebCore::RenderStyle::userSelectIncludingInert const):

Source/WebKit:

WebProcess/InjectedBundle/DOM/InjectedBundleNodeHandle.cpp:

(WebKit::InjectedBundleNodeHandle::isSelectableTextNode const):

WebProcess/WebPage/ios/WebPageIOS.mm:

(WebKit::selectionPositionInformation):

LayoutTests:

editing/selection/modal-dialog-select-paragraph-expected.txt: Added.
editing/selection/modal-dialog-select-paragraph.html: Added.

4:33 AM Changeset in webkit [284365] by eocanha@igalia.com

4 edits in trunk

[GLIB][GStreamer] test http/tests/security/webaudio-render-remote-audio-allowed-crossorigin-redirect.html is a flaky timeout since r278004
https://bugs.webkit.org/show_bug.cgi?id=229219
<rdar://problem/82059333>

Reviewed by Philippe Normand.

Source/WebCore:

Forward EOS from webaudio appsink to the main pipeline. For some reason, some intermediate
GstBin isn't forwarding the GST_MESSAGE_EOS emitted by the appsink added by webaudio, so
the code at MediaPlayerPrivateGStreamer::handleMessage() can't detect EOS properly and signal
it to the player and the HTMLMediaElement.

platform/audio/gstreamer/AudioSourceProviderGStreamer.cpp:

(WebCore::AudioSourceProviderGStreamer::handleNewDeinterleavePad): Listen to the EOS signal of each created appsink and forward it to the main pipeline bus as GST_MESSAGE_EOS.
(WebCore::AudioSourceProviderGStreamer::handleRemovedDeinterleavePad): Remove the signal handler on pad destruction.

LayoutTests:

Give some more time to the frequency analyzer to detect activity.

http/tests/security/webaudio-render-remote-audio-allowed-crossorigin-redirect.html:

3:47 AM Changeset in webkit [284364] by ysuzuki@apple.com

4 edits in trunk

Remove AVOID_NATIVE_INT128_T
https://bugs.webkit.org/show_bug.cgi?id=231888

Reviewed by Mark Lam.

Source/WTF:

wtf/Int128.h:

Tools:

We can test Int128 without AVOID_NATIVE_INT128_T.

TestWebKitAPI/Tests/WTF/Int128.cpp:

(TestWebKitAPI::TestUnary):
(TestWebKitAPI::TestBinary):
(TestWebKitAPI::ToNative):
(TestWebKitAPI::FromNative):
(TestWebKitAPI::TestVsNative):
(TestWebKitAPI::TEST):

3:40 AM Changeset in webkit [284363] by commit-queue@webkit.org

2 edits in trunk

Add my github username to contributors.json
https://bugs.webkit.org/show_bug.cgi?id=231889

Patch by Rob Buis <rbuis@igalia.com> on 2021-10-18
Reviewed by Manuel Rego Casasnovas.

metadata/contributors.json:

3:23 AM Changeset in webkit [284362] by commit-queue@webkit.org

2 edits in trunk

Add my github username to contributors.json
https://bugs.webkit.org/show_bug.cgi?id=231887

Unreviewed.

Patch by Xan Lopez <Xan Lopez> on 2021-10-18

metadata/contributors.json: add my github username.

3:16 AM Changeset in webkit [284361] by commit-queue@webkit.org

44 edits in trunk

Implement parsing and animation support for offset-distance, offset-position, offset-anchor
https://bugs.webkit.org/show_bug.cgi?id=231491

Patch by Kiet Ho <Kiet Ho> on 2021-10-18
Reviewed by Antoine Quint.

LayoutTests/imported/w3c:

Updated relevant test expectations.

web-platform-tests/css/css-cascade/all-prop-initial-xml-expected.txt:
web-platform-tests/css/cssom/cssstyledeclaration-csstext-expected.txt:
web-platform-tests/css/cssom/getComputedStyle-detached-subtree-expected.txt:
web-platform-tests/css/motion/animation/offset-anchor-composition-expected.txt:
web-platform-tests/css/motion/animation/offset-anchor-interpolation-expected.txt:
web-platform-tests/css/motion/animation/offset-distance-composition-expected.txt:
web-platform-tests/css/motion/animation/offset-distance-interpolation-expected.txt:
web-platform-tests/css/motion/animation/offset-position-composition-expected.txt:
web-platform-tests/css/motion/animation/offset-position-interpolation-expected.txt:
web-platform-tests/css/motion/animation/offset-position-interpolation.html: Fixed test to accept other length expressions as equivalent.
web-platform-tests/css/motion/inheritance-expected.txt:
web-platform-tests/css/motion/offset-supports-calc-expected.txt:
web-platform-tests/css/motion/parsing/offset-anchor-computed-expected.txt:
web-platform-tests/css/motion/parsing/offset-anchor-parsing-valid-expected.txt:
web-platform-tests/css/motion/parsing/offset-anchor-parsing-valid.html: Fixed test to accept "center" as an alternative to "center center", "calc(20% + 10px) center" as an alternative to "calc(10px + 20%) center".
web-platform-tests/css/motion/parsing/offset-distance-computed-expected.txt:
web-platform-tests/css/motion/parsing/offset-distance-parsing-valid-expected.txt:
web-platform-tests/css/motion/parsing/offset-position-computed-expected.txt:
web-platform-tests/css/motion/parsing/offset-position-parsing-valid-expected.txt:
web-platform-tests/css/motion/parsing/offset-position-parsing-valid.html: Fixed test to accept "center" as an alternative to "center center", "calc(20% + 10px) center" as an alternative to "calc(10px + 20%) center".
web-platform-tests/css/motion/parsing/offset-shorthand-expected.txt:
web-platform-tests/web-animations/animation-model/animation-types/accumulation-per-property-002-expected.txt:
web-platform-tests/web-animations/animation-model/animation-types/addition-per-property-002-expected.txt:
web-platform-tests/web-animations/animation-model/animation-types/interpolation-per-property-002-expected.txt:

Source/WebCore:

Tests: imported/w3c/web-platform-tests/css/motion/animation/offset-anchor-composition.html

imported/w3c/web-platform-tests/css/motion/animation/offset-anchor-interpolation.html
imported/w3c/web-platform-tests/css/motion/animation/offset-distance-composition.html
imported/w3c/web-platform-tests/css/motion/animation/offset-distance-interpolation.html
imported/w3c/web-platform-tests/css/motion/animation/offset-position-composition.html
imported/w3c/web-platform-tests/css/motion/animation/offset-position-interpolation.html
imported/w3c/web-platform-tests/css/motion/inheritance.html
imported/w3c/web-platform-tests/css/motion/offset-supports-calc.html
imported/w3c/web-platform-tests/css/motion/parsing/offset-anchor-computed.html
imported/w3c/web-platform-tests/css/motion/parsing/offset-anchor-parsing-valid.html
imported/w3c/web-platform-tests/css/motion/parsing/offset-distance-computed.html
imported/w3c/web-platform-tests/css/motion/parsing/offset-distance-parsing-valid.html
imported/w3c/web-platform-tests/css/motion/parsing/offset-position-computed.html
imported/w3c/web-platform-tests/css/motion/parsing/offset-position-parsing-valid.html

animation/CSSPropertyAnimation.cpp:

(WebCore::CSSPropertyAnimationWrapperMap::CSSPropertyAnimationWrapperMap):

css/CSSComputedStyleDeclaration.cpp:

(WebCore::valueForPosition):
(WebCore::valueForPositionOrAuto):
(WebCore::ComputedStyleExtractor::valueForPropertyInStyle):

css/CSSProperties.json:
css/parser/CSSPropertyParser.cpp:

(WebCore::consumePositionOrAuto):
(WebCore::CSSPropertyParser::parseSingleValue):

rendering/style/RenderStyle.h:

(WebCore::RenderStyle::offsetDistance const):
(WebCore::RenderStyle::setOffsetDistance):
(WebCore::RenderStyle::initialOffsetDistance):
(WebCore::RenderStyle::offsetPosition const):
(WebCore::RenderStyle::setOffsetPosition):
(WebCore::RenderStyle::initialOffsetPosition):
(WebCore::RenderStyle::offsetAnchor const):
(WebCore::RenderStyle::setOffsetAnchor):
(WebCore::RenderStyle::initialOffsetAnchor):

rendering/style/StyleRareNonInheritedData.cpp:

(WebCore::StyleRareNonInheritedData::StyleRareNonInheritedData):
(WebCore::StyleRareNonInheritedData::operator== const):

rendering/style/StyleRareNonInheritedData.h:
style/StyleBuilderConverter.h:

(WebCore::Style::BuilderConverter::convertPosition):
(WebCore::Style::BuilderConverter::convertPositionOrAuto):

Source/WTF:

Scripts/Preferences/WebPreferencesExperimental.yaml: Add new preference for CSS Motion Path support.

LayoutTests:

Update platform-specific test expectations to accommodate for newly added CSS properties.

platform/gtk/imported/w3c/web-platform-tests/css/cssom/cssstyledeclaration-csstext-expected.txt:
platform/gtk/imported/w3c/web-platform-tests/css/cssom/getComputedStyle-detached-subtree-expected.txt:
platform/ios-wk2/imported/w3c/web-platform-tests/css/cssom/cssstyledeclaration-csstext-expected.txt:
platform/ios-wk2/imported/w3c/web-platform-tests/css/cssom/getComputedStyle-detached-subtree-expected.txt:
platform/ios/imported/w3c/web-platform-tests/css/cssom/cssstyledeclaration-csstext-expected.txt:
platform/wpe/imported/w3c/web-platform-tests/css/cssom/cssstyledeclaration-csstext-expected.txt:
platform/wpe/imported/w3c/web-platform-tests/css/cssom/getComputedStyle-detached-subtree-expected.txt:

3:11 AM Changeset in webkit [284360] by ntim@apple.com

8 edits
6 adds
2 deletes in trunk/LayoutTests/imported/w3c

Re-import shadow-dom WPT
https://bugs.webkit.org/show_bug.cgi?id=231845

Reviewed by Antoine Quint.

Upstream commit: https://github.com/web-platform-tests/wpt/commit/deaab24d4e359f4264ba8843fa87a558ed9e0b81

The flakiness of focus-pseudo-matches-on-shadow-host.html was due to not waiting for the "update rendering"
steps for autofocus to happen, which is flaky with the new autofocus behavior. This has been fixed by a Gecko
committer who had the issue on their side as well:

https://github.com/web-platform-tests/wpt/commit/7555902a6e5c2b2f285bc6d0e2e05b5f3229af6a

resources/resource-files.json:
web-platform-tests/shadow-dom/declarative/declarative-shadow-dom-attachment.tentative.html:
web-platform-tests/shadow-dom/focus/blur-on-shadow-host-delegatesFocus-expected.txt: Added.
web-platform-tests/shadow-dom/focus/blur-on-shadow-host-delegatesFocus.html: Added.
web-platform-tests/shadow-dom/focus/click-focus-delegatesFocus-click-method-expected.txt: Removed.
web-platform-tests/shadow-dom/focus/click-focus-delegatesFocus-click-method.html: Removed.
web-platform-tests/shadow-dom/focus/click-focus-delegatesFocus-click-expected.txt: Added.
web-platform-tests/shadow-dom/focus/click-focus-delegatesFocus-click.html: Added.
web-platform-tests/shadow-dom/focus/focus-pseudo-matches-on-shadow-host.html:
web-platform-tests/shadow-dom/focus/focus-pseudo-on-shadow-host-2.html:
web-platform-tests/shadow-dom/focus/focus-selector-delegatesFocus-expected.txt:
web-platform-tests/shadow-dom/focus/focus-selector-delegatesFocus.html:
web-platform-tests/shadow-dom/focus/focus-tab-on-shadow-host-expected.txt: Added.
web-platform-tests/shadow-dom/focus/focus-tab-on-shadow-host.html: Added.
web-platform-tests/shadow-dom/focus/w3c-import.log:

3:07 AM Changeset in webkit [284359] by svillar@igalia.com

5 edits in trunk

[css-flexbox] Improve & simplify the flex-basis computation
https://bugs.webkit.org/show_bug.cgi?id=230755

Reviewed by Manuel Rego Casasnovas.

Source/WebCore:

The flex-basis computation code was a bit convoluted. It had some pre-computations for items
with intrinsic main size that were causing several issues due to reentrancy. Actually those
computations where not needed at all for the flex basis computation but for a later stage, the
computation of the hyphotetical main size in which we need to compute 'min-{width|height}: auto'.

That's why the code that was executed before the flex-basis computation is now part of
computeFlexItemMinMaxSizes(). As we are no longer doing a layout before computing the flex-basis,
a layout has to be added to those cases in which the main size is the block size of the child. Apart
from that the flex-basis computation uses a newly defined RAII class to set the main size of the item
to the value specified by flex-basis which is what the specs mandate.

Last but not least, the computeInnerFlexBaseSizeForChild() method was renamed to computeFlexBaseSizeForChild()
which fits better with the terminology used in the specs.

Flex basis computation is already covered by the WPT test suite, there is no need for extra tests. This patch
fixes the only flex-basis-* test case that was not passing.

rendering/RenderFlexibleBox.cpp:

(WebCore::RenderFlexibleBox::computeMainAxisExtentForChild): Removed obsolete comment. Added
a layoutIfNeeded() as we cannot be sure that the item was already laid out any more.
(WebCore::ScopedFlexBasisAsMainSize::ScopedFlexBasisAsChildMainSize): New RAII class.
(WebCore::ScopedFlexBasisAsMainSize::~ScopedFlexBasisAsChildMainSize):
(WebCore::RenderFlexibleBox::computeFlexBaseSizeForChild): Renamed from computeInnerFlexBaseSizeForChild.
(WebCore::RenderFlexibleBox::computeFlexItemMinMaxSizes): Added relayoutChildren parameter.
(WebCore::RenderFlexibleBox::constructFlexItem): Moved code to computeFlexItemMinMaxSizes().
(WebCore::RenderFlexibleBox::layoutAndPlaceChildren):
(WebCore::RenderFlexibleBox::computeInnerFlexBaseSizeForChild): Deleted.

rendering/RenderFlexibleBox.h:

LayoutTests:

TestExpectations: Unskipped flex-basis-011.html which is now working fine.

2:39 AM Changeset in webkit [284358] by commit-queue@webkit.org

2 edits in trunk/Source/WebCore

[MediaStream] Mock video source background not fully filled for custom video resolution
https://bugs.webkit.org/show_bug.cgi?id=231863

Patch by Philippe Normand <pnormand@igalia.com> on 2021-10-18
Reviewed by Xabier Rodriguez-Calvar.

The video frame buffer matches the captureSize, so its background should do the same.
this->size() is the final size of the media source, applied to the frame buffer before
notification to observers.

platform/mock/MockRealtimeVideoSource.cpp:

(WebCore::MockRealtimeVideoSource::generateFrame):

1:42 AM Changeset in webkit [284357] by sihui_liu@apple.com

28 edits
4 moves in branches/safari-612-branch/Source

Apply patch rdar://83956117

1:42 AM Changeset in webkit [284356] by sihui_liu@apple.com

44 edits
1 copy
1 add in branches/safari-612-branch

Apply patch rdar://83953160

1:42 AM Changeset in webkit [284355] by sihui_liu@apple.com

49 edits
9 copies
6 adds in branches/safari-612-branch

Apply patch rdar://83955623

1:41 AM Changeset in webkit [284354] by sihui_liu@apple.com

37 edits
10 copies
1 add in branches/safari-612-branch

Apply patch rdar://83952929

1:41 AM Changeset in webkit [284353] by sihui_liu@apple.com

8 edits in branches/safari-612-branch/Source

Apply patch rdar://83955481

1:41 AM Changeset in webkit [284352] by sihui_liu@apple.com

16 edits in branches/safari-612-branch

Apply patch rdar://83953730

1:41 AM Changeset in webkit [284351] by sihui_liu@apple.com

88 edits
13 copies
2 adds in branches/safari-612-branch

Apply patch rdar://83955868

1:25 AM Changeset in webkit [284350] by magomez@igalia.com

2 edits in trunk

Add my github username to contributors.json

Unreviewed.

metadata/contributors.json:

1:17 AM Changeset in webkit [284349] by ddkilzer@apple.com

2 edits in trunk/Source/WebKit

Use-after-move of m_sockets in NetworkRTCProvider::close()
<https://webkit.org/b/231779>
<rdar://problem/84278026>

Reviewed by Youenn Fablet.

NetworkProcess/webrtc/NetworkRTCProvider.cpp:

(WebKit::NetworkRTCProvider::close):

Replace WTFMove() with std::exchange() to make it clear that m_sockets will be emptied, then iterate on sockets to close them. Update ASSERT() to check that no sockets were added to m_sockets during the loop.

1:12 AM Changeset in webkit [284348] by ysuzuki@apple.com

3 edits
1 add in trunk

[JSC] PutByVal's child5 should be KnownInt32Use / Int52RepUse in FTL
https://bugs.webkit.org/show_bug.cgi?id=231884
rdar://84357099

Reviewed by Robin Morisset.

JSTests:

stress/put-by-val-known-int32.js: Added.

(new.Uint8Array.1000000.map):

Source/JavaScriptCore:

The child5 of PutByVal should be KnownInt32Use or Int52RepUse.

ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compilePutByVal):

1:05 AM Changeset in webkit [284347] by dino@apple.com

25 edits
13 copies
3 adds in trunk

[WebXR] Stubs for WebXR Hand Input Module
https://bugs.webkit.org/show_bug.cgi?id=231123
<rdar://problem/83802135>

Reviewed by Sam Weinig.

Source/WebCore:

Add the IDL and stub implementations for the WebXR
Hand Input module:
https://immersive-web.github.io/webxr-hand-input/

The important class is WebXRHand, which is owned by
and accessible from the WebXRInputSource, which
itself is owned by the WebXRSession.

Test: http/wpt/webxr/xrHandInput_gc.html

CMakeLists.txt: Add new files.
DerivedSources-input.xcfilelist:
DerivedSources-output.xcfilelist:
DerivedSources.make:
Sources.txt:
WebCore.xcodeproj/project.pbxproj:

Modules/webxr/WebXRSession.idl: Add a custom mark function that creates an opaque root.
bindings/js/JSWebXRSessionCustom.cpp:

Modules/webxr/WebXRFrame+HandInput.idl: Add new hand-related methods.
Modules/webxr/WebXRFrame.cpp:

(WebCore::WebXRFrame::getJointPose):
(WebCore::WebXRFrame::fillJointRadii):
(WebCore::WebXRFrame::fillPoses):

Modules/webxr/WebXRFrame.h:

Modules/webxr/WebXRHand.cpp: New files.

(WebCore::WebXRHand::create):
(WebCore::WebXRHand::WebXRHand):
(WebCore::WebXRHand::get):
(WebCore::WebXRHand::Iterator::Iterator):
(WebCore::WebXRHand::Iterator::next):
(WebCore::WebXRHand::session):

Modules/webxr/WebXRHand.h:

(WebCore::WebXRHand::size):
(WebCore::WebXRHand::createIterator):

Modules/webxr/WebXRHand.idl:

Modules/webxr/WebXRInputSource+HandInput.idl: Add WebXRHand accessor.
Modules/webxr/WebXRInputSource.cpp:

(WebCore::WebXRInputSource::update):

Modules/webxr/WebXRInputSource.h:

(WebCore::WebXRInputSource::hand const):

Modules/webxr/WebXRJointPose.cpp: New files.

(WebCore::WebXRJointPose::create):
(WebCore::WebXRJointPose::WebXRJointPose):

Modules/webxr/WebXRJointPose.h:

(WebCore::WebXRJointPose::radius const):

Modules/webxr/WebXRJointPose.idl:

Modules/webxr/WebXRJointSpace.cpp: New files.

(WebCore::WebXRJointSpace::create):
(WebCore::WebXRJointSpace::WebXRJointSpace):
(WebCore::WebXRJointSpace::nativeOrigin const):

Modules/webxr/WebXRJointSpace.h:

(WebCore::WebXRJointSpace::jointName const):

Modules/webxr/WebXRJointSpace.idl:

Modules/webxr/WebXRSpace.h: New virtual identifier for joint space subclass.

(WebCore::WebXRSpace::isJointSpace const):

Modules/webxr/WebXRSystem.cpp: Add a comment regarding the testing of

optional features (where the "hand-tracking" feature should be checked).
(WebCore::WebXRSystem::resolveRequestedFeatures const):

Modules/webxr/XRHandJoint.h: New file.
Modules/webxr/XRHandJoint.idl:

bindings/js/WebCoreBuiltinNames.h: Expose new mappings from published names

to internal names.

platform/xr/PlatformXR.h: Add "simulateHands" field to frame data for testing.
testing/FakeXRInputSourceInit.h: And similarly to the fake input source.
testing/FakeXRInputSourceInit.idl:

testing/WebFakeXRInputController.cpp: Allow the test system to fake a hand.

(WebCore::WebFakeXRInputController::WebFakeXRInputController):
(WebCore::WebFakeXRInputController::getFrameData):

testing/WebFakeXRInputController.h:

Source/WTF:

Add an ENABLE_WEBXR_HANDS compile time flag and a WebXRHandsEnabled preference.

Scripts/Preferences/WebPreferencesExperimental.yaml:
wtf/PlatformEnable.h:
wtf/PlatformEnableCocoa.h:

LayoutTests:

New test that checks an XRHand object can survive garbage collection.

http/wpt/webxr/xrHandInput_gc-expected.txt: Added.
http/wpt/webxr/xrHandInput_gc.html: Added.

Oct 17, 2021:

5:22 PM Changeset in webkit [284346] by Kocsen Chung

2 edits in branches/safari-612-branch/Source/JavaScriptCore

Cherry-pick r284212. rdar://problem/84351869

Wasm LLInt should zero bytecodeIndex before throwing
https://bugs.webkit.org/show_bug.cgi?id=231688
<rdar://84207898>

Reviewed by Yusuke Suzuki.

After r283852, the unwinder can now ask WebAssembly frames for their bytecodeIndex.
We do write to the bytecodeIndex when throwing from the wasm throw opcode, but we
failed to write when trapping (e.g. throwing an OOB or Unreachable). The value of
the bytecodeIndex in this is case is not interesting, since these exceptions can't be
caught from Wasm, all we need to know is ensure there isn't an invalid left-over
value in that stack slot, so we zero it.

llint/WebAssembly.asm:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@284212 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5:21 PM Changeset in webkit [284345] by Kocsen Chung

3 edits in branches/safari-612-branch/Source/ThirdParty/libwebrtc

Cherry-pick r284082. rdar://problem/84351872

Override guessed color space for incoming H.264/265 streams
https://bugs.webkit.org/show_bug.cgi?id=231353
<rdar://problem/83969311>

Reviewed by Youenn Fablet.

When the VTDecompressionSession decodes incoming H.264/H.265 samples,
it puts guessed color space attachments on the CVPixelBuffer, and the
guesses are based on video resolution. WebRTC streams however default
to being sRGB. So this patch overrides a guess with what we know the
stream will be. (Once we support different color spaces in WebRTC
video streams we'll need to adjust this.)

Source/webrtc/sdk/objc/components/video_codec/RTCVideoDecoderH264.mm: (overrideColorSpaceAttachmentsIfNeeded): (decompressionOutputCallback):
Source/webrtc/sdk/objc/components/video_codec/RTCVideoDecoderH265.mm: (overrideColorSpaceAttachmentsIfNeeded): (h265DecompressionOutputCallback):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@284082 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4:15 PM Changeset in webkit [284344] by ddkilzer@apple.com

7 edits in trunk/Source

Build fix #3: Adopt attribution AVCaptureSession SPI for GPU process
https://bugs.webkit.org/show_bug.cgi?id=231621
<rdar://problem/80748535>

Unreviewed build fix.

Source/WebCore/PAL:

pal/spi/cocoa/TCCSPI.h:
Use HAVE(TCC_IOS_14_BIG_SUR_SPI).

Source/WebKit:

Shared/Cocoa/TCCSoftLink.h:

(tcc_identity_create):

Shared/Cocoa/TCCSoftLink.mm:

(tcc_identity_create):

Use HAVE(TCC_IOS_14_BIG_SUR_SPI).

Source/WTF:

wtf/PlatformHave.h:

(HAVE_TCC_IOS_14_BIG_SUR_SPI): Add.

Used for TCC.framework SPI available in iOS 14 and macOS 11 Big Sur and later.

3:51 PM Changeset in webkit [284343] by Alan Bujtas

2 edits in trunk/LayoutTests

IFC progression (inline box borders).

Unreviewed.

TestExpectations:

2:19 PM Changeset in webkit [284342] by ddkilzer@apple.com

2 edits in trunk/Source/WebKit

Follow-up: WebKit::LocalConnection::createCredentialPrivateKey leaks an NSMutableDictionary
<https://webkit.org/b/231814>
<rdar://problem/84307054>

Unreviewed follow-up to address Darin's comments.

UIProcess/WebAuthentication/Cocoa/LocalConnection.mm:

(WebKit::LocalConnection::createCredentialPrivateKey const):

Remove need for C-style cast by using a local variable for the mutable copy of the NSDictionary.

1:47 PM Changeset in webkit [284341] by mark.lam@apple.com

6 edits in trunk/Source/JavaScriptCore

Make LLIntAssembly.h more readable.
https://bugs.webkit.org/show_bug.cgi?id=231876

Reviewed by Yusuki Suzuki.

In this patch, I did the following:

Changed CodeOrigin to only dump the filename, and not the full path.

Deferred printing the ".loc" metadata in $asm.debugAnnotation till we format the line to dump in $asm.formatDump. This enabled the ".loc" metadata to be dumped on the same line as the asm instruction.

Changed $asm.codeOrigin to not dump multiple codeOrigin comments. The only times when there appears to be "multiple" codeOrigins for any given instruction is if the instruction before it was elided, thereby leaving the elided instruction's codeOrigin to be mis-attributed to the subsequent instruction.

Moved the MIPS Assembler.putStr method to asm.rb. This method was already commonly used in arm.rb and arm64.rb previously. Hence, it belongs in common code.

Also enhanced it to support indenting by the column width of ".loc" debug
annotations if $enableDebugAnnotations is true. This keeps the ".loc" column
on the left clear of other content, thereby making it easy to visually filter
out that column when scanning through the generated asm code.

Changed some code that called outp.puts directly to call $asm.putStr instead. This yields the nice alignment for easy visual filtering described in (4).

Changed $preferredCommentStartColumn to be at column 40 to make the generated asm code more compact. However, if the backend is the C_LOOP, then change it back to 60 because C_LOOP code is more verbose and need the extra space.

Demo time:
Before this patch, LLIntAssembly.h looks like this:
`
#if !OFFLINE_ASM_X86 && !OFFLINE_ASM_X86_WIN && !OFFLINE_ASM_X86_64 && !OFFLINE_ASM_X86_64_WIN && !OFFLINE_ASM_ARMv7 && !OFFLINE_ASM_ARM64 && OFFLINE_ASM_ARM64E && !OFFLINE_ASM_MIPS && !OFFLINE_ASM_RISCV64 && !OFFLINE_ASM_C_LOOP && !OFFLINE_ASM_C_LOOP_WIN && !OFFLINE_ASM_ARMv7k && !OFFLINE_ASM_ARMv7s && OFFLINE_ASM_JSVALUE64 && !OFFLINE_ASM_BIGINT32 && OFFLINE_ASM_GIGACAGE_ENABLED && !OFFLINE_ASM_ASSERT_ENABLED && !OFFLINE_ASM_TRACING && OFFLINE_ASM_ADDRESS64 && OFFLINE_ASM_JIT && OFFLINE_ASM_WEBASSEMBLY && OFFLINE_ASM_HAVE_FAST_TLS && OFFLINE_ASM_WEBASSEMBLY_B3JIT
OFFLINE_ASM_BEGIN
OFFLINE_ASM_GLOBAL_LABEL(llintPCRangeStart)
".file 1 \"/Users/mlam/ws1/OpenSource/Source/JavaScriptCore/llint/LowLevelInterpreter.asm\"\n"
".file 2 \"/Users/mlam/ws1/OpenSource/WebKitBuild/Release/DerivedSources/JavaScriptCore/InitBytecodes.asm\"\n"
".file 3 \"/Users/mlam/ws1/OpenSource/Source/JavaScriptCore/llint/LowLevelInterpreter64.asm\"\n"
".file 4 \"/Users/mlam/ws1/OpenSource/Source/JavaScriptCore/llint/LowLevelInterpreter32_64.asm\"\n"
".file 5 \"/Users/mlam/ws1/OpenSource/WebKitBuild/Release/DerivedSources/JavaScriptCore/InitWasm.asm\"\n"
".file 6 \"/Users/mlam/ws1/OpenSource/Source/JavaScriptCore/llint/WebAssembly.asm\"\n"
".file 7 \"/Users/mlam/ws1/OpenSource/WebKitBuild/Release/usr/local/include/WebKitAdditions/LowLevelInterpreterAdditions.asm\"\n"
".loc 1 1672\n"

"\tbrk #0xc471\n" JavaScriptCore/llint/LowLevelInterpreter.asm:1672

".loc 1 1681\n"

OFFLINE_ASM_GLOBAL_LABEL(vmEntryToJavaScript)
".loc 1 1066\n"

"\tpacibsp\n" JavaScriptCore/llint/LowLevelInterpreter.asm:1066

".loc 1 1070\n"

"\tstp x29, x30, [sp, #-16]!\n" JavaScriptCore/llint/LowLevelInterpreter.asm:1070

".loc 1 1075\n"

"\tmov x29, sp\n" JavaScriptCore/llint/LowLevelInterpreter.asm:1075

".loc 1 1090\n"

"\tsub sp, x29, #176\n" JavaScriptCore/llint/LowLevelInterpreter.asm:1090

".loc 3 169\n"

"\tmovz x13, #48040, lsl #0\n" JavaScriptCore/llint/LowLevelInterpreter64.asm:169

".loc 3 169\n"

"\tadd x17, x1, x13, lsl #0\n" JavaScriptCore/llint/LowLevelInterpreter64.asm:169

".loc 3 169\n"

"\tldr w4, [x17, #0]\n" JavaScriptCore/llint/LowLevelInterpreter64.asm:169

".loc 3 170\n"

"\tcbnz w4, " LOCAL_LABEL_STRING(_offlineasm_doVMEntrycheckVMEntryPermission) "\n" JavaScriptCore/llint/LowLevelInterpreter64.asm:170

".loc 3 172\n"

"\tstr x1, [sp, #0]\n" JavaScriptCore/llint/LowLevelInterpreter64.asm:172

...

".loc 3 309\n"

"\tmov x3, x0\n" JavaScriptCore/llint/LowLevelInterpreter64.asm:309

".loc 1 1\n"
#if OS(DARWIN)

"\tL_offlineasm_loh_adrp_1:\n" JavaScriptCore/llint/LowLevelInterpreter.asm:1
"\tadrp x2, " LOCAL_REFERENCE(g_config) "@GOTPAGE\n"
"\tL_offlineasm_loh_ldr_1:\n"
"\tldr x2, [x2, " LOCAL_REFERENCE(g_config) "@GOTPAGEOFF]\n"

#elif OS(LINUX)

"\tadrp x2, :got:" LOCAL_REFERENCE(g_config) "\n"
"\tldr x2, [x2, :got_lo12:" LOCAL_REFERENCE(g_config) "]\n"

#else
#error Missing globaladdr implementation
#endif
".loc 1 1\n"

"\tadd x2, x2, #3072\n" JavaScriptCore/llint/LowLevelInterpreter.asm:1

After this patch, LLIntAssembly.h looks like this:
`
#if !OFFLINE_ASM_X86 && !OFFLINE_ASM_X86_WIN && !OFFLINE_ASM_X86_64 && !OFFLINE_ASM_X86_64_WIN && !OFFLINE_ASM_ARMv7 && !OFFLINE_ASM_ARM64 && OFFLINE_ASM_ARM64E && !OFFLINE_ASM_MIPS && !OFFLINE_ASM_RISCV64 && !OFFLINE_ASM_C_LOOP && !OFFLINE_ASM_C_LOOP_WIN && !OFFLINE_ASM_ARMv7k && !OFFLINE_ASM_ARMv7s && OFFLINE_ASM_JSVALUE64 && !OFFLINE_ASM_BIGINT32 && OFFLINE_ASM_GIGACAGE_ENABLED && !OFFLINE_ASM_ASSERT_ENABLED && !OFFLINE_ASM_TRACING && OFFLINE_ASM_ADDRESS64 && OFFLINE_ASM_JIT && OFFLINE_ASM_WEBASSEMBLY && OFFLINE_ASM_HAVE_FAST_TLS && OFFLINE_ASM_WEBASSEMBLY_B3JIT

OFFLINE_ASM_BEGIN
OFFLINE_ASM_GLOBAL_LABEL(llintPCRangeStart)
".file 1 \"/Users/mlam/ws1/OpenSource/Source/JavaScriptCore/llint/LowLevelInterpreter.asm\"\n"
".file 2 \"/Users/mlam/ws1/OpenSource/WebKitBuild/Release/DerivedSources/JavaScriptCore/InitBytecodes.asm\"\n"
".file 3 \"/Users/mlam/ws1/OpenSource/Source/JavaScriptCore/llint/LowLevelInterpreter64.asm\"\n"
".file 4 \"/Users/mlam/ws1/OpenSource/Source/JavaScriptCore/llint/LowLevelInterpreter32_64.asm\"\n"
".file 5 \"/Users/mlam/ws1/OpenSource/WebKitBuild/Release/DerivedSources/JavaScriptCore/InitWasm.asm\"\n"
".file 6 \"/Users/mlam/ws1/OpenSource/Source/JavaScriptCore/llint/WebAssembly.asm\"\n"
".file 7 \"/Users/mlam/ws1/OpenSource/WebKitBuild/Release/usr/local/include/WebKitAdditions/LowLevelInterpreterAdditions.asm\"\n"

".loc 1 1672\n" "brk #0xc471 \n" LowLevelInterpreter.asm:1672

".loc 1 1681\n" OFFLINE_ASM_GLOBAL_LABEL(vmEntryToJavaScript)
".loc 1 1066\n" "pacibsp \n" LowLevelInterpreter.asm:1066
".loc 1 1070\n" "stp x29, x30, [sp, #-16]! \n" LowLevelInterpreter.asm:1070
".loc 1 1075\n" "mov x29, sp \n" LowLevelInterpreter.asm:1075
".loc 1 1090\n" "sub sp, x29, #176 \n" LowLevelInterpreter.asm:1090
".loc 3 169\n" "movz x13, #48040, lsl #0 \n" LowLevelInterpreter64.asm:169

"add x17, x1, x13, lsl #0 \n"
"ldr w4, [x17, #0] \n"

".loc 3 170\n" "cbnz w4, " LOCAL_LABEL_STRING(_offlineasm_doVMEntrycheckVMEntryPermission) " \n" LowLevelInterpreter64.asm:170
".loc 3 172\n" "str x1, [sp, #0] \n" LowLevelInterpreter64.asm:172

...

".loc 3 309\n" "mov x3, x0 \n" LowLevelInterpreter64.asm:309

#if OS(DARWIN)

".loc 1 1\n" "L_offlineasm_loh_adrp_1: \n" LowLevelInterpreter.asm:1

"adrp x2, " LOCAL_REFERENCE(g_config) "@GOTPAGE \n"
"L_offlineasm_loh_ldr_1: \n"
"ldr x2, [x2, " LOCAL_REFERENCE(g_config) "@GOTPAGEOFF] \n"

#elif OS(LINUX)

"adrp x2, :got:" LOCAL_REFERENCE(g_config) " \n"
"ldr x2, [x2, :got_lo12:" LOCAL_REFERENCE(g_config) "] \n"

#else
#error Missing globaladdr implementation
#endif

".loc 1 1\n" "add x2, x2, #3072 \n"
`

offlineasm/asm.rb:
offlineasm/cloop.rb:
offlineasm/config.rb:
offlineasm/mips.rb:
offlineasm/parser.rb:

1:46 PM Changeset in webkit [284340] by ddkilzer@apple.com

5 edits
2 copies in trunk

Add tests for WTF::OSObjectPtr/adoptOSObject in Cocoa with and without ARC
<https://webkit.org/b/231819>
<rdar://problem/84312692>

Reviewed by Darin Adler.

Source/WTF:

wtf/OSObjectPtr.h:

(WTF::adoptOSObject):

Rename when building with ARC enabled to prevent leaks or over-releases when linking ARC and non-ARC code.
Add WARN_UNUSED_RETURN attribute to match WTF::adoptNS().

Tools:

TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
Add OSObjectPtrCocoa.mm and OSObjectPtrCocoaARC.mm source files to the project.
TestWebKitAPI/Tests/WTF/darwin/OSObjectPtr.cpp:

(TestWebKitAPI::TEST):

Make code work when compiled with ARC enabled.
Fix a pre-existing leak of dispatch_queue_t in RetainRelease test.
TestWebKitAPI/Tests/WTF/darwin/OSObjectPtrCocoa.mm: Add.
TestWebKitAPI/Tests/WTF/darwin/OSObjectPtrCocoaARC.mm: Add.
Add test files that #include OSObjectPtr.cpp.

1:19 PM Changeset in webkit [284339] by Fujii Hironori

11 edits in trunk/LayoutTests

[WinCairo] Unreviewed test gardening

platform/wincairo/fast/css/font-face-opentype-expected.txt:
platform/wincairo/fast/text/basic/015-expected.txt:
platform/wincairo/fast/text/whitespace/004-expected.txt:
platform/wincairo/fast/text/whitespace/005-expected.txt:
platform/wincairo/fast/text/whitespace/006-expected.txt:
platform/wincairo/fast/text/whitespace/007-expected.txt:
platform/wincairo/fast/text/whitespace/010-expected.txt:
platform/wincairo/fast/text/whitespace/011-expected.txt:
platform/wincairo/fast/text/whitespace/015-expected.txt:
platform/wincairo/fast/text/whitespace/016-expected.txt:

12:30 PM Changeset in webkit [284338] by Kocsen Chung

92 edits
26 deletes in branches/safari-612-branch

Restore state to r284288 due to build failures.

12:00 PM Changeset in webkit [284337] by BJ Burg

7 edits
2 deletes in trunk

[Cocoa] Web Inspector: remove _WKInspectorExtensionPrivateForTesting
https://bugs.webkit.org/show_bug.cgi?id=231784
<rdar://problem/84280608>

Reviewed by Timothy Hatcher.

Source/WebKit:

Promote the only method to be API for _WKInspectorExtension. It is needed
to implement some parts of the devtools API.

SourcesCocoa.txt:
UIProcess/API/Cocoa/_WKInspectorExtension.h:
UIProcess/API/Cocoa/_WKInspectorExtension.mm:

(-[_WKInspectorExtension evaluateScript:inTabWithIdentifier:completionHandler:]):

UIProcess/API/Cocoa/_WKInspectorExtensionPrivateForTesting.h: Removed.
UIProcess/API/Cocoa/_WKInspectorExtensionTesting.mm: Removed.
WebKit.xcodeproj/project.pbxproj:

Tools:

TestWebKitAPI/Tests/WebKitCocoa/WKInspectorExtension.mm:

(TEST):

9:54 AM Changeset in webkit [284336] by Simon Fraser

5 edits
6 adds in trunk

REGRESSION (r270850): Reference clip path clips in the wrong place when inside non-visible overflow
https://bugs.webkit.org/show_bug.cgi?id=231852
<rdar://83186229>

Reviewed by Tim Horton.
Source/WebCore:

When clipping CSS boxes with reference clip paths we need to give RenderSVGResourceClipper two
different rectangles; the objectBoundingBox that is used to compute clip path geometry,
and the bounds of the clipped content, so that the buffer-based clipping code path
can create an ImageBuffer of the appropriate size.

Previously, we confounded these two rectangles, resulting in various bugs.

Tests: css3/masking/reference-clip-path-bounds.html

css3/masking/reference-clip-path-objectBoundingBox-buffer-clip.html
css3/masking/reference-clip-path-objectBoundingBox-path-clip.html

rendering/RenderLayer.cpp:

(WebCore::RenderLayer::setupClipPath):

rendering/svg/RenderSVGResourceClipper.cpp:

(WebCore::RenderSVGResourceClipper::applyResource):
(WebCore::RenderSVGResourceClipper::applyClippingToContext):

rendering/svg/RenderSVGResourceClipper.h:

LayoutTests:

Tests for reference clip-path with box-shadows and enclosing oveflow:hidden.

css3/masking/reference-clip-path-bounds-expected.html: Added.
css3/masking/reference-clip-path-bounds.html: Added.
css3/masking/reference-clip-path-objectBoundingBox-buffer-clip-expected.html: Added.
css3/masking/reference-clip-path-objectBoundingBox-buffer-clip.html: Added.
css3/masking/reference-clip-path-objectBoundingBox-path-clip-expected.html: Added.
css3/masking/reference-clip-path-objectBoundingBox-path-clip.html: Added.

9:38 AM Changeset in webkit [284335] by commit-queue@webkit.org

4 edits
2 adds in trunk

AX: WebKit should not expose redundant AXGroups with missing role when the label is the same as the contents
https://bugs.webkit.org/show_bug.cgi?id=169924

Patch by Tyler Wilcock <Tyler Wilcock> on 2021-10-17
Reviewed by Chris Fleizach.

Source/WebCore:

Don't expose groups with redundant accessibility text on the Mac.
Here's an example of one such group:

This group is not useful to accessibility clients. Instead, we
expose the text contents directly.

Test: accessibility/ignore-redundant-accessibility-text-groups.html

accessibility/AccessibilityRenderObject.cpp:

(WebCore::AccessibilityRenderObject::textUnderElement const):
Instead of asserting when we try to get the text of an element in a
document that needs a style update, return an empty string.

accessibility/mac/AccessibilityObjectMac.mm:

(WebCore::shouldIgnoreGroup): Added.
(WebCore::AccessibilityObject::accessibilityPlatformIncludesObject const):

LayoutTests:

Add a test ensuring WebKit appropriately does and doesn't expose
groups with redundant accessibility text.

accessibility/mac/ignore-redundant-accessibility-text-groups-expected.txt: Added.
accessibility/mac/ignore-redundant-accessibility-text-groups.html: Added.

7:45 AM Changeset in webkit [284334] by Antti Koivisto

13 edits
2 adds in trunk

[LFC][Integration] Support background-clip:text on inline boxes
https://bugs.webkit.org/show_bug.cgi?id=231877

Reviewed by Alan Bujtas.

Source/WebCore:

Implement text mask painting.

Test: fast/inline/inline-background-clip-text.html

layout/integration/InlineIteratorBoxLegacyPath.h:

(WebCore::InlineIterator::BoxLegacyPath::firstLeafBoxForInlineBox const):
(WebCore::InlineIterator::BoxLegacyPath::lastLeafBoxForInlineBox const):

layout/integration/InlineIteratorBoxModernPath.h:

(WebCore::InlineIterator::BoxModernPath::firstLeafBoxForInlineBox const):
(WebCore::InlineIterator::BoxModernPath::lastLeafBoxForInlineBox const):
(WebCore::InlineIterator::BoxModernPath::isWithinInlineBox):

layout/integration/InlineIteratorInlineBox.cpp:

(WebCore::InlineIterator::InlineBox::firstLeafBox const):
(WebCore::InlineIterator::InlineBox::lastLeafBox const):
(WebCore::InlineIterator::InlineBox::endLeafBox const):

Add iterator support for getting leaf boxes of an inline box.

layout/integration/InlineIteratorInlineBox.h:
layout/integration/LayoutIntegrationCoverage.cpp:

(WebCore::LayoutIntegration::printReason):
(WebCore::LayoutIntegration::canUseForRenderInlineChild):

layout/integration/LayoutIntegrationCoverage.h:
rendering/RenderBoxModelObject.cpp:

(WebCore::RenderBoxModelObject::paintMaskForTextFillBox):

Paint the mask directly using TextBoxPainter instead of recursing to the general painting code.

rendering/TextBoxPainter.cpp:

(WebCore::TextBoxPainter::TextBoxPainter):

rendering/TextBoxPainter.h:

LayoutTests:

fast/inline/inline-background-clip-text-expected.html: Added.
fast/inline/inline-background-clip-text.html: Added.

Oct 16, 2021:

10:58 PM Changeset in webkit [284333] by Alan Bujtas

4 edits in trunk/Source/WebCore

[LFC][IFC] Adjust the logical right side of the line with line spanning inline boxes
https://bugs.webkit.org/show_bug.cgi?id=231862

Reviewed by Antti Koivisto.

This patch is in preparation for supporting "box-decoration-break: clone".

The line spanning inline box takes up space on the line (see line logical width)
The inline box may be getting closed on the line (do not double account for the end width, see handleInlineContent )
When we commit the inline box closing, turn the ending into just a normal run (see appendInlineBoxEnd )

layout/formattingContexts/inline/InlineLine.cpp:

(WebCore::Layout::Line::initialize):
(WebCore::Layout::Line::appendInlineBoxStart):
(WebCore::Layout::Line::appendInlineBoxEnd):
(WebCore::Layout::Line::appendTextContent):
(WebCore::Layout::Line::appendNonReplacedInlineLevelBox):
(WebCore::Layout::Line::appendLineBreak):
(WebCore::Layout::Line::appendWordBreakOpportunity):

layout/formattingContexts/inline/InlineLine.h:

(WebCore::Layout::Line::contentLogicalRight const):
(WebCore::Layout::Line::lineSpanningInlineBoxRunEnds const):
(WebCore::Layout::Line::lastRunLogicalRight const):

layout/formattingContexts/inline/InlineLineBuilder.cpp:

(WebCore::Layout::LineBuilder::handleInlineContent):
(WebCore::Layout::LineBuilder::rebuildLineForTrailingSoftHyphen):

9:52 PM Changeset in webkit [284332] by ysuzuki@apple.com

4 edits in trunk/Source/JavaScriptCore

[JSC] Use SourceID in SamplingProfiler
https://bugs.webkit.org/show_bug.cgi?id=231855

Reviewed by Mark Lam.

SamplingProfiler was still using intptr_t. We replace it with SourceID.
We also define internalSourceID and aggregatedExternalSourceID in SourceID.h.
They are special SourceID internally used in SamplingProfiler.

bytecode/SourceID.h:
runtime/SamplingProfiler.cpp:

(JSC::SamplingProfiler::StackFrame::sourceID):
(JSC::SamplingProfiler::reportTopFunctions):

runtime/SamplingProfiler.h:

9:03 PM Changeset in webkit [284331] by ddkilzer@apple.com

9 edits in trunk/Source/WebKit

[WebAuthn] Many Objective-C classes leak their instance variables
<https://webkit.org/b/231834>
<rdar://problem/84317190>

Reviewed by Brent Fulgham.

UIProcess/API/Cocoa/_WKAuthenticationExtensionsClientInputs.mm:

(-[_WKAuthenticationExtensionsClientInputs dealloc]):

UIProcess/API/Cocoa/_WKPublicKeyCredentialCreationOptions.mm:

(-[_WKPublicKeyCredentialCreationOptions dealloc]):

UIProcess/API/Cocoa/_WKPublicKeyCredentialDescriptor.mm:

(-[_WKPublicKeyCredentialDescriptor dealloc]):

UIProcess/API/Cocoa/_WKPublicKeyCredentialEntity.mm:

(-[_WKPublicKeyCredentialEntity dealloc]):

UIProcess/API/Cocoa/_WKPublicKeyCredentialParameters.mm:

(-[_WKPublicKeyCredentialParameters dealloc]):

UIProcess/API/Cocoa/_WKPublicKeyCredentialRelyingPartyEntity.mm:

(-[_WKPublicKeyCredentialRelyingPartyEntity dealloc]):

UIProcess/API/Cocoa/_WKPublicKeyCredentialRequestOptions.mm:

(-[_WKPublicKeyCredentialRequestOptions dealloc]):

UIProcess/API/Cocoa/_WKPublicKeyCredentialUserEntity.mm:

(-[_WKPublicKeyCredentialUserEntity dealloc]):

Add -dealloc methods that release instance variables.

9:00 PM Changeset in webkit [284330] by rmorisset@apple.com

91 edits
3 adds in trunk

Allow WASM to use up to 4GB
https://bugs.webkit.org/show_bug.cgi?id=229353
rdar://81603447

Reviewed by Yusuke Suzuki.

JSTests:

The big-wasm-memory/wasm-memory-requested... tests used to simply expect an OOM at 2GB.
They now expect success at 4GB, and failure at 4GB+1.
The exceptions they expect are now more specific, as previously there was a rounding issue that was causing the specific exceptions not to be thrown (resulting in the generic OOM exception later in the code).
Finally I made them only run on 64-bit platforms since we don't support typed arrays >=2GB on 32-bits, and I made them only run in one configuration since they can take a little bit of time.

I also added a few new tests, specifically checking our handling of large typed arrays, and especially of indices above INT32_MAX.

stress/big-wasm-memory-grow-no-max.js:

(test):

stress/big-wasm-memory-grow.js:

(test):

stress/big-wasm-memory.js:

(test):

stress/typed-array-always-large.js: Added.

(getArrayLength):
(getByVal):
(putByVal):
(test):

stress/typed-array-eventually-large.js: Added.

(getArrayLength):
(getByVal):
(putByVal):
(test):

stress/typed-array-large-eventually-oob.js: Added.

(getArrayLength):
(getByVal):
(putByVal):
(test):

wasm/regress/wasm-memory-requested-more-than-MAX_ARRAY_BUFFER_SIZE-2.js:
wasm/regress/wasm-memory-requested-more-than-MAX_ARRAY_BUFFER_SIZE.js:

Source/JavaScriptCore:

While increasing MAX_ARRAY_BUFFER_SIZE to 4GB was easy, it was not remotely the only thing required to get this to work:

4GB is not representable in a uint32_t, so I changed all length of ArrayBuffer/TypedArray/etc.. to being size_t.
This also required changing NewTypedArray in all of LLInt/Baseline/DFG/FTL to accept a non-int32 size.

In order to avoid performance regressions, I had to add speculation in the DFG/FTL, which now have two versions of NewTypedArray (one that takes an Int32 and one that takes a StrictInt52)

Similarly, GetArrayLength and GetTypedArrayByteOffset now can either return an Int32 or a larger number.

I also had to split them in the DFG/FTL, see GetTypedArrayLengthAsInt52 and GetTypedArrayByteOffsetAsInt52 for examples

In turns, I had to add CheckInBoundsInt52 since CheckInBounds could not accept the result of GetTypedArrayLengthAsInt52
I modified the runtime functions for GetByVal/PutByVal/DataViewGet/DataViewSet/AtomicsXXX to accept non-Int32 indices, since for {Int8/UInt8/UInt8Clamped}Array, a maximum size of 4GB implies indices > 2B.
I added a "mayBeLargeTypedArray" bit to ArrayProfile/UnlinkedArrayProfile/DFG::ArrayMode to track whether such a non-Int32 index was seen to allow proper speculation and specialization of fast paths in the DFG/FTL.

I then updated the runtime functions used by the slow paths to correctly update it.

Unfortunately I ran out of time to add all the speculations/update all the fast paths.
So the following will have to wait for a follow-up patch:

Accepting large indices in the fast path of GetByVal in the LLInt
Accepting large indices in the fast paths generated by AccessCase/PolymorphicAccess
Accepting large indices in the fast paths generated by the DFG/FTL for each of GetByVal/PutByVal/DataViewGet/DataViewSet/AtomicsXXX

The current patch is functional, it will just have dreadful performance if trying to use indices >2B in a {Int8/UInt8/UInt8Clamped}Array.

Other minor changes in this patch:

Fixed an undefined behavior in ArrayBuffer::createInternal where memcpy could be called on nullptr (the spec explicitly bans this even when length is 0)
Replaced some repetitive and error-prone bounds checking by calls to WTF::isSumSmallerThanOrEqual, which is clearer, shorter, and reuse CheckedArithmetic facilities to avoid overflow issues.
Fixed a variety of obsolete comments
Added support for branch64(RelationalCondition cond, RegisterID left, Imm64 right)

(there was already support for the same but with TrustedImm64)

Made various AbstractMacroAssembler function constexpr as part of the previous point

assembler/AbstractMacroAssembler.cpp:
assembler/AbstractMacroAssembler.h:

(JSC::AbstractMacroAssembler::TrustedImmPtr::TrustedImmPtr):
(JSC::AbstractMacroAssembler::TrustedImmPtr::asIntptr):
(JSC::AbstractMacroAssembler::TrustedImmPtr::asPtr):
(JSC::AbstractMacroAssembler::ImmPtr::ImmPtr):
(JSC::AbstractMacroAssembler::ImmPtr::asTrustedImmPtr):
(JSC::AbstractMacroAssembler::TrustedImm32::TrustedImm32):
(JSC::AbstractMacroAssembler::Imm32::Imm32):
(JSC::AbstractMacroAssembler::Imm32::asTrustedImm32 const):
(JSC::AbstractMacroAssembler::TrustedImm64::TrustedImm64):
(JSC::AbstractMacroAssembler::Imm64::Imm64):
(JSC::AbstractMacroAssembler::Imm64::asTrustedImm64 const):
(JSC::AbstractMacroAssembler::canBlind):
(JSC::AbstractMacroAssembler::shouldBlindForSpecificArch):

assembler/MacroAssembler.h:

(JSC::MacroAssembler::branch64):

assembler/MacroAssemblerARM64.h:

(JSC::MacroAssemblerARM64::shouldBlindForSpecificArch):
(JSC::MacroAssemblerARM64::branch64):

assembler/MacroAssemblerARM64E.h:

(JSC::MacroAssemblerARM64E::untagArrayPtrLength64):
(JSC::MacroAssemblerARM64E::untagArrayPtrLength32): Deleted.

assembler/MacroAssemblerX86Common.h:

(JSC::MacroAssemblerX86Common::canBlind):
(JSC::MacroAssemblerX86Common::shouldBlindForSpecificArch):

bytecode/AccessCase.cpp:

(JSC::AccessCase::needsScratchFPR const):
(JSC::AccessCase::generateWithGuard):

bytecode/ArrayProfile.h:

(JSC::ArrayProfile::setMayBeLargeTypedArray):
(JSC::ArrayProfile::mayBeLargeTypedArray const):
(JSC::UnlinkedArrayProfile::UnlinkedArrayProfile):
(JSC::UnlinkedArrayProfile::update):

dfg/DFGAbstractInterpreterInlines.h:

(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):

dfg/DFGArgumentsEliminationPhase.cpp:
dfg/DFGArrayMode.cpp:

(JSC::DFG::ArrayMode::refine const):

dfg/DFGArrayMode.h:

(JSC::DFG::ArrayMode::ArrayMode):
(JSC::DFG::ArrayMode::mayBeLargeTypedArray const):
(JSC::DFG::ArrayMode::withType const):
(JSC::DFG::ArrayMode::withSpeculation const):
(JSC::DFG::ArrayMode::withConversion const):
(JSC::DFG::ArrayMode::withTypeAndConversion const):
(JSC::DFG::ArrayMode::withArrayClassAndSpeculationAndMayBeLargeTypedArray const):
(JSC::DFG::ArrayMode::speculationFromProfile):
(JSC::DFG::ArrayMode::withSpeculationFromProfile const):
(JSC::DFG::ArrayMode::withProfile const):
(JSC::DFG::ArrayMode::operator== const):
(JSC::DFG::ArrayMode::withArrayClass const): Deleted.

dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::handleIntrinsicGetter):

dfg/DFGClobberize.h:

(JSC::DFG::clobberize):

dfg/DFGCommon.h:

(JSC::DFG::enableInt52):

dfg/DFGConstantFoldingPhase.cpp:

(JSC::DFG::ConstantFoldingPhase::foldConstants):

dfg/DFGDoesGC.cpp:

(JSC::DFG::doesGC):

dfg/DFGFixupPhase.cpp:

(JSC::DFG::FixupPhase::fixupNode):
(JSC::DFG::FixupPhase::convertToGetArrayLength):
(JSC::DFG::FixupPhase::prependGetArrayLength): Deleted.

dfg/DFGGenerationInfo.h:
dfg/DFGHeapLocation.cpp:

(WTF::printInternal):

dfg/DFGHeapLocation.h:
dfg/DFGIntegerRangeOptimizationPhase.cpp:
dfg/DFGNode.h:

(JSC::DFG::Node::hasStorageChild const):
(JSC::DFG::Node::storageChildIndex):
(JSC::DFG::Node::hasArrayMode):

dfg/DFGNodeType.h:
dfg/DFGOperations.cpp:

(JSC::DFG::putByVal):
(JSC::DFG::newTypedArrayWithSize):
(JSC::DFG::JSC_DEFINE_JIT_OPERATION):

dfg/DFGOperations.h:
dfg/DFGPredictionPropagationPhase.cpp:
dfg/DFGSSALoweringPhase.cpp:

(JSC::DFG::SSALoweringPhase::handleNode):
(JSC::DFG::SSALoweringPhase::lowerBoundsCheck):

dfg/DFGSafeToExecute.h:

(JSC::DFG::safeToExecute):

dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::jumpForTypedArrayOutOfBounds):
(JSC::DFG::SpeculativeJIT::emitTypedArrayBoundsCheck):
(JSC::DFG::SpeculativeJIT::compileGetByValOnIntTypedArray):
(JSC::DFG::SpeculativeJIT::compilePutByValForIntTypedArray):
(JSC::DFG::SpeculativeJIT::compileGetByValOnFloatTypedArray):
(JSC::DFG::SpeculativeJIT::compilePutByValForFloatTypedArray):
(JSC::DFG::SpeculativeJIT::cageTypedArrayStorage):
(JSC::DFG::SpeculativeJIT::compileGetTypedArrayByteOffset):
(JSC::DFG::SpeculativeJIT::compileGetArrayLength):
(JSC::DFG::SpeculativeJIT::compileNewTypedArrayWithSize):
(JSC::DFG::SpeculativeJIT::emitNewTypedArrayWithSizeInRegister):
(JSC::DFG::SpeculativeJIT::compileNewTypedArray):

dfg/DFGSpeculativeJIT.h:
dfg/DFGSpeculativeJIT32_64.cpp:

(JSC::DFG::SpeculativeJIT::compileGetByVal):
(JSC::DFG::SpeculativeJIT::compile):

dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::compileNewTypedArrayWithInt52Size):
(JSC::DFG::SpeculativeJIT::compileGetTypedArrayLengthAsInt52):
(JSC::DFG::SpeculativeJIT::compileGetTypedArrayByteOffsetAsInt52):
(JSC::DFG::SpeculativeJIT::compile):

dfg/DFGTypeCheckHoistingPhase.cpp:

(JSC::DFG::TypeCheckHoistingPhase::identifyRedundantStructureChecks):
(JSC::DFG::TypeCheckHoistingPhase::identifyRedundantArrayChecks):

dfg/DFGValidate.cpp:
ftl/FTLCapabilities.cpp:

(JSC::FTL::canCompile):

ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::validateAIState):
(JSC::FTL::DFG::LowerDFGToB3::compileNode):
(JSC::FTL::DFG::LowerDFGToB3::emitGetTypedArrayByteOffsetExceptSettingResult):
(JSC::FTL::DFG::LowerDFGToB3::compileGetTypedArrayByteOffset):
(JSC::FTL::DFG::LowerDFGToB3::compileGetTypedArrayByteOffsetAsInt52):
(JSC::FTL::DFG::LowerDFGToB3::compileGetArrayLength):
(JSC::FTL::DFG::LowerDFGToB3::compileGetTypedArrayLengthAsInt52):
(JSC::FTL::DFG::LowerDFGToB3::compileCheckInBoundsInt52):
(JSC::FTL::DFG::LowerDFGToB3::compilePutByVal):
(JSC::FTL::DFG::LowerDFGToB3::compileNewTypedArray):
(JSC::FTL::DFG::LowerDFGToB3::emitNewTypedArrayWithSize):
(JSC::FTL::DFG::LowerDFGToB3::compileCompareStrictEq):

ftl/FTLOutput.h:

(JSC::FTL::Output::load64NonNegative):

jit/IntrinsicEmitter.cpp:

(JSC::IntrinsicGetterAccessCase::emitIntrinsicGetter):

jit/JITOperations.cpp:

(JSC::putByVal):
(JSC::getByVal):

llint/LLIntOfflineAsmConfig.h:
llint/LLIntSlowPaths.cpp:

(JSC::LLInt::getByVal):
(JSC::LLInt::LLINT_SLOW_PATH_DECL):

llint/LowLevelInterpreter.asm:
llint/LowLevelInterpreter32_64.asm:
llint/LowLevelInterpreter64.asm:
runtime/ArrayBuffer.cpp:

(JSC::SharedArrayBufferContents::SharedArrayBufferContents):
(JSC::ArrayBufferContents::ArrayBufferContents):
(JSC::ArrayBufferContents::tryAllocate):
(JSC::ArrayBuffer::create):
(JSC::ArrayBuffer::createAdopted):
(JSC::ArrayBuffer::createFromBytes):
(JSC::ArrayBuffer::tryCreate):
(JSC::ArrayBuffer::createUninitialized):
(JSC::ArrayBuffer::tryCreateUninitialized):
(JSC::ArrayBuffer::createInternal):
(JSC::ArrayBuffer::clampValue):
(JSC::ArrayBuffer::clampIndex const):
(JSC::ArrayBuffer::sliceWithClampedIndex const):

runtime/ArrayBuffer.h:

(JSC::ArrayBufferContents::sizeInBytes const):
(JSC::ArrayBuffer::byteLength const):
(JSC::ArrayBuffer::gcSizeEstimateInBytes const):

runtime/ArrayBufferView.cpp:

(JSC::ArrayBufferView::ArrayBufferView):

runtime/ArrayBufferView.h:

(JSC::ArrayBufferView::byteOffset const):
(JSC::ArrayBufferView::byteLength const):
(JSC::ArrayBufferView::verifyByteOffsetAlignment):
(JSC::ArrayBufferView::verifySubRangeLength):
(JSC::ArrayBufferView::clampOffsetAndNumElements):
(JSC::ArrayBufferView::setImpl):
(JSC::ArrayBufferView::setRangeImpl):
(JSC::ArrayBufferView::getRangeImpl):
(JSC::ArrayBufferView::zeroRangeImpl):
(JSC::ArrayBufferView::calculateOffsetAndLength): Deleted.

runtime/AtomicsObject.cpp:
runtime/DataView.cpp:

(JSC::DataView::DataView):
(JSC::DataView::create):

runtime/DataView.h:
runtime/GenericTypedArrayView.h:
runtime/GenericTypedArrayViewInlines.h:

(JSC::GenericTypedArrayView<Adaptor>::GenericTypedArrayView):
(JSC::GenericTypedArrayView<Adaptor>::create):
(JSC::GenericTypedArrayView<Adaptor>::tryCreate):
(JSC::GenericTypedArrayView<Adaptor>::createUninitialized):
(JSC::GenericTypedArrayView<Adaptor>::tryCreateUninitialized):
(JSC::GenericTypedArrayView<Adaptor>::subarray const): Deleted.

runtime/JSArrayBufferView.cpp:

(JSC::JSArrayBufferView::ConstructionContext::ConstructionContext):
(JSC::JSArrayBufferView::byteLength const):
(JSC::JSArrayBufferView::slowDownAndWasteMemory):
(JSC::JSArrayBufferView::possiblySharedImpl):

runtime/JSArrayBufferView.h:

(JSC::JSArrayBufferView::sizeOf):
(JSC::JSArrayBufferView::ConstructionContext::length const):
(JSC::JSArrayBufferView::length const):

runtime/JSArrayBufferViewInlines.h:

(JSC::JSArrayBufferView::byteOffsetImpl):
(JSC::JSArrayBufferView::byteOffset):
(JSC::JSArrayBufferView::byteOffsetConcurrently):

runtime/JSCJSValue.h:
runtime/JSCJSValueInlines.h:

(JSC::JSValue::toIndex const):
(JSC::JSValue::toTypedArrayIndex const):

runtime/JSDataView.cpp:

(JSC::JSDataView::create):
(JSC::JSDataView::createUninitialized):
(JSC::JSDataView::set):
(JSC::JSDataView::setIndex):

runtime/JSDataView.h:
runtime/JSDataViewPrototype.cpp:

(JSC::getData):
(JSC::setData):

runtime/JSGenericTypedArrayView.h:
runtime/JSGenericTypedArrayViewConstructorInlines.h:

(JSC::constructGenericTypedArrayViewWithArguments):
(JSC::constructGenericTypedArrayViewImpl):

runtime/JSGenericTypedArrayViewInlines.h:

(JSC::JSGenericTypedArrayView<Adaptor>::create):
(JSC::JSGenericTypedArrayView<Adaptor>::createWithFastVector):
(JSC::JSGenericTypedArrayView<Adaptor>::createUninitialized):
(JSC::JSGenericTypedArrayView<Adaptor>::validateRange):
(JSC::JSGenericTypedArrayView<Adaptor>::setWithSpecificType):
(JSC::JSGenericTypedArrayView<Adaptor>::set):

runtime/JSObject.h:

(JSC::JSObject::putByIndexInline):
(JSC::JSObject::tryGetIndexQuickly const):
(JSC::JSObject::trySetIndexQuickly):
(JSC::JSObject::canSetIndexQuickly): Deleted.

runtime/JSObjectInlines.h:

(JSC::JSObject::getIndexQuicklyForTypedArray const):
(JSC::JSObject::setIndexQuicklyForArrayStorageIndexingType):
(JSC::JSObject::trySetIndexQuicklyForTypedArray):
(JSC::JSObject::canSetIndexQuicklyForTypedArray const): Deleted.

runtime/Operations.h:

(JSC::getByValWithIndex):

wasm/WasmPageCount.h:

Source/WebCore:

Some parts of WebCore use TypedArrays, and would not build after I made the length() function on typed arrays return UCPURegister instead of uint32_t.
Most fixes were trivial, the only exception is SerializedScriptValue.cpp, where I had to increment the version number, as ArrayBuffer (and ArrayBufferViews) now write/read their length in a 64-bit field (and same for the byteOffset of ArrayBufferView).

I also had to add a test in PixelBuffer.cpp that the size of the ArrayBuffer it will try to allocate is < INT32_MAX.
Otherwise, the test LayoutTests/fast/shapes/shape-outside-floats/shape-outside-imagedata-overflow.html which checks that very large images are properly rejected without crashing, would timeout.

No new tests, as the code is already extensively covered by existing tests, and I implemented no new features.

Modules/webaudio/AudioBuffer.cpp:

(WebCore::AudioBuffer::copyFromChannel):
(WebCore::AudioBuffer::copyToChannel):

Modules/webaudio/RealtimeAnalyser.cpp:

(WebCore::RealtimeAnalyser::getByteFrequencyData):
(WebCore::RealtimeAnalyser::getFloatTimeDomainData):
(WebCore::RealtimeAnalyser::getByteTimeDomainData):

bindings/js/SerializedScriptValue.cpp:

(WebCore::CloneSerializer::dumpArrayBufferView):
(WebCore::CloneSerializer::dumpImageBitmap):
(WebCore::CloneSerializer::dumpIfTerminal):
(WebCore::CloneDeserializer::readArrayBufferImpl):
(WebCore::CloneDeserializer::readArrayBuffer):
(WebCore::CloneDeserializer::readArrayBufferViewImpl):
(WebCore::CloneDeserializer::readArrayBufferView):

bindings/js/SerializedScriptValue.h:

(WebCore::SerializedScriptValue::encode const):
(WebCore::SerializedScriptValue::decode):

fileapi/NetworkSendQueue.cpp:

(WebCore::NetworkSendQueue::enqueue):

platform/graphics/PixelBuffer.cpp:

(WebCore::PixelBuffer::tryCreate):

platform/graphics/iso/ISOBox.h:

Source/WTF:

Made some of CheckedArithmetic constexpr, and added isSumSmallerThanOrEqual since it is a commonly used test in ArrayBuffer and easy to get wrong in terms of overflow.

wtf/CheckedArithmetic.h:

(WTF::isInBounds):
(WTF::convertSafely):
(WTF::isSumSmallerThanOrEqual):

LayoutTests:

Rebaselined three following tests as different or fewer error messages appear on the console.
Also changed currentVersion in serialized-script-value.html from 9 to 10.

fast/canvas/canvas-getImageData-invalid-result-buffer-crash-expected.txt:
fast/storage/serialized-script-value.html:
webaudio/OfflineAudioContext-bad-buffer-crash-expected.txt:
webaudio/OfflineAudioContext/bad-buffer-length-expected.txt:

8:58 PM Changeset in webkit [284329] by ddkilzer@apple.com

3 edits in trunk/Source/WebKit

_WKRemoteWebInspectorViewController leaks an instance variable and should use a weak delegate
<https://webkit.org/b/231830>
<rdar://problem/84316056>

Reviewed by Brent Fulgham.

UIProcess/API/Cocoa/_WKRemoteWebInspectorViewController.h:
Use a weak reference for the delegate.
UIProcess/API/Cocoa/_WKRemoteWebInspectorViewController.mm:

(-[_WKRemoteWebInspectorViewController dealloc]): Add.

Fix leak by releasing _configuration instance variable.

4:41 PM Changeset in webkit [284328] by timothy_horton@apple.com

2 edits in trunk/LayoutTests

Unreviewed, revert r284181

No longer needed because the root cause was reverted.

platform/mac-wk2/TestExpectations:

4:36 PM Changeset in webkit [284327] by Alan Bujtas

4 edits
2 adds in trunk

[LFC][IFC] Adjust the logical left side of the line with line spanning inline boxes
https://bugs.webkit.org/show_bug.cgi?id=231851

Reviewed by Antti Koivisto.

Source/WebCore:

This is in preparation for supporting "box-decoration-break: clone", where the
line spanning inline boxes do take up some space on the line with their horizontal margin, border and padding.

Test: fast/inline/inline-box-with-left-decoration-clone.html

layout/formattingContexts/inline/InlineLine.cpp:

(WebCore::Layout::Line::initialize):
(WebCore::Layout::Line::Run::Run):

layout/formattingContexts/inline/InlineLine.h:

LayoutTests:

fast/inline/inline-box-with-left-decoration-clone-expected.html: Added.
fast/inline/inline-box-with-left-decoration-clone.html: Added.

4:35 PM Changeset in webkit [284326] by timothy_horton@apple.com

8 edits
2 deletes in trunk/Source

Unreviewed, reverting r284143.

Caused a series of assertions in layout tests in EWS

Reverted changeset:

"Scroll To Text Fragment directive parsing"
https://bugs.webkit.org/show_bug.cgi?id=231410
https://commits.webkit.org/r284143

3:32 PM Changeset in webkit [284325] by timothy_horton@apple.com

2 edits in trunk/Source/WebKit

WebKit ignores inherited GCC_PREPROCESSOR_DEFINITIONS
https://bugs.webkit.org/show_bug.cgi?id=231867

Reviewed by Sam Weinig.

Configurations/BaseTarget.xcconfig:

Add a $(inherited) here like in every other project, so that we don't
just drop defines that come from above.

3:18 PM Changeset in webkit [284324] by commit-queue@webkit.org

2 edits in trunk

Add github username for tetsuharuohzeki to contributors.json
https://bugs.webkit.org/show_bug.cgi?id=231864

Patch by Tetsuharu Ohzeki <Tetsuharu Ohzeki> on 2021-10-16
Reviewed by Fujii Hironori.

metadata/contributors.json:

2:14 PM Changeset in webkit [284323] by Alan Bujtas

9 edits in trunk/Source/WebCore

[LFC][IFC] Add "line spanning line box start items" to Line
https://bugs.webkit.org/show_bug.cgi?id=231551

Reviewed by Antti Koivisto.

This patch is in preparation for supporting box-decoration-break: clone, where the line spanning
inline boxes may take up space on the line (border/padding).
This patch moves the construction of the spanning inline boxes to an earlier step, from LineBox to Line.

layout/formattingContexts/inline/InlineLineBuilder.cpp:

(WebCore::Layout::LineBuilder::initialize):

1:32 PM Changeset in webkit [284322] by Simon Fraser

4 edits in trunk

Page zoom is messed up after navigating back from a PDF
https://bugs.webkit.org/show_bug.cgi?id=231841
<rdar://72666365>

Reviewed by Tim Horton.

Source/WebKit:

A navigation back from a PDF is a FrameLoadType::Back, so resetting
m_mainFramePluginHandlesPageScaleGesture only for FrameLoadType::Standard is wrong.

For all navigations, the plugins seem to call
pluginScaleFactorDidChange/pluginZoomFactorDidChange/
mainFramePluginHandlesPageScaleGestureDidChange so it's safe to reset them for all
navigation types.

UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::didCommitLoadForFrame):

Tools:

TestWebKitAPI/Tests/WebKitCocoa/PageZoom.mm:

(TestWebKitAPI::TEST):

1:16 PM Changeset in webkit [284321] by commit-queue@webkit.org

2 edits in trunk/Source/WebKit

Unreviewed, reverting r284300.
https://bugs.webkit.org/show_bug.cgi?id=231866

broke-apple-silicon-performance

Reverted changeset:

"[macOS] Add telemetry for system calls in WP"
https://bugs.webkit.org/show_bug.cgi?id=231836
https://commits.webkit.org/r284300

11:37 AM Changeset in webkit [284320] by Russell Epstein

16 edits in branches/safari-612-branch

Revert "Apply patch. rdar://problem/83953730"

This reverts commit ee910ccd94f646fb5f318a78cfd6910432830a1e.

11:16 AM Changeset in webkit [284319] by ddkilzer@apple.com

2 edits in trunk/Source/WebKit

WebKit::LocalConnection::createCredentialPrivateKey leaks an NSMutableDictionary
<https://webkit.org/b/231814>
<rdar://problem/84307054>

Reviewed by Kate Cheney.

UIProcess/WebAuthentication/Cocoa/LocalConnection.mm:

(WebKit::LocalConnection::createCredentialPrivateKey const):

Use RetainPtr<> and adoptNS to fix the leak.

10:16 AM Changeset in webkit [284318] by Alan Bujtas

3 edits in trunk/LayoutTests

Undo some rebaseline in r284296.

Unreviewed.

platform/mac-bigsur/fast/text/capitalize-boundaries-expected.txt:
platform/mac-catalina/fast/text/capitalize-boundaries-expected.txt:

9:14 AM Changeset in webkit [284317] by Alan Bujtas

4 edits in trunk/Source/WebCore

[LFC][IFC] Move overflowing content creation to LineBuilder::initialize
https://bugs.webkit.org/show_bug.cgi?id=231540

Reviewed by Antti Koivisto.

LineBuilder::initialize is going to handle all overflowing content initialization.
This is in preparation for adding spanning inline box items to the line (to support box-decoration-break: clone).

layout/formattingContexts/inline/InlineLineBuilder.cpp:

(WebCore::Layout::LineBuilder::layoutInlineContent):
(WebCore::Layout::LineBuilder::computedIntrinsicWidth):
(WebCore::Layout::LineBuilder::initialize):
(WebCore::Layout::LineBuilder::placeInlineContent):
(WebCore::Layout::LineBuilder::candidateContentForLine):

layout/formattingContexts/inline/InlineLineBuilder.h:
layout/formattingContexts/inline/InlineTextItem.h:

(WebCore::Layout::InlineTextItem::right const):

7:55 AM Changeset in webkit [284316] by Angelos Oikonomopoulos

2 edits in trunk

Add my github username to contributors.json
https://bugs.webkit.org/show_bug.cgi?id=231861

Unreviewed.

metadata/contributors.json:

5:39 AM Changeset in webkit [284315] by Antti Koivisto

7 edits in trunk/Source/WebCore

Use inline iterator for SVG reverse BiDI reordering
https://bugs.webkit.org/show_bug.cgi?id=231858

Reviewed by Alan Bujtas.

Share code.

layout/integration/InlineIteratorLogicalOrderTraversal.cpp:

(WebCore::InlineIterator::makeLineLogicalOrderCache):
(WebCore::InlineIterator::nextLeafOnLineInLogicalOrder):
(WebCore::InlineIterator::previousLeafOnLineInLogicalOrder):

No need to test for the cache, it is always there.

layout/integration/InlineIteratorLogicalOrderTraversal.h:

(WebCore::InlineIterator::leafBoxesInLogicalOrder):

Make template and move to header.

rendering/LegacyInlineFlowBox.cpp:

(WebCore::LegacyInlineFlowBox::collectLeafBoxesInLogicalOrder const): Deleted.

Not needed anymore.

rendering/LegacyInlineFlowBox.h:
rendering/svg/SVGRootInlineBox.cpp:

(WebCore::SVGRootInlineBox::computePerCharacterLayoutInformation):
(WebCore::reverseInlineBoxRangeAndValueListsIfNeeded):
(WebCore::SVGRootInlineBox::reorderValueListsToLogicalOrder):
(WebCore::SVGRootInlineBox::reorderValueLists): Deleted.

Call the generic version.

rendering/svg/SVGRootInlineBox.h:

3:35 AM Changeset in webkit [284314] by Simon Fraser

3 edits
2 adds in trunk

Make sure child layers of top layer elements are rendered and correctly z-ordered (top-layer-stacking.html fails)
https://bugs.webkit.org/show_bug.cgi?id=231832

Reviewed by Antoine Quint.
Source/WebCore:

Top layer elements should create CSS stacking context, per https://fullscreen.spec.whatwg.org/#rendering

I decided to call isInTopLayerOrBackdrop() twice to avoid calling it every time this function
is called. It's a cheap function.

Test: fast/layers/dialog-is-stacking-context.html

style/StyleAdjuster.cpp:

(WebCore::Style::Adjuster::adjust const):

LayoutTests:

Ref test that compares a dialog with positioned children and one with children place
with margins.

fast/layers/dialog-is-stacking-context-expected.html: Added.
fast/layers/dialog-is-stacking-context.html: Added.

3:22 AM Changeset in webkit [284313] by graouts@webkit.org

6 edits in trunk

Accelerated animations on ::backdrop shouldn't affect <dialog> (backdrop-animate-002.html fails)
https://bugs.webkit.org/show_bug.cgi?id=230008
<rdar://problem/82975766>

Reviewed by Simon Fraser and Tim Nguyen.

Source/WebCore:

We did not know how to access the ::backdrop renderer when running accelerated animations. To do so we now
implement full support to access the renderer for known pseudo-elements on Styleable with a new renderer()
method, including ::backdrop. We also make Styleable::fromRenderer() aware of ::backdrop such that the various
call sites for this function that deal with accelerated transform animations access the right element.

animation/KeyframeEffect.cpp:

(WebCore::KeyframeEffect::renderer const):

style/Styleable.cpp:

(WebCore::Styleable::fromRenderer):
(WebCore::Styleable::renderer const):

style/Styleable.h:

(WebCore::Styleable::fromRenderer): Deleted.

LayoutTests:

TestExpectations: Mark the previously failing test as passing.

3:16 AM Changeset in webkit [284312] by graouts@webkit.org

8 edits
2 adds in trunk

CSS Animations creation and sorting is incorrect and may lead to crash
https://bugs.webkit.org/show_bug.cgi?id=231812
<rdar://problem/82980774>

Reviewed by Dean Jackson.

LayoutTests/imported/w3c:

Mark two progressions in a test that now passes entirely.

web-platform-tests/css/css-animations/Element-getAnimations-dynamic-changes.tentative-expected.txt:

Source/WebCore:

When we parse CSS properties related to CSS Animations, we create as many Animation objects as the maximum number
of values in one of the CSS Animations properties. These Animation objects are stored in an AnimationList which
is owned by RenderStyle and that we use to store all provided values such that they can be read back through the
computed style.

Upon finishing parsing those CSS properties, RenderStyle::adjustAnimations() is called and does two things that
were not quite correct.

First, it would attempt to remove animations that were in fact created for no good reason using the
Animation::isEmpty() method. That method was not quite right as it was only checking if the animation
name wasn't set but not whether the animation was explicitly marked as a "none" animation. This meant
that "none" animations could be considered as bogus animations and any animations after that one would
be mistakenly cleared.

Second, it would finish process the list of remaning animations by making sure that mis-matched CSS properties,
for instance three values for animation-duration and four values for animation-name, would be correctly represented
throughout the Animation objects. However, the function performing this work, AnimationList::fillUnsetProperties(),
used to reset the animation's name in case it wasn't explicitly set, which meant that Animation objects that did not
have a matching animation-name would end up with a valid one. This meant that further down the line, in
Styleable::updateCSSAnimations(), we couldn't distinguish Animation objects that were created without a
matching animation-name and discard those.

We've fixed those incorrect behaviors and we now have the expected number of animations created resulting in an additional
WPT PASS result.

Additionally, this also showed some issues around sorting CSS Animations in compareCSSAnimations() where we weren't
making a pointer comparison. This is now fixed and we now pass another WPT PASS result.

Test: webanimations/css-animation-sorting-crash.html

animation/WebAnimationUtilities.cpp:

(WebCore::compareCSSAnimations):

platform/animation/Animation.h:

(WebCore::Animation::isEmpty const):

platform/animation/AnimationList.cpp:

(WebCore::AnimationList::fillUnsetProperties):

LayoutTests:

Add a new test that used to crash before the source change.

animations/animation-remove-element-crash.html: Remove a line that was now a failure since only a

single animation should be created.

webanimations/css-animation-sorting-crash-expected.txt: Added.
webanimations/css-animation-sorting-crash.html: Added.

2:07 AM Changeset in webkit [284311] by Lauro Moura

2 edits in trunk/Source/WebKit

[GTK4] Update signal name to monitor window resize
https://bugs.webkit.org/show_bug.cgi?id=231854

Reviewed by Carlos Garcia Campos.

Using size-changed (previous signal name) makes the MiniBrowser crash
running the WebDriver tests.

The signal name was changed in
https://gitlab.gnome.org/GNOME/gtk/-/commit/b7380543449ea679a2c912b66aab4855b2bb41f2,
as part of GTK 3.99.5.

Covered by existing tests.

UIProcess/API/glib/WebKitUIClient.cpp:

1:22 AM Changeset in webkit [284310] by caitp@igalia.com

2 edits in trunk

Add github username for myself
https://bugs.webkit.org/show_bug.cgi?id=231857

Reviewed by Yusuke Suzuki.

metadata/contributors.json:

12:58 AM Changeset in webkit [284309] by commit-queue@webkit.org

2 edits in trunk/Source/bmalloc

Unreviewed, reverting r284305.
https://bugs.webkit.org/show_bug.cgi?id=231859

webaudio-tests

Reverted changeset:

"[libpas] Enable libpas on macOS"
https://bugs.webkit.org/show_bug.cgi?id=231815
https://commits.webkit.org/r284305

Oct 15, 2021:

11:14 PM Changeset in webkit [284308] by Russell Epstein

37 edits
10 copies
2 adds in branches/safari-612-branch

Apply patch rdar://83952929

11:02 PM Changeset in webkit [284307] by Russell Epstein

16 edits in branches/safari-612-branch

Apply patch. rdar://problem/83953730

10:31 PM Changeset in webkit [284306] by basuke.suzuki@sony.com

9 edits in trunk

Add flag to turn off Iso heap
https://bugs.webkit.org/show_bug.cgi?id=231823

Reviewed by Yusuke Suzuki.

Added USE_ISO_MALLOC feature flags which is on by default for most platforms.

Source/cmake/OptionsPlayStation.cmake:
Source/cmake/WebKitFeatures.cmake:

Source/WTF:

If this flag is off, then all allocations are replaced with FastMalloc.

wtf/IsoMalloc.h:
wtf/IsoMallocInlines.h:
wtf/PlatformUse.h:

Tools:

Added --(no-)iso-malloc feature flag for cmake build.

Scripts/webkitperl/FeatureList.pm:

9:38 PM Changeset in webkit [284305] by ysuzuki@apple.com

2 edits in trunk/Source/bmalloc

[libpas] Enable libpas on macOS
https://bugs.webkit.org/show_bug.cgi?id=231815

Reviewed by Saam Barati.

Enabling libpas on x64 macOS. Previously, we enabled it only on AppleSilicon.
This helps stressing libpas on fuzzers more. And it offers large performance
improvement.

Speedometer2 is 2.1% improved on low-end macOS (MBA8,2) and 1.7% improved on high-end macOS (MBP14,1).
JetStream2 is neutral on both.

bmalloc/BPlatform.h:

9:11 PM Changeset in webkit [284304] by achristensen@apple.com

6 edits in trunk

Start using adattributiond on iOS
https://bugs.webkit.org/show_bug.cgi?id=231829

Reviewed by Brady Eidson.

Source/WebKit:

This makes one small change to use adattributiond on iOS by default instead of the network process.
The rest of this patch is to keep the tests doing what they used to.

UIProcess/API/C/WKWebsiteDataStoreConfigurationRef.cpp:

(WKWebsiteDataStoreConfigurationCopyPCMMachServiceName):
(WKWebsiteDataStoreConfigurationSetPCMMachServiceName):

UIProcess/API/C/WKWebsiteDataStoreConfigurationRef.h:
UIProcess/WebsiteData/WebsiteDataStoreConfiguration.cpp:

(WebKit::WebsiteDataStoreConfiguration::WebsiteDataStoreConfiguration):

Tools:

TestWebKitAPI/Tests/WebKitCocoa/EventAttribution.mm:

(TestWebKitAPI::configurationWithoutUsingDaemon):
(TestWebKitAPI::webViewWithoutUsingDaemon):
(TestWebKitAPI::runBasicPCMTest):
(TestWebKitAPI::TEST):

TestWebKitAPI/Tests/WebKitCocoa/PrivateClickMeasurement.mm:

(webViewWithResourceLoadStatisticsEnabledInNetworkProcess):

WebKitTestRunner/TestController.cpp:

(WTR::TestController::configureWebsiteDataStoreTemporaryDirectories):

8:17 PM Changeset in webkit [284303] by Antti Koivisto

16 edits in trunk

[LFC][Integration] Enable inline boxes with borders
https://bugs.webkit.org/show_bug.cgi?id=231562

Reviewed by Alan Bujtas.

Source/WebCore:

layout/integration/LayoutIntegrationCoverage.cpp:

(WebCore::LayoutIntegration::printReason):
(WebCore::LayoutIntegration::canUseForRenderInlineChild):

layout/integration/LayoutIntegrationCoverage.h:

LayoutTests:

fast/css/pseudo-first-line-border-width-expected.txt:
fast/text/apply-start-width-after-skipped-text-expected.txt:
platform/ios/fast/borders/border-image-outset-split-inline-expected.txt:
platform/ios/fast/css/pseudo-first-line-border-width-expected.txt:
platform/mac/fast/borders/border-image-outset-split-inline-expected.txt:
platform/mac/fast/text/basic/015-expected.txt:

8:03 PM Changeset in webkit [284302] by Simon Fraser

4 edits in trunk/Source/WebCore

Rename some keyboard-scrolling-related functions on ScrollingEffectsController for clarity
https://bugs.webkit.org/show_bug.cgi?id=231842

Reviewed by Beth Dakin.

Rename beginKeyboardScrolling/stopKeyboardScrolling to willBegin and didStop to make
it clear that they are responding to KeyboardScrollingAnimator state changes.

Add the imperative ScrollingEffectsController::stopKeyboardScrolling() which will get
hooked up soon.

platform/KeyboardScrollingAnimator.cpp:

(WebCore::KeyboardScrollingAnimator::updateKeyboardScrollPosition):
(WebCore::KeyboardScrollingAnimator::beginKeyboardScrollGesture):

platform/ScrollingEffectsController.cpp:

(WebCore::ScrollingEffectsController::willBeginKeyboardScrolling):
(WebCore::ScrollingEffectsController::didStopKeyboardScrolling):
(WebCore::ScrollingEffectsController::stopKeyboardScrolling):
(WebCore::ScrollingEffectsController::beginKeyboardScrolling): Deleted.

platform/ScrollingEffectsController.h:

7:59 PM Changeset in webkit [284301] by achristensen@apple.com

13 edits in trunk

Use attributedBundleIdentifier instead of applicationBundleIdentifier when present for handling PCM attribution
https://bugs.webkit.org/show_bug.cgi?id=231827

Reviewed by Brady Eidson.

Source/WebKit:

This is the same identifier that SafariViewController uses in _setEphemeralUIEventAttribution:forApplicationWithBundleID:
If we don't do this, then SafariViewController looks in the database for PCMs from com.apple.SafariViewService and doesn't find any and doesn't send any reports.

NetworkProcess/NetworkDataTask.cpp:

(WebKit::NetworkDataTask::attributedBundleIdentifier):

NetworkProcess/NetworkDataTask.h:
NetworkProcess/NetworkLoad.cpp:

(WebKit::NetworkLoad::attributedBundleIdentifier):

NetworkProcess/NetworkLoad.h:
NetworkProcess/NetworkResourceLoader.cpp:

(WebKit::NetworkResourceLoader::continueWillSendRedirectedRequest):

NetworkProcess/NetworkResourceLoader.h:
NetworkProcess/NetworkSession.cpp:

(WebKit::NetworkSession::handlePrivateClickMeasurementConversion):

NetworkProcess/NetworkSession.h:
UIProcess/API/Cocoa/WKWebViewPrivateForTesting.h:
UIProcess/API/Cocoa/WKWebViewTesting.mm:

(-[WKWebView _addEventAttributionWithSourceID:destinationURL:sourceDescription:purchaser:reportEndpoint:optionalNonce:applicationBundleID:ephemeral:]):
(-[WKWebView _addEventAttributionWithSourceID:destinationURL:sourceDescription:purchaser:reportEndpoint:optionalNonce:applicationBundleID:]): Deleted.

Tools:

TestWebKitAPI/Tests/WebKitCocoa/EventAttribution.mm:

(TestWebKitAPI::runBasicPCMTest):
(TestWebKitAPI::TEST):

6:43 PM Changeset in webkit [284300] by pvollan@apple.com

2 edits in trunk/Source/WebKit

[macOS] Add telemetry for system calls in WP
https://bugs.webkit.org/show_bug.cgi?id=231836
<rdar://problem/84317842>

Reviewed by Brent Fulgham.

Add telemetry for system calls in WP to understand in which context they are being used.

WebProcess/com.apple.WebProcess.sb.in:

5:49 PM Changeset in webkit [284299] by commit-queue@webkit.org

4 edits
2 deletes in trunk

Unreviewed, reverting r284245.
https://bugs.webkit.org/show_bug.cgi?id=231848

Caused

Reverted changeset:

"AX: WebKit should not expose redundant AXGroups with missing
role when the label is the same as the contents"
https://bugs.webkit.org/show_bug.cgi?id=169924
https://commits.webkit.org/r284245

5:44 PM Changeset in webkit [284298] by Ross Kirsling

20 edits in trunk

Realize Mac CMake build of WebCore and WebKit
https://bugs.webkit.org/show_bug.cgi?id=231749

Reviewed by Alex Christensen.

Source/cmake/OptionsMac.cmake:
Source/cmake/WebKitMacros.cmake:

Source/JavaScriptCore:

PlatformMac.cmake:
shell/PlatformMac.cmake:

Source/ThirdParty/ANGLE:

Compiler.cmake:

Source/WebCore:

CMakeLists.txt:
PlatformMac.cmake:

Source/WebCore/PAL:

pal/PlatformMac.cmake:

Source/WebKit:

CMakeLists.txt:
PlatformMac.cmake:

Source/WTF:

wtf/PlatformMac.cmake:

Tools:

PlatformMac.cmake:

5:44 PM Changeset in webkit [284297] by Robert Jenner

2 edits in trunk/LayoutTests

REBASELINE: fast/text/capitalize-boundaries.html is a constant text failure
https://bugs.webkit.org/show_bug.cgi?id=228200

Uneviewed tes gardening/Removal of no longer needed expectation.

platform/ios-wk2/TestExpectations:

5:39 PM Changeset in webkit [284296] by Robert Jenner

5 edits in trunk/LayoutTests

REBASELINE: fast/text/capitalize-boundaries.html is a constant text failure
https://bugs.webkit.org/show_bug.cgi?id=228200

Unreviewed test gardening/rebase.

platform/ios-wk2/fast/text/capitalize-boundaries-expected.txt:
platform/mac-bigsur/fast/text/capitalize-boundaries-expected.txt:
platform/mac-catalina/fast/text/capitalize-boundaries-expected.txt:
platform/mac/fast/text/capitalize-boundaries-expected.png: Added.
platform/mac/fast/text/capitalize-boundaries-expected.txt:

5:34 PM Changeset in webkit [284295] by eric.carlson@apple.com

22 edits
2 moves
4 adds in trunk/Source

[iOS] Support getDisplayMedia
https://bugs.webkit.org/show_bug.cgi?id=231455
<rdar://problem/84044495>

Reviewed by Youenn Fablet and Jer Noble.

Source/WebCore:

Implement screen capture for iOS using ReplayKit. ReplayKit only captures when the
host application is in the foreground, so the MediaStream track is muted when the
app is backgrounded.

getDisplayMedia availability to JavaScript is controlled by the ScreenCaptureEnabled
setting, which is disabled by default on iOS.

I haven't figured out how to test this automatically yet because ReplayKit always
shows its own modal user prompt before it allows capture to begin.

SourcesCocoa.txt: Add ReplayKitCaptureSource.mm. Rename DisplayCaptureSourceMac.cpp

to DisplayCaptureSourceCocoa.cpp.

WebCore.xcodeproj/project.pbxproj: Add new files.

en.lproj/Localizable.strings: Add localizable strings for getDisplayMedia prompt.

platform/graphics/cv/ImageTransferSessionVT.h:
platform/graphics/cv/ImageTransferSessionVT.mm:

(WebCore::ImageTransferSessionVT::convertCMSampleBuffer): Add an optional MediaTime parameter.
(WebCore::ImageTransferSessionVT::createMediaSample): Add a MediaTime parameter.

platform/mediastream/ios/ReplayKitCaptureSource.h: Added.
platform/mediastream/ios/ReplayKitCaptureSource.mm: Added.

(-[WebCoreReplayKitScreenRecorderHelper initWithCallback:]):
(-[WebCoreReplayKitScreenRecorderHelper disconnect]):
(-[WebCoreReplayKitScreenRecorderHelper observeValueForKeyPath:ofObject:change:context:]):
(WebCore::ReplayKitCaptureSource::isAvailable): Check ReplayKit availability.
(WebCore::ReplayKitCaptureSource::create):
(WebCore::ReplayKitCaptureSource::ReplayKitCaptureSource):
(WebCore::ReplayKitCaptureSource::~ReplayKitCaptureSource):
(WebCore::ReplayKitCaptureSource::start): Start screen capture only.
(WebCore::ReplayKitCaptureSource::screenRecorderDidOutputVideoSample): Retain the
the new frame, set intrinsic size to the image size.
(WebCore::ReplayKitCaptureSource::captureStateDidChange): Update observer if interruption
state or recorder state changes so it can update the track's 'muted' state.
(WebCore::ReplayKitCaptureSource::stop): Stop capture.
(WebCore::ReplayKitCaptureSource::generateFrame):
(WebCore::ReplayKitCaptureSource::verifyCaptureIsActive): ReplayKit doesn't notify
when capture is paused, so watch for changes by monitoring the frame count.
(WebCore::ReplayKitCaptureSource::startCaptureWatchdogTimer): Start the timer that
will monitor for capture pausing/resuming.
(WebCore::screenDeviceUUID):
(WebCore::screenDevice):
(WebCore::ReplayKitCaptureSource::screenCaptureDeviceWithPersistentID):
(WebCore::ReplayKitCaptureSource::screenCaptureDevices):

platform/mediastream/mac/CGDisplayStreamCaptureSource.cpp:

(WebCore::CGDisplayStreamCaptureSource::generateFrame): DisplayCaptureSourceMac was
renamed DisplayCaptureSourceCocoa.
(WebCore::CGDisplayStreamCaptureSource::newFrame): Take a RetainPtr<IOSurfaceRef>
instead of a DisplaySurface.
(WebCore::CGDisplayStreamCaptureSource::frameAvailableHandler): Ditto.

platform/mediastream/mac/CGDisplayStreamCaptureSource.h:

(WebCore::CGDisplayStreamCaptureSource::DisplaySurface::DisplaySurface): Deleted.
(WebCore::CGDisplayStreamCaptureSource::DisplaySurface::~DisplaySurface): Deleted.
(WebCore::CGDisplayStreamCaptureSource::DisplaySurface::operator=): Deleted.
(WebCore::CGDisplayStreamCaptureSource::DisplaySurface::ioSurface const): Deleted.

platform/mediastream/mac/CGDisplayStreamScreenCaptureSource.h:
platform/mediastream/mac/CGDisplayStreamScreenCaptureSource.mm:

(WebCore::CGDisplayStreamScreenCaptureSource::create): DisplayCaptureSourceMac was
renamed DisplayCaptureSourceCocoa.

platform/mediastream/mac/DisplayCaptureManagerCocoa.cpp:

(WebCore::DisplayCaptureManagerCocoa::updateDisplayCaptureDevices): Use
ReplayKitCaptureSource on iOS.

platform/mediastream/mac/DisplayCaptureSourceCocoa.cpp: Renamed from Source/WebCore/platform/mediastream/mac/DisplayCaptureSourceMac.cpp.

(WebCore::DisplayCaptureSourceCocoa::create):
(WebCore::DisplayCaptureSourceCocoa::DisplayCaptureSourceCocoa):
(WebCore::DisplayCaptureSourceCocoa::~DisplayCaptureSourceCocoa):
(WebCore::DisplayCaptureSourceCocoa::capabilities):
(WebCore::DisplayCaptureSourceCocoa::settings):
(WebCore::DisplayCaptureSourceCocoa::settingsDidChange):
(WebCore::DisplayCaptureSourceCocoa::startProducingData):
(WebCore::DisplayCaptureSourceCocoa::stopProducingData):
(WebCore::DisplayCaptureSourceCocoa::elapsedTime):
(WebCore::DisplayCaptureSourceCocoa::updateFrameSize):
(WebCore::DisplayCaptureSourceCocoa::emitFrame): Support capturer returning a CMSampleBuffer.
(WebCore::DisplayCaptureSourceCocoa::setLogger):
(WebCore::DisplayCaptureSourceCocoa::Capturer::setLogger): Set the capturer's logger.
(WebCore::DisplayCaptureSourceCocoa::Capturer::logChannel const):
(WebCore::DisplayCaptureSourceCocoa::Capturer::Observer::~Observer):
(WebCore::DisplayCaptureSourceCocoa::Capturer::setObserver):
(WebCore::DisplayCaptureSourceCocoa::Capturer::capturerIsRunningChanged):

platform/mediastream/mac/DisplayCaptureSourceCocoa.h: Renamed from Source/WebCore/platform/mediastream/mac/DisplayCaptureSourceMac.h.

platform/mediastream/mac/RealtimeMediaSourceCenterMac.cpp:

(WebCore::DisplayCaptureSourceFactoryMac::createDisplayCaptureSource): DisplayCaptureSourceMac
renamed to DisplayCaptureSourceCocoa.

platform/mock/MockRealtimeMediaSourceCenter.cpp:

(WebCore::MockDisplayCapturer::generateFrame): Ditto.

Source/WebCore/PAL:

PAL.xcodeproj/project.pbxproj:
pal/ios/ReplayKitSoftLink.h: Added.
pal/ios/ReplayKitSoftLink.mm: Added.

Source/WebKit:

UIProcess/Cocoa/MediaPermissionUtilities.mm:

(WebKit::alertMessageText): Add text for default screen capture prompt.
(WebKit::allowButtonText): Ditto.
(WebKit::doNotAllowButtonText): Ditto.

UIProcess/Cocoa/UIDelegate.mm:

(WebKit::UIDelegate::UIClient::decidePolicyForUserMediaPermissionRequest): Call
default getDisplayMedia prompt if the delegate doesn't implement the private
prompt selector.

UIProcess/MediaPermissionUtilities.h:
UIProcess/UserMediaPermissionRequestProxy.cpp:

(WebKit::UserMediaPermissionRequestProxy::promptForGetDisplayMedia): New default
getDisplayMedia prompt.
(WebKit::UserMediaPermissionRequestProxy::promptForGetUserMedia):
(WebKit::UserMediaPermissionRequestProxy::doDefaultAction): Call promptForGetDisplayMedia
or promptForGetUserMedia according to the request type.
(WebKit::UserMediaPermissionRequestProxy::canPromptForGetDisplayMedia):
(WebKit::UserMediaPermissionRequestProxy::prompt): Deleted.

UIProcess/UserMediaPermissionRequestProxy.h:

(WebKit::UserMediaPermissionRequestProxy::doDefaultAction): Deleted.

5:00 PM Changeset in webkit [284294] by jer.noble@apple.com

5 edits in trunk/Source/WebKit

[iOS] Screen Sharing doesn't switch to AirPlay when <video> enters fullscreen mode
https://bugs.webkit.org/show_bug.cgi?id=231807
<rdar://82995799>

Reviewed by Eric Carlson.

WebKit will allow AVPlayer to switch to AirPlay Video mode from Screen Sharing when a
<video> element is in fullscreen mode. However, the fullscreen state this code depends on
is not stored in the GPU process.

Implement RemoteMediaPlayerProxy::mediaPlayerFullscreenMode()
and ::mediaPlayerIsVideoFullscreenStandby().

GPUProcess/media/RemoteMediaPlayerProxy.cpp:

(WebKit::RemoteMediaPlayerProxy::setVideoFullscreenMode):
(WebKit::RemoteMediaPlayerProxy::videoFullscreenStandbyChanged):
(WebKit::RemoteMediaPlayerProxy::mediaPlayerFullscreenMode const):
(WebKit::RemoteMediaPlayerProxy::mediaPlayerIsVideoFullscreenStandby const):

GPUProcess/media/RemoteMediaPlayerProxy.h:
GPUProcess/media/RemoteMediaPlayerProxy.messages.in:
WebProcess/GPU/media/MediaPlayerPrivateRemote.cpp:

(WebKit::MediaPlayerPrivateRemote::videoFullscreenStandbyChanged):

4:57 PM Changeset in webkit [284293] by Kyle Piddington

2 edits in trunk/Source/ThirdParty/ANGLE

REGRESSION (r283667): webgl/2.0.0/deqp/functional/gles3/lifetime.html fails
https://bugs.webkit.org/show_bug.cgi?id=231682

Transform feedback should avoid appending _u for
builtin output variables.

Reviewed by Kimmo Kinnunen.

src/libANGLE/renderer/metal/mtl_glslang_mtl_utils.mm:

(rx::mtl::GenerateTransformFeedbackVaryingOutput):

4:46 PM Changeset in webkit [284292] by Russell Epstein

8 edits in branches/safari-612-branch/Source

Apply patch. rdar://problem/83955481

4:45 PM Changeset in webkit [284291] by pvollan@apple.com

2 edits in trunk/Source/WebKit

Some canvas tests are failing
https://bugs.webkit.org/show_bug.cgi?id=231837
<rdar://problem/84318280>

Reviewed by Brent Fulgham.

To be able to receive the Launch Services database over XPC, a Network process XPC endpoint has to be sent to the
GPU process. This was being sent in GPUProcessProxy::didFinishLaunching, but since the session ID and Website data
store is not always available there, it was sometimes not being sent. Instead, send the endpoint in
GPUProcessProxy::addSession, where the Website data store is always available.

UIProcess/GPU/GPUProcessProxy.cpp:

(WebKit::GPUProcessProxy::didFinishLaunching):
(WebKit::GPUProcessProxy::addSession):

4:44 PM Changeset in webkit [284290] by Ayumi Kojima

1 edit
6 adds in trunk/LayoutTests

[ iOS 15 ] Rebaselining platform/ios/ios/fast/text/opticalFontWithWeight.html.
https://bugs.webkit.org/show_bug.cgi?id=231380

Unreviewed test gardening.

platform/ios-14/platform/ios/ios/fast/text/opticalFontWithWeight-expected.txt: Added.

4:43 PM Changeset in webkit [284289] by Russell Epstein

91 edits
13 copies
4 adds in branches/safari-612-branch

Apply patch. rdar://problem/83955868

4:37 PM Changeset in webkit [284288] by Russell Epstein

2 edits
162 adds in branches/safari-612-branch/LayoutTests/imported/w3c

Cherry-pick r281769. rdar://problem/84234711

Import file-system-access tests from WPT
https://bugs.webkit.org/show_bug.cgi?id=229593

Reviewed by Ryosuke Niwa.

resources/import-expectations.json:
web-platform-tests/file-system-access/META.yml: Added.
web-platform-tests/file-system-access/README.md: Added.
web-platform-tests/file-system-access/idlharness.https.any-expected.txt: Added.
web-platform-tests/file-system-access/idlharness.https.any.html: Added.
web-platform-tests/file-system-access/idlharness.https.any.js: Added.
web-platform-tests/file-system-access/idlharness.https.any.worker-expected.txt: Added.
web-platform-tests/file-system-access/idlharness.https.any.worker.html: Added.
web-platform-tests/file-system-access/opaque-origin.https.window-expected.txt: Added.
web-platform-tests/file-system-access/opaque-origin.https.window.html: Added.
web-platform-tests/file-system-access/opaque-origin.https.window.js: Added. (add_iframe): (async verify_does_not_exist_in_data_uri_iframe): (async verify_results_from_sandboxed_child_window):
web-platform-tests/file-system-access/resources/data/testfile.txt: Added.
web-platform-tests/file-system-access/resources/data/w3c-import.log: Added.
web-platform-tests/file-system-access/resources/local-fs-test-helpers.js: Added. (const.directory_promise.async await): (const.directory_promise): (directory_test): (async directory_test):
web-platform-tests/file-system-access/resources/message-target-dedicated-worker.js: Added.
web-platform-tests/file-system-access/resources/message-target-service-worker.js: Added.
web-platform-tests/file-system-access/resources/message-target-shared-worker.js: Added.
web-platform-tests/file-system-access/resources/message-target.html: Added.
web-platform-tests/file-system-access/resources/message-target.js: Added. (async receiver): (add_message_event_handlers):
web-platform-tests/file-system-access/resources/messaging-blob-helpers.js: Added. (async create_message_target_blob_url): (async create_message_target_data_uri): (async create_message_target_html_without_subresources): (async fetch_text):
web-platform-tests/file-system-access/resources/messaging-helpers.js: Added. (create_dedicated_worker): (async create_service_worker): (async add_iframe): (async open_window): (async wait_for_loaded_message): (create_message_channel): (async create_file_system_handles): (async do_post_message_test): (async do_message_port_test):
web-platform-tests/file-system-access/resources/messaging-serialize-helpers.js: Added. (async serialize_handles): (async serialize_handle): (async serialize_file_system_handle): (async serialize_file_system_file_handle): (async serialize_file_system_directory_handle): (async assert_equals_cloned_handles): (assert_equals_serialized_handles): (assert_equals_serialized_handle): (assert_equals_serialized_file_system_handle): (assert_equals_serialized_file_system_file_handle): (assert_equals_serialized_file_system_directory_handle): (serialize_message_error_event): (assert_equals_serialized_message_error_event):
web-platform-tests/file-system-access/resources/opaque-origin-sandbox.html: Added.
web-platform-tests/file-system-access/resources/sandboxed-fs-test-helpers.js: Added. (async cleanupSandboxedFileSystem):
web-platform-tests/file-system-access/resources/sync-access-handle-test.js: Added. (async cleanupSandboxedFileSystem):
web-platform-tests/file-system-access/resources/test-helpers.js: Added. (navigator.userAgent.includes): (async getFileSize): (async getFileContents): (async getDirectoryEntryCount): (async getSortedDirectoryEntries): (async createFileWithContents): (garbageCollect):
web-platform-tests/file-system-access/resources/w3c-import.log: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemBaseHandle-IndexedDB.https.any-expected.txt: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemBaseHandle-IndexedDB.https.any.html: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemBaseHandle-IndexedDB.https.any.js: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemBaseHandle-IndexedDB.https.any.worker-expected.txt: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemBaseHandle-IndexedDB.https.any.worker.html: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemBaseHandle-isSameEntry.https.any-expected.txt: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemBaseHandle-isSameEntry.https.any.html: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemBaseHandle-isSameEntry.https.any.js: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemBaseHandle-isSameEntry.https.any.worker-expected.txt: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemBaseHandle-isSameEntry.https.any.worker.html: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemBaseHandle-postMessage-BroadcastChannel.https.window-expected.txt: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemBaseHandle-postMessage-BroadcastChannel.https.window.html: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemBaseHandle-postMessage-BroadcastChannel.https.window.js: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemBaseHandle-postMessage-Error.https.window-expected.txt: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemBaseHandle-postMessage-Error.https.window.html: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemBaseHandle-postMessage-Error.https.window.js: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemBaseHandle-postMessage-MessagePort-frames.https.window-expected.txt: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemBaseHandle-postMessage-MessagePort-frames.https.window.html: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemBaseHandle-postMessage-MessagePort-frames.https.window.js: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemBaseHandle-postMessage-MessagePort-windows.https.window-expected.txt: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemBaseHandle-postMessage-MessagePort-windows.https.window.html: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemBaseHandle-postMessage-MessagePort-windows.https.window.js: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemBaseHandle-postMessage-MessagePort-workers.https.window-expected.txt: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemBaseHandle-postMessage-MessagePort-workers.https.window.html: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemBaseHandle-postMessage-MessagePort-workers.https.window.js: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemBaseHandle-postMessage-frames.https.window-expected.txt: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemBaseHandle-postMessage-frames.https.window.html: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemBaseHandle-postMessage-frames.https.window.js: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemBaseHandle-postMessage-windows.https.window-expected.txt: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemBaseHandle-postMessage-windows.https.window.html: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemBaseHandle-postMessage-windows.https.window.js: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemBaseHandle-postMessage-workers.https.window-expected.txt: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemBaseHandle-postMessage-workers.https.window.html: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemBaseHandle-postMessage-workers.https.window.js: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemBaseHandle-remove.https.any-expected.txt: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemBaseHandle-remove.https.any.html: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemBaseHandle-remove.https.any.js: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemBaseHandle-remove.https.any.worker-expected.txt: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemBaseHandle-remove.https.any.worker.html: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemDirectoryHandle-getDirectoryHandle.https.any-expected.txt: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemDirectoryHandle-getDirectoryHandle.https.any.html: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemDirectoryHandle-getDirectoryHandle.https.any.js: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemDirectoryHandle-getDirectoryHandle.https.any.worker-expected.txt: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemDirectoryHandle-getDirectoryHandle.https.any.worker.html: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemDirectoryHandle-getFileHandle.https.any-expected.txt: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemDirectoryHandle-getFileHandle.https.any.html: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemDirectoryHandle-getFileHandle.https.any.js: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemDirectoryHandle-getFileHandle.https.any.worker-expected.txt: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemDirectoryHandle-getFileHandle.https.any.worker.html: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemDirectoryHandle-iteration.https.any-expected.txt: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemDirectoryHandle-iteration.https.any.html: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemDirectoryHandle-iteration.https.any.js: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemDirectoryHandle-iteration.https.any.worker-expected.txt: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemDirectoryHandle-iteration.https.any.worker.html: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemDirectoryHandle-removeEntry.https.any-expected.txt: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemDirectoryHandle-removeEntry.https.any.html: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemDirectoryHandle-removeEntry.https.any.js: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemDirectoryHandle-removeEntry.https.any.worker-expected.txt: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemDirectoryHandle-removeEntry.https.any.worker.html: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemDirectoryHandle-resolve.https.any-expected.txt: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemDirectoryHandle-resolve.https.any.html: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemDirectoryHandle-resolve.https.any.js: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemDirectoryHandle-resolve.https.any.worker-expected.txt: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemDirectoryHandle-resolve.https.any.worker.html: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemFileHandle-create-sync-access-handle-dedicated-worker.https.tentative.window-expected.txt: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemFileHandle-create-sync-access-handle-dedicated-worker.https.tentative.window.html: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemFileHandle-create-sync-access-handle-dedicated-worker.https.tentative.window.js: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemFileHandle-getFile.https.any-expected.txt: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemFileHandle-getFile.https.any.html: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemFileHandle-getFile.https.any.js: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemFileHandle-getFile.https.any.worker-expected.txt: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemFileHandle-getFile.https.any.worker.html: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemFileHandle-sync-access-handle-lock.https.tentative.worker-expected.txt: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemFileHandle-sync-access-handle-lock.https.tentative.worker.html: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemFileHandle-sync-access-handle-lock.https.tentative.worker.js: Added. (promise_test.async t):
web-platform-tests/file-system-access/sandboxed_FileSystemSyncAccessHandle-close.https.tentative.worker-expected.txt: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemSyncAccessHandle-close.https.tentative.worker.html: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemSyncAccessHandle-close.https.tentative.worker.js: Added. (sync_access_handle_test.async testCase):
web-platform-tests/file-system-access/sandboxed_FileSystemSyncAccessHandle-flush.https.tentative.worker-expected.txt: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemSyncAccessHandle-flush.https.tentative.worker.html: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemSyncAccessHandle-flush.https.tentative.worker.js: Added. (sync_access_handle_test.async t): (sync_access_handle_test.async testCase):
web-platform-tests/file-system-access/sandboxed_FileSystemSyncAccessHandle-getSize.https.tentative.worker-expected.txt: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemSyncAccessHandle-getSize.https.tentative.worker.html: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemSyncAccessHandle-getSize.https.tentative.worker.js: Added. (sync_access_handle_test.async testCase):
web-platform-tests/file-system-access/sandboxed_FileSystemSyncAccessHandle-read-write.https.tentative.worker-expected.txt: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemSyncAccessHandle-read-write.https.tentative.worker.html: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemSyncAccessHandle-read-write.https.tentative.worker.js: Added. (sync_access_handle_test):
web-platform-tests/file-system-access/sandboxed_FileSystemSyncAccessHandle-truncate.https.tentative.worker-expected.txt: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemSyncAccessHandle-truncate.https.tentative.worker.html: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemSyncAccessHandle-truncate.https.tentative.worker.js: Added. (sync_access_handle_test.async testCase):
web-platform-tests/file-system-access/sandboxed_FileSystemWritableFileStream-piped.https.any-expected.txt: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemWritableFileStream-piped.https.any.html: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemWritableFileStream-piped.https.any.js: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemWritableFileStream-piped.https.any.worker-expected.txt: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemWritableFileStream-piped.https.any.worker.html: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemWritableFileStream-write.https.any-expected.txt: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemWritableFileStream-write.https.any.html: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemWritableFileStream-write.https.any.js: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemWritableFileStream-write.https.any.worker-expected.txt: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemWritableFileStream-write.https.any.worker.html: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemWritableFileStream.https.any-expected.txt: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemWritableFileStream.https.any.html: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemWritableFileStream.https.any.js: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemWritableFileStream.https.any.worker-expected.txt: Added.
web-platform-tests/file-system-access/sandboxed_FileSystemWritableFileStream.https.any.worker.html: Added.
web-platform-tests/file-system-access/script-tests/FileSystemBaseHandle-IndexedDB.js: Added. (directory_test.async t):
web-platform-tests/file-system-access/script-tests/FileSystemBaseHandle-isSameEntry.js: Added. (directory_test.async t):
web-platform-tests/file-system-access/script-tests/FileSystemBaseHandle-postMessage-BroadcastChannel.js: Added. (async create_broadcast_channel): (directory_test.async t):
web-platform-tests/file-system-access/script-tests/FileSystemBaseHandle-postMessage-Error.js: Added. (async do_send_message_error_test): (async do_receive_message_error_test): (async do_send_and_receive_message_error_test): (async do_send_message_port_error_test): (async do_receive_message_port_error_test): (async do_send_and_receive_message_port_error_test): (directory_test.async t):
web-platform-tests/file-system-access/script-tests/FileSystemBaseHandle-postMessage-MessagePort-frames.js: Added. (directory_test.async t):
web-platform-tests/file-system-access/script-tests/FileSystemBaseHandle-postMessage-MessagePort-windows.js: Added. (directory_test.async t):
web-platform-tests/file-system-access/script-tests/FileSystemBaseHandle-postMessage-MessagePort-workers.js: Added. (directory_test.async t): (self.SharedWorker.undefined.directory_test.async t):
web-platform-tests/file-system-access/script-tests/FileSystemBaseHandle-postMessage-frames.js: Added. (directory_test.async t):
web-platform-tests/file-system-access/script-tests/FileSystemBaseHandle-postMessage-windows.js: Added. (directory_test.async t):
web-platform-tests/file-system-access/script-tests/FileSystemBaseHandle-postMessage-workers.js: Added. (directory_test.async t): (self.SharedWorker.undefined.directory_test.async t):
web-platform-tests/file-system-access/script-tests/FileSystemBaseHandle-remove.js: Added. (directory_test.async t):
web-platform-tests/file-system-access/script-tests/FileSystemDirectoryHandle-getDirectoryHandle.js: Added. (directory_test.async t):
web-platform-tests/file-system-access/script-tests/FileSystemDirectoryHandle-getFileHandle.js: Added. (directory_test.async t):
web-platform-tests/file-system-access/script-tests/FileSystemDirectoryHandle-iteration.js: Added. (directory_test.async t):
web-platform-tests/file-system-access/script-tests/FileSystemDirectoryHandle-removeEntry.js: Added. (directory_test.async t):
web-platform-tests/file-system-access/script-tests/FileSystemDirectoryHandle-resolve.js: Added. (directory_test.async t):
web-platform-tests/file-system-access/script-tests/FileSystemFileHandle-create-sync-access-handle-dedicated-worker.js: Added. (directory_test.async t):
web-platform-tests/file-system-access/script-tests/FileSystemFileHandle-getFile.js: Added. (directory_test.async t):
web-platform-tests/file-system-access/script-tests/FileSystemSyncAccessHandle-flush.js: Added. (sync_access_handle_test.async handle):
web-platform-tests/file-system-access/script-tests/FileSystemWritableFileStream-piped.js: Added. (directory_test.async t):
web-platform-tests/file-system-access/script-tests/FileSystemWritableFileStream-write.js: Added. (directory_test.async t):
web-platform-tests/file-system-access/script-tests/FileSystemWritableFileStream.js: Added. (directory_test.async t):
web-platform-tests/file-system-access/script-tests/w3c-import.log: Added.
web-platform-tests/file-system-access/showPicker-errors.https.window-expected.txt: Added.
web-platform-tests/file-system-access/showPicker-errors.https.window.html: Added.
web-platform-tests/file-system-access/showPicker-errors.https.window.js: Added. (promise_test.async t): (define_file_picker_error_tests.async promise_test): (define_file_picker_error_tests.async const): (define_file_picker_error_tests): (define_file_picker_extension_error_test):
web-platform-tests/file-system-access/w3c-import.log: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@281769 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4:35 PM Changeset in webkit [284287] by Aditya Keerthi

9 edits
6 adds in trunk

[iOS] Support accent-color for button-like controls
https://bugs.webkit.org/show_bug.cgi?id=231764
rdar://84261821

Reviewed by Tim Horton.

Source/WebCore:

Apply accent-color to buttons, date inputs, and <select> elements.

Tests: fast/css/accent-color/button.html

fast/css/accent-color/date.html
fast/css/accent-color/submit.html

html/HTMLButtonElement.cpp:

(WebCore::HTMLButtonElement::isExplicitlySetSubmitButton const):

Return true if the author has explicitly made the <button> a
submit button. This is necessary, as submit buttons have an appearance
that is different from a standard button on iOS.

html/HTMLButtonElement.h:
rendering/RenderThemeIOS.h:
rendering/RenderThemeIOS.mm:

(WebCore::RenderThemeIOS::adjustMenuListButtonStyle const):
(WebCore::RenderThemeIOS::isSubmitStyleButton const):
(WebCore::RenderThemeIOS::adjustButtonLikeControlStyle const):
(WebCore::RenderThemeIOS::adjustButtonStyle const):
(WebCore::RenderThemeIOS::adjustPressedStyle const): Deleted.

LayoutTests:

Add new tests for iOS and mark newly passing test.

TestExpectations:
fast/css/accent-color/button-expected-mismatch.html: Added.
fast/css/accent-color/button.html: Added.
fast/css/accent-color/date-expected-mismatch.html: Added.
fast/css/accent-color/date.html: Added.
fast/css/accent-color/submit-expected-mismatch.html: Added.
fast/css/accent-color/submit.html: Added.
platform/ios/TestExpectations:
platform/mac/TestExpectations:

4:35 PM Changeset in webkit [284286] by Russell Epstein

2 edits
78 adds in branches/safari-612-branch/LayoutTests/imported/w3c

Cherry-pick r282088. rdar://problem/84234366

Import storage tests from WPT
https://bugs.webkit.org/show_bug.cgi?id=229965

Reviewed by Youenn Fablet.

resources/import-expectations.json:
web-platform-tests/storage/META.yml: Added.
web-platform-tests/storage/README.md: Added.
web-platform-tests/storage/buckets/META.yml: Added.
web-platform-tests/storage/buckets/w3c-import.log: Added.
web-platform-tests/storage/estimate-indexeddb.https.any-expected.txt: Added.
web-platform-tests/storage/estimate-indexeddb.https.any.html: Added.
web-platform-tests/storage/estimate-indexeddb.https.any.js: Added. (indexedDbOpenRequest): (promise_test.async t):
web-platform-tests/storage/estimate-indexeddb.https.any.worker-expected.txt: Added.
web-platform-tests/storage/estimate-indexeddb.https.any.worker.html: Added.
web-platform-tests/storage/estimate-parallel.https.any-expected.txt: Added.
web-platform-tests/storage/estimate-parallel.https.any.html: Added.
web-platform-tests/storage/estimate-parallel.https.any.js: Added. (promise_test.async t):
web-platform-tests/storage/estimate-parallel.https.any.worker-expected.txt: Added.
web-platform-tests/storage/estimate-parallel.https.any.worker.html: Added.
web-platform-tests/storage/estimate-usage-details-application-cache.https.tentative-expected.txt: Added.
web-platform-tests/storage/estimate-usage-details-application-cache.https.tentative.html: Added.
web-platform-tests/storage/estimate-usage-details-caches.https.tentative.any-expected.txt: Added.
web-platform-tests/storage/estimate-usage-details-caches.https.tentative.any.html: Added.
web-platform-tests/storage/estimate-usage-details-caches.https.tentative.any.js: Added. (promise_test.async t):
web-platform-tests/storage/estimate-usage-details-caches.https.tentative.any.worker-expected.txt: Added.
web-platform-tests/storage/estimate-usage-details-caches.https.tentative.any.worker.html: Added.
web-platform-tests/storage/estimate-usage-details-indexeddb.https.tentative.any-expected.txt: Added.
web-platform-tests/storage/estimate-usage-details-indexeddb.https.tentative.any.html: Added.
web-platform-tests/storage/estimate-usage-details-indexeddb.https.tentative.any.js: Added. (promise_test.async t):
web-platform-tests/storage/estimate-usage-details-indexeddb.https.tentative.any.worker-expected.txt: Added.
web-platform-tests/storage/estimate-usage-details-indexeddb.https.tentative.any.worker.html: Added.
web-platform-tests/storage/estimate-usage-details-service-workers.https.tentative.window-expected.txt: Added.
web-platform-tests/storage/estimate-usage-details-service-workers.https.tentative.window.html: Added.
web-platform-tests/storage/estimate-usage-details-service-workers.https.tentative.window.js: Added. (promise_test.async t):
web-platform-tests/storage/estimate-usage-details.https.tentative.any-expected.txt: Added.
web-platform-tests/storage/estimate-usage-details.https.tentative.any.html: Added.
web-platform-tests/storage/estimate-usage-details.https.tentative.any.js: Added. (promise_test.async t):
web-platform-tests/storage/estimate-usage-details.https.tentative.any.worker-expected.txt: Added.
web-platform-tests/storage/estimate-usage-details.https.tentative.any.worker.html: Added.
web-platform-tests/storage/helpers.js: Added. (createDB):
web-platform-tests/storage/idlharness.https.any-expected.txt: Added.
web-platform-tests/storage/idlharness.https.any.html: Added.
web-platform-tests/storage/idlharness.https.any.js: Added.
web-platform-tests/storage/idlharness.https.any.worker-expected.txt: Added.
web-platform-tests/storage/idlharness.https.any.worker.html: Added.
web-platform-tests/storage/opaque-origin.https.window-expected.txt: Added.
web-platform-tests/storage/opaque-origin.https.window.html: Added.
web-platform-tests/storage/opaque-origin.https.window.js: Added. (load_iframe): (wait_for_message.return.new.Promise): (forEach.snippet.assert_equals):
web-platform-tests/storage/permission-query.https.any-expected.txt: Added.
web-platform-tests/storage/permission-query.https.any.html: Added.
web-platform-tests/storage/permission-query.https.any.js: Added. (promise_test.async t):
web-platform-tests/storage/permission-query.https.any.worker-expected.txt: Added.
web-platform-tests/storage/permission-query.https.any.worker.html: Added.
web-platform-tests/storage/persisted.https.any-expected.txt: Added.
web-platform-tests/storage/persisted.https.any.html: Added.
web-platform-tests/storage/persisted.https.any.js: Added. (test): (promise_test):
web-platform-tests/storage/persisted.https.any.worker-expected.txt: Added.
web-platform-tests/storage/persisted.https.any.worker.html: Added.
web-platform-tests/storage/quotachange-in-detached-iframe.tentative.https-expected.txt: Added.
web-platform-tests/storage/quotachange-in-detached-iframe.tentative.https.html: Added.
web-platform-tests/storage/resources/appcache.manifest: Added.
web-platform-tests/storage/resources/iframe_with_appcache_manifest.html: Added.
web-platform-tests/storage/resources/w3c-import.log: Added.
web-platform-tests/storage/storagemanager-estimate.https.any-expected.txt: Added.
web-platform-tests/storage/storagemanager-estimate.https.any.html: Added.
web-platform-tests/storage/storagemanager-estimate.https.any.js: Added. (test): (promise_test):
web-platform-tests/storage/storagemanager-estimate.https.any.worker-expected.txt: Added.
web-platform-tests/storage/storagemanager-estimate.https.any.worker.html: Added.
web-platform-tests/storage/storagemanager-persist.https.window-expected.txt: Added.
web-platform-tests/storage/storagemanager-persist.https.window.html: Added.
web-platform-tests/storage/storagemanager-persist.https.window.js: Added. (promise_test):
web-platform-tests/storage/storagemanager-persist.https.worker-expected.txt: Added.
web-platform-tests/storage/storagemanager-persist.https.worker.html: Added.
web-platform-tests/storage/storagemanager-persist.https.worker.js: Added. (test):
web-platform-tests/storage/storagemanager-persisted.https.any-expected.txt: Added.
web-platform-tests/storage/storagemanager-persisted.https.any.html: Added.
web-platform-tests/storage/storagemanager-persisted.https.any.js: Added. (promise_test):
web-platform-tests/storage/storagemanager-persisted.https.any.worker-expected.txt: Added.
web-platform-tests/storage/storagemanager-persisted.https.any.worker.html: Added.
web-platform-tests/storage/w3c-import.log: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@282088 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4:24 PM Changeset in webkit [284285] by ysuzuki@apple.com

2 edits in trunk/Source/JavaScriptCore

[JSC] Optimize Structure::getConcurrently
https://bugs.webkit.org/show_bug.cgi?id=231825

Reviewed by Filip Pizlo.

From artrace data, we found that Structure::getConcurrently is taking fair amount of time
in Speedometer2 *in the main thread*! This is because Structure::getConcurrently is used
in PropertyCondition, and its validation can be called in the main thread when watched
Structure transition happens, ObjectPropertyConditionSet is created for IC etc.

Structure::getConcurrently is slow since it is using Structure::forEachPropertyConcurrently.
We can optimize Structure::getConcurrently since,

We do not need to track seen properties via seenProperties HashSet.
We can handle TransitionKind::PropertyDeletion.
We can use PropertyTable::get.

We are seeing consistent 0.4% improvement in Speedometer2 (I ran 120 Speedometer2 runs twice and both said 0.4% improvement).

| subtest | ms | ms | b / a | pValue (significance using False Discovery Rate) |

| Elm-TodoMVC |106.201667 |106.030000 |0.998384 | 0.666695 |
| VueJS-TodoMVC |21.955000 |21.985000 |1.001366 | 0.898294 |
| EmberJS-TodoMVC |120.720000 |119.938333 |0.993525 | 0.055063 |
| BackboneJS-TodoMVC |40.306667 |40.023333 |0.992971 | 0.054858 |
| Preact-TodoMVC |16.273333 |15.968333 |0.981258 | 0.135893 |
| AngularJS-TodoMVC |123.325000 |122.596667 |0.994094 | 0.079212 |
| Vanilla-ES2015-TodoMVC |60.116667 |60.168333 |1.000859 | 0.691981 |
| Inferno-TodoMVC |58.945000 |58.538333 |0.993101 | 0.155753 |
| Flight-TodoMVC |57.846667 |57.808333 |0.999337 | 0.868408 |
| Angular2-TypeScript-TodoMVC |38.595000 |38.260000 |0.991320 | 0.392602 |
| VanillaJS-TodoMVC |50.316667 |50.185000 |0.997383 | 0.609335 |
| jQuery-TodoMVC |208.376667 |208.933333 |1.002671 | 0.196406 |
| EmberJS-Debug-TodoMVC |338.481667 |336.755000 |0.994899 | 0.007485 |
| React-TodoMVC |82.533333 |82.091667 |0.994649 | 0.037482 |
| React-Redux-TodoMVC |133.703333 |133.258333 |0.996672 | 0.069242 |
| Vanilla-ES2015-Babel-Webpack-TodoMVC |59.346667 |59.600000 |1.004269 | 0.203370 |

a mean = 282.95715
b mean = 284.07606
pValue = 0.0013877157
(Bigger means are better.)
1.004 times better
Results ARE significant

runtime/Structure.cpp:

(JSC::Structure::getConcurrently):

4:02 PM Changeset in webkit [284284] by Russell Epstein

9 edits in branches/safari-612-branch/Source

Revert "Cherry-pick r283572. rdar://problem/83953133"

This reverts commit r284279.

3:51 PM Changeset in webkit [284283] by Jonathan Bedard

6 edits in trunk/Tools

[webkitscmpy] Allow repositories to define custom setup commands
https://bugs.webkit.org/show_bug.cgi?id=231345
<rdar://problem/83960249>

Reviewed by Dewei Zhu.

Scripts/git-webkit: Define changelog conflict resolver.
Scripts/libraries/webkitscmpy/setup.py: Add inspect2 as dependency, bump version.
Scripts/libraries/webkitscmpy/webkitscmpy/init.py: Ditto.
Scripts/libraries/webkitscmpy/webkitscmpy/program/init.py:

(main): Attempt to resolve additional_setup function.

Scripts/libraries/webkitscmpy/webkitscmpy/program/setup.py:

(Setup.github): Invoke additional_setup function, if it exists.
(Setup.git): Ditto.

3:41 PM Changeset in webkit [284282] by Russell Epstein

5 edits in branches/safari-612-branch

Cherry-pick r281964. rdar://problem/83954640

[ BigSur arm64 Debug EWS ] ASSERTION FAILED: m_uncommittedState.state == State::Provisional
https://bugs.webkit.org/show_bug.cgi?id=229769
<rdar://problem/82645706>

Reviewed by Alex Christensen.

Source/WebKit:

I am unable to reproduce the crash but we know that we're crashing when committing the load
after a process-swap, because the WebPageProxy doesn't know that a provisional load is going
on. One possible explanation for this, and the most likely one is that the WebPageProxy got
a DidFailProvisionalLoadForFrame IPC from the current process while the provisional load is
proceeding in the new provisional process. We had logic in WebPageProxy::didFailProvisionalLoadForFrame()
to try and discard such IPC but the check was relying on the navigationID and was therefore
fragile. I updated the check in didFailProvisionalLoadForFrame() to ignore all
DidFailProvisionalLoadForFrame IPCs for the main frame from the current process when there
is a ProvisionalPageProxy, without relying on the navigationID. This should be more robust
and will hopefully fix this flaky crash.

No new tests, unskipped existing tests.

UIProcess/ProvisionalPageProxy.cpp: (WebKit::ProvisionalPageProxy::didFailProvisionalLoadForFrame):
UIProcess/WebPageProxy.cpp: (WebKit::WebPageProxy::didFailProvisionalLoadForFrame): (WebKit::WebPageProxy::didFailProvisionalLoadForFrameShared):
UIProcess/WebPageProxy.h:

LayoutTests:

Unskip test that should no longer be flakily crashing in debug.

platform/mac-wk2/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@281964 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3:41 PM Changeset in webkit [284281] by commit-queue@webkit.org

2 edits in trunk/LayoutTests

[GLIB] Update test expectations for known failures. Unreviewed test gardening.
https://bugs.webkit.org/show_bug.cgi?id=231820

Patch by Arcady Goldmints-Orlov <Arcady Goldmints-Orlov> on 2021-10-15

platform/glib/TestExpectations:

3:38 PM Changeset in webkit [284280] by Russell Epstein

4 edits in branches/safari-612-branch/Source/WebCore

Cherry-pick r281879. rdar://problem/83954217

Improve time precision when cross-origin isolated via COOP+COEP
https://bugs.webkit.org/show_bug.cgi?id=228137
<rdar://problem/81197138>

Reviewed by Ryosuke Niwa.

Increase the precision of our high precision time (used by performance.now()) from
1ms to 20us when cross-origin isolated via COOP=same-origin + COEP=require-corp.
Precision remains the same (1ms) when not cross-origin isolated.

This aligns our behavior with Firefox.

Note that Chrome provides higher precision (100us in general and 5us when
cross-origin-isolated).

dom/ScriptExecutionContext.cpp: (WebCore::ScriptExecutionContext::setCrossOriginMode):
page/Performance.cpp: (WebCore::Performance::reduceTimeResolution): (WebCore::Performance::allowHighPrecisionTime):
page/Performance.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@281879 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3:37 PM Changeset in webkit [284279] by Russell Epstein

9 edits in branches/safari-612-branch/Source

Cherry-pick r283572. rdar://problem/83953133

Web Inspector: Show color space for canvases in the Graphics tab on the overview cards
https://bugs.webkit.org/show_bug.cgi?id=231205

Reviewed by Devin Rousso.

Source/JavaScriptCore:

Use an enum instead of strings for color space values sent to the frontend.

inspector/protocol/Canvas.json:
inspector/scripts/codegen/generator.py:

Source/WebCore:

Use an enum instead of strings for color space values sent to the frontend.

inspector/InspectorCanvas.cpp: (WebCore::buildObjectForCanvasContextAttributes):

Source/WebInspectorUI:

For canvas context's with a color space attribute, show the color space next to the context type in the header
of each context card in the Graphics tab.

UserInterface/Models/Canvas.js: (WI.Canvas.displayNameForColorSpace):
UserInterface/Views/CanvasContentView.js: (WI.CanvasContentView.prototype.initialLayout):
UserInterface/Views/CanvasOverviewContentView.css: (.content-view.canvas-overview > .content-view.canvas > header > .titles > :matches(.subtitle, .color-space),): (.content-view.canvas-overview > .content-view.canvas > header .color-space::before):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@283572 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3:36 PM Changeset in webkit [284278] by Jonathan Bedard

2 edits in trunk

Add github username for Dewei Zhu

Unreviewed.

metadata/contributors.json:

3:25 PM Changeset in webkit [284277] by commit-queue@webkit.org

5 edits in trunk/Source/WebKit

Unreviewed, reverting r283925.
https://bugs.webkit.org/show_bug.cgi?id=231839

Incorrect

Reverted changeset:

"[macOS] Grant access in sandbox to 'system-privilege' for
root"
https://bugs.webkit.org/show_bug.cgi?id=231501
https://commits.webkit.org/r283925

3:18 PM Changeset in webkit [284276] by Ryan Haddad

2 edits in trunk/Source/WebKit

Explicitly link adattributiond with Foundation and CoreFoundation
https://bugs.webkit.org/show_bug.cgi?id=231835

Reviewed by Brady Eidson.

Apply the same treatment to adattributiond as was done for webpushd in r284250.

Configurations/adattributiond.xcconfig:

3:16 PM Changeset in webkit [284275] by Russell Epstein

28 edits
2 adds in branches/safari-612-branch

Cherry-pick r283033. rdar://problem/83953190

[IOS 15] Video track does not get unmuted in case of tab was inactive less than ~500 ms
https://bugs.webkit.org/show_bug.cgi?id=230538
<rdar://problem/83355705>

Reviewed by Eric Carlson.

Source/WebCore:

Add support for interrupting mock cameras.
Update internals to handle the case of out of main thread videoSampleAvailable calls.

Update Page::setMuted to trigger setMuted logic even if Page muted state did not change.
This ensures we can restart capture in case a track is muted without the page being muted itself.

When a source is muted and is in producing data state, it is interrupted.
When setMuted(false) is called, we need to uninterrupt.
To do so, we do a stop/start cycle

Test: fast/mediastream/media-stream-video-track-interrupted.html

page/Page.cpp: (WebCore::Page::setMuted):
platform/mediastream/RealtimeMediaSource.cpp: (WebCore::RealtimeMediaSource::setMuted):
platform/mock/MockRealtimeMediaSourceCenter.cpp: (WebCore::MockRealtimeMediaSourceCenter::setMockCameraIsInterrupted):
platform/mock/MockRealtimeMediaSourceCenter.h:
platform/mock/MockRealtimeVideoSource.cpp: (WebCore::MockRealtimeVideoSource::MockRealtimeVideoSource): (WebCore::MockRealtimeVideoSource::~MockRealtimeVideoSource): (WebCore::MockRealtimeVideoSource::setIsInterrupted):
platform/mock/MockRealtimeVideoSource.h:
testing/Internals.cpp: (WebCore::Internals::videoSampleAvailable):
testing/Internals.h:

Source/WebKit:

Add support for mock capture interruption.
When receiving a notification that GPUProcess source is muted, we consider it is interrupted.
In that case, we notify the source is muted instead of calling setMuted (which would set the source as muted AND stop producing data).
It is important to not stop the source so that it can continue receiving interruption notifications.

GPUProcess/GPUProcess.cpp: (WebKit::GPUProcess::setMockCameraIsInterrupted):
GPUProcess/GPUProcess.h:
GPUProcess/GPUProcess.messages.in:
UIProcess/API/C/WKPage.cpp: (WKPageIsMockRealtimeMediaSourceCenterEnabled): (WKPageSetMockCameraIsInterrupted):
UIProcess/API/C/WKPagePrivate.h:
UIProcess/GPU/GPUProcessProxy.cpp: (WebKit::GPUProcessProxy::setMockCameraIsInterrupted):
UIProcess/GPU/GPUProcessProxy.h:
WebProcess/cocoa/RemoteRealtimeAudioSource.h:
WebProcess/cocoa/RemoteRealtimeVideoSource.h:
WebProcess/cocoa/UserMediaCaptureManager.cpp: (WebKit::UserMediaCaptureManager::sourceMutedChanged):

Tools:

Add mock API to mock camera interruption.

WebKitTestRunner/InjectedBundle/Bindings/TestRunner.idl:
WebKitTestRunner/InjectedBundle/TestRunner.cpp: (WTR::TestRunner::setMockCameraIsInterrupted):
WebKitTestRunner/InjectedBundle/TestRunner.h:
WebKitTestRunner/TestController.cpp: (WTR::TestController::setMockCameraIsInterrupted):
WebKitTestRunner/TestController.h:
WebKitTestRunner/TestInvocation.cpp: (WTR::TestInvocation::didReceiveSynchronousMessageFromInjectedBundle):

LayoutTests:

fast/mediastream/media-stream-video-track-interrupted-expected.txt: Added.
fast/mediastream/media-stream-video-track-interrupted.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@283033 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:45 PM Changeset in webkit [284274] by Ayumi Kojima

2 edits in trunk/LayoutTests

[ iOS 15 ] imported/w3c/web-platform-tests/WebCryptoAPI/derive_bits_keys/pbkdf2.https.any.worker.html is flaky timing out.
https://bugs.webkit.org/show_bug.cgi?id=231544

Unreviewed test gardening.

platform/ios-wk2/TestExpectations: Marked the test slow

2:27 PM Changeset in webkit [284273] by sihui_liu@apple.com

2 edits in trunk/Source/WTF

Enable Storage API by default
https://bugs.webkit.org/show_bug.cgi?id=231826

Reviewed by Alexey Shvayka.

Scripts/Preferences/WebPreferencesExperimental.yaml:

2:11 PM Changeset in webkit [284272] by mmaxfield@apple.com

2 edits in trunk/Source/WTF

Clean up font-related USE(...) macros
https://bugs.webkit.org/show_bug.cgi?id=231793

Reviewed by Wenson Hsieh.

IOS_FAMILY is true for tvOS and watchOS, so we should be using

(PLATFORM(IOS)

PLATFORM(MACCATALYST) instead. Also, the simulator

is not special here - it should get the same policy as the system it's
simulating.

wtf/PlatformUse.h:

2:09 PM Changeset in webkit [284271] by Ayumi Kojima

2 edits in trunk/LayoutTests

[ macOS wk2 ] http/tests/xmlhttprequest/access-control-repeated-failed-preflight-crash.html is a flaky crash.
https://bugs.webkit.org/show_bug.cgi?id=231831

Unreviewed test gardening.

platform/mac-wk2/TestExpectations:

2:06 PM Changeset in webkit [284270] by Russell Epstein

1 copy in tags/Safari-613.1.5

Tag Safari-613.1.5.

1:29 PM Changeset in webkit [284269] by Antti Koivisto

21 edits
2 adds in trunk/Source/WebCore

[LFC][Integration] Factor line logical order traversal out of iterator
https://bugs.webkit.org/show_bug.cgi?id=231800

Reviewed by Alan Bujtas.

Similar to text logical order traversal, use standalone traversal functions with order cache
owned by the caller.

Make the code generic so it will work with IFC BiDi.

Factor all traversal functions to a file of their own, InlineIteratorLogicalOrderTraversal.h/cpp.

Headers.cmake:
Sources.txt:
WebCore.xcodeproj/project.pbxproj:
dom/Position.cpp:
editing/CompositeEditCommand.cpp:
editing/TextIterator.h:
editing/VisiblePosition.cpp:

(WebCore::VisiblePosition::leftVisuallyDistinctCandidate const):
(WebCore::VisiblePosition::rightVisuallyDistinctCandidate const):

editing/VisibleUnits.cpp:

(WebCore::previousTextOrLineBreakRun):
(WebCore::nextTextOrLineBreakRun):
(WebCore::startTextOrLineBreakRun):
(WebCore::endTextOrLineBreakRun):
(WebCore::logicallyPreviousRun):
(WebCore::logicallyNextRun):
(WebCore::wordBreakIteratorForMinOffsetBoundary):
(WebCore::wordBreakIteratorForMaxOffsetBoundary):
(WebCore::startPositionForLine):
(WebCore::endPositionForLine):

layout/integration/InlineIteratorBox.cpp:

(WebCore::InlineIterator::LeafBoxIterator::traversePreviousOnLineIgnoringLineBreak):
(WebCore::InlineIterator::LeafBoxIterator::traverseNextOnLineInLogicalOrder): Deleted.
(WebCore::InlineIterator::LeafBoxIterator::traversePreviousOnLineInLogicalOrder): Deleted.

layout/integration/InlineIteratorBox.h:

(WebCore::InlineIterator::BoxIterator::BoxIterator):

layout/integration/InlineIteratorBoxLegacyPath.h:

(WebCore::InlineIterator::BoxLegacyPath::BoxLegacyPath):
(WebCore::InlineIterator::BoxLegacyPath::traverseNextOnLineInLogicalOrder): Deleted.
(WebCore::InlineIterator::BoxLegacyPath::traversePreviousOnLineInLogicalOrder): Deleted.
(WebCore::InlineIterator::BoxLegacyPath::initializeLogicalOrderCacheForLine): Deleted.
(WebCore::InlineIterator::BoxLegacyPath::traverseNextInlineBoxInCacheOrder): Deleted.
(WebCore::InlineIterator::BoxLegacyPath::traversePreviousInlineBoxInCacheOrder): Deleted.

layout/integration/InlineIteratorBoxModernPath.h:

(WebCore::InlineIterator::BoxModernPath::traverseNextOnLineInLogicalOrder): Deleted.
(WebCore::InlineIterator::BoxModernPath::traversePreviousOnLineInLogicalOrder): Deleted.

layout/integration/InlineIteratorLine.cpp:

(WebCore::InlineIterator::Line::logicalStartRun const): Deleted.
(WebCore::InlineIterator::Line::logicalEndRun const): Deleted.
(WebCore::InlineIterator::Line::logicalStartRunWithNode const): Deleted.
(WebCore::InlineIterator::Line::logicalEndRunWithNode const): Deleted.

layout/integration/InlineIteratorLine.h:
layout/integration/InlineIteratorLineLegacyPath.h:

(WebCore::InlineIterator::LineIteratorLegacyPath::logicalStartRun const): Deleted.
(WebCore::InlineIterator::LineIteratorLegacyPath::logicalEndRun const): Deleted.

layout/integration/InlineIteratorLineModernPath.h:

(WebCore::InlineIterator::LineIteratorModernPath::logicalStartRun const): Deleted.
(WebCore::InlineIterator::LineIteratorModernPath::logicalEndRun const): Deleted.

layout/integration/InlineIteratorLogicalOrderTraversal.cpp: Added.

(WebCore::InlineIterator::makeTextLogicalOrderCacheIfNeeded):
(WebCore::InlineIterator::updateTextLogicalOrderCacheIfNeeded):
(WebCore::InlineIterator::firstTextBoxInLogicalOrderFor):
(WebCore::InlineIterator::nextTextBoxInLogicalOrder):
(WebCore::InlineIterator::makeLineLogicalOrderCacheIfNeeded):
(WebCore::InlineIterator::updateLineLogicalOrderCacheIfNeeded):
(WebCore::InlineIterator::firstLeafOnLineInLogicalOrder):
(WebCore::InlineIterator::lastLeafOnLineInLogicalOrder):
(WebCore::InlineIterator::nextLeafOnLineInLogicalOrder):
(WebCore::InlineIterator::previousLeafOnLineInLogicalOrder):
(WebCore::InlineIterator::firstLeafOnLineInLogicalOrderWithNode):
(WebCore::InlineIterator::lastLeafOnLineInLogicalOrderWithNode):

layout/integration/InlineIteratorLogicalOrderTraversal.h: Added.
layout/integration/InlineIteratorTextBox.cpp:

(WebCore::InlineIterator::firstTextBoxInLogicalOrderFor): Deleted.
(WebCore::InlineIterator::nextTextBoxInLogicalOrder): Deleted.

layout/integration/InlineIteratorTextBox.h:

(): Deleted.

rendering/RenderBlockFlow.cpp:

(WebCore::RenderBlockFlow::positionForPointWithInlineChildren):

rendering/RenderText.cpp:

1:25 PM Changeset in webkit [284268] by commit-queue@webkit.org

2 edits in trunk/Source/WebKit

Import AuthenticationServicesCore's public module as well
https://bugs.webkit.org/show_bug.cgi?id=231806
<rdar://84299174>

Patch by Garrett Davidson <garrett_davidson@apple.com> on 2021-10-15
Reviewed by Wenson Hsieh.

Import the public module explicitly before the private module.

Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h:

1:13 PM Changeset in webkit [284267] by Robert Jenner

3 edits
3 copies
3 adds in trunk/LayoutTests

REBASELINE 2 tables/mozilla tests failing constantly
https://bugs.webkit.org/show_bug.cgi?id=228200

Unreviewed test gardening/rebase for Monterey.

platform/mac-bigsur/tables/mozilla/bugs/bug2479-3-expected.txt: Copied from LayoutTests/platform/mac/tables/mozilla/bugs/bug2479-3-expected.txt.
platform/mac-bigsur/tables/mozilla/bugs/bug26178-expected.txt: Copied from LayoutTests/platform/mac/tables/mozilla/bugs/bug26178-expected.txt.
platform/mac-catalina/tables/mozilla/bugs/bug26178-expected.txt: Copied from LayoutTests/platform/mac/tables/mozilla/bugs/bug26178-expected.txt.
platform/mac/tables/mozilla/bugs/bug2479-3-expected.txt:
platform/mac/tables/mozilla/bugs/bug26178-expected.txt:

12:59 PM Changeset in webkit [284266] by Andres Gonzalez

10 edits in trunk/Source/WebCore

Calls to AXCoreObject::widget() have to be dispatch to the main thread in isolated tree mode.
https://bugs.webkit.org/show_bug.cgi?id=231766
<rdar://problem/84271039>

Reviewed by Chris Fleizach.

This patch fixes several dozens of tests that were crashing or timing out in isolated tree mode.

The WebAccessibilityObjectWrapper was calling the widget() method on the
AX thread, which creates problems because this object is not thread
safe and it is created on the main thread. To avoid this problem, we
have to dispatch those calls to the main thread. Since widget() is
called very often now, for every request of the children of a leaf node,
added AXCoreObject::isWidget() to be able to check for it without having
to return the Widget object. The IsWidget property is cached in the
AXIsolatedObject, hence limiting the number of times we have to hit the
main thread.

accessibility/AccessibilityNodeObject.cpp:

Removed include header that is not used in this cpp.

accessibility/AccessibilityObject.h:
accessibility/AccessibilityObjectInterface.h:
accessibility/AccessibilityRenderObject.cpp:

(WebCore::AccessibilityRenderObject::isWidget const):
(WebCore::AccessibilityRenderObject::widget const):

accessibility/AccessibilityRenderObject.h:
accessibility/isolatedtree/AXIsolatedObject.cpp:

(WebCore::AXIsolatedObject::initializeAttributeData):
(WebCore::AXIsolatedObject::widget const):

accessibility/isolatedtree/AXIsolatedObject.h:
accessibility/isolatedtree/AXIsolatedTree.h:
accessibility/mac/WebAccessibilityObjectWrapperMac.mm:

(-[WebAccessibilityObjectWrapper renderWidgetChildren]):
(-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]):
(isMatchingPlugin):

12:43 PM Changeset in webkit [284265] by pvollan@apple.com

2 edits in trunk/Source/WebKit

[macOS] Sort unix syscall list in WP sandbox
https://bugs.webkit.org/show_bug.cgi?id=231810
<rdar://problem/84305761>

Unreviewed formatting change. No change in behavior.

WebProcess/com.apple.WebProcess.sb.in:

12:16 PM Changeset in webkit [284264] by BJ Burg

9 edits in trunk

[Cocoa] Web Inspector: handle Promise objects returned from evaluateScriptInExtensionTab
https://bugs.webkit.org/show_bug.cgi?id=231709
<rdar://problem/84224179>

Reviewed by Timothy Hatcher.

Source/WebCore:

New API test: WKInspectorExtension.EvaluateScriptInExtensionTabCanReturnPromises

inspector/InspectorFrontendAPIDispatcher.cpp:

(WebCore::InspectorFrontendAPIDispatcher::evaluateOrQueueExpression):
Add JSLockHolders for when we are poking at the result value.

Source/WebInspectorUI:

This patch improves the handling of promises and exceptions that come from
InspectorFrontendHost.evaluateScriptInExtensionTab().

For promises, wait for the returned promise to settle before fulfilling our returned value.
For errors, perform a better stringification of the Error instance. The is needed because
the default toString implementation leaves out most of the relevant details of the error.

UserInterface/Controllers/WebInspectorExtensionController.js:

(WI.WebInspectorExtensionController.prototype.evaluateScriptInExtensionTab):

UserInterface/Protocol/InspectorFrontendAPI.js:

Fix incorrect header docs for InspectorFrontendAPI.evaluateScriptForExtension.
Copy the improved header doc for InspectorFrontendAPI.evaluateScriptInExtensionTab
since it now has the same calling convention.

Source/WebKit:

WebProcess/Inspector/WebInspectorUIExtensionController.cpp:

(WebKit::WebInspectorUIExtensionController::evaluateScriptForExtension):
(WebKit::WebInspectorUIExtensionController::evaluateScriptInExtensionTab):
Add JSLockHolders for when we are poking at the result value.
Drive-by, fix a typo in logging code.

Tools:

Add a new test:
WKInspectorExtension.EvaluateScriptInExtensionTabCanReturnPromises

TestWebKitAPI/Tests/WebKitCocoa/WKInspectorExtension.mm:

(TEST):

12:14 PM Changeset in webkit [284263] by Jonathan Bedard

4 edits in trunk/Tools

[webkitscmpy] Refactor PR branch management (Follow-up fix)
https://bugs.webkit.org/show_bug.cgi?id=230432
<rdar://problem/83258413>

Reviewed by Stephanie Lewis.

When we are uploading a change that includes multiple commits,
the second commit will be on the same branch as the first, but that
branch will be editable. We should not declare that "no commits
have been found on an editable branch," because that's not true.

Scripts/libraries/webkitscmpy/setup.py: Bump version.
Scripts/libraries/webkitscmpy/webkitscmpy/init.py: Ditto.
Scripts/libraries/webkitscmpy/webkitscmpy/program/branch.py:

(Branch.branch_point): Log the found commit for branches with multiple commits.

12:13 PM Changeset in webkit [284262] by aakash_jain@apple.com

2 edits in trunk/Tools

Make submit to ews error messages readable
https://bugs.webkit.org/show_bug.cgi?id=231824

Reviewed by Ryan Haddad.

CISupport/ews-app/ews/views/submittoews.py:

(SubmitToEWS.post):

12:12 PM Changeset in webkit [284261] by Wenson Hsieh

5 edits in trunk

REGRESSION (r284079): [Debug] IPCTestingAPI.CanReceiveSharedMemory is timing out
https://bugs.webkit.org/show_bug.cgi?id=231701
<rdar://problem/84219000>

Reviewed by Tim Horton.

Source/WebKit:

Implement two new methods on JSIPCStreamClientConnection: sendMessage() and sendSyncMessage(), which can be
used to send IPC messages through the IPC stream client connection. To do this, we match the existing methods of
the same names on JSIPC by creating a message encoder and sending it over the stream connection's IPC
connection, effectively treating all IPC messages as out-of-line.

In the future, this should be changed so that we only try to send out-of-line messages if the message itself is
not stream encodable; for the time being, this at least allows us to fix the failing API test, and still makes
it possible to test sending arbitrary IPC through the connection stream, such that we'll be able to exercise
WebGL and display list IPC via these special JS IPC bindings.

Platform/IPC/StreamClientConnection.h:
WebProcess/WebPage/IPCTestingAPI.cpp:

Declare several static helper functions near the top of this source file, so that we can use them in
JSIPCStreamClientConnection below.

(WebKit::IPCTestingAPI::JSIPCStreamClientConnection::create):
(WebKit::IPCTestingAPI::JSIPCStreamClientConnection::JSIPCStreamClientConnection):
(WebKit::IPCTestingAPI::JSIPCStreamClientConnection::staticFunctions):

Drive-by fix: make the pointer from JSIPCStreamConnectionBuffer to JSIPCStreamClientConnection a WeakPtr, to
prevent the stream connection buffer from keeping the client connection alive for longer than necessary. The
JSIPCStreamConnectionBuffer is always intended to be outlived by JSIPCStreamClientConnection when using JS IPC.

(WebKit::IPCTestingAPI::extractIPCStreamMessageInfo):

Pull logic for extracting a destination ID, message name, and IPC timeout into a common helper method.

(WebKit::IPCTestingAPI::JSIPCStreamClientConnection::prepareToSendOutOfStreamMessage):

Add a helper method that encodes the given message and prepares the stream connection for sending this as an
out-of-stream message by setting the destination ID (if needed) and appending the ProcessOutOfStreamMessage
message to indicate that the recipient should expect an out-of-stream message.

(WebKit::IPCTestingAPI::JSIPCStreamClientConnection::sendMessage):
(WebKit::IPCTestingAPI::JSIPCStreamClientConnection::sendSyncMessage):
(WebKit::IPCTestingAPI::JSIPC::createStreamClientConnection):

Tools:

Fix the failing API test by using the new sendSyncMessage() method on JSIPCStreamClientConnection to send
the "RemoteRenderingBackend::UpdateSharedMemoryForGetPixelBuffer" stream message and decode the result into a
buffer of shared memory.

TestWebKitAPI/Tests/WebKitCocoa/IPCTestingAPI.mm:

(TEST):

12:10 PM Changeset in webkit [284260] by commit-queue@webkit.org

6 edits
4 deletes in trunk

Unreviewed, reverting r284244.
https://bugs.webkit.org/show_bug.cgi?id=231813

Introduced

Reverted changeset:

"AX: Return AXEmptyGroup subrole for groups with no accessible
content"
https://bugs.webkit.org/show_bug.cgi?id=231528
https://commits.webkit.org/r284244

12:08 PM Changeset in webkit [284259] by mmaxfield@apple.com

2 edits in trunk/Source/WTF

[Cocoa] Design System UI fonts exist on MacCatalyst
https://bugs.webkit.org/show_bug.cgi?id=231792
<rdar://problem/84273929>

Reviewed by Wenson Hsieh.

They shouldn't be disabled there.

wtf/PlatformHave.h:

11:45 AM Changeset in webkit [284258] by Russell Epstein

2 edits in branches/safari-612-branch/Source/WebKit

Cherry-pick r283846. rdar://problem/84117092

Fix crash in NetworkProcess preconnect due to dereferencing deallocated session
https://bugs.webkit.org/show_bug.cgi?id=231456
<rdar://problem/83752148>

Reviewed by Chris Dumez.

We capture a raw NetworkSession reference in the preconnect completion handler. This
reference could point to a deallocated object if the NetworkSession dies before the
preconnect finishes.

NetworkProcess/NetworkProcess.cpp: (WebKit::NetworkProcess::preconnectTo):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@283846 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:31 AM Changeset in webkit [284257] by Ayumi Kojima

2 edits in trunk/LayoutTests

[ iOS ] http/tests/workers/service/client-removed-from-clients-while-in-page-cache.html is a flaky timeout.
https://bugs.webkit.org/show_bug.cgi?id=230376

Unreviewed test gardening.

platform/ios-wk2/TestExpectations: Removed test expectations

11:23 AM Changeset in webkit [284256] by Ayumi Kojima

2 edits in trunk/LayoutTests

[ iOS ] http/wpt/webaudio/the-audio-api/the-audioworklet-interface/context-already-rendering.html is flaky.
https://bugs.webkit.org/show_bug.cgi?id=230421

Unreviewed test gardening.

platform/ios-wk2/TestExpectations: Removed test expectations

10:40 AM Changeset in webkit [284255] by commit-queue@webkit.org

13 edits in trunk/Source/JavaScriptCore

[JSC][32bit] Fix CSR restore on DFG tail calls, add extra register on ARMv7
https://bugs.webkit.org/show_bug.cgi?id=230622

Patch by Geza Lore <Geza Lore> on 2021-10-15
Reviewed by Saam Barati.

This patch does two things:

Adds an extra callee save register (CSR) to be available to DFG on

ARMv7. To do this properly required the following:

Implements the necessary shuffling in CallFrameShuffler on 32-bit

architectures that is required to restore CSRs properly after a tail
call on these architectures. This also fixes the remaining failures in
the 32-bit build of the unlinked baseline JIT.

bytecode/ValueRecovery.cpp:

(JSC::ValueRecovery::dumpInContext const):

bytecode/ValueRecovery.h:

(JSC::ValueRecovery::calleeSaveRegDisplacedInJSStack):
(JSC::ValueRecovery::isInJSStack const):
(JSC::ValueRecovery::dataFormat const):
(JSC::ValueRecovery::withLocalsOffset const):

dfg/DFGSpeculativeJIT32_64.cpp:

(JSC::DFG::SpeculativeJIT::emitCall):

jit/CachedRecovery.cpp:

(JSC::CachedRecovery::loadsIntoGPR const):

jit/CallFrameShuffleData.cpp:

(JSC::CallFrameShuffleData::setupCalleeSaveRegisters):

jit/CallFrameShuffleData.h:
jit/CallFrameShuffler.cpp:

(JSC::CallFrameShuffler::CallFrameShuffler):

jit/CallFrameShuffler.h:

(JSC::CallFrameShuffler::snapshot const):
(JSC::CallFrameShuffler::addNew):

jit/CallFrameShuffler32_64.cpp:

(JSC::CallFrameShuffler::emitLoad):
(JSC::CallFrameShuffler::emitDisplace):

jit/GPRInfo.h:

(JSC::GPRInfo::toRegister):
(JSC::GPRInfo::toIndex):

jit/RegisterSet.cpp:

(JSC::RegisterSet::dfgCalleeSaveRegisters):

llint/LowLevelInterpreter32_64.asm:

10:39 AM Changeset in webkit [284254] by Kate Cheney

97 edits
5 adds in trunk

CSP: Implement src-elem and src-attr directives
https://bugs.webkit.org/show_bug.cgi?id=231751
<rdar://problem/83332874>

Reviewed by Brent Fulgham.

LayoutTests/imported/w3c:

web-platform-tests/content-security-policy/child-src/child-src-blocked.sub-expected.txt:
web-platform-tests/content-security-policy/child-src/child-src-redirect-blocked.sub-expected.txt:
web-platform-tests/content-security-policy/default-src-inline-blocked.sub-expected.txt: Added.
web-platform-tests/content-security-policy/default-src/default-src-inline-blocked.sub-expected.txt:
web-platform-tests/content-security-policy/generic/generic-0_1-img-src-expected.txt:
web-platform-tests/content-security-policy/generic/generic-0_1-script-src-expected.txt:
web-platform-tests/content-security-policy/meta/combine-header-and-meta-policies.sub-expected.txt:
web-platform-tests/content-security-policy/navigation/javascript-url-navigation-inherits-csp-expected.txt:
web-platform-tests/content-security-policy/navigation/to-javascript-parent-initiated-parent-csp-expected.txt:
web-platform-tests/content-security-policy/reporting/report-uri-effective-directive-expected.txt:
web-platform-tests/content-security-policy/script-src-attr-elem/script-src-attr-allowed-src-blocked-expected.txt:
web-platform-tests/content-security-policy/script-src-attr-elem/script-src-attr-blocked-src-allowed-expected.txt:
web-platform-tests/content-security-policy/script-src-attr-elem/script-src-elem-allowed-attr-blocked-expected.txt:
web-platform-tests/content-security-policy/script-src-attr-elem/script-src-elem-allowed-src-blocked-expected.txt:
web-platform-tests/content-security-policy/script-src-attr-elem/script-src-elem-blocked-attr-allowed-expected.txt:
web-platform-tests/content-security-policy/script-src-attr-elem/script-src-elem-blocked-src-allowed-expected.txt:
web-platform-tests/content-security-policy/script-src/injected-inline-script-blocked.sub-expected.txt:
web-platform-tests/content-security-policy/script-src/script-src-1_1-expected.txt:
web-platform-tests/content-security-policy/script-src/script-src-1_10-expected.txt:
web-platform-tests/content-security-policy/script-src/script-src-1_2-expected.txt:
web-platform-tests/content-security-policy/script-src/script-src-1_2_1-expected.txt:
web-platform-tests/content-security-policy/script-src/script-src-report-only-policy-works-with-hash-policy-expected.txt:
web-platform-tests/content-security-policy/script-src/scriptnonce-and-scripthash.sub-expected.txt:
web-platform-tests/content-security-policy/script-src/scriptnonce-basic-blocked.sub-expected.txt:
web-platform-tests/content-security-policy/script-src/scriptnonce-ignore-unsafeinline.sub-expected.txt:
web-platform-tests/content-security-policy/script-src/srcdoc-doesnt-bypass-script-src.sub-expected.txt:
web-platform-tests/content-security-policy/style-src-attr-elem/style-src-attr-allowed-src-blocked-expected.txt:
web-platform-tests/content-security-policy/style-src-attr-elem/style-src-attr-blocked-src-allowed-expected.txt:
web-platform-tests/content-security-policy/style-src-attr-elem/style-src-elem-allowed-attr-blocked-expected.txt:
web-platform-tests/content-security-policy/style-src-attr-elem/style-src-elem-allowed-src-blocked-expected.txt:
web-platform-tests/content-security-policy/style-src-attr-elem/style-src-elem-blocked-attr-allowed-expected.txt:
web-platform-tests/content-security-policy/style-src-attr-elem/style-src-elem-blocked-src-allowed-expected.txt:
web-platform-tests/content-security-policy/style-src/injected-inline-script-blocked.sub-expected.txt: Added.
web-platform-tests/content-security-policy/style-src/injected-inline-style-blocked.sub-expected.txt:
web-platform-tests/content-security-policy/style-src/inline-style-allowed-while-cloning-objects.sub-expected.txt:
web-platform-tests/content-security-policy/style-src/inline-style-attribute-blocked-expected.txt: Added.
web-platform-tests/content-security-policy/style-src/inline-style-attribute-blocked.sub-expected.txt:
web-platform-tests/content-security-policy/style-src/style-src-hash-blocked-expected.txt:
web-platform-tests/content-security-policy/style-src/style-src-injected-inline-style-blocked-expected.txt:
web-platform-tests/content-security-policy/style-src/style-src-inline-style-attribute-blocked-expected.txt:
web-platform-tests/content-security-policy/style-src/style-src-inline-style-blocked-expected.txt:
web-platform-tests/content-security-policy/style-src/style-src-inline-style-nonce-blocked-expected.txt:
web-platform-tests/content-security-policy/style-src/stylehash-basic-blocked.sub-expected.txt:
web-platform-tests/content-security-policy/style-src/stylenonce-allowed.sub-expected.txt:
web-platform-tests/content-security-policy/style-src/stylenonce-blocked.sub-expected.txt:
web-platform-tests/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-href-expected.txt:
web-platform-tests/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-href_blank-expected.txt:
web-platform-tests/content-security-policy/unsafe-hashes/javascript_src_denied_missing_unsafe_hashes-window_open-expected.txt:
web-platform-tests/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-href-expected.txt:
web-platform-tests/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-href_blank-expected.txt:
web-platform-tests/content-security-policy/unsafe-hashes/javascript_src_denied_wrong_hash-window_open-expected.txt:
web-platform-tests/content-security-policy/unsafe-hashes/script_event_handlers_denied_missing_unsafe_hashes-expected.txt:
web-platform-tests/content-security-policy/unsafe-hashes/script_event_handlers_denied_wrong_hash-expected.txt:
web-platform-tests/content-security-policy/unsafe-hashes/style_attribute_denied_missing_unsafe_hashes-expected.txt:
web-platform-tests/content-security-policy/unsafe-hashes/style_attribute_denied_wrong_hash-expected.txt:
web-platform-tests/content-security-policy/blob/blob-urls-do-not-match-self.sub-expected.txt:
web-platform-tests/content-security-policy/generic/generic-0_10_1.sub-expected.txt:
web-platform-tests/content-security-policy/generic/generic-0_2_2.sub-expected.txt:
web-platform-tests/content-security-policy/generic/generic-0_2_3-expected.txt:
web-platform-tests/content-security-policy/script-src/script-src-report-only-policy-works-with-external-hash-policy-expected.txt:
web-platform-tests/content-security-policy/style-src/style-blocked.sub-expected.txt:
web-platform-tests/content-security-policy/style-src/style-src-imported-style-blocked-expected.txt:
web-platform-tests/content-security-policy/style-src/style-src-injected-stylesheet-blocked.sub-expected.txt:
web-platform-tests/content-security-policy/style-src/style-src-none-blocked-expected.txt:
web-platform-tests/content-security-policy/style-src/style-src-stylesheet-nonce-blocked-expected.txt:
web-platform-tests/content-security-policy/svg/svg-inline.sub-expected.txt:

Source/WebCore:

Implement script-src-elem, script-src-attr, style-src-elem, and
style-src-attr directives. *-elem directives specify load policy for
<script> and <style> elements. *-attr directives specify load policy
for inline event handlers or inline style applied to individual DOM elements.

To match behavior of wpt tests and other browsers, we should report
the violated directive as accurately as possible even if a more
general directive was specified in the policy. For example, reporting
the violated directive as script-src even if default-src was
specified, and script-src-elem even if only script-src was specified.
To do this I added a nameForReporting() method in the
ContentSecurityPolicySourceListDirective class that gets set when we
check the load for violations.

Console messages should not change, in fact, we should consider making
them more specific in the future.

page/csp/ContentSecurityPolicy.cpp:

(WebCore::ContentSecurityPolicy::allowJavaScriptURLs const):
(WebCore::ContentSecurityPolicy::allowInlineEventHandlers const):
(WebCore::ContentSecurityPolicy::allowInlineScript const):
(WebCore::ContentSecurityPolicy::allowInlineStyle const):
We can reuse the check for unsafe hashes to determine if we should
report a style-src-elem or style-src-attr violation.

(WebCore::ContentSecurityPolicy::reportViolation const):

page/csp/ContentSecurityPolicyDirective.cpp:

(WebCore::ContentSecurityPolicyDirective::~ContentSecurityPolicyDirective):
Need a destructor now that we have virtual functions.

page/csp/ContentSecurityPolicyDirective.h:

(WebCore::ContentSecurityPolicyDirective::nameForReporting const):

page/csp/ContentSecurityPolicyDirectiveList.cpp:

(WebCore::ContentSecurityPolicyDirectiveList::create):
unsafe-eval should still have script-src as a violated directive.

(WebCore::ContentSecurityPolicyDirectiveList::operativeDirective const):
(WebCore::ContentSecurityPolicyDirectiveList::operativeDirectiveScript const):
(WebCore::ContentSecurityPolicyDirectiveList::operativeDirectiveStyle const):
elem/attr directives fall back to their respective general directives
if the more specific ones do not exist.

(WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForUnsafeEval const):
(WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForUnsafeHashScript const):
(WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForUnsafeHashStyle const):
(WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForParserInsertedScript const):
(WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForUnsafeInlineScriptElement const):
(WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForUnsafeInlineScriptAttribute const):
(WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForUnsafeInlineStyleElement const):
(WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForUnsafeInlineStyleAttribute const):
(WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForScriptHash const):
(WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForStyleHash const):
(WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForScriptNonce const):
(WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForStyleNonce const):
(WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForChildContext const):
(WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForConnectSource const):
(WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForFont const):
(WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForFrame const):
(WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForImage const):
(WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForManifest const):
(WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForMedia const):
(WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForObjectSource const):
(WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForScript const):
(WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForStyle const):
(WebCore::ContentSecurityPolicyDirectiveList::addDirective):
(WebCore::ContentSecurityPolicyDirectiveList::strictDynamicIncluded):
(WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForUnsafeInlineScript const): Deleted.
(WebCore::ContentSecurityPolicyDirectiveList::violatedDirectiveForUnsafeInlineStyle const): Deleted.

page/csp/ContentSecurityPolicyDirectiveList.h:
page/csp/ContentSecurityPolicyDirectiveNames.cpp:
page/csp/ContentSecurityPolicyDirectiveNames.h:
page/csp/ContentSecurityPolicySourceListDirective.h:

(WebCore::ContentSecurityPolicySourceListDirective::setNameForReporting):

LayoutTests:

http/tests/security/contentSecurityPolicy/1.1/report-uri-effective-directive-expected.txt:
http/tests/security/contentSecurityPolicy/1.1/script-blocked-sends-multiple-reports-expected.txt:
http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-enforced-policy-and-blocked-by-report-policy-expected.txt:
http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-enforced-policy-and-blocked-by-report-policy2-expected.txt:
http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy-expected.txt:
http/tests/security/contentSecurityPolicy/1.1/scripthash-allowed-by-legacy-enforced-policy-and-blocked-by-report-policy2-expected.txt:
http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-enforced-policy-and-allowed-by-report-policy-expected.txt:
http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy-expected.txt:
http/tests/security/contentSecurityPolicy/1.1/scripthash-blocked-by-legacy-enforced-policy-and-blocked-by-report-policy2-expected.txt:
http/tests/security/contentSecurityPolicy/1.1/scriptnonce-blocked-by-enforced-policy-and-allowed-by-report-policy-expected.txt:
http/tests/security/contentSecurityPolicy/1.1/securityviolationpolicy-block-frame-using-child-src-expected.txt:
http/tests/security/contentSecurityPolicy/1.1/securityviolationpolicy-block-frame-using-default-src-expected.txt:

These should both be reproting frame-src as the violated directive,
confirmed this behavior against Chrome.

http/tests/security/contentSecurityPolicy/report-and-enforce-expected.txt:
http/tests/security/contentSecurityPolicy/report-only-expected.txt:
http/tests/security/contentSecurityPolicy/report-only-from-header-expected.txt:
http/tests/security/contentSecurityPolicy/report-only-upgrade-insecure-expected.txt:
http/tests/security/contentSecurityPolicy/report-status-code-zero-when-using-https-expected.txt:
http/tests/security/contentSecurityPolicy/report-uri-expected.txt:
http/tests/security/contentSecurityPolicy/report-uri-from-child-frame-expected.txt:
http/tests/security/contentSecurityPolicy/report-uri-scheme-relative-expected.txt:

10:34 AM Changeset in webkit [284253] by Ayumi Kojima

2 edits in trunk/LayoutTests

[ iOS Catalina ] imported/w3c/web-platform-tests/css/css-transforms/crashtests/transform-marquee-resize-div-image-001.html is a flaky failure.
https://bugs.webkit.org/show_bug.cgi?id=231816

Unreviewed test gardning.

platform/ios-wk2/TestExpectations:

10:33 AM Changeset in webkit [284252] by Brent Fulgham

4 edits in trunk/Source/WebKit

[macOS] Update sandboxes to support finer-grained XPC services in the media stack
https://bugs.webkit.org/show_bug.cgi?id=231782
<rdar://problem/84275671>

Reviewed by Eric Carlson.

CoreMedia is refactoring to limit the features accessible through a given XPC service.
We need to add an additional service name. This new name just exposes features already
exposed through other XPC endpoints we already allow.

GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in: Always allow access to the new service.
UIProcess/WebPageProxy.cpp:

(WebKit::mediaRelatedMachServices): Updated for new service name.

WebProcess/com.apple.WebProcess.sb.in: Conditionally consume the new extension

if the GPU process is turned off.

9:43 AM Changeset in webkit [284251] by Kate Cheney

2 edits in trunk/Source/WebKit

Unreviewed maccatalyst build fix.

GPUProcess/cocoa/GPUConnectionToWebProcessCocoa.mm:

(WebKit::GPUConnectionToWebProcess::setTCCIdentity):

9:14 AM Changeset in webkit [284250] by achristensen@apple.com

2 edits in trunk/Source/WebKit

Explicitly link webpushd with Foundation and CoreFoundation
https://bugs.webkit.org/show_bug.cgi?id=231808
<rdar://84302128>

Reviewed by Brady Eidson.

There is a build environment where the linker can't find a bunch of symbols from Foundation and CoreFoundation.
This should fix that build.

Configurations/webpushd.xcconfig:

8:50 AM Changeset in webkit [284249] by pvollan@apple.com

2 edits in trunk/Source/WebKit

[iOS][GPUP] Block access to Launch Services Database service
https://bugs.webkit.org/show_bug.cgi?id=231504
<rdar://problem/84091679>

Reviewed by Brent Fulgham.

After <https://commits.webkit.org/242382@main>, access to this service is no longer required.

Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb:

8:47 AM Changeset in webkit [284248] by Wenson Hsieh

2 edits in trunk/Source/WebKit

Unreviewed, revert an unintentional sandbox change in r284079

I accidentally included the below change as a part of r284079, since it was necessary in order to avoid several
layout test failures on macOS Monterey:

fast/canvas/toDataURL-supportedTypes.html
fast/canvas/canvas-blending-image-over-image.html
fast/canvas/canvas-blending-image-over-gradient.html
fast/canvas/canvas-blending-image-over-color.html
fast/canvas/toDataURL-not-empty.html

...but forgot to revert this change when landing the final patch.

GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in:

8:25 AM Changeset in webkit [284247] by Simon Fraser

3 edits
2 adds in trunk

REGRESSION (r276370): Elements with animated transform property might not properly rendered
https://bugs.webkit.org/show_bug.cgi?id=230753

Reviewed by Myles C. Maxfield.

Source/WebCore:

The change in r276370 was incorrect, resulting in the geometry map being used when
an element had a transform and transform-style: preserves-3d.

Fix by going back to testing for the presence of the various transform properties which
affect geometry. hasTransformRelatedProperty() is still useful as a fast bit-check.

Test: fast/repaint/transform-preserve-3d-repaint.html

rendering/RenderGeometryMap.cpp:

(WebCore::canMapBetweenRenderersViaLayers):

LayoutTests:

fast/repaint/transform-preserve-3d-repaint-expected.txt: Added.
fast/repaint/transform-preserve-3d-repaint.html: Added.

8:13 AM Changeset in webkit [284246] by commit-queue@webkit.org

5 edits
2 adds in trunk

AX: role="math" elements are no longer considered to have presentational children
https://bugs.webkit.org/show_bug.cgi?id=231756

Patch by Tyler Wilcock <Tyler Wilcock> on 2021-10-15
Reviewed by Chris Fleizach and Darin Adler.

Source/WebCore:

As of WAI-ARIA 1.2, role="math" elements are no longer considered to
have presentational children.

Test: accessibility/math-has-non-presentational-children.html

accessibility/AccessibilityNodeObject.cpp:

(WebCore::AccessibilityNodeObject::canHaveChildren const):
Allow AccessibilityRole::DocumentMath elements to have children.

LayoutTests:

accessibility/math-has-non-presentational-children-expected.txt: Added.
accessibility/math-has-non-presentational-children.html: Added.

accessibility/presentational-children-expected.txt:
accessibility/presentational-children.html:

Remove the role="math" element from this test because as of WAI-ARIA
1.2 role="math" is no longer considered to have presentational children.
Also change this test to ensure role="meter" elements are considered to
have presentational children because that testcase was missing.

8:10 AM WebKitGTK/2.34.x edited by Michael Catanzaro

(diff)

8:09 AM WebKitGTK/2.32.x edited by Michael Catanzaro

(diff)

7:35 AM Changeset in webkit [284245] by commit-queue@webkit.org

4 edits
2 adds in trunk

AX: WebKit should not expose redundant AXGroups with missing role when the label is the same as the contents
https://bugs.webkit.org/show_bug.cgi?id=169924

Patch by Tyler Wilcock <Tyler Wilcock> on 2021-10-15
Reviewed by Andres Gonzalez.

Source/WebCore:

Don't expose groups with redundant accessibility text on the Mac.
Here's an example of one such group:

This group is not useful to accessibility clients. Instead, we
expose the text contents directly.

Test: accessibility/ignore-redundant-accessibility-text-groups.html

accessibility/AccessibilityRenderObject.cpp:

(WebCore::AccessibilityRenderObject::textUnderElement const):
Instead of asserting when we try to get the text of an element in a
document that needs a style update, return an empty string.

accessibility/mac/AccessibilityObjectMac.mm:

(WebCore::shouldIgnoreGroup): Added.
(WebCore::AccessibilityObject::accessibilityPlatformIncludesObject const):

LayoutTests:

Add a test ensuring WebKit appropriately does and doesn't expose
groups with redundant accessibility text.

accessibility/mac/ignore-redundant-accessibility-text-groups-expected.txt: Added.
accessibility/mac/ignore-redundant-accessibility-text-groups.html: Added.

7:32 AM Changeset in webkit [284244] by commit-queue@webkit.org

6 edits
4 adds in trunk

AX: Return AXEmptyGroup subrole for groups with no accessible content
https://bugs.webkit.org/show_bug.cgi?id=231528

Patch by Tyler Wilcock <Tyler Wilcock> on 2021-10-15
Reviewed by Andres Gonzalez.

Source/WebCore:

Return a subrole of "AXEmptyGroup" for groups without any exposed
children. WebKit can calculate this more efficiently than AX clients,
so it makes more sense to do here.

Test: accessibility/mac/empty-group-computation.html

accessibility/mac/WebAccessibilityObjectWrapperMac.mm:

(-[WebAccessibilityObjectWrapper subrole]):

LayoutTests:

accessibility/mac/aria-divs-not-ignored-expected.txt:
accessibility/mac/aria-divs-not-ignored.html:

Expect a subrole of AXEmptyGroup because this group has no content.

accessibility/mac/empty-group-computation-expected.txt: Added.
accessibility/mac/empty-group-computation.html: Added.

platform/mac/accessibility/lists-expected.txt: Added.
platform/mac/accessibility/plugin-expected.txt: Added.

Add these Mac-specific expectations for these tests because this patch
only causes Mac to expose the AXEmptyGroup subrole.

platform/mac/accessibility/svg-element-with-aria-role-expected.txt:

Add an expected subrole of AXEmptyGroup.

7:01 AM Changeset in webkit [284243] by Andres Gonzalez

2 edits in trunk

Change Andres Gonzalez status to reviewer.
https://bugs.webkit.org/show_bug.cgi?id=231738

Reviewed by Chris Fleizach.

metadata/contributors.json:

6:33 AM Changeset in webkit [284242] by Alan Bujtas

3 edits
2 adds in trunk

[LFC][IFC] Do not break the word-wrap: break-word content on inline box boundary
https://bugs.webkit.org/show_bug.cgi?id=231761

Reviewed by Antti Koivisto.

Source/WebCore:

When the text content is breakable at arbitrary position and it is not the overflowing content (the overflowing content is not breakable)
we just return the text run as the trailing run as it surely fits e.g.

<span style="word-wrap: break-word">this_content_is_breakable</span>and_this_content_overflows

There's no soft wrapping opportunity between the two text runs (they form a continuous set)
The trailing run overflow but can't be split

we go backwards on the set to find a breakable one. In this case the first text run is breakable (see CSS property) and
since we know it fits the line we just simply declare the end of the run as the breaking position.
However we should try to keep the runs and their adjacent inline box boundary runs together and instead find the end of the </span> as
the breaking position. It's mostly noticeable when the inline box has some visual decoration e.g. border.

Test: fast/inline/wordbreak-at-inline-box-boundary.html

layout/formattingContexts/inline/InlineContentBreaker.cpp:

(WebCore::Layout::InlineContentBreaker::tryBreakingTextRun const):
(WebCore::Layout::InlineContentBreaker::tryBreakingPreviousNonOverflowingRuns const):

LayoutTests:

fast/inline/wordbreak-at-inline-box-boundary-expected.html: Added.
fast/inline/wordbreak-at-inline-box-boundary.html: Added.

3:24 AM Changeset in webkit [284241] by Alexey Shvayka

14 edits in trunk

[WebIDL] JSDOMBuiltinConstructor instances should support subclassing
https://bugs.webkit.org/show_bug.cgi?id=231689

Reviewed by Youenn Fablet.

LayoutTests/imported/w3c:

web-platform-tests/streams/queuing-strategies.any-expected.txt:
web-platform-tests/streams/queuing-strategies.any.worker-expected.txt:
web-platform-tests/streams/readable-streams/general.any-expected.txt:
web-platform-tests/streams/readable-streams/general.any.worker-expected.txt:
web-platform-tests/streams/transform-streams/general.any-expected.txt:
web-platform-tests/streams/transform-streams/general.any.worker-expected.txt:

Source/WebCore:

This patch:

Removes JSDOMObjectInspector and related conditional createJSObject() / callConstructor() overloads: they aren't necessary because code generator guarantees that built-in constructors are called only on JSDOMObjectInspector<JSClass>::isBuiltin objects.

Implements proper subclassing [1] for built-in constructors, ensuring exception checking and rare cases are kept off the fast path. For simplicity and consistency with JSC built-ins and setSubclassStructureIfNeeded(), getFunctionRealm() is called before "prototype" lookup, which is non-observable.

Further improves constructor's fast path by replacing slowish argument-copying callFunctionWithCurrentArguments() with ArgList(CallFrame*) constructor.

[1] https://webidl.spec.whatwg.org/#internally-create-a-new-object-implementing-the-interface (step 3)

Tests: imported/w3c/web-platform-tests/streams/queuing-strategies.any.js

imported/w3c/web-platform-tests/streams/readable-streams/general.any.js
imported/w3c/web-platform-tests/streams/transform-streams/general.any.js

bindings/js/JSDOMBuiltinConstructor.h:

(WebCore::JSDOMBuiltinConstructor<JSClass>::getDOMStructureForJSObject):
(WebCore::JSDOMBuiltinConstructor<JSClass>::construct):
(WebCore::JSDOMBuiltinConstructor<JSClass>::callConstructor): Deleted.
(WebCore::createJSObject): Deleted.

bindings/js/JSDOMBuiltinConstructorBase.cpp:

(WebCore::JSDOMBuiltinConstructorBase::callFunctionWithCurrentArguments): Deleted.

bindings/js/JSDOMBuiltinConstructorBase.h:
bindings/js/JSDOMWrapper.h:
bindings/scripts/CodeGeneratorJS.pm:

(AddJSBuiltinIncludesIfNeeded):
Removes [JSBuiltin] check because it's superseded by HasJSBuiltinConstructor helper.

bindings/scripts/IDLAttributes.json:

Removes unused [JSBuiltinConstructor] extended attribute:
[JSBuiltin] on constructor() or interface should be used instead.

2:26 AM Changeset in webkit [284240] by beidson@apple.com

16 edits
2 copies
1 add in trunk/Source

WebKit Managed Notifications: Skeleton NotificationProvider.
<rdar://84275562> and https://bugs.webkit.org/show_bug.cgi?id=231786

Reviewed by Alex Christensen.

Source/WebKit:

No new tests (No behavior change yet)

Currently WebNotificationManagerProxy manages dispatching out stuff to the NotificationProvider SPI
that - for example - Safari on Mac implements.

The interface between the ManagerProxy and the Provider is already the perfect way to add an alternative behavior.

This introduces the skeleton class of an alternative NotificationProvider that will eventually implement
WebKit-managed notifications.

While under development it will have a global runtime switch so we can A/B test between the client-managed and
WebKit-managed notifications. That switch would eventually be replaced by full compile-time behavior which would
be decided by a shipping vendor.

Note: This patch enables the new flag BUILT_IN_NOTIFICATIONS to get the new mechanisms building, but that flag by
itself doesn't expose Notifications interfaces in WebCore.
That will still require enabling NOTIFICATIONS separately.

SourcesCocoa.txt:
UIProcess/API/APINotificationProvider.h:

(API::NotificationProvider::isClientReplaceable const): A temporary mechanism to prevent API clients from overriding

the built-in NotificationProvider if the feature is enabled. Useful right now because existing Safari does that with existing SPI.

UIProcess/API/APIUIClient.h:

(API::UIClient::decidePolicyForNotificationPermissionRequest):

UIProcess/API/Cocoa/WKUIDelegatePrivate.h:

UIProcess/Cocoa/UIDelegate.h:
UIProcess/Cocoa/UIDelegate.mm:

(WebKit::UIDelegate::setDelegate):
(WebKit::UIDelegate::UIClient::decidePolicyForNotificationPermissionRequest):

UIProcess/Notifications/Cocoa/WebNotificationProviderCocoa.h: Copied from Source/WebKit/UIProcess/API/APINotificationProvider.h.
UIProcess/Notifications/Cocoa/WebNotificationProviderCocoa.mm: Added.

(WebKit::WebNotificationProviderCocoa::createIfEnabled):
(WebKit::WebNotificationProviderCocoa::WebNotificationProviderCocoa):
(WebKit::WebNotificationProviderCocoa::show):
(WebKit::WebNotificationProviderCocoa::cancel):
(WebKit::WebNotificationProviderCocoa::didDestroyNotification):
(WebKit::WebNotificationProviderCocoa::clearNotifications):
(WebKit::WebNotificationProviderCocoa::addNotificationManager):
(WebKit::WebNotificationProviderCocoa::removeNotificationManager):
(WebKit::WebNotificationProviderCocoa::notificationPermissions):

UIProcess/Notifications/WebNotificationManagerProxy.cpp:

(WebKit::WebNotificationManagerProxy::WebNotificationManagerProxy):
(WebKit::WebNotificationManagerProxy::setProvider):

Fix changes to the Unified Build:

UIProcess/ios/WKHoverPlatter.h:
UIProcess/ios/WKHoverPlatter.mm:
WebKit.xcodeproj/project.pbxproj:

Source/WebKitLegacy/mac:

WebCoreSupport/WebNotificationClient.mm:

(-[WebNotificationPolicyListener NO_RETURN_DUE_TO_ASSERT]):
(-[WebNotificationPolicyListener denyOnlyThisRequest]): Deleted.

Source/WTF:

Scripts/Preferences/WebPreferencesDebug.yaml:
wtf/PlatformEnableCocoa.h:

2:03 AM Changeset in webkit [284239] by commit-queue@webkit.org

3 edits in trunk/Source/WebCore

[WPE][GTK] Update user agent browser versions
https://bugs.webkit.org/show_bug.cgi?id=231772

Patch by Michael Catanzaro <Michael Catanzaro> on 2021-10-15
Reviewed by Carlos Garcia Campos.

platform/UserAgentQuirks.cpp:

(WebCore::UserAgentQuirks::stringForQuirk):

platform/glib/UserAgentGLib.cpp:

(WebCore::buildUserAgentString):

1:42 AM Changeset in webkit [284238] by Carlos Garcia Campos

3 edits in trunk

Unreviewed. Fix GTK build with ubuntu 18.04

GLib version bump in r284152 was too high for ubuntu 18.04 even though it followed our dependencies policy.

Source/cmake/OptionsGTK.cmake:
Source/cmake/OptionsWPE.cmake:

12:35 AM Changeset in webkit [284237] by rmorisset@apple.com

91 edits
3 deletes in trunk

Revert r284230, my last fixes to the watch build make it break tests
https://bugs.webkit.org/show_bug.cgi?id=231797

Unreviewed.

JSTests:

stress/big-wasm-memory-grow-no-max.js:

(test):

stress/big-wasm-memory-grow.js:

(test):

stress/big-wasm-memory.js:

(test):

stress/typed-array-always-large.js: Removed.

(getArrayLength): Deleted.
(getByVal): Deleted.
(putByVal): Deleted.
(test): Deleted.

stress/typed-array-eventually-large.js: Removed.

(getArrayLength): Deleted.
(getByVal): Deleted.
(putByVal): Deleted.
(test): Deleted.

stress/typed-array-large-eventually-oob.js: Removed.

(getArrayLength): Deleted.
(getByVal): Deleted.
(putByVal): Deleted.
(test): Deleted.

wasm/regress/wasm-memory-requested-more-than-MAX_ARRAY_BUFFER_SIZE-2.js:
wasm/regress/wasm-memory-requested-more-than-MAX_ARRAY_BUFFER_SIZE.js:

Source/JavaScriptCore:

Revert "Allow WASM to use up to 4GB"

assembler/AbstractMacroAssembler.cpp:
assembler/AbstractMacroAssembler.h:

assembler/MacroAssembler.h:

(JSC::MacroAssembler::and64):
(JSC::MacroAssembler::branch64): Deleted.

assembler/MacroAssemblerARM64.h:

(JSC::MacroAssemblerARM64::shouldBlindForSpecificArch):

assembler/MacroAssemblerARM64E.h:

(JSC::MacroAssemblerARM64E::untagArrayPtrLength32):
(JSC::MacroAssemblerARM64E::untagArrayPtrLength64): Deleted.

assembler/MacroAssemblerX86Common.h:

(JSC::MacroAssemblerX86Common::canBlind):
(JSC::MacroAssemblerX86Common::shouldBlindForSpecificArch):

bytecode/AccessCase.cpp:

(JSC::AccessCase::needsScratchFPR const):
(JSC::AccessCase::generateWithGuard):

bytecode/ArrayProfile.h:

(JSC::UnlinkedArrayProfile::update):
(JSC::ArrayProfile::setMayBeLargeTypedArray): Deleted.
(JSC::ArrayProfile::mayBeLargeTypedArray const): Deleted.
(JSC::UnlinkedArrayProfile::UnlinkedArrayProfile): Deleted.

dfg/DFGAbstractInterpreterInlines.h:

(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):

dfg/DFGArgumentsEliminationPhase.cpp:
dfg/DFGArrayMode.cpp:

(JSC::DFG::ArrayMode::refine const):

dfg/DFGArrayMode.h:

(JSC::DFG::ArrayMode::ArrayMode):
(JSC::DFG::ArrayMode::action const):
(JSC::DFG::ArrayMode::withSpeculation const):
(JSC::DFG::ArrayMode::withArrayClass const):
(JSC::DFG::ArrayMode::withSpeculationFromProfile const):
(JSC::DFG::ArrayMode::withProfile const):
(JSC::DFG::ArrayMode::withType const):
(JSC::DFG::ArrayMode::withConversion const):
(JSC::DFG::ArrayMode::withTypeAndConversion const):
(JSC::DFG::ArrayMode::operator== const):
(JSC::DFG::ArrayMode::mayBeLargeTypedArray const): Deleted.
(JSC::DFG::ArrayMode::withArrayClassAndSpeculationAndMayBeLargeTypedArray const): Deleted.
(JSC::DFG::ArrayMode::speculationFromProfile): Deleted.

dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::handleIntrinsicGetter):

dfg/DFGClobberize.h:

(JSC::DFG::clobberize):

dfg/DFGCommon.h:

(JSC::DFG::enableInt52):

dfg/DFGConstantFoldingPhase.cpp:

(JSC::DFG::ConstantFoldingPhase::foldConstants):

dfg/DFGDoesGC.cpp:

(JSC::DFG::doesGC):

dfg/DFGFixupPhase.cpp:

(JSC::DFG::FixupPhase::fixupNode):
(JSC::DFG::FixupPhase::prependGetArrayLength):

dfg/DFGGenerationInfo.h:
dfg/DFGHeapLocation.cpp:

(WTF::printInternal):

dfg/DFGHeapLocation.h:
dfg/DFGIntegerRangeOptimizationPhase.cpp:
dfg/DFGNode.h:

(JSC::DFG::Node::hasStorageChild const):
(JSC::DFG::Node::storageChildIndex):
(JSC::DFG::Node::hasArrayMode):

dfg/DFGNodeType.h:
dfg/DFGOperations.cpp:

(JSC::DFG::putByVal):
(JSC::DFG::newTypedArrayWithSize):
(JSC::DFG::JSC_DEFINE_JIT_OPERATION):

dfg/DFGOperations.h:
dfg/DFGPredictionPropagationPhase.cpp:
dfg/DFGSSALoweringPhase.cpp:

(JSC::DFG::SSALoweringPhase::handleNode):
(JSC::DFG::SSALoweringPhase::lowerBoundsCheck):

dfg/DFGSafeToExecute.h:

(JSC::DFG::safeToExecute):

dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::jumpForTypedArrayOutOfBounds):
(JSC::DFG::SpeculativeJIT::emitTypedArrayBoundsCheck):
(JSC::DFG::SpeculativeJIT::compileGetByValOnIntTypedArray):
(JSC::DFG::SpeculativeJIT::compilePutByValForIntTypedArray):
(JSC::DFG::SpeculativeJIT::compileGetByValOnFloatTypedArray):
(JSC::DFG::SpeculativeJIT::compilePutByValForFloatTypedArray):
(JSC::DFG::SpeculativeJIT::cageTypedArrayStorage):
(JSC::DFG::SpeculativeJIT::compileGetTypedArrayByteOffset):
(JSC::DFG::SpeculativeJIT::compileGetArrayLength):
(JSC::DFG::SpeculativeJIT::compileNewTypedArrayWithSize):
(JSC::DFG::SpeculativeJIT::compileNewTypedArray):
(JSC::DFG::SpeculativeJIT::emitNewTypedArrayWithSizeInRegister): Deleted.

dfg/DFGSpeculativeJIT.h:
dfg/DFGSpeculativeJIT32_64.cpp:

(JSC::DFG::SpeculativeJIT::compileGetByVal):
(JSC::DFG::SpeculativeJIT::compile):

dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::compile):
(JSC::DFG::SpeculativeJIT::compileNewTypedArrayWithInt52Size): Deleted.
(JSC::DFG::SpeculativeJIT::compileGetTypedArrayLengthAsInt52): Deleted.
(JSC::DFG::SpeculativeJIT::compileGetTypedArrayByteOffsetAsInt52): Deleted.

dfg/DFGTypeCheckHoistingPhase.cpp:

(JSC::DFG::TypeCheckHoistingPhase::identifyRedundantStructureChecks):
(JSC::DFG::TypeCheckHoistingPhase::identifyRedundantArrayChecks):

dfg/DFGValidate.cpp:
ftl/FTLCapabilities.cpp:

(JSC::FTL::canCompile):

ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::validateAIState):
(JSC::FTL::DFG::LowerDFGToB3::compileNode):
(JSC::FTL::DFG::LowerDFGToB3::compileGetTypedArrayByteOffset):
(JSC::FTL::DFG::LowerDFGToB3::compileGetArrayLength):
(JSC::FTL::DFG::LowerDFGToB3::compilePutByVal):
(JSC::FTL::DFG::LowerDFGToB3::compileNewTypedArray):
(JSC::FTL::DFG::LowerDFGToB3::compileCompareStrictEq):
(JSC::FTL::DFG::LowerDFGToB3::emitGetTypedArrayByteOffsetExceptSettingResult): Deleted.
(JSC::FTL::DFG::LowerDFGToB3::compileGetTypedArrayByteOffsetAsInt52): Deleted.
(JSC::FTL::DFG::LowerDFGToB3::compileGetTypedArrayLengthAsInt52): Deleted.
(JSC::FTL::DFG::LowerDFGToB3::compileCheckInBoundsInt52): Deleted.
(JSC::FTL::DFG::LowerDFGToB3::emitNewTypedArrayWithSize): Deleted.

ftl/FTLOutput.h:

(JSC::FTL::Output::load32NonNegative):
(JSC::FTL::Output::load64NonNegative): Deleted.

jit/IntrinsicEmitter.cpp:

(JSC::IntrinsicGetterAccessCase::emitIntrinsicGetter):

jit/JITOperations.cpp:

(JSC::putByVal):
(JSC::getByVal):

llint/LLIntOfflineAsmConfig.h:
llint/LLIntSlowPaths.cpp:

(JSC::LLInt::getByVal):
(JSC::LLInt::LLINT_SLOW_PATH_DECL):

llint/LowLevelInterpreter.asm:
llint/LowLevelInterpreter32_64.asm:
llint/LowLevelInterpreter64.asm:
runtime/ArrayBuffer.cpp:

runtime/ArrayBuffer.h:

(JSC::ArrayBufferContents::sizeInBytes const):
(JSC::ArrayBuffer::byteLength const):
(JSC::ArrayBuffer::gcSizeEstimateInBytes const):

runtime/ArrayBufferView.cpp:

(JSC::ArrayBufferView::ArrayBufferView):

runtime/ArrayBufferView.h:

runtime/AtomicsObject.cpp:
runtime/DataView.cpp:

(JSC::DataView::DataView):
(JSC::DataView::create):

runtime/DataView.h:
runtime/GenericTypedArrayView.h:
runtime/GenericTypedArrayViewInlines.h:

runtime/JSArrayBufferView.cpp:

runtime/JSArrayBufferView.h:

(JSC::JSArrayBufferView::sizeOf):
(JSC::JSArrayBufferView::ConstructionContext::length const):
(JSC::JSArrayBufferView::length const):

runtime/JSArrayBufferViewInlines.h:

(JSC::JSArrayBufferView::byteOffsetImpl):
(JSC::JSArrayBufferView::byteOffset):
(JSC::JSArrayBufferView::byteOffsetConcurrently):

runtime/JSCJSValue.h:
runtime/JSCJSValueInlines.h:

(JSC::JSValue::toIndex const):
(JSC::JSValue::toTypedArrayIndex const): Deleted.

runtime/JSDataView.cpp:

(JSC::JSDataView::create):
(JSC::JSDataView::createUninitialized):
(JSC::JSDataView::set):
(JSC::JSDataView::setIndex):

runtime/JSDataView.h:
runtime/JSDataViewPrototype.cpp:

(JSC::getData):
(JSC::setData):

runtime/JSGenericTypedArrayView.h:
runtime/JSGenericTypedArrayViewConstructorInlines.h:

(JSC::constructGenericTypedArrayViewWithArguments):
(JSC::constructGenericTypedArrayViewImpl):

runtime/JSGenericTypedArrayViewInlines.h:

runtime/JSObject.h:

(JSC::JSObject::putByIndexInline):
(JSC::JSObject::tryGetIndexQuickly const):
(JSC::JSObject::canSetIndexQuickly):
(JSC::JSObject::trySetIndexQuickly): Deleted.

runtime/JSObjectInlines.h:

(JSC::JSObject::canSetIndexQuicklyForTypedArray const):
(JSC::JSObject::getIndexQuicklyForTypedArray const):
(JSC::JSObject::setIndexQuicklyForArrayStorageIndexingType): Deleted.
(JSC::JSObject::trySetIndexQuicklyForTypedArray): Deleted.

runtime/Operations.h:

(JSC::getByValWithIndex):

wasm/WasmPageCount.h:

Source/WebCore:

Revert "Allow WASM to use up to 4GB"

Modules/webaudio/AudioBuffer.cpp:

(WebCore::AudioBuffer::copyFromChannel):
(WebCore::AudioBuffer::copyToChannel):

Modules/webaudio/RealtimeAnalyser.cpp:

(WebCore::RealtimeAnalyser::getByteFrequencyData):
(WebCore::RealtimeAnalyser::getFloatTimeDomainData):
(WebCore::RealtimeAnalyser::getByteTimeDomainData):

bindings/js/SerializedScriptValue.cpp:

(WebCore::CloneSerializer::dumpArrayBufferView):
(WebCore::CloneSerializer::dumpImageBitmap):
(WebCore::CloneSerializer::dumpIfTerminal):
(WebCore::CloneSerializer::write):
(WebCore::CloneDeserializer::read):
(WebCore::CloneDeserializer::readArrayBuffer):
(WebCore::CloneDeserializer::readArrayBufferView):
(WebCore::CloneDeserializer::readImageBitmap):
(WebCore::CloneDeserializer::readArrayBufferImpl): Deleted.
(WebCore::CloneDeserializer::readArrayBufferViewImpl): Deleted.

bindings/js/SerializedScriptValue.h:

(WebCore::SerializedScriptValue::encode const):
(WebCore::SerializedScriptValue::decode):

fileapi/NetworkSendQueue.cpp:

(WebCore::NetworkSendQueue::enqueue):

platform/graphics/PixelBuffer.cpp:

(WebCore::PixelBuffer::tryCreate):

platform/graphics/iso/ISOBox.h:

Source/WTF:

Revert "Allow WASM to use up to 4GB"

wtf/CheckedArithmetic.h:

(WTF::isInBounds):
(WTF::convertSafely):
(WTF::isSumSmallerThanOrEqual): Deleted.

wtf/PlatformUse.h:

LayoutTests:

Revert "Allow WASM to use up to 4GB"

fast/storage/serialized-script-value.html:
webaudio/OfflineAudioContext-bad-buffer-crash-expected.txt:
webaudio/OfflineAudioContext/bad-buffer-length-expected.txt:

Note: See TracTimeline for information about the timeline view.

Download in other formats:

RSS Feed