
Jan 13, 2018:

11:16 PM Changeset in webkit [226941] by Chris Dumez
  • 3 edits in trunk/LayoutTests

Extend testing added in r226842

Reviewed by Darin Adler.

I have verified that the behavior is consistent with Chrome and Firefox.

  • fast/dom/Window/window-opener-shadowing-expected.txt:
  • fast/dom/Window/window-opener-shadowing.html:
10:11 PM Changeset in webkit [226940] by mark.lam@apple.com
  • 62 edits
    1 move
    2 deletes in trunk

Replace all use of ConstExprPoisoned with Poisoned.

Reviewed by JF Bastien.


  1. All JSC poisons are now defined in JSCPoison.h.
  1. Change all clients to use the new poison values via the POISON() macro.
  1. The LLInt code has been updated to handle CodeBlock poison. Some of this code uses the t5 temp register, which is not available on the Windows port. Fortunately, we don't currently do poisoning on the Windows port yet. So, it will just work for now.

When poisoning is enabled for the Windows port, this LLInt code will need a
Windows specific implementation to workaround its lack of a t5 register.

  • API/JSAPIWrapperObject.h:
  • API/JSCallbackFunction.h:
  • API/JSCallbackObject.h:
  • JavaScriptCore.xcodeproj/project.pbxproj:
  • Sources.txt:
  • assembler/MacroAssemblerCodeRef.h:


  • b3/B3LowerMacros.cpp:
  • b3/testb3.cpp:


  • bytecode/CodeBlock.h:

(JSC::CodeBlock::instructions const):

  • dfg/DFGOSRExitCompilerCommon.h:


  • dfg/DFGSpeculativeJIT.cpp:


  • ftl/FTLLowerDFGToB3.cpp:


  • jit/JIT.h:
  • jit/ThunkGenerators.cpp:


  • llint/LowLevelInterpreter.asm:
  • llint/LowLevelInterpreter32_64.asm:
  • llint/LowLevelInterpreter64.asm:
  • parser/UnlinkedSourceCode.h:
  • runtime/ArrayPrototype.h:
  • runtime/CustomGetterSetter.h:
  • runtime/DateInstance.h:
  • runtime/InternalFunction.h:
  • runtime/JSArrayBuffer.h:
  • runtime/JSCPoison.cpp: Copied from Source/JavaScriptCore/runtime/JSCPoisonedPtr.cpp.


  • runtime/JSCPoison.h:

(): Deleted.

  • runtime/JSCPoisonedPtr.cpp: Removed.
  • runtime/JSCPoisonedPtr.h: Removed.
  • runtime/JSGlobalObject.h:


  • runtime/JSScriptFetchParameters.h:
  • runtime/JSScriptFetcher.h:
  • runtime/NativeExecutable.h:
  • runtime/StructureTransitionTable.h:

(JSC::StructureTransitionTable::map const):
(JSC::StructureTransitionTable::weakImpl const):

  • runtime/WriteBarrier.h:


  • wasm/js/JSToWasm.cpp:


  • wasm/js/JSWebAssemblyCodeBlock.cpp:


  • wasm/js/JSWebAssemblyCodeBlock.h:
  • wasm/js/JSWebAssemblyInstance.h:
  • wasm/js/JSWebAssemblyMemory.h:
  • wasm/js/JSWebAssemblyModule.h:
  • wasm/js/JSWebAssemblyTable.h:
  • wasm/js/WasmToJS.cpp:


  • wasm/js/WebAssemblyFunctionBase.h:
  • wasm/js/WebAssemblyModuleRecord.h:
  • wasm/js/WebAssemblyToJSCallee.h:
  • wasm/js/WebAssemblyWrapperFunction.h:


  1. Removed ConstExprPoisoned and its artifacts.
  1. Consolidated Poisoned into PoisonedImpl. PoisonedImpl is not more.
  1. Changed all clients of ConstExprPoisoned to use Poisoned instead.
  1. Worked around the GCC and Clang compiler bug that confuses an intptr_t& template arg with intptr_t. See use of std::enable_if_t<Other::isPoisoned> in Poisoned.h.
  1. Removed ENABLE(MIXED_POISON) since we now have a workaround (3) that makes it possible to use the mixed poison code.
  1. Also fixed broken implementation of comparison operators in Poisoned.
  • wtf/Bag.h:
  • wtf/DumbPtrTraits.h:


  • wtf/DumbValueTraits.h:


  • wtf/Poisoned.h:

(WTF::Poisoned::operator== const):
(WTF::Poisoned::operator!= const):
(WTF::Poisoned::operator< const):
(WTF::Poisoned::operator<= const):
(WTF::Poisoned::operator> const):
(WTF::Poisoned::operator>= const):
(WTF::PoisonedImpl::PoisonedImpl): Deleted.
(WTF::PoisonedImpl::assertIsPoisoned const): Deleted.
(WTF::PoisonedImpl::assertIsNotPoisoned const): Deleted.
(WTF::PoisonedImpl::unpoisoned const): Deleted.
(WTF::PoisonedImpl::clear): Deleted.
(WTF::PoisonedImpl::operator* const): Deleted.
(WTF::PoisonedImpl::operator-> const): Deleted.
(WTF::PoisonedImpl::bits const): Deleted.
(WTF::PoisonedImpl::operator! const): Deleted.
(WTF::PoisonedImpl::operator bool const): Deleted.
(WTF::PoisonedImpl::operator== const): Deleted.
(WTF::PoisonedImpl::operator!= const): Deleted.
(WTF::PoisonedImpl::operator< const): Deleted.
(WTF::PoisonedImpl::operator<= const): Deleted.
(WTF::PoisonedImpl::operator> const): Deleted.
(WTF::PoisonedImpl::operator>= const): Deleted.
(WTF::PoisonedImpl::operator=): Deleted.
(WTF::PoisonedImpl::swap): Deleted.
(WTF::PoisonedImpl::exchange): Deleted.
(WTF::PoisonedImpl::poison): Deleted.
(WTF::PoisonedImpl::unpoison): Deleted.
(WTF::constExprPoisonRandom): Deleted.
(WTF::makeConstExprPoison): Deleted.
(WTF::ConstExprPoisonedPtrTraits::exchange): Deleted.
(WTF::ConstExprPoisonedPtrTraits::swap): Deleted.
(WTF::ConstExprPoisonedPtrTraits::unwrap): Deleted.
(WTF::ConstExprPoisonedValueTraits::exchange): Deleted.
(WTF::ConstExprPoisonedValueTraits::swap): Deleted.
(WTF::ConstExprPoisonedValueTraits::unwrap): Deleted.

  • wtf/PoisonedUniquePtr.h:


  • wtf/Ref.h:
  • wtf/RefCountedArray.h:


  • wtf/RefPtr.h:
  • wtf/WTFAssertions.cpp:


  1. Converted tests to using new uintptr_t& poison type.
  2. Added tests for Poisoned comparison operators.
  • TestWebKitAPI/CMakeLists.txt:
  • TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
  • TestWebKitAPI/Tests/WTF/ConstExprPoisoned.cpp: Removed.
  • TestWebKitAPI/Tests/WTF/Poisoned.cpp:

(TestWebKitAPI::initializeTestPoison): Deleted.

  • TestWebKitAPI/Tests/WTF/PoisonedRef.cpp:


  • TestWebKitAPI/Tests/WTF/PoisonedRefPtr.cpp:


  • TestWebKitAPI/Tests/WTF/PoisonedUniquePtr.cpp:


  • TestWebKitAPI/Tests/WTF/PoisonedUniquePtrForNonTriviallyDestructibleArrays.cpp:


  • TestWebKitAPI/Tests/WTF/PoisonedUniquePtrForTriviallyDestructibleArrays.cpp:


8:06 PM Changeset in webkit [226939] by Nikita Vasilyev
  • 3 edits in trunk/Source/WebInspectorUI

Web Inspector: Styles Redesign: properties should never be semitransparent or crossed out while editing

Reviewed by Devin Rousso.

  • UserInterface/Views/SpreadsheetCSSStyleDeclarationEditor.css:

(.spreadsheet-style-declaration-editor .value.editing):
(.spreadsheet-style-declaration-editor .property:matches(.invalid-name, .other-vendor, .overridden):not(.disabled) .content > *):
(.spreadsheet-style-declaration-editor .property.invalid-name:not(.disabled) .content > *):
(.spreadsheet-style-declaration-editor .property.invalid-value:not(.disabled) .content .value):
(.spreadsheet-style-declaration-editor .property.not-inherited .content > *):

  • UserInterface/Views/SpreadsheetStyleProperty.js:


12:38 PM Changeset in webkit [226938] by ddkilzer@apple.com
  • 3 edits in trunk/Tools

check-webkit-style: false positive for [whitespace/braces] with os_log format string

Reviewed by Darin Adler.

  • Scripts/webkitpy/style/checkers/cpp.py:

(check_spacing): Modify regular expression to ignore
os_log format strings like '%{public}'.

  • Scripts/webkitpy/style/checkers/cpp_unittest.py:

(CppStyleTest.test_spacing_before_braces): Add os_log
format string test.

7:16 AM Changeset in webkit [226937] by Caio Lima
  • 7 edits
    6 adds in trunk

[JSC] NumberPrototype::extractRadixFromArgs incorrectly cast double to int32_t

Reviewed by Darin Adler.


  • bigIntTests.yaml:
  • stress/big-int-constructor.js:
  • stress/big-int-prototype-to-string-cast-overflow.js: Added.


  • stress/number-prototype-to-string-cast-overflow.js: Added.



Casting double to integer is undefined behavior when the truncation
results into a value that doesn't fit into integer size, according C++
spec[1]. Thus, we are changing bigIntProtoFuncToString and
numberProtoFuncToString to remove these source of undefined behavior.

[1] - http://en.cppreference.com/w/cpp/language/implicit_conversion

  • runtime/BigIntPrototype.cpp:


  • runtime/NumberPrototype.cpp:

(JSC::extractRadixFromArgs): Deleted.
(JSC::extractToStringRadixArgument): Added.

4:07 AM Changeset in webkit [226936] by commit-queue@webkit.org
  • 3 edits
    2 adds in trunk

MathML Lengths should take zoom level into account

Patch by Minsheng Liu <lambda@liu.ms> on 2018-01-13
Reviewed by Frédéric Wang.


The patch applies the effective zoom factor to physical units in toUserUnits().

Test: mathml/presentation/mspace-units-with-zoom.html

  • rendering/mathml/RenderMathMLBlock.cpp:



Add a testcase for MathML lengths where zoom factor is set.

  • mathml/presentation/mspace-units-with-zoom-expected.html: Added.
  • mathml/presentation/mspace-units-with-zoom.html: Added.

Jan 12, 2018:

9:30 PM Changeset in webkit [226935] by Wenson Hsieh
  • 2 edits in trunk/Tools

[macOS] API tests ChangeAttachmentDataUpdatesWithInPlaceDisplay and InPlaceVideoAttachmentInsertionWithinList are failing

Reviewed by Joseph Pecoraro.

Make the web view for WKAttachmentTests slightly bigger to avoid size clamping behavior introduced in r226915.
Additionally, write a new API test covering the change in r226915.

  • TestWebKitAPI/Tests/WebKitCocoa/WKAttachmentTests.mm:


8:09 PM Changeset in webkit [226934] by Chris Dumez
  • 5 edits in trunk/Source/WebCore
ASSERTION FAILED: registration
isTerminating() in WebCore::SWServerWorker::skipWaiting()


Reviewed by Youenn Fablet.

No new tests, covered by existing tests that crash flakily.

  • workers/service/server/SWServer.cpp:

If the connection to the context process is gone, make sure we make the worker as terminated
so that it does not stay in Running state and in SWServer::m_runningOrTerminatingWorkers.

  • workers/service/server/SWServerRegistration.cpp:

Add assertions to make sure none of the registration's workers are still running when
the registration is destroyed.

Make sure registration workers that are overwritten are not still running.

  • workers/service/server/SWServerWorker.cpp:

If a worker's state is set to redundant, make sure we also terminate it.

5:11 PM Changeset in webkit [226933] by Wenson Hsieh
  • 2 edits in trunk/Source/WebKit

Unreviewed, speculative build fix after r226899.

Add an empty implementation for PageClient::startDrag.

  • UIProcess/PageClient.h:


5:03 PM Changeset in webkit [226932] by Simon Fraser
  • 1 edit
    2 adds in trunk/LayoutTests

Touch events not received with initial-scale=1 viewport

Reviewed by Tim Horton.

Add a testcase for this touch event case.

  • fast/events/touch/ios/target-taller-than-view-expected.txt: Added.
  • fast/events/touch/ios/target-taller-than-view.html: Added.
4:46 PM Changeset in webkit [226931] by commit-queue@webkit.org
  • 5 edits in trunk/Source/WebCore

Unreviewed, rolling out r226927.

Breaks 32-bit and iOS release for some reason that i don't
understand yet (Requested by dino on #webkit).

Reverted changeset:

"Use a helper function for checked arithmetic in WebGL

4:45 PM Changeset in webkit [226930] by mmaxfield@apple.com
  • 10 edits
    4 adds in trunk

Data URL fonts split in the middle of an alphabet cause random letters to disappear

Reviewed by Brent Fulgham.


It is fairly common practice for a font foundry to split a font up into two files such that a semi-random
half of the alphabet is present in one of the files, and the other half is present in the other file. This
practice involves representing the files as data URLs, so as to minimize the time it takes to load them.

Because resource loading is asynchronous (even for data URLs), it is possible today to get a paint after
the first file is loaded but before the second file is loaded. Indeed, because of the way font fallback
works, we will never start loading the second file until a layout has occurred with the first font.

Because a site usually only uses this pattern for a handful of fonts, and I've never seen this pattern
being used for CJK fonts, it isn't very expensive to opportunistically decode these data URLs eagerly.
Using this method doesn't actually guarantee that the two fonts will load in between successive paints,
but it at least makes this much more likely. This patch implements this strategy, along with a size
threshold to make sure that we won't decode any super large data URLs when it isn't necessary.

Test: fast/text/font-load-data-partitioned-alphabet.html

  • css/CSSFontFace.cpp:


  • css/CSSFontFace.h:
  • css/CSSFontFaceSource.cpp:


  • css/CSSFontFaceSource.h:
  • css/CSSFontSelector.cpp:


  • css/CSSFontSelector.h:
  • platform/graphics/FontCascadeFonts.cpp:


  • platform/graphics/FontSelector.h:


Make sure that the requests for both fonts are sent before either of the responses are received.

  • fast/text/font-load-data-partitioned-alphabet-expected.txt: Added.
  • fast/text/font-load-data-partitioned-alphabet.html: Added.
  • platform/mac-wk1/fast/text/font-load-data-partitioned-alphabet-expected.txt: Added.
4:39 PM Changeset in webkit [226929] by achristensen@apple.com
  • 4 edits in trunk

History state should be updated during client redirects with asynchronous policy decisions

Reviewed by Andy Estes.


When decidePolicyForNavigationAction is responded to asynchronously during a client redirect,
HistoryController::updateForRedirectWithLockedBackForwardList does not update the history because
the document loader has not been marked as a client redirect because the FrameLoader only looks
at its provisional document loader to mark it as a client redirect. When decidePolicyForNavigationAction
is responded to asynchronously, though, the FrameLoader's provisional document loader has moved to
its policy document loader. To get both asynchronous and synchronous cases, let's just mark the document
loader as a client redirect whether it's the provisional or policy document loader.

Covered by a new API test.

  • loader/FrameLoader.cpp:



  • TestWebKitAPI/Tests/WebKit/WKBackForwardList.mm:

(-[AsyncPolicyDecisionDelegate webView:didFinishNavigation:]):
(-[AsyncPolicyDecisionDelegate webView:decidePolicyForNavigationAction:decisionHandler:]):

4:36 PM Changeset in webkit [226928] by sbarati@apple.com
  • 17 edits in trunk/Source/JavaScriptCore

Move ExitProfile to UnlinkedCodeBlock so it can be shared amongst CodeBlocks backed by the same UnlinkedCodeBlock

Reviewed by Michael Saboff.

This patch follows the theme of putting optimization profiling information on
UnlinkedCodeBlock. This allows the unlinked code cache to remember OSR exit data.
This often leads to the first compile of a CodeBlock, backed by an UnlinkedCodeBlock
pulled from the code cache, making better compilation decisions, usually
resulting in fewer exits, and fewer recompilations.

This is a 1% Speedometer progression in my testing.

  • bytecode/BytecodeDumper.cpp:


  • bytecode/CallLinkStatus.cpp:


  • bytecode/CallLinkStatus.h:
  • bytecode/CodeBlock.h:

(JSC::CodeBlock::addFrequentExitSite): Deleted.
(JSC::CodeBlock::hasExitSite const): Deleted.
(JSC::CodeBlock::exitProfile): Deleted.

  • bytecode/DFGExitProfile.cpp:


  • bytecode/DFGExitProfile.h:

(JSC::DFG::ExitProfile::hasExitSite const):

  • bytecode/GetByIdStatus.cpp:


  • bytecode/GetByIdStatus.h:
  • bytecode/PutByIdStatus.cpp:


  • bytecode/PutByIdStatus.h:
  • bytecode/UnlinkedCodeBlock.cpp:


  • bytecode/UnlinkedCodeBlock.h:

(JSC::UnlinkedCodeBlock::hasExitSite const):

  • dfg/DFGByteCodeParser.cpp:


  • dfg/DFGGraph.h:


  • dfg/DFGLICMPhase.cpp:


  • dfg/DFGOSRExitBase.cpp:


4:30 PM Changeset in webkit [226927] by dino@apple.com
  • 5 edits in trunk/Source/WebCore

Use a helper function for checked arithmetic in WebGL validation

Reviewed by Eric Carlson.

Eric recommended using a templated helper function to do
a common arithmetic check in WebGL validation.

  • html/canvas/WebGL2RenderingContext.cpp:


  • html/canvas/WebGLRenderingContext.cpp:


  • html/canvas/WebGLRenderingContextBase.cpp:

(WebCore::WebGLRenderingContextBase::checkedAddAndMultiply): New helper.

  • html/canvas/WebGLRenderingContextBase.h:
4:28 PM Changeset in webkit [226926] by Brent Fulgham
  • 2 edits in trunk/Source/WebKit

[iOS] Remove unneeded accessibility-related sandbox rules

Reviewed by Eric Carlson.

Remove a number of sandbox exceptions that were in place for accessibility support. These are
not needed in the WebContent process, since Safari (not WebKit) handles the accessibility

  • Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:
4:07 PM Changeset in webkit [226925] by jmarcell@apple.com
  • 1 copy in tags/Safari-605.1.22

Tag Safari-605.1.22.

3:56 PM Changeset in webkit [226924] by jmarcell@apple.com
  • 10 edits in branches/safari-605-branch

Cherry-pick r226838. rdar://problem/36480711

3:56 PM Changeset in webkit [226923] by jmarcell@apple.com
  • 8 edits in branches/safari-605-branch/Source

Apply patch. rdar://problem/36303061

Disable WebKit features we don't want to ship after branching

3:56 PM Changeset in webkit [226922] by jmarcell@apple.com
  • 4 edits in branches/safari-605-branch/Source/WebCore

Cherry-pick r226905. rdar://problem/36483899

3:56 PM Changeset in webkit [226921] by jmarcell@apple.com
  • 7 edits in branches/safari-605-branch/Source


3:47 PM Changeset in webkit [226920] by jfbastien@apple.com
  • 28 edits
    1 copy in trunk/Source


Reviewed by Mark Lam.


Allow poisoning of WriteBarrier objects, and use this for
WebAssembly because it is perf-neutral, at least on WasmBench on
my MBP. If it indeed is perf-neutral according to the bots, start
using it in more performance-sensitive places.

  • heap/HandleTypes.h:
  • heap/SlotVisitor.h:
  • heap/SlotVisitorInlines.h:


  • runtime/JSCJSValue.h:
  • runtime/JSCPoison.h:
  • runtime/Structure.h:
  • runtime/StructureInlines.h:


  • runtime/WriteBarrier.h:

(JSC::WriteBarrierBase::get const):
(JSC::WriteBarrierBase::operator* const):
(JSC::WriteBarrierBase::operator-> const):
(JSC::WriteBarrierBase::operator bool const):
(JSC::WriteBarrierBase::unvalidatedGet const):

  • runtime/WriteBarrierInlines.h:


  • wasm/WasmInstance.h:
  • wasm/js/JSWebAssemblyInstance.cpp:


  • wasm/js/JSWebAssemblyInstance.h:


  • wasm/js/JSWebAssemblyMemory.h:
  • wasm/js/JSWebAssemblyModule.h:
  • wasm/js/JSWebAssemblyTable.cpp:


  • wasm/js/JSWebAssemblyTable.h:
  • wasm/js/WasmToJS.cpp:


  • wasm/js/WebAssemblyFunctionBase.h:
  • wasm/js/WebAssemblyModuleRecord.cpp:


  • wasm/js/WebAssemblyModuleRecord.h:
  • wasm/js/WebAssemblyToJSCallee.h:
  • wasm/js/WebAssemblyWrapperFunction.h:


Supporting changes needed to allow poisoning of WriteBarrier

  • WTF.xcodeproj/project.pbxproj:
  • wtf/DumbPtrTraits.h:
  • wtf/DumbValueTraits.h: Copied from Source/WTF/wtf/DumbPtrTraits.h.


  • wtf/Forward.h:
  • wtf/Poisoned.h:


3:35 PM Changeset in webkit [226919] by mmaxfield@apple.com
  • 2 edits in trunk/Source/WebCore

[Cocoa] CTFontCopyDefaultCascadeListForLanguages() can return nullptr

Reviewed by Jon Lee.

Speculative fix. We are getting crash reports saying that this call can return nullptr, and we
don't check for it.

No new tests because I couldn't find the specific input that causes it to return nullptr. (I
tried running this code with every 0, 1, and 2 length locale string, every weight value, and
every italic value, and couldn't get it to crash. I also inspected the code to figure out what
values would cause it to return nullptr, and I couldn't find anything other than if the system
has a totally busted font setup.)

  • platform/graphics/cocoa/FontDescriptionCocoa.cpp:


3:29 PM Changeset in webkit [226918] by Jonathan Bedard
  • 2 edits
    2 moves in trunk/Tools

webkitpy: Refactor simulator code (Part 4)

Reviewed by Aakash Jain.

Move new_simulated_device.py to simulated_device.py.

  • Scripts/webkitpy/port/ios_simulator.py: Update import statement.
  • Scripts/webkitpy/xcode/new_simulated_device.py: Removed.
  • Scripts/webkitpy/xcode/new_simulated_device_unittest.py: Removed.
  • Scripts/webkitpy/xcode/simulated_device.py: Copied from Tools/Scripts/webkitpy/xcode/new_simulated_device.py.
  • Scripts/webkitpy/xcode/simulated_device_unittest.py: Copied from Tools/Scripts/webkitpy/xcode/new_simulated_device_unittest.py.
3:15 PM Changeset in webkit [226917] by jmarcell@apple.com
  • 2 edits in branches/safari-605-branch/Source/JavaScriptCore

Cherry-pick r226840. rdar://problem/36479468

3:01 PM Changeset in webkit [226916] by dino@apple.com
  • 7 edits
    2 adds in trunk

[WebGL] Simulated vertexAttrib0 can sometimes cause OUT_OF_MEMORY errors

Reviewed by Eric Carlson.


Very large element indices in the ELEMENT_ARRAY_BUFFER meant that
our simulated vertexAttrib0 buffer might be too large. We need
to check for out-of-memory, but we can also detect some of the issues
earlier in our validation code. Additionally, make sure that we don't
accidentally cast an unsigned to a signed.

Test: fast/canvas/webgl/simulated-vertexAttrib0-invalid-indicies.html

  • html/canvas/WebGL2RenderingContext.cpp:

(WebCore::WebGL2RenderingContext::validateIndexArrayConservative): Update validation
code to look for overflow, rather than relying on looking for sign changes.

  • html/canvas/WebGLRenderingContext.cpp:

(WebCore::WebGLRenderingContext::validateIndexArrayConservative): Ditto.

  • html/canvas/WebGLRenderingContextBase.cpp:

(WebCore::WebGLRenderingContextBase::drawArrays): Check that we were able to simulate.
(WebCore::WebGLRenderingContextBase::validateSimulatedVertexAttrib0): Update validation code, and
use GC3Duint, since that's what the indicies are.
(WebCore::WebGLRenderingContextBase::simulateVertexAttrib0): Ditto.
(WebCore::WebGLRenderingContextBase::drawArraysInstanced): Check that we were able to simulate.

  • html/canvas/WebGLRenderingContextBase.h:


  • fast/canvas/webgl/simulated-vertexAttrib0-invalid-indicies-expected.txt: Added.
  • fast/canvas/webgl/simulated-vertexAttrib0-invalid-indicies.html: Added.
  • platform/mac/TestExpectations: Test crashes on Sierra and earlier.
2:00 PM Changeset in webkit [226915] by Wenson Hsieh
  • 2 edits in trunk/Source/WebCore

Large in-place attachment elements cause the document width to expand when inserted

Reviewed by Dan Bernstein.

Make in-place images and videos have a max-width of 100%, so that large attachments aren't inserted with full
display size, causing the document and viewport width to expand.

  • html/HTMLAttachmentElement.cpp:


1:47 PM Changeset in webkit [226914] by commit-queue@webkit.org
  • 11 edits
    2 deletes in trunk/Source/WebInspectorUI

Web Inspector: Drop support for iOS 7 targets

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2018-01-12
Reviewed by Brian Burg.

  • Versions/Inspector-iOS-7.0.json: Removed.
  • UserInterface/Protocol/Legacy/7.0/InspectorBackendCommands.js: Removed.

Remove protocol snapshot and generated commands for iOS 7.

  • UserInterface/Base/Main.js:
  • UserInterface/Controllers/BreakpointPopoverController.js:


  • UserInterface/Controllers/DebuggerManager.js:


  • UserInterface/Controllers/SourceMapManager.js:


  • UserInterface/Models/Instrument.js:


  • UserInterface/Models/ResourceTimingData.js:
  • UserInterface/Models/ScriptTimelineRecord.js:


  • UserInterface/Models/SourceMapResource.js:


  • UserInterface/Protocol/CSSObserver.js:

(WI.CSSObserver.prototype.regionLayoutUpdated): Deleted.

  • UserInterface/Protocol/RemoteObject.js:

Remove code that was only necessary to support iOS 7.

1:39 PM Changeset in webkit [226913] by Keith Rollin
  • 4 edits in trunk/Source

Logged JSON should escape "'s and \'s in strings.

Reviewed by Brent Fulgham.


No new tests -- no new functionality, just changed logging. The
efficacy of the logging was verified by inspecting its output.

  • loader/ResourceLoadObserver.cpp:



  • NetworkProcess/NetworkResourceLoader.cpp:

(WebKit::NetworkResourceLoader::logCookieInformation const):

1:38 PM Changeset in webkit [226912] by Megan Gardner
  • 2 edits in trunk/Source/WebKit

Unreviewed, fixing error in UIKitSPI.h.

  • Platform/spi/ios/UIKitSPI.h:
1:32 PM Changeset in webkit [226911] by Megan Gardner
  • 4 edits in trunk/Source/WebKit

Implement MultiDocument protocol for restoring focus to a WKWebView

Reviewed by Dan Bernstein.

Support the UIKit protocol for restoring focus to a what previously had focus.
WebKit already knows what node was previously being focused by the DOM, we merely
need to be asked to turn the focus on again.
Resubmitting https://trac.webkit.org/changeset/226826 as it broke internal builds

  • Platform/spi/ios/UIKitSPI.h:
  • UIProcess/ios/WKContentViewInteraction.h:
  • UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView _restoreFocusWithToken:]):
(-[WKContentView _preserveFocusWithToken:destructively:]):

1:30 PM Changeset in webkit [226910] by jmarcell@apple.com
  • 56 edits
    2 deletes in branches/safari-605-branch/Source/WebCore

Revert r226007. rdar://problem/36072040

1:03 PM Changeset in webkit [226909] by commit-queue@webkit.org
  • 5 edits
    1 add in trunk/Source/WebInspectorUI

Web Inspector: Support JSX (React) syntax highlighting

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2018-01-12
Reviewed by Brian Burg.

  • UserInterface/Base/MIMETypeUtilities.js:


  • UserInterface/Models/Resource.js:

Support the jsx extension and mime types.

  • UserInterface/Main.html:
  • Scripts/update-codemirror-resources.rb:
  • UserInterface/External/CodeMirror/jsx.js: Added.

Include new mode from CodeMirror@d8926768.

1:01 PM Changeset in webkit [226908] by dino@apple.com
  • 3 edits
    2 adds in trunk

drawElements should be invalid if vertexAttrib0 doesn't have data

Reviewed by Antoine Quint.


If a vertex attribute has been enabled, but no data provided, then
draw validation should fail.

Test: fast/canvas/webgl/drawElements-empty-vertex-data.html

  • html/canvas/WebGLRenderingContextBase.cpp:

(WebCore::WebGLRenderingContextBase::validateVertexAttributes): If there were
never any data in the vertex buffer, then we incorrectly compared with 0.


  • fast/canvas/webgl/drawElements-empty-vertex-data-expected.txt: Added.
  • fast/canvas/webgl/drawElements-empty-vertex-data.html: Added.
12:47 PM Changeset in webkit [226907] by sbarati@apple.com
  • 14 edits
    1 add in trunk

CheckStructure can be incorrectly subsumed by CheckStructureOrEmpty

Reviewed by Yusuke Suzuki.


  • stress/check-structure-ir-ensures-empty-does-not-flow-through.js: Added.



The semantics of CheckStructure are such that it does not allow the empty value to flow through it.
However, we may eliminate a CheckStructure if it's preceded by a CheckStructureOrEmpty. This doesn't
have semantic consequences when validation is turned off. However, with validation on, this trips up
our OSR exit machinery that says when an exit is allowed to happen.

Consider the following IR:

a: GetClosureVar Or any other node that produces BytecodeTop
c: CheckStructure(Cell:@a, {s2})
d: PutByOffset(KnownCell:@a, KnownCell:@a, @value)

In the TypeCheckHoistingPhase, we may insert CheckStructureOrEmptys like this:
a: GetClosureVar
e: CheckStructureOrEmpty(@a, {s1})
f: CheckStructureOrEmpty(@a, {s2})
c: CheckStructure(Cell:@a, {s2})
d: PutByOffset(KnownCell:@a, KnownCell:@a, @value)

This will cause constant folding to change the IR to:
a: GetClosureVar
e: CheckStructureOrEmpty(@a, {s1})
f: CheckStructureOrEmpty(@a, {s2})
d: PutByOffset(KnownCell:@a, KnownCell:@a, @value)

Our mayExit analysis determines that the PutByOffset should not exit. Note
that AI will determine the only value the PutByOffset can see in @a is
the empty value. Because KnownCell filters SpecCell and not SpecCellCheck,
when lowering the PutByOffset, we reach a contradiction in AI and emit
an OSR exit. However, because mayExit said we couldn't exit, we assert.

Note that if we did not run the TypeCheckHoistingPhase on this IR, AI
would have determined we would OSR exit at the second CheckStructure.

This patch makes it so constant folding produces the following IR:
a: GetClosureVar
e: CheckStructureOrEmpty(@a, {s1})
g: AssertNotEmpty(@a)
f: CheckStructureOrEmpty(@a, {s2})
h: AssertNotEmpty(@a)
d: PutByOffset(KnownCell:@a, KnownCell:@a, @value)

This modification will cause AI to know we will OSR exit before even reaching
the PutByOffset. Note that in the original IR, the GetClosureVar won't
actually produce the TDZ value. If it did, bytecode would have caused us
to emit a CheckNotEmpty before the CheckStructure/PutByOffset combo. That's
why this bug is about IR bookkeeping and not an actual error in IR analysis.
This patch introduces AssertNotEmpty instead of using CheckNotEmpty to be
more congruous with CheckStructure's semantics of crashing on the empty value
as input (on 64 bit platforms).

  • dfg/DFGAbstractInterpreterInlines.h:


  • dfg/DFGClobberize.h:


  • dfg/DFGConstantFoldingPhase.cpp:


  • dfg/DFGDoesGC.cpp:


  • dfg/DFGFixupPhase.cpp:


  • dfg/DFGNodeType.h:
  • dfg/DFGPredictionPropagationPhase.cpp:
  • dfg/DFGSafeToExecute.h:


  • dfg/DFGSpeculativeJIT32_64.cpp:


  • dfg/DFGSpeculativeJIT64.cpp:


  • ftl/FTLCapabilities.cpp:


  • ftl/FTLLowerDFGToB3.cpp:


12:41 PM Changeset in webkit [226906] by commit-queue@webkit.org
  • 12 edits in trunk

FormDataElement::lengthInBytes should use ThreadableBlobRegistry

Patch by Youenn Fablet <youenn@apple.com> on 2018-01-12
Reviewed by Chris Dumez.


Covered by updated test.

Fix blobRegistry() use and add support for creating a response that may trigger the issue.

  • platform/network/FormData.cpp:

(WebCore::FormDataElement::lengthInBytes const): Was using directly blobRegistry() while ThreadableBlobRegistry is more appropriate
in case this is called from workers.

  • Modules/fetch/FetchBody.h:
  • Modules/fetch/FetchResponse.h:
  • fileapi/Blob.h:
  • testing/ServiceWorkerInternals.cpp:


  • testing/ServiceWorkerInternals.h:
  • testing/ServiceWorkerInternals.idl:


  • http/tests/workers/service/resources/service-worker-cache-api-worker.js:

(event.event.request.url.indexOf): Deleted.
(event.event.request.url.endsWith): Deleted.
(event.event.respondWith.promise.then): Deleted.

  • http/tests/workers/service/service-worker-cache-api.https-expected.txt:
  • http/tests/workers/service/service-worker-cache-api.https.html:
12:01 PM Changeset in webkit [226905] by jer.noble@apple.com
  • 4 edits in trunk/Source/WebCore

Wrap CDMFairPlayStreaming and related classes in ENABLE(ENCRYPTED_MEDIA) checks

Reviewed by Maciej Stachowiak.

  • platform/graphics/avfoundation/CDMFairPlayStreaming.h:
  • platform/graphics/avfoundation/objc/CDMInstanceFairPlayStreamingAVFObjC.h:
  • platform/graphics/avfoundation/objc/CDMInstanceFairPlayStreamingAVFObjC.mm:
11:43 AM Changeset in webkit [226904] by commit-queue@webkit.org
  • 19 edits
    5 adds in trunk

WebProcess should pass the registration identifier and not the worker identifier for fetch events

Patch by Youenn Fablet <youenn@apple.com> on 2018-01-12
Reviewed by Chris Dumez.


Test: http/wpt/service-workers/update-service-worker.https.html

Store service worker registration identifier in ResourceLoaderOptions instead of service worker identifier.

  • loader/DocumentThreadableLoader.cpp:


  • loader/ResourceLoaderOptions.h:
  • loader/WorkerThreadableLoader.cpp:


  • loader/cache/CachedResourceLoader.cpp:

(WebCore::CachedResourceLoader::determineRevalidationPolicy const):

  • loader/cache/CachedResourceRequest.cpp:

(WebCore::CachedResourceRequest::setSelectedServiceWorkerIdentifierIfNeeded): Deleted.

  • loader/cache/CachedResourceRequest.h:
  • workers/WorkerScriptLoader.cpp:


  • workers/service/server/SWServer.cpp:


  • workers/service/server/SWServer.h:


Use service worker registration identifier to compute the active service worker identifier responsible to handle the fetch event.

  • StorageProcess/ServiceWorker/WebSWServerConnection.cpp:


  • StorageProcess/ServiceWorker/WebSWServerConnection.h:
  • StorageProcess/ServiceWorker/WebSWServerConnection.messages.in:
  • WebProcess/Storage/ServiceWorkerClientFetch.cpp:


  • WebProcess/Storage/WebSWClientConnection.cpp:


  • WebProcess/Storage/WebSWClientConnection.h:
  • WebProcess/Storage/WebServiceWorkerProvider.cpp:



  • http/wpt/service-workers/resources/empty.html: Added.
  • http/wpt/service-workers/update-service-worker.https-expected.txt: Added.
  • http/wpt/service-workers/update-service-worker.https.html: Added.
  • http/wpt/service-workers/update-worker.py: Added.


11:21 AM Changeset in webkit [226903] by Ryan Haddad
  • 4 edits in trunk/Source/WebKit

Unreviewed, rolling out r226826.

Breaks internal builds.

Reverted changeset:

"Implement MultiDocument protocol for restoring focus to a

11:19 AM Changeset in webkit [226902] by Simon Fraser
  • 3 edits in trunk/LayoutTests

fast/events/ios/rotation/layout-viewport-during-safari-type-rotation.html is flakey

Reviewed by Zalan Bujtas.

Wait a tick before starting the rotation, otherwise -[WKWebView _beginAnimatedResizeWithUpdates:]
can bail because the unobscuredRect is empty.

Also wait for both the rotation UI script to complete, and the receipt of the
orientationchange event.

  • fast/events/ios/rotation/layout-viewport-during-safari-type-rotation.html:
  • fast/events/ios/rotation/resources/rotation-utils.js:


11:05 AM Changeset in webkit [226901] by commit-queue@webkit.org
  • 3 edits
    1 delete in trunk/Source/WebCore

[Win][CMake] Remove all-in-one file for WebCore DerivedSources

Patch by Fujii Hironori <Fujii Hironori> on 2018-01-12
Reviewed by Alex Christensen.

Those source files are compiled in unified source build nowadays.

No new tests (No behavior change)

  • CMakeLists.txt: Removed calling PROCESS_ALLINONE_FILE.
  • DerivedSources.cpp: Removed.
  • WebCoreMacros.cmake: Removed a macro PROCESS_ALLINONE_FILE.
10:52 AM Changeset in webkit [226900] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebCore

[WinCairo][CMake] Use ${CURL_LIBRARY} instead of specifying the library name libcurl_imp explicitly

Patch by Fujii Hironori <Fujii Hironori> on 2018-01-12
Reviewed by Alex Christensen.

vcpkg has libcurl.lib, not libcurl_imp.lib.

No new tests because no behavior change.

  • PlatformWinCairo.cmake: Link ${CURL_LIBRARY} instead of libcurl_imp.
10:49 AM Changeset in webkit [226899] by Wenson Hsieh
  • 10 edits in trunk/Source/WebKit

[WK2] Unify macOS and iOS codepaths in the UI process when starting a drag

Reviewed by Tim Horton.

Rearrange some macOS drag start logic in the UI process so that it uses the same codepaths in WebPageProxy as
iOS. Namely, startDrag should just forward the DragItem and drag image handle along to the appropriate views on
each platform (WKContentView and WebViewImpl).

There should be no change in behavior.

  • UIProcess/Cocoa/WebPageProxyCocoa.mm:

Both macOS and iOS now funnel through this method.

  • UIProcess/Cocoa/WebViewImpl.h:
  • UIProcess/Cocoa/WebViewImpl.mm:

(WebKit::WebViewImpl::dragImageForView): Deleted.

Rename dragImageForView to startDrag. Move the call to didStartDrag() here, and call dragCancelled() in the
case where we bailed from starting the drag (due to failing to create a drag image).

  • UIProcess/PageClient.h:
  • UIProcess/ios/PageClientImplIOS.h:
  • UIProcess/ios/PageClientImplIOS.mm:

(WebKit::PageClientImpl::setDragImage): Deleted.

Rename setDragImage to startDrag.

  • UIProcess/mac/PageClientImplMac.h:
  • UIProcess/mac/PageClientImplMac.mm:

(WebKit::PageClientImpl::setDragImage): Deleted.

  • UIProcess/mac/WebPageProxyMac.mm:

(WebKit::WebPageProxy::startDrag): Deleted.

10:30 AM Changeset in webkit [226898] by jer.noble@apple.com
  • 2 edits in trunk/Source/WebCore

WebGL video texture black in Safari 11.0.2 and wrong colored in Safari Preview 11.1

Reviewed by Dean Jackson.

Tests: added compile-time correctness tests for YCbCrMatrix values.

Perform the derivation from YCbCr coefficients into matrices in constexpr expressions
at compile-time. This allows us to also perform compile-time correctness checks to catch
regressions which may cause incorrect color conversions.

Since we now have general-purpose derivation of matrix values from coefficients,
adding missing specificed matrices is trivial, so add support for SMPTE 240M and BT.2020

  • platform/graphics/cv/VideoTextureCopierCV.cpp:

(WebCore::GLfloatColor::isApproximatelyEqualTo const):
(WebCore::YCbCrMatrix::operator Vector<GLfloat> const):
(WebCore::YCbCrMatrix::operator* const):

10:26 AM Changeset in webkit [226897] by achristensen@apple.com
  • 3 edits in trunk/Tools

REGRESSION (r226818): API test WebKitLegacy.LoadInvalidURLRequest is failing

This test was testing behavior of an invalid URL that WebCore parses but NSURL does not.
It was using example.com<> but after r226479 < and > are considered invalid by WebCore.
I change the < and > to $ to make this test pass and continue to test what it used to.

  • TestWebKitAPI/Tests/mac/LoadInvalidURLRequest.html:
  • TestWebKitAPI/Tests/mac/LoadInvalidURLRequest.mm:

(-[LoadInvalidURLWebFrameLoadDelegate webView:didFailProvisionalLoadWithError:forFrame:]):

9:39 AM Changeset in webkit [226896] by Matt Lewis
  • 2 edits in trunk/LayoutTests

Skipped http/tests/resourceLoadStatistics/grandfathering.html on macOS WK2.

Unreviewed test gardening.

  • platform/mac-wk2/TestExpectations:
9:32 AM Changeset in webkit [226895] by commit-queue@webkit.org
  • 3 edits in trunk/Source/JavaScriptCore

Web Inspector: Remove unnecessary raw pointer in InspectorConsoleAgent

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2018-01-12
Reviewed by Brian Burg.

  • inspector/agents/InspectorConsoleAgent.h:
  • inspector/agents/InspectorConsoleAgent.cpp:

Switch from a raw pointer to m_consoleMessages.last().
Also move the expiration check into the if block since it can only
happen inside here when the number of console messages changes.

Also clear the expired message count when messages are cleared.

9:28 AM Changeset in webkit [226894] by jmarcell@apple.com
  • 9 edits in branches/safari-605-branch

Cherry-pick r226745. rdar://problem/36392368

8:36 AM Changeset in webkit [226893] by jmarcell@apple.com
  • 6 edits in branches/safari-605-branch

Cherry-pick r226825. rdar://problem/36458902

8:36 AM Changeset in webkit [226892] by jmarcell@apple.com
  • 48 edits
    5 moves
    1 add
    1 delete in branches/safari-605-branch/Source

Cherry-pick r226822. rdar://problem/36458924

7:21 AM Changeset in webkit [226891] by jmarcell@apple.com
  • 3 edits in branches/safari-605-branch

Cherry-pick r226813. rdar://problem/36458922

7:21 AM Changeset in webkit [226890] by jmarcell@apple.com
  • 8 edits in branches/safari-605-branch

Cherry-pick r226792. rdar://problem/36450742

7:21 AM Changeset in webkit [226889] by jmarcell@apple.com
  • 3 edits in branches/safari-605-branch/LayoutTests

Cherry-pick r226785. rdar://problem/36450812

7:21 AM Changeset in webkit [226888] by jmarcell@apple.com
  • 4 edits in branches/safari-605-branch/LayoutTests

Cherry-pick r226771. rdar://problem/36450734

7:21 AM Changeset in webkit [226887] by jmarcell@apple.com
  • 2 edits in branches/safari-605-branch/LayoutTests

Cherry-pick r226731. rdar://problem/36450734

5:26 AM Changeset in webkit [226886] by graouts@webkit.org
  • 21 edits
    2 adds in trunk

Add support for the frames() timing function

Reviewed by Dean.


Implement the frames() timing function as specified in the CSS Timing Functions Level 1
specification, specifically https://www.w3.org/TR/css-timing-1/#frames-timing-functions.
A frames timing function is a type of timing function that divides the input time into a
specified number of intervals of equal length.

Test: transitions/frames-timing-function.html

  • css/CSSComputedStyleDeclaration.cpp:


  • css/CSSTimingFunctionValue.cpp:

(WebCore::CSSFramesTimingFunctionValue::customCSSText const):
(WebCore::CSSFramesTimingFunctionValue::equals const):

  • css/CSSTimingFunctionValue.h:
  • css/CSSToStyleMap.cpp:


  • css/CSSValue.cpp:

(WebCore::CSSValue::equals const):
(WebCore::CSSValue::cssText const):

  • css/CSSValue.h:

(WebCore::CSSValue::isFramesTimingFunctionValue const):

  • css/CSSValueKeywords.in:
  • css/parser/CSSPropertyParser.cpp:


  • platform/animation/TimingFunction.cpp:

(WebCore::TimingFunction::transformTime const):

  • platform/animation/TimingFunction.h:

(WebCore::TimingFunction::isFramesTimingFunction const):

  • platform/graphics/ca/GraphicsLayerCA.cpp:

(WebCore::GraphicsLayerCA::animationCanBeAccelerated const):


Add the ability to endode and decode the frames() timing function.

  • Shared/WebCoreArgumentCoders.cpp:


  • Shared/WebCoreArgumentCoders.h:
  • WebProcess/WebPage/RemoteLayerTree/PlatformCAAnimationRemote.mm:

(WebKit::PlatformCAAnimationRemote::Properties::encode const):


Add a new test that checks that the frames() timing function applies as expected
and expand an existing test to check that the frames() timing function is parsed
correctly. We also mark progressions in imported WPT tests.

  • imported/w3c/web-platform-tests/css-timing-1/frames-timing-functions-output-expected.txt:
  • imported/w3c/web-platform-tests/css-timing-1/frames-timing-functions-syntax-expected.txt:
  • transitions/frames-timing-function-expected.txt: Added.
  • transitions/frames-timing-function.html: Added.
  • transitions/transitions-parsing-expected.txt:
  • transitions/transitions-parsing.html:
4:16 AM Changeset in webkit [226885] by Yusuke Suzuki
  • 6 edits in trunk/Source/JavaScriptCore

[JSC] Create parallel SlotVisitors apriori

Reviewed by Saam Barati.

The number of SlotVisitors are capped with the number of HeapHelperPool's threads + 2.
If we create these SlotVisitors apropri, we do not need to create SlotVisitors dynamically.
Then we do not need to grab locks while iterating all the SlotVisitors.

In addition, we do not need to consider the case that the number of SlotVisitors increases
after setting up VisitCounters in MarkingConstraintSolver since the number of SlotVisitors
does not increase any more.

  • heap/Heap.cpp:


  • heap/Heap.h:
  • heap/HeapInlines.h:

(JSC::Heap::numberOfSlotVisitors): Deleted.

  • heap/MarkingConstraintSolver.cpp:

(JSC::MarkingConstraintSolver::didVisitSomething const):

3:26 AM Changeset in webkit [226884] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.18/WebDriverTests

Merge r226764 - Unreviewed. Update W3C WebDriver imported tests.

  • imported/w3c/importer.json:
  • imported/w3c/webdriver/tests/sessions/new_session/invalid_capabilities.py:
  • imported/w3c/webdriver/tests/sessions/new_session/support/create.py:
3:26 AM Changeset in webkit [226883] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.18/Tools

Merge r226711 - WebDriver: run-webdriver-tests doesn't handle test names with a '/' correctly

Reviewed by Carlos Alberto Lopez Perez.

We use os.path.basename() to get the subtest name. If the test name contains a slash we get part of the subtest
name as the name.

  • Scripts/webkitpy/webdriver_tests/webdriver_test_runner_w3c.py:

(WebDriverTestRunnerW3C._subtest_name): Helper function to get the subtest name.
(WebDriverTestRunnerW3C.run): Use _subtest_name() instead of os.path.basename().

3:26 AM Changeset in webkit [226882] by Carlos Garcia Campos
  • 25 edits
    1 copy
    5 moves
    6 adds
    1 delete in releases/WebKitGTK/webkit-2.18/WebDriverTests

Merge r226708 - Unreviewed. Update W3C WebDriver imported tests.

  • imported/w3c/importer.json:
  • imported/w3c/tools/wptrunner/wptrunner/browsers/firefox.py:
  • imported/w3c/tools/wptrunner/wptrunner/browsers/servo.py:
  • imported/w3c/tools/wptrunner/wptrunner/environment.py:
  • imported/w3c/tools/wptrunner/wptrunner/executors/base.py:
  • imported/w3c/tools/wptrunner/wptrunner/executors/executormarionette.py:
  • imported/w3c/tools/wptrunner/wptrunner/executors/executorservo.py:
  • imported/w3c/tools/wptrunner/wptrunner/executors/pytestrunner/runner.py:
  • imported/w3c/tools/wptrunner/wptrunner/testrunner.py:
  • imported/w3c/tools/wptrunner/wptrunner/update/update.py:
  • imported/w3c/tools/wptrunner/wptrunner/webdriver_server.py:
  • imported/w3c/tools/wptrunner/wptrunner/wptlogging.py:
  • imported/w3c/tools/wptrunner/wptrunner/wptrunner.py:
  • imported/w3c/webdriver/OWNERS:
  • imported/w3c/webdriver/interface/interface.html: Removed.
  • imported/w3c/webdriver/tests/actions/modifier_click.py:
  • imported/w3c/webdriver/tests/actions/mouse.py:
  • imported/w3c/webdriver/tests/actions/mouse_dblclick.py: Added.
  • imported/w3c/webdriver/tests/actions/sequence.py:
  • imported/w3c/webdriver/tests/actions/support/mouse.py: Added.
  • imported/w3c/webdriver/tests/cookies/add_cookie.py:
  • imported/w3c/webdriver/tests/cookies/get_named_cookie.py:
  • imported/w3c/webdriver/tests/element_retrieval/init.py: Copied from WebDriverTests/imported/w3c/webdriver/tests/retrieval/init.py.
  • imported/w3c/webdriver/tests/element_retrieval/find_element.py: Renamed from WebDriverTests/imported/w3c/webdriver/tests/retrieval/find_element.py.
  • imported/w3c/webdriver/tests/element_retrieval/find_element_from_element.py: Renamed from WebDriverTests/imported/w3c/webdriver/tests/retrieval/find_element_from_element.py.
  • imported/w3c/webdriver/tests/element_retrieval/find_elements.py: Renamed from WebDriverTests/imported/w3c/webdriver/tests/retrieval/find_elements.py.
  • imported/w3c/webdriver/tests/element_retrieval/find_elements_from_element.py: Renamed from WebDriverTests/imported/w3c/webdriver/tests/retrieval/find_element_from_elements.py.
  • imported/w3c/webdriver/tests/element_send_keys/init.py: Renamed from WebDriverTests/imported/w3c/webdriver/tests/retrieval/init.py.
  • imported/w3c/webdriver/tests/element_send_keys/interactability.py: Added.
  • imported/w3c/webdriver/tests/element_send_keys/scroll_into_view.py: Added.
  • imported/w3c/webdriver/tests/execute_script/cyclic.py: Added.
  • imported/w3c/webdriver/tests/get_window_rect.py:
  • imported/w3c/webdriver/tests/interface.html:
  • imported/w3c/webdriver/tests/navigation/current_url.py:
  • imported/w3c/webdriver/tests/support/asserts.py:
  • imported/w3c/webdriver/tests/support/fixtures.py:
2:15 AM Changeset in webkit [226881] by sbarati@apple.com
  • 3 edits
    1 add in trunk

Each variant of a polymorphic inlined call should be exitOK at the top of the block

Reviewed by Yusuke Suzuki.


  • stress/each-block-at-top-of-polymorphic-call-inlining-should-be-exitOK.js: Added.



Before this patch, the very first block in the switch for polymorphic call
inlining will have exitOK at the top. The others are not guaranteed to.
That was just a bug. They're all exitOK at the top. This will lead to crashes
in FixupPhase because we won't have a node in a block that has ExitOK, so
when we fixup various type checks, we assert out.

  • dfg/DFGByteCodeParser.cpp:


12:39 AM Changeset in webkit [226880] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebCore

Unreviewed, rolling out r226721.

Lets do a slightly different fix (Requested by anttik on

Reverted changeset:

"REGRESSION(r225650): The scores of MotionMark tests Multiply
and Leaves dropped by 8%"

Jan 11, 2018:

11:59 PM Changeset in webkit [226879] by keith_miller@apple.com
  • 15 edits in trunk


Reviewed by Simon Fraser.


  • Source/cmake/WebKitFeatures.cmake:


  • Configurations/FeatureDefines.xcconfig:
  • runtime/Options.h:


  • Configurations/FeatureDefines.xcconfig:


  • Configurations/FeatureDefines.xcconfig:


  • Configurations/FeatureDefines.xcconfig:


  • Configurations/FeatureDefines.xcconfig:


  • TestWebKitAPI/Configurations/FeatureDefines.xcconfig:
10:53 PM Changeset in webkit [226878] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WTF

Remove noexcept from definition of std::tie()

Patch by Basuke Suzuki <Basuke Suzuki> on 2018-01-11
Reviewed by Yusuke Suzuki.

  • wtf/StdLibExtras.h:


10:31 PM Changeset in webkit [226877] by jmarcell@apple.com
  • 4 edits in branches/safari-605-branch/Source/WebKit

Cherry-pick r226826. rdar://problem/36458927

10:31 PM Changeset in webkit [226876] by jmarcell@apple.com
  • 4 edits in branches/safari-605-branch

Cherry-pick r226818. rdar://problem/36458899

10:31 PM Changeset in webkit [226875] by jmarcell@apple.com
  • 4 edits
    1 add in branches/safari-605-branch

Cherry-pick r226811. rdar://problem/36458907

10:31 PM Changeset in webkit [226874] by jmarcell@apple.com
  • 9 edits
    5 adds in branches/safari-605-branch

Cherry-pick r226804. rdar://problem/36450810

10:31 PM Changeset in webkit [226873] by jmarcell@apple.com
  • 2 edits in branches/safari-605-branch/LayoutTests

Cherry-pick r226798. rdar://problem/36450812

10:31 PM Changeset in webkit [226872] by jmarcell@apple.com
  • 6 edits
    2 adds in branches/safari-605-branch

Cherry-pick r226796. rdar://problem/36450730

10:31 PM Changeset in webkit [226871] by jmarcell@apple.com
  • 5 edits in branches/safari-605-branch

Cherry-pick r226795. rdar://problem/36450750

10:31 PM Changeset in webkit [226870] by jmarcell@apple.com
  • 10 edits in branches/safari-605-branch

Cherry-pick r226791. rdar://problem/36450803

10:30 PM Changeset in webkit [226869] by jmarcell@apple.com
  • 2 edits in branches/safari-605-branch/Source/JavaScriptCore

Cherry-pick r226788. rdar://problem/36450828

10:30 PM Changeset in webkit [226868] by jmarcell@apple.com
  • 2 edits in branches/safari-605-branch/Source/WTF

Cherry-pick r226784. rdar://problem/36450746

10:30 PM Changeset in webkit [226867] by jmarcell@apple.com
  • 10 edits
    3 adds in branches/safari-605-branch/Source

Cherry-pick r226778. rdar://problem/36450800

10:30 PM Changeset in webkit [226866] by jmarcell@apple.com
  • 3 edits
    1 add in branches/safari-605-branch

Cherry-pick r226767. rdar://problem/36450818

10:30 PM Changeset in webkit [226865] by jmarcell@apple.com
  • 16 edits
    3 moves
    2 adds
    2 deletes in branches/safari-605-branch

Cherry-pick r226766. rdar://problem/36459143

10:30 PM Changeset in webkit [226864] by jmarcell@apple.com
  • 2 edits in branches/safari-605-branch

Cherry-pick r226758. rdar://problem/36450739

10:30 PM Changeset in webkit [226863] by jmarcell@apple.com
  • 2 edits in branches/safari-605-branch/Source/JavaScriptCore

Cherry-pick r226655. rdar://problem/36450822

9:29 PM Changeset in webkit [226862] by jiewen_tan@apple.com
  • 5 edits
    11 adds in trunk

[WebAuthN] Import a CBOR coder from Chromium

Reviewed by Brent Fulgham.


This patch imports a CBOR coder including encoder and decoder from Chromium. CBOR encoder
is needed for WebAuthN to encode attestation object into binaries. When supporting extensions
in the future, CBOR encoder/decoder will be needed as well. Implementating and maintaining
a fully-fledged CBOR coder doesn't seem to align with WebKit's best interests. Therefore,
importing a most suitable third party implementation will be wise.

In this patch, it fully integrate the whole coder into our codebase. Those changes includes:

  1. Substitute data structures that enjoy a better WTF version.
  2. Replacing marcos.
  3. Implementating workarounds for some functionalities that we lack fundamental types' support.
  4. Changing the coding style to match ours.

This patch doesn't intend to improve the logic of the original codebase. Hence some of the
coding logic might not match what WebKit ususally has.

Here is a full list of Chromium changes that constructed this CBOR coder in chronological order:

Covered by API tests.

  • Modules/webauthn/cbor/CBORBinary.h: Added.
  • Modules/webauthn/cbor/CBORReader.cpp: Added.

Workarounds applied.
Workarounds applied.

  • Modules/webauthn/cbor/CBORReader.h: Added.
  • Modules/webauthn/cbor/CBORValue.cpp: Added.

(cbor::CBORValue::clone const):
(cbor::CBORValue::getInteger const):
(cbor::CBORValue::getUnsigned const):
(cbor::CBORValue::getNegative const):
(cbor::CBORValue::getString const):
(cbor::CBORValue::getByteString const):
(cbor::CBORValue::getArray const):
(cbor::CBORValue::getMap const):
(cbor::CBORValue::getSimpleValue const):

  • Modules/webauthn/cbor/CBORValue.h: Added.
  • Modules/webauthn/cbor/CBORWriter.cpp: Added.

Workarounds applied.

  • Modules/webauthn/cbor/CBORWriter.h: Added.
  • Sources.txt:
  • WebCore.xcodeproj/project.pbxproj:


This patch also imports all unit tests into our API tests to ensure all
workarounds and modification against the original codebase doesn't change
any original functionalities.

  • TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
  • TestWebKitAPI/Tests/WebCore/CBORReaderTest.cpp: Added.


  • TestWebKitAPI/Tests/WebCore/CBORValueTest.cpp: Added.


  • TestWebKitAPI/Tests/WebCore/CBORWriterTest.cpp: Added.

Workarounds applied.

8:53 PM Changeset in webkit [226861] by jmarcell@apple.com
  • 5 edits in branches/safari-605-branch/LayoutTests

Cherry-pick r226646. rdar://problem/36429142

8:53 PM Changeset in webkit [226860] by jmarcell@apple.com
  • 4 edits
    2 adds in branches/safari-605-branch

Cherry-pick r226755. rdar://problem/36429123

8:53 PM Changeset in webkit [226859] by jmarcell@apple.com
  • 14 edits
    2 adds in branches/safari-605-branch

Cherry-pick r226753. rdar://problem/36429138

8:53 PM Changeset in webkit [226858] by jmarcell@apple.com
  • 16 edits
    2 adds in branches/safari-605-branch

Cherry-pick r226750. rdar://problem/36429156

8:52 PM Changeset in webkit [226857] by jmarcell@apple.com
  • 2 edits in branches/safari-605-branch/Source/WebKit

Cherry-pick r226742. rdar://problem/36429136

8:52 PM Changeset in webkit [226856] by jmarcell@apple.com
  • 2 edits in branches/safari-605-branch/Source/WebCore

Cherry-pick r226721. rdar://problem/36429159

8:52 PM Changeset in webkit [226855] by jmarcell@apple.com
  • 2 edits in branches/safari-605-branch/Source/WebCore

Cherry-pick r226705. rdar://problem/36429137

8:52 PM Changeset in webkit [226854] by jmarcell@apple.com
  • 6 edits
    9 adds in branches/safari-605-branch

Cherry-pick r226677. rdar://problem/36429157

8:52 PM Changeset in webkit [226853] by jmarcell@apple.com
  • 9 edits
    12 moves
    2 adds in branches/safari-605-branch

Cherry-pick r226668. rdar://problem/36429139

8:52 PM Changeset in webkit [226852] by jmarcell@apple.com
  • 3 edits
    3 adds in branches/safari-605-branch

Cherry-pick r226653. rdar://problem/36429147

8:52 PM Changeset in webkit [226851] by jmarcell@apple.com
  • 5 edits
    1 add in branches/safari-605-branch

Cherry-pick r226650. rdar://problem/36429150

8:52 PM Changeset in webkit [226850] by jmarcell@apple.com
  • 4 edits in branches/safari-605-branch/Source/WebKit

Cherry-pick r226644. rdar://problem/36429133

8:52 PM Changeset in webkit [226849] by jmarcell@apple.com
  • 4 edits
    6 adds in branches/safari-605-branch

Cherry-pick r226599. rdar://problem/36429130

8:52 PM Changeset in webkit [226848] by jmarcell@apple.com
  • 1 edit
    2 adds in branches/safari-605-branch/LayoutTests

Cherry-pick r226527. rdar://problem/36429143

8:52 PM Changeset in webkit [226847] by jmarcell@apple.com
  • 4 edits
    14 moves in branches/safari-605-branch/Source/WebCore

Revert r226013. rdar://problem/36096522

8:52 PM Changeset in webkit [226846] by jmarcell@apple.com
  • 6 edits
    2 deletes in branches/safari-605-branch/Source/WebCore

Revert r226127. rdar://problem/36123315

8:51 PM Changeset in webkit [226845] by jmarcell@apple.com
  • 5 edits in branches/safari-605-branch/Source/WebCore

Revert r226140. rdar://problem/36139222

8:51 PM Changeset in webkit [226844] by jmarcell@apple.com
  • 8 edits
    1 copy
    2 moves in branches/safari-605-branch/Source/WebCore

Revert r226168. rdar://problem/36145846

8:51 PM Changeset in webkit [226843] by jmarcell@apple.com
  • 9 edits
    4 moves in branches/safari-605-branch/Source/WebCore

Revert r226179. rdar://problem/36156495

8:47 PM Changeset in webkit [226842] by Chris Dumez
  • 6 edits
    4 adds in trunk

Setting Window.opener to null should disown its opener

Reviewed by Ryosuke Niwa.


Setting Window.opener to null should disown its opener as per:

With this change, tabs opened by clicking link inside Gmail no
longer have the Gmail window as opener.

Tests: fast/dom/Window/window-opener-set-to-null.html


  • bindings/js/JSDOMWindowCustom.cpp:


  • page/DOMWindow.cpp:


  • page/DOMWindow.h:
  • page/DOMWindow.idl:


Add layout test coverage.

  • fast/dom/Window/window-opener-set-to-null-expected.txt: Added.
  • fast/dom/Window/window-opener-set-to-null.html: Added.
  • fast/dom/Window/window-opener-shadowing-expected.txt: Added.
  • fast/dom/Window/window-opener-shadowing.html: Added.
7:31 PM Changeset in webkit [226841] by Jonathan Bedard
  • 2 edits in trunk/Tools

webkitpy: Use partially disambiguated type in SimulatedDeviceManager._disambiguate_device_type

Reviewed by Aakash Jain.

When disambiguating a device type, it is possible that the provided device type is sufficiently
ambiguous that the comparisons against complete device types without a disambiguated hardware_family
will result in a failure to disambiguate the type.

  • Scripts/webkitpy/xcode/new_simulated_device.py:


7:30 PM Changeset in webkit [226840] by msaboff@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

REGRESSION(226788): AppStore Crashed @ JavaScriptCore: JSC::MacroAssemblerARM64::pushToSaveImmediateWithoutTouchingRegisters

Reviewed by Keith Miller.

  • assembler/MacroAssemblerARM64.h:

Reverting these functions to use dataTempRegister and memoryTempRegister as they are
JIT release asserts that will crash the program.

Changed this so that it invalidates any cached dataTmpRegister contents if temp register
caching is enabled.

7:16 PM Changeset in webkit [226839] by mmaxfield@apple.com
  • 3 edits
    2 adds in trunk

[Cocoa] Star character disappears when bolded

Reviewed by Simon Fraser.


We had some code in ComplexTextController to ask the FontCache for a font, given the name
of a particular font CoreText used inside a CTRun. This is wrong for two reasons: fonts
are not identifiable by PostScript name (in the general case), and because the lookup
procedure requires a FontDescription, the result may yield a font that is not the one
looked up. The goal of this code was simply to preserve the rendering mode of the font,
but we removed support for these rendering modes years ago. So the solution is to skip
that lookup and use the CoreText font directly.

Test: fast/text/unknown-font.html

  • platform/graphics/mac/ComplexTextControllerCoreText.mm:



  • fast/text/unknown-font-expected-mismatch.html: Added.
  • fast/text/unknown-font.html: Added.
7:13 PM Changeset in webkit [226838] by Brent Fulgham
  • 10 edits in trunk

REGRESSION(r219530): ResourceLoadStatisticsPersistentStorage should be read-only in ephemeral sessions

Reviewed by Chris Dumez.


Some uses of WebKit involve running a UIProcess as an ephemeral session for the life of the process. In this
case, we do not initialize the data path for the set of load statistics triggering an assertion.

We actually intended ephemeral sessions to consume the existing resource load data (presumably captured during
non-ephemeral browsing). This would be a read-only mode, where it would not add new entries to the load
statistics, but would take advantage of existing observations. Currently that does not happen (for this type
of WebKit embed), which forces each run as an ephemeral session to build up in-memory browsing data until it has
enough observations to begin modifying loads.

We need to set the ResourceLoadStatisticsPersistentStorage object to a "read only" mode in this case, so
that it read (but does not write) from this database.

Tested by ephemeral website data TestWebKitAPI tests.

  • UIProcess/ResourceLoadStatisticsPersistentStorage.cpp:

(WebKit::ResourceLoadStatisticsPersistentStorage::create): Added to allow creation of the right style of
Persistent Storage.
(WebKit::ResourceLoadStatisticsPersistentStorage::ResourceLoadStatisticsPersistentStorage): Initialize the
new data member.
(WebKit::ResourceLoadStatisticsPersistentStorage::asyncWriteTimerFired): RELEASE_ASSERT that we never run
this method when in "read only" mode.
(WebKit::ResourceLoadStatisticsPersistentStorage::writeMemoryStoreToDisk): Ditto.
(WebKit::ResourceLoadStatisticsPersistentStorage::scheduleOrWriteMemoryStore): Return early if asked to
schedule a write operation for a "read only" persistent store.
(WebKit::ResourceLoadStatisticsPersistentStorage::finishAllPendingWorkSynchronously): RELEASE_ASSERT if we
ever shut down in "read only" mode with an active write timer.

  • UIProcess/ResourceLoadStatisticsPersistentStorage.h:
  • UIProcess/WebResourceLoadStatisticsStore.cpp:

(WebKit::WebResourceLoadStatisticsStore::WebResourceLoadStatisticsStore): Pass a flag indicating whether the
storage session is ephemeral or not.

  • UIProcess/WebResourceLoadStatisticsStore.h:


Add a new API test to confirm that ResourceLoadStatistics can be turned on safely for ephemeral
browsing sessions.

  • Scripts/run-gtk-tests:

(GtkTestRunner): Unskip test now that it passes.

  • TestWebKitAPI/Tests/WebKitCocoa/WebsiteDataStoreCustomPaths.mm:

(TEST): Add new WebsiteDataStoreEphemeral test.

6:19 PM Changeset in webkit [226837] by Ryan Haddad
  • 2 edits in trunk/Tools

Unreviewed, rolling out r226816.

This change broke LayoutTests on the bots.

Reverted changeset:

"run-webkit-tests fails when there is a curly brace in Xcode
build output"

6:13 PM Changeset in webkit [226836] by rniwa@webkit.org
  • 4 edits in trunk/Websites/perf.webkit.org

Cannot trigger Dromaeo tests on internal perf try bots

Reviewed by Chris Dumez.

The bug was caused by CustomAnalysisTaskConfigurator only showing the top-level tests that are triggerable
instead of the list of highest level tests that are triggerable.

  • public/v3/components/custom-analysis-task-configurator.js:

(CustomAnalysisTaskConfigurator.prototype.selectTests): Update the test group name when a new test is picked.
(CustomAnalysisTaskConfigurator.prototype._didUpdateSelectedPlatforms): Extracted from selectPlatform.
(CustomAnalysisTaskConfigurator.prototype._renderTriggerableTests): Include the list of all highest-level tests
which are triggerable.
(CustomAnalysisTaskConfigurator.prototype._renderRadioButtonList): Added labelForObject which returns the label
to be used in the list items. For tests, we want to use the full name, not just its label.

  • public/v3/models/analysis-task.js:


  • public/v3/models/triggerable.js:

(Triggerable.prototype.acceptedTests): Added.
(Triggerable.prototype.acceptsTest): Deleted.

5:53 PM Changeset in webkit [226835] by Keith Rollin
  • 8 edits in trunk/Source

Add optional logging of ITP-related user interaction information

Reviewed by Brent Fulgham.

In order to support the tracking of the efficacy of Intelligent
Tracking Protection, add some logging indicating when the user
interacts with a page in a way that affects cookie partitioning. This
logging is off by default, and is enabled with `defaults write -g
WebKitLogCookieInformation -bool true`.


No new tests -- no changed functionality.

  • loader/ResourceLoadObserver.cpp:


  • loader/ResourceLoadObserver.h:

(WebCore::ResourceLoadObserver::shouldLogUserInteraction const):


  • Shared/WebProcessCreationParameters.cpp:

(WebKit::WebProcessCreationParameters::encode const):

  • Shared/WebProcessCreationParameters.h:
  • UIProcess/Cocoa/WebProcessPoolCocoa.mm:


  • WebProcess/WebProcess.cpp:


5:50 PM Changeset in webkit [226834] by jmarcell@apple.com
  • 6 edits in branches/safari-605-branch/Source/WebCore

Revert r226181. rdar://problem/36148601

5:50 PM Changeset in webkit [226833] by jmarcell@apple.com
  • 4 edits in branches/safari-605-branch/Source/WebCore

Revert r226196. rdar://problem/36157613

5:50 PM Changeset in webkit [226832] by jmarcell@apple.com
  • 5 edits
    2 deletes in branches/safari-605-branch/Source/WebCore

Revert r226221. rdar://problem/36167692

5:50 PM Changeset in webkit [226831] by jmarcell@apple.com
  • 2 edits in branches/safari-605-branch/Source/WebCore

Revert r226237. rdar://problem/36183940

5:50 PM Changeset in webkit [226830] by jmarcell@apple.com
  • 6 edits in branches/safari-605-branch/Source/WebCore

Revert r226240. rdar://problem/36180916

5:50 PM Changeset in webkit [226829] by jmarcell@apple.com
  • 6 edits in branches/safari-605-branch/Source/WebCore

Revert r226246. rdar://problem/36184788

5:50 PM Changeset in webkit [226828] by jmarcell@apple.com
  • 6 edits in branches/safari-605-branch/Source/WebCore

Revert r226265. rdar://problem/36188262

5:50 PM Changeset in webkit [226827] by jmarcell@apple.com
  • 8 edits
    2 deletes in branches/safari-605-branch/Source/WebCore

Revert r226273. rdar://problem/36196266

5:43 PM Changeset in webkit [226826] by Megan Gardner
  • 4 edits in trunk/Source/WebKit

Implement MultiDocument protocol for restoring focus to a WKWebView

Reviewed by Dan Bernstein.

Support the UIKit protocol for restoring focus to a what previously had focus.
WebKit already has a method to silently remove and replace focus, without telling the
web process about the unfocus and refocusing, so we're just using that.

  • Platform/spi/ios/UIKitSPI.h:
  • UIProcess/ios/WKContentViewInteraction.h:
  • UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView _restoreFocusWithToken:]):
(-[WKContentView _preserveFocusWithToken:destructively:]):

5:16 PM Changeset in webkit [226825] by jcraig@apple.com
  • 7 edits
    4 adds in trunk

AX: when invert colors is on, double-invert video elements in UserAgentStyleSheet

Reviewed by Simon Fraser.

Double-invert video when platform "invert colors" setting is enabled. Behavior matches
current "Smart Invert" feature of Safari Reader on macOS/iOS and other iOS native apps.


Tests: accessibility/smart-invert-reference.html


  • Modules/modern-media-controls/controls/media-controls.css:

(@media (inverted-colors)):

  • css/html.css:

(@media (inverted-colors)):


  • TestExpectations: Platform setting only available on Mac and iOS.
  • accessibility/smart-invert-expected.txt: Added.
  • accessibility/smart-invert-reference-expected.html: Added.
  • accessibility/smart-invert-reference.html: Added. Ref to ensure invert and grayscale filters render as expected.
  • accessibility/smart-invert.html: Added. Computed expectatons of filter property text values.
  • platform/ios-wk2/TestExpectations: Runs on iOS WK2.
  • platform/mac-wk2/TestExpectations: Runs on Mac WK2.
5:13 PM Changeset in webkit [226824] by Wenson Hsieh
  • 4 edits in trunk/Source

Don't load inline data when requesting info for an attachment element backed by a file path


Reviewed by Tim Horton.

When requesting data for an attachment element that is backed by a file path, we currently trigger a load in the
web process to fetch contents of the attachment data as inline data in the AttachmentInfo. This is unnecessary,
since the file path of the attachment element must have come from the UI process anyways, so it is sufficient to
simply send the file path to the UI process and have the UI process read the contents of the path as a memory-
mapped NSData.

This patch lets HTMLAttachmentElement skip over resource loading codepaths when creating an AttachmentInfo for
the client, and also teaches _WKAttachment to read a AttachmentInfo's filepath as memory-mapped data if a file
path is present, and no inline data was specified.

Covered by existing API tests.

  • html/HTMLAttachmentElement.cpp:



Reviewed by Tim Horton

See WebCore/ChangeLog for more information.

  • UIProcess/API/Cocoa/_WKAttachment.mm:

(-[_WKAttachmentInfo initWithInfo:]):
(-[_WKAttachmentInfo fileLoadingError]):
(-[_WKAttachment requestInfo:]):

4:56 PM Changeset in webkit [226823] by rniwa@webkit.org
  • 9 edits
    2 adds in trunk

Make elements of zero width or height focusable

Reviewed by Chris Dumez.


Don't check render box's size or bounding rect when deciding whether an element is focusable.
New behavior matches that of Firefox and Chrome.

Test: fast/events/focus-zero-size-element.html

  • dom/Element.cpp:

(WebCore::Element::isFocusable): Only update the style.

  • html/HTMLFormControlElement.cpp:

(WebCore::HTMLFormControlElement::isFocusable const): Deleted.

  • html/HTMLFormControlElement.h:
  • mathml/MathMLElement.cpp:

(WebCore::MathMLElement::isFocusable const): Deleted. As far as I can tell, no math ml element is focusable.

  • mathml/MathMLElement.h:
  • svg/SVGAElement.cpp:

(WebCore::SVGAElement::isFocusable const): Deleted.

  • svg/SVGAElement.h:


Added a regression test.

  • fast/events/focus-zero-size-element-expected.txt: Added.
  • fast/events/focus-zero-size-element.html: Added.
4:32 PM Changeset in webkit [226822] by fpizlo@apple.com
  • 48 edits
    6 moves in trunk/Source

Rename MarkedAllocator to BlockDirectory and AllocatorAttributes to CellAttributes

Rubber stamped by Michael Saboff.

In a world that has thread-local caches, the thing we now call the "MarkedAllocator" doesn't
really have anything to do with allocation anymore. The allocation will be done by something
in the TLC. When you move the allocation logic out of MarkedAllocator, it becomes just a
place to find blocks (a "block directory").

Once we do that renaming, the term "allocator attributes" becomes weird. Those are really the
attributes of the HeapCellType. So let's call them CellAttributes.

  • JavaScriptCore.xcodeproj/project.pbxproj:
  • Sources.txt:
  • bytecode/AccessCase.cpp:


  • bytecode/ObjectAllocationProfile.h:
  • bytecode/ObjectAllocationProfileInlines.h:


  • dfg/DFGSpeculativeJIT.cpp:


  • dfg/DFGSpeculativeJIT.h:


  • ftl/FTLAbstractHeapRepository.h:
  • ftl/FTLLowerDFGToB3.cpp:


  • heap/AlignedMemoryAllocator.cpp:

(JSC::AlignedMemoryAllocator::registerAllocator): Deleted.

  • heap/AlignedMemoryAllocator.h:

(JSC::AlignedMemoryAllocator::firstDirectory const):
(JSC::AlignedMemoryAllocator::firstAllocator const): Deleted.

  • heap/AllocatorAttributes.cpp: Removed.
  • heap/AllocatorAttributes.h: Removed.
  • heap/BlockDirectory.cpp: Copied from Source/JavaScriptCore/heap/MarkedAllocator.cpp.

(JSC::BlockDirectory::dump const):
(JSC::BlockDirectory::markedSpace const):
(JSC::MarkedAllocator::MarkedAllocator): Deleted.
(JSC::MarkedAllocator::setSubspace): Deleted.
(JSC::MarkedAllocator::isPagedOut): Deleted.
(JSC::MarkedAllocator::findEmptyBlockToSteal): Deleted.
(JSC::MarkedAllocator::didConsumeFreeList): Deleted.
(JSC::MarkedAllocator::tryAllocateWithoutCollecting): Deleted.
(JSC::MarkedAllocator::allocateIn): Deleted.
(JSC::MarkedAllocator::tryAllocateIn): Deleted.
(JSC::MarkedAllocator::doTestCollectionsIfNeeded): Deleted.
(JSC::MarkedAllocator::allocateSlowCase): Deleted.
(JSC::MarkedAllocator::blockSizeForBytes): Deleted.
(JSC::MarkedAllocator::tryAllocateBlock): Deleted.
(JSC::MarkedAllocator::addBlock): Deleted.
(JSC::MarkedAllocator::removeBlock): Deleted.
(JSC::MarkedAllocator::stopAllocating): Deleted.
(JSC::MarkedAllocator::prepareForAllocation): Deleted.
(JSC::MarkedAllocator::lastChanceToFinalize): Deleted.
(JSC::MarkedAllocator::resumeAllocating): Deleted.
(JSC::MarkedAllocator::beginMarkingForFullCollection): Deleted.
(JSC::MarkedAllocator::endMarking): Deleted.
(JSC::MarkedAllocator::snapshotUnsweptForEdenCollection): Deleted.
(JSC::MarkedAllocator::snapshotUnsweptForFullCollection): Deleted.
(JSC::MarkedAllocator::findBlockToSweep): Deleted.
(JSC::MarkedAllocator::sweep): Deleted.
(JSC::MarkedAllocator::shrink): Deleted.
(JSC::MarkedAllocator::assertNoUnswept): Deleted.
(JSC::MarkedAllocator::parallelNotEmptyBlockSource): Deleted.
(JSC::MarkedAllocator::dump const): Deleted.
(JSC::MarkedAllocator::dumpBits): Deleted.
(JSC::MarkedAllocator::markedSpace const): Deleted.

  • heap/BlockDirectory.h: Copied from Source/JavaScriptCore/heap/MarkedAllocator.h.

(JSC::BlockDirectory::attributes const):
(JSC::BlockDirectory::nextDirectory const):
(JSC::BlockDirectory::nextDirectoryInSubspace const):
(JSC::BlockDirectory::nextDirectoryInAlignedMemoryAllocator const):
(JSC::MarkedAllocator::cellSize const): Deleted.
(JSC::MarkedAllocator::attributes const): Deleted.
(JSC::MarkedAllocator::needsDestruction const): Deleted.
(JSC::MarkedAllocator::destruction const): Deleted.
(JSC::MarkedAllocator::cellKind const): Deleted.
(JSC::MarkedAllocator::heap): Deleted.
(JSC::MarkedAllocator::bitvectorLock): Deleted.
(JSC::MarkedAllocator::forEachBitVector): Deleted.
(JSC::MarkedAllocator::forEachBitVectorWithName): Deleted.
(JSC::MarkedAllocator::nextAllocator const): Deleted.
(JSC::MarkedAllocator::nextAllocatorInSubspace const): Deleted.
(JSC::MarkedAllocator::nextAllocatorInAlignedMemoryAllocator const): Deleted.
(JSC::MarkedAllocator::setNextAllocator): Deleted.
(JSC::MarkedAllocator::setNextAllocatorInSubspace): Deleted.
(JSC::MarkedAllocator::setNextAllocatorInAlignedMemoryAllocator): Deleted.
(JSC::MarkedAllocator::subspace const): Deleted.
(JSC::MarkedAllocator::freeList const): Deleted.
(JSC::MarkedAllocator::offsetOfFreeList): Deleted.
(JSC::MarkedAllocator::offsetOfCellSize): Deleted.

  • heap/BlockDirectoryInlines.h: Copied from Source/JavaScriptCore/heap/MarkedAllocatorInlines.h.

(JSC::BlockDirectory::isFreeListedCell const):
(JSC::MarkedAllocator::isFreeListedCell const): Deleted.
(JSC::MarkedAllocator::allocate): Deleted.
(JSC::MarkedAllocator::forEachBlock): Deleted.
(JSC::MarkedAllocator::forEachNotEmptyBlock): Deleted.

  • heap/CellAttributes.cpp: Copied from Source/JavaScriptCore/heap/AllocatorAttributes.cpp.

(JSC::CellAttributes::dump const):
(JSC::AllocatorAttributes::dump const): Deleted.

  • heap/CellAttributes.h: Copied from Source/JavaScriptCore/heap/AllocatorAttributes.h.

(JSC::AllocatorAttributes::AllocatorAttributes): Deleted.

  • heap/CompleteSubspace.cpp:


  • heap/CompleteSubspace.h:


  • heap/GCDeferralContext.h:
  • heap/Heap.cpp:


  • heap/Heap.h:
  • heap/HeapCell.h:
  • heap/HeapCellInlines.h:

(JSC::HeapCell::cellAttributes const):
(JSC::HeapCell::destructionMode const):
(JSC::HeapCell::cellKind const):
(JSC::HeapCell::allocatorAttributes const): Deleted.

  • heap/HeapCellType.cpp:


  • heap/HeapCellType.h:

(JSC::HeapCellType::attributes const):

  • heap/IncrementalSweeper.cpp:


  • heap/IncrementalSweeper.h:
  • heap/IsoCellSet.cpp:


  • heap/IsoCellSetInlines.h:


  • heap/IsoSubspace.cpp:


  • heap/IsoSubspace.h:


  • heap/LargeAllocation.h:

(JSC::LargeAllocation::attributes const):

  • heap/MarkedAllocator.cpp: Removed.
  • heap/MarkedAllocator.h: Removed.
  • heap/MarkedAllocatorInlines.h: Removed.
  • heap/MarkedBlock.cpp:

(JSC::MarkedBlock::Handle::subspace const):
(JSC::MarkedBlock::Handle::isFreeListedCell const):
(JSC::MarkedBlock::Handle::removeFromAllocator): Deleted.
(JSC::MarkedBlock::Handle::didAddToAllocator): Deleted.
(JSC::MarkedBlock::Handle::didRemoveFromAllocator): Deleted.

  • heap/MarkedBlock.h:

(JSC::MarkedBlock::Handle::directory const):
(JSC::MarkedBlock::Handle::attributes const):
(JSC::MarkedBlock::attributes const):
(JSC::MarkedBlock::Handle::allocator const): Deleted.

  • heap/MarkedBlockInlines.h:


  • heap/MarkedSpace.cpp:

(JSC::MarkedSpace::addMarkedAllocator): Deleted.

  • heap/MarkedSpace.h:

(JSC::MarkedSpace::firstDirectory const):
(JSC::MarkedSpace::firstAllocator const): Deleted.
(JSC::MarkedSpace::allocatorLock): Deleted.
(JSC::MarkedSpace::forEachAllocator): Deleted.

  • heap/MarkedSpaceInlines.h:
  • heap/Subspace.cpp:

(JSC::Subspace::parallelAllocatorSource): Deleted.

  • heap/Subspace.h:

(JSC::Subspace::attributes const):
(JSC::Subspace::didCreateFirstAllocator): Deleted.

  • heap/SubspaceInlines.h:

(JSC::Subspace::forEachAllocator): Deleted.

  • jit/AssemblyHelpers.h:


  • jit/JIT.h:
  • jit/JITOpcodes.cpp:


  • jit/JITOpcodes32_64.cpp:


  • runtime/JSDestructibleObjectHeapCellType.cpp:


  • runtime/JSSegmentedVariableObjectHeapCellType.cpp:


  • runtime/JSStringHeapCellType.cpp:


  • runtime/VM.cpp:


  • wasm/js/JSWebAssemblyCodeBlockHeapCellType.cpp:



No new tests because I'm just renaming things.

  • ForwardingHeaders/heap/BlockDirectoryInlines.h: Copied from Source/WebCore/ForwardingHeaders/heap/MarkedAllocatorInlines.h.
  • ForwardingHeaders/heap/MarkedAllocatorInlines.h: Removed.
  • bindings/js/DOMGCOutputConstraint.cpp:
4:30 PM Changeset in webkit [226821] by commit-queue@webkit.org
  • 3 edits in trunk/Source/WebInspectorUI

Web Inspector: Rename "Query String" section as "Query String Parameters" for clarity

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2018-01-11
Reviewed by Darin Adler.

  • Localizations/en.lproj/localizedStrings.js:
  • UserInterface/Views/ResourceHeadersContentView.js:


4:23 PM Changeset in webkit [226820] by Jonathan Bedard
  • 2 edits in trunk/Tools

webkitpy: Fix flakey webserver tests

Reviewed by Aakash Jain.

  • Scripts/webkitpy/layout_tests/controllers/layout_test_runner_unittest.py:

(LayoutTestRunnerTests.test_servers_started): Add and bind custom checks to
determine if a specific server is running.

4:19 PM Changeset in webkit [226819] by Jonathan Bedard
  • 2 edits in trunk/Tools

Commit queue failed to land a bug, 'NoneType' object has no attribute 'strip'

Reviewed by Aakash Jain.

BeautifulSoup.find may return None, this case should be gracefully handled.

  • Scripts/webkitpy/common/net/bugzilla/bugzilla.py:

(BugzillaQueries._fetch_bugs_from_advanced_query): Added logging.

4:18 PM Changeset in webkit [226818] by achristensen@apple.com
  • 4 edits in trunk

REGRESSION(r225003): Loading hangs in environments where dispatch_async does not work


Reviewed by Eric Carlson.

There is an environment where dispatch_async does not work, but performSelectorOnMainThread works.
r225003 broke loading in this environment. This fixes it and updates the test that r225003 fixed.
It failed sometimes because loading was happening in a different order than html parsing, so I made
the test not depend on html parsing timing by updating media/video-src-remove.html.

  • platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.mm:

(-[WebCoreResourceHandleAsOperationQueueDelegate callFunctionOnMainThread:]):


Reviewed by Eric Carlson.

  • media/video-src-remove.html:
4:15 PM Changeset in webkit [226817] by commit-queue@webkit.org
  • 12 edits in trunk/Source/WebKit

Unreviewed, rolling out r226789 and r226794.

broke API tests (Requested by alexchristensen on #webkit).

Reverted changesets:

"Merge sync and async code paths for getting context menus"

"Revert changes accidentally committed with r226789."

4:15 PM Changeset in webkit [226816] by ap@apple.com
  • 2 edits in trunk/Tools

run-webkit-tests fails when there is a curly brace in Xcode build output

Reviewed by Daniel Bates.

  • Scripts/webkitpy/layout_tests/views/metered_stream.py:


4:03 PM Changeset in webkit [226815] by dino@apple.com
  • 6 edits
    2 deletes in trunk

Revert "[WebGL] Simulated vertexAttrib0 can sometimes cause OUT_OF_MEMORY errors"

This reverts commit 4e43e4975b1c771ab7aac2ee15568ff4fadccc57.

3:57 PM Changeset in webkit [226814] by dino@apple.com
  • 6 edits
    2 adds in trunk

[WebGL] Simulated vertexAttrib0 can sometimes cause OUT_OF_MEMORY errors

Reviewed by Eric Carlson.


Very large element indices in the ELEMENT_ARRAY_BUFFER meant that
our simulated vertexAttrib0 buffer might be too large. We need
to check for out-of-memory, but we can also detect some of the issues
earlier in our validation code. Additionally, make sure that we don't
accidentally cast an unsigned to a signed.

Test: fast/canvas/webgl/simulated-vertexAttrib0-invalid-indicies.html

  • html/canvas/WebGL2RenderingContext.cpp:

(WebCore::WebGL2RenderingContext::validateIndexArrayConservative): Update validation
code to look for overflow, rather than relying on looking for sign changes.

  • html/canvas/WebGLRenderingContext.cpp:

(WebCore::WebGLRenderingContext::validateIndexArrayConservative): Ditto.

  • html/canvas/WebGLRenderingContextBase.cpp:

(WebCore::WebGLRenderingContextBase::drawArrays): Check that we were able to simulate.
(WebCore::WebGLRenderingContextBase::validateSimulatedVertexAttrib0): Update validation code, and
use GC3Duint, since that's what the indicies are.
(WebCore::WebGLRenderingContextBase::simulateVertexAttrib0): Ditto.
(WebCore::WebGLRenderingContextBase::drawArraysInstanced): Check that we were able to simulate.

  • html/canvas/WebGLRenderingContextBase.h:


  • fast/canvas/webgl/simulated-vertexAttrib0-invalid-indicies-expected.txt: Added.
  • fast/canvas/webgl/simulated-vertexAttrib0-invalid-indicies.html: Added.
3:41 PM Changeset in webkit [226813] by Chris Dumez
  • 4 edits in trunk

ASSERTION FAILED: registration in WebCore::SWServerWorker::skipWaiting()

Reviewed by Youenn Fablet.


Replace assertion in SWServerWorker::skipWaiting() that assumes the worker
has a registration. Nowadays, a SWServerWorker can stay alive for a short
period without having a registration, while it is terminating.

No new tests, unskipped existing test.

  • workers/service/server/SWServerWorker.cpp:



Unskip test that is no longer flakily crashing.

3:28 PM Changeset in webkit [226812] by Jonathan Bedard
  • 2 edits
    3 deletes in trunk/Tools

webkitpy: Reimplement simulator code (Part 3)

Reviewed by Aakash Jain.

Remove old simulator code.

  • Scripts/webkitpy/xcode/init.py: Remove import statement.
  • Scripts/webkitpy/xcode/simulated_device.py: Removed.
  • Scripts/webkitpy/xcode/simulator.py: Removed.
  • Scripts/webkitpy/xcode/simulator_unittest.py: Removed.
3:21 PM Changeset in webkit [226811] by sbarati@apple.com
  • 4 edits
    1 add in trunk

When inserting Unreachable in byte code parser we need to flush all the right things

Reviewed by Mark Lam.


  • stress/proper-flushing-when-we-insert-unreachable-after-force-exit-in-bytecode-parser.js: Added.


I added code in r226655 that had its own mechanism for preserving liveness when
inserting Unreachable nodes after ForceOSRExit. There are two ways to preserve
liveness: PhantomLocal and Flush. Certain values *must* be flushed to the stack.
I got some of these values wrong, which was leading to a crash when recovering the
callee value from an inlined frame. Instead of making the same mistake and repeating
similar code again, this patch refactors this logic to be shared with the other
liveness preservation code in the DFG bytecode parser. This is what I should have
done in my initial patch.

  • bytecode/InlineCallFrame.h:


  • dfg/DFGByteCodeParser.cpp:


2:45 PM Changeset in webkit [226810] by jmarcell@apple.com
  • 1 copy in tags/Safari-604.

Tag Safari-604.

2:43 PM Changeset in webkit [226809] by Antti Koivisto
  • 5 edits in trunk/Source/WebCore

Don't call RenderElement::setStyle when nothing changes

Reviewed by Zalan Bujtas.

  • style/StyleChange.h:

Remove 'Force' value. This essentially meant 'compute style for all descendants and call setStyle unconditionally'.
Using this value lost information about whether anything actually changed in a particular style as it was automatically
inherited by all descendants. The 'compute all descendants' part of the behavior is what is actually needed.

Instead add separate DescendantsToResolve enum for communicating what else to compute.

  • style/StyleTreeResolver.cpp:


Figure out which descendants will need resolving based on how the current elements style changed.


Use DescendantsToResolve as input.


  • style/StyleTreeResolver.h:
  • style/StyleUpdate.h:


Add DescendantsToResolve.

2:32 PM Changeset in webkit [226808] by Wenson Hsieh
  • 26 edits in trunk/Source

Send PromisedBlobInfo to the client through DragItem instead of DragClient::prepareToDragPromisedBlob

Reviewed by Tim Horton.


Refactor drag initiation with DOMFile-backed attachment elements. See WebKit ChangeLog for more information. No
change in behavior; promised blob dragging covered by WKAttachment API tests.

  • loader/EmptyClients.cpp:
  • page/DragClient.h:

(WebCore::DragClient::prepareToDragPromisedBlob): Deleted.

  • page/DragController.cpp:

(WebCore::DragController::dragAttachmentElement): Deleted.

  • page/DragController.h:
  • platform/DragItem.h:

(WebCore::DragItem::encode const):


Refactor drag and drop support for promised blob data, so that blob info is shipped across to the client layer
via DragItem in the DragClient::startDrag codepath, rather than via a separate prepareToDragPromisedBlob client
codepath that stages promised blob info.

  • UIProcess/Cocoa/WebViewImpl.h:
  • UIProcess/Cocoa/WebViewImpl.mm:

(WebKit::WebViewImpl::prepareToDragPromisedBlob): Deleted.

  • UIProcess/PageClient.h:

(WebKit::PageClient::prepareToDragPromisedBlob): Deleted.

  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::prepareToDragPromisedBlob): Deleted.

  • UIProcess/WebPageProxy.h:
  • UIProcess/WebPageProxy.messages.in:
  • UIProcess/ios/PageClientImplIOS.h:
  • UIProcess/ios/PageClientImplIOS.mm:

(WebKit::PageClientImpl::prepareToDragPromisedBlob): Deleted.

  • UIProcess/ios/WKContentViewInteraction.h:
  • UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView _startDrag:item:]):

  • UIProcess/mac/PageClientImplMac.h:
  • UIProcess/mac/PageClientImplMac.mm:

(WebKit::PageClientImpl::prepareToDragPromisedBlob): Deleted.

  • WebProcess/WebCoreSupport/WebDragClient.cpp:

(WebKit::WebDragClient::prepareToDragPromisedBlob): Deleted.

  • WebProcess/WebCoreSupport/WebDragClient.h:
  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::prepareToDragPromisedBlob): Deleted.

  • WebProcess/WebPage/WebPage.h:


See other ChangeLogs for more detail.

  • WebCoreSupport/WebDragClient.h:
2:19 PM Changeset in webkit [226807] by pvollan@apple.com
  • 7 edits in trunk/Source

VoiceOver does not work when the WebContent process is using NSRunLoop.

Reviewed by Brent Fulgham.


Add NSApplication class method to initialize accessibility.

  • pal/spi/mac/NSApplicationSPI.h:


When the WebContent process is using NSRunLoop instead of the NSApplication run loop,
accessibility must be initialized for VoiceOver to work. This patch also switches to
using NSRunLoop in the WebContent process.

  • Configurations/WebContentService.xcconfig:
  • Platform/IPC/mac/ConnectionMac.mm:

(IPC::AccessibilityProcessSuspendedNotification): Remove unneccessary workaround.

  • WebProcess/EntryPoint/mac/XPCService/WebContentService/Info-OSX.plist: Switch to NSRunLoop.
  • WebProcess/cocoa/WebProcessCocoa.mm:

(WebKit::WebProcess::platformInitializeProcess): Initialize accessibility.

2:18 PM Changeset in webkit [226806] by sbarati@apple.com
  • 5 edits
    1 add in trunk

JITMathIC code in the FTL is wrong when code gets duplicated

Reviewed by Michael Saboff and Keith Miller.


  • stress/allow-math-ic-b3-code-duplication.js: Added.


B3/Air may duplicate code for various reasons. Patchpoint generators inside
FTLLower must be aware that they can be called multiple times because of this.
The patchpoint for math ICs was not aware of this, and shared state amongst
all invocations of the patchpoint's generator. This patch fixes this bug so
that each invocation of the patchpoint's generator gets a unique math IC.

  • bytecode/CodeBlock.h:


  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileMathIC): Deleted.

  • jit/JITMathIC.h:


2:14 PM Changeset in webkit [226805] by don.olmstead@sony.com
  • 2 edits in trunk/Source/WebKit

WebContextMenuListenerProxy.cpp not including config on first line

Reviewed by Alex Christensen.

  • UIProcess/WebContextMenuListenerProxy.cpp:
1:54 PM Changeset in webkit [226804] by commit-queue@webkit.org
  • 9 edits
    5 adds in trunk

RTCController should disable ICE candidate filtering in case of getUserMedia based on the RTCPerrConnection origin

Patch by Youenn Fablet <youenn@apple.com> on 2018-01-11
Reviewed by Eric Carlson.


Test: http/wpt/webrtc/third-party-frame-ice-candidate-filtering.html

RTCController now stores all the client origins (top+frame origins) of frames that got access to camera/microphone access.
For any such client origin, PeerConnection objects ICE candidate filtering is disabled.
ICE candidate filtering is reset whenever navigating/reloading the page.

  • Modules/mediastream/RTCController.cpp:


  • Modules/mediastream/RTCController.h:
  • Modules/mediastream/RTCPeerConnection.cpp:


  • Modules/mediastream/UserMediaRequest.cpp:


  • page/Page.cpp:


  • testing/Internals.cpp:



  • http/wpt/webrtc/resources/third-party-frame-ice-candidate-filtering-iframe.html: Added.
  • http/wpt/webrtc/third-party-frame-ice-candidate-filtering-expected.txt: Added.
  • http/wpt/webrtc/third-party-frame-ice-candidate-filtering.html: Added.
1:51 PM Changeset in webkit [226803] by jmarcell@apple.com
  • 7 edits in branches/safari-604.5.6.1-branch/Source


1:45 PM Changeset in webkit [226802] by commit-queue@webkit.org
  • 3 edits
    2 adds in trunk

window.visualViewport should behave as [SameObject]

Patch by Ali Juma <ajuma@chromium.org> on 2018-01-11
Reviewed by Chris Dumez.


Add 'GenerateIsReachable' to VisualViewport so that window.visualViewport's
JS wrapper object doesn't get garbage collected too soon.

Test: fast/visual-viewport/visual-viewport-same-object.html

  • page/VisualViewport.idl:


  • fast/visual-viewport/visual-viewport-same-object-expected.txt: Added.
  • fast/visual-viewport/visual-viewport-same-object.html: Added.
1:42 PM Changeset in webkit [226801] by commit-queue@webkit.org
  • 2 edits in trunk/LayoutTests

imported/w3c/web-platform-tests/service-workers/service-worker/multiple-update.https.html is slow on Debug


Patch by Youenn Fablet <youenn@apple.com> on 2018-01-11

1:36 PM Changeset in webkit [226800] by don.olmstead@sony.com
  • 6 edits
    2 moves
    1 add in trunk/Source/WebCore

[Curl] Extract multipart handling from ResourceHandle to CurlRequest.

Patch by Basuke Suzuki <Basuke Suzuki> on 2018-01-11
Reviewed by Alex Christensen.

Rename old MultipartHandle class to CurlMultipartHandle and modernize it. Also move the responsibility
of handling multi part from ResourceHandle to CurlRequest. This is required for upcoming NetworkLoadTask.

No new tests because no new behavior.

  • platform/Curl.cmake:
  • platform/network/curl/CurlMultipartHandle.cpp: Renamed from Source/WebCore/platform/network/curl/MultipartHandle.cpp.


  • platform/network/curl/CurlMultipartHandle.h: Renamed from Source/WebCore/platform/network/curl/MultipartHandle.h.


  • platform/network/curl/CurlMultipartHandleClient.h: Added.


  • platform/network/curl/CurlRequest.cpp:


  • platform/network/curl/CurlRequest.h:


  • platform/network/curl/ResourceHandleCurlDelegate.cpp:


  • platform/network/curl/ResourceHandleCurlDelegate.h:
1:33 PM Changeset in webkit [226799] by jmarcell@apple.com
  • 1 copy in branches/safari-604.5.6.1-branch

New Branch.

1:09 PM Changeset in webkit [226798] by Matt Lewis
  • 2 edits in trunk/LayoutTests

Rebaseline of media/event-queue-crash.html after r226785

Unreviewed test gardening.

  • media/event-queue-crash-expected.txt:
12:51 PM Changeset in webkit [226797] by Alan Bujtas
  • 4 edits
    2 adds in trunk

RenderTreeUpdater::current() returns null_ptr when mutation is done through Document::resolveStyle.

Reviewed by Antti Koivisto.


This patch ensures that we use a valid RenderTreeBuilder even when
Document::resolveStyle (incorrectly) triggers tree mutation.
It can be reverted soon after the incorrect mutations are taken care of.

Test: fast/forms/button-set-text-crash.html

  • rendering/RenderButton.cpp:


  • rendering/RenderMenuList.cpp:



  • fast/forms/button-set-text-crash-expected.txt: Added.
  • fast/forms/button-set-text-crash.html: Added.
12:29 PM Changeset in webkit [226796] by graouts@webkit.org
  • 6 edits
    2 adds in trunk

Only listen to webkitplaybacktargetavailabilitychanged when media controls are visible to the user

Reviewed by Eric Carlson.


Because listening to "webkitplaybacktargetavailabilitychanged" events incurs some higher power usage on iOS,
we only listen to such events when controls are visible to the user. In other words, the MediaControls need to
have both "visible" set to "true" and "faded" set to "false". To support this, we add a delegate method on
MediaControls such that it can tell the MediaController that the "visible" property changed. With this message,
MediaController can inform its MediaControllerSupport objects that user visibility of the controls changed, which
lets AirplaySupport disable itself when controls are no longer visible.

Test: media/modern-media-controls/airplay-support/airplay-support-disable-event-listeners-with-hidden-controls.html

  • Modules/modern-media-controls/controls/media-controls.js:

(MediaControls.prototype.set visible):

  • Modules/modern-media-controls/media/airplay-support.js:


  • Modules/modern-media-controls/media/media-controller-support.js:


  • Modules/modern-media-controls/media/media-controller.js:



Add a test that checks that enabling AirPlay routes when the controls are not visible to the user
does not incur any change, and that making the controls visible again shows the controls in the
expected state.

  • media/modern-media-controls/airplay-support/airplay-support-disable-event-listeners-with-hidden-controls-expected.txt: Added.
  • media/modern-media-controls/airplay-support/airplay-support-disable-event-listeners-with-hidden-controls.html: Added.
12:18 PM Changeset in webkit [226795] by graouts@webkit.org
  • 5 edits in trunk

[iOS] There should be no controls markup generated in fullscreen

Reviewed by Eric Carlson.


We completely forgo the display of any content when fullscreen on iOS by setting the
"visible" flag to "false" on the MediaControls, which will prevent any DOM content from
being added.

  • Modules/modern-media-controls/media/media-controller.js:

(MediaController.prototype._updateSupportingObjectsEnabledState): Deleted.


We update this test to simply check that we're removing all child nodes.

  • media/modern-media-controls/media-controller/ios/media-controller-stop-updates-in-fullscreen-expected.txt:
  • media/modern-media-controls/media-controller/ios/media-controller-stop-updates-in-fullscreen.html:
12:11 PM Changeset in webkit [226794] by achristensen@apple.com
  • 2 edits in trunk/Source/WebCore

Revert changes accidentally committed with r226789.

I had some local changes I did not mean to commit.

  • platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.mm:

(-[WebCoreResourceHandleAsOperationQueueDelegate callFunctionOnMainThread:]):
(WebCore::if): Deleted.
(WebCore::>::fromCallable): Deleted.

11:58 AM Changeset in webkit [226793] by timothy_horton@apple.com
  • 2 edits in trunk/Source/WebKitLegacy/mac

Null deref in WebImmediateActionController _dictionaryPopupInfoForRange

Reviewed by Alex Christensen.

  • WebView/WebImmediateActionController.mm:

(+[WebImmediateActionController _dictionaryPopupInfoForRange:inFrame:withLookupOptions:indicatorOptions:transition:]):
Apply the change made in r216652 to WebKit1's immediate action controller.

Speculative (but successful in WebKit2) fix for non-reproducible crash when
the startContainer of the range is in an anonymous node.

11:54 AM Changeset in webkit [226792] by commit-queue@webkit.org
  • 8 edits in trunk

Redirected iframe loading with Request.redirect=follow should fail

Patch by Youenn Fablet <youenn@apple.com> on 2018-01-11
Reviewed by Alex Christensen.


Updated tests to output a more deterministic output, more debuggable.
Made use of media.js to allow loading either oga or mp3 when oga is not supported.

  • web-platform-tests/service-workers/service-worker/fetch-request-redirect.https-expected.txt:
  • web-platform-tests/service-workers/service-worker/fetch-request-redirect.https.html:


  • WebProcess/Storage/ServiceWorkerClientFetch.cpp:



11:53 AM Changeset in webkit [226791] by Simon Fraser
  • 10 edits in trunk

On macOS, getBoundingClientRect gives incorrect values when pinch-zoomed

Reviewed by Zalan Bujtas.

When reverting "client coordinates are relative to layout viewport" in r219829
I broke documentToClientOffset() on macOS by failing to take pinch zoom scale into
account (frameScaleFactor() is always 1 on iOs, so this bug doesn't manifest there).

Covered by existing tests.

  • page/FrameView.cpp:

(WebCore::FrameView::documentToClientOffset const):


New results in tests that get client coordinates after zooming.

  • fast/visual-viewport/client-coordinates-relative-to-layout-viewport-expected.txt:
  • fast/visual-viewport/client-rects-relative-to-layout-viewport-expected.txt:
  • fast/visual-viewport/client-rects-relative-to-layout-viewport-zoomed.html:
  • fast/visual-viewport/zoomed-fixed-expected.txt:
  • fast/visual-viewport/zoomed-fixed-header-and-footer-expected.txt:
  • fast/zooming/client-rect-in-fixed-zoomed-expected.txt:
  • fast/zooming/client-rect-in-fixed-zoomed.html: Change the test to create passing results.
11:48 AM Changeset in webkit [226790] by commit-queue@webkit.org
  • 9 edits in trunk/Source

Replace WebRTCLegacyAPIDisabled by WebRTCLegacyAPIEnabled and switch off WebRTC legacy flag by default

Patch by Youenn Fablet <youenn@apple.com> on 2018-01-11
Reviewed by Eric Carlson.


No change of behavior.

  • page/RuntimeEnabledFeatures.h: Set default value to false.


Renaming preference to WebRTCLegacyAPIEnabled for simplification and removing it from experimental feature.
Set it to off by default.

  • Shared/WebPreferences.yaml:
  • UIProcess/API/C/WKPreferences.cpp:


  • UIProcess/API/Cocoa/WKPreferences.mm:

(-[WKPreferences _webRTCLegacyAPIEnabled]):
(-[WKPreferences _setWebRTCLegacyAPIEnabled:]):

  • UIProcess/WebProcessPool.cpp:


  • WebProcess/WebPage/WebPage.cpp:



  • WebView/WebPreferences.mm:

(+[WebPreferences initialize]):

11:22 AM Changeset in webkit [226789] by achristensen@apple.com
  • 13 edits in trunk/Source

Merge sync and async code paths for getting context menus

Reviewed by Joseph Pecoraro.

What a mess. We had a code path for asynchronous context menu generation and a different one for synchronous context menu generation.
This makes it so there is just one. At the API level we see if there is an asynchronous delegate to call, then synchronous.
There is a subtle theoretical change in behaviour because m_page.contextMenuClient().showContextMenu is now called for the asynchronous
case and it wasn't before, but the one C API client that uses this has nullptr as it's WKPageShowContextMenuCallback, so we won't break anything!

  • UIProcess/API/APIContextMenuClient.h:

(API::ContextMenuClient::getContextMenuFromProposedMenuAsync): Deleted.

  • UIProcess/API/C/WKPage.cpp:


  • UIProcess/API/glib/WebKitContextMenuClient.cpp:
  • UIProcess/WebContextMenuProxy.h:
  • UIProcess/gtk/WebContextMenuProxyGtk.cpp:


  • UIProcess/gtk/WebContextMenuProxyGtk.h:
  • UIProcess/mac/WebContextMenuProxyMac.h:
  • UIProcess/mac/WebContextMenuProxyMac.mm:


  • UIProcess/wpe/WebContextMenuProxyWPE.h:
11:13 AM Changeset in webkit [226788] by msaboff@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

Ensure there are no unsafe uses of MacroAssemblerARM64::dataTempRegister

Reviewed by Saam Barati.

  • assembler/MacroAssemblerARM64.h:

All current uses of dataTempRegister in these functions are safe, but it makes sense to
fix them in case they might be used elsewhere.

10:45 AM WebInspectorDebugging edited by Joseph Pecoraro
Remove some stale sections and mention InspectorTest.debug (diff)
10:42 AM Changeset in webkit [226787] by Wenson Hsieh
  • 6 edits in trunk

[Attachment Support] Support moving attachment elements in editable areas using drag and drop

Reviewed by Tim Horton.


Makes slight adjustments to attachment-specific drag and drop logic to ensure that moving attachments via drag
and drop behaves correctly. See per-change comments for more detail.

Tests: WKAttachmentTests.DragInPlaceVideoAttachmentElement


  • editing/cocoa/EditorCocoa.mm:


Stop vending the private web archive pasteboard type for attachments, for now. This works around issues where an
attachment element that is dragged and dropped within the same page may lose its blob backing data if we try to
remove and insert it as a fragment from the archive. Providing a web archive would allow us to avoid destroying
and recreating an attachment element when dragging within the same page, but this is a nice-to-have optimization
we can re-enable after investigation in a subsequent patch.

  • html/HTMLAttachmentElement.cpp:


Add draggable=false to the image element of an in-place attachment element.

  • page/DragController.cpp:

(WebCore::DragController::draggableElement const):

Tweak single-selected-attachment handling to account for in-place attachments. Since the hit-tested node is
inside the shadow subtree of the attachment element, the condition needs to check for the startElement as well
as the startElement's shadow host.


Make two tweaks here. First, don't require a RenderAttachment to drag an attachment element (this is required
for dragging in-place attachments). This was added in r217083 to address <rdar://problem/32282831>, but is no
longer correct, since attachments may now be displayed in-place.

Secondly, only restore the previous selection if the attachment is in a richly contenteditable area. This was
added to prevent the selection highlight from appearing in when dragging non-editable attachment elements in the
Mail viewer. However, to allow drag moves to occur, we need the selection to persist after drag start.


Add 3 new API tests for attachment element dragging.

  • TestWebKitAPI/Tests/WebKitCocoa/WKAttachmentTests.mm:

(-[TestWKWebView expectElementTag:toComeBefore:]):
(-[NSItemProvider expectType:withData:]):

10:26 AM Changeset in webkit [226786] by Jonathan Bedard
  • 2 edits in trunk/Tools

REGRESSION(r225856): Incorrectly managing 'future' baseline_search_paths.

Unreviewed infrastructure fix.

  • Scripts/webkitpy/port/mac.py:

(MacPort.default_baseline_search_path): Include 'future' in the version_fallback
list if we are the VERSION_MAX, which usually corresponds with future.

10:20 AM Changeset in webkit [226785] by eric.carlson@apple.com
  • 3 edits in trunk/LayoutTests

Layout Test media/event-queue-crash.html is flaky

Reviewed by Jer Noble.

  • TestExpectations: Add DumpJSConsoleLogInStdErr.
  • media/event-queue-crash.html: Increase the timeout from 10ms to 100ms.
9:58 AM Changeset in webkit [226784] by fpizlo@apple.com
  • 2 edits in trunk/Source/WTF

Reserve a fast TLS key for GC TLC

Reviewed by Alexey Proskuryakov.

Who knew that thread-local caches would be a mitigation for timing attacks. Here's how it
works: if we have TLCs then we can "context switch" them when we "context switch" origins.
This allows us to put some minimal distance between objects from different origins, which
gives us the ability to allow small overflows when doing certain bounds checks without
creating a useful Spectre information leak.

So I think that means we have to implement thread-local caches (also known as thread-local
allocation buffers, but I prefer the TLC terminology).

  • wtf/FastTLS.h:
8:43 AM Changeset in webkit [226783] by fpizlo@apple.com
  • 67 edits
    2 adds in trunk

CodeBlocks should be in IsoSubspaces

Reviewed by Saam Barati.

This moves CodeBlocks into IsoSubspaces. Doing so means that we no longer need to have the
special CodeBlockSet HashSets of new and old CodeBlocks. We also no longer use
WeakReferenceHarvester or UnconditionalFinalizer. Instead:

  • Code block sweeping is now just eager sweeping. This means that it automatically takes advantage of our unswept set, which roughly corresponds to what CodeBlockSet used to use its eden set for.

  • Those idea of Executable "weakly visiting" the CodeBlock is replaced by Executable marking a ExecutableToCodeBlockEdge object. That object being marked corresponds to what we used to call CodeBlock "having been weakly visited". This means that CodeBlockSet no longer has to clear the set of weakly visited code blocks. This also means that determining CodeBlock liveness, propagating CodeBlock transitions, and jettisoning CodeBlocks during GC are now the edge's job. The edge is also in an IsoSubspace and it has IsoCellSets to tell us which edges have output constraints (what we used to call CodeBlock's weak reference harvester) and which have unconditional finalizers.

  • CodeBlock now uses an IsoCellSet to tell if it has an unconditional finalizer.

  • CodeBlockSet still exists! It has one unified HashSet of CodeBlocks that we use to handle requests from the sampler, debugger, and other facilities. They may want to ask if some pointer corresponds to a CodeBlock during stages of execution during which the GC is unable to answer isLive() queries. The trickiest is the sampling profiler thread. There is no way that the GC's isLive could tell us of a CodeBlock that had already been allocated has now been full constructed.

Rolling this back in because it was rolled out by mistake. There was a flaky crash that was
happening before and after this change, but we misread the revision numbers at first and
thought that this was the cause.

  • JavaScriptCore.xcodeproj/project.pbxproj:
  • Sources.txt:
  • bytecode/CodeBlock.cpp:

(JSC::CodeBlock::hasInstalledVMTrapBreakpoints const):
(JSC::CodeBlock::visitWeakly): Deleted.
(JSC::CodeBlock::WeakReferenceHarvester::visitWeakReferences): Deleted.
(JSC::CodeBlock::UnconditionalFinalizer::finalizeUnconditionally): Deleted.

  • bytecode/CodeBlock.h:

(JSC::CodeBlock::ownerEdge const):
(JSC::CodeBlock::clearVisitWeaklyHasBeenCalled): Deleted.

  • bytecode/EvalCodeBlock.h:

(JSC::EvalCodeBlock::create): Deleted.
(JSC::EvalCodeBlock::createStructure): Deleted.
(JSC::EvalCodeBlock::variable): Deleted.
(JSC::EvalCodeBlock::numVariables): Deleted.
(JSC::EvalCodeBlock::functionHoistingCandidate): Deleted.
(JSC::EvalCodeBlock::numFunctionHoistingCandidates): Deleted.
(JSC::EvalCodeBlock::EvalCodeBlock): Deleted.
(JSC::EvalCodeBlock::unlinkedEvalCodeBlock const): Deleted.

  • bytecode/ExecutableToCodeBlockEdge.cpp: Added.


  • bytecode/ExecutableToCodeBlockEdge.h: Added.

(JSC::ExecutableToCodeBlockEdge::codeBlock const):

  • bytecode/FunctionCodeBlock.h:


  • bytecode/ModuleProgramCodeBlock.h:

(JSC::ModuleProgramCodeBlock::create): Deleted.
(JSC::ModuleProgramCodeBlock::createStructure): Deleted.
(JSC::ModuleProgramCodeBlock::ModuleProgramCodeBlock): Deleted.

  • bytecode/ProgramCodeBlock.h:

(JSC::ProgramCodeBlock::create): Deleted.
(JSC::ProgramCodeBlock::createStructure): Deleted.
(JSC::ProgramCodeBlock::ProgramCodeBlock): Deleted.

  • debugger/Debugger.cpp:

(JSC::Debugger::SetSteppingModeFunctor::operator() const):
(JSC::Debugger::ToggleBreakpointFunctor::operator() const):
(JSC::Debugger::ClearCodeBlockDebuggerRequestsFunctor::operator() const):
(JSC::Debugger::ClearDebuggerRequestsFunctor::operator() const):

  • heap/CodeBlockSet.cpp:

(JSC::CodeBlockSet::dump const):
(JSC::CodeBlockSet::promoteYoungCodeBlocks): Deleted.
(JSC::CodeBlockSet::clearMarksForFullCollection): Deleted.
(JSC::CodeBlockSet::lastChanceToFinalize): Deleted.
(JSC::CodeBlockSet::deleteUnmarkedAndUnreferenced): Deleted.

  • heap/CodeBlockSet.h:
  • heap/CodeBlockSetInlines.h:


  • heap/ConservativeRoots.cpp:


  • heap/ConservativeRoots.h:
  • heap/Heap.cpp:

(JSC::Heap::finalizeUnconditionalFinalizersInIsoSubspace): Deleted.

  • heap/Heap.h:
  • heap/HeapCell.h:
  • heap/HeapCellInlines.h:

(JSC::HeapCell::subspace const):

  • heap/HeapInlines.h:


  • heap/HeapUtil.h:


  • heap/IsoCellSet.cpp:


  • heap/IsoCellSet.h:
  • heap/IsoCellSetInlines.h:


  • heap/LargeAllocation.h:

(JSC::LargeAllocation::subspace const):

  • heap/MarkStackMergingConstraint.cpp:


  • heap/MarkStackMergingConstraint.h:
  • heap/MarkedAllocator.cpp:


  • heap/MarkedBlock.cpp:


  • heap/MarkedBlock.h:

(JSC::MarkedBlock::subspace const):

  • heap/MarkedBlockInlines.h:


  • heap/MarkedSpaceInlines.h:


  • heap/MarkingConstraint.cpp:

(JSC::MarkingConstraint::finishParallelWork): Deleted.
(JSC::MarkingConstraint::doParallelWorkImpl): Deleted.
(JSC::MarkingConstraint::finishParallelWorkImpl): Deleted.

  • heap/MarkingConstraint.h:
  • heap/MarkingConstraintSet.cpp:


  • heap/MarkingConstraintSet.h:


  • heap/MarkingConstraintSolver.cpp:

(JSC::MarkingConstraintSolver::didExecute): Deleted.

  • heap/MarkingConstraintSolver.h:

(JSC::MarkingConstraintSolver::TaskWithConstraint::operator== const):

  • heap/SimpleMarkingConstraint.cpp:


  • heap/SimpleMarkingConstraint.h:


  • heap/SlotVisitor.cpp:


  • heap/SlotVisitor.h:
  • heap/Subspace.cpp:


  • heap/Subspace.h:
  • heap/SubspaceInlines.h:


  • llint/LowLevelInterpreter.asm:
  • runtime/EvalExecutable.cpp:


  • runtime/EvalExecutable.h:


  • runtime/FunctionExecutable.cpp:


  • runtime/FunctionExecutable.h:
  • runtime/JSType.h:
  • runtime/ModuleProgramExecutable.cpp:


  • runtime/ModuleProgramExecutable.h:
  • runtime/ProgramExecutable.cpp:


  • runtime/ProgramExecutable.h:
  • runtime/ScriptExecutable.cpp:


  • runtime/VM.cpp:


  • runtime/VM.h:


  • runtime/VMTraps.cpp:


  • tools/VMInspector.cpp:



No new tests because no new behavior.

Adopting new parallel constraint API, so that more of the logic of doing parallel
constraint solving is shared between the DOM's output constraints and JSC's output

  • bindings/js/DOMGCOutputConstraint.cpp:

(WebCore::DOMGCOutputConstraint::doParallelWorkImpl): Deleted.
(WebCore::DOMGCOutputConstraint::finishParallelWorkImpl): Deleted.

  • bindings/js/DOMGCOutputConstraint.h:


Deque<>::contains() is helpful for a debug ASSERT.

  • wtf/Deque.h:



Remove some less important benchmarks from the default run. Doing run-jsc-benchmarks
shouldn't take a long time due to benchmarks we don't optimize for.

  • Scripts/run-jsc-benchmarks:
8:23 AM Changeset in webkit [226782] by Ms2ger@igalia.com
  • 7 edits in trunk

Test gardening for GTK.

Unreviewed test gardening.


  • TestWebKitAPI/Tests/WebKitGLib/TestAuthentication.cpp: Correct the file name.
  • TestWebKitAPI/Tests/WebKitGLib/TestConsoleMessage.cpp: Adjust the expected console message.


  • http/tests/performance/performance-resource-timing-cached-entries-expected.txt:
  • http/tests/performance/performance-resource-timing-cached-entries.html: The code to debug this test's flakiness made it more flaky, as the resources are not logged in a consistent order. This ensures they are logged only in case of failure.
  • platform/gtk/TestExpectations:
    • svg/custom/non-scaling-stroke.svg was fixed in r226443.
    • imported/w3c/web-platform-tests/css/css-shapes-1/shape-outside/values/shape-margin-001.html was fixed in r226404.
7:59 AM WebKitGTK/Gardening/Calendar edited by Ms2ger@igalia.com
7:54 AM Changeset in webkit [226781] by jfbastien@apple.com
  • 3 edits in trunk/Source/WTF

NFC reorder headers

Reviewed by Darin Adler.

Follow-up on r226752. I misunderstood the header include order
style. No functional change.

  • wtf/Poisoned.h:
  • wtf/PoisonedUniquePtr.h:
7:42 AM Changeset in webkit [226780] by clopez@igalia.com
  • 2 edits in trunk/Tools

Add the new JSCOnly bot to the scheduler.

Unreviewed follow-up patch after r226729

On r226729 I missed to add the new JSCOnly bot the default scheduler.
This is needed to make the bot automatically pick each commit for testing.

  • BuildSlaveSupport/build.webkit.org-config/config.json:
7:41 AM Changeset in webkit [226779] by Wenson Hsieh
  • 13 edits in trunk

[Attachment Support] Support dragging attachment elements out as files on iOS

Reviewed by Tim Horton, Andy Estes and Joseph Pecoraro.


Adds support for dragging "files" (i.e. creating item providers with preferred attachment presentation styles)
from attachment elements on iOS for Mail. See below for more detail.

Tests: WKAttachmentTestsIOS.DragAttachmentInsertedAsData


  • page/DragController.cpp:

(WebCore::DragController::platformContentTypeForBlobType const):

  • page/DragController.h:
  • page/mac/DragControllerMac.mm:

(WebCore::DragController::platformContentTypeForBlobType const):

Add a private method to convert the type of a promised blob to a platform type. For Cocoa platforms, this
converts the blob type (either a UTI or a MIME type) to a UTI for the platform to consume.

  • platform/ios/WebItemProviderPasteboard.h:
  • platform/ios/WebItemProviderPasteboard.mm:

Refactor WebItemProviderRegistrationInfo. WebItemProviderRegistrationInfo currently encapsulates a single item
provider registration call, and contains either a type identifier and data buffer, or an NSItemProviderWriting-
conformant object. To register an item provider using a WebItemProviderRegistrationInfo, the item provider
pasteboard currently checks to see whether the info contains an object or a type and data.

This patch removes WebItemProviderRegistrationInfo and replaces it with WebItemProviderDataRegistrar. Objects
that implement this protocol know how to take an NSItemProvider and register data to it. So far, there are
three implementations below.

(-[WebItemProviderDataRegistrar initWithData:type:]):
(-[WebItemProviderDataRegistrar typeIdentifier]):
(-[WebItemProviderDataRegistrar data]):
(-[WebItemProviderDataRegistrar typeIdentifierForClient]):
(-[WebItemProviderDataRegistrar dataForClient]):
(-[WebItemProviderDataRegistrar registerItemProvider:]):
(-[WebItemProviderDataRegistrar description]):

A data registrar takes a UTI and data buffer, and registers the UTI to the data. This replaces a
WebItemProviderRegistrationInfo with both a type and data, but no representing object.

(-[WebItemProviderWritableObjectRegistrar initWithObject:]):
(-[WebItemProviderWritableObjectRegistrar representingObjectForClient]):
(-[WebItemProviderWritableObjectRegistrar registerItemProvider:]):
(-[WebItemProviderWritableObjectRegistrar description]):

The writable object registrar writes an NSItemProviderWriting-conformant object to an item provider. This
replaces a WebItemProviderRegistrationInfo with only a representing object.

(-[WebItemProviderPromisedFileRegistrar initWithType:callback:]):
(-[WebItemProviderPromisedFileRegistrar registerItemProvider:]):
(-[WebItemProviderPromisedFileRegistrar description]):
(-[WebItemProviderRegistrationInfoList addData:forType:]):
(-[WebItemProviderRegistrationInfoList addRepresentingObject:]):
(-[WebItemProviderRegistrationInfoList addPromisedType:fileCallback:]):

Helper methods to add new registrars to a registration info list.

(-[WebItemProviderRegistrationInfoList itemAtIndex:]):
(-[WebItemProviderRegistrationInfoList enumerateItems:]):
(-[WebItemProviderRegistrationInfoList itemProvider]):
(-[WebItemProviderRegistrationInfoList description]):
(-[WebItemProviderRegistrationInfo initWithRepresentingObject:typeIdentifier:data:]): Deleted.
(-[WebItemProviderRegistrationInfo representingObject]): Deleted.
(-[WebItemProviderRegistrationInfo typeIdentifier]): Deleted.


Implement support for registering and beginning a drag with promised blob info. See below for more detail.

  • UIProcess/ios/WKContentViewInteraction.mm:

(-[WKDragSessionContext addTemporaryDirectory:]):
(-[WKDragSessionContext cleanUpTemporaryDirectories]):

Introduce WKDragSessionContext, which represents the localContext of a UIDragSession initiated in WebKit. The
blob promise dragging codepath uses this to register temporary directories when saving blob data to a location
on disk; when all data transfers are finished, or if the drag interaction is being reset, we then use
-cleanUpTemporaryDirectories to remove each temporary directory.


Helper methods to set the UIDragSession's localContext to a WKDragSessionContext and query for any existing

(-[WKContentView cleanupInteraction]):

Before the content view's UIDragInteraction goes away, clean up any temporary directories added to the

(-[WKContentView _prepareToDragPromisedBlob:]):

When dragging with a promised blob, register a new item provider on the pasteboard representing the blob data,
along with any additional metadata associated with the blob. For the promise callback, call out to the network
process to write the blob data to a temporary path; when done, call the NSItemProvider's completion handler with
the temporary blob data location.

(-[WKContentView _itemsForBeginningOrAddingToSessionWithRegistrationList:stagedDragSource:]):
(-[WKContentView dragInteraction:sessionDidTransferItems:]):

Use this delegate hook as an opportunity to remove any temporary directories created when promised blob data is
requested upon drop. Since we know the drag session that has finished transferring data, we simply ask its local
context (a WKDragSessionContext) to remove any temporary filepaths it has created.


Add support in the drag and drop simulator for testing blob-backed attachment element dragging, and also add new
attachment API tests.

  • TestWebKitAPI/Tests/WebKitCocoa/WKAttachmentTests.mm:

(-[NSItemProvider expectType:withData:]):

Add two new WKAttachmentTests to exercise dragging data- and file-backed blobs via attachment elements. These
tests first insert attachments via drop or WKWebView SPI, and then drag these attachments out and use the
-expectType:withData: helper to inspect the item providers created from the drag source.

  • TestWebKitAPI/Tests/ios/DataInteractionTests.mm:


  • TestWebKitAPI/ios/DataInteractionSimulator.h:
  • TestWebKitAPI/ios/DataInteractionSimulator.mm:

(-[MockDragSession localContext]):
(-[MockDragSession setLocalContext:]):
(-[DataInteractionSimulator _resetSimulatedState]):
(-[DataInteractionSimulator simulateAllTouchesCanceled:]):
(-[DataInteractionSimulator _concludeDataInteractionAndPerformOperationIfNecessary]):
(-[DataInteractionSimulator _advanceProgress]):
(-[DataInteractionSimulator endDataTransfer]):

Make some tweaks to the iOS drag and drop simulator. In particular, this patch (1) adds a new hook to tell
WebKit that data transfers have been completed, (2) fixes incorrect drop proposal handling when returning
UIDropOperationForbidden by replacing _shouldPerformOperation with a UIDropProposal, and (3) teach the
MockDragSession to hold on to a localContext.

7:28 AM Changeset in webkit [226778] by msaboff@apple.com
  • 10 edits
    3 adds in trunk/Source

Add a DOM gadget for Spectre testing

Reviewed by Ryosuke Niwa.


  • runtime/Options.h:


This change is used to test Spectre mitigations.

Added a new DOM class to test for Spectre issues in the DOM layer.
This additional functionality is disabled by default and must be enabled
through the JSC option "enableSpectreGadgets".

  • CMakeLists.txt:
  • DerivedSources.make:
  • Sources.txt:
  • WebCore.xcodeproj/project.pbxproj:
  • bindings/js/WebCoreBuiltinNames.h:
  • dom/SpectreGadget.cpp: Added.


  • dom/SpectreGadget.h: Added.
  • dom/SpectreGadget.idl: Added.
  • page/RuntimeEnabledFeatures.cpp:

(WebCore::RuntimeEnabledFeatures::spectreGadgetsEnabled const):

  • page/RuntimeEnabledFeatures.h:
7:24 AM WebKitGTK/Gardening/Calendar edited by magomez@igalia.com
7:21 AM Changeset in webkit [226777] by magomez@igalia.com
  • 3 edits in trunk/LayoutTests

Unreviewed GTK+ and WPE gardening after r226773.

  • platform/gtk/TestExpectations:
  • platform/wpe/TestExpectations:
6:47 AM Changeset in webkit [226776] by Konstantin Tokarev
  • 2 edits in trunk/Tools

Unreviewed. Add Ali Juma as contributor

Patch by Ali Juma <ajuma@chromium.org> on 2018-01-11

  • Scripts/webkitpy/common/config/contributors.json:
6:20 AM Changeset in webkit [226775] by Yusuke Suzuki
  • 23 edits in trunk/Source/JavaScriptCore

[DFG][FTL] regExpMatchFast should be handled

Reviewed by Mark Lam.

RegExp.prototype.@@match has a fast path, @regExpMatchFast. This patch annotates this function
with RegExpMatchFastIntrinsic, and introduces RegExpMatch DFG node. This paves the way to
make NewRegexp PhantomNewRegexp if it is not used except for setting/getting its lastIndex property.

To improve RegExp.prototype.@@match's performance more, we make this builtin function small by moving
slow path part to @matchSlow() private function.

It improves SixSpeed regex-u.{es5,es6} largely since they stress String.prototype.match, which calls
this regExpMatchFast function.

baseline patched

regex-u.es5 55.3835+-6.3002 36.2431+-2.0797 definitely 1.5281x faster
regex-u.es6 110.4624+-6.2896 94.1012+-7.2433 definitely 1.1739x faster

  • builtins/RegExpPrototype.js:


  • dfg/DFGAbstractInterpreterInlines.h:


  • dfg/DFGByteCodeParser.cpp:


  • dfg/DFGClobberize.h:


  • dfg/DFGDoesGC.cpp:


  • dfg/DFGFixupPhase.cpp:


  • dfg/DFGNode.h:


  • dfg/DFGNodeType.h:
  • dfg/DFGOperations.cpp:
  • dfg/DFGOperations.h:
  • dfg/DFGPredictionPropagationPhase.cpp:
  • dfg/DFGSafeToExecute.h:


  • dfg/DFGSpeculativeJIT.cpp:


  • dfg/DFGSpeculativeJIT.h:
  • dfg/DFGSpeculativeJIT32_64.cpp:


  • dfg/DFGSpeculativeJIT64.cpp:


  • ftl/FTLCapabilities.cpp:


  • ftl/FTLLowerDFGToB3.cpp:


  • runtime/Intrinsic.cpp:


  • runtime/Intrinsic.h:
  • runtime/JSGlobalObject.cpp:


  • runtime/RegExpPrototype.cpp:


6:06 AM WebDriverStatus edited by Carlos Garcia Campos
6:06 AM Changeset in webkit [226774] by Ms2ger@igalia.com
  • 2 edits in trunk/LayoutTests

[GTK] Enable css2.1/20110323/vertical-align-boxes-001.htm.

Unreviewed test gardening.

It was fixed in r226404.

  • platform/gtk/TestExpectations:
4:13 AM Changeset in webkit [226773] by Carlos Garcia Campos
  • 31 edits in trunk

Unreviewed. Update Selenium WebDriver imported tests.


New version of selenium uses command line options to pass driver and browser binaries to pytest instead of
environment variables.

  • Scripts/webkitpy/webdriver_tests/pytest_runner.py:

(collect): Reorder the arguments to make pytest happy.
(run): Ditto.

  • Scripts/webkitpy/webdriver_tests/webdriver_selenium_executor.py:

(WebDriverSeleniumExecutor.init): Add driver binary, browser binary and browser args as arguments.


  • imported/selenium/importer.json:
  • imported/selenium/py/conftest.py:
  • imported/selenium/py/selenium/init.py:
  • imported/selenium/py/selenium/webdriver/init.py:
  • imported/selenium/py/selenium/webdriver/common/action_chains.py:
  • imported/selenium/py/selenium/webdriver/common/service.py:
  • imported/selenium/py/selenium/webdriver/remote/remote_connection.py:
  • imported/selenium/py/selenium/webdriver/remote/switch_to.py:
  • imported/selenium/py/selenium/webdriver/remote/webdriver.py:
  • imported/selenium/py/selenium/webdriver/remote/webelement.py:
  • imported/selenium/py/selenium/webdriver/support/expected_conditions.py:
  • imported/selenium/py/selenium/webdriver/webkitgtk/options.py:
  • imported/selenium/py/test/selenium/webdriver/common/alerts_tests.py:
  • imported/selenium/py/test/selenium/webdriver/common/api_example_tests.py:
  • imported/selenium/py/test/selenium/webdriver/common/appcache_tests.py:
  • imported/selenium/py/test/selenium/webdriver/common/driver_element_finding_tests.py:
  • imported/selenium/py/test/selenium/webdriver/common/executing_async_javascript_tests.py:
  • imported/selenium/py/test/selenium/webdriver/common/frame_switching_tests.py:
  • imported/selenium/py/test/selenium/webdriver/common/interactions_tests.py:
  • imported/selenium/py/test/selenium/webdriver/common/page_load_timeout_tests.py:
  • imported/selenium/py/test/selenium/webdriver/common/position_and_size_tests.py:
  • imported/selenium/py/test/selenium/webdriver/common/rendered_webelement_tests.py:
  • imported/selenium/py/test/selenium/webdriver/common/select_class_tests.py:
  • imported/selenium/py/test/selenium/webdriver/common/visibility_tests.py:
  • imported/selenium/py/test/selenium/webdriver/common/w3c_interaction_tests.py:
  • imported/selenium/py/test/selenium/webdriver/common/webdriverwait_tests.py:
  • imported/selenium/py/test/selenium/webdriver/common/window_tests.py:
4:07 AM Changeset in webkit [226772] by lingcherd_ho@apple.com
  • 2 edits in trunk/Tools

Move Commit Queue and EWS Queues to Sierra on Bot Watcher's Dasboard

Reviewed by Alexey Proskuryakov.

3:08 AM Changeset in webkit [226771] by commit-queue@webkit.org
  • 4 edits in trunk/LayoutTests

LayoutTests/http/tests/workers/service/resources/service-worker-importScript.js does not need to register two service workers

Patch by Youenn Fablet <youenn@apple.com> on 2018-01-11
Reviewed by Chris Dumez.

  • http/tests/workers/service/resources/service-worker-importScript.js:
  • http/tests/workers/service/service-worker-importScript-expected.txt:
  • platform/mac-wk2/TestExpectations:
2:00 AM Changeset in webkit [226770] by Carlos Garcia Campos
  • 5 edits in trunk/Source/WebDriver

WebDriver: implement get timeouts command

Reviewed by Žan Doberšek.

8.4 Get Timeouts

Also simplify the way timeouts are handled in Session. Stop using Timeouts struct, because once the session is
created the timeouts are no longer optional, they have a default value. Use individual members instead that are
initialized to their default values on construction and only overriden by capabilities or set timeouts command.

Fixes: imported/w3c/webdriver/tests/sessions/get_timeouts.py::test_get_timeouts


  • Session.cpp:


  • Session.h:
  • WebDriverService.cpp:


  • WebDriverService.h:
1:24 AM Changeset in webkit [226769] by Philippe Normand
  • 6 edits in trunk

[GTK] media/muted-video-is-playing-audio.html is timing out

Reviewed by Carlos Garcia Campos.


  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

(WebCore::MediaPlayerPrivateGStreamer::notifyPlayerOfVideo): Sprinkle some debugging.
(WebCore::MediaPlayerPrivateGStreamer::notifyPlayerOfAudio): Ditto.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:

(WebCore::MediaPlayerPrivateGStreamerBase::setMuted): Ditto.


The test should un-mute the page because the IsPlayingAudio flag indirectly depends on this.

  • media/muted-video-is-playing-audio.html: Un-mute the page.
  • platform/gtk/TestExpectations: Unflag now-passing test.
12:19 AM Changeset in webkit [226768] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: Remove unused variable in WI.DebuggerSidebarPanel

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2018-01-11
Reviewed by Matt Baker.

  • UserInterface/Views/DebuggerSidebarPanel.js:
12:16 AM Changeset in webkit [226767] by sbarati@apple.com
  • 3 edits
    1 add in trunk

Our for-in caching is wrong when we add indexed properties on things in the prototype chain

Reviewed by Yusuke Suzuki.


  • stress/for-in-prototype-with-indexed-properties-should-prevent-caching.js: Added.



Our for-in caching would cache structure chains that had prototypes with
indexed properties. Clearly this is wrong. This caching breaks when a prototype
adds new indexed properties. We would continue to enumerate the old cached
state of properties, and not include the new indexed properties.

The old code used to prevent caching only if the base structure had
indexed properties. This patch extends it to prevent caching if the
base, or any structure in the prototype chain, has indexed properties.

  • runtime/Structure.cpp:

(JSC::Structure::canCachePropertyNameEnumerator const):

Jan 10, 2018:

11:26 PM Changeset in webkit [226766] by aestes@apple.com
  • 16 edits
    3 moves
    2 adds
    2 deletes in trunk

[Payment Request] Rename ApplePayMerchantValidationEvent to MerchantValidationEvent

Reviewed by Tim Horton.

Renamed ApplePayMerchantValidationEvent to MerchantValidationEvent and changed complete() to accept a Promise.

Test: http/tests/paymentrequest/payment-request-merchant-validation.https.html

  • DerivedSources.make:
  • Modules/applepay/paymentrequest/ApplePayPaymentHandler.cpp:


  • Modules/applepay/paymentrequest/ApplePayPaymentHandler.h:
  • Modules/paymentrequest/MerchantValidationEvent.cpp: Renamed from Source/WebCore/Modules/applepay/paymentrequest/ApplePayMerchantValidationEvent.cpp.

(WebCore::MerchantValidationEvent::eventInterface const):

  • Modules/paymentrequest/MerchantValidationEvent.h: Renamed from Source/WebCore/Modules/applepay/paymentrequest/ApplePayMerchantValidationEvent.h.
  • Modules/paymentrequest/MerchantValidationEvent.idl: Renamed from Source/WebCore/Modules/applepay/paymentrequest/ApplePayMerchantValidationEvent.idl.
  • Modules/paymentrequest/PaymentHandler.h:
  • Modules/paymentrequest/PaymentRequest.cpp:


  • Modules/paymentrequest/PaymentRequest.h:
  • Modules/paymentrequest/PaymentRequest.idl:
  • WebCore.xcodeproj/project.pbxproj:
  • dom/EventNames.h:
  • dom/EventNames.in:


  • http/tests/paymentrequest/payment-request-change-shipping-address.https.html:
  • http/tests/paymentrequest/payment-request-change-shipping-option.https.html:
  • http/tests/paymentrequest/payment-request-merchant-validation.https-expected.txt: Added.
  • http/tests/paymentrequest/payment-request-merchant-validation.https.html: Added.
  • http/tests/paymentrequest/resources/helpers.js:


  • http/tests/paymentrequest/updateWith-method-pmi-handling.https.html:
  • http/tests/ssl/applepay/ApplePayMerchantValidationEvent.https-expected.txt: Removed.
  • http/tests/ssl/applepay/ApplePayMerchantValidationEvent.https.html: Removed.
11:07 PM Changeset in webkit [226765] by commit-queue@webkit.org
  • 3 edits in trunk/Source/WebInspectorUI

REGRESSION(r218975): Web Inspector: Add back NavigationSidebarPanel initialization parameter used by SearchSidebarPanel (top overflow shadow)

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2018-01-10
Reviewed by Matt Baker.

  • UserInterface/Views/NavigationSidebarPanel.css:

(.sidebar > .panel.navigation > .overflow-shadow.top):

  • UserInterface/Views/NavigationSidebarPanel.js:

Add back the initialization parameter still used by SearchSidebarPanel
and add back its implementation. There were still references to
dynamically update _topOverflowShadowElement in NavigationSidebarPanel.

11:05 PM Changeset in webkit [226764] by Carlos Garcia Campos
  • 4 edits in trunk/WebDriverTests

Unreviewed. Update W3C WebDriver imported tests.

  • imported/w3c/importer.json:
  • imported/w3c/webdriver/tests/sessions/new_session/invalid_capabilities.py:
  • imported/w3c/webdriver/tests/sessions/new_session/support/create.py:
11:05 PM Changeset in webkit [226763] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: Incorrect check with WI.debuggableType

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2018-01-10
Reviewed by Brian Burg.

  • UserInterface/Base/Main.js:

This moved to WI.sharedApp a while ago.

10:34 PM Changeset in webkit [226762] by jeffm@apple.com
  • 2 edits in trunk/Source/WebKit

-[WKWebView _web_gestureEventWasNotHandledByWebCore:] should call -_gestureEventWasNotHandledByWebCore:

Reviewed by Alex Christensen.

WKView's API contract allows clients to override -_gestureEventWasNotHandledByWebCore:, and -[WKView
_web_gestureEventWasNotHandledByWebCore:] calls -_gestureEventWasNotHandledByWebCore: instead of
invoking WebViewImpl::gestureEventWasNotHandledByWebCoreFromViewOnly() directly. WKWebView should do
the same thing.

  • UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView _web_gestureEventWasNotHandledByWebCore:]):
Call -_gestureEventWasNotHandledByWebCore:, which will call gestureEventWasNotHandledByWebCoreFromViewOnly().

10:13 PM Changeset in webkit [226761] by Adrian Perez de Castro
  • 2 edits in trunk/Tools

[GTK] Tools/gtk/install-dependencies: Packages geoclue, ruby-highline, xorg-utils do not exist in Arch Linux

Reviewed by Michael Catanzaro.

  • gtk/install-dependencies: Update package list for Arch Linux, extend

message shown at end of installation with additional tips.

9:15 PM Changeset in webkit [226760] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Update TestExpectations for http/tests/misc/submit-post-keygen.html.

Unreviewed test gardening.

  • platform/mac/TestExpectations:
9:06 PM Changeset in webkit [226759] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Mark swipe/pushstate-with-manual-scrollrestoration.html as failing.

Unreviewed test gardening.

  • platform/mac-wk2/TestExpectations:
8:57 PM Changeset in webkit [226758] by pvollan@apple.com
  • 2 edits in trunk

[Win] WebKitLegacy should be a dll, not a static library.

Reviewed by Alex Christensen.

Set WebKitLegacy library type to shared.

  • Source/cmake/OptionsWin.cmake:
8:16 PM Changeset in webkit [226757] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Mark accessibility/mac/aria-multiple-liveregions-notification.html as flaky.

Unreviewed test gardening.

  • platform/mac/TestExpectations:
8:06 PM Changeset in webkit [226756] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Mark http/tests/misc/slow-loading-animated-image.html as flaky.

Unreviewed test gardening.

  • platform/mac/TestExpectations:
7:36 PM Changeset in webkit [226755] by Matt Baker
  • 4 edits
    2 adds in trunk

Web Inspector: Canvas tab: throttle recording slider updates

Reviewed by Joseph Pecoraro


  • UserInterface/Base/Utilities.js:

Add Object.throttle and Function.cancelThrottle. Repeated calls to a
function on a throttled object are delayed, so that the function isn't
invoked more frequently than the specified delay value.

For a description of throttling behavior see:

  • UserInterface/Views/RecordingContentView.js:

Throttle frequency of canvas snapshot creation to 200ms.
Prevent trailing edge call after hiding the view.


  • inspector/unit-tests/throttle-expected.txt: Added.
  • inspector/unit-tests/throttle.html: Added.

Added function throttling tests.

7:30 PM Changeset in webkit [226754] by don.olmstead@sony.com
  • 6 edits in trunk/Source/WebCore

[Curl] Cross-protocol, cross-site scripting (XPXSS) using HTML forms

Patch by Basuke Suzuki <Basuke Suzuki> on 2018-01-10
Reviewed by Alex Christensen.

No new tests because it's covered by existing tests.

  • platform/network/curl/CurlContext.cpp:


  • platform/network/curl/CurlContext.h:
  • platform/network/curl/CurlRequest.cpp:


  • platform/network/curl/CurlResponse.h:

(WebCore::CurlResponse::isolatedCopy const):

  • platform/network/curl/ResourceResponseCurl.cpp:


7:05 PM Changeset in webkit [226753] by Wenson Hsieh
  • 14 edits
    2 adds in trunk

REGRESSION(r222507): Composition highlight doesn't render when using IME

Reviewed by Ryosuke Niwa.


Fixes the order of arguments passed to paintTextSubrangeBackground from paintCompositionBackground.

Test: editing/marked-text-appearance.html

  • rendering/InlineTextBox.cpp:



Add plumbing for a suppressUnderline argument when setting marked text.

  • WebProcess/InjectedBundle/API/c/WKBundlePage.cpp:


  • WebProcess/InjectedBundle/API/c/WKBundlePagePrivate.h:
  • WebProcess/WebPage/WebPage.cpp:


  • WebProcess/WebPage/WebPage.h:


Add a suppressUnderline argument to TextInputController.setMarkedText. This suppresses the custom underlines
rendered when testing IME on iOS in WebKit2. In this new test, suppressing underline rendering is needed to
allow rendering composition backgrounds (see InlineTextBox::paint).

  • DumpRenderTree/ios/TextInputControllerIOS.m:

(+[TextInputController isSelectorExcludedFromWebScript:]):
(+[TextInputController webScriptNameForSelector:]):
(-[TextInputController setMarkedText:selectedFrom:length:suppressUnderline:]):
(-[TextInputController setMarkedText:selectedFrom:length:]): Deleted.

  • DumpRenderTree/mac/TextInputControllerMac.m:

(+[TextInputController isSelectorExcludedFromWebScript:]):
(+[TextInputController webScriptNameForSelector:]):
(-[TextInputController setMarkedText:selectedFrom:length:suppressUnderline:]):
(-[TextInputController setMarkedText:selectedFrom:length:]): Deleted.

  • WebKitTestRunner/InjectedBundle/Bindings/TextInputController.idl:
  • WebKitTestRunner/InjectedBundle/TextInputController.cpp:


  • WebKitTestRunner/InjectedBundle/TextInputController.h:


Add a new layout test to ensure that in the absence of custom composition underlines, a marked composition
string appears different once it is confirmed.

  • editing/marked-text-appearance-expected-mismatch.html: Added.
  • editing/marked-text-appearance.html: Added.
7:03 PM Changeset in webkit [226752] by jfbastien@apple.com
  • 16 edits in trunk

Poison small JSObject derivatives which only contain pointers

Reviewed by Mark Lam.


I wrote a script that finds interesting things to poison or
generally harden. These stood out because they derive from
JSObject and only contain a few pointer or pointer-like fields,
and could therefore just be poisoned. This also requires some
template "improvements" to our poisoning machinery. Worth noting
is that I'm making PoisonedUniquePtr move-assignable and
move-constructible from unique_ptr, which makes it a better
drop-in replacement because we don't need to use
makePoisonedUniquePtr. This means function-locals can be
unique_ptr and get the nice RAII pattern, and once the function is
done you can just move to the class' PoisonedUniquePtr without

  • API/JSAPIWrapperObject.h:


  • API/JSAPIWrapperObject.mm:


  • API/JSCallbackObject.h:
  • runtime/ArrayPrototype.h:
  • runtime/DateInstance.h:
  • runtime/JSArrayBuffer.cpp:

(JSC::JSArrayBuffer::isShared const):
(JSC::JSArrayBuffer::sharingMode const):

  • runtime/JSArrayBuffer.h:
  • runtime/JSCPoison.h:


The associated JSC poisoning change requires some template
"improvements" to our poisoning machinery. Worth noting is that
I'm making PoisonedUniquePtr move-assignable and
move-constructible from unique_ptr, which makes it a better
drop-in replacement because we don't need to use
makePoisonedUniquePtr. This means function-locals can be
unique_ptr and get the nice RAII pattern, and once the function is
done you can just move to the class' PoisonedUniquePtr without

  • wtf/Poisoned.h:


  • wtf/PoisonedUniquePtr.h:



Test the new move-assign and move-copy from unique_ptr, as well as
nullptr_t ctors.

  • TestWebKitAPI/Tests/WTF/Poisoned.cpp:


  • TestWebKitAPI/Tests/WTF/PoisonedUniquePtr.cpp:


  • TestWebKitAPI/Tests/WTF/PoisonedUniquePtrForTriviallyDestructibleArrays.cpp:


6:30 PM Changeset in webkit [226751] by Chris Dumez
  • 4 edits in trunk

Multiple http/wpt/beacon/contentextensions/ test are flaky.

Reviewed by Alex Christensen.


Update WebKitTestRunner to set a temporary path for content extensions so that its WKTR
instance gets its own folder to avoid conflicts and flakiness.

  • WebKitTestRunner/mac/TestControllerMac.mm:



Stop marking content extensions tests as flaky.

  • platform/mac-wk2/TestExpectations:
6:18 PM Changeset in webkit [226750] by timothy_horton@apple.com
  • 16 edits
    2 adds in trunk

REGRESSION (r213590): Swipe from edge to go to previous page is significantly slower than tapping back button on Twitter

Reviewed by Simon Fraser.

  • UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView _processDidExit]):
(-[WKWebView _didCommitLayerTree:]):
When swiping to a page that set history.scrollRestoration = "manual",
we will never restore the scroll position. We will still restore
"state", but won't have a location. Currently, the code assumes that
it should wait to remove the swipe snapshot until the scroll position
is restored. Instead, wait until the "state" is restored, whether
or not that includes a scroll position/center point restoration.

Do this by making _firstTransactionIDAfterPageRestore an optional,
and reset it after it fires, so that we only run the restoration code
in _didCommitLayerTree for the first commit after state restoration,
not all subsequent commits. Then, tell ViewGestureController that
the scroll position has been restored even if the page opted out.

The reason that this is specific to pushState is that normal,
non-same-document loads bail from waiting for the scroll position
restoration in VGC::didReachMainFrameLoadTerminalState() (see the long
comment there for an explanation).

(-[WKWebView _beginBackSwipeForTesting]):
(-[WKWebView _completeBackSwipeForTesting]):

  • Platform/spi/ios/UIKitSPI.h:
  • UIProcess/API/Cocoa/WKWebViewPrivate.h:
  • UIProcess/Cocoa/ViewGestureController.h:
  • UIProcess/ios/ViewGestureControllerIOS.mm:

(-[WKSwipeTransitionController transitionForDirection:]):

  • UIProcess/mac/ViewGestureControllerMac.mm:

Add a mechanism to forcefully test swipe back. Instead of simulating
events like on Mac, we just talk to the UIKit internals and force
the interaction to start, pause, and then complete when we want.

  • swipe/pushstate-with-manual-scrollrestoration-expected.txt: Added.
  • swipe/pushstate-with-manual-scrollrestoration.html: Added.

Add a test (which previously would complain about taking too long)
that using manual scroll position restoration and pushState together
doesn't cause swipes to hang until the watchdog fires.

  • DumpRenderTree/ios/UIScriptControllerIOS.mm:


  • TestRunnerShared/UIScriptContext/UIScriptController.cpp:


  • WebKitTestRunner/ios/PlatformWebViewIOS.mm:


  • WebKitTestRunner/ios/UIScriptControllerIOS.mm:

Implement beginBackSwipe and completeBackSwipe on iOS (they already
exist on Mac) in terms of the new WKWebView testing SPI.

5:45 PM Changeset in webkit [226749] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Skip http/tests/workers/service/cors-image-fetch.html.

Unreviewed test gardening.

5:39 PM Changeset in webkit [226748] by jmarcell@apple.com
  • 7 edits in branches/safari-604.5.6.0-branch/Source


5:38 PM Changeset in webkit [226747] by Konstantin Tokarev
  • 2 edits in trunk/Source/WTF

Add nullptr_t specialization of poison

Patch by Don Olmstead <don.olmstead@sony.com> on 2018-01-10
Reviewed by JF Bastien.

  • wtf/Poisoned.h:


5:35 PM Changeset in webkit [226746] by jmarcell@apple.com
  • 1 copy in tags/Safari-604.

Tag Safari-604.

4:45 PM Changeset in webkit [226745] by commit-queue@webkit.org
  • 9 edits in trunk

Use no-cache fetch mode when loading main documents with location.reload()

Patch by Youenn Fablet <youenn@apple.com> on 2018-01-10
Reviewed by Alex Christensen.

  • web-platform-tests/service-workers/service-worker/fetch-event.https-expected.txt:


Patch by Youenn Fablet <youenn@apple.com> on 2018-01-10
Reviewed by Alex Christensen.

Covered by rebased tests.

Start to translate cache policy used for navigation as FetchOptions::Cache.
This allows ensuring service workers receive the right cache mode when intercepting navigation loads.
To not change current navigation behavior, ReturnCacheDataElseLoad and ReturnCacheDataDontLoad still trigger default fetch cache mode.

For Reload and ReloadExpiredOnly frame load types, using no-cache mode is more efficient than reload mode,
as a conditional request will be sent if possible. This applies to location.reload which is consistent with other browsers.
Keep reload mode for ReloadFromOrigin.

  • loader/DocumentLoader.cpp:


  • loader/FrameLoader.cpp:


  • loader/NavigationScheduler.cpp:



Patch by Youenn Fablet <youenn@apple.com> on 2018-01-10
Reviewed by Alex Christensen.

  • http/tests/inspector/network/har/har-page-expected.txt:
  • http/tests/inspector/network/har/har-page.html:
4:14 PM Changeset in webkit [226744] by jmarcell@apple.com
  • 2 edits in branches/safari-604.5.6.0-branch/Source/JavaScriptCore

Cherry-pick r226672. rdar://problem/36397324

4:14 PM Changeset in webkit [226743] by jmarcell@apple.com
  • 7 edits in branches/safari-604.5.6.0-branch/Source


4:06 PM Changeset in webkit [226742] by Brent Fulgham
  • 2 edits in trunk/Source/WebKit

Use protectedThis for the 'updatePrevalentDomainsToPartitionOrBlockCookies' lambda

Reviewed by Chris Dumez.

We forgot to use a 'protectedThis' back in r225006 for one of the lambdas used by
the WebsiteDataStore for processing.

  • UIProcess/WebsiteData/WebsiteDataStore.cpp:


3:41 PM Changeset in webkit [226741] by jmarcell@apple.com
  • 7 edits in branches/safari-605-branch/Source


3:29 PM Changeset in webkit [226740] by pvollan@apple.com
  • 2 edits in trunk/LayoutTests

Mark accessibility/table-header-calculation-for-header-rows.html as failure on Windows.

Unreviewed test gardening.

  • platform/win/TestExpectations:
3:19 PM Changeset in webkit [226739] by jmarcell@apple.com
  • 7 edits in trunk/Source


3:04 PM Changeset in webkit [226738] by jmarcell@apple.com
  • 1 copy in tags/Safari-605.1.21

Tag Safari-605.1.21.

2:51 PM Changeset in webkit [226737] by Matt Lewis
  • 4 edits in trunk/LayoutTests

Adjusted expectations for webrtc/video-unmute.html.

Unreviewed test gardening.

  • platform/ios-simulator-wk2/TestExpectations:
  • platform/ios-wk2/TestExpectations:
  • platform/mac-wk2/TestExpectations:
2:46 PM Changeset in webkit [226736] by Jonathan Bedard
  • 3 edits in trunk/Tools

REGRESSION (r226715): ignore WARNING output in linter tests

Reviewed by Aakash Jain.

Linter unit tests should not be interested in logs at the the INFO or WARNING levels.

  • Scripts/webkitpy/common/system/outputcapture.py:

(OutputCapture.init): Pass logging level to be captured.

  • Scripts/webkitpy/style/main_unittest.py:

(ExpectationLinterInStyleCheckerTest.test_no_linter_errors): Capture logging at the ERROR level.
(ExpectationLinterInStyleCheckerTest.test_linter_duplicate_line): Ditto.
(ExpectationLinterInStyleCheckerTest.test_linter_duplicate_line_no_edit): Ditto.
(ExpectationLinterInStyleCheckerTest.test_linter_duplicate_line_edit_in_file): Ditto.
(ExpectationLinterInStyleCheckerTest.test_linter_duplicate_line_only_deletes): Ditto.
(ExpectationLinterInStyleCheckerTest.test_linter_added_file_with_error): Ditto.
(ExpectationLinterInStyleCheckerTest.test_linter_deleted_file): Ditto.
(ExpectationLinterInStyleCheckerTest.test_linter_deleted_file_no_edit): Ditto.

2:43 PM Changeset in webkit [226735] by commit-queue@webkit.org
  • 2 edits in trunk/LayoutTests

Skip http/wpt/service-workers/fetchEvent.https.html in Debug


Patch by Youenn Fablet <youenn@apple.com> on 2018-01-10

2:21 PM Changeset in webkit [226734] by jmarcell@apple.com
  • 1 copy in branches/safari-604.5.6.0-branch

New Branch.

2:08 PM Changeset in webkit [226733] by mitz@apple.com
  • 9 copies
    1 add in releases/Apple/Safari Technology Preview 47

Added a tag for Safari Technology Preview release 47.

2:04 PM Changeset in webkit [226732] by jmarcell@apple.com
  • 1 copy in tags/Safari-606.1.1

Tag Safari-606.1.1.

1:57 PM Changeset in webkit [226731] by Matt Lewis
  • 2 edits in trunk/LayoutTests

Marked http/tests/workers/service/service-worker-importScript.html as flaky on macOS WK2.

Unreviewed test gardening.

  • platform/mac-wk2/TestExpectations:
1:53 PM Changeset in webkit [226730] by Matt Lewis
  • 3 edits in trunk/LayoutTests

Marked imported/w3c/web-platform-tests/service-workers/service-worker/fetch-waits-for-activate.https.html as flaky on macOS and iOS WK2.

Unreviewed test gardening.

  • platform/ios-wk2/TestExpectations:
  • platform/mac-wk2/TestExpectations:
1:00 PM Changeset in webkit [226729] by clopez@igalia.com
  • 3 edits in trunk/Tools

Add a JSCOnly MIPS buildbot

Reviewed by Michael Catanzaro.

Add the new bot configs definitions for the master and update the unit tests.

  • BuildSlaveSupport/build.webkit.org-config/config.json:
  • BuildSlaveSupport/build.webkit.org-config/steps_unittest.py:
12:19 PM Changeset in webkit [226728] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: Should not try to autocomplete subsections of a string

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2018-01-10
Reviewed by Brian Burg.

  • UserInterface/Controllers/CodeMirrorCompletionController.js:

Disable autocompletion within strings.

12:07 PM Changeset in webkit [226727] by pvollan@apple.com
  • 2 edits in trunk/LayoutTests

[Win] Rebaseline test after r225366.

Unreviewed test gardening.

  • platform/win/svg/W3C-SVG-1.1/filters-comptran-01-b-expected.txt:
11:58 AM Changeset in webkit [226726] by Jonathan Bedard
  • 2 edits in trunk/Tools

REGRESSION (r226715): don't re-check number of simulators in child processes

Reviewed by Aakash Jain.

  • Scripts/webkitpy/port/ios_simulator.py:

(IOSSimulatorPort.init): Skip the number of simulators check if simulators
are already initialized.

11:41 AM Changeset in webkit [226725] by commit-queue@webkit.org
  • 67 edits
    2 deletes in trunk

Unreviewed, rolling out r226667 and r226673.

This caused a flaky crash. (Requested by mlewis13 on #webkit).

Reverted changesets:

"CodeBlocks should be in IsoSubspaces"

"REGRESSION (r226667): CodeBlocks should be in IsoSubspaces"

11:27 AM Changeset in webkit [226724] by jmarcell@apple.com
  • 1 copy in tags/Safari-604.5.6

Tag Safari-604.5.6.

11:03 AM Changeset in webkit [226723] by Jonathan Bedard
  • 2 edits in trunk/Tools

Follow-up fix to r226715

Unreviewed infrastructure fix.

  • Scripts/webkitpy/xcode/new_simulated_device.py:

(SimulatedDeviceManager._create_or_find_device_for_request): Use _delete instead
of delete.

10:20 AM Changeset in webkit [226722] by Chris Dumez
  • 5 edits in trunk/LayoutTests

REGRESSION (r224301?): LayoutTest http/tests/workers/service/registration-task-queue-scheduling-1.html is a flaky failure

Reviewed by Youenn Fablet.

Unmark the test as flaky.

  • http/tests/workers/service/registration-task-queue-scheduling-1-expected.txt:
  • http/tests/workers/service/resources/registration-task-queue-scheduling-1-second-window.html:
  • http/tests/workers/service/resources/registration-task-queue-scheduling-1.js:

Update test to register a scriptURL that actually fails. When registration succeeds, the test
logs lines indicating that registration succeeded unexpectedly. Also, when registration
succeeds, the registration of the top frame are no longer guaranteed to be resolved before
the ones of the subframe (because it involves things like network loads).

10:19 AM Changeset in webkit [226721] by Antti Koivisto
  • 2 edits in trunk/Source/WebCore

REGRESSION(r225650): The scores of MotionMark tests Multiply and Leaves dropped by 8%

Reviewed by Ryosuke Niwa.

  • css/parser/CSSParser.cpp:


Don't do the expensive security origin test if the sheet base URL and document URL are identical.
This is true for inline style and inline stylesheets.

9:51 AM Changeset in webkit [226720] by Chris Dumez
  • 2 edits in trunk/LayoutTests

Unreviewed, skip http/tests/workers/service/other_resources folder.

It is a resources folder and does not contain tests.

9:29 AM Changeset in webkit [226719] by pvollan@apple.com
  • 5 edits in trunk/LayoutTests

[Win] Rebaseline tests after r225366.

Unreviewed test gardening.

  • platform/win/svg/custom/feComponentTransfer-Discrete-expected.txt:
  • platform/win/svg/custom/feComponentTransfer-Gamma-expected.txt:
  • platform/win/svg/custom/feComponentTransfer-Linear-expected.txt:
  • platform/win/svg/custom/feComponentTransfer-Table-expected.txt:
9:01 AM Changeset in webkit [226718] by Antti Koivisto
  • 2 edits in trunk/Source/WebCore

Try to fix windows build.

  • css/RuleFeature.cpp:


8:38 AM Changeset in webkit [226717] by Philippe Normand
  • 2 edits in trunk/LayoutTests

Unreviewed GTK gardening

  • platform/gtk/TestExpectations: Unflag now-passing test and skip

mediastream tests, useless without any webrtc backend.

8:16 AM Changeset in webkit [226716] by zandobersek@gmail.com
  • 2 edits in trunk/Source/WebDriver

WebDriver: deserializeTimeouts() shouldn't reject double timeout values

Reviewed by Carlos Garcia Campos.

With these changes, the following tests are fixed:


The following two tests regress, and will be looked into separately:


  • WebDriverService.cpp:

(WebDriver::integerValue): Helper function that retrieves an integer value
from a given JSON::Value object, if possible.
(WebDriver::deserializeTimeouts): Timeout JSON value has to be converted to
an integer, which is allowed if the value is of either Integer or Double type.
Helper integerValue() function retrieves the integer value, in addition to
ensuring that possible double value that we convert to an integer is already
in integer form to begin with.

8:05 AM Changeset in webkit [226715] by Jonathan Bedard
  • 8 edits in trunk/Tools

webkitpy: Refactor simulator code (Part 2)

Reviewed by Aakash Jain.

The patch leverages the SimulatedDeviceManager when running layout tests.
This patch is primarily code removal, since much of the IOSSimulatorPort
was dedicated to managing simulators. The removed code is either now owned by the
SimulatedDeviceManager (and committed in Part 1) or supported a technique to
boot multiple simulators which was made obsolete in Xcode 9.

  • Scripts/webkitpy/layout_tests/controllers/manager.py:

(Manager._custom_device_for_test.in): Device names now have spaces in them,
strip those spaces.

  • Scripts/webkitpy/layout_tests/run_webkit_tests.py:

(parse_args): Remove '--runtime' flag, this is achieved with the --version flag.

  • Scripts/webkitpy/port/ios.py:

(IOSPort.init): The _current_device idiom is no longer required since the
SimulatedDeviceManager keeps track of any previously booted devices.
(IOSPort.target_host): Even when only a single device is used, it will be accessed
through the array of managed devices.
(IOSPort.using_multiple_devices): Deleted.

  • Scripts/webkitpy/port/ios_device.py:

(IOSDevicePort.using_multiple_devices): Deleted.

  • Scripts/webkitpy/port/ios_simulator.py:

(IOSSimulatorPort): Remove constants required to manage simulators, change device
class strings so they can be parsed by the DeviceType class.
(IOSSimulatorPort.init): Determine the number of processes to use by checking
the number of simulators currently booted, the number of child processes specified
and the maximum number of simulators supported by this system.
(IOSSimulatorPort._device_for_worker_number_map):Return the array of initialized
devices owned by the SimulatedDeviceManager.
(IOSSimulatorPort.ios_version): Remove support for the --runtime option.
(IOSSimulatorPort.default_child_processes): Use the SimulatedDeviceManager to check
the maximum number of supported simulators on this system.
(IOSSimulatorPort._create_devices): Construct a list of device requests with a
request for each child process and send this list to the SimulatedDeviceManager to
initialize the devices.
(IOSSimulatorPort.check_sys_deps): Check that there are simulators running the
specified version of iOS.
(IOSSimulatorPort.simulator_runtime): Deleted.
(IOSSimulatorPort.simulator_device_type): Deleted.
(IOSSimulatorPort._teardown_managed_simulators): Deleted.
(IOSSimulatorPort.use_multiple_simulator_apps): Deleted.
(IOSSimulatorPort._create_simulators): Deleted.
(IOSSimulatorPort._quit_ios_simulator): Deleted.
(IOSSimulatorPort._using_dedicated_simulators): Deleted.
(IOSSimulatorPort.using_multiple_devices): Deleted.
(IOSSimulatorPort._create_device): Deleted.
(IOSSimulatorPort.get_simulator_path): Deleted.
(IOSSimulatorPort._createSimulatorApps): Deleted.
(IOSSimulatorPort._createSimulatorApp): Deleted.

  • Scripts/webkitpy/tool/commands/rebaseline_unittest.py:

(TestRebaseline.test_rebaseline): Filter out commands run when determining the
maximum number of simulators run on this system.
(TestRebaselineExpectations.test_rebaseline_expectations): Ditto.

  • Scripts/webkitpy/xcode/new_simulated_device.py:

(SimulatedDeviceManager._does_fulfill_request): Fixed log statement.

7:54 AM Changeset in webkit [226714] by Alan Bujtas
  • 9 edits in trunk/Source/WebCore

[RenderTreeBuilder] Move RenderRuby's moveChildren logic to RenderTreeBuilder

Reviewed by Antti Koivisto.

This is about moving code, no cleanup and/or normalization (unfortunately it also means
some temporary changes).

No change in functionality.

  • rendering/RenderBlockFlow.h:
  • rendering/RenderRubyBase.cpp:

(WebCore::RenderRubyBase::moveChildren): Deleted.
(WebCore::RenderRubyBase::mergeChildrenWithBase): Deleted.
(WebCore::RenderRubyBase::moveInlineChildren): Deleted.
(WebCore::RenderRubyBase::moveBlockChildren): Deleted.

  • rendering/RenderRubyBase.h:
  • rendering/RenderRubyRun.cpp:


  • rendering/updating/RenderTreeBuilder.cpp:


  • rendering/updating/RenderTreeBuilder.h:
  • rendering/updating/RenderTreeBuilderRuby.cpp:


  • rendering/updating/RenderTreeBuilderRuby.h:
7:29 AM Changeset in webkit [226713] by Philippe Normand
  • 2 edits in trunk/Source/WebCore

[GStreamer] fix critical GObject warning

Rubber-stamped by Carlos Garcia Campos.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

(WebCore::MediaPlayerPrivateGStreamer::handleMessage): No need to
resort to complicated things to get the element name...

7:26 AM Changeset in webkit [226712] by Philippe Normand
  • 4 edits in trunk

[GStreamer] REGRESSION(r226629): broke media/video-interruption-with-resume-allowing-play.html

Reviewed by Carlos Garcia Campos.


This patch mainly reduces the amount of playback state changes
emitted by the GStreamer player to its client. Emitting those
notifications too often has bad side effects.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

(WebCore::MediaPlayerPrivateGStreamer::paused const): Add debug messages.
(WebCore::MediaPlayerPrivateGStreamer::handleMessage): This debug message appears too much. Demote.
(WebCore::MediaPlayerPrivateGStreamer::maxTimeLoaded const): Ditto.
(WebCore::MediaPlayerPrivateGStreamer::didLoadingProgress const): Ditto.
(WebCore::MediaPlayerPrivateGStreamer::updateStates): Try to emit
playback state change notification only when going to PLAYING.
(WebCore::MediaPlayerPrivateGStreamer::loadingFailed): Add warning message.


  • platform/gtk/TestExpectations: These 2 tests shall pass now.
6:44 AM Changeset in webkit [226711] by Carlos Garcia Campos
  • 2 edits in trunk/Tools

WebDriver: run-webdriver-tests doesn't handle test names with a '/' correctly

Reviewed by Carlos Alberto Lopez Perez.

We use os.path.basename() to get the subtest name. If the test name contains a slash we get part of the subtest
name as the name.

  • Scripts/webkitpy/webdriver_tests/webdriver_test_runner_w3c.py:

(WebDriverTestRunnerW3C._subtest_name): Helper function to get the subtest name.
(WebDriverTestRunnerW3C.run): Use _subtest_name() instead of os.path.basename().

4:29 AM Changeset in webkit [226710] by Ms2ger@igalia.com
  • 2 edits in trunk/LayoutTests

[GTK] Enable css2.1/20110323/c541-word-sp-000.htm.

Unreviewed test gardening.

It was fixed in r226404.

  • platform/gtk/TestExpectations:
4:13 AM Changeset in webkit [226709] by Philippe Normand
  • 2 edits in trunk/LayoutTests

Unreviewed, updating expectations for media test timing out on GTK

  • platform/gtk/TestExpectations:
3:25 AM Changeset in webkit [226708] by Carlos Garcia Campos
  • 25 edits
    6 copies
    6 adds
    2 deletes in trunk/WebDriverTests

Unreviewed. Update W3C WebDriver imported tests.

  • imported/w3c/importer.json:
  • imported/w3c/tools/wptrunner/wptrunner/browsers/firefox.py:
  • imported/w3c/tools/wptrunner/wptrunner/browsers/servo.py:
  • imported/w3c/tools/wptrunner/wptrunner/environment.py:
  • imported/w3c/tools/wptrunner/wptrunner/executors/base.py:
  • imported/w3c/tools/wptrunner/wptrunner/executors/executormarionette.py:
  • imported/w3c/tools/wptrunner/wptrunner/executors/executorservo.py:
  • imported/w3c/tools/wptrunner/wptrunner/executors/pytestrunner/runner.py:
  • imported/w3c/tools/wptrunner/wptrunner/testrunner.py:
  • imported/w3c/tools/wptrunner/wptrunner/update/update.py:
  • imported/w3c/tools/wptrunner/wptrunner/webdriver_server.py:
  • imported/w3c/tools/wptrunner/wptrunner/wptlogging.py:
  • imported/w3c/tools/wptrunner/wptrunner/wptrunner.py:
  • imported/w3c/webdriver/OWNERS:
  • imported/w3c/webdriver/interface/interface.html: Removed.
  • imported/w3c/webdriver/tests/actions/modifier_click.py:
  • imported/w3c/webdriver/tests/actions/mouse.py:
  • imported/w3c/webdriver/tests/actions/mouse_dblclick.py: Added.
  • imported/w3c/webdriver/tests/actions/sequence.py:
  • imported/w3c/webdriver/tests/actions/support/mouse.py: Added.
  • imported/w3c/webdriver/tests/cookies/add_cookie.py:
  • imported/w3c/webdriver/tests/cookies/get_named_cookie.py:
  • imported/w3c/webdriver/tests/element_retrieval/init.py: Copied from WebDriverTests/imported/w3c/webdriver/tests/retrieval/init.py.
  • imported/w3c/webdriver/tests/element_retrieval/find_element.py: Renamed from WebDriverTests/imported/w3c/webdriver/tests/retrieval/find_element.py.
  • imported/w3c/webdriver/tests/element_retrieval/find_element_from_element.py: Renamed from WebDriverTests/imported/w3c/webdriver/tests/retrieval/find_element_from_element.py.
  • imported/w3c/webdriver/tests/element_retrieval/find_elements.py: Renamed from WebDriverTests/imported/w3c/webdriver/tests/retrieval/find_elements.py.
  • imported/w3c/webdriver/tests/element_retrieval/find_elements_from_element.py: Renamed from WebDriverTests/imported/w3c/webdriver/tests/retrieval/find_element_from_elements.py.
  • imported/w3c/webdriver/tests/element_send_keys/init.py: Renamed from WebDriverTests/imported/w3c/webdriver/tests/retrieval/init.py.
  • imported/w3c/webdriver/tests/element_send_keys/interactability.py: Added.
  • imported/w3c/webdriver/tests/element_send_keys/scroll_into_view.py: Added.
  • imported/w3c/webdriver/tests/execute_script/cyclic.py: Added.
  • imported/w3c/webdriver/tests/get_window_rect.py:
  • imported/w3c/webdriver/tests/interface.html:
  • imported/w3c/webdriver/tests/navigation/current_url.py:
  • imported/w3c/webdriver/tests/support/asserts.py:
  • imported/w3c/webdriver/tests/support/fixtures.py:
2:50 AM WebKitGTK/2.18.x edited by Carlos Garcia Campos
2:44 AM Changeset in webkit [226707] by Carlos Garcia Campos
  • 1 copy in releases/WebKitGTK/webkit-2.18.5

WebKitGTK+ 2.18.5

2:43 AM Changeset in webkit [226706] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.18

Unreviewed. Update OptionsGTK.cmake and NEWS for 2.18.5 release.


  • Source/cmake/OptionsGTK.cmake: Bump version numbers.


  • gtk/NEWS: Add release notes for 2.18.5.
2:16 AM Changeset in webkit [226705] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebCore

Add Service Worker CSP persistency

Patch by Youenn Fablet <youenn@apple.com> on 2018-01-10
Reviewed by Alex Christensen.

Covered by manual testing.
Future work on service worker test infrastructure should allow automating such tests.

Add support for service worker CSP data persistency.
Add a version parameter to increment each time the schema is changing.
This allows the same store to be used by multiple WebKits.

  • workers/service/server/RegistrationDatabase.cpp:


2:15 AM Changeset in webkit [226704] by Philippe Normand
  • 2 edits in trunk/LayoutTests

Unreviewed, updating expectations for media test timing out on GTK

  • platform/gtk/TestExpectations:
1:01 AM Changeset in webkit [226703] by Antti Koivisto
  • 12 edits in trunk

Invalidate current element style on class change accurately

Reviewed by Zalan Bujtas.


  • css/DocumentRuleSets.cpp:

(WebCore::DocumentRuleSets::collectFeatures const):
(WebCore::DocumentRuleSets::subjectClassRules const):

New rule set containing class rules affecting the subject element.

(WebCore::DocumentRuleSets::ancestorClassRules const):

  • css/DocumentRuleSets.h:
  • css/RuleFeature.cpp:


Classify selector components into various buckets based on the elements they match relative to
the subject element. There are more categories than this patch strictly needs, for future use.


  • css/RuleFeature.h:
  • css/StyleResolver.h:

(WebCore::StyleResolver::hasSelectorForClass const): Deleted.

  • style/ClassChangeInvalidation.cpp:


Don't invalidate current element unconditionally on class change. Instead find the subject rulesets
that might affect it use them to perform invalidation.

(WebCore::Style::ClassChangeInvalidation::invalidateStyle): Deleted.
(WebCore::Style::ClassChangeInvalidation::invalidateDescendantStyle): Deleted.

  • style/ClassChangeInvalidation.h:


  • style/StyleSharingResolver.cpp:

(WebCore::Style::SharingResolver::classNamesAffectedByRules const):


  • fast/css/set-inline-style-recalc-expected.txt:
  • fast/css/set-inline-style-recalc.html:
12:56 AM Changeset in webkit [226702] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.18/Source/WebKit

Merge r226018 - [GTK][WPE] Enable WebProcess memory monitor

Reviewed by Michael Catanzaro.

For some reason this is only enabled in mac. We want to enable it also in GTK and WPE ports. This runs every 30
seconds to release memory or even kill the process if necessary. Carlos López has realized that in some
applications using video tags, the memory grows a lot and it's never released. It seems it's not memory leaked,
but simply large memory allocations (I guess it's gst allocating video frames) that make the heap grow. The
memory pressure calls malloc_trim that releases all that memory keeping the web process footprint stable.

  • WebProcess/WebProcess.cpp:


12:35 AM Changeset in webkit [226701] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.18/Tools

Merge r224458 - [GTK] Fix gtk-doc generation with gtk-doc master

Reviewed by Carlos Garcia Campos.

gtkdoc-scangobj has changed to no longer use a shell when executing its subcommands. In
particular, this means we can no longer rely on shell stuff in our run command that we use
to run the scanner. We currently use the RUN envvar to set LD_LIBRARY_PATH, and the end
result is gtkdoc-scangobj now attempts to execute our environment variable instead of the
scanner itself. We can just set LD_LIBRARY_PATH directly, instead of using RUN, in order to
make documentation generation work again.

  • gtk/gtkdoc.py:


12:34 AM Changeset in webkit [226700] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.18/Source/WebInspectorUI

Merge r221800 - Uncaught Exception: TypeError: this._heapSnapshot.addEventListener is not a function.

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2017-09-08
Reviewed by Michael Saboff.

  • UserInterface/Proxies/HeapSnapshotDiffProxy.js:

This class has listeners of another object's events. It should extend WI.Object.

12:33 AM Changeset in webkit [226699] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.18

Merge r226495 - Reduce the precision of "high" resolution time to 1ms

Reviewed by Saam Barati.


Reduced the high prevision time's resolution to 1ms, the same precision as Date.now().

Also fixed the bug in fillRTCStats that we weren't reducing the time resolution in RTCStats dictionaries.

  • Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:


  • page/Performance.cpp:



Add a flaky test expectation to imported/w3c/web-platform-tests/workers/worker-performance.worker.html
due to a test bug. The test fix is tracked in https://github.com/w3c/web-platform-tests/pull/8711

12:28 AM Changeset in webkit [226698] by Carlos Garcia Campos
  • 19 edits in releases/WebKitGTK/webkit-2.18

Merge r226386 - Disable SharedArrayBuffers from Web API

Reviewed by Saam Barati.


Disabled SharedArrayBuffer tests.

  • stress/SharedArrayBuffer-opt.js:
  • stress/SharedArrayBuffer.js:
  • stress/array-buffer-byte-length.js:
  • stress/atomics-add-uint32.js:
  • stress/atomics-known-int-use.js:
  • stress/atomics-neg-zero.js:
  • stress/atomics-store-return.js:
  • stress/lars-sab-workers.js:
  • stress/regress-159779-1.js:
  • stress/regress-159779-2.js:
  • stress/regress-170473.js:
  • test262.yaml:


Removed SharedArrayBuffer prototype and structure from GlobalObject creation
to disable.

  • runtime/JSGlobalObject.cpp:


  • runtime/JSGlobalObject.h:

(JSC::JSGlobalObject::arrayBufferPrototype const):
(JSC::JSGlobalObject::arrayBufferStructure const):


Turn off SharedArrayBuffers using a compile time flag ENABLE_SHARED_ARRAY_BUFFER.

  • wtf/Platform.h:


Disabled SharedArrayBuffer tests.

12:20 AM WebKitGTK/Gardening/Calendar edited by Ms2ger@igalia.com
Fix off-by-one error (diff)

Jan 9, 2018:

10:15 PM Changeset in webkit [226697] by graouts@webkit.org
  • 8 edits in trunk

[Web Animations] Expose the id property on Animation

Reviewed by Dean Jackson.


Expose the "id" property on Animation and handle the "id" property on the optional KeyframeAnimationOptions object
passed to Element.animate(). All of the WPT tests related to this property are now passing.

  • animation/WebAnimation.h:
  • animation/WebAnimation.idl:
  • dom/Element.cpp:



Mark all tests related to the "id" property as passing.

  • http/wpt/web-animations/interfaces/Animatable/animate-expected.txt:
  • http/wpt/web-animations/interfaces/Animation/id-expected.txt:
  • http/wpt/web-animations/interfaces/Animation/idlharness-expected.txt:
9:43 PM Changeset in webkit [226696] by jmarcell@apple.com
  • 2 edits in branches/safari-605-branch/Source/JavaScriptCore

Cherry-pick r226672. rdar://problem/36397330

9:02 PM Changeset in webkit [226695] by rniwa@webkit.org
  • 1 edit
    1 copy in trunk/Websites/browserbench.org

Merge the latest version of Speedometer 2.0 to browserbench.org against at r226694.

Rubber-stamped by Keith Miller.

  • Speedometer2.0: Replaced with PerformanceTests/Speedometer.
8:51 PM Changeset in webkit [226694] by rniwa@webkit.org
  • 3 edits in trunk/PerformanceTests

Speedometer 2.0: Update the About page.

Reviewed by Keith Miller.

Updated the about page for Speedometer 2.0.

  • Speedometer/index.html:
8:31 PM Changeset in webkit [226693] by jmarcell@apple.com
  • 2 edits in branches/safari-605-branch/Source/WebKit

Cherry-pick r226669. rdar://problem/36393011

8:31 PM Changeset in webkit [226692] by jmarcell@apple.com
  • 5 edits in branches/safari-605-branch

Cherry-pick r226638. rdar://problem/36392286

8:31 PM Changeset in webkit [226691] by jmarcell@apple.com
  • 24 edits in branches/safari-605-branch

Cherry-pick r226628. rdar://problem/36392341

8:31 PM Changeset in webkit [226690] by jmarcell@apple.com
  • 12 edits in branches/safari-605-branch/Source

Cherry-pick r226626. rdar://problem/36392359

8:31 PM Changeset in webkit [226689] by jmarcell@apple.com
  • 2 edits in branches/safari-605-branch/Source/WebCore

Cherry-pick r226623. rdar://problem/36392380

8:31 PM Changeset in webkit [226688] by jmarcell@apple.com
  • 5 edits
    2 adds in branches/safari-605-branch

Cherry-pick r226617. rdar://problem/36392336

8:31 PM Changeset in webkit [226687] by jmarcell@apple.com
  • 15 edits in branches/safari-605-branch

Cherry-pick r226615. rdar://problem/36392328

8:31 PM Changeset in webkit [226686] by jmarcell@apple.com
  • 6 edits in branches/safari-605-branch/Source/JavaScriptCore

Cherry-pick r226556. rdar://problem/36392331

8:31 PM Changeset in webkit [226685] by jmarcell@apple.com
  • 8 edits in branches/safari-605-branch/Source

Cherry-pick r226542. rdar://problem/36392364

8:31 PM Changeset in webkit [226684] by jmarcell@apple.com
  • 26 edits in branches/safari-605-branch/Source

Cherry-pick r226530. rdar://problem/36392325

8:31 PM Changeset in webkit [226683] by jmarcell@apple.com
  • 2 edits in branches/safari-605-branch/Source/WebKit

Cherry-pick r226528. rdar://problem/36392391

8:31 PM Changeset in webkit [226682] by jmarcell@apple.com
  • 14 edits
    2 adds in branches/safari-605-branch

Cherry-pick r226526. rdar://problem/36392384

8:31 PM Changeset in webkit [226681] by jmarcell@apple.com
  • 5 edits
    2 adds in branches/safari-605-branch

Cherry-pick r226521. rdar://problem/36392339

8:31 PM Changeset in webkit [226680] by jmarcell@apple.com
  • 2 edits in branches/safari-605-branch/Source/WebKit

Cherry-pick r226519. rdar://problem/36392376

8:31 PM Changeset in webkit [226679] by jmarcell@apple.com
  • 2 edits in branches/safari-605-branch/Source/WebInspectorUI

Cherry-pick r226517. rdar://problem/36392371

8:31 PM Changeset in webkit [226678] by jmarcell@apple.com
  • 7 edits in branches/safari-605-branch/Source


8:08 PM Changeset in webkit [226677] by Chris Dumez
  • 6 edits
    9 adds in trunk

Make service workers behave correctly with regards to Page Cache

Reviewed by Youenn Fablet.


Make service workers behave correctly with regards to Page Cache:

  1. If a document has an active service worker, do not let it go into PageCache
  2. When a document goes into page cache, unregister it from the list of service worker clients
  3. When a document is restored from page cache, add it nack to the list of service worker clients

Tests: http/tests/workers/service/client-added-to-clients-when-restored-from-page-cache.html


  • dom/Document.cpp:


  • history/PageCache.cpp:


  • page/DiagnosticLoggingKeys.cpp:


  • page/DiagnosticLoggingKeys.h:


Add layout test coverage.

  • http/tests/workers/service/client-added-to-clients-when-restored-from-page-cache-expected.txt: Added.
  • http/tests/workers/service/client-added-to-clients-when-restored-from-page-cache.html: Added.
  • http/tests/workers/service/client-removed-from-clients-while-in-page-cache-expected.txt: Added.
  • http/tests/workers/service/client-removed-from-clients-while-in-page-cache.html: Added.
  • http/tests/workers/service/no-page-cache-when-controlled-expected.txt: Added.
  • http/tests/workers/service/no-page-cache-when-controlled.html: Added.
  • http/tests/workers/service/other_resources/test.html: Added.
  • http/tests/workers/service/resources/getClientCount-worker.js: Added.


7:31 PM Changeset in webkit [226676] by Chris Dumez
  • 11 edits in trunk

We should not return undefined for most properties of a detached Window

Reviewed by Ryosuke Niwa.


Rebaseline several WPT tests now that more checks are passing.

  • web-platform-tests/custom-elements/custom-element-registry/per-global-expected.txt:
  • web-platform-tests/html/semantics/embedded-content/the-iframe-element/iframe-append-to-child-document-expected.txt:
  • web-platform-tests/service-workers/service-worker/detached-context.https-expected.txt:


We should not return undefined for most properties on a detached Window. WebKit previously only exposed "closed"
and "close" properties on detached / frameless windows. However, this does not match the HTML specification [1]
or the behavior of Firefox and Chrome.

Note that Chrome does not seem to fully follow the HTML specification either, it seems to treat detached windows
the same way as cross-origin ones. As a result, it only exposed properties that are visible cross-origin when
a window is detached / frameless.

[1] https://html.spec.whatwg.org/#windowproxy-get

No new tests, updated existingt tests.

  • bindings/js/JSDOMWindowCustom.cpp:



Update existing tests to reflect behavior change.

  • fast/dom/Window/orphaned-frame-access-expected.txt:
  • fast/dom/Window/orphaned-frame-access.html:
  • fast/frames/detached-frame-property-expected.txt:
  • fast/frames/detached-frame-property.html:
7:24 PM Changeset in webkit [226675] by Darin Adler
  • 10 edits in trunk

Further refinement to list item and counter code after "list-item" counter fix

Reviewed by Zalan Bujtas.


  • css/StyleBuilderCustom.h:

(WebCore::StyleBuilderCustom::applyInheritCounter): Use auto.
(WebCore::StyleBuilderCustom::applyValueCounter): Use auto, removed unneeded
null checks for things that can never be null, moved the saturated addition
here and got rid of the addIncrementValue function from CounterDirectives.
Use the saturatedAddition function from SaturatedArithmetic.h instead of the
much less efficient one that did the same thing, CounterDirectives::addClamped.

  • rendering/RenderCounter.cpp:

(WebCore::listItemCounterDirectives): Use aggregate syntax for the return
(WebCore::planCounter): Changed to use a struct return value instead of two
out arguments. Use the saturatedAddition function from SaturatedArithmetic.h
instead of the much less efficient one that did the same thing,
(WebCore::findPlaceForCounter): Changed to use a struct return value instead
of two out arguments.
(WebCore::makeCounterNode): Updated for the above changes. Changed code to
use add instead of both get and set. Updated to keep the counter maps inside
the values of the "map of maps" instead of using a unique_ptr and allocating
each one on the heap.
(WebCore::destroyCounterNodeWithoutMapRemoval): Changed argument to a reference
instead of a pointer. Updated for changes to the map. Use RefPtr more
(WebCore::RenderCounter::destroyCounterNodes): Use iterators less.
(WebCore::RenderCounter::destroyCounterNode): Ditto.
(WebCore::RenderCounter::rendererRemovedFromTree): Add a check of
hasCounterNodeMap here before calling destroyCounterNodes, so that function
can assume the flag is true (both other callers already check it).
(WebCore::updateCounters): Use auto and update for changes above.
(WebCore::RenderCounter::rendererStyleChanged): Use modern for loops instead
of iterators.
(showCounterRendererTree): Use auto and udpate for changes above.

  • rendering/RenderListItem.cpp:

(WebCore::enclosingList): Stop referring to elements as "nodes". Changed
the local variable names for clarity.
(WebCore::nextListItemHelper): Renamed from nextListItem since it's not
intended to be called directly and we want to use a function pointer to
nextListItem. Fixed the algorithm to correctly handle ad hoc "lists" that
are not actually HTML list elements, using the definition in the enclosingList
function as the previousListItem function already did.
(WebCore::nextListItem): Updated for name changes.
(WebCore::firstListItem): Renamed from nextListItem for clarity.
(WebCore::previousListItem): Rewrote loop so it doesn't have to do things
so strangely when we find another list.
(WebCore::RenderListItem::updateItemValuesForOrderedList): Use auto and
update local variable names.
(WebCore::RenderListItem::itemCountForOrderedList): Ditto.
(WebCore::RenderListItem::updateValueNow const): Rewrote to use an iterative
algorithm instead of a recursive one. Fixes the FIXME here.
(WebCore::RenderListItem::updateValue): Use m_valueWasSetExplicitly
instead of m_explicitValue.
(WebCore::RenderListItem::explicitValueChanged): Use auto and simplified
the loop a bit.
(WebCore::RenderListItem::setExplicitValue): Set m_valueWasSetExplicitly
instead of m_explicitValue.
(WebCore::previousOrNextItem): Deleted.
(WebCore::RenderListItem::updateListMarkerNumbers): Streamlined the loop
a bit and used a fucntion pointer to handle the two different directions.
(WebCore::RenderListItem::isInReversedOrderedList const): Simplified by
getting rid of an unneeded use of pointers and local variables.

  • rendering/RenderListItem.h: Use a boolean, m_valueWasSetExplicitly,

instead of a separate optional m_explicitValue.

  • rendering/style/CounterDirectives.h: Since all the code in this file was

rewritten, removed old copyrights. Deleted the addIncrementValue function,
since it is clear enough in the one call site in the style builder.
Deleted the addClamped function because it was just a much slower
version of the saturatedAddition function. Made == and != into constexpr
functions since they are simple enough to be.

  • rendering/style/RenderStyle.cpp:

(WebCore::RenderStyle::getCounterDirectives const): Deleted. Caller can
handle this just fine without a helper function.

  • rendering/style/RenderStyle.h: Ditto.


  • fast/css/counters/counter-list-item.html: Removed an extra newline at the end of

the file.

7:17 PM Changeset in webkit [226674] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebInspectorUI

REGRESSION(r201855): Web Inspector: Should see "length" autocompletion suggestion on a string literal

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2018-01-09
Reviewed by Matt Baker.

  • UserInterface/Controllers/JavaScriptRuntimeCompletionProvider.js:

This is code that runs on the inspected target, which may have an old version of
WebKit/JavaScriptCore, so don't use new syntax like this.

We intended to return the result by as a JSON value instead of a RemoteObject.

7:04 PM Changeset in webkit [226673] by ddkilzer@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

REGRESSION (r226667): CodeBlocks should be in IsoSubspaces

Fixes the following build error:

heap/Heap.cpp:2708:10: error: lambda capture 'this' is not used [-Werror,-Wunused-lambda-capture]

  • heap/Heap.cpp:

(JSC::Heap::addCoreConstraints): Remove 'this' from lambda to
fix the build.

7:00 PM Changeset in webkit [226672] by keith_miller@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

and32 with an Address source on ARM64 did not invalidate dataTempRegister

Reviewed by Michael Saboff.

  • assembler/MacroAssemblerARM64.h:


6:43 PM Changeset in webkit [226671] by Ross Kirsling
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: Layers sidebar shows popover on selection even when collapsed

Reviewed by Matt Baker.

  • UserInterface/Views/LayerDetailsSidebarPanel.js:

Have sidebar show itself if necessary before displaying popover.

6:37 PM Changeset in webkit [226670] by aestes@apple.com
  • 2 edits in trunk/Tools

[Xcode] Use the Apple Internal SDK if available when building ImageDiff

Reviewed by Dan Bernstein.

  • ImageDiff/cg/Configurations/Base.xcconfig:
5:34 PM Changeset in webkit [226669] by wilander@apple.com
  • 2 edits in trunk/Source/WebKit

Storage Access API: Turn feature on by default in WebPreferences.yaml

Reviewed by Brent Fulgham.

  • Shared/WebPreferences.yaml:
4:44 PM Changeset in webkit [226668] by mmaxfield@apple.com
  • 9 edits
    12 moves
    2 adds in trunk

font-display:fallback can cause a visual flash (which is supposed to be impossible)

Reviewed by Simon Fraser.


A FontCascade represents an entire font-family fallback list, but sometimes we need to pull out a single
representative font from the list to calculate things like line height. Previously, if the first item in
the font-family list was in the middle of being downloaded, this representative font was hardcoded to be
Times. However, when actually laying out and drawing the glyphs, we have logic to skip the interstitial
Times if there are any installed fonts present in the font-family list (so you wouldn't ever actually
see Times). This means that line height (among other things) was being calculated as if Times was used,
but in reality, some other font from the font-family list was being used.

Alone, this isn't a huge problem, but font-display:fallback makes a font transition between "timed out"
and "failed," and when the font hits the failed state, the representative font skips over the cancelled
item and hits the next item in the fallback list. This means that line heights will change, which causes
a visual flash, even when font-display:fallback is specified.

The solution is simply to educate the logic which identifies this representative font so that it
understands what to do for currently-loading fonts.

Tests: fast/text/font-display/swap-flash.html

  • platform/graphics/FontCascadeFonts.h:


  • rendering/line/BreakingContext.h:



The test requires Palatino.

  • DumpRenderTree/mac/DumpRenderTree.mm:


  • WebKitTestRunner/mac/TestControllerMac.mm:



Move font-display tests into their common subfolder.

  • fast/text/font-display/block-finish-expected.html: Renamed from LayoutTests/fast/text/loading-block-finish-expected.html.
  • fast/text/font-display/block-finish.html: Renamed from LayoutTests/fast/text/loading-block-finish.html.
  • fast/text/font-display/block-nofinish-expected.html: Renamed from LayoutTests/fast/text/loading-block-nofinish-expected.html.
  • fast/text/font-display/block-nofinish.html: Renamed from LayoutTests/fast/text/loading-block-nofinish.html.
  • fast/text/font-display/failure-finish-expected.html: Renamed from LayoutTests/fast/text/loading-failure-finish-expected.html.
  • fast/text/font-display/failure-finish.html: Renamed from LayoutTests/fast/text/loading-failure-finish.html.
  • fast/text/font-display/failure-nofinish-expected.html: Renamed from LayoutTests/fast/text/loading-failure-nofinish-expected.html.
  • fast/text/font-display/failure-nofinish.html: Renamed from LayoutTests/fast/text/loading-failure-nofinish.html.
  • fast/text/font-display/swap-finish-expected.html: Renamed from LayoutTests/fast/text/loading-swap-finish-expected.html.
  • fast/text/font-display/swap-finish.html: Renamed from LayoutTests/fast/text/loading-swap-finish.html.
  • fast/text/font-display/swap-nofinish-expected.html: Renamed from LayoutTests/fast/text/loading-swap-nofinish-expected.html.
  • fast/text/font-display/swap-nofinish.html: Renamed from LayoutTests/fast/text/loading-swap-nofinish.html.
  • fast/text/font-display/swap-flash-expected.html: Added.
  • fast/text/font-display/swap-flash.html: Added.
  • platform/win/TestExpectations:
4:30 PM Changeset in webkit [226667] by fpizlo@apple.com
  • 66 edits
    2 adds in trunk

CodeBlocks should be in IsoSubspaces

Reviewed by Saam Barati.

This moves CodeBlocks into IsoSubspaces. Doing so means that we no longer need to have the
special CodeBlockSet HashSets of new and old CodeBlocks. We also no longer use
WeakReferenceHarvester or UnconditionalFinalizer. Instead:

  • Code block sweeping is now just eager sweeping. This means that it automatically takes advantage of our unswept set, which roughly corresponds to what CodeBlockSet used to use its eden set for.

  • Those idea of Executable "weakly visiting" the CodeBlock is replaced by Executable marking a ExecutableToCodeBlockEdge object. That object being marked corresponds to what we used to call CodeBlock "having been weakly visited". This means that CodeBlockSet no longer has to clear the set of weakly visited code blocks. This also means that determining CodeBlock liveness, propagating CodeBlock transitions, and jettisoning CodeBlocks during GC are now the edge's job. The edge is also in an IsoSubspace and it has IsoCellSets to tell us which edges have output constraints (what we used to call CodeBlock's weak reference harvester) and which have unconditional finalizers.

  • CodeBlock now uses an IsoCellSet to tell if it has an unconditional finalizer.

  • CodeBlockSet still exists! It has one unified HashSet of CodeBlocks that we use to handle requests from the sampler, debugger, and other facilities. They may want to ask if some pointer corresponds to a CodeBlock during stages of execution during which the GC is unable to answer isLive() queries. The trickiest is the sampling profiler thread. There is no way that the GC's isLive could tell us of a CodeBlock that had already been allocated has now been full constructed.

  • JavaScriptCore.xcodeproj/project.pbxproj:
  • Sources.txt:
  • bytecode/CodeBlock.cpp:

(JSC::CodeBlock::hasInstalledVMTrapBreakpoints const):
(JSC::CodeBlock::visitWeakly): Deleted.
(JSC::CodeBlock::WeakReferenceHarvester::visitWeakReferences): Deleted.
(JSC::CodeBlock::UnconditionalFinalizer::finalizeUnconditionally): Deleted.

  • bytecode/CodeBlock.h:

(JSC::CodeBlock::ownerEdge const):
(JSC::CodeBlock::clearVisitWeaklyHasBeenCalled): Deleted.

  • bytecode/EvalCodeBlock.h:

(JSC::EvalCodeBlock::create): Deleted.
(JSC::EvalCodeBlock::createStructure): Deleted.
(JSC::EvalCodeBlock::variable): Deleted.
(JSC::EvalCodeBlock::numVariables): Deleted.
(JSC::EvalCodeBlock::functionHoistingCandidate): Deleted.
(JSC::EvalCodeBlock::numFunctionHoistingCandidates): Deleted.
(JSC::EvalCodeBlock::EvalCodeBlock): Deleted.
(JSC::EvalCodeBlock::unlinkedEvalCodeBlock const): Deleted.

  • bytecode/ExecutableToCodeBlockEdge.cpp: Added.


  • bytecode/ExecutableToCodeBlockEdge.h: Added.

(JSC::ExecutableToCodeBlockEdge::codeBlock const):

  • bytecode/FunctionCodeBlock.h:


  • bytecode/ModuleProgramCodeBlock.h:

(JSC::ModuleProgramCodeBlock::create): Deleted.
(JSC::ModuleProgramCodeBlock::createStructure): Deleted.
(JSC::ModuleProgramCodeBlock::ModuleProgramCodeBlock): Deleted.

  • bytecode/ProgramCodeBlock.h:

(JSC::ProgramCodeBlock::create): Deleted.
(JSC::ProgramCodeBlock::createStructure): Deleted.
(JSC::ProgramCodeBlock::ProgramCodeBlock): Deleted.

  • debugger/Debugger.cpp:

(JSC::Debugger::SetSteppingModeFunctor::operator() const):
(JSC::Debugger::ToggleBreakpointFunctor::operator() const):
(JSC::Debugger::ClearCodeBlockDebuggerRequestsFunctor::operator() const):
(JSC::Debugger::ClearDebuggerRequestsFunctor::operator() const):

  • heap/CodeBlockSet.cpp:

(JSC::CodeBlockSet::dump const):
(JSC::CodeBlockSet::promoteYoungCodeBlocks): Deleted.
(JSC::CodeBlockSet::clearMarksForFullCollection): Deleted.
(JSC::CodeBlockSet::lastChanceToFinalize): Deleted.
(JSC::CodeBlockSet::deleteUnmarkedAndUnreferenced): Deleted.

  • heap/CodeBlockSet.h:
  • heap/CodeBlockSetInlines.h:


  • heap/ConservativeRoots.cpp:


  • heap/ConservativeRoots.h:
  • heap/Heap.cpp:

(JSC::Heap::finalizeUnconditionalFinalizersInIsoSubspace): Deleted.

  • heap/Heap.h:
  • heap/HeapCell.h:
  • heap/HeapCellInlines.h:

(JSC::HeapCell::subspace const):

  • heap/HeapInlines.h:


  • heap/HeapUtil.h:


  • heap/IsoCellSet.cpp:


  • heap/IsoCellSet.h:
  • heap/IsoCellSetInlines.h:


  • heap/LargeAllocation.h:

(JSC::LargeAllocation::subspace const):

  • heap/MarkStackMergingConstraint.cpp:


  • heap/MarkStackMergingConstraint.h:
  • heap/MarkedAllocator.cpp:


  • heap/MarkedBlock.cpp:


  • heap/MarkedBlock.h:

(JSC::MarkedBlock::subspace const):

  • heap/MarkedBlockInlines.h:


  • heap/MarkedSpaceInlines.h:


  • heap/MarkingConstraint.cpp:

(JSC::MarkingConstraint::finishParallelWork): Deleted.
(JSC::MarkingConstraint::doParallelWorkImpl): Deleted.
(JSC::MarkingConstraint::finishParallelWorkImpl): Deleted.

  • heap/MarkingConstraint.h:
  • heap/MarkingConstraintSet.cpp:


  • heap/MarkingConstraintSet.h:


  • heap/MarkingConstraintSolver.cpp:

(JSC::MarkingConstraintSolver::didExecute): Deleted.

  • heap/MarkingConstraintSolver.h:

(JSC::MarkingConstraintSolver::TaskWithConstraint::operator== const):

  • heap/SimpleMarkingConstraint.cpp:


  • heap/SimpleMarkingConstraint.h:


  • heap/SlotVisitor.cpp:


  • heap/SlotVisitor.h:
  • heap/Subspace.cpp:


  • heap/Subspace.h:
  • heap/SubspaceInlines.h:


  • llint/LowLevelInterpreter.asm:
  • runtime/EvalExecutable.cpp:


  • runtime/EvalExecutable.h:


  • runtime/FunctionExecutable.cpp:


  • runtime/FunctionExecutable.h:
  • runtime/JSType.h:
  • runtime/ModuleProgramExecutable.cpp:


  • runtime/ModuleProgramExecutable.h:
  • runtime/ProgramExecutable.cpp:


  • runtime/ProgramExecutable.h:
  • runtime/ScriptExecutable.cpp:


  • runtime/VM.cpp:


  • runtime/VM.h:


  • runtime/VMTraps.cpp:


  • tools/VMInspector.cpp:



No new tests because no new behavior.

Adopting new parallel constraint API, so that more of the logic of doing parallel
constraint solving is shared between the DOM's output constraints and JSC's output

  • bindings/js/DOMGCOutputConstraint.cpp:

(WebCore::DOMGCOutputConstraint::doParallelWorkImpl): Deleted.
(WebCore::DOMGCOutputConstraint::finishParallelWorkImpl): Deleted.

  • bindings/js/DOMGCOutputConstraint.h:


Deque<>::contains() is helpful for a debug ASSERT.

  • wtf/Deque.h:


4:05 PM Changeset in webkit [226666] by Simon Fraser
  • 11 edits in trunk/Source/WebCore

Clean up Marquee-related enums

Reviewed by Anders Carlsson.

Modernize EMarqueeBehavior and EMarqueeDirection enums. Stop using the weird negative
values in the MarqueeDirection and do manual reverse direction mapping.

Make some member functions of RenderMarquee private.

Stop using bitfields in RenderMarquee because the memory saving is not worth it, and doing so
allows us to use modern initialization.

No behavior change.

  • css/CSSPrimitiveValueMappings.h:

(WebCore::CSSPrimitiveValue::operator MarqueeBehavior const):
(WebCore::CSSPrimitiveValue::operator MarqueeDirection const):
(WebCore::CSSPrimitiveValue::operator EMarqueeBehavior const): Deleted.
(WebCore::CSSPrimitiveValue::operator EMarqueeDirection const): Deleted.

  • css/StyleResolver.cpp:


  • rendering/RenderBox.cpp:

(WebCore::RenderBox::sizesLogicalWidthToFitContent const):

  • rendering/RenderLayer.cpp:

(WebCore::RenderLayer::calculateClipRects const):

  • rendering/RenderMarquee.cpp:

(WebCore::RenderMarquee::direction const):
(WebCore::RenderMarquee::isHorizontal const):

  • rendering/RenderMarquee.h:
  • rendering/style/RenderStyle.h:

(WebCore::RenderStyle::marqueeBehavior const):
(WebCore::RenderStyle::marqueeDirection const):

  • rendering/style/RenderStyleConstants.h:
  • rendering/style/StyleMarqueeData.cpp:


  • rendering/style/StyleMarqueeData.h:
3:54 PM Changeset in webkit [226665] by achristensen@apple.com
  • 2 edits in trunk/Source/WebKit

WKOpenPanelParameters SPI should return autoreleased objects

Reviewed by Tim Horton.

In r226607 I made a mistake by returning an object that has been released.
I instead follow a pattern of leaking and autoreleasing that we use elsewhere in the ObjC API.

  • UIProcess/API/Cocoa/WKOpenPanelParameters.mm:

(-[WKOpenPanelParameters _acceptedMIMETypes]):
(-[WKOpenPanelParameters _acceptedFileExtensions]):

3:47 PM Changeset in webkit [226664] by jer.noble@apple.com
  • 5 edits in trunk/Source/WebCore

Many CVDisplayLink threads created and destroyed while watching a YouTube video

Reviewed by Simon Fraser.

When watching some YouTube videos (or any video with default controls), event handlers for
the "timeupdate" event which use rAF will cause the underlying platform objects to be
destroyed in between "timeupdate" events being fired, since they occur every 250ms, and rAF
objects are destroyed every 166ms (or 10/60hz). Update this constant to destroy the
underlying objects every 333ms (or 20/60hz) so that this common pattern doesn't lead to
excessive rAF platform object turnover.

  • platform/Logging.h:
  • platform/graphics/DisplayRefreshMonitor.h:

(WebCore::DisplayRefreshMonitor::shouldBeTerminated const):

  • platform/graphics/DisplayRefreshMonitor.cpp:


  • platform/graphics/DisplayRefreshMonitorManager.cpp:


3:46 PM Changeset in webkit [226663] by Matt Lewis
  • 2 edits in trunk/LayoutTests

Fixed test expectaions.

Unreviewed test gardening.

  • platform/ios-wk2/TestExpectations:
3:46 PM Changeset in webkit [226662] by jmarcell@apple.com
  • 1 copy in branches/safari-605-branch

New Branch.

3:43 PM Changeset in webkit [226661] by sbarati@apple.com
  • 2 edits in trunk/Tools

Give some slack in display-profiler-outputs computation of the terminal window's number of columns

Reviewed by JF Bastien.

This allows me to Cmd+f in my terminal to search for things without
having the results become misaligned.

  • Scripts/display-profiler-output:
3:31 PM Changeset in webkit [226660] by Alan Bujtas
  • 9 edits in trunk/Source/WebCore

[RenderTreeBuilder] Move RenderElement addChild mutation logic to RenderTreeBuilder

Reviewed by Antti Koivisto.

This is about moving code, no cleanup and/or normalization (unfortunately it also means
some temporary changes).

No change in functionality.

  • rendering/RenderElement.cpp:

(WebCore::RenderElement::childRequiresTable const): Deleted.

  • rendering/RenderElement.h:
  • rendering/updating/RenderTreeBuilder.cpp:


  • rendering/updating/RenderTreeBuilder.h:
  • rendering/updating/RenderTreeBuilderInline.cpp:

(WebCore::newChildIsInline): Deleted.

  • rendering/updating/RenderTreeBuilderInline.h:
3:00 PM Changeset in webkit [226659] by Matt Lewis
  • 6 edits in trunk

Unreviewed, rolling out r226531.

This caused test failures on macOS WK2.

Reverted changeset:

"Use no-cache fetch mode when loading main documents with

1:47 PM Changeset in webkit [226658] by msaboff@apple.com
  • 8 edits in trunk/Source

Unreviewed, rolling out r226600 and r226603

Add a DOM gadget for Spectre testing

  • runtime/Options.h:
  • dom/Comment.cpp:

(WebCore::Comment::setReadLength): Deleted.
(WebCore::Comment::charCodeAt): Deleted.
(WebCore::Comment::clflushReadLength): Deleted.

  • dom/Comment.h:
  • dom/Comment.idl:
  • page/RuntimeEnabledFeatures.cpp:

(WebCore::RuntimeEnabledFeatures::spectreGadgetsEnabled const): Deleted.

  • page/RuntimeEnabledFeatures.h:
1:17 PM Changeset in webkit [226657] by don.olmstead@sony.com
  • 35 edits in trunk/Source/WebCore

Add additional WEBCORE_EXPORTs

Reviewed by Alex Christensen.

No new tests. No change in behavior.

  • dom/Document.h:
  • dom/ViewportArguments.h:
  • page/DOMWindow.h:
  • page/FrameView.h:
  • page/PageOverlayController.h:
  • platform/ContextMenuItem.h:
  • platform/Pasteboard.h:
  • platform/SharedBuffer.h:
  • platform/UserAgent.h:
  • platform/graphics/GLContext.h:
  • platform/graphics/GraphicsContext.h:
  • platform/graphics/GraphicsLayerTransform.h:
  • platform/graphics/PlatformDisplay.h:
  • platform/graphics/cairo/BackingStoreBackendCairoImpl.h:
  • platform/graphics/cairo/PlatformContextCairo.h:
  • platform/graphics/cairo/RefPtrCairo.h:
  • platform/graphics/nicosia/NicosiaBuffer.h:
  • platform/graphics/nicosia/NicosiaPaintingEngine.h:
  • platform/graphics/texmap/TextureMapper.h:
  • platform/graphics/texmap/TextureMapperAnimation.h:
  • platform/graphics/texmap/TextureMapperBackingStore.h:
  • platform/graphics/texmap/TextureMapperFPSCounter.h:
  • platform/graphics/texmap/TextureMapperLayer.h:

(WebCore::TextureMapperLayer::TextureMapperLayer): Deleted.
(WebCore::TextureMapperLayer::setID): Deleted.
(WebCore::TextureMapperLayer::id): Deleted.
(WebCore::TextureMapperLayer:: const): Deleted.
(WebCore::TextureMapperLayer::setScrollClient): Deleted.
(WebCore::TextureMapperLayer::setIsScrollable): Deleted.
(WebCore::TextureMapperLayer::isScrollable const): Deleted.
(WebCore::TextureMapperLayer::textureMapper const): Deleted.
(WebCore::TextureMapperLayer::setTextureMapper): Deleted.
(WebCore::TextureMapperLayer::drawsContent const): Deleted.
(WebCore::TextureMapperLayer::contentsAreVisible const): Deleted.
(WebCore::TextureMapperLayer::size const): Deleted.
(WebCore::TextureMapperLayer::opacity const): Deleted.
(WebCore::TextureMapperLayer::transform const): Deleted.
(WebCore::TextureMapperLayer::hasFilters const): Deleted.
(WebCore::TextureMapperLayer::isShowingRepaintCounter const): Deleted.
(WebCore::TextureMapperLayer::fixedToViewport const): Deleted.
(WebCore::TextureMapperLayer::rootLayer const): Deleted.
(WebCore::TextureMapperLayer::texture): Deleted.
(WebCore::TextureMapperLayer::adjustedPosition const): Deleted.
(WebCore::TextureMapperLayer::layerRect const): Deleted.
(WebCore::TextureMapperLayer::State::State): Deleted.

  • platform/graphics/texmap/TextureMapperPlatformLayerProxy.h:
  • platform/graphics/texmap/TextureMapperTile.h:
  • platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:

(WebCore::CoordinatedGraphicsLayer::isScrollable const): Deleted.
(WebCore::CoordinatedGraphicsLayer::id const): Deleted.
(WebCore::CoordinatedGraphicsLayer::coverRect const): Deleted.
(WebCore::CoordinatedGraphicsLayer::fixedToViewport const): Deleted.

  • platform/graphics/texmap/coordinated/CoordinatedImageBacking.h:

(WebCore::CoordinatedImageBacking::id const): Deleted.

  • platform/graphics/texmap/coordinated/TiledBackingStore.h:
  • platform/graphics/texmap/coordinated/UpdateAtlas.h:
  • platform/network/AuthenticationChallengeBase.h:
  • platform/network/CredentialBase.h:
  • platform/network/ProtectionSpaceBase.h:
  • platform/network/curl/SocketStreamHandleImpl.h:
  • replay/UserInputBridge.h:
1:15 PM Changeset in webkit [226656] by commit-queue@webkit.org
  • 4 edits
    1 move
    1 add
    1 delete in trunk/Source/WebCore

[Curl] Move FormData related tasks into new CurlFormDataStream class.

Patch by Basuke Suzuki <Basuke Suzuki> on 2018-01-09
Reviewed by Alex Christensen.

No new tests because no behavior change.

  • platform/Curl.cmake:
  • platform/network/curl/CurlFormDataStream.cpp: Added.


  • platform/network/curl/CurlFormDataStream.h: Renamed from Source/WebCore/platform/network/curl/FormDataStreamCurl.h.


  • platform/network/curl/CurlRequest.cpp:

(WebCore::CurlRequest::resolveBlobReferences): Deleted.
(WebCore::CurlRequest::setupFormData): Deleted.

  • platform/network/curl/CurlRequest.h:
  • platform/network/curl/FormDataStreamCurl.cpp: Removed.
1:13 PM Changeset in webkit [226655] by sbarati@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

Reduce graph size by replacing terminal nodes in blocks that have a ForceOSRExit with Unreachable

Reviewed by Keith Miller.

When I was looking at profiler data for Speedometer, I noticed that one of
the hottest functions in Speedometer is around 1100 bytecode operations long.
Only about 100 of those bytecode ops ever execute. However, we ended up
spending a lot of time compiling basic blocks that never executed. We often
plant ForceOSRExit nodes when we parse bytecodes that have a null value profile.
This is the case when such a node never executes.

This patch makes it so that anytime a block has a ForceOSRExit, we replace its
terminal node with an Unreachable node (and remove all nodes after the
ForceOSRExit). This will cut down on graph size when such a block dominates
other blocks in the CFG. This allows us to get rid of huge chunks of the CFG
in certain programs. When doing this transformation, we also insert
Flushes/PhantomLocals to ensure we can recover values that are bytecode
live-in to the ForceOSRExit.

Using ForceOSRExit as the signal for this is a bit of a hack. It definitely
does not get rid of all the CFG that it could. If we decide it's worth
it, we could use additional inputs into this mechanism. For example, we could
profile if a basic block ever executes inside the LLInt/Baseline, and
remove parts of the CFG based on that.

When running Speedometer with the concurrent JIT turned off, this patch
improves DFG/FTL compile times by around 5%.

  • dfg/DFGByteCodeParser.cpp:


12:15 PM Changeset in webkit [226654] by Alan Bujtas
  • 7 edits
    2 adds in trunk/Source/WebCore

[RenderTreeBuilder] Move MathML addChild logic to RenderTreeBuilder

Reviewed by Antti Koivisto.

This is about moving code, no cleanup and/or normalization (unfortunately it also means
some temporary changes).

No change in functionality.

  • Sources.txt:
  • WebCore.xcodeproj/project.pbxproj:
  • rendering/mathml/RenderMathMLFenced.cpp:

(WebCore::RenderMathMLFenced::createMathMLOperator): Deleted.
(WebCore::RenderMathMLFenced::makeFences): Deleted.

  • rendering/mathml/RenderMathMLFenced.h:
  • rendering/updating/RenderTreeBuilder.cpp:


  • rendering/updating/RenderTreeBuilder.h:


11:27 AM Changeset in webkit [226653] by Antti Koivisto
  • 3 edits
    3 adds in trunk

Blank page except for inner iframes because pending stylesheets cause style.isNotFinal() to be true

Reviewed by Darin Adler.


Test: http/tests/local/loading-stylesheet-import-remove.html

If a <link> referencing a stylesheet containing an @import that was still loading was removed
from the document, the loading state was never cleared. For head stylesheets this blocked
rendering permanently.

Test reduction by Justin Ridgewell.

  • html/HTMLLinkElement.cpp:


Test if the stylesheet it loading before clearing the pointer.


  • http/tests/local/loading-stylesheet-import-remove.html: Added.
  • http/tests/local/loading-stylesheet-import-remove-expected.html: Added.
  • http/tests/local/resources/slow-import.css: Added.
11:14 AM Changeset in webkit [226652] by ddkilzer@apple.com
  • 4 edits in trunk/Tools

[webkitpy] PlatformInfo should have default argument for casual use

Patch by Basuke Suzuki <Basuke Suzuki> on 2018-01-09
Reviewed by David Kilzer.

PlatformInfo should be the only way to check platform specific thing instead
of sys.platform or other various checks. If there is something you want to check,
it should be placed in PlatformInfo.

Currently to instantiate PlatformInfo, it requires arguments, which is usually
sys, platform and Executive(). They are straight forward and should be handled
by default arguments. Then we can instantiate PlatformInfo more casual.

  • Scripts/webkitpy/common/system/platforminfo.py:

(PlatformInfo): Use relative module path import
(PlatformInfo.executive): Lazy instantiation of Executive()
(PlatformInfo.total_bytes_memory): Accessing via above property
(PlatformInfo.xcode_sdk_version): Ditto
(PlatformInfo.xcode_simctl_list): Ditto
(PlatformInfo.xcode_version): Ditto
(PlatformInfo._win_version_str): Ditto

  • Scripts/webkitpy/common/system/systemhost.py:


  • Scripts/webkitpy/common/system/user.py:


11:10 AM Changeset in webkit [226651] by commit-queue@webkit.org
  • 9 edits in trunk/LayoutTests

Make imported/w3c/web-platform-tests/service-workers/service-worker/fetch-canvas-tainting-cache.https.html robust to quota error

Patch by Youenn Fablet <youenn@apple.com> on 2018-01-09
Reviewed by Alex Christensen.


Ensure fetch event promise is resolved in case cache is used.
Ensure each cache entry is deleted to not hit any cache quota error.
Test was previously deleting the whole cache, but in WebKit, the quota
in such a case will only be updated when the cache is garbaged collected, which is not deterministic.
Make tests output more results to improve debugability.

  • web-platform-tests/service-workers/service-worker/fetch-canvas-tainting-cache.https.html:
  • web-platform-tests/service-workers/service-worker/fetch-canvas-tainting.https-expected.txt:
  • web-platform-tests/service-workers/service-worker/fetch-canvas-tainting.https.html:
  • web-platform-tests/service-workers/service-worker/resources/fetch-canvas-tainting-iframe.html:


10:49 AM Changeset in webkit [226650] by mark.lam@apple.com
  • 5 edits
    1 add in trunk

ASSERTION FAILED: pair.second->m_type & PropertyNode::Getter

Reviewed by Saam Barati.


  • stress/regress-181388.js: Added.


When there are duplicate setters or getters, we may end up overwriting a getter
with a setter, or vice versa. This patch adds tracking for getters/setters that
have been overwritten with duplicates and ignore them.

  • bytecompiler/NodesCodegen.cpp:


  • parser/NodeConstructors.h:


  • parser/Nodes.h:

(JSC::PropertyNode::isOverriddenByDuplicate const):

10:35 AM Changeset in webkit [226649] by mitz@apple.com
  • 8 copies
    1 add in releases/Apple/iOS 11.2.2

Added a tag for iOS 11.2.2.

10:32 AM Changeset in webkit [226648] by mitz@apple.com
  • 9 copies
    1 add in releases/Apple/Safari 11.0.2 (v. 11604. & 12604.

Added a tag for Safari 11.0.2 (v. 11604. & 12604.

10:29 AM Changeset in webkit [226647] by mitz@apple.com
  • 3 edits
    8 deletes in trunk/Source

Removed some empty directories that were left behind


  • src/third_party/murmurhash: Removed.
  • third_party: Removed.
  • third_party/deqp: Removed.


  • Modules/indieui: Removed.
  • Modules/vibration: Removed.
  • platform/graphics/ca/mac: Removed.
  • platform/mediastream/gstreamer: Removed.


  • WebProcess/Cookies/cf: Removed.
  • WebProcess/ios: Removed.
10:24 AM Changeset in webkit [226646] by commit-queue@webkit.org
  • 5 edits in trunk/LayoutTests

[iOS Debug WK2] Layout Test imported/w3c/web-platform-tests/service-workers/service-worker/register-closed-window.https.html is flaky

Patch by Youenn Fablet <youenn@apple.com> on 2018-01-09
Reviewed by Chris Dumez.


Updated test to get a more deterministic output.

  • web-platform-tests/service-workers/service-worker/register-closed-window.https-expected.txt:
  • web-platform-tests/service-workers/service-worker/resources/register-closed-window-iframe.html:


  • platform/ios-wk2/TestExpectations: Removed flaky expectation.
9:55 AM Changeset in webkit [226645] by graouts@webkit.org
  • 5 edits in trunk/Source/WebCore

Refactor timing function solving code

Reviewed by Dean Jackson.

We have duplicated code to solve "cubic" and "steps" timing functions in AnimationBase and TextureMapperAnimation,
and we will soon need similar code to deal with timing functions in Web Animations. We move this code into TimingFunction
with a single transformTime() function that can be called directly on the timing function rather than having callers
figure out what type timing functions are to solve them.

No test as there shouldn't be any behavior change.

  • page/animation/AnimationBase.cpp:

(WebCore::AnimationBase::progress const):
(WebCore::solveEpsilon): Deleted.
(WebCore::solveCubicBezierFunction): Deleted.
(WebCore::solveStepsFunction): Deleted.
(WebCore::solveSpringFunction): Deleted.

  • platform/animation/TimingFunction.cpp:

(WebCore::TimingFunction::transformTime const):

  • platform/animation/TimingFunction.h:
  • platform/graphics/texmap/TextureMapperAnimation.cpp:

(WebCore::solveEpsilon): Deleted.
(WebCore::solveCubicBezierFunction): Deleted.
(WebCore::solveStepsFunction): Deleted.
(WebCore::applyTimingFunction): Deleted.

9:54 AM Changeset in webkit [226644] by timothy_horton@apple.com
  • 4 edits in trunk/Source/WebKit

Don't record dynamic spelling corrections while in an ephemeral browsing session

Dynamic spelling correction responses are kept on disk. Avoid recording
these responses when in an ephemeral session.

Reviewed by Tim Horton and Wenson Hsieh.

  • UIProcess/mac/CorrectionPanel.h:
  • UIProcess/mac/CorrectionPanel.mm:


Add a WebViewImpl parameter so we can query the current session.
Return early before recording the response if the session is


Update a caller to include the new parameter.

  • UIProcess/mac/PageClientImplMac.mm:



9:20 AM Changeset in webkit [226643] by jmarcell@apple.com
  • 42 edits in tags/Safari-605.1.20

Revert r226432. rdar://problem/10353542

9:20 AM Changeset in webkit [226642] by jmarcell@apple.com
  • 2 edits in tags/Safari-605.1.20/Tools

Revert r226441. rdar://problem/10353542

9:20 AM Changeset in webkit [226641] by jmarcell@apple.com
  • 2 edits in tags/Safari-605.1.20/Tools

Revert r226450. rdar://problem/10353542

9:13 AM Changeset in webkit [226640] by Michael Catanzaro
  • 2 edits in trunk/Source/WebCore

Unreviewed, silence -Wunused-parameter warning

  • testing/js/WebCoreTestSupport.cpp:


8:50 AM Changeset in webkit [226639] by commit-queue@webkit.org
  • 5 edits
    5 adds in trunk/LayoutTests

[EME] Add layout test for clearKey CENC message event

Patch by Yacine Bandou <yacine.bandou_ext@softathome.com> on 2018-01-09
Reviewed by Xabier Rodriguez-Calvar.

Tests the reception of clearKey message event after the encrypted event and checks its KeyID.
There are two tests: one with MSE playback and another with regular playback.

  • media/encrypted-media/clearKey/clearKey-message-cenc-event-expected.txt: Added.
  • media/encrypted-media/clearKey/clearKey-message-cenc-event-mse-expected.txt: Added.
  • media/encrypted-media/clearKey/clearKey-message-cenc-event-mse.html: Added.

Test with MSE playback.

  • media/encrypted-media/clearKey/clearKey-message-cenc-event.html: Added.

Test with regular playback.

  • media/encrypted-media/clearKey/encrypted-media-clearKey-handler.js: Added.

This JavaScript file provides a simple clearKey EME implementation, checks the EME support, handles the "encrypted", "message" and
"keystatuseschange" events, and updates the CDM session with the right keys.
This implementation allows to play an encrypted media (video or audio or both), it is used in this test by overloading the "onMessage" callback
by an other function that checks the 'message' event and stops the test.

  • media/encrypted-media/medias-enc.js:

I take this opportunity to introduce some fixes:
Rename "mimetype" field to "mimeType", this field is only used in "clearKey-encrypted-cenc-event-mse.html",
thus it is easy to change it now.
Change the KeyID of the encrypted video with the right value, it is used for first time in this test.

  • media/media-source/media-source-loader-simple.js:

Use "mimeType" instead of "mimetype" as it is modified in "medias-enc.js".

  • platform/gtk/TestExpectations:
  • platform/mac/TestExpectations:
  • platform/wpe/TestExpectations:
8:45 AM WebKitGTK/2.18.x edited by Michael Catanzaro
8:44 AM Changeset in webkit [226638] by commit-queue@webkit.org
  • 5 edits in trunk

Check Image::m_image is not null in ImageLoader::decode()

Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2018-01-09
Reviewed by Tim Horton.


Ensure ImageLoader::m_image is not null before referencing it.

  • loader/ImageLoader.cpp:



Add a new rejected case for decoding an image with an invalid URL.

  • fast/images/decode-static-image-reject-expected.txt:
  • fast/images/decode-static-image-reject.html:
8:44 AM WebKitGTK/2.18.x edited by Michael Catanzaro
8:30 AM Changeset in webkit [226637] by Carlos Garcia Campos
  • 1 copy in releases/WebKitGTK/webkit-2.19.5

WebKitGTK+ 2.19.5

8:29 AM Changeset in webkit [226636] by Carlos Garcia Campos
  • 4 edits in trunk

Unreviewed. Update OptionsGTK.cmake and NEWS for 2.19.5 release.


  • Source/cmake/OptionsGTK.cmake: Bump version numbers.


  • gtk/NEWS: Add release notes for 2.19.5.
8:23 AM Changeset in webkit [226635] by Yusuke Suzuki
  • 2 edits in trunk/Source/WebCore

[FreeType] Use FastMalloc for FreeType

Reviewed by Michael Catanzaro.

Add custom memory allocator for FreeType to use FastMalloc.

  • platform/graphics/freetype/FontCustomPlatformDataFreeType.cpp:


8:15 AM Changeset in webkit [226634] by Alan Bujtas
  • 8 edits in trunk/Source/WebCore

[RenderTreeBuilder] Move RenderTable* addChild mutation logic to RenderTreeBuilder

Reviewed by Antti Koivisto.

This is about moving code, no cleanup and/or normalization (unfortunately it also means
some temporary changes).

Covered by existing tests.

  • rendering/RenderTable.cpp:


  • rendering/RenderTableRow.cpp:


  • rendering/RenderTableSection.cpp:


  • rendering/updating/RenderTreeBuilder.cpp:


  • rendering/updating/RenderTreeBuilder.h:
  • rendering/updating/RenderTreeBuilderTable.cpp:


  • rendering/updating/RenderTreeBuilderTable.h:
7:53 AM Changeset in webkit [226633] by Carlos Garcia Campos
  • 3 edits in trunk/Source/WebKit

[GTK] Missing symbols exported in 2.19.4

Reviewed by Michael Catanzaro.

Add missing WEBKIT_API to webkit_dom_dom_window_webkit_message_handlers_post_message().

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMDOMWindow.h:
  • webkitglib-symbols.map: Remove webkit_media_player_debug from local.
7:22 AM Changeset in webkit [226632] by Alan Bujtas
  • 7 edits in trunk/Source/WebCore

[RenderTreeBuilder] Transition Render*::addChild() calls to RenderTreeBuilder::insertChildToRender*()

Reviewed by Antti Koivisto.

Eventually all mutation will be going through the RenderTreeBuilder.

No change in functionality.

  • rendering/RenderGrid.cpp:


  • rendering/RenderMultiColumnFlow.cpp:


  • rendering/RenderRubyRun.cpp:


  • rendering/updating/RenderTreeBuilderBlockFlow.cpp:


  • rendering/updating/RenderTreeBuilderMultiColumn.cpp:


  • rendering/updating/RenderTreeBuilderRuby.cpp:


7:05 AM Changeset in webkit [226631] by commit-queue@webkit.org
  • 2 edits in trunk/LayoutTests

Mark imported/w3c/web-platform-tests/viewport/viewport-resize-event-on-load-overflowing-page.html as flaky

Patch by Ali Juma <ajuma@chromium.org> on 2018-01-09
Reviewed by Frédéric Wang.

Test gardening.

Mark test that seems to have timing issues as flaky.

6:43 AM Changeset in webkit [226630] by Philippe Normand
  • 2 edits in trunk/Source/WebCore

[GStreamer] Ensure SleepDisabler is not held by pages in page cache

Reviewed by Eric Carlson.

The sleep disabler is now checked again whenever the media player
playback state or other characteristic has changed in the media

  • html/HTMLMediaElement.cpp:

Check if the sleep disabler state needs to be updated or not.
(WebCore::HTMLMediaElement::mediaPlayerCharacteristicChanged): Ditto.
(WebCore::HTMLMediaElement::shouldDisableSleep const): Enable
sleep disabler for GTK and WPE ports.

5:59 AM Changeset in webkit [226629] by Philippe Normand
  • 3 edits in trunk/Source/WebCore

[GStreamer] Missing notifications to player client

Reviewed by Carlos Garcia Campos.

We now properly emit playback state changes and characteristic
updates to the client when the pipeline state changes and when
audio/video tracks changes are detected.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

(WebCore::MediaPlayerPrivateGStreamer::playbackPosition const):
This debug message appears too often in logs. Demote.
(WebCore::MediaPlayerPrivateGStreamer::durationMediaTime const): Ditto.
(WebCore::MediaPlayerPrivateGStreamer::notifyPlayerOfVideo): Emit
charasteristicChanged notification.
(WebCore::MediaPlayerPrivateGStreamer::notifyPlayerOfAudio): Ditto.
(WebCore::MediaPlayerPrivateGStreamer::updateStates): Keep track
of old and current pipeline state.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
5:57 AM Changeset in webkit [226628] by commit-queue@webkit.org
  • 24 edits in trunk

Add CSP support to service workers

Patch by Youenn Fablet <youenn@apple.com> on 2018-01-09
Reviewed by Chris Dumez.


  • web-platform-tests/service-workers/service-worker/service-worker-csp-connect.https-expected.txt:
  • web-platform-tests/service-workers/service-worker/service-worker-csp-default.https-expected.txt:
  • web-platform-tests/service-workers/service-worker/service-worker-csp-script.https-expected.txt:


Covered by rebased tests.

Added recovery of CSP information from WorkerScriptLoader.
Added plumbing to pass the CSP information to Service Workers.
Did not add persistency support for the CSP information as this requires changing the SQL database schema.
This will be done in a follow-up.

  • workers/WorkerScriptLoader.cpp:


  • workers/WorkerScriptLoader.h:

(WebCore::WorkerScriptLoader::contentSecurityPolicy const):

  • workers/service/SWClientConnection.cpp:


  • workers/service/SWClientConnection.h:
  • workers/service/ServiceWorkerContainer.cpp:


  • workers/service/ServiceWorkerContainer.h:
  • workers/service/ServiceWorkerContextData.cpp:

(WebCore::ServiceWorkerContextData::isolatedCopy const):

  • workers/service/ServiceWorkerContextData.h:

(WebCore::ServiceWorkerContextData::encode const):

  • workers/service/ServiceWorkerFetchResult.h:

(WebCore::ServiceWorkerFetchResult::encode const):

  • workers/service/ServiceWorkerGlobalScope.cpp:


  • workers/service/ServiceWorkerGlobalScope.h:
  • workers/service/ServiceWorkerJob.cpp:


  • workers/service/ServiceWorkerJobClient.h:
  • workers/service/context/ServiceWorkerThread.cpp:


  • workers/service/server/RegistrationDatabase.cpp:


  • workers/service/server/SWServer.cpp:


  • workers/service/server/SWServer.h:
  • workers/service/server/SWServerJobQueue.cpp:


  • workers/service/server/SWServerWorker.cpp:

(WebCore::SWServerWorker::contextData const):

  • workers/service/server/SWServerWorker.h:
5:11 AM Changeset in webkit [226627] by commit-queue@webkit.org
  • 3 edits in trunk/Source/WebCore

Provide a method to obtain a CSS value from a RenderStyle by CSSPropertyID

Patch by Antoine Quint <Antoine Quint> on 2018-01-09
Reviewed by Antti Koivisto.

The KeyframeEffect.getKeyframes() method from Web Animations requires that we return all styles applied at a given
animation effect keyframe. When we parse keyframes, we create RenderStyle objects that are stored in a KeyframeList,
as well as a list of CSSPropertyIDs that are animated. In order to provide the list of animated properties and their
values when calling getKeyframes(), we need to be able to read back from the RenderStyle we create. As a first step
towards this goal, we factor some code in ComputedStyleExtractor::propertyValue() out into a new method
ComputedStyleExtractor::valueForPropertyinStyle() which takes in an explicit RenderStyle.

No test as this is simply refactoring that doesn't change or add behavior.

  • css/CSSComputedStyleDeclaration.cpp:


  • css/CSSComputedStyleDeclaration.h:
4:48 AM Changeset in webkit [226626] by commit-queue@webkit.org
  • 12 edits in trunk/Source

SWClientConnection should not keep references to service worker jobs

Patch by Youenn Fablet <youenn@apple.com> on 2018-01-09
Reviewed by Chris Dumez.


Difficult to test determiniscally but corresponding crash log should no longer happen in debug builds.

Stopped passing ServiceWorkerJob references from ServiceWorkerContainer (potentially in service worker thread) to SWClientConnection (main thread).
Instead pass job identifiers and related data to the main thread.

Minor refactoring to use ServiceWorkerJobIdentifier instead of ServiceWorkerJobDataIdentifier which contains more data than needed.

  • workers/service/SWClientConnection.cpp:

(WebCore::SWClientConnection::finishedFetchingScript): Deleted.

  • workers/service/SWClientConnection.h:
  • workers/service/ServiceWorkerContainer.cpp:


  • workers/service/ServiceWorkerContainer.h:
  • workers/service/server/SWServer.cpp:


  • workers/service/server/SWServer.h:


Updated IPC handling based on WebCore refactoring.

  • Scripts/webkit/messages.py:


  • StorageProcess/ServiceWorker/WebSWServerConnection.cpp:


  • StorageProcess/ServiceWorker/WebSWServerConnection.h:
  • WebProcess/Storage/WebSWClientConnection.messages.in:
3:56 AM Changeset in webkit [226625] by Carlos Garcia Campos
  • 1 copy in releases/WebKitGTK/webkit-2.19.4

WebKitGTK+ 2.19.4

3:55 AM Changeset in webkit [226624] by Carlos Garcia Campos
  • 4 edits in trunk

Unreviewed. Update OptionsGTK.cmake and NEWS for 2.19.4 release.


  • Source/cmake/OptionsGTK.cmake: Bump version numbers.


  • gtk/NEWS: Add release notes for 2.19.4.
2:57 AM Changeset in webkit [226623] by Carlos Garcia Campos
  • 2 edits in trunk/Source/WebCore

REGRESSION(r224460): Text fields sometimes get "messed up"

Reviewed by Zalan Bujtas.

Add the scroll position to paint offset before computing the clip rectangle. Before r224460, scroll position was
substracted after the clip rectangle was computed.

  • rendering/LayoutState.cpp:


2:53 AM Changeset in webkit [226622] by commit-queue@webkit.org
  • 16 edits
    6 adds in trunk

Implement VisualViewport API events

Patch by Ali Juma <ajuma@chromium.org> on 2018-01-09
Reviewed by Frédéric Wang.


Update expectation for a viewport WPT that now passes.

  • web-platform-tests/viewport/viewport-resize-event-on-load-overflowing-page-expected.txt:


Implement the events (resize and scroll) defined by the Visual Viewport API

This is behind the VisualViewportAPI experimental feature flag.

In order to detect when events need to be fired, change the computation of
Visual Viewport attributes to happen whenever the layout viewport is updated
rather than only on-demand.

Tests: fast/visual-viewport/resize-event-fired-window-resized.html


  • dom/Document.cpp:

Add support for tracking resize event listeners.

  • dom/Document.h:
  • dom/DocumentEventQueue.cpp:

Factored out of enqueueOrDispatchScrollEvent so that this logic can be reused
for Visual Viewport scroll events.

  • dom/DocumentEventQueue.h:
  • page/FrameView.cpp:


  • page/VisualViewport.cpp:

(WebCore::VisualViewport::offsetLeft const):
Remove attribute computation logic since this now happens during update().
(WebCore::VisualViewport::offsetTop const): Ditto.
(WebCore::VisualViewport::pageLeft const): Ditto.
(WebCore::VisualViewport::pageTop const): Ditto.
(WebCore::VisualViewport::width const): Ditto.
(WebCore::VisualViewport::height const): Ditto.
(WebCore::VisualViewport::scale const):
Added. Computes all of the Visual Viewport attributes and determines
whether events need to be fired.
(WebCore::getFrameViewAndLayoutIfNonNull): Deleted.

  • page/VisualViewport.h:


Change the default value of the VisualViewportAPI experimental feature flag to
DEFAULT_EXPERIMENTAL_FEATURES_ENABLED. This patch completes the implementation
of this feature as specified by https://wicg.github.io/visual-viewport/, so this
feature is now ready for wider testing.

  • Shared/WebPreferences.yaml:


Add tests for Visual Viewport API events. Test that a resize event is fired after
pinch zoom and after window resize, and test that a scroll event is fired when the
visual viewport is scrolled.

  • fast/visual-viewport/resize-event-fired-expected.txt: Added.
  • fast/visual-viewport/resize-event-fired-window-resized-expected.txt: Added.
  • fast/visual-viewport/resize-event-fired-window-resized.html: Added.
  • fast/visual-viewport/resize-event-fired.html: Added.
  • fast/visual-viewport/scroll-event-fired-expected.txt: Added.
  • fast/visual-viewport/scroll-event-fired.html: Added.
  • platform/gtk/TestExpectations:

Skipped tests that use UIScriptController::zoomToScale, since this isn't implemented on GTK.

  • platform/ios/TestExpectations:

Skipped test that resizes a window, since this isn't supported on iOS.

  • platform/win/TestExpectations:

Skipped tests that use UIScriptController::zoomToScale, since this isn't implemented on Windows.

2:02 AM Changeset in webkit [226621] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebCore

[EME] Add the CENC initData support in ClearKey CDM

Patch by Yacine Bandou <yacine.bandou_ext@softathome.com> on 2018-01-09
Reviewed by Xabier Rodriguez-Calvar.

Add the "cenc" initDataType support in ClearKey CDM.
Parse the CENC initData and extract the KIDs by following the W3C spec

Tests: media/encrypted-media/clearKey/clearKey-message-cenc-event.html


  • platform/encryptedmedia/clearkey/CDMClearKey.cpp:

(WebCore::CDMPrivateClearKey::supportsInitDataType const):
(WebCore::CDMPrivateClearKey::supportsInitData const):

1:52 AM Changeset in webkit [226620] by zandobersek@gmail.com
  • 5 edits in trunk/Source/WebCore

[Cairo] Pass state values directly to Cairo operations

Reviewed by Carlos Garcia Campos.

Instead of passing reference to the GraphicsContextState object to
various Cairo operations, only pass the required state values. This
makes it explicit what state values are used in these operations, at the
expense of some long parameter lists, but this will be better addressed
by future refactoring of this code into more concise functions.

No new tests -- no change in functionality.

  • platform/graphics/cairo/CairoOperations.cpp:


  • platform/graphics/cairo/CairoOperations.h:
  • platform/graphics/cairo/FontCairo.cpp:


  • platform/graphics/cairo/GraphicsContextCairo.cpp:


1:29 AM Changeset in webkit [226619] by commit-queue@webkit.org
  • 2 edits in trunk/Tools

[Win] Remove workaround for Bug 176442 after stopping MSVC 2015 support

Patch by Yoshiaki Jitsukawa <Yoshiaki.Jitsukawa@sony.com> on 2018-01-09
Reviewed by Darin Adler.

  • TestWebKitAPI/Tests/WTF/PriorityQueue.cpp:


1:05 AM Changeset in webkit [226618] by fred.wang@free.fr
  • 3 edits in trunk/Tools

check-webkit-style: Verify syntax for WK_API_AVAILABLE

Patch by Frederic Wang <fwang@igalia.com.fr> on 2018-01-09
Reviewed by Darin Adler.

A common syntax error for WK_API_AVAILABLE is to write ios(WK_MAC_TBA)
as the second parameter instead of ios(WK_IOS_TBA). This generally
builds for iOS on EWS but not when using the public SDK. See r224057,
r223207 and r226211 for example. This patch adds a basic style check
for that macro to prevent this kind of mistake.

  • Scripts/webkitpy/style/checkers/cpp.py:

(check_min_versions_of_wk_api_available): New function to verify the parameters of WX_API_AVAILABLE.
(check_style): Run new style check.
(CppChecker): Add build type for the new style check.

  • Scripts/webkitpy/style/checkers/cpp_unittest.py:

(WebKitStyleTest.test_min_versions_of_wk_api_available): Add tests for the new style check.

12:34 AM Changeset in webkit [226617] by rniwa@webkit.org
  • 5 edits
    2 adds in trunk

Release assert in addResourceTiming when a cache resource is requested during style recalc

Reviewed by Simon Fraser.


Make the dispatching of resourcetimingbufferfull event asynchronous to avoid dispatching it
synchronously during a style resolution when CachedResourceLoader::requestImage requests
a previously loaded image.

We now schedule a timer when the resource timing buffer becomes full, and dispatch the event
when the timer fires. Meanwhile, we have a backup buffer to which additional resource timing
entries would be added. Once the event is dispatched, we refill the buffer exposed to author
scripts. When refilling the buffer results in it becoming full again, we keep repeating the
process of firing resourcetimingbufferfull and re-filling the buffer until either we stop
making progress (i.e. the script didn't increase the number of empty entires in the buffer)
or the backup buffer (at the time we started this process) becomes empty.

Also fixed a bug that we were firing resourcetimingbufferfull event when the last entry that
fits within the buffer size was added instead of when an entry is being added to an already
full buffer. To make this work, the patch introduces m_resourceTimingBufferFullFlag,
representing the concept "resource timing buffer full" flag in the resource timing specification.

Test: http/tests/performance/performance-resource-timing-resourcetimingbufferfull-crash.html

  • page/Performance.cpp:


  • page/Performance.h:


Added a regression test for the crash.

Also fixed test cases in rt-performance-extensions.js which were incorrectly asserting and assuming that
resourcetimingbufferfull event will be fired when there are exactly the same number of entries as the buffer size.

  • http/tests/performance/performance-resource-timing-resourcetimingbufferfull -crash-expected.txt: Added.
  • http/tests/performance/performance-resource-timing-resourcetimingbufferfull-crash.html: Added.
  • http/wpt/resource-timing/rt-performance-extensions.js: Fixed the test cases.
Note: See TracTimeline for information about the timeline view.