Timeline

View changes from
going back days
by author

Repository changesets Wiki changes

Jan 17, 2020:

11:21 PM Changeset in webkit [254793] by Simon Fraser

• 4 edits in trunk/LayoutTests

REGRESSION (r252205?): [ Mac wk2 ] tiled-drawing/scrolling/fast-scroll-select-latched-mainframe-with-handler.html became very flaky
​https://bugs.webkit.org/show_bug.cgi?id=206296

Reviewed by Ryosuke Niwa.

Attempt to de-flake this test. It was using js-test-pre/post, but not jsTestIsAsync/finishJSTest(), and seemed to sometimes
dump testPassed() a second even after notifyDone() was called. The <pre> is made fixed size so that the length of the layer
tree dump doesn't change the layer sizes.

Also clean it up to remove unused CSS and script.

• platform/mac-wk2/TestExpectations:
• tiled-drawing/scrolling/fast-scroll-select-latched-mainframe-with-handler-expected.txt:
• tiled-drawing/scrolling/fast-scroll-select-latched-mainframe-with-handler.html:

11:09 PM Changeset in webkit [254792] by commit-queue@webkit.org

• 2 edits in trunk/LayoutTests

[GTK] Gardening mouse cursor style change tests
​https://bugs.webkit.org/show_bug.cgi?id=206455

Unreviewed gardening.

Patch by Lauro Moura <Lauro Moura> on 2020-01-17

• platform/gtk/TestExpectations:

10:56 PM Changeset in webkit [254791] by commit-queue@webkit.org

• 2 edits in trunk/LayoutTests

[GTK] Garden webrtc b/f cache tests
​https://bugs.webkit.org/show_bug.cgi?id=206465

Unreviewed gardening.

Patch by Lauro Moura <Lauro Moura> on 2020-01-17

• platform/gtk/TestExpectations:

9:49 PM Changeset in webkit [254790] by cathiechen

• 46 edits
  5 adds in trunk

Add support for scroll behavior parsing
​https://bugs.webkit.org/show_bug.cgi?id=205009

Reviewed by Frédéric Wang.

Based on the patch by Frédéric Wang.

LayoutTests/imported/w3c:

• web-platform-tests/css/cssom-view/inheritance-expected.txt:
• web-platform-tests/css/cssom-view/inheritance.html:
• web-platform-tests/css/cssom-view/parsing/scroll-behavior-computed-expected.txt:
• web-platform-tests/css/cssom-view/parsing/scroll-behavior-computed.html:
• web-platform-tests/css/cssom-view/parsing/scroll-behavior-valid-expected.txt:
• web-platform-tests/css/cssom-view/parsing/scroll-behavior-valid.html:

Source/WebCore:

Add support for parsing scroll-behavior css property and ScrollOptions.

Tests: LayoutTests/imported/w3c/web-platform-tests/css/cssom-view/inheritance.html

LayoutTests/web-platform-tests/css/cssom-view/parsing/scroll-behavior-computed.html
LayoutTests/web-platform-tests/css/cssom-view/parsing/scroll-behavior-valid.html

• CMakeLists.txt: Add IDL files for ScrollOptions and ScrollBehavior.
• DerivedSources.make:
• Headers.cmake: Add headers for ScrollBehavor and ScrollOptions.
• Sources.txt: Add ScrollBehavor and ScrollOptions implementation.
• WebCore.xcodeproj/project.pbxproj: Add files to the build system.
• css/CSSComputedStyleDeclaration.cpp: Handle scroll-behavior.

(WebCore::ComputedStyleExtractor::valueForPropertyInStyle):

• css/CSSProperties.json: Add scroll-behavior.
• css/CSSValueKeywords.in: Add keywords for scroll-behavior.
• css/parser/CSSParserContext.cpp: Add runtime config for scroll-behavior.

(WebCore::CSSParserContext::CSSParserContext):
(WebCore::operator==):

• css/parser/CSSParserContext.h: Ditto.

(WebCore::CSSParserContextHash::hash):

• css/parser/CSSParserFastPaths.cpp: Remove scroll-behavior templates. It is handled in the slow path since property can be disabled.

(WebCore::CSSParserFastPaths::isValidKeywordPropertyAndValue):
(WebCore::CSSParserFastPaths::isKeywordPropertyID):

• css/parser/CSSPropertyParser.cpp:

(WebCore::consumeScrollBehavior):
(WebCore::CSSPropertyParser::parseSingleValue): Parse scroll-behavior (only if enabled).

• page/ScrollBehavior.cpp: Added.

(WebCore::useSmoothScrolling): Helper funciton to determine the scroll behavior to apply to an element from the CSS and DOM behavior.

• page/ScrollBehavior.h: Added.
• page/ScrollBehavior.idl: Added.
• page/ScrollIntoViewOptions.h: Make this class inherits from ScrollOption. Also remove unnecessary forward declaration.
• page/ScrollIntoViewOptions.idl: Make this class inherits from ScrollOption.
• page/ScrollOptions.h: Added.
• page/ScrollOptions.idl: Added.
• page/ScrollToOptions.h: Make this struct inherits from ScrollOptions.

(WebCore::ScrollToOptions::ScrollToOptions):
(WebCore::normalizeNonFiniteCoordinatesOrFallBackTo): Copy the current ScrollToOptions so that the scroll behavior is preserved.

• page/ScrollToOptions.idl: Make this class inherit from ScrollOptions.
• page/Settings.yaml: New setting for CSSOM View smooth scrolling.
• rendering/style/RenderStyle.h: Handle 'smooth scrolling' boolean data.

(WebCore::RenderStyle::useSmoothScrolling const):
(WebCore::RenderStyle::setUseSmoothScrolling):
(WebCore::RenderStyle::initialUseSmoothScrolling):

• rendering/style/StyleRareNonInheritedData.cpp:

(WebCore::StyleRareNonInheritedData::StyleRareNonInheritedData):
(WebCore::StyleRareNonInheritedData::operator== const):

• rendering/style/StyleRareNonInheritedData.h:
• style/StyleBuilderConverter.h:

(WebCore::Style::BuilderConverter::convertSmoothScrolling):

Source/WebKit:

Add CSSOM smooth scrolling as an experimental feature.

• Shared/WebPreferences.yaml:

Source/WebKitLegacy/mac:

Add run time flag for CSSOMViewSmoothScrolling.

• WebView/WebPreferenceKeysPrivate.h: Handle CSSOMViewSmoothScrolling by.
• WebView/WebPreferences.mm:

([WebPreferences initialize]): Disable CSSOMViewSmoothScrolling by default.
(-[WebPreferences CSSOMViewSmoothScrollingEnabled]): Getter.
(-[WebPreferences setCSSOMViewSmoothScrollingEnabled:]): Setter.

• WebView/WebPreferencesPrivate.h:
• WebView/WebView.mm:

(-[WebView _preferencesChanged:]):

Source/WebKitLegacy/win:

• Interfaces/IWebPreferencesPrivate.idl: Handle smooth scrolling option.
• WebPreferenceKeysPrivate.h: Ditto.
• WebPreferences.cpp: Ditto.

(WebPreferences::initializeDefaultSettings):
(WebPreferences::CSSOMViewSmoothScrollingEnabled):
(WebPreferences::setCSSOMViewSmoothScrollingEnabled):

• WebPreferences.h: Ditto.
• WebView.cpp: Ditto.

(WebView::notifyPreferencesChanged):

Tools:

• DumpRenderTree/TestOptions.cpp:

(TestOptions::TestOptions): Parse CSSOMViewSmoothScrollingEnabled.

• DumpRenderTree/TestOptions.h: Add CSSOMViewSmoothScrollingEnabled, disabled by default.
• DumpRenderTree/mac/DumpRenderTree.mm:

(enableExperimentalFeatures):
(setWebPreferencesForTestOptions): Set CSSOMViewSmoothScrollingEnabled from the test options.

9:42 PM Changeset in webkit [254789] by rniwa@webkit.org

• 2 edits in trunk/Source/WebCore

iOS: Prepare deploying Ref/RefPtr in touch event code
​https://bugs.webkit.org/show_bug.cgi?id=206466

Reviewed by Wenson Hsieh.

Introduce a new variant of dispatchTouchEvent, which takes EventTargetTouchArrayMap that uses
Ref<EventTarget> as keys instead of raw pointers to EventTarget as is the case in EventTargetTouchMap.

• page/EventHandler.h:

(WebCore::EventHandler::EventTargetTouchArrayMap): Added.
(WebCore::EventHandler::dispatchTouchEvent): Added the declaration for new variant.

7:24 PM Changeset in webkit [254788] by sbarati@apple.com

• 5 edits
  1 add in trunk

Air O0 should have better stack allocation
​https://bugs.webkit.org/show_bug.cgi?id=206436

Reviewed by Tadeu Zagallo.

JSTests:

• wasm/stress/dont-stack-overflow-in-air.js: Added.

Source/JavaScriptCore:

This patch adds a simple stack slot allocator to Air O0 to make code
use smaller stack frames. The huge stack frames from the old stack
allocator were leading to stack overflows in some programs. Before,
each Tmp got its own stack slot. The new allocator works similar to O0's
register allocator. This stack allocator linearizes the program and uses live
range end as an opportunity to place the stack slot on a free list of
available stack slots. This patch also fixes an issue in our linearization code
where the head of a block and the tail of another block would share the
same linearization index. This didn't matter for register allocation, but
does matter for the stack allocator. So "live at head", and "live at tail"
now get their own linearization index.

• b3/air/AirAllocateRegistersAndStackAndGenerateCode.cpp:

(JSC::B3::Air::GenerateAndAllocateRegisters::buildLiveRanges):
(JSC::B3::Air::GenerateAndAllocateRegisters::prepareForGeneration):
(JSC::B3::Air::GenerateAndAllocateRegisters::generate):

• b3/air/AirAllocateRegistersAndStackAndGenerateCode.h:
• b3/air/AirLiveness.h:

6:49 PM Changeset in webkit [254787] by ddkilzer@apple.com

• 3 edits in trunk/Source/JavaScriptCore

[JSC] Add missing header guards
<​https://webkit.org/b/206448>

Reviewed by Mark Lam.

• heap/IsoHeapCellType.h:
• wasm/WasmFaultSignalHandler.h:
• Add #pragma once header guard.

6:22 PM Changeset in webkit [254786] by Simon Fraser

• 5 edits in trunk

Tools:
fast/forms/ios/zoom-after-input-tap-wide-input.html is timing out
​https://bugs.webkit.org/show_bug.cgi?id=206313

Reviewed by Wenson Hsieh.

The timeout was caused by the previous test, fast/forms/ios/validation-bubble-dismiss-on-tap.html,
which puts up a validation bubble whose implementation involves showing a modal UIViewController.
That view controller disappears with an animation, which happened after we're proceeded to the next
test, and the overlay view could intercept touches thus breaking any subsequent touch-based test.

Fix by having platformResetStateToConsistentValues() wait for the presentedViewController to
go to nil, which requires spinning the runloop.

platformResetStateToConsistentValues() will return false if we fail to remove the presented view controller,
which will trigger a timeout with a log.

• WebKitTestRunner/TestController.cpp:

(WTR::TestController::resetStateToConsistentValues):
(WTR::TestController::platformResetStateToConsistentValues):

• WebKitTestRunner/TestController.h:
• WebKitTestRunner/cocoa/TestControllerCocoa.mm:

(WTR::TestController::cocoaResetStateToConsistentValues):

• WebKitTestRunner/ios/TestControllerIOS.mm:

(WTR::TestController::platformResetStateToConsistentValues):

• WebKitTestRunner/mac/TestControllerMac.mm:

(WTR::TestController::platformResetStateToConsistentValues):

LayoutTests:
Some iOS tests using UIHelper.dragFromPointToPoint() are flakey
​https://bugs.webkit.org/show_bug.cgi?id=206441

Reviewed by Wenson Hsieh.

Unskip tests.

• platform/ios-wk2/TestExpectations:
• platform/ios/TestExpectations:

6:13 PM Changeset in webkit [254785] by Megan Gardner

• 16 edits in trunk

Use Visible Position to calculate Positions for highlights
​https://bugs.webkit.org/show_bug.cgi?id=206314

Reviewed by Ryosuke Niwa.

Source/WebCore:

When after layout is complete create a VisibleSelection from and highlight StaticRanges which
don't have position data yet. This will make sure that the information is availble when
rendering, as Visible Positions and Visible Selections cannot be made while rendering.
Also, add the ability to make a VisibleSelection from a Static Range to simplify the code.

Updated Test:

• LayoutTests/http/wpt/css/css-highlight-api/highlight-text-across-elements.html:
• LayoutTests/http/wpt/css/css-highlight-api/highlight-text-cascade.html:
• LayoutTests/http/wpt/css/css-highlight-api/highlight-text-replace.html:
• LayoutTests/http/wpt/css/css-highlight-api/highlight-text.html:

• Modules/highlight/HighlightRangeGroup.cpp:

(WebCore::HighlightRangeGroup::HighlightRangeGroup):
(WebCore::HighlightRangeGroup::create):
(WebCore::HighlightRangeGroup::initializeSetLike):
(WebCore::HighlightRangeGroup::removeFromSetLike):
(WebCore::HighlightRangeGroup::clearFromSetLike):
(WebCore::HighlightRangeGroup::addToSetLike):

• Modules/highlight/HighlightRangeGroup.h:

(WebCore::HighlightRangeData::create):
(WebCore::HighlightRangeData::HighlightRangeData):
(WebCore::HighlightRangeGroup::rangesData const):
(WebCore::HighlightRangeGroup::ranges const): Deleted.

• Modules/highlight/HighlightRangeGroup.idl:
• editing/VisibleSelection.cpp:

(WebCore::VisibleSelection::create):

• editing/VisibleSelection.h:
• rendering/InlineTextBox.cpp:

(WebCore::InlineTextBox::collectMarkedTextsForHighlights const):

• rendering/SelectionRangeData.cpp:

(WebCore::SelectionRangeData::selectionStateForRenderer):

LayoutTests:

• highlight/resources/highlight-frame.html:
• http/wpt/css/css-highlight-api/highlight-text-across-elements.html:
• http/wpt/css/css-highlight-api/highlight-text-cascade.html:
• http/wpt/css/css-highlight-api/highlight-text-replace.html:
• http/wpt/css/css-highlight-api/highlight-text.html:

6:00 PM Changeset in webkit [254784] by Peng Liu

• 3 edits in trunk/Source/WebKit

Fix a build failure related to the feature flag (GPU_PROCESS)
​https://bugs.webkit.org/show_bug.cgi?id=206453

Reviewed by Eric Carlson.

No new tests - no added or changed functionality.

• GPUProcess/media/RemoteMediaPlayerManagerProxy.messages.in:
• GPUProcess/media/RemoteMediaPlayerProxy.messages.in:

5:00 PM Changeset in webkit [254783] by mark.lam@apple.com

• 3 edits
  1 add in trunk

JSModuleLoader's printableModuleKey() should never throw.
​https://bugs.webkit.org/show_bug.cgi?id=206461
<rdar://problem/58696678>

Reviewed by Michael Saboff.

JSTests:

• stress/printableModuleKey-should-never-throw.js: Added.

Source/JavaScriptCore:

Hence, it should be using a CatchScope instead of a ThrowScope.

• runtime/JSModuleLoader.cpp:

(JSC::printableModuleKey):

4:48 PM Changeset in webkit [254782] by commit-queue@webkit.org

• 3 edits
  2 adds in trunk

AX: Unable to use AccessibilityObject::replaceTextInRange to insert text at first time when the text fields are empty
​https://bugs.webkit.org/show_bug.cgi?id=206093
<rdar://problem/58491448>

Patch by Canhai Chen <​canhai_chen@apple.com> on 2020-01-17
Reviewed by Chris Fleizach.

Source/WebCore:

When we are trying to insert text in an empty text field with (0, 0) range, the frame selection will create a
new VisibleSelection in FrameSelection::setSelectedRange, and the container node that this new VisibleSelection
returns is the parent node of the text field element, which could be a HTMLDivElement or HTMLBodyElement.
Because the container node is not editable, it failed to insert text in Editor::replaceSelectionWithText later.

Return nullptr if the range is (0, 0) and the text length is 0 in AccessibilityObject::rangeForPlainTextRange,
so that when the frame selection is trying to setSelectedRange before replacing text, instead of creating an
uneditable VisibleSelection, it will just return and later in Editor::replaceSelectionWithText, it will use
the default VisibleSelection, of which the container node is an editable TextControlInnerTextElement.

This change does not affect the existing behaviors of text replacement. Add a new test for text replacement
with empty range in editable div, text input, and textarea.

Test: accessibility/mac/replace-text-with-empty-range.html

• accessibility/AccessibilityObject.cpp:

(WebCore::AccessibilityObject::rangeForPlainTextRange const):

LayoutTests:

Test text replacement with empty range in editable div, text input, and textarea.

• accessibility/mac/replace-text-with-empty-range-expected.txt: Added.
• accessibility/mac/replace-text-with-empty-range.html: Added.

4:43 PM Changeset in webkit [254781] by basuke.suzuki@sony.com

• 49 edits in trunk/Source/bmalloc

[bmalloc] Define alias for std::lock_guard and std::unique_lock for better readability
​https://bugs.webkit.org/show_bug.cgi?id=206443

Reviewed by Yusuke Suzuki.

There are two types of lock holder in bmalloc: std::lock_guard and std::unique_lock. Their names are relatively long
and a bit harder to distinguish them each other. Define simple type name for them, LockHolder and UniqueLockHolder.

• bmalloc/AllIsoHeaps.cpp:

(bmalloc::AllIsoHeaps::AllIsoHeaps):
(bmalloc::AllIsoHeaps::add):
(bmalloc::AllIsoHeaps::head):

• bmalloc/AllIsoHeaps.h:
• bmalloc/Allocator.cpp:

(bmalloc::Allocator::reallocateImpl):
(bmalloc::Allocator::refillAllocatorSlowCase):
(bmalloc::Allocator::allocateLarge):

• bmalloc/CryptoRandom.cpp:

(bmalloc::ARC4RandomNumberGenerator::ARC4RandomNumberGenerator):
(bmalloc::ARC4RandomNumberGenerator::randomValues):

• bmalloc/Deallocator.cpp:

(bmalloc::Deallocator::scavenge):
(bmalloc::Deallocator::processObjectLog):
(bmalloc::Deallocator::deallocateSlowCase):

• bmalloc/Deallocator.h:

(bmalloc::Deallocator::lineCache):

• bmalloc/DebugHeap.cpp:

(bmalloc::DebugHeap::DebugHeap):
(bmalloc::DebugHeap::memalignLarge):
(bmalloc::DebugHeap::freeLarge):

• bmalloc/DebugHeap.h:
• bmalloc/DeferredTrigger.h:
• bmalloc/DeferredTriggerInlines.h:

(bmalloc::DeferredTrigger<trigger>::didBecome):
(bmalloc::DeferredTrigger<trigger>::handleDeferral):

• bmalloc/Environment.cpp:

(bmalloc::Environment::Environment):

• bmalloc/Environment.h:
• bmalloc/Gigacage.cpp:

(bmalloc::PrimitiveDisableCallbacks::PrimitiveDisableCallbacks):
(Gigacage::disablePrimitiveGigacage):
(Gigacage::addPrimitiveDisableCallback):
(Gigacage::removePrimitiveDisableCallback):

• bmalloc/Heap.cpp:

(bmalloc::Heap::Heap):
(bmalloc::Heap::freeableMemory):
(bmalloc::Heap::markAllLargeAsEligibile):
(bmalloc::Heap::decommitLargeRange):
(bmalloc::Heap::scavenge):
(bmalloc::Heap::scavengeToHighWatermark):
(bmalloc::Heap::deallocateLineCache):
(bmalloc::Heap::allocateSmallChunk):
(bmalloc::Heap::allocateSmallPage):
(bmalloc::Heap::deallocateSmallLine):
(bmalloc::Heap::allocateSmallBumpRangesByMetadata):
(bmalloc::Heap::allocateSmallBumpRangesByObject):
(bmalloc::Heap::splitAndAllocate):
(bmalloc::Heap::allocateLarge):
(bmalloc::Heap::isLarge):
(bmalloc::Heap::largeSize):
(bmalloc::Heap::shrinkLarge):
(bmalloc::Heap::deallocateLarge):
(bmalloc::Heap::externalCommit):
(bmalloc::Heap::externalDecommit):

• bmalloc/Heap.h:

(bmalloc::Heap::allocateSmallBumpRanges):
(bmalloc::Heap::derefSmallLine):

• bmalloc/HeapConstants.cpp:

(bmalloc::HeapConstants::HeapConstants):

• bmalloc/HeapConstants.h:
• bmalloc/IsoAllocatorInlines.h:

(bmalloc::IsoAllocator<Config>::allocateSlow):
(bmalloc::IsoAllocator<Config>::scavenge):

• bmalloc/IsoDeallocatorInlines.h:

(bmalloc::IsoDeallocator<Config>::deallocate):
(bmalloc::IsoDeallocator<Config>::scavenge):

• bmalloc/IsoDirectory.h:
• bmalloc/IsoDirectoryInlines.h:

(bmalloc::passedNumPages>::takeFirstEligible):
(bmalloc::passedNumPages>::didBecome):
(bmalloc::passedNumPages>::didDecommit):
(bmalloc::passedNumPages>::scavengePage):
(bmalloc::passedNumPages>::scavenge):
(bmalloc::passedNumPages>::scavengeToHighWatermark):
(bmalloc::passedNumPages>::forEachCommittedPage):

• bmalloc/IsoHeapImpl.h:
• bmalloc/IsoHeapImplInlines.h:

(bmalloc::IsoHeapImpl<Config>::takeFirstEligible):
(bmalloc::IsoHeapImpl<Config>::didBecomeEligibleOrDecommited):
(bmalloc::IsoHeapImpl<Config>::scavenge):
(bmalloc::IsoHeapImpl<Config>::scavengeToHighWatermark):
(bmalloc::IsoHeapImpl<Config>::numLiveObjects):
(bmalloc::IsoHeapImpl<Config>::numCommittedPages):
(bmalloc::IsoHeapImpl<Config>::forEachDirectory):
(bmalloc::IsoHeapImpl<Config>::forEachCommittedPage):
(bmalloc::IsoHeapImpl<Config>::forEachLiveObject):
(bmalloc::IsoHeapImpl<Config>::allocateFromShared):

• bmalloc/IsoPage.h:
• bmalloc/IsoPageInlines.h:

(bmalloc::IsoPage<Config>::free):
(bmalloc::IsoPage<Config>::startAllocating):
(bmalloc::IsoPage<Config>::stopAllocating):
(bmalloc::IsoPage<Config>::forEachLiveObject):

• bmalloc/IsoSharedHeap.h:

(bmalloc::IsoSharedHeap::IsoSharedHeap):

• bmalloc/IsoSharedHeapInlines.h:

(bmalloc::IsoSharedHeap::allocateNew):
(bmalloc::IsoSharedHeap::allocateSlow):

• bmalloc/IsoSharedPage.h:
• bmalloc/IsoSharedPageInlines.h:

(bmalloc::IsoSharedPage::free):
(bmalloc::IsoSharedPage::startAllocating):
(bmalloc::IsoSharedPage::stopAllocating):

• bmalloc/IsoTLSDeallocatorEntry.h:
• bmalloc/IsoTLSDeallocatorEntryInlines.h:

(bmalloc::IsoTLSDeallocatorEntry<Config>::IsoTLSDeallocatorEntry):

• bmalloc/IsoTLSInlines.h:

(bmalloc::IsoTLS::ensureHeap):

• bmalloc/IsoTLSLayout.cpp:

(bmalloc::IsoTLSLayout::IsoTLSLayout):
(bmalloc::IsoTLSLayout::add):

• bmalloc/IsoTLSLayout.h:
• bmalloc/Mutex.h:

(bmalloc::sleep):
(bmalloc::waitUntilFalse):

• bmalloc/ObjectType.cpp:

(bmalloc::objectType):

• bmalloc/PerProcess.cpp:

(bmalloc::getPerProcessData):

• bmalloc/PerProcess.h:

(bmalloc::PerProcess::getSlowCase):

• bmalloc/Scavenger.cpp:

(bmalloc::Scavenger::Scavenger):
(bmalloc::Scavenger::run):
(bmalloc::Scavenger::runSoon):
(bmalloc::Scavenger::scheduleIfUnderMemoryPressure):
(bmalloc::Scavenger::schedule):
(bmalloc::Scavenger::timeSinceLastFullScavenge):
(bmalloc::Scavenger::timeSinceLastPartialScavenge):
(bmalloc::Scavenger::scavenge):
(bmalloc::Scavenger::partialScavenge):
(bmalloc::Scavenger::freeableMemory):
(bmalloc::Scavenger::threadRunLoop):

• bmalloc/Scavenger.h:
• bmalloc/SmallLine.h:

(bmalloc::SmallLine::refCount):
(bmalloc::SmallLine::ref):
(bmalloc::SmallLine::deref):

• bmalloc/SmallPage.h:

(bmalloc::SmallPage::refCount):
(bmalloc::SmallPage::hasFreeLines const):
(bmalloc::SmallPage::setHasFreeLines):
(bmalloc::SmallPage::ref):
(bmalloc::SmallPage::deref):

• bmalloc/StaticPerProcess.h:
• bmalloc/VMHeap.cpp:

(bmalloc::VMHeap::VMHeap):

• bmalloc/VMHeap.h:
• bmalloc/Zone.cpp:

(bmalloc::Zone::Zone):

• bmalloc/Zone.h:
• bmalloc/bmalloc.cpp:

(bmalloc::api::tryLargeZeroedMemalignVirtual):
(bmalloc::api::freeLargeVirtual):
(bmalloc::api::setScavengerThreadQOSClass):

4:42 PM Changeset in webkit [254780] by Alan Bujtas

• 3 edits in trunk/Source/WebCore

[LFC][IFC] Do not construct a dedicated run for the trailing (fully) collapsed whitespace.
​https://bugs.webkit.org/show_bug.cgi?id=206428
<rdar://problem/58687058>

Reviewed by Antti Koivisto.

This patch reduces the final run count on a line from 2 to 1 in the common cases where the line ends in a collapsed trailing whitespace.
~3% progression on PerformanceTests/Layout/line-layout-simple.html.

• layout/inlineformatting/InlineFormattingContextQuirks.cpp:

(WebCore::Layout::InlineFormattingContext::Quirks::lineDescentNeedsCollapsing const):

• layout/inlineformatting/InlineLineBuilder.cpp:

(WebCore::Layout::LineBuilder::ContinuousContent::isEligible const):
(WebCore::Layout::LineBuilder::ContinuousContent::expand):
(WebCore::Layout::LineBuilder::close):
(WebCore::Layout::LineBuilder::alignContentVertically):
(WebCore::Layout::LineBuilder::runContentHeight const):
(WebCore::Layout::LineBuilder::CollapsibleContent::collapse):
(WebCore::Layout::LineBuilder::ContinuousContent::append): Deleted.

4:41 PM Changeset in webkit [254779] by Matt Lewis

• 5 edits
  3 deletes in trunk/Source/WebCore

Unreviewed, rolling out r254564.

This caused internal test crashes.

Reverted changeset:

"Introduce an abstract SampleBufferDisplayLayer"
​https://bugs.webkit.org/show_bug.cgi?id=206066
​https://trac.webkit.org/changeset/254564

4:40 PM Changeset in webkit [254778] by Matt Lewis

• 26 edits
  13 deletes in trunk/Source

Unreviewed, rolling out r254688.

This caused internal test crashes.

Reverted changeset:

"Add support for MediaStream video track rendering in
GPUProcess"
​https://bugs.webkit.org/show_bug.cgi?id=206286
​https://trac.webkit.org/changeset/254688

4:32 PM Changeset in webkit [254777] by aakash_jain@apple.com

• 3 edits in trunk/Tools

[EWS] Print disk space usage for windows bots
​https://bugs.webkit.org/show_bug.cgi?id=206421

Reviewed by Jonathan Bedard.

• BuildSlaveSupport/ews-build/steps.py:

(PrintConfiguration): Windows bot use cygwin, so df command works.

4:30 PM Changeset in webkit [254776] by Alan Coon

• 3 edits
  4 deletes in branches/safari-608.5.7.3-branch

Revert "Cherry-pick r254349. rdar://problem/58529694"

This reverts commit r254451.

4:27 PM Changeset in webkit [254775] by Alan Coon

• 3 edits
  4 deletes in branches/safari-608-branch

Revert "Cherry-pick r254349. rdar://problem/58529693"

This reverts commit 254443.

4:26 PM Changeset in webkit [254774] by aakash_jain@apple.com

• 2 edits in trunk/Tools

[ews] Perform validation of patch before running layout-tests on Windows
​https://bugs.webkit.org/show_bug.cgi?id=206424

Reviewed by Jonathan Bedard.

• BuildSlaveSupport/ews-build/factories.py:

4:16 PM Changeset in webkit [254773] by Nikita Vasilyev

• 3 edits in trunk/Source/WebInspectorUI

Web Inspector: Unchecking Enable Preview Features on Engineering and Preview builds does not affect WI.arePreviewFeaturesEnabled()
​https://bugs.webkit.org/show_bug.cgi?id=204026

Reviewed by Brian Burg.

Make WI.arePreviewFeaturesEnabled() return false when Enable Preview Features is unchecked.

• UserInterface/Base/Setting.js:

(WI.canShowPreviewFeatures):
(WI.arePreviewFeaturesEnabled):
(WI.isTechnologyPreviewBuild): Deleted.
(WI.canShowPreviewFeatures): Added.

• UserInterface/Views/SettingsTabContentView.js:

3:57 PM Changeset in webkit [254772] by commit-queue@webkit.org

• 2 edits in trunk/Source/WebCore

Don't call CFURLRequestSetShouldStartSynchronously from Catalyst WebKit
​https://bugs.webkit.org/show_bug.cgi?id=206446
<rdar://problem/57382980>

Patch by Alex Christensen <​achristensen@webkit.org> on 2020-01-17
Reviewed by Tim Horton.

We call it sometimes on iOS but Catalyst WebKit uses macOS CFNetwork, which doesn't like starting synchronously.

• platform/network/mac/ResourceHandleMac.mm:

(WebCore::ResourceHandle::createNSURLConnection):

3:37 PM Changeset in webkit [254771] by Alan Coon

• 5 edits in branches/safari-609-branch

Re-apply patch. rdar://problem/58353217

This reverts commit r254768.

3:36 PM Changeset in webkit [254770] by Alan Coon

• 1 edit in branches/safari-609-branch/Source/WebKit/GPUProcess/media/RemoteMediaPlayerManagerProxy.messages.in

Unreviewed build fix. rdar://problem/58353217

3:35 PM Changeset in webkit [254769] by dbates@webkit.org

• 2 edits in trunk/Source/WebKit

[iOS] ASSERTION FAILED: ASSERT_NOT_REACHED() in selectionChangedWithTouch(WKContentView*, WebCore::IntPoint const&, unsigned int, unsigned int, WebKit::CallbackBase::Error)
​https://bugs.webkit.org/show_bug.cgi?id=206427

Reviewed by Wenson Hsieh.

Remove ASSERT_NOT_REACHED() usage in callbacks selectionChangedWithTouch() and selectionChangedWithGesture().
These callbacks can handle being- and should expect to sometimes be- invoked with a non-None error value.
In particular, if the WebProcess crashes then these callbacks will be invoked with error CallbackBase::Error::ProcessExited.

• UIProcess/ios/WKContentViewInteraction.mm:

(selectionChangedWithGesture): Remove ASSERT_NOT_REACHED() when an error occurs. This
function is capable of handling this error.
(selectionChangedWithTouch): Ditto.

3:02 PM Changeset in webkit [254768] by Alan Coon

• 5 edits in branches/safari-609-branch

Revert "Apply patch. rdar://problem/58353217"

This reverts commit r254665.

2:31 PM Changeset in webkit [254767] by eric.carlson@apple.com

• 5 edits in trunk/Source/WebCore

REGRESSION (r254483): media/track/track-cues-sorted-before-dispatch.html became very flaky
​https://bugs.webkit.org/show_bug.cgi?id=206225
<rdar://problem/58634315>

Reviewed by Jer Noble.

The list of text track cues that are to fire events are sorted before events are
fired. Cue were being sorted by track, then by start time, and then by end time.
This meant that the sort order of two cues in the same track with identical start
and end times was not stable, causing this test to be flaky. The spec says to sort
by a cue's position in the track cue list when start and end times are identical,
so do that.

No new tests, this fixes a flaky test.

• html/track/TextTrackCue.cpp:

(WebCore::TextTrackCue::cueIndex const):
(WebCore::TextTrackCue::isOrderedBefore const):

• html/track/TextTrackCue.h:
• html/track/TextTrackCueList.cpp:

(WebCore::cueSortsBefore):
(WebCore::TextTrackCueList::cueIndex const):
(WebCore::TextTrackCueList::add):
(WebCore::TextTrackCueList::updateCueIndex):
(WebCore::compareCues): Deleted.

• html/track/TextTrackCueList.h:

2:07 PM Changeset in webkit [254766] by Andres Gonzalez

• 8 edits
  2 moves in trunk/Source/WebCore

Rename AXIsolatedTreeNode.cpp/h to match AXIsolatedObject class name.
​https://bugs.webkit.org/show_bug.cgi?id=206434

Reviewed by Chris Fleizach.

File renaming to match AXIsolatedObject class name.

• Headers.cmake:
• Sources.txt:
• WebCore.xcodeproj/project.pbxproj:
• accessibility/AXObjectCache.cpp:
• accessibility/isolatedtree/AXIsolatedObject.cpp: Renamed from Source/WebCore/accessibility/isolatedtree/AXIsolatedTreeNode.cpp.
• accessibility/isolatedtree/AXIsolatedObject.h: Renamed from Source/WebCore/accessibility/isolatedtree/AXIsolatedTreeNode.h.
• accessibility/isolatedtree/AXIsolatedTree.cpp:
• accessibility/isolatedtree/AXIsolatedTree.h:
• accessibility/mac/AXObjectCacheMac.mm:

1:57 PM Changeset in webkit [254765] by Megan Gardner

• 2 edits in trunk/Tools

Fix assertion when test fast/events/ios/rotation/basic-rotation.html is followed by fast/events/ios/rotation/do-not-shrink-to-fit-content-after-rotation.html
​https://bugs.webkit.org/show_bug.cgi?id=206383
<rdar://problem/58618513>

Reviewed by Tim Horton.

Rotation tests are asserting because _didEndRotation is being called multiple times.
The call is at the end of viewWillTransitionToSize, which is called with the same
size that the view already is. Therefore, if no size is changing, early out,
which keeps this double call from happening.

• WebKitTestRunner/ios/PlatformWebViewIOS.mm:

(-[PlatformWebViewController viewWillTransitionToSize:withTransitionCoordinator:]):

1:43 PM Changeset in webkit [254764] by ysuzuki@apple.com

• 2 edits in trunk/Source/bmalloc

[bmalloc] Fix IsoHeapImpl's assertion introduced in r254708
​https://bugs.webkit.org/show_bug.cgi?id=206440
<rdar://problem/58688794>

Reviewed by Mark Lam.

The assertion introduced in r254708 was wrong.
Fixing it to check the invariant we actually want to ensure.
This fixes TestWTF crash in Debug build.

• bmalloc/IsoHeapImplInlines.h:

(bmalloc::IsoHeapImpl<Config>::takeFirstEligible):

1:10 PM Changeset in webkit [254763] by Alan Coon

• 7 edits in branches/safari-609-branch/Source/WebKit

Cherry-pick r254433. rdar://problem/58686757

[macCatalyst] UI process crashes on launch after r254101
​https://bugs.webkit.org/show_bug.cgi?id=206156
<rdar://problem/58514942>

Reviewed by Brent Fulgham.

Fixes the crash by not soft-linking BackBoardServices in an attempt to invoke BKSDisplayBrightnessGetCurrent on
macCatalyst. Prior to r254101, this was only defined on iOS and not watchOS or tvOS; after this change, it
should be defined only on iOS, watchOS and tvOS.

• UIProcess/Cocoa/WebProcessPoolCocoa.mm: (WebKit::WebProcessPool::registerNotificationObservers):
• UIProcess/WebProcessPool.cpp: (WebKit::WebProcessPool::initializeNewWebProcess):
• UIProcess/WebProcessPool.h:
• WebProcess/WebProcess.h:
• WebProcess/WebProcess.messages.in:
• WebProcess/cocoa/WebProcessCocoa.mm:

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254433 268f45cc-cd09-0410-ab3c-d52691b4dbfc

1:06 PM Changeset in webkit [254762] by Jonathan Bedard

• 2 edits in trunk/Tools

Python 3: Add support to run-webkit-tests (Follow-up fix)
​https://bugs.webkit.org/show_bug.cgi?id=205291

Unreviewed follow-up fix.

• Scripts/webkitpy/common/unicode_compatibility.py:

(decode_for): Handle case where provided value is None.

1:03 PM Changeset in webkit [254761] by jer.noble@apple.com

• 5 edits
  2 adds in trunk

[MSE] Decode glitches when watching videos on CNN.com
​https://bugs.webkit.org/show_bug.cgi?id=206412
<rdar://problem/55685630>

Reviewed by Xabier Rodriguez-Calvar.

Source/WebCore:

Test: media/media-source/media-source-samples-out-of-order.html

The "Coded frame processing" algorithm has a known shortcoming <​https://github.com/w3c/media-source/issues/187>
when dealing appends of with "SAP Type 2" content, or in general terms, appending data where the resulting samples
have presentation times that do not increase monotonically. When this occurs, the ordering of samples in presentation
time will be different from the ordering of samples in decode time. The decoder requires samples to be enqueued in
decode time order, but the MSE specification only checks for overlapping samples in presentation time order. During
appends of out-of-order samples, this can lead to new samples being inserted between a previously appended sample and
the sample on which that sample depends.

To resolve this, add a new step in the implementation of the "coded frame processing" algorithm in
SourceBuffer::sourceBufferPrivateDidReceiveSample(). When the incoming frame is a sync sample, search forward
in the TrackBuffer for all previous samples in between the new sync sample, and the next sync sample. All the
samples found in this step would fail to decode correctly if enqueued after the new (possibly different resolution)
sync sample, so they are removed in this step.

• Modules/mediasource/SampleMap.cpp:

(WebCore::DecodeOrderSampleMap::findSampleAfterDecodeKey):

• Modules/mediasource/SampleMap.h:
• Modules/mediasource/SourceBuffer.cpp:

(WebCore::SourceBuffer::sourceBufferPrivateDidReceiveSample):

LayoutTests:

• media/media-source/media-source-samples-out-of-order-expected.txt: Added.
• media/media-source/media-source-samples-out-of-order.html: Added.

12:38 PM Changeset in webkit [254760] by Justin Michaud

• 12 edits in trunk/Source/JavaScriptCore

Separate storage of Structure::m_offset into transition and max offset
​https://bugs.webkit.org/show_bug.cgi?id=206365

Reviewed by Saam Barati.

Right now, deleteProperty/removePropertyTransition causes a structure transition to uncacheable dictionary. Other transitions
assume that the transition offset (m_offset) is monotonically increasing. In order to support structure transitions for deletion that
do not involve turning into a dictionary (<​https://bugs.webkit.org/show_bug.cgi?id=206430>), we first need to separate the transition
offset (the offset of the property that was added/deleted) from the maximum offset.

For example, suppose we have the following operations:

Structure 1 (pinned property table, transitionOffset = _, maxOffset = 2): x y z (delete y, assuming that deletion transitions have been added)
Structure 2 (transitionOffset = 1, maxOffset = 2): x _ z (add w)
Structure 3 (transitionOffset = 1, maxOffset = 2): x w z

Note that without splitting the two, Structures 2/3 would be impossible to represent.

This change:

We split the existing Structure::m_offset into two 16-bit fields, transitionOffset and maxOffset, and put them in 32-bit rare data fields if they overflow. We also rename _inPrevious fields to
transition_ and lastOffset to maxOffset to make the code more clear.

• runtime/ClonedArguments.cpp:

(JSC::ClonedArguments::createStructure):

• runtime/JSObject.cpp:

(JSC::JSObject::markAuxiliaryAndVisitOutOfLineProperties):
(JSC::JSObject::visitButterflyImpl):

• runtime/JSObject.h:
• runtime/JSObjectInlines.h:

(JSC::JSObject::prepareToPutDirectWithoutTransition):

• runtime/ObjectInitializationScope.cpp:

(JSC::ObjectInitializationScope::verifyPropertiesAreInitialized):

• runtime/PropertyOffset.h:

(JSC::numberOfOutOfLineSlotsForMaxOffset):
(JSC::numberOfSlotsForMaxOffset):
(JSC::numberOfOutOfLineSlotsForLastOffset): Deleted.
(JSC::numberOfSlotsForLastOffset): Deleted.

• runtime/Structure.cpp:

(JSC::StructureTransitionTable::contains const):
(JSC::StructureTransitionTable::get const):
(JSC::StructureTransitionTable::add):
(JSC::Structure::Structure):
(JSC::Structure::create):
(JSC::Structure::materializePropertyTable):
(JSC::Structure::addPropertyTransitionToExistingStructureImpl):
(JSC::Structure::addNewPropertyTransition):
(JSC::Structure::changePrototypeTransition):
(JSC::Structure::attributeChangeTransition):
(JSC::Structure::toDictionaryTransition):
(JSC::Structure::nonPropertyTransitionSlow):
(JSC::Structure::flattenDictionaryStructure):
(JSC::Structure::pin):
(JSC::Structure::pinForCaching):
(JSC::Structure::add):

• runtime/Structure.h:
• runtime/StructureInlines.h:

(JSC::Structure::forEachPropertyConcurrently):
(JSC::Structure::checkOffsetConsistency const):
(JSC::Structure::add):

• runtime/StructureRareData.cpp:

(JSC::StructureRareData::StructureRareData):

• runtime/StructureRareData.h:

12:37 PM Changeset in webkit [254759] by Brent Fulgham

• 3 edits in trunk/Source/WebKit

[iOS] Remove the IOHIDEventServiceFastPathUserClient IOKit class
​https://bugs.webkit.org/show_bug.cgi?id=206387
<rdar://problem/58663849>

Reviewed by Per Arne Vollan.

After Bug 204770, we no longer interact with the device motion or geolocation systems inside
the WebContent process. Testing and telemetry shows that we no longer access the
IOHIDEventServiceFastPathUserClient, and so should remove access to it.

No new tests because there is no change in behavior.

• Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:

12:26 PM Changeset in webkit [254758] by commit-queue@webkit.org

• 2 edits
  1 add in trunk/LayoutTests

REGRESSION: [iOS 13] svg/custom/glyph-selection-arabic-forms.svg is failing
​https://bugs.webkit.org/show_bug.cgi?id=201901

Patch by Said Abou-Hallawa <​sabouhallawa@apple.com> on 2020-01-17
Reviewed by Simon Fraser.

Create a new test expectation for iOS for this test.

• platform/ios/TestExpectations:
• platform/ios/svg/custom/glyph-selection-arabic-forms-expected.txt: Added.

12:21 PM Changeset in webkit [254757] by Alexey Shvayka

• 4 edits in trunk

JSON.parse should lookup prototype chains during revival
​https://bugs.webkit.org/show_bug.cgi?id=205769

Reviewed by Saam Barati.

JSTests:

• test262/expectations.yaml: Mark 4 test cases as passing.

Source/JavaScriptCore:

This patch makes JSON.parse use Get? instead of GetOwnProperty? during revival,
aligning JSC with the spec (step 1 of ​https://tc39.es/ecma262/#sec-internalizejsonproperty),
SpiderMonkey, and V8.

User-provided reviver can delete properties that are not yet inspected by itself,
making usage GetOwnProperty? non-compliant to the spec.

• runtime/JSONObject.cpp:

(JSC::Walker::walk):

12:06 PM Changeset in webkit [254756] by beidson@apple.com

• 5 edits in trunk

TestWebKitAPI.AsyncFunction.Promise times out on slower machines in debug builds.
<rdar://problem/58445164> and ​https://bugs.webkit.org/show_bug.cgi?id=206012

Reviewed by Keith Miller.

Source/WebKit:

For existing API test.

• UIProcess/API/Cocoa/WKProcessPool.mm:

(-[WKProcessPool _garbageCollectJavaScriptObjectsForTesting]):

• UIProcess/API/Cocoa/WKProcessPoolPrivate.h:

Tools:

Previously, to force GC, over 30,000 function calls would be made.
This was too slow on slower machines in debug builds. It eventually would've worked given enough time, but...
It turns just a few hundred function calls with an API call to force GC seems reliable and is much faster.

• TestWebKitAPI/Tests/WebKitCocoa/AsyncFunction.mm:

(TestWebKitAPI::TEST):
(TestWebKitAPI::tryGCPromise): Deleted.

10:59 AM Changeset in webkit [254755] by dbates@webkit.org

• 2 edits in trunk/Source/WebKit

[iOS] Focusing editable element with WebPage::selectPositionAtPoint() does not bring up keyboard
​https://bugs.webkit.org/show_bug.cgi?id=206385
<rdar://problem/57414380>

Reviewed by Wenson Hsieh.

Update the view's state to indicate that the user is performing an interaction for the scope of
WebPage::selectPositionAtPoint(). This permits WebKit to show the keyboard if selecting the
position causes a change in focus (say, the point is inside an unfocused text field).

We likely should do a similar change for all other WebKit IPIs that perform a WebCore::EUserTriggered::UserTriggered
tagged selection change though the callers should be audited to ensure they weren't accidentally
depending on the existing behavior that prevents such selections from bringing up the keyboard.
For now, I only fix WebPage::selectPositionAtPoint() as I've audited that all callers expect it
to bring up the keyboard, if needed.

• WebProcess/WebPage/ios/WebPageIOS.mm:

(WebKit::WebPage::selectPositionAtPoint):

10:52 AM Changeset in webkit [254754] by Antti Koivisto

• 5 edits in trunk/Source/WebCore

[LFC][IFC] Use Optional for partialLeading/TrailingTextItem
​https://bugs.webkit.org/show_bug.cgi?id=206423

Reviewed by Zalan Bujtas.

Remove the remaining InlineItem heap allocation.

• layout/inlineformatting/InlineItem.h:
• layout/inlineformatting/InlineTextItem.cpp:

(WebCore::Layout::InlineTextItem::left const): Deleted.
(WebCore::Layout::InlineTextItem::right const): Deleted.

• layout/inlineformatting/InlineTextItem.h:

Constructor can now be private.

(WebCore::Layout::InlineTextItem::left const):
(WebCore::Layout::InlineTextItem::right const):

• layout/inlineformatting/LineLayoutContext.h:

10:45 AM Changeset in webkit [254753] by Chris Dumez

• 6 edits in trunk/Source/WebCore

Drop dead code related to local storage prewarming
​https://bugs.webkit.org/show_bug.cgi?id=206418

Reviewed by Sam Weinig.

Drop dead code related to local storage prewarming. Sihui neutered it in <​https://trac.webkit.org/changeset/248734>
but did not remove the code.

• loader/DocumentLoader.cpp:

(WebCore::DocumentLoader::commitData):

• page/DOMWindow.cpp:

(WebCore::DOMWindow::prewarmLocalStorageIfNecessary): Deleted.

• page/DOMWindow.h:
• page/Frame.cpp:

(WebCore::Frame::didPrewarmLocalStorage): Deleted.
(WebCore::Frame::mayPrewarmLocalStorage const): Deleted.

• page/Frame.h:

10:22 AM Changeset in webkit [254752] by Diego Pino Garcia

• 3 edits in trunk/LayoutTests

[GTK][WPE] Mark several WPT fetch tests as failure
​https://bugs.webkit.org/show_bug.cgi?id=206417

Unreviewed gardening.

• platform/gtk/TestExpectations:
• platform/wpe/TestExpectations:

10:09 AM Changeset in webkit [254751] by Adrian Perez de Castro

• 4 edits in trunk/Source

Fix various non-unified build issues introduced since r254327
​https://bugs.webkit.org/show_bug.cgi?id=206356

Reviewed by Chris Dumez.

Source/WebCore:

No new tests needed.

• html/LinkRelAttribute.h: Add missing inclusion of wtf/Markable.h

Source/WebKit:

• WebProcess/WebCoreSupport/gtk/WebContextMenuClientGtk.cpp:

(WebKit::WebContextMenuClient::insertEmoji): Add missing namespace to WebCore::Frame parameter.

8:24 AM Changeset in webkit [254750] by Alan Bujtas

• 8 edits in trunk/Source/WebCore

[LFC][IFC] Optimize LineBuilder::appendTextContent for the most common inline content
​https://bugs.webkit.org/show_bug.cgi?id=206397
<rdar://problem/58671338>

Reviewed by Antti Koivisto.

~2% progression on PerformanceTests/Layout/line-layout-simple.html.

• layout/inlineformatting/InlineLineBuilder.cpp:

(WebCore::Layout::LineBuilder::LineBuilder):
(WebCore::Layout::shouldPreserveLeadingContent):
(WebCore::Layout::LineBuilder::appendTextContent):
(WebCore::Layout::LineBuilder::appendLineBreak):
(WebCore::Layout::LineBuilder::InlineItemRun::InlineItemRun):

• layout/inlineformatting/InlineLineBuilder.h:

(WebCore::Layout::LineBuilder::InlineItemRun::setIsCollapsed): Deleted.

• layout/inlineformatting/InlineTextItem.cpp:

(WebCore::Layout::InlineTextItem::InlineTextItem):

• layout/inlineformatting/InlineTextItem.h:

(WebCore::Layout::InlineTextItem::isCollapsible const):

• layout/inlineformatting/text/TextUtil.cpp:

(WebCore::Layout::TextUtil::shouldPreserveTrailingWhitespace): Deleted.

• layout/inlineformatting/text/TextUtil.h:

(WebCore::Layout::TextUtil::shouldPreserveTrailingWhitespace):

8:16 AM Changeset in webkit [254749] by Antti Koivisto

• 10 edits in trunk/Source/WebCore

[LFC][IFC] Allocate InlineItems in a vector
​https://bugs.webkit.org/show_bug.cgi?id=206411

Reviewed by Zalan Bujtas.

Even the largest InlineItem (InlineTextItem) is small (fits to 24 bytes), and they are allocated
in large numbers (one per word and per whitespace typically). Reduce heap allocations by turning
InlineItem into a fixed size type.

The InlineItem vector is immutable during layout so pointer to items can still be safely used.

• layout/inlineformatting/InlineFormattingContext.cpp:

(WebCore::Layout::InlineFormattingContext::collectInlineContentIfNeeded):

• layout/inlineformatting/InlineFormattingState.h:

(WebCore::Layout::InlineFormattingState::addInlineItem):

• layout/inlineformatting/InlineItem.cpp:

(WebCore::Layout::InlineItem::InlineItem): Deleted.

• layout/inlineformatting/InlineItem.h:

(WebCore::Layout::InlineItem::layoutBox const):
(WebCore::Layout::InlineItem::style const):
(WebCore::Layout::InlineItem::InlineItem):

Gather members from the subclasses as protected fields.

• layout/inlineformatting/InlineSoftLineBreakItem.h:

Move the field to the base class.

(WebCore::Layout::InlineSoftLineBreakItem::position const):
(WebCore::Layout::InlineSoftLineBreakItem::createSoftLineBreakItem):
(WebCore::Layout::InlineSoftLineBreakItem::InlineSoftLineBreakItem):
(): Deleted.

• layout/inlineformatting/InlineTextItem.cpp:

(WebCore::Layout::InlineTextItem::createWhitespaceItem): Deleted.
(WebCore::Layout::InlineTextItem::createNonWhitespaceItem): Deleted.
(WebCore::Layout::InlineTextItem::createEmptyItem): Deleted.
(WebCore::Layout::InlineTextItem::InlineTextItem): Deleted.

• layout/inlineformatting/InlineTextItem.h:

Move the fields to the base class.

(WebCore::Layout::InlineTextItem::start const):
(WebCore::Layout::InlineTextItem::width const):

Place width optional into a separate bit and a value as this allows better packing of members.

(WebCore::Layout::InlineTextItem::createWhitespaceItem):
(WebCore::Layout::InlineTextItem::createNonWhitespaceItem):
(WebCore::Layout::InlineTextItem::createEmptyItem):
(WebCore::Layout::InlineTextItem::InlineTextItem):

Inline construction functions.

(): Deleted.

• layout/inlineformatting/LineLayoutContext.cpp:

(WebCore::Layout::nextWrapOpportunity):
(WebCore::Layout::LineCandidateContent::appendFloat):

Use a raw pointer instead of a WeakPtr. InlineItems are immuttable during layout.

(WebCore::Layout::LineLayoutContext::close):
(WebCore::Layout::LineLayoutContext::nextContentForLine):

• layout/inlineformatting/LineLayoutContext.h:

8:14 AM Changeset in webkit [254748] by Caio Lima

• 2 edits in trunk/Source/JavaScriptCore

Bytecode checkpoints break 32bit tests
​https://bugs.webkit.org/show_bug.cgi?id=206404

Unreviewed.

• llint/LowLevelInterpreter32_64.asm:

Reverting change introduced by r254735 that makes 32-bit codes crash
when calling into LLInt slow path.

8:04 AM Changeset in webkit [254747] by Diego Pino Garcia

• 3 edits
  19 adds in trunk/LayoutTests

[GTK][WPE] Update baselines for several CSS tests
​https://bugs.webkit.org/show_bug.cgi?id=206410

Unreviewed gardening.

• platform/gtk/TestExpectations:
• platform/gtk/imported/w3c/web-platform-tests/css/css-position/position-absolute-in-inline-002-expected.txt: Added.
• platform/gtk/imported/w3c/web-platform-tests/css/css-values/line-break-ch-unit-expected.txt: Added.
• platform/gtk/imported/w3c/web-platform-tests/css/css-values/minmax-angle-computed-expected.txt: Added.
• platform/gtk/imported/w3c/web-platform-tests/css/css-values/minmax-length-computed-expected.txt: Added.
• platform/gtk/imported/w3c/web-platform-tests/css/css-values/minmax-length-percent-computed-expected.txt: Added.
• platform/wpe/TestExpectations:
• platform/wpe/imported/w3c/web-platform-tests/css/css-position/position-absolute-in-inline-002-expected.txt: Added.
• platform/wpe/imported/w3c/web-platform-tests/css/css-sizing/button-min-width-expected.txt: Added.
• platform/wpe/imported/w3c/web-platform-tests/css/css-transitions/before-load-001-expected.txt: Added.
• platform/wpe/imported/w3c/web-platform-tests/css/css-transitions/properties-value-auto-001-expected.txt: Added.
• platform/wpe/imported/w3c/web-platform-tests/css/css-values/line-break-ch-unit-expected.txt: Added.
• platform/wpe/imported/w3c/web-platform-tests/css/css-values/minmax-angle-computed-expected.txt: Added.
• platform/wpe/imported/w3c/web-platform-tests/css/css-values/minmax-length-computed-expected.txt: Added.
• platform/wpe/imported/w3c/web-platform-tests/css/css-values/minmax-length-percent-computed-expected.txt: Added.

8:00 AM Changeset in webkit [254746] by Fujii Hironori

• 2 edits in trunk/Source/WebKit

[WinCairo][WK2] ASSERT(isUIThread()) is failing since r254723
​https://bugs.webkit.org/show_bug.cgi?id=206394

Reviewed by Carlos Alberto Lopez Perez.

AtomString::init() should be called after
WTF::initializeThreading() is called on Windows because it has
ASSERT(isUIThread()) and Windows doesn't have a API to get main
thread handle like pthread_main_np.

• Shared/WebKit2Initialize.cpp:

(WebKit::InitializeWebKit2): Call AtomString::init() after JSC::initializeThreading().

7:56 AM Changeset in webkit [254745] by Chris Dumez

• 2 edits in trunk/Source/WebKit

IPC hardening for WebPasteboardProxy::SetPasteboardBufferForType message
​https://bugs.webkit.org/show_bug.cgi?id=206381

Reviewed by Anders Carlsson.

IPC hardening for WebPasteboardProxy::SetPasteboardBufferForType message. Make sure that the Strings passed over IPC are not
null and that the SharedBuffer returned by SharedBuffer::map() is not null.

• UIProcess/Cocoa/WebPasteboardProxyCocoa.mm:

(WebKit::WebPasteboardProxy::setPasteboardBufferForType):

7:17 AM Changeset in webkit [254744] by Diego Pino Garcia

• 7 edits
  5 adds in trunk/LayoutTests

[GTK] Update baselines for SVG tests
​https://bugs.webkit.org/show_bug.cgi?id=206406

Unreviewed gardening.

• platform/gtk/imported/w3c/web-platform-tests/svg/geometry/parsing/height-computed-expected.txt: Added.
• platform/gtk/imported/w3c/web-platform-tests/svg/geometry/parsing/width-computed-expected.txt: Added.
• platform/gtk/imported/w3c/web-platform-tests/svg/path/distance/pathLength-positive-expected.txt:
• platform/gtk/imported/w3c/web-platform-tests/svg/path/distance/pathLength-positive-percentage-expected.txt:
• platform/gtk/imported/w3c/web-platform-tests/svg/path/distance/pathLength-zero-expected.txt:
• platform/gtk/imported/w3c/web-platform-tests/svg/path/distance/pathLength-zero-percentage-expected.txt:
• platform/gtk/imported/w3c/web-platform-tests/svg/shapes/reftests/pathlength-003-expected.txt:
• platform/gtk/imported/w3c/web-platform-tests/svg/shapes/scripted/disabled-shapes-not-hit-expected.txt: Added.
• platform/gtk/imported/w3c/web-platform-tests/svg/text/reftests/textpath-shape-001-expected.txt:

7:03 AM Changeset in webkit [254743] by Alan Bujtas

• 2 edits in trunk/Source/WebCore

[LFC][IFC] Optimize nextWrapOpportunity/isAtSoftWrapOpportunity for the most common inline content
​https://bugs.webkit.org/show_bug.cgi?id=206395
<rdar://problem/58670070>

Reviewed by Antti Koivisto.

~2% progression on PerformanceTests/Layout/line-layout-simple.html.

• layout/inlineformatting/LineLayoutContext.cpp:

(WebCore::Layout::isAtSoftWrapOpportunity):
(WebCore::Layout::nextWrapOpportunity):

6:00 AM Changeset in webkit [254742] by Carlos Garcia Campos

• 2 edits in trunk/Source/WebKit

[GTK][WPE] Composition underline color is not applied
​https://bugs.webkit.org/show_bug.cgi?id=206353

Reviewed by Sergio Villar Senin.

CompositionUnderline::compositionUnderlineColor is not encoded/decoded in IPC messages, so the web process
always uses CompositionUnderlineColor::TextColor ignoring the given color.

• Shared/WebCoreArgumentCoders.cpp:

(IPC::ArgumentCoder<CompositionUnderline>::encode): Encode compositionUnderlineColor.
(IPC::ArgumentCoder<CompositionUnderline>::decode): Decode compositionUnderlineColor.

3:59 AM Changeset in webkit [254741] by clopez@igalia.com

• 5 edits in trunk/Source/WebCore

[GTK] Turn off antialiasing when rendering with Ahem (v2)
​https://bugs.webkit.org/show_bug.cgi?id=204671

Reviewed by Carlos Garcia Campos.

Fix leak caused by r254567 where a RefPtr its created from a FcPattern without adoptRef().
Meanwhile at it, also change defaultFontconfigOptions() to return a RefPtr,
because after r254567 we always modify the pattern.
Change also the FontPlatformData() constructor to take an rvalue reference,
and some of its callers to move the RefPtr, avoiding extra not needed
reference increments/decrements.

Covered by existing tests.

• platform/graphics/FontPlatformData.h:
• platform/graphics/freetype/FontCacheFreeType.cpp:

(WebCore::FontCache::systemFallbackForCharacters):
(WebCore::FontCache::createFontPlatformData):

• platform/graphics/freetype/FontCustomPlatformDataFreeType.cpp:

(WebCore::defaultFontconfigOptions):
(WebCore::FontCustomPlatformData::fontPlatformData):

• platform/graphics/freetype/FontPlatformDataFreeType.cpp:

(WebCore::FontPlatformData::FontPlatformData):

2:04 AM Changeset in webkit [254740] by commit-queue@webkit.org

• 2 edits in trunk/LayoutTests

[GTK] Gardening websockets close-on-x tests
​https://bugs.webkit.org/show_bug.cgi?id=206393

Unreviewed gardening.

Patch by Lauro Moura <Lauro Moura> on 2020-01-17

• platform/gtk/TestExpectations:

Jan 16, 2020:

11:32 PM Changeset in webkit [254739] by ysuzuki@apple.com

• 11 edits in trunk/Source/WebCore

Compact sizeof(HTMLAnchorElement) and sizeof(HTMLLinkElement)
​https://bugs.webkit.org/show_bug.cgi?id=206343

Reviewed by Ryosuke Niwa.

Data from Membuster is saying that HTMLAnchorElement is relatively frequently allocated
element (1252 elements are kept) while sizeof(HTMLAnchorElement) is not optimized well.
We also found that HTMLLinkElement is too large while it has so many paddings and opportunities
to optimize it. This patch shrinks them.

We also found that SharedStringHashHash's upper 32bit is always zero, and nobody is using this
effectively. We make it 32bit.

No behavior change.

• html/HTMLAnchorElement.h:
• html/HTMLLinkElement.cpp:

(WebCore::HTMLLinkElement::HTMLLinkElement):
(WebCore::HTMLLinkElement::process):

• html/HTMLLinkElement.h:
• html/LinkIconCollector.h:
• html/LinkIconType.h:
• html/LinkRelAttribute.cpp:

(WebCore::LinkRelAttribute::LinkRelAttribute):

• html/LinkRelAttribute.h:

(): Deleted.

• page/Page.h:
• page/VisitedLinkStore.h:
• platform/SharedStringHash.h:

(WebCore::SharedStringHashHash::avoidDeletedValue): Deleted.

11:16 PM Changeset in webkit [254738] by rmorisset@apple.com

• 5 edits
  1 add in trunk

[ESNext] Enables a way to throw an error on ByteCodeGenerator step
​https://bugs.webkit.org/show_bug.cgi?id=180139

Reviewed by Mark Lam.

JSTests:

• stress/eval-huge-big-int-memory-overflow.js: Added.

Source/JavaScriptCore:

This is a minimal fix that only deals with overly huge BigInts.
A more thorough solution is rather low priority (since it has neither securities nor performance impact).

• bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::addBigIntConstant):

• bytecompiler/NodesCodegen.cpp:

(JSC::ConstantNode::emitBytecode):

• runtime/JSBigInt.cpp:

(JSC::JSBigInt::parseInt):

10:59 PM Changeset in webkit [254737] by zandobersek@gmail.com

• 2 edits
  4 moves in trunk/Source/WebKit

Unreviewed. Move the common WebKitOptionMenu GLib API implementation
parts out from the GTK-specific directory and under UIProcess/API/glib/.

• SourcesGTK.txt:
• UIProcess/API/glib/WebKitOptionMenu.cpp: Copied from Source/WebKit/UIProcess/API/gtk/WebKitOptionMenu.cpp.
• UIProcess/API/glib/WebKitOptionMenuItem.cpp: Copied from Source/WebKit/UIProcess/API/gtk/WebKitOptionMenuItem.cpp.
• UIProcess/API/glib/WebKitOptionMenuItemPrivate.h: Copied from Source/WebKit/UIProcess/API/gtk/WebKitOptionMenuItemPrivate.h.
• UIProcess/API/glib/WebKitOptionMenuPrivate.h: Copied from Source/WebKit/UIProcess/API/gtk/WebKitOptionMenuPrivate.h.
• UIProcess/API/gtk/WebKitOptionMenu.cpp: Removed.
• UIProcess/API/gtk/WebKitOptionMenuItem.cpp: Removed.
• UIProcess/API/gtk/WebKitOptionMenuItemPrivate.h: Removed.
• UIProcess/API/gtk/WebKitOptionMenuPrivate.h: Removed.

8:52 PM Changeset in webkit [254736] by Alan Bujtas

• 3 edits in trunk/Source/WebCore

[LFC][IFC] Optimize LineLayoutContext::tryAddingInlineItems for the most common inline content
​https://bugs.webkit.org/show_bug.cgi?id=206372
<rdar://problem/58657525>

Reviewed by Simon Fraser.

~4% progression on PerformanceTests/Layout/line-layout-simple.html.

• layout/inlineformatting/LineLayoutContext.cpp:

(WebCore::Layout::endsWithSoftWrapOpportunity):
(WebCore::Layout::isAtSoftWrapOpportunity):
(WebCore::Layout::nextWrapOpportunity):
(WebCore::Layout::LineCandidateContent::appendInlineContent):
(WebCore::Layout::LineCandidateContent::reset):
(WebCore::Layout::LineLayoutContext::tryAddingInlineItems):
(WebCore::Layout::LineLayoutContext::commitPartialContent):
(WebCore::Layout::LineLayoutContext::commitContent): Deleted.

• layout/inlineformatting/LineLayoutContext.h:

8:09 PM Changeset in webkit [254735] by keith_miller@apple.com

• 185 edits
  2 copies
  5 adds in trunk

Reland bytecode checkpoints since bugs have been fixed
​https://bugs.webkit.org/show_bug.cgi?id=206361

Unreviewed, reland.

The watch bugs have been fixed by ​https://trac.webkit.org/changeset/254674

JSTests:

• stress/apply-osr-exit-should-get-length-once-exceptions-occasionally.js: Added.

(expectedArgCount):
(callee):
(test):
(let.array.get length):

• stress/apply-osr-exit-should-get-length-once.js: Added.

(expectedArgCount):
(callee):
(test):
(let.array.get length):

• stress/load-varargs-then-inlined-call-and-exit-strict.js:

(checkEqual):

• stress/recursive-tail-call-with-different-argument-count.js:
• stress/rest-varargs-osr-exit-to-checkpoint.js: Added.

(foo):
(bar):

Source/JavaScriptCore:

• CMakeLists.txt:
• DerivedSources-input.xcfilelist:
• JavaScriptCore.xcodeproj/project.pbxproj:
• assembler/MacroAssemblerCodeRef.h:
• assembler/ProbeFrame.h:

(JSC::Probe::Frame::operand):
(JSC::Probe::Frame::setOperand):

• b3/testb3.h:

(populateWithInterestingValues):
(floatingPointOperands):

• bytecode/AccessCase.cpp:

(JSC::AccessCase::generateImpl):

• bytecode/AccessCaseSnippetParams.cpp:

(JSC::SlowPathCallGeneratorWithArguments::generateImpl):

• bytecode/BytecodeDumper.cpp:

(JSC::BytecodeDumperBase::dumpValue):
(JSC::BytecodeDumper<Block>::registerName const):
(JSC::BytecodeDumper<Block>::constantName const):
(JSC::Wasm::BytecodeDumper::constantName const):

• bytecode/BytecodeDumper.h:
• bytecode/BytecodeIndex.cpp:

(JSC::BytecodeIndex::dump const):

• bytecode/BytecodeIndex.h:

(JSC::BytecodeIndex::BytecodeIndex):
(JSC::BytecodeIndex::offset const):
(JSC::BytecodeIndex::checkpoint const):
(JSC::BytecodeIndex::asBits const):
(JSC::BytecodeIndex::hash const):
(JSC::BytecodeIndex::operator bool const):
(JSC::BytecodeIndex::pack):
(JSC::BytecodeIndex::fromBits):

• bytecode/BytecodeList.rb:
• bytecode/BytecodeLivenessAnalysis.cpp:

(JSC::enumValuesEqualAsIntegral):
(JSC::tmpLivenessForCheckpoint):

• bytecode/BytecodeLivenessAnalysis.h:
• bytecode/BytecodeLivenessAnalysisInlines.h:

(JSC::virtualRegisterIsAlwaysLive):
(JSC::virtualRegisterThatIsNotAlwaysLiveIsLive):
(JSC::virtualRegisterIsLive):
(JSC::operandIsAlwaysLive): Deleted.
(JSC::operandThatIsNotAlwaysLiveIsLive): Deleted.
(JSC::operandIsLive): Deleted.

• bytecode/CodeBlock.cpp:

(JSC::CodeBlock::finishCreation):
(JSC::CodeBlock::bytecodeIndexForExit const):
(JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeIndexSlow):
(JSC::CodeBlock::updateAllValueProfilePredictionsAndCountLiveness):

• bytecode/CodeBlock.h:

(JSC::CodeBlock::numTmps const):
(JSC::CodeBlock::isKnownNotImmediate):
(JSC::CodeBlock::isTemporaryRegister):
(JSC::CodeBlock::constantRegister):
(JSC::CodeBlock::getConstant const):
(JSC::CodeBlock::constantSourceCodeRepresentation const):
(JSC::CodeBlock::replaceConstant):
(JSC::CodeBlock::isTemporaryRegisterIndex): Deleted.
(JSC::CodeBlock::isConstantRegisterIndex): Deleted.

• bytecode/CodeOrigin.h:
• bytecode/FullBytecodeLiveness.h:

(JSC::FullBytecodeLiveness::virtualRegisterIsLive const):
(JSC::FullBytecodeLiveness::operandIsLive const): Deleted.

• bytecode/InlineCallFrame.h:

(JSC::InlineCallFrame::InlineCallFrame):
(JSC::InlineCallFrame::setTmpOffset):
(JSC::CodeOrigin::walkUpInlineStack const):
(JSC::CodeOrigin::inlineStackContainsActiveCheckpoint const):
(JSC::remapOperand):
(JSC::unmapOperand):
(JSC::CodeOrigin::walkUpInlineStack): Deleted.

• bytecode/LazyOperandValueProfile.h:

(JSC::LazyOperandValueProfileKey::LazyOperandValueProfileKey):
(JSC::LazyOperandValueProfileKey::hash const):
(JSC::LazyOperandValueProfileKey::operand const):

• bytecode/MethodOfGettingAValueProfile.cpp:

(JSC::MethodOfGettingAValueProfile::fromLazyOperand):
(JSC::MethodOfGettingAValueProfile::emitReportValue const):
(JSC::MethodOfGettingAValueProfile::reportValue):

• bytecode/MethodOfGettingAValueProfile.h:
• bytecode/Operands.h:

(JSC::Operand::Operand):
(JSC::Operand::tmp):
(JSC::Operand::kind const):
(JSC::Operand::value const):
(JSC::Operand::virtualRegister const):
(JSC::Operand::asBits const):
(JSC::Operand::isTmp const):
(JSC::Operand::isArgument const):
(JSC::Operand::isLocal const):
(JSC::Operand::isHeader const):
(JSC::Operand::isConstant const):
(JSC::Operand::toArgument const):
(JSC::Operand::toLocal const):
(JSC::Operand::operator== const):
(JSC::Operand::isValid const):
(JSC::Operand::fromBits):
(JSC::Operands::Operands):
(JSC::Operands::numberOfLocals const):
(JSC::Operands::numberOfTmps const):
(JSC::Operands::tmpIndex const):
(JSC::Operands::argumentIndex const):
(JSC::Operands::localIndex const):
(JSC::Operands::tmp):
(JSC::Operands::tmp const):
(JSC::Operands::argument):
(JSC::Operands::argument const):
(JSC::Operands::local):
(JSC::Operands::local const):
(JSC::Operands::sizeFor const):
(JSC::Operands::atFor):
(JSC::Operands::atFor const):
(JSC::Operands::ensureLocals):
(JSC::Operands::ensureTmps):
(JSC::Operands::getForOperandIndex):
(JSC::Operands::getForOperandIndex const):
(JSC::Operands::operandIndex const):
(JSC::Operands::operand):
(JSC::Operands::operand const):
(JSC::Operands::hasOperand const):
(JSC::Operands::setOperand):
(JSC::Operands::at const):
(JSC::Operands::at):
(JSC::Operands::operator[] const):
(JSC::Operands::operator[]):
(JSC::Operands::operandForIndex const):
(JSC::Operands::operator== const):
(JSC::Operands::isArgument const): Deleted.
(JSC::Operands::isLocal const): Deleted.
(JSC::Operands::virtualRegisterForIndex const): Deleted.
(JSC::Operands::setOperandFirstTime): Deleted.

• bytecode/OperandsInlines.h:

(JSC::Operand::dump const):
(JSC::Operands<T>::dumpInContext const):
(JSC::Operands<T>::dump const):

• bytecode/UnlinkedCodeBlock.cpp:

(JSC::UnlinkedCodeBlock::UnlinkedCodeBlock):

• bytecode/UnlinkedCodeBlock.h:

(JSC::UnlinkedCodeBlock::hasCheckpoints const):
(JSC::UnlinkedCodeBlock::setHasCheckpoints):
(JSC::UnlinkedCodeBlock::constantRegister const):
(JSC::UnlinkedCodeBlock::getConstant const):
(JSC::UnlinkedCodeBlock::isConstantRegisterIndex const): Deleted.

• bytecode/ValueProfile.h:

(JSC::ValueProfileAndVirtualRegisterBuffer::ValueProfileAndVirtualRegisterBuffer):
(JSC::ValueProfileAndVirtualRegisterBuffer::~ValueProfileAndVirtualRegisterBuffer):
(JSC::ValueProfileAndOperandBuffer::ValueProfileAndOperandBuffer): Deleted.
(JSC::ValueProfileAndOperandBuffer::~ValueProfileAndOperandBuffer): Deleted.
(JSC::ValueProfileAndOperandBuffer::forEach): Deleted.

• bytecode/ValueRecovery.cpp:

(JSC::ValueRecovery::recover const):

• bytecode/ValueRecovery.h:
• bytecode/VirtualRegister.h:

(JSC::virtualRegisterIsLocal):
(JSC::virtualRegisterIsArgument):
(JSC::VirtualRegister::VirtualRegister):
(JSC::VirtualRegister::isValid const):
(JSC::VirtualRegister::isLocal const):
(JSC::VirtualRegister::isArgument const):
(JSC::VirtualRegister::isConstant const):
(JSC::VirtualRegister::toConstantIndex const):
(JSC::operandIsLocal): Deleted.
(JSC::operandIsArgument): Deleted.

• bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::initializeNextParameter):
(JSC::BytecodeGenerator::initializeParameters):
(JSC::BytecodeGenerator::emitEqualityOpImpl):
(JSC::BytecodeGenerator::emitCallVarargs):

• bytecompiler/BytecodeGenerator.h:

(JSC::BytecodeGenerator::setUsesCheckpoints):

• bytecompiler/RegisterID.h:

(JSC::RegisterID::setIndex):

• dfg/DFGAbstractHeap.cpp:

(JSC::DFG::AbstractHeap::Payload::dumpAsOperand const):
(JSC::DFG::AbstractHeap::dump const):

• dfg/DFGAbstractHeap.h:

(JSC::DFG::AbstractHeap::Payload::Payload):
(JSC::DFG::AbstractHeap::AbstractHeap):
(JSC::DFG::AbstractHeap::operand const):

• dfg/DFGAbstractInterpreterInlines.h:

(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):

• dfg/DFGArgumentPosition.h:

(JSC::DFG::ArgumentPosition::dump):

• dfg/DFGArgumentsEliminationPhase.cpp:
• dfg/DFGArgumentsUtilities.cpp:

(JSC::DFG::argumentsInvolveStackSlot):
(JSC::DFG::emitCodeToGetArgumentsArrayLength):

• dfg/DFGArgumentsUtilities.h:
• dfg/DFGAtTailAbstractState.h:

(JSC::DFG::AtTailAbstractState::operand):

• dfg/DFGAvailabilityMap.cpp:

(JSC::DFG::AvailabilityMap::pruneByLiveness):

• dfg/DFGAvailabilityMap.h:

(JSC::DFG::AvailabilityMap::closeStartingWithLocal):

• dfg/DFGBasicBlock.cpp:

(JSC::DFG::BasicBlock::BasicBlock):
(JSC::DFG::BasicBlock::ensureTmps):

• dfg/DFGBasicBlock.h:
• dfg/DFGBlockInsertionSet.cpp:

(JSC::DFG::BlockInsertionSet::insert):

• dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::ByteCodeParser):
(JSC::DFG::ByteCodeParser::ensureTmps):
(JSC::DFG::ByteCodeParser::progressToNextCheckpoint):
(JSC::DFG::ByteCodeParser::newVariableAccessData):
(JSC::DFG::ByteCodeParser::getDirect):
(JSC::DFG::ByteCodeParser::get):
(JSC::DFG::ByteCodeParser::setDirect):
(JSC::DFG::ByteCodeParser::injectLazyOperandSpeculation):
(JSC::DFG::ByteCodeParser::getLocalOrTmp):
(JSC::DFG::ByteCodeParser::setLocalOrTmp):
(JSC::DFG::ByteCodeParser::setArgument):
(JSC::DFG::ByteCodeParser::findArgumentPositionForLocal):
(JSC::DFG::ByteCodeParser::findArgumentPosition):
(JSC::DFG::ByteCodeParser::flushImpl):
(JSC::DFG::ByteCodeParser::flushForTerminalImpl):
(JSC::DFG::ByteCodeParser::flush):
(JSC::DFG::ByteCodeParser::flushDirect):
(JSC::DFG::ByteCodeParser::addFlushOrPhantomLocal):
(JSC::DFG::ByteCodeParser::phantomLocalDirect):
(JSC::DFG::ByteCodeParser::flushForTerminal):
(JSC::DFG::ByteCodeParser::addToGraph):
(JSC::DFG::ByteCodeParser::InlineStackEntry::remapOperand const):
(JSC::DFG::ByteCodeParser::DelayedSetLocal::DelayedSetLocal):
(JSC::DFG::ByteCodeParser::DelayedSetLocal::execute):
(JSC::DFG::ByteCodeParser::allocateTargetableBlock):
(JSC::DFG::ByteCodeParser::allocateUntargetableBlock):
(JSC::DFG::ByteCodeParser::handleRecursiveTailCall):
(JSC::DFG::ByteCodeParser::inlineCall):
(JSC::DFG::ByteCodeParser::handleVarargsInlining):
(JSC::DFG::ByteCodeParser::handleInlining):
(JSC::DFG::ByteCodeParser::parseBlock):
(JSC::DFG::ByteCodeParser::InlineStackEntry::InlineStackEntry):
(JSC::DFG::ByteCodeParser::parse):
(JSC::DFG::ByteCodeParser::getLocal): Deleted.
(JSC::DFG::ByteCodeParser::setLocal): Deleted.

• dfg/DFGCFAPhase.cpp:

(JSC::DFG::CFAPhase::injectOSR):

• dfg/DFGCPSRethreadingPhase.cpp:

(JSC::DFG::CPSRethreadingPhase::run):
(JSC::DFG::CPSRethreadingPhase::canonicalizeGetLocal):
(JSC::DFG::CPSRethreadingPhase::canonicalizeFlushOrPhantomLocalFor):
(JSC::DFG::CPSRethreadingPhase::canonicalizeFlushOrPhantomLocal):
(JSC::DFG::CPSRethreadingPhase::canonicalizeSet):
(JSC::DFG::CPSRethreadingPhase::canonicalizeLocalsInBlock):
(JSC::DFG::CPSRethreadingPhase::propagatePhis):
(JSC::DFG::CPSRethreadingPhase::phiStackFor):

• dfg/DFGCSEPhase.cpp:
• dfg/DFGCapabilities.cpp:

(JSC::DFG::capabilityLevel):

• dfg/DFGClobberize.h:

(JSC::DFG::clobberize):

• dfg/DFGCombinedLiveness.cpp:

(JSC::DFG::addBytecodeLiveness):

• dfg/DFGCommonData.cpp:

(JSC::DFG::CommonData::addCodeOrigin):
(JSC::DFG::CommonData::addUniqueCallSiteIndex):
(JSC::DFG::CommonData::lastCallSite const):

• dfg/DFGConstantFoldingPhase.cpp:

(JSC::DFG::ConstantFoldingPhase::foldConstants):

• dfg/DFGDoesGC.cpp:

(JSC::DFG::doesGC):

• dfg/DFGDriver.cpp:

(JSC::DFG::compileImpl):

• dfg/DFGFixupPhase.cpp:

(JSC::DFG::FixupPhase::fixupNode):

• dfg/DFGForAllKills.h:

(JSC::DFG::forAllKilledOperands):
(JSC::DFG::forAllKilledNodesAtNodeIndex):
(JSC::DFG::forAllKillsInBlock):

• dfg/DFGGraph.cpp:

(JSC::DFG::Graph::dump):
(JSC::DFG::Graph::dumpBlockHeader):
(JSC::DFG::Graph::substituteGetLocal):
(JSC::DFG::Graph::isLiveInBytecode):
(JSC::DFG::Graph::localsAndTmpsLiveInBytecode):
(JSC::DFG::Graph::methodOfGettingAValueProfileFor):
(JSC::DFG::Graph::localsLiveInBytecode): Deleted.

• dfg/DFGGraph.h:

(JSC::DFG::Graph::forAllLocalsAndTmpsLiveInBytecode):
(JSC::DFG::Graph::forAllLiveInBytecode):
(JSC::DFG::Graph::forAllLocalsLiveInBytecode): Deleted.

• dfg/DFGInPlaceAbstractState.cpp:

(JSC::DFG::InPlaceAbstractState::InPlaceAbstractState):

• dfg/DFGInPlaceAbstractState.h:

(JSC::DFG::InPlaceAbstractState::operand):

• dfg/DFGJITCompiler.cpp:

(JSC::DFG::JITCompiler::linkOSRExits):
(JSC::DFG::JITCompiler::noticeOSREntry):

• dfg/DFGJITCompiler.h:

(JSC::DFG::JITCompiler::emitStoreCallSiteIndex):

• dfg/DFGLiveCatchVariablePreservationPhase.cpp:

(JSC::DFG::LiveCatchVariablePreservationPhase::isValidFlushLocation):
(JSC::DFG::LiveCatchVariablePreservationPhase::handleBlockForTryCatch):
(JSC::DFG::LiveCatchVariablePreservationPhase::newVariableAccessData):

• dfg/DFGMovHintRemovalPhase.cpp:
• dfg/DFGNode.h:

(JSC::DFG::StackAccessData::StackAccessData):
(JSC::DFG::Node::hasArgumentsChild):
(JSC::DFG::Node::argumentsChild):
(JSC::DFG::Node::operand):
(JSC::DFG::Node::hasUnlinkedOperand):
(JSC::DFG::Node::unlinkedOperand):
(JSC::DFG::Node::hasLoadVarargsData):
(JSC::DFG::Node::local): Deleted.
(JSC::DFG::Node::hasUnlinkedLocal): Deleted.
(JSC::DFG::Node::unlinkedLocal): Deleted.

• dfg/DFGNodeType.h:
• dfg/DFGOSRAvailabilityAnalysisPhase.cpp:

(JSC::DFG::OSRAvailabilityAnalysisPhase::run):
(JSC::DFG::LocalOSRAvailabilityCalculator::executeNode):

• dfg/DFGOSREntry.cpp:

(JSC::DFG::prepareOSREntry):
(JSC::DFG::prepareCatchOSREntry):

• dfg/DFGOSREntrypointCreationPhase.cpp:

(JSC::DFG::OSREntrypointCreationPhase::run):

• dfg/DFGOSRExit.cpp:

(JSC::DFG::OSRExit::emitRestoreArguments):
(JSC::DFG::OSRExit::compileExit):
(JSC::DFG::jsValueFor): Deleted.
(JSC::DFG::restoreCalleeSavesFor): Deleted.
(JSC::DFG::saveCalleeSavesFor): Deleted.
(JSC::DFG::restoreCalleeSavesFromVMEntryFrameCalleeSavesBuffer): Deleted.
(JSC::DFG::copyCalleeSavesToVMEntryFrameCalleeSavesBuffer): Deleted.
(JSC::DFG::saveOrCopyCalleeSavesFor): Deleted.
(JSC::DFG::createDirectArgumentsDuringExit): Deleted.
(JSC::DFG::createClonedArgumentsDuringExit): Deleted.
(JSC::DFG::emitRestoreArguments): Deleted.
(JSC::DFG::OSRExit::executeOSRExit): Deleted.
(JSC::DFG::reifyInlinedCallFrames): Deleted.
(JSC::DFG::adjustAndJumpToTarget): Deleted.
(JSC::DFG::printOSRExit): Deleted.

• dfg/DFGOSRExit.h:
• dfg/DFGOSRExitBase.h:

(JSC::DFG::OSRExitBase::isExitingToCheckpointHandler const):

• dfg/DFGOSRExitCompilerCommon.cpp:

(JSC::DFG::callerReturnPC):
(JSC::DFG::reifyInlinedCallFrames):
(JSC::DFG::adjustAndJumpToTarget):

• dfg/DFGObjectAllocationSinkingPhase.cpp:
• dfg/DFGOpInfo.h:

(JSC::DFG::OpInfo::OpInfo):

• dfg/DFGOperations.cpp:
• dfg/DFGPhantomInsertionPhase.cpp:
• dfg/DFGPreciseLocalClobberize.h:

(JSC::DFG::PreciseLocalClobberizeAdaptor::read):
(JSC::DFG::PreciseLocalClobberizeAdaptor::write):
(JSC::DFG::PreciseLocalClobberizeAdaptor::def):
(JSC::DFG::PreciseLocalClobberizeAdaptor::callIfAppropriate):

• dfg/DFGPredictionInjectionPhase.cpp:

(JSC::DFG::PredictionInjectionPhase::run):

• dfg/DFGPredictionPropagationPhase.cpp:
• dfg/DFGPutStackSinkingPhase.cpp:
• dfg/DFGSSAConversionPhase.cpp:

(JSC::DFG::SSAConversionPhase::run):

• dfg/DFGSafeToExecute.h:

(JSC::DFG::safeToExecute):

• dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compileMovHint):
(JSC::DFG::SpeculativeJIT::compileCurrentBlock):
(JSC::DFG::SpeculativeJIT::checkArgumentTypes):
(JSC::DFG::SpeculativeJIT::compileVarargsLength):
(JSC::DFG::SpeculativeJIT::compileLoadVarargs):
(JSC::DFG::SpeculativeJIT::compileForwardVarargs):
(JSC::DFG::SpeculativeJIT::compileCreateDirectArguments):
(JSC::DFG::SpeculativeJIT::compileGetArgumentCountIncludingThis):

• dfg/DFGSpeculativeJIT.h:

(JSC::DFG::SpeculativeJIT::recordSetLocal):

• dfg/DFGSpeculativeJIT32_64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

• dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

• dfg/DFGStackLayoutPhase.cpp:

(JSC::DFG::StackLayoutPhase::run):
(JSC::DFG::StackLayoutPhase::assign):

• dfg/DFGStrengthReductionPhase.cpp:

(JSC::DFG::StrengthReductionPhase::handleNode):

• dfg/DFGThunks.cpp:

(JSC::DFG::osrExitThunkGenerator): Deleted.

• dfg/DFGThunks.h:
• dfg/DFGTypeCheckHoistingPhase.cpp:

(JSC::DFG::TypeCheckHoistingPhase::run):
(JSC::DFG::TypeCheckHoistingPhase::disableHoistingAcrossOSREntries):

• dfg/DFGValidate.cpp:
• dfg/DFGVarargsForwardingPhase.cpp:
• dfg/DFGVariableAccessData.cpp:

(JSC::DFG::VariableAccessData::VariableAccessData):
(JSC::DFG::VariableAccessData::shouldUseDoubleFormatAccordingToVote):
(JSC::DFG::VariableAccessData::tallyVotesForShouldUseDoubleFormat):
(JSC::DFG::VariableAccessData::couldRepresentInt52Impl):

• dfg/DFGVariableAccessData.h:

(JSC::DFG::VariableAccessData::operand):
(JSC::DFG::VariableAccessData::local): Deleted.

• dfg/DFGVariableEvent.cpp:

(JSC::DFG::VariableEvent::dump const):

• dfg/DFGVariableEvent.h:

(JSC::DFG::VariableEvent::spill):
(JSC::DFG::VariableEvent::setLocal):
(JSC::DFG::VariableEvent::movHint):
(JSC::DFG::VariableEvent::spillRegister const):
(JSC::DFG::VariableEvent::operand const):
(JSC::DFG::VariableEvent::bytecodeRegister const): Deleted.

• dfg/DFGVariableEventStream.cpp:

(JSC::DFG::VariableEventStream::logEvent):
(JSC::DFG::VariableEventStream::reconstruct const):

• dfg/DFGVariableEventStream.h:

(JSC::DFG::VariableEventStream::appendAndLog):

• ftl/FTLCapabilities.cpp:

(JSC::FTL::canCompile):

• ftl/FTLForOSREntryJITCode.cpp:

(JSC::FTL::ForOSREntryJITCode::ForOSREntryJITCode):

• ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::lower):
(JSC::FTL::DFG::LowerDFGToB3::compileNode):
(JSC::FTL::DFG::LowerDFGToB3::compileExtractOSREntryLocal):
(JSC::FTL::DFG::LowerDFGToB3::compileGetStack):
(JSC::FTL::DFG::LowerDFGToB3::compileGetCallee):
(JSC::FTL::DFG::LowerDFGToB3::compileSetCallee):
(JSC::FTL::DFG::LowerDFGToB3::compileSetArgumentCountIncludingThis):
(JSC::FTL::DFG::LowerDFGToB3::compileVarargsLength):
(JSC::FTL::DFG::LowerDFGToB3::compileLoadVarargs):
(JSC::FTL::DFG::LowerDFGToB3::compileForwardVarargs):
(JSC::FTL::DFG::LowerDFGToB3::getSpreadLengthFromInlineCallFrame):
(JSC::FTL::DFG::LowerDFGToB3::compileForwardVarargsWithSpread):
(JSC::FTL::DFG::LowerDFGToB3::compileLogShadowChickenPrologue):
(JSC::FTL::DFG::LowerDFGToB3::getArgumentsLength):
(JSC::FTL::DFG::LowerDFGToB3::getCurrentCallee):
(JSC::FTL::DFG::LowerDFGToB3::callPreflight):
(JSC::FTL::DFG::LowerDFGToB3::appendOSRExitDescriptor):
(JSC::FTL::DFG::LowerDFGToB3::buildExitArguments):
(JSC::FTL::DFG::LowerDFGToB3::addressFor):
(JSC::FTL::DFG::LowerDFGToB3::payloadFor):
(JSC::FTL::DFG::LowerDFGToB3::tagFor):

• ftl/FTLOSREntry.cpp:

(JSC::FTL::prepareOSREntry):

• ftl/FTLOSRExit.cpp:

(JSC::FTL::OSRExitDescriptor::OSRExitDescriptor):

• ftl/FTLOSRExit.h:
• ftl/FTLOSRExitCompiler.cpp:

(JSC::FTL::compileStub):

• ftl/FTLOperations.cpp:

(JSC::FTL::operationMaterializeObjectInOSR):

• ftl/FTLOutput.cpp:

(JSC::FTL::Output::select):

• ftl/FTLOutput.h:
• ftl/FTLSelectPredictability.h: Copied from Source/JavaScriptCore/ftl/FTLForOSREntryJITCode.cpp.
• ftl/FTLSlowPathCall.h:

(JSC::FTL::callOperation):

• generator/Checkpoints.rb: Added.
• generator/Opcode.rb:
• generator/Section.rb:
• heap/Heap.cpp:

(JSC::Heap::gatherScratchBufferRoots):

• interpreter/CallFrame.cpp:

(JSC::CallFrame::callSiteAsRawBits const):
(JSC::CallFrame::unsafeCallSiteAsRawBits const):
(JSC::CallFrame::callSiteIndex const):
(JSC::CallFrame::unsafeCallSiteIndex const):
(JSC::CallFrame::setCurrentVPC):
(JSC::CallFrame::bytecodeIndex):
(JSC::CallFrame::codeOrigin):

• interpreter/CallFrame.h:

(JSC::CallSiteIndex::CallSiteIndex):
(JSC::CallSiteIndex::operator bool const):
(JSC::CallSiteIndex::operator== const):
(JSC::CallSiteIndex::bits const):
(JSC::CallSiteIndex::fromBits):
(JSC::CallSiteIndex::bytecodeIndex const):
(JSC::DisposableCallSiteIndex::DisposableCallSiteIndex):
(JSC::CallFrame::callee const):
(JSC::CallFrame::unsafeCallee const):
(JSC::CallFrame::addressOfCodeBlock const):
(JSC::CallFrame::argumentCountIncludingThis const):
(JSC::CallFrame::offsetFor):
(JSC::CallFrame::setArgumentCountIncludingThis):
(JSC::CallFrame::setReturnPC):

• interpreter/CallFrameInlines.h:

(JSC::CallFrame::r):
(JSC::CallFrame::uncheckedR):
(JSC::CallFrame::guaranteedJSValueCallee const):
(JSC::CallFrame::jsCallee const):
(JSC::CallFrame::codeBlock const):
(JSC::CallFrame::unsafeCodeBlock const):
(JSC::CallFrame::setCallee):
(JSC::CallFrame::setCodeBlock):

• interpreter/CheckpointOSRExitSideState.h: Copied from Source/JavaScriptCore/dfg/DFGThunks.h.
• interpreter/Interpreter.cpp:

(JSC::eval):
(JSC::sizeOfVarargs):
(JSC::loadVarargs):
(JSC::setupVarargsFrame):
(JSC::UnwindFunctor::operator() const):
(JSC::Interpreter::executeCall):
(JSC::Interpreter::executeConstruct):

• interpreter/Interpreter.h:
• interpreter/StackVisitor.cpp:

(JSC::StackVisitor::readInlinedFrame):

• jit/AssemblyHelpers.h:

(JSC::AssemblyHelpers::emitGetFromCallFrameHeaderPtr):
(JSC::AssemblyHelpers::emitGetFromCallFrameHeader32):
(JSC::AssemblyHelpers::emitGetFromCallFrameHeader64):
(JSC::AssemblyHelpers::emitPutToCallFrameHeader):
(JSC::AssemblyHelpers::emitPutToCallFrameHeaderBeforePrologue):
(JSC::AssemblyHelpers::emitPutPayloadToCallFrameHeaderBeforePrologue):
(JSC::AssemblyHelpers::emitPutTagToCallFrameHeaderBeforePrologue):
(JSC::AssemblyHelpers::addressFor):
(JSC::AssemblyHelpers::tagFor):
(JSC::AssemblyHelpers::payloadFor):
(JSC::AssemblyHelpers::calleeFrameSlot):
(JSC::AssemblyHelpers::calleeArgumentSlot):
(JSC::AssemblyHelpers::calleeFrameTagSlot):
(JSC::AssemblyHelpers::calleeFramePayloadSlot):
(JSC::AssemblyHelpers::calleeFrameCallerFrame):
(JSC::AssemblyHelpers::argumentCount):

• jit/CallFrameShuffler.cpp:

(JSC::CallFrameShuffler::CallFrameShuffler):

• jit/CallFrameShuffler.h:

(JSC::CallFrameShuffler::setCalleeJSValueRegs):
(JSC::CallFrameShuffler::assumeCalleeIsCell):

• jit/JIT.h:
• jit/JITArithmetic.cpp:

(JSC::JIT::emit_op_unsigned):
(JSC::JIT::emit_compareAndJump):
(JSC::JIT::emit_compareAndJumpImpl):
(JSC::JIT::emit_compareUnsignedAndJump):
(JSC::JIT::emit_compareUnsignedAndJumpImpl):
(JSC::JIT::emit_compareUnsigned):
(JSC::JIT::emit_compareUnsignedImpl):
(JSC::JIT::emit_compareAndJumpSlow):
(JSC::JIT::emit_compareAndJumpSlowImpl):
(JSC::JIT::emit_op_inc):
(JSC::JIT::emit_op_dec):
(JSC::JIT::emit_op_mod):
(JSC::JIT::emitBitBinaryOpFastPath):
(JSC::JIT::emit_op_bitnot):
(JSC::JIT::emitRightShiftFastPath):
(JSC::JIT::emitMathICFast):
(JSC::JIT::emitMathICSlow):
(JSC::JIT::emit_op_div):

• jit/JITCall.cpp:

(JSC::JIT::emitPutCallResult):
(JSC::JIT::compileSetupFrame):
(JSC::JIT::compileOpCall):

• jit/JITExceptions.cpp:

(JSC::genericUnwind):

• jit/JITInlines.h:

(JSC::JIT::isOperandConstantDouble):
(JSC::JIT::getConstantOperand):
(JSC::JIT::emitPutIntToCallFrameHeader):
(JSC::JIT::appendCallWithExceptionCheckSetJSValueResult):
(JSC::JIT::appendCallWithExceptionCheckSetJSValueResultWithProfile):
(JSC::JIT::linkSlowCaseIfNotJSCell):
(JSC::JIT::isOperandConstantChar):
(JSC::JIT::getOperandConstantInt):
(JSC::JIT::getOperandConstantDouble):
(JSC::JIT::emitInitRegister):
(JSC::JIT::emitLoadTag):
(JSC::JIT::emitLoadPayload):
(JSC::JIT::emitGet):
(JSC::JIT::emitPutVirtualRegister):
(JSC::JIT::emitLoad):
(JSC::JIT::emitLoad2):
(JSC::JIT::emitLoadDouble):
(JSC::JIT::emitLoadInt32ToDouble):
(JSC::JIT::emitStore):
(JSC::JIT::emitStoreInt32):
(JSC::JIT::emitStoreCell):
(JSC::JIT::emitStoreBool):
(JSC::JIT::emitStoreDouble):
(JSC::JIT::emitJumpSlowCaseIfNotJSCell):
(JSC::JIT::isOperandConstantInt):
(JSC::JIT::emitGetVirtualRegister):
(JSC::JIT::emitGetVirtualRegisters):

• jit/JITOpcodes.cpp:

(JSC::JIT::emit_op_mov):
(JSC::JIT::emit_op_end):
(JSC::JIT::emit_op_new_object):
(JSC::JIT::emitSlow_op_new_object):
(JSC::JIT::emit_op_overrides_has_instance):
(JSC::JIT::emit_op_instanceof):
(JSC::JIT::emitSlow_op_instanceof):
(JSC::JIT::emit_op_is_empty):
(JSC::JIT::emit_op_is_undefined):
(JSC::JIT::emit_op_is_undefined_or_null):
(JSC::JIT::emit_op_is_boolean):
(JSC::JIT::emit_op_is_number):
(JSC::JIT::emit_op_is_cell_with_type):
(JSC::JIT::emit_op_is_object):
(JSC::JIT::emit_op_ret):
(JSC::JIT::emit_op_to_primitive):
(JSC::JIT::emit_op_set_function_name):
(JSC::JIT::emit_op_not):
(JSC::JIT::emit_op_jfalse):
(JSC::JIT::emit_op_jeq_null):
(JSC::JIT::emit_op_jneq_null):
(JSC::JIT::emit_op_jundefined_or_null):
(JSC::JIT::emit_op_jnundefined_or_null):
(JSC::JIT::emit_op_jneq_ptr):
(JSC::JIT::emit_op_eq):
(JSC::JIT::emit_op_jeq):
(JSC::JIT::emit_op_jtrue):
(JSC::JIT::emit_op_neq):
(JSC::JIT::emit_op_jneq):
(JSC::JIT::emit_op_throw):
(JSC::JIT::compileOpStrictEq):
(JSC::JIT::compileOpStrictEqJump):
(JSC::JIT::emit_op_to_number):
(JSC::JIT::emit_op_to_numeric):
(JSC::JIT::emit_op_to_string):
(JSC::JIT::emit_op_to_object):
(JSC::JIT::emit_op_catch):
(JSC::JIT::emit_op_get_parent_scope):
(JSC::JIT::emit_op_switch_imm):
(JSC::JIT::emit_op_switch_char):
(JSC::JIT::emit_op_switch_string):
(JSC::JIT::emit_op_eq_null):
(JSC::JIT::emit_op_neq_null):
(JSC::JIT::emit_op_enter):
(JSC::JIT::emit_op_get_scope):
(JSC::JIT::emit_op_to_this):
(JSC::JIT::emit_op_create_this):
(JSC::JIT::emit_op_check_tdz):
(JSC::JIT::emitSlow_op_eq):
(JSC::JIT::emitSlow_op_neq):
(JSC::JIT::emitSlow_op_instanceof_custom):
(JSC::JIT::emit_op_new_regexp):
(JSC::JIT::emitNewFuncCommon):
(JSC::JIT::emitNewFuncExprCommon):
(JSC::JIT::emit_op_new_array):
(JSC::JIT::emit_op_new_array_with_size):
(JSC::JIT::emit_op_has_structure_property):
(JSC::JIT::emit_op_has_indexed_property):
(JSC::JIT::emitSlow_op_has_indexed_property):
(JSC::JIT::emit_op_get_direct_pname):
(JSC::JIT::emit_op_enumerator_structure_pname):
(JSC::JIT::emit_op_enumerator_generic_pname):
(JSC::JIT::emit_op_profile_type):
(JSC::JIT::emit_op_log_shadow_chicken_prologue):
(JSC::JIT::emit_op_log_shadow_chicken_tail):
(JSC::JIT::emit_op_argument_count):
(JSC::JIT::emit_op_get_rest_length):
(JSC::JIT::emit_op_get_argument):

• jit/JITOpcodes32_64.cpp:

(JSC::JIT::emit_op_catch):

• jit/JITOperations.cpp:
• jit/JITPropertyAccess.cpp:

(JSC::JIT::emit_op_get_by_val):
(JSC::JIT::emitSlow_op_get_by_val):
(JSC::JIT::emit_op_put_by_val):
(JSC::JIT::emitGenericContiguousPutByVal):
(JSC::JIT::emitArrayStoragePutByVal):
(JSC::JIT::emitPutByValWithCachedId):
(JSC::JIT::emitSlow_op_put_by_val):
(JSC::JIT::emit_op_put_getter_by_id):
(JSC::JIT::emit_op_put_setter_by_id):
(JSC::JIT::emit_op_put_getter_setter_by_id):
(JSC::JIT::emit_op_put_getter_by_val):
(JSC::JIT::emit_op_put_setter_by_val):
(JSC::JIT::emit_op_del_by_id):
(JSC::JIT::emit_op_del_by_val):
(JSC::JIT::emit_op_try_get_by_id):
(JSC::JIT::emitSlow_op_try_get_by_id):
(JSC::JIT::emit_op_get_by_id_direct):
(JSC::JIT::emitSlow_op_get_by_id_direct):
(JSC::JIT::emit_op_get_by_id):
(JSC::JIT::emit_op_get_by_id_with_this):
(JSC::JIT::emitSlow_op_get_by_id):
(JSC::JIT::emitSlow_op_get_by_id_with_this):
(JSC::JIT::emit_op_put_by_id):
(JSC::JIT::emit_op_in_by_id):
(JSC::JIT::emitSlow_op_in_by_id):
(JSC::JIT::emitResolveClosure):
(JSC::JIT::emit_op_resolve_scope):
(JSC::JIT::emitLoadWithStructureCheck):
(JSC::JIT::emitGetClosureVar):
(JSC::JIT::emit_op_get_from_scope):
(JSC::JIT::emitSlow_op_get_from_scope):
(JSC::JIT::emitPutGlobalVariable):
(JSC::JIT::emitPutGlobalVariableIndirect):
(JSC::JIT::emitPutClosureVar):
(JSC::JIT::emit_op_put_to_scope):
(JSC::JIT::emit_op_get_from_arguments):
(JSC::JIT::emit_op_put_to_arguments):
(JSC::JIT::emitWriteBarrier):
(JSC::JIT::emit_op_get_internal_field):
(JSC::JIT::emit_op_put_internal_field):
(JSC::JIT::emitIntTypedArrayPutByVal):
(JSC::JIT::emitFloatTypedArrayPutByVal):

• jit/JSInterfaceJIT.h:

(JSC::JSInterfaceJIT::emitLoadJSCell):
(JSC::JSInterfaceJIT::emitJumpIfNotJSCell):
(JSC::JSInterfaceJIT::emitLoadInt32):
(JSC::JSInterfaceJIT::emitLoadDouble):
(JSC::JSInterfaceJIT::emitGetFromCallFrameHeaderPtr):
(JSC::JSInterfaceJIT::emitPutToCallFrameHeader):
(JSC::JSInterfaceJIT::emitPutCellToCallFrameHeader):

• jit/SetupVarargsFrame.cpp:

(JSC::emitSetupVarargsFrameFastCase):

• jit/SpecializedThunkJIT.h:

(JSC::SpecializedThunkJIT::loadDoubleArgument):
(JSC::SpecializedThunkJIT::loadCellArgument):
(JSC::SpecializedThunkJIT::loadInt32Argument):

• jit/ThunkGenerators.cpp:

(JSC::absThunkGenerator):

• llint/LLIntSlowPaths.cpp:

(JSC::LLInt::getNonConstantOperand):
(JSC::LLInt::getOperand):
(JSC::LLInt::genericCall):
(JSC::LLInt::varargsSetup):
(JSC::LLInt::commonCallEval):
(JSC::LLInt::LLINT_SLOW_PATH_DECL):
(JSC::LLInt::handleVarargsCheckpoint):
(JSC::LLInt::dispatchToNextInstruction):
(JSC::LLInt::slow_path_checkpoint_osr_exit_from_inlined_call):
(JSC::LLInt::slow_path_checkpoint_osr_exit):
(JSC::LLInt::llint_throw_stack_overflow_error):

• llint/LLIntSlowPaths.h:
• llint/LowLevelInterpreter.asm:
• llint/LowLevelInterpreter32_64.asm:
• llint/LowLevelInterpreter64.asm:
• runtime/ArgList.h:

(JSC::MarkedArgumentBuffer::fill):

• runtime/CachedTypes.cpp:

(JSC::CachedCodeBlock::hasCheckpoints const):
(JSC::UnlinkedCodeBlock::UnlinkedCodeBlock):
(JSC::CachedCodeBlock<CodeBlockType>::encode):

• runtime/CommonSlowPaths.cpp:

(JSC::SLOW_PATH_DECL):

• runtime/ConstructData.cpp:

(JSC::construct):

• runtime/ConstructData.h:
• runtime/DirectArguments.cpp:

(JSC::DirectArguments::copyToArguments):

• runtime/DirectArguments.h:
• runtime/GenericArguments.h:
• runtime/GenericArgumentsInlines.h:

(JSC::GenericArguments<Type>::copyToArguments):

• runtime/JSArray.cpp:

(JSC::JSArray::copyToArguments):

• runtime/JSArray.h:
• runtime/JSImmutableButterfly.cpp:

(JSC::JSImmutableButterfly::copyToArguments):

• runtime/JSImmutableButterfly.h:
• runtime/JSLock.cpp:

(JSC::JSLock::willReleaseLock):

• runtime/ModuleProgramExecutable.cpp:

(JSC::ModuleProgramExecutable::create):

• runtime/Options.cpp:

(JSC::recomputeDependentOptions):

• runtime/ScopedArguments.cpp:

(JSC::ScopedArguments::copyToArguments):

• runtime/ScopedArguments.h:
• runtime/VM.cpp:

(JSC::VM::scanSideState const):
(JSC::VM::addCheckpointOSRSideState):
(JSC::VM::findCheckpointOSRSideState):

• runtime/VM.h:

(JSC::VM::hasCheckpointOSRSideState const):

• tools/VMInspector.cpp:

(JSC::VMInspector::dumpRegisters):

• wasm/WasmFunctionCodeBlock.h:

(JSC::Wasm::FunctionCodeBlock::getConstant const):
(JSC::Wasm::FunctionCodeBlock::getConstantType const):

• wasm/WasmLLIntGenerator.cpp:

(JSC::Wasm::LLIntGenerator::setUsesCheckpoints const):

• wasm/WasmOperations.cpp:

(JSC::Wasm::operationWasmToJSException):

• wasm/WasmSlowPaths.cpp:

Source/WTF:

• WTF.xcodeproj/project.pbxproj:
• wtf/Bitmap.h:

(WTF::WordType>::invert):
(WTF::WordType>::operator):
(WTF::WordType>::operator const const):

• wtf/CMakeLists.txt:
• wtf/EnumClassOperatorOverloads.h: Added.
• wtf/FastBitVector.h:

(WTF::FastBitReference::operator bool const):
(WTF::FastBitReference::operator|=):
(WTF::FastBitReference::operator&=):
(WTF::FastBitVector::fill):
(WTF::FastBitVector::grow):

• wtf/UnalignedAccess.h:

(WTF::unalignedLoad):
(WTF::unalignedStore):

Tools:

• Scripts/run-jsc-stress-tests:

7:55 PM Changeset in webkit [254734] by Brent Fulgham

• 2 edits in trunk/Source/WebKit

[iOS] Add telemetry for IOKIt classes not seen in test runs
​https://bugs.webkit.org/show_bug.cgi?id=206386
<rdar://problem/58663519>

Reviewed by Per Arne Vollan.

Capture telemetry to show which IOKit classes are acitvely used in WebKit.

No new tests because this does not change behavior.

• Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:

7:47 PM Changeset in webkit [254733] by keith_miller@apple.com

• 3 edits
  1 delete in trunk

Revert 254725 since it breaks tests
​https://bugs.webkit.org/show_bug.cgi?id=206391

Unreviewed, revert.

JSTests:

• stress/allocation-sinking-puthint-control-flow-2.js: Removed.

Source/JavaScriptCore:

• dfg/DFGObjectAllocationSinkingPhase.cpp:

7:03 PM Changeset in webkit [254732] by timothy_horton@apple.com

• 3 edits in trunk/Source/WTF

Fix the build after r254701
<rdar://problem/58667355>

• wtf/Platform.h:
• wtf/PlatformEnable.h:

AdditionalFeatureDefines has to come first.

5:30 PM Changeset in webkit [254731] by Jon Davis

• 2 edits in trunk/Websites/webkit.org

Ensure full URLs for relative path images for social meta data
​https://bugs.webkit.org/show_bug.cgi?id=206382

Reviewed by Devin Rousso.

• wp-content/plugins/social-meta.php:

5:24 PM Changeset in webkit [254730] by Devin Rousso

• 17 edits in trunk/Source/WebInspectorUI

Web Inspector: add links to reference pages
​https://bugs.webkit.org/show_bug.cgi?id=206309

Reviewed by Timothy Hatcher.

• UserInterface/Base/Main.js:

(WI._handleDeviceSettingsToolbarButtonClicked):
(WI.createReferencePageLink): Added.

• UserInterface/Views/Main.css:

(.reference-page-link): Added.
(.reference-page-link:active): Added.
(@media (-webkit-device-pixel-ratio: 1) .reference-page-link): Added.
(@media (prefers-color-scheme: dark) .reference-page-link): Added.
(@media (prefers-color-scheme: dark) .reference-page-link:active): Added.
(.device-settings-content):
(.device-settings-content > table): Added.
(.device-settings-content > table > tr > td:first-child): Added.
(.device-settings-content > .reference-page-link-container): Added.
(body[dir=ltr] .device-settings-content > .reference-page-link-container): Added.
(body[dir=rtl] .device-settings-content > .reference-page-link-container): Added.
(.device-settings-content > tr > td:first-child): Deleted.

• UserInterface/Controllers/NetworkManager.js:

(WI.NetworkManager.prototype.async createBootstrapScript):

• UserInterface/Controllers/BreakpointPopoverController.js:

(WI.BreakpointPopoverController.prototype._createPopoverContent):
(WI.BreakpointPopoverController.prototype._popoverActionsCreateAddActionButton):

• UserInterface/Views/BreakpointPopoverController.css:

(.popover .edit-breakpoint-popover-content > table > tr > td.options): Added.
(.popover .edit-breakpoint-popover-content > table > tr > td.options > .reference-page-link-container): Added.
(body[dir=ltr] .popover .edit-breakpoint-popover-content > table > tr > td.options > .reference-page-link-container): Added.
(body[dir=rtl] .popover .edit-breakpoint-popover-content > table > tr > td.options > .reference-page-link-container): Added.
(body[dir=ltr] .popover .edit-breakpoint-popover-content .reference-page-link-container): Added.
(body[dir=rtl] .popover .edit-breakpoint-popover-content .reference-page-link-container): Added.

• UserInterface/Views/EventBreakpointPopover.js:

(WI.EventBreakpointPopover.prototype.show):

• UserInterface/Views/EventBreakpointPopover.css:

(.popover .event-breakpoint-content .reference-page-link-container): Added.

• UserInterface/Views/URLBreakpointPopover.js:

(WI.URLBreakpointPopover.prototype.show):

• UserInterface/Views/URLBreakpointPopover.css:

(.popover .url-breakpoint-content .reference-page-link-container): Added.

• UserInterface/Views/LocalResourceOverridePopover.js:

(WI.LocalResourceOverridePopover.prototype.show):

• UserInterface/Views/LocalResourceOverridePopover.css:

(.popover .local-resource-override-popover-content .reference-page-link-container): Added.
(body[dir=ltr] .popover .local-resource-override-popover-content .reference-page-link-container): Added.
(body[dir=rtl] .popover .local-resource-override-popover-content .reference-page-link-container): Added.

• UserInterface/Views/SettingsTabContentView.js:

(WI.SettingsTabContentView.prototype.initialLayout):
(WI.SettingsTabContentView.prototype._createGeneralSettingsView):
(WI.SettingsTabContentView.prototype._createElementsSettingsView):
(WI.SettingsTabContentView.prototype._createSourcesSettingsView):
(WI.SettingsTabContentView.prototype._createConsoleSettingsView):
(WI.SettingsTabContentView.prototype._createExperimentalSettingsView):
(WI.SettingsTabContentView.prototype._createReferenceLink): Added.

• UserInterface/Views/SettingsTabContentView.css:

(.content-view.tab.settings): Added.
(.content-view.tab.settings .navigation-bar): Added.
(.content-view.tab.settings .navigation-bar.invisible): Added.
(.content-view.tab.settings .navigation-bar .item.radio.button.text-only): Added.
(.content-view.tab.settings .navigation-bar .item.radio.button.text-only:before): Added.
(.content-view.tab.settings .navigation-bar .item.radio.button.text-only.selected): Added.
(.content-view.tab.settings > .settings-view): Added.
(.content-view.tab.settings > .settings-view > .separator): Added.
(.content-view.tab.settings > .settings-view > .container): Added.
(.content-view.tab.settings > .settings-view > .container.hidden): Added.
(.content-view.tab.settings > .settings-view > .container-centered): Added.
(.content-view.tab.settings > .settings-view > .container button): Added.
(.content-view.tab.settings > .settings-view > .container > .title): Added.
(.content-view.tab.settings > .settings-view > .container > .editor-group): Added.
(.content-view.tab.settings > .settings-view > .container > .editor-group > .editor): Added.
(.content-view.tab.settings > .settings-view > .container > .editor-group > .editor:first-child > *): Added.
(.content-view.tab.settings > .settings-view > .container > .editor-group > .editor input): Added.
(.content-view.tab.settings > .settings-view > .container > .editor-group > .editor input[type="checkbox"]): Added.
(.content-view.tab.settings > .settings-view > .container > .editor-group > .editor select): Added.
(.content-view.tab.settings > .settings-view > .container > .editor-group > .editor input[type="number"]): Added.
(.content-view.tab.settings > .settings-view > .container > .editor-group > .editor input[type="text"]): Added.
(.content-view.tab.settings > .settings-view > .container.reference): Added.
(.content-view.tab.settings > .settings-view > .container.reference > .reference-page-link): Added.
(.content-view.tab.settings > .settings-view > .container.reference > .reference-page-link > .go-to-arrow): Added.
(.content-view.settings .navigation-bar): Deleted.
(.content-view.settings .navigation-bar.invisible): Deleted.
(.content-view.settings .navigation-bar .item.radio.button.text-only): Deleted.
(.content-view.settings .navigation-bar .item.radio.button.text-only:before): Deleted.
(.content-view.settings .navigation-bar .item.radio.button.text-only.selected): Deleted.
(.content-view.settings > .settings-view): Deleted.
(.content-view.settings > .settings-view > .separator): Deleted.
(.content-view.settings > .settings-view > .container): Deleted.
(.content-view.settings > .settings-view > .container.hidden): Deleted.
(.content-view.settings > .settings-view > .container-centered): Deleted.
(.content-view.settings > .settings-view > .container button): Deleted.
(.content-view.settings > .settings-view > .container > .title): Deleted.
(.content-view.settings > .settings-view > .container > .editor-group): Deleted.
(.content-view.settings > .settings-view > .container > .editor-group > .editor): Deleted.
(.content-view.settings > .settings-view > .container > .editor-group > .editor:first-child > *): Deleted.
(.content-view.settings > .settings-view > .container > .editor-group > .editor input): Deleted.
(.content-view.settings > .settings-view > .container > .editor-group > .editor input[type="checkbox"]): Deleted.
(.content-view.settings > .settings-view > .container > .editor-group > .editor select): Deleted.
(.content-view.settings > .settings-view > .container > .editor-group > .editor input[type="number"]): Deleted.
(.content-view.settings > .settings-view > .container > .editor-group > .editor input[type="text"]): Deleted.
(@media (prefers-color-scheme: dark) .content-view.settings .navigation-bar): Deleted.
(@media (prefers-color-scheme: dark) .content-view.settings .navigation-bar .item.radio.button.text-only.selected): Deleted.

• UserInterface/Views/BlackboxSettingsView.js:

(WI.BlackboxSettingsView.prototype.initialLayout):

• UserInterface/Views/BlackboxSettingsView.css:

(.settings-view.blackbox > table > tbody td.url): Added.
(.settings-view.blackbox > table > tbody td.url > .CodeMirror):

• Localizations/en.lproj/localizedStrings.js:

5:24 PM Changeset in webkit [254729] by Fujii Hironori

• 2 edits in trunk/Source/WebCore

Unreviewed removing a stale FIXME comment
​https://bugs.webkit.org/show_bug.cgi?id=204884

Follows-up for r254323.

• platform/graphics/win/ComplexTextControllerUniscribe.cpp:

(WebCore::ComplexTextController::collectComplexTextRunsForCharacters):
Removed a stale FIXME comment. This comment was added by r23154. r23199
fixed the issue.

5:16 PM Changeset in webkit [254728] by weinig@apple.com

• 10 edits
  1 copy in trunk/Source/WTF

Platform.h is out of control Part 7: Split calling convention macro definitions out of Platform.h and into a new PlatformCallingConventions.h
​https://bugs.webkit.org/show_bug.cgi?id=206377

Reviewed by Anders Carlsson.

As a another step towards cleaning up Platform.h, split out all the calling convention
macros into their own file.

• WTF.xcodeproj/project.pbxproj:
• wtf/CMakeLists.txt:

Add new header.

• wtf/Platform.h:
• wtf/PlatformCPU.h:
• wtf/PlatformEnable.h:
• wtf/PlatformHave.h:
• wtf/PlatformLegacy.h:
• wtf/PlatformOS.h:
• wtf/PlatformUse.h:

Unify indirect inclusion guard.

• wtf/PlatformCallingConventions.h: Copied from Source/WTF/wtf/Platform.h.

5:14 PM Changeset in webkit [254727] by Devin Rousso

• 2 edits in trunk/Source/WebInspectorUI

Web Inspector: show the device settings menu when Web Inspector's debug mode is enabled
​https://bugs.webkit.org/show_bug.cgi?id=206311

Reviewed by Brian Burg.

This only has an effect when Web Inspector is opened and the debug mode is enabled. If so,
the device settings toolbar icon will appear regardless of whether the inspected target is
a remote device or not. Disabling debug mode will not immediately remove the device settings
toolbar icon, but it will not reappear when Web Inspector is next opened (to allow for taking
screenshots and other such things).

• UserInterface/Base/Main.js:

(WI.contentLoaded):

5:08 PM Changeset in webkit [254726] by Nikita Vasilyev

• 2 edits in trunk/Source/WebInspectorUI

REGRESSION(r251487): Web Inspector: selected color in color picker has wrong lightness
​https://bugs.webkit.org/show_bug.cgi?id=206202

Reviewed by Devin Rousso.

Currently, tintedColor setter has two code paths:

• rgb2hsv convertion if the color is defined using color(...) syntax.
• HSL to HSV convertion for any other color.

The latter was defined in the view, was untested, and incorrect.
This patch uses WI.Color.rgb2hsv convertion for all colors. This method is
already covered by tests.

• UserInterface/Views/ColorSquare.js:

(WI.ColorSquare.prototype.set tintedColor):

4:55 PM Changeset in webkit [254725] by Tadeu Zagallo

• 3 edits
  1 add in trunk

JSTests:
Object allocation sinking is missing PutHint for allocations unreachable in the graph
​https://bugs.webkit.org/show_bug.cgi?id=203799
<rdar://problem/56852162>

Reviewed by Saam Barati.

• stress/allocation-sinking-puthint-control-flow-2.js: Added.

(f.handler.construct):
(f):

Source/JavaScriptCore:
Object allocation sinking is missing PutHint for sunken allocations
​https://bugs.webkit.org/show_bug.cgi?id=203799
<rdar://problem/56852162>

Reviewed by Saam Barati.

Consider the following graph:

Block #0:

1: PhantomCreateActivation()
2: PhantomNewFunction()
PutHint(@2, @1, FunctionActivationPLoc)
Branch(#1, #2)

Block #1:

3: MaterializeCreateActivation()
PutHint(@2, @3, FunctionActivationPLoc)
Upsilon(@3, ^5)
Jump(#3)

Block #2:

4: MaterializeCreateActivation()
PutHint(@2, @4, FunctionActivationPLoc)
Upsilon(@4, ^5)
Jump(#3)

Block #3:

5: Phi()
ExitOK()

On Block #3, we need to emit a PutHint after the Phi, since we might exit after it. However,
object allocation sinking skipped this Phi because it was checking whether the base of the
location that caused us to create this Phi (@2) was live, but it's dead in the graph (there
are no pointers to it). The issue is that, even though there are no pointers to the base, the
location PromotedHeapLocation(@2, FunctionActivationPLoc) is still live, so we should PutHint
to it. We fix it by checking for liveness of the location rather than its base.

• dfg/DFGObjectAllocationSinkingPhase.cpp:

4:54 PM Changeset in webkit [254724] by Chris Dumez

• 2 edits in trunk/Source/WebKit

IPC hardening for WebPageProxy::SetPromisedDataForImage message
​https://bugs.webkit.org/show_bug.cgi?id=206380
<rdar://problem/58625196>

Reviewed by Geoffrey Garen.

IPC hardening for WebPageProxy::SetPromisedDataForImage message. Make sure the shared memory handle sent over IPC is not null
and null check the SharedMemory object after calling SharedMemory::map().

• UIProcess/mac/WebPageProxyMac.mm:

(WebKit::WebPageProxy::setPromisedDataForImage):

4:51 PM Changeset in webkit [254723] by commit-queue@webkit.org

• 3 edits in trunk/Source/WebKit

Call AtomString::init in WebKit2Initialize.
<​https://webkit.org/b/206375>
<rdar://problem/58646578>

Patch by Daniel Chen <​thedanielchen@apple.com> on 2020-01-16
Reviewed by Timothy Hatcher.

• Shared/Cocoa/WebKit2InitializeCocoa.mm:

(WebKit::runInitializationCode):

• Shared/WebKit2Initialize.cpp:

(WebKit::InitializeWebKit2):

4:47 PM Changeset in webkit [254722] by rniwa@webkit.org

• 3 edits
  2 adds in trunk

REGRESSION (r251110): Crash on ​https://developer.apple.com/tutorials/swiftui/creating-and-combining-views
​https://bugs.webkit.org/show_bug.cgi?id=206337

Reviewed by Geoffrey Garen.

Source/WebCore:

The crash was caused by RadioButtonGroups::hasCheckedButton getting called by RadioInputType's
matchesIndeterminatePseudoClass during a style update which happens before the input element had a chance
to register itself with RadioButtonGroups in HTMLInputElement::didFinishInsertingNode.

This happens, in particular, when didFinishInsertingNode of other nodes that appear before the input element
executes arbitrary author scripts or otherwise update the style.

Test: fast/forms/match-pseudo-on-radio-before-finalizing-tree-insertion-crash.html

• dom/RadioButtonGroups.cpp:

(WebCore::RadioButtonGroups::hasCheckedButton const):

LayoutTests:

Added a regression test. The test crashes on trunk and causes an infinite loop before r251110.

• fast/forms/match-pseudo-on-radio-before-finalizing-tree-insertion-crash-expected.txt: Added.
• fast/forms/match-pseudo-on-radio-before-finalizing-tree-insertion-crash.html: Added.

4:41 PM Changeset in webkit [254721] by Alan Bujtas

• 4 edits in trunk/Source/WebCore

[LFC][IFC] Optimize LineCandidateContent for the most common type of content
​https://bugs.webkit.org/show_bug.cgi?id=206371
<rdar://problem/58656853>

Reviewed by Antti Koivisto.

Optimize LineCandidateContent and the caller for the most common type of content (text) and also reduce the RunList vector initial size.
We normally pass one or 2 inline items to the LineBreaker in there.

• layout/inlineformatting/InlineLineBreaker.h:
• layout/inlineformatting/LineLayoutContext.cpp:

(WebCore::Layout::LineCandidateContent::appendLineBreak):
(WebCore::Layout::LineCandidateContent::appendFloat):
(WebCore::Layout::LineCandidateContent::appendInlineContent):
(WebCore::Layout::LineLayoutContext::inlineItemWidth const):
(WebCore::Layout::LineLayoutContext::nextContentForLine):
(WebCore::Layout::LineLayoutContext::tryAddingFloatItems):
(WebCore::Layout::LineCandidateContent::append): Deleted.
(WebCore::Layout::inlineItemWidth): Deleted.

• layout/inlineformatting/LineLayoutContext.h:

4:38 PM Changeset in webkit [254720] by Fujii Hironori

• 6 edits
  1 delete in trunk

Unreviewed, rolling out r254678.

API tests failures for Mac port

Reverted changeset:

"KeyedDecoderGeneric crashes when it accesses data with non-
existing key"
​https://bugs.webkit.org/show_bug.cgi?id=205902
​https://trac.webkit.org/changeset/254678

4:15 PM Changeset in webkit [254719] by Chris Dumez

• 3 edits in trunk/Source/WebKit

IPC hardening for WebPageProxy::savePDFToTemporaryFolder* / WebPageProxy::openPDFFromTemporaryFolder* messages
​https://bugs.webkit.org/show_bug.cgi?id=206378
<rdar://problem/58622919>

Reviewed by Geoffrey Garen.

IPC hardening for WebPageProxy::savePDFToTemporaryFolder* / WebPageProxy::openPDFFromTemporaryFolder* messages.
Make sure the UUID passed over IPC is a valid HashMap key.

• UIProcess/WebPageProxy.h:
• UIProcess/mac/WebPageProxyMac.mm:

(WebKit::WebPageProxy::savePDFToTemporaryFolderAndOpenWithNativeApplication):
(WebKit::WebPageProxy::openPDFFromTemporaryFolderWithNativeApplication):

4:13 PM Changeset in webkit [254718] by Chris Dumez

• 3 edits in trunk/Source/WebKit

IPC hardening for WebPageProxy::RegisterAttachmentIdentifier*
​https://bugs.webkit.org/show_bug.cgi?id=206376
<rdar://problem/58622645>

Reviewed by David Kilzer.

IPC hardening for WebPageProxy::RegisterAttachmentIdentifier*, validate identifiers sent over
IPC to make sure they are valid keys in our HashMap.

• UIProcess/WebPageProxy.cpp:
• UIProcess/WebPageProxy.h:

4:06 PM Changeset in webkit [254717] by rmorisset@apple.com

• 6 edits in trunk/Source/JavaScriptCore

Try to simplify the template deduction used by callOperation in DFGSpeculativeJIT
​https://bugs.webkit.org/show_bug.cgi?id=206329

Reviewed by Keith Miller.

The change is very simple: stop using NoResultTag in callOperation, since it is redundant with FunctionTraits<OperationType>::hasResult

• dfg/DFGSlowPathGenerator.h:

(JSC::DFG::CallResultAndArgumentsSlowPathGenerator::unpackAndGenerate):

• dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compilePutAccessorById):
(JSC::DFG::SpeculativeJIT::compilePutGetterSetterById):
(JSC::DFG::SpeculativeJIT::compilePutDynamicVar):
(JSC::DFG::SpeculativeJIT::compilePutAccessorByVal):
(JSC::DFG::SpeculativeJIT::compileDefineDataProperty):
(JSC::DFG::SpeculativeJIT::compileDefineAccessorProperty):
(JSC::DFG::SpeculativeJIT::compilePutByIdWithThis):

• dfg/DFGSpeculativeJIT.h:

(JSC::DFG::SpeculativeJIT::callOperation):

• dfg/DFGSpeculativeJIT32_64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

• dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

3:53 PM Changeset in webkit [254716] by rmorisset@apple.com

• 4 edits
  1 add in trunk

Teach the bytecode that arithmetic operations can return bigints
​https://bugs.webkit.org/show_bug.cgi?id=205416

Reviewed by Yusuke Suzuki.

JSTests:

This file crashes in debug mode without the fix.

• stress/big-int-arithmetic-return-big-int.js: Added.

(fooAdd):
(fooSub):
(fooMul):
(fooDiv):

Source/JavaScriptCore:

Add already has the correct ResultType, but previously Sub/Mult/Div/Mod/Pow/Negate were always claimed to return Number,
and when BigInt is enabled they can also return BigInt.
UnaryPlus is left unchanged as it is invalid on a BigInt (to keep asm.js working as intended).

• parser/NodeConstructors.h:

(JSC::NegateNode::NegateNode):
(JSC::PowNode::PowNode):
(JSC::MultNode::MultNode):
(JSC::DivNode::DivNode):
(JSC::ModNode::ModNode):
(JSC::SubNode::SubNode):

• parser/ResultType.h:

(JSC::ResultType::bigIntOrNumberType): Added.
(JSC::ResultType::forNonAddArith):
(JSC::ResultType::forUnaryArith):

3:26 PM Changeset in webkit [254715] by Alan Coon

• 1 copy in tags/Safari-610.1.1

Tag Safari-610.1.1.

3:24 PM Changeset in webkit [254714] by rmorisset@apple.com

• 46 edits in trunk/Source

Use dataLogIf more regularly
​https://bugs.webkit.org/show_bug.cgi?id=206332

Reviewed by Keith Miller.

Source/JavaScriptCore:

There is lots of code that reads

if (Options::foobar())

dataLogLn("...")

There are a couple of benefits to replacing those by dataLogLnIf(Options::foobar(), "..."):

• Readability, by reducing the number of lines taken by logging
• Less lines appearing as not-taken in test coverage wrongly (wrongly because we probably don't care for the coverage of logging code)
• possibly a tiny perf benefit since dataLogIf correctly uses UNLIKELY.

This patch is a fairly trivial refactoring where I looked for that pattern and replaced it everywhere it appeared in JSC.

• bytecode/BytecodeGeneratorification.cpp:

(JSC::performGeneratorification):

• bytecode/BytecodeLivenessAnalysis.cpp:

(JSC::BytecodeLivenessAnalysis::BytecodeLivenessAnalysis):

• bytecode/CallLinkInfo.cpp:

(JSC::CallLinkInfo::visitWeak):

• bytecode/CodeBlock.cpp:

(JSC::CodeBlock::finalizeLLIntInlineCaches):
(JSC::CodeBlock::noticeIncomingCall):
(JSC::CodeBlock::optimizationThresholdScalingFactor):
(JSC::CodeBlock::optimizeNextInvocation):
(JSC::CodeBlock::dontOptimizeAnytimeSoon):
(JSC::CodeBlock::optimizeAfterWarmUp):
(JSC::CodeBlock::optimizeAfterLongWarmUp):
(JSC::CodeBlock::optimizeSoon):
(JSC::CodeBlock::forceOptimizationSlowPathConcurrently):
(JSC::CodeBlock::setOptimizationThresholdBasedOnCompilationResult):
(JSC::CodeBlock::shouldOptimizeNow):

• bytecode/DFGExitProfile.cpp:

(JSC::DFG::ExitProfile::add):

• dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::parseCodeBlock):

• dfg/DFGCFAPhase.cpp:
• dfg/DFGJITCode.cpp:

(JSC::DFG::JITCode::optimizeNextInvocation):
(JSC::DFG::JITCode::dontOptimizeAnytimeSoon):
(JSC::DFG::JITCode::optimizeAfterWarmUp):
(JSC::DFG::JITCode::optimizeSoon):
(JSC::DFG::JITCode::forceOptimizationSlowPathConcurrently):
(JSC::DFG::JITCode::setOSREntryBlock):

• dfg/DFGJumpReplacement.cpp:

(JSC::DFG::JumpReplacement::fire):

• dfg/DFGOSREntry.cpp:

(JSC::DFG::prepareOSREntry):

• dfg/DFGOSRExit.cpp:

(JSC::DFG::OSRExit::compileExit):

• dfg/DFGObjectAllocationSinkingPhase.cpp:
• dfg/DFGOperations.cpp:
• dfg/DFGPlan.cpp:

(JSC::DFG::Plan::compileInThreadImpl):

• dfg/DFGToFTLDeferredCompilationCallback.cpp:

(JSC::DFG::ToFTLDeferredCompilationCallback::compilationDidBecomeReadyAsynchronously):
(JSC::DFG::ToFTLDeferredCompilationCallback::compilationDidComplete):

• dfg/DFGToFTLForOSREntryDeferredCompilationCallback.cpp:

(JSC::DFG::ToFTLForOSREntryDeferredCompilationCallback::compilationDidBecomeReadyAsynchronously):
(JSC::DFG::ToFTLForOSREntryDeferredCompilationCallback::compilationDidComplete):

• dfg/DFGWorklist.cpp:

(JSC::DFG::Worklist::completeAllReadyPlansForVM):

• ftl/FTLOSREntry.cpp:

(JSC::FTL::prepareOSREntry):

• heap/Heap.cpp:

(JSC::Heap::lastChanceToFinalize):
(JSC::Heap::sweepSynchronously):
(JSC::Heap::collectNow):
(JSC::Heap::runBeginPhase):
(JSC::Heap::runFixpointPhase):
(JSC::Heap::runReloopPhase):
(JSC::Heap::runEndPhase):
(JSC::Heap::finalize):
(JSC::Heap::willStartCollection):
(JSC::Heap::updateAllocationLimits):
(JSC::Heap::notifyIsSafeToCollect):

• heap/MarkStackMergingConstraint.cpp:

(JSC::MarkStackMergingConstraint::prepareToExecuteImpl):

• heap/MarkedSpace.cpp:
• heap/MarkingConstraint.cpp:

(JSC::MarkingConstraint::prepareToExecute):

• heap/MarkingConstraintSet.cpp:

(JSC::MarkingConstraintSet::executeConvergence):
(JSC::MarkingConstraintSet::executeConvergenceImpl):
(JSC::MarkingConstraintSet::executeAll):

• heap/MarkingConstraintSolver.cpp:

(JSC::MarkingConstraintSolver::execute):

• heap/SlotVisitor.cpp:

(JSC::SlotVisitor::appendToMarkStack):
(JSC::SlotVisitor::visitChildren):
(JSC::SlotVisitor::didRace):

• heap/StochasticSpaceTimeMutatorScheduler.cpp:

(JSC::StochasticSpaceTimeMutatorScheduler::beginCollection):
(JSC::StochasticSpaceTimeMutatorScheduler::didExecuteConstraints):

• jit/JIT.cpp:

(JSC::JIT::link):

• jit/JITExceptions.cpp:

(JSC::genericUnwind):

• jit/JITOperations.cpp:
• jit/JITToDFGDeferredCompilationCallback.cpp:

(JSC::JITToDFGDeferredCompilationCallback::compilationDidBecomeReadyAsynchronously):
(JSC::JITToDFGDeferredCompilationCallback::compilationDidComplete):

• jit/JITWorklist.cpp:

(JSC::JITWorklist::Plan::finalize):

• jit/PolymorphicCallStubRoutine.cpp:

(JSC::PolymorphicCallNode::unlink):

• jit/Repatch.cpp:

(JSC::unlinkFor):
(JSC::linkVirtualFor):

• llint/LLIntSlowPaths.cpp:

(JSC::LLInt::jitCompileAndSetHeuristics):
(JSC::LLInt::entryOSR):
(JSC::LLInt::LLINT_SLOW_PATH_DECL):

• parser/ModuleAnalyzer.cpp:

(JSC::ModuleAnalyzer::analyze):

• runtime/JSModuleLoader.cpp:

(JSC::JSModuleLoader::importModule):
(JSC::JSModuleLoader::resolveSync):
(JSC::JSModuleLoader::fetch):
(JSC::JSModuleLoader::evaluate):
(JSC::moduleLoaderModuleDeclarationInstantiation):

• runtime/ScriptExecutable.cpp:

(JSC::ScriptExecutable::installCode):

• runtime/VM.cpp:

(JSC::VM::throwException):

• tools/CompilerTimingScope.cpp:

(JSC::CompilerTimingScope::CompilerTimingScope):
(JSC::CompilerTimingScope::~CompilerTimingScope):

• wasm/WasmMemory.cpp:
• wasm/js/JSWebAssembly.cpp:

(JSC::resolve):

• yarr/YarrJIT.cpp:

(JSC::Yarr::jitCompile):

• yarr/YarrPattern.cpp:

(JSC::Yarr::YarrPattern::compile):

Source/WTF:

• wtf/DataLog.h:

(WTF::dataLog): Marked NEVER_INLINE, since it should never be perf-sensitive

3:14 PM Changeset in webkit [254713] by don.olmstead@sony.com

• 4 edits
  15 adds in trunk

[PlayStation] Enable WebKit
​https://bugs.webkit.org/show_bug.cgi?id=205965

Reviewed by Ross Kirsling.

.:

Turn on build WebKit for the PlayStation port. Temporarily turn off API tests
until the WebKit tests are added.

• Source/cmake/OptionsPlayStation.cmake:

Source/WebKit:

Add the CMake platform for PlayStation. Add stubs for platform specific bits.
This gets us to linking through WebKit.

• Platform/unix/ModuleUnix.cpp: Added.

(WebKit::Module::load):
(WebKit::Module::unload):
(WebKit::Module::platformFunctionPointer const):

• PlatformPlayStation.cmake: Added.
• UIProcess/Launcher/playstation/ProcessLauncherPlayStation.cpp: Added.

(WebKit::ProcessLauncher::launchProcess):
(WebKit::ProcessLauncher::terminateProcess):
(WebKit::ProcessLauncher::platformInvalidate):

• UIProcess/WebPageProxy.h:
• UIProcess/WebsiteData/playstation/WebsiteDataStorePlayStation.cpp: Added.

(WebKit::WebsiteDataStore::platformInitialize):
(WebKit::WebsiteDataStore::platformDestroy):
(WebKit::WebsiteDataStore::platformRemoveRecentSearches):
(WebKit::WebsiteDataStore::defaultApplicationCacheDirectory):
(WebKit::WebsiteDataStore::defaultCacheStorageDirectory):
(WebKit::WebsiteDataStore::defaultNetworkCacheDirectory):
(WebKit::WebsiteDataStore::defaultIndexedDBDatabaseDirectory):
(WebKit::WebsiteDataStore::defaultServiceWorkerRegistrationDirectory):
(WebKit::WebsiteDataStore::defaultLocalStorageDirectory):
(WebKit::WebsiteDataStore::defaultMediaKeysStorageDirectory):
(WebKit::WebsiteDataStore::defaultWebSQLDatabaseDirectory):
(WebKit::WebsiteDataStore::defaultResourceLoadStatisticsDirectory):
(WebKit::WebsiteDataStore::cacheDirectoryFileSystemRepresentation):
(WebKit::WebsiteDataStore::websiteDataDirectoryFileSystemRepresentation):

• UIProcess/playstation/WebPageProxyPlayStation.cpp: Added.

(WebKit::WebPageProxy::platformInitialize):
(WebKit::WebPageProxy::viewBackend):
(WebKit::WebPageProxy::standardUserAgent):
(WebKit::WebPageProxy::saveRecentSearches):
(WebKit::WebPageProxy::loadRecentSearches):
(WebKit::WebPageProxy::updateEditorState):

• UIProcess/playstation/WebProcessPoolPlayStation.cpp: Added.

(WebKit::WebProcessPool::platformInitialize):
(WebKit::WebProcessPool::platformInitializeNetworkProcess):
(WebKit::WebProcessPool::platformInitializeWebProcess):
(WebKit::WebProcessPool::platformInvalidateContext):
(WebKit::WebProcessPool::platformResolvePathsForSandboxExtensions):

• WebProcess/InjectedBundle/playstation/InjectedBundlePlayStation.cpp: Added.

(WebKit::InjectedBundle::initialize):
(WebKit::InjectedBundle::setBundleParameter):
(WebKit::InjectedBundle::setBundleParameters):

• WebProcess/WebPage/playstation/WebPagePlayStation.cpp: Added.

(WebKit::WebPage::platformInitialize):
(WebKit::WebPage::platformReinitialize):
(WebKit::WebPage::platformDetach):
(WebKit::WebPage::performDefaultBehaviorForKeyEvent):
(WebKit::WebPage::platformCanHandleRequest):
(WebKit::WebPage::platformUserAgent const):
(WebKit::WebPage::handleEditingKeyboardEvent):
(WebKit::WebPage::platformEditorState const):

• WebProcess/playstation/WebProcessPlayStation.cpp: Added.

(WebKit::WebProcess::platformInitializeWebProcess):
(WebKit::WebProcess::platformSetWebsiteDataStoreParameters):
(WebKit::WebProcess::platformTerminate):
(WebKit::WebProcess::platformSetCacheModel):

3:04 PM Changeset in webkit [254712] by rmorisset@apple.com

• 2 edits in trunk/Source/JavaScriptCore

Reduce the code generated by DFGSlowPathGenerator.h
​https://bugs.webkit.org/show_bug.cgi?id=206330

Reviewed by Mark Lam.

The FunctionType parameter is only needed by CallResultAndArgumentsSlowPathGenerator, not by its base class CallSlowPathGenerator.
Moving it allows saving about 200kB from JavaScriptCore (in Release mode), by reducing the number of instantiations of the methods of CallSlowPathGenerator.

• dfg/DFGSlowPathGenerator.h:

(JSC::DFG::CallSlowPathGenerator::CallSlowPathGenerator):
(JSC::DFG::CallResultAndArgumentsSlowPathGenerator::CallResultAndArgumentsSlowPathGenerator):

2:57 PM Changeset in webkit [254711] by Chris Dumez

• 7 edits
  1 add in trunk

Regression(r253224) No longer able to prevent a tab from closing via the beforeunload prompt
​https://bugs.webkit.org/show_bug.cgi?id=206366
<rdar://problem/58537467>

Reviewed by Geoffrey Garen.

Source/WebKit:

Change is covered by new API test.

• UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView _tryClose]):
(-[WKWebView _isClosed]):

• UIProcess/API/Cocoa/WKWebViewPrivate.h:

Add new _tryClose / _isClosed SPI on WKWebView in order to write an API test to cover
the change.

• UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::runBeforeUnloadConfirmPanel):
In WebPageProxy::tryClose(), we start a timer before sending the TryClose async IPC to the
WebProcess. We would then stop the timer when receiving the response to the TryClose IPC.
If the timer fires, we would forcefully close the page. The issue was that before answering
the TryClose IPC, the WebContent process would send a sync RunBeforeUnloadConfirmPanel IPC
to the UIProcess to show the confirmation prompt, and this would fail to stop the timer.
WebPageProxy::runBeforeUnloadConfirmPanel() would spin a nested run loop to show the prompt
and we would time out while showing the prompt.

Tools:

tryClose_timeout_fix

• TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
• TestWebKitAPI/Tests/WebKit/beforeunload.html: Added.
• TestWebKitAPI/Tests/WebKitCocoa/ModalAlerts.mm:

(-[SlowBeforeUnloadPromptUIDelegate _webView:runBeforeUnloadConfirmPanelWithMessage:initiatedByFrame:completionHandler:]):
(-[SlowBeforeUnloadPromptUIDelegate webViewDidClose:]):
(TEST):

2:54 PM Changeset in webkit [254710] by jiewen_tan@apple.com

• 5 edits in trunk

[WebAuthn] User Verification (UV) option present on a CTAP2 authenticatorMakeCredential while the authenticator has not advertised support for it
​https://bugs.webkit.org/show_bug.cgi?id=204111
<rdar://problem/57019604>

Reviewed by Brent Fulgham.

Source/WebCore:

Covered by API tests.

• Modules/webauthn/fido/DeviceRequestConverter.cpp:

(fido::encodeMakeCredenitalRequestAsCBOR):
(fido::encodeGetAssertionRequestAsCBOR):
Only set UV if RP requires it.

Tools:

• TestWebKitAPI/Tests/WebCore/CtapRequestTest.cpp:

(TestWebKitAPI::TEST):

• TestWebKitAPI/Tests/WebCore/FidoTestData.h:

2:26 PM Changeset in webkit [254709] by Jon Davis

• 3 edits in trunk/Websites/webkit.org

Add support for categories and custom post types to the social meta plugin
​https://bugs.webkit.org/show_bug.cgi?id=206327

Reviewed by Devin Rousso.

• wp-content/plugins/social-meta.php:
• wp-content/plugins/web-inspector-pages.php:
• wp-content/themes/webkit/archive-web_inspector_page.php:

2:05 PM Changeset in webkit [254708] by ysuzuki@apple.com

• 48 edits
  1 add in trunk

[bmalloc] IsoHeap's initial setup should be small
​https://bugs.webkit.org/show_bug.cgi?id=206214

Reviewed by Michael Saboff.

Source/bmalloc:

Keep IsoHeap related data structures small by using Packed technique. We start using IsoHeap for many classes,
then it is important that we keep metadata for IsoHeap small because these data persistently exists.

1. We pass IsoHeapImpl<> as a parameter instead of holding it unnecessarily.
2. We make some of pointers Packed so that we can keep sizeof(IsoHeapImpl<Config>) small.
3. One of the drawback of PackedPtr is that loading and storing are not atomic. And we pass const std::lock_guard<Mutex>& to functions if functions need to be called with lock so that we ensure that PackedPtr are accessed only when lock is held correctly.

• CMakeLists.txt:
• bmalloc.xcodeproj/project.pbxproj:
• bmalloc/Algorithm.h:

(bmalloc::ctzConstexpr):
(bmalloc::getLSBSetNonZeroConstexpr):

• bmalloc/BPlatform.h:
• bmalloc/DebugHeap.cpp:

(bmalloc::DebugHeap::DebugHeap):

• bmalloc/DebugHeap.h:
• bmalloc/DeferredTrigger.h:
• bmalloc/DeferredTriggerInlines.h:

(bmalloc::DeferredTrigger<trigger>::didBecome):
(bmalloc::DeferredTrigger<trigger>::handleDeferral):

• bmalloc/Environment.cpp:

(bmalloc::Environment::Environment):

• bmalloc/Environment.h:
• bmalloc/Gigacage.cpp:

(bmalloc::PrimitiveDisableCallbacks::PrimitiveDisableCallbacks):

• bmalloc/Heap.cpp:

(bmalloc::Heap::freeableMemory):
(bmalloc::Heap::markAllLargeAsEligibile):
(bmalloc::Heap::decommitLargeRange):
(bmalloc::Heap::scavenge):
(bmalloc::Heap::scavengeToHighWatermark):

• bmalloc/Heap.h:
• bmalloc/HeapConstants.cpp:

(bmalloc::HeapConstants::HeapConstants):

• bmalloc/HeapConstants.h:
• bmalloc/IsoAllocator.h:
• bmalloc/IsoAllocatorInlines.h:

(bmalloc::IsoAllocator<Config>::IsoAllocator):
(bmalloc::IsoAllocator<Config>::allocate):
(bmalloc::IsoAllocator<Config>::allocateSlow):
(bmalloc::IsoAllocator<Config>::scavenge):

• bmalloc/IsoDeallocatorInlines.h:

(bmalloc::IsoDeallocator<Config>::scavenge):

• bmalloc/IsoDirectory.h:
• bmalloc/IsoDirectoryInlines.h:

(bmalloc::passedNumPages>::IsoDirectory):
(bmalloc::passedNumPages>::takeFirstEligible):
(bmalloc::passedNumPages>::didBecome):
(bmalloc::passedNumPages>::didDecommit):
(bmalloc::passedNumPages>::scavengePage):
(bmalloc::passedNumPages>::scavenge):
(bmalloc::passedNumPages>::scavengeToHighWatermark):
(bmalloc::passedNumPages>::forEachCommittedPage):

• bmalloc/IsoHeapImpl.cpp:

(bmalloc::IsoHeapImplBase::IsoHeapImplBase):

• bmalloc/IsoHeapImpl.h:
• bmalloc/IsoHeapImplInlines.h:

(bmalloc::IsoHeapImpl<Config>::IsoHeapImpl):
(bmalloc::IsoHeapImpl<Config>::takeFirstEligible):
(bmalloc::IsoHeapImpl<Config>::didBecomeEligibleOrDecommited):
(bmalloc::IsoHeapImpl<Config>::scavenge):
(bmalloc::IsoHeapImpl<Config>::scavengeToHighWatermark):
(bmalloc::IsoHeapImplBase::freeableMemory):
(bmalloc::IsoHeapImpl<Config>::numLiveObjects):
(bmalloc::IsoHeapImpl<Config>::numCommittedPages):
(bmalloc::IsoHeapImpl<Config>::forEachDirectory):
(bmalloc::IsoHeapImpl<Config>::forEachCommittedPage):
(bmalloc::IsoHeapImpl<Config>::forEachLiveObject):
(bmalloc::IsoHeapImplBase::footprint):
(bmalloc::IsoHeapImplBase::didCommit):
(bmalloc::IsoHeapImplBase::didDecommit):
(bmalloc::IsoHeapImplBase::isNowFreeable):
(bmalloc::IsoHeapImplBase::isNoLongerFreeable):
(bmalloc::IsoHeapImpl<Config>::allocateFromShared):
(bmalloc::IsoHeapImpl<Config>::freeableMemory): Deleted.
(bmalloc::IsoHeapImpl<Config>::footprint): Deleted.
(bmalloc::IsoHeapImpl<Config>::didCommit): Deleted.
(bmalloc::IsoHeapImpl<Config>::didDecommit): Deleted.
(bmalloc::IsoHeapImpl<Config>::isNowFreeable): Deleted.
(bmalloc::IsoHeapImpl<Config>::isNoLongerFreeable): Deleted.

• bmalloc/IsoPage.h:

(bmalloc::IsoPageBase::IsoPageBase):

• bmalloc/IsoPageInlines.h:

(bmalloc::IsoPage<Config>::IsoPage):
(bmalloc::IsoPage<Config>::free):
(bmalloc::IsoPage<Config>::startAllocating):
(bmalloc::IsoPage<Config>::stopAllocating):
(bmalloc::IsoPage<Config>::forEachLiveObject):

• bmalloc/IsoSharedHeap.h:

(bmalloc::IsoSharedHeap::IsoSharedHeap):

• bmalloc/IsoSharedHeapInlines.h:

(bmalloc::IsoSharedHeap::allocateNew):
(bmalloc::IsoSharedHeap::allocateSlow):

• bmalloc/IsoSharedPage.h:
• bmalloc/IsoSharedPageInlines.h:

(bmalloc::IsoSharedPage::free):
(bmalloc::IsoSharedPage::startAllocating):
(bmalloc::IsoSharedPage::stopAllocating):

• bmalloc/IsoTLS.h:
• bmalloc/IsoTLSAllocatorEntry.h:
• bmalloc/IsoTLSAllocatorEntryInlines.h:

(bmalloc::IsoTLSAllocatorEntry<Config>::scavenge):

• bmalloc/IsoTLSDeallocatorEntry.h:
• bmalloc/IsoTLSDeallocatorEntryInlines.h:

(bmalloc::IsoTLSDeallocatorEntry<Config>::scavenge):

• bmalloc/IsoTLSEntry.cpp:

(bmalloc::IsoTLSEntry::IsoTLSEntry):

• bmalloc/IsoTLSEntry.h:
• bmalloc/IsoTLSEntryInlines.h:

(bmalloc::DefaultIsoTLSEntry<EntryType>::DefaultIsoTLSEntry):
(bmalloc::DefaultIsoTLSEntry<EntryType>::~DefaultIsoTLSEntry): Deleted.
(bmalloc::DefaultIsoTLSEntry<EntryType>::scavenge): Deleted.

• bmalloc/IsoTLSInlines.h:

(bmalloc::IsoTLS::scavenge):
(bmalloc::IsoTLS::allocateImpl):
(bmalloc::IsoTLS::allocateFast):
(bmalloc::IsoTLS::allocateSlow):

• bmalloc/IsoTLSLayout.cpp:

(bmalloc::IsoTLSLayout::add):

• bmalloc/Packed.h: Added.

(bmalloc::Packed::Packed):
(bmalloc::Packed::get const):
(bmalloc::Packed::set):
(bmalloc::Packed::operator=):
(bmalloc::Packed::exchange):
(bmalloc::Packed::swap):
(bmalloc::alignof):
(bmalloc::PackedPtrTraits::exchange):
(bmalloc::PackedPtrTraits::swap):
(bmalloc::PackedPtrTraits::unwrap):

• bmalloc/Scavenger.cpp:

(bmalloc::Scavenger::Scavenger):

• bmalloc/Scavenger.h:
• bmalloc/VMHeap.cpp:

(bmalloc::VMHeap::VMHeap):

• bmalloc/VMHeap.h:
• bmalloc/Zone.cpp:

(bmalloc::Zone::Zone):

• bmalloc/Zone.h:

Tools:

• TestWebKitAPI/Tests/WTF/bmalloc/IsoHeap.cpp:

(assertHasObjects):
(assertHasOnlyObjects):
(assertClean):
(TEST):

2:04 PM Changeset in webkit [254707] by commit-queue@webkit.org

• 2 edits in trunk/LayoutTests

[GTK] Gardening indexeddb tests
​https://bugs.webkit.org/show_bug.cgi?id=206370

Unreviewed gardening.

Patch by Lauro Moura <Lauro Moura> on 2020-01-16

• platform/gtk/TestExpectations:

1:45 PM Changeset in webkit [254706] by commit-queue@webkit.org

• 7 edits in trunk/Source/WebKit

Add finite timeout when synchronously terminating a service worker
​https://bugs.webkit.org/show_bug.cgi?id=206325
<rdar://problem/58183380>

Patch by Alex Christensen <​achristensen@webkit.org> on 2020-01-16
Reviewed by Youenn Fablet.

When this message reply is never received, it hangs everything.
If we haven't received verification that a service worker was terminated in 10 seconds, unhang everything
and tell the UI process to terminate the hanging service worker process. Continue handling messages during
these 10 seconds to hopefully turn a bad hang into no perceptible hang.

• NetworkProcess/ServiceWorker/WebSWServerToContextConnection.cpp:

(WebKit::WebSWServerToContextConnection::syncTerminateWorker):

1:31 PM Changeset in webkit [254705] by commit-queue@webkit.org

• 2 edits
  1 add
  1 delete in trunk/LayoutTests

REGRESSION: [ Mac WK2 ] fast/text/international/unicode-bidi-other-neutrals.html is a flaky failure
​https://bugs.webkit.org/show_bug.cgi?id=205808

Patch by Doug Kelly <Doug Kelly> on 2020-01-16
Reviewed by Maciej Stachowiak.

Update the testcase for bidi text runs ending with other neutrals to dumpAsText, instead of trying
to compare visual content.

• fast/text/international/unicode-bidi-other-neutrals-expected.html: Removed.
• fast/text/international/unicode-bidi-other-neutrals-expected.txt: Added.
• fast/text/international/unicode-bidi-other-neutrals.html:

1:30 PM Changeset in webkit [254704] by beidson@apple.com

• 6 edits in trunk

Make the callAsyncJavaScriptFunction function actually be async (so await works).
<rdar://problem/58571682> and ​https://bugs.webkit.org/show_bug.cgi?id=206364

Reviewed by Geoffrey Garen.

Source/WebCore:

Covered by API tests.

• bindings/js/ScriptController.cpp:

(WebCore::ScriptController::callInWorld):

Source/WebKit:

• UIProcess/API/Cocoa/WKWebViewPrivate.h: Update callAsyncJavaScriptFunction: header docs.

Tools:

• TestWebKitAPI/Tests/WebKitCocoa/AsyncFunction.mm:

(TestWebKitAPI::TEST):

1:02 PM Changeset in webkit [254703] by don.olmstead@sony.com

• 26 edits
  1 delete in trunk/Source

Non-unified build fixes mid January 2020 edition
​https://bugs.webkit.org/show_bug.cgi?id=206363

Unreviewed build fix.

Source/JavaScriptCore:

• interpreter/StackVisitor.cpp:

Source/WebCore:

• Headers.cmake:
• css/CSSFontVariationValue.cpp:
• css/CSSValuePool.cpp:
• css/TransformFunctions.cpp:
• css/TransformFunctions.h:
• platform/graphics/ExtendedColor.cpp:
• rendering/svg/SVGRenderSupport.cpp:
• style/StyleResolver.cpp:
• svg/SVGPathByteStreamBuilder.cpp:
• svg/SVGPathByteStreamSource.cpp:
• svg/SVGPathSegListBuilder.cpp:
• svg/SVGPathSegListSource.cpp:
• svg/SVGPreserveAspectRatioValue.cpp:
• svg/SVGZoomAndPan.cpp:
• svg/SVGZoomEvent.cpp:

Source/WebKit:

• NetworkProcess/cache/NetworkCacheBlobStorage.cpp:
• NetworkProcess/curl/NetworkDataTaskCurl.cpp:
• PlatformFTW.cmake:
• PlatformWin.cmake:
• UIProcess/API/APIContentWorld.cpp:
• UIProcess/Automation/WebAutomationSession.cpp:
• WebProcess/WebCoreSupport/WebResourceLoadObserver.cpp:
• WebProcess/WebCoreSupport/win/WebContextMenuClientWin.cpp: Removed.

12:39 PM Changeset in webkit [254702] by Diego Pino Garcia

• 16 edits
  1 delete in trunk/LayoutTests

[GTK] Rebaseline several tests
​https://bugs.webkit.org/show_bug.cgi?id=206355

Unreviewed gardening.

• platform/gtk/css1/text_properties/text_indent-expected.txt:
• platform/gtk/css2.1/t1601-c547-indent-01-d-expected.txt:
• platform/gtk/css3/blending/svg-blend-hard-light-expected.txt:
• platform/gtk/editing/selection/select-bidi-run-expected.txt: Removed.
• platform/gtk/fast/dom/Range/getClientRects-expected.txt:
• platform/gtk/fast/writing-mode/border-styles-vertical-lr-expected.txt:
• platform/gtk/fast/writing-mode/english-bt-text-expected.txt:
• platform/gtk/fast/writing-mode/text-orientation-basic-expected.txt:
• platform/gtk/imported/w3c/web-platform-tests/dom/nodes/Node-cloneNode-expected.txt:
• platform/gtk/imported/w3c/web-platform-tests/fetch/api/basic/request-headers.any.worker-expected.txt:
• platform/gtk/imported/w3c/web-platform-tests/mathml/relations/html5-tree/tabindex-002-expected.txt:
• platform/gtk/imported/w3c/web-platform-tests/svg/import/shapes-ellipse-02-t-manual-expected.txt:
• platform/gtk/imported/w3c/web-platform-tests/svg/import/types-dom-08-f-manual-expected.txt:
• platform/gtk/js/dom/dom-static-property-for-in-iteration-expected.txt:
• platform/gtk/mathml/presentation/bug159513-expected.txt:

12:35 PM Changeset in webkit [254701] by weinig@apple.com

• 5 edits
  1 copy in trunk/Source/WTF

Platform.h is out of control Part 6: Split USE_* macro definitions out of Platform.h and into a new PlatformUse.h
​https://bugs.webkit.org/show_bug.cgi?id=206354

Reviewed by Dan Bernstein.

As a another step towards cleaning up Platform.h, split out all the legacy platform
macros into their own file.

• WTF.xcodeproj/project.pbxproj:
• wtf/CMakeLists.txt:

Add new file.

• wtf/Platform.h: In addition to removing all the USE_* macros, consolidate

all the sub-includes at the top.

• wtf/PlatformEnable.h: Moved ASSERT_ENABLED here from Platform.h,

as it makes more sense here. Eventually should be renamed ro ENABLE_ASSERT
for consistency.

• wtf/PlatformUse.h: Copied from Source/WTF/wtf/Platform.h.

11:55 AM Changeset in webkit [254700] by rniwa@webkit.org

• 2 edits in trunk/Source/WebCore

WK1: arbitrary JS execution while tearing down renderers in Element::addShadowRoot
​https://bugs.webkit.org/show_bug.cgi?id=206335

Reviewed by Antti Koivisto.

Delay the widget hierarchy updates until we're done attaching a shadow root.
Otherwise, WK1 would retry to update the focus synchronously.

• dom/Element.cpp:

(WebCore::Element::addShadowRoot):

11:27 AM Changeset in webkit [254699] by Simon Fraser

• 6 edits in trunk/Tools

fast/forms/ios/zoom-after-input-tap-wide-input.html is timing out
​https://bugs.webkit.org/show_bug.cgi?id=206313

Reviewed by Wenson Hsieh.

The timeout was caused by the previous test, fast/forms/ios/validation-bubble-dismiss-on-tap.html,
which puts up a validation bubble whose implementation involves showing a modal UIViewController.
That view controller disappears with an animation, which happened after we're proceeded to the next
test, and the overlay view could intercept touches thus breaking any subsequent touch-based test.

Fix by having platformResetStateToConsistentValues() wait for the presentedViewController to
go to nil, which requires spinning the runloop.

platformResetStateToConsistentValues() will return false if we fail to remove the presented view controller,
which will trigger a timeout with a log.

• WebKitTestRunner/TestController.cpp:

(WTR::TestController::resetStateToConsistentValues):
(WTR::TestController::platformResetStateToConsistentValues):

• WebKitTestRunner/TestController.h:
• WebKitTestRunner/cocoa/TestControllerCocoa.mm:

(WTR::TestController::cocoaResetStateToConsistentValues):

• WebKitTestRunner/ios/TestControllerIOS.mm:

(WTR::TestController::platformResetStateToConsistentValues):

• WebKitTestRunner/mac/TestControllerMac.mm:

(WTR::TestController::platformResetStateToConsistentValues):

11:17 AM Changeset in webkit [254698] by beidson@apple.com

• 6 edits
  1 copy in trunk/Source/WebKit

REGRESSION: (r254668) [Mac Debug wk2] 21 http/tests/navigation/* tests are crashing with ASSERTION FAILED: world.first != 1.
​https://bugs.webkit.org/show_bug.cgi?id=206357

Unreviewed followup to r254668 to fix tests.

ASSERT is no longer valid.
Also, having the magic constant "1" in code is mysterious. Make it properly named everywhere.

• Shared/ContentWorldShared.h: Copied from Source/WebKit/UIProcess/API/APIUserContentWorld.cpp.
• UIProcess/API/APIContentWorld.cpp:

(API::ContentWorld::pageContentWorld):

• UIProcess/API/APIUserContentWorld.cpp:

(API::UserContentWorld::generateIdentifier):
(API::UserContentWorld::UserContentWorld):

• UIProcess/API/APIUserContentWorld.h:
• WebKit.xcodeproj/project.pbxproj:
• WebProcess/UserContent/WebUserContentController.cpp:

(WebKit::WebUserContentController::addUserContentWorld):

11:15 AM Changeset in webkit [254697] by Truitt Savell

• 2 edits in trunk/LayoutTests

REGRESSION: [ Mac Debug WK1 ] inspector/page/overrideSetting-ICECandidateFilteringEnabled.html is a flaky failure
​https://bugs.webkit.org/show_bug.cgi?id=206362

Unreviewed test gardening.

• platform/mac-wk1/TestExpectations:

11:07 AM Changeset in webkit [254696] by Alan Coon

• 2 edits in branches/safari-610.1.1-branch/Source/WebCore

Cherry-pick r254692. rdar://problem/58480028

REGRESSION (r254291): [ Catalina wk2 Debug ] Flaky ASSERT on fast/images/animated-image-loop-count.html
​https://bugs.webkit.org/show_bug.cgi?id=206068
<rdar://problem/58480028>

Patch by Chris Lord <Chris Lord> on 2020-01-16
Reviewed by Chris Dumez.

No new tests, covered by existing tests.

• platform/graphics/ImageSource.cpp: (WebCore::ImageSource::startAsyncDecodingQueue):

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254692 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:03 AM Changeset in webkit [254695] by Alan Coon

• 1 copy in tags/Safari-609.1.14.2

Tag Safari-609.1.14.2.

10:57 AM Changeset in webkit [254694] by Alan Coon

• 8 edits in branches/safari-609.1.14-branch/Source

Versioning.

10:30 AM Changeset in webkit [254693] by Truitt Savell

• 2 edits in trunk/LayoutTests

REGRESSION (r250655?): [ Mac Debug ] inspector/runtime/promise-native-getter.html is a flaky timeout
​https://bugs.webkit.org/show_bug.cgi?id=206303

Unreviewed test gardening.

• platform/mac/TestExpectations:

10:30 AM Changeset in webkit [254692] by commit-queue@webkit.org

• 2 edits in trunk/Source/WebCore

REGRESSION (r254291): [ Catalina wk2 Debug ] Flaky ASSERT on fast/images/animated-image-loop-count.html
​https://bugs.webkit.org/show_bug.cgi?id=206068
<rdar://problem/58480028>

Patch by Chris Lord <Chris Lord> on 2020-01-16
Reviewed by Chris Dumez.

No new tests, covered by existing tests.

• platform/graphics/ImageSource.cpp:

(WebCore::ImageSource::startAsyncDecodingQueue):

10:24 AM Changeset in webkit [254691] by Truitt Savell

• 2 edits in trunk/LayoutTests

Marking storage/indexeddb/modern/objectstore-autoincrement-types.html as flaky on Debug WK1
​https://bugs.webkit.org/show_bug.cgi?id=199117

Unreviewed test gardening.

• platform/mac-wk1/TestExpectations:

10:15 AM Changeset in webkit [254690] by Truitt Savell

• 2 edits in trunk/LayoutTests

REGRESSION: WK1 Accessibility: ASSERTION FAILED: FontCache::singleton().generation() == m_generation
​https://bugs.webkit.org/show_bug.cgi?id=206241

Unreviewed test gardening.

• platform/mac-wk1/TestExpectations:

10:14 AM Changeset in webkit [254689] by Jonathan Bedard

• 3 edits in trunk/Source/JavaScriptCore

Pass JSToken by const reference
​https://bugs.webkit.org/show_bug.cgi?id=206321

Reviewed by Saam Barati.

• parser/Parser.cpp:

(JSC::Parser<LexerType>::createBindingPattern): Pass JSToken by const reference.

• parser/Parser.h: Ditto.

10:09 AM Changeset in webkit [254688] by youenn@apple.com

• 26 edits
  3 copies
  10 adds in trunk/Source

Add support for MediaStream video track rendering in GPUProcess
​https://bugs.webkit.org/show_bug.cgi?id=206286

Reviewed by Eric Carlson.

Source/WebCore:

Add a way for WebKit layer to create its own specific SampleBufferDisplayLayer.
WebKit layer can set a function pointer that will be used to create SampleBufferDisplayLayer.
If none is provided, LocalSampleBufferDisplayLayer is used.

Update MediaPlayerPrivateMediaStreamAVFObjC to monitor itself its root layer bounds change.
Conversely, LocalSampleBufferDisplayLayer no longer monitors its root layer bounds change.
This removes the need for SampleBufferDisplayLayer::Client to be notified of bounds change.
We add an API to update the root layer bounds of a LocalSampleBufferDisplayLayer as well,
this API being used by GPUProcess to mirror changes done to WebProcess root layer.

WebRTC incoming video tracks do not have presentation timestamps so we mark them as kCMSampleAttachmentKey_DisplayImmediately.
This is currently lost when doing IPC from WebProcess to NetworkProcess. Add this information for every enqueued sample in LocalSampleBufferDisplayLayer.
We might want in the future to serialize all attachments of the sample.

Manually tested.

• SourcesCocoa.txt:
• WebCore.xcodeproj/project.pbxproj:
• platform/graphics/avfoundation/SampleBufferDisplayLayer.cpp: Added.

(WebCore::SampleBufferDisplayLayer::setCreator):
(WebCore::SampleBufferDisplayLayer::create):

• platform/graphics/avfoundation/SampleBufferDisplayLayer.h:
• platform/graphics/avfoundation/objc/LocalSampleBufferDisplayLayer.h:
• platform/graphics/avfoundation/objc/LocalSampleBufferDisplayLayer.mm:

(-[WebAVSampleBufferStatusChangeListener invalidate]):
(-[WebAVSampleBufferStatusChangeListener start]):
(-[WebAVSampleBufferStatusChangeListener stop]):
(-[WebAVSampleBufferStatusChangeListener observeValueForKeyPath:ofObject:change:context:]):
(WebCore::LocalSampleBufferDisplayLayer::LocalSampleBufferDisplayLayer):
(WebCore::LocalSampleBufferDisplayLayer::~LocalSampleBufferDisplayLayer):
(WebCore::LocalSampleBufferDisplayLayer::updateBoundsAndPosition):
(WebCore::LocalSampleBufferDisplayLayer::enqueueSample):

• platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h:
• platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:

(-[WebRootSampleBufferBoundsChangeListener initWithParent:]):
(-[WebRootSampleBufferBoundsChangeListener dealloc]):
(-[WebRootSampleBufferBoundsChangeListener invalidate]):
(-[WebRootSampleBufferBoundsChangeListener start]):
(-[WebRootSampleBufferBoundsChangeListener stop]):
(-[WebRootSampleBufferBoundsChangeListener observeValueForKeyPath:ofObject:change:context:]):
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::MediaPlayerPrivateMediaStreamAVFObjC):
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::~MediaPlayerPrivateMediaStreamAVFObjC):
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::ensureLayers):
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::rootLayer const):
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateDisplayLayer):
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::rootLayerBoundsDidChange):

• platform/graphics/cg/PDFDocumentImage.cpp:

Unified build fix.

Source/WebKit:

Implement WebProcess SampleBufferDisplayLayer and GPUProcess RemoteSampleBufferDisplayLayer.
RemoteSampleBufferDisplayLayer is a wrapper around LocalSampleBufferDisplayLayer.

A synchronous IPC is used at creation time of the layer to make sure we have a shared layer synchronously.
Future refactoring should allow to remove that constraint as done in regular video playing.

Override SampleBufferDisplayLayer create function pointer when rendering is to be done in GPUProcess.

• DerivedSources-input.xcfilelist:
• DerivedSources-output.xcfilelist:
• DerivedSources.make:
• GPUProcess/GPUConnectionToWebProcess.cpp:

(WebKit::GPUConnectionToWebProcess::sampleBufferDisplayLayerManager):
(WebKit::GPUConnectionToWebProcess::didReceiveMessage):
(WebKit::GPUConnectionToWebProcess::didReceiveSyncMessage):

• GPUProcess/GPUConnectionToWebProcess.h:
• GPUProcess/webrtc/RemoteSampleBufferDisplayLayer.cpp: Added.

(WebKit::RemoteSampleBufferDisplayLayer::create):
(WebKit::RemoteSampleBufferDisplayLayer::RemoteSampleBufferDisplayLayer):
(WebKit::RemoteSampleBufferDisplayLayer::~RemoteSampleBufferDisplayLayer):
(WebKit::RemoteSampleBufferDisplayLayer::contextID):
(WebKit::RemoteSampleBufferDisplayLayer::bounds const):
(WebKit::RemoteSampleBufferDisplayLayer::updateDisplayMode):
(WebKit::RemoteSampleBufferDisplayLayer::updateAffineTransform):
(WebKit::RemoteSampleBufferDisplayLayer::updateBoundsAndPosition):
(WebKit::RemoteSampleBufferDisplayLayer::flush):
(WebKit::RemoteSampleBufferDisplayLayer::flushAndRemoveImage):
(WebKit::RemoteSampleBufferDisplayLayer::enqueueSample):
(WebKit::RemoteSampleBufferDisplayLayer::clearEnqueuedSamples):
(WebKit::RemoteSampleBufferDisplayLayer::messageSenderConnection const):
(WebKit::RemoteSampleBufferDisplayLayer::sampleBufferDisplayLayerStatusDidChange):
(WebKit::RemoteSampleBufferDisplayLayer::streamTime const):

• GPUProcess/webrtc/RemoteSampleBufferDisplayLayer.h: Added.
• GPUProcess/webrtc/RemoteSampleBufferDisplayLayer.messages.in: Added.
• GPUProcess/webrtc/RemoteSampleBufferDisplayLayerManager.cpp: Added.

(WebKit::RemoteSampleBufferDisplayLayerManager::RemoteSampleBufferDisplayLayerManager):
(WebKit::RemoteSampleBufferDisplayLayerManager::didReceiveLayerMessage):
(WebKit::RemoteSampleBufferDisplayLayerManager::createLayer):
(WebKit::RemoteSampleBufferDisplayLayerManager::releaseLayer):

• GPUProcess/webrtc/RemoteSampleBufferDisplayLayerManager.h: Added.
• GPUProcess/webrtc/RemoteSampleBufferDisplayLayerManager.messages.in: Added.
• Scripts/webkit/messages.py:
• Shared/WebCoreArgumentCoders.h:
• Shared/mac/WebCoreArgumentCodersMac.mm:

(IPC::ArgumentCoder<CGRect>::encode):
(IPC::ArgumentCoder<CGRect>::decode):
(IPC::ArgumentCoder<CGSize>::encode):
(IPC::ArgumentCoder<CGSize>::decode):
(IPC::ArgumentCoder<CGPoint>::encode):
(IPC::ArgumentCoder<CGPoint>::decode):
(IPC::ArgumentCoder<CGAffineTransform>::encode):
(IPC::ArgumentCoder<CGAffineTransform>::decode):

• Sources.txt:
• SourcesCocoa.txt:
• WebKit.xcodeproj/project.pbxproj:
• WebProcess/GPU/GPUProcessConnection.cpp:

(WebKit::GPUProcessConnection::sampleBufferDisplayLayerManager):
(WebKit::GPUProcessConnection::didReceiveMessage):

• WebProcess/GPU/GPUProcessConnection.h:
• WebProcess/GPU/media/RemoteMediaPlayerManager.cpp:

(WebKit::RemoteMediaPlayerManager::updatePreferences):

• WebProcess/GPU/webrtc/SampleBufferDisplayLayer.cpp: Added.

(WebKit::SampleBufferDisplayLayer::create):
(WebKit::SampleBufferDisplayLayer::SampleBufferDisplayLayer):
(WebKit::SampleBufferDisplayLayer::~SampleBufferDisplayLayer):
(WebKit::SampleBufferDisplayLayer::didFail const):
(WebKit::SampleBufferDisplayLayer::updateDisplayMode):
(WebKit::SampleBufferDisplayLayer::bounds const):
(WebKit::SampleBufferDisplayLayer::updateAffineTransform):
(WebKit::SampleBufferDisplayLayer::updateBoundsAndPosition):
(WebKit::SampleBufferDisplayLayer::flush):
(WebKit::SampleBufferDisplayLayer::flushAndRemoveImage):
(WebKit::SampleBufferDisplayLayer::enqueueSample):
(WebKit::SampleBufferDisplayLayer::clearEnqueuedSamples):
(WebKit::SampleBufferDisplayLayer::rootLayer):
(WebKit::SampleBufferDisplayLayer::setDidFail):
(WebKit::SampleBufferDisplayLayer::boundsChanged):

• WebProcess/GPU/webrtc/SampleBufferDisplayLayer.h: Added.
• WebProcess/GPU/webrtc/SampleBufferDisplayLayer.messages.in: Added.
• WebProcess/GPU/webrtc/SampleBufferDisplayLayerIdentifier.h: Added.
• WebProcess/GPU/webrtc/SampleBufferDisplayLayerManager.cpp: Added.

(WebKit::SampleBufferDisplayLayerManager::didReceiveLayerMessage):
(WebKit::SampleBufferDisplayLayerManager::createLayer):
(WebKit::SampleBufferDisplayLayerManager::addLayer):
(WebKit::SampleBufferDisplayLayerManager::removeLayer):

• WebProcess/GPU/webrtc/SampleBufferDisplayLayerManager.h: Added.
• WebProcess/WebProcess.h:

9:26 AM Changeset in webkit [254687] by mark.lam@apple.com

• 3 edits
  1 add in trunk

operationToObject() should check for a null errorMessage.
​https://bugs.webkit.org/show_bug.cgi?id=206339
<rdar://problem/58449666>

Reviewed by Yusuke Suzuki.

JSTests:

• stress/operationToObject-should-check-for-null-errorMessage.js: Added.

Source/JavaScriptCore:

r224280 introduced operationToObject() with an option to specify a custom error
message. r254252 added a scenario where the passed in error message is null but
did not update operationToObject() to allow for this. This patch adds the
missing null check.

• dfg/DFGOperations.cpp:

9:06 AM Changeset in webkit [254686] by Diego Pino Garcia

• 1 edit
  8 deletes in trunk/LayoutTests

[WPE] Rebaseline of several tests
​https://bugs.webkit.org/show_bug.cgi?id=206351

Unreviewed gardening.

• platform/wpe/fast/history/page-cache-webdatabase-pending-transaction-expected.txt: Removed.
• platform/wpe/fast/visual-viewport/rubberbanding-viewport-rects-extended-background-expected.txt: Removed.
• platform/wpe/imported/w3c/web-platform-tests/service-workers/service-worker/fetch-frame-resource.https-expected.txt: Removed.
• platform/wpe/imported/w3c/web-platform-tests/websockets/closing-handshake/003-expected.txt: Removed.
• platform/wpe/imported/w3c/web-platform-tests/xhr/send-redirect-infinite-expected.txt: Removed.
• platform/wpe/imported/w3c/web-platform-tests/xhr/send-redirect-infinite-sync-expected.txt: Removed.
• platform/wpe/imported/w3c/web-platform-tests/xhr/xmlhttprequest-network-error-expected.txt: Removed.
• platform/wpe/imported/w3c/web-platform-tests/xhr/xmlhttprequest-network-error-sync-expected.txt: Removed.

8:27 AM Changeset in webkit [254685] by Philippe Normand

• 2 edits in trunk/Source/WebCore

[Texmap] Remove unused private variable
​https://bugs.webkit.org/show_bug.cgi?id=206230

Patch by Víctor Manuel Jáquez Leal <​vjaquez@igalia.com> on 2020-01-16
Reviewed by David Kilzer.

Remove m_textureID, an unused private variable.

No functional changes.

• platform/graphics/texmap/TextureMapperPlatformLayerBuffer.h:

8:14 AM Changeset in webkit [254684] by commit-queue@webkit.org

• 2 edits in trunk/Source/WebCore

[GStreamer] Several buffering fixes
​https://bugs.webkit.org/show_bug.cgi?id=206234

Patch by Thibault Saunier <​tsaunier@igalia.com> on 2020-01-16
Reviewed by Xabier Rodriguez-Calvar.

No new tests as this is already tested.

• platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

(WebCore::MediaPlayerPrivateGStreamer::durationChanged): Minor typo fix
(WebCore::MediaPlayerPrivateGStreamer::fillTimerFired): Query buffering on the pipeline not the source

otherwise GstBaseSrc returns some useless values before downloadbuffer actually gives us the
info about DOWNLOAD buffering status.

(WebCore::MediaPlayerPrivateGStreamer::handleMessage):

• Detect when DOWNLOAD is done by using the downloadbuffer GstCacheDownloadComplete element message which is what is supposed to be used for that purpose.
• Fix the way we detect that buffering is done (mostly when using a downloadbuffer) by relying on a buffering query to check if it is still buffering.

(WebCore::MediaPlayerPrivateGStreamer::updateBufferingStatus): Ensure that we properly pause the pipeline when

restarting buffering. There were cases when not using downloadbuffer where we didn't pause the pipeline
leading to pretty bad user experience.

(WebCore::MediaPlayerPrivateGStreamer::updateStates): Buffering should happen only on non live pipelines.

8:04 AM Changeset in webkit [254683] by ddkilzer@apple.com

• 10 edits in trunk/Source

Enable -Wconditional-uninitialized in WebInspectorUI, WebKitLegacy, WebKit projects
<​https://webkit.org/b/206270>
<rdar://problem/58589767>

Reviewed by Tim Horton.

• Configurations/Base.xcconfig:

(WARNING_CFLAGS): Add -Wconditional-uninitialized switch.
Source/WebKit:

• UIProcess/Automation/WebAutomationSession.cpp:

(WebKit::WebAutomationSession::performInteractionSequence):
Initialize x, y stack variables since the compiler can't
reason about the behavior of JSON::Object::getInteger().

• WebProcess/Plugins/PDF/PDFPlugin.mm:

(WebKit::getAllScriptsInPDFDocument): Initialize length stack
variable. Also add check that length is non-zero.

Source/WebKitLegacy/mac:

• Plugins/WebNetscapePluginView.mm:

(-[WebNetscapePluginView scheduleTimerWithInterval:repeat:timerFunc:]):
Initialize slot stack variable.

• WebView/WebPDFDocumentExtras.mm:

(allScriptsInPDFDocument): Initialize length stack variable.
Also add check that length is non-zero.

7:57 AM Changeset in webkit [254682] by Philippe Normand

• 15 edits in trunk

[GStreamer][WPE] Client-side video rendering support
​https://bugs.webkit.org/show_bug.cgi?id=206289

Patch by Philippe Normand <​philn@igalia.com> on 2020-01-16
Reviewed by Xabier Rodriguez-Calvar.

.:

Add a new compile-time option to enable client-side video
rendering support. With this feature enabled the UIProcess will be
in charge of positioning and rendering video surfaces, thanks to
the WPEBackend-FDO video-plane-display-dmabuf protocol.

• Source/cmake/GStreamerDefinitions.cmake: Add

USE_WPE_VIDEO_PLANE_DISPLAY_DMABUF CMake option, disabled by
default.

• Source/cmake/GStreamerDependencies.cmake: This new option

depends on GStreamer-GL.

• Source/cmake/OptionsWPE.cmake: It depends also on the presence

of the WPEBackend-FDO library.

Source/WebCore:

With the WPE_VIDEO_PLANE_DISPLAY_DMABUF option enabled the player
will render a transparent placeholder for videos, using the
HolePunch code path. Then it is up to the UIProcess to listen to
the incoming video dmabufs and render them. This allows the
browser to use Wayland protocols related with Protection (HDCP,
for instance).

• PlatformWPE.cmake:
• platform/graphics/gstreamer/GRefPtrGStreamer.cpp:

(WTF::adoptGRef):
(WTF::refGPtr<GstEGLImage>):
(WTF::derefGPtr<GstEGLImage>):

• platform/graphics/gstreamer/GRefPtrGStreamer.h:
• platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

(WebCore::GstVideoFrameHolder::GstVideoFrameHolder):
(WebCore::GstVideoFrameHolder::handoffVideoDmaBuf):
(WebCore::GstVideoFrameHolder::waitForCPUSync):
(WebCore::GstVideoFrameHolder::updateTexture):
(WebCore::MediaPlayerPrivateGStreamer::MediaPlayerPrivateGStreamer):
(WebCore::MediaPlayerPrivateGStreamer::~MediaPlayerPrivateGStreamer):
(WebCore::MediaPlayerPrivateGStreamer::didEnd):
(WebCore::GStreamerDMABufHolePunchClient::GStreamerDMABufHolePunchClient):
(WebCore::MediaPlayerPrivateGStreamer::pushTextureToCompositor):

• platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:

Tools:

• wpe/jhbuild.modules: Bump to libwpe and wpebackend-fdo git

snapshots, until 1.5.x releases are published.

7:56 AM Changeset in webkit [254681] by pvollan@apple.com

• 13 edits
  2 adds in trunk

[Win] Fix AppleWin build
​https://bugs.webkit.org/show_bug.cgi?id=206299

Reviewed by Brent Fulgham.

.:

This patch has been created by ​don.olmstead@sony.com and ​pvollan@apple.com. Add target files for WTF and
JavaScriptCore. Also, to make sure headers are copied to the forwarding headers directory, add the CMake
keywork ALL when adding custom target for copying files.

• Source/cmake/TargetJavaScriptCore.cmake: Added.
• Source/cmake/TargetWTF.cmake: Added.
• Source/cmake/WebKitMacros.cmake:

Source/JavaScriptCore:

Include required target. Build internal builds with VS2019.

• CMakeLists.txt:
• JavaScriptCore.vcxproj/JavaScriptCore.proj:

Source/WebCore:

Include required targets. Build internal builds with VS2019.

• CMakeLists.txt:
• WebCore.vcxproj/WebCore.proj:

Source/WebKitLegacy:

Include required targets. Build internal builds with VS2019.

• CMakeLists.txt:
• WebKitLegacy.vcxproj/WebKitLegacy.proj:

Source/WTF:

Build internal builds with VS2019.

• WTF.vcxproj/WTF.proj:

7:43 AM Changeset in webkit [254680] by commit-queue@webkit.org

• 4 edits in trunk/Source/WebCore

Do not detect the stopped animations in Nicosia::Animation to avoid flashback
​https://bugs.webkit.org/show_bug.cgi?id=206280

Patch by Tomoki Imai <Tomoki Imai> on 2020-01-16
Reviewed by Carlos Garcia Campos.

This fixes the animation flashback issue found in ​https://webkit.org/blog-files/3d-transforms/morphing-cubes.html.
The flashback was caused by using the old layer transform matrix saved when the animation has been started.

The root cause is an inconsistency of animation state in Nicosia::Animation and CoordinatedGraphicsLayer.
For Nicosia::Animation, ThreadedCompositor increases MonitonicTime for animation every frame, and calls Nicosia::Animation::apply.
For CoordinatedGraphicsLayer, CSSAnimationController updates animations list and if the animation has been finished it updates CSS value.
There is a chance to use old layer state while the Nicosia::Animation stopped, but CoordinatedGraphicsLayer still obtains old CSS value and animations.

In this patch, all the Nicosia::Animation is considered to have "AnimationFillMode::Forwards" or "AnimationFillMode::Both",
which means they are active and use the last position when the animation is stopped.
Stopping and removing animations should be only done by CSSAnimationController and CoordinatedGraphicsScene
as they can remove the animation from the list and update the CSS value at the same time.

Mac implementation GraphicsLayerCA has a similar logic, it replaces AnimationFillMode with Forwards or Both.
​https://trac.webkit.org/browser/webkit/trunk/Source/WebCore/platform/graphics/ca/GraphicsLayerCA.cpp?rev=254502#L3248

Tested manually with ​https://webkit.org/blog-files/3d-transforms/morphing-cubes.html

• platform/graphics/nicosia/NicosiaAnimation.cpp:

(Nicosia::Animation::apply): Return the last value for stopped animations to avoid flickering
(Nicosia::Animation::isActive const): Removed. It should always return true because
all the animations are considered as fillsForwards in Nicosia::Animation to avoid flashback.
(Nicosia::Animations::hasActiveAnimationsOfType const): Remove isActive check.
(Nicosia::Animations::getActiveAnimations() const): Removed. It returns whole animations list because all the animations are active.

• platform/graphics/nicosia/NicosiaAnimation.h:
• platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:

(WebCore::CoordinatedGraphicsLayer::flushCompositingStateForThisLayerOnly):

7:38 AM Changeset in webkit [254679] by Antti Koivisto

• 2 edits in trunk/Source/WebCore

[LFC][IFC] TextUtil::width should use StringView for substrings
​https://bugs.webkit.org/show_bug.cgi?id=206346

Reviewed by Zalan Bujtas.

• layout/inlineformatting/text/TextUtil.cpp:

(WebCore::Layout::TextUtil::width):

7:01 AM Changeset in webkit [254678] by commit-queue@webkit.org

• 6 edits
  1 add in trunk

KeyedDecoderGeneric crashes when it accesses data with non-existing key
​https://bugs.webkit.org/show_bug.cgi?id=205902

Patch by Takashi Komori <​Takashi.Komori@sony.com> on 2020-01-16
Reviewed by Fujii Hironori.

Source/WebCore:

Add null check function for KeyedDecoderGeneric.

Test: TestWebKitAPI/Tests/WebCore/KeyedCodingGeneric.cpp

• platform/generic/KeyedDecoderGeneric.cpp:

(WebCore::KeyedDecoderGeneric::Dictionary::get):
(WebCore::KeyedDecoderGeneric::getPointerFromDictionaryStack):
(WebCore::KeyedDecoderGeneric::decodeSimpleValue):
(WebCore::KeyedDecoderGeneric::decodeBytes):
(WebCore::KeyedDecoderGeneric::decodeBool):
(WebCore::KeyedDecoderGeneric::decodeUInt32):
(WebCore::KeyedDecoderGeneric::decodeUInt64):
(WebCore::KeyedDecoderGeneric::decodeInt32):
(WebCore::KeyedDecoderGeneric::decodeInt64):
(WebCore::KeyedDecoderGeneric::decodeFloat):
(WebCore::KeyedDecoderGeneric::decodeDouble):
(WebCore::KeyedDecoderGeneric::decodeString):
(WebCore::KeyedDecoderGeneric::beginObject):
(WebCore::KeyedDecoderGeneric::beginArray):

• platform/generic/KeyedDecoderGeneric.h:

Tools:

• TestWebKitAPI/CMakeLists.txt:
• TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
• TestWebKitAPI/Tests/WebCore/KeyedCoding.cpp: Added.

(TestWebKitAPI::checkDecodedBytes):
(TestWebKitAPI::TEST):
(TestWebKitAPI::testSimpleValue):
(TestWebKitAPI::KeyedCodingTestObject::encode):
(TestWebKitAPI::KeyedCodingTestObject::decode):
(TestWebKitAPI::KeyedCodingTestObject::KeyedCodingTestObject):
(TestWebKitAPI::KeyedCodingTestObject::equals const):
(TestWebKitAPI::operator==):

6:47 AM Changeset in webkit [254677] by Carlos Garcia Campos

• 2 edits in trunk/Source/WebKit

[GTK][WPE] Web process crash when IM tries to delete surrounding text
​https://bugs.webkit.org/show_bug.cgi?id=206352

Reviewed by Adrian Perez de Castro.

TextIterator::rangeFromLocationAndLength() can return nullptr when the start of the range can't be found.

• WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::deleteSurrounding): Return early if selectionRange is nullptr.

6:47 AM Changeset in webkit [254676] by weinig@apple.com

• 4 edits
  1 copy in trunk/Source/WTF

Platform.h is out of control Part 5: Split HAVE_* macro definitions out of Platform.h and into a new PlatformHave.h
​https://bugs.webkit.org/show_bug.cgi?id=206307

Reviewed by Anders Carlsson.

• WTF.xcodeproj/project.pbxproj:
• wtf/CMakeLists.txt:
• wtf/Platform.h:
• wtf/PlatformHave.h: Copied from Source/WTF/wtf/Platform.h.

6:44 AM Changeset in webkit [254675] by Carlos Garcia Campos

• 4 edits in trunk

[GTK][WPE] Password field doesn't get input method
​https://bugs.webkit.org/show_bug.cgi?id=34285

Reviewed by Žan Doberšek.

Source/WebCore:

Allow input methods in password fields for GTK and WPE ports, since the input methods are notified that the
active editable element is a password field.

• html/PasswordInputType.cpp:

(WebCore::PasswordInputType::shouldUseInputMethod const):

Tools:

Enable the test case for password field.

• TestWebKitAPI/Tests/WebKitGLib/TestInputMethodContext.cpp:

(testWebKitInputMethodContextContentType):

5:21 AM Changeset in webkit [254674] by Caio Lima

• 13 edits in trunk/Source/JavaScriptCore

[JSC] 32-bit platforms should use a PC base register
​https://bugs.webkit.org/show_bug.cgi?id=203563

Reviewed by Keith Miller.

We are moving 32-bits LLInt implementation to follow the model useb by
64-bits architectures. It means that we now use PC and PB registers to
represent current Instruction. This patch will reduce the changes
we have from those architectures and mainly allow the usage of new
version of BytecodeIndex::m_packedBits. This also allow us remove
divergences on CallSiteIndex.
The change required the inclusion of a new callee-save register on
ARMv7 (r10), MIPS($s1) and CLOOP. Further changes necessary for
Baseline and DFG will come in a following patch.

• assembler/MIPSRegisters.h:
• interpreter/CallFrame.cpp:
• jit/GPRInfo.h:

(JSC::GPRInfo::toRegister):
(JSC::GPRInfo::toIndex):

• jit/RegisterSet.cpp:

(JSC::RegisterSet::vmCalleeSaveRegisters):
(JSC::RegisterSet::llintBaselineCalleeSaveRegisters):

• llint/LLIntData.h:
• llint/LLIntSlowPaths.cpp:

(JSC::LLInt::LLINT_SLOW_PATH_DECL):

• llint/LowLevelInterpreter.asm:
• llint/LowLevelInterpreter.cpp:

(JSC::CLoop::execute):

• llint/LowLevelInterpreter32_64.asm:
• llint/LowLevelInterpreter64.asm:
• offlineasm/arm.rb:
• offlineasm/mips.rb:

4:44 AM Changeset in webkit [254673] by Fujii Hironori

• 2 edits in trunk/Source/WebCore

Unreviewed build fix for curl.
​https://bugs.webkit.org/show_bug.cgi?id=206261

ResourceHandleCurl.cpp(157): error C2664: cannot convert argument 6 from 'WTF::RefPtr<WebCore::SynchronousLoaderMessageQueue,WTF::DumbPtrTraits<T>>' to 'WTF::RefPtr<WebCore::SynchronousLoaderMessageQueue,WTF::DumbPtrTraits<T>> &&'

• platform/network/curl/ResourceHandleCurl.cpp:

(WebCore::ResourceHandle::createCurlRequest):

4:13 AM Changeset in webkit [254672] by commit-queue@webkit.org

• 11 edits in trunk

Fetch: URL parser not always using UTF-8
​https://bugs.webkit.org/show_bug.cgi?id=178008

Patch by Rob Buis <​rbuis@igalia.com> on 2020-01-16
Reviewed by Youenn Fablet.

LayoutTests/imported/w3c:

Update improved test result.

• web-platform-tests/fetch/api/request/url-encoding-expected.txt:

Source/WebCore:

Make sure fetch requests run the URL parser with a UTF-8 decoder.

Test: web-platform-tests/fetch/api/request/url-encoding.html

• Modules/fetch/FetchRequest.cpp:

(WebCore::FetchRequest::initializeWith):

• dom/Document.cpp:

(WebCore::Document::completeURL const):

• dom/Document.h:
• dom/ScriptExecutionContext.h:
• workers/WorkerGlobalScope.cpp:

(WebCore::WorkerGlobalScope::completeURL const):

• workers/WorkerGlobalScope.h:
• worklets/WorkletGlobalScope.cpp:

(WebCore::WorkletGlobalScope::completeURL const):

• worklets/WorkletGlobalScope.h:

3:36 AM Changeset in webkit [254671] by ddkilzer@apple.com

• 2 edits in trunk/Source/WebCore/PAL

Attempt to fix internal iOS Debug builds

Source/WebCore/platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:2723:46: error: multiple methods named 'name' found [-Werror,-Wobjc-multiple-method-names]

auto outputDeviceName = adoptNS([[outputDevice name] copy]);

• pal/spi/mac/AVFoundationSPI.h: Import header that defines

-[AVOutputDevice name].

2:43 AM Changeset in webkit [254670] by aboya@igalia.com

• 3 edits
  6 adds in trunk

[MSE] Don't enqueue samples that start at a big discontinuity
​https://bugs.webkit.org/show_bug.cgi?id=201323

Source/WebCore:

With the old logic SourceBuffer was enqueueing the first frame to be
appended in any circumstances. This was a bug because the user could
append first [5, 10) and then [0, 5). With the old behavior [5, 10)
would be enqueued first despite being clearly ahead of the initial
playback time (zero). By the time [0, 5) is enqueued it can't be
enqueued anymore because the decodeQueue is already ahead.

This patch fixes that logic to work when the first segments are
appended unordered. The test media-source-first-append-not-starting-at-zero.html
validates it.

The test media-source-append-presentation-durations.html checks the
new logic does not break in presence of presentation duration !=
decode duration.

As part of the same logic block, the lastEnqueuedPresentationTime was
used to decide when it's necessary to perform reenqueue after an
.erase() (it is necessary if any enqueued frames are replaced). Using
lastEnqueuedPresentationTime was not entirely accurate in presence of
B-frames, as you could erase a frame that has a presentation time
higher than the last enqueued one. That logic is replaced with a
monotonicly increasing highestEnqueuedPresentationTime and is tested
by media-source-remove-b-frame.html.

Reviewed by Xabier Rodriguez-Calvar.

Tests: media/media-source/media-source-append-presentation-durations.html

media/media-source/media-source-first-append-not-starting-at-zero.html
media/media-source/media-source-remove-b-frame.html

• Modules/mediasource/SourceBuffer.cpp:

(WebCore::SourceBuffer::TrackBuffer::TrackBuffer):
(WebCore::SourceBuffer::removeCodedFrames):
(WebCore::SourceBuffer::sourceBufferPrivateDidReceiveSample):
(WebCore::SourceBuffer::provideMediaData):
(WebCore::SourceBuffer::reenqueueMediaForTime):
(WebCore::SourceBuffer::TrackBuffer::lastEnqueuedDecodeDuration): Deleted.

LayoutTests:

Reviewed by Xabier Rodriguez-Calvar.

• media/media-source/media-source-append-presentation-durations.html: Added.
• media/media-source/media-source-first-append-not-starting-at-zero.html: Added.
• media/media-source/media-source-remove-b-frame.html: Added.

2:32 AM Changeset in webkit [254669] by cathiechen

• 27 edits in trunk

Mapping HTML attributes width/height to the default aspect ratio of <img>
​https://bugs.webkit.org/show_bug.cgi?id=201641

Reviewed by Frédéric Wang

LayoutTests/imported/w3c:

assert_ratio(images[5], 133/106) in img-aspect-ratio.html still fails because of bug 206161.

• web-platform-tests/html/rendering/replaced-elements/attributes-for-embedded-content-and-images/canvas-aspect-ratio.html:
• web-platform-tests/html/rendering/replaced-elements/attributes-for-embedded-content-and-images/content-aspect-ratio.html:
• web-platform-tests/html/rendering/replaced-elements/attributes-for-embedded-content-and-images/img-aspect-ratio-expected.txt:
• web-platform-tests/html/rendering/replaced-elements/attributes-for-embedded-content-and-images/img-aspect-ratio.html:
• web-platform-tests/html/rendering/replaced-elements/attributes-for-embedded-content-and-images/video-aspect-ratio.html:

Source/WebCore:

According to [1], if HTML width and height attributes have valid values, not a percentage, and non-zero,
the value width/height is the default intrinsic aspect ratio for an <img> element. This will help to calculate
img element's layout size before loading. The value will be overridden if img is loaded. Also see [2].
This is currently limited in <img> element. Other elements like <canvas>, <video> and <input type=image>,
currently their aspect-ratio won't be affected.[3] While <picture> is still under discuss.[4]

[1]: ​https://html.spec.whatwg.org/multipage/rendering.html#attributes-for-embedded-content-and-images
[2]: ​https://github.com/WICG/intrinsicsize-attribute/issues/16
[3]: ​https://github.com/whatwg/html/issues/4961
[4]: ​https://github.com/whatwg/html/issues/4968

Tests: imported/w3c/web-platform-tests/html/rendering/replaced-elements/attributes-for-embedded-content-and-images/canvas-aspect-ratio.html

imported/w3c/web-platform-tests/html/rendering/replaced-elements/attributes-for-embedded-content-and-images/img-aspect-ratio.html
imported/w3c/web-platform-tests/html/rendering/replaced-elements/attributes-for-embedded-content-and-images/video-aspect-ratio.html
imported/w3c/web-platform-tests/html/rendering/replaced-elements/attributes-for-embedded-content-and-images/content-aspect-ratio.html

• page/Settings.yaml:
• rendering/RenderReplaced.cpp:

(WebCore::RenderReplaced::computeIntrinsicRatioInformation const):

Source/WebKit:

Add experimental flag: AspectRatioOfImgFromWidthAndHeightEnabled.

• Shared/WebPreferences.yaml:

Source/WebKitLegacy/mac:

Add experimental flag: AspectRatioOfImgFromWidthAndHeightEnabled.

• WebView/WebPreferenceKeysPrivate.h:
• WebView/WebPreferences.mm:

([WebPreferences initialize]):
(-[WebPreferences aspectRatioOfImgFromWidthAndHeightEnabled]):
(-[WebPreferences setAspectRatioOfImgFromWidthAndHeightEnabled:]):

• WebView/WebPreferencesPrivate.h:
• WebView/WebView.mm:

(-[WebView _preferencesChanged:]):

Source/WebKitLegacy/win:

Add experimental flag: AspectRatioOfImgFromWidthAndHeightEnabled.

• Interfaces/IWebPreferencesPrivate.idl:
• WebPreferenceKeysPrivate.h:
• WebPreferences.cpp:

(WebPreferences::initializeDefaultSettings):
(WebPreferences::aspectRatioOfImgFromWidthAndHeightEnabled):
(WebPreferences::setAspectRatioOfImgFromWidthAndHeightEnabled):

• WebPreferences.h:
• WebView.cpp:

(WebView::notifyPreferencesChanged):

Tools:

Add experimental flag: AspectRatioOfImgFromWidthAndHeightEnabled.

(enableExperimentalFeatures):
(setWebPreferencesForTestOptions):

• DumpRenderTree/win/DumpRenderTree.cpp:

(enableExperimentalFeatures):

Jan 15, 2020:

9:41 PM Changeset in webkit [254668] by beidson@apple.com

• 23 edits
  4 copies
  1 add in trunk

Add WKContentWorld SPI, and use it in JavaScript execution.
​https://bugs.webkit.org/show_bug.cgi?id=206310

Reviewed by Alex Christensen.
Source/WebKit:

Covered by API tests.

_WKContentWorld is a UI Process wrapper for an InjectedBundleScriptWorld.
Much like _WKUserContentWorld is. But different in that:

• Its APIs are named different things
• Only one unique instance per string name
• It is used with evaluateJavascript: and callAsyncJavaScriptFunction: instead of WKUserContentController.

But _WKContentWorld and _WKUserContentWorld do have to work together a little bit to avoid conflicts in the WebProcess.

The new versions of evaluateJavascript: and callAsyncJavaScriptFunction: are also included, as well as API tests for all the new stuff.

• Shared/API/APIObject.h:
• Shared/Cocoa/APIObject.mm:

(API::Object::newObject):

• UIProcess/API/APIContentWorld.cpp: Copied from Source/WebKit/UIProcess/API/APIUserContentWorld.cpp.

(API::ContentWorld::sharedWorldWithName):
(API::ContentWorld::pageContentWorld):
(API::ContentWorld::defaultClientWorld):
(API::ContentWorld::ContentWorld):
(API::ContentWorld::~ContentWorld):

• UIProcess/API/APIContentWorld.h: Copied from Source/WebKit/UIProcess/API/APIUserContentWorld.h.

• UIProcess/API/APIUserContentWorld.cpp:

(API::UserContentWorld::generateIdentifier):
(API::UserContentWorld::UserContentWorld):
(API::generateIdentifier): Deleted.

• UIProcess/API/APIUserContentWorld.h:

• UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView evaluateJavaScript:completionHandler:]):
(-[WKWebView _evaluateJavaScript:asAsyncFunction:withArguments:forceUserGesture:completionHandler:inWorld:]):
(-[WKWebView _callAsyncJavaScriptFunction:withArguments:inWorld:completionHandler:]):
(-[WKWebView _evaluateJavaScript:inWorld:completionHandler:]):
(-[WKWebView _evaluateJavaScriptWithoutUserGesture:completionHandler:]):
(-[WKWebView _evaluateJavaScript:asAsyncFunction:withArguments:forceUserGesture:completionHandler:]): Deleted.
(-[WKWebView _callAsyncFunction:withArguments:completionHandler:]): Deleted.

• UIProcess/API/Cocoa/WKWebViewPrivate.h:

• UIProcess/API/Cocoa/_WKContentWorld.h: Added.
• UIProcess/API/Cocoa/_WKContentWorld.mm: Copied from Source/WebKit/UIProcess/API/APIUserContentWorld.h.

(+[_WKContentWorld pageContentWorld]):
(+[_WKContentWorld defaultClientWorld]):
(+[_WKContentWorld worldWithName:]):
(-[_WKContentWorld dealloc]):
(-[_WKContentWorld name]):
(-[_WKContentWorld _apiObject]):

• UIProcess/API/Cocoa/_WKContentWorldInternal.h: Copied from Source/WebKit/UIProcess/API/APIUserContentWorld.h.

• UIProcess/UserContent/WebUserContentControllerProxy.cpp:
• UIProcess/UserContent/WebUserContentControllerProxy.h:

• UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::runJavaScriptInMainFrame):
(WebKit::WebPageProxy::runJavaScriptInMainFrameScriptWorld):

• UIProcess/WebPageProxy.h:

• WebProcess/UserContent/WebUserContentController.cpp:

(WebKit::worldMap):
(WebKit::WebUserContentController::worldForIdentifier):
(WebKit::WebUserContentController::addUserContentWorld):
(WebKit::WebUserContentController::addUserContentWorlds):

• WebProcess/UserContent/WebUserContentController.h:

• WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::runJavaScript):
(WebKit::WebPage::runJavaScriptInMainFrameScriptWorld):
(WebKit::WebPage::runJavaScriptInFrame):

• WebProcess/WebPage/WebPage.h:
• WebProcess/WebPage/WebPage.messages.in:

• Sources.txt:
• WebKit.xcodeproj/project.pbxproj:

Tools:

Update previous callAsyncFunction calls with the new signature.
Add tests for new _WKContentWorld class and its behavior with regard to executing JavaScript.

• TestWebKitAPI/Tests/WebKitCocoa/AsyncFunction.mm:

(TestWebKitAPI::tryGCPromise):
(TestWebKitAPI::TEST):

• TestWebKitAPI/Tests/WebKitCocoa/WKWebViewEvaluateJavaScript.mm:

(TEST):

• TestWebKitAPI/cocoa/TestWKWebView.mm:

(-[WKWebView objectByCallingAsyncFunction:withArguments:error:]):

9:08 PM Changeset in webkit [254667] by mitz@apple.com

• 9 copies
  1 add in releases/Apple/Safari Technology Preview/Safari Technology Preview 98

Added a tag for Safari Technology Preview release 98.

7:50 PM Changeset in webkit [254666] by don.olmstead@sony.com

• 25 edits in trunk/Source/WebCore

[LFC] Fix CMake Build
​https://bugs.webkit.org/show_bug.cgi?id=206334

Reviewed by Zalan Bujtas.

No new tests. No change in behavior.

Adds in the required CMake values to get LFC to compile. Fixes all issues with
the non-unified build in the layout directory.

• CMakeLists.txt:
• Headers.cmake:
• layout/FormattingContextGeometry.cpp:
• layout/FormattingContextQuirks.cpp:
• layout/FormattingState.cpp:
• layout/LayoutContext.h:
• layout/LayoutPhase.cpp:
• layout/LayoutPhase.h:
• layout/LayoutState.cpp:
• layout/LayoutUnits.h:
• layout/blockformatting/BlockFormattingContextGeometry.cpp:
• layout/blockformatting/BlockFormattingContextQuirks.cpp:
• layout/blockformatting/BlockMarginCollapse.cpp:
• layout/inlineformatting/InlineFormattingContext.cpp:
• layout/inlineformatting/InlineLineBreaker.h:
• layout/inlineformatting/InlineTextItem.cpp:
• layout/inlineformatting/LineLayoutContext.cpp:
• layout/inlineformatting/text/TextUtil.cpp:
• layout/inlineformatting/text/TextUtil.h:
• layout/layouttree/LayoutBox.cpp:
• layout/layouttree/LayoutTreeBuilder.cpp:
• layout/layouttree/LayoutTreeBuilder.h:
• layout/tableformatting/TableFormattingContext.cpp:
• layout/tableformatting/TableFormattingContextGeometry.cpp:

7:34 PM Changeset in webkit [254665] by Alan Coon

• 5 edits in branches/safari-609-branch

Apply patch. rdar://problem/58353217

7:28 PM Changeset in webkit [254664] by commit-queue@webkit.org

• 2 edits in trunk/LayoutTests

[GTK] Gardening tests using language override
​https://bugs.webkit.org/show_bug.cgi?id=206333

Patch by Lauro Moura <Lauro Moura> on 2020-01-15
Reviewed by Carlos Alberto Lopez Perez.

• platform/gtk/TestExpectations:

7:10 PM Changeset in webkit [254663] by Ross Kirsling

• 4 edits
  1 delete in trunk/Source/WebKit

[PlayStation] Add stubs for WebContextMenuClient
​https://bugs.webkit.org/show_bug.cgi?id=206324

Reviewed by Don Olmstead.

• WebProcess/WebCoreSupport/WebContextMenuClient.cpp:

(WebKit::WebContextMenuClient::lookUpInDictionary):
(WebKit::WebContextMenuClient::isSpeaking):
(WebKit::WebContextMenuClient::speak):
(WebKit::WebContextMenuClient::stopSpeaking):

• WebProcess/WebCoreSupport/gtk/WebContextMenuClientGtk.cpp:

(WebKit::WebContextMenuClient::lookUpInDictionary): Deleted.
(WebKit::WebContextMenuClient::isSpeaking): Deleted.
(WebKit::WebContextMenuClient::speak): Deleted.
(WebKit::WebContextMenuClient::stopSpeaking): Deleted.
Bring GTK/WPE stubs down for broader use.

7:02 PM Changeset in webkit [254662] by rniwa@webkit.org

• 3 edits
  2 adds in trunk

Nullptr crash in DocumentLoader::clearMainResourceLoader
​https://bugs.webkit.org/show_bug.cgi?id=206204

Source/WebCore:

Patch by Pinki Gyanchandani <​pgyanchandani@apple.com> on 2020-01-15
Reviewed by Ryosuke Niwa.

Test: loader/change-src-during-iframe-load-crash.html

• loader/DocumentLoader.cpp:

(WebCore::DocumentLoader::frameLoader const):
(WebCore::DocumentLoader::clearMainResourceLoader):

LayoutTests:

Added a NULL pointer check for FrameLoader. If FramLoader is NULL then return instead of
accessing activeDocumentLoader.

Patch by Pinki Gyanchandani <​pgyanchandani@apple.com> on 2020-01-15
Reviewed by Ryosuke Niwa.

• loader/change-src-during-iframe-load-crash-expected.txt: Added.
• loader/change-src-during-iframe-load-crash.html: Added.

6:23 PM Changeset in webkit [254661] by Alan Bujtas

• 4 edits in trunk/Source/WebCore

[LFC][IFC] LineBreaker::shouldWrapInlineContent should take the candidate content width
​https://bugs.webkit.org/show_bug.cgi?id=206305
<rdar://problem/58613977>

Reviewed by Antti Koivisto.

We already have the width information of the candidate runs. Let's not loop through the runs just to re-collect the logical width.
~3% progression on PerformanceTests/Layout/line-layout-simple.html.

• layout/inlineformatting/InlineLineBreaker.cpp:

(WebCore::Layout::LineBreaker::shouldWrapInlineContent):
(WebCore::Layout::LineBreaker::tryWrappingInlineContent const):
(WebCore::Layout::ContinuousContent::ContinuousContent):

• layout/inlineformatting/InlineLineBreaker.h:
• layout/inlineformatting/LineLayoutContext.cpp:

(WebCore::Layout::LineCandidateContent::inlineContentLogicalWidth const):
(WebCore::Layout::LineCandidateContent::append):
(WebCore::Layout::LineCandidateContent::reset):
(WebCore::Layout::LineLayoutContext::tryAddingInlineItems):

6:09 PM Changeset in webkit [254660] by commit-queue@webkit.org

• 2 edits in trunk/Source/WebCore

Unreviewed, rolling out r254565.
​https://bugs.webkit.org/show_bug.cgi?id=206331

It caused many timeouts for the layout tests of the GTK port
(Requested by clopez on #webkit).

Reverted changeset:

"[GStreamer] Several buffering fixes"
​https://bugs.webkit.org/show_bug.cgi?id=206234
​https://trac.webkit.org/changeset/254565

6:00 PM Changeset in webkit [254659] by commit-queue@webkit.org

• 14 edits in trunk/Source/WebCore

Keep RefPtr instead of raw pointer to message queue on WebCoreResourceHandleAsOperationQueueDelegate
​https://bugs.webkit.org/show_bug.cgi?id=206261
<rdar://problem/57562592>

Patch by Alex Christensen <​achristensen@webkit.org> on 2020-01-15
Reviewed by David Kilzer.

There's no reason to keep a raw pointer when we can keep a smart pointer.
This will make this more robust against someone forgetting to clear this pointer value.

• platform/network/ResourceHandle.h:
• platform/network/SynchronousLoaderClient.cpp:

(WebCore::SynchronousLoaderClient::SynchronousLoaderClient):
(WebCore::SynchronousLoaderClient::didFinishLoading):
(WebCore::SynchronousLoaderClient::didFail):

• platform/network/SynchronousLoaderClient.h:

(WebCore::SynchronousLoaderMessageQueue::create):
(WebCore::SynchronousLoaderMessageQueue::append):
(WebCore::SynchronousLoaderMessageQueue::kill):
(WebCore::SynchronousLoaderMessageQueue::killed const):
(WebCore::SynchronousLoaderMessageQueue::waitForMessage):

• platform/network/mac/ResourceHandleMac.mm:

(WebCore::ResourceHandle::makeDelegate):

• platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.h:
• platform/network/mac/WebCoreResourceHandleAsOperationQueueDelegate.mm:

(-[WebCoreResourceHandleAsOperationQueueDelegate callFunctionOnMainThread:]):
(-[WebCoreResourceHandleAsOperationQueueDelegate initWithHandle:messageQueue:]):
(-[WebCoreResourceHandleAsOperationQueueDelegate connection:willSendRequest:redirectResponse:]):

5:43 PM Changeset in webkit [254658] by Ross Kirsling

• 4 edits
  2 deletes in trunk/Source/WebKit

[PlayStation] Add stub for WebPopupMenu::setUpPlatformData
​https://bugs.webkit.org/show_bug.cgi?id=206323

Reviewed by Don Olmstead.

• SourcesGTK.txt:
• SourcesWPE.txt:
• WebProcess/WebCoreSupport/WebPopupMenu.cpp:

(WebKit::WebPopupMenu::setUpPlatformData):

• WebProcess/WebCoreSupport/gtk/WebPopupMenuGtk.cpp: Removed.
• WebProcess/WebCoreSupport/wpe/WebPopupMenuWPE.cpp: Removed.

Bring GTK/WPE stub down for broader use.

5:40 PM Changeset in webkit [254657] by commit-queue@webkit.org

• 42 edits
  2 adds in trunk

[SVG2]: Implement support for the 'pathLength' attribute
​https://bugs.webkit.org/show_bug.cgi?id=72401

Patch by Said Abou-Hallawa <​sabouhallawa@apple.com> on 2020-01-15
Reviewed by Simon Fraser.

LayoutTests/imported/w3c:

• web-platform-tests/svg/types/scripted/SVGGeometryElement.isPointInStroke-01-expected.txt:

Source/WebCore:

The spec link is:

​https://svgwg.org/svg2-draft/paths.html#PathLengthAttribute

The 'pathLength' attribute affects the calculations for text on a path,
stroke dash offset and stroke dash array. 'pathLength' has no effect on
percentage lengths.

Tests: svg/custom/stroke-dash-array-pathLength.svg

• rendering/svg/RenderSVGTextPath.cpp:

(WebCore::RenderSVGTextPath::targetElement const):
A helper function which returns the target element. Notice target element
can't be used in this context unless it is a SVGGeometryElement. See
pathFromGraphicsElement().

(WebCore::RenderSVGTextPath::layoutPath const):
Use the new function targetElement().

(WebCore::RenderSVGTextPath::startOffset const):
In SVGTextLayoutEngine::beginTextPathLayout(), we used to check whether
startOffset is in the range [0, 1] to treat it as a percentage or not.
This is of course wrong especially when using with 'pathLength'. So we
need to return the SVGLengthValue to make the decision correctly.

• rendering/svg/RenderSVGTextPath.h:

• rendering/svg/SVGRenderSupport.cpp:

(WebCore::SVGRenderSupport::applyStrokeStyleToContext):
Apply 'pathLength' to the shape 'stroke-dashoffset' and 'stroke-dasharray'
properties.

• rendering/svg/SVGRenderTreeAsText.cpp:

(WebCore::writeStyle):
Add the 'pathLength' property to the shape stroke property.

• rendering/svg/SVGTextLayoutEngine.cpp:

(WebCore::SVGTextLayoutEngine::beginTextPathLayout):
Apply 'pathLength' to the text path 'start-offset' property.

LayoutTests:

• TestExpectations:

• platform/gtk/imported/w3c/web-platform-tests/svg/path/distance/pathLength-positive-expected.txt:
• platform/gtk/imported/w3c/web-platform-tests/svg/path/distance/pathLength-positive-percentage-expected.txt:
• platform/gtk/imported/w3c/web-platform-tests/svg/shapes/line-dasharray-expected.txt:
• platform/gtk/imported/w3c/web-platform-tests/svg/shapes/reftests/pathlength-001-expected.txt:
• platform/gtk/imported/w3c/web-platform-tests/svg/shapes/reftests/pathlength-002-expected.txt:
• platform/gtk/imported/w3c/web-platform-tests/svg/shapes/reftests/pathlength-003-expected.txt:

'pathLength' is now included in the DRT of the stroke. Other tests will
need to be rebaselined.

• platform/ios-simulator/imported/w3c/web-platform-tests/svg/import/paths-dom-01-f-manual-expected.txt:
• platform/ios-simulator/imported/w3c/web-platform-tests/svg/path/distance/pathLength-positive-expected.txt:
• platform/ios-simulator/imported/w3c/web-platform-tests/svg/path/distance/pathLength-positive-percentage-expected.txt:
• platform/ios-simulator/imported/w3c/web-platform-tests/svg/path/distance/pathLength-zero-expected.txt:
• platform/ios-simulator/imported/w3c/web-platform-tests/svg/path/distance/pathLength-zero-percentage-expected.txt:
• platform/ios-simulator/imported/w3c/web-platform-tests/svg/shapes/line-dasharray-expected.txt:
• platform/ios-simulator/imported/w3c/web-platform-tests/svg/shapes/reftests/pathlength-001-expected.txt:
• platform/ios-simulator/imported/w3c/web-platform-tests/svg/shapes/reftests/pathlength-002-expected.txt:
• platform/ios-simulator/imported/w3c/web-platform-tests/svg/shapes/reftests/pathlength-003-expected.txt:
• platform/ios-simulator/imported/w3c/web-platform-tests/svg/text/reftests/textpath-shape-001-expected.txt:
• platform/mac/imported/w3c/web-platform-tests/svg/import/paths-dom-01-f-manual-expected.txt:
• platform/mac/imported/w3c/web-platform-tests/svg/path/distance/pathLength-positive-expected.txt:
• platform/mac/imported/w3c/web-platform-tests/svg/path/distance/pathLength-positive-percentage-expected.txt:
• platform/mac/imported/w3c/web-platform-tests/svg/path/distance/pathLength-zero-expected.txt:
• platform/mac/imported/w3c/web-platform-tests/svg/path/distance/pathLength-zero-percentage-expected.txt:
• platform/mac/imported/w3c/web-platform-tests/svg/shapes/line-dasharray-expected.txt:
• platform/mac/imported/w3c/web-platform-tests/svg/shapes/reftests/pathlength-001-expected.txt:
• platform/mac/imported/w3c/web-platform-tests/svg/shapes/reftests/pathlength-002-expected.txt:
• platform/mac/imported/w3c/web-platform-tests/svg/shapes/reftests/pathlength-003-expected.txt:
• platform/mac/imported/w3c/web-platform-tests/svg/text/reftests/textpath-shape-001-expected.txt:

'pathLength' is now included in the DRT of the stroke. These tests were
rendering incorrectly. With this patch, the rendering matches the rendering
of other browsers.

• platform/wpe/imported/w3c/web-platform-tests/svg/path/distance/pathLength-positive-expected.txt:
• platform/wpe/imported/w3c/web-platform-tests/svg/path/distance/pathLength-positive-percentage-expected.txt:
• platform/wpe/imported/w3c/web-platform-tests/svg/shapes/line-dasharray-expected.txt:
• platform/wpe/imported/w3c/web-platform-tests/svg/shapes/reftests/pathlength-001-expected.txt:
• platform/wpe/imported/w3c/web-platform-tests/svg/shapes/reftests/pathlength-002-expected.txt:
• platform/wpe/imported/w3c/web-platform-tests/svg/shapes/reftests/pathlength-003-expected.txt:

'pathLength' is now included in the DRT of the stroke. Other tests will
need to be rebaselined.

• svg/custom/stroke-dash-array-pathLength-expected.svg: Added.
• svg/custom/stroke-dash-array-pathLength.svg: Added.

5:17 PM Changeset in webkit [254656] by Ross Kirsling

• 2 edits in trunk/Source/WebKit

[PlayStation] Add stubs for WebEditorClient
​https://bugs.webkit.org/show_bug.cgi?id=206320

Reviewed by Don Olmstead.

• WebProcess/WebCoreSupport/WebEditorClient.cpp:

4:56 PM Changeset in webkit [254655] by timothy_horton@apple.com

• 2 edits in trunk/Source/WebKitLegacy/ios

WebKit should not expose a unprefixed CGRectValue category method on NSValue
​https://bugs.webkit.org/show_bug.cgi?id=206297
<rdar://problem/58592554>

Reviewed by Wenson Hsieh.

• WebView/WebPDFViewPlaceholder.mm:

(-[NSValue CGRectValue]): Deleted.

4:35 PM Changeset in webkit [254654] by Jonathan Bedard

• 2 edits in trunk/Tools

run-api-tests no longer supports wildcards in test names
​https://bugs.webkit.org/show_bug.cgi?id=206319
<rdar://problem/58351608>

Reviewed by Chris Dumez.

• Scripts/webkitpy/api_tests/manager.py:

(Manager._find_test_subset):

4:09 PM Changeset in webkit [254653] by caitp@igalia.com

• 57 edits
  6 adds in trunk

[JSC] Add support for public class fields
​https://bugs.webkit.org/show_bug.cgi?id=174212

Reviewed by Yusuke Suzuki.

JSTests:

New syntax invalidates some test expectations:

"async <linefeed> MethodDefinition" is no longer an unexpected "async"
token. It is now an instance field named "async" with no initializer,
and an automatic semicolon, followed by MethodDefinition.

"get|set GeneratorMethodDefinition"'s error message has changed, due to "get"
being valid class field names.

Many class-syntax tests relating to automatic semicolon insertion are
no longer valid, as a line containing nothing but an identifier is now
a valid class element.

• stress/async-await-syntax.js:
• stress/class-fields-bytecode-cache.js: Added.
• stress/class-fields-computed-to-property-key.js: Added.
• stress/class-fields-function-name.js: Added.
• stress/class-fields-harmony.js: Added.
• stress/class-fields-proxy-define-property.js: Added.
• stress/class-fields-stress-instance.js: Added.
• stress/generator-syntax.js:
• stress/method-name.js:
• test262/config.yaml:

Source/JavaScriptCore:

Implements the instance class fields proposal (​https://tc39.es/proposal-class-fields/),
minus support for private fields (split into a separate patch).

In summary, class fields are initialized by a synthetic JSFunction. In its unlinked state,
the UnlinkedFunctionExecutable for the function includes an ordered list of JSTokenLocations
pointing to the start of each class field in the class. Each of these fields are parsed and
included as DefineFieldNodes, which implement the appropriate DefineField behaviour in the
proposal. This synthetic function is only created, and only loaded, if there are class fields
present. The decision to use a synthetic function was for simplicity. There are a number of
factors which make inlining the initialization complicated, though we may opt to do this in
the future. For reference, the complexities are: instance fields and constructor in different
currently in different parsing arenas, distinct scopes between the 2 which require work to manage,
and complexity in doing to this work for child classes, where the location of initialization can
depend, and in some cases occur more than once.

Computed property fields require a new bytecode, op_to_property_key, as an implementation
detail. It is necessary in the proposal to convert computed properties to property keys
during class evaluation, rather than during field initialization. Additionally, we allocate
the class lexical scope when computed class fields are used (previously, only when there was
a class name), as a location to keep the computed property keys. They can be loaded from the
scope via indexed keys.

To illustrate computed field names in action, consider the following pseudocode:

<during class evaluation>
1) fieldName = emitNode({expr})
2) fieldName = emitToPropertyKey(fieldName)
3) classScope[numComputedNames++] = fieldName

<during class field initialization>
1) fieldName = emitGetFromScope(classScope, computedFieldNameIndex++)
2) value = emitNode({initializer})
3) instance[fieldName] = value

The feature is currently hidden behind the feature flag JSC::Options::useClassFields.

LayoutTests:

New syntax invalidates some test expectations:

"async <linefeed> MethodDefinition" is no longer an unexpected "async"
token. It is now an instance field named "async" with no initializer,
and an automatic semicolon, followed by MethodDefinition.

"get|set GeneratorMethodDefinition"'s error message has changed, due to "get"
being valid class field names.

Many class-syntax tests relating to automatic semicolon insertion are
no longer valid, as a line containing nothing but an identifier is now
a valid class element.

• js/class-syntax-semicolon-expected.txt:
• js/script-tests/class-syntax-semicolon.js:

3:55 PM Changeset in webkit [254652] by Chris Dumez

• 6 edits
  6 adds in trunk

Regression(r253213) Load hang and high CPU usage when trying to load myuhc.com
​https://bugs.webkit.org/show_bug.cgi?id=206315
<rdar://problem/58139842>

Reviewed by Geoffrey Garen.

Source/WebCore:

Starting in r253213, we now throw when trying to do a sync XHR during unload. Unfortunately, this is confusing the script
on myuhc.com and it ends up retrying the sync XHR in a tight loop. To address the issue, I am putting in a safety net which
ignores calls to XMLHttpRequest.send() instead of throwing, once we've reached 5 sync XHR failures during unload.

Throwing is useful because this gives a change for Web authors to fall back to using Beacon API or Fetch KeepAlive if the
sync XHR fails. There is already code out there doing just that. You could imagine content doing more than one sync XHR
during unload, each one with a good beacon API fallback. For this reason, I put in a limit of 5 sync failures before
we stop throwing. Having a limit is important to break bad loops when the content simply retries the same sync XHR load
when the sync XHR send() call throws.

Tests: fast/xmlhttprequest/xmlhttprequest-multiple-sync-xhr-during-unload.html

fast/xmlhttprequest/xmlhttprequest-sync-xhr-failure-loop-during-unload.html

• dom/Document.cpp:

(WebCore::Document::didRejectSyncXHRDuringPageDismissal):
(WebCore::Document::shouldIgnoreSyncXHRs const):

• dom/Document.h:
• loader/DocumentThreadableLoader.cpp:

(WebCore::DocumentThreadableLoader::DocumentThreadableLoader):

• xml/XMLHttpRequest.cpp:

(WebCore::XMLHttpRequest::prepareToSend):

LayoutTests:

Add layout test coverage.

• fast/xmlhttprequest/resources/xmlhttprequest-multiple-sync-xhr-during-unload-iframe.html: Added.
• fast/xmlhttprequest/resources/xmlhttprequest-sync-xhr-failure-loop-during-unload-iframe.html: Added.
• fast/xmlhttprequest/xmlhttprequest-multiple-sync-xhr-during-unload-expected.txt: Added.
• fast/xmlhttprequest/xmlhttprequest-multiple-sync-xhr-during-unload.html: Added.
• fast/xmlhttprequest/xmlhttprequest-sync-xhr-failure-loop-during-unload-expected.txt: Added.
• fast/xmlhttprequest/xmlhttprequest-sync-xhr-failure-loop-during-unload.html: Added.

3:25 PM Changeset in webkit [254651] by Alan Coon

• 5 edits in branches/safari-610.1.1-branch

Revert r254379. rdar://problem/58542040

3:25 PM Changeset in webkit [254650] by Alan Coon

• 7 edits in branches/safari-610.1.1-branch

Revert r254537. rdar://problem/58542040

3:07 PM Changeset in webkit [254649] by Alan Coon

• 2 edits in branches/safari-609-branch/Source/WebCore

Cherry-pick r254267. rdar://problem/58606290

Reformat FrameView logging
​https://bugs.webkit.org/show_bug.cgi?id=205984
<rdar://problem/58431722>

Reviewed by Brent Fulgham.

Update the format used by FrameView in its RELEASE_LOG logging. Use
the format used by WebPageProxy and NetworkResourceLoader, which is
generally of the form:

<object-address> - [<values that help thread together operations>] <class>::<method>: <message and other useful values>

So, for example:

0x4a1cf8010 - FrameView::fireLayoutRelatedMilestonesIfNeeded() - firing first visually non-empty layout milestone on the main frame

becomes:

0x561be8010 - [frame=0x55d47e000, main=1] FrameView::fireLayoutRelatedMilestonesIfNeeded: Firing first visually non-empty layout milestone on the main frame

No new tests -- no new or changed functionality.

• page/FrameView.cpp: (WebCore::FrameView::paintContents): (WebCore::FrameView::fireLayoutRelatedMilestonesIfNeeded):

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254267 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3:07 PM Changeset in webkit [254648] by Alan Coon

• 8 edits in branches/safari-609-branch

Cherry-pick r254229. rdar://problem/58605950

<img>.naturalWidth should return the density-corrected intrinsic width
​https://bugs.webkit.org/show_bug.cgi?id=150443

Patch by Noam Rosenthal <Noam Rosenthal> on 2020-01-08
Reviewed by Simon Fraser.

LayoutTests/imported/w3c:

Updated expected results.

• web-platform-tests/html/semantics/embedded-content/the-img-element/current-pixel-density/basic-expected.txt:

All tests now pass.

• web-platform-tests/html/semantics/embedded-content/the-img-element/intrinsicsize/intrinsicsize-with-responsive-images.tentative-expected.txt:

Still fails but failure values are different.

Source/WebCore:

Take image's density into account when requesting naturalWidth/naturalHeight, not in SVG.

This now complies with the standard (​https://html.spec.whatwg.org/multipage/embedded-content.html#dom-img-naturalwidth)
It also matches the behavior on Chrome and on Firefox.

Test: imported/w3c/web-platform-tests/html/semantics/embedded-content/the-img-element/current-pixel-density/basic.html

Updaded expected results

• html/HTMLImageElement.cpp: (WebCore::HTMLImageElement::effectiveImageDevicePixelRatio const): (WebCore::HTMLImageElement::naturalWidth const): (WebCore::HTMLImageElement::naturalHeight const):
• html/HTMLImageElement.h:

Use effective image devicePixelRatio for naturalWidth/height calculation

• loader/cache/CachedImage.cpp: (WebCore::CachedImage::unclampedImageSizeForRenderer const): (WebCore::CachedImage::imageSizeForRenderer const):
• loader/cache/CachedImage.h:

Don't clamp to 1 when calculating naturalWidth/naturalHeight, as this has
nothing to do with zoomed images. Zoomed images behavior remains the same.

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254229 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3:07 PM Changeset in webkit [254647] by Alan Coon

• 32 edits
  6 adds in branches/safari-609-branch

Cherry-pick r254187. rdar://problem/58605950

Implement css3-images image-orientation
​https://bugs.webkit.org/show_bug.cgi?id=89052

Patch by Said Abou-Hallawa <​sabouhallawa@apple.com> on 2020-01-07
Reviewed by Simon Fraser.

LayoutTests/imported/w3c:

• web-platform-tests/css/css-images/inheritance-expected.txt:
• web-platform-tests/css/css-images/inheritance.html: This test is re-synced from upstream

• web-platform-tests/css/css-images/parsing/image-orientation-computed-expected.txt:
• web-platform-tests/css/css-images/parsing/image-orientation-valid-expected.txt:

Source/JavaScriptCore:

Remove the ENABLE_CSS_IMAGE_ORIENTATION feature flag.

• Configurations/FeatureDefines.xcconfig:

Source/WebCore:

Implement the CSS image-orientation property for content images. The valid
values are "from-image" or "none". The default value is "from-image".

Specification: ​https://drafts.csswg.org/css-images-3/#the-image-orientation
GitHub issue: ​https://github.com/w3c/csswg-drafts/issues/4164

Tests: fast/images/image-orientation-dynamic-from-image.html

fast/images/image-orientation-dynamic-none.html
fast/images/image-orientation-none.html

• Configurations/FeatureDefines.xcconfig:
• css/CSSComputedStyleDeclaration.cpp: (WebCore::ComputedStyleExtractor::valueForPropertyInStyle):
• css/CSSPrimitiveValueMappings.h: (WebCore::CSSPrimitiveValue::operator ImageOrientation const): Deleted.
• css/CSSProperties.json:
• css/CSSValueKeywords.in:
• css/parser/CSSPropertyParser.cpp: (WebCore::consumeImageOrientation): (WebCore::CSSPropertyParser::parseSingleValue):
• rendering/RenderElement.cpp: (WebCore::RenderElement::imageOrientation const):
• rendering/RenderImage.cpp: (WebCore::RenderImage::styleDidChange):
• rendering/style/RenderStyle.cpp: (WebCore::rareInheritedDataChangeRequiresLayout):
• rendering/style/RenderStyle.h: (WebCore::RenderStyle::setImageOrientation): (WebCore::RenderStyle::initialImageOrientation): (WebCore::RenderStyle::imageOrientation const):
• rendering/style/StyleRareInheritedData.cpp: (WebCore::StyleRareInheritedData::StyleRareInheritedData): (WebCore::StyleRareInheritedData::operator== const):
• rendering/style/StyleRareInheritedData.h:
• style/StyleBuilderConverter.h: (WebCore::Style::BuilderConverter::convertImageOrientation):

Source/WebCore/PAL:

Remove the ENABLE_CSS_IMAGE_ORIENTATION feature flag.

• Configurations/FeatureDefines.xcconfig:

Source/WebKit:

Remove the ENABLE_CSS_IMAGE_ORIENTATION feature flag.

• Configurations/FeatureDefines.xcconfig:

Source/WebKitLegacy/mac:

Remove the ENABLE_CSS_IMAGE_ORIENTATION feature flag.

• Configurations/FeatureDefines.xcconfig:

Source/WTF:

Remove the ENABLE_CSS_IMAGE_ORIENTATION feature flag.

• wtf/FeatureDefines.h:

Tools:

Remove the ENABLE_CSS_IMAGE_ORIENTATION feature flag.

• TestWebKitAPI/Configurations/FeatureDefines.xcconfig:

LayoutTests:

Test the css image-orientation property.

• fast/images/image-orientation-dynamic-from-image-expected.html: Added.
• fast/images/image-orientation-dynamic-from-image.html: Added.
• fast/images/image-orientation-dynamic-none-expected.html: Added.
• fast/images/image-orientation-dynamic-none.html: Added.
• fast/images/image-orientation-none-expected.html: Added.
• fast/images/image-orientation-none.html: Added.

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254187 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3:07 PM Changeset in webkit [254646] by Alan Coon

• 2 edits in branches/safari-609-branch/Source/WebCore

Cherry-pick r254179. rdar://problem/58606203

Reformat FrameLoader logging
​https://bugs.webkit.org/show_bug.cgi?id=205884
<rdar://problem/58387123>

Reviewed by Brent Fulgham.

Update the format used by FrameLoader in its RELEASE_LOG logging. Use
the format used by WebPageProxy and NetworkResourceLoader, which is
generally of the form:

<object-address> - [<values that help thread together operations>] <class>::<method>: <message and other useful values>

So, for example:

0x4aa2df000 - FrameLoader::allAllLoaders: Clearing provisional document loader (frame = 0x4a8ad3550, main = 0 m_provisionalDocumentLoader=0x0)

becomes:

0x465fb61a0 - [frame=0x465c98a20, main=0] FrameLoader::stopAllLoaders: Clearing provisional document loader (m_provisionalDocumentLoader=0x0)

No new tests -- no new or changed functionality.

• loader/FrameLoader.cpp: (WebCore::FrameLoader::urlSelected): (WebCore::FrameLoader::finishedParsing): (WebCore::FrameLoader::loadURLIntoChildFrame): (WebCore::FrameLoader::loadArchive): (WebCore::FrameLoader::loadInSameDocument): (WebCore::FrameLoader::prepareForLoadStart): (WebCore::FrameLoader::setupForReplace): (WebCore::FrameLoader::loadFrameRequest): (WebCore::FrameLoader::loadURL): (WebCore::FrameLoader::load): (WebCore::FrameLoader::loadWithNavigationAction): (WebCore::FrameLoader::loadWithDocumentLoader): (WebCore::FrameLoader::clearProvisionalLoadForPolicyCheck): (WebCore::FrameLoader::reloadWithOverrideEncoding): (WebCore::FrameLoader::reload): (WebCore::FrameLoader::stopAllLoaders): (WebCore::FrameLoader::stopForBackForwardCache): (WebCore::FrameLoader::setProvisionalDocumentLoader): (WebCore::FrameLoader::setState): (WebCore::FrameLoader::clearProvisionalLoad): (WebCore::FrameLoader::commitProvisionalLoad): (WebCore::FrameLoader::transitionToCommitted): (WebCore::FrameLoader::checkLoadCompleteForThisFrame): (WebCore::FrameLoader::loadPostRequest): (WebCore::FrameLoader::continueFragmentScrollAfterNavigationPolicy): (WebCore::FrameLoader::continueLoadAfterNavigationPolicy): (WebCore::FrameLoader::loadDifferentDocumentItem): (WebCore::FrameLoader::retryAfterFailedCacheOnlyMainResourceLoad):

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254179 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3:07 PM Changeset in webkit [254645] by Alan Coon

• 6 edits in branches/safari-609-branch

Cherry-pick r254089. rdar://problem/58606252

XMLHTTPRequest POSTs blob data to a custom WKURLSchemeHandler protocol crash
​https://bugs.webkit.org/show_bug.cgi?id=205685

Reviewed by Alex Christensen.

Source/WebCore:

There is no blob registry in the UIProcess.
This should not matter since we do not yet support blobs in custom scheme handlers.
But we are calling the blob registry when creating a request body, which does not work in UIProcess.
Instead, pass a lambda that will be called in case of blobs.
Covered by API test.

• platform/network/FormData.cpp: (WebCore::FormDataElement::lengthInBytes const): (WebCore::FormData::resolveBlobReferences):
• platform/network/FormData.h:
• platform/network/cf/FormDataStreamCFNet.cpp: (WebCore::createHTTPBodyCFReadStream):

Tools:

• TestWebKitAPI/Tests/WebKitCocoa/WKURLSchemeHandler-1.mm:

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254089 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3:07 PM Changeset in webkit [254644] by Alan Coon

• 3 edits in branches/safari-609-branch/Source/WebInspectorUI

Cherry-pick r254058. rdar://problem/58606175

Web Inspector: Canvas: unable to see recording actions for WebGL canvases that have lots of shader programs
​https://bugs.webkit.org/show_bug.cgi?id=205659

Reviewed by Brian Burg.

Limit the height of the canvas and shader program tree a recording is selected.

• UserInterface/Views/CanvasSidebarPanel.js: (WI.CanvasSidebarPanel.prototype._updateRecordingScopeBar):
• UserInterface/Views/CanvasSidebarPanel.css: (.sidebar > .panel.navigation.canvas.showing-recording > .content > .tree-outline.canvas): Added.

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254058 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3:07 PM Changeset in webkit [254643] by Alan Coon

• 3 edits in branches/safari-609-branch

Cherry-pick r254007. rdar://problem/58605939

REGRESSION: [iOS 13] webrtc/datachannel/mdns-ice-candidates.html is failing
​https://bugs.webkit.org/show_bug.cgi?id=201900
<rdar://problem/55466061>

Reviewed by Eric Carlson.

Source/WebCore:

No change of behavior.

• Modules/mediastream/PeerConnectionBackend.cpp: (WebCore::PeerConnectionBackend::registerMDNSName): Fix message typo (missing space).

LayoutTests:

• platform/ios/TestExpectations: Reenable test.

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254007 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3:07 PM Changeset in webkit [254642] by Alan Coon

• 2 edits in branches/safari-609-branch/LayoutTests

Cherry-pick r250024. rdar://problem/58605939

Unreviewed iOS 13 test gardening, update test expectations.

• platform/ios/TestExpectations:

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@250024 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3:05 PM Changeset in webkit [254641] by Ross Kirsling

• 2 edits in trunk/Source/WebCore

Unreviewed build fix for ENABLE_ACCESSIBILITY=OFF following r254566.

• accessibility/AccessibilityObjectInterface.h:

(WebCore::AXCoreObject::wrapper const):
(WebCore::AXCoreObject::setWrapper):
Remove invalid override specifiers.

2:48 PM Changeset in webkit [254640] by Simon Fraser

• 2 edits in trunk/Source/WebCore

Unreviewed cleanup.

TextStream is used outside #if ENABLE(KINETIC_SCROLLING) lower down, so remove
these guards.

• platform/PlatformWheelEvent.h:

2:23 PM Changeset in webkit [254639] by Jon Davis

• 2 edits in trunk/Websites/webkit.org

Add Web Inspector Reference notice to Web Inspector blog posts
​https://bugs.webkit.org/show_bug.cgi?id=206308

Reviewed by Devin Rousso.

• wp-content/themes/webkit/functions.php:

2:15 PM Changeset in webkit [254638] by Alan Coon

• 2 edits in branches/safari-609-branch/Source

Apply patch. rdar://problem/58610979

2:15 PM Changeset in webkit [254637] by Adrian Perez de Castro

• 2 edits in trunk/Source/JavaScriptCore

Offlineasm warnings with newer Ruby versions
​https://bugs.webkit.org/show_bug.cgi?id=206233

Reviewed by Yusuke Suzuki.

Avoid a warning about using Object#=~ on Annotation instances, which
has been deprecated in Ruby 2.7.

• offlineasm/parser.rb: Swap checks to prevent applying the =~ operator

to Annotation instances, which do not define it.

2:04 PM Changeset in webkit [254636] by ddkilzer@apple.com

• 4 edits in trunk/Tools

Enable -Wconditional-uninitialized in DumpRenderTree, WebKitTestRunner
<​https://webkit.org/b/206269>
<rdar://problem/58589158>

Reviewed by Brent Fulgham.

• DumpRenderTree/mac/Configurations/Base.xcconfig:

(WARNING_CFLAGS): Add -Wconditional-uninitialized switch.

• DumpRenderTree/mac/UIDelegate.mm:

(-[UIDelegate webView:runOpenPanelForFileButtonWithResultListener:allowMultipleFiles:]):
Initialize imageRef stack variable to nullptr.

• WebKitTestRunner/Configurations/Base.xcconfig:

(WARNING_CFLAGS): Add -Wconditional-uninitialized switch.

2:03 PM Changeset in webkit [254635] by Alan Coon

• 1 copy in tags/Safari-609.1.14.1

Tag Safari-609.1.14.1.

1:49 PM Changeset in webkit [254634] by Antti Koivisto

• 7 edits in trunk/Source/WebCore

[LFC] Cache display box for the first LayoutState to Layout::Box
​https://bugs.webkit.org/show_bug.cgi?id=206288

Reviewed by Zalan Bujtas.

Add a single item cache for the common case to avoid using the hash.

• layout/FormattingState.cpp:

(WebCore::Layout::FormattingState::displayBox):

• layout/LayoutState.cpp:

(WebCore::Layout::LayoutState::displayBoxForRootLayoutBox):
(WebCore::Layout::LayoutState::ensureDisplayBoxForLayoutBoxSlow):
(WebCore::Layout::LayoutState::displayBoxForLayoutBox): Deleted.
(WebCore::Layout::LayoutState::displayBoxForLayoutBox const): Deleted.

• layout/LayoutState.h:

(WebCore::Layout::Box::cachedDisplayBoxForLayoutState const):
(WebCore::Layout::LayoutState::hasDisplayBox const):
(WebCore::Layout::LayoutState::ensureDisplayBoxForLayoutBox):
(WebCore::Layout::LayoutState::displayBoxForLayoutBox const):

• layout/layouttree/LayoutBox.cpp:

(WebCore::Layout::Box::setCachedDisplayBoxForLayoutState const):

• layout/layouttree/LayoutBox.h:

(WebCore::Layout::Box::hasCachedDisplayBox const):

• layout/layouttree/LayoutTreeBuilder.h:

1:41 PM Changeset in webkit [254633] by Devin Rousso

• 2 edits in trunk/Source/WebInspectorUI

Web Inspector: collapsing a virtualized folder in a WI.TreeOutline doesn't updated the DOM
​https://bugs.webkit.org/show_bug.cgi?id=206302

Reviewed by Timothy Hatcher.

• UserInterface/Views/TreeOutline.js:

(WI.TreeOutline.prototype._updateVirtualizedElements):
When collapsing a currently visible WI.TreeElement, it will still be in the cached set of
visible and attached WI.TreeElements, meaning that _updateVirtualizedElements will early
return since it thinks that the same WI.TreeElement are being shown. Add another check to
ensure that it only thinks that if the same number of WI.TreeElement are visible.

1:30 PM Changeset in webkit [254632] by keith_miller@apple.com

• 183 edits
  7 deletes in trunk

Revert bytecode checkpoints since it breaks watch
​https://bugs.webkit.org/show_bug.cgi?id=206301

Unreviewed, revert.

1:22 PM Changeset in webkit [254631] by Simon Fraser

• 9 edits
  1 copy in trunk/Source/WebCore

Add more mousewheel-scrolling logging and improve the latching code
​https://bugs.webkit.org/show_bug.cgi?id=206298

Reviewed by Tim Horton.

Make PlatformWheelEvent TextStream-loggable, and add more Scrolling logging in some places
related to mouseWheel scrolling and latching.

Make the ownership of Elements and Nodes given to ScrollLatchingState more explicit by passing in
RefPtr<>&&.

• Sources.txt:
• WebCore.xcodeproj/project.pbxproj:
• page/EventHandler.cpp:

(WebCore::handleWheelEventInAppropriateEnclosingBox):
(WebCore::EventHandler::defaultWheelEventHandler):

• page/mac/EventHandlerMac.mm:

(WebCore::EventHandler::platformPrepareForWheelEvents):
(WebCore::EventHandler::platformCompleteWheelEvent):

• page/scrolling/ScrollLatchingState.cpp:

(WebCore::ScrollLatchingState::setWheelEventElement):
(WebCore::ScrollLatchingState::setPreviousWheelScrolledElement):
(WebCore::ScrollLatchingState::setScrollableContainer):

• page/scrolling/ScrollLatchingState.h:
• page/scrolling/ScrollingTree.cpp:

(WebCore::ScrollingTree::shouldHandleWheelEventSynchronously):

• platform/PlatformWheelEvent.cpp: Copied from Source/WebCore/page/scrolling/ScrollLatchingState.cpp.

(WebCore::operator<<):

• platform/PlatformWheelEvent.h:

1:17 PM Changeset in webkit [254630] by Alan Bujtas

• 3 edits in trunk/Source/WebCore

[LFC][IFC] LineLayoutContext::nextContentForLine should take LineCandidateContent&
​https://bugs.webkit.org/show_bug.cgi?id=206300
<rdar://problem/58612197>

Reviewed by Antti Koivisto.

~5% progression on PerformanceTests/Layout/line-layout-simple.html.
LineLayoutContext::nextContentForLine is hot and LineCandidateContent has Vector members (too heavy).

• layout/inlineformatting/LineLayoutContext.cpp:

(WebCore::Layout::LineCandidateContent::reset):
(WebCore::Layout::LineLayoutContext::layoutLine):
(WebCore::Layout::LineLayoutContext::nextContentForLine):

• layout/inlineformatting/LineLayoutContext.h:

12:42 PM Changeset in webkit [254629] by Alan Bujtas

• 2 edits in trunk/Source/WebCore

[LFC][IFC] ContinuousContent should not need a copy of RunList
​https://bugs.webkit.org/show_bug.cgi?id=206293
<rdar://problem/58607446>

Reviewed by Antti Koivisto.

~4% progression on PerformanceTests/Layout/line-layout-simple.html.

• layout/inlineformatting/InlineLineBreaker.cpp:

12:21 PM Changeset in webkit [254628] by aakash_jain@apple.com

• 4 edits
  2 deletes in trunk

Unreviewed, rolling out r254576.
​https://bugs.webkit.org/show_bug.cgi?id=206306

Introduced failing test loader/change-src-during-iframe-load-
crash.html (Requested by aakashja_ on #webkit).

Reverted changeset:

"Null Ptr Deref @
WebCore::DocumentLoader::clearMainResourceLoader"
​https://bugs.webkit.org/show_bug.cgi?id=206204
​https://trac.webkit.org/changeset/254576

Patch by Commit Queue <​commit-queue@webkit.org> on 2020-01-15

12:18 PM Changeset in webkit [254627] by don.olmstead@sony.com

• 8 edits
  3 deletes in trunk/Source/WebKit

Share WebInspector stubs for ports without local inspection
​https://bugs.webkit.org/show_bug.cgi?id=206267

Reviewed by Alex Christensen.

No new tests. No change in behavior.

Ports that do no allow local inspection of a web page can share a number of stubs
around the Web Inspector. This is the case for iOS, WPE and the PlayStation port.
Make the platform guards specific to actual implementations.

• SourcesWPE.txt:
• UIProcess/RemoteWebInspectorProxy.cpp:
• UIProcess/WebInspectorProxy.cpp:
• UIProcess/mac/RemoteWebInspectorProxyMac.mm:
• UIProcess/wpe/WebInspectorProxyWPE.cpp: Removed.
• WebProcess/WebPage/RemoteWebInspectorUI.cpp:

(WebKit::RemoteWebInspectorUI::localizedStringsURL const):

• WebProcess/WebPage/WebInspectorUI.cpp:

(WebKit::WebInspectorUI::canSave):
(WebKit::WebInspectorUI::localizedStringsURL const):

• WebProcess/WebPage/mac/WebInspectorUIMac.mm:
• WebProcess/WebPage/wpe/WebInspectorUIWPE.cpp: Removed.
• WebProcess/WebPage/wpe/WebInspectorWPE.cpp: Removed.

11:57 AM Changeset in webkit [254626] by Alexey Shvayka

• 4 edits in trunk

Object.preventExtensions should throw if not successful
​https://bugs.webkit.org/show_bug.cgi?id=206131

Reviewed by Ross Kirsling.

JSTests:

• test262/expectations.yaml: Mark 2 test cases as passing.

Source/JavaScriptCore:

With this change, Object.preventExtensions throws TypeError if PreventExtensions?
returns false. This is possible if Object.preventExtensions is called on a Proxy object.
(step 3 of ​https://tc39.es/ecma262/#sec-object.preventextensions)

• runtime/ObjectConstructor.cpp:

(JSC::objectConstructorPreventExtensions):

11:33 AM Changeset in webkit [254625] by Jonathan Bedard

• 5 edits in trunk

webkitpy: Remove self assignments
​https://bugs.webkit.org/show_bug.cgi?id=206294

Reviewed by Aakash Jain.

Source/JavaScriptCore:

• inspector/scripts/codegen/generator.py:

(Generator.js_name_for_parameter_type):

Tools:

• Scripts/webkitpy/common/webkit_finder.py:

(WebKitFinder.webkit_base):

• Scripts/webkitpy/port/factory.py:

(_builder_options):

11:16 AM Changeset in webkit [254624] by Alan Coon

• 19 edits in branches/safari-609-branch/Source

Cherry-pick r254551. rdar://problem/58508705

Build ANGLE as a dynamic library
​https://bugs.webkit.org/show_bug.cgi?id=204708
rdar://57349384

Rolling this out for the 2nd time.

Source/ThirdParty/ANGLE:

• it caused issues with the shared dyld cache, because the cache doesn't know to include the libary until it already exists in the build
• probably related to the above, we saw some performance regressions directly related to this change

• ANGLE.xcodeproj/project.pbxproj:
• Configurations/ANGLE.xcconfig:
• Configurations/Base.xcconfig:
• Configurations/DebugRelease.xcconfig:
• include/CMakeLists.txt:
• include/GLSLANG/ShaderLang.h:
• include/GLSLANG/ShaderVars.h:
• src/libANGLE/renderer/gl/cgl/DisplayCGL.mm: (rx::DisplayCGL::isValidNativeWindow const):
• src/libANGLE/renderer/gl/cgl/WindowSurfaceCGL.mm: (rx::WindowSurfaceCGL::WindowSurfaceCGL): (rx::WindowSurfaceCGL::~WindowSurfaceCGL):
• src/libANGLE/renderer/gl/eagl/DisplayEAGL.mm: (rx::DisplayEAGL::terminate): (rx::DisplayEAGL::isValidNativeWindow const): (rx::WorkerContextEAGL::~WorkerContextEAGL):
• src/libANGLE/renderer/gl/eagl/WindowSurfaceEAGL.mm: (rx::WindowSurfaceEAGL::WindowSurfaceEAGL): (rx::WindowSurfaceEAGL::~WindowSurfaceEAGL):

Source/WebCore:

• Configurations/WebCore.xcconfig:
• Configurations/WebCoreTestSupport.xcconfig:
• WebCore.xcodeproj/project.pbxproj:
• platform/graphics/ANGLEWebKitBridge.cpp: (WebCore::ANGLEWebKitBridge::ANGLEWebKitBridge): (WebCore::ANGLEWebKitBridge::cleanupCompilers): (WebCore::ANGLEWebKitBridge::compileShaderSource): (WebCore::ANGLEWebKitBridge::angleAvailable): Deleted.
• platform/graphics/ANGLEWebKitBridge.h:
• platform/graphics/cocoa/GraphicsContextGLOpenGLCocoa.mm: (WebCore::GraphicsContextGLOpenGL::GraphicsContextGLOpenGL):

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254551 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:16 AM Changeset in webkit [254623] by Alan Coon

• 2 edits in branches/safari-609-branch/JSTests

Cherry-pick r254496. rdar://problem/58553161

Unreviewed. Change useLLInt=0 to forceBaseline=1

• stress/racy-gc-cleanup-of-identifier-after-mutator-stops-running.js:

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254496 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:16 AM Changeset in webkit [254622] by Alan Coon

• 45 edits
  1 copy
  3 adds in branches/safari-609-branch

Cherry-pick r254464. rdar://problem/58553161

Replace uses of Box<Identifier> with a new CacheableIdentifier class.
​https://bugs.webkit.org/show_bug.cgi?id=205544
<rdar://problem/58041800>

Reviewed by Saam Barati.

JSTests:

• stress/racy-gc-cleanup-of-identifier-after-mutator-stops-running.js: Added.

Source/JavaScriptCore:

The introduction of the use of Box<Identifier> was to get around having to
ref/deref the underlying UniqedStringImpl in Identifiers from the compiler
and GC threads. However, it proves to be difficult to control when these
Box<Identifier>s get destructed, and requires that we find all the places in
the compier and GC threads where this can happen, and apply keep alive tactics
there to defer destruction of the Box<Identifier> to the mutator thread.

This patch fixes this by replacing uses of Box<Identifier> with
CacheableIdentifier, which is effectively a tagged union of a JSCell* or a
UniquedStringImpl*. The JSCell*, in this case, can be either a Symbol* or a
JSString* that is backed by an atom string. The VM runtime ensures that we'll
never try to cache an identifier from a JSCell that is not one of these. This
CacheableIdentifier can be destructed from the compiler or GC thread. Since it
doesn't hold a ref of the underlying UniquedStringImpl, it won't try to deref
it on destruction.

Instead, we'll need to visit CacheableIdentifiers during GC scans to keep the
JSCell in it alive, and that JSCell will, in turn, keep the underlying
UniquedStringImpl alive.

This patch also does the following:

1. Add a visitAggregate() method to StructureStubInfo, PolymorphicAccess, and AccessCase to visit the CacheableIdentifier's JSCell identifier. This visitAggregate() is called from CodeBlock::stronglyVisitStrongReferences().

When we write barrier a CodeBlock, it guarantees that its visitAggregate()
methods is called. However, it does not guarantee that its propagateTransitions()
method will be called. Since the CacheableIdentifier's reference to a cell
should be a strong reference, visiting it via a StructureStubInfo::visitAggregate()
method is the right thing to do.
See ​https://bugs.webkit.org/show_bug.cgi?id=205544#c7 for an example of why
propagateTransitions() doesn't always do the job.

StructureStubInfo::visitWeakReferences() is also inappropriate for this
because it is only called after all marking is done. It is also not meant
to keep cells alive but merely for clearing weak references to dead cells.

2. Also add to visitAggregate() for ModuleNamespaceData's m_identifier in GetByStatus::markIfCheap().

3. Remove previously applied keep alive tactics to work around Box<Identifier> destruction. This also retores the allowance to destruct DFG::Plans on a compiler thread.

4. Added a JSString:getValueImpl() helper.

5. Added a write barrier in DFG and FTL JITFinalizer's finalizeCommon() to ensure that frozen values are scanned by the GC.

During compilation, the frozen values were previously protected by the Plan.
After finalization, they should be protected by the CodeBlock. Hence, we
should barrier the CodeBlock since the last GC scan of the CodeBlock may have
happened before the frozen values were registered with the CodeBlock.

GC considerations:
==================
The following also addresses Yusuke's concerns in ​https://bugs.webkit.org/show_bug.cgi?id=205544#c10.

CacheableIdentifier is only stored as fields in 4 classes/structs:

1. AccessCase::m_identifier
2. GetByIdVariant::m_identifier
3. ModuleNamespaceData::m_identifier
4. StructureStubInfo::m_getByIdSelfIdentifier

AccessCase::m_identifier
========================
While the access case is being created and added in tryCacheGetBy(), the
CacheableIdentifier is still on the stack and protected from the GC. At the
bottom of tryCacheGetBy(), StructureStubInfo::addAccessCase() is called to add
the access case.

StructureStubInfo::addAccessCase() will barrier the owner CodeBlock at its end,
and CodeBlock::stronglyVisitStrongReferences() will visit the StructureStubInfo,
which in turn visits the AccessCase. StructureStubInfo::visitAggregate() has
been added for this purpose.

GetByIdVariant::m_identifier
============================
GetByIdVariant is only stored in GetByStatus. Both GetByIdVariant and GetByStatus
are only created and handled in the DFG/FTL compiler threads. While the compiler
thread is working with them, they are safe from the GC because the GC won't collect
objects until the compiler thread is at a SafePoint.

At compiler SafePoints, any GetByStatus that needs to be persisted is stored in
DFG::Plan::m_recordedStatuses. The Plan will visit the m_recordedStatuses in
Plan::checkLivenessAndVisitChildren().

At the end of compilation, Plan::m_recordedStatuses is transferred over to the owner
CodeBlock's DFG::CommonData in Plan::finalizeWithoutNotifyingCallback().
Plan::finalizeWithoutNotifyingCallback() will also barrier the owner CodeBlock at
its end.

Thereafter, CodeBlock::stronglyVisitStrongReferences() will visit the recordedStatuses.

ModuleNamespaceData::m_identifier
=================================
ModuleNamespaceData is only stored in a GetByStatus, and is therefore protected
similarly as the GetByIdVariant::m_identifier case above.

StructureStubInfo::m_getByIdSelfIdentifier
==========================================
StructureStubInfo::initGetByIdSelf() is called from inside tryCacheGetBy().
StructureStubInfo::initGetByIdSelf() will barrier the owner CodeBlock. The
CacheableIdentifier here is protected in the same way as the AccessCase::m_identifier
case above.

DesiredIdentifiers
==================
The compiler thread may also stash a CacheableIdentifier's uid in its
DesiredIdentifiers. Normally, the identifiers stashed in DesiredIdentifiers are
from identifiers that the CodeBlock already knows abut and manages (e.g. from
GetByIds). For uids from a cell-based CacheableIdentifier variable is passed to
a GetByVal, we need kep the cell alive in order to keep the uid alive. This is
achieved by freezing the cell with freezeStrong() in the op_get_by_val case in
the DFG BytecodeParser.

Reseting a StructureStubInfo while its IC code is still executing on the stack
==============================================================================
The concern is that IC code may call slow path / getter functions that may in turn:

1. reset the IC, and
2. run the GC.

This can be a problem if:

1. there is a scenario where we return from the slow path / getter function and run IC code that uses the cell / uid from the CacheableIdentifier.

This is because the StructureStubInfo is what visits the that cell, which
in turn its uid alive. Once the StructureStubInfo is reset, it will no
longer be associated with any AccessCase or the m_getByIdSelfIdentifier.
As such they will not be visited, and the CacheableIdentifier may be collected
by the GC.

In practice, the generated IC code never uses the cell / uid after it calls
any slow path / getter function. I've verified this by auditing the code
generation in InlineAccess::generateSelfInAccess() and PolymorphicAccess::regenerate().
Hence, there's no issue with using a collected cell / uid.

2. there is a scenario where a slow path / getter function makes use of the cell / uid from the CacheableIdentifier but does not protect it.

The only 2 slow path functions:

operationGetByValGeneric()
operationGetByValOptimize()

operationGetByValGeneric() does not use any CacheableIdentifier from the StructureStubInfo.

operationGetByValOptimize() modifies the StructureStubInfo in tryCacheGetBy()
under the protection of a GCSafeConcurrentJSLocker, and can reset the
StructureStubInfo. However, it does not use any CacheableIdentifier after
that.

Hence, there's also no GC issue here.

• CMakeLists.txt:
• JavaScriptCore.xcodeproj/project.pbxproj:
• Sources.txt:
• bytecode/AccessCase.cpp: (JSC::AccessCase::AccessCase): (JSC::AccessCase::create): (JSC::AccessCase::fromStructureStubInfo): (JSC::AccessCase::commit): (JSC::AccessCase::canReplace const): (JSC::AccessCase::dump const): (JSC::AccessCase::visitAggregate const): (JSC::AccessCase::generateWithGuard): (JSC::AccessCase::generateImpl):
• bytecode/AccessCase.h: (JSC::AccessCase::uid const): (JSC::AccessCase::identifier const):
• bytecode/CodeBlock.cpp: (JSC::CodeBlock::propagateTransitions): (JSC::CodeBlock::stronglyVisitStrongReferences):
• bytecode/GetByIdVariant.cpp: (JSC::GetByIdVariant::GetByIdVariant): (JSC::GetByIdVariant::attemptToMerge): (JSC::GetByIdVariant::visitAggregate): (JSC::GetByIdVariant::dumpInContext const):
• bytecode/GetByIdVariant.h: (JSC::GetByIdVariant::identifier const): (JSC::GetByIdVariant::overlaps):
• bytecode/GetByStatus.cpp: (JSC::GetByStatus::computeFromLLInt): (JSC::GetByStatus::computeFor): (JSC::GetByStatus::computeForStubInfoWithoutExitSiteFeedback): (JSC::GetByStatus::visitAggregate): (JSC::GetByStatus::singleIdentifier const):
• bytecode/GetByStatus.h:
• bytecode/GetterSetterAccessCase.cpp: (JSC::GetterSetterAccessCase::GetterSetterAccessCase): (JSC::GetterSetterAccessCase::create):
• bytecode/GetterSetterAccessCase.h:
• bytecode/InstanceOfAccessCase.cpp: (JSC::InstanceOfAccessCase::InstanceOfAccessCase):
• bytecode/IntrinsicGetterAccessCase.cpp: (JSC::IntrinsicGetterAccessCase::IntrinsicGetterAccessCase): (JSC::IntrinsicGetterAccessCase::create):
• bytecode/IntrinsicGetterAccessCase.h:
• bytecode/ModuleNamespaceAccessCase.cpp: (JSC::ModuleNamespaceAccessCase::ModuleNamespaceAccessCase): (JSC::ModuleNamespaceAccessCase::create):
• bytecode/ModuleNamespaceAccessCase.h:
• bytecode/PolymorphicAccess.cpp: (JSC::PolymorphicAccess::visitAggregate): (JSC::PolymorphicAccess::regenerate):
• bytecode/PolymorphicAccess.h:
• bytecode/ProxyableAccessCase.cpp: (JSC::ProxyableAccessCase::ProxyableAccessCase): (JSC::ProxyableAccessCase::create):
• bytecode/ProxyableAccessCase.h:
• bytecode/RecordedStatuses.cpp: (JSC::RecordedStatuses::visitAggregate):
• bytecode/RecordedStatuses.h:
• bytecode/StructureStubInfo.cpp: (JSC::StructureStubInfo::initGetByIdSelf): (JSC::StructureStubInfo::addAccessCase): (JSC::StructureStubInfo::visitAggregate):
• bytecode/StructureStubInfo.h: (JSC::StructureStubInfo::getByIdSelfIdentifier):
• dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::parseGetById): (JSC::DFG::ByteCodeParser::parseBlock):
• dfg/DFGDesiredIdentifiers.cpp: (JSC::DFG::DesiredIdentifiers::ensure): (JSC::DFG::DesiredIdentifiers::at const): (JSC::DFG::DesiredIdentifiers::reallyAdd): (JSC::DFG::DesiredIdentifiers::processCodeBlockIdentifiersIfNeeded): Deleted.
• dfg/DFGDesiredIdentifiers.h:
• dfg/DFGJITFinalizer.cpp: (JSC::DFG::JITFinalizer::finalizeCommon):
• dfg/DFGPlan.cpp: (JSC::DFG::Plan::~Plan): (JSC::DFG::Plan::checkLivenessAndVisitChildren): (JSC::DFG::Plan::cancel):
• dfg/DFGPlan.h: (JSC::DFG::Plan::keepAliveIdentifier): Deleted.
• dfg/DFGWorklist.cpp: (JSC::DFG::Worklist::removeAllReadyPlansForVM): (JSC::DFG::Worklist::removeDeadPlans): (JSC::DFG::Worklist::removeNonCompilingPlansForVM): (JSC::DFG::Worklist::deleteCancelledPlansForVM): Deleted.
• dfg/DFGWorklist.h:
• ftl/FTLJITFinalizer.cpp: (JSC::FTL::JITFinalizer::finalizeCommon):
• jit/JITOperations.cpp:
• jit/Repatch.cpp: (JSC::tryCacheGetBy): (JSC::repatchGetBy): (JSC::tryCacheArrayGetByVal): (JSC::tryCacheInstanceOf):
• jit/Repatch.h:
• runtime/CacheableIdentifier.cpp: Added. (JSC::CacheableIdentifier::dump const):
• runtime/CacheableIdentifier.h: Added. (JSC::CacheableIdentifier::CacheableIdentifier): (JSC::CacheableIdentifier::isUid const): (JSC::CacheableIdentifier::isCell const): (JSC::CacheableIdentifier::isSymbol const): (JSC::CacheableIdentifier::operator bool const):
• runtime/CacheableIdentifierInlines.h: Added. (JSC::CacheableIdentifier::CacheableIdentifier): (JSC::CacheableIdentifier::cell const): (JSC::CacheableIdentifier::uid const): (JSC::CacheableIdentifier::isCacheableIdentifierCell): (JSC::CacheableIdentifier::isSymbolCell const): (JSC::CacheableIdentifier::isStringCell const): (JSC::CacheableIdentifier::setCellBits): (JSC::CacheableIdentifier::setUidBits): (JSC::CacheableIdentifier::visitAggregate const): (JSC::CacheableIdentifier::operator== const): (JSC::CacheableIdentifier::operator!= const):
• runtime/ExceptionHelpers.cpp: (JSC::functionCallBase):
• runtime/JSString.h: (JSC::JSString::getValueImpl const):
• runtime/VM.cpp: (JSC::VM::ensureWatchpointSetForImpureProperty): (JSC::VM::addImpureProperty): (JSC::VM::registerWatchpointForImpureProperty): Deleted.
• runtime/VM.h:

Source/WebCore:

• bindings/js/CommonVM.cpp: (WebCore::addImpureProperty):

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254464 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:16 AM Changeset in webkit [254621] by Alan Coon

• 2 edits in branches/safari-609-branch/LayoutTests

Cherry-pick r254415. rdar://problem/58548648

REGRESSION(r185816): In the Hong Kong locale, navigator.language reports it's in the Taiwan locale
​https://bugs.webkit.org/show_bug.cgi?id=200043

Make iOS bots green until they can be updated.

Unreviewed.

• platform/ios/TestExpectations:

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254415 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:16 AM Changeset in webkit [254620] by Alan Coon

• 2 edits in branches/safari-609-branch/Source/WTF

Cherry-pick r254413. rdar://problem/58548648

REGRESSION(r185816): In the Hong Kong locale, navigator.language reports it's in the Taiwan locale
​https://bugs.webkit.org/show_bug.cgi?id=200043

Unreviewed.

Fix build.

• wtf/cocoa/LanguageCocoa.mm: (WTF::canMinimizeLanguages):

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254413 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:16 AM Changeset in webkit [254619] by Alan Coon

• 22 edits in branches/safari-609-branch

Cherry-pick r254412. rdar://problem/58548648

REGRESSION(r185816): In the Hong Kong locale, navigator.language reports it's in the Taiwan locale
​https://bugs.webkit.org/show_bug.cgi?id=200043

Unreviewed.

Addressing additional review comments.

Source/WTF:

• wtf/cocoa/LanguageCocoa.mm: (WTF::canMinimizeLanguages):

LayoutTests:

• fast/text/international/system-language/navigator-language/navigator-language-en-GB.html:
• fast/text/international/system-language/navigator-language/navigator-language-en-US.html:
• fast/text/international/system-language/navigator-language/navigator-language-en.html:
• fast/text/international/system-language/navigator-language/navigator-language-es-419.html:
• fast/text/international/system-language/navigator-language/navigator-language-es-ES.html:
• fast/text/international/system-language/navigator-language/navigator-language-es-MX.html:
• fast/text/international/system-language/navigator-language/navigator-language-es.html:
• fast/text/international/system-language/navigator-language/navigator-language-fr-CA.html:
• fast/text/international/system-language/navigator-language/navigator-language-fr.html:
• fast/text/international/system-language/navigator-language/navigator-language-hi.html:
• fast/text/international/system-language/navigator-language/navigator-language-ja.html:
• fast/text/international/system-language/navigator-language/navigator-language-pt-BR.html:
• fast/text/international/system-language/navigator-language/navigator-language-pt-PT.html:
• fast/text/international/system-language/navigator-language/navigator-language-ru.html:
• fast/text/international/system-language/navigator-language/navigator-language-zh-HK.html:
• fast/text/international/system-language/navigator-language/navigator-language-zh-Hans.html:
• fast/text/international/system-language/navigator-language/navigator-language-zh-Hant-HK.html:
• fast/text/international/system-language/navigator-language/navigator-language-zh-Hant.html:
• fast/text/international/system-language/navigator-language/navigator-language-zh-TW.html:

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254412 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:16 AM Changeset in webkit [254618] by Alan Coon

• 2 edits in branches/safari-609-branch/Source/WTF

Cherry-pick r254411. rdar://problem/58548648

Fix internal Apple builds after r254389
​https://bugs.webkit.org/show_bug.cgi?id=206135

Rubber stamped by Zalan Bujtas.

• wtf/spi/cocoa/NSLocaleSPI.h:

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254411 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:16 AM Changeset in webkit [254617] by Alan Coon

• 3 edits
  1 add in branches/safari-609-branch

Cherry-pick r254393. rdar://problem/58553158

[JSC] Flush old tables in End phase
​https://bugs.webkit.org/show_bug.cgi?id=206120
<rdar://problem/58039989>

Reviewed by Mark Lam.

JSTests:

• stress/create-many-realms.js: Added. (foo):

Source/JavaScriptCore:

stopThePeriphery is stopping compiler threads and main thread (mutator), which means making m_worldIsStopped = true.
It is not for stopping all heap threads including a concurrent marker. The concurrent collector can work while executing
stopThePeriphery. This means that concurrent collectors can access to the old StructureIDTable while it is destroyed
in stopThePeriphery. Destroying old StructureIDTable in GC End phase, this is appropriate phase that we can ensure no
other threads (accessing to heap) are working including concurrent markers, mutator, and compiler threads.

• heap/Heap.cpp: (JSC::Heap::runEndPhase): (JSC::Heap::stopThePeriphery):

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254393 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:16 AM Changeset in webkit [254616] by Alan Coon

• 2 edits in branches/safari-609-branch/LayoutTests

Cherry-pick r254391. rdar://problem/58548648

REGRESSION(r185816): In the Hong Kong locale, navigator.language reports it's in the Taiwan locale
​https://bugs.webkit.org/show_bug.cgi?id=200043

Temporarily mark the navigator-language tests as flakey until I can figure out what to do with them.

Unreviewed.

• platform/mac/TestExpectations:

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254391 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:16 AM Changeset in webkit [254615] by Alan Coon

• 11 edits
  41 adds
  1 delete in branches/safari-609-branch

Cherry-pick r254389. rdar://problem/58548648

REGRESSION(r185816): In the Hong Kong locale, navigator.language reports it's in the Taiwan locale
​https://bugs.webkit.org/show_bug.cgi?id=200043
Source/WTF:

<rdar://problem/44119496>

Reviewed by Dean Jackson.

We ask the system for the current locale using CFLocaleCopyPreferredLanguages(), and then round-trip
it through CFBundleGetLocalizationInfoForLocalization() / CFBundleCopyLocalizationForLocalizationInfo().
This was to work around the fact that CFLocaleCopyPreferredLanguages() previously didn't report BCP47
language codes. However, that round-tripping was introducing errors, such as "zh-Hant-HK" was getting
turned into "zh-Hant-TW" which is clearly wrong. The CFBundle functions were never supposed to be used
in this way.

Instead, we can use CFLocaleCreateCanonicalLanguageIdentifierFromString() which is intended to
canonicalize locale identifiers, and does return BCP47 language codes. However, this function preserves
more fingerprinting entropy than the old code path, so we pass the input through new NSLocale SPI to
minimize the entropy revealed.

• WTF.xcodeproj/project.pbxproj:
• wtf/Language.h:
• wtf/Platform.h:
• wtf/PlatformMac.cmake:
• wtf/cf/LanguageCF.cpp: (WTF::httpStyleLanguageCode): (WTF::platformUserPreferredLanguages):
• wtf/cocoa/LanguageCocoa.mm: Added. (WTF::minimizedLanguagesFromLanguages):
• wtf/spi/cocoa/NSLocaleSPI.h: Added.

Tools:

Reviewed by Dean Jackson.

Migrate system language tests to LayoutTests, to match the rest of our system language tests.

• TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
• TestWebKitAPI/Tests/mac/NavigatorLanguage.mm: Removed.

LayoutTests:

<rdar://problem/44119496>

Reviewed by Dean Jackson.

Migrate and update tests from TestWebKitAPI to LayoutTests, to match the rest of our system language tests.

• platform/mac/TestExpectations: Mark these tests as possibly failing on older versions of macOS.
• fast/text/international/system-language/navigator-language/navigator-language-en-GB-expected.txt: Added.
• fast/text/international/system-language/navigator-language/navigator-language-en-GB.html: Added.
• fast/text/international/system-language/navigator-language/navigator-language-en-US-expected.txt: Added.
• fast/text/international/system-language/navigator-language/navigator-language-en-US.html: Added.
• fast/text/international/system-language/navigator-language/navigator-language-en-expected.txt: Added.
• fast/text/international/system-language/navigator-language/navigator-language-en.html: Added.
• fast/text/international/system-language/navigator-language/navigator-language-es-419-expected.txt: Added.
• fast/text/international/system-language/navigator-language/navigator-language-es-419.html: Added.
• fast/text/international/system-language/navigator-language/navigator-language-es-ES-expected.txt: Added.
• fast/text/international/system-language/navigator-language/navigator-language-es-ES.html: Added.
• fast/text/international/system-language/navigator-language/navigator-language-es-MX-expected.txt: Added.
• fast/text/international/system-language/navigator-language/navigator-language-es-MX.html: Added.
• fast/text/international/system-language/navigator-language/navigator-language-es-expected.txt: Added.
• fast/text/international/system-language/navigator-language/navigator-language-es.html: Added.
• fast/text/international/system-language/navigator-language/navigator-language-fr-CA-expected.txt: Added.
• fast/text/international/system-language/navigator-language/navigator-language-fr-CA.html: Added.
• fast/text/international/system-language/navigator-language/navigator-language-fr-expected.txt: Added.
• fast/text/international/system-language/navigator-language/navigator-language-fr.html: Added.
• fast/text/international/system-language/navigator-language/navigator-language-hi-expected.txt: Added.
• fast/text/international/system-language/navigator-language/navigator-language-hi.html: Added.
• fast/text/international/system-language/navigator-language/navigator-language-ja-expected.txt: Added.
• fast/text/international/system-language/navigator-language/navigator-language-ja.html: Added.
• fast/text/international/system-language/navigator-language/navigator-language-pt-BR-expected.txt: Added.
• fast/text/international/system-language/navigator-language/navigator-language-pt-BR.html: Added.
• fast/text/international/system-language/navigator-language/navigator-language-pt-PT-expected.txt: Added.
• fast/text/international/system-language/navigator-language/navigator-language-pt-PT.html: Added.
• fast/text/international/system-language/navigator-language/navigator-language-ru-expected.txt: Added.
• fast/text/international/system-language/navigator-language/navigator-language-ru.html: Added.
• fast/text/international/system-language/navigator-language/navigator-language-zh-HK-expected.txt: Added.
• fast/text/international/system-language/navigator-language/navigator-language-zh-HK.html: Added.
• fast/text/international/system-language/navigator-language/navigator-language-zh-Hans-expected.txt: Added.
• fast/text/international/system-language/navigator-language/navigator-language-zh-Hans.html: Added.
• fast/text/international/system-language/navigator-language/navigator-language-zh-Hant-HK-expected.txt: Added.
• fast/text/international/system-language/navigator-language/navigator-language-zh-Hant-HK.html: Added.
• fast/text/international/system-language/navigator-language/navigator-language-zh-Hant-expected.txt: Added.
• fast/text/international/system-language/navigator-language/navigator-language-zh-Hant.html: Added.
• fast/text/international/system-language/navigator-language/navigator-language-zh-TW-expected.txt: Added.
• fast/text/international/system-language/navigator-language/navigator-language-zh-TW.html: Added.
• js/dom/navigator-language-expected.txt:

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254389 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:15 AM Changeset in webkit [254614] by Alan Coon

• 2 edits in branches/safari-609-branch/Source/WebCore

Cherry-pick r254374. rdar://problem/58549092

Resource Load Statistics: Align WebCore::NetworkStorageSession's m_thirdPartyCookieBlockingMode init value with r254239
​https://bugs.webkit.org/show_bug.cgi?id=206082
<rdar://problem/58487498>

Unreviewed minor, follow-up fix.

• platform/network/NetworkStorageSession.h:

The init value of m_thirdPartyCookieBlockingMode was changed to
ThirdPartyCookieBlockingMode::All to align it with r254239.

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254374 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:15 AM Changeset in webkit [254613] by Alan Coon

• 8 edits in branches/safari-609-branch

Cherry-pick r254344. rdar://problem/58559189

Add SPI to enable TLS 1.0 and 1.1 in WKWebViews
​https://bugs.webkit.org/show_bug.cgi?id=206046

Patch by Alex Christensen <​achristensen@webkit.org> on 2020-01-10
Reviewed by Youenn Fablet.

Source/WebKit:

This is needed for <rdar://problem/58464912>
Covered by API tests.

• UIProcess/API/Cocoa/_WKWebsiteDataStoreConfiguration.h:
• UIProcess/API/Cocoa/_WKWebsiteDataStoreConfiguration.mm: (-[_WKWebsiteDataStoreConfiguration legacyTLSEnabled]): (-[_WKWebsiteDataStoreConfiguration setLegacyTLSEnabled:]):
• UIProcess/WebsiteData/Cocoa/WebsiteDataStoreCocoa.mm: (WebKit::WebsiteDataStore::parameters):
• UIProcess/WebsiteData/WebsiteDataStoreConfiguration.cpp: (WebKit::WebsiteDataStoreConfiguration::copy const):
• UIProcess/WebsiteData/WebsiteDataStoreConfiguration.h: (WebKit::WebsiteDataStoreConfiguration::legacyTLSEnabled const): (WebKit::WebsiteDataStoreConfiguration::setLegacyTLSEnabled):

Tools:

• TestWebKitAPI/Tests/WebKitCocoa/TLSDeprecation.mm: (TestWebKitAPI::TEST):

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254344 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:15 AM Changeset in webkit [254612] by Alan Coon

• 7 edits
  4 adds in branches/safari-609-branch

Cherry-pick r254322. rdar://problem/58549088

Block cross-site top-frame navigations from untrusted iframes
​https://bugs.webkit.org/show_bug.cgi?id=206027
<rdar://problem/58320516>

Reviewed by Geoffrey Garen.

Source/WebCore:

Block cross-site top-frame navigations from untrusted iframes, unless they have a user gesture.
We already consider third-party iframes as untrusted, we now also treat first-party iframes
as untrusted if they are loaded both third-party scripts & iframes.

Test: http/tests/security/block-top-level-navigations-by-untrusted-first-party-iframes.html

• dom/Document.cpp: (WebCore::Document::canNavigate): (WebCore::Document::willLoadScriptElement): (WebCore::Document::willLoadFrameElement): (WebCore::Document::isNavigationBlockedByThirdPartyIFrameRedirectBlocking):
• dom/Document.h:
• dom/ScriptElement.cpp: (WebCore::ScriptElement::requestClassicScript):
• html/HTMLFrameElementBase.cpp: (WebCore::HTMLFrameElementBase::openURL):

LayoutTests:

Add layout test coverage.

• http/tests/security/block-top-level-navigations-by-third-party-iframes-expected.txt:
• http/tests/security/block-top-level-navigations-by-untrusted-first-party-iframes-expected.txt: Added.
• http/tests/security/block-top-level-navigations-by-untrusted-first-party-iframes.html: Added.
• http/tests/security/resources/navigate-top-level-frame-to-failure-page-untrusted-iframe.html: Added.
• http/tests/security/resources/navigate-top-to-error-page.js: Added.

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254322 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:15 AM Changeset in webkit [254611] by Alan Coon

• 2 edits in branches/safari-609-branch/Source/WebKit

Cherry-pick r254310. rdar://problem/58552856

Check the existence of the optional m_sessionID before using it in WebProcess::setResourceLoadStatisticsEnabled()
​https://bugs.webkit.org/show_bug.cgi?id=206035
<rdar://problem/58455306>

Reviewed by Brent Fulgham.

No new tests.

• WebProcess/WebProcess.cpp: (WebKit::WebProcess::setResourceLoadStatisticsEnabled):

Added a check that m_sessionID exists.

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254310 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:15 AM Changeset in webkit [254610] by Alan Coon

• 9 edits in branches/safari-609-branch/Source

Cherry-pick r254293. rdar://problem/58549084

Resource Load Statistics: Flip experimental website data removal setting from an enable to a disable
​https://bugs.webkit.org/show_bug.cgi?id=205966
<rdar://problem/58425000>

Reviewed by Brent Fulgham.

To get default on behavior, experimental features in the network process need to be
turned from enable flags to disable flags. This patch does that for the experimental
website data removal flag.

Source/WebCore:

No new tests. This change just reverses the interpretation of a flag.

• page/Settings.yaml:

Source/WebKit:

This change also aligns the init values of the setting to match the default.

• NetworkProcess/Classifier/ResourceLoadStatisticsStore.h:
• NetworkProcess/NetworkSession.h:
• NetworkProcess/NetworkSessionCreationParameters.h:
• Shared/WebPreferences.yaml:
• UIProcess/WebProcessPool.cpp: (WebKit::WebProcessPool::ensureNetworkProcess):
• UIProcess/WebsiteData/Cocoa/WebsiteDataStoreCocoa.mm: (WebKit::WebsiteDataStore::parameters):

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254293 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:15 AM Changeset in webkit [254609] by Alan Coon

• 2 edits in branches/safari-609-branch/Source/WebKit

Cherry-pick r254292. rdar://problem/58552868

Set the title for images so it will be correctly displayed in UIContextMenus
​https://bugs.webkit.org/show_bug.cgi?id=205980
<rdar://problem/57701988>

Reviewed by Dean Jackson.

Need to set the title text for images.

• UIProcess/ios/WKContentViewInteraction.mm: (-[WKContentView continueContextMenuInteraction:]):

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254292 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:15 AM Changeset in webkit [254608] by Alan Coon

• 3 edits in branches/safari-609-branch/Source/WebCore

Cherry-pick r254288. rdar://problem/58548984

[Cocoa] persistent-usage-record message fails first time; succeeds subsequent times
​https://bugs.webkit.org/show_bug.cgi?id=205970
<rdar://problem/57785647>

Reviewed by Eric Carlson.

The AVContentKeySession is created too early; before the CDM has a chance to provide the storage path
for persistent usage records. Delay creation of the AVCKS until it's actually needed during the first
license request.

Drive-by fix: fix the exceptional case where a PUR session is closed but PUR data isn't available; send
a null message rather than an empty array.

• platform/graphics/avfoundation/objc/CDMInstanceFairPlayStreamingAVFObjC.h:
• platform/graphics/avfoundation/objc/CDMInstanceFairPlayStreamingAVFObjC.mm: (WebCore::CDMInstanceFairPlayStreamingAVFObjC::contentKeySession): (WebCore::CDMInstanceSessionFairPlayStreamingAVFObjC::removeSessionData): (WebCore::CDMInstanceFairPlayStreamingAVFObjC::CDMInstanceFairPlayStreamingAVFObjC): Deleted. (WebCore::CDMInstanceFairPlayStreamingAVFObjC::ensureSession): Deleted.

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254288 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:15 AM Changeset in webkit [254607] by Alan Coon

• 2 edits in branches/safari-609-branch/Source/WebKit

Cherry-pick r254287. rdar://problem/58552886

Fullscreen videos do not enter PiP in first tap
​https://bugs.webkit.org/show_bug.cgi?id=205986

Reviewed by Eric Carlson.

This patch essentially reverts the fix for webkit.org/b/204461.
The fix for webkit.org/b/204461 depends on a fix in AVKit along
with a corresponding update in WebKit (webkit.org/b/204979).
We will need to reapply the fix for webkit.org/b/204461 after they are landed.

• WebProcess/cocoa/VideoFullscreenManager.mm: (WebKit::VideoFullscreenManager::enterVideoFullscreenForVideoElement): (WebKit::VideoFullscreenManager::exitVideoFullscreenForVideoElement):

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254287 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:15 AM Changeset in webkit [254606] by Alan Coon

• 2 edits in branches/safari-609-branch/LayoutTests

Cherry-pick r254261. rdar://problem/58549081

REGRESSION: [ Mac wk2 ] http/wpt/service-workers/persistent-importScripts.html is a flaky failure
​https://bugs.webkit.org/show_bug.cgi?id=205886
<rdar://problem/58387910>

Reviewed by Chris Dumez.

Make sure registrations are stored on disk before crashing the network process.

• http/wpt/service-workers/persistent-importScripts.html:
• platform/mac-wk2/TestExpectations:

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254261 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:15 AM Changeset in webkit [254605] by Alan Coon

• 2 edits in branches/safari-609-branch/LayoutTests

Cherry-pick r254260. rdar://problem/58552882

REGRESSION: [ Mac ] webrtc/video-autoplay.html is a flaky failure
​https://bugs.webkit.org/show_bug.cgi?id=205893
<rdar://problem/58391046>

Reviewed by Eric Carlson.

• webrtc/video-autoplay.html: Speculative fix as I am not able to reproduce locally. Hypothesis is that removing from DOM the video element is supposed to asynchronously pause the video element. We should therefore ensure that the video element is paused before calling getUserMedia.

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254260 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:15 AM Changeset in webkit [254604] by Alan Coon

• 5 edits in branches/safari-609-branch

Cherry-pick r254254. rdar://problem/58548978

WebKitTestRunner leaks objects in a top-level autoreleasePool that's never cleared
<​https://webkit.org/b/205950>
<rdar://problem/50987831>

Reviewed by Joseph Pecoraro.

Source/WebKit:

• UIProcess/mac/WebPreferencesMac.mm: (WebKit::WebPreferences::platformInitializeStore):
• Add an @autoreleasepool block around the contents of this method since it generates numerous autoreleased objects when run.

Tools:

• WebKitTestRunner/ios/mainIOS.mm: (main):
• Add an @autoreleasepool block around a line of code that generates autoreleased objects. These objects would never be released for the life of the process prior to this change.
• WebKitTestRunner/mac/main.mm: (main):
• Move instantiation of WTR::TestController outside of @autoreleasepool block so the pool can be drained while running tests. Prior to this change, this autoreleasePool would never be drained.

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254254 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:15 AM Changeset in webkit [254603] by Alan Coon

• 2 edits in branches/safari-609-branch/JSTests

Cherry-pick r254247. rdar://problem/58553146

Unreviewed follow up on r254188. I accidentally included the same test
twice instead of including the two different variants.

• stress/ai-value-mod-should-result-in-constant-int-where-possible.js:

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254247 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:15 AM Changeset in webkit [254602] by Alan Coon

• 2 edits in branches/safari-609-branch/Source/JavaScriptCore

Cherry-pick r254244. rdar://problem/58553148

Instruction.h: Multiplication result converted to larger type
​https://bugs.webkit.org/show_bug.cgi?id=205945

Reviewed by Mark Lam.

• bytecode/Instruction.h: (JSC::BaseInstruction::size const): Changed the types to size_t so that the computation is computed accordingly.

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254244 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:15 AM Changeset in webkit [254601] by Alan Coon

• 9 edits in branches/safari-609-branch/Source

Cherry-pick r254239. rdar://problem/58549100

Resource Load Statistics: Flip experimental cookie blocking setting from an enable to a disable
​https://bugs.webkit.org/show_bug.cgi?id=205963
<rdar://problem/58424136>

Reviewed by Brent Fulgham.

To get default on behavior, experimental features in the network process need to be
turned from enable flags to disable flags. This patch does that for the experimental
cookie blocking flag.

Source/WebCore:

No new tests. This change just reverses the interpretation of a flag.

• page/Settings.yaml:

Source/WebKit:

This change also aligns the init values of the setting to match the default.

• NetworkProcess/Classifier/ResourceLoadStatisticsStore.h:
• NetworkProcess/NetworkSession.h:
• NetworkProcess/NetworkSessionCreationParameters.h:
• Shared/WebPreferences.yaml:
• UIProcess/WebProcessPool.cpp: (WebKit::WebProcessPool::ensureNetworkProcess):
• UIProcess/WebsiteData/Cocoa/WebsiteDataStoreCocoa.mm: (WebKit::WebsiteDataStore::parameters):

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254239 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:15 AM Changeset in webkit [254600] by Alan Coon

• 2 edits in branches/safari-609-branch/Source/JavaScriptCore

Cherry-pick r254218. rdar://problem/58553153

JSArrayBufferView.h: Multiplication result converted to larger type
​https://bugs.webkit.org/show_bug.cgi?id=205943

Reviewed by Saam Barati.

Added cast to size_t to make the whole calculation size_t.

• runtime/JSArrayBufferView.h: (JSC::JSArrayBufferView::sizeOf):

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254218 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:15 AM Changeset in webkit [254599] by Alan Coon

• 2 edits in branches/safari-609-branch/Source/WebKit

Cherry-pick r254208. rdar://problem/58559193

IPC::Connection::sendMessage() should use CRASH_WITH_INFO()
<​https://webkit.org/b/205419>
<rdar://problem/58058661>

Reviewed by Mark Lam.

• Platform/IPC/cocoa/ConnectionCocoa.mm: (IPC::Connection::sendMessage):
• Switch from CRASH() to CRASH_WITH_INFO().

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254208 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:15 AM Changeset in webkit [254598] by Alan Coon

• 7 edits
  2 adds in branches/safari-609-branch

Cherry-pick r254201. rdar://problem/58552859

[Web Animations] Stop creating CSS Animations for <noscript> elements
​https://bugs.webkit.org/show_bug.cgi?id=205925
<rdar://problem/58158479>

Reviewed by Antti Koivisto.

Source/WebCore:

Test: webanimations/no-css-animation-on-noscript.html

It makes no sense to create CSS Animations for a <noscript> element and it has the side effect of potential crashes.
Indeed, AnimationTimeline::updateCSSAnimationsForElement() may be called without a currentStyle and so we never have
a list of previously-applied animations to compare to the list of animations in afterChangeStyle. So on each call we
end up creating a new CSSAnimation and the previous animation for the same name is never explicitly removed from the
effect stack and is eventually destroyed and the WeakPtr for it in the stack ends up being null, which would cause a
crash under KeyframeEffectStack::ensureEffectsAreSorted().

We now prevent elements such as <noscript> from being considered for CSS Animations in TreeResolver::resolveElement().

• dom/Element.cpp: (WebCore::Element::rendererIsNeeded):
• dom/Element.h: (WebCore::Element::rendererIsEverNeeded):
• html/HTMLElement.cpp: (WebCore::HTMLElement::rendererIsEverNeeded): (WebCore::HTMLElement::rendererIsNeeded): Deleted.
• html/HTMLElement.h:
• style/StyleTreeResolver.cpp: (WebCore::Style::TreeResolver::resolveElement):

LayoutTests:

Add a new test that checks that setting the animation property on a <noscript> element does not yield the creation of a CSSAnimation object.

• webanimations/no-css-animation-on-noscript-expected.txt: Added.
• webanimations/no-css-animation-on-noscript.html: Added.

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254201 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:15 AM Changeset in webkit [254597] by Alan Coon

• 3 edits
  2 adds in branches/safari-609-branch

Cherry-pick r254188. rdar://problem/58553146

AI rule for ValueMod/ValueDiv produce constants with the wrong format when the result can be an int32
​https://bugs.webkit.org/show_bug.cgi?id=205906
<rdar://problem/56108519>

Reviewed by Yusuke Suzuki.

JSTests:

• stress/ai-value-div-should-result-in-constant-int-where-possible.js: Added. (foo.bar.f): (foo.): (foo):
• stress/ai-value-mod-should-result-in-constant-int-where-possible.js: Added. (foo.bar.f): (foo.): (foo):

Source/JavaScriptCore:

The runtime code for ValueMod and ValueDiv produces an int32 when the result
is of int32 value. However, the AI was saying the result is in double format.
This patch fixes AI to produce a JSValue in the right format.

• dfg/DFGAbstractInterpreterInlines.h: (JSC::DFG::AbstractInterpreter<AbstractStateType>::handleConstantDivOp):

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254188 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:15 AM Changeset in webkit [254596] by Alan Coon

• 2 edits in branches/safari-609-branch/Source/WebKitLegacy

Cherry-pick r254169. rdar://problem/58552876

REGRESSION (r248734): different threads write m_storageMap of StorageAreaImpl at the same time
​https://bugs.webkit.org/show_bug.cgi?id=205764
<rdar://problem/58179425>

Reviewed by Maciej Stachowiak.

In StorageAreaImpl, we avoid modifying m_storageMap from different threads at the same time by blocking main
thread access to it until the writes(importing items) of storage thread is done.

In r248734 we introduced a new case where the main thread could modify m_storageMap for session change, but we
didn't add the wait there.

• Storage/StorageAreaImpl.cpp: (WebKit::StorageAreaImpl::importItems): (WebKit::StorageAreaImpl::sessionChanged):

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254169 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:15 AM Changeset in webkit [254595] by Alan Coon

• 2 edits in branches/safari-609-branch/LayoutTests

Cherry-pick r254157. rdar://problem/58549081

REGRESSION: [ Mac wk2 ] http/wpt/service-workers/persistent-importScripts.html is a flaky failure
​https://bugs.webkit.org/show_bug.cgi?id=205886

Unreviewed test gardening.

• platform/mac-wk2/TestExpectations:

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254157 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:14 AM Changeset in webkit [254594] by Alan Coon

• 2 edits in branches/safari-609-branch/Source/WebCore

Cherry-pick r254155. rdar://problem/58552864

Add a move constructor to IDBResultData
​https://bugs.webkit.org/show_bug.cgi?id=205833
<rdar://problem/58146233>

Reviewed by Youenn Fablet.

• Modules/indexeddb/shared/IDBResultData.h:

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254155 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:14 AM Changeset in webkit [254593] by Alan Coon

• 4 edits in branches/safari-609-branch/Source/JavaScriptCore

Cherry-pick r254152. rdar://problem/58552854

[JSC] Remove vm accessor in JSVirtualMachine to reduce binary size
​https://bugs.webkit.org/show_bug.cgi?id=205880

Reviewed by Mark Lam.

Objective-C has reflection mechanism. This means that fields, methods, and their types
need to hold its string representations in binary even if we are using release build.
While typical Objective-C class does not have large size of type names, C++ struct / class
has very large one, and putting them in Objective-C method names, parameter types, or fields
makes binary size very large.

By analyzing JavaScriptCore binary, I found that Objective-C method type symbols are taking 200~KB
binary size. (Section objc_methtype: 235081 (addr 0x105e9a3 offset 17164707)). And it is due to
JSC::VM type included in [JSVirtualMachine vm] accessor.

This patch removes this accessor and gets 200KB binary size reduction.

• API/JSScript.mm: (-[JSScript readCache]): (-[JSScript sourceCode]): (-[JSScript jsSourceCode]): (-[JSScript writeCache:]):
• API/JSVirtualMachine.mm: (-[JSVirtualMachine JSContextGroupRef]): (-[JSVirtualMachine isWebThreadAware]): (-[JSVirtualMachine vm]): Deleted.
• API/JSVirtualMachineInternal.h:

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254152 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:14 AM Changeset in webkit [254592] by Alan Coon

• 2 edits in branches/safari-609-branch/Source/WebKit

Cherry-pick r254147. rdar://problem/58549096

Reformat WebFrameLoaderClient logging
​https://bugs.webkit.org/show_bug.cgi?id=205869
<rdar://problem/58379240>

Reviewed by Brent Fulgham.

Update the format used by WebFrameLoaderClient in its RELEASE_LOG
logging. Use the format used by WebPageProxy and
NetworkResourceLoader, which is generally of the form:

<object-address> - [<values that help thread together operations>] <class>::<method>: <message and other useful values>

So, for example:

0x4a1d7c310 - WebFrameLoaderClient::dispatchDidReachLayoutMilestone: dispatching didCompletePageTransition, page = 0x7f83ba009208

becomes:

0x4a1d7c310 - [webFrame=0x7ff703f03b68, webFrameID=3, webPage=0x7ff704831808, webPageID=15] WebFrameLoaderClient::dispatchDidReachLayoutMilestone: dispatching didCompletePageTransition

No new tests - no added or changed functionality.

• WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp: (WebKit::WebFrameLoaderClient::dispatchDidReceiveServerRedirectForProvisionalLoad): (WebKit::WebFrameLoaderClient::dispatchDidFailProvisionalLoad): (WebKit::WebFrameLoaderClient::dispatchDidFailLoad): (WebKit::WebFrameLoaderClient::dispatchDidReachLayoutMilestone):

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254147 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:14 AM Changeset in webkit [254591] by Alan Coon

• 5 edits in branches/safari-609-branch

Cherry-pick r254145. rdar://problem/58552861

REGRESSION: [ Mac Debug ] inspector/page/setBootstrapScript-main-frame.html is a flaky failure
​https://bugs.webkit.org/show_bug.cgi?id=205807
<rdar://problem/58344669>

Reviewed by Dean Jackson.

Source/WebInspectorUI:

• UserInterface/Controllers/NetworkManager.js: (WI.NetworkManager.prototype.async createBootstrapScript): (WI.NetworkManager.prototype._handleBootstrapScriptContentDidChange): Ensure that Page.setBootstrapScript is called when restoring the bootstrap script from the IndexedDB storage. Otherwise, in situations like when Web Inspector is first opened, we will show the Inspector Bootstrap Script in the UI, but not actually set it on the inspected page.

LayoutTests:

• inspector/page/setBootstrapScript-main-frame.html: In addition to waiting for Page.reload, we should also wait for the page to actually load. Set the content of the bootstrap script during its creation instead of as a two step process. Avoid an assertion by setting the enabled state after the bootstrap script is initalized.

• platform/mac/TestExpectations: Remove expectation added in r254059.

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254145 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:14 AM Changeset in webkit [254590] by Alan Coon

• 2 edits in branches/safari-609-branch/Source/WebCore/PAL

Cherry-pick r254141. rdar://problem/58559202

Flaky API Test: TestWebKitAPI.WebKitLegacy.AudioSessionCategoryIOS
​https://bugs.webkit.org/show_bug.cgi?id=194340
<rdar://problem/50507254>

Reviewed by Eric Carlson.

Workaround for AVFoundation crash for OS versions prior to platform fix. This crash occurrs infrequently
while triggering KVO due to an internal @property change. Work around the crash by disabling KVO for that
property at runtime, by injecting a new class method +automaticallyNotifiesObserversOfSuppressesVideoLayers
immediately after soft linking the AVFoundation library.

• pal/cocoa/AVFoundationSoftLink.mm: (PAL::justReturnsNO): (PAL::AVFoundationLibrary):

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254141 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:14 AM Changeset in webkit [254589] by Alan Coon

• 2 edits in branches/safari-609-branch/Source/WebCore

Cherry-pick r254099. rdar://problem/58552889

[iOS] Only prewarm fonts with valid font names
​https://bugs.webkit.org/show_bug.cgi?id=205822

Reviewed by Brent Fulgham.

The font names ".SF NS Text" and ".SF NS Display" are not valid on iOS, and should not be prewarmed.

No new tests, no behavior change.

• platform/graphics/cocoa/FontCacheCoreText.cpp: (WebCore::FontCache::prewarmGlobally):

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254099 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:14 AM Changeset in webkit [254588] by Alan Coon

• 2 edits in branches/safari-609-branch/Source/WebKit

Cherry-pick r254092. rdar://problem/58552872

NetworkSessionCocoa::isolatedSession should not use iterator after mutating m_isolatedSessions
​https://bugs.webkit.org/show_bug.cgi?id=205824
<rdar://problem/55107625>

Patch by Alex Christensen <​achristensen@webkit.org> on 2020-01-06
Reviewed by Chris Dumez.

Classic iterator use after mutating iterated container was causing crashes by returning a null SessionWrapper&
This was introduced in r252185 or r248640.

• NetworkProcess/cocoa/NetworkSessionCocoa.mm: (WebKit::NetworkSessionCocoa::isolatedSession):

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254092 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:14 AM Changeset in webkit [254587] by Alan Coon

• 3 edits in branches/safari-609-branch/Source/WebKit

Cherry-pick r254078. rdar://problem/58549073

Reformat WebPage logging
​https://bugs.webkit.org/show_bug.cgi?id=205709
<rdar://problem/58290285>

Reviewed by Brent Fulgham.

Update the format used by WebPage in its RELEASE_LOG logging. Use the
format used by WebPageProxy and NetworkResourceLoader, which is
generally of the form:

<object-address> - [<values that help thread together operations>] <class>::<method>: <message and other useful values>

So, for example:

0x4a1df5000 - WebLoaderStrategy::scheduleLoad: Resource is being scheduled with the NetworkProcess (frame=0x4a1db0220, priority=0, webPageID=15, frameID=3, resourceID=32)',

becomes:

0x4a1df5000 - [resourceLoader=0x1418b7200, frameLoader=0x1326d7340, frame=0x4a1db0220, webPageID=15, frameID=3, resourceID=32] WebLoaderStrategy::scheduleLoad: Resource is being scheduled with the NetworkProcess (priority=2)

This new form is a lot more verbose, but it really helps in tracing
activity from the top of our page/frame/resource load stack to the
bottom.

No new tests - no added or changed functionality.

• WebProcess/Network/WebLoaderStrategy.cpp: (WebKit::WebLoaderStrategy::scheduleLoad): (WebKit::WebLoaderStrategy::tryLoadingUsingURLSchemeHandler): (WebKit::WebLoaderStrategy::scheduleLoadFromNetworkProcess): (WebKit::WebLoaderStrategy::networkProcessCrashed): (WebKit::WebLoaderStrategy::loadResourceSynchronously):
• WebProcess/Network/WebLoaderStrategy.h:

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254078 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:14 AM Changeset in webkit [254586] by Alan Coon

• 6 edits in branches/safari-609-branch/LayoutTests

Cherry-pick r254074. rdar://problem/58549078

REGRESSION: [r254042] pageoverlay/overlay- tests are failing in WK1
​https://bugs.webkit.org/show_bug.cgi?id=205810

Unreviewed test gardening. Page Overlay test in WK1 now dump one or more repaint rects after r254042.

• platform/mac-wk1/pageoverlay/overlay-installation-expected.txt:
• platform/mac-wk1/pageoverlay/overlay-large-document-expected.txt:
• platform/mac-wk1/pageoverlay/overlay-large-document-scrolled-expected.txt:
• platform/mac-wk1/pageoverlay/overlay-small-frame-mouse-events-expected.txt:
• platform/mac-wk1/pageoverlay/overlay-small-frame-paints-expected.txt:

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254074 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:14 AM Changeset in webkit [254585] by Alan Coon

• 2 edits in branches/safari-609-branch/Source/WebCore

Cherry-pick r254067. rdar://problem/58552878

REGRESSION(r247626): Introduced memory regression
​https://bugs.webkit.org/show_bug.cgi?id=205815

Unreviewed rollout of ​https://trac.webkit.org/changeset/247626/webkit.

• platform/graphics/cocoa/FontCacheCoreText.cpp: (WebCore::FontCache::prewarmGlobally): (WebCore::fontFamiliesForPrewarming): Deleted.

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254067 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:14 AM Changeset in webkit [254584] by Alan Coon

• 2 edits in branches/safari-609-branch/Source/WebKitLegacy/mac

Cherry-pick r254063. rdar://problem/58559198

[Web Animations] Enable CSS Animations via Web Animations for WebKitLegacy
​https://bugs.webkit.org/show_bug.cgi?id=205791

Patch by Antoine Quint <Antoine Quint> on 2020-01-06
Reviewed by Dean Jackson.

It was an oversight that it had not been done along with the WebKit change.

• WebView/WebPreferences.mm: (+[WebPreferences initialize]):

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254063 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:14 AM Changeset in webkit [254583] by Alan Coon

• 2 edits in branches/safari-609-branch/LayoutTests

Cherry-pick r254059. rdar://problem/58552861

REGRESSION: [ Mac Debug ] inspector/page/setBootstrapScript-main-frame.html is a flaky failure
​https://bugs.webkit.org/show_bug.cgi?id=205807

Unreviewed test gardening.

• platform/mac/TestExpectations:

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254059 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:14 AM Changeset in webkit [254582] by Alan Coon

• 12 edits
  2 adds in branches/safari-609-branch

Cherry-pick r254054. rdar://problem/58549108

REGRESSION (r252724): Unable to tap on play button on google video 'See the top search trends of 2019'
​https://bugs.webkit.org/show_bug.cgi?id=205694
<rdar://problem/58062987>

Reviewed by Zalan Bujtas.

Source/WebCore:

After r252724, which separated 'used' from 'specified' z-index in style, we need to copy
the specified to the used z-index in animated styles, while preserving the existing 'forceStackingContext'
behavior which set the used z-index to 0.

Do so by creating Adjuster::adjustAnimatedStyle(), which is called from TreeResolver::createAnimatedElementUpdate()
if any animations could have affected the style. We need to pass back information about whether the animation should
force stacking context.

Test: animations/z-index-in-keyframe.html

• animation/KeyframeEffect.cpp: (WebCore::KeyframeEffect::apply):
• animation/KeyframeEffect.h: (WebCore::KeyframeEffect::triggersStackingContext const):
• dom/Element.cpp: (WebCore::Element::applyKeyframeEffects):
• dom/Element.h:
• page/animation/CSSAnimationController.h: (): Deleted.
• page/animation/CompositeAnimation.cpp: (WebCore::CompositeAnimation::animate):
• style/StyleAdjuster.cpp: (WebCore::Style::Adjuster::adjustAnimatedStyle):
• style/StyleAdjuster.h:
• style/StyleTreeResolver.cpp: (WebCore::Style::TreeResolver::createAnimatedElementUpdate):

LayoutTests:

• animations/z-index-in-keyframe-expected.html: Added.
• animations/z-index-in-keyframe.html: Added.

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254054 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:14 AM Changeset in webkit [254581] by Alan Coon

• 11 edits in branches/safari-609-branch

Cherry-pick r254042. rdar://problem/58549102

Source/WebCore/PAL:
DumpRenderTree doesn't always call updateRendering() when a test completes
​https://bugs.webkit.org/show_bug.cgi?id=205761

Reviewed by Darin Adler.

Add -[CATransaction synchronize].

• pal/spi/cocoa/QuartzCoreSPI.h:

Source/WebKit:
DumpRenderTree doesn't always call updateRendering() when a test completes
​https://bugs.webkit.org/show_bug.cgi?id=205761

Reviewed by Darin Adler.

Use the QuartzCore SPI header.

• WebProcess/WebPage/mac/TiledCoreAnimationDrawingArea.mm:

Source/WebKitLegacy/mac:
Fix a souce of WebKit1 test flakiness
​https://bugs.webkit.org/show_bug.cgi?id=205761

Reviewed by Darin Adler.

Some animation tests (and possibly many others) are flakey or broken in WK1 because
there was no code to guarantee that Page::updateRendering() was called at notifyDone()
time.

WK2 calls DrawingArea::forceRepaint(), which does updateRendering(), flushes layers,
and flushes a CATransaction.

In WK1, we historically relied in AppKit to call -viewWillDraw on WebView and/or WebHTMLView,
and just called [webView display] to make this happen. However, with layer backing, AppKit behavior
changes, and WebCore changes that make more things happen with HTML event loop timing, this
approach no longer works. The fix is to add WebView SPI, _forceRepaintForTesting, which emulates what
WK2 is doing.

• WebView/WebView.mm: (-[WebView _forceRepaintForTesting]):
• WebView/WebViewPrivate.h:

Tools:
DumpRenderTree doesn't always call updateRendering() when a test completes
​https://bugs.webkit.org/show_bug.cgi?id=205761

Reviewed by Darin Adler.

Some animation tests (and possibly many others) are flakey or broken in WK1 because
there was no code to guarantee that Page::updateRendering() was called at notifyDone()
time.

WK2 calls DrawingArea::forceRepaint(), which does updateRendering(), flushes layers,
and flushes a CATransaction.

In WK1, we historically relied in AppKit to call -viewWillDraw on WebView and/or WebHTMLView,
and just called [webView display] to make this happen. However, with layer backing, AppKit behavior
changes, and WebCore changes that make more things happen with HTML event loop timing, this
approach no longer works. The fix is to add WebView SPI, _forceRepaintForTesting, which emulates what
WK2 is doing.

• DumpRenderTree/mac/DumpRenderTree.mm: (updateDisplay):
• DumpRenderTree/mac/PixelDumpSupportMac.mm:

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254042 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:14 AM Changeset in webkit [254580] by Alan Coon

• 2 edits in branches/safari-609-branch/Source/WebKit

Cherry-pick r254033. rdar://problem/58548645

Reformat WebPage logging
​https://bugs.webkit.org/show_bug.cgi?id=205705
<rdar://problem/58288704>

Reviewed by Alex Christensen.

Update the format used by WebPage in its RELEASE_LOG logging. Use the
format used by WebPageProxy and NetworkResourceLoader, which is
generally of the form:

<object-address> - [<values that help thread together operations>] <class>::<method>: <message and other useful values>

So, for example:

0x7f83ba009208 - WebPage (webPageID=15) - Adding a reason 1 to freeze layer tree (now 1); old reasons were 0

becomes:

0x7f83ba009208 - [webPageID=15] WebPage::freezeLayerTree: Adding a reason to freeze layer tree (reason=1, new=1, old=0)

No new tests - no added or changed functionality.

• WebProcess/WebPage/WebPage.cpp: (WebKit::m_overriddenMediaType): (WebKit::WebPage::createPlugin): (WebKit::WebPage::freezeLayerTree): (WebKit::WebPage::unfreezeLayerTree): (WebKit::WebPage::markLayersVolatile): (WebKit::WebPage::cancelMarkLayersVolatile): (WebKit::WebPage::touchEventSync):

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254033 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:12 AM Changeset in webkit [254579] by Devin Rousso

• 2 edits in trunk/Websites/webkit.org

Web Inspector Reference: the meta info at the end of the article should always be on its own line
​https://bugs.webkit.org/show_bug.cgi?id=206277

Reviewed by Timothy Hatcher.

• wp-content/themes/webkit/style.css:

(article .bodycopy, article .meta):

11:11 AM Changeset in webkit [254578] by Devin Rousso

• 3 edits in trunk/Websites/webkit.org

Web Inspector Reference: put the original author and last modified author on separate lines
​https://bugs.webkit.org/show_bug.cgi?id=206274

Reviewed by Timothy Hatcher.

• wp-content/themes/webkit/single-web_inspector_page.php:
• wp-content/themes/webkit/style.css:

(article .meta .written): Added.
(article .meta .written, article .meta .updated): Added.
(article .meta .updated): Deleted.

10:58 AM Changeset in webkit [254577] by Truitt Savell

• 2 edits in trunk/LayoutTests

REGRESSION: [ Mac wk2 ] tiled-drawing/scrolling/fast-scroll-select-latched-mainframe-with-handler.html is a flaky failure on Mac wk2
​https://bugs.webkit.org/show_bug.cgi?id=206296

Unreviewed test gardening.

• platform/mac-wk2/TestExpectations:

10:40 AM Changeset in webkit [254576] by achristensen@apple.com

• 4 edits
  2 adds in trunk

Null Ptr Deref @ WebCore::DocumentLoader::clearMainResourceLoader
​https://bugs.webkit.org/show_bug.cgi?id=206204

Source/WebCore:

Patch by Pinki Gyanchandani <​pgyanchandani@apple.com> on 2020-01-15
Reviewed by Alex Christensen.

Test: loader/change-src-during-iframe-load-crash.html

• loader/DocumentLoader.cpp:

(WebCore::DocumentLoader::frameLoader const):
(WebCore::DocumentLoader::clearMainResourceLoader):

LayoutTests:

Added a NULL pointer check for FrameLoader. If FramLoader is NULL then return instead of
accessing activeDocumentLoader.

Patch by Pinki Gyanchandani <​pgyanchandani@apple.com> on 2020-01-15
Reviewed by Alex Christensen.

• loader/change-src-during-iframe-load-crash-expected.txt: Added.
• loader/change-src-during-iframe-load-crash.html: Added.

10:22 AM Changeset in webkit [254575] by Jon Davis

• 2 edits in trunk/Websites/webkit.org

Ensure UAs update the stylesheet
​https://bugs.webkit.org/show_bug.cgi?id=206292

Reviewed by Devin Rousso.

• wp-content/themes/webkit/header.php:

9:59 AM Changeset in webkit [254574] by jer.noble@apple.com

• 7 edits
  2 adds in trunk

Revert fullscreen CSS quirk for reddit.com; add width and height style to fullscreen.css.
​https://bugs.webkit.org/show_bug.cgi?id=206206

Reviewed by Eric Carlson.

Source/WebCore:

Test: fullscreen/fullscreen-user-agent-style.html

Add the "width:100%;height:100%;" from the modern Fullscreen API spec to our own
fullscreen stylesheet, and revert the quirk for reddit.com.

• css/fullscreen.css:

(:-webkit-full-screen):

• page/Quirks.cpp:

(WebCore::Quirks::needsFullWidthHeightFullscreenStyleQuirk const): Deleted.

• page/Quirks.h:
• style/UserAgentStyle.cpp:

(WebCore::Style::UserAgentStyle::ensureDefaultStyleSheetsForElement):

LayoutTests:

• fullscreen/full-screen-test.js:

(waitFor):

• fullscreen/fullscreen-user-agent-style-expected.txt: Added.
• fullscreen/fullscreen-user-agent-style.html: Added.

9:50 AM Changeset in webkit [254573] by Truitt Savell

• 3 edits in trunk/LayoutTests

REGRESSION: [ Mac iOS ] storage/websql/statement-error-callback.html is timing out flakily
​https://bugs.webkit.org/show_bug.cgi?id=206291

Unreviewed test gardening.

• platform/ios/TestExpectations:
• platform/mac/TestExpectations:

9:48 AM Changeset in webkit [254572] by weinig@apple.com

• 4 edits
  1 copy in trunk/Source/WTF

Platform.h is out of control Part 4: Split PLATFORM_* macro definitions out of Platform.h and into a new PlatformLegacy.h
​https://bugs.webkit.org/show_bug.cgi?id=206272

Reviewed by Anders Carlsson.

As a another step towards cleaning up Platform.h, split out all the legacy platform
macros into their own file.

• WTF.xcodeproj/project.pbxproj:
• wtf/CMakeLists.txt:
• wtf/Platform.h:
• wtf/PlatformLegacy.h: Copied from Source/WTF/wtf/Platform.h.

9:18 AM Changeset in webkit [254571] by Alan Coon

• 19 edits in branches/safari-609.1.14-branch/Source

Cherry-pick r254551. rdar://problem/58508705

Build ANGLE as a dynamic library
​https://bugs.webkit.org/show_bug.cgi?id=204708
rdar://57349384

Rolling this out for the 2nd time.

Source/ThirdParty/ANGLE:

• it caused issues with the shared dyld cache, because the cache doesn't know to include the libary until it already exists in the build
• probably related to the above, we saw some performance regressions directly related to this change

• ANGLE.xcodeproj/project.pbxproj:
• Configurations/ANGLE.xcconfig:
• Configurations/Base.xcconfig:
• Configurations/DebugRelease.xcconfig:
• include/CMakeLists.txt:
• include/GLSLANG/ShaderLang.h:
• include/GLSLANG/ShaderVars.h:
• src/libANGLE/renderer/gl/cgl/DisplayCGL.mm: (rx::DisplayCGL::isValidNativeWindow const):
• src/libANGLE/renderer/gl/cgl/WindowSurfaceCGL.mm: (rx::WindowSurfaceCGL::WindowSurfaceCGL): (rx::WindowSurfaceCGL::~WindowSurfaceCGL):
• src/libANGLE/renderer/gl/eagl/DisplayEAGL.mm: (rx::DisplayEAGL::terminate): (rx::DisplayEAGL::isValidNativeWindow const): (rx::WorkerContextEAGL::~WorkerContextEAGL):
• src/libANGLE/renderer/gl/eagl/WindowSurfaceEAGL.mm: (rx::WindowSurfaceEAGL::WindowSurfaceEAGL): (rx::WindowSurfaceEAGL::~WindowSurfaceEAGL):

Source/WebCore:

• Configurations/WebCore.xcconfig:
• Configurations/WebCoreTestSupport.xcconfig:
• WebCore.xcodeproj/project.pbxproj:
• platform/graphics/ANGLEWebKitBridge.cpp: (WebCore::ANGLEWebKitBridge::ANGLEWebKitBridge): (WebCore::ANGLEWebKitBridge::cleanupCompilers): (WebCore::ANGLEWebKitBridge::compileShaderSource): (WebCore::ANGLEWebKitBridge::angleAvailable): Deleted.
• platform/graphics/ANGLEWebKitBridge.h:
• platform/graphics/cocoa/GraphicsContextGLOpenGLCocoa.mm: (WebCore::GraphicsContextGLOpenGL::GraphicsContextGLOpenGL):

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254551 268f45cc-cd09-0410-ab3c-d52691b4dbfc

9:14 AM Changeset in webkit [254570] by Alan Coon

• 19 edits in branches/safari-610.1.1-branch/Source

Cherry-pick r254551. rdar://problem/58508705

Build ANGLE as a dynamic library
​https://bugs.webkit.org/show_bug.cgi?id=204708
rdar://57349384

Rolling this out for the 2nd time.

Source/ThirdParty/ANGLE:

• it caused issues with the shared dyld cache, because the cache doesn't know to include the libary until it already exists in the build
• probably related to the above, we saw some performance regressions directly related to this change

• ANGLE.xcodeproj/project.pbxproj:
• Configurations/ANGLE.xcconfig:
• Configurations/Base.xcconfig:
• Configurations/DebugRelease.xcconfig:
• include/CMakeLists.txt:
• include/GLSLANG/ShaderLang.h:
• include/GLSLANG/ShaderVars.h:
• src/libANGLE/renderer/gl/cgl/DisplayCGL.mm: (rx::DisplayCGL::isValidNativeWindow const):
• src/libANGLE/renderer/gl/cgl/WindowSurfaceCGL.mm: (rx::WindowSurfaceCGL::WindowSurfaceCGL): (rx::WindowSurfaceCGL::~WindowSurfaceCGL):
• src/libANGLE/renderer/gl/eagl/DisplayEAGL.mm: (rx::DisplayEAGL::terminate): (rx::DisplayEAGL::isValidNativeWindow const): (rx::WorkerContextEAGL::~WorkerContextEAGL):
• src/libANGLE/renderer/gl/eagl/WindowSurfaceEAGL.mm: (rx::WindowSurfaceEAGL::WindowSurfaceEAGL): (rx::WindowSurfaceEAGL::~WindowSurfaceEAGL):

Source/WebCore:

• Configurations/WebCore.xcconfig:
• Configurations/WebCoreTestSupport.xcconfig:
• WebCore.xcodeproj/project.pbxproj:
• platform/graphics/ANGLEWebKitBridge.cpp: (WebCore::ANGLEWebKitBridge::ANGLEWebKitBridge): (WebCore::ANGLEWebKitBridge::cleanupCompilers): (WebCore::ANGLEWebKitBridge::compileShaderSource): (WebCore::ANGLEWebKitBridge::angleAvailable): Deleted.
• platform/graphics/ANGLEWebKitBridge.h:
• platform/graphics/cocoa/GraphicsContextGLOpenGLCocoa.mm: (WebCore::GraphicsContextGLOpenGL::GraphicsContextGLOpenGL):

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254551 268f45cc-cd09-0410-ab3c-d52691b4dbfc

8:18 AM Changeset in webkit [254569] by ddkilzer@apple.com

• 11 edits in trunk/Source/WebKit

[Cocoa] Create a simulated crash log when the UI Process receives an invalid CoreIPC message
<​https://webkit.org/b/205368>
<rdar://problem/58024593>

Reviewed by Chris Dumez.

• UIProcess/AuxiliaryProcessProxy.cpp:

(WebKit::AuxiliaryProcessProxy::logInvalidMessage):

• Extract common logging code to new method that calls RELEASE_LOG_FAULT().
• UIProcess/AuxiliaryProcessProxy.h:

(WebKit::AuxiliaryProcessProxy::logInvalidMessage):
(WebKit::AuxiliaryProcessProxy::processName):

• Add method declarations.

• UIProcess/GPU/GPUProcessProxy.cpp:

(WebKit::GPUProcessProxy::didReceiveInvalidMessage):

• Use new AuxiliaryProcessProxy::logInvalidMessage().
• UIProcess/GPU/GPUProcessProxy.h:

(WebKit::GPUProcessProxy::processName const):

• Add implementation.

• UIProcess/Network/NetworkProcessProxy.cpp:

(WebKit::NetworkProcessProxy::didReceiveInvalidMessage):

• Use new AuxiliaryProcessProxy::logInvalidMessage().
• UIProcess/Network/NetworkProcessProxy.h:

(WebKit::NetworkProcessProxy::processName const):

• Add implementation.

• UIProcess/Plugins/PluginProcessProxy.cpp:

(WebKit::PluginProcessProxy::didReceiveInvalidMessage):

• Use new AuxiliaryProcessProxy::logInvalidMessage().
• UIProcess/Plugins/PluginProcessProxy.h:

(WebKit::PluginProcessProxy::processName const):

• Add implementation.

• UIProcess/WebProcessProxy.cpp:

(WebKit::WebProcessProxy::didReceiveInvalidMessage):

• Use new AuxiliaryProcessProxy::logInvalidMessage().
• UIProcess/WebProcessProxy.h:

(WebKit::WebProcessProxy::processName const):

• Add implementation.

7:46 AM Changeset in webkit [254568] by Antti Koivisto

• 4 edits in trunk/Source/WebCore

[LFC][Integration] Call SimpleLineLayout::canUseFor only once
​https://bugs.webkit.org/show_bug.cgi?id=206281

Reviewed by Sam Weinig.

It can be somewhat costly.

• layout/integration/LayoutIntegrationLineLayout.cpp:

(WebCore::LayoutIntegration::LineLayout::canUseFor):

• layout/integration/LayoutIntegrationLineLayout.h:

(WebCore::LayoutIntegration::LineLayout::canUseFor):

• rendering/RenderBlockFlow.cpp:

(WebCore::RenderBlockFlow::layoutInlineChildren):

6:44 AM Changeset in webkit [254567] by clopez@igalia.com

• 6 edits in trunk

[GTK] Turn off antialiasing when rendering with Ahem
​https://bugs.webkit.org/show_bug.cgi?id=204671

Reviewed by Carlos Garcia Campos.

Source/WebCore:

Many CSS related tests use the "Ahem" font to compare its special
squared glyphs with the positioned elements of the test. But if
we enable antialiasing for this font, then the antialiasing of
the glyphs causes small pixel differences with the reference test.

So, this patch disables antialiasing for the Ahem font in GTK and WPE
ports. This commit its pretty much like r252701 for the Mac/iOS ports.

Covered by existing tests.

• platform/graphics/cairo/GraphicsContextImplCairo.cpp:

(WebCore::GraphicsContextImplCairo::drawGlyphs):

• platform/graphics/freetype/FontCustomPlatformDataFreeType.cpp:

(WebCore::FontCustomPlatformData::fontPlatformData):

• platform/graphics/freetype/SimpleFontDataFreeType.cpp:

(WebCore::Font::platformInit):

LayoutTests:

• platform/gtk/TestExpectations:

6:42 AM Changeset in webkit [254566] by Andres Gonzalez

• 13 edits in trunk/Source/WebCore

Implementation of AXIsolatedObject::press().
​https://bugs.webkit.org/show_bug.cgi?id=206177

Reviewed by Chris Fleizach.

• Implemented AXIsolatedObject::press().
• For link objects, press causes the destruction and re-creation of the

isolated tree. Thus also added AXIsolatedTree:removeTreeForPageID.

• AXIsolatedTree::applyPendingChanges now also properly detaches isolated

objects that have been removed.

• Moved set and get wrapper to AXCoreObject so that it can be used for

both isolated and live objects.

• accessibility/AXObjectCache.cpp:

(WebCore::AXObjectCache::~AXObjectCache):
(WebCore::AXObjectCache::remove):
(WebCore::AXObjectCache::createIsolatedTreeHierarchy):

• accessibility/AXObjectCache.h:

(WebCore::AXObjectCache::detachWrapper):

• accessibility/AccessibilityObject.h:
• accessibility/AccessibilityObjectInterface.h:

(WebCore::AXCoreObject::wrapper const):
(WebCore::AXCoreObject::setWrapper):

• accessibility/atk/AXObjectCacheAtk.cpp:

(WebCore::AXObjectCache::detachWrapper):

• accessibility/ios/AXObjectCacheIOS.mm:

(WebCore::AXObjectCache::detachWrapper):

• accessibility/isolatedtree/AXIsolatedTree.cpp:

(WebCore::AXIsolatedTree::removeTreeForPageID):
(WebCore::AXIsolatedTree::applyPendingChanges):

• accessibility/isolatedtree/AXIsolatedTree.h:
• accessibility/isolatedtree/AXIsolatedTreeNode.cpp:

(WebCore::AXIsolatedObject::detach):
(WebCore::AXIsolatedObject::detachFromParent):
(WebCore::AXIsolatedObject::children):
(WebCore::AXIsolatedObject::isDetachedFromParent):
(WebCore::AXIsolatedObject::performFunctionOnMainThread):
(WebCore::AXIsolatedObject::findTextRanges const):
(WebCore::AXIsolatedObject::performTextOperation):
(WebCore::AXIsolatedObject::press):
(WebCore::AXIsolatedObject::widget const):
(WebCore::AXIsolatedObject::page const):
(WebCore::AXIsolatedObject::document const):
(WebCore::AXIsolatedObject::documentFrameView const):

• accessibility/isolatedtree/AXIsolatedTreeNode.h:
• accessibility/mac/AXObjectCacheMac.mm:

(WebCore::AXObjectCache::detachWrapper):

• accessibility/win/AXObjectCacheWin.cpp:

(WebCore::AXObjectCache::detachWrapper):

6:40 AM Changeset in webkit [254565] by commit-queue@webkit.org

• 2 edits in trunk/Source/WebCore

[GStreamer] Several buffering fixes
​https://bugs.webkit.org/show_bug.cgi?id=206234

Patch by Thibault Saunier <​tsaunier@igalia.com> on 2020-01-15
Reviewed by Xabier Rodriguez-Calvar.

No new tests as this is already tested.

• platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

(WebCore::MediaPlayerPrivateGStreamer::durationChanged): Minor typo fix
(WebCore::MediaPlayerPrivateGStreamer::fillTimerFired): Query buffering on the pipeline not the source

otherwise GstBaseSrc returns some useless values before downloadbuffer actually gives us the
info about DOWNLOAD buffering status. Also ignores response if they are not in DOWNLOAD mode as those
will end up screwing our buffering management algorithm.

(WebCore::MediaPlayerPrivateGStreamer::handleMessage):

• Detect when DOWNLOAD is done by using the downloadbuffer GstCacheDownloadComplete element message which is what is supposed to be used for that purpose.
• Fix the way we detect that buffering is done (mostly when using a downloadbuffer) by relying on a buffering query to check if it is still buffering.

(WebCore::MediaPlayerPrivateGStreamer::updateBufferingStatus): Ensure that we properly pause the pipeline when

restarting buffering. There were cases when not using downloadbuffer where we didn't pause the pipeline
leading to pretty bad user experience.

(WebCore::MediaPlayerPrivateGStreamer::updateStates): Buffering should happen only on non live pipelines.

6:24 AM Changeset in webkit [254564] by youenn@apple.com

• 5 edits
  3 adds in trunk/Source/WebCore

Introduce an abstract SampleBufferDisplayLayer
​https://bugs.webkit.org/show_bug.cgi?id=206066

Reviewed by Eric Carlson.

Move use of display layers in MediaPlayerPrivateMediaStreamAVFObjC to a new class LocalSampleBufferDisplayLayer
that implements an interface named SampleBufferDisplayLayer.
A future patch will implement this interface by IPCing to GPUProcess.
We move both layers and handling of the sample queue to LocalSampleBufferDisplayLayer.

Contrary to previously, we do not call again enqueueVideoSample in case we enqueued a sample for later use in the display layer.
Instead, we directly render it, which should not change much since this is a realtime track and in the future the buffer will be in GPUProcess anyway.

• SourcesCocoa.txt:
• WebCore.xcodeproj/project.pbxproj:
• platform/graphics/avfoundation/SampleBufferDisplayLayer.h: Added.

(WebCore::SampleBufferDisplayLayer::SampleBufferDisplayLayer):

• platform/graphics/avfoundation/objc/LocalSampleBufferDisplayLayer.h: Added.
• platform/graphics/avfoundation/objc/LocalSampleBufferDisplayLayer.mm: Added.

(-[WebAVSampleBufferStatusChangeListener initWithParent:]):
(-[WebAVSampleBufferStatusChangeListener dealloc]):
(-[WebAVSampleBufferStatusChangeListener invalidate]):
(-[WebAVSampleBufferStatusChangeListener beginObservingLayers]):
(-[WebAVSampleBufferStatusChangeListener stopObservingLayers]):
(-[WebAVSampleBufferStatusChangeListener observeValueForKeyPath:ofObject:change:context:]):
(WebCore::runWithoutAnimations):
(WebCore::LocalSampleBufferDisplayLayer::LocalSampleBufferDisplayLayer):
(WebCore::LocalSampleBufferDisplayLayer::~LocalSampleBufferDisplayLayer):
(WebCore::LocalSampleBufferDisplayLayer::layerStatusDidChange):
(WebCore::LocalSampleBufferDisplayLayer::layerErrorDidChange):
(WebCore::LocalSampleBufferDisplayLayer::rootLayerBoundsDidChange):
(WebCore::LocalSampleBufferDisplayLayer::displayLayer):
(WebCore::LocalSampleBufferDisplayLayer::rootLayer):
(WebCore::LocalSampleBufferDisplayLayer::didFail const):
(WebCore::LocalSampleBufferDisplayLayer::updateDisplayMode):
(WebCore::LocalSampleBufferDisplayLayer::bounds const):
(WebCore::LocalSampleBufferDisplayLayer::updateAffineTransform):
(WebCore::LocalSampleBufferDisplayLayer::updateBoundsAndPosition):
(WebCore::LocalSampleBufferDisplayLayer::ensureLayers):
(WebCore::LocalSampleBufferDisplayLayer::flush):
(WebCore::LocalSampleBufferDisplayLayer::flushAndRemoveImage):
(WebCore::LocalSampleBufferDisplayLayer::enqueueSample):
(WebCore::LocalSampleBufferDisplayLayer::removeOldSamplesFromPendingQueue):
(WebCore::LocalSampleBufferDisplayLayer::addSampleToPendingQueue):
(WebCore::LocalSampleBufferDisplayLayer::clearEnqueuedSamples):
(WebCore::LocalSampleBufferDisplayLayer::requestNotificationWhenReadyForVideoData):

• platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h:
• platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:

(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::MediaPlayerPrivateMediaStreamAVFObjC):
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::~MediaPlayerPrivateMediaStreamAVFObjC):
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::enqueueCorrectedVideoSample):
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::sampleBufferDisplayLayerStatusDidChange):
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::applicationDidBecomeActive):
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::flushRenderers):
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::ensureLayers):
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::destroyLayers):
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::platformLayer const):
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::displayLayer):
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateDisplayMode):
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::checkSelectedVideoTrack):
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::setBufferingPolicy):
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateDisplayLayer):
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::sampleBufferDisplayLayerBoundsDidChange):

3:45 AM Changeset in webkit [254563] by aboya@igalia.com

• 2 edits in trunk/Tools

[WTF] Remove MediaTime.cpp test warning in GCC
​https://bugs.webkit.org/show_bug.cgi?id=206238

Reviewed by Xabier Rodriguez-Calvar.

GCC emits warnings when it finds clang pragmas, so I'm wrapping them
in #if COMPILER(CLANG) to reduce the noise.

• TestWebKitAPI/Tests/WTF/MediaTime.cpp:

3:30 AM Changeset in webkit [254562] by youenn@apple.com

• 18 edits
  9 adds in trunk

Add support for MediaStream audio track rendering in GPUProcess
​https://bugs.webkit.org/show_bug.cgi?id=206175

Reviewed by Eric Carlson.

Source/WebCore:

Simplify model to use start/stop instead of setPaused.
Simplify and fix issue in computation of the muted state of the renderer.
Covered by existing tests run with GPU process enabled and manual testing

• platform/mediastream/AudioMediaStreamTrackRenderer.h:
• platform/mediastream/AudioTrackPrivateMediaStream.cpp:

(WebCore::AudioTrackPrivateMediaStream::playInternal):
(WebCore::AudioTrackPrivateMediaStream::pause):
(WebCore::AudioTrackPrivateMediaStream::audioSamplesAvailable):
(WebCore::AudioTrackPrivateMediaStream::updateRendererMutedState):

• platform/mediastream/mac/AudioMediaStreamTrackRendererCocoa.cpp:

(WebCore::AudioMediaStreamTrackRendererCocoa::start):
(WebCore::AudioMediaStreamTrackRendererCocoa::stop):
(WebCore::AudioMediaStreamTrackRendererCocoa::clear):
(WebCore::AudioMediaStreamTrackRendererCocoa::pushSamples):
(WebCore::AudioMediaStreamTrackRendererCocoa::render):

• platform/mediastream/mac/AudioMediaStreamTrackRendererCocoa.h:

Source/WebKit:

Implement an AudioMediaStreamTrackRenderer at WebKit level by creating a remote renderer in GPUProcess and sending IPC to pass
audio data as well as orders (start/stop/setMuted).

Implement the remote renderer using WebCore audio track renderer.

Enable WebKit remote renderer F GPU process for media is enabled.

• DerivedSources-input.xcfilelist:
• DerivedSources-output.xcfilelist:
• DerivedSources.make:
• GPUProcess/GPUConnectionToWebProcess.cpp:

(WebKit::GPUConnectionToWebProcess::audioTrackRendererManager):
(WebKit::GPUConnectionToWebProcess::didReceiveMessage):

• GPUProcess/GPUConnectionToWebProcess.h:
• GPUProcess/webrtc/RemoteAudioMediaStreamTrackRenderer.cpp: Added.

(WebKit::nextLogIdentifier):
(WebKit::nullLogger):
(WebKit::RemoteAudioMediaStreamTrackRenderer::RemoteAudioMediaStreamTrackRenderer):
(WebKit::RemoteAudioMediaStreamTrackRenderer::~RemoteAudioMediaStreamTrackRenderer):
(WebKit::RemoteAudioMediaStreamTrackRenderer::storage):
(WebKit::RemoteAudioMediaStreamTrackRenderer::start):
(WebKit::RemoteAudioMediaStreamTrackRenderer::stop):
(WebKit::RemoteAudioMediaStreamTrackRenderer::clear):
(WebKit::RemoteAudioMediaStreamTrackRenderer::setMuted):
(WebKit::RemoteAudioMediaStreamTrackRenderer::setVolume):
(WebKit::RemoteAudioMediaStreamTrackRenderer::audioSamplesStorageChanged):
(WebKit::RemoteAudioMediaStreamTrackRenderer::audioSamplesAvailable):

• GPUProcess/webrtc/RemoteAudioMediaStreamTrackRenderer.h: Added.
• GPUProcess/webrtc/RemoteAudioMediaStreamTrackRenderer.messages.in: Added.
• GPUProcess/webrtc/RemoteAudioMediaStreamTrackRendererManager.cpp: Added.

(WebKit::RemoteAudioMediaStreamTrackRendererManager::didReceiveRendererMessage):
(WebKit::RemoteAudioMediaStreamTrackRendererManager::createRenderer):
(WebKit::RemoteAudioMediaStreamTrackRendererManager::releaseRenderer):

• GPUProcess/webrtc/RemoteAudioMediaStreamTrackRendererManager.h: Added.

(WebKit::RemoteAudioMediaStreamTrackRendererManager::didReceiveMessageFromWebProcess):

• GPUProcess/webrtc/RemoteAudioMediaStreamTrackRendererManager.messages.in: Added.
• Scripts/webkit/messages.py:
• Sources.txt:
• SourcesCocoa.txt:
• WebKit.xcodeproj/project.pbxproj:
• WebProcess/GPU/media/RemoteMediaPlayerManager.cpp:

(WebKit::RemoteMediaPlayerManager::updatePreferences):

• WebProcess/GPU/webrtc/AudioMediaStreamTrackRenderer.cpp: Added.

(WebKit::AudioMediaStreamTrackRenderer::create):
(WebKit::AudioMediaStreamTrackRenderer::AudioMediaStreamTrackRenderer):
(WebKit::AudioMediaStreamTrackRenderer::~AudioMediaStreamTrackRenderer):
(WebKit::AudioMediaStreamTrackRenderer::start):
(WebKit::AudioMediaStreamTrackRenderer::stop):
(WebKit::AudioMediaStreamTrackRenderer::clear):
(WebKit::AudioMediaStreamTrackRenderer::setMuted):
(WebKit::AudioMediaStreamTrackRenderer::setVolume):
(WebKit::AudioMediaStreamTrackRenderer::pushSamples):
(WebKit::AudioMediaStreamTrackRenderer::storageChanged):

• WebProcess/GPU/webrtc/AudioMediaStreamTrackRenderer.h: Added.

(WebKit::AudioMediaStreamTrackRenderer::identifier const):

• WebProcess/GPU/webrtc/AudioMediaStreamTrackRendererIdentifier.h: Added.

LayoutTests:

• gpu-process/TestExpectations:

3:29 AM Changeset in webkit [254561] by Oriol Brufau

• 35 edits in trunk

[css-grid] Exclude implicit grid tracks from the resolved value
​https://bugs.webkit.org/show_bug.cgi?id=204588

Reviewed by Manuel Rego Casasnovas.

LayoutTests/imported/w3c:

Import WPT tests.

• web-platform-tests/css/css-grid/grid-definition/grid-inline-support-flexible-lengths-001.html:
• web-platform-tests/css/css-grid/grid-definition/grid-inline-support-grid-template-columns-rows-001.html:
• web-platform-tests/css/css-grid/grid-definition/grid-inline-support-named-grid-lines-001.html:
• web-platform-tests/css/css-grid/grid-definition/grid-inline-support-repeat-001-expected.txt:
• web-platform-tests/css/css-grid/grid-definition/grid-inline-support-repeat-001.html:
• web-platform-tests/css/css-grid/grid-definition/grid-inline-template-columns-rows-resolved-values-001-expected.txt:
• web-platform-tests/css/css-grid/grid-definition/grid-inline-template-columns-rows-resolved-values-001.html:
• web-platform-tests/css/css-grid/grid-definition/grid-support-flexible-lengths-001.html:
• web-platform-tests/css/css-grid/grid-definition/grid-support-grid-template-columns-rows-001.html:
• web-platform-tests/css/css-grid/grid-definition/grid-support-named-grid-lines-001.html:
• web-platform-tests/css/css-grid/grid-definition/grid-support-repeat-001-expected.txt:
• web-platform-tests/css/css-grid/grid-definition/grid-support-repeat-001.html:
• web-platform-tests/css/css-grid/grid-definition/grid-template-columns-rows-resolved-values-001-expected.txt:
• web-platform-tests/css/css-grid/grid-definition/grid-template-columns-rows-resolved-values-001.html:
• web-platform-tests/css/css-grid/grid-items/grid-minimum-size-grid-items-021.html:
• web-platform-tests/css/css-grid/grid-layout-properties-expected.txt:
• web-platform-tests/css/css-grid/grid-layout-properties.html:
• web-platform-tests/css/css-grid/parsing/grid-template-columns-computed-withcontent-expected.txt:
• web-platform-tests/css/css-grid/parsing/grid-template-columns-computed-withcontent.html:
• web-platform-tests/css/css-grid/parsing/grid-template-rows-computed-withcontent-expected.txt:
• web-platform-tests/css/css-grid/parsing/grid-template-rows-computed-withcontent.html:

Source/WebCore:

​https://github.com/w3c/csswg-drafts/issues/4475 resolved to try to stop
including implicit tracks in the resolved value of grid-template-columns
and grid-template-rows.

This implies that the resolved values will have less information now,
which affects lots of tests. I have edited them depending on the case:

• When the size of the track was irrelevant (e.g. just checking whether some value was syntactically valid), I have just updated the expected value.
• When the size of the track was relevant, but it wasn't important for the tracks to be implicit, I have made them explicit in order to get the same value.
• When the test was about the sizes of implicit tracks, I have added new checks for the size and position of the grid items.

Tests: fast/css-grid-layout/grid-auto-columns-rows-get-set.html

fast/css-grid-layout/grid-columns-rows-get-set.html
fast/css-grid-layout/grid-template-shorthand-get-set.html
fast/css-grid-layout/mark-as-infinitely-growable.html
fast/css-grid-layout/named-grid-lines-computed-style-implicit-tracks.html
fast/css-grid-layout/negative-growth-share-as-infinity-crash.html
imported/w3c/web-platform-tests/css/css-grid/grid-definition/grid-inline-support-flexible-lengths-001.html
imported/w3c/web-platform-tests/css/css-grid/grid-definition/grid-inline-support-grid-template-columns-rows-001.html
imported/w3c/web-platform-tests/css/css-grid/grid-definition/grid-inline-support-named-grid-lines-001.html
imported/w3c/web-platform-tests/css/css-grid/grid-definition/grid-inline-support-repeat-001.html
imported/w3c/web-platform-tests/css/css-grid/grid-definition/grid-inline-template-columns-rows-resolved-values-001.html
imported/w3c/web-platform-tests/css/css-grid/grid-definition/grid-support-flexible-lengths-001.html
imported/w3c/web-platform-tests/css/css-grid/grid-definition/grid-support-grid-template-columns-rows-001.html
imported/w3c/web-platform-tests/css/css-grid/grid-definition/grid-support-named-grid-lines-001.html
imported/w3c/web-platform-tests/css/css-grid/grid-definition/grid-support-repeat-001.html
imported/w3c/web-platform-tests/css/css-grid/grid-definition/grid-template-columns-rows-resolved-values-001.html
imported/w3c/web-platform-tests/css/css-grid/grid-items/grid-minimum-size-grid-items-021.html
imported/w3c/web-platform-tests/css/css-grid/grid-layout-properties.html
imported/w3c/web-platform-tests/css/css-grid/parsing/grid-template-columns-computed-withcontent.html
imported/w3c/web-platform-tests/css/css-grid/parsing/grid-template-rows-computed-withcontent.html

• css/CSSComputedStyleDeclaration.cpp:

(WebCore::valueForGridTrackList):

• rendering/RenderGrid.cpp:

(WebCore::RenderGrid::trackSizesForComputedStyle const):

LayoutTests:

Update tests.

• fast/css-grid-layout/grid-auto-columns-rows-get-set-expected.txt:
• fast/css-grid-layout/grid-auto-columns-rows-get-set.html:
• fast/css-grid-layout/grid-columns-rows-get-set.html:
• fast/css-grid-layout/grid-template-shorthand-get-set-expected.txt:
• fast/css-grid-layout/grid-template-shorthand-get-set.html:
• fast/css-grid-layout/mark-as-infinitely-growable.html:
• fast/css-grid-layout/named-grid-lines-computed-style-implicit-tracks-expected.txt:
• fast/css-grid-layout/named-grid-lines-computed-style-implicit-tracks.html:
• fast/css-grid-layout/negative-growth-share-as-infinity-crash.html:

Jan 14, 2020:

10:40 PM Changeset in webkit [254560] by commit-queue@webkit.org

• 3 edits in trunk/Source/WebKit

Unreviewed, rolling out r254548.
​https://bugs.webkit.org/show_bug.cgi?id=206279

Broke launching WebContent (Requested by ap_ on #webkit).

Reverted changeset:

"Expand WebContent process sandbox with additional syscall"
​https://bugs.webkit.org/show_bug.cgi?id=206260
​https://trac.webkit.org/changeset/254548

10:32 PM Changeset in webkit [254559] by Alan Bujtas

• 8 edits
  2 adds in trunk

Long continuation chain could lead to stack exhaustion
​https://bugs.webkit.org/show_bug.cgi?id=206271
<rdar://problem/41189798>

Reviewed by Simon Fraser.

Source/WebCore:

This patch replaces the recursive approach with an iterative one
to collect absolute quads across continuation.

Test: fast/inline/long-continuation-crash.html

• rendering/RenderBlock.cpp:

(WebCore::RenderBlock::absoluteQuads const):
(WebCore::RenderBlock::absoluteQuadsIgnoringContinuation const):

• rendering/RenderBlock.h:
• rendering/RenderBoxModelObject.cpp:

(WebCore::RenderBoxModelObject::collectAbsoluteQuadsForContinuation const):

• rendering/RenderBoxModelObject.h:

(WebCore::RenderBoxModelObject::absoluteQuadsIgnoringContinuation const):

• rendering/RenderInline.cpp:

(WebCore::RenderInline::absoluteQuads const):
(WebCore::RenderInline::absoluteQuadsIgnoringContinuation const):

• rendering/RenderInline.h:

LayoutTests:

• fast/inline/long-continuation-crash.html: Added.

10:02 PM Changeset in webkit [254558] by commit-queue@webkit.org

• 26 edits in trunk

Unreviewed, rolling out r254480, r254496, and r254517.
​https://bugs.webkit.org/show_bug.cgi?id=206278

"It regressed JetStream2 and Speedometer2" (Requested by
saamyjoon on #webkit).

Reverted changesets:

"Throw away baseline code if there is an optimized
replacement"
​https://bugs.webkit.org/show_bug.cgi?id=202503
​https://trac.webkit.org/changeset/254480

"Unreviewed. Change useLLInt=0 to forceBaseline=1"
​https://trac.webkit.org/changeset/254496

"Add an option that enables/disables throwing away baseline
JIT code"
​https://bugs.webkit.org/show_bug.cgi?id=206244
​https://trac.webkit.org/changeset/254517

9:57 PM Changeset in webkit [254557] by rniwa@webkit.org

• 18 edits in trunk/Source

Enable the offset assertion in HTMLTextFormControlElement::indexForPosition
​https://bugs.webkit.org/show_bug.cgi?id=205706

Reviewed by Darin Adler.

Source/WebCore:

This patch fixes the erroneously disabled debug assertion in HTMLTextFormControlElement::indexForPosition.

It also fixes the bug that it was asserting even when VisiblePosition was null, and computed a wrong offset
when the entire input element is not visible (e.g. becaue height is 0px).

TextIterator::rangeLength and TextIterator::rangeFromLocationAndLength now takes an OptionSet of
newly added enum class TextIteratorLengthOption instead of a boolean indicating whether a space should be
generated for a replaced element. Most code changes are due to this refactoring.

No new tests since existing tests exercise this code.

• accessibility/AXObjectCache.cpp:

(WebCore::AXObjectCache::rangeMatchesTextNearRange):

• accessibility/AccessibilityRenderObject.cpp:

(WebCore::AccessibilityRenderObject::indexForVisiblePosition const):

• accessibility/atk/WebKitAccessibleInterfaceText.cpp:

(getSelectionOffsetsForObject):

• accessibility/atk/WebKitAccessibleUtil.cpp:

(objectFocusedAndCaretOffsetUnignored):

• editing/ApplyStyleCommand.cpp:

(WebCore::ApplyStyleCommand::applyBlockStyle):

• editing/CompositeEditCommand.cpp:

(WebCore::CompositeEditCommand::moveParagraphs):

• editing/Editing.cpp:

(WebCore::indexForVisiblePosition):
(WebCore::visiblePositionForIndex):

• editing/Editing.h:

(WebCore::indexForVisiblePosition):

• editing/TextIterator.cpp:

(WebCore::behaviorFromLegnthOptions): Added.
(WebCore::TextIterator::rangeLength):
(WebCore::TextIterator::rangeFromLocationAndLength):

• editing/TextIterator.h:

(WebCore::TextIterator::rangeLength):
(WebCore::TextIterator::rangeFromLocationAndLength):

• editing/TextIteratorBehavior.h:
• editing/ios/DictationCommandIOS.cpp:

(WebCore::DictationCommandIOS::doApply):

• html/HTMLTextFormControlElement.cpp:

(WebCore::HTMLTextFormControlElement::indexForPosition const): Enabled the assertion when VisiblePosition
is not null, and fixed the bug that the offset computed from VisiblePosition were always 0 when the input
element is not visible (e.g. has 0px size or has visibility: hidden).

• page/EventHandler.cpp:

(WebCore::textDistance):

Source/WebKit:

• WebProcess/WebPage/ios/WebPageIOS.mm:

(WebKit::rangeNearPositionMatchesText):

7:10 PM Changeset in webkit [254556] by Chris Dumez

• 35 edits in trunk

document.cookie should not do a sync IPC to the network process for iframes that do not have storage access
​https://bugs.webkit.org/show_bug.cgi?id=206108

Reviewed by Geoff Garen and John Wilander.

Source/WebCore:

When ITP is enabled and ThirdPartyCookieBlockingMode::All mode is used (default in Safari), we can now detect
that a third-party iframe does not have cookie access completely on the WebContent process side, instead of
doing the check on the Network process side. The benefit is that this avoids doing a synchronous IPC every
time a third-party iframe which does not have storage access tries to access document.cookie in JavaScript.
Given that this should apply to a lot of iframes, this change is very beneficial to performance.

No new tests, covered by existing tests that are still passing.

• loader/CookieJar.cpp:

(WebCore::CookieJar::cookies const):
(WebCore::CookieJar::setCookies):
(WebCore::CookieJar::cookieRequestHeaderFieldValue const):
(WebCore::CookieJar::getRawCookies const):

• platform/network/CacheValidation.cpp:

(WebCore::cookieRequestHeaderFieldValue):

• platform/network/NetworkStorageSession.h:
• platform/network/cf/NetworkStorageSessionCFNetWin.cpp:

(WebCore::NetworkStorageSession::setCookiesFromDOM const):
(WebCore::NetworkStorageSession::cookiesForDOM const):
(WebCore::NetworkStorageSession::cookieRequestHeaderFieldValue const):
(WebCore::NetworkStorageSession::getRawCookies const):

• platform/network/cocoa/NetworkStorageSessionCocoa.mm:

(WebCore::cookiesForURL):
(WebCore::cookiesForSession):
(WebCore::NetworkStorageSession::cookiesForDOM const):
(WebCore::NetworkStorageSession::cookieRequestHeaderFieldValue const):
(WebCore::NetworkStorageSession::setCookiesFromDOM const):
(WebCore::NetworkStorageSession::getRawCookies const):

• platform/network/curl/NetworkStorageSessionCurl.cpp:

(WebCore::NetworkStorageSession::setCookiesFromDOM const):
(WebCore::NetworkStorageSession::cookiesForDOM const):
(WebCore::NetworkStorageSession::getRawCookies const):
(WebCore::NetworkStorageSession::cookieRequestHeaderFieldValue const):

• platform/network/soup/NetworkStorageSessionSoup.cpp:

(WebCore::NetworkStorageSession::setCookiesFromDOM const):
(WebCore::NetworkStorageSession::getRawCookies const):
(WebCore::NetworkStorageSession::cookiesForDOM const):
(WebCore::NetworkStorageSession::cookieRequestHeaderFieldValue const):

Source/WebKit:

When ITP is enabled and ThirdPartyCookieBlockingMode::All mode is used (default in Safari), we can now detect
that a third-party iframe does not have cookie access completely on the WebContent process side, instead of
doing the check on the Network process side. The benefit is that this avoids doing a synchronous IPC every
time a third-party iframe which does not have storage access tries to access document.cookie in JavaScript.
Given that this should apply to a lot of iframes, this change is very beneficial to performance.

• NetworkProcess/NetworkConnectionToWebProcess.cpp:

(WebKit::NetworkConnectionToWebProcess::cookiesForDOM):
(WebKit::NetworkConnectionToWebProcess::setCookiesFromDOM):
(WebKit::NetworkConnectionToWebProcess::cookieRequestHeaderFieldValue):
(WebKit::NetworkConnectionToWebProcess::getRawCookies):

• NetworkProcess/NetworkConnectionToWebProcess.h:
• NetworkProcess/NetworkConnectionToWebProcess.messages.in:
• NetworkProcess/NetworkResourceLoader.cpp:

(WebKit::logCookieInformationInternal):

• NetworkProcess/NetworkSessionCreationParameters.cpp:

(WebKit::NetworkSessionCreationParameters::encode const):
(WebKit::NetworkSessionCreationParameters::decode):

• NetworkProcess/NetworkSessionCreationParameters.h:
• Scripts/webkit/messages.py:
• Shared/WebProcessDataStoreParameters.h:

(WebKit::WebProcessDataStoreParameters::encode const):
(WebKit::WebProcessDataStoreParameters::decode):

• UIProcess/Network/NetworkProcessProxy.cpp:

(WebKit::NetworkProcessProxy::setShouldBlockThirdPartyCookiesForTesting):

• UIProcess/WebProcessPool.cpp:

(WebKit::WebProcessPool::ensureNetworkProcess):
(WebKit::WebProcessPool::webProcessDataStoreParameters):

• UIProcess/WebProcessProxy.cpp:

(WebKit::WebProcessProxy::setShouldBlockThirdPartyCookiesForTesting):

• UIProcess/WebProcessProxy.h:
• UIProcess/WebsiteData/Cocoa/WebsiteDataStoreCocoa.mm:

(WebKit::WebsiteDataStore::thirdPartyCookieBlockingMode const):
(WebKit::WebsiteDataStore::parameters):

• UIProcess/WebsiteData/WebsiteDataStore.cpp:

(WebKit::WebsiteDataStore::thirdPartyCookieBlockingMode const):
(WebKit::WebsiteDataStore::setResourceLoadStatisticsShouldBlockThirdPartyCookiesForTesting):

• UIProcess/WebsiteData/WebsiteDataStore.h:
• WebProcess/WebCoreSupport/WebResourceLoadObserver.cpp:

(WebKit::WebResourceLoadObserver::requestStorageAccessUnderOpener):
(WebKit::WebResourceLoadObserver::logUserInteractionWithReducedTimeResolution):

• WebProcess/WebCoreSupport/WebResourceLoadObserver.h:
• WebProcess/WebPage/WebCookieJar.cpp:

(WebKit::shouldBlockCookies):
(WebKit::WebCookieJar::cookies const):
(WebKit::WebCookieJar::setCookies):
(WebKit::WebCookieJar::cookieRequestHeaderFieldValue const):
(WebKit::WebCookieJar::getRawCookies const):

• WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::addDomainWithPageLevelStorageAccess):
(WebKit::WebPage::hasPageLevelStorageAccess const):

• WebProcess/WebPage/WebPage.h:
• WebProcess/WebProcess.cpp:

(WebKit::WebProcess::setWebsiteDataStoreParameters):
(WebKit::WebProcess::setShouldBlockThirdPartyCookiesForTesting):

• WebProcess/WebProcess.h:

(WebKit::WebProcess::thirdPartyCookieBlockingMode const):

• WebProcess/WebProcess.messages.in:

Tools:

Make setStatisticsShouldBlockThirdPartyCookies IPC from the WebProcess to the UIProcess asynchronous
since this ends up sending an IPC back to the WebProcess now (which would deadlock).

• WebKitTestRunner/InjectedBundle/TestRunner.cpp:

(WTR::TestRunner::setStatisticsShouldBlockThirdPartyCookies):

• WebKitTestRunner/TestInvocation.cpp:

(WTR::TestInvocation::didReceiveMessageFromInjectedBundle):
(WTR::TestInvocation::didReceiveSynchronousMessageFromInjectedBundle):

6:51 PM Changeset in webkit [254555] by Peng Liu

• 21 edits
  2 moves in trunk

[Media in GPU process] Implement the remote video layer support
​https://bugs.webkit.org/show_bug.cgi?id=206043

Reviewed by Youenn Fablet.

Source/WebCore:

No new tests, covered by existing tests.

This patch adds function LayerHostingContext::createPlatformLayerForHostingContext() which is
a wrapper of [CALayer _web_renderLayerWithContextID:] to create WebVideoHostingLayer in the Web process.

It also moves LayerHostingContext.[h|mm] to from folder "mac" to "cocoa" because LayerHostingContext
is not only used on the Mac version.
Some issues related to unified build are also fixed.

• platform/graphics/ColorSpace.h:
• platform/graphics/LayoutRect.h:

(WebCore::LayoutRect::encode const):
(WebCore::LayoutRect::decode):

• platform/graphics/cocoa/WebCoreCALayerExtras.mm:

(+[CALayer _web_renderLayerWithContextID:]):

• platform/graphics/cv/ImageTransferSessionVT.mm:

Source/WebKit:

RemoteMediaPlayerProxy in the GPU process creates a LayerHostingContext with createForExternalHostingProcess()
and share the context ID with the MediaPlayerPrivateRemote in the Web process.
Then the MediaPlayerPrivateRemote creates a hosting layer with the context ID for rendering.

This patch updates RemoteMediaPlayerProxy::PrepareForPlayback to provide the initial video content box and scale
for the VideoFullscreenLayerManagerObjC on the GPU process to create WebVideoContainerLayer.
It adds XPC message RemoteMediaPlayerManager::FirstVideoFrameAvailable to notify the renderer on the Web process that the video layer is ready.
RemoteMediaPlayerManagerProxy::SetSize message is removed to avoid the unnecessary XPC message
because MediaPlayerPrivateAVFoundationObjC::setSize() does nothing.

• GPUProcess/media/RemoteMediaPlayerProxy.cpp:

(WebKit::RemoteMediaPlayerProxy::prepareForPlayback):
(WebKit::RemoteMediaPlayerProxy::mediaPlayerFirstVideoFrameAvailable):
(WebKit::RemoteMediaPlayerProxy::mediaPlayerRenderingModeChanged):
(WebKit::RemoteMediaPlayerProxy::mediaPlayerContentBoxRect const):
(WebKit::RemoteMediaPlayerProxy::mediaPlayerContentsScale const):
(WebKit::RemoteMediaPlayerProxy::setSize): Deleted.

• GPUProcess/media/RemoteMediaPlayerProxy.h:
• GPUProcess/media/RemoteMediaPlayerProxy.messages.in:
• Platform/cocoa/LayerHostingContext.h: Renamed from Source/WebKit/Platform/mac/LayerHostingContext.h.
• Platform/cocoa/LayerHostingContext.mm: Renamed from Source/WebKit/Platform/mac/LayerHostingContext.mm.

(WebKit::LayerHostingContext::createPlatformLayerForHostingContext):

• Platform/ios/PaymentAuthorizationController.mm:
• PluginProcess/mac/PluginControllerProxyMac.mm:
• SourcesCocoa.txt:
• WebKit.xcodeproj/project.pbxproj:
• WebProcess/GPU/media/MediaPlayerPrivateRemote.cpp:

(WebKit::MediaPlayerPrivateRemote::prepareForPlayback):
(WebKit::MediaPlayerPrivateRemote::MediaPlayerPrivateRemote::load):
(WebKit::MediaPlayerPrivateRemote::firstVideoFrameAvailable):
(WebKit::MediaPlayerPrivateRemote::platformLayer const):
(WebKit::MediaPlayerPrivateRemote::setSize): Deleted.

• WebProcess/GPU/media/MediaPlayerPrivateRemote.h:
• WebProcess/GPU/media/RemoteMediaPlayerManager.cpp:

(WebKit::RemoteMediaPlayerManager::characteristicChanged):
(WebKit::RemoteMediaPlayerManager::sizeChanged):
(WebKit::RemoteMediaPlayerManager::addRemoteVideoTrack):
(WebKit::RemoteMediaPlayerManager::removeRemoteVideoTrack):
(WebKit::RemoteMediaPlayerManager::remoteVideoTrackConfigurationChanged):
(WebKit::RemoteMediaPlayerManager::firstVideoFrameAvailable):

• WebProcess/GPU/media/RemoteMediaPlayerManager.h:
• WebProcess/GPU/media/RemoteMediaPlayerManager.messages.in:
• WebProcess/Plugins/Netscape/NetscapePlugin.cpp:

LayoutTests:

• gpu-process/TestExpectations:

6:50 PM Changeset in webkit [254554] by jiewen_tan@apple.com

• 25 edits
  5 copies
  1 add in trunk

[WebAuthn] Implement SPI to tell UI clients to select assertion responses
​https://bugs.webkit.org/show_bug.cgi?id=206112
<rdar://problem/58495733>

Reviewed by Alex Christensen.

Source/WebKit:

Covered by API tests.

This patch adds a new delegate method in _WKWebAuthenticationPanelDelegate to tell UI clients to
select an assertion response when multiple are returned from an authenticator. Here is the SPI:
@protocol _WKWebAuthenticationPanelDelegate <NSObject>
@optional
...

• (void)panel:(_WKWebAuthenticationPanel *)panel selectAssertionResponse:(NSArray < _WKWebAuthenticationAssertionResponse *> *)responses completionHandler:(void (^{)(_WKWebAuthenticationAssertionResponse *))completionHandler;}

...
@end

A new interface is introduced to represent an authenticator assertion response:
@interface _WKWebAuthenticationAssertionResponse : NSObject
@property (nonatomic, readonly, copy) NSString *name;
@property (nonatomic, readonly, copy) NSString *displayName;
@property (nonatomic, readonly, copy) NSData *userHandle;
@end
Only members that can assist users to make a decision are exposed to UI clients.

• Shared/API/APIObject.h:
• Shared/Cocoa/APIObject.mm:

(API::Object::newObject):

• Sources.txt:
• SourcesCocoa.txt:
• UIProcess/API/APIWebAuthenticationAssertionResponse.cpp: Copied from Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticationPanelClient.h.

(API::WebAuthenticationAssertionResponse::create):
(API::WebAuthenticationAssertionResponse::WebAuthenticationAssertionResponse):

• UIProcess/API/APIWebAuthenticationAssertionResponse.h: Copied from Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticationPanelClient.h.
• UIProcess/API/Cocoa/_WKWebAuthenticationAssertionResponse.h: Copied from Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticationPanelClient.h.
• UIProcess/API/Cocoa/_WKWebAuthenticationAssertionResponse.mm: Copied from Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticationPanelClient.h.

(-[_WKWebAuthenticationAssertionResponse dealloc]):
(-[_WKWebAuthenticationAssertionResponse name]):
(-[_WKWebAuthenticationAssertionResponse displayName]):
(-[_WKWebAuthenticationAssertionResponse userHandle]):
(-[_WKWebAuthenticationAssertionResponse _apiObject]):

• UIProcess/API/Cocoa/_WKWebAuthenticationAssertionResponseInternal.h: Copied from Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticationPanelClient.h.
• UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h:
• UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm:
• UIProcess/WebAuthentication/Cocoa/WebAuthenticationPanelClient.h:
• UIProcess/WebAuthentication/Cocoa/WebAuthenticationPanelClient.mm:

(WebKit::WebAuthenticationPanelClient::WebAuthenticationPanelClient):
(WebKit::WebAuthenticationPanelClient::selectAssertionResponses const):

• WebKit.xcodeproj/project.pbxproj:

Tools:

• TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
• TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm:

(-[TestWebAuthenticationPanelDelegate panel:selectAssertionResponses:completionHandler:]):
(TestWebKitAPI::TEST):

• TestWebKitAPI/Tests/WebKitCocoa/web-authentication-get-assertion-hid-multiple-accounts.html: Added.
• TestWebKitAPI/Tests/WebKitCocoa/web-authentication-make-credential-hid.html:

6:21 PM Changeset in webkit [254553] by commit-queue@webkit.org

• 11 edits in trunk

Update API availability for autoplay event
​https://bugs.webkit.org/show_bug.cgi?id=202214
<rdar://problem/55710395>

Patch by Luming Yin <​luming_yin@apple.com> on 2020-01-14
Reviewed by Tim Horton.

Source/WebKit:

• UIProcess/API/Cocoa/WKUIDelegatePrivate.h:

Make enums and WKUIDelegate method related to autoplay event available on iOS.

• UIProcess/Cocoa/UIDelegate.h:
• UIProcess/Cocoa/UIDelegate.mm:

(WebKit::UIDelegate::setDelegate):
(WebKit::toWKAutoplayEventFlags):
(WebKit::toWKAutoplayEvent):
(WebKit::UIDelegate::UIClient::handleAutoplayEvent):
Make delegate methods related to autoplay events available on iOS.

Tools:

• TestWebKitAPI/Tests/WebKit/js-play-with-controls.html:
• TestWebKitAPI/Tests/WebKitCocoa/audio-with-play-button.html:
• TestWebKitAPI/Tests/WebKitCocoa/video-with-play-button.html:

Provide an id for each play button on various testing pages so that they can be triggered on iOS.

• TestWebKitAPI/Tests/WebKitCocoa/WebsitePolicies.mm:

(-[AutoplayPoliciesDelegate _webView:handleAutoplayEvent:withFlags:]):
(-[AsyncAutoplayPoliciesDelegate _webView:handleAutoplayEvent:withFlags:]):
(TEST):
Enable tests related to autoplay policy on iOS.

• TestWebKitAPI/cocoa/TestWKWebView.h:
• TestWebKitAPI/cocoa/TestWKWebView.mm:

(-[TestWKWebView clickOnElementID:]):
Helper method that performs a click on a given element ID.

6:03 PM Changeset in webkit [254552] by timothy_horton@apple.com

• 5 edits in trunk/Source/WebKit

REGRESSION (r253394): After swiping back during a navigation, WKWebView gets stuck with the forward content, stops repainting
​https://bugs.webkit.org/show_bug.cgi?id=206268
<rdar://problem/58536702>

Reviewed by Simon Fraser.

• UIProcess/ViewGestureController.cpp:

(WebKit::ViewGestureController::endSwipeGesture):

• UIProcess/ViewGestureController.h:
• UIProcess/ios/ViewGestureControllerIOS.mm:

(WebKit::ViewGestureController::beginSwipeGesture):
(WebKit::ViewGestureController::endSwipeGesture):
(WebKit::ViewGestureController::removeSwipeSnapshot):

• UIProcess/mac/ViewGestureControllerMac.mm:

(WebKit::ViewGestureController::beginSwipeGesture):
(WebKit::ViewGestureController::removeSwipeSnapshot):
After r253394, we start loading the destination page in willEndSwipeGesture,
when we know the gesture will complete, instead of in endSwipeGesture,
when it is actually done.

This means that if we decide that we should tear down the snapshot immediately,
this can now happen in the window between willEndSwipeGesture and endSwipeGesture.

However, removeSwipeSnapshot has numerous dependencies on endSwipeGesture
(especially on iOS, where there are /also/ dependencies in the other direction -
endSwipeGesture will never be called after removeSwipeSnapshot because
of the gestureID mismatch).

Regardless, it does not make sense to remove the snapshot while the animation
is still running. So, if something causes removeSwipeSnapshot to be called
before endSwipeGesture, we just set a bit and call it inside endSwipeGesture instead.

This ends up putting the snapshot removal ordering back as it was before r253394.

6:00 PM Changeset in webkit [254551] by dino@apple.com

• 19 edits in trunk/Source

Build ANGLE as a dynamic library
​https://bugs.webkit.org/show_bug.cgi?id=204708
rdar://57349384

Rolling this out for the 2nd time.

Source/ThirdParty/ANGLE:

• it caused issues with the shared dyld cache, because the

cache doesn't know to include the libary until it already
exists in the build

• probably related to the above, we saw some performance

regressions directly related to this change

• ANGLE.xcodeproj/project.pbxproj:
• Configurations/ANGLE.xcconfig:
• Configurations/Base.xcconfig:
• Configurations/DebugRelease.xcconfig:
• include/CMakeLists.txt:
• include/GLSLANG/ShaderLang.h:
• include/GLSLANG/ShaderVars.h:
• src/libANGLE/renderer/gl/cgl/DisplayCGL.mm:

(rx::DisplayCGL::isValidNativeWindow const):

• src/libANGLE/renderer/gl/cgl/WindowSurfaceCGL.mm:

(rx::WindowSurfaceCGL::WindowSurfaceCGL):
(rx::WindowSurfaceCGL::~WindowSurfaceCGL):

• src/libANGLE/renderer/gl/eagl/DisplayEAGL.mm:

(rx::DisplayEAGL::terminate):
(rx::DisplayEAGL::isValidNativeWindow const):
(rx::WorkerContextEAGL::~WorkerContextEAGL):

• src/libANGLE/renderer/gl/eagl/WindowSurfaceEAGL.mm:

(rx::WindowSurfaceEAGL::WindowSurfaceEAGL):
(rx::WindowSurfaceEAGL::~WindowSurfaceEAGL):

Source/WebCore:

• Configurations/WebCore.xcconfig:
• Configurations/WebCoreTestSupport.xcconfig:
• WebCore.xcodeproj/project.pbxproj:
• platform/graphics/ANGLEWebKitBridge.cpp:

(WebCore::ANGLEWebKitBridge::ANGLEWebKitBridge):
(WebCore::ANGLEWebKitBridge::cleanupCompilers):
(WebCore::ANGLEWebKitBridge::compileShaderSource):
(WebCore::ANGLEWebKitBridge::angleAvailable): Deleted.

• platform/graphics/ANGLEWebKitBridge.h:
• platform/graphics/cocoa/GraphicsContextGLOpenGLCocoa.mm:

(WebCore::GraphicsContextGLOpenGL::GraphicsContextGLOpenGL):

5:47 PM Changeset in webkit [254550] by pvollan@apple.com

• 2 edits in trunk/Source/WebKit

REGRESSION(iOS 13): createMediaElementSource not working
​https://bugs.webkit.org/show_bug.cgi?id=203435

Reviewed by David Kilzer.

The WebContent process is missing an entitlement according to logs.

• Scripts/process-entitlements.sh:

5:45 PM Changeset in webkit [254549] by keith_miller@apple.com

• 2 edits in trunk/Source/JavaScriptCore

Fix scanSideState assertion
​https://bugs.webkit.org/show_bug.cgi?id=206257

Reviewed by Yusuke Suzuki.

• runtime/VM.cpp:

(JSC::VM::scanSideState const):

5:39 PM Changeset in webkit [254548] by Brent Fulgham

• 3 edits in trunk/Source/WebKit

Expand WebContent process sandbox with additional syscall
​https://bugs.webkit.org/show_bug.cgi?id=206260
<rdar://problem/58580997>

Reviewed by Per Arne Vollan.

Testing shows that we will improve performance on some platforms by supporting an additional Syscall.

This patch revises our sandboxes so that WebKit can use this fast path if available.

No new tests. No change in test result behavior.

• Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:
• WebProcess/com.apple.WebProcess.sb.in:

5:32 PM Changeset in webkit [254547] by Jonathan Bedard

• 5 edits in trunk/Tools

EWS: Run webkitpy tests with Python 2 and 3
​https://bugs.webkit.org/show_bug.cgi?id=206113

Reviewed by Aakash Jain.

• BuildSlaveSupport/ews-build/factories.py:

(WebKitPyFactory.init): Run webkitpy tests in Python 2 and Python 3.

• BuildSlaveSupport/ews-build/factories_unittest.py:

(TestTestsFactory.test_webkitpy_factory):

• BuildSlaveSupport/ews-build/steps.py:

(WebKitPyTest): Renamed from RunWebKitPyTests.
(RunWebKitPyPython2Tests):
(RunWebKitPyPython3Tests):
(RunWebKitPyTests): Renamed to WebKitPyTest.

• BuildSlaveSupport/ews-build/steps_unittest.py:

(TestWebKitPyPython2Tests): Moved from TestWebKitPyTests.
(TestWebKitPyTests): Moved to TestWebKitPyPython2Tests.
(TestWebKitPyPython3Tests): Copied from TestWebKitPyPython2Tests.

5:11 PM Changeset in webkit [254546] by rniwa@webkit.org

• 3 edits in trunk/LayoutTests

REGRESSION: fast/shadow-dom/link-element-in-shadow-tree.html is flaky
​https://bugs.webkit.org/show_bug.cgi?id=171784
<rdar://problem/58123584>

Reviewed by Antti Koivisto.

The timeout is likely caused by the stylesheet not loading within 100ms timeout in the very first test case.
Load and cache the stylesheet before any test cases run to avoid this timeout.

• fast/shadow-dom/link-element-in-shadow-tree.html:
• platform/mac-wk2/TestExpectations: Removed the flaky test expectation.

5:08 PM Changeset in webkit [254545] by aakash_jain@apple.com

• 2 edits in trunk/Tools

[EWS] Status bubble tooltip might display success message sometimes on a failed build
​https://bugs.webkit.org/show_bug.cgi?id=206180

Reviewed by Jonathan Bedard.

• BuildSlaveSupport/ews-app/ews/views/statusbubble.py:

(StatusBubble._build_bubble):
(StatusBubble._most_recent_failure_message): Returns the status from failed step instead of last step.

4:38 PM WebKitGTK/2.26.x edited by clopez@igalia.com

(diff)

4:37 PM WebKitGTK/2.26.x edited by clopez@igalia.com

(diff)

4:26 PM Changeset in webkit [254544] by weinig@apple.com

• 4 edits
  3 moves in trunk/Source/WTF

Plaform.h helper files should have a consistent naming scheme
​https://bugs.webkit.org/show_bug.cgi?id=206240

Reviewed by Dean Jackson.

Rename Plaform.h helper files to use the prefix "Platform" consistently.

• WTF.xcodeproj/project.pbxproj:
• wtf/CMakeLists.txt:
• wtf/CPU.h: Removed.
• wtf/FeatureDefines.h: Removed.
• wtf/OS.h: Removed.
• wtf/Platform.h:
• wtf/PlatformCPU.h: Copied from Source/WTF/wtf/CPU.h.
• wtf/PlatformEnable.h: Copied from Source/WTF/wtf/FeatureDefines.h.
• wtf/PlatformOS.h: Copied from Source/WTF/wtf/OS.h.

4:10 PM Changeset in webkit [254543] by Jonathan Bedard

• 2 edits in trunk/Tools

test-webkitpy: Make json file creation Python 3 compatible
​https://bugs.webkit.org/show_bug.cgi?id=206255

Reviewed by Aakash Jain.

• Scripts/webkitpy/test/main.py:

(_print_results_as_json): Convert maps to lists.

3:50 PM Changeset in webkit [254542] by Jon Davis

• 2 edits in trunk/Websites/webkit.org

Display authors of a Web Inspector reference article
​https://bugs.webkit.org/show_bug.cgi?id=206176

Reviewed by Devin Rousso.

• wp-content/themes/webkit/single-web_inspector_page.php:

3:45 PM Changeset in webkit [254541] by commit-queue@webkit.org

• 3 edits
  2 adds in trunk

Supported mime types for encoding should be supported mime types for loading
​https://bugs.webkit.org/show_bug.cgi?id=206239

Patch by Said Abou-Hallawa <​sabouhallawa@apple.com> on 2020-01-14
Reviewed by Simon Fraser.

Source/WebCore:

Consult isSupportedImageType() for the system supported UTI before
considering its mime type is allowed for the image DataURL encoding.

Test: fast/canvas/toDataURL-unsupportedTypes.html

• platform/MIMETypeRegistry.cpp:

(WebCore::MIMETypeRegistry::createMIMETypeRegistryThreadGlobalData):

LayoutTests:

• fast/canvas/toDataURL-unsupportedTypes-expected.txt: Added.
• fast/canvas/toDataURL-unsupportedTypes.html: Added.

Unsupported mime-types for encoding should fall back to 'image/png'.

3:35 PM Changeset in webkit [254540] by Jon Davis

• 2 edits in trunk/Websites/webkit.org

Add Markdown support for Web Inspector Reference articles
​https://bugs.webkit.org/show_bug.cgi?id=206256

Reviewed by Devin Rousso.

• wp-content/plugins/web-inspector-pages.php:

3:11 PM Changeset in webkit [254539] by Ryan Haddad

• 25 edits
  6 deletes in trunk

Unreviewed, rolling out r254533 and r254535.
​https://bugs.webkit.org/show_bug.cgi?id=206263

Breaks iOS and macOS builds (Requested by ryanhaddad on
#webkit).

Reverted changesets:

"[WebAuthn] Implement SPI to tell UI clients to select
assertion responses"
​https://bugs.webkit.org/show_bug.cgi?id=206112
​https://trac.webkit.org/changeset/254533

"Unreviewed, a build fix after r254533"
​https://trac.webkit.org/changeset/254535

Patch by Commit Queue <​commit-queue@webkit.org> on 2020-01-14

2:37 PM Changeset in webkit [254538] by Wenson Hsieh

• 6 edits in trunk

[iOS] Keyboard input is severely delayed after switching away from unresponsive tab
​https://bugs.webkit.org/show_bug.cgi?id=206242
<rdar://problem/57132891>

Reviewed by Tim Horton.

Source/WebKit:

UIKit delivers key events to WKWebView using asynchronous SPI (-handleKeyWebEvent:withCompletionHandler:). The
completion handler is invoked when the web page has processed the event, and determines whether to proceed with
default behavior via the BOOL handled argument. Using UIKeyboardImpl's UIKeyboardTaskQueue, UIKit appends
subsequent key events to a queue, to be processed by the current first responder after the current key event
has been handled.

In the scenario where the web page is completely unresponsive, this means key events that come after an event
that has been dispatched to the unresponsive page will be stuck in the task queue; this manifests in behaviors
similar to the one in this bug:

• Using a hardware keyboard, press any key in an unresponsive page in Safari.
• Press CMD+T (to create a new tab and focus the unified field) or CMT+L (to just focus the unified field).
• Try to type in the unified field.

The result is that no characters are inserted in the unified field, because the hardware key events are stuck in
UIKeyboardTaskQueue waiting for the unresponsive page to finish handling the current key event. To fix this, we
introduce a mechanism for invoking the key event handler on WKContentView before the web page has actually
finished processing the event, but only in the case where the web view has resigned first responder (and
therefore won't receive subsequent key events anyways).

Tests: KeyboardInputTests.ResigningFirstResponderCancelsKeyEvents

KeyboardInputTests.WaitForKeyEventHandlerInFirstResponder

• UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::hasQueuedKeyEvent const):
(WebKit::WebPageProxy::firstQueuedKeyEvent const):

• UIProcess/WebPageProxy.h:
• UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView resignFirstResponderForWebView]):

After the content view has resigned first responder with a pending key event handler (and if it did not
immediately become first responder again in the same runloop), then invoke the key event handler early, passing
in YES for handled to prevent any default actions such as text insertion from being dispatched to the view.

Tools:

Add a couple of new API tests: (1) verify that the key event completion handler can still be invoked in an
unresponsive web view after resigning first responder, and (2) verify that we'll try to wait for the current
key event to be processed in a web view, if it remains the first responder.

• TestWebKitAPI/Tests/ios/KeyboardInputTestsIOS.mm:

2:35 PM Changeset in webkit [254537] by Alan Coon

• 7 edits in branches/safari-610.1.1-branch

Revert r254334. rdar://problem/58542040

2:35 PM Changeset in webkit [254536] by Alan Coon

• 23 edits in branches/safari-610.1.1-branch

Revert r254521. rdar://problem/58542040

2:26 PM Changeset in webkit [254535] by jiewen_tan@apple.com

• 2 edits in trunk/Source/WebKit

Unreviewed, a build fix after r254533

• UIProcess/WebAuthentication/fido/FidoAuthenticator.cpp:

2:13 PM Changeset in webkit [254534] by mmaxfield@apple.com

• 18 edits
  4 adds in trunk

[Cocoa] Glyph lookup should be language-sensitive (specifically between Yiddish and Hebrew)
​https://bugs.webkit.org/show_bug.cgi?id=77568
<rdar://problem/14649193>

Reviewed by Simon Fraser.

Source/WebCore:

Switch from CTFontTransformGlyphs() to CTFontTransformGlyphsWithLanguage().

CTFontTransformGlyphsWithLanguage() accepts a callback when it needs to insert
glyphs and the glyph buffer isn't big enough. This patch hooks up this callback to
a "makeHole()" function which reallocs the glyph buffer so the hole can be filled in
by shaping.

We cache the CFDictionaries of the CFAttributedString we pass into CoreText using a
HashMap stored in Font.

Tests: fast/text/locale-shaping-complex.html

fast/text/locale-shaping.html

• platform/graphics/Font.cpp:

(WebCore::Font::applyTransforms const):

• platform/graphics/Font.h:

(WebCore::Font::CFStringAttributesKey::CFStringAttributesKey):
(WebCore::Font::CFStringAttributesKey::operator== const):
(WebCore::Font::CFStringAttributesKey::operator!= const):
(WebCore::Font::CFStringAttributesKey::isHashTableDeletedValue const):
(WebCore::Font::CFStringAttributesKey::computeHash const):
(WebCore::Font::CFStringAttributesKeyHash::hash):
(WebCore::Font::CFStringAttributesKeyHash::equal):

• platform/graphics/FontCascade.cpp:

(WebCore::FontCascade::widthForSimpleText const):

• platform/graphics/GlyphBuffer.h:

(WebCore::GlyphBuffer::isEmpty const):
(WebCore::GlyphBuffer::size const):
(WebCore::GlyphBuffer::clear):
(WebCore::GlyphBuffer::advances const):
(WebCore::GlyphBuffer::fontAt const):
(WebCore::GlyphBuffer::add):
(WebCore::GlyphBuffer::remove):
(WebCore::GlyphBuffer::makeHole):
(WebCore::GlyphBuffer::shrink):
(WebCore::GlyphBuffer::swap):
(WebCore::GlyphBuffer::advancesCount const): Deleted.

• platform/graphics/WidthIterator.cpp:

(WebCore::WidthIterator::applyFontTransforms):

• platform/graphics/WidthIterator.h:
• platform/graphics/cocoa/FontCocoa.mm:

(WebCore::Font::applyTransforms const):

• platform/graphics/mac/ComplexTextControllerCoreText.mm:

(WebCore::ComplexTextController::collectComplexTextRunsForCharacters):

• platform/graphics/mac/SimpleFontDataCoreText.cpp:

(WebCore::Font::getCFStringAttributes const):

Source/WebCore/PAL:

• pal/spi/cocoa/CoreTextSPI.h:

Source/WTF:

• wtf/Platform.h:

LayoutTests:

• fast/text/locale-shaping-complex-expected-mismatch.html: Added.
• fast/text/locale-shaping-complex.html: Added.
• fast/text/locale-shaping-expected-mismatch.html: Added.
• fast/text/locale-shaping.html: Added.
• platform/gtk/TestExpectations:
• platform/mac/TestExpectations:
• platform/win/TestExpectations:

1:37 PM Changeset in webkit [254533] by jiewen_tan@apple.com

• 23 edits
  5 copies
  1 add in trunk

[WebAuthn] Implement SPI to tell UI clients to select assertion responses
​https://bugs.webkit.org/show_bug.cgi?id=206112
<rdar://problem/58495733>

Reviewed by Alex Christensen.

Source/WebKit:

Covered by API tests.

This patch adds a new delegate method in _WKWebAuthenticationPanelDelegate to tell UI clients to
select an assertion response when multiple are returned from an authenticator. Here is the SPI:
@protocol _WKWebAuthenticationPanelDelegate <NSObject>
@optional
...

• (void)panel:(_WKWebAuthenticationPanel *)panel selectAssertionResponse:(NSArray < _WKWebAuthenticationAssertionResponse *> *)responses completionHandler:(void (^{)(_WKWebAuthenticationAssertionResponse *))completionHandler;}

...
@end

A new interface is introduced to represent an authenticator assertion response:
@interface _WKWebAuthenticationAssertionResponse : NSObject
@property (nonatomic, readonly, copy) NSString *name;
@property (nonatomic, readonly, copy) NSString *displayName;
@property (nonatomic, readonly, copy) NSData *userHandle;
@end
Only members that can assist users to make a decision are exposed to UI clients.

• Shared/API/APIObject.h:
• Shared/Cocoa/APIObject.mm:

(API::Object::newObject):

• Sources.txt:
• SourcesCocoa.txt:
• UIProcess/API/APIWebAuthenticationAssertionResponse.cpp: Copied from Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticationPanelClient.h.

(API::WebAuthenticationAssertionResponse::create):
(API::WebAuthenticationAssertionResponse::WebAuthenticationAssertionResponse):

• UIProcess/API/APIWebAuthenticationAssertionResponse.h: Copied from Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticationPanelClient.h.
• UIProcess/API/Cocoa/_WKWebAuthenticationAssertionResponse.h: Copied from Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticationPanelClient.h.
• UIProcess/API/Cocoa/_WKWebAuthenticationAssertionResponse.mm: Copied from Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticationPanelClient.h.

(-[_WKWebAuthenticationAssertionResponse dealloc]):
(-[_WKWebAuthenticationAssertionResponse name]):
(-[_WKWebAuthenticationAssertionResponse displayName]):
(-[_WKWebAuthenticationAssertionResponse userHandle]):
(-[_WKWebAuthenticationAssertionResponse _apiObject]):

• UIProcess/API/Cocoa/_WKWebAuthenticationAssertionResponseInternal.h: Copied from Source/WebKit/UIProcess/WebAuthentication/Cocoa/WebAuthenticationPanelClient.h.
• UIProcess/API/Cocoa/_WKWebAuthenticationPanel.h:
• UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm:
• UIProcess/WebAuthentication/Cocoa/WebAuthenticationPanelClient.h:
• UIProcess/WebAuthentication/Cocoa/WebAuthenticationPanelClient.mm:

(WebKit::WebAuthenticationPanelClient::WebAuthenticationPanelClient):
(WebKit::WebAuthenticationPanelClient::selectAssertionResponses const):

• WebKit.xcodeproj/project.pbxproj:

Tools:

• TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
• TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm:

(-[TestWebAuthenticationPanelDelegate panel:selectAssertionResponses:completionHandler:]):
(TestWebKitAPI::TEST):

• TestWebKitAPI/Tests/WebKitCocoa/web-authentication-get-assertion-hid-multiple-accounts.html: Added.
• TestWebKitAPI/Tests/WebKitCocoa/web-authentication-make-credential-hid.html:

1:32 PM Changeset in webkit [254532] by Jonathan Bedard

• 3 edits in trunk/Tools

webkitpy: Pass ImageDiff commands in a single write
​https://bugs.webkit.org/show_bug.cgi?id=206194
<rdar://problem/58578775>

Reviewed by Stephanie Lewis.

ImageDiff can encounter race conditions if it is fed content in multiple writes,
instead of in a single block.

• Scripts/webkitpy/port/image_diff.py:

(ImageDiffer.diff_image): Pass ImageDiff data in a single write command.

• Scripts/webkitpy/port/port_testcase.py:

(PortTestCase.test_diff_imagemissing_both): diff_image only accepts byte arrays.
(PortTestCase.test_diff_imagemissing_actual): Ditto.
(PortTestCase.test_diff_imagemissing_expected): Ditto.
(PortTestCase.test_diff_image): Ditto.
(PortTestCase.test_diff_image_passed): Ditto.
(PortTestCase.test_diff_image_failed): Ditto.
(PortTestCase.test_diff_image_crashed): Ditto.

1:24 PM Changeset in webkit [254531] by commit-queue@webkit.org

• 3 edits in trunk/LayoutTests

Gardening after r251750
​https://bugs.webkit.org/show_bug.cgi?id=206249

Patch by Lauro Moura <Lauro Moura> on 2020-01-14
Reviewed by Žan Doberšek.

• platform/gtk/fast/css/hsl-color-expected.txt:
• platform/gtk/fast/css/hsla-color-expected.txt:

1:23 PM Changeset in webkit [254530] by mmaxfield@apple.com

• 4 edits in trunk/LayoutTests

[iOS] fast/forms/contenteditable-font-optical-size.html landed flaky
​https://bugs.webkit.org/show_bug.cgi?id=203371
<rdar://problem/56590026>

Reviewed by Wenson Hsieh.

• fast/forms/contenteditable-font-optical-size-expected.txt:
• fast/forms/contenteditable-font-optical-size.html:
• platform/ios-wk2/TestExpectations:

1:19 PM Changeset in webkit [254529] by mmaxfield@apple.com

• 3 edits
  1 delete in trunk/LayoutTests

REGRESSION: [ Catalina wk1 ] editing/mac/attributed-string/attributed-string-across-shadow-boundaries-with-style-2.html is failing
​https://bugs.webkit.org/show_bug.cgi?id=205814
<rdar://problem/58347056>

Unreviewed test gardening.

• editing/mac/attributed-string/attributed-string-across-shadow-boundaries-with-style-2-expected.txt: Removed.
• platform/mac-wk1/TestExpectations:
• platform/mac-wk1/editing/mac/attributed-string/attributed-string-across-shadow-boundaries-with-style-2-expected.txt:

1:01 PM Changeset in webkit [254528] by Jon Davis

• 2 edits in trunk/Websites/webkit.org

Fix blog post article title justification
​https://bugs.webkit.org/show_bug.cgi?id=206245

Reviewed by Devin Rousso.

• wp-content/themes/webkit/style.css:

(main h1):

1:00 PM WebKitGTK/MaintenanceTips edited by clopez@igalia.com

(diff)

12:51 PM Changeset in webkit [254527] by basuke.suzuki@sony.com

• 7 edits in trunk/Source/bmalloc

[bmalloc] Calculate LineMetadata for specific VM page size in compile time
​https://bugs.webkit.org/show_bug.cgi?id=206044

Reviewed by Yusuke Suzuki.

LineMetadata is dependent only on VM page size. This patch enables the pre-calculation for
specific VM page sizes by compiler flags. The benefit is both runtime initialization speed
up and avoiding extra VM allocation on runtime.

First targets are 4k (Mac) and 16k (some iOS, PlayStation) VM page sizes.

• bmalloc/Algorithm.h:

(bmalloc::divideRoundingUp):

• bmalloc/BPlatform.h:
• bmalloc/HeapConstants.cpp:

(bmalloc::fillLineMetadata):
(bmalloc::computeLineMetadata):
(bmalloc::HeapConstants::initializeLineMetadata):

• bmalloc/HeapConstants.h:

(bmalloc::HeapConstants::smallLineCount const):
(bmalloc::HeapConstants::startOffset const):
(bmalloc::HeapConstants::objectCount const):
(bmalloc::HeapConstants::lineMetadata const):
(bmalloc::HeapConstants::startOffset): Deleted.
(bmalloc::HeapConstants::objectCount): Deleted.
(bmalloc::HeapConstants::lineMetadata): Deleted.

• bmalloc/LineMetadata.h:
• bmalloc/Sizes.h:

(bmalloc::Sizes::maskObjectSize):
(bmalloc::Sizes::logSizeClass):
(bmalloc::Sizes::logObjectSize):
(bmalloc::Sizes::sizeClass):
(bmalloc::Sizes::objectSize):
(bmalloc::Sizes::pageSize):
(bmalloc::Sizes::smallLineCount):

12:46 PM Changeset in webkit [254526] by Ross Kirsling

• 2 edits in trunk/Source/WebCore

[PlayStation] Add standardUserAgentForURL stub
​https://bugs.webkit.org/show_bug.cgi?id=206247

Reviewed by Don Olmstead.

• platform/playstation/UserAgentPlayStation.cpp:

(WebCore::standardUserAgentForURL):

12:19 PM Changeset in webkit [254525] by Diego Pino Garcia

• 2 edits
  2 adds in trunk/LayoutTests

[GTK] Unreviewed test gardening
​https://bugs.webkit.org/show_bug.cgi?id=206224

• platform/gtk/TestExpectations:
• platform/gtk/imported/w3c/web-platform-tests/css/css-sizing/button-min-width-expected.txt: Added.

12:03 PM Changeset in webkit [254524] by Ross Kirsling

• 3 edits
  1 move
  1 add in trunk/Source/WebKit

WebPasteboardProxyWPE should be WebPasteboardProxyLibWPE
​https://bugs.webkit.org/show_bug.cgi?id=206243

Reviewed by Adrian Perez de Castro.

WebPasteboardProxy.h already has USE(LIBWPE) so we basically just need to move the file.

• SourcesWPE.txt:
• UIProcess/WebPasteboardProxy.cpp:
• UIProcess/libwpe/WebPasteboardProxyLibWPE.cpp: Renamed from Source/WebKit/UIProcess/wpe/WebPasteboardProxyWPE.cpp.

12:00 PM Changeset in webkit [254523] by Devin Rousso

• 2 edits in trunk/Source/JavaScriptCore

Web Inspector: crash in DumpRenderTree at com.apple.JavaScriptCore: WTF::RefCountedBase::hasOneRef const
​https://bugs.webkit.org/show_bug.cgi?id=206191
<rdar://problem/58415623>

Reviewed by Joseph Pecoraro.

• debugger/Debugger.cpp:

(JSC::Debugger::attach):
(GatherSourceProviders::GatherSourceProviders): Deleted.
(GatherSourceProviders::operator()): Deleted.
Use RefPtr<SourceProvider> instead of SourceProvider* in case the FunctionExecutable
is destroyed after the SourceProvider* is saved, which would destroy the SourceProvider
as well.

11:37 AM Changeset in webkit [254522] by Alan Coon

• 7 edits in branches/safari-610.1.1-branch/Source/WebKit

Cherry-pick r254433. rdar://problem/58554516

[macCatalyst] UI process crashes on launch after r254101
​https://bugs.webkit.org/show_bug.cgi?id=206156
<rdar://problem/58514942>

Reviewed by Brent Fulgham.

Fixes the crash by not soft-linking BackBoardServices in an attempt to invoke BKSDisplayBrightnessGetCurrent on
macCatalyst. Prior to r254101, this was only defined on iOS and not watchOS or tvOS; after this change, it
should be defined only on iOS, watchOS and tvOS.

• UIProcess/Cocoa/WebProcessPoolCocoa.mm: (WebKit::WebProcessPool::registerNotificationObservers):
• UIProcess/WebProcessPool.cpp: (WebKit::WebProcessPool::initializeNewWebProcess):
• UIProcess/WebProcessPool.h:
• WebProcess/WebProcess.h:
• WebProcess/WebProcess.messages.in:
• WebProcess/cocoa/WebProcessCocoa.mm:

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254433 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:37 AM Changeset in webkit [254521] by Alan Coon

• 23 edits in branches/safari-610.1.1-branch

Revert r254392. rdar://problem/58542040

11:28 AM Changeset in webkit [254520] by commit-queue@webkit.org

• 7 edits in trunk/Source

Need workaround for crash in Intel OpenGL driver related to texture copying feedback loops
​https://bugs.webkit.org/show_bug.cgi?id=205843

Source/ThirdParty/ANGLE:

Remove ANGLE workaround introduced in bug 205707, as it was
discovered to be incomplete, and was never upstreamed. The correct
workaround will be integrated in the next ANGLE roll.

Patch by Kenneth Russell <​kbr@chromium.org> on 2020-01-14
Reviewed by Dean Jackson.

• include/platform/FeaturesGL.h:
• src/libANGLE/renderer/gl/StateManagerGL.cpp:

(rx::StateManagerGL::bindFramebuffer):

• src/libANGLE/renderer/gl/renderergl_utils.cpp:

(rx::nativegl_gl::InitializeFeatures):

Source/WebCore:

Work around bug in Intel OpenGL driver related to
glCopyTex{Sub}Image/glDeleteTextures by flushing before texture
deletion, if a copy to a texture has been performed recently.

Tested with a forthcoming WebGL conformance test.

Patch by Kenneth Russell <​kbr@chromium.org> on 2020-01-14
Reviewed by Dean Jackson.

• platform/graphics/opengl/GraphicsContextGLOpenGL.h:
• platform/graphics/opengl/GraphicsContextGLOpenGLCommon.cpp:

(WebCore::GraphicsContextGLOpenGL::copyTexImage2D):
(WebCore::GraphicsContextGLOpenGL::copyTexSubImage2D):
(WebCore::GraphicsContextGLOpenGL::finish):
(WebCore::GraphicsContextGLOpenGL::flush):
(WebCore::GraphicsContextGLOpenGL::deleteTexture):

11:05 AM Changeset in webkit [254519] by eric.carlson@apple.com

• 13 edits
  1 add in trunk/Source/WebKit

Nake MediaPlayerPrivateRemoteProxy a message receiver
​https://bugs.webkit.org/show_bug.cgi?id=206237
<rdar://problem/58569057>

Reviewed by Youenn Fablet.

No new tests, no functional change.

Make MediaPlayerPrivateRemoteProxy a message receiver so we don't need a trampoline
for every method in the MediaPlayerPrivateRemoteManagerProxy.

• DerivedSources-input.xcfilelist:
• DerivedSources-output.xcfilelist:
• DerivedSources.make:
• GPUProcess/GPUConnectionToWebProcess.cpp:

(WebKit::GPUConnectionToWebProcess::didReceiveMessage):

• GPUProcess/media/RemoteMediaPlayerManagerProxy.cpp:

(WebKit::RemoteMediaPlayerManagerProxy::didReceivePlayerMessage):
(WebKit::RemoteMediaPlayerManagerProxy::prepareForPlayback): Deleted.
(WebKit::RemoteMediaPlayerManagerProxy::load): Deleted.
(WebKit::RemoteMediaPlayerManagerProxy::cancelLoad): Deleted.
(WebKit::RemoteMediaPlayerManagerProxy::prepareToPlay): Deleted.
(WebKit::RemoteMediaPlayerManagerProxy::play): Deleted.
(WebKit::RemoteMediaPlayerManagerProxy::pause): Deleted.
(WebKit::RemoteMediaPlayerManagerProxy::seek): Deleted.
(WebKit::RemoteMediaPlayerManagerProxy::seekWithTolerance): Deleted.
(WebKit::RemoteMediaPlayerManagerProxy::setVolume): Deleted.
(WebKit::RemoteMediaPlayerManagerProxy::setMuted): Deleted.
(WebKit::RemoteMediaPlayerManagerProxy::setPreload): Deleted.
(WebKit::RemoteMediaPlayerManagerProxy::setPrivateBrowsingMode): Deleted.
(WebKit::RemoteMediaPlayerManagerProxy::setPreservesPitch): Deleted.
(WebKit::RemoteMediaPlayerManagerProxy::prepareForRendering): Deleted.
(WebKit::RemoteMediaPlayerManagerProxy::setSize): Deleted.
(WebKit::RemoteMediaPlayerManagerProxy::setVisible): Deleted.
(WebKit::RemoteMediaPlayerManagerProxy::setShouldMaintainAspectRatio): Deleted.
(WebKit::RemoteMediaPlayerManagerProxy::setVideoFullscreenFrame): Deleted.
(WebKit::RemoteMediaPlayerManagerProxy::setVideoFullscreenGravity): Deleted.
(WebKit::RemoteMediaPlayerManagerProxy::acceleratedRenderingStateChanged): Deleted.
(WebKit::RemoteMediaPlayerManagerProxy::setShouldDisableSleep): Deleted.
(WebKit::RemoteMediaPlayerManagerProxy::setRate): Deleted.
(WebKit::RemoteMediaPlayerManagerProxy::audioTrackSetEnabled): Deleted.
(WebKit::RemoteMediaPlayerManagerProxy::videoTrackSetSelected): Deleted.

• GPUProcess/media/RemoteMediaPlayerManagerProxy.h:
• GPUProcess/media/RemoteMediaPlayerManagerProxy.messages.in:
• GPUProcess/media/RemoteMediaPlayerProxy.h:
• WebKit.xcodeproj/project.pbxproj:
• WebProcess/GPU/media/AudioTrackPrivateRemote.cpp:

(WebKit::AudioTrackPrivateRemote::setEnabled):

• WebProcess/GPU/media/MediaPlayerPrivateRemote.cpp:

(WebKit::MediaPlayerPrivateRemote::prepareForPlayback):
(WebKit::MediaPlayerPrivateRemote::MediaPlayerPrivateRemote::load):
(WebKit::MediaPlayerPrivateRemote::cancelLoad):
(WebKit::MediaPlayerPrivateRemote::prepareToPlay):
(WebKit::MediaPlayerPrivateRemote::play):
(WebKit::MediaPlayerPrivateRemote::pause):
(WebKit::MediaPlayerPrivateRemote::setPreservesPitch):
(WebKit::MediaPlayerPrivateRemote::setVolumeDouble):
(WebKit::MediaPlayerPrivateRemote::setMuted):
(WebKit::MediaPlayerPrivateRemote::setPreload):
(WebKit::MediaPlayerPrivateRemote::setPrivateBrowsingMode):
(WebKit::MediaPlayerPrivateRemote::seek):
(WebKit::MediaPlayerPrivateRemote::seekWithTolerance):
(WebKit::MediaPlayerPrivateRemote::prepareForRendering):
(WebKit::MediaPlayerPrivateRemote::setSize):
(WebKit::MediaPlayerPrivateRemote::setVisible):
(WebKit::MediaPlayerPrivateRemote::setShouldMaintainAspectRatio):
(WebKit::MediaPlayerPrivateRemote::setVideoFullscreenFrame):
(WebKit::MediaPlayerPrivateRemote::setVideoFullscreenGravity):
(WebKit::MediaPlayerPrivateRemote::acceleratedRenderingStateChanged):
(WebKit::MediaPlayerPrivateRemote::setShouldDisableSleep):

• WebProcess/GPU/media/VideoTrackPrivateRemote.cpp:

(WebKit::VideoTrackPrivateRemote::setSelected):

10:37 AM Changeset in webkit [254518] by don.olmstead@sony.com

• 6 edits
  1 move
  1 delete in trunk/Source/WebKit

Share TextChecker stub for ports without text checking
​https://bugs.webkit.org/show_bug.cgi?id=205964

Reviewed by Ross Kirsling.

No new tests. No change in behavior.

The Windows and WPE ports have the same stub for text checking. Combine those
two for non-Cocoa and non-GTK ports.

• PlatformFTW.cmake:
• PlatformWin.cmake:
• Sources.txt:
• SourcesWPE.txt:
• UIProcess/TextChecker.cpp: Renamed from Source/WebKit/UIProcess/wpe/TextCheckerWPE.cpp.

(WebKit::checkerState):
(WebKit::TextChecker::state):
(WebKit::TextChecker::checkTextOfParagraph):

• UIProcess/win/TextCheckerWin.cpp: Removed.
• WebKit.xcodeproj/project.pbxproj:

10:08 AM Changeset in webkit [254517] by sbarati@apple.com

• 3 edits in trunk/Source/JavaScriptCore

Add an option that enables/disables throwing away baseline JIT code
​https://bugs.webkit.org/show_bug.cgi?id=206244

Reviewed by Robin Morisset.

This option is now set to false as I investigate a perf regression with
the original patch.

• bytecode/CodeBlock.cpp:

(JSC::CodeBlock::finalizeUnconditionally):

• runtime/OptionsList.h:

9:48 AM Changeset in webkit [254516] by Ryan Haddad

• 18 edits
  9 deletes in trunk

Unreviewed, rolling out r254505.

Breaks watchOS/tvOS/Catalyst builds.

Reverted changeset:

"Add support for MediaStream audio track rendering in
GPUProcess"
​https://bugs.webkit.org/show_bug.cgi?id=206175
​https://trac.webkit.org/changeset/254505

9:26 AM Changeset in webkit [254515] by commit-queue@webkit.org

• 2 edits in trunk/Source/WebKit

Suppress compiler warnings
​https://bugs.webkit.org/show_bug.cgi?id=206235

Patch by Víctor Manuel Jáquez Leal <​vjaquez@igalia.com> on 2020-01-14
Reviewed by Youenn Fablet.

Use PRIu64 formatter for uint64_t instead of %llu.

No functional changes.

• UIProcess/WebPageProxy.cpp:

9:16 AM Changeset in webkit [254514] by Darin Adler

• 41 edits
  1 delete in trunk

Use even more "shortest form" formatting, and less "fixed precision" and "fixed width"
​https://bugs.webkit.org/show_bug.cgi?id=198918

Reviewed by Sam Weinig.

Source/JavaScriptCore:

• API/tests/ExecutionTimeLimitTest.cpp:

(testExecutionTimeLimit): Rewrote the string creation code to use makeString instead
of StringBuilder and no longer use any fixed precision.

• runtime/Options.cpp:

(JSC::OptionReader::Option::dump const): Dump doubles with shortest form instead of
fixed precision.

Source/WebCore:

The places left untouched are the ones where changing behavior has some kind of unwanted
observable effect for one of two reasons. Otherwise, switched almost all call sites.

1) Substantial number of test results that depend on the current behavior.

2) Poor rounding resulting in conversion from float to double and back (or similar) that

results in values with tiny fractional residue like "6.000001".

• accessibility/AccessibilityNodeObject.cpp:

(WebCore::AccessibilityNodeObject::changeValueByStep): Use shortest instead of fixed.
(WebCore::AccessibilityNodeObject::changeValueByPercent): Ditto.

• css/CSSAspectRatioValue.cpp:

(WebCore::CSSAspectRatioValue::customCSSText const): Ditto.

• css/CSSFontVariationValue.cpp:

(WebCore::CSSFontVariationValue::customCSSText const): Ditto. Also use makeString instead of
StringBuilder for better efficiency.

• css/CSSGradientValue.cpp:

(WebCore::appendGradientStops): Ditto.

• css/CSSKeyframeRule.cpp:

(WebCore::StyleRuleKeyframe::keyText const): Ditto.

• css/CSSTimingFunctionValue.cpp:

(WebCore::CSSCubicBezierTimingFunctionValue::customCSSText const): Ditto.

• css/MediaQueryEvaluator.cpp:

(WebCore::aspectRatioValueAsString): Ditto.

• css/TransformFunctions.h: Removed unnneeded forward declarations.

• css/parser/CSSParserToken.cpp:

(WebCore::CSSParserToken::serialize const): Use shortest instead of fixed.

• html/HTMLImageElement.cpp:

(WebCore::HTMLImageElement::completeURLsInAttributeValue const): Ditto.

• html/track/VTTCue.cpp:

(WebCore::VTTCueBox::applyCSSProperties): Use shortest instead of fixed.
Also wrote a FIXME abot this strange code that uses "calc()" to do math on two numbers,
math that could instead be done by the code converting the numbers to a style string.

• inspector/InspectorOverlay.cpp:

(WebCore::InspectorOverlay::drawRulers): Use shortest instead of fixed.

• page/CaptionUserPreferencesMediaAF.cpp:

(WebCore::CaptionUserPreferencesMediaAF::windowRoundedCornerRadiusCSS const): Ditto.

• page/scrolling/AxisScrollSnapOffsets.cpp:

(WebCore::snapOffsetsToString): Ditto.
(WebCore::snapOffsetRangesToString): Ditto.
(WebCore::snapPortOrAreaToString): Ditto.

• platform/graphics/Color.cpp:

(WebCore::decimalDigit): Added.
(WebCore::serializedFractionDigitsForFractionalAlphaValue): Added.
(WebCore::Color::cssText const): Rewrote to generate the same results using
makeString rather than StringBuilder, and integer math rather than converting from
integer to floating point and then doing floating point math.

• platform/graphics/ExtendedColor.cpp:

(WebCore::ExtendedColor::cssText const): Use shortest instead of fixed.

• rendering/RenderLayerCompositor.cpp:

(WebCore::RenderLayerCompositor::logLayerInfo): Ditto.

• svg/SVGAngleValue.cpp:

(WebCore::SVGAngleValue::valueAsString const): Ditto.

• svg/SVGLengthList.h: Added now-needed include of StringBuilder.h.

• svg/SVGLengthValue.cpp:

(WebCore::SVGLengthValue::valueAsString const): Use shortest instead of fixed.

• svg/SVGNumberList.h: Ditto.

• svg/SVGPathStringBuilder.cpp:

(WebCore::appendFlag): Use multiple-argument append for better efficiency.
(WebCore::appendNumber): Added a comment about why we can't yet convert this to use
shortest instead of fixed: code that parses floats but then creates a CG path
that stores things as double and does math as double then converts back to float
results in float values that didn't round trip well and have fractions. This is
smoothed away (hidden) by using fixed precision to conver them to strings.
(WebCore::appendPoint): Call appendNumber to cut down on repeated code.

• svg/SVGPointList.h: Use shortest instead of fixed.

• svg/SVGTransformValue.h:

(WebCore::SVGTransformValue::prefixForTransfromType): Return a string literal
instead of a WTF::String to avoid creating and destroying an object each time.
(WebCore::SVGTransformValue::appendFixedPrecisionNumbers): Added a comment explaining
why we need to continue to use fixed precision here. Same issue with CGAffineTransform
using double as we have with CGPath above.

• svg/properties/SVGPropertyTraits.h:

(WebCore::SVGPropertyTraits<float>::toString): Use shortest instead of fixed.
(WebCore::SVGPropertyTraits<FloatPoint>::toString): Ditto.
(WebCore::SVGPropertyTraits<FloatRect>::toString): Ditto.

• testing/Internals.cpp:

(WebCore::Internals::dumpMarkerRects): Added a comment explaining why we have to use
fixed precision here. There are many test results that we would need to update.
(WebCore::Internals::configurationForViewport): Ditto.
(WebCore::Internals::getCurrentCursorInfo): Use shortest instead of fixed.

• xml/XPathValue.cpp:

(WebCore::XPath::Value::toString const): Ditto.

Source/WebKit:

• NetworkProcess/cache/NetworkCache.cpp:

(WebKit::NetworkCache::Cache::dumpContentsToFile): Use shortest instead of fixed.
Also use makeString instead of StringBuilder.

• NetworkProcess/cache/NetworkCacheEntry.cpp:

(WebKit::NetworkCache::Entry::asJSON const): Use shortest instead of fixed.
Also use multiple-argument append on StringBuilder to make the function shorter
and easier to read.

• Shared/Gamepad/GamepadData.cpp:

(WebKit::GamepadData::loggingString const): Ditto.

• UIProcess/ViewGestureController.cpp:

(WebKit::ViewGestureController::SnapshotRemovalTracker::startWatchdog):
Use shortest instead of fixed.

Source/WTF:

• wtf/Logger.h:

(WTF::LogArgument::toString): Log floating point numbers as shortest form instead of fixed precision.

• wtf/MediaTime.cpp:

(WTF::MediaTime::toString const): Convert time to string as shortest form instead of fixed precision.
Also use multiple-argument append for great simplicity and clarity.

LayoutTests:

• platform/mac/svg/dom/length-list-parser-expected.png: Removed. Not sure how many other pixel

results we have like this, but this included an ancient style Aqua scrollbar so hasn't matched
anything for years and would clearly not have any value for regression testing.

• svg/dom/length-list-parser-expected.txt: Updated to expect logging of a 7 digit length as an

integer rather than rounded as "d.ddddd+6".

8:52 AM Changeset in webkit [254513] by commit-queue@webkit.org

• 7 edits
  2 adds in trunk/LayoutTests

[GTK][WPE] Failures in imported/w3c/web-platform-tests/2dcontext/imagebitmap due to missing OffscreenCanvas.copiedImage
​https://bugs.webkit.org/show_bug.cgi?id=206221

Unreviewed test gardening.

Patch by Chris Lord <Chris Lord> on 2020-01-14

• platform/gtk/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-drawImage-expected.txt:
• platform/gtk/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-flipY-expected.txt: Added.
• platform/gtk/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-invalid-args-expected.txt:
• platform/gtk/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-origin.sub-expected.txt:
• platform/gtk/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-serializable-expected.txt:
• platform/gtk/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-transfer-expected.txt:
• platform/wpe/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-drawImage-expected.txt:
• platform/wpe/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-flipY-expected.txt: Added.
• platform/wpe/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-invalid-args-expected.txt:
• platform/wpe/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-origin.sub-expected.txt:
• platform/wpe/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-serializable-expected.txt:
• platform/wpe/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-transfer-expected.txt:

8:37 AM Changeset in webkit [254512] by Peng Liu

• 2 edits in trunk/Source/WebCore

A video element cannot enter fullscreen from PiP mode
​https://bugs.webkit.org/show_bug.cgi?id=204468

Reviewed by Eric Carlson.

This patch fixes two issues:

• Make sure the message exchanges between WebContent and UI process can complete in the scenario that switching to fullscreen from PiP.
• Do not send fullscreenModeChanged event with mode = 3 (both fullscreen and Picture-in-Picture) to WebContent process.

We need to use API tests to verify the fix.
No new tests are added because of webkit.org/b/203724.

• platform/ios/VideoFullscreenInterfaceAVKit.mm:

(VideoFullscreenInterfaceAVKit::didStopPictureInPicture):
(VideoFullscreenInterfaceAVKit::doEnterFullscreen):
(VideoFullscreenInterfaceAVKit::setMode):

8:22 AM Changeset in webkit [254511] by commit-queue@webkit.org

• 3 edits in trunk/Source/WebKit

[GLib] Remove unused private variable
​https://bugs.webkit.org/show_bug.cgi?id=206232

Patch by Víctor Manuel Jáquez Leal <​vjaquez@igalia.com> on 2020-01-14
Reviewed by Carlos Garcia Campos.

Remove m_context which is not used.

No functional changes.

• UIProcess/API/glib/WebKitProtocolHandler.cpp:

(WebKit::WebKitProtocolHandler::WebKitProtocolHandler):

• UIProcess/API/glib/WebKitProtocolHandler.h:

8:06 AM Changeset in webkit [254510] by Antti Koivisto

• 11 edits in trunk

[LFC][Integration] Support the feature flag in DumpRenderTree
​https://bugs.webkit.org/show_bug.cgi?id=206218

Reviewed by Zalan Bujtas.

Source/WebKitLegacy/mac:

• WebView/WebPreferenceKeysPrivate.h:
• WebView/WebPreferences.mm:

(+[WebPreferences initialize]):
(-[WebPreferences layoutFormattingContextIntegrationEnabled]):
(-[WebPreferences setLayoutFormattingContextIntegrationEnabled:]):

• WebView/WebPreferencesPrivate.h:
• WebView/WebView.mm:

(-[WebView _preferencesChanged:]):

Tools:

This allows tests to turn off the feature in WK1 if needed.

• DumpRenderTree/TestOptions.cpp:

(TestOptions::TestOptions):

• DumpRenderTree/TestOptions.h:
• DumpRenderTree/mac/DumpRenderTree.mm:

(setWebPreferencesForTestOptions):

LayoutTests:

• platform/mac-wk1/TestExpectations:

7:22 AM Changeset in webkit [254509] by aboya@igalia.com

• 5 edits in trunk

[WTF] Make MediaTime constructor constexpr
​https://bugs.webkit.org/show_bug.cgi?id=206036

Reviewed by Adrian Perez de Castro.

Source/WTF:

​https://bugs.webkit.org/show_bug.cgi?id=205723 allowed to declare
MediaTime variables as static inside functions without needing a
global destructor.

It did not eliminate the call to the MediaTime constructor on runtime
though. This wasn't a problem for static variables inside functions,
as the compiler adds a guard variable to call the constructor the
first time the function is called.

On the other hand, for variables defined outside of the scope of the
function, for them to be initialized the MediaTime constructor would
have to be called at runtime from a global constructor, something
we're trying to avoid and which generates an error in clang.

But again, MediaTime is a simple class with only integral values, we
shouldn't need a runtime function call to initialize it!

This patch makes the MediaTime constructor constexpr so that we don't
need runtime initialization for static MediaTime variables. This
allows us to declare them outside functions and enables the compiler
to generate code without guard variables when static MediaTime
variables are declared inside functions.

A test has been added accessing a global const static MediaTime. The
build should not produce any error stating the need for a global
constructor.

• wtf/MediaTime.cpp:
• wtf/MediaTime.h:

(WTF::MediaTime::MediaTime):

Tools:

Added test for global static MediaTime constants.

• TestWebKitAPI/Tests/WTF/MediaTime.cpp:

(TestWebKitAPI::TEST):

6:51 AM Changeset in webkit [254508] by Philippe Normand

• 2 edits in trunk/Source/WebCore

[GStreamer] Unreviewed build warning fix after r254503

• platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:

(CachedResourceStreamingClient::dataReceived):

6:49 AM Changeset in webkit [254507] by Philippe Normand

• 4 edits in trunk/Source/WebCore

[GStreamer] improve video rendering stats
​https://bugs.webkit.org/show_bug.cgi?id=143827

Reviewed by Xabier Rodriguez-Calvar.

Enable fpsdisplaysink unconditionally for statistics retrieval. If
GStreamer 1.18 (current git master is 1.17) is detected at runtime
we can simply use the new basesink stats property, so proxy it
in our custom GL sink. The ENABLE(MEDIA_STATISTICS) feature seems
to have been deprecated in favor of the
HTMLVideoElement.getVideoPlaybackQuality() interface so remove the
unused corresponding MediaPlayerPrivate method overrides.

• platform/graphics/gstreamer/GLVideoSinkGStreamer.cpp:

(webKitGLVideoSinkGetProperty):
(webkit_gl_video_sink_class_init):

• platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

(WebCore::MediaPlayerPrivateGStreamer::createVideoSink):
(WebCore::MediaPlayerPrivateGStreamer::videoPlaybackQualityMetrics):
(WebCore::MediaPlayerPrivateGStreamer::decodedFrameCount const): Deleted.
(WebCore::MediaPlayerPrivateGStreamer::droppedFrameCount const): Deleted.
(WebCore::MediaPlayerPrivateGStreamer::audioDecodedByteCount const): Deleted.
(WebCore::MediaPlayerPrivateGStreamer::videoDecodedByteCount const): Deleted.

• platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:

6:40 AM Changeset in webkit [254506] by clopez@igalia.com

• 12 edits
  3 adds in trunk

[Freetype] Support for the -webkit-font-smoothing CSS property
​https://bugs.webkit.org/show_bug.cgi?id=54763

Reviewed by Simon Fraser.

Source/WebCore:

Pass the smoothing preference defined on the CSS style, so its
taken into account when drawing the font. If the CSS doesn't
specify any preference then it behaves like before this patch
(it tries to automatically antialias the font, if supported).

This patch sets the antialiasing value at drawing time without
affecting the font, like the Mac/iOS ports do. This approach is
maybe less efficient than taking into account the antialiasing
value when the font platform data its created, but its a better
fit for the current cross-platform code.
I did some benchmarks (see the bug above if you are curious) and
I was unable to prove this method is less efficient than setting
the antialising value when the font platform data is created.

Test: platform/gtk/fonts/webkit-font-smoothing.html

• platform/graphics/cairo/CairoOperations.cpp:

(WebCore::Cairo::drawGlyphsToContext):
(WebCore::Cairo::drawGlyphsShadow):
(WebCore::Cairo::drawGlyphs):

• platform/graphics/cairo/CairoOperations.h:
• platform/graphics/cairo/CairoUtilities.cpp:
• platform/graphics/cairo/CairoUtilities.h:
• platform/graphics/cairo/FontCairo.cpp:

(WebCore::FontCascade::drawGlyphs):

• platform/graphics/cairo/GraphicsContextImplCairo.cpp:

(WebCore::GraphicsContextImplCairo::drawGlyphs):

• platform/graphics/nicosia/cairo/NicosiaCairoOperationRecorder.cpp:

(Nicosia::CairoOperationRecorder::drawGlyphs):

LayoutTests:

Add a regression test. This test is specific for platform gtk because
it depends on the custom fonts.conf file that its used for GTK layout
tests.

• platform/gtk/TestExpectations:
• platform/gtk/fast/css/font-smoothing-expected.png:
• platform/gtk/fonts/webkit-font-smoothing-expected.html: Added.
• platform/gtk/fonts/webkit-font-smoothing.html: Added.
• platform/wpe/TestExpectations:
• platform/wpe/fast/css/font-smoothing-expected.png: Added.

6:37 AM Changeset in webkit [254505] by youenn@apple.com

• 18 edits
  1 copy
  8 adds in trunk

Add support for MediaStream audio track rendering in GPUProcess
​https://bugs.webkit.org/show_bug.cgi?id=206175

Reviewed by Eric Carlson.

Source/WebCore:

Simplify model to use start/stop instead of setPaused.
Simplify and fix issue in computation of the muted state of the renderer.
Covered by existing tests run with GPU process enabled and manual testing

• platform/mediastream/AudioMediaStreamTrackRenderer.h:
• platform/mediastream/AudioTrackPrivateMediaStream.cpp:

(WebCore::AudioTrackPrivateMediaStream::playInternal):
(WebCore::AudioTrackPrivateMediaStream::pause):
(WebCore::AudioTrackPrivateMediaStream::audioSamplesAvailable):
(WebCore::AudioTrackPrivateMediaStream::updateRendererMutedState):

• platform/mediastream/mac/AudioMediaStreamTrackRendererCocoa.cpp:

(WebCore::AudioMediaStreamTrackRendererCocoa::start):
(WebCore::AudioMediaStreamTrackRendererCocoa::stop):
(WebCore::AudioMediaStreamTrackRendererCocoa::clear):
(WebCore::AudioMediaStreamTrackRendererCocoa::pushSamples):
(WebCore::AudioMediaStreamTrackRendererCocoa::render):

• platform/mediastream/mac/AudioMediaStreamTrackRendererCocoa.h:

Source/WebKit:

Implement an AudioMediaStreamTrackRenderer at WebKit level by creating a remote renderer in GPUProcess and sending IPC to pass
audio data as well as orders (start/stop/setMuted).

Implement the remote renderer using WebCore audio track renderer.

Enable WebKit remote renderer F GPU process for media is enabled.

• DerivedSources-input.xcfilelist:
• DerivedSources-output.xcfilelist:
• DerivedSources.make:
• GPUProcess/GPUConnectionToWebProcess.cpp:

(WebKit::GPUConnectionToWebProcess::audioTrackRendererManager):
(WebKit::GPUConnectionToWebProcess::didReceiveMessage):

• GPUProcess/GPUConnectionToWebProcess.h:
• GPUProcess/webrtc/RemoteAudioMediaStreamTrackRenderer.cpp: Added.

(WebKit::nextLogIdentifier):
(WebKit::nullLogger):
(WebKit::RemoteAudioMediaStreamTrackRenderer::RemoteAudioMediaStreamTrackRenderer):
(WebKit::RemoteAudioMediaStreamTrackRenderer::~RemoteAudioMediaStreamTrackRenderer):
(WebKit::RemoteAudioMediaStreamTrackRenderer::storage):
(WebKit::RemoteAudioMediaStreamTrackRenderer::start):
(WebKit::RemoteAudioMediaStreamTrackRenderer::stop):
(WebKit::RemoteAudioMediaStreamTrackRenderer::clear):
(WebKit::RemoteAudioMediaStreamTrackRenderer::setMuted):
(WebKit::RemoteAudioMediaStreamTrackRenderer::setVolume):
(WebKit::RemoteAudioMediaStreamTrackRenderer::audioSamplesStorageChanged):
(WebKit::RemoteAudioMediaStreamTrackRenderer::audioSamplesAvailable):

• GPUProcess/webrtc/RemoteAudioMediaStreamTrackRenderer.h: Added.
• GPUProcess/webrtc/RemoteAudioMediaStreamTrackRenderer.messages.in: Added.
• GPUProcess/webrtc/RemoteAudioMediaStreamTrackRendererManager.cpp: Added.

(WebKit::RemoteAudioMediaStreamTrackRendererManager::didReceiveRendererMessage):
(WebKit::RemoteAudioMediaStreamTrackRendererManager::createRenderer):
(WebKit::RemoteAudioMediaStreamTrackRendererManager::releaseRenderer):

• GPUProcess/webrtc/RemoteAudioMediaStreamTrackRendererManager.h: Added.

(WebKit::RemoteAudioMediaStreamTrackRendererManager::didReceiveMessageFromWebProcess):

• GPUProcess/webrtc/RemoteAudioMediaStreamTrackRendererManager.messages.in: Added.
• Scripts/webkit/messages.py:
• Sources.txt:
• SourcesCocoa.txt:
• WebKit.xcodeproj/project.pbxproj:
• WebProcess/GPU/media/RemoteMediaPlayerManager.cpp:

(WebKit::RemoteMediaPlayerManager::updatePreferences):

• WebProcess/GPU/webrtc/AudioMediaStreamTrackRenderer.cpp: Added.

(WebKit::AudioMediaStreamTrackRenderer::create):
(WebKit::AudioMediaStreamTrackRenderer::AudioMediaStreamTrackRenderer):
(WebKit::AudioMediaStreamTrackRenderer::~AudioMediaStreamTrackRenderer):
(WebKit::AudioMediaStreamTrackRenderer::start):
(WebKit::AudioMediaStreamTrackRenderer::stop):
(WebKit::AudioMediaStreamTrackRenderer::clear):
(WebKit::AudioMediaStreamTrackRenderer::setMuted):
(WebKit::AudioMediaStreamTrackRenderer::setVolume):
(WebKit::AudioMediaStreamTrackRenderer::pushSamples):
(WebKit::AudioMediaStreamTrackRenderer::storageChanged):

• WebProcess/GPU/webrtc/AudioMediaStreamTrackRenderer.h: Added.

(WebKit::AudioMediaStreamTrackRenderer::identifier const):

• WebProcess/GPU/webrtc/AudioMediaStreamTrackRendererIdentifier.h: Added.

LayoutTests:

• gpu-process/TestExpectations:

5:12 AM Changeset in webkit [254504] by Pablo Saavedra

• 1 edit
  31 adds in trunk/LayoutTests

[GTK] Many imported/w3c/web-platform-tests/html/ tests failing after r253791
​https://bugs.webkit.org/show_bug.cgi?id=206127
<rdar://problem/58555260>

Unreviewed test gardening.

• platform/gtk/imported/w3c/web-platform-tests/html/browsers/sandboxing/sandbox-parse-noscript-expected.txt: Added.
• platform/gtk/imported/w3c/web-platform-tests/html/dom/idlharness.worker-expected.txt: Added.
• platform/gtk/imported/w3c/web-platform-tests/html/dom/reflection-forms-expected.txt: Added.
• platform/gtk/imported/w3c/web-platform-tests/html/editing/editing-0/autocapitalization/autocapitalize-expected.txt: Added.
• platform/gtk/imported/w3c/web-platform-tests/html/rendering/non-replaced-elements/form-controls/resets-expected.txt: Added.
• platform/gtk/imported/w3c/web-platform-tests/html/rendering/non-replaced-elements/the-fieldset-and-legend-elements/fieldset-generated-content-expected.txt: Added.
• platform/gtk/imported/w3c/web-platform-tests/html/rendering/non-replaced-elements/the-fieldset-and-legend-elements/legend-sans-fieldset-display-expected.txt: Added.
• platform/gtk/imported/w3c/web-platform-tests/html/rendering/widgets/button-layout/abspos-expected.txt: Added.
• platform/gtk/imported/w3c/web-platform-tests/html/rendering/widgets/button-layout/grid-expected.txt: Added.
• platform/gtk/imported/w3c/web-platform-tests/html/semantics/embedded-content/media-elements/media_fragment_seek-expected.txt: Added.
• platform/gtk/imported/w3c/web-platform-tests/html/semantics/embedded-content/media-elements/video_loop_base-expected.txt: Added.
• platform/gtk/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-canvas-element/security.pattern.fillStyle.sub-expected.txt: Added.
• platform/gtk/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/iframe_sandbox_navigation_download_allow_downloads.sub.tentative-expected.txt: Added.
• platform/gtk/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/iframe_sandbox_navigation_download_block_downloads.sub.tentative-expected.txt: Added.
• platform/gtk/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-video-element/resize-during-playback-expected.txt: Added.
• platform/gtk/imported/w3c/web-platform-tests/html/semantics/scripting-1/the-script-element/json-module/valid-content-type.tentative-expected.txt: Added.
• platform/gtk/imported/w3c/web-platform-tests/html/semantics/scripting-1/the-script-element/module/integrity-expected.txt: Added.

2:16 AM Changeset in webkit [254503] by calvaris@igalia.com

• 3 edits in trunk/Source/WebCore

[GStreamer] Rework WebKitWebSrc to improve robustness
​https://bugs.webkit.org/show_bug.cgi?id=206003

Reviewed by Philippe Normand.

Reworked how the web source deals with data. It's more eager now
in pushing data downstream. We don't use the GstAdapter methods
marked as fast anymore because sometimes it was slower. The reason
why this was slower is that we can be waiting for more "fast"
(that could be retrieved with the _fast API) buffers to be
available even in cases where the queue is not empty. These other
buffers can be retrieved with the "non _fast" API.

The streaming thread locks now when it has no data to push
downstream and restarts the download if needed.

In this patch we also fixed the possible race condition of
receiving a flush during the streaming thread wait.

No new tests, just a rework.

• platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

(WebCore::MediaPlayerPrivateGStreamer::updateStates): Added FALLTHROUGH.

• platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:

(restartLoaderIfNeeded):
(stopLoaderIfNeeded): Refactored.
(webKitWebSrcCreate): Avoid adapter methods marked as fast,
otherwise we might be waiting for data we already have. Streaming
thread is now going to lock waiting for data and is more eager in
pushing data downstream.
(webKitWebSrcStop): No more queueSize.
(webKitWebSrcDoSeek):
(webKitWebSrcUnLock):
(webKitWebSrcChangeState): Notify streaming thread.
(CachedResourceStreamingClient::checkUpdateBlocksize): Blocksize
adjustment improved. With former values blocksize grew too fast
and couldn't be reduced so easily. I think now it adjusts more
quickly to the real network values.
(CachedResourceStreamingClient::dataReceived): Added rudimentary
bandwith calculation and use stopLoaderIfNeeded.

2:01 AM Changeset in webkit [254502] by commit-queue@webkit.org

• 5 edits in trunk/Source/WebCore

Always Use CAIRO_OPERATOR_SOURCE to copyRectFromOneSurfaceToAnother
​https://bugs.webkit.org/show_bug.cgi?id=206215

Patch by Tomoki Imai <Tomoki Imai> on 2020-01-14
Reviewed by Žan Doberšek.

Most of copyRectFromOneSurfaceToAnother callers passed CAIRO_OPERATOR_SOURCE not to blend.
BackingStoreBackendCairoImpl::scroll had copyRectFromOneSurfaceToAnother with the default cairoOperator CAIRO_OPERATOR_OVER,
but scrolling should use CAIRO_OPERATOR_SOURCE because there is no need to blend and it can have a performance benefit.

No new tests, covered by the existing tests.

• platform/graphics/cairo/CairoUtilities.cpp:

(WebCore::copyRectFromOneSurfaceToAnother): Use CAIRO_OPERATOR_SOURCE to copy rect.

• platform/graphics/cairo/CairoUtilities.h: Remove cairoOperator parameter from copyRectFromOneSurfaceToAnother.
• platform/graphics/cairo/GraphicsContextGLCairo.cpp:

(WebCore::GraphicsContextGLOpenGL::ImageExtractor::extractImage):

• platform/graphics/cairo/ImageBufferCairo.cpp:

(WebCore::getImageData):
(WebCore::ImageBuffer::putByteArray):

1:17 AM Changeset in webkit [254501] by youenn@apple.com

• 2 edits in trunk/Source/WebKit

CacheStorage::Engine::clearCachesForOriginFromDisk ASSERT is buggy
​https://bugs.webkit.org/show_bug.cgi?id=206057
<rdar://problem/57762994>

Reviewed by John Wilander.

The ASSERT is only valid if the engine is initialized.
It is not needed to initialize it if the plan is to remove all disk files.
Instead, update ASSERT to check that either m_salt is not there or the salt is there and the path is as expected.

• NetworkProcess/cache/CacheStorageEngine.cpp:

(WebKit::CacheStorage::Engine::clearCachesForOriginFromDirectories):

12:40 AM Changeset in webkit [254500] by ddkilzer@apple.com

• 12 edits in trunk/Source

Enable -Wconditional-uninitialized in bmalloc, WTF, JavaScriptCore
<​https://webkit.org/b/206190>
<rdar://problem/58540387>

Reviewed by Mark Lam.

Source/bmalloc:

• Configurations/Base.xcconfig:

(WARNING_CFLAGS): Add -Wconditional-uninitialized.

Source/JavaScriptCore:

Initialize stack variables to fix warnings.

• Configurations/Base.xcconfig:

(WARNING_CFLAGS): Add -Wconditional-uninitialized.

• b3/B3LowerToAir.cpp:

(LowerToAir::appendCAS):

• b3/testb3_4.cpp:

(testLoadAddrShift):

• ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileCheckStructureOrEmpty):
Move declaration of notEmpty into if block since it's not used
outside that scope.
(JSC::FTL::DFG::LowerDFGToB3::compileCallDOMGetter):

• ftl/FTLThunks.cpp:

(JSC::FTL::registerClobberCheck):

• wasm/js/WebAssemblyTablePrototype.cpp:

(JSC::webAssemblyTableProtoFuncSet):
variables.

• wasm/WasmFunctionParser.h:

(JSC::Wasm::FunctionParser<Context>::parseBody):

Source/WTF:

• Configurations/Base.xcconfig:

(WARNING_CFLAGS): Add -Wconditional-uninitialized.

12:16 AM Changeset in webkit [254499] by eric.carlson@apple.com

• 20 edits
  2 copies
  2 adds in trunk

Expose video tracks for media files in the GPUProcess
​https://bugs.webkit.org/show_bug.cgi?id=206209
<rdar://problem/58553026>

Reviewed by Jer Noble.

Source/WebCore:

No new tests, un-skipped existing tests that pass because of this change.

• platform/graphics/VideoTrackPrivate.h:

Source/WebKit:

• GPUProcess/media/RemoteAudioTrackProxy.cpp:

(WebKit::RemoteAudioTrackProxy::configuration):

• GPUProcess/media/RemoteMediaPlayerManagerProxy.cpp:

(WebKit::RemoteMediaPlayerManagerProxy::videoTrackSetSelected):

• GPUProcess/media/RemoteMediaPlayerManagerProxy.h:
• GPUProcess/media/RemoteMediaPlayerManagerProxy.messages.in:
• GPUProcess/media/RemoteMediaPlayerProxy.cpp:

(WebKit::RemoteMediaPlayerProxy::mediaPlayerDidAddVideoTrack):
(WebKit::RemoteMediaPlayerProxy::mediaPlayerDidRemoveVideoTrack):
(WebKit::RemoteMediaPlayerProxy::videoTrackSetSelected):

• GPUProcess/media/RemoteMediaPlayerProxy.h:
• GPUProcess/media/RemoteVideoTrackProxy.cpp: Copied from Source/WebKit/GPUProcess/media/RemoteAudioTrackProxy.cpp.

(WebKit::RemoteVideoTrackProxy::RemoteVideoTrackProxy):
(WebKit::RemoteVideoTrackProxy::configuration):
(WebKit::RemoteVideoTrackProxy::configurationChanged):
(WebKit::RemoteVideoTrackProxy::willRemove):
(WebKit::RemoteVideoTrackProxy::selectedChanged):
(WebKit::RemoteVideoTrackProxy::idChanged):
(WebKit::RemoteVideoTrackProxy::labelChanged):
(WebKit::RemoteVideoTrackProxy::languageChanged):

• GPUProcess/media/RemoteVideoTrackProxy.h: Added.
• GPUProcess/media/TrackPrivateRemoteConfiguration.h:

(WebKit::TrackPrivateRemoteConfiguration::encode const):
(WebKit::TrackPrivateRemoteConfiguration::decode):

• NetworkProcess/cache/CacheStorageEngine.cpp:

(WebKit::CacheStorage::Engine::clearCachesForOriginFromDirectories):

• Sources.txt:
• WebKit.xcodeproj/project.pbxproj:
• WebProcess/GPU/media/AudioTrackPrivateRemote.cpp:

(WebKit::AudioTrackPrivateRemote::updateConfiguration):

• WebProcess/GPU/media/MediaPlayerPrivateRemote.cpp:

(WebKit::MediaPlayerPrivateRemote::addRemoteVideoTrack):
(WebKit::MediaPlayerPrivateRemote::removeRemoteVideoTrack):
(WebKit::MediaPlayerPrivateRemote::remoteVideoTrackConfigurationChanged):

• WebProcess/GPU/media/MediaPlayerPrivateRemote.h:
• WebProcess/GPU/media/RemoteMediaPlayerManager.cpp:

(WebKit::RemoteMediaPlayerManager::addRemoteVideoTrack):
(WebKit::RemoteMediaPlayerManager::removeRemoteVideoTrack):
(WebKit::RemoteMediaPlayerManager::remoteVideoTrackConfigurationChanged):

• WebProcess/GPU/media/RemoteMediaPlayerManager.h:
• WebProcess/GPU/media/RemoteMediaPlayerManager.messages.in:
• WebProcess/GPU/media/RemoteVideoTrackProxy.cpp: Copied from Source/WebKit/GPUProcess/media/RemoteAudioTrackProxy.cpp.

(WebKit::RemoteVideoTrackProxy::RemoteVideoTrackProxy):
(WebKit::RemoteVideoTrackProxy::configuration):
(WebKit::RemoteVideoTrackProxy::configurationChanged):
(WebKit::RemoteVideoTrackProxy::willRemove):
(WebKit::RemoteVideoTrackProxy::selectedChanged):
(WebKit::RemoteVideoTrackProxy::idChanged):
(WebKit::RemoteVideoTrackProxy::labelChanged):
(WebKit::RemoteVideoTrackProxy::languageChanged):

• WebProcess/GPU/media/RemoteVideoTrackProxy.h: Added.
• WebProcess/GPU/media/VideoTrackPrivateRemote.cpp: Copied from Source/WebKit/WebProcess/GPU/media/AudioTrackPrivateRemote.cpp.

(WebKit::VideoTrackPrivateRemote::VideoTrackPrivateRemote):
(WebKit::VideoTrackPrivateRemote::setSelected):
(WebKit::VideoTrackPrivateRemote::updateConfiguration):

• WebProcess/GPU/media/VideoTrackPrivateRemote.h: Added.

(WebKit::VideoTrackPrivateRemote::create):

LayoutTests:

• gpu-process/TestExpectations:

Jan 13, 2020:

11:55 PM Changeset in webkit [254498] by Alexey Shvayka

• 4 edits in trunk

<iframe> attributes should be processed on "srcdoc" attribute removal
​https://bugs.webkit.org/show_bug.cgi?id=205995

Reviewed by Darin Adler.

LayoutTests/imported/w3c:

• web-platform-tests/html/semantics/embedded-content/the-iframe-element/srcdoc_process_attributes-expected.txt:

Source/WebCore:

Test: imported/w3c/web-platform-tests/html/semantics/embedded-content/the-iframe-element/srcdoc_process_attributes.html

Per spec, "srcdoc" attribute of an <iframe> takes precedence over "src" [1].
Before this change, "srcdoc" handling in HTMLFrameElementBase::parseAttribute didn't check whether
the attribute was set or removed. As a result, removal of "srcdoc" attribute navigated the <iframe>
to "about:srcdoc" instead of URL in value of "src" attribute.

With this change, <iframe> attributes processing matches Chrome and Firefox.

[1] ​https://html.spec.whatwg.org/multipage/iframe-embed-object.html#process-the-iframe-attributes

• html/HTMLFrameElementBase.cpp:

(WebCore::HTMLFrameElementBase::parseAttribute):

11:18 PM Changeset in webkit [254497] by Simon Fraser

• 5 edits
  2 adds in trunk

REGRESSION (Catalina) non-scrolling iframe prevents document scrolling
​https://bugs.webkit.org/show_bug.cgi?id=202687

Reviewed by Tim Horton.

Source/WebCore:

Latching code in EventHandlerMac would consider <iframe scrolling=no> to be a latching
candidate, which would cause mousewheel scrolling in a <iframe scrolling=no> nested inside
a scrollable frame to not scroll. This affected ads and twitch.tv.

Fix by having scrolledToEdgeInDominantDirection() return true for non-scrollable iframes.

Test: tiled-drawing/scrolling/scrolling-no-iframe-latching.html

• page/mac/EventHandlerMac.mm:

(WebCore::scrolledToEdgeInDominantDirection):

• platform/ScrollView.h:

(WebCore::ScrollView::canHaveScrollbars const): Deleted.

• platform/ScrollableArea.h:

(WebCore::ScrollableArea::canHaveScrollbars const):

LayoutTests:

• tiled-drawing/scrolling/scrolling-no-iframe-latching-expected.txt: Added.
• tiled-drawing/scrolling/scrolling-no-iframe-latching.html: Added.

11:03 PM Changeset in webkit [254496] by sbarati@apple.com

• 2 edits in trunk/JSTests

Unreviewed. Change useLLInt=0 to forceBaseline=1

• stress/racy-gc-cleanup-of-identifier-after-mutator-stops-running.js:

10:41 PM Changeset in webkit [254495] by don.olmstead@sony.com

• 2 edits in trunk/Source/WebKit

[WebAuthn] Support CTAP Client Pin
​https://bugs.webkit.org/show_bug.cgi?id=191516
<rdar://problem/56558558>

Unreviewed build fix after r254439.

CryptoKeyEC was forward declared into WebCore but the namespace was not used in
continueGetPinTokenAfterRequestPin. Looks like something in the unified sources
was covering this issue.

• UIProcess/WebAuthentication/fido/CtapAuthenticator.h:

10:24 PM Changeset in webkit [254494] by Ross Kirsling

• 3 edits in trunk/Source/WebKit

Expose Phase on all WebWheelEvent implementations
​https://bugs.webkit.org/show_bug.cgi?id=206195

Reviewed by Don Olmstead.

No change to behavior; just unhide what needn't be hidden.

• Shared/WebEvent.h:

(WebKit::WebWheelEvent::directionInvertedFromDevice const):
(WebKit::WebWheelEvent::momentumPhase const):

• Shared/WebWheelEvent.cpp:

(WebKit::WebWheelEvent::WebWheelEvent):

9:56 PM Changeset in webkit [254493] by Fujii Hironori

• 4 edits in trunk

Unreviewed sort-Xcode-project-file

Source/JavaScriptCore:

• JavaScriptCore.xcodeproj/project.pbxproj:

Tools:

• TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:

9:40 PM Changeset in webkit [254492] by Simon Fraser

• 4 edits in trunk

Scrollbar hiding on iOS via ::-webkit-scrollbar { display: none } doesn't work
​https://bugs.webkit.org/show_bug.cgi?id=206197

Reviewed by Tim Horton.
Source/WebCore:

The logic added in r251369 was reversed, causing scrollbar hiding to not work correctly.

Tested by fast/scrolling/ios/scrollbar-hiding.html

• rendering/RenderScrollbar.cpp:

(WebCore::RenderScrollbar::isHiddenByStyle const):

LayoutTests:

The logic added in r251369 was reversed, causing scrollbar hiding to not work correctly.

• fast/scrolling/ios/scrollbar-hiding-expected.txt:

9:24 PM Changeset in webkit [254491] by keith_miller@apple.com

• 4 edits
  1 add in trunk

scanSideState scans too much side state
​https://bugs.webkit.org/show_bug.cgi?id=206166

Reviewed by Tadeu Zagallo.

JSTests:

• stress/checkpoint-side-state-gc-tmps-overflow.js: Added.

(v8):

Source/JavaScriptCore:

The old code would would scan tmps + sizeof(tmps) but sizeof(tmps)
is not the length of the array. instead we should scan tmps +
maxNumCheckpointTmps.

• interpreter/CheckpointOSRExitSideState.h:
• runtime/VM.cpp:

(JSC::VM::scanSideState const):

9:09 PM Changeset in webkit [254490] by jer.noble@apple.com

• 2 edits in trunk/Source/WebCore

[WK1][iOS] VideoFullscreenControllerContext uses UIKit on the WebThread
​https://bugs.webkit.org/show_bug.cgi?id=206203
<rdar://problem/48742782>

Reviewed by Simon Fraser.

• platform/ios/WebVideoFullscreenControllerAVKit.mm:

(VideoFullscreenControllerContext::setVideoLayerFrame):

8:53 PM Changeset in webkit [254489] by don.olmstead@sony.com

• 8 edits
  1 move
  2 deletes in trunk/Source/WebKit

Share WebPreferences stub for ports without an implementation
​https://bugs.webkit.org/show_bug.cgi?id=206186

Reviewed by Alex Christensen.

No new tests. No change in behavior.

Moved the platform agnostic stubs that were common in the GTK, WPE and Windows ports
into WebPreferences.cpp. Only Cocoa ports are implementing the platform specific parts
of WebPreferences.

Also moving WebPreferencesMac.mm to WebPreferencesCocoa.mm. There were no platform guards
for iOS family code and there was no iOS specific implementation.

• PlatformFTW.cmake:
• PlatformWin.cmake:
• SourcesCocoa.txt:
• SourcesWPE.txt:
• UIProcess/Cocoa/WebPreferencesCocoa.mm: Renamed from Source/WebKit/UIProcess/mac/WebPreferencesMac.mm.
• UIProcess/WebPreferences.cpp:

(WebKit::WebPreferences::platformInitializeStore):
(WebKit::WebPreferences::platformUpdateStringValueForKey):
(WebKit::WebPreferences::platformUpdateBoolValueForKey):
(WebKit::WebPreferences::platformUpdateUInt32ValueForKey):
(WebKit::WebPreferences::platformUpdateDoubleValueForKey):
(WebKit::WebPreferences::platformUpdateFloatValueForKey):
(WebKit::WebPreferences::platformDeleteKey):
(WebKit::WebPreferences::platformGetStringUserValueForKey):
(WebKit::WebPreferences::platformGetBoolUserValueForKey):
(WebKit::WebPreferences::platformGetUInt32UserValueForKey):
(WebKit::WebPreferences::platformGetDoubleUserValueForKey):

• UIProcess/gtk/WebPreferencesGtk.cpp:

(WebKit::WebPreferences::platformUpdateStringValueForKey): Deleted.
(WebKit::WebPreferences::platformUpdateBoolValueForKey): Deleted.
(WebKit::WebPreferences::platformUpdateUInt32ValueForKey): Deleted.
(WebKit::WebPreferences::platformUpdateDoubleValueForKey): Deleted.
(WebKit::WebPreferences::platformUpdateFloatValueForKey): Deleted.
(WebKit::WebPreferences::platformDeleteKey): Deleted.
(WebKit::WebPreferences::platformGetStringUserValueForKey): Deleted.
(WebKit::WebPreferences::platformGetBoolUserValueForKey): Deleted.
(WebKit::WebPreferences::platformGetUInt32UserValueForKey): Deleted.
(WebKit::WebPreferences::platformGetDoubleUserValueForKey): Deleted.

• UIProcess/win/WebPreferencesWin.cpp: Removed.
• UIProcess/wpe/WebPreferencesWPE.cpp: Removed.
• WebKit.xcodeproj/project.pbxproj:

8:37 PM Changeset in webkit [254488] by Jon Davis

• 1 edit
  3 adds in trunk/Websites/webkit.org

Add support for Web Inspector pages and topic taxonomy
​https://bugs.webkit.org/show_bug.cgi?id=206034

Reviewed by Devin Rousso.

• wp-content/plugins/web-inspector-pages.php: Added.
• wp-content/themes/webkit/archive-web_inspector_page.php: Added.
• wp-content/themes/webkit/single-web_inspector_page.php: Added.

8:21 PM Changeset in webkit [254487] by Keith Rollin

• 3 edits in trunk/Source/WebKit

Reformat WebProcessPool logging
​https://bugs.webkit.org/show_bug.cgi?id=205882
<rdar://problem/58384349>

Reviewed by Brent Fulgham.

Update the format used by WebProcessPool in its RELEASE_LOG logging.
Use the format used by WebPageProxy and NetworkResourceLoader, which
is generally of the form:

<object-address> - [<values that help thread together operations>] <class>::<method>: <message and other useful values>

So, for example:

Using prewarmed process 0

becomes:

0x7f81e8804008 - WebProcessPool::processForRegistrableDomain: Using prewarmed process (process=0x1471c2a00, PID=64197)

No new tests - no added or changed functionality.

• UIProcess/Cocoa/WebProcessPoolCocoa.mm:

(WebKit::WebProcessPool::applicationIsAboutToSuspend):

• UIProcess/WebProcessPool.cpp:

(WebKit::WebProcessPool::establishWorkerContextConnectionToNetworkProcess):
(WebKit::WebProcessPool::tryTakePrewarmedProcess):
(WebKit::WebProcessPool::prewarmProcess):
(WebKit::WebProcessPool::processForRegistrableDomain):
(WebKit::WebProcessPool::didReachGoodTimeToPrewarm):
(WebKit::WebProcessPool::handleMemoryPressureWarning):
(WebKit::WebProcessPool::processForNavigation):
(WebKit::WebProcessPool::processForNavigationInternal):
(WebKit::WebProcessPool::setWebProcessHasUploads):
(WebKit::WebProcessPool::clearWebProcessHasUploads):
(WebKit::WebProcessPool::setWebProcessIsPlayingAudibleMedia):
(WebKit::WebProcessPool::clearWebProcessIsPlayingAudibleMedia):
(WebKit::WebProcessPool::setUseSeparateServiceWorkerProcess):

8:05 PM Changeset in webkit [254486] by Pablo Saavedra

• 11 edits in trunk/LayoutTests

[GTK] Many imported/w3c/web-platform-tests/html/ tests failing after r253791
​https://bugs.webkit.org/show_bug.cgi?id=206127

Reviewed by Philippe Normand.

LayoutTests/imported/w3c:

• web-platform-tests/html/semantics/embedded-content/media-elements/ready-states/autoplay-with-slow-text-tracks-expected.txt:

LayoutTests:

• platform/gtk/TestExpectations:
• platform/gtk/imported/w3c/web-platform-tests/html/dom/idlharness.https-expected.txt:
• platform/gtk/imported/w3c/web-platform-tests/html/semantics/forms/the-form-element/form-autocomplete-expected.txt:
• platform/gtk/imported/w3c/web-platform-tests/html/semantics/interactive-elements/the-dialog-element/dialog-showModal-expected.txt:
• platform/gtk/imported/w3c/web-platform-tests/html/semantics/interfaces-expected.txt:
• platform/wpe/TestExpectations:
• platform/wpe/imported/w3c/web-platform-tests/html/dom/reflection-forms-expected.txt:
• platform/wpe/imported/w3c/web-platform-tests/html/semantics/interactive-elements/the-dialog-element/dialog-showModal-expected.txt:

7:44 PM Changeset in webkit [254485] by Devin Rousso

• 3 edits in trunk/Source/WebInspectorUI

Web Inspector: "Enable Local Override" and "Delete Local Override" are displayed twice in the contextual menu
​https://bugs.webkit.org/show_bug.cgi?id=206184
<rdar://problem/58409880>

Reviewed by Brian Burg.

• UserInterface/Views/ContextMenuUtilities.js:

(WI.appendContextMenuItemsForSourceCode):

• UserInterface/Views/LocalResourceOverrideTreeElement.js:

(WI.LocalResourceOverrideTreeElement.prototype.populateContextMenu):
Add an expando flag that can be set by WI.LocalResourceOverrideTreeElement to ensure that
the local override context menu items aren't added again by WI.ResourceTreeElement.

7:28 PM Changeset in webkit [254484] by Alan Bujtas

• 3 edits
  2 adds in trunk

RenderTreeBuilder::Block::attachIgnoringContinuation should handle inline-block anonymous containers.
​https://bugs.webkit.org/show_bug.cgi?id=202913
<rdar://problem/56233694>

Reviewed by Simon Fraser.

Source/WebCore:

When the before child happens to be a block level box wrapped in an anonymous inline-block (e.g. ruby),
let's attach this new child before the anonymous inline-block wrapper instead.

Test: fast/ruby/before-child-is-block-after.html

• rendering/updating/RenderTreeBuilderBlock.cpp:

(WebCore::RenderTreeBuilder::Block::attachIgnoringContinuation):

LayoutTests:

• fast/ruby/before-child-is-block-after-expected.txt: Added.
• fast/ruby/before-child-is-block-after.html: Added.

7:18 PM Changeset in webkit [254483] by Darin Adler

• 8 edits in trunk/Source/WebCore

Remove the "needsFullOrderingComparisons" feature from PODRedBlackTree
​https://bugs.webkit.org/show_bug.cgi?id=205238

Reviewed by Sam Weinig.

• html/HTMLMediaElement.cpp:

(WebCore::HTMLMediaElement::updateActiveTextTrackCues): Simplified code and
eliminate uses of the createInterval function to construct PODInterval objects.
(WebCore::HTMLMediaElement::textTrackAddCue): Ditto.
(WebCore::HTMLMediaElement::textTrackRemoveCue): Ditto.

• html/HTMLMediaElement.h: Removed unnecessary include of PODInterval.h.

• html/shadow/MediaControlElements.cpp: Added include of PODInterval.h.

• platform/PODInterval.h: Changed operator< to compare low, high, and user

data, not just low and high so it's consistent with operator== and we
can use it to search a tree. Added a partial specialization for WeakPtr
since a WeakPtr's value can change (to null) so it can't be used for
ordering and equality checks; luckily the clients don't need to use it
that way; they build an interval tree but never search for anything or
remove anything from the tree.

• platform/PODIntervalTree.h: Make the search adapter used to find overlaps

a member class instead of a top level class template and simplified it a bit.
Removed the unneeded createInterval function. Stopped passing true for
"needsFullOrderingComparisons" since it's not needed any more due to the
changes to PODInterval.

• platform/PODRedBlackTree.h: Removed the "needsFullOrderingComparisons"

template argument for the PODRedBlackTree class template.
(WebCore::PODRedBlackTree::Node::moveDataFrom): Take a reference (why not,
since this always requires a non-null pointer).
(WebCore::PODRedBlackTree::updateNode): Ditto.
(WebCore::PODRedBlackTree::treeSearch const): Merged the three search
functions into a single one since we don't need the peculiar
"full comparisons" mode.
(WebCore::PODRedBlackTree::propagateUpdates): Simplified logic to remove
the boolean local variable.
(WebCore::PODRedBlackTree::dumpSubtree const): Renamed from dumpFromNode
since the comment said "dumps the subtree". Also removed the comment now
that the function name says what it said.

• rendering/FloatingObjects.h: Removed unnecessary include of PODInterval.h.

7:15 PM Changeset in webkit [254482] by wilander@apple.com

• 3 edits in trunk/LayoutTests

Remove calls to testRunner.installStatisticsDidModifyDataRecordsCallback() in http/tests/resourceLoadStatistics/classify-as-non-prevalent-based-on-sub-frame-under-top-frame-origins*
​https://bugs.webkit.org/show_bug.cgi?id=206188
<rdar://problem/58540033>

Unreviewed test gardening.

Removed the calls to testRunner.installStatisticsDidModifyDataRecordsCallback()
to address flakiness.

• http/tests/resourceLoadStatistics/classify-as-non-prevalent-based-on-sub-frame-under-top-frame-origins-database.html:
• http/tests/resourceLoadStatistics/classify-as-non-prevalent-based-on-sub-frame-under-top-frame-origins.html:

6:34 PM Changeset in webkit [254481] by Justin Fan

• 19 edits in trunk

[WebGL 2] Implement transform feedback and pass transform feedback conformance tests
​https://bugs.webkit.org/show_bug.cgi?id=205823

Reviewed by Dean Jackson.

Source/WebCore:

Covered by webgl/2.0.0/conformance2/transform_feedback conformance tests.

• bindings/js/JSDOMConvertWebGL.cpp:

(WebCore::convertToJSValue):

• html/canvas/WebGL2RenderingContext.cpp:

(WebCore::WebGL2RenderingContext::WebGL2RenderingContext):
(WebCore::WebGL2RenderingContext::~WebGL2RenderingContext):
(WebCore::WebGL2RenderingContext::initializeTransformFeedbackBufferCache):
(WebCore::WebGL2RenderingContext::getBufferSubData): ANGLE validation in mapBufferRange may fail; prevent copying from a nullptr.
(WebCore::WebGL2RenderingContext::vertexAttribIPointer):

Bare minimum stubs to get WebGLQuery passing transform_feedback tests:
(WebCore::WebGL2RenderingContext::createQuery):
(WebCore::WebGL2RenderingContext::beginQuery):
(WebCore::WebGL2RenderingContext::endQuery):
(WebCore::WebGL2RenderingContext::getQueryParameter):
(WebCore::WebGLQuery::WebGLQuery):

• html/canvas/WebGLQuery.h:

Transform feedback functions:
(WebCore::WebGL2RenderingContext::createTransformFeedback):
(WebCore::WebGL2RenderingContext::deleteTransformFeedback):
(WebCore::WebGL2RenderingContext::isTransformFeedback):
(WebCore::WebGL2RenderingContext::bindTransformFeedback):
(WebCore::WebGL2RenderingContext::beginTransformFeedback):
(WebCore::WebGL2RenderingContext::endTransformFeedback):
(WebCore::WebGL2RenderingContext::transformFeedbackVaryings):
(WebCore::WebGL2RenderingContext::getTransformFeedbackVarying):

• html/canvas/WebGLTransformFeedback.cpp:

(WebCore::WebGLTransformFeedback::WebGLTransformFeedback):
(WebCore::WebGLTransformFeedback::deleteObjectImpl):

Misc functions that needed added functionality:
(WebCore::WebGL2RenderingContext::bindBufferBase):
(WebCore::WebGL2RenderingContext::getIndexedParameter):
(WebCore::WebGL2RenderingContext::getParameter):

Helper functions to track WebGL2 state/objects:
(WebCore::WebGL2RenderingContext::uncacheDeletedBuffer):

• html/canvas/WebGL2RenderingContext.h:
• html/canvas/WebGLAny.h:
• html/canvas/WebGLBuffer.cpp:

(WebCore::WebGLBuffer::setTarget):

• html/canvas/WebGLBuffer.h:
• html/canvas/WebGLQuery.cpp:
• html/canvas/WebGLRenderingContextBase.cpp:

(WebCore::WebGLRenderingContextBase::validateAndCacheBufferBinding):
(WebCore::WebGLRenderingContextBase::bindBuffer):
(WebCore::WebGLRenderingContextBase::uncacheDeletedBuffer):
(WebCore::WebGLRenderingContextBase::deleteBuffer):
(WebCore::WebGLRenderingContextBase::getProgramParameter):

• html/canvas/WebGLRenderingContextBase.h:

Pipe new GraphicsContextGL methods to ANGLE:

• platform/graphics/GraphicsContextGL.h:
• platform/graphics/angle/GraphicsContextGLANGLE.cpp:

(WebCore::GraphicsContextGLOpenGL::vertexAttribIPointer):
(WebCore::GraphicsContextGLOpenGL::createQuery):
(WebCore::GraphicsContextGLOpenGL::beginQuery):
(WebCore::GraphicsContextGLOpenGL::endQuery):
(WebCore::GraphicsContextGLOpenGL::getQueryObjectuiv):
(WebCore::GraphicsContextGLOpenGL::createTransformFeedback):
(WebCore::GraphicsContextGLOpenGL::deleteTransformFeedback):
(WebCore::GraphicsContextGLOpenGL::isTransformFeedback):
(WebCore::GraphicsContextGLOpenGL::bindTransformFeedback):
(WebCore::GraphicsContextGLOpenGL::beginTransformFeedback):
(WebCore::GraphicsContextGLOpenGL::endTransformFeedback):
(WebCore::GraphicsContextGLOpenGL::transformFeedbackVaryings):
(WebCore::GraphicsContextGLOpenGL::getTransformFeedbackVarying):
(WebCore::GraphicsContextGLOpenGL::bindBufferBase):

Add missing unrelated GraphicsContextGL stubs for ANGLE builds:

• platform/graphics/angle/GraphicsContextGLANGLE.cpp:

(WebCore::GraphicsContextGLOpenGL::vertexAttribIPointer):
(WebCore::GraphicsContextGLOpenGL::getUniformBlockIndex):
(WebCore::GraphicsContextGLOpenGL::getActiveUniformBlockiv):
(WebCore::GraphicsContextGLOpenGL::getActiveUniformBlockName):
(WebCore::GraphicsContextGLOpenGL::uniformBlockBinding):
(WebCore::GraphicsContextGLOpenGL::createQuery):
(WebCore::GraphicsContextGLOpenGL::beginQuery):
(WebCore::GraphicsContextGLOpenGL::endQuery):
(WebCore::GraphicsContextGLOpenGL::getQueryObjectuiv):
(WebCore::GraphicsContextGLOpenGL::createTransformFeedback):
(WebCore::GraphicsContextGLOpenGL::deleteTransformFeedback):
(WebCore::GraphicsContextGLOpenGL::isTransformFeedback):
(WebCore::GraphicsContextGLOpenGL::bindTransformFeedback):
(WebCore::GraphicsContextGLOpenGL::beginTransformFeedback):
(WebCore::GraphicsContextGLOpenGL::endTransformFeedback):
(WebCore::GraphicsContextGLOpenGL::transformFeedbackVaryings):
(WebCore::GraphicsContextGLOpenGL::getTransformFeedbackVarying):
(WebCore::GraphicsContextGLOpenGL::bindBufferBase):
(WebCore::GraphicsContextGLOpenGL::bufferData):
(WebCore::GraphicsContextGLOpenGL::bufferSubData):
(WebCore::GraphicsContextGLOpenGL::getBufferSubData):
(WebCore::GraphicsContextGLOpenGL::blitFramebuffer):
(WebCore::GraphicsContextGLOpenGL::framebufferTextureLayer):
(WebCore::GraphicsContextGLOpenGL::invalidateFramebuffer):
(WebCore::GraphicsContextGLOpenGL::invalidateSubFramebuffer):
(WebCore::GraphicsContextGLOpenGL::readBuffer):
(WebCore::GraphicsContextGLOpenGL::texImage3D):
(WebCore::GraphicsContextGLOpenGL::texSubImage3D):
(WebCore::GraphicsContextGLOpenGL::copyTexSubImage3D):
(WebCore::GraphicsContextGLOpenGL::compressedTexImage3D):
(WebCore::GraphicsContextGLOpenGL::compressedTexSubImage3D):
(WebCore::GraphicsContextGLOpenGL::getFragDataLocation):
(WebCore::GraphicsContextGLOpenGL::uniform1ui):
(WebCore::GraphicsContextGLOpenGL::uniform2ui):
(WebCore::GraphicsContextGLOpenGL::uniform3ui):
(WebCore::GraphicsContextGLOpenGL::uniform4ui):
(WebCore::GraphicsContextGLOpenGL::uniform1uiv):
(WebCore::GraphicsContextGLOpenGL::uniform2uiv):
(WebCore::GraphicsContextGLOpenGL::uniform3uiv):
(WebCore::GraphicsContextGLOpenGL::uniform4uiv):
(WebCore::GraphicsContextGLOpenGL::uniformMatrix2x3fv):
(WebCore::GraphicsContextGLOpenGL::uniformMatrix3x2fv):
(WebCore::GraphicsContextGLOpenGL::uniformMatrix2x4fv):
(WebCore::GraphicsContextGLOpenGL::uniformMatrix4x2fv):
(WebCore::GraphicsContextGLOpenGL::uniformMatrix3x4fv):
(WebCore::GraphicsContextGLOpenGL::uniformMatrix4x3fv):
(WebCore::GraphicsContextGLOpenGL::vertexAttribI4i):
(WebCore::GraphicsContextGLOpenGL::vertexAttribI4iv):
(WebCore::GraphicsContextGLOpenGL::vertexAttribI4ui):
(WebCore::GraphicsContextGLOpenGL::vertexAttribI4uiv):
(WebCore::GraphicsContextGLOpenGL::drawRangeElements):
(WebCore::GraphicsContextGLOpenGL::drawBuffers):
(WebCore::GraphicsContextGLOpenGL::clearBufferiv):
(WebCore::GraphicsContextGLOpenGL::clearBufferuiv):
(WebCore::GraphicsContextGLOpenGL::clearBufferfv):
(WebCore::GraphicsContextGLOpenGL::clearBufferfi):
(WebCore::GraphicsContextGLOpenGL::deleteQuery):
(WebCore::GraphicsContextGLOpenGL::isQuery):
(WebCore::GraphicsContextGLOpenGL::getQuery):
(WebCore::GraphicsContextGLOpenGL::createSampler):
(WebCore::GraphicsContextGLOpenGL::deleteSampler):
(WebCore::GraphicsContextGLOpenGL::isSampler):
(WebCore::GraphicsContextGLOpenGL::bindSampler):
(WebCore::GraphicsContextGLOpenGL::samplerParameteri):
(WebCore::GraphicsContextGLOpenGL::samplerParameterf):
(WebCore::GraphicsContextGLOpenGL::getSamplerParameterfv):
(WebCore::GraphicsContextGLOpenGL::getSamplerParameteriv):
(WebCore::GraphicsContextGLOpenGL::fenceSync):
(WebCore::GraphicsContextGLOpenGL::isSync):
(WebCore::GraphicsContextGLOpenGL::deleteSync):
(WebCore::GraphicsContextGLOpenGL::clientWaitSync):
(WebCore::GraphicsContextGLOpenGL::waitSync):
(WebCore::GraphicsContextGLOpenGL::getSynciv):
(WebCore::GraphicsContextGLOpenGL::pauseTransformFeedback):
(WebCore::GraphicsContextGLOpenGL::resumeTransformFeedback):
(WebCore::GraphicsContextGLOpenGL::bindBufferRange):
(WebCore::GraphicsContextGLOpenGL::getUniformIndices):
(WebCore::GraphicsContextGLOpenGL::texImage2D):
(WebCore::GraphicsContextGLOpenGL::texSubImage2D):
(WebCore::GraphicsContextGLOpenGL::compressedTexImage2D):
(WebCore::GraphicsContextGLOpenGL::compressedTexSubImage2D):
(WebCore::GraphicsContextGLOpenGL::uniform1fv):
(WebCore::GraphicsContextGLOpenGL::uniform2fv):
(WebCore::GraphicsContextGLOpenGL::uniform3fv):
(WebCore::GraphicsContextGLOpenGL::uniform4fv):
(WebCore::GraphicsContextGLOpenGL::uniform1iv):
(WebCore::GraphicsContextGLOpenGL::uniform2iv):
(WebCore::GraphicsContextGLOpenGL::uniform3iv):
(WebCore::GraphicsContextGLOpenGL::uniform4iv):
(WebCore::GraphicsContextGLOpenGL::uniformMatrix2fv):
(WebCore::GraphicsContextGLOpenGL::uniformMatrix3fv):
(WebCore::GraphicsContextGLOpenGL::uniformMatrix4fv):
(WebCore::GraphicsContextGLOpenGL::readPixels):

• platform/graphics/opengl/GraphicsContextGLOpenGL.h:
• platform/graphics/opengl/GraphicsContextGLOpenGLCommon.cpp:

(WebCore::GraphicsContextGLOpenGL::getQueryObjectuiv):
(WebCore::GraphicsContextGLOpenGL::getTransformFeedbackVarying):
(WebCore::GraphicsContextGLOpenGL::glGetQueryObjectuiv): Deleted.

LayoutTests:

Add passing results for transform_feedback, as expected when ANGLE is enabled.

• webgl/2.0.0/conformance2/transform_feedback/two-unreferenced-varyings-expected.txt:
• webgl/2.0.0/conformance2/transform_feedback/unwritten-output-defaults-to-zero-expected.txt:

5:43 PM Changeset in webkit [254480] by sbarati@apple.com

• 25 edits in trunk

Throw away baseline code if there is an optimized replacement
​https://bugs.webkit.org/show_bug.cgi?id=202503

Reviewed by Yusuke Suzuki.

JSTests:

• stress/dfg-compare-eq-via-nonSpeculativeNonPeepholeCompareNullOrUndefined.js:
• stress/getter-setter-inlining-should-emit-movhint.js:
• stress/make-dictionary-repatch.js:
• stress/merging-ic-variants-should-bail-if-structures-overlap.js:
• stress/proxy-getter-stack-overflow.js:
• stress/regress-192717.js:
• stress/retry-cache-later.js:

Source/JavaScriptCore:

This patch's goal is to help us save JIT executable memory by throwing
away baseline code when it has an optimized replacement. To make it
easy to reason about, we do this when finalizing a GC, and when the
CodeBlock is not on the stack. When we do this, we throw away all JIT
data and unlink all incoming calls.

This patch also paves the way for the LOL tier by making it so we always
exit to the LLInt. This allows the code in CodeBlock finalization to not
have to consider whether or not an an OSR exit is wired to baseline
JIT code, since all exits are now to the LLInt. Because of this, this
patch removes the forceOSRExitToLLInt option. Also, this patch renames
the useLLInt option to forceBaseline and inverts its meaning.
Options::forceBaseline=true implies that code will start off executing in
the baseline JIT instead of the LLInt. However, it won't prevent us from
emitting an OSR exit which jumps to LLInt code.

• API/tests/ExecutionTimeLimitTest.cpp:

(testExecutionTimeLimit):

• API/tests/PingPongStackOverflowTest.cpp:

(testPingPongStackOverflow):

• bytecode/CodeBlock.cpp:

(JSC::CodeBlock::finishCreation):
(JSC::CodeBlock::finalizeUnconditionally):
(JSC::CodeBlock::resetJITData):
(JSC::CodeBlock::optimizedReplacement):
(JSC::CodeBlock::hasOptimizedReplacement):
(JSC::CodeBlock::tallyFrequentExitSites):
(JSC::CodeBlock::findStubInfo): Deleted.
(JSC::CodeBlock::getCallLinkInfoForBytecodeIndex): Deleted.

• bytecode/CodeBlock.h:

(JSC::CodeBlock::setJITCode):

• dfg/DFGDriver.cpp:

(JSC::DFG::compileImpl):

• dfg/DFGOSRExitCompilerCommon.cpp:

(JSC::DFG::callerReturnPC):
(JSC::DFG::reifyInlinedCallFrames):
(JSC::DFG::adjustAndJumpToTarget):

• dfg/DFGOSRExitCompilerCommon.h:
• heap/CodeBlockSet.cpp:

(JSC::CodeBlockSet::isCurrentlyExecuting):

• heap/CodeBlockSet.h:
• heap/Heap.cpp:

(JSC::Heap::finalizeUnconditionalFinalizers):
(JSC::Heap::runEndPhase):

• llint/LLIntSlowPaths.cpp:

(JSC::LLInt::dispatchToNextInstruction):

• runtime/Options.cpp:

(JSC::recomputeDependentOptions):
(JSC::Options::initialize):
(JSC::Options::ensureOptionsAreCoherent):

• runtime/OptionsList.h:
• runtime/ScriptExecutable.cpp:

(JSC::ScriptExecutable::prepareForExecutionImpl):

Tools:

• Scripts/run-jsc-stress-tests:

5:37 PM Changeset in webkit [254479] by yoshiaki.jitsukawa@sony.com

• 3 edits in trunk/Tools

Fix path-specific filters on Windows
​https://bugs.webkit.org/show_bug.cgi?id=205786

Reviewed by David Kilzer.

• Scripts/webkitpy/style/filter.py:

(FilterConfiguration._path_rules_from_path):
Convert forward slashes to backward slashes on Windows by using
os.path.normcase(). Nothing changed on other OSs.

• Scripts/webkitpy/style/filter_unittest.py:

(FilterConfigurationTest.test_path_with_different_case):

5:10 PM Changeset in webkit [254478] by Alan Coon

• 2 edits in branches/safari-609-branch/Tools

Cherry-pick r254440. rdar://problem/58530962

Don't softlink AVCapture classes on watchOS or tvOS
​https://bugs.webkit.org/show_bug.cgi?id=205974
<rdar://problem/58427281>

Unreviewed test fix after r254257.

• TestWebKitAPI/Tests/WebCore/cocoa/AVFoundationSoftLinkTest.mm: (TestWebKitAPI::TEST):

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254440 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5:10 PM Changeset in webkit [254477] by Alan Coon

• 3 edits
  4 adds in branches/safari-609-branch

Cherry-pick r254349. rdar://problem/58529720

ObjectAllocationSinkingPhase doesn't model pointers to allocations in control flow properly
​https://bugs.webkit.org/show_bug.cgi?id=204738
<rdar://problem/57553238>

Reviewed by Yusuke Suzuki.

JSTests:

• stress/allocation-sinking-must-model-allocation-pointers-properly-2.js: Added. (assert): (v9):
• stress/allocation-sinking-must-model-allocation-pointers-properly-3.js: Added. (assert): (v9):
• stress/allocation-sinking-must-model-allocation-pointers-properly-4.js: Added. (bool): (effects): (escape): (bar):
• stress/allocation-sinking-must-model-allocation-pointers-properly.js: Added. (alwaysFalse): (sometimesZero): (assert): (v9):

Source/JavaScriptCore:

Allocation sinking phase conducts a points to analysis. It uses this
information for programs like:

`
1: NewObject
2: NewObject
3: PutByOffset(@2, @1, "x")
4: GetByOffset(@2, "x")
`

It solves the points to problem knowing @4 points to @1.

It tracks this data in the LocalHeap data structure. This is used to track
the heap across blocks, and it includes a merge function to handle control
flow merges. However, this merge function would not always merge the pointer
sets together. It sometimes would merge them together, since it had a fast
path check inside merge, which would just copy the contents of the block to be
merged with itself if it were this block's first time merging. This fast path happened
to hide the bug in general case merge code. If we didn't take this fast path,
we would just never transfer pointer sets from predecessor to successor. This
could lead to all kinds of issues, including using the incorrect phantom node
in IR instead of its materialized version. It could also lead to the phase not
sinking objects it is capable of sinking.

This patch makes it so that we merge together the pointer sets. We always add
new pointers to the set. So in pointer A->B, if the set has yet to see A, we
add it. If the set already contains pointer A->B, and we encounter a new
pointer A->C, or if we encounter a merge without any A->* pointer, we mark
the A pointer as top, marking it A->TOP. We do this to ensure that we fixpoint.
We're guaranteed that m_pointers is monotonically increasing (module liveness
pruning, which is a constant). And once something is TOP, it never becomes
anything else. (Instead of marking a pointer top, we used to just remove it
from the set, but this has issues, as it could lead to us ping-ponging in
our fixpoint analysis, add, remove, add, remove, etc.)

So the merge rules are:
{A->B} merge {A->B} => {A->B}
{A->B} merge {A->C} => {A->TOP}
{A->B} merge {A->TOP} => {A->TOP}
{A->B} merge {} => {A->TOP}

Thanks to Samuel Groß of Google Project Zero for identifying this bug.

• dfg/DFGObjectAllocationSinkingPhase.cpp:

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254349 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5:10 PM Changeset in webkit [254476] by Alan Coon

• 3 edits in branches/safari-609-branch/Source/WebCore/PAL

Cherry-pick r254257. rdar://problem/58530962

Don't softlink AVCapture classes on watchOS or tvOS
​https://bugs.webkit.org/show_bug.cgi?id=205974
<rdar://problem/45508044>

Reviewed by Jon Lee.

• pal/cocoa/AVFoundationSoftLink.h:
• pal/cocoa/AVFoundationSoftLink.mm:

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254257 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5:10 PM Changeset in webkit [254475] by Alan Coon

• 3 edits
  2 adds in branches/safari-609-branch

Cherry-pick r254220. rdar://problem/58429234

Fix specification violation in Font Loading API
​https://bugs.webkit.org/show_bug.cgi?id=205901
<rdar://problem/58083743>

Reviewed by Brent Fulgham.

Source/WebCore:

Our Font Loading API does not comply with the spec:

If the parsed value is a CSS-wide keyword, return a syntax error.

Rather than crashing, we should return a syntax error.

Test: fast/text/font-loading-global-keyword.html

• css/CSSFontFaceSet.cpp: (WebCore::computeFontSelectionRequest): (WebCore::CSSFontFaceSet::matchingFacesExcludingPreinstalledFonts):

LayoutTests:

Test all the entry points to the CSS Font Loading API that accept CSS keywords.

• fast/text/font-loading-global-keyword-expected.txt: Added.
• fast/text/font-loading-global-keyword.html: Added.

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254220 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5:10 PM Changeset in webkit [254474] by Alan Coon

• 7 edits in branches/safari-609-branch/Source/WebKit

Cherry-pick r254101. rdar://problem/58535157

[iOS] Get display level in the UI process for all iOS platforms
​https://bugs.webkit.org/show_bug.cgi?id=205835
<rdar://problem/58116883>

Reviewed by Brent Fulgham.

This was previously only done for iOS, but should be done for all iOS platforms.

• UIProcess/Cocoa/WebProcessPoolCocoa.mm: (WebKit::WebProcessPool::registerNotificationObservers):
• UIProcess/WebProcessPool.cpp: (WebKit::WebProcessPool::initializeNewWebProcess):
• UIProcess/WebProcessPool.h:
• WebProcess/WebProcess.h:
• WebProcess/WebProcess.messages.in:
• WebProcess/cocoa/WebProcessCocoa.mm:

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254101 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5:08 PM Changeset in webkit [254473] by ddkilzer@apple.com

• 2 edits in trunk/Tools

WTR::TestController::decidePolicyForPluginLoad() should output bundle identifier on release assert
<​https://webkit.org/b/206105>

Reviewed by Brent Fulgham.

• WebKitTestRunner/TestController.cpp:

(WTR::TestController::decidePolicyForPluginLoad): Change
RELEASE_ASSERT_NOT_REACHED() to
RELEASE_ASSERT_NOT_REACHED_WITH_MESSAGE() with bundle
identifier.

4:39 PM Changeset in webkit [254472] by Kate Cheney

• 4 edits in trunk/Source/WebKit

_WKResourceLoadStatisticsFirstParty should be forward declared not imported in _WKResourceLoadStatisticsThirdParty
​https://bugs.webkit.org/show_bug.cgi?id=206183
<rdar://problem/58535245>

Reviewed by Alex Christensen.

• UIProcess/API/Cocoa/_WKResourceLoadStatisticsFirstParty.h:
• UIProcess/API/Cocoa/_WKResourceLoadStatisticsThirdParty.h:
• UIProcess/API/Cocoa/_WKResourceLoadStatisticsThirdParty.mm:

The additional import statement here was unnecessary because
this file imports _WKResourceLoadStatisticsThirdPartyInternal.h
which forward declares the _WKResourceLoadStatisticsFirstParty class.

4:28 PM Changeset in webkit [254471] by Ross Kirsling

• 2 edits in trunk/Source/WebCore

Unreviewed build fix for PlayStation and clang-cl.

clang for Windows (< v10.0.0) cannot destructure a const class. See also r249524.

• rendering/InlineTextBox.cpp:

(WebCore::InlineTextBox::collectMarkedTextsForHighlights const):

4:15 PM Changeset in webkit [254470] by Alan Coon

• 8 edits in branches/safari-609-branch/Source

Versioning.

4:13 PM Changeset in webkit [254469] by Kate Cheney

• 2 edits in trunk/Source/WebKit

Unreviewed followup fix to: ​https://bugs.webkit.org/show_bug.cgi?id=205288.
This flag should be off-by-default.

• Shared/WebPreferences.yaml:

4:11 PM Changeset in webkit [254468] by Truitt Savell

• 2 edits in trunk/Source/WebCore

Unreviewed, rolling out r254463.

Broke all Mac and iOS Builds.

Reverted changeset:

"Unreviewed build fix for PlayStation and clang-cl."
​https://trac.webkit.org/changeset/254463

4:08 PM Changeset in webkit [254467] by commit-queue@webkit.org

• 1568 edits
  2 copies
  39 adds
  2 deletes in trunk/LayoutTests

REGRESSION(r253683): [GTK][WPE] Lots of offscreen-canvas WPT tests failing
​https://bugs.webkit.org/show_bug.cgi?id=205445

Patch by Chris Lord <Chris Lord> on 2020-01-13
Reviewed by Carlos Alberto Lopez Perez.

Bug 205445 - Update and re-enable OffscreenCanvas tests

LayoutTests/imported/w3c:

• resources/import-expectations.json:
• web-platform-tests/fetch/nosniff/image-expected.txt: Newly passing test, presumable due to previously missing resource.
• web-platform-tests/images/*: Updated.
• web-platform-tests/offscreen-canvas/*: Updated.

LayoutTests:

• platform/gtk/TestExpectations:
• platform/wpe/TestExpectations:

4:05 PM Changeset in webkit [254466] by Alan Coon

• 8 edits in branches/safari-609.1.14-branch/Source

Versioning.

3:57 PM Changeset in webkit [254465] by youenn@apple.com

• 3 edits in trunk/Source/WebCore

Clean-up MediaPlayerPrivateMediaStreamAVFObjC.h/.mm
​https://bugs.webkit.org/show_bug.cgi?id=206060

Reviewed by Eric Carlson.

No change of behavior.

• platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h:
• platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:

3:55 PM Changeset in webkit [254464] by mark.lam@apple.com

• 45 edits
  4 adds in trunk

Replace uses of Box<Identifier> with a new CacheableIdentifier class.
​https://bugs.webkit.org/show_bug.cgi?id=205544
<rdar://problem/58041800>

Reviewed by Saam Barati.

JSTests:

• stress/racy-gc-cleanup-of-identifier-after-mutator-stops-running.js: Added.

Source/JavaScriptCore:

The introduction of the use of Box<Identifier> was to get around having to
ref/deref the underlying UniqedStringImpl in Identifiers from the compiler
and GC threads. However, it proves to be difficult to control when these
Box<Identifier>s get destructed, and requires that we find all the places in
the compier and GC threads where this can happen, and apply keep alive tactics
there to defer destruction of the Box<Identifier> to the mutator thread.

This patch fixes this by replacing uses of Box<Identifier> with
CacheableIdentifier, which is effectively a tagged union of a JSCell* or a
UniquedStringImpl*. The JSCell*, in this case, can be either a Symbol* or a
JSString* that is backed by an atom string. The VM runtime ensures that we'll
never try to cache an identifier from a JSCell that is not one of these. This
CacheableIdentifier can be destructed from the compiler or GC thread. Since it
doesn't hold a ref of the underlying UniquedStringImpl, it won't try to deref
it on destruction.

Instead, we'll need to visit CacheableIdentifiers during GC scans to keep the
JSCell in it alive, and that JSCell will, in turn, keep the underlying
UniquedStringImpl alive.

This patch also does the following:

1. Add a visitAggregate() method to StructureStubInfo, PolymorphicAccess, and AccessCase to visit the CacheableIdentifier's JSCell identifier. This visitAggregate() is called from CodeBlock::stronglyVisitStrongReferences().

When we write barrier a CodeBlock, it guarantees that its visitAggregate()
methods is called. However, it does not guarantee that its propagateTransitions()
method will be called. Since the CacheableIdentifier's reference to a cell
should be a strong reference, visiting it via a StructureStubInfo::visitAggregate()
method is the right thing to do.
See ​https://bugs.webkit.org/show_bug.cgi?id=205544#c7 for an example of why
propagateTransitions() doesn't always do the job.

StructureStubInfo::visitWeakReferences() is also inappropriate for this
because it is only called after all marking is done. It is also not meant
to keep cells alive but merely for clearing weak references to dead cells.

2. Also add to visitAggregate() for ModuleNamespaceData's m_identifier in GetByStatus::markIfCheap().

3. Remove previously applied keep alive tactics to work around Box<Identifier> destruction. This also retores the allowance to destruct DFG::Plans on a compiler thread.

4. Added a JSString:getValueImpl() helper.

5. Added a write barrier in DFG and FTL JITFinalizer's finalizeCommon() to ensure that frozen values are scanned by the GC.

During compilation, the frozen values were previously protected by the Plan.
After finalization, they should be protected by the CodeBlock. Hence, we
should barrier the CodeBlock since the last GC scan of the CodeBlock may have
happened before the frozen values were registered with the CodeBlock.

GC considerations:
==================
The following also addresses Yusuke's concerns in ​https://bugs.webkit.org/show_bug.cgi?id=205544#c10.

CacheableIdentifier is only stored as fields in 4 classes/structs:

1. AccessCase::m_identifier
2. GetByIdVariant::m_identifier
3. ModuleNamespaceData::m_identifier
4. StructureStubInfo::m_getByIdSelfIdentifier

AccessCase::m_identifier
========================
While the access case is being created and added in tryCacheGetBy(), the
CacheableIdentifier is still on the stack and protected from the GC. At the
bottom of tryCacheGetBy(), StructureStubInfo::addAccessCase() is called to add
the access case.

StructureStubInfo::addAccessCase() will barrier the owner CodeBlock at its end,
and CodeBlock::stronglyVisitStrongReferences() will visit the StructureStubInfo,
which in turn visits the AccessCase. StructureStubInfo::visitAggregate() has
been added for this purpose.

GetByIdVariant::m_identifier
============================
GetByIdVariant is only stored in GetByStatus. Both GetByIdVariant and GetByStatus
are only created and handled in the DFG/FTL compiler threads. While the compiler
thread is working with them, they are safe from the GC because the GC won't collect
objects until the compiler thread is at a SafePoint.

At compiler SafePoints, any GetByStatus that needs to be persisted is stored in
DFG::Plan::m_recordedStatuses. The Plan will visit the m_recordedStatuses in
Plan::checkLivenessAndVisitChildren().

At the end of compilation, Plan::m_recordedStatuses is transferred over to the owner
CodeBlock's DFG::CommonData in Plan::finalizeWithoutNotifyingCallback().
Plan::finalizeWithoutNotifyingCallback() will also barrier the owner CodeBlock at
its end.

Thereafter, CodeBlock::stronglyVisitStrongReferences() will visit the recordedStatuses.

ModuleNamespaceData::m_identifier
=================================
ModuleNamespaceData is only stored in a GetByStatus, and is therefore protected
similarly as the GetByIdVariant::m_identifier case above.

StructureStubInfo::m_getByIdSelfIdentifier
==========================================
StructureStubInfo::initGetByIdSelf() is called from inside tryCacheGetBy().
StructureStubInfo::initGetByIdSelf() will barrier the owner CodeBlock. The
CacheableIdentifier here is protected in the same way as the AccessCase::m_identifier
case above.

DesiredIdentifiers
==================
The compiler thread may also stash a CacheableIdentifier's uid in its
DesiredIdentifiers. Normally, the identifiers stashed in DesiredIdentifiers are
from identifiers that the CodeBlock already knows abut and manages (e.g. from
GetByIds). For uids from a cell-based CacheableIdentifier variable is passed to
a GetByVal, we need kep the cell alive in order to keep the uid alive. This is
achieved by freezing the cell with freezeStrong() in the op_get_by_val case in
the DFG BytecodeParser.

Reseting a StructureStubInfo while its IC code is still executing on the stack
==============================================================================
The concern is that IC code may call slow path / getter functions that may in turn:

1. reset the IC, and
2. run the GC.

This can be a problem if:

1. there is a scenario where we return from the slow path / getter function and run IC code that uses the cell / uid from the CacheableIdentifier.

This is because the StructureStubInfo is what visits the that cell, which
in turn its uid alive. Once the StructureStubInfo is reset, it will no
longer be associated with any AccessCase or the m_getByIdSelfIdentifier.
As such they will not be visited, and the CacheableIdentifier may be collected
by the GC.

In practice, the generated IC code never uses the cell / uid after it calls
any slow path / getter function. I've verified this by auditing the code
generation in InlineAccess::generateSelfInAccess() and PolymorphicAccess::regenerate().
Hence, there's no issue with using a collected cell / uid.

2. there is a scenario where a slow path / getter function makes use of the cell / uid from the CacheableIdentifier but does not protect it.

The only 2 slow path functions:

operationGetByValGeneric()
operationGetByValOptimize()

operationGetByValGeneric() does not use any CacheableIdentifier from the StructureStubInfo.

operationGetByValOptimize() modifies the StructureStubInfo in tryCacheGetBy()
under the protection of a GCSafeConcurrentJSLocker, and can reset the
StructureStubInfo. However, it does not use any CacheableIdentifier after
that.

Hence, there's also no GC issue here.

• CMakeLists.txt:
• JavaScriptCore.xcodeproj/project.pbxproj:
• Sources.txt:
• bytecode/AccessCase.cpp:

(JSC::AccessCase::AccessCase):
(JSC::AccessCase::create):
(JSC::AccessCase::fromStructureStubInfo):
(JSC::AccessCase::commit):
(JSC::AccessCase::canReplace const):
(JSC::AccessCase::dump const):
(JSC::AccessCase::visitAggregate const):
(JSC::AccessCase::generateWithGuard):
(JSC::AccessCase::generateImpl):

• bytecode/AccessCase.h:

(JSC::AccessCase::uid const):
(JSC::AccessCase::identifier const):

• bytecode/CodeBlock.cpp:

(JSC::CodeBlock::propagateTransitions):
(JSC::CodeBlock::stronglyVisitStrongReferences):

• bytecode/GetByIdVariant.cpp:

(JSC::GetByIdVariant::GetByIdVariant):
(JSC::GetByIdVariant::attemptToMerge):
(JSC::GetByIdVariant::visitAggregate):
(JSC::GetByIdVariant::dumpInContext const):

• bytecode/GetByIdVariant.h:

(JSC::GetByIdVariant::identifier const):
(JSC::GetByIdVariant::overlaps):

• bytecode/GetByStatus.cpp:

(JSC::GetByStatus::computeFromLLInt):
(JSC::GetByStatus::computeFor):
(JSC::GetByStatus::computeForStubInfoWithoutExitSiteFeedback):
(JSC::GetByStatus::visitAggregate):
(JSC::GetByStatus::singleIdentifier const):

• bytecode/GetByStatus.h:
• bytecode/GetterSetterAccessCase.cpp:

(JSC::GetterSetterAccessCase::GetterSetterAccessCase):
(JSC::GetterSetterAccessCase::create):

• bytecode/GetterSetterAccessCase.h:
• bytecode/InstanceOfAccessCase.cpp:

(JSC::InstanceOfAccessCase::InstanceOfAccessCase):

• bytecode/IntrinsicGetterAccessCase.cpp:

(JSC::IntrinsicGetterAccessCase::IntrinsicGetterAccessCase):
(JSC::IntrinsicGetterAccessCase::create):

• bytecode/IntrinsicGetterAccessCase.h:
• bytecode/ModuleNamespaceAccessCase.cpp:

(JSC::ModuleNamespaceAccessCase::ModuleNamespaceAccessCase):
(JSC::ModuleNamespaceAccessCase::create):

• bytecode/ModuleNamespaceAccessCase.h:
• bytecode/PolymorphicAccess.cpp:

(JSC::PolymorphicAccess::visitAggregate):
(JSC::PolymorphicAccess::regenerate):

• bytecode/PolymorphicAccess.h:
• bytecode/ProxyableAccessCase.cpp:

(JSC::ProxyableAccessCase::ProxyableAccessCase):
(JSC::ProxyableAccessCase::create):

• bytecode/ProxyableAccessCase.h:
• bytecode/RecordedStatuses.cpp:

(JSC::RecordedStatuses::visitAggregate):

• bytecode/RecordedStatuses.h:
• bytecode/StructureStubInfo.cpp:

(JSC::StructureStubInfo::initGetByIdSelf):
(JSC::StructureStubInfo::addAccessCase):
(JSC::StructureStubInfo::visitAggregate):

• bytecode/StructureStubInfo.h:

(JSC::StructureStubInfo::getByIdSelfIdentifier):

• dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::parseGetById):
(JSC::DFG::ByteCodeParser::parseBlock):

• dfg/DFGDesiredIdentifiers.cpp:

(JSC::DFG::DesiredIdentifiers::ensure):
(JSC::DFG::DesiredIdentifiers::at const):
(JSC::DFG::DesiredIdentifiers::reallyAdd):
(JSC::DFG::DesiredIdentifiers::processCodeBlockIdentifiersIfNeeded): Deleted.

• dfg/DFGDesiredIdentifiers.h:
• dfg/DFGJITFinalizer.cpp:

(JSC::DFG::JITFinalizer::finalizeCommon):

• dfg/DFGPlan.cpp:

(JSC::DFG::Plan::~Plan):
(JSC::DFG::Plan::checkLivenessAndVisitChildren):
(JSC::DFG::Plan::cancel):

• dfg/DFGPlan.h:

(JSC::DFG::Plan::keepAliveIdentifier): Deleted.

• dfg/DFGWorklist.cpp:

(JSC::DFG::Worklist::removeAllReadyPlansForVM):
(JSC::DFG::Worklist::removeDeadPlans):
(JSC::DFG::Worklist::removeNonCompilingPlansForVM):
(JSC::DFG::Worklist::deleteCancelledPlansForVM): Deleted.

• dfg/DFGWorklist.h:
• ftl/FTLJITFinalizer.cpp:

(JSC::FTL::JITFinalizer::finalizeCommon):

• jit/JITOperations.cpp:
• jit/Repatch.cpp:

(JSC::tryCacheGetBy):
(JSC::repatchGetBy):
(JSC::tryCacheArrayGetByVal):
(JSC::tryCacheInstanceOf):

• jit/Repatch.h:
• runtime/CacheableIdentifier.cpp: Added.

(JSC::CacheableIdentifier::dump const):

• runtime/CacheableIdentifier.h: Added.

(JSC::CacheableIdentifier::CacheableIdentifier):
(JSC::CacheableIdentifier::isUid const):
(JSC::CacheableIdentifier::isCell const):
(JSC::CacheableIdentifier::isSymbol const):
(JSC::CacheableIdentifier::operator bool const):

• runtime/CacheableIdentifierInlines.h: Added.

(JSC::CacheableIdentifier::CacheableIdentifier):
(JSC::CacheableIdentifier::cell const):
(JSC::CacheableIdentifier::uid const):
(JSC::CacheableIdentifier::isCacheableIdentifierCell):
(JSC::CacheableIdentifier::isSymbolCell const):
(JSC::CacheableIdentifier::isStringCell const):
(JSC::CacheableIdentifier::setCellBits):
(JSC::CacheableIdentifier::setUidBits):
(JSC::CacheableIdentifier::visitAggregate const):
(JSC::CacheableIdentifier::operator== const):
(JSC::CacheableIdentifier::operator!= const):

• runtime/ExceptionHelpers.cpp:

(JSC::functionCallBase):

• runtime/JSString.h:

(JSC::JSString::getValueImpl const):

• runtime/VM.cpp:

(JSC::VM::ensureWatchpointSetForImpureProperty):
(JSC::VM::addImpureProperty):
(JSC::VM::registerWatchpointForImpureProperty): Deleted.

• runtime/VM.h:

Source/WebCore:

• bindings/js/CommonVM.cpp:

(WebCore::addImpureProperty):

3:52 PM Changeset in webkit [254463] by Ross Kirsling

• 2 edits in trunk/Source/WebCore

Unreviewed build fix for PlayStation and clang-cl.

clang for Windows (< v10.0.0) cannot destructure a const class. See also r249524.

• rendering/InlineTextBox.cpp:

(WebCore::InlineTextBox::collectMarkedTextsForHighlights const):

3:37 PM Changeset in webkit [254462] by achristensen@apple.com

• 2 edits in trunk/Source/WebKit

Propogate UIEdgeInsets from WKWebView to WKSafeBrowsingWarning on iOS
​https://bugs.webkit.org/show_bug.cgi?id=206201
<rdar://problem/57135847>

Reviewed by Tim Horton.

Manually verified this fixes the radar.

• UIProcess/API/ios/WKWebViewIOS.mm:

(-[WKWebView _computedObscuredInsetForSafeBrowsingWarning]):
(-[WKWebView safeAreaInsetsDidChange]):
(-[WKWebView _setObscuredInsets:]):

3:35 PM Changeset in webkit [254461] by cathiechen

• 8 edits in trunk/LayoutTests/imported/w3c

Import the update of img-aspect-ratio.html.
​https://bugs.webkit.org/show_bug.cgi?id=206160

Reviewed by Frédéric Wang

Use parseFloat() instead of parseInt() in img-aspect-ratio.html.
The resource location was changed to relative in bug 205678. To keep them consistent with others, restore them.

• web-platform-tests/html/rendering/replaced-elements/attributes-for-embedded-content-and-images/align.html:
• web-platform-tests/html/rendering/replaced-elements/attributes-for-embedded-content-and-images/canvas-aspect-ratio.html:
• web-platform-tests/html/rendering/replaced-elements/attributes-for-embedded-content-and-images/content-aspect-ratio.html:
• web-platform-tests/html/rendering/replaced-elements/attributes-for-embedded-content-and-images/img-aspect-ratio.html:
• web-platform-tests/html/rendering/replaced-elements/attributes-for-embedded-content-and-images/img-no-alt-replaced.html:
• web-platform-tests/html/rendering/replaced-elements/attributes-for-embedded-content-and-images/img-replaced-box-while-loading.html:
• web-platform-tests/html/rendering/replaced-elements/attributes-for-embedded-content-and-images/video-aspect-ratio.html:

3:20 PM Changeset in webkit [254460] by Alan Coon

• 8 edits in branches/safari-609-branch/Source

Revert "Versioning."

This reverts revision 254459.

3:17 PM Changeset in webkit [254459] by Alan Coon

• 8 edits in branches/safari-609-branch/Source

Versioning.

3:06 PM Changeset in webkit [254458] by commit-queue@webkit.org

• 3 edits
  2 adds in trunk

Fix computeFloatVisibleRectInContainer to handle non-SVG object parent
​https://bugs.webkit.org/show_bug.cgi?id=205282
Source/WebCore:

<rdar://problem/57975185>

Patch by Sunny He <​sunny_he@apple.com> on 2020-01-13
Reviewed by Darin Adler.

Test: svg/dom/replaceChild-document-crash.html

• rendering/svg/SVGRenderSupport.cpp:

(WebCore::SVGRenderSupport::computeFloatVisibleRectInContainer):

LayoutTests:

Patch by Sunny He <​sunny_he@apple.com> on 2020-01-13
Reviewed by Darin Adler.

• svg/dom/replaceChild-document-crash-expected.txt: Added.
• svg/dom/replaceChild-document-crash.html: Added.

3:02 PM Changeset in webkit [254457] by Alan Coon

• 1 copy in branches/safari-609.1.14-branch

New branch.

3:02 PM Changeset in webkit [254456] by Alan Coon

• 1 delete in branches/safari-609.1.14-branch

Delete branch.

2:54 PM Changeset in webkit [254455] by Alan Coon

• 1 copy in branches/safari-610.1.1-branch

New branch.

2:27 PM Changeset in webkit [254454] by eric.carlson@apple.com

• 21 edits
  6 adds in trunk

Expose audio tracks for media files in the GPUProcess
​https://bugs.webkit.org/show_bug.cgi?id=206152
<rdar://problem/58513227>

Reviewed by youenn fablet.

Source/WebCore:

No new tests, un-skipped existing tests that pass because of this change.

• platform/graphics/AudioTrackPrivate.h:
• platform/graphics/TrackPrivateBase.h:

Source/WebKit:

• GPUProcess/media/RemoteAudioTrackProxy.cpp: Added.

(WebKit::RemoteAudioTrackProxy::RemoteAudioTrackProxy):
(WebKit::RemoteAudioTrackProxy::configuration):
(WebKit::RemoteAudioTrackProxy::configurationChanged):
(WebKit::RemoteAudioTrackProxy::willRemove):
(WebKit::RemoteAudioTrackProxy::enabledChanged):
(WebKit::RemoteAudioTrackProxy::idChanged):
(WebKit::RemoteAudioTrackProxy::labelChanged):
(WebKit::RemoteAudioTrackProxy::languageChanged):

• GPUProcess/media/RemoteAudioTrackProxy.h: Added.
• GPUProcess/media/RemoteMediaPlayerManagerProxy.cpp:

(WebKit::RemoteMediaPlayerManagerProxy::setRate):
(WebKit::RemoteMediaPlayerManagerProxy::audioTrackSetEnabled):

• GPUProcess/media/RemoteMediaPlayerManagerProxy.h:
• GPUProcess/media/RemoteMediaPlayerManagerProxy.messages.in:
• GPUProcess/media/RemoteMediaPlayerProxy.cpp:

(WebKit::RemoteMediaPlayerProxy::mediaPlayerDidAddAudioTrack):
(WebKit::RemoteMediaPlayerProxy::mediaPlayerDidRemoveAudioTrack):
(WebKit::RemoteMediaPlayerProxy::audioTrackSetEnabled):

• GPUProcess/media/RemoteMediaPlayerProxy.h:
• GPUProcess/media/TrackPrivateRemoteConfiguration.h: Added.

(WebKit::TrackPrivateRemoteConfiguration::encode const):
(WebKit::TrackPrivateRemoteConfiguration::decode):

• GPUProcess/media/TrackPrivateRemoteIdentifier.h: Added.
• Scripts/webkit/messages.py:
• Sources.txt:
• WebKit.xcodeproj/project.pbxproj:
• WebProcess/GPU/media/AudioTrackPrivateRemote.cpp: Added.

(WebKit::AudioTrackPrivateRemote::AudioTrackPrivateRemote):
(WebKit::AudioTrackPrivateRemote::setEnabled):
(WebKit::AudioTrackPrivateRemote::updateConfiguration):

• WebProcess/GPU/media/AudioTrackPrivateRemote.h: Added.

(WebKit::AudioTrackPrivateRemote::create):

• WebProcess/GPU/media/MediaPlayerPrivateRemote.cpp:

(WebKit::MediaPlayerPrivateRemote::addRemoteAudioTrack):
(WebKit::MediaPlayerPrivateRemote::removeRemoteAudioTrack):
(WebKit::MediaPlayerPrivateRemote::remoteAudioTrackConfigurationChanged):

• WebProcess/GPU/media/MediaPlayerPrivateRemote.h:
• WebProcess/GPU/media/RemoteMediaPlayerManager.cpp:

(WebKit::RemoteMediaPlayerManager::timeChanged):
(WebKit::RemoteMediaPlayerManager::durationChanged):
(WebKit::RemoteMediaPlayerManager::engineFailedToLoad):
(WebKit::RemoteMediaPlayerManager::characteristicChanged):
(WebKit::RemoteMediaPlayerManager::sizeChanged):
(WebKit::RemoteMediaPlayerManager::addRemoteAudioTrack):
(WebKit::RemoteMediaPlayerManager::removeRemoteAudioTrack):
(WebKit::RemoteMediaPlayerManager::remoteAudioTrackConfigurationChanged):
(WebKit::RemoteMediaPlayerManager::updateCachedState):

• WebProcess/GPU/media/RemoteMediaPlayerManager.h:
• WebProcess/GPU/media/RemoteMediaPlayerManager.messages.in:
• WebProcess/GPU/webrtc/LibWebRTCCodecs.cpp:

LayoutTests:

• gpu-process/TestExpectations:

2:26 PM Changeset in webkit [254453] by Alan Bujtas

• 1 edit
  2 adds in trunk/LayoutTests

Add a simple trailing letter-spacing test case
​https://bugs.webkit.org/show_bug.cgi?id=206185
<rdar://problem/58535841>

Reviewed by Antti Koivisto.

• fast/text/trailing-letter-spacing-long-expected.html: Added.
• fast/text/trailing-letter-spacing-long.html: Added.

1:49 PM Changeset in webkit [254452] by weinig@apple.com

• 3 edits in trunk/Source/WTF

Platform.h is out of control Part 3: Move all ENABLE_* macros definitions in FeatureDefines.h
​https://bugs.webkit.org/show_bug.cgi?id=206139

Reviewed by Anders Carlsson.

• Moves all remaining ENABLE_* defines out of Platform.h and into FeatureDefines.h
• Moves most, USE_UDIS86 and USE_ARM64_DISASSEMBLER are tangled up in the JIT definitions still, HAVE_* and USE_* defines out of FeatureDefines.h and into Platform.h
• Where straigthforward, convert macro definitions into a canonical 3 line entry of the form:

#if !defined(MACRO_NAME) && (<CONDITIONS HERE>)
#define MACRO_NAME 1
#endif

There is rarely (if ever) a resone to undefine or define one of these platform related
macros to 0 as the usage macros (e.g. HAVE(...), ENABLE(...), etc.) handle undefined as 0.

• Added a guard so that FeatureDefines.h can't be included directly, and must be included via Platform.h. This is necessary as it depends heavily on macros defined in Platform.h
• Added numerous FIXMEs detailing follow up cleaning.

• wtf/FeatureDefines.h:
• wtf/Platform.h:

1:42 PM Changeset in webkit [254451] by Alan Coon

• 3 edits
  4 adds in branches/safari-608.5.7.3-branch

Cherry-pick r254349. rdar://problem/58529694

ObjectAllocationSinkingPhase doesn't model pointers to allocations in control flow properly
​https://bugs.webkit.org/show_bug.cgi?id=204738
<rdar://problem/57553238>

Reviewed by Yusuke Suzuki.

JSTests:

• stress/allocation-sinking-must-model-allocation-pointers-properly-2.js: Added. (assert): (v9):
• stress/allocation-sinking-must-model-allocation-pointers-properly-3.js: Added. (assert): (v9):
• stress/allocation-sinking-must-model-allocation-pointers-properly-4.js: Added. (bool): (effects): (escape): (bar):
• stress/allocation-sinking-must-model-allocation-pointers-properly.js: Added. (alwaysFalse): (sometimesZero): (assert): (v9):

Source/JavaScriptCore:

Allocation sinking phase conducts a points to analysis. It uses this
information for programs like:

`
1: NewObject
2: NewObject
3: PutByOffset(@2, @1, "x")
4: GetByOffset(@2, "x")
`

It solves the points to problem knowing @4 points to @1.

It tracks this data in the LocalHeap data structure. This is used to track
the heap across blocks, and it includes a merge function to handle control
flow merges. However, this merge function would not always merge the pointer
sets together. It sometimes would merge them together, since it had a fast
path check inside merge, which would just copy the contents of the block to be
merged with itself if it were this block's first time merging. This fast path happened
to hide the bug in general case merge code. If we didn't take this fast path,
we would just never transfer pointer sets from predecessor to successor. This
could lead to all kinds of issues, including using the incorrect phantom node
in IR instead of its materialized version. It could also lead to the phase not
sinking objects it is capable of sinking.

This patch makes it so that we merge together the pointer sets. We always add
new pointers to the set. So in pointer A->B, if the set has yet to see A, we
add it. If the set already contains pointer A->B, and we encounter a new
pointer A->C, or if we encounter a merge without any A->* pointer, we mark
the A pointer as top, marking it A->TOP. We do this to ensure that we fixpoint.
We're guaranteed that m_pointers is monotonically increasing (module liveness
pruning, which is a constant). And once something is TOP, it never becomes
anything else. (Instead of marking a pointer top, we used to just remove it
from the set, but this has issues, as it could lead to us ping-ponging in
our fixpoint analysis, add, remove, add, remove, etc.)

So the merge rules are:
{A->B} merge {A->B} => {A->B}
{A->B} merge {A->C} => {A->TOP}
{A->B} merge {A->TOP} => {A->TOP}
{A->B} merge {} => {A->TOP}

Thanks to Samuel Groß of Google Project Zero for identifying this bug.

• dfg/DFGObjectAllocationSinkingPhase.cpp:

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254349 268f45cc-cd09-0410-ab3c-d52691b4dbfc

1:37 PM Changeset in webkit [254450] by Alan Coon

• 3 edits
  4 deletes in branches/safari-608.5.0.2-branch

Revert r254349. rdar://problem/58529691

This reverts commit r254445.

1:37 PM Changeset in webkit [254449] by Truitt Savell

• 2 edits in trunk/LayoutTests

Flaky Test: imported/w3c/web-platform-tests/svg/import/struct-dom-06-b-manual.svg
​https://bugs.webkit.org/show_bug.cgi?id=204312

Unreviewed test gardening.

• platform/mac/TestExpectations:

1:33 PM Changeset in webkit [254448] by aakash_jain@apple.com

• 1 edit
  1 add in trunk/Tools

[EWS] Add unit tests for factories
​https://bugs.webkit.org/show_bug.cgi?id=206159

Reviewed by Jonathan Bedard.

• BuildSlaveSupport/ews-build/factories_unittest.py: Added unit tests for factories.

1:28 PM Changeset in webkit [254447] by ysuzuki@apple.com

• 9 edits
  2 deletes in trunk/Source/JavaScriptCore

[JSC] Put JSProxy in IsoSubspace
​https://bugs.webkit.org/show_bug.cgi?id=206187

Reviewed by Mark Lam.

1. Put JSProxy in IsoSubspace.
2. Make JSProxy non-destructible since derived class JSWindowProxy is having its own IsoSubspace with destructibility.

• CMakeLists.txt:
• JavaScriptCore.xcodeproj/project.pbxproj:
• Sources.txt:
• runtime/JSGlobalObject.cpp:

(JSC::JSGlobalObject::resetPrototype):
(JSC::JSGlobalObject::finishCreation):

• runtime/JSNonDestructibleProxy.cpp: Removed.
• runtime/JSNonDestructibleProxy.h: Removed.
• runtime/JSProxy.h:

(JSC::JSProxy::subspaceFor):

• runtime/JSStringIterator.h:
• runtime/VM.cpp:

(JSC::VM::VM):

• runtime/VM.h:

12:21 PM Changeset in webkit [254446] by youenn@apple.com

• 11 edits
  1 copy
  2 moves
  2 adds in trunk/Source/WebCore

Split AudioTrackPrivateMediaStreamCocoa to implement remote audio rendering
​https://bugs.webkit.org/show_bug.cgi?id=206172

Reviewed by Eric Carlson.

Refactor code to allow in the future rendering of media stream audio tracks in a remote process.
For that purpose, split AudioTrackPrivateMediaStreamCocoa functionality in two parts.
The first part is moved back to AudioTrackPrivateMediaStream.
The second part is platform specific and is defined in terms of an interface AudioMediaStreamTrackRenderer
and an in process implementation named AudioMediaStreamTrackRendererCocoa.

Make TrackPrivateBase and MediaStreamTrackPrivate public LoggerHelper.
This allows making AudioMediaStreamTrackRenderer and AudioSampleDataSource to take a LoggerHelper instead of a derived instance.

No change of behavior.

• Sources.txt:
• SourcesCocoa.txt:
• WebCore.xcodeproj/project.pbxproj:
• platform/audio/mac/AudioSampleDataSource.h:
• platform/audio/mac/AudioSampleDataSource.mm:

(WebCore::AudioSampleDataSource::create):
(WebCore::AudioSampleDataSource::AudioSampleDataSource):

• platform/graphics/TrackPrivateBase.h:
• platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h:
• platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:

(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateTracks):

• platform/mediastream/AudioMediaStreamTrackRenderer.h: Added.

(WebCore::AudioMediaStreamTrackRenderer::setMuted):
(WebCore::AudioMediaStreamTrackRenderer::setVolume):
(WebCore::AudioMediaStreamTrackRenderer::volume const):
(WebCore::AudioMediaStreamTrackRenderer::isMuted const):

• platform/mediastream/AudioTrackPrivateMediaStream.cpp: Added.

(WebCore::AudioTrackPrivateMediaStream::setLogger):
(WebCore::AudioTrackPrivateMediaStream::AudioTrackPrivateMediaStream):
(WebCore::AudioTrackPrivateMediaStream::~AudioTrackPrivateMediaStream):
(WebCore::AudioTrackPrivateMediaStream::clear):
(WebCore::AudioTrackPrivateMediaStream::playInternal):
(WebCore::AudioTrackPrivateMediaStream::play):
(WebCore::AudioTrackPrivateMediaStream::pause):
(WebCore::AudioTrackPrivateMediaStream::setVolume):
(WebCore::AudioTrackPrivateMediaStream::volume const):
(WebCore::AudioTrackPrivateMediaStream::audioSamplesAvailable):
(WebCore::AudioTrackPrivateMediaStream::trackMutedChanged):
(WebCore::AudioTrackPrivateMediaStream::trackEnabledChanged):
(WebCore::AudioTrackPrivateMediaStream::updateRendererMutedState):
(WebCore::AudioTrackPrivateMediaStream::trackEnded):

• platform/mediastream/AudioTrackPrivateMediaStream.h:
• platform/mediastream/MediaStreamTrackPrivate.h:
• platform/mediastream/mac/AudioMediaStreamTrackRendererCocoa.cpp: Added.

(WebCore::AudioMediaStreamTrackRendererCocoa::stop):
(WebCore::AudioMediaStreamTrackRendererCocoa::clear):
(WebCore::AudioMediaStreamTrackRendererCocoa::setPaused):
(WebCore::AudioMediaStreamTrackRendererCocoa::createAudioUnit):
(WebCore::AudioMediaStreamTrackRendererCocoa::pushSamples):
(WebCore::AudioMediaStreamTrackRendererCocoa::render):
(WebCore::AudioMediaStreamTrackRendererCocoa::inputProc):

• platform/mediastream/mac/AudioMediaStreamTrackRendererCocoa.h: Added.
• platform/mediastream/mac/AudioTrackPrivateMediaStreamCocoa.h: Removed.

11:57 AM Changeset in webkit [254445] by Alan Coon

• 3 edits
  4 adds in branches/safari-608.5.0.2-branch

Cherry-pick r254349. rdar://problem/58529691

ObjectAllocationSinkingPhase doesn't model pointers to allocations in control flow properly
​https://bugs.webkit.org/show_bug.cgi?id=204738
<rdar://problem/57553238>

Reviewed by Yusuke Suzuki.

JSTests:

• stress/allocation-sinking-must-model-allocation-pointers-properly-2.js: Added. (assert): (v9):
• stress/allocation-sinking-must-model-allocation-pointers-properly-3.js: Added. (assert): (v9):
• stress/allocation-sinking-must-model-allocation-pointers-properly-4.js: Added. (bool): (effects): (escape): (bar):
• stress/allocation-sinking-must-model-allocation-pointers-properly.js: Added. (alwaysFalse): (sometimesZero): (assert): (v9):

Source/JavaScriptCore:

Allocation sinking phase conducts a points to analysis. It uses this
information for programs like:

`
1: NewObject
2: NewObject
3: PutByOffset(@2, @1, "x")
4: GetByOffset(@2, "x")
`

It solves the points to problem knowing @4 points to @1.

It tracks this data in the LocalHeap data structure. This is used to track
the heap across blocks, and it includes a merge function to handle control
flow merges. However, this merge function would not always merge the pointer
sets together. It sometimes would merge them together, since it had a fast
path check inside merge, which would just copy the contents of the block to be
merged with itself if it were this block's first time merging. This fast path happened
to hide the bug in general case merge code. If we didn't take this fast path,
we would just never transfer pointer sets from predecessor to successor. This
could lead to all kinds of issues, including using the incorrect phantom node
in IR instead of its materialized version. It could also lead to the phase not
sinking objects it is capable of sinking.

This patch makes it so that we merge together the pointer sets. We always add
new pointers to the set. So in pointer A->B, if the set has yet to see A, we
add it. If the set already contains pointer A->B, and we encounter a new
pointer A->C, or if we encounter a merge without any A->* pointer, we mark
the A pointer as top, marking it A->TOP. We do this to ensure that we fixpoint.
We're guaranteed that m_pointers is monotonically increasing (module liveness
pruning, which is a constant). And once something is TOP, it never becomes
anything else. (Instead of marking a pointer top, we used to just remove it
from the set, but this has issues, as it could lead to us ping-ponging in
our fixpoint analysis, add, remove, add, remove, etc.)

So the merge rules are:
{A->B} merge {A->B} => {A->B}
{A->B} merge {A->C} => {A->TOP}
{A->B} merge {A->TOP} => {A->TOP}
{A->B} merge {} => {A->TOP}

Thanks to Samuel Groß of Google Project Zero for identifying this bug.

• dfg/DFGObjectAllocationSinkingPhase.cpp:

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254349 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:51 AM Changeset in webkit [254444] by Alan Coon

• 7 edits in branches/safari-608.5.7.3-branch/Source

Versioning.

11:48 AM Changeset in webkit [254443] by Alan Coon

• 3 edits
  4 adds in branches/safari-608-branch

Cherry-pick r254349. rdar://problem/58529693

ObjectAllocationSinkingPhase doesn't model pointers to allocations in control flow properly
​https://bugs.webkit.org/show_bug.cgi?id=204738
<rdar://problem/57553238>

Reviewed by Yusuke Suzuki.

JSTests:

• stress/allocation-sinking-must-model-allocation-pointers-properly-2.js: Added. (assert): (v9):
• stress/allocation-sinking-must-model-allocation-pointers-properly-3.js: Added. (assert): (v9):
• stress/allocation-sinking-must-model-allocation-pointers-properly-4.js: Added. (bool): (effects): (escape): (bar):
• stress/allocation-sinking-must-model-allocation-pointers-properly.js: Added. (alwaysFalse): (sometimesZero): (assert): (v9):

Source/JavaScriptCore:

Allocation sinking phase conducts a points to analysis. It uses this
information for programs like:

`
1: NewObject
2: NewObject
3: PutByOffset(@2, @1, "x")
4: GetByOffset(@2, "x")
`

It solves the points to problem knowing @4 points to @1.

It tracks this data in the LocalHeap data structure. This is used to track
the heap across blocks, and it includes a merge function to handle control
flow merges. However, this merge function would not always merge the pointer
sets together. It sometimes would merge them together, since it had a fast
path check inside merge, which would just copy the contents of the block to be
merged with itself if it were this block's first time merging. This fast path happened
to hide the bug in general case merge code. If we didn't take this fast path,
we would just never transfer pointer sets from predecessor to successor. This
could lead to all kinds of issues, including using the incorrect phantom node
in IR instead of its materialized version. It could also lead to the phase not
sinking objects it is capable of sinking.

This patch makes it so that we merge together the pointer sets. We always add
new pointers to the set. So in pointer A->B, if the set has yet to see A, we
add it. If the set already contains pointer A->B, and we encounter a new
pointer A->C, or if we encounter a merge without any A->* pointer, we mark
the A pointer as top, marking it A->TOP. We do this to ensure that we fixpoint.
We're guaranteed that m_pointers is monotonically increasing (module liveness
pruning, which is a constant). And once something is TOP, it never becomes
anything else. (Instead of marking a pointer top, we used to just remove it
from the set, but this has issues, as it could lead to us ping-ponging in
our fixpoint analysis, add, remove, add, remove, etc.)

So the merge rules are:
{A->B} merge {A->B} => {A->B}
{A->B} merge {A->C} => {A->TOP}
{A->B} merge {A->TOP} => {A->TOP}
{A->B} merge {} => {A->TOP}

Thanks to Samuel Groß of Google Project Zero for identifying this bug.

• dfg/DFGObjectAllocationSinkingPhase.cpp:

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254349 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:42 AM Changeset in webkit [254442] by Alan Coon

• 7 edits in branches/safari-608-branch/Source

Versioning.

11:32 AM Changeset in webkit [254441] by Alan Bujtas

• 2 edits in trunk/LayoutTests

Explain why we started skipping "insert-span-into-long-text-bug-28245.html" in debug.

• TestExpectations:

11:26 AM Changeset in webkit [254440] by eric.carlson@apple.com

• 2 edits in trunk/Tools

Don't softlink AVCapture classes on watchOS or tvOS
​https://bugs.webkit.org/show_bug.cgi?id=205974
<rdar://problem/58427281>

Unreviewed test fix after r254257.

• TestWebKitAPI/Tests/WebCore/cocoa/AVFoundationSoftLinkTest.mm:

(TestWebKitAPI::TEST):

10:53 AM Changeset in webkit [254439] by jiewen_tan@apple.com

• 24 edits
  5 adds in trunk

[WebAuthn] Support CTAP Client Pin
​https://bugs.webkit.org/show_bug.cgi?id=191516
<rdar://problem/56558558>

Reviewed by Brent Fulgham.

Source/WebCore:

Covered by API tests.

• Modules/webauthn/fido/DeviceRequestConverter.cpp:

(fido::encodeMakeCredenitalRequestAsCBOR):
(fido::encodeGetAssertionRequestAsCBOR):

• Modules/webauthn/fido/Pin.cpp:

(fido::pin::RetriesResponse::parse):
(fido::pin::TokenResponse::parse):
(fido::pin::TokenRequest::tryCreate):
(fido::pin::encodeAsCBOR):

• Modules/webauthn/fido/Pin.h:
• crypto/algorithms/CryptoAlgorithmAES_CBC.h:
• crypto/gcrypt/CryptoAlgorithmAES_CBCGCrypt.cpp:

(WebCore::CryptoAlgorithmAES_CBC::platformEncrypt):
(WebCore::CryptoAlgorithmAES_CBC::platformDecrypt):

• crypto/mac/CryptoAlgorithmAES_CBCMac.cpp:

(WebCore::transformAES_CBC):
(WebCore::CryptoAlgorithmAES_CBC::platformEncrypt):
(WebCore::CryptoAlgorithmAES_CBC::platformDecrypt):

• testing/MockWebAuthenticationConfiguration.h:

(WebCore::MockWebAuthenticationConfiguration::HidConfiguration::encode const):
(WebCore::MockWebAuthenticationConfiguration::HidConfiguration::decode):

• testing/MockWebAuthenticationConfiguration.idl:

Source/WebKit:

This patch implements authenticatorClientPIN from the spec:
​https://fidoalliance.org/specs/fido-v2.0-ps-20190130/fido-client-to-authenticator-protocol-v2.0-ps-20190130.html#authenticatorClientPIN
Specifically, it implements section 5.5.1, 5.5.3, 5.5.4, 5.5.7, and 5.5.8.

Here is the flow how makeCredential/getAssertion works with a PIN in our implementation:

1. Determine if the connected authenticator has a PIN;
2. If yes, send the makeCredential/getAssertion request to the authenticator with an empty pinAuth

such that the authenticator will wink for user gestures. This step intends to confirm the authenticator
is the one the user wants to use. Otherwise, we don't know which authenticator to send the PIN
if multiple are connected;

3. Once the user confirms the authetnicator, it will return either CTAP2_ERR_PIN_INVALID or

CTAP2_ERR_PIN_AUTH_INVALID. Some authenticators return CTAP2_ERR_PIN_AUTH_INVALID even though
it is not suggested by the spec;

4. Get retries from the authenticator;
5. Get key agreement from the authenticator;
6. Ask the UI client for the PIN and at the meantime inform it the retries;
7. Get pin token from the authenticator;
8. Resend the makeCredential/getAssertion request with the desired pinAuth.

Besides implementating the above flow, this patch also fixes some bugs within the PIN commands encoder:

1. pinAuth/pinProtocol are wrongly encoded for makeCredential/getAssertion;
2. AES CBC should be called without any padding. Therefore, CryptoAlgorithmAES_CBC adds a no padding mode;
3. The sharedSecret is the SHA256 digest of the ECDH key agreement instead of the raw key agreement.

• UIProcess/API/APIWebAuthenticationPanelClient.h:

(API::WebAuthenticationPanelClient::requestPin const):

• UIProcess/WebAuthentication/Authenticator.h:
• UIProcess/WebAuthentication/AuthenticatorManager.cpp:

(WebKit::AuthenticatorManager::requestPin):

• UIProcess/WebAuthentication/AuthenticatorManager.h:
• UIProcess/WebAuthentication/Cocoa/WebAuthenticationPanelClient.h:
• UIProcess/WebAuthentication/Cocoa/WebAuthenticationPanelClient.mm:

(WebKit::WebAuthenticationPanelClient::WebAuthenticationPanelClient):
(WebKit::WebAuthenticationPanelClient::requestPin const):

• UIProcess/WebAuthentication/Mock/MockHidConnection.cpp:

(WebKit::MockHidConnection::feedReports):

• UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp:

(WebKit::CtapAuthenticator::makeCredential):
(WebKit::CtapAuthenticator::continueMakeCredentialAfterResponseReceived):
(WebKit::CtapAuthenticator::getAssertion):
(WebKit::CtapAuthenticator::continueGetAssertionAfterResponseReceived):
(WebKit::CtapAuthenticator::getRetries):
(WebKit::CtapAuthenticator::continueGetKeyAgreementAfterGetRetries):
(WebKit::CtapAuthenticator::continueRequestPinAfterGetKeyAgreement):
(WebKit::CtapAuthenticator::continueGetPinTokenAfterRequestPin):
(WebKit::CtapAuthenticator::continueRequestAfterGetPinToken):
(WebKit::CtapAuthenticator::continueMakeCredentialAfterResponseReceived const): Deleted.

• UIProcess/WebAuthentication/fido/CtapAuthenticator.h:

Tools:

• TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
• TestWebKitAPI/Tests/WebCore/CtapPinTest.cpp:

(TestWebKitAPI::TEST):

• TestWebKitAPI/Tests/WebCore/FidoTestData.h:
• TestWebKitAPI/Tests/WebKitCocoa/_WKWebAuthenticationPanel.mm:

(-[TestWebAuthenticationPanelDelegate panel:requestPINWithRemainingRetries:completionHandler:]):
(TestWebKitAPI::TEST):

• TestWebKitAPI/Tests/WebKitCocoa/web-authentication-get-assertion-hid-pin.html: Added.
• TestWebKitAPI/Tests/WebKitCocoa/web-authentication-make-credential-hid-pin-get-key-agreement-error.html: Added.
• TestWebKitAPI/Tests/WebKitCocoa/web-authentication-make-credential-hid-pin-get-pin-token-error.html: Added.
• TestWebKitAPI/Tests/WebKitCocoa/web-authentication-make-credential-hid-pin-get-retries-error.html: Added.
• TestWebKitAPI/Tests/WebKitCocoa/web-authentication-make-credential-hid-pin.html: Added.

10:34 AM Changeset in webkit [254438] by Alan Bujtas

• 4 edits in trunk

[LFC][Integration] Turn off trailing letter-space trimming for the LineBreaker content
​https://bugs.webkit.org/show_bug.cgi?id=206181
<rdar://problem/58532931>

Reviewed by Antti Koivisto.

Source/WebCore:

Do not mark trailing letter-spacing as trimmable in the "continuous content" we feed in to line breaking.
This causes different and unexpected line breaking behavior as we don't try to fit the letter-spacing after the last character.

• layout/inlineformatting/InlineLineBreaker.cpp:

(WebCore::Layout::ContinuousContent::ContinuousContent):

LayoutTests:

• platform/ios/css1/text_properties/letter_spacing-expected.txt: Undo the rebaselining.

9:52 AM Changeset in webkit [254437] by Wenson Hsieh

• 2 edits in trunk/LayoutTests

[iOS] editing/selection/ios/clear-selection-after-tap-in-large-selected-non-editable-text.html times out
​https://bugs.webkit.org/show_bug.cgi?id=206126
<rdar://problem/58060387>

Reviewed by Tim Horton.

This test is intended to verify that when ranged selection UI covers up most of the view, tapping the selection
will clear the selection instead of toggling the callout bar. However, there are a couple of issues that make
this test fail:

• The long press that is intended to select text ends up under the "Sel" in select and above the "ect" that

wraps to the next line, which causes the word to not be selected. To fix this, I changed the tap location from
the center of the view to somewhere in the top half of the view, near the middle of "Sel".

• The callout bar appears in the center of the screen with the "Look up" action in the middle, so tapping the

center of the view again causes a view controller to be presented when looking up the selected word ("Select").
We can avoid this by also moving the tap location away from the center of the view.

• On iPad, the word "Select" isn't big enough to encompass most of the screen even at 250px, so the test fails.

We fix this by making the "Select" text much bigger (500px), and then make the body overflow: hidden so that
selecting the word on iPhone's smaller screen doesn't cause scrolling.

• editing/selection/ios/clear-selection-after-tap-in-large-selected-non-editable-text.html:

9:39 AM Changeset in webkit [254436] by Brent Fulgham

• 2 edits in trunk/Source/WebKit

[iOS] Remove 'com.apple.diagnosticd' from WebContent process sandbox
​https://bugs.webkit.org/show_bug.cgi?id=206114
<rdar://problem/58496791>

Reviewed by Per Arne Vollan.

In Bug 205292 we began dynamically adding a sandbox extension for 'com.apple.diagnosticd' when needed.
We should remove the blanket permission from the sandbox.

Test: fast/sandbox/ios/sandbox-mach-lookup.html

• Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:

9:35 AM Changeset in webkit [254435] by Truitt Savell

• 2 edits in trunk/LayoutTests

Correct test expectations after r254428
​https://bugs.webkit.org/show_bug.cgi?id=206164

Unreviewed test gardening.

• platform/mac-wk1/TestExpectations:

9:19 AM Changeset in webkit [254434] by keith_miller@apple.com

• 4 edits
  1 add in trunk

CheckNeutered needs to claim it reads JSType in clobberize.
​https://bugs.webkit.org/show_bug.cgi?id=206136

Reviewed by Yusuke Suzuki.

JSTests:

• stress/check-neutered-clobberize-reads-jstype.js: Added.

(foo):

Source/JavaScriptCore:

CheckNeutered needs to read JSType otherwise it can get hoisted
past the TypedArray check guarding it.

• dfg/DFGAbstractInterpreterInlines.h:

(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):

• dfg/DFGClobberize.h:

(JSC::DFG::clobberize):

9:14 AM Changeset in webkit [254433] by Wenson Hsieh

• 7 edits in trunk/Source/WebKit

[macCatalyst] UI process crashes on launch after r254101
​https://bugs.webkit.org/show_bug.cgi?id=206156
<rdar://problem/58514942>

Reviewed by Brent Fulgham.

Fixes the crash by not soft-linking BackBoardServices in an attempt to invoke BKSDisplayBrightnessGetCurrent on
macCatalyst. Prior to r254101, this was only defined on iOS and not watchOS or tvOS; after this change, it
should be defined only on iOS, watchOS and tvOS.

• UIProcess/Cocoa/WebProcessPoolCocoa.mm:

(WebKit::WebProcessPool::registerNotificationObservers):

• UIProcess/WebProcessPool.cpp:

(WebKit::WebProcessPool::initializeNewWebProcess):

• UIProcess/WebProcessPool.h:
• WebProcess/WebProcess.h:
• WebProcess/WebProcess.messages.in:
• WebProcess/cocoa/WebProcessCocoa.mm:

9:06 AM Changeset in webkit [254432] by Diego Pino Garcia

• 2 edits in trunk/LayoutTests

[GTK] Unreviewed gardening after r254409
​https://bugs.webkit.org/show_bug.cgi?id=206150

• platform/gtk/TestExpectations:

8:09 AM Changeset in webkit [254431] by Antti Koivisto

• 4 edits in trunk

[LFC][Integration] editing/text-iterator/findString.html fails on iOS
​https://bugs.webkit.org/show_bug.cgi?id=206164

Reviewed by Zalan Bujtas.

Source/WebCore:

• rendering/line/LineLayoutTraversalDisplayRunPath.h:

(WebCore::LineLayoutTraversal::DisplayRunPath::isLastOnLine const):

The test here was reversed.

LayoutTests:

• platform/ios/TestExpectations:

8:02 AM Changeset in webkit [254430] by Antti Koivisto

• 2 edits in trunk/LayoutTests

[iOS] Unreviewed test gardening after r254428.

• platform/ios/css1/text_properties/letter_spacing-expected.txt:

7:04 AM Changeset in webkit [254429] by Alan Bujtas

• 3 edits in trunk/LayoutTests

[Win] Unreviewed test gardening after r254421.

• platform/win/css1/text_properties/text_indent-expected.txt:
• platform/win/css2.1/t1601-c547-indent-01-d-expected.txt:

4:47 AM Changeset in webkit [254428] by Antti Koivisto

• 16 edits in trunk

[LFC][Integration] Enable LFC integration
​https://bugs.webkit.org/show_bug.cgi?id=206128

Reviewed by Zalan Bujtas.

Source/WebCore:

Enable the new line layout path.

• page/RuntimeEnabledFeatures.h:

Source/WebKit:

• Shared/WebPreferences.yaml:

LayoutTests:

Rebase for some progressions.

• fast/dom/Range/getBoundingClientRect-expected.txt:
• fast/dom/Range/getBoundingClientRect.html:

Update the test for new results. These match the complex line layout results (simple lines produce wrong results).

• platform/ios/fast/text/whitespace/pre-break-word-expected.txt:
• platform/ios/fast/text/word-break-expected.txt:
• platform/mac/fast/text/hyphenate-limit-lines-expected.txt:
• platform/mac/fast/text/whitespace/pre-break-word-expected.txt:
• platform/mac/fast/text/word-break-expected.txt:

Line breaking and white-space progressions.

• platform/ios/TestExpectations:

A subtest of editing/text-iterator/findString.html fails on iOS. This needs futher analysis.

• platform/win/TestExpectations:

fast/dom/Range/getBoundingClientRect.html now fails on windows because LFC is not enabled there.

3:54 AM Changeset in webkit [254427] by Antti Koivisto

• 2 edits in trunk/Source/WebCore

[LFC][Integration] imported/blink/fast/shapes/crash-caused-by-dirtying-a-shape-while-computing-it-requires-a-long-filename-to-crash.html crashes on iOS
​https://bugs.webkit.org/show_bug.cgi?id=206151

Reviewed by Zalan Bujtas.

• layout/layouttree/LayoutTreeBuilder.cpp:

(WebCore::Layout::TreeBuilder::createLayoutBox):

LFC doesn't expect line break boxes with float set (other layout systems just ignore it).

2:14 AM Changeset in webkit [254426] by Antti Koivisto

• 7 edits in trunk/LayoutTests

[LFC][Integration] Ensure that simple line layout tests stays don't turn into LFC tests
​https://bugs.webkit.org/show_bug.cgi?id=206153

Reviewed by Zalan Bujtas.

We have a handful of SLL tests that document non-standard behaviors. Keep these SLL only with LFC enabled.

• fast/text/embed-at-end-of-pre-wrap-line-simple-lines-expected.html:
• fast/text/embed-at-end-of-pre-wrap-line-simple-lines.html:
• fast/text/simple-line-layout-leading-whitespace-with-soft-hard-linebreak-expected.html:
• fast/text/simple-line-layout-leading-whitespace-with-soft-hard-linebreak.html:
• fast/text/whitespace/pre-wrap-long-word-simple-lines-expected.html:
• fast/text/whitespace/pre-wrap-long-word-simple-lines.html:

2:11 AM Changeset in webkit [254425] by Antti Koivisto

• 2 edits in trunk/Source/WebCore

[LFC][IFC] fast/text/fast-run-width-vs-slow-run-width.html is failing
​https://bugs.webkit.org/show_bug.cgi?id=206143

Reviewed by Zalan Bujtas.

The test is constructed so that the preferred width computation produces float value that maps exactly to LayoutUnit
(usually it gets ceiled up). This get converted back to float and the same input widths are substracted from
the total during inline layout. Due to nature of floating point arithmetic this ends up producing slightly
different result and the last word doesn't fit.

• layout/inlineformatting/InlineLineBreaker.cpp:

(WebCore::Layout::LineBreaker::tryWrappingInlineContent const):

When using floats, do an additional equality comparison that accepts values within scaled float epsilon as equal.

1:31 AM Changeset in webkit [254424] by Carlos Garcia Campos

• 5 edits in trunk/Source

WebDriver: pressed virtual keys not correctly handled in action sequences
​https://bugs.webkit.org/show_bug.cgi?id=205997

Reviewed by Brian Burg.

Source/WebDriver:

We are assuming that only one virtual key can be pressed and that a key up always releases the pressed virtual
key if any. We should keep a list of pressed keys and remove them from the list when key up happens for them.

Fixes: imported/w3c/webdriver/tests/perform_actions/key_modifiers.py::test_shift_modifier_generates_capital_letters[\ue008]

imported/w3c/webdriver/tests/perform_actions/key_modifiers.py::test_shift_modifier_generates_capital_letters[\ue050]

• Session.cpp:

(WebDriver::Session::performActions):

• Session.h:

Source/WebKit:

When modifiers are present we need to translate the keys that might be affected by the modifiers.

• UIProcess/Automation/gtk/WebAutomationSessionGtk.cpp:

(WebKit::doKeyStrokeEvent):

1:27 AM Changeset in webkit [254423] by Carlos Garcia Campos

• 3 edits in trunk/Source/WebKit

Unreviewed. [GTK][WPE] Add missing autocleanup definition for WebKitInputMethodContext

I forgot to add it in r253749.

• UIProcess/API/gtk/WebKitAutocleanups.h:
• UIProcess/API/wpe/WebKitAutocleanups.h: