Timeline



Oct 28, 2018:

11:48 PM Changeset in webkit [237541] by zandobersek@gmail.com
  • 8 edits
    2 adds
    1 delete in trunk

[WPE] Add the WebKitVersion.h header
https://bugs.webkit.org/show_bug.cgi?id=191015

Reviewed by Michael Catanzaro.

Source/WebKit:

Add the WebKitVersion.h API header for the WPE port. As with other
headers providing the GLib API, we have to provide a WPE-specific
version, but the implementation file can be shared with the GTK port,
and is moved under the UIProcess/API/glib/ directory accordingly.

  • PlatformWPE.cmake:
  • SourcesWPE.txt:
  • UIProcess/API/glib/WebKitVersion.cpp: Renamed from Source/WebKit/UIProcess/API/gtk/WebKitVersion.cpp.
  • UIProcess/API/wpe/WebKitVersion.h.in: Added.
  • UIProcess/API/wpe/webkit.h:

Tools:

  • MiniBrowser/wpe/main.cpp:

(automationStartedCallback): Remove the FIXME and finally enable the
webkit_application_info_set_version() call.

  • TestWebKitAPI/Tests/WebKitGLib/TestAutomationSession.cpp: Remove

this FIXME as well and remove the custom WEBKIT_*_VERSION macros.

10:58 PM Changeset in webkit [237540] by bshafiei@apple.com
  • 8 edits in tags/Safari-607.1.10.6/Source

Cherry-pick r237421. rdar://problem/45562620

[Web Animations] Turn Web Animations CSS Integration off by default
https://bugs.webkit.org/show_bug.cgi?id=190901

Reviewed by Dean Jackson.

Source/WebCore:

  • page/RuntimeEnabledFeatures.h:

Source/WebKit:

  • Shared/WebPreferences.yaml:

Source/WebKitLegacy/mac:

  • WebView/WebPreferences.mm: (+[WebPreferences initialize]):

Source/WebKitLegacy/win:

  • WebPreferences.cpp: (WebPreferences::initializeDefaultSettings):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@237421 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:56 PM Changeset in webkit [237539] by bshafiei@apple.com
  • 7 edits in tags/Safari-607.1.10.6/Source

Versioning.

10:52 PM Changeset in webkit [237538] by bshafiei@apple.com
  • 1 copy in tags/Safari-607.1.10.6

New tag.

10:33 PM Changeset in webkit [237537] by bshafiei@apple.com
  • 7 edits in branches/safari-606-branch/Source/WebCore

Cherry-pick r237466. rdar://problem/45562436

Use dark appearance scrollbar when page background is dark or document supports dark mode.
https://bugs.webkit.org/show_bug.cgi?id=190937
rdar://problem/41225839

Reviewed by Beth Dakin.

Source/WebCore:

  • page/FrameView.cpp: (WebCore::FrameView::useDarkAppearance const): Added. Ask the document. (WebCore::FrameView::paintScrollCorner): Set LocalDefaultSystemAppearance based on the scrollbar overlay style too.
  • page/FrameView.h:
  • platform/ScrollableArea.h: (WebCore::ScrollableArea::useDarkAppearance const): Added. Default to false.
  • platform/mac/ScrollAnimatorMac.mm: (-[WebScrollerImpDelegate effectiveAppearanceForScrollerImp:]): Added. Ask the ScrollableArea if a dark appearance is desired.

Source/WebCore/PAL:

  • pal/spi/mac/NSScrollerImpSPI.h: Added effectiveAppearanceForScrollerImp:.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@237466 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7:01 PM Changeset in webkit [237536] by Fujii Hironori
  • 3 edits in trunk/Tools

[Win] Remove obsolete code for vcxproj builds in build-api-tests and build-jsc
https://bugs.webkit.org/show_bug.cgi?id=190948

Reviewed by Brent Fulgham.

vcxproj files have been removed in Bug 154388.

  • Scripts/build-api-tests: Removed obsolete code to build vcproj.
  • Scripts/build-jsc:

(buildMyProject): Ditto. Removed a condition of buiding bmalloc
which is not used because Windows ports are using CMake.

5:03 PM Changeset in webkit [237535] by bshafiei@apple.com
  • 13 edits in branches/safari-606-branch

Cherry-pick r237060. rdar://problem/45435468

IOS 12 - Service worker cache not shared when added to homescreen
https://bugs.webkit.org/show_bug.cgi?id=190269
<rdar://problem/45009961>

Reviewed by Alex Christensen.

Source/WebCore:

Expose Cache Storage API when Service Worker API is exposed.
This is used for API tests.

  • dom/ScriptExecutionContext.h: Make hasServiceWorkerScheme available outside SERVICE_WORKER compilation flag since used by DOMWindowCaches.
  • dom/ScriptExecutionContext.cpp: Ditto.
  • Modules/cache/DOMWindowCaches.idl:

Source/WebKit:

NetworkProcessProxy does not always have all its stores in its hash map.
Make sure to check for the default web process pool store when grabbing cache storage parameters from a given session ID.

Add a way to remove the default website data for testing.
This is used in the new API test.

  • UIProcess/API/APIWebsiteDataStore.cpp: (API::WebsiteDataStore::deleteDefaultDataStoreForTesting):
  • UIProcess/API/APIWebsiteDataStore.h:
  • UIProcess/API/Cocoa/WKWebsiteDataStore.mm: (+[WKWebsiteDataStore _deleteDefaultDataStoreForTesting]):
  • UIProcess/API/Cocoa/WKWebsiteDataStorePrivate.h:
  • UIProcess/Network/NetworkProcessProxy.cpp: (WebKit::NetworkProcessProxy::retrieveCacheStorageParameters):

Tools:

  • TestWebKitAPI/Tests/WebKitCocoa/ServiceWorkerBasic.mm: Add test to ensure that CacheStorage use the default website data store parameters.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@237060 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4:01 PM Changeset in webkit [237534] by Adrian Perez de Castro
  • 2 edits in releases/WebKitGTK/webkit-2.22/Source/WebKit

Merged r235908 - Unreviewed, attempt to fix Apple builds after r235903
https://bugs.webkit.org/show_bug.cgi?id=188872

If it really needs to be inlined, it will need to move to the header....

  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::pageClient const):

4:01 PM Changeset in webkit [237533] by Adrian Perez de Castro
  • 2 edits in releases/WebKitGTK/webkit-2.22/Source/WebKit

Merged r235907 - Unreviewed, fix build after r235903
https://bugs.webkit.org/show_bug.cgi?id=188872

This broke all ports except GTK. Need to add a missing header.

  • UIProcess/PageClient.h:
4:01 PM Changeset in webkit [237532] by Adrian Perez de Castro
  • 11 edits in releases/WebKitGTK/webkit-2.22/Source/WebKit

Merged r235903 - WebPageProxy should hold a WeakPtr to its PageClient
https://bugs.webkit.org/show_bug.cgi?id=188872

Reviewed by Ryosuke Niwa.

This ensures the PageClient reference is always valid when used.

  • UIProcess/Cocoa/WebPageProxyCocoa.mm:

(WebKit::WebPageProxy::startDrag):
(WebKit::WebPageProxy::setDragCaretRect):

  • UIProcess/PageClient.h:
  • UIProcess/WebPageProxy.cpp:

(WebKit::PageClientProtector::PageClientProtector):
(WebKit::PageClientProtector::~PageClientProtector):
(WebKit::WebPageProxy::WebPageProxy):
(WebKit::m_resetRecentCrashCountTimer):
(WebKit::WebPageProxy::pageClient const):
(WebKit::WebPageProxy::reattachToWebProcess):
(WebKit::WebPageProxy::initializeWebPage):
(WebKit::WebPageProxy::close):
(WebKit::WebPageProxy::didChangeBackForwardList):
(WebKit::WebPageProxy::willGoToBackForwardListItem):
(WebKit::WebPageProxy::shouldKeepCurrentBackForwardListItemInList):
(WebKit::WebPageProxy::setViewNeedsDisplay):
(WebKit::WebPageProxy::requestScroll):
(WebKit::WebPageProxy::viewScrollPosition const):
(WebKit::WebPageProxy::updateActivityState):
(WebKit::WebPageProxy::activityStateDidChange):
(WebKit::WebPageProxy::viewDidEnterWindow):
(WebKit::WebPageProxy::dispatchActivityStateChange):
(WebKit::WebPageProxy::layerHostingModeDidChange):
(WebKit::WebPageProxy::viewSize const):
(WebKit::WebPageProxy::startDrag):
(WebKit::WebPageProxy::didPerformDragOperation):
(WebKit::WebPageProxy::processNextQueuedMouseEvent):
(WebKit::WebPageProxy::findPlugin):
(WebKit::WebPageProxy::handleTouchEventSynchronously):
(WebKit::WebPageProxy::handleTouchEvent):
(WebKit::WebPageProxy::preferencesDidChange):
(WebKit::WebPageProxy::didCreateMainFrame):
(WebKit::WebPageProxy::didCreateSubframe):
(WebKit::WebPageProxy::didStartProgress):
(WebKit::WebPageProxy::didChangeProgress):
(WebKit::WebPageProxy::didFinishProgress):
(WebKit::WebPageProxy::didDestroyNavigation):
(WebKit::WebPageProxy::didStartProvisionalLoadForFrame):
(WebKit::WebPageProxy::didReceiveServerRedirectForProvisionalLoadForFrame):
(WebKit::WebPageProxy::willPerformClientRedirectForFrame):
(WebKit::WebPageProxy::didCancelClientRedirectForFrame):
(WebKit::WebPageProxy::didChangeProvisionalURLForFrame):
(WebKit::WebPageProxy::didFailProvisionalLoadForFrame):
(WebKit::WebPageProxy::didCommitLoadForFrame):
(WebKit::WebPageProxy::didFinishDocumentLoadForFrame):
(WebKit::WebPageProxy::didFinishLoadForFrame):
(WebKit::WebPageProxy::didFailLoadForFrame):
(WebKit::WebPageProxy::didSameDocumentNavigationForFrame):
(WebKit::WebPageProxy::didReceiveTitleForFrame):
(WebKit::WebPageProxy::didFirstVisuallyNonEmptyLayoutForFrame):
(WebKit::WebPageProxy::didReachLayoutMilestone):
(WebKit::WebPageProxy::didDisplayInsecureContentForFrame):
(WebKit::WebPageProxy::didRunInsecureContentForFrame):
(WebKit::WebPageProxy::frameDidBecomeFrameSet):
(WebKit::WebPageProxy::decidePolicyForNavigationAction):
(WebKit::WebPageProxy::decidePolicyForNewWindowAction):
(WebKit::WebPageProxy::decidePolicyForResponse):
(WebKit::WebPageProxy::unableToImplementPolicy):
(WebKit::WebPageProxy::didNavigateWithNavigationData):
(WebKit::WebPageProxy::didPerformClientRedirect):
(WebKit::WebPageProxy::didPerformServerRedirect):
(WebKit::WebPageProxy::didUpdateHistoryTitle):
(WebKit::WebPageProxy::closePage):
(WebKit::WebPageProxy::setWindowFrame):
(WebKit::WebPageProxy::getWindowFrame):
(WebKit::WebPageProxy::getWindowFrameWithCallback):
(WebKit::WebPageProxy::screenToRootView):
(WebKit::WebPageProxy::rootViewToScreen):
(WebKit::WebPageProxy::syncRootViewToScreen):
(WebKit::WebPageProxy::accessibilityScreenToRootView):
(WebKit::WebPageProxy::rootViewToAccessibilityScreen):
(WebKit::WebPageProxy::didChangeViewportProperties):
(WebKit::WebPageProxy::runOpenPanel):
(WebKit::WebPageProxy::showShareSheet):
(WebKit::WebPageProxy::handleDownloadRequest):
(WebKit::WebPageProxy::didChangeContentSize):
(WebKit::WebPageProxy::showColorPicker):
(WebKit::WebPageProxy::showDataListSuggestions):
(WebKit::WebPageProxy::compositionWasCanceled):
(WebKit::WebPageProxy::registerInsertionUndoGrouping):
(WebKit::WebPageProxy::canUndoRedo):
(WebKit::WebPageProxy::executeUndoRedo):
(WebKit::WebPageProxy::clearAllEditCommands):
(WebKit::WebPageProxy::setTextIndicator):
(WebKit::WebPageProxy::clearTextIndicator):
(WebKit::WebPageProxy::setTextIndicatorAnimationProgress):
(WebKit::WebPageProxy::showPopupMenu):
(WebKit::WebPageProxy::showContextMenu):
(WebKit::WebPageProxy::registerEditCommand):
(WebKit::WebPageProxy::canUndo):
(WebKit::WebPageProxy::canRedo):
(WebKit::WebPageProxy::setToolTip):
(WebKit::WebPageProxy::setCursor):
(WebKit::WebPageProxy::setCursorHiddenUntilMouseMoves):
(WebKit::WebPageProxy::didReceiveEvent):
(WebKit::WebPageProxy::resetState):
(WebKit::WebPageProxy::resetStateAfterProcessExited):
(WebKit::WebPageProxy::creationParameters):
(WebKit::WebPageProxy::enterAcceleratedCompositingMode):
(WebKit::WebPageProxy::exitAcceleratedCompositingMode):
(WebKit::WebPageProxy::updateAcceleratedCompositingMode):
(WebKit::WebPageProxy::requestGeolocationPermissionForFrame):
(WebKit::WebPageProxy::recommendedScrollbarStyleDidChange):
(WebKit::WebPageProxy::didChangeScrollOffsetPinningForMainFrame):
(WebKit::WebPageProxy::didFinishLoadingDataForCustomContentProvider):
(WebKit::WebPageProxy::updateBackingStoreDiscardableState):
(WebKit::WebPageProxy::showCorrectionPanel):
(WebKit::WebPageProxy::dismissCorrectionPanel):
(WebKit::WebPageProxy::dismissCorrectionPanelSoon):
(WebKit::WebPageProxy::recordAutocorrectionResponse):
(WebKit::WebPageProxy::useDarkAppearance const):
(WebKit::WebPageProxy::showDictationAlternativeUI):
(WebKit::WebPageProxy::removeDictationAlternatives):
(WebKit::WebPageProxy::dictationAlternatives):
(WebKit::WebPageProxy::setEditableElementIsFocused):
(WebKit::WebPageProxy::takeViewSnapshot):
(WebKit::WebPageProxy::wrapCryptoKey):
(WebKit::WebPageProxy::unwrapCryptoKey):
(WebKit::WebPageProxy::signedPublicKeyAndChallengeString):
(WebKit::WebPageProxy::navigationGestureDidBegin):
(WebKit::WebPageProxy::navigationGestureWillEnd):
(WebKit::WebPageProxy::navigationGestureDidEnd):
(WebKit::WebPageProxy::willRecordNavigationSnapshot):
(WebKit::WebPageProxy::navigationGestureSnapshotWasRemoved):
(WebKit::WebPageProxy::isPlayingMediaDidChange):
(WebKit::WebPageProxy::videoControlsManagerDidChange):
(WebKit::WebPageProxy::handleControlledElementIDResponse const):
(WebKit::WebPageProxy::didPerformImmediateActionHitTest):
(WebKit::WebPageProxy::immediateActionAnimationControllerForHitTestResult):
(WebKit::WebPageProxy::didHandleAcceptedCandidate):
(WebKit::WebPageProxy::addPlaybackTargetPickerClient):
(WebKit::WebPageProxy::removePlaybackTargetPickerClient):
(WebKit::WebPageProxy::showPlaybackTargetPicker):
(WebKit::WebPageProxy::playbackTargetPickerClientStateDidChange):
(WebKit::WebPageProxy::setMockMediaPlaybackTargetPickerEnabled):
(WebKit::WebPageProxy::setMockMediaPlaybackTargetPickerState):
(WebKit::WebPageProxy::didChangeBackgroundColor):
(WebKit::WebPageProxy::didRestoreScrollPosition):
(WebKit::WebPageProxy::userInterfaceLayoutDirection):
(WebKit::WebPageProxy::didInsertAttachment):
(WebKit::WebPageProxy::didRemoveAttachment):

  • UIProcess/WebPageProxy.h:
  • UIProcess/gstreamer/WebPageProxyGStreamer.cpp:

(WebKit::WebPageProxy::requestInstallMissingMediaPlugins):

  • UIProcess/gtk/WebPageProxyGtk.cpp:

(WebKit::WebPageProxy::viewWidget):
(WebKit::WebPageProxy::editorStateChanged):

  • UIProcess/ios/WebPageProxyIOS.mm:

(WebKit::WebPageProxy::computeCustomFixedPositionRect const):
(WebKit::WebPageProxy::overflowScrollViewWillStartPanGesture):
(WebKit::WebPageProxy::overflowScrollViewDidScroll):
(WebKit::WebPageProxy::overflowScrollWillStartScroll):
(WebKit::WebPageProxy::overflowScrollDidEndScroll):
(WebKit::WebPageProxy::didCommitLayerTree):
(WebKit::WebPageProxy::layerTreeCommitComplete):
(WebKit::WebPageProxy::didReceivePositionInformation):
(WebKit::WebPageProxy::saveImageToLibrary):
(WebKit::WebPageProxy::interpretKeyEvent):
(WebKit::WebPageProxy::registerWebProcessAccessibilityToken):
(WebKit::WebPageProxy::couldNotRestorePageState):
(WebKit::WebPageProxy::restorePageState):
(WebKit::WebPageProxy::restorePageCenterAndScale):
(WebKit::WebPageProxy::didGetTapHighlightGeometries):
(WebKit::WebPageProxy::startAssistingNode):
(WebKit::WebPageProxy::stopAssistingNode):
(WebKit::WebPageProxy::showInspectorHighlight):
(WebKit::WebPageProxy::hideInspectorHighlight):
(WebKit::WebPageProxy::showInspectorIndication):
(WebKit::WebPageProxy::hideInspectorIndication):
(WebKit::WebPageProxy::enableInspectorNodeSearch):
(WebKit::WebPageProxy::disableInspectorNodeSearch):
(WebKit::WebPageProxy::setAcceleratedCompositingRootLayer):
(WebKit::WebPageProxy::showPlaybackTargetPicker):
(WebKit::WebPageProxy::commitPotentialTapFailed):
(WebKit::WebPageProxy::didNotHandleTapAsClick):
(WebKit::WebPageProxy::didCompleteSyntheticClick):
(WebKit::WebPageProxy::disableDoubleTapGesturesDuringTapIfNecessary):
(WebKit::WebPageProxy::editorStateChanged):
(WebKit::WebPageProxy::showValidationMessage):
(WebKit::WebPageProxy::didHandleStartDataInteractionRequest):
(WebKit::WebPageProxy::didHandleAdditionalDragItemsRequest):
(WebKit::WebPageProxy::didConcludeEditDataInteraction):
(WebKit::WebPageProxy::didRequestPasswordForQuickLookDocumentInMainFrame):

  • UIProcess/mac/WebPageProxyMac.mm:

(WebKit::WebPageProxy::windowAndViewFramesChanged):
(WebKit::WebPageProxy::insertDictatedTextAsync):
(WebKit::WebPageProxy::setPromisedDataForImage):
(WebKit::WebPageProxy::didPerformDictionaryLookup):
(WebKit::WebPageProxy::registerWebProcessAccessibilityToken):
(WebKit::WebPageProxy::makeFirstResponder):
(WebKit::WebPageProxy::assistiveTechnologyMakeFirstResponder):
(WebKit::WebPageProxy::colorSpace):
(WebKit::WebPageProxy::pluginFocusOrWindowFocusChanged):
(WebKit::WebPageProxy::setPluginComplexTextInputState):
(WebKit::WebPageProxy::executeSavedCommandBySelector):
(WebKit::WebPageProxy::intrinsicContentSizeDidChange):
(WebKit::WebPageProxy::setAcceleratedCompositingRootLayer):
(WebKit::WebPageProxy::acceleratedCompositingRootLayer const):
(WebKit::WebPageProxy::showPDFContextMenu):
(WebKit::WebPageProxy::showTelephoneNumberMenu):
(WebKit::WebPageProxy::boundsOfLayerInLayerBackedWindowCoordinates const):
(WebKit::WebPageProxy::editorStateChanged):
(WebKit::WebPageProxy::startWindowDrag):
(WebKit::WebPageProxy::platformWindow):
(WebKit::WebPageProxy::rootViewToWindow):
(WebKit::WebPageProxy::showValidationMessage):
(WebKit::WebPageProxy::inspectorAttachmentView):
(WebKit::WebPageProxy::remoteObjectRegistry):

  • UIProcess/win/WebPageProxyWin.cpp:

(WebKit::WebPageProxy::viewWidget):

  • UIProcess/wpe/WebPageProxyWPE.cpp:

(WebKit::WebPageProxy::viewBackend):

1:40 PM Changeset in webkit [237531] by Michael Catanzaro
  • 2 edits in trunk/LayoutTests

Unreviewed, one more GTK expectations fix

  • platform/gtk/inspector/canvas/recording-bitmaprenderer-expected.txt:
1:38 PM Changeset in webkit [237530] by Michael Catanzaro
  • 2 edits in trunk/LayoutTests

Unreviewed, fix a few more expectations from yesterday

These should be timeouts!

  • platform/gtk/TestExpectations:
1:28 PM WebKitGTK/2.22.x edited by Adrian Perez de Castro
(diff)
1:28 PM WebKitGTK/2.22.x edited by Adrian Perez de Castro
(diff)
1:01 PM Changeset in webkit [237529] by Michael Catanzaro
  • 4 edits in trunk/LayoutTests

Unreviewed, attempt to fix missing trailing whitespace in new expectations

  • platform/gtk/imported/w3c/web-platform-tests/html/semantics/forms/constraints/form-validation-validity-badInput-expected.txt:
  • platform/gtk/imported/w3c/web-platform-tests/html/semantics/forms/constraints/form-validation-willValidate-expected.txt:
  • platform/gtk/imported/w3c/web-platform-tests/html/semantics/forms/the-input-element/selection-expected.txt:
12:38 PM Changeset in webkit [237528] by bshafiei@apple.com
  • 4 edits in branches/safari-606-branch/Source

Apply patch. rdar://problem/45523764

12:12 PM Changeset in webkit [237527] by bshafiei@apple.com
  • 5 edits
    5 adds in branches/safari-606-branch

Cherry-pick r237395. rdar://problem/45574503

Only report resource timing to parent frame for the first iframe load
https://bugs.webkit.org/show_bug.cgi?id=190498
<rdar://problem/44347398>

Reviewed by Youenn Fablet.

Source/WebCore:

Only the first iframe navigation or the first iframe navigation after about:blank should be reported.
https://www.w3.org/TR/resource-timing-2/#resources-included-in-the-performanceresourcetiming-interface

Test: http/tests/misc/resource-timing-navigation-in-restored-iframe.html

  • loader/FrameLoader.cpp: (WebCore::FrameLoader::loadWithDocumentLoader):
  • loader/FrameLoader.h: (WebCore::FrameLoader::shouldReportResourceTimingToParentFrame): (WebCore::FrameLoader::setShouldReportResourceTimingToParentFrame): Deleted.
  • loader/ResourceTimingInformation.cpp: (WebCore::ResourceTimingInformation::addResourceTiming):

LayoutTests:

The layout test is from Chromium change:
https://chromium-review.googlesource.com/c/chromium/src/+/1186215.

  • http/tests/misc/resource-timing-navigation-in-restored-iframe-expected.txt: Added.
  • http/tests/misc/resource-timing-navigation-in-restored-iframe.html: Added.
  • http/tests/misc/resources/alert-then-back.html: Added.
  • http/tests/misc/resources/navigate-on-message.html: Added.
  • http/tests/misc/resources/post-message-to-parent.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@237395 268f45cc-cd09-0410-ab3c-d52691b4dbfc

12:12 PM Changeset in webkit [237526] by bshafiei@apple.com
  • 1 edit
    1 add in branches/safari-606-branch/JSTests

Cherry-pick r237326. rdar://problem/45363533

DFGAbstractValue::m_arrayModes expects IndexingMode values, not IndexingType.
https://bugs.webkit.org/show_bug.cgi?id=190515
<rdar://problem/45222379>

Rubber-stamped by Saam Barati.

Adding another test.

  • stress/regress-190515-2.js: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@237326 268f45cc-cd09-0410-ab3c-d52691b4dbfc

12:12 PM Changeset in webkit [237525] by bshafiei@apple.com
  • 7 edits
    1 add in branches/safari-606-branch

Cherry-pick r237325. rdar://problem/45363533

DFGAbstractValue::m_arrayModes expects IndexingMode values, not IndexingType.
https://bugs.webkit.org/show_bug.cgi?id=190515
<rdar://problem/45222379>

Reviewed by Saam Barati.

JSTests:

  • stress/regress-190515.js: Added.

Source/JavaScriptCore:

  1. Fixes calls to asArrayModes() to take a structure's IndexingMode instead of IndexingType.
  1. DFG's compileNewArrayBuffer()'s HaveABadTime case was previously using the node's indexingType (instead of indexingMode) to choose the array structure to use for creating an array buffer with. This turns out to not be an issue because when the VM is in having a bad time, all the arrayStructureForIndexingTypeDuringAllocation structure pointers will point to the SlowPutArrayStorage structure anyway. However, to be strictly correct, we'll fix it to use the structure for the node's indexingMode.
  • dfg/DFGAbstractValue.cpp: (JSC::DFG::AbstractValue::set): (JSC::DFG::AbstractValue::mergeOSREntryValue):
  • dfg/DFGAbstractValue.h: (JSC::DFG::AbstractValue::validate const):
  • dfg/DFGOSRExit.cpp: (JSC::DFG::OSRExit::executeOSRExit):
  • dfg/DFGRegisteredStructureSet.cpp: (JSC::DFG::RegisteredStructureSet::arrayModesFromStructures const):
  • dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::compileNewArrayBuffer):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@237325 268f45cc-cd09-0410-ab3c-d52691b4dbfc

12:12 PM Changeset in webkit [237524] by bshafiei@apple.com
  • 12 edits
    2 adds in branches/safari-606-branch

Cherry-pick r237135. rdar://problem/45562440

[iOS] Can't select text after dismissing the keyboard when changing focus
https://bugs.webkit.org/show_bug.cgi?id=190563
<rdar://problem/44613559>

Reviewed by Tim Horton.

Source/WebKit:

In r230686, we switched from using UIWKSelectionAssistant to UIWKTextInteractionAssistant for handling selection
in non-editable content on iOS; as such, when an editable element loses focus, instead of switching from the
text interaction assistant to the web selection assistant as we've previously done, we now reset our text
interaction assistant by calling -[UIWKTextInteractionAssistant setGestureRecognizers], which removes all of
the current text selection gesture recognizers from WKContentView and regenerates them by building up a tree of
UITextInteractions and adding them to the assistant (see `-[UITextInteractionAssistant
addGestureRecognizersToView:]). In particular, _UITextSelectionForceGesture` is the gesture recognizer used to
trigger text selection when long pressing.

After dismissing the keyboard by tapping the "Done" button, the UITextInteractions and gesture recognizers on
the interaction assistant include:

<UITextInteraction>


<UITextIndirectNonEditableInteraction>

<_UIKeyboardBasedNonEditableTextSelectionInteraction>

↳ "_UIKeyboardTextSelectionGestureForcePress" → <_UITextSelectionForceGesture>

However, after the keyboard dismisses due to an editable element losing focus, the UITextInteractions on the
interaction assistant look like this:

<UITextInteraction>


<UITextIndirectNonEditableInteraction>

Subsequently, the lack of a _UIKeyboardBasedNonEditableTextSelectionInteraction makes text selection by long
pressing impossible, since the _UITextSelectionForceGesture is never introduced to WKContentView. In UIKit,
UITextIndirectNonEditableInteraction only adds _UIKeyboardBasedNonEditableTextSelectionInteraction as a
child if the text input view — in our case, WKContentView — is missing an input delegate (see -initWithView:).
In the case where the Done button is used to dismiss the keyboard, WKContentView loses first responder, and the
input delegate of WKContentView is cleared out early on, before we call -stopAssistingKeyboard:

-[WKContentView(WKInteraction) setInputDelegate:]
-[UIKeyboardImpl setDelegate:force:]
-[UIPeripheralHost(UIKitInternal) _reloadInputViewsForResponder:]
-[UIResponder _finishResignFirstResponder]
-[UIResponder resignFirstResponder]
-[WKContentView(WKInteraction) resignFirstResponderForWebView]
-[UIKeyboardImpl dismissKeyboard]

However, in the case where the focused element is blurred, we end up clearing out the delegate in
-_stopAssistingNode, *after* we've already called -setGestureRecognizers on the interaction assistant. This
means UIKit will skip adding _UIKeyboardBasedNonEditableTextSelectionInteraction to the text interaction
assistant.

-[WKContentView(WKInteraction) setInputDelegate:]
-[UIKeyboardImpl setDelegate:force:]
-[UIPeripheralHost(UIKitInternal) _reloadInputViewsForResponder:]
-[UIResponder(UIResponderInputViewAdditions) reloadInputViews]
-[WKContentView(WKInteraction) _stopAssistingNode]

To fix this, we simply reset our inputDelegate earlier in _stopAssistingKeyboard instead of waiting until
we reload input views. This ensures that UIKit sets up the text interaction assistant's gestures when changing
focus in the same way as we would when the keyboard is dismissed via -resignFirstResponder (e.g. when pressing
the Done button).

Test: editing/selection/ios/select-text-after-changing-focus.html

  • UIProcess/ios/WKContentViewInteraction.mm: (-[WKContentView setupInteraction]): (-[WKContentView setUpTextSelectionAssistant]): (-[WKContentView _startAssistingKeyboard]): (-[WKContentView _stopAssistingKeyboard]): (-[WKContentView useSelectionAssistantWithGranularity:]): Deleted.

Additionally rename this to -setUpTextSelectionAssistant and remove the selection granularity argument. This was
previously used to switch between web and text interaction assistants.

Tools:

  • DumpRenderTree/ios/UIScriptControllerIOS.mm: (WTR::UIScriptController::isShowingKeyboard const):

Add a new UIScriptController method that returns whether the keyboard is shown. See ui-helper.js for more
details.

  • TestRunnerShared/UIScriptContext/Bindings/UIScriptController.idl:
  • TestRunnerShared/UIScriptContext/UIScriptController.cpp: (WTR::UIScriptController::isShowingKeyboard const):
  • TestRunnerShared/UIScriptContext/UIScriptController.h:
  • WebKitTestRunner/cocoa/TestRunnerWKWebView.h:
  • WebKitTestRunner/cocoa/TestRunnerWKWebView.mm:

Also rename the isShowingKeyboard Objective-C property to the more canonical showingKeyboard, with
isShowingKeyboard as the getter method.

(-[TestRunnerWKWebView _invokeShowKeyboardCallbackIfNecessary]):
(-[TestRunnerWKWebView _invokeHideKeyboardCallbackIfNecessary]):

  • WebKitTestRunner/ios/UIScriptControllerIOS.mm: (WTR::UIScriptController::isShowingKeyboard const):

LayoutTests:

Add a new layout test to check that the user can make a selection by long pressing after the keyboard is
dismissed due to changing the focused element.

  • editing/selection/ios/select-text-after-changing-focus-expected.txt: Added.
  • editing/selection/ios/select-text-after-changing-focus.html: Added.
  • resources/ui-helper.js:

Also tweak the behavior of UIHelper.waitForKeyboardToHide(), so that it resolves immediately if the keyboard
is not shown. This allows us to ensure that tests which use UIHelper.waitForKeyboardToHide() are robust in the
case where they wait for another action to complete (e.g. a simulated tap) prior to registering a keyboard
hiding callback.

(window.UIHelper.waitForKeyboardToHide.return.new.Promise):
(window.UIHelper.waitForKeyboardToHide):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@237135 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:25 AM Changeset in webkit [237523] by bshafiei@apple.com
  • 7 edits in branches/safari-606-branch/Source

Versioning.

11:18 AM Changeset in webkit [237522] by ggaren@apple.com
  • 4 edits in trunk

HashMap should support selecting a random entry
https://bugs.webkit.org/show_bug.cgi?id=190814

Reviewed by Ryosuke Niwa.

Source/WTF:

  • wtf/HashTable.h:

(WTF::HashTable::random):
(WTF::HashTable::random const): Merge the empty and deleted checks, and
use more idiomatic addressing.

Tools:

  • TestWebKitAPI/Tests/WTF/HashMap.cpp: Renamed IsRandom to

IsEvenlyDistributed to reflect the fact that we're only testing the
distribution. Added a test case that covers more table densities and
the remove() operation.

7:44 AM WebKitGTK/2.22.x edited by Adrian Perez de Castro
(diff)
7:34 AM Changeset in webkit [237521] by aestes@apple.com
  • 8 edits in trunk

[Payment Request] Implement MerchantValidationEvent.methodName
https://bugs.webkit.org/show_bug.cgi?id=190058

Reviewed by Darin Adler.

LayoutTests/imported/w3c:

  • web-platform-tests/payment-request/MerchantValidationEvent/constructor.https-expected.txt:

Source/WebCore:

Implemented MerchantValidationEvent's methodName attribute and MerchantValidationEventInit's
methodName property as specified in the Payment Request API W3C Editor's Draft of
27 September 2018.

Covered by web-platform-tests/payment-request/MerchantValidationEvent/constructor.https.html.

  • Modules/applepay/paymentrequest/ApplePayPaymentHandler.cpp:

(WebCore::ApplePayPaymentHandler::validateMerchant): Passed the payment method identifier
(as a string) to MerchantValidationEvent::create()

  • Modules/paymentrequest/MerchantValidationEvent.cpp:

(WebCore::MerchantValidationEvent::create): Validated the methodName before constructing the
event, throwing a RangeError on failure.
(WebCore::MerchantValidationEvent::MerchantValidationEvent):

  • Modules/paymentrequest/MerchantValidationEvent.h:
  • Modules/paymentrequest/MerchantValidationEvent.idl:
6:44 AM Changeset in webkit [237520] by Adrian Perez de Castro
  • 9 edits
    1 add in releases/WebKitGTK/webkit-2.22

Merged r237469 - Fix missing edge cases with JSGlobalObjects having a bad time.
https://bugs.webkit.org/show_bug.cgi?id=189028
<rdar://problem/45204939>

Reviewed by Saam Barati.

JSTests:

  • stress/regress-189028.js: Added.

Source/JavaScriptCore:

Consider the following scenario:

let object O1 (of global G1) have an indexing type that is not SlowPut.
let global G2 have a bad time.
let object O2 (of global G2) be set as the prototype of O1.
let object O3 (of global G2) have indexed accessors.

In the existing code, if we set O3 as O2's prototype, we'll have a bug where
O1 will not be made aware that that there are indexed accessors in its prototype
chain.

In this patch, we solve this issue by introducing a new invariant:

A prototype chain is considered to possibly have indexed accessors if any
object in the chain belongs to a global object that is having a bad time.

We apply this invariant as follows:

  1. Enhance JSGlobalObject::haveABadTime() to also check if other global objects are affected by it having a bad time. If so, it also ensures that those affected global objects have a bad time.

The original code for JSGlobalObject::haveABadTime() uses a ObjectsWithBrokenIndexingFinder
to find all objects affected by the global object having a bad time. We enhance
ObjectsWithBrokenIndexingFinder to also check for the possibility that any global
objects may be affected by other global objects having a bad time i.e.

let g1 = global1
let g2 = global2
let o1 = an object in g1
let o2 = an object in g2

let g1 have a bad time
g2 is affected if

o1 is in the prototype chain of o2,
and o2 may be a prototype.

If the ObjectsWithBrokenIndexingFinder does find the possibility of other global
objects being affected, it will abort its heap scan and let haveABadTime() take
a slow path to do a more complete multi global object scan.

The slow path works as follows:

  1. Iterate the heap and record the graph of all global object dependencies.

For each global object, record the list of other global objects that are
affected by it.

  1. Compute a list of global objects that need to have a bad time using the current global object dependency graph.
  1. For each global object in the list of affected global objects, fire their HaveABadTime watchpoint and convert all their array structures to the SlowPut alternatives.
  1. Re-run ObjectsWithBrokenIndexingFinder to find all objects that are affected by any of the globals in the list from (2).
  1. Enhance Structure::mayInterceptIndexedAccesses() to also return true if the structure's global object is having a bad time.

Note: there are 3 scenarios that we need to consider:

let g1 = global1
let g2 = global2
let o1 = an object in g1
let o2 = an object in g2

Scenario 1: o2 is a prototype, and

g1 has a bad time after o1 is inserted into the o2's prototype chain.

Scenario 2: o2 is a prototype, and

o1 is inserted into the o2's prototype chain after g1 has a bad time.

Scenario 3: o2 is NOT a prototype, and

o1 is inserted into the o2's prototype chain after g1 has a bad time.

For scenario 1, when g1 has a bad time, we need to also make sure g2 has
a bad time. This is handled by enhancement 1 above.

For scenario 2, when o1 is inserted into o2's prototype chain, we need to check
if o1's global object has a bad time. If so, then we need to make sure o2's
global also has a bad time (because o2 is a prototype) and convert o2's
storage type to SlowPut. This is handled by enhancement 2 above in conjunction
with JSObject::setPrototypeDirect().

For scenario 3, when o1 is inserted into o2's prototype chain, we need to check
if o1's global object has a bad time. If so, then we only need to convert o2's
storage type to SlowPut (because o2 is NOT a prototype). This is handled by
enhancement 2 above.

  1. Also add $vm.isHavingABadTime(), $vm.createGlobalObject() to enable us to write some tests for this issue.
  • runtime/JSGlobalObject.cpp:

(JSC::JSGlobalObject::fireWatchpointAndMakeAllArrayStructuresSlowPut):
(JSC::JSGlobalObject::haveABadTime):

  • runtime/JSGlobalObject.h:
  • runtime/JSObject.h:

(JSC::JSObject::mayInterceptIndexedAccesses): Deleted.

  • runtime/JSObjectInlines.h:

(JSC::JSObject::mayInterceptIndexedAccesses):

  • runtime/Structure.h:
  • runtime/StructureInlines.h:

(JSC::Structure::mayInterceptIndexedAccesses const):

  • tools/JSDollarVM.cpp:

(JSC::functionHaveABadTime):
(JSC::functionIsHavingABadTime):
(JSC::functionCreateGlobalObject):
(JSC::JSDollarVM::finishCreation):

6:44 AM Changeset in webkit [237519] by Adrian Perez de Castro
  • 5 edits
    2 adds in releases/WebKitGTK/webkit-2.22

Merged r237450 - [MSE][WTF][Media] Invalid MediaTime should be falsy
https://bugs.webkit.org/show_bug.cgi?id=190893

Reviewed by Jer Noble.

Source/WTF:

This patch modifies the definition of MediaTime so that invalid times
are evaluated to false in the context of a boolean expression.

  • wtf/MediaTime.cpp:

(WTF::MediaTime::operator! const):
(WTF::MediaTime::operator bool const):

Tools:

This patch adds additional API tests for the conversions from
MediaTime to boolean.

  • TestWebKitAPI/Tests/WTF/MediaTime.cpp:

(TestWebKitAPI::TEST):

LayoutTests:

A test is added that replicates a bug fixed by this patch.

  • media/media-source/media-source-timestampoffset-then-zero-expected.txt: Added.
  • media/media-source/media-source-timestampoffset-then-zero.html: Added.
6:44 AM Changeset in webkit [237518] by Adrian Perez de Castro
  • 13 edits in releases/WebKitGTK/webkit-2.22/Source/WebKit

Merged r237410 - [GTK][AC] Resizing the window doesn't always update the visible rect
https://bugs.webkit.org/show_bug.cgi?id=189743

Reviewed by Michael Catanzaro.

Disassociate resizing that can be done on an AcceleratedSurface object
between "host resizes" and "client resizes".

The former is done from ThreadedCoordinatedLayerTreeHost directly, and
is currently used only for GTK on X11, where a new pixmap object is
created on each resize, which affects the context ID that is based on
that pixmap object's address.

The latter is done from the composition thread. It's used for GTK on
Wayland and WPE. In both cases, the underlying window object does not
change on each resize, but it's necessary to perform the actual resize
on the composition thread.

So far it hasn't been performed there, which ended up pushing sizes of
the WebKit view and the underlying window object out of sync during
resizing, leaving parts of window unrendered.

  • Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.cpp:

(WebKit::ThreadedCompositor::renderLayerTree):

  • Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.h:
  • WebProcess/WebPage/AcceleratedSurface.cpp:

(WebKit::AcceleratedSurface::hostResize):
(WebKit::AcceleratedSurface::resize): Deleted.

  • WebProcess/WebPage/AcceleratedSurface.h:

(WebKit::AcceleratedSurface::clientResize):

  • WebProcess/WebPage/CoordinatedGraphics/ThreadedCoordinatedLayerTreeHost.cpp:

(WebKit::ThreadedCoordinatedLayerTreeHost::deviceOrPageScaleFactorChanged):
(WebKit::ThreadedCoordinatedLayerTreeHost::sizeDidChange):

  • WebProcess/WebPage/CoordinatedGraphics/ThreadedCoordinatedLayerTreeHost.h:
  • WebProcess/WebPage/gtk/AcceleratedSurfaceWayland.cpp:

(WebKit::AcceleratedSurfaceWayland::clientResize):
(WebKit::AcceleratedSurfaceWayland::resize): Deleted.

  • WebProcess/WebPage/gtk/AcceleratedSurfaceWayland.h:
  • WebProcess/WebPage/gtk/AcceleratedSurfaceX11.cpp:

(WebKit::AcceleratedSurfaceX11::hostResize):
(WebKit::AcceleratedSurfaceX11::resize): Deleted.

  • WebProcess/WebPage/gtk/AcceleratedSurfaceX11.h:
  • WebProcess/WebPage/wpe/AcceleratedSurfaceWPE.cpp:

(WebKit::AcceleratedSurfaceWPE::clientResize):
(WebKit::AcceleratedSurfaceWPE::resize): Deleted.

  • WebProcess/WebPage/wpe/AcceleratedSurfaceWPE.h:
6:43 AM Changeset in webkit [237517] by Adrian Perez de Castro
  • 5 edits
    5 adds in releases/WebKitGTK/webkit-2.22

Merged r237395 - Only report resource timing to parent frame for the first iframe load
https://bugs.webkit.org/show_bug.cgi?id=190498
<rdar://problem/44347398>

Reviewed by Youenn Fablet.

Source/WebCore:

Only the first iframe navigation or the first iframe navigation after about:blank should be reported.
https://www.w3.org/TR/resource-timing-2/#resources-included-in-the-performanceresourcetiming-interface

Test: http/tests/misc/resource-timing-navigation-in-restored-iframe.html

  • loader/FrameLoader.cpp:

(WebCore::FrameLoader::loadWithDocumentLoader):

  • loader/FrameLoader.h:

(WebCore::FrameLoader::shouldReportResourceTimingToParentFrame):
(WebCore::FrameLoader::setShouldReportResourceTimingToParentFrame): Deleted.

  • loader/ResourceTimingInformation.cpp:

(WebCore::ResourceTimingInformation::addResourceTiming):

LayoutTests:

The layout test is from Chromium change:
https://chromium-review.googlesource.com/c/chromium/src/+/1186215.

  • http/tests/misc/resource-timing-navigation-in-restored-iframe-expected.txt: Added.
  • http/tests/misc/resource-timing-navigation-in-restored-iframe.html: Added.
  • http/tests/misc/resources/alert-then-back.html: Added.
  • http/tests/misc/resources/navigate-on-message.html: Added.
  • http/tests/misc/resources/post-message-to-parent.html: Added.
6:43 AM Changeset in webkit [237516] by Adrian Perez de Castro
  • 7 edits
    1 add in releases/WebKitGTK/webkit-2.22

Merged r237325 - DFGAbstractValue::m_arrayModes expects IndexingMode values, not IndexingType.
https://bugs.webkit.org/show_bug.cgi?id=190515
<rdar://problem/45222379>

Reviewed by Saam Barati.

JSTests:

  • stress/regress-190515.js: Added.

Source/JavaScriptCore:

  1. Fixes calls to asArrayModes() to take a structure's IndexingMode instead of IndexingType.
  1. DFG's compileNewArrayBuffer()'s HaveABadTime case was previously using the node's indexingType (instead of indexingMode) to choose the array structure to use for creating an array buffer with. This turns out to not be an issue because when the VM is in having a bad time, all the arrayStructureForIndexingTypeDuringAllocation structure pointers will point to the SlowPutArrayStorage structure anyway. However, to be strictly correct, we'll fix it to use the structure for the node's indexingMode.
  • dfg/DFGAbstractValue.cpp:

(JSC::DFG::AbstractValue::set):
(JSC::DFG::AbstractValue::mergeOSREntryValue):

  • dfg/DFGAbstractValue.h:

(JSC::DFG::AbstractValue::validate const):

  • dfg/DFGOSRExit.cpp:

(JSC::DFG::OSRExit::executeOSRExit):

  • dfg/DFGRegisteredStructureSet.cpp:

(JSC::DFG::RegisteredStructureSet::arrayModesFromStructures const):

  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compileNewArrayBuffer):

6:43 AM Changeset in webkit [237515] by Adrian Perez de Castro
  • 4 edits in releases/WebKitGTK/webkit-2.22

Merged r237278 - [Media] Use nanoseconds as MaximumTimeScale
https://bugs.webkit.org/show_bug.cgi?id=190631

Source/WTF:

1e9 is a much more useful timescale than the previous one 231-1.
Unlike 2
31-1, which is a prime number, nanosecond scale is pretty
common among some formats like WebM and frameworks like GStreamer
where base 10 timescale is common... and it's those big timescales the
ones that are usually scaled up to MaximumTimeScale.

Reviewed by Jer Noble.

  • wtf/MediaTime.cpp:

Tools:

Rebased MediaTime tests covering timescales over the maximum.

Reviewed by Jer Noble.

  • TestWebKitAPI/Tests/WTF/MediaTime.cpp:

(TestWebKitAPI::TEST):

6:43 AM Changeset in webkit [237514] by Adrian Perez de Castro
  • 6 edits
    2 adds in releases/WebKitGTK/webkit-2.22

Merged r237274 - [MSE] timestampOffset can introduce floating-point rounding errors to incoming samples
https://bugs.webkit.org/show_bug.cgi?id=190590
<rdar://problem/45275626>

Reviewed by Eric Carlson.

Source/WebCore:

Test: media/media-source/media-source-timestampoffset-rounding-error.html

SourceBuffer.timestampOffset is a double property, which, when added to a MediaTime will
result in a double-backed MediaTime as PTS & DTS. This can introduce rounding errors when
these samples are appended as overlapping existing samples. Rather than converting a MediaTime
to double-backed when adding the timestampOffset, convert the offset to a multiple of the
sample's timeBase.

  • Modules/mediasource/SourceBuffer.cpp:

(WebCore::SourceBuffer::setTimestampOffset):
(WebCore::SourceBuffer::sourceBufferPrivateDidReceiveSample):

LayoutTests:

  • media/media-source/media-source-sequence-timestamps-expected.txt:
  • media/media-source/media-source-timestampoffset-rounding-error-expected.txt: Added.
  • media/media-source/media-source-timestampoffset-rounding-error.html: Added.
  • media/media-source/mock-media-source.js:

(makeASample):

6:43 AM Changeset in webkit [237513] by Adrian Perez de Castro
  • 2 edits in releases/WebKitGTK/webkit-2.22/Source/JavaScriptCore

Merged r237215 - GetIndexedPropertyStorage can GC.
https://bugs.webkit.org/show_bug.cgi?id=190625
<rdar://problem/45309366>

Reviewed by Saam Barati.

This is because if the ArrayMode type is String, the DFG and FTL will be emitting
a call to operationResolveRope, and operationResolveRope can GC. This patch
updates doesGC() to reflect this.

  • dfg/DFGDoesGC.cpp:

(JSC::DFG::doesGC):

6:43 AM Changeset in webkit [237512] by Adrian Perez de Castro
  • 4 edits in releases/WebKitGTK/webkit-2.22/Source/WebKit

Merged r237191 - [GLib] Build error with RemoteInspector disabled
https://bugs.webkit.org/show_bug.cgi?id=190623

Reviewed by Michael Catanzaro.

Compilation guards added to ensure the build still works when the
Remote WebInspector has been disabled.

  • UIProcess/API/glib/WebKitAutomationSession.cpp:
  • UIProcess/API/glib/WebKitAutomationSessionPrivate.h:
  • UIProcess/RemoteWebInspectorProxy.cpp:
6:43 AM Changeset in webkit [237511] by Adrian Perez de Castro
  • 4 edits
    1 add in releases/WebKitGTK/webkit-2.22

Merged r237129 - JSArray::shiftCountWithArrayStorage is wrong when an array has holes
https://bugs.webkit.org/show_bug.cgi?id=190262
<rdar://problem/44986241>

Reviewed by Mark Lam.

JSTests:

  • stress/array-prototype-concat-of-long-spliced-arrays.js:

(test):

  • stress/slice-array-storage-with-holes.js: Added.

(main):

Source/JavaScriptCore:

We would take the fast path for shiftCountWithArrayStorage when the array
hasHoles(). However, the code for this was wrong. It'd incorrectly update
ArrayStorage::m_numValuesInVector. Since the hasHoles() for ArrayStorage
path is never taken in JetStream 2, this patch just removes that from
the fast path. Instead, we just fallback to the slow path when hasHoles().
If we find evidence that this matters for real use cases, we can
figure out a way to make the fast path work.

  • runtime/JSArray.cpp:

(JSC::JSArray::shiftCountWithArrayStorage):

6:42 AM Changeset in webkit [237510] by Adrian Perez de Castro
  • 3 edits
    4 adds in releases/WebKitGTK/webkit-2.22

Merged r237119 - [Cairo] Incorrect rendering for 135-deg skews
https://bugs.webkit.org/show_bug.cgi?id=190513

Source/WebCore:

Compensation value to zero the the translation components
of the transformation matrix is incorrect if the matrix
has a shear factor.

Reviewed by Žan Doberšek.

Tests: fast/transforms/skew-x-135deg-with-gradient.html

fast/transforms/skew-y-135deg-with-gradient.html

  • platform/graphics/cairo/CairoUtilities.cpp:

(WebCore::drawPatternToCairoContext):

LayoutTests:

Reviewed by Žan Doberšek.

  • fast/transforms/skew-x-135deg-with-gradient-expected.html: Added.
  • fast/transforms/skew-x-135deg-with-gradient.html: Added.
  • fast/transforms/skew-y-135deg-with-gradient-expected.html: Added.
  • fast/transforms/skew-y-135deg-with-gradient.html: Added.
6:42 AM Changeset in webkit [237509] by Adrian Perez de Castro
  • 5 edits
    2 adds in releases/WebKitGTK/webkit-2.22

Merged r236991 - REGRESSION(r234620): SVGLangSpace::svgAttributeChanged() should invalidate the renderer of the SVGGeometryElement descendant only
https://bugs.webkit.org/show_bug.cgi?id=190411

Reviewed by Simon Fraser.

Source/WebCore:

Test: svg/dynamic-updates/SVGStopElement-dom-xml-lang-attrr.html

When changing the attributes of the SVGLangSpace, we should invalidate
the renderer of the SVGGeometryElement descendant only. Renderer of other
elements, like SVGStopElement, should not be invalidated because they do
not have geometry and they can be used as resources for drawing another
SVGGeometryElement.

  • svg/SVGElement.h:

(WebCore::SVGElement::isSVGGeometryElement const):

  • svg/SVGGeometryElement.h:

(isType):

  • svg/SVGLangSpace.cpp:

(WebCore::SVGLangSpace::svgAttributeChanged):

LayoutTests:

  • svg/dynamic-updates/SVGStopElement-dom-xml-lang-attrr-expected.txt: Added.
  • svg/dynamic-updates/SVGStopElement-dom-xml-lang-attrr.html: Added.
6:42 AM Changeset in webkit [237508] by Adrian Perez de Castro
  • 2 edits in releases/WebKitGTK/webkit-2.22/Source/WebCore

Merged r236985 - [WPE][GTK] Complex text crashes with harfbuzz 1.8.8
https://bugs.webkit.org/show_bug.cgi?id=190409

Reviewed by Žan Doberšek.

We discovered that harfbuzz 1.8.8 breaks WebKit by changing the ownership semantics of
hb_icu_get_unicode_funcs() from (transfer full) to (transfer none). Our code was actually
expecting (transfer none), so it's not immediately clear to me why it's crashing now, but
doesn't matter as Behdad recommends removing this line of code because it hasn't been
been needed for many years.

This should be covered by all our complex text tests if the bots were upgraded to the newer
harfbuzz.

  • platform/graphics/harfbuzz/ComplexTextControllerHarfBuzz.cpp:

(WebCore::ComplexTextController::collectComplexTextRunsForCharacters):

6:42 AM Changeset in webkit [237507] by Adrian Perez de Castro
  • 4 edits in releases/WebKitGTK/webkit-2.22/Source

Mergeg r236975 - [WPE] Explicitly link against gmodule where used
https://bugs.webkit.org/show_bug.cgi?id=190398

Reviewed by Michael Catanzaro.

  • PlatformWPE.cmake:
6:42 AM Changeset in webkit [237506] by Adrian Perez de Castro
  • 7 edits in releases/WebKitGTK/webkit-2.22

Merged r236961 - [GStreamer] Stealing cross-origin video pixel with HLS
https://bugs.webkit.org/show_bug.cgi?id=190003

Reviewed by Xabier Rodriguez-Calvar.

Source/WebCore:

Report the SecurityOrigin of downloaded adaptivedemux (HLS, DASH,
SmoothStreaming) fragments as tainted if their origin differs from
the manifest SecurityOrigin. SecurityOrigins are stored in the
CachedResourceStreamingClient implemented in the internal
GStreamer HTTP(S) source element.

The implementation is not ideal yet because the fragments download
is performed by the WebProcess, until bug 189967 is fixed. When
this bug is fixed, the m_hasTaintedOrigin member variable should
be removed and all checks be done unconditionally to the
webkithttpsrc element which will manage the download of the
manifests and fragments.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

(WebCore::MediaPlayerPrivateGStreamer::loadFull): Reset the m_hasTaintedOrigin value.
(WebCore::MediaPlayerPrivateGStreamer::handleMessage): Get the
fragment URL from the adaptivedemux stats message and check if its
origin is tainted.
(WebCore::MediaPlayerPrivateGStreamer::wouldTaintOrigin const):
Initial implementation by checking the m_hasTaintedOrigin member
variable value.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
  • platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:

(CachedResourceStreamingClient::responseReceived): Store the
resource origin internally so it can be checked later on by
webKitSrtcWouldTaintOrigin().
(webKitSrcWouldTaintOrigin): Check given origin against cached
origins. This implementation is similar to Cocoa's
WebCoreNSURLSession implementation.

  • platform/graphics/gstreamer/WebKitWebSourceGStreamer.h:

LayoutTests:

  • platform/gtk/TestExpectations: Unflag now-passing test.
6:42 AM Changeset in webkit [237505] by Adrian Perez de Castro
  • 2 edits in releases/WebKitGTK/webkit-2.22/Source/WebKit

Merged r236928 - Validation in Connection::readBytesFromSocket() is too aggressive
https://bugs.webkit.org/show_bug.cgi?id=190281

Reviewed by Michael Catanzaro.

Since r217206 Connection::readBytesFromSocket() validates size of
control message. However, it compares cmsg_len with attachmentMaxAmount,
while Connection::sendOutgoingMessage() computes it as
CMSG_LEN(sizeof(int) * attachmentFDBufferLength) where
attachmentFDBufferLength <= attachmentMaxAmount. This mismatch between
sender and receiver leads to possibility of assertion failure with large
number of attachments, e.g. here 62 attachments have cmsg_length == 264.

  • Platform/IPC/unix/ConnectionUnix.cpp:

(IPC::readBytesFromSocket):

6:42 AM Changeset in webkit [237504] by Adrian Perez de Castro
  • 2 edits in releases/WebKitGTK/webkit-2.22/Source/WebCore

Merged r236789 - Ref<FetchResponse> use-after-move in DOMCache::put()
https://bugs.webkit.org/show_bug.cgi?id=190239

Reviewed by Youenn Fablet.

Retrieve reference from the Ref<FetchResponse> object before it's
move-captured in the lambda that's passed to the
FetchResponse::consumeBodyReceivedByChunk() method that is invoked on
that very same object. This is a classic use-after-move bug that pops
up on compilers with different C++ calling convention.

  • Modules/cache/DOMCache.cpp:

(WebCore::DOMCache::put):

6:42 AM Changeset in webkit [237503] by Adrian Perez de Castro
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.22

Merged r236288 - Release assert under RenderView::pageOrViewLogicalHeight
https://bugs.webkit.org/show_bug.cgi?id=189798
<rdar://problem/43659749>

Reviewed by Simon Fraser.

Source/WebCore:

Only the mainframe's render view is sized to the page while printing.
Use the matching check (see RenderView::layout) when accessing m_pageLogicalSize.

Test: printing/crash-while-formatting-subframe-for-printing.html

  • rendering/RenderView.cpp:

(WebCore::RenderView::pageOrViewLogicalHeight const):

LayoutTests:

  • printing/crash-while-formatting-subframe-for-printing-expected.txt: Added.
  • printing/crash-while-formatting-subframe-for-printing.html: Added.
6:41 AM Changeset in webkit [237502] by Adrian Perez de Castro
  • 6 edits
    1 add in releases/WebKitGTK/webkit-2.22

Merged r236161 - Ensure that ForInContexts are invalidated if their loop local is over-written. https://bugs.webkit.org/show_bug.cgi?id=189571 <rdar://problem/44402277>

Reviewed by Saam Barati.

JSTests:

  • stress/regress-189571.js: Added.

Source/JavaScriptCore:

Instead of hunting down every place in the BytecodeGenerator that potentially
needs to invalidate an enclosing ForInContext (if one exists), we simply iterate
the bytecode range of the loop body when the ForInContext is popped, and
invalidate the context if we ever find the loop temp variable over-written.

This has 2 benefits:

  1. It ensures that every type of opcode that can write to the loop temp will be handled appropriately, not just the op_mov that we've hunted down.
  2. It avoids us having to check the BytecodeGenerator's m_forInContextStack every time we emit an op_mov (or other opcodes that can write to a local) even when we're not inside a for-in loop.

JSC benchmarks show that that this change is performance neutral.

  • bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::pushIndexedForInScope):
(JSC::BytecodeGenerator::popIndexedForInScope):
(JSC::BytecodeGenerator::pushStructureForInScope):
(JSC::BytecodeGenerator::popStructureForInScope):
(JSC::ForInContext::finalize):
(JSC::StructureForInContext::finalize):
(JSC::IndexedForInContext::finalize):
(JSC::BytecodeGenerator::invalidateForInContextForLocal): Deleted.

  • bytecompiler/BytecodeGenerator.h:

(JSC::ForInContext::ForInContext):
(JSC::ForInContext::bodyBytecodeStartOffset const):
(JSC::StructureForInContext::StructureForInContext):
(JSC::IndexedForInContext::IndexedForInContext):

  • bytecompiler/NodesCodegen.cpp:

(JSC::PostfixNode::emitResolve):
(JSC::PrefixNode::emitResolve):
(JSC::ReadModifyResolveNode::emitBytecode):
(JSC::AssignResolveNode::emitBytecode):
(JSC::EmptyLetExpression::emitBytecode):
(JSC::ForInNode::emitLoopHeader):
(JSC::ForOfNode::emitBytecode):
(JSC::BindingNode::bindValue const):
(JSC::AssignmentElementNode::bindValue const):

  • runtime/CommonSlowPaths.cpp:

(JSC::SLOW_PATH_DECL):

6:41 AM Changeset in webkit [237501] by Adrian Perez de Castro
  • 3 edits in releases/WebKitGTK/webkit-2.22

Merged r235956 - imported/w3c/web-platform-tests/shadow-dom/form-control-form-attribute.html hits assertion
https://bugs.webkit.org/show_bug.cgi?id=189493

Reviewed by Alex Christensen.

Source/WebCore:

The debug assertion was caused by RefPtr in FormAssociatedElement::formOwnerRemovedFromTree introduced
by r224390 and r223644 ref'ing ShadowRoot while calling removeDetachedChildren inside ~ShadowRoot.
When a form (or any other) element has more than one ref inside removeDetachedChildren,
addChildNodesToDeletionQueue calls notifyChildNodeRemoved in the tree oreder.

However, when a form associated element of this form element appears later in the tree order,
FormAssociatedElement::formOwnerRemovedFromTree can traverse up ancestors including the ShadowRoot.

Fixed the bug by using raw pointers instead. Luckily, there is no DOM mutations or other non-trivial
operations happening in this function so this should be safe.

Test: imported/w3c/web-platform-tests/shadow-dom/form-control-form-attribute.html

  • html/FormAssociatedElement.cpp:

(WebCore::FormAssociatedElement::formOwnerRemovedFromTree): Fixed the bug.

LayoutTests:

Unskip the test now that it doesn't hit a debug assertion.

5:48 AM WebKitGTK/2.22.x edited by Adrian Perez de Castro
(diff)
3:47 AM WebKitGTK/2.22.x edited by Adrian Perez de Castro
(diff)
12:54 AM Changeset in webkit [237500] by graouts@webkit.org
  • 3 edits in trunk/Source/WebCore

[Web Animations] Remove WebAnimation::description()
https://bugs.webkit.org/show_bug.cgi?id=190995

Reviewed by Dean Jackson.

This method is never used.

  • animation/WebAnimation.cpp:

(WebCore::WebAnimation::description): Deleted.

  • animation/WebAnimation.h:
12:53 AM Changeset in webkit [237499] by graouts@webkit.org
  • 4 edits in trunk/Source/WebCore

[Web Animations] Move the logic of Document::getAnimations() to DocumentTimeline
https://bugs.webkit.org/show_bug.cgi?id=190994

Reviewed by Dean Jackson.

It would be cleaner to have the logic of document.getAnimations() on the DocumentTimeline instead of the Document, keep more
animation-related code compartmentalized in the animation directory. No change in behavior, so no test update.

  • animation/DocumentTimeline.cpp:

(WebCore::DocumentTimeline::getAnimations const):

  • animation/DocumentTimeline.h:
  • dom/Document.cpp:

(WebCore::Document::getAnimations):

12:51 AM Changeset in webkit [237498] by graouts@webkit.org
  • 5 edits in trunk/Source/WebCore

[Web Animations] Move bindings methods requiring style flush from CSSAnimation to DeclarativeAnimation
https://bugs.webkit.org/show_bug.cgi?id=190996

Reviewed by Dean Jackson.

Moving all of the IDL bindings methods that require flushing style from CSSAnimation to its superclass
DeclarativeAnimation so we follow the same route in CSSTransition. Note that there was code in
CSSAnimation::bindingsCurrentTime() that was not moved as it proved to not be necessary.

  • animation/CSSAnimation.cpp:

(WebCore::CSSAnimation::bindingsPlay):
(WebCore::CSSAnimation::bindingsPause):
(WebCore::CSSAnimation::bindingsStartTime const): Deleted.
(WebCore::CSSAnimation::setBindingsStartTime): Deleted.
(WebCore::CSSAnimation::bindingsCurrentTime const): Deleted.
(WebCore::CSSAnimation::setBindingsCurrentTime): Deleted.
(WebCore::CSSAnimation::bindingsPlayState const): Deleted.
(WebCore::CSSAnimation::bindingsPending const): Deleted.
(WebCore::CSSAnimation::bindingsReady): Deleted.
(WebCore::CSSAnimation::bindingsFinished): Deleted.
(WebCore::CSSAnimation::flushPendingStyleChanges const): Deleted.

  • animation/CSSAnimation.h:
  • animation/DeclarativeAnimation.cpp:

(WebCore::DeclarativeAnimation::bindingsStartTime const):
(WebCore::DeclarativeAnimation::setBindingsStartTime):
(WebCore::DeclarativeAnimation::bindingsCurrentTime const):
(WebCore::DeclarativeAnimation::setBindingsCurrentTime):
(WebCore::DeclarativeAnimation::bindingsPlayState const):
(WebCore::DeclarativeAnimation::bindingsPending const):
(WebCore::DeclarativeAnimation::bindingsReady):
(WebCore::DeclarativeAnimation::bindingsFinished):
(WebCore::DeclarativeAnimation::bindingsPlay):
(WebCore::DeclarativeAnimation::bindingsPause):
(WebCore::DeclarativeAnimation::flushPendingStyleChanges const):

  • animation/DeclarativeAnimation.h:

Oct 27, 2018:

7:02 PM Changeset in webkit [237497] by Michael Catanzaro
  • 2 edits in trunk/LayoutTests

Unreviewed, fix content added by a stray Ctrl+V

  • platform/gtk/TestExpectations:
6:59 PM Changeset in webkit [237496] by Michael Catanzaro
  • 3 edits
    6 adds in trunk/LayoutTests

Unreviewed GTK test gardening

  • TestExpectations:
  • platform/gtk/TestExpectations:
  • platform/gtk/imported/w3c/web-platform-tests/html/semantics/forms/constraints/form-validation-validity-badInput-expected.txt: Added.
  • platform/gtk/imported/w3c/web-platform-tests/html/semantics/forms/constraints/form-validation-willValidate-expected.txt: Added.
  • platform/gtk/imported/w3c/web-platform-tests/html/semantics/forms/the-input-element/selection-expected.txt: Added.
  • platform/gtk/inspector/canvas/recording-bitmaprenderer-expected.txt: Added.
4:30 PM Changeset in webkit [237495] by Matt Baker
  • 7 edits
    2 adds in trunk

Web Inspector: Table should support deleting rows
https://bugs.webkit.org/show_bug.cgi?id=189803
<rdar://problem/44655709>

Reviewed by Devin Rousso.

Source/WebInspectorUI:

Add methods for removing rows from a Table without reloading the data
source. This patch adds Table.prototype.removeRow for removing a single
row, and Table.prototype.removeSelectedRows for removing the entire selection.
The latter also attempts to select a new row, if possible, before removing
the selection.

  • UserInterface/Base/IndexSet.js:

(WI.IndexSet.prototype.copy):

  • UserInterface/Views/Table.js:

(WI.Table):
(WI.Table.prototype.get numberOfRows):
Cache the number of rows in the table data source. Invalidate cached
value whenever table data is reloaded. Removing rows immediately updates
cached value, without incurring a potentially expensive reload.

(WI.Table.prototype.reloadData):
(WI.Table.prototype.selectRow):
(WI.Table.prototype.deselectRow):
(WI.Table.prototype.removeRow):
(WI.Table.prototype.removeSelectedRows):
Remove the selected rows and select a new row, if possible.
(WI.Table.prototype._updateVisibleRows):
(WI.Table.prototype._handleKeyDown):
(WI.Table.prototype._deselectAllAndSelect):
Drive-by fix: should work when rowToSelect isn't already selected.
(WI.Table.prototype._removeRows):
Remove rows and adjust the indexes of rows that are shifted up as a result
of preceding rows being removed.

LayoutTests:

  • inspector/table/resources/table-utilities.js:

(TestPage.registerInitializer.InspectorTest.TableDelegate.prototype.tableDidRemoveRows):
(TestPage.registerInitializer.createDataSource):
(TestPage.registerInitializer.InspectorTest.createTable):
(TestPage.registerInitializer.InspectorTest.createTableWithDelegate):
(TestPage.registerInitializer):
Update table test utilities to keep TableDataSource backing array in
sync when rows are removed. Also allow the number of table rows to be
specified when creating a table for testing.

  • inspector/table/table-remove-rows-expected.txt: Added.
  • inspector/table/table-remove-rows.html: Added.

Add tests for new Table methods removeRow(rowIndex) and removeSelectedRows().

  • inspector/unit-tests/index-set-expected.txt:
  • inspector/unit-tests/index-set.html:

Add tests for new IndexSet method copy().

2:27 PM WebKitGTK/2.22.x edited by Adrian Perez de Castro
(diff)
2:17 PM Changeset in webkit [237494] by Adrian Perez de Castro
  • 2 edits in releases/WebKitGTK/webkit-2.22

Merged r235177 - The DFG CFGSimplification phase shouldn’t jettison a block when it’s the target of both branch directions.
https://bugs.webkit.org/show_bug.cgi?id=188298
<rdar://problem/42888427>

Reviewed by Saam Barati.

JSTests:

  • stress/bug-188298.js: Added.

Source/JavaScriptCore:

In the event that both targets of a Branch is the same block, then even if we'll
always take one path of the branch, the other target is not unreachable because
it is the same target as the one in the taken path. Hence, it should not be
jettisoned.

  • JavaScriptCore.xcodeproj/project.pbxproj:
  • Added DFGCFG.h which is in use and should have been added to the project.
  • dfg/DFGCFGSimplificationPhase.cpp:

(JSC::DFG::CFGSimplificationPhase::run):

1:35 PM WebKitGTK/2.22.x edited by Adrian Perez de Castro
(diff)
12:07 PM WebKitGTK/2.22.x edited by Michael Catanzaro
Propose more backports (diff)
11:15 AM WebKitGTK/2.22.x edited by Adrian Perez de Castro
(diff)
8:34 AM Changeset in webkit [237493] by cturner@igalia.com
  • 5 edits in trunk/Source/WebCore

[EME] Add a logging macro
https://bugs.webkit.org/show_bug.cgi?id=190984

Reviewed by Xabier Rodriguez-Calvar.

No tests since no new functionality.

  • Modules/encryptedmedia/MediaKeySession.cpp:

(WebCore::MediaKeySession::MediaKeySession):
(WebCore::MediaKeySession::generateRequest):
(WebCore::MediaKeySession::update):
(WebCore::MediaKeySession::close):
(WebCore::MediaKeySession::remove):
(WebCore::MediaKeySession::sessionClosed):

  • Modules/encryptedmedia/MediaKeys.cpp:

(WebCore::MediaKeys::createSession):

  • Modules/encryptedmedia/NavigatorEME.cpp:

(WebCore::NavigatorEME::requestMediaKeySystemAccess):

  • platform/Logging.h:
7:41 AM Changeset in webkit [237492] by yusukesuzuki@slowstart.org
  • 9 edits in trunk/Source/JavaScriptCore

Unreviewed, partial rolling in r237254
https://bugs.webkit.org/show_bug.cgi?id=190340

We do not use the added function right now to investigate what is the reason of the regression.
It also does not include any Parser.{h,cpp} changes to ensure that Parser.cpp's inlining decision
seems culprit of the regression on iOS devices.

  • bytecode/UnlinkedFunctionExecutable.cpp:

(JSC::UnlinkedFunctionExecutable::fromGlobalCode):

  • bytecode/UnlinkedFunctionExecutable.h:
  • parser/SourceCodeKey.h:

(JSC::SourceCodeKey::SourceCodeKey):
(JSC::SourceCodeKey::operator== const):

  • runtime/CodeCache.cpp:

(JSC::CodeCache::getUnlinkedGlobalCodeBlock):
(JSC::CodeCache::getUnlinkedGlobalFunctionExecutable):

  • runtime/CodeCache.h:
  • runtime/FunctionConstructor.cpp:

(JSC::constructFunctionSkippingEvalEnabledCheck):

  • runtime/FunctionExecutable.cpp:

(JSC::FunctionExecutable::fromGlobalCode):

  • runtime/FunctionExecutable.h:
7:28 AM Changeset in webkit [237491] by cturner@igalia.com
  • 2 edits in trunk

Make VIDEO enabled if ENCRYPTED_MEDIA is enabled.
https://bugs.webkit.org/show_bug.cgi?id=190983

Unreviewed build update.

  • Source/cmake/WebKitFeatures.cmake:
5:55 AM Changeset in webkit [237490] by cturner@igalia.com
  • 2 edits in trunk/Tools

[GTK] Add bubblewrap feature option
https://bugs.webkit.org/show_bug.cgi?id=190981

Reviewed by Xabier Rodriguez-Calvar.

Without this, it was not possible to disable the bubblewrap sandbox
from the webkit build scripts.

  • Scripts/webkitperl/FeatureList.pm:
3:24 AM Changeset in webkit [237489] by cturner@igalia.com
  • 2 edits in trunk

[GTK] Enable experimental encrypted media support
https://bugs.webkit.org/show_bug.cgi?id=190829

Reviewed by Michael Catanzaro.

  • Source/cmake/OptionsGTK.cmake:
3:05 AM Changeset in webkit [237488] by calvaris@igalia.com
  • 2 edits in trunk/Source/WebCore

[GStreamer][EME] Post key received to bus should be done before waking up other threads
https://bugs.webkit.org/show_bug.cgi?id=190822

Reviewed by Philippe Normand.

Notify after posting message to bus.

  • platform/graphics/gstreamer/eme/WebKitCommonEncryptionDecryptorGStreamer.cpp:

(webkitMediaCommonEncryptionDecryptSinkEventHandler):

3:01 AM Changeset in webkit [237487] by cturner@igalia.com
  • 7 edits in trunk/Source/WebCore

Fix release build with -DLOG_DISABLED=0
https://bugs.webkit.org/show_bug.cgi?id=190866

Reviewed by Xabier Rodriguez-Calvar.

No new tests since no functionality changed.

  • platform/graphics/Font.cpp:
  • platform/graphics/Font.h:
  • platform/graphics/FontPlatformData.h:
  • platform/graphics/cocoa/FontPlatformDataCocoa.mm:
  • platform/graphics/freetype/FontPlatformDataFreeType.cpp:
  • platform/graphics/win/FontPlatformDataWin.cpp:

Oct 26, 2018:

4:34 PM Changeset in webkit [237486] by commit-queue@webkit.org
  • 125 edits
    4 adds
    17 deletes in trunk

Unreviewed, rolling out r237479 and r237484.
https://bugs.webkit.org/show_bug.cgi?id=190978

broke JSC on iOS (Requested by tadeuzagallo on #webkit).

Reverted changesets:

"New bytecode format for JSC"
https://bugs.webkit.org/show_bug.cgi?id=187373
https://trac.webkit.org/changeset/237479

"Gardening: Build fix after r237479."
https://bugs.webkit.org/show_bug.cgi?id=187373
https://trac.webkit.org/changeset/237484

3:03 PM Changeset in webkit [237485] by Megan Gardner
  • 4 edits in trunk/Source/WebKit

Remove Unused WebSelectionAssistant
https://bugs.webkit.org/show_bug.cgi?id=190939

Reviewed by Tim Horton.

We made webSelectionAssistant alwasys nil last year when we moved to using
the textSelectionAssistant for all text selection on the web. This patch merely
goes through and cleans out all the references to this object that is always nil.
No functionality should change.

  • UIProcess/ios/WKContentView.mm:

(-[WKContentView _didExitStableState]):

  • UIProcess/ios/WKContentViewInteraction.h:
  • UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView cleanupInteraction]):
(-[WKContentView resignFirstResponderForWebView]):
(-[WKContentView _scrollingNodeScrollingWillBegin]):
(-[WKContentView _scrollingNodeScrollingDidEnd]):
(-[WKContentView gestureRecognizer:canBePreventedByGestureRecognizer:]):
(-[WKContentView gestureRecognizer:shouldRecognizeSimultaneouslyWithGestureRecognizer:]):
(-[WKContentView _uiTextSelectionRects]):
(-[WKContentView _singleTapCommited:]):
(-[WKContentView _willStartScrollingOrZooming]):
(-[WKContentView _didEndScrollingOrZooming]):
(-[WKContentView _lookupForWebView:]):
(-[WKContentView _shareForWebView:]):
(-[WKContentView _addShortcutForWebView:]):
(-[WKContentView _showDictionary:]):
(selectionChangedWithGesture):
(selectionChangedWithTouch):
(-[WKContentView selectionInteractionAssistant]):
(-[WKContentView _stopAssistingNode]):
(-[WKContentView _updateChangedSelection:]):
(-[WKContentView actionSheetAssistant:shareElementWithURL:rect:]):
(-[WKContentView _restoreCalloutBarIfNeeded]):
(-[WKContentView dragInteraction:willAnimateLiftWithAnimator:session:]):
(-[WKContentView webSelectionAssistant]): Deleted.

3:02 PM Changeset in webkit [237484] by Tadeu Zagallo
  • 4 edits in trunk/Source/JavaScriptCore

Gardening: Build fix after r237479.
https://bugs.webkit.org/show_bug.cgi?id=187373

Unreviewed.

  • Configurations/JSC.xcconfig:
  • JavaScriptCore.xcodeproj/project.pbxproj:
  • llint/LLIntData.cpp:

(JSC::LLInt::initialize):

2:33 PM Changeset in webkit [237483] by commit-queue@webkit.org
  • 16 edits in trunk/Source

Unreviewed, rolling out r237458.
https://bugs.webkit.org/show_bug.cgi?id=190973

broke internal iOS builds (Requested by zalan on #webkit).

Reverted changeset:

"Adopt -setOverrideRouteSharingPolicy:routingContextUID: SPI"
https://bugs.webkit.org/show_bug.cgi?id=190951
https://trac.webkit.org/changeset/237458

2:03 PM Changeset in webkit [237482] by Devin Rousso
  • 5 edits in trunk/Source/WebInspectorUI

Web Inspector: simplify some editing code checks
https://bugs.webkit.org/show_bug.cgi?id=190970

Reviewed by Joseph Pecoraro.

  • UserInterface/Base/Main.js:

(WI._focusChanged):

  • UserInterface/Base/Utilities.js:
  • UserInterface/Views/EditingSupport.js:

(WI.enclosingCodeMirror): Added.
(WI.isBeingEdited):
(WI.isEventTargetAnEditableField):

  • UserInterface/Views/QuickConsole.js:

(WI.QuickConsole):

1:43 PM Changeset in webkit [237481] by Devin Rousso
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: Uncaught Exception: undefined is not an object (evaluating 'this._classListContainer.children')
https://bugs.webkit.org/show_bug.cgi?id=190966

Reviewed by Joseph Pecoraro.

  • UserInterface/Views/GeneralStyleDetailsSidebarPanel.js:

(WI.GeneralStyleDetailsSidebarPanel.prototype.layout):
(WI.GeneralStyleDetailsSidebarPanel.prototype._classToggleButtonClicked):
(WI.GeneralStyleDetailsSidebarPanel.prototype._populateClassToggles):
Don't try to reload the class toggles if the we haven't layout yet, as the element won't
yet exist.

1:11 PM Changeset in webkit [237480] by Chris Dumez
  • 13 edits in trunk/Source/WebKit

[PSON] Only delay attaching drawingArea in case of process swap and drop DidCompletePageTransition IPC handshake
https://bugs.webkit.org/show_bug.cgi?id=190971

Reviewed by Geoffrey Garen.

Only delay attaching drawingArea in case of process swap and drop DidCompletePageTransition IPC handshake.

Since r236257, the WebProcess would always delay attaching the drawing area when a new WebPage is created. The
WebProcess would send a DidCompletePageTransition IPC to the UIProcess when the page transition is complete and
the UIProcess would then send an IPC back to attach the drawing area.

In the new design, WebPageCreationParameters contains a flag indicating if the WebPage should delay attaching
the drawing area or not. We only delay attaching in case of process swap and we've successfuly suspended the
previous page. Then when WebPage::didCompletePageTransition(), we stop sending the DidCompletePageTransition
IPC to the UIProcess and instead have the WebProcess attach the drawing area right away if we've delayed
attaching until then.

  • Shared/WebPageCreationParameters.cpp:

(WebKit::WebPageCreationParameters::encode const):
(WebKit::WebPageCreationParameters::decode):

  • Shared/WebPageCreationParameters.h:
  • UIProcess/DrawingAreaProxy.h:
  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::suspendCurrentPageIfPossible):
(WebKit::WebPageProxy::swapToWebProcess):
(WebKit::WebPageProxy::finishAttachingToWebProcess):
(WebKit::WebPageProxy::initializeWebPage):
(WebKit::WebPageProxy::receivedNavigationPolicyDecision):

  • UIProcess/WebPageProxy.h:
  • UIProcess/WebPageProxy.messages.in:
  • UIProcess/mac/TiledCoreAnimationDrawingAreaProxy.h:
  • UIProcess/mac/TiledCoreAnimationDrawingAreaProxy.mm:
  • WebProcess/WebPage/DrawingArea.messages.in:
  • WebProcess/WebPage/WebPage.cpp:

(WebKit::m_shouldAttachDrawingAreaOnPageTransition):
(WebKit::WebPage::reinitializeWebPage):
(WebKit::WebPage::didCompletePageTransition):

  • WebProcess/WebPage/WebPage.h:
  • WebProcess/WebPage/mac/TiledCoreAnimationDrawingArea.mm:

(WebKit::TiledCoreAnimationDrawingArea::TiledCoreAnimationDrawingArea):

12:54 PM Changeset in webkit [237479] by Tadeu Zagallo
  • 124 edits
    9 copies
    21 adds
    4 deletes in trunk

New bytecode format for JSC
https://bugs.webkit.org/show_bug.cgi?id=187373
<rdar://problem/44186758>

Reviewed by Filip Pizlo.

.:

Disable JIT by default on 32-bit platforms

  • Source/cmake/WebKitFeatures.cmake:

JSTests:

Add tests to ensure that the inferred inline capacity for a narrow op_new_object will be capped at 255.

  • stress/maximum-inline-capacity.js: Added.

(test1):
(test3.Foo):
(test3):

Source/JavaScriptCore:

Replace unlinked and linked bytecode with a new immutable bytecode that does not embed
any addresses. Instructions can be encoded as narrow (1-byte operands) or wide (4-byte
operands) and might contain an extra operand, the metadataID. The metadataID is used to
access the instruction's mutable data in a side table in the CodeBlock (the MetadataTable).

Bytecodes now must be structs declared in the new BytecodeList.rb. All bytecodes give names
and types to all its operands. Additionally, reading a bytecode from the instruction stream
requires decoding the whole bytecode, i.e. it's no longer possible to access arbitrary
operands directly from the stream.

  • CMakeLists.txt:
  • DerivedSources.make:
  • JavaScriptCore.xcodeproj/project.pbxproj:
  • Sources.txt:
  • assembler/MacroAssemblerCodeRef.h:

(JSC::ReturnAddressPtr::ReturnAddressPtr):
(JSC::ReturnAddressPtr::value const):
(JSC::MacroAssemblerCodePtr::MacroAssemblerCodePtr):
(JSC::MacroAssemblerCodePtr::createFromExecutableAddress):

  • bytecode/ArithProfile.h:

(JSC::ArithProfile::ArithProfile):

  • bytecode/ArrayAllocationProfile.h:

(JSC::ArrayAllocationProfile::ArrayAllocationProfile):

  • bytecode/ArrayProfile.h:
  • bytecode/BytecodeBasicBlock.cpp:

(JSC::isJumpTarget):
(JSC::BytecodeBasicBlock::computeImpl):
(JSC::BytecodeBasicBlock::compute):

  • bytecode/BytecodeBasicBlock.h:

(JSC::BytecodeBasicBlock::leaderOffset const):
(JSC::BytecodeBasicBlock::totalLength const):
(JSC::BytecodeBasicBlock::offsets const):
(JSC::BytecodeBasicBlock::BytecodeBasicBlock):
(JSC::BytecodeBasicBlock::addLength):

  • bytecode/BytecodeDumper.cpp:

(JSC::BytecodeDumper<Block>::printLocationAndOp):
(JSC::BytecodeDumper<Block>::dumpBytecode):
(JSC::BytecodeDumper<Block>::dumpIdentifiers):
(JSC::BytecodeDumper<Block>::dumpConstants):
(JSC::BytecodeDumper<Block>::dumpExceptionHandlers):
(JSC::BytecodeDumper<Block>::dumpSwitchJumpTables):
(JSC::BytecodeDumper<Block>::dumpStringSwitchJumpTables):
(JSC::BytecodeDumper<Block>::dumpBlock):

  • bytecode/BytecodeDumper.h:

(JSC::BytecodeDumper::dumpOperand):
(JSC::BytecodeDumper::dumpValue):
(JSC::BytecodeDumper::BytecodeDumper):
(JSC::BytecodeDumper::block const):

  • bytecode/BytecodeGeneratorification.cpp:

(JSC::BytecodeGeneratorification::BytecodeGeneratorification):
(JSC::BytecodeGeneratorification::enterPoint const):
(JSC::BytecodeGeneratorification::instructions const):
(JSC::GeneratorLivenessAnalysis::run):
(JSC::BytecodeGeneratorification::run):
(JSC::performGeneratorification):

  • bytecode/BytecodeGeneratorification.h:
  • bytecode/BytecodeGraph.h:

(JSC::BytecodeGraph::blockContainsBytecodeOffset):
(JSC::BytecodeGraph::findBasicBlockForBytecodeOffset):
(JSC::BytecodeGraph::findBasicBlockWithLeaderOffset):
(JSC::BytecodeGraph::BytecodeGraph):

  • bytecode/BytecodeKills.h:
  • bytecode/BytecodeList.json: Removed.
  • bytecode/BytecodeList.rb: Added.
  • bytecode/BytecodeLivenessAnalysis.cpp:

(JSC::BytecodeLivenessAnalysis::dumpResults):

  • bytecode/BytecodeLivenessAnalysis.h:
  • bytecode/BytecodeLivenessAnalysisInlines.h:

(JSC::isValidRegisterForLiveness):
(JSC::BytecodeLivenessPropagation::stepOverInstruction):

  • bytecode/BytecodeRewriter.cpp:

(JSC::BytecodeRewriter::applyModification):
(JSC::BytecodeRewriter::execute):
(JSC::BytecodeRewriter::adjustJumpTargetsInFragment):
(JSC::BytecodeRewriter::insertImpl):
(JSC::BytecodeRewriter::adjustJumpTarget):
(JSC::BytecodeRewriter::adjustJumpTargets):

  • bytecode/BytecodeRewriter.h:

(JSC::BytecodeRewriter::InsertionPoint::InsertionPoint):
(JSC::BytecodeRewriter::Fragment::Fragment):
(JSC::BytecodeRewriter::Fragment::appendInstruction):
(JSC::BytecodeRewriter::BytecodeRewriter):
(JSC::BytecodeRewriter::insertFragmentBefore):
(JSC::BytecodeRewriter::insertFragmentAfter):
(JSC::BytecodeRewriter::removeBytecode):
(JSC::BytecodeRewriter::adjustAbsoluteOffset):
(JSC::BytecodeRewriter::adjustJumpTarget):

  • bytecode/BytecodeUseDef.h:

(JSC::computeUsesForBytecodeOffset):
(JSC::computeDefsForBytecodeOffset):

  • bytecode/CallLinkStatus.cpp:

(JSC::CallLinkStatus::computeFromLLInt):

  • bytecode/CodeBlock.cpp:

(JSC::CodeBlock::dumpBytecode):
(JSC::CodeBlock::CodeBlock):
(JSC::CodeBlock::finishCreation):
(JSC::CodeBlock::estimatedSize):
(JSC::CodeBlock::visitChildren):
(JSC::CodeBlock::propagateTransitions):
(JSC::CodeBlock::finalizeLLIntInlineCaches):
(JSC::CodeBlock::addJITAddIC):
(JSC::CodeBlock::addJITMulIC):
(JSC::CodeBlock::addJITSubIC):
(JSC::CodeBlock::addJITNegIC):
(JSC::CodeBlock::stronglyVisitStrongReferences):
(JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeOffset):
(JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeOffsetSlow):
(JSC::CodeBlock::hasOpDebugForLineAndColumn):
(JSC::CodeBlock::getArrayProfile):
(JSC::CodeBlock::updateAllArrayPredictions):
(JSC::CodeBlock::predictedMachineCodeSize):
(JSC::CodeBlock::tryGetValueProfileForBytecodeOffset):
(JSC::CodeBlock::valueProfilePredictionForBytecodeOffset):
(JSC::CodeBlock::valueProfileForBytecodeOffset):
(JSC::CodeBlock::validate):
(JSC::CodeBlock::outOfLineJumpOffset):
(JSC::CodeBlock::outOfLineJumpTarget):
(JSC::CodeBlock::arithProfileForBytecodeOffset):
(JSC::CodeBlock::arithProfileForPC):
(JSC::CodeBlock::couldTakeSpecialFastCase):
(JSC::CodeBlock::insertBasicBlockBoundariesForControlFlowProfiler):

  • bytecode/CodeBlock.h:

(JSC::CodeBlock::addMathIC):
(JSC::CodeBlock::outOfLineJumpOffset):
(JSC::CodeBlock::bytecodeOffset):
(JSC::CodeBlock::instructions const):
(JSC::CodeBlock::instructionCount const):
(JSC::CodeBlock::llintBaselineCalleeSaveSpaceAsVirtualRegisters):
(JSC::CodeBlock::metadata):
(JSC::CodeBlock::metadataSizeInBytes):
(JSC::CodeBlock::numberOfNonArgumentValueProfiles):
(JSC::CodeBlock::totalNumberOfValueProfiles):

  • bytecode/CodeBlockInlines.h: Added.

(JSC::CodeBlock::forEachValueProfile):
(JSC::CodeBlock::forEachArrayProfile):
(JSC::CodeBlock::forEachArrayAllocationProfile):
(JSC::CodeBlock::forEachObjectAllocationProfile):
(JSC::CodeBlock::forEachLLIntCallLinkInfo):

  • bytecode/Fits.h: Added.
  • bytecode/GetByIdMetadata.h: Copied from Source/JavaScriptCore/bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.h.
  • bytecode/GetByIdStatus.cpp:

(JSC::GetByIdStatus::computeFromLLInt):

  • bytecode/Instruction.h:

(JSC::Instruction::Instruction):
(JSC::Instruction::Impl::opcodeID const):
(JSC::Instruction::opcodeID const):
(JSC::Instruction::name const):
(JSC::Instruction::isWide const):
(JSC::Instruction::size const):
(JSC::Instruction::is const):
(JSC::Instruction::as const):
(JSC::Instruction::cast):
(JSC::Instruction::cast const):
(JSC::Instruction::narrow const):
(JSC::Instruction::wide const):

  • bytecode/InstructionStream.cpp: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp.

(JSC::InstructionStream::InstructionStream):
(JSC::InstructionStream::sizeInBytes const):

  • bytecode/InstructionStream.h: Added.

(JSC::InstructionStream::BaseRef::BaseRef):
(JSC::InstructionStream::BaseRef::operator=):
(JSC::InstructionStream::BaseRef::operator-> const):
(JSC::InstructionStream::BaseRef::ptr const):
(JSC::InstructionStream::BaseRef::operator!= const):
(JSC::InstructionStream::BaseRef::next const):
(JSC::InstructionStream::BaseRef::offset const):
(JSC::InstructionStream::BaseRef::isValid const):
(JSC::InstructionStream::BaseRef::unwrap const):
(JSC::InstructionStream::MutableRef::freeze const):
(JSC::InstructionStream::MutableRef::operator->):
(JSC::InstructionStream::MutableRef::ptr):
(JSC::InstructionStream::MutableRef::operator Ref):
(JSC::InstructionStream::MutableRef::unwrap):
(JSC::InstructionStream::iterator::operator*):
(JSC::InstructionStream::iterator::operator++):
(JSC::InstructionStream::begin const):
(JSC::InstructionStream::end const):
(JSC::InstructionStream::at const):
(JSC::InstructionStream::size const):
(JSC::InstructionStreamWriter::InstructionStreamWriter):
(JSC::InstructionStreamWriter::ref):
(JSC::InstructionStreamWriter::seek):
(JSC::InstructionStreamWriter::position):
(JSC::InstructionStreamWriter::write):
(JSC::InstructionStreamWriter::rewind):
(JSC::InstructionStreamWriter::finalize):
(JSC::InstructionStreamWriter::swap):
(JSC::InstructionStreamWriter::iterator::operator*):
(JSC::InstructionStreamWriter::iterator::operator++):
(JSC::InstructionStreamWriter::begin):
(JSC::InstructionStreamWriter::end):

  • bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.cpp:

(JSC::LLIntPrototypeLoadAdaptiveStructureWatchpoint::LLIntPrototypeLoadAdaptiveStructureWatchpoint):
(JSC::LLIntPrototypeLoadAdaptiveStructureWatchpoint::fireInternal):
(JSC::LLIntPrototypeLoadAdaptiveStructureWatchpoint::clearLLIntGetByIdCache):

  • bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.h:
  • bytecode/MetadataTable.cpp: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp.

(JSC::MetadataTable::MetadataTable):
(JSC::DeallocTable::withOpcodeType):
(JSC::MetadataTable::~MetadataTable):
(JSC::MetadataTable::sizeInBytes):

  • bytecode/MetadataTable.h: Copied from Source/JavaScriptCore/runtime/Watchdog.h.

(JSC::MetadataTable::get):
(JSC::MetadataTable::forEach):
(JSC::MetadataTable::getImpl):

  • bytecode/Opcode.cpp:

(JSC::metadataSize):

  • bytecode/Opcode.h:

(JSC::padOpcodeName):

  • bytecode/OpcodeInlines.h:

(JSC::isOpcodeShape):
(JSC::getOpcodeType):

  • bytecode/OpcodeSize.h: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp.
  • bytecode/PreciseJumpTargets.cpp:

(JSC::getJumpTargetsForInstruction):
(JSC::computePreciseJumpTargetsInternal):
(JSC::computePreciseJumpTargets):
(JSC::recomputePreciseJumpTargets):
(JSC::findJumpTargetsForInstruction):

  • bytecode/PreciseJumpTargets.h:
  • bytecode/PreciseJumpTargetsInlines.h:

(JSC::jumpTargetForInstruction):
(JSC::extractStoredJumpTargetsForInstruction):
(JSC::updateStoredJumpTargetsForInstruction):

  • bytecode/PutByIdStatus.cpp:

(JSC::PutByIdStatus::computeFromLLInt):

  • bytecode/SpecialPointer.cpp:

(WTF::printInternal):

  • bytecode/SpecialPointer.h:
  • bytecode/UnlinkedCodeBlock.cpp:

(JSC::UnlinkedCodeBlock::UnlinkedCodeBlock):
(JSC::UnlinkedCodeBlock::visitChildren):
(JSC::UnlinkedCodeBlock::estimatedSize):
(JSC::UnlinkedCodeBlock::lineNumberForBytecodeOffset):
(JSC::dumpLineColumnEntry):
(JSC::UnlinkedCodeBlock::expressionRangeForBytecodeOffset const):
(JSC::UnlinkedCodeBlock::setInstructions):
(JSC::UnlinkedCodeBlock::instructions const):
(JSC::UnlinkedCodeBlock::applyModification):
(JSC::UnlinkedCodeBlock::addOutOfLineJumpTarget):
(JSC::UnlinkedCodeBlock::outOfLineJumpOffset):

  • bytecode/UnlinkedCodeBlock.h:

(JSC::UnlinkedCodeBlock::addPropertyAccessInstruction):
(JSC::UnlinkedCodeBlock::propertyAccessInstructions const):
(JSC::UnlinkedCodeBlock::addOpProfileControlFlowBytecodeOffset):
(JSC::UnlinkedCodeBlock::opProfileControlFlowBytecodeOffsets const):
(JSC::UnlinkedCodeBlock::metadata):
(JSC::UnlinkedCodeBlock::metadataSizeInBytes):
(JSC::UnlinkedCodeBlock::outOfLineJumpOffset):
(JSC::UnlinkedCodeBlock::replaceOutOfLineJumpTargets):

  • bytecode/UnlinkedInstructionStream.cpp: Removed.
  • bytecode/UnlinkedInstructionStream.h: Removed.
  • bytecode/UnlinkedMetadataTable.h: Copied from Source/JavaScriptCore/bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.h.
  • bytecode/UnlinkedMetadataTableInlines.h: Added.

(JSC::UnlinkedMetadataTable::UnlinkedMetadataTable):
(JSC::UnlinkedMetadataTable::~UnlinkedMetadataTable):
(JSC::UnlinkedMetadataTable::addEntry):
(JSC::UnlinkedMetadataTable::sizeInBytes):
(JSC::UnlinkedMetadataTable::finalize):
(JSC::UnlinkedMetadataTable::link):
(JSC::UnlinkedMetadataTable::unlink):

  • bytecode/VirtualRegister.cpp:

(JSC::VirtualRegister::VirtualRegister):

  • bytecode/VirtualRegister.h:
  • bytecompiler/BytecodeGenerator.cpp:

(JSC::Label::setLocation):
(JSC::Label::bind):
(JSC::BytecodeGenerator::generate):
(JSC::BytecodeGenerator::BytecodeGenerator):
(JSC::BytecodeGenerator::initializeVarLexicalEnvironment):
(JSC::BytecodeGenerator::emitEnter):
(JSC::BytecodeGenerator::emitLoopHint):
(JSC::BytecodeGenerator::emitJump):
(JSC::BytecodeGenerator::emitCheckTraps):
(JSC::BytecodeGenerator::rewind):
(JSC::BytecodeGenerator::fuseCompareAndJump):
(JSC::BytecodeGenerator::fuseTestAndJmp):
(JSC::BytecodeGenerator::emitJumpIfTrue):
(JSC::BytecodeGenerator::emitJumpIfFalse):
(JSC::BytecodeGenerator::emitJumpIfNotFunctionCall):
(JSC::BytecodeGenerator::emitJumpIfNotFunctionApply):
(JSC::BytecodeGenerator::moveLinkTimeConstant):
(JSC::BytecodeGenerator::moveEmptyValue):
(JSC::BytecodeGenerator::emitMove):
(JSC::BytecodeGenerator::emitUnaryOp):
(JSC::BytecodeGenerator::emitBinaryOp):
(JSC::BytecodeGenerator::emitToObject):
(JSC::BytecodeGenerator::emitToNumber):
(JSC::BytecodeGenerator::emitToString):
(JSC::BytecodeGenerator::emitTypeOf):
(JSC::BytecodeGenerator::emitInc):
(JSC::BytecodeGenerator::emitDec):
(JSC::BytecodeGenerator::emitEqualityOp):
(JSC::BytecodeGenerator::emitProfileType):
(JSC::BytecodeGenerator::emitProfileControlFlow):
(JSC::BytecodeGenerator::pushLexicalScopeInternal):
(JSC::BytecodeGenerator::emitResolveScopeForHoistingFuncDeclInEval):
(JSC::BytecodeGenerator::prepareLexicalScopeForNextForLoopIteration):
(JSC::BytecodeGenerator::emitOverridesHasInstance):
(JSC::BytecodeGenerator::emitResolveScope):
(JSC::BytecodeGenerator::emitGetFromScope):
(JSC::BytecodeGenerator::emitPutToScope):
(JSC::BytecodeGenerator::emitInstanceOf):
(JSC::BytecodeGenerator::emitInstanceOfCustom):
(JSC::BytecodeGenerator::emitInByVal):
(JSC::BytecodeGenerator::emitInById):
(JSC::BytecodeGenerator::emitTryGetById):
(JSC::BytecodeGenerator::emitGetById):
(JSC::BytecodeGenerator::emitDirectGetById):
(JSC::BytecodeGenerator::emitPutById):
(JSC::BytecodeGenerator::emitDirectPutById):
(JSC::BytecodeGenerator::emitPutGetterById):
(JSC::BytecodeGenerator::emitPutSetterById):
(JSC::BytecodeGenerator::emitPutGetterSetter):
(JSC::BytecodeGenerator::emitPutGetterByVal):
(JSC::BytecodeGenerator::emitPutSetterByVal):
(JSC::BytecodeGenerator::emitDeleteById):
(JSC::BytecodeGenerator::emitGetByVal):
(JSC::BytecodeGenerator::emitPutByVal):
(JSC::BytecodeGenerator::emitDirectPutByVal):
(JSC::BytecodeGenerator::emitDeleteByVal):
(JSC::BytecodeGenerator::emitSuperSamplerBegin):
(JSC::BytecodeGenerator::emitSuperSamplerEnd):
(JSC::BytecodeGenerator::emitIdWithProfile):
(JSC::BytecodeGenerator::emitUnreachable):
(JSC::BytecodeGenerator::emitGetArgument):
(JSC::BytecodeGenerator::emitCreateThis):
(JSC::BytecodeGenerator::emitTDZCheck):
(JSC::BytecodeGenerator::emitNewObject):
(JSC::BytecodeGenerator::emitNewArrayBuffer):
(JSC::BytecodeGenerator::emitNewArray):
(JSC::BytecodeGenerator::emitNewArrayWithSpread):
(JSC::BytecodeGenerator::emitNewArrayWithSize):
(JSC::BytecodeGenerator::emitNewRegExp):
(JSC::BytecodeGenerator::emitNewFunctionExpressionCommon):
(JSC::BytecodeGenerator::emitNewDefaultConstructor):
(JSC::BytecodeGenerator::emitNewFunction):
(JSC::BytecodeGenerator::emitSetFunctionNameIfNeeded):
(JSC::BytecodeGenerator::emitCall):
(JSC::BytecodeGenerator::emitCallInTailPosition):
(JSC::BytecodeGenerator::emitCallEval):
(JSC::BytecodeGenerator::emitExpectedFunctionSnippet):
(JSC::BytecodeGenerator::emitCallVarargs):
(JSC::BytecodeGenerator::emitCallVarargsInTailPosition):
(JSC::BytecodeGenerator::emitConstructVarargs):
(JSC::BytecodeGenerator::emitCallForwardArgumentsInTailPosition):
(JSC::BytecodeGenerator::emitLogShadowChickenPrologueIfNecessary):
(JSC::BytecodeGenerator::emitLogShadowChickenTailIfNecessary):
(JSC::BytecodeGenerator::emitCallDefineProperty):
(JSC::BytecodeGenerator::emitReturn):
(JSC::BytecodeGenerator::emitEnd):
(JSC::BytecodeGenerator::emitConstruct):
(JSC::BytecodeGenerator::emitStrcat):
(JSC::BytecodeGenerator::emitToPrimitive):
(JSC::BytecodeGenerator::emitGetScope):
(JSC::BytecodeGenerator::emitPushWithScope):
(JSC::BytecodeGenerator::emitGetParentScope):
(JSC::BytecodeGenerator::emitDebugHook):
(JSC::BytecodeGenerator::emitCatch):
(JSC::BytecodeGenerator::emitThrow):
(JSC::BytecodeGenerator::emitArgumentCount):
(JSC::BytecodeGenerator::emitThrowStaticError):
(JSC::BytecodeGenerator::beginSwitch):
(JSC::prepareJumpTableForSwitch):
(JSC::prepareJumpTableForStringSwitch):
(JSC::BytecodeGenerator::endSwitch):
(JSC::BytecodeGenerator::emitGetEnumerableLength):
(JSC::BytecodeGenerator::emitHasGenericProperty):
(JSC::BytecodeGenerator::emitHasIndexedProperty):
(JSC::BytecodeGenerator::emitHasStructureProperty):
(JSC::BytecodeGenerator::emitGetPropertyEnumerator):
(JSC::BytecodeGenerator::emitEnumeratorStructurePropertyName):
(JSC::BytecodeGenerator::emitEnumeratorGenericPropertyName):
(JSC::BytecodeGenerator::emitToIndexString):
(JSC::BytecodeGenerator::emitIsCellWithType):
(JSC::BytecodeGenerator::emitIsObject):
(JSC::BytecodeGenerator::emitIsNumber):
(JSC::BytecodeGenerator::emitIsUndefined):
(JSC::BytecodeGenerator::emitIsEmpty):
(JSC::BytecodeGenerator::emitRestParameter):
(JSC::BytecodeGenerator::emitRequireObjectCoercible):
(JSC::BytecodeGenerator::emitYieldPoint):
(JSC::BytecodeGenerator::emitYield):
(JSC::BytecodeGenerator::emitGetAsyncIterator):
(JSC::BytecodeGenerator::emitDelegateYield):
(JSC::BytecodeGenerator::emitFinallyCompletion):
(JSC::BytecodeGenerator::emitJumpIf):
(JSC::ForInContext::finalize):
(JSC::StructureForInContext::finalize):
(JSC::IndexedForInContext::finalize):
(JSC::StaticPropertyAnalysis::record):
(JSC::BytecodeGenerator::emitToThis):

  • bytecompiler/BytecodeGenerator.h:

(JSC::StructureForInContext::addGetInst):
(JSC::BytecodeGenerator::recordOpcode):
(JSC::BytecodeGenerator::addMetadataFor):
(JSC::BytecodeGenerator::emitUnaryOp):
(JSC::BytecodeGenerator::kill):
(JSC::BytecodeGenerator::instructions const):
(JSC::BytecodeGenerator::write):
(JSC::BytecodeGenerator::withWriter):

  • bytecompiler/Label.h:

(JSC::Label::Label):
(JSC::Label::bind):

  • bytecompiler/NodesCodegen.cpp:

(JSC::ArrayNode::emitBytecode):
(JSC::BytecodeIntrinsicNode::emit_intrinsic_argumentCount):
(JSC::ApplyFunctionCallDotNode::emitBytecode):
(JSC::BitwiseNotNode::emitBytecode):
(JSC::BinaryOpNode::emitBytecode):
(JSC::EqualNode::emitBytecode):
(JSC::StrictEqualNode::emitBytecode):
(JSC::emitReadModifyAssignment):
(JSC::ForInNode::emitBytecode):
(JSC::CaseBlockNode::emitBytecodeForBlock):
(JSC::FunctionNode::emitBytecode):
(JSC::ClassExprNode::emitBytecode):

  • bytecompiler/ProfileTypeBytecodeFlag.cpp: Copied from Source/JavaScriptCore/bytecode/VirtualRegister.cpp.

(WTF::printInternal):

  • bytecompiler/ProfileTypeBytecodeFlag.h: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp.
  • bytecompiler/RegisterID.h:
  • bytecompiler/StaticPropertyAnalysis.h:

(JSC::StaticPropertyAnalysis::create):
(JSC::StaticPropertyAnalysis::StaticPropertyAnalysis):

  • bytecompiler/StaticPropertyAnalyzer.h:

(JSC::StaticPropertyAnalyzer::createThis):
(JSC::StaticPropertyAnalyzer::newObject):
(JSC::StaticPropertyAnalyzer::putById):
(JSC::StaticPropertyAnalyzer::mov):
(JSC::StaticPropertyAnalyzer::kill):

  • dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::addCall):
(JSC::DFG::ByteCodeParser::getPredictionWithoutOSRExit):
(JSC::DFG::ByteCodeParser::getArrayMode):
(JSC::DFG::ByteCodeParser::handleCall):
(JSC::DFG::ByteCodeParser::handleVarargsCall):
(JSC::DFG::ByteCodeParser::handleRecursiveTailCall):
(JSC::DFG::ByteCodeParser::inlineCall):
(JSC::DFG::ByteCodeParser::handleCallVariant):
(JSC::DFG::ByteCodeParser::handleVarargsInlining):
(JSC::DFG::ByteCodeParser::handleInlining):
(JSC::DFG::ByteCodeParser::handleMinMax):
(JSC::DFG::ByteCodeParser::handleIntrinsicCall):
(JSC::DFG::ByteCodeParser::handleDOMJITCall):
(JSC::DFG::ByteCodeParser::handleIntrinsicGetter):
(JSC::DFG::ByteCodeParser::handleDOMJITGetter):
(JSC::DFG::ByteCodeParser::handleModuleNamespaceLoad):
(JSC::DFG::ByteCodeParser::handleTypedArrayConstructor):
(JSC::DFG::ByteCodeParser::handleConstantInternalFunction):
(JSC::DFG::ByteCodeParser::handleGetById):
(JSC::DFG::ByteCodeParser::handlePutById):
(JSC::DFG::ByteCodeParser::parseGetById):
(JSC::DFG::ByteCodeParser::parseBlock):
(JSC::DFG::ByteCodeParser::parseCodeBlock):
(JSC::DFG::ByteCodeParser::handlePutByVal):
(JSC::DFG::ByteCodeParser::handlePutAccessorById):
(JSC::DFG::ByteCodeParser::handlePutAccessorByVal):
(JSC::DFG::ByteCodeParser::handleNewFunc):
(JSC::DFG::ByteCodeParser::handleNewFuncExp):
(JSC::DFG::ByteCodeParser::parse):

  • dfg/DFGCapabilities.cpp:

(JSC::DFG::capabilityLevel):

  • dfg/DFGCapabilities.h:

(JSC::DFG::capabilityLevel):

  • dfg/DFGOSREntry.cpp:

(JSC::DFG::prepareCatchOSREntry):

  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compileValueAdd):
(JSC::DFG::SpeculativeJIT::compileValueSub):
(JSC::DFG::SpeculativeJIT::compileValueNegate):
(JSC::DFG::SpeculativeJIT::compileArithMul):

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileValueAdd):
(JSC::FTL::DFG::LowerDFGToB3::compileValueSub):
(JSC::FTL::DFG::LowerDFGToB3::compileUnaryMathIC):
(JSC::FTL::DFG::LowerDFGToB3::compileBinaryMathIC):
(JSC::FTL::DFG::LowerDFGToB3::compileArithAddOrSub):
(JSC::FTL::DFG::LowerDFGToB3::compileArithMul):
(JSC::FTL::DFG::LowerDFGToB3::compileValueNegate):

  • ftl/FTLOperations.cpp:

(JSC::FTL::operationMaterializeObjectInOSR):

  • generate-bytecode-files: Removed.
  • generator/Argument.rb: Added.
  • generator/Assertion.rb: Added.
  • generator/DSL.rb: Added.
  • generator/Fits.rb: Added.
  • generator/GeneratedFile.rb: Added.
  • generator/Metadata.rb: Added.
  • generator/Opcode.rb: Added.
  • generator/OpcodeGroup.rb: Added.
  • generator/Options.rb: Added.
  • generator/Section.rb: Added.
  • generator/Template.rb: Added.
  • generator/Type.rb: Added.
  • generator/main.rb: Added.
  • interpreter/AbstractPC.h:
  • interpreter/CallFrame.cpp:

(JSC::CallFrame::currentVPC const):
(JSC::CallFrame::setCurrentVPC):

  • interpreter/CallFrame.h:

(JSC::CallSiteIndex::CallSiteIndex):
(JSC::ExecState::setReturnPC):

  • interpreter/Interpreter.cpp:

(WTF::printInternal):

  • interpreter/Interpreter.h:
  • interpreter/InterpreterInlines.h:
  • interpreter/StackVisitor.cpp:

(JSC::StackVisitor::Frame::dump const):

  • interpreter/VMEntryRecord.h:
  • jit/JIT.cpp:

(JSC::JIT::JIT):
(JSC::JIT::emitSlowCaseCall):
(JSC::JIT::privateCompileMainPass):
(JSC::JIT::privateCompileSlowCases):
(JSC::JIT::compileWithoutLinking):
(JSC::JIT::link):

  • jit/JIT.h:
  • jit/JITArithmetic.cpp:

(JSC::JIT::emit_op_jless):
(JSC::JIT::emit_op_jlesseq):
(JSC::JIT::emit_op_jgreater):
(JSC::JIT::emit_op_jgreatereq):
(JSC::JIT::emit_op_jnless):
(JSC::JIT::emit_op_jnlesseq):
(JSC::JIT::emit_op_jngreater):
(JSC::JIT::emit_op_jngreatereq):
(JSC::JIT::emitSlow_op_jless):
(JSC::JIT::emitSlow_op_jlesseq):
(JSC::JIT::emitSlow_op_jgreater):
(JSC::JIT::emitSlow_op_jgreatereq):
(JSC::JIT::emitSlow_op_jnless):
(JSC::JIT::emitSlow_op_jnlesseq):
(JSC::JIT::emitSlow_op_jngreater):
(JSC::JIT::emitSlow_op_jngreatereq):
(JSC::JIT::emit_op_below):
(JSC::JIT::emit_op_beloweq):
(JSC::JIT::emit_op_jbelow):
(JSC::JIT::emit_op_jbeloweq):
(JSC::JIT::emit_op_unsigned):
(JSC::JIT::emit_compareAndJump):
(JSC::JIT::emit_compareUnsignedAndJump):
(JSC::JIT::emit_compareUnsigned):
(JSC::JIT::emit_compareAndJumpSlow):
(JSC::JIT::emit_op_inc):
(JSC::JIT::emit_op_dec):
(JSC::JIT::emit_op_mod):
(JSC::JIT::emitSlow_op_mod):
(JSC::JIT::emit_op_negate):
(JSC::JIT::emitSlow_op_negate):
(JSC::JIT::emitBitBinaryOpFastPath):
(JSC::JIT::emit_op_bitand):
(JSC::JIT::emit_op_bitor):
(JSC::JIT::emit_op_bitxor):
(JSC::JIT::emit_op_lshift):
(JSC::JIT::emitRightShiftFastPath):
(JSC::JIT::emit_op_rshift):
(JSC::JIT::emit_op_urshift):
(JSC::getOperandTypes):
(JSC::JIT::emit_op_add):
(JSC::JIT::emitSlow_op_add):
(JSC::JIT::emitMathICFast):
(JSC::JIT::emitMathICSlow):
(JSC::JIT::emit_op_div):
(JSC::JIT::emit_op_mul):
(JSC::JIT::emitSlow_op_mul):
(JSC::JIT::emit_op_sub):
(JSC::JIT::emitSlow_op_sub):

  • jit/JITCall.cpp:

(JSC::JIT::emitPutCallResult):
(JSC::JIT::compileSetupFrame):
(JSC::JIT::compileCallEval):
(JSC::JIT::compileCallEvalSlowCase):
(JSC::JIT::compileTailCall):
(JSC::JIT::compileOpCall):
(JSC::JIT::compileOpCallSlowCase):
(JSC::JIT::emit_op_call):
(JSC::JIT::emit_op_tail_call):
(JSC::JIT::emit_op_call_eval):
(JSC::JIT::emit_op_call_varargs):
(JSC::JIT::emit_op_tail_call_varargs):
(JSC::JIT::emit_op_tail_call_forward_arguments):
(JSC::JIT::emit_op_construct_varargs):
(JSC::JIT::emit_op_construct):
(JSC::JIT::emitSlow_op_call):
(JSC::JIT::emitSlow_op_tail_call):
(JSC::JIT::emitSlow_op_call_eval):
(JSC::JIT::emitSlow_op_call_varargs):
(JSC::JIT::emitSlow_op_tail_call_varargs):
(JSC::JIT::emitSlow_op_tail_call_forward_arguments):
(JSC::JIT::emitSlow_op_construct_varargs):
(JSC::JIT::emitSlow_op_construct):

  • jit/JITDisassembler.cpp:

(JSC::JITDisassembler::JITDisassembler):

  • jit/JITExceptions.cpp:

(JSC::genericUnwind):

  • jit/JITInlines.h:

(JSC::JIT::emitDoubleGetByVal):
(JSC::JIT::emitLoadForArrayMode):
(JSC::JIT::emitContiguousGetByVal):
(JSC::JIT::emitArrayStorageGetByVal):
(JSC::JIT::appendCallWithExceptionCheckSetJSValueResultWithProfile):
(JSC::JIT::sampleInstruction):
(JSC::JIT::emitValueProfilingSiteIfProfiledOpcode):
(JSC::JIT::emitValueProfilingSite):
(JSC::JIT::jumpTarget):
(JSC::JIT::copiedGetPutInfo):
(JSC::JIT::copiedArithProfile):

  • jit/JITMathIC.h:

(JSC::isProfileEmpty):
(JSC::JITBinaryMathIC::JITBinaryMathIC):
(JSC::JITUnaryMathIC::JITUnaryMathIC):

  • jit/JITOpcodes.cpp:

(JSC::JIT::emit_op_mov):
(JSC::JIT::emit_op_end):
(JSC::JIT::emit_op_jmp):
(JSC::JIT::emit_op_new_object):
(JSC::JIT::emitSlow_op_new_object):
(JSC::JIT::emit_op_overrides_has_instance):
(JSC::JIT::emit_op_instanceof):
(JSC::JIT::emitSlow_op_instanceof):
(JSC::JIT::emit_op_instanceof_custom):
(JSC::JIT::emit_op_is_empty):
(JSC::JIT::emit_op_is_undefined):
(JSC::JIT::emit_op_is_boolean):
(JSC::JIT::emit_op_is_number):
(JSC::JIT::emit_op_is_cell_with_type):
(JSC::JIT::emit_op_is_object):
(JSC::JIT::emit_op_ret):
(JSC::JIT::emit_op_to_primitive):
(JSC::JIT::emit_op_set_function_name):
(JSC::JIT::emit_op_not):
(JSC::JIT::emit_op_jfalse):
(JSC::JIT::emit_op_jeq_null):
(JSC::JIT::emit_op_jneq_null):
(JSC::JIT::emit_op_jneq_ptr):
(JSC::JIT::emit_op_eq):
(JSC::JIT::emit_op_jeq):
(JSC::JIT::emit_op_jtrue):
(JSC::JIT::emit_op_neq):
(JSC::JIT::emit_op_jneq):
(JSC::JIT::emit_op_throw):
(JSC::JIT::compileOpStrictEq):
(JSC::JIT::emit_op_stricteq):
(JSC::JIT::emit_op_nstricteq):
(JSC::JIT::compileOpStrictEqJump):
(JSC::JIT::emit_op_jstricteq):
(JSC::JIT::emit_op_jnstricteq):
(JSC::JIT::emitSlow_op_jstricteq):
(JSC::JIT::emitSlow_op_jnstricteq):
(JSC::JIT::emit_op_to_number):
(JSC::JIT::emit_op_to_string):
(JSC::JIT::emit_op_to_object):
(JSC::JIT::emit_op_catch):
(JSC::JIT::emit_op_identity_with_profile):
(JSC::JIT::emit_op_get_parent_scope):
(JSC::JIT::emit_op_switch_imm):
(JSC::JIT::emit_op_switch_char):
(JSC::JIT::emit_op_switch_string):
(JSC::JIT::emit_op_debug):
(JSC::JIT::emit_op_eq_null):
(JSC::JIT::emit_op_neq_null):
(JSC::JIT::emit_op_enter):
(JSC::JIT::emit_op_get_scope):
(JSC::JIT::emit_op_to_this):
(JSC::JIT::emit_op_create_this):
(JSC::JIT::emit_op_check_tdz):
(JSC::JIT::emitSlow_op_eq):
(JSC::JIT::emitSlow_op_neq):
(JSC::JIT::emitSlow_op_jeq):
(JSC::JIT::emitSlow_op_jneq):
(JSC::JIT::emitSlow_op_instanceof_custom):
(JSC::JIT::emit_op_loop_hint):
(JSC::JIT::emitSlow_op_loop_hint):
(JSC::JIT::emit_op_check_traps):
(JSC::JIT::emit_op_nop):
(JSC::JIT::emit_op_super_sampler_begin):
(JSC::JIT::emit_op_super_sampler_end):
(JSC::JIT::emitSlow_op_check_traps):
(JSC::JIT::emit_op_new_regexp):
(JSC::JIT::emitNewFuncCommon):
(JSC::JIT::emit_op_new_func):
(JSC::JIT::emit_op_new_generator_func):
(JSC::JIT::emit_op_new_async_generator_func):
(JSC::JIT::emit_op_new_async_func):
(JSC::JIT::emitNewFuncExprCommon):
(JSC::JIT::emit_op_new_func_exp):
(JSC::JIT::emit_op_new_generator_func_exp):
(JSC::JIT::emit_op_new_async_func_exp):
(JSC::JIT::emit_op_new_async_generator_func_exp):
(JSC::JIT::emit_op_new_array):
(JSC::JIT::emit_op_new_array_with_size):
(JSC::JIT::emit_op_has_structure_property):
(JSC::JIT::privateCompileHasIndexedProperty):
(JSC::JIT::emit_op_has_indexed_property):
(JSC::JIT::emitSlow_op_has_indexed_property):
(JSC::JIT::emit_op_get_direct_pname):
(JSC::JIT::emit_op_enumerator_structure_pname):
(JSC::JIT::emit_op_enumerator_generic_pname):
(JSC::JIT::emit_op_profile_type):
(JSC::JIT::emit_op_log_shadow_chicken_prologue):
(JSC::JIT::emit_op_log_shadow_chicken_tail):
(JSC::JIT::emit_op_profile_control_flow):
(JSC::JIT::emit_op_argument_count):
(JSC::JIT::emit_op_get_rest_length):
(JSC::JIT::emit_op_get_argument):

  • jit/JITOpcodes32_64.cpp:

(JSC::JIT::emit_op_to_this):

  • jit/JITOperations.cpp:
  • jit/JITOperations.h:
  • jit/JITPropertyAccess.cpp:

(JSC::JIT::emit_op_get_by_val):
(JSC::JIT::emitGetByValWithCachedId):
(JSC::JIT::emitSlow_op_get_by_val):
(JSC::JIT::emit_op_put_by_val_direct):
(JSC::JIT::emit_op_put_by_val):
(JSC::JIT::emitGenericContiguousPutByVal):
(JSC::JIT::emitArrayStoragePutByVal):
(JSC::JIT::emitPutByValWithCachedId):
(JSC::JIT::emitSlow_op_put_by_val):
(JSC::JIT::emit_op_put_getter_by_id):
(JSC::JIT::emit_op_put_setter_by_id):
(JSC::JIT::emit_op_put_getter_setter_by_id):
(JSC::JIT::emit_op_put_getter_by_val):
(JSC::JIT::emit_op_put_setter_by_val):
(JSC::JIT::emit_op_del_by_id):
(JSC::JIT::emit_op_del_by_val):
(JSC::JIT::emit_op_try_get_by_id):
(JSC::JIT::emitSlow_op_try_get_by_id):
(JSC::JIT::emit_op_get_by_id_direct):
(JSC::JIT::emitSlow_op_get_by_id_direct):
(JSC::JIT::emit_op_get_by_id):
(JSC::JIT::emit_op_get_by_id_with_this):
(JSC::JIT::emitSlow_op_get_by_id):
(JSC::JIT::emitSlow_op_get_by_id_with_this):
(JSC::JIT::emit_op_put_by_id):
(JSC::JIT::emitSlow_op_put_by_id):
(JSC::JIT::emit_op_in_by_id):
(JSC::JIT::emitSlow_op_in_by_id):
(JSC::JIT::emit_op_resolve_scope):
(JSC::JIT::emit_op_get_from_scope):
(JSC::JIT::emitSlow_op_get_from_scope):
(JSC::JIT::emit_op_put_to_scope):
(JSC::JIT::emitSlow_op_put_to_scope):
(JSC::JIT::emit_op_get_from_arguments):
(JSC::JIT::emit_op_put_to_arguments):
(JSC::JIT::privateCompileGetByVal):
(JSC::JIT::privateCompileGetByValWithCachedId):
(JSC::JIT::privateCompilePutByVal):
(JSC::JIT::privateCompilePutByValWithCachedId):
(JSC::JIT::emitDoubleLoad):
(JSC::JIT::emitContiguousLoad):
(JSC::JIT::emitArrayStorageLoad):
(JSC::JIT::emitDirectArgumentsGetByVal):
(JSC::JIT::emitScopedArgumentsGetByVal):
(JSC::JIT::emitIntTypedArrayGetByVal):
(JSC::JIT::emitFloatTypedArrayGetByVal):
(JSC::JIT::emitIntTypedArrayPutByVal):
(JSC::JIT::emitFloatTypedArrayPutByVal):

  • jit/RegisterSet.cpp:

(JSC::RegisterSet::llintBaselineCalleeSaveRegisters):

  • jit/SlowPathCall.h:

(JSC::JITSlowPathCall::JITSlowPathCall):

  • llint/LLIntData.cpp:

(JSC::LLInt::initialize):
(JSC::LLInt::Data::performAssertions):

  • llint/LLIntData.h:

(JSC::LLInt::exceptionInstructions):
(JSC::LLInt::opcodeMap):
(JSC::LLInt::opcodeMapWide):
(JSC::LLInt::getOpcode):
(JSC::LLInt::getOpcodeWide):
(JSC::LLInt::getWideCodePtr):

  • llint/LLIntOffsetsExtractor.cpp:
  • llint/LLIntSlowPaths.cpp:

(JSC::LLInt::llint_trace_operand):
(JSC::LLInt::llint_trace_value):
(JSC::LLInt::LLINT_SLOW_PATH_DECL):
(JSC::LLInt::entryOSR):
(JSC::LLInt::setupGetByIdPrototypeCache):
(JSC::LLInt::getByVal):
(JSC::LLInt::handleHostCall):
(JSC::LLInt::setUpCall):
(JSC::LLInt::genericCall):
(JSC::LLInt::varargsSetup):
(JSC::LLInt::commonCallEval):

  • llint/LLIntSlowPaths.h:
  • llint/LowLevelInterpreter.asm:
  • llint/LowLevelInterpreter.cpp:

(JSC::CLoopRegister::operator const Instruction*):
(JSC::CLoop::execute):

  • llint/LowLevelInterpreter32_64.asm:
  • llint/LowLevelInterpreter64.asm:
  • offlineasm/arm64.rb:
  • offlineasm/asm.rb:
  • offlineasm/ast.rb:
  • offlineasm/cloop.rb:
  • offlineasm/generate_offset_extractor.rb:
  • offlineasm/instructions.rb:
  • offlineasm/offsets.rb:
  • offlineasm/parser.rb:
  • offlineasm/transform.rb:
  • offlineasm/x86.rb:
  • parser/ResultType.h:

(JSC::ResultType::dump const):
(JSC::OperandTypes::first const):
(JSC::OperandTypes::second const):
(JSC::OperandTypes::dump const):

  • profiler/ProfilerBytecodeSequence.cpp:

(JSC::Profiler::BytecodeSequence::BytecodeSequence):

  • runtime/CommonSlowPaths.cpp:

(JSC::SLOW_PATH_DECL):
(JSC::updateArithProfileForUnaryArithOp):
(JSC::updateArithProfileForBinaryArithOp):

  • runtime/CommonSlowPaths.h:

(JSC::CommonSlowPaths::tryCachePutToScopeGlobal):
(JSC::CommonSlowPaths::tryCacheGetFromScopeGlobal):

  • runtime/ExceptionFuzz.cpp:

(JSC::doExceptionFuzzing):

  • runtime/ExceptionFuzz.h:

(JSC::doExceptionFuzzingIfEnabled):

  • runtime/GetPutInfo.cpp: Copied from Source/JavaScriptCore/bytecode/SpecialPointer.cpp.

(JSC::GetPutInfo::dump const):
(WTF::printInternal):

  • runtime/GetPutInfo.h:

(JSC::GetPutInfo::operand const):

  • runtime/JSCPoison.h:
  • runtime/JSType.cpp: Added.

(WTF::printInternal):

  • runtime/JSType.h:
  • runtime/SamplingProfiler.cpp:

(JSC::SamplingProfiler::StackFrame::displayName):

  • runtime/SamplingProfiler.h:

(JSC::SamplingProfiler::UnprocessedStackFrame::UnprocessedStackFrame):

  • runtime/SlowPathReturnType.h:

(JSC::encodeResult):
(JSC::decodeResult):

  • runtime/VM.h:
  • runtime/Watchdog.h:
  • tools/HeapVerifier.cpp:

Source/WTF:

  • wtf/Forward.h: Fix WTF_LAZY_FOR_EACH_TERM on MSVC and add WTF_LAZY_HAS_REST to check whether

a macro was passed multiple arguments

  • wtf/Platform.h: Force ENABLE_JIT=false on all 32-bit platforms
  • wtf/Vector.h:

(WTF::minCapacity>::insertVector): Allow vectors with different overflow handlers to be passed to insertVector

Tools:

Do not force ENABLE_JIT=true when $forceCLoop is false.

  • Scripts/build-jsc:

LayoutTests:

Don't use recursion on equal to avoid premature stack overflows when testing deep arrays.

  • fast/dom/Window/resources/postmessage-test.js:
12:33 PM Changeset in webkit [237478] by commit-queue@webkit.org
  • 13 edits in trunk/Source/JavaScriptCore

Unreviewed, rolling out r237445.
https://bugs.webkit.org/show_bug.cgi?id=190972

Cause performance regression on iOS devices (Requested by
yusukesuzuki on #webkit).

Reverted changeset:

"Unreviewed, partial rolling in r237254"
https://bugs.webkit.org/show_bug.cgi?id=190340
https://trac.webkit.org/changeset/237445

12:10 PM Changeset in webkit [237477] by mark.lam@apple.com
  • 9 edits
    1 copy in branches/safari-606-branch

Cherry-pick r237469. rdar://problem/45363534

2018-10-26 Mark Lam <mark.lam@apple.com>

Fix missing edge cases with JSGlobalObjects having a bad time.
https://bugs.webkit.org/show_bug.cgi?id=189028
<rdar://problem/45204939>

Reviewed by Saam Barati.

JSTests:

  • stress/regress-189028.js: Added.

Source/JavaScriptCore:

Consider the following scenario:

let object O1 (of global G1) have an indexing type that is not SlowPut.
let global G2 have a bad time.
let object O2 (of global G2) be set as the prototype of O1.
let object O3 (of global G2) have indexed accessors.

In the existing code, if we set O3 as O2's prototype, we'll have a bug where
O1 will not be made aware that that there are indexed accessors in its prototype
chain.

In this patch, we solve this issue by introducing a new invariant:

A prototype chain is considered to possibly have indexed accessors if any
object in the chain belongs to a global object that is having a bad time.

We apply this invariant as follows:

  1. Enhance JSGlobalObject::haveABadTime() to also check if other global objects are affected by it having a bad time. If so, it also ensures that those affected global objects have a bad time.

The original code for JSGlobalObject::haveABadTime() uses a ObjectsWithBrokenIndexingFinder
to find all objects affected by the global object having a bad time. We enhance
ObjectsWithBrokenIndexingFinder to also check for the possibility that any global
objects may be affected by other global objects having a bad time i.e.

let g1 = global1
let g2 = global2
let o1 = an object in g1
let o2 = an object in g2

let g1 have a bad time
g2 is affected if

o1 is in the prototype chain of o2,
and o2 may be a prototype.

If the ObjectsWithBrokenIndexingFinder does find the possibility of other global
objects being affected, it will abort its heap scan and let haveABadTime() take
a slow path to do a more complete multi global object scan.

The slow path works as follows:

  1. Iterate the heap and record the graph of all global object dependencies.

For each global object, record the list of other global objects that are
affected by it.

  1. Compute a list of global objects that need to have a bad time using the current global object dependency graph.
  1. For each global object in the list of affected global objects, fire their HaveABadTime watchpoint and convert all their array structures to the SlowPut alternatives.
  1. Re-run ObjectsWithBrokenIndexingFinder to find all objects that are affected by any of the globals in the list from (2).
  1. Enhance Structure::mayInterceptIndexedAccesses() to also return true if the structure's global object is having a bad time.

Note: there are 3 scenarios that we need to consider:

let g1 = global1
let g2 = global2
let o1 = an object in g1
let o2 = an object in g2

Scenario 1: o2 is a prototype, and

g1 has a bad time after o1 is inserted into the o2's prototype chain.

Scenario 2: o2 is a prototype, and

o1 is inserted into the o2's prototype chain after g1 has a bad time.

Scenario 3: o2 is NOT a prototype, and

o1 is inserted into the o2's prototype chain after g1 has a bad time.

For scenario 1, when g1 has a bad time, we need to also make sure g2 has
a bad time. This is handled by enhancement 1 above.

For scenario 2, when o1 is inserted into o2's prototype chain, we need to check
if o1's global object has a bad time. If so, then we need to make sure o2's
global also has a bad time (because o2 is a prototype) and convert o2's
storage type to SlowPut. This is handled by enhancement 2 above in conjunction
with JSObject::setPrototypeDirect().

For scenario 3, when o1 is inserted into o2's prototype chain, we need to check
if o1's global object has a bad time. If so, then we only need to convert o2's
storage type to SlowPut (because o2 is NOT a prototype). This is handled by
enhancement 2 above.

  1. Also add $vm.isHavingABadTime(), $vm.createGlobalObject() to enable us to write some tests for this issue.
  • runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::fireWatchpointAndMakeAllArrayStructuresSlowPut): (JSC::JSGlobalObject::haveABadTime):
  • runtime/JSGlobalObject.h:
  • runtime/JSObject.h: (JSC::JSObject::mayInterceptIndexedAccesses): Deleted.
  • runtime/JSObjectInlines.h: (JSC::JSObject::mayInterceptIndexedAccesses):
  • runtime/Structure.h:
  • runtime/StructureInlines.h: (JSC::Structure::mayInterceptIndexedAccesses const):
  • tools/JSDollarVM.cpp: (JSC::functionHaveABadTime): (JSC::functionIsHavingABadTime): (JSC::functionCreateGlobalObject): (JSC::JSDollarVM::finishCreation):
11:58 AM Changeset in webkit [237476] by ggaren@apple.com
  • 4 edits in trunk

HashMap should support selecting a random entry
https://bugs.webkit.org/show_bug.cgi?id=190814

Reviewed by Antti Koivisto.

Source/WTF:

  • wtf/HashTable.h:

(WTF::HashTable::random):
(WTF::HashTable::random const): Draw a new random bucket any time we
have a miss, to avoid bias caused by lopsided tables.

Tools:

  • TestWebKitAPI/Tests/WTF/HashMap.cpp: Updated the Random_IsRandom to

more thoroughly test for randomness.

11:55 AM Changeset in webkit [237475] by graouts@webkit.org
  • 7 edits in trunk/LayoutTests/imported

[Web Animations] Rebase some flaky tests
https://bugs.webkit.org/show_bug.cgi?id=190969

Reviewed by Dean Jackson.

A few Web Animations tests that are flaky have outdated expectations. Rebasing them to have the output
that is most likely to be produced.

LayoutTests/imported/mozilla:

  • css-animations/test_document-get-animations-expected.txt:

LayoutTests/imported/w3c:

  • web-platform-tests/web-animations/animation-model/keyframe-effects/effect-value-context-expected.txt:
  • web-platform-tests/web-animations/interfaces/Animatable/animate-expected.txt:
  • web-platform-tests/web-animations/timing-model/animations/current-time-expected.txt:
  • web-platform-tests/web-animations/timing-model/animations/updating-the-finished-state-expected.txt:
11:53 AM Changeset in webkit [237474] by graouts@webkit.org
  • 9 edits
    2 deletes in trunk

[Web Animations] Remove useless internals methods
https://bugs.webkit.org/show_bug.cgi?id=190968

Reviewed by Dean Jackson.

Source/WebCore:

We had a few internals methods added early on in the Web Animations implementation that are no longer
relevant now that the full API is implemented. We can safely remove them now.

  • animation/AnimationTimeline.cpp:

(WebCore::AnimationTimeline::setCurrentTime): Deleted.
(WebCore::AnimationTimeline::description): Deleted.

  • animation/AnimationTimeline.h:

(WebCore::AnimationTimeline::currentTime):
(WebCore::AnimationTimeline::pause): Deleted.

  • animation/DocumentTimeline.cpp:

(WebCore::DocumentTimeline::currentTime):
(WebCore::DocumentTimeline::pause): Deleted.

  • animation/DocumentTimeline.h:
  • testing/Internals.cpp:

(WebCore::Internals::timelineDescription): Deleted.
(WebCore::Internals::pauseTimeline): Deleted.
(WebCore::Internals::setTimelineCurrentTime): Deleted.

  • testing/Internals.h:
  • testing/Internals.idl:

LayoutTests:

Remove a test that is no longer useful.

  • webanimations/animation-creation-addition-expected.txt: Removed.
  • webanimations/animation-creation-addition.html: Removed.
11:51 AM Changeset in webkit [237473] by Alan Coon
  • 1 edit in branches/safari-606-branch/Source/JavaScriptCore/assembler/AssemblerBuffer.h

Apply patch. rdar://problem/45572041

11:51 AM Changeset in webkit [237472] by Alan Coon
  • 2 edits in branches/safari-606-branch/Source/JavaScriptCore

Cherry-pick r236606. rdar://problem/45285669

Gardening: speculative build fix.
<rdar://problem/44869924>

Not reviewed.

  • assembler/LinkBuffer.cpp: (JSC::LinkBuffer::copyCompactAndLinkCode):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@236606 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:51 AM Changeset in webkit [237471] by Alan Coon
  • 3 edits in branches/safari-606-branch/Source/JavaScriptCore

Cherry-pick r236604. rdar://problem/45285669

[JSC] [Armv7] Add a copy function argument to MacroAssemblerARMv7::link() and pass it down to the assembler's linking functions.
https://bugs.webkit.org/show_bug.cgi?id=190080

Reviewed by Mark Lam.

  • assembler/ARMv7Assembler.h: (JSC::ARMv7Assembler::link): (JSC::ARMv7Assembler::linkJumpT1): (JSC::ARMv7Assembler::linkJumpT2): (JSC::ARMv7Assembler::linkJumpT3): (JSC::ARMv7Assembler::linkJumpT4): (JSC::ARMv7Assembler::linkConditionalJumpT4): (JSC::ARMv7Assembler::linkBX): (JSC::ARMv7Assembler::linkConditionalBX):
  • assembler/MacroAssemblerARMv7.h: (JSC::MacroAssemblerARMv7::link):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@236604 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:51 AM Changeset in webkit [237470] by Alan Coon
  • 14 edits in branches/safari-606-branch

Cherry-pick r236589. rdar://problem/45285669

Verify the contents of AssemblerBuffer on arm64e
https://bugs.webkit.org/show_bug.cgi?id=190057
<rdar://problem/38916630>

Reviewed by Mark Lam.

JSTests:

  • stress/regress-189132.js:

Source/JavaScriptCore:

  • assembler/ARM64Assembler.h: (JSC::ARM64Assembler::ARM64Assembler): (JSC::ARM64Assembler::fillNops): (JSC::ARM64Assembler::link): (JSC::ARM64Assembler::linkJumpOrCall): (JSC::ARM64Assembler::linkCompareAndBranch): (JSC::ARM64Assembler::linkConditionalBranch): (JSC::ARM64Assembler::linkTestAndBranch): (JSC::ARM64Assembler::unlinkedCode): Deleted.
  • assembler/ARMAssembler.h: (JSC::ARMAssembler::fillNops):
  • assembler/ARMv7Assembler.h: (JSC::ARMv7Assembler::unlinkedCode): Deleted.
  • assembler/AbstractMacroAssembler.h: (JSC::AbstractMacroAssembler::emitNops): (JSC::AbstractMacroAssembler::AbstractMacroAssembler):
  • assembler/AssemblerBuffer.h: (JSC::ARM64EHash::ARM64EHash): (JSC::ARM64EHash::update): (JSC::ARM64EHash::hash const): (JSC::ARM64EHash::randomSeed const): (JSC::AssemblerBuffer::AssemblerBuffer): (JSC::AssemblerBuffer::putShort): (JSC::AssemblerBuffer::putIntUnchecked): (JSC::AssemblerBuffer::putInt): (JSC::AssemblerBuffer::hash const): (JSC::AssemblerBuffer::data const): (JSC::AssemblerBuffer::putIntegralUnchecked): (JSC::AssemblerBuffer::append): Deleted.
  • assembler/LinkBuffer.cpp: (JSC::LinkBuffer::copyCompactAndLinkCode):
  • assembler/MIPSAssembler.h: (JSC::MIPSAssembler::fillNops):
  • assembler/MacroAssemblerARM64.h: (JSC::MacroAssemblerARM64::jumpsToLink): (JSC::MacroAssemblerARM64::link): (JSC::MacroAssemblerARM64::unlinkedCode): Deleted.
  • assembler/MacroAssemblerARMv7.h: (JSC::MacroAssemblerARMv7::jumpsToLink): (JSC::MacroAssemblerARMv7::unlinkedCode): Deleted.
  • assembler/X86Assembler.h: (JSC::X86Assembler::fillNops):

Source/WTF:

  • wtf/PtrTag.h: (WTF::tagInt):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@236589 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:30 AM Changeset in webkit [237469] by mark.lam@apple.com
  • 9 edits
    1 add in trunk

Fix missing edge cases with JSGlobalObjects having a bad time.
https://bugs.webkit.org/show_bug.cgi?id=189028
<rdar://problem/45204939>

Reviewed by Saam Barati.

JSTests:

  • stress/regress-189028.js: Added.

Source/JavaScriptCore:

Consider the following scenario:

let object O1 (of global G1) have an indexing type that is not SlowPut.
let global G2 have a bad time.
let object O2 (of global G2) be set as the prototype of O1.
let object O3 (of global G2) have indexed accessors.

In the existing code, if we set O3 as O2's prototype, we'll have a bug where
O1 will not be made aware that that there are indexed accessors in its prototype
chain.

In this patch, we solve this issue by introducing a new invariant:

A prototype chain is considered to possibly have indexed accessors if any
object in the chain belongs to a global object that is having a bad time.

We apply this invariant as follows:

  1. Enhance JSGlobalObject::haveABadTime() to also check if other global objects are affected by it having a bad time. If so, it also ensures that those affected global objects have a bad time.

The original code for JSGlobalObject::haveABadTime() uses a ObjectsWithBrokenIndexingFinder
to find all objects affected by the global object having a bad time. We enhance
ObjectsWithBrokenIndexingFinder to also check for the possibility that any global
objects may be affected by other global objects having a bad time i.e.

let g1 = global1
let g2 = global2
let o1 = an object in g1
let o2 = an object in g2

let g1 have a bad time
g2 is affected if

o1 is in the prototype chain of o2,
and o2 may be a prototype.

If the ObjectsWithBrokenIndexingFinder does find the possibility of other global
objects being affected, it will abort its heap scan and let haveABadTime() take
a slow path to do a more complete multi global object scan.

The slow path works as follows:

  1. Iterate the heap and record the graph of all global object dependencies.

For each global object, record the list of other global objects that are
affected by it.

  1. Compute a list of global objects that need to have a bad time using the current global object dependency graph.
  1. For each global object in the list of affected global objects, fire their HaveABadTime watchpoint and convert all their array structures to the SlowPut alternatives.
  1. Re-run ObjectsWithBrokenIndexingFinder to find all objects that are affected by any of the globals in the list from (2).
  1. Enhance Structure::mayInterceptIndexedAccesses() to also return true if the structure's global object is having a bad time.

Note: there are 3 scenarios that we need to consider:

let g1 = global1
let g2 = global2
let o1 = an object in g1
let o2 = an object in g2

Scenario 1: o2 is a prototype, and

g1 has a bad time after o1 is inserted into the o2's prototype chain.

Scenario 2: o2 is a prototype, and

o1 is inserted into the o2's prototype chain after g1 has a bad time.

Scenario 3: o2 is NOT a prototype, and

o1 is inserted into the o2's prototype chain after g1 has a bad time.

For scenario 1, when g1 has a bad time, we need to also make sure g2 has
a bad time. This is handled by enhancement 1 above.

For scenario 2, when o1 is inserted into o2's prototype chain, we need to check
if o1's global object has a bad time. If so, then we need to make sure o2's
global also has a bad time (because o2 is a prototype) and convert o2's
storage type to SlowPut. This is handled by enhancement 2 above in conjunction
with JSObject::setPrototypeDirect().

For scenario 3, when o1 is inserted into o2's prototype chain, we need to check
if o1's global object has a bad time. If so, then we only need to convert o2's
storage type to SlowPut (because o2 is NOT a prototype). This is handled by
enhancement 2 above.

  1. Also add $vm.isHavingABadTime(), $vm.createGlobalObject() to enable us to write some tests for this issue.
  • runtime/JSGlobalObject.cpp:

(JSC::JSGlobalObject::fireWatchpointAndMakeAllArrayStructuresSlowPut):
(JSC::JSGlobalObject::haveABadTime):

  • runtime/JSGlobalObject.h:
  • runtime/JSObject.h:

(JSC::JSObject::mayInterceptIndexedAccesses): Deleted.

  • runtime/JSObjectInlines.h:

(JSC::JSObject::mayInterceptIndexedAccesses):

  • runtime/Structure.h:
  • runtime/StructureInlines.h:

(JSC::Structure::mayInterceptIndexedAccesses const):

  • tools/JSDollarVM.cpp:

(JSC::functionHaveABadTime):
(JSC::functionIsHavingABadTime):
(JSC::functionCreateGlobalObject):
(JSC::JSDollarVM::finishCreation):

11:16 AM Changeset in webkit [237468] by commit-queue@webkit.org
  • 5 edits in trunk/Source/WebCore

Web Inspector: Crash in http/tests/inspector/network/resource-response-source-memory-cache-revalidate-expired-only.html
https://bugs.webkit.org/show_bug.cgi?id=190955

Patch by Antoine Quint <Antoine Quint> on 2018-10-26
Reviewed by Dean Jackson.

We can get in situations when running tests where runtime flags are not consistent throughout the time a test is run since
showing the Web Inspector can cause flags to be re-set after the initial test was loaded. As such, to avoid crashes due to
the ASSERT(!frame().animation().hasAnimations()) in FrameView::didDestroyRenderTree(), we now cancel animations upon teardown
no matter what the value of the runtime flag for the Web Animations CSS Integration on both the DocumentTimeline (if it exists)
and the CSSAnimationController.

  • dom/Element.cpp:

(WebCore::Element::removedFromAncestor):

  • dom/PseudoElement.cpp:

(WebCore::PseudoElement::clearHostElement):

  • page/FrameView.cpp:

(WebCore::FrameView::didDestroyRenderTree):

  • rendering/updating/RenderTreeUpdater.cpp:

(WebCore::RenderTreeUpdater::tearDownRenderers):

11:01 AM Changeset in webkit [237467] by Chris Dumez
  • 11 edits in trunk/Source/WebKit

[PSON] Avoid tearing down the drawing area when suspending a WebPage due to process-swap
https://bugs.webkit.org/show_bug.cgi?id=190879

Reviewed by Antti Koivisto.

Avoid tearing down the drawing area when suspending a WebPage due to process-swap. We really only need to reset
the drawing area upon resuming the WebPage. There is no strict need to destroy the drawing area on suspension
and this has caused various crashes because code usually assumes we always have a drawing area.

This patch also drops various drawing area null checks that were added to address PSON crashes.

  • UIProcess/SuspendedPageProxy.cpp:

(WebKit::SuspendedPageProxy::tearDownDrawingAreaInWebProcess): Deleted.

  • UIProcess/SuspendedPageProxy.h:
  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::suspendCurrentPageIfPossible):
(WebKit::WebPageProxy::receivedNavigationPolicyDecision):
(WebKit::WebPageProxy::didCompletePageTransition):
(WebKit::WebPageProxy::enterAcceleratedCompositingMode):

  • UIProcess/WebPageProxy.h:
  • WebProcess/WebCoreSupport/WebChromeClient.cpp:

(WebKit::WebChromeClient::invalidateContentsAndRootView):
(WebKit::WebChromeClient::invalidateContentsForSlowScroll):
(WebKit::WebChromeClient::contentsSizeChanged const):

  • WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:

(WebKit::WebFrameLoaderClient::transitionToCommittedForNewPage):

  • WebProcess/WebPage/RemoteLayerTree/RemoteScrollingCoordinator.mm:

(WebKit::RemoteScrollingCoordinator::scheduleTreeStateCommit):

  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::reinitializeWebPage):
(WebKit::WebPage::exitAcceleratedCompositingMode):
(WebKit::WebPage::setIsSuspended):
(WebKit::WebPage::tearDownDrawingAreaForSuspend): Deleted.

  • WebProcess/WebPage/WebPage.h:
  • WebProcess/WebPage/WebPage.messages.in:
10:47 AM Changeset in webkit [237466] by timothy@apple.com
  • 7 edits in trunk/Source/WebCore

Use dark appearance scrollbar when page background is dark or document supports dark mode.
https://bugs.webkit.org/show_bug.cgi?id=190937
rdar://problem/41225839

Reviewed by Beth Dakin.

Source/WebCore:

  • page/FrameView.cpp:

(WebCore::FrameView::useDarkAppearance const): Added. Ask the document.
(WebCore::FrameView::paintScrollCorner): Set LocalDefaultSystemAppearance based
on the scrollbar overlay style too.

  • page/FrameView.h:
  • platform/ScrollableArea.h:

(WebCore::ScrollableArea::useDarkAppearance const): Added. Default to false.

  • platform/mac/ScrollAnimatorMac.mm:

(-[WebScrollerImpDelegate effectiveAppearanceForScrollerImp:]): Added.
Ask the ScrollableArea if a dark appearance is desired.

Source/WebCore/PAL:

  • pal/spi/mac/NSScrollerImpSPI.h: Added effectiveAppearanceForScrollerImp:.
10:44 AM Changeset in webkit [237465] by pvollan@apple.com
  • 3 edits in trunk/LayoutTests

[High Sierra/Sierra Release] Layout Test media/track/track-cue-css.html is a flaky image failure
https://bugs.webkit.org/show_bug.cgi?id=190876

Unreviewed test fix.

This is a speculative flakiness fix.

  • media/track/track-cue-css-expected.html:
  • media/track/track-cue-css.html:
10:34 AM Changeset in webkit [237464] by Alan Bujtas
  • 2 edits in trunk/LayoutTests

[iOS] Unreviewed test gardening.

  • platform/ios/TestExpectations:
10:07 AM Changeset in webkit [237463] by Antti Koivisto
  • 9 edits in trunk/Source

Use random() instead of begin() to limit cache sizes
https://bugs.webkit.org/show_bug.cgi?id=190957

Reviewed by Chris Dumez.

Source/WebCore:

We currently use cache.remove(cache.begin()) pattern to limit sized of various caches.
This is a bad pattern for tables that never rehash (because they have fixed maximum size) as most of the
keys get permanently stuck in the table.

  • css/CSSValuePool.cpp:

(WebCore::CSSValuePool::createColorValue):
(WebCore::CSSValuePool::createFontFamilyValue):
(WebCore::CSSValuePool::createFontFaceValue):

  • dom/InlineStyleSheetOwner.cpp:

(WebCore::InlineStyleSheetOwner::createSheet):

  • dom/SelectorQuery.cpp:
  • platform/graphics/FontCascade.cpp:

(WebCore::retrieveOrAddCachedFonts):

  • platform/graphics/cocoa/FontCacheCoreText.cpp:

(WebCore::shouldAutoActivateFontIfNeeded):

  • platform/mac/PublicSuffixMac.mm:

(WebCore::topPrivatelyControlledDomain):

Source/WebKit:

  • UIProcess/WebProcessPool.cpp:

(WebKit::WebProcessPool::didCollectPrewarmInformation):

9:47 AM Changeset in webkit [237462] by keith_miller@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

JSC xcconfig should set DEFINES_MODULE
https://bugs.webkit.org/show_bug.cgi?id=190952

Reviewed by Mark Lam.

This should mean that the JavaScriptCore.framework will have a module map.

  • Configurations/JavaScriptCore.xcconfig:
9:27 AM Changeset in webkit [237461] by Antti Koivisto
  • 5 edits in trunk

hashSet.remove(hashSet.random()) doesn't build
https://bugs.webkit.org/show_bug.cgi?id=190953

Reviewed by Chris Dumez.

Source/WTF:

  • wtf/HashSet.h:

Remove non-const random(). HashSet only returns const iterators (it is immutable via iterator).

  • wtf/HashTable.h:

(WTF::HashTable::random const):

Invoke const_iterator() by using static_cast<> instead of trying to do it directly.

Tools:

  • TestWebKitAPI/Tests/WTF/HashSet.cpp:

(TestWebKitAPI::TEST):

8:34 AM Changeset in webkit [237460] by Chris Dumez
  • 2 edits in trunk/Source/WebKit

Modernize / Simplify IPC::Connection::sendOutgoingMessage()
https://bugs.webkit.org/show_bug.cgi?id=190931

Reviewed by Alex Christensen.

  • Platform/IPC/mac/ConnectionMac.mm:

(IPC::Connection::sendOutgoingMessage):

8:29 AM Changeset in webkit [237459] by ajuma@chromium.org
  • 1 edit
    1 add in trunk/LayoutTests

[GTK] Unreviewed test gardening.
https://bugs.webkit.org/show_bug.cgi?id=190962

Add a baseline for the test added in r237449.

  • platform/gtk/fast/repaint/text-selection-overflow-hidden-expected.txt: Added.
8:04 AM Changeset in webkit [237458] by jer.noble@apple.com
  • 16 edits in trunk/Source

Adopt -setOverrideRouteSharingPolicy:routingContextUID: SPI
https://bugs.webkit.org/show_bug.cgi?id=190951
<rdar://problem/45213065>

Reviewed by Alex Christensen.

Source/WebCore:

Request the correct route policy and context from the VideoFullscreenModel.

  • platform/cocoa/VideoFullscreenModel.h:

(WebCore::VideoFullscreenModel::requestRouteSharingPolicyAndContextUID):

  • platform/cocoa/VideoFullscreenModelVideoElement.h:
  • platform/cocoa/VideoFullscreenModelVideoElement.mm:

(WebCore::VideoFullscreenModelVideoElement::requestRouteSharingPolicyAndContextUID):

  • platform/ios/VideoFullscreenInterfaceAVKit.h:
  • platform/ios/VideoFullscreenInterfaceAVKit.mm:

(-[WebAVPlayerViewController setWebKitOverrideRouteSharingPolicy:routingContextUID:]):
(VideoFullscreenInterfaceAVKit::setVideoFullscreenModel):
(VideoFullscreenInterfaceAVKit::doSetup):

Source/WebCore/PAL:

  • pal/spi/cocoa/AVKitSPI.h:

Source/WebKit:

Add an asyncronous reply request to VideoFullscreenManager.

Drive-by fix: messages.py generates "WTFMove(*arg1, *arg2)" instead of "WTFMove(*arg1), WTFMove(*arg2)"
in its reply handler generation.

  • Platform/IPC/MessageSender.h:

(IPC::MessageSender::sendWithAsyncReply):

  • Scripts/webkit/messages.py:
  • UIProcess/Cocoa/VideoFullscreenManagerProxy.h:
  • UIProcess/Cocoa/VideoFullscreenManagerProxy.mm:

(WebKit::VideoFullscreenModelContext::requestRouteSharingPolicyAndContextUID):

  • WebProcess/cocoa/VideoFullscreenManager.h:
  • WebProcess/cocoa/VideoFullscreenManager.messages.in:
  • WebProcess/cocoa/VideoFullscreenManager.mm:

(WebKit::VideoFullscreenManager::requestRouteSharingPolicyAndContextUID):

7:45 AM Changeset in webkit [237457] by Alan Bujtas
  • 2 edits in trunk/Source/WebCore

[LFC][IFC] Add more inline information to outputLayoutTree
https://bugs.webkit.org/show_bug.cgi?id=190945

Reviewed by Antti Koivisto.

  • layout/layouttree/LayoutTreeBuilder.cpp:

(WebCore::Layout::outputInlineRuns):
(WebCore::Layout::outputLayoutBox):

7:42 AM Changeset in webkit [237456] by Alan Bujtas
  • 9 edits
    2 adds in trunk

[LFC][IFC] Layout floats as part of the inline content
https://bugs.webkit.org/show_bug.cgi?id=190942

Reviewed by Antti Koivisto.

Source/WebCore:

Add float handling to InlineFormattingContext::layoutInlineContent.
Note that floats don't actually generate inline runs.

Test: fast/block/basic/inline-content-with-floating-image.html

  • layout/blockformatting/BlockFormattingContext.cpp:

(WebCore::Layout::BlockFormattingContext::layoutFormattingContextRoot const):

  • layout/floats/FloatAvoider.cpp:

(WebCore::Layout::FloatAvoider::FloatAvoider): Check if any mapping is needed.

  • layout/inlineformatting/InlineFormattingContext.cpp:

(WebCore::Layout::isTrimmableContent):
(WebCore::Layout::InlineFormattingContext::layoutInlineContent const):
(WebCore::Layout::trimLeadingRun): Deleted.

  • layout/inlineformatting/InlineFormattingContext.h:

(WebCore::Layout::InlineFormattingContext::Line::isClosed const):

  • layout/inlineformatting/Line.cpp:

(WebCore::Layout::InlineFormattingContext::Line::init):
(WebCore::Layout::InlineFormattingContext::Line::adjustLogicalLeft):
(WebCore::Layout::InlineFormattingContext::Line::adjustLogicalRight):
(WebCore::Layout::InlineFormattingContext::Line::appendContent):
(WebCore::Layout::InlineFormattingContext::Line::close):

Tools:

  • LayoutReloaded/misc/LFC-passing-tests.txt:

LayoutTests:

  • fast/block/basic/inline-content-with-floating-image-expected.txt: Added.
  • fast/block/basic/inline-content-with-floating-image.html: Added.
7:40 AM Changeset in webkit [237455] by Alan Bujtas
  • 5 edits in trunk/Source/WebCore

[LFC][IFC] Adjust current line with float constraints.
https://bugs.webkit.org/show_bug.cgi?id=190940

Reviewed by Antti Koivisto.

  • layout/inlineformatting/InlineFormattingContext.cpp:

(WebCore::Layout::InlineFormattingContext::initializeNewLine const):
(WebCore::Layout::InlineFormattingContext::layoutInlineContent const):

  • layout/inlineformatting/InlineFormattingContext.h:
  • layout/inlineformatting/InlineRun.h:

(WebCore::Layout::InlineRun::moveHorizontally):

  • layout/inlineformatting/Line.cpp:

(WebCore::Layout::InlineFormattingContext::Line::adjustLogicalLeft):
(WebCore::Layout::InlineFormattingContext::Line::adjustLogicalRight):

7:36 AM Changeset in webkit [237454] by Alan Bujtas
  • 3 edits in trunk/Source/WebCore

[LFC][IFC] Compute float box size and position
https://bugs.webkit.org/show_bug.cgi?id=190938

Reviewed by Antti Koivisto.

  • layout/inlineformatting/InlineFormattingContext.cpp:

(WebCore::Layout::InlineFormattingContext::computeWidthAndHeight const):
(WebCore::Layout::InlineFormattingContext::computeFloatPosition const):

  • layout/inlineformatting/InlineFormattingContext.h:
7:34 AM Changeset in webkit [237453] by Alan Bujtas
  • 4 edits in trunk/Source/WebCore

[LFC][IFC] Add line logical top and bottom
https://bugs.webkit.org/show_bug.cgi?id=190934

Reviewed by Antti Koivisto.

  • layout/inlineformatting/InlineFormattingContext.cpp:

(WebCore::Layout::InlineFormattingContext::initializeNewLine const):
(WebCore::Layout::InlineFormattingContext::layoutInlineContent const):

  • layout/inlineformatting/InlineFormattingContext.h:

(WebCore::Layout::InlineFormattingContext::Line::isFirstLine const):
(WebCore::Layout::InlineFormattingContext::Line::logicalTop const):
(WebCore::Layout::InlineFormattingContext::Line::logicalBottom const):

  • layout/inlineformatting/Line.cpp:

(WebCore::Layout::InlineFormattingContext::Line::init):
(WebCore::Layout::InlineFormattingContext::Line::contentLogicalRight):
(WebCore::Layout::InlineFormattingContext::Line::close):

7:29 AM Changeset in webkit [237452] by Alan Bujtas
  • 3 edits in trunk/Source/WebCore

[LFC][IFC] Find floating constraints for a given vertical position
https://bugs.webkit.org/show_bug.cgi?id=190928

Reviewed by Antti Koivisto.

https://www.w3.org/TR/CSS22/visuren.html#inline-formatting

"In general, the left edge of a line box touches the left edge of its containing block and the right edge touches the right edge of its containing block.
However, floating boxes may come between the containing block edge and the line box edge.
Thus, although line boxes in the same inline formatting context generally have the same width
(that of the containing block), they may vary in width if available horizontal space is reduced due to floats."

This patch adds support for retrieving left/right constraints for a given line (vertical position).

  • layout/floats/FloatingState.cpp:

(WebCore::Layout::FloatingState::constraints const):

  • layout/floats/FloatingState.h:
7:25 AM Changeset in webkit [237451] by Alan Bujtas
  • 2 edits in trunk/Source/WebCore

[LFC] Inline formatting context has higher priority than block
https://bugs.webkit.org/show_bug.cgi?id=190924

Reviewed by Antti Koivisto.

When an element establishes both inline and block formatting contexts, we need to pick one to
create (and we choose the content driven formatting type (inline)). See example below:

<div style="overflow: hidden">This text should be inside an inlines formatting context.</div>

  • layout/LayoutContext.cpp:

(WebCore::Layout::LayoutContext::formattingContext const):

7:05 AM Changeset in webkit [237450] by aboya@igalia.com
  • 5 edits
    2 adds in trunk

[MSE][WTF][Media] Invalid MediaTime should be falsy
https://bugs.webkit.org/show_bug.cgi?id=190893

Reviewed by Jer Noble.

Source/WTF:

This patch modifies the definition of MediaTime so that invalid times
are evaluated to false in the context of a boolean expression.

  • wtf/MediaTime.cpp:

(WTF::MediaTime::operator! const):
(WTF::MediaTime::operator bool const):

Tools:

This patch adds additional API tests for the conversions from
MediaTime to boolean.

  • TestWebKitAPI/Tests/WTF/MediaTime.cpp:

(TestWebKitAPI::TEST):

LayoutTests:

A test is added that replicates a bug fixed by this patch.

  • media/media-source/media-source-timestampoffset-then-zero-expected.txt: Added.
  • media/media-source/media-source-timestampoffset-then-zero.html: Added.
6:16 AM Changeset in webkit [237449] by ajuma@chromium.org
  • 3 edits
    3 adds in trunk

REGRESSION (r237255): Text selection is broken in form fields
https://bugs.webkit.org/show_bug.cgi?id=190899

Reviewed by Ryosuke Niwa.

Source/WebCore:

Fix missing negation when checking for a fully-clipped-out rect. This was causing
RenderObject::computeVisibleRectInContainer to incorrectly early-out.

Test: fast/repaint/text-selection-overflow-hidden.html

  • rendering/RenderObject.cpp:

(WebCore::RenderObject::computeVisibleRectInContainer const):

LayoutTests:

Add layout test coverage.

  • fast/repaint/text-selection-overflow-hidden-expected.txt: Added.
  • fast/repaint/text-selection-overflow-hidden.html: Added.
  • platform/win/fast/repaint/text-selection-overflow-hidden-expected.txt: Added.
1:25 AM Changeset in webkit [237448] by keith_miller@apple.com
  • 2 edits in trunk/Source/WTF

Some internal projects include wtf headers and build with C++11
https://bugs.webkit.org/show_bug.cgi?id=190791

Reviewed by Alexey Proskuryakov.

C++11 doesn't support constexpr functions that contain
statements. This patch removes getLSBSet set from builds before
C++14 to avoid this for now.

  • wtf/MathExtras.h:

(getLSBSet):

12:56 AM Changeset in webkit [237447] by yusukesuzuki@slowstart.org
  • 5 edits in trunk/Source/JavaScriptCore

[JSC] havingABadTimeWatchpoint is not required in Array#indexOf optimization
https://bugs.webkit.org/show_bug.cgi?id=190941

Reviewed by Saam Barati.

While "Rest" operation fast path requires havingABadTimeWatchpoint since it allocates
JSArray, Array#{indexOf,lastIndexOf} do not require it when we use the fast path for them.
This patch removes watching on havingABadTimeWatchpoint in Array#indexOf. The test causing
"havingABadTime" is already included in our test suites (e.g. array-indexof-have-a-bad-time.js).

  • dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::handleIntrinsicCall):

  • runtime/JSArrayInlines.h:

(JSC::JSArray::canDoFastIndexedAccess):

  • runtime/JSGlobalObject.h:
  • runtime/JSGlobalObjectInlines.h:

(JSC::JSGlobalObject::isArrayPrototypeIteratorProtocolFastAndNonObservable):
(JSC::JSGlobalObject::isArrayPrototypeIndexedAccessFastAndNonObservable): Deleted.

Oct 25, 2018:

10:06 PM Changeset in webkit [237446] by Chris Dumez
  • 6 edits in trunk

[PSON] Navigating cross-site with locked history but unlocked back/forward list fails to create a new BackForwardListItem
https://bugs.webkit.org/show_bug.cgi?id=190915
<rdar://problem/45059069>

Reviewed by Geoffrey Garen.

Source/WebCore:

  • history/PageCache.cpp:

(WebCore::canCacheFrame):
Make sure we do not put into PageCache a page whose main frame is showing the initial empty document.
We usually do not try to put those into PageCache because we do not have a HistoryItem to save the
PageCache entry on. However, when we process-swap on a navigation with the history locked, the new
process has a HistoryItem and is initially showing the initial empty document before continuing
the load from the previous process. Note that saving the initial empty document in PageCache would
lead to crashes later on previous the initial empty document's Window is taken and reused for the
next load.

  • loader/FrameLoader.cpp:

(WebCore::FrameLoader::load):
Stop assuming that we're continuing a client-side redirect when lockHistory is Yes. It is
lockBackForwardList that is actually Yes when we're doing a client-side redirect.

  • loader/PolicyChecker.cpp:

(WebCore::PolicyChecker::checkNavigationPolicy):
Stop using calling the completion handler with an invalid URL when the policy decision is 'Suspend' and
use 'about:blank' instead. Without this change, FrameLoader::continueLoadAfterNavigationPolicy() would
not load 'about:blank' when its AllowNavigationToInvalidURL parameter is No.

Tools:

Add API test coverage.

  • TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:
9:51 PM Changeset in webkit [237445] by yusukesuzuki@slowstart.org
  • 13 edits in trunk/Source/JavaScriptCore

Unreviewed, partial rolling in r237254
https://bugs.webkit.org/show_bug.cgi?id=190340

We do not use the added function right now to investigate what is the reason of the regression.
If it causes the regression, it seems that Parser.cpp's inlining decision seems culprit.

  • bytecode/UnlinkedFunctionExecutable.cpp:

(JSC::UnlinkedFunctionExecutable::fromGlobalCode):

  • bytecode/UnlinkedFunctionExecutable.h:
  • parser/Parser.cpp:

(JSC::Parser<LexerType>::parseInner):
(JSC::Parser<LexerType>::parseSingleFunction):
(JSC::Parser<LexerType>::parseFunctionInfo):
(JSC::Parser<LexerType>::parseFunctionDeclaration):
(JSC::Parser<LexerType>::parseAsyncFunctionDeclaration):

  • parser/Parser.h:

(JSC::Parser<LexerType>::parse):
(JSC::parse):
(JSC::parseFunctionForFunctionConstructor):

  • parser/ParserModes.h:
  • parser/ParserTokens.h:

(JSC::JSTextPosition::JSTextPosition):
(JSC::JSTokenLocation::JSTokenLocation): Deleted.

  • parser/SourceCodeKey.h:

(JSC::SourceCodeKey::SourceCodeKey):
(JSC::SourceCodeKey::operator== const):

  • runtime/CodeCache.cpp:

(JSC::CodeCache::getUnlinkedGlobalCodeBlock):
(JSC::CodeCache::getUnlinkedGlobalFunctionExecutable):

  • runtime/CodeCache.h:
  • runtime/FunctionConstructor.cpp:

(JSC::constructFunctionSkippingEvalEnabledCheck):

  • runtime/FunctionExecutable.cpp:

(JSC::FunctionExecutable::fromGlobalCode):

  • runtime/FunctionExecutable.h:
7:03 PM Changeset in webkit [237444] by bshafiei@apple.com
  • 1 copy in tags/Safari-606.3.3

Tag Safari-606.3.3.

5:59 PM Changeset in webkit [237443] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Layout Test http/tests/websocket/tests/hybi/handshake-ok-with-legacy-sec-websocket-response-headers.html is a flaky failure
https://bugs.webkit.org/show_bug.cgi?id=173041

Unreviewed test gardening.

  • platform/ios/TestExpectations: Mark test as flaky.
5:44 PM Changeset in webkit [237442] by sbarati@apple.com
  • 1 edit
    89 adds in trunk/PerformanceTests

Check in corresponding C code in JetStream 2
https://bugs.webkit.org/show_bug.cgi?id=190733

Rubber-stamped by Filip Pizlo.

  • JetStream2/simple/float-mm.c: Added.
  • JetStream2/wasm/HashSet.cpp: Added.
  • JetStream2/wasm/gcc-loops.cpp: Added.
  • JetStream2/wasm/quicksort.c: Added.
  • JetStream2/wasm/TSF: Added.
  • JetStream2/wasm/TSF/build.sh: Added.
  • JetStream2/wasm/TSF/config.h: Added.
  • JetStream2/wasm/TSF/gpc.h: Added.
  • JetStream2/wasm/TSF/gpc_code_gen_util.c: Added.
  • JetStream2/wasm/TSF/gpc_instruction.c: Added.
  • JetStream2/wasm/TSF/gpc_instruction_dispatch.gen: Added.
  • JetStream2/wasm/TSF/gpc_instruction_size.gen: Added.
  • JetStream2/wasm/TSF/gpc_instruction_stack_effects.gen: Added.
  • JetStream2/wasm/TSF/gpc_instruction_static_size.gen: Added.
  • JetStream2/wasm/TSF/gpc_instruction_to_string.gen: Added.
  • JetStream2/wasm/TSF/gpc_int_common.h: Added.
  • JetStream2/wasm/TSF/gpc_intable.c: Added.
  • JetStream2/wasm/TSF/gpc_internal.h: Added.
  • JetStream2/wasm/TSF/gpc_interpreter.gen: Added.
  • JetStream2/wasm/TSF/gpc_program.c: Added.
  • JetStream2/wasm/TSF/gpc_proto.c: Added.
  • JetStream2/wasm/TSF/gpc_stack_height.c: Added.
  • JetStream2/wasm/TSF/gpc_threaded.c: Added.
  • JetStream2/wasm/TSF/gpc_worklist.h: Added.
  • JetStream2/wasm/TSF/tsf.h: Added.
  • JetStream2/wasm/TSF/tsf_adaptive_reader.c: Added.
  • JetStream2/wasm/TSF/tsf_asprintf.c: Added.
  • JetStream2/wasm/TSF/tsf_atomics.h: Added.
  • JetStream2/wasm/TSF/tsf_buf_reader.c: Added.
  • JetStream2/wasm/TSF/tsf_buf_writer.c: Added.
  • JetStream2/wasm/TSF/tsf_buffer.c: Added.
  • JetStream2/wasm/TSF/tsf_build_defines.h: Added.
  • JetStream2/wasm/TSF/tsf_config.h: Added.
  • JetStream2/wasm/TSF/tsf_config_stub.h: Added.
  • JetStream2/wasm/TSF/tsf_copier.c: Added.
  • JetStream2/wasm/TSF/tsf_define_helpers.c: Added.
  • JetStream2/wasm/TSF/tsf_define_helpers.h: Added.
  • JetStream2/wasm/TSF/tsf_destructor.c: Added.
  • JetStream2/wasm/TSF/tsf_error.c: Added.
  • JetStream2/wasm/TSF/tsf_format.h: Added.
  • JetStream2/wasm/TSF/tsf_fsdb.c: Added.
  • JetStream2/wasm/TSF/tsf_fsdb_protocol.c: Added.
  • JetStream2/wasm/TSF/tsf_fsdb_protocol.h: Added.
  • JetStream2/wasm/TSF/tsf_generator.c: Added.
  • JetStream2/wasm/TSF/tsf_gpc_code_gen.c: Added.
  • JetStream2/wasm/TSF/tsf_indent.h: Added.
  • JetStream2/wasm/TSF/tsf_internal.h: Added.
  • JetStream2/wasm/TSF/tsf_internal_config.h: Added.
  • JetStream2/wasm/TSF/tsf_internal_config_stub.h: Added.
  • JetStream2/wasm/TSF/tsf_inttypes.h: Added.
  • JetStream2/wasm/TSF/tsf_io.c: Added.
  • JetStream2/wasm/TSF/tsf_io_utils.c: Added.
  • JetStream2/wasm/TSF/tsf_ir.c: Added.
  • JetStream2/wasm/TSF/tsf_ir.h: Added.
  • JetStream2/wasm/TSF/tsf_ir_different.c: Added.
  • JetStream2/wasm/TSF/tsf_ir_different.h: Added.
  • JetStream2/wasm/TSF/tsf_ir_speed.c: Added.
  • JetStream2/wasm/TSF/tsf_limits.c: Added.
  • JetStream2/wasm/TSF/tsf_named_type.c: Added.
  • JetStream2/wasm/TSF/tsf_native.c: Added.
  • JetStream2/wasm/TSF/tsf_parser.c: Added.
  • JetStream2/wasm/TSF/tsf_primitive.c: Added.
  • JetStream2/wasm/TSF/tsf_ra_type_man.c: Added.
  • JetStream2/wasm/TSF/tsf_reflect.c: Added.
  • JetStream2/wasm/TSF/tsf_region.h: Added.
  • JetStream2/wasm/TSF/tsf_serial_in_man.c: Added.
  • JetStream2/wasm/TSF/tsf_serial_out_man.c: Added.
  • JetStream2/wasm/TSF/tsf_serial_protocol.h: Added.
  • JetStream2/wasm/TSF/tsf_sha1.c: Added.
  • JetStream2/wasm/TSF/tsf_sha1.h: Added.
  • JetStream2/wasm/TSF/tsf_sha1_writer.c: Added.
  • JetStream2/wasm/TSF/tsf_sort.c: Added.
  • JetStream2/wasm/TSF/tsf_st.c: Added.
  • JetStream2/wasm/TSF/tsf_st.h: Added.
  • JetStream2/wasm/TSF/tsf_st_typetable.c: Added.
  • JetStream2/wasm/TSF/tsf_stream_file_input.c: Added.
  • JetStream2/wasm/TSF/tsf_stream_file_output.c: Added.
  • JetStream2/wasm/TSF/tsf_type.c: Added.
  • JetStream2/wasm/TSF/tsf_type_in_map.c: Added.
  • JetStream2/wasm/TSF/tsf_type_out_map.c: Added.
  • JetStream2/wasm/TSF/tsf_type_table.c: Added.
  • JetStream2/wasm/TSF/tsf_types.h: Added.
  • JetStream2/wasm/TSF/tsf_util.h: Added.
  • JetStream2/wasm/TSF/tsf_version.c: Added.
  • JetStream2/wasm/TSF/tsf_zip_abstract.c: Added.
  • JetStream2/wasm/TSF/tsf_zip_abstract.h: Added.
  • JetStream2/wasm/TSF/tsf_zip_attr.c: Added.
  • JetStream2/wasm/TSF/tsf_zip_reader.c: Added.
  • JetStream2/wasm/TSF/tsf_zip_writer.c: Added.
5:39 PM Changeset in webkit [237441] by Devin Rousso
  • 2 edits in trunk/Source/WebCore

Fix build after r237431 for platforms that don't support FULLSCREEN_API
Need the bug URL (OOPS!).

Reviewed by Joseph Pecoraro.

No new tests. No change in behavior.

  • inspector/agents/InspectorDOMAgent.cpp:

(WebCore::InspectorDOMAgent::addEventListenersToNode):

5:21 PM Changeset in webkit [237440] by Brent Fulgham
  • 2 edits in trunk/Source/JavaScriptCore

Unreviewed build fix for Visual Studio 2017

  • API/tests/testapi.c:

(testMarkingConstraintsAndHeapFinalizers):
(main):

5:11 PM Changeset in webkit [237439] by Kocsen Chung
  • 14 edits in branches/safari-606-branch

Revert r237373. rdar://problem/45567354

5:11 PM Changeset in webkit [237438] by Kocsen Chung
  • 3 edits in branches/safari-606-branch/Source/JavaScriptCore

Revert r236604. rdar://problem/45567354

5:11 PM Changeset in webkit [237437] by Kocsen Chung
  • 2 edits in branches/safari-606-branch/Source/JavaScriptCore

Revert r236606. rdar://problem/45567354

4:59 PM Changeset in webkit [237436] by Devin Rousso
  • 4 edits
    2 adds in trunk

Web Inspector: Canvas Recording loading goes significantly slower when "Frame" tree element is expanded
https://bugs.webkit.org/show_bug.cgi?id=190497

Reviewed by Joseph Pecoraro.

Source/WebInspectorUI:

Save the WI.TreeElement that are in the DOM, and compare that with any WI.TreeElement
that would be added to the DOM. If all of the following are true, don't edit the DOM:

  • no focused WI.TreeElement that isn't currently visible (we would scroll otherwise)
  • the set of previously visible WI.TreeElements (e.g. not used for scroll padding) has at least one of the WI.TreeElements that would be added from this update
    • this means that the user hasn't scrolled beyond the padding WI.TreeElement
  • there are no WI.TreeElements that would be added from this update that were NOT added in a previous update
    • this covers the case that a WI.TreeElement is inserted in the visible area
  • UserInterface/Base/Utilities.js:
  • UserInterface/Views/TreeOutline.js:

(WI.TreeOutline):
(WI.TreeOutline.prototype.registerScrollVirtualizer):
(WI.TreeOutline.prototype.updateVirtualizedElements.walk):
(WI.TreeOutline.prototype.updateVirtualizedElements):

LayoutTests:

  • inspector/unit-tests/set-utilities-expected.txt: Added.
  • inspector/unit-tests/set-utilities.html: Added.
4:55 PM Changeset in webkit [237435] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebInspectorUI

JSContext Inspector: Broken frontend, DOMAgent is used but does not exist
https://bugs.webkit.org/show_bug.cgi?id=190922
<rdar://problem/45569827>

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2018-10-25
Reviewed by Devin Rousso.

  • UserInterface/Controllers/DOMManager.js:

(WI.DOMManager.prototype.requestDocument):
Feature check for agents that may not exist in a JSContext.

4:47 PM Changeset in webkit [237434] by Kocsen Chung
  • 7 edits in branches/safari-606-branch/Source

Versioning.

4:42 PM Changeset in webkit [237433] by realdawei@apple.com
  • 2 edits in trunk/LayoutTests

Layout Test compositing/iframes/display-none-subframe.html is a flaky failure.
https://bugs.webkit.org/show_bug.cgi?id=186406

Unreviewed.

Patch by Dawei Fenton <realdawei@apple.com> on 2018-10-25

  • platform/mac-wk1/TestExpectations: Mark test flaky.
4:09 PM Changeset in webkit [237432] by Devin Rousso
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: add corner rounding to the network timing "blocks"
https://bugs.webkit.org/show_bug.cgi?id=190379

Reviewed by Timothy Hatcher.

  • UserInterface/Views/NetworkTableContentView.css:

(.waterfall .block):
(body[dir=ltr] .waterfall .block): Added.
(body[dir=rtl] .waterfall .block): Added.
(.network-table .waterfall .block + .block): Added.
(.network-table .waterfall .block.filler + .block, .network-table .waterfall .block:not(.request, .response) + :matches(.request, .response)): Added.
(.network-table .waterfall .block:last-child): Added.

3:59 PM Changeset in webkit [237431] by Devin Rousso
  • 21 edits in trunk

Web Inspector: display fullscreen enter/exit events in Timelines and Network node waterfalls
https://bugs.webkit.org/show_bug.cgi?id=189874
<rdar://problem/44700000>

Reviewed by Joseph Pecoraro.

Source/JavaScriptCore:

  • inspector/protocol/DOM.json:

Allow data to be passed to the frontend with didFireEvent.

Source/WebCore:

Updated existing test: http/tests/inspector/dom/didFireEvent.html

  • inspector/agents/InspectorDOMAgent.h:
  • inspector/agents/InspectorDOMAgent.cpp:

(WebCore::EventFiredCallback::handleEvent):
(WebCore::InspectorDOMAgent::didCreateFrontendAndBackend):
(WebCore::InspectorDOMAgent::addEventListenersToNode):
(WebCore::InspectorDOMAgent::discardBindings):
(WebCore::InspectorDOMAgent::eventDidResetAfterDispatch): Added.
Prevent the same event from being sent to the frontend more than once.

  • dom/Event.cpp:

(WebCore::Event::resetAfterDispatch):

  • dom/Document.cpp:

(WebCore::Document::Document):

  • inspector/InspectorInstrumentation.h:

(WebCore::InspectorInstrumentation::eventDidResetAfterDispatch): Added.

  • inspector/InspectorInstrumentation.cpp:

(WebCore::InspectorInstrumentation::eventDidResetAfterDispatchImpl): Added.

Source/WebInspectorUI:

  • Localizations/en.lproj/localizedStrings.js:
  • UserInterface/Protocol/DOMObserver.js:

(WI.DOMObserver.prototype.didFireEvent):

  • UserInterface/Controllers/DOMManager.js:

(WI.DOMManager.prototype.didFireEvent):
Allow data to be passed to the frontend with didFireEvent.

  • UserInterface/Models/DOMNode.js:

(WI.DOMNode):
(WI.DOMNode.getFullscreenDOMEvents): Added.
(WI.DOMNode.prototype.didFireEvent):
(WI.DOMNode.prototype._handleDOMNodeDidFireEvent): Added.
(WI.DOMNode.prototype._addDOMEvent):
(WI.DOMNode.prototype._shouldListenForEventListeners): Added.
If an event is fired on an ancestor of this node, also record that event in this node's
domEvents, including the originator node.

  • UserInterface/Views/NetworkTableContentView.js:

(WI.NetworkTableContentView.prototype._populateWaterfallGraph):

  • UserInterface/Views/NetworkTableContentView.css:

(.network-table :not(.header) .cell.waterfall .waterfall-container > .dom-fullscreen): Added.

  • UserInterface/Views/DOMEventsBreakdownView.js:

(WI.DOMEventsBreakdownView.prototype.initialLayout):
(WI.DOMEventsBreakdownView.prototype._populateTable):

  • UserInterface/Views/DOMEventsBreakdownView.css:

(.dom-events-breakdown .graph > .area.fullscreen): Added.
(.dom-events-breakdown .inherited > .name, .dom-events-breakdown .inherited > .graph > .point): Added.
(.dom-events-breakdown:not(.has-inherited) .originator): Added.

LayoutTests:

  • http/tests/inspector/dom/didFireEvent-expected.txt:
  • http/tests/inspector/dom/didFireEvent.html:
3:57 PM Changeset in webkit [237430] by Devin Rousso
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: Network: more aggressively snap timing blocks together
https://bugs.webkit.org/show_bug.cgi?id=190439

Reviewed by Timothy Hatcher.

  • UserInterface/Views/NetworkTableContentView.js:

(WI.NetworkTableContentView.prototype._populateWaterfallGraph.appendBlock):
(WI.NetworkTableContentView.prototype._populateWaterfallGraph):
If the time difference between the end of the previous block and the start of this block
would result in less than 2px of space, extend the next block back to the previous block.

3:23 PM Changeset in webkit [237429] by Ross Kirsling
  • 18 edits in trunk/Source

Cleanup: inline constexpr is redundant as constexpr implies inline
https://bugs.webkit.org/show_bug.cgi?id=190819

Reviewed by Mark Lam.

Source/bmalloc:

  • bmalloc/Algorithm.h:

(bmalloc::max):
(bmalloc::min):
(bmalloc::mask):
(bmalloc::test):
(bmalloc::isPowerOfTwo):
(bmalloc::roundDownToMultipleOf):
(bmalloc::sizeOf):
(bmalloc::bitCount):
(bmalloc::log2):

  • bmalloc/Bits.h:

(bmalloc::bitsArrayLength):

  • bmalloc/Sizes.h:

(bmalloc::Sizes::maskSizeClass):

Source/JavaScriptCore:

  • bytecode/ArrayProfile.h:

(JSC::asArrayModes):

  • runtime/IndexingType.h:

(JSC::isCopyOnWrite):

  • runtime/MathCommon.h:

(JSC::maxSafeInteger):
(JSC::minSafeInteger):

  • runtime/StackAlignment.h:

(JSC::stackAlignmentBytes):
(JSC::stackAlignmentRegisters):

Source/WTF:

  • wtf/Bitmap.h:

(WTF::WordType>::Bitmap):

  • wtf/LEBDecoder.h:

(WTF::LEBDecoder::maxByteLength):

  • wtf/MathExtras.h:

(defaultMinimumForClamp):
(defaultMaximumForClamp):
(clampToAccepting64):
(isLessThan):
(isLessThanEqual):
(isGreaterThan):
(isGreaterThanEqual):
(WTF::roundUpToPowerOfTwo):
(WTF::maskForSize):

  • wtf/Optional.h:
  • wtf/PtrTag.h:

(WTF::tagCodePtr):
(WTF::untagCodePtr):
(WTF::retagCodePtr):
(WTF::removeCodePtrTag):

  • wtf/StdLibExtras.h:

(WTF::roundUpToMultipleOf):

  • wtf/Variant.h:

(WTF::operator==):
(WTF::operator!=):
(WTF::operator>=):
(WTF::operator<=):
(WTF::operator>):
(WTF::operator<):

  • wtf/text/StringImpl.h:

(WTF::StringImplShape::StringImplShape):
(WTF::StringImpl::StaticStringImpl::StaticStringImpl):

2:17 PM EnvironmentVariables edited by Michael Catanzaro
Add sandbox envvars (diff)
1:49 PM Changeset in webkit [237428] by Alan Coon
  • 7 edits in tags/Safari-607.1.10.5/Source

Versioning.

1:09 PM Changeset in webkit [237427] by Alan Coon
  • 1 copy in tags/Safari-607.1.10.5

New tag.

1:04 PM Changeset in webkit [237426] by ap@apple.com
  • 2 edits in trunk/LayoutTests

https://bugs.webkit.org/show_bug.cgi?id=175597
XMLHttpRequest should not sniff content encoding

Actually, the discussion in Bugzilla claims that it should always have worked on
iOS. Not sure why the test was not enabled from the start.

  • platform/ios/TestExpectations:
1:01 PM Changeset in webkit [237425] by ap@apple.com
  • 2 edits in trunk/LayoutTests

Update test results for https://bugs.webkit.org/show_bug.cgi?id=175597
XMLHttpRequest should not sniff content encoding

This code doesn't work like planned on macOS High Sierra, and I'm not sure what's
up with iOS and other platforms. But I can to re-enable the test for Mojave.

  • platform/mac/TestExpectations: As expected, this test is passing on macOS Mojave.
12:55 PM Changeset in webkit [237424] by Michael Catanzaro
  • 2 edits in trunk/Source/WebCore

Unreviewed, silence a -Wreturn-type warning

When every return is supposed to be covered by a switch statement, a release assert or CRASH
is required by GCC.

  • Modules/mediastream/libwebrtc/LibWebRTCCertificateGenerator.cpp:

(WebCore::LibWebRTCCertificateGenerator::keyParamsFromCertificateType):

12:53 PM Changeset in webkit [237423] by Michael Catanzaro
  • 2 edits in trunk/Source/WebKit

Unreviewed, another try at fixing the GTK build with sandbox enabled

  • UIProcess/Launcher/glib/BubblewrapLauncher.cpp:

(WebKit::memfd_create): Deleted.

12:51 PM Changeset in webkit [237422] by commit-queue@webkit.org
  • 2 edits in trunk/Tools

Web Inspector: Add a watchlist message rule to warn about feature checking new inspector protocol changes
https://bugs.webkit.org/show_bug.cgi?id=190896

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2018-10-25
Reviewed by Matt Baker.

  • Scripts/webkitpy/common/config/watchlist:
12:17 PM Changeset in webkit [237421] by graouts@webkit.org
  • 8 edits in trunk/Source

[Web Animations] Turn Web Animations CSS Integration off by default
https://bugs.webkit.org/show_bug.cgi?id=190901

Reviewed by Dean Jackson.

Source/WebCore:

  • page/RuntimeEnabledFeatures.h:

Source/WebKit:

  • Shared/WebPreferences.yaml:

Source/WebKitLegacy/mac:

  • WebView/WebPreferences.mm:

(+[WebPreferences initialize]):

Source/WebKitLegacy/win:

  • WebPreferences.cpp:

(WebPreferences::initializeDefaultSettings):

10:44 AM Changeset in webkit [237420] by pvollan@apple.com
  • 3 edits in trunk/LayoutTests

[High Sierra/Sierra Release] Layout Test media/track/track-cue-css.html is a flaky image failure
https://bugs.webkit.org/show_bug.cgi?id=190876

Reviewed by Alexey Proskuryakov.

This is a speculative fix; avoid an unnecessary video seek step in test.

  • media/track/track-cue-css-expected.html:
  • media/track/track-cue-css.html:
10:41 AM Changeset in webkit [237419] by ggaren@apple.com
  • 12 edits in trunk

HashMap should support selecting a random entry
https://bugs.webkit.org/show_bug.cgi?id=190814

Reviewed by Antti Koivisto.

Source/WTF:

In some cases, remove(begin()) is not quite good enough as a random
eviction strategy. (See https://bugs.webkit.org/show_bug.cgi?id=190792.)
So, let's support real random eviction.

(And by "real" I mean "pseudo".)

  • wtf/HashCountedSet.h:
  • wtf/HashMap.h:
  • wtf/HashSet.h:
  • wtf/ListHashSet.h:

(WTF::ListHashSet::random):
(WTF::ListHashSet::random const):

  • wtf/LoggingHashMap.h:
  • wtf/LoggingHashSet.h: Plumb through the random() iterator.
  • wtf/HashTable.h:

(WTF::HashTable::random):
(WTF::HashTable::random const): Implement the random() iterator.
makeIterator() already supports starting from any bucket, so this is
pretty easy.

In the subtle case where we select end(), we choose to wrap around and
return begin(). We expect that clients don't really think of the end()
bucket as being in the domain of the random search. Also, we don't want
to annoy clients who know their tables are non-empty with needless
checks for end().

  • wtf/RandomNumber.cpp:

(WTF::weakRandomUint32):

  • wtf/RandomNumber.h: Added a free function for weak random numbers so

that clients that want cheap random numbers aren't required to allocate
storage for a WeakRandom generator.

Tools:

Unit testing is fun and easy!

  • TestWebKitAPI/Tests/WTF/HashMap.cpp:

(TestWebKitAPI::ZeroHash::hash):
(TestWebKitAPI::TEST):

10:09 AM Changeset in webkit [237418] by Jon Davis
  • 4 edits in trunk

Source/WebCore:
Changed "Under Development" status to use "In Development" instead
https://bugs.webkit.org/show_bug.cgi?id=187615

Reviewed by Joseph Pecoraro.

  • features.json: Updated CSS Painting API Level 1 and CSS Properties and Values API Level 1.

Websites/webkit.org:
Added support for "deprecated" feature status
https://bugs.webkit.org/show_bug.cgi?id=187615

Reviewed by Joseph Pecoraro.

  • wp-content/themes/webkit/status.php:
10:06 AM Changeset in webkit [237417] by Michael Catanzaro
  • 2 edits in trunk/Source/WebKit

Unreviewed, try to fix GTK build with sandbox enabled

  • UIProcess/Launcher/glib/BubblewrapLauncher.cpp:
9:33 AM Changeset in webkit [237416] by Fujii Hironori
  • 2 edits in trunk/Source/WebKitLegacy

[CMake][Ninja][Win] midl.exe fails to create, open and write a temporary file in parallel build in Docker container
https://bugs.webkit.org/show_bug.cgi?id=187725

Reviewed by Michael Catanzaro.

  • PlatformWin.cmake: Added USES_TERMINAL to serialize midl.exe

executions.

8:55 AM Changeset in webkit [237415] by Claudio Saavedra
  • 2 edits in trunk/Source/WebKit

[WPE][GTK] Follow-up fixes to the certificate coders
https://bugs.webkit.org/show_bug.cgi?id=190900

Reviewed by Michael Catanzaro.

Cleanup the GRefPtr mess I created earlier. Also we now bail out
if any certificate in the chain has no data instead of returning a
cropped chain.

  • Shared/soup/WebCoreArgumentCodersSoup.cpp:

(IPC::ArgumentCoder<CertificateInfo>::encode):
(IPC::ArgumentCoder<CertificateInfo>::decode):

7:53 AM Changeset in webkit [237414] by Michael Catanzaro
  • 2 edits in trunk

[GTK] Reenable the sandbox

Previously reviewed by, er, myself. This just reverts the sabotague as our bots should have
the required deps now. Hopefully.

  • Source/cmake/OptionsGTK.cmake:
7:15 AM Changeset in webkit [237413] by Chris Dumez
  • 3 edits
    2 adds in trunk

REGRESSION (236779) scandinaviandesigns.com product pages auto redirect to product image
https://bugs.webkit.org/show_bug.cgi?id=190891
<rdar://problem/45296796>

Reviewed by Antti Koivisto.

Source/WebCore:

When a radio element gets clicked, we should only fire the 'input' and 'change' if the checked state
of the radio element has changed.

Test: fast/dom/HTMLInputElement/radio-element-fires-change-event-only-when-checked-state-changes.html

  • html/RadioInputType.cpp:

(WebCore::RadioInputType::didDispatchClick):

LayoutTests:

Add layout test coverage.

  • fast/dom/HTMLInputElement/radio-element-fires-change-event-only-when-checked-state-changes-expected.txt: Added.
  • fast/dom/HTMLInputElement/radio-element-fires-change-event-only-when-checked-state-changes.html: Added.
7:03 AM Changeset in webkit [237412] by fred.wang@free.fr
  • 2 edits
    3 adds in trunk/LayoutTests

Unreviewed test gardening.

Patch by Frederic Wang <fwang@igalia.com> on 2018-10-25

  • platform/ios-wk1/TestExpectations: Add failures for tests requiring findString.
  • platform/ios-wk1/fast/scrolling/adjust-scroll-offset-on-zoom-expected.txt: Added. Adjust

expectation to handle whitespace difference.

  • platform/ios-wk1/fast/scrolling/scrolling-tree-includes-frame-expected.txt: Added. The

scrolling tree is not displayed on WK1.

5:46 AM Changeset in webkit [237411] by fred.wang@free.fr
  • 2 edits
    8 adds in trunk/LayoutTests

Add more tests for the Find UI
https://bugs.webkit.org/show_bug.cgi?id=190823

Patch by Frederic Wang <fwang@igalia.com> on 2018-10-25
Reviewed by Antonio Gomes.

We add more tests for iOS's find UI to cover cases fixed by r224284. Equivalent tests for
subframes currently fails when frame flattening is disabled, they will be handled in bug
184297.

  • platform/ios/fast/scrolling/find-text-in-overflow-node-indicator-position-expected.png: Added.
  • platform/ios/fast/scrolling/find-text-in-overflow-node-indicator-position-expected.txt: Added.
  • platform/ios/fast/scrolling/find-text-in-overflow-node-indicator-position-limit-expected.png: Added.
  • platform/ios/fast/scrolling/find-text-in-overflow-node-indicator-position-limit-expected.txt: Added.
  • platform/ios/fast/scrolling/find-text-in-overflow-node-indicator-position-limit.html: Added.

Test with a match at the limit of the scrolling element.

  • platform/ios/fast/scrolling/find-text-in-overflow-node-indicator-position.html: Added. Test

with a match at the middle of the scrolling element.

  • platform/ios/fast/scrolling/find-text-in-overflow-node.html: Use names for parameters to

make it more explicit.

  • platform/ios/fast/scrolling/find-text-in-subframe-expected.txt: Added.
  • platform/ios/fast/scrolling/find-text-in-subframe.html: Added. Test with a subframe instead

of an overflow node.

5:07 AM WebKitGTK/2.22.x edited by Adrian Perez de Castro
(diff)
4:09 AM Changeset in webkit [237410] by zandobersek@gmail.com
  • 13 edits in trunk/Source/WebKit

[GTK][AC] Resizing the window doesn't always update the visible rect
https://bugs.webkit.org/show_bug.cgi?id=189743

Reviewed by Michael Catanzaro.

Disassociate resizing that can be done on an AcceleratedSurface object
between "host resizes" and "client resizes".

The former is done from ThreadedCoordinatedLayerTreeHost directly, and
is currently used only for GTK on X11, where a new pixmap object is
created on each resize, which affects the context ID that is based on
that pixmap object's address.

The latter is done from the composition thread. It's used for GTK on
Wayland and WPE. In both cases, the underlying window object does not
change on each resize, but it's necessary to perform the actual resize
on the composition thread.

So far it hasn't been performed there, which ended up pushing sizes of
the WebKit view and the underlying window object out of sync during
resizing, leaving parts of window unrendered.

  • Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.cpp:

(WebKit::ThreadedCompositor::renderLayerTree):

  • Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.h:
  • WebProcess/WebPage/AcceleratedSurface.cpp:

(WebKit::AcceleratedSurface::hostResize):
(WebKit::AcceleratedSurface::resize): Deleted.

  • WebProcess/WebPage/AcceleratedSurface.h:

(WebKit::AcceleratedSurface::clientResize):

  • WebProcess/WebPage/CoordinatedGraphics/ThreadedCoordinatedLayerTreeHost.cpp:

(WebKit::ThreadedCoordinatedLayerTreeHost::deviceOrPageScaleFactorChanged):
(WebKit::ThreadedCoordinatedLayerTreeHost::sizeDidChange):

  • WebProcess/WebPage/CoordinatedGraphics/ThreadedCoordinatedLayerTreeHost.h:
  • WebProcess/WebPage/gtk/AcceleratedSurfaceWayland.cpp:

(WebKit::AcceleratedSurfaceWayland::clientResize):
(WebKit::AcceleratedSurfaceWayland::resize): Deleted.

  • WebProcess/WebPage/gtk/AcceleratedSurfaceWayland.h:
  • WebProcess/WebPage/gtk/AcceleratedSurfaceX11.cpp:

(WebKit::AcceleratedSurfaceX11::hostResize):
(WebKit::AcceleratedSurfaceX11::resize): Deleted.

  • WebProcess/WebPage/gtk/AcceleratedSurfaceX11.h:
  • WebProcess/WebPage/wpe/AcceleratedSurfaceWPE.cpp:

(WebKit::AcceleratedSurfaceWPE::clientResize):
(WebKit::AcceleratedSurfaceWPE::resize): Deleted.

  • WebProcess/WebPage/wpe/AcceleratedSurfaceWPE.h:
1:34 AM Changeset in webkit [237409] by commit-queue@webkit.org
  • 6 edits in trunk/Source/WebCore

InspectorCanvas is not getting cleared properly for OffscreenCanvas
https://bugs.webkit.org/show_bug.cgi?id=190894
<rdar://problem/45498435>

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2018-10-25
Reviewed by Simon Fraser.

Covered by existing tests not crashing with guard malloc.

InspectorCanvasAgents tracks all CanvasRenderingContexts and needs to
remove its reference when the containing CanvasBase goes away. It does
this by registering as a notification observer, but if it can't map
from the CanvasBase back to the rendering context we were failing to
remove our reference. Enforce CanvasBase classes to notify observers
of destruction while they still have their CanvasRenderingContext.

  • html/CanvasBase.cpp:

(WebCore::CanvasBase::~CanvasBase):
(WebCore::CanvasBase::notifyObserversCanvasDestroyed):

  • html/CanvasBase.h:

Assert that subclasses notify observers of the canvas being destroyed,
since they will need to do this before m_context is cleared.

  • html/CustomPaintCanvas.cpp:

(WebCore::CustomPaintCanvas::~CustomPaintCanvas):

  • html/OffscreenCanvas.cpp:

(WebCore::OffscreenCanvas::~OffscreenCanvas):
Follow the new expected pattern of notifying observers before clearing
the context. HTMLCanvasElement already followed this pattern.

  • inspector/agents/InspectorCanvasAgent.cpp:

(WebCore::InspectorCanvasAgent::canvasDestroyed):
Add an assertion that would catch this earlier.

12:24 AM Changeset in webkit [237408] by jiewen_tan@apple.com
  • 7 edits in trunk/LayoutTests

[WPT] Update resource-timing WPT tests to use the right cross origin
https://bugs.webkit.org/show_bug.cgi?id=190554

Reviewed by Youenn Fablet.

LayoutTests/imported/w3c:

  • web-platform-tests/resource-timing/resource_TAO_cross_origin_redirect_chain-expected.txt:
  • web-platform-tests/resource-timing/resource_TAO_cross_origin_redirect_chain.html:
  • web-platform-tests/resource-timing/resource_timing_cross_origin_redirect_chain-expected.txt:
  • web-platform-tests/resource-timing/resource_timing_cross_origin_redirect_chain.html:

LayoutTests:

Oct 24, 2018:

11:12 PM Changeset in webkit [237407] by timothy_horton@apple.com
  • 2 edits in trunk/Tools

REGRESSION (r237331): DismissingActionSheetShouldNotDismissPresentingViewController times out
https://bugs.webkit.org/show_bug.cgi?id=190897

  • TestWebKitAPI/Tests/ios/ActionSheetTests.mm:

(TestWebKitAPI::TEST):
Disable the test for now.

10:02 PM Changeset in webkit [237406] by mitz@apple.com
  • 9 copies
    1 add in releases/Apple/Safari Technology Preview 68

Added a tag for Safari Technology Preview release 68.

5:19 PM Changeset in webkit [237405] by ap@apple.com
  • 18 edits in trunk

Clean up some obsolete macOS version guards
https://bugs.webkit.org/show_bug.cgi?id=190887

Reviewed by Dan Bernstein.

Source/WebCore:

  • platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:

(WebCore::MediaPlayerPrivateAVFoundationObjC::createAVAssetForURL):
(WebCore::MediaPlayerPrivateAVFoundationObjC::maximumDurationToCacheMediaTime const):
(WebCore::MediaPlayerPrivateAVFoundationObjC::didPassCORSAccessCheck const):
(WebCore::MediaPlayerPrivateAVFoundationObjC::wouldTaintOrigin const):

Source/WebCore/PAL:

  • pal/spi/mac/TUCallSPI.h:

Source/WebKit:

  • PluginProcess/mac/com.apple.WebKit.plugin-common.sb.in:
  • UIProcess/Cocoa/WebProcessPoolCocoa.mm:

(WebKit::WebProcessPool::platformInitializeWebProcess):

Source/WebKitLegacy/mac:

  • Misc/WebNSPasteboardExtras.mm:

(+[NSPasteboard _web_dragTypesForURL]):

  • WebCoreSupport/PopupMenuMac.mm:

(PopupMenuMac::show):

  • WebCoreSupport/WebEditorClient.h:
  • WebCoreSupport/WebEditorClient.mm:

(WebEditorClient::respondToChangedSelection):

  • WebView/WebPDFView.mm:

(-[WebPDFView _clipViewForPDFDocumentView]):

Tools:

  • TestWebKitAPI/cocoa/TestWKWebView.mm:

(simulated_forceClickAssociatedEventsMask):
(-[TestWKWebViewHostWindow _mouseDownAtPoint:simulatePressure:clickCount:]):

  • WebKitTestRunner/cocoa/TestControllerCocoa.mm:

(WTR::initializeWebViewConfiguration):

  • WebKitTestRunner/mac/EventSenderProxy.mm:

(-[EventSenderSyntheticEvent initPressureEventAtLocation:globalLocation:stage:pressure:stageTransition:phase:time:eventNumber:window:]):

4:52 PM Changeset in webkit [237404] by Kocsen Chung
  • 1 copy in tags/Safari-606.3.2

Tag Safari-606.3.2.

3:51 PM Changeset in webkit [237403] by timothy_horton@apple.com
  • 6 edits
    2 adds in trunk

Attachment filenames with RTL characters should format similar to Finder
https://bugs.webkit.org/show_bug.cgi?id=190736
<rdar://problem/44735946>

Reviewed by Dan Bernstein.

Source/WebCore:

Test: fast/attachment/attachment-title-with-rtl.html

  • html/HTMLAttachmentElement.cpp:

(WebCore::HTMLAttachmentElement::attachmentTitleForDisplay const):

  • html/HTMLAttachmentElement.h:

Add attachmentTitleForDisplay(), which wraps the non-extension part of
attachmentTitle in BiDi isolates, matching Finder's behavior.

  • rendering/RenderThemeIOS.mm:

(WebCore::RenderAttachmentInfo::buildWrappedLines):
(WebCore::RenderAttachmentInfo::RenderAttachmentInfo):

  • rendering/RenderThemeMac.mm:

(WebCore::AttachmentLayout::layOutTitle):
Adopt attachmentTitleForDisplay, and ask CoreText to use a subrange of
the original string for the last line, instead of splitting the string
ourselves. This ensures that BiDi control characters are respected
even in the last line of the string.

LayoutTests:

  • fast/attachment/attachment-title-with-rtl-expected.html: Added.
  • fast/attachment/attachment-title-with-rtl.html: Added.

Add a test that directionality marks in the attachment's title are
isolated from the file extension.

3:28 PM Changeset in webkit [237402] by Megan Gardner
  • 24 edits in trunk

Turn on Conic Gradients
https://bugs.webkit.org/show_bug.cgi?id=190810

Reviewed by Tim Horton.

Source/JavaScriptCore:

  • Configurations/FeatureDefines.xcconfig:

Source/WebCore:

Added tests previously, only switching feature from experimental to always avaiable.

  • Configurations/FeatureDefines.xcconfig:
  • css/parser/CSSParserContext.cpp:

(WebCore::CSSParserContext::CSSParserContext):
(WebCore::operator==):

  • css/parser/CSSParserContext.h:

(WebCore::CSSParserContextHash::hash):

  • css/parser/CSSPropertyParserHelpers.cpp:

(WebCore::CSSPropertyParserHelpers::consumeConicGradient):

  • page/Settings.yaml:

Source/WebCore/PAL:

  • Configurations/FeatureDefines.xcconfig:

Source/WebKit:

Remove conic gradients from experimental features and turn it on always.

  • Configurations/FeatureDefines.xcconfig:
  • Shared/WebPreferences.yaml:

Source/WebKitLegacy/mac:

  • Configurations/FeatureDefines.xcconfig:

Source/WTF:

  • wtf/FeatureDefines.h:

Tools:

  • TestWebKitAPI/Configurations/FeatureDefines.xcconfig:

LayoutTests:

No longer necessary to manually turn on conic gradients for testing.

  • http/wpt/css/css-images-4/conic-gradient-parsing.html:
3:12 PM Changeset in webkit [237401] by Devin Rousso
  • 3 edits in trunk/Source/WebInspectorUI

Web Inspector: popovers for function source code are malformed
https://bugs.webkit.org/show_bug.cgi?id=190859

Reviewed by Joseph Pecoraro.

Previously, the WI.Popover would be drawn twice: once when the
WI.CodeMirrorTokenTrackingController determines that the user has hovered on a function
token, and once again when the source for that function is formatted (after being retrieved).
In the case that the formatter is able to return the prettified source within a frame (or
two), the WI.Popover is still in the middle of animating to its new size, meaning that the
changes made by the formatted update will be overridden on the next rAF (creates a flash).

  • UserInterface/Views/Popover.js:

(WI.Popover.prototype):
(WI.Popover.prototype._animateFrame.drawBackground):
(WI.Popover.prototype._drawBackground):
Add a member variable to make sure that there is only ever one rAF firing at a time.
Drive-by: rework the background code to only use one canvas.

  • UserInterface/Views/SourceCodeTextEditor.js:

(WI.SourceCodeTextEditor.prototype._showPopoverForFunction.didGetDetails):
Don't show the WI.Popover until the formatter has finished prettifying the function's
source code, as otherwise there is brief moment that the popover appears and is empty.

2:35 PM Changeset in webkit [237400] by msaboff@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

2018-10-24 Michael Saboff <msaboff@apple.com>

Increase executable memory pool from 64MB to 128MB for ARM64
https://bugs.webkit.org/show_bug.cgi?id=190453

Unreviewed, rolling back in r237024.

The original change did impact ARES-6 performance by 4-8%. That will
be investigated separately.

2:01 PM Changeset in webkit [237399] by ap@apple.com
  • 9 edits in trunk/Source/bmalloc

Add BPLATFORM(IOS_FAMILY)
https://bugs.webkit.org/show_bug.cgi?id=190878

Reviewed by Saam Barati.

  • bmalloc/AvailableMemory.cpp:

(bmalloc::memorySizeAccordingToKernel):
(bmalloc::computeAvailableMemory):

  • bmalloc/AvailableMemory.h:

(bmalloc::isUnderMemoryPressure):

  • bmalloc/BPlatform.h:
  • bmalloc/Gigacage.h:
  • bmalloc/Logging.cpp:

(bmalloc::logVMFailure):

  • bmalloc/VMAllocate.h:

(bmalloc::vmPageSizePhysical):

  • bmalloc/bmalloc.h:
  • bmalloc/darwin/MemoryStatusSPI.h:
1:41 PM Changeset in webkit [237398] by Alan Coon
  • 7 edits in branches/safari-606-branch/Source

Versioning.

1:19 PM Changeset in webkit [237397] by Devin Rousso
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: REGRESSION (r237232): changing resources via up/down blurs the TreeOutline in Resources
https://bugs.webkit.org/show_bug.cgi?id=190862

Reviewed by Matt Baker.

  • UserInterface/Views/TextEditor.js:

(WI.TextEditor.prototype.set selectedTextRange):
Don't focus unless the activeElement is not a WebInspector element (e.g. <body>),
meaning that the previously focused element has been removed from the DOM and no longer
needs to keep the focus.

12:27 PM Changeset in webkit [237396] by Devin Rousso
  • 5 edits in trunk/Source/WebInspectorUI

Web Inspector: CSP request payload on medium.com is unreadable, should be pretty-printed
https://bugs.webkit.org/show_bug.cgi?id=190354
<rdar://problem/45090894>

Reviewed by Joseph Pecoraro.

  • UserInterface/Views/TextEditor.js:

(WI.TextEditor.prototype.set string.update):
(WI.TextEditor.prototype._attemptToDetermineMIMEType): Added.
If the content doesn't already have a MIME type, attempt to determine one by trying to
format it as "javascript" (e.g. request JSON that is simply missing a MIME type).

  • UserInterface/Views/TextContentView.js:

(WI.TextContentView):
(WI.TextContentView.prototype._handleTextEditorMIMETypeChanged): Added.

  • UserInterface/Views/TextResourceContentView.js:

(WI.TextResourceContentView):
(WI.TextResourceContentView.prototype._handleTextEditorMIMETypeChanged): Added.

  • UserInterface/Views/ScriptContentView.js:

(WI.ScriptContentView):
(WI.ScriptContentView.prototype._handleTextEditorMIMETypeChanged): Added.
Enable the "Pretty Print" navigation button if the MIME type changes to something that is
able to be formatted.
Drive-by: reorder the creation of the "Pretty Print" button so that it exists if
_attemptToDetermineMIMEType finishes synchronously.

11:49 AM Changeset in webkit [237395] by jiewen_tan@apple.com
  • 5 edits
    5 adds in trunk

Only report resource timing to parent frame for the first iframe load
https://bugs.webkit.org/show_bug.cgi?id=190498
<rdar://problem/44347398>

Reviewed by Youenn Fablet.

Source/WebCore:

Only the first iframe navigation or the first iframe navigation after about:blank should be reported.
https://www.w3.org/TR/resource-timing-2/#resources-included-in-the-performanceresourcetiming-interface

Test: http/tests/misc/resource-timing-navigation-in-restored-iframe.html

  • loader/FrameLoader.cpp:

(WebCore::FrameLoader::loadWithDocumentLoader):

  • loader/FrameLoader.h:

(WebCore::FrameLoader::shouldReportResourceTimingToParentFrame):
(WebCore::FrameLoader::setShouldReportResourceTimingToParentFrame): Deleted.

  • loader/ResourceTimingInformation.cpp:

(WebCore::ResourceTimingInformation::addResourceTiming):

LayoutTests:

The layout test is from Chromium change:
https://chromium-review.googlesource.com/c/chromium/src/+/1186215.

  • http/tests/misc/resource-timing-navigation-in-restored-iframe-expected.txt: Added.
  • http/tests/misc/resource-timing-navigation-in-restored-iframe.html: Added.
  • http/tests/misc/resources/alert-then-back.html: Added.
  • http/tests/misc/resources/navigate-on-message.html: Added.
  • http/tests/misc/resources/post-message-to-parent.html: Added.
11:46 AM Changeset in webkit [237394] by Brent Fulgham
  • 17 edits in trunk/Source/WebCore

Cure Windows Direct2D Backend of a nasty case of bitrot
https://bugs.webkit.org/show_bug.cgi?id=190875
<rdar://problem/45523268>

Reviewed by Zalan Bujtas.

The Direct2D backend has drifted out of date with the rest of WebKit.
This patch updates things so we can get a runnable build.

  • platform/graphics/FontPlatformData.h:
  • platform/graphics/ImageBuffer.cpp:

(WebCore::ImageBuffer::create):

  • platform/graphics/ImageBuffer.h:
  • platform/graphics/ImageDecoder.h:
  • platform/graphics/ImageSource.cpp:

(WebCore::ImageSource::setTargetContext):

  • platform/graphics/opentype/OpenTypeMathData.cpp:

(WebCore::OpenTypeMathData::OpenTypeMathData): Need non-default constructor to make Visual
Studio happy.

  • platform/graphics/win/GradientDirect2D.cpp:

(WebCore::Gradient::generateGradient):

  • platform/graphics/win/GraphicsContextDirect2D.cpp: Update for new display list implementation.

(WebCore::GraphicsContextPlatformPrivate::setAlpha):
(WebCore::GraphicsContext::savePlatformState):
(WebCore::GraphicsContext::restorePlatformState):
(WebCore::GraphicsContext::drawNativeImage):
(WebCore::GraphicsContext::drawPattern):
(WebCore::GraphicsContext::drawRect):
(WebCore::GraphicsContext::drawLine):
(WebCore::GraphicsContext::drawEllipse):
(WebCore::GraphicsContext::drawPath):
(WebCore::GraphicsContext::fillPath):
(WebCore::GraphicsContext::strokePath):
(WebCore::GraphicsContext::fillRect):
(WebCore::GraphicsContext::platformFillRoundedRect):
(WebCore::GraphicsContext::fillRectWithRoundedHole):
(WebCore::GraphicsContext::clip):
(WebCore::GraphicsContext::clipOut):
(WebCore::GraphicsContext::clipPath):
(WebCore::GraphicsContext::clipBounds const):
(WebCore::GraphicsContext::beginPlatformTransparencyLayer):
(WebCore::GraphicsContext::endPlatformTransparencyLayer):
(WebCore::GraphicsContext::setMiterLimit):
(WebCore::GraphicsContext::clearRect):
(WebCore::GraphicsContext::strokeRect):
(WebCore::GraphicsContext::setLineCap):
(WebCore::GraphicsContext::setLineDash):
(WebCore::GraphicsContext::setLineJoin):
(WebCore::GraphicsContext::scale):
(WebCore::GraphicsContext::rotate):
(WebCore::GraphicsContext::translate):
(WebCore::GraphicsContext::concatCTM):
(WebCore::GraphicsContext::setCTM):
(WebCore::GraphicsContext::getCTM const):
(WebCore::GraphicsContext::roundToDevicePixels):
(WebCore::GraphicsContext::drawLinesForText):
(WebCore::GraphicsContext::setURLForRect):
(WebCore::GraphicsContext::setIsCALayerContext):
(WebCore::GraphicsContext::isCALayerContext const):
(WebCore::GraphicsContext::setIsAcceleratedContext):
(WebCore::GraphicsContext::isAcceleratedContext const):
(WebCore::GraphicsContext::setPlatformShouldAntialias):
(WebCore::GraphicsContext::setPlatformShouldSmoothFonts):
(WebCore::GraphicsContext::setPlatformCompositeOperation):
(WebCore::GraphicsContext::platformFillEllipse):
(WebCore::GraphicsContext::platformStrokeEllipse):

  • platform/graphics/win/GraphicsLayerDirect2D.cpp:

(WebCore::GraphicsLayer::create):
(): Deleted.

  • platform/graphics/win/ImageBufferDataDirect2D.cpp:

(WebCore::ImageBufferData::putData):

  • platform/graphics/win/ImageBufferDataDirect2D.h:
  • platform/graphics/win/ImageBufferDirect2D.cpp:

(WebCore::ImageBuffer::createCompatibleBuffer):
(WebCore::ImageBuffer::ImageBuffer):

  • platform/graphics/win/ImageDecoderDirect2D.cpp:

(WebCore::ImageDecoderDirect2D::bytesDecodedToDetermineProperties const):
(WebCore::ImageDecoderDirect2D::encodedDataStatus const):
(WebCore::ImageDecoderDirect2D::repetitionCount const):
(WebCore::ImageDecoderDirect2D::frameOrientationAtIndex const):
(WebCore::ImageDecoderDirect2D::frameDurationAtIndex const):
(WebCore::ImageDecoderDirect2D::frameAllowSubsamplingAtIndex const):
(WebCore::ImageDecoderDirect2D::frameHasAlphaAtIndex const):
(WebCore::ImageDecoderDirect2D::createFrameImageAtIndex):
(WebCore::ImageDecoderDirect2D::setData):
(WebCore::ImageDecoderDirect2D::bytesDecodedToDetermineProperties): Deleted.
(WebCore::ImageDecoderDirect2D::createFrameImageAtIndex const): Deleted.

  • platform/graphics/win/ImageDecoderDirect2D.h:
  • platform/graphics/win/ImageDirect2D.cpp:

(WebCore::BitmapImage::drawFrameMatchingSourceSize):

  • platform/graphics/win/PatternDirect2D.cpp:

(WebCore::Pattern::createPlatformPattern const):

11:42 AM Changeset in webkit [237393] by commit-queue@webkit.org
  • 17 edits in trunk/Source

Cleanup: MIMETypeRegistry functions
https://bugs.webkit.org/show_bug.cgi?id=190838

Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2018-10-24
Reviewed by Simon Fraser.

Source/WebCore:

Modernize the initialization of the lists in MIMETypeRegistry. Make the
functions that return these list be self-contained. Use NeverDestroy<> to
allocate the local static variable. Use std::initializer_list() and
makeNeverDestroyed() to initialize NeverDestroy<> variables only once.

supportedImageResourceMIMETypes will be deleted and all the calls to it
will be replaced by supportedImageMIMETypes because they are identical.

  • loader/archive/ArchiveFactory.cpp:

(WebCore::ArchiveFactory::registerKnownArchiveMIMETypes): This function
is called while initializing the supportedNonImageMIMETypes(). So it
should not have a direct call to it. Instead, supportedNonImageMIMETypes
is passed to it.

  • loader/archive/ArchiveFactory.h:
  • platform/MIMETypeRegistry.cpp:

(WebCore::MIMETypeRegistry::supportedImageMIMETypes):
(WebCore::supportedImageMIMETypesForEncoding):
(WebCore::supportedJavaScriptMIMETypes):
(WebCore::MIMETypeRegistry::supportedNonImageMIMETypes):
(WebCore::MIMETypeRegistry::supportedMediaMIMETypes):
(WebCore::pdfMIMETypes):
(WebCore::MIMETypeRegistry::unsupportedTextMIMETypes):
(WebCore::MIMETypeRegistry::isSupportedImageMIMEType):
(WebCore::MIMETypeRegistry::isSupportedImageMIMETypeForEncoding):
(WebCore::MIMETypeRegistry::isSupportedJavaScriptMIMEType):
(WebCore::MIMETypeRegistry::isSupportedNonImageMIMEType):
(WebCore::MIMETypeRegistry::isSupportedMediaMIMEType):
(WebCore::MIMETypeRegistry::isUnsupportedTextMIMEType):
(WebCore::MIMETypeRegistry::isPDFMIMEType):
(WebCore::MIMETypeRegistry::systemPreviewMIMETypes):
(WebCore::MIMETypeRegistry::isSystemPreviewMIMEType):
(WebCore::initializeSupportedImageMIMETypes): Deleted.
(WebCore::initializeSupportedImageMIMETypesForEncoding): Deleted.
(WebCore::initializeSupportedJavaScriptMIMETypes): Deleted.
(WebCore::initializePDFMIMETypes): Deleted.
(WebCore::initializeSupportedNonImageMimeTypes): Deleted.
(WebCore::initializeSupportedMediaMIMETypes): Deleted.
(WebCore::initializeUnsupportedTextMIMETypes): Deleted.
(WebCore::MIMETypeRegistry::isSupportedImageResourceMIMEType): Deleted.
(WebCore::MIMETypeRegistry::getSupportedImageMIMETypes): Deleted.
(WebCore::MIMETypeRegistry::getSupportedImageResourceMIMETypes): Deleted.
(WebCore::MIMETypeRegistry::getSupportedNonImageMIMETypes): Deleted.
(WebCore::MIMETypeRegistry::getSupportedMediaMIMETypes): Deleted.
(WebCore::MIMETypeRegistry::getPDFMIMETypes): Deleted.
(WebCore::MIMETypeRegistry::getUnsupportedTextMIMETypes): Deleted.
(WebCore::MIMETypeRegistry::getSystemPreviewMIMETypes): Deleted.

  • platform/MIMETypeRegistry.h:
  • platform/graphics/Image.cpp:

(WebCore::Image::supportsType):

  • platform/graphics/cg/ImageDecoderCG.cpp:

(WebCore::ImageDecoderCG::encodedDataStatus const):

  • platform/graphics/cg/UTIRegistry.cpp:

(WebCore::supportedDefaultImageSourceTypes):
(WebCore::isSupportImageSourceType):
(WebCore::allowedImageUTIs): Deleted.
(WebCore::isAllowedImageUTI): Deleted.

  • platform/graphics/cg/UTIRegistry.h:
  • platform/mac/PasteboardMac.mm:

(WebCore::Pasteboard::write):

Source/WebKit:

  • UIProcess/Cocoa/WKWebViewContentProviderRegistry.mm:

(-[WKWebViewContentProviderRegistry initWithConfiguration:]):

Source/WebKitLegacy/mac:

  • Misc/WebNSPasteboardExtras.mm:

(-[NSPasteboard _web_writePromisedRTFDFromArchive:containsImage:]):
Replace isSupportedImageResourceMIMEType() by isSupportedImageMIMEType()
because they were identical.

  • WebView/WebHTMLRepresentation.mm:

(+[WebHTMLRepresentation supportedMediaMIMETypes]):
(+[WebHTMLRepresentation supportedNonImageMIMETypes]):
(+[WebHTMLRepresentation supportedImageMIMETypes]):
(+[WebHTMLRepresentation unsupportedTextMIMETypes]):

  • WebView/WebView.mm:

(+[WebView _unregisterViewClassAndRepresentationClassForMIMEType:]):
(+[WebView _registerViewClass:representationClass:forURLScheme:]):
(+[WebView registerViewClass:representationClass:forMIMEType:]):

11:26 AM Changeset in webkit [237392] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

[macOS] Layout Test legacy-animation-engine/animations/suspend-resume-animation.html is a flaky failure
https://bugs.webkit.org/show_bug.cgi?id=190883

Unreviewed test gardening.

  • platform/mac/TestExpectations: Mark test as flaky.
11:24 AM Changeset in webkit [237391] by Matt Lewis
  • 2 edits in trunk/LayoutTests

Marked webgl/1.0.2/conformance/glsl/misc/shader-with-reserved-words.html as a flaky timout.
https://bugs.webkit.org/show_bug.cgi?id=170877

Unreviewed test gardening.

  • platform/mac/TestExpectations:
10:44 AM Changeset in webkit [237390] by commit-queue@webkit.org
  • 3 edits in trunk/Tools

[WPE] Fix CMake rules in for TestWebKitAPIBase library building in developer mode
https://bugs.webkit.org/show_bug.cgi?id=190328

Patch by Pablo Saavedra <Pablo Saavedra> on 2018-10-24
Reviewed by Michael Catanzaro.

  • TestWebKitAPI/CMakeLists.txt:
  • TestWebKitAPI/PlatformWPE.cmake:
10:18 AM Changeset in webkit [237389] by Kocsen Chung
  • 4 edits in branches/safari-606-branch/Source/WebKit

Cherry-pick r236227. rdar://problem/45491949

Crash under WebPageProxy::decidePolicyForNavigationAction()
https://bugs.webkit.org/show_bug.cgi?id=189763
<rdar://problem/44597111>

Reviewed by Alex Christensen.

Update WebNavigationState::navigation() / WebNavigationState::takeNavigation()
to return a pointer instead of a reference as we have evidence that they can
return null. I kept the debug assertions to try and catch the cases where we
return null but at least we stop crashing in release builds.

  • UIProcess/WebNavigationState.cpp: (WebKit::WebNavigationState::navigation): (WebKit::WebNavigationState::takeNavigation):
  • UIProcess/WebNavigationState.h:
  • UIProcess/WebPageProxy.cpp: (WebKit::WebPageProxy::didStartProvisionalLoadForFrame): (WebKit::WebPageProxy::didReceiveServerRedirectForProvisionalLoadForFrame): (WebKit::WebPageProxy::didCommitLoadForFrame): (WebKit::WebPageProxy::didFinishDocumentLoadForFrame): (WebKit::WebPageProxy::didFinishLoadForFrame): (WebKit::WebPageProxy::didFailLoadForFrame): (WebKit::WebPageProxy::didSameDocumentNavigationForFrame): (WebKit::WebPageProxy::decidePolicyForNavigationAction): (WebKit::WebPageProxy::decidePolicyForResponse):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@236227 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9:56 AM Changeset in webkit [237388] by Kocsen Chung
  • 2 edits in branches/safari-606-branch/Source/WebCore

Cherry-pick r236747. rdar://problem/45491954

Add release assertion to ensure m_owningPointerForClose is null in UniqueIDBDatabase::invokeOperationAndTransactionTimer()
https://bugs.webkit.org/show_bug.cgi?id=190178

Reviewed by Chris Dumez.

This would help debug rdar://problem/44902833.

  • Modules/indexeddb/server/UniqueIDBDatabase.cpp: (WebCore::IDBServer::UniqueIDBDatabase::invokeOperationAndTransactionTimer):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@236747 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9:56 AM Changeset in webkit [237387] by Kocsen Chung
  • 8 edits in branches/safari-606-branch/Source/WebCore

Cherry-pick r234791. rdar://problem/45491958

CrashTracer: com.apple.WebKit.Storage at WebCore::IDBServer::UniqueIDBDatabase::connectionClosedFromClient(WebCore::IDBServer::UniqueIDBDatabaseConnection&)
https://bugs.webkit.org/show_bug.cgi?id=188474

Reviewed by Chris Dumez.

UniqueIDBDatabaseConnection is refcounted by UniqueIDBDatabaseTransaction and it refcounts
UniqueIDBDatabaseTransaction. This cycle could make UniqueIDBDatabaseConnection outlives
UniqueIDBDatabase, so its reference to UniqueIDBDatabase may be stale. Calling a function
on a stale object is probably the reason of recent various storage process crashes in
indexedDB.

This patch makes m_database a WeakPtr and adds assertions that could help us debug the
crashes.

  • Modules/indexeddb/server/IDBServer.cpp: (WebCore::IDBServer::IDBServer::closeAndDeleteDatabasesModifiedSince): (WebCore::IDBServer::IDBServer::closeAndDeleteDatabasesForOrigins):
  • Modules/indexeddb/server/UniqueIDBDatabase.cpp: (WebCore::IDBServer::UniqueIDBDatabase::commitTransaction): (WebCore::IDBServer::UniqueIDBDatabase::abortTransaction):
  • Modules/indexeddb/server/UniqueIDBDatabase.h:
  • Modules/indexeddb/server/UniqueIDBDatabaseConnection.cpp: (WebCore::IDBServer::UniqueIDBDatabaseConnection::UniqueIDBDatabaseConnection): (WebCore::IDBServer::UniqueIDBDatabaseConnection::~UniqueIDBDatabaseConnection): (WebCore::IDBServer::UniqueIDBDatabaseConnection::abortTransactionWithoutCallback): (WebCore::IDBServer::UniqueIDBDatabaseConnection::connectionClosedFromClient): (WebCore::IDBServer::UniqueIDBDatabaseConnection::confirmDidCloseFromServer): (WebCore::IDBServer::UniqueIDBDatabaseConnection::didFireVersionChangeEvent): (WebCore::IDBServer::UniqueIDBDatabaseConnection::didFinishHandlingVersionChange): (WebCore::IDBServer::UniqueIDBDatabaseConnection::createVersionChangeTransaction): (WebCore::IDBServer::UniqueIDBDatabaseConnection::establishTransaction): (WebCore::IDBServer::UniqueIDBDatabaseConnection::didAbortTransaction):
  • Modules/indexeddb/server/UniqueIDBDatabaseConnection.h: (WebCore::IDBServer::UniqueIDBDatabaseConnection::database):
  • Modules/indexeddb/server/UniqueIDBDatabaseTransaction.cpp: (WebCore::IDBServer::UniqueIDBDatabaseTransaction::UniqueIDBDatabaseTransaction): (WebCore::IDBServer::UniqueIDBDatabaseTransaction::~UniqueIDBDatabaseTransaction): (WebCore::IDBServer::UniqueIDBDatabaseTransaction::abort): (WebCore::IDBServer::UniqueIDBDatabaseTransaction::commit): (WebCore::IDBServer::UniqueIDBDatabaseTransaction::createObjectStore): (WebCore::IDBServer::UniqueIDBDatabaseTransaction::deleteObjectStore): (WebCore::IDBServer::UniqueIDBDatabaseTransaction::renameObjectStore): (WebCore::IDBServer::UniqueIDBDatabaseTransaction::clearObjectStore): (WebCore::IDBServer::UniqueIDBDatabaseTransaction::createIndex): (WebCore::IDBServer::UniqueIDBDatabaseTransaction::deleteIndex): (WebCore::IDBServer::UniqueIDBDatabaseTransaction::renameIndex): (WebCore::IDBServer::UniqueIDBDatabaseTransaction::putOrAdd): (WebCore::IDBServer::UniqueIDBDatabaseTransaction::getRecord): (WebCore::IDBServer::UniqueIDBDatabaseTransaction::getAllRecords): (WebCore::IDBServer::UniqueIDBDatabaseTransaction::getCount): (WebCore::IDBServer::UniqueIDBDatabaseTransaction::deleteRecord): (WebCore::IDBServer::UniqueIDBDatabaseTransaction::openCursor): (WebCore::IDBServer::UniqueIDBDatabaseTransaction::iterateCursor): (WebCore::IDBServer::UniqueIDBDatabaseTransaction::objectStoreIdentifiers):
  • Modules/indexeddb/shared/IDBResultData.cpp: (WebCore::IDBResultData::openDatabaseSuccess): (WebCore::IDBResultData::openDatabaseUpgradeNeeded):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@234791 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9:39 AM Changeset in webkit [237386] by Chris Dumez
  • 4 edits in trunk

[PSON] When navigating back and forth, 'about:blank' shows up in the back/forward list
https://bugs.webkit.org/show_bug.cgi?id=190846
<rdar://problem/45058938>

Reviewed by Antti Koivisto.

Source/WebCore:

When a page gets suspended after a process-swap, we navigate it to about:blank from inside the navigation
policy handler, by overriding the request URL. This normally works fine because we usually process-swap
on standard navigation. However, when we would process-swap on a back/forward navigation, we would end
up using the back/forward navigation load type to do the about:blank load. This would have repercussions
because history navigations update the current history item with the new URL (in this case 'about:blank').
To avoid the issue, switch to a standard load type whenever the client asks us to suspend and we load
'about:blank' as a result.

  • loader/FrameLoader.cpp:

(WebCore::FrameLoader::continueLoadAfterNavigationPolicy):

Tools:

Add API test coverage.

  • TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:
9:33 AM Changeset in webkit [237385] by Truitt Savell
  • 4 edits in trunk/LayoutTests

Marking Multiple tests as flakey at once
https://bugs.webkit.org/show_bug.cgi?id=190847

Unreviewed Test Gardening

  • platform/ios-wk2/TestExpectations:
  • platform/mac-wk1/TestExpectations:
  • platform/mac-wk2/TestExpectations:
8:38 AM Changeset in webkit [237384] by Chris Dumez
  • 2 edits in trunk/Source/WebKit

REGRESSION (r237257): [iOS] Crashes in com.apple.WebKit: WebKit::RemoteScrollingCoordinator::scheduleTreeStateCommit
https://bugs.webkit.org/show_bug.cgi?id=190804

Reviewed by Alex Christensen.

Fix null-dereference of the drawing area in RemoteScrollingCoordinator::scheduleTreeStateCommit.
With process-swap-on-navigation enabled, suspended pages' drawing area gets torn down.

  • WebProcess/WebPage/RemoteLayerTree/RemoteScrollingCoordinator.mm:

(WebKit::RemoteScrollingCoordinator::scheduleTreeStateCommit):

7:32 AM Changeset in webkit [237383] by Claudio Saavedra
  • 2 edits
    1 add in trunk/Tools

[GTK] TestSSL failing because of missing libsoup patch
https://bugs.webkit.org/show_bug.cgi?id=190869

Reviewed by Michael Catanzaro.

  • gtk/jhbuild.modules: Add the patch below to fix the API test TestSSL
  • gtk/patches/libsoup-soup-socket-fix-critical-warning-when-the-peer-certi.patch: Added.
7:27 AM Changeset in webkit [237382] by chris.reid@sony.com
  • 4 edits
    2 adds in trunk/Source/WTF

[Win] Add function call name information to stack traces
https://bugs.webkit.org/show_bug.cgi?id=190761

Reviewed by Fujii Hironori.

Add symbol information to stack traces using dbghelp.dll
This library will use symbols files from these sources:

  • The current working directory
  • The directory containing the application's executable
  • _NT_SYMBOL_PATH environment variable
  • _NT_ALTERNATE_SYMBOL_PATH environment variable

This functionality is currently only enabled in debug mode since dbghelp is not threadsafe.
The DbgHelper class attempts to synchronize calls to dbghelp.dll but external code
can still attempt to call the library at the same time as WebKit.

  • wtf/CMakeLists.txt:
  • wtf/PlatformWin.cmake:
  • wtf/StackTrace.cpp:
  • wtf/win/DbgHelperWin.cpp: Added.
  • wtf/win/DbgHelperWin.h: Added.
7:15 AM Changeset in webkit [237381] by aestes@apple.com
  • 4 edits in trunk

[macOS Debug WK2] Layout Test http/tests/ssl/applepay/ApplePayShippingAddressChangeEventErrorsV3.https.html is a flaky failure
https://bugs.webkit.org/show_bug.cgi?id=190650
<rdar://problem/45341914>

Reviewed by Alex Christensen.

Source/WebCore:

In computeErrors, we intend to ignore errors when computing paymentMethodErrors. But we
weren't clearing exceptions generated from calling convert(), so they would end up being
logged as unhandled promise rejections.

Changed ApplePayPaymentHandler::computeErrors() to use a CatchScope to clear exceptions when
decoding paymentMethodErrors.

Also changed ApplePayShippingAddressChangeEventErrorsV3.https.html to catch promise
rejections from calling PaymentRequest.abort().

Covered by existing test.

  • Modules/applepay/paymentrequest/ApplePayPaymentHandler.cpp:

(WebCore::ApplePayPaymentHandler::computeErrors const):

LayoutTests:

  • http/tests/resources/payment-request.js:

(updateDetailsOnShippingAddressChange):

6:45 AM Changeset in webkit [237380] by Claudio Saavedra
  • 2 edits in trunk/Source/WebKit

[WPE][GTK] Cleanups to the certificate decoder
https://bugs.webkit.org/show_bug.cgi?id=190867

Reviewed by Žan Doberšek.

  • Shared/soup/WebCoreArgumentCodersSoup.cpp:

(IPC::ArgumentCoder<CertificateInfo>::decode):

3:20 AM Changeset in webkit [237379] by Antti Koivisto
  • 2 edits in trunk/Source/WebCore

topPrivatelyControlledDomain is slow
https://bugs.webkit.org/show_bug.cgi?id=190792

Reviewed by Alex Christensen and Chris Dumez.

It calls into some slowish CFNetwork code and ends up showing up in profiles.

  • platform/mac/PublicSuffixMac.mm:

(WebCore::topPrivatelyControlledDomain):

Add a cache that avoids calls into frameworks.

3:03 AM Changeset in webkit [237378] by jer.noble@apple.com
  • 5 edits in trunk/Source/WebCore

Use WeakPtr and GenericTaskQueue within ObjC classes used by MediaPlayerPrivateAVFoundationObjC
https://bugs.webkit.org/show_bug.cgi?id=190790

Reviewed by Alex Christensen.

Move towards using WeakPtr callbacks instead of raw pointers within the utility objects used by
MediaPlayerPrivateAVFoundationObjC. Additionally, accessing WeakPtr off the thread which created
the pointer is not allowed, so use a GenericTaskQueue to schedule callbacks instead. Make
GenericTaskQueue<Timer> thread-safe by locking around access to m_pendingTasks, and by making
incrementing the pending task count atomic.

  • platform/GenericTaskQueue.cpp:

(WebCore::TaskDispatcher<Timer>::postTask):
(WebCore::TaskDispatcher<Timer>::sharedLock):
(WebCore::TaskDispatcher<Timer>::sharedTimerFired):
(WebCore::TaskDispatcher<Timer>::dispatchOneTask):
(WebCore::TaskDispatcher<Timer>::pendingDispatchers):

  • platform/GenericTaskQueue.h:
  • platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
  • platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:

(WebCore::MediaPlayerPrivateAVFoundationObjC::MediaPlayerPrivateAVFoundationObjC):
(WebCore::MediaPlayerPrivateAVFoundationObjC::~MediaPlayerPrivateAVFoundationObjC):
(-[WebCoreAVFMovieObserver initWithPlayer:]):
(-[WebCoreAVFMovieObserver disconnect]):
(-[WebCoreAVFMovieObserver metadataLoaded]):
(-[WebCoreAVFMovieObserver didEnd:]):
(-[WebCoreAVFMovieObserver observeValueForKeyPath:ofObject:change:context:]):
(-[WebCoreAVFMovieObserver legibleOutput:didOutputAttributedStrings:nativeSampleBuffers:forItemTime:]):
(-[WebCoreAVFMovieObserver outputSequenceWasFlushed:]):
(-[WebCoreAVFLoaderDelegate initWithPlayer:]):
(-[WebCoreAVFLoaderDelegate resourceLoader:shouldWaitForLoadingOfRequestedResource:]):
(-[WebCoreAVFLoaderDelegate resourceLoader:didCancelLoadingRequest:]):
(-[WebCoreAVFPullDelegate initWithPlayer:]):
(-[WebCoreAVFPullDelegate outputMediaDataWillChange:]):
(-[WebCoreAVFMovieObserver initWithCallback:]): Deleted.
(-[WebCoreAVFLoaderDelegate initWithCallback:]): Deleted.
(-[WebCoreAVFLoaderDelegate setCallback:]): Deleted.
(-[WebCoreAVFPullDelegate initWithCallback:]): Deleted.
(-[WebCoreAVFPullDelegate setCallback:]): Deleted.

2:10 AM Changeset in webkit [237377] by Claudio Saavedra
  • 2 edits in trunk/Source/WebKit

[WPE][GTK] Cleanups to the certificate encoder
https://bugs.webkit.org/show_bug.cgi?id=190865

Reviewed by Žan Doberšek.

  • Shared/soup/WebCoreArgumentCodersSoup.cpp:

(IPC::ArgumentCoder<CertificateInfo>::encode):

2:05 AM Changeset in webkit [237376] by jer.noble@apple.com
  • 11 edits
    2 adds in trunk

TextTrack cues should be updated more often than every 250ms.
https://bugs.webkit.org/show_bug.cgi?id=190827

Reviewed by Eric Carlson.

Source/WebCore:

Test: media/track/track-cue-timing.html

TextTracks cues are recalculated on the playback timer, which fires at least every 250ms.
In addition to this timer, add a method to MediaPlayer to provide a task which will be
performed at a particular media time, and use this new method to request cues be updated
at the next interesting media time. The next interesting time would be either when the
soonest current cue will end, or when the next non-current cue will start, whichever is
earlier.

(Determining the "next non-current cue" requires new API on PODIntervalTree, as that class
does not have iterators per-se.)

  • html/HTMLMediaElement.cpp:

(WebCore::compareCueIntervalEndTime):
(WebCore::HTMLMediaElement::updateActiveTextTrackCues):

  • platform/PODIntervalTree.h:
  • platform/graphics/MediaPlayer.cpp:

(WebCore::MediaPlayer::performTaskAtMediaTime):

  • platform/graphics/MediaPlayer.h:
  • platform/graphics/MediaPlayerPrivate.h:

(WebCore::MediaPlayerPrivateInterface::performTaskAtMediaTime):

  • platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
  • platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:

(WebCore::MediaPlayerPrivateAVFoundationObjC::performTaskAtMediaTime):

  • platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
  • platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:

(WebCore::MediaPlayerPrivateMediaSourceAVFObjC::performTaskAtMediaTime):

LayoutTests:

Add a LayoutTest which plays back 6s of captions, each 50 ms in duration, and uses
when the "enter" and "exit" were fired (in media time) to check whether they were missed
or not. The test succeeds if fewer than 50 of the 120 cues were missed.

  • media/track/track-cue-missing-expected.txt: Added.
  • media/track/track-cue-missing.html: Added.
Note: See TracTimeline for information about the timeline view.