Context Navigation

← Previous Period
Next Period →

Timeline

Jul 2, 2019:

11:13 PM Changeset in webkit [247089] by Simon Fraser

2 edits in trunk/Source/WebCore

REGRESSION (r246723): ScrollingTreeOverflowScrollProxyNode::m_overflowScrollingNodeID is uninitialized sometimes
https://bugs.webkit.org/show_bug.cgi?id=199432

Reviewed by Antti Koivisto.

I noticed while debugging rdar://problem/52291642 that m_overflowScrollingNodeID was uninitialized in
ScrollingTreeOverflowScrollProxyNode. This could lead to the wrong node being found by m_scrollingTree->nodeForID(),
which could result in type confusion bugs.

This can happen with negative z-order layers when we fail to find their related scrolling tree node
on the first pass.

page/scrolling/cocoa/ScrollingTreeOverflowScrollProxyNode.h:

11:01 PM Changeset in webkit [247088] by msaboff@apple.com

3 edits
1 add in trunk

JSTests:
Exception from For..of loop assignment eliminates TDZ checks in subsequent code
https://bugs.webkit.org/show_bug.cgi?id=199395

Reviewed by Filip Pizlo.

New regession test.

stress/for-of-tdz-with-try-catch.js: Added.

(test):
(i.catch):

Source/JavaScriptCore:
Exception from For..of loop destructured assignment eliminates TDZ checks in subsequent code
https://bugs.webkit.org/show_bug.cgi?id=199395

Reviewed by Filip Pizlo.

For destructuring assignmests, the assignment might throw a reference error if
the RHS cannot be coerced. The current bytecode generated for such assignments
optimizes out the TDZ check after the coercible check.

By saving the current state of the TDZ stack before processing the setting of
target destructured values and then restoring afterwards, we won't optimize out
later TDZ check(s).

A similar change of saving / restoring the TDZ stack where exceptions might
happen was done for for..in loops in change set r232219.

bytecompiler/NodesCodegen.cpp:

(JSC::ObjectPatternNode::bindValue const):

10:43 PM Changeset in webkit [247087] by zandobersek@gmail.com

3 edits in trunk/Source/WebCore

FetchResponse::BodyLoader should not be movable
https://bugs.webkit.org/show_bug.cgi?id=199380

Reviewed by Youenn Fablet.

The FetchResponse::BodyLoader class has a FetchLoader member that is
initialized in the start() method with the reference of the owning
FetchResponse::BodyLoader object. This reference doesn't change when
the FetchResponse::BodyLoader object is moved into a different object
and the FetchLoader unique_ptr along with it, leading to problems when
that FetchLoader tries to invoke the FetchLoaderClient methods on the
FetchResponse::BodyLoader object that's been moved from and is possibly
already destroyed.

To avoid this, the FetchResponse::BodyLoader has the move constructor
removed and is now managed through std::unique_ptr instead of Optional,
ensuring the FetchResponse::BodyLoader object itself isn't moved around.

Modules/fetch/FetchResponse.cpp:

(WebCore::FetchResponse::fetch):
(WebCore::FetchResponse::BodyLoader::didSucceed):
(WebCore::FetchResponse::BodyLoader::didFail):

Modules/fetch/FetchResponse.h:

8:42 PM Changeset in webkit [247086] by Fujii Hironori

4 edits
4 deletes in trunk/LayoutTests

imported/blink/animations/display-inline-style-adjust.html isn't a valid ref test
https://bugs.webkit.org/show_bug.cgi?id=199311

Reviewed by Simon Fraser.

These tests are depending on platform font metrics. They were
created for a Blink bug, doesn't seem useful for WebKit. Just
removed them.

imported/blink/animations/display-inline-style-adjust.html: Deleted.
legacy-animation-engine/imported/blink/animations/display-inline-style-adjust.html: Deleted.
platform/gtk/TestExpectations: Unmarked them.
platform/ios/TestExpectations: Ditto.
platform/wpe/TestExpectations: Ditto.

6:41 PM Changeset in webkit [247085] by commit-queue@webkit.org

7 edits
7 adds in trunk

Assertion fires when animating the 'class' attribute of an SVG element
https://bugs.webkit.org/show_bug.cgi?id=197372

Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2019-07-02
Reviewed by Ryosuke Niwa.

Source/WebCore:

All instances of SVG animated properties have to share a single animVal
such that once its value is progressed, all the instances will see the
change. This was not happening for SVGAnimatedPrimitiveProperty. To do
that we need to:

-- Introduce the new template class SVGSharedPrimitiveProperty which is

derived from SVGProperty. This class manages a single primitive value.

-- Change the type of SVGAnimatedPrimitiveProperty::m_animVal to

RefPtr<SVGSharedPrimitiveProperty<PropertyType>>. The master property
creates it and all the instances hold references to the same pointer.

-- Change the type of SVGAnimatedPrimitiveProperty::m_baseVal to

Ref<SVGSharedPrimitiveProperty<PropertyType>> for simplicity and get
rid of SVGAnimatedPrimitiveProperty::m_state.

-- Override the virtual methods instanceStartAnimation() and

instanceStopAnimation() of SVGAnimatedPrimitiveProperty.

-- SVGAnimatedStringAnimator should invalidate the style of the target

element if attribute name is 'class' and when its animVal changes.

WebCore.xcodeproj/project.pbxproj:
svg/properties/SVGAnimatedPrimitiveProperty.h:

(WebCore::SVGAnimatedPrimitiveProperty::setBaseVal):
(WebCore::SVGAnimatedPrimitiveProperty::setBaseValInternal):
(WebCore::SVGAnimatedPrimitiveProperty::baseVal const):
(WebCore::SVGAnimatedPrimitiveProperty::setAnimVal):
(WebCore::SVGAnimatedPrimitiveProperty::animVal const):
(WebCore::SVGAnimatedPrimitiveProperty::animVal):
(WebCore::SVGAnimatedPrimitiveProperty::currentValue const):
(WebCore::SVGAnimatedPrimitiveProperty::SVGAnimatedPrimitiveProperty):
(WebCore::SVGAnimatedPrimitiveProperty::ensureAnimVal):

svg/properties/SVGAnimatedPropertyAnimatorImpl.h:
svg/properties/SVGAttributeAnimator.cpp:

(WebCore::SVGAttributeAnimator::invalidateStyle):
(WebCore::SVGAttributeAnimator::applyAnimatedStylePropertyChange):
(WebCore::SVGAttributeAnimator::removeAnimatedStyleProperty):

svg/properties/SVGAttributeAnimator.h:
svg/properties/SVGSharedPrimitiveProperty.h: Added.

(WebCore::SVGSharedPrimitiveProperty::create):
(WebCore::SVGSharedPrimitiveProperty::value const):
(WebCore::SVGSharedPrimitiveProperty::value):
(WebCore::SVGSharedPrimitiveProperty::setValue):
(WebCore::SVGSharedPrimitiveProperty::SVGSharedPrimitiveProperty):

LayoutTests:

svg/animations/animated-bool-externalResourcesRequired-instances-expected.svg: Added.
svg/animations/animated-bool-externalResourcesRequired-instances.svg: Added.
svg/animations/animated-string-class-instances-expected.svg: Added.
svg/animations/animated-string-class-instances.svg: Added.
svg/animations/animated-string-href-expected.svg: Added.
svg/animations/animated-string-href.svg: Added.

6:10 PM Changeset in webkit [247084] by Alan Coon

1 copy in tags/Safari-607.3.8

Tag Safari-607.3.8.

5:15 PM Changeset in webkit [247083] by Ryan Haddad

3 edits in trunk/LayoutTests

[macOS WK2] REGRESSION (r242313): Layout Test scrollingcoordinator/mac/multiple-fixed.html is a flaky time out and image diff
https://bugs.webkit.org/show_bug.cgi?id=195635

Unreviewed test gardening.

Move test expectation entry to a more specific file.

platform/mac-wk2/TestExpectations:
platform/mac/TestExpectations:

4:58 PM Changeset in webkit [247082] by youenn@apple.com

2 edits in trunk/Source/WebKit

StorageManager does not need to be a WorkQueueMessageReceiver anymore
https://bugs.webkit.org/show_bug.cgi?id=199421

Reviewed by Chris Dumez.

NetworkProcess/WebStorage/StorageManager.h:

4:53 PM Changeset in webkit [247081] by sbarati@apple.com

2 edits in trunk/LayoutTests

[WHLSL] Change whlsl-two-dimensional-array.html to not be flaky on AMD Radeon Pro GPUs
https://bugs.webkit.org/show_bug.cgi?id=199424

Reviewed by Myles C. Maxfield.

webgpu/whlsl-two-dimensional-array.html:

4:44 PM Changeset in webkit [247080] by aakash_jain@apple.com

3 edits in trunk/Tools

[ews-build] Add build steps to Install Wpe and Gtk dependencies
https://bugs.webkit.org/show_bug.cgi?id=199408

Reviewed by Michael Catanzaro.

BuildSlaveSupport/ews-build/steps.py:

(InstallGtkDependencies): Build step to install dependencies for GTK. Set haltOnFailure=False so that in case of failure, build isn't
marked as failed (which would indicated patch failed EWS), instead subsequent steps would be run and the build would be marked as RETRY.
(InstallWpeDependencies): Ditto for WPE.

BuildSlaveSupport/ews-build/steps_unittest.py: Added unit-tests.

4:29 PM Changeset in webkit [247079] by commit-queue@webkit.org

10 edits in trunk/Source

Unreviewed, rolling out r247041.
https://bugs.webkit.org/show_bug.cgi?id=199425

broke some iOS arm64e tests (Requested by keith_miller on
#webkit).

Reverted changeset:

"PACCage should first cage leaving PAC bits intact then
authenticate"
https://bugs.webkit.org/show_bug.cgi?id=199372
https://trac.webkit.org/changeset/247041

4:07 PM Changeset in webkit [247078] by Chris Dumez

7 edits in trunk/Source

ThreadSafeRefCounted<DestructionThread::Main> is not safe to use in the UIProcess
https://bugs.webkit.org/show_bug.cgi?id=199420
<rdar://problem/52289717>

Reviewed by Ryosuke Niwa.

Source/WebKit:

Update IPC::Connection and DeviceIdHashSaltStorage to use DestructionThread::MainRunLoop
instead of DestructionThread::Main, since both classes are used in the UIProcess.

Using DestructionThread::Main is not safe in the UIProcess because its implementation relies
on isMainThread() / callOnMainThread(). Those get confused about which thread is the main
thread when an application uses both WK1 and WK2.

Platform/IPC/Connection.h:
UIProcess/DeviceIdHashSaltStorage.h:

Source/WTF:

wtf/MainThread.cpp:

(WTF::isMainRunLoop):
(WTF::callOnMainRunLoop):

wtf/MainThread.h:

Add some function to MainThread.h to be used by ThreadSafeRefCounted to interact with the
main RunLoop. This is used to avoid a circular dependency between RunLoop (which is
ThreadSafeRefCounted) and ThreadSafeReCounted.

wtf/ThreadSafeRefCounted.h:

(WTF::ThreadSafeRefCounted::deref const):
Add a new DestructionThread::MainRunLoop enum value to be used by classes that need to
be destroyed on the main RunLoop rather than the main thread (which may be different
when WK1 is invoved)

4:05 PM Changeset in webkit [247077] by Alan Coon

7 edits
2 deletes in tags/Safari-608.1.33

Revert r247015. rdar://problem/52552864

4:05 PM Changeset in webkit [247076] by commit-queue@webkit.org

2 edits in trunk/Source/WebKit

[GTK][WPE] Explicitly blacklist problematic directories for sandbox
https://bugs.webkit.org/show_bug.cgi?id=199367

Patch by Patrick Griffis <Patrick Griffis> on 2019-07-02
Reviewed by Michael Catanzaro.

There are some directories that simply do not make sense to bind into the sandbox
and will only cause issues such as /proc so lets just block them.

UIProcess/API/glib/WebKitWebContext.cpp:

(path_is_not_blacklisted):
(webkit_web_context_add_path_to_sandbox):

4:03 PM Changeset in webkit [247075] by aakash_jain@apple.com

2 edits in trunk/Tools

[ews-build] Allow skipping uploading built product for few builders
https://bugs.webkit.org/show_bug.cgi?id=199422

Reviewed by Michael Catanzaro.

BuildSlaveSupport/ews-build/steps.py:

(CompileWebKit.init): Added optional skipUpload parameter.
(CompileWebKit.evaluateCommand): Allow to skip upload if there are no triggers and skipUpload is True.

3:43 PM Changeset in webkit [247074] by Alan Coon

1 edit in branches/safari-607-branch/Source/WebCore/loader/DocumentWriter.cpp

Unreviewed build fix. rdar://problem/52054321

3:04 PM Changeset in webkit [247073] by timothy_horton@apple.com

4 edits in trunk

REGRESSION (r243240): Unable to swipe back in Safari
https://bugs.webkit.org/show_bug.cgi?id=199394
<rdar://problem/51137447>

Reviewed by Wenson Hsieh.

Source/WebKit:

UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView _processDidExit]):
r243240 started nilling out the ViewGestureController, but we don't actually
expect that; the only time WKWebView's ViewGestureController goes away
is if the client turns off the gestures... and so nothing ever puts it back.
Instead, just always disconnect, don't nil it out.

Tools:

TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:

Make sure that we actually end up with swipe gesture recognizers installed
after process swap and crash.

1:52 PM Changeset in webkit [247072] by Chris Dumez

6 edits in trunk/Source/WebKit

Protect NetworkProcess::m_networkSessions against corruption
https://bugs.webkit.org/show_bug.cgi?id=199418
<rdar://problem/50614019>

Reviewed by Youenn Fablet.

I believe the most likely reason for the crash at <rdar://problem/50614019> is that NetworkProcess::m_networkSessions
is getting corrupted and is returning us a bad pointer.

To harden our code, I added debug assertions to make sure that this HashMap is only used on the main thread and
to make sure that the sessionID used as key is always valid. I have also added if checks to avoid crashing in
release whenever possible.

Note that we came to a similar conclusion for NetworkProcess::m_swServers when investigating rdar://problem/51859081,
so the two radars are potentially related. Both HashMaps are owned by the NetworkProcess and use a SessionID
as key.

NetworkProcess/NetworkConnectionToWebProcess.cpp:

(WebKit::NetworkConnectionToWebProcess::cookiesForDOM):
(WebKit::NetworkConnectionToWebProcess::setCookiesFromDOM):
(WebKit::NetworkConnectionToWebProcess::logUserInteraction):
(WebKit::NetworkConnectionToWebProcess::logWebSocketLoading):
(WebKit::NetworkConnectionToWebProcess::logSubresourceLoading):
(WebKit::NetworkConnectionToWebProcess::logSubresourceRedirect):
(WebKit::NetworkConnectionToWebProcess::hasStorageAccess):
(WebKit::NetworkConnectionToWebProcess::requestStorageAccess):
(WebKit::NetworkConnectionToWebProcess::requestStorageAccessUnderOpener):

NetworkProcess/NetworkProcess.cpp:

(WebKit::NetworkProcess::networkSession const):
(WebKit::NetworkProcess::setSession):
(WebKit::NetworkProcess::destroySession):
(WebKit::NetworkProcess::addKeptAliveLoad):
(WebKit::NetworkProcess::removeKeptAliveLoad):
(WebKit::NetworkProcess::webProcessWasDisconnected):

NetworkProcess/NetworkProcess.h:
NetworkProcess/NetworkResourceLoader.cpp:

(WebKit::NetworkResourceLoader::retrieveCacheEntry):
(WebKit::NetworkResourceLoader::didFinishWithRedirectResponse):
(WebKit::NetworkResourceLoader::tryStoreAsCacheEntry):
(WebKit::NetworkResourceLoader::shouldLogCookieInformation):

NetworkProcess/ios/NetworkConnectionToWebProcessIOS.mm:

(WebKit::NetworkConnectionToWebProcess::paymentCoordinatorBoundInterfaceIdentifier):
(WebKit::NetworkConnectionToWebProcess::paymentCoordinatorCTDataConnectionServiceType):
(WebKit::NetworkConnectionToWebProcess::paymentCoordinatorSourceApplicationBundleIdentifier):
(WebKit::NetworkConnectionToWebProcess::paymentCoordinatorSourceApplicationSecondaryIdentifier):

1:24 PM Changeset in webkit [247071] by commit-queue@webkit.org

23 edits in trunk

Enhance support of aria-haspopup per ARIA 1.1 specification.
https://bugs.webkit.org/show_bug.cgi?id=199216
<rdar://problem/46221342>

Patch by Andres Gonzalez <Andres Gonzalez> on 2019-07-02
Reviewed by Chris Fleizach.

Source/WebCore:

Test button-with-aria-haspopup-role.html was expanded to cover testing
of new functionality.

accessibility/AccessibilityObject.cpp:

(WebCore::AccessibilityObject::popupValue const): replaces hasPopupValue.
(WebCore::AccessibilityObject::hasPopupValue const): Deleted.

accessibility/AccessibilityObject.h:
accessibility/AccessibilityRenderObject.cpp:

(WebCore::AccessibilityRenderObject::hasPopup const): method rename.

accessibility/atk/WebKitAccessible.cpp:

(webkitAccessibleGetAttributes): method rename.

accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:

(-[WebAccessibilityObjectWrapper accessibilityPopupValue]):

accessibility/mac/WebAccessibilityObjectWrapperMac.mm:

(-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]):

Tools:

DumpRenderTree/AccessibilityUIElement.cpp:

(getPopupValueCallback):
(AccessibilityUIElement::getJSClass):

DumpRenderTree/AccessibilityUIElement.h:
DumpRenderTree/mac/AccessibilityUIElementMac.mm:

(AccessibilityUIElement::popupValue const):

WebKitTestRunner/InjectedBundle/AccessibilityUIElement.h:
WebKitTestRunner/InjectedBundle/Bindings/AccessibilityUIElement.idl:
WebKitTestRunner/InjectedBundle/ios/AccessibilityUIElementIOS.mm:

(WTR::AccessibilityUIElement::popupValue const):

WebKitTestRunner/InjectedBundle/mac/AccessibilityUIElementMac.mm:

(WTR::AccessibilityUIElement::popupValue const):

LayoutTests:

accessibility/button-with-aria-haspopup-role-expected.txt:
accessibility/button-with-aria-haspopup-role.html:
accessibility/ios-simulator/button-with-aria-haspopup-role-expected.txt:
accessibility/ios-simulator/button-with-aria-haspopup-role.html:

1:02 PM Changeset in webkit [247070] by Kocsen Chung

5 edits in branches/safari-607.3.1.2-branch/Source/JavaScriptCore

Revert r246801. rdar://problem/52505032

12:51 PM Changeset in webkit [247069] by aakash_jain@apple.com

3 edits in trunk/Tools

[ews-build] Do not print worker environment variables in each build step [part 2]
https://bugs.webkit.org/show_bug.cgi?id=199405

Reviewed by Jonathan Bedard.

BuildSlaveSupport/ews-build/steps.py:

(CheckOutSpecificRevision.init): Disabled logging of environment variables.
(CleanWorkingDirectory.init): Ditto.
(RunBindingsTests.init): Ditto.
(RunWebKitPerlTests.init): Ditto.
(RunWebKitPyTests.init): Ditto.
(CompileWebKit.init): Ditto.
(ArchiveTestResults.init): Ditto.

BuildSlaveSupport/ews-build/steps_unittest.py: Updated unit-tests.

12:51 PM Changeset in webkit [247068] by Kocsen Chung

5 edits in branches/safari-607-branch/Source/JavaScriptCore

Revert r246801. rdar://problem/52505041

12:06 PM Changeset in webkit [247067] by sbarati@apple.com

6 edits
2 adds in trunk

[WHLSL] Import bitwise bool tests
https://bugs.webkit.org/show_bug.cgi?id=199093

Reviewed by Myles C. Maxfield.

Source/WebCore:

Add standard library functions for:

bool bit ops
converting from bool to number
converting from number to bool

Test: webgpu/whlsl-bitwise-bool-ops.html

Modules/webgpu/WHLSL/WHLSLStandardLibrary.txt:

LayoutTests:

This patch makes it so that we can mark bools as input and output types in the
WHLSL harness. Since bool is not something WHLSL itself allows as an entrypoint
input/output type (because we don't specify its bit pattern), we convert between
bool and int in the input and output of the function. For now, we don't support
a buffer of bools for the input type as a simplification, so we don't have to worry
about dynamically converting an int buffer to a bool buffer. We could add this
in the future if we found it helpful, but we don't have a strong reason for supporting
it right now.

This patch also starts the process of importing the WHLSL test suite by importing bool
bit op tests.

webgpu/js/whlsl-test-harness.js:

(convertTypeToArrayType):
(whlslArgumentType):
(convertToWHLSLOutputType):
(convertToWHLSLInputType):
(Data):
(Harness.prototype.get isWHLSL):
(Harness.prototype.async.callTypedFunction):
(Harness.prototype._setUpArguments):
(callVoidFunction):

webgpu/whlsl-bitwise-bool-ops-expected.txt: Added.
webgpu/whlsl-bitwise-bool-ops.html: Added.
webgpu/whlsl-test-harness-test-expected.txt:
webgpu/whlsl-test-harness-test.html:

11:55 AM Changeset in webkit [247066] by Alan Coon

6 edits in branches/safari-607-branch/Source/WebCore

Cherry-pick r247017. rdar://problem/52054321

More judiciously handle clearing/creation of DOMWindows for new Documents.
<rdar://problem/51665406> and https://bugs.webkit.org/show_bug.cgi?id=198786

Reviewed by Chris Dumez.

bindings/js/ScriptController.cpp: (WebCore::ScriptController::executeIfJavaScriptURL):

loader/DocumentWriter.cpp: (WebCore::DocumentWriter::replaceDocumentWithResultOfExecutingJavascriptURL): Rename for clarity. (WebCore::DocumentWriter::begin): Handle DOMWindow taking/creation inside FrameLoader::clear via a lambda. (WebCore::DocumentWriter::replaceDocument): Deleted.
loader/DocumentWriter.h:

loader/FrameLoader.cpp: (WebCore::FrameLoader::clear): Take a "handleDOMWindowCreation" lambda to run after clearing the previous document.
loader/FrameLoader.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@247017 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:46 AM Changeset in webkit [247065] by keith_miller@apple.com

3 edits
1 add in trunk

Frozen Arrays length assignment should throw in strict mode
https://bugs.webkit.org/show_bug.cgi?id=199365

Reviewed by Yusuke Suzuki.

JSTests:

stress/frozen-array-length-should-throw-strict.js: Added.

(test):

Source/JavaScriptCore:

runtime/JSArray.cpp:

(JSC::JSArray::put):

11:28 AM Changeset in webkit [247064] by commit-queue@webkit.org

5 edits
3 adds in trunk

[Curl] Fix CookieJarCurl::getRawCookie.
https://bugs.webkit.org/show_bug.cgi?id=199300

Patch by Takashi Komori <Takashi.Komori@sony.com> on 2019-07-02
Reviewed by Fujii Hironori.

Source/WebCore:

On wincairo some cookie information was not displayed in WebInspector's storage tab as
CookieJarCurl::getRawCookies was calling CookieJarDB::searchCookies with wrong arguments.
This patch fixes it.

Test: http/tests/inspector/page/get-cookies.html

platform/network/curl/CookieJarCurl.cpp:

(WebCore::CookieJarCurl::getRawCookies const):

LayoutTests:

http/tests/inspector/page/get-cookies-expected.txt: Added.
http/tests/inspector/page/get-cookies.html: Added.
http/tests/inspector/page/resources/set-cookie.php: Added.
platform/wincairo-wk1/TestExpectations:
platform/wincairo/TestExpectations:

11:20 AM Changeset in webkit [247063] by Alan Coon

7 edits in trunk/Source

Versioning.

11:13 AM Changeset in webkit [247062] by rmorisset@apple.com

14 edits in trunk/Source

[WHLSL] the initializer in VariableDeclaration should be a std::unique_ptr, not Optional<UniqueRef<..>>
https://bugs.webkit.org/show_bug.cgi?id=199389

Reviewed by Sam Weinig.

Source/WebCore:

Optional<UniqueRef<..>> is not only semantically weird (UniqueRef is basically a unique_ptr that promises not to be null), but also inefficient, wasting 8 bytes for the boolean in Optional.
It is a pattern that appears throughout the AST. In this patch I start by removing it in a fairly simple spot: the initializer for VariableDeclaration.

No test because there is no intended functional change.

Modules/webgpu/WHLSL/AST/WHLSLReadModifyWriteExpression.h:

(WebCore::WHLSL::AST::ReadModifyWriteExpression::ReadModifyWriteExpression):

Modules/webgpu/WHLSL/AST/WHLSLVariableDeclaration.h:

(WebCore::WHLSL::AST::VariableDeclaration::VariableDeclaration):
(WebCore::WHLSL::AST::VariableDeclaration::initializer):
(WebCore::WHLSL::AST::VariableDeclaration::takeInitializer):
(WebCore::WHLSL::AST::VariableDeclaration::setInitializer):

Modules/webgpu/WHLSL/WHLSLAutoInitializeVariables.cpp:

(WebCore::WHLSL::AutoInitialize::visit):

Modules/webgpu/WHLSL/WHLSLChecker.cpp:

(WebCore::WHLSL::resolveWithOperatorAnderIndexer):
(WebCore::WHLSL::resolveWithOperatorLength):
(WebCore::WHLSL::resolveWithReferenceComparator):

Modules/webgpu/WHLSL/WHLSLParser.cpp:

(WebCore::WHLSL::Parser::parseParameter):
(WebCore::WHLSL::Parser::parseVariableDeclaration):

Modules/webgpu/WHLSL/WHLSLPreserveVariableLifetimes.cpp:
Modules/webgpu/WHLSL/WHLSLPropertyResolver.cpp:

(WebCore::WHLSL::wrapAnderCallArgument):
(WebCore::WHLSL::modify):
(WebCore::WHLSL::PropertyResolver::visit):

Modules/webgpu/WHLSL/WHLSLSynthesizeArrayOperatorLength.cpp:

(WebCore::WHLSL::synthesizeArrayOperatorLength):

Modules/webgpu/WHLSL/WHLSLSynthesizeConstructors.cpp:

(WebCore::WHLSL::synthesizeConstructors):

Modules/webgpu/WHLSL/WHLSLSynthesizeEnumerationFunctions.cpp:

(WebCore::WHLSL::synthesizeEnumerationFunctions):

Modules/webgpu/WHLSL/WHLSLSynthesizeStructureAccessors.cpp:

(WebCore::WHLSL::synthesizeStructureAccessors):

Source/WTF:

wtf/UniqueRef.h:

(WTF::UniqueRef::moveToUniquePtr): Added.

11:12 AM Changeset in webkit [247061] by Alan Coon

7 edits in tags/Safari-608.1.33/Source

Versioning.

11:08 AM Changeset in webkit [247060] by Alan Coon

1 copy in tags/Safari-608.1.33

Tag Safari-608.1.33.

11:00 AM Changeset in webkit [247059] by jer.noble@apple.com

11 edits in trunk

Pipe suport for 'cenc' init data type into CDMFairPlayStreaming
https://bugs.webkit.org/show_bug.cgi?id=199381
Source/WebCore:

Reviewed by Eric Carlson.

Expose the parsing of 'cenc' init data from InitDataRegistry, so it can be used in the
evaluation steps inside CDMFairPlayStreaming.

+ Add a new method, extractPsshBoxesFromCenc() which returns an optional array of

unique_ptrs to different types of ISOPSSHBoxes.

+ Add a peekScheme() method to ISOPSSHBox so that we can create the correct subclass

of ISOPSSHBox from the above method.

+ Remove an extra definition of fairPlaySystemID() from CDMFairPlayStreaming.
+ Add 'cenc' to the list of supported types in CDMPrivateFairPlayStreaming::vaildInitDataTypes().
+ Add support for 'cenc' in CDMPrivateFairPlayStreaming::supportsInitData().
+ Format the 'cenc' init data as an encodec-JSON structure for AVContentKeySession.
+ Update the ISOFairPlayStreamingKeyRequestInfoBox to be a ISOFullBox.
+ Update the box name of ISOFairPlayStreamingInitDataBox.

Modules/encryptedmedia/InitDataRegistry.cpp:

(WebCore::InitDataRegistry::extractPsshBoxesFromCenc):
(WebCore::InitDataRegistry::extractKeyIDsCenc):
(WebCore::InitDataRegistry::sanitizeCenc):
(WebCore::InitDataRegistry::cencName):
(WebCore::InitDataRegistry::keyidsName):
(WebCore::InitDataRegistry::webmName):
(WebCore::extractKeyIDsCenc): Deleted.
(WebCore::sanitizeCenc): Deleted.

Modules/encryptedmedia/InitDataRegistry.h:

(WebCore::SourceBuffer::changeType):

platform/graphics/avfoundation/CDMFairPlayStreaming.cpp:

(WebCore::validInitDataTypes):
(WebCore::CDMPrivateFairPlayStreaming::supportsInitData const):
(WebCore::CDMPrivateFairPlayStreaming::fairPlaySystemID): Deleted.

platform/graphics/avfoundation/CDMFairPlayStreaming.h:
platform/graphics/avfoundation/ISOFairPlayStreamingPsshBox.h:

(isType):

platform/graphics/avfoundation/objc/CDMInstanceFairPlayStreamingAVFObjC.mm:

(WebCore::CDMInstanceSessionFairPlayStreamingAVFObjC::requestLicense):

platform/graphics/iso/ISOProtectionSystemSpecificHeaderBox.cpp:

(WebCore::ISOProtectionSystemSpecificHeaderBox::peekSystemID):

platform/graphics/iso/ISOProtectionSystemSpecificHeaderBox.h:

Tools:

<rdar://problem/52483103>

Reviewed by Eric Carlson.

TestWebKitAPI/Tests/WebCore/ISOBox.cpp:

10:47 AM Changeset in webkit [247058] by Chris Dumez

9 edits in trunk/Source/WebKit

VisitedLinkStore does not need to subclass WebProcessLifetimeObserver
https://bugs.webkit.org/show_bug.cgi?id=199407

Reviewed by Sam Weinig.

VisitedLinkStore does not need to subclass WebProcessLifetimeObserver, it overrides
only 2 of WebProcessLifetimeObserver's functions and the implementation of those
overrides is empty. It also does not use WebProcessLifetimeObserver::processes()
since the VisitedLinkStore maintains its own list of processes.

UIProcess/API/mac/WKView.mm:
UIProcess/Automation/WebAutomationSession.cpp:
UIProcess/VisitedLinkStore.cpp:
UIProcess/VisitedLinkStore.h:
UIProcess/WebPageProxy.cpp:

(WebKit::m_resetRecentCrashCountTimer):

UIProcess/WebProcessPool.h:
UIProcess/WebsiteData/WebsiteDataStore.cpp:

10:37 AM Changeset in webkit [247057] by Chris Dumez

2 edits in trunk/Source/WebKit

Null dereference under StorageManager::destroySessionStorageNamespace()
https://bugs.webkit.org/show_bug.cgi?id=199388
<rdar://problem/52030641>

Reviewed by Youenn Fablet.

NetworkProcess/WebStorage/StorageManager.cpp:

(WebKit::StorageManager::createSessionStorageNamespace):
Call HashMap::ensure() instead of contains() + set() to avoid double hash lookup.

(WebKit::StorageManager::destroySessionStorageNamespace):
Add null check to address top crasher, similarly to what was done in r246552.
I am keeping the debug assertion since this is not supposed to happen.

10:23 AM Changeset in webkit [247056] by dbates@webkit.org

5 edits
4 adds in trunk

[iOS] Cannot tab cycle through credit card fields on antonsvpatisserie.com checkout page
https://bugs.webkit.org/show_bug.cgi?id=196053
<rdar://problem/49093034>

Reviewed by Wenson Hsieh.

Source/WebCore:

Remove the iOS override for isKeyboardFocusable() so that the focus controller allows
iframes to be keyboard focusable.

Tests: fast/events/ios/tab-cycle.html

fast/events/ios/tab-into-text-field-inside-iframe.html

html/HTMLIFrameElement.h:

Source/WebKit:

Allow iframes to be keyboard focusable when pressing the Tab key on the keyboard. This
also allow the that the focus controller to search their content document for other
editable elements. This makes iOS match the behavior on Mac.

Although iframes can be focused by pressing the Tab key we maintain the current UI
restriction on iOS of not allowing iframes themselves to be focusable via the next and
previous accessory bar buttons. We do this because it's unclear what value supporting
such focusing brings, but it's clear that doing so makes tab cycling more confusing
since the default focus appearance for an iframe is indistinguishable from its non-
focused appearance.

WebProcess/WebPage/ios/WebPageIOS.mm:

(WebKit::isAssistableElement): Do not consider an iframe as assistable.

LayoutTests:

Add some tests.

fast/events/ios/tab-cycle-expected.txt: Added.
fast/events/ios/tab-cycle.html: Added.
fast/events/ios/tab-into-text-field-inside-iframe-expected.txt: Added.
fast/events/ios/tab-into-text-field-inside-iframe.html: Added.

10:04 AM Changeset in webkit [247055] by dbates@webkit.org

7 edits in trunk

Left and right option key has Unidentified key identifier
https://bugs.webkit.org/show_bug.cgi?id=199392
<rdar://problem/52497604>

Reviewed by Wenson Hsieh.

Source/WebCore:

Fix up switch case for left Option key and add a case statement for the right Option key.

platform/ios/PlatformEventFactoryIOS.mm:

(WebCore::codeForKeyEvent):

LayoutTests:

Update test results.

fast/events/ios/key-events-comprehensive/key-events-control-option-expected.txt:
fast/events/ios/key-events-comprehensive/key-events-meta-option-expected.txt:
fast/events/ios/key-events-comprehensive/key-events-option-expected.txt:
fast/events/ios/key-events-comprehensive/key-events-option-shift-expected.txt:

9:18 AM Changeset in webkit [247054] by Devin Rousso

3 edits in trunk/Source/WebInspectorUI

Web Inspector: Elements: allow nodes to be copied and pasted
https://bugs.webkit.org/show_bug.cgi?id=199182

Reviewed by Matt Baker.

Copy is already supported, so there's nothing that needs to be done there.

Pasting is as simple as calling insertAdjacentHTML("afterend", ...) on the selected node.

UserInterface/Base/Main.js:

(WI.contentLoaded):
(WI._paste): Added.

UserInterface/Views/DOMTreeContentView.js:

(WI.DOMTreeContentView.prototype.handlePasteEvent): Added.

9:15 AM Changeset in webkit [247053] by Devin Rousso

12 edits in trunk/Source/WebInspectorUI

Web Inspector: DOM Debugger: descendant breakpoints should be able to be enabled/disabled/deleted from a collapsed parent
https://bugs.webkit.org/show_bug.cgi?id=199332

Reviewed by Matt Baker.

UserInterface/Controllers/DOMDebuggerManager.js:

(WI.DOMDebuggerManager.prototype.get domBreakpoints):
(WI.DOMDebuggerManager.prototype.domBreakpointsForNode):
(WI.DOMDebuggerManager.prototype.domBreakpointsInSubtree): Added.
(WI.DOMDebuggerManager.prototype.removeDOMBreakpoint):
(WI.DOMDebuggerManager.prototype._detachDOMBreakpoint):
(WI.DOMDebuggerManager.prototype._detachBreakpointsForFrame):
(WI.DOMDebuggerManager.prototype._speculativelyResolveDOMBreakpointsForURL):
(WI.DOMDebuggerManager.prototype._resolveDOMBreakpoint):
Provide a way of getting a "summary" array of DOMBreakpoints for all descendant nodes.
Rework the data structure for holding DOMBreakpoints to use a Multimap so no duplicates
can be added (it uses a Set instead of an Array).

UserInterface/Views/DOMTreeElement.js:

(WI.DOMTreeElement):
(WI.DOMTreeElement.prototype.get hasBreakpoint):
(WI.DOMTreeElement.prototype.set breakpointStatus):
(WI.DOMTreeElement.prototype.bindRevealDescendantBreakpointsMenuItemHandler): Added.
(WI.DOMTreeElement.prototype._subtreeBreakpointChanged): Added.
(WI.DOMTreeElement.prototype._updateBreakpointStatus):
(WI.DOMTreeElement.prototype._statusImageContextmenu):
(WI.DOMTreeElement.prototype.subtreeBreakpointCountDidChange): Deleted.

UserInterface/Views/DOMTreeOutline.js:

(WI.DOMTreeOutline.prototype.populateContextMenu):

UserInterface/Views/ContextMenuUtilities.js:

(WI.appendContextMenuItemsForDOMNode):
(WI.appendContextMenuItemsForDOMNodeBreakpoints):
Keep track of the actual descendant DOMNodeTreeElement that have breakpoints, rather than
just a count, so that the "Reveal Descendant Breakpoints" action is able to access them.
Change "Reveal Descendant Breakpoints" to reveal and select all descendant breakpoints
instead of just the first one.
Drive-by: don't remove specific (event) listener breakpoints when invoking the

"Delete Descendant Breakpoints" action, as that's not obvious from the UI.

UserInterface/Controllers/BreakpointPopoverController.js:

(WI.BreakpointPopoverController.prototype.appendContextMenuItems):

UserInterface/Views/DOMBreakpointTreeElement.js:

(WI.DOMBreakpointTreeElement.prototype.populateContextMenu):

UserInterface/Views/DOMNodeTreeElement.js:

(WI.DOMNodeTreeElement.prototype.populateContextMenu):

UserInterface/Views/EventBreakpointTreeElement.js:

(WI.EventBreakpointTreeElement.prototype.populateContextMenu):

UserInterface/Views/URLBreakpointTreeElement.js:

(WI.URLBreakpointTreeElement.prototype.populateContextMenu):
Remove the separator before "Delete Breakpoint" so all breakpoint actions are in the same section.

Localizations/en.lproj/localizedStrings.js:
UserInterface/Base/Multimap.js:

(Multimap.prototype.get size): Added.

9:14 AM Changeset in webkit [247052] by Matt Baker

2 edits in trunk/Source/WebInspectorUI

REGRESSION (r238563): Web Inspector: Selection is erratic when holding Up/Down on Network Table
https://bugs.webkit.org/show_bug.cgi?id=193841
<rdar://problem/47559124>

Reviewed by Devin Rousso.

Selecting and revealing a row after reloading Table data, but before the
layout that populates visible rows, could cause the Table to always be
scrolled so that the revealed row is first.

This patch fixes revealRow by calculating the position of the row being
revealed in the absence of its DOM element, so that the Table is only
scrolled when necessary.

UserInterface/Views/Table.js:

(WI.Table.prototype.revealRow):
(WI.Table.prototype._resizeColumnsAndFiller):
Drive-by fix: use realOffsetWidth for consistency.
(WI.Table.prototype._updateVisibleRows):
(WI.Table.prototype._calculateOffsetHeight):
(WI.Table.prototype._calculateScrollTop):

9:00 AM Changeset in webkit [247051] by aakash_jain@apple.com

2 edits in trunk/Tools

[ews-build] Update bot configuration for WPE and GTK
https://bugs.webkit.org/show_bug.cgi?id=199238

Reviewed by Michael Catanzaro.

BuildSlaveSupport/ews-build/config.json:

7:54 AM Changeset in webkit [247050] by Antti Koivisto

3 edits
2 adds in trunk

Crash when adding inline stylesheet to shadow tree in document with null base URL
https://bugs.webkit.org/show_bug.cgi?id=199400

Reviewed by Zalan Bujtas.

Source/WebCore:

We compute CSSParserContextHash for the inline stylesheet cache but that hits a nullptr crash
if the document happens to have null base URL (which is uncommon but possible).

Test: fast/shadow-dom/stylesheet-in-shadow-without-base-url-crash.html

css/parser/CSSParserContext.h:

(WebCore::CSSParserContextHash::hash):

Null check the base URL (like other strings), it is a valid case.

LayoutTests:

fast/shadow-dom/stylesheet-in-shadow-without-base-url-crash-expected.txt: Added.
fast/shadow-dom/stylesheet-in-shadow-without-base-url-crash.html: Added.

7:42 AM Changeset in webkit [247049] by aakash_jain@apple.com

3 edits in trunk/Tools

[ews-build] Make PrintConfiguration platform aware
https://bugs.webkit.org/show_bug.cgi?id=196657

Reviewed by Lucas Forschler.

BuildSlaveSupport/ews-build/steps.py:

(PrintConfiguration): Specified platform-specific command lists.
(PrintConfiguration.run): Override run method and specify platform specific commands.

BuildSlaveSupport/ews-build/steps_unittest.py: Added unit-tests.

6:54 AM Changeset in webkit [247048] by commit-queue@webkit.org

6 edits in trunk/Source/WebKit

[GTK] Support cancelling touchscreen back/forward gesture
https://bugs.webkit.org/show_bug.cgi?id=199401

Patch by Alexander Mikhaylenko <exalm7659@gmail.com> on 2019-07-02
Reviewed by Michael Catanzaro.

It should be possible to cancel the gesture when performing it on
touchscreen, for example, by moving pen too far from the screen.
Handle this case properly.

Only DragGesture in GestureController needs to handle this,
SwipeGesture simply won't emit the relevant event in this case.

UIProcess/API/gtk/WebKitWebViewBase.cpp:
UIProcess/ViewGestureController.h:
UIProcess/gtk/GestureController.cpp:

(WebKit::GestureController::DragGesture::cancelDrag):
(WebKit::GestureController::DragGesture::cancel):
(WebKit::GestureController::DragGesture::DragGesture):

UIProcess/gtk/GestureController.h:
UIProcess/gtk/ViewGestureControllerGtk.cpp:

(WebKit::ViewGestureController::platformTeardown):
(WebKit::ViewGestureController::cancelSwipe):

5:40 AM Changeset in webkit [247047] by commit-queue@webkit.org

2 edits in trunk/Source/JavaScriptCore

Fix typo in if/else block and remove dead assignment
https://bugs.webkit.org/show_bug.cgi?id=199352

Patch by Paulo Matos <pmatos@linki.tools> on 2019-07-02
Reviewed by Alexey Proskuryakov.

yarr/YarrPattern.cpp:

(JSC::Yarr::YarrPattern::dumpPattern): Fix typo in if/else block and remove dead assignment

2:17 AM Changeset in webkit [247046] by Carlos Garcia Campos

1 copy in releases/WebKitGTK/webkit-2.24.3

WebKitGTK 2.24.3

2:16 AM Changeset in webkit [247045] by Carlos Garcia Campos

4 edits in releases/WebKitGTK/webkit-2.24

Unreviewed. Update OptionsGTK.cmake and NEWS for 2.24.3 release

Source/cmake/OptionsGTK.cmake: Bump version numbers.

Source/WebKit:

gtk/NEWS: Add release notes for 2.24.3.

2:16 AM Changeset in webkit [247044] by Carlos Garcia Campos

8 edits in releases/WebKitGTK/webkit-2.24/Source

[GStreamer] Cannot play Bert's Bytes radio stream from http://radio.dos.nl/
https://bugs.webkit.org/show_bug.cgi?id=198376

Reviewed by Xabier Rodriguez-Calvar.

Source/WebCore:

The delayed startup was due to a mix of buffering feedback
messages not handled correctly by the player. We were handling
download and streaming buffering metrics without distinction.
Range requests (used for seeking) were also triggering on-disk
buffering in some cases. The buffering percentage estimation based
on network read position was not working either because uint64_t
division doesn't return a floating point value.

No new tests, existing media tests cover this patch.

platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

(WebCore::MediaPlayerPrivateGStreamer::commitLoad):
(WebCore::MediaPlayerPrivateGStreamer::play):
(WebCore::MediaPlayerPrivateGStreamer::handleMessage):
(WebCore::MediaPlayerPrivateGStreamer::processBufferingStats):
(WebCore::MediaPlayerPrivateGStreamer::updateBufferingStatus):
(WebCore::MediaPlayerPrivateGStreamer::fillTimerFired):
(WebCore::MediaPlayerPrivateGStreamer::maxTimeLoaded const):
(WebCore::MediaPlayerPrivateGStreamer::didLoadingProgress const):
(WebCore::MediaPlayerPrivateGStreamer::updateStates):
(WebCore::MediaPlayerPrivateGStreamer::updateDownloadBufferingFlag):
(WebCore::MediaPlayerPrivateGStreamer::setPreload):

platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:

(webkitWebSrcReset):

platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.h:

Source/WTF:

wtf/glib/GLibUtilities.h:

(enumToString): Utility function to get a string representation of of a GLib enum.

12:47 AM Changeset in webkit [247043] by Devin Rousso

46 edits in trunk/Source

Web Inspector: Debug: "Reset Web Inspector" should also clear the saved window size and attachment side
https://bugs.webkit.org/show_bug.cgi?id=198956

Reviewed by Matt Baker.

Source/WebCore:

inspector/InspectorFrontendClient.h:

inspector/InspectorFrontendClientLocal.h:
inspector/InspectorFrontendClientLocal.cpp:

(WebCore::InspectorFrontendClientLocal::Settings::deleteProperty): Added.
(WebCore::InspectorFrontendClientLocal::resetWindowState): Added.

inspector/InspectorFrontendHost.idl:
inspector/InspectorFrontendHost.h:
inspector/InspectorFrontendHost.cpp:

(WebCore::InspectorFrontendHost::reset): Added.

Source/WebInspectorUI:

UserInterface/Base/Main.js:

(WI.reset): Added.

UserInterface/Views/SettingsTabContentView.js:

(WI.SettingsTabContentView.prototype._createDebugSettingsView):

Source/WebKit:

UIProcess/WebPreferences.h:
UIProcess/WebPreferences.cpp:

(WebKit::WebPreferences::deleteKey): Added.

UIProcess/gtk/WebPreferencesGtk.cpp:

(WebKit::WebPreferences::platformDeleteKey): Added.

UIProcess/mac/WebPreferencesMac.mm:

(WebKit::WebPreferences::platformDeleteKey): Added.

UIProcess/wpe/WebPreferencesWPE.cpp:

(WebKit::WebPreferences::platformDeleteKey): Added.

UIProcess/win/WebPreferencesWin.cpp:

(WebKit::WebPreferences::platformDeleteKey): Added.

Shared/WebPreferencesStore.h:
Shared/WebPreferencesStore.cpp:

(WebKit::WebPreferencesStore::deleteKey): Added.

UIProcess/WebInspectorProxy.messages.in:
UIProcess/WebInspectorProxy.h:
UIProcess/WebInspectorProxy.cpp:

(WebKit::WebInspectorProxy::resetWindowState): Added.
(WebKit::WebInspectorProxy::platformResetWindowState): Added.

UIProcess/gtk/WebInspectorProxyGtk.cpp:

(WebKit::WebInspectorProxy::platformResetWindowState): Added.

UIProcess/mac/WebInspectorProxyMac.mm:

(WebKit::WebInspectorProxy::platformResetWindowState): Added.

UIProcess/wpe/WebInspectorProxyWPE.cpp:

(WebKit::WebInspectorProxy::platformResetWindowState): Added.

UIProcess/win/WebInspectorProxyWin.cpp:

(WebKit::WebInspectorProxy::platformResetWindowState): Added.

WebProcess/WebPage/WebInspectorUI.h:
WebProcess/WebPage/WebInspectorUI.cpp:

(WebKit::WebInspectorUI::resetWindowState): Added.

UIProcess/RemoteWebInspectorProxy.messages.in:
UIProcess/RemoteWebInspectorProxy.h:
UIProcess/RemoteWebInspectorProxy.cpp:

(WebKit::RemoteWebInspectorProxy::resetWindowState): Added.
(WebKit::RemoteWebInspectorProxy::platformResetWindowState): Added.

UIProcess/gtk/RemoteWebInspectorProxyGtk.cpp:

(WebKit::RemoteWebInspectorProxy::platformResetWindowState): Added.

UIProcess/mac/RemoteWebInspectorProxyMac.mm:

(WebKit::RemoteWebInspectorProxy::platformResetWindowState): Added.

UIProcess/win/RemoteWebInspectorProxyWin.cpp:

(WebKit::RemoteWebInspectorProxy::platformResetWindowState): Added.

WebProcess/WebPage/RemoteWebInspectorUI.h:
WebProcess/WebPage/RemoteWebInspectorUI.cpp:

(WebKit::RemoteWebInspectorUI::resetWindowState): Added.

Source/WebKitLegacy/cf:

WebCoreSupport/WebInspectorClientCF.cpp:

(deleteSetting): Added.
(WebInspectorClient::deleteInspectorStartsAttached): Added.
(WebInspectorClient::deleteInspectorAttachDisabled): Added.
(WebInspectorClient::createFrontendSettings):

Source/WebKitLegacy/ios:

WebCoreSupport/WebInspectorClientIOS.mm:

(WebInspectorFrontendClient::resetWindowState): Added.

Source/WebKitLegacy/mac:

WebCoreSupport/WebInspectorClient.h:
WebCoreSupport/WebInspectorClient.mm:

(WebInspectorFrontendClient::resetWindowState): Added.

Source/WebKitLegacy/win:

WebCoreSupport/WebInspectorClient.h:
WebCoreSupport/WebInspectorClient.cpp:

(WebInspectorFrontendClient::resetWindowState): Added.

12:09 AM Changeset in webkit [247042] by Devin Rousso

3 edits in trunk/Source/WebInspectorUI

Web Inspector: Audit: missing demo audits for WebInspectorAudit functions
https://bugs.webkit.org/show_bug.cgi?id=198719

Reviewed by Matt Baker.

Other than the LayoutTests, there's no way to see an example of the functionality of many of
the exposed WebInspectorAudit functions. There should be a demo audit for every exposed
function so they're more discoverable.

UserInterface/Controllers/AuditManager.js:

(WI.AuditManager.prototype._addDefaultTests):
(WI.AuditManager.prototype._addDefaultTests.removeWhitespace): Added.
Move all demo audit test functions to be actual JavaScript functions, which are then
stringified and stripped of unnecessary white-space.

Localizations/en.lproj/localizedStrings.js:

12:00 AM Changeset in webkit [247041] by keith_miller@apple.com

10 edits in trunk/Source

PACCage should first cage leaving PAC bits intact then authenticate
https://bugs.webkit.org/show_bug.cgi?id=199372

Reviewed by Saam Barati.

Source/bmalloc:

bmalloc/ProcessCheck.mm:

(bmalloc::shouldProcessUnconditionallyUseBmalloc):

Source/JavaScriptCore:

This ordering prevents someone from taking a signed pointer from
outside the gigacage and using it in a struct that expects a caged
pointer. Previously, the PACCaging just double checked that the PAC
bits were valid for the original pointer.

+---------------------------+
| | | |
| "PAC" | "base" | "offset" +----+
| | | | |
+---------------------------+ | Caging

| |
| |
| v
| +---------------------------+
| | | | |
| Bit Merge | 00000 | base | "offset" |
| | | | |
| +---------------------------+
| |
| |
v | Bit Merge

+---------------------------+ |
| | | | |
| "PAC" | base | "offset" +<--------+
| | | |
+---------------------------+

|
|
| Authenticate
|
v

+---------------------------+
| | | |
| Auth | base | "offset" |
| | | |
+---------------------------+

The above ascii art graph shows how the PACCage system works. The
key take away is that even if someone passes in a valid, signed
pointer outside the cage it will still fail to authenticate as the
"base" bits will change before authentication.

assembler/MacroAssemblerARM64E.h:
assembler/testmasm.cpp:

(JSC::testCagePreservesPACFailureBit):

ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::caged):

jit/AssemblyHelpers.h:

(JSC::AssemblyHelpers::cageConditionally):

llint/LowLevelInterpreter64.asm:

Source/WTF:

wtf/CagedPtr.h:

(WTF::CagedPtr::get const):
(WTF::CagedPtr::getMayBeNull const):
(WTF::CagedPtr::mergePointers):

Jul 1, 2019:

11:42 PM Changeset in webkit [247040] by bshafiei@apple.com

5 edits in branches/safari-607.3.1.2-branch/Source/JavaScriptCore

Cherry-pick r246801. rdar://problem/52505032

Structure::create should call didBecomePrototype()
https://bugs.webkit.org/show_bug.cgi?id=196315

Reviewed by Filip Pizlo.

Structure::create should also assert that the indexing type makes sense
for the prototype being used.

runtime/JSObject.h:
runtime/Structure.cpp: (JSC::Structure::isValidPrototype): (JSC::Structure::changePrototypeTransition):
runtime/Structure.h: (JSC::Structure::create): Deleted.
runtime/StructureInlines.h: (JSC::Structure::create): (JSC::Structure::setPrototypeWithoutTransition):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@246801 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:35 PM Changeset in webkit [247039] by bshafiei@apple.com

7 edits in branches/safari-607.3.1.2-branch/Source

Versioning.

11:30 PM Changeset in webkit [247038] by bshafiei@apple.com

5 edits in branches/safari-607-branch/Source/JavaScriptCore

Cherry-pick r246801. rdar://problem/52505041

Structure::create should call didBecomePrototype()
https://bugs.webkit.org/show_bug.cgi?id=196315

Reviewed by Filip Pizlo.

Structure::create should also assert that the indexing type makes sense
for the prototype being used.

runtime/JSObject.h:
runtime/Structure.cpp: (JSC::Structure::isValidPrototype): (JSC::Structure::changePrototypeTransition):
runtime/Structure.h: (JSC::Structure::create): Deleted.
runtime/StructureInlines.h: (JSC::Structure::create): (JSC::Structure::setPrototypeWithoutTransition):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@246801 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:55 PM Changeset in webkit [247037] by bshafiei@apple.com

7 edits in branches/safari-607-branch/Source

Versioning.

10:14 PM Changeset in webkit [247036] by Justin Michaud

19 edits in trunk

[Wasm-References] Disable references by default
https://bugs.webkit.org/show_bug.cgi?id=199390

Reviewed by Saam Barati.

JSTests:

wasm/references-spec-tests/ref_is_null.js:
wasm/references-spec-tests/ref_null.js:
wasm/references/anyref_globals.js:
wasm/references/anyref_modules.js:
wasm/references/anyref_table.js:
wasm/references/anyref_table_import.js:
wasm/references/element_parsing.js:
wasm/references/func_ref.js:
wasm/references/is_null.js:
wasm/references/multitable.js:
wasm/references/table_misc.js:
wasm/references/validation.js:

Source/JavaScriptCore:

runtime/Options.h:

Tools:

Scripts/run-jsc-stress-tests:

LayoutTests:

workers/wasm-references.html:

10:10 PM Changeset in webkit [247035] by Alan Bujtas

2 edits in trunk/Source/WebCore

[Text autosizing] [iPadOS] AutosizeStatus::idempotentTextSize returns the computed font size in certain cases.
https://bugs.webkit.org/show_bug.cgi?id=199382
<rdar://problem/52483097>

Reviewed by Wenson Hsieh.

Adjust the font size on the style only when the autosized value is different from the computed value.

css/StyleResolver.cpp:

(WebCore::StyleResolver::adjustRenderStyleForTextAutosizing):

9:34 PM Changeset in webkit [247034] by jh718.park@samsung.com

2 edits in trunk/Tools

Unreviewed. Revert r246965 to fix build break
since r247019 reverted its related changes.

WebKitTestRunner/InjectedBundle/atk/AccessibilityUIElementAtk.cpp:

(WTR::AccessibilityUIElement::popupValue const): Deleted.

6:17 PM Changeset in webkit [247033] by Devin Rousso

17 edits in trunk

Web Inspector: REGRESSION(r245498): Timelines: CPU: discontinuities are filled in by the next record
https://bugs.webkit.org/show_bug.cgi?id=198927

Reviewed by Matt Baker.

Source/WebInspectorUI:

UserInterface/Controllers/TimelineManager.js:

(WI.TimelineManager.prototype.capturingStarted):
(WI.TimelineManager.prototype.capturingStopped):

UserInterface/Models/TimelineRecording.js:

(WI.TimelineRecording):
(WI.TimelineRecording.prototype.start):
(WI.TimelineRecording.prototype.capturingStarted): Added.
(WI.TimelineRecording.prototype.capturingStopped): Added.
(WI.TimelineRecording.prototype.reset):
(WI.TimelineRecording.prototype.addRecord):
(WI.TimelineRecording.prototype.discontinuitiesInTimeRange):
(WI.TimelineRecording.prototype.addDiscontinuity): Deleted.
Notify the TimelineRecording when capturing has started/stopped.
Adjust the first record after a discontinuity to have it's startTime match the endTime
of the most recent discontinuity.

UserInterface/Models/Timeline.js:

(WI.Timeline.prototype.addRecord):

UserInterface/Models/CPUTimeline.js:

(WI.CPUTimeline.prototype.addRecord):

UserInterface/Models/CPUTimelineRecord.js:

(WI.CPUTimelineRecord.prototype.adjustStartTime): Added.
(WI.CPUTimelineRecord.prototype.adjustStartTimeToLastRecord): Deleted.

UserInterface/Models/MemoryTimeline.js:

(WI.MemoryTimeline.prototype.addRecord):

UserInterface/Models/MemoryTimelineRecord.js:

(WI.MemoryTimelineRecord.prototype.adjustStartTime): Added.
(WI.MemoryTimelineRecord.prototype.adjustStartTimeToLastRecord): Deleted.

UserInterface/Models/NetworkTimeline.js:

(WI.NetworkTimeline.prototype.addRecord):

UserInterface/Views/CPUTimelineView.js:

(WI.CPUTimelineView.prototype.layout):

UserInterface/Views/MemoryTimelineOverviewGraph.js:

(WI.MemoryTimelineOverviewGraph.prototype.layout):

UserInterface/Views/MemoryTimelineView.js:

(WI.MemoryTimelineView.prototype.layout):
Include discontinuities that exactly match the start/end time of the record immediately
before/after the discontinuity.

UserInterface/Views/TimelineRecordingContentView.js:

(WI.TimelineRecordingContentView):
(WI.TimelineRecordingContentView.prototype._handleTimelineCapturingStateChanged):
(WI.TimelineRecordingContentView.prototype._recordingReset):
Move the logic for handling discontinuity start/end times to the TimelineRecording.

UserInterface/Base/Utilities.js:

LayoutTests:

inspector/unit-tests/set-utilities.html:
inspector/unit-tests/set-utilities-expected.txt:

5:23 PM Changeset in webkit [247032] by Alan Coon

30 edits
4 adds
4 deletes in branches/safari-607-branch

Cherry-pick r244621. rdar://problem/52492610

PeatyG: Re-land fixes for 3 PeatyF Security Critical that accidentally got reverted in G.

git-svn-id: https://svn.webkit.org/repository/webkit/branches/safari-607-branch@244621 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4:45 PM Changeset in webkit [247031] by Truitt Savell

2 edits in trunk/LayoutTests

Layout Test imported/blink/fast/multicol/span/overflow-on-viewport.html is flaky.
https://bugs.webkit.org/show_bug.cgi?id=199387

Unreviewed Test Gardening.

Patch by Russell Epstein <russell_e@apple.com> on 2019-07-01

platform/ios-wk2/TestExpectations:

3:32 PM Changeset in webkit [247030] by Wenson Hsieh

2 edits in trunk/LayoutTests

[iOS 13] editing/selection/ios/dispatch-mouse-events-when-modifying-selection-quirk.html fails on trunk
https://bugs.webkit.org/show_bug.cgi?id=199384

Reviewed by Tim Horton.

Adjust this test to show the callout menu by tapping on the caret rect, rather than the center of the editable
area. Currently, tapping the center of the editable area twice results in a double tap, which fails to trigger
the callout bar.

editing/selection/ios/dispatch-mouse-events-when-modifying-selection-quirk.html:

3:27 PM Changeset in webkit [247029] by Chris Dumez

3 edits in trunk/Source/WebKit

Remove virtual functions on WebProcessLifetimeObserver that are unused after r245540
https://bugs.webkit.org/show_bug.cgi?id=199383

Reviewed by Alex Christensen.

UIProcess/WebProcessLifetimeObserver.h:

(WebKit::WebProcessLifetimeObserver::webProcessDidCloseConnection):

UIProcess/WebProcessLifetimeTracker.cpp:

(WebKit::WebProcessLifetimeTracker::addObserver):
(WebKit::WebProcessLifetimeTracker::pageWasInvalidated):

3:16 PM Changeset in webkit [247028] by Chris Dumez

2 edits in trunk/Source/WebKit

StorageManager::SessionStorageNamespace::allowedConnections() should not copy the HashSet
https://bugs.webkit.org/show_bug.cgi?id=199379

Reviewed by Alex Christensen.

This was pretty inefficient.

NetworkProcess/WebStorage/StorageManager.cpp:

(WebKit::StorageManager::SessionStorageNamespace::allowedConnections const):

3:10 PM Changeset in webkit [247027] by Wenson Hsieh

3 edits in trunk/Source/WebKit

[iOS] REGRESSION (r246757): Unable to select non-editable text in subframes
https://bugs.webkit.org/show_bug.cgi?id=199366
<rdar://problem/52460509>

Reviewed by Tim Horton.

r246757 removed logic in selectionPositionInformation responsible for setting the focused frame when handling a
position information request. As the FIXME formerly in InteractionInformationRequest.h alluded to, text
selection gestures on iOS were dependent on this behavior when selecting text in subframes, since text selection
helpers in WebPageIOS.mm assume that the focused frame already contains the selection being set.

Rather than calling setFocusedFrame when requesting position information, we can fix this by making
WebPage::selectWithGesture and WebPage::selectTextWithGranularityAtPoint both set the focused frame if needed
before extending or moving text selections.

Covered by layout tests that began to fail after r246757:

editing/selection/ios/selection-handles-in-iframe.html
editing/selection/ios/selection-handle-clamping-in-iframe.html

WebProcess/WebPage/WebPage.h:
WebProcess/WebPage/ios/WebPageIOS.mm:

(WebKit::WebPage::selectWithGesture):

Only call the new helper method, setFocusedFrameBeforeSelectingTextAtLocation, at the start of the gesture.

(WebKit::WebPage::setFocusedFrameBeforeSelectingTextAtLocation):
(WebKit::WebPage::selectTextWithGranularityAtPoint):

3:07 PM Changeset in webkit [247026] by commit-queue@webkit.org

7 edits in trunk

Add new decidePolicyForNavigationAction SPI with preferences and userInfo
https://bugs.webkit.org/show_bug.cgi?id=199371
<rdar://problem/52352905>

Patch by Alex Christensen <achristensen@webkit.org> on 2019-07-01
Reviewed by Tim Horton.

Source/WebKit:

Also deprecate some older SPI so we may someday clean up this mess.

UIProcess/API/Cocoa/WKNavigationDelegatePrivate.h:
UIProcess/Cocoa/NavigationState.h:
UIProcess/Cocoa/NavigationState.mm:

(WebKit::NavigationState::setNavigationDelegate):
(WebKit::NavigationState::NavigationClient::decidePolicyForNavigationAction):
(WebKit::NavigationState::NavigationClient::shouldBypassContentModeSafeguards const):

Tools:

TestWebKitAPI/Tests/WebKitCocoa/Navigation.mm:

(-[NavigationActionSPIDelegate webView:didFinishNavigation:]):
(-[NavigationActionSPIDelegate _webView:decidePolicyForNavigationAction:preferences:userInfo:decisionHandler:]):
(-[NavigationActionSPIDelegate spiCalled]):
(TEST):

2:55 PM Changeset in webkit [247025] by Chris Dumez

4 edits
4 adds in trunk

It should not be possible to trigger a load while in the middle of restoring a page in PageCache
https://bugs.webkit.org/show_bug.cgi?id=199190
<rdar://problem/52114552>

Reviewed by Brady Eidson.

Source/WebCore:

Test: http/tests/security/navigate-when-restoring-cached-page.html

history/CachedFrame.cpp:

(WebCore::CachedFrame::open):
Stop attaching the cached document before calling FrameLoader::open() given that the previous document
is still attached to the frame at this point. This avoids having 2 documents attached to the same frame
during a short period of time.

loader/FrameLoader.cpp:

(WebCore::FrameLoader::open):
We now attach the cached document to the frame *after* calling FrameLoader::clear(), which means that
the previous document now has been detached from this frame.

(WebCore::FrameLoader::detachChildren):
As per the HTML specification [1], an attempt to navigate should fail if the prompt to unload algorithm
is being run for the active document of browsingContext. Note that the "prompt to unload" algorithm [2]
includes firing the 'unload' event in the current document and in all the documents in the subframes.
As a result, FrameLoader::detachChildren() is the right prevent such navigations. We were actually trying
to do this via the SubframeLoadingDisabler stack variable inside detachChildren(). The issue is that this
only prevents navigation in the subframes (i.e. <iframe> elements), not the main frame. As a result,
script would be able to navigate the top-frame even though detachChildren() is being called on the top
frame. To address the issue, I now create a NavigationDisabler variable in the scope of detachChildren()
when detachChildren() is called on the top frame. NavigationDisabler prevents all navigations within the
page, including navigations on the main/top frame.

[1] https://html.spec.whatwg.org/multipage/browsing-the-web.html#navigate
[2] https://html.spec.whatwg.org/multipage/browsing-the-web.html#prompt-to-unload-a-document

LayoutTests:

Add layout test coverage.

http/tests/security/navigate-when-restoring-cached-page-expected.txt: Added.
http/tests/security/navigate-when-restoring-cached-page.html: Added.
http/tests/security/resources/navigate-when-restoring-cached-page-frame.html: Added.
http/tests/security/resources/navigate-when-restoring-cached-page-victim.html: Added.

2:25 PM Changeset in webkit [247024] by Truitt Savell

15 edits in trunk

Unreviewed, rolling out r246844.

Broke 12 tests in imported/w3c/web-platform-
tests/pointerevents/

Reverted changeset:

"[Pointer Events] Respect pointer capture when dispatching
mouse boundary events and updating :hover"
https://bugs.webkit.org/show_bug.cgi?id=198999
https://trac.webkit.org/changeset/246844

2:23 PM Changeset in webkit [247023] by Truitt Savell

2 edits in trunk/Source/WebCore

Unreviewed, rolling out r246849.

12 tests broken in r246844 require this to be rolled out.

Reverted changeset:

"[Pointer Events] Respect pointer capture when dispatching
mouse boundary events and updating :hover"
https://bugs.webkit.org/show_bug.cgi?id=198999
https://trac.webkit.org/changeset/246849

2:17 PM Changeset in webkit [247022] by commit-queue@webkit.org

5 edits in trunk

Source/WebKit:
Deprecate but still call _webView:showCustomSheetForElement: after transition to UIContextMenuInteraction
https://bugs.webkit.org/show_bug.cgi?id=199296
<rdar://problem/51041960>

Patch by Alex Christensen <achristensen@webkit.org> on 2019-07-01
Reviewed by Darin Adler.

UIProcess/API/Cocoa/WKUIDelegatePrivate.h:
UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView _showAttachmentSheet]):
(-[WKContentView actionSheetAssistant:showCustomSheetForElement:]):
(-[WKContentView continueContextMenuInteraction:]):

Tools:
Deprecate _webView:showCustomSheetForElement: after transition to UIContextMenuInteraction
https://bugs.webkit.org/show_bug.cgi?id=199296
<rdar://problem/51041960>

Patch by Alex Christensen <achristensen@webkit.org> on 2019-07-01
Reviewed by Darin Adler.

TestWebKitAPI/ios/DragAndDropSimulatorIOS.mm:

(-[DragAndDropSimulator _webView:showCustomSheetForElement:]):

2:11 PM Changeset in webkit [247021] by commit-queue@webkit.org

2 edits in trunk/Source/WebCore

Null check provisionalItem in FrameLoader::continueLoadAfterNavigationPolicy
https://bugs.webkit.org/show_bug.cgi?id=199327
<rdar://problem/48262384>

Patch by Alex Christensen <achristensen@webkit.org> on 2019-07-01
Reviewed by Darin Adler.

loader/FrameLoader.cpp:

(WebCore::FrameLoader::continueLoadAfterNavigationPolicy):
Sometimes provisionalItem is null. Let's not crash.

2:11 PM Changeset in webkit [247020] by commit-queue@webkit.org

2 edits in trunk/Source/WebKit

Add main thread assertions in sendWithAsyncReply code
https://bugs.webkit.org/show_bug.cgi?id=199324

Patch by Alex Christensen <achristensen@webkit.org> on 2019-07-01
Reviewed by Sam Weinig.

sendWithAsyncReply can only be used on the main thread because
the CompletionHandler will be called on the main thread, and if it's
called from a background thread, then HashMap corruption will likely happen.
Add assertions to alert developers that they should only call sendWithAsyncReply
from the main thread.

This is responding to good feedback from r237294

Platform/IPC/Connection.cpp:

(IPC::asyncReplyHandlerMap):
(IPC::nextAsyncReplyHandlerID):
(IPC::addAsyncReplyHandler):
(IPC::clearAsyncReplyHandlers):
(IPC::CompletionHandler<void):

2:07 PM Changeset in webkit [247019] by Truitt Savell

23 edits in trunk

Unreviewed, rolling out r246958.

Broke inspector/dom/getAccessibilityPropertiesForNode.html

Reverted changeset:

"Enhance support of aria-haspopup per ARIA 1.1 specification."
https://bugs.webkit.org/show_bug.cgi?id=199216
https://trac.webkit.org/changeset/246958

1:52 PM Changeset in webkit [247018] by eric.carlson@apple.com

3 edits
2 adds in trunk

[iOS] Exiting from fullscreen scrolls to top of page
https://bugs.webkit.org/show_bug.cgi?id=199338
<rdar://problem/51273017>

Reviewed by Jer Noble.

Source/WebKit:

UIProcess/ios/fullscreen/WKFullScreenWindowControllerIOS.mm:

(-[WKFullScreenWindowController _completedExitFullScreen]): Restore scroll position.
Hide window after restoring scroll position.
(-[WKFullScreenWindowController _exitFullscreenImmediately]): Drive-by fix: remove code
already also done in _completedExitFullScreen.

LayoutTests:

fullscreen/fullscreen-restore-scroll-position-expected.txt: Added.
fullscreen/fullscreen-restore-scroll-position.html: Added.

1:29 PM Changeset in webkit [247017] by beidson@apple.com

6 edits in trunk/Source/WebCore

More judiciously handle clearing/creation of DOMWindows for new Documents.
<rdar://problem/51665406> and https://bugs.webkit.org/show_bug.cgi?id=198786

Reviewed by Chris Dumez.

bindings/js/ScriptController.cpp:

(WebCore::ScriptController::executeIfJavaScriptURL):

loader/DocumentWriter.cpp:

(WebCore::DocumentWriter::replaceDocumentWithResultOfExecutingJavascriptURL): Rename for clarity.
(WebCore::DocumentWriter::begin): Handle DOMWindow taking/creation inside FrameLoader::clear via a lambda.
(WebCore::DocumentWriter::replaceDocument): Deleted.

loader/DocumentWriter.h:

loader/FrameLoader.cpp:

(WebCore::FrameLoader::clear): Take a "handleDOMWindowCreation" lambda to run after clearing the previous document.

loader/FrameLoader.h:

1:14 PM Changeset in webkit [247016] by Truitt Savell

2 edits in trunk/LayoutTests

Layout Test imported/mozilla/svg/text/selectSubString.svg is flaky.
https://bugs.webkit.org/show_bug.cgi?id=199370

Unreviewed Test Gardening.

Patch by Russell Epstein <russell_e@apple.com> on 2019-07-01

platform/ios-wk2/TestExpectations:

12:57 PM Changeset in webkit [247015] by Alan Bujtas

7 edits
2 adds in trunk

Source/WebCore:
[iPadOS] Tapping on the bottom part of youtube video behaves as if controls were visible
https://bugs.webkit.org/show_bug.cgi?id=199349
<rdar://problem/51955744>

Reviewed by Simon Fraser.

Synthetic click event should not be dispatched to a node that is initially hidden (by opacity: 0) and becomes visible by the touchStart event.
While this behaves different from macOS where opacity: 0; content is "clickable", it impoves usability on certain sites like YouTube.com.

Test: fast/events/touch/ios/content-observation/opacity-change-happens-on-touchstart-with-transition2.html

dom/Node.cpp:

(WebCore::Node::defaultEventHandler):

page/ios/ContentChangeObserver.cpp:

(WebCore::ContentChangeObserver::isConsideredHidden):
(WebCore::ContentChangeObserver::reset):
(WebCore::isConsideredHidden): Deleted.

page/ios/ContentChangeObserver.h:

(WebCore::ContentChangeObserver::setHiddenTouchTarget):
(WebCore::ContentChangeObserver::resetHiddenTouchTarget):
(WebCore::ContentChangeObserver::hiddenTouchTarget const):

Source/WebKit:
Tapping on the bottom part of youtube video behaves as if controls were visible
https://bugs.webkit.org/show_bug.cgi?id=199349
<rdar://problem/51955744>

Reviewed by Simon Fraser.

WebProcess/WebPage/WebPage.cpp:

(WebKit::handleTouchEvent):

WebProcess/WebPage/WebPage.h:
WebProcess/WebPage/ios/WebPageIOS.mm:

(WebKit::WebPage::handleSyntheticClick):
(WebKit::WebPage::completePendingSyntheticClickForContentChangeObserver):
(WebKit::WebPage::completeSyntheticClick):
(WebKit::WebPage::potentialTapAtPosition):

LayoutTests:
Tapping on the bottom part of youtube video behaves as if controls were visible
https://bugs.webkit.org/show_bug.cgi?id=199349
<rdar://problem/51955744>

Reviewed by Simon Fraser.

fast/events/touch/ios/content-observation/opacity-change-happens-on-touchstart-with-transition2-expected.txt: Added.
fast/events/touch/ios/content-observation/opacity-change-happens-on-touchstart-with-transition2.html: Added.

12:32 PM Changeset in webkit [247014] by Brent Fulgham

11 edits
2 adds in trunk

[FTW] Build WebCore
https://bugs.webkit.org/show_bug.cgi?id=199199

Reviewed by Don Olmstead.

Establish a set of build options for the FTW port, based on the current WinCairo
feature set. I also note which features should be turned on, but aren't yet, as
well as which features are disabled due to lack of WebGL and Media support in
the current build.

Source/cmake/OptionsFTW.cmake:

Source/WebCore:

Make some minor corrections needed to get FTW WebCore to build and link.

PlatformFTW.cmake: Added.
platform/graphics/win/GlyphPageTreeNodeDirect2D.cpp:

(WebCore::GlyphPage::fill):

platform/graphics/win/GraphicsContextDirect2D.cpp:

(WebCore::GraphicsContext::setURLForRect):

platform/graphics/win/PatternDirect2D.cpp:
platform/graphics/win/SimpleFontDataDirect2D.cpp:
platform/image-decoders/ScalableImageDecoder.cpp:

(WebCore::ScalableImageDecoder::setTargetContext): Added stub.

platform/image-decoders/ScalableImageDecoder.h:
platform/network/curl/CookieJarDB.cpp:

(WebCore::CookieJarDB::hasCookies):
(WebCore::CookieJarDB::canAcceptCookie):

Source/WebCore/PAL:

pal/PlatformFTW.cmake: Added.

11:14 AM Changeset in webkit [247013] by Wenson Hsieh

6 edits
2 adds in trunk

iOS: REGRESSION(async scroll): Caret doesn't scroll when scrolling textarea
https://bugs.webkit.org/show_bug.cgi?id=198217
<rdar://problem/51097296>

Reviewed by Simon Fraser.

Source/WebCore:

Add a ScrollingLayerPositionAction argument to ScrollingTreeScrollingNode::wasScrolledByDelegatedScrolling, and
avoid bailing early in the case where ScrollingLayerPositionAction::Set is used. See the WebKit ChangeLog for
more detail.

Test: editing/selection/ios/update-selection-after-overflow-scroll.html

page/scrolling/ScrollingTreeScrollingNode.cpp:

(WebCore::ScrollingTreeScrollingNode::wasScrolledByDelegatedScrolling):

page/scrolling/ScrollingTreeScrollingNode.h:

Source/WebKit:

In iOS 12, when scrolling a text selection in an fast-scrolling container, editor state updates are scheduled
under AsyncScrollingCoordinator::updateScrollPositionAfterAsyncScroll after the end of the scrolling gesture,
when the scrolling layer action is ScrollingLayerPositionAction::Set. This is no longer the case in iOS 13,
because we now bail in ScrollingTreeScrollingNode::wasScrolledByDelegatedScrolling after scroll deceleration
finishes since the scroll position didn't end up changing. Additionally, we no longer use
ScrollingLayerPositionAction::Set in the case where scrolling finished decelerating, since
ScrollingTreeScrollingNodeDelegateIOS::scrollViewDidScroll no longer uses to value of inUserInteraction to
determine whether to Set or Sync scrolling layer positions.

To restore iOS 12 behavior, ensure that we send a scrolling tree update using ScrollingLayerPositionAction::Set
after scrolling ends.

UIProcess/RemoteLayerTree/ios/ScrollingTreeScrollingNodeDelegateIOS.mm:

(WebKit::ScrollingTreeScrollingNodeDelegateIOS::scrollViewDidScroll):

LayoutTests:

Add a new layout test to check that the text selection views are updated after scrolling in a fast overflow
scrolling container.

editing/selection/ios/update-selection-after-overflow-scroll-expected.txt: Added.
editing/selection/ios/update-selection-after-overflow-scroll.html: Added.

11:09 AM Changeset in webkit [247012] by Antti Koivisto

3 edits in trunk/Source/WebCore

REGRESSION(r240047): Overflow scrollers on WK1 fail to update their content size when it changes
https://bugs.webkit.org/show_bug.cgi?id=199360
<rdar://problem/51643386>

Reviewed by Simon Fraser.

r240047 replaced didCommitChangesForLayer() mechanism by a more narrow didChangePlatformLayerForLayer.
Unfortunately on WK1 we relied on scroll layers being invalidated after every size (and scrollbar) change.
Without this invalidation we don't call WebChromeClientIOS::addOrUpdateScrollingLayer and the UIKit delegate
that resizes the UIScrollView content.

Fix by removing the scroll layer invalidation mechanism from LegacyWebKitScrollingLayerCoordinator completely and instead
simply update all scroll layers after commit. The UIKit delegate doesn't do any significant work if nothing changes,
this was not a very meaninful optimization.

rendering/RenderLayerCompositor.cpp:

(WebCore::RenderLayerCompositor::updateScrollCoordinatedLayersAfterFlush):

Update all scroll layers after flush (similar to viewport constrained layers).

(WebCore::RenderLayerCompositor::didChangePlatformLayerForLayer):
(WebCore::LegacyWebKitScrollingLayerCoordinator::updateScrollingLayer):
(WebCore::LegacyWebKitScrollingLayerCoordinator::addScrollingLayer):
(WebCore::LegacyWebKitScrollingLayerCoordinator::removeScrollingLayer):
(WebCore::LegacyWebKitScrollingLayerCoordinator::registerScrollingLayersNeedingUpdate): Deleted.
(WebCore::LegacyWebKitScrollingLayerCoordinator::didChangePlatformLayerForLayer): Deleted.

rendering/RenderLayerCompositor.h:

9:59 AM Changeset in webkit [247011] by Ryan Haddad

8 edits
3 deletes in trunk

Unreviewed, rolling out r246946.

Caused JSC test crashes on arm64

Reverted changeset:

"Add b3 macro lowering for CheckMul on arm64"
https://bugs.webkit.org/show_bug.cgi?id=199251
https://trac.webkit.org/changeset/246946

9:57 AM Changeset in webkit [247010] by Philippe Normand

8 edits in trunk/Source

[GStreamer] Cannot play Bert's Bytes radio stream from http://radio.dos.nl/
https://bugs.webkit.org/show_bug.cgi?id=198376

Reviewed by Xabier Rodriguez-Calvar.

Source/WebCore:

No new tests, existing media tests cover this patch.

platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:

(webkitWebSrcReset):

platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.h:

Source/WTF:

wtf/glib/GLibUtilities.h:

(enumToString): Utility function to get a string representation of of a GLib enum.

8:34 AM Changeset in webkit [247009] by pvollan@apple.com

2 edits in trunk/Source/WebKit

Perform less work when a pre-warmed WebProcess is suspended or resumed.
https://bugs.webkit.org/show_bug.cgi?id=199195

Reviewed by Darin Adler.

Return early from WebProcess::actualPrepareToSuspend and WebProcess::processDidResume
if this is a pre-warmed process. This is a confirmed improvement in page load time.

WebProcess/WebProcess.cpp:

(WebKit::WebProcess::actualPrepareToSuspend):
(WebKit::WebProcess::cancelPrepareToSuspend):
(WebKit::WebProcess::processDidResume):

6:45 AM Changeset in webkit [247008] by Carlos Garcia Campos

3 edits in releases/WebKitGTK/webkit-2.24/Source/WebCore

Merge r247007 - REGRESSION(r246963) GTK's debug build is broken
https://bugs.webkit.org/show_bug.cgi?id=199358

Reviewed by Michael Catanzaro.

Add traits to be able to downcast AnimatedBackingStoreClient.

platform/graphics/nicosia/NicosiaAnimatedBackingStoreClient.h:

(Nicosia::AnimatedBackingStoreClient::AnimatedBackingStoreClient):
(Nicosia::AnimatedBackingStoreClient::type const):

platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:

(WebCore::CoordinatedGraphicsLayer::updateContentBuffers):

6:42 AM Changeset in webkit [247007] by magomez@igalia.com

3 edits in trunk/Source/WebCore

REGRESSION(r246963) GTK's debug build is broken
https://bugs.webkit.org/show_bug.cgi?id=199358

Reviewed by Michael Catanzaro.

Add traits to be able to downcast AnimatedBackingStoreClient.

platform/graphics/nicosia/NicosiaAnimatedBackingStoreClient.h:

(Nicosia::AnimatedBackingStoreClient::AnimatedBackingStoreClient):
(Nicosia::AnimatedBackingStoreClient::type const):

platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:

(WebCore::CoordinatedGraphicsLayer::updateContentBuffers):

6:04 AM Changeset in webkit [247006] by Carlos Garcia Campos

2 edits in releases/WebKitGTK/webkit-2.24/Source/WebCore

Merge r247005 - Unreviewed. Fix GTK build with GSTREAMER_GL disabled after r246710

platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:

5:10 AM Changeset in webkit [247005] by Carlos Garcia Campos

2 edits in trunk/Source/WebCore

Unreviewed. Fix GTK build with GSTREAMER_GL disabled after r246710

platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:

4:04 AM Changeset in webkit [247004] by Carlos Garcia Campos

5 edits
1 add in releases/WebKitGTK/webkit-2.24

Merge r246740 - ArraySlice needs to keep the source array alive.
https://bugs.webkit.org/show_bug.cgi?id=197374
<rdar://problem/50304429>

Reviewed by Michael Saboff and Filip Pizlo.

JSTests:

stress/array-slice-must-keep-source-array-alive.js: Added.

Source/JavaScriptCore:

The implementation of the FTL ArraySlice intrinsics may GC while allocating the
result array and its butterfly. Previously, ArraySlice already keeps the source
butterfly alive in order to copy from it to the new butterfly after the allocation.
Unfortunately, this is not enough. We also need to keep the source array alive
so that GC will scan the values in the butterfly as well. Note: the butterfly
does not have a visitChildren() method to do this scan. It's the parent object's
responsibility to do the scanning.

This patch fixes this by introducing a keepAlive() utility method, and we use it
to keep the source array alive while allocating the result array and butterfly.

keepAlive() works by using a patchpoint to communicate to B3 that a value (the
source array in this case) is still in use. It also uses a fence to keep B3 from
relocating the patchpoint, which may defeat the fix.

For the DFG's SpeculativeJIT::compileArraySlice(), we may have lucked out and the
source array cell is kept alive. This patch makes it explicit that we should
keep its cell alive till after the result array has been allocated.

For the Baseline JIT and LLInt, we use the arrayProtoFuncSlice() runtime function
and there is no issue because the source array (in "thisObj") is in the element
copying loop that follows the allocation of the result array. However, for
documentation purposes, this patch adds a call to HeapCell::use() to indicate that
the source array need to kept alive at least until after the allocation of the
result array.

dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compileArraySlice):

ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileArraySlice):
(JSC::FTL::DFG::LowerDFGToB3::allocateJSArray):
(JSC::FTL::DFG::LowerDFGToB3::keepAlive):

runtime/ArrayPrototype.cpp:

(JSC::arrayProtoFuncSlice):

4:04 AM Changeset in webkit [247003] by Carlos Garcia Campos

3 edits
1 add in releases/WebKitGTK/webkit-2.24

Merge r246708 - [JSC] ClassExpr should not store result in the middle of evaluation
https://bugs.webkit.org/show_bug.cgi?id=199106

Reviewed by Tadeu Zagallo.

JSTests:

stress/class-expression-should-store-result-at-last.js: Added.

(shouldThrow):
(shouldThrow.let.a):

Source/JavaScriptCore:

Let's consider the case,

let a = class A {

static get[a=0x12345678]() {
}

};

When evaluating class A expression, we should not use the local register for let a
until we finally store it to that register. Otherwise, a=0x12345678 will override it.
Out BytecodeGenerator does that this by using tempDestination and finalDestination, but
we did not do that in ClassExprNode.

This patch leverages tempDestination and finalDestination to store class A result finally,
while we attempt to reduce mov.

bytecompiler/NodesCodegen.cpp:

(JSC::ClassExprNode::emitBytecode):

4:04 AM Changeset in webkit [247002] by Carlos Garcia Campos

12 edits
2 adds in releases/WebKitGTK/webkit-2.24

Merge r246505 - [JSC] Introduce DisposableCallSiteIndex to enforce type-safety
https://bugs.webkit.org/show_bug.cgi?id=197378

Reviewed by Saam Barati.

JSTests:

stress/disposable-call-site-index-with-call-and-this.js: Added.

(foo):
(bar):

stress/disposable-call-site-index.js: Added.

(foo):
(bar):

Source/JavaScriptCore:

Some of CallSiteIndex are disposable. This is because some of CallSiteIndex are allocated and freed at runtime (not DFG/FTL compile time).
The example is CallSiteIndex for exception handler in GCAwareJITStubRoutineWithExceptionHandler. If we do not allocate and free CallSiteIndex,
we will create a new CallSiteIndex continuously and leak memory.

The other CallSiteIndex are not simply disposable because the ownership model is not unique one. They can be shared between multiple clients.
But not disposing them is OK because they are static one: they are allocated when compiling DFG/FTL, and we do not allocate such CallSiteIndex
at runtime.

To make this difference explicit and avoid disposing non-disposable CallSiteIndex accidentally, we introduce DisposableCallSiteIndex type, and
enforce type-safety to some degree.

We also correctly update the DisposableCallSiteIndex => CodeOrigin table when we are reusing the previously used DisposableCallSiteIndex.

bytecode/CodeBlock.cpp:

(JSC::CodeBlock::newExceptionHandlingCallSiteIndex):
(JSC::CodeBlock::removeExceptionHandlerForCallSite):

bytecode/CodeBlock.h:
bytecode/PolymorphicAccess.cpp:

(JSC::AccessGenerationState::callSiteIndexForExceptionHandling):
(JSC::PolymorphicAccess::regenerate):

bytecode/PolymorphicAccess.h:

(JSC::AccessGenerationState::callSiteIndexForExceptionHandling): Deleted.

dfg/DFGCommonData.cpp:

(JSC::DFG::CommonData::addUniqueCallSiteIndex):
(JSC::DFG::CommonData::addDisposableCallSiteIndex):
(JSC::DFG::CommonData::removeDisposableCallSiteIndex):
(JSC::DFG::CommonData::removeCallSiteIndex): Deleted.

dfg/DFGCommonData.h:
interpreter/CallFrame.h:

(JSC::DisposableCallSiteIndex::DisposableCallSiteIndex):
(JSC::DisposableCallSiteIndex::fromCallSiteIndex):

jit/GCAwareJITStubRoutine.cpp:

(JSC::GCAwareJITStubRoutineWithExceptionHandler::GCAwareJITStubRoutineWithExceptionHandler):
(JSC::GCAwareJITStubRoutineWithExceptionHandler::observeZeroRefCount):
(JSC::createJITStubRoutine):

jit/GCAwareJITStubRoutine.h:
jit/JITInlineCacheGenerator.h:

4:04 AM Changeset in webkit [247001] by Carlos Garcia Campos

8 edits
1 add in releases/WebKitGTK/webkit-2.24

Merge r246408 - Yarr bytecode compilation failure should be gracefully handled
https://bugs.webkit.org/show_bug.cgi?id=198700

Reviewed by Michael Saboff.

JSTests:

stress/regexp-bytecode-compilation-fail.js: Added.

(shouldThrow):

Source/JavaScriptCore:

Currently, we assume that Yarr bytecode compilation does not fail. But in fact it can fail.
We should gracefully handle this failure as a runtime error, as we did for parse errors in [1].
We also harden Yarr's consumed character calculation by using Checked.

[1]: https://bugs.webkit.org/show_bug.cgi?id=185755

inspector/ContentSearchUtilities.cpp:

(Inspector::ContentSearchUtilities::findMagicComment):

runtime/RegExp.cpp:

(JSC::RegExp::byteCodeCompileIfNecessary):
(JSC::RegExp::compile):
(JSC::RegExp::compileMatchOnly):

runtime/RegExpInlines.h:

(JSC::RegExp::matchInline):

yarr/YarrErrorCode.cpp:

(JSC::Yarr::errorMessage):
(JSC::Yarr::errorToThrow):

yarr/YarrErrorCode.h:
yarr/YarrInterpreter.cpp:

(JSC::Yarr::ByteCompiler::ByteCompiler):
(JSC::Yarr::ByteCompiler::compile):
(JSC::Yarr::ByteCompiler::atomCharacterClass):
(JSC::Yarr::ByteCompiler::atomBackReference):
(JSC::Yarr::ByteCompiler::atomParenthesesOnceBegin):
(JSC::Yarr::ByteCompiler::atomParenthesesTerminalBegin):
(JSC::Yarr::ByteCompiler::atomParenthesesSubpatternBegin):
(JSC::Yarr::ByteCompiler::atomParentheticalAssertionBegin):
(JSC::Yarr::ByteCompiler::popParenthesesStack):
(JSC::Yarr::ByteCompiler::closeAlternative):
(JSC::Yarr::ByteCompiler::closeBodyAlternative):
(JSC::Yarr::ByteCompiler::alternativeBodyDisjunction):
(JSC::Yarr::ByteCompiler::alternativeDisjunction):
(JSC::Yarr::ByteCompiler::emitDisjunction):

4:04 AM Changeset in webkit [247000] by Carlos Garcia Campos

2 edits in releases/WebKitGTK/webkit-2.24

Merge r242114 - wasmToJS() should purify incoming NaNs.
https://bugs.webkit.org/show_bug.cgi?id=194807
<rdar://problem/48189132>

Reviewed by Saam Barati.

JSTests:

wasm/regress/wasmToJS-should-purify-NaNs.js: Added.

Source/JavaScriptCore:

runtime/JSCJSValue.h:

(JSC::jsNumber):

runtime/TypedArrayAdaptors.h:

(JSC::IntegralTypedArrayAdaptor::toJSValue):

wasm/js/WasmToJS.cpp:

(JSC::Wasm::wasmToJS):

4:04 AM Changeset in webkit [246999] by Carlos Garcia Campos

4 edits
1 add in releases/WebKitGTK/webkit-2.24

Merge r246071 - Argument elimination should check for negative indices in GetByVal
https://bugs.webkit.org/show_bug.cgi?id=198302
<rdar://problem/51188095>

Reviewed by Filip Pizlo.

JSTests:

stress/eliminate-arguments-negative-rest-access.js: Added.

(inlinee):
(opt):

Source/JavaScriptCore:

In DFG::ArgumentEliminationPhase, the index is treated as unsigned, but there's no check
for overflow in the addition. In compileGetMyArgumentByVal, there's a check for overflow,
but the index is treated as signed, resulting in an index lower than numberOfArgumentsToSkip.

dfg/DFGArgumentsEliminationPhase.cpp:
ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileGetMyArgumentByVal):

4:04 AM Changeset in webkit [246998] by Carlos Garcia Campos

3 edits
1 add in releases/WebKitGTK/webkit-2.24

Merge r246332 - AI BitURShift's result should not be unsigned
https://bugs.webkit.org/show_bug.cgi?id=198689
<rdar://problem/51550063>

Reviewed by Saam Barati.

JSTests:

stress/urshift-int32-overflow.js: Added.

(foo.):
(foo):

Source/JavaScriptCore:

Treating BitURShift's result as unsigned in the abstract interpreter incorrectly overflows it.
This breaks the DFG and FTL, since they assume that BitURShift's result is an int32 value, but
get a double constant from AI. Since the result will be converted to unsigned by UInt32ToNumber,
all we have to do is store the result as a signed int32.

dfg/DFGAbstractInterpreterInlines.h:

4:04 AM Changeset in webkit [246997] by Carlos Garcia Campos

1 edit
4 adds in releases/WebKitGTK/webkit-2.24/LayoutTests

Merge r246287 - [CSP] Blob URLs should inherit their CSP policy
https://bugs.webkit.org/show_bug.cgi?id=198579
<rdar://problem/51366878>

Reviewed by Brent Fulgham.

Actually add the tests that I inadvertently omitted from r246277.

http/tests/security/contentSecurityPolicy/navigate-self-to-blob-expected.txt: Added.
http/tests/security/contentSecurityPolicy/navigate-self-to-blob.html: Added.
http/tests/security/contentSecurityPolicy/navigate-self-to-data-url-expected.txt: Added.
http/tests/security/contentSecurityPolicy/navigate-self-to-data-url.html: Added.

4:03 AM Changeset in webkit [246996] by Carlos Garcia Campos

7 edits in releases/WebKitGTK/webkit-2.24

Merge r246277 - [CSP] Blob URLs should inherit their CSP policy
https://bugs.webkit.org/show_bug.cgi?id=198579
<rdar://problem/51366878>

Reviewed by Brent Fulgham.

Source/WebCore:

As per <https://w3c.github.io/webappsec-csp/#security-inherit-csp> (Editor's Draft, 28 February 2019) blob
URLs should inherit their CSP policy from their parent (if they have one).

Test: http/tests/security/contentSecurityPolicy/navigate-self-to-blob.html

http/tests/security/contentSecurityPolicy/navigate-self-to-data-url.html

dom/Document.cpp:

(WebCore::Document::shouldInheritContentSecurityPolicyFromOwner const): Return true if the document's URL
is a Blob URL.
(WebCore::Document::initContentSecurityPolicy): Take a pointer to a ContentSecurityPolicy object that
represents the previous document's CSP. We only make us of this if the current URL is a Blob URL or a data
URL. Otherwise, do what we do now and take the policy from the owner frame.

dom/Document.h:
loader/DocumentWriter.cpp:

(WebCore::DocumentWriter::begin): Extend the lifetime of the previous document temporarily so that we can
pass its CSP to FrameLoader::didBeginDocument(). We need to do this extension because this function calls
FrameLoader::clear(), which can destroy the previous document and its ContentSecurityPolicy object. This
extension is also no different than if this function was called with a non-null ownerDocument except that
in that case it is the caller that extends the previous document's lifetime. Although it is tempting to
make use of ownerDocument to fix this bug by having the caller of begin() pass the previous document as
the ownerDocument when the new document's url (the one we are begin()ing) is a Blob URL. The ownerDocument
concept would privilege the Blob URL more than necessary; we only need to inherit the CSP policy from the
previous document for a Blob URL, not inherit the cookie URL or strict mixed content checking bit, etc.
We could make ContentSecurityPolicy ref-counted or even steal the ContentSecurityPolicy object from the
previous document. The latter is not of the question as a future enhancement, but the former seemed excessive
as a way to avoid extending the lifetime of the previous document because this would be the *only* call site
that actaully takes out a second ref of a ContentSecurityPolicy object. In general, shared ownership of
a ContentSecurityPolicy object does not make sense.

loader/FrameLoader.cpp:

(WebCore::FrameLoader::didBeginDocument): Pass the specified content security policy through to
Document::initContentSecurityPolicy().

loader/FrameLoader.h:

LayoutTests:

Add tests to ensure that a self navigation to a Blob or Data URL inherits its CSP policy from
its parent document.

http/tests/security/contentSecurityPolicy/navigate-self-to-blob-expected.txt: Added.
http/tests/security/contentSecurityPolicy/navigate-self-to-blob.html: Added.
http/tests/security/contentSecurityPolicy/navigate-self-to-data-url-expected.txt: Added.
http/tests/security/contentSecurityPolicy/navigate-self-to-data-url.html: Added.

4:03 AM Changeset in webkit [246995] by Carlos Garcia Campos

2 edits in releases/WebKitGTK/webkit-2.24/Source/WebCore

Merge r246182 - Avoid generating new XSLT-based document when already changing the document.
https://bugs.webkit.org/show_bug.cgi?id=198525
<rdar://problem/51393787>

Reviewed by Ryosuke Niwa.

We should not allow a pending XSLT transform to change the current document when
that current document is int he process of being replaced.

dom/Document.cpp:

(WebCore::Document::applyPendingXSLTransformsTimerFired):

4:03 AM Changeset in webkit [246994] by Carlos Garcia Campos

3 edits
2 adds in releases/WebKitGTK/webkit-2.24

Merge r246129 - [CSP] Data URLs should inherit their CSP policy
https://bugs.webkit.org/show_bug.cgi?id=198572
<rdar://problem/50660927>

Reviewed by Brent Fulgham.

Source/WebCore:

As per <https://w3c.github.io/webappsec-csp/#security-inherit-csp> (Editor's Draft, 28 February 2019) data
URLs should inherit their CSP policy from their parent (if they have one).

Test: http/tests/security/contentSecurityPolicy/subframe-with-data-url-inheritance.html

dom/Document.cpp:

(WebCore::Document::shouldInheritContentSecurityPolicyFromOwner const):

LayoutTests:

Add a test to ensure that a framed data URL inherits its CSP policy from its parent document.

http/tests/security/contentSecurityPolicy/subframe-with-data-url-inheritance-expected.txt: Added.
http/tests/security/contentSecurityPolicy/subframe-with-data-url-inheritance.html: Added.

4:03 AM Changeset in webkit [246993] by Carlos Garcia Campos

17 edits in releases/WebKitGTK/webkit-2.24/Source

Merge r245823 - Protect frames during style and layout changes
https://bugs.webkit.org/show_bug.cgi?id=198047
<rdar://problem/50954082>

Reviewed by Zalan Bujtas.

Be more careful about the scope and lifetime of objects that participate in layout or
style updates. If a method decides a layout or style update is needed, it needs to
confirm that the elements it was operating on are still valid and needed in the
current operation.

Source/WebCore:

accessibility/AXObjectCache.cpp:

(WebCore::AXObjectCache::getOrCreate):

accessibility/AccessibilityRenderObject.cpp:

(WebCore::AccessibilityRenderObject::accessibilityHitTest const):

css/CSSComputedStyleDeclaration.cpp:

(WebCore::ComputedStyleExtractor::valueForPropertyinStyle):

css/CSSComputedStyleDeclaration.h:
css/SVGCSSComputedStyleDeclaration.cpp:

(WebCore::ComputedStyleExtractor::svgPropertyValue):

dom/Document.cpp:

(WebCore::Document::setFocusedElement):

editing/TypingCommand.cpp:

(WebCore::TypingCommand::insertTextRunWithoutNewlines):
(WebCore::TypingCommand::insertLineBreak):
(WebCore::TypingCommand::insertParagraphSeparator):
(WebCore::TypingCommand::insertParagraphSeparatorInQuotedContent):

editing/ios/EditorIOS.mm:

(WebCore::Editor::setDictationPhrasesAsChildOfElement):

html/HTMLLabelElement.cpp:

(WebCore::HTMLLabelElement::focus):

html/HTMLTextAreaElement.cpp:

(WebCore::HTMLTextAreaElement::appendFormData):

html/ImageDocument.cpp:

(WebCore::ImageDocument::imageClicked):

html/ValidationMessage.cpp:

(WebCore::ValidationMessage::buildBubbleTree):

page/FrameView.cpp:

(WebCore::FrameView::autoSizeIfEnabled):
(WebCore::FrameView::trackedRepaintRectsAsText const):

page/PrintContext.cpp:

(WebCore::PrintContext::pageProperty):
(WebCore::PrintContext::numberOfPages):
(WebCore::PrintContext::spoolAllPagesWithBoundaries):

Source/WebKitLegacy/mac:

DOM/DOM.mm:

(-[DOMRange renderedImageForcingBlackText:renderedImageForcingBlackText:]):

WebView/WebHTMLView.mm:

(-[WebHTMLView _selectionDraggingImage]):
(-[WebHTMLView selectionImageForcingBlackText:selectionImageForcingBlackText:]):

4:03 AM Changeset in webkit [246992] by Carlos Garcia Campos

20 edits in releases/WebKitGTK/webkit-2.24/Source

Merge r245716 - [Hittest] Move hittesting from RenderView to Document
https://bugs.webkit.org/show_bug.cgi?id=198192
<rdar://problem/51077762>

Reviewed by Antti Koivisto.

Source/WebCore:

RenderView is not refcounted and may be destroyed in updateLayout(), so enter hit-testing from Document.

accessibility/AccessibilityObject.cpp:

(WebCore::AccessibilityObject::press):

accessibility/AccessibilityRenderObject.cpp:

(WebCore::AccessibilityRenderObject::visiblePositionForPoint const):

dom/Document.cpp:

(WebCore::FrameFlatteningLayoutDisallower::FrameFlatteningLayoutDisallower):
(WebCore::FrameFlatteningLayoutDisallower::~FrameFlatteningLayoutDisallower):
(WebCore::Document::scheduleStyleRecalc):
(WebCore::Document::prepareMouseEvent):
(WebCore::Document::hitTest):

dom/Document.h:

(WebCore::Document::inHitTesting const):

dom/TreeScope.cpp:

(WebCore::TreeScope::nodeFromPoint):
(WebCore::TreeScope::elementsFromPoint):

editing/FrameSelection.cpp:

(WebCore::FrameSelection::contains const):

html/HTMLPlugInElement.cpp:

(WebCore::HTMLPlugInElement::isReplacementObscured):

html/MediaElementSession.cpp:

(WebCore::isElementMainContentForPurposesOfAutoplay):

page/DragController.cpp:

(WebCore::elementUnderMouse):

page/EventHandler.cpp:

(WebCore::EventHandler::handleMouseDraggedEvent):
(WebCore::EventHandler::eventMayStartDrag const):
(WebCore::EventHandler::updateSelectionForMouseDrag):
(WebCore::EventHandler::hitTestResultAtPoint const):
(WebCore::EventHandler::updateCursor):
(WebCore::EventHandler::isInsideScrollbar const):
(WebCore::EventHandler::handleWheelEvent):
(WebCore::EventHandler::hoverTimerFired):
(WebCore::EventHandler::handleDrag):
(WebCore::hitTestResultInFrame):

page/FrameViewLayoutContext.cpp:

(WebCore::FrameViewLayoutContext::setNeedsLayoutAfterViewConfigurationChange):

rendering/RenderView.cpp:

(WebCore::FrameFlatteningLayoutDisallower::FrameFlatteningLayoutDisallower): Deleted.
(WebCore::FrameFlatteningLayoutDisallower::~FrameFlatteningLayoutDisallower): Deleted.
(): Deleted.
(WebCore::RenderView::hitTest): Deleted.

rendering/RenderView.h:
rendering/RenderWidget.cpp:

(WebCore::RenderWidget::nodeAtPoint):

testing/Internals.cpp:

(WebCore::Internals::nodesFromRect const):

Source/WebKit:

WebProcess/WebPage/ViewGestureGeometryCollector.cpp:

(WebKit::ViewGestureGeometryCollector::collectGeometryForSmartMagnificationGesture):

WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::determinePrimarySnapshottedPlugIn):

WebProcess/WebPage/ios/WebPageIOS.mm:

(WebKit::WebPage::dynamicViewportSizeUpdate):

4:03 AM Changeset in webkit [246991] by Carlos Garcia Campos

3 edits
2 adds in releases/WebKitGTK/webkit-2.24

Merge r245664 - Subselectors not searched when determining property whitelist for selector
https://bugs.webkit.org/show_bug.cgi?id=198147
<rdar://problem/50405208>

Reviewed by Zalan Bujtas.

Source/WebCore:

This can cause marker elements get style they shouldn't.

Test: fast/lists/marker-style-subselector-whitelist.html

css/RuleSet.cpp:

(WebCore::determinePropertyWhitelistType):

Check subselectors too.

LayoutTests:

fast/lists/marker-style-subselector-whitelist-expected.txt: Added.
fast/lists/marker-style-subselector-whitelist.html: Added.

4:03 AM Changeset in webkit [246990] by Carlos Garcia Campos

3 edits
2 adds in releases/WebKitGTK/webkit-2.24

Merge r245509 - Wait to get frame until after layout has been run
https://bugs.webkit.org/show_bug.cgi?id=197999
<rdar://problem/50800345>

Reviewed by Alex Christensen.

Source/WebCore:

The current frame can change when layout runs, so don't bother retrieving
the frame until the final layout pass is complete.

Test: fast/dom/window-inner-width-crash.html

page/DOMWindow.cpp:

(WebCore::DOMWindow::innerHeight const): Move frame access past the
layout operation.
(WebCore::DOMWindow::innerWidth const): Ditto.
(WebCore::DOMWindow::scrollX const): Ditto.
(WebCore::DOMWindow::scrollY const): Ditto.

LayoutTests:

fast/dom/window-inner-width-crash-expected.txt: Added.
fast/dom/window-inner-width-crash.html: Added.

4:03 AM Changeset in webkit [246989] by Carlos Garcia Campos

2 edits in releases/WebKitGTK/webkit-2.24/Source/WebCore

Merge r245464 - Hardening: Prevent FrameLoader crash due to SetForScope
https://bugs.webkit.org/show_bug.cgi?id=197458
<rdar://problem/50368338>

Reviewed by Chris Dumez.

Since SetForScope takes action during a function returns, it might cause
a crash if its scope is broader than the value it is resetting.

loader/FrameLoader.cpp:

(WebCore::FrameLoader::loadDifferentDocumentItem):

3:25 AM EarlyWarningSystem edited by aakash_jain@apple.com

(diff)

2:22 AM Changeset in webkit [246988] by Carlos Garcia Campos

10 edits
1 add in releases/WebKitGTK/webkit-2.24/Source

Merge r246963 - [WPE][GTK] Content disappearing when using CSS transforms
https://bugs.webkit.org/show_bug.cgi?id=181757

Reviewed by Žan Doberšek.

Source/WebCore:

During each layer flush, create an AnimatedBackingStoreClient instance for each layer that
has a backingStore and is to be animated, and send that client to the appropriate
TextureMapperLayer on the compositor thread. During each frame rendering, the client will
use the future layer position (currently 50ms in the future) to check whether new tiles are
required to keep the animation ongoing, and notify the appropriate CoordinatedGraphicsLayer so
it can perform a layer flush and provide new tiles.

platform/TextureMapper.cmake:
platform/graphics/nicosia/NicosiaAnimatedBackingStoreClient.h: Added.
platform/graphics/nicosia/NicosiaPlatformLayer.h:

(Nicosia::CompositionLayer::flushState):

platform/graphics/texmap/TextureMapperAnimation.cpp:

(WebCore::TextureMapperAnimation::applyKeepingInternalState):
(WebCore::TextureMapperAnimations::applyKeepingInternalState):

platform/graphics/texmap/TextureMapperAnimation.h:
platform/graphics/texmap/TextureMapperLayer.cpp:

(WebCore::TextureMapperLayer::computeTransformsRecursive):
(WebCore::TextureMapperLayer::setAnimatedBackingStoreClient):
(WebCore::TextureMapperLayer::syncAnimations):

platform/graphics/texmap/TextureMapperLayer.h:
platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:

(WebCore::CoordinatedGraphicsLayer::~CoordinatedGraphicsLayer):
(WebCore::clampToContentsRectIfRectIsInfinite):
(WebCore::CoordinatedGraphicsLayer::flushCompositingStateForThisLayerOnly):
(WebCore::CoordinatedGraphicsLayer::requestBackingStoreUpdate):
(WebCore::CoordinatedGraphicsLayer::updateContentBuffers):

platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:

Source/WebKit:

Set the appropriate AnimatedBackingStoreClient to the TextureMapperLayers when required.

Shared/CoordinatedGraphics/CoordinatedGraphicsScene.cpp:

(WebKit::CoordinatedGraphicsScene::updateSceneState):

2:22 AM Changeset in webkit [246987] by Carlos Garcia Campos

2 edits in releases/WebKitGTK/webkit-2.24/Source/WebCore/platform/gtk/po

Merge r245770 - [l10n] [pt_BR] Updated Brazilian Portuguese translation
https://bugs.webkit.org/show_bug.cgi?id=198245

Patch by Rafael Fontenelle <rafaelff@gnome.org> on 2019-05-25
Rubber-stamped by Michael Catanzaro.

pt_BR.po:

2:22 AM Changeset in webkit [246986] by Carlos Garcia Campos

2 edits in releases/WebKitGTK/webkit-2.24/Source/WTF

Merge r245512 - [GLIB] Repeating timer is not stopped when stop is called from the callback
https://bugs.webkit.org/show_bug.cgi?id=197986

Reviewed by Michael Catanzaro.

Source/WTF:

In case of repeating timers we always update the ready time to fire interval after the user callback is called.

wtf/glib/RunLoopGLib.cpp:

(WTF::RunLoop::TimerBase::stop): Reset m_fireInterval and m_isRepeating.

2:22 AM Changeset in webkit [246985] by Carlos Garcia Campos

2 edits in releases/WebKitGTK/webkit-2.24/Source/WebCore

Merge r246192 - [GStreamer] videorate issues with v4l2src
https://bugs.webkit.org/show_bug.cgi?id=198614

Reviewed by Xabier Rodriguez-Calvar.

Configure videorate to cope with the live stream provided by the
source element. Not doing so might lead to errors in the v4l2
buffer allocator.

platform/mediastream/gstreamer/GStreamerVideoCapturer.cpp:

(WebCore::GStreamerVideoCapturer::createConverter):

2:21 AM Changeset in webkit [246984] by Carlos Garcia Campos

2 edits in releases/WebKitGTK/webkit-2.24

Merge r245848 - [MSE][GStreamer] update the readyState correctly in MediaPlayerPrivateGStreamerMSE
https://bugs.webkit.org/show_bug.cgi?id=197834

Patch by Yacine Bandou <yacine.bandou@softathome.com> on 2019-05-28
Reviewed by Xabier Rodriguez-Calvar.

Source/WebCore:

The buffering state and the m_downloadFinished boolean aren't supported in the MSE case.
When the readyState is already "HaveEnoughData", we don't want to revert it to "HaveFutureData",
or else the MediaPlayer would send a "canplay" event instead of a "canplaythrough".

Test: media/media-source/media-source-canplaythrough-event.html

platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp:

(WebCore::MediaPlayerPrivateGStreamerMSE::updateStates):

LayoutTests:

Add a new test that checks if the MediaElement receives the "canplaythrough"
event when the media content is entirely injected to MSE sourceBuffer.

media/media-source/media-source-canplaythrough-event-expected.txt: Added.
media/media-source/media-source-canplaythrough-event.html: Added.

2:21 AM Changeset in webkit [246983] by Carlos Garcia Campos

4 edits in releases/WebKitGTK/webkit-2.24/Source/WebKit

Merge r246635 - [GTK] The Previous/Next gesture should handle RTL
https://bugs.webkit.org/show_bug.cgi?id=198707

Patch by Alexander Mikhaylenko <exalm7659@gmail.com> on 2019-06-20
Reviewed by Michael Catanzaro.

The gesture uses PageClientImpl::userInterfaceLayoutDirection() to determine the text
direction. Implement that method, then adjust drawing so that the pages move from/to
the left instead of right side for RTL locales.

UIProcess/API/gtk/PageClientImpl.cpp:

(WebKit::): Implemented.

UIProcess/API/gtk/PageClientImpl.h:
UIProcess/gtk/ViewGestureControllerGtk.cpp:

(WebKit::ViewGestureController::draw):

2:21 AM Changeset in webkit [246982] by Carlos Garcia Campos

2 edits in releases/WebKitGTK/webkit-2.24/Source/WebKit

Merge r246638 - [GTK] Make startup pause available in DEVELOPER_MODE rather than DEBUG.
https://bugs.webkit.org/show_bug.cgi?id=199069

Reviewed by Michael Catanzaro.

WebProcess/gtk/WebProcessMainGtk.cpp: Allow developers to pause

the web process in DEVELOPER_MODE rather than only DEBUG, matching
the WPE behaviour and also the purpose of DEVELOPER_MODE.

2:21 AM Changeset in webkit [246981] by Carlos Garcia Campos

2 edits in releases/WebKitGTK/webkit-2.24/Source/WebCore

Merge r246431 - [cairo] Entering text into forms on github.com creates a trapezoid artifact
https://bugs.webkit.org/show_bug.cgi?id=126124

Reviewed by Michael Catanzaro.

Mixing antialiasing modes in the same clip is not actually supported by cairo. In the case of rectangle clips we
are already ignoring the current antialiasing to not do any antialiasing. We could do the opposite for clips
receiving a path, we want to enforce antialiasing in that case since the paths might contain curves. Doing that
we ensure all calls to clip with a path use the same antialiasing, which is the case of the github bug.

platform/graphics/cairo/CairoOperations.cpp:

(WebCore::Cairo::doClipWithAntialias): Helper to call cairo_clip() with the given antialising mode.
(WebCore::Cairo::clip): Use doClipWithAntialias().
(WebCore::Cairo::clipOut): Ditto.
(WebCore::Cairo::clipPath): Ditto.

2:21 AM Changeset in webkit [246980] by Carlos Garcia Campos

3 edits
4 adds in releases/WebKitGTK/webkit-2.24

Merge r246350 - [cairo][SVG] Putting multiple path elements in clippath causes rendering artifacts
https://bugs.webkit.org/show_bug.cgi?id=198701
<rdar://problem/51620347>

Reviewed by Don Olmstead.

Source/WebCore:

We need to save the current transformation matrix at the moment the image mask is set and set it again on
restore right before applying the mask. This patch also creates a pattern for the image mask surface and set its
transformation matrix according to the mask position, so that we don't need to save the mask rectangle too.

Tests: svg/clip-path/clip-hidpi-expected.svg

svg/clip-path/clip-hidpi.svg
svg/clip-path/clip-opacity-translate-expected.svg
svg/clip-path/clip-opacity-translate.svg

platform/graphics/cairo/PlatformContextCairo.cpp:

(WebCore::PlatformContextCairo::restore):
(WebCore::PlatformContextCairo::pushImageMask):

LayoutTests:

svg/clip-path/clip-hidpi-expected.svg: Added.
svg/clip-path/clip-hidpi.svg: Added.
svg/clip-path/clip-opacity-translate-expected.svg: Added.
svg/clip-path/clip-opacity-translate.svg: Added.

2:21 AM Changeset in webkit [246979] by Carlos Garcia Campos

5 edits
4 adds in releases/WebKitGTK/webkit-2.24

Merge r246309 - [cairo][SVG] Putting multiple path elements in clippath causes rendering artifacts
https://bugs.webkit.org/show_bug.cgi?id=198701

Source/WebCore:

PlatformContextCairo::pushImageMask blits wrong position of the
surface to the background of masking objects. And, I don't know
the reason why this blitting is needed. Removed the blitting.

Reviewed by Carlos Garcia Campos.

Tests: svg/clip-path/clip-opacity.html

svg/clip-path/svg-in-html.html

platform/graphics/cairo/PlatformContextCairo.cpp:

(WebCore::PlatformContextCairo::pushImageMask): Don't blit the
surface to the background.

LayoutTests:

Reviewed by Carlos Garcia Campos.

platform/gtk/TestExpectations:
platform/wpe/TestExpectations:

Unskipped svg/gradients/spreadMethodDiagonal3.svg and svg/gradients/spreadMethodDiagonal4.svg.

svg/clip-path/clip-opacity-expected.html: Added.
svg/clip-path/clip-opacity.html: Added.
svg/clip-path/svg-in-html-expected.html: Added.
svg/clip-path/svg-in-html.html: Added.

1:53 AM Changeset in webkit [246978] by Carlos Garcia Campos

5 edits in releases/WebKitGTK/webkit-2.24

Merge r246536 - [WebGL] Extensions3DOpenGLES::bindVertexArrayOES() should allow zero array object
https://bugs.webkit.org/show_bug.cgi?id=198929

Reviewed by Carlos Garcia Campos.

Source/WebCore:

A 0 object parameter for the glBindVertexArrayOES() call is a valid
value since it binds the default vertex array object for any updates and
draws. As such the Extensions3DOpenGLES implementation shouldn't return
early if the object value is 0.

No new tests -- covered by existing tests.

platform/graphics/opengl/Extensions3DOpenGLES.cpp:

(WebCore::Extensions3DOpenGLES::bindVertexArrayOES):

LayoutTests:

Enable the passing tests and update one baseline.

platform/wpe/TestExpectations:
platform/wpe/webgl/2.0.0/conformance/extensions/oes-vertex-array-object-expected.txt:

1:53 AM WebKitGTK/2.24.x edited by Carlos Garcia Campos

(diff)

1:53 AM Changeset in webkit [246977] by Carlos Garcia Campos

2 edits in releases/WebKitGTK/webkit-2.24/Source/WebCore

Merge r244372 - ScalableImageDecoder: don't forcefully decode image data when querying frame completeness, duration
https://bugs.webkit.org/show_bug.cgi?id=191354
<rdar://problem/46123406>

Reviewed by Michael Catanzaro.

ScalableImageDecoder::frameIsCompleteAtIndex() should only check the
index validity and, if the index is valid, check for completeness of the
corresponding frame. ScalableImageDecoder::frameDurationAtIndex() should
also only retrieve duration for already-complete frames, or expand the
default 0-second value according to the flashing-protection rule when
the target frame is not yet complete.

Both methods avoid calling ScalableImageDecoder::frameBufferAtIndex()
as that method goes on and decodes image data to determine specific
information. The ImageSource class that's querying this information
doesn't anticipate this, and doesn't handle the increased memory
consumption of the decoded data, leaving MemoryCache in the blind about
the image resource's actual amount of consumed memory. ImageSource can
instead gracefully handle any incomplete frame by marking the decoding
status for this frame as only partial.

platform/image-decoders/ScalableImageDecoder.cpp:

(WebCore::ScalableImageDecoder::frameIsCompleteAtIndex const):
(WebCore::ScalableImageDecoder::frameHasAlphaAtIndex const):
(WebCore::ScalableImageDecoder::frameDurationAtIndex const):

1:53 AM Changeset in webkit [246976] by Carlos Garcia Campos

3 edits in releases/WebKitGTK/webkit-2.24/Source/WTF

[WTF] Generic memoryFootprint() implementation should use bmalloc on Linux
https://bugs.webkit.org/show_bug.cgi?id=196963

Reviewed by Don Olmstead.

Have the generic memoryFootprint() implementation use bmalloc's
memoryFootprint() API on Linux, whenever the system malloc option is
not enabled. Limitation to Linux platforms is due to the bmalloc
implementation being limited to those configurations (excluding iOS
which doesn't use MemoryFootprintGeneric.cpp).

wtf/PlatformWPE.cmake: Switch to building MemoryFootprintGeneric.cpp.
wtf/generic/MemoryFootprintGeneric.cpp:

(WTF::memoryFootprint):

1:53 AM Changeset in webkit [246975] by Carlos Garcia Campos

2 edits in releases/WebKitGTK/webkit-2.24/Source/bmalloc

Merge r244316 - Unreviewed. Build fix after r244244.

Source/bmalloc/bmalloc/AvailableMemory.cpp

1:53 AM Changeset in webkit [246974] by Carlos Garcia Campos

4 edits in releases/WebKitGTK/webkit-2.24/Source/bmalloc

Merge r244244 - [bmalloc][Linux] Add support for memory status calculation
https://bugs.webkit.org/show_bug.cgi?id=195938

Reviewed by Carlos Garcia Campos.

Memory status and under-memory-pressure capabilities in bmalloc can be
implemented on Linux by reading and parsing the statm file under the
proc filesystem.

We retrieve the resident set size from the statm file and multiply it
with the page size. This gives an upper-bound estimate of the memory
that's being consumed by the process.

The statm-based estimate seems preferable to other alternatives. One
such alternative would be reading and parsing more-detailed smaps file,
also exposed under the proc filesystem. This is at the moment being done
in WTF's MemoryFootprint implementation for Linux systems, but on Linux
ports this operation is being throttled to only execute once per second
because of the big computing expense required to read and parse out the
data. A future MemoryFootprint implementation could simply retrieve the
memory footprint value from bmalloc.

Another alternative is the Linux taskstats interface. This one would
require utilizing a netlink socket to retrieve the necessary statistics,
but it requires the process to have elevated privileges, which is a
blocker.

bmalloc/AvailableMemory.cpp:

(bmalloc::LinuxMemory::singleton):
(bmalloc::LinuxMemory::footprint const):
(bmalloc::computeAvailableMemory):
(bmalloc::memoryStatus):

bmalloc/AvailableMemory.h:

(bmalloc::isUnderMemoryPressure):

bmalloc/bmalloc.h:

1:53 AM Changeset in webkit [246973] by Carlos Garcia Campos

2 edits in releases/WebKitGTK/webkit-2.24/Source/WebCore

Merge r246653 - REGRESSION(r245912): Crash in TextIterator::range via visiblePositionForIndexUsingCharacterIterator
https://bugs.webkit.org/show_bug.cgi?id=199061

Reviewed by Wenson Hsieh.

Avoid calling CharacterIterator::range when it's at the end. Otherwise, we'd crash with null pointer dereferencing.

Unfortunately no new tests since we don't have any reproducible test case.

editing/Editing.cpp:

(WebCore::visiblePositionForIndexUsingCharacterIterator):

1:53 AM Changeset in webkit [246972] by Carlos Garcia Campos

10 edits
4 adds in releases/WebKitGTK/webkit-2.24

Merge r245912 - Inserting a newline in contenteditable causes two characters to be added instead of one
https://bugs.webkit.org/show_bug.cgi?id=197894
<rdar://problem/49700998>

Patch by Andres Gonzalez <Andres Gonzalez> on 2019-05-30
Reviewed by Wenson Hsieh and Chris Fleizach.

Source/WebCore:

There were two issues with inserting a newline character at the end of
a line that caused problems for accessibility:

the first '\n' inserted after text would result in two line breaks

inserted instead of one. createFragmentFromText in markup.cpp was
splitting the string "\n" into two empty strings and creating a <div>
and a <br> respectively. Then the emission code would emit a '\n' for
the empty div and another for the <br>.

the second problem is a consequence of <rdar://problem/5192593> and

the workaround is the change in editing.cpp in the function
visiblePositionForIndexUsingCharacterIterator, similar to what is done
in VisibleUnits.cpp for nextBoundary.
The rest of the changes in this patch are accessibility changes to
execute the layout tests.

Tests: accessibility/ios-simulator/set-selected-text-range-after-newline.html

accessibility/set-selected-text-range-after-newline.html

accessibility/AccessibilityRenderObject.cpp:

(WebCore::AccessibilityRenderObject::setSelectedTextRange):

accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:

(-[WebAccessibilityObjectWrapper stringForRange:]):
(-[WebAccessibilityObjectWrapper _accessibilitySelectedTextRange]):
(-[WebAccessibilityObjectWrapper accessibilityReplaceRange:withText:]):

accessibility/mac/WebAccessibilityObjectWrapperMac.mm:

(-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]):

editing/Editing.cpp:

(WebCore::visiblePositionForIndexUsingCharacterIterator):

editing/markup.cpp:

(WebCore::createFragmentFromText):

Tools:

iOS implementation of several AccessibilityUIElement methods to execute
LayoutTests.

WebKitTestRunner/InjectedBundle/ios/AccessibilityUIElementIOS.mm:

(WTR::AccessibilityUIElement::selectedTextRange):
(WTR::AccessibilityUIElement::setSelectedTextRange):
(WTR::AccessibilityUIElement::replaceTextInRange):

LayoutTests:

accessibility/ios-simulator/set-selected-text-range-after-newline-expected.txt: Added.
accessibility/ios-simulator/set-selected-text-range-after-newline.html: Added.
accessibility/ios-simulator/text-marker-list-item-expected.txt:
accessibility/set-selected-text-range-after-newline-expected.txt: Added.
accessibility/set-selected-text-range-after-newline.html: Added.
platform/win/TestExpectations:

1:53 AM Changeset in webkit [246971] by Carlos Garcia Campos

2 edits in releases/WebKitGTK/webkit-2.24/Source/WebCore

Merge r246731 - [GStreamer][MSE] Pausing video sometimes causes skip to finish
https://bugs.webkit.org/show_bug.cgi?id=197355

Reviewed by Philippe Normand.

Covered by existing tests.

platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp:

(WebCore::MediaPlayerPrivateGStreamerMSE::currentMediaTime const):
Assuming that when m_eosPending is on and we're paused() that the
network resource is fully loaded and the end is reached is clearly
wrong. Whether this is now correct is unclear...

1:53 AM Changeset in webkit [246970] by Carlos Garcia Campos

3 edits in releases/WebKitGTK/webkit-2.24/Source/WebCore

Merge r246730 - [GStreamer] Volume level sometimes changes inappropriately
https://bugs.webkit.org/show_bug.cgi?id=197358

Reviewed by Xabier Rodriguez-Calvar.

Be consistent with our application of volume scaling. We were
setting volumes using cubic interpolation in setVolume() and using
the inverse in volume(); however setting initial volumes was done
linearly in setStreamVolumeElement, which was causing strange
jumps in the volume level at non-deterministic times. The fix
looks to be that we should use linear interpolation consistently,
since PulseAudio already applies cubic scaling to software
volumes.

Covered by existing tests.

platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

(WebCore::MediaPlayerPrivateGStreamer::paused const): Bump the
logging here to LOG level, it's very spammy at DEBUG.

platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:

(WebCore::MediaPlayerPrivateGStreamerBase::setVolume): Switch to
linear interpolation.
(WebCore::MediaPlayerPrivateGStreamerBase::volume const): Ditto.
(WebCore::MediaPlayerPrivateGStreamerBase::notifyPlayerOfVolumeChange):
Ditto.
(WebCore::MediaPlayerPrivateGStreamerBase::setStreamVolumeElement):
Ditto, and be consistent here with the API, do not set the raw
volume managed by MediaElement.

1:53 AM Changeset in webkit [246969] by Carlos Garcia Campos

3 edits in releases/WebKitGTK/webkit-2.24/Source/WebCore

Merge r246710 - webkitgtk 2.24.2 fails to build w/gstreamer 1.12.5
https://bugs.webkit.org/show_bug.cgi?id=198080

Patch by Mike Gorse <mgorse@suse.com> on 2019-06-22
Reviewed by Philippe Normand.

No new tests (build fix only).

platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:

Move includes of gst/gl/gl.h and epoxy/gl.h into
MediaPlayerPrivateGStreamerBase.h.

1:53 AM Changeset in webkit [246968] by Carlos Garcia Campos

2 edits in releases/WebKitGTK/webkit-2.24/Source/WebCore

Merge r246399 - [GStreamer] HLS stream slow start
https://bugs.webkit.org/show_bug.cgi?id=198377

Reviewed by Xabier Rodriguez-Calvar.

platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:

(webKitWebSrcCreate): Cut down the adapter condition to 200 ms to
improve start-up times for HLS playback.

1:52 AM Changeset in webkit [246967] by Carlos Garcia Campos

11 edits in releases/WebKitGTK/webkit-2.24

Merge r246353 - [WPE][GTK] Deprecate WebSQL APIs
https://bugs.webkit.org/show_bug.cgi?id=195011

Reviewed by Carlos Garcia Campos.

Source/WebKit:

UIProcess/API/glib/WebKitSettings.cpp:

(webkit_settings_class_init):

UIProcess/API/glib/WebKitWebContext.cpp:

(webkitWebContextConstructed):

UIProcess/API/glib/WebKitWebsiteDataManager.cpp:

(webkitWebsiteDataManagerGetProperty):
(webkit_website_data_manager_class_init):

UIProcess/API/gtk/WebKitWebsiteData.h:
UIProcess/API/gtk/WebKitWebsiteDataManager.h:
UIProcess/API/wpe/WebKitWebsiteData.h:
UIProcess/API/wpe/WebKitWebsiteDataManager.h:

Tools:

MiniBrowser/gtk/main.c:

(gotWebsiteDataCallback):

TestWebKitAPI/Tests/WebKitGLib/TestWebsiteData.cpp:

(testWebsiteDataConfiguration):
(testWebsiteDataEphemeral):
(testWebsiteDataDatabases):

1:52 AM Changeset in webkit [246966] by Carlos Garcia Campos

2 edits in releases/WebKitGTK/webkit-2.24/Source/JavaScriptCore

Merge r246151 - aarch64: ‘JSC::ARM64Assembler::LinkRecord::<unnamed union>::RealTypes::m_compareRegister’ is too small to hold all values of ‘JSC::ARM64Assembler::RegisterID’ {aka ‘enum JSC::ARM64Registers::RegisterID’}
https://bugs.webkit.org/show_bug.cgi?id=198014

Reviewed by Yusuke Suzuki.

When building for aarch64, there is a huge warning spam here. It's impossible to see any
other warnings. This has been ongoing for so long I've begun to suspect that nobody works
on this architecture.

Anyway, the problem is because we need eight bits to store all possible RegisterID values,
but the bitfield is only six bits wide. Fix it. The COMPILE_ASSERT checking the size of this
struct is still happy, so I presume the change is OK.

assembler/ARM64Assembler.h:

1:29 AM WebKitGTK/2.24.x edited by zandobersek@gmail.com

(diff)

1:27 AM Changeset in webkit [246965] by Philippe Normand

2 edits in trunk/Tools

Unreviewed, GTK a11y tests fix after r246958

WebKitTestRunner/InjectedBundle/atk/AccessibilityUIElementAtk.cpp:

(WTR::AccessibilityUIElement::popupValue const):

1:09 AM Changeset in webkit [246964] by Carlos Garcia Campos

7 edits in trunk/Source

WebSockets: add support for sending blob messages when using web sockets platform APIs
https://bugs.webkit.org/show_bug.cgi?id=199189

Reviewed by Youenn Fablet.

Source/WebCore:

Headers.cmake: Add missing headers.

Source/WebKit:

Add helper private class BlobLoader that uses FileReaderLoader to load the blobs. Since blob loads are
asynchronous, the messages are queued using another helper internal class PendingMessage.

WebProcess/Network/WebSocketChannel.cpp:

(WebKit::WebSocketChannel::increaseBufferedAmount): Increase the buffered amount checking we don't overlofw.
(WebKit::WebSocketChannel::decreaseBufferedAmount): Decrease the buffered amount.
(WebKit::WebSocketChannel::sendMessage): Helper class to send message to the network process and decrease the
buffered amount when done.
(WebKit::WebSocketChannel::send): Queue the message in pending queue if there are pending messages in the queue
for text and binary messages. For blobs, always queue the message unless it's an empty blob that we can handle
as empty binary data directly.
(WebKit::PendingMessage::PendingMessage): Helper class to queue message requests.
(WebKit::PendingMessage::type const): Type of message: Text, Binary, Blob.
(WebKit::PendingMessage::textMessage const): The text message.
(WebKit::PendingMessage::binaryData const): The binary data.
(WebKit::PendingMessage::blobLoader const): The blob loader.
(WebKit::WebSocketChannel::fail): Notify the client about the error to ensure onclose is emitted.
(WebKit::WebSocketChannel::disconnect): Clear the pending messages queue.

WebProcess/Network/WebSocketChannel.h:

1:01 AM Changeset in webkit [246963] by magomez@igalia.com

11 edits
1 add in trunk/Source

[WPE][GTK] Content disappearing when using CSS transforms
https://bugs.webkit.org/show_bug.cgi?id=181757

Reviewed by Žan Doberšek.

Source/WebCore:

platform/TextureMapper.cmake:
platform/graphics/nicosia/NicosiaAnimatedBackingStoreClient.h: Added.
platform/graphics/nicosia/NicosiaPlatformLayer.h:

(Nicosia::CompositionLayer::flushState):

platform/graphics/texmap/TextureMapperAnimation.cpp:

(WebCore::TextureMapperAnimation::applyKeepingInternalState):
(WebCore::TextureMapperAnimations::applyKeepingInternalState):

platform/graphics/texmap/TextureMapperAnimation.h:
platform/graphics/texmap/TextureMapperLayer.cpp:

(WebCore::TextureMapperLayer::computeTransformsRecursive):
(WebCore::TextureMapperLayer::setAnimatedBackingStoreClient):
(WebCore::TextureMapperLayer::syncAnimations):

platform/graphics/texmap/TextureMapperLayer.h:
platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:

platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:

Source/WebKit:

Set the appropriate AnimatedBackingStoreClient to the TextureMapperLayers when required.

Shared/CoordinatedGraphics/CoordinatedGraphicsScene.cpp:

(WebKit::CoordinatedGraphicsScene::updateSceneState):

Jun 30, 2019:

10:52 PM Changeset in webkit [246962] by Antti Koivisto

11 edits in trunk/Source

Use separate variables for moving and stationary scrolling relationships in RemoteLayerTreeNode
https://bugs.webkit.org/show_bug.cgi?id=199348

Reviewed by Darin Adler.

Source/WebCore:

page/scrolling/ScrollingStateStickyNode.cpp:
page/scrolling/ScrollingTree.cpp:

(WebCore::ScrollingTree::commitTreeState):

page/scrolling/ScrollingTree.h:

(WebCore::ScrollingTree::activeOverflowScrollProxyNodes):
(WebCore::ScrollingTree::activePositionedNodes):
(WebCore::ScrollingTree::nodesWithRelatedOverflow): Deleted.

Use separate sets for overflow proxies and positioned nodes.
Use Refs to nodes instead of ids to simplify client code. This doesn't affect lifetimes, these sets are cleared
at the beginning of each commit.

page/scrolling/cocoa/ScrollingTreeOverflowScrollProxyNode.mm:

(WebCore::ScrollingTreeOverflowScrollProxyNode::commitStateBeforeChildren):

page/scrolling/cocoa/ScrollingTreePositionedNode.mm:

(WebCore::ScrollingTreePositionedNode::commitStateBeforeChildren):

Source/WebKit:

A layer can have only one acting scroll parent. Not using a vector for that case makes the code clearer.

UIProcess/RemoteLayerTree/RemoteLayerTreeNode.h:

(WebKit::RemoteLayerTreeNode::actingScrollContainerID const):
(WebKit::RemoteLayerTreeNode::stationaryScrollContainerIDs const):

Separate fields for the acting container and stationary containers.

(WebKit::RemoteLayerTreeNode::setActingScrollContainerID):
(WebKit::RemoteLayerTreeNode::setStationaryScrollContainerIDs):
(WebKit::RemoteLayerTreeNode::relatedScrollContainerIDs const): Deleted.
(WebKit::RemoteLayerTreeNode::relatedScrollContainerPositioningBehavior const): Deleted.

UIProcess/RemoteLayerTree/RemoteLayerTreeNode.mm:

(WebKit::RemoteLayerTreeNode::setRelatedScrollContainerBehaviorAndIDs): Deleted.

UIProcess/RemoteLayerTree/ios/RemoteLayerTreeViews.mm:

(WebKit::isScrolledBy):
(WebKit::findActingScrollParent):

UIProcess/RemoteLayerTree/ios/RemoteScrollingCoordinatorProxyIOS.mm:

(WebKit::RemoteScrollingCoordinatorProxy::establishLayerTreeScrollingRelations):

9:03 PM Changeset in webkit [246961] by Fujii Hironori

3 edits in trunk/LayoutTests

Unreviewed, rolling out r246959.

svg/clip-path/clip-hidpi.svg is flaky on mac-wk2-ews

Reverted changeset:

"LayoutTests svg/clip-path/clip-hidpi.svg isn't working as
expected due to a syntax error"
https://bugs.webkit.org/show_bug.cgi?id=199313
https://trac.webkit.org/changeset/246959

7:32 PM Changeset in webkit [246960] by Fujii Hironori

4 edits in trunk/Source

[Win] Multiline mode of tooltip control does word-wrapping very slowly
https://bugs.webkit.org/show_bug.cgi?id=198989

Reviewed by Ross Kirsling.

Source/WebKit:

UIProcess/win/WebView.cpp:

(WebKit::truncatedString): Added.
(WebKit::WebView::setToolTip): Use truncatedString.

Source/WebKitLegacy/win:

WebView.cpp:

(truncatedString): Added.
(WebView::setToolTip): Use truncatedString.

7:30 PM Changeset in webkit [246959] by Fujii Hironori

3 edits in trunk/LayoutTests

LayoutTests svg/clip-path/clip-hidpi.svg isn't working as expected due to a syntax error
https://bugs.webkit.org/show_bug.cgi?id=199313

Reviewed by Carlos Garcia Campos.

svg/clip-path/clip-hidpi.svg: Fix the syntax error by replacing '->' with '=>'.

Call testRunner.waitUntilDone() before testRunner.notifyDone().

svg/clip-path/clip-hidpi-expected.svg: Call testRunner.setBackingScaleFactor().

6:21 PM Changeset in webkit [246958] by commit-queue@webkit.org

23 edits in trunk

Enhance support of aria-haspopup per ARIA 1.1 specification.
https://bugs.webkit.org/show_bug.cgi?id=199216
<rdar://problem/46221342>

Patch by Andres Gonzalez <Andres Gonzalez> on 2019-06-30
Reviewed by Chris Fleizach.

Source/WebCore:

Test button-with-aria-haspopup-role.html was expanded to cover testing
of new functionality.

accessibility/AccessibilityObject.cpp:

(WebCore::AccessibilityObject::popupValue const): replaces hasPopupValue.
(WebCore::AccessibilityObject::hasPopupValue const): Deleted.

accessibility/AccessibilityObject.h:
accessibility/AccessibilityRenderObject.cpp:

(WebCore::AccessibilityRenderObject::hasPopup const): method rename.

accessibility/atk/WebKitAccessible.cpp:

(webkitAccessibleGetAttributes): method rename.

accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:

(-[WebAccessibilityObjectWrapper accessibilityPopupValue]):

accessibility/mac/WebAccessibilityObjectWrapperMac.mm:

(-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]):

Tools:

DumpRenderTree/AccessibilityUIElement.cpp:

(getPopupValueCallback):
(AccessibilityUIElement::getJSClass):

DumpRenderTree/AccessibilityUIElement.h:
DumpRenderTree/mac/AccessibilityUIElementMac.mm:

(AccessibilityUIElement::popupValue const):

WebKitTestRunner/InjectedBundle/AccessibilityUIElement.h:
WebKitTestRunner/InjectedBundle/Bindings/AccessibilityUIElement.idl:
WebKitTestRunner/InjectedBundle/ios/AccessibilityUIElementIOS.mm:

(WTR::AccessibilityUIElement::popupValue const):

WebKitTestRunner/InjectedBundle/mac/AccessibilityUIElementMac.mm:

(WTR::AccessibilityUIElement::popupValue const):

LayoutTests:

accessibility/button-with-aria-haspopup-role-expected.txt:
accessibility/button-with-aria-haspopup-role.html:
accessibility/ios-simulator/button-with-aria-haspopup-role-expected.txt:
accessibility/ios-simulator/button-with-aria-haspopup-role.html:

3:16 PM Changeset in webkit [246957] by bshafiei@apple.com

7 edits in tags/Safari-608.1.32.2/Source

Versioning.

3:12 PM Changeset in webkit [246956] by bshafiei@apple.com

1 copy in tags/Safari-608.1.32.2

Tag Safari-608.1.32.2.

2:59 PM Changeset in webkit [246955] by Basuke Suzuki

8 edits in trunk/Source/WebKit

Pass WebProcess information to platformInitializeWebProcess().
https://bugs.webkit.org/show_bug.cgi?id=199345

Reviewed by Darin Adler.

Add const reference to WebProcessProxy for first argument of
WebProcessPool::platformInitializeWebProcess().

UIProcess/Cocoa/WebProcessPoolCocoa.mm:

(WebKit::WebProcessPool::platformInitializeWebProcess):

UIProcess/WebProcessPool.cpp:

(WebKit::WebProcessPool::initializeNewWebProcess):

UIProcess/WebProcessPool.h:
UIProcess/glib/WebProcessPoolGLib.cpp:

(WebKit::WebProcessPool::platformInitializeWebProcess):

UIProcess/win/WebProcessPoolWin.cpp:

(WebKit::WebProcessPool::platformInitializeWebProcess):

7:02 AM Changeset in webkit [246954] by Alan Bujtas

2 edits in trunk/Source/WebCore

[LFC] Implement Layout::printLayoutTreeForLiveDocuments
https://bugs.webkit.org/show_bug.cgi?id=199343
<rdar://problem/52393047>

Reviewed by Antti Koivisto.

layout/layouttree/LayoutTreeBuilder.cpp:

(WebCore::Layout::printLayoutTreeForLiveDocuments):

page/FrameViewLayoutContext.cpp:

(WebCore::layoutUsingFormattingContext):

Jun 29, 2019:

10:11 PM Changeset in webkit [246953] by Nikita Vasilyev

13 edits in trunk/Source/WebInspectorUI

Web Inspector: Remove trailing white-space
https://bugs.webkit.org/show_bug.cgi?id=199346

Reviewed by Matt Baker.

UserInterface/Controllers/NetworkManager.js:

(WI.NetworkManager.prototype._initiatorCallFramesFromPayload):

UserInterface/Images/Import.svg:
UserInterface/Views/CanvasOverviewContentView.css:

(.navigation-bar > .item.canvas-recording-auto-capture > label > input):

UserInterface/Views/DataGrid.css:

(.data-grid .resizer):

UserInterface/Views/DatabaseContentView.css:

(.storage-view):

UserInterface/Views/GoToLineDialog.css:

(@media (prefers-color-scheme: dark)):

UserInterface/Views/GradientSlider.css:

(.gradient-slider > .add-area):
(.gradient-slider-knob > :matches(img, div)):

UserInterface/Views/ResourceDetailsSection.css:
UserInterface/Views/ScrubberNavigationItem.css:

(.navigation-bar .item.scrubber > input[disabled]):

UserInterface/Views/SourceCodeTextEditor.css:

(.popover .expandable):

UserInterface/Views/TimelineRecordBar.css:

(.timeline-record-bar.timeline-record-type-script.garbage-collected > .segment,):

UserInterface/Workers/HeapSnapshot/HeapSnapshotWorker.js:

(HeapSnapshotWorker.prototype.createSnapshot):

8:20 PM Changeset in webkit [246952] by Nikita Vasilyev

2 edits in trunk/Source/WebInspectorUI

Remove duplicate "Private" section and fix white space

Unreviewed code style fix.

UserInterface/Views/SpreadsheetRulesStyleDetailsPanel.js:

(WI.SpreadsheetRulesStyleDetailsPanel.prototype.layout):

2:50 PM Changeset in webkit [246951] by Darin Adler

20 edits in trunk/Source

Streamline some string code, focusing on functions that were using substringSharingImpl
https://bugs.webkit.org/show_bug.cgi?id=198898

Reviewed by Daniel Bates.

Source/WebCore:

css/CSSComputedStyleDeclaration.cpp:

(WebCore::CSSComputedStyleDeclaration::CSSComputedStyleDeclaration): Take a StringView
instead of a String argument for the pseudo-element name. This prevents us from having
to use substringSharingImpl to strip off leading colons.
(WebCore::CSSComputedStyleDeclaration::create): Moved this function in here since it's
no longer being inlined.

css/CSSComputedStyleDeclaration.h: Moved the create function to no longer be inlined,

since it's better to have the constructor be inlined in the create function instead.
Changed the pseudo-element name argument to be a StringView rather than a String.
Also initialize m_refCount in the class definition.

css/CSSSelector.cpp:

(WebCore::CSSSelector::parsePseudoElementType): Take a StringView instead of a String.

css/CSSSelector.h: Updated for the above change.

css/SelectorPseudoTypeMap.h: Change both parse functions to take StringView. Before

one took a StringImpl and the other used const StringView&, which is not as good as
StringView.

css/makeSelectorPseudoClassAndCompatibilityElementMap.py: Use StringView, not

const StringView&.

css/makeSelectorPseudoElementsMap.py: Use StringView rather than StringImpl.

css/parser/CSSParserImpl.cpp:

(WebCore::CSSParserImpl::parsePageSelector): Use a StringView for the pseudo-element
name. It was already computed as a StringView, but the old code converted it to
an AtomicString.

css/parser/CSSParserSelector.cpp:

(WebCore::CSSParserSelector::parsePagePseudoSelector): Take a StringView, and
return a std::unique_ptr.
(WebCore::CSSParserSelector::parsePseudoElementSelector): Renamed to not mention
StringView in function name. Take a StringView, not a StringView&. Do the lowercasing
inside this function rather than having it be a caller responsibility. Don't convert
from a StringView to an AtomicString before starting to parse; only do it in the
"unknown/custom" case. Return a std::unique_ptr.
(WebCore::CSSParserSelector::parsePseudoClassSelector): Ditto.

css/parser/CSSParserSelector.h: Make the three parse functions all take a StringView

and all return a std::unique_ptr. They were already creating objects, but before
callers just had to know to adopt.

css/parser/CSSSelectorParser.cpp:

(WebCore::CSSSelectorParser::consumePseudo): Updated to use improved parse
functions above.

page/DOMWindow.cpp:

(WebCore::DOMWindow::getMatchedCSSRules const): Updated to use the new
parsePseudoElementType above and use StringView::substring instead of
String::substringSharingImpl.

platform/Length.cpp:

(WebCore::newCoordsArray): Local string that is "spacified" can't have any non-Latin-1
characters, so use LChar instead of UChar.

rendering/RenderText.cpp:

(WebCore::convertNoBreakSpaceToSpace): Renamed for clarity. Also use constexpr
instead of inline since this is a pure function.
(WebCore::capitalize): Tighten up logic a bit.

Source/WTF:

wtf/URLHelpers.cpp:

(WTF::URLHelpers::applyHostNameFunctionToURLString): Change code using
substringSharingImpl so it could call String::find to call StringView::contains
instead. Also rewrote lambdas to be simpler and likely more efficient.
Rewrote another case using substringSharingImpl so it could call String::find
to call StringView::find instead.

wtf/text/StringView.cpp:

(WTF::StringView::startsWith const): Added.

wtf/text/StringView.h: Tweaked style a bit, and added an overload of

StringView::contains that takes a CodeUnitMatchFunction and an overload
of startsWith that cakes a UChar.

2:01 PM Changeset in webkit [246950] by Simon Fraser

5 edits
2 adds in trunk

Remove a PLATFORM(IOS_FAMILY) related to repaint offsets in composited scrolling layers
https://bugs.webkit.org/show_bug.cgi?id=199342

Reviewed by Zalan Bujtas.

Source/WebCore:

Code in RenderObject::shouldApplyCompositedContainerScrollsForRepaint() adds VisibleRectContextOption::ApplyCompositedContainerScrolls
only for iOS, and RenderLayerBacking::setContentsNeedDisplayInRect() subtracts out scroll position for only iOS,
so remove this iOS-specific code.

Blame for this code mentions touch event regions, so I tested these but they use absoluteBoundingBoxRect()
which doesn't hit this code. Still, I added a layout test for touch regions inside scrolled overflow.

Existing tests exist for repaint inside scrolled overflow.

Test: fast/events/touch/ios/touch-event-regions/scrolled-overflow.html

rendering/RenderLayerBacking.cpp:

(WebCore::RenderLayerBacking::setContentsNeedDisplayInRect):

rendering/RenderObject.cpp:

(WebCore::RenderObject::shouldApplyCompositedContainerScrollsForRepaint): Deleted.
(WebCore::RenderObject::visibleRectContextForRepaint): Deleted.

rendering/RenderObject.h:

(WebCore::RenderObject::visibleRectContextForRepaint):

LayoutTests:

fast/events/touch/ios/touch-event-regions/scrolled-overflow-expected.txt: Added.
fast/events/touch/ios/touch-event-regions/scrolled-overflow.html: Added.

Jun 28, 2019:

10:09 PM Changeset in webkit [246949] by Brent Fulgham

3 edits in trunk/Source/WebKit

Revise WebContent sandbox based on seed feedback
https://bugs.webkit.org/show_bug.cgi?id=199339
<rdar://problem/49609201>

Reviewed by Alexey Proskuryakov.

Unblock syscall needed by CoreText.

Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:
WebProcess/com.apple.WebProcess.sb.in:

8:48 PM Changeset in webkit [246948] by timothy_horton@apple.com

8 edits in trunk/Source

iOS WebKit2 find-in-page indicator doesn't move with 'overflow: scroll'
https://bugs.webkit.org/show_bug.cgi?id=175032
<rdar://problem/29346482>

Reviewed by Wenson Hsieh.

Source/WebCore:

editing/FrameSelection.cpp:

(WebCore::FrameSelection::selectionBounds const):
(WebCore::FrameSelection::revealSelection):

editing/FrameSelection.h:

Make selectionBounds' clipToVisibleContent param an enum class.

page/TextIndicator.cpp:

(WebCore::initializeIndicator):
Save the un-clipped selection rect; otherwise we'll frequently save 0, 0
here when finding a match that is off-screen.

Source/WebKit:

WebProcess/WebPage/FindController.cpp:

(WebKit::FindController::drawRect):
(WebKit::FindController::didScrollAffectingFindIndicatorPosition):
Adopt the macOS code that notices that the find highlight doesn't match
its original position, but instead of hiding the highlight like we do on macOS,
update it. We do this asynchronously to avoid mutating the layer tree
in the middle of painting, which is not /truly/ unsafe, but definitely
non-ideal and causes fun flashes.

WebProcess/WebPage/FindController.h:
WebProcess/WebPage/ios/FindControllerIOS.mm:

(WebKit::FindController::updateFindIndicator):
Store m_findIndicatorRect when updating the indicator, just like we do on macOS.

4:35 PM Changeset in webkit [246947] by Ryan Haddad

2 edits in trunk/Source/WebKit

Unreviewed build fix attempt after r246928.

UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView _closeAllMediaPresentations]):

4:19 PM Changeset in webkit [246946] by Justin Michaud

8 edits
3 adds in trunk

Add b3 macro lowering for CheckMul on arm64
https://bugs.webkit.org/show_bug.cgi?id=199251

Reviewed by Robin Morisset.

JSTests:

microbenchmarks/check-mul-constant.js: Added.

(doTest):

microbenchmarks/check-mul-no-constant.js: Added.

(doTest):

microbenchmarks/check-mul-power-of-two.js: Added.

(doTest):

Source/JavaScriptCore:

Lower CheckMul for 32-bit arguments on arm64 into a mul and then an overflow check.
Add a new opcode to air on arm64 for smull (multiplySignExtend32).
Fuse sign extend 32 + mul into smull (taking two 32-bit arguments and producing 64 bits).
1.25x speedup on power of two microbenchmark, 1.15x speedup on normal constant microbenchmark, and no change on the no-constant benchmark.

Also, skip some of the b3 tests that were failing before this patch so that the new tests can run
to completion.

assembler/MacroAssemblerARM64.h:

(JSC::MacroAssemblerARM64::multiplySignExtend32):

assembler/testmasm.cpp:

(JSC::testMul32SignExtend):
(JSC::run):

b3/B3LowerMacros.cpp:
b3/B3LowerToAir.cpp:
b3/air/AirOpcode.opcodes:
b3/testb3.cpp:

(JSC::B3::testMulArgs32SignExtend):
(JSC::B3::testMulImm32SignExtend):
(JSC::B3::testMemoryFence):
(JSC::B3::testStoreFence):
(JSC::B3::testLoadFence):
(JSC::B3::testPinRegisters):
(JSC::B3::run):

3:50 PM Changeset in webkit [246945] by dino@apple.com

2 edits in trunk/Source/ThirdParty/libwebrtc

unable to build WebRTC for iOS Simulator
https://bugs.webkit.org/show_bug.cgi?id=199337
<rdar://problem/52020841>

Reviewed by Tim Horton.

Run the compiled yasm with DYLD_ROOT_PATH=/
in order to convince dyld that it can load
the simulator binary on macOS.

libwebrtc.xcodeproj/project.pbxproj:

3:48 PM Changeset in webkit [246944] by rmorisset@apple.com

2 edits in trunk/Tools

Adding myself as a reviewer in contributors.json.

3:27 PM Changeset in webkit [246943] by Alan Bujtas

3 edits
2 adds in trunk

[Text autosizing][iPadOS] bing.com is hard to read even with boosted text because of the line height
https://bugs.webkit.org/show_bug.cgi?id=199318
<rdar://problem/51826096>

Reviewed by Wenson Hsieh.

Source/WebCore:

Initial implementation of line height boosting on iPadOs. It enlarges line height in certain cases to improve readability when the text content feels too dense.
It kicks in only for relatively small text (12px) where it slightly (1.25x) changes the line height to widen the gap between lines.

css/StyleResolver.cpp:

(WebCore::StyleResolver::adjustRenderStyleForTextAutosizing):

LayoutTests:

fast/text-autosizing/ios/idempotentmode/line-height-boosting-expected.txt: Added.
fast/text-autosizing/ios/idempotentmode/line-height-boosting.html: Added.

3:24 PM Changeset in webkit [246942] by commit-queue@webkit.org

2 edits in trunk/Source/WebCore

Make getHostnamesWithCookies more robust
https://bugs.webkit.org/show_bug.cgi?id=199334
<rdar://problem/51860593>

Patch by Alex Christensen <achristensen@webkit.org> on 2019-06-28
Reviewed by Brent Fulgham.

Crash logs suggest either httpCookies is returning a nil cookie or a cookie without a domain.
This should not happen, but if it does we shouldn't crash.

platform/network/cocoa/NetworkStorageSessionCocoa.mm:

(WebCore::NetworkStorageSession::getHostnamesWithCookies):

3:21 PM Changeset in webkit [246941] by Chris Fleizach

5 edits in trunk/Source/WebCore

AX: Both convertToNSArray() functions in WebAccessibilityObjectWrapperBase.mm leak every NSMutableArray returned
https://bugs.webkit.org/show_bug.cgi?id=199306

Reviewed by David Kilzer.

Stop leaking every instance of convertToNSArray and return an autoreleased version.
Remove unneeded casts.

accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:

(-[WebAccessibilityObjectWrapper accessibilityFindMatchingObjects:]):

accessibility/mac/WebAccessibilityObjectWrapperBase.h:
accessibility/mac/WebAccessibilityObjectWrapperBase.mm:

(convertToNSArray):

accessibility/mac/WebAccessibilityObjectWrapperMac.mm:

(-[WebAccessibilityObjectWrapper childrenVectorArray]):
(-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]):
(-[WebAccessibilityObjectWrapper accessibilityAttributeValue:forParameter:]):

3:18 PM Changeset in webkit [246940] by Wenson Hsieh

2 edits in trunk/Source/WebCore

Followup to r246931
https://bugs.webkit.org/show_bug.cgi?id=199331

Reviewed by Tim Horton.

Extend the site-specific quirk added in r246931 to *.sharepoint.com, so that it fixes Word for enterprise
customers as well.

page/Quirks.cpp:

(WebCore::Quirks::shouldAvoidResizingWhenInputViewBoundsChange const):

2:53 PM Changeset in webkit [246939] by youenn@apple.com

5 edits in trunk/Source/WebKit

Protect NetworkProcess::m_swServers from bad session IDs
https://bugs.webkit.org/show_bug.cgi?id=199298
<rdar://problem/51859081>

Reviewed by Chris Dumez.

Protect NetworkProcess from receiving bad session IDs in service worker code path by checking for session ID validity whenever interacting with the map.
One of the check is done in WebProcess in which case, if the session ID is bad, the SW connection to NetworkProcess will not be made.
For bad session IDs, this will in that case trigger timing out of service worker operations.

For get/clear data, exit early in case of bad session ID.

Made some refactoring to remove swOriginStoreForSession method.
In the one call site where it is used, the store should already be created so we reuse existingSWOriginStoreForSession.

Added a bunch of additional ASSERTs.

NetworkProcess/NetworkProcess.cpp:

(WebKit::NetworkProcess::destroySession):
(WebKit::NetworkProcess::fetchWebsiteData):
(WebKit::NetworkProcess::deleteWebsiteData):
(WebKit::NetworkProcess::deleteWebsiteDataForRegistrableDomains):
(WebKit::NetworkProcess::registrableDomainsWithWebsiteData):
(WebKit::NetworkProcess::actualPrepareToSuspend):
(WebKit::NetworkProcess::swServerForSession):
(WebKit::NetworkProcess::existingSWOriginStoreForSession const):
(WebKit::NetworkProcess::registerSWServerConnection):

NetworkProcess/NetworkProcess.h:
WebProcess/Network/NetworkProcessConnection.cpp:

(WebKit::NetworkProcessConnection::initializeSWClientConnection):

WebProcess/Storage/WebSWClientConnection.cpp:

(WebKit::WebSWClientConnection::WebSWClientConnection):
(WebKit::WebSWClientConnection::initializeConnectionIfNeeded):
(WebKit::WebSWClientConnection::ensureConnectionAndSend):

2:39 PM Changeset in webkit [246938] by timothy@apple.com

31 edits in trunk/Source

Rename effectiveAppearanceIsInactive and useInactiveAppearance to better match UIUserInterfaceLevel.
https://bugs.webkit.org/show_bug.cgi?id=199336
rdar://problem/52348938

Reviewed by Tim Horton.

Source/WebCore:

css/StyleColor.h:
dom/Document.cpp:

(WebCore::Document::useElevatedUserInterfaceLevel const):
(WebCore::Document::styleColorOptions const):
(WebCore::Document::useInactiveAppearance const): Deleted.

dom/Document.h:
page/Page.cpp:

(WebCore::Page::effectiveAppearanceDidChange):

page/Page.h:

(WebCore::Page::useElevatedUserInterfaceLevel const):
(WebCore::Page::useInactiveAppearance const): Deleted.

platform/ios/LocalCurrentTraitCollection.h:

(WebCore::LocalCurrentTraitCollection::usingElevatedUserInterfaceLevel const):
(WebCore::LocalCurrentTraitCollection::usingBaseLevelAppearance const): Deleted.

platform/ios/LocalCurrentTraitCollection.mm:

(WebCore::LocalCurrentTraitCollection::LocalCurrentTraitCollection):

rendering/RenderThemeIOS.mm:

(WebCore::RenderThemeIOS::systemColor const):

testing/InternalSettings.cpp:

(WebCore::InternalSettings::setUseDarkAppearanceInternal):

Source/WebKit:

Shared/WebPageCreationParameters.cpp:

(WebKit::WebPageCreationParameters::encode const):
(WebKit::WebPageCreationParameters::decode):

Shared/WebPageCreationParameters.h:
UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView _effectiveUserInterfaceLevelIsElevated]):
(-[WKWebView _effectiveAppearanceIsInactive]): Deleted.

UIProcess/API/Cocoa/WKWebViewInternal.h:
UIProcess/Cocoa/WebViewImpl.h:
UIProcess/Cocoa/WebViewImpl.mm:

(WebKit::WebViewImpl::effectiveUserInterfaceLevelIsElevated):
(WebKit::WebViewImpl::effectiveAppearanceIsInactive): Deleted.

UIProcess/PageClient.h:

(WebKit::PageClient::effectiveUserInterfaceLevelIsElevated const):
(WebKit::PageClient::effectiveAppearanceIsInactive const): Deleted.

UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::creationParameters):
(WebKit::WebPageProxy::useElevatedUserInterfaceLevel const):
(WebKit::WebPageProxy::effectiveAppearanceDidChange):
(WebKit::WebPageProxy::useInactiveAppearance const): Deleted.

UIProcess/WebPageProxy.h:
UIProcess/ios/PageClientImplIOS.h:
UIProcess/ios/PageClientImplIOS.mm:

(WebKit::PageClientImpl::effectiveUserInterfaceLevelIsElevated const):
(WebKit::PageClientImpl::effectiveAppearanceIsInactive const): Deleted.

UIProcess/mac/PageClientImplMac.h:
UIProcess/mac/PageClientImplMac.mm:

(WebKit::PageClientImpl::effectiveUserInterfaceLevelIsElevated const):
(WebKit::PageClientImpl::effectiveAppearanceIsInactive const): Deleted.

WebProcess/InjectedBundle/API/c/WKBundlePage.cpp:

(WKBundlePageSetUseDarkAppearance):

WebProcess/WebPage/WebPage.cpp:

(WebKit::m_shrinkToFitContentTimer):
(WebKit::WebPage::effectiveAppearanceDidChange):

WebProcess/WebPage/WebPage.h:
WebProcess/WebPage/WebPage.messages.in:

Source/WebKitLegacy/mac:

WebView/WebView.mm:

(-[WebView _commonInitializationWithFrameName:groupName:]):
(-[WebView _setUseDarkAppearance:]):
(-[WebView _useElevatedUserInterfaceLevel]):
(-[WebView _setUseElevatedUserInterfaceLevel:]):
(-[WebView _setUseDarkAppearance:useInactiveAppearance:]):
(-[WebView _setUseDarkAppearance:useElevatedUserInterfaceLevel:]):
(-[WebView _effectiveUserInterfaceLevelIsElevated]):
(-[WebView viewDidChangeEffectiveAppearance]):
(-[WebView _useInactiveAppearance]): Deleted.
(-[WebView _setUseInactiveAppearance:]): Deleted.
(-[WebView _effectiveAppearanceIsInactive]): Deleted.

WebView/WebViewPrivate.h:

2:01 PM Changeset in webkit [246937] by Alan Coon

3 edits
2 adds in tags/Safari-608.1.32.1

Cherry-pick r246835. rdar://problem/51787961

[ContentChangeObserver] Dispatch synthetic mouse event asynchronously in completePendingSyntheticClickForContentChangeObserver
https://bugs.webkit.org/show_bug.cgi?id=199220
<rdar://problem/51787961>

Reviewed by Simon Fraser.

Source/WebKit:

WebPage::completePendingSyntheticClickForContentChangeObserver should not dispatch mouse events synchronously.
Mouse events, through style updates could destroy the element that initiated this change.
WebPage::handleSyntheticClick() already implements this pattern.

WebProcess/WebPage/ios/WebPageIOS.mm: (WebKit::WebPage::completePendingSyntheticClickForContentChangeObserver):

LayoutTests:

fast/events/touch/ios/content-observation/animation-end-with-visiblity-change-crash-expected.txt: Added.
fast/events/touch/ios/content-observation/animation-end-with-visiblity-change-crash.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@246835 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:01 PM Changeset in webkit [246936] by Alan Coon

3 edits in tags/Safari-608.1.32.1/Source/WebKit

Cherry-pick r246901. rdar://problem/52202948

Regression(r246526): StorageManager thread hangs
https://bugs.webkit.org/show_bug.cgi?id=199278
<rdar://problem/52202948>

Reviewed by Geoffrey Garen.

r246526 adds a lock m_localStorageNamespacesMutex to protect m_localStorageNamespaces, because
m_localStorageNamespaces is destroyed at main thread while accesses to m_localStorageNamespaces happen in the
background thread.
After r246526, getOrCreateLocalStorageNamespace acquires lock m_localStorageNamespacesMutex when
m_localStorageNamespacesMutex is already acquired in cloneSessionStorageNamespace, so the StorageManager thread
hangs.
To solve this issue, we can remove the lock in getOrCreateLocalStorageNamespace, or we can remove the
m_localStorageNamespacesMutex. waitUntilWritesFinished() before ~StorageManager() already guarantees nothing
will be running in the background thread, so it is unlikely we the access to m_localStorageNamespaces in the
background thread would collide with the destruction of m_localStorageNamespaces. Also, we don't need
didDestroyStorageArea as LocalStorageNamespace can hold the last reference of StorageArea after r245881.

NetworkProcess/WebStorage/StorageManager.cpp: (WebKit::StorageManager::StorageArea::StorageArea): (WebKit::StorageManager::StorageArea::~StorageArea): (WebKit::StorageManager::LocalStorageNamespace::LocalStorageNamespace): (WebKit::StorageManager::cloneSessionStorageNamespace): (WebKit::StorageManager::getLocalStorageOrigins): (WebKit::StorageManager::deleteLocalStorageEntriesForOrigin): (WebKit::StorageManager::deleteLocalStorageOriginsModifiedSince): (WebKit::StorageManager::deleteLocalStorageEntriesForOrigins): (WebKit::StorageManager::getOrCreateLocalStorageNamespace): (WebKit::StorageManager::LocalStorageNamespace::didDestroyStorageArea): Deleted.
NetworkProcess/WebStorage/StorageManager.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@246901 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:01 PM Changeset in webkit [246935] by Alan Coon

2 edits in tags/Safari-608.1.32.1/Source/WebKit

Cherry-pick r246859. rdar://problem/51554509

[iPadOS] Fix another crash in -[UIPreviewTarget initWithContainer:center:transform:] when generating a fallback targeted preview
https://bugs.webkit.org/show_bug.cgi?id=199243
<rdar://problem/51554509>

Reviewed by Tim Horton.

Additionally make createFallbackTargetedPreview robust in the case where the content view is unparented, and
rename _ensureTargetedPreview to _createTargetedPreviewIfPossible, to reflect the fact that it may now return
nil.

UIProcess/ios/WKContentViewInteraction.mm: (createTargetedPreview): (createFallbackTargetedPreview): (-[WKContentView _createTargetedPreviewIfPossible]): (-[WKContentView contextMenuInteraction:previewForHighlightingMenuWithConfiguration:]): (-[WKContentView contextMenuInteraction:previewForDismissingMenuWithConfiguration:]): (-[WKContentView _ensureTargetedPreview]): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@246859 268f45cc-cd09-0410-ab3c-d52691b4dbfc

1:23 PM Changeset in webkit [246934] by Simon Fraser

5 edits in trunk/Source/WebCore

REGRESSION (r239984): pages with custom scrollbars also show normal scrollbars
https://bugs.webkit.org/show_bug.cgi?id=199321
<rdar://problem/52308095>

Reviewed by Timothy Hatcher.

Revert the part of r239984 that made isCustomScrollbar() virtual, since theme().registerScrollbar()
calls it from the base class constructor.

I wasn't able to make a test that tests rendering of overlay scrollbars (webkit.org/b/199323).

platform/Scrollbar.cpp:

(WebCore::Scrollbar::Scrollbar):

platform/Scrollbar.h:

(WebCore::Scrollbar::isCustomScrollbar const):

rendering/RenderScrollbar.cpp:

(WebCore::RenderScrollbar::RenderScrollbar):

rendering/RenderScrollbar.h:

1:15 PM Changeset in webkit [246933] by jer.noble@apple.com

2 edits in trunk/Source/WebKit

Unreviewed maccatalyst build fix; add ENABLE(FULLSCREEN) checks around calls to fullScreenManager().

UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView _closeAllMediaPresentations]):

1:14 PM Changeset in webkit [246932] by timothy_horton@apple.com

7 edits in trunk/Source/WebKit

macCatalyst: Selected range sometimes wrong after autocorrection
https://bugs.webkit.org/show_bug.cgi?id=199299
<rdar://problem/49717224>

Reviewed by Wenson Hsieh.

UIProcess/Cocoa/TextCheckingController.h:
UIProcess/Cocoa/TextCheckingController.mm:

(WebKit::TextCheckingController::replaceRelativeToSelection):

UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView replaceSelectionOffset:length:withAnnotatedString:relativeReplacementRange:]):
Plumb the whole relative replacement range through to the Web Content process.

WebProcess/WebPage/Cocoa/TextCheckingControllerProxy.h:
WebProcess/WebPage/Cocoa/TextCheckingControllerProxy.messages.in:
WebProcess/WebPage/Cocoa/TextCheckingControllerProxy.mm:

(WebKit::TextCheckingControllerProxy::replaceRelativeToSelection):
Only replace the text of the substring that changed (the replacement range),
and fix up the selection offset math (it was really just wrong before).

1:12 PM Changeset in webkit [246931] by Wenson Hsieh

11 edits in trunk/Source

Need a way for SPI clients to know when to avoid resizing to accommodate for the input view bounds
https://bugs.webkit.org/show_bug.cgi?id=199331
<rdar://problem/52116170>

Reviewed by Tim Horton.

Source/WebCore:

Add a new quirk to avoid resizing the web view when input view bounds change.

page/Quirks.cpp:

(WebCore::Quirks::shouldAvoidResizingWhenInputViewBoundsChange const):

page/Quirks.h:

Source/WebKit:

Expose new SPI, such that clients may check whether to avoid resizing the web view when changing input view
bounds. In particular, resizing the web view in this case causes toolbar menus in Microsoft Word online to
dismiss immediately after opening them, due to resize events fired as a result of the input view dismissing.

Shared/FocusedElementInformation.cpp:

(WebKit::FocusedElementInformation::encode const):
(WebKit::FocusedElementInformation::decode):

Shared/FocusedElementInformation.h:

Add a new flag to FocusedElementInformation to indicate whether we should avoid resizing the web view when an
input view is presented.

UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView _shouldAvoidResizingWhenInputViewBoundsChange]):

UIProcess/API/Cocoa/WKWebViewPrivate.h:
UIProcess/ios/WKContentViewInteraction.h:
UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView _elementDidBlur]):

Reset the value of the flag.

(-[WKContentView _shouldAvoidResizingWhenInputViewBoundsChange]):

WebProcess/WebPage/ios/WebPageIOS.mm:

(WebKit::WebPage::getFocusedElementInformation):

1:00 PM Changeset in webkit [246930] by Alan Coon

7 edits in tags/Safari-608.1.32.1/Source

Versioning.

11:20 AM Changeset in webkit [246929] by Alan Coon

1 copy in tags/Safari-608.1.32.1

New tag.

10:39 AM Changeset in webkit [246928] by jer.noble@apple.com

10 edits
1 add in trunk

Add new -[WKWebView _closeAllMediaPresentations] SPI
https://bugs.webkit.org/show_bug.cgi?id=199294
<rdar://problem/51965958>

Reviewed by Alex Christensen.

Source/WebKit:

Add a new SPI that will close all out-of-window media presentations, including
picture-in-picture, video fullscreen, and element fullscreen.

Drive-by fixes:

+ -[WKApplicationStateTrackingView didMoveToWindow] incorrectly assumes that a WKWebView will

never be moved frome one window to another, and asserts.

+ -[WKFullScreenWindowController close] doesn't fire the correct 'webkitfullscreenchange' event

when called in the middle of animating into fullscreen.

UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView _closeAllMediaPresentations]):

UIProcess/API/Cocoa/WKWebViewPrivate.h:
UIProcess/Cocoa/VideoFullscreenManagerProxy.h:
UIProcess/Cocoa/VideoFullscreenManagerProxy.mm:

(WebKit::VideoFullscreenManagerProxy::forEachSession):

UIProcess/ios/WKApplicationStateTrackingView.mm:

(-[WKApplicationStateTrackingView didMoveToWindow]):

UIProcess/mac/WKFullScreenWindowController.h:
UIProcess/mac/WKFullScreenWindowController.mm:

(-[WKFullScreenWindowController exitFullScreenImmediately]):
(-[WKFullScreenWindowController close]):

Tools:

TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
TestWebKitAPI/Tests/WebKitCocoa/WKWebViewCloseAllMediaPresentations.mm: Added.

(TEST):

10:35 AM Changeset in webkit [246927] by sihui_liu@apple.com

3 edits
1 add in trunk/Tools

Add a regression test for change r246901
https://bugs.webkit.org/show_bug.cgi?id=199290

Reviewed by Geoffrey Garen.

TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
TestWebKitAPI/Tests/WebKitCocoa/LocalStoragePersistence.mm:

(-[LocalStorageNavigationDelegate webView:createWebViewWithConfiguration:forNavigationAction:windowFeatures:]):
(TEST):

TestWebKitAPI/Tests/WebKitCocoa/localstorage-open-window-private.html: Added.

10:12 AM Changeset in webkit [246926] by Antti Koivisto

5 edits in trunk/Source/WebKit

[iOS Scrolling] Propagate scrolls to non-nested UIScrollViews
https://bugs.webkit.org/show_bug.cgi?id=199222

Reviewed by Simon Fraser.

We may generate scrolling hierarchies where the scrolling ancestor of a layer is not
an ancestor in the layer tree. We handle this in most situations but there is still
a problem where a scroller fails to propage scroll to the ancestor when it reaches
the edge.

This patch hooks up a new SPI that allows us to tell UIKit about non-ancestor scrolling
relations and solve this problem.

UIProcess/RemoteLayerTree/ios/RemoteLayerTreeViews.h:
UIProcess/RemoteLayerTree/ios/RemoteLayerTreeViews.mm:

(WebKit::findActingScrollParent):

UIProcess/RemoteLayerTree/ios/ScrollingTreeScrollingNodeDelegateIOS.h:
UIProcess/RemoteLayerTree/ios/ScrollingTreeScrollingNodeDelegateIOS.mm:

(-[WKScrollingNodeScrollViewDelegate _actingParentScrollViewForScrollView:]):

Hook into UIKit SPI.

(WebKit::ScrollingTreeScrollingNodeDelegateIOS::findActingScrollParent):

9:00 AM Changeset in webkit [246925] by Konstantin Tokarev

28 edits
1 delete in trunk

Remove traces of ENABLE_ICONDATABASE remaining after its removal in 219733
https://bugs.webkit.org/show_bug.cgi?id=199317

Reviewed by Michael Catanzaro.

While IconDatabase and all code using it was removed,
ENABLE_ICONDATABASE still exists as build option and C++ macro.

Source/cmake/OptionsGTK.cmake:
Source/cmake/OptionsPlayStation.cmake:
Source/cmake/OptionsWin.cmake:
Source/cmake/WebKitFeatures.cmake:
Source/cmake/tools/vsprops/FeatureDefines.props:
Source/cmake/tools/vsprops/FeatureDefinesCairo.props:

PerformanceTests:

StitchMarker/wtf/FeatureDefines.h:

Source/JavaScriptCore:

Configurations/FeatureDefines.xcconfig:

Source/WebCore:

Configurations/FeatureDefines.xcconfig:
Resources/urlIcon.png: Removed file which was only used in

IconDatabase.cpp.

Source/WebCore/PAL:

Configurations/FeatureDefines.xcconfig:

Source/WebKit:

Configurations/FeatureDefines.xcconfig:
PlatformGTK.cmake: Remove reference to unused urlIcon.png file.

Source/WebKitLegacy/mac:

Configurations/FeatureDefines.xcconfig:
WebView/WebView.mm:

(-[WebView _cacheFrameLoadDelegateImplementations]): Use PLATFORM(MAC)
guard instead of ENABLE_ICONDATABASE, because ENABLE_ICONDATABASE was
enabled for macOS only.

Source/WTF:

wtf/FeatureDefines.h:

Tools:

Scripts/webkitperl/FeatureList.pm:
TestWebKitAPI/Configurations/FeatureDefines.xcconfig:
gtk/manifest.txt.in: Remove reference to unused urlIcon.png file.
wpe/manifest.txt.in: Remove reference to unused urlIcon.png file.

7:48 AM Changeset in webkit [246924] by Wenson Hsieh

9 edits in trunk

-[WKContentView _selectionClipRects] returns a bogus value in -reloadInputViews when focusing an element
https://bugs.webkit.org/show_bug.cgi?id=199310
<rdar://problem/52292137>

Reviewed by Megan Gardner.

Source/WebKit:

When reloading input views under -_elementDidFocus:, -_selectionClipRect returns the value of the previously
focused element; this is because _selectionClipRect depends on EditorState's post layout data, which is only
guaranteed to arrive during the next remote layer tree commit after the element is focused.

However, some clients need to inspect this value under the call to -reloadInputViews when an element is focused;
to make this work, simply check whether we are currently waiting for post-layout EditorState data to arrive
following element focus; if so, return the FocusedElementInformation's elementRect, which represents the initial
state of the focused element. Otherwise, use the EditorState's post layout data, which is guaranteed to be more
up-to-date than the FocusedElementInformation's element rect.

Test: KeyboardInputTests.SelectionClipRectsWhenPresentingInputView

UIProcess/WebPageProxy.h:

(WebKit::WebPageProxy::waitingForPostLayoutEditorStateUpdateAfterFocusingElement const):

UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView _selectionClipRect]):

Tools:

Add a new API test to verify that _selectionClipRects returns the correct value when invoked under the scope of
_elementDidFocus.

TestWebKitAPI/Tests/ios/KeyboardInputTestsIOS.mm:

(TestWebKitAPI::TEST):

TestWebKitAPI/Tests/ios/TestInputDelegate.h:
TestWebKitAPI/Tests/ios/TestInputDelegate.mm:

(-[TestInputDelegate setDidStartInputSessionHandler:]):
(-[TestInputDelegate didStartInputSessionHandler]):

Add plumbing for a handler block in TestInputDelegate.

(-[TestInputDelegate setWillStartInputSessionHandler:]):

Drive-by style fixes to add a space between id and < for Objective-C protocols.

(-[TestInputDelegate willStartInputSessionHandler]):
(-[TestInputDelegate _webView:willStartInputSession:]):
(-[TestInputDelegate _webView:didStartInputSession:]):

TestWebKitAPI/cocoa/TestWKWebView.h:
TestWebKitAPI/ios/UIKitSPI.h:

Add a declaration for _selectionClipRects.

12:46 AM Changeset in webkit [246923] by Carlos Garcia Campos

2 edits in trunk/Source/WebKit

[SOUP] WebSockets: runtime critical warning when closing the connection in some cases
https://bugs.webkit.org/show_bug.cgi?id=199265

Reviewed by Michael Catanzaro.

Ensure the connection is still open before calling soup_websocket_connection_close().

NetworkProcess/soup/WebSocketTaskSoup.cpp:

(WebKit::WebSocketTask::close):

12:38 AM Changeset in webkit [246922] by Fujii Hironori

2 edits in trunk/Source/WebCore

[Win] unresolved external symbol "JSC::JSObject::didBecomePrototype(void)" referenced in function "JSC::Structure::create(...)"
https://bugs.webkit.org/show_bug.cgi?id=199312

Reviewed by Keith Miller.

WinCairo port, clang-cl Release builds reported a following linkage error:

WebCore.lib(UnifiedSource-4babe430-10.cpp.obj) : error LNK2019: unresolved external symbol "public: void cdecl JSC::JSObject::didBecomePrototype(void)" (?didBecomePrototype@JSObject@JSC@@QEAAXXZ) referenced in function "public: static class JSC::Structure * cdecl JSC::Structure::create(class JSC::VM &,class JSC::JSGlobalObject *,class JSC::JSValue,class JSC::TypeInfo const &,struct JSC::ClassInfo const *,unsigned char,unsigned int)" (?create@Structure@JSC@@SAPEAV12@AEAVVM@2@PEAVJSGlobalObject@2@VJSValue@2@AEBVTypeInfo@2@PEBUClassInfo@2@EI@Z)

No new tests because there is no behavior change.

Modules/indexeddb/server/SQLiteIDBBackingStore.cpp: Include <JavaScriptCore/JSCInlines.h>,

and do not include headers which is included by it.

Note: See TracTimeline for information about the timeline view.

Download in other formats:

RSS Feed