Context Navigation

← Previous Period
Next Period →

Timeline

Sep 23, 2019:

11:59 PM Changeset in webkit [250288] by youenn@apple.com

9 edits
1 delete in trunk

Support sync-xhr feature policy
https://bugs.webkit.org/show_bug.cgi?id=202098

Reviewed by Alex Christensen.

LayoutTests/imported/w3c:

Update test to use hosts[alt][].

web-platform-tests/xhr/xmlhttprequest-sync-default-feature-policy.sub-expected.txt:
web-platform-tests/xhr/xmlhttprequest-sync-default-feature-policy.sub.html:

Source/WebCore:

Add support for sync-xhr feature policy parsing.
Use this feature policy to control use of sync XHR in documents
as per https://xhr.spec.whatwg.org/#the-send()-method step 12.

Covered by updated test.

html/FeaturePolicy.cpp:

(WebCore::FeaturePolicy::parse):
(WebCore::FeaturePolicy::allows const):

html/FeaturePolicy.h:
xml/XMLHttpRequest.cpp:

(WebCore::isSyncXHRAllowedByFeaturePolicy):
(WebCore::XMLHttpRequest::createRequest):

LayoutTests:

TestExpectations: enable test.
platform/mac-wk1/imported/w3c/web-platform-tests/xhr/xmlhttprequest-sync-default-feature-policy.sub-expected.txt: Deleted.

11:28 PM Changeset in webkit [250287] by Chris Dumez

58 edits in trunk/Source

Drop unnecessary SessionID.h header includes
https://bugs.webkit.org/show_bug.cgi?id=202129

Reviewed by Alex Christensen.

Source/WebCore:

Modules/fetch/FetchBodyConsumer.h:
Modules/indexeddb/IDBDatabaseIdentifier.h:
bindings/js/SerializedScriptValue.h:
dom/DataTransfer.h:
editing/WebCorePasteboardFileReader.h:
fileapi/FileReaderLoader.h:
fileapi/ThreadableBlobRegistry.h:
html/FileListCreator.h:
loader/CookieJar.h:
loader/EmptyFrameLoaderClient.h:
loader/FrameLoaderClient.h:
loader/LoaderStrategy.h:
page/CacheStorageProvider.h:
page/Frame.h:
page/PageGroup.h:
platform/mediastream/libwebrtc/LibWebRTCProvider.h:
platform/network/CacheValidation.h:
platform/network/FormData.h:
platform/network/NetworkStorageSession.cpp:
platform/network/StorageSessionProvider.h:
workers/WorkerGlobalScopeProxy.h:
workers/service/ServiceWorkerContainer.h:
workers/service/ServiceWorkerProvider.h:
workers/service/server/RegistrationDatabase.h:
workers/service/server/SWServer.h:
workers/service/server/SWServerToContextConnection.h:
worklets/WorkletGlobalScope.h:

Source/WebKit:

NetworkProcess/AdClickAttributionManager.h:
NetworkProcess/IndexedDB/WebIDBConnectionToClient.h:
NetworkProcess/NetworkLoadParameters.h:
NetworkProcess/RemoteNetworkingContext.h:
NetworkProcess/cache/CacheStorageEngine.cpp:
NetworkProcess/cache/CacheStorageEngine.h:
NetworkProcess/cache/NetworkCache.h:
NetworkProcess/webrtc/NetworkRTCProvider.h:
Shared/ApplePay/WebPaymentCoordinatorProxy.h:
Shared/Authentication/AuthenticationManager.h:
Shared/WebCoreArgumentCoders.cpp:
Shared/WebProcessCreationParameters.h:
UIProcess/API/APIPageConfiguration.h:
WebProcess/Cache/WebCacheStorageProvider.h:
WebProcess/Databases/WebDatabaseProvider.cpp:
WebProcess/InjectedBundle/InjectedBundle.cpp:
WebProcess/InjectedBundle/InjectedBundle.h:
WebProcess/Network/WebSocketChannel.h:
WebProcess/Storage/WebSWContextManagerConnection.cpp:
WebProcess/Storage/WebServiceWorkerProvider.cpp:
WebProcess/WebCoreSupport/WebFrameLoaderClient.h:
WebProcess/WebCoreSupport/WebPlatformStrategies.cpp:
WebProcess/WebCoreSupport/curl/WebFrameNetworkingContext.h:
WebProcess/WebCoreSupport/mac/WebFrameNetworkingContext.h:
WebProcess/WebCoreSupport/soup/WebFrameNetworkingContext.cpp:
WebProcess/WebCoreSupport/soup/WebFrameNetworkingContext.h:
WebProcess/WebPage/WebFrame.h:

11:16 PM Changeset in webkit [250286] by zandobersek@gmail.com

6 edits
1 delete in trunk

run-web-platform-tests: remove support for in-repository manifest, expectation management
https://bugs.webkit.org/show_bug.cgi?id=202037

Reviewed by Carlos Alberto Lopez Perez.

Remove the test expecations JSON and test manifest file that were used
for managing and generating the necessary wptrunner metadata.

WebPlatformTests/gtk/TestExpectations.json: Removed.
WebPlatformTests/gtk/TestManifest.ini: Removed.

Tools:

Instead of keeping wpt metadata inside the WebKit repository or have it
generated on-the-fly, provide additional option flags for the
run-web-platform-tests script that allows detailed specification of the
metadata, manifest and include manifest locations, if necessary.

If the metadata location is not provided, the wptrunner tool will simply
not rely on any metadata to adjust expected results. With no manifest
path specified, the manifest will be generated inside the wpt checkout.
If no include manifest is specified, all the tests will be initially
selected for running (until they're possibly filtered through additional
command line arguments).

Scripts/webkitpy/common/config/ports_mock.py:

(MockPort.run_bindings_tests_command):
(MockPort.wpt_metadata_directory): Deleted.
(MockPort.wpt_manifest_file): Deleted.

Scripts/webkitpy/port/base.py:

(Port.default_results_directory):
(Port.wpt_metadata_directory): Deleted.
(Port.wpt_manifest_file): Deleted.

Scripts/webkitpy/w3c/wpt_runner.py:

(parse_args):
(WPTRunner.prepare_wpt_checkout):
(WPTRunner.run):
(WPTRunner._generate_metadata_directory): Deleted.
(WPTRunner._wpt_run_paths): Deleted.

Scripts/webkitpy/w3c/wpt_runner_unittest.py:

(WPTRunnerTest.TestInstance.init):
(WPTRunnerTest.test_prepare_wpt_checkout_specified_path):
(WPTRunnerTest.test_run):
(WPTRunnerTest.test_run_with_specified_options):
(WPTRunnerTest.test_run_with_args):
(WPTRunnerTest.TestInstance.prepare_mock_files_for_run): Deleted.
(WPTRunnerTest.test_generate_metadata_directory): Deleted.

11:02 PM Changeset in webkit [250285] by mark.lam@apple.com

19 edits
4 adds in trunk/Source/JavaScriptCore

Introducing Integrity audit functions.
https://bugs.webkit.org/show_bug.cgi?id=202085

Reviewed by Saam Barati.

This patch's main goal is to introduce the Integrity audit functions. They can
be used wherever we want to audit a cell to probabilistically ensure it is not
corrupted. However, to keep this patch small, we will only introduce the audit
tool here with one example use in SlotVisitor. We'll follow up later with more
patches to deploy this tool throughout the VM.

Introduced Integrity audit functions that can be configured at several AuditLevels:

None - don't do any audits.
Minimal - do a minimal quick audit (minimize perf impact).
Full - do a full audit of the many aspects of a cell.
Random - randomly do a full audit with a probability dictated by

Options::randomIntegrityAuditRate() between 0.0 (never audit) and
1.0 (audit at every chance).

The default AuditLevel for Debug builds is Random.
The default AuditLevel for Release builds is None.
The default Options::randomIntegrityAuditRate() is 0.05.

How full audits work?
====================
The full audit uses the VMInspector::verifyCell() template function to do its
job. The reason for keeping this separate is to allow the template function
to be used later for debug checks that want to take some custom action on
verification failure instead of crashing with a RELEASE_ASSERT.

Full audit of a cell pointer includes:

Verify that a cell designated as a LargeAllocation is in the heap's set of LargeAllocations.

Verify that a cell not designated as a LargeAllocation is actually in its MarkedBlock's bounds.

Verify that the cell's container (LargeAllocation / MarkedBlock) actually belongs to the current VM.

Verify that a cell in a MarkedBlock is properly aligned on the block's allocation unit size.

If the cell is not an ImmutableButterfly, verify that it is not located in the Gigacage.

Verify that the cell's JSType matches its StructureBlob's JSType.

Verify that the cell size as dictated by the cell ClassInfo does not exceed the size of the allocation unit size (as expected by the container MarkedBlock or LargeAllocation).

Some cells are dynamically size (see isDynamicallySizedType()). For these
cells, we compute their sizes and verify that the size does not exceed the
allocation unit size. Their sizes should also be greater or equal to the
static cell size as dictated by their ClassInfo.

If a cell has a butterfly, verify that the butterfly is in its the JSValue Gigacage.

We can add more verifications later, or make some these more robust, but this
is a start for now.

How random audits work?
======================
Random audits are triggered by the m_triggerBits bits in VM::m_integrityRandom.
m_triggerBits is a 64-bit bitfield.

If Options::randomIntegrityAuditRate() is 0, m_triggerBits will always be 0,
and no audits will be done.

If Options::randomIntegrityAuditRate() is non-zero, m_triggerBits will be
initialized as follows:

| 1 reload bit | ... 63 trigger bits ... |

The reload bit is always set (more details below).
Each of the 63 trigger bits are randomly set depending if the following is true
for the bit:

VM::random() <= Options::randomIntegrityAuditRate() * UINT_MAX

When Integrity::auditCell() is called, we take the bottom bit as the trigger
bit for the current cell, and shifts the rest down by 1.

If m_triggerBits is non-null after the shift, the taken trigger bit will dictate
whether we do a full audit on the current cell or not.

Once the reload bit reaches the bottom, we call a reload function to
re-initialize m_triggerBits. The reload function also returns a bool
indicating whether to trigger a full audit of the current cell.

With this scheme, we only need to call the reload function once every 64 calls
to Integrity::auditCell(), and can efficiently determine whether to trigger
the audit the other 63 times with the probability specified in
Options::randomIntegrityAuditRate().

Embedded the C++ class size of JSCells into their ClassInfo. This is used in the full audits to verify cell sizes.

Added isDynamicallySizedType() to check if a JSType has a dynamic size allocation i.e. the size of instances of this type is not determined by the static C++ size of its class, but rather, depends on some runtime variable.

Made the VMInspector a friend of several classes so that it can access their private methods and fields.

Moved the inline function JSBigInt::allocationSize() from BigInt.cpp to its header file so that we can use it in VMInspector::verifyCellSize().

Gave the JSModuleNamespaceObject() its own JSType so that we can identify it as a dynamically sized object.

Increased the randomness of VM::random() (which is implemented with WeakRandom) by re-seeding it with a cryptographically random number each GC.

Called Integrity::auditCell() on SlotVisitor::appendJSCellOrAuxiliary()'s cell as an example use of auditCell(). More uses will be added in later patches to follow.

CMakeLists.txt:
JavaScriptCore.xcodeproj/project.pbxproj:
Sources.txt:
heap/Heap.cpp:

(JSC::Heap::runBeginPhase):

heap/SlotVisitor.cpp:

(JSC::SlotVisitor::appendJSCellOrAuxiliary):

runtime/ClassInfo.h:
runtime/DirectArguments.h:
runtime/JSBigInt.cpp:

(JSC::JSBigInt::allocationSize): Deleted.

runtime/JSBigInt.h:

(JSC::JSBigInt::allocationSize):

runtime/JSModuleNamespaceObject.h:
runtime/JSType.cpp:

(WTF::printInternal):

runtime/JSType.h:

(JSC::isDynamicallySizedType):

runtime/Options.cpp:

(JSC::recomputeDependentOptions):

runtime/OptionsList.h:
runtime/Structure.h:
runtime/VM.cpp:

(JSC::VM::VM):

runtime/VM.h:

(JSC::VM::random):
(JSC::VM::integrityRandom):

tools/Integrity.cpp: Added.

(JSC::Integrity::Random::Random):
(JSC::Integrity::Random::reloadAndCheckShouldAuditSlow):
(JSC::Integrity::auditCellFully):
(JSC::Integrity::auditCellMinimallySlow):

tools/Integrity.h: Added.

(JSC::Integrity::auditCell):

tools/IntegrityInlines.h: Added.

(JSC::Integrity::Random::shouldAudit):
(JSC::Integrity::auditCellMinimally):
(JSC::Integrity::auditCellRandomly):

tools/VMInspector.h:

(JSC::VMInspector::unusedVerifier):
(JSC::VMInspector::verifyCellSize):

tools/VMInspectorInlines.h: Added.

(JSC::VMInspector::verifyCellSize):
(JSC::VMInspector::verifyCell):

10:39 PM Changeset in webkit [250284] by aestes@apple.com

1 edit in branches/safari-608-branch/Source/WebCore/bindings/js/JSDOMConvertRecord.h

Unreviewed build fix after r250266.

bindings/js/JSDOMConvertRecord.h:

10:25 PM Changeset in webkit [250283] by commit-queue@webkit.org

11 edits in trunk

Fix WPT test html/browsers/offline/application-cache-api/api_swapcache_error.https.html
https://bugs.webkit.org/show_bug.cgi?id=202056
<rdar://problem/55523986>

Patch by Alex Christensen <achristensen@webkit.org> on 2019-09-23
Reviewed by Youenn Fablet.

LayoutTests/imported/w3c:

web-platform-tests/html/browsers/offline/application-cache-api/api_swapcache_error.https-expected.txt:

Source/WebCore:

The test makes sure we throw an exception when we are in an invalid state, which we should definitely do.

loader/appcache/ApplicationCache.cpp:

(WebCore::ApplicationCache::setGroup):
(WebCore::ApplicationCache::setManifestResource):

loader/appcache/ApplicationCache.h:

(WebCore::ApplicationCache::manifestResource const):
(WebCore::ApplicationCache::group const):

loader/appcache/ApplicationCacheGroup.h:
loader/appcache/ApplicationCacheHost.cpp:

(WebCore::ApplicationCacheHost::candidateApplicationCacheGroup const):
(WebCore::ApplicationCacheHost::failedLoadingMainResource):
(WebCore::ApplicationCacheHost::setCandidateApplicationCacheGroup):
(WebCore::ApplicationCacheHost::swapCache):

loader/appcache/ApplicationCacheHost.h:

(WebCore::ApplicationCacheHost::candidateApplicationCacheGroup const): Deleted.

loader/appcache/ApplicationCacheResource.h:

LayoutTests:

TestExpectations:

10:11 PM Changeset in webkit [250282] by aestes@apple.com

1 edit in branches/safari-608-branch/Source/WebKit/Platform/cocoa/PaymentAuthorizationPresenter.mm

Unreviewed build fix after r250267.

Platform/cocoa/PaymentAuthorizationPresenter.mm:

(WebKit::PaymentAuthorizationPresenter::completeShippingContactSelection):

9:37 PM Changeset in webkit [250281] by Chris Dumez

6 edits in trunk/Source

PlugInClient::didStartFromOrigin() does not need a sessionID
https://bugs.webkit.org/show_bug.cgi?id=202127

Reviewed by Geoffrey Garen.

Source/WebCore:

html/HTMLPlugInImageElement.cpp:

(WebCore::HTMLPlugInImageElement::userDidClickSnapshot):

page/PlugInClient.h:

Source/WebKit:

WebProcess/WebCoreSupport/WebPlugInClient.cpp:

(WebKit::WebPlugInClient::didStartFromOrigin):

WebProcess/WebCoreSupport/WebPlugInClient.h:

9:26 PM Changeset in webkit [250280] by Chris Dumez

3 edits in trunk/Source/WebKit

FrameSpecificStorageAccessIdentifier does not need a sessionID
https://bugs.webkit.org/show_bug.cgi?id=202093

Reviewed by Geoffrey Garen.

WebProcess/WebCoreSupport/WebFrameLoaderClient.h:
WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::requestStorageAccess):

8:54 PM Changeset in webkit [250279] by Fujii Hironori

2 edits in trunk/Tools

[Win][WebKitTestRunner] Implement EventSenderProxy::keyDown
https://bugs.webkit.org/show_bug.cgi?id=201913

Reviewed by Ross Kirsling.

Implemented eventSender.keyDown for Windows WebKitTestRunner based
on DumpRenderTree implementation.

There is a difference between them. Only WTR truns KF_UP and
KF_REPEAT flags on for WM_KEYUP event.
EventSenderProxy::dispatchMessage is used in WTR. It calls
TranslateMessage, this introduces the difference. If I didn't turn
those bits, TranslateMessage posts WM_CHAR even for WM_KEYUP.
According the spec, WM_KEYUP needs those bits.
<https://docs.microsoft.com/en-us/windows/win32/inputdev/wm-keyup>
DRT doesn't need the those bits becasuse it doesn't use
TranslateMessage for WM_KEYUP.

WebKitTestRunner/win/EventSenderProxyWin.cpp:

(WTR::makeKeyDataForScanCode): Added.
(WTR::pumpMessageQueue): Added.
(WTR::EventSenderProxy::keyDown): Implemented by using DRT code.

7:13 PM Changeset in webkit [250278] by commit-queue@webkit.org

8 edits
1 add in trunk/Source/JavaScriptCore

Unreviewed, rolling out r250262.
https://bugs.webkit.org/show_bug.cgi?id=202126

"Breaks Win64 builds because of MSVC bug" (Requested by mlam|a
on #webkit).

Reverted changeset:

"Reduce the amount of memory needed to store Options."
https://bugs.webkit.org/show_bug.cgi?id=202105
https://trac.webkit.org/changeset/250262

5:51 PM Changeset in webkit [250277] by Devin Rousso

3 edits in trunk/Source/WebInspectorUI

Web Inspector: Canvas: WebGPU compute shaders aren't syntax highlighted
https://bugs.webkit.org/show_bug.cgi?id=202030

Reviewed by Joseph Pecoraro.

UserInterface/Views/CodeMirrorAdditions.js:

CodeMirror.defineMIME expects a "spec" object, which can't just be another MIME type.
Instead, get the "spec" of the defined "x-shader/x-vertex" and "x-shader/x-fragment" modes
and use that when defining MIMEs for the WebGPU shader pipeline modes.

UserInterface/Views/ShaderProgramContentView.js:

(WI.ShaderProgramContentView):
Get the contextType off of the shader's canvas, which is where it actually lives.

5:46 PM Changeset in webkit [250276] by commit-queue@webkit.org

4 edits
2778 adds in trunk/LayoutTests

Import SVG web-platform-tests
https://bugs.webkit.org/show_bug.cgi?id=202017

Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2019-09-23
Reviewed by Tim Horton.

TestExpectations:
imported/w3c/resources/import-expectations.json:
imported/w3c/web-platform-tests/resources/SVGAnimationTestCase-testharness.js:
imported/w3c/web-platform-tests/svg: Added.
platform/ios-simulator/imported/w3c/web-platform-tests/svg: Added.
platform/mac/imported/w3c/web-platform-tests/svg: Added.
tests-options.json:

5:26 PM Changeset in webkit [250275] by Ross Kirsling

5 edits
1 add in trunk

Array methods should throw TypeError upon attempting to modify a string
https://bugs.webkit.org/show_bug.cgi?id=201910

Reviewed by Keith Miller.

JSTests:

stress/array-methods-should-not-modify-string.js: Added.

mozilla/js1_6/Array/regress-304828.js:

Fix test. Original copy was changed similarly seven years ago:
https://searchfox.org/mozilla-central/source/js/src/tests/non262/Array/regress-304828.js

stress/phantom-insertion-live-range-should-agree-with-arguments-forwarding.js:

Fix test. Object.__proto__ = []; Object.shift(); shouldn't be valid JS.

Source/JavaScriptCore:

We currently allow Array prototype methods to modify strings that they are called upon in certain cases.
(In particular, we're inconsistent about permitting writes to the length property.)

According to section 22.1.3 of the ES spec, this should result in a TypeError.
https://tc39.es/ecma262/#sec-properties-of-the-array-prototype-object
(Test262 cases are needed, but the key is that all such methods use Set(..., true) which throws on failure.)

runtime/ArrayPrototype.cpp:

(JSC::putLength):
(JSC::setLength):
Never update the length property of a non-JSArray without checking whether we're actually allowed to.

5:13 PM Changeset in webkit [250274] by Alan Coon

4 edits
4 adds in branches/safari-608-branch

Cherry-pick r250183. rdar://problem/55608006

[Pointer Events] touch-action set to pan-x or pan-y alone should disable scrolling altogether if the intial gesture is in the disallowed direction
https://bugs.webkit.org/show_bug.cgi?id=202053
<rdar://problem/54542190>

Reviewed by Tim Horton.

Source/WebKit:

Although the Pointer Events specification does not specify this clearly (see https://github.com/w3c/pointerevents/issues/303), setting "touch-action" to a value
that only allows scrolling a specific direction ("pan-x" or "pan-y") should disable scrolling in the specified direction if the panning gesture initially is directed
in the opposite direction. In practice, this means that setting "touch-action: pan-y" on an element should disable scrolling if the user initially pans horizontally,
even if later on in the gesture the user pans vertically. This allows for sites that want to offer a programmatic horizontal scroller to disable vertical scrolling
if the user pans horizontally.

In order to support this, we add four UISwipeGestureRecognizers, one for each direction, and we selectively allows touches to be recognizer for them based on the
"touch-action" value specified at the initial touch location for a given gesture. In the case of "touch-action: pan-y" we only allow the left and right swipe recognizers
to be enabled, and in the case of "touch-action: pan-x" we only allow the up and down swipe recognizers to be enabled. If any of those gesture recognizers is recognized,
scrolling will be disabled for the duration of this gesture. If a UIScrollView panning gesture recognizer is recognized prior to a swipe, they won't have a chance to be
recognized.

UIProcess/ios/WKContentViewInteraction.h:
UIProcess/ios/WKContentViewInteraction.mm: (-[WKContentView setupInteraction]): (-[WKContentView cleanupInteraction]): (-[WKContentView _removeDefaultGestureRecognizers]): (-[WKContentView _addDefaultGestureRecognizers]): (-[WKContentView gestureRecognizer:shouldReceiveTouch:]):

LayoutTests:

Add new tests checking that setting "touch-action: pan-y" on an element and initiating a horizontal panning gesture will disallow scrolling vertically
if a vertical scrolling gesture follows. We test both the case where scrolling would apply to the whole page and the case where scrolling would apply
to an "overflow: scroll" element.

pointerevents/ios/touch-action-pan-y-horizontal-gesture-prevents-vertical-scrolling-expected.txt: Added.
pointerevents/ios/touch-action-pan-y-horizontal-gesture-prevents-vertical-scrolling.html: Added.
pointerevents/ios/touch-action-pan-y-in-overflow-scroll-horizontal-gesture-prevents-vertical-scrolling-expected.txt: Added.
pointerevents/ios/touch-action-pan-y-in-overflow-scroll-horizontal-gesture-prevents-vertical-scrolling.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@250183 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5:13 PM Changeset in webkit [250273] by Alan Coon

5 edits
4 adds in branches/safari-608-branch

Cherry-pick r250182. rdar://problem/55608034

releasePointerCapture() not working for implicit capture; can't opt-in to pointerenter/leave for touches
https://bugs.webkit.org/show_bug.cgi?id=199803
<rdar://problem/53127223>

Reviewed by Dean Jackson.

Source/WebCore:

In order to dispatch boundary events (pointerover/out/enter/leave) when the implicit pointer capture is released on iOS,
we need to track the target of the pointer events that was dispatched last for a given pointer id. Then we compare that
target with the current target when dispatching a new pointer event and determine whether we should dispatch boundary
events using the exact same approach used to dispatch mouse boundary events in EventHandler::updateMouseEventTargetNode().

Tests: pointerevents/ios/boundary-events-through-hierarchy-without-pointer-capture.html

pointerevents/ios/boundary-events-without-pointer-capture.html

page/PointerCaptureController.cpp: (WebCore::hierarchyHasCapturingEventListeners): (WebCore::PointerCaptureController::dispatchEventForTouchAtIndex): (WebCore::PointerCaptureController::pointerEventWillBeDispatched): (WebCore::PointerCaptureController::ensureCapturingDataForPointerEvent): (WebCore::PointerCaptureController::cancelPointer):
page/PointerCaptureController.h:

LayoutTests:

Add new tests that check we correctly dispatch boundary events on iOS when pointer capture is disabled.

pointerevents/ios/boundary-events-through-hierarchy-without-pointer-capture-expected.txt: Added.
pointerevents/ios/boundary-events-through-hierarchy-without-pointer-capture.html: Added.
pointerevents/ios/boundary-events-without-pointer-capture-expected.txt: Added.
pointerevents/ios/boundary-events-without-pointer-capture.html: Added.
pointerevents/utils.js:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@250182 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5:13 PM Changeset in webkit [250272] by Alan Coon

5 edits in branches/safari-608-branch/Source/WebKit

Cherry-pick r250157. rdar://problem/55607994

Sanitize suggested filenames used for saving PDFs
https://bugs.webkit.org/show_bug.cgi?id=202034
<rdar://problem/53183075>

Reviewed by Chris Dumez.

UIProcess/WebPageProxy.cpp: (WebKit::WebPageProxy::didFinishLoadingDataForCustomContentProvider): (WebKit::WebPageProxy::saveDataToFileInDownloadsFolder): (WebKit::WebPageProxy::savePDFToFileInDownloadsFolder):
UIProcess/WebPageProxy.h:
UIProcess/ios/WebPageProxyIOS.mm: (WebKit::WebPageProxy::savePDFToTemporaryFolderAndOpenWithNativeApplicationRaw): Deleted.
UIProcess/mac/WebPageProxyMac.mm: (WebKit::WebPageProxy::savePDFToTemporaryFolderAndOpenWithNativeApplication): (WebKit::WebPageProxy::savePDFToTemporaryFolderAndOpenWithNativeApplicationRaw): Deleted. Sanitize suggested filenames to ensure that they comprise only one path component when concatenated with their destination directory.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@250157 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5:13 PM Changeset in webkit [250271] by Alan Coon

13 edits
1 add in branches/safari-608-branch

Cherry-pick r250116. rdar://problem/55608003

[JSC] DFG op_call_varargs should not assume that one-previous-local of freeReg is usable
https://bugs.webkit.org/show_bug.cgi?id=202014

Reviewed by Saam Barati.

JSTests:

stress/call-varargs-inlining-should-not-clobber-previous-to-free-register.js: Added. (v0):

Source/JavaScriptCore:

Let's look into the bytecode generated by the test.

[ 0] enter
[ 1] get_scope loc4
[ 3] mov loc5, loc4
[ 6] check_traps
[ 7] mov loc6, callee
[ 10] create_direct_arguments loc7
[ 12] to_this this
[ 15] mov loc8, loc7
[ 18] mov loc9, loc6
[ 21] mov loc12, Undefined(const0)
[ 24] get_by_id loc11, loc6, 0
[ 29] jneq_ptr loc11, ApplyFunction, 18(->47)
[ 34] mov loc11, loc6
[ 37] call_varargs loc11, loc11, this, loc8, loc13, 0
[ 45] jmp 17(->62)
[ 47] mov loc16, loc6
[ 50] mov loc15, this
[ 53] mov loc14, loc8
[ 56] call loc11, loc11, 3, 22
...

call_varargs uses loc13 as firstFreeReg (first usable bottom register in the current stack-frame to spread variadic arguments after this).
This is correct. And call_varargs uses |this| as this argument for the call_varargs. This |this| argument is not in a region starting from loc13.
And it is not in the previous place to loc13 (|this| is not loc12).

On the other hand, DFG::ByteCodeParser's inlining path is always assuming that the previous to firstFreeReg is usable and part of arguments.
But this is wrong. loc12 in the above bytecode is used for [ 56] call loc11, loc11, 3, 22's argument later, and this call assumes
that loc12 is not clobbered by call_varargs. But DFG and FTL clobbers it.

The test is recursively calling the same function, and we inline the same function one-level. And stack-overflow error happens when inlined
CallForwardVarargs (from op_call_varargs) is called. FTL recovers the frames, and at this point, outer function's loc12 is recovered to garbage since
LoadVarargs clobbers it. And we eventually use it and crash.

60:<!0:-> LoadVarargs(Check:Untyped:Kill:@30, MustGen, start = loc13, count = loc15, machineStart = loc7, machineCount = loc9, offset = 0, mandatoryMinimum = 0, limit = 2, R:World, W:Stack(-16),Stack(-14),Stack(-13),Heap, Exits, ClobbersExit, bc#37, ExitValid)

This LoadVarargs clobbers loc12, loc13, and loc15 while loc12 is used.

In all the tiers, op_call_varargs first allocates enough region to hold varargs including |this|. And we store |this| value to a correct place.
DFG should not assume that the previous register to firstFreeReg is used for |this|.

This patch fixes DFG::ByteCodeParser's stack region calculation for op_call_varargs inlining. And we rename maxNumArguments to maxArgumentCountIncludingThis to
represent that maxArgumentCountIncludingThis includes |this| count.

bytecode/CallLinkInfo.cpp: (JSC::CallLinkInfo::setMaxArgumentCountIncludingThis): (JSC::CallLinkInfo::setMaxNumArguments): Deleted.
bytecode/CallLinkInfo.h: (JSC::CallLinkInfo::addressOfMaxArgumentCountIncludingThis): (JSC::CallLinkInfo::maxArgumentCountIncludingThis): (JSC::CallLinkInfo::addressOfMaxNumArguments): Deleted. (JSC::CallLinkInfo::maxNumArguments): Deleted.
bytecode/CallLinkStatus.cpp: (JSC::CallLinkStatus::computeFor): (JSC::CallLinkStatus::dump const):
bytecode/CallLinkStatus.h: (JSC::CallLinkStatus::maxArgumentCountIncludingThis const): (JSC::CallLinkStatus::maxNumArguments const): Deleted.
dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::handleVarargsInlining):
dfg/DFGSpeculativeJIT32_64.cpp: (JSC::DFG::SpeculativeJIT::emitCall):
dfg/DFGSpeculativeJIT64.cpp: (JSC::DFG::SpeculativeJIT::emitCall):
ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::compileDirectCallOrConstruct):
jit/JITCall.cpp: (JSC::JIT::compileSetupFrame):
jit/JITCall32_64.cpp: (JSC::JIT::compileSetupFrame):
jit/JITOperations.cpp:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@250116 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5:13 PM Changeset in webkit [250270] by Alan Coon

2 edits in branches/safari-608-branch/Source/WebKit

Cherry-pick r250108. rdar://problem/55608024

macCatalyst apps crash under TextCheckingControllerProxy::replaceRelativeToSelection when spell checking
https://bugs.webkit.org/show_bug.cgi?id=202010
<rdar://problem/54974971>

Reviewed by Beth Dakin.

WebProcess/WebPage/Cocoa/TextCheckingControllerProxy.mm: (WebKit::TextCheckingControllerProxy::replaceRelativeToSelection): relativeReplacementRange is in the coordinate space of the document's text, not the replacement string. We need to adjust into replacement string coordinates before slicing the replacement, or we'll throw an exception trying to read past the end of the string, in the case where the replacement string is shorter than the replaced string (by more than 2 characters).

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@250108 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5:13 PM Changeset in webkit [250269] by Alan Coon

2 edits in branches/safari-608-branch/Source/WebKit

Cherry-pick r250069. rdar://problem/55524981

Eagerly create and add the m_layerHostingView to WKWebView.
https://bugs.webkit.org/show_bug.cgi?id=201942

Reviewed by Tim Horton.

Some apps will add subviews to WKWebView, and by the time we add our m_layerHostingView view we might be
adding it behind a view that should have been added behind our layer hosting view subview. This affected
the Spark email app, due to changes in order of loading delegate calls and when compositing is enabled.
Instead of delayed creation of m_layerHostingView, always create it and add it to to the WKWebView.
This ensures proper ordering of subviews when clients add a view behind all existing subviews.

UIProcess/Cocoa/WebViewImpl.mm: (WebKit::WebViewImpl::WebViewImpl): Create and add m_layerHostingView here. (WebKit::WebViewImpl::setAcceleratedCompositingRootLayer): Remove creation and removal of m_layerHostingView. Just set the sublayers of m_layerHostingView's layer here.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@250069 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5:13 PM Changeset in webkit [250268] by Alan Coon

3 edits in branches/safari-608-branch/Source/WebKitLegacy/mac

Cherry-pick r250066. rdar://problem/55608013

Add -suspend and -resumeAllMediaPlayback to WebView
https://bugs.webkit.org/show_bug.cgi?id=201951

Reviewed by Eric Carlson.

WebView/WebView.mm: (-[WebView suspendAllMediaPlayback]): (-[WebView resumeAllMediaPlayback]):
WebView/WebViewPrivate.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@250066 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4:50 PM Changeset in webkit [250267] by Alan Coon

21 edits
3 copies
1 add in branches/safari-608-branch/Source

Apply patch. rdar://problem/55608031

Clean up handling of summary items and payment method updates https://bugs.webkit.org/show_bug.cgi?id=202018 <rdar://problem/55470632>

Reviewed by Tim Horton.

Source/WebCore:

Replaced the PaymentMethodUpdate struct with a class that knows how to convert from
ApplePayPaymentMethodUpdate structs to PKPaymentRequestPaymentMethodUpdate instances.

Moved some scattered-around free functions for converting payment summary items into
PaymentSummaryItems{.h,Cocoa.mm}.

Modules/applepay/ApplePayPaymentMethodUpdate.h:
Modules/applepay/ApplePaySession.cpp: (WebCore::finishConverting): (WebCore::convertAndValidateTotal): (WebCore::convertAndValidate):
Modules/applepay/ApplePaySessionPaymentRequest.h:
Modules/applepay/PaymentCoordinator.h:
Modules/applepay/PaymentCoordinatorClient.h:
Modules/applepay/PaymentHeaders.h:
Modules/applepay/PaymentMethodUpdate.h: Added.
Modules/applepay/PaymentSummaryItems.h: Added.
Modules/applepay/cocoa/PaymentMethodUpdateCocoa.mm: Added. (WebCore::PaymentMethodUpdate::PaymentMethodUpdate): (WebCore::PaymentMethodUpdate::totalAndLineItems const): (WebCore::PaymentMethodUpdate::platformUpdate const):
Modules/applepay/cocoa/PaymentSummaryItemsCocoa.mm: Added. (WebCore::toDecimalNumber): (WebCore::toPKPaymentSummaryItemType): (WebCore::toPKPaymentSummaryItem): (WebCore::platformSummaryItems):
Modules/applepay/paymentrequest/ApplePayPaymentHandler.cpp: (WebCore::ApplePayPaymentHandler::paymentMethodUpdated):
SourcesCocoa.txt:
WebCore.xcodeproj/project.pbxproj:
testing/MockPaymentCoordinator.cpp: (WebCore::MockPaymentCoordinator::completePaymentMethodSelection):

Source/WebKit:

Now that PaymentMethodUpdate knows how to convert itself to a
PKPaymentRequestPaymentMethodUpdate, PaymentAuthorizationPresenter can merely pass the
converted update directly to the platform delegate rather than passing the individual
components and relying on the delegate to instantiate the platform update itself. Added
FIXMEs for applying a similar treatment to ShippingContactUpdate and ShippingMethodUpdate.

Platform/cocoa/PaymentAuthorizationPresenter.h:
Platform/cocoa/PaymentAuthorizationPresenter.mm: (WebKit::PaymentAuthorizationPresenter::completePaymentMethodSelection): (WebKit::PaymentAuthorizationPresenter::completeShippingContactSelection): (WebKit::PaymentAuthorizationPresenter::completeShippingMethodSelection):
Platform/cocoa/WKPaymentAuthorizationDelegate.h:
Platform/cocoa/WKPaymentAuthorizationDelegate.mm: (-[WKPaymentAuthorizationDelegate completePaymentMethodSelection:]): (-[WKPaymentAuthorizationDelegate completeShippingContactSelection:]): (-[WKPaymentAuthorizationDelegate completeShippingMethodSelection:]): (-[WKPaymentAuthorizationDelegate _didSelectPaymentMethod:completion:]): (-[WKPaymentAuthorizationDelegate _didSelectShippingContact:completion:]): (-[WKPaymentAuthorizationDelegate _didSelectShippingMethod:completion:]): (-[WKPaymentAuthorizationDelegate completeShippingContactSelection:summaryItems:shippingMethods:errors:]): Deleted.
Shared/ApplePay/WebPaymentCoordinatorProxy.h:
Shared/ApplePay/cocoa/WebPaymentCoordinatorProxyCocoa.h:
Shared/ApplePay/cocoa/WebPaymentCoordinatorProxyCocoa.mm: (WebKit::WebPaymentCoordinatorProxy::platformPaymentRequest): (WebKit::toPKPaymentSummaryItemType): Deleted. (WebKit::toPKPaymentSummaryItem): Deleted. (WebKit::toPKPaymentSummaryItems): Deleted.
Shared/Cocoa/WebCoreArgumentCodersCocoa.mm: (IPC::ArgumentCoder<WebCore::PaymentMethodUpdate>::encode): (IPC::ArgumentCoder<WebCore::PaymentMethodUpdate>::decode):

4:50 PM Changeset in webkit [250266] by Alan Coon

33 edits
7 copies
2 adds in branches/safari-608-branch

Apply patch. rdar://problem/55608028

Tell websites why a session was cancelled https://bugs.webkit.org/show_bug.cgi?id=201912 Source/WebCore:

Reviewed by Brady Eidson.

Added ApplePayCancelEvent as the interface for ApplePaySession's cancel event. This event
object includes a sessionError attribute that exposes a Web-safe version of the PassKit
domain error we received from PKPaymentAuthorization(View)Controller. Currently, we report
all errors with code "unknown", but more codes will be added in future patches.

Test: http/tests/ssl/applepay/ApplePayCancelEvent.https.html

DerivedSources-input.xcfilelist:
DerivedSources-output.xcfilelist:
DerivedSources.make:
Modules/applepay/ApplePayCancelEvent.cpp: Copied from Source/WebCore/Modules/applepay/PaymentHeaders.h. (WebCore::ApplePayCancelEvent::ApplePayCancelEvent): (WebCore::ApplePayCancelEvent::sessionError const): (WebCore::ApplePayCancelEvent::eventInterface const):
Modules/applepay/ApplePayCancelEvent.h: Copied from Source/WebCore/Modules/applepay/PaymentHeaders.h. (WebCore::ApplePayCancelEvent::create):
Modules/applepay/ApplePayCancelEvent.idl: Copied from Source/WebCore/Modules/applepay/PaymentHeaders.h.
Modules/applepay/ApplePaySession.cpp: (WebCore::ApplePaySession::didCancelPaymentSession):
Modules/applepay/ApplePaySession.h:
Modules/applepay/ApplePaySessionError.h: Copied from Source/WebCore/Modules/applepay/PaymentHeaders.h.
Modules/applepay/ApplePaySessionError.idl: Copied from Source/WebCore/Modules/applepay/PaymentHeaders.h.
Modules/applepay/PaymentCoordinator.cpp: (WebCore::PaymentCoordinator::didCancelPaymentSession):
Modules/applepay/PaymentCoordinator.h:
Modules/applepay/PaymentHeaders.h:
Modules/applepay/PaymentSession.cpp:
Modules/applepay/PaymentSession.h:
Modules/applepay/PaymentSessionError.h: Copied from Source/WebCore/Modules/applepay/PaymentHeaders.h.
Modules/applepay/cocoa/PaymentSessionErrorCocoa.mm: Copied from Source/WebCore/Modules/applepay/PaymentSession.h. (WebCore::additionalError): (WebCore::PaymentSessionError::PaymentSessionError): (WebCore::PaymentSessionError::sessionError const): (WebCore::PaymentSessionError::platformError const): (WebCore::PaymentSessionError::unknownError const):
Modules/applepay/paymentrequest/ApplePayPaymentHandler.cpp: (WebCore::ApplePayPaymentHandler::didCancelPaymentSession):
Modules/applepay/paymentrequest/ApplePayPaymentHandler.h:
Modules/webgpu/WHLSL/WHLSLCheckTextureReferences.cpp:
Modules/webgpu/WHLSL/WHLSLPropertyResolver.cpp:
SourcesCocoa.txt:
WebCore.xcodeproj/project.pbxproj:
dom/EventNames.in:
testing/MockPaymentCoordinator.cpp: (WebCore::MockPaymentCoordinator::cancelPayment):

Source/WebCore/PAL:

<rdar://problem/55469706>

Reviewed by Brady Eidson.

Soft-linked PKPassKitErrorDomain and included PassKit headers more judiciously.

pal/cocoa/PassKitSoftLink.h:
pal/cocoa/PassKitSoftLink.mm:
pal/spi/cocoa/PassKitSPI.h:

Source/WebKit:

<rdar://problem/55469706>

Reviewed by Brady Eidson.

Remembered the error passed to -[WKPaymentAuthorizationDelegate _willFinishWithError:] and
sent it to the WebContent process in Messages::WebPaymentCoordinator::DidCancelPaymentSession.

Platform/cocoa/PaymentAuthorizationPresenter.h:
Platform/cocoa/WKPaymentAuthorizationDelegate.mm: (-[WKPaymentAuthorizationDelegate _didFinish]): (-[WKPaymentAuthorizationDelegate _willFinishWithError:]):
Shared/ApplePay/WebPaymentCoordinatorProxy.cpp: (WebKit::WebPaymentCoordinatorProxy::didCancelPaymentSession): (WebKit::WebPaymentCoordinatorProxy::presenterDidFinish):
Shared/ApplePay/WebPaymentCoordinatorProxy.h: (WebKit::WebPaymentCoordinatorProxy::didCancelPaymentSession):
Shared/ApplePay/ios/WebPaymentCoordinatorProxyIOS.mm:
Shared/Cocoa/WebCoreArgumentCodersCocoa.mm: (IPC::ArgumentCoder<WebCore::PaymentSessionError>::encode): (IPC::ArgumentCoder<WebCore::PaymentSessionError>::decode):
Shared/WebCoreArgumentCoders.h:
WebProcess/ApplePay/WebPaymentCoordinator.cpp: (WebKit::WebPaymentCoordinator::networkProcessConnectionClosed): (WebKit::WebPaymentCoordinator::didCancelPaymentSession):
WebProcess/ApplePay/WebPaymentCoordinator.h:
WebProcess/ApplePay/WebPaymentCoordinator.messages.in:

LayoutTests:

Reviewed by Brady Eidson.

http/tests/ssl/applepay/ApplePayCancelEvent.https-expected.txt: Added.
http/tests/ssl/applepay/ApplePayCancelEvent.https.html: Added.

4:49 PM Changeset in webkit [250265] by Alan Coon

2 edits in branches/safari-608-branch/Source/WebCore

Cherry-pick r250026. rdar://problem/55608017

[Cocoa] Add a WKA extension point
https://bugs.webkit.org/show_bug.cgi?id=201801
<rdar://problem/55372507>

Reviewed by Alexey Proskuryakov.

Modules/applepay/ApplePayRequestBase.cpp: (WebCore::requiresSupportedNetworks): (WebCore::convertAndValidate):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@250026 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4:33 PM Changeset in webkit [250264] by mark.lam@apple.com

3 edits
1 add in trunk

Lazy JSGlobalObject property materialization should not use putDirectWithoutTransition.
https://bugs.webkit.org/show_bug.cgi?id=202122
<rdar://problem/55535249>

Reviewed by Yusuke Suzuki.

JSTests:

stress/lazy-global-object-property-materialization-should-not-putDirectWithoutTransition.js: Added.

Source/JavaScriptCore:

runtime/JSGlobalObject.cpp:

(JSC::JSGlobalObject::init):

4:00 PM Changeset in webkit [250263] by graouts@webkit.org

45 edits
21 adds
1 delete in trunk/LayoutTests

[Web Animations] Update WPT tests
https://bugs.webkit.org/show_bug.cgi?id=202110

Reviewed by Dean Jackson.

LayoutTests/imported/w3c:

web-platform-tests/web-animations/README.md:
web-platform-tests/web-animations/animation-model/animation-types/accumulation-per-property-expected.txt:
web-platform-tests/web-animations/animation-model/animation-types/addition-per-property-expected.txt:
web-platform-tests/web-animations/animation-model/animation-types/interpolation-per-property-expected.txt:
web-platform-tests/web-animations/animation-model/animation-types/property-list.js:
web-platform-tests/web-animations/animation-model/animation-types/property-types.js:
web-platform-tests/web-animations/animation-model/combining-effects/effect-composition-expected.txt:
web-platform-tests/web-animations/animation-model/combining-effects/effect-composition.html:
web-platform-tests/web-animations/animation-model/keyframe-effects/computed-keyframes-shorthands-expected.txt: Added.
web-platform-tests/web-animations/animation-model/keyframe-effects/computed-keyframes-shorthands.html: Added.
web-platform-tests/web-animations/animation-model/keyframe-effects/effect-value-context-filling-expected.txt: Added.
web-platform-tests/web-animations/animation-model/keyframe-effects/effect-value-context-filling.html: Added.
web-platform-tests/web-animations/animation-model/keyframe-effects/effect-value-iteration-composite-operation.html:
web-platform-tests/web-animations/animation-model/keyframe-effects/effect-value-replaced-animations-expected.txt: Added.
web-platform-tests/web-animations/animation-model/keyframe-effects/effect-value-replaced-animations.html: Added.
web-platform-tests/web-animations/animation-model/keyframe-effects/effect-value-transformed-distance-expected.txt:
web-platform-tests/web-animations/animation-model/keyframe-effects/effect-value-transformed-distance.html:
web-platform-tests/web-animations/interfaces/Animatable/animate-expected.txt:
web-platform-tests/web-animations/interfaces/Animatable/animate.html:
web-platform-tests/web-animations/interfaces/Animatable/getAnimations-expected.txt:
web-platform-tests/web-animations/interfaces/Animatable/getAnimations.html:
web-platform-tests/web-animations/interfaces/Animation/commitStyles-expected.txt: Added.
web-platform-tests/web-animations/interfaces/Animation/commitStyles.html: Added.
web-platform-tests/web-animations/interfaces/Animation/persist-expected.txt: Added.
web-platform-tests/web-animations/interfaces/Animation/persist.html: Added.
web-platform-tests/web-animations/interfaces/Animation/style-change-events-expected.txt: Added.
web-platform-tests/web-animations/interfaces/Animation/style-change-events.html: Added.
web-platform-tests/web-animations/interfaces/AnimationEffect/updateTiming-expected.txt:
web-platform-tests/web-animations/interfaces/Document/getAnimations-expected.txt:
web-platform-tests/web-animations/interfaces/Document/getAnimations.html:
web-platform-tests/web-animations/interfaces/DocumentTimeline/constructor.html:
web-platform-tests/web-animations/interfaces/DocumentTimeline/style-change-events-expected.txt: Added.
web-platform-tests/web-animations/interfaces/DocumentTimeline/style-change-events.html: Added.
web-platform-tests/web-animations/interfaces/KeyframeEffect/constructor-expected.txt:
web-platform-tests/web-animations/interfaces/KeyframeEffect/getKeyframes-expected.txt: Added.
web-platform-tests/web-animations/interfaces/KeyframeEffect/getKeyframes.html: Added.
web-platform-tests/web-animations/interfaces/KeyframeEffect/setKeyframes-expected.txt:
web-platform-tests/web-animations/interfaces/KeyframeEffect/style-change-events-expected.txt: Added.
web-platform-tests/web-animations/interfaces/KeyframeEffect/style-change-events.html: Added.
web-platform-tests/web-animations/interfaces/KeyframeEffect/target-expected.txt:
web-platform-tests/web-animations/interfaces/KeyframeEffect/target.html:
web-platform-tests/web-animations/resources/easing-tests.js:
web-platform-tests/web-animations/resources/keyframe-tests.js:
web-platform-tests/web-animations/resources/timing-override.js: Added.
web-platform-tests/web-animations/testcommon.js:
web-platform-tests/web-animations/timing-model/animations/canceling-an-animation-expected.txt:
web-platform-tests/web-animations/timing-model/animations/canceling-an-animation.html:
web-platform-tests/web-animations/timing-model/animations/finishing-an-animation.html:
web-platform-tests/web-animations/timing-model/animations/pausing-an-animation.html:
web-platform-tests/web-animations/timing-model/animations/setting-the-start-time-of-an-animation.html:
web-platform-tests/web-animations/timing-model/animations/the-current-time-of-an-animation.html:
web-platform-tests/web-animations/timing-model/animations/updating-the-finished-state.html:
web-platform-tests/web-animations/timing-model/time-transformations/transformed-progress-expected.txt:
web-platform-tests/web-animations/timing-model/time-transformations/transformed-progress.html:
web-platform-tests/web-animations/timing-model/timelines/document-timelines-expected.txt:
web-platform-tests/web-animations/timing-model/timelines/document-timelines.html:
web-platform-tests/web-animations/timing-model/timelines/update-and-send-events-expected.txt:
web-platform-tests/web-animations/timing-model/timelines/update-and-send-events-replacement-expected.txt: Added.
web-platform-tests/web-animations/timing-model/timelines/update-and-send-events-replacement.html: Added.
web-platform-tests/web-animations/timing-model/timelines/update-and-send-events.html:

LayoutTests:

TestExpectations:
platform/ios/imported/w3c/web-platform-tests/web-animations/animation-model/animation-types/accumulation-per-property-expected.txt:
platform/ios/imported/w3c/web-platform-tests/web-animations/animation-model/animation-types/addition-per-property-expected.txt:
platform/ios/imported/w3c/web-platform-tests/web-animations/animation-model/animation-types/interpolation-per-property-expected.txt:
platform/mac/imported/w3c/web-platform-tests/web-animations/animation-model/animation-types/accumulation-per-property-expected.txt: Removed.
platform/mac/imported/w3c/web-platform-tests/web-animations/animation-model/animation-types/addition-per-property-expected.txt: Removed.
platform/mac/imported/w3c/web-platform-tests/web-animations/animation-model/animation-types/interpolation-per-property-expected.txt: Removed.

3:56 PM Changeset in webkit [250262] by mark.lam@apple.com

8 edits
1 delete in trunk/Source/JavaScriptCore

Reduce the amount of memory needed to store Options.
https://bugs.webkit.org/show_bug.cgi?id=202105

Reviewed by Yusuke Suzuki.

The size of the JSC::Config needed to store the Options is now reduced to 4K
instead of 16K, enabled by constexpr template magic.

Instead of all options in a large array of OptionEntry (which is a union of all the option types), we now have separate arrays for each of the types of options. For example,

Removed g_jscConfig.options[].
Added g_jscConfig.typeBoolOptions[].
Added g_jscConfig.typeInt32Options[].
Added g_jscConfig.typeDoubleOptions[].
...

We used to find the storage for the option using g_jscConfig.options[Options::ID].
We now find the storage for each type of option using
g_jscConfig.options[optionTypeSpecificIndex<OptionTypeID, OptionID>()]. For
example, Options::useJIT() used to be implemented as:

inline bool& Options::useJIT()
{

return g_jscConfig.options[Options::useJITID];

}

... which is now replaced with:

inline bool& Options::useJIT()
{

return g_jscConfig.typeBoolOptions[optionTypeSpecificIndex<OptionTypeID::Bool, OptionID::useJIT>()];

}

Introduce the optionTypeSpecificIndex() constexpr template function for computing the index of each option in their respective type specific options array.

Introduce OptionTypes, OptionTypeID, and OptionID.

The OptionTypes namespace replaces OptionEntry as the container of option types.
The OptionID enum class replaces Options::ID.
The OptionTypeID enum class is new and is used together with OptionID in

constexpr templates to compute the typeSpecificIndex of options.

Removed the OptionEntry struct and OptionEntry.h. After (1), this struct is only used in the Option class. We just moved the union of option types (that OptionEntry embeds) into the Option class.

Moved class OptionRange into OptionsList.h.

Removed the large OptionEntry arrays from JSC::Config. Added type specific options arrays. Also ordered these arrays to maximize compactness and minimize internal fragmentation.

Changed scaleJITPolicy() to go directly to g_jscConfig.typeInt32Options[] instead of going through the Option wrapper object. This allows us to simplify things and make the Option class a read only interface of options.

Changed Options::initialize() to only compute the option default value once. The default value specified in the OptionsList may not always be a constant. Sometimes, it is a function call.

The Option class now only gives read only access to the options.

The Option class' role is to provide an interface for reading an option at any
given OptionID without first knowing about the type of the specific option.
It is useful for iterating options, and is currently only used by
Options::dumpOption().

Technically, we could merge all the Option class code into its single client.
We opted not to do this because the amount of code is non-trivial, and the
Option class does a good job of encapsulating this functionality.

API/glib/JSCOptions.cpp:

(jscOptionsSetValue):
(jscOptionsGetValue):
(jsc_options_foreach):
(jsc_options_get_option_group):

CMakeLists.txt:
JavaScriptCore.xcodeproj/project.pbxproj:
runtime/JSCConfig.h:
runtime/OptionEntry.h: Removed.
runtime/Options.cpp:

(JSC::Options::isAvailable):
(JSC::overrideOptionWithHeuristic):
(JSC::scaleJITPolicy):
(JSC::recomputeDependentOptions):
(JSC::Options::initialize):
(JSC::Options::setOptionWithoutAlias):
(JSC::Options::dumpAllOptions):
(JSC::Options::dumpOption):
(JSC::Option::Option):
(JSC::Option::defaultOption const):
(JSC::Option::dump const):
(JSC::Option::operator== const):

runtime/Options.h:

(JSC::Option::id const):
(JSC::Option::name const):
(JSC::Option::description const):
(JSC::Option::type const):
(JSC::Option::availability const):
(JSC::Option::isOverridden const):
(JSC::Option::Option):
(JSC::Option::idIndex const):
(JSC::Option::defaultOption const): Deleted.
(JSC::Option::boolVal): Deleted.
(JSC::Option::unsignedVal): Deleted.
(JSC::Option::doubleVal): Deleted.
(JSC::Option::int32Val): Deleted.
(JSC::Option::optionRangeVal): Deleted.
(JSC::Option::optionStringVal): Deleted.
(JSC::Option::gcLogLevelVal): Deleted.

runtime/OptionsList.h:

(JSC::OptionRange::operator= ):
(JSC::OptionRange::rangeString const):
(JSC::optionTypeSpecificIndex):
(JSC::countNumberOfJSCOptionsOfType):

3:54 PM Changeset in webkit [250261] by commit-queue@webkit.org

3 edits
1 copy
1 add in trunk/LayoutTests

Layout test webaudio/silence-after-playback.html is failing
https://bugs.webkit.org/show_bug.cgi?id=202116

Patch by Peng Liu <Peng Liu> on 2019-09-23
Reviewed by Jer Noble.

Rebasing a webaudio layout test expected result because of a bug fix in Catalina.

platform/mac-mojave/webaudio/silence-after-playback-expected.wav: Copied from LayoutTests/platform/mac/webaudio/silence-after-playback-expected.wav.
platform/mac/TestExpectations:
platform/mac/webaudio/silence-after-playback-expected.wav:

3:42 PM Changeset in webkit [250260] by timothy_horton@apple.com

3 edits in trunk/Source/WebKit

macOS: <datalist> dropdown shadow is cropped, looks nothing like NSComboBox
https://bugs.webkit.org/show_bug.cgi?id=199350

Reviewed by Wenson Hsieh.

Improve the appearance of the macOS <datalist> dropdown, adopting the
roundly-cornered and backdrop-ful appearance of the current NSComboBox style.

Use the proper window shadow instead of our own inside the window, both
so that we match the system and so that it doesn't get clipped.

Allow vertical rubber-banding, because NSComboBox does.

Don't highlight on hover, because NSComboBox doesn't. Do use NSTableView's
selection mechanism instead of rolling our own for highlights driven by
keyboard-based navigation.

Make use of NSTableCellView, since it has some smarts around pixel alignment
that we don't need to duplicate (and things are blurry on 1x displays without).

Also rename some classes to make it a bit more clear what's going on:
WKDataListSuggestionCell -> WKDataListSuggestionView (it's a NSView, not an NSCell)
WKDataListSuggestionsView -> WKDataListSuggestionsController (it's not a view at all)

Platform/spi/mac/AppKitSPI.h:
UIProcess/mac/WebDataListSuggestionsDropdownMac.mm:

(WebKit::WebDataListSuggestionsDropdownMac::show):
(-[WKDataListSuggestionWindow initWithContentRect:styleMask:backing:defer:]):
(-[WKDataListSuggestionWindow canBecomeKeyWindow]):
(-[WKDataListSuggestionWindow hasKeyAppearance]):
(-[WKDataListSuggestionWindow shadowOptions]):
(-[WKDataListSuggestionView initWithFrame:]):
(-[WKDataListSuggestionView setText:]):
(-[WKDataListSuggestionView setBackgroundStyle:]):
(-[WKDataListSuggestionTableRowView drawSelectionInRect:]):
(-[WKDataListSuggestionTableView initWithElementRect:]):
(-[WKDataListSuggestionTableView layout]):
(-[WKDataListSuggestionTableView reload]):
(-[WKDataListSuggestionsController initWithInformation:inView:]):
(-[WKDataListSuggestionsController currentSelectedString]):
(-[WKDataListSuggestionsController updateWithInformation:]):
(-[WKDataListSuggestionsController moveSelectionByDirection:]):
(-[WKDataListSuggestionsController invalidate]):
(-[WKDataListSuggestionsController dropdownRectForElementRect:]):
(-[WKDataListSuggestionsController showSuggestionsDropdown:]):
(-[WKDataListSuggestionsController tableView:rowViewForRow:]):
(-[WKDataListSuggestionsController tableView:viewForTableColumn:row:]):
(-[WKDataListSuggestionCell initWithFrame:]): Deleted.
(-[WKDataListSuggestionCell setText:]): Deleted.
(-[WKDataListSuggestionCell setActive:]): Deleted.
(-[WKDataListSuggestionCell drawRect:]): Deleted.
(-[WKDataListSuggestionCell mouseEntered:]): Deleted.
(-[WKDataListSuggestionCell mouseExited:]): Deleted.
(-[WKDataListSuggestionCell acceptsFirstResponder]): Deleted.
(-[WKDataListSuggestionTable initWithElementRect:]): Deleted.
(-[WKDataListSuggestionTable setVisibleRect:]): Deleted.
(-[WKDataListSuggestionTable currentActiveRow]): Deleted.
(-[WKDataListSuggestionTable setActiveRow:]): Deleted.
(-[WKDataListSuggestionTable reload]): Deleted.
(-[WKDataListSuggestionTable acceptsFirstResponder]): Deleted.
(-[WKDataListSuggestionTable enclosingScrollView]): Deleted.
(-[WKDataListSuggestionTable removeFromSuperviewWithoutNeedingDisplay]): Deleted.
(-[WKDataListSuggestionsView initWithInformation:inView:]): Deleted.
(-[WKDataListSuggestionsView currentSelectedString]): Deleted.
(-[WKDataListSuggestionsView updateWithInformation:]): Deleted.
(-[WKDataListSuggestionsView moveSelectionByDirection:]): Deleted.
(-[WKDataListSuggestionsView invalidate]): Deleted.
(-[WKDataListSuggestionsView dropdownRectForElementRect:]): Deleted.
(-[WKDataListSuggestionsView showSuggestionsDropdown:]): Deleted.
(-[WKDataListSuggestionsView selectedRow:]): Deleted.
(-[WKDataListSuggestionsView numberOfRowsInTableView:]): Deleted.
(-[WKDataListSuggestionsView tableView:heightOfRow:]): Deleted.
(-[WKDataListSuggestionsView tableView:viewForTableColumn:row:]): Deleted.

3:36 PM Changeset in webkit [250259] by Kocsen Chung

1 copy in tags/Safari-608.2.11.1.11

Tag Safari-608.2.11.1.11.

3:27 PM Changeset in webkit [250258] by Devin Rousso

66 edits
6 copies
1 move
9 adds in trunk

Web Inspector: Canvas: show WebGPU shader pipelines
https://bugs.webkit.org/show_bug.cgi?id=201675
<rdar://problem/55543450>

Reviewed by Joseph Pecoraro.

Source/JavaScriptCore:

inspector/protocol/Canvas.json:

Add a ProgramType enum that conveys the type of shader program/pipeline when notifying the
frontend of a new program

Source/WebCore:

Tests: inspector/canvas/requestShaderSource-webgpu.html

inspector/canvas/shaderProgram-add-remove-webgpu.html
inspector/canvas/updateShader-webgpu.html

Create common base classes for WebGPUPipeline and GPUPipeline so that Web Inspector can
instrument both render and compute shader pipelines.

Refactor InspectorShaderProgram to support both WebGLProgram and WebGPUPipeline so
that the same object can be used for all types of shader "program"s.

Keep a copy of each shader module's source, and allow the shader module to be updated.

Modules/webgpu/WebGPUDevice.h:
Modules/webgpu/WebGPUDevice.cpp:

(WebCore::WebGPUDevice::WebGPUDevice):
(WebCore::WebGPUDevice::~WebGPUDevice):
(WebCore::WebGPUDevice::createShaderModule const):
(WebCore::WebGPUDevice::createRenderPipeline): Added.
(WebCore::WebGPUDevice::createComputePipeline): Added.
(WebCore::WebGPUDevice::createRenderPipeline const): Deleted.
(WebCore::WebGPUDevice::createComputePipeline const): Deleted.

Modules/webgpu/WebGPUPipeline.h: Added.

(WebCore::WebGPUPipeline::isRenderPipeline const):
(WebCore::WebGPUPipeline::isComputePipeline const):
(WebCore::WebGPUPipeline::scriptExecutionContext const):

Modules/webgpu/WebGPUPipeline.cpp: Added.

(WebCore::WebGPUPipeline::instancesMutex):
(WebCore::WebGPUPipeline::WebGPUPipeline):
(WebCore::WebGPUPipeline::~WebGPUPipeline):

platform/graphics/gpu/GPUPipeline.cpp: Added.
platform/graphics/gpu/GPUPipeline.h: Added.

(WebCore::GPUPipeline::isRenderPipeline const):
(WebCore::GPUPipeline::isComputePipeline const):

Modules/webgpu/WebGPUComputePipeline.idl:
Modules/webgpu/WebGPUComputePipeline.h:

(WebCore::WebGPUComputePipeline::computePipeline const): Deleted.

Modules/webgpu/WebGPUComputePipeline.cpp:

(WebCore::WebGPUComputePipeline::create):
(WebCore::WebGPUComputePipeline::WebGPUComputePipeline):
(WebCore::WebGPUComputePipeline::recompile): Added.

platform/graphics/gpu/GPUComputePipeline.h:

(WebCore::GPUComputePipeline::isComputePipeline): Added.

platform/graphics/gpu/cocoa/GPUComputePipelineMetal.mm:

(WebCore::GPUComputePipeline::tryCreate):
(WebCore::GPUComputePipeline::GPUComputePipeline):
(WebCore::GPUComputePipeline::recompile): Added.

Modules/webgpu/WebGPURenderPipeline.idl:
Modules/webgpu/WebGPURenderPipeline.h:

(WebCore::WebGPURenderPipeline::renderPipeline const): Deleted.

Modules/webgpu/WebGPURenderPipeline.cpp:

(WebCore::WebGPURenderPipeline::create):
(WebCore::WebGPURenderPipeline::WebGPURenderPipeline):
(WebCore::WebGPURenderPipeline::recompile): Added.

platform/graphics/gpu/GPURenderPipeline.h:

(WebCore::GPURenderPipeline::isRenderPipeline): Added.

platform/graphics/gpu/cocoa/GPURenderPipelineMetal.mm:

(WebCore::tryCreateMtlRenderPipelineState):
(WebCore::GPURenderPipeline::tryCreate):
(WebCore::GPURenderPipeline::GPURenderPipeline):
(WebCore::GPURenderPipeline::recompile): Added.

Modules/webgpu/WebGPUShaderModule.h:

(WebCore::WebGPUShaderModule::source const): Added.

Modules/webgpu/WebGPUShaderModule.cpp:

(WebCore::WebGPUShaderModule::update): Added.

Modules/webgpu/WebGPUProgrammableStageDescriptor.h:
platform/graphics/gpu/GPUProgrammableStageDescriptor.h:

(WebCore::GPUProgrammableStageDescriptor::GPUProgrammableStageDescriptor):

inspector/InspectorShaderProgram.h:
inspector/InspectorShaderProgram.cpp:

(WebCore::InspectorShaderProgram::create):
(WebCore::InspectorShaderProgram::InspectorShaderProgram):
(WebCore::InspectorShaderProgram::program const): Added.
(WebCore::InspectorShaderProgram::pipeline const): Added.
(WebCore::shaderForType): Added.
(WebCore::InspectorShaderProgram::requestShaderSource): Added.
(WebCore::InspectorShaderProgram::updateShader): Added.
(WebCore::InspectorShaderProgram::context const): Deleted.
(WebCore::InspectorShaderProgram::shaderForType): Deleted.

inspector/agents/InspectorCanvasAgent.h:
inspector/agents/InspectorCanvasAgent.cpp:

(WebCore::InspectorCanvasAgent::InspectorCanvasAgent):
(WebCore::InspectorCanvasAgent::discardAgent):
(WebCore::InspectorCanvasAgent::enable):
(WebCore::InspectorCanvasAgent::disable):
(WebCore::InspectorCanvasAgent::requestShaderSource):
(WebCore::InspectorCanvasAgent::updateShader):
(WebCore::InspectorCanvasAgent::setShaderProgramDisabled):
(WebCore::InspectorCanvasAgent::setShaderProgramHighlighted):
(WebCore::InspectorCanvasAgent::frameNavigated):
(WebCore::InspectorCanvasAgent::didCreateWebGLProgram): Added.
(WebCore::InspectorCanvasAgent::willDestroyWebGLProgram): Added.
(WebCore::InspectorCanvasAgent::isWebGLProgramDisabled): Added.
(WebCore::InspectorCanvasAgent::isWebGLProgramHighlighted): Added.
(WebCore::InspectorCanvasAgent::didCreateWebGPUPipeline): Added.
(WebCore::InspectorCanvasAgent::willDestroyWebGPUPipeline): Added.
(WebCore::InspectorCanvasAgent::programDestroyedTimerFired): Added.
(WebCore::InspectorCanvasAgent::reset): Added.
(WebCore::InspectorCanvasAgent::unbindProgram):
(WebCore::InspectorCanvasAgent::findInspectorProgram):
(WebCore::InspectorCanvasAgent::didCreateProgram): Deleted.
(WebCore::InspectorCanvasAgent::willDeleteProgram): Deleted.
(WebCore::InspectorCanvasAgent::isShaderProgramDisabled): Deleted.
(WebCore::InspectorCanvasAgent::isShaderProgramHighlighted): Deleted.
(WebCore::InspectorCanvasAgent::clearCanvasData): Deleted.

inspector/InspectorInstrumentation.h:

(WebCore::InspectorInstrumentation::didCreateWebGLProgram): Added.
(WebCore::InspectorInstrumentation::willDestroyWebGLProgram): Added.
(WebCore::InspectorInstrumentation::isWebGLProgramDisabled): Added.
(WebCore::InspectorInstrumentation::isWebGLProgramHighlighted): Added.
(WebCore::InspectorInstrumentation::didCreateWebGPUPipeline): Added.
(WebCore::InspectorInstrumentation::willDestroyWebGPUPipeline): Added.
(WebCore::InspectorInstrumentation::didCreateProgram): Deleted.
(WebCore::InspectorInstrumentation::willDeleteProgram): Deleted.
(WebCore::InspectorInstrumentation::isShaderProgramDisabled): Deleted.
(WebCore::InspectorInstrumentation::isShaderProgramHighlighted): Deleted.

inspector/InspectorInstrumentation.cpp:

(WebCore::InspectorInstrumentation::didCreateWebGLProgramImpl): Added.
(WebCore::InspectorInstrumentation::willDestroyWebGLProgramImpl): Added.
(WebCore::InspectorInstrumentation::isWebGLProgramDisabledImpl): Added.
(WebCore::InspectorInstrumentation::isWebGLProgramHighlightedImpl): Added.
(WebCore::InspectorInstrumentation::didCreateWebGPUPipelineImpl): Added.
(WebCore::InspectorInstrumentation::willDestroyWebGPUPipelineImpl): Added.
(WebCore::InspectorInstrumentation::didCreateProgramImpl): Deleted.
(WebCore::InspectorInstrumentation::willDeleteProgramImpl): Deleted.
(WebCore::InspectorInstrumentation::isShaderProgramDisabledImpl): Deleted.
(WebCore::InspectorInstrumentation::isShaderProgramHighlightedImpl): Deleted.

html/canvas/WebGLProgram.h:
html/canvas/WebGLProgram.cpp:

(WebCore::WebGLProgram::WebGLProgram):
(WebCore::WebGLProgram::~WebGLProgram):

html/canvas/WebGLRenderingContextBase.cpp:

(WebCore::InspectorScopedShaderProgramHighlight::showHightlight):
(WebCore::WebGLRenderingContextBase::createProgram):
(WebCore::WebGLRenderingContextBase::deleteProgram):
(WebCore::WebGLRenderingContextBase::drawArrays):
(WebCore::WebGLRenderingContextBase::drawElements):
Rename WebGL program instrumentation points to be less ambiguous.

Sources.txt:
WebCore.xcodeproj/project.pbxproj:

Source/WebInspectorUI:

Show WebGPU shader pipelines ("programs") underneath each corresponding WebGPU device.

Allow editing of attached shader modules for each WebGPU shader pipeline, but don't allow
highlighting/disabling, as WebGPU pipelines don't have those capabilities/concepts yet.

UserInterface/Protocol/CanvasObserver.js:

(WI.CanvasObserver.prototype.programCreated):

UserInterface/Controllers/CanvasManager.js:

(WI.CanvasManager.prototype.programCreated):

UserInterface/Models/Canvas.js:

(WI.Canvas.prototype.nextShaderProgramDisplayNumberForProgramType): Added.
(WI.Canvas.prototype.nextShaderProgramDisplayNumber): Deleted.

UserInterface/Models/ShaderProgram.js:

(WI.ShaderProgram):
(WI.ShaderProgram.contextTypeSupportsProgramType): Added.
(WI.ShaderProgram.programTypeSupportsShaderType): Added.
(WI.ShaderProgram.prototype.get programType): Added.
(WI.ShaderProgram.prototype.get displayName):
(WI.ShaderProgram.prototype.set disabled):
(WI.ShaderProgram.prototype.requestShaderSource):
(WI.ShaderProgram.prototype.updateShader):
(WI.ShaderProgram.prototype.showHighlight):
(WI.ShaderProgram.prototype.hideHighlight):
(WI.ShaderProgram.prototype.requestVertexShaderSource): Deleted.
(WI.ShaderProgram.prototype.requestFragmentShaderSource): Deleted.
(WI.ShaderProgram.prototype.updateVertexShader): Deleted.
(WI.ShaderProgram.prototype.updateFragmentShader): Deleted.
(WI.ShaderProgram.prototype._requestShaderSource): Deleted.
(WI.ShaderProgram.prototype._updateShader): Deleted.

UserInterface/Views/ShaderProgramContentView.js:

(WI.ShaderProgramContentView):
(WI.ShaderProgramContentView.prototype.get navigationItems): Added.
(WI.ShaderProgramContentView.prototype.shown):
(WI.ShaderProgramContentView.prototype.hidden):
(WI.ShaderProgramContentView.prototype.get saveData):
(WI.ShaderProgramContentView.prototype._refreshContent):
(WI.ShaderProgramContentView.prototype._updateShader):
(WI.ShaderProgramContentView.prototype._contentDidChange):

UserInterface/Views/ShaderProgramContentView.css:

(.content-view.shader-program > .shader): Added.
(.content-view.shader-program > .shader.compute): Added.
(body[dir=ltr] .content-view.shader-program > .shader.vertex,): Added.
(body[dir=ltr] .content-view.shader-program > .shader.fragment,): Added.
(.content-view.shader-program > .shader + .shader): Added.
(.content-view.shader-program > .shader > header > *): Added.
(.content-view.shader-program > .shader > header > .shader-type): Added.
(@media (prefers-color-scheme: dark) .content-view.shader-program > .shader > header): Added.
(.content-view.shader-program > .text-editor.shader): Deleted.
(body[dir=ltr] .content-view.shader-program > .text-editor.shader.vertex,): Deleted.
(body[dir=ltr] .content-view.shader-program > .text-editor.shader.fragment,): Deleted.
(body[dir=ltr] .content-view.shader-program > .text-editor.shader + .text-editor.shader): Deleted.
(body[dir=rtl] .content-view.shader-program > .text-editor.shader + .text-editor.shader): Deleted.
(.content-view.shader-program > .text-editor.shader > .type-title): Deleted.
(.content-view.shader-program > .text-editor.shader > .CodeMirror): Deleted.

UserInterface/Views/CodeMirrorAdditions.js:

UserInterface/Views/ShaderProgramTreeElement.js:

(WI.ShaderProgramTreeElement):
(WI.ShaderProgramTreeElement.prototype.onattach):
(WI.ShaderProgramTreeElement.prototype.ondetach):
(WI.ShaderProgramTreeElement.prototype.canSelectOnMouseDown):
(WI.ShaderProgramTreeElement.prototype.populateContextMenu):

Localizations/en.lproj/localizedStrings.js:

LayoutTests:

Split existing shader tests into WebGL and WebGPU sub-tests for different platforms.

inspector/canvas/requestShaderSource.html:
inspector/canvas/requestShaderSource-expected.txt:
inspector/canvas/updateShader.html:
inspector/canvas/updateShader-expected.txt:

inspector/canvas/resources/shaderProgram-utilities-webgpu.js: Added.
inspector/canvas/requestShaderSource-webgpu.html: Added.
inspector/canvas/requestShaderSource-webgpu-expected.txt: Added.
inspector/canvas/shaderProgram-add-remove-webgpu.html: Added.
inspector/canvas/shaderProgram-add-remove-webgpu-expected.txt: Added.
inspector/canvas/updateShader-webgpu-expected.txt: Added.
inspector/canvas/updateShader-webgpu.html: Added.

inspector/canvas/resources/shaderProgram-utilities-webgl.js: Renamed from LayoutTests/inspector/canvas/resources/shaderProgram-utilities.js.
inspector/canvas/console-record-webgl.html:
inspector/canvas/console-record-webgl2.html:
inspector/canvas/recording-webgl-frameCount.html:
inspector/canvas/recording-webgl-full.html:
inspector/canvas/recording-webgl-memoryLimit.html:
inspector/canvas/recording-webgl-snapshots.html:
inspector/canvas/recording-webgl2-frameCount.html:
inspector/canvas/recording-webgl2-full.html:
inspector/canvas/recording-webgl2-memoryLimit.html:
inspector/canvas/recording-webgl2-snapshots.html:
inspector/canvas/requestShaderSource-webgl.html: Added.
inspector/canvas/requestShaderSource-webgl-expected.txt: Added.
inspector/canvas/setShaderProgramDisabled.html:
inspector/canvas/setShaderProgramHighlighted.html:
inspector/canvas/shaderProgram-add-remove-webgl.html:
inspector/canvas/shaderProgram-add-remove-webgl2.html:
inspector/canvas/updateShader-webgl.html: Added.
inspector/canvas/updateShader-webgl-expected.txt: Added.

platform/gtk/TestExpectations:
platform/ios/TestExpectations:
platform/mac-wk1/TestExpectations:
platform/mac/TestExpectations:
platform/win/TestExpectations:
platform/wincairo/TestExpectations:
platform/wpe/TestExpectations:

3:25 PM Changeset in webkit [250257] by aakash_jain@apple.com

4 edits in trunk/Tools

[EWS] Rename CompileJSCOnly to CompileJSC
https://bugs.webkit.org/show_bug.cgi?id=202118

Reviewed by Jonathan Bedard.

BuildSlaveSupport/ews-build/factories.py:

(JSCTestsFactory.init): Renamed CompileJSCOnly to CompileJSC.

BuildSlaveSupport/ews-build/steps.py:

(CompileWebKit.evaluateCommand): Ditto.
(AnalyzeCompileWebKitResults.start): Ditto.
(CompileJSC): Changed step-name to 'compile-jsc' to better match with similar steps like 'compile-webkit'.
(CompileJSCToT): Ditto for 'compile-jsc-tot'.

BuildSlaveSupport/ews-build/steps_unittest.py: Renamed CompileJSCOnly to CompileJSC and CompileJSCOnlyToT to CompileJSCToT.

3:16 PM Changeset in webkit [250256] by Wenson Hsieh

23 edits
2 adds in trunk

[iOS] Drop animation when dragging images from Photos to WebKit2 Mail compose is incorrect
https://bugs.webkit.org/show_bug.cgi?id=201674
<rdar://problem/51250952>

Reviewed by Tim Horton.

Source/WebCore:

Adds new helper methods on DragController to support the new image placeholder drop codepath. See WebKit
ChangeLog for more details.

Tests: WKAttachmentTestsIOS.TargetedPreviewsWhenDroppingImages

WKAttachmentTestsIOS.TargetedPreviewIsClippedWhenDroppingTallImage

editing/WebContentReader.h:

Fix the Windows build after including WebContentReader.h in DragController.cpp.

html/HTMLImageElement.h:

(WebCore::HTMLImageElement::isDroppedImagePlaceholder const):
(WebCore::HTMLImageElement::setIsDroppedImagePlaceholder):

Add a flag to HTMLImageElement, indicating whether it is a dropped image placeholder. If so, we have special
logic to remove some temporary inline style properties from the image after it has finished loading (see
finalizeDroppedImagePlaceholder).

Note that this doesn't increase the size of HTMLImageElement.

page/DragController.cpp:

(WebCore::DragController::dragEnded):

Clean up any stale placeholders after the drag ends.

(WebCore::DragController::performDragOperation):
(WebCore::DragController::removeAllDroppedImagePlaceholders):

Add a private helper to clean up any dropped image placeholders after failing to update dropped image
placeholders for any reason.

(WebCore::DragController::tryToUpdateDroppedImagePlaceholders):

Invoked when performing the drag operation, after image data has been loaded; this function attempts to update
the list of image placeholder elements tracked by DragController that were previously inserted using
insertDroppedImagePlaceholdersAtCaret, and updates the source attribute of each element (as well as any backed
attachment element, if attachment elements are enabled). It achieves this by reading the dropped data as web
content, and matching up the images in the resulting fragment against the placeholder images. If each image in
the fragment can correspond to exactly one placeholder, we update the source of each placeholder image,
migrate attachment elements over to the placeholder images if needed, and finally discard the fragment.

A return value of false indicates that this process failed, in which case we clean up the placeholders and fall
back to handling the drop normally.

(WebCore::DragController::insertDroppedImagePlaceholdersAtCaret):

Invoked when handling the drop, before any image data has been loaded; this function takes a list of sizes
representing the preferred presentation sizes of each item provider that will be loaded as an image, and uses
ReplaceSelectionCommand to insert a list of (initially blank) placeholder images at the drop caret, sized
accordingly to each item provider's preferredPresentationSize.

To make this compatible with Mail compose (and all other known internal clients that use the _editable SPI), we
additionally enforce a max-width of 100% on each image and preserve the aspect ratio of the image by adjusting
the height if needed.

(WebCore::DragController::finalizeDroppedImagePlaceholder):

page/DragController.h:

Have DragController keep track of the list of dropped image placeholders (in DOM order), as well as the dropped
image placeholder range. This information is used once item provider data arrives and the drag operation is
being performed, to update the source of each dropped image placeholder.

(WebCore::DragController::droppedImagePlaceholders const):
(WebCore::DragController::droppedImagePlaceholderRange const):

platform/network/mac/UTIUtilities.h:

Mark an existing helper function as WEBCORE_EXPORT.

Source/WebKit:

Our current logic for handling dropped content in editable elements on iOS works like this in the ideal case:

(1) UIKit asks us for a targeted preview for each UIDragItem. We don't know (and can't determine this

synchronously without blocking on the web process) so we simply retarget the preview to animate to the
last known caret location.

(2) Soonafter, UIKit hands us a drop preview update block, which may be used to retarget the drop preview

once, as long as the drop animation is less than 90% complete. We stash these update blocks for now.

(3) -dropInteraction:performDrop: is then called, and we start loading item provider data right away.

(4) When the data has finished loading, we perform the drop in the web process. After any inserted images

have finished loading, we take snapshots (of the dropped content as well as surrounding web content
minus the dropped content), and deliver these images to the UI process via TextIndicatorData.

(5) Upon receiving the TextIndicatorData sent in (4), we use the image data to create updated targeted drag

previews, and use these to invoke the preview update blocks we stored earlier in (2). We also obscure
the entire web view with a snapshot of the view minus any dropped content, such that the updated drop
previews may animate into place without also showing the final content.

(6) When the drop animation ends, we remove the unselected content snapshot view added in (5) simultaneously

as the targeted previews disappear, revealing the actual dropped content on the page. The drop is now
complete.

However, note that the drag update block we invoke in (5) doesn't work if the drop animation is already more
than 90% complete. Since the lifecycle of the drop animation is distinct from that of item provider loading, if
the delay between (3) and (4) exceeds 90% of the total drop animation time, we'll fail to update the targeted
previews, such that the user only sees the initial drag preview fly on top of the caret and disappear. While we
typically win this race for data dragged from other WebKit apps, we almost always lose when dragging from Photos
and end up with a janky drop animation. This is especially true for any images that aren't locally available,
and need to be fetched from iCloud. An additional problem is that in step (5), we use the same final snapshot to
update the drop preview of every item, since we don't have a snapshot for the fragment corresponding to each
individual dropped item.

To address these issues for Mail in the case where the user drops images with known sizes (i.e. -[NSItemProvider
preferredPresentationSize] is specified), we introduce an alternate codepath for handling dropped images that
performs the drop immediately upon receiving -dropInteraction:performDrop: in the UI process. Since the data has
yet to arrive, we instead handle the drop by inserting placeholder image elements at the drag caret position,
which initially have no source but are sized to fit their expected final image sizes. After doing so, we
snapshot the page (minus the dropped content range, as usual) and deliver this snapshot to the UI process, along
with the rects (in root view coordinates) of each placeholder image that was inserted. In the UI process, we
then take this snapshot and obscure the content view with it, and also use each of the placeholder rects to
provide an updated target for each drag preview, such that the drop previews now animate to their final
locations on the page.

When the data eventually arrives, we handle the drop by detecting the placeholder elements we inserted earlier,
and using the dropped data to update the source attribute and attachment backing for each of these placeholder
elements instead of attempting to insert new content.

Note that this codepath is currently only enabled for SPI clients that set -[WKWebView _editable] to YES, since
it involves us performing the editing action for the drop (thus changing the DOM) prior to the preventable drop
event, and prior to us having any data at all. However, the drop event can't come before the editing action,
since we need to have already loaded data from the item providers to expose it via the dataTransfer of the drop
event. This contradiction means that this image placeholder hack is only for _editable SPI clients that, at the
very least, will not require preventing default behavior when dropping only images with predetermined sizes.

Covered by 2 new API tests. See comments below for more detail.

UIProcess/WebPageProxy.h:
UIProcess/ios/DragDropInteractionState.h:
UIProcess/ios/DragDropInteractionState.mm:

(WebKit::DragDropInteractionState::setDefaultDropPreview):

Add a way to keep track of default drop previews that we observed during each call to
-dropInteraction:previewForDroppingItem:withDefault:. In the image placeholder drop scenario, we use these
default drop previews later on to create retargeted drop previews after the placeholders have been inserted.

(WebKit::DragDropInteractionState::defaultDropPreview const):
(WebKit::DragDropInteractionState::deliverDelayedDropPreview):

Add an alternate version of deliverDelayedDropPreview that is used when inserting image placeholders. Rather
than use text indicator data of the final dropped content on the page, use the root-view-coordinate rects of
each of the placeholder elements to reposition the default drop previews.

There's additional logic here to handle the case where the final image is taller than the height of the
unobscured content rect, in which case we clip the drop preview using UIDragPreviewParameter's visiblePath to
prevent the drop preview from being shown outside of the bounds of the web view.

UIProcess/ios/WKContentViewInteraction.h:
UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView _deliverDelayedDropPreviewIfPossible:]):
(sizesOfPlaceholderElementsToInsertWhenDroppingItems):

Collects the list of expected image sizes for the dropped item providers, or an empty list in the case where
any of the item providers may not be represented as inline images or do not have predetermined sizes.

(-[WKContentView _handleDropByInsertingImagePlaceholders:session:]):

If possible, handles the drop by inserting image placeholders instead of waiting for the data to finish loading
before dropping. Returns whether or not we decided to proceed with the image placeholder drop.

(-[WKContentView dropInteraction:performDrop:]):
(-[WKContentView dropInteraction:item:willAnimateDropWithAnimator:]):

Fixes a bug where the unselected content snapshot view could linger around on the web view forever after a drop
where the data doesn't load in time for the drop to finish by keeping track of whether there is an actively
animating drag item, and only applying the unselected content snapshot if so.

(-[WKContentView dropInteraction:previewForDroppingItem:withDefault:]):

Stash the default drop preview away here.

UIProcess/ios/WebPageProxyIOS.mm:

(WebKit::WebPageProxy::insertDroppedImagePlaceholders):

WebProcess/WebPage/WebPage.h:
WebProcess/WebPage/WebPage.messages.in:
WebProcess/WebPage/ios/WebPageIOS.mm:

(WebKit::WebPage::insertDroppedImagePlaceholders):

See WebCore ChangeLog for more information.

(WebKit::WebPage::didFinishLoadingImageForElement):

If the image that finished loading is a dropped image placeholder, allow DragController to "finalize" it by
stripping away some styles that were temporarily added.

Tools:

Add a couple of new API tests to exercise the new image placeholder drop codepath, in addition to testing
infrastructure to simulate the timing of drop animation delegate calls.

TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
TestWebKitAPI/Tests/WebKitCocoa/WKAttachmentTests.mm:

(-[NSArray _attachmentWithName:]):
(-[TestWKWebView allBoundingClientRects:]):

Add some new API testing helper methods.

(TestWebKitAPI::targetedImageDragPreview):
(TestWebKitAPI::TEST):

Add two new tests, to:
(1) verify that images are dropped as attachment-backed placeholder image elements when the web view is editable

and enables attachment elements, and

(2) verify that when dropping an image taller than the web view, the bottom portion of the drop preview is

clipped using the targeted preview parameter's visiblePath.

TestWebKitAPI/Tests/ios/DragAndDropTestsIOS.mm:

(-[NSItemProvider registerDataRepresentationForTypeIdentifier:withData:]): Deleted.

TestWebKitAPI/cocoa/DragAndDropSimulator.h:
TestWebKitAPI/cocoa/NSItemProviderAdditions.h: Added.
TestWebKitAPI/cocoa/NSItemProviderAdditions.mm: Added.

Move some common helpers for registering data on a NSItemProvider to a separate file, so that it can be used in
both WKAttachmentTests and DragAndDropTests.

(-[NSItemProvider registerDataRepresentationForTypeIdentifier:withData:]):
(-[NSItemProvider registerDataRepresentationForTypeIdentifier:withData:loadingDelay:]):

TestWebKitAPI/ios/DragAndDropSimulatorIOS.mm:

(-[DragAndDropSimulator initWithWebView:]):
(-[DragAndDropSimulator _concludeDropAndPerformOperationIfNecessary]):
(-[DragAndDropSimulator clearExternalDragInformation]):
(-[DragAndDropSimulator setExternalItemProviders:defaultDropPreviews:]):

Add a new method to allow tests to specify both a list of externally dragged item providers, as well as default
targeted previews for each of the corresponding items. These default previews are used when invoking the drop
interaction delegate's preview generation methods.

(-[DragAndDropSimulator addAnimations:]):

Not implemented yet; for now, this simply asserts.

(-[DragAndDropSimulator addCompletion:]):

Queues a completion handler, which is invoked when the drop animation for each item completes. Depending on the
value of DragAndDropSimulator's -dropAnimationTiming, this may occur either before or after handling the drop.
By default, these will be invoked after the drop completes, which represents the common case where data can be
loaded quickly relative to the drop animation.

(-[DragAndDropSimulator _invokeDropAnimationCompletionBlocksAndConcludeDrop]):
(-[DragAndDropSimulator _webView:dataInteractionOperationWasHandled:forSession:itemProviders:]):

2:56 PM Changeset in webkit [250255] by dbates@webkit.org

16 edits
6 adds in trunk

Improve CSP inheritance semantics
https://bugs.webkit.org/show_bug.cgi?id=201884
<rdar://problem/50172407>

Reviewed by Brent Fulgham.

LayoutTests/imported/w3c:

Update expected results now that we pass more sub-tests.

web-platform-tests/content-security-policy/inheritance/iframe-all-local-schemes-inherit-self.sub-expected.txt:
web-platform-tests/content-security-policy/inheritance/window-expected.txt:

Source/WebCore:

Update the CSP inheritance semantics to more closely match the logic in section Initialize a Document's CSP list
of the CSP3 spec., <https://w3c.github.io/webappsec-csp/#initialize-document-csp>.

Towards this, move more of the inheritance logic out of Document::initContentSecurityPolicy() and into
DocumentWriter::begin() where details about the document being replaced live. This lets us remove the
need to track the previous content security policy to pass it to Document::initContentSecurityPolicy().
Moreover, DocumentWriter::begin() knows the owner document that will be replaced with the result of
executing a JavaScript URL. This is needed in order to fix up inheritance of CSP for such documents.

Tests: http/tests/security/contentSecurityPolicy/iframe-allowed-when-loaded-via-javascript-url.html

http/tests/security/contentSecurityPolicy/iframe-blocked-when-loaded-via-javascript-url.html
http/tests/security/contentSecurityPolicy/iframe-blocked-when-loaded-via-javascript-url2.html

dom/Document.cpp:

(WebCore::Document::initSecurityContext): If we are inheriting the security origin from the owner
document then inherit its CSP policy. We copy over both the CSP state from the owner as well as
update 'self' to match the owner's origin so that CSP source expressions that include 'self' work
correctly even from about:blank documents.
(WebCore::Document::initContentSecurityPolicy): Move most of the logic from here into DocumentWriter::begin()
to take advantage of the fact that DocumentWriter::begin() knows about the outgoing document (if there
is one) as well as whether the outgoing document is being replaced with a new document that is the result
of evaluating a JavaScript URL. We need do know both these things in order to inherit the correct CSP
policy. This function only exists to copy some upgrade-insecure-requests state and to fix up plugin documents
as we currently do.
(WebCore::Document::shouldInheritContentSecurityPolicy const): Deleted.

dom/Document.h:
dom/SecurityContext.cpp:

(WebCore::SecurityContext::setContentSecurityPolicy): Modified to take its param by rvalue-reference
to make it less error prone to use.

dom/SecurityContext.h: Expose setContentSecurityPolicy() so that we can invoke it from DocumentWriter::begin().
loader/DocumentWriter.cpp:

(WebCore::DocumentWriter::begin): For documents being replaced with the result of a JavaScript URL (i.e. ownerDocument
is non-null) inherit the CSP from the owner document. Similarly, if we have an existing document in the frame
and the protocol of the new document's URL is data: or blob: then inherit the CSP from the existing page. The latter
is what we currently do just moved from Document::initContentSecurityPolicy() and re-written in terms of the
existingDocument instead of previousContentSecurityPolicy. Also call setInsecureNavigationRequestsToUpgrade()
both when we have a non-null ownerDocument as well as when we have a non-null existingDocument. The former fixes
the block-all-mixed-content feature for documents loaded via JavaScript URLs and the latter is what we do now.

loader/FrameLoader.cpp:

(WebCore::FrameLoader::didBeginDocument): Remove parameter previousContentSecurityPolicy as the logic that
made use of it moved to DocumentWriter::begin().

loader/FrameLoader.h:
page/csp/ContentSecurityPolicy.h:

LayoutTests:

Add some more tests and update expected results of existing tests now that we pass more sub-tests.

http/tests/security/contentSecurityPolicy/iframe-allowed-when-loaded-via-javascript-url-expected.txt: Added.
http/tests/security/contentSecurityPolicy/iframe-allowed-when-loaded-via-javascript-url.html: Added.
http/tests/security/contentSecurityPolicy/iframe-blocked-when-loaded-via-javascript-url-expected.txt: Added.
http/tests/security/contentSecurityPolicy/iframe-blocked-when-loaded-via-javascript-url.html: Added.
http/tests/security/contentSecurityPolicy/iframe-blocked-when-loaded-via-javascript-url2-expected.txt: Added.
http/tests/security/contentSecurityPolicy/iframe-blocked-when-loaded-via-javascript-url2.html: Added.
http/tests/security/contentSecurityPolicy/user-style-sheet-font-crasher-expected.txt: I don't understand

why there is another duplicte console log message emitted, but there are already two such messages, which is
already one too many. The duplicate messages are more cosmetic than functional though there may be implications
with respect to CSP reporting. Filed <https://bugs.webkit.org/show_bug.cgi?id=202004> to track this issue.

platform/mac-wk1/http/tests/security/contentSecurityPolicy/user-style-sheet-font-crasher-expected.txt:
platform/win/http/tests/security/contentSecurityPolicy/user-style-sheet-font-crasher-expected.txt:

2:08 PM Changeset in webkit [250254] by achristensen@apple.com

5 edits in trunk/Source/WebKit

REGRESSION(250143) Disk cache should be enabled for Safari
https://bugs.webkit.org/show_bug.cgi?id=202117

Reviewed by Brady Eidson.

r250143 made it so in Safari, when setCacheModel is called for the first time in NetworkProcess::initializeNetworkProcess,
it didn't have a path to check available disk space. This resulted in disabling the disk cache in Safari, which caused a
huge performance regression.

NetworkProcess/NetworkProcess.cpp:

(WebKit::NetworkProcess::initializeNetworkProcess):
(WebKit::NetworkProcess::setCacheModel):

NetworkProcess/NetworkProcess.h:

(WebKit::NetworkProcess::setCacheModel):

NetworkProcess/NetworkProcess.messages.in:
UIProcess/WebProcessPool.cpp:

(WebKit::WebProcessPool::ensureNetworkProcess):
(WebKit::WebProcessPool::setCacheModel):

1:56 PM Changeset in webkit [250253] by Alan Coon

8 edits in branches/safari-608-branch/Source/WebKit

Apply patch. rdar://problem/55608007

1:56 PM Changeset in webkit [250252] by Alan Coon

5 edits in branches/safari-608-branch/Source

Apply patch. rdar://problem/55427470

1:50 PM Changeset in webkit [250251] by Jonathan Bedard

2 edits in trunk/Tools

results.webkit.org: Collapse results with the same version name (Follow-up fix)
https://bugs.webkit.org/show_bug.cgi?id=201779

Rubber-stamped by Aakash Jain.

resultsdbpy/resultsdbpy/view/static/js/configuration.js:

(Configuration.prototype.compare): Correctly compare constructed version names.

1:42 PM Changeset in webkit [250250] by Caio Lima

2 edits in trunk/JSTests

Skip stress/regexp-unicode-surrogate-pair-increment-should-involve-length-check.js into ARMv7 and MIPS
https://bugs.webkit.org/show_bug.cgi?id=202113

Unreviewed test gardening, skipped test in ARMv7 and MIPS.

It is going to be fixed in
https://bugs.webkit.org/show_bug.cgi?id=202041

stress/regexp-unicode-surrogate-pair-increment-should-involve-length-check.js:

1:18 PM Changeset in webkit [250249] by jiewen_tan@apple.com

27 edits in trunk

[WebAuthn] LocalAuthenticator tests are failing on internal bots
https://bugs.webkit.org/show_bug.cgi?id=201844
<rdar://problem/54278693>

Reviewed by Brent Fulgham.

Source/WebKit:

This patch adds a way for mock tests to select a credential in getAssertion
ceremonies such that a test can ensure it always uses the credential it manages.
Credentials managed by other test could be deleted at anytime.

UIProcess/API/C/WKWebsiteDataStoreRef.cpp:

(WKWebsiteDataStoreSetWebAuthenticationMockConfiguration):

UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm:

(WebKit::LocalAuthenticator::getAssertion):

UIProcess/WebAuthentication/Cocoa/LocalConnection.h:
UIProcess/WebAuthentication/Cocoa/LocalConnection.mm:

(WebKit::LocalConnection::selectCredential const):

UIProcess/WebAuthentication/Mock/MockLocalConnection.h:
UIProcess/WebAuthentication/Mock/MockLocalConnection.mm:

(WebKit::MockLocalConnection::selectCredential const):

UIProcess/WebAuthentication/Mock/MockWebAuthenticationConfiguration.h:

Tools:

LocalAuthenticator tests utilize Keychain for mock testing. Unlike iOS simulator tests which
each test runner is running in different simulator containers, all test runners are running
in the same macOS container in macOS. Therefore, Keychain is shared among all test runners
in macOS while it is not in iOS simulators. And therefore, race conditions would happen in
macOS which make the current tests flaky given they don't consider race conditions.

This patch then makes each test generate a random credential, and thus no other tests would
be able to access it, and therefore eliminate any race condition. To support this, a few new
functionalities are introduced to the mock test infrastructure as well:
1) TestRunner.cleanUpKeychain accepts a new parameter to more precisely identify an item.
2) WebAuthenticationMockConfiguration.Local has a new member to uniquely select a credential
for getAssertion ceremony when multiple presents.

WebKitTestRunner/InjectedBundle/Bindings/TestRunner.idl:
WebKitTestRunner/InjectedBundle/TestRunner.cpp:

(WTR::TestRunner::setWebAuthenticationMockConfiguration):
(WTR::TestRunner::cleanUpKeychain):

WebKitTestRunner/InjectedBundle/TestRunner.h:
WebKitTestRunner/TestController.h:
WebKitTestRunner/TestInvocation.cpp:

(WTR::TestInvocation::didReceiveSynchronousMessageFromInjectedBundle):

WebKitTestRunner/TestController.cpp:

(WTR::TestController::cleanUpKeychain):

WebKitTestRunner/cocoa/TestControllerCocoa.mm:

(WTR::TestController::cleanUpKeychain):

LayoutTests:

This patch makes each test to generate their own credentials to avoid race conditions in Keychain
accesses when multiple test runners present.

http/wpt/credential-management/credentialscontainer-store-basics.https.html:
http/wpt/webauthn/idl.https.html:

These two tests are changed to use hid authenticator instead of local to avoid any future Keychain issues.

http/wpt/webauthn/public-key-credential-create-failure-local-silent.https.html:
http/wpt/webauthn/public-key-credential-create-failure-local.https.html:
http/wpt/webauthn/public-key-credential-create-success-local.https.html:
http/wpt/webauthn/public-key-credential-get-failure-local-silent.https.html:
http/wpt/webauthn/public-key-credential-get-failure-local.https.html:
http/wpt/webauthn/public-key-credential-get-success-local.https.html:
http/wpt/webauthn/resources/util.js:
platform/mac-wk2/TestExpectations:

1:15 PM Changeset in webkit [250248] by david_quesada@apple.com

2 edits in trunk/Source/WebKit

[iOS] REGRESSION(r250151): Occasional assertion failures in ShareableBitmap::~ShareableBitmap()
https://bugs.webkit.org/show_bug.cgi?id=202112
rdar://problem/55624598

Reviewed by Chris Dumez.

Shared/cg/ShareableBitmapCG.cpp:

(WebKit::ShareableBitmap::releaseDataProviderData):
It is possible and valid for a UIImage created from a ShareableBitmap's CGImage representation
to be deallocated on a background thread. When this happens, releaseDataProviderData() should
ensure it's running on the main thread before deref'ing the ShareableBitmap. Otherwise the
bitmap can be deallocated on the background thread, violating an assertion added in r250151.

12:15 PM Changeset in webkit [250247] by Keith Rollin

2 edits in trunk/Source/WebCore

Unreviewed build fix after r250173: tvOS build broken due to unused function.

platform/network/cocoa/CookieCocoa.mm:

(WebCore::Cookie::operator NSHTTPCookie * _Nullable const):

11:38 AM Changeset in webkit [250246] by Kocsen Chung

6 edits in branches/safari-608-branch

Cherry-pick r250015. rdar://problem/55579794

Remove the "Show Link Previews" and "Hide Link Previews" action menus in the preview platter
https://bugs.webkit.org/show_bug.cgi?id=201864
<rdar://55190038>

Reviewed by Simon Fraser.

Source/WebKit:

UIProcess/ios/WKActionSheetAssistant.mm: Remove the toggle action from the default values. (-[WKActionSheetAssistant defaultActionsForLinkSheet:]):
UIProcess/ios/WKContentViewInteraction.mm: No longer try to add a toggle when it isn't there. (-[WKContentView assignLegacyDataForContextMenuInteraction]): (menuWithShowLinkPreviewAction): Deleted.

Tools:

Test for the suggested actions.

TestWebKitAPI/Tests/WebKitCocoa/ContextMenus.mm: (-[TestContextMenuSuggestedActionsUIDelegate webView:contextMenuConfigurationForElement:completionHandler:]): (-[TestContextMenuSuggestedActionsUIDelegate webView:contextMenuWillPresentForElement:]): (TEST):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@250015 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:23 AM Changeset in webkit [250245] by Kocsen Chung

7 edits in branches/safari-608-branch/Source

Versioning.

11:19 AM Changeset in webkit [250244] by Kocsen Chung

7 edits in branches/safari-608.2.11.1-branch/Source

Versioning.

11:06 AM Changeset in webkit [250243] by Joseph Pecoraro

7 edits in trunk/Source

Web Inspector: Improve the Uncaught Exception View file a bug link
https://bugs.webkit.org/show_bug.cgi?id=201717

Reviewed by Devin Rousso.

Source/WebInspectorUI:

UserInterface/Debug/UncaughtExceptionReporter.js:

Allow the link to be clicked. Use openInNewTab on click to also
bring the new tab to the foreground. Also update the content.

Source/WebKit:

UIProcess/WebInspectorProxy.cpp:

(WebKit::WebInspectorProxy::bringInspectedPageToFront):

UIProcess/WebInspectorProxy.h:
UIProcess/WebInspectorProxy.messages.in:

Provide a way to bring the inspected page to the foreground.

WebProcess/WebPage/WebInspectorUI.cpp:

(WebKit::WebInspectorUI::openInNewTab):
Use it when opening a new tab beside the inspected page.

11:00 AM Changeset in webkit [250242] by Brent Fulgham

3 edits in trunk/Source/WebKit

Unreviewed build fix after r250169 and r250236.

NetworkProcess/curl/NetworkDataTaskCurl.cpp:

(WebKit::NetworkDataTaskCurl::createCurlRequest):

UIProcess/API/C/curl/WKWebsiteDataStoreRefCurl.cpp:

(WKWebsiteDataStoreEnableDefaultNetworkProxySettings):
(WKWebsiteDataStoreEnableCustomNetworkProxySettings):
(WKWebsiteDataStoreDisableNetworkProxySettings):

10:53 AM Changeset in webkit [250241] by Brent Fulgham

2 edits in trunk/Source/WebCore

Unreviewed WinCairo/FTW Build fix after r250192.

platform/network/curl/CurlDownload.cpp:

(WebCore::CurlDownload::createCurlRequest):

10:21 AM Changeset in webkit [250240] by Alan Bujtas

3 edits in trunk/Source/WebCore

[LFC][IFC] Merge inline box compute functions
https://bugs.webkit.org/show_bug.cgi?id=202092
<rdar://problem/55607748>

Reviewed by Antti Koivisto.

Make InlineFormattingContext::layoutInFlowContent() logic simpler.

layout/inlineformatting/InlineFormattingContext.cpp:

(WebCore::Layout::InlineFormattingContext::layoutInFlowContent):
(WebCore::Layout::InlineFormattingContext::layoutFormattingContextRoot):
(WebCore::Layout::InlineFormattingContext::computeHorizontalAndVerticalGeometry):
(WebCore::Layout::InlineFormattingContext::initializeMarginBorderAndPaddingForGenericInlineBox): Deleted.
(WebCore::Layout::InlineFormattingContext::computeMarginBorderAndPaddingForInlineContainer): Deleted.

layout/inlineformatting/InlineFormattingContext.h:

10:04 AM Changeset in webkit [250239] by ddkilzer@apple.com

5 edits in trunk/Source/WebKit

clang-tidy: Fix unnecessary copy/ref churn of for loop variables in WebKit
<https://webkit.org/b/202096>

Reviewed by Darin Adler.

Fix unwanted copying/ref churn of loop variables by making them
const references.

NetworkProcess/Classifier/ResourceLoadStatisticsDatabaseStore.cpp:

(WebKit::domainsToString):

UIProcess/ios/WKActionSheetAssistant.mm:

(-[WKActionSheetAssistant presentationRectForElementUsingClosestIndicatedRect]):

UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView _singleTapDidReset:]):

UIProcess/ios/WebDataListSuggestionsDropdownIOS.mm:

(-[WKDataListSuggestionsControl textSuggestions]):

9:48 AM Changeset in webkit [250238] by ddkilzer@apple.com

2 edits in trunk/Source/WebCore

REGRESSION (r249855): Remove debug logging from WebCore::RenderImage::paintIntoRect()
<https://webkit.org/b/202103>

Reviewed by Zalan Bujtas.

rendering/RenderImage.cpp:

(WebCore::RenderImage::paintIntoRect): Remove debug logging
statements.

9:40 AM Changeset in webkit [250237] by Kocsen Chung

7 edits in branches/safari-608.2.30.1-branch/Source

Versioning.

9:31 AM Changeset in webkit [250236] by Chris Dumez

3 edits in trunk/Source/WebKit

WebPage::sessionID() does not need to get the sessionID from there WebCore Page
https://bugs.webkit.org/show_bug.cgi?id=202094

Reviewed by Youenn Fablet.

WebPage::sessionID() does not need to get the sessionID from there WebCore Page, it can
simply get the sessionID from the WebProcess singleton, now that we have a single session
per WebProcess. This will avoid potential crashes trying to dereference m_page to get the
sessionID, since m_page can be null.

WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::sessionID const):

WebProcess/WebPage/WebPage.h:

(WebKit::WebPage::sessionID const): Deleted.

9:14 AM Changeset in webkit [250235] by Alan Bujtas

4 edits in trunk/Source/WebCore

[LFC][IFC] Pass in the Used*Values to inline layout functions.
https://bugs.webkit.org/show_bug.cgi?id=202091
<rdar://problem/55601987>

Reviewed by Antti Koivisto.

Only the top level layout functions should generate constraint values.

layout/inlineformatting/InlineFormattingContext.cpp:

(WebCore::Layout::InlineFormattingContext::layoutInFlowContent):
(WebCore::Layout::InlineFormattingContext::computedIntrinsicWidthConstraints):
(WebCore::Layout::InlineFormattingContext::computeMarginBorderAndPaddingForInlineContainer):
(WebCore::Layout::InlineFormattingContext::computeIntrinsicWidthForFormattingRoot):
(WebCore::Layout::InlineFormattingContext::computeHorizontalMargin):
(WebCore::Layout::InlineFormattingContext::computeWidthAndMargin):
(WebCore::Layout::InlineFormattingContext::computeHeightAndMargin):
(WebCore::Layout::InlineFormattingContext::layoutFormattingContextRoot):
(WebCore::Layout::InlineFormattingContext::computeWidthAndHeightForReplacedInlineBox):

layout/inlineformatting/InlineFormattingContext.h:

(WebCore::Layout::InlineFormattingContext::InlineLayout::widthConstraint const):

layout/inlineformatting/InlineFormattingContextLineLayout.cpp:

(WebCore::Layout::InlineFormattingContext::InlineLayout::InlineLayout):
(WebCore::Layout::InlineFormattingContext::InlineLayout::layout):
(WebCore::Layout::InlineFormattingContext::InlineLayout::computedIntrinsicWidth const):
(WebCore::Layout::InlineFormattingContext::InlineLayout::createDisplayRuns):

8:54 AM Changeset in webkit [250234] by Antti Koivisto

13 edits in trunk/Source/WebCore

Refcount simple line layout
https://bugs.webkit.org/show_bug.cgi?id=202104

Reviewed by Zalan Bujtas.

Make SimpleLineLayout::Layout refcounted for safety and ease of use.

dom/Position.cpp:

(WebCore::Position::upstream const):
(WebCore::Position::downstream const):

editing/TextIterator.cpp:

(WebCore::TextIterator::handleTextNode):
(WebCore::TextIterator::handleTextBox):
(WebCore::TextIterator::handleTextNodeFirstLetter):

editing/TextIterator.h:
rendering/RenderBlockFlow.h:
rendering/RenderTreeAsText.cpp:

(WebCore::RenderTreeAsText::writeRenderObject):
(WebCore::write):

rendering/SimpleLineLayout.cpp:

(WebCore::SimpleLineLayout::create):
(WebCore::SimpleLineLayout::Layout::create):

rendering/SimpleLineLayout.h:
rendering/SimpleLineLayoutFunctions.cpp:

(WebCore::SimpleLineLayout::outputLineLayoutForFlow):

rendering/SimpleLineLayoutResolver.cpp:

(WebCore::SimpleLineLayout::RunResolver::Run::rect const):
(WebCore::SimpleLineLayout::RunResolver::Iterator::Iterator):

Iterator now refs the layout. Since the resolver is owned by the layout, it is guaranteed to stay alive too.

(WebCore::SimpleLineLayout::RunResolver::Iterator::advanceLines):

rendering/SimpleLineLayoutResolver.h:

(WebCore::SimpleLineLayout::RunResolver::Iterator::layout const):
(WebCore::SimpleLineLayout::RunResolver::Run::computeBaselinePosition const):
(WebCore::SimpleLineLayout::RunResolver::Iterator::simpleRun const):
(WebCore::SimpleLineLayout::RunResolver::Iterator::inQuirksMode const): Deleted.
(WebCore::SimpleLineLayout::runResolver): Deleted.

Always use the cached resolver owned by SimpleLineLayout::Layout.

rendering/line/LineLayoutInterfaceTextBoxes.cpp:

(WebCore::LineLayoutInterface::firstTextBoxInVisualOrderFor):
(WebCore::LineLayoutInterface::firstTextBoxInTextOrderFor):
(WebCore::LineLayoutInterface::textBoxRangeFor):
(WebCore::LineLayoutInterface::Provider::firstTextBoxInVisualOrderFor): Deleted.
(WebCore::LineLayoutInterface::Provider::firstTextBoxInTextOrderFor): Deleted.
(WebCore::LineLayoutInterface::Provider::textBoxRangeFor): Deleted.

There is no need for a separate Provider class anymore as the iterator keeps SimpleLineLayout::Layout
and Resolver instances alive itself.

rendering/line/LineLayoutInterfaceTextBoxes.h:

(WebCore::LineLayoutInterface::hasTextBoxes):
(WebCore::LineLayoutInterface::Provider::firstTextBoxFor): Deleted.

7:17 AM WebKitGTK/2.26.x edited by Michael Catanzaro

(diff)

7:16 AM Changeset in webkit [250233] by youenn@apple.com

9 edits in trunk

Simplify UserMediaPermissionRequestManager management of UserMediaRequest
https://bugs.webkit.org/show_bug.cgi?id=201688

Reviewed by Eric Carlson.

Source/WebCore:

Covered by existing tests and modified test.

Modules/mediastream/UserMediaRequest.cpp:

(WebCore::UserMediaRequest::UserMediaRequest):

Modules/mediastream/UserMediaRequest.h:

(WebCore::UserMediaRequest::identifier const):
Add an identifier generated for each request.

Source/WebKit:

Instead of having two maps to go from ID to request and request to ID,
Make request own its ID and keep a single ID to request map.
Rename it to m_ongoingUserMediaRequests.

Rename requests that are not processed because the document cannot start media as m_pendingUserMediaRequests.
In case the request is cancelled following the stopping of active dom objects, we just remove it from m_pendingUserMediaRequests
instead of denying the request. This matches Chrome and Firefox behavior.

WebProcess/MediaStream/UserMediaPermissionRequestManager.cpp:

(WebKit::UserMediaPermissionRequestManager::startUserMediaRequest):
(WebKit::UserMediaPermissionRequestManager::sendUserMediaRequest):
(WebKit::UserMediaPermissionRequestManager::cancelUserMediaRequest):
(WebKit::UserMediaPermissionRequestManager::mediaCanStart):
(WebKit::UserMediaPermissionRequestManager::userMediaAccessWasGranted):
(WebKit::UserMediaPermissionRequestManager::userMediaAccessWasDenied):
(WebKit::UserMediaPermissionRequestManager::addDeviceChangeObserver):
(WebKit::generateRequestID): Deleted.
(WebKit::UserMediaPermissionRequestManager::removeMediaRequestFromMaps): Deleted.

WebProcess/MediaStream/UserMediaPermissionRequestManager.h:

LayoutTests:

http/tests/media/media-stream/disconnected-frame-permission-denied-expected.txt:
http/tests/media/media-stream/disconnected-frame-permission-denied.html:

7:08 AM Changeset in webkit [250232] by zandobersek@gmail.com

2 edits in trunk/Source/JavaScriptCore

testmasm: integer operands loaded as unsigned values
https://bugs.webkit.org/show_bug.cgi?id=202099

Reviewed by Mark Lam.

Suppress GCC warnings about comparing signed and unsigned values in
test cases introduced in r247913 by using signed integer types for
loading 32-bit and 64-bit integer operand values.

assembler/testmasm.cpp:

(JSC::testBranchTestBit32RegReg):
(JSC::testBranchTestBit32RegImm):
(JSC::testBranchTestBit32AddrImm):
(JSC::testBranchTestBit64RegReg):
(JSC::testBranchTestBit64RegImm):
(JSC::testBranchTestBit64AddrImm):

6:59 AM Changeset in webkit [250231] by Patrick Griffis

2 edits in trunk/Source/WebKit

[GTK][WPE] Don't use prgname in dbus-proxy socket path
https://bugs.webkit.org/show_bug.cgi?id=201979

The path length for the socket is limited to 108 bytes so it is easy for a long
prgname to cause it to get truncated and fail. Since we only allow the socket
path into the sandbox the unique directory isn't necessary.

Reviewed by Michael Catanzaro.

UIProcess/Launcher/glib/BubblewrapLauncher.cpp:

(WebKit::XDGDBusProxyLauncher::setAddress):

6:22 AM UsingGitWithWebKit edited by ddkilzer@apple.com

(diff)

3:42 AM Changeset in webkit [250230] by Carlos Garcia Campos

1 copy in releases/WebKitGTK/webkit-2.26.1

WebKitGTK 2.26.1

3:40 AM Changeset in webkit [250229] by Carlos Garcia Campos

4 edits in releases/WebKitGTK/webkit-2.26

Unreviewed. Update OptionsGTK.cmake and NEWS for 2.26.1 release

Source/cmake/OptionsGTK.cmake: Bump version numbers.

Source/WebKit:

gtk/NEWS: Add release notes for 2.26.1.

3:40 AM Changeset in webkit [250228] by Carlos Garcia Campos

2 edits in releases/WebKitGTK/webkit-2.26/Source/WTF

Merge r250126 - UI process crash when using callOnMainThread() after the main thread dispatcher has been destroyed
https://bugs.webkit.org/show_bug.cgi?id=197266

Patch by Libor Bukata <libor.bukata@oracle.com> on 2019-09-20
Reviewed by Carlos Garcia Campos.

wtf/generic/MainThreadGeneric.cpp:

(WTF::scheduleDispatchFunctionsOnMainThread):

3:31 AM Changeset in webkit [250227] by cturner@igalia.com

2 edits in trunk/Source/WebCore

[GStreamer] isAVC1CodecSupported is crashing several media source tests due to avc1.4d4001 codec type
https://bugs.webkit.org/show_bug.cgi?id=201870

Reviewed by Xabier Rodriguez-Calvar.

The GStreamer codec-utils package expects all level_idc's to be
multiples of 10 from the spec idc, i.e., 1.1 -> 11, 3.1 -> 31, 1
-> 10, etc.

In the WPT tests, there is some confusion of this *10 multiplier,
and the level_idc is given in several places as simply "1". This
causes the get_level codec helper to return NULL, which the
registry scanner was not handling properly, and crashing on.

Fix this by special casing "web level idc's" that violate the *10
rule in isAVC1CodecSupported.

There is prior art along these lines in Gecko:
https://searchfox.org/mozilla-central/source/dom/media/VideoUtils.cpp#453
I assume Chrome/IE/etc must do something similar. The fix does not
belong in GStreamer since these are actually invalid inputs to the
get_level function.

Tested by imported/w3c/web-platform-tests/media-source

platform/graphics/gstreamer/GStreamerRegistryScanner.cpp:

(WebCore::GStreamerRegistryScanner::isAVC1CodecSupported const):
Special case levels 1..5, even though these *should* be
represented as 10 through 50 respectively, they are not in
web-land. The two-byte local storage trick was contributed to me
by Adrian Perez de Castro.

3:14 AM Changeset in webkit [250226] by Carlos Garcia Campos

3 edits in releases/WebKitGTK/webkit-2.26/Source/WebKit

Merge r250217 - [SOUP] Stop setting G_TLS_GNUTLS_PRIORITY
https://bugs.webkit.org/show_bug.cgi?id=172154

Reviewed by Carlos Garcia Campos.

Nowadays, I maintain glib-networking. WebKit doesn't need to override its defaults to be
secure anymore. By overriding glib-networking's default priority, WebKit is force-reenabling
TLS 1.0 and TLS 1.1 even when glib-networking has disabled them.

NetworkProcess/EntryPoint/unix/NetworkProcessMain.cpp:

(main):

WebProcess/EntryPoint/unix/WebProcessMain.cpp:

(main):

3:14 AM Changeset in webkit [250225] by Carlos Garcia Campos

3 edits
1 add in releases/WebKitGTK/webkit-2.26

Merge r250058 - Phantom insertion phase may disagree with arguments forwarding about live ranges
https://bugs.webkit.org/show_bug.cgi?id=200715
<rdar://problem/54301717>

Reviewed by Yusuke Suzuki.

JSTests:

stress/phantom-insertion-live-range-should-agree-with-arguments-forwarding.js: Added.

(main.v23):
(main.try.v43):
(main.):
(main):

Source/JavaScriptCore:

The issue is that Phantom insertion phase was disagreeing about live ranges
from the arguments forwarding phase. The effect is that Phantom insertion
would insert a Phantom creating a longer live range than what arguments
forwarding was analyzing. Arguments forwarding will look for the last DFG
use or the last bytecode use of a variable it wants to eliminate. It then
does an interference analysis to ensure that nothing clobbers other variables
it needs to recover the sunken allocation during OSR exit.

Phantom insertion works by ordering the program into OSR exit epochs. If a value was used
in the current epoch, there is no need to insert a phantom for it. We
determine where we might need a Phantom by looking at bytecode kills. In this
analysis, we have a mapping from bytecode local to DFG node. However, we
sometimes forgot to remove the entry when a local is killed. So, if the first
kill of a variable is in the same OSR exit epoch, we won't insert a Phantom by design.
However, if the variable gets killed again, we might errantly insert a Phantom
for the prior variable which should've already been killed. The solution is to
clear the entry in our mapping when a variable is killed.

The program in question was like this:

1: DirectArguments
...
2: MovHint(@1, loc1) arguments forwarding treats this as the final kill for @1
...
clobber things needed for recovery
...

Arguments elimination would transform the program since between @1 and
@2, nothing clobbers values needed for exit and nothing escapes @1. The
program becomes:

1: PhantomDirectArguments
...
2: MovHint(@1, loc1) arguments forwarding treats this as the final kill for @1
...
clobber things needed for recovery of @1
...

Phantom insertion would then transform the program into:

1: PhantomDirectArguments
...
2: MovHint(@1, loc1) arguments forwarding treats this as the final kill for @1
...
clobber things needed for recovery of @1
...
3: Phantom(@1)
...

This is wrong because Phantom insertion and arguments forwarding must agree on live
ranges, otherwise the interference analysis performed by arguments forwarding will
not correctly analyze up until where the value might be recovered.

dfg/DFGPhantomInsertionPhase.cpp:

3:14 AM Changeset in webkit [250224] by Carlos Garcia Campos

3 edits
2 adds in releases/WebKitGTK/webkit-2.26

Merge r249954 - [First-letter] Use WeakPtr for the first-letter insertion point.
https://bugs.webkit.org/show_bug.cgi?id=201842
<rdar://problem/51373788>

Reviewed by Antti Koivisto.

Source/WebCore:

The about-to-be-removed first letter renderer's sibling could potentially be destroyed too as the result of the anonymous subtree collapsing logic (when the next sibling is a generated anonymous block and it is not needed anymore.)

Test: fast/text/first-letter-with-columns-crash.html

rendering/updating/RenderTreeBuilderFirstLetter.cpp:

(WebCore::RenderTreeBuilder::FirstLetter::updateStyle):

LayoutTests:

fast/text/first-letter-with-columns-crash-expected.txt: Added.
fast/text/first-letter-with-columns-crash.html: Added.

3:14 AM Changeset in webkit [250223] by Carlos Garcia Campos

5 edits
1 add in releases/WebKitGTK/webkit-2.26

Merge r249926 - [JSC] Perform check again when we found non-BMP characters
https://bugs.webkit.org/show_bug.cgi?id=201647

Reviewed by Yusuke Suzuki.

JSTests:

stress/regexp-unicode-surrogate-pair-increment-should-involve-length-check.js: Added.
stress/regexp-unicode-within-string.js: Updated test to eliminate the bogus print().

(testRegExpInbounds):

Source/JavaScriptCore:

We need to check for end of input for non-BMP characters when matching a character class that contains
both BMP and non-BMP characters. In advanceIndexAfterCharacterClassTermMatch() we were checking for
end of input for both BMP and non-BMP characters. For BMP characters, this check is redundant.
After moving the check to after the "is BMP check", we need to decrement index after reaching the failure
label to back out the index++ for the first surrogate of the non-BMP character.

Added the same kind of check in generateCharacterClassOnce(). In that case, we have pre-checked the
first character (surrogate) for a non-BMP codepoint, so we just need to check for end of input before
we increment for the second surrogate.

While writing tests, I found an off by one error in backtrackCharacterClassGreedy() and changed the
loop to check the count at loop top instead of loop bottom.

yarr/YarrJIT.cpp:

(JSC::Yarr::YarrGenerator::advanceIndexAfterCharacterClassTermMatch):
(JSC::Yarr::YarrGenerator::generateCharacterClassOnce):
(JSC::Yarr::YarrGenerator::generateCharacterClassGreedy):
(JSC::Yarr::YarrGenerator::backtrackCharacterClassGreedy):
(JSC::Yarr::YarrGenerator::backtrackCharacterClassNonGreedy):

3:14 AM Changeset in webkit [250222] by Carlos Garcia Campos

2 edits in releases/WebKitGTK/webkit-2.26/Source/WebCore

Merge r249854 - Crash under WebCore::firstPositionInNode()
https://bugs.webkit.org/show_bug.cgi?id=201764
<rdar://problem/54823754>

Reviewed by Wenson Hsieh and Geoff Garen.

Make sure to keep a Ref<> to the textNode when we call insertNodeAtTabSpanPosition()
or insertNodeAt().

Test: editing/firstPositionInNode-crash.html

editing/InsertTextCommand.cpp:

(WebCore::InsertTextCommand::positionInsideTextNode):

3:14 AM Changeset in webkit [250221] by Carlos Garcia Campos

3 edits
1 add in releases/WebKitGTK/webkit-2.26

Merge r249777 - JSC crashes due to stack overflow while building RegExp
https://bugs.webkit.org/show_bug.cgi?id=201649

Reviewed by Yusuke Suzuki.

JSTests:

New regression test.

stress/regexp-bol-optimize-out-of-stack.js: Added.

(test):
(catch):

Source/JavaScriptCore:

Check for running out of stack when we are optimizing RegExp containing BOL terms or
other deep copying of disjunctions.

yarr/YarrPattern.cpp:

(JSC::Yarr::YarrPatternConstructor::copyDisjunction):
(JSC::Yarr::YarrPatternConstructor::copyTerm):
(JSC::Yarr::YarrPatternConstructor::error):
(JSC::Yarr::YarrPattern::compile):

3:14 AM Changeset in webkit [250220] by Carlos Garcia Campos

4 edits in releases/WebKitGTK/webkit-2.26/Source/WebCore

Merge r249762 - Prevent reentrancy FrameLoader::dispatchUnloadEvents()
https://bugs.webkit.org/show_bug.cgi?id=200738

Reviewed by Brady Eidson.

Reentrancy causes m_pageDismissalEventBeingDispatched to be incorrectly
updated, so don't allow reentrancy.

Since this prevents m_pageDismissalEventBeingDispatched from being reset
inside a reentrant call, it can have the unintended effect of causing
FrameLoader::stopAllLoaders to early-out when called from
FrameLoader::detachFromParent while a frame's unload event handler
calls document.open() on a parent frame and causes itself to become
detached. Allowing a load to continue in a detached frame will lead to
a crash. To prevent this, add a new argument to FrameLoader::stopAllLoaders
that FrameLoader::detachFromParent can use to prevent an early-out.

loader/FrameLoader.cpp:

(WebCore::FrameLoader::stopAllLoaders):
(WebCore::FrameLoader::detachFromParent):
(WebCore::FrameLoader::dispatchUnloadEvents):
(WebCore::FrameLoader::dispatchBeforeUnloadEvent):
Ensure that m_pageDismissalEventBeingDispatched is reset to its previous value, even if this is not None.

loader/FrameLoader.h:
loader/FrameLoaderTypes.h:

Add a StopLoadingPolicy enum.

3:14 AM Changeset in webkit [250219] by Carlos Garcia Campos

10 edits in releases/WebKitGTK/webkit-2.26

Merge r249445 - REGRESSION (r249078): Flaky crash in com.apple.JavaScriptCore: Inspector::InjectedScriptModule::ensureInjected
https://bugs.webkit.org/show_bug.cgi?id=201201
<rdar://problem/54771560>

Reviewed by Joseph Pecoraro.

Source/JavaScriptCore:

inspector/InjectedScriptSource.js:

(let.InjectedScript.prototype.injectModule):
(let.InjectedScript.prototype._evaluateOn):
(CommandLineAPI):
(let.InjectedScript.prototype.setInspectObject): Deleted.
(let.InjectedScript.prototype.addCommandLineAPIGetter): Deleted.
(let.InjectedScript.prototype.addCommandLineAPIMethod.func.toString): Deleted.
(let.InjectedScript.prototype.addCommandLineAPIMethod): Deleted.
(InjectedScript.CommandLineAPI): Deleted.
Allow injected script "extensions" (e.g. CommandLineAPIModuleSource.js) to modify objects
directly, instead of having them call functions.

inspector/InjectedScriptModule.cpp:

(Inspector::InjectedScriptModule::ensureInjected):
Make sure to reset hadException to false before making another call.

Source/WebCore:

Tests: inspector/debugger/tail-deleted-frames-this-value.html

inspector/heap/getRemoteObject.html

inspector/CommandLineAPIModuleSource.js:

Avoid executing functions when injecting. Instead, modify the CommandLineAPI directly.

LayoutTests:

inspector/debugger/tail-deleted-frames-this-value.html:
inspector/debugger/tail-deleted-frames-this-value-expected.txt:
inspector/debugger/resources/tail-deleted-frames-this-value.js:
inspector/timeline/line-column-expected.txt:

3:14 AM Changeset in webkit [250218] by Carlos Garcia Campos

8 edits
2 adds in releases/WebKitGTK/webkit-2.26

Merge r249594 - REGRESSION (r249367): m_decodingPromises grows indefinitely until ImageLoader destruction
https://bugs.webkit.org/show_bug.cgi?id=201402

Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2019-09-06
Reviewed by Youenn Fablet and Daniel Bates.

Source/WebCore:

Add the static functions resolvePromises() and rejectPromises(). These
functions take an lvalue reference to a Vector of promises. Inside them,
the lvalue reference argument are exchanged with an empty Vector of
promises then the promises are processed. This clears m_decodingPromises
and fixes the leak.

Add an internal API which returns the count of the pending promises of
an HTMLImageElement. This internal API will be used in the attached test.

Test: fast/images/decode-resolve-reject-no-leak.html

html/HTMLImageElement.h:

(WebCore::HTMLImageElement::pendingDecodePromisesCountForTesting const):

loader/ImageLoader.cpp:

(WebCore::resolvePromises):
ImageLoader::decode() calls BitmapImage::decode() and moves m_decodingPromises
in capture. When decoding finishes, this function is called to resolve the
promises. But ImageLoader might get deleted before the image decoding
finishes. So this function has to be static.

(WebCore::rejectPromises):
(WebCore::ImageLoader::resolveDecodePromises):
(WebCore::ImageLoader::rejectDecodePromises):
(WebCore::ImageLoader::notifyFinished):
(WebCore::ImageLoader::decode):
(WebCore::resolveDecodePromises): Deleted.
(WebCore::rejectDecodePromises): Deleted.

loader/ImageLoader.h:

(WebCore::ImageLoader::pendingDecodePromisesCountForTesting const):

testing/Internals.cpp:

(WebCore::Internals::imagePendingDecodePromisesCountForTesting):

testing/Internals.h:
testing/Internals.idl:

LayoutTests:

fast/images/decode-resolve-reject-no-leak-expected.txt: Added.
fast/images/decode-resolve-reject-no-leak.html: Added.

2:05 AM Changeset in webkit [250217] by Michael Catanzaro

3 edits in trunk/Source/WebKit

[SOUP] Stop setting G_TLS_GNUTLS_PRIORITY
https://bugs.webkit.org/show_bug.cgi?id=172154

Reviewed by Carlos Garcia Campos.

NetworkProcess/EntryPoint/unix/NetworkProcessMain.cpp:

(main):

WebProcess/EntryPoint/unix/WebProcessMain.cpp:

(main):

1:49 AM Changeset in webkit [250216] by commit-queue@webkit.org

6 edits
4 adds
1 delete in trunk

Sync operator dictionary
https://bugs.webkit.org/show_bug.cgi?id=201974

Patch by Rob Buis <rbuis@igalia.com> on 2019-09-23
Reviewed by Frédéric Wang.

LayoutTests/imported/w3c:

Update improved test results.

web-platform-tests/mathml/presentation-markup/operators/operator-dictionary-001-expected.txt:

Source/WebCore:

Sync with operator dictionary list from
https://mathml-refresh.github.io/mathml-core/#operator-dictionary

Test: imported/w3c/web-platform-tests/mathml/presentation-markup/operators/operator-dictionary-001.html

mathml/MathMLOperatorDictionary.cpp:

LayoutTests:

platform/ios-wk2/imported/w3c/web-platform-tests/mathml/relations/css-styling/ignored-properties-001-expected.txt: Added.
platform/win/TestExpectations:

1:46 AM Changeset in webkit [250215] by Carlos Garcia Campos

2 edits in releases/WebKitGTK/webkit-2.26/Source/WebCore

Merge r250027 - [cairo] Incorrect targetRect in BackingStoreBackendCairoImpl::scroll
https://bugs.webkit.org/show_bug.cgi?id=201895

Reviewed by Carlos Garcia Campos.

In BackingStoreBackendCairoImpl::scroll, targetRect is calculated
wrongly by shifting maxX and maxY. Bug 59655 fixed the issue by
removing the shifting, but only for BackingStoreBackendCairoX11::scroll.

No new tests, no behavior change.

platform/graphics/cairo/BackingStoreBackendCairoImpl.cpp:

(WebCore::BackingStoreBackendCairoImpl::scroll): Take intersection of targetRect and scrollRect.

1:46 AM Changeset in webkit [250214] by Carlos Garcia Campos

2 edits in releases/WebKitGTK/webkit-2.26/Source/WebCore

Merge r249937 - [Cairo] Image::drawTiled → Cairo::drawSurface → cairo_paint_with_alpha → segfault happens in pixman
https://bugs.webkit.org/show_bug.cgi?id=201755

Reviewed by Don Olmstead.

Segmentation faults happened in pixman while painting a image. In
Cairo::drawSurface, originalSrcRect can be slightly larger than
the surface size because of floating number calculations.
Cairo::drawSurface created a subsurface which is running over the
parent surface boundaries.

platform/graphics/cairo/CairoOperations.cpp:

(WebCore::Cairo::drawSurface): Calculated a intersection with
expandedSrcRect and the parent surface size for subsurface size.

1:46 AM Changeset in webkit [250213] by Carlos Garcia Campos

2 edits in releases/WebKitGTK/webkit-2.26/Source/WebCore

Merge r249761 - [GStreamer] Do not adopt floating references.
https://bugs.webkit.org/show_bug.cgi?id=201685

Reviewed by Carlos Garcia Campos.

Covered by existing tests.

platform/graphics/gstreamer/GStreamerCommon.cpp:

(WebCore::initializeGStreamer): gst_element_factory_make returns
floating references, you do not adopt such references, rather you
sink them.

1:46 AM Changeset in webkit [250212] by Carlos Garcia Campos

2 edits in releases/WebKitGTK/webkit-2.26/Source/WebCore

Merge r249477 - [GStreamer] Sound is down-pitched when playing video from YLE Areena
https://bugs.webkit.org/show_bug.cgi?id=201399

Reviewed by Xabier Rodriguez-Calvar.

If the FDK-AAC decoder is available, promote it and downrank the
libav AAC decoders, due to their broken LC support, as reported in:
https://ffmpeg.org/pipermail/ffmpeg-devel/2019-July/247063.html

platform/graphics/gstreamer/GStreamerCommon.cpp:

(WebCore::initializeGStreamer):

1:46 AM Changeset in webkit [250211] by Carlos Garcia Campos

2 edits in releases/WebKitGTK/webkit-2.26/Source/WebKit

Merge r249882 - [GTK][WPE] Check for a Snap sandbox a bit harder
https://bugs.webkit.org/show_bug.cgi?id=201793

Reviewed by Michael Catanzaro.

UIProcess/Launcher/glib/ProcessLauncherGLib.cpp:

(WebKit::isInsideSnap): Check whether the SNAP_NAME and SNAP_REVISION
environment variables are defined as well.

1:39 AM Changeset in webkit [250210] by Carlos Garcia Campos

8 edits in releases/WebKitGTK/webkit-2.26/Source/WebCore

Revert r249160 - "InlineTextBox::end() should return first-past-end offset"

1:39 AM Changeset in webkit [250209] by Carlos Garcia Campos

3 edits in releases/WebKitGTK/webkit-2.26/Source/WebKit

Merge r249953 - [GTK] Initial view loading is slow
https://bugs.webkit.org/show_bug.cgi?id=201451

Reviewed by Sergio Villar Senin.

The problem is that now we are always calling DrawingAreaProxy::waitForBackingStoreUpdateOnNextPaint() after a
new process is launched and we used to do that only when launching a new process after a crash. This makes
m_hasReceivedFirstUpdate useless, because it's always set to true right after a process is launched. Then, we
wait up to half a second (which is usually the case for the initial load) until the first update. We only want
to do that when recovering from a crash or when swapping processes to avoid flashing effect.

UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::launchProcess): Add ProcessLaunchReason parameter and pass it to
finishAttachingToWebProcess instead of IsProcessSwap.
(WebKit::WebPageProxy::swapToWebProcess): Pass ProcessLaunchReason::ProcessSwap to
finishAttachingToWebProcess().
(WebKit::WebPageProxy::finishAttachingToWebProcess): Do not call
DrawingAreaProxy::waitForBackingStoreUpdateOnNextPaint() when process launch reason is ProcessLaunchReason::InitialProcess.
(WebKit::WebPageProxy::launchProcessForReload): Pass ProcessLaunchReason::Reload to launchProcess().

UIProcess/WebPageProxy.h: Remove IsProcessSwap and add ProcessLaunchReason instead that is passed to

launchProcess and finishAttachingToWebProcess.

1:39 AM Changeset in webkit [250208] by Carlos Garcia Campos

30 edits
1 copy
2 adds
8 deletes in releases/WebKitGTK/webkit-2.26

Revert "Merge r249332, r249325, r249205"

Revert "Merge r249332 - [MSE][GStreamer] Replaying the video should update currentTime"
Revert "Merge r249325 - [MSE][GStreamer] Gracefully fail on invalid non-first initialization segment"
Revert "Merge r249205 - [MSE][GStreamer] WebKitMediaSrc rework"

1:21 AM WebKitGTK/2.26.x edited by Carlos Garcia Campos

(diff)

1:21 AM Changeset in webkit [250207] by Carlos Garcia Campos

2 edits in releases/WebKitGTK/webkit-2.26

Merge r249883 - [GTK][WPE] Do not run the Bubblewrap executable when configuring for cross-compilation
https://bugs.webkit.org/show_bug.cgi?id=201340

Reviewed by Konstantin Tokarev.

Source/cmake/BubblewrapSandboxChecks.cmake: Do not run the

Bubblewrap executable when cross-compiling to guess its version.
Emit a warning instead and trust that valid run-time paths will
be set using the BWRAP_EXECUTABLE and DBUS_PROXY_EXECUTABLE
variables. While at it, fix the regular expression used to match
the version string in the Bubblewrap output when not cross-compiling.

1:21 AM Changeset in webkit [250206] by Carlos Garcia Campos

2 edits in releases/WebKitGTK/webkit-2.26/Source/WebKit

Merge r250036 - [GTK][WPE] bubblewrap sandbox should be disabled when running inside docker
https://bugs.webkit.org/show_bug.cgi?id=201914

Reviewed by Michael Catanzaro.

Detect if running inside Docker by checking the file /.dockerenv
In that case, disable the sandbox.

UIProcess/Launcher/glib/ProcessLauncherGLib.cpp:

(WebKit::isInsideDocker):
(WebKit::ProcessLauncher::launchProcess):

1:21 AM Changeset in webkit [250205] by Carlos Garcia Campos

2 edits in releases/WebKitGTK/webkit-2.26/Source/WebCore

Merge r249951 - [GTK] Cannot create EGL window surface: EGL_BAD_ALLOC
https://bugs.webkit.org/show_bug.cgi?id=201505

Reviewed by Žan Doberšek.

This happens because eglCreateWindowSurface() is called twice for the same window when not using the WPE
renderer. New versions of Mesa fail the second time with a EGL_BAD_ALLOC.

platform/graphics/egl/GLContextEGL.cpp:

(WebCore::GLContextEGL::createWindowContext): Check surface is nullptr before falling back to use
eglCreateWindowSurface().

1:21 AM Changeset in webkit [250204] by Carlos Garcia Campos

8 edits in releases/WebKitGTK/webkit-2.26/Source/WebKit

Merge r249947 - [GTK] Crash closing web view while hardware acceleration is enabled
https://bugs.webkit.org/show_bug.cgi?id=200856

Reviewed by Michael Catanzaro.

The crash happens when destroying the WaylandCompositor::Surface because the web view GL context is used to
release the texture, but the GL context is no longer valid after web view
unrealize. AcceleratedBackingStoreWayland should handle the web view unrealize to destroy the GL context. It
will be created on demand again after the web view is realized.

UIProcess/API/gtk/WebKitWebViewBase.cpp:

(webkitWebViewBaseRealize): Notify AcceleratedBackingStore.
(webkitWebViewBaseUnrealize): Ditto.

UIProcess/gtk/AcceleratedBackingStore.h:

(WebKit::AcceleratedBackingStore::realize): Added.
(WebKit::AcceleratedBackingStore::unrealize): Added.

UIProcess/gtk/AcceleratedBackingStoreWayland.cpp:

(WebKit::AcceleratedBackingStoreWayland::realize): In case of using WaylandCompositor, call
WaylandCompositor::bindWebPage() to bind the WebPageProxy to the Wayland surface.
(WebKit::AcceleratedBackingStoreWayland::unrealize): Destroy GL resources and the GL context.
(WebKit::AcceleratedBackingStoreWayland::tryEnsureGLContext): Do not try to create the GL context if the web
view is not realized.
(WebKit::AcceleratedBackingStoreWayland::displayBuffer): Remove the code to initialize the texture.
(WebKit::AcceleratedBackingStoreWayland::paint): And add it here.

UIProcess/gtk/AcceleratedBackingStoreWayland.h:
UIProcess/gtk/WaylandCompositor.cpp:

(WebKit::WaylandCompositor::Surface::setWebPage): Return early if given page is the current one already.
(WebKit::WaylandCompositor::bindWebPage): Set the surface WebPageProxy.
(WebKit::WaylandCompositor::unbindWebPage): Unset the surface WebPageProxy.

UIProcess/gtk/WaylandCompositor.h:
WebProcess/WebPage/CoordinatedGraphics/DrawingAreaCoordinatedGraphics.cpp:

(WebKit::DrawingAreaCoordinatedGraphics::enterAcceleratedCompositingMode): When restoring a previous layer tree
host, always call resumeRendering() to balance the suspendRendering() called in exitAcceleratedCompositingMode().

1:20 AM Changeset in webkit [250203] by Carlos Garcia Campos

6 edits in releases/WebKitGTK/webkit-2.26

Merge r249890 - REGRESSION(r249142): [GTK] Epiphany delayed page loads continue indefinitely
https://bugs.webkit.org/show_bug.cgi?id=201544

Reviewed by Michael Catanzaro.

Source/WebKit:

WebPageProxy::loadAlternateHTML() is an exception, because it's an API request but always sets the navigationID
to 0. We always want to reset the pending API request URL when alternate HTML load starts.

UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::didStartProvisionalLoadForFrameShared): Check also that it's an API alternate HTML load
to reset the pending API request URL.

Tools:

Add new test cases.

TestWebKitAPI/Tests/WebKitGLib/TestLoaderClient.cpp:

(testWebViewActiveURI):
(testWebViewIsLoading):

TestWebKitAPI/glib/WebKitGLib/LoadTrackingTest.cpp:

(loadChangedCallback):
(LoadTrackingTest::loadAlternateHTML):
(LoadTrackingTest::reset):

TestWebKitAPI/glib/WebKitGLib/LoadTrackingTest.h:

1:20 AM Changeset in webkit [250202] by Carlos Garcia Campos

9 edits in releases/WebKitGTK/webkit-2.26

Merge r249810 - [GTK][WPE] webkit_settings_set_user_agent() allows content forbidden in HTTP headers
https://bugs.webkit.org/show_bug.cgi?id=201077

Reviewed by Carlos Garcia Campos.

Source/WebCore:

Add a function to validate whether a string contains a valid value
which can be used in a HTTP User-Agent header.

Covered by new WebCore API test HTTPParsers.ValidateUserAgentValues.

platform/glib/UserAgentGLib.cpp:

(WebCore::standardUserAgent): Assert that the returned string is a valid User-Agent.
(WebCore::standardUserAgentForURL): Ditto.

platform/network/HTTPParsers.cpp: Added a series of helper functions which skip over

characters of a string, which can be used to scan over the different elements of an
User-Agent value; all of them receive the position from the input string where to start
scanning, updating it to the position right after the scanned item (this follow the
convention already in use by other functions in the source file). Each of them has
been annotated with the RFC number and section which contains the definition of the
scanned item, and the corresponding BNF rules to make the code easier to follow.
(WebCore::skipWhile): Added.
(WebCore::isVisibleCharacter): Added.
(WebCore::isOctectInFieldContentCharacter): Added.
(WebCore::isCommentTextCharacter): Added.
(WebCore::isHTTPTokenCharacter): Added.
(WebCore::isValidHTTPToken): Refactored to use the new isHTTPTokenCharacter()
helper function instead of having the test inside the loop.
(WebCore::skipCharacter): Added.
(WebCore::skipQuotedPair): Added.
(WebCore::skipComment): Added.
(WebCore::skipHTTPToken): Added.
(WebCore::skipUserAgentProduct): Added.
(WebCore::isValidUserAgentHeaderValue): Added.

platform/network/HTTPParsers.h: Add prototype for isValidUserAgentHeaderValue().

Source/WebKit:

UIProcess/API/glib/WebKitSettings.cpp:

(webkit_settings_set_user_agent): Check the passed string using the new
WebCore::isValidUserAgentHeaderValue() function, and return early without
changing the setting if the string is not usable in the User-Agent HTTP
header.

Tools:

TestWebKitAPI/CMakeLists.txt: Add missing HTTPParsers.cpp to be built into TestWebCore.
TestWebKitAPI/Tests/WebCore/HTTPParsers.cpp:

(TestWebKitAPI::TEST): Add tests for WebCore::isValidUserAgentHeaderValue().

Sep 22, 2019:

8:46 PM Changeset in webkit [250201] by ddkilzer@apple.com

10 edits in trunk/Source/WebCore

clang-tidy: Fix unnecessary copy/ref churn of for loop variables in WebCore
<https://webkit.org/b/202090>

Reviewed by Daniel Bates.

Fix unwanted copying/ref churn of loop variables by making them
const references.

Modules/encryptedmedia/InitDataRegistry.cpp:

(WebCore::InitDataRegistry::extractKeyIDsCenc):

accessibility/AccessibilityObject.cpp:

(WebCore::AccessibilityObject::getMisspellingRange const):
(WebCore::AccessibilityObject::performTextOperation):

html/HTMLSlotElement.cpp:

(WebCore::flattenAssignedNodes):

html/track/WebVTTParser.cpp:

(WebCore::WebVTTParser::checkAndStoreStyleSheet):

layout/inlineformatting/InlineFormattingContextLineLayout.cpp:

(WebCore::Layout::InlineFormattingContext::InlineLayout::createDisplayRuns const):

platform/ios/PlatformPasteboardIOS.mm:

(WebCore::PlatformPasteboard::updateSupportedTypeIdentifiers):

platform/ios/WebItemProviderPasteboard.mm:

(-[WebItemProviderPasteboard allDroppedFileURLs]):

svg/SVGStringList.h:
testing/MockLibWebRTCPeerConnection.cpp:

(WebCore::MockLibWebRTCPeerConnection::GetTransceivers const):
Also call transceivers.reserve() to optimize allocations.

2:57 AM Changeset in webkit [250200] by ysuzuki@apple.com

5 edits
2 adds in trunk

[JSC] Int52Rep(DoubleRepAnyIntUse) should not call operation function
https://bugs.webkit.org/show_bug.cgi?id=202072

Reviewed by Mark Lam.

JSTests:

stress/int52rep-with-double-checks-int52-range.js: Added.

(shouldBe):
(test):

Source/JavaScriptCore:

Inline doubleToStrictInt52 in FTL since it is very simple function.
This change improves JetStream2/stanford-crypto-sha256 by ~5%.

ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::doubleToStrictInt52):

ftl/FTLOutput.cpp:

(JSC::FTL::Output::doubleToInt64):

ftl/FTLOutput.h:

2:08 AM Changeset in webkit [250199] by ysuzuki@apple.com

2 edits in trunk/Source/JavaScriptCore

Unreviewed, follow-up change after r250198
https://bugs.webkit.org/show_bug.cgi?id=201633

b3/testb3_5.cpp:

(testCheckAddRemoveCheckWithSExt16):

12:19 AM Changeset in webkit [250198] by ysuzuki@apple.com

5 edits in trunk/Source/JavaScriptCore

[JSC] Remove CheckAdd in JetStream2/async-fs's Math.random function
https://bugs.webkit.org/show_bug.cgi?id=201633

Reviewed by Mark Lam.

Int52Rep is used in DFG and FTL to calculate Int52 things faster. This is typically used when user code see uint32_t type.
In JS, we handles Int32 well, but if the value exceeds Int32 range (like, using 0xffffffff), we use Int52 instead not to fallback to Double.

The problem is that we do not have optimizations for Int52's overflow checks. This emits many ArithAdd(Int52Rep x 2, CheckOverflow). Each
of them emits OSR exit, which prevents dead-store-elimination in B3, and makes ValueToInt32(Int52) alive if it is referenced from some variable which
can be seen if OSR exit occurs.

In this patch, we perform strength-reduction for CheckAdd, converting to Add. We already have such a thing. But the existing one does not handle instructions
well emitted when Int52 is used.

When Int52 is used, we typically have the sequence like,

Int64 @78 = SExt32(@73, DFG:@67<Int52>) Widen Int32 to Int64
Int64 @81 = Shl(@78, $12(@80), DFG:@162<Int52>) Convert Int32 to Int52

While we have Shl handling for integer-range optimization in B3ReduceStrength, we lack handling of SExt32 while it is very easy.
This patch adds SExt8, SExt16, SExt32, and ZExt32 handling to B3ReduceStrength's integer range analysis.
This converts many CheckAdd in JetStream2/async-fs's hot function to simple Add, and removes a bunch of unnecessary instructions which exist because of this OSR exit.
We can see ~5% improvement in JetStream2/async-fs.

b3/B3ReduceStrength.cpp:
b3/testb3.h:

(int16Operands):
(int8Operands):

b3/testb3_1.cpp:

(run):

b3/testb3_5.cpp:

(testCheckAddRemoveCheckWithSExt8):
(testCheckAddRemoveCheckWithSExt16):
(testCheckAddRemoveCheckWithSExt32):
(testCheckAddRemoveCheckWithZExt32):

Sep 21, 2019:

11:12 PM Changeset in webkit [250197] by mitz@apple.com

2 edits in trunk/Source/WebKit

Fix an assertion failure introduced in r250186.

UIProcess/Plugins/mac/PluginProcessProxyMac.mm:

(WebKit::PluginProcessProxy::platformGetLaunchOptionsWithAttributes): Corrected the

assertion.

11:04 PM Changeset in webkit [250196] by Chris Dumez

24 edits in trunk/Source

Reduce use of SessionID::defaultSessionID() in WebKit
https://bugs.webkit.org/show_bug.cgi?id=202080

Reviewed by Alex Christensen.

Source/WebCore:

Reduce use of SessionID::defaultSessionID() in WebKit. Falling back to the default session
when you don't know which session to use is never a good idea and a potential privacy issue.

Modules/websockets/WebSocketChannel.cpp:

(WebCore::WebSocketChannel::connect):

dom/Document.cpp:

(WebCore::Document::logger):

dom/Document.h:
html/HTMLAnchorElement.cpp:

(WebCore::HTMLAnchorElement::parseAdClickAttribution const):

loader/DocumentLoader.cpp:

(WebCore::DocumentLoader::continueAfterContentPolicy):

loader/EmptyFrameLoaderClient.h:
loader/FrameLoaderClient.h:
loader/cache/CachedResourceLoader.cpp:

(WebCore::CachedResourceLoader::requestUserCSSStyleSheet):
(WebCore::CachedResourceLoader::updateCachedResourceWithCurrentRequest):
(WebCore::CachedResourceLoader::requestResource):
(WebCore::CachedResourceLoader::revalidateResource):
(WebCore::CachedResourceLoader::loadResource):

loader/cache/CachedResourceLoader.h:

(WebCore::CachedResourceLoader::clearDocumentLoader):

page/Frame.cpp:
page/Frame.h:
workers/service/ServiceWorkerContainer.cpp:

(WebCore::ServiceWorkerContainer::isAlwaysOnLoggingAllowed const):

Source/WebKit:

WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:

(WebKit::WebFrameLoaderClient::convertMainResourceLoadToDownload):

WebProcess/WebCoreSupport/WebFrameLoaderClient.h:
WebProcess/WebPage/WebFrame.cpp:

(WebKit::WebFrame::convertMainResourceLoadToDownload):

WebProcess/WebPage/WebFrame.h:

Source/WebKitLegacy/mac:

WebCoreSupport/WebFrameLoaderClient.h:
WebCoreSupport/WebFrameLoaderClient.mm:

(WebFrameLoaderClient::convertMainResourceLoadToDownload):

Source/WebKitLegacy/win:

WebCoreSupport/WebFrameLoaderClient.cpp:

(WebFrameLoaderClient::convertMainResourceLoadToDownload):

WebCoreSupport/WebFrameLoaderClient.h:

10:17 PM Changeset in webkit [250195] by Chris Dumez

7 edits in trunk/Source/WebCore

ServiceWorkerContextData does not need a sessionID
https://bugs.webkit.org/show_bug.cgi?id=202087

Reviewed by Alex Christensen.

workers/service/ServiceWorkerContextData.cpp:

(WebCore::ServiceWorkerContextData::isolatedCopy const):

workers/service/ServiceWorkerContextData.h:

(WebCore::ServiceWorkerContextData::encode const):
(WebCore::ServiceWorkerContextData::decode):

workers/service/server/RegistrationDatabase.cpp:

(WebCore::RegistrationDatabase::RegistrationDatabase):
(WebCore::RegistrationDatabase::importRecords):

workers/service/server/RegistrationDatabase.h:
workers/service/server/SWServer.cpp:

(WebCore::SWServer::updateWorker):

workers/service/server/SWServerWorker.cpp:

(WebCore::SWServerWorker::contextData const):

10:17 PM Changeset in webkit [250194] by Chris Dumez

3 edits in trunk/Source/WebKit

Drop unnecessary NetworkProcess::m_sessionByConnection
https://bugs.webkit.org/show_bug.cgi?id=202088

Reviewed by Alex Christensen.

NetworkProcess/NetworkProcess.cpp:
NetworkProcess/NetworkProcess.h:

10:16 PM Changeset in webkit [250193] by Chris Dumez

7 edits in trunk/Source

WebIDBConnectionToClient does not need to be RefCounted or a SessionID
https://bugs.webkit.org/show_bug.cgi?id=202089

Reviewed by Alex Christensen.

Source/WebCore:

Drop some dead code.

Modules/indexeddb/server/IDBConnectionToClientDelegate.h:

Source/WebKit:

WebIDBConnectionToClient does not need to be RefCounted, the ref() / deref() virtual function
it implemented from its interface were dead code. We now stop subclassing RefCounted and have
the NetworkConnectionToWebProcess fully own the WebIDBConnectionToClient. Instead of the
WebIDBConnectionToClient having 3 data members for the NetworkProcess, the sessionID and the IPC
connection, use a single data member to its NetworkConnectionToWebProcess parent. It can get
everything it needs from its parent.

NetworkProcess/IndexedDB/WebIDBConnectionToClient.cpp:

(WebKit::WebIDBConnectionToClient::WebIDBConnectionToClient):
(WebKit::WebIDBConnectionToClient::idbServer):
(WebKit::WebIDBConnectionToClient::disconnectedFromWebProcess):
(WebKit::WebIDBConnectionToClient::messageSenderConnection const):
(WebKit::WebIDBConnectionToClient::connectionToClient):
(WebKit::WebIDBConnectionToClient::deleteDatabase):
(WebKit::WebIDBConnectionToClient::openDatabase):
(WebKit::WebIDBConnectionToClient::abortTransaction):
(WebKit::WebIDBConnectionToClient::commitTransaction):
(WebKit::WebIDBConnectionToClient::didFinishHandlingVersionChangeTransaction):
(WebKit::WebIDBConnectionToClient::createObjectStore):
(WebKit::WebIDBConnectionToClient::deleteObjectStore):
(WebKit::WebIDBConnectionToClient::renameObjectStore):
(WebKit::WebIDBConnectionToClient::clearObjectStore):
(WebKit::WebIDBConnectionToClient::createIndex):
(WebKit::WebIDBConnectionToClient::deleteIndex):
(WebKit::WebIDBConnectionToClient::renameIndex):
(WebKit::WebIDBConnectionToClient::putOrAdd):
(WebKit::WebIDBConnectionToClient::getRecord):
(WebKit::WebIDBConnectionToClient::getAllRecords):
(WebKit::WebIDBConnectionToClient::getCount):
(WebKit::WebIDBConnectionToClient::deleteRecord):
(WebKit::WebIDBConnectionToClient::openCursor):
(WebKit::WebIDBConnectionToClient::iterateCursor):
(WebKit::WebIDBConnectionToClient::establishTransaction):
(WebKit::WebIDBConnectionToClient::databaseConnectionPendingClose):
(WebKit::WebIDBConnectionToClient::databaseConnectionClosed):
(WebKit::WebIDBConnectionToClient::abortOpenAndUpgradeNeeded):
(WebKit::WebIDBConnectionToClient::didFireVersionChangeEvent):
(WebKit::WebIDBConnectionToClient::openDBRequestCancelled):
(WebKit::WebIDBConnectionToClient::confirmDidCloseFromServer):
(WebKit::WebIDBConnectionToClient::getAllDatabaseNames):

NetworkProcess/IndexedDB/WebIDBConnectionToClient.h:
NetworkProcess/NetworkConnectionToWebProcess.cpp:

(WebKit::NetworkConnectionToWebProcess::establishIDBConnectionToServer):

NetworkProcess/NetworkConnectionToWebProcess.h:

10:15 PM Changeset in webkit [250192] by Chris Dumez

6 edits in trunk/Source/WebCore

[CURL] CurlRequest does not need a sessionID
https://bugs.webkit.org/show_bug.cgi?id=202086

Reviewed by Alex Christensen.

platform/network/curl/CurlFormDataStream.cpp:

(WebCore::CurlFormDataStream::CurlFormDataStream):

platform/network/curl/CurlFormDataStream.h:
platform/network/curl/CurlRequest.cpp:

(WebCore::CurlRequest::CurlRequest):

platform/network/curl/CurlRequest.h:

(WebCore::CurlRequest::create):

platform/network/curl/ResourceHandleCurl.cpp:

(WebCore::ResourceHandle::createCurlRequest):

10:15 PM Changeset in webkit [250191] by Chris Dumez

5 edits in trunk/Source/WebCore

CookieRequestHeaderFieldProxy does not need a SessionID
https://bugs.webkit.org/show_bug.cgi?id=202084

Reviewed by Alex Christensen.

Modules/websockets/WebSocketChannel.cpp:

(WebCore::WebSocketChannel::didOpenSocketStream):

loader/CookieJar.cpp:

(WebCore::CookieJar::cookieRequestHeaderFieldProxy):

loader/CookieJar.h:
platform/network/CookieRequestHeaderFieldProxy.h:

(WebCore::CookieRequestHeaderFieldProxy::encode const):
(WebCore::CookieRequestHeaderFieldProxy::decode):

10:14 PM Changeset in webkit [250190] by Chris Dumez

3 edits in trunk/Source/WebCore

DocumentLoader::m_temporaryServiceWorkerClient does not need a sessionID
https://bugs.webkit.org/show_bug.cgi?id=202083

Reviewed by Alex Christensen.

loader/DocumentLoader.cpp:

(WebCore::DocumentLoader::registerTemporaryServiceWorkerClient):
(WebCore::DocumentLoader::unregisterTemporaryServiceWorkerClient):

loader/DocumentLoader.h:

9:01 PM Changeset in webkit [250189] by mark.lam@apple.com

6 edits in trunk/Source/JavaScriptCore

Move JSLexicalEnvironment, DirectArguments, and ScopedArguments cells out of the Gigacage.
https://bugs.webkit.org/show_bug.cgi?id=202082

Reviewed by Tadeu Zagallo.

They are not being caged anyway.

runtime/DirectArguments.h:
runtime/JSLexicalEnvironment.h:

(JSC::JSLexicalEnvironment::subspaceFor):

runtime/ScopedArguments.h:
runtime/VM.cpp:

(JSC::VM::VM):

runtime/VM.h:

7:40 PM Changeset in webkit [250188] by Brent Fulgham

10 edits in trunk/Source/WebCore

[FTW] Resolve crashes found while running canvas tests
https://bugs.webkit.org/show_bug.cgi?id=202062

Reviewed by Don Olmstead.

platform/graphics/Pattern.h:
platform/graphics/win/Direct2DOperations.cpp:

(WebCore::Direct2D::FillSource::FillSource): Take GraphicsContext as argument, rather than
a PlatformContextDirect2D since downstream operations require the former.
(WebCore::Direct2D::StrokeSource::StrokeSource): Ditto.
(WebCore::Direct2D::clip): Use new 'pushClip' helper function.

platform/graphics/win/Direct2DOperations.h:
platform/graphics/win/GraphicsContextDirect2D.cpp:

(WebCore::GraphicsContext::drawPath):
(WebCore::GraphicsContext::fillPath):
(WebCore::GraphicsContext::strokePath):
(WebCore::GraphicsContext::fillRect):
(WebCore::GraphicsContext::fillRectWithRoundedHole):
(WebCore::GraphicsContext::strokeRect):

platform/graphics/win/GraphicsContextImplDirect2D.cpp:

(WebCore::GraphicsContextImplDirect2D::fillRect): Update to pass GraphicsContext.
(WebCore::GraphicsContextImplDirect2D::fillRectWithRoundedHole): Ditto.
(WebCore::GraphicsContextImplDirect2D::fillPath): Ditto.
(WebCore::GraphicsContextImplDirect2D::strokeRect): Ditto.
(WebCore::GraphicsContextImplDirect2D::strokePath): Ditto.
(WebCore::GraphicsContextImplDirect2D::drawGlyphs): Ditto.

platform/graphics/win/ImageBufferDataDirect2D.cpp:

(WebCore::ImageBufferData::copyRectFromSourceToData): Correct return behavior.
(WebCore::ImageBufferData::compatibleBitmap): Make a copy if the render target is
backed by the ID2D1Bitmap we are trying to draw with.

platform/graphics/win/PatternDirect2D.cpp:

(WebCore::Pattern::createPlatformPattern const): Remove 'PlatformContextDirect2D' contructor,
since we always need a GraphicsContext for the Image class.

platform/graphics/win/PlatformContextDirect2D.cpp:

(WebCore::PlatformContextDirect2D::clipLayer const): Added.
(WebCore::PlatformContextDirect2D::clearClips): Added.
(WebCore::PlatformContextDirect2D::restore): Update to use m_stateStack, rather than
the m_renderStates vector.
(WebCore::PlatformContextDirect2D::save): Ditto.
(WebCore::PlatformContextDirect2D::pushRenderClip): Ditto.
(WebCore::PlatformContextDirect2D::setActiveLayer): Ditto.
(WebCore::PlatformContextDirect2D::endDraw): Ditto.
(WebCore::PlatformContextDirect2D::notifyPostDrawObserver): Ditto.
(WebCore::PlatformContextDirect2D::pushClip): Ditto.

platform/graphics/win/PlatformContextDirect2D.h:

(WebCore::PlatformContextDirect2D::hasSavedState const):
(WebCore::PlatformContextDirect2D::clipLayer const): Deleted.

4:13 PM Changeset in webkit [250187] by Chris Dumez

2 edits in trunk/Source/WebKit

Regression(iOS 13) web views do not deal properly with their window's UIScene changing
https://bugs.webkit.org/show_bug.cgi?id=202070
<rdar://problem/55580699>

Reviewed by Tim Horton.

Web views do not deal properly with their window's UIScene changing. If a Safari window is in the
background for 1 minute, its UIScene will be detached and the window will get a new UIScene if
the user later switches to this window. Our web views listen to UIScene notifications to determine
their visibility and currently stop receiving visibility updates once the window’s UIScene has
changed. This causes view freezes because our WebContent process does not know its view is visible
and keeps its layer tree frozen.

Previously, when our view would be added to a window, we would get this window's UIScene and listen
for UISceneDidEnterBackgroundNotification / UISceneWillEnterForegroundNotification for this UIScene
object. Instead, we now listen to these notifications for ALL the application's UIScenes. Our handler
then checks if the notification's UIScene object matches the current window's UIScene before
forwarding the notification to the rest of WebKit.

UIProcess/ApplicationStateTracker.mm:

(WebKit::ApplicationStateTracker::ApplicationStateTracker):
(WebKit::ApplicationStateTracker::~ApplicationStateTracker):

3:57 PM Changeset in webkit [250186] by mitz@apple.com

4 edits in trunk/Source/WebKit

Safari 13 may launch leftover 32-bit plug-in process from Safari 12’s WebKit, which crashes
https://bugs.webkit.org/show_bug.cgi?id=202077
<rdar://problem/55547063>

Reviewed by Sam Weinig.

Shared/Plugins/Netscape/mac/NetscapePluginModuleMac.mm:

(WebKit::getPluginArchitecture): Removed support for i386 plug-ins.

UIProcess/Launcher/mac/ProcessLauncherMac.mm:

(WebKit::serviceName): Assert that the requested process type is not Plugin32.

UIProcess/Plugins/mac/PluginProcessProxyMac.mm:

(WebKit::PluginProcessProxy::platformGetLaunchOptionsWithAttributes): Assert that the

plug-in architecture is x86_64.

1:20 PM Changeset in webkit [250185] by Caio Lima

2 edits in trunk/JSTests

stress/test-out-of-memory.js is not throwing OOM into ARMv7 and MIPS
https://bugs.webkit.org/show_bug.cgi?id=202011

Reviewed by Mark Lam.

We are skipping this test into MIPS and ARMv7 because some of its assumptions
are not valid for them. The current behavior of the test in those architectures
is that it does not throw during new ArrayBuffer(1000) allocation site,
because eden collection keeps happening between iterations. The collection
is triggered on those architectures because the amount of stress
new Promise generates into GC limits is not enough to avoid them
while loop is executing.

Changing the size of UInt8Array from 80000000 to 160000000 can
be an alternative fix to avoid collection happening during ArrayBuffer
allocation loop, but we can't guarantee this test is always going to execute
without error when Gigacage is disabled, given we can reach an OOM state in
some allocations that need to succeed, making this test flaky for those
architectures.

stress/test-out-of-memory.js:

11:30 AM Changeset in webkit [250184] by Tadeu Zagallo

14 edits
1 add in trunk

AccessCase should strongly visit its dependencies while on stack
https://bugs.webkit.org/show_bug.cgi?id=201986
<rdar://problem/55521953>

Reviewed by Saam Barati and Yusuke Suzuki.

JSTests:

stress/ftl-put-by-id-setter-exception-interesting-live-state-2.js: Added.

(foo):
(warmup):

Source/JavaScriptCore:

AccessCase::doesCalls is responsible for specifying the cells it depends on, so that
MarkingGCAwareJITStubRoutine can strongly visit them while the stub is on stack. However,
it was missing most of its dependencies, which led to it being collected while on stack.
This manifested in the flaky test stress/ftl-put-by-id-setter-exception-interesting-live-state.js
as the PolymorphicAccess being collected and removing its exception handler from the code
block, which led to exception propagating past the try/catch.

In order to fix this, we abstract the dependency gathering logic from AccessCase into
forEachDependentCell and use it to implement visitWeak as well as doesCalls in order to
guarantee that their implementation is consistent.

bytecode/AccessCase.cpp:

(JSC::AccessCase::forEachDependentCell const):
(JSC::AccessCase::doesCalls const):
(JSC::AccessCase::visitWeak const):

bytecode/AccessCase.h:
bytecode/CallLinkInfo.cpp:

(JSC::CallLinkInfo::lastSeenCallee const):
(JSC::CallLinkInfo::haveLastSeenCallee const):
(JSC::CallLinkInfo::lastSeenCallee): Deleted.
(JSC::CallLinkInfo::haveLastSeenCallee): Deleted.

bytecode/CallLinkInfo.h:

(JSC::CallLinkInfo::isDirect const):
(JSC::CallLinkInfo::isLinked const):
(JSC::CallLinkInfo::stub const):
(JSC::CallLinkInfo::forEachDependentCell const):
(JSC::CallLinkInfo::isLinked): Deleted.
(JSC::CallLinkInfo::stub): Deleted.

bytecode/ObjectPropertyCondition.cpp:

(JSC::ObjectPropertyCondition::isStillLive const):

bytecode/ObjectPropertyCondition.h:

(JSC::ObjectPropertyCondition::forEachDependentCell const):

bytecode/ObjectPropertyConditionSet.cpp:

(JSC::ObjectPropertyConditionSet::areStillLive const):

bytecode/ObjectPropertyConditionSet.h:

(JSC::ObjectPropertyConditionSet::forEachDependentCell const):

bytecode/PropertyCondition.cpp:

(JSC::PropertyCondition::isStillLive const):

bytecode/PropertyCondition.h:

(JSC::PropertyCondition::forEachDependentCell const):

jit/PolymorphicCallStubRoutine.cpp:

(JSC::PolymorphicCallStubRoutine::visitWeak):

jit/PolymorphicCallStubRoutine.h:

(JSC::PolymorphicCallStubRoutine::forEachDependentCell):

9:08 AM Changeset in webkit [250183] by graouts@webkit.org

4 edits
4 adds in trunk

[Pointer Events] touch-action set to pan-x or pan-y alone should disable scrolling altogether if the intial gesture is in the disallowed direction
https://bugs.webkit.org/show_bug.cgi?id=202053
<rdar://problem/54542190>

Reviewed by Tim Horton.

Source/WebKit:

Although the Pointer Events specification does not specify this clearly (see https://github.com/w3c/pointerevents/issues/303), setting "touch-action" to a value
that only allows scrolling a specific direction ("pan-x" or "pan-y") should disable scrolling in the specified direction if the panning gesture initially is directed
in the opposite direction. In practice, this means that setting "touch-action: pan-y" on an element should disable scrolling if the user initially pans horizontally,
even if later on in the gesture the user pans vertically. This allows for sites that want to offer a programmatic horizontal scroller to disable vertical scrolling
if the user pans horizontally.

In order to support this, we add four UISwipeGestureRecognizers, one for each direction, and we selectively allows touches to be recognizer for them based on the
"touch-action" value specified at the initial touch location for a given gesture. In the case of "touch-action: pan-y" we only allow the left and right swipe recognizers
to be enabled, and in the case of "touch-action: pan-x" we only allow the up and down swipe recognizers to be enabled. If any of those gesture recognizers is recognized,
scrolling will be disabled for the duration of this gesture. If a UIScrollView panning gesture recognizer is recognized prior to a swipe, they won't have a chance to be
recognized.

UIProcess/ios/WKContentViewInteraction.h:
UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView setupInteraction]):
(-[WKContentView cleanupInteraction]):
(-[WKContentView _removeDefaultGestureRecognizers]):
(-[WKContentView _addDefaultGestureRecognizers]):
(-[WKContentView gestureRecognizer:shouldReceiveTouch:]):

LayoutTests:

Add new tests checking that setting "touch-action: pan-y" on an element and initiating a horizontal panning gesture will disallow scrolling vertically
if a vertical scrolling gesture follows. We test both the case where scrolling would apply to the whole page and the case where scrolling would apply
to an "overflow: scroll" element.

pointerevents/ios/touch-action-pan-y-horizontal-gesture-prevents-vertical-scrolling-expected.txt: Added.
pointerevents/ios/touch-action-pan-y-horizontal-gesture-prevents-vertical-scrolling.html: Added.
pointerevents/ios/touch-action-pan-y-in-overflow-scroll-horizontal-gesture-prevents-vertical-scrolling-expected.txt: Added.
pointerevents/ios/touch-action-pan-y-in-overflow-scroll-horizontal-gesture-prevents-vertical-scrolling.html: Added.

8:34 AM Changeset in webkit [250182] by graouts@webkit.org

5 edits
4 adds in trunk

releasePointerCapture() not working for implicit capture; can't opt-in to pointerenter/leave for touches
https://bugs.webkit.org/show_bug.cgi?id=199803
<rdar://problem/53127223>

Reviewed by Dean Jackson.

Source/WebCore:

In order to dispatch boundary events (pointerover/out/enter/leave) when the implicit pointer capture is released on iOS,
we need to track the target of the pointer events that was dispatched last for a given pointer id. Then we compare that
target with the current target when dispatching a new pointer event and determine whether we should dispatch boundary
events using the exact same approach used to dispatch mouse boundary events in EventHandler::updateMouseEventTargetNode().

Tests: pointerevents/ios/boundary-events-through-hierarchy-without-pointer-capture.html

pointerevents/ios/boundary-events-without-pointer-capture.html

page/PointerCaptureController.cpp:

(WebCore::hierarchyHasCapturingEventListeners):
(WebCore::PointerCaptureController::dispatchEventForTouchAtIndex):
(WebCore::PointerCaptureController::pointerEventWillBeDispatched):
(WebCore::PointerCaptureController::ensureCapturingDataForPointerEvent):
(WebCore::PointerCaptureController::cancelPointer):

page/PointerCaptureController.h:

LayoutTests:

Add new tests that check we correctly dispatch boundary events on iOS when pointer capture is disabled.

pointerevents/ios/boundary-events-through-hierarchy-without-pointer-capture-expected.txt: Added.
pointerevents/ios/boundary-events-through-hierarchy-without-pointer-capture.html: Added.
pointerevents/ios/boundary-events-without-pointer-capture-expected.txt: Added.
pointerevents/ios/boundary-events-without-pointer-capture.html: Added.
pointerevents/utils.js:

6:51 AM Changeset in webkit [250181] by Alan Bujtas

3 edits in trunk/Source/WebCore

[LFC] LayoutContext::m_formattingContextRootListForLayout should be a WeakHashSet
https://bugs.webkit.org/show_bug.cgi?id=202068
<rdar://problem/55579352>

Reviewed by Alex Christensen.

layout/LayoutContext.cpp:

(WebCore::Layout::LayoutContext::layout):
(WebCore::Layout::LayoutContext::styleChanged):
(WebCore::Layout::LayoutContext::markNeedsUpdate):

layout/LayoutContext.h:
page/FrameViewLayoutContext.cpp:

(WebCore::layoutUsingFormattingContext):

4:39 AM Changeset in webkit [250180] by ddkilzer@apple.com

12 edits in trunk/Source

clang-tidy: Fix unnecessary copy/ref churn of for loop variables in WTF/JavaScriptCore
<https://webkit.org/b/202069>

Reviewed by Mark Lam.

Fix unwanted copying/ref churn of loop variables by making them
const references.

Source/JavaScriptCore:

bytecode/CodeBlock.cpp:

(JSC::CodeBlock::setConstantIdentifierSetRegisters):

bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::prepareLexicalScopeForNextForLoopIteration):

dfg/DFGGraph.cpp:

(JSC::DFG::Graph::dump):

inspector/agents/InspectorAgent.cpp:

(Inspector::InspectorAgent::activateExtraDomains):

inspector/remote/cocoa/RemoteInspectorCocoa.mm:

(Inspector::RemoteInspector::stopInternal):
(Inspector::RemoteInspector::xpcConnectionFailed):
(Inspector::RemoteInspector::pushListingsNow):

parser/Parser.h:

(JSC::Scope::computeLexicallyCapturedVariablesAndPurgeCandidates):

runtime/ProxyObject.cpp:

(JSC::ProxyObject::performGetOwnPropertyNames):

runtime/SamplingProfiler.cpp:

(JSC::SamplingProfiler::registerForReportAtExit):
(JSC::SamplingProfiler::reportTopFunctions):
(JSC::SamplingProfiler::reportTopBytecodes):

runtime/TypeSet.cpp:

(JSC::StructureShape::inspectorRepresentation):
(JSC::StructureShape::merge):

Source/WTF:

wtf/AggregateLogger.h:

(WTF::AggregateLogger::log const):

Sep 20, 2019:

11:37 PM Changeset in webkit [250179] by aestes@apple.com

21 edits
3 copies
1 add in trunk/Source

[Apple Pay] Clean up handling of summary items and payment method updates
https://bugs.webkit.org/show_bug.cgi?id=202018
<rdar://problem/55470632>

Reviewed by Tim Horton.

Source/WebCore:

Replaced the PaymentMethodUpdate struct with a class that knows how to convert from
ApplePayPaymentMethodUpdate structs to PKPaymentRequestPaymentMethodUpdate instances.

Moved some scattered-around free functions for converting payment summary items into
PaymentSummaryItems{.h,Cocoa.mm}.

Modules/applepay/ApplePayPaymentMethodUpdate.h:
Modules/applepay/ApplePaySession.cpp:

(WebCore::finishConverting):
(WebCore::convertAndValidateTotal):
(WebCore::convertAndValidate):

Modules/applepay/ApplePaySessionPaymentRequest.h:
Modules/applepay/PaymentCoordinator.h:
Modules/applepay/PaymentCoordinatorClient.h:
Modules/applepay/PaymentHeaders.h:
Modules/applepay/PaymentMethodUpdate.h: Added.
Modules/applepay/PaymentSummaryItems.h: Added.
Modules/applepay/cocoa/PaymentMethodUpdateCocoa.mm: Added.

(WebCore::PaymentMethodUpdate::PaymentMethodUpdate):
(WebCore::PaymentMethodUpdate::totalAndLineItems const):
(WebCore::PaymentMethodUpdate::platformUpdate const):

Modules/applepay/cocoa/PaymentSummaryItemsCocoa.mm: Added.

(WebCore::toDecimalNumber):
(WebCore::toPKPaymentSummaryItemType):
(WebCore::toPKPaymentSummaryItem):
(WebCore::platformSummaryItems):

Modules/applepay/paymentrequest/ApplePayPaymentHandler.cpp:

(WebCore::ApplePayPaymentHandler::paymentMethodUpdated):

SourcesCocoa.txt:
WebCore.xcodeproj/project.pbxproj:
testing/MockPaymentCoordinator.cpp:

(WebCore::MockPaymentCoordinator::completePaymentMethodSelection):

Source/WebKit:

Now that PaymentMethodUpdate knows how to convert itself to a
PKPaymentRequestPaymentMethodUpdate, PaymentAuthorizationPresenter can merely pass the
converted update directly to the platform delegate rather than passing the individual
components and relying on the delegate to instantiate the platform update itself. Added
FIXMEs for applying a similar treatment to ShippingContactUpdate and ShippingMethodUpdate.

Platform/cocoa/PaymentAuthorizationPresenter.h:
Platform/cocoa/PaymentAuthorizationPresenter.mm:

(WebKit::PaymentAuthorizationPresenter::completePaymentMethodSelection):
(WebKit::PaymentAuthorizationPresenter::completeShippingContactSelection):
(WebKit::PaymentAuthorizationPresenter::completeShippingMethodSelection):

Platform/cocoa/WKPaymentAuthorizationDelegate.h:
Platform/cocoa/WKPaymentAuthorizationDelegate.mm:

(-[WKPaymentAuthorizationDelegate completePaymentMethodSelection:]):
(-[WKPaymentAuthorizationDelegate completeShippingContactSelection:]):
(-[WKPaymentAuthorizationDelegate completeShippingMethodSelection:]):
(-[WKPaymentAuthorizationDelegate _didSelectPaymentMethod:completion:]):
(-[WKPaymentAuthorizationDelegate _didSelectShippingContact:completion:]):
(-[WKPaymentAuthorizationDelegate _didSelectShippingMethod:completion:]):
(-[WKPaymentAuthorizationDelegate completeShippingContactSelection:summaryItems:shippingMethods:errors:]): Deleted.

Shared/ApplePay/WebPaymentCoordinatorProxy.h:
Shared/ApplePay/cocoa/WebPaymentCoordinatorProxyCocoa.h:
Shared/ApplePay/cocoa/WebPaymentCoordinatorProxyCocoa.mm:

(WebKit::WebPaymentCoordinatorProxy::platformPaymentRequest):
(WebKit::toPKPaymentSummaryItemType): Deleted.
(WebKit::toPKPaymentSummaryItem): Deleted.
(WebKit::toPKPaymentSummaryItems): Deleted.

Shared/Cocoa/WebCoreArgumentCodersCocoa.mm:

(IPC::ArgumentCoder<WebCore::PaymentMethodUpdate>::encode):
(IPC::ArgumentCoder<WebCore::PaymentMethodUpdate>::decode):

10:29 PM Changeset in webkit [250178] by mitz@apple.com

7 copies
1 add in releases/Apple/watchOS 6.0

Added a tag for watchOS 6.0.

10:27 PM Changeset in webkit [250177] by mitz@apple.com

8 copies
1 add in releases/Apple/iOS 13.0

Added a tag for iOS 13.0.

7:11 PM Changeset in webkit [250176] by keith_miller@apple.com

3 edits in trunk/Source/JavaScriptCore

eliding a move in Air O0 needs to mark the dest's old reg as available
https://bugs.webkit.org/show_bug.cgi?id=202066

Reviewed by Saam Barati.

Also adds a new release method that handles all the invariants of
returning a register to the available register pool.

b3/air/AirAllocateRegistersAndStackAndGenerateCode.cpp:

(JSC::B3::Air::GenerateAndAllocateRegisters::release):
(JSC::B3::Air::GenerateAndAllocateRegisters::spill):
(JSC::B3::Air::GenerateAndAllocateRegisters::freeDeadTmpsIfNeeded):
(JSC::B3::Air::GenerateAndAllocateRegisters::generate):

b3/air/AirAllocateRegistersAndStackAndGenerateCode.h:

6:24 PM Changeset in webkit [250175] by commit-queue@webkit.org

4 edits
2 adds in trunk

Assertion fires when animating a discrete property with values range and multiple animators
https://bugs.webkit.org/show_bug.cgi?id=201926

Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2019-09-20
Reviewed by Darin Adler.

Source/WebCore:

The first animator of a property is considered the result element. The
other animators will be just contributers to the first animator. For the
first animator and in SVGSMILElement::progress(), we call resetAnimatedType()
which creates m_animator in SVGAnimateElementBase::animator(). But for
the other animators we do not call resetAnimatedType(). So their m_animator
will stay null until they are used for the first time.

If SVGAnimationElement::startedActiveInterval() calls calculateToAtEndOfDurationValue()
for a discrete property this will have no effect and the call should be
ignored. So SVGAnimateElementBase::calculateToAtEndOfDurationValue()
should bail out early if isDiscreteAnimator() is true.

The bug is isDiscreteAnimator() will return false if the m_animator is
null even if the animated property is discrete, e.g. SVGAnimatedString.
The fix is to make isDiscreteAnimator() ensure m_animator is created.

Unrelated change:
Make most of the protected methods of SVGAnimateElementBase be private.

Test: svg/animations/multiple-discrete-values-animate.svg

svg/SVGAnimateElementBase.cpp:

(WebCore::SVGAnimateElementBase::calculateFromAndByValues):
(WebCore::SVGAnimateElementBase::calculateToAtEndOfDurationValue):

LayoutTests:

Animate a discrete property, such as SVGAnimatedString. There should be
multiple animators and the range of animation has to be set by the 'values'
attribute.

svg/animations/multiple-discrete-values-animate-expected.txt: Added.
svg/animations/multiple-discrete-values-animate.svg: Added.

6:07 PM Changeset in webkit [250174] by aakash_jain@apple.com

3 edits in trunk/Tools

[EWS] JSC queues should re-build ToT and compare results on build failure
https://bugs.webkit.org/show_bug.cgi?id=201999

Reviewed by Jonathan Bedard.

BuildSlaveSupport/ews-build/factories.py:

(JSCTestsFactory.init): Do not add the UnApplyPatchIfRequired and CompileJSCOnlyToT step here, as
these are dynamically added (if required) in steps.py in CompileWebKit.evaluateCommand() using addStepsAfterCurrentStep().
Also setting skipUpload=False since we don't need to upload the archive for this queue. Building and testing is done in same build.

BuildSlaveSupport/ews-build/steps.py:

(CompileWebKit.evaluateCommand): Add CompileJSCOnlyToT or CompileWebKitToT build-step based on 'group' property.
(AnalyzeCompileWebKitResults.start): Ditto.
(CompileJSCOnly.start): Set the 'group' property to 'jsc'.
(CompileJSCOnlyToT.evaluateCommand): Over-ride evaluateCommand, so that base-class' (CompileWebKit) evaluateCommand is
not used, base class evaluateCommand adds build-steps dynamically.

5:36 PM Changeset in webkit [250173] by Keith Rollin

2 edits in trunk/Source/WebCore

Remove dead code for a specific macOS and iOS SDK
https://bugs.webkit.org/show_bug.cgi?id=202054
<rdar://problem/55569619>

Reviewed by Zalan Bujtas.

ComplexTextController::collectComplexTextRunsForCharacters in
ComplexTextControllerCoreText.mm has some code for compatibility with
specifically macOS 10.14.0 and iOS 12.0 (see Bug 186571). We don't
build for these targets any more (when we build for macOS 10.14, it's
for a later minor revision), so this code can be removed.

No new tests -- no new or changed functionality.

platform/graphics/mac/ComplexTextControllerCoreText.mm:

(WebCore::ComplexTextController::collectComplexTextRunsForCharacters):

5:29 PM Changeset in webkit [250172] by mark.lam@apple.com

2 edits in trunk/Source/JavaScriptCore

Harden assertion in StructureIDTable::get().
https://bugs.webkit.org/show_bug.cgi?id=202067
<rdar://problem/55577923>

Reviewed by Keith Miller.

runtime/StructureIDTable.h:

(JSC::StructureIDTable::get):

5:17 PM Changeset in webkit [250171] by Keith Rollin

4 edits in trunk/Source

Remove some support for < iOS 13
https://bugs.webkit.org/show_bug.cgi?id=202027
<rdar://problem/55547109>

Reviewed by Alex Christensen.

Remove some support for iOS versions less than 13.0.

Update conditionals that reference IPHONE_OS_VERSION_MIN_REQUIRED
and IPHONE_OS_VERSION_MAX_ALLOWED, assuming that they both have
values >= 130000. This means that expressions like
"IPHONE_OS_VERSION_MIN_REQUIRED < 101300" are always False and
"IPHONE_OS_VERSION_MIN_REQUIRED >= 101300" are always True.

After version checks have been removed, there are some cases where the

preprocessor conditional looks like "#if PLATFORM(MAC)

PLATFORM(IOS_FAMILY)". These can be collapsed into "#if
PLATFORM(COCOA)". This additional cleanup will be performed in a
subsequent patch.

This removal is part of a series of patches effecting the removal of
dead code for old versions of iOS. This particular pass involves
changes in which Joe Pecoraro was involved. These changes are isolated
from other similar changes in order to facilitate the reviewing
process.

Source/WebCore/PAL:

pal/spi/cf/CFNetworkSPI.h:

Source/WebKit:

NetworkProcess/cocoa/NetworkSessionCocoa.mm:

(-[WKNetworkSessionDelegate URLSession:task:didFinishCollectingMetrics:]):

5:15 PM Changeset in webkit [250170] by Kocsen Chung

1 copy in branches/safari-608.2.30.1-branch

New branch.

5:13 PM Changeset in webkit [250169] by achristensen@apple.com

42 edits
1 move
4 deletes in trunk/Source

Remove unnecessary abstractions around WebsiteDataStore
https://bugs.webkit.org/show_bug.cgi?id=201655

Reviewed by Chris Dumez.

Source/WebCore:

Modules/webdatabase/cocoa/DatabaseManagerCocoa.mm:

(WebCore::DatabaseManager::platformInitialize):

Source/WebKit:

PlatformFTW.cmake:
PlatformWin.cmake:
Sources.txt:
SourcesCocoa.txt:
SourcesGTK.txt:
SourcesWPE.txt:
UIProcess/API/APIHTTPCookieStore.cpp:
UIProcess/API/APIHTTPCookieStore.h:
UIProcess/API/APIPageConfiguration.cpp:

(API::PageConfiguration::websiteDataStore):
(API::PageConfiguration::setWebsiteDataStore):

UIProcess/API/APIPageConfiguration.h:
UIProcess/API/APIProcessPoolConfiguration.cpp:
UIProcess/API/APIWebsiteDataStore.cpp: Removed.
UIProcess/API/APIWebsiteDataStore.h: Removed.
UIProcess/API/APIWebsitePolicies.cpp:

(API::WebsitePolicies::WebsitePolicies):
(API::WebsitePolicies::setWebsiteDataStore):
(API::WebsitePolicies::data):

UIProcess/API/APIWebsitePolicies.h:
UIProcess/API/C/WKAPICast.h:
UIProcess/API/C/WKContext.cpp:

(WKContextSetCacheModel):
(WKContextGetCacheModel):

UIProcess/API/C/WKFramePolicyListener.cpp:
UIProcess/API/C/WKWebsiteDataStoreRef.cpp:

(WKWebsiteDataStoreGetTypeID):
(WKWebsiteDataStoreGetDefaultDataStore):
(WKWebsiteDataStoreCreateNonPersistentDataStore):
(WKWebsiteDataStoreCreateWithConfiguration):
(WKWebsiteDataStoreGetHTTPCookieStore):
(WKWebsiteDataStoreSetResourceLoadStatisticsDebugModeWithCompletionHandler):
(WKWebsiteDataStoreSetResourceLoadStatisticsPrevalentResourceForDebugMode):
(WKWebsiteDataStoreSetStatisticsLastSeen):
(WKWebsiteDataStoreSetStatisticsPrevalentResource):
(WKWebsiteDataStoreSetStatisticsVeryPrevalentResource):
(WKWebsiteDataStoreDumpResourceLoadStatistics):
(WKWebsiteDataStoreIsStatisticsPrevalentResource):
(WKWebsiteDataStoreIsStatisticsVeryPrevalentResource):
(WKWebsiteDataStoreIsStatisticsRegisteredAsSubresourceUnder):
(WKWebsiteDataStoreIsStatisticsRegisteredAsSubFrameUnder):
(WKWebsiteDataStoreIsStatisticsRegisteredAsRedirectingTo):
(WKWebsiteDataStoreSetStatisticsHasHadUserInteraction):
(WKWebsiteDataStoreIsStatisticsHasHadUserInteraction):
(WKWebsiteDataStoreSetStatisticsGrandfathered):
(WKWebsiteDataStoreIsStatisticsGrandfathered):
(WKWebsiteDataStoreSetStatisticsSubframeUnderTopFrameOrigin):
(WKWebsiteDataStoreSetStatisticsSubresourceUnderTopFrameOrigin):
(WKWebsiteDataStoreSetStatisticsSubresourceUniqueRedirectTo):
(WKWebsiteDataStoreSetStatisticsSubresourceUniqueRedirectFrom):
(WKWebsiteDataStoreSetStatisticsTopFrameUniqueRedirectTo):
(WKWebsiteDataStoreSetStatisticsTopFrameUniqueRedirectFrom):
(WKWebsiteDataStoreSetStatisticsCrossSiteLoadWithLinkDecoration):
(WKWebsiteDataStoreSetStatisticsTimeToLiveUserInteraction):
(WKWebsiteDataStoreStatisticsProcessStatisticsAndDataRecords):
(WKWebsiteDataStoreStatisticsUpdateCookieBlocking):
(WKWebsiteDataStoreStatisticsSubmitTelemetry):
(WKWebsiteDataStoreSetStatisticsNotifyPagesWhenDataRecordsWereScanned):
(WKWebsiteDataStoreSetStatisticsIsRunningTest):
(WKWebsiteDataStoreSetStatisticsShouldClassifyResourcesBeforeDataRecordsRemoval):
(WKWebsiteDataStoreSetStatisticsNotifyPagesWhenTelemetryWasCaptured):
(WKWebsiteDataStoreSetStatisticsMinimumTimeBetweenDataRecordsRemoval):
(WKWebsiteDataStoreSetStatisticsGrandfatheringTime):
(WKWebsiteDataStoreSetStatisticsMaxStatisticsEntries):
(WKWebsiteDataStoreSetStatisticsPruneEntriesDownTo):
(WKWebsiteDataStoreStatisticsClearInMemoryAndPersistentStore):
(WKWebsiteDataStoreStatisticsClearInMemoryAndPersistentStoreModifiedSinceHours):
(WKWebsiteDataStoreStatisticsClearThroughWebsiteDataRemoval):
(WKWebsiteDataStoreStatisticsDeleteCookiesForTesting):
(WKWebsiteDataStoreStatisticsHasLocalStorage):
(WKWebsiteDataStoreSetStatisticsCacheMaxAgeCap):
(WKWebsiteDataStoreStatisticsHasIsolatedSession):
(WKWebsiteDataStoreStatisticsResetToConsistentState):
(WKWebsiteDataStoreRemoveAllFetchCaches):
(WKWebsiteDataStoreRemoveFetchCacheForOrigin):
(WKWebsiteDataStoreRemoveAllIndexedDatabases):
(WKWebsiteDataStoreRemoveLocalStorage):
(WKWebsiteDataStoreRemoveAllServiceWorkerRegistrations):
(WKWebsiteDataStoreGetFetchCacheOrigins):
(WKWebsiteDataStoreGetFetchCacheSizeForOrigin):
(WKWebsiteDataStoreCopyServiceWorkerRegistrationDirectory):
(WKWebsiteDataStoreSetServiceWorkerRegistrationDirectory):
(WKWebsiteDataStoreClearAllDeviceOrientationPermissions):
(WKWebsiteDataStoreSetWebAuthenticationMockConfiguration):
(WKWebsiteDataStoreClearAdClickAttributionsThroughWebsiteDataRemoval):

UIProcess/API/C/WKWebsitePolicies.cpp:
UIProcess/API/Cocoa/APIWebsiteDataStoreCocoa.mm: Removed.
UIProcess/API/Cocoa/WKWebsiteDataStore.mm:

(+[WKWebsiteDataStore defaultDataStore]):
(+[WKWebsiteDataStore nonPersistentDataStore]):
(-[WKWebsiteDataStore dealloc]):
(-[WKWebsiteDataStore httpCookieStore]):
(-[WKWebsiteDataStore removeDataOfTypes:modifiedSince:completionHandler:]):
(-[WKWebsiteDataStore removeDataOfTypes:forDataRecords:completionHandler:]):
(+[WKWebsiteDataStore _defaultDataStoreExists]):
(+[WKWebsiteDataStore _deleteDefaultDataStoreForTesting]):
(-[WKWebsiteDataStore _initWithConfiguration:]):
(-[WKWebsiteDataStore _fetchDataRecordsOfTypes:withOptions:completionHandler:]):
(-[WKWebsiteDataStore _resourceLoadStatisticsEnabled]):
(-[WKWebsiteDataStore _setResourceLoadStatisticsEnabled:]):
(-[WKWebsiteDataStore _resourceLoadStatisticsDebugMode]):
(-[WKWebsiteDataStore _setResourceLoadStatisticsDebugMode:]):
(-[WKWebsiteDataStore _cacheStorageDirectory]):
(-[WKWebsiteDataStore _setCacheStorageDirectory:]):
(-[WKWebsiteDataStore _serviceWorkerRegistrationDirectory]):
(-[WKWebsiteDataStore _setServiceWorkerRegistrationDirectory:]):
(-[WKWebsiteDataStore _setBoundInterfaceIdentifier:]):
(-[WKWebsiteDataStore _boundInterfaceIdentifier]):
(-[WKWebsiteDataStore _setAllowsCellularAccess:]):
(-[WKWebsiteDataStore _allowsCellularAccess]):
(-[WKWebsiteDataStore _setProxyConfiguration:]):
(-[WKWebsiteDataStore _sourceApplicationBundleIdentifier]):
(-[WKWebsiteDataStore _setSourceApplicationBundleIdentifier:]):
(-[WKWebsiteDataStore _sourceApplicationSecondaryIdentifier]):
(-[WKWebsiteDataStore _setSourceApplicationSecondaryIdentifier:]):
(-[WKWebsiteDataStore _proxyConfiguration]):
(-[WKWebsiteDataStore _indexedDBDatabaseDirectory]):
(-[WKWebsiteDataStore _resourceLoadStatisticsSetShouldSubmitTelemetry:]):
(-[WKWebsiteDataStore _setResourceLoadStatisticsTestingCallback:]):
(-[WKWebsiteDataStore _getAllStorageAccessEntriesFor:completionHandler:]):
(-[WKWebsiteDataStore _scheduleCookieBlockingUpdate:]):
(-[WKWebsiteDataStore _setPrevalentDomain:completionHandler:]):
(-[WKWebsiteDataStore _getIsPrevalentDomain:completionHandler:]):
(-[WKWebsiteDataStore _clearPrevalentDomain:completionHandler:]):
(-[WKWebsiteDataStore _processStatisticsAndDataRecords:]):
(-[WKWebsiteDataStore _hasRegisteredServiceWorker]):
(-[WKWebsiteDataStore _delegate]):
(-[WKWebsiteDataStore set_delegate:]):

UIProcess/API/Cocoa/WKWebsiteDataStoreInternal.h:
UIProcess/API/glib/APIWebsiteDataStoreGLib.cpp: Removed.
UIProcess/API/glib/WebKitWebsiteDataManager.cpp:

(webkitWebsiteDataManagerSetProperty):
(webkitWebsiteDataManagerGetDataStore):
(webkit_website_data_manager_get_local_storage_directory):
(webkit_website_data_manager_get_disk_cache_directory):
(webkit_website_data_manager_get_offline_application_cache_directory):
(webkit_website_data_manager_get_indexeddb_directory):
(webkit_website_data_manager_get_websql_directory):
(webkit_website_data_manager_get_hsts_cache_directory):
(webkit_website_data_manager_fetch):
(webkit_website_data_manager_remove):
(webkit_website_data_manager_clear):
(webkitWebsiteDataManagerCreate): Deleted.

UIProcess/API/glib/WebKitWebsiteDataManagerPrivate.h:
UIProcess/API/win/APIWebsiteDataStoreWin.cpp: Removed.
UIProcess/Cocoa/NavigationState.mm:
UIProcess/Network/NetworkProcessProxy.cpp:

(WebKit::NetworkProcessProxy::NetworkProcessProxy):
(WebKit::NetworkProcessProxy::websiteDataStoreFromSessionID):

UIProcess/Network/NetworkProcessProxy.h:
UIProcess/WebFramePolicyListenerProxy.cpp:
UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::WebPageProxy):
(WebKit::WebPageProxy::receivedNavigationPolicyDecision):

UIProcess/WebProcessPool.cpp:

(WebKit::m_webProcessCache):
(WebKit::WebProcessPool::ensureNetworkProcess):
(WebKit::WebProcessPool::establishWorkerContextConnectionToNetworkProcess):
(WebKit::WebProcessPool::tryTakePrewarmedProcess):
(WebKit::WebProcessPool::processDidFinishLaunching):
(WebKit::WebProcessPool::processForRegistrableDomain):
(WebKit::WebProcessPool::createWebPage):
(WebKit::WebProcessPool::mayHaveRegisteredServiceWorkers):

UIProcess/WebProcessPool.h:
UIProcess/WebsiteData/Cocoa/WebsiteDataStoreCocoa.mm:

(WebKit::WebsiteDataStore::defaultApplicationCacheDirectory):
(WebKit::WebsiteDataStore::defaultCacheStorageDirectory):
(WebKit::WebsiteDataStore::defaultNetworkCacheDirectory):
(WebKit::WebsiteDataStore::defaultMediaCacheDirectory):
(WebKit::WebsiteDataStore::defaultIndexedDBDatabaseDirectory):
(WebKit::WebsiteDataStore::defaultServiceWorkerRegistrationDirectory):
(WebKit::WebsiteDataStore::defaultLocalStorageDirectory):
(WebKit::WebsiteDataStore::defaultMediaKeysStorageDirectory):
(WebKit::WebsiteDataStore::defaultWebSQLDatabaseDirectory):
(WebKit::WebsiteDataStore::defaultResourceLoadStatisticsDirectory):
(WebKit::WebsiteDataStore::defaultJavaScriptConfigurationDirectory):
(WebKit::WebsiteDataStore::tempDirectoryFileSystemRepresentation):
(WebKit::WebsiteDataStore::cacheDirectoryFileSystemRepresentation):
(WebKit::WebsiteDataStore::websiteDataDirectoryFileSystemRepresentation):

UIProcess/WebsiteData/WebsiteDataStore.cpp:

(WebKit::globalDefaultDataStore):
(WebKit::WebsiteDataStore::defaultDataStore):
(WebKit::WebsiteDataStore::deleteDefaultDataStoreForTesting):
(WebKit::WebsiteDataStore::defaultDataStoreExists):
(WebKit::WebsiteDataStore::defaultDataStoreConfiguration):
(WebKit::WebsiteDataStore::isAssociatedProcessPool const):
(WebKit::WebsiteDataStore::defaultMediaCacheDirectory):
(WebKit::WebsiteDataStore::defaultJavaScriptConfigurationDirectory):
(WebKit::WebsiteDataStore::defaultDeviceIdHashSaltsStorageDirectory):

UIProcess/WebsiteData/WebsiteDataStore.h:
UIProcess/WebsiteData/WebsiteDataStoreConfiguration.cpp:
UIProcess/WebsiteData/win/WebsiteDataStoreWin.cpp:

(WebKit::WebsiteDataStore::defaultApplicationCacheDirectory):
(WebKit::WebsiteDataStore::defaultCacheStorageDirectory):
(WebKit::WebsiteDataStore::defaultNetworkCacheDirectory):
(WebKit::WebsiteDataStore::defaultIndexedDBDatabaseDirectory):
(WebKit::WebsiteDataStore::defaultServiceWorkerRegistrationDirectory):
(WebKit::WebsiteDataStore::defaultLocalStorageDirectory):
(WebKit::WebsiteDataStore::defaultMediaKeysStorageDirectory):
(WebKit::WebsiteDataStore::defaultWebSQLDatabaseDirectory):
(WebKit::WebsiteDataStore::defaultResourceLoadStatisticsDirectory):
(WebKit::WebsiteDataStore::cacheDirectoryFileSystemRepresentation):
(WebKit::WebsiteDataStore::websiteDataDirectoryFileSystemRepresentation):

UIProcess/glib/WebProcessProxyGLib.cpp:

(WebKit::WebProcessProxy::platformGetLaunchOptions):

UIProcess/glib/WebsiteDataStoreGLib.cpp: Copied from Source/WebKit/UIProcess/API/glib/APIWebsiteDataStoreGLib.cpp.

(API::WebsiteDataStore::defaultApplicationCacheDirectory): Deleted.
(API::WebsiteDataStore::defaultNetworkCacheDirectory): Deleted.
(API::WebsiteDataStore::defaultCacheStorageDirectory): Deleted.
(API::WebsiteDataStore::defaultIndexedDBDatabaseDirectory): Deleted.
(API::WebsiteDataStore::defaultServiceWorkerRegistrationDirectory): Deleted.
(API::WebsiteDataStore::defaultLocalStorageDirectory): Deleted.
(API::WebsiteDataStore::defaultMediaKeysStorageDirectory): Deleted.
(API::WebsiteDataStore::defaultDeviceIdHashSaltsStorageDirectory): Deleted.
(API::WebsiteDataStore::defaultWebSQLDatabaseDirectory): Deleted.
(API::WebsiteDataStore::defaultHSTSDirectory): Deleted.
(API::WebsiteDataStore::defaultResourceLoadStatisticsDirectory): Deleted.
(API::WebsiteDataStore::cacheDirectoryFileSystemRepresentation): Deleted.
(API::WebsiteDataStore::websiteDataDirectoryFileSystemRepresentation): Deleted.

WebKit.xcodeproj/project.pbxproj:
WebProcess/MediaCache/WebMediaKeyStorageManager.cpp:

(WebKit::WebMediaKeyStorageManager::setWebsiteDataStore):

4:59 PM Changeset in webkit [250168] by Kocsen Chung

1 copy in tags/Safari-608.2.11.1.10

Tag Safari-608.2.11.1.10.

4:59 PM Changeset in webkit [250167] by commit-queue@webkit.org

3 edits
3 adds
2 deletes in trunk

[resource-timing] Report performance entries with all HTTP status codes
https://bugs.webkit.org/show_bug.cgi?id=202040

Patch by Alex Christensen <achristensen@webkit.org> on 2019-09-20
Reviewed by Joseph Pecoraro.

LayoutTests/imported/w3c:

web-platform-tests/resource-timing/resource_ignore_failures-expected.txt: Removed.
web-platform-tests/resource-timing/resource_ignore_failures.html: Removed.

This test is no longer in wpt and it would regress with this change, so we remove it.

web-platform-tests/resource-timing/resources/status-code.py: Added.

(main):

web-platform-tests/resource-timing/status-codes-create-entry-expected.txt: Added.
web-platform-tests/resource-timing/status-codes-create-entry.html: Added.

Source/WebCore:

This follows a Chromium change at https://chromium-review.googlesource.com/c/chromium/src/+/1796544
The spec change is being discussed at https://github.com/w3c/resource-timing/issues/165

Test: imported/w3c/web-platform-tests/resource-timing/status-codes-create-entry.html

I had to slightly modify the test to make sure the entry count was > 0 instead of == 1 to reduce flakyness because sometimes we load the 200 image twice.
I'll submit a PR to WPT, too.

loader/ResourceTimingInformation.cpp:

(WebCore::ResourceTimingInformation::shouldAddResourceTiming):

4:54 PM Changeset in webkit [250166] by Kocsen Chung

9 edits in branches/safari-608.2.11.1-branch/Source/WebKit

Revert to match Safari-608.2.11.1.7 content.

4:46 PM Changeset in webkit [250165] by Chris Dumez

6 edits in trunk

REGRESSION (iOS 13): rAF stops firing when navigating away cross-origin and then back
https://bugs.webkit.org/show_bug.cgi?id=201767
<rdar://problem/55350854>

Reviewed by Tim Horton.

Source/WebKit:

This is a follow-up to r249961 to address crashes when navigating back cross-origin to a page
that uses requestAnimationFrame. r249961 took care of moving RemoteLayerTreeDisplayRefreshMonitor
objects from one RemoteLayerTreeDrawingArea to another but failed to tell those monitors
about their new drawingArea. As a result, RemoteLayerTreeDrawingArea::willDestroyDisplayRefreshMonitor()
would not get called on the new drawing area when it should have.

WebProcess/WebPage/RemoteLayerTree/RemoteLayerTreeDisplayRefreshMonitor.h:
WebProcess/WebPage/RemoteLayerTree/RemoteLayerTreeDisplayRefreshMonitor.mm:

(WebKit::RemoteLayerTreeDisplayRefreshMonitor::updateDrawingArea):

WebProcess/WebPage/RemoteLayerTree/RemoteLayerTreeDrawingArea.mm:

(WebKit::RemoteLayerTreeDrawingArea::adoptDisplayRefreshMonitorsFromDrawingArea):

LayoutTests:

Call finishJSTest() on a timer to make it more likely to reproduce the bug.

http/tests/navigation/page-cache-requestAnimationFrame.html:

4:18 PM Changeset in webkit [250164] by Kocsen Chung

1 copy in tags/Safari-608.3.3

Tag Safari-608.3.3.

4:17 PM Changeset in webkit [250163] by Kocsen Chung

1 delete in tags/Safari-608.3.3

Delete tag.

4:16 PM Changeset in webkit [250162] by Kocsen Chung

1 copy in tags/Safari-608.3.3

Tag Safari-608.3.3.

3:58 PM Changeset in webkit [250161] by Keith Rollin

3 edits in trunk/Source/WebCore

Remove check of setSourceAppPid selector that's no longer needed
https://bugs.webkit.org/show_bug.cgi?id=201971
<rdar://problem/55505761>

Reviewed by Andy Estes.

Bug 172152 introduced a check of the NEFilterSource selector
setSourceAppPid in order to support OS's that didn't support it. All
supported Cocoa platforms now support it, so the check can be removed.

Source/WebCore:

No new tests -- no new or changed functionality.

platform/cocoa/NetworkExtensionContentFilter.mm:

(WebCore::NetworkExtensionContentFilter::initialize):

Source/WebCore/PAL:

pal/spi/cocoa/NEFilterSourceSPI.h:

3:19 PM Changeset in webkit [250160] by Keith Rollin

12 edits
1 delete in trunk

Remove some support for < iOS 13
https://bugs.webkit.org/show_bug.cgi?id=201967
<rdar://problem/55504738>

Reviewed by Andy Estes.

Remove some support for iOS versions less than 13.0.

After version checks have been removed, there are some cases where the

preprocessor conditional looks like "#if PLATFORM(MAC)

PLATFORM(IOS_FAMILY)". These can be collapsed into "#if
PLATFORM(COCOA)". This additional cleanup will be performed in a
subsequent patch.

This removal is part of a series of patches effecting the removal of
dead code for old versions of iOS. This particular pass involves
changes in which Andy Estes was involved. These changes are isolated
from other similar changes in order to facilitate the reviewing
process.

Source/WebCore:

No new tests -- no new or changed functionality.

platform/cocoa/NetworkExtensionContentFilter.mm:

(WebCore::NetworkExtensionContentFilter::initialize):

Source/WebCore/PAL:

pal/spi/cocoa/NEFilterSourceSPI.h:

Source/WebKit:

NetworkProcess/cocoa/NetworkSessionCocoa.mm:

(WebKit::NetworkSessionCocoa::NetworkSessionCocoa):

UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView _dataForPreviewItemController:atPosition:type:]):

UIProcess/ios/forms/WKFileUploadPanel.mm:

(-[WKFileUploadPanel _uploadItemFromMediaInfo:successBlock:failureBlock:]):

Source/WTF:

wtf/FeatureDefines.h:

Tools:

TestWebKitAPI/Tests/WebKitCocoa/WKPDFView.mm: Removed.

2:51 PM Changeset in webkit [250159] by Kocsen Chung

7 edits in branches/safari-608.2.11.1-branch/Source

Versioning.

2:50 PM Changeset in webkit [250158] by Kocsen Chung

1 copy in tags/Safari-608.2.11.1.9

Tag Safari-608.2.11.1.9.

2:49 PM Changeset in webkit [250157] by timothy_horton@apple.com

5 edits in trunk/Source/WebKit

Sanitize suggested filenames used for saving PDFs
https://bugs.webkit.org/show_bug.cgi?id=202034
<rdar://problem/53183075>

Reviewed by Chris Dumez.

UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::didFinishLoadingDataForCustomContentProvider):
(WebKit::WebPageProxy::saveDataToFileInDownloadsFolder):
(WebKit::WebPageProxy::savePDFToFileInDownloadsFolder):

UIProcess/WebPageProxy.h:
UIProcess/ios/WebPageProxyIOS.mm:

(WebKit::WebPageProxy::savePDFToTemporaryFolderAndOpenWithNativeApplicationRaw): Deleted.

UIProcess/mac/WebPageProxyMac.mm:

(WebKit::WebPageProxy::savePDFToTemporaryFolderAndOpenWithNativeApplication):
(WebKit::WebPageProxy::savePDFToTemporaryFolderAndOpenWithNativeApplicationRaw): Deleted.
Sanitize suggested filenames to ensure that they comprise only one path component
when concatenated with their destination directory.

2:45 PM Changeset in webkit [250156] by achristensen@apple.com

4 edits in trunk/Tools

Begin moving WebsiteDataStore setters to WebsiteDataStoreConfiguration
https://bugs.webkit.org/show_bug.cgi?id=202025

Reviewed by Chris Dumez.

One expected change in behavior is that the resource load statistics directory is not created on startup with an ephemeral session any more
because we call the constructor of WebsiteDataStoreConfiguration inside _WKWebsiteDataStoreConfiguration and set the default directory like we do the other directories.

TestWebKitAPI/Tests/WebKitCocoa/StorageQuota.mm:
WebKitTestRunner/TestController.cpp:

(WTR::TestController::websiteDataStore):
(WTR::TestController::generatePageConfiguration):

2:40 PM Changeset in webkit [250155] by Chris Dumez

2 edits in trunk/Source/WebKit

Add release logging for when a view is added / removed from a window
https://bugs.webkit.org/show_bug.cgi?id=202050

Reviewed by Tim Horton.

Add release logging for when a view is added / removed from a window to help determine the
view's visibility in the logs.

UIProcess/ios/WKApplicationStateTrackingView.mm:

(-[WKApplicationStateTrackingView willMoveToWindow:]):
(-[WKApplicationStateTrackingView didMoveToWindow]):

2:37 PM Changeset in webkit [250154] by Chris Dumez

2 edits in trunk/Source/WebKit

ApplicationStateTracker::m_isBackground initialization does not account for UIScenes
https://bugs.webkit.org/show_bug.cgi?id=202048

Reviewed by Geoffrey Garen.

ApplicationStateTracker::m_isBackground initialization does not account for UIScenes, it merely checks
the visibility state of the whole app. It should instead check the visibility state of the window's
UIScene.

This patch also refactors the code a little bit to reduce #ifdef'ing.

UIProcess/ApplicationStateTracker.mm:

(WebKit::ApplicationStateTracker::ApplicationStateTracker):

2:35 PM Changeset in webkit [250153] by Chris Dumez

44 edits in trunk/Source

Document no longer needs to store a SessionID
https://bugs.webkit.org/show_bug.cgi?id=202024

Reviewed by Geoffrey Garen.

Document no longer needs to store a SessionID, now that we have a single
session per WebProcess. It can simply get its sessionID from its Page.

Source/WebCore:

Modules/mediastream/RTCPeerConnection.cpp:

(WebCore::RTCPeerConnection::create):

Modules/websockets/WebSocketChannel.cpp:

(WebCore::WebSocketChannel::didOpenSocketStream):

accessibility/mac/WebAccessibilityObjectWrapperMac.mm:

(-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]):

dom/DOMImplementation.cpp:

(WebCore::createXMLDocument):
(WebCore::DOMImplementation::createDocument):
(WebCore::DOMImplementation::createHTMLDocument):

dom/DOMImplementation.h:
dom/Document.cpp:

(WebCore::Document::Document):
(WebCore::m_undoManager):
(WebCore::Document::create):
(WebCore::Document::createNonRenderedPlaceholder):
(WebCore::Document::cloneDocumentWithoutChildren const):
(WebCore::Document::sessionID const):
(WebCore::Document::privateBrowsingStateDidChange):
(WebCore::Document::ensureTemplateDocument):
(WebCore::Document::logger):
(WebCore::Document::didLogMessage):

dom/Document.h:

(WebCore::Document::create):

dom/XMLDocument.h:

(WebCore::XMLDocument::create):
(WebCore::XMLDocument::createXHTML):
(WebCore::XMLDocument::XMLDocument):

html/FTPDirectoryDocument.cpp:

(WebCore::FTPDirectoryDocument::FTPDirectoryDocument):

html/FTPDirectoryDocument.h:
html/HTMLAnchorElement.cpp:

(WebCore::HTMLAnchorElement::parseAdClickAttribution const):

html/HTMLDocument.cpp:

(WebCore::HTMLDocument::createSynthesizedDocument):
(WebCore::HTMLDocument::HTMLDocument):
(WebCore::HTMLDocument::cloneDocumentWithoutChildren const):

html/HTMLDocument.h:

(WebCore::HTMLDocument::create):

html/ImageDocument.cpp:

(WebCore::ImageDocument::ImageDocument):

html/MediaDocument.cpp:

(WebCore::MediaDocument::MediaDocument):

html/MediaDocument.h:
html/PluginDocument.cpp:

(WebCore::PluginDocument::PluginDocument):

html/TextDocument.cpp:

(WebCore::TextDocument::TextDocument):

html/TextDocument.h:
inspector/DOMPatchSupport.cpp:

(WebCore::DOMPatchSupport::patchDocument):

loader/CookieJar.cpp:

(WebCore::CookieJar::cookieRequestHeaderFieldProxy):
(WebCore::CookieJar::cookieRequestHeaderFieldValue const):

loader/CookieJar.h:
loader/DocumentWriter.cpp:

(WebCore::DocumentWriter::createDocument):

loader/SinkDocument.cpp:

(WebCore::SinkDocument::SinkDocument):

loader/cache/CachedResource.cpp:

(WebCore::CachedResource::setResponse):
(WebCore::CachedResource::varyHeaderValuesMatch):

loader/cache/CachedSVGDocument.cpp:

(WebCore::CachedSVGDocument::finishLoading):

loader/cache/CachedSVGFont.cpp:

(WebCore::CachedSVGFont::ensureCustomFontData):

page/Page.cpp:

(WebCore::Page::configureLoggingChannel):

platform/network/CacheValidation.cpp:

(WebCore::cookieRequestHeaderFieldValue):
(WebCore::collectVaryingRequestHeaders):
(WebCore::verifyVaryingRequestHeaders):

platform/network/CacheValidation.h:
svg/SVGDocument.cpp:

(WebCore::SVGDocument::SVGDocument):
(WebCore::SVGDocument::cloneDocumentWithoutChildren const):

svg/SVGDocument.h:

(WebCore::SVGDocument::create):

workers/service/ServiceWorkerContainer.cpp:

(WebCore::ServiceWorkerContainer::isAlwaysOnLoggingAllowed const):

worklets/WorkletGlobalScope.cpp:

(WebCore::WorkletGlobalScope::WorkletGlobalScope):

worklets/WorkletGlobalScope.h:
xml/DOMParser.cpp:

(WebCore::DOMParser::parseFromString):

xml/DOMParser.h:
xml/DOMParser.idl:
xml/XMLHttpRequest.cpp:
xml/XSLTProcessor.cpp:

(WebCore::XSLTProcessor::createDocumentFromSource):

Source/WebKit:

WebProcess/WebPage/WebCookieJar.cpp:

(WebKit::WebCookieJar::cookieRequestHeaderFieldValue const):

WebProcess/WebPage/WebCookieJar.h:

2:23 PM Changeset in webkit [250152] by Devin Rousso

5 edits
2 adds in trunk

Web Inspector: HTML Formatter - better indentation/newline handling for self closing tags
https://bugs.webkit.org/show_bug.cgi?id=202036

Reviewed by Joseph Pecoraro.

Source/WebInspectorUI:

UserInterface/Workers/Formatter/HTMLFormatter.js:

(HTMLFormatter.prototype._before):

LayoutTests:

inspector/formatting/formatting-xml.html:
inspector/formatting/formatting-xml-expected.txt:
inspector/formatting/resources/xml-tests/self-closing.xml: Added.
inspector/formatting/resources/xml-tests/self-closing-expected.xml: Added.

2:06 PM Changeset in webkit [250151] by Chris Dumez

3 edits in trunk/Source/WebKit

[iOS] ASSERTION FAILED: Unsafe to ref/deref of ShareableBitmap from different threads
https://bugs.webkit.org/show_bug.cgi?id=201712
<rdar://problem/55289916>

Reviewed by Tim Horton.

Make sure ShareableBitmap objects are always ref'd / deref'd on the main thread by dispatching to
the main thread in ShareableBitmap::releaseBitmapContextData() before calling deref().

Shared/ShareableBitmap.cpp:

(WebKit::ShareableBitmap::ShareableBitmap):
(WebKit::ShareableBitmap::~ShareableBitmap):

Shared/cg/ShareableBitmapCG.cpp:

(WebKit::ShareableBitmap::createGraphicsContext):
(WebKit::ShareableBitmap::releaseBitmapContextData):

2:01 PM Changeset in webkit [250150] by achristensen@apple.com

15 edits in trunk/Source/WebKit

Begin moving WebsiteDataStore setters to WebsiteDataStoreConfiguration
https://bugs.webkit.org/show_bug.cgi?id=202025

Reviewed by Chris Dumez.

Most of these were only needed before initNonPersistentConfiguration existed.

UIProcess/API/C/WKWebsiteDataStoreConfigurationRef.cpp:

(WKWebsiteDataStoreConfigurationGetPerOriginStorageQuota):
(WKWebsiteDataStoreConfigurationSetPerOriginStorageQuota):

UIProcess/API/C/WKWebsiteDataStoreConfigurationRef.h:
UIProcess/API/C/WKWebsiteDataStoreRef.cpp:

(WKWebsiteDataStoreSetPerOriginStorageQuota):

UIProcess/API/C/WKWebsiteDataStoreRef.h:
UIProcess/API/Cocoa/WKWebsiteDataStore.mm:

(-[WKWebsiteDataStore _initWithConfiguration:]):
(-[WKWebsiteDataStore _perOriginStorageQuota]):
(-[WKWebsiteDataStore _setPerOriginStorageQuota:]):

UIProcess/API/Cocoa/WKWebsiteDataStorePrivate.h:
UIProcess/API/Cocoa/_WKWebsiteDataStoreConfiguration.h:
UIProcess/API/Cocoa/_WKWebsiteDataStoreConfiguration.mm:

(-[_WKWebsiteDataStoreConfiguration perOriginStorageQuota]):
(-[_WKWebsiteDataStoreConfiguration setPerOriginStorageQuota:]):
(-[_WKWebsiteDataStoreConfiguration boundInterfaceIdentifier]):
(-[_WKWebsiteDataStoreConfiguration setBoundInterfaceIdentifier:]):
(-[_WKWebsiteDataStoreConfiguration allowsCellularAccess]):
(-[_WKWebsiteDataStoreConfiguration setAllowsCellularAccess:]):
(-[_WKWebsiteDataStoreConfiguration proxyConfiguration]):
(-[_WKWebsiteDataStoreConfiguration setProxyConfiguration:]):

UIProcess/WebsiteData/Cocoa/WebsiteDataStoreCocoa.mm:

(WebKit::WebsiteDataStore::parameters):

UIProcess/WebsiteData/WebsiteDataStore.cpp:

(WebKit::WebsiteDataStore::WebsiteDataStore):
(WebKit::WebsiteDataStore::setSourceApplicationSecondaryIdentifier):
(WebKit::WebsiteDataStore::setSourceApplicationBundleIdentifier):

UIProcess/WebsiteData/WebsiteDataStore.h:

(WebKit::WebsiteDataStore::setBoundInterfaceIdentifier):
(WebKit::WebsiteDataStore::boundInterfaceIdentifier):
(WebKit::WebsiteDataStore::sourceApplicationBundleIdentifier const):
(WebKit::WebsiteDataStore::sourceApplicationSecondaryIdentifier const):
(WebKit::WebsiteDataStore::setAllowsCellularAccess):
(WebKit::WebsiteDataStore::allowsCellularAccess):
(WebKit::WebsiteDataStore::setProxyConfiguration):
(WebKit::WebsiteDataStore::proxyConfiguration):
(WebKit::WebsiteDataStore::setPerOriginStorageQuota): Deleted.

UIProcess/WebsiteData/WebsiteDataStoreConfiguration.cpp:

(WebKit::WebsiteDataStoreConfiguration::copy):

UIProcess/WebsiteData/WebsiteDataStoreConfiguration.h:

(WebKit::WebsiteDataStoreConfiguration::boundInterfaceIdentifier const):
(WebKit::WebsiteDataStoreConfiguration::setBoundInterfaceIdentifier):
(WebKit::WebsiteDataStoreConfiguration::allowsCellularAccess const):
(WebKit::WebsiteDataStoreConfiguration::setAllowsCellularAccess):
(WebKit::WebsiteDataStoreConfiguration::proxyConfiguration const):
(WebKit::WebsiteDataStoreConfiguration::setProxyConfiguration):

1:49 PM Changeset in webkit [250149] by Joseph Pecoraro

7 edits
2 deletes in trunk/Source/WebInspectorUI

Web Inspector: Remove BranchManager in favor of just using currentRevision
https://bugs.webkit.org/show_bug.cgi?id=202000

Reviewed by Devin Rousso.

Remove BranchManager. The Branch concept never got fleshed out, and would
likely be too complex for the average case. Local Overrides are simpler.
In the interest of expanding Local Overrides to more content lets simply
by removing Branches.

Localizations/en.lproj/localizedStrings.js:
UserInterface/Base/Main.js:

(WI.loaded):

UserInterface/Controllers/BranchManager.js: Removed.
UserInterface/Controllers/CSSManager.js:

(WI.CSSManager.prototype._resourceContentDidChange.applyStyleSheetChanges.styleSheetFound):
(WI.CSSManager.prototype._resourceContentDidChange.applyStyleSheetChanges):
(WI.CSSManager.prototype._resourceContentDidChange):
(WI.CSSManager.prototype._updateResourceContent.fetchedStyleSheetContent):

UserInterface/Main.html:
UserInterface/Models/Branch.js: Removed.
UserInterface/Models/SourceCode.js:

(WI.SourceCode.prototype._processContent):
(WI.SourceCode):

UserInterface/Views/TextResourceContentView.js:

(WI.TextResourceContentView.prototype._textEditorContentDidChange):

1:36 PM Changeset in webkit [250148] by achristensen@apple.com

12 edits
2 adds in trunk/Source/WebKit

Introduce LegacyGlobalSettings for settings the NetworkProcess needs from a WebProcessPool
https://bugs.webkit.org/show_bug.cgi?id=201970

Reviewed by Geoff Garen.

I'm starting by moving the cache model to this new abstraction.
We were using it in tests to disable the page cache, which should be done with a boolean on the pool configuration, not by changing the cache model.
We were also using it in WKContextSetCacheModel which has several clients that won't change quickly, so this abstraction is used to maintain existing behavior.
I need this so I can make a NetworkProcess not depend on anything from a WebProcessPool when starting.

Sources.txt:
UIProcess/API/APIProcessPoolConfiguration.cpp:

(API::ProcessPoolConfiguration::copy):

UIProcess/API/APIProcessPoolConfiguration.h:
UIProcess/API/C/WKContext.cpp:

(WKContextSetCacheModel):
(WKContextGetCacheModel):

UIProcess/API/Cocoa/_WKProcessPoolConfiguration.mm:

(-[_WKProcessPoolConfiguration pageCacheEnabled]):
(-[_WKProcessPoolConfiguration setPageCacheEnabled:]):

UIProcess/LegacyGlobalSettings.cpp: Added.

(WebKit::LegacyGlobalSettings::singleton):
(WebKit::LegacyGlobalSettings::setCacheModel):

UIProcess/LegacyGlobalSettings.h: Added.

(WebKit::LegacyGlobalSettings::cacheModel const):

UIProcess/WebProcessCache.cpp:

(WebKit::WebProcessCache::updateCapacity):

UIProcess/WebProcessPool.cpp:

(WebKit::WebProcessPool::ensureNetworkProcess):
(WebKit::WebProcessPool::initializeNewWebProcess):
(WebKit::WebProcessPool::updateMaxSuspendedPageCount):
(WebKit::WebProcessPool::setCacheModel):

UIProcess/WebProcessPool.h:
WebKit.xcodeproj/project.pbxproj:

1:30 PM Changeset in webkit [250147] by commit-queue@webkit.org

2 edits in trunk/Source/WebCore

[SVG2]: Add auto behavior for rx and ry to the SVG <ellipse> and <rect> elements (Addressing review comments)
https://bugs.webkit.org/show_bug.cgi?id=199843

Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2019-09-20
Reviewed by Darin Adler.

Make RenderSVGEllipse calculate of the ellipse's rx and ry more efficiently.

rendering/svg/RenderSVGEllipse.cpp:

(WebCore::RenderSVGEllipse::calculateRadiiAndCenter):

1:29 PM Changeset in webkit [250146] by achristensen@apple.com

7 edits in trunk/Source/WebKit

Deprecate unused C API aliases for WebsiteDataStore
https://bugs.webkit.org/show_bug.cgi?id=202029

Reviewed by Chris Dumez.

This is a piece of r249768.

UIProcess/API/C/WKApplicationCacheManager.cpp:

(WKApplicationCacheManagerGetTypeID):
(WKApplicationCacheManagerGetApplicationCacheOrigins):
(WKApplicationCacheManagerDeleteEntriesForOrigin):
(WKApplicationCacheManagerDeleteAllEntries):

UIProcess/API/C/WKApplicationCacheManager.h:
UIProcess/API/C/WKKeyValueStorageManager.cpp:

(WKKeyValueStorageManagerGetTypeID):
(WKKeyValueStorageManagerGetOriginKey):
(WKKeyValueStorageManagerGetCreationTimeKey):
(WKKeyValueStorageManagerGetModificationTimeKey):
(WKKeyValueStorageManagerGetKeyValueStorageOrigins):
(WKKeyValueStorageManagerGetStorageDetailsByOrigin):
(WKKeyValueStorageManagerDeleteEntriesForOrigin):
(WKKeyValueStorageManagerDeleteAllEntries):

UIProcess/API/C/WKKeyValueStorageManager.h:
UIProcess/API/C/WKResourceCacheManager.cpp:

(WKResourceCacheManagerGetTypeID):
(WKResourceCacheManagerGetCacheOrigins):
(WKResourceCacheManagerClearCacheForOrigin):
(WKResourceCacheManagerClearCacheForAllOrigins):
(toWebsiteDataTypes): Deleted.

UIProcess/API/C/WKResourceCacheManager.h:

1:21 PM Changeset in webkit [250145] by Adrian Perez de Castro

2 edits in trunk

Unreviewed. Bump WPE version numbers.

Source/cmake/OptionsWPE.cmake:

1:17 PM Changeset in webkit [250144] by achristensen@apple.com

11 edits in trunk/Source

Remove functionality to disable TLS fallback
https://bugs.webkit.org/show_bug.cgi?id=201998

Reviewed by Geoff Garen.

Source/WebCore/PAL:

pal/spi/cf/CFNetworkSPI.h:

Source/WebKit:

Since r249019 it is not used. It was a useful experiment and I'm glad we didn't see any regressions.

NetworkProcess/NetworkSessionCreationParameters.cpp:

(WebKit::NetworkSessionCreationParameters::privateSessionParameters):
(WebKit::NetworkSessionCreationParameters::encode const):
(WebKit::NetworkSessionCreationParameters::decode):

NetworkProcess/NetworkSessionCreationParameters.h:
NetworkProcess/cocoa/NetworkSessionCocoa.mm:

(WebKit::NetworkSessionCocoa::NetworkSessionCocoa):

UIProcess/API/Cocoa/WKWebsiteDataStore.mm:

(-[WKWebsiteDataStore _setAllowsTLSFallback:]):
(-[WKWebsiteDataStore _allowsTLSFallback]):

UIProcess/WebProcessPool.cpp:

(WebKit::WebProcessPool::ensureNetworkProcess):

UIProcess/WebsiteData/Cocoa/WebsiteDataStoreCocoa.mm:

(WebKit::WebsiteDataStore::parameters):

UIProcess/WebsiteData/WebsiteDataStore.cpp:

(WebKit::WebsiteDataStore::setAllowsTLSFallback): Deleted.

UIProcess/WebsiteData/WebsiteDataStore.h:

(WebKit::WebsiteDataStore::allowsTLSFallback const): Deleted.

1:11 PM Changeset in webkit [250143] by achristensen@apple.com

17 edits in trunk/Source/WebKit

Remove unused storage paths on APIProcessPoolConfiguration
https://bugs.webkit.org/show_bug.cgi?id=202028

Reviewed by Chris Dumez.

This is a piece of r249768.
There is no way to set these paths and they have been replaced by WebsiteDataStore paths.
There was one remaining use of the global disk cache directory in NetworkProcess::setCacheModel,
which I replaced with the default session's disk cache directory, which is equivalent.

NetworkProcess/NetworkProcess.cpp:

(WebKit::NetworkProcess::setCacheModel):

NetworkProcess/NetworkProcess.h:

(WebKit::NetworkProcess::diskCacheDirectory const): Deleted.

NetworkProcess/NetworkProcessCreationParameters.cpp:

(WebKit::NetworkProcessCreationParameters::encode const):
(WebKit::NetworkProcessCreationParameters::decode):
(WebKit::NetworkProcessCreationParameters::NetworkProcessCreationParameters): Deleted.

NetworkProcess/NetworkProcessCreationParameters.h:
NetworkProcess/NetworkSession.cpp:

(WebKit::NetworkSession::NetworkSession):

NetworkProcess/cache/NetworkCache.cpp:

(WebKit::NetworkCache::Cache::open):
(WebKit::NetworkCache::Cache::Cache):

NetworkProcess/cache/NetworkCache.h:

(WebKit::NetworkCache::Cache::storageDirectory):

NetworkProcess/cocoa/NetworkProcessCocoa.mm:

(WebKit::NetworkProcess::platformInitializeNetworkProcessCocoa):

UIProcess/API/APIProcessPoolConfiguration.cpp:

(API::ProcessPoolConfiguration::copy):
(API::ProcessPoolConfiguration::createWithWebsiteDataStoreConfiguration): Deleted.
(API::ProcessPoolConfiguration::ProcessPoolConfiguration): Deleted.
(API::ProcessPoolConfiguration::~ProcessPoolConfiguration): Deleted.

UIProcess/API/APIProcessPoolConfiguration.h:
UIProcess/API/glib/WebKitWebContext.cpp:

(webkitWebContextConstructed):
(webkit_web_context_set_disk_cache_directory):
(websiteDataStoreConfigurationForWebProcessPoolConfiguration): Deleted.

UIProcess/WebProcessPool.cpp:

(WebKit::WebProcessPool::ensureNetworkProcess):
(WebKit::WebProcessPool::resolvePathsForSandboxExtensions):
(WebKit::WebProcessPool::webProcessDataStoreParameters):

UIProcess/WebProcessPool.h:
UIProcess/WebsiteData/WebsiteDataStore.cpp:

(WebKit::WebsiteDataStore::processPools const):

UIProcess/WebsiteData/WebsiteDataStoreConfiguration.h:

1:10 PM Changeset in webkit [250142] by Keith Rollin

8 edits in trunk/Source

Remove some support for < iOS 13
https://bugs.webkit.org/show_bug.cgi?id=202032
<rdar://problem/55548468>

Reviewed by Alex Christensen.

Remove some support for iOS versions less than 13.0.

This removal is part of a series of patches effecting the removal of
dead code for old versions of iOS. This particular pass involves
changes in which Dan Bates was involved. These changes are isolated
from other similar changes in order to facilitate the reviewing
process.

Source/WebCore:

No new tests -- no new or changed functionality.

platform/network/cf/ResourceRequestCFNet.cpp:

(WebCore::ResourceRequest::doUpdatePlatformRequest):
(WebCore::ResourceRequest::doUpdateResourceRequest):

platform/network/cocoa/CookieCocoa.mm:

(WebCore::Cookie::operator NSHTTPCookie * _Nullable const):

platform/network/cocoa/ResourceRequestCocoa.mm:

(WebCore::ResourceRequest::doUpdateResourceRequest):
(WebCore::ResourceRequest::doUpdatePlatformRequest):

Source/WebKit:

UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView _interpretKeyEvent:isCharEvent:]):

Source/WebKitLegacy/mac:

WebView/WebHTMLView.mm:

(-[WebHTMLView _handleEditingKeyEvent:]):

12:47 PM Changeset in webkit [250141] by Adrian Perez de Castro

1 copy in releases/WPE WebKit/webkit-2.26.0

WPE WebKit 2.26.0

12:46 PM Changeset in webkit [250140] by Adrian Perez de Castro

4 edits in releases/WebKitGTK/webkit-2.26

Unreviewed. Update OptionsWPE.cmake and NEWS for the 2.26.0 release

Source/cmake/OptionsWPE.cmake: Bump version numbers.

Source/WebKit:

wpe/NEWS: Add release notes for 2.26.0

12:39 PM Changeset in webkit [250139] by Truitt Savell

66 edits
1 move
15 deletes in trunk

Unreviewed, rolling out r250114.

Broke ~16 webgpu/ tests on Mojave wk2

Reverted changeset:

"Web Inspector: Canvas: show WebGPU shader pipelines"
https://bugs.webkit.org/show_bug.cgi?id=201675
https://trac.webkit.org/changeset/250114

12:31 PM Changeset in webkit [250138] by Keith Rollin

6 edits in trunk

Remove some support for < iOS 13
https://bugs.webkit.org/show_bug.cgi?id=201973
<rdar://problem/55506966>

Reviewed by Alex Christensen.

Remove some support for iOS versions less than 13.0.

This removal is part of a series of patches effecting the removal of
dead code for old versions of iOS. This particular pass involves
changes in which Chris Dumez was involved. These changes are isolated
from other similar changes in order to facilitate the reviewing
process.

Source/WebKit:

NetworkProcess/Downloads/cocoa/DownloadCocoa.mm:

(WebKit::Download::resume):

Source/WTF:

wtf/FeatureDefines.h:

Tools:

TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:

11:42 AM Changeset in webkit [250137] by Alan Coon

3 edits
4 adds in branches/safari-608-branch

Revert "Revert r247573. rdar://problem/55461395"

11:18 AM Changeset in webkit [250136] by Alan Coon

8 edits in branches/safari-608.2.11.1-branch/Source/WebKit

Apply patch. rdar://problem/55564031

10:24 AM Changeset in webkit [250135] by Alan Coon

7 edits in branches/safari-608.2.11.1-branch/Source

Versioning.

10:21 AM Changeset in webkit [250134] by Alan Coon

3 edits
4 deletes in branches/safari-608-branch

Revert r247573. rdar://problem/55461395

8:53 AM Changeset in webkit [250133] by Chris Dumez

2 edits in trunk/Source/WebKit

Unreviewed, fix confusing release logging under WebPageProxy::loadRequestWithNavigationShared().

UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::loadRequestWithNavigationShared):

8:41 AM Changeset in webkit [250132] by Antti Koivisto

4 edits in trunk/Source/WebCore

Implement Position::upstream and Position::downstream with line layout iterator
https://bugs.webkit.org/show_bug.cgi?id=202043

Reviewed by Zalan Bujtas.

These can eventually work without switching to lineboxes.

dom/Position.cpp:

(WebCore::Position::upstream const):
(WebCore::Position::downstream const):

Factor the loops into TextBox::isLastOnLine function.

rendering/line/LineLayoutInterfaceTextBoxes.cpp:

(WebCore::LineLayoutInterface::TextBox::isLastOnLine const):

Looking into root boxes is a much more efficient way to figure this out.

(WebCore::LineLayoutInterface::TextBox::isLast const):
(WebCore::LineLayoutInterface::TextBoxIterator::ComplexPath::nextInlineTextBoxInTextOrder const):
(WebCore::LineLayoutInterface::TextBoxIterator::traverseNextInTextOrder):

rendering/line/LineLayoutInterfaceTextBoxes.h:

8:40 AM Changeset in webkit [250131] by sbarati@apple.com

2 edits in trunk/JSTests

Unreviewed. Make toctou-having-a-bad-time-new-array.js run for less time because it's timing out on the debug bots.

stress/toctou-having-a-bad-time-new-array.js:

8:23 AM Changeset in webkit [250130] by Chris Dumez

2 edits in trunk/Source/WebKit

Regression(r248832): Unable to quicklook HTML files in Mail
https://bugs.webkit.org/show_bug.cgi?id=202012
<rdar://problem/55285295>

Reviewed by Per Arne Vollan.

Follow-up to fix bug in r250110. Now that loadFile() calls
maybeInitializeSandboxExtensionHandle(), it no longer needs to
call assumeReadAccessToBaseURL(). This is because maybeInitializeSandboxExtensionHandle()
already take care of it.

UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::loadFile):

8:07 AM Changeset in webkit [250129] by commit-queue@webkit.org

6 edits
1 add in trunk/Source

Implement memory monitoring functions for Linux OS
https://bugs.webkit.org/show_bug.cgi?id=200391

Patch by Paulo Matos <Paulo Matos> on 2019-09-20
Reviewed by Žan Doberšek.

Source/JavaScriptCore:

jsc.cpp:

Source/WTF:

wtf/PlatformGTK.cmake:
wtf/PlatformJSCOnly.cmake:
wtf/PlatformWPE.cmake:
wtf/linux/ProcessMemoryFootprint.h: Added.

(ProcessMemoryFootprint::now):
(ProcessMemoryFootprint::resetPeak):

7:29 AM WebKitGTK/2.26.x edited by Adrian Perez de Castro

(diff)

6:36 AM Changeset in webkit [250128] by Alan Bujtas

22 edits
2 copies in trunk/Source/WebCore

[LFC] Introduce LayoutContext class
https://bugs.webkit.org/show_bug.cgi?id=202026
<rdar://problem/55546622>

Reviewed by Antti Koivisto.

Move context related functionality from LayoutState to LayoutContext.
To initiate a layout, create a LayoutContext, pass the current LayoutState object in and call layout().

Sources.txt:
WebCore.xcodeproj/project.pbxproj:
layout/FormattingContext.cpp:

(WebCore::Layout::FormattingContext::layoutOutOfFlowContent):

layout/FormattingContext.h:
layout/FormattingContextGeometry.cpp:

(WebCore::Layout::FormattingContext::Geometry::shrinkToFitWidth):

layout/LayoutState.cpp:

(WebCore::Layout::LayoutState::createFormattingStateForFormattingRootIfNeeded):
(WebCore::Layout::LayoutState::updateLayout): Deleted.
(WebCore::Layout::LayoutState::layoutFormattingContextSubtree): Deleted.
(WebCore::Layout::LayoutState::styleChanged): Deleted.
(WebCore::Layout::LayoutState::markNeedsUpdate): Deleted.
(WebCore::Layout::LayoutState::createFormattingContext): Deleted.
(WebCore::Layout::LayoutState::run): Deleted.

layout/LayoutState.h:

(WebCore::Layout::LayoutState::hasFormattingState const):
(WebCore::Layout::LayoutState::setQuirksMode):
(WebCore::Layout::LayoutState::inNoQuirksMode const):
(WebCore::Layout::LayoutState::updateAll): Deleted.

layout/Verification.cpp:

(WebCore::Layout::LayoutContext::verifyAndOutputMismatchingLayoutTree):
(WebCore::Layout::LayoutState::verifyAndOutputMismatchingLayoutTree const): Deleted.

layout/blockformatting/BlockFormattingContext.cpp:

(WebCore::Layout::BlockFormattingContext::layoutFormattingContextRoot):

layout/blockformatting/BlockFormattingContextGeometry.cpp:

(WebCore::Layout::BlockFormattingContext::Geometry::intrinsicWidthConstraints):

layout/blockformatting/BlockInvalidation.cpp:

(WebCore::Layout::computeUpdateType):
(WebCore::Layout::computeUpdateTypeForAncestor):
(WebCore::Layout::BlockInvalidation::invalidate):

layout/blockformatting/BlockInvalidation.h:
layout/displaytree/DisplayBox.h:
layout/inlineformatting/InlineFormattingContext.cpp:

(WebCore::Layout::InlineFormattingContext::computeIntrinsicWidthForFormattingRoot):
(WebCore::Layout::InlineFormattingContext::layoutFormattingContextRoot):

layout/inlineformatting/InlineInvalidation.cpp:

(WebCore::Layout::InlineInvalidation::invalidate):

layout/inlineformatting/InlineInvalidation.h:
layout/layouttree/LayoutTreeBuilder.cpp:

(WebCore::Layout::printLayoutTreeForLiveDocuments):

layout/tableformatting/TableFormattingContext.cpp:

(WebCore::Layout::TableFormattingContext::layoutTableCellBox):
(WebCore::Layout::TableFormattingContext::computePreferredWidthForColumns):

layout/tableformatting/TableInvalidation.cpp:

(WebCore::Layout::TableInvalidation::invalidate):

layout/tableformatting/TableInvalidation.h:
page/FrameViewLayoutContext.cpp:

(WebCore::layoutUsingFormattingContext):

4:00 AM Changeset in webkit [250127] by commit-queue@webkit.org

76 edits
1 copy
63 adds in trunk/LayoutTests

Synchronize MathML WPT tests against upstream
https://bugs.webkit.org/show_bug.cgi?id=201975

Patch by Rob Buis <rbuis@igalia.com> on 2019-09-20
Reviewed by Frédéric Wang.

LayoutTests/imported/w3c:

Sync is based on a3a4442b04c37155f81c4ad4ae9c06339f76ce14.

resources/import-expectations.json:
web-platform-tests/mathml/presentation-markup/direction/direction-006.html:
web-platform-tests/mathml/presentation-markup/direction/direction-007.html:
web-platform-tests/mathml/presentation-markup/direction/direction-008.html:
web-platform-tests/mathml/presentation-markup/direction/direction-009.html:
web-platform-tests/mathml/presentation-markup/direction/direction-010.html:
web-platform-tests/mathml/presentation-markup/fractions/frac-bar-002-expected.html: Added.
web-platform-tests/mathml/presentation-markup/fractions/frac-bar-002.html: Added.
web-platform-tests/mathml/presentation-markup/fractions/frac-default-padding-expected.html: Added.
web-platform-tests/mathml/presentation-markup/fractions/frac-default-padding.html: Added.
web-platform-tests/mathml/presentation-markup/fractions/frac-rendering-from-in-flow-expected.html: Added.
web-platform-tests/mathml/presentation-markup/fractions/frac-rendering-from-in-flow.html: Added.
web-platform-tests/mathml/presentation-markup/fractions/w3c-import.log:
web-platform-tests/mathml/presentation-markup/menclose/legacy-menclose-radical-notation-expected.html: Added.
web-platform-tests/mathml/presentation-markup/menclose/legacy-menclose-radical-notation.html: Added.
web-platform-tests/mathml/presentation-markup/menclose/w3c-import.log: Copied from LayoutTests/imported/w3c/web-platform-tests/mathml/presentation-markup/mrow/w3c-import.log.
web-platform-tests/mathml/presentation-markup/mrow/legacy-mrow-like-elements-001-expected.txt: Added.
web-platform-tests/mathml/presentation-markup/mrow/legacy-mrow-like-elements-001.html: Added.
web-platform-tests/mathml/presentation-markup/mrow/legacy-mrow-like-elements-002-expected.html: Added.
web-platform-tests/mathml/presentation-markup/mrow/legacy-mrow-like-elements-002.html: Added.
web-platform-tests/mathml/presentation-markup/mrow/legacy-mstyle-attributes-expected.txt: Added.
web-platform-tests/mathml/presentation-markup/mrow/legacy-mstyle-attributes.html: Added.
web-platform-tests/mathml/presentation-markup/mrow/w3c-import.log:
web-platform-tests/mathml/presentation-markup/operators/embellished-operator-001-expected.txt:
web-platform-tests/mathml/presentation-markup/operators/embellished-operator-001.html:
web-platform-tests/mathml/presentation-markup/operators/embellished-operator-002-expected.txt:
web-platform-tests/mathml/presentation-markup/operators/embellished-operator-002.html:
web-platform-tests/mathml/presentation-markup/operators/mo-form-dynamic.html:
web-platform-tests/mathml/presentation-markup/operators/mo-form-fallback.html:
web-platform-tests/mathml/presentation-markup/operators/mo-form-minus-plus.html:
web-platform-tests/mathml/presentation-markup/operators/mo-form.html:
web-platform-tests/mathml/presentation-markup/operators/mo-movablelimits-default.html:
web-platform-tests/mathml/presentation-markup/operators/mo-movablelimits-dynamic.html:
web-platform-tests/mathml/presentation-markup/operators/mo-movablelimits-from-in-flow-expected.html: Added.
web-platform-tests/mathml/presentation-markup/operators/mo-movablelimits-from-in-flow.html: Added.
web-platform-tests/mathml/presentation-markup/operators/mo-movablelimits.html:
web-platform-tests/mathml/presentation-markup/operators/mo-paint-lspace-rspace.html:
web-platform-tests/mathml/presentation-markup/operators/operator-dictionary-001-expected.txt: Added.
web-platform-tests/mathml/presentation-markup/operators/operator-dictionary-001.html: Added.
web-platform-tests/mathml/presentation-markup/operators/w3c-import.log:
web-platform-tests/mathml/presentation-markup/radicals/radical-rendering-from-in-flow-expected.html: Added.
web-platform-tests/mathml/presentation-markup/radicals/radical-rendering-from-in-flow.html: Added.
web-platform-tests/mathml/presentation-markup/radicals/w3c-import.log:
web-platform-tests/mathml/presentation-markup/scripts/cramped-001-expected.txt: Added.
web-platform-tests/mathml/presentation-markup/scripts/cramped-001.html: Added.
web-platform-tests/mathml/presentation-markup/scripts/w3c-import.log:
web-platform-tests/mathml/presentation-markup/spaces/space-like-004-expected.txt:
web-platform-tests/mathml/presentation-markup/spaces/space-like-004.html:
web-platform-tests/mathml/presentation-markup/tables/table-001-expected.txt: Added.
web-platform-tests/mathml/presentation-markup/tables/table-001.html: Added.
web-platform-tests/mathml/presentation-markup/tables/table-002-expected.txt: Added.
web-platform-tests/mathml/presentation-markup/tables/table-002.html: Added.
web-platform-tests/mathml/presentation-markup/tables/w3c-import.log:
web-platform-tests/mathml/relations/css-styling/attribute-mapping-001.html:
web-platform-tests/mathml/relations/css-styling/displaystyle-011.html:
web-platform-tests/mathml/relations/css-styling/displaystyle-012.html:
web-platform-tests/mathml/relations/css-styling/displaystyle-013.html:
web-platform-tests/mathml/relations/css-styling/displaystyle-014.html:
web-platform-tests/mathml/relations/css-styling/displaystyle-015.html:
web-platform-tests/mathml/relations/css-styling/ignored-properties-001-expected.txt: Added.
web-platform-tests/mathml/relations/css-styling/ignored-properties-001.html: Added.
web-platform-tests/mathml/relations/css-styling/mathsize-attribute-css-keywords.html:
web-platform-tests/mathml/relations/css-styling/mathsize-attribute-legacy-values.html:
web-platform-tests/mathml/relations/css-styling/mathvariant-auto.html:
web-platform-tests/mathml/relations/css-styling/mathvariant-bold-fraktur.html:
web-platform-tests/mathml/relations/css-styling/mathvariant-bold-italic.html:
web-platform-tests/mathml/relations/css-styling/mathvariant-bold-sans-serif.html:
web-platform-tests/mathml/relations/css-styling/mathvariant-bold-script.html:
web-platform-tests/mathml/relations/css-styling/mathvariant-bold.html:
web-platform-tests/mathml/relations/css-styling/mathvariant-double-struck.html:
web-platform-tests/mathml/relations/css-styling/mathvariant-fraktur.html:
web-platform-tests/mathml/relations/css-styling/mathvariant-initial.html:
web-platform-tests/mathml/relations/css-styling/mathvariant-italic.html:
web-platform-tests/mathml/relations/css-styling/mathvariant-looped.html:
web-platform-tests/mathml/relations/css-styling/mathvariant-monospace.html:
web-platform-tests/mathml/relations/css-styling/mathvariant-sans-serif-bold-italic.html:
web-platform-tests/mathml/relations/css-styling/mathvariant-sans-serif-italic.html:
web-platform-tests/mathml/relations/css-styling/mathvariant-sans-serif.html:
web-platform-tests/mathml/relations/css-styling/mathvariant-script.html:
web-platform-tests/mathml/relations/css-styling/mathvariant-stretched.html:
web-platform-tests/mathml/relations/css-styling/mathvariant-tailed.html:
web-platform-tests/mathml/relations/css-styling/not-participating-to-parent-layout.html:
web-platform-tests/mathml/relations/css-styling/padding-border-margin/border-002.html:
web-platform-tests/mathml/relations/css-styling/padding-border-margin/margin-002.html:
web-platform-tests/mathml/relations/css-styling/padding-border-margin/padding-002.html:
web-platform-tests/mathml/relations/css-styling/w3c-import.log:
web-platform-tests/mathml/relations/css-styling/width-height-001.html:
web-platform-tests/mathml/relations/html5-tree/clipboard-event-handlers.tentative-expected.txt:
web-platform-tests/mathml/relations/html5-tree/clipboard-event-handlers.tentative.html:
web-platform-tests/mathml/relations/html5-tree/css-inline-style-dynamic.tentative-expected.html:
web-platform-tests/mathml/relations/html5-tree/display-2-expected.html: Added.
web-platform-tests/mathml/relations/html5-tree/display-2.html: Added.
web-platform-tests/mathml/relations/html5-tree/math-global-event-handlers.tentative-expected.txt:
web-platform-tests/mathml/relations/html5-tree/math-global-event-handlers.tentative.html:
web-platform-tests/mathml/relations/html5-tree/tabindex-001-expected.txt: Added.
web-platform-tests/mathml/relations/html5-tree/tabindex-001.html: Added.
web-platform-tests/mathml/relations/html5-tree/tabindex-002-expected.txt: Added.
web-platform-tests/mathml/relations/html5-tree/tabindex-002.html: Added.
web-platform-tests/mathml/relations/html5-tree/w3c-import.log:
web-platform-tests/mathml/support/box-navigation.js: Added.

(IsInFlow):
(firstInFlowChild):
(nextInFlowSibling):
(previousInFlowSibling):

web-platform-tests/mathml/support/feature-detection.js:

(MathMLFeatureDetection.string_appeared_here):
(MathMLFeatureDetection.has_mspace): Deleted.
(MathMLFeatureDetection.has_operator_spacing): Deleted.
(MathMLFeatureDetection.has_mfrac): Deleted.
(MathMLFeatureDetection.has_msqrt): Deleted.
(MathMLFeatureDetection.has_menclose): Deleted.
(MathMLFeatureDetection.has_dir): Deleted.

web-platform-tests/mathml/support/mathml-fragments.js:

(FragmentHelper.createElement):
(FragmentHelper.forceNonEmptyElement):
(FragmentHelper.forceNonEmptyDescendants):

web-platform-tests/mathml/support/operator-dictionary.js: Added.

(async.fetchOperatorDictionary):
(splitKey):
(spaceIndexToLength):
(defaultPropertyValue):

web-platform-tests/mathml/support/operator-dictionary.json: Added.
web-platform-tests/mathml/support/w3c-import.log:
web-platform-tests/mathml/tools/mathvariant-transforms.py:
web-platform-tests/mathml/tools/operator-dictionary.py: Added.

(parseHexaNumber):
(parseHexaSequence):
(parseSpaces):
(parseProperties):
(buildKeyAndValueFrom):
(createSizeVariants):
(createStretchy):

web-platform-tests/mathml/tools/operator-dictionary.xsl: Added.
web-platform-tests/mathml/tools/utils/misc.py:
web-platform-tests/mathml/tools/utils/w3c-import.log:
web-platform-tests/mathml/tools/w3c-import.log:

LayoutTests:

TestExpectations:
platform/gtk/imported/w3c/web-platform-tests/mathml/presentation-markup/mrow/legacy-mrow-like-elements-001-expected.txt: Added.
platform/gtk/imported/w3c/web-platform-tests/mathml/presentation-markup/mrow/legacy-mstyle-attributes-expected.txt: Added.
platform/gtk/imported/w3c/web-platform-tests/mathml/presentation-markup/operators/dir-mo-expected.txt: Added.
platform/gtk/imported/w3c/web-platform-tests/mathml/presentation-markup/operators/operator-dictionary-001-expected.txt: Added.
platform/gtk/imported/w3c/web-platform-tests/mathml/presentation-markup/scripts/cramped-001-expected.txt: Added.
platform/gtk/imported/w3c/web-platform-tests/mathml/presentation-markup/tables/table-001-expected.txt: Added.
platform/gtk/imported/w3c/web-platform-tests/mathml/presentation-markup/tables/table-002-expected.txt: Added.
platform/gtk/imported/w3c/web-platform-tests/mathml/relations/css-styling/ignored-properties-001-expected.txt: Added.
platform/gtk/imported/w3c/web-platform-tests/mathml/relations/html5-tree/tabindex-001-expected.txt: Added.
platform/gtk/imported/w3c/web-platform-tests/mathml/relations/html5-tree/tabindex-002-expected.txt: Added.
platform/ios-wk1/imported/w3c/web-platform-tests/matml/presentation-markup/operators/operator-dictionary-001-expected.txt: Added.
platform/ios-wk1/imported/w3c/web-platform-tests/matml/relations/css-styling/ignored-properties-001-expected.txt: Added.
platform/mac/TestExpectations:
tests-options.json:

1:45 AM Changeset in webkit [250126] by commit-queue@webkit.org

2 edits in trunk/Source/WTF

UI process crash when using callOnMainThread() after the main thread dispatcher has been destroyed
https://bugs.webkit.org/show_bug.cgi?id=197266

Patch by Libor Bukata <libor.bukata@oracle.com> on 2019-09-20
Reviewed by Carlos Garcia Campos.

wtf/generic/MainThreadGeneric.cpp:

(WTF::scheduleDispatchFunctionsOnMainThread):

1:33 AM Changeset in webkit [250125] by jh718.park@samsung.com

2 edits in trunk/Source/WebKit

Unreviewed. Remove duplicated HashMap iteration since r248734.

ASSERT statement already exists for |storageNamespaceID|,
so |HashMap.get| for the parameter is not needed.

NetworkProcess/WebStorage/StorageManager.cpp:

(WebKit::StorageManager::destroySessionStorageNamespace):

1:28 AM Changeset in webkit [250124] by Devin Rousso

9 edits in trunk/Source/JavaScriptCore

ASSERT NOT REACHED in Inspector::InjectedScriptModule::ensureInjected() seen with inspector/heap/getRemoteObject.html
https://bugs.webkit.org/show_bug.cgi?id=201713
<rdar://problem/55290349>

Reviewed by Joseph Pecoraro.

Expose the Exception object by leveraging an Expected of JSValue as the return value
instead of using a referenced bool (which wouldn't include any of the exception's info).

bindings/ScriptFunctionCall.h:
bindings/ScriptFunctionCall.cpp:

(Deprecated::ScriptFunctionCall::call):

inspector/InjectedScript.cpp:

(Inspector::InjectedScript::wrapCallFrames const):
(Inspector::InjectedScript::wrapObject const):
(Inspector::InjectedScript::wrapJSONString const):
(Inspector::InjectedScript::wrapTable const):
(Inspector::InjectedScript::previewValue const):
(Inspector::InjectedScript::findObjectById const):
(Inspector::InjectedScript::releaseObjectGroup):

inspector/InjectedScriptBase.h:
inspector/InjectedScriptBase.cpp:

(Inspector::InjectedScriptBase::callFunctionWithEvalEnabled const):
(Inspector::InjectedScriptBase::makeCall):
(Inspector::InjectedScriptBase::makeAsyncCall):

inspector/InjectedScriptManager.h:
inspector/InjectedScriptManager.cpp:

(Inspector::InjectedScriptManager::createInjectedScript):
(Inspector::InjectedScriptManager::injectedScriptFor):

inspector/InjectedScriptModule.cpp:

(Inspector::InjectedScriptModule::ensureInjected):

12:09 AM Changeset in webkit [250123] by jh718.park@samsung.com

3 edits in trunk/Source/WebKit

Unreviewed. Fix Build warning below since r248734.

warning: unused variable ‘foo’ [-Wunused-variable]

NetworkProcess/WebStorage/StorageManager.cpp:

(WebKit::StorageManager::destroySessionStorageNamespace):

NetworkProcess/WebStorage/StorageManagerSet.cpp:

(WebKit::StorageManagerSet::add):
(WebKit::StorageManagerSet::waitUntilTasksFinished):

Sep 19, 2019:

10:32 PM Changeset in webkit [250122] by mitz@apple.com

9 copies
1 add in releases/Apple/Safari 13.0

Added a tag for Safari 13.0.

9:55 PM Changeset in webkit [250121] by Brent Fulgham

13 edits
2 adds in trunk/Tools

[FTW] Enable WebKitTestRunner build
https://bugs.webkit.org/show_bug.cgi?id=201996

Reviewed by Fujii Hironori.

It's time to start getting the test system up and running for FTW.

This patch does the following:

Adds relevant CMake changes to get things building.
Adds a "--ftw" flag to the build scripts that will trigger a relevant build.
Updates 'webkitpy' to recognize the 'ftw' port.

Note: Pixel tests are not yet supported.

PlatformFTW.cmake: Build the WK2 test runner.
Scripts/build-webkit: Update to recognize the FTW port.
Scripts/webkitdirs.pm: Ditto.
Scripts/webkitperl/webkitdirs_unittest/extractNonMacOSHostConfiguration.pl: Ditto.
Scripts/webkitpy/common/config/ports.py: Ditto.
Scripts/webkitpy/common/config/ports_unittest.py: Ditto.
Scripts/webkitpy/common/version_name_map.py: Ditto.
Scripts/webkitpy/port/factory.py: Ditto.
Scripts/webkitpy/port/win.py: Ditto.
WebKitTestRunner/InjectedBundle/InjectedBundlePage.cpp:

(WTR::InjectedBundlePage::dumpDOMAsWebArchive): Don't build or run this method
on Windows.

WebKitTestRunner/PlatformFTW.cmake: Added.
WebKitTestRunner/PlatformWebView.h:
WebKitTestRunner/win/PlatformWebViewWin.cpp:
WebKitTestRunner/win/TestInvocationDirect2D.cpp: Added.

(WTR::TestInvocation::dumpPixelsAndCompareWithExpected): Add stub implementation.

9:47 PM Changeset in webkit [250120] by jh718.park@samsung.com

2 edits in trunk/Source/WebCore

Unreviewed. Fix Build error below since r248879.

warning: unused variable ‘canvas’ [-Wunused-variable]

No new tests, no new behavioral changes.

html/canvas/GPUBasedCanvasRenderingContext.cpp:

(WebCore::GPUBasedCanvasRenderingContext::notifyCanvasContentChanged):

8:51 PM Changeset in webkit [250119] by Brent Fulgham

4 edits in trunk/Source/WebKit

[FTW, WinCairo] Support running tests in Release mode
https://bugs.webkit.org/show_bug.cgi?id=202021

Reviewed by Don Olmstead.

In Bug 201597, we added new features to better lock down JSC features in the
potentially untrusted WebContent process.

Unfortunately, this change included XPC Dictionary items used at startup to
lock down JSC features before entering the main execution of the process. These
changes were not done for the WinCairo or FTW ports.

We need to pass the state of the JIT and whether to enable certain JSC features
at process launch. Since the XPC mechanisms we use on macOS and iOS do not exist
on Windows, I am implementing them as command-line flags.

-configure-jsc-for-testing: Sets the JSC in testing mode.
-disable-jit: Disables the JIT.

See r249808 for the equivalent changes on macOS and iOS.

PlatformFTW.cmake: Add some missing header files needed when building tests.
Shared/win/AuxiliaryProcessMainWin.cpp:

(WebKit::AuxiliaryProcessMainBase::parseCommandLine):

UIProcess/Launcher/win/ProcessLauncherWin.cpp:

(WebKit::ProcessLauncher::launchProcess):

8:36 PM Changeset in webkit [250118] by Joseph Pecoraro

2 edits in trunk/Source/WebInspectorUI

Web Inspector: searching in overrides doesn't work
https://bugs.webkit.org/show_bug.cgi?id=202020

Reviewed by Devin Rousso.

UserInterface/Views/SourceCodeTextEditor.js:

(WI.SourceCodeTextEditor.prototype.customPerformSearch):
Do not go to agents for a local resource. Search locally in the TextEditor.

8:18 PM Changeset in webkit [250117] by Fujii Hironori

8 edits in trunk/Tools

[Win][MiniBrowser] Use _com_ptr_t methods instead of calling QueryInterface explictly
https://bugs.webkit.org/show_bug.cgi?id=201976

Reviewed by Don Olmstead.

This change consists of three refactorings:

Replaced explicit QueryInterface with _com_ptr_t methods
Replaced typedef with _COM_SMARTPTR_TYPEDEF macro
Replaced WebCore's COMPtr with _com_ptr_t because it is not a public WebKit API

MiniBrowser/win/MiniBrowserWebHost.cpp:

(MiniBrowserWebHost::didFirstLayoutInFrame): Deleted.

MiniBrowser/win/MiniBrowserWebHost.h:

(MiniBrowserWebHost::didFirstLayoutInFrame):

MiniBrowser/win/PrintWebUIDelegate.cpp:

(getHandleFromWebView):
(PrintWebUIDelegate::webViewPrintingMarginRect):
(PrintWebUIDelegate::runModal):
(PrintWebUIDelegate::createModalDialog):

MiniBrowser/win/WebKitLegacyBrowserWindow.cpp:

(WebKitLegacyBrowserWindow::init):
(WebKitLegacyBrowserWindow::setToDefaultPreferences):
(WebKitLegacyBrowserWindow::showLastVisitedSites):
(WebKitLegacyBrowserWindow::reload):
(WebKitLegacyBrowserWindow::resetZoom):
(WebKitLegacyBrowserWindow::zoomIn):
(WebKitLegacyBrowserWindow::zoomOut):
(WebKitLegacyBrowserWindow::showLayerTree):
(WebKitLegacyBrowserWindow::print):

MiniBrowser/win/WebKitLegacyBrowserWindow.h:

(WebKitLegacyBrowserWindow::privatePreferences):

MiniBrowser/win/WinMain.cpp:

(wWinMain):

MiniBrowser/win/stdafx.h:

7:31 PM Changeset in webkit [250116] by ysuzuki@apple.com

13 edits
1 add in trunk

[JSC] DFG op_call_varargs should not assume that one-previous-local of freeReg is usable
https://bugs.webkit.org/show_bug.cgi?id=202014

Reviewed by Saam Barati.

JSTests:

stress/call-varargs-inlining-should-not-clobber-previous-to-free-register.js: Added.

(v0):

Source/JavaScriptCore:

Let's look into the bytecode generated by the test.

[ 0] enter
[ 1] get_scope loc4
[ 3] mov loc5, loc4
[ 6] check_traps
[ 7] mov loc6, callee
[ 10] create_direct_arguments loc7
[ 12] to_this this
[ 15] mov loc8, loc7
[ 18] mov loc9, loc6
[ 21] mov loc12, Undefined(const0)
[ 24] get_by_id loc11, loc6, 0
[ 29] jneq_ptr loc11, ApplyFunction, 18(->47)
[ 34] mov loc11, loc6
[ 37] call_varargs loc11, loc11, this, loc8, loc13, 0
[ 45] jmp 17(->62)
[ 47] mov loc16, loc6
[ 50] mov loc15, this
[ 53] mov loc14, loc8
[ 56] call loc11, loc11, 3, 22
...

call_varargs uses loc13 as firstFreeReg (first usable bottom register in the current stack-frame to spread variadic arguments after this).
This is correct. And call_varargs uses |this| as this argument for the call_varargs. This |this| argument is not in a region starting from loc13.
And it is not in the previous place to loc13 (|this| is not loc12).

On the other hand, DFG::ByteCodeParser's inlining path is always assuming that the previous to firstFreeReg is usable and part of arguments.
But this is wrong. loc12 in the above bytecode is used for [ 56] call loc11, loc11, 3, 22's argument later, and this call assumes
that loc12 is not clobbered by call_varargs. But DFG and FTL clobbers it.

The test is recursively calling the same function, and we inline the same function one-level. And stack-overflow error happens when inlined
CallForwardVarargs (from op_call_varargs) is called. FTL recovers the frames, and at this point, outer function's loc12 is recovered to garbage since
LoadVarargs clobbers it. And we eventually use it and crash.

60:<!0:-> LoadVarargs(Check:Untyped:Kill:@30, MustGen, start = loc13, count = loc15, machineStart = loc7, machineCount = loc9, offset = 0, mandatoryMinimum = 0, limit = 2, R:World, W:Stack(-16),Stack(-14),Stack(-13),Heap, Exits, ClobbersExit, bc#37, ExitValid)

This LoadVarargs clobbers loc12, loc13, and loc15 while loc12 is used.

This patch fixes DFG::ByteCodeParser's stack region calculation for op_call_varargs inlining. And we rename maxNumArguments to maxArgumentCountIncludingThis to
represent that maxArgumentCountIncludingThis includes |this| count.

bytecode/CallLinkInfo.cpp:

(JSC::CallLinkInfo::setMaxArgumentCountIncludingThis):
(JSC::CallLinkInfo::setMaxNumArguments): Deleted.

bytecode/CallLinkInfo.h:

(JSC::CallLinkInfo::addressOfMaxArgumentCountIncludingThis):
(JSC::CallLinkInfo::maxArgumentCountIncludingThis):
(JSC::CallLinkInfo::addressOfMaxNumArguments): Deleted.
(JSC::CallLinkInfo::maxNumArguments): Deleted.

bytecode/CallLinkStatus.cpp:

(JSC::CallLinkStatus::computeFor):
(JSC::CallLinkStatus::dump const):

bytecode/CallLinkStatus.h:

(JSC::CallLinkStatus::maxArgumentCountIncludingThis const):
(JSC::CallLinkStatus::maxNumArguments const): Deleted.

dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::handleVarargsInlining):

dfg/DFGSpeculativeJIT32_64.cpp:

(JSC::DFG::SpeculativeJIT::emitCall):

dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::emitCall):

ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileDirectCallOrConstruct):

jit/JITCall.cpp:

(JSC::JIT::compileSetupFrame):

jit/JITCall32_64.cpp:

(JSC::JIT::compileSetupFrame):

jit/JITOperations.cpp:

6:39 PM Changeset in webkit [250115] by jdiggs@igalia.com

2 edits in trunk/Tools

[GTK] Dependency hunspell-en-gb cannot be found on Fedora 30
https://bugs.webkit.org/show_bug.cgi?id=202009

Update package name to hunspell-en-GB.

Reviewed by Carlos Alberto Lopez Perez.

gtk/install-dependencies:

6:20 PM Changeset in webkit [250114] by Devin Rousso

66 edits
6 copies
1 move
9 adds in trunk

Web Inspector: Canvas: show WebGPU shader pipelines
https://bugs.webkit.org/show_bug.cgi?id=201675

Reviewed by Joseph Pecoraro.

Source/JavaScriptCore:

inspector/protocol/Canvas.json:

Add a ProgramType enum that conveys the type of shader program/pipeline when notifying the
frontend of a new program

Source/WebCore:

Tests: inspector/canvas/requestShaderSource-webgpu.html

inspector/canvas/shaderProgram-add-remove-webgpu.html
inspector/canvas/updateShader-webgpu.html

Create common base classes for WebGPUPipeline and GPUPipeline so that Web Inspector can
instrument both render and compute shader pipelines.

Refactor InspectorShaderProgram to support both WebGLProgram and WebGPUPipeline so
that the same object can be used for all types of shader "program"s.

Keep a copy of each shader module's source, and allow the shader module to be updated.

Modules/webgpu/WebGPUDevice.h:
Modules/webgpu/WebGPUDevice.cpp:

(WebCore::WebGPUDevice::createShaderModule const):
(WebCore::WebGPUDevice::createRenderPipeline): Added.
(WebCore::WebGPUDevice::createComputePipeline): Added.
(WebCore::WebGPUDevice::createRenderPipeline const): Deleted.
(WebCore::WebGPUDevice::createComputePipeline const): Deleted.

Modules/webgpu/WebGPUPipeline.h: Added.

(WebCore::WebGPUPipeline::isRenderPipeline const):
(WebCore::WebGPUPipeline::isComputePipeline const):
(WebCore::WebGPUPipeline::scriptExecutionContext const):

Modules/webgpu/WebGPUPipeline.cpp: Added.

(WebCore::WebGPUPipeline::instancesMutex):
(WebCore::WebGPUPipeline::WebGPUPipeline):
(WebCore::WebGPUPipeline::~WebGPUPipeline):

platform/graphics/gpu/GPUPipeline.cpp: Added.
platform/graphics/gpu/GPUPipeline.h: Added.

(WebCore::GPUPipeline::isRenderPipeline const):
(WebCore::GPUPipeline::isComputePipeline const):

Modules/webgpu/WebGPUComputePipeline.idl:
Modules/webgpu/WebGPUComputePipeline.h:

(WebCore::WebGPUComputePipeline::computePipeline const): Deleted.

Modules/webgpu/WebGPUComputePipeline.cpp:

(WebCore::WebGPUComputePipeline::create):
(WebCore::WebGPUComputePipeline::WebGPUComputePipeline):
(WebCore::WebGPUComputePipeline::recompile): Added.

platform/graphics/gpu/GPUComputePipeline.h:

(WebCore::GPUComputePipeline::isComputePipeline): Added.

platform/graphics/gpu/cocoa/GPUComputePipelineMetal.mm:

(WebCore::GPUComputePipeline::tryCreate):
(WebCore::GPUComputePipeline::GPUComputePipeline):
(WebCore::GPUComputePipeline::recompile): Added.

Modules/webgpu/WebGPURenderPipeline.idl:
Modules/webgpu/WebGPURenderPipeline.h:

(WebCore::WebGPURenderPipeline::renderPipeline const): Deleted.

Modules/webgpu/WebGPURenderPipeline.cpp:

(WebCore::WebGPURenderPipeline::create):
(WebCore::WebGPURenderPipeline::WebGPURenderPipeline):
(WebCore::WebGPURenderPipeline::recompile): Added.

platform/graphics/gpu/GPURenderPipeline.h:

(WebCore::GPURenderPipeline::isRenderPipeline): Added.

platform/graphics/gpu/cocoa/GPURenderPipelineMetal.mm:

(WebCore::tryCreateMtlRenderPipelineState):
(WebCore::GPURenderPipeline::tryCreate):
(WebCore::GPURenderPipeline::GPURenderPipeline):
(WebCore::GPURenderPipeline::recompile): Added.

Modules/webgpu/WebGPUShaderModule.h:

(WebCore::WebGPUShaderModule::source const): Added.

Modules/webgpu/WebGPUShaderModule.cpp:

(WebCore::WebGPUShaderModule::update): Added.

Modules/webgpu/WebGPUProgrammableStageDescriptor.h:
platform/graphics/gpu/GPUProgrammableStageDescriptor.h:

(WebCore::GPUProgrammableStageDescriptor::GPUProgrammableStageDescriptor):

inspector/InspectorShaderProgram.h:
inspector/InspectorShaderProgram.cpp:

inspector/agents/InspectorCanvasAgent.h:
inspector/agents/InspectorCanvasAgent.cpp:

inspector/InspectorInstrumentation.h:

inspector/InspectorInstrumentation.cpp:

html/canvas/WebGLProgram.h:
html/canvas/WebGLProgram.cpp:

(WebCore::WebGLProgram::WebGLProgram):
(WebCore::WebGLProgram::~WebGLProgram):

html/canvas/WebGLRenderingContextBase.cpp:

Sources.txt:
WebCore.xcodeproj/project.pbxproj:

Source/WebInspectorUI:

Show WebGPU shader pipelines ("programs") underneath each corresponding WebGPU device.

Allow editing of attached shader modules for each WebGPU shader pipeline, but don't allow
highlighting/disabling, as WebGPU pipelines don't have those capabilities/concepts yet.

UserInterface/Protocol/CanvasObserver.js:

(WI.CanvasObserver.prototype.programCreated):

UserInterface/Controllers/CanvasManager.js:

(WI.CanvasManager.prototype.programCreated):

UserInterface/Models/Canvas.js:

(WI.Canvas.prototype.nextShaderProgramDisplayNumberForProgramType): Added.
(WI.Canvas.prototype.nextShaderProgramDisplayNumber): Deleted.

UserInterface/Models/ShaderProgram.js:

UserInterface/Views/ShaderProgramContentView.js:

UserInterface/Views/ShaderProgramContentView.css:

UserInterface/Views/CodeMirrorAdditions.js:

UserInterface/Views/ShaderProgramTreeElement.js:

Localizations/en.lproj/localizedStrings.js:

LayoutTests:

Split existing shader tests into WebGL and WebGPU sub-tests for different platforms.

inspector/canvas/requestShaderSource.html:
inspector/canvas/requestShaderSource-expected.txt:
inspector/canvas/updateShader.html:
inspector/canvas/updateShader-expected.txt:

inspector/canvas/resources/shaderProgram-utilities-webgpu.js: Added.
inspector/canvas/requestShaderSource-webgpu.html: Added.
inspector/canvas/requestShaderSource-webgpu-expected.txt: Added.
inspector/canvas/shaderProgram-add-remove-webgpu.html: Added.
inspector/canvas/shaderProgram-add-remove-webgpu-expected.txt: Added.
inspector/canvas/updateShader-webgpu-expected.txt: Added.
inspector/canvas/updateShader-webgpu.html: Added.

inspector/canvas/resources/shaderProgram-utilities-webgl.js: Renamed from LayoutTests/inspector/canvas/resources/shaderProgram-utilities.js.
inspector/canvas/console-record-webgl.html:
inspector/canvas/console-record-webgl2.html:
inspector/canvas/recording-webgl-frameCount.html:
inspector/canvas/recording-webgl-full.html:
inspector/canvas/recording-webgl-memoryLimit.html:
inspector/canvas/recording-webgl-snapshots.html:
inspector/canvas/recording-webgl2-frameCount.html:
inspector/canvas/recording-webgl2-full.html:
inspector/canvas/recording-webgl2-memoryLimit.html:
inspector/canvas/recording-webgl2-snapshots.html:
inspector/canvas/requestShaderSource-webgl.html: Added.
inspector/canvas/requestShaderSource-webgl-expected.txt: Added.
inspector/canvas/setShaderProgramDisabled.html:
inspector/canvas/setShaderProgramHighlighted.html:
inspector/canvas/shaderProgram-add-remove-webgl.html:
inspector/canvas/shaderProgram-add-remove-webgl2.html:
inspector/canvas/updateShader-webgl.html: Added.
inspector/canvas/updateShader-webgl-expected.txt: Added.

platform/gtk/TestExpectations:
platform/ios/TestExpectations:
platform/mac-wk1/TestExpectations:
platform/mac/TestExpectations:
platform/win/TestExpectations:
platform/wincairo/TestExpectations:
platform/wpe/TestExpectations:

5:46 PM Changeset in webkit [250113] by Jonathan Bedard

3 edits in trunk/Tools

results.webkit.org: Collapse results with the same version name
https://bugs.webkit.org/show_bug.cgi?id=201779

Rubber-stamped by Aakash Jain.

resultsdbpy/resultsdbpy/view/static/js/configuration.js:

(Configuration.prototype.const.ending.this.version_name.substring):
(Configuration.prototype.toKey): Prefer version_name over version number in key.
(Configuration.prototype.compare): version_name comparison should always override version comparison.
(Configuration.prototype.compareSDKs): Make SDK regex global.
(Configuration.prototype.toParams): Remove E tag on version_name.
(Configuration): Append E tag on the version_name based on the SDK.

resultsdbpy/resultsdbpy/view/static/js/timeline.js:

(TimelineFromEndpoint.prototype.toString): Print version number with SDK.

5:29 PM Changeset in webkit [250112] by mark.lam@apple.com

3 edits in trunk/Source/JavaScriptCore

Rename VMInspector::m_list to m_vmList.
https://bugs.webkit.org/show_bug.cgi?id=202015

Reviewed by Yusuke Suzuki.

m_vmList is more descriptive, and this rename helps grep-ability by disambiguating
it from other m_lists in the code base.

tools/VMInspector.cpp:

(JSC::VMInspector::add):
(JSC::VMInspector::remove):

tools/VMInspector.h:

(JSC::VMInspector::iterate):

5:11 PM Changeset in webkit [250111] by Chris Dumez

4 edits in trunk/Source/WebKit

Add better logging for when the view visibility state changes
https://bugs.webkit.org/show_bug.cgi?id=202008

Reviewed by Geoffrey Garen.

UIProcess/ApplicationStateTracker.mm:
UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::updateActivityState):

UIProcess/ios/WebPageProxyIOS.mm:

(WebKit::WebPageProxy::applicationDidEnterBackground):
(WebKit::WebPageProxy::applicationWillEnterForeground):

4:55 PM Changeset in webkit [250110] by Chris Dumez

8 edits in trunk/Source/WebKit

Regression(r248832): Unable to quicklook HTML files in Mail
https://bugs.webkit.org/show_bug.cgi?id=202012
<rdar://problem/55285295>

Reviewed by Geoff Garen and Brent Fulgham.

r248832 inadvertently reverted the fix for Mail that landed in r247400 by not using
the same logic to initialize the sandbox extension if the process had already
finished launching or not. In particular, the new code path that happens on process
launch unconditionally used '/' as resource directory for the sandbox extension if
the client did not provide one. The logic in maybeInitializeSandboxExtensionHandle()
would use the file URL's base URL as resource directory when creating a sandbox
extension for '/' would fail (which it often does).

To address the issue, have the logic that runs on process launch call
maybeInitializeSandboxExtensionHandle() so avoid duplicating code and make sure
both cases now have the Mail fix.

UIProcess/AuxiliaryProcessProxy.cpp:

(WebKit::AuxiliaryProcessProxy::didFinishLaunching):

UIProcess/AuxiliaryProcessProxy.h:

(WebKit::AuxiliaryProcessProxy::isLaunching const):

UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::maybeInitializeSandboxExtensionHandle):
(WebKit::WebPageProxy::loadRequestWithNavigationShared):
(WebKit::WebPageProxy::loadFile):

UIProcess/WebPageProxy.h:
WebProcess/WebPage/WebPage.messages.in:

4:34 PM Changeset in webkit [250109] by Alan Coon

1 copy in tags/Safari-608.2.11.1.8

Tag Safari-608.2.11.1.8.

4:15 PM Changeset in webkit [250108] by timothy_horton@apple.com

2 edits in trunk/Source/WebKit

macCatalyst apps crash under TextCheckingControllerProxy::replaceRelativeToSelection when spell checking
https://bugs.webkit.org/show_bug.cgi?id=202010
<rdar://problem/54974971>

Reviewed by Beth Dakin.

WebProcess/WebPage/Cocoa/TextCheckingControllerProxy.mm:

(WebKit::TextCheckingControllerProxy::replaceRelativeToSelection):
relativeReplacementRange is in the coordinate space of the document's text,
not the replacement string. We need to adjust into replacement string
coordinates before slicing the replacement, or we'll throw an exception
trying to read past the end of the string, in the case where the
replacement string is shorter than the replaced string (by more than 2 characters).

3:23 PM Changeset in webkit [250107] by mark.lam@apple.com

2 edits in trunk/Source/JavaScriptCore

Reduce the number of required tag bits for the JSValue.
https://bugs.webkit.org/show_bug.cgi?id=201990

Reviewed by Yusuke Suzuki.

We're reducing the number of tag bits to 15. It should just work.

How did we arrive at 15 bits?
============================
Currently, the minimum number of top bits used by doubles is 13-bits. The
highest double bit encoding are:

"negative" pureNaN: starts with 0xfff8
negative infinity: starts with 0xfff0
highest number: starts with 0xffe*
lowest number: starts with 0x0000

Requirements:

We need tags for 2 range of numbers: pointers (all 0s at the top), and ints (all 1s at the top).

We want to be able to add an offset to double bits and ensure that they never end up in the ranges for pointers and ints.

The int tag must be higher than whatever value is produced in the top bits when boxing a double. We have code that relies on this relationship being true and checks if a JSValue is an int by checking if the tag bits are above or equal to the int tag.

We don't want to burn more than 2 CPU registers for tag / mask registers.

Based on the bit encoding of doubles, the full number range of the top 13 bits
are used in valid double numbers. This means the minimum tag bits must be greater
than 13.

Consider a 14-bit tag. The DoubleEncodeOffset will be 1 << 50 i.e. starts with
0x0004. With this encoding,

"negative" pureNaN: maps to 0xfff8 + 0x0004 => 0xfffc

i.e. the top 14 bits are all set. This conflicts with the int number range.

Next, consider a 15-bit tag. The DoubleEncodeOffset will be 1 << 49 i.e. starts
with 0x0002. With this encoding:

"negative" pureNaN: maps to 0xfff8 + 0x0002 => 0xfffa
negative infinity: maps to 0xfff0 + 0x0002 => 0xfff2

i.e. 0xfffe (top 5 bits set) is available to represent ints. This is the encoding
that we'll adopt in this patch.

Alternate encodings schemes to consider in the future:
=====================================================

If we're willing and able to purifyNaN at all the places that can produce a "negative" pureNaN, e.g. after a division, then we can remove the "negative" pureNaN as a valid double bit encoding. With this, we can now box doubles with just a 14-bit tag, and DoubleEncodeOffset will be 1 << 50 i.e. starts with 0x0004.

With this encoding, the top double, negative infinity, is encoded as follows:

negative infinity: maps to 0xfff0 + 0x0004 => 0xfff4

i.e. leaving 0xfffc as the tag for ints.

We didn't adopt this scheme at this time because it adds complexity, and may
have performance impact from the extra purifyNaN checks.

Ref: https://bugs.webkit.org/show_bug.cgi?id=202002

If we're willing to use 3 tag registers or always materialize one of them, we can also adopt a 14-bit tag as follows:

Pointer { 0000:PPPP:PPPP:PPPP

/ 0002:::

Double { ...

\ FFFC:::

Integer { FFFF:0000:IIII:IIII

where ...

NumberMask is 0xfffc: any bits set in the top 14 bits is a number.
IntMask is 0xffff: value is int if value & IntMask == IntMask.
NotCellMask is NumberMask | OtherTag.

Since the highest double is "negative" pureNaN i.e. starts with 0xfff8, adding
a DoubleEncodeOffset of 1<<50 (starts with 0x0004) produces 0xfffc which is
still less than 0xffff.

We didn't adopt this scheme at this time because it adds complexity and may
have a performance impact from either burning another register, or materializing
the 3rd mask.

Ref: https://bugs.webkit.org/show_bug.cgi?id=202005

runtime/JSCJSValue.h:

2:46 PM Changeset in webkit [250106] by commit-queue@webkit.org

2 edits in trunk/Source/WebKit

WebStorageNamespaceProvider / StorageNamespaceImpl no longer need SessionIDs
https://bugs.webkit.org/show_bug.cgi?id=201922
<rdar://problem/55505906>

Patch by Yury Semikhatsky <yurys@chromium.org> on 2019-09-19
Reviewed by Chris Dumez.

Fix GTK Debug compilation after https://trac.webkit.org/changeset/250083:
../../Source/WebKit/WebProcess/WebStorage/WebStorageNamespaceProvider.cpp:75:55: error: no member named 'singleton' in namespace 'WebCore::Process'
ASSERT_UNUSED(sessionID, sessionID == WebProcess::singleton().sessionID());

WebProcess/WebStorage/WebStorageNamespaceProvider.cpp:

2:34 PM Changeset in webkit [250105] by Ryan Haddad

2 edits in trunk/Tools

REGRESSION: [iOS 13?] TestWebKitAPI.SharedBufferTest.tryCreateArrayBufferLargeSegments is failing
https://bugs.webkit.org/show_bug.cgi?id=201902

Unreviewed test gardening.

TestWebKitAPI/Tests/WebCore/SharedBuffer.cpp: Disable the test on iOS.

2:19 PM Changeset in webkit [250104] by Chris Dumez

40 edits in trunk/Source

WorkerGlobalScope does not need a SessionID
https://bugs.webkit.org/show_bug.cgi?id=201991

Reviewed by Alex Christensen.

WorkerGlobalScope does not need a SessionID, now that we have a single session
per WebProcess.

Source/WebCore:

dom/Document.cpp:

(WebCore::Document::resume):
(WebCore::Document::privateBrowsingStateDidChange):

dom/Document.h:
dom/ScriptExecutionContext.h:
loader/DocumentLoader.cpp:

(WebCore::DocumentLoader::matchRegistration):
(WebCore::DocumentLoader::commitData):
(WebCore::DocumentLoader::registerTemporaryServiceWorkerClient):
(WebCore::DocumentLoader::unregisterTemporaryServiceWorkerClient):

testing/Internals.cpp:

(WebCore::Internals::serviceWorkerClientIdentifier const):
(WebCore::Internals::storeRegistrationsOnDisk):
(WebCore::Internals::hasServiceWorkerRegistration):
(WebCore::Internals::terminateServiceWorker):
(WebCore::Internals::hasServiceWorkerConnection):

workers/DedicatedWorkerGlobalScope.cpp:

(WebCore::DedicatedWorkerGlobalScope::create):
(WebCore::DedicatedWorkerGlobalScope::DedicatedWorkerGlobalScope):

workers/DedicatedWorkerGlobalScope.h:
workers/DedicatedWorkerThread.cpp:

(WebCore::DedicatedWorkerThread::DedicatedWorkerThread):
(WebCore::DedicatedWorkerThread::createWorkerGlobalScope):

workers/DedicatedWorkerThread.h:
workers/Worker.cpp:

(WebCore::Worker::notifyFinished):

workers/WorkerGlobalScope.cpp:

(WebCore::WorkerGlobalScope::WorkerGlobalScope):

workers/WorkerGlobalScope.h:
workers/WorkerGlobalScopeProxy.h:
workers/WorkerMessagingProxy.cpp:

(WebCore::WorkerMessagingProxy::startWorkerGlobalScope):

workers/WorkerMessagingProxy.h:
workers/WorkerThread.cpp:

(WebCore::WorkerThreadStartupData::WorkerThreadStartupData):
(WebCore::WorkerThread::WorkerThread):
(WebCore::WorkerThread::workerThread):

workers/WorkerThread.h:
workers/service/ServiceWorker.cpp:

(WebCore::ServiceWorker::postMessage):

workers/service/ServiceWorkerContainer.cpp:

(WebCore::mainThreadConnection):
(WebCore::ServiceWorkerContainer::addRegistration):
(WebCore::ServiceWorkerContainer::removeRegistration):
(WebCore::ServiceWorkerContainer::updateRegistration):
(WebCore::ServiceWorkerContainer::jobResolvedWithRegistration):
(WebCore::ServiceWorkerContainer::notifyRegistrationIsSettled):
(WebCore::ServiceWorkerContainer::jobFinishedLoadingScript):
(WebCore::ServiceWorkerContainer::notifyFailedFetchingScript):
(WebCore::ServiceWorkerContainer::ensureSWClientConnection):

workers/service/ServiceWorkerGlobalScope.cpp:

(WebCore::ServiceWorkerGlobalScope::create):
(WebCore::ServiceWorkerGlobalScope::ServiceWorkerGlobalScope):

workers/service/ServiceWorkerGlobalScope.h:
workers/service/ServiceWorkerProvider.cpp:

(WebCore::ServiceWorkerProvider::mayHaveServiceWorkerRegisteredForOrigin):
(WebCore::ServiceWorkerProvider::registerServiceWorkerClients):

workers/service/ServiceWorkerProvider.h:
workers/service/WorkerSWClientConnection.cpp:

(WebCore::WorkerSWClientConnection::WorkerSWClientConnection):
(WebCore::WorkerSWClientConnection::matchRegistration):
(WebCore::WorkerSWClientConnection::getRegistrations):
(WebCore::WorkerSWClientConnection::whenRegistrationReady):
(WebCore::WorkerSWClientConnection::addServiceWorkerRegistrationInServer):
(WebCore::WorkerSWClientConnection::removeServiceWorkerRegistrationInServer):
(WebCore::WorkerSWClientConnection::didResolveRegistrationPromise):
(WebCore::WorkerSWClientConnection::postMessageToServiceWorker):
(WebCore::WorkerSWClientConnection::serverConnectionIdentifier const):
(WebCore::WorkerSWClientConnection::syncTerminateWorker):
(WebCore::WorkerSWClientConnection::registerServiceWorkerClient):
(WebCore::WorkerSWClientConnection::finishFetchingScriptInServer):
(WebCore::WorkerSWClientConnection::scheduleJob):

workers/service/WorkerSWClientConnection.h:
workers/service/context/ServiceWorkerThread.cpp:

(WebCore::ServiceWorkerThread::ServiceWorkerThread):
(WebCore::ServiceWorkerThread::createWorkerGlobalScope):

workers/service/context/ServiceWorkerThread.h:
workers/service/context/ServiceWorkerThreadProxy.cpp:

(WebCore::ServiceWorkerThreadProxy::ServiceWorkerThreadProxy):

workers/service/context/ServiceWorkerThreadProxy.h:
worklets/WorkletGlobalScope.h:

(WebCore::WorkletGlobalScope::sessionID const):

xml/DOMParser.cpp:

(WebCore::DOMParser::parseFromString):

xml/DOMParser.h:
xml/DOMParser.idl:
xml/XMLHttpRequest.cpp:

Source/WebKit:

WebProcess/Storage/WebSWContextManagerConnection.cpp:

(WebKit::WebSWContextManagerConnection::installServiceWorker):

WebProcess/Storage/WebServiceWorkerProvider.cpp:

(WebKit::WebServiceWorkerProvider::serviceWorkerConnection):
(WebKit::WebServiceWorkerProvider::existingServiceWorkerConnection):
(WebKit::WebServiceWorkerProvider::serviceWorkerConnectionForSession): Deleted.
(WebKit::WebServiceWorkerProvider::existingServiceWorkerConnectionForSession): Deleted.

WebProcess/Storage/WebServiceWorkerProvider.h:
WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::updateThrottleState):

1:52 PM Changeset in webkit [250103] by commit-queue@webkit.org

10 edits
12 adds in trunk

Source/WebCore:
[SVG2]: Add auto behavior for rx and ry to the SVG <ellipse> and<rect> elements
https://bugs.webkit.org/show_bug.cgi?id=199843

Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2019-09-19
Reviewed by Simon Fraser, Nikolas Zimmermann.

The specification is: https://www.w3.org/TR/SVG2/geometry.html#RxProperty.

Change the initial value of rx and ry to be "auto". Change the parser to
parse LengthOrAuto for these properties. Handle the case if one of them
is missing.

Tests: svg/custom/ellipse-radius-auto-dynamic.svg

svg/custom/ellipse-radius-auto-initial.svg
svg/custom/ellipse-radius-length-initial.svg
svg/custom/rect-radius-auto-dynamic.svg
svg/custom/rect-radius-auto-initial.svg
svg/custom/rect-radius-length-initial.svg

css/CSSProperties.json:
css/parser/CSSPropertyParser.cpp:

(WebCore::consumeRxOrRy):

rendering/style/RenderStyle.h:

(WebCore::RenderStyle::initialRadius):

rendering/style/SVGRenderStyleDefs.cpp:

(WebCore::StyleLayoutData::StyleLayoutData):

rendering/svg/RenderSVGEllipse.cpp:

(WebCore::RenderSVGEllipse::calculateRadiiAndCenter):

LayoutTests:
[SVG2]: Add auto behavior for rx and ry to the SVG <ellipse> and <rect> elements
https://bugs.webkit.org/show_bug.cgi?id=199843

Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2019-09-19
Reviewed by Simon Fraser, Nikolas Zimmermann.

Add tests which exercise the initial setting for rx and ry: length, 'auto'.
Add tests to dynamically change the values of these properties from length
to 'auto'.

Skip the tests with dynamic changes till webkit.org/b/201918 is fixed.

TestExpectations:
svg/css/parse-length-expected.txt:
svg/css/parse-length.html:
svg/custom/ellipse-radius-auto-dynamic-expected.svg: Added.
svg/custom/ellipse-radius-auto-dynamic.svg: Added.
svg/custom/ellipse-radius-auto-initial-expected.svg: Added.
svg/custom/ellipse-radius-auto-initial.svg: Added.
svg/custom/ellipse-radius-length-initial-expected.svg: Added.
svg/custom/ellipse-radius-length-initial.svg: Added.
svg/custom/rect-radius-auto-dynamic-expected.svg: Added.
svg/custom/rect-radius-auto-dynamic.svg: Added.
svg/custom/rect-radius-auto-initial-expected.svg: Added.
svg/custom/rect-radius-auto-initial.svg: Added.
svg/custom/rect-radius-length-initial-expected.svg: Added.
svg/custom/rect-radius-length-initial.svg: Added.

1:07 PM Changeset in webkit [250102] by aakash_jain@apple.com

2 edits in trunk/Tools

[ews] Fix platform for JSC EWS
https://bugs.webkit.org/show_bug.cgi?id=201997

Reviewed by Jonathan Bedard.

BuildSlaveSupport/ews-build/config.json:

12:36 PM Changeset in webkit [250101] by Justin Fan

13 edits in trunk/Websites/webkit.org

[WebGPU] Update messaging to reflect STP 92 requirement for demos
https://bugs.webkit.org/show_bug.cgi?id=201931

Reviewed by Jon Lee.

Demos don't work anymore on versions of Safari older than STP 92,
so update WebGPU feature detection to reflect that.

demos/webgpu/babylon/babylonWebGpu.max.js:
demos/webgpu/babylon/oneHelmetWebGPU.html:
demos/webgpu/babylon/oneSphereWebGPU.html:
demos/webgpu/compute-blur.html:
demos/webgpu/compute-boids-compile.html:
demos/webgpu/compute-boids.html:
demos/webgpu/hello-cube.html:
demos/webgpu/hello-triangle.html:
demos/webgpu/scripts/compute-blur.js:

(async.init):

demos/webgpu/scripts/compute-boids-compile.js:
demos/webgpu/scripts/hello-triangle.js:

(async.helloTriangle):

demos/webgpu/textured-cube.html:

12:19 PM Changeset in webkit [250100] by commit-queue@webkit.org

6 edits
2 adds in trunk

HTMLVideoElement with a broken poster image will take square dimension
https://bugs.webkit.org/show_bug.cgi?id=174122
<rdar://problem/33121806>

Patch by Peng Liu <Peng Liu> on 2019-09-19
Reviewed by Daniel Bates.

Source/WebCore:

For a video element, if only the width attribute is given and the height attribute is missing,
an invalid poster image will make its aspect ratio to be 1, which is the historical WebKit behavior
if we're painting alt text and/or a broken image. This fix prevents that behavior to impact video elements.

We add a virtual function shouldDisplayBrokenImageIcon() to RenderImage and it will return true
only when the image source is given but cannot be downloaded. RenderMedia overrides this virtual function
and always return false because it never shows the broken image icon. RenderVideo inherits
that behavior from RenderMedia.

Then, in RenderImage::computeIntrinsicRatioInformation(), we only set the aspect ratio to 1
when we need to show the broken image icon. It is the historical WebKit behavior that we want to keep
for image element, but we also want to avoid its impact (this bug) on video elements.

We also replace the imageResource().errorOccurred() with shouldDisplayBrokenImageIcon() in
TreeBuilder::createLayoutBox() for the same reason.

The logic to display the broken image icon in RenderImage::renderReplaced() is also cleaned up.

Test: media/video-poster-not-found.html

layout/layouttree/LayoutTreeBuilder.cpp:

(WebCore::Layout::TreeBuilder::createLayoutBox):

rendering/RenderImage.cpp:

(WebCore::RenderImage::shouldDisplayBrokenImageIcon const):
(WebCore::RenderImage::paintReplaced):
(WebCore::RenderImage::computeIntrinsicRatioInformation const):

rendering/RenderImage.h:
rendering/RenderMedia.h:

LayoutTests:

When only the width (no height) attribute of a video element is given
and the the poster image is missing (cannot be downloaded),
the aspect ratio of the video element should not be 1, which is the default behavior
of WebKit to paint a broken image. Instead, it should be the aspect ratio of the video content.

media/video-poster-not-found-expected.txt: Added.
media/video-poster-not-found.html: Added.

12:02 PM Changeset in webkit [250099] by mark.lam@apple.com

2 edits in trunk/Source/JavaScriptCore

Refactoring: fix broken indentation in JSNonDestructibleProxy.h.
https://bugs.webkit.org/show_bug.cgi?id=201989

Reviewed by Saam Barati.

This patch only unindent the code to get it back to compliant formatting.
There is no actual code change.

runtime/JSNonDestructibleProxy.h:

(JSC::JSNonDestructibleProxy::subspaceFor):
(JSC::JSNonDestructibleProxy::create):
(JSC::JSNonDestructibleProxy::createStructure):
(JSC::JSNonDestructibleProxy::JSNonDestructibleProxy):

11:45 AM Changeset in webkit [250098] by Tadeu Zagallo

4 edits
1 add in trunk

Syntax checker should report duplicate proto properties
https://bugs.webkit.org/show_bug.cgi?id=201897
<rdar://problem/53201788>

Reviewed by Mark Lam.

JSTests:

stress/syntax-checker-duplicate-underscore-proto.js: Added.

(catch):

Source/JavaScriptCore:

Currently we have two ways of parsing object literals:

parseObjectLiteral: this is called in sloppy mode, and as an optimization for syntax checking, it doesn't allocate string literals while parsing properties. It does still allocate identifiers, but it won't store them in the Property object that it creates for each parsed property. This method backtracks and calls parseObjectStrictLiteral if it finds any getters or setters.
parseObjectStrictLiteral: this is called in strict mode, or when the object contains getters/setters as stated above. This will always allocate string literals as well as identifiers and store them in the Property object, even during syntax checking.

From looking at the history, it seems that there was a distinction between these two methods:
parseStrictObjectLiteral was introduced in r62848 and contained an extra check for duplicate
getters/setters or properties defined as both getters/setters and constants. That distinction
was removed and the only distinction that remained was whether we build strings and store the
strings and properties as part of the Property object created by SyntaxChecker::createProperty.
However, this optimization is no longer valid, since we need to throw a SyntaxError for duplicate
proto properties in object literals even in sloppy mode, which means that we do need to build
the strings and identifiers and store them as part of the Property objects.

parser/Parser.cpp:

(JSC::Parser<LexerType>::parseObjectLiteral):
(JSC::Parser<LexerType>::parsePrimaryExpression):
(JSC::Parser<LexerType>::parseStrictObjectLiteral): Deleted.

parser/Parser.h:

11:34 AM WebKitGTK/StableRelease edited by clopez@igalia.com

(diff)

11:28 AM Changeset in webkit [250097] by mark.lam@apple.com

2 edits in trunk/Source/JavaScriptCore

Remove a now unnecessary hack to work around static const needing external linkage.
https://bugs.webkit.org/show_bug.cgi?id=201988

Reviewed by Saam Barati.

MacroAssembler::dataTempRegister is now a constexpr, thereby ensuring that it's
inlinable.

b3/B3Common.cpp:

(JSC::B3::pinnedExtendedOffsetAddrRegister):

11:04 AM Changeset in webkit [250096] by Alan Coon

2 edits in branches/safari-608.2.11.1-branch/Source/WebKit

Cherry-pick r250069. rdar://problem/55524978

Eagerly create and add the m_layerHostingView to WKWebView.
https://bugs.webkit.org/show_bug.cgi?id=201942

Reviewed by Tim Horton.

Some apps will add subviews to WKWebView, and by the time we add our m_layerHostingView view we might be
adding it behind a view that should have been added behind our layer hosting view subview. This affected
the Spark email app, due to changes in order of loading delegate calls and when compositing is enabled.
Instead of delayed creation of m_layerHostingView, always create it and add it to to the WKWebView.
This ensures proper ordering of subviews when clients add a view behind all existing subviews.

UIProcess/Cocoa/WebViewImpl.mm: (WebKit::WebViewImpl::WebViewImpl): Create and add m_layerHostingView here. (WebKit::WebViewImpl::setAcceleratedCompositingRootLayer): Remove creation and removal of m_layerHostingView. Just set the sublayers of m_layerHostingView's layer here.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@250069 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:01 AM Changeset in webkit [250095] by Alan Coon

7 edits in branches/safari-608.2.11.1-branch/Source

Versioning.

9:14 AM Changeset in webkit [250094] by mark.lam@apple.com

43 edits in trunk/Source/JavaScriptCore

Replace JSValue #defines with static constexpr values.
https://bugs.webkit.org/show_bug.cgi?id=201966

Reviewed by Yusuke Suzuki.

static constexpr is the modern C++ way to define these constants.

Some of the values are typed int64_t and some are int32_t. The original #define
values are int64_t. Hence, we adopt int64_t as the default type to use here.

However, some of these constants are being used as 32-bit values, and the code
was static_cast'ing them into int32_t. This set of constants are all the small
values that fit in an int32_t anyway. So, we're putting these in int32_t instead
so that we don't have to keep casting them. In the few places where they are
used as int64_t, they will automatically get up-casted anyway.

In this patch, we also did the following:

Renamed TagMask to NotCellMask, because everywhere in the code, we're basically using it to filter out cells like this:

if (value & NotCellMask) then goto handleNotCellCase;

Renamed TagTypeNumber to NumberTag for a shorter name.

Ditto for TagBitTypeOther, TagBitBool, TagBitUndefined, TagBitsWasm, and TagWasmMask.
They are now OtherTag, BoolTag, UndefinedTag, WasmTag, and WasmMask.

Introduced DoubleEncodeOffsetBit so that client code do not embed this value as a literal constant. We now define DoubleEncodeOffset based on DoubleEncodeOffsetBit ensuring consistency.

Introduced MiscTag so that clients don't have to put this set of tags together themselves.

Removed static asserts for tags in LLIntData.cpp because the offlineasm now captures these values correctly with constexpr statements. These static asserts were holdovers from the old days back when we had to define LLInt constant values manually, and we needed a mechanism to detect when the values have changed in the source.

Replaced some runtime asserts in RegisterSet.cpp with static_asserts.

In Wasm::wasmToJS(), we were constructing the value of JSValue::DoubleEncodeOffset constant by left shifting 1 by JSValue::DoubleEncodeOffsetBit. There's no need to do this for ARM64 because the constant can be loaded efficiently with a single MOVZ instruction. So, we add a CPU(ARM64) case to just move the constant into the target register.

assembler/AbortReason.h:
bytecode/AccessCase.cpp:

(JSC::AccessCase::generateWithGuard):

dfg/DFGOSRExit.cpp:

(JSC::DFG::OSRExit::executeOSRExit):
(JSC::DFG::OSRExit::compileExit):

dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::silentFill):
(JSC::DFG::SpeculativeJIT::checkArgumentTypes):
(JSC::DFG::SpeculativeJIT::compileValueToInt32):
(JSC::DFG::SpeculativeJIT::compileDoubleRep):
(JSC::DFG::SpeculativeJIT::getIntTypedArrayStoreOperand):
(JSC::DFG::SpeculativeJIT::speculateMisc):

dfg/DFGSpeculativeJIT.h:

(JSC::DFG::SpeculativeJIT::spill):

dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::fillJSValue):
(JSC::DFG::SpeculativeJIT::nonSpeculativeNonPeepholeCompareNullOrUndefined):
(JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeBranchNullOrUndefined):
(JSC::DFG::SpeculativeJIT::emitCall):
(JSC::DFG::SpeculativeJIT::fillSpeculateBoolean):
(JSC::DFG::SpeculativeJIT::compileObjectStrictEquality):
(JSC::DFG::SpeculativeJIT::compileObjectToObjectOrOtherEquality):
(JSC::DFG::SpeculativeJIT::compilePeepHoleObjectToObjectOrOtherEquality):
(JSC::DFG::SpeculativeJIT::compileInt52Compare):
(JSC::DFG::SpeculativeJIT::compileObjectOrOtherLogicalNot):
(JSC::DFG::SpeculativeJIT::compileLogicalNot):
(JSC::DFG::SpeculativeJIT::emitObjectOrOtherBranch):
(JSC::DFG::SpeculativeJIT::emitBranch):
(JSC::DFG::SpeculativeJIT::compile):
(JSC::DFG::SpeculativeJIT::moveTrueTo):
(JSC::DFG::SpeculativeJIT::moveFalseTo):
(JSC::DFG::SpeculativeJIT::blessBoolean):

ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::lower):
(JSC::FTL::DFG::LowerDFGToB3::compileDoubleRep):
(JSC::FTL::DFG::LowerDFGToB3::compileBooleanToNumber):
(JSC::FTL::DFG::LowerDFGToB3::compileUnaryMathIC):
(JSC::FTL::DFG::LowerDFGToB3::compileBinaryMathIC):
(JSC::FTL::DFG::LowerDFGToB3::compilePutById):
(JSC::FTL::DFG::LowerDFGToB3::compileGetByVal):
(JSC::FTL::DFG::LowerDFGToB3::compileArrayIndexOf):
(JSC::FTL::DFG::LowerDFGToB3::compileGetArgument):
(JSC::FTL::DFG::LowerDFGToB3::compileCallOrConstruct):
(JSC::FTL::DFG::LowerDFGToB3::compileDirectCallOrConstruct):
(JSC::FTL::DFG::LowerDFGToB3::compileTailCall):
(JSC::FTL::DFG::LowerDFGToB3::compileCallOrConstructVarargsSpread):
(JSC::FTL::DFG::LowerDFGToB3::compileCallOrConstructVarargs):
(JSC::FTL::DFG::LowerDFGToB3::compileCallEval):
(JSC::FTL::DFG::LowerDFGToB3::compileInById):
(JSC::FTL::DFG::LowerDFGToB3::compileInstanceOf):
(JSC::FTL::DFG::LowerDFGToB3::compileGetEnumeratorStructurePname):
(JSC::FTL::DFG::LowerDFGToB3::compileGetEnumeratorGenericPname):
(JSC::FTL::DFG::LowerDFGToB3::getById):
(JSC::FTL::DFG::LowerDFGToB3::getByIdWithThis):
(JSC::FTL::DFG::LowerDFGToB3::compileCheckSubClass):
(JSC::FTL::DFG::LowerDFGToB3::compileCallDOMGetter):
(JSC::FTL::DFG::LowerDFGToB3::emitBinarySnippet):
(JSC::FTL::DFG::LowerDFGToB3::emitBinaryBitOpSnippet):
(JSC::FTL::DFG::LowerDFGToB3::emitRightShiftSnippet):
(JSC::FTL::DFG::LowerDFGToB3::equalNullOrUndefined):
(JSC::FTL::DFG::LowerDFGToB3::buildTypeOf):
(JSC::FTL::DFG::LowerDFGToB3::isInt32):
(JSC::FTL::DFG::LowerDFGToB3::isNotInt32):
(JSC::FTL::DFG::LowerDFGToB3::boxInt32):
(JSC::FTL::DFG::LowerDFGToB3::isCellOrMisc):
(JSC::FTL::DFG::LowerDFGToB3::isNotCellOrMisc):
(JSC::FTL::DFG::LowerDFGToB3::unboxDouble):
(JSC::FTL::DFG::LowerDFGToB3::boxDouble):
(JSC::FTL::DFG::LowerDFGToB3::isNotCell):
(JSC::FTL::DFG::LowerDFGToB3::isCell):
(JSC::FTL::DFG::LowerDFGToB3::isNotMisc):
(JSC::FTL::DFG::LowerDFGToB3::isNotBoolean):
(JSC::FTL::DFG::LowerDFGToB3::boxBoolean):
(JSC::FTL::DFG::LowerDFGToB3::isNotOther):
(JSC::FTL::DFG::LowerDFGToB3::isOther):

ftl/FTLOSRExitCompiler.cpp:

(JSC::FTL::reboxAccordingToFormat):
(JSC::FTL::compileStub):

interpreter/CalleeBits.h:

(JSC::CalleeBits::boxWasm):
(JSC::CalleeBits::isWasm const):
(JSC::CalleeBits::asWasmCallee const):

jit/AssemblyHelpers.cpp:

(JSC::AssemblyHelpers::jitAssertIsJSInt32):
(JSC::AssemblyHelpers::jitAssertIsJSNumber):
(JSC::AssemblyHelpers::jitAssertIsJSDouble):
(JSC::AssemblyHelpers::jitAssertIsCell):
(JSC::AssemblyHelpers::jitAssertTagsInPlace):
(JSC::AssemblyHelpers::emitConvertValueToBoolean):

jit/AssemblyHelpers.h:

(JSC::AssemblyHelpers::emitSaveThenMaterializeTagRegisters):
(JSC::AssemblyHelpers::emitRestoreSavedTagRegisters):
(JSC::AssemblyHelpers::emitMaterializeTagCheckRegisters):
(JSC::AssemblyHelpers::branchIfNotCell):
(JSC::AssemblyHelpers::branchIfCell):
(JSC::AssemblyHelpers::branchIfOther):
(JSC::AssemblyHelpers::branchIfNotOther):
(JSC::AssemblyHelpers::branchIfInt32):
(JSC::AssemblyHelpers::branchIfNotInt32):
(JSC::AssemblyHelpers::branchIfNumber):
(JSC::AssemblyHelpers::branchIfNotNumber):
(JSC::AssemblyHelpers::branchIfNotDoubleKnownNotInt32):
(JSC::AssemblyHelpers::branchIfBoolean):
(JSC::AssemblyHelpers::branchIfNotBoolean):
(JSC::AssemblyHelpers::boxDouble):
(JSC::AssemblyHelpers::unboxDoubleWithoutAssertions):
(JSC::AssemblyHelpers::boxInt52):
(JSC::AssemblyHelpers::boxBooleanPayload):
(JSC::AssemblyHelpers::boxInt32):

jit/CallFrameShuffleData.h:
jit/CallFrameShuffler.cpp:

(JSC::CallFrameShuffler::CallFrameShuffler):
(JSC::CallFrameShuffler::dump const):
(JSC::CallFrameShuffler::prepareAny):

jit/CallFrameShuffler.h:

(JSC::CallFrameShuffler::getFreeRegister const):

jit/CallFrameShuffler64.cpp:

(JSC::CallFrameShuffler::emitBox):
(JSC::CallFrameShuffler::tryAcquireNumberTagRegister):
(JSC::CallFrameShuffler::tryAcquireTagTypeNumber): Deleted.

jit/GPRInfo.h:

(JSC::GPRInfo::reservedRegisters):

jit/JITArithmetic.cpp:

(JSC::JIT::emit_compareAndJumpSlow):

jit/JITBitAndGenerator.cpp:

(JSC::JITBitAndGenerator::generateFastPath):

jit/JITBitOrGenerator.cpp:

(JSC::JITBitOrGenerator::generateFastPath):

jit/JITBitXorGenerator.cpp:

(JSC::JITBitXorGenerator::generateFastPath):

jit/JITCall.cpp:

(JSC::JIT::compileTailCall):

jit/JITDivGenerator.cpp:

(JSC::JITDivGenerator::generateFastPath):

jit/JITInlines.h:

(JSC::JIT::emitPatchableJumpIfNotInt):

jit/JITLeftShiftGenerator.cpp:

(JSC::JITLeftShiftGenerator::generateFastPath):

jit/JITMulGenerator.cpp:

(JSC::JITMulGenerator::generateFastPath):

jit/JITOpcodes.cpp:

(JSC::JIT::emit_op_overrides_has_instance):
(JSC::JIT::emit_op_is_undefined):
(JSC::JIT::emit_op_is_undefined_or_null):
(JSC::JIT::emit_op_is_boolean):
(JSC::JIT::emit_op_is_number):
(JSC::JIT::emit_op_is_cell_with_type):
(JSC::JIT::emit_op_is_object):
(JSC::JIT::emit_op_not):
(JSC::JIT::emit_op_jeq_null):
(JSC::JIT::emit_op_jneq_null):
(JSC::JIT::emit_op_jundefined_or_null):
(JSC::JIT::emit_op_jnundefined_or_null):
(JSC::JIT::emit_op_eq_null):
(JSC::JIT::emit_op_neq_null):

jit/JITPropertyAccess.cpp:

(JSC::JIT::emitGenericContiguousPutByVal):
(JSC::JIT::emitFloatTypedArrayPutByVal):

jit/JITRightShiftGenerator.cpp:

(JSC::JITRightShiftGenerator::generateFastPath):

jit/RegisterSet.cpp:

(JSC::RegisterSet::runtimeTagRegisters):
(JSC::RegisterSet::llintBaselineCalleeSaveRegisters):
(JSC::RegisterSet::dfgCalleeSaveRegisters):
(JSC::RegisterSet::ftlCalleeSaveRegisters):

jit/SpecializedThunkJIT.h:

(JSC::SpecializedThunkJIT::returnDouble):
(JSC::SpecializedThunkJIT::tagReturnAsInt32):

jit/ThunkGenerators.cpp:

(JSC::virtualThunkFor):
(JSC::nativeForGenerator):
(JSC::arityFixupGenerator):
(JSC::absThunkGenerator):

llint/LLIntData.cpp:

(JSC::LLInt::Data::performAssertions):

llint/LowLevelInterpreter.asm:
llint/LowLevelInterpreter.cpp:

(JSC::CLoop::execute):

llint/LowLevelInterpreter64.asm:
offlineasm/arm64.rb:
offlineasm/cloop.rb:
offlineasm/x86.rb:
runtime/JSCJSValue.h:
runtime/JSCJSValueInlines.h:

(JSC::JSValue::isUndefinedOrNull const):
(JSC::JSValue::isCell const):
(JSC::JSValue::isInt32 const):
(JSC::JSValue::JSValue):
(JSC::JSValue::asDouble const):
(JSC::JSValue::isNumber const):

wasm/js/WasmToJS.cpp:

(JSC::Wasm::wasmToJS):

wasm/js/WebAssemblyFunction.cpp:

(JSC::WebAssemblyFunction::jsCallEntrypointSlow):

9:11 AM Changeset in webkit [250093] by Brent Fulgham

18 edits
1 copy
2 adds in trunk

Create InjectedBundle SPI to better support NSSecureCoding
https://bugs.webkit.org/show_bug.cgi?id=201810
<rdar://problem/55265713>

The encoding/decoding routines used by WebKit’s InjectedBundles are based on NSCoding.
While we have changed WebKit internals to use NSSecureCoding, there are a number of
injected bundles that need to serialize custom classes between the InjectedBundle and
the relevant WebKit UIProcess.

We need to lock down this communications channel by enforcing NSSecureCoding.

This patch creates new SPI to allow the UIProcess to specify classes that it will accept
in messages from the WebContet Process (and Injected Bundle).

It adds the following property to the WKProcessPoolConfiguration:

@property (nonatomic, copy) NSSet<Class> *customClassesForParameterCoder;

If no custom classes are specified, the standard serialization primitives are supported:

NSArray, NSData, NSDate, NSDictionary, NSNull, NSNumber, NSSet, NSString,
NSTimeZone, NSURL, and NSUUID.

Reviewed by Brady Eidson.

Source/WebKit:

UIProcess/API/APIProcessPoolConfiguration.cpp:

(API::ProcessPoolConfiguration::copy): Copy any custom classes.

UIProcess/API/APIProcessPoolConfiguration.h:
UIProcess/API/C/WKContextConfigurationRef.cpp:

(WKContextConfigurationCopyCustomClassesForParameterCoder): Added.
(WKContextConfigurationSetCustomClassesForParameterCoder): Added.

UIProcess/API/C/WKContextConfigurationRef.h:
UIProcess/API/Cocoa/WKProcessGroup.h:
UIProcess/API/Cocoa/WKProcessGroup.mm:

(toStringVector): Added.
(-[WKProcessGroup initWithInjectedBundleURL:andCustomClassesForParameterCoder:]):

UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView _setInputDelegate:]): Restrict serialization to allowed classes.

UIProcess/API/Cocoa/_WKProcessPoolConfiguration.h:
UIProcess/API/Cocoa/_WKProcessPoolConfiguration.mm:

(-[_WKProcessPoolConfiguration customClassesForParameterCoder]): Added.
(-[_WKProcessPoolConfiguration setCustomClassesForParameterCoder:]): Added.

UIProcess/Cocoa/WebProcessPoolCocoa.mm:

(WebKit::WebProcessPool::platformInitialize): Register any custom classes
provided in the configuraton.
(WebKit::WebProcessPool::initializeClassesForParameterCoding): Added.
(WebKit::WebProcessPool::allowedClassesForParameterCoding const): Added.

UIProcess/WebProcessPool.h:
UIProcess/ios/PageClientImplIOS.mm:

(WebKit::PageClientImpl::elementDidFocus): Restrict serialization to allowed
classes only.

Tools:

TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
TestWebKitAPI/Tests/WebKitCocoa/BundleFormDelegate.mm: Added.

(-[BundleFormDelegateRemoteObject didGetFocus]):
(-[FormInputDelegate _webView:decidePolicyForFocusedElement:]):
(TEST):

TestWebKitAPI/Tests/WebKitCocoa/BundleFormDelegatePlugIn.mm: Added.

(-[BundleFormDelegatePlugIn webProcessPlugIn:didCreateBrowserContextController:]):
(-[BundleFormDelegatePlugIn _webProcessPlugInBrowserContextController:willBeginInputSessionForElement:inFrame:userIsInteracting:]):
(-[BundleFormDelegatePlugIn _webProcessPlugInBrowserContextController:didFocusTextField:inFrame:]):

TestWebKitAPI/Tests/WebKitCocoa/BundleFormDelegateProtocol.h: Copied from Tools/TestWebKitAPI/WKWebViewConfigurationExtras.h.
TestWebKitAPI/Tests/WebKitCocoa/WKProcessPoolConfiguration.mm:

(TEST):

TestWebKitAPI/WKWebViewConfigurationExtras.h:
TestWebKitAPI/WKWebViewConfigurationExtras.mm:

(+[WKWebViewConfiguration _test_configurationWithTestPlugInClassName:configureJSCForTesting:]):
(+[WKWebViewConfiguration _test_configurationWithTestPlugInClassName:configureJSCForTesting:andCustomParameterClasses:]):

8:52 AM Changeset in webkit [250092] by Antti Koivisto

5 edits in trunk/Source/WebCore

Turn static DocumentRuleSets::s_isInvalidatingStyleWithRuleSets assertion bit into a member
https://bugs.webkit.org/show_bug.cgi?id=201985
<rdar://problem/54851871>

Reviewed by Zalan Bujtas.

This assert bit was catching cases that are not dangerous. Turn it into a member to narrow the scope.

css/DocumentRuleSets.cpp:

(WebCore::DocumentRuleSets::~DocumentRuleSets):
(WebCore::DocumentRuleSets::collectFeatures const):
(): Deleted.

css/DocumentRuleSets.h:

(WebCore::DocumentRuleSets::isInvalidatingStyleWithRuleSets):

style/AttributeChangeInvalidation.cpp:

(WebCore::Style::AttributeChangeInvalidation::invalidateStyleWithRuleSets):

style/ClassChangeInvalidation.cpp:

(WebCore::Style::ClassChangeInvalidation::invalidateStyleWithRuleSets):

8:35 AM Changeset in webkit [250091] by Alan Bujtas

4 edits in trunk/Source/WebCore

[LFC] Remove redundant Layout::Box::ElementTypes
https://bugs.webkit.org/show_bug.cgi?id=201963

Reviewed by Antti Koivisto.

These types can be solved through RenderStyle.

layout/layouttree/LayoutBox.cpp:

(WebCore::Layout::Box::isPaddingApplicable const):

layout/layouttree/LayoutBox.h:

(WebCore::Layout::Box::isTableHeader const):
(WebCore::Layout::Box::isTableBody const):
(WebCore::Layout::Box::isTableFooter const):
(WebCore::Layout::Box::isTableRow const):
(WebCore::Layout::Box::isTableColumnGroup const):
(WebCore::Layout::Box::isTableColumn const):
(WebCore::Layout::Box::isTableCell const):

layout/layouttree/LayoutTreeBuilder.cpp:

(WebCore::Layout::TreeBuilder::createLayoutBox):

page/FrameViewLayoutContext.cpp:

(WebCore::layoutUsingFormattingContext):

8:19 AM Changeset in webkit [250090] by magomez@igalia.com

3 edits in trunk/LayoutTests

[WPE][GTK] Gardening after r250087
https://bugs.webkit.org/show_bug.cgi?id=201984

Unreviewed WPE and GTK+ gardening after r250087.

platform/gtk/TestExpectations:
platform/wpe/TestExpectations:

7:58 AM Changeset in webkit [250089] by Alan Bujtas

3 edits in trunk/Source/WebCore

[LFC][IFC] InlineFormattingContext::InlineLayout should not need to call LayoutState::establishedFormattingState
https://bugs.webkit.org/show_bug.cgi?id=201972
<rdar://problem/55505869>

Reviewed by Antti Koivisto.

InlineLayout has access to InlineFormattingContext, so it should just query it instead of calling LayoutState::establishedFormattingState.

layout/inlineformatting/InlineFormattingContext.h:

(WebCore::Layout::InlineFormattingContext::InlineLayout::formattingContext const):
(WebCore::Layout::InlineFormattingContext::InlineLayout::formattingState):

layout/inlineformatting/InlineFormattingContextLineLayout.cpp:

(WebCore::Layout::InlineFormattingContext::InlineLayout::InlineLayout):
(WebCore::Layout::InlineFormattingContext::InlineLayout::layout):
(WebCore::Layout::InlineFormattingContext::InlineLayout::createDisplayRuns):
(WebCore::Layout::InlineFormattingContext::InlineLayout::layout const): Deleted.
(WebCore::Layout::InlineFormattingContext::InlineLayout::createDisplayRuns const): Deleted.

6:25 AM Changeset in webkit [250088] by Alan Bujtas

6 edits in trunk/Source/WebCore

[LFC] FloatingContext should take the root container.
https://bugs.webkit.org/show_bug.cgi?id=201968
<rdar://problem/55505090>

Reviewed by Antti Koivisto.

Now FormattingContext::root() does not need to be public anymore.

layout/FormattingContext.h:

(WebCore::Layout::FormattingContext::root const):

layout/blockformatting/BlockFormattingContext.cpp:

(WebCore::Layout::BlockFormattingContext::layoutInFlowContent):

layout/floats/FloatingContext.cpp:

(WebCore::Layout::FloatingContext::FloatingContext):
(WebCore::Layout::FloatingContext::mapPointFromFormattingContextRootToFloatingStateRoot const):

layout/floats/FloatingContext.h:

(WebCore::Layout::FloatingContext::root const):

layout/inlineformatting/InlineFormattingContextLineLayout.cpp:

(WebCore::Layout::InlineFormattingContext::InlineLayout::layout const):
(WebCore::Layout::InlineFormattingContext::InlineLayout::createDisplayRuns const):

Note: See TracTimeline for information about the timeline view.

Download in other formats:

RSS Feed