Timeline



Feb 22, 2019:

9:30 PM Changeset in webkit [241988] by Chris Dumez
  • 20 edits in trunk/Source/WebKit

Give DrawingAreas their own identifiers
https://bugs.webkit.org/show_bug.cgi?id=194969
<rdar://problem/48154508>

Reviewed by Geoffrey Garen.

Give DrawingAreas their own identifiers instead of using the pageID. It will make the IPC more robust now that a
WebPageProxy can have several drawing areas with PSON.

  • Shared/DrawingAreaInfo.h:
  • Shared/WebPageCreationParameters.cpp:

(WebKit::WebPageCreationParameters::encode const):
(WebKit::WebPageCreationParameters::decode):

  • Shared/WebPageCreationParameters.h:
  • UIProcess/AcceleratedDrawingAreaProxy.cpp:

(WebKit::AcceleratedDrawingAreaProxy::sendUpdateBackingStoreState):
(WebKit::AcceleratedDrawingAreaProxy::waitForAndDispatchDidUpdateBackingStoreState):
(WebKit::AcceleratedDrawingAreaProxy::setNativeSurfaceHandleForCompositing):
(WebKit::AcceleratedDrawingAreaProxy::destroyNativeSurfaceHandleForCompositing):

  • UIProcess/DrawingAreaProxy.cpp:

(WebKit::DrawingAreaProxy::DrawingAreaProxy):
(WebKit::DrawingAreaProxy::~DrawingAreaProxy):
(WebKit::DrawingAreaProxy::messageSenderConnection const):
(WebKit::DrawingAreaProxy::sendMessage):
(WebKit::DrawingAreaProxy::viewExposedRectChangedTimerFired):

  • UIProcess/DrawingAreaProxy.h:

(WebKit::DrawingAreaProxy::identifier const):
(WebKit::DrawingAreaProxy::process const):

  • UIProcess/DrawingAreaProxyImpl.cpp:

(WebKit::DrawingAreaProxyImpl::update):

  • UIProcess/ProvisionalPageProxy.cpp:

(WebKit::ProvisionalPageProxy::initializeWebPage):

  • UIProcess/RemoteLayerTree/RemoteLayerTreeDrawingAreaProxy.mm:

(WebKit::RemoteLayerTreeDrawingAreaProxy::RemoteLayerTreeDrawingAreaProxy):
(WebKit::RemoteLayerTreeDrawingAreaProxy::~RemoteLayerTreeDrawingAreaProxy):
(WebKit::RemoteLayerTreeDrawingAreaProxy::deviceScaleFactorDidChange):
(WebKit::RemoteLayerTreeDrawingAreaProxy::sendUpdateGeometry):
(WebKit::RemoteLayerTreeDrawingAreaProxy::acceleratedAnimationDidStart):
(WebKit::RemoteLayerTreeDrawingAreaProxy::acceleratedAnimationDidEnd):
(WebKit::RemoteLayerTreeDrawingAreaProxy::didRefreshDisplay):
(WebKit::RemoteLayerTreeDrawingAreaProxy::waitForDidUpdateActivityState):
(WebKit::RemoteLayerTreeDrawingAreaProxy::dispatchAfterEnsuringDrawing):

  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::initializeWebPage):
(WebKit::WebPageProxy::createNewPage):
(WebKit::WebPageProxy::creationParameters):

  • UIProcess/WebPageProxy.h:
  • UIProcess/mac/TiledCoreAnimationDrawingAreaProxy.mm:

(WebKit::TiledCoreAnimationDrawingAreaProxy::deviceScaleFactorDidChange):
(WebKit::TiledCoreAnimationDrawingAreaProxy::colorSpaceDidChange):
(WebKit::TiledCoreAnimationDrawingAreaProxy::waitForDidUpdateActivityState):
(WebKit::TiledCoreAnimationDrawingAreaProxy::sendUpdateGeometry):
(WebKit::TiledCoreAnimationDrawingAreaProxy::adjustTransientZoom):
(WebKit::TiledCoreAnimationDrawingAreaProxy::commitTransientZoom):
(WebKit::TiledCoreAnimationDrawingAreaProxy::dispatchAfterEnsuringDrawing):

  • WebProcess/WebPage/AcceleratedDrawingArea.cpp:

(WebKit::AcceleratedDrawingArea::AcceleratedDrawingArea):
(WebKit::AcceleratedDrawingArea::layerHostDidFlushLayers):
(WebKit::AcceleratedDrawingArea::sendDidUpdateBackingStoreState):

  • WebProcess/WebPage/DrawingArea.cpp:

(WebKit::DrawingArea::DrawingArea):
(WebKit::DrawingArea::removeMessageReceiverIfNeeded):

  • WebProcess/WebPage/DrawingArea.h:

(WebKit::DrawingArea::identifier const):
(WebKit::DrawingArea::send):

  • WebProcess/WebPage/DrawingAreaImpl.cpp:

(WebKit::DrawingAreaImpl::sendDidUpdateBackingStoreState):
(WebKit::DrawingAreaImpl::exitAcceleratedCompositingMode):
(WebKit::DrawingAreaImpl::display):

  • WebProcess/WebPage/RemoteLayerTree/RemoteLayerTreeDrawingArea.mm:

(WebKit::RemoteLayerTreeDrawingArea::RemoteLayerTreeDrawingArea):
(WebKit::RemoteLayerTreeDrawingArea::updateGeometry):
(WebKit::RemoteLayerTreeDrawingArea::flushLayers):

  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::reinitializeWebPage):

  • WebProcess/WebPage/mac/TiledCoreAnimationDrawingArea.mm:

(WebKit::TiledCoreAnimationDrawingArea::TiledCoreAnimationDrawingArea):
(WebKit::TiledCoreAnimationDrawingArea::sendEnterAcceleratedCompositingModeIfNeeded):
(WebKit::TiledCoreAnimationDrawingArea::updateIntrinsicContentSizeIfNeeded):
(WebKit::TiledCoreAnimationDrawingArea::flushLayers):
(WebKit::TiledCoreAnimationDrawingArea::updateGeometry):
(WebKit::TiledCoreAnimationDrawingArea::setLayerHostingMode):

9:14 PM Changeset in webkit [241987] by Simon Fraser
  • 2 edits in trunk/LayoutTests

Fix a legacy animation test. The <!-- webkit-test-runner --> was inside the <style>.

  • legacy-animation-engine/animations/additive-transform-animations.html:
9:05 PM Changeset in webkit [241986] by rniwa@webkit.org
  • 2 edits in trunk/Source/WebCore

Crash in SWServerJobQueue::runNextJobSynchronously
https://bugs.webkit.org/show_bug.cgi?id=194974

Reviewed by Geoffrey Garen.

We suspect the crash is happening due to m_jobQueue being empty in runNextJobSynchronously
or there is a timer heap corruption again :(

Exit early when m_jobQueue is empty. Also add a debug assert that this should never happen
but convert an existing release assert to a debug assert since this appears to be hitting
too frequently in wild.

  • workers/service/server/SWServerJobQueue.cpp:

(WebCore::SWServerJobQueue::runNextJobSynchronously):

8:50 PM Changeset in webkit [241985] by aestes@apple.com
  • 2 edits in trunk/Source/WebKit

[Cocoa] Do not suppress deprecation warnings when calling sandbox_extension_issue_file
https://bugs.webkit.org/show_bug.cgi?id=194971
<rdar://problem/35786264>

Reviewed by Tim Horton.

sandbox_extension_issue_file is not actually deprecated.

  • Shared/mac/SandboxExtensionMac.mm:

(WebKit::SandboxExtensionImpl::sandboxExtensionForType):

8:40 PM Changeset in webkit [241984] by Simon Fraser
  • 16 edits in trunk/Source/WebCore

Clean up the setScrollPosition/setScrollPositionWithoutContentEdgeConstraints confusion in the scrolling tree nodes
https://bugs.webkit.org/show_bug.cgi?id=194968

Reviewed by Antti Koivisto.

Having both setScrollPosition() and setScrollPositionWithoutContentEdgeConstraints() is confusing because
you can't tell which is the bottleneck. So add a 'clamp' parameter to setScrollPosition() and merge them.

ScrollingTreeFrameScrollingNodeMac::setScrollPosition() replicates a bit of code but future cleanups will
reduce that.

  • page/scrolling/ScrollingTreeFrameScrollingNode.cpp:

(WebCore::ScrollingTreeFrameScrollingNode::setScrollPosition): Deleted. This was the same as the base class method.

  • page/scrolling/ScrollingTreeFrameScrollingNode.h:
  • page/scrolling/ScrollingTreeScrollingNode.cpp:

(WebCore::ScrollingTreeScrollingNode::setScrollPosition):
(WebCore::ScrollingTreeScrollingNode::clampScrollPosition const):
(WebCore::ScrollingTreeScrollingNode::scrollBy):
(WebCore::ScrollingTreeScrollingNode::setScrollPositionWithoutContentEdgeConstraints): Deleted.
(WebCore::ScrollingTreeScrollingNode::scrollByWithoutContentEdgeConstraints): Deleted.

  • page/scrolling/ScrollingTreeScrollingNode.h:
  • page/scrolling/ios/ScrollingTreeFrameScrollingNodeIOS.h:
  • page/scrolling/ios/ScrollingTreeFrameScrollingNodeIOS.mm:

(WebCore::ScrollingTreeFrameScrollingNodeIOS::setScrollPosition):
(WebCore::ScrollingTreeFrameScrollingNodeIOS::setScrollPositionWithoutContentEdgeConstraints): Deleted. Did nothing.

  • page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.h:
  • page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:

(WebCore::ScrollingTreeFrameScrollingNodeMac::commitStateBeforeChildren):
(WebCore::ScrollingTreeFrameScrollingNodeMac::handleWheelEvent):
(WebCore::ScrollingTreeFrameScrollingNodeMac::setScrollPosition):
(WebCore::ScrollingTreeFrameScrollingNodeMac::setScrollPositionWithoutContentEdgeConstraints): Deleted.

  • page/scrolling/mac/ScrollingTreeOverflowScrollingNodeMac.h:
  • page/scrolling/mac/ScrollingTreeOverflowScrollingNodeMac.mm:

(WebCore::ScrollingTreeOverflowScrollingNodeMac::setScrollPosition):
(WebCore::ScrollingTreeOverflowScrollingNodeMac::setScrollPositionWithoutContentEdgeConstraints): Deleted.

  • page/scrolling/mac/ScrollingTreeScrollingNodeDelegateMac.mm:

(WebCore::ScrollingTreeScrollingNodeDelegateMac::immediateScrollByWithoutContentEdgeConstraints):

  • platform/PlatformWheelEvent.h:

(WebCore::PlatformWheelEvent::delta const):

  • platform/ScrollTypes.h:
8:31 PM Changeset in webkit [241983] by commit-queue@webkit.org
  • 3 edits
    2 adds in trunk

AX: Treat AXChildrenInNavigationOrder as AXChildren before adding support for aria-flowto
https://bugs.webkit.org/show_bug.cgi?id=194923

Patch by Eric Liang <ericliang@apple.com> on 2019-02-22
Reviewed by Chris Fleizach.

Source/WebCore:

Added AXChildrenInNavigationOrder attribute that returns the same array as from AXChildren. It prevents AppKit from reordering elements from the fallback AXChildren attribute.

Test: accessibility/mac/children-in-navigation-order-returns-children.html

  • accessibility/mac/WebAccessibilityObjectWrapperMac.mm:

(-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]):

LayoutTests:

Added test to check AXChildrenInNavigationOrder returns non-empty array from AXChildren.

  • accessibility/mac/children-in-navigation-order-returns-children-expected.txt: Added.
  • accessibility/mac/children-in-navigation-order-returns-children.html: Added.
8:17 PM Changeset in webkit [241982] by Devin Rousso
  • 5 edits in trunk/Source/WebInspectorUI

Web Inspector: Timelines: add UI for preventing auto-stop
https://bugs.webkit.org/show_bug.cgi?id=194956

Reviewed by Joseph Pecoraro.

Add a checkbox to the navigation area of the Timelines tab that controls whether recordings
automatically stop (e.g. after "load" or a period of inactivity).

  • UserInterface/Views/TimelineRecordingContentView.js:

(WI.TimelineRecordingContentView):
(WI.TimelineRecordingContentView.prototype.get navigationItems):
(WI.TimelineRecordingContentView.prototype._handleAutoStopCheckboxCheckedDidChange): Added.
(WI.TimelineRecordingContentView.prototype._handleTimelinesAutoStopSettingChanged): Added.

  • UserInterface/Controllers/TimelineManager.js:

(WI.TimelineManager):
(WI.TimelineManager.prototype.capturingStopped):
(WI.TimelineManager.prototype._stopAutoRecordingSoon):
(WI.TimelineManager.prototype._resetAutoRecordingMaxTimeTimeout):
(WI.TimelineManager.prototype._resetAutoRecordingDeadTimeTimeout):
(WI.TimelineManager.prototype._handleTimelinesAutoStopSettingChanged):

  • UserInterface/Base/Setting.js:
  • Localizations/en.lproj/localizedStrings.js:
8:10 PM Changeset in webkit [241981] by Devin Rousso
  • 3 edits in trunk/Source/WebInspectorUI

REGRESSION(r?): Web Inspector: Popovers have inset shadows
https://bugs.webkit.org/show_bug.cgi?id=192963
<rdar://problem/46888679>

Reviewed by Brian Burg.

  • UserInterface/Views/Popover.js:

(WI.Popover.prototype._drawBackground):
(WI.Popover.prototype._drawBackground.isolate): Added.

  • UserInterface/Views/Popover.css:

(.popover):

8:07 PM Changeset in webkit [241980] by Devin Rousso
  • 4 edits in trunk/Source/WebInspectorUI

Web Inspector: Styles Redesign: clicking CSS property or selector should always select its text
https://bugs.webkit.org/show_bug.cgi?id=180791
<rdar://problem/36038366>

Reviewed by Brian Burg.

  • UserInterface/Views/SpreadsheetSelectorField.js:

(WI.SpreadsheetSelectorField):
(WI.SpreadsheetSelectorField.prototype.startEditing):
(WI.SpreadsheetSelectorField.prototype.stopEditing):
(WI.SpreadsheetSelectorField.prototype._handleMouseDown): Added.
(WI.SpreadsheetSelectorField.prototype._handleMouseUp): Added.
(WI.SpreadsheetSelectorField.prototype._handleFocus): Deleted.

  • UserInterface/Views/SpreadsheetCSSStyleDeclarationSection.js:

(WI.SpreadsheetCSSStyleDeclarationSection.prototype.initialLayout):

  • UserInterface/Views/SpreadsheetCSSStyleDeclarationSection.css:

(.spreadsheet-css-declaration .selector.editing:focus, .spreadsheet-css-declaration .selector > .matched): Added.
(.spreadsheet-css-declaration .selector.spreadsheet-selector-field):
(.spreadsheet-css-declaration .selector:focus, .spreadsheet-css-declaration .selector > .matched): Deleted.

8:05 PM Changeset in webkit [241979] by basuke.suzuki@sony.com
  • 4 edits
    2 adds in trunk

[WinCairo] Enable wk1/wk2 suffix for platform search path.
https://bugs.webkit.org/show_bug.cgi?id=194846

Reviewed by Don Olmstead.

Tools:

Added _search_paths() and _port_specific_expectations_files() for
WinCairoPort.

  • Scripts/webkitpy/port/win.py:

(WinCairoPort.default_baseline_search_path):
(WinCairoPort):
(WinCairoPort._port_specific_expectations_files):
(WinCairoPort._search_paths):

LayoutTests:

Added WebKitLegacy specific TestExpectations.

  • platform/wincairo-wk1/TestExpectations: Added.
  • platform/wincairo/TestExpectations:
6:38 PM Changeset in webkit [241978] by timothy_horton@apple.com
  • 7 edits in trunk

ProcessSwap.PageOverlayLayerPersistence fails on iOS and in debug builds
https://bugs.webkit.org/show_bug.cgi?id=194963

Reviewed by Dean Jackson.

Source/WebCore:

Tested by existing failing API test.

  • page/Page.cpp:

(WebCore::Page::installedPageOverlaysChanged): Deleted.

  • page/Page.h:

(WebCore::Page::pageOverlayController):

  • page/PageOverlayController.cpp:

(WebCore::PageOverlayController::installedPageOverlaysChanged):
(WebCore::PageOverlayController::detachViewOverlayLayers):
(WebCore::PageOverlayController::installPageOverlay):
(WebCore::PageOverlayController::uninstallPageOverlay):
(WebCore::PageOverlayController::willDetachRootLayer): Deleted.

  • page/PageOverlayController.h:

As intended by r240940, move installedPageOverlaysChanged to PageOverlayController.
Also, make it ignore isInWindow state; otherwise, if you install a overlay
and then come into window, nothing installs the root layer. There is no
need for this code to follow in-window state manually anymore since
the DrawingArea and RenderLayerCompositor just hook the layers up when needed.

Make some methods private, and make detachViewOverlayLayers only touch
*view* overlays, so that we don't detach the document-relative root
layer when you drop to having no view overlays. This maintains
existing behavior because nothing was calling PageOverlayController::detachViewOverlayLayers.

Now there are no callers of willDetachRootLayer, so remove it.

Tools:

  • TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:

Do a contains check instead of equals, because in debug builds we
put the GraphicsLayer pointer in a prefix.

6:10 PM Changeset in webkit [241977] by dino@apple.com
  • 1 edit
    1 add in trunk/LayoutTests

Rotation animations sometimes use the wrong origin (affects apple.com)
https://bugs.webkit.org/show_bug.cgi?id=194878
<rdar://problem/43908047>

Reviewed by Simon Fraser.

Forgot another expected results file.

  • legacy-animation-engine/animations/additive-transform-animations-expected.html: Added.
6:06 PM Changeset in webkit [241976] by bshafiei@apple.com
  • 1 edit in branches/safari-607-branch/Tools/TestWebKitAPI/Configurations/FeatureDefines.xcconfig

Apply patch. rdar://problem/47289624

5:51 PM Changeset in webkit [241975] by Nikita Vasilyev
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: Dark Mode: DOM Content Loaded blue marker is too dark
https://bugs.webkit.org/show_bug.cgi?id=194970
<rdar://problem/48330126>

Reviewed by Joseph Pecoraro.

  • UserInterface/Views/TimelineRuler.css:

(@media (prefers-color-scheme: dark)):
(.timeline-ruler > .markers > .marker.dom-content-event):
Make the marker lighter for the dark mode.

5:50 PM Changeset in webkit [241974] by bshafiei@apple.com
  • 6 edits in branches/safari-607-branch/Source

Apply patch. rdar://problem/47289624

5:03 PM Changeset in webkit [241973] by rniwa@webkit.org
  • 2 edits in trunk/LayoutTests

Skip the test added in r241932 on iOS for now.

  • platform/ios/TestExpectations:
4:54 PM Changeset in webkit [241972] by Alan Coon
  • 1 edit in branches/safari-607-branch/Source/WebCore/page/mac/DragControllerMac.mm

Unreviwed build fix. rdar://problem/47289624

4:48 PM Changeset in webkit [241971] by Wenson Hsieh
  • 17 edits
    2 adds in trunk

[iOS] Callout menu overlaps in-page controls when editing a comment in github.com's issue tracker
https://bugs.webkit.org/show_bug.cgi?id=194873
<rdar://problem/46701974>

Reviewed by Tim Horton.

Source/WebKit:

On the topic of supporting web-based rich text editors on iOS, one problematic area has always been handling
conflicts between platform UI (i.e., the system callout menu) and in-page text editing controls. This issue
comes up in websites that don't use the "hidden contenteditable" approach to rich text editing, but also show
additional controls in a toolbar or contextual menu above the selection. In these cases, what often happens is
that system controls overlap controls in the page.

Luckily, the iOS callout menu (i.e. the private UICalloutBar) is capable of presenting with a list of "evasion
rects" to avoid; if the callout bar would normally intersect with one of these rects, then a different
orientation that does not intersect with one of these rects is chosen instead. Currently, the only rect added
here by UIKit when presenting the callout menu is the bounding rect of the on-screen keyboard, but after
<rdar://problem/48128337>, we now have a generalized mechanism for offering additional evasion rects before
UIKit presents the callout menu.

This patch adopts the mechanism introduced in <rdar://problem/48128337>, and introduces a heuristic for
determining the approximate location of controls in the page which might overlap the callout menu. This
heuristic works by hit-testing for clickable (but non-editable) nodes above the bounds of the selection, which
are additionally not hit-tested by advancing outwards from any of the other edges of the selection bounds.
Additionally, any hit-tested nodes whose bounding rects are very large (relative to the content view size) are
ignored (this deals with scenarios where the body or a large container element has a click handler). We then add
the bounding rects of each of the nodes that fit this criteria to the list of rects for UIKit to avoid when
presenting the system callout menu.

The result is that WebKit will, by default, avoid overlapping anything that looks like controls in the page when
showing a callout menu in editable content. In practice, this fixes overlapping controls on most websites that
roll their own context menu or toolbar in their rich text editor.

Test: editing/selection/ios/avoid-showing-callout-menu-over-controls.html

  • Platform/spi/ios/UIKitSPI.h:
  • UIProcess/WebPageProxy.h:
  • UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView requestAutocorrectionRectsForString:withCompletionHandler:]):
(-[WKContentView requestRectsToEvadeForSelectionCommandsWithCompletionHandler:]):
(-[WKContentView requestAutocorrectionContextWithCompletionHandler:]):

Drive-by: handle null completion handler arguments more gracefully, by raising an NSException and bailing before
attempting to invoke a nil block.

  • UIProcess/ios/WebPageProxyIOS.mm:

(WebKit::WebPageProxy::requestEvasionRectsAboveSelection):

See above for more detail.

  • WebProcess/WebPage/WebPage.h:
  • WebProcess/WebPage/WebPage.messages.in:
  • WebProcess/WebPage/ios/WebPageIOS.mm:

(WebKit::WebPage::requestEvasionRectsAboveSelection):

Tools:

Add a couple of UIScriptController methods to make callout menu testing on iOS easier (see below).

  • DumpRenderTree/ios/UIScriptControllerIOS.mm:

(WTR::UIScriptController::menuRect const):
(WTR::UIScriptController::isShowingMenu const):

  • TestRunnerShared/UIScriptContext/Bindings/UIScriptController.idl:
  • TestRunnerShared/UIScriptContext/UIScriptController.cpp:

(WTR::UIScriptController::menuRect const):

Add a function to query the bounds of the callout menu in content coordinates.

(WTR::UIScriptController::isShowingMenu const):

Add a function to query whether the callout menu is shown (i.e., has finished its appearance animation).

  • TestRunnerShared/UIScriptContext/UIScriptController.h:
  • WebKitTestRunner/cocoa/TestRunnerWKWebView.h:
  • WebKitTestRunner/ios/UIScriptControllerIOS.mm:

(WTR::UIScriptController::rectForMenuAction const):
(WTR::UIScriptController::menuRect const):
(WTR::UIScriptController::isShowingMenu const):
(WTR::findViewInHierarchyOfType): Deleted.

LayoutTests:

Add a test to ensure that the we dodge clickable elements when showing the callout bar.

  • editing/selection/ios/avoid-showing-callout-menu-over-controls-expected.txt: Added.
  • editing/selection/ios/avoid-showing-callout-menu-over-controls.html: Added.
  • resources/ui-helper.js:

(window.UIHelper.waitForMenuToShow.return.new.Promise):
(window.UIHelper.waitForMenuToShow):
(window.UIHelper.menuRect):
(window.UIHelper):

4:41 PM Changeset in webkit [241970] by aestes@apple.com
  • 2 edits in trunk/Source/WebCore

[iOS] Break a reference cycle between PreviewLoader and ResourceLoader
https://bugs.webkit.org/show_bug.cgi?id=194964
<rdar://problem/48279441>

Reviewed by Alex Christensen.

When a document's QuickLook preview is loaded, a reference cycle is created between
PreviewLoader and ResourceLoader. Break the cycle by clearing m_previewLoader in
ResourceLoader::releaseResources().

Fixes leaks detected by run-webkit-tests --leaks LayoutTests/quicklook.

  • loader/ResourceLoader.cpp:

(WebCore::ResourceLoader::releaseResources):

4:32 PM WebKitGTK/2.24.x edited by Michael Catanzaro
(diff)
4:13 PM Changeset in webkit [241969] by Simon Fraser
  • 2 edits in trunk/Source/WebKit

Unreviewed build fix: need a WebCore:: namespace on ScrollingEventResult.

  • UIProcess/RemoteLayerTree/ios/ScrollingTreeOverflowScrollingNodeIOS.h:
4:05 PM Changeset in webkit [241968] by rmorisset@apple.com
  • 3 edits
    1 add in trunk

DFGBytecodeParser should not declare that a node won't clobberExit if DFGFixupPhase can later declare it does clobberExit
https://bugs.webkit.org/show_bug.cgi?id=194953
<rdar://problem/47595253>

Reviewed by Saam Barati.

JSTests:

I could not make this work without the infinite loop, so I am using a watchdog to be able to use it as a regression test.

  • stress/has-indexed-property-with-worsening-array-mode.js: Added.

Source/JavaScriptCore:

For each node that
(a) may or may not clobberExit depending on their arrayMode
(b) and get their arrayMode from profiling information in DFGBytecodeParser
(c) and can have their arrayMode refined by DFGFixupPhase,
We must make sure to be conservative in the DFGBytecodeParser and treat it as if it unconditionnally clobbered the exit.
Otherwise we will hit a validation failure after fixup if the next node was marked ExitValid and exits to the same semantic origin.

The list of nodes that fit (a) is:

  • StringCharAt
  • HasIndexProperty
  • GetByVal
  • PutByValDirect
  • PutByVal
  • PutByValAlias
  • GetIndexedPropertyStorage

Out of these, the following also fit (b) and (c):

  • HasIndexedProperty
  • GetByVal
  • PutByValDirect
  • PutByVal

GetByVal already had "m_exitOK = false; GetByVal must be treated as if it clobbers exit state, since FixupPhase may make it generic."
So we just have to fix the other three the same way.

  • dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::parseBlock):
(JSC::DFG::ByteCodeParser::handlePutByVal):

3:41 PM Changeset in webkit [241967] by sihui_liu@apple.com
  • 5 edits in trunk/Source/WebCore

Crash under IDBServer::IDBConnectionToClient::identifier() const
https://bugs.webkit.org/show_bug.cgi?id=194843
<rdar://problem/48203102>

Reviewed by Geoffrey Garen.

UniqueIDBDatabase should ignore requests from connections that are already closed.

Tests are hard to create without some tricks on UniqueIDBDatabase so this fix is verified manually.
One test is created by adding delay to UniqueIDBDatabase::openBackingStore on the background thread to make sure
disconnection of web process happens before UniqueIDBDatabase::didOpenBackingStore, because didOpenBackingStore
may start a version change transaction and ask for identifier from the connection that is already gone.

  • Modules/indexeddb/server/IDBConnectionToClient.cpp:

(WebCore::IDBServer::IDBConnectionToClient::connectionToClientClosed):

  • Modules/indexeddb/server/IDBConnectionToClient.h:

(WebCore::IDBServer::IDBConnectionToClient::isClosed):

  • Modules/indexeddb/server/UniqueIDBDatabase.cpp:

(WebCore::IDBServer::UniqueIDBDatabase::clearStalePendingOpenDBRequests):
(WebCore::IDBServer::UniqueIDBDatabase::handleDatabaseOperations):
(WebCore::IDBServer::UniqueIDBDatabase::operationAndTransactionTimerFired):

  • Modules/indexeddb/server/UniqueIDBDatabase.h:
2:59 PM Changeset in webkit [241966] by Alan Coon
  • 1 edit in branches/safari-608.1.5.1-branch/Source/WebKit/UIProcess/RemoteLayerTree/ios/ScrollingTreeOverflowScrollingNodeIOS.h

Unreviewed build fix.

2:59 PM Changeset in webkit [241965] by Alan Coon
  • 1 edit in branches/safari-608.1.5.1-branch/Source/WebKit/UIProcess/RemoteLayerTree/RemoteLayerTreeNode.h

Unreviewed build fix. rdar://problem/46793397

2:54 PM Changeset in webkit [241964] by rmorisset@apple.com
  • 3 edits in trunk/Source/JavaScriptCore

B3ReduceStrength: missing peephole optimizations for binary operations
https://bugs.webkit.org/show_bug.cgi?id=194252

Reviewed by Saam Barati.

Adds several sets of optimizations for BitAnd, BitOr and BitXor.
Using BitAnd distributivity over BitOr and BitXor:

Turn any of these (for Op == BitOr
Op == BitXor):

Op(BitAnd(x1, x2), BitAnd(x1, x3))
Op(BitAnd(x2, x1), BitAnd(x1, x3))
Op(BitAnd(x1, x2), BitAnd(x3, x1))
Op(BitAnd(x2, x1), BitAnd(x3, x1))

Into this: BitAnd(Op(x2, x3), x1)
And any of these:

Op(BitAnd(x1, x2), x1)
Op(BitAnd(x2, x1), x1)
Op(x1, BitAnd(x1, x2))
Op(x1, BitAnd(x2, x1))

Into this: BitAnd(Op(x2, x1), x1)
This second set is equivalent to doing x1 => BitAnd(x1, x1), and then applying the first set.

Using de Morgan laws (we represent not as BitXor with allOnes):

BitAnd(BitXor(x1, allOnes), BitXor(x2, allOnes)) => BitXor(BitOr(x1, x2), allOnes)
BitOr(BitXor(x1, allOnes), BitXor(x2, allOnes) => BitXor(BitAnd(x1, x2), allOnes)
BitOr(BitXor(x, allOnes), c) => BitXor(BitAnd(x, ~c), allOnes)
BitAnd(BitXor(x, allOnes), c) => BitXor(BitOr(x, ~c), allOnes)

The latter two are equivalent to doing c => BitXor(~c, allOnes), and then applying the former two.

All of these transformations either reduce the number of operations (which we always do when possible), or bring the expression closer to having:

  • BitXor with all ones at the outermost
  • then BitAnd
  • then other BitXor
  • then BitOr at the innermost.

These transformations that don't directly reduce the number of operations are still useful for normalization (helping things like CSE), and also can enable
more optimizations (for example BitXor with all ones can easily cancel each other once they are all at the outermost level).

  • b3/B3ReduceStrength.cpp:
  • b3/testb3.cpp:

(JSC::B3::testBitAndNotNot):
(JSC::B3::testBitAndNotImm):
(JSC::B3::testBitOrAndAndArgs):
(JSC::B3::testBitOrAndSameArgs):
(JSC::B3::testBitOrNotNot):
(JSC::B3::testBitOrNotImm):
(JSC::B3::testBitXorAndAndArgs):
(JSC::B3::testBitXorAndSameArgs):
(JSC::B3::run):

1:17 PM Changeset in webkit [241963] by Chris Dumez
  • 7 edits in trunk

Regression(PSON) Unable to preview password-protected documents on iCloud.com
https://bugs.webkit.org/show_bug.cgi?id=194954
<rdar://problem/48127957>

Reviewed by Alex Christensen.

Source/WebKit:

Make sure the ProvisionalPageProxy forwards to the WebPageProxy the QuickLook-related
IPC on iOS.

  • UIProcess/ProvisionalPageProxy.cpp:

(WebKit::ProvisionalPageProxy::didRequestPasswordForQuickLookDocumentInMainFrame):
(WebKit::ProvisionalPageProxy::didReceiveMessage):

  • UIProcess/ProvisionalPageProxy.h:
  • UIProcess/WebPageProxy.h:
  • UIProcess/ios/WebPageProxyIOS.mm:

(WebKit::WebPageProxy::didRequestPasswordForQuickLookDocumentInMainFrame):
(WebKit::WebPageProxy::didRequestPasswordForQuickLookDocumentInMainFrameShared):

Tools:

Add API test coverage.

  • TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:

(-[PSONNavigationDelegate _webViewDidRequestPasswordForQuickLookDocument:]):
(-[PSONNavigationDelegate _webView:didStartLoadForQuickLookDocumentInMainFrameWithFileName:uti:]):
(-[PSONNavigationDelegate _webView:didFinishLoadForQuickLookDocumentInMainFrame:]):

12:44 PM Changeset in webkit [241962] by pvollan@apple.com
  • 2 edits in trunk/Source/WebKit

[iOS] Sandbox should allow mach lookups related to media capturing
https://bugs.webkit.org/show_bug.cgi?id=194951
<rdar://problem/48013875>

Reviewed by Brent Fulgham.

  • Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:
12:31 PM Changeset in webkit [241961] by bshafiei@apple.com
  • 4 edits in branches/safari-608.1.5.1-branch

Revert r241606. rdar://problem/47884404

12:31 PM Changeset in webkit [241960] by bshafiei@apple.com
  • 2 edits in branches/safari-608.1.5.1-branch/Source/WebKit

Revert r241631. rdar://problem/48126255

12:31 PM Changeset in webkit [241959] by bshafiei@apple.com
  • 12 edits in branches/safari-608.1.5.1-branch/Source

Revert r241721. rdar://problem/47677951

12:31 PM Changeset in webkit [241958] by bshafiei@apple.com
  • 9 edits in branches/safari-608.1.5.1-branch

Revert r241752. rdar://problem/48055151

12:31 PM Changeset in webkit [241957] by bshafiei@apple.com
  • 3 edits in branches/safari-608.1.5.1-branch/Source/WebKit

Cherry-pick r241584. rdar://problem/46793397

Unreviewed. Fix GTK+ build after r241556

I guess this is due to unified builds after a new file being added in r241556.

Patch by Carlos Garcia Campos <cgarcia@igalia.com> on 2019-02-15

  • UIProcess/API/C/WKAuthenticationDecisionListener.cpp:
  • UIProcess/API/C/WKPage.cpp:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241584 268f45cc-cd09-0410-ab3c-d52691b4dbfc

12:20 PM Changeset in webkit [241956] by ysuzuki@apple.com
  • 3 edits in trunk/Source/JavaScriptCore

[JSC] putNonEnumerable in JSWrapperMap is too costly
https://bugs.webkit.org/show_bug.cgi?id=194935

Reviewed by Mark Lam.

When we convert Objective-C blocks to JS objects, we need to set up a corresponding function object correctly.
During this allocation, we call [JSValue defineProperty:descriptor] to connect a "prototype" object and "constructor" object.
The problem is that this API has a particularly costly implementation:

_context globalObject][@"Object"] invokeMethod:@"defineProperty" withArguments:@[ self, key, descriptor ;

This wraps each JS objects appear in this code with Objective-C wrapper. And we convert a NSDictionary to JSObject, which
has "writable", "enumerable", "configurable", "value" fields, and call the "defineProperty" JS function through Objective-C wrapper.
This allocates many Objective-C wrappers and JS objects for descriptors. Since JSC has a direct C++ API "defineOwnProperty", we should
bypass these Objective-C APIs and call JSC's code directly.

This patch changes putNonEnumerable implementation, from calling [JSValue defineProperty:descriptor] to calling JSC C++ code directly.
We do not change [JSValue defineProperty:descriptor] implementation for now because of two reasons. (1) This is not used in our benchmarks
except for this (converting an Objective-C block to a JS object) one path. And (2) even if we were to re-write [JSValue defineProperty:descriptor]
to be more optimized, we would still want to call the JSC C++ version of defineProperty directly here to avoid NSDictionary allocation for a descriptor.

  • API/APIUtils.h:

(setException):

  • API/JSWrapperMap.mm:

(putNonEnumerable):
(copyMethodsToObject):
(-[JSObjCClassInfo allocateConstructorAndPrototypeInContext:]):
(-[JSObjCClassInfo wrapperForObject:inContext:]):

11:15 AM Changeset in webkit [241955] by ysuzuki@apple.com
  • 3 edits in trunk/Source/JavaScriptCore

Unreviewed, build fix after r241954
https://bugs.webkit.org/show_bug.cgi?id=194939

Renaming setCanAccessHeap was incomplete.

  • runtime/SmallStrings.cpp:

(JSC::SmallStrings::initializeCommonStrings):

  • runtime/VM.cpp:

(JSC::VM::~VM):

11:04 AM Changeset in webkit [241954] by ysuzuki@apple.com
  • 4 edits in trunk/Source/JavaScriptCore

[JSC] SmallStringsStorage is unnecessary
https://bugs.webkit.org/show_bug.cgi?id=194939

Reviewed by Mark Lam.

SmallStrings hold common small JSStrings. Their underlying StringImpl is also held by SmallStringsStorage.
But it is duplicate since we can get StringImpl from small JSStrings. This patch removes SmallStringsStorage,
and get StringImpls from JSStrings if necessary.

We also add m_canAccessHeap flag to SmallStrings. At the time of VM destruction, JSStrings are destroyed when
VM's Heap is finalized. We must not touch JSStrings before VM's heap (and JSStrings in SmallStrings) is initialized,
and after VM's Heap is destroyed. We add this m_canAccessHeap flag to allow users to get StringImpl during the
this sensitive period. If m_canAccessHeap is false, we get StringImpl from AtomicStringImpl::add.

  • runtime/SmallStrings.cpp:

(JSC::SmallStrings::initializeCommonStrings):
(JSC::SmallStrings::singleCharacterStringRep):
(JSC::SmallStringsStorage::rep): Deleted.
(JSC::SmallStringsStorage::SmallStringsStorage): Deleted.
(JSC::SmallStrings::createSingleCharacterString): Deleted.

  • runtime/SmallStrings.h:

(JSC::SmallStrings::setCanAccessHeap):

  • runtime/VM.cpp:

(JSC::VM::VM):
(JSC::VM::~VM):

11:01 AM WebKitGTK/2.24.x edited by Michael Catanzaro
(diff)
10:46 AM Changeset in webkit [241953] by commit-queue@webkit.org
  • 4 edits in trunk/Source/WebInspectorUI

Web Inspector: Remove unused Timeline record selection code path
https://bugs.webkit.org/show_bug.cgi?id=194931

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2019-02-22
Reviewed by Devin Rousso.

  • UserInterface/Views/TimelineOverview.js:

(WI.TimelineOverview):
(WI.TimelineOverview.prototype.userSelectedRecord): Deleted.

  • UserInterface/Views/TimelineRecordingContentView.js:

(WI.TimelineRecordingContentView):
(WI.TimelineRecordingContentView.prototype.timelineOverviewUserSelectedRecord): Deleted.

  • UserInterface/Views/TimelineView.js:

(WI.TimelineView.prototype.userSelectedRecordFromOverview): Deleted.

10:46 AM Changeset in webkit [241952] by commit-queue@webkit.org
  • 3 edits in trunk/Source/WebKit

[GTK] Navigation gesture improvements
https://bugs.webkit.org/show_bug.cgi?id=194943

Patch by Alexander Mikhaylenko <exalm7659@gmail.com> on 2019-02-22
Reviewed by Michael Catanzaro.

Cancel the gesture if progress is less than 0.5 and velocity is not high enough.

Allow to continue the gesture during animation. Introduce finished state to be used
when showing snapshot after the animation ends.

Fix duration calculation, also slow it down so that the initial velocity matches
what it was during the gesture.

  • UIProcess/ViewGestureController.h: Add shouldCancel() and State::Finishing to SwipeProgressTracker.
  • UIProcess/gtk/ViewGestureControllerGtk.cpp:

(WebKit::ViewGestureController::SwipeProgressTracker::handleEvent):
Fix velocity calculation, allow scrolling during State::Animating.
(WebKit::ViewGestureController::SwipeProgressTracker::shouldCancel): Added.
(WebKit::ViewGestureController::SwipeProgressTracker::startAnimation): Use shouldCancel() and fix duration calculation.
(WebKit::ViewGestureController::SwipeProgressTracker::endAnimation): Set state to State::Finishing when the animation ends.

10:42 AM Changeset in webkit [241951] by Alan Coon
  • 1 edit in branches/safari-607-branch/Source/WebCore/page/ios/EventHandlerIOS.mm

Unreviewed build fix. rdar://problem/47289624

10:24 AM Changeset in webkit [241950] by Chris Dumez
  • 6 edits in trunk

REGRESSION(PSON) Scroll position is sometimes not restored on history navigation
https://bugs.webkit.org/show_bug.cgi?id=194924
<rdar://problem/48216125>

Reviewed by Geoffrey Garen.

Source/WebKit:

When process-swapping, we would create a new WebPage in the new process, which would
call restoreSessionInternal() to restore the HistoryItems based on the UIProcess's
backforward list. The issue is that this session restoring would send HistoryItem
updates back to the UIProcess. Without PSON, this would be unnecessary but harmless.
With PSON though, this may end up overwriting values set by the previous process,
such as the scroll position.

Address the issue by temporarily disabling the HistoryItem update notifications to
the UIProcess while restoring a session.

  • UIProcess/API/Cocoa/WKBackForwardListItem.mm:

(-[WKBackForwardListItem _scrollPosition]):

  • UIProcess/API/Cocoa/WKBackForwardListItemPrivate.h:
  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::restoreSessionInternal):

Tools:

Add API test coverage.

  • TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:
9:09 AM Changeset in webkit [241949] by Wenson Hsieh
  • 11 edits
    1 move
    3 adds
    1 delete in trunk

Input type "formatSetInlineTextDirection" is dispatched when changing paragraph-level text direction
https://bugs.webkit.org/show_bug.cgi?id=194703
<rdar://problem/48111775>

Reviewed by Ryosuke Niwa.

Source/WebCore:

Currently, when changing text direction, WebKit always sends input events of type formatSetInlineTextDirection,
even when changing paragraph text direction. Instead, we should be emitting formatSetBlockTextDirection in this
scenario. This is problematic when using the context menus on macOS to change writing direction, since changing
"Selection Direction" is currently indistinguishable from changing "Paragraph Direction".

To fix this, we split EditAction::SetWritingDirection into EditAction::SetInlineWritingDirection and
EditAction::SetBlockWritingDirection, which emit inline and block text direction input events, respectively.

Tests: fast/events/before-input-events-prevent-block-text-direction.html

fast/events/before-input-events-prevent-inline-text-direction.html

  • editing/CompositeEditCommand.cpp:

(WebCore::CompositeEditCommand::apply):

  • editing/EditAction.cpp:

(WebCore::undoRedoLabel):

  • editing/EditAction.h:
  • editing/EditCommand.cpp:

(WebCore::inputTypeNameForEditingAction):

  • editing/Editor.cpp:

(WebCore::inputEventDataForEditingStyleAndAction):
(WebCore::Editor::setBaseWritingDirection):

  • editing/EditorCommand.cpp:

(WebCore::executeMakeTextWritingDirectionLeftToRight):
(WebCore::executeMakeTextWritingDirectionNatural):
(WebCore::executeMakeTextWritingDirectionRightToLeft):

Source/WebKitLegacy/win:

  • WebCoreSupport/WebEditorClient.cpp:

(undoNameForEditAction):

LayoutTests:

Rebaseline some existing tests to expect input events of type "formatSetBlockTextDirection" instead of
"formatSetInlineTextDirection" when changing paragraph text direction; additionally, add a new layout test that
changes the inline text direction in some Bidi text, and verify that "formatSetInlineTextDirection" is emitted
in this scenario, and that calling preventDefault() in the beforeinput event handler causes no change to be
made.

  • editing/input/ios/rtl-keyboard-input-on-focus-expected.txt:
  • fast/events/before-input-events-prevent-block-text-direction-expected.txt: Added.
  • fast/events/before-input-events-prevent-block-text-direction.html: Renamed from LayoutTests/fast/events/before-input-events-prevent-text-direction.html.
  • fast/events/before-input-events-prevent-inline-text-direction-expected.txt: Added.
  • fast/events/before-input-events-prevent-inline-text-direction.html: Added.
  • fast/events/before-input-events-prevent-text-direction-expected.txt: Removed.
8:48 AM Changeset in webkit [241948] by Chris Dumez
  • 2 edits in trunk/Tools

Unreviewed, disable API test added in r241928 on iOS.

The cache is not enabled on devices with less than 3GB of RAM.

  • TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:
8:31 AM Changeset in webkit [241947] by commit-queue@webkit.org
  • 5 edits in trunk/Source/WebCore

Remove stripLeadingAndTrailingWhitespace from MathMLElement.cpp
https://bugs.webkit.org/show_bug.cgi?id=160172

Patch by Rob Buis <rbuis@igalia.com> on 2019-02-22
Reviewed by Frédéric Wang.

Remove stripLeadingAndTrailingWhitespace and use stripLeadingAndTrailingHTTPSpaces
from HTTPParsers instead.

No new tests, already covered by MathML tests.

  • mathml/MathMLElement.cpp:

(WebCore::MathMLElement::stripLeadingAndTrailingWhitespace): Deleted.

  • mathml/MathMLElement.h:
  • mathml/MathMLPresentationElement.cpp:

(WebCore::MathMLPresentationElement::parseMathMLLength):

  • mathml/MathMLTokenElement.cpp:

(WebCore::MathMLTokenElement::convertToSingleCodePoint):

6:28 AM WebKitGTK/2.22.x edited by Adrian Perez de Castro
(diff)
6:28 AM Changeset in webkit [241946] by Adrian Perez de Castro
  • 2 edits in releases/WebKitGTK/webkit-2.22/Source/WebCore

Merged r241402 - [FreeType] Unable to render some Hebrew characters
https://bugs.webkit.org/show_bug.cgi?id=194498

Reviewed by Michael Catanzaro.

We are failing to find a font for some of the combining character sequences because normalization is failing due
to overflow error. In case of overflow, normalize returns the required length for the normalized characters, so
we should handle that case to resize the output buffer and try again.

  • platform/graphics/cairo/FontCairoHarfbuzzNG.cpp:

(WebCore::FontCascade::fontForCombiningCharacterSequence const):

5:52 AM Changeset in webkit [241945] by eric.carlson@apple.com
  • 6 edits in trunk/Source/WebCore

Update some media logging
https://bugs.webkit.org/show_bug.cgi?id=194915

Reviewed by Jer Noble.

No new tests, no functional change.

  • Modules/mediasource/SourceBuffer.cpp:

(WebCore::SourceBuffer::evictCodedFrames):
(WebCore::SourceBuffer::provideMediaData):
(WebCore::SourceBuffer::trySignalAllSamplesInTrackEnqueued):

  • html/HTMLMediaElement.cpp:

(WebCore::HTMLMediaElement::checkPlaybackTargetCompatablity):
(WebCore::HTMLMediaElement::loadResource):
(WebCore::HTMLMediaElement::updateActiveTextTrackCues):
(WebCore::HTMLMediaElement::canTransitionFromAutoplayToPlay const):
(WebCore::HTMLMediaElement::seekTask):
(WebCore::HTMLMediaElement::playInternal):
(WebCore::HTMLMediaElement::pauseInternal):
(WebCore::HTMLMediaElement::setLoop):
(WebCore::HTMLMediaElement::setControls):
(WebCore::HTMLMediaElement::sourceWasRemoved):

  • html/MediaElementSession.cpp:

(WebCore::convertEnumerationToString):

  • html/MediaElementSession.h:

(WTF::LogArgument<WebCore::MediaPlaybackDenialReason>::toString):

  • platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:

(WebCore::SourceBufferPrivateAVFObjC::enqueueSample):

5:43 AM WebKitGTK/2.22.x edited by Adrian Perez de Castro
(diff)
5:43 AM Changeset in webkit [241944] by Adrian Perez de Castro
  • 2 edits in releases/WebKitGTK/webkit-2.22/Source/JavaScriptCore

Merged r241753 - Fix DFG doesGC() for CompareEq/Less/LessEq/Greater/GreaterEq and CompareStrictEq nodes.
https://bugs.webkit.org/show_bug.cgi?id=194800
<rdar://problem/48183773>

Reviewed by Yusuke Suzuki.

Fix doesGC() for the following nodes:

CompareEq:
CompareLess:
CompareLessEq:
CompareGreater:
CompareGreaterEq:
CompareStrictEq:

Only return false (i.e. does not GC) for child node use kinds that have
been vetted to not do anything that can GC. For all other use kinds
(including StringUse and BigIntUse), we return true (i.e. does GC).

  • dfg/DFGDoesGC.cpp:

(JSC::DFG::doesGC):

5:42 AM WebKitGTK/2.22.x edited by Adrian Perez de Castro
(diff)
5:35 AM Changeset in webkit [241943] by Adrian Perez de Castro
  • 1 edit in releases/WebKitGTK/webkit-2.24/Source/JavaScriptCore/ChangeLog

Merged r241753 - Fix DFG doesGC() for CompareEq/Less/LessEq/Greater/GreaterEq and CompareStrictEq nodes.
https://bugs.webkit.org/show_bug.cgi?id=194800
<rdar://problem/48183773>

Reviewed by Yusuke Suzuki.

Fix doesGC() for the following nodes:

CompareEq:
CompareLess:
CompareLessEq:
CompareGreater:
CompareGreaterEq:
CompareStrictEq:

Only return false (i.e. does not GC) for child node use kinds that have
been vetted to not do anything that can GC. For all other use kinds
(including StringUse and BigIntUse), we return true (i.e. does GC).

  • dfg/DFGDoesGC.cpp:

(JSC::DFG::doesGC):

2:42 AM Changeset in webkit [241942] by commit-queue@webkit.org
  • 4 edits in trunk

Fix unitless usage of mathsize
https://bugs.webkit.org/show_bug.cgi?id=194940

Patch by Rob Buis <rbuis@igalia.com> on 2019-02-22
Reviewed by Frédéric Wang.

Source/WebCore:

Convert unitless lengths to percentage values to correct the computed
font size.

  • mathml/MathMLElement.cpp:

(WebCore::convertToPercentageIfNeeded):
(WebCore::MathMLElement::collectStyleForPresentationAttribute):

LayoutTests:

Tests lengths-1.html and length-3.html now pass.

1:43 AM Changeset in webkit [241941] by Adrian Perez de Castro
  • 4 edits in releases/WebKitGTK/webkit-2.24/Source/WebKit

Merged r241936 - [WPE][GTK] No API documentation generated for WebKitUserContentFilterStore
https://bugs.webkit.org/show_bug.cgi?id=194908

Reviewed by Carlos Garcia Campos.

  • UIProcess/API/gtk/docs/webkit2gtk-4.0.types: Add entry for webkit_user_content_filter_store_get_type().
  • UIProcess/API/gtk/docs/webkit2gtk-docs.sgml: Add entry for WebKitUserContentFilterStore.
  • UIProcess/API/wpe/docs/wpe-docs.sgml: Ditto.
1:43 AM Changeset in webkit [241940] by Adrian Perez de Castro
  • 2 edits in releases/WebKitGTK/webkit-2.24/Source/WebKit

Merged r241935 - wpewebkit-2.23.90 Failing to build on Fedora
https://bugs.webkit.org/show_bug.cgi?id=194922

Unreviewed. Fix path to WebKitUserContentFilterStore.h in WPE_API_INSTALLED_HEADERS.

  • PlatformWPE.cmake:
1:18 AM Changeset in webkit [241939] by Adrian Perez de Castro
  • 2 edits in trunk

Unreviewed. Bump version numbers

  • Source/cmake/OptionsWPE.cmake:
1:08 AM Changeset in webkit [241938] by Tadeu Zagallo
  • 5 edits in trunk/Source/JavaScriptCore

Cache CompactVariableMap::Handle instead of VariableEnvironment for UnlinkedFunctionExecutable
https://bugs.webkit.org/show_bug.cgi?id=194706

Reviewed by Saam Barati.

In https://bugs.webkit.org/show_bug.cgi?id=194583 we started using a
CompactVariableMap::Handle instead of VariableEnvironment for
UnlinkedFunctionExecutables, but we were creating the full environment
to encode the executable in the bytecode cache. This patch changes it so
that we cache the handle instead of the environment. This avoids duplicating
the VariableEnvironment whenever we have to cache two handles that point
to the environment.

  • bytecode/UnlinkedFunctionExecutable.h:
  • parser/VariableEnvironment.cpp:

(JSC::CompactVariableMap::get):

  • parser/VariableEnvironment.h:
  • runtime/CachedTypes.cpp:

(JSC::CachedCompactVariableEnvironment::encode):
(JSC::CachedCompactVariableEnvironment::decode const):
(JSC::CachedCompactVariableMapHandle::encode):
(JSC::CachedCompactVariableMapHandle::decode const):
(JSC::CachedFunctionExecutable::encode):
(JSC::CachedFunctionExecutable::decode const):
(JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable):

Feb 21, 2019:

11:32 PM Changeset in webkit [241937] by Carlos Garcia Campos
  • 2 edits in trunk

Unreviewed. Bump version numbers

  • Source/cmake/OptionsGTK.cmake:
11:19 PM Changeset in webkit [241936] by Adrian Perez de Castro
  • 4 edits in trunk/Source/WebKit

[WPE][GTK] No API documentation generated for WebKitUserContentFilterStore
https://bugs.webkit.org/show_bug.cgi?id=194908

Reviewed by Carlos Garcia Campos.

  • UIProcess/API/gtk/docs/webkit2gtk-4.0.types: Add entry for webkit_user_content_filter_store_get_type().
  • UIProcess/API/gtk/docs/webkit2gtk-docs.sgml: Add entry for WebKitUserContentFilterStore.
  • UIProcess/API/wpe/docs/wpe-docs.sgml: Ditto.
11:06 PM Changeset in webkit [241935] by Carlos Garcia Campos
  • 2 edits in trunk/Source/WebKit

wpewebkit-2.23.90 Failing to build on Fedora
https://bugs.webkit.org/show_bug.cgi?id=194922

Unreviewed. Fix path to WebKitUserContentFilterStore.h in WPE_API_INSTALLED_HEADERS.

  • PlatformWPE.cmake:
11:04 PM Changeset in webkit [241934] by Simon Fraser
  • 120 edits in trunk

Hardcode Visual Viewports on everywhere except iOS WK1
https://bugs.webkit.org/show_bug.cgi?id=194928

Reviewed by Zalan Bujtas.
Source/WebCore:

Remove the WK1 and WK2 preferences and MiniBrowser menu item for "visual viewports",
change the default value of the Setting to 'true', and hardcode WebView on iOS to
set it to false. The setting has shipped for several years and there's no need to turn
it off now.

Similarly, disable the "Visual Viewport API" on iOS WK1, since it makes no sense if
Visual Viewports are not enabled.

Remove the "visualViewportEnabled" flag and unused code paths from scrolling tree code
that only runs in WK2

  • page/Settings.yaml:
  • page/scrolling/AsyncScrollingCoordinator.cpp:

(WebCore::AsyncScrollingCoordinator::frameViewLayoutUpdated):
(WebCore::AsyncScrollingCoordinator::reconcileScrollingState):
(WebCore::AsyncScrollingCoordinator::visualViewportEnabled const): Deleted.

  • page/scrolling/AsyncScrollingCoordinator.h:
  • page/scrolling/ScrollingStateFrameScrollingNode.cpp:

(WebCore::ScrollingStateFrameScrollingNode::ScrollingStateFrameScrollingNode):
(WebCore::ScrollingStateFrameScrollingNode::setAllPropertiesChanged):
(WebCore::ScrollingStateFrameScrollingNode::dumpProperties const):
(WebCore::ScrollingStateFrameScrollingNode::setVisualViewportEnabled): Deleted.

  • page/scrolling/ScrollingStateFrameScrollingNode.h:
  • page/scrolling/ScrollingTree.cpp:

(WebCore::ScrollingTree::commitTreeState):

  • page/scrolling/ScrollingTree.h:

(WebCore::ScrollingTree::visualViewportEnabled const): Deleted.
(WebCore::ScrollingTree::setVisualViewportEnabled): Deleted.

  • page/scrolling/ScrollingTreeFrameScrollingNode.cpp:

(WebCore::ScrollingTreeFrameScrollingNode::layoutViewportForScrollPosition const):

  • page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:

(WebCore::ScrollingTreeFrameScrollingNodeMac::setScrollPositionWithoutContentEdgeConstraints):
(WebCore::ScrollingTreeFrameScrollingNodeMac::setScrollLayerPosition):

Source/WebKit:

Remove the WK1 and WK2 preferences and MiniBrowser menu item for "visual viewports",
change the default value of the Setting to 'true', and hardcode WebView on iOS to
set it to false. The setting has shipped for several years and there's no need to turn
it off now.

Similarly, disable the "Visual Viewport API" on iOS WK1, since it makes no sense if
Visual Viewports are not enabled.

Remove the "visualViewportEnabled" flag and unused code paths from scrolling tree code
that only runs in WK2

  • Shared/RemoteLayerTree/RemoteScrollingCoordinatorTransaction.cpp:

(ArgumentCoder<ScrollingStateFrameScrollingNode>::encode):
(ArgumentCoder<ScrollingStateFrameScrollingNode>::decode):

  • Shared/WebPreferences.yaml:
  • UIProcess/API/Cocoa/WKPreferences.mm:

(-[WKPreferences _visualViewportEnabled]): Deleted.
(-[WKPreferences _setVisualViewportEnabled:]): Deleted.

  • UIProcess/API/Cocoa/WKPreferencesPrivate.h:
  • UIProcess/RemoteLayerTree/RemoteLayerTreeDrawingAreaProxy.mm:

(WebKit::RemoteLayerTreeDrawingAreaProxy::commitLayerTree):

  • UIProcess/RemoteLayerTree/RemoteScrollingCoordinatorProxy.h:

(WebKit::RemoteScrollingCoordinatorProxy::visualViewportEnabled const): Deleted.

  • UIProcess/RemoteLayerTree/ios/RemoteScrollingCoordinatorProxyIOS.mm:

(WebKit::RemoteScrollingCoordinatorProxy::customFixedPositionRect const):

  • UIProcess/WebPageProxy.h:
  • UIProcess/ios/WKContentView.mm:

(-[WKContentView didUpdateVisibleRect:unobscuredRect:contentInsets:unobscuredRectInScrollViewCoordinates:obscuredInsets:unobscuredSafeAreaInsets:inputViewBounds:scale:minimumScale:inStableState:isChangingObscuredInsetsInteractively:enclosedInScrollableAncestorView:]):

  • UIProcess/ios/WebPageProxyIOS.mm:

(WebKit::WebPageProxy::computeCustomFixedPositionRect const):

  • WebProcess/Automation/WebAutomationSessionProxy.cpp:

(WebKit::WebAutomationSessionProxy::computeElementLayout):

  • WebProcess/InjectedBundle/InjectedBundle.cpp:

(WebKit::InjectedBundle::overrideBoolPreferenceForTestRunner):

  • WebProcess/WebPage/ios/WebPageIOS.mm:

(WebKit::WebPage::getFocusedElementInformation):
(WebKit::WebPage::dynamicViewportSizeUpdate):
(WebKit::WebPage::updateVisibleContentRects):

Source/WebKitLegacy/mac:

Remove the WK1 and WK2 preferences and MiniBrowser menu item for "visual viewports",
change the default value of the Setting to 'true', and hardcode WebView on iOS to
set it to false. The setting has shipped for several years and there's no need to turn
it off now.

Similarly, disable the "Visual Viewport API" on iOS WK1, since it makes no sense if
Visual Viewports are not enabled.

Remove the "visualViewportEnabled" flag and unused code paths from scrolling tree code
that only runs in WK2

  • WebView/WebPreferenceKeysPrivate.h:
  • WebView/WebPreferences.mm:

(+[WebPreferences initialize]):
(-[WebPreferences visualViewportEnabled]): Deleted.
(-[WebPreferences setVisualViewportEnabled:]): Deleted.

  • WebView/WebPreferencesPrivate.h:
  • WebView/WebView.mm:

(-[WebView _preferencesChanged:]):

Tools:

Remove the WK1 and WK2 preferences and MiniBrowser menu item for "visual viewports",
change the default value of the Setting to 'true', and hardcode WebView on iOS to
set it to false. The setting has shipped for several years and there's no need to turn
it off now.

Similarly, disable the "Visual Viewport API" on iOS WK1, since it makes no sense if
Visual Viewports are not enabled.

Remove the "visualViewportEnabled" flag and unused code paths from scrolling tree code
that only runs in WK2

  • MiniBrowser/mac/SettingsController.h:
  • MiniBrowser/mac/SettingsController.m:

(-[SettingsController init]):
(-[SettingsController _populateMenu]):
(-[SettingsController validateMenuItem:]):
(-[SettingsController visualViewportEnabled]): Deleted.
(-[SettingsController toggleVisualViewportEnabled:]): Deleted.

  • MiniBrowser/mac/WK1BrowserWindowController.m:

(-[WK1BrowserWindowController didChangeSettings]):

  • MiniBrowser/mac/WK2BrowserWindowController.m:

(-[WK2BrowserWindowController didChangeSettings]):

LayoutTests:

Remove "(visual viewport enabled 1)" from scrolling tree dumps. Remove calls
to "internals.settings.setVisualViewportEnabled(true)"

  • fast/dom/elementFromPoint-scaled-scrolled-layout-viewport.html:
  • fast/events/ios/rotation/resources/rotation-utils.js:
  • fast/visual-viewport/client-coordinates-relative-to-layout-viewport.html:
  • fast/visual-viewport/client-rects-relative-to-layout-viewport-zoomed.html:
  • fast/visual-viewport/client-rects-relative-to-layout-viewport.html:
  • fast/visual-viewport/nonzoomed-rects.html:
  • fast/visual-viewport/resize-event-fired-window-resized.html:
  • fast/visual-viewport/resize-event-fired.html:
  • fast/visual-viewport/rtl-nonzoomed-rects.html:
  • fast/visual-viewport/rtl-zoomed-rects.html:
  • fast/visual-viewport/rubberbanding-viewport-rects-extended-background.html:
  • fast/visual-viewport/rubberbanding-viewport-rects-header-footer.html:
  • fast/visual-viewport/rubberbanding-viewport-rects.html:
  • fast/visual-viewport/scroll-event-fired.html:
  • fast/visual-viewport/tiled-drawing/zoomed-fixed-scrolled-down-expected.txt:
  • fast/visual-viewport/tiled-drawing/zoomed-fixed-scrolled-down-then-up-expected.txt:
  • fast/visual-viewport/tiled-drawing/zoomed-fixed-scrolled-down-then-up.html:
  • fast/visual-viewport/tiled-drawing/zoomed-fixed-scrolled-down.html:
  • fast/visual-viewport/tiled-drawing/zoomed-fixed-scrolling-layers-state-expected.txt:
  • fast/visual-viewport/tiled-drawing/zoomed-fixed-scrolling-layers-state.html:
  • fast/visual-viewport/viewport-dimensions-exclude-custom-scrollbars.html:
  • fast/visual-viewport/viewport-dimensions-exclude-scrollbars.html:
  • fast/visual-viewport/viewport-dimensions-iframe.html:
  • fast/visual-viewport/viewport-dimensions-under-page-zoom.html:
  • fast/visual-viewport/viewport-dimensions.html:
  • fast/visual-viewport/visual-viewport-same-object.html:
  • fast/visual-viewport/zoomed-fixed-header-and-footer.html:
  • fast/visual-viewport/zoomed-fixed-scroll-down-then-up.html:
  • fast/visual-viewport/zoomed-fixed.html:
  • fast/visual-viewport/zoomed-rects.html:
  • fast/visual-viewport/zoomed-scroll-into-view-fixed.html:
  • fast/visual-viewport/zoomed-scroll-to-anchor-in-position-fixed.html:
  • platform/ios-wk2/scrollingcoordinator/scrolling-tree/coordinated-frame-expected.txt:
  • platform/ios-wk2/scrollingcoordinator/scrolling-tree/coordinated-frame-gain-scrolling-ancestor-expected.txt:
  • platform/ios-wk2/scrollingcoordinator/scrolling-tree/coordinated-frame-in-fixed-expected.txt:
  • platform/ios-wk2/scrollingcoordinator/scrolling-tree/coordinated-frame-lose-scrolling-ancestor-expected.txt:
  • platform/ios-wk2/scrollingcoordinator/scrolling-tree/fixed-inside-frame-expected.txt:
  • platform/ios-wk2/scrollingcoordinator/scrolling-tree/gain-scrolling-node-parent-expected.txt:
  • platform/ios-wk2/scrollingcoordinator/scrolling-tree/lose-scrolling-node-parent-expected.txt:
  • platform/ios-wk2/scrollingcoordinator/scrolling-tree/overflow-in-fixed-expected.txt:
  • platform/ios-wk2/scrollingcoordinator/scrolling-tree/remove-coordinated-frame-expected.txt:
  • platform/ios-wk2/scrollingcoordinator/scrolling-tree/remove-scrolling-role-expected.txt:
  • platform/ios-wk2/scrollingcoordinator/scrolling-tree/reparent-across-compositing-layers-expected.txt:
  • platform/ios-wk2/scrollingcoordinator/scrolling-tree/reparent-with-layer-removal-expected.txt:
  • platform/ios-wk2/scrollingcoordinator/scrolling-tree/scrolling-tree-includes-frame-expected.txt:
  • platform/ios-wk2/scrollingcoordinator/scrolling-tree/scrolling-tree-is-z-order-expected.txt:
  • platform/ios-wk2/scrollingcoordinator/scrolling-tree/toggle-coordinated-frame-scrolling-expected.txt:
  • scrollingcoordinator/scrolling-tree/coordinated-frame-expected.txt:
  • scrollingcoordinator/scrolling-tree/coordinated-frame-gain-scrolling-ancestor-expected.txt:
  • scrollingcoordinator/scrolling-tree/coordinated-frame-in-fixed-expected.txt:
  • scrollingcoordinator/scrolling-tree/coordinated-frame-lose-scrolling-ancestor-expected.txt:
  • scrollingcoordinator/scrolling-tree/fixed-inside-frame-expected.txt:
  • scrollingcoordinator/scrolling-tree/gain-scrolling-node-parent-expected.txt:
  • scrollingcoordinator/scrolling-tree/lose-scrolling-node-parent-expected.txt:
  • scrollingcoordinator/scrolling-tree/overflow-in-fixed-expected.txt:
  • scrollingcoordinator/scrolling-tree/remove-coordinated-frame-expected.txt:
  • scrollingcoordinator/scrolling-tree/remove-scrolling-role-expected.txt:
  • scrollingcoordinator/scrolling-tree/reparent-across-compositing-layers-expected.txt:
  • scrollingcoordinator/scrolling-tree/reparent-with-layer-removal-expected.txt:
  • scrollingcoordinator/scrolling-tree/scrolling-tree-includes-frame-expected.txt:
  • scrollingcoordinator/scrolling-tree/scrolling-tree-is-z-order-expected.txt:
  • scrollingcoordinator/scrolling-tree/toggle-coordinated-frame-scrolling-expected.txt:
  • scrollingcoordinator/scrolling-tree/toggle-coordinated-frame-scrolling.html: Don't insert the first scrolling tree

dump until the end, to avoid it affecting main frame height before we get the second layer tree.

  • tiled-drawing/scrolling/clamp-out-of-bounds-scrolls-expected.txt:
  • tiled-drawing/scrolling/fixed/absolute-inside-fixed-expected.txt:
  • tiled-drawing/scrolling/fixed/absolute-inside-out-of-view-fixed-expected.txt:
  • tiled-drawing/scrolling/fixed/fixed-in-overflow-expected.txt:
  • tiled-drawing/scrolling/fixed/fixed-position-out-of-view-expected.txt:
  • tiled-drawing/scrolling/fixed/fixed-position-out-of-view-negative-zindex-expected.txt:
  • tiled-drawing/scrolling/fixed/four-bars-expected.txt:
  • tiled-drawing/scrolling/fixed/four-bars-with-header-and-footer-expected.txt:
  • tiled-drawing/scrolling/fixed/four-bars-zoomed-expected.txt:
  • tiled-drawing/scrolling/fixed/negative-scroll-offset-expected.txt:
  • tiled-drawing/scrolling/fixed/negative-scroll-offset-in-view-expected.txt:
  • tiled-drawing/scrolling/fixed/nested-fixed-expected.txt:
  • tiled-drawing/scrolling/fixed/percentage-inside-fixed-expected.txt:
  • tiled-drawing/scrolling/frames/scroll-region-after-frame-layout-expected.txt:
  • tiled-drawing/scrolling/scrolling-tree-after-scroll-expected.txt:
  • tiled-drawing/scrolling/scrolling-tree-slow-scrolling-expected.txt:
  • tiled-drawing/scrolling/sticky/negative-scroll-offset-expected.txt:
  • tiled-drawing/scrolling/sticky/sticky-horizontal-expected.txt:
  • tiled-drawing/scrolling/sticky/sticky-vertical-expected.txt:
11:02 PM Changeset in webkit [241933] by Carlos Garcia Campos
  • 2 edits in trunk/Source/WebKit

[GTK] Epiphany searching for plugins even if plugins are disabled
https://bugs.webkit.org/show_bug.cgi?id=194352

Reviewed by Michael Catanzaro.

Check pluginsEnabled setting before trying to get plugins from UI process.

  • WebProcess/Plugins/WebPluginInfoProvider.cpp:

(WebKit::WebPluginInfoProvider::populatePluginCache):

10:46 PM Changeset in webkit [241932] by Darin Adler
  • 33 edits
    2 adds in trunk

Some refinements for Node and Document
https://bugs.webkit.org/show_bug.cgi?id=194764

Reviewed by Ryosuke Niwa.

Source/WebCore:

  • accessibility/AccessibilityObject.cpp:

(WebCore::AccessibilityObject::press): Use shadowHost instead of
deprecatedShadowAncestorNode.
(WebCore::AccessibilityObject::axObjectCache const): Tweak coding style.
(WebCore::AccessibilityObject::focusedUIElement const): Use existing page
function to streamline.

  • accessibility/AccessibilityRenderObject.cpp:

(WebCore::AccessibilityRenderObject::accessKey const): Use
attributeWithoutSynchronization for efficiency and consistency with other
code working with the accesskey attribute.

  • dom/ContainerNode.cpp:

(WebCore::ContainerNode::childrenChanged): Added call to
invalidateAccessKeyCache, replacing old scheme tied to style recalculation.

  • dom/DecodedDataDocumentParser.cpp:

(WebCore::DecodedDataDocumentParser::appendBytes): Update for name and return
type change of createDecoderIfNeeded to decoder.
(WebCore::DecodedDataDocumentParser::flush): Ditto.

  • dom/Document.cpp:

(WebCore::Document::elementForAccessKey): Renamed from getElementForAccessKey
to match WebKit coding style. Changed to use unique_ptr instead of separate
boolean to keep track of map validity status.
(WebCore::Document::buildAccessKeyCache): Renamed from buildAccessKeyMap to
clarify that this is a cache. Changed to use composedTreeDescendants rather
than explicit calls to shadowRoot. Use add instead of set so that first element
in document order wins, instead of last element in document order. Updated
to make a new map in a new unique_ptr instead of populating a map.
(WebCore::Document::invalidateAccessKeyCacheSlowCase): Renamed from
invalidateAccessKeyMap, and left an inline part in the header so the fast case
of quickly checking for a null pointer can be inlined.
(WebCore::Document::doctype const): Use downcast instead of static_cast.
(WebCore::Document::scheduleStyleRecalc): Moved call to invalidateAccessKeyMap
from here to childrenChanged and accesskey attribute change handling.
(WebCore::Document::processFormatDetection): Set m_isTelephoneNumberParsingAllowed
directly since this is the only place that does it and we don't need to factor
that one line of code into a function.
(WebCore::Document::getOverrideStyle): Moved to header since it's just a stub
that always returns nullptr and can be inlined.
(WebCore::Document::setIsTelephoneNumberParsingAllowed): Deleted.
(WebCore::Document::ensureTemplateDocument): Removed nullptr frame argument to
the create function, since Document::create now always involves no frame.
(WebCore::Document::didAssociateFormControl): Changed argument type to a reference
and simplified the logic with a local variable.
(WebCore::Document::didAssociateFormControlsTimerFired): Simplified the null
checks and rearranged things so that m_associatedFormControls will always
get cleared even if the document is no longer associated with a page.

  • dom/Document.h: Removed unnnecessary explicit values for enumerations (first

value is always zero, etc.) and formatted simple enumerations in a single line
for easier reading. Moved Document::create fucntion bodies out of line, removed
the frame argument from the simple "create with URL" overload and made the frame
argument for createNonRenderedPlaceholder be a reference rather than a pointer.
Renamed getElementByAccessKey to elementForAccessKey, invalidateAccessKeyMap to
invalidateAccessKeyCache, buildAccessKeyMap to buildAccessKeCache,
m_elementsByAccessKey to m_accessKeyCache and changed its type.
Removed bogus "DOM methods" comment, unused setParserFeature friend declaration,
setIsTelephoneNumberParsingAllowed function, and m_accessKeyMapValid flag.

  • dom/Document.idl: Added comment highlighting that getOverrideStyle is just a

placeholder returning null.

  • dom/Element.cpp:

(WebCore::Element::attributeChanged): Call invalidateAccessKeyCache when the
value of the accesskey attribute is changed. Also moved the class attribute code
so the attributes here are in alphabetical order (only class and id were out of
alphabetical order).

  • dom/Node.cpp:

(WebCore::Node::isDescendantOrShadowDescendantOf const): Rewrote to no longer
use deprecatedShadowAncestorNode and used boolean operators to make it a
single line and easier to understand. Also added a FIXME since the
containsIncludingShadowDOM function is so similar, yet differently written.
(WebCore::Node::contains const): Rewrote as a single line to make this easier
to read and to *slightly* improve the speed in the "this == node" case.
(WebCore::Node::containsIncludingHostElements const): Use downcast.
(WebCore::Node::deprecatedShadowAncestorNode const): Deleted.

  • dom/Node.h: Deleted now-unused deprecatedShadowAncestorNode.
  • editing/ReplaceSelectionCommand.cpp:

(WebCore::ReplacementFragment::ReplacementFragment): Rewrote to use shadowHost
instead of deprecatedShadowAncestorNode.

  • html/FormAssociatedElement.cpp:

(WebCore::FormAssociatedElement::resetFormOwner): Pass reference to
didAssociateFormControl.
(WebCore::FormAssociatedElement::formAttributeChanged): Ditto.

  • html/HTMLAreaElement.cpp:

(WebCore::HTMLAreaElement::parseAttribute): Removed special case for accesskey
attribute, because we want to call the base class parseAttribute in that case.

  • html/HTMLFormElement.cpp:

(WebCore::HTMLFormElement::insertedIntoAncestor): Pass reference to
didAssociateFormControl.

  • html/HTMLSelectElement.cpp:

(WebCore::HTMLSelectElement::parseAttribute): Removed special case for accesskey
attribute with mysterious FIXME, because we want to call the base class
parseAttribute in that case. The old code had no effect before; the access key
logic would still find the attribute; if the goal is to ignore the attribute
for these elements we will need a different solution.

  • html/HTMLTextAreaElement.cpp:

(WebCore::HTMLTextAreaElement::parseAttribute): Ditto.

  • loader/DocumentLoader.cpp:

(WebCore::DocumentLoader::DocumentLoader): Removed code that was always passing
nullptr as the frame for the newly created DocumentWriter. It used m_frame, but
m_frame was always null.
(WebCore::DocumentLoader::attachToFrame): Pass reference to DocumentWriter::setFrame.

  • loader/DocumentWriter.cpp:

(WebCore::DocumentWriter::DocumentWriter): Deleted. The old version set m_frame to
the passed in frame, which was always nullptr, and initialized some booleans and an
enumeration, which are now initialized in the class definition.
(WebCore::DocumentWriter::createDocument): Pass a reference for the frame.
(WebCore::DocumentWriter::begin): Updated now that State is an enum class.
(WebCore::DocumentWriter::decoder): Renamed from createDecoderIfNeeded and changed
to return a reference.
(WebCore::DocumentWriter::addData): Use RELEASE_ASSERT instead of if/CRASH and
updated now that State is an enum class.
(WebCore::DocumentWriter::insertDataSynchronously): Updated now that State is an
enum class.
(WebCore::DocumentWriter::end): Ditto.

  • loader/DocumentWriter.h: Removed unneeded include and forward declaration.

Removed the frame pointer argument to the constructor, caller was always passing a
nullptr. Changed argument to setFrame to be a reference. Renamed createDecoderIfNeeded
to decoder and changed it to return a reference. Initialized m_frame,
m_hasReceivedSomeData, m_encodingWasChosenByUser, and m_state here so we don't need
to initialize them in a constructor. Renamed the enum from WriterState to State since
it's a member of DocumentWriter already, and made it an enum class rather than ending
each enumeration value with WritingState.

  • page/DragController.cpp:

(WebCore::isEnabledColorInput): Removed boolean argument setToShadowAncestor. The
one caller that formerly passed true now calls the new hasEnabledColorInputAsShadowHost
function instead.
(WebCore::hasEnabledColorInputAsShadowHost): Added.
(WebCore::elementUnderMouse): Use shadowHost instead of deprecatedShadowAncestorNode.
Also added FIXME since it seems this should instead be using parentElementInComposedTree.
(WebCore::DragController::concludeEditDrag): Removed "false" argument to isEnabledColorInput.
(WebCore::DragController::canProcessDrag): Removed "true" argument to isEnabledColorInput
and added call to hasEnabledColorInputAsShadowHost. Also put the value of the node to drag
into a local variable to simplify code.
(WebCore::DragController::draggableElement const): Removed "false" argument to isEnabledColorInput.

  • page/EventHandler.cpp:

(WebCore::EventHandler::handleAccessKey): Update name of elementForAccessKey.

  • page/FocusController.cpp:

(WebCore::clearSelectionIfNeeded): Use shadowHost instead of deprecatedShadowAncestorNode.

  • workers/service/context/ServiceWorkerThreadProxy.cpp:

(WebCore::createPageForServiceWorker): Pass reference instead of pointer for frame to
Document::createNonRenderedPlaceholder.

Source/WebInspectorUI:

  • UserInterface/Models/NativeFunctionParameters.js: Removed getOverrideStyle

because this deprecated non-working function is no longer something web authors
should be thinking about or typing.

Source/WebKit:

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMDocumentGtk.cpp:

(webkit_dom_document_get_override_style): Changed to return nullptr directly instead of
calling a bunch of WebCore code first. No real value in checking arguments or doing any work.

  • WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:

(WebKit::WebFrameLoaderClient::shouldAlwaysUsePluginDocument const): Deleted.
No need to override the function inherited from the base class, nor to keep track of the
unnecessary task of implementing this some day.

  • WebProcess/WebCoreSupport/WebFrameLoaderClient.h: Updated for the above.

Source/WebKitLegacy/mac:

  • DOM/DOMDocument.mm:

(-[DOMDocument getOverrideStyle:pseudoElement:]): Return nil without calling
through to WebCore or even looking at the arguments.
(-[DOMDocument getOverrideStyle::]): Ditto.

LayoutTests:

fast/forms/access-key-shadow-and-ordering-expected.txt: Added.
fast/forms/access-key-shadow-and-ordering.html: Added.

10:46 PM Changeset in webkit [241931] by dbates@webkit.org
  • 3 edits in trunk/LayoutTests

Fix the test failure following r241918
(https://bugs.webkit.org/show_bug.cgi?id=194906)

For some reason strict cookies are sent via HTTP in WK1 and not in WK2. Will investigate in <https://bugs.webkit.org/show_bug.cgi?id=194933>.
This sub-test failure occurs with and without the patch. As the primary purpose of this test
was to ensure correctness for Same Site lax cookies, I've amended the test and test result
for now.

  • http/tests/cookies/same-site/user-load-cross-site-redirect-expected.txt:
  • http/tests/cookies/same-site/user-load-cross-site-redirect.php:
8:29 PM Changeset in webkit [241930] by aestes@apple.com
  • 1 edit in trunk/Source/WebCore/ChangeLog

Removed a duplicate ChangeLog entry.

8:21 PM Changeset in webkit [241929] by sbarati@apple.com
  • 16 edits
    2 copies in trunk/Source/JavaScriptCore

Update JSScript SPI based on feedback
https://bugs.webkit.org/show_bug.cgi?id=194517

Reviewed by Keith Miller.

This patch updates the JSScript SPI in the following ways:

  • JSScript can now represent both modules and programs. This is a property

of the script determined during creation.

  • JSScript now takes a sourceURL during construction. For modules, this acts

as the module identifier.

  • JSScript now has SPI for writing the cache out to disk. We don't do this

automatically.

  • JSScript will load the bytecode cache on creation if it exists.
  • We retrofit these new requirements on the prior JSScript SPI that

we're going to remove as soon as we can: https://bugs.webkit.org/show_bug.cgi?id=194909.
Previous SPI assumes all JSScripts are modules. Previous SPI also assigns
a sourceURL to the JSScript based on what the module loader decided the
identifier should be. We'll remove this once we remove the old SPI.

This patch also adds SPI to JSContext to evaluate a JSScript. For modules,
this is like returning the result of doing dynamic import. For programs,
this does normal program evaluation.

This patch also fixes a bug in generateBytecode/generateModuleBytecode where
we would try to cache the bytecode even if recursivelyGenerateUnlinkedCodeBlock
returned null. E.g, if the script had a syntax error.

When writing tests, I also discovered that someone previously broke
testapi. This patch also fixes those failures. They were broken when
we switched to using a testapiScripts directory to hold our test .js
scripts.

  • API/JSAPIGlobalObject.h:
  • API/JSAPIGlobalObject.mm:

(JSC::JSAPIGlobalObject::moduleLoaderResolve):
(JSC::JSAPIGlobalObject::moduleLoaderFetch):
(JSC::JSAPIGlobalObject::loadAndEvaluateJSScriptModule):

  • API/JSBase.cpp:

(JSEvaluateScriptInternal):
(JSEvaluateScript):

  • API/JSBaseInternal.h: Added.
  • API/JSContext.mm:

(-[JSContext evaluateScript:withSourceURL:]):
(-[JSContext evaluateJSScript:]):

  • API/JSContextPrivate.h:
  • API/JSScript.h:
  • API/JSScript.mm:

(+[JSScript scriptWithSource:inVirtualMachine:]):
(+[JSScript scriptFromASCIIFile:inVirtualMachine:withCodeSigning:andBytecodeCache:]):
(createError):
(+[JSScript scriptOfType:inVirtualMachine:withSourceURL:andSource:andBytecodeCache:error:]):
(+[JSScript scriptOfType:inVirtualMachine:memoryMappedFromASCIIFile:withSourceURL:andBytecodeCache:error:]):
(-[JSScript cacheBytecodeWithError:]):
(-[JSScript sourceURL]):
(-[JSScript type]):
(-[JSScript jsSourceCode]):
(-[JSScript writeCache:]):
(-[JSScript setSourceURL:]):
(-[JSScript forceRecreateJSSourceCode]):
(-[JSScript writeCache]): Deleted.
(-[JSScript jsSourceCode:]): Deleted.

  • API/JSScriptInternal.h:
  • API/tests/FunctionOverridesTest.cpp:

(testFunctionOverrides):

  • API/tests/testapi.c:

(main):

  • API/tests/testapi.mm:

(tempFile):
(testModuleBytecodeCache):
(testProgramBytecodeCache):
(testBytecodeCacheWithSyntaxError):
(testProgramJSScriptException):
(testLoadBasicFileLegacySPI):
(+[JSContextMemoryMappedLoaderDelegate newContext]):
(-[JSContextMemoryMappedLoaderDelegate context:fetchModuleForIdentifier:withResolveHandler:andRejectHandler:]):
(testLoadBasicFile):
(+[JSContextAugmentedLoaderDelegate newContext]):
(-[JSContextAugmentedLoaderDelegate context:fetchModuleForIdentifier:withResolveHandler:andRejectHandler:]):
(testJSScriptURL):
(testObjectiveCAPI):
(testBytecodeCache): Deleted.

  • API/tests/testapiScripts/foo.js: Added.
  • JavaScriptCore.xcodeproj/project.pbxproj:
  • runtime/Completion.cpp:

(JSC::generateBytecode):
(JSC::generateModuleBytecode):

6:58 PM Changeset in webkit [241928] by rniwa@webkit.org
  • 10 edits in trunk

Discard cached processes when clearing website data store
https://bugs.webkit.org/show_bug.cgi?id=194894

Reviewed by Chris Dumez.

Source/WebKit:

Clear the process cache when clearing the website data store so that there is no way to infer
which site the user had visited by observing for which sites WebContent processes had been cached.

There is one sublty in WebsiteDataStore::removeData that we have to delay the clearing of
the web process cache until the next run loop because SuspendedPageProxy::~SuspendedPageProxy
invokes WebProcessProxy::maybeShutDown in the next run loop. We also have to disable the process
cache during this time as it would otherwise trigger the responsiveness check of WebContent process
can take arbitrarily long time.

  • UIProcess/API/Cocoa/WKProcessPool.mm:

(-[WKProcessPool _processCacheCapacity]): Added for testing.

  • UIProcess/API/Cocoa/WKProcessPoolPrivate.h:
  • UIProcess/WebProcessCache.cpp:

(WebKit::WebProcessCache::addProcess): Avoid adding web processes to the cache while the suspended
pages are being cleared.

  • UIProcess/WebProcessCache.h:

(WebKit::WebProcessCache::disabled const): Added.
(WebKit::WebProcessCache::setDisabled): Added.

  • UIProcess/WebProcessPool.cpp:

(WebKit::WebProcessPool::handleMemoryPressureWarning):
(WebKit::WebProcessPool::clearSuspendedPages): Added.

  • UIProcess/WebProcessPool.h:
  • UIProcess/WebsiteData/WebsiteDataStore.cpp:

(WebKit::WebsiteDataStore::removeData):

Tools:

Added a test case.

  • TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:

(TestWebKitAPI.ProcessSwap.NumberOfCachedProcesses): Added.

6:02 PM Changeset in webkit [241927] by mark.lam@apple.com
  • 15 edits in trunk/Source/JavaScriptCore

Add more doesGC() assertions.
https://bugs.webkit.org/show_bug.cgi?id=194911
<rdar://problem/48285723>

Reviewed by Saam Barati and Yusuke Suzuki.

  • dfg/DFGOSRExit.cpp:

(JSC::DFG::OSRExit::compileOSRExit):

  • Set expectDoesGC here because we no longer have to worry about missing store barriers in optimized code after this point. This will prevent false positive assertion failures arising from functions called beneath compileOSRExit().

(JSC::DFG::OSRExit::compileExit):

  • Add a comment to explain why the generated ramp needs to set expectDoesGC even though compileOSRExit() also sets it. Reason: compileOSRExit() is only called for the first OSR from this code origin, the generated ramp is called for many subsequents OSR exits from this code origin.
  • ftl/FTLOSRExitCompiler.cpp:

(JSC::FTL::compileStub):

  • Added a comment for the equivalent reason to the one above.

(JSC::FTL::compileFTLOSRExit):

  • Set expectDoesGC here because we no longer have to worry about missing store barriers in optimized code after this point. This will prevent false positive assertion failures arising from functions called beneath compileFTLOSRExit().
  • heap/CompleteSubspace.cpp:

(JSC::CompleteSubspace::tryAllocateSlow):

  • heap/CompleteSubspaceInlines.h:

(JSC::CompleteSubspace::allocateNonVirtual):

  • assert expectDoesGC.
  • heap/DeferGC.h:

(JSC::DeferGC::~DeferGC):

  • assert expectDoesGC.
  • Also added WTF_FORBID_HEAP_ALLOCATION to DeferGC, DeferGCForAWhile, and DisallowGC because all 3 should be stack allocated RAII objects.
  • heap/GCDeferralContext.h:
  • heap/GCDeferralContextInlines.h:

(JSC::GCDeferralContext::~GCDeferralContext):

  • Added WTF_FORBID_HEAP_ALLOCATION.
  • assert expectDoesGC.
  • heap/Heap.cpp:

(JSC::Heap::collectNow):
(JSC::Heap::collectAsync):
(JSC::Heap::collectSync):
(JSC::Heap::stopIfNecessarySlow):
(JSC::Heap::collectIfNecessaryOrDefer):

  • heap/HeapInlines.h:

(JSC::Heap::acquireAccess):
(JSC::Heap::stopIfNecessary):

  • heap/LargeAllocation.cpp:

(JSC::LargeAllocation::tryCreate):

  • heap/LocalAllocatorInlines.h:

(JSC::LocalAllocator::allocate):

  • conservatively assert expectDoesGC on these functions that may trigger a GC though they don't always do.
  • runtime/DisallowScope.h:
  • DisallowScope should be stack allocated because it's an RAII object.
  • runtime/JSCellInlines.h:

(JSC::tryAllocateCellHelper):

  • Remove the expectDoesGC assertion because it is now covered by assertions in CompleteSubspace, LargeAllocation, and LocalAllocator.
  • runtime/RegExpMatchesArray.h:

(JSC::createRegExpMatchesArray):

  • assert expectDoesGC.
5:58 PM Changeset in webkit [241926] by commit-queue@webkit.org
  • 8 edits in trunk

Clicking "Go Back" on a safe browsing warning before a WKWebView has loaded any page should request to close the WKWebView
https://bugs.webkit.org/show_bug.cgi?id=194914
<rdar://problem/47586889>

Patch by Alex Christensen <achristensen@webkit.org> on 2019-02-21
Reviewed by Geoffrey Garen.

Source/WebKit:

  • UIProcess/API/APIUIClient.h:

(API::UIClient::didShowSafeBrowsingWarning):
(API::UIClient::didClickGoBackFromSafeBrowsingWarning): Deleted.

  • UIProcess/API/Cocoa/WKUIDelegatePrivate.h:
  • UIProcess/Cocoa/UIDelegate.h:
  • UIProcess/Cocoa/UIDelegate.mm:

(WebKit::UIDelegate::setDelegate):
(WebKit::UIDelegate::UIClient::didClickGoBackFromSafeBrowsingWarning): Deleted.

  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::decidePolicyForNavigationAction):

Tools:

  • TestWebKitAPI/Tests/WebKitCocoa/SafeBrowsing.mm:

(-[SafeBrowsingNavigationDelegate webViewDidClose:]):
(TEST):
(-[SafeBrowsingNavigationDelegate _webViewDidClickGoBackFromSafeBrowsingWarning:]): Deleted.

5:51 PM Changeset in webkit [241925] by timothy_horton@apple.com
  • 2 edits in trunk/Source/WebKit

Turn a high-value UI-side-compositing assertion into a release assert
https://bugs.webkit.org/show_bug.cgi?id=194887

Reviewed by Simon Fraser.

  • WebProcess/WebPage/RemoteLayerTree/PlatformCALayerRemote.cpp:

(WebKit::PlatformCALayerRemote::recursiveBuildTransaction):
There is absolutely no situation in which this assert should fire
if WebKit is behaving correctly, and it will basically always result
in a UI process crash (or at least confusion), so make it a release assert.
This would have saved us a lot of stress in bug 194845.

5:05 PM Changeset in webkit [241924] by don.olmstead@sony.com
  • 3 edits in trunk/Source/WebKit

[MSVC] Fix compilation errors with lambdas in ResourceLoadStatistics
https://bugs.webkit.org/show_bug.cgi?id=194913

Reviewed by Brent Fulgham.

MSVC has problems with the scoping of this within a nested lambda. To work around the
behavior the enclosing lambda's wrapping of this is used within the nested lambda.

  • NetworkProcess/Classifier/ResourceLoadStatisticsMemoryStore.cpp:

(WebKit::ResourceLoadStatisticsMemoryStore::processStatisticsAndDataRecords):

  • NetworkProcess/Classifier/WebResourceLoadStatisticsStore.cpp:

(WebKit::WebResourceLoadStatisticsStore::requestStorageAccessGranted):

5:04 PM Changeset in webkit [241923] by ysuzuki@apple.com
  • 12 edits in trunk/Source/JavaScriptCore

[JSC] Use Fast Malloc as much as possible
https://bugs.webkit.org/show_bug.cgi?id=194316

Reviewed by Mark Lam.

We should use Fast Malloc as much as possible to offer the whole memory view to bmalloc.

  • inspector/scripts/codegen/cpp_generator_templates.py:
  • inspector/scripts/tests/all/expected/definitions-with-mac-platform.json-result:
  • inspector/scripts/tests/generic/expected/enum-values.json-result:
  • inspector/scripts/tests/generic/expected/events-with-optional-parameters.json-result:
  • inspector/scripts/tests/generic/expected/generate-domains-with-feature-guards.json-result:
  • inspector/scripts/tests/mac/expected/definitions-with-mac-platform.json-result:
  • jit/ExecutableAllocator.h:
  • jsc.cpp:
  • runtime/JSRunLoopTimer.h:
  • tools/VMInspector.h:
  • wasm/WasmThunks.h:
4:14 PM Changeset in webkit [241922] by Alan Coon
  • 2 edits in branches/safari-607-branch/Source/WebKit

Cherry-pick r241919. rdar://problem/48267027

Fix API test crashes after r241855.

Reviewed by Ryosuke Niwa.

  • UIProcess/WebProcessCache.cpp: (WebKit::WebProcessCache::addProcessIfPossible):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241919 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4:14 PM Changeset in webkit [241921] by Alan Coon
  • 2 edits in branches/safari-607-branch/Source/WebKit

Cherry-pick r241868. rdar://problem/48267027

Unreviewed API test fix after r241855.

  • UIProcess/WebProcessProxy.cpp: (WebKit::WebProcessProxy::~WebProcessProxy):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241868 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4:03 PM Changeset in webkit [241920] by ddkilzer@apple.com
  • 2 edits in trunk/Tools

Leak of CFErrorRef objects (1.92 Kbytes) in com.apple.WebKit.WebContent.Development running WebKit layout tests on iOS Simulator
<https://webkit.org/b/194761>

Reviewed by Myles Maxfield.

  • WebKitTestRunner/InjectedBundle/cocoa/ActivateFontsCocoa.mm:

(WTR::activateSystemCoreWebFonts): Log error to console if
CTFontManagerRegisterFontsForURL() fails (macOS only). Update
to use ARC-compliant cast.
(WTR::activateFonts): Change 0 to nullptr. Update to use
ARC-compliant cast.
(WTR::installFakeHelvetica): Log error to console if
CTFontManagerRegisterFontsForURL() fails, but only on supported
platforms (macOS Mojave/iOS 12 and newer, not iOS Simulator).
Call CFRelease() on error to fix the leak. Update to use
ARC-compliant cast.
(WTR::uninstallFakeHelvetica): Update to use ARC-compliant
cast.

3:59 PM Changeset in webkit [241919] by Chris Dumez
  • 2 edits in trunk/Source/WebKit

Fix API test crashes after r241855.

Reviewed by Ryosuke Niwa.

  • UIProcess/WebProcessCache.cpp:

(WebKit::WebProcessCache::addProcessIfPossible):

3:54 PM Changeset in webkit [241918] by dbates@webkit.org
  • 4 edits
    2 adds in trunk

Same Site Lax cookies are not sent with cross-site redirect from client-initiated load
https://bugs.webkit.org/show_bug.cgi?id=194906
<rdar://problem/44305947>

Reviewed by Brent Fulgham.

Source/WebCore:

Ensure that a request for a top-level navigation is annotated as such regardless of whether
the request has a computed Same Site policy.

"New loads" initiated by a the client (Safari) either by API or a human either explicitly
typing a URL in the address bar or Command + clicking a hyperlink to open it in a new window/tab
are always considered Same Site. This is by definition from the spec. [1] as we aren't navigating
from an existing page. (Command + click should be thought of as a convenience to the user from
having to copy the hyperlink's URL, create a new window, and paste the URL into the address bar).
Currently the frame loader marks a request as a top-level navigation if and only if the request
does not have a pre-computed Same Site policy. However, "New loads" have a pre-computed Same Site
policy. So, these loads would never be marked as a top-level navigation by the frame loading code.
Therefore, if the "new load" turned out to be a cross-site redirect then WebKit would incorrectly
tell the networking stack that the load was a cross-site, non-top-level navigation, and per the
Same Site spec [2], the networking stack would not send Same Site Lax cookies. Instead,
WebKit should unconditionally ensure that requests are marked as a top-level navigation, if applicable.

[1] See Note for (1) in <https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis-02#section-5.2>
[2] <https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis-02#section-5.3.7.1>

Test: http/tests/cookies/same-site/user-load-cross-site-redirect.php

  • loader/FrameLoader.cpp:

(WebCore::FrameLoader::addExtraFieldsToRequest): Unconditionally update the request's top-
level navigation bit.

  • platform/network/ResourceRequestBase.cpp:

(WebCore::ResourceRequestBase::setAsIsolatedCopy): Unconditionally copy a request's top-
level navigation bit.

LayoutTests:

Add a test that is representative of a user loading a cross-site page that redirects
to a page that expects Same Site Lax cookies.

  • http/tests/cookies/same-site/user-load-cross-site-redirect-expected.txt: Added.
  • http/tests/cookies/same-site/user-load-cross-site-redirect.php: Added.
3:53 PM Changeset in webkit [241917] by Chris Dumez
  • 2 edits in trunk/Tools

Flaky API Test: TestWebKitAPI.ProcessSwap.SuspendedPageLimit
https://bugs.webkit.org/show_bug.cgi?id=194481

Reviewed by Alex Christensen.

Give the processes a chance to shutdown and wait until we reached the expected number
of processes.

  • TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:
3:16 PM Changeset in webkit [241916] by timothy_horton@apple.com
  • 2 edits in trunk/Tools

Fix the macOS build

  • TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:
3:12 PM Changeset in webkit [241915] by pvollan@apple.com
  • 7 edits in trunk

Layout Test fast/text/international/khmer-selection.html is crashing
https://bugs.webkit.org/show_bug.cgi?id=191368

Reviewed by Brent Fulgham.

Source/WebCore:

GlyphBuffer's offset array wasn't getting filled by UniscribeController.
Our underlining code requires this array.

Uniscribe gives us a character -> glyph mapping, so we just have to compute
the inverse and give it to the GlyphBuffer.

This patch is written by Myles C. Maxfield.

Test: fast/text/international/khmer-selection.html.

  • platform/graphics/GlyphBuffer.h:

(WebCore::GlyphBuffer::add):

  • platform/graphics/displaylists/DisplayListItems.cpp:

(WebCore::DisplayList::DrawGlyphs::generateGlyphBuffer const):

  • platform/graphics/win/UniscribeController.cpp:

(WebCore::UniscribeController::advance):
(WebCore::UniscribeController::itemizeShapeAndPlace):
(WebCore::UniscribeController::shapeAndPlaceItem):

  • platform/graphics/win/UniscribeController.h:

LayoutTests:

  • platform/win/TestExpectations:
3:11 PM Changeset in webkit [241914] by aestes@apple.com
  • 1 edit in trunk/Source/WebCore/ChangeLog

contentfiltering tests leak documents
https://bugs.webkit.org/show_bug.cgi?id=189434
<rdar://44239943>

Reviewed by Simon Fraser.

Changed ContentFilter to capture the blocked Frame as a WeakPtr to break a reference cycle.

This fixes world leaks in several tests in LayoutTests/contentfiltering/.

  • bindings/js/ScriptController.h:
  • loader/ContentFilter.cpp:

(WebCore::ContentFilter::didDecide):

3:06 PM Changeset in webkit [241913] by sihui_liu@apple.com
  • 2 edits in trunk/Source/WebCore

IndexedDB: leak UniqueIDBDatabase in layout tests
https://bugs.webkit.org/show_bug.cgi?id=194870
<rdar://problem/48163812>

Reviewed by Geoffrey Garen.

UniqueIDBDatabase owns a pointer to itself after it is hard closed. It should release the pointer when it
receives confirmation from clients and all pending tasks are done. UniqueIDBDatabase already checks whether the
pointer should be released when a database task finishes, but it didn't perform a check when a confirm message
is received.

No new test as the order of task completion and confirmation arrival is uncertain.

  • Modules/indexeddb/server/UniqueIDBDatabase.cpp:

(WebCore::IDBServer::UniqueIDBDatabase::confirmDidCloseFromServer):

2:55 PM Changeset in webkit [241912] by Alan Coon
  • 2 edits in branches/safari-607-branch/Tools

Cherry-pick r241736. rdar://problem/48243264

Fix API test after r241728

https://bugs.webkit.org/show_bug.cgi?id=194723

  • TestWebKitAPI/Tests/WebKitCocoa/SafeBrowsing.mm: (TEST): The test should check the default preference value, not make sure the preference is NO after setting it to YES :/

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241736 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:55 PM Changeset in webkit [241911] by Alan Coon
  • 10 edits in branches/safari-607-branch

Cherry-pick r241728. rdar://problem/48243264

Disable safe browsing in WKWebView and remove its WKPreferences API
https://bugs.webkit.org/show_bug.cgi?id=194723
<rdar://problem/48122993>

Reviewed by Geoffrey Garen.

Source/WebKit:

  • Shared/WebPreferences.yaml:
  • UIProcess/API/Cocoa/WKPreferences.h:
  • UIProcess/API/Cocoa/WKPreferences.mm: (-[WKPreferences setSafeBrowsingEnabled:]): Deleted. (-[WKPreferences isSafeBrowsingEnabled]): Deleted.

Tools:

  • TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:
  • TestWebKitAPI/Tests/WebKitCocoa/SafeBrowsing.mm: (TEST): (safeBrowsingView): Make tests use SPI instead of API.

LayoutTests:

  • platform/mac-wk2/http/tests/navigation/keyboard-events-during-provisional-navigation-expected.txt: This test has results that depend on timing, and I need to update its results when I disable safe browsing. I've done this several times before. See r237876 for an example.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241728 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:55 PM Changeset in webkit [241910] by Alan Coon
  • 3 edits in branches/safari-607-branch/Source/WebKit

Cherry-pick r241618. rdar://problem/48243264

Add SPI version of WKPreferences.safeBrowsingEnabled
https://bugs.webkit.org/show_bug.cgi?id=194718
<rdar://problem/48122993>

Rubber-stamped by Brady Eidson.

  • UIProcess/API/Cocoa/WKPreferences.mm: (-[WKPreferences _isSafeBrowsingEnabled]): (-[WKPreferences _setSafeBrowsingEnabled:]):
  • UIProcess/API/Cocoa/WKPreferencesPrivate.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241618 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:55 PM Changeset in webkit [241909] by Alan Coon
  • 5 edits
    2 adds in branches/safari-607-branch

Apply patch. rdar://problem/48229545

2:55 PM Changeset in webkit [241908] by timothy_horton@apple.com
  • 2 edits in trunk/Tools

Fix ProcessSwap.PageOverlayLayerPersistence on macOS

  • TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:

I am a backwards.

2:55 PM Changeset in webkit [241907] by Alan Coon
  • 7 edits in branches/safari-607-branch/Source

Apply patch. rdar://problem/47289624

2:51 PM Changeset in webkit [241906] by aestes@apple.com
  • 3 edits in trunk/Source/WebCore

contentfiltering tests leak documents
https://bugs.webkit.org/show_bug.cgi?id=189434
<rdar://44239943>

Reviewed by Simon Fraser.

Changed ContentFilter to capture the blocked Frame as a WeakPtr to break a reference cycle.

This fixes world leaks in several tests in LayoutTests/contentfiltering/.

  • bindings/js/ScriptController.h:
  • loader/ContentFilter.cpp:

(WebCore::ContentFilter::didDecide):

2:50 PM Changeset in webkit [241905] by timothy_horton@apple.com
  • 2 edits in trunk/Tools

Fix ProcessSwap.PageOverlayLayerPersistence on macOS

  • TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:

We can't find the UI-side layer on macOS because we don't use UI-side compositing.
We could force on UI-side compositing, but I feel like the test might be more
valuable exercising the normal path on each platform (though the original
bug was also UI-side specific). Though we can't validate that the overlay
layer was installed successfully, there are layout tests that do that.

2:36 PM Changeset in webkit [241904] by dino@apple.com
  • 1 edit
    1 add in trunk/LayoutTests

Rotation animations sometimes use the wrong origin (affects apple.com)
https://bugs.webkit.org/show_bug.cgi?id=194878
<rdar://problem/43908047>

Reviewed by Simon Fraser.

Forgot the expected results file.

  • animations/additive-transform-animations-expected.html: Added.
2:34 PM Changeset in webkit [241903] by achristensen@apple.com
  • 10 edits in trunk/Source/WebKit

API::HTTPCookieStore should expose setCookies()
https://bugs.webkit.org/show_bug.cgi?id=194861

Reviewed by Brent Fulgham.

Pass a Vector<Cookie> instead of just one cookie at a time.
This will add the ability to set multiple cookies without an IPC roundtrip per cookie.

  • NetworkProcess/Cookies/WebCookieManager.cpp:

(WebKit::WebCookieManager::setCookie):

  • NetworkProcess/Cookies/WebCookieManager.h:
  • NetworkProcess/Cookies/WebCookieManager.messages.in:
  • UIProcess/API/APIHTTPCookieStore.cpp:

(API::HTTPCookieStore::setCookies):
(API::HTTPCookieStore::setCookie): Deleted.

  • UIProcess/API/APIHTTPCookieStore.h:
  • UIProcess/API/Cocoa/WKHTTPCookieStore.mm:

(-[WKHTTPCookieStore setCookie:completionHandler:]):

  • UIProcess/WebCookieManagerProxy.cpp:

(WebKit::WebCookieManagerProxy::setCookies):
(WebKit::WebCookieManagerProxy::setCookie): Deleted.

  • UIProcess/WebCookieManagerProxy.h:
2:02 PM Changeset in webkit [241902] by Alan Coon
  • 7 edits in branches/safari-607-branch/Source/WebKit

Cherry-pick r241855. rdar://problem/48267027

[PSON] Make sure hung processes are not kept alive by suspended pages or process caching
https://bugs.webkit.org/show_bug.cgi?id=194881
<rdar://problem/48249014>

Reviewed by Geoffrey Garen.

After we construct a SuspendedPageProxy and before we send the IPC to the WebProcess to
ask it to suspend, start a 10 seconds timer. If the process does not answer the request
to suspend before the timer fires, we destroy the SuspendedPageProxy so that we do not
keep a hung process around.

For the WebProcessCache, we now call WebProcessProxy::isResponsive() on the process
before adding it to the cache. Internally, this relies on an IPC handshake with the
WebProcess. If the process is not responsive, we do not add it to the cache and we
shut it down. If it is responsive then we proceed normally with adding it to the
cache.

  • UIProcess/SuspendedPageProxy.cpp: (WebKit::SuspendedPageProxy::SuspendedPageProxy): (WebKit::SuspendedPageProxy::didProcessRequestToSuspend): (WebKit::SuspendedPageProxy::suspensionTimedOut):
  • UIProcess/SuspendedPageProxy.h:
  • UIProcess/WebProcessCache.cpp: (WebKit::WebProcessCache::addProcessIfPossible): (WebKit::WebProcessCache::addProcess):
  • UIProcess/WebProcessCache.h:
  • UIProcess/WebProcessProxy.cpp: (WebKit::WebProcessProxy::processDidTerminateOrFailedToLaunch): (WebKit::WebProcessProxy::maybeShutDown): (WebKit::WebProcessProxy::isResponsive):
  • UIProcess/WebProcessProxy.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241855 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:02 PM Changeset in webkit [241901] by Alan Coon
  • 5 edits in branches/safari-607-branch

Cherry-pick r241845. rdar://problem/48267029

Regression(PSON) "Reload without content extensions" does not work when the main resource is blocked
https://bugs.webkit.org/show_bug.cgi?id=194872
<rdar://problem/47924500>

Reviewed by Alex Christensen.

Source/WebKit:

[WKWebView _reloadWithoutContentBlockers] relies on a ReloadOption flag that is passed to WebCore
instead of using WebsitePolicies.contentBlockersEnabled flag. If the reload causes a process swap
due to PSON, then the new process does not know about this ReloadOption and fails to honor it.

Since the modern way to do this is WebsitePolicies, and since WebsitePolicies are properly
propagated cross-process in case of process swap, this patch updates _reloadWithoutContentBlockers
to set a flag on the Navigation which we use to later set the WebsitePolicies.contentBlockersEnabled
flag in WebPageProxy::receivedNavigationPolicyDecision().

  • UIProcess/API/APINavigation.h: (API::Navigation::setUserContentExtensionsEnabled): (API::Navigation::userContentExtensionsEnabled const):
  • UIProcess/WebPageProxy.cpp: (WebKit::WebPageProxy::reload): (WebKit::WebPageProxy::receivedNavigationPolicyDecision):

Tools:

Add API test coverage.

  • TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241845 268f45cc-cd09-0410-ab3c-d52691b4dbfc

1:43 PM Changeset in webkit [241900] by commit-queue@webkit.org
  • 4 edits in trunk/Source

Move UIWebTouchEventsGestureRecognizer.activeTouchesByIdentifier to SPI
https://bugs.webkit.org/show_bug.cgi?id=194531
<rdar://problem/47714562>

Patch by Antoine Quint <Antoine Quint> on 2019-02-21
Reviewed by Tim Horton.

Follow-up commit to ensure this SPI is only called on newer versions of iOS.

Source/WebKit:

  • UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView cancelPointersForGestureRecognizer:]):

Source/WTF:

  • wtf/Platform.h:
1:34 PM Changeset in webkit [241899] by timothy_horton@apple.com
  • 17 edits
    1 add in trunk

Crash under RemoteLayerTreePropertyApplier::applyProperties when reattaching to old process
https://bugs.webkit.org/show_bug.cgi?id=194845
<rdar://problem/47944579>

Reviewed by Antti Koivisto.

Source/WebKit:

New test: ProcessSwap.PageOverlayLayerPersistence

  • Shared/RemoteLayerTree/RemoteLayerTreeTransaction.h:

(WebKit::RemoteLayerTreeTransaction::LayerProperties::notePropertiesChanged):
Keep track of all properties that have ever changed on a layer, so we
can re-send them if a layer moves between contexts.

  • WebProcess/WebPage/DrawingArea.cpp:

(WebKit::DrawingArea::~DrawingArea):
(WebKit::DrawingArea::removeMessageReceiverIfNeeded):

  • WebProcess/WebPage/DrawingArea.h:

(WebKit::DrawingArea::layerHostDidFlushLayers):
Make it possible to tear down DrawingArea's MessageReceiver before it is destroyed,
so that we can keep two DrawingAreas alive in a single process for a short time.

(WebKit::DrawingArea::adoptLayersFromDrawingArea):
Add adoptLayersFromDrawingArea; see below for its only useful implementation.

  • WebProcess/WebPage/RemoteLayerTree/GraphicsLayerCARemote.cpp:

(WebKit::GraphicsLayerCARemote::GraphicsLayerCARemote):
(WebKit::GraphicsLayerCARemote::~GraphicsLayerCARemote):
(WebKit::GraphicsLayerCARemote::createPlatformCALayer):
(WebKit::GraphicsLayerCARemote::createPlatformCALayerForEmbeddedView):
(WebKit::GraphicsLayerCARemote::moveToContext):

  • WebProcess/WebPage/RemoteLayerTree/GraphicsLayerCARemote.h:

Make it possible to move a GraphicsLayerCARemote between RemoteLayerTreeContexts.

  • WebProcess/WebPage/RemoteLayerTree/PlatformCALayerRemote.cpp:

(WebKit::PlatformCALayerRemote::create):
(WebKit::PlatformCALayerRemote::createForEmbeddedView):
(WebKit::PlatformCALayerRemote::~PlatformCALayerRemote):
(WebKit::PlatformCALayerRemote::moveToContext):

  • WebProcess/WebPage/RemoteLayerTree/PlatformCALayerRemote.h:
  • WebProcess/WebPage/RemoteLayerTree/PlatformCALayerRemoteCustom.mm:

(WebKit::PlatformCALayerRemoteCustom::create):
(WebKit::PlatformCALayerRemoteCustom::clone const):
Make it possible to move a PlatformCALayerRemote between RemoteLayerTreeContexts.

  • WebProcess/WebPage/RemoteLayerTree/RemoteLayerTreeContext.h:
  • WebProcess/WebPage/RemoteLayerTree/RemoteLayerTreeContext.mm:

(WebKit::RemoteLayerTreeContext::~RemoteLayerTreeContext):
(WebKit::RemoteLayerTreeContext::adoptLayersFromContext):
(WebKit::RemoteLayerTreeContext::layerDidEnterContext):
(WebKit::RemoteLayerTreeContext::layerWillLeaveContext):
(WebKit::RemoteLayerTreeContext::graphicsLayerDidEnterContext):
(WebKit::RemoteLayerTreeContext::graphicsLayerWillLeaveContext):
(WebKit::RemoteLayerTreeContext::layerWasCreated): Deleted.
(WebKit::RemoteLayerTreeContext::layerWillBeDestroyed): Deleted.
Keep track of all GraphicsLayerCARemote instances in the context, like we
do for PlatformCALayerRemote, so that we can update their context backpointers if needed.

Also make it possible to move all outstanding layers to a new context.

  • WebProcess/WebPage/RemoteLayerTree/RemoteLayerTreeDrawingArea.h:
  • WebProcess/WebPage/RemoteLayerTree/RemoteLayerTreeDrawingArea.mm:

(WebKit::RemoteLayerTreeDrawingArea::adoptLayersFromDrawingArea):

  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::reinitializeWebPage):
When doing a DrawingArea swap, transition all layers from the old context
to the new one. In order to do this, we temporarily keep both DrawingAreas
alive, but make use of the new mechanism to remove the old one's MessageReceiver
before installing the new one, so that destroying the old one later doesn't
remove it (avoiding re-introducing bug 189481).

Tools:

  • TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
  • TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:
1:27 PM Changeset in webkit [241898] by Alan Coon
  • 1 edit in branches/safari-607-branch/Source/WebKit/UIProcess/ProvisionalPageProxy.h

Unreviewed build fix. rdar://problem/48248223

1:27 PM Changeset in webkit [241897] by Alan Coon
  • 2 edits in branches/safari-607-branch/Source/WebKit

Cherry-pick r241853. rdar://problem/48248223

Unreviewed build fix after r241823.

  • UIProcess/SuspendedPageProxy.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241853 268f45cc-cd09-0410-ab3c-d52691b4dbfc

1:27 PM Changeset in webkit [241896] by Alan Coon
  • 7 edits in branches/safari-607-branch

Cherry-pick r241823. rdar://problem/48248223

Regression(PSON) Crash under WebKit::WebPageProxy::decidePolicyForNavigationActionSync
https://bugs.webkit.org/show_bug.cgi?id=194857
<rdar://problem/47759323>

Reviewed by Alex Christensen.

Source/WebKit:

The ProvisionalPageProxy was blindly forwarding the DecidePolicyForNavigationActionSync
synchronous IPC to the WebPageProxy, without passing it the process the IPC came from.
As a result, WebPageProxy::decidePolicyForNavigationActionSync() would try to look up
a WebFrameProxy using the provided frameID from the wrong process and we would end up
hitting a RELEASE_ASSERT().

  • UIProcess/ProvisionalPageProxy.cpp: (WebKit::ProvisionalPageProxy::decidePolicyForNavigationActionSync): (WebKit::ProvisionalPageProxy::didReceiveSyncMessage):
  • UIProcess/ProvisionalPageProxy.h:
  • UIProcess/WebPageProxy.cpp: (WebKit::WebPageProxy::decidePolicyForNavigationActionSync): (WebKit::WebPageProxy::decidePolicyForNavigationActionSyncShared):
  • UIProcess/WebPageProxy.h:

Tools:

Add API test coverage.

  • TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241823 268f45cc-cd09-0410-ab3c-d52691b4dbfc

1:27 PM Changeset in webkit [241895] by Alan Coon
  • 9 edits in branches/safari-607-branch

Apply patch. rdar://problem/48243214

REGRESSION (PSON): Can't access optumbank.com from myuhc.com https://bugs.webkit.org/show_bug.cgi?id=194797 <rdar://problem/48055151>

Reviewed by Geoffrey Garen.

Source/WebKit:

The issue was caused by us mistakenly process-swapping for a same-site server side redirect.
The reason we were getting it wrong is because the logic in
WebProcessPool::processForNavigationInternal() was expecting page.process() to be the source
process and page.pageLoadState().url() to be the source URL. Those assumptions are incorrect
when a server-side redirect occurs in a provisional process. In such case, the source process
is the ProvisionalPageProxy's process and the source URL is the provisional URL, not the
committed one.

  • UIProcess/ProvisionalPageProxy.cpp: (WebKit::ProvisionalPageProxy::didPerformServerRedirect): (WebKit::ProvisionalPageProxy::didReceiveServerRedirectForProvisionalLoadForFrame): (WebKit::ProvisionalPageProxy::didReceiveMessage):
  • UIProcess/ProvisionalPageProxy.h: Make sure the provisional page forwards IPC related to server-side redirects to the page so that the client gets informed.
  • UIProcess/WebPageProxy.cpp: (WebKit::WebPageProxy::receivedNavigationPolicyDecision): (WebKit::WebPageProxy::didPerformServerRedirect): (WebKit::WebPageProxy::didPerformServerRedirectShared):
  • UIProcess/WebPageProxy.h:
  • UIProcess/WebProcessPool.cpp: (WebKit::WebProcessPool::processForNavigation): (WebKit::WebProcessPool::processForNavigationInternal):
  • UIProcess/WebProcessPool.h:

Tools:

Add API test coverage.

  • TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@241752 268f45cc-cd09-0410-ab3c-d52691b4dbfc
(cherry picked from commit 53ac6d765e577c36c5c5e02659ee3ca21f25599f)

1:27 PM Changeset in webkit [241894] by Alan Coon
  • 3 edits in branches/safari-607-branch/Source/WebCore

Cherry-pick r241848. rdar://problem/48257838

Crash in DOMWindowExtension::suspendForPageCache
https://bugs.webkit.org/show_bug.cgi?id=194871

Reviewed by Chris Dumez.

This is a speculative fix for a crash in DOMWindowExtension::suspendForPageCache.

We think it's possible for DOMWindowExtension::suspendForPageCache notifying the clients via
dispatchWillDisconnectDOMWindowExtensionFromGlobalObject to remove other DOMWindowExtension's.
Check that each DOMWindowProperty is still in m_properties before invoking suspendForPageCache
to avoid the crash.

  • page/DOMWindow.cpp: (WebCore::DOMWindow::willDestroyCachedFrame): (WebCore::DOMWindow::willDestroyDocumentInFrame): (WebCore::DOMWindow::willDetachDocumentFromFrame): (WebCore::DOMWindow::suspendForPageCache): (WebCore::DOMWindow::resumeFromPageCache):
  • page/DOMWindowExtension.cpp: (WebCore::DOMWindowExtension::suspendForPageCache):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241848 268f45cc-cd09-0410-ab3c-d52691b4dbfc

1:27 PM Changeset in webkit [241893] by Alan Coon
  • 11 edits
    4 adds in branches/safari-607-branch

Cherry-pick r241788. rdar://problem/48248202

REGRESSION (r238090): Toggling visibility on the <html> element can result in a blank web view
https://bugs.webkit.org/show_bug.cgi?id=194827
rdar://problem/47620594

Reviewed by Antti Koivisto.

Source/WebCore:

Incremental compositing updates, added in rr238090, use repaints as a trigger for re-evaluating
layer configurations, since a repaint implies that a layer gains painted content. This is done
via the call to setNeedsCompositingConfigurationUpdate() in RenderLayerBacking::setContentsNeedDisplay{InRect}.
The RenderView's layer is opted out of this to avoid doing lots of redundant layer config recomputation
for the root. The configuration state that matters here is whether the layer contains painted content,
and therefore needs backing store; this is computed by RenderLayerBacking::isSimpleContainerCompositingLayer(),
and feeds into GraphicsLayer::drawsContent().

However, if <html> starts as "visibility:hidden" or "opacity:0", as some sites do to hide incremental loading,
then we'll fail to recompute 'drawsContent' for the root and leave the root with drawsContent=false, which
causes RenderLayerBacking::setContentsNeedDisplay{InRect} to short-circuit, and then we paint nothing.

Ironically, 'drawsContent' doesn't actually save any backing store for the root, since it has no affect on
the root tile caches; we always make tiles. So the simple fix here is to change RenderLayerBacking::isSimpleContainerCompositingLayer()
to always return false for the RenderView's layer (the root).

Testing this was tricky; ref testing doesn't work because we force repaint, and we normally skip
properties of the root in layer tree dumps to hide WK1/WK2 differences. Therefore I had to add
LAYER_TREE_INCLUDES_ROOT_LAYER_PROPERTIES and fix RenderLayerBacking::shouldDumpPropertyForLayer to
respect it.

Test: compositing/visibility/root-visibility-toggle.html

  • page/Frame.h:
  • platform/graphics/GraphicsLayer.cpp: (WebCore::GraphicsLayer::dumpProperties const):
  • platform/graphics/GraphicsLayerClient.h: (WebCore::GraphicsLayerClient::shouldDumpPropertyForLayer const):
  • rendering/RenderLayerBacking.cpp: (WebCore::RenderLayerBacking::isSimpleContainerCompositingLayer const): (WebCore::RenderLayerBacking::shouldDumpPropertyForLayer const):
  • rendering/RenderLayerBacking.h:
  • rendering/RenderLayerCompositor.cpp: (WebCore::RenderLayerCompositor::layerTreeAsText):
  • testing/Internals.cpp: (WebCore::toLayerTreeFlags):
  • testing/Internals.h:
  • testing/Internals.idl:

LayoutTests:

Test dumps layer tree with RenderLayerBacking::shouldDumpPropertyForLayer to show that the root has (drawsContent 1)

  • compositing/visibility/root-visibility-toggle-expected.txt: Added.
  • compositing/visibility/root-visibility-toggle.html: Added.
  • platform/mac-wk1/compositing/visibility/root-visibility-toggle-expected.txt: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241788 268f45cc-cd09-0410-ab3c-d52691b4dbfc

1:27 PM Changeset in webkit [241892] by Alan Coon
  • 2 edits in branches/safari-607-branch/Source/WebKit

Cherry-pick r241777. rdar://problem/48248215

Remove assertion introduced in r229683
https://bugs.webkit.org/show_bug.cgi?id=194825
<rdar://problem/47628258>

Reviewed by Geoffrey Garen.

  • WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp: (WebKit::WebFrameLoaderClient::dispatchWillSubmitForm): If we reach this code and the form's original Document's Frame has been destroyed, we have already been told to submit the form so do so, just like we do if the WebPage has been destroyed. This is a rare edge case having to do with the timing of Frame destruction and decidePolicyForNavigationAction response, which unfortunately does not reproduce with a test case unless the timing of IPC is just right.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241777 268f45cc-cd09-0410-ab3c-d52691b4dbfc

1:27 PM Changeset in webkit [241891] by Alan Coon
  • 2 edits in branches/safari-607-branch/Source/JavaScriptCore

Cherry-pick r241772. rdar://problem/48248228

Fix DFG doesGC() for TryGetById and ProfileType nodes.
https://bugs.webkit.org/show_bug.cgi?id=194821
<rdar://problem/48206690>

Reviewed by Saam Barati.

Fix doesGC() for the following nodes:

ProfileType:

calls operationProcessTypeProfilerLogDFG(), which can calculatedClassName(),
which can call JSString::tryGetValue(), which can resolve a rope.

TryGetById:

calls operationTryGetByIdOptimize(), which can startWatchingPropertyForReplacements()
on a structure, which can allocate StructureRareData.

  • dfg/DFGDoesGC.cpp: (JSC::DFG::doesGC):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241772 268f45cc-cd09-0410-ab3c-d52691b4dbfc

1:27 PM Changeset in webkit [241890] by Alan Coon
  • 2 edits in branches/safari-607-branch/Source/JavaScriptCore

Cherry-pick r241753. rdar://problem/48243425

Fix DFG doesGC() for CompareEq/Less/LessEq/Greater/GreaterEq and CompareStrictEq nodes.
https://bugs.webkit.org/show_bug.cgi?id=194800
<rdar://problem/48183773>

Reviewed by Yusuke Suzuki.

Fix doesGC() for the following nodes:

CompareEq:
CompareLess:
CompareLessEq:
CompareGreater:
CompareGreaterEq:
CompareStrictEq:

Only return false (i.e. does not GC) for child node use kinds that have
been vetted to not do anything that can GC. For all other use kinds
(including StringUse and BigIntUse), we return true (i.e. does GC).

  • dfg/DFGDoesGC.cpp: (JSC::DFG::doesGC):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241753 268f45cc-cd09-0410-ab3c-d52691b4dbfc

1:27 PM Changeset in webkit [241889] by Alan Coon
  • 2 edits in branches/safari-607-branch/Source/WebCore

Cherry-pick r241738. rdar://problem/48243338

Uncaught Exception crash in MediaPlayerPrivateAVFoundationObjC::setShouldObserveTimeControlStatus()
https://bugs.webkit.org/show_bug.cgi?id=194786

Reviewed by Eric Carlson.

Convert a runtime crash to a debug assert by wrapping the call to -[AVPlayer removeObserver:forKeyPath:]
in an exception handler.

  • platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm: (WebCore::MediaPlayerPrivateAVFoundationObjC::setShouldObserveTimeControlStatus):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241738 268f45cc-cd09-0410-ab3c-d52691b4dbfc

1:27 PM Changeset in webkit [241888] by Alan Coon
  • 12 edits in branches/safari-607-branch/Source

Cherry-pick r241721. rdar://problem/48243376

AX: PSON: Going back from apple.com to search results, cannot interact with HTML content. Disabling Swap Processes on Cross-Site Navigation resolves the issue.
https://bugs.webkit.org/show_bug.cgi?id=194742

Reviewed by Chris Dumez.

Source/WebCore:

With the new process model, WebProcess hits a case where it tries to send the "page loaded" notification before VoiceOver
had a chance to register for any notifications. This leads to those notifications being dropped (and thus this bug).

This change instead asks the UIProcess to send the notification, which we know VoiceOver has registered for, and can reliably
receive notifications.

It also sends the notification for "load failures," which to the VO users' perspective amounts to the same thing as a successful
page load.

  • accessibility/mac/AXObjectCacheMac.mm: (WebCore::AXObjectCache::frameLoadingEventPlatformNotification):

Source/WebKit:

Re-initialize the accessibility web process tokens when swapping processes.
Send page load notifications from the UIProcess instead of the WebProcess to improve reliability.

  • UIProcess/mac/PageClientImplMac.mm: (WebKit::PageClientImpl::didFinishLoadForMainFrame): (WebKit::PageClientImpl::didFailLoadForMainFrame):
  • WebProcess/WebPage/WebPage.cpp: (WebKit::WebPage::reinitializeWebPage):
  • WebProcess/WebPage/WebPage.h:
  • WebProcess/WebPage/gtk/WebPageGtk.cpp: (WebKit::WebPage::platformReinitialize): (WebKit::WebPage::platformDetach): Deleted. (WebKit::WebPage::platformEditorState const): Deleted. (WebKit::WebPage::updateAccessibilityTree): Deleted. (WebKit::WebPage::performDefaultBehaviorForKeyEvent): Deleted. (WebKit::WebPage::platformCanHandleRequest): Deleted. (WebKit::WebPage::platformUserAgent const): Deleted. (WebKit::WebPage::getCenterForZoomGesture): Deleted. (WebKit::WebPage::setInputMethodState): Deleted. (WebKit::WebPage::collapseSelectionInFrame): Deleted.
  • WebProcess/WebPage/ios/WebPageIOS.mm: (WebKit::WebPage::platformReinitialize):
  • WebProcess/WebPage/mac/WebPageMac.mm: (WebKit::WebPage::platformReinitialize):
  • WebProcess/WebPage/win/WebPageWin.cpp: (WebKit::WebPage::platformReinitialize):
  • WebProcess/WebPage/wpe/WebPageWPE.cpp: (WebKit::WebPage::platformReinitialize):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241721 268f45cc-cd09-0410-ab3c-d52691b4dbfc

1:27 PM Changeset in webkit [241887] by Alan Coon
  • 4 edits in branches/safari-607-branch/Source/WebKit

Cherry-pick r241658. rdar://problem/48243434

https://device.login.microsoftonline.com is hanging on STP75
https://bugs.webkit.org/show_bug.cgi?id=194734
<rdar://problem/47573830>

Reviewed by Jiewen Tan.

Make sure to only go the XPC route if SecKeyProxyStore has credentials.
Tested manually by going to the above website with and without the patch.
Load hangs without the patch and completes with the patch.

  • UIProcess/Authentication/AuthenticationChallengeProxy.cpp: (WebKit::AuthenticationChallengeProxy::AuthenticationChallengeProxy):
  • UIProcess/Authentication/cocoa/SecKeyProxyStore.h:
  • UIProcess/Authentication/cocoa/SecKeyProxyStore.mm: (WebKit::SecKeyProxyStore::initialize):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241658 268f45cc-cd09-0410-ab3c-d52691b4dbfc

1:27 PM Changeset in webkit [241886] by Alan Coon
  • 14 edits
    3 deletes in branches/safari-607-branch

Cherry-pick r241652. rdar://problem/48243343

Web Inspector: Frontend performance is very slow reloading theverge.com - 50% of time in TreeOutline _indexOfTreeElement
https://bugs.webkit.org/show_bug.cgi?id=193605
<rdar://problem/47403986>

Reviewed by Devin Rousso.

Source/WebInspectorUI:

SelectionController should track an unordered Set of represented objects
instead of an ordered set of indexes. This eliminates the costly and
error-prone updates needed to keep the selected indexes in sync as items
are added and removed from TreeOutline (and Table, to a far lesser extent).

The SelectionController interface is largely the same. Class and delegate
methods have been renamed to reflect the change from indexes to objects.
SelectionController tracks selected items in selection order. For the
operations that rely on objects being in insertion order, the controller
uses a comparator function provided at construction time.

  • UserInterface/Base/IndexSet.js: Removed. No longer used. SelectionController now uses a plain Set.
  • UserInterface/Base/Utilities.js: (value): (get return): Add utilities previously supplied by IndexSet and used by SelectionController.
  • UserInterface/Controllers/SelectionController.js: (WI.SelectionController): (WI.SelectionController.prototype.get lastSelectedItem): (WI.SelectionController.prototype.get selectedItems): (WI.SelectionController.prototype.set allowsMultipleSelection): (WI.SelectionController.prototype.hasSelectedItem): (WI.SelectionController.prototype.selectItem): (WI.SelectionController.prototype.deselectItem): (WI.SelectionController.prototype.selectAll): (WI.SelectionController.prototype.deselectAll): (WI.SelectionController.prototype.removeSelectedItems): (WI.SelectionController.prototype.reset): (WI.SelectionController.prototype.didRemoveItems): (WI.SelectionController.prototype.handleKeyDown): (WI.SelectionController.prototype.handleItemMouseDown): (WI.SelectionController.prototype._deselectAllAndSelect): (WI.SelectionController.prototype._selectItemsFromArrowKey): (WI.SelectionController.prototype._firstSelectableItem): (WI.SelectionController.prototype._lastSelectableItem): (WI.SelectionController.prototype._previousSelectableItem): (WI.SelectionController.prototype._nextSelectableItem): (WI.SelectionController.prototype._updateSelectedItems): (WI.SelectionController.prototype._addRange): (WI.SelectionController.prototype._deleteRange): (WI.SelectionController.prototype.get numberOfItems): Deleted. (WI.SelectionController.prototype.didInsertItem): Deleted. (WI.SelectionController.prototype.handleItemMouseDown.normalizeRange): Deleted. (WI.SelectionController.prototype._nextSelectableIndex): Deleted. (WI.SelectionController.prototype._previousSelectableIndex): Deleted.
  • UserInterface/Main.html:
  • UserInterface/Test.html: Remove IndexSet.
  • UserInterface/Views/CookieStorageContentView.js: (WI.CookieStorageContentView.prototype.tableIndexForRepresentedObject): (WI.CookieStorageContentView.prototype.tableRepresentedObjectForIndex):
  • UserInterface/Views/DOMTreeOutline.js: (WI.DOMTreeOutline.prototype.objectForSelection):
  • UserInterface/Views/NetworkTableContentView.js: (WI.NetworkTableContentView.prototype.tableIndexForRepresentedObject): (WI.NetworkTableContentView.prototype.tableRepresentedObjectForIndex):
  • UserInterface/Views/Table.js: (WI.Table): (WI.Table.prototype.get selectedRow): (WI.Table.prototype.get selectedRows): (WI.Table.prototype.isRowSelected): (WI.Table.prototype.selectRow): (WI.Table.prototype.deselectRow): (WI.Table.prototype.removeRow): (WI.Table.prototype.removeSelectedRows): (WI.Table.prototype.selectionControllerSelectionDidChange): (WI.Table.prototype.selectionControllerFirstSelectableItem): (WI.Table.prototype.selectionControllerLastSelectableItem): (WI.Table.prototype.selectionControllerPreviousSelectableItem): (WI.Table.prototype.selectionControllerNextSelectableItem): (WI.Table.prototype._handleMouseDown): (WI.Table.prototype._removeRows): (WI.Table.prototype._indexForRepresentedObject): (WI.Table.prototype._representedObjectForIndex): (WI.Table.prototype.selectionControllerNumberOfItems): Deleted. (WI.Table.prototype.selectionControllerNextSelectableIndex): Deleted. (WI.Table.prototype.selectionControllerPreviousSelectableIndex): Deleted. (WI.Table.prototype._toggleSelectedRowStyle): Deleted.
  • UserInterface/Views/TreeOutline.js: (WI.TreeOutline.compareSiblings): (WI.TreeOutline): (WI.TreeOutline.prototype.get selectedTreeElement): (WI.TreeOutline.prototype.set selectedTreeElement): (WI.TreeOutline.prototype.get selectedTreeElements): (WI.TreeOutline.prototype.removeChildAtIndex): (WI.TreeOutline.prototype.removeChildren): (WI.TreeOutline.prototype._rememberTreeElement): (WI.TreeOutline.prototype.getCachedTreeElement): (WI.TreeOutline.prototype.selectionControllerSelectionDidChange): (WI.TreeOutline.prototype.selectionControllerFirstSelectableItem): (WI.TreeOutline.prototype.selectionControllerLastSelectableItem): (WI.TreeOutline.prototype.selectionControllerPreviousSelectableItem): (WI.TreeOutline.prototype.selectionControllerNextSelectableItem): (WI.TreeOutline.prototype.objectForSelection): (WI.TreeOutline._generateStyleRulesIfNeeded): (WI.TreeOutline.prototype.selectionControllerNextSelectableIndex): Deleted. (WI.TreeOutline.prototype.selectionControllerPreviousSelectableIndex): Deleted. (WI.TreeOutline._generateStyleRulesIfNeeded._indexesForSubtree.numberOfElementsInSubtree): Deleted.

LayoutTests:

  • inspector/table/resources/table-utilities.js: (TestPage.registerInitializer.InspectorTest.TableDataSource.prototype.tableIndexForRepresentedObject): (TestPage.registerInitializer.InspectorTest.TableDataSource.prototype.tableRepresentedObjectForIndex): (TestPage.registerInitializer.InspectorTest.TableDataSource): New Table data source methods.
  • inspector/unit-tests/index-set-expected.txt: Removed.
  • inspector/unit-tests/index-set.html: Removed.
  • inspector/unit-tests/set-utilities-expected.txt:
  • inspector/unit-tests/set-utilities.html: Remove IndexSet tests and update tests for Set utilities to include new helper methods equals and difference, and firstValue.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241652 268f45cc-cd09-0410-ab3c-d52691b4dbfc

1:27 PM Changeset in webkit [241885] by Alan Coon
  • 3 edits
    1 add in branches/safari-607-branch

Cherry-pick r241634. rdar://problem/48243442

RELEASE_ASSERT at com.apple.JavaScriptCore: JSC::jsSubstringOfResolved
https://bugs.webkit.org/show_bug.cgi?id=194558

Reviewed by Saam Barati.

JSTests:

New regression test.

  • stress/regexp-unicode-within-string.js: Added.

Source/JavaScriptCore:

Added an in bounds check before the read of the next character for Unicode regular expressions
for pattern generation that didn't already have such checks.

  • yarr/YarrJIT.cpp: (JSC::Yarr::YarrGenerator::generatePatternCharacterOnce): (JSC::Yarr::YarrGenerator::generatePatternCharacterFixed): (JSC::Yarr::YarrGenerator::generateCharacterClassOnce): (JSC::Yarr::YarrGenerator::generateCharacterClassFixed):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241634 268f45cc-cd09-0410-ab3c-d52691b4dbfc

1:27 PM Changeset in webkit [241884] by Alan Coon
  • 4 edits
    2 adds in branches/safari-607-branch

Cherry-pick r241626. rdar://problem/48243415

Crash in the hit testing code via HTMLPlugInElement::isReplacementObscured()
https://bugs.webkit.org/show_bug.cgi?id=194691

Reviewed by Simon Fraser.

Source/WebCore:

The crash was caused by HTMLPlugInElement::isReplacementObscured updating the document
without updating the layout of ancestor documents (i.e. documents in which frame owner
elements appear) even though it hit-tests against the top-level document's RenderView.

Fixed the bug by updating the layout of the top-level document as needed.

Test: plugins/unsupported-plugin-with-replacement-in-iframe-crash.html

  • html/HTMLPlugInElement.cpp: (WebCore::HTMLPlugInElement::isReplacementObscured):

LayoutTests:

Added a regression test. It hits the newly added debug assertion without the fix.

  • platform/mac-wk1/TestExpectations: Skip the test since DumpRenderTree doesn't support testRunner.setPluginSupportedMode.
  • plugins/unsupported-plugin-with-replacement-in-iframe-crash-expected.txt: Added.
  • plugins/unsupported-plugin-with-replacement-in-iframe-crash.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241626 268f45cc-cd09-0410-ab3c-d52691b4dbfc

1:26 PM Changeset in webkit [241883] by Alan Coon
  • 5 edits
    1 add in branches/safari-607-branch

Cherry-pick r241613. rdar://problem/48243234

[JSC] CodeBlock::jettison should clear related watchpoints
https://bugs.webkit.org/show_bug.cgi?id=194544

Reviewed by Mark Lam.

  • bytecode/CodeBlock.cpp: (JSC::CodeBlock::jettison):
  • dfg/DFGCommonData.h: (JSC::DFG::CommonData::clearWatchpoints): Added.
  • dfg/CommonData.cpp: (JSC::DFG::CommonData::clearWatchpoints): Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241613 268f45cc-cd09-0410-ab3c-d52691b4dbfc

1:26 PM Changeset in webkit [241882] by Alan Coon
  • 4 edits in branches/safari-607-branch

Cherry-pick r241606. rdar://problem/48243273

Regression(PSON) Navigating quickly back and forth can lead to getting 'about:blank' in the backforward list
https://bugs.webkit.org/show_bug.cgi?id=194717
<rdar://problem/47884404>

Reviewed by Brady Eidson.

Source/WebKit:

When the client does a history navigation, the UIProcess sends a WebPage::GoToBackForwardItem IPC to the
WebProcess and the WebProcess sends a WebPageProxy::BackForwardGoToItem IPC back to the UIProcess to
update the current item in the BackForwardList. This means that there is a slight delay between the
point a client requests a history navigation and the point where the BackForwardList's current item gets
update. This delay is pre-existing behavior and not new to PSON.

However, with PSON enabled, if we decide to process-swap for the history navigation, we'll tell the
previous (committed) process to ignore the load and we ask a new (provisional) process to do the history
navigation. When the previous process receives the request to ignore the history navigation, it restores
the History's current item to the one previous the navigation, which sends a WebPageProxy::GoToBackForwardItem
IPC to the UIProcess to update the BackForwardList as well. In parallel, the new process starts the
history navigation and also sends a WebPageProxy::GoToBackForwardItem to update the BackForwardList's
current item as well. We end up with a race between the 2 GoToBackForwardItem IPC messages coming from
the old and new process. If the old process's message loses the race, we end up with the wrong current
history item getting set in the UIProcess. Later, when we commit the provisional load and try to suspend
the previous page, we would save the SuspendedPage on the *wrong* BackForwardList item. If one tries to
load this BackForwardList item later, we'll use its SuspendedPage and try to unsuspend it. However,
because the PageCache entry is saved on another HistoryItem than the one getting loaded in the WebProcess
side, we attempt to do a regular load instead of a PageCache restore. We end up failing the load because
pages cannot trigger new loads while in page cache. Because the load fails, we end up loading the
initial empty document and this is how we end up with 'about:blank' in the back forward list.

To address the issue, update WebPageProxy::backForwardGoToItem() to ignore messages from the old/committed
WebProcess when there is a pending provisional load. If the committed processes starts a legit new
load, it would clear any existing pending provisional load before attempting the call backForwardGoToItem().
As a result, ignoring such messages from the old processes when there is a pending provisional load is
safe.

In the future, we should probably move more of the history / backForwardList management to the UIProcess
to avoid this sort of issues. This would be a much larger refactoring though so I am going with this
simpler fix that is easily cherry-pickable for now.

  • UIProcess/WebPageProxy.cpp: (WebKit::WebPageProxy::suspendCurrentPageIfPossible): (WebKit::WebPageProxy::continueNavigationInNewProcess): (WebKit::WebPageProxy::backForwardGoToItem):

Tools:

Add API test coverage.

  • TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241606 268f45cc-cd09-0410-ab3c-d52691b4dbfc

1:26 PM Changeset in webkit [241881] by Alan Coon
  • 2 edits in branches/safari-607-branch/Source/WebCore

Cherry-pick r241567. rdar://problem/48243396

Web Inspector: Occasional crash under WebCore::CSSStyleSheet::item called from Inspector
https://bugs.webkit.org/show_bug.cgi?id=194671
<rdar://problem/47628191>

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2019-02-14
Reviewed by Devin Rousso.

  • css/CSSStyleSheet.cpp: (WebCore::CSSStyleSheet::item): A crash may happen if the m_childRuleCSSOMWrappers Vector gets out of sync with the m_contents list of rules. In particular if the wrappers vector is shorter than the rule list. We tried exercising code paths that modify these lists but were not able to reproduce the crash. To avoid a crash we can make this access safer and avoid the original overflow. At the same time we will keep and promote the assertion that would catch the lists getting out of sync in debug builds.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241567 268f45cc-cd09-0410-ab3c-d52691b4dbfc

1:26 PM Changeset in webkit [241880] by Alan Coon
  • 4 edits in branches/safari-607-branch

Cherry-pick r241549. rdar://problem/48243406

AX: ARIA Reflection was disabled in error
https://bugs.webkit.org/show_bug.cgi?id=194647
<rdar://problem/48068336>

Reviewed by Ryosuke Niwa.

Source/WebKit:

  • Shared/WebPreferences.yaml:

Tools:

Remove test override now that this feature should be enabled by default.

  • WebKitTestRunner/TestController.cpp: (WTR::TestController::resetPreferencesToConsistentValues):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241549 268f45cc-cd09-0410-ab3c-d52691b4dbfc

1:26 PM Changeset in webkit [241879] by Alan Coon
  • 5 edits in branches/safari-607-branch/Source

Cherry-pick r241547. rdar://problem/48220627

Web Inspector: don't include accessibility role in DOM.Node object payloads
https://bugs.webkit.org/show_bug.cgi?id=194623
<rdar://problem/36384037>

Reviewed by Devin Rousso.

Source/JavaScriptCore:

Remove property of DOM.Node that is no longer being sent.

  • inspector/protocol/DOM.json:

Source/WebCore:

Accessibility properties are complicated to fetch at all the points where we want to build and push nodes immediately.
Turning on AX often indirectly causes style recalc and layout. This is bad because we are often building nodes in the
first place due to a DOM node tree update (i.e., NodeInserted).

It turns out that DOM.getAccessibilityPropertiesForNode is called every time we display
the computed role in the Elements Tab > Nodes Sidebar > Accessibility Section. So it is not
necessary to collect this information in a problematic way when initially pushing the node, as
it will be updated anyway.

No new tests, no change in behavior.

  • inspector/agents/InspectorDOMAgent.cpp: (WebCore::InspectorDOMAgent::buildObjectForNode):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241547 268f45cc-cd09-0410-ab3c-d52691b4dbfc

1:26 PM Changeset in webkit [241878] by Alan Coon
  • 2 edits in branches/safari-607-branch/Source/WebCore

Cherry-pick r241492. rdar://problem/48243254

[Mac] PiP window can get "stuck" if PiP is closed while Safari window is minimized.
https://bugs.webkit.org/show_bug.cgi?id=194621
<rdar://problem/48002560>

Reviewed by Eric Carlson.

When Safari is minimized, no rAF() requests are executed. Don't gate responding to presentation
change events in the media-controller.js on rAF().

  • Modules/modern-media-controls/media/media-controller.js: (MediaController.prototype._returnMediaLayerToInlineIfNeeded):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241492 268f45cc-cd09-0410-ab3c-d52691b4dbfc

1:26 PM Changeset in webkit [241877] by Alan Coon
  • 3 edits
    4 deletes in branches/safari-607-branch

Revert r237978. rdar://problem/48244945

1:06 PM Changeset in webkit [241876] by don.olmstead@sony.com
  • 4 edits in trunk/Source/WebCore

[CMake][Win] Fix !USE(CF) build of WebCore
https://bugs.webkit.org/show_bug.cgi?id=194879

Reviewed by Konstantin Tokarev.

  • PlatformAppleWin.cmake:
  • PlatformWin.cmake:
  • PlatformWinCairo.cmake:
11:59 AM Changeset in webkit [241875] by Devin Rousso
  • 4 edits in trunk/Source/WebInspectorUI

Web Inspector: Canvas: recordings with a single frame sometimes missing TreeElement
https://bugs.webkit.org/show_bug.cgi?id=194687

Reviewed by Joseph Pecoraro.

  • UserInterface/Views/CanvasSidebarPanel.js:

(WI.CanvasSidebarPanel):
Wait until the entire Recording has been processed before setting the selected action.

  • UserInterface/Views/CanvasSidebarPanel.css:

(.sidebar > .panel.navigation.canvas.has-recordings > .content > .recording-content):
Drive-by: ensure that the recording TreeOutline container element has the full height to
take advantage of for virtualization.

  • UserInterface/Views/RecordingStateDetailsSidebarPanel.js:

(WI.RecordingStateDetailsSidebarPanel.prototype.set recording):
Drive-by: clear the DataGrid list when changing recordings since we removed all subviews.

10:56 AM Changeset in webkit [241874] by Devin Rousso
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: DOM Debugger: node-specific event breakpoints aren't cleared/recalculated on navigation
https://bugs.webkit.org/show_bug.cgi?id=194874
<rdar://problem/48253415>

Reviewed by Joseph Pecoraro.

  • UserInterface/Controllers/DOMManager.js:

(WI.DOMManager.prototype._setDocument):
(WI.DOMManager.prototype.removeBreakpointForEventListener):

10:14 AM Changeset in webkit [241873] by dino@apple.com
  • 2 edits in trunk/Source/WTF

Rotation animations sometimes use the wrong origin (affects apple.com)
https://bugs.webkit.org/show_bug.cgi?id=194878
<rdar://problem/43908047>

Follow-up commit to ensure this change only affects newer versions
of iOS.

  • wtf/Platform.h: Add a version check.
10:09 AM Changeset in webkit [241872] by Adrian Perez de Castro
  • 1 copy in releases/WPE WebKit/webkit-2.23.90

WPE WebKit 2.23.90

10:08 AM Changeset in webkit [241871] by Adrian Perez de Castro
  • 4 edits in releases/WebKitGTK/webkit-2.24

Unreviewed. Update OptionsWPE.cmake and NEWS for 2.23.90 release

build-wpe-releng/..:

  • Source/cmake/OptionsWPE.cmake: Bump version numbers.

build-wpe-releng/../Source/WebKit:

  • wpe/NEWS: Add release notes for 2.23.90
10:00 AM Changeset in webkit [241870] by Devin Rousso
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: macOS user agent option should be available in device settings menu
https://bugs.webkit.org/show_bug.cgi?id=194885
<rdar://problem/48259253>

Reviewed by Joseph Pecoraro.

  • UserInterface/Base/Main.js:

(WI._handleDeviceSettingsToolbarButtonClicked):

9:58 AM Changeset in webkit [241869] by Alan Bujtas
  • 7 edits
    2 adds in trunk

[LFC][Floats] Add support for placing formatting roots in-between floats.
https://bugs.webkit.org/show_bug.cgi?id=194902

Reviewed by Antti Koivisto.

Source/WebCore:

This patch add support for placing a formatting root box in-between existing floats.
The initial vertical position of a formatting root is its static position which can make the box
placed above exsiting floats (whereas we can never place a regular float above existing floats.)

Test: fast/block/block-only/floats-and-block-formatting-roots.html

  • layout/blockformatting/BlockFormattingContext.cpp:

(WebCore::Layout::BlockFormattingContext::computePositionToAvoidFloats const):

  • layout/floats/FloatingContext.cpp:

(WebCore::Layout::FloatPair::LeftRightIndex::isEmpty const):
(WebCore::Layout::FloatPair::isEmpty const):
(WebCore::Layout::FloatPair::operator* const):
(WebCore::Layout::Iterator::operator* const):
(WebCore::Layout::begin):
(WebCore::Layout::end):
(WebCore::Layout::FloatingContext::positionForFloat const):
(WebCore::Layout::FloatingContext::positionForFormattingContextRoot const):
(WebCore::Layout::findAvailablePosition):
(WebCore::Layout::FloatingContext::findPositionForFloatBox const):
(WebCore::Layout::FloatingContext::findPositionForFormattingContextRoot const):
(WebCore::Layout::FloatPair::FloatPair):
(WebCore::Layout::FloatPair::left const):
(WebCore::Layout::FloatPair::right const):
(WebCore::Layout::FloatPair::intersects const):
(WebCore::Layout::FloatPair::operator == const):
(WebCore::Layout::FloatPair::horizontalConstraints const):
(WebCore::Layout::FloatPair::bottom const):
(WebCore::Layout::Iterator::operator++):
(WebCore::Layout::Iterator::set):
(WebCore::Layout::FloatingPair::isEmpty const): Deleted.
(WebCore::Layout::FloatingPair::verticalConstraint const): Deleted.
(WebCore::Layout::FloatingContext::positionForFloatAvoiding const): Deleted.
(WebCore::Layout::FloatingContext::floatingPosition const): Deleted.
(WebCore::Layout::FloatingPair::FloatingPair): Deleted.
(WebCore::Layout::FloatingPair::left const): Deleted.
(WebCore::Layout::FloatingPair::right const): Deleted.
(WebCore::Layout::FloatingPair::intersects const): Deleted.
(WebCore::Layout::FloatingPair::operator == const): Deleted.
(WebCore::Layout::FloatingPair::horizontalConstraints const): Deleted.
(WebCore::Layout::FloatingPair::bottom const): Deleted.

  • layout/floats/FloatingContext.h:

Tools:

  • LayoutReloaded/misc/LFC-passing-tests.txt:

LayoutTests:

  • fast/block/block-only/floats-and-block-formatting-roots-expected.html: Added.
  • fast/block/block-only/floats-and-block-formatting-roots.html: Added.
9:24 AM Changeset in webkit [241868] by Chris Dumez
  • 2 edits in trunk/Source/WebKit

Unreviewed API test fix after r241855.

  • UIProcess/WebProcessProxy.cpp:

(WebKit::WebProcessProxy::~WebProcessProxy):

9:15 AM Changeset in webkit [241867] by Adrian Perez de Castro
  • 4 edits in releases/WebKitGTK/webkit-2.24

Merged r241866 - [WPE] Do not hardcode WPEBackend-fdo library name for linking tests
https://bugs.webkit.org/show_bug.cgi?id=194901

Unreviewed build fix.

.:

  • Source/cmake/FindWPEBackend-fdo.cmake: Use WPEBACKEND_FDO as prefix

for the output variables instead of WPEBackend-fdo, for consistency
with other usages of of find_package_handle_standard_args().

Tools:

  • TestWebKitAPI/PlatformWPE.cmake: Set TestWebKitAPIBase to be linked

against the detected ${WPEBACKEND_FDO_LIBRARIES} instead of hardcoding
WPEBackend-fdo-0.1 as library name.

9:08 AM Changeset in webkit [241866] by Adrian Perez de Castro
  • 4 edits in trunk

[WPE] Do not hardcode WPEBackend-fdo library name for linking tests
https://bugs.webkit.org/show_bug.cgi?id=194901

Unreviewed build fix.

.:

  • Source/cmake/FindWPEBackend-fdo.cmake: Use WPEBACKEND_FDO as prefix

for the output variables instead of WPEBackend-fdo, for consistency
with other usages of of find_package_handle_standard_args().

Tools:

  • TestWebKitAPI/PlatformWPE.cmake: Set TestWebKitAPIBase to be linked

against the detected ${WPEBACKEND_FDO_LIBRARIES} instead of hardcoding
WPEBackend-fdo-0.1 as library name.

5:55 AM Changeset in webkit [241865] by graouts@webkit.org
  • 3 edits in trunk/Source/WebKit

Move UIWebTouchEventsGestureRecognizer.activeTouchesByIdentifier to SPI
https://bugs.webkit.org/show_bug.cgi?id=194531
<rdar://problem/47714562>

Reviewed by Dean Jackson.

  • Platform/spi/ios/UIKitSPI.h:
  • UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView cancelPointersForGestureRecognizer:]): We update the referenced Radar since we need to keep the call
to respondsToSelector until the SPI has shipped for OpenSource builds to work.

4:29 AM Changeset in webkit [241864] by Diego Pino Garcia
  • 2 edits in trunk/LayoutTests

[GTK] Gardening for unexpected passes
https://bugs.webkit.org/show_bug.cgi?id=194854

Unreviewed test gardening.

  • platform/gtk/TestExpectations:
12:39 AM Changeset in webkit [241863] by commit-queue@webkit.org
  • 7 edits in trunk

Update MIME type parser
https://bugs.webkit.org/show_bug.cgi?id=180526

Patch by Rob Buis <rbuis@igalia.com> on 2019-02-21
Reviewed by Darin Adler.

LayoutTests/imported/w3c:

Update improved test expectations.

  • web-platform-tests/xhr/overridemimetype-blob-expected.txt:

Source/WebCore:

Further testing showed the MIME parser needs these fixes:

  • stripWhitespace is wrong for removing HTTP whitespace, use stripLeadingAndTrailingHTTPSpaces instead.
  • HTTP Token code points checking for Rfc2045 and Mimesniff were mixed up, use the dedicated isValidHTTPToken for Mimesniff mode.
  • Quoted Strings were not unescaped/escaped, this seems ok for serializing but is wrong when gettings individual parameter values. Implement [1] and [2] Step 2.4 to properly unescape and escape.

This change also tries to avoid hard to read uses of find.

Test: ParsedContentType.Serialize

[1] https://fetch.spec.whatwg.org/#collect-an-http-quoted-string
[2] https://mimesniff.spec.whatwg.org/#serializing-a-mime-type

  • platform/network/ParsedContentType.cpp:

(WebCore::skipSpaces):
(WebCore::parseToken):
(WebCore::isNotQuoteOrBackslash):
(WebCore::collectHTTPQuotedString):
(WebCore::containsNonTokenCharacters):
(WebCore::parseQuotedString):
(WebCore::ParsedContentType::parseContentType):
(WebCore::ParsedContentType::create):
(WebCore::ParsedContentType::setContentType):
(WebCore::containsNonQuoteStringTokenCharacters):
(WebCore::ParsedContentType::setContentTypeParameter):
(WebCore::ParsedContentType::serialize const):
(WebCore::substringForRange): Deleted.
(WebCore::isNonTokenCharacter): Deleted.
(WebCore::isNonQuotedStringTokenCharacter): Deleted.

  • platform/network/ParsedContentType.h:

Tools:

Add tests involving leading and trailing whitespace, non-token
characters and quoted strings.

  • TestWebKitAPI/Tests/WebCore/ParsedContentType.cpp:

(TestWebKitAPI::TEST):

Feb 20, 2019:

9:59 PM Changeset in webkit [241862] by ysuzuki@apple.com
  • 5 edits in trunk/Source/JavaScriptCore

[JSC] Remove WatchpointSet creation for SymbolTable entries if VM::canUseJIT() returns false
https://bugs.webkit.org/show_bug.cgi?id=194891

Reviewed by Geoffrey Garen.

WatchpointSet in SymbolTable is used to fold the value into a constant in JIT tiers. And it is
not useful under the non-JIT mode. This patch avoids creation of WatchpointSet in SymbolTable
if VM::canUseJIT() returns false.

  • llint/LowLevelInterpreter32_64.asm:
  • llint/LowLevelInterpreter64.asm:
  • runtime/SymbolTable.cpp:

(JSC::SymbolTableEntry::addWatchpoint): Deleted.

  • runtime/SymbolTable.h:

(JSC::SymbolTableEntry::isWatchable const):
(JSC::SymbolTableEntry::watchpointSet):

9:48 PM Changeset in webkit [241861] by mitz@apple.com
  • 9 copies
    1 add in releases/Apple/Safari Technology Preview 76

Added a tag for Safari Technology Preview release 76.

7:32 PM Changeset in webkit [241860] by Simon Fraser
  • 2 edits in trunk/Source/WebCore

REGRESSION (240698): Fixed position banners flicker and move when scrolling on iOS
https://bugs.webkit.org/show_bug.cgi?id=194889
rdar://problem/47755552

Reviewed by Tim Horton.

After r240698 we could commit scrolling changes for a fixed node where the "viewportRectAtLastLayout" and the layer
position were mismatched; this happened when AsyncScrollingCoordinator::reconcileScrollingState() came back from the UI process
with an unstable update and set a new layoutViewport, then some other layout triggered a compositing tree update. During the tree
update, we'd update the fixed scrolling node with the new viewport, and an old layer position.

Fix by ensuring that we only update the geometry info for a scrolling tree node when we update layer geometry for the corresponding
layer.

Not currently testable.

  • rendering/RenderLayerCompositor.cpp:

(WebCore::RenderLayerCompositor::updateBackingAndHierarchy):

7:28 PM Changeset in webkit [241859] by Antti Koivisto
  • 3 edits
    2 adds in trunk

Make programmatic frame scrolling work on iOS
https://bugs.webkit.org/show_bug.cgi?id=194886

Reviewed by Simon Fraser.

Source/WebKit:

  • UIProcess/RemoteLayerTree/ios/ScrollingTreeScrollingNodeDelegateIOS.mm:

(WebKit::ScrollingTreeScrollingNodeDelegateIOS::commitStateAfterChildren):

Don't move based on the layout scroll position. This just overrides the user scroll position.
Remove ScrolledContentsLayer checks, we only need to deal with the ScrollContainerLayer here.

(WebKit::ScrollingTreeScrollingNodeDelegateIOS::setScrollLayerPosition):

Scroll the UIScrollView correctly. This is called as a result of setting the RequestedScrollPosition property.
Remove scroll origin code, it doesn't look correct (and is untested).

LayoutTests:

Test by Frederic Wang.

  • fast/scrolling/ios/programmatic-scroll-iframe-expected.html: Added.
  • fast/scrolling/ios/programmatic-scroll-iframe.html: Added.
6:55 PM Changeset in webkit [241858] by don.olmstead@sony.com
  • 2 edits in trunk/Tools

[CMake][Win] Only build DumpRenderTree when WebKit Legacy is enabled
https://bugs.webkit.org/show_bug.cgi?id=194884

Reviewed by Michael Catanzaro.

  • PlatformWin.cmake:
6:45 PM Changeset in webkit [241857] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: RTL: Scripts Timeline loading indicator has incorrect margins
https://bugs.webkit.org/show_bug.cgi?id=194882

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2019-02-20
Reviewed by Matt Baker.

  • UserInterface/Views/TimelineRecordingContentView.css:

(.content-view.timeline-recording > .content-browser .recording-progress > .status > .indeterminate-progress-spinner):

5:36 PM Changeset in webkit [241856] by commit-queue@webkit.org
  • 3 edits in trunk/Source/WTF

URL percent-encode operations should use checked arithmetic for buffer allocation length
https://bugs.webkit.org/show_bug.cgi?id=194877
<rdar://problem/48212062>

Patch by Alex Christensen <achristensen@webkit.org> on 2019-02-20
Reviewed by Tim Horton.

  • wtf/URLHelpers.cpp:

(WTF::URLHelpers::userVisibleURL):

  • wtf/cocoa/NSURLExtras.mm:

(WTF::dataWithUserTypedString):

5:25 PM Changeset in webkit [241855] by Chris Dumez
  • 7 edits in trunk/Source/WebKit

[PSON] Make sure hung processes are not kept alive by suspended pages or process caching
https://bugs.webkit.org/show_bug.cgi?id=194881
<rdar://problem/48249014>

Reviewed by Geoffrey Garen.

After we construct a SuspendedPageProxy and before we send the IPC to the WebProcess to
ask it to suspend, start a 10 seconds timer. If the process does not answer the request
to suspend before the timer fires, we destroy the SuspendedPageProxy so that we do not
keep a hung process around.

For the WebProcessCache, we now call WebProcessProxy::isResponsive() on the process
before adding it to the cache. Internally, this relies on an IPC handshake with the
WebProcess. If the process is not responsive, we do not add it to the cache and we
shut it down. If it is responsive then we proceed normally with adding it to the
cache.

  • UIProcess/SuspendedPageProxy.cpp:

(WebKit::SuspendedPageProxy::SuspendedPageProxy):
(WebKit::SuspendedPageProxy::didProcessRequestToSuspend):
(WebKit::SuspendedPageProxy::suspensionTimedOut):

  • UIProcess/SuspendedPageProxy.h:
  • UIProcess/WebProcessCache.cpp:

(WebKit::WebProcessCache::addProcessIfPossible):
(WebKit::WebProcessCache::addProcess):

  • UIProcess/WebProcessCache.h:
  • UIProcess/WebProcessProxy.cpp:

(WebKit::WebProcessProxy::processDidTerminateOrFailedToLaunch):
(WebKit::WebProcessProxy::maybeShutDown):
(WebKit::WebProcessProxy::isResponsive):

  • UIProcess/WebProcessProxy.h:
5:09 PM Changeset in webkit [241854] by Chris Dumez
  • 2 edits in trunk/Tools

Add API test for <rdar://problem/47471222>
https://bugs.webkit.org/show_bug.cgi?id=194847

Reviewed by Alex Christensen.

  • TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:
4:51 PM Changeset in webkit [241853] by Chris Dumez
  • 2 edits in trunk/Source/WebKit

Unreviewed build fix after r241823.

  • UIProcess/SuspendedPageProxy.h:
4:48 PM Changeset in webkit [241852] by dino@apple.com
  • 7 edits
    16 deletes in trunk

Rotation animations sometimes use the wrong origin (affects apple.com)
https://bugs.webkit.org/show_bug.cgi?id=194878
<rdar://problem/43908047>

Reviewed by Simon Fraser.

Source/WebCore:

Some versions of CoreAnimation apply additive animations in reverse
order. Detect this and reverse the list of animations we provide.

Update the existing animations/additive-transform-animations.html test to
be a ref-test that would identify this failure. Previously it relied on
a pixel test.

  • platform/graphics/ca/GraphicsLayerCA.cpp: Use

HAVE_CA_WHERE_ADDITIVE_TRANSFORMS_ARE_REVERSED to decide whether or
not to flip the list of animations (and mark the correct ones as
additive).

(WebCore::GraphicsLayerCA::appendToUncommittedAnimations):
(WebCore::GraphicsLayerCA::createTransformAnimationsFromKeyframes):

Source/WTF:

  • wtf/Platform.h: Add HAVE(CA_WHERE_ADDITIVE_TRANSFORMS_ARE_REVERSED).

LayoutTests:

Update an old pixel test to be a new ref test, and remove all the old platform-specific
-expected versions.

  • animations/additive-transform-animations-expected.png: Removed.
  • animations/additive-transform-animations.html:
  • legacy-animation-engine/animations/additive-transform-animations-expected.png: Removed.
  • legacy-animation-engine/animations/additive-transform-animations.html:
  • platform/gtk/animations/additive-transform-animations-expected.png: Removed.
  • platform/gtk/animations/additive-transform-animations-expected.txt: Removed.
  • platform/gtk/legacy-animation-engine/animations/additive-transform-animations-expected.png: Removed.
  • platform/gtk/legacy-animation-engine/animations/additive-transform-animations-expected.txt: Removed.
  • platform/ios/animations/additive-transform-animations-expected.txt: Removed.
  • platform/ios/legacy-animation-engine/animations/additive-transform-animations-expected.txt: Removed.
  • platform/mac/animations/additive-transform-animations-expected.txt: Removed.
  • platform/mac/legacy-animation-engine/animations/additive-transform-animations-expected.txt: Removed.
  • platform/win/animations/additive-transform-animations-expected.txt: Removed.
  • platform/win/legacy-animation-engine/animations/additive-transform-animations-expected.txt: Removed.
  • platform/wincairo/animations/additive-transform-animations-expected.txt: Removed.
  • platform/wincairo/legacy-animation-engine/animations/additive-transform-animations-expected.txt: Removed.
  • platform/wpe/animations/additive-transform-animations-expected.txt: Removed.
  • platform/wpe/legacy-animation-engine/animations/additive-transform-animations-expected.txt: Removed.
4:19 PM Changeset in webkit [241851] by don.olmstead@sony.com
  • 3 edits in trunk/Source/WebCore

[Win] Guard CF usage in RenderThemeWin
https://bugs.webkit.org/show_bug.cgi?id=194875

Reviewed by Alex Christensen.

No new tests. No change in behavior.

Add #if USE(CF) checks to RenderThemeWin so it can compile without CF support.

  • rendering/RenderThemeWin.cpp:

(WebCore::RenderThemeWin::stringWithContentsOfFile):
(WebCore::RenderThemeWin::mediaControlsStyleSheet):
(WebCore::RenderThemeWin::mediaControlsScript):

  • rendering/RenderThemeWin.h:
4:12 PM Changeset in webkit [241850] by achristensen@apple.com
  • 3 edits in trunk/Source/WebKit

Unreviewed, rolling out r241838.

Broke API tests

Reverted changeset:

"Resolve WebsiteDataStore/HTTPCookieStore ref cycle"
https://bugs.webkit.org/show_bug.cgi?id=194868
https://trac.webkit.org/changeset/241838

4:10 PM Changeset in webkit [241849] by mark.lam@apple.com
  • 9 edits in trunk/Source/JavaScriptCore

Add code to validate expected GC activity modelled by doesGC() against what the runtime encounters.
https://bugs.webkit.org/show_bug.cgi?id=193938
<rdar://problem/47616277>

Reviewed by Michael Saboff, Saam Barati, and Robin Morisset.

In DFG::SpeculativeJIT::compile() and FTL::LowerDFGToB3::compileNode(), before
emitting code / B3IR for each DFG node, we emit a write to set Heap::m_expectDoesGC
to the value returned by doesGC() for that node. In the runtime (i.e. in allocateCell()
and functions that can resolve a rope), we assert that Heap::m_expectDoesGC is
true.

This validation code is currently only enabled for debug builds. It is disabled
for release builds by default, but it can easily be made to run on release builds
as well by forcing ENABLE_DFG_DOES_GC_VALIDATION to 1 in Heap.h.

To allow this validation code to run on release builds as well, the validation uses
RELEASE_ASSERT instead of ASSERT.

To ensure that Heap.h is #include'd for all files that needs to do this validation
(so that the validation code is accidentally disabled), we guard the validation
code with an if conditional on constexpr bool validateDFGDoesGC (instead of using
a #if ENABLE(DFG_DOES_GC_VALIDATION)). This way, if Heap.h isn't #include'd, the
validation code will fail to build (no silent failures).

Currently, all JSC tests and Layout tests should pass with this validation enabled
in debug builds. We'll only see new failures if there's a regression or if new
tests reveal a previously untested code path that has an undetected issue.

  • dfg/DFGOSRExit.cpp:

(JSC::DFG::OSRExit::executeOSRExit):
(JSC::DFG::OSRExit::compileExit):

  • dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileNode):

  • ftl/FTLOSRExitCompiler.cpp:

(JSC::FTL::compileStub):

  • heap/Heap.h:

(JSC::Heap::expectDoesGC const):
(JSC::Heap::setExpectDoesGC):
(JSC::Heap::addressOfExpectDoesGC):

  • jit/JITArithmetic.cpp:

(JSC::JIT::emit_compareAndJump):

  • runtime/JSCellInlines.h:

(JSC::tryAllocateCellHelper):

  • runtime/JSString.h:

(JSC::jsSingleCharacterString):
(JSC::JSString::toAtomicString const):
(JSC::JSString::toExistingAtomicString const):
(JSC::JSString::value const):
(JSC::JSString::tryGetValue const):
(JSC::JSRopeString::unsafeView const):
(JSC::JSRopeString::viewWithUnderlyingString const):
(JSC::JSString::unsafeView const):

4:06 PM Changeset in webkit [241848] by rniwa@webkit.org
  • 3 edits in trunk/Source/WebCore

Crash in DOMWindowExtension::suspendForPageCache
https://bugs.webkit.org/show_bug.cgi?id=194871

Reviewed by Chris Dumez.

This is a speculative fix for a crash in DOMWindowExtension::suspendForPageCache.

We think it's possible for DOMWindowExtension::suspendForPageCache notifying the clients via
dispatchWillDisconnectDOMWindowExtensionFromGlobalObject to remove other DOMWindowExtension's.
Check that each DOMWindowProperty is still in m_properties before invoking suspendForPageCache
to avoid the crash.

  • page/DOMWindow.cpp:

(WebCore::DOMWindow::willDestroyCachedFrame):
(WebCore::DOMWindow::willDestroyDocumentInFrame):
(WebCore::DOMWindow::willDetachDocumentFromFrame):
(WebCore::DOMWindow::suspendForPageCache):
(WebCore::DOMWindow::resumeFromPageCache):

  • page/DOMWindowExtension.cpp:

(WebCore::DOMWindowExtension::suspendForPageCache):

4:03 PM Changeset in webkit [241847] by ysuzuki@apple.com
  • 15 edits in trunk/Source/bmalloc

[bmalloc] bmalloc::Heap is allocated even though we use system malloc mode
https://bugs.webkit.org/show_bug.cgi?id=194836

Reviewed by Mark Lam.

Previously, bmalloc::Heap holds DebugHeap, and delegates allocation and deallocation to debug heap.
However, bmalloc::Heap is large. We would like to avoid initialization of bmalloc::Heap under the
system malloc mode.

This patch extracts out DebugHeap from bmalloc::Heap, and logically puts this in a boundary of
bmalloc::api. bmalloc::api delegates allocation and deallocation to DebugHeap if DebugHeap is enabled.
Otherwise, using bmalloc's usual mechanism. The challenge is that we would like to keep bmalloc fast
path fast.

  1. For IsoHeaps, we use the similar techniques done in Cache. If the debug mode is enabled, we always go to the slow path of the IsoHeap allocation, and keep IsoTLS::get() returning nullptr. In the slow path, we just fallback to the usual bmalloc::api::tryMalloc implementation. This is efficient because bmalloc continues using the fast path.
  1. For the other APIs, like freeLargeVirtual, we just put DebugHeap check because this API itself takes fair amount of time. Then debug heap check does not matter.
  • bmalloc/Allocator.cpp:

(bmalloc::Allocator::reallocateImpl):

  • bmalloc/Cache.cpp:

(bmalloc::Cache::tryAllocateSlowCaseNullCache):
(bmalloc::Cache::allocateSlowCaseNullCache):
(bmalloc::Cache::deallocateSlowCaseNullCache):
(bmalloc::Cache::tryReallocateSlowCaseNullCache):
(bmalloc::Cache::reallocateSlowCaseNullCache):
(): Deleted.
(bmalloc::debugHeap): Deleted.

  • bmalloc/DebugHeap.cpp:
  • bmalloc/DebugHeap.h:

(bmalloc::DebugHeap::tryGet):

  • bmalloc/Heap.cpp:

(bmalloc::Heap::Heap):
(bmalloc::Heap::footprint):
(bmalloc::Heap::tryAllocateLarge):
(bmalloc::Heap::deallocateLarge):

  • bmalloc/Heap.h:

(bmalloc::Heap::debugHeap): Deleted.

  • bmalloc/IsoTLS.cpp:

(bmalloc::IsoTLS::IsoTLS):
(bmalloc::IsoTLS::isUsingDebugHeap): Deleted.
(bmalloc::IsoTLS::debugMalloc): Deleted.
(bmalloc::IsoTLS::debugFree): Deleted.

  • bmalloc/IsoTLS.h:
  • bmalloc/IsoTLSInlines.h:

(bmalloc::IsoTLS::allocateSlow):
(bmalloc::IsoTLS::deallocateSlow):

  • bmalloc/ObjectType.cpp:

(bmalloc::objectType):

  • bmalloc/ObjectType.h:
  • bmalloc/Scavenger.cpp:

(bmalloc::Scavenger::Scavenger):

  • bmalloc/bmalloc.cpp:

(bmalloc::api::tryLargeZeroedMemalignVirtual):
(bmalloc::api::freeLargeVirtual):
(bmalloc::api::scavenge):
(bmalloc::api::isEnabled):
(bmalloc::api::setScavengerThreadQOSClass):
(bmalloc::api::commitAlignedPhysical):
(bmalloc::api::decommitAlignedPhysical):
(bmalloc::api::enableMiniMode):

3:34 PM Changeset in webkit [241846] by Wenson Hsieh
  • 5 edits in trunk/Source/WebKit

REGRESSION: [ iOS ] Layout Test editing/input/ios/rtl-keyboard-input-on-focus.html is a Timeout
https://bugs.webkit.org/show_bug.cgi?id=194601
<rdar://problem/48080316>

Reviewed by Tim Horton.

Following r241311, if a web view becomes first responder and is then moved offscreen (or obscured, hidden, or in
the case of WebKitTestRunner, its UIWindow loses its status as keyWindow), we end up holding on to the input
view update deferral token indefinitely, waiting for the current focused element to be blurred or refocused.

This also manifests other user-facing bugs, the most common of which is the keyboard occasionally remaining
onscreen after typing a URL in the unified field in MobileSafari and hitting Return, in the case where there is
no autofocused element on the page.

To fix this, when becoming the first responder, additionally install a callback to detect when the page is
finished handling the activity state change, and invalidate the input deferral token then. This retains the
behavior where calling -becomeFirstResponder on the web view while a different view is focused will keep the
keyboard stable, since the focused element message from the web process should be dispatched when handling the
activity state change within the web process.

Of course, the web process may not be responsive at all while the web view is still in the view hierarchy, in
which case we may still end up deferring input view updates indefinitely. In this case, we maintain a separate
watchdog timer with a short delay, after which we unconditionally invalidate the token.

  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::installActivityStateChangeCompletionHandler):

Move the implementation of installActivityStateChangeCompletionHandler into cross-platform code.

  • UIProcess/WebPageProxy.h:
  • UIProcess/ios/WKContentView.mm:
  • UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView cleanupInteraction]):
(-[WKContentView _cancelPreviousResetInputViewDeferralRequest]):
(-[WKContentView _scheduleResetInputViewDeferralAfterBecomingFirstResponder]):
(-[WKContentView _resetInputViewDeferral]):
(-[WKContentView becomeFirstResponderForWebView]):
(-[WKContentView resignFirstResponderForWebView]):
(-[WKContentView _commitPotentialTapFailed]):
(-[WKContentView _didNotHandleTapAsClick:]):
(-[WKContentView _didCompleteSyntheticClick]):

Funnel all existing calls that reset _inputViewDeferralToken to nullptr, such that they go through a helper
method instead that also cancels any scheduled requests to clear the token.

  • WebProcess/WebPage/RemoteLayerTree/RemoteLayerTreeDrawingArea.mm:

(WebKit::RemoteLayerTreeDrawingArea::activityStateDidChange):

Respond to all pending callbacks after handling the activity state change.

3:30 PM Changeset in webkit [241845] by Chris Dumez
  • 5 edits in trunk

Regression(PSON) "Reload without content extensions" does not work when the main resource is blocked
https://bugs.webkit.org/show_bug.cgi?id=194872
<rdar://problem/47924500>

Reviewed by Alex Christensen.

Source/WebKit:

[WKWebView _reloadWithoutContentBlockers] relies on a ReloadOption flag that is passed to WebCore
instead of using WebsitePolicies.contentBlockersEnabled flag. If the reload causes a process swap
due to PSON, then the new process does not know about this ReloadOption and fails to honor it.

Since the modern way to do this is WebsitePolicies, and since WebsitePolicies are properly
propagated cross-process in case of process swap, this patch updates _reloadWithoutContentBlockers
to set a flag on the Navigation which we use to later set the WebsitePolicies.contentBlockersEnabled
flag in WebPageProxy::receivedNavigationPolicyDecision().

  • UIProcess/API/APINavigation.h:

(API::Navigation::setUserContentExtensionsEnabled):
(API::Navigation::userContentExtensionsEnabled const):

  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::reload):
(WebKit::WebPageProxy::receivedNavigationPolicyDecision):

Tools:

Add API test coverage.

  • TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:
3:26 PM Changeset in webkit [241844] by Truitt Savell
  • 2 edits in trunk/Source/WebKit

Unreviewed, rolling out r241817.

Caused 4 API failures

Reverted changeset:

"[GTK] Epiphany searching for plugins even if plugins are
disabled"
https://bugs.webkit.org/show_bug.cgi?id=194352
https://trac.webkit.org/changeset/241817

3:25 PM WebKitGTK/2.24.x edited by Adrian Perez de Castro
(diff)
3:25 PM Changeset in webkit [241843] by jer.noble@apple.com
  • 1 edit
    1 add in trunk/Tools

Add a git utility method that allows the caller to determine if a specific commitish is within a specified range of commits.
https://bugs.webkit.org/show_bug.cgi?id=191332

Reviewed by Dean Jackson.

  • Scripts/git-is-in-range: Added.
3:21 PM WebKitGTK/StableRelease edited by Adrian Perez de Castro
(diff)
2:52 PM Changeset in webkit [241842] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebCore

Always call CompletionHandlers after r240909
https://bugs.webkit.org/show_bug.cgi?id=194823

Patch by Alex Christensen <achristensen@webkit.org> on 2019-02-20
Reviewed by Ryosuke Niwa.

  • loader/PolicyChecker.cpp:

(WebCore::PolicyChecker::checkNavigationPolicy):
(WebCore::PolicyChecker::checkNewWindowPolicy):

2:37 PM Changeset in webkit [241841] by aestes@apple.com
  • 25 edits in trunk

[Xcode] Add SDKVariant.xcconfig to various Xcode projects
https://bugs.webkit.org/show_bug.cgi?id=194869

Rubber-stamped by Jer Noble.

Source/bmalloc:

  • bmalloc.xcodeproj/project.pbxproj:

Source/JavaScriptCore:

Source/ThirdParty/ANGLE:

  • ANGLE.xcodeproj/project.pbxproj:

Source/ThirdParty/libwebrtc:

  • libwebrtc.xcodeproj/project.pbxproj:

Source/WebCore:

  • WebCore.xcodeproj/project.pbxproj:

Source/WebInspectorUI:

  • WebInspectorUI.xcodeproj/project.pbxproj:

Source/WebKit:

  • WebKit.xcodeproj/project.pbxproj:

Source/WebKitLegacy:

  • WebKitLegacy.xcodeproj/project.pbxproj:

Source/WTF:

  • WTF.xcodeproj/project.pbxproj:

Tools:

  • DumpRenderTree/DumpRenderTree.xcodeproj/project.pbxproj:
  • ImageDiff/ImageDiff.xcodeproj/project.pbxproj:
  • MiniBrowser/MiniBrowser.xcodeproj/project.pbxproj:
  • MobileMiniBrowser/MobileMiniBrowser.xcodeproj/project.pbxproj:
  • TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
  • WebKitTestRunner/WebKitTestRunner.xcodeproj/project.pbxproj:
2:28 PM Changeset in webkit [241840] by commit-queue@webkit.org
  • 5 edits
    2 adds in trunk

drawImage() clears the canvas if it's the source of the image and globalCompositeOperation is "copy"
https://bugs.webkit.org/show_bug.cgi?id=194746

Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2019-02-20
Reviewed by Dean Jackson.

Source/WebCore:

Test: fast/canvas/canvas-drawImage-composite-copy.html

If the source canvas of drawImage() is the same as the destination and
globalCompositeOperation is set to "copy", copy the srcRect from the
canvas to a temporary buffer before calling clearCanvas() then drawImage
from this temporary buffer.

  • html/canvas/CanvasRenderingContext2DBase.cpp:

(WebCore::CanvasRenderingContext2DBase::drawImage):

  • platform/graphics/ImageBuffer.cpp:

(WebCore::ImageBuffer::copyRectToBuffer):

  • platform/graphics/ImageBuffer.h:

LayoutTests:

  • fast/canvas/canvas-drawImage-composite-copy-expected.html: Added.
  • fast/canvas/canvas-drawImage-composite-copy.html: Added.
2:25 PM Changeset in webkit [241839] by Jon Davis
  • 2 edits in trunk/Websites/webkit.org

Added macOS Mojave builds to the WebKit Build Archives.
https://bugs.webkit.org/show_bug.cgi?id=190908

Reviewed by Lucas Forschler.

  • wp-content/themes/webkit/build-archives.php:
2:22 PM Changeset in webkit [241838] by commit-queue@webkit.org
  • 3 edits in trunk/Source/WebKit

Resolve WebsiteDataStore/HTTPCookieStore ref cycle
https://bugs.webkit.org/show_bug.cgi?id=194868

Patch by Alex Christensen <achristensen@webkit.org> on 2019-02-20
Reviewed by Geoffrey Garen.

  • UIProcess/API/APIHTTPCookieStore.cpp:

(API::HTTPCookieStore::HTTPCookieStore):
(API::HTTPCookieStore::cookies):
(API::HTTPCookieStore::setCookie):
(API::HTTPCookieStore::deleteCookie):
(API::HTTPCookieStore::registerObserver):
(API::HTTPCookieStore::unregisterObserver):
(API::HTTPCookieStore::cookieManagerDestroyed):
(API::HTTPCookieStore::registerForNewProcessPoolNotifications):
(API::HTTPCookieStore::ref const):
(API::HTTPCookieStore::deref const):

  • UIProcess/API/APIHTTPCookieStore.h:
2:22 PM Changeset in webkit [241837] by ysuzuki@apple.com
  • 5 edits in trunk/Source/bmalloc

[bmalloc] DebugHeap::malloc does not have "try" version.
https://bugs.webkit.org/show_bug.cgi?id=194837

Reviewed by Mark Lam.

Since DebugHeap::malloc does not have "try" version, our tryAllocate implementation does not work well with DebugHeap.
This patch adds crashOnFailure flag to DebugHeap::malloc.

  • bmalloc/Cache.cpp:

(bmalloc::Cache::tryAllocateSlowCaseNullCache):
(bmalloc::Cache::allocateSlowCaseNullCache):

  • bmalloc/DebugHeap.cpp:

(bmalloc::DebugHeap::malloc):

  • bmalloc/DebugHeap.h:
  • bmalloc/IsoTLS.cpp:

(bmalloc::IsoTLS::debugMalloc):

2:22 PM Changeset in webkit [241836] by Truitt Savell
  • 2 edits in trunk/LayoutTests

[ Mac WK2 ] REGRESSION (r231450) Layout Test http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-image-in-iframe-with-enforced-and-report-policies.html is a flaky failure
https://bugs.webkit.org/show_bug.cgi?id=194350

Unreviewed test gardening.

Patch by Shawn Roberts <Shawn Roberts> on 2019-02-20

  • platform/mac-wk2/TestExpectations: Marking as flaky until a fix lands
2:04 PM Changeset in webkit [241835] by Truitt Savell
  • 2 edits in trunk/LayoutTests

[ Mac WK1 ] REGRESSION (r230006) Layout Test media/modern-media-controls/compact-media-controls/compact-media-controls-layout.html is a flaky text diff failure
https://bugs.webkit.org/show_bug.cgi?id=194309

Unreviewed test gardening.

Patch by Shawn Roberts <Shawn Roberts> on 2019-02-20

  • platform/mac-wk1/TestExpectations: Marking as flaky until a fix lands
1:49 PM Changeset in webkit [241834] by Truitt Savell
  • 3 edits in trunk/LayoutTests

[ Mac WK2 iOS Debug ] REGRESSION (r240713) Layout Test scrollingcoordinator/scrolling-tree/fixed-inside-frame.html is flaky failure
https://bugs.webkit.org/show_bug.cgi?id=194253

Unreviewed test gardening.

Patch by Shawn Roberts <Shawn Roberts> on 2019-02-20

  • platform/ios-wk2/TestExpectations: Marking as flaky until a fix lands
  • platform/mac-wk2/TestExpectations: ditto
1:38 PM Changeset in webkit [241833] by dbates@webkit.org
  • 2 edits in trunk/Source/WebCore/PAL

Attempt to fix the Apple Internal build following r241828
(https://trac.webkit.org/changeset/241828/webkit)

Conditionally include a private header.

  • pal/spi/ios/UIKitSPI.h:
1:30 PM Changeset in webkit [241832] by ysuzuki@apple.com
  • 8 edits in trunk/Source/bmalloc

[bmalloc] bmalloc::Cache should not be instantiated if we are using system malloc
https://bugs.webkit.org/show_bug.cgi?id=194811

Reviewed by Mark Lam.

bmalloc::Cache is very large. It is 13KB. Since it exists per HeapKind, it takes 40KB.
But this is meaningless if we are under the system malloc mode by using "Malloc=1". We
found that it continues using so much dirty memory region even under the system malloc mode.
This patch avoids instantiation of bmalloc::Cache under the system malloc mode.

  • bmalloc/Allocator.cpp:

(bmalloc::Allocator::Allocator):
(bmalloc::Allocator::tryAllocate):
(bmalloc::Allocator::allocateImpl):
(bmalloc::Allocator::reallocateImpl):
(bmalloc::Allocator::allocateSlowCase):
Allocator is a per Cache object. So we no longer need to keep m_debugHeap. If debug heap is enabled,
Allocator is never created.

  • bmalloc/Allocator.h:
  • bmalloc/Cache.cpp:

(bmalloc::debugHeap):
(bmalloc::Cache::Cache):
(bmalloc::Cache::tryAllocateSlowCaseNullCache):
(bmalloc::Cache::allocateSlowCaseNullCache):
(bmalloc::Cache::deallocateSlowCaseNullCache):
(bmalloc::Cache::tryReallocateSlowCaseNullCache):
(bmalloc::Cache::reallocateSlowCaseNullCache):

  • bmalloc/Cache.h:

(bmalloc::Cache::tryAllocate):
(bmalloc::Cache::tryReallocate):
If the debug heap mode is enabled, we keep Cache::getFast() returning nullptr. And in the slow path case, we use debugHeap.
This makes bmalloc fast path fast, while we avoid Cache instantiation.

  • bmalloc/Deallocator.cpp:

(bmalloc::Deallocator::Deallocator):
(bmalloc::Deallocator::scavenge):
(bmalloc::Deallocator::deallocateSlowCase):

  • bmalloc/Deallocator.h:

Ditto for Deallocator.

  • bmalloc/bmalloc.cpp:

(bmalloc::api::isEnabled):
We used getFastCase() for Heap. But it is basically wrong since we do not have any guarantee that someone already initializes
Heap when this is called. Previously, luckily, Cache is initialized, and Cache initialized Heap. But Cache initialization is removed
for system malloc mode and now PerProcess<PerHeapKind<Heap>>::getFastCase() returns nullptr at an early phase. This patch just uses
Environment::isDebugHeapEnabled() instead.

1:24 PM Changeset in webkit [241831] by Truitt Savell
  • 2 edits in trunk/LayoutTests

[ Mac WK2 ] REGRESSION (r239333) Flaky ASSERTION FAILED: m_uncommittedState.state == State::Committed on http/tests/cookies/same-site/fetch-after-top-level-navigation-from-cross-origin-page.html
https://bugs.webkit.org/show_bug.cgi?id=194225

Unreviewed test gardening.

Patch by Shawn Roberts <Shawn Roberts> on 2019-02-20

  • platform/mac-wk2/TestExpectations: Marking as flaky while waiting for fix to land
1:08 PM Changeset in webkit [241830] by Simon Fraser
  • 2 edits in trunk/Source/WebCore

REGRESSION (r241788>): ASSERTION FAILED: !m_normalFlowListDirty in TestWebKitAPI.WebKit.ResizeReversePaginatedWebView test
https://bugs.webkit.org/show_bug.cgi?id=194866

Reviewed by Antti Koivisto.

r241788 removed some calls that updated layer lists (normal flow and z-order) during compositing updates, causing
a later call to RenderLayerCompositor::recursiveRepaintLayer() to assert when the lists were dirty. Fix by updating
the lists in RenderLayerCompositor::recursiveRepaintLayer(), as we do in various other places.

  • rendering/RenderLayerCompositor.cpp:

(WebCore::RenderLayerCompositor::recursiveRepaintLayer):

12:27 PM Changeset in webkit [241829] by pvollan@apple.com
  • 2 edits in trunk/Source/WebKit

[iOS] Open sandbox for specific call.
https://bugs.webkit.org/show_bug.cgi?id=194860
<rdar://problem/48166729>

Reviewed by Brent Fulgham.

  • Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:
12:25 PM Changeset in webkit [241828] by dbates@webkit.org
  • 6 edits in trunk/Source/WebCore

[iOS] Tweak UI for focus rings
https://bugs.webkit.org/show_bug.cgi?id=194864
<rdar://problem/47831886>

Reviewed by Brent Fulgham.

Source/WebCore:

Make use of UIKit constants to make focus rings pretty.

  • platform/graphics/cocoa/GraphicsContextCocoa.mm:

(WebCore::drawFocusRingAtTime):

Source/WebCore/PAL:

Expose more SPI.

  • pal/ios/UIKitSoftLink.h:
  • pal/ios/UIKitSoftLink.mm:
  • pal/spi/ios/UIKitSPI.h:
11:56 AM Changeset in webkit [241827] by Truitt Savell
  • 2 edits in trunk/LayoutTests

[ Mac WK2 ] REGRESSION (r238519) Layout Test fast/repaint/placeholder-after-caps-lock-hidden.html is a flaky failure
https://bugs.webkit.org/show_bug.cgi?id=194170

Unreviewed test gardening.

Patch by Shawn Roberts <Shawn Roberts> on 2019-02-20

  • platform/mac-wk2/TestExpectations: Marking as flaky while waiting for fix to land
11:43 AM Changeset in webkit [241826] by achristensen@apple.com
  • 7 edits in trunk/Source/WebKit

Move API::HTTPCookieStore ownership from API::WebsiteDataStore to WebKit::WebsiteDataStore
https://bugs.webkit.org/show_bug.cgi?id=194842

Reviewed by Geoff Garen.

We need a way to get from WebKit::WebsiteDataStore to API::HTTPCookieStore. It can't be done before this.
This made an existing reference cycle easier to see, and we should fix it in a followup patch.

  • UIProcess/API/APIWebsiteDataStore.cpp:

(API::WebsiteDataStore::httpCookieStore):

  • UIProcess/API/APIWebsiteDataStore.h:
  • UIProcess/WebsiteData/WebsiteDataStore.cpp:

(WebKit::WebsiteDataStore::cookieStore):

  • UIProcess/WebsiteData/WebsiteDataStore.h:
11:28 AM Changeset in webkit [241825] by timothy@apple.com
  • 15 edits in trunk

RenderThemeIOS should use RenderTheme's color cache instead of its own.
https://bugs.webkit.org/show_bug.cgi?id=194822
rdar://problem/48208296

Reviewed by Tim Horton.

Source/WebCore:

Tested by fast/css/apple-system-colors.html.

  • css/CSSValueKeywords.in:
  • css/parser/CSSPropertyParser.cpp:

(WebCore::isAppleLegacyCssValueKeyword):

  • platform/graphics/Color.h:
  • platform/graphics/cg/ColorCG.cpp:

(WebCore::makeRGBAFromCGColor):
(WebCore::Color::Color):

  • rendering/RenderThemeIOS.h:
  • rendering/RenderThemeIOS.mm:

(WebCore::RenderThemeIOS::systemColor const):

  • rendering/RenderThemeMac.mm:

(WebCore::RenderThemeMac::systemColor const):

Source/WebCore/PAL:

  • pal/ios/UIKitSoftLink.h:
  • pal/ios/UIKitSoftLink.mm:
  • pal/spi/ios/UIKitSPI.h:

LayoutTests:

  • platform/ios/fast/css/apple-system-colors-expected.txt: Rebased for -apple-system-purple.
  • platform/win/fast/css/apple-system-colors-expected.txt: Rebased for invalid color now

that -apple-system colors are macOS and iOS only.

11:23 AM Changeset in webkit [241824] by commit-queue@webkit.org
  • 8 edits
    4 adds in trunk

Fix crash when opening Web Inspector after a WebSocket was blocked by content extensions
https://bugs.webkit.org/show_bug.cgi?id=194819

Patch by Loïc Yhuel <loic.yhuel@softathome.com> on 2019-02-20
Reviewed by Joseph Pecoraro.

Source/WebCore:

Test: http/tests/inspector/network/contentextensions/blocked-websocket-crash.html

  • Modules/websockets/WebSocketChannel.h:

(WebCore::WebSocketChannel::hasCreatedHandshake):

  • inspector/agents/page/PageNetworkAgent.cpp:

Ignore WebSocketChannel without an WebSocketHandshake, which would crash in InspectorNetworkAgent::enable.

LayoutTests:

  • TestExpectations: Skip the test by default, like http/tests/contentextensions
  • http/tests/inspector/network/contentextensions/blocked-websocket-crash-expected.txt: Added.
  • http/tests/inspector/network/contentextensions/blocked-websocket-crash.html: Added.
  • http/tests/inspector/network/contentextensions/blocked-websocket-crash.html.json: Added.
  • platform/gtk/TestExpectations: Unskip the test
  • platform/mac-wk2/TestExpectations: Ditto
  • platform/wpe/TestExpectations: Ditto
11:19 AM Changeset in webkit [241823] by Chris Dumez
  • 7 edits in trunk

Regression(PSON) Crash under WebKit::WebPageProxy::decidePolicyForNavigationActionSync
https://bugs.webkit.org/show_bug.cgi?id=194857
<rdar://problem/47759323>

Reviewed by Alex Christensen.

Source/WebKit:

The ProvisionalPageProxy was blindly forwarding the DecidePolicyForNavigationActionSync
synchronous IPC to the WebPageProxy, without passing it the process the IPC came from.
As a result, WebPageProxy::decidePolicyForNavigationActionSync() would try to look up
a WebFrameProxy using the provided frameID from the wrong process and we would end up
hitting a RELEASE_ASSERT().

  • UIProcess/ProvisionalPageProxy.cpp:

(WebKit::ProvisionalPageProxy::decidePolicyForNavigationActionSync):
(WebKit::ProvisionalPageProxy::didReceiveSyncMessage):

  • UIProcess/ProvisionalPageProxy.h:
  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::decidePolicyForNavigationActionSync):
(WebKit::WebPageProxy::decidePolicyForNavigationActionSyncShared):

  • UIProcess/WebPageProxy.h:

Tools:

Add API test coverage.

  • TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:
11:15 AM Changeset in webkit [241822] by Alan Bujtas
  • 6 edits in trunk/Source/WebCore

[LFC][Floats] Make FloatAvoider::resetPosition implicit
https://bugs.webkit.org/show_bug.cgi?id=194855

Reviewed by Antti Koivisto.

Let's compute the initial top/left position during c'tor time.
This is in preparation for fixing formatting root box placement in a float context.

  • layout/floats/FloatAvoider.cpp:

(WebCore::Layout::FloatAvoider::resetPosition): Deleted.

  • layout/floats/FloatAvoider.h:

(WebCore::Layout::FloatAvoider::displayBox):
(WebCore::Layout::FloatAvoider::initialVerticalPosition const): Deleted.

  • layout/floats/FloatBox.cpp:

(WebCore::Layout::FloatBox::FloatBox):
(WebCore::Layout::FloatBox::initialVerticalPosition const):

  • layout/floats/FloatBox.h:
  • layout/floats/FloatingContext.cpp:

(WebCore::Layout::FloatingContext::floatingPosition const):

10:34 AM Changeset in webkit [241821] by Chris Dumez
  • 5 edits in trunk/Tools

[WKTR] Avoid starting new NetworkProcesses unnecessarily when running the layout tests
https://bugs.webkit.org/show_bug.cgi?id=194829
<rdar://problem/47889906>

Reviewed by Alexey Proskuryakov.

Every time the TestOptions were changing we were creating both a new Web view and
a new WKContext, which would start a new Network process. In most cases, we only
need to contruct a new Web view and we do can keep reusing the same WKContext.
This patch implements this optimization and thus avoids spinning a lot of new
Network processes while running the layout tests.

  • WebKitTestRunner/TestController.cpp:

(WTR::TestController::generateContextConfiguration const):
(WTR::TestController::generatePageConfiguration):
(WTR::TestController::createWebViewWithOptions):
(WTR::TestController::resetPreferencesToConsistentValues):
(WTR::updateTestOptionsFromTestHeader):

  • WebKitTestRunner/TestController.h:
  • WebKitTestRunner/TestOptions.h:

(WTR::TestOptions::ContextOptions::hasSameInitializationOptions const):
(WTR::TestOptions::ContextOptions::shouldEnableProcessSwapOnNavigation const):
(WTR::TestOptions::hasSameInitializationOptions const):
(WTR::TestOptions::shouldEnableProcessSwapOnNavigation const): Deleted.

  • WebKitTestRunner/cocoa/TestControllerCocoa.mm:

(WTR::TestController::platformAddTestOptions const):

10:23 AM Changeset in webkit [241820] by don.olmstead@sony.com
  • 4 edits in trunk/Source

[MSVC] Fix compilation errors with lambdas in Service Workers
https://bugs.webkit.org/show_bug.cgi?id=194841

Reviewed by Alex Christensen.

Source/WebCore:

No new tests. No change in behavior.

MSVC has problems with the scoping of this within a nested lambda. In these cases this is
referring to the enclosing lambda according to MSVC. This patch works around this behavior
through by using the protectedThis pattern in WebKit code.

  • workers/service/server/RegistrationDatabase.cpp:

(WebCore::RegistrationDatabase::openSQLiteDatabase):

Source/WebKit:

  • WebProcess/Storage/ServiceWorkerClientFetch.cpp:

(WebKit::ServiceWorkerClientFetch::didReceiveRedirectResponse):

10:15 AM Changeset in webkit [241819] by commit-queue@webkit.org
  • 3 edits in trunk/LayoutTests

REGRESSION (r240727) [ Mac iOS ] Layout Test http/tests/workers/service/basic-register-exceptions.html is flaky
https://bugs.webkit.org/show_bug.cgi?id=194368

Unreviewed test gardening.

Patch by Shawn Roberts <Shawn Roberts> on 2019-02-20

  • platform/ios-simulator-wk2/TestExpectations: Updating test expectations while waiting for a fix
  • platform/mac-wk2/TestExpectations: ditto
10:05 AM Changeset in webkit [241818] by commit-queue@webkit.org
  • 7 edits in trunk/Source/bmalloc

Unreviewed, rolling out r241789.
https://bugs.webkit.org/show_bug.cgi?id=194856

GuardMalloc crashes (Requested by yusukesuzuki on #webkit).

Reverted changeset:

"[bmalloc] bmalloc::Cache should not be instantiated if we are
using system malloc"
https://bugs.webkit.org/show_bug.cgi?id=194811
https://trac.webkit.org/changeset/241789

9:11 AM Changeset in webkit [241817] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebKit

[GTK] Epiphany searching for plugins even if plugins are disabled
https://bugs.webkit.org/show_bug.cgi?id=194352

Patch by Carlos Garcia Campos <cgarcia@igalia.com> on 2019-02-20
Reviewed by Michael Catanzaro.

Check pluginsEnabled setting before trying to get plugins from UI process.

  • WebProcess/Plugins/WebPluginInfoProvider.cpp:

(WebKit::WebPluginInfoProvider::populatePluginCache):

6:34 AM Changeset in webkit [241816] by Carlos Garcia Campos
  • 7 edits in trunk/Source/WebKit

[WPE] Send client host fd and library name as web process creation parameters
https://bugs.webkit.org/show_bug.cgi?id=194494

Reviewed by Žan Doberšek.

Instead of using command line arguments. The code is simpler and we don't need wpe specific code in process
launcher glib implementation.

  • Shared/WebProcessCreationParameters.cpp:

(WebKit::WebProcessCreationParameters::encode const):
(WebKit::WebProcessCreationParameters::decode):

  • Shared/WebProcessCreationParameters.h:
  • UIProcess/Launcher/glib/ProcessLauncherGLib.cpp:

(WebKit::ProcessLauncher::launchProcess):

  • UIProcess/glib/WebProcessPoolGLib.cpp:

(WebKit::WebProcessPool::platformInitializeWebProcess):

  • WebProcess/glib/WebProcessGLib.cpp:

(WebKit::WebProcess::platformInitializeWebProcess):

  • WebProcess/wpe/WebProcessMainWPE.cpp:
5:10 AM Changeset in webkit [241815] by Carlos Garcia Campos
  • 1 copy in releases/WebKitGTK/webkit-2.23.91

WebKitGTK 2.23.91

5:09 AM Changeset in webkit [241814] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.24

Unreviewed. Update OptionsGTK.cmake and NEWS for 2.23.91 release

.:

  • Source/cmake/OptionsGTK.cmake: Bump version numbers

Source/WebKit:

  • gtk/NEWS: Add release notes for 2.23.91.
4:45 AM Changeset in webkit [241813] by Carlos Garcia Campos
  • 30 edits
    4 adds in releases/WebKitGTK/webkit-2.24

Merge r241790 - [WPE][GTK] Enable support for CONTENT_EXTENSIONS
https://bugs.webkit.org/show_bug.cgi?id=167941

Reviewed by Carlos Garcia Campos.

Source/WebCore:

  • platform/gtk/po/POTFILES.in: Added WebKitUserContentFilterStore.cpp

to the list of files with translatable strings.

Source/WebKit:

Adds new API to manage a collection of content extensions on disk (including compilation
of new ones) using WebKitUserContentFilterStore; the associated WebKitUserContentFilter
type (which represents a compiled content extension); and the functions needed to enable
and disable them for a given WebKitUserContentManager.

The WebKitUserContentFilterStore public API is expressed in abstract terms of "saving"
filters into the store (which involves compiling the JSON source rule set); and "loading"
them back as main operations. This way we do not disclose to users of the API any detail
about compilation, nor how contents are laid out on disk, and the documentation explicitly
tells about only using the provided functions to manipulate the on-disk contents. This
way we allow ourselves some leeway if the implementation needs changing in the future.

  • PlatformGTK.cmake: Added WebKitUserContentFilterStore.h to the list of public API headers.
  • PlatformWPE.cmake: Ditto.
  • SourcesGTK.txt: Added WebKitUserContentFilterStore.cpp
  • SourcesWPE.txt: Ditto.
  • UIProcess/API/glib/WebKitError.cpp: Add definition of webkit_user_content_filter_error_quark().
  • UIProcess/API/glib/WebKitUserContent.cpp: Added WebKitUserContentFilter.

(_WebKitUserContentFilter::_WebKitUserContentFilter):
(webkit_user_content_filter_ref):
(webkit_user_content_filter_unref):
(webkit_user_content_filter_get_identifier):
(webkitUserContentFilterCreate):
(webkitUserContentFilterGetContentRuleList):

  • UIProcess/API/glib/WebKitUserContentFilterStore.cpp: Added.

(toGError): Utility function to convert content extension error codes to GError.
(webkit_user_content_filter_store_class_init):
(webkit_user_content_filter_store_new):
(webkit_user_content_filter_store_get_path):
(webkitUserContentFilterStoreSaveBytes): Common function used as final step for all the
functions which save (compile) JSON rule sets into the store, to avoid duplicating code.
(webkit_user_content_filter_store_save):
(webkit_user_content_filter_store_save_finish):
(webkit_user_content_filter_store_save_from_file):
(webkit_user_content_filter_store_save_from_file_finish):
(webkit_user_content_filter_store_remove):
(webkit_user_content_filter_store_remove_finish):
(webkit_user_content_filter_store_load):
(webkit_user_content_filter_store_lookup_finish):
(webkit_user_content_filter_store_fetch_identifiers):
(webkit_user_content_filter_store_fetch_identifiers_finish):

  • UIProcess/API/glib/WebKitUserContentManager.cpp: Added definitions for the new API

functions to add and remove filters from an user content manager.
(webkit_user_content_manager_add_filter):
(webkit_user_content_manager_remove_filter):
(webkit_user_content_manager_remove_all_filters):

  • UIProcess/API/glib/WebKitUserContentPrivate.h: Added declarations for

webkitUserContentFilterCreate() and webkitUserContentFilterGetContentRuleList().

  • UIProcess/API/gtk/WebKitAutocleanups.h: Added autocleanups for WebKitUserContentFilter

and WebKitUserContentFilterStore.

  • UIProcess/API/gtk/WebKitError.h: Added declarations for WEBKIT_USER_CONTENT_FILTER_ERROR

plus the associated webkit_user_content_filter_error_quark() function and
WebKitUserContentFilterErrror enum.

  • UIProcess/API/gtk/WebKitUserContent.h: Added declarations for WebKitUserContentFilter

and its associated functions.

  • UIProcess/API/gtk/WebKitUserContentFilterStore.h: Added.
  • UIProcess/API/gtk/WebKitUserContentManager.h: Added declarations for the functions to

add and remove filters from the user content manager.

  • UIProcess/API/gtk/docs/webkit2gtk-4.0-sections.txt: Added new API functions and types to

be included in the documentation.

  • UIProcess/API/gtk/webkit2.h: Added inclusion of WebKitUserContentFilterStore.h
  • UIProcess/API/wpe/WebKitError.h: Same as for the GTK port header.
  • UIProcess/API/wpe/WebKitUserContent.h: Same as for the GTK port header.
  • UIProcess/API/wpe/WebKitUserContentFilterStore.h: Added.
  • UIProcess/API/wpe/WebKitUserContentManager.h: Same as for the GTK port header.
  • UIProcess/API/wpe/docs/wpe-0.1-sections.txt: Added new API functions and types to be

included in the documentation.

  • UIProcess/API/wpe/webkit.h: Added inclusion of WebKitUserContentFilterStore.h

Source/WTF:

Add specialization of the refGPtr() and derefGPtr() templates for GMappedFile.

  • wtf/glib/GRefPtr.cpp:

(WTF::refGPtr): Added.
(WTF::derefGPtr): Added.

  • wtf/glib/GRefPtr.h: Declare template specializations.

Tools:

  • MiniBrowser/gtk/main.c:

(filterSavedCallback): Added.
(main): Support loading a JSON rule set file for content filtering.

  • MiniBrowser/wpe/main.cpp:

(filterSavedCallback): Added.
(main): Support loading a JSON rule set file for content filtering.

  • TestWebKitAPI/Tests/WebKitGLib/TestWebKitUserContentFilterStore.cpp: Added.

(WTF::refGPtr): Added locally for WebKitUserContentFilter, as it would not be used anywhere else.
(WTF::derefGPtr): Ditto.
(testEmptyStore):
(testSaveInvalidFilter):
(testSaveLoadFilter):
(testSavedFilterIdentifierMatch):
(testRemoveFilter):
(testSaveMultipleFilters):
(testSaveFilterFromFile):
(testFilterPersistence):
(beforeAll):
(afterAll):

  • TestWebKitAPI/Tests/WebKitGLib/TestWebKitUserContentManager.cpp:

(removeOldInjectedContentAndResetLists): Also reset content filters.
(isCSSBlockedForURLAtPath): Added. Tests whether the test filter, which blocks a
CSS style sheet, has blocked the load of the CSS by looking at the resulting style of
the element affected by the style sheet.
(getUserContentFilter): Added. Stores the test filter in a WebKitUserContentFilterStore
and returns it to be used by tests.
(testUserContentManagerContentFilter): Added. Tests whether adding and removing a filter
from the WebKitUserContentManager results in the a CSS style sheet being blocked.
(serverCallback): Add support for serving a CSS style sheet for testing.
(beforeAll): Add call to testUserContentManagerContentFilter().

  • TestWebKitAPI/glib/CMakeLists.txt: Added TestWebKitUserContentFilterStore.
4:45 AM Changeset in webkit [241812] by Carlos Garcia Campos
  • 7 edits in releases/WebKitGTK/webkit-2.24/Source/bmalloc

Merge r241789 - [bmalloc] bmalloc::Cache should not be instantiated if we are using system malloc
https://bugs.webkit.org/show_bug.cgi?id=194811

Reviewed by Mark Lam.

bmalloc::Cache is very large. It is 13KB. Since it exists per HeapKind, it takes 40KB.
But this is meaningless if we are under the system malloc mode by using "Malloc=1". We
found that it continues using so much dirty memory region even under the system malloc mode.
This patch avoids instantiation of bmalloc::Cache under the system malloc mode.

  • bmalloc/Allocator.cpp:

(bmalloc::Allocator::Allocator):
(bmalloc::Allocator::tryAllocate):
(bmalloc::Allocator::allocateImpl):
(bmalloc::Allocator::reallocateImpl):
(bmalloc::Allocator::allocateSlowCase):
Allocator is a per Cache object. So we no longer need to keep m_debugHeap. If debug heap is enabled,
Allocator is never created.

  • bmalloc/Allocator.h:
  • bmalloc/Cache.cpp:

(bmalloc::debugHeap):
(bmalloc::Cache::Cache):
(bmalloc::Cache::tryAllocateSlowCaseNullCache):
(bmalloc::Cache::allocateSlowCaseNullCache):
(bmalloc::Cache::deallocateSlowCaseNullCache):
(bmalloc::Cache::tryReallocateSlowCaseNullCache):
(bmalloc::Cache::reallocateSlowCaseNullCache):

  • bmalloc/Cache.h:

(bmalloc::Cache::tryAllocate):
(bmalloc::Cache::tryReallocate):
If the debug heap mode is enabled, we keep Cache::getFast() returning nullptr. And in the slow path case, we use debugHeap.
This makes bmalloc fast path fast, while we avoid Cache instantiation.

  • bmalloc/Deallocator.cpp:

(bmalloc::Deallocator::Deallocator):
(bmalloc::Deallocator::scavenge):
(bmalloc::Deallocator::deallocateSlowCase):

  • bmalloc/Deallocator.h:

Ditto for Deallocator.

4:45 AM Changeset in webkit [241811] by Carlos Garcia Campos
  • 11 edits
    4 adds in releases/WebKitGTK/webkit-2.24

Merge r241788 - REGRESSION (r238090): Toggling visibility on the <html> element can result in a blank web view
https://bugs.webkit.org/show_bug.cgi?id=194827
rdar://problem/47620594

Reviewed by Antti Koivisto.

Source/WebCore:

Incremental compositing updates, added in rr238090, use repaints as a trigger for re-evaluating
layer configurations, since a repaint implies that a layer gains painted content. This is done
via the call to setNeedsCompositingConfigurationUpdate() in RenderLayerBacking::setContentsNeedDisplay{InRect}.
The RenderView's layer is opted out of this to avoid doing lots of redundant layer config recomputation
for the root. The configuration state that matters here is whether the layer contains painted content,
and therefore needs backing store; this is computed by RenderLayerBacking::isSimpleContainerCompositingLayer(),
and feeds into GraphicsLayer::drawsContent().

However, if <html> starts as "visibility:hidden" or "opacity:0", as some sites do to hide incremental loading,
then we'll fail to recompute 'drawsContent' for the root and leave the root with drawsContent=false, which
causes RenderLayerBacking::setContentsNeedDisplay{InRect} to short-circuit, and then we paint nothing.

Ironically, 'drawsContent' doesn't actually save any backing store for the root, since it has no affect on
the root tile caches; we always make tiles. So the simple fix here is to change RenderLayerBacking::isSimpleContainerCompositingLayer()
to always return false for the RenderView's layer (the root).

Testing this was tricky; ref testing doesn't work because we force repaint, and we normally skip
properties of the root in layer tree dumps to hide WK1/WK2 differences. Therefore I had to add
LAYER_TREE_INCLUDES_ROOT_LAYER_PROPERTIES and fix RenderLayerBacking::shouldDumpPropertyForLayer to
respect it.

Test: compositing/visibility/root-visibility-toggle.html

  • page/Frame.h:
  • platform/graphics/GraphicsLayer.cpp:

(WebCore::GraphicsLayer::dumpProperties const):

  • platform/graphics/GraphicsLayerClient.h:

(WebCore::GraphicsLayerClient::shouldDumpPropertyForLayer const):

  • rendering/RenderLayerBacking.cpp:

(WebCore::RenderLayerBacking::isSimpleContainerCompositingLayer const):
(WebCore::RenderLayerBacking::shouldDumpPropertyForLayer const):

  • rendering/RenderLayerBacking.h:
  • rendering/RenderLayerCompositor.cpp:

(WebCore::RenderLayerCompositor::layerTreeAsText):

  • testing/Internals.cpp:

(WebCore::toLayerTreeFlags):

  • testing/Internals.h:
  • testing/Internals.idl:

LayoutTests:

Test dumps layer tree with RenderLayerBacking::shouldDumpPropertyForLayer to show that the root has (drawsContent 1)

  • compositing/visibility/root-visibility-toggle-expected.txt: Added.
  • compositing/visibility/root-visibility-toggle.html: Added.
  • platform/mac-wk1/compositing/visibility/root-visibility-toggle-expected.txt: Added.
4:45 AM Changeset in webkit [241810] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.24/Source/JavaScriptCore

Merge r241783 - B3-O2 incorrectly optimizes this subtest
https://bugs.webkit.org/show_bug.cgi?id=194625

Reviewed by Saam Barati.

Trivial fix. Instead of doing

if (!cond) foo else bar => if (cond) bar else foo

B3LowerToAir was doing

if (xC) foo else bar => if (cond) bar else foo whenever C&1, even if C was for example 3.

  • b3/B3LowerToAir.cpp:
  • b3/testb3.cpp:

(JSC::B3::testBitNotOnBooleanAndBranch32):
(JSC::B3::testNotOnBooleanAndBranch32): Added.

4:45 AM Changeset in webkit [241809] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.24/Source/JavaScriptCore

Merge r241781 - CachedCall should not consider it UNLIKELY that it will not stack overflow
https://bugs.webkit.org/show_bug.cgi?id=194831

Reviewed by Mark Lam.

  • interpreter/CachedCall.h:

(JSC::CachedCall::CachedCall):

4:45 AM Changeset in webkit [241808] by Carlos Garcia Campos
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.24

Merge r241780 - REGRESSION(r240909): Release assertion in FrameLoader::loadPostRequest when opening new window
https://bugs.webkit.org/show_bug.cgi?id=194820

Reviewed by Geoffrey Garen.

Source/WebCore:

This release assertion was wrong. The invocation of PolicyChecker::checkNewWindowPolicy in FrameLoader
doesn’t require PolicyChecker's load type to be set in PolicyChecker because FrameLoader's
continueLoadAfterNewWindowPolicy invokes loadWithNavigationAction which sets the load type later,
and we don't rely on PolicyChecker's load type until then.

Fixed the crash by removing relese asserts before invoking checkNewWindowPolicy accordingly.

This patch reverts r241015 since it too was asserting that PolicyChecker's load type is set before
invoking checkNewWindowPolicy which is not the right assumption.

Test: fast/loader/navigate-with-post-to-new-target-after-back-forward-navigation.html

  • loader/FrameLoader.cpp:

(WebCore::FrameLoader::loadURL):
(WebCore::FrameLoader::load):
(WebCore::FrameLoader::loadPostRequest):

LayoutTests:

Added a regression test.

  • fast/loader/navigate-with-post-to-new-target-after-back-forward-navigation-expected.txt: Added.
  • fast/loader/navigate-with-post-to-new-target-after-back-forward-navigation.html: Added.
4:45 AM Changeset in webkit [241807] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.24/Source/WebKit

Merge r241777 - Remove assertion introduced in r229683
https://bugs.webkit.org/show_bug.cgi?id=194825
<rdar://problem/47628258>

Reviewed by Geoffrey Garen.

  • WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:

(WebKit::WebFrameLoaderClient::dispatchWillSubmitForm):
If we reach this code and the form's original Document's Frame has been destroyed,
we have already been told to submit the form so do so, just like we do if the WebPage
has been destroyed. This is a rare edge case having to do with the timing of Frame
destruction and decidePolicyForNavigationAction response, which unfortunately does not
reproduce with a test case unless the timing of IPC is just right.

4:44 AM Changeset in webkit [241806] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.24/Source/JavaScriptCore

Merge r241772 - Fix DFG doesGC() for TryGetById and ProfileType nodes.
https://bugs.webkit.org/show_bug.cgi?id=194821
<rdar://problem/48206690>

Reviewed by Saam Barati.

Fix doesGC() for the following nodes:

ProfileType:

calls operationProcessTypeProfilerLogDFG(), which can calculatedClassName(),
which can call JSString::tryGetValue(), which can resolve a rope.

TryGetById:

calls operationTryGetByIdOptimize(), which can startWatchingPropertyForReplacements()
on a structure, which can allocate StructureRareData.

  • dfg/DFGDoesGC.cpp:

(JSC::DFG::doesGC):

4:44 AM Changeset in webkit [241805] by Carlos Garcia Campos
  • 7 edits
    2 adds in releases/WebKitGTK/webkit-2.24/Source/JavaScriptCore

Merge r241769 - [JSC] Introduce JSNonDestructibleProxy for JavaScriptCore.framework's GlobalThis
https://bugs.webkit.org/show_bug.cgi?id=194799

Reviewed by Saam Barati.

JSProxy is destructible one because we have JSWindowProxy which has ref counted object.
However, JavaScriptCore.framework's JSProxy for GlobalThis does not need to be destructible.
This is important since we need to separate Heap subspaces between destructible and non-destructible objects.
If we can put more and more objects in non-destructible status, we can get rid of low-usage MarkedBlock.
This patch adds JSNonDestructibleProxy, which is not destructible JSProxy. While it inherits JSDestructibleObject,
we can make the subclass still non-destructible thanks to Subspace mechanism. This drops one more low-usage MarkedBlock.

  • CMakeLists.txt:
  • JavaScriptCore.xcodeproj/project.pbxproj:
  • Sources.txt:
  • runtime/JSGlobalObject.cpp:

(JSC::JSGlobalObject::resetPrototype):
(JSC::JSGlobalObject::finishCreation):

  • runtime/JSNonDestructibleProxy.cpp: Added.
  • runtime/JSNonDestructibleProxy.h: Added.

(JSC::JSNonDestructibleProxy::subspaceFor):
(JSC::JSNonDestructibleProxy::create):
(JSC::JSNonDestructibleProxy::createStructure):
(JSC::JSNonDestructibleProxy::JSNonDestructibleProxy):

  • runtime/JSProxy.h:

(JSC::JSProxy::JSProxy):

4:44 AM Changeset in webkit [241804] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.24/Source/JavaScriptCore

Merge r241768 - B3ReduceStrength::simplifyCFG() could do a lot more on each iteration
https://bugs.webkit.org/show_bug.cgi?id=194475

Reviewed by Saam Barati.

B3ReduceStrength::simplifyCFG() does three optimizations (which I will call A, B and C):

  • A makes any terminal that points to a block that is empty except for a jump point to that jump's target instead.
  • B transforms any branch or switch that points to a single block into a jump
  • C finds blocks ending with jumps, whose successor has a single predecessor, and inline that successor block in place of the jump

It currently is limited in the following way:

  • A and C can only fire once per block per iteration
  • B can create jumps that would trigger A, but they may not be seen until the next iteration

Both problems are mitigated by going through the blocks in post-order, so that when a block is optimized most of its successors have already been optimized.
In a sense it is the symmetric of the peephole optimizer that goes in pre-order so that when an instruction is optimized most of its children have already been optimized.

On JetStream2 it reduces the average number of iterations from 3.35 to 3.24.

  • b3/B3ReduceStrength.cpp:
4:44 AM Changeset in webkit [241803] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.24/Tools

Merge r241759 - pytest is not correctly auto-installed
https://bugs.webkit.org/show_bug.cgi?id=194707

Patch by Pablo Saavedra <Pablo Saavedra> on 2019-02-19
Reviewed by Carlos Garcia Campos.

  • Scripts/webkitpy/thirdparty/init.py:

(AutoinstallImportHook._install_pytest):

4:44 AM Changeset in webkit [241802] by Carlos Garcia Campos
  • 5 edits in releases/WebKitGTK/webkit-2.24/Source/JavaScriptCore

Merge r241758 - Move bytecode cache-related filesystem code out of CodeCache
https://bugs.webkit.org/show_bug.cgi?id=194675

Reviewed by Saam Barati.

The code is only used for the bytecode-cache tests, so it should live in
jsc.cpp rather than in the CodeCache. The logic now lives in ShellSourceProvider,
which overrides the a virtual method in SourceProvider, cacheBytecode,
in order to write the cache to disk.

  • jsc.cpp:

(ShellSourceProvider::create):
(ShellSourceProvider::~ShellSourceProvider):
(ShellSourceProvider::cachePath const):
(ShellSourceProvider::loadBytecode):
(ShellSourceProvider::ShellSourceProvider):
(jscSource):
(GlobalObject::moduleLoaderFetch):
(functionDollarEvalScript):
(runWithOptions):

  • parser/SourceProvider.h:

(JSC::SourceProvider::cacheBytecode const):

  • runtime/CodeCache.cpp:

(JSC::writeCodeBlock):

  • runtime/CodeCache.h:

(JSC::CodeCacheMap::fetchFromDiskImpl):

4:44 AM Changeset in webkit [241801] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.24

Merge r241756 - [ARM] Fix crash with sampling profiler
https://bugs.webkit.org/show_bug.cgi?id=194772

Reviewed by Mark Lam.

JSTests:

Do not skip test since crash with sampling profiler is now fixed.

  • stress/sampling-profiler-richards.js:

Source/JavaScriptCore:

sampling-profiler-richards.js was crashing with an enabled sampling profiler. add32
did not update the stack pointer in a single instruction. The src register was first
moved into the stack pointer, the immediate imm was added in a subsequent instruction.

This was problematic when a signal handler was invoked before applying the immediate,
when the stack pointer is still set to the temporary value. Avoid this by calculating src+imm in
a temporary register and then move it in one go into the stack pointer.

  • assembler/MacroAssemblerARMv7.h:

(JSC::MacroAssemblerARMv7::add32):

4:44 AM Changeset in webkit [241800] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.24/Source/JavaScriptCore

Merge r241753 - Fix DFG doesGC() for CompareEq/Less/LessEq/Greater/GreaterEq and CompareStrictEq nodes.
https://bugs.webkit.org/show_bug.cgi?id=194800
<rdar://problem/48183773>

Reviewed by Yusuke Suzuki.

Fix doesGC() for the following nodes:

CompareEq:
CompareLess:
CompareLessEq:
CompareGreater:
CompareGreaterEq:
CompareStrictEq:

Only return false (i.e. does not GC) for child node use kinds that have
been vetted to not do anything that can GC. For all other use kinds
(including StringUse and BigIntUse), we return true (i.e. does GC).

  • dfg/DFGDoesGC.cpp:

(JSC::DFG::doesGC):

4:44 AM Changeset in webkit [241799] by Carlos Garcia Campos
  • 47 edits
    1 copy
    1 add in releases/WebKitGTK/webkit-2.24/Source

Merge r241751 - Continue reducing use of String::format, now focusing on hex: "%p", "%x", etc.
https://bugs.webkit.org/show_bug.cgi?id=194752

Reviewed by Daniel Bates.

Source/JavaScriptCore:

  • heap/HeapSnapshotBuilder.cpp:

(JSC::HeapSnapshotBuilder::json): Added back the "0x" that was removed when changing
this file to use appendUnsignedAsHex instead of "%p". The intent at that time was to
keep behavior the same, so let's do that.

  • parser/Lexer.cpp:

(JSC::Lexer<T>::invalidCharacterMessage const): Use makeString and hex instead of
String::format and "%04x".

Source/WebCore:

  • Modules/websockets/WebSocket.cpp: Added an include of HexNumber.h. This previously

got included because of Logger.h, but that no longer pulls in HexNumber.h.

  • css/CSSMarkup.cpp: Removed unneeded include of StringBuffer.h.
  • css/CSSPrimitiveValue.cpp: Ditto.
  • css/CSSUnicodeRangeValue.cpp:

(WebCore::CSSUnicodeRangeValue::customCSSText const): Use makeString and hex instead
of String::format and "%x".

  • html/HTMLMediaElement.h:

(WTF::ValueToString<WebCore::TextTrackCue::string): Use a non-template function,
TextTrackCure::debugString, so we don't need to use HextNumber.h in a header.

  • html/canvas/WebGLRenderingContextBase.cpp:

(GetErrorString): Use makeString and hex instead of String::format and "%04x".

  • html/track/TextTrackCue.cpp:

(WebCore::TextTrackCue::debugString const): Added. Moved string conversion here
from HTMLMediaElement.h and use makeString instead of String::format. Also use
the word "debug" to make it clear that it's not OK to use this string, with a
pointer value serialized into it, outside of debugging.

  • html/track/TextTrackCue.h: Added TextTrackCue::debugString.
  • page/linux/ResourceUsageOverlayLinux.cpp:

(WebCore::formatByteNumber): Use makeString and FormattedNumber::fixedWidth
instead of String::format and "%.1f" etc.

  • platform/cocoa/KeyEventCocoa.mm:

(WebCore::keyIdentifierForCharCode): Use the new hex function here instead of
the old code that did each of the four characters explicitly.

  • platform/gamepad/mac/HIDGamepad.cpp:

(WebCore::HIDGamepad::HIDGamepad): Use makeString instead of String::format.

  • platform/graphics/Color.cpp:

(WebCore::Color::nameForRenderTreeAsText const): Use hex instead of doing each
digit separately.

  • platform/graphics/FloatPolygon.cpp:

(WebCore::FloatPolygonEdge::debugString const): Added. Moved string conversion here
from the header and use makeString instead of String::format. Also use
the word "debug" to make it clear that it's not OK to use this string, with a
pointer value serialized into it, outside of debugging.

  • platform/graphics/FloatPolygon.h: Updated for the above.
  • platform/graphics/ca/GraphicsLayerCA.cpp:

(WebCore::GraphicsLayerCA::setName): Use makeString instead of String::format.
(WebCore::GraphicsLayerCA::recursiveCommitChanges): DItto.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

(WebCore::MediaPlayerPrivateGStreamer::load): Ditto.
(WebCore::MediaPlayerPrivateGStreamer::createGSTPlayBin): Ditto.

  • platform/gtk/PlatformKeyboardEventGtk.cpp:

(WebCore::PlatformKeyboardEvent::keyIdentifierForGdkKeyCode): Ditto.

  • platform/libwpe/PlatformKeyboardEventLibWPE.cpp:

(WebCore::PlatformKeyboardEvent::keyIdentifierForWPEKeyCode): Ditto.

  • platform/mediastream/libwebrtc/GStreamerVideoEncoderFactory.cpp:

(WebCore::GStreamerVideoEncoder::makeElement): Ditto.
(WebCore::GStreamerVideoEncoder::InitEncode): Ditto.

  • platform/text/TextCodecLatin1.cpp: Removed unneeded include of StringBuffer.h

and "using namespace WTF".

  • platform/win/GDIObjectCounter.cpp:

(WebCore::GDIObjectCounter::GDIObjectCounter): Use makeString instead of String::format.

  • platform/win/KeyEventWin.cpp:

(WebCore::keyIdentifierForWindowsKeyCode): Ditto.

  • rendering/FloatingObjects.cpp:

(WebCore::FloatingObject::debugString const): Added. Moved string conversion here
from the header and use makeString instead of String::format. Also use
the word "debug" to make it clear that it's not OK to use this string, with a
pointer value serialized into it, outside of debugging.

  • rendering/FloatingObjects.h: Updated for the above.
  • rendering/RenderFragmentContainer.cpp:

(WebCore::RenderFragmentContainer::debugString const): Added. Moved string
conversion here from the header and use makeString instead of String::format.
Also use the word "debug" to make it clear that it's not OK to use this string,
with a pointer value serialized into it, outside of debugging.

  • rendering/RenderFragmentContainer.h: Updated for the above.
  • rendering/RenderFragmentedFlow.h: Ditto.
  • testing/Internals.cpp:

(WebCore::Internals::address): Use makeString instead of String::format.

Source/WebCore/PAL:

  • pal/FileSizeFormatter.cpp:

(fileSizeDescription): Use makeString instead of String::format.

Source/WebKit:

  • Platform/IPC/win/ConnectionWin.cpp:

(IPC::Connection::createServerAndClientIdentifiers): Use makeString instead of
String::format.

  • Shared/win/WebEventFactory.cpp:

(WebKit::keyIdentifierFromEvent): Ditto.

  • UIProcess/API/APINavigation.cpp:

(API::Navigation::loggingString const): Use hex instead of String::format.

  • UIProcess/SuspendedPageProxy.cpp:

(WebKit::SuspendedPageProxy::loggingString const): Ditto.

  • UIProcess/WebBackForwardList.cpp:

(WebKit::WebBackForwardList::loggingString): Added a "0x".

  • UIProcess/gtk/InputMethodFilter.cpp:

(WebKit::InputMethodFilter::logHandleKeyboardEventForTesting): Use makeString and hex
instead of String::format and "%x".
(WebKit::InputMethodFilter::logHandleKeyboardEventWithCompositionResultsForTesting):
Ditto.

Source/WTF:

  • WTF.xcodeproj/project.pbxproj: Added HexNumber.cpp and Logger.cpp.
  • wtf/CMakeLists.txt: Ditto.
  • wtf/HexNumber.cpp: Added.

(WTF::Internal::appendHex): Non-inline, non-template hex formatting logic.

  • wtf/HexNumber.h:

(WTF::Internal::appendHex): Refactored main logic of appendUnsignedAsHex and
appendUnsignedAsHexFixedSize so they can be reused in a function named hex for
use with StringTypeAdapter.
(WTF::appendUnsignedAsHex): Ditto.
(WTF::appendUnsignedAsHexFixedSize): Ditto.
(WTF::hex): Added.
(WTF::StringTypeAdapter<HexNumberBuffer>): Added.

  • wtf/Logger.cpp: Added.

(WTF::Logger::LogSiteIdentifier::toString const): Made this a non-template
function and moved it here so that we don't need to include HexNumber.h
in Logger.h. Since HexNumber.h has substantial code in it, it's good if we
don't include it in any other headers.

  • wtf/Logger.h:

(WTF::LogArgument<Logger::LogSiteIdentifier>::toString): Changed to call
a non-template function, LogSiteIdentifier::toString.

  • wtf/text/StringConcatenateNumbers.h: Replaced overloaded writeTo functions

with function templates and used StringImpl::copyCharacters instead of
hand-written loops.

4:43 AM Changeset in webkit [241798] by Carlos Garcia Campos
  • 4 edits
    2 adds in releases/WebKitGTK/webkit-2.24

Merge r241746 - [css-grid] Handle indefinite percentages in fit-content()
https://bugs.webkit.org/show_bug.cgi?id=194509

Patch by Oriol Brufau <Oriol Brufau> on 2019-02-18
Reviewed by Javier Fernandez.

LayoutTests/imported/w3c:

Import WPT test.

  • web-platform-tests/css/css-grid/layout-algorithm/grid-fit-content-percentage-expected.txt: Added.
  • web-platform-tests/css/css-grid/layout-algorithm/grid-fit-content-percentage.html: Added.
  • web-platform-tests/css/css-grid/layout-algorithm/w3c-import.log:

Source/WebCore:

Test: imported/w3c/web-platform-tests/css/css-grid/layout-algorithm/grid-fit-content-percentage.html

If the size of the grid container depends on the size of its tracks,
a percentage in fit-content() is indefinite. Without this patch, some
places treated this case as fit-content(0), which prevented the grid
container from growing enough to contain the max-content contribution
of its grid items.

This patch treats such fit-content() as minmax(auto, max-content),
but once the size of the grid container is known and it is laid out
"for real", then the percentage is definite and it's used.

  • rendering/GridTrackSizingAlgorithm.cpp:

(WebCore::GridTrackSizingAlgorithm::gridTrackSize const):
(WebCore::GridTrackSizingAlgorithm::initializeTrackSizes):

4:43 AM Changeset in webkit [241797] by Carlos Garcia Campos
  • 6 edits
    3 adds in releases/WebKitGTK/webkit-2.24

Merge r241743 - Check the existence of the frame in Document::hasFrameSpecificStorageAccess() and Document::setHasFrameSpecificStorageAccess()
https://bugs.webkit.org/show_bug.cgi?id=194777
<rdar://problem/47731945>

Reviewed by Geoffrey Garen and Chris Dumez.

Source/WebCore:

Test: http/tests/storageAccess/remove-requesting-iframe.html

  • dom/Document.cpp:

(WebCore::Document::hasFrameSpecificStorageAccess const):

Now checks for the existence of the frame.

(WebCore::Document::setHasFrameSpecificStorageAccess):

Now checks for the existence of the frame.

  • loader/ResourceLoadObserver.cpp:

(WebCore::ResourceLoadObserver::logUserInteractionWithReducedTimeResolution):

Now checks that the session ID is valid.

Source/WebKit:

  • NetworkProcess/NetworkConnectionToWebProcess.cpp:

(WebKit::NetworkConnectionToWebProcess::logUserInteraction):

Now returns early if the incoming session ID is invalid.
Added an ASSERT to help us find other call sites passing invalid session IDs.

LayoutTests:

  • http/tests/storageAccess/remove-requesting-iframe-expected.txt: Added.
  • http/tests/storageAccess/remove-requesting-iframe.html: Added.
  • http/tests/storageAccess/resources/request-storage-access-and-immediately-postmessage-iframe.html: Added.
4:43 AM Changeset in webkit [241796] by Carlos Garcia Campos
  • 5 edits
    1 add in releases/WebKitGTK/webkit-2.24

Merge r241741 - [JSC] Add LazyClassStructure::getInitializedOnMainThread
https://bugs.webkit.org/show_bug.cgi?id=194784
<rdar://problem/48154820>

Reviewed by Mark Lam.

JSTests:

  • stress/lazy-initialization-done-a-priori-if-jit-enabled.js: Added.

(getProperties):
(getRandomProperty):
(i.catch):

Source/JavaScriptCore:

LazyClassStructure::get and LazyProperty::get functions do not allow compiler threads to call them. But for booleanPrototype, numberPrototype and symbolPrototype cases,
we would like to call them from compiler threads. We eagerly initialize them if VM::canUseJIT() is true, so that compiler threads can safely call LazyClassStructure::get
and LazyProperty::get for booleanPrototype, numberPrototype and symbolPrototype. But still assertion hits because the assertion requires that these functions need to be
called in non compiler threads. Calling getConcurrently() is not possible since symbolPrototype() function is called from both the main thread and compiler threads,
and we would like to lazily initialize SymbolPrototype object if it is called from the main thread, which can happen with non-JIT configuration.

This patch adds getInitializedOnMainThread(). Compiler threads can call it only when we know that the value is already initialized on the main thread. The main thread
can call it at anytime and this function lazily initializes the value. This is useful to make some of prototypes lazy with non-JIT configuration: With non-JIT configuration,
this function is always called from the main thread and it initializes the value lazily. Non-JIT configuration does not care about compiler threads since they do not exist.
With JIT configuration, we eagerly initialize them in JSGlobalObject::init so that getInitializedOnMainThread() always succeeds.

Basically, getInitializedOnMainThread() is get with different assertion location: While get always crashes if it is called from compiler threads, getInitializedOnMainThread()
crashes only when actual initialization happens on compiler threads. We do not merge them since get is still useful to find accidental initialization from compiler threads.

  • runtime/JSGlobalObject.h:

(JSC::JSGlobalObject::booleanPrototype const):
(JSC::JSGlobalObject::numberPrototype const):
(JSC::JSGlobalObject::symbolPrototype const):

  • runtime/LazyClassStructure.h:

(JSC::LazyClassStructure::getInitializedOnMainThread const):
(JSC::LazyClassStructure::prototypeInitializedOnMainThread const):
(JSC::LazyClassStructure::constructorInitializedOnMainThread const):

  • runtime/LazyProperty.h:

(JSC::LazyProperty::get const):
(JSC::LazyProperty::getInitializedOnMainThread const):

4:43 AM Changeset in webkit [241795] by Carlos Garcia Campos
  • 7 edits
    1 add in releases/WebKitGTK/webkit-2.24

Merge r241733 - Bytecode cache should a have a boot-specific validation
https://bugs.webkit.org/show_bug.cgi?id=194769
<rdar://problem/48149509>

Reviewed by Keith Miller.

Source/JavaScriptCore:

Add the boot UUID to the cached bytecode to enforce that it is not reused
across reboots.

  • runtime/CachedTypes.cpp:

(JSC::Encoder::malloc):
(JSC::GenericCacheEntry::GenericCacheEntry):
(JSC::GenericCacheEntry::tag const):
(JSC::CacheEntry::CacheEntry):
(JSC::CacheEntry::decode const):
(JSC::GenericCacheEntry::decode const):
(JSC::encodeCodeBlock):

Source/WTF:

Add helper to get kern.bootsessionuuid from sysctl

  • wtf/UUID.cpp:

(WTF::bootSessionUUIDString):

  • wtf/UUID.h:

Tools:

Add test for WTF::bootSessionUUIDString()

  • TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
  • TestWebKitAPI/Tests/WTF/UUID.cpp: Added.

(TEST):

4:43 AM Changeset in webkit [241794] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.24/Source/WebInspectorUI

Merge r241732 - Web Inspector: duplicate left double quotation mark (\u201C) in 'Unable to show certificate for “%s“.'
https://bugs.webkit.org/show_bug.cgi?id=194782
<rdar://problem/48159683>

Reviewed by Joseph Pecoraro.

  • UserInterface/Models/Resource.js:

(WI.Resource.prototype.async showCertificate):

  • Localizations/en.lproj/localizedStrings.js:
4:43 AM Changeset in webkit [241793] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.24/JSTests

Merge r241662 - [ARM] Test gardening: Test running out of executable memory
https://bugs.webkit.org/show_bug.cgi?id=194771

Unreviewed. Do not run test without LLInt, test is running out of executable
memory on ARM otherwise.

  • stress/tagged-template-object-collect.js:
4:43 AM Changeset in webkit [241792] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.24/JSTests

Merge r241661 - Unreviewed, skip the test on platforms without sampling profiler

  • stress/sampling-profiler-stack-trace-with-double-quote-in-function-name.js:

(platformSupportsSamplingProfiler.foo):
(platformSupportsSamplingProfiler.test):
(platformSupportsSamplingProfiler):
(foo): Deleted.
(test): Deleted.

4:43 AM Changeset in webkit [241791] by Carlos Garcia Campos
  • 17 edits in releases/WebKitGTK/webkit-2.24/Source/JavaScriptCore

Merge r241649 - [JSC] JSWrapperObject should not be destructible
https://bugs.webkit.org/show_bug.cgi?id=194743

Reviewed by Saam Barati.

JSWrapperObject should be just a wrapper object for JSValue, thus, it should not be a JSDestructibleObject.
Currently it is destructible object because DateInstance uses it. This patch changes Base of DateInstance from
JSWrapperObject to JSDestructibleObject, and makes JSWrapperObject non-destructible.

  • runtime/BigIntObject.cpp:

(JSC::BigIntObject::BigIntObject):

  • runtime/BooleanConstructor.cpp:

(JSC::BooleanConstructor::finishCreation):

  • runtime/BooleanObject.cpp:

(JSC::BooleanObject::BooleanObject):

  • runtime/BooleanObject.h:
  • runtime/DateInstance.cpp:

(JSC::DateInstance::DateInstance):
(JSC::DateInstance::finishCreation):

  • runtime/DateInstance.h:
  • runtime/DatePrototype.cpp:

(JSC::dateProtoFuncGetTime):
(JSC::dateProtoFuncSetTime):
(JSC::setNewValueFromTimeArgs):
(JSC::setNewValueFromDateArgs):
(JSC::dateProtoFuncSetYear):

  • runtime/JSCPoison.h:
  • runtime/JSWrapperObject.h:

(JSC::JSWrapperObject::JSWrapperObject):

  • runtime/NumberObject.cpp:

(JSC::NumberObject::NumberObject):

  • runtime/NumberObject.h:
  • runtime/StringConstructor.cpp:

(JSC::StringConstructor::finishCreation):

  • runtime/StringObject.cpp:

(JSC::StringObject::StringObject):

  • runtime/StringObject.h:

(JSC::StringObject::internalValue const):

  • runtime/SymbolObject.cpp:

(JSC::SymbolObject::SymbolObject):

  • runtime/SymbolObject.h:
2:16 AM Changeset in webkit [241790] by Adrian Perez de Castro
  • 30 edits
    4 adds in trunk

[WPE][GTK] Enable support for CONTENT_EXTENSIONS
https://bugs.webkit.org/show_bug.cgi?id=167941

Reviewed by Carlos Garcia Campos.

Source/WebCore:

  • platform/gtk/po/POTFILES.in: Added WebKitUserContentFilterStore.cpp

to the list of files with translatable strings.

Source/WebKit:

Adds new API to manage a collection of content extensions on disk (including compilation
of new ones) using WebKitUserContentFilterStore; the associated WebKitUserContentFilter
type (which represents a compiled content extension); and the functions needed to enable
and disable them for a given WebKitUserContentManager.

The WebKitUserContentFilterStore public API is expressed in abstract terms of "saving"
filters into the store (which involves compiling the JSON source rule set); and "loading"
them back as main operations. This way we do not disclose to users of the API any detail
about compilation, nor how contents are laid out on disk, and the documentation explicitly
tells about only using the provided functions to manipulate the on-disk contents. This
way we allow ourselves some leeway if the implementation needs changing in the future.

  • PlatformGTK.cmake: Added WebKitUserContentFilterStore.h to the list of public API headers.
  • PlatformWPE.cmake: Ditto.
  • SourcesGTK.txt: Added WebKitUserContentFilterStore.cpp
  • SourcesWPE.txt: Ditto.
  • UIProcess/API/glib/WebKitError.cpp: Add definition of webkit_user_content_filter_error_quark().
  • UIProcess/API/glib/WebKitUserContent.cpp: Added WebKitUserContentFilter.

(_WebKitUserContentFilter::_WebKitUserContentFilter):
(webkit_user_content_filter_ref):
(webkit_user_content_filter_unref):
(webkit_user_content_filter_get_identifier):
(webkitUserContentFilterCreate):
(webkitUserContentFilterGetContentRuleList):

  • UIProcess/API/glib/WebKitUserContentFilterStore.cpp: Added.

(toGError): Utility function to convert content extension error codes to GError.
(webkit_user_content_filter_store_class_init):
(webkit_user_content_filter_store_new):
(webkit_user_content_filter_store_get_path):
(webkitUserContentFilterStoreSaveBytes): Common function used as final step for all the
functions which save (compile) JSON rule sets into the store, to avoid duplicating code.
(webkit_user_content_filter_store_save):
(webkit_user_content_filter_store_save_finish):
(webkit_user_content_filter_store_save_from_file):
(webkit_user_content_filter_store_save_from_file_finish):
(webkit_user_content_filter_store_remove):
(webkit_user_content_filter_store_remove_finish):
(webkit_user_content_filter_store_load):
(webkit_user_content_filter_store_lookup_finish):
(webkit_user_content_filter_store_fetch_identifiers):
(webkit_user_content_filter_store_fetch_identifiers_finish):

  • UIProcess/API/glib/WebKitUserContentManager.cpp: Added definitions for the new API

functions to add and remove filters from an user content manager.
(webkit_user_content_manager_add_filter):
(webkit_user_content_manager_remove_filter):
(webkit_user_content_manager_remove_all_filters):

  • UIProcess/API/glib/WebKitUserContentPrivate.h: Added declarations for

webkitUserContentFilterCreate() and webkitUserContentFilterGetContentRuleList().

  • UIProcess/API/gtk/WebKitAutocleanups.h: Added autocleanups for WebKitUserContentFilter

and WebKitUserContentFilterStore.

  • UIProcess/API/gtk/WebKitError.h: Added declarations for WEBKIT_USER_CONTENT_FILTER_ERROR

plus the associated webkit_user_content_filter_error_quark() function and
WebKitUserContentFilterErrror enum.

  • UIProcess/API/gtk/WebKitUserContent.h: Added declarations for WebKitUserContentFilter

and its associated functions.

  • UIProcess/API/gtk/WebKitUserContentFilterStore.h: Added.
  • UIProcess/API/gtk/WebKitUserContentManager.h: Added declarations for the functions to

add and remove filters from the user content manager.

  • UIProcess/API/gtk/docs/webkit2gtk-4.0-sections.txt: Added new API functions and types to

be included in the documentation.

  • UIProcess/API/gtk/webkit2.h: Added inclusion of WebKitUserContentFilterStore.h
  • UIProcess/API/wpe/WebKitError.h: Same as for the GTK port header.
  • UIProcess/API/wpe/WebKitUserContent.h: Same as for the GTK port header.
  • UIProcess/API/wpe/WebKitUserContentFilterStore.h: Added.
  • UIProcess/API/wpe/WebKitUserContentManager.h: Same as for the GTK port header.
  • UIProcess/API/wpe/docs/wpe-0.1-sections.txt: Added new API functions and types to be

included in the documentation.

  • UIProcess/API/wpe/webkit.h: Added inclusion of WebKitUserContentFilterStore.h

Source/WTF:

Add specialization of the refGPtr() and derefGPtr() templates for GMappedFile.

  • wtf/glib/GRefPtr.cpp:

(WTF::refGPtr): Added.
(WTF::derefGPtr): Added.

  • wtf/glib/GRefPtr.h: Declare template specializations.

Tools:

  • MiniBrowser/gtk/main.c:

(filterSavedCallback): Added.
(main): Support loading a JSON rule set file for content filtering.

  • MiniBrowser/wpe/main.cpp:

(filterSavedCallback): Added.
(main): Support loading a JSON rule set file for content filtering.

  • TestWebKitAPI/Tests/WebKitGLib/TestWebKitUserContentFilterStore.cpp: Added.

(WTF::refGPtr): Added locally for WebKitUserContentFilter, as it would not be used anywhere else.
(WTF::derefGPtr): Ditto.
(testEmptyStore):
(testSaveInvalidFilter):
(testSaveLoadFilter):
(testSavedFilterIdentifierMatch):
(testRemoveFilter):
(testSaveMultipleFilters):
(testSaveFilterFromFile):
(testFilterPersistence):
(beforeAll):
(afterAll):

  • TestWebKitAPI/Tests/WebKitGLib/TestWebKitUserContentManager.cpp:

(removeOldInjectedContentAndResetLists): Also reset content filters.
(isCSSBlockedForURLAtPath): Added. Tests whether the test filter, which blocks a
CSS style sheet, has blocked the load of the CSS by looking at the resulting style of
the element affected by the style sheet.
(getUserContentFilter): Added. Stores the test filter in a WebKitUserContentFilterStore
and returns it to be used by tests.
(testUserContentManagerContentFilter): Added. Tests whether adding and removing a filter
from the WebKitUserContentManager results in the a CSS style sheet being blocked.
(serverCallback): Add support for serving a CSS style sheet for testing.
(beforeAll): Add call to testUserContentManagerContentFilter().

  • TestWebKitAPI/glib/CMakeLists.txt: Added TestWebKitUserContentFilterStore.

Feb 19, 2019:

5:51 PM Changeset in webkit [241789] by ysuzuki@apple.com
  • 7 edits in trunk/Source/bmalloc

[bmalloc] bmalloc::Cache should not be instantiated if we are using system malloc
https://bugs.webkit.org/show_bug.cgi?id=194811

Reviewed by Mark Lam.

bmalloc::Cache is very large. It is 13KB. Since it exists per HeapKind, it takes 40KB.
But this is meaningless if we are under the system malloc mode by using "Malloc=1". We
found that it continues using so much dirty memory region even under the system malloc mode.
This patch avoids instantiation of bmalloc::Cache under the system malloc mode.

  • bmalloc/Allocator.cpp:

(bmalloc::Allocator::Allocator):
(bmalloc::Allocator::tryAllocate):
(bmalloc::Allocator::allocateImpl):
(bmalloc::Allocator::reallocateImpl):
(bmalloc::Allocator::allocateSlowCase):
Allocator is a per Cache object. So we no longer need to keep m_debugHeap. If debug heap is enabled,
Allocator is never created.

  • bmalloc/Allocator.h:
  • bmalloc/Cache.cpp:

(bmalloc::debugHeap):
(bmalloc::Cache::Cache):
(bmalloc::Cache::tryAllocateSlowCaseNullCache):
(bmalloc::Cache::allocateSlowCaseNullCache):
(bmalloc::Cache::deallocateSlowCaseNullCache):
(bmalloc::Cache::tryReallocateSlowCaseNullCache):
(bmalloc::Cache::reallocateSlowCaseNullCache):

  • bmalloc/Cache.h:

(bmalloc::Cache::tryAllocate):
(bmalloc::Cache::tryReallocate):
If the debug heap mode is enabled, we keep Cache::getFast() returning nullptr. And in the slow path case, we use debugHeap.
This makes bmalloc fast path fast, while we avoid Cache instantiation.

  • bmalloc/Deallocator.cpp:

(bmalloc::Deallocator::Deallocator):
(bmalloc::Deallocator::scavenge):
(bmalloc::Deallocator::deallocateSlowCase):

  • bmalloc/Deallocator.h:

Ditto for Deallocator.

5:39 PM Changeset in webkit [241788] by Simon Fraser
  • 11 edits
    4 adds in trunk

REGRESSION (r238090): Toggling visibility on the <html> element can result in a blank web view
https://bugs.webkit.org/show_bug.cgi?id=194827
rdar://problem/47620594

Reviewed by Antti Koivisto.

Source/WebCore:

Incremental compositing updates, added in rr238090, use repaints as a trigger for re-evaluating
layer configurations, since a repaint implies that a layer gains painted content. This is done
via the call to setNeedsCompositingConfigurationUpdate() in RenderLayerBacking::setContentsNeedDisplay{InRect}.
The RenderView's layer is opted out of this to avoid doing lots of redundant layer config recomputation
for the root. The configuration state that matters here is whether the layer contains painted content,
and therefore needs backing store; this is computed by RenderLayerBacking::isSimpleContainerCompositingLayer(),
and feeds into GraphicsLayer::drawsContent().

However, if <html> starts as "visibility:hidden" or "opacity:0", as some sites do to hide incremental loading,
then we'll fail to recompute 'drawsContent' for the root and leave the root with drawsContent=false, which
causes RenderLayerBacking::setContentsNeedDisplay{InRect} to short-circuit, and then we paint nothing.

Ironically, 'drawsContent' doesn't actually save any backing store for the root, since it has no affect on
the root tile caches; we always make tiles. So the simple fix here is to change RenderLayerBacking::isSimpleContainerCompositingLayer()
to always return false for the RenderView's layer (the root).

Testing this was tricky; ref testing doesn't work because we force repaint, and we normally skip
properties of the root in layer tree dumps to hide WK1/WK2 differences. Therefore I had to add
LAYER_TREE_INCLUDES_ROOT_LAYER_PROPERTIES and fix RenderLayerBacking::shouldDumpPropertyForLayer to
respect it.

Test: compositing/visibility/root-visibility-toggle.html

  • page/Frame.h:
  • platform/graphics/GraphicsLayer.cpp:

(WebCore::GraphicsLayer::dumpProperties const):

  • platform/graphics/GraphicsLayerClient.h:

(WebCore::GraphicsLayerClient::shouldDumpPropertyForLayer const):

  • rendering/RenderLayerBacking.cpp:

(WebCore::RenderLayerBacking::isSimpleContainerCompositingLayer const):
(WebCore::RenderLayerBacking::shouldDumpPropertyForLayer const):

  • rendering/RenderLayerBacking.h:
  • rendering/RenderLayerCompositor.cpp:

(WebCore::RenderLayerCompositor::layerTreeAsText):

  • testing/Internals.cpp:

(WebCore::toLayerTreeFlags):

  • testing/Internals.h:
  • testing/Internals.idl:

LayoutTests:

Test dumps layer tree with RenderLayerBacking::shouldDumpPropertyForLayer to show that the root has (drawsContent 1)

  • compositing/visibility/root-visibility-toggle-expected.txt: Added.
  • compositing/visibility/root-visibility-toggle.html: Added.
  • platform/mac-wk1/compositing/visibility/root-visibility-toggle-expected.txt: Added.
5:35 PM Changeset in webkit [241787] by Joseph Pecoraro
  • 19 edits
    1 add in trunk

Web Inspector: Improve ES6 Class instances in Heap Snapshot instances view
https://bugs.webkit.org/show_bug.cgi?id=172848
<rdar://problem/25709212>

Reviewed by Mark Lam.

JSTests:

  • typeProfiler/inheritance.js:

Rewrite the test slightly for clarity. The hoisting was confusing.

  • heapProfiler/class-names.js: Added.

(MyES5Class):
(MyES6Class):
(MyES6Subclass):
Test object types and improved class names.

  • heapProfiler/driver/driver.js:

(CheapHeapSnapshotNode):
(CheapHeapSnapshot):
(createCheapHeapSnapshot):
(HeapSnapshot):
(createHeapSnapshot):
Update snapshot parsing from version 1 to version 2.

Source/JavaScriptCore:

  • heap/HeapSnapshotBuilder.h:
  • heap/HeapSnapshotBuilder.cpp:

Update the snapshot version. Change the node's 0 | 1 internal value
to be a 32bit bit flag. This is nice in that it is both compatible
with the previous snapshot version and the same size. We can use more
flags in the future.

(JSC::HeapSnapshotBuilder::json):
In cases where the classInfo gives us "Object" check for a better
class name by checking (o).proto.constructor.name. We avoid this
check in cases where (o).hasOwnProperty("constructor") which is the
case for most Foo.prototype objects. Otherwise this would get the
name of the Foo superclass for the Foo.prototype object.

  • runtime/JSObject.cpp:

(JSC::JSObject::calculatedClassName):
Handle some possible edge cases that were not handled before, such as
a JSObject without a GlobalObject or an object which doesn't
have a default getPrototype. Try to make the code a little clearer.

Source/WebInspectorUI:

  • UserInterface/Workers/HeapSnapshot/HeapSnapshot.js:

(HeapSnapshot):
Support the new snapshot version. The only thing that changes are the
node flags, and its actually completely compatible with version 1.

(HeapSnapshot.updateCategoriesAndMetadata):
List the count of object type instances in each class category.

(HeapSnapshot.prototype.serializeNode):
Include whether or not the node is an object type.

  • UserInterface/Proxies/HeapSnapshotNodeProxy.js:

(WebInspector.HeapSnapshotNodeProxy):
(WebInspector.HeapSnapshotNodeProxy.deserialize):
Add a new Node isObjectType property based on the new data.

  • UserInterface/Views/HeapSnapshotClassDataGridNode.js:

(WebInspector.HeapSnapshotClassDataGridNode.prototype.createCellContent):

  • UserInterface/Views/HeapSnapshotClusterContentView.js:

(WebInspector.HeapSnapshotClusterContentView.iconStyleClassNameForClassName):
If a class contains 50% or more object type instances then treat it as such
instead of defaulting to native.

  • UserInterface/Views/HeapSnapshotDataGridTree.js:

(WebInspector.HeapSnapshotInstancesDataGridTree.prototype.populateTopLevel):

  • UserInterface/Views/HeapSnapshotInstanceDataGridNode.js:

(WebInspector.HeapSnapshotInstanceDataGridNode.prototype.createCellContent):
We can be more specific than the default if the individual instance is
known to be an object type.

LayoutTests:

  • inspector/unit-tests/heap-snapshot-expected.txt:
  • inspector/unit-tests/heap-snapshot.html:

Update for the new node flag.

5:31 PM Changeset in webkit [241786] by Keith Rollin
  • 2 edits in trunk/Tools

Add timing information to build output
https://bugs.webkit.org/show_bug.cgi?id=194839
<rdar://problem/48219609>

Reviewed by Alexey Proskuryakov.

Configure xcodebuild with -ShowBuildOperationDuration, causing it to
emit each project's build time to its output. E.g.,

BUILD SUCCEEDED [0.132 sec]

  • Scripts/webkitdirs.pm:

(XcodeOptions):

4:38 PM Changeset in webkit [241785] by Truitt Savell
  • 20 edits
    1 delete in trunk

Unreviewed, rolling out r241784.

Broke all OpenSource builds.

Reverted changeset:

"Web Inspector: Improve ES6 Class instances in Heap Snapshot
instances view"
https://bugs.webkit.org/show_bug.cgi?id=172848
https://trac.webkit.org/changeset/241784

4:07 PM Changeset in webkit [241784] by Joseph Pecoraro
  • 19 edits
    1 add in trunk

Web Inspector: Improve ES6 Class instances in Heap Snapshot instances view
https://bugs.webkit.org/show_bug.cgi?id=172848
<rdar://problem/25709212>

Reviewed by Mark Lam.

JSTests:

  • typeProfiler/inheritance.js:

Rewrite the test slightly for clarity. The hoisting was confusing.

  • heapProfiler/class-names.js: Added.

(MyES5Class):
(MyES6Class):
(MyES6Subclass):
Test object types and improved class names.

  • heapProfiler/driver/driver.js:

(CheapHeapSnapshotNode):
(CheapHeapSnapshot):
(createCheapHeapSnapshot):
(HeapSnapshot):
(createHeapSnapshot):
Update snapshot parsing from version 1 to version 2.

Source/JavaScriptCore:

  • heap/HeapSnapshotBuilder.h:
  • heap/HeapSnapshotBuilder.cpp:

Update the snapshot version. Change the node's 0 | 1 internal value
to be a 32bit bit flag. This is nice in that it is both compatible
with the previous snapshot version and the same size. We can use more
flags in the future.

(JSC::HeapSnapshotBuilder::json):
In cases where the classInfo gives us "Object" check for a better
class name by checking (o).proto.constructor.name. We avoid this
check in cases where (o).hasOwnProperty("constructor") which is the
case for most Foo.prototype objects. Otherwise this would get the
name of the Foo superclass for the Foo.prototype object.

  • runtime/JSObject.cpp:

(JSC::JSObject::calculatedClassName):
Handle some possible edge cases that were not handled before, such as
a JSObject without a GlobalObject or an object which doesn't
have a default getPrototype. Try to make the code a little clearer.

Source/WebInspectorUI:

  • UserInterface/Workers/HeapSnapshot/HeapSnapshot.js:

(HeapSnapshot):
Support the new snapshot version. The only thing that changes are the
node flags, and its actually completely compatible with version 1.

(HeapSnapshot.updateCategoriesAndMetadata):
List the count of object type instances in each class category.

(HeapSnapshot.prototype.serializeNode):
Include whether or not the node is an object type.

  • UserInterface/Proxies/HeapSnapshotNodeProxy.js:

(WebInspector.HeapSnapshotNodeProxy):
(WebInspector.HeapSnapshotNodeProxy.deserialize):
Add a new Node isObjectType property based on the new data.

  • UserInterface/Views/HeapSnapshotClassDataGridNode.js:

(WebInspector.HeapSnapshotClassDataGridNode.prototype.createCellContent):

  • UserInterface/Views/HeapSnapshotClusterContentView.js:

(WebInspector.HeapSnapshotClusterContentView.iconStyleClassNameForClassName):
If a class contains 50% or more object type instances then treat it as such
instead of defaulting to native.

  • UserInterface/Views/HeapSnapshotDataGridTree.js:

(WebInspector.HeapSnapshotInstancesDataGridTree.prototype.populateTopLevel):

  • UserInterface/Views/HeapSnapshotInstanceDataGridNode.js:

(WebInspector.HeapSnapshotInstanceDataGridNode.prototype.createCellContent):
We can be more specific than the default if the individual instance is
known to be an object type.

LayoutTests:

  • inspector/unit-tests/heap-snapshot-expected.txt:
  • inspector/unit-tests/heap-snapshot.html:

Update for the new node flag.

3:27 PM Changeset in webkit [241783] by rmorisset@apple.com
  • 3 edits in trunk/Source/JavaScriptCore

B3-O2 incorrectly optimizes this subtest
https://bugs.webkit.org/show_bug.cgi?id=194625

Reviewed by Saam Barati.

Trivial fix. Instead of doing

if (!cond) foo else bar => if (cond) bar else foo

B3LowerToAir was doing

if (xC) foo else bar => if (cond) bar else foo whenever C&1, even if C was for example 3.

  • b3/B3LowerToAir.cpp:
  • b3/testb3.cpp:

(JSC::B3::testBitNotOnBooleanAndBranch32):
(JSC::B3::testNotOnBooleanAndBranch32): Added.

3:18 PM Changeset in webkit [241782] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WTF

Unreviewed, rolling out r241770.
https://bugs.webkit.org/show_bug.cgi?id=194833

Caused crashes (Requested by smfr on #webkit).

Reverted changeset:

"Code quality cleanup in NeverDestroyed"
https://bugs.webkit.org/show_bug.cgi?id=194824
https://trac.webkit.org/changeset/241770

3:17 PM Changeset in webkit [241781] by rmorisset@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

CachedCall should not consider it UNLIKELY that it will not stack overflow
https://bugs.webkit.org/show_bug.cgi?id=194831

Reviewed by Mark Lam.

  • interpreter/CachedCall.h:

(JSC::CachedCall::CachedCall):

3:07 PM Changeset in webkit [241780] by rniwa@webkit.org
  • 3 edits
    2 adds in trunk

REGRESSION(r240909): Release assertion in FrameLoader::loadPostRequest when opening new window
https://bugs.webkit.org/show_bug.cgi?id=194820

Reviewed by Geoffrey Garen.

Source/WebCore:

This release assertion was wrong. The invocation of PolicyChecker::checkNewWindowPolicy in FrameLoader
doesn’t require PolicyChecker's load type to be set in PolicyChecker because FrameLoader's
continueLoadAfterNewWindowPolicy invokes loadWithNavigationAction which sets the load type later,
and we don't rely on PolicyChecker's load type until then.

Fixed the crash by removing relese asserts before invoking checkNewWindowPolicy accordingly.

This patch reverts r241015 since it too was asserting that PolicyChecker's load type is set before
invoking checkNewWindowPolicy which is not the right assumption.

Test: fast/loader/navigate-with-post-to-new-target-after-back-forward-navigation.html

  • loader/FrameLoader.cpp:

(WebCore::FrameLoader::loadURL):
(WebCore::FrameLoader::load):
(WebCore::FrameLoader::loadPostRequest):

LayoutTests:

Added a regression test.

  • fast/loader/navigate-with-post-to-new-target-after-back-forward-navigation-expected.txt: Added.
  • fast/loader/navigate-with-post-to-new-target-after-back-forward-navigation.html: Added.
2:57 PM Changeset in webkit [241779] by Antti Koivisto
  • 3 edits in trunk/Source/WebKit

Pass rootContentsLayer to Mac remote layer tree
https://bugs.webkit.org/show_bug.cgi?id=194828

Reviewed by Simon Fraser.

Make this code path work again.

  • Shared/RemoteLayerTree/RemoteScrollingCoordinatorTransaction.cpp:

(ArgumentCoder<ScrollingStateFrameScrollingNode>::encode):
(ArgumentCoder<ScrollingStateFrameScrollingNode>::decode):

  • UIProcess/RemoteLayerTree/RemoteScrollingCoordinatorProxy.cpp:

(WebKit::RemoteScrollingCoordinatorProxy::connectStateNodeLayers):

2:51 PM Changeset in webkit [241778] by achristensen@apple.com
  • 13 edits in trunk/Source/WebKit

Reduce use of LegacySync IPC messages
https://bugs.webkit.org/show_bug.cgi?id=194783

Reviewed by Geoffrey Garen.

  • UIProcess/WebProcessPool.cpp:

(WebKit::WebProcessPool::handleSynchronousMessage):

  • UIProcess/WebProcessPool.h:
  • UIProcess/WebProcessPool.messages.in:
  • UIProcess/WebProcessProxy.cpp:

(WebKit::WebProcessProxy::getPlugins):
(WebKit::WebProcessProxy::shouldTerminate):

  • UIProcess/WebProcessProxy.h:
  • UIProcess/WebProcessProxy.messages.in:
  • WebProcess/Plugins/PluginProcessConnection.cpp:

(WebKit::PluginProcessConnection::setException):

  • WebProcess/Plugins/PluginProcessConnection.h:
  • WebProcess/Plugins/PluginProcessConnection.messages.in:
  • WebProcess/Plugins/PluginProxy.cpp:

(WebKit::PluginProxy::didCreatePlugin):
(WebKit::PluginProxy::didFailToCreatePlugin):
(WebKit::PluginProxy::proxiesForURL):
(WebKit::PluginProxy::cookiesForURL):
(WebKit::PluginProxy::getAuthenticationInfo):
(WebKit::PluginProxy::getPluginElementNPObject):
(WebKit::PluginProxy::evaluate):
(WebKit::PluginProxy::createPluginContainer):

  • WebProcess/Plugins/PluginProxy.h:
  • WebProcess/Plugins/PluginProxy.messages.in:
2:49 PM Changeset in webkit [241777] by achristensen@apple.com
  • 2 edits in trunk/Source/WebKit

Remove assertion introduced in r229683
https://bugs.webkit.org/show_bug.cgi?id=194825
<rdar://problem/47628258>

Reviewed by Geoffrey Garen.

  • WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:

(WebKit::WebFrameLoaderClient::dispatchWillSubmitForm):
If we reach this code and the form's original Document's Frame has been destroyed,
we have already been told to submit the form so do so, just like we do if the WebPage
has been destroyed. This is a rare edge case having to do with the timing of Frame
destruction and decidePolicyForNavigationAction response, which unfortunately does not
reproduce with a test case unless the timing of IPC is just right.

2:42 PM Changeset in webkit [241776] by Truitt Savell
  • 2 edits in trunk/LayoutTests

[ iOS ] Layout Tests in editing/pasteboard/data-transfer-set-data-* are flaky Timeouts
https://bugs.webkit.org/show_bug.cgi?id=188892

Unreviewed test gardening.

  • platform/ios/TestExpectations:
2:36 PM Changeset in webkit [241775] by Alan Bujtas
  • 2 edits in trunk/Source/WebCore

Fix post-commit feedback.

Unreviewed.

  • layout/floats/FloatingContext.cpp:

(WebCore::Layout::FloatingPair::intersects const):

2:33 PM Changeset in webkit [241774] by Alan Bujtas
  • 4 edits in trunk

[LFC][Floats] Remove redundant intersecting logic
https://bugs.webkit.org/show_bug.cgi?id=194804

Reviewed by Antti Koivisto.

Source/WebCore:

floatAvoider.overflowsContainingBlock() check already (and properly) takes care of the far left/right case (see comment).

  • layout/floats/FloatingContext.cpp:

(WebCore::Layout::FloatingContext::floatingPosition const):
(WebCore::Layout::FloatingPair::intersects const):

Tools:

  • LayoutReloaded/misc/LFC-passing-tests.txt:
2:28 PM Changeset in webkit [241773] by commit-queue@webkit.org
  • 3 edits in trunk/LayoutTests

[ Mac WK2 iOS ] REGRESSION (r231008) Layout Test http/tests/resourceLoadStatistics/do-not-block-top-level-navigation-redirect.html is a flaky failure
https://bugs.webkit.org/show_bug.cgi?id=194826

Unreviewed test gardening.

Patch by Shawn Roberts <Shawn Roberts> on 2019-02-19

  • platform/ios-wk2/TestExpectations: Marking Debug flaky while waiting for bug fix
  • platform/mac-wk2/TestExpectations: Marking Mac WK2 flaky while waiting for bug fix
2:03 PM Changeset in webkit [241772] by mark.lam@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

Fix DFG doesGC() for TryGetById and ProfileType nodes.
https://bugs.webkit.org/show_bug.cgi?id=194821
<rdar://problem/48206690>

Reviewed by Saam Barati.

Fix doesGC() for the following nodes:

ProfileType:

calls operationProcessTypeProfilerLogDFG(), which can calculatedClassName(),
which can call JSString::tryGetValue(), which can resolve a rope.

TryGetById:

calls operationTryGetByIdOptimize(), which can startWatchingPropertyForReplacements()
on a structure, which can allocate StructureRareData.

  • dfg/DFGDoesGC.cpp:

(JSC::DFG::doesGC):

1:47 PM Changeset in webkit [241771] by dino@apple.com
  • 3 edits in trunk/Tools

Clean-up output from generate-xcfilelists so it can be filtered
https://bugs.webkit.org/show_bug.cgi?id=194795

Reviewed by Joseph Pecoraro (and Keith Rollin).

Replace the "..." with "GXCF:" in generate-xcfilelists output, and
make a slight tweak to filter-build-webkit so such lines are marked
as plain.

  • Scripts/filter-build-webkit:
  • Scripts/generate-xcfilelists:
12:45 PM Changeset in webkit [241770] by keith_miller@apple.com
  • 2 edits in trunk/Source/WTF

Code quality cleanup in NeverDestroyed
https://bugs.webkit.org/show_bug.cgi?id=194824

Reviewed by Yusuke Suzuki.

First, move data members to the end of the class per WebKit
style. Also, add forbid heap allocation since we expect the
NeverDestroyed classes to be static.

  • wtf/NeverDestroyed.h:
12:14 PM Changeset in webkit [241769] by ysuzuki@apple.com
  • 7 edits
    2 adds in trunk/Source/JavaScriptCore

[JSC] Introduce JSNonDestructibleProxy for JavaScriptCore.framework's GlobalThis
https://bugs.webkit.org/show_bug.cgi?id=194799

Reviewed by Saam Barati.

JSProxy is destructible one because we have JSWindowProxy which has ref counted object.
However, JavaScriptCore.framework's JSProxy for GlobalThis does not need to be destructible.
This is important since we need to separate Heap subspaces between destructible and non-destructible objects.
If we can put more and more objects in non-destructible status, we can get rid of low-usage MarkedBlock.
This patch adds JSNonDestructibleProxy, which is not destructible JSProxy. While it inherits JSDestructibleObject,
we can make the subclass still non-destructible thanks to Subspace mechanism. This drops one more low-usage MarkedBlock.

  • CMakeLists.txt:
  • JavaScriptCore.xcodeproj/project.pbxproj:
  • Sources.txt:
  • runtime/JSGlobalObject.cpp:

(JSC::JSGlobalObject::resetPrototype):
(JSC::JSGlobalObject::finishCreation):

  • runtime/JSNonDestructibleProxy.cpp: Added.
  • runtime/JSNonDestructibleProxy.h: Added.

(JSC::JSNonDestructibleProxy::subspaceFor):
(JSC::JSNonDestructibleProxy::create):
(JSC::JSNonDestructibleProxy::createStructure):
(JSC::JSNonDestructibleProxy::JSNonDestructibleProxy):

  • runtime/JSProxy.h:

(JSC::JSProxy::JSProxy):

12:01 PM Changeset in webkit [241768] by rmorisset@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

B3ReduceStrength::simplifyCFG() could do a lot more on each iteration
https://bugs.webkit.org/show_bug.cgi?id=194475

Reviewed by Saam Barati.

B3ReduceStrength::simplifyCFG() does three optimizations (which I will call A, B and C):

  • A makes any terminal that points to a block that is empty except for a jump point to that jump's target instead.
  • B transforms any branch or switch that points to a single block into a jump
  • C finds blocks ending with jumps, whose successor has a single predecessor, and inline that successor block in place of the jump

It currently is limited in the following way:

  • A and C can only fire once per block per iteration
  • B can create jumps that would trigger A, but they may not be seen until the next iteration

Both problems are mitigated by going through the blocks in post-order, so that when a block is optimized most of its successors have already been optimized.
In a sense it is the symmetric of the peephole optimizer that goes in pre-order so that when an instruction is optimized most of its children have already been optimized.

On JetStream2 it reduces the average number of iterations from 3.35 to 3.24.

  • b3/B3ReduceStrength.cpp:
11:05 AM Changeset in webkit [241767] by Alan Coon
  • 9 edits in branches/safari-608.1.5.1-branch

Cherry-pick r241752. rdar://problem/48055151

REGRESSION (PSON): Can't access optumbank.com from myuhc.com
https://bugs.webkit.org/show_bug.cgi?id=194797
<rdar://problem/48055151>

Reviewed by Geoffrey Garen.

Source/WebKit:

The issue was caused by us mistakenly process-swapping for a same-site server side redirect.
The reason we were getting it wrong is because the logic in
WebProcessPool::processForNavigationInternal() was expecting page.process() to be the source
process and page.pageLoadState().url() to be the source URL. Those assumptions are incorrect
when a server-side redirect occurs in a provisional process. In such case, the source process
is the ProvisionalPageProxy's process and the source URL is the provisional URL, not the
committed one.

  • UIProcess/ProvisionalPageProxy.cpp: (WebKit::ProvisionalPageProxy::didPerformServerRedirect): (WebKit::ProvisionalPageProxy::didReceiveServerRedirectForProvisionalLoadForFrame): (WebKit::ProvisionalPageProxy::didReceiveMessage):
  • UIProcess/ProvisionalPageProxy.h: Make sure the provisional page forwards IPC related to server-side redirects to the page so that the client gets informed.
  • UIProcess/WebPageProxy.cpp: (WebKit::WebPageProxy::receivedNavigationPolicyDecision): (WebKit::WebPageProxy::didPerformServerRedirect): (WebKit::WebPageProxy::didPerformServerRedirectShared):
  • UIProcess/WebPageProxy.h:
  • UIProcess/WebProcessPool.cpp: (WebKit::WebProcessPool::processForNavigation): (WebKit::WebProcessPool::processForNavigationInternal):
  • UIProcess/WebProcessPool.h:

Tools:

Add API test coverage.

  • TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241752 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:05 AM Changeset in webkit [241766] by Alan Coon
  • 12 edits in branches/safari-608.1.5.1-branch/Source

Cherry-pick r241721. rdar://problem/47677951

AX: PSON: Going back from apple.com to search results, cannot interact with HTML content. Disabling Swap Processes on Cross-Site Navigation resolves the issue.
https://bugs.webkit.org/show_bug.cgi?id=194742

Reviewed by Chris Dumez.

Source/WebCore:

With the new process model, WebProcess hits a case where it tries to send the "page loaded" notification before VoiceOver
had a chance to register for any notifications. This leads to those notifications being dropped (and thus this bug).

This change instead asks the UIProcess to send the notification, which we know VoiceOver has registered for, and can reliably
receive notifications.

It also sends the notification for "load failures," which to the VO users' perspective amounts to the same thing as a successful
page load.

  • accessibility/mac/AXObjectCacheMac.mm: (WebCore::AXObjectCache::frameLoadingEventPlatformNotification):

Source/WebKit:

Re-initialize the accessibility web process tokens when swapping processes.
Send page load notifications from the UIProcess instead of the WebProcess to improve reliability.

  • UIProcess/mac/PageClientImplMac.mm: (WebKit::PageClientImpl::didFinishLoadForMainFrame): (WebKit::PageClientImpl::didFailLoadForMainFrame):
  • WebProcess/WebPage/WebPage.cpp: (WebKit::WebPage::reinitializeWebPage):
  • WebProcess/WebPage/WebPage.h:
  • WebProcess/WebPage/gtk/WebPageGtk.cpp: (WebKit::WebPage::platformReinitialize): (WebKit::WebPage::platformDetach): Deleted. (WebKit::WebPage::platformEditorState const): Deleted. (WebKit::WebPage::updateAccessibilityTree): Deleted. (WebKit::WebPage::performDefaultBehaviorForKeyEvent): Deleted. (WebKit::WebPage::platformCanHandleRequest): Deleted. (WebKit::WebPage::platformUserAgent const): Deleted. (WebKit::WebPage::getCenterForZoomGesture): Deleted. (WebKit::WebPage::setInputMethodState): Deleted. (WebKit::WebPage::collapseSelectionInFrame): Deleted.
  • WebProcess/WebPage/ios/WebPageIOS.mm: (WebKit::WebPage::platformReinitialize):
  • WebProcess/WebPage/mac/WebPageMac.mm: (WebKit::WebPage::platformReinitialize):
  • WebProcess/WebPage/win/WebPageWin.cpp: (WebKit::WebPage::platformReinitialize):
  • WebProcess/WebPage/wpe/WebPageWPE.cpp: (WebKit::WebPage::platformReinitialize):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241721 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:05 AM Changeset in webkit [241765] by Alan Coon
  • 2 edits in branches/safari-608.1.5.1-branch/Source/WebKit

Cherry-pick r241641. rdar://problem/47833813

NetworkDataTask should check its client before calling shouldCaptureExtraNetworkLoadMetrics
https://bugs.webkit.org/show_bug.cgi?id=194732

Reviewed by Geoffrey Garen.

NetworkDataTask may be kept alive if refing it after its NetworkLoad is gone.
This might happen for instance in DownloadManager or when checking for TLS certificates.
In that case, if the NetworkLoad gets destroyed, it clears the client of the NetworkDataTask.
To ensure that NetworkDataTask does not try to use its client, add a null check.

  • NetworkProcess/NetworkDataTask.cpp: (WebKit::NetworkDataTask::shouldCaptureExtraNetworkLoadMetrics const):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241641 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:05 AM Changeset in webkit [241764] by Alan Coon
  • 2 edits in branches/safari-608.1.5.1-branch/Source/WebKit

Cherry-pick r241631. rdar://problem/48126255

[PSON] Disable WebContent process cache on devices with less than 3GB of RAM
https://bugs.webkit.org/show_bug.cgi?id=194726
<rdar://problem/48126255>

Reviewed by Geoffrey Garen.

  • UIProcess/WebProcessCache.cpp: (WebKit::WebProcessCache::updateCapacity):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241631 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:05 AM Changeset in webkit [241763] by Alan Coon
  • 4 edits in branches/safari-608.1.5.1-branch

Cherry-pick r241606. rdar://problem/47884404

Regression(PSON) Navigating quickly back and forth can lead to getting 'about:blank' in the backforward list
https://bugs.webkit.org/show_bug.cgi?id=194717
<rdar://problem/47884404>

Reviewed by Brady Eidson.

Source/WebKit:

When the client does a history navigation, the UIProcess sends a WebPage::GoToBackForwardItem IPC to the
WebProcess and the WebProcess sends a WebPageProxy::BackForwardGoToItem IPC back to the UIProcess to
update the current item in the BackForwardList. This means that there is a slight delay between the
point a client requests a history navigation and the point where the BackForwardList's current item gets
update. This delay is pre-existing behavior and not new to PSON.

However, with PSON enabled, if we decide to process-swap for the history navigation, we'll tell the
previous (committed) process to ignore the load and we ask a new (provisional) process to do the history
navigation. When the previous process receives the request to ignore the history navigation, it restores
the History's current item to the one previous the navigation, which sends a WebPageProxy::GoToBackForwardItem
IPC to the UIProcess to update the BackForwardList as well. In parallel, the new process starts the
history navigation and also sends a WebPageProxy::GoToBackForwardItem to update the BackForwardList's
current item as well. We end up with a race between the 2 GoToBackForwardItem IPC messages coming from
the old and new process. If the old process's message loses the race, we end up with the wrong current
history item getting set in the UIProcess. Later, when we commit the provisional load and try to suspend
the previous page, we would save the SuspendedPage on the *wrong* BackForwardList item. If one tries to
load this BackForwardList item later, we'll use its SuspendedPage and try to unsuspend it. However,
because the PageCache entry is saved on another HistoryItem than the one getting loaded in the WebProcess
side, we attempt to do a regular load instead of a PageCache restore. We end up failing the load because
pages cannot trigger new loads while in page cache. Because the load fails, we end up loading the
initial empty document and this is how we end up with 'about:blank' in the back forward list.

To address the issue, update WebPageProxy::backForwardGoToItem() to ignore messages from the old/committed
WebProcess when there is a pending provisional load. If the committed processes starts a legit new
load, it would clear any existing pending provisional load before attempting the call backForwardGoToItem().
As a result, ignoring such messages from the old processes when there is a pending provisional load is
safe.

In the future, we should probably move more of the history / backForwardList management to the UIProcess
to avoid this sort of issues. This would be a much larger refactoring though so I am going with this
simpler fix that is easily cherry-pickable for now.

  • UIProcess/WebPageProxy.cpp: (WebKit::WebPageProxy::suspendCurrentPageIfPossible): (WebKit::WebPageProxy::continueNavigationInNewProcess): (WebKit::WebPageProxy::backForwardGoToItem):

Tools:

Add API test coverage.

  • TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241606 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:05 AM Changeset in webkit [241762] by Alan Coon
  • 29 edits
    2 adds in branches/safari-608.1.5.1-branch

Cherry-pick r241556. rdar://problem/46793397

[PSON] Introduce a WebContent Process cache
https://bugs.webkit.org/show_bug.cgi?id=194594
<rdar://problem/46793397>

Reviewed by Geoff Garen.

Source/WebCore:

Update localizable strings.

  • en.lproj/Localizable.strings:

Source/WebKit:

Introduce a WebContent Process cache to reduce the number of process launches when
process swap on navigation is enabled, and to reduce the power cost of the feature.

If a WebProcess loaded pages from a single registrable domain then it is eligible
for the cache. When process-swapping on navigation to a new registrable domain, we
now attempt to retrieve a process from the cache for the domain in question instead
of always launching a new one.

The WebProcess cache currently has the following attributes:

  • It may contains 4 processes per GB of RAM the machine has, up to 30 processes.
  • WebProcesses automatically get evicted from the cache after 30 minutes.
  • If the application is no longer the active app, then the cache will get cleared after 5 minutes.
  • WebProcesses that are in the cache are reported as "(Cached)" in Activity Monitor.

The WebProcess cache is currently disabled by default and can by enabled by the
client via SPI.

  • Shared/WebBackForwardListItem.cpp: (WebKit::WebBackForwardListItem::WebBackForwardListItem):
  • Shared/WebBackForwardListItem.h: (WebKit::WebBackForwardListItem::lastProcessIdentifier const): (WebKit::WebBackForwardListItem::setLastProcessIdentifier): Add new lastProcessIdentifier data member that reflects which process this item was last loaded in. It is normally identical to the identifier of the process that created the item but it gets overriden in case of cross-site client-side redirect, since a new process takes over the item in this case.
  • Sources.txt: Add new source file.
  • UIProcess/API/APIProcessPoolConfiguration.cpp: (API::ProcessPoolConfiguration::copy):
  • UIProcess/API/APIProcessPoolConfiguration.h:
  • UIProcess/API/C/WKContextConfigurationRef.cpp: (WKContextConfigurationUsesWebProcessCache): (WKContextConfigurationSetUsesWebProcessCache):
  • UIProcess/API/C/WKContextConfigurationRef.h:
  • UIProcess/API/Cocoa/_WKProcessPoolConfiguration.h:
  • UIProcess/API/Cocoa/_WKProcessPoolConfiguration.mm: (-[_WKProcessPoolConfiguration setUsesWebProcessCache:]): (-[_WKProcessPoolConfiguration usesWebProcessCache]): Add new SPI to enable the WebProcess cache.
  • UIProcess/API/Cocoa/WKProcessPool.mm: (-[WKProcessPool _webProcessCountIgnoringPrewarmedAndCached]):
  • UIProcess/API/Cocoa/WKProcessPoolPrivate.h: Add new SPI for testing which returns the number of WebProcesses ignoring both prewarmed and cached ones.
  • UIProcess/Cocoa/WebProcessPoolCocoa.mm: (WebKit::WebProcessPool::registerNotificationObservers): (WebKit::WebProcessPool::unregisterNotificationObservers): Add application active state observers as the WebProcess cache gets cleared when the application resigns active state for more than 5 minutes.
  • UIProcess/ProvisionalPageProxy.cpp: (WebKit::ProvisionalPageProxy::loadRequest): When doing a load in a new process with the BackForwardList locked (i.e. client-side redirect), make sure we update the last process identifier for the BackForwardListItem. This is important because the logic in WebProcessPool::processForNavigation() relies on this identifier to select which process to do the history navigation into, and we want to do the load in the post-redirect process, not the pre-redirect one.
  • UIProcess/WebPageProxy.cpp: (WebKit::WebPageProxy::didStartProvisionalLoadForFrameShared): Tell the WebProcess whenever a main frame provisional load is started, providing the URL.
  • UIProcess/WebProcessCache.cpp: Added. (WebKit::WebProcessCache::WebProcessCache): (WebKit::WebProcessCache::addProcess): (WebKit::WebProcessCache::takeProcess): (WebKit::WebProcessCache::updateMaximumSize): (WebKit::WebProcessCache::clear): (WebKit::WebProcessCache::setApplicationIsActive): (WebKit::WebProcessCache::evictProcess): (WebKit::WebProcessCache::CachedProcess::CachedProcess): (WebKit::WebProcessCache::CachedProcess::~CachedProcess): (WebKit::WebProcessCache::CachedProcess::takeProcess): (WebKit::WebProcessCache::CachedProcess::evictionTimerFired):
  • UIProcess/WebProcessCache.h: Added. (WebKit::WebProcessCache::maximumSize): (WebKit::WebProcessCache::size const): (WebKit::WebProcessCache::CachedProcess::process): Add process cache implementation.
  • UIProcess/WebProcessPool.cpp: (WebKit::m_webProcessCache): WebProcessCache is stored on the WebProcessPool via m_webProcessCache data member.

(WebKit::WebProcessPool::~WebProcessPool):
Clear the WebProcess cache in the destructor.

(WebKit::WebProcessPool::setApplicationIsActive):
Notify the WebProcessCache whenever the application's active state changes.

(WebKit::WebProcessPool::createWebPage):
If the state of PSON changes via the experimental features menu, dynamically
update the WebProcessCache's size. This is needed because the cache is disabled
when PSON is disabled.

(WebKit::WebProcessPool::handleMemoryPressureWarning):
Clear the WebProcess cache on memory pressure.

(WebKit::WebProcessPool::processForNavigationInternal):
Query the WebProcessCache before attempting to create a new WebProcess for a cross-site
navigation.

(WebKit::WebProcessPool::findReusableSuspendedPageProcess):
This logic was split out of processForNavigationInternal() to reduce the size
of the method.

  • UIProcess/WebProcessPool.h:
  • UIProcess/WebProcessProxy.cpp: (WebKit::WebProcessProxy::setIsInProcessCache): Update the isInProcessCache flag on the WebProcessProxy and send an IPC to the WebContent process so that it can update its name in Activity Monitor. We also need to stop holding a strong reference to the WebProcessPool whenever the process is in the cache, similarly to what we do for pre-warmed processes, given that such processes should not keep the process pool alive.

(WebKit::WebProcessProxy::addExistingWebPage):
Assert that we never try to add a page to a cached process, it should be taken out of the
cache before use.

(WebKit::WebProcessProxy::hasProvisionalPageWithID const):
(WebKit::WebProcessProxy::isAllowedToUpdateBackForwardItem const):
(WebKit::WebProcessProxy::updateBackForwardItem):
In case of client-side redirects, the previous process would sometimes send an IPC causing
the UIProcess' backforward list item to get updated with the pre-redirect URL after we've
already redirected. This previously would be unlikely to occur because we do not suspend
client-redirect pages and their process would normally exit before getting a chance to send
the IPC. However, with the process cache, the bug became obvious as the process would stay
alive and send up the "bad" IPC. To address the issue, we now only let the IPC update the
item if the item's page is (still) associated with the process. In the future, we may want
to update the IPC so that it gets sent to the WebPageProxy instead of the WebProcessProxy.

(WebKit::WebProcessProxy::processDidTerminateOrFailedToLaunch):
If a cached WebProcess crashes, remove it from the cache so that we do not attempt to use
it for a load later.

(WebKit::WebProcessProxy::canBeAddedToWebProcessCache const):
Only cache WebProcesses that have loaded a single registrable domain. Also prevent caching
for service worker and inspector processes.

(WebKit::WebProcessProxy::maybeShutDown):
If the process is cacheable, add it to the cache instead of shutting it down right away.

(WebKit::WebProcessProxy::canTerminateAuxiliaryProcess):
Make sure we do not attempt to terminate a processes that is in the cache.

(WebKit::WebProcessProxy::didStartProvisionalLoadForMainFrame):
Whenever a main frame provisional load starts, make sure we update the process's associated
registrable domain. nullopt indicates that there is no associated domain yet. Null string
indicates that the process is associated with several registrable domain and is therefore
not eligible for caching.

  • UIProcess/WebProcessProxy.h: (WebKit::WebProcessProxy::registrableDomain const): (WebKit::WebProcessProxy::isInProcessCache const): (WebKit::WebProcessProxy::provisionalPageCount const): Add convenience getters.
  • WebKit.xcodeproj/project.pbxproj: Add new files to project.
  • WebProcess/WebProcess.cpp: (WebKit::WebProcess::setIsInProcessCache):
  • WebProcess/WebProcess.h:
  • WebProcess/WebProcess.messages.in:
  • WebProcess/cocoa/WebProcessCocoa.mm: (WebKit::WebProcess::updateProcessName): Update the WebProcess' name in Activity Monitor whenever it goes into or out of the WebProcess cache.

Tools:

Update API tests to turn on the WebContent Process cache.

  • TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241556 268f45cc-cd09-0410-ab3c-d52691b4dbfc

8:42 AM Changeset in webkit [241761] by commit-queue@webkit.org
  • 8 edits
    1 delete in trunk

Unreviewed, rolling out r241722.
https://bugs.webkit.org/show_bug.cgi?id=194801

Causing time outs and EWS failures after expectation file was
added. (Requested by ShawnRoberts on #webkit).

Reverted changeset:

"IndexedDB: leak IDBDatabase and IDBTransacstion in layout
tests"
https://bugs.webkit.org/show_bug.cgi?id=194709
https://trac.webkit.org/changeset/241722

8:06 AM WebKitGTK/2.22.x edited by cturner@igalia.com
(diff)
2:45 AM Changeset in webkit [241760] by graouts@webkit.org
  • 5 edits
    2 adds in trunk

[iOS] "touch-action: none" should not prevent text selection or tapping on a link
https://bugs.webkit.org/show_bug.cgi?id=194812
<rdar://problem/47901131>

Reviewed by Dean Jackson.

Source/WebKit:

We shouldn't prevent all gestures to be disabled when "touch-action: none" is set and instead follow the same code path we would use should
"pan-x", "pan-y" or "pinch-zoom" be used.

  • UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView _handleTouchActionsForTouchEvent:]):

LayoutTests:

Add a new test which checks that tapping on a link with "touch-action: none" does not prevent navigation.

  • pointerevents/ios/over-enter-out-leave.html:
  • pointerevents/ios/touch-action-none-link-traversal-expected.txt: Added.
  • pointerevents/ios/touch-action-none-link-traversal.html: Added.
  • pointerevents/utils.js: Since we now have two tests performing a tap, we add a ui.tap() method which is a wrapper for uiController.singleTapAtPoint().

(const.ui.new.UIController.prototype.tap):

2:22 AM Changeset in webkit [241759] by commit-queue@webkit.org
  • 2 edits in trunk/Tools

pytest is not correctly auto-installed
https://bugs.webkit.org/show_bug.cgi?id=194707

Patch by Pablo Saavedra <Pablo Saavedra> on 2019-02-19
Reviewed by Carlos Garcia Campos.

  • Scripts/webkitpy/thirdparty/init.py:

(AutoinstallImportHook._install_pytest):

2:04 AM Changeset in webkit [241758] by Tadeu Zagallo
  • 5 edits in trunk/Source/JavaScriptCore

Move bytecode cache-related filesystem code out of CodeCache
https://bugs.webkit.org/show_bug.cgi?id=194675

Reviewed by Saam Barati.

The code is only used for the bytecode-cache tests, so it should live in
jsc.cpp rather than in the CodeCache. The logic now lives in ShellSourceProvider,
which overrides the a virtual method in SourceProvider, cacheBytecode,
in order to write the cache to disk.

  • jsc.cpp:

(ShellSourceProvider::create):
(ShellSourceProvider::~ShellSourceProvider):
(ShellSourceProvider::cachePath const):
(ShellSourceProvider::loadBytecode):
(ShellSourceProvider::ShellSourceProvider):
(jscSource):
(GlobalObject::moduleLoaderFetch):
(functionDollarEvalScript):
(runWithOptions):

  • parser/SourceProvider.h:

(JSC::SourceProvider::cacheBytecode const):

  • runtime/CodeCache.cpp:

(JSC::writeCodeBlock):

  • runtime/CodeCache.h:

(JSC::CodeCacheMap::fetchFromDiskImpl):

1:18 AM Changeset in webkit [241757] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: Scripts timeline on-going-recording text looks poor in dark mode
https://bugs.webkit.org/show_bug.cgi?id=194809

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2019-02-19
Reviewed by Matt Baker.

  • UserInterface/Views/TimelineRecordingContentView.css:

(.content-view.timeline-recording > .content-browser .recording-progress > .status):

Feb 18, 2019:

11:15 PM Changeset in webkit [241756] by dinfuehr@igalia.com
  • 4 edits in trunk

[ARM] Fix crash with sampling profiler
https://bugs.webkit.org/show_bug.cgi?id=194772

Reviewed by Mark Lam.

JSTests:

Do not skip test since crash with sampling profiler is now fixed.

  • stress/sampling-profiler-richards.js:

Source/JavaScriptCore:

sampling-profiler-richards.js was crashing with an enabled sampling profiler. add32
did not update the stack pointer in a single instruction. The src register was first
moved into the stack pointer, the immediate imm was added in a subsequent instruction.

This was problematic when a signal handler was invoked before applying the immediate,
when the stack pointer is still set to the temporary value. Avoid this by calculating src+imm in
a temporary register and then move it in one go into the stack pointer.

  • assembler/MacroAssemblerARMv7.h:

(JSC::MacroAssemblerARMv7::add32):

7:43 PM Changeset in webkit [241755] by achristensen@apple.com
  • 2 edits in trunk/LayoutTests

Adjust test expectations after r241754
https://bugs.webkit.org/show_bug.cgi?id=194510

  • platform/wk2/TestExpectations:
7:03 PM Changeset in webkit [241754] by achristensen@apple.com
  • 4 edits in trunk

Revert functional part of r241451
https://bugs.webkit.org/show_bug.cgi?id=194510

Source/WebKit:

  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::didFinishDocumentLoadForFrame):
It caused crashes and assertions on Linux and Cocoa without safe browsing, which
means it's fundamentally flawed in some way. The testing piping was fine.

LayoutTests:

  • platform/wk2/TestExpectations:
6:32 PM Changeset in webkit [241753] by mark.lam@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

Fix DFG doesGC() for CompareEq/Less/LessEq/Greater/GreaterEq and CompareStrictEq nodes.
https://bugs.webkit.org/show_bug.cgi?id=194800
<rdar://problem/48183773>

Reviewed by Yusuke Suzuki.

Fix doesGC() for the following nodes:

CompareEq:
CompareLess:
CompareLessEq:
CompareGreater:
CompareGreaterEq:
CompareStrictEq:

Only return false (i.e. does not GC) for child node use kinds that have
been vetted to not do anything that can GC. For all other use kinds
(including StringUse and BigIntUse), we return true (i.e. does GC).

  • dfg/DFGDoesGC.cpp:

(JSC::DFG::doesGC):

6:29 PM Changeset in webkit [241752] by Chris Dumez
  • 9 edits in trunk

REGRESSION (PSON): Can't access optumbank.com from myuhc.com
https://bugs.webkit.org/show_bug.cgi?id=194797
<rdar://problem/48055151>

Reviewed by Geoffrey Garen.

Source/WebKit:

The issue was caused by us mistakenly process-swapping for a same-site server side redirect.
The reason we were getting it wrong is because the logic in
WebProcessPool::processForNavigationInternal() was expecting page.process() to be the source
process and page.pageLoadState().url() to be the source URL. Those assumptions are incorrect
when a server-side redirect occurs in a provisional process. In such case, the source process
is the ProvisionalPageProxy's process and the source URL is the provisional URL, not the
committed one.

  • UIProcess/ProvisionalPageProxy.cpp:

(WebKit::ProvisionalPageProxy::didPerformServerRedirect):
(WebKit::ProvisionalPageProxy::didReceiveServerRedirectForProvisionalLoadForFrame):
(WebKit::ProvisionalPageProxy::didReceiveMessage):

  • UIProcess/ProvisionalPageProxy.h:

Make sure the provisional page forwards IPC related to server-side redirects to the page so
that the client gets informed.

  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::receivedNavigationPolicyDecision):
(WebKit::WebPageProxy::didPerformServerRedirect):
(WebKit::WebPageProxy::didPerformServerRedirectShared):

  • UIProcess/WebPageProxy.h:
  • UIProcess/WebProcessPool.cpp:

(WebKit::WebProcessPool::processForNavigation):
(WebKit::WebProcessPool::processForNavigationInternal):

  • UIProcess/WebProcessPool.h:

Tools:

Add API test coverage.

  • TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:
6:04 PM Changeset in webkit [241751] by Darin Adler
  • 47 edits
    1 copy
    1 add in trunk/Source

Continue reducing use of String::format, now focusing on hex: "%p", "%x", etc.
https://bugs.webkit.org/show_bug.cgi?id=194752

Reviewed by Daniel Bates.

Source/JavaScriptCore:

  • heap/HeapSnapshotBuilder.cpp:

(JSC::HeapSnapshotBuilder::json): Added back the "0x" that was removed when changing
this file to use appendUnsignedAsHex instead of "%p". The intent at that time was to
keep behavior the same, so let's do that.

  • parser/Lexer.cpp:

(JSC::Lexer<T>::invalidCharacterMessage const): Use makeString and hex instead of
String::format and "%04x".

Source/WebCore:

  • Modules/websockets/WebSocket.cpp: Added an include of HexNumber.h. This previously

got included because of Logger.h, but that no longer pulls in HexNumber.h.

  • css/CSSMarkup.cpp: Removed unneeded include of StringBuffer.h.
  • css/CSSPrimitiveValue.cpp: Ditto.
  • css/CSSUnicodeRangeValue.cpp:

(WebCore::CSSUnicodeRangeValue::customCSSText const): Use makeString and hex instead
of String::format and "%x".

  • html/HTMLMediaElement.h:

(WTF::ValueToString<WebCore::TextTrackCue::string): Use a non-template function,
TextTrackCure::debugString, so we don't need to use HextNumber.h in a header.

  • html/canvas/WebGLRenderingContextBase.cpp:

(GetErrorString): Use makeString and hex instead of String::format and "%04x".

  • html/track/TextTrackCue.cpp:

(WebCore::TextTrackCue::debugString const): Added. Moved string conversion here
from HTMLMediaElement.h and use makeString instead of String::format. Also use
the word "debug" to make it clear that it's not OK to use this string, with a
pointer value serialized into it, outside of debugging.

  • html/track/TextTrackCue.h: Added TextTrackCue::debugString.
  • page/linux/ResourceUsageOverlayLinux.cpp:

(WebCore::formatByteNumber): Use makeString and FormattedNumber::fixedWidth
instead of String::format and "%.1f" etc.

  • platform/cocoa/KeyEventCocoa.mm:

(WebCore::keyIdentifierForCharCode): Use the new hex function here instead of
the old code that did each of the four characters explicitly.

  • platform/gamepad/mac/HIDGamepad.cpp:

(WebCore::HIDGamepad::HIDGamepad): Use makeString instead of String::format.

  • platform/graphics/Color.cpp:

(WebCore::Color::nameForRenderTreeAsText const): Use hex instead of doing each
digit separately.

  • platform/graphics/FloatPolygon.cpp:

(WebCore::FloatPolygonEdge::debugString const): Added. Moved string conversion here
from the header and use makeString instead of String::format. Also use
the word "debug" to make it clear that it's not OK to use this string, with a
pointer value serialized into it, outside of debugging.

  • platform/graphics/FloatPolygon.h: Updated for the above.
  • platform/graphics/ca/GraphicsLayerCA.cpp:

(WebCore::GraphicsLayerCA::setName): Use makeString instead of String::format.
(WebCore::GraphicsLayerCA::recursiveCommitChanges): DItto.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

(WebCore::MediaPlayerPrivateGStreamer::load): Ditto.
(WebCore::MediaPlayerPrivateGStreamer::createGSTPlayBin): Ditto.

  • platform/gtk/PlatformKeyboardEventGtk.cpp:

(WebCore::PlatformKeyboardEvent::keyIdentifierForGdkKeyCode): Ditto.

  • platform/libwpe/PlatformKeyboardEventLibWPE.cpp:

(WebCore::PlatformKeyboardEvent::keyIdentifierForWPEKeyCode): Ditto.

  • platform/mediastream/libwebrtc/GStreamerVideoEncoderFactory.cpp:

(WebCore::GStreamerVideoEncoder::makeElement): Ditto.
(WebCore::GStreamerVideoEncoder::InitEncode): Ditto.

  • platform/text/TextCodecLatin1.cpp: Removed unneeded include of StringBuffer.h

and "using namespace WTF".

  • platform/win/GDIObjectCounter.cpp:

(WebCore::GDIObjectCounter::GDIObjectCounter): Use makeString instead of String::format.

  • platform/win/KeyEventWin.cpp:

(WebCore::keyIdentifierForWindowsKeyCode): Ditto.

  • rendering/FloatingObjects.cpp:

(WebCore::FloatingObject::debugString const): Added. Moved string conversion here
from the header and use makeString instead of String::format. Also use
the word "debug" to make it clear that it's not OK to use this string, with a
pointer value serialized into it, outside of debugging.

  • rendering/FloatingObjects.h: Updated for the above.
  • rendering/RenderFragmentContainer.cpp:

(WebCore::RenderFragmentContainer::debugString const): Added. Moved string
conversion here from the header and use makeString instead of String::format.
Also use the word "debug" to make it clear that it's not OK to use this string,
with a pointer value serialized into it, outside of debugging.

  • rendering/RenderFragmentContainer.h: Updated for the above.
  • rendering/RenderFragmentedFlow.h: Ditto.
  • testing/Internals.cpp:

(WebCore::Internals::address): Use makeString instead of String::format.

Source/WebCore/PAL:

  • pal/FileSizeFormatter.cpp:

(fileSizeDescription): Use makeString instead of String::format.

Source/WebKit:

  • Platform/IPC/win/ConnectionWin.cpp:

(IPC::Connection::createServerAndClientIdentifiers): Use makeString instead of
String::format.

  • Shared/win/WebEventFactory.cpp:

(WebKit::keyIdentifierFromEvent): Ditto.

  • UIProcess/API/APINavigation.cpp:

(API::Navigation::loggingString const): Use hex instead of String::format.

  • UIProcess/SuspendedPageProxy.cpp:

(WebKit::SuspendedPageProxy::loggingString const): Ditto.

  • UIProcess/WebBackForwardList.cpp:

(WebKit::WebBackForwardList::loggingString): Added a "0x".

  • UIProcess/gtk/InputMethodFilter.cpp:

(WebKit::InputMethodFilter::logHandleKeyboardEventForTesting): Use makeString and hex
instead of String::format and "%x".
(WebKit::InputMethodFilter::logHandleKeyboardEventWithCompositionResultsForTesting):
Ditto.

Source/WTF:

  • WTF.xcodeproj/project.pbxproj: Added HexNumber.cpp and Logger.cpp.
  • wtf/CMakeLists.txt: Ditto.
  • wtf/HexNumber.cpp: Added.

(WTF::Internal::appendHex): Non-inline, non-template hex formatting logic.

  • wtf/HexNumber.h:

(WTF::Internal::appendHex): Refactored main logic of appendUnsignedAsHex and
appendUnsignedAsHexFixedSize so they can be reused in a function named hex for
use with StringTypeAdapter.
(WTF::appendUnsignedAsHex): Ditto.
(WTF::appendUnsignedAsHexFixedSize): Ditto.
(WTF::hex): Added.
(WTF::StringTypeAdapter<HexNumberBuffer>): Added.

  • wtf/Logger.cpp: Added.

(WTF::Logger::LogSiteIdentifier::toString const): Made this a non-template
function and moved it here so that we don't need to include HexNumber.h
in Logger.h. Since HexNumber.h has substantial code in it, it's good if we
don't include it in any other headers.

  • wtf/Logger.h:

(WTF::LogArgument<Logger::LogSiteIdentifier>::toString): Changed to call
a non-template function, LogSiteIdentifier::toString.

  • wtf/text/StringConcatenateNumbers.h: Replaced overloaded writeTo functions

with function templates and used StringImpl::copyCharacters instead of
hand-written loops.

4:52 PM Changeset in webkit [241750] by commit-queue@webkit.org
  • 6 edits in trunk/Source/WebInspectorUI

Web Inspector: Provide a way to avoid a recording auto-stop on reload
https://bugs.webkit.org/show_bug.cgi?id=194793

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2019-02-18
Reviewed by Matt Baker.

  • Localizations/en.lproj/localizedStrings.js:

New tooltip.

  • UserInterface/Controllers/TimelineManager.js:

(WI.TimelineManager.prototype.willAutoStop):
(WI.TimelineManager.prototype.relaxAutoStop):
Getter and relaxer for auto stop behavior.

  • UserInterface/Views/AuditNavigationSidebarPanel.js:

(WI.AuditNavigationSidebarPanel.prototype.showDefaultContentView):
Drive-by fix some whitespace issues.

  • UserInterface/Views/TimelineTabContentView.js:

(WI.TimelineTabContentView):
(WI.TimelineTabContentView.prototype._showRecordButton):
(WI.TimelineTabContentView.prototype._showContinueButton):
(WI.TimelineTabContentView.prototype._updateNavigationBarButtons):
(WI.TimelineTabContentView.prototype._capturingStartedOrStopped):
(WI.TimelineTabContentView.prototype._globalModifierKeysDidChange):
(WI.TimelineTabContentView.prototype._continueButtonClicked):
Show a "continue" like icon instead of the usual stop button when
a recording would auto-stop and the alt key is down. When pressed
this button will relax the auto-stop and continue the recording
until explicitly stopped by the user.

4:43 PM Changeset in webkit [241749] by Wenson Hsieh
  • 42 edits in trunk

[iOS] Support pasting item-provider-backed data on the pasteboard as attachment elements
https://bugs.webkit.org/show_bug.cgi?id=194670
<rdar://problem/39066529>

Reviewed by Tim Horton.

Source/WebCore:

Adds support for pasting files on the pasteboard as attachment elements, if the attachment element runtime
switch is enabled. Currently, the only types of data that can be pasted as attachments are images, which take a
special codepath in WebContentReader::readImage.

This patch adds a readDataBuffer method that converts a given blob of data from the pasteboard into an
attachment-element-backed representation in the DOM (i.e. either an attachment element or image element that
contains an attachment element). In the case where the given pasteboard item has been explicitly marked as an
attachment (via the preferredPresentationStyle hint) and the item has at least one type representation that
conforms to "public.content", we take this codepath instead of first attempting the web content reading types
supported by default in WebKit.

See below for more detail.

Test: WKAttachmentTestsIOS.InsertPastedFilesAsAttachments

  • editing/Editor.cpp:

(WebCore::Editor::clientReplacementURLForResource): Deleted.

  • editing/Editor.h:
  • editing/WebContentReader.h:
  • editing/cocoa/WebContentReaderCocoa.mm:

(WebCore::mimeTypeFromContentType):
(WebCore::contentTypeIsSuitableForInlineImageRepresentation):
(WebCore::createFragmentAndAddResources):
(WebCore::sanitizeMarkupWithArchive):

Remove all logic for handling subresource URL replacement. See WebKit ChangeLog for more details on this.

(WebCore::WebContentReader::readImage):
(WebCore::attachmentForFilePath):
(WebCore::attachmentForData):

Add a helper that creates an attachment element for a given blob of data and content type. The logic here is
quite similar to that of attachmentForFilePath, and we should find a way to either merge them, or pull out more
of their similarities into helper functions.

(WebCore::WebContentReader::readDataBuffer):
(WebCore::replaceSubresourceURLsWithURLsFromClient): Deleted.

Remove more logic for handling subresource URL replacement. See WebKit ChangeLog for more details on this.

  • loader/EmptyClients.cpp:
  • page/EditorClient.h:
  • platform/Pasteboard.h:
  • platform/PasteboardItemInfo.h:

(WebCore::PasteboardItemInfo::contentTypeForHighestFidelityItem const):
(WebCore::PasteboardItemInfo::pathForHighestFidelityItem const):
(WebCore::PasteboardItemInfo::encode const):
(WebCore::PasteboardItemInfo::decode):

Add contentTypesByFidelity to PasteboardItemInfo, instead of requesting this information using a separate IPC
message. This means we can also remove getTypesByFidelityForItemAtIndex, and just use the item's types in
fidelity order instead.

  • platform/PasteboardStrategy.h:
  • platform/PlatformPasteboard.h:
  • platform/ios/AbstractPasteboard.h:
  • platform/ios/PasteboardIOS.mm:

(WebCore::Pasteboard::read):

Shave off (potentially many) sync IPC messages to the UI process by pulling each call to
informationForItemAtIndex out of the inner loop when reading web content.

(WebCore::Pasteboard::readRespectingUTIFidelities):

Shave off one extraneous sync IPC message by rolling the types in fidelity order into the request for
PasteboardItemInfo, instead of being sent in a separate message.

  • platform/ios/PlatformPasteboardIOS.mm:

(WebCore::PlatformPasteboard::informationForItemAtIndex):

Populate contentTypesForFileUpload in the case where UIPasteboard is used (i.e. copy and paste).

(WebCore::PlatformPasteboard::getTypesByFidelityForItemAtIndex): Deleted.

  • platform/ios/WebItemProviderPasteboard.h:
  • platform/ios/WebItemProviderPasteboard.mm:

(-[WebItemProviderPasteboard pasteboardTypesByFidelityForItemAtIndex:]): Deleted.

Source/WebKit:

Remove all IPC plumbing for getTypesByFidelityForItemAtIndex, now that the types in fidelity order have been
rolled into PasteboardItemInfo.

Additionally, remove support for subresource URL replacement. This feature was originally added with the
intention that private clients (i.e. Mail) would intercept pasted or dropped images and replace their URLs.
However, since <rdar://problem/43216836>, our strategy for this scenario has changed, such that WebKit now
handles the drop/paste, and later delivers the image data to the client via NSFileWrappers in the UI process.
At this time, there are no adopters of this SPI, and no adopters of the V2 injected bundle editing client. As
such, we can simply revert all of this to its state prior to the introduction of the replacement URL SPI, with
the exception to changes in WKBundlePageEditorClient.h, wherein there is a nonzero (but likely tiny) chance of
completely breaking binary compatability with any third parties on macOS which may have tried to adopt
subresource URL replacement.

  • UIProcess/Cocoa/WebPasteboardProxyCocoa.mm:

(WebKit::WebPasteboardProxy::getPasteboardTypesByFidelityForItemAtIndex): Deleted.

  • UIProcess/WebPasteboardProxy.h:
  • UIProcess/WebPasteboardProxy.messages.in:
  • UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView canPerformActionForWebView:withSender:]):

Return YES for -paste: in the case where:

  1. The pasteboard contains items that are explicitly marked as attachments.
  2. The selection is richly contenteditable.
  3. Attachment elements are enabled.

Among other things, this allows the callout bar on iOS to show the "Paste" action.

  • WebProcess/InjectedBundle/API/APIInjectedBundleEditorClient.h:

(API::InjectedBundle::EditorClient::performTwoStepDrop):
(API::InjectedBundle::EditorClient::replacementURLForResource): Deleted.

  • WebProcess/InjectedBundle/API/Cocoa/WKWebProcessPlugInEditingDelegate.h:
  • WebProcess/InjectedBundle/API/mac/WKWebProcessPlugInBrowserContextController.mm:

(-[WKWebProcessPlugInBrowserContextController _setEditingDelegate:]):

  • WebProcess/InjectedBundle/InjectedBundlePageEditorClient.cpp:

(WebKit::InjectedBundlePageEditorClient::replacementURLForResource): Deleted.

  • WebProcess/InjectedBundle/InjectedBundlePageEditorClient.h:
  • WebProcess/WebCoreSupport/WebEditorClient.cpp:

(WebKit::WebEditorClient::replacementURLForResource): Deleted.

  • WebProcess/WebCoreSupport/WebEditorClient.h:
  • WebProcess/WebCoreSupport/WebPlatformStrategies.cpp:

(WebKit::WebPlatformStrategies::getTypesByFidelityForItemAtIndex): Deleted.

  • WebProcess/WebCoreSupport/WebPlatformStrategies.h:

Source/WebKitLegacy/mac:

  • WebCoreSupport/WebEditorClient.h:
  • WebCoreSupport/WebEditorClient.mm:

(WebEditorClient::replacementURLForResource): Deleted.

  • WebCoreSupport/WebPlatformStrategies.h:
  • WebCoreSupport/WebPlatformStrategies.mm:

(WebPlatformStrategies::getTypesByFidelityForItemAtIndex): Deleted.

Source/WebKitLegacy/win:

  • WebCoreSupport/WebEditorClient.cpp:

(WebEditorClient::replacementURLForResource): Deleted.

  • WebCoreSupport/WebEditorClient.h:

Tools:

Remove code and tests for subresource URL replacement, and also add a new test to verify that copied data can be
pasted in an editable area as attachment elements.

  • TestWebKitAPI/Tests/WebKitCocoa/BundleEditingDelegatePlugIn.mm:

(-[BundleEditingDelegatePlugIn webProcessPlugIn:didCreateBrowserContextController:]):
(-[BundleEditingDelegatePlugIn _webProcessPlugInBrowserContextController:replacementURLForResource:mimeType:]): Deleted.

  • TestWebKitAPI/Tests/WebKitCocoa/WKAttachmentTests.mm:

(TestWebKitAPI::TEST):

  • WebKitTestRunner/InjectedBundle/InjectedBundlePage.cpp:

(WTR::InjectedBundlePage::InjectedBundlePage):

4:15 PM Changeset in webkit [241748] by dbates@webkit.org
  • 2 edits in trunk/Source/WebCore

Clean up and modernize RenderThemeIOS::paintCheckboxDecorations()
https://bugs.webkit.org/show_bug.cgi?id=194785

Reviewed by Simon Fraser.

Change from early return to else-clause to make the states clearer and make it more straightforward
to share more common code. Use constexpr, allocate temporary vectors with inline capacity, and
switch to uniform initializer syntax.

  • rendering/RenderThemeIOS.mm:

(WebCore::RenderThemeIOS::paintCheckboxDecorations):

4:10 PM Changeset in webkit [241747] by dbates@webkit.org
  • 6 edits
    20 adds in trunk

[iOS] Focus ring for checkboxes, radio buttons, buttons and search fields should hug tighter to the contour
https://bugs.webkit.org/show_bug.cgi?id=193599
<rdar://problem/47399602>

Reviewed by Simon Fraser.

Source/WebCore:

For now, iOS uses a 3px outline width for its focus rings. Do not inset the focus ring on iOS
for text fields, textareas, keygens, and selects so as to match the visual appearance of all
the other controls.

Tests: fast/forms/ios/focus-button.html

fast/forms/ios/focus-checkbox.html
fast/forms/ios/focus-checked-checkbox.html
fast/forms/ios/focus-checked-radio.html
fast/forms/ios/focus-radio.html
fast/forms/ios/focus-reset-button.html
fast/forms/ios/focus-search-field.html
fast/forms/ios/focus-submit-button.html
fast/forms/ios/focus-text-field.html
fast/forms/ios/focus-textarea.html

  • css/html.css:

(:focus): Use 3px outline width.
(input:focus, textarea:focus, keygen:focus, select:focus): Guard this code to exclude it when building for iOS.

  • rendering/RenderBox.cpp:

(WebCore::RenderBox::paintBoxDecorations): Add FIXME comment.

  • rendering/RenderElement.cpp:

(WebCore::RenderElement::paintOutline): Call RenderTheme::adjustPaintRect() to adjust the paint rect.
Otherwise, the focus rings for radios and checkboxes are drawn at the wrong y-coordinate and are not snug.

LayoutTests:

Ideally we should find a way to write non-pixel tests for focus rings. For now, add some mismatch ref
tests.

We cannot write a "good" mismatch ref test for <select> at the moment since there is no way to defocus
a <select> without closing its popup. We also cannot change outline-color when outline-style: auto is
used and outline-style: auto is needed to get shrink-wrapped focus rings :(

  • fast/forms/ios/focus-button-expected-mismatch.html: Added.
  • fast/forms/ios/focus-button.html: Added.
  • fast/forms/ios/focus-checkbox-expected-mismatch.html: Added.
  • fast/forms/ios/focus-checkbox.html: Added.
  • fast/forms/ios/focus-checked-checkbox-expected-mismatch.html: Added.
  • fast/forms/ios/focus-checked-checkbox.html: Added.
  • fast/forms/ios/focus-checked-radio-expected-mismatch.html: Added.
  • fast/forms/ios/focus-checked-radio.html: Added.
  • fast/forms/ios/focus-radio-expected-mismatch.html: Added.
  • fast/forms/ios/focus-radio.html: Added.
  • fast/forms/ios/focus-reset-button-expected-mismatch.html: Added.
  • fast/forms/ios/focus-reset-button.html: Added.
  • fast/forms/ios/focus-search-field-expected-mismatch.html: Added.
  • fast/forms/ios/focus-search-field.html: Added.
  • fast/forms/ios/focus-submit-button-expected-mismatch.html: Added.
  • fast/forms/ios/focus-submit-button.html: Added.
  • fast/forms/ios/focus-text-field-expected-mismatch.html: Added.
  • fast/forms/ios/focus-text-field.html: Added.
  • fast/forms/ios/focus-textarea-expected-mismatch.html: Added.
  • fast/forms/ios/focus-textarea.html: Added.
  • platform/ios/TestExpectations: Skip the tests for now on iOS we do not build with ENABLE(FULL_KEYBOARD_ACCESS) enabled.
3:40 PM Changeset in webkit [241746] by commit-queue@webkit.org
  • 4 edits
    2 adds in trunk

[css-grid] Handle indefinite percentages in fit-content()
https://bugs.webkit.org/show_bug.cgi?id=194509

Patch by Oriol Brufau <Oriol Brufau> on 2019-02-18
Reviewed by Javier Fernandez.

LayoutTests/imported/w3c:

Import WPT test.

  • web-platform-tests/css/css-grid/layout-algorithm/grid-fit-content-percentage-expected.txt: Added.
  • web-platform-tests/css/css-grid/layout-algorithm/grid-fit-content-percentage.html: Added.
  • web-platform-tests/css/css-grid/layout-algorithm/w3c-import.log:

Source/WebCore:

Test: imported/w3c/web-platform-tests/css/css-grid/layout-algorithm/grid-fit-content-percentage.html

If the size of the grid container depends on the size of its tracks,
a percentage in fit-content() is indefinite. Without this patch, some
places treated this case as fit-content(0), which prevented the grid
container from growing enough to contain the max-content contribution
of its grid items.

This patch treats such fit-content() as minmax(auto, max-content),
but once the size of the grid container is known and it is laid out
"for real", then the percentage is definite and it's used.

  • rendering/GridTrackSizingAlgorithm.cpp:

(WebCore::GridTrackSizingAlgorithm::gridTrackSize const):
(WebCore::GridTrackSizingAlgorithm::initializeTrackSizes):

3:40 PM Changeset in webkit [241745] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebKit

exitFullscreen should not instantiate a new model/interface mapping.
https://bugs.webkit.org/show_bug.cgi?id=191988
rdar://problem/42327939

Patch by Jeremy Jones <jeremyj@apple.com> on 2019-02-18
Reviewed by Jer Noble.

This change is a speculative fix for a crash that cannot be reproduced.

Somehow, exitFullscreen is being requested after didCleanupFullscreen has completed.
This change should allow us to prevent the crash in release, and assert in debug.

  • UIProcess/Cocoa/VideoFullscreenManagerProxy.mm:

(WebKit::VideoFullscreenManagerProxy::exitFullscreen):

3:27 PM Changeset in webkit [241744] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: Fix a typo causing assertions in ConsoleManager
https://bugs.webkit.org/show_bug.cgi?id=194792

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2019-02-18
Reviewed by Matt Baker.

  • UserInterface/Controllers/ConsoleManager.js:

(WI.ConsoleManager.prototype.initializeLogChannels):
Extra comma produced an undefined value in the list.

3:13 PM Changeset in webkit [241743] by wilander@apple.com
  • 6 edits
    3 adds in trunk

Check the existence of the frame in Document::hasFrameSpecificStorageAccess() and Document::setHasFrameSpecificStorageAccess()
https://bugs.webkit.org/show_bug.cgi?id=194777
<rdar://problem/47731945>

Reviewed by Geoffrey Garen and Chris Dumez.

Source/WebCore:

Test: http/tests/storageAccess/remove-requesting-iframe.html

  • dom/Document.cpp:

(WebCore::Document::hasFrameSpecificStorageAccess const):

Now checks for the existence of the frame.

(WebCore::Document::setHasFrameSpecificStorageAccess):

Now checks for the existence of the frame.

  • loader/ResourceLoadObserver.cpp:

(WebCore::ResourceLoadObserver::logUserInteractionWithReducedTimeResolution):

Now checks that the session ID is valid.

Source/WebKit:

  • NetworkProcess/NetworkConnectionToWebProcess.cpp:

(WebKit::NetworkConnectionToWebProcess::logUserInteraction):

Now returns early if the incoming session ID is invalid.
Added an ASSERT to help us find other call sites passing invalid session IDs.

LayoutTests:

  • http/tests/storageAccess/remove-requesting-iframe-expected.txt: Added.
  • http/tests/storageAccess/remove-requesting-iframe.html: Added.
  • http/tests/storageAccess/resources/request-storage-access-and-immediately-postmessage-iframe.html: Added.
3:12 PM Changeset in webkit [241742] by jer.noble@apple.com
  • 2 edits in trunk/Source/WebCore

-[AVSampleBufferDisplayLayer player]: Unrecognized selector crash
https://bugs.webkit.org/show_bug.cgi?id=194790
<rdar://problem/33866742>

Reviewed by Jon Lee.

Ensure that a WebVideoContainerLayer's sole sublayer is actually an AVPlayerLayer (and not
an AVSampleBufferDisplayLayer) before reporting that the layer type is LayerTypeAVPlayerLayer.

  • platform/graphics/ca/cocoa/PlatformCALayerCocoa.mm:

(WebCore::PlatformCALayerCocoa::layerTypeForPlatformLayer):

2:58 PM Changeset in webkit [241741] by ysuzuki@apple.com
  • 5 edits
    1 add in trunk

[JSC] Add LazyClassStructure::getInitializedOnMainThread
https://bugs.webkit.org/show_bug.cgi?id=194784
<rdar://problem/48154820>

Reviewed by Mark Lam.

JSTests:

  • stress/lazy-initialization-done-a-priori-if-jit-enabled.js: Added.

(getProperties):
(getRandomProperty):
(i.catch):

Source/JavaScriptCore:

LazyClassStructure::get and LazyProperty::get functions do not allow compiler threads to call them. But for booleanPrototype, numberPrototype and symbolPrototype cases,
we would like to call them from compiler threads. We eagerly initialize them if VM::canUseJIT() is true, so that compiler threads can safely call LazyClassStructure::get
and LazyProperty::get for booleanPrototype, numberPrototype and symbolPrototype. But still assertion hits because the assertion requires that these functions need to be
called in non compiler threads. Calling getConcurrently() is not possible since symbolPrototype() function is called from both the main thread and compiler threads,
and we would like to lazily initialize SymbolPrototype object if it is called from the main thread, which can happen with non-JIT configuration.

This patch adds getInitializedOnMainThread(). Compiler threads can call it only when we know that the value is already initialized on the main thread. The main thread
can call it at anytime and this function lazily initializes the value. This is useful to make some of prototypes lazy with non-JIT configuration: With non-JIT configuration,
this function is always called from the main thread and it initializes the value lazily. Non-JIT configuration does not care about compiler threads since they do not exist.
With JIT configuration, we eagerly initialize them in JSGlobalObject::init so that getInitializedOnMainThread() always succeeds.

Basically, getInitializedOnMainThread() is get with different assertion location: While get always crashes if it is called from compiler threads, getInitializedOnMainThread()
crashes only when actual initialization happens on compiler threads. We do not merge them since get is still useful to find accidental initialization from compiler threads.

  • runtime/JSGlobalObject.h:

(JSC::JSGlobalObject::booleanPrototype const):
(JSC::JSGlobalObject::numberPrototype const):
(JSC::JSGlobalObject::symbolPrototype const):

  • runtime/LazyClassStructure.h:

(JSC::LazyClassStructure::getInitializedOnMainThread const):
(JSC::LazyClassStructure::prototypeInitializedOnMainThread const):
(JSC::LazyClassStructure::constructorInitializedOnMainThread const):

  • runtime/LazyProperty.h:

(JSC::LazyProperty::get const):
(JSC::LazyProperty::getInitializedOnMainThread const):

2:45 PM Changeset in webkit [241740] by Nikita Vasilyev
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: Styles: typing ";" shouldn't focus on the next property when there's open parenthesis or comment
https://bugs.webkit.org/show_bug.cgi?id=194789

Reviewed by Matt Baker.

  • UserInterface/Views/SpreadsheetStyleProperty.js:

(WI.SpreadsheetStyleProperty.prototype._handleValueBeforeInput):

2:44 PM Changeset in webkit [241739] by commit-queue@webkit.org
  • 17 edits
    4 adds in trunk

Web Inspector: Better categorize CPU usage per-thread / worker
https://bugs.webkit.org/show_bug.cgi?id=194564

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2019-02-18
Reviewed by Devin Rousso.

Source/JavaScriptCore:

  • inspector/protocol/CPUProfiler.json:

Add additional properties per-Event, and new per-Thread object info.

Source/WebCore:

Test: inspector/cpu-profiler/threads.html

  • workers/WorkerThread.cpp:

(WebCore::WorkerThread::workerThreadsMutex):
(WebCore::WorkerThread::workerThreadCount):
(WebCore::WorkerThread::WorkerThread):
(WebCore::WorkerThread::~WorkerThread):
(WebCore::WorkerThread::workerThread):
(WebCore::WorkerThread::releaseFastMallocFreeMemoryInAllThreads):

  • workers/WorkerThread.h:

(WebCore::WorkerThread::identifier const):
Expose the set of all WorkerThreads.

  • inspector/agents/InspectorCPUProfilerAgent.cpp:

(WebCore::InspectorCPUProfilerAgent::collectSample):
Send inspector additional per-thread data.

  • page/ResourceUsageData.h:

(WebCore::WorkerCPUInfo::WorkerCPUInfo):

  • page/cocoa/ResourceUsageThreadCocoa.mm:

(WebCore::ThreadInfo::ThreadInfo):
(WebCore::threadInfos):
(WebCore::ResourceUsageThread::platformCollectCPUData):
(WebCore::threadSendRights): Deleted.
(WebCore::cpuUsage): Deleted.
Compute per-thread values on cocoa ports.

  • page/linux/ResourceUsageThreadLinux.cpp:

(WebCore::ResourceUsageThread::platformCollectCPUData):
Stub per-thread values on linux ports.

Source/WebInspectorUI:

  • UserInterface/Controllers/TimelineManager.js:

(WI.TimelineManager.prototype.cpuProfilerTrackingUpdated):

  • UserInterface/Models/CPUTimelineRecord.js:

(WI.CPUTimelineRecord.prototype.get mainThreadUsage):
(WI.CPUTimelineRecord.prototype.get webkitThreadUsage):
(WI.CPUTimelineRecord.prototype.get workerThreadUsage):
(WI.CPUTimelineRecord.prototype.get unknownThreadUsage):
Build a better record from the protocol events.

Source/WTF:

  • wtf/Threading.h:
  • wtf/Threading.cpp:

(WTF::Thread::allThreadsMutex):
(WTF::Thread::create):
(WTF::Thread::didExit):
Add a set of all WTF::Thread created threads.

LayoutTests:

  • inspector/cpu-profiler/resources/busy-worker.js: Added.
  • inspector/cpu-profiler/threads-expected.txt: Added.
  • inspector/cpu-profiler/threads.html: Added.

Test that WebKit receives per-Thread CPU usage numbers.

2:43 PM Changeset in webkit [241738] by jer.noble@apple.com
  • 2 edits in trunk/Source/WebCore

Uncaught Exception crash in MediaPlayerPrivateAVFoundationObjC::setShouldObserveTimeControlStatus()
https://bugs.webkit.org/show_bug.cgi?id=194786

Reviewed by Eric Carlson.

Convert a runtime crash to a debug assert by wrapping the call to -[AVPlayer removeObserver:forKeyPath:]
in an exception handler.

  • platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:

(WebCore::MediaPlayerPrivateAVFoundationObjC::setShouldObserveTimeControlStatus):

2:43 PM Changeset in webkit [241737] by pvollan@apple.com
  • 2 edits in trunk/Source/WebKit

It should be possible to get the mouse event modifiers for a page overlay client.
https://bugs.webkit.org/show_bug.cgi?id=189621
<rdar://problem/44437279>

Reviewed by Daniel Bates.

When access to the WindowServer is blocked, [NSEvent modifierFlags] always returns 0.
This can be fixed by swizzling the class method, and getting the cached modifiers from
PlatformKeyboardEvent.

  • WebProcess/cocoa/WebProcessCocoa.mm:

(WebKit::currentModifierFlags):
(WebKit::WebProcess::platformInitializeProcess):

1:34 PM Changeset in webkit [241736] by achristensen@apple.com
  • 2 edits in trunk/Tools

Fix API test after r241728

https://bugs.webkit.org/show_bug.cgi?id=194723

  • TestWebKitAPI/Tests/WebKitCocoa/SafeBrowsing.mm:

(TEST):
The test should check the default preference value, not make sure the preference is NO after setting it to YES :/

1:30 PM Changeset in webkit [241735] by achristensen@apple.com
  • 2 edits in trunk/Source/WebKit

WebPageProxy::didFinishDocumentLoadForFrame() crashing in WPE and GTK+ ports
https://bugs.webkit.org/show_bug.cgi?id=194774

Patch by Claudio Saavedra <Claudio Saavedra> on 2019-02-18
Reviewed by Alex Christensen.

  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::didFinishDocumentLoadForFrame):
Null check navigation before using it.
This is a regression from r241451.

1:16 PM Changeset in webkit [241734] by dbates@webkit.org
  • 16 edits in trunk

[iOS] Keyups for non-modifier keys identified as "Dead" when not focused in a content-editable element
https://bugs.webkit.org/show_bug.cgi?id=192824
<rdar://problem/47100332>

Reviewed by Wenson Hsieh.

Source/WebCore:

When building with USE(UIKIT_KEYBOARD_ADDITIONS) enabled, normalize input strings for some more key codes
now that hardware key events to non-editable elements use the same code path as for editable elements.

  • platform/ios/KeyEventIOS.mm:

(WebCore::windowsKeyCodeForCharCode): Demarcate mappings that are only needed when building with
!USE(UIKIT_KEYBOARD_ADDITIONS) in the hope that one day we can remove this code.
(WebCore::isFunctionKey): Ditto.

  • platform/ios/WebEvent.mm:

(normalizedStringWithAppKitCompatibilityMapping): Normalize some more input strings when building with
USE(UIKIT_KEYBOARD_ADDITIONS) enabled.

Source/WebCore/PAL:

Expose more enumerators.

  • pal/spi/cocoa/IOKitSPI.h:

Source/WebKit:

Use the same code path for key events to editable elements and non-editable elements.

Currently we have different code paths for hardware key events depending on whether the active element
is editable or non-editable. Historically to support dispatching DOM keyboard events for hardware key
presses this differentiation was a necessary workaround for UIKit's event processing precedence of
interpreting key events for system text editing commands and app commands before dispatching unhandled
key events to WebKit. This workaround intercepted raw key UIEvents and manually reconstructed a
WebEvent from it. However there is not enough information in an UIEvent to reconstruct a WebEvent that
is identical to the WebEvent that UIKit would have dispatched. In particular, keyup UIEvents always have
empty modified and unmodified input strings. The UIKit keyboard machinery maintains additional state
that is necessary to manufacture the correct WebEvent corresponding to a UIEvent.

As a side benefit of this change, with the exception of modifier flag changes, both hardware and software
key events use the same code path.

  • UIProcess/ios/WKContentViewInteraction.h:
  • UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView shouldShowAutomaticKeyboardUI]): Extracted code from _requiresKeyboardWhenFirstResponder
(-[WKContentView _disableAutomaticKeyboardUI]): Implement UIKit SPI to prevent showing the keyboard UI
when there is no focused element now that we are no longer intercepting key UIEvents. Formerly the
keyboard UI was disabled as a side effect of not becoming first responder when there was no focused
element (by returning NO in -_requiresKeyboardWhenFirstResponder).
(-[WKContentView _requiresKeyboardWhenFirstResponder]): Always return YES when building with USE(UIKIT_KEYBOARD_ADDITIONS)
so that we always accept key events. Instead of selectively replying to create a keyboard as a means of
hiding the automatic keyboard UI we now implement _disableAutomaticKeyboardUI to selectively hide the
automatic keyboard UI.
(-[WKContentView applyAutocorrection:toString:withCompletionHandler:]): If we are not in an editable
element then we cannot perform the replacement. This logic was necessary now that we always require a
keyboard.
(-[WKContentView requestAutocorrectionContextWithCompletionHandler:]): If we are not in an editable
element then return an autocorrection object that indicates that we could not compute this data. This
logic was necessary now that we always require a keyboard.
(-[WKContentView textInputTraits]): Do not update traits when the keyboard is going to be dismissed
now that we require a keyboard when first responder even if the focused element is non-editable.
(-[WKContentView _didHandleKeyEvent:eventWasHandled:]): Skip logic for re-sending UIEvents to UIKit
as UIKit now processes the event first. This logic was necessary in order to finally allow UIKit
its chance to interpret the UIEvent, we intercepted, for app key commands.
(-[WKContentView _elementDidBlur]): Call [self _endEditing] so that we dismiss any open form controls
(e.g. a <select> popover menu). Currently this happens either by -_requiresKeyboardWhenFirstResponder
responding NO when switching to another field or pressing Tab or Shift + Tab key command, which we will
no longer use when building with USE(UIKIT_KEYBOARD_ADDITIONS) once I land <https://bugs.webkit.org/show_bug.cgi?id=193048>.

  • UIProcess/ios/forms/WKFormSelectPopover.mm:

(-[WKSelectPopover initWithView:hasGroups:]): Do not assign ourself as the keyboard delegate. Otherwise,
type ahead and tab cycling will not work. Currently type ahead and tab cycling work by using the non-
editable code path via -_handleKeyUIEvent. Now that we no longer differentiate between key events for
editable and non-editable elements we need to ensure that the WKContentView is the keyboard delegate
when the popover is presented.

Tools:

Fix a bug where the wrong usage code was used for F13 thru F24.

  • WebKitTestRunner/ios/HIDEventGenerator.mm:

(keyCodeForDOMFunctionKey):

LayoutTests:

Update tests and expected results. As it turns out fixing the bug in WebKitTestRunner/ios/HIDEventGenerator.mm
so that we now dispatch key events for F17 thru F24 exposed a bug in UIKit. See <rdar://problem/47128940>.
This same bug is also responsible for a lack of key events when the Insert key is pressed.

Added sub-test for Tab key to keypress-keys-in-non-editable-element.html. Changed expected result in test
keypress-keys-in-non-editable-element.html for the forward delete key to expect failure. We expect that pressing
the forward delete key will not dispatch a keypress to match the behavior on Mac. This will be addressed by a
UIKit fix.

  • fast/events/ios/keydown-keyup-special-keys-in-non-editable-element-expected.txt:
  • fast/events/ios/keydown-keyup-special-keys-in-non-editable-element.html:
  • fast/events/ios/keypress-keys-in-non-editable-element-expected.txt:
  • fast/events/ios/keypress-keys-in-non-editable-element.html:
12:55 PM Changeset in webkit [241733] by Tadeu Zagallo
  • 7 edits
    1 add in trunk

Bytecode cache should a have a boot-specific validation
https://bugs.webkit.org/show_bug.cgi?id=194769
<rdar://problem/48149509>

Reviewed by Keith Miller.

Source/JavaScriptCore:

Add the boot UUID to the cached bytecode to enforce that it is not reused
across reboots.

  • runtime/CachedTypes.cpp:

(JSC::Encoder::malloc):
(JSC::GenericCacheEntry::GenericCacheEntry):
(JSC::GenericCacheEntry::tag const):
(JSC::CacheEntry::CacheEntry):
(JSC::CacheEntry::decode const):
(JSC::GenericCacheEntry::decode const):
(JSC::encodeCodeBlock):

Source/WTF:

Add helper to get kern.bootsessionuuid from sysctl

  • wtf/UUID.cpp:

(WTF::bootSessionUUIDString):

  • wtf/UUID.h:

Tools:

Add test for WTF::bootSessionUUIDString()

  • TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
  • TestWebKitAPI/Tests/WTF/UUID.cpp: Added.

(TEST):

12:11 PM Changeset in webkit [241732] by Devin Rousso
  • 3 edits in trunk/Source/WebInspectorUI

Web Inspector: duplicate left double quotation mark (\u201C) in 'Unable to show certificate for “%s“.'
https://bugs.webkit.org/show_bug.cgi?id=194782
<rdar://problem/48159683>

Reviewed by Joseph Pecoraro.

  • UserInterface/Models/Resource.js:

(WI.Resource.prototype.async showCertificate):

  • Localizations/en.lproj/localizedStrings.js:
11:47 AM Changeset in webkit [241731] by jiewen_tan@apple.com
  • 2 edits in trunk/Source/WebKit

Tell Networking Process to not optimize load
https://bugs.webkit.org/show_bug.cgi?id=194753
<rdar://problem/48143603>

Reviewed by Brent Fulgham.

  • NetworkProcess/cocoa/NetworkSessionCocoa.mm:

(WebKit::NetworkSessionCocoa::NetworkSessionCocoa):

11:09 AM Changeset in webkit [241730] by dino@apple.com
  • 2 edits in trunk/Source/WebKit

iOS Safari will not load USDZ in QLPreview when opening as BLOB
https://bugs.webkit.org/show_bug.cgi?id=194766
<rdar://problem/42769186>

Reviewed by Wenson Hsieh.

A download from a Blob URL can happen effectively instantly, which means
that the loadHandler on the registerItemForTypeIdentifier method might not have
been called yet, and we haven't been told what the completionHandler is.
In this case, keep a record of the URL we finished with, and call the completionHandler
right away.

  • UIProcess/Cocoa/SystemPreviewControllerCocoa.mm: Add a new private member variable: _downloadedURL.

(-[_WKPreviewControllerDataSource previewController:previewItemAtIndex:]): Call the completionHandler
right away if we've finished.
(-[_WKPreviewControllerDataSource finish:]): Remember that we've finished by recording the URL.

10:38 AM Changeset in webkit [241729] by eric.carlson@apple.com
  • 20 edits in trunk

Add MSE logging configuration
https://bugs.webkit.org/show_bug.cgi?id=194719
<rdar://problem/48122151>

Reviewed by Joseph Pecoraro.

Source/JavaScriptCore:

  • inspector/ConsoleMessage.cpp:

(Inspector::messageSourceValue):

  • inspector/protocol/Console.json:
  • inspector/scripts/codegen/generator.py:
  • runtime/ConsoleTypes.h:

Source/WebCore:

No new tests, updated inspector/console/webcore-logging.html.

  • dom/Document.cpp:

(WebCore::messageSourceForWTFLogChannel): Recognize the MSE logging channel.

  • inspector/agents/WebConsoleAgent.cpp:

(WebCore::WebConsoleAgent::getLoggingChannels): Ditto.

Source/WebInspectorUI:

  • Localizations/en.lproj/localizedStrings.js:
  • UserInterface/Models/ConsoleMessage.js:
  • UserInterface/Models/IssueMessage.js:

(WI.IssueMessage):

  • UserInterface/Views/LogContentView.js:

(WI.LogContentView):

  • UserInterface/Views/SettingsTabContentView.js:

(WI.SettingsTabContentView.prototype._createGeneralSettingsView):

Source/WebKitLegacy/mac:

  • WebCoreSupport/WebChromeClient.mm:

(stringForMessageSource): Recognize the MSE message source.

LayoutTests:

  • inspector/console/webcore-logging-expected.txt:
10:34 AM Changeset in webkit [241728] by achristensen@apple.com
  • 10 edits in trunk

Disable safe browsing in WKWebView and remove its WKPreferences API
https://bugs.webkit.org/show_bug.cgi?id=194723
<rdar://problem/48122993>

Reviewed by Geoffrey Garen.

Source/WebKit:

  • Shared/WebPreferences.yaml:
  • UIProcess/API/Cocoa/WKPreferences.h:
  • UIProcess/API/Cocoa/WKPreferences.mm:

(-[WKPreferences setSafeBrowsingEnabled:]): Deleted.
(-[WKPreferences isSafeBrowsingEnabled]): Deleted.

Tools:

  • TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:
  • TestWebKitAPI/Tests/WebKitCocoa/SafeBrowsing.mm:

(TEST):
(safeBrowsingView):
Make tests use SPI instead of API.

LayoutTests:

  • platform/mac-wk2/http/tests/navigation/keyboard-events-during-provisional-navigation-expected.txt:

This test has results that depend on timing, and I need to update its results when I disable safe browsing.
I've done this several times before. See r237876 for an example.

10:19 AM Changeset in webkit [241727] by Alan Coon
  • 5 edits
    1 copy in branches/safari-607-branch/Source/WebKit

Cherry-pick r241635. rdar://problem/48165262

[PSON] Allow tweaking WebProcess cache parameters via user defaults
https://bugs.webkit.org/show_bug.cgi?id=194731
<rdar://problem/48125377>

Reviewed by Geoffrey Garen.

Allow tweaking WebProcess cache parameters via user defaults like so:
$ defaults write com.apple.Safari WebProcessCacheCachedProcessLifetimeInSeconds 120
-> Cached processes will be evicted after 2 minutes (instead of 30)

$ defaults write com.apple.Safari WebProcessCacheClearingDelayAfterApplicationResignsActiveInSeconds 60
-> Web process cache will be cleared if Safari is no longer active for 1 minutes (instead of 5).

  • SourcesCocoa.txt:
  • UIProcess/Cocoa/WebProcessCacheCocoa.mm: Copied from Source/WebKit/UIProcess/WebProcessCache.h. (WebKit::WebProcessCache::platformInitialize):
  • UIProcess/WebProcessCache.cpp: (WebKit::WebProcessCache::WebProcessCache): (WebKit::WebProcessCache::platformInitialize):
  • UIProcess/WebProcessCache.h:
  • WebKit.xcodeproj/project.pbxproj:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241635 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:19 AM Changeset in webkit [241726] by Alan Coon
  • 2 edits in branches/safari-607-branch/Source/WebKit

Cherry-pick r241631. rdar://problem/48165260

[PSON] Disable WebContent process cache on devices with less than 3GB of RAM
https://bugs.webkit.org/show_bug.cgi?id=194726
<rdar://problem/48126255>

Reviewed by Geoffrey Garen.

  • UIProcess/WebProcessCache.cpp: (WebKit::WebProcessCache::updateCapacity):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241631 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:19 AM Changeset in webkit [241725] by Alan Coon
  • 3 edits in branches/safari-607-branch/Source/WebKit

Cherry-pick r241584. rdar://problem/48122553

Unreviewed. Fix GTK+ build after r241556

I guess this is due to unified builds after a new file being added in r241556.

Patch by Carlos Garcia Campos <cgarcia@igalia.com> on 2019-02-15

  • UIProcess/API/C/WKAuthenticationDecisionListener.cpp:
  • UIProcess/API/C/WKPage.cpp:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241584 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:19 AM Changeset in webkit [241724] by Alan Coon
  • 29 edits
    2 adds in branches/safari-607-branch

Apply patch. rdar://problem/48122553

Introduce a WebContent Process cache https://bugs.webkit.org/show_bug.cgi?id=194594 <rdar://problem/46793397>

Reviewed by Geoff Garen.

Source/WebCore:

Update localizable strings.

  • en.lproj/Localizable.strings:

Source/WebKit:

Introduce a WebContent Process cache to reduce the number of process launches when
process swap on navigation is enabled, and to reduce the power cost of the feature.

If a WebProcess loaded pages from a single registrable domain then it is eligible
for the cache. When process-swapping on navigation to a new registrable domain, we
now attempt to retrieve a process from the cache for the domain in question instead
of always launching a new one.

The WebProcess cache currently has the following attributes:

  • It may contains 4 processes per GB of RAM the machine has, up to 30 processes.
  • WebProcesses automatically get evicted from the cache after 30 minutes.
  • If the application is no longer the active app, then the cache will get cleared after 5 minutes.
  • WebProcesses that are in the cache are reported as "(Cached)" in Activity Monitor.

The WebProcess cache is currently disabled by default and can by enabled by the
client via SPI.

  • Shared/WebBackForwardListItem.cpp: (WebKit::WebBackForwardListItem::WebBackForwardListItem):
  • Shared/WebBackForwardListItem.h: (WebKit::WebBackForwardListItem::lastProcessIdentifier const): (WebKit::WebBackForwardListItem::setLastProcessIdentifier): Add new lastProcessIdentifier data member that reflects which process this item was last loaded in. It is normally identical to the identifier of the process that created the item but it gets overriden in case of cross-site client-side redirect, since a new process takes over the item in this case.
  • Sources.txt: Add new source file.
  • UIProcess/API/APIProcessPoolConfiguration.cpp: (API::ProcessPoolConfiguration::copy):
  • UIProcess/API/APIProcessPoolConfiguration.h:
  • UIProcess/API/C/WKContextConfigurationRef.cpp: (WKContextConfigurationUsesWebProcessCache): (WKContextConfigurationSetUsesWebProcessCache):
  • UIProcess/API/C/WKContextConfigurationRef.h:
  • UIProcess/API/Cocoa/_WKProcessPoolConfiguration.h:
  • UIProcess/API/Cocoa/_WKProcessPoolConfiguration.mm: (-[_WKProcessPoolConfiguration setUsesWebProcessCache:]): (-[_WKProcessPoolConfiguration usesWebProcessCache]): Add new SPI to enable the WebProcess cache.
  • UIProcess/API/Cocoa/WKProcessPool.mm: (-[WKProcessPool _webProcessCountIgnoringPrewarmedAndCached]):
  • UIProcess/API/Cocoa/WKProcessPoolPrivate.h: Add new SPI for testing which returns the number of WebProcesses ignoring both prewarmed and cached ones.
  • UIProcess/Cocoa/WebProcessPoolCocoa.mm: (WebKit::WebProcessPool::registerNotificationObservers): (WebKit::WebProcessPool::unregisterNotificationObservers): Add application active state observers as the WebProcess cache gets cleared when the application resigns active state for more than 5 minutes.
  • UIProcess/ProvisionalPageProxy.cpp: (WebKit::ProvisionalPageProxy::loadRequest): When doing a load in a new process with the BackForwardList locked (i.e. client-side redirect), make sure we update the last process identifier for the BackForwardListItem. This is important because the logic in WebProcessPool::processForNavigation() relies on this identifier to select which process to do the history navigation into, and we want to do the load in the post-redirect process, not the pre-redirect one.
  • UIProcess/WebPageProxy.cpp: (WebKit::WebPageProxy::didStartProvisionalLoadForFrameShared): Tell the WebProcess whenever a main frame provisional load is started, providing the URL.
  • UIProcess/WebProcessCache.cpp: Added. (WebKit::WebProcessCache::WebProcessCache): (WebKit::WebProcessCache::addProcess): (WebKit::WebProcessCache::takeProcess): (WebKit::WebProcessCache::updateMaximumSize): (WebKit::WebProcessCache::clear): (WebKit::WebProcessCache::setApplicationIsActive): (WebKit::WebProcessCache::evictProcess): (WebKit::WebProcessCache::CachedProcess::CachedProcess): (WebKit::WebProcessCache::CachedProcess::~CachedProcess): (WebKit::WebProcessCache::CachedProcess::takeProcess): (WebKit::WebProcessCache::CachedProcess::evictionTimerFired):
  • UIProcess/WebProcessCache.h: Added. (WebKit::WebProcessCache::maximumSize): (WebKit::WebProcessCache::size const): (WebKit::WebProcessCache::CachedProcess::process): Add process cache implementation.
  • UIProcess/WebProcessPool.cpp: (WebKit::m_webProcessCache): WebProcessCache is stored on the WebProcessPool via m_webProcessCache data member.

(WebKit::WebProcessPool::~WebProcessPool):
Clear the WebProcess cache in the destructor.

(WebKit::WebProcessPool::setApplicationIsActive):
Notify the WebProcessCache whenever the application's active state changes.

(WebKit::WebProcessPool::createWebPage):
If the state of PSON changes via the experimental features menu, dynamically
update the WebProcessCache's size. This is needed because the cache is disabled
when PSON is disabled.

(WebKit::WebProcessPool::handleMemoryPressureWarning):
Clear the WebProcess cache on memory pressure.

(WebKit::WebProcessPool::processForNavigationInternal):
Query the WebProcessCache before attempting to create a new WebProcess for a cross-site
navigation.

(WebKit::WebProcessPool::findReusableSuspendedPageProcess):
This logic was split out of processForNavigationInternal() to reduce the size
of the method.

  • UIProcess/WebProcessPool.h:
  • UIProcess/WebProcessProxy.cpp: (WebKit::WebProcessProxy::setIsInProcessCache): Update the isInProcessCache flag on the WebProcessProxy and send an IPC to the WebContent process so that it can update its name in Activity Monitor. We also need to stop holding a strong reference to the WebProcessPool whenever the process is in the cache, similarly to what we do for pre-warmed processes, given that such processes should not keep the process pool alive.

(WebKit::WebProcessProxy::addExistingWebPage):
Assert that we never try to add a page to a cached process, it should be taken out of the
cache before use.

(WebKit::WebProcessProxy::hasProvisionalPageWithID const):
(WebKit::WebProcessProxy::isAllowedToUpdateBackForwardItem const):
(WebKit::WebProcessProxy::updateBackForwardItem):
In case of client-side redirects, the previous process would sometimes send an IPC causing
the UIProcess' backforward list item to get updated with the pre-redirect URL after we've
already redirected. This previously would be unlikely to occur because we do not suspend
client-redirect pages and their process would normally exit before getting a chance to send
the IPC. However, with the process cache, the bug became obvious as the process would stay
alive and send up the "bad" IPC. To address the issue, we now only let the IPC update the
item if the item's page is (still) associated with the process. In the future, we may want
to update the IPC so that it gets sent to the WebPageProxy instead of the WebProcessProxy.

(WebKit::WebProcessProxy::processDidTerminateOrFailedToLaunch):
If a cached WebProcess crashes, remove it from the cache so that we do not attempt to use
it for a load later.

(WebKit::WebProcessProxy::canBeAddedToWebProcessCache const):
Only cache WebProcesses that have loaded a single registrable domain. Also prevent caching
for service worker and inspector processes.

(WebKit::WebProcessProxy::maybeShutDown):
If the process is cacheable, add it to the cache instead of shutting it down right away.

(WebKit::WebProcessProxy::canTerminateAuxiliaryProcess):
Make sure we do not attempt to terminate a processes that is in the cache.

(WebKit::WebProcessProxy::didStartProvisionalLoadForMainFrame):
Whenever a main frame provisional load starts, make sure we update the process's associated
registrable domain. nullopt indicates that there is no associated domain yet. Null string
indicates that the process is associated with several registrable domain and is therefore
not eligible for caching.

  • UIProcess/WebProcessProxy.h: (WebKit::WebProcessProxy::registrableDomain const): (WebKit::WebProcessProxy::isInProcessCache const): (WebKit::WebProcessProxy::provisionalPageCount const): Add convenience getters.
  • WebKit.xcodeproj/project.pbxproj: Add new files to project.
  • WebProcess/WebProcess.cpp: (WebKit::WebProcess::setIsInProcessCache):
  • WebProcess/WebProcess.h:
  • WebProcess/WebProcess.messages.in:
  • WebProcess/cocoa/WebProcessCocoa.mm: (WebKit::WebProcess::updateProcessName): Update the WebProcess' name in Activity Monitor whenever it goes into or out of the WebProcess cache.

Tools:

Update API tests to turn on the WebContent Process cache.

  • TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@241556 268f45cc-cd09-0410-ab3c-d52691b4dbfc
(cherry picked from commit dc197d35fd5d947ff4c81c2e0f5636b9cad36b3c)

9:52 AM Changeset in webkit [241723] by graouts@webkit.org
  • 9 edits
    2 adds in trunk

[iOS] Dispatch additional events along with pointerdown and pointerup
https://bugs.webkit.org/show_bug.cgi?id=194776
<rdar://problem/48164284>

Reviewed by Brent Fulgham.

Source/WebCore:

The Pointer Events specification mandates that "pointerover" and "pointerenter" events precede a "pointerdown" event and that "pointerout"
and "pointerleave" events follow a "pointerup" event. We remove the EventHandler::dispatchPointerEventForTouchAtIndex() method and replace
it with a PointerCaptureController::dispatchEventForTouchAtIndex() that can handle the dispatch of such additional events correctly, also
allowing for two PointerCaptureController methods (pointerEventWillBeDispatched and pointerEventWasDispatched) to become private.

Test: pointerevents/ios/over-enter-out-leave.html

  • dom/EventNames.h: Add the new "pointerover", "pointerenter", "pointerout" and "pointerleave" event types.
  • dom/PointerEvent.h:
  • dom/ios/PointerEventIOS.cpp:

(WebCore::PointerEvent::create):

  • page/EventHandler.cpp:

(WebCore::EventHandler::dispatchPointerEventForTouchAtIndex): Deleted.

  • page/EventHandler.h:
  • page/PointerCaptureController.cpp:

(WebCore::PointerCaptureController::dispatchEventForTouchAtIndex): Take the existing code from EventHandler::dispatchPointerEventForTouchAtIndex()
and extend it to dispatch additional events as mandated. Since several events may be dispatched we check whether the dispatch of any of those events
had defaultPrevented() or defaultHanded() return true and return those values as a pair.
(WebCore::PointerCaptureController::pointerEventWasDispatched):

  • page/PointerCaptureController.h:

LayoutTests:

Added a new test that checks that "pointerover" and "pointerenter" precede "pointerdown" and that "pointerout" and "pointerleave" follow "pointerup".

  • pointerevents/ios/over-enter-out-leave-expected.txt: Added.
  • pointerevents/ios/over-enter-out-leave.html: Added.
9:30 AM Changeset in webkit [241722] by sihui_liu@apple.com
  • 8 edits
    1 add in trunk

IndexedDB: leak IDBDatabase and IDBTransacstion in layout tests
https://bugs.webkit.org/show_bug.cgi?id=194709

Reviewed by Geoffrey Garen.

Source/WebCore:

When connection to IDB server is closed, IDBTransaction would abort without notifying IDBDatabase, so
IDBDatabase didn't clear its reference to IDBTransaction which created a reference cycle.

Also IDBTransaction didn't clear its reference to IDBRequest in this case and it led to another reference cycle
between IDBOpenDBRequest and IDBTransaction.

Test: storage/indexeddb/IDBObject-leak.html

  • Modules/indexeddb/IDBDatabase.cpp:

(WebCore::IDBDatabase::connectionToServerLost):

  • Modules/indexeddb/IDBTransaction.cpp:

(WebCore::IDBTransaction::IDBTransaction):
(WebCore::IDBTransaction::~IDBTransaction):
(WebCore::IDBTransaction::finishedDispatchEventForRequest):
(WebCore::IDBTransaction::connectionClosedFromServer):

  • Modules/indexeddb/IDBTransaction.h:
  • testing/Internals.cpp:

(WebCore::Internals::numberOfIDBTransactions const):

  • testing/Internals.h:
  • testing/Internals.idl:

LayoutTests:

  • storage/indexeddb/IDBObject-leak.html: Added.
9:17 AM Changeset in webkit [241721] by Chris Fleizach
  • 12 edits in trunk/Source

AX: PSON: Going back from apple.com to search results, cannot interact with HTML content. Disabling Swap Processes on Cross-Site Navigation resolves the issue.
https://bugs.webkit.org/show_bug.cgi?id=194742

Reviewed by Chris Dumez.

Source/WebCore:

With the new process model, WebProcess hits a case where it tries to send the "page loaded" notification before VoiceOver
had a chance to register for any notifications. This leads to those notifications being dropped (and thus this bug).

This change instead asks the UIProcess to send the notification, which we know VoiceOver has registered for, and can reliably
receive notifications.

It also sends the notification for "load failures," which to the VO users' perspective amounts to the same thing as a successful
page load.

  • accessibility/mac/AXObjectCacheMac.mm:

(WebCore::AXObjectCache::frameLoadingEventPlatformNotification):

Source/WebKit:

Re-initialize the accessibility web process tokens when swapping processes.
Send page load notifications from the UIProcess instead of the WebProcess to improve reliability.

  • UIProcess/mac/PageClientImplMac.mm:

(WebKit::PageClientImpl::didFinishLoadForMainFrame):
(WebKit::PageClientImpl::didFailLoadForMainFrame):

  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::reinitializeWebPage):

  • WebProcess/WebPage/WebPage.h:
  • WebProcess/WebPage/gtk/WebPageGtk.cpp:

(WebKit::WebPage::platformReinitialize):
(WebKit::WebPage::platformDetach): Deleted.
(WebKit::WebPage::platformEditorState const): Deleted.
(WebKit::WebPage::updateAccessibilityTree): Deleted.
(WebKit::WebPage::performDefaultBehaviorForKeyEvent): Deleted.
(WebKit::WebPage::platformCanHandleRequest): Deleted.
(WebKit::WebPage::platformUserAgent const): Deleted.
(WebKit::WebPage::getCenterForZoomGesture): Deleted.
(WebKit::WebPage::setInputMethodState): Deleted.
(WebKit::WebPage::collapseSelectionInFrame): Deleted.

  • WebProcess/WebPage/ios/WebPageIOS.mm:

(WebKit::WebPage::platformReinitialize):

  • WebProcess/WebPage/mac/WebPageMac.mm:

(WebKit::WebPage::platformReinitialize):

  • WebProcess/WebPage/win/WebPageWin.cpp:

(WebKit::WebPage::platformReinitialize):

  • WebProcess/WebPage/wpe/WebPageWPE.cpp:

(WebKit::WebPage::platformReinitialize):

9:14 AM Changeset in webkit [241720] by Carlos Garcia Campos
  • 16 edits in releases/WebKitGTK/webkit-2.24/Source/JavaScriptCore/runtime

Revert r241713 - Merge r241649 - [JSC] JSWrapperObject should not be destructible"

This reverts commit r241713.

8:53 AM Changeset in webkit [241719] by Megan Gardner
  • 35 edits
    2 copies
    3 moves
    6 adds
    11 deletes in trunk

Turn On Smart Delete
https://bugs.webkit.org/show_bug.cgi?id=194320

Reviewed by Ryosuke Niwa.

Source/WebCore:

Updated the following tests to work with iOS:

  • editing/deleting/smart-delete-001.html:
  • editing/deleting/smart-delete-002.html:
  • editing/deleting/smart-delete-003.html:
  • editing/deleting/smart-delete-004.html:
  • editing/deleting/smart-delete-across-editable-boundaries-2.html:
  • editing/selection/delete-word-granularity-text-control.html:

Turn on Smart delete for iOS at all times. Modify checks to allow Mac and iOS and other
platforms to turn on smart delete when desired.

  • editing/Editor.cpp:

(WebCore::Editor::shouldSmartDelete):
Allow platfroms to determine if smart delete should be on.
On mac, this is via word granularity, on iOS this is just on all the time.
(WebCore::Editor::canSmartCopyOrDelete):
(WebCore::Editor::performCutOrCopy):

  • editing/Editor.h:
  • editing/EditorCommand.cpp:

(WebCore::executeDelete):

  • editing/ios/EditorIOS.mm:

(WebCore::Editor::shouldSmartDelete):

  • editing/mac/EditorMac.mm:

(WebCore::Editor::shouldSmartDelete):

LayoutTests:

Update smart-delete-* tests, and rebase many other tests to work with the new smart delete setting.

  • editing/deleting/smart-delete-001-expected.txt: Added.
  • editing/deleting/smart-delete-001.html:
  • editing/deleting/smart-delete-002-expected.txt:
  • editing/deleting/smart-delete-002.html:
  • editing/deleting/smart-delete-003-expected.txt: Copied from LayoutTests/platform/mac/editing/deleting/smart-delete-003-expected.txt.
  • editing/deleting/smart-delete-003.html:
  • editing/deleting/smart-delete-004-expected.txt: Renamed from LayoutTests/platform/mac/editing/deleting/smart-delete-004-expected.txt.
  • editing/deleting/smart-delete-004.html:
  • editing/deleting/smart-delete-across-editable-boundaries-2-expected.txt:
  • editing/deleting/smart-delete-across-editable-boundaries-2.html:
  • editing/selection/delete-word-granularity-text-control.html:
  • platform/ios-wk1/editing/deleting/smart-delete-003-expected.txt: Removed.
  • platform/ios-wk1/editing/deleting/smart-delete-004-expected.txt: Removed.
  • platform/ios-wk2/editing/deleting/smart-delete-003-expected.txt: Removed.
  • platform/ios-wk2/editing/pasteboard/cut-text-001-expected.png: Removed.
  • platform/ios/TestExpectations:
  • platform/ios/editing/deleting/5206311-1-expected.txt:
  • platform/ios/editing/deleting/delete-across-editable-content-boundaries-2-expected.txt: Added.
  • platform/ios/editing/deleting/delete-across-editable-content-boundaries-3-expected.txt: Added.
  • platform/ios/editing/deleting/delete-and-undo-expected.txt:
  • platform/ios/editing/deleting/delete-block-merge-contents-012-expected.txt:
  • platform/ios/editing/deleting/delete-block-merge-contents-017-expected.txt:
  • platform/ios/editing/deleting/delete-contiguous-ws-001-expected.txt:
  • platform/ios/editing/deleting/delete-image-003-expected.txt:
  • platform/ios/editing/deleting/delete-leading-ws-001-expected.txt:
  • platform/ios/editing/deleting/delete-selection-001-expected.txt:
  • platform/ios/editing/deleting/delete-trailing-ws-001-expected.txt:
  • platform/ios/editing/deleting/delete-ws-fixup-002-expected.txt:
  • platform/ios/editing/deleting/delete-ws-fixup-003-expected.txt:
  • platform/ios/editing/deleting/delete-ws-fixup-004-expected.txt:
  • platform/ios/editing/deleting/smart-delete-001-expected.txt:
  • platform/ios/editing/deleting/smart-delete-002-expected.txt: Added.
  • platform/ios/editing/deleting/smart-delete-003-expected.txt: Copied from LayoutTests/platform/mac/editing/deleting/smart-delete-003-expected.txt.
  • platform/ios/editing/deleting/smart-delete-004-expected.txt: Renamed from LayoutTests/platform/mac/editing/deleting/smart-delete-003-expected.txt.
  • platform/ios/editing/deleting/smart-delete-across-editable-boundaries-2-expected.txt: Added.
  • platform/ios/editing/deleting/table-cells-expected.txt:
  • platform/ios/editing/execCommand/delete-line-and-insert-text-in-font-inside-blockquote-expected.txt: Added.
  • platform/ios/editing/pasteboard/cut-text-001-expected.txt: Renamed from LayoutTests/platform/ios-wk2/editing/pasteboard/cut-text-001-expected.txt.
  • platform/ios/editing/pasteboard/paste-2-expected.txt:
  • platform/mac/editing/deleting/smart-delete-001-expected.png: Removed.
  • platform/mac/editing/deleting/smart-delete-001-expected.txt: Removed.
  • platform/mac/editing/deleting/smart-delete-002-expected.png: Removed.
  • platform/mac/editing/deleting/smart-delete-003-expected.png: Removed.
  • platform/mac/editing/deleting/smart-delete-004-expected.png: Removed.
  • resources/ui-helper.js:

(window.UIHelper.async.doubleActivateAt):
(window.UIHelper.async.doubleActivateAtSelectionStart):
(window.UIHelper.async.selectWordByDoubleTapOrClick):

8:17 AM Changeset in webkit [241718] by Carlos Garcia Campos
  • 6 edits in releases/WebKitGTK/webkit-2.24/Source/JavaScriptCore

Merge r241660 - Add version number to cached bytecode
https://bugs.webkit.org/show_bug.cgi?id=194768
<rdar://problem/48147968>

Reviewed by Saam Barati.

Add a version number to the bytecode cache that should be unique per build.

  • CMakeLists.txt:
  • DerivedSources-output.xcfilelist:
  • DerivedSources.make:
  • runtime/CachedTypes.cpp:

(JSC::Encoder::malloc):
(JSC::GenericCacheEntry::GenericCacheEntry):
(JSC::CacheEntry::CacheEntry):
(JSC::CacheEntry::encode):
(JSC::CacheEntry::decode const):
(JSC::GenericCacheEntry::decode const):
(JSC::decodeCodeBlockImpl):

  • runtime/CodeCache.h:

(JSC::CodeCacheMap::fetchFromDiskImpl):

8:17 AM Changeset in webkit [241717] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.24/Source/WebKit

Merge r241659 - [GTK] Crash while filling selection data during drag and drop
https://bugs.webkit.org/show_bug.cgi?id=194698

Reviewed by Michael Catanzaro.

I can't reproduce this, but it seems that m_draggingSelectionData is nullptr in fillDragData(). That can happen
when startDrag cancels a previous DND operation, because the new m_draggingSelectionData is set before the
current DND operation is cancelled, which sets it to nullptr.

  • UIProcess/gtk/DragAndDropHandler.cpp:

(WebKit::DragAndDropHandler::startDrag): Finish the previous operation before setting m_draggingSelectionData.

8:17 AM Changeset in webkit [241716] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.24/Source/JavaScriptCore

Merge r241657 - WasmB3IRGenerator models some effects incorrectly
https://bugs.webkit.org/show_bug.cgi?id=194038

Reviewed by Keith Miller.

  • wasm/WasmB3IRGenerator.cpp:

(JSC::Wasm::B3IRGenerator::restoreWasmContextInstance):
(JSC::Wasm::B3IRGenerator::restoreWebAssemblyGlobalState):
These two functions were using global state instead of the
arguments passed into the function.

(JSC::Wasm::B3IRGenerator::addOp<F64ConvertUI64>):
(JSC::Wasm::B3IRGenerator::addOp<OpType::F32ConvertUI64>):
(JSC::Wasm::B3IRGenerator::addOp<OpType::I64TruncUF64>):
(JSC::Wasm::B3IRGenerator::addOp<OpType::I64TruncUF32>):
Any patchpoint that allows scratch register usage must
also say that it clobbers the scratch registers.

8:17 AM Changeset in webkit [241715] by Carlos Garcia Campos
  • 4 edits
    1 add in releases/WebKitGTK/webkit-2.24

Merge r241655 - Deadlock when adding a Structure property transition and then doing incremental marking
https://bugs.webkit.org/show_bug.cgi?id=194767

Reviewed by Mark Lam.

JSTests:

  • stress/incremental-marking-should-not-dead-lock-in-new-property-transition.js: Added.

Source/JavaScriptCore:

This can happen in the following scenario:

You have a Structure S. S is on the mark stack. Then:

  1. S grabs its lock
  2. S adds a new property transition
  3. We find out we need to do some incremental marking
  4. We mark S
  5. visitChildren on S will try to grab its lock
  6. We are now in a deadlock
  • heap/Heap.cpp:

(JSC::Heap::performIncrement):

  • runtime/Structure.cpp:

(JSC::Structure::addNewPropertyTransition):

8:17 AM Changeset in webkit [241714] by Carlos Garcia Campos
  • 14 edits
    3 deletes in releases/WebKitGTK/webkit-2.24

Merge r241652 - Web Inspector: Frontend performance is very slow reloading theverge.com - 50% of time in TreeOutline _indexOfTreeElement
https://bugs.webkit.org/show_bug.cgi?id=193605
<rdar://problem/47403986>

Reviewed by Devin Rousso.

Source/WebInspectorUI:

SelectionController should track an unordered Set of represented objects
instead of an ordered set of indexes. This eliminates the costly and
error-prone updates needed to keep the selected indexes in sync as items
are added and removed from TreeOutline (and Table, to a far lesser extent).

The SelectionController interface is largely the same. Class and delegate
methods have been renamed to reflect the change from indexes to objects.
SelectionController tracks selected items in selection order. For the
operations that rely on objects being in insertion order, the controller
uses a comparator function provided at construction time.

  • UserInterface/Base/IndexSet.js: Removed.

No longer used. SelectionController now uses a plain Set.

  • UserInterface/Base/Utilities.js:

(value):
(get return):
Add utilities previously supplied by IndexSet and used by SelectionController.

  • UserInterface/Controllers/SelectionController.js:

(WI.SelectionController):
(WI.SelectionController.prototype.get lastSelectedItem):
(WI.SelectionController.prototype.get selectedItems):
(WI.SelectionController.prototype.set allowsMultipleSelection):
(WI.SelectionController.prototype.hasSelectedItem):
(WI.SelectionController.prototype.selectItem):
(WI.SelectionController.prototype.deselectItem):
(WI.SelectionController.prototype.selectAll):
(WI.SelectionController.prototype.deselectAll):
(WI.SelectionController.prototype.removeSelectedItems):
(WI.SelectionController.prototype.reset):
(WI.SelectionController.prototype.didRemoveItems):
(WI.SelectionController.prototype.handleKeyDown):
(WI.SelectionController.prototype.handleItemMouseDown):
(WI.SelectionController.prototype._deselectAllAndSelect):
(WI.SelectionController.prototype._selectItemsFromArrowKey):
(WI.SelectionController.prototype._firstSelectableItem):
(WI.SelectionController.prototype._lastSelectableItem):
(WI.SelectionController.prototype._previousSelectableItem):
(WI.SelectionController.prototype._nextSelectableItem):
(WI.SelectionController.prototype._updateSelectedItems):
(WI.SelectionController.prototype._addRange):
(WI.SelectionController.prototype._deleteRange):
(WI.SelectionController.prototype.get numberOfItems): Deleted.
(WI.SelectionController.prototype.didInsertItem): Deleted.
(WI.SelectionController.prototype.handleItemMouseDown.normalizeRange): Deleted.
(WI.SelectionController.prototype._nextSelectableIndex): Deleted.
(WI.SelectionController.prototype._previousSelectableIndex): Deleted.

  • UserInterface/Main.html:
  • UserInterface/Test.html:

Remove IndexSet.

  • UserInterface/Views/CookieStorageContentView.js:

(WI.CookieStorageContentView.prototype.tableIndexForRepresentedObject):
(WI.CookieStorageContentView.prototype.tableRepresentedObjectForIndex):

  • UserInterface/Views/DOMTreeOutline.js:

(WI.DOMTreeOutline.prototype.objectForSelection):

  • UserInterface/Views/NetworkTableContentView.js:

(WI.NetworkTableContentView.prototype.tableIndexForRepresentedObject):
(WI.NetworkTableContentView.prototype.tableRepresentedObjectForIndex):

  • UserInterface/Views/Table.js:

(WI.Table):
(WI.Table.prototype.get selectedRow):
(WI.Table.prototype.get selectedRows):
(WI.Table.prototype.isRowSelected):
(WI.Table.prototype.selectRow):
(WI.Table.prototype.deselectRow):
(WI.Table.prototype.removeRow):
(WI.Table.prototype.removeSelectedRows):
(WI.Table.prototype.selectionControllerSelectionDidChange):
(WI.Table.prototype.selectionControllerFirstSelectableItem):
(WI.Table.prototype.selectionControllerLastSelectableItem):
(WI.Table.prototype.selectionControllerPreviousSelectableItem):
(WI.Table.prototype.selectionControllerNextSelectableItem):
(WI.Table.prototype._handleMouseDown):
(WI.Table.prototype._removeRows):
(WI.Table.prototype._indexForRepresentedObject):
(WI.Table.prototype._representedObjectForIndex):
(WI.Table.prototype.selectionControllerNumberOfItems): Deleted.
(WI.Table.prototype.selectionControllerNextSelectableIndex): Deleted.
(WI.Table.prototype.selectionControllerPreviousSelectableIndex): Deleted.
(WI.Table.prototype._toggleSelectedRowStyle): Deleted.

  • UserInterface/Views/TreeOutline.js:

(WI.TreeOutline.compareSiblings):
(WI.TreeOutline):
(WI.TreeOutline.prototype.get selectedTreeElement):
(WI.TreeOutline.prototype.set selectedTreeElement):
(WI.TreeOutline.prototype.get selectedTreeElements):
(WI.TreeOutline.prototype.removeChildAtIndex):
(WI.TreeOutline.prototype.removeChildren):
(WI.TreeOutline.prototype._rememberTreeElement):
(WI.TreeOutline.prototype.getCachedTreeElement):
(WI.TreeOutline.prototype.selectionControllerSelectionDidChange):
(WI.TreeOutline.prototype.selectionControllerFirstSelectableItem):
(WI.TreeOutline.prototype.selectionControllerLastSelectableItem):
(WI.TreeOutline.prototype.selectionControllerPreviousSelectableItem):
(WI.TreeOutline.prototype.selectionControllerNextSelectableItem):
(WI.TreeOutline.prototype.objectForSelection):
(WI.TreeOutline._generateStyleRulesIfNeeded):
(WI.TreeOutline.prototype.selectionControllerNextSelectableIndex): Deleted.
(WI.TreeOutline.prototype.selectionControllerPreviousSelectableIndex): Deleted.
(WI.TreeOutline._generateStyleRulesIfNeeded._indexesForSubtree.numberOfElementsInSubtree): Deleted.

LayoutTests:

  • inspector/table/resources/table-utilities.js:

(TestPage.registerInitializer.InspectorTest.TableDataSource.prototype.tableIndexForRepresentedObject):
(TestPage.registerInitializer.InspectorTest.TableDataSource.prototype.tableRepresentedObjectForIndex):
(TestPage.registerInitializer.InspectorTest.TableDataSource):
New Table data source methods.

  • inspector/unit-tests/index-set-expected.txt: Removed.
  • inspector/unit-tests/index-set.html: Removed.
  • inspector/unit-tests/set-utilities-expected.txt:
  • inspector/unit-tests/set-utilities.html:

Remove IndexSet tests and update tests for Set utilities to include new
helper methods equals and difference, and firstValue.

8:17 AM Changeset in webkit [241713] by Carlos Garcia Campos
  • 17 edits in releases/WebKitGTK/webkit-2.24/Source/JavaScriptCore

Merge r241649 - [JSC] JSWrapperObject should not be destructible
https://bugs.webkit.org/show_bug.cgi?id=194743

Reviewed by Saam Barati.

JSWrapperObject should be just a wrapper object for JSValue, thus, it should not be a JSDestructibleObject.
Currently it is destructible object because DateInstance uses it. This patch changes Base of DateInstance from
JSWrapperObject to JSDestructibleObject, and makes JSWrapperObject non-destructible.

  • runtime/BigIntObject.cpp:

(JSC::BigIntObject::BigIntObject):

  • runtime/BooleanConstructor.cpp:

(JSC::BooleanConstructor::finishCreation):

  • runtime/BooleanObject.cpp:

(JSC::BooleanObject::BooleanObject):

  • runtime/BooleanObject.h:
  • runtime/DateInstance.cpp:

(JSC::DateInstance::DateInstance):
(JSC::DateInstance::finishCreation):

  • runtime/DateInstance.h:
  • runtime/DatePrototype.cpp:

(JSC::dateProtoFuncGetTime):
(JSC::dateProtoFuncSetTime):
(JSC::setNewValueFromTimeArgs):
(JSC::setNewValueFromDateArgs):
(JSC::dateProtoFuncSetYear):

  • runtime/JSCPoison.h:
  • runtime/JSWrapperObject.h:

(JSC::JSWrapperObject::JSWrapperObject):

  • runtime/NumberObject.cpp:

(JSC::NumberObject::NumberObject):

  • runtime/NumberObject.h:
  • runtime/StringConstructor.cpp:

(JSC::StringConstructor::finishCreation):

  • runtime/StringObject.cpp:

(JSC::StringObject::StringObject):

  • runtime/StringObject.h:

(JSC::StringObject::internalValue const):

  • runtime/SymbolObject.cpp:

(JSC::SymbolObject::SymbolObject):

  • runtime/SymbolObject.h:
8:16 AM Changeset in webkit [241712] by Carlos Garcia Campos
  • 5 edits
    2 adds in releases/WebKitGTK/webkit-2.24

Merge r241646 - [LFC] Apply min/max width constraints to preferred width computation
https://bugs.webkit.org/show_bug.cgi?id=194739

Reviewed by Simon Fraser.

Source/WebCore:

Ensure that both min-height and max-height are taken into account while computing the preferred width.

Test: fast/block/block-only/min-max-and-preferred-width-simple.html

  • layout/blockformatting/BlockFormattingContextGeometry.cpp:

(WebCore::Layout::BlockFormattingContext::Geometry::intrinsicWidthConstraints):

Tools:

  • LayoutReloaded/misc/LFC-passing-tests.txt:

LayoutTests:

  • fast/block/block-only/min-max-and-preferred-width-simple-expected.html: Added.
  • fast/block/block-only/min-max-and-preferred-width-simple.html: Added.
8:16 AM Changeset in webkit [241711] by Carlos Garcia Campos
  • 13 edits in releases/WebKitGTK/webkit-2.24/Source/JavaScriptCore

Merge r241645 - [JSC] Shrink UnlinkedFunctionExecutable
https://bugs.webkit.org/show_bug.cgi?id=194733

Reviewed by Mark Lam.

UnlinkedFunctionExecutable has sourceURLDirective and sourceMappingURLDirective. These
directives can be found in the comment of non typical function's source code (Program,
Eval code, and Global function from function constructor etc.), and tricky thing is that
SourceProvider's directives are updated by Parser. The reason why we have these fields in
UnlinkedFunctionExecutable is that we need to update the SourceProvider's directives even
if we skip parsing by using CodeCache. These fields are effective only if (1)
UnlinkedFunctionExecutable is for non typical function things, and (2) it has sourceURLDirective
or sourceMappingURLDirective. This is rare enough to purge them to a separated
UnlinkedFunctionExecutable::RareData to make UnlinkedFunctionExecutable small.
sizeof(UnlinkedFunctionExecutable) is very important since it is super frequently allocated
cell. Furthermore, the current JSC allocates two MarkedBlocks for UnlinkedFunctionExecutable
in JSGlobalObject initialization, but the usage of the second MarkedBlock is quite low (8%).
If we can reduce the size of UnlinkedFunctionExecutable, we can make them one MarkedBlock.
Since UnlinkedFunctionExecutable is allocated from IsoSubspace, we do not need to fit it to
one of size class.

This patch adds RareData to UnlinkedFunctionExecutable and move some rare datas into RareData.
And kill one MarkedBlock allocation in JSC initialization phase.

  • bytecode/UnlinkedFunctionExecutable.cpp:

(JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable):
(JSC::UnlinkedFunctionExecutable::ensureRareDataSlow):

  • bytecode/UnlinkedFunctionExecutable.h:
  • debugger/DebuggerLocation.cpp:

(JSC::DebuggerLocation::DebuggerLocation):

  • inspector/ScriptDebugServer.cpp:

(Inspector::ScriptDebugServer::dispatchDidParseSource):

  • parser/Lexer.h:

(JSC::Lexer::sourceURLDirective const):
(JSC::Lexer::sourceMappingURLDirective const):
(JSC::Lexer::sourceURL const): Deleted.
(JSC::Lexer::sourceMappingURL const): Deleted.

  • parser/Parser.h:

(JSC::Parser<LexerType>::parse):

  • parser/SourceProvider.h:

(JSC::SourceProvider::sourceURLDirective const):
(JSC::SourceProvider::sourceMappingURLDirective const):
(JSC::SourceProvider::setSourceURLDirective):
(JSC::SourceProvider::setSourceMappingURLDirective):
(JSC::SourceProvider::sourceURL const): Deleted. We rename it from sourceURL to sourceURLDirective
since it is the correct name.
(JSC::SourceProvider::sourceMappingURL const): Deleted. We rename it from sourceMappingURL to
sourceMappingURLDirective since it is the correct name.

  • runtime/CachedTypes.cpp:

(JSC::CachedSourceProviderShape::encode):
(JSC::CachedFunctionExecutableRareData::encode):
(JSC::CachedFunctionExecutableRareData::decode const): CachedFunctionExecutable did not have
sourceMappingURL to sourceMappingURLDirective. So this patch keeps the same logic.
(JSC::CachedFunctionExecutable::rareData const):
(JSC::CachedFunctionExecutable::encode):
(JSC::CachedFunctionExecutable::decode const):
(JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable):

  • runtime/CodeCache.cpp:

(JSC::CodeCache::getUnlinkedGlobalCodeBlock):
(JSC::CodeCache::getUnlinkedGlobalFunctionExecutable):

  • runtime/CodeCache.h:

(JSC::generateUnlinkedCodeBlockImpl):

  • runtime/FunctionExecutable.h:
  • runtime/SamplingProfiler.cpp:

(JSC::SamplingProfiler::StackFrame::url):

8:16 AM Changeset in webkit [241710] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.24/Source/JavaScriptCore

Merge r241644 - [JSC] Remove unused global private variables
https://bugs.webkit.org/show_bug.cgi?id=194741

Reviewed by Joseph Pecoraro.

There are some private functions and constants that are no longer referenced from builtin JS code.
This patch cleans up them.

  • builtins/BuiltinNames.h:
  • builtins/ObjectConstructor.js:

(entries):

  • runtime/JSGlobalObject.cpp:

(JSC::JSGlobalObject::init):

8:16 AM Changeset in webkit [241709] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.24/Source/WebInspectorUI

Merge r241643 - Web Inspector: Logging a native function to the console, such as alert, produces unhandled rejection
https://bugs.webkit.org/show_bug.cgi?id=194740

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2019-02-15
Reviewed by Matt Baker.

  • UserInterface/Protocol/RemoteObject.js:

(WI.RemoteObject.prototype.findFunctionSourceCodeLocation):
In case of a protocol error (common when attempting to get a location
for a native function) produce the NoSourceFound result.

  • UserInterface/Views/ConsoleMessageView.js:

(WI.ConsoleMessageView.prototype._appendLocationLink):
Simplify with an arrow function.

8:16 AM Changeset in webkit [241708] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.24/Source/WebKit

Merge r241641 - NetworkDataTask should check its client before calling shouldCaptureExtraNetworkLoadMetrics
https://bugs.webkit.org/show_bug.cgi?id=194732

Reviewed by Geoffrey Garen.

NetworkDataTask may be kept alive if refing it after its NetworkLoad is gone.
This might happen for instance in DownloadManager or when checking for TLS certificates.
In that case, if the NetworkLoad gets destroyed, it clears the client of the NetworkDataTask.
To ensure that NetworkDataTask does not try to use its client, add a null check.

  • NetworkProcess/NetworkDataTask.cpp:

(WebKit::NetworkDataTask::shouldCaptureExtraNetworkLoadMetrics const):

8:16 AM Changeset in webkit [241707] by Carlos Garcia Campos
  • 7 edits in releases/WebKitGTK/webkit-2.24/Source/JavaScriptCore

Merge r241640 - [JSC] Lazily create empty RegExp
https://bugs.webkit.org/show_bug.cgi?id=194735

Reviewed by Keith Miller.

Some scripts do not have any RegExp. In that case, allocating MarkedBlock for RegExp is costly.
Previously, there was always one RegExp, "empty RegExp". This patch lazily creates it and drop
one MarkedBlock.

  • runtime/JSGlobalObject.cpp:

(JSC::JSGlobalObject::init):

  • runtime/RegExpCache.cpp:

(JSC::RegExpCache::ensureEmptyRegExpSlow):
(JSC::RegExpCache::initialize): Deleted.

  • runtime/RegExpCache.h:

(JSC::RegExpCache::ensureEmptyRegExp):
(JSC::RegExpCache::emptyRegExp const): Deleted.

  • runtime/RegExpCachedResult.cpp:

(JSC::RegExpCachedResult::lastResult):

  • runtime/RegExpCachedResult.h:
  • runtime/VM.cpp:

(JSC::VM::VM):

8:16 AM Changeset in webkit [241706] by Carlos Garcia Campos
  • 5 edits in releases/WebKitGTK/webkit-2.24/Source

Merge r241637 - [JSC] Make builtin objects more lazily initialized under non-JIT mode
https://bugs.webkit.org/show_bug.cgi?id=194727

Reviewed by Saam Barati.

Source/JavaScriptCore:

Boolean, Symbol, and Number constructors and prototypes are initialized eagerly, but this is largely
because concurrent compiler can touch NumberPrototype etc. when traversing object's prototypes. This
means that eager initialization is not necessary under non-JIT mode. While we can investigate all the
accesses to these prototypes from the concurrent compiler threads, this "lazily initialize under non-JIT"
is safe and beneficial to non-JIT mode. This patch lazily initializes them under non-JIT mode, and
drop some @Number references to avoid eager initialization. This removes some object allocations and 1
MarkedBlock allocation just for Symbols.

  • runtime/JSGlobalObject.cpp:

(JSC::JSGlobalObject::init):
(JSC::JSGlobalObject::visitChildren):

  • runtime/JSGlobalObject.h:

(JSC::JSGlobalObject::numberToStringWatchpoint):
(JSC::JSGlobalObject::booleanPrototype const):
(JSC::JSGlobalObject::numberPrototype const):
(JSC::JSGlobalObject::symbolPrototype const):
(JSC::JSGlobalObject::booleanObjectStructure const):
(JSC::JSGlobalObject::symbolObjectStructure const):
(JSC::JSGlobalObject::numberObjectStructure const):
(JSC::JSGlobalObject::stringObjectStructure const):

Source/WebCore:

  • Modules/streams/ReadableByteStreamInternals.js:

(privateInitializeReadableByteStreamController):
(readableByteStreamControllerRespond):

8:16 AM Changeset in webkit [241705] by Carlos Garcia Campos
  • 3 edits
    1 add in releases/WebKitGTK/webkit-2.24

Merge r241634 - RELEASE_ASSERT at com.apple.JavaScriptCore: JSC::jsSubstringOfResolved
https://bugs.webkit.org/show_bug.cgi?id=194558

Reviewed by Saam Barati.

JSTests:

New regression test.

  • stress/regexp-unicode-within-string.js: Added.

Source/JavaScriptCore:

Added an in bounds check before the read of the next character for Unicode regular expressions
for pattern generation that didn't already have such checks.

  • yarr/YarrJIT.cpp:

(JSC::Yarr::YarrGenerator::generatePatternCharacterOnce):
(JSC::Yarr::YarrGenerator::generatePatternCharacterFixed):
(JSC::Yarr::YarrGenerator::generateCharacterClassOnce):
(JSC::Yarr::YarrGenerator::generateCharacterClassFixed):

8:16 AM Changeset in webkit [241704] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.24/Source/WebCore

Merge r241632 - Sample domainsVisited diagnostic logging
https://bugs.webkit.org/show_bug.cgi?id=194657

Reviewed by Ryosuke Niwa.

Sample domainsVisited diagnostic logging, we are getting a lot of data from
this key and this is hurting our other keys.

  • page/Page.cpp:

(WebCore::Page::logNavigation):

8:16 AM Changeset in webkit [241703] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.24/Source/JavaScriptCore

Merge r241630 - [JSC] Do not initialize Wasm related data if Wasm is not enabled
https://bugs.webkit.org/show_bug.cgi?id=194728

Reviewed by Mark Lam.

Under non-JIT mode, these data structures are unnecessary. Should not allocate extra memory for that.

  • runtime/InitializeThreading.cpp:

(JSC::initializeThreading):

  • runtime/JSLock.cpp:

(JSC::JSLock::didAcquireLock):

8:16 AM Changeset in webkit [241702] by Carlos Garcia Campos
  • 4 edits
    2 adds in releases/WebKitGTK/webkit-2.24

Merge r241626 - Crash in the hit testing code via HTMLPlugInElement::isReplacementObscured()
https://bugs.webkit.org/show_bug.cgi?id=194691

Reviewed by Simon Fraser.

Source/WebCore:

The crash was caused by HTMLPlugInElement::isReplacementObscured updating the document
without updating the layout of ancestor documents (i.e. documents in which frame owner
elements appear) even though it hit-tests against the top-level document's RenderView.

Fixed the bug by updating the layout of the top-level document as needed.

Test: plugins/unsupported-plugin-with-replacement-in-iframe-crash.html

  • html/HTMLPlugInElement.cpp:

(WebCore::HTMLPlugInElement::isReplacementObscured):

LayoutTests:

Added a regression test. It hits the newly added debug assertion without the fix.

  • platform/mac-wk1/TestExpectations: Skip the test since DumpRenderTree doesn't support

testRunner.setPluginSupportedMode.

  • plugins/unsupported-plugin-with-replacement-in-iframe-crash-expected.txt: Added.
  • plugins/unsupported-plugin-with-replacement-in-iframe-crash.html: Added.
8:15 AM Changeset in webkit [241701] by Carlos Garcia Campos
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.24

Merge r241623 - Web Inspector: Styles: valid values in style attributes are reported as unsupported property values
https://bugs.webkit.org/show_bug.cgi?id=194619
<rdar://problem/47917373>

Source/WebInspectorUI:

Reviewed by Devin Rousso.

Payload of inline styles may contain range that doesn't match
the actual text of the payload - it has an extra empty line at the end.
Mismatching ranges caused data corruption.

  • UserInterface/Models/DOMNodeStyles.js:

(WI.DOMNodeStyles.prototype._parseStylePropertyPayload):

LayoutTests:

Reviewed by Devin Rousso and Joseph Pecoraro.

  • inspector/css/modify-inline-style-expected.txt: Added.
  • inspector/css/modify-inline-style.html: Added.
8:15 AM Changeset in webkit [241700] by Carlos Garcia Campos
  • 4 edits
    4 adds in releases/WebKitGTK/webkit-2.24

Merge r241615 - SamplingProfiler::stackTracesAsJSON() should escape strings.
https://bugs.webkit.org/show_bug.cgi?id=194649
<rdar://problem/48072386>

Reviewed by Saam Barati.

JSTests:

  • stress/sampling-profiler-stack-trace-with-double-quote-in-function-name.js: Added.
  • stress/type-profiler-with-double-quote-in-constructor-name.js: Added.
  • stress/type-profiler-with-double-quote-in-field-name.js: Added.
  • stress/type-profiler-with-double-quote-in-optional-field-name.js: Added.

Source/JavaScriptCore:

Ditto for TypeSet::toJSONString() and TypeSet::toJSONString().

  • runtime/SamplingProfiler.cpp:

(JSC::SamplingProfiler::stackTracesAsJSON):

  • runtime/TypeSet.cpp:

(JSC::TypeSet::toJSONString const):
(JSC::StructureShape::toJSONString const):

8:15 AM Changeset in webkit [241699] by Carlos Garcia Campos
  • 5 edits
    1 add in releases/WebKitGTK/webkit-2.24

Merge r241613 - [JSC] CodeBlock::jettison should clear related watchpoints
https://bugs.webkit.org/show_bug.cgi?id=194544

Reviewed by Mark Lam.

  • bytecode/CodeBlock.cpp:

(JSC::CodeBlock::jettison):

  • dfg/DFGCommonData.h:

(JSC::DFG::CommonData::clearWatchpoints): Added.

  • dfg/CommonData.cpp:

(JSC::DFG::CommonData::clearWatchpoints): Added.

8:15 AM Changeset in webkit [241698] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.24/Source/JavaScriptCore

Merge r241610 - [JSC] DFG, FTL, and Wasm worklist creation should be fenced
https://bugs.webkit.org/show_bug.cgi?id=194714

Reviewed by Mark Lam.

Let's consider about the following extreme case.

  1. VM (A) is created.
  2. Another VM (B) is created on a different thread.
  3. (A) is being destroyed. It calls DFG::existingWorklistForIndexOrNull in a destructor.
  4. At the same time, (B) starts using DFG Worklist and it is instantiated in call_once.
  5. But (A) reads the pointer directly through DFG::existingWorklistForIndexOrNull.
  6. (A) sees the half-baked worklist, which may be in the middle of creation.

This patch puts store-store fence just before putting a pointer to a global variable.
This fence is executed only three times at most, for DFG, FTL, and Wasm worklist initializations.

  • dfg/DFGWorklist.cpp:

(JSC::DFG::ensureGlobalDFGWorklist):
(JSC::DFG::ensureGlobalFTLWorklist):

  • wasm/WasmWorklist.cpp:

(JSC::Wasm::ensureWorklist):

8:15 AM Changeset in webkit [241697] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.24

Merge r241608 - [WebVTT] Inline WebVTT styles should start with '::cue'
https://bugs.webkit.org/show_bug.cgi?id=194227

Reviewed by Eric Carlson.

Source/WebCore:

The original fix in r241203 is not sufficient, since it only checks if the CSS string starts
with '::cue'. Before accepting a CSS string from a WebVTT file, it should be checked that
all selectors starts with '::cue'.

Test: media/track/track-cue-css.html

  • html/track/WebVTTParser.cpp:

(WebCore::WebVTTParser::checkAndStoreStyleSheet):

LayoutTests:

Add invalid 'STYLE' blocks which the WebVTT parser should reject.

  • media/track/captions-webvtt/css-styling.vtt:
8:15 AM Changeset in webkit [241696] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.24/Source/WebKit

Merge r241609 - Make ServiceWorkerClientFetch closer to WebResourceLoader
https://bugs.webkit.org/show_bug.cgi?id=194651

Unreviewed, build fix for WPE.

  • WebProcess/Storage/WebServiceWorkerFetchTaskClient.h:
8:15 AM Changeset in webkit [241695] by Carlos Garcia Campos
  • 24 edits in releases/WebKitGTK/webkit-2.24/Source

Merge r241603 - Make ServiceWorkerClientFetch closer to WebResourceLoader
https://bugs.webkit.org/show_bug.cgi?id=194651

Reviewed by Alex Christensen.

Source/WebCore:

Check for redirection response and if so call a specific client API.
Ensure ServiceWorkerFetch::Client gets called in the service worker thread proxy
so that its m_connection is only accessed on that thread.

Covered by existing tests.

  • platform/network/FormData.h:
  • platform/network/ResourceErrorBase.h:
  • workers/service/context/ServiceWorkerFetch.cpp:

(WebCore::ServiceWorkerFetch::processResponse):

  • workers/service/context/ServiceWorkerFetch.h:
  • workers/service/context/ServiceWorkerThreadProxy.cpp:

(WebCore::ServiceWorkerThreadProxy::cancelFetch):
(WebCore::ServiceWorkerThreadProxy::continueDidReceiveFetchResponse):

  • workers/service/context/ServiceWorkerThreadProxy.h:

Source/WebKit:

The goal of this refactoring is to, at some point use the regular network process load path for service worker loads.
This should simplify things and allow less IPC exchanges, for instance in the case of fetch not handled by service worker.

Introduce two IPC messages for supporting redirect responses and allow the didReceiveResponse/continueDidReceiveResponse
handshake for navigation loads.

This makes ServiceWorker having to buffer load information for this particular case.

  • NetworkProcess/NetworkProcess.cpp:

(WebKit::NetworkProcess::didReceiveFetchRedirectResponse):
(WebKit::NetworkProcess::didReceiveFetchResponse):

  • NetworkProcess/NetworkProcess.h:
  • NetworkProcess/NetworkProcess.messages.in:
  • NetworkProcess/ServiceWorker/WebSWServerConnection.cpp:

(WebKit::WebSWServerConnection::continueDidReceiveFetchResponse):
(WebKit::WebSWServerConnection::didReceiveFetchRedirectResponse):
(WebKit::WebSWServerConnection::didReceiveFetchResponse):

  • NetworkProcess/ServiceWorker/WebSWServerConnection.h:
  • NetworkProcess/ServiceWorker/WebSWServerConnection.messages.in:
  • WebProcess/Storage/ServiceWorkerClientFetch.cpp:

(WebKit::ServiceWorkerClientFetch::start):
(WebKit::ServiceWorkerClientFetch::didReceiveRedirectResponse):
(WebKit::ServiceWorkerClientFetch::didReceiveResponse):
(WebKit::ServiceWorkerClientFetch::didReceiveData):
(WebKit::ServiceWorkerClientFetch::didFinish):
(WebKit::ServiceWorkerClientFetch::didFail):
(WebKit::ServiceWorkerClientFetch::didNotHandle):
(WebKit::ServiceWorkerClientFetch::cancel):

  • WebProcess/Storage/ServiceWorkerClientFetch.h:
  • WebProcess/Storage/ServiceWorkerClientFetch.messages.in:
  • WebProcess/Storage/WebSWClientConnection.cpp:

(WebKit::WebSWClientConnection::startFetch):
(WebKit::WebSWClientConnection::cancelFetch):
(WebKit::WebSWClientConnection::continueDidReceiveFetchResponse):

  • WebProcess/Storage/WebSWClientConnection.h:
  • WebProcess/Storage/WebSWContextManagerConnection.cpp:

(WebKit::WebSWContextManagerConnection::continueDidReceiveFetchResponse):
(WebKit::WebSWContextManagerConnection::startFetch):

  • WebProcess/Storage/WebSWContextManagerConnection.h:
  • WebProcess/Storage/WebSWContextManagerConnection.messages.in:
  • WebProcess/Storage/WebServiceWorkerFetchTaskClient.cpp:

(WebKit::WebServiceWorkerFetchTaskClient::WebServiceWorkerFetchTaskClient):
(WebKit::WebServiceWorkerFetchTaskClient::didReceiveRedirection):
(WebKit::WebServiceWorkerFetchTaskClient::didReceiveResponse):
(WebKit::WebServiceWorkerFetchTaskClient::didReceiveData):
(WebKit::WebServiceWorkerFetchTaskClient::didReceiveFormDataAndFinish):
(WebKit::WebServiceWorkerFetchTaskClient::didFail):
(WebKit::WebServiceWorkerFetchTaskClient::didFinish):
(WebKit::WebServiceWorkerFetchTaskClient::continueDidReceiveResponse):

  • WebProcess/Storage/WebServiceWorkerFetchTaskClient.h:
8:15 AM Changeset in webkit [241694] by Carlos Garcia Campos
  • 8 edits in releases/WebKitGTK/webkit-2.24

Merge r241602 - Make navigator.mediaDevices SecureContext
https://bugs.webkit.org/show_bug.cgi?id=194666

Reviewed by Eric Carlson.

Source/WebCore:

Make navigator.mediaDevices SecureContext.
This can still be enabled for unsecure context using the existing page settings.
To cover that case, introduce ContextHasMediaDevices custom IDL keyword.

Covered by API test.

  • Modules/mediastream/NavigatorMediaDevices.idl:
  • bindings/scripts/CodeGeneratorJS.pm:

(GenerateRuntimeEnableConditionalString):

  • bindings/scripts/IDLAttributes.json:
  • dom/ScriptExecutionContext.cpp:

(WebCore::ScriptExecutionContext::hasMediaDevices const):
(WebCore::ScriptExecutionContext::hasServiceWorkerScheme const):

  • dom/ScriptExecutionContext.h:

Tools:

  • TestWebKitAPI/Tests/WebKitCocoa/UserMediaDisabled.mm:

(MediaCaptureDisabledTest::loadTestAndWaitForMessage):
(TEST_F):

8:15 AM Changeset in webkit [241693] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.24/Source/WebCore

Merge r241599 - WebSocket should not fire events after being stopped
https://bugs.webkit.org/show_bug.cgi?id=194690

Reviewed by Geoffrey Garen.

dispatchOrQueueErrorEvent is scheduled using RunLoop::main().dispatch or dispatch_async.
This makes it possible to dispatch an event while WebSocket is already stopped.
Instead, use Document::postTask so that the task is only executed if WebSocket is not stopped.

As a refactoring, make use of PendingActivity to keep track of setPendingActivity/unsetPendingActivity more easily.

  • Modules/websockets/WebSocket.cpp:

(WebCore::WebSocket::stop):
(WebCore::WebSocket::connect):

  • Modules/websockets/WebSocket.h:
8:14 AM Changeset in webkit [241692] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.24/Source/WebCore

Merge r241598 - Performance should not fire events when its context is stopped
https://bugs.webkit.org/show_bug.cgi?id=194689

Reviewed by Alex Christensen.

Stop the timer when its context is destroyed.
Add an assertion to ensure the timer does not fire after context is destroyed.

  • page/Performance.cpp:

(WebCore::Performance::stop):

8:14 AM Changeset in webkit [241691] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.24/Source/WebKit

Merge r241604 - Update IPC code generator unit test expectations after r241595
https://bugs.webkit.org/show_bug.cgi?id=194679

  • Scripts/webkit/LegacyMessageReceiver-expected.cpp:

(WebKit::WebPage::didReceiveSyncWebPageMessage):

  • Scripts/webkit/MessageReceiver-expected.cpp:

(WebKit::WebPage::didReceiveSyncMessage):

8:14 AM Changeset in webkit [241690] by Carlos Garcia Campos
  • 6 edits in releases/WebKitGTK/webkit-2.24/Source/WebKit

Merge r241595 - IPC code should support messages with both Delayed and WantsConnection attributes
https://bugs.webkit.org/show_bug.cgi?id=194679

Reviewed by Geoffrey Garen.

  • Platform/IPC/HandleMessage.h:

(IPC::callMemberFunctionImpl):
(IPC::callMemberFunction):
(IPC::handleMessageDelayedWantsConnection):

  • Scripts/webkit/messages.py:
  • UIProcess/WebStorage/StorageManager.cpp:

(WebKit::StorageManager::getValues):

  • UIProcess/WebStorage/StorageManager.h:
  • UIProcess/WebStorage/StorageManager.messages.in:
8:14 AM Changeset in webkit [241689] by Carlos Garcia Campos
  • 5 edits
    2 adds in releases/WebKitGTK/webkit-2.24

Merge r241591 - [LFC] Out-of-flow box is never a float box
https://bugs.webkit.org/show_bug.cgi?id=194704

Reviewed by Antti Koivisto.

Source/WebCore:

We can't have it both ways. Absolute positioning wins.

Test: fast/block/block-only/out-of-flow-is-never-float-box.html

  • layout/layouttree/LayoutBox.cpp:

(WebCore::Layout::Box::isFloatingPositioned const):
(WebCore::Layout::Box::isLeftFloatingPositioned const):
(WebCore::Layout::Box::isRightFloatingPositioned const):

Tools:

  • LayoutReloaded/misc/LFC-passing-tests.txt:

LayoutTests:

  • fast/block/block-only/out-of-flow-is-never-float-box-expected.html: Added.
  • fast/block/block-only/out-of-flow-is-never-float-box.html: Added.
8:14 AM Changeset in webkit [241688] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.24/Source/WebCore

Merge r241590 - [GStreamer] Simplify GObject class name check
https://bugs.webkit.org/show_bug.cgi?id=194537

Patch by Philippe Normand <pnormand@igalia.com> on 2019-02-15
Reviewed by Michael Catanzaro.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

(WebCore::MediaPlayerPrivateGStreamer::uriDecodeBinElementAddedCallback):
Use G_OBJECT_TYPE_NAME() to filter out uridecodebin child
elements.

8:14 AM Changeset in webkit [241687] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.24/Source/WebCore

Merge r241588 - Refactor EditingStyle::textDirection to return an Optional<WritingDirection> instead of a bool
https://bugs.webkit.org/show_bug.cgi?id=194686

Reviewed by Ryosuke Niwa.

Changes EditingStyle::textDirection to return an Optional<WritingDirection>, instead of taking a reference to
the resulting WritingDirection. No change in behavior.

  • editing/ApplyStyleCommand.cpp:

(WebCore::ApplyStyleCommand::splitAncestorsWithUnicodeBidi):
(WebCore::ApplyStyleCommand::applyInlineStyle):

  • editing/EditingStyle.cpp:

(WebCore::EditingStyle::textDirection const):
(WebCore::EditingStyle::textDirectionForSelection):

  • editing/EditingStyle.h:
8:14 AM Changeset in webkit [241686] by Carlos Garcia Campos
  • 28 edits in releases/WebKitGTK/webkit-2.24

Merge r241587 - Replace more uses of String::format with StringConcatenate (mostly non-Apple platform-specific cases)
https://bugs.webkit.org/show_bug.cgi?id=194487

Reviewed by Daniel Bates.

Source/WebCore:

  • accessibility/win/AccessibilityObjectWrapperWin.cpp:

(WebCore::AccessibilityObjectWrapper::accessibilityAttributeValue): Use makeString
instead of String::format.

  • page/linux/ResourceUsageOverlayLinux.cpp:

(WebCore::formatByteNumber): Use String::number instead of String::format.

  • platform/audio/gstreamer/AudioSourceProviderGStreamer.cpp:

(WebCore::AudioSourceProviderGStreamer::AudioSourceProviderGStreamer):
Use makeString instead of String::format.

  • platform/glib/UserAgentGLib.cpp:

(WebCore::platformVersionForUAString): Ditto.

  • platform/graphics/gstreamer/GStreamerCommon.cpp:

(WebCore::simpleBusMessageCallback): Ditto.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

(WebCore::MediaPlayerPrivateGStreamer::handleMessage): Ditto.

  • platform/graphics/gstreamer/mse/AppendPipeline.cpp:

(WebCore::AppendPipeline::AppendPipeline): Ditto.
(WebCore::AppendPipeline::handleStateChangeMessage): Ditto.
(WebCore::AppendPipeline::resetParserState): Ditto.

  • platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp:

(WebCore::MediaPlayerPrivateGStreamerMSE::load): Ditto.
(WebCore::MediaPlayerPrivateGStreamerMSE::doSeek): Ditto.

  • platform/graphics/gtk/ImageBufferGtk.cpp:

(WebCore::encodeImage): Use String::number instead of String::format.

  • platform/mediastream/gstreamer/GStreamerAudioCaptureSource.cpp:

(WebCore::GStreamerAudioCaptureSource::create): Use makeString instead of
String::format.

  • platform/mediastream/gstreamer/GStreamerCaptureDeviceManager.cpp:

(WebCore::GStreamerCaptureDeviceManager::addDevice): Ditto.

  • platform/mediastream/gstreamer/GStreamerMediaStreamSource.cpp:

(WebCore::webkitMediaStreamSrcAddPad): Ditto.

  • platform/mediastream/gstreamer/GStreamerVideoCaptureSource.cpp:

(WebCore::GStreamerVideoCaptureSource::create): Ditto.

  • platform/network/curl/CookieJarDB.cpp:

(WebCore::CookieJarDB::verifySchemaVersion): Ditto.

  • platform/win/SearchPopupMenuDB.cpp:

(WebCore::SearchPopupMenuDB::verifySchemaVersion): Ditto.

Source/WebKit:

  • NetworkProcess/NetworkProcess.cpp:

(WebKit::NetworkProcess::switchToNewTestingSession): Use makeString instead of String::format.

  • NetworkProcess/soup/NetworkProcessSoup.cpp:

(WebKit::buildAcceptLanguages): Ditto.

  • UIProcess/API/glib/IconDatabase.cpp:

(WebKit::IconDatabase::performURLImport): Ditto.

  • UIProcess/gtk/InputMethodFilter.cpp:

(WebKit::InputMethodFilter::logConfirmCompositionForTesting): Ditto.
(WebKit::InputMethodFilter::logSetPreeditForTesting): Ditto.

Source/WebKitLegacy/win:

  • WebView.cpp:

(webKitVersionString): Use makeString instead of String::format.

Tools:

  • DumpRenderTree/win/DumpRenderTree.cpp:

(applicationId): Use makeString instead of String::format.
(main): Ditto.

  • TestWebKitAPI/win/PlatformUtilitiesWin.cpp:

(TestWebKitAPI::Util::createURLForResource): Ditto.

  • WebKitTestRunner/InjectedBundle/atk/AccessibilityNotificationHandlerAtk.cpp:

(WTR::AccessibilityNotificationHandler::connectAccessibilityCallbacks): Ditto.

  • WebKitTestRunner/InjectedBundle/atk/AccessibilityUIElementAtk.cpp:

(WTR::attributeSetToString): Use StringBuilder functions directly instead of g_strconcat.
(WTR::attributesOfElement): Use StringBuilder functions directly instead of String::format.
(WTR::createStringWithAttributes): Use appendLiteral.
(WTR::AccessibilityUIElement::helpText const): Ditto.
(WTR::AccessibilityUIElement::attributedStringForRange): Use StringBuilder functions
directly instead of using String::format.
(WTR::AccessibilityUIElement::url): Use makeString instead of String::format.
(WTR::stringAtOffset): Use StringBuilder::appendNumber instead of String::format.

8:14 AM Changeset in webkit [241685] by Carlos Garcia Campos
  • 12 edits
    6 adds in releases/WebKitGTK/webkit-2.24/Source/WebCore

Merge r241585 - Decoding media-capabilities configuration initial support
https://bugs.webkit.org/show_bug.cgi?id=191191

Reviewed by Xabier Rodriguez-Calvar.

This patch enables basic platform probing for GStreamer decoders,
optionally using Hardware decoding capabilities. The previous code
for decoders/demuxers probing partially duplicated between the MSE
player and its parent class was moved to a new module called
GStreamerRegistryScanner. There is one instance of it for the MSE player
and one for the parent class.

The scanner can check for the presence of the GstElement Hardware
metadata classifier in decoders and thus advise the
MediaEngineConfigurationFactoryGStreamer that hardware decoding is
supported or not. This is only a first step though. The scanner
should also probably attempt a NULL->READY transition on decoders
to validate specific input caps are supported. As this might
require changes in GStreamer, this part of the patch wasn't
included.

This patch is covered by the existing media tests.

  • platform/GStreamer.cmake: New files.
  • platform/graphics/MediaPlayer.cpp: Add support for converting

SupportsType enum to string.
(WebCore::convertEnumerationToString):

  • platform/graphics/MediaPlayer.h: Ditto.
  • platform/graphics/MediaPlayerEnums.h: Ditto.
  • platform/graphics/gstreamer/GStreamerCommon.cpp: Move

gstRegistryHasElementForMediaType to GStreamerRegistryScanner.

  • platform/graphics/gstreamer/GStreamerCommon.h: Ditto.
  • platform/graphics/gstreamer/GStreamerRegistryScanner.cpp: Added.

(WebCore::GStreamerRegistryScanner::singleton):
(WebCore::GStreamerRegistryScanner::GStreamerRegistryScanner): Initialize
supported mime-types and codecs from the GStreamer registry.
(WebCore::GStreamerRegistryScanner::~GStreamerRegistryScanner): Free the element factories.
(WebCore::GStreamerRegistryScanner::gstRegistryHasElementForMediaType):
Check the input caps are supported, optionally using hardware
device.
(WebCore::GStreamerRegistryScanner::fillMimeTypeSetFromCapsMapping):
Moved from MediaPlayerPrivateGStreamer{,MSE}.
(WebCore::GStreamerRegistryScanner::initialize): Ditto.
(WebCore::GStreamerRegistryScanner::supportsCodec const): Ditto.
(WebCore::GStreamerRegistryScanner::supportsAllCodecs const): Ditto.
(WebCore::GStreamerRegistryScanner::isDecodingSupported const): Check
the given configuration is supported. For now hardware support is
checked for video configurations only as it is quite uncommon
anyway to have hardware-enabled audio decoders.

  • platform/graphics/gstreamer/GStreamerRegistryScanner.h: Added.

(WebCore::GStreamerRegistryScanner::mimeTypeSet):
(WebCore::GStreamerRegistryScanner::supportsContainerType const):
(WebCore::GStreamerRegistryScanner::RegistryLookupResult::operator bool const):

  • platform/graphics/gstreamer/MediaEngineConfigurationFactoryGStreamer.cpp: Added.

(WebCore::createMediaPlayerDecodingConfigurationGStreamer):

  • platform/graphics/gstreamer/MediaEngineConfigurationFactoryGStreamer.h: Added.
  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

Rely on new GStreamerRegistryScanner and add some debugging macros.
(WebCore::MediaPlayerPrivateGStreamer::getSupportedTypes):
(WebCore::MediaPlayerPrivateGStreamer::supportsType):

  • platform/graphics/gstreamer/mse/AppendPipeline.cpp: Ditto. Also

plug qtdemux for AAC containers, this is an explicit consequence
of finer-grained codecs probing.
(WebCore::AppendPipeline::AppendPipeline):
(WebCore::AppendPipeline::parseDemuxerSrcPadCaps):

  • platform/graphics/gstreamer/mse/GStreamerRegistryScannerMSE.cpp: Added.

(WebCore::GStreamerRegistryScannerMSE::singleton):
(WebCore::GStreamerRegistryScannerMSE::GStreamerRegistryScannerMSE):

  • platform/graphics/gstreamer/mse/GStreamerRegistryScannerMSE.h: Added.
  • platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp:

Rely on new GStreamerRegistryScanner and add some debugging macros.
(WebCore::MediaPlayerPrivateGStreamerMSE::getSupportedTypes):
(WebCore::MediaPlayerPrivateGStreamerMSE::supportsType):

  • platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.h:
  • platform/mediacapabilities/MediaEngineConfigurationFactory.cpp:

(WebCore::factories): GStreamer support.

8:13 AM Changeset in webkit [241684] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.24/Source/WTF

Merge r241583 - Fix deadlock on Linux/x64 between SamplingProfiler and VMTraps
https://bugs.webkit.org/show_bug.cgi?id=194014

Reviewed by Michael Catanzaro.

Do not block SIGUSR1 when installing signal handlers, since this signal
is used to suspend/resume machine threads on Linux.

ftl-ai-filter-phantoms-should-clear-clear-value.js deadlocked with
enabled watchdog and sampling.

Deadlock happened in the following situation:

Thread 1 (Sampling): SamplingProfiler.cpp:takeSample takes all needed locks
and then tries to suspend the main thread.

Thread 2 (Watchdog/VMTraps): Before the Sampling-Thread suspends the main thread
a signal is caught and the signal handler is invoked (VMTraps.cpp:SignalSender).
SignalSender tries to lock codeBlockSet, but this is already locked by the
SamplingProfiler.

The SamplingProfiler can only give up the lock when it suspends
the thread. However since the VMTraps signal handler is active, all other signals blocked,
therefore the SamplingProfiler also waits until its signal handler is invoked.

This patch fixes this by not blocking SIGUSR1 in installSignalHandler, since
it is used to suspend/resume threads on Linux.

  • wtf/Threading.h:
  • wtf/posix/ThreadingPOSIX.cpp:
  • wtf/threads/Signals.cpp:

(WTF::installSignalHandler):

8:13 AM Changeset in webkit [241683] by Carlos Garcia Campos
  • 11 edits in releases/WebKitGTK/webkit-2.24/Source/JavaScriptCore

Merge r241582 - [JSC] Do not even allocate JIT worklists in non-JIT mode
https://bugs.webkit.org/show_bug.cgi?id=194693

Reviewed by Mark Lam.

Heap always allocates JIT worklists for Baseline, DFG, and FTL. While they do not have actual threads, Worklist itself already allocates some memory.
And we do not perform any GC operations that are only meaningful in JIT environment.

  1. We add VM::canUseJIT() check in Heap's ensureXXXWorklist things to prevent them from being allocated.
  2. We remove DFG marking constraint in non-JIT mode.
  3. We do not gather conservative roots from scratch buffers under the non-JIT mode (BTW, # of scratch buffers are always zero in non-JIT mode)
  4. We do not visit JITStubRoutineSet.
  5. Align JITWorklist function names to the other worklists.
  • dfg/DFGOSRExitPreparation.cpp:

(JSC::DFG::prepareCodeOriginForOSRExit):

  • dfg/DFGPlan.h:
  • dfg/DFGWorklist.cpp:

(JSC::DFG::markCodeBlocks): Deleted.

  • dfg/DFGWorklist.h:
  • heap/Heap.cpp:

(JSC::Heap::completeAllJITPlans):
(JSC::Heap::iterateExecutingAndCompilingCodeBlocks):
(JSC::Heap::gatherScratchBufferRoots):
(JSC::Heap::removeDeadCompilerWorklistEntries):
(JSC::Heap::stopThePeriphery):
(JSC::Heap::suspendCompilerThreads):
(JSC::Heap::resumeCompilerThreads):
(JSC::Heap::addCoreConstraints):

  • jit/JITWorklist.cpp:

(JSC::JITWorklist::existingGlobalWorklistOrNull):
(JSC::JITWorklist::ensureGlobalWorklist):
(JSC::JITWorklist::instance): Deleted.

  • jit/JITWorklist.h:
  • llint/LLIntSlowPaths.cpp:

(JSC::LLInt::jitCompileAndSetHeuristics):

  • runtime/VM.cpp:

(JSC::VM::~VM):
(JSC::VM::gatherScratchBufferRoots):
(JSC::VM::gatherConservativeRoots): Deleted.

  • runtime/VM.h:
8:13 AM Changeset in webkit [241682] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.24/Source/bmalloc

Merge r241581 - [bmalloc] NSBundle-based application name check should be executed after debug-heap environment variable check
https://bugs.webkit.org/show_bug.cgi?id=194694

Reviewed by Mark Lam.

Interestingly, NSBundle allocates fair amount of memory and keeps it for a process-long time. For example, it
allocates global NSConcreteHashTable, which takes 2.5KB. This patch changes the order of gigacage-check, we
first check "Malloc=1" status, and then check the process name through NSBundle. This allows us to remove NSBundle
related allocation in JSC initialization in the system malloc mode.

  • bmalloc/Gigacage.cpp:

(Gigacage::shouldBeEnabled):

8:13 AM Changeset in webkit [241681] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.24/Source/bmalloc

Merge r241580 - [bmalloc] Do not start scavenger thread if we use system malloc
https://bugs.webkit.org/show_bug.cgi?id=194674

Reviewed by Mark Lam.

We always start the scavenger thread even if system malloc is used by the environment variable like "Malloc=1".
Because bmalloc allocation goes to the system malloc if "Malloc=1" is set, we do not need to scavenge. This patch
changes it not to start the scavenger thread.

  • bmalloc/Scavenger.cpp:

(bmalloc::Scavenger::Scavenger):

8:13 AM Changeset in webkit [241680] by Carlos Garcia Campos
  • 21 edits
    3 adds in releases/WebKitGTK/webkit-2.24

Merge r241579 - [WebAssembly] Write a new register allocator for Air O0 and make BBQ use it
https://bugs.webkit.org/show_bug.cgi?id=194036

Reviewed by Yusuke Suzuki.

JSTests:

  • stress/tail-call-many-arguments.js: Added.

(foo):
(bar):

Source/JavaScriptCore:

This patch adds a new Air-O0 backend. Air-O0 runs fewer passes and doesn't
use linear scan for register allocation. Instead of linear scan, Air-O0 does
mostly block-local register allocation, and it does this as it's emitting
code directly. The register allocator uses liveness analysis to reduce
the number of spills. Doing register allocation as we're emitting code
allows us to skip editing the IR to insert spills, which saves a non trivial
amount of compile time. For stack allocation, we give each Tmp its own slot.
This is less than ideal. We probably want to do some trivial live range analysis
in the future. The reason this isn't a deal breaker for Wasm is that this patch
makes it so that we reuse Tmps as we're generating Air IR in the AirIRGenerator.
Because Wasm is a stack machine, we trivially know when we kill a stack value (its last use).

This patch is another 25% Wasm startup time speedup. It seems to be worth
another 1% on JetStream2.

  • JavaScriptCore.xcodeproj/project.pbxproj:
  • Sources.txt:
  • b3/air/AirAllocateRegistersAndStackAndGenerateCode.cpp: Added.

(JSC::B3::Air::GenerateAndAllocateRegisters::GenerateAndAllocateRegisters):
(JSC::B3::Air::GenerateAndAllocateRegisters::buildLiveRanges):
(JSC::B3::Air::GenerateAndAllocateRegisters::insertBlocksForFlushAfterTerminalPatchpoints):
(JSC::B3::Air::callFrameAddr):
(JSC::B3::Air::GenerateAndAllocateRegisters::flush):
(JSC::B3::Air::GenerateAndAllocateRegisters::spill):
(JSC::B3::Air::GenerateAndAllocateRegisters::alloc):
(JSC::B3::Air::GenerateAndAllocateRegisters::freeDeadTmpsIfNeeded):
(JSC::B3::Air::GenerateAndAllocateRegisters::assignTmp):
(JSC::B3::Air::GenerateAndAllocateRegisters::isDisallowedRegister):
(JSC::B3::Air::GenerateAndAllocateRegisters::prepareForGeneration):
(JSC::B3::Air::GenerateAndAllocateRegisters::generate):

  • b3/air/AirAllocateRegistersAndStackAndGenerateCode.h: Added.
  • b3/air/AirCode.cpp:
  • b3/air/AirCode.h:
  • b3/air/AirGenerate.cpp:

(JSC::B3::Air::prepareForGeneration):
(JSC::B3::Air::generateWithAlreadyAllocatedRegisters):
(JSC::B3::Air::generate):

  • b3/air/AirHandleCalleeSaves.cpp:

(JSC::B3::Air::handleCalleeSaves):

  • b3/air/AirHandleCalleeSaves.h:
  • b3/air/AirTmpMap.h:
  • runtime/Options.h:
  • wasm/WasmAirIRGenerator.cpp:

(JSC::Wasm::AirIRGenerator::didKill):
(JSC::Wasm::AirIRGenerator::newTmp):
(JSC::Wasm::AirIRGenerator::AirIRGenerator):
(JSC::Wasm::parseAndCompileAir):
(JSC::Wasm::AirIRGenerator::addOp<OpType::I64TruncUF64>):
(JSC::Wasm::AirIRGenerator::addOp<OpType::I64TruncUF32>):

  • wasm/WasmAirIRGenerator.h:
  • wasm/WasmB3IRGenerator.cpp:

(JSC::Wasm::B3IRGenerator::didKill):

  • wasm/WasmBBQPlan.cpp:

(JSC::Wasm::BBQPlan::compileFunctions):

  • wasm/WasmFunctionParser.h:

(JSC::Wasm::FunctionParser<Context>::parseBody):
(JSC::Wasm::FunctionParser<Context>::parseExpression):

  • wasm/WasmValidate.cpp:

(JSC::Wasm::Validate::didKill):

Source/WTF:

  • wtf/IndexMap.h:

(WTF::IndexMap::at):
(WTF::IndexMap::at const):
(WTF::IndexMap::operator[]):
(WTF::IndexMap::operator[] const):

Tools:

  • Scripts/run-jsc-stress-tests:
8:13 AM Changeset in webkit [241679] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.24/Source/JavaScriptCore

Merge r241577 - lowerStackArgs should lower Lea32/64 on ARM64 to Add
https://bugs.webkit.org/show_bug.cgi?id=194656

Reviewed by Yusuke Suzuki.

On arm64, Lea is just implemented as an add. However, Air treats it as an
address with a given width. Because of this width, we were incorrectly
computing whether or not this immediate could fit into the instruction itself
or it needed to be explicitly put into a register. This patch makes
AirLowerStackArgs lower Lea to Add on arm64.

  • b3/air/AirLowerStackArgs.cpp:

(JSC::B3::Air::lowerStackArgs):

  • b3/air/AirOpcode.opcodes:
  • b3/air/testair.cpp:
8:13 AM Changeset in webkit [241678] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.24/Source/WebKit

Merge r241574 - REGRESSION (r240446): Storage Access API does not handle domains consistently
https://bugs.webkit.org/show_bug.cgi?id=194664

Reviewed by Alex Christensen.

During my refactoring of the ResourceLoadStatistics code, I introduced two bugs:
(1) I neglected to be consistent in my use of 'primaryDomain', causing some Storage
Access API code paths to store approves under one domain (e.g., 'www.example.com'),
while checking status under the eTLD+1 (e.g., 'example.com'). The exact string matching
requirement caused these to get missed.

(2) I used a move operator before a final set of copies of domain names, leading to
some empty strings being passed to Storage Access API calls.

Both issues are corrected in this patch.

  • NetworkProcess/Classifier/WebResourceLoadStatisticsStore.cpp:

(WebKit::WebResourceLoadStatisticsStore::setPrevalentResourceForDebugMode): Always make the
domain comply with our 'primaryDomain' logic.
(WebKit::WebResourceLoadStatisticsStore::hasStorageAccess): Ditto.
(WebKit::WebResourceLoadStatisticsStore::requestStorageAccessGranted): Ditto.
(WebKit::WebResourceLoadStatisticsStore::logFrameNavigation): Ditto.
(WebKit::WebResourceLoadStatisticsStore::logWebSocketLoading): Ditto.
(WebKit::WebResourceLoadStatisticsStore::logSubresourceLoading): Ditto.
(WebKit::WebResourceLoadStatisticsStore::logSubresourceRedirect): Ditto.
(WebKit::WebResourceLoadStatisticsStore::logUserInteraction): Ditto.
(WebKit::WebResourceLoadStatisticsStore::clearUserInteraction): Ditto.
(WebKit::WebResourceLoadStatisticsStore::hasHadUserInteraction): Ditto.
(WebKit::WebResourceLoadStatisticsStore::setLastSeen): Ditto.
(WebKit::WebResourceLoadStatisticsStore::setPrevalentResource): Ditto.
(WebKit::WebResourceLoadStatisticsStore::setVeryPrevalentResource): Ditto.
(WebKit::WebResourceLoadStatisticsStore::isPrevalentResource): Ditto.
(WebKit::WebResourceLoadStatisticsStore::isVeryPrevalentResource): Ditto.
(WebKit::WebResourceLoadStatisticsStore::isRegisteredAsSubresourceUnder): Ditto.
(WebKit::WebResourceLoadStatisticsStore::isRegisteredAsSubFrameUnder): Ditto.
(WebKit::WebResourceLoadStatisticsStore::isRegisteredAsRedirectingTo): Ditto.
(WebKit::WebResourceLoadStatisticsStore::clearPrevalentResource): Ditto.
(WebKit::WebResourceLoadStatisticsStore::setGrandfathered): Ditto.
(WebKit::WebResourceLoadStatisticsStore::isGrandfathered): Ditto.
(WebKit::WebResourceLoadStatisticsStore::setSubframeUnderTopFrameOrigin): Ditto.
(WebKit::WebResourceLoadStatisticsStore::setSubresourceUnderTopFrameOrigin): Ditto.
(WebKit::WebResourceLoadStatisticsStore::setSubresourceUniqueRedirectTo): Ditto.
(WebKit::WebResourceLoadStatisticsStore::setSubresourceUniqueRedirectFrom): Ditto.
(WebKit::WebResourceLoadStatisticsStore::setTopFrameUniqueRedirectTo): Ditto.
(WebKit::WebResourceLoadStatisticsStore::setTopFrameUniqueRedirectFrom): Ditto.

  • UIProcess/WebsiteData/WebsiteDataStore.cpp:

(WebKit::WebsiteDataStore::hasStorageAccess): Always make the
domain comply with our 'primaryDomain' logic.
(WebKit::WebsiteDataStore::requestStorageAccess): Ditto. Also make copy of domain
names before moving them to the completion handler.
(WebKit::WebsiteDataStore::grantStorageAccess): Ditto.

  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::hasStorageAccess): Always make the domain comply with our
'primaryDomain' logic.
(WebKit::WebPage::requestStorageAccess): Ditto.

8:13 AM Changeset in webkit [241677] by Carlos Garcia Campos
  • 3 edits
    2 deletes in releases/WebKitGTK/webkit-2.24

Merge r241572 - Unreviewed, rolling out r241497.
https://bugs.webkit.org/show_bug.cgi?id=194676

New test times out (Requested by NVI on #webkit).

Reverted changeset:

"Web Inspector: Styles: valid values in style attributes are
reported as unsupported property values"
https://bugs.webkit.org/show_bug.cgi?id=194619
https://trac.webkit.org/changeset/241497

8:13 AM Changeset in webkit [241676] by Carlos Garcia Campos
  • 10 edits
    1 add in releases/WebKitGTK/webkit-2.24

Merge r241571 - Cache the results of BytecodeGenerator::getVariablesUnderTDZ
https://bugs.webkit.org/show_bug.cgi?id=194583
<rdar://problem/48028140>

Reviewed by Yusuke Suzuki.

JSTests:

  • microbenchmarks/cache-get-variables-under-tdz-in-bytecode-generator.js: Added.

Source/JavaScriptCore:

This patch makes it so that getVariablesUnderTDZ caches a result of
CompactVariableMap::Handle. getVariablesUnderTDZ is costly when
it's called in an environment where there are a lot of variables.
This patch makes it so we cache its results. This is profitable when
getVariablesUnderTDZ is called repeatedly with the same environment
state. This is common since we call this every time we encounter a
function definition/expression node.

  • builtins/BuiltinExecutables.cpp:

(JSC::BuiltinExecutables::createExecutable):

  • bytecode/UnlinkedFunctionExecutable.cpp:

(JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable):

  • bytecode/UnlinkedFunctionExecutable.h:
  • bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::popLexicalScopeInternal):
(JSC::BytecodeGenerator::liftTDZCheckIfPossible):
(JSC::BytecodeGenerator::pushTDZVariables):
(JSC::BytecodeGenerator::getVariablesUnderTDZ):
(JSC::BytecodeGenerator::restoreTDZStack):

  • bytecompiler/BytecodeGenerator.h:

(JSC::BytecodeGenerator::makeFunction):

  • parser/VariableEnvironment.cpp:

(JSC::CompactVariableMap::Handle::Handle):
(JSC::CompactVariableMap::Handle::operator=):

  • parser/VariableEnvironment.h:

(JSC::CompactVariableMap::Handle::operator bool const):

  • runtime/CodeCache.cpp:

(JSC::CodeCache::getUnlinkedGlobalFunctionExecutable):

8:12 AM Changeset in webkit [241675] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.24/Source/WebCore

Merge r241567 - Web Inspector: Occasional crash under WebCore::CSSStyleSheet::item called from Inspector
https://bugs.webkit.org/show_bug.cgi?id=194671
<rdar://problem/47628191>

Patch by Joseph Pecoraro <Joseph Pecoraro> on 2019-02-14
Reviewed by Devin Rousso.

  • css/CSSStyleSheet.cpp:

(WebCore::CSSStyleSheet::item):
A crash may happen if the m_childRuleCSSOMWrappers Vector gets out of
sync with the m_contents list of rules. In particular if the wrappers
vector is shorter than the rule list. We tried exercising code paths
that modify these lists but were not able to reproduce the crash.
To avoid a crash we can make this access safer and avoid the original
overflow. At the same time we will keep and promote the assertion that
would catch the lists getting out of sync in debug builds.

8:12 AM Changeset in webkit [241674] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.24/Source/WebKit
Merge r241565 - ASSERTION FAILED: m_caches.isEmpty()
!m_pendingInitializationCallbacks.isEmpty() in WebKit::CacheStorage::Caches::clearMemoryRepresentation()

https://bugs.webkit.org/show_bug.cgi?id=188393
<rdar://problem/43025665>

Reviewed by Alex Christensen.

In case Caches::dispose is called, clearMemoryRepresentation might be called if there is no active cache.
We also ensure to not clear the memory representation if there is any remaining removed cache.
Update the clearMemoryRepresentation assertion to take that into account.

In case a Caches is cleared twice, the clearMemoryRepresentation assertion will assert while it should not.
In that case m_storage is null the second time. Update the assertion accordingly.

  • NetworkProcess/cache/CacheStorageEngineCaches.cpp:

(WebKit::CacheStorage::Caches::hasActiveCache const):
(WebKit::CacheStorage::Caches::dispose):
(WebKit::CacheStorage::Caches::clearMemoryRepresentation):

  • NetworkProcess/cache/CacheStorageEngineCaches.h:
8:12 AM Changeset in webkit [241673] by Carlos Garcia Campos
  • 7 edits in releases/WebKitGTK/webkit-2.24/Source/WebKit

Merge r241563 - [GTK] WebKitGTK+ -> WebKitGTK
https://bugs.webkit.org/show_bug.cgi?id=194658

Reviewed by Alex Christensen.

This renames WebKitGTK+ to WebKitGTK in a few user-visible places: the API documentation,
the pkg-config, and an error message.

In a couple places where it's exposed in WPE documentation, WPE is now mentioned, or the
reference to "WebKitGTK+" is changed to just "WebKit."

  • UIProcess/API/glib/WebKitSettings.cpp:

(webkit_settings_class_init):

  • UIProcess/API/glib/WebKitWebView.cpp:
  • UIProcess/API/gtk/docs/webkit2gtk-docs.sgml:
  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMPrivateGtk.h:
  • gtk/webkit2gtk-web-extension.pc.in:
  • gtk/webkit2gtk.pc.in:
8:12 AM Changeset in webkit [241672] by Carlos Garcia Campos
  • 6 edits in releases/WebKitGTK/webkit-2.24/Source/JavaScriptCore

Merge r241560 - [JSC] Non-JIT entrypoints should share NativeJITCode per entrypoint type
https://bugs.webkit.org/show_bug.cgi?id=194659

Reviewed by Mark Lam.

Non-JIT entrypoints create NativeJITCode every time it is called. But it is meaningless since these entry point code are identical.
We should create one per entrypoint type (for function, we should have CodeForCall and CodeForConstruct) and continue to use them.
And we use NativeJITCode instead of DirectJITCode if it does not have difference between usual entrypoint and arity check entrypoint.

  • dfg/DFGJITCode.h:
  • dfg/DFGJITFinalizer.cpp:

(JSC::DFG::JITFinalizer::finalize):
(JSC::DFG::JITFinalizer::finalizeFunction):

  • jit/JITCode.cpp:

(JSC::DirectJITCode::initializeCodeRefForDFG):
(JSC::DirectJITCode::initializeCodeRef): Deleted.
(JSC::NativeJITCode::initializeCodeRef): Deleted.

  • jit/JITCode.h:
  • llint/LLIntEntrypoint.cpp:

(JSC::LLInt::setFunctionEntrypoint):
(JSC::LLInt::setEvalEntrypoint):
(JSC::LLInt::setProgramEntrypoint):
(JSC::LLInt::setModuleProgramEntrypoint): Retagged is removed since the tag is the same.

8:12 AM Changeset in webkit [241671] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.24/Source/JavaScriptCore

Merge r241557 - [JSC] Should have default NativeJITCode
https://bugs.webkit.org/show_bug.cgi?id=194634

Reviewed by Mark Lam.

In JSC_useJIT=false mode, we always create identical NativeJITCode for call and construct when we create NativeExecutable.
This is meaningless since we do not modify NativeJITCode after the creation. This patch adds singleton used as a default one.
Since NativeJITCode (& JITCode) is ThreadSafeRefCounted, we can just share it in a whole process level. This removes 446 NativeJITCode
allocations, which takes 14KB.

  • runtime/VM.cpp:

(JSC::jitCodeForCallTrampoline):
(JSC::jitCodeForConstructTrampoline):
(JSC::VM::getHostFunction):

8:12 AM Changeset in webkit [241670] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.24/Source/JavaScriptCore

Merge r241552 - generateUnlinkedCodeBlockForFunctions shouldn't need to create a FunctionExecutable just to get its source code
https://bugs.webkit.org/show_bug.cgi?id=194576

Reviewed by Saam Barati.

Extract a new function, linkedSourceCode from UnlinkedFunctionExecutable::link
and use it in generateUnlinkedCodeBlockForFunctions instead.

  • bytecode/UnlinkedFunctionExecutable.cpp:

(JSC::UnlinkedFunctionExecutable::linkedSourceCode const):
(JSC::UnlinkedFunctionExecutable::link):

  • bytecode/UnlinkedFunctionExecutable.h:
  • runtime/CodeCache.cpp:

(JSC::generateUnlinkedCodeBlockForFunctions):

8:12 AM Changeset in webkit [241669] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.24/Source/WebCore/platform/gtk/po

Merge r241551 - [l10n] Updated Italian translation of WebKitGTK+
https://bugs.webkit.org/show_bug.cgi?id=194652

Patch by Milo Casagrande <milo@milo.name> on 2019-02-14
Rubber-stamped by Michael Catanzaro.

  • it.po:
8:12 AM Changeset in webkit [241668] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.24/Source/JavaScriptCore

Merge r241550 - CachedBitVector's size must be converted from bits to bytes
https://bugs.webkit.org/show_bug.cgi?id=194441

Reviewed by Saam Barati.

CachedBitVector used its size in bits for memcpy. That didn't cause any
issues when encoding, since the size in bits was also used in the allocation,
but would overflow the actual BitVector buffer when decoding.

  • runtime/CachedTypes.cpp:

(JSC::CachedBitVector::encode):
(JSC::CachedBitVector::decode const):

8:12 AM Changeset in webkit [241667] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.24

Merge r241549 - AX: ARIA Reflection was disabled in error
https://bugs.webkit.org/show_bug.cgi?id=194647
<rdar://problem/48068336>

Reviewed by Ryosuke Niwa.

Source/WebKit:

  • Shared/WebPreferences.yaml:

Tools:

Remove test override now that this feature should be enabled by default.

  • WebKitTestRunner/TestController.cpp:

(WTR::TestController::resetPreferencesToConsistentValues):

8:12 AM Changeset in webkit [241666] by Carlos Garcia Campos
  • 5 edits in releases/WebKitGTK/webkit-2.24/Source

Merge r241547 - Web Inspector: don't include accessibility role in DOM.Node object payloads
https://bugs.webkit.org/show_bug.cgi?id=194623
<rdar://problem/36384037>

Reviewed by Devin Rousso.

Source/JavaScriptCore:

Remove property of DOM.Node that is no longer being sent.

  • inspector/protocol/DOM.json:

Source/WebCore:

Accessibility properties are complicated to fetch at all the points where we want to build and push nodes immediately.
Turning on AX often indirectly causes style recalc and layout. This is bad because we are often building nodes in the
first place due to a DOM node tree update (i.e., NodeInserted).

It turns out that DOM.getAccessibilityPropertiesForNode is called every time we display
the computed role in the Elements Tab > Nodes Sidebar > Accessibility Section. So it is not
necessary to collect this information in a problematic way when initially pushing the node, as
it will be updated anyway.

No new tests, no change in behavior.

  • inspector/agents/InspectorDOMAgent.cpp:

(WebCore::InspectorDOMAgent::buildObjectForNode):

8:12 AM Changeset in webkit [241665] by Carlos Garcia Campos
  • 5 edits
    2 adds in releases/WebKitGTK/webkit-2.24

Merge r241546 - [LFC][BFC][MarginCollapse] Replaced boxes don't collapse through their margins
https://bugs.webkit.org/show_bug.cgi?id=194622

Reviewed by Antti Koivisto.

Source/WebCore:

Ensure that block replaced boxes don't collapse through their vertical margins.

Test: fast/block/block-only/block-replaced-with-vertical-margins.html

  • layout/blockformatting/BlockMarginCollapse.cpp:

(WebCore::Layout::BlockFormattingContext::MarginCollapse::marginsCollapseThrough):

  • page/FrameViewLayoutContext.cpp:

(WebCore::layoutUsingFormattingContext):

Tools:

  • LayoutReloaded/misc/LFC-passing-tests.txt:

LayoutTests:

  • fast/block/block-only/block-replaced-with-vertical-margins-expected.html: Added.
  • fast/block/block-only/block-replaced-with-vertical-margins.html: Added.
8:12 AM Changeset in webkit [241664] by Carlos Garcia Campos
  • 7 edits in releases/WebKitGTK/webkit-2.24

Merge r241545 - [LFC] Shrink-to-fit-width should be constrained by min/max width
https://bugs.webkit.org/show_bug.cgi?id=194653

Reviewed by Antti Koivisto.

Source/WebCore:

Use the fixed value of min-width/max-width to constrain the computed preferred width.

  • layout/FormattingContext.h:
  • layout/FormattingContextGeometry.cpp:

(WebCore::Layout::FormattingContext::Geometry::constrainByMinMaxWidth):

  • layout/blockformatting/BlockFormattingContextGeometry.cpp:

(WebCore::Layout::BlockFormattingContext::Geometry::intrinsicWidthConstraints):

  • layout/inlineformatting/InlineFormattingContext.cpp:

(WebCore::Layout::InlineFormattingContext::computeIntrinsicWidthConstraints const):

Tools:

  • LayoutReloaded/misc/LFC-passing-tests.txt:
8:11 AM Changeset in webkit [241663] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.24/Source/WebKit

Merge r241544 - Do not add a caches to its engine if the salt cannot be initialized
https://bugs.webkit.org/show_bug.cgi?id=194604

Reviewed by Antti Koivisto.

This is a follow-up to https://bugs.webkit.org/show_bug.cgi?id=194588.
We should return early if initialize fails.

  • NetworkProcess/cache/CacheStorageEngine.cpp:

(WebKit::CacheStorage::Engine::readCachesFromDisk):

3:17 AM Changeset in webkit [241662] by dinfuehr@igalia.com
  • 2 edits in trunk/JSTests

[ARM] Test gardening: Test running out of executable memory
https://bugs.webkit.org/show_bug.cgi?id=194771

Unreviewed. Do not run test without LLInt, test is running out of executable
memory on ARM otherwise.

  • stress/tagged-template-object-collect.js:
2:32 AM Changeset in webkit [241661] by tpopela@redhat.com
  • 2 edits in trunk/JSTests

Unreviewed, skip the test on platforms without sampling profiler

  • stress/sampling-profiler-stack-trace-with-double-quote-in-function-name.js:

(platformSupportsSamplingProfiler.foo):
(platformSupportsSamplingProfiler.test):
(platformSupportsSamplingProfiler):
(foo): Deleted.
(test): Deleted.

2:20 AM Changeset in webkit [241660] by Tadeu Zagallo
  • 6 edits in trunk/Source/JavaScriptCore

Add version number to cached bytecode
https://bugs.webkit.org/show_bug.cgi?id=194768
<rdar://problem/48147968>

Reviewed by Saam Barati.

Add a version number to the bytecode cache that should be unique per build.

  • CMakeLists.txt:
  • DerivedSources-output.xcfilelist:
  • DerivedSources.make:
  • runtime/CachedTypes.cpp:

(JSC::Encoder::malloc):
(JSC::GenericCacheEntry::GenericCacheEntry):
(JSC::CacheEntry::CacheEntry):
(JSC::CacheEntry::encode):
(JSC::CacheEntry::decode const):
(JSC::GenericCacheEntry::decode const):
(JSC::decodeCodeBlockImpl):

  • runtime/CodeCache.h:

(JSC::CodeCacheMap::fetchFromDiskImpl):

1:12 AM Changeset in webkit [241659] by Carlos Garcia Campos
  • 2 edits in trunk/Source/WebKit

[GTK] Crash while filling selection data during drag and drop
https://bugs.webkit.org/show_bug.cgi?id=194698

Reviewed by Michael Catanzaro.

I can't reproduce this, but it seems that m_draggingSelectionData is nullptr in fillDragData(). That can happen
when startDrag cancels a previous DND operation, because the new m_draggingSelectionData is set before the
current DND operation is cancelled, which sets it to nullptr.

  • UIProcess/gtk/DragAndDropHandler.cpp:

(WebKit::DragAndDropHandler::startDrag): Finish the previous operation before setting m_draggingSelectionData.

Note: See TracTimeline for information about the timeline view.