Timeline



Jan 31, 2018:

11:28 PM Changeset in webkit [227954] by Simon Fraser
  • 4 edits in trunk/Source

Use different debug red colors for different contexts
https://bugs.webkit.org/show_bug.cgi?id=182362

Reviewed by Tim Horton.
Source/WebCore:

Pure red is used elsehwere in the system as a debug color indicator, so use different
shades of red for WebKit in the two places where we paint a reddish wash in debug builds,
so they are identifiable.

  • page/FrameView.cpp:

(WebCore::FrameView::paintContents):

Source/WebKit:

Pure red is used elsehwere in the system as a debug color indicator, so use different
shades of red for WebKit in the two places where we paint a reddish wash in debug builds,
so they are identifiable.

  • Shared/RemoteLayerTree/RemoteLayerBackingStore.mm:

(WebKit::RemoteLayerBackingStore::drawInContext):

11:12 PM Changeset in webkit [227953] by graouts@webkit.org
  • 21 edits
    10 deletes in trunk/LayoutTests

[Modern Media Controls] Turn media/modern-media-controls/macos-inline-media-controls back on
https://bugs.webkit.org/show_bug.cgi?id=182338

Reviewed by Eric Carlson.

Update tests to match the modern-media-controls designs and expectations. Certain tests didn't make any sense anymore
and were removed, for instance tests related to the compact mode.

  • media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-audio-background-expected.txt: Removed.
  • media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-audio-background.html: Removed.
  • media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-buttons-styles-expected.txt: Removed.
  • media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-buttons-styles.html: Removed.
  • media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-compact-buttons-styles-expected.txt: Removed.
  • media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-compact-buttons-styles.html: Removed.
  • media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-compact-controls-bar-styles-expected.txt: Removed.
  • media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-compact-controls-bar-styles.html: Removed.
  • media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-compact-expected.txt: Removed.
  • media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-compact.html: Removed.
  • media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-controls-bar-styles-expected.txt:
  • media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-controls-bar-styles.html:
  • media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-layout-expected.txt:
  • media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-layout.html:
  • media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-resize-with-hidden-controls-bar-expected.txt:
  • media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-resize-with-hidden-controls-bar.html:
  • media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-start-button-style-expected.txt:
  • media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-start-button-style.html:
  • media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-status-label-expected.txt:
  • media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-status-label.html:
  • media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-time-control-styles-expected.txt:
  • media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-time-control-styles.html:
  • media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-volume-slider-visibility-expected.txt:
  • media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-volume-slider-visibility.html:
  • media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-volume-styles-expected.txt:
  • media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-volume-styles.html:
  • media/modern-media-controls/macos-inline-media-controls/macos-inline-media-dropping-controls-expected.txt:
  • media/modern-media-controls/macos-inline-media-controls/macos-inline-media-dropping-controls.html:
  • platform/ios/TestExpectations:
  • platform/mac/TestExpectations:
10:50 PM Changeset in webkit [227952] by don.olmstead@sony.com
  • 18 edits in trunk/Source

[CMake] Make JavaScriptCore headers copies
https://bugs.webkit.org/show_bug.cgi?id=182303

Reviewed by Alex Christensen.

Source/JavaScriptCore:

  • CMakeLists.txt:
  • PlatformGTK.cmake:
  • PlatformJSCOnly.cmake:
  • PlatformMac.cmake:
  • PlatformWPE.cmake:
  • PlatformWin.cmake:
  • shell/CMakeLists.txt:
  • shell/PlatformWin.cmake:

Source/WebCore:

No new tests. No change in behavior.

  • CMakeLists.txt:
  • PlatformMac.cmake:
  • PlatformWPE.cmake:
  • PlatformWin.cmake:
  • PlatformWinCairo.cmake:

Source/WebKit:

  • CMakeLists.txt:
  • Scripts/generate-forwarding-headers.pl:
9:36 PM Changeset in webkit [227951] by sbarati@apple.com
  • 18 edits
    1 delete in trunk/Source

Replace tryLargeMemalignVirtual with tryLargeZeroedMemalignVirtual and use it to allocate large zeroed memory in Wasm
https://bugs.webkit.org/show_bug.cgi?id=182064
<rdar://problem/36840132>

Reviewed by Geoffrey Garen.

Source/bmalloc:

This patch replaces the tryLargeMemalignVirtual API with tryLargeZeroedMemalignVirtual.
By doing that, we're able to remove the AllocationKind enum. To zero the memory,
tryLargeZeroedMemalignVirtual uses mmap(... MAP_ANON ...) over previously mmapped
memory. This both purges the any resident memory for the virtual range and ensures
that the pages in the range are zeroed. Most OSs should implement this by taking a
page fault and zero filling on first access. Therefore, this API is returning pages
that will result in page faults on first access. Hence, the name 'virtual' in the API.
This API differs from the old API in that users of it need not call madvise themselves.
The memory is ready to go.

  • bmalloc.xcodeproj/project.pbxproj:
  • bmalloc/AllocationKind.h: Removed.
  • bmalloc/DebugHeap.cpp:

(bmalloc::DebugHeap::memalignLarge):
(bmalloc::DebugHeap::freeLarge):

  • bmalloc/DebugHeap.h:
  • bmalloc/Heap.cpp:

(bmalloc::Heap::splitAndAllocate):
(bmalloc::Heap::tryAllocateLarge):
(bmalloc::Heap::allocateLarge):
(bmalloc::Heap::shrinkLarge):
(bmalloc::Heap::deallocateLarge):

  • bmalloc/Heap.h:
  • bmalloc/IsoPage.cpp:

(bmalloc::IsoPageBase::allocatePageMemory):

  • bmalloc/VMAllocate.h:

(bmalloc::vmZeroAndPurge):

  • bmalloc/VMHeap.cpp:

(bmalloc::VMHeap::tryAllocateLargeChunk):

  • bmalloc/VMHeap.h:
  • bmalloc/bmalloc.cpp:

(bmalloc::api::tryLargeZeroedMemalignVirtual):
(bmalloc::api::freeLargeVirtual):
(bmalloc::api::tryLargeMemalignVirtual): Deleted.

  • bmalloc/bmalloc.h:

Source/JavaScriptCore:

This patch switches WebAssembly Memory to always use bmalloc's
zeroed virtual allocation API. This makes it so that we don't
dirty the memory to zero it. It's a huge compile time speedup
on WasmBench on iOS.

  • wasm/WasmMemory.cpp:

(JSC::Wasm::Memory::create):
(JSC::Wasm::Memory::~Memory):
(JSC::Wasm::Memory::addressIsInActiveFastMemory):
(JSC::Wasm::Memory::grow):
(JSC::Wasm::commitZeroPages): Deleted.

Source/WTF:

  • wtf/Gigacage.cpp:

(Gigacage::tryAllocateZeroedVirtualPages):
(Gigacage::freeVirtualPages):
(Gigacage::tryAllocateVirtualPages): Deleted.

  • wtf/Gigacage.h:
  • wtf/OSAllocator.h:
8:27 PM Changeset in webkit [227950] by jmarcell@apple.com
  • 2 edits in branches/safari-605-branch/Source/WebKit

Cherry-pick r227941. rdar://problem/37092137

8:27 PM Changeset in webkit [227949] by jmarcell@apple.com
  • 4 edits
    2 moves in branches/safari-605-branch/Source/WebKit

Cherry-pick r227939. rdar://problem/37092137

8:18 PM Changeset in webkit [227948] by pvollan@apple.com
  • 11 edits in trunk

Layout Test fast/events/beforeunload-dom-manipulation-crash.html is crashing
https://bugs.webkit.org/show_bug.cgi?id=181204
<rdar://problem/36256274>

Reviewed by Ryosuke Niwa.

Source/WebCore:

When a frame element is moved in the DOM tree during the execution of a beforeunload handler,
the frame will be detached when removed from its previous position in the DOM tree. When being
detached, an attempt will also be made to stop the load by calling FrameLoader::stopAllLoaders().
However, this method will return early when executed in a beforeunload handler, since navigation
is not allowed then. The end result is a detached frame which will continue to load, and hitting
asserts in DocumentLoader::dataReceived(), and DocumentLoader::notifyFinished(). It should be
possible to stop a frame load, even when executing a beforeunload handler.

No new tests. Covered by the existing test fast/events/beforeunload-dom-manipulation-crash.html.

  • history/PageCache.cpp:

(WebCore::PageCache::addIfCacheable): Fix a failing API test by allowing scripts to be executed
under the PageCache::prune method.

  • loader/FrameLoader.cpp:

(WebCore::FrameLoader::isStopLoadingAllowed const):
(WebCore::FrameLoader::stopAllLoaders):

  • loader/FrameLoader.h:
  • svg/graphics/SVGImage.cpp:

(WebCore::SVGImage::~SVGImage): Disable scripts disallowed assertions in this scope, since it is
safe in this context.

Tools:

Implement 'testRunner.forceImmediateCompletion()' for WK1.

  • DumpRenderTree/TestRunner.cpp:

(forceImmediateCompletionCallback):
(TestRunner::staticFunctions):

LayoutTests:

  • fast/events/beforeunload-dom-manipulation-crash.html: Make it clear that the

frame element is a child of the 'del' element.

  • fast/events/beforeunload-dom-manipulation-crash-expected.html:
  • platform/mac-wk1/TestExpectations: Unskip test.
5:56 PM Changeset in webkit [227947] by jfernandez@igalia.com
  • 20 edits
    17 adds in trunk

inline-block baseline not computed correctly for vertical-lr
https://bugs.webkit.org/show_bug.cgi?id=170176

Reviewed by Manuel Rego Casasnovas.

Source/WebCore:

When computing the baseline position of inline-block elements we use the
InlineFlow logicalTop and the FontMetrics ascent. The issue comes from
the fact that these units are incompatible. The logicalTop of a
vertical-lr element is offset to the left edge, while the ascent is the
distance from the right edge.

We need to either use logical value for the FontMetrics ascent so we can
compute the correctly the baselines of vertical-lr elements, or just using
the logicalBottom for these cases.

The approach based on a logicalAscent API for FontMetrics would require
a lot of work because inline-block logic assumes everything is vertical-rl
and at some point, flips the elements along the block-axis in case of
vertical-lr mode.

While it'd be desirable to get rid of this flipping logic, this patch tries
first the simpler approach of using logicalBottom, which aligns with the
currently implemented logic.

Tests: fast/inline-block/baseline-vertical-01.html

fast/inline-block/baseline-vertical-02.html
fast/inline-block/baseline-vertical-03.html
fast/inline-block/baseline-vertical-04.html
fast/inline-block/baseline-vertical-05.html
fast/inline-block/baseline-vertical-06.html
fast/inline-block/baseline-vertical-07.html
fast/inline-block/baseline-vertical-08.html

  • rendering/InlineFlowBox.cpp:

(WebCore::InlineFlowBox::placeBoxesInBlockDirection):

  • rendering/RenderBlockFlow.cpp:

(WebCore::RenderBlockFlow::inlineBlockBaseline const):

LayoutTests:

Tests to evaluate the baseline alignment in vertical modes.
Additionally, several tests were rebaselined.

Some of the new tests are marked as Failure for the ios-sim
platform because of pixel rounding errors in the absolute
positioned elements used as reference.

Finally, there are color differences in the border-styles-vertical-lr-expected.png
caused by changes in the gtk+ platform. Those differences were not noticeable until
now that the patch causes diffs in the expected.txt files.

  • fast/inline-block/baseline-vertical-01-expected.html: Added.
  • fast/inline-block/baseline-vertical-01.html: Added.
  • fast/inline-block/baseline-vertical-02-expected.html: Added.
  • fast/inline-block/baseline-vertical-02.html: Added.
  • fast/inline-block/baseline-vertical-03-expected.html: Added.
  • fast/inline-block/baseline-vertical-03.html: Added.
  • fast/inline-block/baseline-vertical-04-expected.html: Added.
  • fast/inline-block/baseline-vertical-04.html: Added.
  • fast/inline-block/baseline-vertical-05-expected.html: Added.
  • fast/inline-block/baseline-vertical-05.html: Added.
  • fast/inline-block/baseline-vertical-06-expected.html: Added.
  • fast/inline-block/baseline-vertical-06.html: Added.
  • fast/inline-block/baseline-vertical-07-expected.html: Added.
  • fast/inline-block/baseline-vertical-07.html: Added.
  • fast/inline-block/baseline-vertical-08-expected.html: Added.
  • fast/inline-block/baseline-vertical-08.html: Added.
  • fast/text/emphasis-avoid-ruby-expected.png:
  • fast/text/emphasis-avoid-ruby-expected.txt:
  • fast/text/emphasis-overlap-expected.png:
  • fast/text/emphasis-overlap-expected.txt:
  • platform/gtk/fast/backgrounds/background-leakage-transforms-expected.png:
  • platform/gtk/fast/backgrounds/background-leakage-transforms-expected.txt:
  • platform/gtk/fast/writing-mode/border-styles-vertical-lr-expected.png:
  • platform/gtk/fast/writing-mode/border-styles-vertical-lr-expected.txt:
  • platform/ios-simulator/TestExpectations:
  • platform/ios/fast/backgrounds/background-leakage-transforms-expected.png: Added.
  • platform/ios/fast/backgrounds/background-leakage-transforms-expected.txt:
  • platform/ios/fast/writing-mode/border-styles-vertical-lr-expected.png:
  • platform/ios/fast/writing-mode/border-styles-vertical-lr-expected.txt:
  • platform/mac/fast/backgrounds/background-leakage-transforms-expected.png:
  • platform/mac/fast/backgrounds/background-leakage-transforms-expected.txt:
  • platform/mac/fast/writing-mode/border-styles-vertical-lr-expected.txt:
  • platform/win/fast/writing-mode/text-orientation-basic-expected.txt:
5:50 PM WebKitGTK/Gardening/Calendar edited by aboya@igalia.com
(diff)
5:42 PM Changeset in webkit [227946] by rniwa@webkit.org
  • 5 edits in trunk/PerformanceTests

Make run-perf-tests work with StyleBench and re-enable it
https://bugs.webkit.org/show_bug.cgi?id=182322

Reviewed by Antti Koivisto.

This patch updates the test harness to report new metrics of StyleBench.

Replaced the total time by the geometric mean of the time spent in each suite, and added scores
as a metric in addition to time. Also, updated the PerfTestRunner harness and the results template
to support "Score" metric with "pt" as its unit.

  • Skipped: Unskipped the test.
  • StyleBench/resources/benchmark-report.js:

(window.benchmarkClient.willStartFirstIteration..createTest): Added the unit as an optional argument
to report the score in addition to time. Also report the geomean of time instead of the total time.
(window.benchmarkClient.willStartFirstIteration): Report the geomean of time.
(window.benchmarkClient.didRunSuites): Record the entire measuredValues instead of just tests.
(window.benchmarkClient.didFinishLastIteration): Report the scores.

  • resources/results-template.html: Added "Score" as a metric and "pt" as its unit.
  • resources/runner.js:

(PerfTestRunner..finish): Ditto.

5:40 PM Changeset in webkit [227945] by aboya@igalia.com
  • 2 edits in trunk/LayoutTests

Unreviewed GTK+ test gardening.

5:38 PM Changeset in webkit [227944] by Michael Catanzaro
  • 2 edits in trunk

Update ReadMe.md
https://bugs.webkit.org/show_bug.cgi?id=182314

Reviewed by Alex Christensen.

Add download link for Epiphany Technology Preview. Improve build instructions for GTK. Add
build instructions for WPE. Add instructions to run MiniBrowser on Linux. Miscellaneous
typographical adjustments.

  • ReadMe.md:
4:58 PM Changeset in webkit [227943] by achristensen@apple.com
  • 31 edits in trunk

Unreviewed, rolling out r227942.

r227875 should not have been rolled out.

Reverted changeset:

"Unreviewed, rolling out r227875."
https://bugs.webkit.org/show_bug.cgi?id=182357
https://trac.webkit.org/changeset/227942

4:08 PM Changeset in webkit [227942] by Michael Catanzaro
  • 30 edits in trunk

Unreviewed, rolling out r227875.
https://bugs.webkit.org/show_bug.cgi?id=182357

Missing cross-platform TestController implementation

Reverted changeset:

"Add callbacks to testRunner.statisticsSetShouldPartitionCookiesForHost() and testRunner.statisticsUpdateCookiePartitioning()"
https://bugs.webkit.org/show_bug.cgi?id=181958
https://trac.webkit.org/changeset/227875

Source/WebKit:

  • UIProcess/API/C/WKWebsiteDataStoreRef.cpp:

(WKWebsiteDataStoreStatisticsUpdateCookiePartitioning):
(WKWebsiteDataStoreSetStatisticsShouldPartitionCookiesForHost):

  • UIProcess/API/Cocoa/WKWebsiteDataStore.mm:

(-[WKWebsiteDataStore _resourceLoadStatisticsUpdateCookiePartitioning]):
(-[WKWebsiteDataStore _resourceLoadStatisticsSetShouldPartitionCookies:forHost:]):
(-[WKWebsiteDataStore _resourceLoadStatisticsUpdateCookiePartitioning:]): Deleted.
(-[WKWebsiteDataStore _resourceLoadStatisticsSetShouldPartitionCookies:forHost:completionHandler:]): Deleted.

  • UIProcess/API/Cocoa/WKWebsiteDataStorePrivate.h:
  • UIProcess/WebResourceLoadStatisticsStore.cpp:

(WebKit::WebResourceLoadStatisticsStore::resourceLoadStatisticsUpdated):
(WebKit::WebResourceLoadStatisticsStore::logUserInteraction):
(WebKit::WebResourceLoadStatisticsStore::logNonRecentUserInteraction):
(WebKit::WebResourceLoadStatisticsStore::scheduleCookiePartitioningUpdate):
(WebKit::WebResourceLoadStatisticsStore::scheduleCookiePartitioningUpdateForDomains):
(WebKit::WebResourceLoadStatisticsStore::scheduleClearPartitioningStateForDomains):
(WebKit::WebResourceLoadStatisticsStore::mergeWithDataFromDecoder):
(WebKit::WebResourceLoadStatisticsStore::clearInMemory):
(WebKit::WebResourceLoadStatisticsStore::updateCookiePartitioning):
(WebKit::WebResourceLoadStatisticsStore::updateCookiePartitioningForDomains):
(WebKit::WebResourceLoadStatisticsStore::clearPartitioningStateForDomains):

  • UIProcess/WebResourceLoadStatisticsStore.h:

Tools:

  • WebKitTestRunner/InjectedBundle/Bindings/TestRunner.idl:
  • WebKitTestRunner/InjectedBundle/InjectedBundle.cpp:

(WTR::InjectedBundle::didReceiveMessageToPage):

  • WebKitTestRunner/InjectedBundle/TestRunner.cpp:

(WTR::TestRunner::statisticsUpdateCookiePartitioning):
(WTR::TestRunner::statisticsSetShouldPartitionCookiesForHost):
(WTR::TestRunner::statisticsCallDidSetPartitionOrBlockCookiesForHostCallback): Deleted.

  • WebKitTestRunner/InjectedBundle/TestRunner.h:
  • WebKitTestRunner/TestInvocation.cpp:

(WTR::TestInvocation::didSetPartitionOrBlockCookiesForHost): Deleted.

  • WebKitTestRunner/TestInvocation.h:
  • WebKitTestRunner/cocoa/TestControllerCocoa.mm:

(WTR::TestController::statisticsUpdateCookiePartitioning):
(WTR::TestController::statisticsSetShouldPartitionCookiesForHost):

LayoutTests:

  • http/tests/resourceLoadStatistics/add-blocking-to-redirect-expected.txt:
  • http/tests/resourceLoadStatistics/add-blocking-to-redirect.html:
  • http/tests/resourceLoadStatistics/add-partitioning-to-redirect-expected.txt:
  • http/tests/resourceLoadStatistics/add-partitioning-to-redirect.html:
  • http/tests/resourceLoadStatistics/non-prevalent-resources-can-access-cookies-in-a-third-party-context.html:
  • http/tests/resourceLoadStatistics/partitioned-and-unpartitioned-cookie-deletion.html:
  • http/tests/resourceLoadStatistics/partitioned-and-unpartitioned-cookie-with-partitioning-timeout.html:
  • http/tests/resourceLoadStatistics/partitioned-cookies-with-and-without-user-interaction-expected.txt:
  • http/tests/resourceLoadStatistics/partitioned-cookies-with-and-without-user-interaction.html:
  • http/tests/resourceLoadStatistics/remove-blocking-in-redirect-expected.txt:
  • http/tests/resourceLoadStatistics/remove-blocking-in-redirect.html:
  • http/tests/resourceLoadStatistics/remove-partitioning-in-redirect-expected.txt:
  • http/tests/resourceLoadStatistics/remove-partitioning-in-redirect.html:
  • http/tests/resourceLoadStatistics/third-party-cookie-with-and-without-user-interaction.html:
  • platform/mac-wk2/TestExpectations:
4:03 PM Changeset in webkit [227941] by Brent Fulgham
  • 2 edits in trunk/Source/WebKit

Follow-up to r227939.
https://bugs.webkit.org/show_bug.cgi?id=182354
<rdar://problem/37046844>

Make sure the correct sandbox is used on iOS as well.

  • StorageProcess/ios/StorageProcessIOS.mm:

(WebKit::StorageProcess::initializeSandbox):

4:00 PM Changeset in webkit [227940] by mark.lam@apple.com
  • 3 edits in trunk/Source/WTF

Fix some ARM64_32 build failures.
https://bugs.webkit.org/show_bug.cgi?id=182356
<rdar://problem/37057690>

Reviewed by Michael Saboff.

  • wtf/MathExtras.h:

(WTF::dynamicPoison):

  • wtf/text/ASCIIFastPath.h:

(WTF::copyLCharsFromUCharSource):

3:56 PM Changeset in webkit [227939] by Brent Fulgham
  • 4 edits
    2 moves in trunk/Source/WebKit

REGRESSION(r220094): com.apple.WebKit.Storage lost its sandbox
https://bugs.webkit.org/show_bug.cgi?id=182354
<rdar://problem/37046844>

Reviewed by Ryosuke Niwa.

The Database process was renamed to Storage, but it's sandbox was not updated.

  • Configurations/WebKit.xcconfig: Update for sandbox rename.
  • DerivedSources.make: Ditto.
  • Resources/SandboxProfiles/ios/com.apple.WebKit.Databases.sb: Removed.
  • Resources/SandboxProfiles/ios/com.apple.WebKit.Storage.sb: Copied from Resources/SandboxProfiles/ios/com.apple.WebKit.Databases.sb.
  • StorageProcess/mac/com.apple.WebKit.Databases.sb.in: Removed.
  • StorageProcess/mac/com.apple.WebKit.Storage.sb.in: Copied from StorageProcess/mac/com.apple.WebKit.Databases.sb.in.
  • WebKit.xcodeproj/project.pbxproj: Update for sandbox rename.
3:41 PM Changeset in webkit [227938] by Dewei Zhu
  • 3 edits
    1 add in trunk/Websites/perf.webkit.org

Should chose the best match during 'route' if there are multiple matches.
https://bugs.webkit.org/show_bug.cgi?id=182326

Reviewed by Ryosuke Niwa.

r227749 made a change that 'analysisCategoryPage' will be added before 'analysisTaskPage'.
As route names for both pages starts with 'analysis', whichever added first will be chosen.
For a route like 'analysis/task/1'. As a result, 'analysisCategoryPage' will be chosen and
this is not expected behavior. Adding the logic on the cases when route name does not extact
match the route name, always choose the longest mathcing route name.

Also modernized the code of 'page-router.js' to use const & let instead of var.

Added a browser test to guard against this bug.

  • browser-tests/index.html: Import 'page-router-tests.js'.
  • browser-tests/page-router-tests.js: Added unit test to guard against this bug.
  • public/v3/pages/page-router.js:

(PageRouter.prototype.route): Added logic to find best matching in the case of inexact match.
(PageRouter.prototype.pageDidOpen):
(PageRouter.prototype._updateURLState):
(PageRouter.prototype._serializeToHash):
(PageRouter.prototype._deserializeFromHash):
(PageRouter.prototype._serializeHashQueryValue):
(PageRouter.prototype._deserializeHashQueryValue):
(PageRouter.prototype._countOccurrences):
(PageRouter):

3:32 PM Changeset in webkit [227937] by Ryan Haddad
  • 2 edits in branches/safari-605-branch/LayoutTests

Cherry-pick r227857. rdar://problem/37073937

3:23 PM Changeset in webkit [227936] by commit-queue@webkit.org
  • 9 edits
    2 adds in trunk

BitmapImage::drawPattern() may not draw a complete frame even after all the data is received
https://bugs.webkit.org/show_bug.cgi?id=182277

Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2018-01-31
Reviewed by Simon Fraser.

Source/WebCore:

BitmapImage::drawPattern() needs to destroy the incomplete decoded frame
before trying to draw it as a pattern.

Test: http/tests/images/draw-pattern-slow-load-large-image.html

  • loader/cache/CachedImage.cpp:

(WebCore::CachedImage::updateBufferInternal): We need to disable CachedImage
data buffering for testing. This simulates slow network where intervals
between data chunks can last for seconds.

  • loader/cache/CachedImage.h:
  • platform/graphics/BitmapImage.cpp:

(WebCore::BitmapImage::drawPattern): Destroy the incomplete decoded frame
before drawing this frame as a pattern. We do not destroy incomplete decoded
frame once new data is received because it may be drawn by async image
drawing while waiting for the newer frame to finish decoding.

  • testing/Internals.cpp:

(WebCore::Internals::setForceUpdateImageDataEnabledForTesting):

  • testing/Internals.h:
  • testing/Internals.idl:

LayoutTests:

  • http/tests/images/draw-pattern-slow-load-large-image-expected.html: Added.
  • http/tests/images/draw-pattern-slow-load-large-image.html: Added.
  • http/tests/resources/load-and-stall.php: Add a new argument to allow

repeating the stall till the end of the file. This simulates real slow
network where sending data and stalling happens constantly and not only
a single time.

3:22 PM Changeset in webkit [227935] by Chris Dumez
  • 3 edits in trunk/LayoutTests

REGRESSION (r227340): Layout Test fast/workers/worker-cloneport.html is a flaky failure
https://bugs.webkit.org/show_bug.cgi?id=182007
<rdar://problem/37005504>

Reviewed by Ryosuke Niwa.

Increase the test's timeout. The test sometimes takes more than 1 second to run and would
log a FAIL line, even though the test eventually succeeds.

  • fast/workers/worker-cloneport.html:
  • platform/mac-wk2/TestExpectations:
3:08 PM Changeset in webkit [227934] by rniwa@webkit.org
  • 3 edits in trunk/Source/WebCore

Add a release assertion to ensure timers are deleted in the right thread
https://bugs.webkit.org/show_bug.cgi?id=182351

Reviewed by David Kilzer.

Added a relese assertion in ~TimerBase that the current thread is the one in which the timer was created.

We use canAccessThreadLocalDataForThread for this purpose since the condition is more complicated
when WebThread is being used.

  • platform/Timer.cpp:

(WebCore::TimerBase::~TimerBase): Added the assertion.

  • platform/Timer.h:

(WebCore::TimerBase::m_thread): Always store the current thread in a timer.

2:43 PM Changeset in webkit [227933] by Michael Catanzaro
  • 8 edits in trunk

REGRESSION(r227223): http/tests/resourceLoadStatistics/clear-in-memory-and-persistent-store-one-hour.html, http/tests/resourceLoadStatistics/grandfathering.html timing out on GTK, WPE
https://bugs.webkit.org/show_bug.cgi?id=182222

Reviewed by Alex Christensen.

Source/WebKit:

Add callbacks to notify when resource load statistics deletion is complete.

  • UIProcess/API/C/WKWebsiteDataStoreRef.cpp:

(WKWebsiteDataStoreStatisticsClearInMemoryAndPersistentStore):
(WKWebsiteDataStoreStatisticsClearInMemoryAndPersistentStoreModifiedSinceHours):

  • UIProcess/API/C/WKWebsiteDataStoreRef.h:

Tools:

Use the new API to notify when resource load statistics deletion is complete.

  • WebKitTestRunner/TestController.cpp:

(WTR::TestController::statisticsClearThroughWebsiteDataRemovalCallback):
(WTR::TestController::statisticsClearInMemoryAndPersistentStore):
(WTR::TestController::statisticsClearInMemoryAndPersistentStoreModifiedSinceHours):

LayoutTests:

  • platform/gtk/TestExpectations:
  • platform/wpe/TestExpectations:
2:40 PM Changeset in webkit [227932] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebCore

Change SWServer::claim to set the iterator value as soon as possible
https://bugs.webkit.org/show_bug.cgi?id=182337

Patch by Youenn Fablet <youenn@apple.com> on 2018-01-31
Reviewed by Chris Dumez.

No change of behavior, this is a "let's go safe way" fix.

  • workers/service/server/SWServer.cpp:

(WebCore::SWServer::claim):

2:19 PM Changeset in webkit [227931] by jmarcell@apple.com
  • 1 copy in tags/Safari-606.1.3

Tag Safari-606.1.3.

2:18 PM Changeset in webkit [227930] by jmarcell@apple.com
  • 7 edits in trunk/Source

Versioning.

2:15 PM Changeset in webkit [227929] by mark.lam@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

Build fix for CLoop after r227874.
https://bugs.webkit.org/show_bug.cgi?id=182155
<rdar://problem/36286266>

Not reviewed.

Just needed support for lea of a LabelReference in cloop.rb (just like those
added for arm64.rb and x86.rb).

  • offlineasm/cloop.rb:
2:00 PM Changeset in webkit [227928] by Alan Bujtas
  • 6 edits in trunk/Source/WebCore

[RenderTreeBuilder] Move RenderObject::removeFromParentAndDestroyCleaningUpAnonymousWrappers to RenderTreeBuilder.
https://bugs.webkit.org/show_bug.cgi?id=182348
<rdar://problem/37082837>

Reviewed by Antti Koivisto.

All the callsites are in the RenderTreeUpdater by now.

No change in functionality.

  • rendering/RenderObject.cpp:

(WebCore::isAnonymousAndSafeToDelete): Deleted.
(WebCore::findDestroyRootIncludingAnonymous): Deleted.
(WebCore::RenderObject::removeFromParentAndDestroyCleaningUpAnonymousWrappers): Deleted.

  • rendering/RenderObject.h:
  • rendering/updating/RenderTreeBuilder.cpp:

(WebCore::isAnonymousAndSafeToDelete):
(WebCore::findDestroyRootIncludingAnonymous):
(WebCore::RenderTreeBuilder::removeFromParentAndDestroyCleaningUpAnonymousWrappers):

  • rendering/updating/RenderTreeBuilder.h:
  • rendering/updating/RenderTreeUpdater.cpp:

(WebCore::RenderTreeUpdater::tearDownRenderers):
(WebCore::RenderTreeUpdater::tearDownTextRenderer):

1:39 PM Changeset in webkit [227927] by timothy_horton@apple.com
  • 2 edits in trunk/Source/WebKit

Occasional null deref under WebPageProxy::updateBackingStoreDiscardableState()
https://bugs.webkit.org/show_bug.cgi?id=182349
<rdar://problem/27822258>

Reviewed by Simon Fraser.

  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::updateBackingStoreDiscardableState):
m_drawingArea can be null during process launch and relaunch.

Cocoa ports don't use the result of setBackingStoreIsDiscardable(),
but they do run this code to keep it up to date.

1:07 PM Changeset in webkit [227926] by rniwa@webkit.org
  • 3 edits
    4 adds in trunk

Release assertion in Performance::resourceTimingBufferFullTimerFired when the resource timing buffer is shrunk
https://bugs.webkit.org/show_bug.cgi?id=182319
<rdar://problem/36904312>

Reviewed by Chris Dumez.

Source/WebCore:

The crash was caused by a wrong release assertion. Handle author scripts shrinking the resource timing buffer
while resourcetimingbufferfull event is being dispatched.

Also fixed a bug that a superflous resourcetimingbufferfull event will be fired when new resource timing entries
are queued while resourcetimingbufferfull event is being dispatched.

Test: http/tests/performance/performance-resource-timing-resourcetimingbufferfull-queue-resource-entry.html

http/tests/performance/performance-resource-timing-resourcetimingbufferfull-shrinking-buffer-crash.html

  • page/Performance.cpp:

(WebCore::Performance::resourceTimingBufferFullTimerFired):

LayoutTests:

Added regression tests for shrinking the resoruce timing buffer and queuing a new resource timing entry while
resourcetimingbufferfull event is being dispatched.

  • http/tests/performance/performance-resource-timing-resourcetimingbufferfull-queue-resource-entry-expected.txt: Added.
  • http/tests/performance/performance-resource-timing-resourcetimingbufferfull-queue-resource-entry.html: Added.
  • http/tests/performance/performance-resource-timing-resourcetimingbufferfull-shrinking-buffer-crash-expected.txt: Added.
  • http/tests/performance/performance-resource-timing-resourcetimingbufferfull-shrinking-buffer-crash.html: Added.
  • http/tests/performance/performance-resource-timing-resourcetimingbufferfull-shrinking-buffer-crash-expected.txt: Added.
  • http/tests/performance/performance-resource-timing-resourcetimingbufferfull-shrinking-buffer-crash.html: Added.
12:58 PM Changeset in webkit [227925] by rniwa@webkit.org
  • 1 edit
    2 adds in trunk/Tools

Add the support for running StyleBench to run-benchmark
https://bugs.webkit.org/show_bug.cgi?id=182323

Reviewed by Antti Koivisto.

Added the plan file and the patch needed to run StyleBench using run-benchmark as of r227863.

  • Scripts/webkitpy/benchmark_runner/data/patches/webserver/StyleBench.patch: Added.
  • Scripts/webkitpy/benchmark_runner/data/plans/stylebench.plan: Added.
12:40 PM Changeset in webkit [227924] by Michael Catanzaro
  • 2 edits in trunk/Source/WebKit

[GTK] Move gir and typelib generation into ENABLE_INTROSPECTION conditional
https://bugs.webkit.org/show_bug.cgi?id=182308

Reviewed by Carlos Garcia Campos.

  • PlatformGTK.cmake:
12:08 PM Changeset in webkit [227923] by jmarcell@apple.com
  • 2 edits in branches/safari-605-branch/Source/WebCore

Cherry-pick r227909. rdar://problem/37079020

12:08 PM Changeset in webkit [227922] by jmarcell@apple.com
  • 10 edits
    1 add in branches/safari-605-branch

Cherry-pick r227898. rdar://problem/37079009

12:08 PM Changeset in webkit [227921] by jmarcell@apple.com
  • 3 edits in branches/safari-605-branch/Tools

Cherry-pick r227859. rdar://problem/37079016

11:55 AM JSCOnly edited by clopez@igalia.com
(diff)
11:55 AM JSCOnly/CrossBuildAndRemoteTestJSCLinux created by clopez@igalia.com
11:47 AM JSCOnly edited by clopez@igalia.com
(diff)
11:40 AM JSCOnly edited by clopez@igalia.com
(diff)
11:39 AM JSCOnly edited by clopez@igalia.com
(diff)
11:38 AM JSCOnly edited by clopez@igalia.com
(diff)
11:38 AM JSCOnly created by clopez@igalia.com
11:37 AM Changeset in webkit [227920] by Matt Lewis
  • 3 edits in trunk/LayoutTests

Adjusted expectations for fast/forms/searchfield-heights.html.
https://bugs.webkit.org/show_bug.cgi?id=181831

Unreviewed test gardening.

  • platform/mac-wk2/TestExpectations:
  • platform/mac/TestExpectations:
11:31 AM WikiStart edited by clopez@igalia.com
(diff)
11:22 AM Changeset in webkit [227919] by jmarcell@apple.com
  • 5 edits in branches/safari-605-branch/Source/JavaScriptCore

Cherry-pick r227721. rdar://problem/37019345

11:22 AM Changeset in webkit [227918] by jmarcell@apple.com
  • 8 edits in branches/safari-605-branch/Source/JavaScriptCore

Cherry-pick r227718. rdar://problem/37019341

11:22 AM Changeset in webkit [227917] by jmarcell@apple.com
  • 12 edits in branches/safari-605-branch/Source/JavaScriptCore

Cherry-pick r227717. rdar://problem/37019339

11:21 AM Changeset in webkit [227916] by jmarcell@apple.com
  • 3 edits in branches/safari-605-branch/Source/JavaScriptCore

Cherry-pick r227700. rdar://problem/37019364

11:21 AM Changeset in webkit [227915] by jmarcell@apple.com
  • 2 edits in branches/safari-605-branch/Source/WTF

Cherry-pick r227684. rdar://problem/37019334

11:21 AM Changeset in webkit [227914] by jmarcell@apple.com
  • 11 edits in branches/safari-605-branch/Source

Cherry-pick r227683. rdar://problem/37019334

11:21 AM Changeset in webkit [227913] by jmarcell@apple.com
  • 3 edits in branches/safari-605-branch/Source/JavaScriptCore/heap

Apply patch. rdar://problem/37077980

Build fix

11:21 AM Changeset in webkit [227912] by jmarcell@apple.com
  • 58 edits
    7 copies
    5 adds in branches/safari-605-branch/Source

Cherry-pick r227617. rdar://problem/37019352

11:21 AM Changeset in webkit [227911] by jmarcell@apple.com
  • 67 edits
    1 copy
    1 add in branches/safari-605-branch

Cherry-pick r226783. rdar://problem/37077980

11:17 AM Changeset in webkit [227910] by Wenson Hsieh
  • 2 edits in trunk/Tools

[iOS WK2] API test DataInteractionTests.ExternalSourceDataTransferItemGetFolderAsEntry is failing after an SDK update
https://bugs.webkit.org/show_bug.cgi?id=182339
<rdar://problem/36041396>

Reviewed by Andy Estes.

This API test wasn't meant to be dependent on the size of an image generated using UIImagePNGRepresentation().
To make this test robust against changes to image encoding, write the raw data to the test folder instead and
check against the length of the data written.

  • TestWebKitAPI/Tests/ios/DataInteractionTests.mm:

(testIconImageData):
(runTestWithTemporaryFolder):
(TestWebKitAPI::TEST):

11:14 AM Changeset in webkit [227909] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebCore

com.apple.WebKit.Storage crashing at com.apple.WebCore: WebCore::SWServerRegistration::removeClientUsingRegistration
https://bugs.webkit.org/show_bug.cgi?id=182316
<rdar://problem/37025976>

Patch by Youenn Fablet <youenn@apple.com> on 2018-01-31
Reviewed by Chris Dumez.

SWServer.m_clientToControllingWorker and SWServerRegistration.m_clientsUsingRegistration might currently get out of sync.
This is a defensive fix to ensure storage process will not crash in Release.
We keep the ASSERT as this probably means there is an abnormal situation that other patches might fix.

  • workers/service/server/SWServerRegistration.cpp:

(WebCore::SWServerRegistration::removeClientUsingRegistration):

11:13 AM Changeset in webkit [227908] by mitz@apple.com
  • 4 edits
    1 add in trunk/Tools

[macOS] MiniBrowser isn’t app-sandboxed
https://bugs.webkit.org/show_bug.cgi?id=182147

Reviewed by Sam Weinig.

Enable App Sandbox and add a temporary exception allowing read access to all files.

  • MiniBrowser/Configurations/Base.xcconfig: Enabled ad-hoc code signing.
  • MiniBrowser/Configurations/MiniBrowser.xcconfig: Specified the entitlements file to use.
  • MiniBrowser/MiniBrowser.entitlements: Added. Enables App Sandbox with outbound networking and read access from /.
  • MiniBrowser/MiniBrowser.xcodeproj/project.pbxproj: Added reference to new file.
11:10 AM Changeset in webkit [227907] by commit-queue@webkit.org
  • 4 edits in trunk/Source/WebKit

Remove StorageToWebProcessConnection::removeSWServerConnection
https://bugs.webkit.org/show_bug.cgi?id=182305

Patch by Youenn Fablet <youenn@apple.com> on 2018-01-31
Reviewed by Chris Dumez.

  • StorageProcess/StorageToWebProcessConnection.cpp:

(WebKit::StorageToWebProcessConnection::removeSWServerConnection): Deleted.

  • StorageProcess/StorageToWebProcessConnection.h:
  • StorageProcess/StorageToWebProcessConnection.messages.in:
10:57 AM Changeset in webkit [227906] by keith_miller@apple.com
  • 11 edits in trunk/Source/JavaScriptCore

Canonicalize aquiring the JSCell lock.
https://bugs.webkit.org/show_bug.cgi?id=182320

Reviewed by Michael Saboff.

It's currently kinda annoying to figure out where
we aquire the a JSCell's lock. This patch adds a
helper to make it easier to grep...

  • bytecode/UnlinkedCodeBlock.cpp:

(JSC::UnlinkedCodeBlock::visitChildren):
(JSC::UnlinkedCodeBlock::setInstructions):
(JSC::UnlinkedCodeBlock::shrinkToFit):

  • runtime/ErrorInstance.cpp:

(JSC::ErrorInstance::finishCreation):
(JSC::ErrorInstance::materializeErrorInfoIfNeeded):
(JSC::ErrorInstance::visitChildren):

  • runtime/JSArray.cpp:

(JSC::JSArray::shiftCountWithArrayStorage):
(JSC::JSArray::unshiftCountWithArrayStorage):

  • runtime/JSCell.h:

(JSC::JSCell::cellLock):

  • runtime/JSObject.cpp:

(JSC::JSObject::visitButterflyImpl):
(JSC::JSObject::convertContiguousToArrayStorage):

  • runtime/JSPropertyNameEnumerator.cpp:

(JSC::JSPropertyNameEnumerator::visitChildren):

  • runtime/SparseArrayValueMap.cpp:

(JSC::SparseArrayValueMap::add):
(JSC::SparseArrayValueMap::remove):
(JSC::SparseArrayValueMap::visitChildren):

10:32 AM Changeset in webkit [227905] by Ryan Haddad
  • 2 edits in branches/safari-605-branch/Tools

Cherry-pick r227748. rdar://problem/37075786

9:35 AM Changeset in webkit [227904] by graouts@webkit.org
  • 23 edits in trunk

[Modern Media Controls] Turn media/modern-media-controls/start-support tests back on
https://bugs.webkit.org/show_bug.cgi?id=182297

Reviewed by Jon Lee and Eric Carlson.

Source/WebCore:

We identified one cause of flakiness when turning those tests back on and fix it in this patch. There would be
cases where the play/pause button would never actually become visible because we would first set it as one of
the buttons in the left container in the bottom controls bar before we would identify that we should show the
prominent play/pause button, and then once we did, we would add it as a child to the InlineMediaControls. But,
because the actual layout of the ButtonsContainer would happen in a rAF due to being a layout() method, we would
remove the play/pause button from the InlineMediaControls and set it as a child of the left container even
though it wasn't visible.

Performing the layout of a ButtonsContainer should really happen immediately when we set the buttons, so in this
patch we remove the "buttons" property and clients of ButtonsContainer can simply add or remove children which
will be laid out in a row. To support this, we've added two notification methods to LayoutNode, one that indicates
when children have changed, didChangeChildren(), which we override in ButtonsContainer to perform a synchronous
layout. The other method is willRemoveChild() which we also override in ButtonsContainer, this time to reset
the "x" and "visible" properties which we set while performing layout.

This fixes flakiness for media/modern-media-controls/start-support/start-support-click-to-start.html, and maybe
other modern-media-controls tests that could have been affected by this unexpected behavior.

  • Modules/modern-media-controls/controls/buttons-container.js:

(ButtonsContainer.prototype.willRemoveChild):
(ButtonsContainer.prototype.didChangeChildren):
(ButtonsContainer.prototype.layout):
(ButtonsContainer.prototype.get buttons): Deleted.
(ButtonsContainer.prototype.set buttons): Deleted.

  • Modules/modern-media-controls/controls/inline-media-controls.js:

(InlineMediaControls.prototype.layout):
(InlineMediaControls.prototype._updateBottomControlsBarLabel):
(InlineMediaControls.prototype._addTopRightBarWithMuteButtonToChildren):
(InlineMediaControls):

  • Modules/modern-media-controls/controls/layout-node.js:

(LayoutNode.prototype.set children):
(LayoutNode.prototype.addChild):
(LayoutNode.prototype.removeChild):
(LayoutNode.prototype.willRemoveChild):
(LayoutNode.prototype.didChangeChildren):

  • Modules/modern-media-controls/controls/macos-fullscreen-media-controls.js:

(MacOSFullscreenMediaControls.prototype.layout):

  • Modules/modern-media-controls/media/media-controller.js: Drive-by fix to correctly set the value passed as

data-auto-hide-delay on a <video> element.

LayoutTests:

Update tests to account for the new variable name for the playPauseButton and ensure we only listen to the
fullscreen event once to avoid flakiness in cases where we might exit fullscreen before the test completes.

We also update other tests that tested the behavior of ButtonsContainer.

  • media/modern-media-controls/buttons-container/buttons-container-buttons-property-expected.txt:
  • media/modern-media-controls/buttons-container/buttons-container-buttons-property.html:
  • media/modern-media-controls/buttons-container/buttons-container-constructor-expected.txt:
  • media/modern-media-controls/buttons-container/buttons-container-constructor.html:
  • media/modern-media-controls/buttons-container/buttons-container-layout-expected.txt:
  • media/modern-media-controls/buttons-container/buttons-container-layout.html:
  • media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-rtl-expected.txt:
  • media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-rtl.html:
  • media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-top-right-controls-bar-hidden-when-mute-button-disabled-expected.txt:
  • media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-top-right-controls-bar-hidden-when-mute-button-disabled.html:
  • media/modern-media-controls/pip-support/pip-support-click.html:
  • media/modern-media-controls/start-support/start-support-click-to-start.html:
  • media/modern-media-controls/start-support/start-support-fullscreen.html:
  • media/modern-media-controls/start-support/start-support-lowPowerMode-expected.txt:
  • media/modern-media-controls/start-support/start-support-lowPowerMode.html:
  • platform/ios/TestExpectations:
  • platform/mac/TestExpectations:
9:19 AM WebKitGTK/Releasing edited by Michael Catanzaro
gnome-build-meta obsoletes jhbuild (diff)
8:45 AM Changeset in webkit [227903] by Alan Bujtas
  • 10 edits in trunk/Source/WebCore

[RenderTreeBuilder] Move RenderMultiColumnFlow::resolveMovedChild to RenderTreeBuilder.
https://bugs.webkit.org/show_bug.cgi?id=182315
<rdar://problem/37048160>

Reviewed by Antti Koivisto.

resolveMovedChild() is only called from RenderTreeBuilder.

No change in functionality.

  • rendering/RenderFragmentedFlow.h:
  • rendering/RenderMultiColumnFlow.cpp:

(WebCore::RenderMultiColumnFlow::resolveMovedChild const): Deleted.

  • rendering/RenderMultiColumnFlow.h:
  • rendering/updating/RenderTreeBuilder.cpp:

(WebCore::RenderTreeBuilder::resolveMovedChildForMultiColumnFlow):

  • rendering/updating/RenderTreeBuilder.h:
  • rendering/updating/RenderTreeBuilderBlockFlow.cpp:

(WebCore::RenderTreeBuilder::BlockFlow::insertChild):

  • rendering/updating/RenderTreeBuilderInline.cpp:

(WebCore::RenderTreeBuilder::Inline::insertChild):

  • rendering/updating/RenderTreeBuilderMultiColumn.cpp:

(WebCore::RenderTreeBuilder::MultiColumn::resolveMovedChild):

  • rendering/updating/RenderTreeBuilderMultiColumn.h:
8:14 AM Changeset in webkit [227902] by Philippe Normand
  • 2 edits in trunk/Source/WebCore

[GStreamer] Silent WebAudio buffers support
https://bugs.webkit.org/show_bug.cgi?id=143869

Reviewed by Carlos Garcia Campos.

  • platform/audio/gstreamer/WebKitWebAudioSourceGStreamer.cpp:

(webKitWebAudioSrcLoop): Flag silent buffers as GAP buffers. This
enables downstream elements to optimize the buffer processing.

8:11 AM Changeset in webkit [227901] by Philippe Normand
  • 5 edits in trunk/Tools

[JHBuild] Add gstreamer-vaapi in moduleset
https://bugs.webkit.org/show_bug.cgi?id=182283

Reviewed by Carlos Alberto Lopez Perez.

GStreamer-VAAPI is required for hardware-accelerated video
playback support on Intel and AMD (using radeosi driver)
platforms.

  • gstreamer/jhbuild.modules: Add gstreamer-vaapi.
  • gtk/install-dependencies: Install libva.
  • wpe/install-dependencies: Ditto.
  • Scripts/webkitpy/port/gtk.py:

(GtkPort.setup_environ_for_server): Disable va-api support when
testing because it's incompatible with Mesa's softGL driver.

7:55 AM Changeset in webkit [227900] by cturner@igalia.com
  • 2 edits
    1 add
    1 delete in trunk/Tools

[WPE] Update jhbuild dependencies
https://bugs.webkit.org/show_bug.cgi?id=182286

This upgrades the following packages,
glib 2.44.1 -> 2.54.3
glib-networking 2.42.0 -> 2.54.1
libsoup 2.48.0 -> 2.60.3

The initial reason for performing these upgrades was that when
visiting https://youtube.com, WPE was getting TLS certificate
errors. After upgrading glib-networking, these were fixed, but the
upgrade introduced dependencies on newer versions of the other
packages upgraded in this commit.

The upgrade to glib caused a linking error in gstreamer, the
following errors were being logged during linking,

usr/lib/x86_64-linux-gnu/libpangoft2-1.0.so.0: undefined reference to `hb_glib_script_from_script'
usr/lib/x86_64-linux-gnu/libpangoft2-1.0.so.0: undefined reference to `hb_glib_get_unicode_funcs'
usr/lib/x86_64-linux-gnu/libpangoft2-1.0.so.0: undefined reference to `hb_glib_script_to_script'

This was fixed by adding the glib package built in the jhbuild to
harfbuzz.

Finally, the upgrade of glib caused the glib-warning-fix.patch to
no longer apply, so this patch was removed.

Reviewed by Michael Catanzaro.

  • wpe/jhbuild.modules: Added dependecies.
  • wpe/patches/glib-warning-fix.patch: Removed.
5:47 AM Changeset in webkit [227899] by Carlos Garcia Campos
  • 2 edits in trunk/WebDriverTests

Unreviewed gardening. Update expectations of several WebDriver tests.

2:18 AM Changeset in webkit [227898] by sbarati@apple.com
  • 10 edits
    1 add in trunk

JSC incorrectly interpreting script, sets Global Property instead of Global Lexical variable (LiteralParser / JSONP path)
https://bugs.webkit.org/show_bug.cgi?id=182074
<rdar://problem/36846261>

Reviewed by Mark Lam.

JSTests:

  • stress/jsonp-program-evaluate-path-must-consider-global-lexical-environment.js: Added.

(assert):
(let.func):
(let.o.foo):
(varFunc):

LayoutTests/imported/w3c:

  • web-platform-tests/service-workers/service-worker/import-scripts-updated-flag.https-expected.txt:

Source/JavaScriptCore:

This patch teaches the JSONP evaluator about the global lexical environment.
Before, it was using the global object as the global scope, but that's wrong.
The global lexical environment is the first node in the global scope chain.

  • interpreter/Interpreter.cpp:

(JSC::Interpreter::executeProgram):

  • jsc.cpp:

(GlobalObject::finishCreation):
(shellSupportsRichSourceInfo):
(functionDisableRichSourceInfo):

  • runtime/LiteralParser.cpp:

(JSC::LiteralParser<CharType>::tryJSONPParse):

  • runtime/LiteralParser.h:

LayoutTests:

  • http/tests/security/regress-52192-expected.txt:
2:04 AM Changeset in webkit [227897] by sbarati@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

clean up pushToSaveImmediateWithoutTouchingRegisters a bit
https://bugs.webkit.org/show_bug.cgi?id=181774

Reviewed by JF Bastien.

This function on ARM64 was considering what to do with the scratch
register. And conditionally invalidated what was in it. This is not
relevant though, since the function always recovers what was in that
register. This patch just switches it to using dataTempRegister
directly and updates the comment to describe why it can do so safely.

  • assembler/MacroAssemblerARM64.h:

(JSC::MacroAssemblerARM64::pushToSaveImmediateWithoutTouchingRegisters):

1:58 AM Changeset in webkit [227896] by jmarcell@apple.com
  • 10 edits in branches/safari-605-branch/Source

Cherry-pick r227790. rdar://problem/37050332

1:19 AM Changeset in webkit [227895] by calvaris@igalia.com
  • 2 edits in trunk/Source/WebCore

[EME] Fix NavigatorEME::tryNextSupportedConfiguration typo
https://bugs.webkit.org/show_bug.cgi?id=182324

Reviewed by Žan Doberšek.

  • Modules/encryptedmedia/NavigatorEME.cpp:

(WebCore::tryNextSupportedConfiguration): Fix
candidateCofiguration typo.

1:17 AM Changeset in webkit [227894] by Carlos Garcia Campos
  • 3 edits in trunk/Tools

Unreviewed, rolling out r227782.

It didn't fix the problem

Reverted changeset:

"Unreviewed. Try to avoid webdriver tests step timing out in
the bots."
https://trac.webkit.org/changeset/227782

1:14 AM Changeset in webkit [227893] by Carlos Garcia Campos
  • 6 edits in trunk/Source/WebKit

REGRESSION(r227544): [GTK] contextMenuEvent is NULL on CONTEXT_MENU call
https://bugs.webkit.org/show_bug.cgi?id=182224

Reviewed by Michael Catanzaro.

Move the gestures handling to WebKitWebViewBase. This patch adds GestureControllerClient class, created and
implemented by WebKitWebViewBase and used by GestureController instead of the WebPageProxy. This way we ensure
events are handled consistently.

  • UIProcess/API/gtk/PageClientImpl.cpp:

(WebKit::PageClientImpl::doneWithTouchEvent): Cast the GdkEvent since GestureController no longer works wirth
const GdkEvents.
(WebKit::PageClientImpl::zoom): Use webkit_web_view_set_zoom_level() in case of WebKitWebView or
WebPageProxy::setPageZoomFactor() otherwise.

  • UIProcess/API/gtk/PageClientImpl.h:
  • UIProcess/API/gtk/WebKitWebViewBase.cpp:

(ClickCounter::currentClickCountForGdkButtonEvent): Receive a GdkEvent to avoid casts.
(webkitWebViewBaseHandleMouseEvent): Helper function to handle mouse events.
(webkitWebViewBaseButtonPressEvent): Use webkitWebViewBaseHandleMouseEvent.
(webkitWebViewBaseButtonReleaseEvent): Ditto.
(webkitWebViewBaseHandleWheelEvent): Helper function to handle wheel events.
(webkitWebViewBaseScrollEvent): Use webkitWebViewBaseHandleWheelEvent.
(webkitWebViewBaseMotionNotifyEvent): Use webkitWebViewBaseHandleMouseEvent.
(webkitWebViewBaseCrossingNotifyEvent): Ditto.
(webkitWebViewBaseGestureController): Pass the widget and client to GestureController.

  • UIProcess/gtk/GestureController.cpp:

(WebKit::GestureController::GestureController): Receives a widget and client now.
(WebKit::GestureController::handleEvent): Remove the const.
(WebKit::GestureController::Gesture::Gesture): Initialize client.
(WebKit::GestureController::Gesture::handleEvent): Remove the const.
(WebKit::GestureController::DragGesture::startDrag): Use the client instead of WebPageProxy.
(WebKit::GestureController::DragGesture::handleDrag): Ditto.
(WebKit::GestureController::DragGesture::handleTap): Ditto.
(WebKit::GestureController::DragGesture::begin): Ignore the const returned by gtk_gesture_get_last_event().
(WebKit::GestureController::DragGesture::update): Ditto.
(WebKit::GestureController::DragGesture::end): Ditto.
(WebKit::GestureController::DragGesture::DragGesture): Receives a widget and client now.
(WebKit::GestureController::SwipeGesture::startMomentumScroll): Use the client instead of WebPageProxy.
(WebKit::GestureController::SwipeGesture::swipe): Ignore the const returned by gtk_gesture_get_last_event().
(WebKit::GestureController::SwipeGesture::SwipeGesture): Receives a widget and client now.
(WebKit::GestureController::ZoomGesture::begin): Start the zoom.
(WebKit::GestureController::ZoomGesture::startZoom): Use the client instead of WebPageProxy.
(WebKit::GestureController::ZoomGesture::handleZoom): Ditto.
(WebKit::GestureController::ZoomGesture::ZoomGesture): Receives a widget and client now.
(WebKit::GestureController::LongPressGesture::longPressed): Use the client instead of WebKitWebView.
(WebKit::GestureController::LongPressGesture::pressed): Ignore the const returned by gtk_gesture_get_last_event().
(WebKit::GestureController::LongPressGesture::LongPressGesture): Receives a widget and client now.
(WebKit::GestureController::Gesture::simulateMouseClick): Deleted.
(WebKit::createScrollEvent): Deleted.

  • UIProcess/gtk/GestureController.h:
1:09 AM Changeset in webkit [227892] by jmarcell@apple.com
  • 6 edits
    3 adds in branches/safari-605-branch

Cherry-pick r227870. rdar://problem/37059541

1:09 AM Changeset in webkit [227891] by Carlos Garcia Campos
  • 2 edits in trunk/Source/WebKit

Web Automation: cookies returned by automation should have expiry time in seconds
https://bugs.webkit.org/show_bug.cgi?id=182293

Reviewed by Brian Burg.

When creating a WebCore::Cookie from a WebDriver object we convert the given expiry time to milliseconds, but
when creating a WebDriver object from a WebCore::Cookie we are keeping the milliseconds. We should convert to
seconds for consistency, so that the WebDriver always handles seconds.

Fixes: imported/w3c/webdriver/tests/cookies/get_named_cookie.py::test_get_named_cookie

  • UIProcess/Automation/WebAutomationSession.cpp:

(WebKit::buildObjectForCookie): Convert expiry to seconds.

1:09 AM Changeset in webkit [227890] by jmarcell@apple.com
  • 6 edits in branches/safari-605-branch/Source

Cherry-pick r227860. rdar://problem/37050332

1:09 AM Changeset in webkit [227889] by jmarcell@apple.com
  • 7 edits in branches/safari-605-branch

Cherry-pick r227770. rdar://problem/37019490

1:09 AM Changeset in webkit [227888] by jmarcell@apple.com
  • 10 edits
    4 adds in branches/safari-605-branch

Cherry-pick r227760. rdar://problem/37019484

1:09 AM Changeset in webkit [227887] by jmarcell@apple.com
  • 11 edits in branches/safari-605-branch/Source

Cherry-pick r227755. rdar://problem/37050332

1:09 AM Changeset in webkit [227886] by jmarcell@apple.com
  • 20 edits in branches/safari-605-branch/Source

Cherry-pick r227874. rdar://problem/37059537

1:09 AM Changeset in webkit [227885] by jmarcell@apple.com
  • 3 edits in branches/safari-605-branch/Source/WebKit

Cherry-pick r227869. rdar://problem/37059542

1:09 AM Changeset in webkit [227884] by jmarcell@apple.com
  • 6 edits
    2 adds in branches/safari-605-branch

Cherry-pick r227858. rdar://problem/37049295

1:09 AM Changeset in webkit [227883] by jmarcell@apple.com
  • 4 edits
    2 adds in branches/safari-605-branch

Cherry-pick r227855. rdar://problem/37059539

1:09 AM Changeset in webkit [227882] by jmarcell@apple.com
  • 5 edits
    2 adds in branches/safari-605-branch

Cherry-pick r227841. rdar://problem/37059544

1:08 AM Changeset in webkit [227881] by Carlos Garcia Campos
  • 2 edits in trunk/Tools

WebDriver: add domains to server config in w3c tests
https://bugs.webkit.org/show_bug.cgi?id=182294

Reviewed by Carlos Alberto Lopez Perez.

Several cookie tests expect server_config to have a domains key.

Fixes: imported/w3c/webdriver/tests/cookies/add_cookie.py::test_add_domain_cookie

imported/w3c/webdriver/tests/cookies/add_cookie.py::test_add_session_cookie_with_leading_dot_character_in_domain

  • Scripts/webkitpy/webdriver_tests/webdriver_w3c_executor.py:

(WebDriverW3CExecutor.init):

1:07 AM Changeset in webkit [227880] by Carlos Garcia Campos
  • 21 edits
    1 add in trunk

Unreviewed. Update W3C WebDriver imported tests.

Tools:

Show full pytest failure logs.

pytest truncates long lists when printing a failed assertion.
This is not great for debugging and arguably it should be the
default to show the full diff when comparing lists.

  • Scripts/webkitpy/webdriver_tests/pytest_runner.py:

(run):

WebDriverTests:

  • imported/w3c/importer.json:
  • imported/w3c/tools/wptrunner/requirements_sauce.txt:
  • imported/w3c/tools/wptrunner/tox.ini:
  • imported/w3c/tools/wptrunner/wptrunner/browsers/sauce.py:
  • imported/w3c/tools/wptrunner/wptrunner/executors/executormarionette.py:
  • imported/w3c/tools/wptrunner/wptrunner/executors/pytestrunner/runner.py:
  • imported/w3c/tools/wptrunner/wptrunner/metadata.py:
  • imported/w3c/webdriver/OWNERS:
  • imported/w3c/webdriver/tests/init.py:
  • imported/w3c/webdriver/tests/actions/mouse.py:
  • imported/w3c/webdriver/tests/actions/mouse_dblclick.py:
  • imported/w3c/webdriver/tests/actions/support/mouse.py:
  • imported/w3c/webdriver/tests/cookies/add_cookie.py:
  • imported/w3c/webdriver/tests/cookies/delete_cookie.py:
  • imported/w3c/webdriver/tests/cookies/get_named_cookie.py:
  • imported/w3c/webdriver/tests/element_send_keys/form_controls.py: Added.
  • imported/w3c/webdriver/tests/element_send_keys/interactability.py:
  • imported/w3c/webdriver/tests/interaction/element_clear.py:
  • imported/w3c/webdriver/tests/support/asserts.py:
12:19 AM Changeset in webkit [227879] by rniwa@webkit.org
  • 2 edits in trunk/Source/WebKit

Unreviewed iOS build fix.

  • UIProcess/API/Cocoa/WKWebsiteDataStorePrivate.h:
12:14 AM Changeset in webkit [227878] by jmarcell@apple.com
  • 4 edits
    4 adds in branches/safari-605-branch

Cherry-pick r227649. rdar://problem/37019344

12:13 AM Changeset in webkit [227877] by jmarcell@apple.com
  • 6 edits in branches/safari-605-branch

Cherry-pick r227625. rdar://problem/37019502

Jan 30, 2018:

11:28 PM Changeset in webkit [227876] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebCore

[WinCairo] syntheticBoldOffset makes a font with embedded bitmap fonts shown as double strike in HiDPI
https://bugs.webkit.org/show_bug.cgi?id=182093

Patch by Fujii Hironori <Fujii Hironori> on 2018-01-30
Reviewed by Alex Christensen.

WebKit draws texts doubly by shifting 1px for fonts without bold
fonts but bold font is desired. This synthetic bold method draws
fonts with embedded bitmap fonts look like double strike in HiDPI.

No new tests (Covered by the existing tests).

  • platform/graphics/win/FontCacheWin.cpp:

(WebCore::createGDIFont): Overwrite lfWeight if the desired weight
is bold and matched font weight is't bold and in WinCairo port.
Fix wrong indentation.

10:01 PM Changeset in webkit [227875] by wilander@apple.com
  • 30 edits in trunk

Add callbacks to testRunner.statisticsSetShouldPartitionCookiesForHost() and testRunner.statisticsUpdateCookiePartitioning()
https://bugs.webkit.org/show_bug.cgi?id=181958
https://bugs.webkit.org/show_bug.cgi?id=182072
<rdar://problem/36801804>
<rdar://problem/36845795>

Reviewed by Brent Fulgham.

Because of the asynchronous nature of XPC and cookies,
we need callbacks in these TestRunner functions so that
the layout tests can wait for state changes to finish
before checking test conditions.

Source/WebKit:

  • UIProcess/API/C/WKWebsiteDataStoreRef.cpp:

(WKWebsiteDataStoreStatisticsUpdateCookiePartitioning):
(WKWebsiteDataStoreSetStatisticsShouldPartitionCookiesForHost):

  • UIProcess/API/Cocoa/WKWebsiteDataStore.mm:

(-[WKWebsiteDataStore _resourceLoadStatisticsUpdateCookiePartitioning]):
(-[WKWebsiteDataStore _resourceLoadStatisticsUpdateCookiePartitioning:]):
(-[WKWebsiteDataStore _resourceLoadStatisticsSetShouldPartitionCookies:forHost:]):
(-[WKWebsiteDataStore _resourceLoadStatisticsSetShouldPartitionCookies:forHost:completionHandler:]):

  • UIProcess/API/Cocoa/WKWebsiteDataStorePrivate.h:
  • UIProcess/WebResourceLoadStatisticsStore.cpp:

(WebKit::WebResourceLoadStatisticsStore::resourceLoadStatisticsUpdated):
(WebKit::WebResourceLoadStatisticsStore::logUserInteraction):
(WebKit::WebResourceLoadStatisticsStore::logNonRecentUserInteraction):
(WebKit::WebResourceLoadStatisticsStore::scheduleCookiePartitioningUpdate):
(WebKit::WebResourceLoadStatisticsStore::scheduleCookiePartitioningUpdateForDomains):
(WebKit::WebResourceLoadStatisticsStore::scheduleClearPartitioningStateForDomains):
(WebKit::WebResourceLoadStatisticsStore::mergeWithDataFromDecoder):
(WebKit::WebResourceLoadStatisticsStore::clearInMemory):
(WebKit::WebResourceLoadStatisticsStore::updateCookiePartitioning):
(WebKit::WebResourceLoadStatisticsStore::updateCookiePartitioningForDomains):
(WebKit::WebResourceLoadStatisticsStore::clearPartitioningStateForDomains):

  • UIProcess/WebResourceLoadStatisticsStore.h:

Tools:

  • WebKitTestRunner/InjectedBundle/Bindings/TestRunner.idl:
  • WebKitTestRunner/InjectedBundle/InjectedBundle.cpp:

(WTR::InjectedBundle::didReceiveMessageToPage):

  • WebKitTestRunner/InjectedBundle/TestRunner.cpp:

(WTR::TestRunner::statisticsUpdateCookiePartitioning):
(WTR::TestRunner::statisticsSetShouldPartitionCookiesForHost):
(WTR::TestRunner::statisticsCallDidSetPartitionOrBlockCookiesForHostCallback):

  • WebKitTestRunner/InjectedBundle/TestRunner.h:
  • WebKitTestRunner/TestInvocation.cpp:

(WTR::TestInvocation::didSetPartitionOrBlockCookiesForHost):

  • WebKitTestRunner/TestInvocation.h:
  • WebKitTestRunner/cocoa/TestControllerCocoa.mm:

(WTR::TestController::statisticsUpdateCookiePartitioning):
(WTR::TestController::statisticsSetShouldPartitionCookiesForHost):

LayoutTests:

  • http/tests/resourceLoadStatistics/add-blocking-to-redirect-expected.txt:
  • http/tests/resourceLoadStatistics/add-blocking-to-redirect.html:
  • http/tests/resourceLoadStatistics/add-partitioning-to-redirect-expected.txt:
  • http/tests/resourceLoadStatistics/add-partitioning-to-redirect.html:
  • http/tests/resourceLoadStatistics/non-prevalent-resources-can-access-cookies-in-a-third-party-context.html:
  • http/tests/resourceLoadStatistics/partitioned-and-unpartitioned-cookie-deletion.html:
  • http/tests/resourceLoadStatistics/partitioned-and-unpartitioned-cookie-with-partitioning-timeout.html:
  • http/tests/resourceLoadStatistics/partitioned-cookies-with-and-without-user-interaction-expected.txt:
  • http/tests/resourceLoadStatistics/partitioned-cookies-with-and-without-user-interaction.html:
  • http/tests/resourceLoadStatistics/remove-blocking-in-redirect-expected.txt:
  • http/tests/resourceLoadStatistics/remove-blocking-in-redirect.html:
  • http/tests/resourceLoadStatistics/remove-partitioning-in-redirect-expected.txt:
  • http/tests/resourceLoadStatistics/remove-partitioning-in-redirect.html:
  • http/tests/resourceLoadStatistics/third-party-cookie-with-and-without-user-interaction.html:
  • platform/mac-wk2/TestExpectations:
9:23 PM Changeset in webkit [227874] by mark.lam@apple.com
  • 20 edits in trunk/Source

Apply poisoning to TypedArray vector pointers.
https://bugs.webkit.org/show_bug.cgi?id=182155
<rdar://problem/36286266>

Reviewed by JF Bastien.

Source/JavaScriptCore:

The TypeArray's vector pointer is now poisoned. The poison value is chosen based
on a TypeArray's jsType. The JSType must be between FirstTypedArrayType and
LastTypedArrayType. At runtime, we enforce that the index is well-behaved by
masking it against TypedArrayPoisonIndexMask. TypedArrayPoisonIndexMask (16) is
the number of TypedArray types (10) rounded up to the next power of 2.
Accordingly, we reserve an array of TypedArrayPoisonIndexMask poisons so that we
can use index masking on the index, and be guaranteed that the masked index will
be within bounds of the poisons array.

  1. Fixed both DFG and FTL versions of compileGetTypedArrayByteOffset() to not do any unnecessary work if the TypedArray vector is null.

FTL's cagedMayBeNull() is no longer needed because it is only used by
compileGetTypedArrayByteOffset(), and we need to enhance it to handle unpoisoning
in a TypedArray specific way. So, might as well do the work inline in
compileGetTypedArrayByteOffset() instead.

  1. Removed an unnecessary null-check in DFGSpeculativeJIT's compileNewTypedArrayWithSize() because there's already a null check above it that ensures that sizeGPR is never null.
  1. In LLInt's _llint_op_get_by_val, move the TypedArray length check before the loading of the vector for unpoisoning and uncaging. We don't need the vector if the length is 0.

Implementation notes on the need to null check the TypeArray vector:

  1. DFG::SpeculativeJIT::jumpForTypedArrayIsNeuteredIfOutOfBounds() does not need a m_poisonedVector null check because the function is a null check.
  1. DFG::SpeculativeJIT::compileGetIndexedPropertyStorage() does not need a m_poisonedVector null check because it is followed by a call to cageTypedArrayStorage() which assumes that storageReg cannot be null.
  1. DFG::SpeculativeJIT::compileGetTypedArrayByteOffset() already has a m_poisonedVector null check.
  1. DFG::SpeculativeJIT::compileNewTypedArrayWithSize() does not need a vector null check because the poisoning code is preceded by a sizeGPR null check, which ensures that the storageGPR (vector to be poisoned) is not null.
  1. FTL's compileGetIndexedPropertyStorage() does not need a m_poisonedVector null check because it is followed by a call to caged() which assumes that the vector cannot be null.
  1. FTL's compileGetTypedArrayByteOffset() already has a m_poisonedVector null check.
  1. FTL's compileNewTypedArray() does not need a vector null check because the poisoning code is preceded by a size null check, which ensures that the storage (vector to be poisoned) is not null.
  1. FTL's speculateTypedArrayIsNotNeutered() does not need a m_poisonedVector null check because the function is a null check.
  1. IntrinsicGetterAccessCase::emitIntrinsicGetter()'s TypedArrayByteOffsetIntrinsic case needs a null check so that it does not try to unpoison a null vector.
  1. JIT::emitIntTypedArrayGetByVal() does not need a vector null check because

we already do a length check even before loading the vector.

  1. JIT::emitFloatTypedArrayGetByVal() does not need a vector null check because

we already do a length check even before loading the vector.

  1. JIT::emitIntTypedArrayPutByVal() does not need a vector null check because

we already do a length check even before loading the vector.

  1. JIT::emitFloatTypedArrayPutByVal() does not need a vector null check because

we already do a length check even before loading the vector.

  1. LLInt's loadTypedArrayCaged() does not need a vector null check because its

client will do a TypedArray length check before calling it.

  • dfg/DFGFixupPhase.cpp:

(JSC::DFG::FixupPhase::checkArray):

  • dfg/DFGNode.h:

(JSC::DFG::Node::hasArrayMode):

  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::jumpForTypedArrayIsNeuteredIfOutOfBounds):
(JSC::DFG::SpeculativeJIT::compileGetIndexedPropertyStorage):
(JSC::DFG::SpeculativeJIT::compileGetTypedArrayByteOffset):
(JSC::DFG::SpeculativeJIT::compileNewTypedArrayWithSize):

  • ftl/FTLAbstractHeapRepository.h:
  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileGetIndexedPropertyStorage):
(JSC::FTL::DFG::LowerDFGToB3::compileGetTypedArrayByteOffset):
(JSC::FTL::DFG::LowerDFGToB3::compileNewTypedArray):
(JSC::FTL::DFG::LowerDFGToB3::speculateTypedArrayIsNotNeutered):
(JSC::FTL::DFG::LowerDFGToB3::cagedMayBeNull): Deleted.

  • jit/IntrinsicEmitter.cpp:

(JSC::IntrinsicGetterAccessCase::emitIntrinsicGetter):

  • jit/JITPropertyAccess.cpp:

(JSC::JIT::emitIntTypedArrayGetByVal):
(JSC::JIT::emitFloatTypedArrayGetByVal):
(JSC::JIT::emitIntTypedArrayPutByVal):
(JSC::JIT::emitFloatTypedArrayPutByVal):

  • llint/LowLevelInterpreter.asm:
  • llint/LowLevelInterpreter64.asm:
  • offlineasm/arm64.rb:
  • offlineasm/x86.rb:
  • runtime/CagedBarrierPtr.h:
  • runtime/JSArrayBufferView.cpp:

(JSC::JSArrayBufferView::JSArrayBufferView):
(JSC::JSArrayBufferView::finalize):
(JSC::JSArrayBufferView::neuter):

  • runtime/JSArrayBufferView.h:

(JSC::JSArrayBufferView::vector const):
(JSC::JSArrayBufferView::offsetOfPoisonedVector):
(JSC::JSArrayBufferView::poisonFor):
(JSC::JSArrayBufferView::Poison::key):
(JSC::JSArrayBufferView::offsetOfVector): Deleted.

  • runtime/JSCPoison.cpp:

(JSC::initializePoison):

  • runtime/JSCPoison.h:
  • runtime/JSGenericTypedArrayViewInlines.h:

(JSC::JSGenericTypedArrayView<Adaptor>::estimatedSize):
(JSC::JSGenericTypedArrayView<Adaptor>::visitChildren):
(JSC::JSGenericTypedArrayView<Adaptor>::slowDownAndWasteMemory):

  • runtime/JSObject.h:

Source/WTF:

  1. Added the ability to poison a CagedPtr.
  1. Prevent CagedPtr from being implicitly instantiated, and add operator= methods instead. This is because implicitly instantiated CagedPtrs with a poisoned trait may silently use a wrong poison value.
  • wtf/CagedPtr.h:

(WTF::CagedPtr::CagedPtr):
(WTF::CagedPtr::get const):
(WTF::CagedPtr::operator=):

9:15 PM Changeset in webkit [227873] by rniwa@webkit.org
  • 3 edits in trunk/Source/WebKit

REGRESSION(r227550): Resource timing API is disabled on macOS
https://bugs.webkit.org/show_bug.cgi?id=182318

Reviewed by Chris Dumez.

Resource timing API should be enabled by default all versions of macOS we support now.

  • Shared/WebPreferences.yaml:
  • Shared/WebPreferencesDefaultValues.h:
8:47 PM Changeset in webkit [227872] by commit-queue@webkit.org
  • 5 edits in trunk/Source

[Win] Warning fix.
https://bugs.webkit.org/show_bug.cgi?id=177007

Patch by Fujii Hironori <Fujii Hironori> on 2018-01-30
Reviewed by Yusuke Suzuki.

Source/JavaScriptCore:

  • interpreter/StackVisitor.cpp:

(JSC::StackVisitor::Frame::dump const):
Changed the type of locationRawBits from unsigned to uintptr_t.

  • runtime/IntlNumberFormat.cpp:

(JSC::IntlNumberFormat::createNumberFormat):
Initialize 'style' to avoid potentially uninitialized local variable warning.

Source/WTF:

A 32 bit integer should not be casted to a pointer directly in 64
bit Windows. It should be casted to a uintptr_t beforehand.

Rules for Using Pointers (Windows)
https://msdn.microsoft.com/library/windows/desktop/aa384242

  • wtf/ThreadingWin.cpp (InvalidThread): Casted 0xbbadbeef to uintptr_t.
8:27 PM Changeset in webkit [227871] by commit-queue@webkit.org
  • 2 edits in trunk/Tools

[webkitpy] Config file for apache is copied twice.
https://bugs.webkit.org/show_bug.cgi?id=182131

Patch by Basuke Suzuki <Basuke Suzuki> on 2018-01-30
Reviewed by Daniel Bates.

  • Scripts/webkitpy/layout_tests/servers/apache_http_server.py:

(LayoutTestApacheHttpd.init):
(LayoutTestApacheHttpd._copy_apache_config_file):
(LayoutTestApacheHttpd._get_apache_config_file_path): Deleted.

8:23 PM Changeset in webkit [227870] by gskachkov@gmail.com
  • 6 edits
    3 adds in trunk

FetchResponse should support ConsumeData callback on chunk data is received
https://bugs.webkit.org/show_bug.cgi?id=181600
<rdar://problem/36932547>

Reviewed by Alex Christensen.

LayoutTests/imported/w3c:

  • web-platform-tests/service-workers/service-worker/fetch-event-respond-with-body-loaded-in-chunk.https-expected.txt: Added.
  • web-platform-tests/service-workers/service-worker/fetch-event-respond-with-body-loaded-in-chunk.https.html: Added.
  • web-platform-tests/service-workers/service-worker/resources/fetch-event-respond-with-body-loaded-in-chunk-worker.js: Added.

Source/WebCore:

Test: imported/w3c/web-platform-tests/service-workers/service-worker/fetch-event-respond-with-body-loaded-in-chunk.https.html

Apply same read-by-chunk strategy for body coming from network as for body coming from ReadableStream.
Refactor to have one consumeBodyReceivedByChunk method for both cases.
This allows streaming data from a service worker to WebProcess as would be done by NetworkProcess.

  • Modules/cache/DOMCache.cpp:

(WebCore::DOMCache::addAll):
(WebCore::DOMCache::put):

  • Modules/fetch/FetchResponse.cpp:

(WebCore::FetchResponse::BodyLoader::didSucceed):
(WebCore::FetchResponse::BodyLoader::didReceiveData):
(WebCore::FetchResponse::BodyLoader::consumeDataByChunk):
(WebCore::FetchResponse::consumeBody):
(WebCore::FetchResponse::consumeBodyReceivedByChunk):

  • Modules/fetch/FetchResponse.h:
  • workers/service/context/ServiceWorkerFetch.cpp:

(WebCore::ServiceWorkerFetch::processResponse):

7:02 PM Changeset in webkit [227869] by timothy_horton@apple.com
  • 3 edits in trunk/Source/WebKit

WKWebView layout is sometimes wrong after rotation on iPhone X
https://bugs.webkit.org/show_bug.cgi?id=182304
<rdar://problem/34158671>

Reviewed by Simon Fraser.

  • Platform/spi/ios/UIKitSPI.h:
  • UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView _computedContentInset]):
(-[WKWebView _scrollViewSystemContentInset]):
(activeMinimumLayoutSize):
It turns out that it is not always safe to look at the safe area insets of
children from inside layoutSubviews, even after the call to super.

Instead, make use of the fact that WKScrollView and WKWebView have identical
coordinate spaces, and map WKWebView's safe area insets into the WKScrollView.
It's safe to use the scroll view's affected-edges and contentScrollInset,
because those aren't updated at the same outside-of-layout time that
safe area insets are.

We could alternatively move all calls to activeMinimumLayoutSize outside
of layoutSubviews, but that seems like a larger and riskier change.

All attempts to write a test have failed; this depends heavily on use of
autolayout and the mechanism by which the system updates system-owned
safe area insets during device rotation.

5:49 PM Changeset in webkit [227868] by Ryan Haddad
  • 2 edits in branches/safari-605-branch/LayoutTests

Cherry-pick r227867. rdar://problem/36912402

5:35 PM Changeset in webkit [227867] by commit-queue@webkit.org
  • 2 edits in trunk/LayoutTests

Move http/wpt/service-workers/clone-opaque-being-loaded-response.https.html to use HTTP
https://bugs.webkit.org/show_bug.cgi?id=182202
<rdar://problem/36912402>

Patch by Youenn Fablet <youenn@apple.com> on 2018-01-30
Reviewed by Chris Dumez.
Follow-up to ensure subresource load is also done in HTTP and not HTTPS

  • http/wpt/service-workers/clone-opaque-being-loaded-response-worker.js:
4:53 PM Changeset in webkit [227866] by don.olmstead@sony.com
  • 12 edits in trunk

JSExports.h should be included as <JavaScriptCore/JSExportMacros.h>
https://bugs.webkit.org/show_bug.cgi?id=182312

Reviewed by Michael Catanzaro.

Source/WebCore:

No new tests. No change in behavior.

  • config.h:

Source/WebKit:

  • config.h:

Source/WebKitLegacy/cf:

  • WebCoreSupport/WebInspectorClientCF.cpp:

Source/WebKitLegacy/mac:

  • WebKitPrefix.h:

Tools:

  • DumpRenderTree/config.h:
  • TestWebKitAPI/config.h:
  • WebKitTestRunner/config.h:
4:46 PM Changeset in webkit [227865] by Matt Lewis
  • 2 edits in trunk/LayoutTests

Marked fast/workers/worker-cloneport.html as flaky on macOS Release.
https://bugs.webkit.org/show_bug.cgi?id=182007

Unreviewed test gardening.

  • platform/mac-wk2/TestExpectations:
4:39 PM Changeset in webkit [227864] by webkit@devinrousso.com
  • 6 edits in trunk/Source/WebInspectorUI

Web Inspector: Replace Object.shallowMerge with ES2018 spread operator
https://bugs.webkit.org/show_bug.cgi?id=182219

Reviewed by Brian Burg.

  • UserInterface/Base/Utilities.js:

(Object.shallowMerge): Deleted.

  • UserInterface/Base/DOMUtilities.js:

(WI.linkifyNodeReference):

  • UserInterface/Base/Main.js:

(WI.handlePossibleLinkClick):
(WI.openURL):
(WI.showSourceCodeLocation):
(WI.showOriginalUnformattedSourceCodeLocation):
(WI.showOriginalOrFormattedSourceCodeLocation):
(WI.showOriginalOrFormattedSourceCodeTextRange):
(WI.linkifyLocation):

  • UserInterface/Views/DOMTreeElement.js:

(WI.DOMTreeElement.prototype._insertAdjacentHTML):

  • UserInterface/Views/WebSocketContentView.js:

(WI.WebSocketContentView.prototype._addRow):

4:31 PM Changeset in webkit [227863] by rniwa@webkit.org
  • 2 edits in trunk/PerformanceTests

StyleBench: Generate more mutation steps
https://bugs.webkit.org/show_bug.cgi?id=182291

Rubber-stamped by Antti Koivisto

Use zero-based index instead of one-based index.

  • StyleBench/resources/tests.js:

(makeSteps):

4:08 PM Changeset in webkit [227862] by commit-queue@webkit.org
  • 8 edits in trunk

Use double-quotes when serializing font-feature-settings
https://bugs.webkit.org/show_bug.cgi?id=182201

Source/WebCore:

According to the CSSOM spec, all strings should be serialized with double-quotes. The feature
tag value was previously serialized with single-quotes; change this to double-quotes to match
the spec and non-WebKit browsers.

Patch by Chris Nardi <cnardi@chromium.org> on 2018-01-30
Reviewed by Myles C. Maxfield.

Updated css3/font-feature-settings-parsing.html, fast/css/inherited-properties-rare-text.html,
and fast/text/font-face-javascript.html.

  • css/CSSFontFeatureValue.cpp:

(WebCore::CSSFontFeatureValue::customCSSText const):

LayoutTests:

Update tests with double-quotes instead of single-quotes.

Patch by Chris Nardi <cnardi@chromium.org> on 2018-01-30
Reviewed by Myles C. Maxfield.

  • css3/font-feature-settings-parsing-expected.txt:
  • css3/font-feature-settings-parsing.html:
  • fast/css/inherited-properties-rare-text-expected.txt:
  • fast/text/font-face-javascript-expected.txt:
  • fast/text/font-face-javascript.html:
3:13 PM Changeset in webkit [227861] by don.olmstead@sony.com
  • 2 edits in trunk/Source/WTF

Unreviewed build fix for JSCOnly after r227845.
https://bugs.webkit.org/show_bug.cgi?id=182274

  • wtf/PlatformJSCOnly.cmake:
3:12 PM Changeset in webkit [227860] by Brent Fulgham
  • 6 edits in trunk/Source

Add telemetry to track storage access API adoption
https://bugs.webkit.org/show_bug.cgi?id=182197
<rdar://problem/35803309>

Reviewed by Chris Dumez.

Part 2: Add telemetry for the Storage Access API case

Source/WebCore:

Adds a new convenience method to identify origin/page/frame combinations that
have been granted access to the Storage Access API. This is used for debug
logging in the NetworkProcess. It is not used in production builds.

  • platform/network/NetworkStorageSession.h:
  • platform/network/cf/NetworkStorageSessionCFNet.cpp:

(WebCore::NetworkStorageSession::hasStorageAccessForFrame const): Added.

Source/WebKit:

This change increments a counter when an origin is loaded in a first part context because
it was granted Storage Access API permissions.

  • NetworkProcess/NetworkResourceLoader.cpp:

(WebKit::NetworkResourceLoader::logCookieInformation const): Add logging to indicate
loads that happened with the Storage Access API enabled.

  • UIProcess/WebResourceLoadStatisticsStore.cpp:

(WebKit::WebResourceLoadStatisticsStore::requestStorageAccess): Increment counter for
loads using the new API.

3:05 PM Changeset in webkit [227859] by Wenson Hsieh
  • 3 edits in trunk/Tools

[iOS] API test UIPasteboardTests.DataTransferGetDataWhenPastingPlatformRepresentations fails after r223440
https://bugs.webkit.org/show_bug.cgi?id=182307
<rdar://problem/36041485>

Reviewed by Ryosuke Niwa.

Adjusts a failing API test that we forgot to rebaseline after r223440, which ensures that the result of reading
"text/html" from the DataTransfer is sanitized markup. To do this, teach the test harness
(dump-datatransfer-types.html) to ignore inline styles in markup if a flag is set, and then set that flag in
UIPasteboardTests.DataTransferGetDataWhenPastingPlatformRepresentations.

  • TestWebKitAPI/Tests/WebKitCocoa/dump-datatransfer-types.html:
  • TestWebKitAPI/Tests/ios/UIPasteboardTests.mm:

(TestWebKitAPI::TEST):

2:47 PM Changeset in webkit [227858] by rniwa@webkit.org
  • 6 edits
    2 adds in trunk

Release assert in updateLayout() via AXObjectCache::childrenChanged
https://bugs.webkit.org/show_bug.cgi?id=182279
<rdar://problem/36994456>

Reviewed by Antti Koivisto.

Source/WebCore:

Disable the assertion in Document::updateLayout and Document::updateStyle* in this particular circumstance as fixing it
would require a large architectural refactoring of the accessibility code.

Test: accessibility/accessibility-object-update-during-style-resolution-crash.html

  • accessibility/AXObjectCache.cpp:

(WebCore::AXObjectCache::childrenChanged): Disabled the release assertion here.

  • dom/Document.cpp:

(WebCore::Document::isSafeToUpdateStyleOrLayout const): Check LayoutAssertionDisableScope::shouldDisable.

  • dom/ScriptDisallowedScope.h:

(WebCore::ScriptDisallowedScope::LayoutAssertionDisableScope): Added.
(WebCore::ScriptDisallowedScope::LayoutAssertionDisableScope::LayoutAssertionDisableScope): Added.
(WebCore::ScriptDisallowedScope::LayoutAssertionDisableScope::~LayoutAssertionDisableScope): Added.
(WebCore::ScriptDisallowedScope::LayoutAssertionDisableScope::shouldDisable): Added.

  • page/LayoutContext.cpp:

(WebCore::LayoutContext::layout): Check LayoutAssertionDisableScope::shouldDisable.

LayoutTests:

Added a regression test.

  • accessibility/accessibility-object-update-during-style-resolution-crash-expected.txt: Added.
  • accessibility/accessibility-object-update-during-style-resolution-crash.html: Added.
2:45 PM BuildingGtk edited by Michael Catanzaro
(diff)
2:45 PM Changeset in webkit [227857] by Matt Lewis
  • 2 edits in trunk/LayoutTests

Skipping imported/w3c/web-platform-tests/service-workers/service-worker/navigation-redirect.https.html.
https://bugs.webkit.org/show_bug.cgi?id=182311

Unreviewed test expectations.

2:42 PM BuildingGtk edited by Michael Catanzaro
Switch build instructions to use Ninja (diff)
2:40 PM Changeset in webkit [227856] by Alan Bujtas
  • 5 edits in trunk/Source/WebCore

[RenderTreeBuilder] Move RenderRubyRun::rubyBaseSafe to RenderTreeBuilder::Ruby
https://bugs.webkit.org/show_bug.cgi?id=182306
<rdar://problem/37041440>

Reviewed by Antti Koivisto.

With all the ruby mutation code moving, only RenderTreeBuilder calls RenderRubyRun::rubyBaseSafe.

No change in functionality.

  • rendering/RenderRubyRun.cpp:

(WebCore::RenderRubyRun::rubyText const):
(WebCore::RenderRubyRun::rubyBase const):
(WebCore::RenderRubyRun::firstLineBlock const):
(WebCore::RenderRubyRun::takeChild):
(WebCore::RenderRubyRun::rubyBaseSafe): Deleted.

  • rendering/RenderRubyRun.h:
  • rendering/updating/RenderTreeBuilderRuby.cpp:

(WebCore::RenderTreeBuilder::Ruby::insertChild):
(WebCore::RenderTreeBuilder::Ruby::rubyBaseSafe):

  • rendering/updating/RenderTreeBuilderRuby.h:
2:16 PM Changeset in webkit [227855] by Megan Gardner
  • 4 edits
    2 adds in trunk

Make preserve and restore focus more likely to be symmetrical
https://bugs.webkit.org/show_bug.cgi?id=182264
Source/WebKit:

<rdar://problem/36948473>

Reviewed by Tim Horton.

Keep a stack of if we actually increment the focusState, so that
changes to the web content do not result in asymmetric decrements to the focus state.
To work around problems associated with <rdar://problem/37000122>.

  • UIProcess/ios/WKContentViewInteraction.h:
  • UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView _restoreFocusWithToken:]):
(-[WKContentView _preserveFocusWithToken:destructively:]):

LayoutTests:

Reviewed by Tim Horton.

Added new test to verify that opening a selection form twice works.

  • fast/forms/ios/ipad/select-form-run-twice-expected.txt: Added.
  • fast/forms/ios/ipad/select-form-run-twice.html: Added.
2:14 PM Changeset in webkit [227854] by jmarcell@apple.com
  • 3 edits in branches/safari-605-branch/Source/WebCore

Cherry-pick r227796. rdar://problem/37037868

2:14 PM Changeset in webkit [227853] by jmarcell@apple.com
  • 3 edits in branches/safari-605-branch/Source/WTF

Cherry-pick r227792. rdar://problem/37037861

2:14 PM Changeset in webkit [227852] by jmarcell@apple.com
  • 10 edits in branches/safari-605-branch/Source

Cherry-pick r227789. rdar://problem/37035797

2:14 PM Changeset in webkit [227851] by jmarcell@apple.com
  • 2 edits in branches/safari-605-branch/Source/ThirdParty/libwebrtc

Cherry-pick r227698. rdar://problem/36926420

2:08 PM Changeset in webkit [227850] by Antti Koivisto
  • 3 edits in trunk/PerformanceTests

StyleBench: Generate more mutation steps
https://bugs.webkit.org/show_bug.cgi?id=182291

Reviewed by Ryosuke Niwa.

The test should be doing multiple rounds of mutations in a single document to test what is supposed to test (like it did before r227756).
This also makes test results more stable and less dependent on possible first-time costs.

  • StyleBench/resources/benchmark-runner.js:

Adjust correctionFactor to match the new steps count. With 1.5 Firefox is ~72rpm.

  • StyleBench/resources/tests.js:

(makeSteps):

Generate 10 rounds of class/element mutation steps.
Give each generated step unique name so reporting works.
Make individual steps do fewer mutations.

1:55 PM Changeset in webkit [227849] by commit-queue@webkit.org
  • 4 edits in trunk/Source/WebCore

Unified sources for FEMorphology.cpp seems to break the windows build.
https://bugs.webkit.org/show_bug.cgi?id=178847

Patch by Fujii Hironori <Fujii Hironori> on 2018-01-30
Reviewed by Yusuke Suzuki.

Fix a compilation error.
platform/graphics/filters/SpotLightSource.cpp(45): error C2027: use of undefined type 'WebCore::FilterEffect'

No new tests (No behavior change)

  • Sources.txt: Removed @no-unify for FEMorphology.cpp.
  • platform/graphics/filters/SpotLightSource.cpp: Added #include "FilterEffect.h".
1:51 PM Changeset in webkit [227848] by mmaxfield@apple.com
  • 2 edits in trunk/Source/WebCore

Test fix after r227776
https://bugs.webkit.org/show_bug.cgi?id=180951

Unreviewed.

  • platform/graphics/cocoa/FontCacheCoreText.cpp:

(WebCore::mandatoryAttributesForUserInstalledFonts):

1:26 PM Changeset in webkit [227847] by Ryan Haddad
  • 2 edits in branches/safari-605-branch/Tools

Unreviewed, disable tests for rdar://problem/37032930&37032931.

  • TestWebKitAPI/Tests/WebKitCocoa/WKAttachmentTests.mm:

(TestWebKitAPI::TEST):

12:29 PM Changeset in webkit [227846] by dino@apple.com
  • 2 edits in trunk/Source/WebCore

CrashTracer: com.apple.WebKit.WebContent at WebCore: WebCore::Document::updateStyleIfNeeded
https://bugs.webkit.org/show_bug.cgi?id=182299
<rdar://problem/36853088>

Removing a misleading comment based on Zalan Bujtas's feedback.

  • rendering/RenderElement.cpp:

(WebCore::RenderElement::repaintForPausedImageAnimationsIfNeeded):

12:02 PM Changeset in webkit [227845] by don.olmstead@sony.com
  • 11 edits in trunk/Source

[CMake] Make WTF headers copies
https://bugs.webkit.org/show_bug.cgi?id=182274

Reviewed by Alex Christensen.

Source/ThirdParty:

  • gtest/CMakeLists.txt:

Source/WebDriver:

  • CMakeLists.txt:

Source/WTF:

  • wtf/CMakeLists.txt:
  • wtf/PlatformGTK.cmake:
  • wtf/PlatformJSCOnly.cmake:
  • wtf/PlatformMac.cmake:
  • wtf/PlatformWPE.cmake:
  • wtf/PlatformWin.cmake:
11:57 AM Changeset in webkit [227844] by jmarcell@apple.com
  • 68 edits
    1 add in tags/Safari-606.1.1.4/Source

Cherry-pick r227701. rdar://problem/36889194

11:57 AM Changeset in webkit [227843] by jmarcell@apple.com
  • 4 edits in tags/Safari-606.1.1.4/Source/JavaScriptCore

Cherry-pick r227692. rdar://problem/36460697

11:57 AM Changeset in webkit [227842] by jmarcell@apple.com
  • 16 edits in tags/Safari-606.1.1.4/Source

Cherry-pick r227161. rdar://problem/36163728

11:46 AM Changeset in webkit [227841] by dino@apple.com
  • 5 edits
    2 adds in trunk

CrashTracer: com.apple.WebKit.WebContent at WebCore: WebCore::Document::updateStyleIfNeeded
https://bugs.webkit.org/show_bug.cgi?id=182299
<rdar://problem/36853088>

Reviewed by Simon Fraser.

Source/WebCore:

Mostly speculative fix for the case where a scrollTo moves an
animated SVG image into view, causing its animation to restart during
a paint operation. This was causing a release ASSERT, so we now defer
the resumption of the animation into a timer.

Test: svg/animated-svgImage-scroll.html

  • rendering/RenderElement.cpp:

(WebCore::RenderElement::repaintForPausedImageAnimationsIfNeeded): Enqueue the
animation if it is an SVGImage.

  • svg/graphics/SVGImage.cpp: Add a timer to enqueue animation starts.

(WebCore::SVGImage::SVGImage):
(WebCore::SVGImage::startAnimationTimerFired):
(WebCore::SVGImage::enqueueStartAnimation):
(WebCore::SVGImage::stopAnimation):

  • svg/graphics/SVGImage.h:

LayoutTests:

  • svg/animated-svgImage-scroll-expected.txt: Added.
  • svg/animated-svgImage-scroll.html: Added.
11:45 AM Changeset in webkit [227840] by jmarcell@apple.com
  • 7 edits in tags/Safari-605.1.25.2/Source

Versioning.

11:45 AM Changeset in webkit [227839] by jmarcell@apple.com
  • 7 edits in tags/Safari-606.1.1.4/Source

Versioning.

11:40 AM Changeset in webkit [227838] by jmarcell@apple.com
  • 1 copy in tags/Safari-605.1.25.2

New tag.

11:39 AM Changeset in webkit [227837] by jmarcell@apple.com
  • 1 copy in tags/Safari-606.1.1.4

New tag.

10:51 AM Changeset in webkit [227836] by jmarcell@apple.com
  • 2 edits in branches/safari-605-branch/Source/WebKit

Cherry-pick r227772. rdar://problem/37019441

10:51 AM Changeset in webkit [227835] by jmarcell@apple.com
  • 7 edits
    2 adds in branches/safari-605-branch

Cherry-pick r227768. rdar://problem/37019510

10:51 AM Changeset in webkit [227834] by jmarcell@apple.com
  • 6 edits in branches/safari-605-branch

Cherry-pick r227765. rdar://problem/37019523

10:51 AM Changeset in webkit [227833] by jmarcell@apple.com
  • 11 edits
    7 adds in branches/safari-605-branch

Cherry-pick r227759. rdar://problem/37019477

10:51 AM Changeset in webkit [227832] by jmarcell@apple.com
  • 2 edits in branches/safari-605-branch/Source/WebKit

Cherry-pick r227758. rdar://problem/37019506

10:51 AM Changeset in webkit [227831] by jmarcell@apple.com
  • 2 edits in branches/safari-605-branch/Source/WebKit

Cherry-pick r227754. rdar://problem/37019474

10:51 AM Changeset in webkit [227830] by jmarcell@apple.com
  • 3 edits in branches/safari-605-branch/Source/WebCore

Cherry-pick r227753. rdar://problem/37019534

10:51 AM Changeset in webkit [227829] by jmarcell@apple.com
  • 2 edits in branches/safari-605-branch/Source/WebKit

Cherry-pick r227751. rdar://problem/37019491

10:51 AM Changeset in webkit [227828] by jmarcell@apple.com
  • 3 edits in branches/safari-605-branch/Source/WebCore

Cherry-pick r227745. rdar://problem/37019493

10:51 AM Changeset in webkit [227827] by jmarcell@apple.com
  • 3 edits
    1 add in branches/safari-605-branch

Cherry-pick r227742. rdar://problem/37019360

10:51 AM Changeset in webkit [227826] by jmarcell@apple.com
  • 3 edits
    2 adds in branches/safari-605-branch

Cherry-pick r227716. rdar://problem/37019460

10:51 AM Changeset in webkit [227825] by jmarcell@apple.com
  • 2 edits in branches/safari-605-branch/LayoutTests

Cherry-pick r227712. rdar://problem/37019428

10:51 AM Changeset in webkit [227824] by jmarcell@apple.com
  • 5 edits in branches/safari-605-branch

Cherry-pick r227710. rdar://problem/37019457

10:51 AM Changeset in webkit [227823] by jmarcell@apple.com
  • 5 edits in branches/safari-605-branch

Cherry-pick r227709. rdar://problem/37019451

10:51 AM Changeset in webkit [227822] by jmarcell@apple.com
  • 2 edits in branches/safari-605-branch/Source/WebInspectorUI

Cherry-pick r227707. rdar://problem/37019463

10:51 AM Changeset in webkit [227821] by jmarcell@apple.com
  • 2 edits in branches/safari-605-branch/Source/WebCore

Cherry-pick r227702. rdar://problem/37019515

10:51 AM Changeset in webkit [227820] by jmarcell@apple.com
  • 2 edits in branches/safari-605-branch/Source/WebCore

Cherry-pick r227697. rdar://problem/37019483

10:51 AM Changeset in webkit [227819] by jmarcell@apple.com
  • 6 edits in branches/safari-605-branch

Cherry-pick r227696. rdar://problem/37019435

10:50 AM Changeset in webkit [227818] by jmarcell@apple.com
  • 2 edits in branches/safari-605-branch/Source/WebCore

Cherry-pick r227686. rdar://problem/37019446

10:50 AM Changeset in webkit [227817] by jmarcell@apple.com
  • 5 edits in branches/safari-605-branch

Cherry-pick r227680. rdar://problem/37019528

10:50 AM Changeset in webkit [227816] by jmarcell@apple.com
  • 3 edits in branches/safari-605-branch/Source/WebInspectorUI

Cherry-pick r227666. rdar://problem/37019530

10:50 AM Changeset in webkit [227815] by jmarcell@apple.com
  • 9 edits
    2 adds in branches/safari-605-branch

Cherry-pick r227651. rdar://problem/37019465

10:50 AM Changeset in webkit [227814] by jmarcell@apple.com
  • 2 edits in branches/safari-605-branch/Source/WTF

Cherry-pick r227648. rdar://problem/37019367

10:50 AM Changeset in webkit [227813] by jmarcell@apple.com
  • 7 edits in branches/safari-605-branch

Cherry-pick r227647. rdar://problem/37019494

10:50 AM Changeset in webkit [227812] by jmarcell@apple.com
  • 2 edits in branches/safari-605-branch/Source/JavaScriptCore

Cherry-pick r227644. rdar://problem/37019367

10:50 AM Changeset in webkit [227811] by jmarcell@apple.com
  • 10 edits in branches/safari-605-branch/Source

Cherry-pick r227643. rdar://problem/37019367

10:50 AM Changeset in webkit [227810] by jmarcell@apple.com
  • 2 edits in branches/safari-605-branch/Source/WTF

Cherry-pick r227641. rdar://problem/37019444

10:50 AM Changeset in webkit [227809] by jmarcell@apple.com
  • 10 edits in branches/safari-605-branch

Cherry-pick r227639. rdar://problem/37019431

10:50 AM Changeset in webkit [227808] by jmarcell@apple.com
  • 9 edits in branches/safari-605-branch

Cherry-pick r227638. rdar://problem/37019454

10:50 AM Changeset in webkit [227807] by jmarcell@apple.com
  • 6 edits in branches/safari-605-branch

Cherry-pick r227637. rdar://problem/37019468

10:50 AM Changeset in webkit [227806] by jmarcell@apple.com
  • 3 edits in branches/safari-605-branch/Source/JavaScriptCore

Cherry-pick r227636. rdar://problem/37019363

10:50 AM Changeset in webkit [227805] by jmarcell@apple.com
  • 4 edits in branches/safari-605-branch

Cherry-pick r227635. rdar://problem/37019482

10:50 AM Changeset in webkit [227804] by jmarcell@apple.com
  • 2 edits in branches/safari-605-branch/Source/WebCore

Cherry-pick r227632. rdar://problem/37019496

10:50 AM Changeset in webkit [227803] by jmarcell@apple.com
  • 12 edits
    3 adds in branches/safari-605-branch

Cherry-pick r227631. rdar://problem/37019444

10:49 AM Changeset in webkit [227802] by jmarcell@apple.com
  • 3 edits in branches/safari-605-branch/Source/WTF

Cherry-pick r227628. rdar://problem/37019369

10:49 AM Changeset in webkit [227801] by jmarcell@apple.com
  • 4 edits in branches/safari-605-branch

Cherry-pick r227626. rdar://problem/37019471

10:49 AM Changeset in webkit [227800] by jmarcell@apple.com
  • 4 edits in branches/safari-605-branch

Cherry-pick r227624. rdar://problem/37019501

10:49 AM Changeset in webkit [227799] by jmarcell@apple.com
  • 2 edits in branches/safari-605-branch/Source/WebKit

Cherry-pick r227621. rdar://problem/37019519

10:49 AM Changeset in webkit [227798] by jmarcell@apple.com
  • 2 edits in branches/safari-605-branch/Tools

Cherry-pick r227616. rdar://problem/37019438

10:49 AM Changeset in webkit [227797] by jmarcell@apple.com
  • 2 edits in branches/safari-605-branch/Tools

Cherry-pick r227563. rdar://problem/37019479

10:47 AM Changeset in webkit [227796] by Chris Dumez
  • 3 edits in trunk/Source/WebCore

Service worker registration soft updates happen too frequently
https://bugs.webkit.org/show_bug.cgi?id=182296
<rdar://problem/37031862>

Reviewed by Youenn Fablet.

Move code that updates the registration's last update check time from after
the script bytecheck to before, as per:

This way, the last update check time gets updated even if the newly fetched
script is identical to the previous one, which is the common case.

  • workers/service/server/SWServer.cpp:

(WebCore::SWServer::updateWorker):

  • workers/service/server/SWServerJobQueue.cpp:

(WebCore::SWServerJobQueue::scriptFetchFinished):

10:45 AM Changeset in webkit [227795] by jmarcell@apple.com
  • 3 edits in branches/safari-605-branch/Source/WebCore

Cherry-pick r227529. rdar://problem/37019438

10:33 AM Changeset in webkit [227794] by Ryan Haddad
  • 1 edit
    2 moves in branches/safari-605-branch/LayoutTests

Cherry-pick r227741. rdar://problem/36912402

10:28 AM Changeset in webkit [227793] by Ryan Haddad
  • 1 edit
    4 adds in branches/safari-605-branch/LayoutTests

Unreviewed, rebaseline tests for rdar://problem/36912404&36912403.

  • platform/mac-elcapitan/imported/w3c/web-platform-tests/service-workers/service-worker/fetch-request-redirect.https-expected.txt: Added.
  • platform/mac-elcapitan/imported/w3c/web-platform-tests/service-workers/service-worker/fetch-request-resources.https-expected.txt: Added.
10:04 AM Changeset in webkit [227792] by mark.lam@apple.com
  • 3 edits in trunk/Source/WTF

Move ENABLE_POISON to Platform.h.
https://bugs.webkit.org/show_bug.cgi?id=182298
<rdar://problem/37032686>

Reviewed by Michael Saboff and JF Bastien.

ENABLE_POISON belongs in Platform.h to ensure that all places that depend on
ENABLE(POISON) will see it properly defined.

  • wtf/Platform.h:
  • wtf/Poisoned.h:
10:01 AM Changeset in webkit [227791] by Alan Bujtas
  • 13 edits in trunk/Source/WebCore

[RenderTreeBuilder] Move childBecameNonInline to RenderTreeBuilder
https://bugs.webkit.org/show_bug.cgi?id=182265
<rdar://problem/37004459>

Reviewed by Antti Koivisto.

Move the mutation code that wraps/unwraps a child element when its flow state changes
from(to) in-flow to(from) floating/out-of-flow.

No change in functionality.

  • rendering/RenderBlock.cpp:

(WebCore::RenderBlock::childBecameNonInline): Deleted.

  • rendering/RenderBlock.h:
  • rendering/RenderBoxModelObject.h:

(WebCore::RenderBoxModelObject::childBecameNonInline): Deleted.

  • rendering/RenderElement.cpp:

(WebCore::RenderElement::styleDidChange):
(WebCore::RenderElement::handleDynamicFloatPositionChange): Deleted.

  • rendering/RenderInline.cpp:

(WebCore::RenderInline::childBecameNonInline): Deleted.

  • rendering/RenderInline.h:
  • rendering/updating/RenderTreeBuilder.cpp:

(WebCore::RenderTreeBuilder::childFlowStateChangesAndAffectsParentBlock):
(WebCore::RenderTreeBuilder::splitFlow): Deleted.

  • rendering/updating/RenderTreeBuilder.h:
  • rendering/updating/RenderTreeBuilderBlock.cpp:

(WebCore::RenderTreeBuilder::Block::childBecameNonInline):

  • rendering/updating/RenderTreeBuilderBlock.h:
  • rendering/updating/RenderTreeBuilderInline.cpp:

(WebCore::RenderTreeBuilder::Inline::childBecameNonInline):

  • rendering/updating/RenderTreeBuilderInline.h:
9:44 AM Changeset in webkit [227790] by Brent Fulgham
  • 10 edits in trunk/Source

Add telemetry to track storage access API adoption
https://bugs.webkit.org/show_bug.cgi?id=182197
<rdar://problem/35803309>

Reviewed by Chris Dumez.

Source/WebCore:

Partial roll-out of r227755.

The original patch assumed the WebContent process kept track of user interaction. This is
only tracked in the UIProcess, so we can get rid of some of the logging code adding in
r227755.

  • loader/ResourceLoadObserver.cpp:

(WebCore::ResourceLoadObserver::logFrameNavigation):
(WebCore::ResourceLoadObserver::logSubresourceLoading):
(WebCore::ResourceLoadObserver::setTimeToLivePartitionFree): Deleted.
(WebCore::ResourceLoadObserver::wasAccessedWithinInteractionWindow const): Deleted.

  • loader/ResourceLoadObserver.h:

Source/WebKit:

This patch also handled aggregating the counts in the UIProcess, which has access to
the right data.

The original patch assumed the WebContent process kept track of user interaction. This is
only tracked in the UIProcess, so we can get rid of some of the logging code adding in
r227755.

  • Shared/WebProcessCreationParameters.cpp:

(WebKit::WebProcessCreationParameters::encode const): Rollout of r227755 changes not
needed to track the statistics.
(WebKit::WebProcessCreationParameters::decode): Ditto.

  • Shared/WebProcessCreationParameters.h:
  • UIProcess/Cocoa/WebProcessPoolCocoa.mm:

(WebKit::WebProcessPool::platformInitializeWebProcess): Ditto.

  • UIProcess/WebResourceLoadStatisticsStore.cpp:

(WebKit::WebResourceLoadStatisticsStore::wasAccessedAsFirstPartyDueToUserInteraction): Moved from
the WebContent process, which does not keep track of user interaction.
(WebKit::WebResourceLoadStatisticsStore::mergeStatistics): Aggregate counts while processing
the statistics.

  • UIProcess/WebResourceLoadStatisticsStore.h:
  • WebProcess/WebProcess.cpp:

(WebKit::WebProcess::initializeWebProcess):

9:21 AM Changeset in webkit [227789] by Chris Dumez
  • 10 edits in trunk/Source

Make sure we never create a WebSWClientConnection with an invalid sessionID
https://bugs.webkit.org/show_bug.cgi?id=182276
<rdar://problem/36582633>

Reviewed by Alex Christensen.

Make sure we never create a WebSWClientConnection with an invalid sessionID as this
could corrupt our hash tables.

Source/WebCore:

  • dom/Document.cpp:

(WebCore::Document::privateBrowsingStateDidChange):

  • workers/service/ServiceWorker.cpp:

(WebCore::ServiceWorker::postMessage):

  • workers/service/ServiceWorkerContainer.cpp:

(WebCore::ServiceWorkerContainer::ready):
(WebCore::ServiceWorkerContainer::getRegistration):
(WebCore::ServiceWorkerContainer::didFinishGetRegistrationRequest):
(WebCore::ServiceWorkerContainer::getRegistrations):
(WebCore::ServiceWorkerContainer::didFinishGetRegistrationsRequest):
(WebCore::ServiceWorkerContainer::jobResolvedWithRegistration):
(WebCore::ServiceWorkerContainer::ensureSWClientConnection):

Source/WebKit:

  • StorageProcess/StorageProcess.cpp:

(WebKit::StorageProcess::swServerForSession):

  • UIProcess/WebProcessPool.cpp:

(WebKit::WebProcessPool::establishWorkerContextConnectionToStorageProcess):

  • WebProcess/Storage/WebSWClientConnection.cpp:

(WebKit::WebSWClientConnection::WebSWClientConnection):

  • WebProcess/Storage/WebServiceWorkerProvider.cpp:

(WebKit::WebServiceWorkerProvider::serviceWorkerConnectionForSession):
(WebKit::WebServiceWorkerProvider::existingServiceWorkerConnectionForSession):

  • WebProcess/Storage/WebToStorageProcessConnection.cpp:

(WebKit::WebToStorageProcessConnection::serviceWorkerConnectionForSession):

8:18 AM Changeset in webkit [227788] by svillar@igalia.com
  • 6 edits in trunk

[WebVR][GTK][WPE] Exclude OpenVR from tarballs
https://bugs.webkit.org/show_bug.cgi?id=182284

Reviewed by Michael Catanzaro.

.:

Added private build options for USE_OPENVR.

  • Source/cmake/OptionsGTK.cmake:
  • Source/cmake/OptionsWPE.cmake:

Tools:

  • gtk/manifest.txt.in: Added ThirdParty/openvr to exclusions.
  • wpe/manifest.txt.in: Ditto.
8:13 AM Changeset in webkit [227787] by Antti Koivisto
  • 10 edits in trunk/Source/WebCore

Avoid traversing too much when doing class change invalidation
https://bugs.webkit.org/show_bug.cgi?id=181604

Reviewed by Zalan Bujtas.

We are now collecting information about which part of the tree a change in class can potentially affect.
Use the information to traverse only the required elements in Style::Invalidator.

The same mechanism can be later used for attribute and id change invalidation.

  • css/DocumentRuleSets.cpp:

(WebCore::DocumentRuleSets::collectFeatures const):
(WebCore::DocumentRuleSets::classInvalidationRuleSets const):
(WebCore::DocumentRuleSets::subjectClassRules const): Deleted.
(WebCore::DocumentRuleSets::ancestorClassRules const): Deleted.

Remove separate subject and ancestor invalidation RuleSets. Instead collect all invalidation rulesets
to a vector along with their MatchElements.

  • css/DocumentRuleSets.h:
  • css/RuleFeature.cpp:

(WebCore::RuleFeatureSet::computeNextMatchElement):
(WebCore::RuleFeatureSet::computeSubSelectorMatchElement):
(WebCore::RuleFeatureSet::collectFeatures):

Similarly collect all class invalidation RuleFeatures to a general HashMap along with the MatchElement.

(WebCore::RuleFeatureSet::add):
(WebCore::RuleFeatureSet::clear):
(WebCore::RuleFeatureSet::shrinkToFit):

  • css/RuleFeature.h:

(WebCore::RuleFeature::RuleFeature):

  • style/ClassChangeInvalidation.cpp:

(WebCore::Style::ClassChangeInvalidation::computeInvalidation):

Find out InvalidationRuleSets to use.

(WebCore::Style::ClassChangeInvalidation::invalidateStyleWithRuleSets):

Pass them to Style::Invalidator.

  • style/ClassChangeInvalidation.h:
  • style/StyleInvalidator.cpp:

(WebCore::Style::Invalidator::invalidateStyleForTree):
(WebCore::Style::Invalidator::invalidateStyleForDescendants):
(WebCore::Style::Invalidator::invalidateStyleWithMatchElement):

Traverse only the part of the tree needed by the given MatchElement.

  • style/StyleInvalidator.h:
  • style/StyleSharingResolver.cpp:

(WebCore::Style::SharingResolver::classNamesAffectedByRules const):

8:03 AM Changeset in webkit [227786] by jfernandez@igalia.com
  • 52 edits
    54 adds in trunk

[css-align] The 'baseline' value must be invalid for the 'justify-content' property
https://bugs.webkit.org/show_bug.cgi?id=181794

Reviewed by Antti Koivisto.

LayoutTests/imported/w3c:

Adapted the test cases using <baseline-position> keywords to the new CSS syntax.
Imported the CSS/support folder.

  • resources/import-expectations.json:
  • web-platform-tests/css/css-align/content-distribution/parse-align-content-001-expected.txt:
  • web-platform-tests/css/css-align/content-distribution/parse-align-content-001.html:
  • web-platform-tests/css/css-align/content-distribution/parse-align-content-003-expected.txt:
  • web-platform-tests/css/css-align/content-distribution/parse-align-content-003.html:
  • web-platform-tests/css/css-align/content-distribution/parse-justify-content-001-expected.txt:
  • web-platform-tests/css/css-align/content-distribution/parse-justify-content-001.html:
  • web-platform-tests/css/css-align/content-distribution/parse-justify-content-003-expected.txt:
  • web-platform-tests/css/css-align/content-distribution/parse-justify-content-003.html:
  • web-platform-tests/css/css-align/content-distribution/parse-justify-content-004-expected.txt:
  • web-platform-tests/css/css-align/content-distribution/parse-justify-content-004.html:
  • web-platform-tests/css/css-align/content-distribution/place-content-shorthand-001-expected.txt:
  • web-platform-tests/css/css-align/content-distribution/place-content-shorthand-001.html:
  • web-platform-tests/css/css-align/content-distribution/place-content-shorthand-002-expected.txt:
  • web-platform-tests/css/css-align/content-distribution/place-content-shorthand-002.html:
  • web-platform-tests/css/css-align/content-distribution/place-content-shorthand-004-expected.txt:
  • web-platform-tests/css/css-align/content-distribution/place-content-shorthand-004.html:
  • web-platform-tests/css/css-align/content-distribution/place-content-shorthand-006-expected.txt:
  • web-platform-tests/css/css-align/content-distribution/place-content-shorthand-006.html:
  • web-platform-tests/css/css-align/default-alignment/parse-align-items-001-expected.txt:
  • web-platform-tests/css/css-align/default-alignment/parse-align-items-001.html:
  • web-platform-tests/css/css-align/default-alignment/parse-align-items-003-expected.txt:
  • web-platform-tests/css/css-align/default-alignment/parse-align-items-003.html:
  • web-platform-tests/css/css-align/default-alignment/parse-justify-items-001-expected.txt:
  • web-platform-tests/css/css-align/default-alignment/parse-justify-items-001.html:
  • web-platform-tests/css/css-align/default-alignment/parse-justify-items-003-expected.txt:
  • web-platform-tests/css/css-align/default-alignment/parse-justify-items-003.html:
  • web-platform-tests/css/css-align/default-alignment/place-items-shorthand-001.html:
  • web-platform-tests/css/css-align/default-alignment/place-items-shorthand-002.html:
  • web-platform-tests/css/css-align/default-alignment/place-items-shorthand-004.html:
  • web-platform-tests/css/css-align/default-alignment/place-items-shorthand-006.html:
  • web-platform-tests/css/css-align/resources/alignment-parsing-utils.js:

(checkPlaceShorhand):
(checkPlaceShorhandLonghands):

  • web-platform-tests/css/css-align/self-alignment/parse-align-self-001-expected.txt:
  • web-platform-tests/css/css-align/self-alignment/parse-align-self-001.html:
  • web-platform-tests/css/css-align/self-alignment/parse-align-self-003-expected.txt:
  • web-platform-tests/css/css-align/self-alignment/parse-align-self-003.html:
  • web-platform-tests/css/css-align/self-alignment/parse-justify-self-001-expected.txt:
  • web-platform-tests/css/css-align/self-alignment/parse-justify-self-001.html:
  • web-platform-tests/css/css-align/self-alignment/parse-justify-self-003-expected.txt:
  • web-platform-tests/css/css-align/self-alignment/parse-justify-self-003.html:
  • web-platform-tests/css/css-align/self-alignment/place-self-shorthand-001.html:
  • web-platform-tests/css/css-align/self-alignment/place-self-shorthand-002.html:
  • web-platform-tests/css/css-align/self-alignment/place-self-shorthand-004.html:
  • web-platform-tests/css/css-align/self-alignment/place-self-shorthand-006.html:
  • web-platform-tests/css/support/1x1-green.png: Added.
  • web-platform-tests/css/support/1x1-lime.png: Added.
  • web-platform-tests/css/support/1x1-maroon.png: Added.
  • web-platform-tests/css/support/1x1-navy.png: Added.
  • web-platform-tests/css/support/1x1-red.png: Added.
  • web-platform-tests/css/support/1x1-white.png: Added.
  • web-platform-tests/css/support/60x60-gg-rr.png: Added.
  • web-platform-tests/css/support/60x60-green.png: Added.
  • web-platform-tests/css/support/60x60-red.png: Added.
  • web-platform-tests/css/support/OWNERS: Added.
  • web-platform-tests/css/support/README: Added.
  • web-platform-tests/css/support/a-green.css: Added.

(.a):

  • web-platform-tests/css/support/alignment.css: Added.

(.alignSelfAuto):
(.alignSelfNormal):
(.alignSelfStretch):
(.alignSelfStart):
(.alignSelfEnd):
(.alignSelfCenter):
(.alignSelfRight):
(.alignSelfLeft):
(.alignSelfFlexStart):
(.alignSelfFlexEnd):
(.alignSelfSelfStart):
(.alignSelfSelfEnd):
(.alignSelfSafeCenter):
(.alignSelfUnsafeCenter):
(.alignSelfSafeEnd):
(.alignSelfUnsafeEnd):
(.alignSelfSafeSelfEnd):
(.alignSelfUnsafeSelfEnd):
(.alignSelfSafeSelfStart):
(.alignSelfUnsafeSelfStart):
(.alignSelfSafeRight):
(.alignSelfUnsafeRight):
(.alignSelfSafeLeft):
(.alignSelfUnsafeLeft):
(.alignSelfSafeFlexEnd):
(.alignSelfUnsafeFlexEnd):
(.alignSelfSafeFlexStart):
(.alignSelfUnsafeFlexStart):
(.alignSelfBaseline):
(.alignSelfFirstBaseline):
(.alignSelfLastBaseline):
(.alignItemsAuto):
(.alignItemsNormal):
(.alignItemsStretch):
(.alignItemsStart):
(.alignItemsCenter):
(.alignItemsEnd):
(.alignItemsLeft):
(.alignItemsRight):
(.alignItemsFlexStart):
(.alignItemsFlexEnd):
(.alignItemsSelfStart):
(.alignItemsSelfEnd):
(.alignItemsSafeCenter):
(.alignItemsUnsafeCenter):
(.alignItemsSafeEnd):
(.alignItemsUnsafeEnd):
(.alignItemsSafeSelfEnd):
(.alignItemsUnsafeSelfEnd):
(.alignItemsSafeSelfStart):
(.alignItemsUnsafeSelfStart):
(.alignItemsSafeRight):
(.alignItemsUnsafeRight):
(.alignItemsSafeLeft):
(.alignItemsUnsafeLeft):
(.alignItemsSafeFlexEnd):
(.alignItemsUnsafeFlexEnd):
(.alignItemsSafeFlexStart):
(.alignItemsUnsafeFlexStart):
(.alignItemsBaseline):
(.alignItemsFirstBaseline):
(.alignItemsLastBaseline):
(.alignContentBaseline):
(.alignContentLastBaseline):
(.alignContentStart):
(.alignContentEnd):
(.alignContentCenter):
(.alignContentLeft):
(.alignContentRight):
(.alignContentFlexStart):
(.alignContentFlexEnd):
(.alignContentSpaceBetween):
(.alignContentSpaceAround):
(.alignContentSpaceEvenly):
(.alignContentStretch):
(.alignContentSafeCenter):
(.alignContentUnsafeCenter):
(.alignContentSafeEnd):
(.alignContentUnsafeEnd):
(.alignContentSafeRight):
(.alignContentUnsafeRight):
(.alignContentSafeLeft):
(.alignContentUnsafeLeft):
(.alignContentSafeFlexEnd):
(.alignContentUnsafeFlexEnd):
(.alignContentSafeFlexStart):
(.alignContentUnsafeFlexStart):
(.alignContentFirstBaseline):
(.justifySelfAuto):
(.justifySelfNormal):
(.justifySelfStretch):
(.justifySelfStart):
(.justifySelfCenter):
(.justifySelfEnd):
(.justifySelfRight):
(.justifySelfLeft):
(.justifySelfFlexStart):
(.justifySelfFlexEnd):
(.justifySelfSelfStart):
(.justifySelfSelfEnd):
(.justifySelfSafeCenter):
(.justifySelfUnsafeCenter):
(.justifySelfSafeEnd):
(.justifySelfUnsafeEnd):
(.justifySelfSafeSelfEnd):
(.justifySelfUnsafeSelfEnd):
(.justifySelfSafeSelfStart):
(.justifySelfUnsafeSelfStart):
(.justifySelfSafeRight):
(.justifySelfUnsafeRight):
(.justifySelfSafeLeft):
(.justifySelfUnsafeLeft):
(.justifySelfSafeFlexEnd):
(.justifySelfUnsafeFlexEnd):
(.justifySelfSafeFlexStart):
(.justifySelfUnsafeFlexStart):
(.justifySelfBaseline):
(.justifySelfFirstBaseline):
(.justifySelfLastBaseline):
(.justifyItemsAuto):
(.justifyItemsNormal):
(.justifyItemsStretch):
(.justifyItemsStart):
(.justifyItemsCenter):
(.justifyItemsEnd):
(.justifyItemsLeft):
(.justifyItemsRight):
(.justifyItemsFlexStart):
(.justifyItemsFlexEnd):
(.justifyItemsSelfStart):
(.justifyItemsSelfEnd):
(.justifyItemsLegacy):
(.justifyItemsLegacyLeft):
(.justifyItemsLegacyCenter):
(.justifyItemsLegacyRight):
(.justifyItemsLeftLegacy):
(.justifyItemsCenterLegacy):
(.justifyItemsRightLegacy):
(.justifyItemsSafeCenter):
(.justifyItemsUnsafeCenter):
(.justifyItemsSafeEnd):
(.justifyItemsUnsafeEnd):
(.justifyItemsSafeSelfEnd):
(.justifyItemsUnsafeSelfEnd):
(.justifyItemsSafeSelfStart):
(.justifyItemsUnsafeSelfStart):
(.justifyItemsSafeRight):
(.justifyItemsUnsafeRight):
(.justifyItemsSafeLeft):
(.justifyItemsUnsafeLeft):
(.justifyItemsSafeFlexEnd):
(.justifyItemsUnsafeFlexEnd):
(.justifyItemsSafeFlexStart):
(.justifyItemsUnsafeFlexStart):
(.justifyItemsTest):
(.justifyItemsBaseline):
(.justifyItemsFirstBaseline):
(.justifyItemsLastBaseline):
(.justifyContentBaseline):
(.justifyContentLastBaseline):
(.justifyContentStart):
(.justifyContentEnd):
(.justifyContentCenter):
(.justifyContentLeft):
(.justifyContentRight):
(.justifyContentFlexStart):
(.justifyContentFlexEnd):
(.justifyContentSpaceBetween):
(.justifyContentSpaceAround):
(.justifyContentSpaceEvenly):
(.justifyContentStretch):
(.justifyContentSafeCenter):
(.justifyContentUnsafeCenter):
(.justifyContentSafeEnd):
(.justifyContentUnsafeEnd):
(.justifyContentSafeRight):
(.justifyContentUnsafeRight):
(.justifyContentSafeLeft):
(.justifyContentUnsafeLeft):
(.justifyContentSafeFlexEnd):
(.justifyContentUnsafeFlexEnd):
(.justifyContentSafeFlexStart):
(.justifyContentUnsafeFlexStart):
(.justifyContentFirstBaseline):
(.itemsNormal):
(.itemsStretch):
(.itemsStart):
(.itemsCenter):
(.itemsEnd):
(.itemsLeft):
(.itemsRight):
(.itemsSelfStart):
(.itemsSelfEnd):
(.itemsBaseline):
(.selfStretch):
(.selfStart):
(.selfEnd):
(.selfCenter):
(.selfRight):
(.selfLeft):
(.selfSelfStart):
(.selfSelfEnd):
(.selfBaseline):
(.contentStart):
(.contentCenter):
(.contentEnd):
(.contentCenterSafe):
(.contentCenterUnsafe):
(.contentEndSafe):
(.contentEndUnsafe):
(.contentSpaceBetween):
(.contentSpaceAround):
(.contentSpaceEvenly):
(.contentStretch):

  • web-platform-tests/css/support/b-green.css: Added.

(.b):

  • web-platform-tests/css/support/c-red.css: Added.

(.c):

  • web-platform-tests/css/support/cat.png: Added.
  • web-platform-tests/css/support/green.ico: Added.
  • web-platform-tests/css/support/import-green.css: Added.

(.import):

  • web-platform-tests/css/support/import-red.css: Added.

(.import):

  • web-platform-tests/css/support/pattern-grg-rgr-grg.png: Added.
  • web-platform-tests/css/support/pattern-grg-rrg-rgg.png: Added.
  • web-platform-tests/css/support/pattern-rgr-grg-rgr.png: Added.
  • web-platform-tests/css/support/pattern-tr.png: Added.
  • web-platform-tests/css/support/red.ico: Added.
  • web-platform-tests/css/support/ruler-h-50%.png: Added.
  • web-platform-tests/css/support/ruler-h-50px.png: Added.
  • web-platform-tests/css/support/ruler-v-100px.png: Added.
  • web-platform-tests/css/support/ruler-v-50px.png: Added.
  • web-platform-tests/css/support/square-purple.png: Added.
  • web-platform-tests/css/support/square-teal.png: Added.
  • web-platform-tests/css/support/square-white.png: Added.
  • web-platform-tests/css/support/support/README: Added.
  • web-platform-tests/css/support/support/swatch-green.png: Added.
  • web-platform-tests/css/support/support/swatch-red.png: Added.
  • web-platform-tests/css/support/support/w3c-import.log: Added.
  • web-platform-tests/css/support/swatch-blue.png: Added.
  • web-platform-tests/css/support/swatch-green.png: Added.
  • web-platform-tests/css/support/swatch-lime.png: Added.
  • web-platform-tests/css/support/swatch-orange.png: Added.
  • web-platform-tests/css/support/swatch-red.png: Added.
  • web-platform-tests/css/support/swatch-teal.png: Added.
  • web-platform-tests/css/support/swatch-white.png: Added.
  • web-platform-tests/css/support/swatch-yellow.png: Added.
  • web-platform-tests/css/support/test-bl.png: Added.
  • web-platform-tests/css/support/test-br.png: Added.
  • web-platform-tests/css/support/test-inner-half-size.png: Added.
  • web-platform-tests/css/support/test-outer.png: Added.
  • web-platform-tests/css/support/test-tl.png: Added.
  • web-platform-tests/css/support/test-tr.png: Added.
  • web-platform-tests/css/support/w3c-import.log: Added.

Source/WebCore:

The CSS WG has resolved that it doesn't make sense to define Baseline
Content-Alignment in the inline/main axis.

https://github.com/w3c/csswg-drafts/issues/1184

The spec has been updated so that <baseline-postion> is not valid for
the 'justify-content' property's syntax. This CL updates our parsing
logic to match the new spec, including the parsing logic of the
place-content shorthand.

Additionally, this CL updates the computed value of the
<baseline-position> values to match other browsers.

We don't implement support for <baseline-position> values in the
Content Distribution properties (align-content and justify-content),
so I don't expect this change to break content of sites using the CSS
Box Alignment feature.

No new tests, just adapt the Web Platform Tests we already have to the new CSS syntax.

  • css/parser/CSSPropertyParser.cpp:

(WebCore::getBaselineKeyword):
(WebCore::consumeBaselineKeyword):
(WebCore::consumeContentDistributionOverflowPosition):
(WebCore::consumeSelfPositionOverflowPosition):
(WebCore::CSSPropertyParser::parseSingleValue):
(WebCore::consumeSimplifiedContentPosition):
(WebCore::CSSPropertyParser::consumePlaceContentShorthand):
(WebCore::consumeSimplifiedItemPosition):

6:56 AM Changeset in webkit [227785] by fred.wang@free.fr
  • 2 edits in trunk/LayoutTests

Unreviewed test gardening.

Patch by Frederic Wang <fwang@igalia.com> on 2018-01-30

  • TestExpectations: Add Bugzilla references for scrollingElement-quirks-dynamic tests.
5:54 AM Changeset in webkit [227784] by Michael Catanzaro
  • 2 edits in trunk/LayoutTests

Unreviewed WPE test gardening

This test now has a global flakiness expectation

  • platform/wpe/TestExpectations:
5:43 AM Changeset in webkit [227783] by Yusuke Suzuki
  • 2 edits in trunk/Tools

Unreviewed, try to fix JSCOnly build
https://bugs.webkit.org/show_bug.cgi?id=177202

  • CMakeLists.txt:
5:29 AM Changeset in webkit [227782] by Carlos Garcia Campos
  • 3 edits in trunk/Tools

Unreviewed. Try to avoid webdriver tests step timing out in the bots.

The process itself doesn't seem to be timing out, but the buildbot is always reporting the step as finished
after timeout. I think there's a race condition or something in buildbot, and it keeps watching the json log
file even when it has already been written. This is a speculative workaround, assuming that's the problem, that
creates the json file before running the tests. I'll revert this if it doesn't fix the issue in the end.

  • Scripts/run-webdriver-tests:
  • Scripts/webkitpy/webdriver_tests/webdriver_test_runner.py:

(WebDriverTestRunner.dump_results_to_json_file):

5:05 AM Changeset in webkit [227781] by fred.wang@free.fr
  • 19 edits in trunk/LayoutTests

Use document.scrollingElement to access viewport scroll properties in tests
https://bugs.webkit.org/show_bug.cgi?id=182241

Patch by Frederic Wang <fwang@igalia.com> on 2018-01-30
Reviewed by Antonio Gomes.

Many tests use document.body in standard mode in order to access scroll properties of the
viewport. This is incorrect per the CSSOM View specification but WebKit does not follow the
spec at the moment (see bug 5991). This replaces several of these instances with
document.scrollingElement, so that tests will still work when WebKit's behavior is changed.
LayoutTests/imported/w3c:

The change in that web-platform-tests test are imported from
https://github.com/w3c/web-platform-tests/commit/fc33ef7641427a3f1388093c54b24f292c21b34d

  • web-platform-tests/html/browsers/browsing-the-web/scroll-to-fragid/003.html:

LayoutTests:

  • fast/multicol/scrolling-overflow.html:
  • fast/scrolling/latching/iframe_in_iframe.html:
  • fast/scrolling/latching/scroll-div-no-latching.html:
  • fast/scrolling/latching/scroll-latched-nested-div.html:
  • fast/scrolling/latching/scroll-nested-iframe.html:
  • http/tests/navigation/anchor-frames-expected.txt:
  • http/tests/navigation/anchor-frames-gbk-expected.txt:
  • http/tests/navigation/anchor-frames-same-origin-expected.txt:
  • http/tests/navigation/resources/frame-with-anchor-gbk.html:
  • http/tests/navigation/resources/frame-with-anchor-same-origin.html:
  • http/tests/navigation/resources/frame-with-anchor.html:
  • tiled-drawing/resources/scroll-and-load-page.html:
  • tiled-drawing/scrolling/fast-scroll-mainframe-zoom.html:
  • tiled-drawing/scrolling/frames/resources/autoscrolling-frame-with-fixed.html:
  • tiled-drawing/scrolling/iframe_in_iframe.html:
  • tiled-drawing/tiled-drawing-scroll-position-page-cache-restoration-expected.txt:
4:55 AM Changeset in webkit [227780] by Yusuke Suzuki
  • 2 edits in trunk/JSTests

Unreviewed, update test262 expects
https://bugs.webkit.org/show_bug.cgi?id=182232

  • test262.yaml:
4:06 AM Changeset in webkit [227779] by Yusuke Suzuki
  • 6 edits
    1 add in trunk

[JSC] Implement trimStart and trimEnd
https://bugs.webkit.org/show_bug.cgi?id=182233

Reviewed by Mark Lam.

JSTests:

  • stress/trim.js: Added.

(shouldBe):
(startTest):
(endTest):
(trimTest):

Source/JavaScriptCore:

String.prototype.{trimStart,trimEnd} are now stage 3[1].
String.prototype.{trimLeft,trimRight} are alias to these functions.

We rename these functions to trimStart and trimEnd, and put them as
trimLeft and trimRight too.

[1]: https://tc39.github.io/proposal-string-left-right-trim/

  • runtime/StringPrototype.cpp:

(JSC::StringPrototype::finishCreation):
(JSC::trimString):
(JSC::stringProtoFuncTrim):
(JSC::stringProtoFuncTrimStart):
(JSC::stringProtoFuncTrimEnd):
(JSC::stringProtoFuncTrimLeft): Deleted.
(JSC::stringProtoFuncTrimRight): Deleted.

LayoutTests:

  • js/Object-getOwnPropertyNames-expected.txt:
  • js/script-tests/Object-getOwnPropertyNames.js:
3:37 AM Changeset in webkit [227778] by commit-queue@webkit.org
  • 7 edits in trunk

[WinCairo] Fix forwarding header conflict of WebKit on WinCairo
https://bugs.webkit.org/show_bug.cgi?id=177202

Patch by Basuke Suzuki <Basuke Suzuki> on 2018-01-30
Reviewed by Alex Christensen.

.:

  • Source/cmake/WebKitMacros.cmake:

Source/WebCore:

  • PlatformWin.cmake:

Source/WebKit:

  • PlatformWin.cmake:

Tools:

  • CMakeLists.txt:
2:07 AM Changeset in webkit [227777] by Dewei Zhu
  • 4 edits in trunk/Websites/perf.webkit.org

Should fetch owner commits in build-requests-fetcher.
https://bugs.webkit.org/show_bug.cgi?id=182266

Reviewed by Ryosuke Niwa.

In a build request, owner commit of a commit is not always one of a commit in the commit set.
Build request api should contain owner commits in the 'commits' field of the return value.

  • public/include/build-requests-fetcher.php: Added logic to fetch owner commits and added them into 'commits'.
  • server-tests/api-build-requests-tests.js: Added a unit test.
  • server-tests/resources/mock-data.js:

(MockData.set addTestGroupWithOwnerCommitNotInCommitSet): Added a test group with a build request, the commit set of which does
not contain owner commit of one commit.

1:01 AM Changeset in webkit [227776] by mmaxfield@apple.com
  • 8 edits in trunk

A disallowed user-installed font may be used if its PostScript name is specified
https://bugs.webkit.org/show_bug.cgi?id=180951

Reviewed by Brent Fulgham.

Source/WebCore:

This patch adds a new CoreText font attribute, kCTFontFallbackOptionAttribute, to the
fonts which WebKit creates. It also adds this attribute to web fonts, so that font
fallback will happen according to our rules about user-installed fonts. It also marks
these font attributes as "mandatory" so CoreText will be guaranteed to follow the
policy.

Test: fast/text/user-installed-fonts/disable.html

  • platform/graphics/FontCache.h:

(WebCore::FontDescriptionKey::makeFlagsKey):

  • platform/graphics/cocoa/FontCacheCoreText.cpp:

(WebCore::FontDatabase::collectionForFamily):
(WebCore::FontDatabase::fontForPostScriptName):
(WebCore::addAttributesForUserInstalledFonts):
(WebCore::mandatoryAttributesForUserInstalledFonts):

  • platform/graphics/mac/FontCustomPlatformData.cpp:

(WebCore::FontCustomPlatformData::fontPlatformData):

Source/WebCore/PAL:

  • pal/spi/cocoa/CoreTextSPI.h:

Jan 29, 2018:

11:34 PM Changeset in webkit [227775] by Yusuke Suzuki
  • 9 edits
    1 add in trunk

[JSC] Relax line terminators in String to make JSON subset of JS
https://bugs.webkit.org/show_bug.cgi?id=182232

Reviewed by Keith Miller.

JSTests:

  • ChakraCore/test/es5/Lex_u3.baseline-jsc:
  • stress/relaxed-line-terminators-in-string.js: Added.

(shouldBe):

Source/JavaScriptCore:

"Subsume JSON" spec is now stage 3[1]. Before this spec change,
JSON can accept \u2028 / \u2029 in string while JS cannot do that.
It accidentally made JSON non subset of JS.

Now we extend our JS string to accept \u2028 / \u2029 to make JSON
subset of JS in this spec change.

[1]: https://github.com/tc39/proposal-json-superset

  • parser/Lexer.cpp:

(JSC::Lexer<T>::parseStringSlowCase):

LayoutTests:

  • sputnik/Conformance/07_Lexical_Conventions/7.3_Line_Terminators/S7.3_A2.3-expected.txt:
  • sputnik/Conformance/07_Lexical_Conventions/7.3_Line_Terminators/S7.3_A2.3.html:
  • sputnik/Conformance/07_Lexical_Conventions/7.3_Line_Terminators/S7.3_A2.4-expected.txt:
  • sputnik/Conformance/07_Lexical_Conventions/7.3_Line_Terminators/S7.3_A2.4.html:
11:00 PM Changeset in webkit [227774] by jmarcell@apple.com
  • 11 edits
    1 add in branches/safari-605-branch

Cherry-pick r227737. rdar://problem/36746140

10:32 PM Changeset in webkit [227773] by Carlos Garcia Campos
  • 4 edits in trunk/Source

WebDriver: evaluateJavaScriptFunction should return null when return value is undefined
https://bugs.webkit.org/show_bug.cgi?id=180350

Reviewed by Carlos Alberto Lopez Perez.

Source/WebDriver:

Stop handling the empty string as a special case of evaluateJavaScriptFunction result.

  • Session.cpp:

(WebDriver::Session::executeScript):

Source/WebKit:

undefined can't be converted to JSON string, in which case JSON.stringify() returns undefined and we handle that
case to return an empty string. We currently handle this case for execute script commands, but not in all other
cases where we use evaluateJavaScriptFunction. It would be simpler if evaluateJavaScriptFunction returned null,
because in that case we wouldn't need to handle it as a special case.

15.2 Executing Script
https://w3c.github.io/webdriver/webdriver-spec.html#dfn-json-clone

Fixes: imported/w3c/webdriver/tests/state/get_element_property.py::test_element_non_existent

  • WebProcess/Automation/WebAutomationSessionProxy.js:

(let.AutomationSessionProxy.prototype._jsonStringify): Return "null" instead of "" when undefined is given.

9:56 PM Changeset in webkit [227772] by rniwa@webkit.org
  • 2 edits in trunk/Source/WebKit

Release assert in updateLayout while waiting for sync reply to WebPageProxy::HasInsecureContent
https://bugs.webkit.org/show_bug.cgi?id=182273

Reviewed by Chris Dumez.

The assertion was caused by unrelated sync IPCs being processed while WebContent process is waiting for
the reply to WebPageProxy::HasInsecureContent. Since this IPC can be used while creating CachedFrame,
it's not safe to execute arbitrary code.

Fixed the bug by using DoNotProcessIncomingMessagesWhenWaitingForSyncReply added in r227566.

  • WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:

(WebKit::WebFrameLoaderClient::savePlatformDataToCachedFrame):

9:36 PM Changeset in webkit [227771] by Wenson Hsieh
  • 2 edits in trunk/Source/WebKit

Add a build step to copy resources from WebKitAdditions as bundle resources in WebKit
https://bugs.webkit.org/show_bug.cgi?id=182268
<rdar://problem/37003784>

Reviewed by Tim Horton and Dan Bernstein.

Adds a "Copy Additional Resources" phase when building WebKit. This phase copies resources from
usr/local/include/WebKitAdditions/WebKit/AdditionalResources in the build directory into the
unlocalized resources directory. If the AdditionalResources directory does not exist in the build
directory, we fall back to searching the SDK.

  • WebKit.xcodeproj/project.pbxproj:
6:15 PM Changeset in webkit [227770] by commit-queue@webkit.org
  • 7 edits in trunk

ServiceWorkerClientFetch should not consider responses without Location headers as redirection responses
https://bugs.webkit.org/show_bug.cgi?id=182134

Patch by Youenn Fablet <youenn@apple.com> on 2018-01-29
Reviewed by Chris Dumez.

LayoutTests/imported/w3c:

  • web-platform-tests/service-workers/service-worker/navigation-redirect.https-expected.txt:

Source/WebKit:

As per fetch spec, a response with a redirection status code but no Location header should not be considered as a redirection.
This is also consistent with SubresourceLoader::didReceiveResponse.

  • WebProcess/Storage/ServiceWorkerClientFetch.cpp:

(WebKit::ServiceWorkerClientFetch::didReceiveResponse):

LayoutTests:

6:04 PM Changeset in webkit [227769] by Antti Koivisto
  • 2 edits in trunk/PerformanceTests

StyleBench: Remove : from a test name
https://bugs.webkit.org/show_bug.cgi?id=182258

Reviewed by Ryosuke Niwa.

It breaks reporting.

  • StyleBench/resources/style-bench.js:

(nthPseudoClassConfiguration):

5:41 PM Changeset in webkit [227768] by commit-queue@webkit.org
  • 7 edits
    2 adds in trunk

Cache API should make sure to resolve caches.open promises in the same order as called
https://bugs.webkit.org/show_bug.cgi?id=182193
<rdar://problem/36930363>

Patch by Youenn Fablet <youenn@apple.com> on 2018-01-29
Reviewed by Chris Dumez.

Source/WebCore:

Covered by LayoutTests/http/wpt/cache-storage/cache-open-delete-in-parallel.https.html.

  • Modules/cache/DOMCacheStorage.cpp:

(WebCore::DOMCacheStorage::doRemove): Removed optimization consisting in removing the cache from DOMCacheStorage object synchronously.
This optimization prevents going to the network process to try deleting the cache.

Source/WebKit:

Covered by added test.
Whenever opening/removing a cache requires writing to disk, wait to finish the task
until any disk writing task is done.
Applying this strategy when clearing data so that we also clear data that is pending to be written.
For removing cache, we now return whether a cache was actually deleted by returning zero as removed cache identifier.
WebCore uses that information to return true/false as promise resolution value.

  • NetworkProcess/cache/CacheStorageEngine.cpp:

(WebKit::CacheStorage::Engine::retrieveCaches):

  • NetworkProcess/cache/CacheStorageEngineCaches.cpp:

(WebKit::CacheStorage::Caches::clear):
(WebKit::CacheStorage::Caches::open):
(WebKit::CacheStorage::Caches::remove):
(WebKit::CacheStorage::Caches::writeCachesToDisk):
(WebKit::CacheStorage::Caches::cacheInfos):
(WebKit::CacheStorage::Caches::cacheInfos const): Deleted.

  • NetworkProcess/cache/CacheStorageEngineCaches.h:

(WebKit::CacheStorage::Caches::createWeakPtr):

LayoutTests:

  • http/wpt/cache-storage/cache-open.https-expected.txt: Added.
  • http/wpt/cache-storage/cache-open.https.html: Added.
5:38 PM Changeset in webkit [227767] by rniwa@webkit.org
  • 2 edits in trunk/PerformanceTests

Temporarily skip StyleBench until webkit.org/b/182088 is fixed.

  • Skipped:
5:33 PM Changeset in webkit [227766] by Matt Lewis
  • 2 edits in trunk/LayoutTests

Marked imported/w3c/web-platform-tests/html/semantics/scripting-1/the-script-element/module/errorhandling.html as flaky.
https://bugs.webkit.org/show_bug.cgi?id=182177

Unreviewed test expectations.

5:27 PM Changeset in webkit [227765] by achristensen@apple.com
  • 6 edits in trunk

Clean up API after bugs 178240 and 176474
https://bugs.webkit.org/show_bug.cgi?id=182259

Reviewed by Dan Bernstein.

Source/WebKit:

NS_OPTIONS should be NSUInteger, not NSInteger. This is how all other NS_OPTIONS in WebKit are,
and it's necessary if we get really big numbers as options. Changing them won't cause binary
incompatibility unless someone does signed integer comparison with currently invalid values.

Added availability macros I forgot to add earlier.

  • UIProcess/API/Cocoa/WKUIDelegatePrivate.h:
  • UIProcess/API/Cocoa/WKWebViewPrivate.h:

Tools:

  • TestWebKitAPI/Tests/WebKitCocoa/UIDelegate.mm:

(TEST):
(-[PinnedStateObserver observeValueForKeyPath:ofObject:change:context:]):

5:20 PM Changeset in webkit [227764] by jiewen_tan@apple.com
  • 60 edits in trunk

[WebAuthN] Add a compile-time feature flag
https://bugs.webkit.org/show_bug.cgi?id=182211
<rdar://problem/36936365>

Reviewed by Brent Fulgham.

.:

  • Source/cmake/WebKitFeatures.cmake:
  • Source/cmake/tools/vsprops/FeatureDefines.props:
  • Source/cmake/tools/vsprops/FeatureDefinesCairo.props:

Source/JavaScriptCore:

  • Configurations/FeatureDefines.xcconfig:

Source/WebCore:

Add a compile-time feature flag for WebAuthN as most of the functionality is platform
dependent.

No tests.

  • Configurations/FeatureDefines.xcconfig:
  • Modules/credentialmanagement/BasicCredential.cpp:
  • Modules/credentialmanagement/BasicCredential.h:
  • Modules/credentialmanagement/BasicCredential.idl:
  • Modules/credentialmanagement/CredentialCreationOptions.h:
  • Modules/credentialmanagement/CredentialCreationOptions.idl:
  • Modules/credentialmanagement/CredentialRequestOptions.h:
  • Modules/credentialmanagement/CredentialRequestOptions.idl:
  • Modules/credentialmanagement/CredentialsContainer.cpp:
  • Modules/credentialmanagement/CredentialsContainer.h:
  • Modules/credentialmanagement/CredentialsContainer.idl:
  • Modules/credentialmanagement/NavigatorCredentials.cpp:
  • Modules/credentialmanagement/NavigatorCredentials.h:
  • Modules/credentialmanagement/NavigatorCredentials.idl:
  • Modules/webauthn/Authenticator.cpp:
  • Modules/webauthn/Authenticator.h:
  • Modules/webauthn/AuthenticatorAssertionResponse.cpp:
  • Modules/webauthn/AuthenticatorAssertionResponse.h:
  • Modules/webauthn/AuthenticatorAssertionResponse.idl:
  • Modules/webauthn/AuthenticatorAttestationResponse.cpp:
  • Modules/webauthn/AuthenticatorAttestationResponse.h:
  • Modules/webauthn/AuthenticatorAttestationResponse.idl:
  • Modules/webauthn/AuthenticatorResponse.cpp:
  • Modules/webauthn/AuthenticatorResponse.h:
  • Modules/webauthn/AuthenticatorResponse.idl:
  • Modules/webauthn/PublicKeyCredential.cpp:
  • Modules/webauthn/PublicKeyCredential.h:
  • Modules/webauthn/PublicKeyCredential.idl:
  • Modules/webauthn/PublicKeyCredentialCreationOptions.h:
  • Modules/webauthn/PublicKeyCredentialCreationOptions.idl:
  • Modules/webauthn/PublicKeyCredentialDescriptor.h:
  • Modules/webauthn/PublicKeyCredentialDescriptor.idl:
  • Modules/webauthn/PublicKeyCredentialRequestOptions.h:
  • Modules/webauthn/PublicKeyCredentialRequestOptions.idl:
  • Modules/webauthn/PublicKeyCredentialType.h:
  • Modules/webauthn/PublicKeyCredentialType.idl:
  • bindings/js/JSAuthenticatorResponseCustom.cpp:
  • bindings/js/JSBasicCredentialCustom.cpp:

Source/WebCore/PAL:

  • Configurations/FeatureDefines.xcconfig:

Source/WebKit:

  • Configurations/FeatureDefines.xcconfig:

Source/WebKitLegacy/mac:

  • Configurations/FeatureDefines.xcconfig:

Tools:

  • Scripts/webkitperl/FeatureList.pm:
  • TestWebKitAPI/Configurations/FeatureDefines.xcconfig:

LayoutTests:

Skip WebAuthN related tests on certain platforms as they won't
support it immediately.

  • platform/gtk/TestExpectations:
  • platform/ios-wk1/TestExpectations:
  • platform/mac-wk1/TestExpectations:
  • platform/win/TestExpectations:
  • platform/wpe/TestExpectations:
4:37 PM Changeset in webkit [227763] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

Mark webrtc/captureCanvas-webrtc.html as flaky on macOS.
https://bugs.webkit.org/show_bug.cgi?id=181835

Unreviewed test gardening.

  • platform/mac-wk2/TestExpectations:
4:25 PM Changeset in webkit [227762] by wilander@apple.com
  • 16 edits in trunk/Source

Resource Load Statistics: Introduce debug mode as experimental feature
https://bugs.webkit.org/show_bug.cgi?id=182199
<rdar://problem/36930364>

Reviewed by Alex Christensen.

Source/WebCore:

No new tests. This adds an experimental feature.

The only changes to default behavior are:

  • Increased resolution on timestamps which is needed to be able to set shorter timeouts in debug mode.
  • Only update partitioning and blocking table when needed. This is an optimization which pays off in less XPC with shorter timeouts.
  • loader/ResourceLoadObserver.cpp:

(WebCore::reduceTimeResolution):
(WebCore::ResourceLoadObserver::logFrameNavigation):
(WebCore::ResourceLoadObserver::logSubresourceLoading):
(WebCore::ResourceLoadObserver::logWebSocketLoading):
(WebCore::ResourceLoadObserver::logUserInteractionWithReducedTimeResolution):
(WebCore::reduceToHourlyTimeResolution): Deleted.

  • page/RuntimeEnabledFeatures.h:

(WebCore::RuntimeEnabledFeatures::setResourceLoadStatisticsDebugMode):
(WebCore::RuntimeEnabledFeatures::resourceLoadStatisticsDebugMode const):

  • page/Settings.yaml:

Source/WebKit:

The only changes to default behavior are:

  • Increased resolution on timestamps which is needed to be able to set shorter timeouts in debug mode.
  • Only update partitioning and blocking table when needed. This is an optimization which pays off in less XPC with shorter timeouts.
  • Shared/WebPreferences.yaml:
  • UIProcess/API/APIWebsiteDataStore.cpp:

(API::WebsiteDataStore::resourceLoadStatisticsDebugMode const):
(API::WebsiteDataStore::setResourceLoadStatisticsDebugMode):

  • UIProcess/API/APIWebsiteDataStore.h:
  • UIProcess/API/C/WKWebsiteDataStoreRef.cpp:

(WKWebsiteDataStoreSetResourceLoadStatisticsDebugMode):

  • UIProcess/API/C/WKWebsiteDataStoreRef.h:
  • UIProcess/API/Cocoa/WKWebsiteDataStore.mm:

(-[WKWebsiteDataStore _resourceLoadStatisticsDebugMode]):
(-[WKWebsiteDataStore _setResourceLoadStatisticsDebugMode:]):

  • UIProcess/API/Cocoa/WKWebsiteDataStorePrivate.h:
  • UIProcess/WebResourceLoadStatisticsStore.cpp:

(WebKit::WebResourceLoadStatisticsStore::setResourceLoadStatisticsDebugMode):
(WebKit::WebResourceLoadStatisticsStore::logUserInteraction):

  • UIProcess/WebResourceLoadStatisticsStore.h:
  • UIProcess/WebsiteData/WebsiteDataStore.cpp:

(WebKit::WebsiteDataStore::resourceLoadStatisticsDebugMode const):
(WebKit::WebsiteDataStore::setResourceLoadStatisticsDebugMode):

  • UIProcess/WebsiteData/WebsiteDataStore.h:
4:16 PM Changeset in webkit [227761] by wilander@apple.com
  • 3 edits in trunk/LayoutTests

Switch grandfathering layout test to trigger on data record scanning instead of data record modification
https://bugs.webkit.org/show_bug.cgi?id=181482
<rdar://problem/36549026>

Unreviewed test gardening.

  • http/tests/resourceLoadStatistics/grandfathering.html:

Switched from
testRunner.installStatisticsDidModifyDataRecordsCallback()
to
testRunner.installStatisticsDidScanDataRecordsCallback().

  • platform/mac-wk2/TestExpectations:

Marked as [ Pass ] again.

3:39 PM Changeset in webkit [227760] by gskachkov@gmail.com
  • 10 edits
    4 adds in trunk

FetchResponse should support ConsumeData callback on chunk data is received: handling ReadableStream bodies
https://bugs.webkit.org/show_bug.cgi?id=182008

Reviewed by Youenn Fablet.

LayoutTests/imported/w3c:

  • web-platform-tests/service-workers/service-worker/fetch-event-respond-with-readable-stream-chunk.https-expected.txt: Added.
  • web-platform-tests/service-workers/service-worker/fetch-event-respond-with-readable-stream-chunk.https.html: Added.
  • web-platform-tests/service-workers/service-worker/resources/fetch-event-respond-with-readable-stream-chunk-iframe.html: Added.
  • web-platform-tests/service-workers/service-worker/resources/fetch-event-respond-with-readable-stream-chunk-worker.js: Added.

(const.process):
(this.step):
(this.run):
(const.asyncSteps):

Source/WebCore:

Modify FetchResponse to support ConsumeData callback with
handling of ReadableStream by chunks

  • Modules/cache/DOMCache.cpp:

(WebCore::DOMCache::put):

  • Modules/fetch/FetchBodyConsumer.cpp:

(WebCore::FetchBodyConsumer::resolve):

  • Modules/fetch/FetchResponse.cpp:

(WebCore::FetchResponse::consumeBodyFromReadableStream):

  • Modules/fetch/FetchResponse.h:
  • Modules/streams/ReadableStreamChunk.h: Added.
  • Modules/streams/ReadableStreamSink.cpp:

(WebCore::ReadableStreamToSharedBufferSink::enqueue):
(WebCore::ReadableStreamToSharedBufferSink::close):

  • Modules/streams/ReadableStreamSink.h:
  • WebCore.xcodeproj/project.pbxproj:
  • workers/service/context/ServiceWorkerFetch.cpp:

(WebCore::ServiceWorkerFetch::processResponse):

3:20 PM Changeset in webkit [227759] by aestes@apple.com
  • 11 edits
    7 adds in trunk

[iOS] Restrict synthetic clicks to the origin that handled the underlying touch event
https://bugs.webkit.org/show_bug.cgi?id=182252
<rdar://problem/21555881>

Reviewed by Tim Horton.

Source/WebCore:

Test: http/tests/events/touch/ios/cross-frame-single-tap-same-origin.https.html

  • dom/Document.h:

(WebCore::Document::handlingTouchEvent const):

  • page/EventHandler.h:

(WebCore::EventHandler::touchEventTargetSubframe const):
(WebCore::EventHandler::touches const):

Exposed some information needed by WebPage::updatePotentialTapSecurityOrigin().

  • page/Frame.h:
  • page/ios/FrameIOS.mm:

(WebCore::Frame::betterApproximateNode):
(WebCore::Frame::qualifyingNodeAtViewportLocation):

Changed NodeQualifier from a function pointer to a WTF::Function.

(WebCore::Frame::nodeRespondingToClickEvents):

Turned ancestorRespondingToClickEvents() into a lambda that captures originRestriction. In
the lambda, if there is an origin restriction, return nullptr if the hit test result's inner
Node is not in the restricted origin.

(WebCore::Frame::nodeRespondingToScrollWheelEvents):

Turned ancestorRespondingToScrollWheelEvents() into a lambda.

(WebCore::ancestorRespondingToScrollWheelEvents):

Moved to lambda in nodeRespondingToScrollWheelEvents().

(WebCore::ancestorRespondingToClickEvents):

Moved to lambda in nodeRespondingToClickEvents().

Source/WebKit:

  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::dispatchTouchEvent):
(WebKit::WebPage::updatePotentialTapSecurityOrigin):

Record the target frame origin of touch events that are potential taps, are
TouchStart events, are targeted in frames that have touch event listeners, and are not
handled by those listeners.

  • WebProcess/WebPage/WebPage.h:
  • WebProcess/WebPage/ios/WebPageIOS.mm:

(WebKit::WebPage::potentialTapAtPosition):
(WebKit::WebPage::commitPotentialTap):
(WebKit::WebPage::cancelPotentialTapInFrame):

Passed the target frame origin to Frame::nodeRespondingToClickEvents() then cleared it.

LayoutTests:

  • TestExpectations:
  • http/tests/events/touch/ios/cross-frame-single-tap-same-origin.https-expected.txt: Added.
  • http/tests/events/touch/ios/cross-frame-single-tap-same-origin.https.html: Added.
  • http/tests/events/touch/ios/resources/click-target.html: Added.
3:17 PM Changeset in webkit [227758] by achristensen@apple.com
  • 2 edits in trunk/Source/WebKit

Make policy checks more robust against null pointer dereferencing
https://bugs.webkit.org/show_bug.cgi?id=182263
<rdar://problem/34895714>

Reviewed by Tim Horton.

We're still dereferencing null. Check everything.

  • WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:

(WebKit::WebFrameLoaderClient::dispatchDecidePolicyForResponse):

2:35 PM Changeset in webkit [227757] by emilio
  • 2 edits in trunk/Source/WebCore

Trivially cleanup std::optional usage in RenderBlockFlow.
https://bugs.webkit.org/show_bug.cgi?id=182142

Reviewed by Antti Koivisto.

No new tests, no behavior change.

  • rendering/RenderBlockFlow.cpp:

(WebCore::RenderBlockFlow::firstLineBaseline const):
(WebCore::RenderBlockFlow::inlineBlockBaseline const):

2:09 PM Changeset in webkit [227756] by rniwa@webkit.org
  • 3 edits
    6 copies in trunk/PerformanceTests

Make StyleBench compatible with run-benchmark and run-perf-tests
https://bugs.webkit.org/show_bug.cgi?id=182262

Reviewed by Antti Koivisto.

Copied resource files referenced from Speedometer directory since run-benchmark needs to be able
to checkout each benchmark separately.

Removed the code to create tests of the same name five times in makeSteps since this
won't be compatible with either run-benchmark or run-perf-tests.

  • StyleBench/index.html: Removed the code to show warnings for local files since run-benchmark

doesn't use HTTP server in WebDriver mode.

  • StyleBench/resources/benchmark-report.js: Copied from resources/benchmark-report.js.
  • StyleBench/resources/benchmark-runner.js: Copied from resources/benchmark-runner.js.

(BenchmarkRunner.prototype._finalize): Use the correction factor of 8 instead of 5 in StyleBench.

  • StyleBench/resources/gauge.png: Copied from resources/gauge.png.
  • StyleBench/resources/gauge@2x.png: Copied from resources/gauge@2x.png.
  • StyleBench/resources/main.css: Copied from resources/main.css.
  • StyleBench/resources/main.js: Copied from resources/main.js.
  • StyleBench/resources/tests.js:

(makeSteps): Only make each test once.

2:00 PM Changeset in webkit [227755] by Brent Fulgham
  • 11 edits in trunk/Source

Add telemetry to track storage access API adoption
https://bugs.webkit.org/show_bug.cgi?id=182197
<rdar://problem/35803309>

Reviewed by Chris Dumez.
Source/WebCore:


Part 1: Add telemetry for the user interaction case

This patch adds telemetry to track how frequently third-party cookies are
used in a first party context due to user interaction. This will help
understand cases where the new Storage Access API can help, and to help
us understand if we have considered relevant use cases in its design.

  • loader/ResourceLoadObserver.cpp:

(WebCore::ResourceLoadObserver::setTimeToLivePartitionFree): Let the observer
know the first party interaction duration.
(WebCore::ResourceLoadObserver::wasAccessedWithinInteractionWindow const): Added.
(WebCore::ResourceLoadObserver::logFrameNavigation): Note when a third party
resource is accessed as a first party due to user interaction.
(WebCore::ResourceLoadObserver::logSubresourceLoading): Ditto.

  • loader/ResourceLoadObserver.h:
  • loader/ResourceLoadStatistics.cpp:

(WebCore::ResourceLoadStatistics::encode const): Handle new fields.
(WebCore::ResourceLoadStatistics::decode): Ditto.

  • loader/ResourceLoadStatistics.h:

Source/WebKit:

Part 1: Add telemetry for the user interaction case

This patch adds telemetry to track how frequently third-party cookies are
used in a first party context due to user interaction. This will help
understand cases where the new Storage Access API can help, and to help
us understand if we have considered relevant use cases in its design.

  • Shared/WebProcessCreationParameters.cpp:

(WebKit::WebProcessCreationParameters::encode const):
(WebKit::WebProcessCreationParameters::decode):

  • Shared/WebProcessCreationParameters.h:
  • UIProcess/Cocoa/WebProcessPoolCocoa.mm:

(WebKit::WebProcessPool::platformInitializeWebProcess):

  • UIProcess/WebResourceLoadStatisticsTelemetry.cpp:

(WebKit::sortedPrevalentResourceTelemetry): Update for new telemetry.
(WebKit::submitTopList): Update for new data types.

  • WebProcess/WebProcess.cpp:

(WebKit::WebProcess::initializeWebProcess): Handle the partitioning time
passed from the UIProcess.

1:58 PM Changeset in webkit [227754] by achristensen@apple.com
  • 2 edits in trunk/Source/WebKit

Fix crash when during canAuthenticateAgainstProtectionSpace
https://bugs.webkit.org/show_bug.cgi?id=182260
<rdar://problem/34911343>

Reviewed by Chris Dumez.

If we have a valid network load with no challenge completion handler and we are
telling it to continue with the challenge handling, something has gone wrong.
Maybe we've just recovered from a crashed network process. If this happens, do nothing.

  • NetworkProcess/NetworkLoad.cpp:

(WebKit::NetworkLoad::continueCanAuthenticateAgainstProtectionSpace):

1:46 PM Changeset in webkit [227753] by Antti Koivisto
  • 3 edits in trunk/Source/WebCore

CalcExpressionBlendLength::evaluate hits stack limit
https://bugs.webkit.org/show_bug.cgi?id=182243

Reviewed by Zalan Bujtas.

Speculative fix to prevent nesting of CalcExpressionBlendLength.

No test, don't know how to make one.

  • platform/CalculationValue.cpp:

(WebCore::CalcExpressionBlendLength::CalcExpressionBlendLength):

CalcExpressionBlendLength is only used in Length values of animated style. Normally such styles are not used
as input for further blending but there are some paths where this could in principle happen. Repeated
application (for each animation frame) could construct CalcExpressionBlendLength expression that blows
the stack when evaluated.

Speculatively fix by flattening any nesting.

  • platform/CalculationValue.h:

(WebCore::CalcExpressionBlendLength::CalcExpressionBlendLength): Deleted.

1:32 PM Changeset in webkit [227752] by commit-queue@webkit.org
  • 3 edits in trunk/Source/WebKit

Warning in 32-bit WebKit build when trying to link to SafariSafeBrowsing
https://bugs.webkit.org/show_bug.cgi?id=182251
rdar://problem/36964995

Patch by Zach Li <zacharyli323@gmail.com> on 2018-01-29
Reviewed by Alex Christensen.

  • Configurations/WebKit.xcconfig:

Only link against SafariSafeBrowsing framework in 64-bit architecture.

  • Platform/spi/Cocoa/SafeBrowsingSPI.h:

Guard the Safe Browsing code with WK_API_ENABLED.

1:20 PM Changeset in webkit [227751] by Chris Dumez
  • 2 edits in trunk/Source/WebKit

Make sure we do not re-enter Webcore during StorageToWebProcessConnection::EstablishSWServerConnection Sync IPC
https://bugs.webkit.org/show_bug.cgi?id=182256
<rdar://problem/36689233>

Reviewed by Simon Fraser.

Make sure we do not re-enter Webcore during StorageToWebProcessConnection::EstablishSWServerConnection Sync IPC as
this can lead to crashes such as the one in <rdar://problem/36689233>.

  • WebProcess/Storage/WebSWClientConnection.cpp:

(WebKit::WebSWClientConnection::WebSWClientConnection):

12:38 PM Changeset in webkit [227750] by rniwa@webkit.org
  • 2 edits in trunk/Websites/perf.webkit.org

Add the support for reporting Speedometer 2.0 results to perf dashboard
https://bugs.webkit.org/show_bug.cgi?id=182089
<rdar://problem/36172346>

Rubber-stamped by Chris Dumez.

Apparently, this has always worked since the very first version of the perf dashboard added in r163688.
The relevant code is at the line 313 of report-processor.php now.

Added regression tests for this feature since we didn't have any tests four years ago.

  • server-tests/api-report-tests.js:
12:35 PM Changeset in webkit [227749] by rniwa@webkit.org
  • 2 edits in trunk/Websites/perf.webkit.org

REGRESSION(r225898): The perf dashboard fails to open when there are no summary pages
https://bugs.webkit.org/show_bug.cgi?id=182210

Rubber-stamped by Chris Dumez.

The bug was caused by TestFreshnessPage unconditionally assuming that summaryPageConfiguration is set.
Fixed it by not creating TestFreshnessPage when there are no summary pages specified.

Also modernized the code to use const & let instead of var.

  • public/v3/main.js:

(main):

12:34 PM Changeset in webkit [227748] by beidson@apple.com
  • 2 edits in trunk/Tools

Make the API test added in r227737 be Mac-only.

Unreviewed gardening.

  • TestWebKitAPI/Tests/WebKitCocoa/MessagePortProviders.mm:
12:31 PM Changeset in webkit [227747] by rniwa@webkit.org
  • 3 edits
    1 add in trunk/Websites/perf.webkit.org

Perf dashboard's page title can be set to a previously visited page
https://bugs.webkit.org/show_bug.cgi?id=182209

Rubber-stamped by Chris Dumez.

Before this patch, opening a page and navigating away from it could result in the page title
getting set to that of the previously visited page after the new page had been opened.

This bug was caused by Page.render keep setting document.title even though the page is no longer
the currently open page of the router. Fixed it by exiting early in Page.enqueueToRender when
this page is not the currently open page of the router.

Also added basic tests for Page.

  • browser-tests/index.html:
  • browser-tests/page-tests.js: Added.
  • public/v3/pages/page.js:

(Page): Removed the unused second constructor argument.
(Page.prototype.enqueueToRender): Fixed the bug.
(Page.prototype.render): Use const instead of var.

12:27 PM Changeset in webkit [227746] by rniwa@webkit.org
  • 3 edits in trunk/Websites/perf.webkit.org

CommitLogViewer should not fetch commits in serial
https://bugs.webkit.org/show_bug.cgi?id=182207

Rubber-stamped by Chris Dumez.

Fetch both the commits in the range as well as the preceding commit at once instead of
fetching the preceding commit only after the commits in the range had been fetched.

  • browser-tests/commit-log-viewer-tests.js: Fixed the tcoest case after r224227.
  • public/v3/components/commit-log-viewer.js:

(CommitLogViewer.prototype._fetchCommitLogs): Fetch commits in parallel.

11:45 AM Changeset in webkit [227745] by Chris Dumez
  • 3 edits in trunk/Source/WebCore

Drop unnecessary "ServiceWorker Task Thread" in SWServer
https://bugs.webkit.org/show_bug.cgi?id=182253

Reviewed by Youenn Fablet.

Drop unnecessary "ServiceWorker Task Thread" in SWServer. We're spinning a thread for
each SWServer that is never used.

  • workers/service/server/SWServer.cpp:

(WebCore::SWServer::~SWServer):
(WebCore::SWServer::SWServer):
(WebCore::SWServer::taskThreadEntryPoint): Deleted.
(WebCore::SWServer::postTask): Deleted.
(WebCore::SWServer::postTaskReply): Deleted.
(WebCore::SWServer::handleTaskRepliesOnMainThread): Deleted.

  • workers/service/server/SWServer.h:
11:29 AM Changeset in webkit [227744] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebKit

[GTK] Zooming gesture incorrectly uses scale instead of zoom
https://bugs.webkit.org/show_bug.cgi?id=182174

Patch by Jan-Michael Brummer <jan.brummer@tabos.org> on 2018-01-29
Reviewed by Michael Catanzaro.

Switch zooming gesture to use zoom instead of scale function.

  • UIProcess/gtk/GestureController.cpp:

(WebKit::GestureController::ZoomGesture::begin):
(WebKit::GestureController::ZoomGesture::handleZoom):

11:27 AM Changeset in webkit [227743] by Matt Lewis
  • 10 edits in trunk

Unreviewed, rolling out r227731.

This caused and assertion failure in API tests.

Reverted changeset:

"Layout Test fast/events/beforeunload-dom-manipulation-
crash.html is crashing"
https://bugs.webkit.org/show_bug.cgi?id=181204
https://trac.webkit.org/changeset/227731

11:13 AM Changeset in webkit [227742] by msaboff@apple.com
  • 3 edits
    1 add in trunk

REGRESSION (r227341): DFG_ASSERT failure at JSC::DFG::AtTailAbstractState::forNode()
https://bugs.webkit.org/show_bug.cgi?id=182249

Reviewed by Keith Miller.

JSTests:

New regression test.

  • stress/compare-clobber-untypeduse.js: Added.

Source/JavaScriptCore:

Changed clobberize() handling of CompareEq, et al to properly handle comparisons between
Untyped and Object values when compared against built in types. Such comparisons can
invoke toNumber() or other methods.

  • dfg/DFGClobberize.h:

(JSC::DFG::clobberize):

10:37 AM Changeset in webkit [227741] by commit-queue@webkit.org
  • 1 edit
    2 moves in trunk/LayoutTests

Move http/wpt/service-workers/clone-opaque-being-loaded-response.https.html to use HTTP
https://bugs.webkit.org/show_bug.cgi?id=182202

Patch by Youenn Fablet <youenn@apple.com> on 2018-01-29
Reviewed by Chris Dumez.

Some bots dislike cross origin HTTPS fetches.

  • http/wpt/service-workers/clone-opaque-being-loaded-response-expected.txt: Renamed from LayoutTests/http/wpt/service-workers/clone-opaque-being-loaded-response.https-expected.txt.
  • http/wpt/service-workers/clone-opaque-being-loaded-response.html: Renamed from LayoutTests/http/wpt/service-workers/clone-opaque-being-loaded-response.https.html.
10:37 AM Changeset in webkit [227740] by commit-queue@webkit.org
  • 3 edits in trunk/Tools

WPT test exporter should add WebKit export in its PR description
https://bugs.webkit.org/show_bug.cgi?id=182246

Patch by Youenn Fablet <youenn@apple.com> on 2018-01-29
Reviewed by Chris Dumez.

Updating PR description body to contain the words 'WebKit export'.
That way, WPT PR bot will mark the PR as reviewed downstream.

  • Scripts/webkitpy/w3c/test_exporter.py:

(TestExporter.init):
(TestExporter.make_pull_request):

  • Scripts/webkitpy/w3c/test_exporter_unittest.py:

(TestExporterTest.test_export):

10:18 AM Changeset in webkit [227739] by rniwa@webkit.org
  • 6 edits
    2 adds in trunk/Tools

Add the support for running Speedometer 2.0 to run-benchmark
https://bugs.webkit.org/show_bug.cgi?id=182231

Reviewed by Antti Koivisto.

Made it possible to run Speedometer 2.0 using run-benchmark. To do this, this patch adds the ability to
aggregate results using the differently aggregated values of subtests. In particular, Speedometer 2.0
requires aggregating the geometric mean out of total time spent in each suite.

Also added --show-iteration-values to show individual measured values in each iteration.

  • Scripts/webkitpy/benchmark_runner/benchmark_results.py:

(BenchmarkResults.format): Added show_iteration_values as an option.
(BenchmarkResults._format_tests): Ditto.
(BenchmarkResults._format_values): Ditto. Added the code to show the measured values for each iteration
when show_iteration_values is set to True. We don't emit the unit in each value so that the list of values
is easily parsable as a JSON array.
(BenchmarkResults._format_values.format_scaled): Added. A helper function.
(BenchmarkResults._subtest_values_by_config_iteration): Added the support for aggregating values using
the aggregated values of a subtest even when they were computed using a different aggregator if the subtest
had exactly one aggregator.
(BenchmarkResults._lint_results):
(BenchmarkResults._lint_subtest_results): Replaced parent_needing_aggregation, which is set to the parent
test's name only when the parent test had an aggregator, by self-explanatory parent_test and
parent_aggregator_list.
(BenchmarkResults._lint_aggregator_list): Ditto. Added raise an exception when a test has an aggregator but
its subtest doesn't specify the same aggregator or it has more than one aggregators, making it ambiguous.
(BenchmarkResults._lint_configuration):

  • Scripts/webkitpy/benchmark_runner/benchmark_results_unittest.py:

(test_format_values_with_no_unit_scaling): Added.
(test_format_values_with_iteration_values): Added.
(test_format_values_with_no_unit_scaling_and_iteration_values): Added.
(test_aggregate_results_from_another_aggregator): Added.
(test_lint_results): Added a test case.

  • Scripts/webkitpy/benchmark_runner/benchmark_runner.py:

(BenchmarkRunner.init): Added show_iteration_values as an argument.
(BenchmarkRunner._run_benchmark): Ditto.
(BenchmarkRunner.show_results): Ditto.

  • Scripts/webkitpy/benchmark_runner/data/patches/webserver/Speedometer2.patch: Added.
  • Scripts/webkitpy/benchmark_runner/data/plans/speedometer2.plan: Added.
  • Scripts/webkitpy/benchmark_runner/run_benchmark.py:

(parse_args): Added --show-iteration-values as a boolean argument.
(run_benchmark_plan): Ditto.
(start): Ditto.

  • Scripts/webkitpy/benchmark_runner/webserver_benchmark_runner.py:

(WebServerBenchmarkRunner.init): Ditto.

9:47 AM Changeset in webkit [227738] by Matt Lewis
  • 15 edits
    2 deletes in trunk

Unreviewed, rolling out r227725.

This caused internal failures.

Reverted changeset:

"JSC Sampling Profiler: Detect tester and testee when sampling
in RegExp JIT"
https://bugs.webkit.org/show_bug.cgi?id=152729
https://trac.webkit.org/changeset/227725

9:45 AM Changeset in webkit [227737] by beidson@apple.com
  • 11 edits
    1 add in trunk

Make it possible for apps that use both WK1 and WK2 to use MessagePorts.
https://bugs.webkit.org/show_bug.cgi?id=182229

Reviewed by Chris Dumez.

Source/WebCore:

Covered by existing LayoutTests and a new API test.

  • dom/messageports/MessagePortChannel.cpp:

(WebCore::MessagePortChannel::checkRemotePortForActivity): Don't use the global singleton

provider. Instead use the provider that belongs to the owning registry.

  • dom/messageports/MessagePortChannelProviderImpl.cpp:

(WebCore::MessagePortChannelProviderImpl::MessagePortChannelProviderImpl): Pass a reference

to *this to the Registry.

  • dom/messageports/MessagePortChannelProviderImpl.h:
  • dom/messageports/MessagePortChannelRegistry.cpp:

(WebCore::MessagePortChannelRegistry::MessagePortChannelRegistry): Keep a Provider member so

MessagePortChannels can get to it instead of relying on the global singleton provider.

  • dom/messageports/MessagePortChannelRegistry.h:

(WebCore::MessagePortChannelRegistry::provider):

Source/WebKit:

  • UIProcess/UIMessagePortChannelProvider.cpp:

(WebKit::UIMessagePortChannelProvider::UIMessagePortChannelProvider):

  • UIProcess/WebPageProxy.cpp:

(WebKit::m_configurationPreferenceValues): The UI process does not need to override the

global singleton provider. It can remain the default ProviderImpl to allow WK1 views
to work fine, too.

Tools:

  • TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
  • TestWebKitAPI/Tests/WebKitCocoa/MessagePortProviders.mm: Added.
9:07 AM Changeset in webkit [227736] by Ryan Haddad
  • 2 edits in branches/safari-605-branch/LayoutTests

Cherry-pick r227708. rdar://problem/36915685

9:07 AM Changeset in webkit [227735] by Ryan Haddad
  • 2 edits in branches/safari-605-branch/LayoutTests

Cherry-pick r227203. rdar://problem/36837397

8:57 AM WebKitGTK/Gardening/Calendar edited by Michael Catanzaro
(diff)
8:56 AM Changeset in webkit [227734] by Michael Catanzaro
  • 2 edits in trunk/LayoutTests

Unreviewed WPE test gardening

  • platform/wpe/TestExpectations:
8:47 AM Changeset in webkit [227733] by Carlos Garcia Campos
  • 2 edits in trunk/Source/WebKit

WebDriver: ASSERTION FAILED: !m_loadTimer.isActive()
https://bugs.webkit.org/show_bug.cgi?id=182237

Reviewed by Carlos Alberto Lopez Perez.

We should stop the load timer when we dispatch the pending navigation callbacks due to an alert open.

  • UIProcess/Automation/WebAutomationSession.cpp:

(WebKit::WebAutomationSession::willShowJavaScriptDialog):

8:45 AM Changeset in webkit [227732] by Carlos Garcia Campos
  • 3 edits in trunk/Tools

WebDriver: properly recover w3c tests after a webdriver server crash
https://bugs.webkit.org/show_bug.cgi?id=182242

Reviewed by Carlos Alberto Lopez Perez.

When a test makes the webdriver server crash, all other subsequent tests fail because they still try to send
messages to the server, gettin connection refused errors all the time. Selenium tests handle this correctly by
relaunching the server after every test failure, because other failures, even when not crashing the server,
might leave it in an bad state. WPT runner does the same for test files, it uses a subprocess to run the tests
and when any subtest fails, a new subsprocess is used for the following test file. We could do the same.

  • Scripts/webkitpy/webdriver_tests/webdriver_test_runner_w3c.py:

(WebDriverTestRunnerW3C.run): Restart the executor if any subtest failed.

  • Scripts/webkitpy/webdriver_tests/webdriver_w3c_executor.py:

(WebDriverW3CExecutor.init): Save timeout and expectations and do not import pytest.
(WebDriverW3CExecutor.setup): Create a subprocess to run the tests.
(WebDriverW3CExecutor.teardown): Send a message to the subprocess to terminate.
(WebDriverW3CExecutor._runner): Run the tests using pytest runner.
(WebDriverW3CExecutor.run): Send a message to the subprocess to run the given test and return the results message.

8:02 AM Changeset in webkit [227731] by pvollan@apple.com
  • 10 edits in trunk

Layout Test fast/events/beforeunload-dom-manipulation-crash.html is crashing
https://bugs.webkit.org/show_bug.cgi?id=181204
<rdar://problem/36256274>

Reviewed by Ryosuke Niwa.

Source/WebCore:

When a frame element is moved in the DOM tree during the execution of a beforeunload handler,
the frame will be detached when removed from its previous position in the DOM tree. When being
detached, an attempt will also be made to stop the load by calling FrameLoader::stopAllLoaders().
However, this method will return early when executed in a beforeunload handler, since navigation
is not allowed then. The end result is a detached frame which will continue to load, and hitting
asserts in DocumentLoader::dataReceived(), and DocumentLoader::notifyFinished(). It should be
possible to stop a frame load, even when executing a beforeunload handler.

No new tests. Covered by the existing test fast/events/beforeunload-dom-manipulation-crash.html.

  • loader/FrameLoader.cpp:

(WebCore::FrameLoader::isStopLoadingAllowed const):
(WebCore::FrameLoader::stopAllLoaders):

  • loader/FrameLoader.h:

Tools:

Implement 'testRunner.forceImmediateCompletion()' for WK1.

  • DumpRenderTree/TestRunner.cpp:

(forceImmediateCompletionCallback):
(TestRunner::staticFunctions):

LayoutTests:

  • fast/events/beforeunload-dom-manipulation-crash.html: Make it clear that the

frame element is a child of the 'del' element.

  • fast/events/beforeunload-dom-manipulation-crash-expected.html:
  • platform/mac-wk1/TestExpectations: Unskip test.
7:56 AM WebKitGTK/Gardening/Calendar edited by zandobersek@gmail.com
(diff)
7:35 AM Changeset in webkit [227730] by pvollan@apple.com
  • 2 edits in trunk/LayoutTests

Mark js/dom/array-with-double-assign.html as a failure on Windows.
https://bugs.webkit.org/show_bug.cgi?id=182239

Unreviewed test gardening.

  • platform/win/TestExpectations:
7:26 AM Changeset in webkit [227729] by magomez@igalia.com
  • 2 edits in trunk/Source/WebCore

[CoordnatedGraphics] A child layer of a semitransparent layer isn't clipped properly
https://bugs.webkit.org/show_bug.cgi?id=181080

Reviewed by Žan Doberšek.

Check whether the applied clipping area is empty before drawing the children of a TextureMapperLayer. If
the area is empty no children will be drawn, so we can avoid drawing them.

No new tests -- no change in behavior.

  • platform/graphics/texmap/TextureMapperLayer.cpp:

(WebCore::TextureMapperLayer::paintSelfAndChildren):

6:32 AM Changeset in webkit [227728] by zandobersek@gmail.com
  • 11 edits in trunk/Source

[Cairo] Add GraphicsContextImplCairo::createFactory() helpers
https://bugs.webkit.org/show_bug.cgi?id=182238

Reviewed by Carlos Garcia Campos.

Source/WebCore:

Instead of duplicating lambdas that return a newly-created
GraphicsContextImplCairo object, provide static createFactory() helpers
on that class that produce GraphicsContextImplFactory wrappers which are
then invoked in the GraphicsContext constructor. The static functions
accept either the PlatformContextCairo reference or the cairo_t pointer,
invoking the proper GraphicsContextImplCairo constructor in the returned
lambda wrapper.

No new tests -- no change in functionality.

  • platform/graphics/cairo/GraphicsContextImplCairo.cpp:

(WebCore::GraphicsContextImplCairo::createFactory):

  • platform/graphics/cairo/GraphicsContextImplCairo.h:
  • platform/graphics/cairo/ImageBufferCairo.cpp:

(WebCore::ImageBuffer::ImageBuffer):

  • platform/graphics/cairo/PathCairo.cpp:

(WebCore::Path::strokeBoundingRect const):
(WebCore::Path::strokeContains const):

  • platform/graphics/nicosia/NicosiaPaintingContextCairo.cpp:

(Nicosia::PaintingContextCairo::PaintingContextCairo):

  • platform/graphics/win/ImageCairoWin.cpp:

(WebCore::BitmapImage::getHBITMAPOfSize):

Source/WebKit:

Use GraphicsContextImplCairo::createFactory() helpers throughout the
Cairo-specific GraphicsContext constructors in the WebKit layer.

  • Shared/cairo/ShareableBitmapCairo.cpp:

(WebKit::ShareableBitmap::createGraphicsContext):

  • UIProcess/cairo/BackingStoreCairo.cpp:

(WebKit::BackingStore::incorporateUpdate):

  • WebProcess/WebPage/gtk/WebPrintOperationGtk.cpp:

(WebKit::WebPrintOperationGtk::renderPage):

2:56 AM Changeset in webkit [227727] by zandobersek@gmail.com
  • 2 edits in trunk/Source/WebCore

Construct GraphicsContext with NonPaintingReasons::NoReason in FrameView::adjustPageHeightDeprecated()
https://bugs.webkit.org/show_bug.cgi?id=182235

Reviewed by Carlos Garcia Campos.

Pass the NonPaintingReasons::NoReason value to the GraphicsContext
constructor in FrameView::adjustPageHeightDeprecated(). This has the
same effect as when passing a null PlatformGraphicsContext to the
constructor, which effectively disables any painting through that
GraphicsContext, but doesn't have a platform-specific connotation.

No new tests -- no change in functionality.

  • page/FrameView.cpp:

(WebCore::FrameView::adjustPageHeightDeprecated):

2:56 AM Changeset in webkit [227726] by zandobersek@gmail.com
  • 11 edits in trunk/Source

[Cairo] Remove the GraphicsContext(cairo_t*) constructor
https://bugs.webkit.org/show_bug.cgi?id=182234

Reviewed by Carlos Garcia Campos.

Source/WebCore:

Instead of using the GraphicsContext(cairo_t*) constructor, leverage the
GraphicsContextImplCairo class and work with an existing Cairo context
through that GraphicsContextImpl implementation.

A new GraphicsContextImplCairo constructor is added, expecting pointer
to the cairo_t object. With that, a PlatformContextCairo object is
created, with ownership of that object now being handled by the
GraphicsContextImplCairo class.

Call sites of the GraphicsContext(cairo_t*) constructor are adjusted to
instead provide a factory function that returns a fresh
GraphicsContextImplCairo object, passing that cairo_t object to its
constructor.

No new tests -- no change in behavior.

  • platform/graphics/GraphicsContext.h:
  • platform/graphics/cairo/GraphicsContextCairo.cpp:

(WebCore::GraphicsContext::GraphicsContext): Deleted.

  • platform/graphics/cairo/GraphicsContextImplCairo.cpp:

(WebCore::GraphicsContextImplCairo::GraphicsContextImplCairo):
(WebCore::m_private):

  • platform/graphics/cairo/GraphicsContextImplCairo.h:
  • platform/graphics/cairo/PathCairo.cpp:

(WebCore::Path::strokeBoundingRect const):
(WebCore::Path::strokeContains const):

  • platform/graphics/win/ImageCairoWin.cpp:

(WebCore::BitmapImage::getHBITMAPOfSize):

Source/WebKit:

Call sites of the GraphicsContext(cairo_t*) constructor are adjusted to
instead provide a factory function that returns a fresh
GraphicsContextImplCairo object, passing that cairo_t object to its
constructor.

  • Shared/cairo/ShareableBitmapCairo.cpp:

(WebKit::ShareableBitmap::createGraphicsContext):

  • UIProcess/cairo/BackingStoreCairo.cpp:

(WebKit::BackingStore::incorporateUpdate):

  • WebProcess/WebPage/gtk/WebPrintOperationGtk.cpp:

(WebKit::WebPrintOperationGtk::renderPage):

2:43 AM Changeset in webkit [227725] by Yusuke Suzuki
  • 15 edits
    2 adds in trunk

JSC Sampling Profiler: Detect tester and testee when sampling in RegExp JIT
https://bugs.webkit.org/show_bug.cgi?id=152729

Reviewed by Saam Barati.

JSTests:

  • stress/sampling-profiler-regexp.js: Added.

(platformSupportsSamplingProfiler.test):
(platformSupportsSamplingProfiler.baz):
(platformSupportsSamplingProfiler):

Source/JavaScriptCore:

This patch extends SamplingProfiler to recognize JIT RegExp execution. We record
executing RegExp in VM so that SamplingProfiler can detect it. This is better
than the previous VM::isExecutingInRegExpJIT flag approach since

  1. isExecutingInRegExpJIT is set after starting executing JIT RegExp code. Thus,

if we suspend the thread just before executing this flag, or just after clearing
this flag, SamplingProfiler gets invalid frame, and frame validation fails. We
should set such a flag before and after executing JIT RegExp code.

  1. This removes VM dependency from YarrJIT which is not essential one.

We add ExecutionContext enum to RegExp::matchInline not to mark execution if it
is done in non JS thread.

  • bytecode/BytecodeDumper.cpp:

(JSC::regexpName):
(JSC::BytecodeDumper<Block>::dumpRegExps):
(JSC::regexpToSourceString): Deleted.

  • heap/Heap.cpp:

(JSC::Heap::addCoreConstraints):

  • runtime/RegExp.cpp:

(JSC::RegExp::compile):
(JSC::RegExp::match):
(JSC::RegExp::matchConcurrently):
(JSC::RegExp::compileMatchOnly):
(JSC::RegExp::toSourceString const):

  • runtime/RegExp.h:
  • runtime/RegExpInlines.h:

(JSC::RegExp::matchInline):

  • runtime/RegExpMatchesArray.h:

(JSC::createRegExpMatchesArray):

  • runtime/SamplingProfiler.cpp:

(JSC::SamplingProfiler::SamplingProfiler):
(JSC::SamplingProfiler::timerLoop):
(JSC::SamplingProfiler::takeSample):
(JSC::SamplingProfiler::processUnverifiedStackTraces):
(JSC::SamplingProfiler::StackFrame::nameFromCallee):
(JSC::SamplingProfiler::StackFrame::displayName):
(JSC::SamplingProfiler::StackFrame::displayNameForJSONTests):
(JSC::SamplingProfiler::StackFrame::functionStartLine):
(JSC::SamplingProfiler::StackFrame::functionStartColumn):
(JSC::SamplingProfiler::StackFrame::sourceID):
(JSC::SamplingProfiler::StackFrame::url):
(WTF::printInternal):
(JSC::SamplingProfiler::~SamplingProfiler): Deleted.

  • runtime/SamplingProfiler.h:
  • runtime/VM.h:
  • yarr/YarrJIT.cpp:

(JSC::Yarr::YarrGenerator::generateEnter):
(JSC::Yarr::YarrGenerator::generateReturn):
(JSC::Yarr::YarrGenerator::YarrGenerator):
(JSC::Yarr::jitCompile):

  • yarr/YarrJIT.h:
2:20 AM Changeset in webkit [227724] by fred.wang@free.fr
  • 2 edits in trunk/Tools

Unreviewed, add myself to some watch lists.

Patch by Frederic Wang <fwang@igalia.com> on 2018-01-29

  • Scripts/webkitpy/common/config/watchlist:
1:25 AM Changeset in webkit [227723] by Yusuke Suzuki
  • 24 edits
    4 adds in trunk

[DFG][FTL] WeakMap#set should have DFG node
https://bugs.webkit.org/show_bug.cgi?id=180015

Reviewed by Saam Barati.

JSTests:

  • stress/weakmap-set-change-get.js: Added.

(shouldBe):
(test):

  • stress/weakmap-set-cse.js: Added.

(shouldBe):
(test):

  • stress/weakset-add-change-get.js: Added.

(shouldBe):

  • stress/weakset-add-cse.js: Added.

(shouldBe):

Source/JavaScriptCore:

This patch adds WeakMapSet and WeakSetAdd DFG nodes to handle them efficiently in DFG and FTL.
We also define CSE rules for them. Now, WeakMapSet and WeakSetAdd can offer the results of
the subsequent WeakMapGet if CSE allows.

  • dfg/DFGAbstractInterpreterInlines.h:

(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):

  • dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::addVarArgChild):
(JSC::DFG::ByteCodeParser::handleIntrinsicCall):

  • dfg/DFGClobberize.h:

(JSC::DFG::clobberize):

  • dfg/DFGDoesGC.cpp:

(JSC::DFG::doesGC):
WeakMap operations do not cause GC.

  • dfg/DFGFixupPhase.cpp:

(JSC::DFG::FixupPhase::fixupNode):

  • dfg/DFGNodeType.h:
  • dfg/DFGOperations.cpp:
  • dfg/DFGOperations.h:
  • dfg/DFGPredictionPropagationPhase.cpp:
  • dfg/DFGSafeToExecute.h:

(JSC::DFG::safeToExecute):

  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compileWeakSetAdd):
(JSC::DFG::SpeculativeJIT::compileWeakMapSet):

  • dfg/DFGSpeculativeJIT.h:

(JSC::DFG::SpeculativeJIT::callOperation):

  • dfg/DFGSpeculativeJIT32_64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

  • dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

  • ftl/FTLCapabilities.cpp:

(JSC::FTL::canCompile):

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileNode):
(JSC::FTL::DFG::LowerDFGToB3::compileWeakSetAdd):
(JSC::FTL::DFG::LowerDFGToB3::compileWeakMapSet):

  • jit/JITOperations.h:
  • runtime/Intrinsic.cpp:

(JSC::intrinsicName):

  • runtime/Intrinsic.h:
  • runtime/WeakMapPrototype.cpp:

(JSC::WeakMapPrototype::finishCreation):

  • runtime/WeakSetPrototype.cpp:

(JSC::WeakSetPrototype::finishCreation):

Jan 28, 2018:

10:35 PM Changeset in webkit [227722] by commit-queue@webkit.org
  • 5 edits
    2 adds in trunk

Overflow of formulas is hidden for display mathematics
https://bugs.webkit.org/show_bug.cgi?id=160547

Patch by Minsheng Liu <lambda@liu.ms> on 2018-01-28
Reviewed by Frédéric Wang.

Source/WebCore:

Previously, <math> with display="block" uses its container's logical width as logical width.
However, that behavior will truncate overflowed contents. The patch fixes it by setting
the logical width as its content width rather than its container's logical width
if the former is wider than the latter.

Test: mathml/presentation/display-math-horizontal-overflow.html

  • rendering/mathml/RenderMathMLRow.cpp:

(WebCore::RenderMathMLRow::layoutBlock):

LayoutTests:

Add a test to ensure <math> with display="block" will not truncate overflowed contents.

  • mathml/presentation/display-math-horizontal-overflow-expected.txt: Added.
  • mathml/presentation/display-math-horizontal-overflow.html: Added.
9:08 PM Changeset in webkit [227721] by fpizlo@apple.com
  • 5 edits in trunk/Source/JavaScriptCore

LargeAllocation should do the same distancing as MarkedBlock
https://bugs.webkit.org/show_bug.cgi?id=182226

Reviewed by Saam Barati.

This makes LargeAllocation do the same exact distancing that MarkedBlock promises to do.

To make that possible, this patch first makes MarkedBlock know exactly how much distancing it
is doing:

  • I've rationalized the payloadSize calculation. In particular, I made MarkedSpace use the calculation done in MarkedBlock. MarkedSpace used to do the math a different way. This keeps the old way just for a static_assert.


  • The promised amount of distancing is now codified in HeapCell.h as minimumDistanceBetweenCellsFromDifferentOrigins. We assert that the footer size is at least as big as this. I didn't want to just use footer size for this constant because then, if you increased the size of the footer, you'd also add padding to every large allocation.


Then this patch just adds minimumDistanceBetweenCellsFromDifferentOrigins to each large
allocation. It also zeroes that slice of memory to prevent any information leaks that way.

This is perf neutral. Large allocations start out at ~8000 bytes. The amount of padding is
~300 bytes. That's 3.75% space overhead for objects that are ~8000 bytes, zero overhead for
smaller objects, and diminishing overhead for larger objects. We allocate very few large
objects, so we shouldn't have any real space overhead from this.

  • heap/HeapCell.h:
  • heap/LargeAllocation.cpp:

(JSC::LargeAllocation::tryCreate):

  • heap/MarkedBlock.h:
  • heap/MarkedSpace.h:
12:54 PM Changeset in webkit [227720] by zandobersek@gmail.com
  • 2 edits in trunk/LayoutTests

Unreviewed WPE gardening.

  • platform/wpe/TestExpectations: Add test failure expectations. Shuffle

around a few expectations and eliminate duplicate ones, removing overlap
warnings printed out when invoking run-webkit-tests.

12:00 PM Changeset in webkit [227719] by zandobersek@gmail.com
  • 2 edits
    4 adds in trunk/LayoutTests

Unreviewed GTK+ gardening.

  • platform/gtk/TestExpectations: Add failure expectations for three tests.
  • platform/gtk/imported/w3c/web-platform-tests/html/semantics/scripting-1/the-script-element/module/errorhandling-expected.txt:

Added a test baseline due to console messages being output in a slightly different order.

11:20 AM WebKitGTK/2.18.x edited by Michael Catanzaro
Add warning about r227544 (diff)
11:08 AM Changeset in webkit [227718] by fpizlo@apple.com
  • 8 edits in trunk/Source/JavaScriptCore

Make MarkedBlock::Footer bigger
https://bugs.webkit.org/show_bug.cgi?id=182220

Reviewed by JF Bastien.

This makes the block footer larger by moving the newlyAllocated bits from the handle into
the footer.

It used to be profitable to put anything we could into the handle because that would free up
payload space inside the block. But now that we want to use the footer for padding, it's
profitable to put GC state information - especially data that is used by the GC itself and so
is not useful for a Spectre attack - into the footer to increase object distancing.

  • heap/CellContainer.cpp:

(JSC::CellContainer::isNewlyAllocated const):

  • heap/IsoCellSet.cpp:

(JSC::IsoCellSet::sweepToFreeList):

  • heap/MarkedBlock.cpp:

(JSC::MarkedBlock::Handle::Handle):
(JSC::MarkedBlock::Footer::Footer):
(JSC::MarkedBlock::Handle::stopAllocating):
(JSC::MarkedBlock::Handle::lastChanceToFinalize):
(JSC::MarkedBlock::Handle::resumeAllocating):
(JSC::MarkedBlock::aboutToMarkSlow):
(JSC::MarkedBlock::resetAllocated):
(JSC::MarkedBlock::Handle::resetAllocated): Deleted.

  • heap/MarkedBlock.h:

(JSC::MarkedBlock::newlyAllocatedVersion const):
(JSC::MarkedBlock::isNewlyAllocated):
(JSC::MarkedBlock::setNewlyAllocated):
(JSC::MarkedBlock::clearNewlyAllocated):
(JSC::MarkedBlock::newlyAllocated const):
(JSC::MarkedBlock::Handle::newlyAllocatedVersion const): Deleted.
(JSC::MarkedBlock::Handle::isNewlyAllocated): Deleted.
(JSC::MarkedBlock::Handle::setNewlyAllocated): Deleted.
(JSC::MarkedBlock::Handle::clearNewlyAllocated): Deleted.
(JSC::MarkedBlock::Handle::newlyAllocated const): Deleted.

  • heap/MarkedBlockInlines.h:

(JSC::MarkedBlock::isNewlyAllocatedStale const):
(JSC::MarkedBlock::hasAnyNewlyAllocated):
(JSC::MarkedBlock::Handle::isLive):
(JSC::MarkedBlock::Handle::specializedSweep):
(JSC::MarkedBlock::Handle::newlyAllocatedMode):
(JSC::MarkedBlock::Handle::isNewlyAllocatedStale const): Deleted.
(JSC::MarkedBlock::Handle::hasAnyNewlyAllocated): Deleted.

  • heap/MarkedSpace.cpp:

(JSC::MarkedSpace::endMarking):

  • heap/SlotVisitor.cpp:

(JSC::SlotVisitor::appendJSCellOrAuxiliary):

Jan 27, 2018:

6:23 PM Changeset in webkit [227717] by fpizlo@apple.com
  • 12 edits in trunk/Source/JavaScriptCore

MarkedBlock should have a footer instead of a header
https://bugs.webkit.org/show_bug.cgi?id=182217

Reviewed by JF Bastien.

This moves the MarkedBlock's meta-data from the header to the footer. This doesn't really
change anything except for some compile-time constants, so it should not affect performance.

This change is to help protect against Spectre attacks on structure checks, which allow for
small-offset out-of-bounds access. By putting the meta-data at the end of the block, small
OOBs will only get to other objects in the same block or the block footer. The block footer
is not super interesting. So, if we combine this with the TLC change (r227617), this means we
can use blocks as the mechanism of achieving distance between objects from different origins.
We just need to avoid ever putting objects from different origins in the same block. That's
what bug 181636 is about.

  • heap/BlockDirectory.cpp:

(JSC::blockHeaderSize): Deleted.
(JSC::BlockDirectory::blockSizeForBytes): Deleted.

  • heap/BlockDirectory.h:
  • heap/HeapUtil.h:

(JSC::HeapUtil::findGCObjectPointersForMarking):

  • heap/MarkedBlock.cpp:

(JSC::MarkedBlock::MarkedBlock):
(JSC::MarkedBlock::~MarkedBlock):
(JSC::MarkedBlock::Footer::Footer):
(JSC::MarkedBlock::Footer::~Footer):
(JSC::MarkedBlock::Handle::stopAllocating):
(JSC::MarkedBlock::Handle::lastChanceToFinalize):
(JSC::MarkedBlock::Handle::resumeAllocating):
(JSC::MarkedBlock::aboutToMarkSlow):
(JSC::MarkedBlock::resetMarks):
(JSC::MarkedBlock::assertMarksNotStale):
(JSC::MarkedBlock::Handle::didConsumeFreeList):
(JSC::MarkedBlock::markCount):
(JSC::MarkedBlock::clearHasAnyMarked):
(JSC::MarkedBlock::Handle::didAddToDirectory):
(JSC::MarkedBlock::Handle::didRemoveFromDirectory):
(JSC::MarkedBlock::Handle::sweep):

  • heap/MarkedBlock.h:

(JSC::MarkedBlock::markingVersion const):
(JSC::MarkedBlock::lock):
(JSC::MarkedBlock::subspace const):
(JSC::MarkedBlock::footer):
(JSC::MarkedBlock::footer const):
(JSC::MarkedBlock::handle):
(JSC::MarkedBlock::handle const):
(JSC::MarkedBlock::Handle::blockFooter):
(JSC::MarkedBlock::isAtomAligned):
(JSC::MarkedBlock::Handle::cellAlign):
(JSC::MarkedBlock::blockFor):
(JSC::MarkedBlock::vm const):
(JSC::MarkedBlock::weakSet):
(JSC::MarkedBlock::cellSize):
(JSC::MarkedBlock::attributes const):
(JSC::MarkedBlock::atomNumber):
(JSC::MarkedBlock::areMarksStale):
(JSC::MarkedBlock::aboutToMark):
(JSC::MarkedBlock::isMarkedRaw):
(JSC::MarkedBlock::isMarked):
(JSC::MarkedBlock::testAndSetMarked):
(JSC::MarkedBlock::marks const):
(JSC::MarkedBlock::isAtom):
(JSC::MarkedBlock::Handle::forEachCell):
(JSC::MarkedBlock::hasAnyMarked const):
(JSC::MarkedBlock::noteMarked):
(WTF::MarkedBlockHash::hash):
(JSC::MarkedBlock::firstAtom): Deleted.

  • heap/MarkedBlockInlines.h:

(JSC::MarkedBlock::marksConveyLivenessDuringMarking):
(JSC::MarkedBlock::Handle::isLive):
(JSC::MarkedBlock::Handle::specializedSweep):
(JSC::MarkedBlock::Handle::forEachLiveCell):
(JSC::MarkedBlock::Handle::forEachDeadCell):
(JSC::MarkedBlock::Handle::forEachMarkedCell):

  • heap/MarkedSpace.cpp:
  • heap/MarkedSpace.h:
  • llint/LowLevelInterpreter.asm:
  • llint/LowLevelInterpreter32_64.asm:
  • llint/LowLevelInterpreter64.asm:
10:14 AM Changeset in webkit [227716] by Yusuke Suzuki
  • 3 edits
    2 adds in trunk

DFG strength reduction fails to convert NumberToStringWithValidRadixConstant for 0 to constant '0'
https://bugs.webkit.org/show_bug.cgi?id=182213

Reviewed by Mark Lam.

JSTests:

  • stress/int32-min-to-string.js: Added.

(shouldBe):
(test2):
(test4):
(test8):
(test16):
(test32):

  • stress/zero-to-string.js: Added.

(shouldBe):
(test2):
(test4):
(test8):
(test16):
(test32):

Source/JavaScriptCore:

toStringWithRadixInternal is originally used for the slow path if the given value is larger than radix or negative.
As a result, it does not accept 0 correctly, and produces an empty string. Since DFGStrengthReductionPhase uses
this function, it accidentally converts NumberToStringWithValidRadixConstant(0, radix) to an empty string.
This patch fixes toStringWithRadixInternal to accept 0. This change fixes twitch.tv's issue.

We also add a careful cast to avoid -INT32_MIN. It does not produce incorrect value in x86 in practice,
but it is UB, and a compiler may assume that the given value is never INT32_MIN and could do an incorrect optimization.

  • runtime/NumberPrototype.cpp:

(JSC::toStringWithRadixInternal):

9:50 AM Changeset in webkit [227715] by mitz@apple.com
  • 12 edits in trunk

HaveInternalSDK includes should be "#include?"
https://bugs.webkit.org/show_bug.cgi?id=179670

Source/ThirdParty:

  • gtest/xcode/Config/General.xcconfig:

Source/ThirdParty/ANGLE:

  • Configurations/Base.xcconfig:

Source/ThirdParty/libwebrtc:

  • Configurations/Base.xcconfig:

Source/WebCore/PAL:

  • Configurations/Base.xcconfig:

Source/WebKitLegacy/mac:

  • Configurations/Base.xcconfig:

Tools:

  • DumpRenderTree/mac/Configurations/Base.xcconfig:
1:26 AM Changeset in webkit [227714] by graouts@webkit.org
  • 11 edits
    1 add in trunk

[Web Animations] Distinguish between an omitted and a null timeline argument to the Animation constructor
https://bugs.webkit.org/show_bug.cgi?id=179065
LayoutTests/imported/w3c:

Reviewed by Dean Jackson.

Update WPT test output with progressions.

  • web-platform-tests/web-animations/interfaces/Animation/constructor-expected.txt:
  • web-platform-tests/web-animations/timing-model/animations/reversing-an-animation-expected.txt:
  • web-platform-tests/web-animations/timing-model/animations/set-the-timeline-of-an-animation-expected.txt:

Source/WebCore:

<rdar://problem/36869046>

Reviewed by Dean Jackson.

The Web Animations specification requires that a missing or undefined "timeline" parameter means that the
document's timeline should be used, but a null value should be supported. To support this, we need to provide
a custom Animation constructor where we can check on the ExecState whether the second argument passed is
undefined, which is true if an explicit "undefined" value is passed or if the argument does not exist.

  • Sources.txt: Add the new JSWebAnimationCustom.cpp file.
  • WebCore.xcodeproj/project.pbxproj: Add the new JSWebAnimationCustom.cpp file.
  • animation/WebAnimation.cpp:

(WebCore::WebAnimation::create): Add a create() variant that doesn't provide an AnimationTimeline parameter
to clearly indicate that the provided Document's timeline should be used.

  • animation/WebAnimation.h:
  • animation/WebAnimation.idl:
  • bindings/js/JSWebAnimationCustom.cpp: Added.

(WebCore::constructJSWebAnimation): Provide a custom Animation constructor where we check whether the second
argument, the timeline, is undefined.

  • dom/Element.cpp:

(WebCore::Element::animate): Use the new create() variant since passing "nullptr" now means a null timeline.

Note: See TracTimeline for information about the timeline view.