Timeline



Feb 6, 2019:

11:04 PM Changeset in webkit [241118] by Keith Rollin
  • 2 edits in trunk/Tools

Remove Info.plist from MobileMiniBrowser.framework's Copy Bundle Resources phase
https://bugs.webkit.org/show_bug.cgi?id=193975
<rdar://problem/47643306>

Reviewed by Tim Horton.

The MobileMiniBrowser.framework's Copy Bundle Resources phase copies
the Info.plist file into the bundle. This step is not necessary as the
implicit "bundle up all the build products into a framework" build
phase does this already. Having the Copy Bundle Resources phase do
this causes a conflict under XCBuild, which objects to two build
phases producing the same file (Info.plist). Address this by removing
Info.plist from the Copy Bundle Resources phase.

  • MobileMiniBrowser/MobileMiniBrowser.xcodeproj/project.pbxproj:
9:51 PM Changeset in webkit [241117] by ysuzuki@apple.com
  • 3 edits in trunk/Source/JavaScriptCore

[JSC] Use BufferInternal single character StringImpl for SmallStrings
https://bugs.webkit.org/show_bug.cgi?id=194374

Reviewed by Geoffrey Garen.

Currently, we first create a large StringImpl, and create bunch of substrings with length = 1.
But pointer is larger than single character. BufferInternal StringImpl with single character
is more memory efficient.

  • runtime/SmallStrings.cpp:

(JSC::SmallStringsStorage::SmallStringsStorage):
(JSC::SmallStrings::SmallStrings):

  • runtime/SmallStrings.h:
9:39 PM Changeset in webkit [241116] by Alan Coon
  • 1 edit in branches/safari-607-branch/Source/WebCore/loader/FrameLoaderTypes.h

Unreviewed build fix. rdar://problem/47822019

9:18 PM Changeset in webkit [241115] by mitz@apple.com
  • 9 copies
    1 add in releases/Apple/Safari Technology Preview 75

Added a tag for Safari Technology Preview release 75.

8:26 PM Changeset in webkit [241114] by ysuzuki@apple.com
  • 3 edits
    1 add in trunk

[JSC] InitializeEntrypointArguments should produce SpecCellCheck if FlushFormat is FlushedCell
https://bugs.webkit.org/show_bug.cgi?id=194369
<rdar://problem/47813087>

Reviewed by Saam Barati.

JSTests:

  • stress/initialize-entrypoint-arguments-with-tdz.js: Added.

(A):

Source/JavaScriptCore:

InitializeEntrypointArguments says SpecCell if the FlushFormat is FlushedCell. But this actually has
JSEmpty if it is TDZ. This incorrectly proved type information removes necessary CheckNotEmpty in
constant folding phase.

  • dfg/DFGAbstractInterpreterInlines.h:

(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):

7:13 PM Changeset in webkit [241113] by benjamin@webkit.org
  • 16 edits in trunk/Source

Unreviewed, rolling out r240759 and r240944.

Some timer uses are done off the main thread, WebCore::Timer
cannot be used

Reverted changesets:

"<rdar://problem/47570443> Responsiveness timers are too
expensive for frequent events"
https://bugs.webkit.org/show_bug.cgi?id=194003
https://trac.webkit.org/changeset/240759

"Use deferrable timer to restart the Responsiveness Timer on
each wheel event"
https://bugs.webkit.org/show_bug.cgi?id=194135
https://trac.webkit.org/changeset/240944

6:53 PM Changeset in webkit [241112] by Chris Fleizach
  • 2 edits in trunk/Source/WebKit

AX: com.apple.WebKit.WebContent at WebKit: -[WKAccessibilityWebPageObjectBase axObjectCache]
https://bugs.webkit.org/show_bug.cgi?id=194306
<rdar://problem/47764549>

Reviewed by Zalan Bujtas.

Check the page reference is still valid.
Modernize code in this area.

  • WebProcess/WebPage/mac/WKAccessibilityWebPageObjectBase.mm:
4:42 PM Changeset in webkit [241111] by Keith Rollin
  • 3 edits in trunk/Source/WebCore

Update .xcfilelist files

Unreviewed build fix.

  • DerivedSources-input.xcfilelist:
  • DerivedSources-output.xcfilelist:
4:31 PM Changeset in webkit [241110] by Devin Rousso
  • 10 edits in trunk

Web Inspector: DOM: don't send the entire function string with each event listener
https://bugs.webkit.org/show_bug.cgi?id=194293
<rdar://problem/47822809>

Reviewed by Joseph Pecoraro.

Source/JavaScriptCore:

  • inspector/protocol/DOM.json:
  • runtime/JSFunction.h:

Export calculatedDisplayName.

Source/WebCore:

Test: inspector/dom/getEventListenersForNode.html

  • inspector/agents/InspectorDOMAgent.cpp:

(WebCore::InspectorDOMAgent::buildObjectForEventListener):

Source/WebInspectorUI:

  • UserInterface/Views/EventListenerSectionGroup.js:

(WI.EventListenerSectionGroup.prototype._functionTextOrLink):

LayoutTests:

  • inspector/dom/getEventListenersForNode.html:
  • inspector/dom/getEventListenersForNode-expected.txt:
4:23 PM Changeset in webkit [241109] by dbates@webkit.org
  • 5 edits in trunk/Source/WebKit

Move toNSEventModifierFlags() and toNSButtonNumber() to WebEventFactory.mm
https://bugs.webkit.org/show_bug.cgi?id=194321

Reviewed by Jer Noble.

Move some code to WebEventFactory so that it can be shared by both WKNavigationAction.mm
and UIDelegate.mm among other benefits.

  • Shared/mac/WebEventFactory.h:
  • Shared/mac/WebEventFactory.mm:

(WebKit::WebEventFactory::toNSEventModifierFlags):
(WebKit::WebEventFactory::toNSButtonNumber):

  • UIProcess/API/Cocoa/WKNavigationAction.mm:

(-[WKNavigationAction modifierFlags]):
(-[WKNavigationAction buttonNumber]):
(toNSEventModifierFlags): Deleted.
(toNSButtonNumber): Deleted.

  • UIProcess/Cocoa/UIDelegate.mm:

(WebKit::UIDelegate::UIClient::mouseDidMoveOverElement):
(WebKit::toNSEventModifierFlags): Deleted.

4:03 PM Changeset in webkit [241108] by Alan Coon
  • 2 edits in branches/safari-607-branch/LayoutTests

Cherry-pick r241031. rdar://problem/47866495

Revert part of r241015 that skipped all WebGL tests

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241031 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4:02 PM Changeset in webkit [241107] by Alan Coon
  • 4 edits
    2 adds in branches/safari-607-branch

Cherry-pick r241015. rdar://problem/47866495

REGRESSION (r240909): Release assert in FrameLoader::loadURL when navigating with a non-existent target name
https://bugs.webkit.org/show_bug.cgi?id=194329

Reviewed by Geoffrey Garen.

Source/WebCore:

The bug was caused by the code path for when navigating with a specific target frame name that does not exist
never setting the load type of PolicyChecker. As a result, we would use whatever load type used in the previous
navigation, resulting in this release assertion.

Updating the load type here should in theory fix the underlying bug r240909 was meant to catch & fix.

Test: fast/loader/navigate-with-new-target-after-back-forward-navigation.html

  • loader/FrameLoader.cpp: (WebCore::FrameLoader::loadURL):

LayoutTests:

Added a regression test.

  • fast/loader/navigate-with-new-target-after-back-forward-navigation-expected.txt: Added.
  • fast/loader/navigate-with-new-target-after-back-forward-navigation.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241015 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4:02 PM Changeset in webkit [241106] by Alan Coon
  • 29 edits in branches/safari-607-branch/Source

Apply patch. rdar://problem/47822019

3:18 PM Changeset in webkit [241105] by aestes@apple.com
  • 29 edits
    3 copies in trunk

[Payment Request] It should be possible to require a phonetic name for shipping contacts
https://bugs.webkit.org/show_bug.cgi?id=194311
<rdar://46733045>

Reviewed by Alex Christensen.

Source/WebCore:

It should be possible to require that a shipping contact has a phonetic name in Payment Request.
To accomplish this, move requiredShippingContactFields from ApplePayPaymentRequest to
ApplePayRequestBase so that it can be used as part of an Apple Pay payment method data.

Since required shipping contact fields can now be specified both in
requiredShippingContactFields and PaymentOptions, we merge the required fields from these
two sources such that, e.g., email is required if it is specified in either place.

So that clients can detect this new feature, the API version number is bumped from 5 to 6.

Added test cases to ApplePayRequestShippingContact.https.html and ApplePayRequestShippingContactV3.https.html.

  • DerivedSources.make:
  • Modules/applepay/ApplePayPaymentRequest.h:
  • Modules/applepay/ApplePayPaymentRequest.idl:
  • Modules/applepay/ApplePayRequestBase.cpp:

(WebCore::convertAndValidate):

  • Modules/applepay/ApplePayRequestBase.h:
  • Modules/applepay/ApplePayRequestBase.idl:
  • Modules/applepay/ApplePaySession.cpp:

(WebCore::convertAndValidate):

  • Modules/applepay/PaymentCoordinatorClient.cpp: Added.

(WebCore::PaymentCoordinatorClient::supportsVersion):

  • Modules/applepay/PaymentCoordinatorClient.h:
  • Modules/applepay/paymentrequest/ApplePayPaymentHandler.cpp:

(WebCore::mergePaymentOptions):
(WebCore::ApplePayPaymentHandler::show):

  • SourcesCocoa.txt:
  • WebCore.xcodeproj/project.pbxproj:
  • loader/EmptyClients.cpp:
  • testing/MockPaymentContactFields.h: Added.

(WebCore::MockPaymentContactFields::MockPaymentContactFields):

  • testing/MockPaymentContactFields.idl: Added.
  • testing/MockPaymentCoordinator.cpp:

(WebCore::MockPaymentCoordinator::showPaymentUI):
(WebCore::MockPaymentCoordinator::supportsVersion): Deleted.

  • testing/MockPaymentCoordinator.h:
  • testing/MockPaymentCoordinator.idl:

Source/WebKit:

  • WebProcess/ApplePay/WebPaymentCoordinator.cpp:

(WebKit::WebPaymentCoordinator::supportsVersion): Deleted.

  • WebProcess/ApplePay/WebPaymentCoordinator.h:

Source/WebKitLegacy/mac:

  • WebCoreSupport/WebPaymentCoordinatorClient.h:
  • WebCoreSupport/WebPaymentCoordinatorClient.mm:

(WebPaymentCoordinatorClient::supportsVersion): Deleted.

LayoutTests:

  • http/tests/ssl/applepay/ApplePayRequestShippingContact.https-expected.txt:
  • http/tests/ssl/applepay/ApplePayRequestShippingContact.https.html:
  • http/tests/ssl/applepay/ApplePayRequestShippingContactV3.https-expected.txt:
  • http/tests/ssl/applepay/ApplePayRequestShippingContactV3.https.html:
  • http/tests/ssl/applepay/PaymentRequest.https-expected.txt:
  • http/tests/ssl/applepay/PaymentRequest.https.html:
2:58 PM Changeset in webkit [241104] by ysuzuki@apple.com
  • 26 edits in trunk

[JSC] PrivateName to PublicName hash table is wasteful
https://bugs.webkit.org/show_bug.cgi?id=194277

Reviewed by Michael Saboff.

JSTests:

This test depends on the order of JSSegmentedVariableObjects' variables, which is not guaranteed in JSC. Skipped.

  • ChakraCore.yaml:

Source/JavaScriptCore:

PrivateNames account for a lot of memory in the initial JSC footprint. BuiltinNames have Identifier fields corresponding to these PrivateNames
which makes the sizeof(BuiltinNames) about 6KB. It also maintains hash tables for "PublicName to PrivateName" and "PrivateName to PublicName",
each of which takes 16KB memory. While "PublicName to PrivateName" functionality is used in builtin JS (parsing "@xxx" and get a private
name for "xxx"), "PrivateName to PublicName" is rarely used. Holding 16KB hash table for rarely used feature is costly.

In this patch, we add some rules to remove "PrivateName to PublicName" hash table.

  1. PrivateName's content should be the same to PublicName.
  2. If PrivateName is not actually a private name (we introduced hacky mapping like "@iteratorSymbol" => Symbol.iterator), the public name should be easily crafted from the given PrivateName.

We modify the content of private names to ensure (1). And for (2), we can meet this requirement by ensuring that the "@xxxSymbol"
is converted to "Symbol.xxx". (1) and (2) allow us to convert a private name to a public name without a large hash table.

We also remove unused identifiers in CommonIdentifiers. And we also move some of them to WebCore's WebCoreBuiltinNames if it is only used in
WebCore.

  • builtins/BuiltinNames.cpp:

(JSC::BuiltinNames::BuiltinNames):

  • builtins/BuiltinNames.h:

(JSC::BuiltinNames::lookUpPrivateName const):
(JSC::BuiltinNames::getPublicName const):
(JSC::BuiltinNames::checkPublicToPrivateMapConsistency):
(JSC::BuiltinNames::appendExternalName):
(JSC::BuiltinNames::lookUpPublicName const): Deleted.

  • builtins/BuiltinUtils.h:
  • bytecode/BytecodeDumper.cpp:

(JSC::BytecodeDumper<Block>::dumpIdentifiers):

  • bytecompiler/NodesCodegen.cpp:

(JSC::BytecodeIntrinsicNode::emit_intrinsic_getByIdDirectPrivate):
(JSC::BytecodeIntrinsicNode::emit_intrinsic_putByIdDirectPrivate):

  • parser/Lexer.cpp:

(JSC::Lexer<LChar>::parseIdentifier):
(JSC::Lexer<UChar>::parseIdentifier):

  • parser/Parser.cpp:

(JSC::Parser<LexerType>::createGeneratorParameters):
(JSC::Parser<LexerType>::parseFunctionDeclaration):
(JSC::Parser<LexerType>::parseAsyncFunctionDeclaration):
(JSC::Parser<LexerType>::parseClassDeclaration):
(JSC::Parser<LexerType>::parseExportDeclaration):
(JSC::Parser<LexerType>::parseMemberExpression):

  • parser/ParserArena.h:

(JSC::IdentifierArena::makeIdentifier):

  • runtime/CachedTypes.cpp:

(JSC::CachedUniquedStringImpl::encode):
(JSC::CachedUniquedStringImpl::decode const):

  • runtime/CommonIdentifiers.cpp:

(JSC::CommonIdentifiers::CommonIdentifiers):
(JSC::CommonIdentifiers::lookUpPrivateName const):
(JSC::CommonIdentifiers::getPublicName const):
(JSC::CommonIdentifiers::lookUpPublicName const): Deleted.

  • runtime/CommonIdentifiers.h:
  • runtime/ExceptionHelpers.cpp:

(JSC::createUndefinedVariableError):

  • runtime/Identifier.cpp:

(JSC::Identifier::dump const):

  • runtime/Identifier.h:
  • runtime/IdentifierInlines.h:

(JSC::Identifier::fromUid):

  • runtime/JSTypedArrayViewPrototype.cpp:

(JSC::JSTypedArrayViewPrototype::finishCreation):

  • tools/JSDollarVM.cpp:

(JSC::functionGetPrivateProperty):

Source/WebCore:

Use WebCoreBuiltinNames instead of adding WebCore names to JSC CommonIdentifiers.

  • bindings/js/JSDOMWindowCustom.cpp:

(WebCore::addCrossOriginPropertyNames):

  • bindings/js/JSLocationCustom.cpp:

(WebCore::getOwnPropertySlotCommon):
(WebCore::putCommon):

  • bindings/js/WebCoreBuiltinNames.h:

LayoutTests:

  • streams/readable-byte-stream-controller-expected.txt:
2:54 PM Changeset in webkit [241103] by Keith Rollin
  • 9 edits in trunk

Really enable the automatic checking and regenerations of .xcfilelists during builds
https://bugs.webkit.org/show_bug.cgi?id=194357
<rdar://problem/47861231>

Reviewed by Chris Dumez.

Bug 194124 was supposed to enable the automatic checking and
regenerating of .xcfilelist files during the build. While related
changes were included in that patch, the change to actually enable the
operation somehow was omitted. This patch actually enables the
operation. The check-xcfilelist.sh scripts now check
WK_DISABLE_CHECK_XCFILELISTS, and if it's "1", opts-out the developer
from the checking.

Source/JavaScriptCore:

  • Scripts/check-xcfilelists.sh:

Source/WebCore:

No new tests since there should be no observable behavior difference.

  • Scripts/check-xcfilelists.sh:

Source/WebKit:

  • Scripts/check-xcfilelists.sh:

Tools:

  • DumpRenderTree/Scripts/check-xcfilelists.sh:
  • WebKitTestRunner/Scripts/check-xcfilelists.sh:
2:18 PM Changeset in webkit [241102] by Alan Coon
  • 1 edit in branches/safari-607-branch/Source/WebKit/UIProcess/mac/DisplayLink.cpp

Unreviewed build fix

2:18 PM Changeset in webkit [241101] by Alan Coon
  • 2 edits in branches/safari-607-branch/Tools/WebKitTestRunner

Unreviewed build fix. rdar://problem/47810458

2:18 PM Changeset in webkit [241100] by Alan Coon
  • 1 edit in branches/safari-607-branch/Source/WebCore/platform/graphics/avfoundation/objc/CDMInstanceFairPlayStreamingAVFObjC.mm

Unreviewed build fix. rdar://problem/47774520

2:18 PM Changeset in webkit [241099] by Alan Coon
  • 3 edits in branches/safari-607-branch/Source/WebCore

Cherry-pick r240804. rdar://problem/47774520

[Cocoa][EME] Modern EME uses a different path for SecureStop data than Legacy EME
https://bugs.webkit.org/show_bug.cgi?id=193988

Reviewed by Jon Lee.

Modern EME is writing SecureStop data as a file at the same path as the
directory used by Legacy EME; meaning, when Modern EME attempts to write
to that file, it will fail because a directory exists at the same path.

Add a migration step to take care of those instances where Modern EME Secure
Stop data was already written to disk, and move that previously written data
to the correct file path.

  • platform/graphics/avfoundation/objc/CDMInstanceFairPlayStreamingAVFObjC.h:
  • platform/graphics/avfoundation/objc/CDMInstanceFairPlayStreamingAVFObjC.mm: (WebCore::CDMInstanceFairPlayStreamingAVFObjC::initializeWithConfiguration): (WebCore::CDMInstanceFairPlayStreamingAVFObjC::setStorageDirectory): (WebCore::CDMInstanceSessionFairPlayStreamingAVFObjC::updateLicense): (WebCore::CDMInstanceSessionFairPlayStreamingAVFObjC::loadSession): (WebCore::CDMInstanceSessionFairPlayStreamingAVFObjC::removeSessionData): (WebCore::CDMInstanceSessionFairPlayStreamingAVFObjC::ensureSession):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240804 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:18 PM Changeset in webkit [241098] by Alan Coon
  • 5 edits in branches/safari-607-branch/Source/WebCore

Cherry-pick r240746. rdar://problem/47774550

[Cocoa][EME] persistent-usage-record data not issued after MediaKeySession.remove()
https://bugs.webkit.org/show_bug.cgi?id=193984

Reviewed by Eric Carlson.

MediaKeySession.sessionId is empty during the CDMInstance->requestLicense success callback handler. The
KVO notification that AVContentKeySession.contentProtectionSessionIdentifier changed isn't called until
after the -[AVContentKeyRequest makeStreamingContentKeyRequestDataForApp:contentIdentifier:options:completionHandler:]
completion handler is called.

Explicitly ask for the -contentProtectionSessionIdentifier inside that handler, and just in case the sessionID
changes after that, add a new client callback method to notify the MediaKeySession that the ID has changed.

  • Modules/encryptedmedia/MediaKeySession.cpp: (WebCore::MediaKeySession::sessionIdChanged):
  • Modules/encryptedmedia/MediaKeySession.h:
  • platform/encryptedmedia/CDMInstanceSession.h:
  • platform/graphics/avfoundation/objc/CDMInstanceFairPlayStreamingAVFObjC.mm: (WebCore::CDMInstanceSessionFairPlayStreamingAVFObjC::didProvideRequest): (WebCore::CDMInstanceSessionFairPlayStreamingAVFObjC::nextRequest):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240746 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:18 PM Changeset in webkit [241097] by Alan Coon
  • 2 edits in branches/safari-607-branch/Source/WebKit

Cherry-pick r239845. rdar://problem/47776472

[macOS] Add name of IORegistry key in sandbox.
https://bugs.webkit.org/show_bug.cgi?id=193335
<rdar://problem/47184951>

Reviewed by Alexey Proskuryakov.

The property IOGVAHEVCDecodeCapabilities was added in https://bugs.webkit.org/show_bug.cgi?id=193324.
Also, the property IOGVAHEVCEncodeCapabilities needs to be added.

  • WebProcess/com.apple.WebProcess.sb.in:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@239845 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:18 PM Changeset in webkit [241096] by Alan Coon
  • 2 edits in branches/safari-607-branch/Source/WebKit

Cherry-pick r239834. rdar://problem/47776472

[macOS] Add name of IORegistry key in sandbox.
https://bugs.webkit.org/show_bug.cgi?id=193324

Reviewed by Brent Fulgham.

IOGVAVTCapabilities key has been changed to IOGVAHEVCDecodeCapabilities.

  • WebProcess/com.apple.WebProcess.sb.in:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@239834 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:18 PM Changeset in webkit [241095] by Alan Coon
  • 1 edit in branches/safari-607-branch/Source/WebCore/Modules/indexeddb/server/SQLiteIDBBackingStore.cpp

Apply patch. rdar://problem/47850665

2:18 PM Changeset in webkit [241094] by Alan Coon
  • 2 edits in branches/safari-607-branch/Source/WebKit

Cherry-pick r240995. rdar://problem/47843415

Reproducible crash under WKShareSheet presentWithParameters when cancelling a share
https://bugs.webkit.org/show_bug.cgi?id=194301
<rdar://problem/47719379>

Reviewed by Beth Dakin.

  • UIProcess/Cocoa/WKShareSheet.mm: (-[WKShareSheet presentWithParameters:completionHandler:]): NSSharingServicePicker's delegate callbacks can be called synchronously. We release the WKShareSheet (which holds our reference to the NSSharingServicePicker) under sharingServicePicker:didChooseSharingService:. On older versions of macOS, there was nothing keeping the NSSharingServicePicker alive inside showRelativeToRect:ofView:preferredEdge:, thus the whole chain of references would fall and result in sending a message to a released NSSharingServicePicker. To resolve this, keep an extra reference to the WKShareSheet until presentation is complete.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240995 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:18 PM Changeset in webkit [241093] by Alan Coon
  • 2 edits in branches/safari-607-branch/Source/WebInspectorUI

Cherry-pick r241003. rdar://problem/47842660

Web Inspector: Elements tab: selection is broken after deleting the selected node
https://bugs.webkit.org/show_bug.cgi?id=194300
<rdar://problem/47829275>

Reviewed by Devin Rousso.

Deleting a TreeElement can cause an IndexSet including indexes
outside the deleted range to be passed to SelectionController,
corrupting the internal selection state.

  • UserInterface/Views/TreeOutline.js: (WI.TreeOutline.prototype._indexesForSubtree.numberOfElementsInSubtree): Added. (WI.TreeOutline.prototype._indexesForSubtree): Finding the last (rightmost leaf) TreeElement in the subtree used TreeElement.prototype.traverseNextElement to do a depth first traversal. This method did not stay within the subtree rooted at treeElement.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241003 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:18 PM Changeset in webkit [241092] by Alan Coon
  • 3 edits in branches/safari-607-branch/LayoutTests

Cherry-pick r240989. rdar://problem/47842627

Web Inspector: Fix modify-css-property-race.html test failures
https://bugs.webkit.org/show_bug.cgi?id=194282

Reviewed by Matt Baker.

Fix test failures introduced by r240946 by providing a message for expectGreaterThan assert,
so it doesn't log the actual values.

  • inspector/css/modify-css-property-race-expected.txt:
  • inspector/css/modify-css-property-race.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240989 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:18 PM Changeset in webkit [241091] by Alan Coon
  • 8 edits
    2 adds in branches/safari-607-branch

Cherry-pick r240946. rdar://problem/47830598

Web Inspector: Styles: fix race conditions when editing
https://bugs.webkit.org/show_bug.cgi?id=192739
<rdar://problem/46752925>

Reviewed by Devin Rousso.

Source/WebInspectorUI:

Editing CSS property in the style editor syncronously updates CSSStyleDeclaration on the front-end
and asyncronously updates the backend by calling CSSAgent.setStyleText. After the new style text is applied
on the backend, CSSStyleDeclaration (on the front-end) gets updated.

Unsure there's no race conditions by introducing _updatesInProgressCount:

  • Increment it before calling CSSAgent.setStyleText.
  • Decrement it after CSSAgent.setStyleText is finished.

Prevent updates of CSSStyleDeclaration when _updatesInProgressCount isn't 0.

  • UserInterface/Models/CSSProperty.js: (WI.CSSProperty.prototype._updateOwnerStyleText):
  • UserInterface/Models/CSSStyleDeclaration.js: (WI.CSSStyleDeclaration): (WI.CSSStyleDeclaration.prototype.set text): Removed. (WI.CSSStyleDeclaration.prototype.setText): Added. Change the setter to a method since it has side effects including an asynchronous backend call.
  • UserInterface/Models/DOMNodeStyles.js: (WI.DOMNodeStyles.prototype.changeStyleText):
  • UserInterface/Views/SpreadsheetStyleProperty.js: (WI.SpreadsheetStyleProperty.prototype.get nameTextField): Removed. (WI.SpreadsheetStyleProperty.prototype.get valueTextField): Removed. Drive-by: remove unused code.

LayoutTests:

  • inspector/css/modify-css-property-expected.txt:
  • inspector/css/modify-css-property-race-expected.txt: Added.
  • inspector/css/modify-css-property-race.html: Added.
  • inspector/css/modify-css-property.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240946 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:18 PM Changeset in webkit [241090] by Alan Coon
  • 1 edit in branches/safari-607-branch/Source/WebCore/page/scrolling/ScrollingStateTree.cpp

Apply patch. rdar://problem/47383968

2:18 PM Changeset in webkit [241089] by Alan Coon
  • 5 edits in branches/safari-607-branch

Cherry-pick r240928. rdar://problem/47810458

Capture state should be managed consistently when doing process swapping
https://bugs.webkit.org/show_bug.cgi?id=194122
<rdar://problem/47609293>

Reviewed by Eric Carlson.

Source/WebKit:

When doing PSON, WebPageProxy::resetState is called.
It resets the media state, but does not call the client delegates.
Instead of directly updating the media state, call the routine used to update it so that client delegates are called.

Covered by new API test and layout test.

  • UIProcess/API/Cocoa/WKWebView.mm: (-[WKWebView _mediaCaptureState]):
  • UIProcess/API/Cocoa/WKWebViewPrivate.h:
  • UIProcess/WebPageProxy.cpp: (WebKit::WebPageProxy::resetState): (WebKit::WebPageProxy::isPlayingMediaDidChange): (WebKit::WebPageProxy::updatePlayingMediaDidChange):
  • UIProcess/WebPageProxy.h:

Tools:

  • TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm: (-[GetUserMediaUIDelegate _webView:requestUserMediaAuthorizationForDevices:url:mainFrameURL:decisionHandler:]): (-[GetUserMediaUIDelegate _webView:checkUserMediaPermissionForURL:mainFrameURL:frameIdentifier:decisionHandler:]): (-[GetUserMediaUIDelegate _webView:mediaCaptureStateDidChange:]):
  • WebKitTestRunner/InjectedBundle/Bindings/TestRunner.idl:
  • WebKitTestRunner/InjectedBundle/TestRunner.cpp: (WTR::TestRunner::isDoingMediaCapture const):
  • WebKitTestRunner/InjectedBundle/TestRunner.h:
  • WebKitTestRunner/TestController.cpp: (WTR::TestController::isDoingMediaCapture const):
  • WebKitTestRunner/TestController.h:
  • WebKitTestRunner/TestInvocation.cpp: (WTR::TestInvocation::didReceiveSynchronousMessageFromInjectedBundle):
  • WebKitTestRunner/cocoa/TestControllerCocoa.mm: (WTR::TestController::isDoingMediaCapture const):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240928 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:18 PM Changeset in webkit [241088] by Alan Coon
  • 16 edits
    2 adds in branches/safari-607-branch

Apply patch. rdar://problem/47810458

fix-194122

2:17 PM Changeset in webkit [241087] by Alan Coon
  • 29 edits
    12 adds in branches/safari-607-branch

Cherry-pick r239752. rdar://problem/47776478

[WebAuthN] Support U2F HID Authenticators on macOS
https://bugs.webkit.org/show_bug.cgi?id=191535
<rdar://problem/47102027>

Reviewed by Brent Fulgham.

Source/WebCore:

This patch changes U2fCommandConstructor to produce register commands with
enforcing test of user presence. Otherwise, authenticators would silently
generate credentials. It also renames readFromU2fSignResponse to
readU2fSignResponse.

Tests: http/wpt/webauthn/public-key-credential-create-failure-u2f-silent.https.html

http/wpt/webauthn/public-key-credential-create-failure-u2f.https.html
http/wpt/webauthn/public-key-credential-create-success-u2f.https.html
http/wpt/webauthn/public-key-credential-get-failure-u2f-silent.https.html
http/wpt/webauthn/public-key-credential-get-failure-u2f.https.html
http/wpt/webauthn/public-key-credential-get-success-u2f.https.html

  • Modules/webauthn/fido/U2fCommandConstructor.cpp: (fido::WebCore::constructU2fRegisterCommand):
  • Modules/webauthn/fido/U2fResponseConverter.cpp: (fido::readU2fSignResponse): (fido::readFromU2fSignResponse): Deleted.
  • Modules/webauthn/fido/U2fResponseConverter.h:

Source/WebKit:

This patch implements the support for U2F authenticators, and enables it for hid devices.
It follows the CTAP spec to map WebAuthN requests to U2F commands and return the responses:
https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-client-to-authenticator-protocol-v2.0-id-20180227.html#u2f-interoperability
Most of the parts are done before this patch, this patch focues on: 7.2.2 and 7.3.2.

Besides implementing the U2fHidAuthenticator, this patch also adds support in the mocking
environment for U2F authenticators. It is done by extending the stages in MockHidConnection
from 4 to indefinite as multi-round communications are expected to map WebAuthN requests
to U2F requests.

  • Sources.txt:
  • UIProcess/API/C/WKWebsiteDataStoreRef.cpp: (WKWebsiteDataStoreSetWebAuthenticationMockConfiguration):
  • UIProcess/WebAuthentication/Cocoa/HidService.mm: (WebKit::HidService::continueAddDeviceAfterGetInfo):
  • UIProcess/WebAuthentication/fido/CtapHidDriver.cpp: (WebKit::CtapHidDriver::continueAfterChannelAllocated):
  • UIProcess/WebAuthentication/fido/CtapHidDriver.h: (WebKit::CtapHidDriver::setProtocol):
  • UIProcess/WebAuthentication/fido/U2fHidAuthenticator.cpp: Added. (WebKit::U2fHidAuthenticator::U2fHidAuthenticator): (WebKit::U2fHidAuthenticator::makeCredential): (WebKit::U2fHidAuthenticator::checkExcludeList): (WebKit::U2fHidAuthenticator::issueRegisterCommand): (WebKit::U2fHidAuthenticator::getAssertion): (WebKit::U2fHidAuthenticator::issueSignCommand): (WebKit::U2fHidAuthenticator::issueNewCommand): (WebKit::U2fHidAuthenticator::issueCommand): (WebKit::U2fHidAuthenticator::responseReceived): (WebKit::U2fHidAuthenticator::continueRegisterCommandAfterResponseReceived): (WebKit::U2fHidAuthenticator::continueCheckOnlyCommandAfterResponseReceived): (WebKit::U2fHidAuthenticator::continueBogusCommandAfterResponseReceived): (WebKit::U2fHidAuthenticator::continueSignCommandAfterResponseReceived):
  • UIProcess/WebAuthentication/fido/U2fHidAuthenticator.h: Added.
  • UIProcess/WebAuthentication/Mock/MockHidConnection.cpp: (WebKit::MockHidConnection::parseRequest): (WebKit::MockHidConnection::feedReports):
  • UIProcess/WebAuthentication/Mock/MockHidConnection.h:
  • UIProcess/WebAuthentication/Mock/MockWebAuthenticationConfiguration.h:
  • WebKit.xcodeproj/project.pbxproj:

Tools:

This patch:
1) adds support for U2F mocking mechanism;
2) updates tests to reflect U2fCommandConstructor changes.

  • TestWebKitAPI/Tests/WebCore/CtapResponseTest.cpp: (TestWebKitAPI::TEST):
  • TestWebKitAPI/Tests/WebCore/FidoTestData.h:
  • WebKitTestRunner/InjectedBundle/TestRunner.cpp: (WTR::TestRunner::setWebAuthenticationMockConfiguration):

LayoutTests:

Besiding adding tests for U2F authenticators, it also changes payloadBase64 from
a string to a vector of strings. New tests are skipped for iOS.

  • http/wpt/webauthn/ctap-hid-failure.https.html:
  • http/wpt/webauthn/ctap-hid-success.https.html:
  • http/wpt/webauthn/public-key-credential-create-failure-hid-silent.https.html:
  • http/wpt/webauthn/public-key-credential-create-failure-hid.https.html:
  • http/wpt/webauthn/public-key-credential-create-failure-u2f-silent.https-expected.txt: Added.
  • http/wpt/webauthn/public-key-credential-create-failure-u2f-silent.https.html: Added.
  • http/wpt/webauthn/public-key-credential-create-failure-u2f.https-expected.txt: Added.
  • http/wpt/webauthn/public-key-credential-create-failure-u2f.https.html: Added.
  • http/wpt/webauthn/public-key-credential-create-success-hid.https.html:
  • http/wpt/webauthn/public-key-credential-create-success-u2f.https-expected.txt: Added.
  • http/wpt/webauthn/public-key-credential-create-success-u2f.https.html: Copied from LayoutTests/http/wpt/webauthn/public-key-credential-create-success-hid.https.html.
  • http/wpt/webauthn/public-key-credential-get-failure-hid-silent.https.html:
  • http/wpt/webauthn/public-key-credential-get-failure-hid.https.html:
  • http/wpt/webauthn/public-key-credential-get-failure-u2f-silent.https-expected.txt: Added.
  • http/wpt/webauthn/public-key-credential-get-failure-u2f-silent.https.html: Added.
  • http/wpt/webauthn/public-key-credential-get-failure-u2f.https-expected.txt: Added.
  • http/wpt/webauthn/public-key-credential-get-failure-u2f.https.html: Added.
  • http/wpt/webauthn/public-key-credential-get-success-hid.https.html:
  • http/wpt/webauthn/public-key-credential-get-success-u2f.https-expected.txt: Added.
  • http/wpt/webauthn/public-key-credential-get-success-u2f.https.html: Added.
  • http/wpt/webauthn/resources/util.js:
  • platform/ios-wk2/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@239752 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:17 PM Changeset in webkit [241086] by Alan Coon
  • 2 edits in branches/safari-607-branch/Source/WebInspectorUI

Cherry-pick r240997. rdar://problem/47838594

Web Inspector: REGRESSION (r240947): Resources tab: can't select main frame after refreshing page
https://bugs.webkit.org/show_bug.cgi?id=194254
<rdar://problem/47805023>

Reviewed by Devin Rousso.

  • UserInterface/Views/TreeOutline.js: (WI.TreeOutline.prototype.selectionControllerSelectionDidChange): TreeOutline should always call the TreeElement select and deselect methods while processing selection changes. Having notifications suppressed by this._suppressNextSelectionDidChangeEvent should only affect the dispatching of TreeOutline events.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240997 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:17 PM Changeset in webkit [241085] by Alan Coon
  • 2 edits in branches/safari-607-branch/Source/WebKit

Cherry-pick r240974. rdar://problem/47830620

Protect globalWebSocketStreamMap with a Lock
https://bugs.webkit.org/show_bug.cgi?id=194224
<rdar://problem/47581081>

Reviewed by Ryosuke Niwa.

  • WebProcess/Network/WebSocketStream.cpp: (WebKit::WebSocketStream::streamWithIdentifier): (WebKit::WebSocketStream::networkProcessCrashed): (WebKit::WebSocketStream::WebSocketStream): (WebKit::WebSocketStream::~WebSocketStream):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240974 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:17 PM Changeset in webkit [241084] by Alan Coon
  • 2 edits in branches/safari-607-branch/Source/WebInspectorUI

Cherry-pick r240947. rdar://problem/47830605

Web Inspector: REGRESSION: clicking a selected call frame doesn't re-scroll
https://bugs.webkit.org/show_bug.cgi?id=194169
<rdar://problem/47743864>

Reviewed by Devin Rousso.

  • UserInterface/Views/TreeOutline.js: (WI.TreeOutline.prototype._handleMouseDown): Add a special case for a single-selection TreeOutline with allowsRepeatSelection enabled. Since the element is already selected, bypass the SelectionCongroller and dispatch an event with event.data.selectedByUser set to true.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240947 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:17 PM Changeset in webkit [241083] by Alan Coon
  • 3 edits in branches/safari-607-branch/Source/WebCore

Cherry-pick r240930. rdar://problem/47810469

Make sure to remove the device observer in AVVideoCaptureSource
https://bugs.webkit.org/show_bug.cgi?id=194181
<rdar://problem/47739247>

Reviewed by Eric Carlson.

Make sure to remove the device observer when the observer is destroyed.
To simplify things, add the observer in AVVideoCaptureSource constructor and remove it in the destructor.

Make also sure the session observer is also removed whenever the session is released by AVVideoCaptureSource.

Covered by manual test.

  • platform/mediastream/mac/AVVideoCaptureSource.h:
  • platform/mediastream/mac/AVVideoCaptureSource.mm: (WebCore::AVVideoCaptureSource::AVVideoCaptureSource): (WebCore::AVVideoCaptureSource::~AVVideoCaptureSource): (WebCore::AVVideoCaptureSource::initializeSession): (WebCore::AVVideoCaptureSource::clearSession): (WebCore::AVVideoCaptureSource::stopProducingData): (WebCore::AVVideoCaptureSource::setupSession):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240930 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:17 PM Changeset in webkit [241082] by Alan Coon
  • 2 edits in branches/safari-607-branch/Source/WebKit

Cherry-pick r240925. rdar://problem/47774545

Unreviewed, avoid -Wswitch warnings introduced in r240880
https://bugs.webkit.org/show_bug.cgi?id=193740
<rdar://problem/47527267>

  • NetworkProcess/soup/NetworkDataTaskSoup.cpp: (WebKit::NetworkDataTaskSoup::dispatchDidReceiveResponse):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240925 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:17 PM Changeset in webkit [241081] by Alan Coon
  • 1 edit in branches/safari-607-branch/Source/JavaScriptCore/ChangeLog

Cherry-pick r240917. rdar://problem/47810465

DFG's doesGC() is incorrect about the SameValue node's behavior.
https://bugs.webkit.org/show_bug.cgi?id=194211
<rdar://problem/47608913>

Reviewed by Saam Barati.

Only the DoubleRepUse case is guaranteed to not GC. The other case may GC because
it calls operationSameValue() which may allocate memory for resolving ropes.

  • dfg/DFGDoesGC.cpp: (JSC::DFG::doesGC):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240917 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:17 PM Changeset in webkit [241080] by Alan Coon
  • 13 edits in branches/safari-607-branch

Cherry-pick r240880. rdar://problem/47774545

REGRESSION: Flaky ASSERTION FAILED: m_uncommittedState.state == State::Committed on http/tests/cookies/same-site/fetch-after-top-level-navigation-initiated-from-iframe-in-cross-origin-page.html
https://bugs.webkit.org/show_bug.cgi?id=193740
<rdar://problem/47527267>

Reviewed by Alex Christensen.

Source/WebCore:

  • loader/DocumentLoader.cpp: (WebCore::DocumentLoader::willSendRequest): (WebCore::DocumentLoader::continueAfterContentPolicy):
  • loader/FrameLoader.cpp: (WebCore::FrameLoader::loadURL): (WebCore::FrameLoader::loadWithDocumentLoader): (WebCore::FrameLoader::continueLoadAfterNavigationPolicy):
  • loader/FrameLoader.h:
  • loader/FrameLoaderTypes.h:
  • loader/PolicyChecker.cpp: (WebCore::PolicyChecker::checkNavigationPolicy): (WebCore::PolicyChecker::checkNewWindowPolicy):
  • loader/PolicyChecker.h:

Source/WebKit:

The issue was happening when the page is triggering a cross-site navigation while in the middle of parsing. This would cause us to
start a new provisional load in a new process before the previous process sends the DidFinishLoadForFrame() IPC to the UIProcess.
Getting such IPC after a provisional load has started would mess up our state machine and trip assertions.

This patch restores non-PSON behavior which is that the previous load in the old process now gets stopped so that no DidFinishLoadForFrame()
/ DidFailLoadForFrame() gets sent. To achieve this behavior, I introduced a new "StopAllLoads" PolicyAction that we now send the old
process when the load is continuing in a new process, instead of sending it "Ignore".

  • NetworkProcess/NetworkDataTaskBlob.cpp: (WebKit::NetworkDataTaskBlob::dispatchDidReceiveResponse):
  • NetworkProcess/cocoa/NetworkSessionCocoa.mm: (toNSURLSessionResponseDisposition):
  • UIProcess/WebPageProxy.cpp: (WebKit::WebPageProxy::receivedNavigationPolicyDecision):

Tools:

Add API test coverage.

  • TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240880 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:17 PM Changeset in webkit [241079] by Alan Coon
  • 2 edits in branches/safari-607-branch/Tools

Cherry-pick r240856. rdar://problem/47774509

API Test broken: TestWebKitAPI.WebKit2.GetUserMediaReprompt
https://bugs.webkit.org/show_bug.cgi?id=194155

Reviewed by Eric Carlson.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240856 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:17 PM Changeset in webkit [241078] by Alan Coon
  • 2 edits in branches/safari-607-branch/Source/WebCore

Cherry-pick r240833. rdar://problem/47774523

[Cocoa][EME] AirPlaying a FairPlay-protected HLS stream fails to decrypt
https://bugs.webkit.org/show_bug.cgi?id=194114

Reviewed by Eric Carlson.

The AVAssetResourceLoaderDelegate must explicitly... delegate responsibility for FairPlay key
requests to the AVContentKeySession.

  • platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm: (WebCore::MediaPlayerPrivateAVFoundationObjC::shouldWaitForLoadingOfResource):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240833 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:17 PM Changeset in webkit [241077] by Alan Coon
  • 2 edits in branches/safari-607-branch/Source/WebCore

Cherry-pick r240822. rdar://problem/47774539

[Mac] Requesting PiP from two different WebViews gets PiP window "stuck"
https://bugs.webkit.org/show_bug.cgi?id=194099
<rdar://problem/47271323>

Reviewed by Eric Carlson.

When a different client requests the PiP window, the PiP framework will call -pipDidClose: without
first calling -pipActionStop:. This leaves the internal fullscreen state in a confused state where
the WebView will attempt to re-enter PiP once it gets focus, and can lead to a state where the two
WebViews will constantly try to steal PiP from one another, ad infinitum.

When receiving a notification that the PiP window closed when our internal state tells us that the
close was not requested, notify the client that PiP mode was exited, allowing them to set their
expected state to a correct and sane value.

  • platform/mac/VideoFullscreenInterfaceMac.mm: (-[WebVideoFullscreenInterfaceMacObjC pipDidClose:]):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240822 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:17 PM Changeset in webkit [241076] by Alan Coon
  • 4 edits in branches/safari-607-branch/Source/WebInspectorUI

Cherry-pick r240819. rdar://problem/47774546

REGRESSION(r?): Web Inspector: Clicking on text doesn't move text caret when editing innerHTML/tagName/attribute
https://bugs.webkit.org/show_bug.cgi?id=192652
<rdar://problem/46684612>

Reviewed by Devin Rousso.

  • UserInterface/Views/DOMTreeElement.js: (WI.DOMTreeElement.prototype.canSelectOnMouseDown): Call to Event.preventDefault() should be made here instead of at the TreeOutline level.
  • UserInterface/Views/TreeElement.js: (WI.TreeElement.prototype.selectOnMouseDown): Deleted. Remove dead code.
  • UserInterface/Views/TreeOutline.js: (WI.TreeOutline._handleMouseDown): Do not prevent default event handling when the item cannot be selected. This matches TreeOutline behavior prior to introducing SelectionController.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240819 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:17 PM Changeset in webkit [241075] by Alan Coon
  • 7 edits in branches/safari-607-branch

Cherry-pick r240818. rdar://problem/47774549

Page zoom level is lost after a process swap or a crash
https://bugs.webkit.org/show_bug.cgi?id=194105
<rdar://problem/47610781>

Reviewed by Alex Christensen.

Source/WebKit:

Previously, when the client would call setPageAndTextZoomFactors() on the WebPageProxy,
we would update the WebPageProxy's corresponding data members and send an IPC to the
WebProcess to apply the zoom factors.

The issue is that on process crash or process-swap, we never communicate those zoom factors
to the new WebProcess. Even if the client were to call setPageAndTextZoomFactors() with
the same factors again, it would be a no-op since the WebPageProxy's data members already
reflect the expected values.

To address the issue, pass both the page zoom and the text zoom factors to the WebProcess
via WebPageCreationParameters. This way, there is no need to send an extra IPC and we're
sure the WebPageProxy's factors are properly applied to the WebPage on WebContent process
side upon creation (whether after a crash or a process swap).

  • Shared/WebPageCreationParameters.cpp: (WebKit::WebPageCreationParameters::encode const): (WebKit::WebPageCreationParameters::decode):
  • Shared/WebPageCreationParameters.h:
  • UIProcess/WebPageProxy.cpp: (WebKit::WebPageProxy::creationParameters):
  • WebProcess/WebPage/WebPage.cpp:

Tools:

Add API test coverage.

  • TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm: (-[PSONNavigationDelegate webView:didCommitNavigation:]):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240818 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:17 PM Changeset in webkit [241074] by Alan Coon
  • 2 edits in branches/safari-607-branch/Source/WebKit

Cherry-pick r240803. rdar://problem/47774506

Regression(PSON) Crash under WebProcessProxy::canTerminateChildProcess()
https://bugs.webkit.org/show_bug.cgi?id=194094
<rdar://problem/47580753>

Reviewed by Ryosuke Niwa.

If a SuspendedPageProxy gets destroyed while a WebPageProxy is waiting for its to finish to suspend,
call the "failure to suspend" completion handler asynchronously instead of synchronouly to make sure
the completion handler cannot try and use the suspended page proxy while it is being destroyed.

  • UIProcess/SuspendedPageProxy.cpp: (WebKit::SuspendedPageProxy::~SuspendedPageProxy):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240803 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:17 PM Changeset in webkit [241073] by Alan Coon
  • 5 edits in branches/safari-607-branch

Cherry-pick r240773. rdar://problem/47774755

ASSERTION FAILED: cache under WebCore::AXObjectCache::postTextStateChangePlatformNotification
https://bugs.webkit.org/show_bug.cgi?id=189094
<rdar://problem/43853526>

Reviewed by Zalan Bujtas.

Source/WebCore:

Protect against access to objects and cache's that can be removed while an object is still in memory.

Unskipped flaky tests on mac-wk2.

  • accessibility/mac/AXObjectCacheMac.mm: (WebCore::AXObjectCache::postTextStateChangePlatformNotification):
  • accessibility/mac/WebAccessibilityObjectWrapperMac.mm: (textMarkerForVisiblePosition): (textMarkerRangeFromVisiblePositions):

LayoutTests:

Unskip flaky test with crash resolved.

  • platform/mac-wk2/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240773 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:17 PM Changeset in webkit [241072] by Alan Coon
  • 3 edits in branches/safari-607-branch/Source/WebKit

Cherry-pick r240772. rdar://problem/47774490

iOS: Crash in InteractiveUpdateHandler set by ViewGestureController::beginSwipeGesture
https://bugs.webkit.org/show_bug.cgi?id=194083

Reviewed by Tim Horton.

We think this crash is a regression from r236966. Prior to r236966, we could only called
removeSwipeSnapshot() only when m_provisionalOrSameDocumentLoadCallback was set but now
we can call it either when m_snapshotRemovalTracker::start was called, or it had been reset.
This can result in m_webPageProxyForBackForwardListForCurrentSwipe getting cleared before
InteractiveUpdateHandler is called by UIGestureRecognizer, resulting in the crash.

This patch tries to restore the behavior prior to r236966 by only invoking removeSwipeSnapshot()
when SnapshotRemovalTracker has a valid removal callback set.

Unfortunately no new tests since there is no reproducible test case, and neither API tests
nor layout tests seem to have the capability to trigger swipe gestures via UIGestureRecognizer,
which is required for this crash to occur. Notably, back-forward swipe tests I enabled in
r240765 bypass UIKit and emulates the action instead.

  • UIProcess/Cocoa/ViewGestureController.cpp: (WebKit::ViewGestureController::didReachMainFrameLoadTerminalState):
  • UIProcess/Cocoa/ViewGestureController.h: (WebKit::ViewGestureController::SnapshotRemovalTracker::hasRemovalCallback const):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240772 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:17 PM Changeset in webkit [241071] by Alan Coon
  • 4 edits in branches/safari-607-branch/Source/WebKit

Cherry-pick r240757. rdar://problem/47774493

[iOS] REGRESSION (r238635): Text area fails to re-focus after dismissal of keyboard on support.apple.com
https://bugs.webkit.org/show_bug.cgi?id=193987
<rdar://problem/47230785>

Reviewed by Tim Horton.

It is unnecessary to relinquish first responder status when a user explicitly dismissing
the keyboard. Moreover, doing so prevents key commands from being intercepted when a
hardware keyboard is subsequently attached.

Following r238635 a page becomes focused (accepting of keyboard input) and defocused
when the WKContentView becomes first responder and resigns first responder, respectively.
When a user explicitly dismisses the keyboard by tapping Done (iPhone) or the hide keyboard
button (iPad) then UIKit tells WKContentView to resign its first responder status only
to make its superview, WKWebView, first responder. When a person subsequently taps on the
page again, the WKContentView requests to become the first responder. However changes to
page focus are not guaranteed to be sent to the WebProcess immediately (WebPageProxy::activityStateDidChange()
will schedule an update). In particular, they are not guaranteed to be sent before the
WebProcess is told about a tap. Therefore, the WebProcess has out-of-date information on
focus state of the page. Instead we should detect when WKWebView is being asked to resign
as a result of the keyboard dismissal and refuse the request, taking care to end the current
editing session, blur the focused element, and dismiss the on-screen keyboard.

  • Platform/spi/ios/UIKitSPI.h: Expose some SPI.
  • UIProcess/ios/WKContentViewInteraction.h:
  • UIProcess/ios/WKContentViewInteraction.mm: (-[WKContentView setupInteraction]): Register to receive notifications whenever a user explicitly dismisses the keyboard. (-[WKContentView resignFirstResponderForWebView]): If we are being asked to resign as a result of a user explicitly dismissing the keyboard then refuse to resign. (-[WKContentView _keyboardDidRequestDismissal:]): Update state, if applicable.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240757 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:16 PM Changeset in webkit [241070] by Alan Coon
  • 4 edits
    3 adds in branches/safari-607-branch

Cherry-pick r240750. rdar://problem/47774507

Regression(PSON) History navigations to twitter.com lead to a 403 HTTP error
https://bugs.webkit.org/show_bug.cgi?id=194023
<rdar://problem/47417981>

Reviewed by Geoffrey Garen.

Source/WebCore:

The issue was caused by the 'isTopSite' flag not getting properly set on the network request
in case of a cross-site history navigation (with process-swap). As a result, twitter.com was
not getting its same-site lax cookies.

The 'isTopSite' flag normally gets set by FrameLoader::addExtraFieldsToRequest(), but we were
bypassing this method entirely when continuing a load in a new process after a swap. This was
intentional as the network request is normally already fully populated by the previous process
and we do not want the new process to modify the request in any way (e.g. we would not want to
add a Origin header back after it was removed by the previous process). However, in case of a
History navigation, we do not actually pass a request along from one process to another. Instead,
we pass a HistoryItem and then build a fresh new request from the HistoryItem in the new process.
In this case, we *want* addExtraFieldsToRequest() to be called on the new request, even though
we are technically continuing a load in a new process.

We thus address the issue by bypassing FrameLoader::addExtraFieldsToRequest() only if we're
continuing a load with a request and not when we're continuing a load with a HistoryItem.

Test: http/tests/cookies/same-site/lax-samesite-cookie-after-cross-site-history-load.php

  • loader/FrameLoader.cpp: (WebCore::FrameLoader::load): (WebCore::FrameLoader::loadWithDocumentLoader): (WebCore::FrameLoader::addExtraFieldsToRequest): (WebCore::FrameLoader::loadDifferentDocumentItem):
  • loader/FrameLoader.h: (WebCore::FrameLoader::shouldTreatCurrentLoadAsContinuingLoad const):

LayoutTests:

Add layout test coverage.

  • http/tests/cookies/same-site/lax-samesite-cookie-after-cross-site-history-load-expected.txt: Added.
  • http/tests/cookies/same-site/lax-samesite-cookie-after-cross-site-history-load.php: Added.
  • http/tests/cookies/same-site/resources/navigate-back.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240750 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:16 PM Changeset in webkit [241069] by Alan Coon
  • 9 edits in branches/safari-607-branch

Cherry-pick r240727. rdar://problem/47776358

LayoutTests/imported/w3c:
ServiceWorkerJob should notify its client in case its job is cancelled
https://bugs.webkit.org/show_bug.cgi?id=193747
<rdar://problem/47498196>

Reviewed by Chris Dumez.

  • web-platform-tests/service-workers/service-worker/registration-security-error.https-expected.txt:

Source/WebCore:
Refactor ServiceWorkerJob management by ServiceWorkerContainer to make it more memory safe
https://bugs.webkit.org/show_bug.cgi?id=193747
<rdar://problem/47498196>

Reviewed by Chris Dumez.

Make ServiceWorkerJob be no longer ref counted.
Instead its lifetime is fully controlled by ServiceWorkerContainer.

Make sure that a failing load will remove the job from ServiceWorkerContainer job map.
This allows to ensure that these jobs do not stay forever.
Before the patch, the jobs map was never cleared, which is creating a ref cycle whenever a job is not succesful.

Before the patch, unsetPendingActivity was only called for successful jobs finishing.
In case of failing loads, ServiceWorkerContainer would leak.
Make sure that setPendingActivity/unsetPendingActivity is balanced by storing
a pending activity in the job map next to the job.

When ServiceWorkerContainer is stopped, notify that all jobs are cancelled to NetworkProcess.
This makes these jobs in NetworkProcess-side to not stay until the corresponding WebProcess is gone.

Simplify ServiceWorkerJob promise rejection handling so that it is clear when promise is rejected and when it is not.
Update type of exception to be SecurityError when load fails due to AccessControl.

Covered by existing tests.

  • workers/service/ServiceWorkerContainer.cpp: (WebCore::ServiceWorkerContainer::addRegistration): (WebCore::ServiceWorkerContainer::removeRegistration): (WebCore::ServiceWorkerContainer::updateRegistration): (WebCore::ServiceWorkerContainer::scheduleJob): (WebCore::ServiceWorkerContainer::jobFailedWithException): (WebCore::ServiceWorkerContainer::jobResolvedWithRegistration): (WebCore::ServiceWorkerContainer::jobResolvedWithUnregistrationResult): (WebCore::ServiceWorkerContainer::jobFailedLoadingScript): (WebCore::ServiceWorkerContainer::jobDidFinish): (WebCore::ServiceWorkerContainer::stop): (WebCore::ServiceWorkerContainer::job):
  • workers/service/ServiceWorkerContainer.h:
  • workers/service/ServiceWorkerJob.cpp: (WebCore::ServiceWorkerJob::failedWithException): (WebCore::ServiceWorkerJob::resolvedWithRegistration): (WebCore::ServiceWorkerJob::resolvedWithUnregistrationResult): (WebCore::ServiceWorkerJob::startScriptFetch): (WebCore::ServiceWorkerJob::didReceiveResponse): (WebCore::ServiceWorkerJob::notifyFinished): (WebCore::ServiceWorkerJob::cancelPendingLoad):
  • workers/service/ServiceWorkerJob.h: (WebCore::ServiceWorkerJob::hasPromise const): (WebCore::ServiceWorkerJob::takePromise):
  • workers/service/ServiceWorkerJobClient.h:
  • workers/service/server/SWServerJobQueue.cpp: (WebCore::SWServerJobQueue::scriptFetchFinished):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240727 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:16 PM Changeset in webkit [241068] by Alan Coon
  • 6 edits in branches/safari-607-branch

Cherry-pick r240725. rdar://problem/47774554

Regression(PSON) Load hang can occur on history navigation
https://bugs.webkit.org/show_bug.cgi?id=194030
<rdar://problem/47656939>

Reviewed by Antti Koivisto.

Source/WebKit:

We do not support having more than one WebPage in a WebProcess with the same page ID. As a result,
if we decide to reuse an existing process on process-swap, we need to make sure that we either use
its suspended page (when possible, meaning that it is for the right HistoryItem / page) or we need
make sure we drop the existing suspended page for this process / pagePID combination, so that the
WebPage on WebProcess side gets closed before we attempt to do the new load.

We were doing this correctly in 2 places in WebProcessPool::processForNavigationInternal() but failed
to do so in a third place, when doing back to a HistoryItem which does not have a SuspendedPage but
whose process is still alive (presumably because it is kept alive by another suspended page). This
patch fixes this third place to remove any suspended page in the process for the current page before
reusing the process. An assertion was also added to the call site in
WebPageProxy::receivedNavigationPolicyDecision() to make sure we catch this more easily in the
future.

  • UIProcess/WebPageProxy.cpp: (WebKit::WebPageProxy::receivedNavigationPolicyDecision):
  • UIProcess/WebProcessPool.cpp: (WebKit::WebProcessPool::processForNavigationInternal): (WebKit::WebProcessPool::removeAllSuspendedPagesForPage): (WebKit::WebProcessPool::hasSuspendedPageFor const):
  • UIProcess/WebProcessPool.h:

Tools:

Add API test coverage.

  • TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240725 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:16 PM Changeset in webkit [241067] by Alan Coon
  • 2 edits in branches/safari-607-branch/Source/WebKit

Cherry-pick r240717. rdar://problem/47774504

Crash in WebKit::RemoteLayerTreePropertyApplier::updateChildren
https://bugs.webkit.org/show_bug.cgi?id=193897
<rdar://problem/47427750>

Reviewed by Simon Fraser.

There has been some null pointer crashes where we fail to find a remote layer tree node that matches
the transaction properties.

  • Shared/RemoteLayerTree/RemoteLayerTreePropertyApplier.mm: (WebKit::RemoteLayerTreePropertyApplier::updateChildren):

Null check the nodes.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240717 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:16 PM Changeset in webkit [241066] by Alan Coon
  • 3 edits
    2 adds in branches/safari-607-branch

Cherry-pick r240709. rdar://problem/47776349

AX: Role=switch not returning correct accessibilityValue
https://bugs.webkit.org/show_bug.cgi?id=194006

Reviewed by Joanmarie Diggs.

Source/WebCore:

Return the toggle state of a role=switch element.

Test: accessibility/ios-simulator/role-switch.html

  • accessibility/ios/WebAccessibilityObjectWrapperIOS.mm: (-[WebAccessibilityObjectWrapper accessibilityValue]):

LayoutTests:

  • accessibility/ios-simulator/role-switch-expected.txt: Added.
  • accessibility/ios-simulator/role-switch.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240709 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:16 PM Changeset in webkit [241065] by Alan Coon
  • 2 edits in branches/safari-607-branch/Source/WebKit

Cherry-pick r240702. rdar://problem/47774503

iOS: Nullptr crash in WebPage::getPositionInformation dereferencing an input element for data list
https://bugs.webkit.org/show_bug.cgi?id=193996

Reviewed by Wenson Hsieh.

Added a missing nullptr check.

  • WebProcess/WebPage/ios/WebPageIOS.mm: (WebKit::WebPage::getPositionInformation):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240702 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:16 PM Changeset in webkit [241064] by Alan Coon
  • 2 edits in branches/safari-607-branch/Source/WebCore

Cherry-pick r240697. rdar://problem/47774541

Make sure we have a frame before trying to access its loader
https://bugs.webkit.org/show_bug.cgi?id=193985
<rdar://problem/47618239>

Reviewed by Ryosuke Niwa.

  • loader/ResourceLoadObserver.cpp: (WebCore::ResourceLoadObserver::logUserInteractionWithReducedTimeResolution):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240697 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:16 PM Changeset in webkit [241063] by Alan Coon
  • 2 edits in branches/safari-607-branch/Tools

Cherry-pick r240695. rdar://problem/47776355

REGRESSION: ProcessSwap.DoSameSiteNavigationAfterCrossSiteProvisionalLoadStarted Failing on iOS
https://bugs.webkit.org/show_bug.cgi?id=193977
<rdar://problem/47643716>

Reviewed by Geoff Garen.

Update API test to address flakiness on iOS. Instead of doing the last navigation after receiving the
didStartProvisionalLoad, do we right after we answer the navigation policy request. Flakiness was due
to the previous provisional committing *before* we make the last load.

  • TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240695 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:16 PM Changeset in webkit [241062] by Alan Coon
  • 3 edits
    1 add in branches/safari-607-branch

Cherry-pick r240681. rdar://problem/47774514

ValueRecovery::recover() should purify NaN values it recovers.
https://bugs.webkit.org/show_bug.cgi?id=193978
<rdar://problem/47625488>

Reviewed by Saam Barati.

JSTests:

  • stress/value-recovery-of-double-displaced-in-jsstack-should-be-purified.js: Added.

Source/JavaScriptCore:

According to DFG::OSRExit::executeOSRExit() and DFG::OSRExit::compileExit(),
recovered DoubleDisplacedInJSStack values need to be purified.
ValueRecovery::recover() should do the same.

  • bytecode/ValueRecovery.cpp: (JSC::ValueRecovery::recover const):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240681 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:16 PM Changeset in webkit [241061] by Alan Coon
  • 5 edits in branches/safari-607-branch

Cherry-pick r240675. rdar://problem/47776350

Regression (r240046): [PSON] Spurious changes to [WKWebView url] and [WKWebView loading] after [WKWebView loadRequest]
https://bugs.webkit.org/show_bug.cgi?id=193967
<rdar://problem/47635348>

Reviewed by Alex Christensen.

Source/WebKit:

Update WebPageProxy::receivedPolicyDecision() to no longer clear the pending URL when we send PolicyAction::Ignore to
the old process when the load is continuing in a new process due to PSON.

  • UIProcess/WebPageProxy.cpp: (WebKit::WebPageProxy::receivedNavigationPolicyDecision): (WebKit::WebPageProxy::receivedPolicyDecision):
  • UIProcess/WebPageProxy.h:

Tools:

Add API test coverage.

  • TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm: (-[PSONLoadingObserver observeValueForKeyPath:ofObject:change:context:]):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240675 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:16 PM Changeset in webkit [241060] by Alan Coon
  • 6 edits in branches/safari-607-branch/Source/WebKit

Cherry-pick r240663. rdar://problem/47774492

REGRESSION (PSON): Flash on link navigation on Mac
https://bugs.webkit.org/show_bug.cgi?id=193961
<rdar://problem/47482507>

Reviewed by Chris Dumez.

The target page sends EnterAcceleratedCompositingMode message too early, before we have a valid layer tree.

  • WebProcess/WebPage/DrawingArea.h: (WebKit::DrawingArea::attach): Deleted.

Not needed anymore.

  • WebProcess/WebPage/WebPage.cpp: (WebKit::WebPage::reinitializeWebPage): (WebKit::WebPage::didCompletePageTransition): (WebKit::m_shouldAttachDrawingAreaOnPageTransition): Deleted.

Move message sending logic fully to TiledCoreAnimationDrawingArea.
Unfreezing the layer tree is sufficient to trigger the message.

  • WebProcess/WebPage/WebPage.h:
  • WebProcess/WebPage/mac/TiledCoreAnimationDrawingArea.h:
  • WebProcess/WebPage/mac/TiledCoreAnimationDrawingArea.mm: (WebKit::TiledCoreAnimationDrawingArea::TiledCoreAnimationDrawingArea):

There is no need to treat process swap case differently.

(WebKit::TiledCoreAnimationDrawingArea::sendEnterAcceleratedCompositingModeIfNeeded):

Send this after the first successful layer flush with the root layer set.

(WebKit::TiledCoreAnimationDrawingArea::flushLayers):
(WebKit::TiledCoreAnimationDrawingArea::attach): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240663 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:16 PM Changeset in webkit [241059] by Alan Coon
  • 4 edits in branches/safari-607-branch

Cherry-pick r240660. rdar://problem/47774552

REGRESSION (PSON): Twitter link gets stuck at t.co after navigating back in tab
https://bugs.webkit.org/show_bug.cgi?id=193932
<rdar://problem/47598947>

Reviewed by Brady Eidson.

Source/WebKit:

When doing a client side redirect from origin A to origin B, we would swap process and
create a SuspendedPageProxy and save it on the source BackForwardListItem. The issue is
that the BackForwardList is locked for such redirect so we end up updating the current
BackForwardListItem with origin B's URL while origin A's suspended page remained on
the item. When going to another URL in the same origin A, we would not create a suspended
page since no process-swap would occur. When pressing the back button, we would go back
to the previous BackForwardListItem and use its SuspendedPageProxy, which is for the
wrong URL (The pre-client redirect one).

To address the issue, we no longer create a SuspendedPageProxy for cross-site client side
redirects. There will be no way no go back to this suspended page anyway since the
back/forward list item will be updated with the redirection URL.

  • UIProcess/WebPageProxy.cpp: (WebKit::WebPageProxy::suspendCurrentPageIfPossible):

Tools:

Add API test coverage.

  • TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240660 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:16 PM Changeset in webkit [241058] by Alan Coon
  • 3 edits in branches/safari-607-branch/Source/WebCore

Cherry-pick r240643. rdar://problem/47774515

webkitcurrentplaybacktargetiswirelesschanged and webkitCurrentPlaybackIsWireless are non-deterministic.
https://bugs.webkit.org/show_bug.cgi?id=193923
<rdar://problem/45956595>

Reviewed by Eric Carlson.

The value of webkitCurrentPlaybackTargetIsWireless can change in between when the event is scheduled
and when it's actually dispatched. To make this more deterministic, use a GenericTaskQueue to enqueue
setting m_isPlayingToWirelessTarget and dispatch the changed event in the same run-loop.

  • html/HTMLMediaElement.cpp: (WebCore::HTMLMediaElement::clearMediaPlayer): (WebCore::HTMLMediaElement::mediaPlayerCurrentPlaybackTargetIsWirelessChanged): (WebCore::HTMLMediaElement::setIsPlayingToWirelessTarget): (WebCore::HTMLMediaElement::dispatchEvent):
  • html/HTMLMediaElement.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240643 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:16 PM Changeset in webkit [241057] by Alan Coon
  • 4 edits in branches/safari-607-branch/Source/WebInspectorUI

Cherry-pick r240639. rdar://problem/47774511

Web Inspector: Elements tab should toggle visibility for all selected nodes
https://bugs.webkit.org/show_bug.cgi?id=193089
<rdar://problem/47009256>

Reviewed by Devin Rousso.

Update "Toggle Visibility" command in DOM tree for multiple selection.
When both visible and hidden elements are selected in the DOM tree,
the toggle command behaves contextually. If one or more elements are
visible, they are hidden, otherwise they are shown. The context menu
shows "Hide Elements" or "Show Elements", respectively.

When only one element is selected, or the context menu target element
is not selected, the command continues to be "Toggle Visibility".

  • Localizations/en.lproj/localizedStrings.js:
  • UserInterface/Views/DOMTreeElement.js: (WI.DOMTreeElement.prototype.get isNodeHidden): Added. (WI.DOMTreeElement.prototype.toggleElementVisibility.inspectedPage_node_injectStyleAndToggleClass): (WI.DOMTreeElement.prototype.toggleElementVisibility): (WI.DOMTreeElement.prototype._populateTagContextMenu):
  • UserInterface/Views/DOMTreeOutline.js: (WI.DOMTreeOutline): (WI.DOMTreeOutline.prototype.toggleSelectedElementsVisibility): Added. Provide a public method for toggling the visibility of selected DOM nodes. Used by the "H" keyboard shortcut and DOMTreeElement context menu.

(WI.DOMTreeOutline.prototype._hideElements):
(WI.DOMTreeOutline.prototype._hideElement): Deleted.
Rename for multiple selection.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240639 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:16 PM Changeset in webkit [241056] by Alan Coon
  • 2 edits in branches/safari-607-branch

Cherry-pick r240616. rdar://problem/47774497

ToString node actually does GC.
https://bugs.webkit.org/show_bug.cgi?id=193920
<rdar://problem/46695900>

Reviewed by Yusuke Suzuki.

JSTests:

  • stress/dfg-to-string-on-int-does-gc.js: Added.
  • stress/dfg-to-string-on-string-object-does-not-gc.js: Added.
  • stress/dfg-to-string-on-string-or-string-object-does-not-gc.js: Added.

Source/JavaScriptCore:

Other than for StringObjectUse and StringOrStringObjectUse, ToString and
CallStringConstructor can allocate new JSStrings, and hence, can GC.

  • dfg/DFGDoesGC.cpp: (JSC::DFG::doesGC):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240616 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:16 PM Changeset in webkit [241055] by Alan Coon
  • 3 edits in branches/safari-607-branch/Source/WebInspectorUI

Cherry-pick r240594. rdar://problem/47774537

REGRESSION(?): Web Inspector: Can have multiple Timelines selected after edit mode
https://bugs.webkit.org/show_bug.cgi?id=193808
<rdar://problem/47537734>

Reviewed by Devin Rousso.

  • UserInterface/Controllers/SelectionController.js: (WI.SelectionController.prototype.didRemoveItems):
  • UserInterface/Views/TreeOutline.js: (WI.TreeOutline.prototype._indexesForSubtree): Fix a bug where no IndexSet was returned when passed a TreeElement with no children. This caused the Timelines tree selection to be corrupted when entering and exiting edit mode, as TreeElements are inserted and removed.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240594 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:16 PM Changeset in webkit [241054] by Alan Coon
  • 4 edits
    2 adds in branches/safari-607-branch

Cherry-pick r240537. rdar://problem/47774500

<video> elements not in the DOM should be allowed to AirPlay
https://bugs.webkit.org/show_bug.cgi?id=193837
Source/WebCore:

<rdar://42559491>

Reviewed by Eric Carlson.

Test: media/airplay-allows-buffering.html

Some websites will switch between <video> elements backed by MSE to one backed by
a media file in order to implement an AirPlay control. But when a <video> element is
removed from the DOM and paused, further buffering is blocked. For some ports (namely
Cocoa ones), this keeps AirPlay from engaging. Relax this buffering restriction for
elements who have been asked to play wirelessly, but whose wireless playback has not
started yet.

  • html/MediaElementSession.cpp: (WebCore::MediaElementSession::dataBufferingPermitted const): (WebCore::MediaElementSession::setShouldPlayToPlaybackTarget):

LayoutTests:

Reviewed by Eric Carlson.

  • media/airplay-allows-buffering-expected.txt: Added.
  • media/airplay-allows-buffering.html: Added.
  • platform/ios/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240537 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:16 PM Changeset in webkit [241053] by Alan Coon
  • 2 edits in branches/safari-607-branch/Source/JavaScriptCore

Cherry-pick r240448. rdar://problem/47774335

Update ARM64EHash
https://bugs.webkit.org/show_bug.cgi?id=193776
<rdar://problem/47526457>

Reviewed by Mark Lam.

See radar for details.

  • assembler/AssemblerBuffer.h: (JSC::ARM64EHash::update): (JSC::ARM64EHash::finalHash const):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@240448 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:16 PM Changeset in webkit [241052] by Alan Coon
  • 2 edits in branches/safari-607-branch/Source/WebKit

Cherry-pick r239895. rdar://problem/47776475

Allow WebContent process access to some drawing-related IOKit properties
https://bugs.webkit.org/show_bug.cgi?id=193086
<rdar://problem/46568088>

Reviewed by Eric Carlson.

Add one missing IOKit property, and revise the regexp used for another.

  • Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@239895 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:16 PM Changeset in webkit [241051] by Alan Coon
  • 11 edits in branches/safari-607-branch

Cherry-pick r239881. rdar://problem/47776480

[iOS] Precision drop state thrashes when dragging near the top edge of an editable element
https://bugs.webkit.org/show_bug.cgi?id=193364
<rdar://problem/47214117>

Reviewed by Tim Horton.

Source/WebCore:

Add a new helper method on DragCaretController to compute the bounds of the editable element around the drop
caret position. This is either the enclosing form control (in the case of text fields and text areas), or the
highest editable root. See WebKit ChangeLog for more details.

Test: DragAndDropTests.AvoidPreciseDropNearTopOfTextArea

  • editing/FrameSelection.cpp: (WebCore::DragCaretController::editableElementRectInRootViewCoordinates const):
  • editing/FrameSelection.h:

Source/WebKit:

On iOS, marking a UIDropProposal as precise offsets the hit-testing location of the drop by a small distance
either upwards or downwards from the actual location of the user's finger. When dragging over an editable
element, WebKit currently marks the drop proposal as precise; however, when dragging over the top edge of an
editable element, what happens is that the hit-testing location is offset to a location outside of the editable
element, which causes us to turn off precision drop mode; subsequently, turning off precision drop mode removes
the offset, which causes us to hit-test within the editable element once again and re-enable precision mode, and
the cycle continues.

In order to mitigate this, bail out of precision drop mode when dragging near the top or bottom edges of the
highest editable root that contains the current drop caret position (or, if the drop caret is inside of a text
form control, use the form control as the editable element instead).

  • UIProcess/WebPageProxy.cpp: (WebKit::WebPageProxy::didPerformDragControllerAction):
  • UIProcess/WebPageProxy.h: (WebKit::WebPageProxy::currentDragCaretEditableElementRect const):
  • UIProcess/WebPageProxy.messages.in:
  • UIProcess/ios/WKContentViewInteraction.mm: (-[WKContentView dropInteraction:sessionDidUpdate:]):

Avoid precise mode when we're less than 25pt away from the top and bottom edge of the editable element rect.
Since the drag location offset amount is a fixed offset in window coordinates, we first convert this minimum
distance to the content view's coordinate space by dividing by the content scale factor.

  • WebProcess/WebPage/WebPage.cpp: (WebKit::WebPage::performDragControllerAction):

Tools:

Add a test to verify that dragging near the top of a textarea element does not flag the drop proposal as
precise, whereas dragging near the middle of the textarea does.

  • TestWebKitAPI/Tests/ios/DragAndDropTestsIOS.mm: (TestWebKitAPI::TEST):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@239881 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:15 PM Changeset in webkit [241050] by Alan Coon
  • 5 edits in branches/safari-607-branch

Apply patch. rdar://problem/47774509

2:02 PM Changeset in webkit [241049] by wilander@apple.com
  • 9 edits in trunk/Source

Forward Ad Click Attribution data from HTMLAnchorElement::handleClick() to WebKit::NavigationActionData
https://bugs.webkit.org/show_bug.cgi?id=194325
<rdar://problem/47840283>

Reviewed by Chris Dumez.

Source/WebCore:

No new tests. This is just data forwarding. Once the data is stored, I will create
test infrastructure to query it.

  • html/HTMLAnchorElement.cpp:

(WebCore::HTMLAnchorElement::handleClick):

  • loader/AdClickAttribution.h:

(WebCore::AdClickAttribution::encode const):
(WebCore::AdClickAttribution::decode):
(WebCore::AdClickAttribution::Conversion::encode const):
(WebCore::AdClickAttribution::Conversion::decode):

Infrastructure for IPC.

  • loader/FrameLoader.cpp:

(WebCore::FrameLoader::urlSelected):
(WebCore::FrameLoader::loadURLIntoChildFrame):
(WebCore::FrameLoader::loadFrameRequest):
(WebCore::FrameLoader::loadURL):

These functions forward the optional WebCore::AdClickAttribution object
FrameLoader::loadURL() creates the NavigationAction object and sets the
WebCore::AdClickAttribution object on there.

  • loader/FrameLoader.h:

(WebCore::FrameLoader::urlSelected):
(WebCore::FrameLoader::loadURL):

  • loader/NavigationAction.h:

(WebCore::NavigationAction::adClickAttribution):
(WebCore::NavigationAction::setAdClickAttribution):

Source/WebKit:

  • Shared/NavigationActionData.cpp:

(WebKit::NavigationActionData::encode const):
(WebKit::NavigationActionData::decode):

  • Shared/NavigationActionData.h:

Now holds an optional WebCore::AdClickAttribution object.

1:52 PM Changeset in webkit [241048] by Justin Fan
  • 14 edits
    7 copies
    3 moves in trunk

[Web GPU] Implement supporting dictionaries for GPUTexture
https://bugs.webkit.org/show_bug.cgi?id=194354

Reviewed by Dean Jackson.

Source/WebCore:

Add dictionaries needed to create a GPUTextureDescriptor.

No new tests; no change in behavior.

New interface and dictionaries added:

  • Modules/webgpu/GPUExtent3D.idl:
  • Modules/webgpu/GPUTextureDescriptor.idl:
  • Modules/webgpu/GPUTextureDimension.idl:
  • Modules/webgpu/GPUTextureUsage.idl:
  • platform/graphics/gpu/GPUExtent3D.h:
  • platform/graphics/gpu/GPUTextureDescriptor.h:
  • platform/graphics/gpu/GPUTextureDimension.h:
  • platform/graphics/gpu/GPUTextureUsage.h:

Update WebGPUTextureFormatEnum to GPUTextureFormat:

  • Modules/webgpu/WebGPUTextureFormatEnum.h: Removed.
  • Modules/webgpu/GPUTextureFormat.idl: Renamed from WebGPUTextureFormatEnum.idl and updated to hyphen-case.
  • platform/graphics/gpu/GPUTextureFormat.h: Renamed from GPUTextureFormatEnum and updated for hyphen-case IDL.
  • Modules/webgpu/WebGPUSwapChain.cpp:
  • Modules/webgpu/WebGPUSwapChain.h:
  • Modules/webgpu/WebGPUSwapChain.idl:
  • platform/graphics/gpu/GPUSwapChain.h:
  • platform/graphics/gpu/cocoa/GPUSwapChainMetal.mm:

(WebCore::platformTextureFormatForGPUTextureFormat):
(WebCore::GPUSwapChain::setFormat):

Update project files with new symbols:

  • CMakeLists.txt:
  • DerivedSources.make:
  • Sources.txt:
  • WebCore.xcodeproj/project.pbxproj:
  • bindings/js/WebCoreBuiltinNames.h:

LayoutTests:

Update test files to use hyphen-case for GPUTextureFormat.

  • webgpu/js/basic-webgpu-functions.js:

(async.setUpContexts):

  • webgpu/js/webgpu-functions.js:

(createBasicContext):

1:48 PM Changeset in webkit [241047] by dino@apple.com
  • 2 edits in trunk/Source/WebCore

Fix potential build error in GPUDevice
https://bugs.webkit.org/show_bug.cgi?id=194359

Reviewed by Joseph Pecoraro.

Add an UNUSED_PARAM for non-macOS platforms.

  • platform/graphics/gpu/cocoa/GPUDeviceMetal.mm:

(WebCore::GPUDevice::create):

1:44 PM Changeset in webkit [241046] by dbates@webkit.org
  • 2 edits in trunk/Source/WebKit

Fix the Apple Internal build. See <rdar://problem/47860943> for more details.

  • UIProcess/ios/fullscreen/WKFullscreenStackView.mm:

(-[WKFullscreenStackView init]):

1:32 PM Changeset in webkit [241045] by Kocsen Chung
  • 1 copy in tags/Safari-608.1.5.1

Tag Safari-608.1.5.1.

1:26 PM Changeset in webkit [241044] by dbates@webkit.org
  • 22 edits in trunk/Source

Standardize on ControlKey instead of CtrlKey
https://bugs.webkit.org/show_bug.cgi?id=194317

Reviewed by Tim Horton.

Source/WebCore:

  • dom/UIEventWithKeyState.cpp:

(WebCore::UIEventWithKeyState::modifiersFromInitializer):
(WebCore::UIEventWithKeyState::setModifierKeys):

  • dom/UIEventWithKeyState.h:

(WebCore::UIEventWithKeyState::ctrlKey const):

  • page/ios/EventHandlerIOS.mm:

(WebCore::EventHandler::accessKeyModifiers):

  • page/mac/EventHandlerMac.mm:

(WebCore::EventHandler::accessKeyModifiers):

  • platform/PlatformEvent.h:

(WebCore::PlatformEvent::controlKey const):
(WebCore::PlatformEvent::PlatformEvent):
(WebCore::PlatformEvent::ctrlKey const): Deleted.

  • platform/cocoa/KeyEventCocoa.mm:

(WebCore::PlatformKeyboardEvent::getCurrentModifierState):

  • platform/gtk/PlatformKeyboardEventGtk.cpp:

(WebCore::modifiersForGdkKeyEvent):

  • platform/gtk/PlatformMouseEventGtk.cpp:

(WebCore::PlatformMouseEvent::PlatformMouseEvent):

  • platform/gtk/PlatformWheelEventGtk.cpp:

(WebCore::PlatformWheelEvent::PlatformWheelEvent):

  • platform/ios/KeyEventIOS.mm:

(WebCore::PlatformKeyboardEvent::currentStateOfModifierKeys):

  • platform/ios/PlatformEventFactoryIOS.mm:

(WebCore::modifiersForEvent):

  • platform/mac/KeyEventMac.mm:

(WebCore::PlatformKeyboardEvent::currentStateOfModifierKeys):

  • platform/mac/PlatformEventFactoryMac.mm:

(WebCore::modifiersForEvent):

  • testing/Internals.cpp:

(WebCore::Internals::accessKeyModifiers const):

Source/WebKit:

  • Shared/WebEventConversion.cpp:

(WebKit::WebKit2PlatformMouseEvent::WebKit2PlatformMouseEvent):
(WebKit::WebKit2PlatformWheelEvent::WebKit2PlatformWheelEvent):
(WebKit::WebKit2PlatformKeyboardEvent::WebKit2PlatformKeyboardEvent):
(WebKit::WebKit2PlatformTouchEvent::WebKit2PlatformTouchEvent):
(WebKit::WebKit2PlatformGestureEvent::WebKit2PlatformGestureEvent):

  • WebProcess/WebCoreSupport/gtk/WebEditorClientGtk.cpp:

(WebKit::WebEditorClient::handleKeyboardEvent):

  • WebProcess/WebCoreSupport/wpe/WebEditorClientWPE.cpp:

(WebKit::handleKeyPress):

Source/WebKitLegacy/win:

  • AccessibleBase.cpp:

(AccessibleBase::get_accKeyboardShortcut):

  • WebView.cpp:

(WebView::keyDown):

1:03 PM Changeset in webkit [241043] by Kocsen Chung
  • 7 edits in branches/safari-608.1.5.1-branch/Source

Versioning.

12:42 PM Changeset in webkit [241042] by Kocsen Chung
  • 1 copy in branches/safari-608.1.5.1-branch

New branch.

12:37 PM Changeset in webkit [241041] by Kocsen Chung
  • 1 delete in tags/Safari-608.1.5.1

Delete tag

12:13 PM Changeset in webkit [241040] by achristensen@apple.com
  • 2 edits in trunk/Source/WebCore

Fix WatchOS build
https://bugs.webkit.org/show_bug.cgi?id=194353

Rubber stamped by Tim Horton and Wenson Hsieh.

  • rendering/RenderThemeIOS.mm:

(WebCore::iconForAttachment):

11:57 AM Changeset in webkit [241039] by commit-queue@webkit.org
  • 4 edits in trunk/Source/WebInspectorUI

Web Inspector: "Worker not found" uncaught protocol errors
https://bugs.webkit.org/show_bug.cgi?id=194319

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2019-02-06
Reviewed by Matt Baker.

  • UserInterface/Base/Main.js:

(WI.terminatePageTarget):
Remove Worker targets associated with the Page on navigation.
Eventually we will have to associate Workers with their parent
frame, but for now a transition can only happen at the Page
level, so we can eliminate all workers on the page.

  • UserInterface/Controllers/WorkerManager.js:

(WI.WorkerManager.prototype.workerCreated):

  • UserInterface/Protocol/Connection.js:

(InspectorBackend.WorkerConnection.sendMessageToBackend):
Allow any WorkerAgent domain message to fail silently. This can
happen if a Worker is created and destroyed before the frontend
hears about it and sends messages to the backend for that Worker.

11:50 AM Changeset in webkit [241038] by ysuzuki@apple.com
  • 6 edits in trunk/Source/JavaScriptCore

[JSC] Unify indirectEvalExecutableSpace and directEvalExecutableSpace
https://bugs.webkit.org/show_bug.cgi?id=194339

Reviewed by Michael Saboff.

DirectEvalExecutable and IndirectEvalExecutable have completely same memory layout.
They have even the same structure. This patch unifies the subspaces for them.

  • runtime/DirectEvalExecutable.h:
  • runtime/EvalExecutable.h:

(JSC::EvalExecutable::subspaceFor):

  • runtime/IndirectEvalExecutable.h:
  • runtime/VM.cpp:
  • runtime/VM.h:

(JSC::VM::forEachScriptExecutableSpace):

11:49 AM Changeset in webkit [241037] by ysuzuki@apple.com
  • 21 edits
    1 add in trunk/Source/JavaScriptCore

[JSC] NativeExecutable should be smaller
https://bugs.webkit.org/show_bug.cgi?id=194331

Reviewed by Michael Saboff.

NativeExecutable takes 88 bytes now. Since our GC rounds the size with 16, it actually takes 96 bytes in IsoSubspaces.
Since a lot of NativeExecutable are allocated, we already has two MarkedBlocks even just after JSGlobalObject initialization.
This patch makes sizeof(NativeExecutable) 64 bytes, which is 32 bytes smaller than 96 bytes. Now our JSGlobalObject initialization
only takes one MarkedBlock for NativeExecutable.

To make NativeExecutable smaller,

  1. m_numParametersForCall and m_numParametersForConstruct in ExecutableBase are only meaningful in ScriptExecutable subclasses. Since they are not touched from JIT, we can remove them from ExecutableBase and move them to ScriptExecutable.
  1. DOMJIT::Signature* is rarely used. Rather than having it in NativeExecutable, we should put it in NativeJITCode. Since NativeExecutable always has JITCode, we can safely query the value from NativeExecutable. This patch creates NativeDOMJITCode, which is a subclass of NativeJITCode, and instantiated only when DOMJIT::Signature* is given.
  1. Move Intrinsic to a member of ScriptExecutable or JITCode. Since JITCode has some paddings to put things, we can leverage this to put Intrinsic for NativeExecutable.

We also move "clearCode" code from ExecutableBase to ScriptExecutable since it is only valid for ScriptExecutable subclasses.

  • CMakeLists.txt:
  • JavaScriptCore.xcodeproj/project.pbxproj:
  • bytecode/CallVariant.h:
  • interpreter/Interpreter.cpp:
  • jit/JITCode.cpp:

(JSC::DirectJITCode::DirectJITCode):
(JSC::NativeJITCode::NativeJITCode):
(JSC::NativeDOMJITCode::NativeDOMJITCode):

  • jit/JITCode.h:

(JSC::JITCode::signature const):
(JSC::JITCode::intrinsic):

  • jit/JITOperations.cpp:
  • jit/JITThunks.cpp:

(JSC::JITThunks::hostFunctionStub):

  • jit/Repatch.cpp:
  • llint/LLIntSlowPaths.cpp:
  • runtime/ExecutableBase.cpp:

(JSC::ExecutableBase::dump const):
(JSC::ExecutableBase::hashFor const):
(JSC::ExecutableBase::hasClearableCode const): Deleted.
(JSC::ExecutableBase::clearCode): Deleted.

  • runtime/ExecutableBase.h:

(JSC::ExecutableBase::ExecutableBase):
(JSC::ExecutableBase::isModuleProgramExecutable):
(JSC::ExecutableBase::isHostFunction const):
(JSC::ExecutableBase::generatedJITCodeForCall const):
(JSC::ExecutableBase::generatedJITCodeForConstruct const):
(JSC::ExecutableBase::generatedJITCodeFor const):
(JSC::ExecutableBase::generatedJITCodeForCall): Deleted.
(JSC::ExecutableBase::generatedJITCodeForConstruct): Deleted.
(JSC::ExecutableBase::generatedJITCodeFor): Deleted.
(JSC::ExecutableBase::offsetOfNumParametersFor): Deleted.
(JSC::ExecutableBase::hasJITCodeForCall const): Deleted.
(JSC::ExecutableBase::hasJITCodeForConstruct const): Deleted.
(JSC::ExecutableBase::intrinsic const): Deleted.

  • runtime/ExecutableBaseInlines.h: Added.

(JSC::ExecutableBase::intrinsic const):
(JSC::ExecutableBase::hasJITCodeForCall const):
(JSC::ExecutableBase::hasJITCodeForConstruct const):

  • runtime/JSBoundFunction.cpp:
  • runtime/JSType.cpp:

(WTF::printInternal):

  • runtime/JSType.h:
  • runtime/NativeExecutable.cpp:

(JSC::NativeExecutable::create):
(JSC::NativeExecutable::createStructure):
(JSC::NativeExecutable::NativeExecutable):
(JSC::NativeExecutable::signatureFor const):
(JSC::NativeExecutable::intrinsic const):

  • runtime/NativeExecutable.h:
  • runtime/ScriptExecutable.cpp:

(JSC::ScriptExecutable::ScriptExecutable):
(JSC::ScriptExecutable::clearCode):
(JSC::ScriptExecutable::installCode):
(JSC::ScriptExecutable::hasClearableCode const):

  • runtime/ScriptExecutable.h:

(JSC::ScriptExecutable::intrinsic const):
(JSC::ScriptExecutable::hasJITCodeForCall const):
(JSC::ScriptExecutable::hasJITCodeForConstruct const):

  • runtime/VM.cpp:

(JSC::VM::getHostFunction):

11:40 AM Changeset in webkit [241036] by mark.lam@apple.com
  • 5 edits in branches/safari-607-branch

Cherry-pick r240998. rdar://problem/47843417

2019-02-05 Mark Lam <mark.lam@apple.com>

Fix DFG's doesGC() for a few more nodes.
https://bugs.webkit.org/show_bug.cgi?id=194307
<rdar://problem/47832956>

Reviewed by Yusuke Suzuki.

Fix doesGC() for the following nodes:

NumberToStringWithValidRadixConstant:

Calls operationInt32ToStringWithValidRadix(), which calls int32ToString(),
which can allocate a string.
Calls operationInt52ToStringWithValidRadix(), which calls int52ToString(),
which can allocate a string.
Calls operationDoubleToStringWithValidRadix(), which calls numberToString(),
which can allocate a string.

RegExpExecNonGlobalOrSticky: calls createRegExpMatchesArray() which allocates

memory for all kinds of objects.

RegExpMatchFast: calls operationRegExpMatchFastString(), which calls

RegExpObject::execInline() and RegExpObject::matchGlobal(). Both of
these allocates memory for the match result.

RegExpMatchFastGlobal: calls operationRegExpMatchFastGlobalString(), which

calls RegExpObject's collectMatches(), which allocates an array amongst
other objects.

StringFromCharCode:

If the uint32 code to convert is greater than maxSingleCharacterString,
we'll call operationStringFromCharCode(), which calls jsSingleCharacterString(),
which allocates a new string if the code is greater than maxSingleCharacterString.

Also fix SpeculativeJIT::compileFromCharCode() and FTL's compileStringFromCharCode()
to use maxSingleCharacterString instead of a literal constant.

  • dfg/DFGDoesGC.cpp: (JSC::DFG::doesGC):
  • dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::compileFromCharCode):
  • ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::compileStringFromCharCode):
11:33 AM Changeset in webkit [241035] by mark.lam@apple.com
  • 3 edits in branches/safari-607-branch

Cherry-pick r240991. rdar://problem/47855123

2019-02-05 Mark Lam <mark.lam@apple.com>

Move DFG nodes that clobberize() says will write(Heap) to the doesGC() list that returns true.
https://bugs.webkit.org/show_bug.cgi?id=194298
<rdar://problem/47827555>

Reviewed by Saam Barati.

We do this for 3 reasons:

  1. It's clearer when reading doesGC()'s code that these nodes will return true.
  2. If things change in the future where clobberize() no longer reports these nodes as write(Heap), each node should be vetted first to make sure that it can never GC before being moved back to the doesGC() list that returns false.
  3. This reduces the list of nodes that we need to audit to make sure doesGC() is correct in its claims about the nodes' GCing possibility.

The list of nodes moved are:

ArrayPush
ArrayPop
Call
CallEval
CallForwardVarargs
CallVarargs
Construct
ConstructForwardVarargs
ConstructVarargs
DefineDataProperty
DefineAccessorProperty
DeleteById
DeleteByVal
DirectCall
DirectConstruct
DirectTailCallInlinedCaller
GetById
GetByIdDirect
GetByIdDirectFlush
GetByIdFlush
GetByIdWithThis
GetByValWithThis
GetDirectPname
GetDynamicVar
HasGenericProperty
HasOwnProperty
HasStructureProperty
InById
InByVal
InstanceOf
InstanceOfCustom
LoadVarargs
NumberToStringWithRadix
PutById
PutByIdDirect
PutByIdFlush
PutByIdWithThis
PutByOffset
PutByValWithThis
PutDynamicVar
PutGetterById
PutGetterByVal
PutGetterSetterById
PutSetterById
PutSetterByVal
PutStack
PutToArguments
RegExpExec
RegExpTest
ResolveScope
ResolveScopeForHoistingFuncDeclInEval
TailCall
TailCallForwardVarargsInlinedCaller
TailCallInlinedCaller
TailCallVarargsInlinedCaller
ToNumber
ToPrimitive
ValueNegate

  • dfg/DFGDoesGC.cpp: (JSC::DFG::doesGC):
11:32 AM Changeset in webkit [241034] by ddkilzer@apple.com
  • 2 edits in trunk/Tools

WTR::InjectedBundlePage::willSendRequestForFrame() leaks a WKDataRef
<https://webkit.org/b/194286>
<rdar://problem/47815558>

Reviewed by Alexey Proskuryakov.

  • WebKitTestRunner/InjectedBundle/InjectedBundlePage.cpp:

(WTR::InjectedBundlePage::willSendRequestForFrame): Use
WKRetainPtr<> to avoid leaking the WKDataRef.

11:23 AM Changeset in webkit [241033] by mark.lam@apple.com
  • 3 edits in branches/safari-607-branch

Cherry-pick r240917. rdar://problem/47810465

2019-02-03 Mark Lam <mark.lam@apple.com>

DFG's doesGC() is incorrect about the SameValue node's behavior.
https://bugs.webkit.org/show_bug.cgi?id=194211
<rdar://problem/47608913>

Reviewed by Saam Barati.

Only the DoubleRepUse case is guaranteed to not GC. The other case may GC because
it calls operationSameValue() which may allocate memory for resolving ropes.

  • dfg/DFGDoesGC.cpp: (JSC::DFG::doesGC):
11:09 AM Changeset in webkit [241032] by mark.lam@apple.com
  • 4 edits
    3 copies in branches/safari-607-branch

Cherry-pick r240616. rdar://problem/47774497

2019-01-28 Mark Lam <mark.lam@apple.com>

ToString node actually does GC.
https://bugs.webkit.org/show_bug.cgi?id=193920
<rdar://problem/46695900>

Reviewed by Yusuke Suzuki.

JSTests:

  • stress/dfg-to-string-on-int-does-gc.js: Added.
  • stress/dfg-to-string-on-string-object-does-not-gc.js: Added.
  • stress/dfg-to-string-on-string-or-string-object-does-not-gc.js: Added.

Source/JavaScriptCore:

Other than for StringObjectUse and StringOrStringObjectUse, ToString and
CallStringConstructor can allocate new JSStrings, and hence, can GC.

  • dfg/DFGDoesGC.cpp: (JSC::DFG::doesGC):
10:59 AM Changeset in webkit [241031] by ddkilzer@apple.com
  • 2 edits in trunk/LayoutTests

Revert part of r241015 that skipped all WebGL tests

tests.

10:39 AM Changeset in webkit [241030] by Kocsen Chung
  • 7 edits in tags/Safari-608.1.5.1/Source

Versioning.

10:37 AM Changeset in webkit [241029] by Kocsen Chung
  • 1 copy in tags/Safari-608.1.5.1

New tag.

10:35 AM EnvironmentVariables edited by Michael Catanzaro
(diff)
10:34 AM EnvironmentVariables edited by Michael Catanzaro
(diff)
10:24 AM Changeset in webkit [241028] by Jonathan Bedard
  • 3 edits in trunk/LayoutTests

[iPad] Initial test gardening (Part 2)
https://bugs.webkit.org/show_bug.cgi?id=193767
<rdar://problem/47515175>

Unreviewed test gardening.

  • fast/forms/ios/validation-bubble-dismiss-on-tap.html: Change tap location so test is compatible with iPads.
  • platform/ipad/TestExpectations: Associate iPad specific failures with bugs.
10:22 AM Changeset in webkit [241027] by commit-queue@webkit.org
  • 3 edits in trunk/Source/WebCore

[SVG] fix SVGURIReference build by including SVGElement
https://bugs.webkit.org/show_bug.cgi?id=194292

Patch by Olivier Blin <Olivier Blin> on 2019-02-06
Reviewed by Michael Catanzaro.

  • svg/SVGURIReference.h:

SVGURIReference is making use of SVGElement in its constructor, but
it was not declared.

The issue was not seen in unified builds because it was grouped with
other files including SVGElement.

9:58 AM Changeset in webkit [241026] by pvollan@apple.com
  • 2 edits in trunk/Source/WebKit

Roll out parts of r238819 since it is a PLT performance regression.
https://bugs.webkit.org/show_bug.cgi?id=194346

Unreviewed performance fix.

  • WebProcess/InjectedBundle/API/mac/WKWebProcessPlugInBrowserContextController.mm:

(didStartProvisionalLoadForFrame):
(didReceiveServerRedirectForProvisionalLoadForFrame):
(didFinishLoadForFrame):
(globalObjectIsAvailableForFrame):
(didRemoveFrameFromHierarchy):
(didCommitLoadForFrame):
(didFinishDocumentLoadForFrame):
(didFailProvisionalLoadWithErrorForFrame):
(didFailLoadWithErrorForFrame):
(didSameDocumentNavigationForFrame):
(didLayoutForFrame):
(didReachLayoutMilestone):
(didFirstVisuallyNonEmptyLayoutForFrame):
(didHandleOnloadEventsForFrame):
(userAgentForURL):
(setUpPageLoaderClient):
(willSendRequestForFrame):
(didInitiateLoadForResource):
(didFinishLoadForResource):
(didFailLoadForResource):
(setUpResourceLoadClient):
(-[WKWebProcessPlugInBrowserContextController setLoadDelegate:]):
(ResourceLoadClient::ResourceLoadClient): Deleted.
(ResourceLoadClient::loadDelegate const): Deleted.
(ResourceLoadClient::pluginContextController const): Deleted.
(PageLoaderClient::PageLoaderClient): Deleted.
(PageLoaderClient::loadDelegate const): Deleted.
(PageLoaderClient::pluginContextController const): Deleted.
(PageLoaderClient::didStartProvisionalLoadForFrame): Deleted.
(PageLoaderClient::didReceiveServerRedirectForProvisionalLoadForFrame): Deleted.
(PageLoaderClient::didFinishLoadForFrame): Deleted.
(PageLoaderClient::globalObjectIsAvailableForFrame): Deleted.
(PageLoaderClient::didRemoveFrameFromHierarchy): Deleted.
(PageLoaderClient::didCommitLoadForFrame): Deleted.
(PageLoaderClient::didFinishDocumentLoadForFrame): Deleted.
(PageLoaderClient::didFailProvisionalLoadWithErrorForFrame): Deleted.
(PageLoaderClient::didFailLoadWithErrorForFrame): Deleted.
(PageLoaderClient::didSameDocumentNavigationForFrame): Deleted.
(PageLoaderClient::didLayoutForFrame): Deleted.
(PageLoaderClient::didReachLayoutMilestone): Deleted.
(PageLoaderClient::didFirstVisuallyNonEmptyLayoutForFrame): Deleted.
(PageLoaderClient::layoutMilestones const): Deleted.
(PageLoaderClient::didHandleOnloadEventsForFrame): Deleted.
(PageLoaderClient::userAgentForURL const): Deleted.
(ResourceLoadClient::willSendRequestForFrame): Deleted.
(ResourceLoadClient::didInitiateLoadForResource): Deleted.
(ResourceLoadClient::didFinishLoadForResource): Deleted.
(ResourceLoadClient::didFailLoadForResource): Deleted.

9:57 AM Changeset in webkit [241025] by Ryan Haddad
  • 5 edits in trunk/LayoutTests

Unreviewed test gardening, rebaseline some tests for iOS after r240713.

  • fast/events/touch/ios/block-without-overflow-scroll-and-passive-observer-on-block-scrolling-state-expected.txt:
  • fast/events/touch/ios/block-without-overflow-scroll-and-passive-observer-on-document-scrolling-state-expected.txt:
  • fast/events/touch/ios/block-without-overflow-scroll-scrolling-state-expected.txt:
  • fast/events/touch/ios/tap-with-active-touch-end-listener-expected.txt:
9:32 AM Changeset in webkit [241024] by Michael Catanzaro
  • 2 edits in trunk/Tools

Unreviewed, fix a typo

  • TestWebKitAPI/Tests/WebKitGLib/TestCookieManager.cpp:
9:04 AM Changeset in webkit [241023] by Alan Bujtas
  • 6 edits
    1 add
    1 delete in trunk/Source/WebCore

[LFC][IFC] Move line layout code to a dedicated file
https://bugs.webkit.org/show_bug.cgi?id=194328

Reviewed by Antti Koivisto.

  • Sources.txt:
  • WebCore.xcodeproj/project.pbxproj:
  • layout/inlineformatting/InlineFormattingContext.cpp:

(WebCore::Layout::InlineFormattingContext::layout const):
(WebCore::Layout::isTrimmableContent): Deleted.
(WebCore::Layout::InlineFormattingContext::initializeNewLine const): Deleted.
(WebCore::Layout::InlineFormattingContext::splitInlineRunIfNeeded const): Deleted.
(WebCore::Layout::InlineFormattingContext::createFinalRuns const): Deleted.
(WebCore::Layout::InlineFormattingContext::postProcessInlineRuns const): Deleted.
(WebCore::Layout::InlineFormattingContext::closeLine const): Deleted.
(WebCore::Layout::InlineFormattingContext::appendContentToLine const): Deleted.
(WebCore::Layout::InlineFormattingContext::layoutInlineContent const): Deleted.
(WebCore::Layout::InlineFormattingContext::computeFloatPosition const): Deleted.
(WebCore::Layout::InlineFormattingContext::placeInFlowPositionedChildren const): Deleted.

  • layout/inlineformatting/InlineFormattingContext.h:

(WebCore::Layout::InlineFormattingContext::LineLayout::Line::hasContent const):
(WebCore::Layout::InlineFormattingContext::LineLayout::Line::isClosed const):
(WebCore::Layout::InlineFormattingContext::LineLayout::Line::isFirstLine const):
(WebCore::Layout::InlineFormattingContext::LineLayout::Line::runs):
(WebCore::Layout::InlineFormattingContext::LineLayout::Line::contentLogicalLeft const):
(WebCore::Layout::InlineFormattingContext::LineLayout::Line::availableWidth const):
(WebCore::Layout::InlineFormattingContext::LineLayout::Line::lastRunType const):
(WebCore::Layout::InlineFormattingContext::LineLayout::Line::logicalTop const):
(WebCore::Layout::InlineFormattingContext::LineLayout::Line::logicalBottom const):
(WebCore::Layout::InlineFormattingContext::LineLayout::Line::logicalHeight const):
(WebCore::Layout::InlineFormattingContext::Line::hasContent const): Deleted.
(WebCore::Layout::InlineFormattingContext::Line::isClosed const): Deleted.
(WebCore::Layout::InlineFormattingContext::Line::isFirstLine const): Deleted.
(WebCore::Layout::InlineFormattingContext::Line::runs): Deleted.
(WebCore::Layout::InlineFormattingContext::Line::contentLogicalLeft const): Deleted.
(WebCore::Layout::InlineFormattingContext::Line::availableWidth const): Deleted.
(WebCore::Layout::InlineFormattingContext::Line::lastRunType const): Deleted.
(WebCore::Layout::InlineFormattingContext::Line::logicalTop const): Deleted.
(WebCore::Layout::InlineFormattingContext::Line::logicalBottom const): Deleted.
(WebCore::Layout::InlineFormattingContext::Line::logicalHeight const): Deleted.

  • layout/inlineformatting/InlineFormattingContextGeometry.cpp:

(WebCore::Layout::adjustedLineLogicalLeft): Deleted.
(WebCore::Layout::InlineFormattingContext::Geometry::justifyRuns): Deleted.
(WebCore::Layout::InlineFormattingContext::Geometry::computeExpansionOpportunities): Deleted.
(WebCore::Layout::InlineFormattingContext::Geometry::alignRuns): Deleted.
(WebCore::Layout::InlineFormattingContext::Geometry::runWidth): Deleted.

  • layout/inlineformatting/Line.cpp:

(WebCore::Layout::InlineFormattingContext::LineLayout::Line::init):
(WebCore::Layout::InlineFormattingContext::LineLayout::Line::adjustLogicalLeft):
(WebCore::Layout::InlineFormattingContext::LineLayout::Line::adjustLogicalRight):
(WebCore::Layout::InlineFormattingContext::LineLayout::Line::contentLogicalRight const):
(WebCore::Layout::InlineFormattingContext::LineLayout::Line::appendContent):
(WebCore::Layout::InlineFormattingContext::LineLayout::Line::close):
(WebCore::Layout::InlineFormattingContext::Line::init): Deleted.
(WebCore::Layout::InlineFormattingContext::Line::adjustLogicalLeft): Deleted.
(WebCore::Layout::InlineFormattingContext::Line::adjustLogicalRight): Deleted.
(WebCore::Layout::InlineFormattingContext::Line::contentLogicalRight const): Deleted.
(WebCore::Layout::InlineFormattingContext::Line::appendContent): Deleted.
(WebCore::Layout::InlineFormattingContext::Line::close): Deleted.

8:59 AM Changeset in webkit [241022] by youenn@apple.com
  • 3 edits in trunk/Source/WebCore

CoreAudioCaptureSource should not configure its audio unit until it starts producing data
https://bugs.webkit.org/show_bug.cgi?id=194310

Reviewed by Eric Carlson.

Delay the configuration of the audio unit until the source is instructed to start producing data.
This allows the UIProcess to not start changing the audio unit when
checking for constraints during getUserMedia call before the prompt.
Covered by manual testing.

  • platform/mediastream/mac/CoreAudioCaptureSource.cpp:

(WebCore::CoreAudioCaptureSource::CoreAudioCaptureSource):
(WebCore::CoreAudioCaptureSource::initializeToStartProducingData):
(WebCore::CoreAudioCaptureSource::startProducingData):

  • platform/mediastream/mac/CoreAudioCaptureSource.h:
8:58 AM Changeset in webkit [241021] by youenn@apple.com
  • 2 edits in trunk/Source/WebCore

Disable audio ducking at Audio Unit setup time
https://bugs.webkit.org/show_bug.cgi?id=194303

Reviewed by Eric Carlson.

When creating a CoreAudioCaptureSource, the audio unit might be
reconfigured if a past audio capture was done.
This might trigger audio ducking which is undone in startInternal.
In some cases, startInternal will never call start.
In that case, the audio unit will continue ducking the other processing.
To ensure ducking is disabled, unduck in setupAudioUnit as well as startInternal.

In addition to that, once a shared unit is created, it stays alive until the UIProcess exits.
This might affect all applications.
Instead, whenever the shared unit is stopped, clean it so as to restore the state as if no capture ever happened.
This has noticeable effects in the quality of audio being played on bluetooth devices.

Covered by manual tests.

  • platform/mediastream/mac/CoreAudioCaptureSource.cpp:

(WebCore::CoreAudioSharedUnit::setupAudioUnit):
(WebCore::CoreAudioSharedUnit::unduck):
(WebCore::CoreAudioSharedUnit::startInternal):
(WebCore::CoreAudioSharedUnit::captureFailed):
(WebCore::CoreAudioSharedUnit::stopProducingData):

8:30 AM Changeset in webkit [241020] by Kocsen Chung
  • 7 edits in trunk/Source

Versioning.

7:59 AM Changeset in webkit [241019] by Kocsen Chung
  • 7 edits in trunk/Source

Versioning.

7:44 AM Changeset in webkit [241018] by Antti Koivisto
  • 3 edits
    3 adds in trunk

RELEASE_ASSERT(!m_document.isResolvingTreeStyle()) in com.apple.WebKit.WebContent at WebCore: WebCore::StyleResolver::~StyleResolver
https://bugs.webkit.org/show_bug.cgi?id=194333
<rdar://problem/47822929>

Reviewed by Zalan Bujtas.

Source/WebCore:

Content extensions may mutate the extension stylesheet in the middle of a style resolution as a result of
the legacy animation code triggering a resource load.

Test: http/tests/contentextensions/css-display-none-keyframe.html

  • style/StyleScope.cpp:

(WebCore::Style::Scope::scheduleUpdate):

Avoid clearing the style resolver if we are in the middle of a style resolution.
A better fix that avoid doing this in the first place is tracked by https://bugs.webkit.org/show_bug.cgi?id=194335.

LayoutTests:

  • http/tests/contentextensions/css-display-none-keyframe-expected.txt: Added.
  • http/tests/contentextensions/css-display-none-keyframe.html: Added.
  • http/tests/contentextensions/css-display-none-keyframe.html.json: Added.
7:40 AM Changeset in webkit [241017] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebCore

Build failure after r240315
https://bugs.webkit.org/show_bug.cgi?id=194341

Patch by Pablo Saavedra <Pablo Saavedra> on 2019-02-06
Reviewed by Wenson Hsieh.

  • bindings/js/JSUndoItemCustom.cpp:

(WebCore::JSUndoItemOwner::isReachableFromOpaqueRoots):

5:47 AM Changeset in webkit [241016] by commit-queue@webkit.org
  • 2 edits in trunk/Tools

[GTK][WPE] force libpsl build to use ICU in jhbuild
https://bugs.webkit.org/show_bug.cgi?id=194288

Patch by Olivier Blin <Olivier Blin> on 2019-02-06
Reviewed by Carlos Garcia Campos.

  • gtk/jhbuild.modules:

Require ICU for libpsl build in jhbuild, like done in WPE.

1:42 AM Changeset in webkit [241015] by rniwa@webkit.org
  • 4 edits
    2 adds in trunk

REGRESSION (r240909): Release assert in FrameLoader::loadURL when navigating with a non-existent target name
https://bugs.webkit.org/show_bug.cgi?id=194329

Reviewed by Geoffrey Garen.

Source/WebCore:

The bug was caused by the code path for when navigating with a specific target frame name that does not exist
never setting the load type of PolicyChecker. As a result, we would use whatever load type used in the previous
navigation, resulting in this release assertion.

Updating the load type here should in theory fix the underlying bug r240909 was meant to catch & fix.

Test: fast/loader/navigate-with-new-target-after-back-forward-navigation.html

  • loader/FrameLoader.cpp:

(WebCore::FrameLoader::loadURL):

LayoutTests:

Added a regression test.

  • fast/loader/navigate-with-new-target-after-back-forward-navigation-expected.txt: Added.
  • fast/loader/navigate-with-new-target-after-back-forward-navigation.html: Added.
1:35 AM Changeset in webkit [241014] by commit-queue@webkit.org
  • 2 edits in trunk/Source/JavaScriptCore

Build failure after r240431
https://bugs.webkit.org/show_bug.cgi?id=194330

Patch by Pablo Saavedra <Pablo Saavedra> on 2019-02-06
Reviewed by Žan Doberšek.

  • API/glib/JSCOptions.cpp:
12:05 AM Changeset in webkit [241013] by Michael Catanzaro
  • 4 edits in trunk

REGRESSION(r240785): [SOUP] Broke cookie persistent storage
https://bugs.webkit.org/show_bug.cgi?id=194209

Reviewed by Carlos Garcia Campos.

Source/WebKit:

I missed a spot when moving the persistent storage parameters from NetworkProcess to
NetworkSession. They have to be initialized separately for the default session.

  • UIProcess/soup/WebProcessPoolSoup.cpp:

(WebKit::WebProcessPool::platformInitializeNetworkProcess):

Tools:

Enhance TestCookieManager to ensure this doesn't happen again.

  • TestWebKitAPI/Tests/WebKitGLib/TestCookieManager.cpp:

(testCookieManagerPersistentStorage):
(beforeAll):

Feb 5, 2019:

11:54 PM Changeset in webkit [241012] by Claudio Saavedra
  • 2 edits in trunk/Source/WebCore

[FreeType] Build fix for Debian stable

Unreviewed build fix.

Debian stable currently has a version of fontconfig that doesn't
yet have FC_COLOR. #ifdef its use to fix the build.

  • platform/graphics/freetype/FontCacheFreeType.cpp:

(WebCore::FontCache::systemFallbackForCharacters):

10:54 PM Changeset in webkit [241011] by Nikita Vasilyev
  • 6 edits in trunk

Web Inspector: Styles: PropertiesChanged shouldn't fire when old and new text are both empty
https://bugs.webkit.org/show_bug.cgi?id=194318

Reviewed by Devin Rousso.

Source/WebInspectorUI:

Previously, WI.CSSStyleDeclaration.Event.PropertiesChanged fired when
old text and new text were empty strings.

  • UserInterface/Models/CSSStyleDeclaration.js:

LayoutTests:

Fix the flaky test on Debug.

  • inspector/css/modify-css-property-race-expected.txt:
  • inspector/css/modify-css-property-race.html:
9:52 PM Changeset in webkit [241010] by Megan Gardner
  • 5 edits
    1 move
    1 add
    3 deletes in trunk/LayoutTests

[iOS] Layout tests editing/pasteboard/smart-paste-007.html and editing/pasteboard/smart-paste-008.html are failing
https://bugs.webkit.org/show_bug.cgi?id=194275

Reviewed by Ryosuke Niwa.

Smart paste tests 7 and 8 were outputting more information that was needed
to verify correct functionality. Also cleaned up test 8 to be more similar to
the other smart copy paste tests.

  • editing/pasteboard/smart-paste-007.html:
  • editing/pasteboard/smart-paste-008.html:
  • platform/ios-wk1/editing/pasteboard/smart-paste-007-expected.txt: Removed.
  • platform/ios-wk1/editing/pasteboard/smart-paste-008-expected.txt: Removed.
  • platform/ios-wk2/editing/pasteboard/smart-paste-008-expected.txt: Removed.
  • platform/ios/editing/pasteboard/smart-paste-007-expected.txt: Renamed from LayoutTests/platform/ios-wk2/editing/pasteboard/smart-paste-007-expected.txt.
  • platform/ios/editing/pasteboard/smart-paste-008-expected.txt: Added.
  • platform/mac/editing/pasteboard/smart-paste-007-expected.txt:
  • platform/mac/editing/pasteboard/smart-paste-008-expected.txt:
8:26 PM Changeset in webkit [241009] by wenson_hsieh@apple.com
  • 5 edits in trunk

Rename TestOptions.ignoreSynchronousMessagingTimeoutsForTesting
https://bugs.webkit.org/show_bug.cgi?id=194324

Reviewed by Andy Estes.

Tools:

Rename ignoreSynchronousMessagingTimeoutsForTesting to just ignoreSynchronousMessagingTimeouts. The -ForTesting
part of the name is already implicit, since this is in testing code in TestOptions.

  • WebKitTestRunner/TestController.cpp:

(WTR::TestController::generateContextConfiguration const):
(WTR::updateTestOptionsFromTestHeader):

  • WebKitTestRunner/TestOptions.h:

(WTR::TestOptions::hasSameInitializationOptions const):

LayoutTests:

  • fast/events/touch/ios/show-modal-alert-during-touch-start.html:
6:10 PM Changeset in webkit [241008] by commit-queue@webkit.org
  • 28 edits in trunk/Source

Stop using blobRegistry in NetworkProcess
https://bugs.webkit.org/show_bug.cgi?id=194027

Patch by Alex Christensen <achristensen@webkit.org> on 2019-02-05
Reviewed by Youenn Fablet.

Source/WebCore:

Also stop using NetworkBlobRegistry::singleton.
Instead, have the NetworkProcess own a NetworkBlobRegistry which owns a BlobRegistryImpl.
We now have to resolve all blob file references while we still have a
NetworkConnectionToWebProcess/NetworkProcess/NetworkBlobRegistry/BlobRegistryImpl instead of
using the singleton after we have passed everything to the loading code, but it works the same
as it did before. We must consume the sandbox extension from the BlobRegistryImpl before using
the resolved files, so I pass around a Vector<RefPtr<WebCore::BlobDataFileReference>> so we know
which extensions to revoke.

  • platform/network/BlobRegistryImpl.h:
  • platform/network/FormData.cpp:

(WebCore::appendBlobResolved):
(WebCore::FormData::resolveBlobReferences):

  • platform/network/FormData.h:
  • platform/network/cf/FormDataStreamCFNet.cpp:

(WebCore::createHTTPBodyCFReadStream):

  • platform/network/curl/CurlFormDataStream.cpp:

(WebCore::CurlFormDataStream::CurlFormDataStream):

Source/WebKit:

  • NetworkProcess/Downloads/DownloadManager.cpp:

(WebKit::DownloadManager::startDownload):

  • NetworkProcess/Downloads/PendingDownload.cpp:

(WebKit::PendingDownload::PendingDownload):

  • NetworkProcess/Downloads/PendingDownload.h:
  • NetworkProcess/FileAPI/NetworkBlobRegistry.cpp:

(WebKit::NetworkBlobRegistry::registerFileBlobURL):
(WebKit::NetworkBlobRegistry::registerBlobURL):
(WebKit::NetworkBlobRegistry::registerBlobURLOptionallyFileBacked):
(WebKit::NetworkBlobRegistry::registerBlobURLForSlice):
(WebKit::NetworkBlobRegistry::unregisterBlobURL):
(WebKit::NetworkBlobRegistry::blobSize):
(WebKit::NetworkBlobRegistry::writeBlobsToTemporaryFiles):
(WebKit::NetworkBlobRegistry::writeBlobToFilePath):
(WebKit::NetworkBlobRegistry::connectionToWebProcessDidClose):
(WebKit::NetworkBlobRegistry::filesInBlob):
(WebKit::NetworkBlobRegistry::singleton): Deleted.

  • NetworkProcess/FileAPI/NetworkBlobRegistry.h:

(WebKit::NetworkBlobRegistry::blobRegistry):

  • NetworkProcess/NetworkConnectionToWebProcess.cpp:

(WebKit::NetworkConnectionToWebProcess::didClose):
(WebKit::NetworkConnectionToWebProcess::resolveBlobReferences):
(WebKit::NetworkConnectionToWebProcess::scheduleResourceLoad):
(WebKit::NetworkConnectionToWebProcess::performSynchronousLoad):
(WebKit::NetworkConnectionToWebProcess::loadPing):
(WebKit::NetworkConnectionToWebProcess::preconnectTo):
(WebKit::NetworkConnectionToWebProcess::registerFileBlobURL):
(WebKit::NetworkConnectionToWebProcess::registerBlobURL):
(WebKit::NetworkConnectionToWebProcess::registerBlobURLFromURL):
(WebKit::NetworkConnectionToWebProcess::registerBlobURLOptionallyFileBacked):
(WebKit::NetworkConnectionToWebProcess::registerBlobURLForSlice):
(WebKit::NetworkConnectionToWebProcess::unregisterBlobURL):
(WebKit::NetworkConnectionToWebProcess::blobSize):
(WebKit::NetworkConnectionToWebProcess::writeBlobsToTemporaryFiles):
(WebKit::NetworkConnectionToWebProcess::filesInBlob):
(WebKit::NetworkConnectionToWebProcess::blobRegistry):

  • NetworkProcess/NetworkConnectionToWebProcess.h:
  • NetworkProcess/NetworkDataTask.cpp:

(WebKit::NetworkDataTask::create):

  • NetworkProcess/NetworkDataTaskBlob.cpp:

(WebKit::NetworkDataTaskBlob::NetworkDataTaskBlob):

  • NetworkProcess/NetworkDataTaskBlob.h:
  • NetworkProcess/NetworkLoad.cpp:

(WebKit::NetworkLoad::NetworkLoad):
(WebKit::NetworkLoad::initialize):

  • NetworkProcess/NetworkLoad.h:
  • NetworkProcess/NetworkProcess.cpp:

(WebKit::NetworkProcess::NetworkProcess):
(WebKit::NetworkProcess::removeNetworkConnectionToWebProcess):

  • NetworkProcess/NetworkProcess.h:

(WebKit::NetworkProcess::networkBlobRegistry):

  • NetworkProcess/NetworkProcessPlatformStrategies.cpp:

(WebKit::NetworkProcessPlatformStrategies::createBlobRegistry):

  • NetworkProcess/NetworkResourceLoader.cpp:

(WebKit::m_shouldCaptureExtraNetworkLoadMetrics):
(WebKit::NetworkResourceLoader::startNetworkLoad):

  • NetworkProcess/PreconnectTask.cpp:
  • NetworkProcess/cache/NetworkCacheSpeculativeLoad.cpp:

(WebKit::NetworkCache::SpeculativeLoad::SpeculativeLoad):

5:44 PM Changeset in webkit [241007] by dbates@webkit.org
  • 2 edits in trunk/Source/WebKit

Fix a typo in r241006. Substitute Modifier for Modifiers.

  • Shared/mac/NativeWebGestureEventMac.mm:

(WebKit::NativeWebGestureEvent::NativeWebGestureEvent):

5:42 PM Changeset in webkit [241006] by dbates@webkit.org
  • 3 edits in trunk/Source/WebKit

Attempt to fix the build following r241000
(https://bugs.webkit.org/show_bug.cgi?id=194241)

Substitute OptionSet<WebEvent::Modifier> for Modifiers.

  • Shared/mac/NativeWebGestureEventMac.mm:

(WebKit::NativeWebGestureEvent::NativeWebGestureEvent):

  • Shared/mac/WebGestureEvent.h:

(WebKit::WebGestureEvent::WebGestureEvent):

5:02 PM Changeset in webkit [241005] by Truitt Savell
  • 27 edits in trunk/Source

Unreviewed, rolling out r240984.

Revision casued two API timeouts

Reverted changeset:

"Stop using blobRegistry in NetworkProcess"
https://bugs.webkit.org/show_bug.cgi?id=194027
https://trac.webkit.org/changeset/240984

5:01 PM Changeset in webkit [241004] by Devin Rousso
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: Lots of time spent updating related resources in ResourceDetailsSidebar when loading a page with lots of resources
https://bugs.webkit.org/show_bug.cgi?id=159577
<rdar://problem/27251461>

Reviewed by Joseph Pecoraro.

  • UserInterface/Views/ResourceDetailsSidebarPanel.js:

(WI.ResourceDetailsSidebarPanel.prototype._refreshRelatedResourcesSection):
(WI.ResourceDetailsSidebarPanel.prototype._applyResourceEventListeners):

4:55 PM Changeset in webkit [241003] by Matt Baker
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: Elements tab: selection is broken after deleting the selected node
https://bugs.webkit.org/show_bug.cgi?id=194300
<rdar://problem/47829275>

Reviewed by Devin Rousso.

Deleting a TreeElement can cause an IndexSet including indexes
outside the deleted range to be passed to SelectionController,
corrupting the internal selection state.

  • UserInterface/Views/TreeOutline.js:

(WI.TreeOutline.prototype._indexesForSubtree.numberOfElementsInSubtree): Added.
(WI.TreeOutline.prototype._indexesForSubtree):
Finding the last (rightmost leaf) TreeElement in the subtree used
TreeElement.prototype.traverseNextElement to do a depth first traversal.
This method did not stay within the subtree rooted at treeElement.

4:49 PM Changeset in webkit [241002] by youenn@apple.com
  • 2 edits in trunk/Source/WebKit

UserMediaPermissionRequestManagerProxy lambdas should check for 'this' being valid
https://bugs.webkit.org/show_bug.cgi?id=194246

Reviewed by Eric Carlson.

With PSON enabled, the manager proxy can be destroyed.
It is thus important for its callbacks to check for 'this' to be valid.

  • UIProcess/UserMediaPermissionRequestManagerProxy.cpp:

(WebKit::UserMediaPermissionRequestManagerProxy::captureDevicesChanged):
(WebKit::UserMediaPermissionRequestManagerProxy::requestUserMediaPermissionForFrame):
(WebKit::UserMediaPermissionRequestManagerProxy::enumerateMediaDevicesForFrame):

4:39 PM Changeset in webkit [241001] by dbates@webkit.org
  • 8 edits in trunk/Source/WebKit

Attempt to fix the build following r241000
(https://bugs.webkit.org/show_bug.cgi?id=194241)

Substitute WebEvent::Modifier::CapsLockKey for WebEvent::CapsLockKey.

  • Shared/gtk/WebEventFactory.cpp:

(WebKit::modifiersForEvent):

  • Shared/mac/WebEventFactory.mm:

(WebKit::modifiersForEvent):

  • UIProcess/API/Cocoa/WKNavigationAction.mm:

(toNSEventModifierFlags):

  • UIProcess/Automation/WebAutomationSession.cpp:

(WebKit::protocolModifierToWebEventModifier):

  • UIProcess/Automation/gtk/WebAutomationSessionGtk.cpp:

(WebKit::modifiersToEventState):

  • UIProcess/Automation/mac/WebAutomationSessionMac.mm:

(WebKit::WebAutomationSession::platformSimulateMouseInteraction):

  • UIProcess/Cocoa/UIDelegate.mm:

(WebKit::toNSEventModifierFlags):

4:21 PM Changeset in webkit [241000] by dbates@webkit.org
  • 43 edits in trunk/Source/WebKit

Make WebEvent::Modifiers an OptionSet
https://bugs.webkit.org/show_bug.cgi?id=194241

Reviewed by Simon Fraser.

Use an OptionSet to represent the bitmask of keyboard modifier flags. This improves type safety
and makes debugging more enjoyable because our LLDB pretty-printers have built-in support for
OptionSet.

While I am at it, make WebEvent::Modifier an enum class. It is currently an enum. This makes
this enum more closely match WebCore::PlatformEvent::Modifier.

  • Shared/API/c/WKSharedAPICast.h:

(WebKit::toAPI):

  • Shared/NavigationActionData.cpp:

(WebKit::NavigationActionData::encode const):
(WebKit::NavigationActionData::decode):

  • Shared/NavigationActionData.h:
  • Shared/WebEvent.cpp:

(WebKit::WebEvent::WebEvent):

  • Shared/WebEvent.h:

(WebKit::WebEvent::shiftKey const):
(WebKit::WebEvent::controlKey const):
(WebKit::WebEvent::altKey const):
(WebKit::WebEvent::metaKey const):
(WebKit::WebEvent::capsLockKey const):
(WebKit::WebEvent::modifiers const):
(WebKit::WebTouchEvent::WebTouchEvent):

  • Shared/WebEventConversion.cpp:

(WebKit::WebKit2PlatformMouseEvent::WebKit2PlatformMouseEvent):

  • Shared/WebKeyboardEvent.cpp:

(WebKit::WebKeyboardEvent::WebKeyboardEvent):

  • Shared/WebMouseEvent.cpp:

(WebKit::WebMouseEvent::WebMouseEvent):

  • Shared/WebTouchEvent.cpp:

(WebKit::WebTouchEvent::WebTouchEvent):

  • Shared/WebWheelEvent.cpp:

(WebKit::WebWheelEvent::WebWheelEvent):

  • Shared/gtk/WebEventFactory.cpp:

(WebKit::modifiersForEvent):

  • Shared/ios/NativeWebTouchEventIOS.mm:

(WebKit::NativeWebTouchEvent::NativeWebTouchEvent):

  • Shared/ios/WebIOSEventFactory.mm:

(modifiersForEvent):
(WebIOSEventFactory::createWebKeyboardEvent):
(WebIOSEventFactory::createWebMouseEvent):

  • Shared/libwpe/WebEventFactory.cpp:

(WebKit::modifiersForEventModifiers):
(WebKit::WebEventFactory::createWebWheelEvent):
(WebKit::WebEventFactory::createWebTouchEvent):

  • Shared/mac/WebEventFactory.mm:

(WebKit::modifiersForEvent):
(WebKit::WebEventFactory::createWebMouseEvent):
(WebKit::WebEventFactory::createWebWheelEvent):
(WebKit::WebEventFactory::createWebKeyboardEvent):

  • Shared/win/WebEventFactory.cpp:

(WebKit::modifiersForEvent):
(WebKit::modifiersForCurrentKeyState):
(WebKit::WebEventFactory::createWebMouseEvent):
(WebKit::WebEventFactory::createWebWheelEvent):
(WebKit::WebEventFactory::createWebKeyboardEvent):

  • UIProcess/API/APINavigationAction.h:
  • UIProcess/API/APIUIClient.h:

(API::UIClient::mouseDidMoveOverElement):

  • UIProcess/API/C/WKPage.cpp:

(WKPageSetPageUIClient):

  • UIProcess/API/Cocoa/WKNavigationAction.mm:

(toNSEventModifierFlags):

  • UIProcess/API/glib/WebKitPrivate.cpp:

(toPlatformModifiers):

  • UIProcess/API/glib/WebKitPrivate.h:
  • UIProcess/API/glib/WebKitUIClient.cpp:
  • UIProcess/API/glib/WebKitWebView.cpp:

(webkitWebViewMouseTargetChanged):

  • UIProcess/API/glib/WebKitWebViewPrivate.h:
  • UIProcess/Automation/WebAutomationSession.cpp:

(WebKit::WebAutomationSession::simulateMouseInteraction):
(WebKit::protocolModifierToWebEventModifier):
(WebKit::WebAutomationSession::performMouseInteraction):

  • UIProcess/Automation/WebAutomationSession.h:
  • UIProcess/Automation/gtk/WebAutomationSessionGtk.cpp:

(WebKit::modifiersToEventState):
(WebKit::WebAutomationSession::platformSimulateMouseInteraction):

  • UIProcess/Automation/mac/WebAutomationSessionMac.mm:

(WebKit::WebAutomationSession::platformSimulateMouseInteraction):

  • UIProcess/Automation/wpe/WebAutomationSessionWPE.cpp:

(WebKit::modifiersToEventState):
(WebKit::WebAutomationSession::platformSimulateMouseInteraction):

  • UIProcess/Cocoa/UIDelegate.h:
  • UIProcess/Cocoa/UIDelegate.mm:

(WebKit::toNSEventModifierFlags):
(WebKit::UIDelegate::UIClient::mouseDidMoveOverElement):

  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::mouseDidMoveOverElement):

  • WebProcess/InjectedBundle/API/APIInjectedBundlePageUIClient.h:

(API::InjectedBundle::PageUIClient::mouseDidMoveOverElement):

  • WebProcess/InjectedBundle/InjectedBundleNavigationAction.cpp:

(WebKit::InjectedBundleNavigationAction::modifiersForNavigationAction):

  • WebProcess/InjectedBundle/InjectedBundleNavigationAction.h:

(WebKit::InjectedBundleNavigationAction::modifiers const):

  • WebProcess/InjectedBundle/InjectedBundlePageUIClient.cpp:

(WebKit::InjectedBundlePageUIClient::mouseDidMoveOverElement):

  • WebProcess/InjectedBundle/InjectedBundlePageUIClient.h:
  • WebProcess/Plugins/PDF/PDFPlugin.mm:

(WebKit::PDFPlugin::showContextMenuAtPoint):

  • WebProcess/Plugins/PluginView.cpp:

(WebKit::PluginView::createWebEvent const):

  • WebProcess/WebCoreSupport/WebChromeClient.cpp:

(WebKit::WebChromeClient::mouseDidMoveOverElement):

  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::simulateMouseDown):
(WebKit::WebPage::simulateMouseUp):
(WebKit::WebPage::simulateMouseMotion):

3:43 PM Changeset in webkit [240999] by aakash_jain@apple.com
  • 2 edits in trunk/Tools

[ews-build] Allow * as platform for builders and workers
https://bugs.webkit.org/show_bug.cgi?id=188533

Reviewed by Lucas Forschler.

  • BuildSlaveSupport/ews-build/loadConfig.py:

(checkWorkersAndBuildersForConsistency):

3:34 PM Changeset in webkit [240998] by mark.lam@apple.com
  • 4 edits in trunk/Source/JavaScriptCore

Fix DFG's doesGC() for a few more nodes.
https://bugs.webkit.org/show_bug.cgi?id=194307
<rdar://problem/47832956>

Reviewed by Yusuke Suzuki.

Fix doesGC() for the following nodes:

NumberToStringWithValidRadixConstant:

Calls operationInt32ToStringWithValidRadix(), which calls int32ToString(),
which can allocate a string.
Calls operationInt52ToStringWithValidRadix(), which calls int52ToString(),
which can allocate a string.
Calls operationDoubleToStringWithValidRadix(), which calls numberToString(),
which can allocate a string.

RegExpExecNonGlobalOrSticky: calls createRegExpMatchesArray() which allocates

memory for all kinds of objects.

RegExpMatchFast: calls operationRegExpMatchFastString(), which calls

RegExpObject::execInline() and RegExpObject::matchGlobal(). Both of
these allocates memory for the match result.

RegExpMatchFastGlobal: calls operationRegExpMatchFastGlobalString(), which

calls RegExpObject's collectMatches(), which allocates an array amongst
other objects.

StringFromCharCode:

If the uint32 code to convert is greater than maxSingleCharacterString,
we'll call operationStringFromCharCode(), which calls jsSingleCharacterString(),
which allocates a new string if the code is greater than maxSingleCharacterString.

Also fix SpeculativeJIT::compileFromCharCode() and FTL's compileStringFromCharCode()
to use maxSingleCharacterString instead of a literal constant.

  • dfg/DFGDoesGC.cpp:

(JSC::DFG::doesGC):

  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compileFromCharCode):

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileStringFromCharCode):

3:33 PM Changeset in webkit [240997] by Matt Baker
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: REGRESSION (r240947): Resources tab: can't select main frame after refreshing page
https://bugs.webkit.org/show_bug.cgi?id=194254
<rdar://problem/47805023>

Reviewed by Devin Rousso.

  • UserInterface/Views/TreeOutline.js:

(WI.TreeOutline.prototype.selectionControllerSelectionDidChange):
TreeOutline should always call the TreeElement select and deselect
methods while processing selection changes. Having notifications
suppressed by this._suppressNextSelectionDidChangeEvent should only
affect the dispatching of TreeOutline events.

3:17 PM Changeset in webkit [240996] by aakash_jain@apple.com
  • 2 edits in trunk/Tools

[ews-build] Add few bots to config.json
https://bugs.webkit.org/show_bug.cgi?id=194304

Reviewed by Lucas Forschler.

  • BuildSlaveSupport/ews-build/config.json:
3:01 PM Changeset in webkit [240995] by timothy_horton@apple.com
  • 2 edits in trunk/Source/WebKit

Reproducible crash under WKShareSheet presentWithParameters when cancelling a share
https://bugs.webkit.org/show_bug.cgi?id=194301
<rdar://problem/47719379>

Reviewed by Beth Dakin.

  • UIProcess/Cocoa/WKShareSheet.mm:

(-[WKShareSheet presentWithParameters:completionHandler:]):
NSSharingServicePicker's delegate callbacks can be called synchronously.
We release the WKShareSheet (which holds our reference to the NSSharingServicePicker)
under sharingServicePicker:didChooseSharingService:. On older versions of macOS,
there was nothing keeping the NSSharingServicePicker alive inside
showRelativeToRect:ofView:preferredEdge:, thus the whole chain of references would
fall and result in sending a message to a released NSSharingServicePicker.
To resolve this, keep an extra reference to the WKShareSheet until
presentation is complete.

2:58 PM Changeset in webkit [240994] by Keith Rollin
  • 10 edits
    3 deletes in trunk

Enable the automatic checking and regenerations of .xcfilelists during builds
https://bugs.webkit.org/show_bug.cgi?id=194124
<rdar://problem/47721277>

Reviewed by Tim Horton.

Bug 193790 add a facility for checking -- during build time -- that
any needed .xcfilelist files are up-to-date and for updating them if
they are not. This facility was initially opt-in by setting
WK_ENABLE_CHECK_XCFILELISTS until other pieces were in place and until
the process seemed robust. Its now time to enable this facility and
make it opt-out. If there is a need to disable this facility, set and
export WK_DISABLE_CHECK_XCFILELISTS=1 in your environment before
running make or build-webkit, or before running Xcode from the
command line.

Additionally, remove the step that generates a list of source files
going into the UnifiedSources build step. It's only necessarily to
specify Sources.txt and SourcesCocoa.txt as inputs.

Source/JavaScriptCore:

  • JavaScriptCore.xcodeproj/project.pbxproj:
  • UnifiedSources-input.xcfilelist: Removed.

Source/WebCore:

No new tests since there should be no observable behavior difference.

  • UnifiedSources-input.xcfilelist: Removed.
  • WebCore.xcodeproj/project.pbxproj:

Source/WebKit:

  • UnifiedSources-input.xcfilelist: Removed.
  • WebKit.xcodeproj/project.pbxproj:

Source/WTF:

  • Scripts/generate-unified-source-bundles.rb:

Tools:

  • Scripts/generate-xcfilelists:
2:53 PM Changeset in webkit [240993] by Keith Rollin
  • 6 edits in trunk/Source

Update .xcfilelist files
https://bugs.webkit.org/show_bug.cgi?id=194121
<rdar://problem/47720863>

Reviewed by Tim Horton.

Preparatory to enabling the facility for automatically updating the
.xcfilelist files, check in a freshly-updated set so that not everyone
runs up against having to regenerate them themselves.

Source/JavaScriptCore:

  • DerivedSources-input.xcfilelist:
  • DerivedSources-output.xcfilelist:

Source/WebCore:

No new tests since there should be no observable behavior difference.

  • DerivedSources-input.xcfilelist:
  • DerivedSources-output.xcfilelist:
2:09 PM Changeset in webkit [240992] by andy@vanwagoner.family
  • 3 edits in trunk/Source/JavaScriptCore

[INTL] improve efficiency of Intl.NumberFormat formatToParts
https://bugs.webkit.org/show_bug.cgi?id=185557

Reviewed by Mark Lam.

Since field nesting depth is minimal, this algorithm should be effectively O(n),
where n is the number of characters in the formatted string.
It may be less memory efficient than the previous impl, since the intermediate Vector
is the length of the string, instead of the count of the fields.

  • runtime/IntlNumberFormat.cpp:

(JSC::IntlNumberFormat::formatToParts):

  • runtime/IntlNumberFormat.h:
1:59 PM Changeset in webkit [240991] by mark.lam@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

Move DFG nodes that clobberize() says will write(Heap) to the doesGC() list that returns true.
https://bugs.webkit.org/show_bug.cgi?id=194298
<rdar://problem/47827555>

Reviewed by Saam Barati.

We do this for 3 reasons:

  1. It's clearer when reading doesGC()'s code that these nodes will return true.
  2. If things change in the future where clobberize() no longer reports these nodes as write(Heap), each node should be vetted first to make sure that it can never GC before being moved back to the doesGC() list that returns false.
  3. This reduces the list of nodes that we need to audit to make sure doesGC() is correct in its claims about the nodes' GCing possibility.

The list of nodes moved are:

ArrayPush
ArrayPop
Call
CallEval
CallForwardVarargs
CallVarargs
Construct
ConstructForwardVarargs
ConstructVarargs
DefineDataProperty
DefineAccessorProperty
DeleteById
DeleteByVal
DirectCall
DirectConstruct
DirectTailCallInlinedCaller
GetById
GetByIdDirect
GetByIdDirectFlush
GetByIdFlush
GetByIdWithThis
GetByValWithThis
GetDirectPname
GetDynamicVar
HasGenericProperty
HasOwnProperty
HasStructureProperty
InById
InByVal
InstanceOf
InstanceOfCustom
LoadVarargs
NumberToStringWithRadix
PutById
PutByIdDirect
PutByIdFlush
PutByIdWithThis
PutByOffset
PutByValWithThis
PutDynamicVar
PutGetterById
PutGetterByVal
PutGetterSetterById
PutSetterById
PutSetterByVal
PutStack
PutToArguments
RegExpExec
RegExpTest
ResolveScope
ResolveScopeForHoistingFuncDeclInEval
TailCall
TailCallForwardVarargsInlinedCaller
TailCallInlinedCaller
TailCallVarargsInlinedCaller
ToNumber
ToPrimitive
ValueNegate

  • dfg/DFGDoesGC.cpp:

(JSC::DFG::doesGC):

1:27 PM Changeset in webkit [240990] by beidson@apple.com
  • 6 edits
    2 adds in trunk/Source/WebKit

Add a new DownloadMap type that manages taking an assertion automatically.
https://bugs.webkit.org/show_bug.cgi?id=194294

Reviewed by Alex Christensen.

If we don't need the download assertion, we use a vanilla HashMap like today.
If we need the download assertion, we use the new DownloadMap class instead.

The new DownloadMap is a wrapper around a HashMap that also creates/destroys the assertion as needed.

  • NetworkProcess/Downloads/DownloadManager.cpp:

(WebKit::DownloadManager::dataTaskBecameDownloadTask):
(WebKit::DownloadManager::downloadFinished):

  • NetworkProcess/Downloads/DownloadManager.h:
  • NetworkProcess/Downloads/DownloadMap.cpp: Added.

(WebKit::DownloadMap::get const):
(WebKit::DownloadMap::isEmpty const):
(WebKit::DownloadMap::size const):
(WebKit::DownloadMap::contains const):
(WebKit::DownloadMap::add):
(WebKit::DownloadMap::remove):

  • NetworkProcess/Downloads/DownloadMap.h: Added.
  • Sources.txt:
  • UIProcess/ios/ProcessAssertionIOS.mm:

(WebKit::ProcessAssertion::ProcessAssertion):

  • WebKit.xcodeproj/project.pbxproj:
12:35 PM Changeset in webkit [240989] by Nikita Vasilyev
  • 3 edits in trunk/LayoutTests

Web Inspector: Fix modify-css-property-race.html test failures
https://bugs.webkit.org/show_bug.cgi?id=194282

Reviewed by Matt Baker.

Fix test failures introduced by r240946 by providing a message for expectGreaterThan assert,
so it doesn't log the actual values.

  • inspector/css/modify-css-property-race-expected.txt:
  • inspector/css/modify-css-property-race.html:
12:30 PM Changeset in webkit [240988] by andy@vanwagoner.family
  • 4 edits in trunk/LayoutTests

REGRESSION(r238848): ICU upgrade broke jsc-layout-tests.yaml/js/script-tests/intl-numberformat.js.layout
https://bugs.webkit.org/show_bug.cgi?id=193620

Reviewed by Michael Catanzaro.

Update NumberFormat tests to be more tolerant of ICU version differences.

  • js/intl-numberformat-expected.txt:
  • js/script-tests/intl-numberformat.js:
  • platform/gtk/TestExpectations:
12:28 PM Changeset in webkit [240987] by commit-queue@webkit.org
  • 3 edits in trunk/Tools

[GTK][WPE] force libpsl build to use ICU in jhbuild
https://bugs.webkit.org/show_bug.cgi?id=194288

Patch by Olivier Blin <Olivier Blin> on 2019-02-05
Reviewed by Philippe Normand.

In jhbuild, libpsl depends on ICU, but its configure script may decide to use libidn instead of ICU.
This can cause build failures if libidn is detected but libunistring is not available.

Make sure that ICU is used for runtime and builtin PSL data.

  • gtk/jhbuild.modules:
  • wpe/jhbuild.modules:
12:19 PM Changeset in webkit [240986] by aakash_jain@apple.com
  • 4 edits in trunk/Tools

[ews-app] Modified timestamp should be updated on updating data
https://bugs.webkit.org/show_bug.cgi?id=194295

Reviewed by Lucas Forschler.

  • BuildSlaveSupport/ews-app/ews/models/build.py:
  • BuildSlaveSupport/ews-app/ews/models/buildermapping.py:
  • BuildSlaveSupport/ews-app/ews/models/step.py:
11:11 AM Changeset in webkit [240985] by beidson@apple.com
  • 2 edits in trunk/Source/WebKit

Fix iOS simulator build after r240954

Unreviewed.

  • UIProcess/ios/ProcessAssertionIOS.mm:

(WebKit::ProcessAssertion::ProcessAssertion): Implement the new constructor.

10:58 AM Changeset in webkit [240984] by achristensen@apple.com
  • 27 edits in trunk/Source

Stop using blobRegistry in NetworkProcess
https://bugs.webkit.org/show_bug.cgi?id=194027

Reviewed by Youenn Fablet.

Source/WebCore:

Also stop using NetworkBlobRegistry::singleton.
Instead, have the NetworkProcess own a NetworkBlobRegistry which owns a BlobRegistryImpl.
We now have to resolve all blob file references while we still have a
NetworkConnectionToWebProcess/NetworkProcess/NetworkBlobRegistry/BlobRegistryImpl instead of
using the singleton after we have passed everything to the loading code, but it works the same
as it did before. We must consume the sandbox extension from the BlobRegistryImpl before using
the resolved files, so I pass around a Vector<RefPtr<WebCore::BlobDataFileReference>> so we know
which extensions to revoke.

  • platform/network/BlobRegistryImpl.h:
  • platform/network/FormData.cpp:

(WebCore::appendBlobResolved):
(WebCore::FormData::resolveBlobReferences):

  • platform/network/FormData.h:
  • platform/network/cf/FormDataStreamCFNet.cpp:

(WebCore::createHTTPBodyCFReadStream):

  • platform/network/curl/CurlFormDataStream.cpp:

(WebCore::CurlFormDataStream::CurlFormDataStream):

Source/WebKit:

  • NetworkProcess/Downloads/DownloadManager.cpp:

(WebKit::DownloadManager::startDownload):

  • NetworkProcess/Downloads/PendingDownload.cpp:

(WebKit::PendingDownload::PendingDownload):

  • NetworkProcess/Downloads/PendingDownload.h:
  • NetworkProcess/FileAPI/NetworkBlobRegistry.cpp:

(WebKit::NetworkBlobRegistry::registerFileBlobURL):
(WebKit::NetworkBlobRegistry::registerBlobURL):
(WebKit::NetworkBlobRegistry::registerBlobURLOptionallyFileBacked):
(WebKit::NetworkBlobRegistry::registerBlobURLForSlice):
(WebKit::NetworkBlobRegistry::unregisterBlobURL):
(WebKit::NetworkBlobRegistry::blobSize):
(WebKit::NetworkBlobRegistry::writeBlobsToTemporaryFiles):
(WebKit::NetworkBlobRegistry::writeBlobToFilePath):
(WebKit::NetworkBlobRegistry::connectionToWebProcessDidClose):
(WebKit::NetworkBlobRegistry::filesInBlob):
(WebKit::NetworkBlobRegistry::singleton): Deleted.

  • NetworkProcess/FileAPI/NetworkBlobRegistry.h:

(WebKit::NetworkBlobRegistry::blobRegistry):

  • NetworkProcess/NetworkConnectionToWebProcess.cpp:

(WebKit::NetworkConnectionToWebProcess::didClose):
(WebKit::NetworkConnectionToWebProcess::resolveBlobReferences):
(WebKit::NetworkConnectionToWebProcess::scheduleResourceLoad):
(WebKit::NetworkConnectionToWebProcess::performSynchronousLoad):
(WebKit::NetworkConnectionToWebProcess::loadPing):
(WebKit::NetworkConnectionToWebProcess::preconnectTo):
(WebKit::NetworkConnectionToWebProcess::registerFileBlobURL):
(WebKit::NetworkConnectionToWebProcess::registerBlobURL):
(WebKit::NetworkConnectionToWebProcess::registerBlobURLFromURL):
(WebKit::NetworkConnectionToWebProcess::registerBlobURLOptionallyFileBacked):
(WebKit::NetworkConnectionToWebProcess::registerBlobURLForSlice):
(WebKit::NetworkConnectionToWebProcess::unregisterBlobURL):
(WebKit::NetworkConnectionToWebProcess::blobSize):
(WebKit::NetworkConnectionToWebProcess::writeBlobsToTemporaryFiles):
(WebKit::NetworkConnectionToWebProcess::filesInBlob):
(WebKit::NetworkConnectionToWebProcess::blobRegistry):

  • NetworkProcess/NetworkConnectionToWebProcess.h:
  • NetworkProcess/NetworkDataTask.cpp:

(WebKit::NetworkDataTask::create):

  • NetworkProcess/NetworkDataTaskBlob.cpp:

(WebKit::NetworkDataTaskBlob::NetworkDataTaskBlob):

  • NetworkProcess/NetworkDataTaskBlob.h:
  • NetworkProcess/NetworkLoad.cpp:

(WebKit::NetworkLoad::NetworkLoad):
(WebKit::NetworkLoad::initialize):

  • NetworkProcess/NetworkLoad.h:
  • NetworkProcess/NetworkProcess.cpp:

(WebKit::NetworkProcess::NetworkProcess):
(WebKit::NetworkProcess::removeNetworkConnectionToWebProcess):

  • NetworkProcess/NetworkProcess.h:

(WebKit::NetworkProcess::networkBlobRegistry):

  • NetworkProcess/NetworkProcessPlatformStrategies.cpp:

(WebKit::NetworkProcessPlatformStrategies::createBlobRegistry):

  • NetworkProcess/NetworkResourceLoader.cpp:

(WebKit::m_shouldCaptureExtraNetworkLoadMetrics):
(WebKit::NetworkResourceLoader::startNetworkLoad):

  • NetworkProcess/PreconnectTask.cpp:
  • NetworkProcess/cache/NetworkCacheSpeculativeLoad.cpp:

(WebKit::NetworkCache::SpeculativeLoad::SpeculativeLoad):

10:39 AM Changeset in webkit [240983] by Ryan Haddad
  • 16 edits in trunk

Unreviewed, rolling out r240742.

Causes crashes on iOS simulator.

Reverted changeset:

"[iOS] Keyups for non-modifier keys identified as "Dead" when
not focused in a content-editable element"
https://bugs.webkit.org/show_bug.cgi?id=192824
https://trac.webkit.org/changeset/240742

10:33 AM Changeset in webkit [240982] by Jonathan Bedard
  • 3 edits in trunk/Tools

run-webkit-tests emits message "...running None" when running tests
https://bugs.webkit.org/show_bug.cgi?id=194133
<rdar://problem/47724738>

Reviewed by Lucas Forschler.

  • Scripts/webkitpy/xcode/device_type.py:

(DeviceType.str): Use both version mapping tables and use just the variant
name if no version name is available.

  • Scripts/webkitpy/xcode/device_type_unittest.py:

(DeviceTypeTest):
(DeviceTypeTest.test_unmapped_version): Test case where the version does not have
an associated named.

10:28 AM Changeset in webkit [240981] by ysuzuki@apple.com
  • 11 edits in trunk/Source

[JSC] Shrink sizeof(UnlinkedCodeBlock)
https://bugs.webkit.org/show_bug.cgi?id=194281

Reviewed by Michael Saboff.

Source/JavaScriptCore:

This patch first attempts to reduce the size of UnlinkedCodeBlock in a relatively simpler way. Reordering members, remove unused member, and
move rarely used members to RareData. This changes sizeof(UnlinkedCodeBlock) from 312 to 256.

Still we have several chances to reduce sizeof(UnlinkedCodeBlock). Making more Vectors to RefCountedArrays can be done with some restructuring
of generatorification phase. It would be possible to remove m_sourceURLDirective and m_sourceMappingURLDirective from UnlinkedCodeBlock since
they should be in SourceProvider and that should be enough. These changes require some intrusive modifications and we make them as a future work.

  • bytecode/CodeBlock.cpp:

(JSC::CodeBlock::finishCreation):

  • bytecode/CodeBlock.h:

(JSC::CodeBlock::bitVectors const): Deleted.

  • bytecode/CodeType.h:
  • bytecode/UnlinkedCodeBlock.cpp:

(JSC::UnlinkedCodeBlock::UnlinkedCodeBlock):
(JSC::UnlinkedCodeBlock::shrinkToFit):

  • bytecode/UnlinkedCodeBlock.h:

(JSC::UnlinkedCodeBlock::bitVector):
(JSC::UnlinkedCodeBlock::addBitVector):
(JSC::UnlinkedCodeBlock::addSetConstant):
(JSC::UnlinkedCodeBlock::constantRegisters):
(JSC::UnlinkedCodeBlock::numberOfConstantIdentifierSets const):
(JSC::UnlinkedCodeBlock::constantIdentifierSets):
(JSC::UnlinkedCodeBlock::codeType const):
(JSC::UnlinkedCodeBlock::didOptimize const):
(JSC::UnlinkedCodeBlock::setDidOptimize):
(JSC::UnlinkedCodeBlock::usesGlobalObject const): Deleted.
(JSC::UnlinkedCodeBlock::setGlobalObjectRegister): Deleted.
(JSC::UnlinkedCodeBlock::globalObjectRegister const): Deleted.
(JSC::UnlinkedCodeBlock::bitVectors const): Deleted.

  • bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::emitLoad):
(JSC::BytecodeGenerator::emitLoadGlobalObject): Deleted.

  • bytecompiler/BytecodeGenerator.h:
  • runtime/CachedTypes.cpp:

(JSC::CachedCodeBlockRareData::encode):
(JSC::CachedCodeBlockRareData::decode const):
(JSC::CachedCodeBlock::scopeRegister const):
(JSC::CachedCodeBlock::codeType const):
(JSC::UnlinkedCodeBlock::UnlinkedCodeBlock):
(JSC::CachedCodeBlock<CodeBlockType>::decode const):
(JSC::CachedCodeBlock<CodeBlockType>::encode):
(JSC::CachedCodeBlock::globalObjectRegister const): Deleted.

Source/WTF:

  • wtf/TriState.h:
10:23 AM Changeset in webkit [240980] by Kocsen Chung
  • 2 edits in tags/Safari-608.1.5/Source/WebCore

Revert r240738. rdar://problem/47810351

10:00 AM Changeset in webkit [240979] by Kocsen Chung
  • 1 copy in tags/Safari-608.1.5

Tag Safari-608.1.5.

9:44 AM Changeset in webkit [240978] by commit-queue@webkit.org
  • 2 edits in trunk/Tools

[WPE] require python3-setuptools for meson build in jhbuild
https://bugs.webkit.org/show_bug.cgi?id=194287

Patch by Olivier Blin <Olivier Blin> on 2019-02-05
Reviewed by Philippe Normand.

python3-setuptools is needed to build meson in jhbuild.
It is already required by the GTK port.

  • wpe/install-dependencies:
9:21 AM Changeset in webkit [240977] by aakash_jain@apple.com
  • 2 edits in trunk/Tools

[ews-app] Add method to save BuilderMapping to database
https://bugs.webkit.org/show_bug.cgi?id=194264

Reviewed by Lucas Forschler.

  • BuildSlaveSupport/ews-app/ews/models/buildermapping.py:

(BuilderMapping.str):
(BuilderMapping):
(BuilderMapping.save_mapping):
(BuilderMapping.update_mapping):
(BuilderMapping.get_existing_mapping):
(BuilderMapping.is_valid_mapping):

9:19 AM Changeset in webkit [240976] by aakash_jain@apple.com
  • 2 edits in trunk/Tools

[ews-app] Add timestamp fields for BuilderMappings
https://bugs.webkit.org/show_bug.cgi?id=194266

Reviewed by Lucas Forschler.

  • BuildSlaveSupport/ews-app/ews/models/buildermapping.py:

(BuilderMapping):

8:01 AM Changeset in webkit [240975] by Alan Bujtas
  • 4 edits in trunk/Source/WebCore

[LFC][IFC] collectInlineContent should use pre-computed margins, paddings and borders
https://bugs.webkit.org/show_bug.cgi?id=194269

Reviewed by Antti Koivisto.

In this patch we pre-compute the margins padding and borders for formatting context roots, replaced boxes and non-replaced containers.
These property values are input to collectInlineContent's inline item detaching logic.

  • layout/inlineformatting/InlineFormattingContext.cpp:

(WebCore::Layout::nextInPreOrder):
(WebCore::Layout::InlineFormattingContext::layout const):
(WebCore::Layout::InlineFormattingContext::computeMarginBorderAndPadding const):
(WebCore::Layout::InlineFormattingContext::collectInlineContent const):

  • layout/inlineformatting/InlineFormattingContext.h:
  • layout/layouttree/LayoutBox.h: ran out bits.
7:38 AM Changeset in webkit [240974] by achristensen@apple.com
  • 2 edits in trunk/Source/WebKit

Protect globalWebSocketStreamMap with a Lock
https://bugs.webkit.org/show_bug.cgi?id=194224
<rdar://problem/47581081>

Reviewed by Ryosuke Niwa.

  • WebProcess/Network/WebSocketStream.cpp:

(WebKit::WebSocketStream::streamWithIdentifier):
(WebKit::WebSocketStream::networkProcessCrashed):
(WebKit::WebSocketStream::WebSocketStream):
(WebKit::WebSocketStream::~WebSocketStream):

7:36 AM Changeset in webkit [240973] by achristensen@apple.com
  • 9 edits
    2 adds in trunk/Source/WebKit

Add Networking Daemon skeleton
https://bugs.webkit.org/show_bug.cgi?id=194278

Reviewed by Zalan Bujtas.

Daemon skeletons? This is spooky stuff.

  • NetworkProcess/EntryPoint/Cocoa/Daemon/DaemonEntryPoint.h: Added.
  • NetworkProcess/EntryPoint/Cocoa/Daemon/DaemonEntryPoint.mm: Added.

(WebKit::DaemonMain):

  • NetworkProcess/cocoa/NetworkDataTaskCocoa.h:
  • NetworkProcess/cocoa/NetworkDataTaskCocoa.mm:

(WebKit::NetworkDataTaskCocoa::restrictRequestReferrerToOriginIfNeeded):

  • Shared/API/Cocoa/WKMain.h:
  • Shared/API/Cocoa/WKMain.mm:

(WKDaemonMain):

  • Shared/EntryPointUtilities/Cocoa/AuxiliaryProcessMain.cpp:

(main):

  • SourcesCocoa.txt:
  • UnifiedSources-input.xcfilelist:
  • WebKit.xcodeproj/project.pbxproj:
6:45 AM Changeset in webkit [240972] by dinfuehr@igalia.com
  • 2 edits in trunk/JSTests

[ARM] Test running out of executable memory
https://bugs.webkit.org/show_bug.cgi?id=194285

Unreviewed. Do no execute test with LLInt disabled, test runs out of
executable memory otherwise.

  • stress/class-subclassing-function.js:
5:16 AM Changeset in webkit [240971] by commit-queue@webkit.org
  • 3 edits in trunk/Source/WebCore

REGRESSION (r240579): com.apple.WebKit.WebContent at WebCore: WebCore::Document::absoluteEventRegionForNode
https://bugs.webkit.org/show_bug.cgi?id=194284
<rdar://problem/47774298>

Patch by Antoine Quint <Antoine Quint> on 2019-02-05
Reviewed by Antti Koivisto.

The m_touchActionElements list needs to be HashSet<RefPtr<Element>> instead of HashSet<Element*>. It was initially storing raw pointers based on m_touchEventTargets
which is an EventTargetSet (typedef’d to HashCountedSet<Node*>), but that's because these nodes have an event listener registered for them and as such are kept alive,
whereas elements with a touch-action property aren’t. Elements are removed from this list from Document::nodeWillBeRemoved() and from Document::updateTouchActionElements(),
the latter being called from Style::TreeResolver::resolveElement().

  • dom/Document.cpp:

(WebCore::Document::updateTouchActionElements):

  • dom/Document.h:

(WebCore::Document::touchActionElements const):

3:18 AM Changeset in webkit [240970] by Nikita Vasilyev
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: Styles: remove harmless "property was unlocked" asserts
https://bugs.webkit.org/show_bug.cgi?id=194262

Reviewed by Matt Baker.

  • UserInterface/Views/SpreadsheetStyleProperty.js:

(WI.SpreadsheetStyleProperty.prototype.remove):
(WI.SpreadsheetStyleProperty.prototype.update):
(WI.SpreadsheetStyleProperty.prototype._handleNameChange):
(WI.SpreadsheetStyleProperty.prototype._handleValueChange):

2:49 AM Changeset in webkit [240969] by zandobersek@gmail.com
  • 2 edits in trunk/Source/WTF

[GLib] Stop URI-escaping file system representations
https://bugs.webkit.org/show_bug.cgi?id=194213

Reviewed by Carlos Garcia Campos.

Stop URI-escaping of file representation strings in
FileSystem::stringFromFileSystemRepresentation(), and URI-unescaping
of strings in FileSystem::fileSystemRepresentation().

This behavior deviates from POSIX and CF implementations and is
currently breaking IndexedDB-specific calculation of database sizes due
to directory components used in that process that are URL-based and are
as such URI-escaped. When unescaped, those single directory components
explode into multiple directory components, leading to incorrect total
database size calculation when iterating the database directory.

FileSystem::stringFromFileSystemRepresentation() now retrieves GLib's
filename charsets and in worst case converts the filesystem
representation to UTF-8 before String::fromUTF8() is used.
FileSystem::fileSystemRepresentation() reverses that process, taking
String's UTF-8 data and converting it to target charset if necessary.

Other FileSystem functions are adjusted to convert passed-in String
objects to filesystem representations.

  • wtf/glib/FileSystemGlib.cpp:

(WTF::FileSystemImpl::stringFromFileSystemRepresentation):
(WTF::FileSystemImpl::fileSystemRepresentation):
(WTF::FileSystemImpl::validRepresentation):
(WTF::FileSystemImpl::filenameForDisplay):
(WTF::FileSystemImpl::fileExists):
(WTF::FileSystemImpl::deleteFile):
(WTF::FileSystemImpl::deleteEmptyDirectory):
(WTF::FileSystemImpl::getFileStat):
(WTF::FileSystemImpl::getFileLStat):
(WTF::FileSystemImpl::makeAllDirectories):
(WTF::FileSystemImpl::createSymbolicLink):
(WTF::FileSystemImpl::pathGetFileName):
(WTF::FileSystemImpl::getVolumeFreeSpace):
(WTF::FileSystemImpl::directoryName):
(WTF::FileSystemImpl::listDirectory):
(WTF::FileSystemImpl::openFile):
(WTF::FileSystemImpl::moveFile):
(WTF::FileSystemImpl::hardLinkOrCopyFile):
(WTF::FileSystemImpl::getFileDeviceId): Align with POSIX implementation
and treat input CString as an existing filesystem representation.
(WTF::FileSystemImpl::unescapedFilename): Deleted.

12:52 AM Changeset in webkit [240968] by benjamin@webkit.org
  • 4 edits in trunk/Source/WebCore

Hit testing functions optimizations
https://bugs.webkit.org/show_bug.cgi?id=194073
<rdar://problem/47692312>

Reviewed by Zalan Bujtas.

This patch implements some easy optimizations that speed up
hit testing without changing the algorithms.

  • page/FrameViewLayoutContext.h:

The code for:

view().frameView().layoutContext().isPaintOffsetCacheEnabled()

followed by:

view().frameView().layoutContext().layoutState()

was loading all the intermediate values twice and calling layoutState()
twice.

By marking the function as pure, Clang can CSE the whole thing and
remove the duplicated code.

  • platform/graphics/LayoutRect.h:

(WebCore::LayoutRect::isInfinite const):
That one is pretty funny.

Since LayoutRect::isInfinite() was implemented before operator==() is
declared, the compiler was falling back to the implicit convertion to FloatRect()
before doing any comparison.

This explains a bunch of the convertions to float when using LayoutRect.

  • rendering/RenderBox.cpp:

(WebCore::RenderBox::mapLocalToContainer const):
Just reoder to make the register nice and clean for the optimization described above.

Feb 4, 2019:

11:48 PM Changeset in webkit [240967] by Devin Rousso
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: Uncaught Exception: undefined is not an object (evaluating 'classes.includes')
https://bugs.webkit.org/show_bug.cgi?id=194280
<rdar://problem/47811159>

Reviewed by Matt Baker.

  • UserInterface/Views/GeneralStyleDetailsSidebarPanel.js:

(WI.GeneralStyleDetailsSidebarPanel.prototype._populateClassToggles):
Add a fallback value in case the class attribute isn't specified for the selected node.

10:51 PM Changeset in webkit [240966] by ysuzuki@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

Unreviewed, add missing exception checks after r240637
https://bugs.webkit.org/show_bug.cgi?id=193546

  • tools/JSDollarVM.cpp:

(JSC::functionShadowChickenFunctionsOnStack):

10:32 PM Changeset in webkit [240965] by ysuzuki@apple.com
  • 70 edits
    1 copy in trunk/Source

[JSC] Shrink size of VM by lazily allocating IsoSubspaces for non-common types
https://bugs.webkit.org/show_bug.cgi?id=193993

Reviewed by Keith Miller.

Source/JavaScriptCore:

JSC::VM has a lot of IsoSubspaces, and each takes 504B. This unnecessarily makes VM so large.
And some of them are rarely used. We should allocate it lazily.

In this patch, we make some IsoSubspaces std::unique_ptr<IsoSubspace>. And we add ensureXXXSpace
functions which allocate IsoSubspaces lazily. This function is used by subspaceFor<> in each class.
And we also add subspaceForConcurrently<> function, which is called from concurrent JIT tiers. This
returns nullptr if the subspace is not allocated yet. JSCell::subspaceFor now takes second template
parameter which tells the function whether subspaceFor is concurrently done. If the IsoSubspace is
lazily created, we may return nullptr for the concurrent access. We ensure the space's initialization
by using WTF::storeStoreFence when lazily allocating it.

In GC's constraint solving, we may touch these lazily allocated spaces. At that time, we check the
existence of the space before touching this. This is not racy because the main thread is stopped when
the constraint solving is working.

This changes sizeof(VM) from 64736 to 56472.

Another interesting thing is that we removed PreventCollectionScope preventCollectionScope(heap); in
Subspace::initialize. This is really dangerous API since it easily causes dead-lock between the
collector and the mutator if IsoSubspace is dynamically created. We do want to make IsoSubspaces
dynamically-created ones since the requirement of the pre-allocation poses a scalability problem
of IsoSubspace adoption because IsoSubspace is large. Registered Subspace is only touched in the
EndPhase, and the peripheries should be stopped when running EndPhase. Thus, as long as the main thread
can run this IsoSubspace code, the collector is never EndPhase. So this is safe.

  • API/JSCallbackFunction.h:
  • API/ObjCCallbackFunction.h:

(JSC::ObjCCallbackFunction::subspaceFor):

  • API/glib/JSCCallbackFunction.h:
  • CMakeLists.txt:
  • JavaScriptCore.xcodeproj/project.pbxproj:
  • bytecode/CodeBlock.cpp:

(JSC::CodeBlock::visitChildren):
(JSC::CodeBlock::finalizeUnconditionally):

  • bytecode/CodeBlock.h:
  • bytecode/EvalCodeBlock.h:
  • bytecode/ExecutableToCodeBlockEdge.h:
  • bytecode/FunctionCodeBlock.h:
  • bytecode/ModuleProgramCodeBlock.h:
  • bytecode/ProgramCodeBlock.h:
  • bytecode/UnlinkedFunctionExecutable.cpp:

(JSC::UnlinkedFunctionExecutable::unlinkedCodeBlockFor):

  • bytecode/UnlinkedFunctionExecutable.h:
  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::emitAllocateRawObject):
(JSC::DFG::SpeculativeJIT::compileMakeRope):
(JSC::DFG::SpeculativeJIT::compileNewObject):

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileMakeRope):
(JSC::FTL::DFG::LowerDFGToB3::compileMaterializeNewObject):
(JSC::FTL::DFG::LowerDFGToB3::allocateObject):
(JSC::FTL::DFG::LowerDFGToB3::allocateVariableSizedObject):
(JSC::FTL::DFG::LowerDFGToB3::allocateVariableSizedCell):

  • heap/Heap.cpp:

(JSC::Heap::finalizeUnconditionalFinalizers):
(JSC::Heap::deleteAllCodeBlocks):
(JSC::Heap::deleteAllUnlinkedCodeBlocks):
(JSC::Heap::addCoreConstraints):

  • heap/Subspace.cpp:

(JSC::Subspace::initialize):

  • jit/AssemblyHelpers.h:

(JSC::AssemblyHelpers::emitAllocateJSObjectWithKnownSize):
(JSC::AssemblyHelpers::emitAllocateVariableSizedCell):

  • jit/JITOpcodes.cpp:

(JSC::JIT::emit_op_new_object):

  • jit/JITOpcodes32_64.cpp:

(JSC::JIT::emit_op_new_object):

  • runtime/DirectArguments.h:
  • runtime/DirectEvalExecutable.h:
  • runtime/ErrorInstance.h:

(JSC::ErrorInstance::subspaceFor):

  • runtime/ExecutableBase.h:
  • runtime/FunctionExecutable.h:
  • runtime/IndirectEvalExecutable.h:
  • runtime/InferredValue.cpp:

(JSC::InferredValue::visitChildren):

  • runtime/InferredValue.h:
  • runtime/InferredValueInlines.h:

(JSC::InferredValue::finalizeUnconditionally):

  • runtime/InternalFunction.h:
  • runtime/JSAsyncFunction.h:
  • runtime/JSAsyncGeneratorFunction.h:
  • runtime/JSBoundFunction.h:
  • runtime/JSCell.h:

(JSC::subspaceFor):
(JSC::subspaceForConcurrently):

  • runtime/JSCellInlines.h:

(JSC::allocatorForNonVirtualConcurrently):

  • runtime/JSCustomGetterSetterFunction.h:
  • runtime/JSDestructibleObject.h:
  • runtime/JSFunction.h:
  • runtime/JSGeneratorFunction.h:
  • runtime/JSImmutableButterfly.h:
  • runtime/JSLexicalEnvironment.h:

(JSC::JSLexicalEnvironment::subspaceFor):

  • runtime/JSNativeStdFunction.h:
  • runtime/JSSegmentedVariableObject.h:
  • runtime/JSString.h:
  • runtime/ModuleProgramExecutable.h:
  • runtime/NativeExecutable.h:
  • runtime/ProgramExecutable.h:
  • runtime/PropertyMapHashTable.h:
  • runtime/ProxyRevoke.h:
  • runtime/ScopedArguments.h:
  • runtime/ScriptExecutable.cpp:

(JSC::ScriptExecutable::clearCode):
(JSC::ScriptExecutable::installCode):

  • runtime/Structure.h:
  • runtime/StructureRareData.h:
  • runtime/SubspaceAccess.h: Copied from Source/JavaScriptCore/runtime/InferredValueInlines.h.
  • runtime/VM.cpp:

(JSC::VM::VM):

  • runtime/VM.h:

(JSC::VM::SpaceAndSet::SpaceAndSet):
(JSC::VM::SpaceAndSet::setFor):
(JSC::VM::forEachScriptExecutableSpace):
(JSC::VM::SpaceAndFinalizerSet::SpaceAndFinalizerSet): Deleted.
(JSC::VM::SpaceAndFinalizerSet::finalizerSetFor): Deleted.
(JSC::VM::ScriptExecutableSpaceAndSet::ScriptExecutableSpaceAndSet): Deleted.
(JSC::VM::ScriptExecutableSpaceAndSet::clearableCodeSetFor): Deleted.
(JSC::VM::UnlinkedFunctionExecutableSpaceAndSet::UnlinkedFunctionExecutableSpaceAndSet): Deleted.
(JSC::VM::UnlinkedFunctionExecutableSpaceAndSet::clearableCodeSetFor): Deleted.

  • runtime/WeakMapImpl.h:

(JSC::WeakMapImpl::subspaceFor):

  • wasm/js/JSWebAssemblyCodeBlock.h:
  • wasm/js/JSWebAssemblyMemory.h:
  • wasm/js/WebAssemblyFunction.h:
  • wasm/js/WebAssemblyWrapperFunction.h:

Source/WebCore:

  • bindings/scripts/CodeGeneratorJS.pm:

(GenerateHeader):

  • bridge/runtime_method.h:

Source/WebKit:

  • WebProcess/Plugins/Netscape/JSNPMethod.h:
  • WebProcess/Plugins/Netscape/JSNPObject.h:
10:19 PM Changeset in webkit [240964] by Jonathan Bedard
  • 4 edits
    35 adds in trunk/LayoutTests

[iPad] Initial test gardening (Part 1)
https://bugs.webkit.org/show_bug.cgi?id=193767
<rdar://problem/47515175>

Unreviewed test gardening.

A number of tests need to be re-baselined when run on iPad because of the larger screen.

  • fast/canvas/canvas-too-large-to-draw.html: iOS userAgent regex should match iPhones and iPads.
  • fast/events/touch/ios/target-taller-than-view.html: Move event listener since tabpPointY is the value we should compare against.
  • fast/visual-viewport/ios/min-scale-greater-than-one.html: expectedTop depends on the screen size of the device.
  • platform/ipad/fast/events: Added.
  • platform/ipad/fast/events/ios: Added.
  • platform/ipad/fast/events/ios/keyboard-should-not-trigger-resize-expected.txt: Added.
  • platform/ipad/fast/events/ios/rotation: Added.
  • platform/ipad/fast/events/ios/rotation/zz-no-rotation-expected.txt: Added.
  • platform/ipad/fast/events/touch: Added.
  • platform/ipad/fast/events/touch/ios: Added.
  • platform/ipad/fast/events/touch/ios/target-taller-than-view-expected.txt: Added.
  • platform/ipad/fast/scrolling: Added.
  • platform/ipad/fast/scrolling/ios: Added.
  • platform/ipad/fast/scrolling/ios/clipping-ancestor-with-accelerated-scrolling-ancestor-expected.txt: Added.
  • platform/ipad/fast/scrolling/ios/overflow-scrolling-ancestor-clip-expected.txt: Added.
  • platform/ipad/fast/scrolling/ios/overflow-scrolling-ancestor-clip-size-expected.txt: Added.
  • platform/ipad/fast/scrolling/ios/scrolling-content-clip-to-viewport-expected.txt: Added.
  • platform/ipad/fast/scrolling/ios/subpixel-overflow-scrolling-with-ancestor-expected.txt: Added.
  • platform/ipad/fast/scrolling/ios/touch-stacking-expected.txt: Added.
  • platform/ipad/fast/viewport/ios: Added.
  • platform/ipad/fast/viewport/ios/device-width-viewport-after-changing-view-scale-expected.txt: Added.
  • platform/ipad/fast/viewport/ios/initial-scale-after-changing-view-scale-expected.txt: Added.
  • platform/ipad/fast/viewport/ios/use-minimum-device-width-for-page-without-viewport-meta-expected.txt: Added.
  • platform/ipad/fast/viewport/ios/width-is-device-width-expected.txt: Added.
  • platform/ipad/fast/viewport/ios/width-is-device-width-overflowing-body-overflow-hidden-expected.txt: Added.
  • platform/ipad/fast/viewport/ios/width-is-device-width-overflowing-body-overflow-hidden-tall-expected.txt: Added.
  • platform/ipad/fast/viewport/ios/width-is-device-width-overflowing-expected.txt: Added.
  • platform/ipad/fast/viewport/ios/width-is-device-width-overflowing-no-shrink-to-fit-expected.txt: Added.
  • platform/ipad/platform: Added.
  • platform/ipad/platform/ios: Added.
  • platform/ipad/platform/ios/ios: Added.
  • platform/ipad/platform/ios/ios/fast: Added.
  • platform/ipad/platform/ios/ios/fast/text: Added.
  • platform/ipad/platform/ios/ios/fast/text/opticalFontWithTextStyle-expected.txt: Added.
  • platform/ipad/scrollingcoordinator: Added.
  • platform/ipad/scrollingcoordinator/ios: Added.
  • platform/ipad/scrollingcoordinator/ios/sync-layer-positions-after-scroll-expected.txt: Added.
  • platform/ipad/scrollingcoordinator/ios/ui-scrolling-tree-expected.txt: Added.
9:30 PM BuildingCairoOnWindows edited by Fujii Hironori
(diff)
8:34 PM Changeset in webkit [240963] by Simon Fraser
  • 10 edits
    4 moves in trunk/Source

Move some macOS/iOS scrolling code into the scrolling/cocoa directory
https://bugs.webkit.org/show_bug.cgi?id=194245

Reviewed by Zalan Bujtas.

Source/WebCore:

ScrollingTreeFixedNode and ScrollingTreeStickyNode are used on iOS and macOS, so move them to the cocoa
directory.

Standardize on the ordering of ENABLE(ASYNC_SCROLLING) && PLATFORM(MAC).

Stop building ScrollingThread for iOS (it's never used), and stub out some functions so things build.

  • SourcesCocoa.txt:
  • WebCore.xcodeproj/project.pbxproj:
  • page/scrolling/ScrollingThread.cpp:

(WebCore::ScrollingThread::initializeRunLoop):
(WebCore::ScrollingThread::wakeUpRunLoop):
(WebCore::ScrollingThread::threadRunLoopSourceCallback):

  • page/scrolling/cocoa/ScrollingTreeFixedNode.h: Renamed from Source/WebCore/page/scrolling/mac/ScrollingTreeFixedNode.h.
  • page/scrolling/cocoa/ScrollingTreeFixedNode.mm: Renamed from Source/WebCore/page/scrolling/mac/ScrollingTreeFixedNode.mm.
  • page/scrolling/cocoa/ScrollingTreeStickyNode.h: Renamed from Source/WebCore/page/scrolling/mac/ScrollingTreeStickyNode.h.
  • page/scrolling/cocoa/ScrollingTreeStickyNode.mm: Renamed from Source/WebCore/page/scrolling/mac/ScrollingTreeStickyNode.mm.
  • page/scrolling/mac/ScrollingThreadMac.mm:
  • page/scrolling/mac/ScrollingTreeScrollingNodeDelegateMac.h:
  • page/scrolling/mac/ScrollingTreeScrollingNodeDelegateMac.mm:

Source/WebKit:

Use PLATFORM(MAC), not !PLATFORM(IOS_FAMILY).

  • WebProcess/WebPage/mac/TiledCoreAnimationDrawingArea.h:
  • WebProcess/WebPage/mac/TiledCoreAnimationDrawingArea.mm:
8:04 PM Changeset in webkit [240962] by Michael Catanzaro
  • 21 edits
    7 adds in trunk

[GTK][WPE] Need a function to convert internal URI to display ("pretty") URI
https://bugs.webkit.org/show_bug.cgi?id=174816

Patch by Ms2ger <Ms2ger@igalia.com> on 2019-02-04
Reviewed by Michael Catanzaro.

Source/WebCore:

Tests: enabled fast/url/user-visible/.

  • testing/Internals.cpp:

(WebCore::Internals::userVisibleString): Enable method on all platforms.

Source/WebKit:

Add webkit_uri_for_display for GTK and WPE.

  • PlatformGTK.cmake:
  • PlatformWPE.cmake:
  • SourcesGTK.txt:
  • SourcesWPE.txt:
  • UIProcess/API/glib/WebKitURIUtilities.cpp: Added.

(webkit_uri_for_display):

  • UIProcess/API/gtk/WebKitURIUtilities.h: Added.
  • UIProcess/API/gtk/docs/webkit2gtk-4.0-sections.txt:
  • UIProcess/API/gtk/docs/webkit2gtk-docs.sgml:
  • UIProcess/API/gtk/webkit2.h:
  • UIProcess/API/wpe/WebKitURIUtilities.h: Added.
  • UIProcess/API/wpe/docs/wpe-0.1-sections.txt:
  • UIProcess/API/wpe/docs/wpe-docs.sgml:
  • UIProcess/API/wpe/webkit.h:

Source/WTF:

Translate userVisibleString and dependent code into platform-neutral C++
in wtf/URLHelpers.{h,cpp}.

  • WTF.xcodeproj/project.pbxproj:
  • wtf/CMakeLists.txt:
  • wtf/URLHelpers.cpp: Added.

(WTF::URLHelpers::loadIDNScriptWhiteList):
(WTF::URLHelpers::isArmenianLookalikeCharacter):
(WTF::URLHelpers::isArmenianScriptCharacter):
(WTF::URLHelpers::isASCIIDigitOrValidHostCharacter):
(WTF::URLHelpers::isLookalikeCharacter):
(WTF::URLHelpers::whiteListIDNScript):
(WTF::URLHelpers::initializeDefaultIDNScriptWhiteList):
(WTF::URLHelpers::allCharactersInIDNScriptWhiteList):
(WTF::URLHelpers::isSecondLevelDomainNameAllowedByTLDRules):
(WTF::URLHelpers::isRussianDomainNameCharacter):
(WTF::URLHelpers::allCharactersAllowedByTLDRules):
(WTF::URLHelpers::mapHostName):
(WTF::URLHelpers::collectRangesThatNeedMapping):
(WTF::URLHelpers::applyHostNameFunctionToMailToURLString):
(WTF::URLHelpers::applyHostNameFunctionToURLString):
(WTF::URLHelpers::mapHostNames):
(WTF::URLHelpers::createStringWithEscapedUnsafeCharacters):
(WTF::URLHelpers::toNormalizationFormC):
(WTF::URLHelpers::userVisibleURL):

  • wtf/URLHelpers.h: Added.
  • wtf/cocoa/NSURLExtras.mm:

(WTF::URLHelpers::loadIDNScriptWhiteList):
(WTF::decodePercentEscapes):
(WTF::decodeHostName):
(WTF::encodeHostName):
(WTF::URLWithUserTypedString):
(WTF::userVisibleString):

Tools:

Add tests for webkit_uri_for_display().

  • TestWebKitAPI/Tests/WebKitGLib/TestWebKitURIUtilities.cpp: Added.

(testURIForDisplayUnaffected):
(testURIForDisplayAffected):
(beforeAll):
(afterAll):

  • TestWebKitAPI/glib/CMakeLists.txt:

LayoutTests:

7:24 PM Changeset in webkit [240961] by ddkilzer@apple.com
  • 2 edits
    1 add in trunk/Source/ThirdParty/libwebrtc

vp8e_mr_alloc_mem() leaks LOWER_RES_FRAME_INFO if second memory allocation fails
<https://webkit.org/b/194265>

Reviewed by Youenn Fablet.

  • Source/third_party/libvpx/source/libvpx/vp8/vp8_cx_iface.c:

(vp8e_mr_alloc_mem):

  • Initialize res to VPX_CODEC_OK instead of 0.
  • Return early if first calloc() fails instead of trying the second calloc(). The function would crash dereferencing nullptr in shared_mem_loc->mb_info otherwise.
  • Call free(shared_mem_loc) if the second call to calloc() fails. This fixes the leak.
  • WebKit/0003-libwebrtc-fix-vp8e_mr_alloc_mem-leak.diff: Add.
7:23 PM Changeset in webkit [240960] by keith_miller@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

Change llint operand macros to inline functions
https://bugs.webkit.org/show_bug.cgi?id=194248

Reviewed by Mark Lam.

  • llint/LLIntSlowPaths.cpp:

(JSC::LLInt::getNonConstantOperand):
(JSC::LLInt::getOperand):
(JSC::LLInt::llint_trace_value):
(JSC::LLInt::LLINT_SLOW_PATH_DECL):
(JSC::LLInt::getByVal):
(JSC::LLInt::genericCall):
(JSC::LLInt::varargsSetup):
(JSC::LLInt::commonCallEval):

5:36 PM Changeset in webkit [240959] by rmorisset@apple.com
  • 3 edits
    1 add in trunk

when lowering AssertNotEmpty, create the value before creating the patchpoint
https://bugs.webkit.org/show_bug.cgi?id=194231

Reviewed by Saam Barati.

JSTests:

This test is painfully fragile: it tries to test that AssertNotEmpty on a constant produces valid B3 IR.
The problem is that AssertNotEmpty is only created by DFGConstantFolding when it can simplify a CheckStructure, and constant folding is a bit capricious (https://bugs.webkit.org/show_bug.cgi?id=133947)
So even tiny changes to this test can change the path code taken.

  • stress/assert-not-empty.js: Added.

(foo):

Source/JavaScriptCore:

This is a very simple change: we should never generate B3 IR where an instruction depends on a value that comes later in the instruction stream.
AssertNotEmpty was generating some such IR, it probably slipped through until now because it is a rather rare and tricky instruction to generate.

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileAssertNotEmpty):

5:34 PM Changeset in webkit [240958] by Fujii Hironori
  • 2 edits in trunk/Source/WebCore
[curl] ASSERTION FAILED: !m_didNotifyResponse
m_multipartHandle

https://bugs.webkit.org/show_bug.cgi?id=190895

Reviewed by Ross Kirsling.

An assertion was failing in CurlRequest::invokeDidReceiveResponse
because DidReceiveResponse was already dispatched. This condition
was met if CurlRequestScheduler::completeTransfer is called while
waiting for the reply for the first DidReceiveResponse.

No new tests, covered by existing tests.

  • platform/network/curl/CurlRequest.h:

(WebCore::CurlRequest::needToInvokeDidReceiveResponse const):
Return true if m_didNotifyResponse is false disregard to
m_didReturnFromNotify.

5:31 PM Changeset in webkit [240957] by Ryan Haddad
  • 2 edits in trunk/LayoutTests

[iOS Simulator] pageoverlay/overlay tests are flaky failures
https://bugs.webkit.org/show_bug.cgi?id=153337

Unreviewed test gardening.

Patch by Shawn Roberts <Shawn Roberts> on 2019-02-04

  • platform/ios/TestExpectations:
5:31 PM Changeset in webkit [240956] by achristensen@apple.com
  • 5 edits
    3 adds in trunk/Source/WebKit

Move XPCService main to a shared file calling a C function
https://bugs.webkit.org/show_bug.cgi?id=194256

Reviewed by Brady Eidson.

This not only reduces a few kilobytes of duplicated binary from the XPCService executables,
It will allow me to introduce a new kind of executable which will need to parse argv and call a different C function.
This is similar to r236075 but more general.

  • Shared/API/Cocoa/WKMain.h: Added.
  • Shared/API/Cocoa/WKMain.mm: Added.

(WKXPCServiceMain):

  • Shared/EntryPointUtilities/Cocoa/AuxiliaryProcessMain.cpp: Added.

(main):

  • Shared/EntryPointUtilities/Cocoa/XPCService/XPCServiceMain.mm:

(main): Deleted.

  • SourcesCocoa.txt:
  • WebKit.xcodeproj/project.pbxproj:
5:30 PM Changeset in webkit [240955] by achristensen@apple.com
  • 32 edits in trunk/Source/WebKit

Make MessageSender functions const
https://bugs.webkit.org/show_bug.cgi?id=194247

Reviewed by Brady Eidson.

  • NetworkProcess/Downloads/Download.cpp:

(WebKit::Download::messageSenderConnection const):
(WebKit::Download::messageSenderDestinationID const):
(WebKit::Download::messageSenderConnection): Deleted.
(WebKit::Download::messageSenderDestinationID): Deleted.

  • NetworkProcess/Downloads/Download.h:
  • NetworkProcess/Downloads/PendingDownload.cpp:

(WebKit::PendingDownload::messageSenderConnection const):
(WebKit::PendingDownload::messageSenderDestinationID const):
(WebKit::PendingDownload::messageSenderConnection): Deleted.
(WebKit::PendingDownload::messageSenderDestinationID): Deleted.

  • NetworkProcess/Downloads/PendingDownload.h:
  • NetworkProcess/IndexedDB/WebIDBConnectionToClient.cpp:

(WebKit::WebIDBConnectionToClient::messageSenderConnection const):
(WebKit::WebIDBConnectionToClient::messageSenderConnection): Deleted.

  • NetworkProcess/IndexedDB/WebIDBConnectionToClient.h:
  • NetworkProcess/NetworkResourceLoader.cpp:

(WebKit::NetworkResourceLoader::messageSenderConnection const):
(WebKit::NetworkResourceLoader::messageSenderConnection): Deleted.

  • NetworkProcess/NetworkResourceLoader.h:
  • NetworkProcess/NetworkSocketStream.cpp:

(WebKit::NetworkSocketStream::messageSenderConnection const):
(WebKit::NetworkSocketStream::messageSenderDestinationID const):
(WebKit::NetworkSocketStream::messageSenderConnection): Deleted.
(WebKit::NetworkSocketStream::messageSenderDestinationID): Deleted.

  • NetworkProcess/NetworkSocketStream.h:
  • NetworkProcess/ServiceWorker/WebSWServerConnection.h:
  • NetworkProcess/ServiceWorker/WebSWServerToContextConnection.cpp:

(WebKit::WebSWServerToContextConnection::messageSenderConnection const):
(WebKit::WebSWServerToContextConnection::messageSenderDestinationID const):
(WebKit::WebSWServerToContextConnection::messageSenderConnection): Deleted.
(WebKit::WebSWServerToContextConnection::messageSenderDestinationID): Deleted.

  • NetworkProcess/ServiceWorker/WebSWServerToContextConnection.h:
  • Platform/IPC/MessageSender.h:
  • Shared/AuxiliaryProcess.cpp:

(WebKit::AuxiliaryProcess::messageSenderConnection const):
(WebKit::AuxiliaryProcess::messageSenderDestinationID const):
(WebKit::AuxiliaryProcess::messageSenderConnection): Deleted.
(WebKit::AuxiliaryProcess::messageSenderDestinationID): Deleted.

  • Shared/AuxiliaryProcess.h:
  • UIProcess/WebConnectionToWebProcess.cpp:

(WebKit::WebConnectionToWebProcess::messageSenderConnection const):
(WebKit::WebConnectionToWebProcess::messageSenderDestinationID const):
(WebKit::WebConnectionToWebProcess::messageSenderConnection): Deleted.
(WebKit::WebConnectionToWebProcess::messageSenderDestinationID): Deleted.

  • UIProcess/WebConnectionToWebProcess.h:
  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::messageSenderConnection const):
(WebKit::WebPageProxy::messageSenderDestinationID const):
(WebKit::WebPageProxy::messageSenderConnection): Deleted.
(WebKit::WebPageProxy::messageSenderDestinationID): Deleted.

  • UIProcess/WebPageProxy.h:
  • WebProcess/Databases/IndexedDB/WebIDBConnectionToServer.cpp:

(WebKit::WebIDBConnectionToServer::messageSenderConnection const):
(WebKit::WebIDBConnectionToServer::messageSenderConnection): Deleted.

  • WebProcess/Databases/IndexedDB/WebIDBConnectionToServer.h:
  • WebProcess/Network/WebResourceLoader.cpp:

(WebKit::WebResourceLoader::messageSenderConnection const):
(WebKit::WebResourceLoader::messageSenderDestinationID const):
(WebKit::WebResourceLoader::messageSenderConnection): Deleted.
(WebKit::WebResourceLoader::messageSenderDestinationID): Deleted.

  • WebProcess/Network/WebResourceLoader.h:
  • WebProcess/Network/WebSocketStream.cpp:

(WebKit::WebSocketStream::messageSenderConnection const):
(WebKit::WebSocketStream::messageSenderDestinationID const):
(WebKit::WebSocketStream::messageSenderConnection): Deleted.
(WebKit::WebSocketStream::messageSenderDestinationID): Deleted.

  • WebProcess/Network/WebSocketStream.h:
  • WebProcess/Storage/WebSWClientConnection.h:
  • WebProcess/WebConnectionToUIProcess.cpp:

(WebKit::WebConnectionToUIProcess::messageSenderConnection const):
(WebKit::WebConnectionToUIProcess::messageSenderDestinationID const):
(WebKit::WebConnectionToUIProcess::messageSenderConnection): Deleted.
(WebKit::WebConnectionToUIProcess::messageSenderDestinationID): Deleted.

  • WebProcess/WebConnectionToUIProcess.h:
  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::messageSenderConnection const):
(WebKit::WebPage::messageSenderDestinationID const):
(WebKit::WebPage::messageSenderConnection): Deleted.
(WebKit::WebPage::messageSenderDestinationID): Deleted.

  • WebProcess/WebPage/WebPage.h:
5:27 PM Changeset in webkit [240954] by beidson@apple.com
  • 9 edits in trunk/Source/WebKit

Take additional process assertion while downloading.
<rdar://problem/47741356> and https://bugs.webkit.org/show_bug.cgi?id=194239

Reviewed by Chris Dumez.

When the first download starts, grab this new assertion.
When the last download ends, release it.

  • Configurations/Network-iOS.entitlements:
  • NetworkProcess/Downloads/DownloadManager.cpp:

(WebKit::DownloadManager::dataTaskBecameDownloadTask):
(WebKit::DownloadManager::downloadFinished):

  • NetworkProcess/Downloads/DownloadManager.h:
  • Platform/spi/ios/AssertionServicesSPI.h:
  • UIProcess/ProcessAssertion.cpp:

(WebKit::ProcessAssertion::ProcessAssertion):

  • UIProcess/ProcessAssertion.h:

(WebKit::ProcessAssertion::ProcessAssertion):

  • UIProcess/WebProcessProxy.cpp:

(WebKit::WebProcessProxy::didSetAssertionState):

  • UIProcess/ios/ProcessAssertionIOS.mm:

(WebKit::flagsForState):
(WebKit::reasonForState):
(WebKit::ProcessAssertion::ProcessAssertion):

5:16 PM Changeset in webkit [240953] by Jonathan Bedard
  • 2 edits in trunk/Tools

webkitpy: Precedence of booted devices should match precedence in DEFAULT_DEVICE_TYPES
https://bugs.webkit.org/show_bug.cgi?id=194158
<rdar://problem/47737268>

Rubber-stamped by Aakash Jain.

  • Scripts/webkitpy/port/device_port.py:

(DevicePort.supported_device_types): Sort supported device types by the DEFAULT_DEVICE_TYPES.

5:11 PM Changeset in webkit [240952] by Devin Rousso
  • 3 edits in trunk/Source/WebInspectorUI

Web Inspector: Resources: missing resource data for document on reload
https://bugs.webkit.org/show_bug.cgi?id=194243
<rdar://problem/47559021>

Reviewed by Joseph Pecoraro.

  • UserInterface/Views/ResourceDetailsSidebarPanel.js:

(WI.ResourceDetailsSidebarPanel.prototype.set resource):
(WI.ResourceDetailsSidebarPanel.prototype._applyResourceEventListeners):

  • UserInterface/Base/Object.js:

(WI.Object.removeEventListener):
Drive-by: there's no need to iterate over the entire table to check if thisObject exists,
as that is handled for us by ListMultimap, which we later call anyways.

5:09 PM Changeset in webkit [240951] by ysuzuki@apple.com
  • 9 edits in trunk/Source/JavaScriptCore

[JSC] ExecutableToCodeBlockEdge should be smaller
https://bugs.webkit.org/show_bug.cgi?id=194244

Reviewed by Michael Saboff.

ExecutableToCodeBlockEdge is allocated so many times. However its memory layout is not efficient.
sizeof(ExecutableToCodeBlockEdge) is 24bytes, but it discards 7bytes due to one bool m_isActive flag.
Because our size classes are rounded by 16bytes, ExecutableToCodeBlockEdge takes 32bytes. So, half of
it is wasted. We should fit it into 16bytes so that we can efficiently allocate it.

In this patch, we leverages TypeInfoMayBePrototype bit in JSTypeInfo. It is a bit special TypeInfo bit
since this is per-cell bit. We rename this to TypeInfoPerCellBit, and use it as a m_isActive mark in
ExecutableToCodeBlockEdge. In JSObject subclasses, we use it as MayBePrototype flag.

Since this flag is not changed in CAS style, we must not change this in concurrent threads. This is OK
for ExecutableToCodeBlockEdge's m_isActive flag since this is touched on the main thread (ScriptExecutable::installCode
does not touch it if it is called in non-main threads).

  • bytecode/ExecutableToCodeBlockEdge.cpp:

(JSC::ExecutableToCodeBlockEdge::finishCreation):
(JSC::ExecutableToCodeBlockEdge::visitChildren):
(JSC::ExecutableToCodeBlockEdge::activate):
(JSC::ExecutableToCodeBlockEdge::deactivate):
(JSC::ExecutableToCodeBlockEdge::isActive const):

  • bytecode/ExecutableToCodeBlockEdge.h:
  • runtime/JSCell.h:
  • runtime/JSCellInlines.h:

(JSC::JSCell::perCellBit const):
(JSC::JSCell::setPerCellBit):
(JSC::JSCell::mayBePrototype const): Deleted.
(JSC::JSCell::didBecomePrototype): Deleted.

  • runtime/JSObject.cpp:

(JSC::JSObject::setPrototypeDirect):

  • runtime/JSObject.h:
  • runtime/JSObjectInlines.h:

(JSC::JSObject::mayBePrototype const):
(JSC::JSObject::didBecomePrototype):

  • runtime/JSTypeInfo.h:

(JSC::TypeInfo::perCellBit):
(JSC::TypeInfo::mergeInlineTypeFlags):
(JSC::TypeInfo::mayBePrototype): Deleted.

5:08 PM Changeset in webkit [240950] by Matt Baker
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: REGRESSION: Resources: WI.TreeOutline assertions when refreshing the page
https://bugs.webkit.org/show_bug.cgi?id=194242
<rdar://problem/47802027>

Reviewed by Joseph Pecoraro.

  • UserInterface/Views/FolderizedTreeElement.js:

(WI.FolderizedTreeElement.prototype.removeChildren):
FolderTreeElements are removed by the base class call to removeChildren.
Calling removeChildren for detached TreeElements is unnecessary.

4:47 PM Changeset in webkit [240949] by Said Abou-Hallawa
  • 14 edits
    3 adds in trunk

[CG] Enable setAdditionalSupportedImageTypes for WK1
https://bugs.webkit.org/show_bug.cgi?id=194190

Reviewed by Tim Horton.

Source/WebCore:

Move the function webCoreStringVectorFromNSStringArray from WebKit to
WebCore so it can be used by both WebKit and WebKitLegacy.

  • platform/mac/StringUtilities.h:
  • platform/mac/StringUtilities.mm:

(WebCore::webCoreStringVectorFromNSStringArray):

Source/WebKit:

Move the function webCoreStringVectorFromNSStringArray from WebKit to
WebCore so it can be used by both WebKit and WebKitLegacy.

  • Platform/mac/StringUtilities.h:
  • Platform/mac/StringUtilities.mm:

(WebKit::webCoreStringVectorFromNSStringArray): Deleted.

  • UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView _initializeWithConfiguration:]):

Source/WebKitLegacy/mac:

  1. Define the preferences key AdditionalSupportedImageTypes.
  2. Add additionalSupportedImageTypes as a private preference property.
  3. Define the setter and the getter of the property.
  4. Add function to convert from an id to an array of strings.
  5. Call WebCore::setAdditionalSupportedImageTypes when preferences change.
  • WebView/WebPreferenceKeysPrivate.h:
  • WebView/WebPreferences.mm:

(-[WebPreferences _stringArrayValueForKey:]):
(-[WebPreferences _setStringArrayValueForKey:forKey:]):
(-[WebPreferences setAdditionalSupportedImageTypes:]):
(-[WebPreferences additionalSupportedImageTypes]):

  • WebView/WebPreferencesPrivate.h:
  • WebView/WebView.mm:

(-[WebView _preferencesChanged:]):

Tools:

Add a test similar to the one under WebKit Cocoa but make it create a
WebView instead of a WKWebView.

  • TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
  • TestWebKitAPI/Tests/mac/100x100-red.tga: Added.
  • TestWebKitAPI/Tests/mac/AdditionalSupportedImageTypes.html: Added.
  • TestWebKitAPI/Tests/mac/AdditionalSupportedImageTypes.mm: Added.

(-[AdditionalSupportedImageTypesTest webView:didFinishLoadForFrame:]):
(TestWebKitAPI::runTest):
(TestWebKitAPI::TEST):

4:28 PM Changeset in webkit [240948] by timothy@apple.com
  • 3 edits in trunk/Source/WebKitLegacy/mac

Add WebView SPI to temporarily force light or dark appearance on a page.
https://bugs.webkit.org/show_bug.cgi?id=194230

Reviewed by Tim Horton.

  • WebView/WebView.mm:

(-[WebView _useDarkAppearance:]): Added.
(-[WebView _setUseDarkAppearance:]): Added.

  • WebView/WebViewPrivate.h:
3:32 PM Changeset in webkit [240947] by Matt Baker
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: REGRESSION: clicking a selected call frame doesn't re-scroll
https://bugs.webkit.org/show_bug.cgi?id=194169
<rdar://problem/47743864>

Reviewed by Devin Rousso.

  • UserInterface/Views/TreeOutline.js:

(WI.TreeOutline.prototype._handleMouseDown):
Add a special case for a single-selection TreeOutline with
allowsRepeatSelection enabled. Since the element is already
selected, bypass the SelectionCongroller and dispatch an
event with event.data.selectedByUser set to true.

3:30 PM Changeset in webkit [240946] by Nikita Vasilyev
  • 8 edits
    2 adds in trunk

Web Inspector: Styles: fix race conditions when editing
https://bugs.webkit.org/show_bug.cgi?id=192739
<rdar://problem/46752925>

Reviewed by Devin Rousso.

Source/WebInspectorUI:

Editing CSS property in the style editor syncronously updates CSSStyleDeclaration on the front-end
and asyncronously updates the backend by calling CSSAgent.setStyleText. After the new style text is applied
on the backend, CSSStyleDeclaration (on the front-end) gets updated.

Unsure there's no race conditions by introducing _updatesInProgressCount:

  • Increment it before calling CSSAgent.setStyleText.
  • Decrement it after CSSAgent.setStyleText is finished.

Prevent updates of CSSStyleDeclaration when _updatesInProgressCount isn't 0.

  • UserInterface/Models/CSSProperty.js:

(WI.CSSProperty.prototype._updateOwnerStyleText):

  • UserInterface/Models/CSSStyleDeclaration.js:

(WI.CSSStyleDeclaration):
(WI.CSSStyleDeclaration.prototype.set text): Removed.
(WI.CSSStyleDeclaration.prototype.setText): Added.
Change the setter to a method since it has side effects including an asynchronous backend call.

  • UserInterface/Models/DOMNodeStyles.js:

(WI.DOMNodeStyles.prototype.changeStyleText):

  • UserInterface/Views/SpreadsheetStyleProperty.js:

(WI.SpreadsheetStyleProperty.prototype.get nameTextField): Removed.
(WI.SpreadsheetStyleProperty.prototype.get valueTextField): Removed.
Drive-by: remove unused code.

LayoutTests:

  • inspector/css/modify-css-property-expected.txt:
  • inspector/css/modify-css-property-race-expected.txt: Added.
  • inspector/css/modify-css-property-race.html: Added.
  • inspector/css/modify-css-property.html:
3:12 PM Changeset in webkit [240945] by Justin Fan
  • 2 edits in trunk/Source/WebCore

[Web GPU] Code clean-up for RenderPipeline backend
https://bugs.webkit.org/show_bug.cgi?id=194238

Reviewed by Dean Jackson.

Replace dot syntax setters with calls to setter methods, and remove unnecessary setter calls for
the input state's descriptor arrays.

Covered by existing tests; no change in behavior.

  • platform/graphics/gpu/cocoa/GPURenderPipelineMetal.mm:

(WebCore::tryCreateMtlDepthStencilState): Refactor to use implicit setters rather than dot syntax.
(WebCore::setInputStateForPipelineDescriptor): Ditto, and remove unnecessary setter calls on array objects.

2:30 PM Changeset in webkit [240944] by benjamin@webkit.org
  • 13 edits in trunk/Source

Use deferrable timer to restart the Responsiveness Timer on each wheel event
https://bugs.webkit.org/show_bug.cgi?id=194135
Source/WebCore:

<rdar://problem/47724099>

Reviewed by Simon Fraser.

The original DeferrableOneShotTimer was not really deferrable.
What it allows is to restart the count down from scratch after
firing.

For this optimization, I want to keep the correct timing but avoid
starting a real timer every time.

I renamed DeferrableOneShotTimer to ResettableOneShotTimer and
created a real DeferrableOneShotTimer that support deadlines.

  • css/CSSImageGeneratorValue.cpp:
  • html/HTMLPlugInImageElement.h:
  • loader/cache/CachedResource.h:
  • platform/Timer.cpp:

(WebCore::DeferrableOneShotTimer::startOneShot):
(WebCore::DeferrableOneShotTimer::fired):

  • platform/Timer.h:

(WebCore::TimerBase::nextFireTime const):
(WebCore::ResettableOneShotTimer::ResettableOneShotTimer):
(WebCore::DeferrableOneShotTimer::DeferrableOneShotTimer):
(WebCore::DeferrableOneShotTimer::stop):
(WebCore::DeferrableOneShotTimer::restart): Deleted.

  • platform/graphics/ca/TileController.h:
  • platform/graphics/cg/SubimageCacheWithTimer.h:

Source/WebKit:

Reviewed by Simon Fraser.

Simon Fraser suggested a neat improvement over my previous optimization
of ResponsivenessTimer.

Instead of reseting the deadline with every event, we can let the timer
fire and add the missing time from the last start.

I implemented that behavior in the new Deferrable Timer class and use
it from ResponsivenessTimer.

  • NetworkProcess/watchos/NetworkProximityAssertion.h:
  • UIProcess/ResponsivenessTimer.h:
  • WebProcess/Plugins/PluginView.h:
2:28 PM Changeset in webkit [240943] by graouts@webkit.org
  • 4 edits in trunk/Source/WebCore

Use constants for pointer types
https://bugs.webkit.org/show_bug.cgi?id=194232

Reviewed by Dean Jackson.

We cannot use an enum for the pointer type since a custom pointer type can be created by developers when creating a
pointer event using JavaScript, but we can at least used string constants for the ones created internally.

  • dom/PointerEvent.cpp:

(WebCore::PointerEvent::mousePointerType):
(WebCore::PointerEvent::penPointerType):
(WebCore::PointerEvent::touchPointerType):

  • dom/PointerEvent.h:
  • dom/ios/PointerEventIOS.cpp:
2:19 PM Changeset in webkit [240942] by Alan Bujtas
  • 4 edits
    3 adds in trunk

[First paint] Adjust "finishedParsingMainDocument" flag by taking deferred and async scripts into account.
https://bugs.webkit.org/show_bug.cgi?id=194168

Reviewed by Simon Fraser.

Source/WebCore:

First paint should not be blocked by async or deferred scripts.

  • page/FrameView.cpp:

(WebCore::FrameView::qualifiesAsVisuallyNonEmpty const):

Tools:

Test if the firstVisuallyNoneEmpty milestone fires before the deferred script's post-message.

  • TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
  • TestWebKitAPI/Tests/WebKit/FirstVisuallyNonEmptyMilestoneWithDeferredScript.mm: Added.

(-[FirstPaintMessageHandler userContentController:didReceiveScriptMessage:]):
(-[RenderingProgressNavigationDelegate _webView:renderingProgressDidChange:]):
(TEST):

  • TestWebKitAPI/Tests/WebKit/deferred-script-load.html: Added.
  • TestWebKitAPI/Tests/WebKit/deferred-script.js: Added.
1:51 PM Changeset in webkit [240941] by Simon Fraser
  • 14 edits
    6 adds in trunk

Async overflow scroll with border-radius renders incorrectly
https://bugs.webkit.org/show_bug.cgi?id=194205
<rdar://problem/47771668>

Reviewed by Zalan Bujtas.

Source/WebCore:

When an element has composited overflow:scroll and border-radius, we need to make a layer
to clip to the inside of the border radius if necessary.

Existing code simply turned off needsDescendantsClippingLayer for composited scrolling
layers, but now we check to see if the inner border is rounded. If we have both a m_childContainmentLayer
and scrolling layers, we need to adjust the location of the scrolling layers (which are parented
in m_childContainmentLayer).

Also fix offsetFromRenderer for these layers; it's positive for layers inset from the top left
of the border box.

Tests: compositing/clipping/border-radius-async-overflow-clipping-layer.html

compositing/clipping/border-radius-async-overflow-non-stacking.html
compositing/clipping/border-radius-async-overflow-stacking.html

  • rendering/RenderLayerBacking.cpp:

(WebCore::RenderLayerBacking::updateConfiguration):
(WebCore::RenderLayerBacking::updateGeometry):
(WebCore::RenderLayerBacking::updateChildClippingStrategy): Layout is always up-to-date now, so remove the comment.

LayoutTests:

New baselines, mostly correcting offsetFromRenderer.

  • compositing/clipping/border-radius-async-overflow-clipping-layer-expected.txt: Added.
  • compositing/clipping/border-radius-async-overflow-clipping-layer.html: Added.
  • compositing/clipping/border-radius-async-overflow-non-stacking-expected.html: Added.
  • compositing/clipping/border-radius-async-overflow-non-stacking.html: Added.
  • compositing/clipping/border-radius-async-overflow-stacking-expected.html: Added.
  • compositing/clipping/border-radius-async-overflow-stacking.html: Added.
  • compositing/scrolling/overflow-scrolling-layers-are-self-painting-expected.txt:
  • platform/ios/compositing/overflow/scrolling-without-painting-expected.txt:
  • platform/ios/compositing/overflow/textarea-scroll-touch-expected.txt: html.css specifies a border-radius on <textarea> for iOS, so we make additional

clipping layers.

  • platform/ios/compositing/rtl/rtl-scrolling-with-transformed-descendants-expected.txt:
  • platform/ios/compositing/scrolling/overflow-scrolling-layers-are-self-painting-expected.txt:
1:16 PM Changeset in webkit [240940] by Simon Fraser
  • 30 edits
    3 adds in trunk

PageOverlayController's layers should be created lazily
https://bugs.webkit.org/show_bug.cgi?id=194199
Source/WebCore:

Reviewed by Tim Horton.

Expose PageOverlayController::hasDocumentOverlays() and hasViewOverlays()
and use them to only parent the overlay-hosting layers when necessary.

For document overlays, RenderLayerCompositor::appendDocumentOverlayLayers() can
simply do nothing if there are none. Updates are triggered via Page::installedPageOverlaysChanged(),
which calls FrameView::setNeedsCompositingConfigurationUpdate() to trigger the root layer
compositing updates that parents the layerWithDocumentOverlays().

View overlays are added to the layer tree via the DrawingArea. When we go between having
none and some view overlays, Page::installedPageOverlaysChanged() calls attachViewOverlayGraphicsLayer()
on the ChromeClient, and the DrawingArea responds by calling updateRootLayers() and scheduling a
compositing flush (this has to be done manually because view overlay layers are outside the
subtree managed by RenderLayerCompositor).

Now that GraphicsLayers are ref-counted, we can let the DrawingArea simply retain its m_viewOverlayRootLayer;
there is no need for RenderLayerCompositor::attachRootLayer()/detachRootLayer() to do anything with view
overlay layers. This implies that a page can navigate (new FrameView) and view overlays will persist, without
having to be manually removed and re-added. We can also remove the Frame argument to attachViewOverlayGraphicsLayer().

  • loader/EmptyClients.h:
  • page/ChromeClient.h:
  • page/FrameView.cpp:

(WebCore::FrameView::setNeedsCompositingConfigurationUpdate): These functions need to schedule a compositing flush
because there may be nothing else that does.
(WebCore::FrameView::setNeedsCompositingGeometryUpdate):

  • page/Page.cpp:

(WebCore::Page::installedPageOverlaysChanged):

  • page/Page.h:
  • page/PageOverlayController.cpp:

(WebCore::PageOverlayController::hasDocumentOverlays const):
(WebCore::PageOverlayController::hasViewOverlays const):
(WebCore::PageOverlayController::attachViewOverlayLayers): PageOverlayController has the Page so it
might as well be the one to call through the ChromeClient.
(WebCore::PageOverlayController::detachViewOverlayLayers):
(WebCore::PageOverlayController::installPageOverlay):
(WebCore::PageOverlayController::uninstallPageOverlay):

  • page/PageOverlayController.h:
  • rendering/RenderLayerCompositor.cpp:

(WebCore::RenderLayerCompositor::updateCompositingLayers): isFullUpdate is always true; remove it.
(WebCore::RenderLayerCompositor::appendDocumentOverlayLayers):
(WebCore::RenderLayerCompositor::attachRootLayer):
(WebCore::RenderLayerCompositor::detachRootLayer):

Source/WebKit:

rdar://problem/46571593

Reviewed by Tim Horton.

Expose PageOverlayController::hasDocumentOverlays() and hasViewOverlays()
and use them to only parent the overlay-hosting layers when necessary.

For document overlays, RenderLayerCompositor::appendDocumentOverlayLayers() can
simply do nothing if there are none. Updates are triggered via Page::installedPageOverlaysChanged(),
which calls FrameView::setNeedsCompositingConfigurationUpdate() to trigger the root layer
compositing updates that parents the layerWithDocumentOverlays().

View overlays are added to the layer tree via the DrawingArea. When we go between having
none and some view overlays, Page::installedPageOverlaysChanged() calls attachViewOverlayGraphicsLayer()
on the ChromeClient, and the DrawingArea responds by calling updateRootLayers() and scheduling a
compositing flush (this has to be done manually because view overlay layers are outside the
subtree managed by RenderLayerCompositor).

Now that GraphicsLayers are ref-counted, we can let the DrawingArea simply retain its m_viewOverlayRootLayer;
there is no need for RenderLayerCompositor::attachRootLayer()/detachRootLayer() to do anything with view
overlay layers. This implies that a page can navigate (new FrameView) and view overlays will persist, without
having to be manually removed and re-added. We can also remove the Frame argument to attachViewOverlayGraphicsLayer().

  • WebProcess/WebCoreSupport/WebChromeClient.cpp:

(WebKit::WebChromeClient::attachViewOverlayGraphicsLayer):

  • WebProcess/WebCoreSupport/WebChromeClient.h:
  • WebProcess/WebPage/AcceleratedDrawingArea.cpp:

(WebKit::AcceleratedDrawingArea::attachViewOverlayGraphicsLayer):

  • WebProcess/WebPage/AcceleratedDrawingArea.h:
  • WebProcess/WebPage/DrawingArea.h:

(WebKit::DrawingArea::attachViewOverlayGraphicsLayer):

  • WebProcess/WebPage/RemoteLayerTree/RemoteLayerTreeDrawingArea.h:
  • WebProcess/WebPage/RemoteLayerTree/RemoteLayerTreeDrawingArea.mm:

(WebKit::RemoteLayerTreeDrawingArea::attachViewOverlayGraphicsLayer):

  • WebProcess/WebPage/mac/TiledCoreAnimationDrawingArea.h:
  • WebProcess/WebPage/mac/TiledCoreAnimationDrawingArea.mm:

(WebKit::TiledCoreAnimationDrawingArea::attachViewOverlayGraphicsLayer):
(WebKit::TiledCoreAnimationDrawingArea::mainFrameContentSizeChanged):

Source/WebKitLegacy/mac:

rdar://problem/46571593

Reviewed by Tim Horton.

  • WebCoreSupport/WebChromeClient.h:
  • WebCoreSupport/WebChromeClient.mm:

(WebChromeClient::attachViewOverlayGraphicsLayer):

Source/WebKitLegacy/win:

rdar://problem/46571593

Reviewed by Tim Horton.

Expose PageOverlayController::hasDocumentOverlays() and hasViewOverlays()
and use them to only parent the overlay-hosting layers when necessary.

For document overlays, RenderLayerCompositor::appendDocumentOverlayLayers() can
simply do nothing if there are none. Updates are triggered via Page::installedPageOverlaysChanged(),
which calls FrameView::setNeedsCompositingConfigurationUpdate() to trigger the root layer
compositing updates that parents the layerWithDocumentOverlays().

View overlays are added to the layer tree via the DrawingArea. When we go between having
none and some view overlays, Page::installedPageOverlaysChanged() calls attachViewOverlayGraphicsLayer()
on the ChromeClient, and the DrawingArea responds by calling updateRootLayers() and scheduling a
compositing flush (this has to be done manually because view overlay layers are outside the
subtree managed by RenderLayerCompositor).

Now that GraphicsLayers are ref-counted, we can let the DrawingArea simply retain its m_viewOverlayRootLayer;
there is no need for RenderLayerCompositor::attachRootLayer()/detachRootLayer() to do anything with view
overlay layers. This implies that a page can navigate (new FrameView) and view overlays will persist, without
having to be manually removed and re-added. We can also remove the Frame argument to attachViewOverlayGraphicsLayer().

  • WebCoreSupport/WebChromeClient.cpp:

(WebChromeClient::attachViewOverlayGraphicsLayer):

  • WebCoreSupport/WebChromeClient.h:

LayoutTests:

rdar://problem/46571593

Reviewed by Tim Horton.

  • pageoverlay/overlay-remove-reinsert-view-expected.txt: We no longer unparent the overlays

on view removal, so new results.

  • platform/ios-wk2/TestExpectations: Unskip some iOS tests.
  • platform/ios-wk2/pageoverlay/overlay-installation-expected.txt: Added.
  • platform/ios-wk2/pageoverlay/overlay-large-document-expected.txt: Added.
  • platform/ios-wk2/pageoverlay/overlay-large-document-scrolled-expected.txt: Added.
  • platform/ios/TestExpectations: Unskip some iOS tests.
1:03 PM Changeset in webkit [240939] by commit-queue@webkit.org
  • 3 edits
    2 adds in trunk

Source/WebCore:
When performing Increment or Decrement on sliders, check to see if the slider is disabled.
https://bugs.webkit.org/show_bug.cgi?id=173497

Patch by Eric Liang <ericliang@apple.com> on 2019-02-04
Reviewed by Chris Fleizach.

Test: accessibility/set-value-not-work-for-disabled-sliders.html

  • accessibility/AccessibilityNodeObject.cpp:

(WebCore::AccessibilityNodeObject::alterSliderValue):

LayoutTests:
Check if slider value changed after calling AX Increment or Decrement on disabled sliders.
https://bugs.webkit.org/show_bug.cgi?id=193497

Patch by Eric Liang <ericliang@apple.com> on 2019-02-04
Reviewed by Chris Fleizach.

  • accessibility/set-value-not-work-for-disabled-sliders.html: Added.
1:02 PM Changeset in webkit [240938] by ysuzuki@apple.com
  • 14 edits in trunk/Source/JavaScriptCore

[JSC] Shrink size of FunctionExecutable
https://bugs.webkit.org/show_bug.cgi?id=194191

Reviewed by Michael Saboff.

This patch reduces the size of FunctionExecutable. Since it is allocated in IsoSubspace, reducing the size directly
improves the allocation efficiency.

  1. ScriptExecutable (base class of FunctionExecutable) has several members, but it is meaningful only in FunctionExecutable. We remove this from ScriptExecutable, and move it to FunctionExecutable.
  1. FunctionExecutable has several data which are rarely used. One for FunctionOverrides functionality, which is typically used for JSC debugging purpose, and another is TypeSet and offsets for type profiler. We move them to RareData and reduce the size of FunctionExecutable in the common case.

This patch changes the size of FunctionExecutable from 176 to 144.

  • bytecode/CodeBlock.cpp:

(JSC::CodeBlock::dumpSource):
(JSC::CodeBlock::finishCreation):

  • dfg/DFGNode.h:

(JSC::DFG::Node::OpInfoWrapper::as const):

  • interpreter/StackVisitor.cpp:

(JSC::StackVisitor::Frame::computeLineAndColumn const):

  • runtime/ExecutableBase.h:
  • runtime/FunctionExecutable.cpp:

(JSC::FunctionExecutable::FunctionExecutable):
(JSC::FunctionExecutable::ensureRareDataSlow):

  • runtime/FunctionExecutable.h:
  • runtime/Intrinsic.h:
  • runtime/ModuleProgramExecutable.cpp:

(JSC::ModuleProgramExecutable::ModuleProgramExecutable):

  • runtime/ProgramExecutable.cpp:

(JSC::ProgramExecutable::ProgramExecutable):

  • runtime/ScriptExecutable.cpp:

(JSC::ScriptExecutable::ScriptExecutable):
(JSC::ScriptExecutable::overrideLineNumber const):
(JSC::ScriptExecutable::typeProfilingStartOffset const):
(JSC::ScriptExecutable::typeProfilingEndOffset const):

  • runtime/ScriptExecutable.h:

(JSC::ScriptExecutable::firstLine const):
(JSC::ScriptExecutable::setOverrideLineNumber): Deleted.
(JSC::ScriptExecutable::hasOverrideLineNumber const): Deleted.
(JSC::ScriptExecutable::overrideLineNumber const): Deleted.
(JSC::ScriptExecutable::typeProfilingStartOffset const): Deleted.
(JSC::ScriptExecutable::typeProfilingEndOffset const): Deleted.

  • runtime/StackFrame.cpp:

(JSC::StackFrame::computeLineAndColumn const):

  • tools/JSDollarVM.cpp:

(JSC::functionReturnTypeFor):

12:49 PM Changeset in webkit [240937] by Michael Catanzaro
  • 2 edits in trunk/Source/WebKit

Unreviewed, improve preprocessor guard
https://bugs.webkit.org/show_bug.cgi?id=194166
<rdar://problem/47694328>

AC mode is only optional in GTK port. Requested by Zan.

  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::updatePreferences):

11:49 AM Changeset in webkit [240936] by dean_johnson@apple.com
  • 2 edits in trunk/Tools

REGRESSION (r237269): webkit-patch what-broke is broken
https://bugs.webkit.org/show_bug.cgi?id=193025

Reviewed by Aakash Jain.

  • Scripts/webkitpy/common/host.py:

(Host.buildbot):
(Host.bugzilla): Renamed to 'buildbot'.

10:59 AM Changeset in webkit [240935] by Alan Coon
  • 7 edits in tags/Safari-608.1.4.1/Source

Versioning.

10:59 AM Changeset in webkit [240934] by wenson_hsieh@apple.com
  • 2 edits in trunk/Tools

[iOS] API test WKAttachmentTests.InsertAndRemoveDuplicateAttachment is failing after r240902
https://bugs.webkit.org/show_bug.cgi?id=194207

Reviewed by Tim Horton.

Fix this API test by making it robust against smart paste on iOS. Currently, this test pastes an attachment
element and assumes that the pasted attachment is adjacent to the original one. However, after enabling smart
paste, we now insert an extra space in between. Instead of executing "DeleteBackward" twice to test removing the
attachment elements, we delete backwards once to remove the pasted attachment, and move the selection to the
start and delete forwards to remove the original attachment.

  • TestWebKitAPI/Tests/WebKitCocoa/WKAttachmentTests.mm:

(TestWebKitAPI::TEST):

10:57 AM Changeset in webkit [240933] by Alan Coon
  • 1 copy in tags/Safari-608.1.4.1

New tag.

10:55 AM Changeset in webkit [240932] by Jon Davis
  • 1 edit
    15 adds in trunk/Websites/webkit.org

Add demos for Intersection Observer API
https://bugs.webkit.org/show_bug.cgi?id=194219

Reviewed by Simon Fraser.

  • demos/intersection-observer/lazy-image-load/index.html: Added.
  • demos/intersection-observer/lazy-image-load/scripts.js: Added.

(ImageLoader):
(ImageLoader.prototype.findImages):
(ImageLoader.prototype.smallURLForImage):
(ImageLoader.prototype.largeURLForImage):
(ImageLoader.prototype.setupObserver):
(ImageLoader.prototype.intersectionsChanged):

  • demos/intersection-observer/lazy-image-load/style.css: Added.

(body):
(section):
(header):
(.main):
(.main img):
(.stories):
(.world, .local):
(.world):
(.local):
(.ad):
(.contents):
(.sidebar):
(.links):
(.main-story):
(.main-story img):
(.top-story):
(.top-story img):
(.mid-story img):
(.link-group):
(.link-group img):
(.link-group ul):
(.link-group li):
(footer):
(footer ul):
(footer a):
(.footer-col):

  • demos/intersection-observer/simple/script.js: Added.

(addToLog):
(clearLog):
(stringFromRect):
(intersectedCallback):

  • demos/intersection-observer/simple/simple-observer-iframe.html: Added.
  • demos/intersection-observer/simple/simple-observer-root-margin.html: Added.
  • demos/intersection-observer/simple/simple-observer.html: Added.
  • demos/intersection-observer/simple/styles.css: Added.

(body):
(.results):
(.results button):
(h2):
(#logging):

  • demos/intersection-observer/triggered-animation/index.html: Added.
  • demos/intersection-observer/triggered-animation/script.js: Added.

(AnimationManager):
(AnimationManager.prototype.setupObserver):
(AnimationManager.prototype.intersectionsChanged):

  • demos/intersection-observer/triggered-animation/style.css: Added.

(body):
(p):
(.animation-container h1):
(.animation-container):
(.animation-container .box):
(.slide.box):
(.animation-container.visible > .slide.box):
(.slide.animation-container div:nth-of-type(1)):
(.slide.animation-container div:nth-of-type(2)):
(.slide.animation-container div:nth-of-type(3)):
(.spin):
(.animation-container.visible .spin):
(@keyframes spin):
(to):
(.animation-container.svg):
(.animation-container.svg path):
(.animation-container.svg.visible):
(@keyframes stroke-move):
(.animation-container.svg circle):
(.animation-container.svg.visible circle):
(.animation-container.svg circle:nth-of-type(2)):
(.animation-container.svg circle:nth-of-type(3)):
(.animation-container.svg circle:nth-of-type(4)):
(.animation-container.svg circle:nth-of-type(5)):
(@keyframes circle-scale):

10:51 AM Changeset in webkit [240931] by sihui_liu@apple.com
  • 9 edits in trunk/Source

IndexedDB: leak WebIDBConnectionToServer in layout tests
https://bugs.webkit.org/show_bug.cgi?id=193688
<rdar://problem/47353263>

Reviewed by Geoffrey Garen.

Source/WebCore:

Let IDBConnectionToServer keep a WeakPtr of IDBConnectionToServerDelegate.

  • Modules/indexeddb/client/IDBConnectionToServer.cpp:

(WebCore::IDBClient::IDBConnectionToServer::IDBConnectionToServer):

  • Modules/indexeddb/client/IDBConnectionToServer.h:
  • Modules/indexeddb/client/IDBConnectionToServerDelegate.h:

Source/WebKit:

  • NetworkProcess/NetworkConnectionToWebProcess.cpp:

(WebKit::NetworkConnectionToWebProcess::didClose):
(WebKit::NetworkConnectionToWebProcess::establishIDBConnectionToServer):
(WebKit::NetworkConnectionToWebProcess::removeIDBConnectionToServer): Deleted.

  • NetworkProcess/NetworkConnectionToWebProcess.h:
  • NetworkProcess/NetworkConnectionToWebProcess.messages.in:
  • WebProcess/Databases/IndexedDB/WebIDBConnectionToServer.cpp:

(WebKit::WebIDBConnectionToServer::~WebIDBConnectionToServer):

10:47 AM Changeset in webkit [240930] by youenn@apple.com
  • 3 edits in trunk/Source/WebCore

Make sure to remove the device observer in AVVideoCaptureSource
https://bugs.webkit.org/show_bug.cgi?id=194181
<rdar://problem/47739247>

Reviewed by Eric Carlson.

Make sure to remove the device observer when the observer is destroyed.
To simplify things, add the observer in AVVideoCaptureSource constructor and remove it in the destructor.

Make also sure the session observer is also removed whenever the session is released by AVVideoCaptureSource.

Covered by manual test.

  • platform/mediastream/mac/AVVideoCaptureSource.h:
  • platform/mediastream/mac/AVVideoCaptureSource.mm:

(WebCore::AVVideoCaptureSource::AVVideoCaptureSource):
(WebCore::AVVideoCaptureSource::~AVVideoCaptureSource):
(WebCore::AVVideoCaptureSource::initializeSession):
(WebCore::AVVideoCaptureSource::clearSession):
(WebCore::AVVideoCaptureSource::stopProducingData):
(WebCore::AVVideoCaptureSource::setupSession):

10:19 AM Changeset in webkit [240929] by graouts@webkit.org
  • 2 edits in trunk/Source/WebKit

<rdar://problem/47788802>

Unreviewed build fix.

  • Platform/spi/ios/UIKitSPI.h:
9:37 AM Changeset in webkit [240928] by youenn@apple.com
  • 12 edits
    2 adds in trunk

Capture state should be managed consistently when doing process swapping
https://bugs.webkit.org/show_bug.cgi?id=194122
<rdar://problem/47609293>

Reviewed by Eric Carlson.

Source/WebKit:

When doing PSON, WebPageProxy::resetState is called.
It resets the media state, but does not call the client delegates.
Instead of directly updating the media state, call the routine used to update it so that client delegates are called.

Covered by new API test and layout test.

  • UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView _mediaCaptureState]):

  • UIProcess/API/Cocoa/WKWebViewPrivate.h:
  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::resetState):
(WebKit::WebPageProxy::isPlayingMediaDidChange):
(WebKit::WebPageProxy::updatePlayingMediaDidChange):

  • UIProcess/WebPageProxy.h:

Tools:

  • TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:

(-[GetUserMediaUIDelegate _webView:requestUserMediaAuthorizationForDevices:url:mainFrameURL:decisionHandler:]):
(-[GetUserMediaUIDelegate _webView:checkUserMediaPermissionForURL:mainFrameURL:frameIdentifier:decisionHandler:]):
(-[GetUserMediaUIDelegate _webView:mediaCaptureStateDidChange:]):

  • WebKitTestRunner/InjectedBundle/Bindings/TestRunner.idl:
  • WebKitTestRunner/InjectedBundle/TestRunner.cpp:

(WTR::TestRunner::isDoingMediaCapture const):

  • WebKitTestRunner/InjectedBundle/TestRunner.h:
  • WebKitTestRunner/TestController.cpp:

(WTR::TestController::isDoingMediaCapture const):

  • WebKitTestRunner/TestController.h:
  • WebKitTestRunner/TestInvocation.cpp:

(WTR::TestInvocation::didReceiveSynchronousMessageFromInjectedBundle):

  • WebKitTestRunner/cocoa/TestControllerCocoa.mm:

(WTR::TestController::isDoingMediaCapture const):

8:22 AM Changeset in webkit [240927] by commit-queue@webkit.org
  • 12 edits
    1 add in trunk/Source

Use a dedicated type instead of int32_t for pointer identifiers
https://bugs.webkit.org/show_bug.cgi?id=194217

Patch by Antoine Quint <Antoine Quint> on 2019-02-04
Reviewed by Antti Koivisto.

Source/WebCore:

  • WebCore.xcodeproj/project.pbxproj:
  • dom/PointerEvent.h:
  • dom/PointerID.h: Added.
  • page/PointerCaptureController.cpp:

(WebCore::PointerCaptureController::setPointerCapture):
(WebCore::PointerCaptureController::releasePointerCapture):
(WebCore::PointerCaptureController::hasPointerCapture):
(WebCore::PointerCaptureController::touchEndedOrWasCancelledForIdentifier):
(WebCore::PointerCaptureController::hasCancelledPointerEventForIdentifier):
(WebCore::PointerCaptureController::cancelPointer):

  • page/PointerCaptureController.h:

Source/WebKit:

  • Scripts/webkit/messages.py:
  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::cancelPointer):

  • UIProcess/WebPageProxy.h:
  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::cancelPointer):

  • WebProcess/WebPage/WebPage.h:
  • WebProcess/WebPage/WebPage.messages.in:
8:05 AM Changeset in webkit [240926] by wenson_hsieh@apple.com
  • 3 edits in trunk/Source/WebCore

[iOS] Unable to make a selection in jsfiddle.net using arrow keys when requesting desktop site
Followup to https://bugs.webkit.org/show_bug.cgi?id=193758

Reviewed by Daniel Bates.

Put the iOS-specific behavior behind an EditingBehavior check, rather than a compile-time guard. No change in
behavior.

  • editing/EditingBehavior.h:

(WebCore::EditingBehavior::shouldMoveSelectionToEndWhenFocusingTextInput const):

  • html/HTMLInputElement.cpp:

(WebCore::HTMLInputElement::setDefaultSelectionAfterFocus):

8:02 AM Changeset in webkit [240925] by Michael Catanzaro
  • 2 edits in trunk/Source/WebKit

Unreviewed, avoid -Wswitch warnings introduced in r240880
https://bugs.webkit.org/show_bug.cgi?id=193740
<rdar://problem/47527267>

  • NetworkProcess/soup/NetworkDataTaskSoup.cpp:

(WebKit::NetworkDataTaskSoup::dispatchDidReceiveResponse):

7:49 AM Changeset in webkit [240924] by Alan Bujtas
  • 4 edits in trunk/Source/WebCore

[LFC][IFC] Make InlineFormattingContext::collectInlineContent non-recursive.
https://bugs.webkit.org/show_bug.cgi?id=194210

Reviewed by Antti Koivisto.

Use iterative algorithm to collect inline content (and add breaking rules).
This is in preparation for fixing the inline preferred width computation.

  • layout/Verification.cpp:

(WebCore::Layout::resolveForRelativePositionIfNeeded):

  • layout/inlineformatting/InlineFormattingContext.cpp:

(WebCore::Layout::addDetachingRules):
(WebCore::Layout::createAndAppendInlineItem):
(WebCore::Layout::InlineFormattingContext::collectInlineContent const):
(WebCore::Layout::InlineFormattingContext::collectInlineContentForSubtree const): Deleted.

  • layout/inlineformatting/InlineFormattingContext.h:
7:48 AM Changeset in webkit [240923] by Michael Catanzaro
  • 2 edits in trunk/Source/WebCore

Unreviewed, fix unused variable warnings introduced in r240912
https://bugs.webkit.org/show_bug.cgi?id=194198
<rdar://problem/47776051>

  • page/FrameView.cpp:

(WebCore::FrameView::setNeedsCompositingConfigurationUpdate):
(WebCore::FrameView::setNeedsCompositingGeometryUpdate):

7:47 AM Changeset in webkit [240922] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebKit

[GTK] Allow pinch zoom on touchpad
https://bugs.webkit.org/show_bug.cgi?id=194201

Patch by Alexander Mikhaylenko <exalm7659@gmail.com> on 2019-02-04
Reviewed by Michael Catanzaro.

Enable touchpad events for WebkitWebViewBase, then feed touchpad
pinch events to GestureController.

  • UIProcess/API/gtk/WebKitWebViewBase.cpp:

(webkitWebViewBaseRealize): Added GDK_TOUCHPAD_GESTURE_MASK to event mask.
(webkitWebViewBaseEvent): Added.
(webkit_web_view_base_class_init): Override event vfunc.

7:39 AM Changeset in webkit [240921] by commit-queue@webkit.org
  • 6 edits
    2 adds in trunk

[css-scroll-snap] scroll-snap-align not honored on child with non-visible overflow
https://bugs.webkit.org/show_bug.cgi?id=191816

Patch by Frederic Wang <fwang@igalia.com> on 2019-02-04
Reviewed by Wenson Hsieh.

Source/WebCore:

This patch fixes a bug that prevents children of a scroll container to create snap positions
when they have non-visible overflow. This happens because for such a child, the function
RenderBox::findEnclosingScrollableContainer() will return the child itself rather than the
scroll container. To address that issue, we introduce a new
RenderObject::enclosingScrollableContainerForSnapping() helper function that ensures that
a real RenderBox ancestor is returned.

Test: css3/scroll-snap/scroll-snap-children-with-overflow.html

  • page/scrolling/AxisScrollSnapOffsets.cpp:

(WebCore::updateSnapOffsetsForScrollableArea): Use enclosingScrollableContainerForSnapping()
so that we don't skip children with non-visible overflow.

  • rendering/RenderLayerModelObject.cpp:

(WebCore::RenderLayerModelObject::styleDidChange): Ditto. The new function calls
enclosingBox().

  • rendering/RenderObject.cpp:

(WebCore::RenderObject::enclosingScrollableContainerForSnapping const): Return
the scrollable container of the enclosing box. If it is actually the render object itself
then start the search from the parent box instead.

  • rendering/RenderObject.h: Declare enclosingScrollableContainerForSnapping().

LayoutTests:

Add a test to verify that children with non-visible overflow create snap offsets.

  • css3/scroll-snap/scroll-snap-children-with-overflow-expected.txt: Added.
  • css3/scroll-snap/scroll-snap-children-with-overflow.html: Added.
7:36 AM Changeset in webkit [240920] by Michael Catanzaro
  • 2 edits in trunk/Source/WebKit

Unreviewed, only force settings.acceleratedCompositingEnabled() to true for Cocoa ports
https://bugs.webkit.org/show_bug.cgi?id=194166
<rdar://problem/47694328>

Accelerated compositing is broken for me at least. We're a long way from being able to force
it.

  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::updatePreferences):

7:00 AM Changeset in webkit [240919] by Michael Catanzaro
  • 2 edits in trunk/Source/WebKit

[GTK] Remove last python2 dependency from CMake build process
https://bugs.webkit.org/show_bug.cgi?id=194218

Patch by Abderrahim Kitouni <akitouni@gnome.org> on 2019-02-04
Reviewed by Michael Catanzaro.

  • InspectorGResources.cmake:
4:48 AM Changeset in webkit [240918] by Antti Koivisto
  • 14 edits in trunk/Source

Source/WebCore:
Rename GraphicsLayer and PlatformCALayer scrolling layer type enum values to be less ambiguous
https://bugs.webkit.org/show_bug.cgi?id=194215

Reviewed by Frédéric Wang.

GraphicsLayer::Type::Scrolling -> GraphicsLayer::Type::ScrollContainer
PlatformCALayer::LayerTypeScrollingLayer -> PlatformCALayer::LayerTypeScrollContainerLayer

  • platform/graphics/GraphicsLayer.cpp:

(WebCore::GraphicsLayer::supportsLayerType):

  • platform/graphics/GraphicsLayer.h:
  • platform/graphics/ca/GraphicsLayerCA.cpp:

(WebCore::GraphicsLayer::supportsLayerType):
(WebCore::GraphicsLayerCA::initialize):

  • platform/graphics/ca/PlatformCALayer.cpp:

(WebCore::operator<<):

  • platform/graphics/ca/PlatformCALayer.h:
  • platform/graphics/ca/cocoa/PlatformCALayerCocoa.mm:

(WebCore::PlatformCALayerCocoa::PlatformCALayerCocoa):
(WebCore::PlatformCALayerCocoa::commonInit):

  • rendering/RenderLayerBacking.cpp:

(WebCore::RenderLayerBacking::updateScrollingLayers):

  • rendering/RenderLayerCompositor.cpp:

(WebCore::RenderLayerCompositor::ensureRootLayer):

Source/WebKit:
Rename GraphicsLayer and PlatformCALayer type enum values to match "scroll container layer" convention
https://bugs.webkit.org/show_bug.cgi?id=194215

Reviewed by Frédéric Wang.

  • Shared/RemoteLayerTree/RemoteLayerBackingStore.mm:

(WebKit::RemoteLayerBackingStore::drawInContext):

  • UIProcess/RemoteLayerTree/RemoteLayerTreeHost.mm:

(WebKit::RemoteLayerTreeHost::makeNode):

  • UIProcess/RemoteLayerTree/ios/RemoteLayerTreeHostIOS.mm:

(WebKit::RemoteLayerTreeHost::makeNode):

12:15 AM Changeset in webkit [240917] by mark.lam@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

DFG's doesGC() is incorrect about the SameValue node's behavior.
https://bugs.webkit.org/show_bug.cgi?id=194211
<rdar://problem/47608913>

Reviewed by Saam Barati.

Only the DoubleRepUse case is guaranteed to not GC. The other case may GC because
it calls operationSameValue() which may allocate memory for resolving ropes.

  • dfg/DFGDoesGC.cpp:

(JSC::DFG::doesGC):

Feb 3, 2019:

11:49 PM Changeset in webkit [240916] by Antti Koivisto
  • 16 edits in trunk

[iOS] Tiles not created in large scrollable iframes
https://bugs.webkit.org/show_bug.cgi?id=193665

Reviewed by Simon Fraser.

Source/WebCore:

We are not syncing scroll position back to the graphics layer tree correctly.

Test by Frédéric Wang.

  • page/scrolling/AsyncScrollingCoordinator.cpp:

(WebCore::AsyncScrollingCoordinator::frameViewRootLayerDidChange):
(WebCore::AsyncScrollingCoordinator::reconcileScrollingState):
(WebCore::AsyncScrollingCoordinator::reconcileScrollPosition):

Factor setting and syncing scrolling layer positions into a function.
Use bounds.origin scrolling mechanic when scrollContainerLayer is present.

(WebCore::AsyncScrollingCoordinator::scrollableAreaScrollbarLayerDidChange):
(WebCore::AsyncScrollingCoordinator::setSynchronousScrollingReasons):
(WebCore::AsyncScrollingCoordinator::updateScrollLayerPosition): Deleted.

  • page/scrolling/AsyncScrollingCoordinator.h:
  • page/scrolling/ScrollingCoordinator.cpp:

(WebCore::ScrollingCoordinator::scrollContainerLayerForFrameView):
(WebCore::ScrollingCoordinator::scrolledContentsLayerForFrameView):
(WebCore::ScrollingCoordinator::scrollLayerForFrameView): Deleted.

  • page/scrolling/ScrollingCoordinator.h:
  • rendering/RenderLayerCompositor.cpp:

Rename scrollLayer to scrolledContentsLayer according to out preferred naming scheme and use it in that role only.
Add scrollContainerLayer as a separate layer. It is only constructed when using async scrolling on iOS.

(WebCore::RenderLayerCompositor::~RenderLayerCompositor):
(WebCore::RenderLayerCompositor::customPositionForVisibleRectComputation const):
(WebCore::RenderLayerCompositor::visibleRectForLayerFlushing const):
(WebCore::RenderLayerCompositor::didChangePlatformLayerForLayer):
(WebCore::RenderLayerCompositor::frameViewDidChangeSize):
(WebCore::RenderLayerCompositor::updateScrollLayerPosition):
(WebCore::RenderLayerCompositor::frameViewDidScroll):
(WebCore::RenderLayerCompositor::updateLayerForTopOverhangArea):
(WebCore::RenderLayerCompositor::updateLayerForBottomOverhangArea):
(WebCore::RenderLayerCompositor::updateLayerForHeader):
(WebCore::RenderLayerCompositor::updateLayerForFooter):
(WebCore::RenderLayerCompositor::updateOverflowControlsLayers):
(WebCore::RenderLayerCompositor::ensureRootLayer):
(WebCore::RenderLayerCompositor::destroyRootLayer):
(WebCore::RenderLayerCompositor::updateScrollingNodeForScrollingRole):

  • rendering/RenderLayerCompositor.h:

Source/WebKit:

  • UIProcess/RemoteLayerTree/ios/ScrollingTreeFrameScrollingNodeRemoteIOS.mm:

(WebKit::ScrollingTreeFrameScrollingNodeRemoteIOS::commitStateBeforeChildren):

  • UIProcess/RemoteLayerTree/ios/ScrollingTreeScrollingNodeDelegateIOS.mm:

(WebKit::ScrollingTreeScrollingNodeDelegateIOS::commitStateBeforeChildren):

We now use scrollContainerLayer consistently so remove the special cases.

LayoutTests:

Test by Frédéric Wang.

  • fast/scrolling/ios/scroll-iframe-expected.html:
  • fast/scrolling/ios/scroll-iframe.html:
  • platform/ios-wk2/compositing/iframes/scrolling-iframe-expected.txt:
  • platform/ios-wk2/compositing/tiling/tiled-drawing-async-frame-scrolling-expected.txt:
  • platform/ios-wk2/scrollingcoordinator/scrolling-tree/fixed-inside-frame-expected.txt:
11:13 PM Changeset in webkit [240915] by ysuzuki@apple.com
  • 7 edits in trunk/Source/JavaScriptCore

[JSC] UnlinkedMetadataTable assumes that MetadataTable is destroyed before it is destructed, but order of destruction of JS heap cells are not guaranteed
https://bugs.webkit.org/show_bug.cgi?id=194031

Reviewed by Saam Barati.

UnlinkedMetadataTable assumes that MetadataTable linked against this UnlinkedMetadataTable is already destroyed when UnlinkedMetadataTable is destroyed.
This means that UnlinkedCodeBlock is destroyed after all the linked CodeBlocks are destroyed. But this assumption is not valid since GC's finalizer
sweeps objects without considering the dependencies among swept objects. UnlinkedMetadataTable can be destroyed even before linked MetadataTable is
destroyed if UnlinkedCodeBlock is destroyed before linked CodeBlock is destroyed.

To make the above assumption valid, we make UnlinkedMetadataTable RefCounted object, and make MetadataTable hold the strong ref to UnlinkedMetadataTable.
This ensures that UnlinkedMetadataTable is destroyed after all the linked MetadataTables are destroyed.

  • bytecode/MetadataTable.cpp:

(JSC::MetadataTable::MetadataTable):
(JSC::MetadataTable::~MetadataTable):

  • bytecode/UnlinkedCodeBlock.cpp:

(JSC::UnlinkedCodeBlock::UnlinkedCodeBlock):
(JSC::UnlinkedCodeBlock::visitChildren):
(JSC::UnlinkedCodeBlock::estimatedSize):
(JSC::UnlinkedCodeBlock::setInstructions):

  • bytecode/UnlinkedCodeBlock.h:

(JSC::UnlinkedCodeBlock::metadata):
(JSC::UnlinkedCodeBlock::metadataSizeInBytes):

  • bytecode/UnlinkedMetadataTable.h:

(JSC::UnlinkedMetadataTable::create):

  • bytecode/UnlinkedMetadataTableInlines.h:

(JSC::UnlinkedMetadataTable::UnlinkedMetadataTable):

  • runtime/CachedTypes.cpp:

(JSC::CachedMetadataTable::decode const):
(JSC::CachedCodeBlock::metadata const):
(JSC::UnlinkedCodeBlock::UnlinkedCodeBlock):
(JSC::CachedCodeBlock<CodeBlockType>::decode const):
(JSC::CachedCodeBlock<CodeBlockType>::encode):

6:15 PM Changeset in webkit [240914] by Fujii Hironori
  • 2 edits in trunk/Source/WebKit

[curl] [WebKit] Assertion failures of missing networkStorageSession for storage/indexeddb tests
https://bugs.webkit.org/show_bug.cgi?id=194141

Reviewed by Ross Kirsling.

Implemented WebKit::NetworkProcess::switchToNewTestingSession and
WebKit::NetworkProcess::ensureSession for curl port.

  • NetworkProcess/NetworkProcess.cpp:

(WebKit::NetworkProcess::switchToNewTestingSession):
(WebKit::NetworkProcess::ensureSession):

6:11 PM Changeset in webkit [240913] by Fujii Hironori
  • 2 edits in trunk/Tools

[Win] WebKitTestRunners is failing to create the IndexedDB directory.
https://bugs.webkit.org/show_bug.cgi?id=194142

Reviewed by Ross Kirsling.

There three 'separator' variables in TestController.cpp. Renamed
it 'pathSeparator', and unified them.

  • WebKitTestRunner/TestController.cpp:

(WTR::TestController::generateContextConfiguration const):
(WTR::createTestURL):
(WTR::TestController::platformAdjustContext):

5:48 PM Changeset in webkit [240912] by Simon Fraser
  • 19 edits in trunk

Make setNeedsLayout on the root more explicitly about triggering its side-effects
https://bugs.webkit.org/show_bug.cgi?id=194198

Reviewed by Antti Koivisto.

Source/WebCore:

Calling setNeedsLayout() on the FrameView or RenderView is an odd concept; the render tree
generally manages its own dirty state.

Most callers of setNeedsLayout() on the root are really trying to trigger the side-effects
of layout, like compositing updates, which are required when view configuration state, like
headers, footers and transparency, change. These dependencies are currently implicit and
poorly defined.

Renaming "setNeedsLayout" on FrameView is a step towards being more explicit about pure
rendering updates, vs updates of downstream data strutures like compositing. It's now called
setNeedsLayoutAfterViewConfigurationChange(). In addition, expose
setNeedsCompositingConfigurationUpdate() and setNeedsCompositingGeometryUpdate() so callers
can trigger the appropriate types of compositing updates on the root layer.

In addition, FrameViewLayoutContext::setNeedsLayoutAfterViewConfigurationChange() schedules a
layout. Withtout this, some callers would dirty the RenderView's layout but rely on some
other trigger to make the layout happen.

This cleanup was prompted by noticing that FrameView::setHeaderHeight() dirtied layout
but never scheduled it, making banner insertion in MiniBrowser unreliable.

This patch also removes the aliasing of headerHeight/footerHeight between Page and
FrameView. Banners are a property of Page, so FrameView fetches the banner heights
from Page.

  • page/FrameView.cpp:

(WebCore::FrameView::headerHeight const):
(WebCore::FrameView::footerHeight const):
(WebCore::FrameView::availableContentSizeChanged):
(WebCore::FrameView::setNeedsLayoutAfterViewConfigurationChange):
(WebCore::FrameView::setNeedsCompositingConfigurationUpdate):
(WebCore::FrameView::setNeedsCompositingGeometryUpdate):
(WebCore::FrameView::scheduleSelectionUpdate):
(WebCore::FrameView::setTransparent):
(WebCore::FrameView::setBaseBackgroundColor):
(WebCore::FrameView::setAutoSizeFixedMinimumHeight):
(WebCore::FrameView::enableAutoSizeMode):
(WebCore::FrameView::setHeaderHeight): Deleted.
(WebCore::FrameView::setFooterHeight): Deleted.
(WebCore::FrameView::setNeedsLayout): Deleted.

  • page/FrameView.h:
  • page/FrameViewLayoutContext.cpp:

(WebCore::FrameViewLayoutContext::setNeedsLayoutAfterViewConfigurationChange):
(WebCore::FrameViewLayoutContext::setNeedsLayout): Deleted.

  • page/FrameViewLayoutContext.h:
  • page/Page.cpp:

(WebCore::Page::setPageScaleFactor):
(WebCore::Page::setHeaderHeight):
(WebCore::Page::setFooterHeight):
(WebCore::Page::addHeaderWithHeight): Deleted.
(WebCore::Page::addFooterWithHeight): Deleted.

  • page/Page.h:
  • rendering/RenderLayerCompositor.cpp:

(WebCore::RenderLayerCompositor::updateBacking):

  • testing/Internals.cpp:

(WebCore::Internals::resetToConsistentState):
(WebCore::Internals::setHeaderHeight):
(WebCore::Internals::setFooterHeight):

Source/WebKit:

Call the newly named functions.

  • WebProcess/Plugins/PDF/PDFPlugin.mm:

(WebKit::PDFPlugin::updateScrollbars):

  • WebProcess/Plugins/PluginView.cpp:

(WebKit::PluginView::didInitializePlugin):

  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::setHeaderBannerHeightForTesting):
(WebKit::WebPage::setFooterBannerHeightForTesting):

  • WebProcess/WebPage/mac/PageBannerMac.mm:

(WebKit::PageBanner::addToPage):
(WebKit::PageBanner::detachFromPage):
(WebKit::PageBanner::hide):

Source/WebKitLegacy/mac:

Call the newly named functions.

  • WebView/WebFrame.mm:

(-[WebFrame setNeedsLayout]):

  • WebView/WebHTMLView.mm:

(-[WebHTMLView setNeedsLayout:]):

Tools:

No need to set the banner heights on navigation now, since Page stores them.

  • MiniBrowser/mac/WK2BrowserWindowController.m:

(-[WK2BrowserWindowController webView:didFinishNavigation:]):

4:44 PM Changeset in webkit [240911] by wilander@apple.com
  • 7 edits
    4 adds in trunk

Parse and handle Ad Click Attribution attributes in HTMLAnchorElement::handleClick()
https://bugs.webkit.org/show_bug.cgi?id=194104
<rdar://problem/47649991>

Reviewed by Chris Dumez, Daniel Bates, and Darin Adler.

Source/WebCore:

Test: http/tests/adClickAttribution/anchor-tag-attributes-validation.html

This patch adds parsing and validation of the two new Ad Click Attribution
attributes in anchor elements: adcampaignid and addestination. The data is
not yet forwarded into the loader.

  • html/HTMLAnchorElement.cpp:

(WebCore::HTMLAnchorElement::parseAdClickAttribution const):
(WebCore::HTMLAnchorElement::handleClick):

Now calls HTMLAnchorElement::parseAdClickAttribution().

  • html/HTMLAnchorElement.h:
  • loader/AdClickAttribution.h:

Made WebCore::AdClickAttribution copyable since it's needed to have it be
WTF::Optional. Also made AdClickAttribution::MaxEntropy public. Changed
numeric types from unsigned short to uint32_t.

(WebCore::AdClickAttribution::Campaign::isValid const):
(WebCore::AdClickAttribution::Conversion::isValid const):

Tools:

  • TestWebKitAPI/Tests/WebCore/AdClickAttribution.cpp:

(TestWebKitAPI::TEST):

Changed numeric types from unsigned short to uint32_t.

LayoutTests:

This test case makes sure invalid data triggers console warnings.

  • http/tests/adClickAttribution/anchor-tag-attributes-validation-expected.txt: Added.
  • http/tests/adClickAttribution/anchor-tag-attributes-validation.html: Added.
  • platform/ios-wk2/http/tests/adClickAttribution/anchor-tag-attributes-validation-expected.txt: Added.

Console line numbers are not emitted when running iOS tests so this -expected.txt file doesn't have them.

3:43 PM Changeset in webkit [240910] by bshafiei@apple.com
  • 7 edits in branches/safari-607-branch/Source

Versioning.

2:48 PM Changeset in webkit [240909] by rniwa@webkit.org
  • 29 edits in trunk/Source

Validate navigation policy decisions to avoid crashes in continueLoadAfterNavigationPolicy
https://bugs.webkit.org/show_bug.cgi?id=194189

Reviewed by Geoffrey Garen.

Source/WebCore:

Introduced PolicyCheckIdentifier to pair each navigation policy check request with a decision,
and deployed it in PolicyChecker. The identifier is passed from WebContent process to UI process
in WebKit2, and passed it back with the policy decision.

Because PolicyCheckIdentifier embeds the process identifier from which a navigation policy is checked,
we would be able to detect when UI process had sent the decision to a wrong WebContent process.

This patch also adds release assertions to make sure history().provisionalItem() is set whenever
we're requesting a navigation policy check.

These code changes should either:

  1. Fix crashes in FrameLoader::continueLoadAfterNavigationPolicy where isBackForwardLoadType would return true yet history().provisionalItem() is null.
  2. Detect a bug that UI process can send a navigation policy decision to a wrong WebContent process.
  3. Rule out the possibility that (2) exists.
  • loader/DocumentLoader.cpp:

(WebCore::DocumentLoader::willSendRequest):
(WebCore::DocumentLoader::responseReceived):

  • loader/EmptyClients.cpp:

(WebCore::EmptyFrameLoaderClient::dispatchDecidePolicyForNewWindowAction):
(WebCore::EmptyFrameLoaderClient::dispatchDecidePolicyForNavigationAction):

  • loader/EmptyFrameLoaderClient.h:
  • loader/FrameLoader.cpp:

(WebCore::FrameLoader::checkContentPolicy):
(WebCore::FrameLoader::loadURL):
(WebCore::FrameLoader::load):
(WebCore::FrameLoader::loadWithDocumentLoader):
(WebCore::FrameLoader::loadPostRequest):

  • loader/FrameLoader.h:
  • loader/FrameLoaderClient.h:
  • loader/FrameLoaderTypes.h:

(WebCore::PolicyCheckIdentifier): Added.
(WebCore::PolicyCheckIdentifier::operator== const): Added.
(WebCore::PolicyCheckIdentifier::PolicyCheckIdentifier): Added.
(WebCore::PolicyCheckIdentifier::encode const): Added.
(WebCore::PolicyCheckIdentifier::decode): Added.

  • loader/PolicyChecker.cpp:

(WebCore::PolicyCheckIdentifier::generate):
(WebCore::PolicyCheckIdentifier::isValidFor): Returns true if the identifer matches. Also release asserts
that the process ID is same, and that m_check is always not zero (meaning it's a generated value).
The failure of these release assertions would indicate that there is a bug in UI process, which results in
a policy decision response being sent to a wrong Web process.
(WebCore::PolicyChecker::checkNavigationPolicy): Exit early if isValidFor fails.
(WebCore::PolicyChecker::checkNewWindowPolicy):

Source/WebKit:

Pass the policy check identifier around functions and store it in PolicyDecisionSender
so that we can send it back to WebCore with the navigation policy decision.

We also store it in WebFrame in the case the policy decision had to be invalidated
before the decision was received (via WebFrame::invalidatePolicyListener).

  • Scripts/webkit/messages.py:
  • UIProcess/ProvisionalPageProxy.cpp:

(WebKit::ProvisionalPageProxy::decidePolicyForNavigationActionAsync):
(WebKit::ProvisionalPageProxy::decidePolicyForResponse):

  • UIProcess/ProvisionalPageProxy.h:
  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::PolicyDecisionSender): Added PolicyCheckIdentifier as a member.
(WebKit::WebPageProxy::PolicyDecisionSender::create):
(WebKit::WebPageProxy::PolicyDecisionSender::send):
(WebKit::WebPageProxy::PolicyDecisionSender::PolicyDecisionSender):
(WebKit::WebPageProxy::receivedNavigationPolicyDecision):
(WebKit::WebPageProxy::decidePolicyForNavigationActionAsync):
(WebKit::WebPageProxy::decidePolicyForNavigationActionAsyncShared):
(WebKit::WebPageProxy::decidePolicyForNavigationAction):
(WebKit::WebPageProxy::decidePolicyForNavigationActionSync):
(WebKit::WebPageProxy::decidePolicyForNewWindowAction):
(WebKit::WebPageProxy::decidePolicyForResponse):
(WebKit::WebPageProxy::decidePolicyForResponseShared):

  • UIProcess/WebPageProxy.h:
  • UIProcess/WebPageProxy.messages.in:
  • WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:

(WebKit::WebFrameLoaderClient::dispatchDecidePolicyForResponse):
(WebKit::WebFrameLoaderClient::dispatchDecidePolicyForNewWindowAction):
(WebKit::WebFrameLoaderClient::dispatchDecidePolicyForNavigationAction):

  • WebProcess/WebCoreSupport/WebFrameLoaderClient.h:
  • WebProcess/WebPage/WebFrame.cpp:

(WebKit::WebFrame::setUpPolicyListener):
(WebKit::WebFrame::invalidatePolicyListener):
(WebKit::WebFrame::didReceivePolicyDecision):

  • WebProcess/WebPage/WebFrame.h:
  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::didReceivePolicyDecision):

  • WebProcess/WebPage/WebPage.h:
  • WebProcess/WebPage/WebPage.messages.in:

Source/WebKitLegacy/mac:

Pass the policy check identifier around functions and store it in WebFramePolicyListener
so that we can send it back to WebCore with the navigation policy decision.

  • WebCoreSupport/WebFrameLoaderClient.h:
  • WebCoreSupport/WebFrameLoaderClient.mm:

(WebFrameLoaderClient::dispatchDecidePolicyForResponse):
(WebFrameLoaderClient::dispatchDecidePolicyForNewWindowAction):
(WebFrameLoaderClient::dispatchDecidePolicyForNavigationAction):
(WebFrameLoaderClient::dispatchWillSubmitForm):
(WebFrameLoaderClient::setUpPolicyListener):
(-[WebFramePolicyListener initWithFrame:identifier:policyFunction:defaultPolicy:]):
(-[WebFramePolicyListener initWithFrame:identifier:policyFunction:defaultPolicy:appLinkURL:]):
(-[WebFramePolicyListener invalidate]):
(-[WebFramePolicyListener dealloc]):
(-[WebFramePolicyListener receivedPolicyDecision:]):
(-[WebFramePolicyListener initWithFrame:policyFunction:defaultPolicy:]): Deleted.
(-[WebFramePolicyListener initWithFrame:policyFunction:defaultPolicy:appLinkURL:]): Deleted.

Source/WebKitLegacy/win:

Pass the policy check identifier around functions and store it in WebFramePolicyListener
so that we can send it back to WebCore with the navigation policy decision.

  • WebCoreSupport/WebFrameLoaderClient.cpp:

(WebFrameLoaderClient::dispatchDecidePolicyForResponse):
(WebFrameLoaderClient::dispatchDecidePolicyForNewWindowAction):
(WebFrameLoaderClient::dispatchDecidePolicyForNavigationAction):
(WebFrameLoaderClient::dispatchWillSubmitForm):
(WebFrameLoaderClient::setUpPolicyListener):

  • WebCoreSupport/WebFrameLoaderClient.h:
1:17 PM Changeset in webkit [240908] by bshafiei@apple.com
  • 7 edits in tags/Safari-608.1.3.0.2/Source

Versioning.

1:10 PM Changeset in webkit [240907] by bshafiei@apple.com
  • 1 copy in tags/Safari-608.1.3.0.2

Tag Safari-608.1.3.0.2.

1:02 PM Changeset in webkit [240906] by Antti Koivisto
  • 2 edits in trunk/Source/WebCore

Don't include ScrollCoordinator.h from Element.h
https://bugs.webkit.org/show_bug.cgi?id=194206

Reviewed by Daniel Bates.

  • dom/Element.h:
12:52 PM Changeset in webkit [240905] by wenson_hsieh@apple.com
  • 4 edits
    2 adds in trunk

Unable to move selection into editable roots with 0 height
https://bugs.webkit.org/show_bug.cgi?id=194143
<rdar://problem/47767284>

Reviewed by Ryosuke Niwa.

Source/WebCore:

Currently, positions inside editable elements of height 0 are not considered to be candidates when
canonicalizing a position to its visible counterpart. This prevents us from moving the selection into these
editable roots at all. To fix this, we relax this constraint by allowing positions anchored by root editable
elements to be candidates.

Test: editing/selection/insert-text-in-empty-content-editable.html

  • dom/Position.cpp:

(WebCore::Position::isCandidate const):

LayoutTests:

Add a new layout test that executes editing commands in a contenteditable element of height 0, and adjust an
existing layout test that copies and pastes an image element to wait until the image has loaded.

  • editing/pasteboard/styled-element-markup.html:
  • editing/selection/insert-text-in-empty-content-editable-expected.txt: Added.
  • editing/selection/insert-text-in-empty-content-editable.html: Added.
11:46 AM Changeset in webkit [240904] by Simon Fraser
  • 4 edits in trunk/Source/WebCore

Tidyup of Pagination and FrameView m_mediaType initialization
https://bugs.webkit.org/show_bug.cgi?id=194203

Reviewed by Darin Adler.

Fix post-commit feedback on lines around code changed in r240901.

  • page/FrameView.cpp:

(WebCore::FrameView::FrameView):

  • page/FrameView.h:
  • rendering/Pagination.h:

(WebCore::Pagination::operator!= const):

5:53 AM Changeset in webkit [240903] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WTF

Unreviewed, rolling out r240896.
https://bugs.webkit.org/show_bug.cgi?id=194202

"Fixes leaks, but is probably not the correct fix." (Requested
by ddkilzer on #webkit).

Reverted changeset:

"Leak of WTF::StringImpl under SymbolImpl::createNullSymbol()
(48 bytes) in com.apple.WebKit.WebContent running layout
tests"
https://bugs.webkit.org/show_bug.cgi?id=193291
https://trac.webkit.org/changeset/240896

1:05 AM Changeset in webkit [240902] by Megan Gardner
  • 26 edits
    3 copies
    10 adds in trunk

Turn on Smart Paste
https://bugs.webkit.org/show_bug.cgi?id=193786

Reviewed by Ryosuke Niwa.

Source/WebCore:

Turned on a modified tests:
LayoutTests/editing/pasteboard/smart-paste-001.html
LayoutTests/editing/pasteboard/smart-paste-002.html
LayoutTests/editing/pasteboard/smart-paste-003.html
LayoutTests/editing/pasteboard/smart-paste-004.html
LayoutTests/editing/pasteboard/smart-paste-005.html
LayoutTests/editing/pasteboard/smart-paste-006.html
LayoutTests/editing/pasteboard/smart-paste-007.html
LayoutTests/editing/pasteboard/smart-paste-008.html

  • platform/ios/PasteboardIOS.mm:

(WebCore::Pasteboard::canSmartReplace):
Turn on smart replace.

Source/WebKit:

  • Platform/spi/ios/UIKitSPI.h:
  • UIProcess/ios/TextCheckerIOS.mm:

(WebKit::TextChecker::isSmartInsertDeleteEnabled):
Use the flag from UIKit to determine if smart copy paste should be
turned on.

LayoutTests:

Rebaselined many tests and/or added iOS specific expectations to
correctly reflect smart copy paste behavior.

  • editing/editing.js:

(runEditingTestWithCallbackLogging):
(runDumpAsTextEditingTest):
Added ability to handle async functions.

  • editing/pasteboard/smart-paste-001.html:
  • editing/pasteboard/smart-paste-002.html:
  • editing/pasteboard/smart-paste-003.html:
  • editing/pasteboard/smart-paste-004.html:
  • editing/pasteboard/smart-paste-005.html:
  • editing/pasteboard/smart-paste-006.html:
  • editing/pasteboard/smart-paste-007.html:
  • editing/pasteboard/smart-paste-008.html:
  • platform/ios-wk2/editing/pasteboard/smart-paste-007-expected.txt:
  • platform/ios-wk2/editing/pasteboard/smart-paste-008-expected.txt:
  • platform/ios/TestExpectations:
  • platform/ios/editing/pasteboard/smart-paste-001-expected.txt: Added.
  • platform/ios/editing/pasteboard/smart-paste-002-expected.txt: Added.
  • platform/ios/editing/pasteboard/smart-paste-003-expected.txt: Added.
  • platform/ios/editing/pasteboard/smart-paste-004-expected.txt: Added.
  • platform/ios/editing/pasteboard/smart-paste-005-expected.txt: Added.
  • platform/ios/editing/pasteboard/smart-paste-006-expected.txt: Added.
  • resources/ui-helper.js:

(window.UIHelper.doubleClickAt):
(window.UIHelper.async.selectWordByDoubleTapOrClick):
Added helper functions to allow for selecting a word by double tap or click.

Feb 2, 2019:

4:16 PM Changeset in webkit [240901] by Simon Fraser
  • 11 edits in trunk/Source

Tidy up data memebers of FrameView and related classes to shrink class sizes
https://bugs.webkit.org/show_bug.cgi?id=194197

Reviewed by Zalan Bujtas.

Source/WebCore:

Make various enums 8-bit. Re-order data members of FrameView, FrameViewLayoutContext, Widget
and ScrollView to optimize padding.

Use more data member initializers.

This shrinks FrameView from 1168 (144 padding bytes) to 1096 (96 padding bytes).

  • dom/Element.h:
  • page/FrameView.cpp:

(WebCore::FrameView::FrameView):

  • page/FrameView.h:
  • page/FrameViewLayoutContext.h:
  • platform/ScrollTypes.h:
  • platform/ScrollView.h: Data members should come after member functions.
  • platform/Widget.h:
  • rendering/Pagination.h:

(WebCore::Pagination::Pagination): Deleted.

Source/WebKit:

  • UIProcess/PageClient.h: Declare enum size.
12:20 PM Changeset in webkit [240900] by ddkilzer@apple.com
  • 2 edits in trunk/Tools

Leak of NSArray (4.25 Kbytes) in com.apple.WebKit.WebContent running WebKit layout tests on iOS Simulator
<https://webkit.org/b/194178>
<rdar://problem/47753473>

Reviewed by Alexey Proskuryakov.

  • WebKitTestRunner/InjectedBundle/cocoa/ActivateFontsCocoa.mm:

(WTR::uninstallFakeHelvetica): Pass nullptr into
CTFontManagerUnregisterFontsForURLs() to ignore any errors.

12:05 PM Changeset in webkit [240899] by Simon Fraser
  • 4 edits in trunk/Source/WebCore

Rename "scrollingLayer" in RenderLayerBacking to "scrollContainerLayer" for clarity
https://bugs.webkit.org/show_bug.cgi?id=194194

Rubber-stampted by Antti Koivisto.

Our desired terminology is "scrollContainerLayer" for the outer, clipping layer
for scrolling, and "scrolledContentsLayer" for the contents that move when you scroll.

  • rendering/RenderLayerBacking.cpp:

(WebCore::RenderLayerBacking::updateDebugIndicators):
(WebCore::RenderLayerBacking::destroyGraphicsLayers):
(WebCore::RenderLayerBacking::updateGeometry):
(WebCore::RenderLayerBacking::setLocationOfScrolledContents):
(WebCore::RenderLayerBacking::updateAfterDescendants):
(WebCore::RenderLayerBacking::updateInternalHierarchy):
(WebCore::RenderLayerBacking::updateDrawsContent):
(WebCore::RenderLayerBacking::updateScrollingLayers):

  • rendering/RenderLayerBacking.h:
  • rendering/RenderLayerCompositor.cpp:

(WebCore::RenderLayerCompositor::didChangePlatformLayerForLayer):
(WebCore::RenderLayerCompositor::updateScrollingNodeForScrollingRole):
(WebCore::LegacyWebKitScrollingLayerCoordinator::registerAllViewportConstrainedLayers):
(WebCore::LegacyWebKitScrollingLayerCoordinator::updateScrollingLayer):
(WebCore::LegacyWebKitScrollingLayerCoordinator::unregisterAllScrollingLayers):
(WebCore::LegacyWebKitScrollingLayerCoordinator::removeScrollingLayer):

11:53 AM Changeset in webkit [240898] by Justin Fan
  • 12 edits
    3 copies in trunk

Source/WebCore:
[Web GPU] Fix GPURenderPassEncoder::setVertexBuffers and allow overlapping indices with GPUBindGroups
https://bugs.webkit.org/show_bug.cgi?id=194125

Reviewed by Myles C. Maxfield.

GPURenderPassEncoder::setVertexBuffers is now actually written to set all buffers provided. In addition,
shift vertex input buffer indices so that any resource bindings can bind vertex buffer resources to the same indices.

Existing tests cover setVertexBuffers. Updated buffer-resource-triangles to assign bind groups and vertex buffers to the same index.

  • Modules/webgpu/WHLSL/Metal/WHLSLVertexBufferIndexCalculator.cpp: Added.

(WebCore::WHLSL::Metal::calculateVertexBufferIndex): Simple shifting function for vertex input buffer indices.

  • Modules/webgpu/WHLSL/Metal/WHLSLVertexBufferIndexCalculator.h: Added.
  • Modules/webgpu/WebGPUProgrammablePassEncoder.cpp:

(WebCore::WebGPUProgrammablePassEncoder::setBindGroup const): Limit maximum bind group indices to 0 to 3.

  • Modules/webgpu/WebGPURenderPassEncoder.cpp:

(WebCore::WebGPURenderPassEncoder::setVertexBuffers): Limit vertex input indices to 0 to 15.

  • Modules/webgpu/WebGPURenderPassEncoder.h: Move IDL/bindings bug note to IDL file.
  • Modules/webgpu/WebGPURenderPassEncoder.idl: Ditto.
  • platform/graphics/gpu/GPULimits.h: Added. Home for Web GPU limits constants shared between files.
  • platform/graphics/gpu/GPURenderPassEncoder.h: Change IDL/bindings bug workaround to unsigned long long to prevent narrowing compared to spec.
  • platform/graphics/gpu/cocoa/GPURenderPassEncoderMetal.mm:

(WebCore::GPURenderPassEncoder::setVertexBuffers): Now properly calls Metal's setVertexBuffers.

  • platform/graphics/gpu/cocoa/GPURenderPipelineMetal.mm:

(WebCore::setInputStateForPipelineDescriptor): Fix validation checks for vertex attribute numbers and vertex buffer indices.

Add symbols to project:

  • Sources.txt:
  • WebCore.xcodeproj/project.pbxproj:

LayoutTests:
[WebGPU] Fix GPURenderPassEncoder::setVertexBuffers and allow overlapping indices with GPUBindGroups
https://bugs.webkit.org/show_bug.cgi?id=194125

Reviewed by Myles C. Maxfield.

Updated buffer-resource-triangles to assign bind groups and vertex buffers to the same index.

  • webgpu/buffer-resource-triangles.html:
11:09 AM Changeset in webkit [240897] by Simon Fraser
  • 6 edits in trunk/Source/WebCore

Async overflow scroll is jumpy on macOS if the main thread is busy
https://bugs.webkit.org/show_bug.cgi?id=194184
<rdar://problem/47758655>

Reviewed by Antti Koivisto.

This change extends to macOS some existing overflow-scroll functionality for iOS.
When an async scroll is in process in the scroll thread (or UI process), we periodically
message back to the web process main thread with scroll position updates. These
can trigger post-scroll compositing updates, but we need to ensure that this update
doesn't clobber the scroll position of the native layers, which would trigger
stutters.

To do this we have the notion of a scroll position "sync" (ScrollingLayerPositionAction::Sync) which
pokes the new value into the GraphicsLayer (hence making visible rect computations work), but doesn't
propagate it to the platform layer. This patch wires up syncs for macOS during async overflow scrolling,
coming out of AsyncScrollingCoordinator::updateScrollPositionAfterAsyncScroll().

In RenderLayerBacking, m_scrollingContentsLayer is renamed to m_scrolledContentsLayer, and I added
updateScrollOffset() and setLocationOfScrolledContents() to handle the set vs. sync, and to keep
the iOS vs macOS differences in one function. This allows for more code sharing in RenderLayerBacking::updateGeometry().

There's a confusing bit in the m_childClippingMaskLayer code (trac.webkit.org/178029) where the setOffsetFromRenderer()
just looks wrong; it should match m_scrollingLayer. This code is never hit for Cocoa, which never has m_childClippingMaskLayer.

  • page/scrolling/mac/ScrollingTreeOverflowScrollingNodeMac.mm:

(WebCore::ScrollingTreeOverflowScrollingNodeMac::setScrollPosition): Logging
(WebCore::ScrollingTreeOverflowScrollingNodeMac::setScrollLayerPosition): Logging

  • rendering/RenderLayer.cpp:

(WebCore::RenderLayer::RenderLayer):
(WebCore::RenderLayer::scrollTo):

  • rendering/RenderLayer.h: Rename m_requiresScrollBoundsOriginUpdate to m_requiresScrollPositionReconciliation

and make it available on all platforms. Just reorder m_adjustForIOSCaretWhenScrolling to reduce #ifdef nesting confusion.

  • rendering/RenderLayerBacking.cpp:

(WebCore::RenderLayerBacking::updateDebugIndicators):
(WebCore::RenderLayerBacking::destroyGraphicsLayers):
(WebCore::RenderLayerBacking::updateGeometry):
(WebCore::RenderLayerBacking::setLocationOfScrolledContents):
(WebCore::RenderLayerBacking::updateScrollOffset):
(WebCore::RenderLayerBacking::updateDrawsContent):
(WebCore::RenderLayerBacking::updateScrollingLayers):
(WebCore::RenderLayerBacking::paintingPhaseForPrimaryLayer const):
(WebCore::RenderLayerBacking::parentForSublayers const):
(WebCore::RenderLayerBacking::setContentsNeedDisplay):
(WebCore::RenderLayerBacking::setContentsNeedDisplayInRect):
(WebCore::RenderLayerBacking::paintContents):
(WebCore::RenderLayerBacking::backingStoreMemoryEstimate const):

  • rendering/RenderLayerBacking.h:
10:35 AM Changeset in webkit [240896] by ddkilzer@apple.com
  • 2 edits in trunk/Source/WTF

Leak of WTF::StringImpl under SymbolImpl::createNullSymbol() (48 bytes) in com.apple.WebKit.WebContent running layout tests
<https://webkit.org/b/193291>
<rdar://problem/46655953>

Reviewed by Keith Miller.

  • wtf/text/SymbolImpl.h:

(WTF::SymbolImpl::~SymbolImpl): Fix the leak by implementing the
class destructor that calls StringImpl::deref() on m_owner.
Two of the three constructors leak the StringImpl when setting
m_owner, so we need to balance that by manually calling
deref().

8:32 AM Changeset in webkit [240895] by Alan Bujtas
  • 7 edits in trunk

[LFC] Initialize ICB's style with fixed width/height.
https://bugs.webkit.org/show_bug.cgi?id=194188

Reviewed by Antti Koivisto.

Source/WebCore:

Let's set ICB's logical width/height to Fixed so that it's available when we try to resolve a box's height
in FormattingContext::Geometry::computedHeightValue() by using the containing block's height (ICB in this case).

  • layout/LayoutState.cpp:

(WebCore::Layout::LayoutState::LayoutState):

  • layout/LayoutState.h:
  • layout/layouttree/LayoutTreeBuilder.cpp:

(WebCore::Layout::TreeBuilder::createLayoutTree):

Tools:

  • LayoutReloaded/misc/LFC-passing-tests.txt:
8:26 AM Changeset in webkit [240894] by Alan Bujtas
  • 5 edits
    2 adds in trunk

[LFC] Add missing case to out-of-flow non-replaced horizontal used margin value computation
https://bugs.webkit.org/show_bug.cgi?id=194185

Reviewed by Antti Koivisto.

Source/WebCore:

If none of horizontal values (left, right, width, margin-left/right) are auto, then usedHorizontalMarginValues = computedHorizontalMarginValues.

Test: fast/block/block-only/absolute-position-left-right-margin.html

  • layout/FormattingContextGeometry.cpp:

(WebCore::Layout::FormattingContext::Geometry::outOfFlowNonReplacedHorizontalGeometry):

Tools:

  • LayoutReloaded/misc/LFC-passing-tests.txt:

LayoutTests:

  • fast/block/block-only/absolute-position-left-right-margin-expected.html: Added.
  • fast/block/block-only/absolute-position-left-right-margin.html: Added.
Note: See TracTimeline for information about the timeline view.