Timeline



Apr 11, 2019:

11:35 PM Changeset in webkit [244211] by ysuzuki@apple.com
  • 10 edits
    1 add in trunk

[JSC] op_has_indexed_property should not assume subscript part is Uint32
https://bugs.webkit.org/show_bug.cgi?id=196850

Reviewed by Saam Barati.

JSTests:

  • stress/has-indexed-property-should-accept-non-int32.js: Added.

(foo):

Source/JavaScriptCore:

op_has_indexed_property assumed that subscript part is always Uint32. However, this is just a load from non-constant RegisterID,
DFG can store it in double format and can perform OSR exit. op_has_indexed_property should not assume that.
In this patch, instead, we check it with isAnyInt and get uint32_t from AnyInt.

  • jit/JITOpcodes.cpp:

(JSC::JIT::emit_op_has_indexed_property):

  • jit/JITOpcodes32_64.cpp:

(JSC::JIT::emit_op_has_indexed_property):

  • jit/JITOperations.cpp:
  • runtime/CommonSlowPaths.cpp:

(JSC::SLOW_PATH_DECL):

11:02 PM Changeset in webkit [244210] by Megan Gardner
  • 2 edits in trunk/LayoutTests

Fix flaky LayoutTests/fast/events/autoscroll-when-input-is-offscreen.html
https://bugs.webkit.org/show_bug.cgi?id=196840

Reviewed by Tim Horton.

Use more stable test infrastructure to conduct input tests.

  • fast/events/autoscroll-when-input-is-offscreen.html:
10:28 PM Changeset in webkit [244209] by Simon Fraser
  • 4 edits in trunk/Source/WebCore

Avoid doing positioned scrolling tree node work for layers not inside overflow:scroll
https://bugs.webkit.org/show_bug.cgi?id=196848

Reviewed by Zalan Bujtas.

Maintain a bit on RenderLayer which says if a layer has a composited scrolling ancestor
in the layer tree. We only need to do work related to making positioned scrolling tree nodes
for layers which are layer tree descendants of overflow:scroll.

  • rendering/RenderLayer.cpp:

(WebCore::RenderLayer::RenderLayer):
(WebCore::RenderLayer::updateLayerPositions):
(WebCore::outputPaintOrderTreeLegend):
(WebCore::outputPaintOrderTreeRecursive):

  • rendering/RenderLayer.h:
  • rendering/RenderLayerCompositor.cpp:

(WebCore::RenderLayerCompositor::requiresCompositingForPosition const):
(WebCore::RenderLayerCompositor::requiresCompositingForIndirectReason const):
(WebCore::RenderLayerCompositor::isViewportConstrainedFixedOrStickyLayer const):
(WebCore::RenderLayerCompositor::fixedLayerIntersectsViewport const):
(WebCore::RenderLayerCompositor::computeCoordinatedPositioningForLayer const):

6:55 PM Changeset in webkit [244208] by Alan Bujtas
  • 2 edits in trunk/Source/WebCore

Try to fix Windows build.

  • page/PrintContext.cpp:

(WebCore::PrintContext::computedPageMargin):

6:52 PM Changeset in webkit [244207] by aakash_jain@apple.com
  • 2 edits in trunk/Tools

[ews-build] Handle bug titles with unicode characters
https://bugs.webkit.org/show_bug.cgi?id=196802

Reviewed by Dewei Zhu.

  • BuildSlaveSupport/ews-build/steps.py:

(ValidatePatch._is_bug_closed):

6:04 PM Changeset in webkit [244206] by sbarati@apple.com
  • 3 edits
    1 add in trunk

Remove invalid assertion in operationInstanceOfCustom
https://bugs.webkit.org/show_bug.cgi?id=196842
<rdar://problem/49725493>

Reviewed by Michael Saboff.

JSTests:

  • stress/operationInstanceOfCustom-bad-assertion.js: Added.

Source/JavaScriptCore:

In the generated JIT code, we go to the slow path when the incoming function
isn't the Node's CodeOrigin's functionProtoHasInstanceSymbolFunction. However,
in the JIT operation, we were asserting against exec->lexicalGlobalObject()'s
functionProtoHasInstanceSymbolFunction. That assertion might be wrong when
inlining across global objects as exec->lexicalGlobalObject() uses the machine
frame for procuring the global object. There is no harm when this assertion fails
as we just execute the slow path. This patch removes the assertion. (However, this
does shed light on the deficiency in our exec->lexicalGlobalObject() function with
respect to inlining. However, this isn't new -- we've known about this for a while.)

  • jit/JITOperations.cpp:
5:58 PM Changeset in webkit [244205] by Megan Gardner
  • 4 edits in trunk/Source

Update 'Save Image' to more clear instructions
https://bugs.webkit.org/show_bug.cgi?id=196833
<rdar://problem/47446845>

Reviewed by Wenson Hsieh.

Source/WebCore:

Not testable, UI change only.

  • en.lproj/Localizable.strings:

Source/WebKit:

Just updating to a new string.

  • UIProcess/API/Cocoa/_WKElementAction.mm:

(+[_WKElementAction _elementActionWithType:customTitle:assistant:]):

5:53 PM Changeset in webkit [244204] by msaboff@apple.com
  • 6 edits
    1 add in trunk

Improve the Inline Cache Stats code
https://bugs.webkit.org/show_bug.cgi?id=196836

Reviewed by Saam Barati.

Source/JavaScriptCore:

Needed to handle the case where the Identifier could be null, for example with InstanceOfAddAccessCase
and InstanceOfReplaceWithJump.

Added the ability to log the location of a GetBy and PutBy property as either on self or up the
protocol chain.

  • jit/ICStats.cpp:

(JSC::ICEvent::operator< const):
(JSC::ICEvent::dump const):

  • jit/ICStats.h:

(JSC::ICEvent::ICEvent):
(JSC::ICEvent::hash const):

  • jit/JITOperations.cpp:
  • jit/Repatch.cpp:

(JSC::tryCacheGetByID):
(JSC::tryCachePutByID):
(JSC::tryCacheInByID):

Tools:

Added a new script to consolidate and arrange the output of --useICStats option.

This script merges the output from every group into one large table and sorts it from most common to
least common. It also counts the slow path GetById and PutById variants and then calculates the
percentage of gets or puts for each unique base,property pair compared to all the gets and puts.
Put together, this is useful to see what property accesses are not getting cached.

  • Scripts/ic-stats.py: Added.

(ICStats):
(ICStats.init):
(ICStats.parse):
(ICStats.dumpStats):
(usage):

4:43 PM Changeset in webkit [244203] by Chris Dumez
  • 7 edits in trunk/Source/WebKit

Unable to run system Safari with trunk WebKit
https://bugs.webkit.org/show_bug.cgi?id=196777
<rdar://problem/49784574>

Reviewed by Alex Christensen.

  • UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView _initializeWithConfiguration:]):
Add a linkedOnAfter check so that throwing exceptions when related web views use a different
data store only happens for apps rebuilt using recent SDK.

  • UIProcess/Cocoa/VersionChecks.h:
  • UIProcess/Cocoa/VersionChecks.mm:

(WebKit::linkedOnOrAfter):

  • By default, linkedOnOrAfter assumed Safari / MobileSafari is always linked-on-after. To satisfy my use cases, I introduced a new AssumeSafariIsAlwaysLinkedOnAfter parameter so that this behavior can be controlled by the caller.
  • In the header, DYLD_IOS_VERSION_* / DYLD_MACOS_VERSION_* constants are 0 when building with the non-internal SDK. As a result, the check instead linkedOnOrAfter() would cause us to always return true, which was wrong. I therefore updated the check inside linkedOnOrAfter() to special-case the 0 value for sdkVersion.
4:33 PM Changeset in webkit [244202] by Alan Bujtas
  • 20 edits
    6 adds in trunk

Add @page margin support
https://bugs.webkit.org/show_bug.cgi?id=196680
<rdar://problem/45217707>

Reviewed by Tim Horton.

Source/WebCore:

This patch adds support for @page margin. This feature is currently behind a runtime flag and is off by default.
We resolve the @page margin values in the WebProcess (currently no pseudo class is supported) and transfer them to the UIProcess through computedPagesCallback.
UIProcess is responsible for applying these new values on the printer. We also re-compute the available width/height for the current printing context
in the WebProcess if needed (see PrintInfo for current printer margins).

Tests: printing/page-with-10mm-left-margin.html

printing/page-with-zero-margin.html

  • page/PrintContext.cpp:

(WebCore::PrintContext::computedPageMargin):
(WebCore::PrintContext::computedPageSize):

  • page/PrintContext.h:
  • page/RuntimeEnabledFeatures.h:

(WebCore::RuntimeEnabledFeatures::pageAtRuleSupportEnabled const):
(WebCore::RuntimeEnabledFeatures::setPageAtRuleSupportEnabled):

Source/WebKit:

  • Shared/PrintInfo.cpp:

(WebKit::PrintInfo::encode const):
(WebKit::PrintInfo::decode):

  • Shared/PrintInfo.h:
  • Shared/WebPreferences.yaml:
  • Shared/gtk/PrintInfoGtk.cpp:

(WebKit::PrintInfo::PrintInfo):

  • Shared/mac/PrintInfoMac.mm:

(WebKit::PrintInfo::PrintInfo):

  • UIProcess/API/C/WKPage.cpp:

(WKPageComputePagesForPrinting):

  • UIProcess/API/C/WKPreferences.cpp:

(WKPreferencesSetPageAtRuleSupportEnabled):
(WKPreferencesGetPageAtRuleSupportEnabled):

  • UIProcess/API/C/WKPreferencesRefPrivate.h:
  • UIProcess/GenericCallback.h:
  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::computedPagesCallback):

  • UIProcess/WebPageProxy.h:
  • UIProcess/WebPageProxy.messages.in:
  • UIProcess/mac/WKPrintingView.mm:

(pageDidComputePageRects):
(-[WKPrintingView _askPageToComputePageRects]):

  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::beginPrinting):
(WebKit::WebPage::computePagesForPrinting):
(WebKit::WebPage::computePagesForPrintingImpl):

  • WebProcess/WebPage/WebPage.h:
  • WebProcess/WebPage/ios/WebPageIOS.mm:

(WebKit::WebPage::computePagesForPrintingAndDrawToPDF):

LayoutTests:

  • printing/page-with-10mm-left-margin-expected.pdf: Added.
  • printing/page-with-10mm-left-margin.html: Added.
  • printing/page-with-zero-margin-expected.pdf: Added.
  • printing/page-with-zero-margin.html: Added.
4:13 PM Changeset in webkit [244201] by dino@apple.com
  • 6 edits in trunk/Source

Extract UTI mapping and allow for additions
https://bugs.webkit.org/show_bug.cgi?id=196822
<rdar://problem/49822339>

Reviewed by Tim Horton.

Source/WebCore:

Add an ADDITIONAL_SYSTEM_PREVIEW_TYPES macro to the list
of accepted MIME types. And add a new helper to map
MIME types to UTI types when the system was unable to
find an existing type.

  • platform/MIMETypeRegistry.cpp:

(WebCore::MIMETypeRegistry::systemPreviewMIMETypes):

  • platform/network/mac/UTIUtilities.mm:

(WebCore::UTIFromUnknownMIMEType):
(WebCore::UTIFromMIMETypeCachePolicy::createValueForKey):

Source/WebKit:

Use the new helper to map MIME type to UTI.

  • UIProcess/Cocoa/SystemPreviewControllerCocoa.mm:

(-[_WKPreviewControllerDataSource previewController:previewItemAtIndex:]):

  • UIProcess/ios/WKSystemPreviewView.mm:

(getUTIForSystemPreviewMIMEType):

3:57 PM Changeset in webkit [244200] by rniwa@webkit.org
  • 10 edits
    10 adds in trunk

[iOS] Moving backwards by word granularity does not work if the previous line was inside another block element
https://bugs.webkit.org/show_bug.cgi?id=196670

Reviewed by Wenson Hsieh.

Source/WebCore:

The bug was ultimately caused by two reasons:

  1. On iOS, previousWordPositionBoundary would identify a blank line as a word boundary.
  2. SimplifiedBackwardsTextIterator generates a new line character (\n) between two block elements.

When moving backwards by word granularity, therefore, previousBoundary would encounter a new line created by (2)
and then previousWordPositionBoundary would identify it as a word boundary.

Fixed the bug (2) by adding the same check as TextIterator::exitNode has to avoid generating an extra new line
character following an exiting new line character. Also added internals.rangeAsTextUsingBackwardsTextIterator
to make SimplifiedBackwardsTextIterator directly testable in layout tests.

This fix unveiled an unrelated bug when moving backwards with sentence granularity at the beginning of a line.
In this case, WebKit was previously feeding ICU with the previous line's content followed by two new lines,
which constituted a new sentence. However after the fix, ICU no longer detects a new sentence after the end
of the prevous line. This patch, therefore, introduces a new optional argument to previousBoundary which forces
the succeeding paragraph's content (i.e. the content of the line from which we're moving backwards with sentence
granularity) to be fed to ICU. This fixes the bug that we were previously not being able to move backwards
with sentence granularity at the beginning of a line as indicated by the new tests.

Tests: editing/selection/extend-selection-backward-at-beginning-of-line-by-sentence-granularity.html

editing/selection/extend-selection-backward-at-beginning-of-line-by-word-granularity.html
editing/selection/move-selection-backward-at-beginning-of-line-by-sentence-granularity.html
editing/selection/move-selection-backward-at-beginning-of-line-by-word-granularity.html
editing/text-iterator/backwards-text-iterator-basic.html

  • accessibility/AXObjectCache.cpp:

(WebCore::AXObjectCache::previousBoundary): Fixed the bug that moving backwards with sentence granularity at
the beginning of a line does not work like we did in VisibleUnits. See the description below. It's tested by
an existing layout test accessibility/mac/text-marker-sentence-nav.html, which would fail without this fix.
(WebCore::AXObjectCache::startCharacterOffsetOfSentence):

  • accessibility/AXObjectCache.h:

(WebCore::CharacterOffset::isEqual const):

  • editing/TextIterator.cpp:

(WebCore::SimplifiedBackwardsTextIterator::handleNonTextNode): Fixed the bug that we were generating two line
lines between block elements. This fixes the bug that moving backwards with word granularity at the beginning
of a line fails on iOS.
(WebCore::plainTextUsingBackwardsTextIteratorForTesting): Added.

  • editing/TextIterator.h:
  • editing/VisibleUnits.cpp:

(WebCore::previousBoundary): Added the code to extract the succeeding paragraph's content as context for ICU.
This fixes the bug that moving backwards with sentence granularity at the beginning of a line fails.
Limit the length of backwards iteration at the current position to avoid traversing backwards beyond
the current position, and fixed a bug that an early return for the text node was not taking the suffix length
into account when deciding whether next position resides in the starting container node or not.
(WebCore::startSentenceBoundary):
(WebCore::startOfSentence):

  • testing/Internals.cpp:

(WebCore::Internals::rangeAsTextUsingBackwardsTextIterator): Added.

  • testing/Internals.h:
  • testing/Internals.idl:

LayoutTests:

Added a test for moving and extending backwards from the beginning of a line with word & sentence granularities,
and a basic set of tests forSimplifiedBackwardsTextIterator.

  • editing/selection/extend-selection-backward-at-beginning-of-line-by-sentence-granularity-expected.txt: Added.
  • editing/selection/extend-selection-backward-at-beginning-of-line-by-sentence-granularity.html: Added.
  • editing/selection/extend-selection-backward-at-beginning-of-line-by-word-granularity-expected.txt: Added.
  • editing/selection/extend-selection-backward-at-beginning-of-line-by-word-granularity.html: Added.
  • editing/selection/move-selection-backward-at-beginning-of-line-by-sentence-granularity-expected.txt: Added.
  • editing/selection/move-selection-backward-at-beginning-of-line-by-sentence-granularity.html: Added.
  • editing/selection/move-selection-backward-at-beginning-of-line-by-word-granularity-expected.txt: Added.
  • editing/selection/move-selection-backward-at-beginning-of-line-by-word-granularity.html: Added.
  • editing/text-iterator/backwards-text-iterator-basic-expected.txt: Added.
  • editing/text-iterator/backwards-text-iterator-basic.html: Added.
3:56 PM Changeset in webkit [244199] by Devin Rousso
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: REGRESSION(r244195): Timelines: unable to take heap snapshot
https://bugs.webkit.org/show_bug.cgi?id=196832
<rdar://problem/49828862>

Reviewed by Simon Fraser.

  • UserInterface/Controllers/TimelineManager.js:

(WI.TimelineManager.prototype.heapSnapshotAdded):
(WI.TimelineManager.prototype._addRecord):
Heap snapshots can be taken outside of a timeline recording, so remove the early return (and
assertion) that checks for an active recording before adding the heap snapshot record.

3:51 PM Changeset in webkit [244198] by commit-queue@webkit.org
  • 3 edits in trunk/Source/WebKit

REGRESSION (r244182): RemoteLayerTreeDrawingArea::flushLayers() should not be reentrant
https://bugs.webkit.org/show_bug.cgi?id=196825

Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2019-04-11
Reviewed by Simon Fraser.

Ensure the layer transactions IDs are sequential. So bail out of
RemoteLayerTreeDrawingArea::flushLayers() if reentrancy is detected.

  • WebProcess/WebPage/RemoteLayerTree/RemoteLayerTreeDrawingArea.h:
  • WebProcess/WebPage/RemoteLayerTree/RemoteLayerTreeDrawingArea.mm:

(WebKit::RemoteLayerTreeDrawingArea::flushLayers):

3:15 PM Changeset in webkit [244197] by Wenson Hsieh
  • 17 edits
    1 copy
    4 adds in trunk

Allow the MediaSource API to be enabled via website policy
https://bugs.webkit.org/show_bug.cgi?id=196429
<rdar://problem/48774333>

Reviewed by Tim Horton.

Source/WebCore:

Add support in DocumentLoader for adjusting page settings using its per-site policies. See WebKit ChangeLog for
more detail (in particular, the implementation of applyToDocumentLoader).

Test: fast/media/ios/ipad/enable-MediaSource-API-in-modern-compatibility-mode.html

  • loader/DocumentLoader.cpp:

(WebCore::DocumentLoader::applyPoliciesToSettings const):
(WebCore::DocumentLoader::attachToFrame):

  • loader/DocumentLoader.h:

Add an enum class for MediaSource policies; while we're at it, make all of these enum values 8 bits wide.

(WebCore::DocumentLoader::mediaSourcePolicy const):
(WebCore::DocumentLoader::setMediaSourcePolicy):

Source/WebKit:

Adds support for using WebsitePolicies to determine whether to enable the MediaSource API.

  • Shared/WebPreferences.yaml:

Disengage the mediaSourceEnabled internal preference from the corresponding WebCore setting; to ensure that
setting the preference to true still results in enabling the MediaSource API, we instead make it such that
turning on mediaSourceEnabled causes WebsitePolicies to set its WebsiteMediaSourcePolicy to Enable.

In the future, we should deprecate and remove this preference, in favor of simply setting preferred
compatibility mode on WKWebpagePreferences.

  • Shared/WebPreferences.yaml:
  • Shared/WebsiteMediaSourcePolicy.h: Copied from Source/WebKit/Shared/WebsitePoliciesData.h.
  • Shared/WebsitePoliciesData.cpp:

(WebKit::WebsitePoliciesData::encode const):
(WebKit::WebsitePoliciesData::decode):

Add plumbing for m_mediaSourcePolicy in the set of website policies.

(WebKit::WebsitePoliciesData::applyToDocumentLoader):

Update the document loader with the given media source policy. There are two possibilities when applying the set
of policies to the document loader; either the document loader is already attached to a Frame, or the document
loader is yet to be attached to a Frame.

In the first case, we update Frame's settings on the spot, by calling the new applyPoliciesToSettings helper
method. In the second scenario, we stash the policy state on DocumentLoader; when the DocumentLoader is attached
to a Frame, we'll then update the Frame's settings using DocumentLoader's policy.

  • Shared/WebsitePoliciesData.h:
  • UIProcess/API/APIWebsitePolicies.cpp:

(API::WebsitePolicies::data):

  • UIProcess/API/APIWebsitePolicies.h:
  • UIProcess/API/C/WKPage.cpp:

(WKPageSetPageNavigationClient):

  • UIProcess/Cocoa/NavigationState.mm:

(WebKit::NavigationState::NavigationClient::decidePolicyForNavigationAction):

Move code that adjusts website policies after deciding policies for the navigation action from NavigationClient
::decidePolicyForNavigationAction to the completion handler of the policy listener. This allows us to respect
default website policies on the web view configuration, even when using the C API to set the navigation client,
and also allows us to have a single call site for adjustPoliciesForCompatibilityMode. This also enables our
layout tests to opt into modern compatibility mode by default, when specifying modern compatibility mode on
webpage preferences.

  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::decidePolicyForNavigationAction):
(WebKit::WebPageProxy::adjustPoliciesForCompatibilityMode):

  • UIProcess/WebPageProxy.h:
  • WebKit.xcodeproj/project.pbxproj:

LayoutTests:

Add an on-device layout test to ensure that enabling modern compability mode also enables MSE.

  • TestExpectations:
  • fast/media/ios/ipad/enable-MediaSource-API-in-modern-compatibility-mode-expected.txt: Added.
  • fast/media/ios/ipad/enable-MediaSource-API-in-modern-compatibility-mode.html: Added.
  • platform/ios-simulator/TestExpectations:
  • platform/ios/TestExpectations:
2:51 PM Changeset in webkit [244196] by youenn@apple.com
  • 4 edits in trunk

Support RTCDataChannel blob binaryType
https://bugs.webkit.org/show_bug.cgi?id=196821

Reviewed by Eric Carlson.

LayoutTests/imported/w3c:

  • web-platform-tests/webrtc/RTCDataChannel-send-expected.txt:

Source/WebCore:

Add support for receiving blobs.
Default value is still left to 'arraybuffer' which is not spec compliant.
Covered by rebased test.

  • Modules/mediastream/RTCDataChannel.cpp:

(WebCore::RTCDataChannel::setBinaryType):
(WebCore::RTCDataChannel::didReceiveRawData):

2:06 PM Changeset in webkit [244195] by Devin Rousso
  • 34 edits in trunk

Web Inspector: Timelines: can't reliably stop/start a recording
https://bugs.webkit.org/show_bug.cgi?id=196778
<rdar://problem/47606798>

Reviewed by Timothy Hatcher.

Source/JavaScriptCore:

  • inspector/protocol/ScriptProfiler.json:
  • inspector/protocol/Timeline.json:

It is possible to determine when programmatic capturing starts/stops in the frontend based
on the state when the backend causes the state to change, such as if the state is "inactive"
when the frontend is told that the backend has started capturing.

  • inspector/protocol/CPUProfiler.json:
  • inspector/protocol/Memory.json:

Send an end timestamp to match other instruments.

  • inspector/JSGlobalObjectConsoleClient.cpp:

(Inspector::JSGlobalObjectConsoleClient::startConsoleProfile):
(Inspector::JSGlobalObjectConsoleClient::stopConsoleProfile):

  • inspector/agents/InspectorScriptProfilerAgent.h:
  • inspector/agents/InspectorScriptProfilerAgent.cpp:

(Inspector::InspectorScriptProfilerAgent::trackingComplete):
(Inspector::InspectorScriptProfilerAgent::programmaticCaptureStarted): Deleted.
(Inspector::InspectorScriptProfilerAgent::programmaticCaptureStopped): Deleted.

Source/WebCore:

  • inspector/agents/InspectorTimelineAgent.cpp:

(WebCore::InspectorTimelineAgent::startProgrammaticCapture):
(WebCore::InspectorTimelineAgent::stopProgrammaticCapture):
It is possible to determine when programmatic capturing starts/stops in the frontend based
on the state when the backend causes the state to change, such as if the state is "inactive"
when the frontend is told that the backend has started capturing.

  • inspector/agents/InspectorCPUProfilerAgent.cpp:

(WebCore::InspectorCPUProfilerAgent::stopTracking):

  • inspector/agents/InspectorMemoryAgent.cpp:

(WebCore::InspectorMemoryAgent::stopTracking):
Send an end timestamp to match other instruments.

Source/WebInspectorUI:

Rather than have a binary state of capturing/not-capturing, we should use a four state:

  1. inactive (when the backend has stopped capturing)
  2. starting (when the frontend requests capturing to start)
  3. active (when the backend has started capturing)
  4. stopping (when the frontend requests capturing to stop)

Capturing is considered "on" when not in an "inactive" state. Prevent the frontend from
starting/stopping capturing unless we're in a "stable" ("inactive" or "active") state, not a
"transition" ("starting" or "stopping") state.

One "side effect" of this change is that since the capturing is considered active until the
backend has stopped capturing, we will continue to process records in the frontend even if
the frontend has requested to stop capturing. <https://webkit.org/b/152904>

  • UserInterface/Controllers/TimelineManager.js:

(WI.TimelineManager):
(WI.TimelineManager.prototype.get capturingState): Added.
(WI.TimelineManager.prototype.reset):
(WI.TimelineManager.prototype.get activeRecording):
(WI.TimelineManager.prototype.set autoCaptureOnPageLoad):
(WI.TimelineManager.prototype.isCapturing):
(WI.TimelineManager.prototype.startCapturing):
(WI.TimelineManager.prototype.stopCapturing):
(WI.TimelineManager.prototype.processJSON):
(WI.TimelineManager.prototype.capturingStarted):
(WI.TimelineManager.prototype.capturingStopped):
(WI.TimelineManager.prototype.autoCaptureStarted):
(WI.TimelineManager.prototype.eventRecorded):
(WI.TimelineManager.prototype.pageDOMContentLoadedEventFired):
(WI.TimelineManager.prototype.pageLoadEventFired):
(WI.TimelineManager.prototype.cpuProfilerTrackingUpdated):
(WI.TimelineManager.prototype.cpuProfilerTrackingCompleted):
(WI.TimelineManager.prototype.memoryTrackingUpdated):
(WI.TimelineManager.prototype.memoryTrackingCompleted):
(WI.TimelineManager.prototype.heapTrackingStarted):
(WI.TimelineManager.prototype.heapTrackingCompleted):
(WI.TimelineManager.prototype.heapSnapshotAdded):
(WI.TimelineManager.prototype._updateCapturingState): Added.
(WI.TimelineManager.prototype._processRecord):
(WI.TimelineManager.prototype._processEvent):
(WI.TimelineManager.prototype._loadNewRecording):
(WI.TimelineManager.prototype._addRecord):
(WI.TimelineManager.prototype._attemptAutoCapturingForFrame):
(WI.TimelineManager.prototype._legacyAttemptStartAutoCapturingForFrame):
(WI.TimelineManager.prototype._stopAutoRecordingSoon):
(WI.TimelineManager.prototype._resetAutoRecordingDeadTimeTimeout):
(WI.TimelineManager.prototype._resourceWasAdded):
(WI.TimelineManager.prototype._garbageCollected):
(WI.TimelineManager.prototype._memoryPressure):
(WI.TimelineManager.prototype._handleTimelinesAutoStopSettingChanged):
(WI.TimelineManager.prototype.scriptProfilerTrackingCompleted):
(WI.TimelineManager.prototype._handleDOMNodeDidFireEvent):
(WI.TimelineManager.prototype._handleDOMNodeLowPowerChanged):
(WI.TimelineManager.prototype.unloadRecording): Deleted.
(WI.TimelineManager.prototype.programmaticCaptureStarted): Deleted.
(WI.TimelineManager.prototype.programmaticCaptureStopped): Deleted.
(WI.TimelineManager.prototype.scriptProfilerProgrammaticCaptureStarted): Deleted.
(WI.TimelineManager.prototype.scriptProfilerProgrammaticCaptureStopped): Deleted.

  • UserInterface/Protocol/ScriptProfilerObserver.js:

(WI.ScriptProfilerObserver.prototype.trackingComplete):
(WI.ScriptProfilerObserver.prototype.programmaticCaptureStarted):
(WI.ScriptProfilerObserver.prototype.programmaticCaptureStopped):

  • UserInterface/Protocol/TimelineObserver.js:

(WI.TimelineObserver.prototype.programmaticCaptureStarted):
(WI.TimelineObserver.prototype.programmaticCaptureStopped):
It is possible to determine when programmatic capturing starts/stops in the frontend based
on the state when the backend causes the state to change, such as if the state is "inactive"
when the frontend is told that the backend has started capturing.

  • UserInterface/Protocol/CPUProfilerObserver.js:

(WI.CPUProfilerObserver.prototype.trackingComplete):

  • UserInterface/Protocol/MemoryObserver.js:

(WI.MemoryObserver.prototype.trackingComplete):
Send an end timestamp to match other instruments.

  • UserInterface/Controllers/DebuggerManager.js:

(WI.DebuggerManager):
(WI.DebuggerManager.prototype._handleTimelineCapturingStateChanged): Added.
(WI.DebuggerManager.prototype._timelineCapturingWillStart): Deleted.
(WI.DebuggerManager.prototype._timelineCapturingStopped): Deleted.

  • UserInterface/Models/DefaultDashboard.js:

(WI.DefaultDashboard):
(WI.DefaultDashboard.prototype._handleTimelineCapturingStateChanged): Added.
(WI.DefaultDashboard.prototype._capturingStopped): Deleted.

  • UserInterface/Views/DebuggerSidebarPanel.js:

(WI.DebuggerSidebarPanel):
(WI.DebuggerSidebarPanel.prototype._handleTimelineCapturingStateChanged): Added.
(WI.DebuggerSidebarPanel.prototype._timelineCapturingWillStart): Deleted.
(WI.DebuggerSidebarPanel.prototype._timelineCapturingStopped): Deleted.

  • UserInterface/Views/SourcesNavigationSidebarPanel.js:

(WI.SourcesNavigationSidebarPanel):
(WI.SourcesNavigationSidebarPanel.prototype._handleTimelineCapturingStateChanged): Added.
(WI.SourcesNavigationSidebarPanel.prototype._handleTimelineCapturingWillStart): Deleted.
(WI.SourcesNavigationSidebarPanel.prototype._handleTimelineCapturingStopped): Deleted.

  • UserInterface/Views/TimelineOverview.js:

(WI.TimelineOverview):
(WI.TimelineOverview.prototype._handleTimelineCapturingStateChanged): Added.
(WI.TimelineOverview.prototype._capturingStarted): Deleted.
(WI.TimelineOverview.prototype._capturingStopped): Deleted.

  • UserInterface/Views/TimelineRecordingContentView.js:

(WI.TimelineRecordingContentView):
(WI.TimelineRecordingContentView.prototype._handleTimelineCapturingStateChanged): Added.
(WI.TimelineRecordingContentView.prototype._recordingUnloaded):
(WI.TimelineRecordingContentView.prototype._capturingStarted): Deleted.
(WI.TimelineRecordingContentView.prototype._capturingStopped): Deleted.

  • UserInterface/Views/TimelineTabContentView.js:

(WI.TimelineTabContentView):
(WI.TimelineTabContentView.prototype._handleTimelineCapturingStateChanged): Added.
(WI.TimelineTabContentView.prototype._capturingStartedOrStopped): Deleted.
Use the new single event for all Timelines capture state changes.
Prevent the record button from being clicked when capturing is in a transition state.

LayoutTests:

  • inspector/timeline/debugger-paused-while-recording.html:
  • inspector/timeline/exception-in-injected-script-while-recording.html:
  • inspector/timeline/line-column.html:
  • inspector/timeline/recording-start-stop-timestamps.html:
  • inspector/timeline/resources/timeline-event-utilities.js:
  • inspector/timeline/setInstruments-programmatic-capture.html:
  • inspector/timeline/setInstruments-programmatic-capture-expected.txt:
  • inspector/timeline/timeline-recording.html:
1:56 PM Changeset in webkit [244194] by Kocsen Chung
  • 4 edits
    1 delete in branches/safari-607-branch

Revert r244165. rdar://problem/49788895

1:47 PM Changeset in webkit [244193] by sbarati@apple.com
  • 28 edits in trunk/Source/JavaScriptCore

Rename SetArgument to SetArgumentDefinitely
https://bugs.webkit.org/show_bug.cgi?id=196828

Reviewed by Yusuke Suzuki.

This is in preparation for https://bugs.webkit.org/show_bug.cgi?id=196712
where we will introduce a node named SetArgumentMaybe. Doing this refactoring
first will make reviewing that other patch easier.

  • dfg/DFGAbstractInterpreterInlines.h:

(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):

  • dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::handleVarargsInlining):
(JSC::DFG::ByteCodeParser::parseBlock):

  • dfg/DFGCPSRethreadingPhase.cpp:

(JSC::DFG::CPSRethreadingPhase::freeUnnecessaryNodes):
(JSC::DFG::CPSRethreadingPhase::canonicalizeGetLocalFor):
(JSC::DFG::CPSRethreadingPhase::canonicalizeFlushOrPhantomLocalFor):
(JSC::DFG::CPSRethreadingPhase::canonicalizeLocalsInBlock):
(JSC::DFG::CPSRethreadingPhase::specialCaseArguments):
(JSC::DFG::CPSRethreadingPhase::propagatePhis):
(JSC::DFG::CPSRethreadingPhase::computeIsFlushed):

  • dfg/DFGClobberize.h:

(JSC::DFG::clobberize):

  • dfg/DFGCommon.h:
  • dfg/DFGDoesGC.cpp:

(JSC::DFG::doesGC):

  • dfg/DFGFixupPhase.cpp:

(JSC::DFG::FixupPhase::fixupNode):

  • dfg/DFGGraph.cpp:

(JSC::DFG::Graph::methodOfGettingAValueProfileFor):

  • dfg/DFGGraph.h:
  • dfg/DFGInPlaceAbstractState.cpp:

(JSC::DFG::InPlaceAbstractState::initialize):
(JSC::DFG::InPlaceAbstractState::endBasicBlock):

  • dfg/DFGLiveCatchVariablePreservationPhase.cpp:

(JSC::DFG::LiveCatchVariablePreservationPhase::handleBlockForTryCatch):

  • dfg/DFGMaximalFlushInsertionPhase.cpp:

(JSC::DFG::MaximalFlushInsertionPhase::treatRegularBlock):
(JSC::DFG::MaximalFlushInsertionPhase::treatRootBlock):

  • dfg/DFGMayExit.cpp:
  • dfg/DFGNode.cpp:

(JSC::DFG::Node::hasVariableAccessData):

  • dfg/DFGNode.h:

(JSC::DFG::Node::convertPhantomToPhantomLocal):

  • dfg/DFGNodeType.h:
  • dfg/DFGOSREntrypointCreationPhase.cpp:

(JSC::DFG::OSREntrypointCreationPhase::run):

  • dfg/DFGPhantomInsertionPhase.cpp:
  • dfg/DFGPredictionPropagationPhase.cpp:
  • dfg/DFGSSAConversionPhase.cpp:

(JSC::DFG::SSAConversionPhase::run):

  • dfg/DFGSafeToExecute.h:

(JSC::DFG::safeToExecute):

  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::checkArgumentTypes):

  • dfg/DFGSpeculativeJIT32_64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

  • dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

  • dfg/DFGTypeCheckHoistingPhase.cpp:

(JSC::DFG::TypeCheckHoistingPhase::run):

  • dfg/DFGValidate.cpp:
  • ftl/FTLCapabilities.cpp:

(JSC::FTL::canCompile):

11:09 AM Changeset in webkit [244192] by Antti Koivisto
  • 2 edits in trunk/Source/WebKit

REGRESSION: changing iPad orientation on blogger.com crashes under RemoteScrollingCoordinatorProxy::establishLayerTreeScrollingRelations()
https://bugs.webkit.org/show_bug.cgi?id=196813
<rdar://problem/49393264>

Reviewed by Simon Fraser.

No test, can't repro.

  • UIProcess/RemoteLayerTree/ios/RemoteScrollingCoordinatorProxyIOS.mm:

(WebKit::RemoteScrollingCoordinatorProxy::establishLayerTreeScrollingRelations):

Null check the nodes.

10:45 AM Changeset in webkit [244191] by Truitt Savell
  • 25 edits in trunk/Source

Unreviewed, rolling out r244158.

Casued 8 inspector/timeline/ test failures.

Reverted changeset:

"Web Inspector: Timelines: can't reliably stop/start a
recording"
https://bugs.webkit.org/show_bug.cgi?id=196778
https://trac.webkit.org/changeset/244158

10:24 AM Changeset in webkit [244190] by Alan Coon
  • 6 edits in branches/safari-607-branch/Source/WebKit

Apply patch. rdar://problem/49788956

8:49 AM Changeset in webkit [244189] by Michael Catanzaro
  • 2 edits in trunk/Source/WebCore/platform/gtk/po

Updated Spanish translation
https://bugs.webkit.org/show_bug.cgi?id=196810

Patch by Álvaro Torralba <donfrutosgomez@gmail.com> on 2019-04-11
Rubber-stamped by Michael Catanzaro.

  • es.po:
6:30 AM Changeset in webkit [244188] by commit-queue@webkit.org
  • 3 edits in trunk/Source/WebCore

[WPE] Build error with ENABLE_VIDEO=OFF after r244078
https://bugs.webkit.org/show_bug.cgi?id=196811

createGenericCue() is only defined when VIDEO_TRACK is enabled.

Patch by Pablo Saavedra <Pablo Saavedra> on 2019-04-11
Reviewed by Eric Carlson.

  • testing/Internals.cpp:

(WebCore::Internals::createGenericCue):

  • testing/Internals.h:
1:25 AM Changeset in webkit [244187] by Carlos Garcia Campos
  • 7 edits in trunk

[GTK] Layout test accessibility/aria-hidden-false-works-in-subtrees.html fails after r184890
https://bugs.webkit.org/show_bug.cgi?id=146718
<rdar://problem/21722487>

Reviewed by Joanmarie Diggs.

Source/WebCore:

Allow to get the text under element for nodes hidden in DOM but explicitly exposed to accessibility with
aria-hidden="false".

Fixes: accessibility/aria-hidden-false-works-in-subtrees.html

  • accessibility/AccessibilityNodeObject.cpp:

(WebCore::AccessibilityNodeObject::textUnderElement const):

  • accessibility/atk/WebKitAccessible.cpp:

(roleIsTextType): Also consider ApplicationGroup role as text elements, so that <div>text</div> is equivalent to
<div role="roup">test</div>.

LayoutTests:

Update test to ATK behavior, rebaseline it and remove the expectations.

  • accessibility/aria-hidden-false-works-in-subtrees.html:
  • platform/gtk/TestExpectations:
  • platform/gtk/accessibility/aria-hidden-false-works-in-subtrees-expected.txt:

Apr 10, 2019:

11:48 PM Changeset in webkit [244186] by Chris Dumez
  • 2 edits in trunk/Source/WebKit

Regression(r244144) ProcessSwap.ReuseSuspendedProcessLoadHTMLString API test is flaky
https://bugs.webkit.org/show_bug.cgi?id=196784

Reviewed by Antti Koivisto.

When we enter accelerated compositing mode in the new process, we supposed to *close* the last
SuspendedPageProxy, not destroy it. This was causing flakiness in the test because it was testing
that we were using the SuspendedPageProxy's process for a cross-site link navigation, which is
an optimization. This optimization was partly broken by r244144 as the SuspendedPageProxy would
not sometimes be gone by the time we need it.

  • UIProcess/SuspendedPageProxy.cpp:

(WebKit::SuspendedPageProxy::pageEnteredAcceleratedCompositingMode):

11:26 PM Changeset in webkit [244185] by sbarati@apple.com
  • 3 edits
    1 add in trunk

AbstractValue::validateOSREntryValue is wrong for Int52 constants
https://bugs.webkit.org/show_bug.cgi?id=196801
<rdar://problem/49771122>

Reviewed by Yusuke Suzuki.

JSTests:

  • stress/abstract-value-int52-constant-validation-should-not-care-about-representation.js: Added.

Source/JavaScriptCore:

validateOSREntryValue should not care about the format of the incoming
value for Int52s. This patch normalizes the format of m_value and
the incoming value when comparing them.

  • dfg/DFGAbstractValue.h:

(JSC::DFG::AbstractValue::validateOSREntryValue const):

11:16 PM Changeset in webkit [244184] by commit-queue@webkit.org
  • 4 edits in trunk

WKNavigationResponse._downloadAttribute should be nil when no download attribute is present
https://bugs.webkit.org/show_bug.cgi?id=196809
<rdar://49800762>

Patch by Alex Christensen <achristensen@webkit.org> on 2019-04-10
Reviewed by Brady Eidson.

Source/WebKit:

  • UIProcess/API/Cocoa/WKNavigationResponse.mm:

(-[WKNavigationResponse _downloadAttribute]):

Tools:

  • TestWebKitAPI/Tests/WebKitCocoa/WKNavigationResponse.mm:

(TEST):

11:08 PM Changeset in webkit [244183] by timothy_horton@apple.com
  • 2 edits in trunk/Source/WebKit

REGRESSION (r241734): ⌥⌘↑ and ⌥⌘↓ no longer navigate to previous/next Reading List article
https://bugs.webkit.org/show_bug.cgi?id=196797
<rdar://problem/48484715>

Reviewed by Simon Fraser.

  • UIProcess/ios/WKKeyboardScrollingAnimator.mm:

(-[WKKeyboardScrollingAnimator keyboardScrollForEvent:]):
Validate the set of modifier keys pressed when handling a key event for scrolling:
Ignore key events with multiple modifier keys pressed.
Ignore key events with an invalid modifier key pressed for a given primary key.

10:44 PM Changeset in webkit [244182] by commit-queue@webkit.org
  • 50 edits
    1 move
    1 add
    2 deletes in trunk

requestAnimationFrame should execute before the next frame
https://bugs.webkit.org/show_bug.cgi?id=177484

Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2019-04-10
Reviewed by Simon Fraser.

LayoutTests/imported/w3c:

Add trace points for the page RenderingUpdate.

  • web-platform-tests/resize-observer/resources/resizeTestHelper.js:

Change ResizeTestHelper.TIMEOUT to be 1 second instead of 100 ms which
is too short for layout tests.

Source/WebCore:

This change fixes these issues with animation timing:

  1. Calling the requestAnimationFrame callbacks would have happened when the DisplayLink fires. This may have happened even if the frame is missed and no display is committed.
  1. Style changes and layout triggered by script could trigger painting at more than 60fps. CoreAnimation commits could happen at more than 60fps, although WindowServer will throttle those, and only some will be shown on the screen.

This change introduces a new paint scheduling model where painting is
driven by a "RenderingUpdateScheduler", which only triggers paints once
per 16.7ms frame.

Code that previously scheduled a compositing layer flush now schedules a
"RenderingUpdate", and that update is driven by a DisplayRefreshMonitor
callback. When the render happens, we service requestAnimationFrame callbacks,
Web Animations, intersection observations and resize observations per the
"Update the rendering" step of the HTML Event Loop specification:
<https://html.spec.whatwg.org/multipage/webappapis.html#update-the-rendering>.

In the future, more rendering steps will be added to this code.

  • Sources.txt:
  • WebCore.xcodeproj/project.pbxproj:
  • accessibility/mac/AXObjectCacheMac.mm:

(WebCore::AXObjectCache::platformHandleFocusedUIElementChanged):
Fix layout tests by adding null check.

  • animation/DocumentAnimationScheduler.cpp: Removed.
  • animation/DocumentAnimationScheduler.h: Removed.
  • animation/DocumentTimeline.cpp:

(WebCore::DocumentTimeline::DocumentTimeline):
(WebCore::DocumentTimeline::updateThrottlingState):
(WebCore::DocumentTimeline::suspendAnimations):
(WebCore::DocumentTimeline::resumeAnimations):
(WebCore::DocumentTimeline::liveCurrentTime const):
(WebCore::DocumentTimeline::currentTime):
(WebCore::DocumentTimeline::cacheCurrentTime):
(WebCore::DocumentTimeline::animationTimingDidChange):
(WebCore::DocumentTimeline::scheduleAnimationResolution):
(WebCore::DocumentTimeline::unscheduleAnimationResolution):
(WebCore::DocumentTimeline::updateAnimationsAndSendEvents):
(WebCore::DocumentTimeline::internalUpdateAnimationsAndSendEvents):
(WebCore::DocumentTimeline::scheduleNextTick):
(WebCore::DocumentTimeline::updateListOfElementsWithRunningAcceleratedAnimationsForElement):
Simplify this function by handling the case of no-animations separately.

(WebCore::DocumentTimeline::resolveAnimationsForElement):
Simplify the loop and delete hasPendingAcceleratedAnimations because it
is initialized to true and is not changed inside the loop.

(WebCore::DocumentTimeline::scheduleAnimationResolutionIfNeeded): Deleted.
(WebCore::DocumentTimeline::animationResolutionTimerFired): Deleted.

  • animation/DocumentTimeline.h:
  • dom/Document.cpp:

(WebCore::Document::resolveStyle):
There is no need to force update in resolveStyle(). notifyFlushRequired()
will be called eventually which will scheduleRenderingUpdate().

(WebCore::Document::prepareForDestruction):
(WebCore::Document::updateAnimationsAndSendEvents):
(WebCore::Document::serviceRequestAnimationFrameCallbacks):
(WebCore::Document::windowScreenDidChange):
(WebCore::Document::scheduleRenderingUpdate):
(WebCore::Document::updateIntersectionObservations):
(WebCore::Document::addResizeObserver):
(WebCore::Document::updateResizeObservations):
(WebCore::Document::scheduleForcedIntersectionObservationUpdate): Deleted.
(WebCore::Document::scheduleResizeObservations): Deleted.
(WebCore::Document::animationScheduler): Deleted.
No need to schedule web-animations, intersection observations and resize
observations updates separately. All of them will be updated through the
"Update the rendering" step, i.e. Page::updateRendering().

  • dom/Document.h:

(WebCore::Document::numberOfIntersectionObservers const):

  • dom/ScriptedAnimationController.cpp:

(WebCore::ScriptedAnimationController::serviceRequestAnimationFrameCallbacks):
(WebCore::ScriptedAnimationController::scheduleAnimation):
(WebCore::ScriptedAnimationController::animationTimerFired):
(WebCore::ScriptedAnimationController::serviceScriptedAnimations): Deleted.
(WebCore::ScriptedAnimationController::documentAnimationSchedulerDidFire): Deleted.

  • dom/ScriptedAnimationController.h:
  • page/FrameView.cpp:

(WebCore::FrameView::didLayout):
(WebCore::FrameView::viewportContentsChanged):

  • page/FrameViewLayoutContext.cpp:

(WebCore::FrameViewLayoutContext::layoutTimerFired):

  • page/IntersectionObserver.cpp:

(WebCore::IntersectionObserver::observe):

  • page/Page.cpp:

(WebCore::Page::Page):
(WebCore::Page::layoutIfNeeded):
(WebCore::Page::updateRendering):
(WebCore::Page::renderingUpdateScheduler):
(WebCore::Page::willDisplayPage): Deleted.
(WebCore::Page::addDocumentNeedingIntersectionObservationUpdate): Deleted.
(WebCore::Page::updateIntersectionObservations): Deleted.
(WebCore::Page::scheduleForcedIntersectionObservationUpdate): Deleted.
(WebCore::Page::hasResizeObservers const): Deleted.
(WebCore::Page::gatherDocumentsNeedingResizeObservationCheck): Deleted.
(WebCore::Page::checkResizeObservations): Deleted.
(WebCore::Page::scheduleResizeObservations): Deleted.
(WebCore::Page::notifyResizeObservers): Deleted.

  • page/Page.h:

(WebCore::Page::setNeedsCheckResizeObservations): Deleted.
(WebCore::Page::needsCheckResizeObservations const): Deleted.
The IntersectionObserver and the ResizeObserver do not need to schedule
their own timers. The RenderingUpdateScheduler will schedule the "Update
the rendering" step in which these obverses will be served.

  • page/PageOverlayController.cpp:

(WebCore::PageOverlayController::didChangeViewExposedRect):
(WebCore::PageOverlayController::notifyFlushRequired):
Force committing the layers to be 60 fps at maximum.

  • page/RenderingUpdateScheduler.cpp: Added.

(WebCore::RenderingUpdateScheduler::RenderingUpdateScheduler):
(WebCore::RenderingUpdateScheduler::scheduleRenderingUpdate):
(WebCore::RenderingUpdateScheduler::isScheduled const):
(WebCore::RenderingUpdateScheduler::startTimer):
(WebCore::RenderingUpdateScheduler::clearScheduled):
(WebCore::RenderingUpdateScheduler::createDisplayRefreshMonitor const):
(WebCore::RenderingUpdateScheduler::windowScreenDidChange):
(WebCore::RenderingUpdateScheduler::displayRefreshFired):
(WebCore::RenderingUpdateScheduler::scheduleCompositingLayerFlush):

  • page/RenderingUpdateScheduler.h: Added.

(WebCore::RenderingUpdateScheduler::create):

  • page/ResizeObserver.cpp:

(WebCore::ResizeObserver::observe):
(WebCore::ResizeObserver::scheduleObservations): Deleted.

  • page/ResizeObserver.h:

(WebCore::ResizeObserver::hasActiveObservations const):

  • page/ios/ContentChangeObserver.h:
  • page/mac/ServicesOverlayController.mm:

(WebCore::ServicesOverlayController::Highlight::notifyFlushRequired):

  • page/scrolling/ScrollingStateTree.cpp:
  • rendering/RenderLayerCompositor.cpp:

(WebCore::RenderLayerCompositor::scheduleLayerFlushNow):
(WebCore::RenderLayerCompositor::layerTreeAsText):

Source/WebKit:

Replace the calls to Page::layoutIfNeeded() and willDisplayPage() by
a single call to Page::updateRendering(). This new function implements
"Update the rendering" step of the HTML Event Loop specification
<https://html.spec.whatwg.org/multipage/webappapis.html#update-the-rendering>.

  • WebProcess/WebPage/CoordinatedGraphics/DrawingAreaCoordinatedGraphics.cpp:

(WebKit::DrawingAreaCoordinatedGraphics::scheduleCompositingLayerFlush):
(WebKit::DrawingAreaCoordinatedGraphics::updateBackingStoreState):
(WebKit::DrawingAreaCoordinatedGraphics::display):

  • WebProcess/WebPage/CoordinatedGraphics/LayerTreeHost.cpp:

(WebKit::LayerTreeHost::layerFlushTimerFired):

  • WebProcess/WebPage/RemoteLayerTree/RemoteLayerTreeDrawingArea.mm:

(WebKit::RemoteLayerTreeDrawingArea::flushLayers):
-- Call Page::updateRendering() to make sure that "Update the rendering"

happens immediately before updating the page.

-- Move the call to RemoteLayerBackingStoreCollection::willFlushLayers()

to be exactly before flushing the layers. This fixes the assertion
ASSERT(m_inLayerFlush) which was firing when running a layout test.
RemoteLayerTreeDrawingArea::flushLayers() now can call itself through
TestRunner::notifyDone(). flushLayers() was calling willFlushLayers()
twice before calling didFlushLayers().

  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::layoutIfNeeded):
(WebKit::WebPage::updateRendering):
(WebKit::WebPage::willDisplayPage): Deleted.

  • WebProcess/WebPage/WebPage.h:
  • WebProcess/WebPage/mac/TiledCoreAnimationDrawingArea.mm:

(WebKit::TiledCoreAnimationDrawingArea::flushLayers):

Source/WebKitLegacy/mac:

  • WebView/WebView.mm:

(-[WebView _viewWillDrawInternal]):
(-[WebView _flushCompositingChanges]):
Call Page::updateRendering() which implements "Update the rendering"
step of the HTML Event Loop specification.

Source/WebKitLegacy/win:

  • WebView.cpp:

(WebView::updateBackingStore):
(WebView::flushPendingGraphicsLayerChangesSoon):
(WebView::flushPendingGraphicsLayerChanges):
Call Page::updateRendering() which implements "Update the rendering"
step of the HTML Event Loop specification.

Source/WTF:

Add trace points for the page RenderingUpdate.

  • wtf/SystemTracing.h:

Tools:

Add trace points for the page RenderingUpdate.

  • Tracing/SystemTracePoints.plist:

LayoutTests:

There is a slight difference between the actual DRT and the expected DRT
due to animation timing change. But these two tests are not animating
correctly if they are opened in Safari with web animation turned on.

  • accessibility/mac/selection-notification-focus-change-expected.txt:
  • accessibility/mac/selection-notification-focus-change.html:

Remove the debug statements form notificationCallback() since the number
of times this function is called back and the order of notifications are
not defined. This test has been flaky and some trials were made to make
it more reliable. With this change it became flaky again.

  • animations/animation-multiple-callbacks-timestamp.html:

Fix variable names used by an error message.

  • animations/no-style-recalc-during-accelerated-animation-expected.txt:
  • animations/no-style-recalc-during-accelerated-animation.html:

One extra styleReclc was incurred due to the document styleRecalcTimer.
I think this timer is not needed anymore. I will look at removing it in
a separate patch.

  • animations/resources/animation-test-helpers.js:

(waitForAnimationToStart):
The expectation that animation will start at the beginning of the next
event loop is not true anymore. The animation will start at the time the
requestAnimationFrame fires.

  • compositing/video/video-clip-change-src.html:

This test loads a video data and pushes it to the encoder. Originally it
used to wait 150 ms after receiving the second canplaythrough. I had to
change this timing to 250 ms.

  • css3/filters/composited-during-animation.html:

Ditto. setTimeout({...}, 0) versus requestAnimationFrame.

  • media/media-controls-accessibility.html:

Updating the accessibility button happens asynchronously, see
[WebAccessibilityObjectWrapper accessibilityPerformPressAction]. Due to
changing the page update timing, this test became flaky. Originally it used
to setTimeout({...}, 10) to ensure the stringValue of the mutate button
was changed after it was pressed. The fix is to loop using rAF till the
stringValue changes.

  • platform/mac-wk2/accessibility/mac/selection-notification-focus-change-expected.txt: Removed.

The number of time notificationCallback() is called and the order of
notifications are not defined. And this is why we have two expected files:
one for WK1 and the other for WK2. Since the test is now simplified, we
can get rid of this duplication. We will test the minimum reliable thing
we can test.

7:12 PM Changeset in webkit [244181] by rniwa@webkit.org
  • 3 edits
    2 adds in trunk

Nullptr crash in CompositeEditCommand::moveParagraphs when root editable element goes away
https://bugs.webkit.org/show_bug.cgi?id=193027

Reviewed by Wenson Hsieh.

Source/WebCore:

Added an early exit when the root editable element (editing host in HTML5 spec terminology) is null
during CompositeEditCommand::moveParagraphs. This could happen when the website does something crazy
like removing contenteditable content attribute during DOM mutations or when the destination becomes
disconnected (orphaned) from the document due to bugs elsewhere in the codebase.

Test: editing/deleting/merge-paragraphs-null-root-editable-element-crash.html

  • editing/CompositeEditCommand.cpp:

(WebCore::CompositeEditCommand::moveParagraphs): Added an early exit.

LayoutTests:

Added a regression test. Note that the test works around debug assertions in moveParagraphs.
These assertions are generally correct & useful unless the website does something crazy like
removing the contenteditable content attribute during editing operations.

  • editing/deleting/merge-paragraphs-null-root-editable-element-crash-expected.txt: Added.
  • editing/deleting/merge-paragraphs-null-root-editable-element-crash.html: Added.
7:04 PM Changeset in webkit [244180] by Devin Rousso
  • 35 edits in trunk/Source

Web Inspector: save sheet should be anchored underneath the tab bar when detached
https://bugs.webkit.org/show_bug.cgi?id=196722
<rdar://problem/49613280>

Reviewed by Timothy Hatcher.

Source/WebCore:

No web observable change.

  • inspector/InspectorFrontendClient.h:

(WebCore::InspectorFrontendClient::changeSheetRect): Added.

  • inspector/InspectorFrontendClientLocal.h:
  • inspector/InspectorFrontendClientLocal.cpp:

(WebCore::InspectorFrontendClientLocal::changeSheetRect): Added.

  • inspector/InspectorFrontendHost.idl:
  • inspector/InspectorFrontendHost.h:
  • inspector/InspectorFrontendHost.cpp:

(WebCore::InspectorFrontendHost::setSheetRect): Added.

  • testing/Internals.cpp:

(WebCore::InspectorStubFrontend::setSheetRect): Added.

Source/WebInspectorUI:

  • UserInterface/Base/Main.js:

(WI.contentLoaded):

Source/WebKit:

  • WebProcess/WebPage/WebInspectorUI.h:
  • WebProcess/WebPage/WebInspectorUI.cpp:

(WebKit::WebInspectorUI::changeSheetRect): Added.

  • UIProcess/WebInspectorProxy.messages.in:
  • UIProcess/WebInspectorProxy.h:

(WebKit::WebInspectorProxy::sheetRect const): Added.

  • UIProcess/WebInspectorProxy.cpp:

(WebKit::WebInspectorProxy::setSheetRect): Added.
(WebKit::WebInspectorProxy::platformSetSheetRect): Added.

  • UIProcess/gtk/WebInspectorProxyGtk.cpp:

(WebKit::WebInspectorProxy::platformSetSheetRect): Added.

  • UIProcess/mac/WebInspectorProxyMac.mm:

(-[WKWebInspectorProxyObjCAdapter window:willPositionSheet:usingRect:]): Added.
(WebKit::WebInspectorProxy::platformSetSheetRect): Added.

  • UIProcess/win/WebInspectorProxyWin.cpp:

(WebKit::WebInspectorProxy::platformSetSheetRect): Added.

  • UIProcess/wpe/WebInspectorProxyWPE.cpp:

(WebKit::WebInspectorProxy::platformSetSheetRect): Added.

  • WebProcess/WebPage/RemoteWebInspectorUI.h:
  • WebProcess/WebPage/RemoteWebInspectorUI.cpp:

(WebKit::RemoteWebInspectorUI::changeSheetRect): Added.

  • UIProcess/RemoteWebInspectorProxy.messages.in:
  • UIProcess/RemoteWebInspectorProxy.h:

(WebKit::RemoteWebInspectorProxy::sheetRect const): Added.

  • UIProcess/RemoteWebInspectorProxy.cpp:

(WebKit::RemoteWebInspectorProxy::setSheetRect): Added.
(WebKit::RemoteWebInspectorProxy::platformSetSheetRect): Added.

  • UIProcess/gtk/RemoteWebInspectorProxyGtk.cpp:

(WebKit::RemoteWebInspectorProxy::platformSetSheetRect): Added.

  • UIProcess/mac/RemoteWebInspectorProxyMac.mm:

(-[WKRemoteWebInspectorProxyObjCAdapter window:willPositionSheet:usingRect:]): Added.
(WebKit::RemoteWebInspectorProxy::platformCreateFrontendPageAndWindow):
(WebKit::RemoteWebInspectorProxy::platformSetSheetRect): Added.

Source/WebKitLegacy/ios:

  • WebCoreSupport/WebInspectorClientIOS.mm:

(WebInspectorFrontendClient::setSheetRect): Added.

Source/WebKitLegacy/mac:

  • WebCoreSupport/WebInspectorClient.h:

(WebInspectorFrontendClient::sheetRect const): Added.

  • WebCoreSupport/WebInspectorClient.mm:

(-[WebInspectorWindowController window:willPositionSheet:usingRect:]):
(WebInspectorFrontendClient::setSheetRect): Added.

Source/WebKitLegacy/win:

  • WebCoreSupport/WebInspectorClient.h:
  • WebCoreSupport/WebInspectorClient.cpp:

(WebInspectorFrontendClient::setSheetRect): Added.

6:43 PM Changeset in webkit [244179] by aboya@igalia.com
  • 3 edits in trunk/LayoutTests

[GTK] Unreviewed test gardening
https://bugs.webkit.org/show_bug.cgi?id=196800

  • platform/gtk/TestExpectations:
  • platform/gtk/fast/forms/auto-fill-button/input-auto-fill-button-expected.txt:
6:31 PM Changeset in webkit [244178] by sbarati@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

ArithSub over Int52 has shouldCheckOverflow as always true
https://bugs.webkit.org/show_bug.cgi?id=196796

Reviewed by Yusuke Suzuki.

AI was checking for ArithSub over Int52 if !shouldCheckOverflow. However,
shouldCheckOverflow is always true, so !shouldCheckOverflow is always
false. We shouldn't check something we assert against.

  • dfg/DFGAbstractInterpreterInlines.h:

(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):

6:22 PM Changeset in webkit [244177] by aestes@apple.com
  • 2 edits in trunk/Source/WebKit

[iOS] Let PDFHostViewController specify the background color to use for WKPDFView
https://bugs.webkit.org/show_bug.cgi?id=196785
<rdar://problem/48240051>

Reviewed by Tim Horton.

  • UIProcess/ios/WKPDFView.mm:

(-[WKPDFView web_initWithFrame:webView:mimeType:]):

6:19 PM Changeset in webkit [244176] by basuke.suzuki@sony.com
  • 2 edits in trunk/Source/JavaScriptCore

[PlayStation] Specify byte order clearly on Remote Inspector Protocol
https://bugs.webkit.org/show_bug.cgi?id=196790

Reviewed by Ross Kirsling.

Original implementation lacks byte order specification. Network byte order is the
good candidate if there's no strong reason to choose other.
Currently no client exists for PlayStation remote inspector protocol, so we can
change the byte order without care.

  • inspector/remote/playstation/RemoteInspectorMessageParserPlayStation.cpp:

(Inspector::MessageParser::createMessage):
(Inspector::MessageParser::parse):

6:16 PM Changeset in webkit [244175] by Alan Coon
  • 1 edit in branches/safari-607-branch/Tools/TestWebKitAPI/Configurations/FeatureDefines.xcconfig

Unreviewed, missed feature define removal. rdar://problem/47289624

6:11 PM Changeset in webkit [244174] by Alan Coon
  • 24 edits
    2 adds in branches/safari-607-branch

Cherry-pick r243841. rdar://problem/49725678

-apple-trailing-word is needed for browser detection
https://bugs.webkit.org/show_bug.cgi?id=196575

Unreviewed.

PerformanceTests:

  • MotionMark/resources/debug-runner/motionmark.css: (#intro .start-benchmark p):

Source/JavaScriptCore:

  • Configurations/FeatureDefines.xcconfig:

Source/WebCore:

This is an unreviewed partial revert of r243819. Turns out there are some websites
which use this property to do browser detection. So, we need to continue to parse
the property, but we don't need the property to do anything.

Test: fast/text/trailing-word-detection.html

  • Configurations/FeatureDefines.xcconfig:
  • css/CSSComputedStyleDeclaration.cpp: (WebCore::ComputedStyleExtractor::valueForPropertyinStyle):
  • css/CSSPrimitiveValueMappings.h: (WebCore::CSSPrimitiveValue::CSSPrimitiveValue): (WebCore::CSSPrimitiveValue::operator TrailingWord const):
  • css/CSSProperties.json:
  • css/CSSValueKeywords.in:
  • css/parser/CSSParserFastPaths.cpp: (WebCore::CSSParserFastPaths::isValidKeywordPropertyAndValue): (WebCore::CSSParserFastPaths::isKeywordPropertyID):
  • rendering/style/RenderStyle.h: (WebCore::RenderStyle::trailingWord const): (WebCore::RenderStyle::setTrailingWord): (WebCore::RenderStyle::initialTrailingWord):
  • rendering/style/RenderStyleConstants.h:

Source/WebCore/PAL:

  • Configurations/FeatureDefines.xcconfig:

Source/WebKit:

  • Configurations/FeatureDefines.xcconfig:

Source/WebKitLegacy/mac:

  • Configurations/FeatureDefines.xcconfig:

Tools:

  • TestWebKitAPI/Configurations/FeatureDefines.xcconfig:

LayoutTests:

  • fast/text/trailing-word-detection-expected.txt: Added.
  • fast/text/trailing-word-detection.html: Added.
  • platform/gtk/TestExpectations:
  • platform/win/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@243841 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6:11 PM Changeset in webkit [244173] by Alan Coon
  • 33 edits
    4 deletes in branches/safari-607-branch

Cherry-pick r243819. rdar://problem/49725678

Remove support for -apple-trailing-word
https://bugs.webkit.org/show_bug.cgi?id=196525

Reviewed by Zalan Bujtas.

This CSS property is nonstandard and not used.

.:

  • Source/cmake/WebKitFeatures.cmake:

Source/JavaScriptCore:

  • Configurations/FeatureDefines.xcconfig:

Source/WebCore:

  • Configurations/FeatureDefines.xcconfig:
  • css/CSSComputedStyleDeclaration.cpp: (WebCore::ComputedStyleExtractor::valueForPropertyinStyle):
  • css/CSSPrimitiveValueMappings.h: (WebCore::CSSPrimitiveValue::operator TrailingWord const): Deleted.
  • css/CSSProperties.json:
  • css/CSSValueKeywords.in:
  • css/parser/CSSParserFastPaths.cpp: (WebCore::CSSParserFastPaths::isValidKeywordPropertyAndValue): (WebCore::CSSParserFastPaths::isKeywordPropertyID):
  • rendering/SimpleLineLayout.cpp: (WebCore::SimpleLineLayout::canUseForStyle):
  • rendering/SimpleLineLayoutCoverage.cpp: (WebCore::SimpleLineLayout::printReason):
  • rendering/SimpleLineLayoutCoverage.h:
  • rendering/line/BreakingContext.h: (WebCore::BreakingContext::BreakingContext): (WebCore::BreakingContext::lineBreak): (WebCore::BreakingContext::clearLineBreakIfFitsOnLine): (WebCore::BreakingContext::commitLineBreakClear): (WebCore::BreakingContext::commitLineBreakAtCurrentWidth): (WebCore::BreakingContext::handleBR): (WebCore::BreakingContext::handleFloat): (WebCore::BreakingContext::handleText): (WebCore::BreakingContext::handleEndOfLine): (WebCore::BreakingContext::InlineIteratorHistory::InlineIteratorHistory): Deleted. (WebCore::BreakingContext::InlineIteratorHistory::push): Deleted. (WebCore::BreakingContext::InlineIteratorHistory::update): Deleted. (WebCore::BreakingContext::InlineIteratorHistory::renderer const): Deleted. (WebCore::BreakingContext::InlineIteratorHistory::offset const): Deleted. (WebCore::BreakingContext::InlineIteratorHistory::nextBreakablePosition const): Deleted. (WebCore::BreakingContext::InlineIteratorHistory::atTextParagraphSeparator const): Deleted. (WebCore::BreakingContext::InlineIteratorHistory::previousInSameNode const): Deleted. (WebCore::BreakingContext::InlineIteratorHistory::get const): Deleted. (WebCore::BreakingContext::InlineIteratorHistory::current const): Deleted. (WebCore::BreakingContext::InlineIteratorHistory::historyLength const): Deleted. (WebCore::BreakingContext::InlineIteratorHistory::moveTo): Deleted. (WebCore::BreakingContext::InlineIteratorHistory::increment): Deleted. (WebCore::BreakingContext::InlineIteratorHistory::clear): Deleted. (WebCore::BreakingContext::optimalLineBreakLocationForTrailingWord): Deleted.
  • rendering/style/RenderStyle.h: (WebCore::RenderStyle::trailingWord const): Deleted. (WebCore::RenderStyle::setTrailingWord): Deleted. (WebCore::RenderStyle::initialTrailingWord): Deleted.
  • rendering/style/RenderStyleConstants.h:
  • rendering/style/StyleRareInheritedData.cpp: (WebCore::StyleRareInheritedData::StyleRareInheritedData): (WebCore::StyleRareInheritedData::operator== const):
  • rendering/style/StyleRareInheritedData.h:

Source/WebCore/PAL:

  • Configurations/FeatureDefines.xcconfig:

Source/WebInspectorUI:

  • UserInterface/Models/CSSKeywordCompletions.js:

Source/WebKit:

  • Configurations/FeatureDefines.xcconfig:

Source/WebKitLegacy/mac:

  • Configurations/FeatureDefines.xcconfig:

Tools:

  • Scripts/webkitperl/FeatureList.pm:
  • TestWebKitAPI/Configurations/FeatureDefines.xcconfig:

LayoutTests:

  • fast/text/trailing-word-expected.html: Removed.
  • fast/text/trailing-word.html: Removed.
  • platform/gtk/TestExpectations:
  • platform/mac/fast/text/trailing-word-parse-expected.txt: Removed.
  • platform/mac/fast/text/trailing-word-parse.html: Removed.
  • platform/win/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@243819 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5:33 PM Changeset in webkit [244172] by Devin Rousso
  • 7 edits in trunk/Source

Source/JavaScriptCore:

Web Inspector: Inspector: lazily create the agent
https://bugs.webkit.org/show_bug.cgi?id=195971
<rdar://problem/49039645>

Reviewed by Joseph Pecoraro.

  • inspector/JSGlobalObjectInspectorController.cpp: (Inspector::JSGlobalObjectInspectorController::JSGlobalObjectInspectorController): (Inspector::JSGlobalObjectInspectorController::connectFrontend): (Inspector::JSGlobalObjectInspectorController::appendExtraAgent): (Inspector::JSGlobalObjectInspectorController::createLazyAgents):
  • inspector/agents/InspectorAgent.h:
  • inspector/agents/InspectorAgent.cpp:

Source/WebCore:
Web Inspector: Inspector: lazily create the agent
https://bugs.webkit.org/show_bug.cgi?id=195971
<rdar://problem/49039645>

Reviewed by Joseph Pecoraro.

No change in functionality.

  • inspector/InspectorController.h:
  • inspector/InspectorController.cpp:

(WebCore::InspectorController::InspectorController):
(WebCore::InspectorController::createLazyAgents):
(WebCore::InspectorController::evaluateForTestInFrontend):
(WebCore::InspectorController::ensureInspectorAgent):

5:08 PM Changeset in webkit [244171] by Fujii Hironori
  • 4 edits
    1 delete in trunk/Tools

[Win] Use a bundled vswhere.exe instead of downloading by update-vswhere.py
https://bugs.webkit.org/show_bug.cgi?id=196760

Reviewed by Don Olmstead.

vswhere.exe has been bundled since Visual Studio 2017 version
15.2. We shouldn't download vswhere.exe.

  • Scripts/build-jsc: Do not call update-vswhere.py.
  • Scripts/build-webkit: Ditto.
  • Scripts/update-vswhere.py: Removed.
  • Scripts/webkitdirs.pm:

(requireModulesForVSWhere): Deleted.
(pickCurrentVisualStudioInstallation): Deleted.
(visualStudioInstallDirVSWhere): Return the latest installed VS
installation path by using the bundled vswhere.exe.
(setupCygwinEnv): Removed a unused variable $visualStudioPath.
(visualStudioInstallDirFallback): Removed.

4:57 PM Changeset in webkit [244170] by Chris Dumez
  • 4 edits in trunk/Source/WebKit

Unreviewed, rolling out r244146.

Caused a few DeviceOrientation API test failures on iOS

Reverted changeset:

"Unable to run system Safari with trunk WebKit"
https://bugs.webkit.org/show_bug.cgi?id=196777
https://trac.webkit.org/changeset/244146

4:35 PM Changeset in webkit [244169] by Megan Gardner
  • 2 edits in trunk/Source/WebCore

Remove unneeded extern C
https://bugs.webkit.org/show_bug.cgi?id=196786

Reviewed by Tim Horton.

No tests needed, just needs to compile.

Removing staging hack for Reveal framework.

  • editing/cocoa/DictionaryLookup.mm:
4:18 PM Changeset in webkit [244168] by youenn@apple.com
  • 2 edits in trunk/LayoutTests

[ Mojave WK2 iOS Sim ] Layout Test http/wpt/cache-storage/quota-third-party.https.html is a flaky failure
https://bugs.webkit.org/show_bug.cgi?id=196358
<rdar://problem/49388128>

Unreviewed.

  • platform/ios-simulator-wk2/TestExpectations:

Mark test as slow.

4:15 PM Changeset in webkit [244167] by Devin Rousso
  • 6 edits in trunk/Source

Web Inspector: REGRESSION: lazy agents used outside of frontend/instrumentation can be accessed before being created
https://bugs.webkit.org/show_bug.cgi?id=196725
<rdar://problem/49669810>

Reviewed by Timothy Hatcher.

Source/WebCore:

Move the logic for creating the InspectorPageAgent and InspectorDOMAgent into separate
functions so that callers into InspectorController can be guaranteed to have a valid
instance of the agent.

This doesn't interfere with the Page.enable command, as it doesn't clear any saved state.
There is no DOM.enable command, so there's no issue there either.

  • inspector/InspectorController.h:

(WebCore::InspectorController::pageAgent): Deleted.

  • inspector/InspectorController.cpp:

(WebCore::InspectorController::createLazyAgents):
(WebCore::InspectorController::inspect):
(WebCore::InspectorController::hideHighlight):
(WebCore::InspectorController::ensureDOMAgent): Added.
(WebCore::InspectorController::ensurePageAgent): Added.

  • inspector/InspectorFrontendClientLocal.cpp:

(WebCore::InspectorFrontendClientLocal::showMainResourceForFrame):

Source/WebKit:

  • WebProcess/WebPage/WebInspector.cpp:

(WebKit::WebInspector::showMainResourceForFrame):

4:04 PM Changeset in webkit [244166] by Alan Coon
  • 3 edits in branches/safari-607-branch/Source/WebCore

Cherry-pick r244034. rdar://problem/49790376

LibWebRTCMediaEndpoint does not need to hop to the signaling thread to gather stats
https://bugs.webkit.org/show_bug.cgi?id=196697
<rdar://problem/47477113>

Reviewed by Eric Carlson.

It is not thread safe to use m_backend in another thread than the main thread.
It is not useful anymore to hop to the signaling thread to gather stats.
No change of behavior.

  • Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp: (WebCore::LibWebRTCMediaEndpoint::getStats): (WebCore::LibWebRTCMediaEndpoint::gatherStatsForLogging):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@244034 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4:04 PM Changeset in webkit [244165] by Alan Coon
  • 4 edits
    1 add in branches/safari-607-branch

Cherry-pick r243487. rdar://problem/49788895

Do not terminate the NetworkProcess if a third party application sends a NSCredential with a SecIdentityRef
https://bugs.webkit.org/show_bug.cgi?id=196213

Patch by Alex Christensen <achristensen@webkit.org> on 2019-03-25
Reviewed by Geoff Garen.

Source/WebKit:

A release assertion added in r230225 was reachable. I reached it in a unit test that responds to a challenge
with a SecIdentityRef wrapped in an NSCredential.

  • Shared/cf/ArgumentCodersCF.cpp: (IPC::decode):

Tools:

  • TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
  • TestWebKitAPI/Tests/WebKitCocoa/Challenge.mm: Added. (credentialWithIdentityAndKeychainPath): (-[ChallengeDelegate webView:didFinishNavigation:]): (-[ChallengeDelegate webView:didReceiveAuthenticationChallenge:completionHandler:]): (TestWebKitAPI::TEST):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@243487 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4:04 PM Changeset in webkit [244164] by aakash_jain@apple.com
  • 3 edits in trunk/Tools

[ews-build] PrintConfiguration should display Xcode version instead of SDKVersion
https://bugs.webkit.org/show_bug.cgi?id=196780

Reviewed by Alexey Proskuryakov.

  • BuildSlaveSupport/ews-build/steps.py:
  • BuildSlaveSupport/ews-build/steps_unittest.py:
4:02 PM Changeset in webkit [244163] by sbarati@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

Work around an arm64_32 LLVM miscompile bug
https://bugs.webkit.org/show_bug.cgi?id=196788

Reviewed by Yusuke Suzuki.

  • runtime/CachedTypes.cpp:
3:59 PM Changeset in webkit [244162] by youenn@apple.com
  • 2 edits in trunk/Source/WebKit

Clear Cache Storage structures before removing all related files
https://bugs.webkit.org/show_bug.cgi?id=196650

Reviewed by Alex Christensen.

Previously, we were clearing files in parallel to clearing the internal CacheStorage structures.
To make things more deterministic, clear files/folders directly
after CachesStorage structures have finished being cleared.

  • NetworkProcess/cache/CacheStorageEngine.cpp:

(WebKit::CacheStorage::Engine::clearAllCaches):
(WebKit::CacheStorage::Engine::clearCachesForOrigin):

3:56 PM Changeset in webkit [244161] by commit-queue@webkit.org
  • 25 edits in trunk

Add SPI WKNavigationResponse._downloadAttribute
https://bugs.webkit.org/show_bug.cgi?id=196755
<rdar://49587365>

Patch by Alex Christensen <achristensen@webkit.org> on 2019-04-10
Reviewed by Brady Eidson.

Source/WebCore:

Covered by an API test that validates the attribute is correctly sent through the FrameLoader to the API.
When a user clicks on a link with a download attribute, the download attribute should be used as the suggested filename sometimes.
The application needs this information after it has received the response in order to make fully informed decisions about downloads.
In order to get this attribute to the decidePolicyForNavigationResponse, we need to store the attribute on the DocumentLoader
from the FrameLoadRequest then send it from the DocumentLoader when the response is received.

  • loader/DocumentLoader.h:

(WebCore::DocumentLoader::setDownloadAttribute):
(WebCore::DocumentLoader::downloadAttribute const):

  • loader/EmptyFrameLoaderClient.h:
  • loader/FrameLoader.cpp:

(WebCore::FrameLoader::checkContentPolicy):
(WebCore::FrameLoader::loadURL):
(WebCore::FrameLoader::loadWithNavigationAction):
(WebCore::FrameLoader::loadPostRequest):

  • loader/FrameLoader.h:

(WebCore::FrameLoader::loadWithNavigationAction):

  • loader/FrameLoaderClient.h:

Source/WebKit:

  • UIProcess/API/APINavigationResponse.h:
  • UIProcess/API/Cocoa/WKNavigationResponse.mm:

(-[WKNavigationResponse _downloadAttribute]):

  • UIProcess/API/Cocoa/WKNavigationResponsePrivate.h:
  • UIProcess/ProvisionalPageProxy.cpp:

(WebKit::ProvisionalPageProxy::decidePolicyForResponse):

  • UIProcess/ProvisionalPageProxy.h:
  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::decidePolicyForResponse):
(WebKit::WebPageProxy::decidePolicyForResponseShared):

  • UIProcess/WebPageProxy.h:
  • UIProcess/WebPageProxy.messages.in:
  • WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:

(WebKit::WebFrameLoaderClient::dispatchDecidePolicyForResponse):

  • WebProcess/WebCoreSupport/WebFrameLoaderClient.h:

Source/WebKitLegacy/mac:

  • WebCoreSupport/WebFrameLoaderClient.h:
  • WebCoreSupport/WebFrameLoaderClient.mm:

(WebFrameLoaderClient::dispatchDecidePolicyForResponse):

Source/WebKitLegacy/win:

  • WebCoreSupport/WebFrameLoaderClient.cpp:

(WebFrameLoaderClient::dispatchDecidePolicyForResponse):

  • WebCoreSupport/WebFrameLoaderClient.h:

Tools:

  • TestWebKitAPI/Tests/WebKitCocoa/WKNavigationResponse.mm:

(-[NavigationResponseTestDelegate navigationResponse]):
(-[NavigationResponseTestDelegate waitForNavigationResponseCallback]):
(-[NavigationResponseTestDelegate waitForNavigationFinishedCallback]):
(-[NavigationResponseTestDelegate webView:decidePolicyForNavigationAction:decisionHandler:]):
(-[NavigationResponseTestDelegate webView:didFinishNavigation:]):
(-[NavigationResponseTestDelegate webView:decidePolicyForNavigationResponse:decisionHandler:]):
(readRequest):
(writeResponse):
(TEST):

3:55 PM Changeset in webkit [244160] by youenn@apple.com
  • 15 edits in trunk

SWClientConnection should not double hop to fire some events
https://bugs.webkit.org/show_bug.cgi?id=196735

Reviewed by Alex Christensen.

Source/WebCore:

Some events, like postMessage in service workers is hopping from main thread to service worker thread to dispatch events.
Some other events, like service worker state update, are hopping from main thread to service worker thread, then posting a task to dispatch events.
This may create ordering problems.

To fix the issue, we now hop to the service worker thread and dispatch the events.
In addition, for documents, we post a task and do the whole service worker processing in it.
This ensures that some tests, like whether there is a service worker container,
or creation of a service worker are done consistently.

Covered by unflaked test.

  • workers/service/SWClientConnection.cpp:

(WebCore::SWClientConnection::updateRegistrationState):
(WebCore::SWClientConnection::updateWorkerState):
(WebCore::SWClientConnection::fireUpdateFoundEvent):
(WebCore::SWClientConnection::notifyClientsOfControllerChange):

  • workers/service/ServiceWorker.cpp:

(WebCore::ServiceWorker::updateState):

  • workers/service/ServiceWorker.h:
  • workers/service/ServiceWorkerContainer.cpp:

(WebCore::ServiceWorkerContainer::updateRegistrationState):
(WebCore::ServiceWorkerContainer::fireUpdateFoundEvent):
(WebCore::ServiceWorkerContainer::fireControllerChangeEvent):

  • workers/service/ServiceWorkerContainer.h:
  • workers/service/ServiceWorkerJob.cpp:

(WebCore::ServiceWorkerJob::notifyFinished):
Notify of the script URL in the error message.
This will help diagnose flakiness issues.

  • workers/service/ServiceWorkerRegistration.cpp:

(WebCore::ServiceWorkerRegistration::fireUpdateFoundEvent):

  • workers/service/ServiceWorkerRegistration.h:

Source/WebKit:

Removed unnecessary method.

  • WebProcess/Storage/WebSWClientConnection.cpp:
  • WebProcess/Storage/WebSWClientConnection.h:

LayoutTests:

  • platform/mac-wk2/TestExpectations:
3:50 PM Changeset in webkit [244159] by pvollan@apple.com
  • 2 edits in trunk/Source/WebKit

[iOS] Fix iokit-get-properties sandbox violations
https://bugs.webkit.org/show_bug.cgi?id=196782
<rdar://problem/49497720>

Reviewed by Brent Fulgham.

Add iokit properties to the WebContent sandbox on iOS.

  • Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:
3:48 PM Changeset in webkit [244158] by Devin Rousso
  • 25 edits in trunk/Source

Web Inspector: Timelines: can't reliably stop/start a recording
https://bugs.webkit.org/show_bug.cgi?id=196778
<rdar://problem/47606798>

Reviewed by Timothy Hatcher.

Source/JavaScriptCore:

  • inspector/protocol/ScriptProfiler.json:
  • inspector/protocol/Timeline.json:

It is possible to determine when programmatic capturing starts/stops in the frontend based
on the state when the backend causes the state to change, such as if the state is "inactive"
when the frontend is told that the backend has started capturing.

  • inspector/protocol/CPUProfiler.json:
  • inspector/protocol/Memory.json:

Send an end timestamp to match other instruments.

  • inspector/JSGlobalObjectConsoleClient.cpp:

(Inspector::JSGlobalObjectConsoleClient::startConsoleProfile):
(Inspector::JSGlobalObjectConsoleClient::stopConsoleProfile):

  • inspector/agents/InspectorScriptProfilerAgent.h:
  • inspector/agents/InspectorScriptProfilerAgent.cpp:

(Inspector::InspectorScriptProfilerAgent::trackingComplete):
(Inspector::InspectorScriptProfilerAgent::programmaticCaptureStarted): Deleted.
(Inspector::InspectorScriptProfilerAgent::programmaticCaptureStopped): Deleted.

Source/WebCore:

  • inspector/agents/InspectorTimelineAgent.cpp:

(WebCore::InspectorTimelineAgent::startProgrammaticCapture):
(WebCore::InspectorTimelineAgent::stopProgrammaticCapture):
It is possible to determine when programmatic capturing starts/stops in the frontend based
on the state when the backend causes the state to change, such as if the state is "inactive"
when the frontend is told that the backend has started capturing.

  • inspector/agents/InspectorCPUProfilerAgent.cpp:

(WebCore::InspectorCPUProfilerAgent::stopTracking):

  • inspector/agents/InspectorMemoryAgent.cpp:

(WebCore::InspectorMemoryAgent::stopTracking):
Send an end timestamp to match other instruments.

Source/WebInspectorUI:

Rather than have a binary state of capturing/not-capturing, we should use a four state:

  1. inactive (when the backend has stopped capturing)
  2. starting (when the frontend requests capturing to start)
  3. active (when the backend has started capturing)
  4. stopping (when the frontend requests capturing to stop)

Capturing is considered "on" when not in an "inactive" state. Prevent the frontend from
starting/stopping capturing unless we're in a "stable" ("inactive" or "active") state, not a
"transition" ("starting" or "stopping") state.

One "side effect" of this change is that since the capturing is considered active until the
backend has stopped capturing, we will continue to process records in the frontend even if
the frontend has requested to stop capturing. <https://webkit.org/b/152904>

  • UserInterface/Controllers/TimelineManager.js:

(WI.TimelineManager):
(WI.TimelineManager.prototype.get capturingState): Added.
(WI.TimelineManager.prototype.reset):
(WI.TimelineManager.prototype.get activeRecording):
(WI.TimelineManager.prototype.set autoCaptureOnPageLoad):
(WI.TimelineManager.prototype.isCapturing):
(WI.TimelineManager.prototype.startCapturing):
(WI.TimelineManager.prototype.stopCapturing):
(WI.TimelineManager.prototype.processJSON):
(WI.TimelineManager.prototype.capturingStarted):
(WI.TimelineManager.prototype.capturingStopped):
(WI.TimelineManager.prototype.autoCaptureStarted):
(WI.TimelineManager.prototype.eventRecorded):
(WI.TimelineManager.prototype.pageDOMContentLoadedEventFired):
(WI.TimelineManager.prototype.pageLoadEventFired):
(WI.TimelineManager.prototype.cpuProfilerTrackingUpdated):
(WI.TimelineManager.prototype.cpuProfilerTrackingCompleted):
(WI.TimelineManager.prototype.memoryTrackingUpdated):
(WI.TimelineManager.prototype.memoryTrackingCompleted):
(WI.TimelineManager.prototype.heapTrackingStarted):
(WI.TimelineManager.prototype.heapTrackingCompleted):
(WI.TimelineManager.prototype.heapSnapshotAdded):
(WI.TimelineManager.prototype._updateCapturingState): Added.
(WI.TimelineManager.prototype._processRecord):
(WI.TimelineManager.prototype._processEvent):
(WI.TimelineManager.prototype._loadNewRecording):
(WI.TimelineManager.prototype._addRecord):
(WI.TimelineManager.prototype._attemptAutoCapturingForFrame):
(WI.TimelineManager.prototype._legacyAttemptStartAutoCapturingForFrame):
(WI.TimelineManager.prototype._stopAutoRecordingSoon):
(WI.TimelineManager.prototype._resetAutoRecordingDeadTimeTimeout):
(WI.TimelineManager.prototype._mainResourceDidChange):
(WI.TimelineManager.prototype._resourceWasAdded):
(WI.TimelineManager.prototype._garbageCollected):
(WI.TimelineManager.prototype._memoryPressure):
(WI.TimelineManager.prototype._handleTimelinesAutoStopSettingChanged):
(WI.TimelineManager.prototype.scriptProfilerTrackingCompleted):
(WI.TimelineManager.prototype._handleDOMNodeDidFireEvent):
(WI.TimelineManager.prototype._handleDOMNodeLowPowerChanged):
(WI.TimelineManager.prototype.unloadRecording): Deleted.
(WI.TimelineManager.prototype.programmaticCaptureStarted): Deleted.
(WI.TimelineManager.prototype.programmaticCaptureStopped): Deleted.
(WI.TimelineManager.prototype.scriptProfilerProgrammaticCaptureStarted): Deleted.
(WI.TimelineManager.prototype.scriptProfilerProgrammaticCaptureStopped): Deleted.

  • UserInterface/Protocol/ScriptProfilerObserver.js:

(WI.ScriptProfilerObserver.prototype.trackingComplete):
(WI.ScriptProfilerObserver.prototype.programmaticCaptureStarted):
(WI.ScriptProfilerObserver.prototype.programmaticCaptureStopped):

  • UserInterface/Protocol/TimelineObserver.js:

(WI.TimelineObserver.prototype.programmaticCaptureStarted):
(WI.TimelineObserver.prototype.programmaticCaptureStopped):
It is possible to determine when programmatic capturing starts/stops in the frontend based
on the state when the backend causes the state to change, such as if the state is "inactive"
when the frontend is told that the backend has started capturing.

  • UserInterface/Protocol/CPUProfilerObserver.js:

(WI.CPUProfilerObserver.prototype.trackingComplete):

  • UserInterface/Protocol/MemoryObserver.js:

(WI.MemoryObserver.prototype.trackingComplete):
Send an end timestamp to match other instruments.

  • UserInterface/Controllers/DebuggerManager.js:

(WI.DebuggerManager):
(WI.DebuggerManager.prototype._handleTimelineCapturingStateChanged): Added.
(WI.DebuggerManager.prototype._timelineCapturingWillStart): Deleted.
(WI.DebuggerManager.prototype._timelineCapturingStopped): Deleted.

  • UserInterface/Models/DefaultDashboard.js:

(WI.DefaultDashboard):
(WI.DefaultDashboard.prototype._handleTimelineCapturingStateChanged): Added.
(WI.DefaultDashboard.prototype._capturingStopped): Deleted.

  • UserInterface/Views/DebuggerSidebarPanel.js:

(WI.DebuggerSidebarPanel):
(WI.DebuggerSidebarPanel.prototype._handleTimelineCapturingStateChanged): Added.
(WI.DebuggerSidebarPanel.prototype._timelineCapturingWillStart): Deleted.
(WI.DebuggerSidebarPanel.prototype._timelineCapturingStopped): Deleted.

  • UserInterface/Views/SourcesNavigationSidebarPanel.js:

(WI.SourcesNavigationSidebarPanel):
(WI.SourcesNavigationSidebarPanel.prototype._handleTimelineCapturingStateChanged): Added.
(WI.SourcesNavigationSidebarPanel.prototype._handleTimelineCapturingWillStart): Deleted.
(WI.SourcesNavigationSidebarPanel.prototype._handleTimelineCapturingStopped): Deleted.

  • UserInterface/Views/TimelineOverview.js:

(WI.TimelineOverview):
(WI.TimelineOverview.prototype._handleTimelineCapturingStateChanged): Added.
(WI.TimelineOverview.prototype._capturingStarted): Deleted.
(WI.TimelineOverview.prototype._capturingStopped): Deleted.

  • UserInterface/Views/TimelineRecordingContentView.js:

(WI.TimelineRecordingContentView):
(WI.TimelineRecordingContentView.prototype._handleTimelineCapturingStateChanged): Added.
(WI.TimelineRecordingContentView.prototype._recordingUnloaded):
(WI.TimelineRecordingContentView.prototype._capturingStarted): Deleted.
(WI.TimelineRecordingContentView.prototype._capturingStopped): Deleted.

  • UserInterface/Views/TimelineTabContentView.js:

(WI.TimelineTabContentView):
(WI.TimelineTabContentView.prototype._handleTimelineCapturingStateChanged): Added.
(WI.TimelineTabContentView.prototype._capturingStartedOrStopped): Deleted.
Use the new single event for all Timelines capture state changes.
Prevent the record button from being clicked when capturing is in a transition state.

3:47 PM Changeset in webkit [244157] by Devin Rousso
  • 3 edits in trunk/Source/WebInspectorUI

Web Inspector: REGRESSION: Audit: result UI shown on first open if an audit was previously selected
https://bugs.webkit.org/show_bug.cgi?id=196723
<rdar://problem/49722252>

Reviewed by Timothy Hatcher.

When opening Web Inspector for the first time, we will trigger resize layouts on the main
content area as Web Inspector is resized to it's old window size.

Rather than treating this layout as a View.LayoutReason.Resize, we should treat the
first layout (e.g. initialLayout) as a View.LayoutReason.Dirty instead, as there was
previously no content.

  • UserInterface/Views/View.js:

(WI.View.prototype._layoutSubtree):
(WI.View.prototype._setLayoutReason):

  • UserInterface/Views/AuditTestContentView.js:

(WI.AuditTestContentView):
Drive-by: ensure that this class is not instantiated directly.

3:47 PM Changeset in webkit [244156] by Devin Rousso
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: Debugger: current call frame indicator is indented when there is more than one thread
https://bugs.webkit.org/show_bug.cgi?id=196580
<rdar://problem/49582138>

Reviewed by Timothy Hatcher.

  • UserInterface/Views/CallFrameTreeElement.css:

(.tree-outline .item.call-frame .status):
(.tree-outline.single-thread .item.call-frame .status): Added.

3:44 PM Changeset in webkit [244155] by Devin Rousso
  • 9 edits in trunk

Web Inspector: REGRESSION (r238602): Elements: deleting the last child of a collapsed parent selects the parent's next sibling
https://bugs.webkit.org/show_bug.cgi?id=192711
<rdar://problem/46738990>

Reviewed by Timothy Hatcher.

Original patch by Matt Baker <Matt Baker>.

Source/WebInspectorUI:

  • UserInterface/Controllers/SelectionController.js:

(WI.SelectionController.prototype.removeSelectedItems):
When looking for a new item to select, start with the item preceding the
selection, instead of the item following the selection. This matches
pre-multiple selection behavior, as well as Mail and Xcode.

  • UserInterface/Views/DOMTreeElement.js:

(WI.DOMTreeElement.prototype.onexpand):
Drive-by fix: when a hidden node is selected, its selection area is drawn
with a height of 0px. Update the selection area once the hidden node's
parent is expanded. AFAIK, this has always been broken.

  • UserInterface/Views/DOMTreeOutline.js:

(WI.DOMTreeOutline.prototype.ondelete):
After a delete the SelectionController may have chosen a child of a
collapsed parent as the new selected item. If the item isn't the closing tag (e.g. after
deleting the last child), reveal it.

(WI.DOMTreeOutline.prototype.selectionControllerPreviousSelectableItem):

  • UserInterface/Views/TreeElement.js:

(WI.TreeElement.prototype.get previousSelectableSibling): Added.
(WI.TreeElement.prototype.get nextSelectableSibling): Added.

  • UserInterface/Views/TreeOutline.js:

(WI.TreeOutline.prototype.selectionControllerPreviousSelectableItem):
(WI.TreeOutline.prototype.selectionControllerNextSelectableItem):
Set skipUnrevealed to false, so that children of collapsed parent nodes
are considered when looking for an item to selected after a delete. Hidden TreeElements
are still ignored as they aren't selectable.

LayoutTests:

  • inspector/table/table-remove-rows.html:
  • inspector/table/table-remove-rows-expected.txt:
3:44 PM Changeset in webkit [244154] by Devin Rousso
  • 10 edits
    3 adds in trunk

Web Inspector: Elements tab: multiple selection lost after navigating to another tab
https://bugs.webkit.org/show_bug.cgi?id=192681
<rdar://problem/46709392>

Reviewed by Timothy Hatcher.

Orginal patch by Matt Baker <Matt Baker>.

Source/WebInspectorUI:

  • UserInterface/Controllers/SelectionController.js:

(WI.SelectionController.prototype.selectItem):
Simplify internal logic by removing an early return.

(WI.SelectionController.prototype.selectItems): Added.
(WI.SelectionController.prototype.selectAll):
Provide a means to select multiple items in a single operation.
If _lastSelectedItem is not in the items to select, the last
item being selected will become the last selected item.

(WI.SelectionController.prototype._deselectAllAndSelect):
Drive-by fix: correct a logic error. If no items are selected, the item
passed as an argument should still become selected.

  • UserInterface/Views/TreeOutline.js:

(WI.TreeOutline.prototype.selectTreeElements): Added.

  • UserInterface/Views/DOMTreeElement.js:

(WI.DOMTreeElement):
(WI.DOMTreeElement.prototype.get closeTagTreeElement): Added.
(WI.DOMTreeElement.prototype._updateChildren):
Make the close tag TreeElement available from the open tag TreeElement.

  • UserInterface/Views/DOMTreeOutline.js:

(WI.DOMTreeOutline.prototype.update):
Restore selected TreeElements after updating.

  • UserInterface/Base/Utilities.js:
  • UserInterface/Test.html:

LayoutTests:

  • inspector/tree-outline/tree-outline-selection.html: Added.
  • inspector/tree-outline/tree-outline-selection-expected.txt: Added.

Add TreeOutline tests for single and multiple selection.

  • inspector/unit-tests/set-utilities.html:
  • inspector/unit-tests/set-utilities-expected.txt:

Add tests for Set.prototype.lastValue.

2:48 PM Changeset in webkit [244153] by Alan Coon
  • 7 edits in tags/Safari-608.1.16.1/Source

Versioning.

2:33 PM Changeset in webkit [244152] by Alan Coon
  • 1 copy in tags/Safari-608.1.16.1

New tag.

2:32 PM Changeset in webkit [244151] by timothy_horton@apple.com
  • 16 edits
    1 add in trunk

Add modern API for overriding the page's specified viewport configuration
https://bugs.webkit.org/show_bug.cgi?id=167734
<rdar://problem/30331795>

Reviewed by Simon Fraser.

Source/WebCore:

New API test: WebKit.OverrideViewportArguments

  • dom/Document.cpp:

(WebCore::Document::updateViewportArguments):

  • dom/Document.h:

(WebCore::Document::viewportArguments const):
Make the viewportArguments() getter respect the overridden arguments.

  • dom/ViewportArguments.cpp:

(WebCore::numericPrefix):
(WebCore::findSizeValue):
(WebCore::findScaleValue):
(WebCore::findBooleanValue):
(WebCore::parseViewportFitValue):
(WebCore::viewportErrorMessage):
(WebCore::reportViewportWarning):
(WebCore::setViewportFeature):

  • dom/ViewportArguments.h:

Make it possible to parse ViewportArguments without a Document, so
that it can be used in the UI process. We only used the Document for
two things: error reporting, and getting the state of one setting.
Refactor error handling to use a passed-arund function, and add a
variant of setViewportFeature() that doesn't take a Document.

Source/WebKit:

  • Shared/WebPageCreationParameters.cpp:

(WebKit::WebPageCreationParameters::encode const):
(WebKit::WebPageCreationParameters::decode):

  • Shared/WebPageCreationParameters.h:

Plumb overrideViewportArguments in WebPageCreationParameters, so that
if the process crashes (or swaps) they are maintained.

  • UIProcess/API/Cocoa/WKWebView.mm:

(viewportArgumentsFromDictionary):
(-[WKWebView _overrideViewportWithArguments:]):
Add SPI to set override viewport arguments. Parse them into a ViewportArguments
object and use the existing (now improved) overrideViewportArguments mechanism
to take over the page's viewport arguments.

  • UIProcess/API/Cocoa/WKWebViewPrivate.h:
  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::creationParameters):

  • UIProcess/WebPageProxy.h:
  • UIProcess/ios/WebPageProxyIOS.mm:

(WebKit::WebPageProxy::setOverrideViewportArguments):

  • WebProcess/WebPage/WebPage.cpp:

Plumb overrideViewportArguments around more.

Tools:

  • TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
  • TestWebKitAPI/Tests/WebKitCocoa/OverrideViewportArguments.mm: Added.
2:16 PM Changeset in webkit [244150] by youenn@apple.com
  • 4 edits in trunk/LayoutTests

Layout Test http/wpt/fetch/response-opaque-clone.html is sometimes timing out on iOS simulator
https://bugs.webkit.org/show_bug.cgi?id=194525
<rdar://problem/48012229>

Reviewed by Alex Christensen.

Test is no longer flaky on MacOS.
As per flakiness dashboard, it sometimes times out on iOS simulator.
It sometimes passes after running for 20 seconds.
Mark it as Slow and improve the test to output more sub-tests.
Removed unnecessary removal of cache since test runner will clear them at the end of the test.

  • http/wpt/fetch/response-opaque-clone-expected.txt:
  • http/wpt/fetch/response-opaque-clone.html:
  • platform/ios-simulator-wk2/TestExpectations:
2:15 PM Changeset in webkit [244149] by Tadeu Zagallo
  • 2 edits in trunk/Source/JavaScriptCore

Unreviewed, fix watch build after r244143
https://bugs.webkit.org/show_bug.cgi?id=195000

The result of lseek should be off_t rather than int.

  • jsc.cpp:
1:49 PM Changeset in webkit [244148] by jiewen_tan@apple.com
  • 8 edits in trunk/Source/WebKit

Add runJavaScriptInFrame for WebPageProxy/WebPage
https://bugs.webkit.org/show_bug.cgi?id=196750
<rdar://problem/49755738>

Reviewed by Youenn Fablet.

Tests of the new method will be covered by the internal counterpart.

  • UIProcess/WebFrameProxy.cpp:

(WebKit::WebFrameProxy::loadData):

  • UIProcess/WebFrameProxy.h:

Add a comment.

  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::runJavaScriptInMainFrame):
(WebKit::WebPageProxy::runJavaScriptInMainFrameScriptWorld):
Merge the above two runJavaScriptInMainFrame*.
(WebKit::WebPageProxy::runJavaScriptInFrame):

  • UIProcess/WebPageProxy.h:
  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::loadDataInFrame):
Add an assertion.
(WebKit::WebPage::runJavaScript):
(WebKit::WebPage::runJavaScriptInMainFrameScriptWorld):
(WebKit::WebPage::runJavaScriptInFrame):
(WebKit::WebPage::runJavaScriptInMainFrame): Deleted.

  • WebProcess/WebPage/WebPage.h:
  • WebProcess/WebPage/WebPage.messages.in:
1:48 PM Changeset in webkit [244147] by Justin Fan
  • 13 edits
    2 adds in trunk

[Web GPU] Indexed drawing and GPUCommandEncoder crash prevention
https://bugs.webkit.org/show_bug.cgi?id=196758

Reviewed by Dean Jackson.

Source/WebCore:

Test: webgpu/draw-indexed-triangles.html

Implement GPURenderPassEncoder::setIndexBuffer and GPURenderPassEncoder::drawIndexed to enable indexed drawing.
Disable GPUCommandEncoders with active pass encoders from being submitted or encoding blits.

Prevent active GPUCommandEncoders from being submitted or encoding blit commands:

  • Modules/webgpu/WebGPUCommandEncoder.cpp:

(WebCore::WebGPUCommandEncoder::finish):

  • platform/graphics/gpu/cocoa/GPUCommandBufferMetal.mm:

(WebCore::GPUCommandBuffer::copyBufferToBuffer):
(WebCore::GPUCommandBuffer::copyBufferToTexture):
(WebCore::GPUCommandBuffer::copyTextureToBuffer):
(WebCore::GPUCommandBuffer::copyTextureToTexture):

Implement GPURenderPassEncoder::setIndexBuffer and GPURenderPassEncoder::drawIndexed:

  • Modules/webgpu/WebGPURenderPassEncoder.cpp:

(WebCore::WebGPURenderPassEncoder::setIndexBuffer):
(WebCore::WebGPURenderPassEncoder::setVertexBuffers): Remove unnecessary move operations.
(WebCore::WebGPURenderPassEncoder::drawIndexed): Added.

  • Modules/webgpu/WebGPURenderPassEncoder.h:
  • Modules/webgpu/WebGPURenderPassEncoder.idl:
  • platform/graphics/gpu/GPUBuffer.h:

(WebCore::GPUBuffer::isIndex const):

  • platform/graphics/gpu/GPUInputStateDescriptor.h:
  • platform/graphics/gpu/GPURenderPassEncoder.h: Cache the index buffer, as Metal does not set the index buffer separate from the draw call.
  • platform/graphics/gpu/GPURenderPipeline.h:

(WebCore::GPURenderPipeline::indexFormat const):

  • platform/graphics/gpu/cocoa/GPURenderPassEncoderMetal.mm:

(WebCore::GPURenderPassEncoder::setIndexBuffer):
(WebCore::GPURenderPassEncoder::setVertexBuffers):
(WebCore::mtlPrimitiveTypeForGPUPrimitiveTopology):
(WebCore::GPURenderPassEncoder::draw):
(WebCore::mtlIndexTypeForGPUIndexFormat): Added.
(WebCore::GPURenderPassEncoder::drawIndexed): Added.
(WebCore::primitiveTypeForGPUPrimitiveTopology): Deleted.

  • platform/graphics/gpu/cocoa/GPURenderPipelineMetal.mm:

(WebCore::GPURenderPipeline::tryCreate):
(WebCore::GPURenderPipeline::GPURenderPipeline):

LayoutTests:

Add draw-indexed-triangles to test drawing a green square using GPURenderPassEncoder::setIndexBuffer and drawIndexed.

  • webgpu/draw-indexed-triangles-expected.html: Added.
  • webgpu/draw-indexed-triangles.html: Added.
1:44 PM Changeset in webkit [244146] by Chris Dumez
  • 4 edits in trunk/Source/WebKit

Unable to run system Safari with trunk WebKit
https://bugs.webkit.org/show_bug.cgi?id=196777
<rdar://problem/49784574>

Reviewed by Alex Christensen.

  • UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView _initializeWithConfiguration:]):
Add a linkedOnAfter check so that throwing exceptions when related web views use a different
data store only happens for apps rebuilt using recent SDK.

  • UIProcess/Cocoa/VersionChecks.h:
  • UIProcess/Cocoa/VersionChecks.mm:

(WebKit::linkedOnOrAfter):

  • By default, linkedOnOrAfter assumed Safari / MobileSafari is always linked-on-after. To satisfy my use cases, I introduced a new AssumeSafariIsAlwaysLinkedOnAfter parameter so that this behavior can be controlled by the caller.
  • In the header, DYLD_IOS_VERSION_* / DYLD_MACOS_VERSION_* constants are 0 when building with the non-internal SDK. As a result, the check instead linkedOnOrAfter() would cause us to always return true, which was wrong. I therefore updated the check inside linkedOnOrAfter() to special-case the 0 value for sdkVersion.
1:31 PM Changeset in webkit [244145] by rniwa@webkit.org
  • 3 edits in trunk/Source/WebCore

OfflineAudioDestinationNode::startRendering leaks OfflineAudioDestinationNode if offlineRender exists early
https://bugs.webkit.org/show_bug.cgi?id=196759

Reviewed by Eric Carlson.

OfflineAudioDestinationNode::startRendering unconditionally ref's itself before invoking offlineRender() in a new thread.
But offlineRender can early exit without ever calling deref() in the main thread, leading to the leak of
OfflineAudioDestinationNode. Fixed the leak by always calling deref in the main thread after calling offlineRender().

Also removed the debug assertion in offlineRender which always hits when we run the relevant test.

Test: imported/w3c/web-platform-tests/webaudio/the-audio-api/the-offlineaudiocontext-interface/current-time-block-size.html

  • Modules/webaudio/OfflineAudioDestinationNode.cpp:

(WebCore::OfflineAudioDestinationNode::startRendering):
(WebCore::OfflineAudioDestinationNode::offlineRender):
(WebCore::OfflineAudioDestinationNode::notifyComplete): Merged into startRendering.

  • Modules/webaudio/OfflineAudioDestinationNode.h:
12:56 PM Changeset in webkit [244144] by Chris Dumez
  • 7 edits in trunk/Source/WebKit

Regression(r240562) Audio sometimes keeps playing in previous process after a process-swap
https://bugs.webkit.org/show_bug.cgi?id=196774
<rdar://problem/49460572>

Reviewed by Alex Christensen.

r240562 added logic to prevent flashing on navigation. When we receive the DidFailToSuspendAfterProcessSwap
IPC from the previous process, we would delay closing the WebPage in that process until EnterAcceleratedCompositingMode
IPC is received from the new process. The issue is that this was racy as we would receive the EnterAcceleratedCompositingMode
IPC from the new process *before* receiving the DidFailToSuspendAfterProcessSwap IPC from the previous process, which which
case we would fail to close the WebPage and audio could keep playing.

To address the issue, the WebPageProxy keeps track of its last suspended page and notifies it whenever it receives the
EnterAcceleratedCompositingMode IPC. If the suspended page already received the DidFailToSuspendAfterProcessSwap IPC, it
will close the page. Otherwise, it will set a boolean data member indicating that we should not delay page closing when
the DidFailToSuspendAfterProcessSwap is eventually received.

  • UIProcess/SuspendedPageProxy.cpp:

(WebKit::SuspendedPageProxy::SuspendedPageProxy):
(WebKit::SuspendedPageProxy::pageEnteredAcceleratedCompositingMode):
(WebKit::SuspendedPageProxy::didProcessRequestToSuspend):

  • UIProcess/SuspendedPageProxy.h:
  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::suspendCurrentPageIfPossible):
(WebKit::WebPageProxy::enterAcceleratedCompositingMode):

  • UIProcess/WebPageProxy.h:
  • UIProcess/WebProcessPool.cpp:
  • UIProcess/WebProcessPool.h:
12:18 PM Changeset in webkit [244143] by Tadeu Zagallo
  • 19 edits
    6 copies
    2 adds in trunk

Add support for incremental bytecode cache updates
https://bugs.webkit.org/show_bug.cgi?id=195000

Reviewed by Filip Pizlo.

Source/JavaScriptCore:

Add support for incremental updates to the bytecode cache. The cache
is constructed as follows:

  • When the cache is empty, the initial payload can be added to the BytecodeCache

by calling BytecodeCache::addGlobalUpdate. This represents the encoded
top-level UnlinkedCodeBlock.

  • Afterwards, updates can be added by calling BytecodeCache::addFunctionUpdate.

The update is applied by appending the encoded UnlinkedFunctionCodeBlock
to the existing cache and updating the CachedFunctionExecutableMetadata
and the offset of the new CachedFunctionCodeBlock in the owner CachedFunctionExecutable.

  • API/JSScript.mm:

(-[JSScript readCache]):
(-[JSScript isUsingBytecodeCache]):
(-[JSScript init]):
(-[JSScript cachedBytecode]):
(-[JSScript writeCache:]):

  • API/JSScriptInternal.h:
  • API/JSScriptSourceProvider.h:
  • API/JSScriptSourceProvider.mm:

(JSScriptSourceProvider::cachedBytecode const):

  • CMakeLists.txt:
  • JavaScriptCore.xcodeproj/project.pbxproj:
  • Sources.txt:
  • bytecode/UnlinkedFunctionExecutable.cpp:

(JSC::generateUnlinkedFunctionCodeBlock):

  • jsc.cpp:

(ShellSourceProvider::~ShellSourceProvider):
(ShellSourceProvider::cachePath const):
(ShellSourceProvider::loadBytecode const):
(ShellSourceProvider::ShellSourceProvider):
(ShellSourceProvider::cacheEnabled):

  • parser/SourceProvider.h:

(JSC::SourceProvider::cachedBytecode const):
(JSC::SourceProvider::updateCache const):
(JSC::SourceProvider::commitCachedBytecode const):

  • runtime/CachePayload.cpp: Copied from Source/JavaScriptCore/API/JSScriptInternal.h.

(JSC::CachePayload::makeMappedPayload):
(JSC::CachePayload::makeMallocPayload):
(JSC::CachePayload::makeEmptyPayload):
(JSC::CachePayload::CachePayload):
(JSC::CachePayload::~CachePayload):
(JSC::CachePayload::operator=):
(JSC::CachePayload::freeData):

  • runtime/CachePayload.h: Copied from Source/JavaScriptCore/API/JSScriptInternal.h.

(JSC::CachePayload::data const):
(JSC::CachePayload::size const):
(JSC::CachePayload::CachePayload):

  • runtime/CacheUpdate.cpp: Copied from Source/JavaScriptCore/API/JSScriptInternal.h.

(JSC::CacheUpdate::CacheUpdate):
(JSC::CacheUpdate::operator=):
(JSC::CacheUpdate::isGlobal const):
(JSC::CacheUpdate::asGlobal const):
(JSC::CacheUpdate::asFunction const):

  • runtime/CacheUpdate.h: Copied from Source/JavaScriptCore/API/JSScriptInternal.h.
  • runtime/CachedBytecode.cpp: Added.

(JSC::CachedBytecode::addGlobalUpdate):
(JSC::CachedBytecode::addFunctionUpdate):
(JSC::CachedBytecode::copyLeafExecutables):
(JSC::CachedBytecode::commitUpdates const):

  • runtime/CachedBytecode.h: Added.

(JSC::CachedBytecode::create):
(JSC::CachedBytecode::leafExecutables):
(JSC::CachedBytecode::data const):
(JSC::CachedBytecode::size const):
(JSC::CachedBytecode::hasUpdates const):
(JSC::CachedBytecode::sizeForUpdate const):
(JSC::CachedBytecode::CachedBytecode):

  • runtime/CachedTypes.cpp:

(JSC::Encoder::addLeafExecutable):
(JSC::Encoder::release):
(JSC::Decoder::Decoder):
(JSC::Decoder::create):
(JSC::Decoder::size const):
(JSC::Decoder::offsetOf):
(JSC::Decoder::ptrForOffsetFromBase):
(JSC::Decoder::addLeafExecutable):
(JSC::VariableLengthObject::VariableLengthObject):
(JSC::VariableLengthObject::buffer const):
(JSC::CachedPtrOffsets::offsetOffset):
(JSC::CachedWriteBarrierOffsets::ptrOffset):
(JSC::CachedFunctionExecutable::features const):
(JSC::CachedFunctionExecutable::hasCapturedVariables const):
(JSC::CachedFunctionExecutableOffsets::codeBlockForCallOffset):
(JSC::CachedFunctionExecutableOffsets::codeBlockForConstructOffset):
(JSC::CachedFunctionExecutableOffsets::metadataOffset):
(JSC::CachedFunctionExecutable::encode):
(JSC::CachedFunctionExecutable::decode const):
(JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable):
(JSC::encodeCodeBlock):
(JSC::encodeFunctionCodeBlock):
(JSC::decodeCodeBlockImpl):
(JSC::isCachedBytecodeStillValid):

  • runtime/CachedTypes.h:

(JSC::VariableLengthObjectBase::VariableLengthObjectBase):
(JSC::decodeCodeBlock):

  • runtime/CodeCache.cpp:

(JSC::CodeCache::getUnlinkedGlobalCodeBlock):
(JSC::CodeCache::updateCache):
(JSC::CodeCache::write):
(JSC::writeCodeBlock):
(JSC::serializeBytecode):

  • runtime/CodeCache.h:

(JSC::SourceCodeValue::SourceCodeValue):
(JSC::CodeCacheMap::findCacheAndUpdateAge):
(JSC::CodeCacheMap::fetchFromDiskImpl):

  • runtime/Completion.cpp:

(JSC::generateProgramBytecode):
(JSC::generateModuleBytecode):

  • runtime/Completion.h:
  • runtime/LeafExecutable.cpp: Copied from Source/JavaScriptCore/API/JSScriptSourceProvider.mm.

(JSC::LeafExecutable::operator+ const):

  • runtime/LeafExecutable.h: Copied from Source/JavaScriptCore/API/JSScriptSourceProvider.mm.

(JSC::LeafExecutable::LeafExecutable):
(JSC::LeafExecutable::base const):

Tools:

Exit when the initial run to generate bytecode fails.

  • Scripts/jsc-stress-test-helpers/bytecode-cache-test-helper.sh:
11:51 AM Changeset in webkit [244142] by timothy@apple.com
  • 2 edits in trunk/Source/WebKit

WKScrollView background color does not match WKWebView before content is loaded.
https://bugs.webkit.org/show_bug.cgi?id=196745
rdar://problem/49750810

Reviewed by Megan Gardner.

  • UIProcess/API/Cocoa/WKWebView.mm:

(scrollViewBackgroundColor): Default to _contentView.backgroundColor on invalid base color.
(-[WKWebView _processDidExit]): Reset to _contentView.backgroundColor.
(-[WKWebView setBackgroundColor:]): Call _updateScrollViewBackground since it can use
_contentView.backgroundColor and it has changed.

11:47 AM Changeset in webkit [244141] by Megan Gardner
  • 8 edits
    8 adds in trunk

Fix text autoscrolling when typing in modern webkit
https://bugs.webkit.org/show_bug.cgi?id=196718
Source/WebCore:

<rdar://problem/49225507>

Reviewed by Tim Horton.

Tests: fast/events/autoscroll-when-input-is-offscreen.html

fast/events/autoscroll-with-software-keyboard.html

We have been relying on UIKit to scroll editable text, but
since we cannot give them enough information for them to always
do the right thing, we should just do all the work in WebKit.
This has the added benifit of fixing some tricky autoscrolling
bugs that have cropped up recently.

  • editing/Editor.cpp:

(WebCore::Editor::insertTextWithoutSendingTextEvent):
(WebCore::Editor::revealSelectionAfterEditingOperation):
We should be scrolling the main frame in WebKit. We have been relying on UIKit,
but we cannot give them enough information to guarantee a correct scroll, so just
do all the work in WebKit.

  • page/FrameView.cpp:

(WebCore::FrameView::unobscuredContentRectExpandedByContentInsets const):
Update to use the rect that is actually visible, accounting for the software keyboard.

Source/WebKit:

<rdar://problem/49225507>

Reviewed by Tim Horton.

For staging only. We need to turn off UIKit's scrolling behavior to land
the changes we are making. To keep from the build ever breaking,
I am temporarily circumventing the changes in UIKit. This will be removed
once the next UIKit submission happens.

  • UIProcess/ios/WKContentViewInteraction.mm:

(-[WKUIWKTextInteractionAssistant scrollSelectionToVisible]):
(-[WKContentView setUpTextSelectionAssistant]):

LayoutTests:

Reviewed by Tim Horton.

  • fast/events/autoscroll-when-input-is-offscreen-expected.txt: Added.
  • fast/events/autoscroll-when-input-is-offscreen.html: Added.
  • fast/events/autoscroll-with-software-keyboard-expected.txt: Added.
  • fast/events/autoscroll-with-software-keyboard.html: Added.
11:45 AM Changeset in webkit [244140] by Wenson Hsieh
  • 3 edits in trunk/Source/WebKit

[iOSMac] Opt into modern compatibility mode by default
https://bugs.webkit.org/show_bug.cgi?id=196763
<rdar://problem/49038732>

Reviewed by Tim Horton.

Achieve this by limiting legacy compatibility mode by default to non-iOSMac iOS only.

  • Shared/WebPreferences.yaml:
  • Shared/WebPreferencesDefaultValues.h:
11:35 AM Changeset in webkit [244139] by commit-queue@webkit.org
  • 10 edits in trunk

RemoteObjectRegistry message receiver should be removed when WebPage::close is called instead of waiting until dealloc
https://bugs.webkit.org/show_bug.cgi?id=196744
<rdar://49415309>

Patch by Alex Christensen <achristensen@webkit.org> on 2019-04-10
Reviewed by Chris Dumez.

Source/WebKit:

This is a similar problem to the one I fixed in r241306 so I piggy-backed on the same test.
When you do a cross site navigation but the previous page is in a suspended process then you navigate back,
you can get two WebPage objects in the same process with the same IDs. WebPage::close has been called
on the old one which is supposed to make it so all the message receivers associated with it have been removed
so we don't have any loss of communication, but we missed the RemoteObjectRegistry messages, which are owned
by the ObjC bundle object wrapping the WebPage (which can keep it alive if a strong reference to it is held).
To fix the assertion that happens in this case and the resulting communication breakage, teach the WebPage about
these messages so it can tear down the message receiver with the others it removes at close time.

  • Shared/API/Cocoa/RemoteObjectRegistry.h:
  • WebProcess/InjectedBundle/API/mac/WKWebProcessPlugInBrowserContextController.mm:

(-[WKWebProcessPlugInBrowserContextController dealloc]):
(-[WKWebProcessPlugInBrowserContextController _remoteObjectRegistry]):

  • WebProcess/WebPage/Cocoa/WebPageCocoa.mm:

(WebKit::WebPage::addRemoteObjectRegistry):

  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::close):

  • WebProcess/WebPage/WebPage.h:

Tools:

  • TestWebKitAPI/Tests/WebKitCocoa/BundleRetainPagePlugIn.mm:

(-[BundleRetainPagePlugIn webProcessPlugIn:didCreateBrowserContextController:]):

11:27 AM Changeset in webkit [244138] by Michael Catanzaro
  • 5 edits
    1 delete in trunk

Unreviewed, rolling out r243989.

Broke i686 builds

Reverted changeset:

"[CMake] Detect SSE2 at compile time"
https://bugs.webkit.org/show_bug.cgi?id=196488
https://trac.webkit.org/changeset/243989

11:08 AM Changeset in webkit [244137] by Alan Coon
  • 1 edit in branches/safari-607-branch/Source/WebKit/WebProcess/WebProcess.h

Unreviewed build fix. rdar://problem/49725709

11:05 AM Changeset in webkit [244136] by rmorisset@apple.com
  • 3 edits
    1 add in trunk

We should clear m_needsOverflowCheck when hitting an exception in defineProperties in ObjectConstructor.cpp
https://bugs.webkit.org/show_bug.cgi?id=196746

JSTests:

Reviewed by Yusuke Suzuki.

  • stress/cyclic-define-properties.js: Added.

(foo):

Source/JavaScriptCore:

Reviewed by Yusuke Suzuki..

It should be safe as in that case we are not completing the operation, and so not going to have any buffer overflow.

  • runtime/ObjectConstructor.cpp:

(JSC::defineProperties):

10:53 AM Changeset in webkit [244135] by Claudio Saavedra
  • 2 edits in trunk/Source/WTF

Do not generate empty unified sources when unified builds are disabled
https://bugs.webkit.org/show_bug.cgi?id=196767

Reviewed by Konstantin Tokarev.

If unified builds are disabled, the ruby script to generate them
is still used to list the sources that need to be
compiled. Currently, the script always generates bundled unified
sources, even if it's being used just to list all the sources. So
when the unified builds are disabled and no files are going to be
bundled, the script generates one empty file per bundle manager
(that is, one C++ and one ObjectiveC), that gets added to the
sources to be compiled.

  • Scripts/generate-unified-source-bundles.rb: Only go through the

bundle managers file generation when not running in
PrintAllSources mode, to avoid generating empty bundle files.

10:46 AM Changeset in webkit [244134] by Wenson Hsieh
  • 5 edits in trunk/Tools

Add a way to opt into modern compatibility mode in layout tests
https://bugs.webkit.org/show_bug.cgi?id=196770
<rdar://problem/49777550>

Reviewed by Antoine Quint.

Add a new test option to enable modern compatibility mode in layout tests.

  • WebKitTestRunner/TestController.cpp:

(WTR::updateTestOptionsFromTestHeader):

  • WebKitTestRunner/TestController.h:
  • WebKitTestRunner/TestOptions.h:

(WTR::TestOptions::hasSameInitializationOptions const):

  • WebKitTestRunner/cocoa/TestControllerCocoa.mm:

(WTR::TestController::platformCreateWebView):
(WTR::TestController::enableModernCompatibilityMode):

10:40 AM Changeset in webkit [244133] by aestes@apple.com
  • 2 edits in trunk/Tools

Try to fix the 32-bit watchOS build.

  • TestWebKitAPI/cocoa/TestWKWebView.mm:

(-[TestWKWebView evaluateJavaScriptAndWaitForInputSessionToChange:]):

10:12 AM Changeset in webkit [244132] by Chris Dumez
  • 2 edits in trunk/Source/WebKit

Unreviewed, drop SuspendedPageProxy data member that is unused after r244075.

  • UIProcess/SuspendedPageProxy.h:
10:11 AM Changeset in webkit [244131] by Alan Coon
  • 9 edits in branches/safari-607-branch/Source

Apply patch. rdar://problem/49725709

10:11 AM Changeset in webkit [244130] by Alan Coon
  • 2 edits in branches/safari-607-branch/Source/WebKit

Cherry-pick r243562. rdar://problem/49725686

[ iOS Sim ] REGRESSION (r242277) Layout Test http/tests/cookies/same-site/lax-samesite-cookie-after-cross-site-history-load.php is a flaky timeout
https://bugs.webkit.org/show_bug.cgi?id=195425
<rdar://problem/48682403>

Reviewed by Alex Christensen.

When process-swapping on history navigation, we lookup the WebProcessProxy we'd like to use from the
process identifier that is saved on the WebBackForwardListItem, to try and load the item in the process
in which it was previously loaded. However, we were failing to check if the WebProcess in question was
still running so we could potentially try to use a process that's already exited.

  • UIProcess/WebProcessPool.cpp: (WebKit::WebProcessPool::processForNavigationInternal):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@243562 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:11 AM Changeset in webkit [244129] by Alan Coon
  • 2 edits in branches/safari-607-branch/Tools

Cherry-pick r243870. rdar://problem/49725697

Unreviewed, roll out r243858 which made tests time out.

Disable new API tests on Windows instead.

  • TestWebKitAPI/Tests/WebKit/ReloadPageAfterCrash.cpp: (TestWebKitAPI::TEST):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@243870 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:11 AM Changeset in webkit [244128] by Alan Coon
  • 2 edits in branches/safari-607-branch/Tools

Cherry-pick r243858. rdar://problem/49725697

The page's focusedFrame / frameSetLargestFrame do not get cleared on process swap or crash
https://bugs.webkit.org/show_bug.cgi?id=196588
<rdar://problem/49365787>

Unreviewed build fix for Windows port.

error C3861: 'kill': identifier not found

  • TestWebKitAPI/Tests/WebKit/ReloadPageAfterCrash.cpp: (TestWebKitAPI::TEST): Replaced kill with WKPageTerminate.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@243858 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:11 AM Changeset in webkit [244127] by Alan Coon
  • 2 edits in branches/safari-607-branch/Tools

Cherry-pick r243849. rdar://problem/49725697

Unreviewed, fix typo in the name of API test added in r243848.

  • TestWebKitAPI/Tests/WebKit/ReloadPageAfterCrash.cpp: (TestWebKitAPI::TEST):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@243849 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:11 AM Changeset in webkit [244126] by Alan Coon
  • 4 edits in branches/safari-607-branch

Cherry-pick r243848. rdar://problem/49725697

The page's focusedFrame / frameSetLargestFrame do not get cleared on process swap or crash
https://bugs.webkit.org/show_bug.cgi?id=196588
<rdar://problem/49365787>

Reviewed by Ryosuke Niwa.

Source/WebKit:

The page's focusedFrame / frameSetLargestFrame do not get cleared on process swap or crash.
This can lead to returning stale frames to the client if it asks for those.

  • UIProcess/WebPageProxy.cpp: (WebKit::WebPageProxy::resetState):

Tools:

Add API test coverage.

  • TestWebKitAPI/Tests/WebKit/ReloadPageAfterCrash.cpp: (TestWebKitAPI::nullJavaScriptCallback): (TestWebKitAPI::didCrashCheckFrames): (TestWebKitAPI::TEST):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@243848 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:11 AM Changeset in webkit [244125] by Alan Coon
  • 6 edits
    2 adds in branches/safari-607-branch

Cherry-pick r243828. rdar://problem/49725673

Documents can be destroyed before their CSSFontFaceSet is destroyed
https://bugs.webkit.org/show_bug.cgi?id=195830

Reviewed by Darin Adler.

Source/WebCore:

CSSFontFaceSet has a raw pointer to its owning document. JS can keep the CSSFontFaceSet alive (by using FontFaceSet)
and can destroy the document at any time. When the document is destroyed, the link between the two objects needs to
be severed.

Test: fast/text/font-face-set-destroy-document.html

  • css/CSSFontFace.cpp: (WebCore::CSSFontFace::CSSFontFace):
  • css/CSSFontFace.h:
  • css/CSSFontFaceSet.cpp: (WebCore::CSSFontFaceSet::CSSFontFaceSet): (WebCore::CSSFontFaceSet::ensureLocalFontFacesForFamilyRegistered):
  • css/CSSFontFaceSet.h:
  • css/CSSFontSelector.cpp: (WebCore::CSSFontSelector::CSSFontSelector): (WebCore::CSSFontSelector::addFontFaceRule):
  • css/CSSFontSelector.h:
  • css/FontFace.cpp: (WebCore::FontFace::FontFace):

LayoutTests:

  • fast/text/font-face-set-destroy-document-expected.html: Added.
  • fast/text/font-face-set-destroy-document.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@243828 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:11 AM Changeset in webkit [244124] by Alan Coon
  • 3 edits
    2 adds in branches/safari-607-branch

Cherry-pick r243786. rdar://problem/49725702

REGRESSION (r238266): Exchange 2013 Outlook Web Access displays partially blank page when creating new e-mail
https://bugs.webkit.org/show_bug.cgi?id=196522
Source/WebCore:

rdar://problem/49472941

Reviewed by Zalan Bujtas.

In this content a layer is composited to clip descendants, and has negative z-order children,
so we compute that it "paints into ancestor", and has a foreground layer. This combination doesn't
make sense, and when the layer becomes scrollable, we end up with bad paint phases on layers, and
fail to paint the contents.

Fix by ensuring that a layer has its own backing store if it requires a foreground layer
by virtue of having negative z-order children.

Test: compositing/backing/foreground-layer-no-paints-into-ancestor.html

  • rendering/RenderLayerCompositor.cpp: (WebCore::RenderLayerCompositor::requiresOwnBackingStore const):

LayoutTests:

Reviewed by Zalan Bujtas.

  • compositing/backing/foreground-layer-no-paints-into-ancestor-expected.html: Added.
  • compositing/backing/foreground-layer-no-paints-into-ancestor.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@243786 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:11 AM Changeset in webkit [244123] by Alan Coon
  • 3 edits
    2 adds in branches/safari-607-branch

Cherry-pick r243660. rdar://problem/49725670

[Simple line layout] Turn off inline boxtree generation for multiline content
https://bugs.webkit.org/show_bug.cgi?id=196404
<rdar://problem/49234033>

Reviewed by Simon Fraser.

Source/WebCore:

Currently simple line layout can't provide the correct line breaking context to the inline tree when the boxtree is
generated using the simple line runs. This patch limits the generation of such trees to single lines. Multiline content will
go through the "let's layout this content again" codepath.
This patch fixes disappearing content on Questar.

Test: fast/text/simple-line-layout-and-multiline-inlineboxtree.html

  • rendering/SimpleLineLayoutFunctions.cpp: (WebCore::SimpleLineLayout::canUseForLineBoxTree):

LayoutTests:

  • fast/text/simple-line-layout-and-multiline-inlineboxtree-expected.html: Added.
  • fast/text/simple-line-layout-and-multiline-inlineboxtree.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@243660 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:11 AM Changeset in webkit [244122] by Alan Coon
  • 6 edits
    2 adds in branches/safari-607-branch

Cherry-pick r243639. rdar://problem/49725710

BackwardsGraph needs to consider back edges as the backward's root successor
https://bugs.webkit.org/show_bug.cgi?id=195991

Reviewed by Filip Pizlo.

JSTests:

  • stress/map-b3-licm-infinite-loop.js: Added.

Source/JavaScriptCore:

  • b3/testb3.cpp: (JSC::B3::testInfiniteLoopDoesntCauseBadHoisting): (JSC::B3::run):

Source/WTF:

Previously, our backwards graph analysis was slightly wrong. The idea of
backwards graph is that the root of the graph has edges to terminals in
the original graph. And then the original directed edges in the graph are flipped.

However, we weren't considering loops as a form of terminality. For example,
we wouldn't consider an infinite loop as a terminal. So there were no edges
from the root to a node in the infinite loop. This lead us to make mistakes
when we used backwards dominators to compute control flow equivalence.

This is better understood in an example:

`
preheader:
while (1) {

if (!isCell(v))

continue;

load structure ID
if (cond)

continue;

return

}
`

In the previous version of this algorithm, the only edge from the backwards
root would be to the block containing the return. This would lead us to
believe that the loading of the structureID backwards dominates the preheader,
leading us to believe it's control flow equivalent to preheader. This is
obviously wrong, since we can loop forever if "v" isn't a cell.

The solution here is to treat any backedge in the graph as a "terminal" node.
Since a backedge implies the existence of a loop.

In the above example, the backwards root now has an edge to both blocks with
"continue". This prevents us from falsely claiming that the return is control
flow equivalent with the preheader.

This patch uses DFS spanning trees to compute back edges. An edge
u->v is a back edge when u is a descendent of v in the DFS spanning
tree of the Graph.

  • WTF.xcodeproj/project.pbxproj:
  • wtf/BackwardsGraph.h: (WTF::BackwardsGraph::BackwardsGraph):
  • wtf/SpanningTree.h: Added. (SpanningTree::SpanningTree): (SpanningTree::isDescendent):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@243639 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:10 AM Changeset in webkit [244121] by Alan Coon
  • 3 edits
    2 adds in branches/safari-607-branch

Cherry-pick r243605. rdar://problem/49725707

[SimpleLineLayout] Disable SLL when text-underline-position is not auto.
https://bugs.webkit.org/show_bug.cgi?id=196338
<rdar://problem/47975167>

Reviewed by Daniel Bates.

Source/WebCore:

Disable simple line layout unconditionally on non-auto text-underline-position content. We don't support it yet.

Test: fast/text/simple-line-layout-with-text-underline-position.html

  • rendering/SimpleLineLayout.cpp: (WebCore::SimpleLineLayout::canUseForStyle):

LayoutTests:

  • fast/text/simple-line-layout-with-text-underline-position-expected.html: Added.
  • fast/text/simple-line-layout-with-text-underline-position.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@243605 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:10 AM Changeset in webkit [244120] by Alan Coon
  • 2 edits in branches/safari-607-branch/Source/WebCore

Cherry-pick r243104. rdar://problem/49725692

REGRESSION(r236862): early frame decoupling leaves JSC ArrayBuffer objects lingering
https://bugs.webkit.org/show_bug.cgi?id=195322

Reviewed by Ryosuke Niwa.

Since r236862, DOMWindow objects get disconnected from their Frame object as soon as
their iframe element gets removed from the document. Previously, DOMWindow was a
FrameDestructionObserver and would stay connected to its frame until the frame died.

This means that some of the work that we were doing in DOMWindow::frameDestroyed() and
Document::willDetachPage() no longer happens for subframe windows because they get
disconnected from their frame because they get a chance to get such notifications.
To address this issue, we now also do this work in DOMWindow::willDetachDocumentFromFrame()
which gets called when the iframe gets removed from the document and the document / window
get disconnected from the Frame element.

No new tests, verified locally that the leak is gone on JetStream.

  • page/DOMWindow.cpp: (WebCore::DOMWindow::willDetachDocumentFromFrame):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@243104 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:10 AM Changeset in webkit [244119] by Alan Coon
  • 3 edits in branches/safari-607-branch/LayoutTests

Cherry-pick r241931. rdar://problem/49725665

Fix the test failure following r241918
(https://bugs.webkit.org/show_bug.cgi?id=194906)

For some reason strict cookies are sent via HTTP in WK1 and not in WK2. Will investigate in <https://bugs.webkit.org/show_bug.cgi?id=194933>.
This sub-test failure occurs with and without the patch. As the primary purpose of this test
was to ensure correctness for Same Site lax cookies, I've amended the test and test result
for now.

  • http/tests/cookies/same-site/user-load-cross-site-redirect-expected.txt:
  • http/tests/cookies/same-site/user-load-cross-site-redirect.php:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241931 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:10 AM Changeset in webkit [244118] by Alan Coon
  • 4 edits
    2 adds in branches/safari-607-branch

Cherry-pick r241918. rdar://problem/49725665

Same Site Lax cookies are not sent with cross-site redirect from client-initiated load
https://bugs.webkit.org/show_bug.cgi?id=194906
<rdar://problem/44305947>

Reviewed by Brent Fulgham.

Source/WebCore:

Ensure that a request for a top-level navigation is annotated as such regardless of whether
the request has a computed Same Site policy.

"New loads" initiated by a the client (Safari) either by API or a human either explicitly
typing a URL in the address bar or Command + clicking a hyperlink to open it in a new window/tab
are always considered Same Site. This is by definition from the spec. [1] as we aren't navigating
from an existing page. (Command + click should be thought of as a convenience to the user from
having to copy the hyperlink's URL, create a new window, and paste the URL into the address bar).
Currently the frame loader marks a request as a top-level navigation if and only if the request
does not have a pre-computed Same Site policy. However, "New loads" have a pre-computed Same Site
policy. So, these loads would never be marked as a top-level navigation by the frame loading code.
Therefore, if the "new load" turned out to be a cross-site redirect then WebKit would incorrectly
tell the networking stack that the load was a cross-site, non-top-level navigation, and per the
Same Site spec [2], the networking stack would not send Same Site Lax cookies. Instead,
WebKit should unconditionally ensure that requests are marked as a top-level navigation, if applicable.

[1] See Note for (1) in <https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis-02#section-5.2>
[2] <https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis-02#section-5.3.7.1>

Test: http/tests/cookies/same-site/user-load-cross-site-redirect.php

  • loader/FrameLoader.cpp: (WebCore::FrameLoader::addExtraFieldsToRequest): Unconditionally update the request's top- level navigation bit.
  • platform/network/ResourceRequestBase.cpp: (WebCore::ResourceRequestBase::setAsIsolatedCopy): Unconditionally copy a request's top- level navigation bit.

LayoutTests:

Add a test that is representative of a user loading a cross-site page that redirects
to a page that expects Same Site Lax cookies.

  • http/tests/cookies/same-site/user-load-cross-site-redirect-expected.txt: Added.
  • http/tests/cookies/same-site/user-load-cross-site-redirect.php: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@241918 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:08 AM Changeset in webkit [244117] by Kocsen Chung
  • 1 copy in tags/Safari-608.1.16

Tag Safari-608.1.16.

10:05 AM Changeset in webkit [244116] by Kocsen Chung
  • 7 edits in trunk/Source

Versioning.

9:53 AM Changeset in webkit [244115] by Ross Kirsling
  • 94 edits in trunk/Source/WebCore

WebCore should build successfully even with -DENABLE_UNIFIED_BUILDS=OFF
https://bugs.webkit.org/show_bug.cgi?id=196762

Reviewed by Ryosuke Niwa.

  • Modules/indexeddb/IDBCursor.h:
  • Modules/indexeddb/client/IDBConnectionToServer.cpp:
  • Modules/indexeddb/server/UniqueIDBDatabaseTransaction.h:
  • Modules/websockets/WebSocketFrame.cpp:
  • accessibility/AccessibilityARIAGridRow.cpp:

(WebCore::AccessibilityARIAGridRow::parentTable const):

  • accessibility/AccessibilityObject.cpp:
  • accessibility/AccessibilityRenderObject.cpp:
  • animation/CSSAnimation.cpp:
  • animation/DeclarativeAnimation.cpp:
  • bindings/js/DOMGCOutputConstraint.h:
  • bindings/js/JSCanvasRenderingContext2DCustom.cpp:

(WebCore::root):
(WebCore::JSCanvasRenderingContext2DOwner::isReachableFromOpaqueRoots):
(WebCore::JSCanvasRenderingContext2D::visitAdditionalChildren):

  • bindings/js/JSDOMConvertNumbers.cpp:
  • bindings/js/JSDOMWindowCustom.cpp:
  • bindings/js/JSExtendableMessageEventCustom.cpp:
  • bindings/js/SerializedScriptValue.cpp:
  • css/CSSFontFaceSource.cpp:
  • css/CSSFontFaceSource.h:
  • css/MediaQueryMatcher.h:
  • css/parser/CSSPropertyParserHelpers.cpp:
  • dom/DocumentParser.cpp:
  • dom/EventPath.cpp:
  • dom/MouseEvent.h:
  • dom/SpectreGadget.cpp:
  • dom/SpectreGadget.h:
  • editing/ChangeListTypeCommand.cpp:
  • editing/EditAction.cpp:
  • editing/ReplaceSelectionCommand.cpp:
  • editing/TextGranularity.h:
  • html/HTMLFormControlsCollection.cpp:
  • html/HTMLImageElement.cpp:
  • html/canvas/CanvasRenderingContext2DBase.cpp:
  • inspector/InspectorController.cpp:
  • inspector/agents/InspectorApplicationCacheAgent.cpp:
  • inspector/agents/InspectorCanvasAgent.cpp:
  • inspector/agents/WebHeapAgent.cpp:
  • inspector/agents/page/PageAuditAgent.cpp:
  • inspector/agents/page/PageConsoleAgent.cpp:
  • inspector/agents/page/PageNetworkAgent.cpp:
  • inspector/agents/worker/WorkerAuditAgent.cpp:
  • loader/CrossOriginAccessControl.h:
  • loader/CrossOriginPreflightResultCache.h:
  • loader/NavigationAction.cpp:
  • loader/ResourceLoadObserver.cpp:
  • page/FrameTree.cpp:
  • page/IntersectionObserver.cpp:
  • page/PageConfiguration.cpp:
  • page/PerformanceResourceTiming.cpp:
  • page/ResizeObservation.cpp:
  • page/UndoManager.cpp:
  • plugins/PluginData.cpp:
  • rendering/Grid.h:
  • rendering/GridBaselineAlignment.cpp:
  • rendering/GridBaselineAlignment.h:
  • rendering/GridLayoutFunctions.cpp:
  • rendering/GridLayoutFunctions.h:
  • rendering/GridTrackSizingAlgorithm.h:
  • rendering/RenderDeprecatedFlexibleBox.cpp:
  • rendering/RenderFlexibleBox.cpp:
  • rendering/RenderIFrame.cpp:
  • rendering/RenderLayerFilters.cpp:
  • rendering/TextDecorationPainter.cpp:
  • rendering/TextDecorationPainter.h:
  • rendering/TextPainter.cpp:
  • rendering/TextPainter.h:
  • rendering/style/StyleRareNonInheritedData.cpp:
  • rendering/style/StyleRareNonInheritedData.h:
  • rendering/svg/SVGRenderSupport.h:
  • rendering/updating/RenderTreeBuilder.cpp:
  • rendering/updating/RenderTreeBuilderSVG.cpp:
  • style/InlineTextBoxStyle.cpp:
  • style/InlineTextBoxStyle.h:
  • style/StylePendingResources.cpp:
  • svg/SVGMatrix.h:
  • svg/SVGViewSpec.h:
  • svg/SVGZoomAndPan.h:
  • workers/WorkerScriptLoader.cpp:
  • workers/WorkerScriptLoader.h:
  • workers/service/ServiceWorker.cpp:
  • workers/service/ServiceWorkerClientData.cpp:
  • workers/service/ServiceWorkerClients.cpp:
  • workers/service/ServiceWorkerClients.h:
  • workers/service/ServiceWorkerGlobalScope.cpp:
  • workers/service/ServiceWorkerJob.cpp:
  • workers/service/ServiceWorkerProvider.cpp:
  • workers/service/context/ServiceWorkerFetch.cpp:
  • workers/service/context/ServiceWorkerInspectorProxy.h:
  • workers/service/context/ServiceWorkerThread.cpp:
  • workers/service/context/ServiceWorkerThreadProxy.cpp:
  • workers/service/server/SWServerJobQueue.cpp:
  • workers/service/server/SWServerToContextConnection.cpp:
  • workers/service/server/SWServerWorker.cpp:
  • workers/service/server/SWServerWorker.h:
  • worklets/Worklet.h:
9:44 AM Changeset in webkit [244114] by graouts@webkit.org
  • 12 edits in trunk

Enable Pointer Events on watchOS
https://bugs.webkit.org/show_bug.cgi?id=196771
<rdar://problem/49040909>

Reviewed by Dean Jackson.

Source/JavaScriptCore:

  • Configurations/FeatureDefines.xcconfig:

Source/WebCore:

  • Configurations/FeatureDefines.xcconfig:

Source/WebCore/PAL:

  • Configurations/FeatureDefines.xcconfig:

Source/WebKit:

  • Configurations/FeatureDefines.xcconfig:

Source/WebKitLegacy/mac:

  • Configurations/FeatureDefines.xcconfig:

Tools:

  • TestWebKitAPI/Configurations/FeatureDefines.xcconfig:
9:32 AM Changeset in webkit [244113] by beidson@apple.com
  • 2 edits in trunk/Source/WebKit

Background tabs are not fully reactivated after a link is opened from an external application.
<rdar://problem/49533278> and https://bugs.webkit.org/show_bug.cgi?id=196705

Reviewed by Chris Dumez.

If an app unparents a WKWebView right after activation but before the "applicationWillEnterForeground" notification
is dispatched, then that WKWebView is in a broken state with a frozen layer tree.

The WKApplicationStateTrackingView logic needs to be a little more resilient.

  • UIProcess/ios/WKApplicationStateTrackingView.mm:

(-[WKApplicationStateTrackingView willMoveToWindow:]): When clearing the window, remember the current background state.
(-[WKApplicationStateTrackingView didMoveToWindow]): If our last observed background state doesn't match the current

background state then fake the relevant notification.

(-[WKApplicationStateTrackingView _applicationDidEnterBackground]): Remember that we've observed a backgrounding.
(-[WKApplicationStateTrackingView _applicationWillEnterForeground]): Remember that we've observed a foregrounding.

9:30 AM Changeset in webkit [244112] by youenn@apple.com
  • 6 edits in trunk

Delay initialization of quota users until the first quota request
https://bugs.webkit.org/show_bug.cgi?id=196467

Reviewed by Chris Dumez.

Source/WebCore:

Instead of triggering initialization of each user when being added,
delay initialization until the first call to requestSpace with a non zero task size.
This will make sure we do not load Cache API information in memory or check for
IDB space until actually necessary.

To implement that, move from a HashSet of being initialized users to a HashMap where the key is user and
the value is the user initialization state.

When removing a user, delay the call to processPendingRequest so that a synchronous call to addUser
can be taken into consideration.

This unflakes some Cache API tests as these tests do clear the Cache API and check for the clearing result.
Clearing the caches triggers a removeUser/addUser dance which then triggers initialization of the Caches structure.

Covered by existing tests.

  • storage/StorageQuotaManager.cpp:

(WebCore::StorageQuotaManager::initializeUsersIfNeeded):
(WebCore::StorageQuotaManager::askUserToInitialize):
(WebCore::StorageQuotaManager::addUser):
(WebCore::StorageQuotaManager::requestSpace):

  • storage/StorageQuotaManager.h:

LayoutTests:

Unflake cache storage tests.

6:49 AM WebKitGTK/2.24.x edited by Philippe Normand
(diff)
6:46 AM Changeset in webkit [244111] by Philippe Normand
  • 5 edits
    1 copy
    3 adds in trunk

there is no vp8 support in youtube.com/html5 page with libwebkit2gtk 2.24 (MSE enabled)
https://bugs.webkit.org/show_bug.cgi?id=196615

Reviewed by Xabier Rodriguez-Calvar.

Source/WebCore:

Add vp8.0 and vp9.0 in supported mime-types if the corresponding video decoders are found.

No new tests, existing web-platform-tests cover this change.

  • platform/graphics/gstreamer/GStreamerRegistryScanner.cpp:

(WebCore::GStreamerRegistryScanner::initialize):

LayoutTests:

Update WPE baselines and add/unskip the
imported/w3c/web-platform-tests/html/semantics/embedded-content/media-elements/mime-types/canPlayType.html test in GTK.

  • platform/gtk/TestExpectations:
  • platform/gtk/imported/w3c/web-platform-tests/html/semantics/embedded-content/media-elements/mime-types/canPlayType-expected.txt: Copied from LayoutTests/platform/wpe/imported/w3c/web-platform-tests/html/semantics/embedded-content/media-elements/mime-types/canPlayType-expected.txt.
  • platform/wpe/imported/w3c/web-platform-tests/html/semantics/embedded-content/media-elements/mime-types/canPlayType-expected.txt:
4:08 AM Changeset in webkit [244110] by Philippe Normand
  • 2 edits in trunk/Tools

Unreviewed. Fix WPE accessibility tests after r244059.

We are failing to load the injected bundle due to undefined symbol
AccessibilityUIElement::replaceTextInRange().

  • WebKitTestRunner/InjectedBundle/wpe/AccessibilityUIElementWPE.cpp:

(WTR::AccessibilityUIElement::replaceTextInRange):

2:16 AM WebKitGTK/2.24.x edited by Philippe Normand
(diff)
2:14 AM Changeset in webkit [244109] by Philippe Normand
  • 5 edits in trunk/Source/WebCore

[GStreamer] Adaptive streaming playback broken with GStreamer < 1.12
https://bugs.webkit.org/show_bug.cgi?id=196765

Reviewed by Xabier Rodriguez-Calvar.

Without the following patch in gst-plugins-bad, the uridownloader
doesn't relay need-context messages to its parent, so in our case
the player can't share its context with secondary webkitwebsrc
elements and a RELEASE_ASSERT is hit in the WebProcess.

So the workaround is to use again webkit+ protocol prefixes for
GStreamer versions older than 1.12.

https://gitlab.freedesktop.org/gstreamer/gst-plugins-bad/commit/8cf858fb27919e1d631223375f81b98055623733

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

(WebCore::convertToInternalProtocol):
(WebCore::MediaPlayerPrivateGStreamer::setPlaybinURL):
(WebCore::MediaPlayerPrivateGStreamer::loadFull):
(WebCore::MediaPlayerPrivateGStreamer::handleMessage):
(WebCore::MediaPlayerPrivateGStreamer::wouldTaintOrigin const):

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
  • platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:

(webKitWebSrcStart):
(webKitWebSrcGetProtocols):
(convertPlaybinURI):
(webKitWebSrcSetUri):
(CachedResourceStreamingClient::responseReceived):
(webKitSrcWouldTaintOrigin):

  • platform/graphics/gstreamer/WebKitWebSourceGStreamer.h:
1:55 AM Changeset in webkit [244108] by eocanha@igalia.com
  • 2 edits in trunk/Source/WTF

[WPE] Avoid async IO starving timers
https://bugs.webkit.org/show_bug.cgi?id=196733

Reviewed by Carlos Garcia Campos.

If AsyncIONetwork and DiskCacheRead priorities are higher than
MainThreadSharedTimer the timers get starved. This causes the NetworkProcess
to accumulate MB of data instead of handing it down to the WebProcess (done
using a Timer). This eventually causes an Out Of Memory kill on the
NetworkProcess on some embedded platforms with low memory limits.

This patch levels the three priorities to the same value, while still leaving
DiskCacheWrite with less priority than DiskCacheRead.

  • wtf/glib/RunLoopSourcePriority.h: Changed RunLoopSourcePriority values for WPE.
1:01 AM Changeset in webkit [244107] by Carlos Garcia Campos
  • 10 edits in trunk

[ATK] Defer the emision of AtkObject::children-changed signal after layout is done
https://bugs.webkit.org/show_bug.cgi?id=187948

Reviewed by Michael Catanzaro.

Source/WebCore:

The signal AtkObject::children-changed is emitted from AXObjectCache::attachWrapper() and
AXObjectCache::detachWrapper(). Both can be called in the middle of a layout, so we need to defer the emission
of the signal after the layout is done, to avoid other atk entry points from being called at that point, since
most of them update the backing store at the beginning.

Fixes: accessibility/children-changed-sends-notification.html

  • accessibility/AXObjectCache.cpp:

(WebCore::AXObjectCache::performDeferredCacheUpdate): Call platformPerformDeferredCacheUpdate().

  • accessibility/AXObjectCache.h:
  • accessibility/atk/AXObjectCacheAtk.cpp:

(WebCore::wrapperParent): Helper to get the AtkObject parent of a given WebKitAccessible.
(WebCore::AXObjectCache::detachWrapper): Add wrapper to m_deferredDetachedWrapperList.
(WebCore::AXObjectCache::attachWrapper): Add object to m_deferredAttachedWrapperObjectList.
(WebCore::AXObjectCache::platformPerformDeferredCacheUpdate): Emit AtkObject::children-changed::add for objects
in m_deferredAttachedWrapperObjectList and AtkObject::children-changed::remove for wrappers in m_deferredDetachedWrapperList.

  • accessibility/ios/AXObjectCacheIOS.mm:

(WebCore::AXObjectCache::platformPerformDeferredCacheUpdate):

  • accessibility/mac/AXObjectCacheMac.mm:

(WebCore::AXObjectCache::platformPerformDeferredCacheUpdate):

  • accessibility/win/AXObjectCacheWin.cpp:

(WebCore::AXObjectCache::platformPerformDeferredCacheUpdate):

  • accessibility/wpe/AXObjectCacheWPE.cpp:

(WebCore::AXObjectCache::platformPerformDeferredCacheUpdate):

LayoutTests:

Remove expectations of accessibility/children-changed-sends-notification.html that passes now.

  • platform/gtk/TestExpectations:
1:00 AM Changeset in webkit [244106] by commit-queue@webkit.org
  • 2 edits in trunk/Tools

[WinCairo][MiniBrowser] Pull down menu "Disable JavaScript" doesn't work.
https://bugs.webkit.org/show_bug.cgi?id=196727

Patch by Takashi Komori <Takashi.Komori@sony.com> on 2019-04-10
Reviewed by Fujii Hironori.

  • MiniBrowser/win/WebKitBrowserWindow.cpp:

(WebKitBrowserWindow::create):

12:59 AM Changeset in webkit [244105] by Carlos Garcia Campos
  • 5 edits in trunk

[ATK] Test accessibility/insert-children-assert.html is crashing since added in r216980
https://bugs.webkit.org/show_bug.cgi?id=172281
<rdar://problem/37030990>

Reviewed by Joanmarie Diggs.

Source/WebCore:

The crash happens because at some point the test tries to get the anonymous block text, getting the RenderText as
first child and RenderFullScreen as last child and the latter doesn't have a node. This is because in atk we do
things differently, we don't include the static text elements individually, but parent element uses
textUnderElement() to get all the pieces together. We can just turn the asserts into actual nullptr checks.

Fixes: accessibility/insert-children-assert.html

  • accessibility/AccessibilityRenderObject.cpp:

(WebCore::AccessibilityRenderObject::textUnderElement const):

LayoutTests:

Update the test to expect the whole content text on atk and remove the test expectations.

  • accessibility/insert-children-assert.html:
  • platform/gtk/TestExpectations:
12:22 AM Changeset in webkit [244104] by Diego Pino Garcia
  • 2 edits in trunk/Source/WebKit

Unreviewed, build fix for r244097

  • NetworkProcess/NetworkProcess.cpp:

(WebKit::NetworkProcess::actualPrepareToSuspend):
(WebKit::NetworkProcess::resume):
Added guards for ENABLE(SERVICE_WORKER)

Apr 9, 2019:

6:28 PM Changeset in webkit [244103] by don.olmstead@sony.com
  • 3 edits in trunk

[CMake] WEBKIT_COMPUTE_SOURCES should use the target's derived sources directory
https://bugs.webkit.org/show_bug.cgi?id=196741

Reviewed by Michael Catanzaro.

WEBKIT_COMPUTE_SOURCES is using ${DERIVED_SOURCES_DIR} directly. Instead it should
rely on the directory specified by the target.

  • Source/cmake/WebKitFS.cmake:

Add variables that can be expanded within CMake to the derived sources directory for
a target.

  • Source/cmake/WebKitMacros.cmake:

Use variable expansion rather than ${DERIVED_SOURCES_DIR} to determine the target's
derived sources directory.

6:06 PM Changeset in webkit [244102] by aakash_jain@apple.com
  • 2 edits in trunk/Tools

[ews-build] Add unit tests for PrintConfiguration
https://bugs.webkit.org/show_bug.cgi?id=196752

Reviewed by Dewei Zhu.

  • BuildSlaveSupport/ews-build/steps_unittest.py: Added unit-tests.
6:03 PM Changeset in webkit [244101] by wilander@apple.com
  • 1 edit
    2 adds in trunk/LayoutTests

Add Resource Load Statistics test case for Ping
https://bugs.webkit.org/show_bug.cgi?id=196748

Reviewed by Alex Christensen.

  • http/tests/resourceLoadStatistics/ping-to-prevalent-resource-expected.txt: Added.
  • http/tests/resourceLoadStatistics/ping-to-prevalent-resource.html: Added.
5:35 PM Changeset in webkit [244100] by Keith Rollin
  • 11 edits in trunk

Unreviewed build maintenance -- update .xcfilelists.

Source/JavaScriptCore:

  • DerivedSources-input.xcfilelist:

Source/WebCore:

  • DerivedSources-input.xcfilelist:
  • DerivedSources-output.xcfilelist:

Source/WebKit:

  • DerivedSources-input.xcfilelist:
  • DerivedSources-output.xcfilelist:

Tools:

  • DumpRenderTree/DerivedSources-input.xcfilelist:
  • DumpRenderTree/DerivedSources-output.xcfilelist:
4:56 PM Changeset in webkit [244099] by Megan Gardner
  • 2 edits in trunk/LayoutTests

Turn on editing test that should pass now
https://bugs.webkit.org/show_bug.cgi?id=196747
<rdar://problem/38779179>

Reviewed by Tim Horton.

Just turning on a test that needed to be turns off for a while due to compatibility changes
with the system.

  • platform/ios-wk2/TestExpectations:
4:42 PM Changeset in webkit [244098] by Alan Bujtas
  • 16 edits in trunk

[AutoSizing] Avoid making text paragraphs scroll horizontally when there is a wide table
https://bugs.webkit.org/show_bug.cgi?id=196743
<rdar://problem/43897551>

Reviewed by Tim Horton.

Source/WebCore:

This patch changes the auto size behavior by using fixed constraint (instead of a min/max pair) to compute the content height.
Now with the initial containing block width is firmly set to auto-sizing width, the overflow content will not stretch the ICB. Instead it overflows the ICB
and triggers scrolling the same way the non-auto-sizing mode does.

  • page/FrameView.cpp:

(WebCore::FrameView::autoSizeIfEnabled):
(WebCore::FrameView::enableAutoSizeMode):

  • page/FrameView.h:
  • testing/Internals.cpp:

(WebCore::Internals::enableAutoSizeMode):

  • testing/Internals.h:
  • testing/Internals.idl:

Source/WebKit:

  • WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:

(WebKit::WebFrameLoaderClient::transitionToCommittedForNewPage):

  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::setViewLayoutSize):

Tools:

  • TestWebKitAPI/Tests/WebKitCocoa/AutoLayoutIntegration.mm: expected behavior change.

(TEST):

LayoutTests:

  • css3/viewport-percentage-lengths/vh-auto-size-expected.html:
  • css3/viewport-percentage-lengths/vh-auto-size.html:
  • fast/dynamic/crash-subtree-layout-when-auto-size-enabled.html:
  • fast/dynamic/mail-autosize-viewport-unit.html:
4:37 PM Changeset in webkit [244097] by youenn@apple.com
  • 17 edits in trunk

Close service worker database on network process suspension
https://bugs.webkit.org/show_bug.cgi?id=196623
<rdar://problem/48930869>

Reviewed by Alex Christensen.

Source/WebCore:

Add suspend/resume support to SWServer.
On suspend, close the service worker database and stop pushing for changes.
On resume, push changes if needed.

  • workers/service/server/RegistrationDatabase.cpp:

(WebCore::RegistrationDatabase::close):

  • workers/service/server/RegistrationDatabase.h:

(WebCore::RegistrationDatabase::isClosed const): Deleted.

  • workers/service/server/RegistrationStore.cpp:

(WebCore::RegistrationStore::closeDatabase):

  • workers/service/server/RegistrationStore.cpp:

(WebCore::RegistrationStore::pushChangesToDatabase):
(WebCore::RegistrationStore::clearAll):
(WebCore::RegistrationStore::startSuspension):
(WebCore::RegistrationStore::endSuspension):

  • workers/service/server/RegistrationStore.h:
  • workers/service/server/SWServer.cpp:

(WebCore::SWServer::startSuspension):
(WebCore::SWServer::endSuspension):

  • workers/service/server/SWServer.h:

Source/WebKit:

Close service worker database when preparing to suspend.
On resume, push changes if any is needed.

  • NetworkProcess/NetworkProcess.cpp:

(WebKit::NetworkProcess::actualPrepareToSuspend):
(WebKit::NetworkProcess::cancelPrepareToSuspend):
(WebKit::NetworkProcess::processDidResume):

  • UIProcess/API/Cocoa/WKProcessPool.mm:

(-[WKProcessPool _sendNetworkProcessWillSuspendImminently]):
(-[WKProcessPool _sendNetworkProcessDidResume]):

  • UIProcess/API/Cocoa/WKProcessPoolPrivate.h:
  • UIProcess/Network/NetworkProcessProxy.h:
  • UIProcess/WebProcessPool.cpp:

(WebKit::WebProcessPool::sendNetworkProcessWillSuspendImminently):
(WebKit::WebProcessPool::sendNetworkProcessDidResume):

  • UIProcess/WebProcessPool.h:

Tools:

  • TestWebKitAPI/Tests/WebKitCocoa/ServiceWorkerBasic.mm:
2:45 PM Changeset in webkit [244096] by commit-queue@webkit.org
  • 17 edits
    2 adds in trunk

[iPad] Should open popover when the spacebar is pressed
https://bugs.webkit.org/show_bug.cgi?id=196360
<rdar://problem/49389129>

Patch by Daniel Bates <dabates@apple.com> on 2019-04-09
Reviewed by Brent Fulgham.

Source/WebKit:

Pressing the spacebar should open the popover for a focused popup button (e.g. <select>) on iOS
just like it does on the Mac.

For now, we keep the iPhone behavior of blurring the element when the Done button is pressed and
hence pressing spacebar does nothing (because there is no focused element).

  • UIProcess/ios/WKContentViewInteraction.h:
  • UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView accessoryOpen]): Added. Extracted the logic from -_elementDidFocus to scroll to
the focused element, update the accessory and then tell the accessory to begin editing.
(-[WKContentView _elementDidFocus:userIsInteracting:blurPreviousNode:changingActivityState:userObject:]):
Write in terms of -accessoryOpen.

  • UIProcess/ios/forms/WKFormPeripheralBase.mm:

(-[WKFormPeripheralBase handleKeyEvent:]): Interpret the spacebar when the peripheral is closed (!_editing)
and call -accessoryOpen to ultimately call back to this peripheral to tell it to begin editing,
which will cause the popover to appear again.

Tools:

Add testing infrastructure to support waiting for a popover to be presented or dismissed.

  • DumpRenderTree/ios/UIScriptControllerIOS.mm:

(WTR::UIScriptController::isShowingPopover const): Added.
(WTR::UIScriptController::platformSetWillPresentPopoverCallback): Added.
(WTR::UIScriptController::platformSetDidDismissPopoverCallback): Added.

  • TestRunnerShared/UIScriptContext/Bindings/UIScriptController.idl:
  • TestRunnerShared/UIScriptContext/UIScriptContext.h:
  • TestRunnerShared/UIScriptContext/UIScriptController.cpp:

(WTR::UIScriptController::setWillPresentPopoverCallback): Added.
(WTR::UIScriptController::willPresentPopoverCallback const): Added.
(WTR::UIScriptController::setDidDismissPopoverCallback): Added.
(WTR::UIScriptController::didDismissPopoverCallback const): Added.
(WTR::UIScriptController::isShowingPopover const): Added.
(WTR::UIScriptController::platformSetWillPresentPopoverCallback): Added.
(WTR::UIScriptController::platformSetDidDismissPopoverCallback): Added.

  • TestRunnerShared/UIScriptContext/UIScriptController.h:
  • WebKitTestRunner/cocoa/TestRunnerWKWebView.h:
  • WebKitTestRunner/cocoa/TestRunnerWKWebView.mm:

(-[TestRunnerWKWebView initWithFrame:configuration:]): Update some state.
(-[TestRunnerWKWebView resetInteractionCallbacks]): Ditto.
(-[TestRunnerWKWebView _willPresentPopover]): Added.
(-[TestRunnerWKWebView _didDismissPopover]): Added.

  • WebKitTestRunner/ios/UIScriptControllerIOS.mm:

(WTR::UIScriptController::isShowingPopover const): Added.
(WTR::UIScriptController::platformSetWillPresentPopoverCallback): Added.
(WTR::UIScriptController::platformSetDidDismissPopoverCallback): Added.

LayoutTests:

Add an iPad-specific test to ensure that pressing the spacebar opens the popover and scrolls
the form control into view.

  • fast/forms/ios/ipad/open-picker-using-keyboard-expected.txt: Added.
  • fast/forms/ios/ipad/open-picker-using-keyboard.html: Added.
  • platform/ios/TestExpectations: Skip tests in fast/forms/ios/ipad. We will unskip for iPad below.
  • platform/ipad/TestExpectations: Mark tests in fast/forms/ios/ipad as PASS so we run them.
  • resources/ui-helper.js:

(window.UIHelper.waitForPopoverToPresent):
(window.UIHelper.waitForPopoverToDismiss):

2:42 PM Changeset in webkit [244095] by Chris Dumez
  • 2 edits in trunk/Source/WebKit

Unreviewed, fix webkitpy failure after r244085.

Use a list instead of a set for header includes so that the order is
maintained.

  • Scripts/webkit/messages.py:
1:17 PM Changeset in webkit [244094] by youenn@apple.com
  • 15 edits in trunk/LayoutTests

Refresh WPT service worker expectations
https://bugs.webkit.org/show_bug.cgi?id=196732

Reviewed by Alex Christensen.

LayoutTests/imported/w3c:

  • web-platform-tests/service-workers/cache-storage/serviceworker/cache-abort.https-expected.txt:
  • web-platform-tests/service-workers/cache-storage/window/cache-abort.https-expected.txt:
  • web-platform-tests/service-workers/cache-storage/worker/cache-abort.https-expected.txt:
  • web-platform-tests/service-workers/service-worker/client-navigate.https-expected.txt:
  • web-platform-tests/service-workers/service-worker/clients-matchall-include-uncontrolled.https-expected.txt:
  • web-platform-tests/service-workers/service-worker/fetch-canvas-tainting-image-cache.https-expected.txt:
  • web-platform-tests/service-workers/service-worker/multipart-image.https-expected.txt:
  • web-platform-tests/service-workers/service-worker/navigation-redirect.https-expected.txt:
  • web-platform-tests/service-workers/service-worker/performance-timeline.https-expected.txt:
  • web-platform-tests/service-workers/service-worker/resource-timing.https-expected.txt:
  • web-platform-tests/service-workers/service-worker/respond-with-body-accessed-response.https-expected.txt:
  • web-platform-tests/service-workers/service-worker/sandboxed-iframe-fetch-event.https-expected.txt:
  • web-platform-tests/service-workers/service-worker/update-after-navigation-fetch-event.https-expected.txt:

LayoutTests:

1:03 PM Changeset in webkit [244093] by Justin Fan
  • 8 edits
    4 adds in trunk

[Web GPU] GPURenderPassEncoder updates: setBlendColor, setViewport, setScissorRect
https://bugs.webkit.org/show_bug.cgi?id=196719

Reviewed by Myles C. Maxfield.

Source/WebCore:

Implement setBlendColor, setViewport, and setScissorRect for GPURenderPassEncoder.

Tests: webgpu/viewport-scissor-rect-triangle-strip.html, webgpu/blend-color-triangle-strip.html

  • Modules/webgpu/WebGPURenderPassEncoder.cpp:

(WebCore::WebGPURenderPassEncoder::setBlendColor):
(WebCore::WebGPURenderPassEncoder::setViewport):
(WebCore::WebGPURenderPassEncoder::setScissorRect):

  • Modules/webgpu/WebGPURenderPassEncoder.h:
  • Modules/webgpu/WebGPURenderPassEncoder.idl:
  • platform/graphics/gpu/GPURenderPassEncoder.h:
  • platform/graphics/gpu/cocoa/GPURenderPassEncoderMetal.mm:

(WebCore::GPURenderPassEncoder::setBlendColor):
(WebCore::GPURenderPassEncoder::setViewport):
(WebCore::GPURenderPassEncoder::setScissorRect):

LayoutTests:

Add blend-color-triangle-strip to set and blend with a custom blend color on the renderpass encoder.
Add viewport-scissor-rect-triangle-strip to draw a checkerboard by restricting the drawing viewport or scissor rectangle.

  • webgpu/blend-color-triangle-strip.html: Added.
  • webgpu/js/webgpu-functions.js:

(beginBasicRenderPass):

  • webgpu/viewport-scissor-rect-triangle-strip-expected.html: Added.
  • webgpu/viewport-scissor-rect-triangle-strip.html: Added.
12:53 PM Changeset in webkit [244092] by aestes@apple.com
  • 8 edits in trunk/Source

[Apple Pay] Add release logging to PaymentCoordinator
https://bugs.webkit.org/show_bug.cgi?id=196738

Reviewed by Alex Christensen.

Source/WebCore:

When allowed, log interactions with PaymentCoordinator to os_log to help diagnose Apple Pay bugs.

The following information might be logged: names of functions called, merchant API versions,
boolean results of canMakePayments(), boolean results of beginPaymentSession(), whether
completePaymentSession() was called with a final state result, boolean results of
shouldAllowApplePay(), whether a document has evaluated user agent scripts or is running
user scripts, and whether a client supports unrestricted Apple Pay.

  • Modules/applepay/PaymentCoordinator.cpp:

(WebCore::PaymentCoordinator::supportsVersion const):
(WebCore::PaymentCoordinator::canMakePayments):
(WebCore::PaymentCoordinator::canMakePaymentsWithActiveCard):
(WebCore::PaymentCoordinator::openPaymentSetup):
(WebCore::PaymentCoordinator::beginPaymentSession):
(WebCore::PaymentCoordinator::completeMerchantValidation):
(WebCore::PaymentCoordinator::completeShippingMethodSelection):
(WebCore::PaymentCoordinator::completeShippingContactSelection):
(WebCore::PaymentCoordinator::completePaymentMethodSelection):
(WebCore::PaymentCoordinator::completePaymentSession):
(WebCore::PaymentCoordinator::abortPaymentSession):
(WebCore::PaymentCoordinator::cancelPaymentSession):
(WebCore::PaymentCoordinator::validateMerchant):
(WebCore::PaymentCoordinator::didAuthorizePayment):
(WebCore::PaymentCoordinator::didSelectPaymentMethod):
(WebCore::PaymentCoordinator::didSelectShippingMethod):
(WebCore::PaymentCoordinator::didSelectShippingContact):
(WebCore::PaymentCoordinator::didCancelPaymentSession):
(WebCore::PaymentCoordinator::shouldAllowApplePay const):
(WebCore::PaymentCoordinator::shouldAllowUserAgentScripts const):

  • Modules/applepay/PaymentCoordinatorClient.h:

(WebCore::PaymentCoordinatorClient::isAlwaysOnLoggingAllowed const):

  • platform/Logging.h:
  • testing/MockPaymentCoordinator.h:

Source/WebKit:

  • WebProcess/ApplePay/WebPaymentCoordinator.cpp:

(WebKit::WebPaymentCoordinator::isAlwaysOnLoggingAllowed const):

  • WebProcess/ApplePay/WebPaymentCoordinator.h:
12:37 PM Changeset in webkit [244091] by jer.noble@apple.com
  • 15 edits
    1 copy
    1 add in trunk/Source/WebKit

[Cocoa] Awaken UIProcess if WebContent process is awakened from suspensions unexpectedly.
https://bugs.webkit.org/show_bug.cgi?id=196659

Reviewed by Chris Dumez.

  • Platform/IPC/Connection.h:

(IPC::Connection::sendWithAsyncReply):

  • Platform/spi/ios/AssertionServicesSPI.h:
  • Shared/Cocoa/ProcessTaskStateObserver.h: Added.

(WebKit::ProcessTaskStateObserver::setClient):
(WebKit::ProcessTaskStateObserver::client):
(WebKit::ProcessTaskStateObserver::taskState const):

  • Shared/Cocoa/ProcessTaskStateObserver.mm: Added.

(-[WKProcessTaskStateObserverDelegate process:taskStateDidChange:]):
(WebKit::toProcessTaskStateObserverTaskState):
(WebKit::ProcessTaskStateObserver::ProcessTaskStateObserver):
(WebKit::ProcessTaskStateObserver::~ProcessTaskStateObserver):
(WebKit::ProcessTaskStateObserver::setTaskState):

  • UIProcess/Cocoa/WebProcessProxyCocoa.mm:

(WebKit::WebProcessProxy::processWasUnexpectedlyUnsuspended):

  • UIProcess/ProcessAssertion.h:
  • UIProcess/ProcessThrottler.cpp:

(WebKit::ProcessThrottler::updateAssertion):

  • UIProcess/ProcessThrottler.h:

(WebKit::ProcessThrottler::shouldBeRunnable const):

  • UIProcess/WebProcessProxy.h:
  • UIProcess/WebProcessProxy.messages.in:
  • UIProcess/ios/ProcessAssertionIOS.mm:

(WebKit::reasonForState):
(WebKit::toBKSProcessAssertionReason):
(WebKit::ProcessAssertion::ProcessAssertion):

  • WebKit.xcodeproj/project.pbxproj:
  • WebProcess/WebProcess.cpp:

(WebKit::WebProcess::actualPrepareToSuspend):
(WebKit::WebProcess::cancelPrepareToSuspend):
(WebKit::WebProcess::processDidResume):

  • WebProcess/WebProcess.h:
  • WebProcess/cocoa/WebProcessCocoa.mm:

(WebKit::WebProcess::processTaskStateDidChange):

12:32 PM Changeset in webkit [244090] by don.olmstead@sony.com
  • 7 edits in trunk

[CMake] WTF derived sources should only be referenced inside WTF
https://bugs.webkit.org/show_bug.cgi?id=196706

Reviewed by Konstantin Tokarev.

.:

  • Source/cmake/OptionsWinCairo.cmake:
  • Source/cmake/WebKitFS.cmake:

Source/WTF:

Use ${WTF_DERIVED_SOURCES_DIR} instead of ${DERIVED_SOURCES_DIR} within WTF.

  • wtf/CMakeLists.txt:
  • wtf/PlatformJSCOnly.cmake:
  • wtf/PlatformMac.cmake:
12:07 PM Changeset in webkit [244089] by commit-queue@webkit.org
  • 5 edits in trunk

Clicking "Go Back" from a safe browsing warning from an iframe should navigate the WKWebView back to the previous page
https://bugs.webkit.org/show_bug.cgi?id=196665
<rdar://45115669>

Patch by Alex Christensen <achristensen@webkit.org> on 2019-04-09
Reviewed by Geoff Garen.

Source/WebKit:

It is insufficient to just not navigate the subframe. We must leave the page that contained it.

  • UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView _showSafeBrowsingWarning:completionHandler:]):

  • UIProcess/Cocoa/WebViewImpl.mm:

(WebKit::WebViewImpl::showSafeBrowsingWarning):

Tools:

  • TestWebKitAPI/Tests/WebKitCocoa/SafeBrowsing.mm:

(goBack):
(+[SimpleLookupContext sharedLookupContext]):
(-[SimpleLookupContext lookUpURL:completionHandler:]):
(TEST):
(+[Simple3LookupContext sharedLookupContext]): Deleted.
(-[Simple3LookupContext lookUpURL:completionHandler:]): Deleted.

11:50 AM Changeset in webkit [244088] by Ross Kirsling
  • 50 edits in trunk/Source/JavaScriptCore

JSC should build successfully even with -DENABLE_UNIFIED_BUILDS=OFF
https://bugs.webkit.org/show_bug.cgi?id=193073

Reviewed by Keith Miller.

  • bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::emitEqualityOpImpl):
(JSC::BytecodeGenerator::emitEqualityOp): Deleted.

  • bytecompiler/BytecodeGenerator.h:

(JSC::BytecodeGenerator::emitEqualityOp):
Factor out the logic that uses the template parameter and keep it in the header.

  • jit/JITPropertyAccess.cpp:

List off the template specializations needed by JITOperations.cpp.
This is unfortunate but at least there are only two (x2) by definition?
Trying to do away with this incurs a severe domino effect...

  • API/JSValueRef.cpp:
  • b3/B3OptimizeAssociativeExpressionTrees.cpp:
  • b3/air/AirHandleCalleeSaves.cpp:
  • builtins/BuiltinNames.cpp:
  • bytecode/AccessCase.cpp:
  • bytecode/BytecodeIntrinsicRegistry.cpp:
  • bytecode/BytecodeIntrinsicRegistry.h:
  • bytecode/BytecodeRewriter.cpp:
  • bytecode/BytecodeUseDef.h:
  • bytecode/CodeBlock.cpp:
  • bytecode/InstanceOfAccessCase.cpp:
  • bytecode/MetadataTable.cpp:
  • bytecode/PolyProtoAccessChain.cpp:
  • bytecode/StructureSet.cpp:
  • bytecompiler/NodesCodegen.cpp:
  • dfg/DFGCFAPhase.cpp:
  • dfg/DFGPureValue.cpp:
  • heap/GCSegmentedArray.h:
  • heap/HeapInlines.h:
  • heap/IsoSubspace.cpp:
  • heap/LocalAllocator.cpp:
  • heap/LocalAllocator.h:
  • heap/LocalAllocatorInlines.h:
  • heap/MarkingConstraintSolver.cpp:
  • inspector/ScriptArguments.cpp:

(Inspector::ScriptArguments::isEqual const):

  • inspector/ScriptCallStackFactory.cpp:
  • interpreter/CallFrame.h:
  • interpreter/Interpreter.cpp:
  • interpreter/StackVisitor.cpp:
  • llint/LLIntEntrypoint.cpp:
  • runtime/ArrayIteratorPrototype.cpp:
  • runtime/BigIntPrototype.cpp:
  • runtime/CachedTypes.cpp:
  • runtime/ErrorType.cpp:
  • runtime/IndexingType.cpp:
  • runtime/JSCellInlines.h:
  • runtime/JSImmutableButterfly.h:
  • runtime/Operations.h:
  • runtime/RegExpCachedResult.cpp:
  • runtime/RegExpConstructor.cpp:
  • runtime/RegExpGlobalData.cpp:
  • runtime/StackFrame.h:
  • wasm/WasmSignature.cpp:
  • wasm/js/JSToWasm.cpp:
  • wasm/js/JSToWasmICCallee.cpp:
  • wasm/js/WebAssemblyFunction.h:

Fix includes / forward declarations (and a couple of nearby clang warnings).

11:45 AM Changeset in webkit [244087] by Devin Rousso
  • 2 edits in trunk/LayoutTests

Unreviewed, fix test failures after r239698.
<rdar://problem/47223615>

  • http/tests/inspector/network/resource-security-connection.html:

Security connection information is sent as part of the metrics, not the response.

11:19 AM Changeset in webkit [244086] by wilander@apple.com
  • 15 edits
    9 adds in trunk

Pick up Ad Click Attribution conversions in NetworkResourceLoader::willSendRedirectedRequest()
https://bugs.webkit.org/show_bug.cgi?id=196558
<rdar://problem/47650245>

Reviewed by Youenn Fablet.

Source/WebCore:

Tests: http/tests/adClickAttribution/attribution-conversion-through-cross-site-image-redirect.html

http/tests/adClickAttribution/attribution-conversion-through-image-redirect-with-priority.html
http/tests/adClickAttribution/attribution-conversion-through-image-redirect-without-priority.html

The existing API tests were expanded too.

  • html/HTMLAnchorElement.cpp:

(WebCore::HTMLAnchorElement::parseAdClickAttribution const):

Enhanced the use of AdClickAttribution::MaxEntropy.

  • loader/AdClickAttribution.cpp:

(WebCore::AdClickAttribution::parseConversionRequest):

New function to parse and validate URLs with a path starting with
/.well-known/ad-click-attribution/.

(WebCore::AdClickAttribution::toString const):

Added output for the conversion priority for testing purposes.

  • loader/AdClickAttribution.h:

(WebCore::AdClickAttribution::Campaign::isValid const):
(WebCore::AdClickAttribution::Conversion::isValid const):

Enhanced the use of AdClickAttribution::MaxEntropy.

Source/WebKit:

So called pixel requests have traditionally been used to send ad click
attribution data to click sources. The privacy implications of such
pixel requests are severe which is in part why browsers have started to
block cookies from being sent in such third-party requests.

To allow for a smooth transition to more privacy-friendly ad click
attribution, we should allow servers to make a redirect to
https://click-source.example/.well-known/ad-click-attribution/ to
trigger a so called conversion.

This patch checks for the well-known location in the path component of
the redirect URL. If the request indeed goes to the well-known location,
we parse the conversion data and send it to the storage in the network
session.

  • NetworkProcess/NetworkAdClickAttribution.cpp:

(WebKit::NetworkAdClickAttribution::convert):

Reporting function.

  • NetworkProcess/NetworkAdClickAttribution.h:
  • NetworkProcess/NetworkResourceLoader.cpp:

(WebKit::NetworkResourceLoader::willSendRedirectedRequest):

Now checks for the well-known location through a call to
WebCore::AdClickAttribution::parseConversionRequest().

  • NetworkProcess/NetworkSession.cpp:

(WebKit::NetworkSession::convertAdClickAttribution):

Piping to WebKit::NetworkAdClickAttribution::convert().

  • NetworkProcess/NetworkSession.h:

Tools:

  • TestWebKitAPI/Tests/WebCore/AdClickAttribution.cpp:

(TestWebKitAPI::TEST):

Added tests of WebCore::AdClickAttribution::parseConversionRequest().

LayoutTests:

  • http/tests/adClickAttribution/anchor-tag-attributes-validation-expected.txt:

Enhanced the use of AdClickAttribution::MaxEntropy.

  • http/tests/adClickAttribution/attribution-conversion-through-cross-site-image-redirect-expected.txt: Added.
  • http/tests/adClickAttribution/attribution-conversion-through-cross-site-image-redirect.html: Added.
  • http/tests/adClickAttribution/attribution-conversion-through-image-redirect-with-priority-expected.txt: Added.
  • http/tests/adClickAttribution/attribution-conversion-through-image-redirect-with-priority.html: Added.
  • http/tests/adClickAttribution/attribution-conversion-through-image-redirect-without-priority-expected.txt: Added.
  • http/tests/adClickAttribution/attribution-conversion-through-image-redirect-without-priority.html: Added.
  • http/tests/adClickAttribution/resources/redirectToConversion.php: Added.
  • http/tests/adClickAttribution/resources/redirectToConversionOnIPAddress.php: Added.
  • platform/ios-wk2/http/tests/adClickAttribution/anchor-tag-attributes-validation-expected.txt:

Enhanced the use of AdClickAttribution::MaxEntropy.

11:08 AM Changeset in webkit [244085] by Chris Dumez
  • 18 edits in trunk/Source

[iOS] WebContent processes should be marked as "Foreground Running" when their view is visible
https://bugs.webkit.org/show_bug.cgi?id=196695
<rdar://problem/48073787>

Reviewed by Tim Horton.

In order for WebContent processes to get marked as "Foreground Running" when their view
is visible on iOS, we now construct a _UILayerHostView in the UIProcess and add it as
a subview of the WKContentView. The _UILayerHostView's visibility target is the
WebContent process currently associated with the view.

  • Platform/spi/ios/UIKitSPI.h:
  • UIProcess/PageClient.h:

(WebKit::PageClient::didCreateContextForVisibilityPropagation):

  • UIProcess/WebPageProxy.h:
  • UIProcess/WebProcessProxy.h:

(WebKit::WebProcessProxy::contextIDForVisibilityPropagation):

  • UIProcess/WebProcessProxy.messages.in:
  • UIProcess/ios/PageClientImplIOS.h:
  • UIProcess/ios/PageClientImplIOS.mm:

(WebKit::PageClientImpl::didCreateContextForVisibilityPropagation):

  • UIProcess/ios/WKContentView.h:
  • UIProcess/ios/WKContentView.mm:

(-[WKContentView _commonInitializationWithProcessPool:configuration:]):
(-[WKContentView _setupVisibilityPropagationView]):
(-[WKContentView _processDidExit]):
(-[WKContentView _didRelaunchProcess]):
(-[WKContentView _processDidCreateContextForVisibilityPropagation]):

  • UIProcess/ios/WebPageProxyIOS.mm:

(WebKit::WebPageProxy::didCreateContextForVisibilityPropagation):

  • UIProcess/ios/WebProcessProxyIOS.mm:

(WebKit::WebProcessProxy::didCreateContextForVisibilityPropagation):

  • WebProcess/WebProcess.h:
  • WebProcess/cocoa/WebProcessCocoa.mm:

(WebKit::WebProcess::platformInitializeWebProcess):

11:07 AM Changeset in webkit [244084] by Shawn Roberts
  • 2 edits in trunk/LayoutTests

inspector/canvas/css-canvas-clients.html is a flaky failure
https://bugs.webkit.org/show_bug.cgi?id=174272

Unreviewed test gardening

  • platform/mac/TestExpectations: Updating expectations to unskip test and just mark as a flaky failure
11:04 AM Changeset in webkit [244083] by Shawn Roberts
  • 2 edits in trunk/LayoutTests

inspector/console/console-time.html is a flaky failure
https://bugs.webkit.org/show_bug.cgi?id=158006

Unreviewed test gardening.

  • platform/mac/TestExpectations: Updating expecations for flaky failure
10:50 AM Changeset in webkit [244082] by graouts@webkit.org
  • 2 edits in trunk/LayoutTests

[ Mac ] REGRESSION (r237587) Layout Test compositing/visible-rect/animated-from-none.html is flaky text diff failure
https://bugs.webkit.org/show_bug.cgi?id=194798
<rdar://problem/48181898>

Reviewed by Dean Jackson.

When using the Web Animations engine, the best way to run code as an animation start is to use the "ready" promise, whereas
DOM events are dispatched asynchronously and, in the case of this test, might have an animation progress that is greater
than 0 and yield an animated transform that isn't quite the identity matrix.

  • compositing/visible-rect/animated-from-none.html:
9:57 AM Changeset in webkit [244081] by don.olmstead@sony.com
  • 14 edits in trunk

[CMake] Apple builds should use ICU_INCLUDE_DIRS
https://bugs.webkit.org/show_bug.cgi?id=196720

Reviewed by Konstantin Tokarev.

.:

The Apple platform is using ${DERIVED_SOURCES_WTF_DIR} for hosting the ICU headers.
Instead it should stage the headers into ${ICU_INCLUDE_DIRS} so no special handling
is needed.

  • Source/cmake/OptionsJSCOnly.cmake:
  • Source/cmake/OptionsMac.cmake:

Source/JavaScriptCore:

  • PlatformMac.cmake:

Source/WebCore:

  • PlatformMac.cmake:

Source/WebCore/PAL:

  • pal/PlatformMac.cmake:

Source/WTF:

Copy ICU headers for Apple builds into ICU_INCLUDE_DIRS.

  • CMakeLists.txt:
  • wtf/PlatformMac.cmake:

Tools:

  • TestWebKitAPI/PlatformMac.cmake:
9:14 AM Changeset in webkit [244080] by Jonathan Bedard
  • 5 edits in trunk/Tools

iOS 12 Simulator Release WK2 frequently timing out while running layout tests
https://bugs.webkit.org/show_bug.cgi?id=196694
<rdar://problem/48388734>

Rubber-stamped by Aakash Jain.

  • Scripts/webkitpy/port/image_diff.py:

(ImageDiffer.diff_image): If the ImageDiff process has data, kill it before running again.

  • Scripts/webkitpy/port/server_process.py:

(ServerProcess.has_available_stdout): Check if stdout has data in it.
(ServerProcess._wait_for_data_and_update_buffers_using_select):
(ServerProcess._wait_for_data_and_update_buffers_using_win32_apis):

  • Scripts/webkitpy/port/server_process_mock.py:

(MockServerProcess.has_available_stdout):

  • Scripts/webkitpy/port/server_process_unittest.py:

(TestServerProcess.serial_test_basic):

9:06 AM Changeset in webkit [244079] by sbarati@apple.com
  • 16 edits
    1 add in trunk

Clean up Int52 code and some bugs in it
https://bugs.webkit.org/show_bug.cgi?id=196639
<rdar://problem/49515757>

Reviewed by Yusuke Suzuki.

JSTests:

  • stress/spec-any-int-as-double-produces-any-int52-from-int52-rep.js: Added.

Source/JavaScriptCore:

This patch fixes bugs in our Int52 code. The primary change in this patch is
adopting a segregated type lattice for Int52. Previously, for Int52 values,
we represented them with SpecInt32Only and SpecInt52Only. For an Int52,
SpecInt32Only meant that the value is in int32 range. And SpecInt52Only meant
that the is outside of the int32 range.

However, this got confusing because we reused SpecInt32Only both for JSValue
representations and Int52 representations. This actually lead to some bugs.

  1. It's possible that roundtripping through Int52 representation would say

it produces the wrong type. For example, consider this program and how we
used to annotate types in AI:
a: JSConstant(10.0) => m_type is SpecAnyIntAsDouble
b: Int52Rep(@a) => m_type is SpecInt52Only
c: ValueRep(@b) => m_type is SpecAnyIntAsDouble

In AI, for the above program, we'd say that @c produces SpecAnyIntAsDouble.
However, the execution semantics are such that it'd actually produce a boxed
Int32. This patch fixes the bug where we'd say that Int52Rep over SpecAnyIntAsDouble
would produce SpecInt52Only. This is clearly wrong, as SpecAnyIntAsDouble can
mean an int value in either int32 or int52 range.

  1. AsbstractValue::validateTypeAcceptingBoxedInt52 was wrong in how it

accepted Int52 values. It was wrong in two different ways:
a: If the AbstractValue's type was SpecInt52Only, and the incoming value
was a boxed double, but represented a value in int32 range, the incoming
value would incorrectly validate as being acceptable. However, we should
have rejected this value.
b: If the AbstractValue's type was SpecInt32Only, and the incoming value
was an Int32 boxed in a double, this would not validate, even though
it should have validated.

Solving 2 was easiest if we segregated out the Int52 type into its own
lattice. This patch makes a new Int52 lattice, which is composed of
SpecInt32AsInt52 and SpecNonInt32AsInt52.

The conversion rules are now really simple.

Int52 rep => JSValue rep
SpecInt32AsInt52 => SpecInt32Only
SpecNonInt32AsInt52 => SpecAnyIntAsDouble

JSValue rep => Int52 rep
SpecInt32Only => SpecInt32AsInt52
SpecAnyIntAsDouble => SpecInt52Any

With these rules, the program in (1) will now correctly report that @c
returns SpecInt32Only | SpecAnyIntAsDouble.

  • bytecode/SpeculatedType.cpp:

(JSC::dumpSpeculation):
(JSC::speculationToAbbreviatedString):
(JSC::int52AwareSpeculationFromValue):
(JSC::leastUpperBoundOfStrictlyEquivalentSpeculations):
(JSC::speculationFromString):

  • bytecode/SpeculatedType.h:

(JSC::isInt32SpeculationForArithmetic):
(JSC::isInt32OrBooleanSpeculationForArithmetic):
(JSC::isAnyInt52Speculation):
(JSC::isIntAnyFormat):
(JSC::isInt52Speculation): Deleted.
(JSC::isAnyIntSpeculation): Deleted.

  • dfg/DFGAbstractInterpreterInlines.h:

(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):

  • dfg/DFGAbstractValue.cpp:

(JSC::DFG::AbstractValue::fixTypeForRepresentation):
(JSC::DFG::AbstractValue::checkConsistency const):

  • dfg/DFGAbstractValue.h:

(JSC::DFG::AbstractValue::isInt52Any const):
(JSC::DFG::AbstractValue::validateTypeAcceptingBoxedInt52 const):

  • dfg/DFGFixupPhase.cpp:

(JSC::DFG::FixupPhase::fixupArithMul):
(JSC::DFG::FixupPhase::fixupNode):
(JSC::DFG::FixupPhase::fixupGetPrototypeOf):
(JSC::DFG::FixupPhase::fixupToThis):
(JSC::DFG::FixupPhase::fixupToStringOrCallStringConstructor):
(JSC::DFG::FixupPhase::observeUseKindOnNode):
(JSC::DFG::FixupPhase::fixIntConvertingEdge):
(JSC::DFG::FixupPhase::attemptToMakeIntegerAdd):
(JSC::DFG::FixupPhase::fixupCompareStrictEqAndSameValue):
(JSC::DFG::FixupPhase::fixupChecksInBlock):

  • dfg/DFGGraph.h:

(JSC::DFG::Graph::addShouldSpeculateInt52):
(JSC::DFG::Graph::binaryArithShouldSpeculateInt52):
(JSC::DFG::Graph::unaryArithShouldSpeculateInt52):
(JSC::DFG::Graph::addShouldSpeculateAnyInt): Deleted.
(JSC::DFG::Graph::binaryArithShouldSpeculateAnyInt): Deleted.
(JSC::DFG::Graph::unaryArithShouldSpeculateAnyInt): Deleted.

  • dfg/DFGNode.h:

(JSC::DFG::Node::shouldSpeculateInt52):
(JSC::DFG::Node::shouldSpeculateAnyInt): Deleted.

  • dfg/DFGPredictionPropagationPhase.cpp:
  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::setIntTypedArrayLoadResult):
(JSC::DFG::SpeculativeJIT::compileArithAdd):
(JSC::DFG::SpeculativeJIT::compileArithSub):
(JSC::DFG::SpeculativeJIT::compileArithNegate):

  • dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::fillSpeculateInt32Internal):
(JSC::DFG::SpeculativeJIT::fillSpeculateInt52):

  • dfg/DFGUseKind.h:

(JSC::DFG::typeFilterFor):

  • dfg/DFGVariableAccessData.cpp:

(JSC::DFG::VariableAccessData::makePredictionForDoubleFormat):
(JSC::DFG::VariableAccessData::couldRepresentInt52Impl):

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileArithAddOrSub):
(JSC::FTL::DFG::LowerDFGToB3::compileArithNegate):
(JSC::FTL::DFG::LowerDFGToB3::setIntTypedArrayLoadResult):

8:57 AM Changeset in webkit [244078] by jer.noble@apple.com
  • 21 edits
    3 adds in trunk

Source/WebCore:
Test for: 196095 Inband Text Track cues interspersed with Data cues can display out of order.
https://bugs.webkit.org/show_bug.cgi?id=196097

Reviewed by Eric Carlson.

Test: media/track/track-in-band-metadata-display-order.html

Add a method in Internals to create a TextTrackCueGeneric (which can normally only be created
by parsing an in-band media track). This requires adding IDL for TextTrackCueGeneric, and exporting
TextTrackCueGeneric for testing.

Drive-by fixes:

Add runtime logging to MediaControlTextTrackContainerElement. This necessitates modifying the
parentMediaElement() method to take a const Node*, and const_cast that constness away in order to return
a HTMLMediaElement*

TextTrackCue, VTTCue, TextTrackCueGeneric, and DataCue should all use the WTF TypeCasts macros to
enable use of is<> and downcast<>.

  • Source/WebCore/CMakeLists.txt:
  • DerivedSources-input.xcfilelist:
  • DerivedSources-output.xcfilelist:
  • DerivedSources.make:
  • WebCore.xcodeproj/project.pbxproj:
  • Sources.txt:
  • html/shadow/MediaControlElementTypes.cpp:

(WebCore::parentMediaElement):

  • html/shadow/MediaControlElementTypes.h:
  • html/shadow/MediaControlElements.cpp:

(WebCore::MediaControlTextTrackContainerElement::updateDisplay):
(WebCore::MediaControlTextTrackContainerElement::logger const):
(WebCore::MediaControlTextTrackContainerElement::logIdentifier const):
(WebCore::MediaControlTextTrackContainerElement::logChannel const):

  • html/shadow/MediaControlElements.h:
  • html/track/DataCue.h:

(isType):

  • html/track/TextTrackCueGeneric.h:

(isType):

  • html/track/TextTrackCueGeneric.idl: Added.
  • html/track/VTTCue.h:

(isType):

  • testing/Internals.cpp:

(WebCore::Internals::createGenericCue):

  • testing/Internals.h:
  • testing/Internals.idl:

Tools:
Test for: 196095 Inband Text Track cues interspersed with Data cues can display out of order.
https://bugs.webkit.org/show_bug.cgi?id=196097

Reviewed by Eric Carlson.

Drive-by bug fix: allow tests to play audio without a user gesture by default.

  • DumpRenderTree/mac/DumpRenderTree.mm:

(resetWebPreferencesToConsistentValues):

  • WebKitTestRunner/TestController.cpp:

(WTR::TestController::resetPreferencesToConsistentValues):

LayoutTests:
Add test for fix of #196095
https://bugs.webkit.org/show_bug.cgi?id=196097

Reviewed by Eric Carlson.

  • media/track/track-in-band-metadata-display-order-expected.txt: Added.
  • media/track/track-in-band-metadata-display-order.html: Added.
8:56 AM Changeset in webkit [244077] by sihui_liu@apple.com
  • 11 edits in trunk/Source

Remove unnecessary network process assertion for IDB close
https://bugs.webkit.org/show_bug.cgi?id=196693

Reviewed by Geoffrey Garen.

Source/WebCore:

We already took assertion at WebCore::SQLiteDatabase::close.

  • Modules/indexeddb/server/IDBServer.cpp:

(WebCore::IDBServer::IDBServer::create):
(WebCore::IDBServer::IDBServer::IDBServer):
(WebCore::IDBServer::m_quotaManagerGetter): Deleted.
(WebCore::IDBServer::IDBServer::closeDatabase): Deleted.
(WebCore::IDBServer::IDBServer::didCloseDatabase): Deleted.

  • Modules/indexeddb/server/IDBServer.h:

(WebCore::IDBServer::IDBServer::create): Deleted.

  • Modules/indexeddb/server/UniqueIDBDatabase.cpp:

(WebCore::IDBServer::UniqueIDBDatabase::performCurrentDeleteOperation):
(WebCore::IDBServer::UniqueIDBDatabase::scheduleShutdownForClose):
(WebCore::IDBServer::UniqueIDBDatabase::didShutdownForClose):
(WebCore::IDBServer::UniqueIDBDatabase::didDeleteBackingStore):
(WebCore::IDBServer::UniqueIDBDatabase::immediateCloseForUserDelete):
(WebCore::IDBServer::UniqueIDBDatabase::notifyServerAboutClose): Deleted.

  • Modules/indexeddb/server/UniqueIDBDatabase.h:

Source/WebKit:

  • NetworkProcess/NetworkProcess.cpp:

(WebKit::NetworkProcess::createIDBServer):
(WebKit::NetworkProcess::notifyHoldingLockedFiles): Deleted.

  • NetworkProcess/NetworkProcess.h:
  • UIProcess/Network/NetworkProcessProxy.cpp:

(WebKit::NetworkProcessProxy::didClose):
(WebKit::NetworkProcessProxy::setIsIDBDatabaseHoldingLockedFiles): Deleted.

  • UIProcess/Network/NetworkProcessProxy.h:
  • UIProcess/Network/NetworkProcessProxy.messages.in:
8:43 AM Changeset in webkit [244076] by commit-queue@webkit.org
  • 4 edits in trunk/Tools

[JSCOnly] Add an i386 JSCOnly EWS that runs tests
https://bugs.webkit.org/show_bug.cgi?id=196690

Patch by Pablo Saavedra <Pablo Saavedra> on 2019-04-09
Reviewed by Michael Catanzaro.

  • QueueStatusServer/config/queues.py:
  • Scripts/webkitpy/common/config/ews.json:
  • Scripts/webkitpy/tool/commands/earlywarningsystem_unittest.py:

(test_ews_name):

7:20 AM Changeset in webkit [244075] by Chris Dumez
  • 7 edits in trunk

Loads using loadHTMLString() cause flashing when process-swapping
https://bugs.webkit.org/show_bug.cgi?id=196714
<rdar://problem/49637354>

Reviewed by Antti Koivisto.

Source/WebKit:

Our logic to decide if we should construct a SuspendedPageProxy on process-swap was assuming
a SuspendedPageProxy is only useful for PageCache and would therefore not create one if PageCache
is disabled or if there is no associated WebBackForwardListItem. However, constructing a
SuspendedPageProxy is also useful to prevent flashing when process-swapping as we need to keep
displaying the layer of the previous process until there is something meaningful to show in the
new process.

This patch makes it so that we now construct a SuspendedPageProxy on process-swap, even if
PageCache is disabled or if there is no associated WebBackForwardListItem. The process in
question will not be useful for PageCache but it will avoid flashing. The SuspendedPageProxy's
process may also get used for future navigations to the same site (as demonstrated by the
API test) which is beneficial for performance.

  • UIProcess/SuspendedPageProxy.cpp:

(WebKit::SuspendedPageProxy::SuspendedPageProxy):

  • UIProcess/SuspendedPageProxy.h:
  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::suspendCurrentPageIfPossible):

  • UIProcess/WebProcessPool.cpp:

(WebKit::WebProcessPool::findReusableSuspendedPageProcess):

Tools:

Add API test coverage.

  • TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:
3:21 AM Changeset in webkit [244074] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebCore

Initialize trackTypeAsString for call to GST_INFO_OBJECT() in TrackType::Text
https://bugs.webkit.org/show_bug.cgi?id=196350

Patch by Eike Rathke <erack@redhat.com> on 2019-04-09
Reviewed by Xabier Rodriguez-Calvar.

trackTypeAsString was uninitialized in the
TrackPrivateBaseGStreamer::TrackType::Text case when calling
GST_INFO_OBJECT().

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

(WebCore::MediaPlayerPrivateGStreamer::enableTrack):

2:48 AM Changeset in webkit [244073] by Carlos Garcia Campos
  • 2 edits in trunk/Tools

Unreviewed. Fix ATK accessibility tests after r244059.

We are failing to load the injected bundle due to undefined symbol
AccessibilityUIElement::replaceTextInRange().

  • WebKitTestRunner/InjectedBundle/atk/AccessibilityUIElementAtk.cpp:

(WTR::AccessibilityUIElement::replaceTextInRange):

2:01 AM Changeset in webkit [244072] by Carlos Garcia Campos
  • 4 edits in trunk/Source/WebCore

[ATK] Cleanup WebKitAccessibleHyperlink
https://bugs.webkit.org/show_bug.cgi?id=196602

Reviewed by Michael Catanzaro.

Cleanups:

  • Rename webkitAccessibleHyperlinkNew() as webkitAccessibleHyperlinkGetOrCreate() and move the code to get/set the object data here.
  • Use WEBKIT_DEFINE_TYPE instead of custom type registration. This ensures that all CStrings used in private struct are no longer leaked.
  • Remove all confusing core() functions and simply use webkitAccessibleGetAccessibilityObject().
  • Use nullptr instead of 0 and other coding style issues.
  • accessibility/atk/WebKitAccessibleHyperlink.cpp:

(webkitAccessibleHyperlinkActionDoAction):
(webkitAccessibleHyperlinkActionGetNActions):
(webkitAccessibleHyperlinkActionGetDescription):
(webkitAccessibleHyperlinkActionGetKeybinding):
(webkitAccessibleHyperlinkActionGetName):
(atk_action_interface_init):
(webkitAccessibleHyperlinkGetURI):
(webkitAccessibleHyperlinkGetObject):
(rangeLengthForObject):
(webkitAccessibleHyperlinkGetStartIndex):
(webkitAccessibleHyperlinkGetEndIndex):
(webkitAccessibleHyperlinkIsValid):
(webkitAccessibleHyperlinkGetNAnchors):
(webkitAccessibleHyperlinkIsSelectedLink):
(webkitAccessibleHyperlinkGetProperty):
(webkitAccessibleHyperlinkSetProperty):
(webkit_accessible_hyperlink_class_init):
(webkitAccessibleHyperlinkGetOrCreate):
(core): Deleted.
(atkActionInterfaceInit): Deleted.
(getRangeLengthForObject): Deleted.
(webkitAccessibleHyperlinkFinalize): Deleted.
(webkitAccessibleHyperlinkClassInit): Deleted.
(webkitAccessibleHyperlinkInit): Deleted.
(webkitAccessibleHyperlinkGetType): Deleted.
(webkitAccessibleHyperlinkNew): Deleted.
(webkitAccessibleHyperlinkGetAccessibilityObject): Deleted.

  • accessibility/atk/WebKitAccessibleHyperlink.h:
  • accessibility/atk/WebKitAccessibleInterfaceHyperlinkImpl.cpp:

(webkitAccessibleHyperlinkImplGetHyperlink):
(webkitAccessibleHyperlinkImplInterfaceInit):

1:41 AM Changeset in webkit [244071] by Carlos Garcia Campos
  • 1 copy in releases/WebKitGTK/webkit-2.24.1

WebKitGTK 2.24.1

1:41 AM Changeset in webkit [244070] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.24

Unreviewed. Update OptionsGTK.cmake and NEWS for 2.24.1 release

.:

  • Source/cmake/OptionsGTK.cmake: Bump version numbers.

Source/WebKit:

  • gtk/NEWS: Add release notes for 2.24.1.
12:54 AM Changeset in webkit [244069] by Tadeu Zagallo
  • 3 edits
    1 add in trunk
ASSERTION FAILED: !scope.exception()
!hasProperty in JSObject::get

https://bugs.webkit.org/show_bug.cgi?id=196708
<rdar://problem/49556803>

Reviewed by Yusuke Suzuki.

JSTests:

  • stress/proxy-getter-stack-overflow.js: Added.

(const.handler.get target):
(const.handler.has):
(try.with):
(catch):

Source/JavaScriptCore:

operationPutToScope needs to return early if an exception is thrown while
checking if hasProperty.

  • jit/JITOperations.cpp:

Apr 8, 2019:

11:23 PM Changeset in webkit [244068] by Simon Fraser
  • 3 edits in trunk/Source/WebCore

Remove some iOS #ifdefs around sticky-related code
https://bugs.webkit.org/show_bug.cgi?id=196726

Reviewed by Zalan Bujtas.

Now that async overflow scrolling can be enabled on macOS, RenderLayerCompositor::isAsyncScrollableStickyLayer()
should not have iOS-only code.

The answer to the FIXME in RenderLayerCompositor::computeStickyViewportConstraints is obvious: composited
overflow:scroll can be the container for sticky. The assertion can be removed.

  • rendering/RenderLayer.cpp: Fix spacing in some logging.

(WebCore::outputPaintOrderTreeRecursive):

  • rendering/RenderLayerCompositor.cpp:

(WebCore::RenderLayerCompositor::isAsyncScrollableStickyLayer const):
(WebCore::RenderLayerCompositor::computeStickyViewportConstraints const):

9:31 PM BuildingCairoOnWindows edited by Fujii Hironori
(diff)
9:30 PM BuildingCairoOnWindows edited by Fujii Hironori
(diff)
9:18 PM BuildingCairoOnWindows edited by Fujii Hironori
(diff)
9:18 PM BuildingCairoOnWindows edited by Fujii Hironori
(diff)
8:23 PM Changeset in webkit [244067] by ysuzuki@apple.com
  • 12 edits
    2 adds in trunk

[JSC] DFG should respect node's strict flag
https://bugs.webkit.org/show_bug.cgi?id=196617

Reviewed by Saam Barati.

JSTests:

  • stress/put-by-val-direct-should-respect-strict-mode-of-inlining-codeblock.js: Added.

(shouldEqual):
(makeUnwriteableUnconfigurableObject):
(runTest):

  • stress/put-dynamic-var-strict-and-sloppy.js: Added.

(shouldBe):
(shouldThrow):
(with.result):
(with.putValueStrict):
(with.putValueSloppy):

Source/JavaScriptCore:

We accidentally use codeBlock->isStrictMode() directly in DFG and FTL. But this is wrong since this CodeBlock is the top level DFG/FTL CodeBlock,
and this code does not respect the isStrictMode flag for the inlined CodeBlocks. In this patch, we start using isStrictModeFor(CodeOrigin) consistently
in DFG and FTL to get the right isStrictMode flag for the DFG node.
And we also split compilePutDynamicVar into compilePutDynamicVarStrict and compilePutDynamicVarNonStrict since (1) it is cleaner than accessing inlined
callframe in the operation function, and (2) it is aligned to the other functions like operationPutByValDirectNonStrict etc.
This bug is discovered by RandomizingFuzzerAgent by expanding the DFG coverage.

  • dfg/DFGAbstractInterpreterInlines.h:

(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):

  • dfg/DFGConstantFoldingPhase.cpp:

(JSC::DFG::ConstantFoldingPhase::foldConstants):

  • dfg/DFGFixupPhase.cpp:

(JSC::DFG::FixupPhase::fixupToThis):

  • dfg/DFGOperations.cpp:
  • dfg/DFGOperations.h:
  • dfg/DFGPredictionPropagationPhase.cpp:
  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compileDoublePutByVal):
(JSC::DFG::SpeculativeJIT::compilePutByValForIntTypedArray):
(JSC::DFG::SpeculativeJIT::compilePutDynamicVar):
(JSC::DFG::SpeculativeJIT::compileToThis):

  • dfg/DFGSpeculativeJIT32_64.cpp:

(JSC::DFG::SpeculativeJIT::compileContiguousPutByVal):
(JSC::DFG::SpeculativeJIT::compile):

  • dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compilePutByVal):
(JSC::FTL::DFG::LowerDFGToB3::compilePutDynamicVar):

6:54 PM Changeset in webkit [244066] by Fujii Hironori
  • 2 edits in trunk/Tools

AX: Support API: accessibilityReplaceRange:withText
https://bugs.webkit.org/show_bug.cgi?id=196636

Unreviewed build fix for Windows port.

  • WebKitTestRunner/InjectedBundle/win/AccessibilityUIElementWin.cpp:

(WTR::AccessibilityUIElement::replaceTextInRange): Added.

6:38 PM Changeset in webkit [244065] by don.olmstead@sony.com
  • 25 edits in trunk

[CMake][WinCairo] Separate copied headers into different directories
https://bugs.webkit.org/show_bug.cgi?id=196655

Reviewed by Michael Catanzaro.

.:

Add variables for the paths to copied framework headers. This is done to be
explicit rather than relying on ${FORWARDING_HEADERS_DIR}.

Currently all ports but WinCairo will default to ${FORWARDING_HEADERS_DIR}.
WinCairo overrides them to provide a directory structure that looks more
like what happens in an XCode build. This is meant as an intermediate step
towards making all CMake ports behave like this.

  • Source/cmake/OptionsWinCairo.cmake:
  • Source/cmake/WebKitFS.cmake:
  • Source/cmake/WebKitMacros.cmake:

Source/JavaScriptCore:

  • CMakeLists.txt:
  • shell/PlatformWin.cmake:

Source/WebCore:

  • CMakeLists.txt:
  • PlatformWin.cmake:

Source/WebCore/PAL:

  • pal/CMakeLists.txt:

Source/WebKit:

  • CMakeLists.txt:
  • PlatformWin.cmake:

Source/WebKitLegacy:

  • CMakeLists.txt:
  • PlatformWin.cmake:

Source/WTF:

  • wtf/CMakeLists.txt:

Tools:

  • DumpRenderTree/CMakeLists.txt:
  • MiniBrowser/win/CMakeLists.txt:
  • TestWebKitAPI/CMakeLists.txt:
  • TestWebKitAPI/PlatformWin.cmake:
6:32 PM Changeset in webkit [244064] by Jonathan Bedard
  • 2 edits
    1 add in trunk/Tools

Log stack-trace for run-webkit-tests when interrupted
https://bugs.webkit.org/show_bug.cgi?id=176393
<rdar://problem/34262310>

Reviewed by Lucas Forschler.

  • Scripts/webkitpy/common/interrupt_debugging.py: Added.

(log_stack_trace): Given a Python frame object, log a stack trace to the provided file.
(StackTraceFileContext): Context which allows stack-traces to be printed to stderr or to a file.
(log_stack_trace_on_term): Attach a listener to SIGTERM so that a stack-trace can be logged when a program is terminated.
(log_stack_trace_on_ctrl_c): Attach a listener to SIGINT so that a stack-trace can be logged when a program is CTRL+Ced.

  • Scripts/webkitpy/layout_tests/run_webkit_tests.py:

(main): Set handlers to log stack trace on interruption.

6:31 PM Changeset in webkit [244063] by Matt Baker
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: Elements tab: Classes toggle should use accent color on hover
https://bugs.webkit.org/show_bug.cgi?id=196266

Reviewed by Devin Rousso.

  • UserInterface/Views/GeneralStyleDetailsSidebarPanel.css:

(.sidebar > .panel.details.css-style > .content ~ .options-container > .toggle-class-toggle):
(.sidebar > .panel.details.css-style > .content ~ .options-container > .toggle-class-toggle::before):
(.sidebar > .panel.details.css-style > .content ~ .options-container > .toggle-class-toggle:matches(.selected, :hover)):
(.sidebar > .panel.details.css-style > .content ~ .options-container > .toggle-class-toggle:matches(.selected, :hover)::before):
(.sidebar > .panel.details.css-style > .content ~ .options-container > .toggle-class-toggle:not(.selected):hover::before):
(.sidebar > .panel.details.css-style > .content ~ .options-container > .toggle-class-toggle.selected:active::before):
(.sidebar > .panel.details.css-style > .content ~ .options-container > .toggle-class-toggle.selected): Deleted.
(.sidebar > .panel.details.css-style > .content ~ .options-container > .toggle-class-toggle:not(.selected):hover): Deleted.

6:26 PM Changeset in webkit [244062] by Fujii Hironori
  • 2 edits in trunk/Tools

AX: Support API: accessibilityReplaceRange:withText
https://bugs.webkit.org/show_bug.cgi?id=196636

Unreviewed build fix for Windows port.

  • DumpRenderTree/AccessibilityUIElement.cpp:

(AccessibilityUIElement::replaceTextInRange): Changed the return value type from void to bool.

5:58 PM Changeset in webkit [244061] by Chris Fleizach
  • 11 edits
    4 adds in trunk

AX: Automatically compute accessibility labels for Apple Pay buttons
https://bugs.webkit.org/show_bug.cgi?id=196661

Reviewed by Joanmarie Diggs.

Source/WebCore:

Detect Apple Pay buttons and return a standard role and label for them based on their type.

Test: accessibility/mac/apple-pay-labels.html

accessibility/mac/apple-pay-session-v4.html

  • accessibility/AccessibilityNodeObject.cpp:

(WebCore::AccessibilityNodeObject::isControl const):

  • accessibility/AccessibilityNodeObject.h:
  • accessibility/AccessibilityRenderObject.cpp:

(WebCore::AccessibilityRenderObject::applePayButtonDescription const):
(WebCore::AccessibilityRenderObject::titleElementText const):
(WebCore::AccessibilityRenderObject::determineAccessibilityRole):
(WebCore::AccessibilityRenderObject::isApplePayButton const):
(WebCore::AccessibilityRenderObject::applePayButtonType const):

  • accessibility/AccessibilityRenderObject.h:
  • en.lproj/Localizable.strings:
  • platform/LocalizedStrings.cpp:

(WebCore::AXApplePayPlainLabel):
(WebCore::AXApplePayBuyLabel):
(WebCore::AXApplePaySetupLabel):
(WebCore::AXApplePayDonateLabel):
(WebCore::AXApplePayCheckOutLabel):
(WebCore::AXApplePayBookLabel):
(WebCore::AXApplePaySubscribeLabel):

  • platform/LocalizedStrings.h:

LayoutTests:

  • accessibility/mac/apple-pay-labels-expected.txt: Added.
  • accessibility/mac/apple-pay-labels.html: Added.
  • accessibility/mac/apple-pay-session-v4-expected.txt: Added.
  • accessibility/mac/apple-pay-session-v4.html: Added.
5:42 PM Changeset in webkit [244060] by aakash_jain@apple.com
  • 2 edits in trunk/Tools

[ews-build] Scripts using Buildbot API have CORS error
https://bugs.webkit.org/show_bug.cgi?id=196709

Reviewed by Alexey Proskuryakov.

  • BuildSlaveSupport/ews-build/master.cfg: Set allowed_origins appropriately.
5:39 PM Changeset in webkit [244059] by Chris Fleizach
  • 14 edits
    2 adds in trunk

AX: Support API: accessibilityReplaceRange:withText
https://bugs.webkit.org/show_bug.cgi?id=196636

Reviewed by Daniel Bates.

Source/WebCore:

Support this platform API on mac to provide a way to replace a range of editable text.

Test: accessibility/mac/replace-text-with-range.html

  • accessibility/AccessibilityObject.cpp:

(WebCore::AccessibilityObject::replaceTextInRange):

  • accessibility/AccessibilityObject.h:
  • accessibility/mac/AccessibilityObjectBase.mm:

(WebCore::PlainTextRange::PlainTextRange):

  • accessibility/mac/WebAccessibilityObjectWrapperMac.mm:

(-[WebAccessibilityObjectWrapper accessibilityReplaceRange:withText:]):

Tools:

  • DumpRenderTree/AccessibilityUIElement.cpp:

(replaceTextInRangeCallback):
(AccessibilityUIElement::replaceTextInRange):
(AccessibilityUIElement::getJSClass):

  • DumpRenderTree/AccessibilityUIElement.h:
  • DumpRenderTree/ios/AccessibilityUIElementIOS.mm:

(AccessibilityUIElement::replaceTextInRange):

  • DumpRenderTree/mac/AccessibilityUIElementMac.mm:

(AccessibilityUIElement::replaceTextInRange):

  • WebKitTestRunner/InjectedBundle/AccessibilityUIElement.h:
  • WebKitTestRunner/InjectedBundle/Bindings/AccessibilityUIElement.idl:
  • WebKitTestRunner/InjectedBundle/ios/AccessibilityUIElementIOS.mm:

(WTR::AccessibilityUIElement::replaceTextInRange):

  • WebKitTestRunner/InjectedBundle/mac/AccessibilityUIElementMac.mm:

(WTR::AccessibilityUIElement::replaceTextInRange):

5:00 PM Changeset in webkit [244058] by ysuzuki@apple.com
  • 3 edits
    1 add in trunk

[JSC] isRope jump in StringSlice should not jump over register allocations
https://bugs.webkit.org/show_bug.cgi?id=196716

Reviewed by Saam Barati.

JSTests:

  • stress/is-rope-check-in-string-slice-should-not-jump-over-register-allocations.js: Added.

(foo.bar):
(foo):

Source/JavaScriptCore:

Jumping over the register allocation code in DFG (like the following) is wrong.

auto jump = m_jit.branchXXX();
{

GPRTemporary reg(this);
GPRReg regGPR = reg.gpr();
...

}
jump.link(&m_jit);

When GPRTemporary::gpr allocates a new register, it can flush the previous register value into the stack and make the register usable.
Jumping over this register allocation code skips the flushing code, and makes the DFG's stack and register content tracking inconsistent:
DFG thinks that the content is flushed and stored in particular stack slot even while this flushing code is skipped.
In this patch, we perform register allocations before jumping to the slow path based on isRope condition in StringSlice.

  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compileStringSlice):

4:33 PM Changeset in webkit [244057] by ysuzuki@apple.com
  • 3 edits
    1 add in trunk

[JSC] to_index_string should not assume incoming value is Uint32
https://bugs.webkit.org/show_bug.cgi?id=196713

Reviewed by Saam Barati.

JSTests:

  • stress/to-index-string-should-not-assume-incoming-value-is-uint32.js: Added.

(foo):

Source/JavaScriptCore:

The slow path of to_index_string assumes that incoming value is Uint32. But we should not have
this assumption since DFG may decide we should have it double format. This patch removes this
assumption, and instead, we should assume that incoming value is AnyInt and the range of this
is within Uint32.

  • runtime/CommonSlowPaths.cpp:

(JSC::SLOW_PATH_DECL):

3:49 PM Changeset in webkit [244056] by Wenson Hsieh
  • 14 edits in trunk

[iOS] Do not allow starting selection drags when selection views are not visible
https://bugs.webkit.org/show_bug.cgi?id=196686
<rdar://problem/49399192>

Reviewed by Tim Horton.

Source/WebCore:

See WebKit ChangeLog for more details.

Tests: DragAndDropTests.CanDragImageWhenNotFirstResponder

DragAndDropTests.DoNotPerformSelectionDragWhenNotFirstResponder

  • page/DragController.cpp:

(WebCore::DragController::draggableElement const):

Make this respect the case where m_dragSourceAction does not include DragSourceActionSelection. All the other
drag source types are currently consulted in this method, with the exception of DragSourceActionSelection.

Source/WebKit:

Currently, on iOS, it's possible to start dragging selected text in a web view even if the selection itself is
not visible. This can happen if the user selects some text, focuses a native text field, and then long presses
the previously selected text. This is because the text is still selected in the document since we don't clear
the selection when resigning first responder on iOS, despite the fact that the native selection view is no
longer present.

To fix this, we add plumbing to specify the set of allowed drag source actions when requesting drag start; this
set of allowed drag source actions only includes DragSourceActionSelection if the selection view can be visible
(i.e. the content view is first responder, and isn't suppressing text interactions). We then update WebPage's
allowed drag source actions with this given set of actions, while sending "dragstart" to the page.

  • UIProcess/WebPageProxy.h:
  • UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView hasSelectablePositionAtPoint:]):
(-[WKContentView textInteractionGesture:shouldBeginAtPoint:]):

Only bail out of text selection in text that is already selected if the web view allows dragging text selections
(i.e. the web view is first responder, and is not suppressing text interactions).

(-[WKContentView _allowedDragSourceActions]):
(-[WKContentView _dragInteraction:itemsForAddingToSession:withTouchAtPoint:completion:]):
(-[WKContentView _dragInteraction:prepareForSession:completion:]):

Pass the set of allowed drag source actions when requesting a drag start or adding items to an existing session.

  • UIProcess/ios/WebPageProxyIOS.mm:

(WebKit::WebPageProxy::requestDragStart):
(WebKit::WebPageProxy::requestAdditionalItemsForDragSession):

Plumb the allowed drag source actions from the UI process (WKContentView) over to the web process (WebPage).

  • WebProcess/WebCoreSupport/WebDragClient.cpp:

(WebKit::WebDragClient::dragSourceActionMaskForPoint):

Instead of always returning Any, consult WebPage's allowed drag source actions.

  • WebProcess/WebPage/WebPage.h:

(WebKit::WebPage::allowedDragSourceActions const):

  • WebProcess/WebPage/WebPage.messages.in:
  • WebProcess/WebPage/ios/WebPageIOS.mm:

(WebKit::WebPage::requestDragStart):
(WebKit::WebPage::requestAdditionalItemsForDragSession):

Set WebPage's allowed drag source actions to the given set of actions when sending a drag start to the page.

Tools:

Adjust some existing API tests to make the web view become first responder before trying to begin dragging, and
also add some new API tests to cover scenarios where the web view is not first responder.

  • TestWebKitAPI/Tests/ios/DragAndDropTestsIOS.mm:

(TestWebKitAPI::TEST):

  • TestWebKitAPI/cocoa/DragAndDropSimulator.h:

Add a switch to optionally make the web view first responder when starting the simulated drag.

  • TestWebKitAPI/ios/DragAndDropSimulatorIOS.mm:

(-[DragAndDropSimulator initWithWebView:]):
(-[DragAndDropSimulator runFrom:to:additionalItemRequestLocations:]):

3:45 PM Changeset in webkit [244055] by Alan Coon
  • 7 edits in tags/Safari-608.1.15.1/Source

Versioning.

3:29 PM Changeset in webkit [244054] by youenn@apple.com
  • 7 edits
    1 copy in trunk

Add a test to check for the service worker process name
https://bugs.webkit.org/show_bug.cgi?id=196621

Reviewed by Chris Dumez.

Source/WebCore:

Add a service worker internal API to get process name.
Covered by updated test.

  • WebCore.xcodeproj/project.pbxproj:
  • testing/ServiceWorkerInternals.cpp:

(WebCore::ServiceWorkerInternals::processName const):

  • testing/ServiceWorkerInternals.h:
  • testing/ServiceWorkerInternals.idl:
  • testing/ServiceWorkerInternals.mm: Added.

LayoutTests:

  • http/wpt/service-workers/online-worker.js:

(async.doTest):

3:26 PM Changeset in webkit [244053] by Alan Coon
  • 7 edits in branches/safari-607-branch/Source

Versioning.

3:26 PM Changeset in webkit [244052] by ysuzuki@apple.com
  • 2 edits in trunk/Source/WebCore

Unreviewed, speculative fix for build failure in old macOS after r243887
https://bugs.webkit.org/show_bug.cgi?id=196475

  • dom/NodeList.h:
3:25 PM Changeset in webkit [244051] by Alan Coon
  • 1 copy in tags/Safari-608.1.15.1

New tag.

3:11 PM Changeset in webkit [244050] by Justin Fan
  • 19 edits in trunk

[Web GPU] Fix Web GPU experimental feature on iOS
https://bugs.webkit.org/show_bug.cgi?id=196632

Reviewed by Myles C. Maxfield.

Source/JavaScriptCore:

Properly make Web GPU available on iOS 11+.

  • Configurations/FeatureDefines.xcconfig:
  • Configurations/WebKitTargetConditionals.xcconfig:

Source/ThirdParty/libwebrtc:

Add conditionals for iOS 11.

  • Configurations/WebKitTargetConditionals.xcconfig:

Source/WebCore:

Add feature conditionals for iOS 11.
Properly make Web GPU available on iOS 11+.

  • Configurations/FeatureDefines.xcconfig:
  • Configurations/WebKitTargetConditionals.xcconfig:

Source/WebCore/PAL:

Add feature conditionals for iOS 11.
Properly make Web GPU available on iOS 11+.

  • Configurations/FeatureDefines.xcconfig:
  • Configurations/WebKitTargetConditionals.xcconfig:

Source/WebKit:

Add feature conditionals for iOS 11.
Properly make Web GPU available on iOS 11+.

  • Configurations/FeatureDefines.xcconfig:
  • Configurations/WebKitTargetConditionals.xcconfig:

Source/WebKitLegacy/mac:

Add feature conditionals for iOS 11.
Properly make Web GPU available on iOS 11+.

  • Configurations/FeatureDefines.xcconfig:
  • Configurations/WebKitTargetConditionals.xcconfig:

Tools:

Properly make Web GPU available on iOS 11+.

  • TestWebKitAPI/Configurations/FeatureDefines.xcconfig:
3:01 PM Changeset in webkit [244049] by ysuzuki@apple.com
  • 1 edit
    1 add in trunk/JSTests

[JSC] Add more tests for r243966
https://bugs.webkit.org/show_bug.cgi?id=196711

Reviewed by Saam Barati.

Adding one more test for r243966 fix. The added test will not crash after r243966.

  • stress/stress-cleared-calllinkinfo.js: Added.

(runNearStackLimit.t):
(runNearStackLimit):
(repeat):
(cls):
(let.item.of.array.runNearStackLimit):

2:42 PM Changeset in webkit [244048] by achristensen@apple.com
  • 2 edits in trunk/Source/WebKit

Fix selector name after r243834
https://bugs.webkit.org/show_bug.cgi?id=196549

  • NetworkProcess/cocoa/NetworkSessionCocoa.mm:

(WebKit::NetworkSessionCocoa::NetworkSessionCocoa):
I forgot the colon in the setter's name.

2:41 PM Changeset in webkit [244047] by Shawn Roberts
  • 2 edits in trunk/LayoutTests

fast/parser/xml-error-adopted.xml is a flaky timeout
https://bugs.webkit.org/show_bug.cgi?id=186581

Unreviewed test gardening.

  • platform/ios-simulator-wk2/TestExpectations:
2:31 PM Changeset in webkit [244046] by timothy@apple.com
  • 2 edits in trunk/Source/WebCore

Unreviewed build fix for iOSMac after r243893.
https://bugs.webkit.org/show_bug.cgi?id=196707

  • dom/Element.cpp:

(WebCore::parentCrossingFrameBoundaries): Remove ENABLE(POINTER_EVENTS) since computedTouchActions()
no longer uses parentCrossingFrameBoundaries().

2:29 PM Changeset in webkit [244045] by Shawn Roberts
  • 2 edits in trunk/LayoutTests

Fixed a typo on a test expectation
https://bugs.webkit.org/show_bug.cgi?id=187391

Unreviewed test gardening.

  • platform/mac-wk2/TestExpectations: Updating test expectations
1:57 PM Changeset in webkit [244044] by Ross Kirsling
  • 2 edits in trunk/Source/JavaScriptCore

-f[no-]var-tracking-assignments is GCC-only
https://bugs.webkit.org/show_bug.cgi?id=196699

Reviewed by Don Olmstead.

  • CMakeLists.txt:

Just remove the build flag altogether -- it supposedly doesn't solve the problem it was meant to
and said problem evidently no longer occurs as of GCC 9.

1:51 PM Changeset in webkit [244043] by youenn@apple.com
  • 5 edits in trunk/Source/WebCore

Lazily construct Navigator serviceWorker
https://bugs.webkit.org/show_bug.cgi?id=196692

Reviewed by Chris Dumez.

Make NavigatorBase a ContextDestructionObserver.
This allows to get the navigator script execution context.
Use it when creating the navigator ServiceWorkerContainer object.
For GC, introduce serviceWorkerIfAny which returns the container if created.
No JS observable change of behavior.
Covered by existing tests.

  • bindings/js/JSNavigatorCustom.cpp:

(WebCore::JSNavigator::visitAdditionalChildren):

  • bindings/js/JSWorkerNavigatorCustom.cpp:

(WebCore::JSWorkerNavigator::visitAdditionalChildren):

  • page/NavigatorBase.cpp:

(WebCore::NavigatorBase::NavigatorBase):
(WebCore::NavigatorBase::serviceWorkerIfAny):
(WebCore::NavigatorBase::serviceWorker):

  • page/NavigatorBase.h:
1:50 PM Changeset in webkit [244042] by Antti Koivisto
  • 3 edits in trunk/Source/WebKit

Compute touch actions for touch point from remote layer tree regions
https://bugs.webkit.org/show_bug.cgi?id=196701

Reviewed by Simon Fraser.

Add a function for finding the right layer and getting the touch actions in UI process side.

The code is not used yet.

  • UIProcess/RemoteLayerTree/ios/RemoteLayerTreeViews.h:
  • UIProcess/RemoteLayerTree/ios/RemoteLayerTreeViews.mm:

(WebKit::touchActionsForPoint):

Use the same code as overlap hit testing for collecting the candidate layers for the touch point,
taking event regions into account.
Return the touch actions from the deepest event sensitive layer hit.

(-[UIView _web_findDescendantViewAtPoint:withEvent:]):

Modernize.

1:48 PM Changeset in webkit [244041] by Shawn Roberts
  • 2 edits in trunk/LayoutTests

inspector/canvas/css-canvas-clients.html is a constant timeout/failure
https://bugs.webkit.org/show_bug.cgi?id=174272

Unreviewed test gardening.

  • platform/mac/TestExpectations: Updating test expectations to skip test
1:46 PM Changeset in webkit [244040] by sbarati@apple.com
  • 4 edits
    1 add in trunk

WebAssembly.RuntimeError missing exception check
https://bugs.webkit.org/show_bug.cgi?id=196700
<rdar://problem/49693932>

Reviewed by Yusuke Suzuki.

JSTests:

  • wasm/js-api/runtime-error-should-exception-check.js: Added.

Source/JavaScriptCore:

  • wasm/js/JSWebAssemblyRuntimeError.h:
  • wasm/js/WebAssemblyRuntimeErrorConstructor.cpp:

(JSC::constructJSWebAssemblyRuntimeError):

1:46 PM Changeset in webkit [244039] by Devin Rousso
  • 5 edits in trunk/Source/WebInspectorUI

Web Inspector: REGRESSION: Audit: default audits aren't added when an existing audit is present
https://bugs.webkit.org/show_bug.cgi?id=196663
<rdar://problem/49660757>

Reviewed by Timothy Hatcher.

Rather than have a button that allows the user to re-add the default audits, prevent them
from being deletable in the first place. "Deleting" a default audit will instead mark it as
disabled (and beep if it is already disabled).

  • UserInterface/Controllers/AuditManager.js:

(WI.AuditManager.prototype.loadStoredTests):
(WI.AuditManager.prototype.removeTest):
(WI.AuditManager.prototype._addDefaultTests): Added.
(WI.AuditManager.prototype.addDefaultTestsIfNeeded): Deleted.

  • UserInterface/Views/AuditNavigationSidebarPanel.js:

(WI.AuditNavigationSidebarPanel.prototype._addTest):
(WI.AuditNavigationSidebarPanel.prototype._updateStartStopButtonNavigationItemState):
(WI.AuditNavigationSidebarPanel.prototype._updateNoAuditsPlaceholder):
(WI.AuditNavigationSidebarPanel.prototype._handleAuditTestRemoved):

  • UserInterface/Views/AuditNavigationSidebarPanel.css:

(.sidebar > .panel.navigation.audit.has-results > .content > .message-text-view.no-enabled-audits): Added.
(.sidebar > .panel.navigation.audit.has-results:not(.has-tests) > .content > .message-text-view): Deleted.
(.sidebar > .panel.navigation.audit.has-results:not(.has-tests) > .content > .message-text-view > .message): Deleted.
(.sidebar > .panel.navigation.audit.has-results:not(.has-tests) > .content > .message-text-view > button): Deleted.

  • Localizations/en.lproj/localizedStrings.js:
1:43 PM Changeset in webkit [244038] by ysuzuki@apple.com
  • 10 edits
    2 adds in trunk

Unreviewed, rolling in r243948 with test fix
https://bugs.webkit.org/show_bug.cgi?id=196486

JSTests:

  • stress/arrow-function-and-use-strict-directive.js: Added.
  • stress/arrow-function-syntax.js: Added.

(checkSyntax):
(checkSyntaxError):

Source/JavaScriptCore:

  • parser/ASTBuilder.h:

(JSC::ASTBuilder::createString):

  • parser/Lexer.cpp:

(JSC::Lexer<T>::parseMultilineComment):
(JSC::Lexer<T>::lexWithoutClearingLineTerminator):
(JSC::Lexer<T>::lex): Deleted.

  • parser/Lexer.h:

(JSC::Lexer::hasLineTerminatorBeforeToken const):
(JSC::Lexer::setHasLineTerminatorBeforeToken):
(JSC::Lexer<T>::lex):
(JSC::Lexer::prevTerminator const): Deleted.
(JSC::Lexer::setTerminator): Deleted.

  • parser/Parser.cpp:

(JSC::Parser<LexerType>::allowAutomaticSemicolon):
(JSC::Parser<LexerType>::parseSingleFunction):
(JSC::Parser<LexerType>::parseStatementListItem):
(JSC::Parser<LexerType>::maybeParseAsyncFunctionDeclarationStatement):
(JSC::Parser<LexerType>::parseFunctionInfo):
(JSC::Parser<LexerType>::parseClass):
(JSC::Parser<LexerType>::parseExportDeclaration):
(JSC::Parser<LexerType>::parseAssignmentExpression):
(JSC::Parser<LexerType>::parseYieldExpression):
(JSC::Parser<LexerType>::parseProperty):
(JSC::Parser<LexerType>::parsePrimaryExpression):
(JSC::Parser<LexerType>::parseMemberExpression):

  • parser/Parser.h:

(JSC::Parser::nextWithoutClearingLineTerminator):
(JSC::Parser::lexCurrentTokenAgainUnderCurrentContext):
(JSC::Parser::internalSaveLexerState):
(JSC::Parser::restoreLexerState):

LayoutTests:

The test relied on the wrong EOF token's offset. This patch also fixes the test.

  • inspector/runtime/parse-expected.txt:
  • inspector/runtime/parse.html:
1:32 PM Changeset in webkit [244037] by Antti Koivisto
  • 6 edits
    2 adds in trunk

Update touch-action region on property changes
https://bugs.webkit.org/show_bug.cgi?id=196608

Reviewed by Simon Fraser.

Source/WebCore:

Test: pointerevents/ios/touch-action-region-dynamic.html

  • rendering/EventRegion.cpp:

(WebCore::EventRegion::touchActionsForPoint const):

Correctly return 'auto' when nothing is found from the regions (this code is not used yet).

  • rendering/RenderElement.cpp:

(WebCore::RenderElement::styleWillChange):

React to 'touch-action' property changes, similarly to 'pointer-events'.

  • rendering/RenderLayer.cpp:

(WebCore::RenderLayer::invalidateEventRegion):

Test if need to invalidate.

  • rendering/RenderLayerBacking.cpp:

(WebCore::RenderLayerBacking::setContentsNeedDisplay):
(WebCore::RenderLayerBacking::setContentsNeedDisplayInRect):

Call invalidateEventRegion explicitly instead of relying on compositing update. This ensures
that we update the top level event region correctly when we have touch-actions.

LayoutTests:

  • pointerevents/ios/touch-action-region-dynamic-expected.txt: Added.
  • pointerevents/ios/touch-action-region-dynamic.html: Added.
1:31 PM Changeset in webkit [244036] by jfernandez@igalia.com
  • 20 edits
    6 adds in trunk

Implement white-space:break-spaces value
https://bugs.webkit.org/show_bug.cgi?id=177327

Reviewed by Myles Maxfield and Zalan Bujtas.

LayoutTests/imported/w3c:

Imoprted a few aditional tests from the CSS Text WPT suite that are relevant for this change.

  • web-platform-tests/css/css-text/overflow-wrap/overflow-wrap-break-word-008-expected.html: Added.
  • web-platform-tests/css/css-text/overflow-wrap/overflow-wrap-break-word-008.html: Added.
  • web-platform-tests/css/css-text/overflow-wrap/w3c-import.log:
  • web-platform-tests/css/css-text/parsing/white-space-valid-expected.txt:
  • web-platform-tests/css/css-text/white-space/break-spaces-003-expected.html: Added.
  • web-platform-tests/css/css-text/white-space/break-spaces-003.html: Added.
  • web-platform-tests/css/css-text/white-space/break-spaces-009-expected.html: Added.
  • web-platform-tests/css/css-text/white-space/break-spaces-009.html: Added.
  • web-platform-tests/css/css-text/white-space/w3c-import.log:

Source/WebCore:

Finally the CSS WG decided [1] to move back the 'break-spaces' value to
the 'white-space' property. This makes the parsing logic easier than
the previous approach of using the 'overflow-wrap' property.

This new value prevents the white-space sequence to collapse and gives
breaking opportunities after every preserved white-space.

https://drafts.csswg.org/css-text-3/#valdef-white-space-break-spaces

Additionally, unlike 'pre-wrap', non-collapsible spaces or tabs at the
end of a line cannot be hung or visually collapsed, since we want them
to be preserved and broken.

[1] https://github.com/w3c/csswg-drafts/pull/2841

Tests: imported/w3c/web-platform-tests/css/css-text/overflow-wrap/overflow-wrap-break-word-008.html

imported/w3c/web-platform-tests/css/css-text/white-space/break-spaces-003.html
imported/w3c/web-platform-tests/css/css-text/white-space/break-spaces-009.html

  • css/CSSPrimitiveValueMappings.h:

(WebCore::CSSPrimitiveValue::CSSPrimitiveValue): New mapping for CSSVaueBreakSpaces.
(WebCore::CSSPrimitiveValue::operator WhiteSpace const): New value BreakSpaces for the Whitespace enum.

  • css/CSSProperties.json: new 'break-spaces' value for the 'white-space' property.
  • css/CSSValueKeywords.in: new break-spaces keyword
  • css/parser/CSSParserFastPaths.cpp:

(WebCore::CSSParserFastPaths::isValidKeywordPropertyAndValue):

  • rendering/SimpleLineLayout.cpp: The SimpleLineLayut codepath must handle properly the new behavior of preserved whitespaces.

(WebCore::SimpleLineLayout::LineState::hasTrailingWhitespace const): Require that m_trailingWhitespaceWidth being greater than zero.
(WebCore::SimpleLineLayout::LineState::hasWhitespaceFragments const): New function to detect former whitespae fragments that could be breaking opportunities.
(WebCore::SimpleLineLayout::removeTrailingWhitespace): The 'break-spaces' feature forbids to remove any trailing whitespace.
(WebCore::SimpleLineLayout::firstFragment): We have now leading whitespace sequences comming from the previous line.
(WebCore::SimpleLineLayout::createLineRuns): We should revert some breaking opportunities if others were formerly found in the line.

  • rendering/SimpleLineLayoutTextFragmentIterator.cpp:

(WebCore::SimpleLineLayout::TextFragmentIterator::Style::Style): New style fields to determine whether the break-space feature is being used. Also split out the break-all and breal-all values.

  • rendering/SimpleLineLayoutTextFragmentIterator.h:
  • rendering/line/BreakingContext.h: Different codepath but similar changes to properly handle the new behavior of preserved whitespace.

(WebCore::BreakingContext::BreakingContext): New class field to determine whether there are some whitespace that may prevent the word ot be broken.
(WebCore::BreakingContext::handleText): New line-breaking logic to implement the break-spaces behavior.
(WebCore::BreakingContext::trailingSpacesHang): Cases where the preserved breakspaces should hand or overflow.

  • rendering/style/RenderStyle.h:

(WebCore::RenderStyle::collapseWhiteSpace): With break-spaces collapsing whitespaces is not allowed.
(WebCore::RenderStyle::breakOnlyAfterWhiteSpace const): Add the WhiteSpace::BreakSpaces to this group.

  • rendering/style/RenderStyleConstants.h: A new constan added.

LayoutTests:

Removed many failure expectations of tests that pass now thanks to this change.

The overflow-wrap-break-word-003.html tests fails in mac and iOS platforms due to an issue related to
how we compute widths using 'ch' units and 'monospace' fonts. I filed bug #196169 to report the specific
case of this test (break-word+pre-wrap) but the root cause it's probably the bug #196353.

I have submitted a PR [1] to the Web Platform Tests to change several tests that failed only if the
monospace font is used, but pass with the Ahem font. Additionally, I've requested another PR [2] to
add new layout tests, with the same case than overflow-wrap-break-word-003.html but using the Ahem
font.

[1] https://github.com/web-platform-tests/wpt/pull/16137
[2] https://github.com/web-platform-tests/wpt/pull/16124

  • TestExpectations: Removed many Failure entries on tests that pass now thanks to this change.
  • platform/mac/TestExpectations: Added one Failure entry and filed the corresponding bug report.
1:24 PM Changeset in webkit [244035] by Brent Fulgham
  • 2 edits in trunk/Source/WebKit

Make HSTS list handling more robust against unexpected content
https://bugs.webkit.org/show_bug.cgi?id=196552
<rdar://problem/43403817>

Reviewed by Chris Dumez.

Crash logs indicate we sometimes encounter null key values during processing.
This patch adds some debug assertions to catch this in test environments, and
allows the code to skip the bad entries if encountered.

It also avoids calling CFDictionaryApplyFunction when the HSTS policies returned
by _CFNetworkCopyHSTSPolicies is nullptr, which is a possible return value.

  • NetworkProcess/cocoa/NetworkProcessCocoa.mm:

(WebKit::filterPreloadHSTSEntry):
(WebKit::NetworkProcess::getHostNamesWithHSTSCache):

1:22 PM Changeset in webkit [244034] by youenn@apple.com
  • 3 edits in trunk/Source/WebCore

LibWebRTCMediaEndpoint does not need to hop to the signaling thread to gather stats
https://bugs.webkit.org/show_bug.cgi?id=196697
<rdar://problem/47477113>

Reviewed by Eric Carlson.

It is not thread safe to use m_backend in another thread than the main thread.
It is not useful anymore to hop to the signaling thread to gather stats.
No change of behavior.

  • Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:

(WebCore::LibWebRTCMediaEndpoint::getStats):
(WebCore::LibWebRTCMediaEndpoint::gatherStatsForLogging):

12:31 PM Changeset in webkit [244033] by BJ Burg
  • 7 edits in trunk/Source/WebKit

Web Automation: clean up some WebAutomationSession methods to use modern async IPC
https://bugs.webkit.org/show_bug.cgi?id=196168

Reviewed by Devin Rousso.

Modern WebKit IPC is capable of providing completion handlers and can track callback IDs.
So, most messages between WebAutomationSession and its proxy can use this facility and stop
keeping track of callback IDs manually. This makes most code easier to read on both the
sender and receiver side.

There are two cases that could not be converted:

  • For evaluateJavaScript, we cannot use async IPC because WebAutomationSession expects to

be able to cancel all pending replies when a page navigates away, the web process crashes,
or when handling an alert.

  • For takeScreenshot, there is not currently support in the modern async IPC code paths for

sending the result back. ShareableBitmap and friends lack a modern decoder implementation.

  • UIProcess/Automation/WebAutomationSession.cpp:

(WebKit::WebAutomationSession::resolveChildFrameHandle):
(WebKit::WebAutomationSession::resolveParentFrameHandle):
(WebKit::WebAutomationSession::computeElementLayout):
(WebKit::WebAutomationSession::selectOptionElement):
(WebKit::WebAutomationSession::getAllCookies):
(WebKit::WebAutomationSession::deleteSingleCookie):
(WebKit::WebAutomationSession::viewportInViewCenterPointOfElement):
(WebKit::WebAutomationSession::didResolveChildFrame): Deleted.
(WebKit::WebAutomationSession::didResolveParentFrame): Deleted.
(WebKit::WebAutomationSession::didComputeElementLayout): Deleted.
(WebKit::WebAutomationSession::didSelectOptionElement): Deleted.
(WebKit::WebAutomationSession::didGetCookiesForFrame): Deleted.
(WebKit::WebAutomationSession::didDeleteCookie): Deleted.

  • UIProcess/Automation/WebAutomationSession.h:
  • UIProcess/Automation/WebAutomationSession.messages.in:
  • WebProcess/Automation/WebAutomationSessionProxy.cpp:

(WebKit::WebAutomationSessionProxy::resolveChildFrameWithOrdinal):
(WebKit::WebAutomationSessionProxy::resolveChildFrameWithNodeHandle):
(WebKit::WebAutomationSessionProxy::resolveChildFrameWithName):
(WebKit::WebAutomationSessionProxy::resolveParentFrame):
(WebKit::WebAutomationSessionProxy::computeElementLayout):
(WebKit::WebAutomationSessionProxy::selectOptionElement):
(WebKit::WebAutomationSessionProxy::getCookiesForFrame):
(WebKit::WebAutomationSessionProxy::deleteCookie):

  • WebProcess/Automation/WebAutomationSessionProxy.h:
  • WebProcess/Automation/WebAutomationSessionProxy.messages.in:
11:50 AM Changeset in webkit [244032] by graouts@webkit.org
  • 2 edits in trunk/Source/WebCore

[ Mac WK2 iOS Debug ] REGRESSION(r233667) Layout Test imported/w3c/web-platform-tests/web-animations/interfaces/DocumentTimeline/constructor.html is a flaky failure
https://bugs.webkit.org/show_bug.cgi?id=195233
<rdar://problem/48527231>

Reviewed by Dean Jackson.

We need to create the "main" document timeline (document.timeline) if it doesn't already exist and use its current time as a basis for any other DocumentTimeline instance.

  • animation/DocumentTimeline.cpp:

(WebCore::DocumentTimeline::currentTime):

11:49 AM Changeset in webkit [244031] by graouts@webkit.org
  • 5 edits
    2 adds in trunk

[Web Animations] JS wrapper may be deleted while animation is yet to dispatch its finish event
https://bugs.webkit.org/show_bug.cgi?id=196118
<rdar://problem/46614137>

Reviewed by Chris Dumez.

Source/WebCore:

Test: webanimations/js-wrapper-kept-alive.html

We need to teach WebAnimation to keep its JS wrapper alive if it's relevant or could become relevant again by virtue of having a timeline.
We also need to ensure that the new implementation of hasPendingActivity() does not interfere with the ability of pages to enter the page
cache when running animations.

  • animation/WebAnimation.cpp:

(WebCore::WebAnimation::canSuspendForDocumentSuspension const):
(WebCore::WebAnimation::stop):
(WebCore::WebAnimation::hasPendingActivity const):

  • animation/WebAnimation.h:

LayoutTests:

Add a test that starts a short animation, sets a custom property on it, registers a "finish" event listener on it and deletes
the sole reference to it in the JS world before triggering garbage collection. Prior to this fix, this test would time out
because the JS wrapper would be garbage-collected prior to the animation completing and thus the event listener would not
be called. To complete successfully, this test checks that it receives the event and its target is the same animation object
that was originally created by checking the custom property is still set.

We also make sure that a test, which was found to have regressed with a previous version of this patch, uses the animation
engine that it is expected to be testing.

  • legacy-animation-engine/animations/resume-after-page-cache.html:
  • webanimations/js-wrapper-kept-alive-expected.txt: Added.
  • webanimations/js-wrapper-kept-alive.html: Added.
11:45 AM Changeset in webkit [244030] by achristensen@apple.com
  • 2 edits in trunk/Source/WebKit

REGRESSION(236463) DownloadManager can call a null CompletionHandler
https://bugs.webkit.org/show_bug.cgi?id=196414
<rdar://problem/48389434>

Reviewed by Geoff Garen.

  • NetworkProcess/NetworkResourceLoader.cpp:

(WebKit::NetworkResourceLoader::convertToDownload):
DownloadManager::continueDecidePendingDownloadDestination is being called when there is no completion handler.
r236463 introduced an unchecked code path that can allow this to happen.

11:09 AM Changeset in webkit [244029] by commit-queue@webkit.org
  • 4 edits
    3 adds in trunk

AX: <svg> elements with labels and no accessible contents are exposed as empty AXGroups
https://bugs.webkit.org/show_bug.cgi?id=156774

Patch by Eric Liang <ericliang@apple.com> on 2019-04-08
Reviewed by Chris Fleizach.

Source/WebCore:

Labelled SVGs without accessible descendants are exposed as AXImage rather than groups.

Unlabelled equivalents are not exposed. Otherwise, SVGs with accessible descendants are exposed as AXGroup.
Also added back functionalities from last patch of determining whether a SVG element should be ignored.

Test: accessibility/svg-shape-labelled.html

  • accessibility/AccessibilityRenderObject.cpp:

(WebCore::AccessibilityRenderObject::updateRoleAfterChildrenCreation):

  • accessibility/AccessibilitySVGElement.cpp:

(WebCore::AccessibilitySVGElement::computeAccessibilityIsIgnored const):

LayoutTests:

Added tests that verify svgs shapes that are labelled are exposed as images.

  • accessibility/resources/apple-logo.svg: Added.
  • accessibility/svg-shape-labelled-expected.txt: Added.
  • accessibility/svg-shape-labelled.html: Added.
11:01 AM Changeset in webkit [244028] by Ryan Haddad
  • 7 edits
    2 deletes in trunk

Unreviewed, rolling out r243948.

Caused inspector/runtime/parse.html to fail

Reverted changeset:

"SIGSEGV in JSC::BytecodeGenerator::addStringConstant"
https://bugs.webkit.org/show_bug.cgi?id=196486
https://trac.webkit.org/changeset/243948

10:29 AM Changeset in webkit [244027] by youenn@apple.com
  • 5 edits in trunk/Source/WebCore

Make sure UniqueIDBDatabaseConnection unregisters itself even if its database is gone
https://bugs.webkit.org/show_bug.cgi?id=196651

Reviewed by Brady Eidson.

In UniqueIDBDatabase methods, many operations are refing the transaction
so that it stays alive until a quota check decision is made.
This extends the lifetime of the transaction which may be lasting
longer than its database that may be cleared without waiting for the quota check decisions.

We therefore need to make sure that the transaction is cleaning itself correctly at destruction time.

Make sure that the transaction is unregistering itself from its IDBServer.
To do so, the transaction keeps a weak ref to the IDBServer.

This is timing sensitive hence difficult to test.

  • Modules/indexeddb/server/IDBServer.h:
  • Modules/indexeddb/server/UniqueIDBDatabaseConnection.cpp:

(WebCore::IDBServer::UniqueIDBDatabaseConnection::didAbortTransaction):
Like done below for UniqueIDBDatabaseConnection::didCommitTransaction,
add a check to ensure that either the database is we are in an error case.

  • Modules/indexeddb/server/UniqueIDBDatabaseTransaction.cpp:

(WebCore::IDBServer::UniqueIDBDatabaseTransaction::UniqueIDBDatabaseTransaction):
(WebCore::IDBServer::UniqueIDBDatabaseTransaction::~UniqueIDBDatabaseTransaction):

  • Modules/indexeddb/server/UniqueIDBDatabaseTransaction.h:
10:29 AM Changeset in webkit [244026] by Shawn Roberts
  • 2 edits in trunk/LayoutTests

Layout tests imported/w3c/IndexedDB-private-browsing/idbobjectstore_createIndex7-event_order.html
imported/w3c/IndexedDB-private-browsing/idbobjectstore_createIndex6-event_order.html are flaky failures
https://bugs.webkit.org/show_bug.cgi?id=195961

Unreviewed test gardening

  • platform/mac-wk2/TestExpectations: Updating test expectations for Debug flaky failure
10:27 AM Changeset in webkit [244025] by chris.reid@sony.com
  • 2 edits in trunk/Source/WebCore

Undefined Behavior: m_experimentalImageMenuEnabled isn't initialized in HTMLImageElement when SERVICE_CONTROLS is disabled
https://bugs.webkit.org/show_bug.cgi?id=196664

Reviewed by Ross Kirsling.

No observable change in behavior.

Initialize m_experimentalImageMenuEnabled regardless of ENABLE(SERVICE_CONTROLS)

  • html/HTMLImageElement.cpp:
10:09 AM Changeset in webkit [244024] by bshafiei@apple.com
  • 3 edits
    1 add in tags/Safari-608.1.15

Cherry-pick r243967. rdar://problem/49589308

REGRESSION (r243642): Crash in reddit.com page
https://bugs.webkit.org/show_bug.cgi?id=196684

Reviewed by Geoffrey Garen.

JSTests:

New regression test.

  • stress/regexp-nongreedy-charclass-backtracks.js: Added.

Source/JavaScriptCore:

In r243642, the code that saves and restores the count for non-greedy character classes
was inadvertently put inside an if statement. This code should be generated for all
non-greedy character classes.

  • yarr/YarrJIT.cpp: (JSC::Yarr::YarrGenerator::generateCharacterClassNonGreedy): (JSC::Yarr::YarrGenerator::backtrackCharacterClassNonGreedy):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@243967 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:09 AM Changeset in webkit [244023] by bshafiei@apple.com
  • 5 edits in tags/Safari-608.1.15

Cherry-pick r243839. rdar://problem/49589308

REGRESSION (r243642): com.apple.JavaScriptCore crash in JSC::RegExpObject::execInline
https://bugs.webkit.org/show_bug.cgi?id=196477

Reviewed by Keith Miller.

Source/JavaScriptCore:

The problem here is that when we advance the index by 2 for a character class that only
has non-BMP characters, we might go past the end of the string. This can happen for
greedy counted character classes that are part of a alternative where there is one
character to match after the greedy non-BMP character class.

The "do we have string left to match" check at the top of the JIT loop for the counted
character class checks to see if index is not equal to the string length. For non-BMP
character classes, we need to check to see if there are at least 2 characters left.
Therefore we now temporarily add 1 to the current index before comparing. This checks
to see if there are iat least 2 characters left to match, instead of 1.

  • yarr/YarrJIT.cpp: (JSC::Yarr::YarrGenerator::generateCharacterClassGreedy): (JSC::Yarr::YarrGenerator::backtrackCharacterClassNonGreedy):

LayoutTests:

Updated the test with a couple more test cases to test a few variants of this bug.
Also added a couple of non-greedy counted non-BMP character class tests that don't have
the bug just to be sure.

  • js/regexp-unicode-expected.txt:
  • js/script-tests/regexp-unicode.js:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@243839 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:09 AM Changeset in webkit [244022] by bshafiei@apple.com
  • 9 edits in tags/Safari-608.1.15/Source/JavaScriptCore

Cherry-pick r243642. rdar://problem/49589308

[YARR] Precompute BMP / non-BMP status when constructing character classes
https://bugs.webkit.org/show_bug.cgi?id=196296

Reviewed by Keith Miller.

Changed CharacterClass::m_hasNonBMPCharacters into a character width bit field which
indicateis if the class includes characters from either BMP, non-BMP or both ranges.
This allows the recognizing code to eliminate checks for the width of a matched
characters when the class has only one width. The character width is needed to
determine if we advance 1 or 2 character. Also, the pre-computed width of character
classes that contains either all BMP or all non-BMP characters allows the parser to
use fixed widths for terms using those character classes. Changed both the code gen
scripts and Yarr compiler to compute this bit field during the construction of
character classes.

For JIT'ed code of character classes that contain either all BMP or all non-BMP
characters, we can eliminate the generic check we were doing do compute how much
to advance after sucessfully matching a character in the class.

Generic isBMP check BMP only non-BMP only
-------------- -------------- --------------
inc %r9d inc %r9d add $0x2, %r9d
cmp $0x10000, %eax
jl isBMP
cmp %edx, %esi
jz atEndOfString
inc %r9d
inc %esi

isBMP:

For character classes that contained non-BMP characters, we were always generating
the code in the left column. The middle column is the code we generate for character
classes that contain only BMP characters. The right column is the code we now
generate if the character class has only non-BMP characters. In the fix width cases,
we can eliminate both the isBMP check as well as the atEndOfString check. The
atEndOfstring check is eliminated since we know how many characters this character
class requires and that check can be factored out to the beginning of the current
alternative. For character classes that contain both BMP and non-BMP characters,
we still generate the generic left column.

This change is a ~8% perf progression on UniPoker and a ~2% improvement on RexBench
as a whole.

  • runtime/RegExp.cpp: (JSC::RegExp::matchCompareWithInterpreter):
  • runtime/RegExpInlines.h: (JSC::RegExp::matchInline):
  • yarr/YarrInterpreter.cpp: (JSC::Yarr::Interpreter::checkCharacterClassDontAdvanceInputForNonBMP): (JSC::Yarr::Interpreter::matchCharacterClass):
  • yarr/YarrJIT.cpp: (JSC::Yarr::YarrGenerator::optimizeAlternative): (JSC::Yarr::YarrGenerator::matchCharacterClass): (JSC::Yarr::YarrGenerator::advanceIndexAfterCharacterClassTermMatch): (JSC::Yarr::YarrGenerator::tryReadUnicodeCharImpl): (JSC::Yarr::YarrGenerator::generateCharacterClassOnce): (JSC::Yarr::YarrGenerator::generateCharacterClassFixed): (JSC::Yarr::YarrGenerator::generateCharacterClassGreedy): (JSC::Yarr::YarrGenerator::backtrackCharacterClassGreedy): (JSC::Yarr::YarrGenerator::generateCharacterClassNonGreedy): (JSC::Yarr::YarrGenerator::backtrackCharacterClassNonGreedy): (JSC::Yarr::YarrGenerator::generateEnter): (JSC::Yarr::YarrGenerator::YarrGenerator): (JSC::Yarr::YarrGenerator::compile):
  • yarr/YarrPattern.cpp: (JSC::Yarr::CharacterClassConstructor::CharacterClassConstructor): (JSC::Yarr::CharacterClassConstructor::reset): (JSC::Yarr::CharacterClassConstructor::charClass): (JSC::Yarr::CharacterClassConstructor::addSorted): (JSC::Yarr::CharacterClassConstructor::addSortedRange): (JSC::Yarr::CharacterClassConstructor::hasNonBMPCharacters): (JSC::Yarr::CharacterClassConstructor::characterWidths): (JSC::Yarr::PatternTerm::dump): (JSC::Yarr::anycharCreate):
  • yarr/YarrPattern.h: (JSC::Yarr::operator|): (JSC::Yarr::operator&): (JSC::Yarr::operator|=): (JSC::Yarr::CharacterClass::CharacterClass): (JSC::Yarr::CharacterClass::hasNonBMPCharacters): (JSC::Yarr::CharacterClass::hasOneCharacterSize): (JSC::Yarr::CharacterClass::hasOnlyNonBMPCharacters): (JSC::Yarr::PatternTerm::invert const): (JSC::Yarr::PatternTerm::invert): Deleted.
  • yarr/create_regex_tables:
  • yarr/generateYarrUnicodePropertyTables.py:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@243642 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9:32 AM Changeset in webkit [244021] by aakash_jain@apple.com
  • 3 edits in trunk/Tools

[ews-build] Do not upload archive when Compile Fails
https://bugs.webkit.org/show_bug.cgi?id=196674

Reviewed by Alexey Proskuryakov.

  • BuildSlaveSupport/ews-build/factories.py:

(BuildFactory.init): Remove steps which require dynamic decision about whether to run or not.

  • BuildSlaveSupport/ews-build/steps.py:

(CompileWebKit.evaluateCommand): Dynamically decide which steps to run based on compile status.
(CompileWebKitToT.evaluateCommand): Explicitly override Compile.evaluateCommand so that it
doesn't inherit CompileWebKit.evaluateCommand which dynamically adds more steps.

8:51 AM Changeset in webkit [244020] by Ryan Haddad
  • 7 edits in trunk

Unreviewed, rolling out r243943.

Caused test262 failures.

Reverted changeset:

"[JSC] Filter DontEnum properties in
ProxyObject::getOwnPropertyNames()"
https://bugs.webkit.org/show_bug.cgi?id=176810
https://trac.webkit.org/changeset/243943

7:45 AM Changeset in webkit [244019] by Claudio Saavedra
  • 11 edits in trunk/Source/JavaScriptCore

[JSC] Partially fix the build with unified builds disabled
https://bugs.webkit.org/show_bug.cgi?id=196647

Reviewed by Konstantin Tokarev.

If you disable unified builds you find all kind of build
errors. This partially tries to fix them but there's a lot
more.

  • API/JSBaseInternal.h:
  • b3/air/AirAllocateRegistersAndStackAndGenerateCode.cpp:
  • b3/air/AirHandleCalleeSaves.h:
  • bytecode/ExecutableToCodeBlockEdge.cpp:
  • bytecode/ExitFlag.h:
  • bytecode/ICStatusUtils.h:
  • bytecode/UnlinkedMetadataTable.h:
  • dfg/DFGPureValue.h:
  • heap/IsoAlignedMemoryAllocator.cpp:
  • heap/IsoAlignedMemoryAllocator.h:
5:41 AM WebKitGTK/2.24.x edited by Carlos Garcia Campos
(diff)
5:40 AM Changeset in webkit [244018] by Carlos Garcia Campos
  • 6 edits
    2 adds in releases/WebKitGTK/webkit-2.24

Merge r243828 - Documents can be destroyed before their CSSFontFaceSet is destroyed
https://bugs.webkit.org/show_bug.cgi?id=195830

Reviewed by Darin Adler.

Source/WebCore:

CSSFontFaceSet has a raw pointer to its owning document. JS can keep the CSSFontFaceSet alive (by using FontFaceSet)
and can destroy the document at any time. When the document is destroyed, the link between the two objects needs to
be severed.

Test: fast/text/font-face-set-destroy-document.html

  • css/CSSFontFace.cpp:

(WebCore::CSSFontFace::CSSFontFace):

  • css/CSSFontFace.h:
  • css/CSSFontFaceSet.cpp:

(WebCore::CSSFontFaceSet::CSSFontFaceSet):
(WebCore::CSSFontFaceSet::ensureLocalFontFacesForFamilyRegistered):

  • css/CSSFontFaceSet.h:
  • css/CSSFontSelector.cpp:

(WebCore::CSSFontSelector::CSSFontSelector):
(WebCore::CSSFontSelector::addFontFaceRule):

  • css/CSSFontSelector.h:
  • css/FontFace.cpp:

(WebCore::FontFace::FontFace):

LayoutTests:

  • fast/text/font-face-set-destroy-document-expected.html: Added.
  • fast/text/font-face-set-destroy-document.html: Added.
5:39 AM Changeset in webkit [244017] by Carlos Garcia Campos
  • 9 edits in releases/WebKitGTK/webkit-2.24/Source/WebCore

Merge r243820 - Crash in HTMLCanvasElement::createContext2d after the element got adopted to a new document
https://bugs.webkit.org/show_bug.cgi?id=196527

Reviewed by Antti Koivisto.

We need to update CanvasBase::m_scriptExecutionContext when HTMLCanvasElement moves from
one document to another. Fixed the bug by making CanvasBase::scriptExecutionContext make
a virtual function call instead of directly storing a raw pointer. In HTMLCanvasElement,
we use Node::scriptExecutionContext(). Use ContextDestructionObserver in CustomPaintCanvas
and OffscreenCanvas instead of a raw pointer.

Unfortunately, no new tests since there is no reproducible test case.

  • html/CanvasBase.cpp:

(WebCore::CanvasBase::CanvasBase):

  • html/CanvasBase.h:

(WebCore::CanvasBase::scriptExecutionContext const):

  • html/CustomPaintCanvas.cpp:

(WebCore::CustomPaintCanvas::CustomPaintCanvas):

  • html/CustomPaintCanvas.h:
  • html/HTMLCanvasElement.cpp:

(WebCore::HTMLCanvasElement::HTMLCanvasElement):

  • html/HTMLCanvasElement.h:
  • html/OffscreenCanvas.cpp:

(WebCore::OffscreenCanvas::OffscreenCanvas):

  • html/OffscreenCanvas.h:
5:39 AM Changeset in webkit [244016] by Carlos Garcia Campos
  • 7 edits
    2 adds in releases/WebKitGTK/webkit-2.24

BackwardsGraph needs to consider back edges as the backward's root successor
https://bugs.webkit.org/show_bug.cgi?id=195991

Reviewed by Filip Pizlo.

JSTests:

  • stress/map-b3-licm-infinite-loop.js: Added.

Source/JavaScriptCore:

  • b3/testb3.cpp:

(JSC::B3::testInfiniteLoopDoesntCauseBadHoisting):
(JSC::B3::run):

Source/WTF:

Previously, our backwards graph analysis was slightly wrong. The idea of
backwards graph is that the root of the graph has edges to terminals in
the original graph. And then the original directed edges in the graph are flipped.

However, we weren't considering loops as a form of terminality. For example,
we wouldn't consider an infinite loop as a terminal. So there were no edges
from the root to a node in the infinite loop. This lead us to make mistakes
when we used backwards dominators to compute control flow equivalence.

This is better understood in an example:

`
preheader:
while (1) {

if (!isCell(v))

continue;

load structure ID
if (cond)

continue;

return

}
`

In the previous version of this algorithm, the only edge from the backwards
root would be to the block containing the return. This would lead us to
believe that the loading of the structureID backwards dominates the preheader,
leading us to believe it's control flow equivalent to preheader. This is
obviously wrong, since we can loop forever if "v" isn't a cell.

The solution here is to treat any backedge in the graph as a "terminal" node.
Since a backedge implies the existence of a loop.

In the above example, the backwards root now has an edge to both blocks with
"continue". This prevents us from falsely claiming that the return is control
flow equivalent with the preheader.

This patch uses DFS spanning trees to compute back edges. An edge
u->v is a back edge when u is a descendent of v in the DFS spanning
tree of the Graph.

  • WTF.xcodeproj/project.pbxproj:
  • wtf/BackwardsGraph.h:

(WTF::BackwardsGraph::BackwardsGraph):

  • wtf/SpanningTree.h: Added.

(SpanningTree::SpanningTree):
(SpanningTree::isDescendent):

5:39 AM Changeset in webkit [244015] by Carlos Garcia Campos
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.24

Merge r243506 - vertexAttribPointer must restrict offset parameter
https://bugs.webkit.org/show_bug.cgi?id=196261
<rdar://problem/48458086>

Reviewed by Antoine Quint.

Source/WebCore:

This WebGL function should fail if the offset parameter is
not within [0, max 32-bit int].

Test: fast/canvas/webgl/vertexAttribPointer-with-bad-offset.html

  • html/canvas/WebGLRenderingContextBase.cpp:

(WebCore::WebGLRenderingContextBase::vertexAttribPointer):

LayoutTests:

Add a test where the offset parameter is out of bounds.

  • fast/canvas/webgl/vertexAttribPointer-with-bad-offset-expected.txt: Added.
  • fast/canvas/webgl/vertexAttribPointer-with-bad-offset.html: Added.
5:39 AM Changeset in webkit [244014] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.24/Source/WebCore

Merge r243341 - Inband Text Track cues interspersed with Data cues can display out of order.
https://bugs.webkit.org/show_bug.cgi?id=196095

Reviewed by Eric Carlson.

The compareCueIntervalForDisplay() comparator depends on a virtual function, isPositionedAbove(TextTrackCue* other),
but this comparison returns inconsistent results for cueA->isPositionedAbove(cueB) and cueB->isPositionedAbove(cueA)
if the two cues are different subclasses of TextTrackCue.

The underlying algorithm should be fixed in a future patch, but for now, remove all non-displaying cues from the array
of activeCues before sorting, rather than after when iterating over the sorted list of activeCues.

  • html/shadow/MediaControlElements.cpp:

(WebCore::MediaControlTextTrackContainerElement::updateDisplay):

5:39 AM Changeset in webkit [244013] by Carlos Garcia Campos
  • 4 edits
    2 adds in releases/WebKitGTK/webkit-2.24

Merge r243331 - Do not insert the first-letter anonymous container until after we've constructed the first-letter renderer.
https://bugs.webkit.org/show_bug.cgi?id=195919
<rdar://problem/48573434>

Reviewed by Brent Fulgham.

Source/WebCore:

When the container is injected too early, we might end up removing it as part of the collapsing logic
while the text renderer is being removed (replaced with the first letter + remaining text).

Test: fast/css/first-letter-and-float-crash.html

  • rendering/updating/RenderTreeBuilderFirstLetter.cpp:

(WebCore::RenderTreeBuilder::FirstLetter::createRenderers):

LayoutTests:

  • fast/css/first-letter-and-float-crash-expected.txt: Added.
  • fast/css/first-letter-and-float-crash.html: Added.
  • platform/mac/TestExpectations:
5:39 AM Changeset in webkit [244012] by Carlos Garcia Campos
  • 7 edits
    2 adds in releases/WebKitGTK/webkit-2.24

Merge r243233 - appendChild should throw when inserting an ancestor of a template into its content adopted to another document
https://bugs.webkit.org/show_bug.cgi?id=195984

Reviewed by Darin Adler.

LayoutTests/imported/w3c:

Rebaselined the test that is not fully passing.

  • web-platform-tests/html/semantics/scripting-1/the-template-element/template-element/template-content-hierarcy-expected.txt:

Source/WebCore:

The WPT test caught a bug that appendChild and other DOM insertion functions were incorrectly assuming that
any node that's in a HTML template element has the current document's template document as its owner.
The assumption is wrong when the template element's content DocumentFragment is adopted to another document.

Fixed the bug by always checking the ancestor host elements in checkAcceptChild. Also

Test: fast/dom/insert-template-parent-into-adopted-content.html

  • dom/ContainerNode.cpp:

(WebCore::isInTemplateContent): Deleted. This code is simply wrong.
(WebCore::containsConsideringHostElements): Deleted. Call sites are updated to use containsIncludingHostElements.
(WebCore::containsIncludingHostElements): Moved from Node.cpp and optimized this code a bit. It's more efficient
to get the parent node and check for ShadowRoot and DocumentFragment only when the parent is null than to check
for those two node types before getting the parent node.
(WebCore::checkAcceptChild): Merged two code paths to call containsIncludingHostElements. The early return for
a pseudo element is there only to prevent tree corruption in release build even in the presence of a major bug
so it shouldn't be an spec compliance issue.

  • dom/Node.cpp:

(WebCore::Node::containsIncludingHostElements const): Deleted.

  • dom/Node.h:

LayoutTests:

Added a regression test.

  • fast/dom/insert-template-parent-into-adopted-content-expected.txt: Added.
  • fast/dom/insert-template-parent-into-adopted-content.html: Added.
5:39 AM Changeset in webkit [244011] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.24/Source/WebKit

Merge r243291 - Fix possible memory leak when dismissing a color picker
https://bugs.webkit.org/show_bug.cgi?id=196026
<rdar://problem/48778568>

Reviewed by Wenson Hsieh.

Fix a problem with WebPageProxy::endColorPicker where an early return could leave a color picker
with a +1 reference count after dismissing it.

  • UIProcess/WebColorPicker.cpp:

(WebKit::WebColorPicker::endPicker):

  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::endColorPicker):
(WebKit::WebPageProxy::didEndColorPicker):

5:39 AM Changeset in webkit [244010] by Carlos Garcia Campos
  • 8 edits
    1 add in releases/WebKitGTK/webkit-2.24

Merge r243280 - Cap length of an array with spread to MIN_ARRAY_STORAGE_CONSTRUCTION_LENGTH.
https://bugs.webkit.org/show_bug.cgi?id=196055
<rdar://problem/49067448>

Reviewed by Yusuke Suzuki.

JSTests:

  • stress/new_array_with_spread-should-cap-array-size-to-MIN_ARRAY_STORAGE_CONSTRUCTION_LENGTH.js: Added.

Source/JavaScriptCore:

We are doing this because:

  1. We expect the array to be densely packed.
  2. SpeculativeJIT::compileAllocateNewArrayWithSize() (and the FTL equivalent) expects the array length to be less than MIN_ARRAY_STORAGE_CONSTRUCTION_LENGTH if we don't want to use an ArrayStorage shape.
  3. There's no reason why an array with spread needs to be that large anyway. MIN_ARRAY_STORAGE_CONSTRUCTION_LENGTH is plenty.

In this patch, we also add a debug assert in compileAllocateNewArrayWithSize() and
emitAllocateButterfly() to check for overflows.

  • assembler/AbortReason.h:
  • dfg/DFGOperations.cpp:
  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compileCreateRest):
(JSC::DFG::SpeculativeJIT::compileNewArrayWithSpread):
(JSC::DFG::SpeculativeJIT::emitAllocateButterfly):
(JSC::DFG::SpeculativeJIT::compileAllocateNewArrayWithSize):

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileNewArrayWithSpread):

  • runtime/ArrayConventions.h:
  • runtime/CommonSlowPaths.cpp:

(JSC::SLOW_PATH_DECL):

5:39 AM Changeset in webkit [244009] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.24/LayoutTests

Merge r243182 - Rebaseline the test after r243175. It got somehow landed with failing expectations.

  • fast/dom/replace-child-with-mutation-event-removal-and-circular-template-insertion-expected.txt:
5:39 AM Changeset in webkit [244008] by Carlos Garcia Campos
  • 3 edits
    18 adds in releases/WebKitGTK/webkit-2.24

Merge r243175 - Reparenting during a mutation event inside appendChild could result in a circular DOM tree
https://bugs.webkit.org/show_bug.cgi?id=192825

Reviewed by Zalan Bujtas.

Source/WebCore:

The bug was caused by appendChildWithoutPreInsertionValidityCheck, insertBefore and replaceChild
checking the circular dependency against newChild instead of targets even though when newChild
is a document fragment, appendChildWithoutPreInsertionValidityCheck inserts the children of
the document fragment. Fixed the bug by checking the circular dependency against each target child.

Also fixed the bug that checkAcceptChildGuaranteedNodeTypes was not considering shadow inclusive
ancestors or template host elements.

Tests: fast/dom/append-child-with-mutation-event-removal-and-circular-insertion.html

fast/dom/append-child-with-mutation-event-removal-and-circular-shadow-insertion.html
fast/dom/append-child-with-mutation-event-removal-and-circular-template-insertion.html
fast/dom/insert-child-with-mutation-event-removal-and-circular-insertion.html
fast/dom/insert-child-with-mutation-event-removal-and-circular-shadow-insertion.html
fast/dom/insert-child-with-mutation-event-removal-and-circular-template-insertion.html
fast/dom/replace-child-with-mutation-event-removal-and-circular-insertion.html
fast/dom/replace-child-with-mutation-event-removal-and-circular-shadow-insertion.html
fast/dom/replace-child-with-mutation-event-removal-and-circular-template-insertion.html

  • dom/ContainerNode.cpp:

(WebCore::checkAcceptChildGuaranteedNodeTypes):
(WebCore::ContainerNode::insertBefore):
(WebCore::ContainerNode::replaceChild):
(WebCore::ContainerNode::appendChildWithoutPreInsertionValidityCheck):

LayoutTests:

Added regression tests.

  • fast/dom/append-child-with-mutation-event-removal-and-circular-insertion-expected.txt: Added.
  • fast/dom/append-child-with-mutation-event-removal-and-circular-insertion.html: Added.
  • fast/dom/append-child-with-mutation-event-removal-and-circular-shadow-insertion-expected.txt: Added.
  • fast/dom/append-child-with-mutation-event-removal-and-circular-shadow-insertion.html: Added.
  • fast/dom/append-child-with-mutation-event-removal-and-circular-template-insertion-expected.txt: Added.
  • fast/dom/append-child-with-mutation-event-removal-and-circular-template-insertion.html: Added.
  • fast/dom/insert-child-with-mutation-event-removal-and-circular-insertion-expected.txt: Added.
  • fast/dom/insert-child-with-mutation-event-removal-and-circular-insertion.html: Added.
  • fast/dom/insert-child-with-mutation-event-removal-and-circular-shadow-insertion-expected.txt: Added.
  • fast/dom/insert-child-with-mutation-event-removal-and-circular-shadow-insertion.html: Added.
  • fast/dom/insert-child-with-mutation-event-removal-and-circular-template-insertion-expected.txt: Added.
  • fast/dom/insert-child-with-mutation-event-removal-and-circular-template-insertion.html: Added.
  • fast/dom/replace-child-with-mutation-event-removal-and-circular-insertion-expected.txt: Added.
  • fast/dom/replace-child-with-mutation-event-removal-and-circular-insertion.html: Added.
  • fast/dom/replace-child-with-mutation-event-removal-and-circular-shadow-insertion-expected.txt: Added.
  • fast/dom/replace-child-with-mutation-event-removal-and-circular-shadow-insertion.html: Added.
  • fast/dom/replace-child-with-mutation-event-removal-and-circular-template-insertion-expected.txt: Added.
  • fast/dom/replace-child-with-mutation-event-removal-and-circular-template-insertion.html: Added.
5:39 AM Changeset in webkit [244007] by Carlos Garcia Campos
  • 3 edits
    1 add in releases/WebKitGTK/webkit-2.24

Merge r243069 - Structure::flattenDictionary() should clear unused property slots.
https://bugs.webkit.org/show_bug.cgi?id=195871
<rdar://problem/48959497>

Reviewed by Michael Saboff.

JSTests:

  • stress/structure-flattenDictionary-should-clear-unused-property-slots.js: Added.

Source/JavaScriptCore:

It currently attempts to do this but fails because it's actually clearing up the
preCapacity region instead. The fix is simply to account for the preCapacity
when computing the start address of the property slots.

  • runtime/Structure.cpp:

(JSC::Structure::flattenDictionaryStructure):

5:39 AM Changeset in webkit [244006] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.24/Source/WebCore

Merge r242964 - Storing a Node in Ref/RefPtr inside its destructor results in double delete
https://bugs.webkit.org/show_bug.cgi?id=195661

Reviewed by Brent Fulgham.

Set Node::m_refCount to 1 before calling its virtual destructor.

This is a security mitigation to prevent any code which ends up storing the node to Ref / RefPtr
inside the destructor, which is a programming error caught by debug assertions, from triggering
a double-delete on the same Node.

Such a code would hit the debug assertions in Node::deref() because m_inRemovedLastRefFunction
had been set to true by then.

  • dom/Document.cpp:

(WebCore::Document::removedLastRef):

  • dom/Document.h:

(WebCore::Document::decrementReferencingNodeCount):

  • dom/Node.cpp:

(WebCore::Node::~Node):
(WebCore::Node::removedLastRef):

5:38 AM Changeset in webkit [244005] by Carlos Garcia Campos
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.24

Merge r242943 - Cleanup inline boxes when list marker gets blockified
https://bugs.webkit.org/show_bug.cgi?id=195746
<rdar://problem/48049175>

Reviewed by Antti Koivisto.

Source/WebCore:

Normally when an element gets blockified (inline -> block) we destroy its renderer and construct a new one (RenderInline -> RenderBlock).
During this process the associated inline boxtree gets destroyed as well. Since RenderListMarker is just a generic RenderBox, the blockifying
change does not require a new renderer.
This patch takes care of destroying the inline boxtree when the marker gains block display type.

Test: fast/block/float/list-marker-is-float-crash.html

  • rendering/RenderListMarker.cpp:

(WebCore::RenderListMarker::styleDidChange):

LayoutTests:

  • fast/block/float/list-marker-is-float-crash-expected.txt: Added.
  • fast/block/float/list-marker-is-float-crash.html: Added.
5:38 AM Changeset in webkit [244004] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.24/Source/WebCore

Merge r242921 - [WeakPtr] RenderListMarker::m_listItem should be a WeakPtr
https://bugs.webkit.org/show_bug.cgi?id=195704
<rdar://problem/48486278>

Reviewed by Simon Fraser.

  • rendering/RenderListMarker.cpp:

(WebCore::RenderListMarker::RenderListMarker):
(WebCore::RenderListMarker::paint):
(WebCore::RenderListMarker::layout):
(WebCore::RenderListMarker::updateContent):
(WebCore::RenderListMarker::computePreferredLogicalWidths):
(WebCore::RenderListMarker::lineHeight const):
(WebCore::RenderListMarker::baselinePosition const):
(WebCore::RenderListMarker::suffix const):
(WebCore::RenderListMarker::isInside const):
(WebCore::RenderListMarker::getRelativeMarkerRect):

  • rendering/RenderListMarker.h:
5:38 AM Changeset in webkit [244003] by Carlos Garcia Campos
  • 4 edits
    2 adds in releases/WebKitGTK/webkit-2.24

Merge r242919 - Use RenderBox::previousSiblingBox/nextSiblingBox in RenderMultiColumnFlow
https://bugs.webkit.org/show_bug.cgi?id=195701
<rdar://problem/48448658>

Reviewed by Simon Fraser.

Source/WebCore:

It's safer to use existing RenderBox functions to get sibling boxes.

Test: fast/ruby/crash-when-paginated-ruby.html

  • rendering/RenderMultiColumnFlow.cpp:

(WebCore::RenderMultiColumnFlow::nextColumnSetOrSpannerSiblingOf):
(WebCore::RenderMultiColumnFlow::previousColumnSetOrSpannerSiblingOf):

LayoutTests:

  • fast/ruby/crash-when-paginated-ruby-expected.txt: Added.
  • fast/ruby/crash-when-paginated-ruby.html: Added.
5:38 AM Changeset in webkit [244002] by Carlos Garcia Campos
  • 4 edits
    2 adds in releases/WebKitGTK/webkit-2.24

Merge r242917 - Fix an edge case where HTMLFormElement::removeFormElement is invoked twice with the same element
https://bugs.webkit.org/show_bug.cgi?id=195663
<rdar://problem/48576391>

Reviewed by Ryosuke Niwa.

Source/WebCore:

Currently, it's possible for HTMLFormControlElement's destructor to be reentrant. This may happen if the form
control element is ref'd while carrying out its destructor's logic. This may happen in two places in
HTMLFormControlElement (didChangeForm and resetDefaultButton), both of which actually don't require ensuring a
protected reference to the form control element since they should never result in any script execution.

To fix the bug, convert these strong references into raw pointers, and add ScriptDisallowedScope to ensure that
we don't change these codepaths in the future, such that they trigger arbitrary script execution.

Test: fast/forms/remove-associated-element-after-gc.html

  • html/HTMLFormControlElement.cpp:

(WebCore::HTMLFormControlElement::didChangeForm):

  • html/HTMLFormElement.cpp:

(WebCore::HTMLFormElement::resetDefaultButton):

LayoutTests:

Add a layout test to exercise the scenario described in the WebCore ChangeLog.

  • fast/forms/remove-associated-element-after-gc-expected.txt: Added.
  • fast/forms/remove-associated-element-after-gc.html: Added.
5:38 AM Changeset in webkit [244001] by Carlos Garcia Campos
  • 5 edits
    1 add in releases/WebKitGTK/webkit-2.24

Merge r243989 - [CMake] Detect SSE2 at compile time
https://bugs.webkit.org/show_bug.cgi?id=196488

Patch by Xan Lopez <Xan Lopez> on 2019-04-08
Reviewed by Carlos Garcia Campos.

.:

  • CMakeLists.txt: Use FindSSE2.cmake to detect SSE2 support.
  • Source/cmake/FindSSE2.cmake: Added.

Source/JavaScriptCore:

  • assembler/MacroAssemblerX86Common.cpp: Remove unnecessary (and

incorrect) static_assert.

5:32 AM Changeset in webkit [244000] by guijemont@igalia.com
  • 6 edits in trunk

Enable DFG on MIPS
https://bugs.webkit.org/show_bug.cgi?id=196689

Reviewed by Žan Doberšek.

Since the bytecode change, we enabled the baseline JIT on mips in
r240432, but DFG is still missing. With this change, all tests are
passing on a ci20 board.

Source/JavaScriptCore:

  • jit/RegisterSet.cpp:

(JSC::RegisterSet::calleeSaveRegisters):
Added s0, which is used in llint.

Source/WTF:

  • wtf/Platform.h: Enable DFG on MIPS by default.

Tools:

  • Scripts/run-jsc-stress-tests: Enable DFG tests on MIPS.
5:14 AM Changeset in webkit [243999] by commit-queue@webkit.org
  • 3 edits in trunk/Tools

[Flatpak] Second run update-webkitwpe-flatpak fails
https://bugs.webkit.org/show_bug.cgi?id=192702

Patch by Philippe Normand <pnormand@igalia.com> on 2019-04-08
Reviewed by Carlos Garcia Campos.

  • flatpak/flatpakutils.py:

(FlatpakObject.flatpak): Fix typo.
(FlatpakPackage.install): When installing, also update to the configured remote commit.

  • flatpak/org.webkit.WebKit.yaml: Update GNOME 3.28 SDK/runtime hashes.
3:44 AM Changeset in webkit [243998] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.24/Source/WebCore

Merge r243866 - [GTK][WPE] Use a timer to request the creation of pending tiles
https://bugs.webkit.org/show_bug.cgi?id=196594

Reviewed by Žan Doberšek.

Use a timer to request pending tile creation, as calls to notifyFlushRequired() are discarded
while inside a layer flush.

  • platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:

(WebCore::CoordinatedGraphicsLayer::CoordinatedGraphicsLayer):
(WebCore::CoordinatedGraphicsLayer::flushCompositingStateForThisLayerOnly):
(WebCore::CoordinatedGraphicsLayer::updateContentBuffers):
(WebCore::CoordinatedGraphicsLayer::requestPendingTileCreationTimerFired):

  • platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:
3:44 AM Changeset in webkit [243997] by Carlos Garcia Campos
  • 5 edits in releases/WebKitGTK/webkit-2.24

Merge r243289 - [GLIB] User data not correctly passed to callback of functions and constructors with no parameters
https://bugs.webkit.org/show_bug.cgi?id=196073

Patch by Carlos Garcia Campos <cgarcia@igalia.com> on 2019-03-21
Reviewed by Michael Catanzaro.

Source/JavaScriptCore:

This is because GClosure always expects a first parameter as instance. In case of functions or constructors with
no parameters we insert a fake instance which is just a null pointer that is ignored by the callback. But
if the function/constructor has user data the callback will expect one parameter for the user data. In that case
we can simply swap instance/user data so that the fake instance will be the second argument and user data the
first one.

  • API/glib/JSCClass.cpp:

(jscClassCreateConstructor): Use g_cclosure_new_swap() if parameters is empty and user data was provided.

  • API/glib/JSCValue.cpp:

(jscValueFunctionCreate): Ditto.

Tools:

Add test cases to check functions and constructors with no arguments but receiving user data.

  • TestWebKitAPI/Tests/JavaScriptCore/glib/TestJSC.cpp:

(checkUserData):
(testJSCFunction):
(fooCreateWithUserData):
(testJSCClass):

3:44 AM Changeset in webkit [243996] by Carlos Garcia Campos
  • 6 edits in releases/WebKitGTK/webkit-2.24

Merge r243283 - [GLib] Returning G_TYPE_OBJECT from a method does not work
https://bugs.webkit.org/show_bug.cgi?id=195574

Reviewed by Michael Catanzaro.

Source/JavaScriptCore:

Add more documentation to clarify the ownership of wrapped objects when created and when returned by functions.

  • API/glib/JSCCallbackFunction.cpp:

(JSC::JSCCallbackFunction::construct): Also allow to return boxed types from a constructor.

  • API/glib/JSCClass.cpp:
  • API/glib/JSCValue.cpp:

Tools:

Add new test cases to check the behavior of constructors and functions returning GObject and boxed types.

  • TestWebKitAPI/Tests/JavaScriptCore/glib/TestJSC.cpp:

(getGFile):
(getParent):
(createGString):
(getGString):
(getGStringCopyWillRaise):
(getGStringCopy):
(getGStringStr):
(getGStringLen):
(freeGString):
(testJSCClass):

3:44 AM Changeset in webkit [243995] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.24/Source/JavaScriptCore

Merge r243200 - [GLIB] Optimize jsc_value_object_define_property_data|accessor
https://bugs.webkit.org/show_bug.cgi?id=195679

Reviewed by Saam Barati.

Use direct C++ call instead of using the JSC GLib API to create the descriptor object and invoke Object.defineProperty().

  • API/glib/JSCValue.cpp:

(jsc_value_object_define_property_data):
(jsc_value_object_define_property_accessor):

3:44 AM Changeset in webkit [243994] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.24

Merge r243971 - [GTK][WPE] outlook.live.com displays old-fashioned UI
https://bugs.webkit.org/show_bug.cgi?id=196642

Reviewed by Carlos Garcia Campos.

Source/WebCore:

The new good looking UI is shown as long as pretend we're a Mac in the UA.

  • platform/UserAgentQuirks.cpp:

(WebCore::urlRequiresChromeBrowser):

Tools:

  • TestWebKitAPI/Tests/WebCore/UserAgentQuirks.cpp:

(TestWebKitAPI::TEST): New Mac platform quirk test.

3:23 AM Changeset in webkit [243993] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.24

Merge r243608 - [WPE][GTK] webkit_web_resource_get_data_finish can return NULL without setting error
https://bugs.webkit.org/show_bug.cgi?id=186276

Reviewed by Carlos Garcia Campos.

Source/WebKit:

Currently it's possible for webkit_web_resource_get_data_finish() to return NULL without
setting the error parameter. This is illegal because it is an API guarantee (and a GObject
convention) that if an error parameter exists, it should be set whenever a function call
returns NULL. Epiphany correctly dereferences the error in this case without checking if it
is NULL, because it knows it does not have to, and crashes. Fix this. We'll return a byte
array of length 1 containing a NUL character. This isn't great, but there's not really any
better solution without deprecating the API or returning an error code to indicate an empty
resource, and it at least fixes the Epiphany crash.

This does not fix bug #186276, in which this function incorrectly returns no data when it
ought to. But that is a different bug. Now, at least we won't crash when no data is
available.

  • UIProcess/API/glib/WebKitWebResource.cpp:

(resourceDataCallback):

Tools:

  • TestWebKitAPI/Tests/WebKitGLib/TestResources.cpp:

(webViewLoadChanged):
(testWebResourceGetDataError):
(testWebResourceGetDataEmpty):
(beforeAll):
(webViewloadChanged): Deleted.

3:23 AM Changeset in webkit [243992] by Carlos Garcia Campos
  • 10 edits
    2 deletes in releases/WebKitGTK/webkit-2.24

Merge r243804 - Get rid of HTMLInputElement::setEditingValue
https://bugs.webkit.org/show_bug.cgi?id=196402

Reviewed by Darin Adler.

Source/WebCore:

HTMLInputElement::setEditingValue is only used for Epiphany password autofill. We did it
this way because that's what Chrome uses for autofill, but Apple uses
HTMLInputElement::setValueForUser. Let's switch to that instead, then we can get rid of
setEditingValue.

This fixes logging into ting.com after username and password are autofilled by Epiphany.
Before this change, the login would fail unless you first manually edit either the username
or the password field.

  • html/HTMLInputElement.cpp:

(WebCore::HTMLInputElement::setEditingValue): Deleted.

  • html/HTMLInputElement.h:
  • testing/Internals.cpp:

(WebCore::Internals::setEditingValue): Deleted.

  • testing/Internals.h:
  • testing/Internals.idl:

Source/WebKit:

  • WebProcess/InjectedBundle/API/glib/DOM/WebKitDOMElement.cpp:

(webkit_dom_element_html_input_element_set_editing_value):

  • WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLInputElement.cpp:

(webkit_dom_html_input_element_set_editing_value):

LayoutTests:

  • fast/forms/editing-value-expected.txt: Removed.
  • fast/forms/editing-value-null-renderer-expected.txt: Removed.
  • fast/forms/editing-value-null-renderer.html: Removed.
  • fast/forms/editing-value.html: Removed.
3:23 AM Changeset in webkit [243991] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.24/Source/WebKit

Merge r243860 - [ATK] Don't touch accessibility tree in WebFrameLoaderClient::dispatchDidClearWindowObjectInWorld
https://bugs.webkit.org/show_bug.cgi?id=193914

Reviewed by Michael Catanzaro.

Move it to dispatchDidFinishDocumentLoad, since we know we have the document at that point and we can create the
root accessibility object wrapper.

  • WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:

(WebKit::WebFrameLoaderClient::dispatchDidFinishDocumentLoad):
(WebKit::WebFrameLoaderClient::dispatchDidClearWindowObjectInWorld):

3:23 AM Changeset in webkit [243990] by Carlos Garcia Campos
  • 7 edits in releases/WebKitGTK/webkit-2.24

Merge r243602 - [FreeType] Incorrect application of glyph positioning in the Y direction
https://bugs.webkit.org/show_bug.cgi?id=161493

Reviewed by Michael Catanzaro.

Source/WebCore:

Use the first glyph origin as the initial advance of every complex text run.

  • platform/graphics/cairo/FontCairo.cpp:

(WebCore::FontCascade::drawGlyphs): Update the yOffset using the height advance.

  • platform/graphics/cairo/GraphicsContextImplCairo.cpp:

(WebCore::GraphicsContextImplCairo::drawGlyphs): Ditto.

  • platform/graphics/harfbuzz/ComplexTextControllerHarfBuzz.cpp:

(WebCore::ComplexTextController::ComplexTextRun::ComplexTextRun): Set the initial advance.

LayoutTests:

Rebaseline fast/text/international/hebrew-vowels.html.

  • platform/gtk/fast/text/international/hebrew-vowels-expected.png:
  • platform/gtk/fast/text/international/hebrew-vowels-expected.txt:
3:23 AM WebKitGTK/2.24.x edited by Carlos Garcia Campos
(diff)
3:16 AM Changeset in webkit [243989] by commit-queue@webkit.org
  • 5 edits
    1 add in trunk

[CMake] Detect SSE2 at compile time
https://bugs.webkit.org/show_bug.cgi?id=196488

Patch by Xan Lopez <Xan Lopez> on 2019-04-08
Reviewed by Carlos Garcia Campos.

.:

  • CMakeLists.txt: Use FindSSE2.cmake to detect SSE2 support.
  • Source/cmake/FindSSE2.cmake: Added.

Source/JavaScriptCore:

  • assembler/MacroAssemblerX86Common.cpp: Remove unnecessary (and

incorrect) static_assert.

3:15 AM Changeset in webkit [243988] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.24/Source/WebKit

Merge r243505 - Assertion failure !isInAcceleratedCompositingMode() in DrawingAreaProxyCoordinatedGraphics::incorporateUpdate when forceCompositingMode is turned on
https://bugs.webkit.org/show_bug.cgi?id=195879

Patch by Tomoki Imai <Tomoki Imai> on 2019-03-26
Reviewed by Carlos Garcia Campos.

The root cause is that DrawingAreaProxyCoordinatedGraphics::isInAcceleratedCompositingMode checks both of alwaysUseCompositing() and !m_layerTreeContext.isEmpty().
alwaysUseCompositing() refers preferences, which is written by the application (UIProcess).
On the other hand, m_layerTreeContext is changed when it receives enterAcceleratedCompositingMode/exitAcceleratedCompositingMode from WebProcess.

It results when we set forceCompositingMode and acceleratedCompositingEnabled to true, WebProcess and UIProcess is out of sync until WebProcess sends enterAcceleratedCompositingMode message.
In such situation, WebProcess sends incorporateUpdate to UIProcess because WebProcess is in non-AC mode, but isInAcceleratedCompositingMode becomes true in UIProcess side.

  • UIProcess/CoordinatedGraphics/DrawingAreaProxyCoordinatedGraphics.cpp:

(WebKit::DrawingAreaProxyCoordinatedGraphics::~DrawingAreaProxyCoordinatedGraphics): Should call exitAcceleratedCompositingMode even when alwaysUseCompositing is true.
(WebKit::DrawingAreaProxyCoordinatedGraphics::enterAcceleratedCompositingMode): enterAcceleratedCompositingMode should check enterAcceleratedCompositingMode is not called twice.

  • UIProcess/CoordinatedGraphics/DrawingAreaProxyCoordinatedGraphics.h: Remove alwaysUseCompositing from isInAcceleratedCompositingMode
3:15 AM Changeset in webkit [243987] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.24/Source/WebKit

Merge r243796 - [CoordinatedGraphics] Hidden pages are not suspended after a web view resize
https://bugs.webkit.org/show_bug.cgi?id=196487

Reviewed by Žan Doberšek.

When resizing the window, the hidden tabs are updated too, to avoid flickering or getting the old size when
switching tabs. For that we need to resume painting but we are not suspending it again after the update.

  • WebProcess/WebPage/CoordinatedGraphics/DrawingAreaCoordinatedGraphics.cpp:

(WebKit::DrawingAreaCoordinatedGraphics::updateBackingStoreState): Suspend the painting again after a
synchronous update if needed.

3:15 AM Changeset in webkit [243986] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.24/Source/WebKit

Merge r243475 - [Coordinated Graphics][WinCairo] ASSERTION FAILED: state.id == m_nicosia.state.id
https://bugs.webkit.org/show_bug.cgi?id=196190

Reviewed by Žan Doberšek.

This assertion assumes the pre-committed and the committed scenes
are identical. But, the pre-committed scene is updated in the main
thread. Removed the false assertion.

  • Shared/CoordinatedGraphics/CoordinatedGraphicsScene.cpp:

(WebKit::CoordinatedGraphicsScene::purgeGLResources): Remove the
assertion. Removed layers of committed scene, not pre-committed
scene.

3:15 AM Changeset in webkit [243985] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.24/Source/WebKit

Merge r242771 - [CoordinatedGraphics] ASSERTION FAILED: !m_state.isSuspended
https://bugs.webkit.org/show_bug.cgi?id=195550

Reviewed by Carlos Garcia Campos.

CompositingRunLoop::suspend() locks a mutex and stops the update
timer. But, the timer can be fired after the lock was acquired and
before the timer is stopped.

  • Shared/CoordinatedGraphics/threadedcompositor/CompositingRunLoop.cpp:

(WebKit::CompositingRunLoop::updateTimerFired): Removed the
assertion. Return early if m_state.isSuspended.

3:15 AM Changeset in webkit [243984] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.24/Source/WebKit

Merge r242597 - REGRESSION(r242364): [WPE] Do not stop the compositing run loop update timer on suspend
https://bugs.webkit.org/show_bug.cgi?id=195410

Patch by Carlos Garcia Campos <cgarcia@igalia.com> on 2019-03-07
Reviewed by Žan Doberšek.

Calling CompositingRunLoop::stopUpdates() on suspend is leaving the threaded compositor in an inconsistent
state, failing to resume and stopping the updates forever. This is causing timeouts in WPE layout tests. Instead
of calling stopUpdates(), a new suspend() is called, that stops the update timer, without changing the current
updae tha compositing state. A new method resume() is also added to schedule an update if needed.

  • Shared/CoordinatedGraphics/threadedcompositor/CompositingRunLoop.cpp:

(WebKit::CompositingRunLoop::suspend): Set state as suspended and stop the update timer.
(WebKit::CompositingRunLoop::resume): Set state as not suspended and start the update timer if it was scheduled
while suspended.
(WebKit::CompositingRunLoop::scheduleUpdate): Do not start the update timer when suspended.
(WebKit::CompositingRunLoop::compositionCompleted): Ditto.
(WebKit::CompositingRunLoop::updateCompleted): Ditto.
(WebKit::CompositingRunLoop::updateTimerFired): Add an assert to ensure the update timer is not fired while suspended.

  • Shared/CoordinatedGraphics/threadedcompositor/CompositingRunLoop.h:
  • Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.cpp:

(WebKit::ThreadedCompositor::suspend): Call CompositingRunLoop::suspend() instead of stopUpdates().
(WebKit::ThreadedCompositor::resume): Call CompositingRunLoop::resume().

3:15 AM Changeset in webkit [243983] by Carlos Garcia Campos
  • 5 edits in releases/WebKitGTK/webkit-2.24/Source/WebKit

Merge r242364 - [CoordinatedGraphics] The compositing loop is still running even after exiting AC mode
https://bugs.webkit.org/show_bug.cgi?id=195270

Patch by Carlos Garcia Campos <cgarcia@igalia.com> on 2019-03-04
Reviewed by Don Olmstead.

Suspend the threaded compositor when the painting is paused or layer flush disabled, and resume it again when
painting is resumed and layer flush enabled.

  • Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.cpp:

(WebKit::ThreadedCompositor::suspend): Increment the suspend counter and mark the scene as inactive if it was suspended.
(WebKit::ThreadedCompositor::resume): Decrement the suspend counter and mark the scene as active if it's now resumed.

  • Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.h:
  • WebProcess/WebPage/CoordinatedGraphics/DrawingAreaCoordinatedGraphics.cpp:

(WebKit::DrawingAreaCoordinatedGraphics::forceRepaint): Return early if layer tree state is frozen.
(WebKit::DrawingAreaCoordinatedGraphics::forceRepaintAsync): Ditto.

  • WebProcess/WebPage/CoordinatedGraphics/LayerTreeHost.cpp:

(WebKit::LayerTreeHost::setLayerFlushSchedulingEnabled): Call ThreadedCompositor::suspend()/resume().
(WebKit::LayerTreeHost::pauseRendering): Call ThreadedCompositor::suspend.
(WebKit::LayerTreeHost::resumeRendering): Call ThreadedCompositor::resume().

3:15 AM Changeset in webkit [243982] by Carlos Garcia Campos
  • 15 edits
    2 moves
    3 adds
    6 deletes in releases/WebKitGTK/webkit-2.24/Source/WebKit

Merge r242346 - [CoordinatedGraphics] Unify DrawingArea classes
https://bugs.webkit.org/show_bug.cgi?id=195167

Reviewed by Žan Doberšek.

Add DrawingAreaProxyCoordinatedGraphics and DrawingAreaCoordinatedGraphics.

  • PlatformGTK.cmake:
  • PlatformWPE.cmake:
  • PlatformWin.cmake:
  • Shared/DrawingAreaInfo.h:
  • SourcesGTK.txt:
  • SourcesWPE.txt:
  • UIProcess/API/gtk/PageClientImpl.cpp:

(WebKit::PageClientImpl::createDrawingAreaProxy):
(WebKit::PageClientImpl::viewSize):

  • UIProcess/API/gtk/WebKitWebViewBase.cpp:

(webkitWebViewBaseRealize):
(webkitWebViewBaseUnrealize):
(webkitWebViewBaseDraw):
(webkitWebViewBaseSizeAllocate):
(webkitWebViewBaseDidRelaunchWebProcess):
(webkitWebViewBasePageClosed):

  • UIProcess/API/wpe/PageClientImpl.cpp:

(WebKit::PageClientImpl::createDrawingAreaProxy):

  • UIProcess/AcceleratedDrawingAreaProxy.cpp: Removed.
  • UIProcess/CoordinatedGraphics/DrawingAreaProxyCoordinatedGraphics.cpp: Added.

(WebKit::DrawingAreaProxyCoordinatedGraphics::DrawingAreaProxyCoordinatedGraphics):
(WebKit::DrawingAreaProxyCoordinatedGraphics::~DrawingAreaProxyCoordinatedGraphics):
(WebKit::DrawingAreaProxyCoordinatedGraphics::paint):
(WebKit::DrawingAreaProxyCoordinatedGraphics::sizeDidChange):
(WebKit::DrawingAreaProxyCoordinatedGraphics::deviceScaleFactorDidChange):
(WebKit::DrawingAreaProxyCoordinatedGraphics::waitForBackingStoreUpdateOnNextPaint):
(WebKit::DrawingAreaProxyCoordinatedGraphics::setBackingStoreIsDiscardable):
(WebKit::DrawingAreaProxyCoordinatedGraphics::update):
(WebKit::DrawingAreaProxyCoordinatedGraphics::didUpdateBackingStoreState):
(WebKit::DrawingAreaProxyCoordinatedGraphics::enterAcceleratedCompositingMode):
(WebKit::DrawingAreaProxyCoordinatedGraphics::exitAcceleratedCompositingMode):
(WebKit::DrawingAreaProxyCoordinatedGraphics::updateAcceleratedCompositingMode):
(WebKit::DrawingAreaProxyCoordinatedGraphics::incorporateUpdate):
(WebKit::DrawingAreaProxyCoordinatedGraphics::alwaysUseCompositing const):
(WebKit::DrawingAreaProxyCoordinatedGraphics::backingStoreStateDidChange):
(WebKit::DrawingAreaProxyCoordinatedGraphics::sendUpdateBackingStoreState):
(WebKit::DrawingAreaProxyCoordinatedGraphics::waitForAndDispatchDidUpdateBackingStoreState):
(WebKit::DrawingAreaProxyCoordinatedGraphics::discardBackingStoreSoon):
(WebKit::DrawingAreaProxyCoordinatedGraphics::discardBackingStore):
(WebKit::DrawingAreaProxyCoordinatedGraphics::setNativeSurfaceHandleForCompositing):
(WebKit::DrawingAreaProxyCoordinatedGraphics::destroyNativeSurfaceHandleForCompositing):
(WebKit::DrawingAreaProxyCoordinatedGraphics::DrawingMonitor::DrawingMonitor):
(WebKit::DrawingAreaProxyCoordinatedGraphics::DrawingMonitor::~DrawingMonitor):
(WebKit::DrawingAreaProxyCoordinatedGraphics::DrawingMonitor::webViewDrawCallback):
(WebKit::DrawingAreaProxyCoordinatedGraphics::DrawingMonitor::start):
(WebKit::DrawingAreaProxyCoordinatedGraphics::DrawingMonitor::stop):
(WebKit::DrawingAreaProxyCoordinatedGraphics::DrawingMonitor::didDraw):
(WebKit::DrawingAreaProxyCoordinatedGraphics::dispatchAfterEnsuringDrawing):

  • UIProcess/CoordinatedGraphics/DrawingAreaProxyCoordinatedGraphics.h: Renamed from Source/WebKit/UIProcess/AcceleratedDrawingAreaProxy.h.
  • UIProcess/DrawingAreaProxyImpl.cpp: Removed.
  • UIProcess/DrawingAreaProxyImpl.h: Removed.
  • UIProcess/gtk/AcceleratedBackingStoreX11.cpp:

(WebKit::AcceleratedBackingStoreX11::update):

  • UIProcess/win/PageClientImpl.cpp:

(WebKit::PageClientImpl::createDrawingAreaProxy):

  • UIProcess/win/WebView.cpp:

(WebKit::WebView::paint):

  • WebProcess/WebPage/AcceleratedDrawingArea.cpp: Removed.
  • WebProcess/WebPage/CoordinatedGraphics/DrawingAreaCoordinatedGraphics.cpp: Added.

(WebKit::DrawingAreaCoordinatedGraphics::DrawingAreaCoordinatedGraphics):
(WebKit::DrawingAreaCoordinatedGraphics::~DrawingAreaCoordinatedGraphics):
(WebKit::DrawingAreaCoordinatedGraphics::setNeedsDisplay):
(WebKit::DrawingAreaCoordinatedGraphics::setNeedsDisplayInRect):
(WebKit::DrawingAreaCoordinatedGraphics::scroll):
(WebKit::DrawingAreaCoordinatedGraphics::forceRepaint):
(WebKit::DrawingAreaCoordinatedGraphics::forceRepaintAsync):
(WebKit::DrawingAreaCoordinatedGraphics::setLayerTreeStateIsFrozen):
(WebKit::DrawingAreaCoordinatedGraphics::updatePreferences):
(WebKit::DrawingAreaCoordinatedGraphics::mainFrameContentSizeChanged):
(WebKit::DrawingAreaCoordinatedGraphics::deviceOrPageScaleFactorChanged):
(WebKit::DrawingAreaCoordinatedGraphics::didChangeViewportAttributes):
(WebKit::DrawingAreaCoordinatedGraphics::graphicsLayerFactory):
(WebKit::DrawingAreaCoordinatedGraphics::setRootCompositingLayer):
(WebKit::DrawingAreaCoordinatedGraphics::scheduleCompositingLayerFlush):
(WebKit::DrawingAreaCoordinatedGraphics::layerHostDidFlushLayers):
(WebKit::DrawingAreaCoordinatedGraphics::createDisplayRefreshMonitor):
(WebKit::DrawingAreaCoordinatedGraphics::setNativeSurfaceHandleForCompositing):
(WebKit::DrawingAreaCoordinatedGraphics::destroyNativeSurfaceHandleForCompositing):
(WebKit::DrawingAreaCoordinatedGraphics::activityStateDidChange):
(WebKit::DrawingAreaCoordinatedGraphics::attachViewOverlayGraphicsLayer):
(WebKit::DrawingAreaCoordinatedGraphics::updateBackingStoreState):
(WebKit::DrawingAreaCoordinatedGraphics::didUpdate):
(WebKit::DrawingAreaCoordinatedGraphics::sendDidUpdateBackingStoreState):
(WebKit::DrawingAreaCoordinatedGraphics::exitAcceleratedCompositingModeSoon):
(WebKit::DrawingAreaCoordinatedGraphics::exitAcceleratedCompositingModeNow):
(WebKit::DrawingAreaCoordinatedGraphics::discardPreviousLayerTreeHost):
(WebKit::DrawingAreaCoordinatedGraphics::suspendPainting):
(WebKit::DrawingAreaCoordinatedGraphics::resumePainting):
(WebKit::DrawingAreaCoordinatedGraphics::enterAcceleratedCompositingMode):
(WebKit::DrawingAreaCoordinatedGraphics::exitAcceleratedCompositingMode):
(WebKit::DrawingAreaCoordinatedGraphics::scheduleDisplay):
(WebKit::DrawingAreaCoordinatedGraphics::displayTimerFired):
(WebKit::DrawingAreaCoordinatedGraphics::display):
(WebKit::shouldPaintBoundsRect):

  • WebProcess/WebPage/CoordinatedGraphics/DrawingAreaCoordinatedGraphics.h: Renamed from Source/WebKit/WebProcess/WebPage/AcceleratedDrawingArea.h.
  • WebProcess/WebPage/DrawingArea.cpp:

(WebKit::DrawingArea::create):

  • WebProcess/WebPage/DrawingArea.h:

(WebKit::DrawingArea::layerFlushThrottlingIsActive const):

  • WebProcess/WebPage/DrawingAreaImpl.cpp: Removed.
  • WebProcess/WebPage/DrawingAreaImpl.h: Removed.
3:14 AM Changeset in webkit [243981] by Carlos Garcia Campos
  • 43 edits in releases/WebKitGTK/webkit-2.24

Merge r242205 - [CoordinatedGraphics] Remove COORDINATED_GRAPHICS_THREADED option
https://bugs.webkit.org/show_bug.cgi?id=195159

Patch by Carlos Garcia Campos <cgarcia@igalia.com> on 2019-02-28
Reviewed by Don Olmstead.

.:

  • Source/cmake/OptionsGTK.cmake:
  • Source/cmake/OptionsPlayStation.cmake:
  • Source/cmake/OptionsWPE.cmake:

Source/WebCore:

Use COORDINATED_GRAPHICS instead.

  • platform/graphics/GraphicsContext3D.h:
  • platform/graphics/PlatformLayer.h:
  • platform/graphics/cairo/ImageBufferCairo.cpp:

(WebCore::ImageBufferData::ImageBufferData):
(WebCore::ImageBufferData::~ImageBufferData):

  • platform/graphics/cairo/ImageBufferDataCairo.h:
  • platform/graphics/nicosia/NicosiaPaintingEngineThreaded.cpp:
  • platform/graphics/nicosia/NicosiaPaintingEngineThreaded.h:
  • platform/graphics/nicosia/texmap/NicosiaGC3DLayer.cpp:

(Nicosia::GC3DLayer::swapBuffersIfNeeded):

  • platform/graphics/opengl/GraphicsContext3DOpenGL.cpp:

(WebCore::GraphicsContext3D::reshapeFBOs):

  • platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:

(WebCore::GraphicsContext3D::prepareTexture):

  • platform/graphics/opengl/GraphicsContext3DOpenGLES.cpp:

(WebCore::GraphicsContext3D::reshapeFBOs):

  • platform/graphics/texmap/GraphicsContext3DTextureMapper.cpp:

(WebCore::GraphicsContext3D::GraphicsContext3D):
(WebCore::GraphicsContext3D::~GraphicsContext3D):

  • platform/graphics/texmap/TextureMapperGC3DPlatformLayer.cpp:

(WebCore::TextureMapperGC3DPlatformLayer::TextureMapperGC3DPlatformLayer):
(WebCore::TextureMapperGC3DPlatformLayer::~TextureMapperGC3DPlatformLayer):

  • platform/graphics/texmap/TextureMapperGC3DPlatformLayer.h:
  • platform/graphics/texmap/TextureMapperPlatformLayerBuffer.cpp:
  • platform/graphics/texmap/TextureMapperPlatformLayerBuffer.h:
  • platform/graphics/texmap/TextureMapperPlatformLayerProxy.cpp:
  • platform/graphics/texmap/TextureMapperPlatformLayerProxy.h:
  • platform/graphics/texmap/TextureMapperPlatformLayerProxyProvider.h:
  • platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:

(WebCore::CoordinatedGraphicsLayer::setContentsNeedsDisplay):
(WebCore::CoordinatedGraphicsLayer::setContentsToPlatformLayer):
(WebCore::CoordinatedGraphicsLayer::updatePlatformLayer):

  • rendering/RenderLayerBacking.cpp:

(WebCore::RenderLayerBacking::paintsIntoWindow const):

  • rendering/RenderLayerCompositor.cpp:

(WebCore::RenderLayerCompositor::shouldCompositeOverflowControls const):

Source/WebKit:

Use COORDINATED_GRAPHICS instead.

  • Shared/CoordinatedGraphics/CoordinatedGraphicsScene.cpp:

(WebKit::CoordinatedGraphicsScene::onNewBufferAvailable):

  • Shared/CoordinatedGraphics/CoordinatedGraphicsScene.h:
  • Shared/CoordinatedGraphics/SimpleViewportController.cpp:
  • Shared/CoordinatedGraphics/SimpleViewportController.h:
  • Shared/CoordinatedGraphics/threadedcompositor/CompositingRunLoop.cpp:
  • Shared/CoordinatedGraphics/threadedcompositor/CompositingRunLoop.h:
  • Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.cpp:
  • Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.h:
  • Shared/CoordinatedGraphics/threadedcompositor/ThreadedDisplayRefreshMonitor.cpp:
  • Shared/CoordinatedGraphics/threadedcompositor/ThreadedDisplayRefreshMonitor.h:
  • WebProcess/WebPage/AcceleratedDrawingArea.cpp:

(WebKit::AcceleratedDrawingArea::mainFrameContentSizeChanged):
(WebKit::AcceleratedDrawingArea::enterAcceleratedCompositingMode):

  • WebProcess/WebPage/CoordinatedGraphics/LayerTreeHost.cpp:
  • WebProcess/WebPage/CoordinatedGraphics/LayerTreeHost.h:
  • WebProcess/WebPage/DrawingAreaImpl.cpp:

(WebKit::DrawingAreaImpl::updatePreferences):

  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::sendViewportAttributesChanged):
(WebKit::WebPage::viewportPropertiesDidChange):

  • WebProcess/gtk/WebProcessMainGtk.cpp:
3:14 AM Changeset in webkit [243980] by Carlos Garcia Campos
  • 8 edits
    1 move
    1 add
    5 deletes in releases/WebKitGTK/webkit-2.24/Source/WebKit

Merge r242199 - [CoordinatedGraphics] Unify all LayerTreeHost classes
https://bugs.webkit.org/show_bug.cgi?id=195094

Reviewed by Žan Doberšek.

There's no reason to have 3 classes, since currently LayerTreeHost is only used by coordinated graphics based
ports.

  • PlatformWin.cmake:
  • SourcesGTK.txt:
  • SourcesWPE.txt:
  • WebProcess/WebPage/AcceleratedDrawingArea.cpp:

(WebKit::AcceleratedDrawingArea::enterAcceleratedCompositingMode):
(WebKit::AcceleratedDrawingArea::exitAcceleratedCompositingModeNow):

  • WebProcess/WebPage/AcceleratedDrawingArea.h:
  • WebProcess/WebPage/CoordinatedGraphics/CoordinatedLayerTreeHost.cpp: Removed.
  • WebProcess/WebPage/CoordinatedGraphics/CoordinatedLayerTreeHost.h: Removed.
  • WebProcess/WebPage/CoordinatedGraphics/LayerTreeHost.cpp: Renamed from Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/ThreadedCoordinatedLayerTreeHost.cpp.

(WebKit::LayerTreeHost::LayerTreeHost):
(WebKit::LayerTreeHost::~LayerTreeHost):
(WebKit::LayerTreeHost::setLayerFlushSchedulingEnabled):
(WebKit::LayerTreeHost::scheduleLayerFlush):
(WebKit::LayerTreeHost::cancelPendingLayerFlush):
(WebKit::LayerTreeHost::layerFlushTimerFired):
(WebKit::LayerTreeHost::setRootCompositingLayer):
(WebKit::LayerTreeHost::setViewOverlayRootLayer):
(WebKit::LayerTreeHost::invalidate):
(WebKit::LayerTreeHost::scrollNonCompositedContents):
(WebKit::LayerTreeHost::forceRepaint):
(WebKit::LayerTreeHost::forceRepaintAsync):
(WebKit::LayerTreeHost::sizeDidChange):
(WebKit::LayerTreeHost::pauseRendering):
(WebKit::LayerTreeHost::resumeRendering):
(WebKit::LayerTreeHost::graphicsLayerFactory):
(WebKit::LayerTreeHost::contentsSizeChanged):
(WebKit::LayerTreeHost::didChangeViewportAttributes):
(WebKit::LayerTreeHost::didChangeViewport):
(WebKit::LayerTreeHost::setIsDiscardable):
(WebKit::LayerTreeHost::setNativeSurfaceHandleForCompositing):
(WebKit::LayerTreeHost::deviceOrPageScaleFactorChanged):
(WebKit::LayerTreeHost::createDisplayRefreshMonitor):
(WebKit::LayerTreeHost::didFlushRootLayer):
(WebKit::LayerTreeHost::commitSceneState):
(WebKit::LayerTreeHost::frameComplete):
(WebKit::LayerTreeHost::nativeSurfaceHandleForCompositing):
(WebKit::LayerTreeHost::didDestroyGLContext):
(WebKit::LayerTreeHost::willRenderFrame):
(WebKit::LayerTreeHost::didRenderFrame):
(WebKit::LayerTreeHost::requestDisplayRefreshMonitorUpdate):
(WebKit::LayerTreeHost::handleDisplayRefreshMonitorUpdate):
(WebKit::LayerTreeHost::renderNextFrame):

  • WebProcess/WebPage/CoordinatedGraphics/LayerTreeHost.h: Renamed from Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/ThreadedCoordinatedLayerTreeHost.h.
  • WebProcess/WebPage/DrawingAreaImpl.cpp:

(WebKit::DrawingAreaImpl::setNeedsDisplay):
(WebKit::DrawingAreaImpl::setNeedsDisplayInRect):

  • WebProcess/WebPage/LayerTreeHost.cpp: Removed.
  • WebProcess/WebPage/LayerTreeHost.h: Removed.
  • WebPage/win/LayerTreeHost.h: Added.
3:14 AM Changeset in webkit [243979] by Carlos Garcia Campos
  • 3 edits in releases/WebKitGTK/webkit-2.24/Source/WebKit

Merge r242266 - [ThreadedCompositor] Simply the compositing run loop worker thread
https://bugs.webkit.org/show_bug.cgi?id=195208

Patch by Carlos Garcia Campos <cgarcia@igalia.com> on 2019-03-01
Reviewed by Don Olmstead.

We can remove the WorkQueuePool, since we never really supported more than one thread, and now that single
process model non longer exists it doesn't even make sense. We can simply use a RunLoop instead of a WorkQueue
so that the implementation is not specific to the generic WorkQueue implementation.

  • Shared/CoordinatedGraphics/threadedcompositor/CompositingRunLoop.cpp:

(WebKit::createRunLoop): Helper function to create the RunLoop in a worker thread before m_updateTimer is initialized.
(WebKit::CompositingRunLoop::CompositingRunLoop): Use createRunLoop().
(WebKit::CompositingRunLoop::~CompositingRunLoop): Stop the worker thread run loop in the next main run loop iteration.
(WebKit::CompositingRunLoop::performTask): Use m_runLoop.
(WebKit::CompositingRunLoop::performTaskSync): Ditto.
(WebKit::WorkQueuePool::singleton): Deleted.
(WebKit::WorkQueuePool::dispatch): Deleted.
(WebKit::WorkQueuePool::runLoop): Deleted.
(WebKit::WorkQueuePool::invalidate): Deleted.
(WebKit::WorkQueuePool::WorkQueuePool): Deleted.
(WebKit::WorkQueuePool::getOrCreateWorkQueueForContext): Deleted.
(): Deleted.

  • Shared/CoordinatedGraphics/threadedcompositor/CompositingRunLoop.h:
3:14 AM Changeset in webkit [243978] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.24/Source/WebCore

Merge r243537 - [GStreamer] Remove the HLS queue buffering query hack
https://bugs.webkit.org/show_bug.cgi?id=196244

Reviewed by Xabier Rodriguez-Calvar.

Because the http src element now provides network statistics to
the player we can now compute an estimation of the data loading in
case the buffering query isn't handled by any element of the
pipeline.

No new tests, existing HLS tests cover this change.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

(WebCore::MediaPlayerPrivateGStreamer::fillTimerFired):
(WebCore::findHLSQueue): Deleted.
(WebCore::isHLSProgressing): Deleted.

3:14 AM Changeset in webkit [243977] by Carlos Garcia Campos
  • 6 edits in releases/WebKitGTK/webkit-2.24/Source/WebCore

Merge r243197 - [GStreamer] Switch back to webkitwebsrc for adaptive streaming fragments downloading
https://bugs.webkit.org/show_bug.cgi?id=195948

Reviewed by Xabier Rodriguez-Calvar.

The webkitwebsrc element now behaves much better when used through
GStreamer's adaptivedemux, so use it for all WebKit media
downloads. The MediaPlayer needed by the webkitwebsrc element now
travels through GstContext messages and queries so that it can be
shared by multiple elements, typically the first webkitwebsrc
element downloads the HLS manifest and then adaptivedemux, through
uridownloader, will create new webkitwebsrc elements for fragments
downloading. Those new elements will query the first webkitwebsrc
element for its context.

The previous hack used to check SecurityOrigins can
also be cleaned-up. The origins are now cached upon reception of
the HTTP headers message from webkitwebsrc.

No new tests, existing http/tests/media/hls tests cover this change.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

(WebCore::MediaPlayerPrivateGStreamer::setPlaybinURL):
(WebCore::MediaPlayerPrivateGStreamer::loadFull):
(WebCore::MediaPlayerPrivateGStreamer::handleMessage):
(WebCore::MediaPlayerPrivateGStreamer::loadNextLocation):
(WebCore::MediaPlayerPrivateGStreamer::wouldTaintOrigin const):
(WebCore::convertToInternalProtocol): Deleted.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:

(WebCore::MediaPlayerPrivateGStreamerBase::handleSyncMessage):

  • platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:

(webkit_web_src_class_init):
(webKitWebSrcSetContext):
(webKitWebSrcStart):
(webKitWebSrcGetProtocols):
(webKitWebSrcSetUri):
(CachedResourceStreamingClient::responseReceived):
(convertPlaybinURI): Deleted.
(webKitSrcWouldTaintOrigin): Deleted.

  • platform/graphics/gstreamer/WebKitWebSourceGStreamer.h:
3:14 AM Changeset in webkit [243976] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.24/Source/WebCore

Merge r243140 - REGRESSION(r243058): [GStreamer] 3 tests now timing out
https://bugs.webkit.org/show_bug.cgi?id=195888

Reviewed by Xabier Rodriguez-Calvar.

A breaking change was introduced in r243058. Now on-disk-buffering
is disabled when the reported Content-Length is 0 or not present
at all. This broke the progress event logic in didLoadProgress()
because leading to progress events not being fired as expected.

The proposed solution is to make webkitwebsrc notify the player
every time the network process receives data from the network. So
the player can now easily determine if the load progressed by
checking the reported statistics.

No new tests, existing media tests cover this change.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

(WebCore::MediaPlayerPrivateGStreamer::handleMessage):
(WebCore::MediaPlayerPrivateGStreamer::didLoadingProgress const):

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
  • platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:

(CachedResourceStreamingClient::dataReceived):

3:14 AM Changeset in webkit [243975] by Carlos Garcia Campos
  • 9 edits in releases/WebKitGTK/webkit-2.24

Merge r243058 - [GStreamer] Rewrite HTTP source element using pushsrc base class
https://bugs.webkit.org/show_bug.cgi?id=195631

Reviewed by Xabier Rodriguez-Calvar.

Source/WebCore:

If we want to use webkitwebsrc in adaptivedemux (HLS, DASH, etc)
we need a source element that behaves like souphttpsrc, which is
implemented using pushsrc. This rewrite might also fix some seek
issues.

No new tests, existing http/tests/media tests cover this patch.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

(WebCore::MediaPlayerPrivateGStreamer::handleMessage):

  • platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:

(webkit_web_src_class_init):
(webkitWebSrcReset):
(webkit_web_src_init):
(webKitWebSrcCreate):
(webKitWebSrcStart):
(webKitWebSrcCloseSession):
(webKitWebSrcStop):
(webKitWebSrcGetSize):
(webKitWebSrcIsSeekable):
(webKitWebSrcDoSeek):
(webKitWebSrcQuery):
(webKitWebSrcUnLock):
(webKitWebSrcUnLockStop):
(webKitWebSrcChangeState):
(CachedResourceStreamingClient::checkUpdateBlocksize):
(CachedResourceStreamingClient::responseReceived):
(CachedResourceStreamingClient::dataReceived):
(CachedResourceStreamingClient::accessControlCheckFailed):
(CachedResourceStreamingClient::loadFailed):
(CachedResourceStreamingClient::loadFinished):

  • platform/graphics/gstreamer/WebKitWebSourceGStreamer.h:

LayoutTests:

  • platform/gtk/TestExpectations:
  • platform/gtk/http/tests/media/hls/video-controls-live-stream-expected.txt:

Update expectations, though it's not really related with this
patch.

3:14 AM Changeset in webkit [243974] by Carlos Garcia Campos
  • 6 edits in releases/WebKitGTK/webkit-2.24/Source/WebCore

Merge r241444 - Stop using setDefersLoading from WebCore
https://bugs.webkit.org/show_bug.cgi?id=194315

Reviewed by Jer Noble.

That is what CompletionHandlers are for.

  • loader/MediaResourceLoader.cpp:

(WebCore::MediaResource::responseReceived):
(WebCore::MediaResource::setDefersLoading): Deleted.

  • loader/MediaResourceLoader.h:
  • platform/graphics/PlatformMediaResourceLoader.h:

(WebCore::PlatformMediaResourceClient::responseReceived):
(WebCore::PlatformMediaResource::stop):
(WebCore::PlatformMediaResource::setDefersLoading): Deleted.

  • platform/network/cocoa/WebCoreNSURLSession.mm:

(WebCore::WebCoreNSURLSessionDataTaskClient::responseReceived):
(-[WebCoreNSURLSessionDataTask resource:receivedResponse:completionHandler:]):
(-[WebCoreNSURLSessionDataTask _setDefersLoading:]): Deleted.
(-[WebCoreNSURLSessionDataTask resource:receivedResponse:]): Deleted.

3:14 AM Changeset in webkit [243973] by Carlos Garcia Campos
  • 5 edits in releases/WebKitGTK/webkit-2.24

Merge r243434 - [GTK][WPE] Do not allow changes in active URI before provisional load starts for non-API requests
https://bugs.webkit.org/show_bug.cgi?id=194208

Reviewed by Michael Catanzaro.

  • UIProcess/API/glib/WebKitWebView.cpp:

(webkitWebViewWillStartLoad): Block updates of active URL.
(webkitWebViewLoadChanged): Unblock updates of active URL on WEBKIT_LOAD_STARTED.

3:13 AM Changeset in webkit [243972] by Carlos Garcia Campos
  • 12 edits in releases/WebKitGTK/webkit-2.24

Merge r242788 - [WPE][GTK] Load events may occur in unexpected order when JS redirects page before subresource load finishes
https://bugs.webkit.org/show_bug.cgi?id=194131

Source/WebKit:

Reviewed by Michael Catanzaro.

Ensure we emit the load-failed and load-changed with finished event when there's still an ongoing load when a
new provisional load strarts. Previous load fails with cancelled error.

  • UIProcess/API/glib/WebKitWebView.cpp:

(webkitWebViewWillStartLoad): Call webkitWebViewLoadFailed() if current page load state is not finished.

  • UIProcess/API/glib/WebKitWebViewPrivate.h:
  • UIProcess/API/gtk/PageClientImpl.cpp:

(WebKit::PageClientImpl::didStartProvisionalLoadForMainFrame): Call webkitWebViewWillStartLoad().

  • UIProcess/API/wpe/APIViewClient.h:

(API::ViewClient::willStartLoad): Add willStartLoad() to API::ViewClient

  • UIProcess/API/wpe/PageClientImpl.cpp:

(WebKit::PageClientImpl::didStartProvisionalLoadForMainFrame): Call WPEView::willStartLoad().

  • UIProcess/API/wpe/PageClientImpl.h:
  • UIProcess/API/wpe/WPEView.cpp:

(WKWPE::View::willStartLoad): Call API::ViewClient::willStartLoad().

  • UIProcess/API/wpe/WPEView.h:
  • UIProcess/PageLoadState.h:

(WebKit::PageLoadState::isProvisional const):
(WebKit::PageLoadState::isCommitted const):
(WebKit::PageLoadState::isFinished const):

Tools:

Patch by Michael Catanzaro <Michael Catanzaro> on 2019-03-12
Reviewed by Michael Catanzaro.

  • TestWebKitAPI/Tests/WebKitGLib/TestLoaderClient.cpp:

(uriChanged):
(testUnfinishedSubresourceLoad):
(serverCallback):
(beforeAll):

2:09 AM Changeset in webkit [243971] by svillar@igalia.com
  • 4 edits in trunk

[GTK][WPE] outlook.live.com displays old-fashioned UI
https://bugs.webkit.org/show_bug.cgi?id=196642

Reviewed by Carlos Garcia Campos.

Source/WebCore:

The new good looking UI is shown as long as pretend we're a Mac in the UA.

  • platform/UserAgentQuirks.cpp:

(WebCore::urlRequiresChromeBrowser):

Tools:

  • TestWebKitAPI/Tests/WebCore/UserAgentQuirks.cpp:

(TestWebKitAPI::TEST): New Mac platform quirk test.

1:11 AM Changeset in webkit [243970] by Carlos Garcia Campos
  • 18 edits
    2 moves in trunk/Source/WebCore

[ATK] Cleanup accessible wrapper base class
https://bugs.webkit.org/show_bug.cgi?id=196601

Reviewed by Mario Sanchez Prada.

Cleanups:

  • Rename WebKitAccessibleWrapperAtk cpp and header as WebKitAccessible for consistency with the class name.
  • Use WEBKIT_DEFINE_TYPE instead of custom type registration. This ensures that all CStrings used in private struct are no longer leaked.
  • Move core object pointer to the private struct.
  • Remove confusing core() function and simply get the core object from the private struct.
  • Use nullptr instead of 0 and other coding style issues.
  • Rename cacheAndReturnAtkProperty as webkitAccessibleCacheAndReturnAtkProperty and use WebKitAccessible as instance parameter.
  • Make webkitAccessibleGetAccessibilityObject() return a reference, since we use a fallback object on detach it never returns nullptr.
  • Move objectFocusedAndCaretOffsetUnignored() to WebKitAccessibleUtil.
  • SourcesGTK.txt:
  • accessibility/atk/AXObjectCacheAtk.cpp:
  • accessibility/atk/WebKitAccessible.cpp: Renamed from Source/WebCore/accessibility/atk/WebKitAccessibleWrapperAtk.cpp.

(webkitAccessibleGetName):
(webkitAccessibleGetDescription):
(setAtkRelationSetFromCoreObject):
(isRootObject):
(webkitAccessibleGetParent):
(webkitAccessibleGetNChildren):
(webkitAccessibleRefChild):
(webkitAccessibleGetIndexInParent):
(webkitAccessibleGetAttributes):
(atkRole):
(webkitAccessibleGetRole):
(webkitAccessibleRefStateSet):
(webkitAccessibleRefRelationSet):
(webkitAccessibleInit):
(webkitAccessibleGetObjectLocale):
(webkit_accessible_class_init):
(interfaceMaskFromObject):
(uniqueAccessibilityTypeName):
(accessibilityTypeFromObject):
(webkitAccessibleNew):
(webkitAccessibleGetAccessibilityObject):
(webkitAccessibleDetach):
(webkitAccessibleIsDetached):
(webkitAccessibleCacheAndReturnAtkProperty):

  • accessibility/atk/WebKitAccessible.h: Renamed from Source/WebCore/accessibility/atk/WebKitAccessibleWrapperAtk.h.
  • accessibility/atk/WebKitAccessibleHyperlink.cpp:

(core):

  • accessibility/atk/WebKitAccessibleInterfaceAction.cpp:

(core):
(webkitAccessibleActionGetKeybinding):
(webkitAccessibleActionGetName):

  • accessibility/atk/WebKitAccessibleInterfaceComponent.cpp:

(core):

  • accessibility/atk/WebKitAccessibleInterfaceDocument.cpp:

(core):
(documentAttributeValue):

  • accessibility/atk/WebKitAccessibleInterfaceEditableText.cpp:

(core):

  • accessibility/atk/WebKitAccessibleInterfaceHypertext.cpp:

(core):

  • accessibility/atk/WebKitAccessibleInterfaceImage.cpp:

(core):
(webkitAccessibleImageGetImageDescription):

  • accessibility/atk/WebKitAccessibleInterfaceSelection.cpp:

(core):

  • accessibility/atk/WebKitAccessibleInterfaceTable.cpp:

(core):

  • accessibility/atk/WebKitAccessibleInterfaceTableCell.cpp:

(core):

  • accessibility/atk/WebKitAccessibleInterfaceText.cpp:

(core):

  • accessibility/atk/WebKitAccessibleInterfaceValue.cpp:

(core):

  • accessibility/atk/WebKitAccessibleUtil.cpp:

(objectFocusedAndCaretOffsetUnignored):

  • accessibility/atk/WebKitAccessibleUtil.h:
  • editing/atk/FrameSelectionAtk.cpp:

Apr 7, 2019:

7:58 PM Changeset in webkit [243969] by commit-queue@webkit.org
  • 5 edits in trunk

Unreviewed, rolling out r243956.
https://bugs.webkit.org/show_bug.cgi?id=196688

Broke API Test SafeBrowsing.WKWebViewGoBackIFrame (Requested
by aakashjain on #webkit).

Reverted changeset:

"Clicking "Go Back" from a safe browsing warning from an
iframe should navigate the WKWebView back to the previous
page"
https://bugs.webkit.org/show_bug.cgi?id=196665
https://trac.webkit.org/changeset/243956

4:31 PM Changeset in webkit [243968] by ggaren@apple.com
  • 2 edits in trunk/Source/WebKit

Remove stray byte added by r241131
https://bugs.webkit.org/show_bug.cgi?id=196682

Reviewed by Alexey Proskuryakov.

Sublime Text thinks WKWebView.mm is binary instead of text.

According to online documentation and bisecting, this is because r241131
introduced a stray byte (probably a null byte?) into the file.

I fixed this with Cmd-C Cmd-V.

  • UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView _initializeWithConfiguration:]):

4:24 PM Changeset in webkit [243967] by msaboff@apple.com
  • 3 edits
    1 add in trunk

REGRESSION (r243642): Crash in reddit.com page
https://bugs.webkit.org/show_bug.cgi?id=196684

Reviewed by Geoffrey Garen.

JSTests:

New regression test.

  • stress/regexp-nongreedy-charclass-backtracks.js: Added.

Source/JavaScriptCore:

In r243642, the code that saves and restores the count for non-greedy character classes
was inadvertently put inside an if statement. This code should be generated for all
non-greedy character classes.

  • yarr/YarrJIT.cpp:

(JSC::Yarr::YarrGenerator::generateCharacterClassNonGreedy):
(JSC::Yarr::YarrGenerator::backtrackCharacterClassNonGreedy):

12:25 PM Changeset in webkit [243966] by ysuzuki@apple.com
  • 4 edits
    1 add in trunk

[JSC] CallLinkInfo should clear Callee or CodeBlock even if it is unlinked by jettison
https://bugs.webkit.org/show_bug.cgi?id=196683

Reviewed by Saam Barati.

JSTests:

  • stress/clear-callee-or-codeblock-in-calllinkinfo-even-cleared-by-jettison.js: Added.

(foo):

Source/JavaScriptCore:

In r243626, we stop repatching CallLinkInfo when the CallLinkInfo is held by jettisoned CodeBlock.
But we still need to clear the Callee or CodeBlock since they are now dead. Otherwise, CodeBlock's
visitWeak eventually accesses this dead cells and crashes because the owner CodeBlock of CallLinkInfo
can be still live.

We also move all repatching operations from CallLinkInfo.cpp to Repatch.cpp for consistency because the
other repatching operations in CallLinkInfo are implemented in Repatch.cpp side.

  • bytecode/CallLinkInfo.cpp:

(JSC::CallLinkInfo::setCallee):
(JSC::CallLinkInfo::clearCallee):

  • jit/Repatch.cpp:

(JSC::linkFor):
(JSC::revertCall):

Note: See TracTimeline for information about the timeline view.