Context Navigation

← Previous Period
Next Period →

Timeline

Mar 17, 2020:

10:47 PM Changeset in webkit [258625] by commit-queue@webkit.org

3 edits
2 adds in trunk

Crash in CSSPrimitiveValue::cleanup
https://bugs.webkit.org/show_bug.cgi?id=208316

Patch by Pinki Gyanchandani <pgyanchandani@apple.com> on 2020-03-17
Reviewed by Ryosuke Niwa.

Source/WebCore:

Added a NULL check before calling deref() for CSSUnitType :: CSS_CALC.

During initialization of CSSCalcValue, createCSS returns nullptr when processing min() operator
and there is a category mismatch between length and percent for min() operator
as seen in this newly added test case.

Test: editing/execCommand/primitive-value-cleanup-minimal.html

css/CSSPrimitiveValue.cpp:

(WebCore::CSSPrimitiveValue::cleanup):

LayoutTests:

Added modified version of testcase attached in 208316. Minimized version provided by Ryosuke Niwa.

editing/execCommand/primitive-value-cleanup-minimal-expected.txt: Added.
editing/execCommand/primitive-value-cleanup-minimal.html: Added.

9:45 PM Changeset in webkit [258624] by clopez@igalia.com

2 edits in trunk/Source/ThirdParty/libwebrtc

[CMake] libopus 1.1 its enough for building WebKitGTK with ENABLE_WEB_RTC
https://bugs.webkit.org/show_bug.cgi?id=209209

Reviewed by Konstantin Tokarev.

Ubuntu 18.04 ships libopus 1.1.2 which its enough for building with -DENABLE_WEB_RTC=ON

CMakeLists.txt:

9:30 PM Changeset in webkit [258623] by Devin Rousso

2 edits in trunk/Source/WebInspectorUI

Web Inspector: the width of WI.TabBarItem can change if the detached window is resized
https://bugs.webkit.org/show_bug.cgi?id=209200

Reviewed by Timothy Hatcher.

UserInterface/Views/TabBar.js:

(WI.TabBar.prototype.layout):
(WI.TabBar.prototype.layout.measureWidth): Renamed from measureItemWidth.
When undocked, WI.TabBarItem grow to fill any available space. As a result, if a
WI.TabBarItem is added or removed, the width of all WI.TabBarItem will change.
Wait to measure widths until all WI.TabBarItem are un-hidden for the reason above.

9:14 PM Changeset in webkit [258622] by Devin Rousso

2 edits in trunk/Source/WebInspectorUI

Web Inspector: Network: we should prefer showing "Preserve Log" over "Group Media Requests"
https://bugs.webkit.org/show_bug.cgi?id=209199

Reviewed by Timothy Hatcher.

UserInterface/Views/NetworkTableContentView.js:

(WI.NetworkTableContentView):
Change the WI.NavigationItem.VisibilityPriority of the various WI.NavigationItem:

High:

URL filter
resource type filter
live/HAR view switcher
disable resource caching toggle

Normal:

Preserve Log checkbox
clear button

Low:

Group Media Requests checkbox
HAR import/export buttons

This way, items that have alternate ways of being triggered (e.g. keyboard shortcuts) are
hidden first, and vica versa.

8:59 PM Changeset in webkit [258621] by Devin Rousso

2 edits in trunk/Source/WebInspectorUI

Web Inspector: Sources: hovering the title of an object preview popup for a DOM node doesn't highlight it
https://bugs.webkit.org/show_bug.cgi?id=209159

Reviewed by Timothy Hatcher.

UserInterface/Views/SourceCodeTextEditor.js:

(WI.SourceCodeTextEditor.prototype._showPopoverForObject):

8:32 PM Changeset in webkit [258620] by ddkilzer@apple.com

2 edits in trunk/Source/WebKit

SharedMemory::Handle::m_size should be more consistent
<https://webkit.org/b/209007>
<rdar://problem/60340890>

Reviewed by Darin Adler.

Platform/cocoa/SharedMemoryCocoa.cpp:

(WebKit::SharedMemory::Handle::decode):

Return early if an invalid size is decoded.

(WebKit::SharedMemory::map):

Drive-by fix to change '0' to 'nullptr'.
Since all known methods of creating a SharedMemory::Handle() set SharedMemory::Handle::m_size to a value of round_page(), this means we can also change round_page(handle.m_size) to handle.m_size in the call to mach_vm_map() since we know they're equal.

8:18 PM Changeset in webkit [258619] by Lauro Moura

2 edits in trunk/LayoutTests

[WPE] Gardening

Unreviewed test gardening.

platform/wpe/TestExpectations:

8:15 PM Changeset in webkit [258618] by Lauro Moura

8 edits in trunk/LayoutTests

[WPE] Rebaseline after r258492.

Unreviewed test gardening.

platform/wpe/imported/w3c/web-platform-tests/svg/import/text-path-01-b-manual-expected.txt:
platform/wpe/imported/w3c/web-platform-tests/svg/import/text-path-02-b-manual-expected.txt:
platform/wpe/imported/w3c/web-platform-tests/svg/painting/marker-008-expected.txt:
platform/wpe/imported/w3c/web-platform-tests/svg/painting/reftests/paint-order-001-expected.txt:
platform/wpe/imported/w3c/web-platform-tests/svg/text/reftests/textpath-shape-001-expected.txt:
platform/wpe/svg/W3C-SVG-1.1/text-path-01-b-expected.txt:
platform/wpe/svg/text/text-path-01-b-expected.txt:

8:12 PM Changeset in webkit [258617] by commit-queue@webkit.org

2 edits in trunk/Source/WebKit

Unreviewed, reverting r258496.
https://bugs.webkit.org/show_bug.cgi?id=209217

Introduced sandbox regression (Requested by perarne on
#webkit).

Reverted changeset:

"[iOS] Add telemetry for message filtering"
https://bugs.webkit.org/show_bug.cgi?id=208925
https://trac.webkit.org/changeset/258496

5:45 PM Changeset in webkit [258616] by Kate Cheney

8 edits
1 add
2 deletes in trunk

Expand In-App-Browser-Privacy testing
https://bugs.webkit.org/show_bug.cgi?id=209142
<rdar://problem/60496618>

Reviewed by Darin Adler.

Source/WebKit:

Adds a testing API to check whether a navigation was classified as
app-bound.

UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView _isNavigatingToAppBoundDomain:]):

UIProcess/API/Cocoa/WKWebViewPrivate.h:
UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::isNavigatingToAppBoundDomainTesting):

UIProcess/WebPageProxy.h:

Tools:

Expanded test coverage by adding new tests and creating a custom url
scheme handler to get around the fact that local file loads are
always classified as app-bound.

TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
TestWebKitAPI/Tests/WebKitCocoa/InAppBrowserPrivacy.mm:

(-[InAppBrowserSchemeHandler webView:startURLSchemeTask:]):
If the path indicates testing user scripts on load, notify the script message
handler that the navigation has finished. If the path indicates
testing user-agent scripts, set the window.wkUserScriptInjected
variable to true. A user agent script will attempt to read this
variable and should fail.

(-[InAppBrowserSchemeHandler webView:stopURLSchemeTask:]):
(initializeInAppBrowserPrivacyTestSettings):
Basic test setup. Initialize the main run loop and make sure we are
starting with a clean state.

(TEST):
Add tests for all protocols checked in shouldBeTreatedAsAppBound,
except for blob files which must be generated within the web content.

TestWebKitAPI/Tests/WebKitCocoa/in-app-browser-privacy-local-file.html: Added.

Basic html document to test local file loads are classified as
app-bound.

TestWebKitAPI/Tests/WebKitCocoa/in-app-browser-privacy-test-user-agent-script.html: Removed.
TestWebKitAPI/Tests/WebKitCocoa/in-app-browser-privacy-test-user-script.html: Removed.

These files are no longer needed as their content is directly copied
into the URL scheme handler.

5:31 PM Changeset in webkit [258615] by Alan Coon

1 copy in tags/Safari-610.1.7.5

Tag Safari-610.1.7.5.

5:29 PM Changeset in webkit [258614] by Fujii Hironori

2 edits in trunk/Source/WebCore

SerializedScriptValue::decode should check bufferIsLargeEnoughToContain before allocating a buffer
https://bugs.webkit.org/show_bug.cgi?id=209132

Reviewed by Darin Adler.

bindings/js/SerializedScriptValue.h:

(WebCore::SerializedScriptValue::decode): Added bufferIsLargeEnoughToContain check.
Added a null check for Gigacage::tryMalloc.

5:12 PM Changeset in webkit [258613] by Chris Dumez

8 edits
3 adds in trunk

REGRESSION: [ macOS wk1 ] ASSERTION FAILED: _notifications.contains(notificationID) imported/w3c/web-platform-tests/notifications/constructor-basic.html is flaky crashing
https://bugs.webkit.org/show_bug.cgi?id=207307
<rdar://problem/59206964>

Reviewed by Alex Christensen.

Source/WebKitLegacy/mac:

WebView/WebNotification.h:
WebView/WebNotification.mm:

(-[WebNotification finalize]):

Tools:

When [MockWebNotificationProvider reset] was called at the end of the test, it would remove all
notifications from the map but not tell WebCore that the notification were discarded. As a result,
WebCore would later tell the MockWebNotificationProvider to cancel the notification but this
notification would no longer be in the map, causing us to hit an assertion in debug.

To address the issue, we now call Notification::finalize() in [MockWebNotificationProvider reset]
to let WebCore know the notification was discarded. This is similar to what is already done for
WebKit2 in WebNotificationManager::clearNotifications().

DumpRenderTree/mac/MockWebNotificationProvider.mm:

(-[MockWebNotificationProvider reset]):

LayoutTests:

Add test coverage.

http/wpt/notifications/constructor-basic-bfcache-expected.txt: Added.
http/wpt/notifications/constructor-basic-bfcache.html: Added.
platform/mac/TestExpectations:

5:06 PM Changeset in webkit [258612] by don.olmstead@sony.com

2 edits in trunk/Tools

[WinCairo][FTW] Update path to requirements download
https://bugs.webkit.org/show_bug.cgi?id=209202

Reviewed by Ross Kirsling.

Repository was renamed from WinCairoRequirements to WebKitRequirements in the
WebKitForWindows org on GitHub. Additionally the .zip file was renamed to
WebKitRequirementsWin64.zip.

Scripts/update-webkit-wincairo-libs.py:

5:01 PM Changeset in webkit [258611] by aakash_jain@apple.com

4 edits in trunk/Tools

[ews] Resubmit patches to commit-queue which were cq- by commit-queue and later cq+
https://bugs.webkit.org/show_bug.cgi?id=208920

Reviewed by Jonathan Bedard.

BuildSlaveSupport/ews-app/ews/common/buildbot.py:

(Buildbot.update_builder_name_to_id_mapping): Method to generate builder name to id mapping.
(Buildbot.fetch_pending_and_inprogress_builds): Method to fetch pendign and in-progress builds from buildbot.
(Buildbot.get_patches_in_queue): Method to fetch list of patches which are pending or are in-progress on buildbot.

BuildSlaveSupport/ews-app/ews/common/bugzilla.py:

(Bugzilla.get_cq_plus_timestamp): Get UTC timestamp when cq+ flag was set.

BuildSlaveSupport/ews-app/ews/fetcher.py:

(FetchLoop.run): Update builder name to id mapping. We just need to update it one-time, since we need the id only
for commit-queue which isn't expected to change.
(BugzillaPatchFetcher.fetch_commit_queue_patches):
(BugzillaPatchFetcher.send_patches_to_buildbot): Allow sending the patch again to commit-queue.
(BugzillaPatchFetcher.patches_to_send_to_commit_queue): Find patches which needs to be sent to commit-queue. Filter
out patches which are already waiting or in-progress on commit-queue, or whose recent build was completed after
setting cq+ flag on bugzilla.

4:32 PM Changeset in webkit [258610] by achristensen@apple.com

2 edits in trunk/Source/WebKit

Fix API tests after r258574
https://bugs.webkit.org/show_bug.cgi?id=209192

UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::printFrame):
I forgot to call the CompletionHandler from the IPC call.

4:02 PM Changeset in webkit [258609] by Chris Fleizach

3 edits
2 adds in trunk

AX: WebKit crashes with VO and keyboard support fails on encapsulated radio button components.
https://bugs.webkit.org/show_bug.cgi?id=208844
<rdar://problem/60252659>

Reviewed by Darin Adler.

Source/WebCore:

Test: accessibility/mac/crash-bounds-for-range.html

Don't access renderer if nil in getInlineBoxAndOffset.

dom/Position.cpp:

(WebCore::Position::getInlineBoxAndOffset const):

LayoutTests:

accessibility/mac/crash-bounds-for-range-expected.txt: Added.
accessibility/mac/crash-bounds-for-range.html: Added.

3:56 PM Changeset in webkit [258608] by Jacob Uphoff

2 edits in trunk/LayoutTests

[ macOS wk1 ] imported/w3c/web-platform-tests/html/semantics/embedded-content/media-elements/loading-the-media-resource/resource-selection-pointer-insert-text.html is flaky failing
https://bugs.webkit.org/show_bug.cgi?id=209201

Unreviewed test gardening.

platform/mac-wk1/TestExpectations:

3:46 PM Changeset in webkit [258607] by Alan Coon

2 edits in branches/safari-610.1.7-branch/Source/WebKit

Cherry-pick r258515. rdar://problem/60551856

[Cocoa] Crash under -[WKPreferenceObserver init]
https://bugs.webkit.org/show_bug.cgi?id=209145

Reviewed by Darin Adler.

Handle the case when calling [NSUserDefaults initWithSuiteName:] did not succeed.

No new tests, since I have not been able to reproduce.

UIProcess/Cocoa/PreferenceObserver.mm: (-[WKPreferenceObserver init]):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@258515 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3:45 PM Changeset in webkit [258606] by eric.carlson@apple.com

2 edits in trunk/Source/WebCore

TextTrackBase should validate language before setting m_validBCP47Language
https://bugs.webkit.org/show_bug.cgi?id=209094
<rdar://problem/60439603>

Unreviewed, address post-commit review comments.

html/track/TrackBase.cpp:

(WebCore::TrackBase::setLanguage): Use makeString instead of StringBuilder.

3:44 PM Changeset in webkit [258605] by Alan Coon

8 edits in branches/safari-610.1.7-branch

Cherry-pick r258518. rdar://problem/60517387

[macOS] Accessibility sandbox regressions
https://bugs.webkit.org/show_bug.cgi?id=209065
Source/WebCore/PAL:

Reviewed by Brent Fulgham.

Add Accessibility notification name.

pal/spi/cocoa/NSAccessibilitySPI.h:

Source/WebKit:

<rdar://problem/60202450>

Reviewed by Brent Fulgham.

When Accessibility is enabled, the WebContent process needs access to the preference service, since Accessibility
is relying on some advanced features of the service. Also, when CF prefs direct mode is enabled, the WebContent
sandbox needs to explicitly allow reading of the various plist files.

UIProcess/Cocoa/WebProcessPoolCocoa.mm: (WebKit::WebProcessPool::registerNotificationObservers):
WebProcess/com.apple.WebProcess.sb.in:

Tools:

Reviewed by Brent Fulgham.

TestWebKitAPI/Tests/WebKit/EnableAccessibility.mm: (TEST):
TestWebKitAPI/Tests/WebKit/GrantAccessToPreferencesService.mm: (TEST):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@258518 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3:44 PM Changeset in webkit [258604] by Alan Coon

13 edits
1 add in branches/safari-610.1.7-branch

Cherry-pick r258359. rdar://problem/60517387

[macOS] _AXSApplicationAccessibilityEnabled should not be called
https://bugs.webkit.org/show_bug.cgi?id=208953

Reviewed by Brent Fulgham.

Source/WebCore:

The function _AXSApplicationAccessibilityEnabled and the notification kAXSApplicationAccessibilityEnabledNotification
exist on macOS, but they do not have the same behavior as on iOS, and should not be used in the same way. Using this
function and notification on macOS was introduced in <https://bugs.webkit.org/show_bug.cgi?id=208690>, and this patch
partially reverts this behavior.

API test: WebKit.IsRemoteUIAppForAccessibility

testing/Internals.cpp: (WebCore::Internals::isRemoteUIAppForAccessibility):
testing/Internals.h:
testing/Internals.idl:
testing/Internals.mm: (WebCore::Internals::isRemoteUIAppForAccessibility):

Source/WebCore/PAL:

Declare method to check if the process is a remote UI app for accessibility.

pal/spi/cocoa/NSAccessibilitySPI.h:

Source/WebKit:

On macOS, stop using the function _AXSApplicationAccessibilityEnabled and listening to the notification
kAXSApplicationAccessibilityEnabledNotification, since they do not have the same behavior as on iOS.

UIProcess/Cocoa/WebProcessPoolCocoa.mm: (WebKit::WebProcessPool::platformInitializeWebProcess): (WebKit::WebProcessPool::registerNotificationObservers): (WebKit::WebProcessPool::unregisterNotificationObservers):
UIProcess/Cocoa/WebProcessProxyCocoa.mm: (WebKit::WebProcessProxy::unblockAccessibilityServerIfNeeded):
WebProcess/cocoa/WebProcessCocoa.mm: (WebKit::WebProcess::platformInitializeProcess): (WebKit::WebProcess::unblockAccessibilityServer):

Tools:

TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@258359 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3:29 PM Changeset in webkit [258603] by ysuzuki@apple.com

2 edits in trunk/Source/JavaScriptCore

[JSC] DeleteIC patchpoint in FTL should require tag and mask registers
https://bugs.webkit.org/show_bug.cgi?id=209197
<rdar://problem/60531308>

Reviewed by Tadeu Zagallo and Saam Barati.

DeleteIC patchpoint is emitting branchIfNotCell machine code. This requires a mask register
while we are not reserving them when creating a patchpoint.

In general, our IC code is assuming usual CCallHelpers environment which provides macro-assembler
scratch, tag, and mask registers. We should offer them even if IC is emitted from FTL. In this
patch, we offer tag and mask registers for Delete IC even if this IC is not currently using tag
register.

ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileDelBy):

3:04 PM Changeset in webkit [258602] by jiewen_tan@apple.com

2 edits in trunk/Source/WebKit

WebKit::LocalAuthenticator::deleteDuplicateCredential() should check buffer size before memcmp
https://bugs.webkit.org/show_bug.cgi?id=209156
<rdar://problem/60444655>

Reviewed by Alex Christensen.

Covered by existing tests.

UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm:

(WebKit::LocalAuthenticator::deleteDuplicateCredential const):

2:56 PM Changeset in webkit [258601] by Alan Coon

2 edits in branches/safari-609-branch/Source/WebKit

Apply patch. rdar://problem/60363244

Crash in com.apple.WebKit.WebContent at WebKit::WebSWClientConnection::scheduleJobInServer <rdar://problem/60363244>

Patch by Youenn Fablet <youenn@apple.com> on 2020-03-13
Reviewed by David Kilzer.

WebProcess/Storage/WebSWClientConnection.cpp: (WebKit::WebSWClientConnection::scheduleJobInServer):
Revert branch commit r256687. This RELEASE_ASSERT() was removed on trunk as part of r256578 (which was merged to this branch in r256680, then added back in r256687).

2:36 PM Changeset in webkit [258600] by Kate Cheney

4 edits in trunk/Source/WebKit

Add internal debugging when initializing an app-bound session
https://bugs.webkit.org/show_bug.cgi?id=209190
<rdar://problem/60371620>

Reviewed by Brent Fulgham.

NetworkProcess/cocoa/NetworkDataTaskCocoa.mm:

(WebKit::NetworkDataTaskCocoa::NetworkDataTaskCocoa):

NetworkProcess/cocoa/NetworkSessionCocoa.h:
NetworkProcess/cocoa/NetworkSessionCocoa.mm:

(WebKit::SessionWrapper::initialize):
(WebKit::NetworkSessionCocoa::NetworkSessionCocoa):
(WebKit::NetworkSessionCocoa::initializeEphemeralStatelessSession):
(WebKit::NetworkSessionCocoa::sessionWrapperForTask):
(WebKit::NetworkSessionCocoa::appBoundSession):
(WebKit::NetworkSessionCocoa::isolatedSession):

2:35 PM Changeset in webkit [258599] by wilander@apple.com

3 edits in trunk/Source/WebKit

Add quirk for cookie blocking latch mode ymail.com redirecting to yahoo.com under yahoo.com
https://bugs.webkit.org/show_bug.cgi?id=209193
<rdar://problem/60089022>

Reviewed by Brent Fulgham.

No new tests. Site-specific quirk tested manually on the site in question.

NetworkProcess/cocoa/NetworkDataTaskCocoa.h:
NetworkProcess/cocoa/NetworkDataTaskCocoa.mm:

(WebKit::NetworkDataTaskCocoa::unblockCookies):
(WebKit::NetworkDataTaskCocoa::needsFirstPartyCookieBlockingLatchModeQuirk const):
(WebKit::NetworkDataTaskCocoa::willPerformHTTPRedirection):

2:25 PM Changeset in webkit [258598] by Chris Dumez

3 edits in trunk/Tools

[WKTR] testRunner API that takes in a completion handler should use async IPC
https://bugs.webkit.org/show_bug.cgi?id=209187

Reviewed by John Wilander.

testRunner API that takes in a completion handler should use async IPC. This hangs
the WebProcess for no reason and can cause deadlocks if the UIProcess then tries
to IPC the WebProcess as a result of this testRunner call.

WebKitTestRunner/InjectedBundle/TestRunner.cpp:

(WTR::TestRunner::setStatisticsHasHadUserInteraction):
(WTR::TestRunner::statisticsUpdateCookieBlocking):
(WTR::TestRunner::statisticsClearInMemoryAndPersistentStore):
(WTR::TestRunner::statisticsClearInMemoryAndPersistentStoreModifiedSinceHours):
(WTR::TestRunner::statisticsClearThroughWebsiteDataRemoval):
(WTR::TestRunner::setStatisticsShouldDowngradeReferrer):
(WTR::TestRunner::setStatisticsFirstPartyWebsiteDataRemovalMode):
(WTR::TestRunner::statisticsResetToConsistentState):
(WTR::TestRunner::getAllStorageAccessEntries):
(WTR::TestRunner::removeAllSessionCredentials):
(WTR::TestRunner::getApplicationManifestThen):

WebKitTestRunner/TestInvocation.cpp:

(WTR::TestInvocation::didReceiveMessageFromInjectedBundle):
(WTR::TestInvocation::didReceiveSynchronousMessageFromInjectedBundle):

2:07 PM Changeset in webkit [258597] by Alan Coon

3 edits in branches/safari-609-branch/Source/WebKit

Apply patch. rdar://problem/60500511

2:07 PM Changeset in webkit [258596] by Alan Coon

2 edits in branches/safari-609-branch/Source/WebKit

Apply patch. rdar://problem/60433244

2:07 PM Changeset in webkit [258595] by Alan Coon

2 edits in branches/safari-609-branch/Source/WebKit

Apply patch. rdar://problem/60436975

2:06 PM Changeset in webkit [258594] by Alan Coon

2 edits in branches/safari-609-branch/Source/WebKit

Apply patch. rdar://problem/60396281

2:06 PM Changeset in webkit [258593] by Alan Coon

6 edits in branches/safari-609-branch/Source/WebKit

Apply patch. rdar://problem/60396294

2:06 PM Changeset in webkit [258592] by Alan Coon

2 edits in branches/safari-609-branch/Source/WebKit

Apply patch. rdar://problem/60430195

2:06 PM Changeset in webkit [258591] by Alan Coon

2 edits in branches/safari-609-branch/Source/JavaScriptCore

Apply patch. rdar://problem/60396286

Cherry-pick r258062. rdar://problem/60396286

2020-03-06 David Kilzer <ddkilzer@apple.com>

REGRESSION (r258038): Build failure on Windows 10 bots
<https://bugs.webkit.org/show_bug.cgi?id=208731>
<rdar://problem/59222568>

assembler/testmasm.cpp: (JSC::testCompareDouble): (JSC::testCompareDoubleSameArg): (JSC::testMoveConditionallyFloatingPoint): (JSC::testMoveConditionallyFloatingPointSameArg):
Add RELEASE_ASSERT_NOT_REACHED() statements to try to fix the bots.

2:06 PM Changeset in webkit [258590] by Alan Coon

3 edits in branches/safari-609-branch/Source/JavaScriptCore

Apply patch. rdar://problem/60396286

Cherry-pick r258038. rdar://problem/60396286

2020-03-06 Mark Lam <mark.lam@apple.com>

Fix some issues in the ARM64 moveConditionallyAfterFloatingPointCompare() and moveDoubleConditionallyAfterFloatingPointCompare().
https://bugs.webkit.org/show_bug.cgi?id=208731
<rdar://problem/59222568>

Patch by Mark Lam <mark.lam@apple.com> on 2020-03-06
Reviewed by Saam Barati.

Both the ARM64 moveConditionallyAfterFloatingPointCompare() and
moveDoubleConditionallyAfterFloatingPointCompare() had the following issues:

For the DoubleNotEqual condition, they fail to set the result register if one or both of the comparison operands is a NaN.

For the DoubleEqualOrUnordered condition, they can clobber the else case input register if one of the comparison operands is a NaN.

This patch fixes both of these, and exhaustive testmasm test cases for affected
MacroAssembler instruction emitters using these functions.

assembler/MacroAssemblerARM64.h: (JSC::MacroAssemblerARM64::moveConditionallyAfterFloatingPointCompare): (JSC::MacroAssemblerARM64::moveDoubleConditionallyAfterFloatingPointCompare):
assembler/testmasm.cpp: (JSC::testCompareDouble): (JSC::testCompareDoubleSameArg): (JSC::testMoveConditionallyFloatingPoint): (JSC::testMoveConditionallyDouble2): (JSC::testMoveConditionallyDouble3): (JSC::testMoveConditionallyDouble3DestSameAsThenCase): (JSC::testMoveConditionallyDouble3DestSameAsElseCase): (JSC::testMoveConditionallyFloat2): (JSC::testMoveConditionallyFloat3): (JSC::testMoveConditionallyFloat3DestSameAsThenCase): (JSC::testMoveConditionallyFloat3DestSameAsElseCase): (JSC::testMoveDoubleConditionallyDouble): (JSC::testMoveDoubleConditionallyDoubleDestSameAsThenCase): (JSC::testMoveDoubleConditionallyDoubleDestSameAsElseCase): (JSC::testMoveDoubleConditionallyFloat): (JSC::testMoveDoubleConditionallyFloatDestSameAsThenCase): (JSC::testMoveDoubleConditionallyFloatDestSameAsElseCase): (JSC::testMoveConditionallyFloatingPointSameArg): (JSC::testMoveConditionallyDouble2SameArg): (JSC::testMoveConditionallyDouble3SameArg): (JSC::testMoveConditionallyFloat2SameArg): (JSC::testMoveConditionallyFloat3SameArg): (JSC::testMoveDoubleConditionallyDoubleSameArg): (JSC::testMoveDoubleConditionallyFloatSameArg): (JSC::run):

2:06 PM Changeset in webkit [258589] by Alan Coon

5 edits in branches/safari-609-branch/Source/WebCore

Apply patch. rdar://problem/60396271

2:04 PM Changeset in webkit [258588] by BJ Burg

2 edits in trunk/Source/WebKit

REGRESSION(r256882): WebDriver commands that run before initial navigation do not complete
https://bugs.webkit.org/show_bug.cgi?id=209185
<rdar://problem/60010248>

Reviewed by Brian Weinstein.

No new tests, covered by w3c/webdriver/tests/back/back.py.

UIProcess/Automation/WebAutomationSession.cpp:

(WebKit::WebAutomationSession::createBrowsingContext):
Force eager creation of WebProcess when a browsing context is created. This allows
all subsequent commands that use WebProcess IPC to proceed instead of hanging.

1:52 PM Changeset in webkit [258587] by eric.carlson@apple.com

8 edits
2 adds in trunk

TextTrackBase should validate language before setting m_validBCP47Language
https://bugs.webkit.org/show_bug.cgi?id=209094
<rdar://problem/60439603>

Reviewed by Jer Noble.
Source/WebCore:

Test: media/track/track-bcp-language.html

html/track/TextTrack.idl:
html/track/TrackBase.cpp:

(WebCore::TrackBase::TrackBase): Don't set m_validBCP47Language unless the language is valid.
(WebCore::TrackBase::setLanguage): Clear m_validBCP47Language if the language is invalid.
Restructure the code to use early returns.
(WebCore::TrackBase::validBCP47Language const): Deleted.

html/track/TrackBase.h:

(WebCore::TrackBase::validBCP47Language const):

testing/Internals.cpp:

(WebCore::Internals::textTrackBCP47Language):

testing/Internals.h:
testing/Internals.idl:

LayoutTests:

media/track/track-bcp-language-expected.txt: Added.
media/track/track-bcp-language.html: Added.

1:47 PM Changeset in webkit [258586] by aakash_jain@apple.com

3 edits in trunk/Tools

[ews-app] Timestamp shown in status-bubble hover-over message is in future
https://bugs.webkit.org/show_bug.cgi?id=196628

Reviewed by Jonathan Bedard.

BuildSlaveSupport/ews-build/events.py:

(JSONProducer.json_serialize_datetime): Keep the timestamp in UTC, instead of converting it to local time zone.

BuildSlaveSupport/ews-app/ews/views/statusbubble.py:

(StatusBubble.get_all_builds_for_queue): Sort the queues based on build number instead of start time, since the
timestamps for new builds might be less than timestamps for old builds which completed immediately prior to this change.

1:46 PM Changeset in webkit [258585] by Jacob Uphoff

2 edits in trunk/LayoutTests

[ macOS wk2 ] imported/w3c/web-platform-tests/webrtc/RTCRtpReceiver-getSynchronizationSources.https.html is flaky failing
https://bugs.webkit.org/show_bug.cgi?id=209194

Unreviewed test gardening

platform/mac-wk2/TestExpectations:

1:39 PM Changeset in webkit [258584] by Alan Coon

4 edits
2 adds in branches/safari-609-branch

Cherry-pick r258459. rdar://problem/60539192

SVGMatrix should have the access right of its owner SVGTransform always
https://bugs.webkit.org/show_bug.cgi?id=207462

Reviewed by Simon Fraser.

Source/WebCore:

The SVGMatrix needs to be reattached to its owner SVGTransform when the
access right of this owner changes. The access right of the owner changes
when it gets attached to or detached from a higher level owner.

Test: svg/dom/SVGTransformList-anim-read-only.html

svg/SVGTransform.h:
svg/properties/SVGProperty.h: (WebCore::SVGProperty::attach): (WebCore::SVGProperty::detach): (WebCore::SVGProperty::reattach):

LayoutTests:

svg/dom/SVGTransformList-anim-read-only-expected.txt: Added.
svg/dom/SVGTransformList-anim-read-only.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@258459 268f45cc-cd09-0410-ab3c-d52691b4dbfc

1:39 PM Changeset in webkit [258583] by Alan Coon

3 edits
2 adds in branches/safari-609-branch

Cherry-pick r258455. rdar://problem/60539179

[Tree building] Block::attachIgnoringContinuation should allow inline tables as before child container
https://bugs.webkit.org/show_bug.cgi?id=209095
<rdar://problem/59837588>

Reviewed by Simon Fraser.

Source/WebCore:

It's perfectly valid to have an inline table as the anonymous container for the before child.
It'll get wrapped inside an anonymous block right before we insert the block box candidate, so
the final result will be something like:

new block level child (this is the child we are inserting)
anonymous block wrapper

inline table (this is the before child's inline container)

before child

Test: fast/table/before-child-is-inline-table.html

rendering/updating/RenderTreeBuilderBlock.cpp: (WebCore::RenderTreeBuilder::Block::attachIgnoringContinuation):

LayoutTests:

fast/table/before-child-is-inline-table-expected.txt: Added.
fast/table/before-child-is-inline-table.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@258455 268f45cc-cd09-0410-ab3c-d52691b4dbfc

1:39 PM Changeset in webkit [258582] by Alan Coon

2 edits in branches/safari-609-branch/Source/JavaScriptCore

Cherry-pick r258381. rdar://problem/60539195

DFG nodes that take a TypedArray's storage need to keepAlive the TypedArray
https://bugs.webkit.org/show_bug.cgi?id=209035

Reviewed by Saam Barati.

It might be possible to produce a graph where the last reference to a TypedArray
is via a GetByVal or PutByVal. Since those nodes don't create any reference to the
TypedArray in B3 we may end up not keeping the TypedArray alive until after the
storage access.

ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::compileAtomicsReadModifyWrite): (JSC::FTL::DFG::LowerDFGToB3::compileGetByVal): (JSC::FTL::DFG::LowerDFGToB3::compilePutByVal):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@258381 268f45cc-cd09-0410-ab3c-d52691b4dbfc

1:39 PM Changeset in webkit [258581] by Alan Coon

2 edits in branches/safari-609-branch/Source/WebCore

Cherry-pick r258267. rdar://problem/60539190

Consolidate detachment of document timeline into Document::commonTeardown.
https://bugs.webkit.org/show_bug.cgi?id=208786
<rdar://problem/59936716>

Patch by Jack Lee <Jack Lee> on 2020-03-11
Reviewed by Ryosuke Niwa.

Move detachment of DocumentTimeline to Document::commonTeardown().

No new tests. Covered by existing document tests.

dom/Document.cpp: (WebCore::Document::removedLastRef): (WebCore::Document::commonTeardown): (WebCore::Document::prepareForDestruction):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@258267 268f45cc-cd09-0410-ab3c-d52691b4dbfc

1:39 PM Changeset in webkit [258580] by Alan Coon

2 edits in branches/safari-609-branch/Source/WebCore

Cherry-pick r255997. rdar://problem/60495055

Incorrect TextTrack sorting with invalid BCP47 language
https://bugs.webkit.org/show_bug.cgi?id=207315

Patch by Doug Kelly <Doug Kelly> on 2020-02-06
Reviewed by Jer Noble.

When comparing TextTracks, this ensures all tracks are compared based on consistent parameters, including tracks with an invalid BCP47
language attribute.

page/CaptionUserPreferencesMediaAF.cpp: (WebCore::textTrackCompare):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255997 268f45cc-cd09-0410-ab3c-d52691b4dbfc

1:28 PM Changeset in webkit [258579] by Alan Coon

2 edits in branches/safari-609.2.1.2-branch/Source/JavaScriptCore

Cherry-pick r258381. rdar://problem/60539194

DFG nodes that take a TypedArray's storage need to keepAlive the TypedArray
https://bugs.webkit.org/show_bug.cgi?id=209035

Reviewed by Saam Barati.

It might be possible to produce a graph where the last reference to a TypedArray
is via a GetByVal or PutByVal. Since those nodes don't create any reference to the
TypedArray in B3 we may end up not keeping the TypedArray alive until after the
storage access.

ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::compileAtomicsReadModifyWrite): (JSC::FTL::DFG::LowerDFGToB3::compileGetByVal): (JSC::FTL::DFG::LowerDFGToB3::compilePutByVal):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@258381 268f45cc-cd09-0410-ab3c-d52691b4dbfc

1:28 PM Changeset in webkit [258578] by Alan Coon

2 edits in branches/safari-609.2.1.2-branch/Source/WebCore

Cherry-pick r255997. rdar://problem/60507340

Incorrect TextTrack sorting with invalid BCP47 language
https://bugs.webkit.org/show_bug.cgi?id=207315

Patch by Doug Kelly <Doug Kelly> on 2020-02-06
Reviewed by Jer Noble.

When comparing TextTracks, this ensures all tracks are compared based on consistent parameters, including tracks with an invalid BCP47
language attribute.

page/CaptionUserPreferencesMediaAF.cpp: (WebCore::textTrackCompare):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@255997 268f45cc-cd09-0410-ab3c-d52691b4dbfc

1:24 PM Changeset in webkit [258577] by Alan Coon

8 edits in branches/safari-609.2.1.2-branch/Source

Versioning.

12:52 PM Changeset in webkit [258576] by Simon Fraser

8 edits
2 moves in trunk/LayoutTests

REGRESSION (257844): fast/scrolling/scroll-container-horizontally.html is timing out
https://bugs.webkit.org/show_bug.cgi?id=209083

Unreviewed test gardening.

mac/scroll-container-horizontally.html is a wheel event test, so move it to the mac directory.

fast/scrolling/mac/scroll-container-horizontally-expected.txt: Renamed from LayoutTests/fast/scrolling/scroll-container-horizontally-expected.txt.
fast/scrolling/mac/scroll-container-horizontally.html: Renamed from LayoutTests/fast/scrolling/scroll-container-horizontally.html.
platform/gtk/TestExpectations:
platform/ios-wk1/TestExpectations:
platform/ios-wk2/TestExpectations:
platform/ios/TestExpectations:
platform/mac-wk1/TestExpectations:
platform/mac-wk2/TestExpectations:
platform/win/TestExpectations:

12:49 PM Changeset in webkit [258575] by achristensen@apple.com

2 edits in trunk/Source/WebKit

Fix GTK build.
https://bugs.webkit.org/show_bug.cgi?id=209192

UIProcess/API/glib/WebKitUIClient.cpp:

I committed r258574 too fast.

12:46 PM Changeset in webkit [258574] by achristensen@apple.com

9 edits in trunk

Add WKUIDelegatePrivate SPI _webView:printFrame:completionHandler:
https://bugs.webkit.org/show_bug.cgi?id=209192
<rdar://problem/51313336>

Reviewed by Geoff Garen.

Source/WebKit:

This is just like the existing _webView:printFrame: but you tell it when you're done instead of just returning.
Covered by API tests.

UIProcess/API/APIUIClient.h:

(API::UIClient::printFrame):

UIProcess/API/C/WKPage.cpp:

(WKPageSetPageUIClient):

UIProcess/API/Cocoa/WKUIDelegatePrivate.h:
UIProcess/Cocoa/UIDelegate.h:
UIProcess/Cocoa/UIDelegate.mm:

(WebKit::UIDelegate::setDelegate):
(WebKit::UIDelegate::UIClient::printFrame):

UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::printFrame):

Tools:

TestWebKitAPI/Tests/WebKitCocoa/UIDelegate.mm:

(-[PrintDelegateWithCompletionHandler _webView:printFrame:completionHandler:]):
(-[PrintDelegateWithCompletionHandler waitForPrintFrameCall]):
(TEST):

12:45 PM Changeset in webkit [258573] by Tadeu Zagallo

2 edits in trunk/Source/JavaScriptCore

AccessCase::canReplace should allow a Getter to replace an IntrinsicGetter
https://bugs.webkit.org/show_bug.cgi?id=209158
<rdar://problem/59222012>

Reviewed by Saam Barati.

When we override an intrinsic getter with a user defined getter, we might end up with the
same offset and attributes. In which case, an inline cache that contained an entry for the
intrisic getter will believe that it is still valid, and add a new getter access case,
leading to duplicate entries for the same structure.

bytecode/AccessCase.cpp:

(JSC::AccessCase::canReplace const):

12:39 PM Changeset in webkit [258572] by graouts@webkit.org

3 edits in trunk/LayoutTests

http/wpt/css/css-animations/start-animation-001.html is flaky failing
https://bugs.webkit.org/show_bug.cgi?id=207337
<rdar://problem/59226371>

Reviewed by Dean Jackson.

This test was written in a flaky way for two reasons:

it was using a timer to assume state in the animation engine
it was using an accelerated animation that wasn't absolutely required to as an indicator of what a non-steps based version of the tested animation would look like, but accelerated animations are notoriously hard to test for rendering purposes

We update the test to use the secondary animation as a timer so that we can test the state of animations at 200ms precisely,
and we get rid of the accelerated animation such that only the tested animation's rendering is tested.

http/wpt/css/css-animations/start-animation-001.html:
platform/mac/TestExpectations:

12:32 PM Changeset in webkit [258571] by graouts@webkit.org

2 edits in trunk/LayoutTests

REGRESSION (r258411): imported/w3c/web-platform-tests/dom/events/Event-dispatch-redispatch.html is failing consistently
https://bugs.webkit.org/show_bug.cgi?id=209175
<rdar://problem/60513114>

Unreviewed test gardening.

Actually, this test is not a pass on OpenSource iOS bots, reverting.

platform/ios-wk2/imported/w3c/web-platform-tests/dom/events/Event-dispatch-redispatch-expected.txt:

12:10 PM Changeset in webkit [258570] by Alan Coon

14 edits in branches/safari-610.1.7-branch/Source

Cherry-pick r258557. rdar://problem/60517387

[Cocoa] Disable CF prefs direct mode
https://bugs.webkit.org/show_bug.cgi?id=209166
<rdar://problem/60517387>

Reviewed by Brent Fulgham.

Revert <https://trac.webkit.org/changeset/258064> by disabling the CF prefs direct mode feature,
since it caused performance regressions.

Source/WebKit:

Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:
Shared/EntryPointUtilities/Cocoa/XPCService/XPCServiceMain.mm: (WebKit::XPCServiceMain):
UIProcess/Cocoa/PreferenceObserver.mm:
UIProcess/Cocoa/WebPageProxyCocoa.mm: (WebKit::WebPageProxy::grantAccessToPreferenceService):
UIProcess/Cocoa/WebProcessPoolCocoa.mm:
UIProcess/Cocoa/WebProcessProxyCocoa.mm:
UIProcess/WebProcessPool.h:
UIProcess/WebProcessProxy.h:
WebProcess/WebProcess.h:
WebProcess/WebProcess.messages.in:

Source/WTF:

wtf/PlatformEnable.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@258557 268f45cc-cd09-0410-ab3c-d52691b4dbfc

12:10 PM Changeset in webkit [258569] by Alan Coon

2 edits in branches/safari-610.1.7-branch/Source/WebKit

Cherry-pick r258512. rdar://problem/60517387

[Cocoa] Only set CF prefs direct mode for the WebContent process
https://bugs.webkit.org/show_bug.cgi?id=209091
<rdar://problem/60337842>

Reviewed by Brent Fulgham.

Currently, we enable CF prefs direct mode in XPCServiceMain. This is incorrect, it should only be enabled
for the WebContent process.

Shared/EntryPointUtilities/Cocoa/XPCService/XPCServiceMain.mm: (WebKit::XPCServiceMain):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@258512 268f45cc-cd09-0410-ab3c-d52691b4dbfc

12:03 PM Changeset in webkit [258568] by Alan Coon

8 edits in branches/safari-610.1.7-branch/Source

Versioning.

11:40 AM Changeset in webkit [258567] by Jason_Lawrence

2 edits in trunk/LayoutTests

[ Mac wk2 ] http/tests/IndexedDB/storage-limit.https.html is flaky failing.
https://bugs.webkit.org/show_bug.cgi?id=209189

Unreviewed test gardening.

platform/mac-wk2/TestExpectations:

11:33 AM Changeset in webkit [258566] by Chris Dumez

5 edits in trunk

Use less sync IPC for ITP testRunner methods
https://bugs.webkit.org/show_bug.cgi?id=209184

Reviewed by Alex Christensen.

WebKitTestRunner/InjectedBundle/TestRunner.cpp:

(WTR::TestRunner::setStatisticsDebugMode):
(WTR::TestRunner::setStatisticsPrevalentResourceForDebugMode):
(WTR::TestRunner::setStatisticsLastSeen):
(WTR::TestRunner::setStatisticsMergeStatistic):
(WTR::TestRunner::setStatisticsPrevalentResource):
(WTR::TestRunner::setStatisticsVeryPrevalentResource):
(WTR::TestRunner::installStatisticsDidScanDataRecordsCallback):

WebKitTestRunner/TestInvocation.cpp:

(WTR::TestInvocation::didReceiveMessageFromInjectedBundle):
(WTR::TestInvocation::didReceiveSynchronousMessageFromInjectedBundle):

11:33 AM Changeset in webkit [258565] by ddkilzer@apple.com

2 edits in trunk/Source/WebKit

REGRESSION (r258334): WebPasteboardProxy::setPasteboardBufferForType should allow zero-size buffers
<https://webkit.org/b/209167>
<rdar://problem/60516302>

Reviewed by Geoffrey Garen.

UIProcess/Cocoa/WebPasteboardProxyCocoa.mm:

(WebKit::WebPasteboardProxy::setPasteboardBufferForType):

Remove check for zero-size buffer to match WebPageProxy::dataSelectionForPasteboard().

11:31 AM Changeset in webkit [258564] by achristensen@apple.com

6 edits in trunk/Source

REGRESSION(r254856) Add exception for window.openDatabase to not masquerade as undefined in currently shipping Jesus Calling Devotional app
https://bugs.webkit.org/show_bug.cgi?id=209160
<rdar://problem/60297073>

Reviewed by Geoff Garen.

Source/WebCore:

Manually verified this fixes the app, which compares typeof openDatabase with 'undefined'
Going forward, we intend to completely remove WebSQL, so this is a temporary exception to our removal strategy.

bindings/js/JSDOMWindowCustom.cpp:

(WebCore::JSDOMWindow::openDatabase const):

platform/RuntimeApplicationChecks.h:
platform/cocoa/RuntimeApplicationChecksCocoa.mm:

(WebCore::IOSApplication::isJesusCalling):

Source/WTF:

wtf/spi/darwin/dyldSPI.h:

11:18 AM Changeset in webkit [258563] by Jason_Lawrence

3 edits in trunk/LayoutTests

[ macOS wk1 ] platform/mac/webrtc/captureCanvas-webrtc-software-encoder.html is flaky failing
https://bugs.webkit.org/show_bug.cgi?id=207150

Unreviewed test gardening.

Adjusted the test expectations to further reflect the issue.

platform/mac-wk1/TestExpectations:
platform/mac/TestExpectations:

11:17 AM Changeset in webkit [258562] by Chris Dumez

3 edits
2 adds in trunk

[WKTR] Crash when trying to open a new window in an ephemeral session test
https://bugs.webkit.org/show_bug.cgi?id=209181

Reviewed by Geoffrey Garen.

Tools:

Make sure that the new WKWebView is using the same data store as its related WKWebView.

WebKitTestRunner/cocoa/TestControllerCocoa.mm:

(WTR::TestController::platformCreateOtherPage):

LayoutTests:

Add layout test coverage.

fast/dom/window-open-ephemeral-expected.txt: Added.
fast/dom/window-open-ephemeral.html: Added.

11:07 AM Changeset in webkit [258561] by Simon Fraser

15 edits in trunk/LayoutTests

Clean up some latching tests
https://bugs.webkit.org/show_bug.cgi?id=209170

Reviewed by Antti Koivisto.

These tests were weird in various ways:

<table>s to take up space when a simple <div> would do
Mixture of js-test-pre/post and waitUntilDone/notifyDone
JS in script tag at the start of the body

Fix these things.

tiled-drawing/scrolling/fast-scroll-div-latched-div-expected.txt:
tiled-drawing/scrolling/fast-scroll-div-latched-div-with-handler-expected.txt:
tiled-drawing/scrolling/fast-scroll-div-latched-div-with-handler.html:
tiled-drawing/scrolling/fast-scroll-div-latched-div.html:
tiled-drawing/scrolling/fast-scroll-div-latched-mainframe-expected.txt:
tiled-drawing/scrolling/fast-scroll-div-latched-mainframe-with-handler.html:
tiled-drawing/scrolling/fast-scroll-div-latched-mainframe.html:
tiled-drawing/scrolling/fast-scroll-iframe-latched-iframe-expected.txt:
tiled-drawing/scrolling/fast-scroll-iframe-latched-iframe-with-handler-expected.txt:
tiled-drawing/scrolling/fast-scroll-iframe-latched-iframe-with-handler.html:
tiled-drawing/scrolling/fast-scroll-iframe-latched-iframe.html:
tiled-drawing/scrolling/fast-scroll-mainframe-zoom-expected.txt:
tiled-drawing/scrolling/fast-scroll-mainframe-zoom.html:
tiled-drawing/scrolling/scrolling-no-iframe-latching.html:

11:07 AM Changeset in webkit [258560] by Andres Gonzalez

4 edits in trunk/Source/WebCore

AXIsolatedTree removal should set all nodes to be removed on AX secondary thread.
https://bugs.webkit.org/show_bug.cgi?id=209169

Reviewed by Chris Fleizach.

AXIsolatedTree::removeTreeForPageID is called on the main thread but

it should not remove the nodes in the main thread, but instead add them
to the pending changes to be removed on the secondary thread. This was
causing the problem of empty new trees when the old tree would go away
but the client was holding a reference to an object that has been
disconnected and thus had no children.

In addition, this change fixes an isolated tree mode crash in AccessibilityMenuList.

accessibility/AXObjectCache.cpp:

(WebCore::AXObjectCache::~AXObjectCache):

accessibility/AccessibilityMenuList.cpp:

(WebCore::AccessibilityMenuList::isCollapsed const):

accessibility/isolatedtree/AXIsolatedTree.cpp:

(WebCore::AXIsolatedTree::removeTreeForPageID):

10:28 AM Changeset in webkit [258559] by Brent Fulgham

2 edits in trunk/Source/WebKit

Terminate the WebContent process when receiving invalid IPC from a WebInspector session
https://bugs.webkit.org/show_bug.cgi?id=209157
<rdar://problem/58961055>

Reviewed by Chris Dumez.

UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::backForwardGoToItemShared): Add a message check that we are not receiving
the request from a WebInspector page.
(WebKit::WebPageProxy::maybeInitializeSandboxExtensionHandle): Switch to a release assert.

10:14 AM Changeset in webkit [258558] by Jacob Uphoff

11 edits in trunk

Unreviewed, reverting r257844.

this revision caused a test to start timing out

Reverted changeset:

"(r256513) [ Mac ] fast/scrolling/programmatic-scroll-to-zero-
zero.html is a flaky failure"
https://bugs.webkit.org/show_bug.cgi?id=207948
https://trac.webkit.org/changeset/257844

9:59 AM Changeset in webkit [258557] by pvollan@apple.com

14 edits in trunk/Source

[Cocoa] Disable CF prefs direct mode
https://bugs.webkit.org/show_bug.cgi?id=209166
<rdar://problem/60517387>

Reviewed by Brent Fulgham.

Revert <https://trac.webkit.org/changeset/258064> by disabling the CF prefs direct mode feature,
since it caused performance regressions.

Source/WebKit:

Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:
Shared/EntryPointUtilities/Cocoa/XPCService/XPCServiceMain.mm:

(WebKit::XPCServiceMain):

UIProcess/Cocoa/PreferenceObserver.mm:
UIProcess/Cocoa/WebPageProxyCocoa.mm:

(WebKit::WebPageProxy::grantAccessToPreferenceService):

UIProcess/Cocoa/WebProcessPoolCocoa.mm:
UIProcess/Cocoa/WebProcessProxyCocoa.mm:
UIProcess/WebProcessPool.h:
UIProcess/WebProcessProxy.h:
WebProcess/WebProcess.h:
WebProcess/WebProcess.messages.in:

Source/WTF:

wtf/PlatformEnable.h:

9:50 AM Changeset in webkit [258556] by Jason_Lawrence

2 edits in trunk/LayoutTests

[ Mac wk2 ] webrtc/concurrentVideoPlayback.html is flaky timing out.
https://bugs.webkit.org/show_bug.cgi?id=209183

unreviewed test gardening.

platform/mac-wk2/TestExpectations:

9:47 AM Changeset in webkit [258555] by Jason_Lawrence

2 edits in trunk/LayoutTests

Unreviewed, reverting r258554.

Incorrect expectations set.

Reverted changeset:

"[ Mac wk2 ] webrtc/concurrentVideoPlayback.html is flaky
timing out."
https://bugs.webkit.org/show_bug.cgi?id=209183
https://trac.webkit.org/changeset/258554

9:43 AM Changeset in webkit [258554] by Jason_Lawrence

2 edits in trunk/LayoutTests

[ Mac wk2 ] webrtc/concurrentVideoPlayback.html is flaky timing out.
https://bugs.webkit.org/show_bug.cgi?id=209183

Unreviewed test gardening.

platform/mac-wk2/TestExpectations:

9:20 AM Changeset in webkit [258553] by commit-queue@webkit.org

6 edits
1 copy
5 adds in trunk/LayoutTests

Update wpt tests imported/w3c/web-platform-tests/html/rendering/non-replaced-elements/the-page
https://bugs.webkit.org/show_bug.cgi?id=209178

Patch by Frederic Wang <fwang@igalia.com> on 2020-03-17
Reviewed by Rob Buis.

LayoutTests/imported/w3c:

resources/resource-files.json:
web-platform-tests/html/rendering/non-replaced-elements/the-page/iframe-scrolling-attribute-expected.html: Added.
web-platform-tests/html/rendering/non-replaced-elements/the-page/iframe-scrolling-attribute-values-expected.html: Added.
web-platform-tests/html/rendering/non-replaced-elements/the-page/iframe-scrolling-attribute-values.html: Added.
web-platform-tests/html/rendering/non-replaced-elements/the-page/iframe-scrolling-attribute.html: Added.
web-platform-tests/html/rendering/non-replaced-elements/the-page/support/big-page.html: Added.
web-platform-tests/html/rendering/non-replaced-elements/the-page/support/w3c-import.log:
web-platform-tests/html/rendering/non-replaced-elements/the-page/w3c-import.log:

LayoutTests:

This imports a new test for bug 208570.

TestExpectations: These tests fails for now.

9:18 AM Changeset in webkit [258552] by Jason_Lawrence

2 edits in trunk/LayoutTests

[ Mac wk1 Debug] inspector/debugger/setShouldBlackboxURL.html is flaky failing.
https://bugs.webkit.org/show_bug.cgi?id=209182

Unreviewed test gardening.

platform/mac-wk1/TestExpectations:

8:48 AM Changeset in webkit [258551] by Jason_Lawrence

2 edits in trunk/LayoutTests

[ Mac wk1 ] inspector/script-profiler/event-type-Other.html is flaky failing.
https://bugs.webkit.org/show_bug.cgi?id=209180

Unreviewed test gardening.

platform/mac-wk1/TestExpectations:

8:39 AM Changeset in webkit [258550] by Devin Rousso

2 edits in trunk/Source/WebInspectorUI

REGRESSION(r257759): Web Inspector: Settings icon sometimes placed below the tab bar
https://bugs.webkit.org/show_bug.cgi?id=208603
<rdar://problem/60108967>

Reviewed by Brian Burg.

UserInterface/Views/TabBar.js:

(WI.TabBar.prototype.layout):
Don't take into account the width of the flexible space before or after the normal tab bar
items since they will shrink to fit (the container is using display: flex;). Instead, use
determine the available space by subtracting the width of every WI.PinnedTabBarItem from
the realOffsetWidth of the container, comparing against the sum of the realOffsetWidth
of all WI.GeneralTabBarItem. If the sum is greater than the available space, successively
mark items from the end (right in LTR, left in RTL) as hidden until the remaining will fit.

8:36 AM Changeset in webkit [258549] by commit-queue@webkit.org

32 edits in trunk/Source

Unreviewed, reverting r258339.
https://bugs.webkit.org/show_bug.cgi?id=209179

"Is it sometimes breaking rendering" (Requested by youenn on
#webkit).

Reverted changeset:

"FrameLoader should own its FrameLoaderClient"
https://bugs.webkit.org/show_bug.cgi?id=208918
https://trac.webkit.org/changeset/258339

8:19 AM Changeset in webkit [258548] by commit-queue@webkit.org

2 edits
2 adds in trunk/LayoutTests

pointerevents/ios/touch-action-none-link-traversal.html times out
https://bugs.webkit.org/show_bug.cgi?id=209177
<rdar://problem/60393055>

Patch by Antoine Quint <Antoine Quint> on 2020-03-17
Reviewed by Antti Koivisto.

pointerevents/ios/resources/touch-action-none-link-traversal-resource.html: Added.
pointerevents/ios/touch-action-none-link-traversal.html:

7:56 AM Changeset in webkit [258547] by Philippe Normand

30 edits
1 add in trunk

RELEASE_LOG should not be Cocoa specific
https://bugs.webkit.org/show_bug.cgi?id=195182

Reviewed by Konstantin Tokarev.

Add a Systemd Journald Logger implementation, enabled by default
in the GTK and WPE ports. When this is enabled, release logs will
be sent to the Systemd Journal. To retrieve media logs for
instance, this command can be used:

$ journalctl WEBKIT_SUBSYSTEM=WebKitGTK WEBKIT_CHANNEL=Media

Source/cmake/FindSystemd.cmake: Added.
Source/cmake/OptionsGTK.cmake:
Source/cmake/OptionsWPE.cmake:

Source/WebCore:

WPE/GTK build fixes related with Release logging support.

bridge/npruntime_internal.h:
dom/ScriptedAnimationController.cpp:

(WebCore::throttlingReasonToString):

page/PerformanceLogging.cpp:

(WebCore::toString):

page/PerformanceMonitor.cpp:

(WebCore::stringForCPUSamplingActivityState):

platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

(WebCore::MediaPlayerPrivateGStreamer::MediaPlayerPrivateGStreamer):
(WebCore::MediaPlayerPrivateGStreamer::logChannel const):

platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:

(WebCore::MediaPlayerPrivateGStreamer::mediaPlayerLogIdentifier):
(WebCore::MediaPlayerPrivateGStreamer::mediaPlayerLogger):

platform/graphics/gstreamer/eme/CDMProxyClearKey.cpp:

(WebCore::CDMProxyClearKey::cencDecryptSubsampled):
(WebCore::CDMProxyClearKey::initializeGcrypt):

platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.h:
platform/graphics/gstreamer/mse/MediaSourceGStreamer.cpp:

(WebCore::MediaSourceGStreamer::MediaSourceGStreamer):
(WebCore::MediaSourceGStreamer::~MediaSourceGStreamer):
(WebCore::MediaSourceGStreamer::addSourceBuffer):
(WebCore::MediaSourceGStreamer::logChannel const):

platform/graphics/gstreamer/mse/MediaSourceGStreamer.h:
platform/graphics/gstreamer/mse/SourceBufferPrivateGStreamer.cpp:

(WebCore::SourceBufferPrivateGStreamer::SourceBufferPrivateGStreamer):
(WebCore::SourceBufferPrivateGStreamer::logChannel const):

platform/graphics/gstreamer/mse/SourceBufferPrivateGStreamer.h:
platform/mediastream/AudioMediaStreamTrackRenderer.cpp:
platform/mediastream/libwebrtc/LibWebRTCProvider.cpp:

(WebCore::computeLogLevel):

platform/network/soup/NetworkStorageSessionSoup.cpp:

(WebCore::NetworkStorageSession::getRawCookies const):

Source/WTF:

Add sd-journal logging support and wrap the os_log calls with the USE(OS_LOG) guard.

wtf/Assertions.cpp:
wtf/Assertions.h:
wtf/Logger.h:

(WTF::Logger::log):

wtf/MemoryPressureHandler.cpp:

(WTF::toString):

wtf/PlatformGTK.cmake:
wtf/PlatformWPE.cmake:
wtf/RefCountedLeakCounter.cpp:

4:45 AM Changeset in webkit [258546] by graouts@webkit.org

2 edits in trunk/LayoutTests

REGRESSION (r258411): imported/w3c/web-platform-tests/dom/events/Event-dispatch-redispatch.html is failing consistently
https://bugs.webkit.org/show_bug.cgi?id=209175
<rdar://problem/60513114>

Unreviewed test gardening.

Following r258411 this test is a PASS on iOS. Adjusting the expectation.

platform/ios-wk2/imported/w3c/web-platform-tests/dom/events/Event-dispatch-redispatch-expected.txt:

3:59 AM WebKitGTK/2.28.x edited by Philippe Normand

(diff)

3:50 AM Changeset in webkit [258545] by youenn@apple.com

5 edits in trunk

Safari doesn't insert mDNS candidates to SDP
https://bugs.webkit.org/show_bug.cgi?id=209050
<rdar://problem/60419936>

Reviewed by Eric Carlson.

Source/WebCore:

Instead of removing host candidate lines in SDP, replace the host IP address by the corresponding mDNS name.
Covered by updated test.

Modules/mediastream/PeerConnectionBackend.cpp:

(WebCore::extractIPAddress):
(WebCore::PeerConnectionBackend::filterSDP const):
(WebCore::PeerConnectionBackend::finishedRegisteringMDNSName):

Modules/mediastream/PeerConnectionBackend.h:

LayoutTests:

webrtc/datachannel/mdns-ice-candidates.html:

3:42 AM Changeset in webkit [258544] by Alexey Shvayka

1 edit
2 adds in trunk/LayoutTests

Sync web-platform-tests/css/css-cascade from upstream
https://bugs.webkit.org/show_bug.cgi?id=209150

Unreviewed test gardening.

platform/ios/imported/w3c/web-platform-tests/css/css-cascade: Added.
platform/ios/imported/w3c/web-platform-tests/css/css-cascade/all-prop-initial-xml-expected.txt: Added.

3:14 AM Changeset in webkit [258543] by Alexey Shvayka

4 edits
41 adds in trunk/LayoutTests

Sync web-platform-tests/css/css-cascade from upstream
https://bugs.webkit.org/show_bug.cgi?id=209150

Reviewed by Youenn Fablet.

Sync web-platform-tests/css/css-cascade from upstream ec2bf5a86c00.

LayoutTests/imported/w3c:

resources/import-expectations.json:
web-platform-tests/css/css-cascade/*: Added.

LayoutTests:

TestExpectations:

2:36 AM Changeset in webkit [258542] by Philippe Normand

5 edits in trunk/Source/WebCore

[GStreamer][MSE] Playback rate update support
https://bugs.webkit.org/show_bug.cgi?id=208454

Reviewed by Xabier Rodriguez-Calvar.

Implement playback rate update support for the MSE player. Also
includes drive-by logging cleanups.

platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

(WebCore::MediaPlayerPrivateGStreamer::updatePlaybackRate):
(WebCore::MediaPlayerPrivateGStreamer::setRate):
(WebCore::MediaPlayerPrivateGStreamer::setPreservesPitch):

platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:

(WebCore::MediaPlayerPrivateGStreamer::pipeline const):

platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp:

(WebCore::MediaPlayerPrivateGStreamerMSE::seek):
(WebCore::MediaPlayerPrivateGStreamerMSE::doSeek):
(WebCore::MediaPlayerPrivateGStreamerMSE::maybeFinishSeek):
(WebCore::MediaPlayerPrivateGStreamerMSE::seekCompleted):
(WebCore::MediaPlayerPrivateGStreamerMSE::updatePlaybackRate): Deleted.
(WebCore::MediaPlayerPrivateGStreamerMSE::setRate): Deleted.

platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.h:

Mar 16, 2020:

10:27 PM Changeset in webkit [258541] by Simon Fraser

6 edits in trunk

Remove the zero-delay ScrollingCoordinatorMac commit timer
https://bugs.webkit.org/show_bug.cgi?id=209164

Reviewed by Zalan Bujtas.

Source/WebCore:

The scrolling tree on macOS should just commit at rendering update time. There's no need
for a separate zero-delay timer.

Tested by existing tests.

page/scrolling/mac/ScrollingCoordinatorMac.h:
page/scrolling/mac/ScrollingCoordinatorMac.mm:

(WebCore::ScrollingCoordinatorMac::ScrollingCoordinatorMac):
(WebCore::ScrollingCoordinatorMac::pageDestroyed):
(WebCore::ScrollingCoordinatorMac::scheduleTreeStateCommit):
(WebCore::ScrollingCoordinatorMac::commitTreeStateIfNeeded):
(WebCore::ScrollingCoordinatorMac::commitTreeState): Deleted.

LayoutTests:

Dumping layers just made this test flakey. It's enough to test for scroll events on the overflow.

tiled-drawing/scrolling/fast-scroll-div-latched-mainframe-expected.txt:
tiled-drawing/scrolling/fast-scroll-div-latched-mainframe.html:

10:22 PM Changeset in webkit [258540] by ysuzuki@apple.com

3 edits in trunk/Source/JavaScriptCore

[JSC] JSMapIterator and JSSetIterator are CellType
https://bugs.webkit.org/show_bug.cgi?id=209168
<rdar://problem/59705631>

Reviewed by Saam Barati.

They are JSCell, not JSObject since they are not used as a user-observable set/map iterators in JSC.
However, their JSType is ObjectType. They should use CellType instead.

runtime/JSMapIterator.h:
runtime/JSSetIterator.h:

10:09 PM Changeset in webkit [258539] by Simon Fraser

5 edits in trunk/Source

Add a bit more UIHitTesting logging, and make it possible to dump EventRegions from WebKit
https://bugs.webkit.org/show_bug.cgi?id=209058

Reviewed by Antti Koivisto.

Source/WebCore:

Export operator<<(TextStream&, const EventRegion&) so it can be used from Webkit.

rendering/EventRegion.h:

Source/WebKit:

Add a UIHitTesting log.

UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView gestureRecognizer:shouldReceiveTouch:]):

9:44 PM Changeset in webkit [258538] by timothy_horton@apple.com

2 edits in trunk/Source/WebCore

Remove a 'using namespace WebCore' in MediaSessionManagerCocoa
https://bugs.webkit.org/show_bug.cgi?id=209162

Reviewed by Simon Fraser.

platform/audio/cocoa/MediaSessionManagerCocoa.mm:

Unified source cleanliness. Not currently causing any trouble, but
it did when I changed something locally!

7:30 PM WebKitGTK/2.28.x edited by clopez@igalia.com

(diff)

6:32 PM Changeset in webkit [258537] by Lauro Moura

3 edits in trunk/LayoutTests

WPE and GTK gardening.

Unreviewed test gardening.

platform/gtk/TestExpectations:
platform/wpe/TestExpectations:

6:01 PM Changeset in webkit [258536] by Nikita Vasilyev

2 edits in trunk/Source/WebInspectorUI

REGRESSION(r257380): Web Inspector: deleting node causes TreeOutline to lose focus
https://bugs.webkit.org/show_bug.cgi?id=208364
<rdar://problem/59871772>

Reviewed by Devin Rousso.

Maintain keyboard focus within TreeOutline when selection changes.

UserInterface/Views/TreeElement.js:

(WI.TreeElement.prototype.select):

5:32 PM Changeset in webkit [258535] by Alan Coon

1 copy in tags/Safari-610.1.7.4

Tag Safari-610.1.7.4.

5:31 PM Changeset in webkit [258534] by Alan Coon

8 edits in branches/safari-610.1.7-branch/Source

Versioning.

5:30 PM Changeset in webkit [258533] by achristensen@apple.com

2 edits in trunk/Source/WebCore/PAL

Build fix.

https://bugs.webkit.org/show_bug.cgi?id=208951

pal/spi/cocoa/AVFoundationSPI.h:

r258314 was missing a nullability annotation.

5:14 PM Changeset in webkit [258532] by rniwa@webkit.org

3 edits
2 adds in trunk

A change event gets dispatched when textarea gets changed without focus
https://bugs.webkit.org/show_bug.cgi?id=202144

Patch by ChangSeok Oh <ChangSeok Oh> on 2020-03-16
Reviewed by Ryosuke Niwa.

Source/WebCore:

A crash happens in WebCore::ValidationMessage::buildBubbleTree. An immediate reason
is that DOM tree is modified in buildBubbleTree triggered by a timer.
The function calls document.updateLayout() that causes a change event
for textarea to fire when something changed in the textarea.
This bug is not reproduced on Mac because buildBubbleTree is not called.
See ValidationMessage::setMessage.
On the other hand, the root cause of this issue is triggering the change event
for textarea even if it is not focused when a change is made. This behavior
is different to what Gecko and Chromium do. When loading the test, they do not
trigger the change event although the textarea is filled by the script
since the textarea is not focused. Only when we manually make a change (meaning
the textarea is focused by user input), the event gets dispatched. To fix it,
setChangedSinceLastFormControlChangeEvent(true) is moved below the focus check
in HTMLTextAreaElement::subtreeHasChanged();

Test: fast/forms/textfield-onchange-without-focus.html

html/HTMLTextAreaElement.cpp:

(WebCore::HTMLTextAreaElement::subtreeHasChanged):

LayoutTests:

The test should be identical to the extected result without crash.

fast/forms/textfield-onchange-without-focus-expected.html: Added.
fast/forms/textfield-onchange-without-focus.html: Added.

5:12 PM Changeset in webkit [258531] by keith_miller@apple.com

13 edits
1 add in trunk

JavaScript identifier grammar supports unescaped astral symbols, but JSC doesn’t
https://bugs.webkit.org/show_bug.cgi?id=208998

Reviewed by Michael Saboff.

JSTests:

stress/unicode-identifiers-with-surrogate-pairs.js: Added.

(let.c.of.chars.eval.foo):
(throwsSyntaxError):
(let.c.of.continueChars.throwsSyntaxError.foo):

Source/JavaScriptCore:

This patch fixes a bug in the parser that allows for surrogate pairs when parsing identifiers.
It also makes a few other changes to the parser:

1) When looking for keywords we just need to check that subsequent
character cannot be a identifier part or an escape start.

2) The only time we call parseIdentifierSlowCase is when we hit an
escape start or a surrogate pair so we can optimize that to just
copy everything up slow character into our buffer.

3) We shouldn't allow for asking if a UChar is an identifier start/part.

KeywordLookupGenerator.py:

(Trie.printSubTreeAsC):
(Trie.printAsC):

parser/Lexer.cpp:

(JSC::isNonLatin1IdentStart):
(JSC::isIdentStart):
(JSC::isSingleCharacterIdentStart):
(JSC::cannotBeIdentStart):
(JSC::isIdentPart):
(JSC::isSingleCharacterIdentPart):
(JSC::cannotBeIdentPartOrEscapeStart):
(JSC::Lexer<LChar>::currentCodePoint const):
(JSC::Lexer<UChar>::currentCodePoint const):
(JSC::Lexer<LChar>::parseIdentifier):
(JSC::Lexer<UChar>::parseIdentifier):
(JSC::Lexer<CharacterType>::parseIdentifierSlowCase):
(JSC::Lexer<T>::lexWithoutClearingLineTerminator):
(JSC::Lexer<T>::scanRegExp):
(JSC::isIdentPartIncludingEscapeTemplate): Deleted.
(JSC::isIdentPartIncludingEscape): Deleted.

parser/Lexer.h:

(JSC::Lexer::setOffsetFromSourcePtr): Deleted.

parser/Parser.cpp:

(JSC::Parser<LexerType>::printUnexpectedTokenText):

parser/ParserTokens.h:

Source/WTF:

wtf/text/WTFString.cpp:

(WTF::String::fromCodePoint):

wtf/text/WTFString.h:

LayoutTests:

Fix broken test that asserted a non-ID_START codepoint was a start codepoint and
an ID_START codepoint was not a valid codepoint...

js/script-tests/unicode-escape-sequences.js:
js/unicode-escape-sequences-expected.txt:

5:03 PM Changeset in webkit [258530] by Chris Dumez

2 edits in trunk/Source/WebKit

Crash under WebCookieCache::clearForHost()
https://bugs.webkit.org/show_bug.cgi?id=209149
<rdar://problem/60453086>

Reviewed by Darin Adler.

Alternative fix for Bug 209149 based on comments from Darin.

WebProcess/WebPage/WebCookieCache.cpp:

(WebKit::WebCookieCache::clearForHost):
(WebKit::WebCookieCache::pruneCacheIfNecessary):

4:56 PM Changeset in webkit [258529] by timothy_horton@apple.com

2 edits in trunk/Source/WebKit

Fix the macCatalyst build after r258525

WebProcess/WebPage/Cocoa/TextCheckingControllerProxy.mm:

(WebKit::TextCheckingControllerProxy::annotatedSubstringBetweenPositions):

4:34 PM Changeset in webkit [258528] by Simon Fraser

6 edits in trunk/Source/WebCore

Update touch event regions once per frame
https://bugs.webkit.org/show_bug.cgi?id=209153

Reviewed by Zalan Bujtas.

Call document->updateTouchEventRegions() once at the end of Page::updateRendering() instead
of relying on a timer.

Also rename the functions called from Internal to make it clear they are testing-only.

Page::scrollingStateTreeAsText() needs to eagerly update event regions because they are input
to the scrolling tree.

dom/Document.cpp:

(WebCore::Document::Document):

page/Page.cpp:

(WebCore::Page::scrollingStateTreeAsText):
(WebCore::Page::touchEventRectsForEventForTesting):
(WebCore::Page::passiveTouchEventListenerRectsForTesting):
(WebCore::Page::doAfterUpdateRendering):
(WebCore::Page::touchEventRectsForEvent): Deleted.
(WebCore::Page::passiveTouchEventListenerRects): Deleted.

page/Page.h:
page/scrolling/ScrollingCoordinator.cpp:

(WebCore::ScrollingCoordinator::absoluteEventTrackingRegionsForFrame const):

testing/Internals.cpp:

(WebCore::Internals::touchEventRectsForEvent):
(WebCore::Internals::passiveTouchEventListenerRects):

4:16 PM Changeset in webkit [258527] by Justin Michaud

2 edits in trunk/Tools

Add personal email to Tools/Scripts/webkitpy/common/config/contributors.json
https://bugs.webkit.org/show_bug.cgi?id=209151

Reviewed by Yusuke Suzuki.

Scripts/webkitpy/common/config/contributors.json:

4:12 PM Changeset in webkit [258526] by Jason_Lawrence

2 edits in trunk/LayoutTests

[ Mac wk1 ] http/tests/security/clipboard/copy-paste-html-cross-origin-iframe-across-origin.html is flaky failing.
https://bugs.webkit.org/show_bug.cgi?id=209154

Unreviewed test gardening.

platform/mac-wk1/TestExpectations:

4:02 PM Changeset in webkit [258525] by Darin Adler

45 edits
1 delete in trunk/Source

Move most of TextIterator off of live ranges
https://bugs.webkit.org/show_bug.cgi?id=209129

Reviewed by Antti Koivisto.

Source/WebCore:

Change almost all arguments and return values of functions in TextIterator.h to use SimpleRange instead of live ranges. Exceptions are an overload of plainText TextIterator::rangeLength, TextIterator::rangeFromLocationAndLength, TextIterator::getLocationAndLengthFromRange, and TextIterator::subrange. Those five are a little trickier to convert, so I will do them each in separate patches.

Go with the flow in adding an include of Node.h to BoundaryPoint.h. I had avoided this in the initial version, but now it seems practical to just leave it that way. This led to removing BoundaryPoint.cpp and moving all functions to the header.

Converted many member functions of the Position class from using int to unsigned for offsets. The DOM specifies unsigned for offsets, but for some reason we used int for them a lot historically, even though negative numbers don't make sense. New classes like StaticRange, SimpleRange, and BoundaryPoint are already using unsigned exclusively and we'll eventually convert everything.

Remove includes of SimpleRange.h from files that also include TextIterator.h, now that TextIterator.h pulls it in.

Sources.txt: Removed BoundaryPoint.cpp.
WebCore.xcodeproj/project.pbxproj: Ditto.

accessibility/AXObjectCache.cpp:

(WebCore::AXObjectCache::traverseToOffsetInRange): Updated to pass a reference
to a range rather than a pointer, after null-checking it.
(WebCore::AXObjectCache::lengthForRange): Ditto.
(WebCore::AXObjectCache::nextBoundary): Ditto.
(WebCore::AXObjectCache::previousBoundary): Ditto.

accessibility/AccessibilityObject.cpp:

(WebCore::AccessibilityObject::stringForRange const): Ditto.
(WebCore::AccessibilityObject::stringForVisiblePositionRange): Ditto.
(WebCore::AccessibilityObject::lengthForVisiblePositionRange const): Ditto.

accessibility/AccessibilityObjectInterface.h: Removed an extra include.

accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:

(-[WebAccessibilityObjectWrapper arrayOfTextForTextMarkers:attributed:]):
Updated to pass a reference to a range rather than a pointer, after null-checking it.

accessibility/mac/WebAccessibilityObjectWrapperMac.mm:

(-[WebAccessibilityObjectWrapper doAXAttributedStringForTextMarkerRange:spellCheck:]): Ditto.

dom/BoundaryPoint.cpp: Removed.

dom/BoundaryPoint.h: Removed redundant includes and forward declarations

since we're now committing to including "Node.h" here. Moved functions
all out of the .cpp file and made them inlines.

dom/DocumentMarkerController.cpp:

(WebCore::DocumentMarkerController::collectTextRanges): Pass a reference to
a range instead of a pointer.

dom/Position.cpp:

(WebCore::Position::Position): Take unsigned.
(WebCore::Position::moveToPosition): Ditto.
(WebCore::Position::moveToOffset): Ditto.
(WebCore::Position::parentAnchoredEquivalent const): Cast to unsigned.
(WebCore::Position::anchorTypeForLegacyEditingPosition): Take unsigned.
(WebCore::Position::previous const): Use unsigned.
(WebCore::Position::next const): Ditto.
(WebCore::Position::uncheckedPreviousOffset): Take unsigned.
(WebCore::Position::uncheckedPreviousOffsetForBackwardDeletion): Ditto.
(WebCore::Position::uncheckedNextOffset): Ditto.
(WebCore::Position::atLastEditingPositionForNode const): Cast to unsigned.
(WebCore::Position::atEndOfTree const): Ditto.
(WebCore::Position::rendersInDifferentPosition const): Added casts to
unsigned and also removed unneeded redundant checks. In a place where
we had already checked that both nodes were the same and both offsets
were different, we were checking the types of both nodes (but they are
the same so only need to check one) and we were checking that both
offsets were different (but we already knew they were different).
(WebCore::searchAheadForBetterMatch): Use unsigned.
(WebCore::Position::getInlineBoxAndOffset const): Ditto.
(WebCore::Position::equals const): Removed a cast to int.
(WebCore::makeBoundaryPoint): Moved this function here so now it can be
used in more places.

dom/Position.h: Changed many argument types to unsigned. Moved declarations

of all the functions up above all the inline implementations of the functions
to separate interface from implementation a bit better. Wrote a FIXME about
the name createLegacyEditingPosition. Moved makeBoundaryPoint here and exported
it from WebCore so we can use it from more places.

dom/Range.cpp:

(WebCore::createLiveRange): Moved these functions here from SimpleRange.cpp
because a live range is more advanced concept, so makes more sense for live
range to know about simple range rather than vice versa.

dom/Range.h: Removed some unneeded includes and forward declarations.

Added a FIXME about renaming to LiveRange. Moved the createLiveRange
functions here. Moved declarations of functions above inline function bodies.

dom/SimpleRange.cpp:

(WebCore::createLiveRange): Moved to Range.cpp.

dom/SimpleRange.h: Exported the constructor. Removed unneeded overload

that takes a Range*.

editing/ApplyStyleCommand.cpp:

(WebCore::ApplyStyleCommand::mergeStartWithPreviousIfIdentical):
Refactored code a bit and use unsigned.
(WebCore::ApplyStyleCommand::mergeEndWithNextIfIdentical): Use unsigned.

editing/Editing.cpp:

(WebCore::visibleImageElementsInRangeWithNonLoadedImages): Use a reference
to a range rather than a pointer.

editing/Editing.h: Added a forward declaration of Range that now seems to

be needed to compile.

editing/Editor.cpp:

(WebCore::Editor::selectedText const): Call makeBoundaryPoint twice here to
convert two Position objects into a SimpleRange.

editing/HTMLInterchange.cpp: Removed some extra includes.

(WebCore::convertHTMLTextToInterchangeFormat): Use variadic
StringBuilder::append.

editing/TextIterator.cpp:

(WebCore::firstNode): Added. We use this instead of Range::firstNode.
If we find we need it outside TextIterator we can find a header for it.
Not sure it would be great to add it to in BoundaryPoint.h, nor is it
obviously better as a BoundaryPoint member function.
(WebCore::TextIterator::TextIterator): Cut down on the extra constructors
and have the single remaining one take a SimpleRange.
(WebCore::SimplifiedBackwardsTextIterator::SimplifiedBackwardsTextIterator):
Ditto. Also change some int to unsigned.
(WebCore::CharacterIterator::CharacterIterator): Ditto.
(WebCore::BackwardsCharacterIterator::BackwardsCharacterIterator): Ditto.
(WebCore::WordAwareIterator::WordAwareIterator): Ditto.
(WebCore::TextIterator::rangeLength): Since this is one of the functions
that still takes a live range pointer, updated it to check for null and
pass a reference rather than a pointer.
(WebCore::TextIterator::rangeFromLocationAndLength): Ditto.
(WebCore::hasAnyPlainText): Removed now-unneeded call to createLiveRange.
(WebCore::plainText): Updated the main implementation to take a SimpleRange,
eliminating the version that takes two Position objects, but keeping the
one that takes a live range pointer for now.
(WebCore::plainTextReplacingNoBreakSpace): Removed all but the one, and
have that one take a SimpleRange.

editing/TextIterator.h: Removed the include of SimpleRange.h. Also

Updated for the changes above, eliminating five different constructors
that take a live range and also overloads that take two Position objects.

editing/TextManipulationController.cpp:

(WebCore::ParagraphContentIterator::ParagraphContentIterator):
Call makeBoundaryPoint twice here to convert two Position objects into
a SimpleRange.

editing/VisibleSelection.cpp: Removed an include.

editing/VisibleUnits.cpp:

(WebCore::suffixLengthForRange): Pass a reference to a range known to
not be null.
(WebCore::previousBoundary): Ditto.
(WebCore::nextBoundary): Ditto.

editing/cocoa/DataDetection.mm:

(WebCore::buildQuery): Take a SimpleRange.
(WebCore::DataDetection::detectContentInRange): Added a null check on
a live range and pass a reference to it.

editing/cocoa/DictionaryLookup.mm:

(WebCOre::DictionaryLookup::rangeAtHitTestResult): Ditto.

editing/cocoa/HTMLConverter.mm:

(WebCore::editingAttributedStringFromRange): Pass a reference to a range
known to not be null.

page/TextIndicator.cpp:

(WebCore::estimatedTextColorsForRange): Ditto.
(WebCore::containsOnlyWhiteSpaceText): Ditto.

page/ios/FrameIOS.mm:

(WebCore::Frame::interpretationsForCurrentRoot const): Ditto.

rendering/HitTestResult.cpp:

(WebCore::HitTestResult::selectedText const): Added a null check on
a live range and pass a reference to it.

Source/WebKit:

WebProcess/InjectedBundle/API/mac/WKDOMTextIterator.mm:

(-[WKDOMTextIterator initWithRange:]): Leave _textIterator as a nullptr
if the passed-in range is nil since we no longer offer a way to create
an empty TextIterator; other clients don't seem to need one.
(-[WKDOMTextIterator advance]): Add a null check.
(-[WKDOMTextIterator atEnd]): Ditto.
(-[WKDOMTextIterator currentRange]): Ditto.
(-[WKDOMTextIterator currentTextPointer]): Ditto.
(-[WKDOMTextIterator currentTextLength]): Ditto.

WebProcess/WebPage/Cocoa/TextCheckingControllerProxy.mm: Removed include.

WebProcess/WebPage/ViewGestureGeometryCollector.cpp:

(WebKit::ViewGestureGeometryCollector::computeTextLegibilityScales): Pass
a reference to a range known not to be null.

WebProcess/WebPage/WebPage.cpp: Removed an include.

WebProcess/WebPage/ios/WebPageIOS.mm: Removed a "using naemsapce WebCore".

Added two local functions
(WebKit::plainTextForContext): Added. Helper for just this file where calling
plainTextReplacingNoBreakSpace on a possibly null Range is common.
(WebKit::plainTextForDisplay): Ditto. This one passes true for isDisplayString.
Not entirely clear how carefully we chose which of the two to call, or if there
is sufficient test coverage.
(WebKit::WebPage::platformEditorState const): Use plainTextForContext
and plainTextForDisplay.
(WebKit::WebPage::getSelectionContext): Ditto.
(WebKit::WebPage::getRectsAtSelectionOffsetWithText): Use plainTextForDisplay.
(WebKit::WebPage::requestDictationContext): Use plainTextForContext.
(WebKit::WebPage::replaceSelectedText): Ditto.
(WebKit::WebPage::replaceDictatedText): Ditto.
(WebKit::WebPage::requestAutocorrectionData): Ditto.
(WebKit::WebPage::applyAutocorrectionInternal): Ditto.
(WebKit::WebPage::autocorrectionContext): Ditto.
(WebKit::dataDetectorLinkPositionInformation): Use plainTextForDisplay.
(WebKit::WebPage::requestDocumentEditingContext): Use RetainPtr instead of
autorelease. Use makeBoundaryPoint to convert Position objects to SimpleRange.

Source/WebKitLegacy/mac:

WebView/WebFrame.mm: Removed an include.

WebView/WebHTMLView.mm:

(-[WebHTMLView _legacyAttributedStringFrom:offset:to:offset:]):
Add casts to unsigned.

WebView/WebTextIterator.mm:

(-[WebTextIterator initWithRange:]): Leave _private->_textIterator
as a nullptr if the passed-in range is nil since we no longer offer
a way to create an empty TextIterator; other clients don't seem to
need one.
(-[WebTextIterator advance]): Check _private->_textIterator for null.
(-[WebTextIterator atEnd]): Ditto.
(-[WebTextIterator currentRange]): Ditto.
(-[WebTextIterator currentTextPointer]): Ditto.
(-[WebTextIterator currentTextLength]): Ditto.
(-[WebTextIterator currentNode]): Ditto.
(-[WebTextIterator currentText]): Ditto.

3:49 PM Changeset in webkit [258524] by Russell Epstein

1 delete in branches/safari-610.1.7.3-branch

Delete branch.

3:41 PM Changeset in webkit [258523] by Russell Epstein

1 copy in branches/safari-610.1.7.3-branch

New branch.

3:10 PM Changeset in webkit [258522] by commit-queue@webkit.org

3 edits
2 adds in trunk

Crash in CSSValue::isPrimitiveValue
https://bugs.webkit.org/show_bug.cgi?id=208309

Patch by Pinki Gyanchandani <pgyanchandani@apple.com> on 2020-03-16
Reviewed by Ryosuke Niwa.

Source/WebCore:

Added a NULL check before dereferencing value in ApplyStyleCommand::computedFontSize

Test: editing/execCommand/primitive-value.html

editing/ApplyStyleCommand.cpp:

(WebCore::ApplyStyleCommand::computedFontSize):

LayoutTests:

Added a testcase attached to bugzilla issue 208309, with little modification.

editing/execCommand/primitive-value-expected.txt: Added.
editing/execCommand/primitive-value.html: Added.

3:04 PM Changeset in webkit [258521] by Chris Dumez

4 edits in trunk

Crash under WebCookieCache::clearForHost()
https://bugs.webkit.org/show_bug.cgi?id=209149
<rdar://problem/60453086>

Reviewed by Alex Christensen.

Source/WebKit:

Make sure WebCookieCache::pruneCacheIfNecessary() keeps alive the host String it is passing
to WebCookieCache::clearForHost(). Previously, it was merely deferencing a HashSet iterator
and passing that to clearForHost(). However, clearForHost() would then drop the String from
the HashSet and the host would no longer be valid.

Change covered by new API test.

WebProcess/WebPage/WebCookieCache.cpp:

(WebKit::WebCookieCache::pruneCacheIfNecessary):

Tools:

Add API test coverage.

TestWebKitAPI/Tests/WebKitCocoa/CookiePrivateBrowsing.mm:

(TEST):

2:50 PM Changeset in webkit [258520] by Keith Rollin

8 edits
3 deletes in trunk

Remove support for WebKitSystemInterface
https://bugs.webkit.org/show_bug.cgi?id=208894
<rdar://problem/60297590>

Reviewed by Brent Fulgham.

This project provided support for facilities that are now handled
elsewhere and is no longer needed.

.gitignore:
Source/PlatformWin.cmake:
Source/cmake/OptionsAppleWin.cmake:

Tools:

Scripts/copy-webkitlibraries-to-product-directory:

WebKitLibraries:

Makefile:
WebKitSystemInterface.h: Removed.
win/include/WebKitSystemInterface/WebKitSystemInterface.h: Removed.
win/lib32/WebKitSystemInterface.lib: Removed.

2:41 PM Changeset in webkit [258519] by timothy_horton@apple.com

3 edits in trunk/Source/WebKitLegacy/mac

Always include System.framework in WebKitLegacy's CPLUSPLUSFLAGS
https://bugs.webkit.org/show_bug.cgi?id=209147

Reviewed by Darin Adler.

Configurations/Base.xcconfig:
Configurations/WebKitLegacy.xcconfig:

Bring WebKitLegacy's xcconfigs in line with all the other projects,
adding System.framework globally, and in Base.xcconfig.

2:11 PM Changeset in webkit [258518] by pvollan@apple.com

8 edits in trunk

[macOS] Accessibility sandbox regressions
https://bugs.webkit.org/show_bug.cgi?id=209065
Source/WebCore/PAL:

Reviewed by Brent Fulgham.

Add Accessibility notification name.

pal/spi/cocoa/NSAccessibilitySPI.h:

Source/WebKit:

<rdar://problem/60202450>

Reviewed by Brent Fulgham.

When Accessibility is enabled, the WebContent process needs access to the preference service, since Accessibility
is relying on some advanced features of the service. Also, when CF prefs direct mode is enabled, the WebContent
sandbox needs to explicitly allow reading of the various plist files.

UIProcess/Cocoa/WebProcessPoolCocoa.mm:

(WebKit::WebProcessPool::registerNotificationObservers):

WebProcess/com.apple.WebProcess.sb.in:

Tools:

Reviewed by Brent Fulgham.

TestWebKitAPI/Tests/WebKit/EnableAccessibility.mm:

(TEST):

TestWebKitAPI/Tests/WebKit/GrantAccessToPreferencesService.mm:

(TEST):

1:54 PM Changeset in webkit [258517] by Jason_Lawrence

2 edits in trunk/LayoutTests

[ Mac wk2 ] imported/w3c/web-platform-tests/mediacapture-streams/MediaStream tests are flaky failing.
https://bugs.webkit.org/show_bug.cgi?id=209148

Unreviewed test gardening.

platform/mac-wk2/TestExpectations:

1:21 PM Changeset in webkit [258516] by Megan Gardner

3 edits
2 adds in trunk

Color Picker crashes on touch
https://bugs.webkit.org/show_bug.cgi?id=209086

Reviewed by Darin Adler.

Source/WebCore:

Vector sizing lost in refactor. Not perfomance sensitive code, so just expanding vector as needed.

Test: fast/forms/color/color-input-activate-crash.html

html/ColorInputType.cpp:

(WebCore::ColorInputType::suggestedColors const):

LayoutTests:

fast/forms/color/color-input-activate-crash-expected.txt: Added.
fast/forms/color/color-input-activate-crash.html: Added.

1:11 PM Changeset in webkit [258515] by pvollan@apple.com

2 edits in trunk/Source/WebKit

[Cocoa] Crash under -[WKPreferenceObserver init]
https://bugs.webkit.org/show_bug.cgi?id=209145

Reviewed by Darin Adler.

Handle the case when calling [NSUserDefaults initWithSuiteName:] did not succeed.

No new tests, since I have not been able to reproduce.

UIProcess/Cocoa/PreferenceObserver.mm:

(-[WKPreferenceObserver init]):

12:57 PM Changeset in webkit [258514] by sihui_liu@apple.com

3 edits in trunk/LayoutTests

IndexedDB hits assertion with crypto/workers/subtle/aes-indexeddb.html
https://bugs.webkit.org/show_bug.cgi?id=202648
<rdar://problem/56059602>

Unreviewed test gardening.

TestExpectations:
platform/ios-simulator/TestExpectations:

12:56 PM Changeset in webkit [258513] by Brent Fulgham

5 edits in trunk/Source/WebKit

Remove unused IPC messages from DrawingAreaProxy
https://bugs.webkit.org/show_bug.cgi?id=209090
<rdar://problem/60333300>

Reviewed by Wenson Hsieh.

Do not compile the following three unused messages in DrawingAreaProxy when
building for a Cocoa platform target.

DrawingAreaProxy::Update
DrawingAreaProxy::DidUpdateBackingStoreState
DrawingAreaProxy::ExitAcceleratedCompositingMode

UIProcess/DrawingAreaProxy.h:

(WebKit::DrawingAreaProxy::enterAcceleratedCompositingMode):
(WebKit::DrawingAreaProxy::update):
(WebKit::DrawingAreaProxy::didUpdateBackingStoreState):
(WebKit::DrawingAreaProxy::exitAcceleratedCompositingMode):

UIProcess/DrawingAreaProxy.messages.in:
UIProcess/mac/TiledCoreAnimationDrawingAreaProxy.h:
UIProcess/mac/TiledCoreAnimationDrawingAreaProxy.mm:

(WebKit::TiledCoreAnimationDrawingAreaProxy::exitAcceleratedCompositingMode): Deleted.

12:50 PM Changeset in webkit [258512] by pvollan@apple.com

2 edits in trunk/Source/WebKit

[Cocoa] Only set CF prefs direct mode for the WebContent process
https://bugs.webkit.org/show_bug.cgi?id=209091
<rdar://problem/60337842>

Reviewed by Brent Fulgham.

Currently, we enable CF prefs direct mode in XPCServiceMain. This is incorrect, it should only be enabled
for the WebContent process.

Shared/EntryPointUtilities/Cocoa/XPCService/XPCServiceMain.mm:

(WebKit::XPCServiceMain):

11:49 AM Changeset in webkit [258511] by Simon Fraser

8 edits in trunk/Source

Remove FrameView::scheduleRenderingUpdate()
https://bugs.webkit.org/show_bug.cgi?id=209109

Reviewed by Antti Koivisto.

FrameView::scheduleRenderingUpdate() called through to compositor(), but that just
turned around to call scheduleRenderingUpdate() via Page. So Remove it and change
callers to call Page::scheduleRenderingUpdate() directly.

Source/WebCore:

page/FrameView.cpp:

(WebCore::FrameView::setViewExposedRect):
(WebCore::FrameView::scheduleRenderingUpdate): Deleted.

page/FrameView.h:
page/Page.cpp:

(WebCore::Page::scheduleRenderingUpdate):

page/Page.h:
rendering/RenderLayerCompositor.cpp:

(WebCore::RenderLayerCompositor::scheduleRenderingUpdate):

Source/WebKitLegacy/mac:

WebView/WebView.mm:

11:42 AM Changeset in webkit [258510] by Simon Fraser

3 edits in trunk/Source/WebCore

Commit Xcode-modified xcfilelist.

New WebXR idl files.

DerivedSources-input.xcfilelist:
DerivedSources-output.xcfilelist:

11:42 AM Changeset in webkit [258509] by Simon Fraser

3 edits in trunk/Source/WebCore

Factor some post-updateRendering code into its own function
https://bugs.webkit.org/show_bug.cgi?id=209108

Reviewed by Antti Koivisto.

Make a new function to hold code that needs to do post update-rendering work.
It asserts that the layout is clean at the end.

page/Page.cpp:

(WebCore::Page::updateRendering):
(WebCore::Page::doAfterUpdateRendering):

page/Page.h:

10:34 AM Changeset in webkit [258508] by dbates@webkit.org

27 edits
2 adds in trunk

ASSERTION FAILURE: !result.innerNode()

(request.resultIsElementList() && result.listBasedTestResult().size()) in RenderLayer::hitTestContents()

https://bugs.webkit.org/show_bug.cgi?id=209112

Reviewed by Darin Adler.

LayoutTests/imported/w3c:

Update test result now that more sub-tests are passing.

web-platform-tests/shadow-dom/DocumentOrShadowRoot-prototype-elementFromPoint-expected.txt:

Source/WebCore:

Fix rect-based hit testing (e.g. used in the impl of document.elementsFromPoint()) of ::before
and ::after pseudo elements. Same issue as in r133330, updateHitTestResult() and addNodeToRectBasedTestResult()
are using different "hit" nodes. In particular, RenderObject::updateHitTestResult() knows how to
reason about ::before and ::after pseudo elements, but addNodeToRectBasedTestResult() cannot.
Standardize the concept of the node used for hit testing from something-specifically added to RenderBlock
in r133330 to all renderers. Have both updateHitTestResult() and addNodeToRectBasedTestResult()
make use of this concept so that they consider the same hit node.

Test: fast/dom/nodesFromRect/pseudo-empty-svg-image-crash.html

layout/integration/LayoutIntegrationLineLayout.cpp:

(WebCore::LayoutIntegration::LineLayout::hitTest):

rendering/EllipsisBox.cpp:

(WebCore::EllipsisBox::nodeAtPoint):

rendering/InlineFlowBox.cpp:

(WebCore::InlineFlowBox::nodeAtPoint):

rendering/InlineTextBox.cpp:

(WebCore::InlineTextBox::nodeAtPoint):
Update code to call nodeForHitTest() to keep the code behavior we have today. Note that RenderElement::element()
and RenderText::textNode() just cast the return value of RenderObject::node().

rendering/RenderBlock.cpp:

(WebCore::RenderBlock::nodeForHitTest const): Remove special case for RenderView now that I added RenderView::nodeForHitTest().
Moreover, this special case was returning the document even though RenderView::updateHitTestResult() hit
test the document element. See remarks for RenderView::nodeForHitTest() for more details.

rendering/RenderBlock.h:
rendering/RenderBox.cpp:

(WebCore::RenderBox::nodeAtPoint): Use nodeForHitTest(). This fixes the bug. Currently, updateHitTestResult()
knows that when RenderObject::node() is nullptr and the parent renderer is for generated content that it can
walk up the hierarchy to find the hit PseudoElement. But in the call to addNodeToListBasedTestResult(), RenderObject::element()
was passed, which is nullptr for an anonymous node, and addNodeToListBasedTestResult() doesn't have enough info
to know that this means generated content was hit and hence it is not able to find the PseudoElement. This
disagreement caused the assertion failure because updateHitTestResult() would update the inner node, but
addNodeToListBasedTestResult() would not add a node to the set.

rendering/RenderInline.cpp:

(WebCore::RenderInline::hitTestCulledInline): Use nodeForHitTest().
(WebCore::RenderInline::updateHitTestResult): Update code as needed to use nodeForHitTest(). Also while I
am here fix up code style of comment and rename the local from element to node to match the return value
of nodeForHitTest().

rendering/RenderMultiColumnSet.cpp:

(WebCore::RenderMultiColumnSet::nodeForHitTest const): Added.
(WebCore::RenderMultiColumnSet::updateHitTestResult): Update code as needed to use nodeForHitTest().

rendering/RenderMultiColumnSet.h:
rendering/RenderObject.cpp:

(WebCore::RenderObject::nodeForHitTest const): Added.
(WebCore::RenderObject::updateHitTestResult): Update code as needed to use nodeForHitTest().

rendering/RenderObject.h:
rendering/RenderTable.cpp:

(WebCore::RenderTable::nodeAtPoint): Ditto.

rendering/RenderView.cpp:

(WebCore::RenderView::nodeForHitTest const): Added. This overrides RenderBlock::nodeForHitTest(), which
following r155370 was returning the document as the hit test node even though RenderView::updateHitTestResult()
considered the document element as the hit node for a RenderView. As a result of this change, the rect-based
hit testing no longer returns the document (seen in test results as #document) in the list of nodes.
(WebCore::RenderView::updateHitTestResult): Update code as needed to use nodeForHitTest().

rendering/RenderView.h:
rendering/SimpleLineLayoutFunctions.cpp:

(WebCore::SimpleLineLayout::hitTestFlow): Ditto.

rendering/svg/RenderSVGContainer.cpp:

(WebCore::RenderSVGContainer::nodeAtFloatPoint): Ditto.

rendering/svg/RenderSVGImage.cpp:

(WebCore::RenderSVGImage::nodeAtFloatPoint): Ditto.

rendering/svg/RenderSVGRoot.cpp:

(WebCore::RenderSVGRoot::nodeAtPoint): Ditto.

rendering/svg/RenderSVGShape.cpp:

(WebCore::RenderSVGShape::nodeAtFloatPoint): Ditto.

rendering/svg/SVGInlineTextBox.cpp:

(WebCore::SVGInlineTextBox::nodeAtPoint): Ditto.

LayoutTests:

Add a new test for an pseudo element.

Also update tests now that I added the RenderView::nodeForHitTest(), which returns the
same hit test node (the document element) as used in RenderView::updateHitTestResult().
Currently RenderView::nodeForHitTest() would actually fall back to RenderBlock::nodeForHitTest(),
which returned the document (seen in the test resutls as #document).

fast/dom/nodesFromRect/nodesFromRect-child-frame-content.html: Update test to match new results.
fast/dom/nodesFromRect/nodesFromRect-embedded-frame-content.html: Ditto.
fast/dom/nodesFromRect/pseudo-empty-svg-image-crash-expected.txt: Added.
fast/dom/nodesFromRect/pseudo-empty-svg-image-crash.html: Added.

10:24 AM Changeset in webkit [258507] by ddkilzer@apple.com

3 edits in trunk/Source/WebKit

WebPage::GetDataSelectionForPasteboard should validate its size variable
<https://webkit.org/b/209092>
<rdar://problem/60181345>

Reviewed by Brent Fulgham.

Platform/IPC/Connection.h:

(MESSAGE_CHECK_WITH_RETURN_VALUE_BASE): Add.

Variant of MESSAGE_CHECK_BASE() that takes a return value.
UIProcess/mac/WebPageProxyMac.mm:

(MESSAGE_CHECK_WITH_RETURN_VALUE): Add.
(WebKit::WebPageProxy::dataSelectionForPasteboard):

Use new MESSAGE_CHECK_WITH_RETURN_VALUE() macro to update check for handle.isNull() and to add check for size variable.
Add static_cast<size_t>() to size variable to denote type change.

9:51 AM Changeset in webkit [258506] by youenn@apple.com

3 edits in trunk/Source/WebCore

Make CoreAudioCaptureSourceFactoryIOS an AudioSession::InterruptionObserver
https://bugs.webkit.org/show_bug.cgi?id=209138

Reviewed by Eric Carlson.

Instead of listening to Audiosession interruptions, CoreAudioCaptureSourceFactoryIOS is now relying on AudioSession directly.
This allows removing some duplicate code.
No change of behavior.

platform/mediastream/ios/CoreAudioCaptureSourceIOS.h:
platform/mediastream/ios/CoreAudioCaptureSourceIOS.mm:

(-[WebCoreAudioCaptureSourceIOSListener initWithCallback:]):
(WebCore::CoreAudioCaptureSourceFactoryIOS::CoreAudioCaptureSourceFactoryIOS):
(WebCore::CoreAudioCaptureSourceFactoryIOS::~CoreAudioCaptureSourceFactoryIOS):
(-[WebCoreAudioCaptureSourceIOSListener handleInterruption:]): Deleted.

9:44 AM Changeset in webkit [258505] by Ryan Haddad

2 edits in trunk/Tools

Unreviewed infrastructure fix.

BuildSlaveSupport/ews-build/config.json: Temporarily remove ews114

while the hardware is out for repair.

9:41 AM Changeset in webkit [258504] by youenn@apple.com

14 edits
2 adds in trunk

Apply rotation at source level if WebRTC sink ask so
https://bugs.webkit.org/show_bug.cgi?id=205645

Reviewed by Eric Carlson.

Source/WebCore:

Add a virtual method to RealtimeMediaSource to pass the information that the sink prefers the frames to be rotated before sending them.

Source/WebKit:

Implement RealtimeMediaSource setShouldApplyRotation by sending IPC to capture process.
In capture process, if rotation should be applied, use an ImageRotationSessionVT session to apply it before sending the video frame.
This allows WebProcess to no longer need an ImageRotationSessionVT for WebRTC.

UIProcess/Cocoa/UserMediaCaptureManagerProxy.cpp:

(WebKit::UserMediaCaptureManagerProxy::SourceProxy::setShouldApplyRotation):
(WebKit::UserMediaCaptureManagerProxy::SourceProxy::rotatePixelBuffer):
(WebKit::UserMediaCaptureManagerProxy::setShouldApplyRotation):

UIProcess/Cocoa/UserMediaCaptureManagerProxy.h:
UIProcess/Cocoa/UserMediaCaptureManagerProxy.messages.in:
WebProcess/cocoa/UserMediaCaptureManager.cpp:

(WebKit::UserMediaCaptureManager::Source::setShouldApplyRotation):

LayoutTests:

webrtc/video-rotation-no-cvo-expected.txt: Added.
webrtc/video-rotation-no-cvo.html: Added.

9:36 AM Changeset in webkit [258503] by youenn@apple.com

4 edits
2 adds in trunk

Audio is not played from an audio element when the srcObject object has unstarted video tracks
https://bugs.webkit.org/show_bug.cgi?id=207041
<rdar://problem/59084745>

Reviewed by Eric Carlson.

Source/WebCore:

In case MediaPlayer is an audio element, we should just make it as if there is no video track in the stream.

Test: imported/w3c/web-platform-tests/webrtc/audio-video-element-playing.html

platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h:
platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:

(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::enqueueVideoSample):
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::ensureLayers):
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::activeVideoTrack const):
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::didPassCORSAccessCheck const):
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::currentDisplayMode const):
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::currentReadyState):
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::checkSelectedVideoTrack):
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::updateTracks):

LayoutTests:

webrtc/audio-video-element-playing-expected.txt: Added.
webrtc/audio-video-element-playing.html: Added.

9:34 AM Changeset in webkit [258502] by youenn@apple.com

3 edits
2 adds in trunk

RTCRtpSender of kind video should have a null dtmf attribute
https://bugs.webkit.org/show_bug.cgi?id=209135

Reviewed by Eric Carlson.

LayoutTests/imported/w3c:

web-platform-tests/webrtc/RTCRtpSender.https-expected.txt: Added.
web-platform-tests/webrtc/RTCRtpSender.https.html: Added.

Source/WebCore:

Test: imported/w3c/web-platform-tests/webrtc/RTCRtpSender.https.html

Modules/mediastream/RTCRtpSender.cpp:

(WebCore::RTCRtpSender::dtmf):

9:22 AM Changeset in webkit [258501] by Truitt Savell

2 edits in trunk/LayoutTests

[ Mac wk2 ] (r258249) fast/scrolling/mac/absolute-in-overflow-scroll-dynamic.html is a flaky failure (209052)
https://bugs.webkit.org/show_bug.cgi?id=209052

Unreviewed test gardening.

platform/mac-wk2/TestExpectations:

9:14 AM Changeset in webkit [258500] by Jason_Lawrence

2 edits in trunk/LayoutTests

[ iOS wk2 ] webgl/1.0.3/conformance/textures/copy-tex-image-2d-formats.html is failing.
https://bugs.webkit.org/show_bug.cgi?id=209139

Unreviewed test gardening.

platform/ios-wk2/TestExpectations:

9:09 AM Changeset in webkit [258499] by svillar@igalia.com

4 edits
113 adds in trunk/LayoutTests

[WebXR] Import wpt tests
https://bugs.webkit.org/show_bug.cgi?id=208989

Reviewed by Youenn Fablet.

LayoutTests/imported/w3c:

resources/import-expectations.json:
web-platform-tests/webxr/META.yml: Added.
web-platform-tests/webxr/ar-module/idlharness.https.window.html: Added.
web-platform-tests/webxr/ar-module/idlharness.https.window.js: Added.

(async idl_array):

web-platform-tests/webxr/ar-module/w3c-import.log: Added.
web-platform-tests/webxr/ar-module/xrDevice_isSessionSupported_immersive-ar.https.html: Added.
web-platform-tests/webxr/ar-module/xrDevice_requestSession_immersive-ar.https.html: Added.
web-platform-tests/webxr/ar-module/xrSession_environmentBlendMode.https.html: Added.
web-platform-tests/webxr/dom-overlay/ar_dom_overlay.https.html: Added.
web-platform-tests/webxr/dom-overlay/w3c-import.log: Added.
web-platform-tests/webxr/events_input_source_recreation.https.html: Added.
web-platform-tests/webxr/events_input_sources_change.https.html: Added.
web-platform-tests/webxr/events_referenceSpace_reset_immersive.https.html: Added.
web-platform-tests/webxr/events_referenceSpace_reset_inline.https.html: Added.
web-platform-tests/webxr/events_session_select.https.html: Added.
web-platform-tests/webxr/events_session_select_subframe.https.html: Added.
web-platform-tests/webxr/events_session_squeeze.https.html: Added.
web-platform-tests/webxr/exclusive_requestFrame_nolayer.https.html: Added.
web-platform-tests/webxr/gamepads-module/idlharness.https.window.html: Added.
web-platform-tests/webxr/gamepads-module/idlharness.https.window.js: Added.

(async idl_array):

web-platform-tests/webxr/gamepads-module/w3c-import.log: Added.
web-platform-tests/webxr/gamepads-module/xrInputSource_gamepad_disconnect.https.html: Added.
web-platform-tests/webxr/gamepads-module/xrInputSource_gamepad_input_registered.https.html: Added.
web-platform-tests/webxr/getInputPose_handedness.https.html: Added.
web-platform-tests/webxr/getInputPose_pointer.https.html: Added.
web-platform-tests/webxr/getViewerPose_emulatedPosition.https.html: Added.
web-platform-tests/webxr/hit-test/ar_hittest_subscription_refSpaces.https.html: Added.
web-platform-tests/webxr/hit-test/ar_hittest_subscription_states.https.html: Added.
web-platform-tests/webxr/hit-test/w3c-import.log: Added.
web-platform-tests/webxr/hit-test/xrRay_constructor.https.html: Added.
web-platform-tests/webxr/hit-test/xrRay_matrix.https.html: Added.
web-platform-tests/webxr/idlharness.https.window.html: Added.
web-platform-tests/webxr/idlharness.https.window.js: Added.

(async idl_array):

web-platform-tests/webxr/navigator_xr_sameObject.https.html: Added.
web-platform-tests/webxr/render_state_vertical_fov_immersive.https.html: Added.
web-platform-tests/webxr/render_state_vertical_fov_inline.https.html: Added.
web-platform-tests/webxr/resources/w3c-import.log: Added.
web-platform-tests/webxr/resources/webxr_check.html: Added.
web-platform-tests/webxr/resources/webxr_math_utils.js: Added.

(let.transform_point_by_matrix):
(let.normalize_quaternion):
(let.conjugate_quaternion):
(let.multiply_quaternions):
(let.normalize_perspective):
(let.transform_point_by_quaternion):

web-platform-tests/webxr/resources/webxr_test_asserts.js: Added.

(const.assert_point_approx_equals):
(const.assert_point_significantly_not_equals):
(const.assert_transform_approx_equals):
(const.assert_matrix_approx_equals):
(const.assert_matrix_significantly_not_equals):
(const.assert_ray_approx_equals):

web-platform-tests/webxr/resources/webxr_test_constants.js: Added.
web-platform-tests/webxr/resources/webxr_test_constants_fake_world.js: Added.

(createFakeWorld):

web-platform-tests/webxr/resources/webxr_util.js: Added.

(xr_promise_test):
(async let):
(async xr_session_promise_test):
(async promise_simulate_user_activation):

web-platform-tests/webxr/w3c-import.log: Added.
web-platform-tests/webxr/webGLCanvasContext_create_xrcompatible.https.html: Added.
web-platform-tests/webxr/webGLCanvasContext_makecompatible_contextlost.https.html: Added.
web-platform-tests/webxr/webxr-supported-by-feature-policy.html: Added.
web-platform-tests/webxr/webxr_availability.http.sub.html: Added.
web-platform-tests/webxr/webxr_feature_policy.https.html: Added.
web-platform-tests/webxr/webxr_feature_policy.https.html.headers: Added.
web-platform-tests/webxr/xrBoundedReferenceSpace_updates.https.html: Added.
web-platform-tests/webxr/xrDevice_disconnect_ends.https.html: Added.
web-platform-tests/webxr/xrDevice_isSessionSupported_immersive.https.html: Added.
web-platform-tests/webxr/xrDevice_isSessionSupported_immersive_unsupported.https.html: Added.
web-platform-tests/webxr/xrDevice_isSessionSupported_inline.https.html: Added.
web-platform-tests/webxr/xrDevice_requestSession_immersive.https.html: Added.
web-platform-tests/webxr/xrDevice_requestSession_immersive_no_gesture.https.html: Added.
web-platform-tests/webxr/xrDevice_requestSession_immersive_unsupported.https.html: Added.
web-platform-tests/webxr/xrDevice_requestSession_no_mode.https.html: Added.
web-platform-tests/webxr/xrDevice_requestSession_non_immersive_no_gesture.https.html: Added.
web-platform-tests/webxr/xrDevice_requestSession_optionalFeatures.https.html: Added.
web-platform-tests/webxr/xrDevice_requestSession_requiredFeatures_unknown.https.html: Added.
web-platform-tests/webxr/xrFrame_getPose.https.html: Added.
web-platform-tests/webxr/xrFrame_getViewerPose_getPose.https.html: Added.
web-platform-tests/webxr/xrFrame_lifetime.https.html: Added.
web-platform-tests/webxr/xrFrame_session_sameObject.https.html: Added.
web-platform-tests/webxr/xrInputSource_add_remove.https.html: Added.
web-platform-tests/webxr/xrInputSource_emulatedPosition.https.html: Added.
web-platform-tests/webxr/xrInputSource_profiles.https.html: Added.
web-platform-tests/webxr/xrInputSource_sameObject.https.html: Added.
web-platform-tests/webxr/xrPose_transform_sameObject.https.html: Added.
web-platform-tests/webxr/xrReferenceSpace_originOffset.https.html: Added.
web-platform-tests/webxr/xrReferenceSpace_originOffsetBounded.https.html: Added.
web-platform-tests/webxr/xrReferenceSpace_originOffset_viewer.https.html: Added.
web-platform-tests/webxr/xrRigidTransform_constructor.https.html: Added.
web-platform-tests/webxr/xrRigidTransform_inverse.https.html: Added.
web-platform-tests/webxr/xrRigidTransform_matrix.https.html: Added.
web-platform-tests/webxr/xrRigidTransform_sameObject.https.html: Added.
web-platform-tests/webxr/xrSession_cancelAnimationFrame.https.html: Added.
web-platform-tests/webxr/xrSession_cancelAnimationFrame_invalidhandle.https.html: Added.
web-platform-tests/webxr/xrSession_end.https.html: Added.
web-platform-tests/webxr/xrSession_features_deviceSupport.https.html: Added.
web-platform-tests/webxr/xrSession_input_events_end.https.html: Added.
web-platform-tests/webxr/xrSession_prevent_multiple_exclusive.https.html: Added.
web-platform-tests/webxr/xrSession_requestAnimationFrame_callback_calls.https.html: Added.
web-platform-tests/webxr/xrSession_requestAnimationFrame_data_valid.https.html: Added.
web-platform-tests/webxr/xrSession_requestAnimationFrame_getViewerPose.https.html: Added.
web-platform-tests/webxr/xrSession_requestAnimationFrame_timestamp.https.html: Added.
web-platform-tests/webxr/xrSession_requestReferenceSpace.https.html: Added.
web-platform-tests/webxr/xrSession_requestReferenceSpace_features.https.html: Added.
web-platform-tests/webxr/xrSession_sameObject.https.html: Added.
web-platform-tests/webxr/xrSession_viewer_availability.https.html: Added.
web-platform-tests/webxr/xrSession_viewer_referenceSpace.https.html: Added.
web-platform-tests/webxr/xrSession_visibilityState.https.html: Added.
web-platform-tests/webxr/xrStationaryReferenceSpace_floorlevel_updates.https.html: Added.
web-platform-tests/webxr/xrView_eyes.https.html: Added.
web-platform-tests/webxr/xrView_match.https.html: Added.
web-platform-tests/webxr/xrView_oneframeupdate.https.html: Added.
web-platform-tests/webxr/xrView_sameObject.https.html: Added.
web-platform-tests/webxr/xrViewerPose_views_sameObject.https.html: Added.
web-platform-tests/webxr/xrViewport_valid.https.html: Added.
web-platform-tests/webxr/xrWebGLLayer_constructor.https.html: Added.
web-platform-tests/webxr/xrWebGLLayer_framebuffer_draw.https.html: Added.
web-platform-tests/webxr/xrWebGLLayer_framebuffer_sameObject.https.html: Added.
web-platform-tests/webxr/xrWebGLLayer_framebuffer_scale.https.html: Added.
web-platform-tests/webxr/xrWebGLLayer_opaque_framebuffer.https.html: Added.
web-platform-tests/webxr/xrWebGLLayer_opaque_framebuffer_stencil.https.html: Added.
web-platform-tests/webxr/xrWebGLLayer_viewports.https.html: Added.

LayoutTests:

TestExpectations: Mark all of them as skipped.

8:49 AM Changeset in webkit [258498] by svillar@igalia.com

35 edits
89 adds in trunk

[WebXR] IDLs, stubs and build configuration for WPE
https://bugs.webkit.org/show_bug.cgi?id=208702

Reviewed by Dean Jackson.

Added a new compile flag for WEBXR which depends on WEBGL.

For the WPE port, added OpenXR detection and USE_OPENXR define to be
used in the sources. It also adds a dependency between USE_OPENXR and
ENABLE_WEBXR.

Largely based on previous work by Žan Doberšek.

Source/cmake/FindOpenXR.cmake: Added.
Source/cmake/OptionsWPE.cmake: Added mandatory OpenXR dependency if

WEBXR is enabled exposing USE_OPENXR to the build.

Source/cmake/WebKitFeatures.cmake: Added ENABLE_WEBXR.
Source/cmake/tools/vsprops/FeatureDefines.props: Ditto.
Source/cmake/tools/vsprops/FeatureDefinesCairo.props: Ditto.

Source/JavaScriptCore:

Configurations/FeatureDefines.xcconfig: Added ENABLE_WEBXR, off by default.

Source/WebCore:

Added the IDLs defined by the spec with very basic empty implementations to get them
built. Apart from that a very basic implementation of the required platform code using
OpenXR API was also added.

No new tests as no new functionality was really added (empty implementations). However
follow up patches will import the already available WPT tests for WebXR.

Largely based on previous work by Žan Doberšek.

CMakeLists.txt:
Configurations/FeatureDefines.xcconfig: Added ENABLE_WEBXR off by default.
DerivedSources.make:
Modules/webxr/NavigatorWebXR.cpp: Added.

(WebCore::NavigatorWebXR::xr):
(WebCore::NavigatorWebXR::from):

Modules/webxr/NavigatorWebXR.h: Added.
Modules/webxr/NavigatorWebXR.idl: Added.
Modules/webxr/WebXRBoundedReferenceSpace.cpp: Added.

(WebCore::WebXRBoundedReferenceSpace::boundsGeometry const):

Modules/webxr/WebXRBoundedReferenceSpace.h: Added.
Modules/webxr/WebXRBoundedReferenceSpace.idl: Added.
Modules/webxr/WebXRFrame.cpp: Added.

(WebCore::WebXRFrame::create):
(WebCore::WebXRFrame::WebXRFrame):
(WebCore::WebXRFrame::session const):
(WebCore::WebXRFrame::getViewerPose):
(WebCore::WebXRFrame::getPose):

Modules/webxr/WebXRFrame.h: Added.
Modules/webxr/WebXRFrame.idl: Added.
Modules/webxr/WebXRInputSource.cpp: Added.

(WebCore::WebXRInputSource::create):
(WebCore::WebXRInputSource::WebXRInputSource):
(WebCore::WebXRInputSource::handedness const):
(WebCore::WebXRInputSource::targetRayMode const):
(WebCore::WebXRInputSource::targetRaySpace const):
(WebCore::WebXRInputSource::gripSpace const):
(WebCore::WebXRInputSource::profiles const):

Modules/webxr/WebXRInputSource.h: Added.
Modules/webxr/WebXRInputSource.idl: Added.
Modules/webxr/WebXRInputSourceArray.cpp: Added.

(WebCore::WebXRInputSourceArray::length const):
(WebCore::WebXRInputSourceArray::item const):

Modules/webxr/WebXRInputSourceArray.h: Added.
Modules/webxr/WebXRInputSourceArray.idl: Added.
Modules/webxr/WebXRPose.cpp: Added.

(WebCore::WebXRPose::create):
(WebCore::WebXRPose::WebXRPose):
(WebCore::WebXRPose::transform const):
(WebCore::WebXRPose::emulatedPosition const):

Modules/webxr/WebXRPose.h: Added.
Modules/webxr/WebXRPose.idl: Added.
Modules/webxr/WebXRReferenceSpace.cpp: Added.

(WebCore::WebXRReferenceSpace::WebXRReferenceSpace):
(WebCore::WebXRReferenceSpace::getOffsetReferenceSpace):

Modules/webxr/WebXRReferenceSpace.h: Added.
Modules/webxr/WebXRReferenceSpace.idl: Added.
Modules/webxr/WebXRRenderState.cpp: Added.

(WebCore::WebXRRenderState::create):
(WebCore::WebXRRenderState::WebXRRenderState):
(WebCore::WebXRRenderState::depthNear const):
(WebCore::WebXRRenderState::depthFar const):
(WebCore::WebXRRenderState::inlineVerticalFieldOfView const):
(WebCore::WebXRRenderState::baseLayer const):

Modules/webxr/WebXRRenderState.h: Added.
Modules/webxr/WebXRRenderState.idl: Added.
Modules/webxr/WebXRRigidTransform.cpp: Added.

(WebCore::WebXRRigidTransform::create):
(WebCore::WebXRRigidTransform::WebXRRigidTransform):
(WebCore::WebXRRigidTransform::position const):
(WebCore::WebXRRigidTransform::orientation const):
(WebCore::WebXRRigidTransform::matrix const):
(WebCore::WebXRRigidTransform::inverse const):

Modules/webxr/WebXRRigidTransform.h: Added.
Modules/webxr/WebXRRigidTransform.idl: Added.
Modules/webxr/WebXRSession.cpp: Added.

(WebCore::WebXRSession::environmentBlendMode const):
(WebCore::WebXRSession::visibilityState const):
(WebCore::WebXRSession::renderState const):
(WebCore::WebXRSession::inputSources const):
(WebCore::WebXRSession::updateRenderState):
(WebCore::WebXRSession::requestReferenceSpace):
(WebCore::WebXRSession::requestAnimationFrame):
(WebCore::WebXRSession::cancelAnimationFrame):
(WebCore::WebXRSession::end):
(WebCore::WebXRSession::activeDOMObjectName const):
(WebCore::WebXRSession::stop):

Modules/webxr/WebXRSession.h: Added.
Modules/webxr/WebXRSession.idl: Added.
Modules/webxr/WebXRSpace.cpp: Added.

(WebCore::WebXRSpace::WebXRSpace):

Modules/webxr/WebXRSpace.h: Added.
Modules/webxr/WebXRSpace.idl: Added.
Modules/webxr/WebXRSystem.cpp: Added.

(WebCore::WebXRSystem::create):
(WebCore::WebXRSystem::WebXRSystem):
(WebCore::WebXRSystem::isSessionSupported):
(WebCore::WebXRSystem::requestSession):
(WebCore::WebXRSystem::activeDOMObjectName const):
(WebCore::WebXRSystem::stop):

Modules/webxr/WebXRSystem.h: Added.
Modules/webxr/WebXRSystem.idl: Added.
Modules/webxr/WebXRView.cpp: Added.

(WebCore::WebXRView::create):
(WebCore::WebXRView::WebXRView):
(WebCore::WebXRView::eye const):
(WebCore::WebXRView::projectionMatrix const):
(WebCore::WebXRView::transform const):

Modules/webxr/WebXRView.h: Added.
Modules/webxr/WebXRView.idl: Added.
Modules/webxr/WebXRViewerPose.cpp: Added.

(WebCore::WebXRViewerPose::create):
(WebCore::WebXRViewerPose::views const):

Modules/webxr/WebXRViewerPose.h: Added.
Modules/webxr/WebXRViewerPose.idl: Added.
Modules/webxr/WebXRViewport.cpp: Added.

(WebCore::WebXRViewport::create):
(WebCore::WebXRViewport::x const):
(WebCore::WebXRViewport::y const):
(WebCore::WebXRViewport::width const):
(WebCore::WebXRViewport::height const):

Modules/webxr/WebXRViewport.h: Added.
Modules/webxr/WebXRViewport.idl: Added.
Modules/webxr/WebXRWebGLLayer.cpp: Added.

(WebCore::WebXRWebGLLayer::create):
(WebCore::WebXRWebGLLayer::WebXRWebGLLayer):
(WebCore::WebXRWebGLLayer::antialias const):
(WebCore::WebXRWebGLLayer::ignoreDepthValues const):
(WebCore::WebXRWebGLLayer::framebuffer const):
(WebCore::WebXRWebGLLayer::framebufferWidth const):
(WebCore::WebXRWebGLLayer::framebufferHeight const):
(WebCore::WebXRWebGLLayer::getViewport):
(WebCore::WebXRWebGLLayer::getNativeFramebufferScaleFactor):

Modules/webxr/WebXRWebGLLayer.h: Added.
Modules/webxr/WebXRWebGLLayer.idl: Added.
Modules/webxr/XREnvironmentBlendMode.h: Added.
Modules/webxr/XREnvironmentBlendMode.idl: Added.
Modules/webxr/XREye.h: Added.
Modules/webxr/XREye.idl: Added.
Modules/webxr/XRFrameRequestCallback.h: Added.
Modules/webxr/XRFrameRequestCallback.idl: Added.
Modules/webxr/XRHandedness.h: Added.
Modules/webxr/XRHandedness.idl: Added.
Modules/webxr/XRInputSourceEvent.cpp: Added.

(WebCore::XRInputSourceEvent::create):
(WebCore::XRInputSourceEvent::XRInputSourceEvent):
(WebCore::XRInputSourceEvent::frame const):
(WebCore::XRInputSourceEvent::inputSource const):
(WebCore::XRInputSourceEvent::buttonIndex const):

Modules/webxr/XRInputSourceEvent.h: Added.
Modules/webxr/XRInputSourceEvent.idl: Added.
Modules/webxr/XRInputSourcesChangeEvent.cpp: Added.

(WebCore::XRInputSourcesChangeEvent::create):
(WebCore::XRInputSourcesChangeEvent::XRInputSourcesChangeEvent):
(WebCore::XRInputSourcesChangeEvent::session const):
(WebCore::XRInputSourcesChangeEvent::added const):
(WebCore::XRInputSourcesChangeEvent::removed const):

Modules/webxr/XRInputSourcesChangeEvent.h: Added.
Modules/webxr/XRInputSourcesChangeEvent.idl: Added.
Modules/webxr/XRReferenceSpaceEvent.cpp: Added.

(WebCore::XRReferenceSpaceEvent::create):
(WebCore::XRReferenceSpaceEvent::XRReferenceSpaceEvent):
(WebCore::XRReferenceSpaceEvent::referenceSpace const):
(WebCore::XRReferenceSpaceEvent::transform const):

Modules/webxr/XRReferenceSpaceEvent.h: Added.
Modules/webxr/XRReferenceSpaceEvent.idl: Added.
Modules/webxr/XRReferenceSpaceType.h: Added.
Modules/webxr/XRReferenceSpaceType.idl: Added.
Modules/webxr/XRRenderStateInit.h: Added.
Modules/webxr/XRRenderStateInit.idl: Added.
Modules/webxr/XRSessionEvent.cpp: Added.

(WebCore::XRSessionEvent::create):
(WebCore::XRSessionEvent::XRSessionEvent):
(WebCore::XRSessionEvent::session const):

Modules/webxr/XRSessionEvent.h: Added.
Modules/webxr/XRSessionEvent.idl: Added.
Modules/webxr/XRSessionInit.h: Added.
Modules/webxr/XRSessionInit.idl: Added.
Modules/webxr/XRSessionMode.h: Added.
Modules/webxr/XRSessionMode.idl: Added.
Modules/webxr/XRTargetRayMode.h: Added.
Modules/webxr/XRTargetRayMode.idl: Added.
Modules/webxr/XRVisibilityState.h: Added.
Modules/webxr/XRVisibilityState.idl: Added.
Modules/webxr/XRWebGLLayerInit.h: Added.
Modules/webxr/XRWebGLLayerInit.idl: Added.
PlatformWPE.cmake: Added OpenXR libraries and include paths.
Sources.txt: Added new cpp files.
WebCore.xcodeproj/project.pbxproj: Added new files.
bindings/IDLTypes.h: Added SequenceStorageType.
bindings/js/JSDOMConvertSequences.h:
bindings/js/WebCoreBuiltinNames.h:
dom/EventNames.h:
dom/EventNames.in: Added WebXR events.
dom/EventTargetFactory.in: Added WebXR event targets.
page/RuntimeEnabledFeatures.h: Added new runtime feature for WebXR.

(WebCore::RuntimeEnabledFeatures::setWebXREnabled):
(WebCore::RuntimeEnabledFeatures::webXREnabled const):

platform/xr/PlatformXR.cpp: Added.
platform/xr/PlatformXR.h: Added.
platform/xr/openxr/PlatformXR.cpp: Added.

(PlatformXR::createStructure): Utility function to create OpenXR structs.
(PlatformXR::resultToString): Translates OpenXR error codes to strings.
(PlatformXR::Instance::Impl::Impl):
(PlatformXR::Instance::Impl::~Impl):
(PlatformXR::Instance::singleton):

Source/WebCore/PAL:

Configurations/FeatureDefines.xcconfig: Added ENABLE_WEBXR off by default.

Source/WebKit:

Added WebXR to the list of experimental features.

Configurations/FeatureDefines.xcconfig: Added ENABLE_WEBXR off by default.
Shared/WebPreferences.yaml: Added WebXR feature.
Shared/WebPreferencesDefaultValues.cpp:

(WebKit::defaultWebXREnabled): Set WebXR to off by default unless HAVE_SYSTEM_FEATURE_FLAGS.

Shared/WebPreferencesDefaultValues.h:
WebProcess/InjectedBundle/InjectedBundle.cpp:

(WebKit::InjectedBundle::overrideBoolPreferenceForTestRunner):

Source/WebKitLegacy/mac:

Configurations/FeatureDefines.xcconfig: Added ENABLE_WEBXR, off by default.

Tools:

Scripts/webkitperl/FeatureList.pm: Added WebXR.
TestWebKitAPI/Configurations/FeatureDefines.xcconfig: Added ENABLE_WEBXR, off by default.

8:27 AM Changeset in webkit [258497] by commit-queue@webkit.org

2 edits in trunk/Source/WebCore

[Cairo] Path copy constructor and operator must also copy over CTM
https://bugs.webkit.org/show_bug.cgi?id=183327

Patch by Zan Dobersek <zdobersek@igalia.com> on 2020-03-16
Reviewed by Carlos Garcia Campos.

Cairo implementations of Path copy constructor and assignment operator
must also copy over the current transformation matrix that's maintained
on the source path's cairo_t context.

cairo_copy_path() copies the current path off of a Cairo context, but
during that also transforms every point on the path through inverse of
the CTM, back into user coordinates. For copying to be done correctly,
the copied path must be transformed through the CTM when it's appended
to the target Cairo context. For that reason the CTM has to be copied
over from source to target context before the path is copied and
appended.

platform/graphics/cairo/PathCairo.cpp:

(WebCore::Path::Path):
(WebCore::Path::operator=):

8:26 AM Changeset in webkit [258496] by pvollan@apple.com

2 edits in trunk/Source/WebKit

[iOS] Add telemetry for message filtering
https://bugs.webkit.org/show_bug.cgi?id=208925
<rdar://problem/58885485>

Reviewed by Darin Adler.

On iOS, add telemetry for message filtering in the WebContent process' sandbox.

No new tests, no behavior change.

Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:

8:19 AM Changeset in webkit [258495] by pvollan@apple.com

4 edits in trunk

[Cocoa] Limit set of classes that can be decoded when a preference has changed
https://bugs.webkit.org/show_bug.cgi?id=208012

Reviewed by Brent Fulgham.

Source/WebKit:

As a hardening measure, limit the set of ObjectiveC classes that can be decoded in the WebContent process
as a result of a preference change.

API tests: WebKit.PreferenceChangesDictionary

WebKit.PreferenceChangesData
WebKit.PreferenceChangesDate

WebProcess/cocoa/WebProcessCocoa.mm:

(WebKit::WebProcess::notifyPreferencesChanged):

Tools:

TestWebKitAPI/Tests/WebKit/PreferenceChanges.mm:

(TEST):

6:15 AM Changeset in webkit [258494] by youenn@apple.com

11 edits
3 adds in trunk

Unique origins should not be Potentially Trustworthy
https://bugs.webkit.org/show_bug.cgi?id=209049

Reviewed by Darin Adler.

LayoutTests/imported/w3c:

web-platform-tests/service-workers/service-worker/interfaces-window.https-expected.txt:

Source/WebCore:

Unique origins should not be considered trustworthy as per https://w3c.github.io/webappsec-secure-contexts/#is-origin-trustworthy.

Test: http/tests/security/iframe-unique-origin.https.html

dom/Document.cpp:

(WebCore::Document::isSecureContext const):
Removed check for top level origins as we make all unique origins not trusted.

page/SecurityOrigin.cpp:

Source/WebKit:

WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:

(WebKit::WebFrameLoaderClient::hasNavigatedAwayFromAppBoundDomain):
We should only check this for the main frame since this is tied to the page.

Tools:

TestWebKitAPI/Tests/WebCore/SecurityOrigin.cpp:

(TestWebKitAPI::TEST_F):

LayoutTests:

editing/async-clipboard/resources/sanitize-when-reading-markup-iframe.html: Added.
editing/async-clipboard/sanitize-when-reading-markup.html:

Updating test to use HTTP instead of data URL for iFrame since clipboard is SecureContext.

http/tests/security/iframe-unique-origin.https-expected.txt: Added.
http/tests/security/iframe-unique-origin.https.html: Added.

6:15 AM Changeset in webkit [258493] by youenn@apple.com

14 edits in trunk

Remove the use of empty WebRTC sources for receiver tracks
https://bugs.webkit.org/show_bug.cgi?id=209061

Reviewed by Eric Carlson.

LayoutTests/imported/w3c:

web-platform-tests/webrtc/RTCPeerConnection-track-stats.https-expected.txt:

Source/WebCore:

We no longer need to create receivers with empty sources since we now always have a libwebrtc receiver from which we can get the track.
We remove that code path.
This sldo allows using the right track parameters from the start, like track id.

Covered by existing and rebased tests.

Modules/mediastream/RTCPeerConnection.h:
Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:

(WebCore::LibWebRTCMediaEndpoint::addPendingTrackEvent):
(WebCore::LibWebRTCMediaEndpoint::collectTransceivers):
(WebCore::LibWebRTCMediaEndpoint::newTransceiver):

Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.cpp:

(WebCore::LibWebRTCPeerConnectionBackend::createReceiver):
(WebCore::LibWebRTCPeerConnectionBackend::addTrack):
(WebCore::LibWebRTCPeerConnectionBackend::addTransceiverFromTrackOrKind):
(WebCore::LibWebRTCPeerConnectionBackend::newRemoteTransceiver):

Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.h:
Modules/mediastream/libwebrtc/LibWebRTCRtpReceiverBackend.cpp:

(WebCore::LibWebRTCRtpReceiverBackend::createSource):

Modules/mediastream/libwebrtc/LibWebRTCRtpReceiverBackend.h:
platform/mediastream/RealtimeIncomingAudioSource.cpp:

(WebCore::RealtimeIncomingAudioSource::RealtimeIncomingAudioSource):

platform/mediastream/RealtimeIncomingAudioSource.h:
platform/mediastream/RealtimeIncomingVideoSource.cpp:

(WebCore::RealtimeIncomingVideoSource::RealtimeIncomingVideoSource):

platform/mediastream/RealtimeIncomingVideoSource.h:
testing/MockLibWebRTCPeerConnection.h:

(WebCore::MockMediaStreamTrack::state const):
(WebCore::MockRtpReceiver::SetObserver):

5:41 AM Changeset in webkit [258492] by Carlos Garcia Campos

13 edits in trunk

[Cairo][SVG] marker-mid isn't shown on a joint of rectilinearly connected line-to path segments
https://bugs.webkit.org/show_bug.cgi?id=113849

Reviewed by Adrian Perez de Castro.

Source/WebCore:

Marker-mid of svg is not displayed because path elements that added to
cairo backend are optimized. If the new line_to has same slope with
the previous path element, then the path element is joined to previous
path element.

Example:

added path elements : moveto(-5,-2), lineto(0,-2), lineto(5,-2)
cairo_path_data : moveto(-5,-2), lineto(5, -2)

This patch stores all of path informations separately in order to avoid
this problem. When generating positions of markers, we use stored path
informations instead of cairo_path_data.

When a new operation can't be directly stored in an ElementPath, we fallback to use cairo_path_data() in
Path::apply().

platform/graphics/Path.h: Add new constructor that receives a cairo context, make ensureCairoPath() private

and add m_elements member.

platform/graphics/cairo/FontCairo.cpp:

(WebCore::Font::platformPathForGlyph const): Create a cairo context for the path and use the new constructor
that receives a RefPtr<cairo_t>&&.

platform/graphics/cairo/PathCairo.cpp:

(WebCore::Path::Path): Initialize m_elements to an empty vector when created without a cairo context.
(WebCore::Path::operator=): Also copy m_elements.
(WebCore::Path::clear): Initialize m_elements to an empty vector.
(WebCore::Path::translate): Apply the translate to elements in m_elements.
(WebCore::Path::appendElement): Helper to add an operation to m_elements.
(WebCore::Path::moveToSlowCase): Call appendElement() if m_elements is not nullopt.
(WebCore::Path::addLineToSlowCase): Ditto.
(WebCore::Path::addRect): Ditto.
(WebCore::Path::addQuadCurveToSlowCase): Ditto.
(WebCore::Path::addBezierCurveToSlowCase): Ditto.
(WebCore::Path::addArcSlowCase): Set m_elements to nullopt.
(WebCore::Path::addArcTo): Ditto.
(WebCore::Path::addEllipse): Ditto.
(WebCore::Path::addPath): Ditto.
(WebCore::Path::closeSubpath): Call appendElement() if m_elements is not nullopt.
(WebCore::Path::applySlowCase const): Use elements from m_elements if it's not nullopt, otherwise fallback to
use cairo_path_data.
(WebCore::Path::transform): Apply the transform to elements in m_elements.

LayoutTests:

Remove svg/custom/local-url-reference-marker.html from expectations and rebaseline other tests.

platform/gtk/TestExpectations:
platform/gtk/imported/w3c/web-platform-tests/svg/import/text-path-01-b-manual-expected.txt:
platform/gtk/imported/w3c/web-platform-tests/svg/import/text-path-02-b-manual-expected.txt:
platform/gtk/imported/w3c/web-platform-tests/svg/painting/marker-008-expected.txt:
platform/gtk/imported/w3c/web-platform-tests/svg/text/reftests/textpath-shape-001-expected.txt:
platform/gtk/svg/text/text-path-01-b-expected.png:
platform/gtk/svg/text/text-path-01-b-expected.txt:
platform/wpe/TestExpectations:

5:17 AM Changeset in webkit [258491] by Nikolas Zimmermann

624 edits
2 copies
2 adds in trunk/LayoutTests

[Gtk] Update pixel test baseline in svg/ subdirectory
https://bugs.webkit.org/show_bug.cgi?id=209137

Ruber-stamped by Žan Doberšek.

Update pixel test baseline, reflecting the status quo with WebKit ToT.

platform/gtk/svg: > 600 modifications of the -expected.png files.
platform/gtk/svg/W3C-SVG-1.1-SE/painting-marker-06-f-expected.png: Added.
platform/gtk/svg/filters/filter-refresh-expected.png: Copied from LayoutTests/platform/gtk/svg/filters/feImage-reference-invalidation-expected.png.
platform/gtk/svg/hixie/error/015-expected.png: Copied from LayoutTests/platform/gtk/svg/zoom/page/absolute-sized-document-no-scrollbars-expected.png.
platform/gtk/svg/overflow/overflow-on-outermost-svg-element-ignore-attribute-1-expected.png: Added.

4:08 AM Changeset in webkit [258490] by Nikolas Zimmermann

1 edit
27 adds in trunk/LayoutTests

[Gtk] Add missing pixel test results in svg/ subdirectory
https://bugs.webkit.org/show_bug.cgi?id=209136

Reviewed by Žan Doberšek.

Add pixel tests results based on current WebKit ToT.
No Gtk bot is running pixel tests, but it is still helpful to have an
updated pixel test baseline for local development. Many SVG tests
still depend on the pixel test output as only way to catch
regressions. This should be changed in future, but for now we should
at least have an accurate baseline.

platform/gtk/svg/animations/animate-marker-orienttype-1-expected.png: Added.
platform/gtk/svg/animations/animate-marker-orienttype-2-expected.png: Added.
platform/gtk/svg/animations/animate-marker-orienttype-3-expected.png: Added.
platform/gtk/svg/animations/animate-viewport-overflow-2-expected.png: Added.
platform/gtk/svg/animations/animate-viewport-overflow-expected.png: Added.
platform/gtk/svg/animations/avoid-calculating-for-non-animating-elements-expected.png: Added.
platform/gtk/svg/css/shape-rendering-parsing-expected.png: Added.
platform/gtk/svg/custom/non-scaling-stroke-markers-expected.png: Added.
platform/gtk/svg/custom/relative-sized-use-without-attributes-on-symbol-expected.png: Added.
platform/gtk/svg/custom/use-on-symbol-inside-pattern-expected.png: Added.
platform/gtk/svg/dynamic-updates/SVGClipPath-prefixed-influences-hitTesting-expected.png: Added.
platform/gtk/svg/dynamic-updates/SVGClipPath-prefixed-path-influences-hitTesting-expected.png: Added.
platform/gtk/svg/dynamic-updates/SVGClipPathElement-prefixed-css-transform-influences-hitTesting-expected.png: Added.
platform/gtk/svg/dynamic-updates/SVGClipPathElement-prefixed-transform-influences-hitTesting-expected.png: Added.
platform/gtk/svg/dynamic-updates/SVGFEGaussianBlurElement-dom-edgeMode-attr-expected.png: Added.
platform/gtk/svg/dynamic-updates/SVGFEGaussianBlurElement-svgdom-edgeMode-prop-expected.png: Added.
platform/gtk/svg/dynamic-updates/SVGFilterElement-dom-filterRes-attr-expected.png: Added.
platform/gtk/svg/filters/feBlend-all-blendmodes-expected.png: Added.
platform/gtk/svg/filters/filter-image-ref-root-expected.png: Added.
platform/gtk/svg/hixie/text/001-expected.png: Added.
platform/gtk/svg/in-html/overflow-repaint-expected.png: Added.
platform/gtk/svg/overflow/overflow-scroll-on-outermost-svg-element-expected.png: Added.
platform/gtk/svg/text/scaled-font-expected.png: Added.
platform/gtk/svg/text/text-hkern-expected.png: Added.
platform/gtk/svg/text/text-overflow-ellipsis-svgfont-kerning-ligatures-expected.png: Added.
platform/gtk/svg/text/text-vkern-on-horizontal-text-expected.png: Added.

2:29 AM Changeset in webkit [258489] by Diego Pino Garcia

2 edits in trunk/LayoutTests

[GTK] Gardening, update TestExpectations
https://bugs.webkit.org/show_bug.cgi?id=209105

Unreviewed gardening.

platform/gtk/TestExpectations:

1:11 AM Changeset in webkit [258488] by commit-queue@webkit.org

2 edits in trunk/Source/WebCore

Remove addHTTPOriginIfNeeded calls
https://bugs.webkit.org/show_bug.cgi?id=209127

Patch by Rob Buis <rbuis@igalia.com> on 2020-03-16
Reviewed by Darin Adler.

Remove addHTTPOriginIfNeeded calls since they are get requests and navigations and the spec [1]
indicates that the Origin header should not be written out, making these calls no-ops.

[1] https://fetch.spec.whatwg.org/#append-a-request-origin-header

loader/FrameLoader.cpp:

(WebCore::FrameLoader::changeLocation):
(WebCore::FrameLoader::loadURL):

12:20 AM Changeset in webkit [258487] by commit-queue@webkit.org

16 edits in trunk/Source

Simplify ChromeClient.createWindow
https://bugs.webkit.org/show_bug.cgi?id=209123

Patch by Rob Buis <rbuis@igalia.com> on 2020-03-16
Reviewed by Darin Adler.

Source/WebCore:

Simplify ChromeClient.createWindow by removing the FrameLoadRequest parameter.
It was only passed for its ResourceRequest member, which can also be obtained
from the NavigationAction parameter.

loader/EmptyClients.h:
loader/FrameLoader.cpp:

(WebCore::createWindow):

page/Chrome.cpp:

(WebCore::Chrome::createWindow const):

page/Chrome.h:
page/ChromeClient.h:
page/ContextMenuController.cpp:

(WebCore::openNewWindow):

Source/WebKit:

Adapt to API change.

WebProcess/Inspector/WebInspector.cpp:

(WebKit::WebInspector::openInNewTab):

WebProcess/WebCoreSupport/WebChromeClient.cpp:

(WebKit::WebChromeClient::createWindow):

WebProcess/WebCoreSupport/WebChromeClient.h:
WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:

(WebKit::WebFrameLoaderClient::dispatchCreatePage):

Mar 15, 2020:

7:58 PM Changeset in webkit [258486] by Fujii Hironori

4 edits in trunk

KeyedDecoderGeneric fails to allocate Vector while decoding broken data
https://bugs.webkit.org/show_bug.cgi?id=207324

Reviewed by Darin Adler.

Source/WebCore:

There were three crash bugs in it.

KeyedDecoderGeneric was trying to allocate a buffer without
ensuring the size wouldn't exceed the decoding data size by using
bufferIsLargeEnoughToContain.

It was trying to push an itme into the top dictionary of emtpy
m_dictionaryStack when EndObject tag would appear without the
preceding BeginObject tag.

It was trying to push an item into the top array of empty
m_arrayStack when EndArray tag would appear without the preceding
BeginArray tag.

Tests: TestWebKitAPI: KeyedCoding.DecodeRandomData

platform/generic/KeyedDecoderGeneric.cpp:

(WebCore::readString):
(WebCore::KeyedDecoderGeneric::KeyedDecoderGeneric):
Check bufferIsLargeEnoughToContain(size) before allocating a Vector with size.
Check if m_dictionaryStack and m_arrayStack are empty.

Tools:

TestWebKitAPI/Tests/WebCore/KeyedCoding.cpp:

(TestWebKitAPI::generateRandomData): Added.
(TestWebKitAPI::KeyedCoding.DecodeRandomData): Added a new test decoding random data.

7:33 PM Changeset in webkit [258485] by Lauro Moura

4 edits in trunk/LayoutTests

WPE gardening.

Updated a test baseline with new message after changed from
js-test-pre to js-test.

Unreviewed test gardening.

platform/gtk/TestExpectations: Updated an expectation with new bug

number.

platform/wpe/TestExpectations:
platform/wpe/fast/frames/sandboxed-iframe-navigation-allowed-expected.txt:

7:08 PM Changeset in webkit [258484] by commit-queue@webkit.org

3 edits in trunk/Source/ThirdParty/ANGLE

[ANGLE] Source/ThirdParty/ANGLE/src/common/utilities.cpp:10: warning: ignoring #pragma clang diagnostic [-Wunknown-pragmas]
https://bugs.webkit.org/show_bug.cgi?id=209014

Patch by Michael Catanzaro <Michael Catanzaro> on 2020-03-15
Reviewed by Darin Adler.

Silence compiler warning.

changes.diff:
src/common/utilities.cpp:

6:41 PM Changeset in webkit [258483] by commit-queue@webkit.org

2 edits in trunk/Source/ThirdParty/ANGLE

[ANGLE] Source/ThirdParty/ANGLE/src/libANGLE/Display.h:221:73: warning: implicitly-declared ‘egl::AttributeMap& egl::AttributeMap::operator=(const egl::AttributeMap&)’ is deprecated [-Wdeprecated-copy]
https://bugs.webkit.org/show_bug.cgi?id=209015

Patch by Michael Catanzaro <Michael Catanzaro> on 2020-03-15
Reviewed by Darin Adler.

Suppress compiler warning. If this were WebKit code, I might take the time to fix it, but
with third-party code it's probably best to just turn off warnings that upstream is not
using.

CMakeLists.txt:

6:17 PM Changeset in webkit [258482] by Chris Dumez

6 edits in trunk/Source/WebCore

[DRT] InternalSettingsGenerated::resetToConsistentState() may override TestOptions::enableBackForwardCache
https://bugs.webkit.org/show_bug.cgi?id=207481
<rdar://problem/59331661>

Reviewed by Darin Adler.

Add a support for a new excludeFromInternalSetting option in Settings.yaml and use it for
'usesBackForwardCache' setting. This means that script will no longer be able to toggle
this particular setting via internals.settings JS API. Tests wanting to turn on the
back / forward cache are supposed to use the following:

Using internals.settings JS API to turn on the back/forward cache would not work well
with WebKit2 because of process-swap-on-navigation. Support for it in WK1 / DRT was
causing flakiness because of a conflict between the 2 ways of enabling the setting.

Scripts/GenerateSettings.rb:
Scripts/SettingsTemplates/InternalSettingsGenerated.cpp.erb:
Scripts/SettingsTemplates/InternalSettingsGenerated.h.erb:
Scripts/SettingsTemplates/InternalSettingsGenerated.idl.erb:
page/Settings.yaml:

2:28 PM Changeset in webkit [258481] by aakash_jain@apple.com

2 edits in trunk/LayoutTests

Regression r258439: quicklook/multi-sheet-numbers-09.html is failing consistently on iOS
https://bugs.webkit.org/show_bug.cgi?id=209128

Partially revert r258439.

Unreviewed test gardening.

platform/ios-simulator-wk2/TestExpectations:

8:33 AM Changeset in webkit [258480] by Alan Bujtas

6 edits
2 adds in trunk

[LFC][TFC] Add basic column span support for content box width
https://bugs.webkit.org/show_bug.cgi?id=209120
<rdar://problem/60463424>

Reviewed by Antti Koivisto.

Source/WebCore:

Take the column spanning into account when computing the content width for the table cell.
[content box width = column width(1) + column width(2) + .. + column width(spanning value) + ((spanning value - 1) * horizontal spacing)]

Test: fast/layoutformattingcontext/table-colspan-simple.html

layout/tableformatting/TableFormattingContext.cpp:

(WebCore::Layout::TableFormattingContext::layoutInFlowContent):
(WebCore::Layout::TableFormattingContext::layoutTableCellBox):
(WebCore::Layout::TableFormattingContext::positionTableCells):

layout/tableformatting/TableFormattingContext.h:
layout/tableformatting/TableGrid.cpp:

(WebCore::Layout::TableGrid::appendCell):

layout/tableformatting/TableGrid.h:

(WebCore::Layout::TableGrid::CellInfo::startColumn const):
(WebCore::Layout::TableGrid::CellInfo::endColumn const):
(WebCore::Layout::TableGrid::CellInfo::startRow const):
(WebCore::Layout::TableGrid::CellInfo::endRow const):
(WebCore::Layout::TableGrid::CellInfo::columnSpan const):
(WebCore::Layout::TableGrid::CellInfo::rowSpan const):

LayoutTests:

fast/layoutformattingcontext/table-colspan-simple-expected.html: Added.
fast/layoutformattingcontext/table-colspan-simple.html: Added.

3:51 AM Changeset in webkit [258479] by ysuzuki@apple.com

4 edits in trunk/Source/JavaScriptCore

reportZappedCellAndCrash should handle PreciseAllocation in IsoSubspace
https://bugs.webkit.org/show_bug.cgi?id=209042

Reviewed by Mark Lam.

This patch adds support of PreciseAllocation cells to reportZappedCellAndCrash, since now it is frequently used
as a lower-tier cells in IsoSubspace.

heap/IsoSubspace.h:
heap/IsoSubspaceInlines.h:

(JSC::IsoSubspace::forEachLowerTierFreeListedPreciseAllocation):

runtime/JSCell.cpp:

(JSC::reportZappedCellAndCrash):

3:16 AM Changeset in webkit [258478] by ysuzuki@apple.com

37 edits
2 adds in trunk

Should not use variable-length-array (VLA)
https://bugs.webkit.org/show_bug.cgi?id=209043

Reviewed by Mark Lam.

PerformanceTests:

MediaTime/Configurations/Base.xcconfig:

Source/bmalloc:

Configurations/Base.xcconfig:

Source/JavaScriptCore:

This patch disables variable-length-array (VLA). If this feature uses user-input, user can
control the stack height consumed by C++ code. This patch avoids using VLA. To achieve that,

We set -Wvla warning option to trigger warnings if it is used.
Introduce MarkedJSValueRefArray for API. This replaces JSValueRef arguments[variableLength] use case. MarkedJSValueRefArray registers itself to JSC GC so that GC can mark it as a strong root.

API/JSContext.mm:

(+[JSContext currentArguments]):

API/JSValue.mm:

(-[JSValue callWithArguments:]):
(-[JSValue constructWithArguments:]):
(-[JSValue invokeMethod:withArguments:]):

API/MarkedJSValueRefArray.cpp: Added.

(JSC::MarkedJSValueRefArray::MarkedJSValueRefArray):
(JSC::MarkedJSValueRefArray::~MarkedJSValueRefArray):
(JSC::MarkedJSValueRefArray::visitAggregate):

API/MarkedJSValueRefArray.h: Added.
API/tests/minidom.c:

(print):

API/tests/testapi.cpp:

(TestAPI::markedJSValueArrayAndGC):
(testCAPIViaCpp):

Configurations/Base.xcconfig:
JavaScriptCore.xcodeproj/project.pbxproj:
Sources.txt:
heap/Heap.cpp:

(JSC::Heap::addCoreConstraints):
(JSC::Heap::addMarkedJSValueRefArray):

heap/Heap.h:
heap/MarkedSpace.h:

(JSC::MarkedSpace::activeWeakSetsBegin): Deleted.
(JSC::MarkedSpace::activeWeakSetsEnd): Deleted.
(JSC::MarkedSpace::newActiveWeakSetsBegin): Deleted.
(JSC::MarkedSpace::newActiveWeakSetsEnd): Deleted.

runtime/ArgList.h:

Source/WebCore:

Configurations/Base.xcconfig:
crypto/mac/SerializedCryptoKeyWrapMac.mm:

(WebCore::wrapSerializedCryptoKey):
(WebCore::unwrapSerializedCryptoKey):

html/canvas/WebGL2RenderingContext.cpp:

(WebCore::WebGL2RenderingContext::getInternalformatParameter):

platform/mediastream/mac/CoreAudioCaptureDeviceManager.cpp:

(WebCore::CoreAudioCaptureDeviceManager::refreshAudioCaptureDevices):

platform/mediastream/mac/ScreenDisplayCaptureSourceMac.mm:

(WebCore::updateDisplayID):
(WebCore::ScreenDisplayCaptureSourceMac::screenCaptureDevices):

Source/WebCore/PAL:

Configurations/Base.xcconfig:

Source/WebInspectorUI:

Configurations/Base.xcconfig:

Source/WebKit:

Configurations/Base.xcconfig:
UIProcess/_WKTouchEventGenerator.mm:

(-[_WKTouchEventGenerator touchDown:touchCount:]):
(-[_WKTouchEventGenerator liftUp:touchCount:]):
(-[_WKTouchEventGenerator moveToPoints:touchCount:duration:]):

Source/WebKitLegacy/mac:

Configurations/Base.xcconfig:

Source/WTF:

Configurations/Base.xcconfig:
wtf/UUID.cpp:

(WTF::bootSessionUUIDString):

Tools:

ContentExtensionTester/Configurations/Base.xcconfig:
lldb/lldbWebKitTester/Configurations/Base.xcconfig:

Mar 14, 2020:

8:40 PM Changeset in webkit [258477] by beidson@apple.com

3 edits in trunk/Source/WebKit

Fix the "deliver cached ranges" logic in PDFPlugin (and other small cleanups)
https://bugs.webkit.org/show_bug.cgi?id=209097

Reviewed by Tim Hatcher.

Streaming in data always appended to the buffer instead of first growing the buffer.
This wasn't noticed earlier because we often did not grow the buffer for successful range request completion.
But now we often do!

So this cleans that all up.

At the same time it revealed other interactions with PDFKit that force us to handle data requests on the main
thread after the document load is complete - Which is fine!

WebProcess/Plugins/PDF/PDFPlugin.h:
WebProcess/Plugins/PDF/PDFPlugin.mm:

(WebKit::dataProviderGetBytesAtPositionCallback): If on the main thread (and the document load is complete)

handle the request directly!

(WebKit::PDFPlugin::getResourceBytesAtPositionMainThread):
(WebKit::PDFPlugin::ByteRangeRequest::completeWithAccumulatedData):
(WebKit::PDFPlugin::ensureDataBufferLength):
(WebKit::PDFPlugin::didFail):
(WebKit::PDFPlugin::maybeClearHighLatencyDataProviderFlag):
(WebKit::PDFPlugin::documentDataDidFinishLoading):
(WebKit::PDFPlugin::installPDFDocument):
(WebKit::PDFPlugin::manualStreamDidReceiveData): Grow the buffer instead of append.

5:14 PM Changeset in webkit [258476] by Brent Fulgham

8 edits in trunk/Source

Add missing checks needed for AppBound Quirk
https://bugs.webkit.org/show_bug.cgi?id=209117
<rdar://problem/60460097>

Reviewed by John Wilander.

The checks for the 'NeedsInAppBrowserPrivacyQuirks' flag added in r258101 was incomplete.
Source/WebCore:

Two additional call sites need to check the state of the flag.

bindings/js/ScriptController.cpp:

(WebCore::ScriptController::executeScriptInWorld): Add missing check for the quirk.

loader/FrameLoaderClient.h: Add new API for the 'NeedsInAppBrowserPrivacyQuirks'

debug flag.

page/Frame.cpp:

(WebCore::Frame::injectUserScriptImmediately): Ditto.

Source/WebKit:

These changes let the WebFrameLoaderClient report the quirk state to WebCore code.

WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:

(WebKit::WebFrameLoaderClient::needsInAppBrowserPrivacyQuirks): Added.

WebProcess/WebCoreSupport/WebFrameLoaderClient.h:
WebProcess/WebPage/WebPage.h:

(WebKit::WebPage::needsInAppBrowserPrivacyQuirks const): Added.

3:59 PM Changeset in webkit [258475] by Darin Adler

20 edits in trunk/Source

Change all return values in TextIterator header from live ranges to SimpleRange
https://bugs.webkit.org/show_bug.cgi?id=208906

Reviewed by Antti Koivisto.

Source/WebCore:

This is another step in moving off of live ranges for WebKit internals.

Change return values of remaining functions that were returning live ranges in the TextIterator header to return SimpleRange.
Change some arguments from live ranges to SimpleRange.
At some call sites, use createLiveRange to convert the SimpleRange into a live range (for now), but at others update the code to use SimpleRange.
Renamed a version of findPlainText that returns a boolean to containsPlainText.
Convert call sites that were using createLiveRange just to use the Range::startPosition and Range::endPosition functions to instead use a new overload of the createLegacyEditingPosition function that can be used with SimpleRange::start and SimpleRange::end because it takes a BoundaryPoint.

accessibility/AXObjectCache.cpp:

(WebCore::AXObjectCache::rangeMatchesTextNearRange): Return Optional<SimpleRange>
and take SimpleRange argument.
(WebCore::AXObjectCache::previousBoundary): Updated since
SimplifiedBackwardsTextIterator::range now returns SimpleRange.

accessibility/AXObjectCache.h: Updated for the above.

accessibility/AccessibilityObjectInterface.h:

(WebCore::AXCoreObject::containsText const): Updated for name change.
Now containsPlainText instead of findPlainText.

accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:

(-[WebAccessibilityObjectWrapper arrayOfTextForTextMarkers:attributed:]):
Use createLegacyEditingPosition instead of createLiveRange.
(-[WebAccessibilityObjectWrapper rangeFromMarkers:withText:]): Use createLiveRange.

accessibility/mac/WebAccessibilityObjectWrapperMac.mm:

(-[WebAccessibilityObjectWrapper doAXAttributedStringForTextMarkerRange:spellCheck:]):
Use createLegacyEditingPosition instead of createLiveRange.

dom/Position.cpp:

(WebCore::createLegacyEditingPosition): Added an overload that takes a BoundaryPoint.

dom/Position.h: Updated for the above, also removed unneeded includes and forward

declarations.

editing/Editing.cpp:

(WebCore::visiblePositionForIndexUsingCharacterIterator): Updated since
CharacterIterator::range is now a SimpleRange, use createLegacyEditingPosition.

editing/Editor.cpp:

(WebCore::Editor::advanceToNextMisspelling): Updated since CharacterIterator::range
is now a SimpleRange.
(WebCore::Editor::rangeOfString): Updated since findPlainText now returns a
SimpleRange; use createLiveRange.
(WebCore::Editor::countMatchesForText): Ditto.

editing/TextIterator.cpp:

(WebCore::SimplifiedBackwardsTextIterator::range const): Return a SimpleRange.
(WebCore::CharacterIterator::range const): Ditto.
(WebCore::characterSubrange): Updated since CharacterIterator::range returns
a SimpleRange. Use createLiveRange.
(WebCore::BackwardsCharacterIterator::BackwardsCharacterIterator): Cut down
code here by initializing data members in the class definition.
(WebCore::BackwardsCharacterIterator::range const): Return a SimpleRange.
(WebCore::WordAwareIterator::WordAwareIterator): Cut down code here by
initializing data members in the class definition.
(WebCore::hasAnyPlainText): Take a SimpleRange, use createLiveRange.
(WebCore::plainTextUsingBackwardsTextIteratorForTesting): Take a SimpleRange,
use createLiveRange.
(WebCore::collapsedToBoundary): Take and return a SimpleRange.
(WebCore::findPlainTextMatches): Take a SimpleRange, use createLiveRange.
(WebCore::rangeForMatch): Take and return a SimpleRange.
(WebCore::findClosestPlainText): Ditto.
(WebCore::findPlainText): Ditto.
(WebCore::containsPlainText): Renamed from findPlainText since this returns
a boolean, not a found location of some text.

editing/TextIterator.h: Updated for the above. Also changed some data

members to use unsigned for offsets rather than int.

editing/TextManipulationController.cpp:

(WebCore::ParagraphContentIterator::startPosition): Use
createLegacyEditingPosition instead of createLiveRange.
(WebCore::ParagraphContentIterator::endPosition): Ditto.

editing/VisiblePosition.h: Added a forward declaration here since Position.h

no longer forward declares it.

editing/VisibleSelection.cpp:

(WebCore::VisibleSelection::appendTrailingWhitespace): Updated since
CharacterIterator::range is now a SimpleRange, use createLegacyEditingPosition.

editing/VisibleUnits.cpp:

(WebCore::previousBoundary): Ditto.
(WebCore::nextBoundary): Ditto.

testing/Internals.cpp:

(WebCore::Internals::rangeOfStringNearLocation): Updated since
findClosestPlainText now returns a SimpleRange, use createLiveRange.

Source/WebKit:

WebProcess/WebPage/Cocoa/WebPageCocoa.mm: Removed unneeded include of

TextIterator.h.

WebProcess/WebPage/ios/WebPageIOS.mm:

(WebKit::rangeNearPositionMatchesText): Removed unused originalRange argument,
changed return type to Optional<SimpleRange> since findClosestPlainText now
returns a SimpleRange.
(WebKit::WebPage::getRectsAtSelectionOffsetWithText): Updated since
rangeNearPositionMatchesText now returns Optional<SimpleRange>, use createLiveRange.
(WebKit::WebPage::requestDocumentEditingContext): Updated since
CharacterIterator::range returns SimpleRange, use createLiveRange.

3:17 PM Changeset in webkit [258474] by beidson@apple.com

3 edits in trunk/Source/WebKit

Gather PDF scripts to run on a background thread.
https://bugs.webkit.org/show_bug.cgi?id=209063

Reviewed by Geoff Garen.

In incremental loading mode, gathering document scripts will sometimes require PDFKit/CG
to lock and wait on data loads from our data provider.

So if we gather them on the main thread, we will hang the main thread and therefore deadlock
with our data provider thread/queue.

So let's gather those scripts on a background thread!

WebProcess/Plugins/PDF/PDFPlugin.h:
WebProcess/Plugins/PDF/PDFPlugin.mm:

(WebKit::PDFPlugin::threadEntry):
(WebKit::PDFPlugin::ByteRangeRequest::completeWithAccumulatedData):
(WebKit::PDFPlugin::documentDataDidFinishLoading):
(WebKit::PDFPlugin::installPDFDocument):
(WebKit::PDFPlugin::streamDidFinishLoading):
(WebKit::PDFPlugin::manualStreamDidFinishLoading):
(WebKit::PDFPlugin::tryRunScriptsInPDFDocument): Only actually gathers scripts to execute if there

is a m_pdfDocument and the entire document data finished loading.

(WebKit::PDFPlugin::pdfDocumentDidLoad): Deleted.
(WebKit::PDFPlugin::runScriptsInPDFDocument): Deleted.

3:04 PM Changeset in webkit [258473] by Alan Bujtas

3 edits
2 adds in trunk

[LFC][TFC] Fill in the gaps with anonymous table cell boxes
https://bugs.webkit.org/show_bug.cgi?id=209114
<rdar://problem/60458806>

Reviewed by Antti Koivisto.

Source/WebCore:

17.5 Visual layout of table contents
A "missing cell" is a cell in the row/column grid that is not
occupied by an element or pseudo-element. Missing cells are rendered
as if an anonymous table-cell box occupied their position in the grid.
(https://www.w3.org/TR/CSS22/tables.html)

This helps to keep TableGrid an actual grid.

Test: fast/layoutformattingcontext/table-missing-cells-simple.html

layout/layouttree/LayoutTreeBuilder.cpp:

(WebCore::Layout::TreeBuilder::buildTableStructure):

LayoutTests:

fast/layoutformattingcontext/table-missing-cells-simple-expected.html: Added.
fast/layoutformattingcontext/table-missing-cells-simple.html: Added.

12:53 PM Changeset in webkit [258472] by Adrian Perez de Castro

3 edits
2 adds in releases/WebKitGTK/webkit-2.26

Merge r257720 - ASSERT(m_column != unsetColumnIndex) in RenderTable::cellBefore
https://bugs.webkit.org/show_bug.cgi?id=208397

Patch by Doug Kelly <Doug Kelly> on 2020-03-02
Reviewed by Zalan Bujtas.

Source/WebCore:

When inserting a cell into a table row which is not visible, this can lead to attempting to compute the repaint
rects during tree building. Instead, mark the layer as dirty using dirtyVisibleContentStatus(), and the visibility
will be recomputed at a later time.

Test: fast/table/insert-cell-invisible-parent.html

rendering/RenderElement.cpp:

(WebCore::RenderElement::insertedIntoTree):

LayoutTests:

fast/table/insert-cell-invisible-parent-expected.txt: Added.
fast/table/insert-cell-invisible-parent.html: Added.

12:53 PM Changeset in webkit [258471] by Adrian Perez de Castro

3 edits
4 adds in releases/WebKitGTK/webkit-2.26

Merge r257897 - Crash in SVGElement::removeEventListener with symbol element
https://bugs.webkit.org/show_bug.cgi?id=207920

Patch by Doug Kelly <Doug Kelly> on 2020-03-04
Reviewed by Ryosuke Niwa.

Source/WebCore:

Resolves a crash in SVGElement::removeEventListener by only attaching the events to the window if the SVG element is both the outermost
SVG element, in addition to ensuring the SVG element is attached to the tree. The symbol element's behavior when referenced by a use
tag actually creates an svg tag instead, so the SVGSVGElement's special behavior for copying attributes is vital.

Note that Chrome and Firefox have a similar behavior for detached SVG elements as to what this change creates: in both other browsers,
onerror is not fired for a detached svg element, and in Firefox, onresize is not fired for a detached svg element (it is however fired
in Chrome).

Tests: fast/events/detached-svg-parent-window-events.html

fast/events/onerror-svg-symbol.html

svg/SVGSVGElement.cpp:

(WebCore::SVGSVGElement::parseAttribute):

LayoutTests:

fast/events/detached-svg-parent-window-events-expected.txt: Added.
fast/events/detached-svg-parent-window-events.html: Added.
fast/events/onerror-svg-symbol-expected.txt: Added.
fast/events/onerror-svg-symbol.html: Added.

12:52 PM Changeset in webkit [258470] by Adrian Perez de Castro

2 edits in releases/WebKitGTK/webkit-2.26/Source/bmalloc

Merge r258142 - Build failure on ppc64le if unix is undefined
https://bugs.webkit.org/show_bug.cgi?id=207906

Patch by Mike Gorse <mgorse@suse.com> on 2020-03-09
Reviewed by Yusuke Suzuki.

bmalloc/BPlatform.h: Check for unix along with unix.

12:19 PM Changeset in webkit [258469] by Peng Liu

10 edits
2 deletes in trunk

Cleanup RenderMediaControls.cpp and RenderMediaControlElements.cpp
https://bugs.webkit.org/show_bug.cgi?id=209008

Reviewed by Daniel Bates.

Source/WebCore:

Merge RenderMediaControls.[h|cpp] and RenderMediaControlElements.[h|cpp].
Remove class RenderMediaVolumeSliderContainer because we can use RenderBlockFlow
to render MediaControlTextTrackContainerElement.

No new tests, no functional change.

Sources.txt:
WebCore.xcodeproj/project.pbxproj:
html/shadow/MediaControlElementTypes.cpp:
html/shadow/MediaControlElements.cpp:

(WebCore::MediaControlTextTrackContainerElement::createElementRenderer):

rendering/RenderMediaControlElements.cpp: Removed.
rendering/RenderMediaControlElements.h: Removed.
rendering/RenderMediaControls.cpp:

(WebCore::RenderMediaVolumeSliderContainer::RenderMediaVolumeSliderContainer):
(WebCore::RenderMediaVolumeSliderContainer::layout):
(WebCore::RenderMediaControlTimelineContainer::RenderMediaControlTimelineContainer):
(WebCore::RenderMediaControlTimelineContainer::layout):

rendering/RenderMediaControls.h:
rendering/RenderThemeMac.mm:

LayoutTests:

Remove unused code in a test.

media/track/track-cue-rendering-rtl.html:

12:01 PM Changeset in webkit [258468] by dbates@webkit.org

3 edits in trunk/Source/WebCore

Share HitTestResult::addNodeToListBasedTestResult() impl for LayoutRect and FloatRect overloads
https://bugs.webkit.org/show_bug.cgi?id=209107

Reviewed by Brady Eidson.

Remove code duplication for adding a node to the result set.

rendering/HitTestResult.cpp:

(WebCore::HitTestResult::addNodeToListBasedTestResultCommon): Added.
(WebCore::HitTestResult::addNodeToListBasedTestResult): Write in terms of addNodeToListBasedTestResultCommon().

rendering/HitTestResult.h:

9:10 AM Changeset in webkit [258467] by commit-queue@webkit.org

2 edits in trunk

[CMake] Warning when ccache is not installed
https://bugs.webkit.org/show_bug.cgi?id=208952

Patch by Michael Catanzaro <Michael Catanzaro> on 2020-03-14
Reviewed by Daniel Bates.

Change the warning when ccache is not installed to a status message. We shouldn't be
printing warnings except when there is an actual problem.

Source/cmake/WebKitCCache.cmake:

5:57 AM Changeset in webkit [258466] by Alan Bujtas

3 edits
2 adds in trunk

[Tree building] Reset the fragmented flow status before calling child.willBeRemovedFromTree.
https://bugs.webkit.org/show_bug.cgi?id=209100
<rdar://problem/60434672>

Reviewed by Simon Fraser.

Source/WebCore:

::willBeRemovedFromTree() assumes all the cleanup has happened and it's the final step before calling d'tor.
It clears m_fragmentList that resetFragmentedFlowStateOnRemoval() later checks for consistency (m_fragmentList.contains(fragment)).

Test: fast/multicol/reparent-fragment-flow-content.html

rendering/updating/RenderTreeBuilder.cpp:

(WebCore::RenderTreeBuilder::detachFromRenderElement):

LayoutTests:

fast/multicol/reparent-fragment-flow-content-expected.txt: Added.
fast/multicol/reparent-fragment-flow-content.html: Added.

3:22 AM Changeset in webkit [258465] by commit-queue@webkit.org

10 edits in trunk

Set Origin header value to null rather than omitting it
https://bugs.webkit.org/show_bug.cgi?id=186030

Patch by Rob Buis <rbuis@igalia.com> on 2020-03-14
Reviewed by Youenn Fablet.

LayoutTests/imported/w3c:

Update improved test result.

web-platform-tests/fetch/origin/assorted.window-expected.txt:

Source/WebCore:

For every redirect, addHTTPOriginIfNeeded should be called to
make sure that the tainted origin logic is applied [1, Step 10] and
thus the request after redirect has the correct Origin header.

Make AppleWin treat 308 redirects like 307 and so keeping http
methods across redirects. This is similar to
https://bugs.webkit.org/show_bug.cgi?id=154348.

[1] https://fetch.spec.whatwg.org/#concept-http-network-or-cache-fetch

loader/FrameLoader.cpp:

(WebCore::FrameLoader::addHTTPOriginIfNeeded):

loader/SubresourceLoader.cpp:

(WebCore::SubresourceLoader::checkRedirectionCrossOriginAccessControl):

platform/network/cf/ResourceHandleCFURLConnectionDelegate.cpp:

(WebCore::ResourceHandleCFURLConnectionDelegate::createResourceRequest):

LayoutTests:

Update improved test result.

http/tests/security/cors-post-redirect-307-expected.txt:
http/tests/security/cors-post-redirect-307-pson-expected.txt:
http/tests/security/cors-post-redirect-308-expected.txt:

12:15 AM Changeset in webkit [258464] by rniwa@webkit.org

3 edits in trunk/Source/WebCore

Call SVGTRefElement::buildPendingResource in SVGElement::didFinishInsertingNode
https://bugs.webkit.org/show_bug.cgi?id=208981

Reviewed by Antti Koivisto.

This patch moves the call to SVGTRefElement::buildPendingResource from SVGElement::insertedIntoAncestor
to SVGElement::didFinishInsertingNode.

svg/SVGElement.cpp:

(WebCore::SVGElement::insertedIntoAncestor): Return true when the element has a pending resource ID.
(WebCore::SVGElement::didFinishInsertingNode): Added. Calls buildPendingResourcesIfNeeded.

svg/SVGElement.h:

12:03 AM Changeset in webkit [258463] by sbarati@apple.com

2 edits in trunk/Source/JavaScriptCore

Unreviewed. Fix windows build by making configSizeToProtect stay 4KB.

runtime/JSCConfig.h:

Mar 13, 2020:

11:43 PM Changeset in webkit [258462] by Justin Fan

3 edits in trunk/LayoutTests

PROGRESSION: webgl/1.0.3/conformance/textures/copy-tex-image-2d-formats.html is failing
https://bugs.webkit.org/show_bug.cgi?id=205736

Unreviewed test expectation update.

TestExpectations:
webgl/1.0.3/conformance/textures/copy-tex-image-2d-formats-expected.txt:

11:16 PM Changeset in webkit [258461] by Justin Fan

4 edits in trunk/LayoutTests

PROGRESSION (r253926): webgl/1.0.3/conformance/renderbuffers/feedback-loop.html is failing
https://bugs.webkit.org/show_bug.cgi?id=205738

Unreviewed test expectation updates.

TestExpectations:
platform/ios/TestExpectations:
webgl/1.0.3/conformance/renderbuffers/feedback-loop-expected.txt:

9:11 PM Changeset in webkit [258460] by sbarati@apple.com

5 edits in trunk/Source

configSizeToProtect should be 16KB
https://bugs.webkit.org/show_bug.cgi?id=209068

Reviewed by Keith Miller.

Source/bmalloc:

bmalloc/Gigacage.h:

Source/JavaScriptCore:

runtime/JSCConfig.h:

8:11 PM Changeset in webkit [258459] by Said Abou-Hallawa

4 edits
2 adds in trunk

SVGMatrix should have the access right of its owner SVGTransform always
https://bugs.webkit.org/show_bug.cgi?id=207462

Reviewed by Simon Fraser.

Source/WebCore:

The SVGMatrix needs to be reattached to its owner SVGTransform when the
access right of this owner changes. The access right of the owner changes
when it gets attached to or detached from a higher level owner.

Test: svg/dom/SVGTransformList-anim-read-only.html

svg/SVGTransform.h:
svg/properties/SVGProperty.h:

(WebCore::SVGProperty::attach):
(WebCore::SVGProperty::detach):
(WebCore::SVGProperty::reattach):

LayoutTests:

svg/dom/SVGTransformList-anim-read-only-expected.txt: Added.
svg/dom/SVGTransformList-anim-read-only.html: Added.

7:10 PM Changeset in webkit [258458] by commit-queue@webkit.org

17 edits in trunk

WKWebView._negotiatedLegacyTLS should be correct after back/forward navigations
https://bugs.webkit.org/show_bug.cgi?id=209011
<rdar://problem/59370588>

Patch by Alex Christensen <achristensen@webkit.org> on 2020-03-13
Reviewed by Youenn Fablet.

Source/WebCore:

This is basically r258343 but for legacy TLS negotiation instead of plaintext HTTP use.

dom/SecurityContext.h:

(WebCore::SecurityContext::usedLegacyTLS const):
(WebCore::SecurityContext::setUsedLegacyTLS):

history/CachedFrame.cpp:

(WebCore::CachedFrame::usedLegacyTLS const):
(WebCore::CachedFrame::setUsedLegacyTLS): Deleted.

history/CachedFrame.h:

(WebCore::CachedFrame::usedLegacyTLS const): Deleted.

loader/FrameLoader.cpp:

(WebCore::FrameLoader::commitProvisionalLoad):

platform/network/ResourceResponseBase.cpp:

(WebCore::ResourceResponseBase::includeCertificateInfo const):

platform/network/ResourceResponseBase.h:

(WebCore::ResourceResponseBase::setUsedLegacyTLS):

Source/WebKit:

NetworkProcess/NetworkDataTask.cpp:

(WebKit::NetworkDataTask::didReceiveResponse):

NetworkProcess/NetworkLoad.cpp:

(WebKit::NetworkLoad::notifyDidReceiveResponse):

UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::usedLegacyTLS): Deleted.

UIProcess/WebPageProxy.h:
UIProcess/WebPageProxy.messages.in:
WebProcess/Network/WebResourceLoader.cpp:

(WebKit::WebResourceLoader::didReceiveResponse):

WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:

(WebKit::WebFrameLoaderClient::savePlatformDataToCachedFrame):

Tools:

TestWebKitAPI/Tests/WebKitCocoa/TLSDeprecation.mm:

(TestWebKitAPI::TEST):

7:01 PM Changeset in webkit [258457] by Wenson Hsieh

6 edits in trunk

[watchOS] Don’t display empty text suggestions in Quickboard when editing input fields
https://bugs.webkit.org/show_bug.cgi?id=209089

Reviewed by Tim Horton.

Source/WebKit:

Handle text suggestions that lack displayText gracefully in Quickboard by not showing them as AutoFill
candidates. Currently, they are presented as blank collection view cells in Quickboard, which leads to a
confusing user experience.

Test: WKWebViewAutoFillTests.DoNotShowBlankTextSuggestions

UIProcess/ios/forms/WKFocusedFormControlView.mm:

(-[WKFocusedFormControlView setSuggestions:]):

Tools:

Add an API test for watchOS. Also rename a few occurrences of "Autofill" to "AutoFill", to reflect the official
marketing name for the feature.

TestWebKitAPI/Tests/WebKitCocoa/WebsitePolicies.mm:

(runUntilReceivesAutoplayEvent):

Additionally fix the watchOS engineering build for arm64_32, which was failing due to comparisons between 64-bit
and 32-bit integers. This is because this function took a WKAutoplayEvent (a 32-bit integer), but compared
against the _WKAutoplayEvent type (an NSInteger that is 64 bits on this architecture). There didn't seem to
be any compelling reason to compare against different types here (especially since we only set
receivedAutoplayEvent under the Objective-C delegate method that provides a _WKAutoplayEvent), so I changed
these all to be _WKAutoplayEvent.

TestWebKitAPI/Tests/ios/WKWebViewAutofillTests.mm:

(-[AutoFillTestView _autofillInputView]):
(-[AutoFillTestView textInputHasAutoFillContext]):
(TestWebKitAPI::TEST):
(-[AutofillTestView initWithFrame:]): Deleted.
(-[AutofillTestView _autofillInputView]): Deleted.
(-[AutofillTestView textInputHasAutofillContext]): Deleted.

TestWebKitAPI/ios/UIKitSPI.h:

6:43 PM Changeset in webkit [258456] by Brent Fulgham

3 edits in trunk/Source/WebKit

Clean up sandbox violations found during testing
https://bugs.webkit.org/show_bug.cgi?id=209096
<rdar://problem/59931477>

Reviewed by Geoffrey Garen.

Remove telemetry from some items, and allow access to some IOKit properties
needed for media playback on macOS and iOS.

Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:
WebProcess/com.apple.WebProcess.sb.in:

6:43 PM Changeset in webkit [258455] by Alan Bujtas

3 edits
2 adds in trunk

[Tree building] Block::attachIgnoringContinuation should allow inline tables as before child container
https://bugs.webkit.org/show_bug.cgi?id=209095
<rdar://problem/59837588>

Reviewed by Simon Fraser.

Source/WebCore:

It's perfectly valid to have an inline table as the anonymous container for the before child.
It'll get wrapped inside an anonymous block right before we insert the block box candidate, so
the final result will be something like:

new block level child (this is the child we are inserting)
anonymous block wrapper

inline table (this is the before child's inline container)

before child

Test: fast/table/before-child-is-inline-table.html

rendering/updating/RenderTreeBuilderBlock.cpp:

(WebCore::RenderTreeBuilder::Block::attachIgnoringContinuation):

LayoutTests:

fast/table/before-child-is-inline-table-expected.txt: Added.
fast/table/before-child-is-inline-table.html: Added.

6:27 PM Changeset in webkit [258454] by sabouhallawa@apple.com

2 edits in trunk/Source/WebCore

[GPU Process] GraphicsContextStateChange::apply() should process ShadowsIgnoreTransformsChange before processing ShadowChange
https://bugs.webkit.org/show_bug.cgi?id=209071

Reviewed by Darin Adler.

Ensure GraphicsContextStateChange::apply() calls shadowsIgnoreTransforms()
before calling setLegacyShadow() or setShadow().

Test: This patch fixes the following tests when running:
"run-webkit-tests --internal-feature RenderCanvasInGPUProcessEnabled"

fast/canvas/canvas-image-shadow.html
fast/canvas/canvas-scale-drawImage-shadow.html
fast/canvas/canvas-scale-fillPath-shadow.html
fast/canvas/canvas-scale-fillRect-shadow.html
fast/canvas/canvas-scale-shadowBlur.html
fast/canvas/canvas-transforms-fillRect-shadow.html
fast/canvas/fillText-shadow.html

platform/graphics/GraphicsContext.cpp:

(WebCore::GraphicsContextStateChange::apply const):

6:01 PM Changeset in webkit [258453] by ysuzuki@apple.com

2 edits in trunk/Source/JavaScriptCore

Unreviewed, fix JSC / test262 tests
https://bugs.webkit.org/show_bug.cgi?id=209033
<rdar://problem/58946936>

Follow-up change for DisallowGC causes crash because CodeBlock is nullptr when function call is non JS calls.

interpreter/Interpreter.cpp:

(JSC::Interpreter::executeCall):
(JSC::Interpreter::executeConstruct):

5:19 PM Changeset in webkit [258452] by Tadeu Zagallo

2 edits in trunk/Source/JavaScriptCore

Missing arithMode for ArithAbs and ArithNegate in DFGClobberize
https://bugs.webkit.org/show_bug.cgi?id=208685
<rdar://problem/60115088>

Reviewed by Saam Barati.

In the pure case of ArithNegate and ArithAbs in DFGClobberize, their PureValues did not include their
respective ArithMode. That means that e.g. a CheckOverflow ArithNegate/Abs could be considered equivalent
to an Unchecked version of the same node.

Thanks to Samuel Groß of Google Project Zero for identifying this bug.

dfg/DFGClobberize.h:

(JSC::DFG::clobberize):

5:05 PM Changeset in webkit [258451] by Jason_Lawrence

2 edits in trunk/LayoutTests

Unreviewed, reverting r258446.

These expectations are no longer needed.

Reverted changeset:

"[ Mac ] http/tests/security/mixedContent/insecure-worker-
global-scope.html is flaky failing."
https://bugs.webkit.org/show_bug.cgi?id=209093
https://trac.webkit.org/changeset/258446

4:59 PM Changeset in webkit [258450] by Jason_Lawrence

2 edits
5 deletes in trunk/LayoutTests

Unreviewed, reverting r258431.

These tests are flaky failing.

Reverted changeset:

"Add mixed content block test for imported scripts in worker
global scope"
https://bugs.webkit.org/show_bug.cgi?id=209075
https://trac.webkit.org/changeset/258431

4:57 PM Changeset in webkit [258449] by Chris Dumez

2 edits in trunk/Source/WebKit

Unreviewed, drop unused variable in WebPageProxy::backForwardGoToItem().

UIProcess/WebPageProxy.cpp:

4:35 PM Changeset in webkit [258448] by wilander@apple.com

10 edits in trunk/Source

Remove unused code related to removePrevalentDomains()
https://bugs.webkit.org/show_bug.cgi?id=209078
<rdar://problem/59681984>

Reviewed by Brent Fulgham.

The various removePrevalentDomains() functions and its IPC endpoint are unused and should be removed.

Source/WebCore:

No new tests. Just dead code removal.

platform/network/NetworkStorageSession.cpp:

(WebCore::NetworkStorageSession::removePrevalentDomains): Deleted.

platform/network/NetworkStorageSession.h:

Source/WebKit:

NetworkProcess/Classifier/ResourceLoadStatisticsStore.cpp:

(WebKit::ResourceLoadStatisticsStore::clearBlockingStateForDomains): Deleted.

NetworkProcess/Classifier/WebResourceLoadStatisticsStore.cpp:

(WebKit::WebResourceLoadStatisticsStore::removePrevalentDomains): Deleted.
(WebKit::WebResourceLoadStatisticsStore::callRemoveDomainsHandler): Deleted.

NetworkProcess/Classifier/WebResourceLoadStatisticsStore.h:
NetworkProcess/NetworkProcess.cpp:

(WebKit::NetworkProcess::removePrevalentDomains): Deleted.

NetworkProcess/NetworkProcess.h:
NetworkProcess/NetworkProcess.messages.in:

4:33 PM Changeset in webkit [258447] by mmaxfield@apple.com

16 edits
2 adds in trunk/Source

[Cocoa] Push applicationSDKVersion() down from WebCore into WTF
https://bugs.webkit.org/show_bug.cgi?id=209030

Reviewed by Simon Fraser.

Source/JavaScriptCore:

dyld_get_program_sdk_version() gives you the wrong answer in the Web Process (or at least
not the answer you actually want). There are already facilities for the UI Process to tell
the Web Process what the real value is, but those functions are currently in WebCore,
which is inaccessible to WTF. This patch is in preparation for
https://bugs.webkit.org/show_bug.cgi?id=208969 which needs to know this information in WTF.

I also found a few places which were calling dyld_get_program_sdk_version() in JavaScriptCore
and WebCore (which is wrong because those libraries exist in the Web Process), and have fixed
them up to use applicationSDKVersion() instead.

API/JSWrapperMap.mm:

(supportsInitMethodConstructors):

Source/WebCore:

html/HTMLObjectElement.cpp:
html/MediaElementSession.cpp:

(WebCore::MediaElementSession::requiresFullscreenForVideoPlayback const):

loader/DocumentThreadableLoader.cpp:

(WebCore::DocumentThreadableLoader::makeCrossOriginAccessRequest):

platform/RuntimeApplicationChecks.h:
platform/Timer.cpp:

(WebCore::shouldSuppressThreadSafetyCheck):

platform/cocoa/RuntimeApplicationChecksCocoa.mm:

(WebCore::applicationSDKVersionOverride): Deleted.
(WebCore::setApplicationSDKVersion): Deleted.
(WebCore::applicationSDKVersion): Deleted.

Source/WebKit:

NetworkProcess/cocoa/NetworkProcessCocoa.mm:

(WebKit::NetworkProcess::platformInitializeNetworkProcessCocoa):

Shared/WebPreferencesDefaultValues.cpp:

(WebKit::defaultCSSOMViewScrollingAPIEnabled):

WebProcess/cocoa/WebProcessCocoa.mm:

(WebKit::WebProcess::platformInitializeWebProcess):

Source/WTF:

WTF.xcodeproj/project.pbxproj:
wtf/PlatformMac.cmake:
wtf/cocoa/RuntimeApplicationChecksCocoa.cpp: Added.
wtf/cocoa/RuntimeApplicationChecksCocoa.h: Added.

(WTF::applicationSDKVersionOverride):
(WTF::setApplicationSDKVersion):
(WTF::applicationSDKVersion):

4:33 PM Changeset in webkit [258446] by Jason_Lawrence

2 edits in trunk/LayoutTests

[ Mac ] http/tests/security/mixedContent/insecure-worker-global-scope.html is flaky failing.
https://bugs.webkit.org/show_bug.cgi?id=209093

Unreviewed test gardening.

platform/mac/TestExpectations:

4:29 PM Changeset in webkit [258445] by Brent Fulgham

4 edits in trunk/Source/WebKit

Remove unused IPC function UserMediaCaptureManagerProxy::SetMuted
https://bugs.webkit.org/show_bug.cgi?id=209087
<rdar://problem/59658963>

Reviewed by Eric Carlson.

Remove the unused UserMediaCaptureManagerProxy message 'SetMuted'.

UIProcess/Cocoa/UserMediaCaptureManagerProxy.cpp:

(WebKit::UserMediaCaptureManagerProxy::setMuted): Deleted.

UIProcess/Cocoa/UserMediaCaptureManagerProxy.h:
UIProcess/Cocoa/UserMediaCaptureManagerProxy.messages.in:

4:21 PM Changeset in webkit [258444] by Brent Fulgham

3 edits in trunk/Source/WebKit

Remove unused GetNetworkLoadInformationRequest call
https://bugs.webkit.org/show_bug.cgi?id=209081
<rdar://problem/59659064>

Reviewed by Geoffrey Garen.

Remove dead code associated with an unused IPC message.

NetworkProcess/NetworkConnectionToWebProcess.h:

(WebKit::NetworkConnectionToWebProcess::getNetworkLoadInformationRequest): Deleted.

NetworkProcess/NetworkConnectionToWebProcess.messages.in:

4:20 PM Changeset in webkit [258443] by ysuzuki@apple.com

6 edits in trunk/Source/JavaScriptCore

[JSC] Reload CodeBlock or suppress GC while setting up calls
https://bugs.webkit.org/show_bug.cgi?id=209033
<rdar://problem/58946936>

Reviewed by Saam Barati.

The sequence of Interpreter::execute is the following.

Getting CodeBlock from Executable
Doing a lot of setups
Setting (1)'s CodeBlock to ProtoFrame
Calling code through Executable

During (2), it would be possible that GC happens and it replaces CodeBlock in Executable.
Then, when executing JITCode with CodeBlock in (4), we use new JITCode with old CodeBlock.

In this patch,

For ProgramExecutable, FunctionExecutable, ModuleProgramExecutable, we ensure that no GC happens
after getting CodeBlock by placing DisallowGC. For EvalExecutable, we reload CodeBlock after setting
up environment. It is possible that FunctionExecutable* stored in CodeBlock can be different when
executing a new CodeBlock, but this is OK since this different does not appear and we do not rely on
this: we are touching name of FunctionExecutable* which is retrieved from CodeBlock. But this name
will not be changed since this is derived from UnlinkedFunctionExecutable which is shared by multiple
CodeBlocks. And FunctionExecutable* generation ordering must be the same for every CodeBlock generation
from the same UnlinkedCodeBlock.

bytecode/CodeBlock.h:

(JSC::ScriptExecutable::prepareForExecution):

interpreter/Interpreter.cpp:

(JSC::Interpreter::executeProgram):
(JSC::Interpreter::executeCall):
(JSC::Interpreter::executeConstruct):
(JSC::Interpreter::execute):
(JSC::Interpreter::executeModuleProgram):

interpreter/InterpreterInlines.h:

(JSC::Interpreter::execute):

runtime/DisallowScope.h:

(JSC::DisallowScope::disable):

runtime/StringPrototype.cpp:

4:15 PM Changeset in webkit [258442] by jiewen_tan@apple.com

11 edits in trunk/Source

[WebAuthn] Customize a bit more on the macOS LocalAuthentication prompt
https://bugs.webkit.org/show_bug.cgi?id=208703
<rdar://problem/60136974>

Reviewed by Darin Adler.

Source/WebCore:

en.lproj/Localizable.strings:
platform/LocalizedStrings.cpp:

(WebCore::touchIDPromptTitle):

platform/LocalizedStrings.h:

Adds a new formatted UI string to help with RP ID.

Source/WebKit:

On macOS, LocalAuthentication prompt can be shown anywhere that is probably not on top of
our UI clients. Therefore, add a RP ID to the dialog to help users to identify what has
happened. In addition, it removes the password fallback button.

Platform/spi/Cocoa/LocalAuthenticationSPI.h:
UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm:

(WebKit::LocalAuthenticator::continueMakeCredentialAfterDecidePolicy):
(WebKit::LocalAuthenticator::continueGetAssertionAfterResponseSelected):

UIProcess/WebAuthentication/Cocoa/LocalConnection.h:
UIProcess/WebAuthentication/Cocoa/LocalConnection.mm:

(WebKit::LocalConnection::verifyUser const):

UIProcess/WebAuthentication/Mock/MockLocalConnection.h:
UIProcess/WebAuthentication/Mock/MockLocalConnection.mm:

(WebKit::MockLocalConnection::verifyUser const):

4:04 PM Changeset in webkit [258441] by Brent Fulgham

4 edits in trunk/Source/WebKit

Remove Unused IPC message PlaybackSessionManagerProxy::PictureInPictureActiveChanged
https://bugs.webkit.org/show_bug.cgi?id=209085
<rdar://problem/59658916>

Reviewed by Geoffrey Garen.

Remove the unused PlaybackSessionManagerProxy message 'PictureInPictureActiveChanged'.

UIProcess/Cocoa/PlaybackSessionManagerProxy.h:
UIProcess/Cocoa/PlaybackSessionManagerProxy.messages.in:
UIProcess/Cocoa/PlaybackSessionManagerProxy.mm:

(WebKit::PlaybackSessionManagerProxy::pictureInPictureActiveChanged): Deleted.

3:35 PM Changeset in webkit [258440] by Chris Dumez

2 edits in trunk/LayoutTests

REGRESSION: (r256232) [ Mac wk1 Release ] resize-observer/delete-observers-in-callbacks.html is flaky failing.
https://bugs.webkit.org/show_bug.cgi?id=207847
<rdar://problem/59516099>

Unreviewed, unskip test now that is should no longer be flaky after r258438.

platform/mac-wk1/TestExpectations:

3:33 PM Changeset in webkit [258439] by Jacob Uphoff

3 edits in trunk/LayoutTests

REGRESSION (257844): fast/scrolling/scroll-container-horizontally.html is timing out
https://bugs.webkit.org/show_bug.cgi?id=209083

Also changed expectations for a test that is now timing out.

Unreviewwd test gardening.

platform/ios-simulator-wk2/TestExpectations:
platform/ios-wk2/TestExpectations:

3:32 PM Changeset in webkit [258438] by Chris Dumez

2 edits in trunk/Tools

Unreviewed, reverting r256232.

Caused ResizeObserver tests to become flaky

Reverted changeset:

"[DRT] InternalSettingsGenerated::resetToConsistentState() may
override TestOptions"
https://bugs.webkit.org/show_bug.cgi?id=207481
https://trac.webkit.org/changeset/256232

3:18 PM Changeset in webkit [258437] by Jason_Lawrence

2 edits in trunk/LayoutTests

[ Mac Release ] css3/selectors3/xml/css3-modsel-d4.xml is flaky failing.
https://bugs.webkit.org/show_bug.cgi?id=209084

Unreviewed test gardening.

platform/mac/TestExpectations:

2:56 PM Changeset in webkit [258436] by Kate Cheney

11 edits in trunk

[ iOS and Mac wk2 ] http/tests/in-app-browser-privacy/ tests failing
https://bugs.webkit.org/show_bug.cgi?id=209016
<rdar://problem/60329530>

Reviewed by Chris Dumez.

Source/WebKit:

This patch adds a function to re-initialize app bound domains for
in-app-browser-privacy tests, since they are only initialized once
when the WebsiteDataStore is created. This causes issues if the tests
are run in parallel with other tests with different app-bound domains.

UIProcess/API/C/WKWebsiteDataStoreRef.cpp:

(WKWebsiteDataStoreReinitializeAppBoundDomains):

UIProcess/API/C/WKWebsiteDataStoreRef.h:
UIProcess/WebsiteData/Cocoa/WebsiteDataStoreCocoa.mm:

(WebKit::WebsiteDataStore::clearAppBoundDomains):
(WebKit::WebsiteDataStore::reinitializeAppBoundDomains):

UIProcess/WebsiteData/WebsiteDataStore.h:

Tools:

Re-initialize the app-bound domains when the correct
TestOptions parameter is set.

WebKitTestRunner/TestController.cpp:

(WTR::TestController::createWebViewWithOptions):
(WTR::TestController::reinitializeAppBoundDomains):

WebKitTestRunner/TestController.h:

LayoutTests:

Use TestOptions to trigger the re-initialization of app-bound domains.

http/tests/in-app-browser-privacy/app-bound-domain.html:
http/tests/in-app-browser-privacy/switch-session-on-navigation-to-app-bound-domain.html:

2:51 PM Changeset in webkit [258435] by Jason_Lawrence

2 edits in trunk/LayoutTests

[ Mac ] fast/animation/request-animation-frame-timestamps.html is flaky failing.
https://bugs.webkit.org/show_bug.cgi?id=209079

Unreviewed test gardening.

platform/mac/TestExpectations:

2:49 PM Changeset in webkit [258434] by Peng Liu

14 edits in trunk/Source/WebCore

Safari sometimes crashes when switch video into PiP mode
https://bugs.webkit.org/show_bug.cgi?id=208904

Reviewed by Simon Fraser.

With this patch, MediaControlTextTrackContainerElement won't paint its subtree
to an image buffer (for the captions in video fullscreen or picture-in-picture mode)
when the cues are updated. Instead, it only sets the flag m_needsGenerateTextTrackRepresentation
to true after running layout based on the new cues. After that, it paints its subtree
to an image buffer if needed at the end of Page::updateRendering() when the layout is clean.
TextTrackRepresentationCocoa will use the image buffer to set the content of the layer
for captions in video fullscreen or picture-in-picture mode.

MediaControlTextTrackContainerElement class is responsible for rendering the captions in both:
1) a video player in the inline mode.
2) a video player in "video fullscreen" or picture-in-picture mode.
This patch refactors some functions to make their responsibilities clear.

Modules/mediacontrols/MediaControlsHost.cpp:

(WebCore::MediaControlsHost::updateTextTrackRepresentationImageIfNeeded):

Modules/mediacontrols/MediaControlsHost.h:
dom/Document.cpp:

(WebCore::Document::setMediaElementShowingTextTrack):
(WebCore::Document::clearMediaElementShowingTextTrack):
(WebCore::Document::updateTextTrackRepresentationImageIfNeeded):

dom/Document.h:

Functions textTracksAreReady(), textTrackReadyStateChanged() and configureTextTrackDisplay()
should be wrapped with "#if ENABLE(VIDEO_TRACK)".

html/HTMLMediaElement.cpp:

(WebCore::HTMLMediaElement::setTextTrackRepresentation):
(WebCore::HTMLMediaElement::textTracksAreReady const):
(WebCore::HTMLMediaElement::textTrackReadyStateChanged):
(WebCore::HTMLMediaElement::configureTextTrackDisplay):
(WebCore::HTMLMediaElement::updateTextTrackRepresentationImageIfNeeded):

html/HTMLMediaElement.h:

html/shadow/MediaControlElements.cpp:

(WebCore::MediaControlTextTrackContainerElement::createElementRenderer):
(WebCore::MediaControlTextTrackContainerElement::updateDisplay):
(WebCore::MediaControlTextTrackContainerElement::updateTextTrackRepresentationImageIfNeeded):
(WebCore::MediaControlTextTrackContainerElement::updateTextTrackRepresentationIfNeeded):
(WebCore::MediaControlTextTrackContainerElement::clearTextTrackRepresentation):
(WebCore::MediaControlTextTrackContainerElement::updateTextTrackStyle):
(WebCore::MediaControlTextTrackContainerElement::enteredFullscreen):
(WebCore::MediaControlTextTrackContainerElement::updateVideoDisplaySize):
(WebCore::MediaControlTextTrackContainerElement::updateSizes):
(WebCore::MediaControlTextTrackContainerElement::createTextTrackRepresentationImage):
(WebCore::MediaControlTextTrackContainerElement::textTrackRepresentationBoundsChanged):
(WebCore::MediaControlTextTrackContainerElement::updateTextTrackRepresentation): Deleted.
(WebCore::MediaControlTextTrackContainerElement::updateTextTrackRepresentationStyle): Deleted.
(WebCore::MediaControlTextTrackContainerElement::layoutIfNecessary): Deleted.
(WebCore::MediaControlTextTrackContainerElement::updateCueStyles): Deleted.

html/shadow/MediaControlElements.h:
html/shadow/MediaControls.cpp:

(WebCore::MediaControls::updateTextTrackRepresentationImageIfNeeded):

html/shadow/MediaControls.h:
page/Page.cpp:

(WebCore::Page::updateRendering):

rendering/RenderMediaControlElements.cpp:

(WebCore::RenderMediaControlTextTrackContainer::RenderMediaControlTextTrackContainer):
(WebCore::RenderMediaControlTextTrackContainer::layout):
(WebCore::RenderTextTrackContainerElement::RenderTextTrackContainerElement): Deleted.
(WebCore::RenderTextTrackContainerElement::layout): Deleted.

rendering/RenderMediaControlElements.h:

2:47 PM Changeset in webkit [258433] by Alan Coon

1 copy in tags/Safari-609.2.1.2.1

Tag Safari-609.2.1.2.1.

2:39 PM Changeset in webkit [258432] by Truitt Savell

2 edits in trunk/LayoutTests

REGRESSION: [ Mac wk2 ] svg/custom/object-sizing-explicit-width.xhtml is flaky failing
https://bugs.webkit.org/show_bug.cgi?id=209077

Unreviewed test gardening.

platform/mac-wk2/TestExpectations:

2:32 PM Changeset in webkit [258431] by wilander@apple.com

2 edits
5 adds in trunk/LayoutTests

Add mixed content block test for imported scripts in worker global scope
https://bugs.webkit.org/show_bug.cgi?id=209075
<rdar://problem/27483005>

Reviewed by Brent Fulgham.

http/tests/security/mixedContent/insecure-worker-global-scope-expected.txt: Added.
http/tests/security/mixedContent/insecure-worker-global-scope.html: Added.
http/tests/security/mixedContent/resources/worker-importing-insecure-script.js: Added.
http/tests/security/mixedContent/resources/worker-importing-secure-script.js: Added.
http/tests/security/mixedContent/resources/worker-sending-message.js: Added.
platform/mac-wk1/TestExpectations:

Test for some reason fails on Mojave Debug WK1 but not on Mojave Release WK1 or other bots.
Therefore skipped.

2:25 PM Changeset in webkit [258430] by Russell Epstein

1 copy in tags/Safari-610.1.7.3

Tag Safari-610.1.7.3.

1:56 PM Changeset in webkit [258429] by Jacob Uphoff

2 edits in trunk/LayoutTests

REGRESSION (r257840): [ iOS ] fast/backgrounds/hidpi-bitmap-background-on-subpixel-position.html is flaky failing
https://bugs.webkit.org/show_bug.cgi?id=208601

Fixing test expectations.

Unreviewed test gardening.

platform/ios-wk2/TestExpectations:

1:38 PM Changeset in webkit [258428] by Alan Coon

1 copy in tags/Safari-609.2.1

Tag Safari-609.2.1.

1:37 PM Changeset in webkit [258427] by ysuzuki@apple.com

4 edits in trunk/Source/JavaScriptCore

[JSC] Delete IC creation should check mayNeedToCheckCell/canCacheDeleteIC regardless of Structure::outOfLineCapacity
https://bugs.webkit.org/show_bug.cgi?id=209027

Reviewed by Saam Barati.

Delete IC code generation assumes that mayNeedToCheckCell (it is replaced with canCacheDeleteIC) is false
while we are looking into this status only if Structure::outOfLineCapacity meets a certain condition. We should avoid
create Delete IC when mayNeedToCheckCell/canCacheDeleteIC is true regardless of Structure::outOfLineCapacity

bytecode/AccessCase.cpp:

(JSC::AccessCase::createDelete):
(JSC::AccessCase::generateImpl):

runtime/Structure.h:
runtime/StructureInlines.h:

(JSC::Structure::mayHaveIndexingHeader const):
(JSC::Structure::canCacheDeleteIC const):

1:31 PM Changeset in webkit [258426] by Alan Coon

2 edits in branches/safari-609.2.1.2-branch/Source/WebCore

Cherry-pick r257640. rdar://problem/60260332

updateCSSTransitionsForElementAndProperty should clone RenderStyles
https://bugs.webkit.org/show_bug.cgi?id=208356
rdar://59869560

Reviewed by Antti Koivisto.

Make ownership of the local variable clear by cloning the RenderStyles
used in updateCSSTransitionsForElementAndProperty rather than referencing
different versions.

animation/AnimationTimeline.cpp: (WebCore::AnimationTimeline::updateCSSTransitionsForElementAndProperty):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@257640 268f45cc-cd09-0410-ab3c-d52691b4dbfc

1:31 PM Changeset in webkit [258425] by Alan Coon

2 edits in branches/safari-609.2.1.2-branch/Source/WebCore

Cherry-pick r257746. rdar://problem/60260331

ScriptController::executeIfJavaScriptURL() uses wrong JSGlobalObject.
https://bugs.webkit.org/show_bug.cgi?id=208290
<rdar://problem/59839476>

Reviewed by Chris Dumez.

The call to executeScriptIgnoringException() may have changed the current global
object of the window. We should be using the original global object that produced
the result string.

Also added a missing exception check needed after a potential rope resolution.

bindings/js/ScriptController.cpp: (WebCore::ScriptController::executeIfJavaScriptURL):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@257746 268f45cc-cd09-0410-ab3c-d52691b4dbfc

1:22 PM Changeset in webkit [258424] by Ryan Haddad

14 edits
2 deletes in trunk

Unreviewed, reverting r258391.

Breaks internal builds.

Reverted changeset:

"Apply rotation at source level if WebRTC sink ask so"
https://bugs.webkit.org/show_bug.cgi?id=205645
https://trac.webkit.org/changeset/258391

1:19 PM Changeset in webkit [258423] by Chris Dumez

4 edits in trunk/LayoutTests

[Mac wk2 ] fast/dom/attr_dead_doc.html is flaky failing.
https://bugs.webkit.org/show_bug.cgi?id=207668
<rdar://problem/59404606>

Reviewed by Geoffrey Garen.

The test was doing a navigation to about:blank and relying on a 100ms timer to update the src
attribute of the img element. We now remove the frame from the document instead since it
detaches the document synchronously. It gets rid of the 100ms timer and replaces it with a
0 timer which will reliably give the same output.

fast/dom/attr_dead_doc-expected.txt:
fast/dom/attr_dead_doc.html:
platform/mac-wk2/TestExpectations:

1:07 PM Changeset in webkit [258422] by Jason_Lawrence

2 edits in trunk/LayoutTests

[ Mac wk1 Debug] inspector/injected-script/avoid-getter-invocation.html is flaky failing.
https://bugs.webkit.org/show_bug.cgi?id=209073

Unreviewed test gardening.

platform/mac-wk1/TestExpectations:

12:43 PM Changeset in webkit [258421] by Kate Cheney

32 edits
1 copy
1 add
3 deletes in trunk

Report all third party loads on a per-page basis
https://bugs.webkit.org/show_bug.cgi?id=209032
<rdar://problem/60397323>

Reviewed by Chris Dumez.

Source/WebCore:

Test: http/tests/resourceLoadStatistics/loaded-registrable-domains-get-reported.html

Rename this function to more accurately reflect its purpose of sending
loaded registrable domains to the WebPage.

Modules/websockets/WebSocket.cpp:

(WebCore::WebSocket::connect):

loader/FrameLoaderClient.h:
loader/ResourceLoader.cpp:

(WebCore::ResourceLoader::willSendRequestInternal):

loader/cache/CachedResourceLoader.cpp:

(WebCore::CachedResourceLoader::requestResource):

Source/WebKit:

Test: http/tests/resourceLoadStatistics/loaded-registrable-domains-get-reported.html

Removed IPC to the Network Process asking if a resource load is from
a prevalent domain. This now stores and sends all loaded registrable
domains. This patch is mostly updating naming to reflect this and
deleting the unnecessary code to communicate with the
ResourceLoadStatisticsStore.

NetworkProcess/NetworkConnectionToWebProcess.cpp:

(WebKit::NetworkConnectionToWebProcess::requestStorageAccessUnderOpener):
(WebKit::NetworkConnectionToWebProcess::isPrevalentSubresourceLoad): Deleted.

NetworkProcess/NetworkConnectionToWebProcess.h:
NetworkProcess/NetworkConnectionToWebProcess.messages.in:
UIProcess/API/Cocoa/WKWebsiteDataStore.mm:

(-[WKWebsiteDataStore _loadedThirdPartyDomainsFor:completionHandler:]):
(-[WKWebsiteDataStore _clearLoadedThirdPartyDomainsFor:]):
(-[WKWebsiteDataStore _getPrevalentDomainsFor:completionHandler:]): Deleted.
(-[WKWebsiteDataStore _clearPrevalentDomainsFor:]): Deleted.

UIProcess/API/Cocoa/WKWebsiteDataStorePrivate.h:
UIProcess/WebPageProxy.cpp:
UIProcess/WebPageProxy.h:
WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:

(WebKit::WebFrameLoaderClient::didLoadFromRegistrableDomain):
(WebKit::WebFrameLoaderClient::addLoadedRegistrableDomain): Deleted.

WebProcess/WebCoreSupport/WebFrameLoaderClient.h:
WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::didCommitLoad):
(WebKit::WebPage::didLoadFromRegistrableDomain):
Add a check that this is a third party by comparing the target domain
to the main frame domain.

(WebKit::WebPage::loadedThirdPartyDomains):
(WebKit::WebPage::clearLoadedThirdPartyDomains):
(WebKit::WebPage::addLoadedRegistrableDomain): Deleted.
(WebKit::WebPage::getPrevalentDomains): Deleted.
(WebKit::WebPage::clearPrevalentDomains): Deleted.

WebProcess/WebPage/WebPage.h:
WebProcess/WebPage/WebPage.messages.in:

Tools:

Mostly naming updates to reflect the change in use for this SPI call.
It now returns all loaded third party domains, not just prevalent ones.

WebKitTestRunner/InjectedBundle/Bindings/TestRunner.idl:
WebKitTestRunner/InjectedBundle/InjectedBundle.cpp:

(WTR::InjectedBundle::didReceiveMessageToPage):

WebKitTestRunner/InjectedBundle/TestRunner.cpp:

(WTR::TestRunner::getLoadedThirdPartyDomains):
(WTR::TestRunner::callDidReceiveLoadedThirdPartyDomainsCallback):
(WTR::TestRunner::getPrevalentDomains): Deleted.
(WTR::TestRunner::callDidReceivePrevalentDomainsCallback): Deleted.

WebKitTestRunner/InjectedBundle/TestRunner.h:
WebKitTestRunner/TestController.cpp:

(WTR::TestController::resetStateToConsistentValues):
(WTR::TestController::getLoadedThirdPartyDomains):
(WTR::TestController::clearLoadedThirdPartyDomains):
(WTR::TestController::getPrevalentDomains): Deleted.
(WTR::TestController::clearPrevalentDomains): Deleted.

WebKitTestRunner/TestController.h:
WebKitTestRunner/TestInvocation.cpp:

(WTR::TestInvocation::didReceiveMessageFromInjectedBundle):
(WTR::TestInvocation::didReceiveLoadedThirdPartyDomains):
(WTR::TestInvocation::didReceivePrevalentDomains): Deleted.

WebKitTestRunner/TestInvocation.h:
WebKitTestRunner/cocoa/TestControllerCocoa.mm:

(WTR::TestController::getLoadedThirdPartyDomains):
(WTR::TestController::clearLoadedThirdPartyDomains):
(WTR::TestController::getPrevalentDomains): Deleted.
(WTR::TestController::clearPrevalentDomains): Deleted.

LayoutTests:

Now that we report all loaded third party domains, we no longer need
ITP to test this call. We can eliminate the dual testing for
memory/database setup and any logic related to setting a resource
as prevalent.

http/tests/resourceLoadStatistics/loaded-registrable-domains-get-reported-expected.txt: Copied from LayoutTests/http/tests/websocket/web-socket-loads-captured-in-per-page-domains-expected.txt.
http/tests/resourceLoadStatistics/loaded-registrable-domains-get-reported.html: Added.
http/tests/resourceLoadStatistics/prevalent-domains-per-page-database-expected.txt: Removed.
http/tests/resourceLoadStatistics/prevalent-domains-per-page-database.html: Removed.
http/tests/resourceLoadStatistics/prevalent-domains-per-page.html: Removed.
http/tests/websocket/web-socket-loads-captured-in-per-page-domains-expected.txt:
http/tests/websocket/web-socket-loads-captured-in-per-page-domains.html:
platform/ios/TestExpectations:

Since this test no longer uses UIHelper.activateAt, it can be
unskipped in iOS

12:33 PM Changeset in webkit [258420] by aakash_jain@apple.com

3 edits in trunk/Tools

[ews] run FindModifiedChangeLogs early in the build
https://bugs.webkit.org/show_bug.cgi?id=209060

Reviewed by Jonathan Bedard.

BuildSlaveSupport/ews-build/factories.py:
BuildSlaveSupport/ews-build/factories_unittest.py: Updated unit-test.

12:19 PM Changeset in webkit [258419] by sbarati@apple.com

2 edits in trunk/JSTests

skip wasm/function-tests/grow-memory-cause-gc.js on memory limited devices
https://bugs.webkit.org/show_bug.cgi?id=209069
<rdar://problem/59954558>

Reviewed by Yusuke Suzuki.

wasm/function-tests/grow-memory-cause-gc.js:

12:07 PM Changeset in webkit [258418] by Diego Pino Garcia

6 edits in trunk/Tools

[GTK] Add EWS testers to run GTK layout tests
https://bugs.webkit.org/show_bug.cgi?id=207648

Reviewed by Carlos Alberto Lopez Perez and Aakash Jain.

Queue 'GTK-Webkit2-EWS' was renamed to 'GTK-Build-EWS'.
A new queue, named 'GTK-WK2-Tests-EWS', was added for WK2
tests (layout tests).

BuildSlaveSupport/ews-build/config.json: Added new queue for

WK2 tests.

BuildSlaveSupport/ews-build/factories.py:

(GTKTestsFactory):

BuildSlaveSupport/ews-build/factories_unittest.py:

(TestCommitQueueFactory.test_commit_queue_factory):
(TestGTKFactory): Added unit-test.
(TestGTKFactory.test_gtk_factory):

BuildSlaveSupport/ews-build/loadConfig.py:
BuildSlaveSupport/ews-build/loadConfig_unittest.py:

(TagsForBuilderTest.test_getTagsForBuilder):

11:57 AM Changeset in webkit [258417] by Jason_Lawrence

2 edits in trunk/LayoutTests

[ Mac Debug ] http/tests/css/shared-stylesheet-mutation-preconstruct.html is flaky failing.
https://bugs.webkit.org/show_bug.cgi?id=209072

Unreviewed test gardening.

platform/mac/TestExpectations:

11:55 AM Changeset in webkit [258416] by Antti Koivisto

18 edits in trunk/Source/WebCore

Remove AffectedByDrag style flag
https://bugs.webkit.org/show_bug.cgi?id=209054

Reviewed by Simon Fraser.

As a followup to r258321, remove the last remaining user action related AffectedBy flag.

This also cleans out a bunch of scetchy, risky code from render tree (style invalidation!).

css/SelectorChecker.cpp:

(WebCore::SelectorChecker::checkOne const):

dom/DataTransfer.cpp:

(WebCore::DataTransfer::createDragImage const):

dom/Element.cpp:

(WebCore::Element::isUserActionElementDragged const):
(WebCore::Element::setBeingDragged):

Move dragged state for render tree to Element where it belongs.

(WebCore::Element::hasFlagsSetDuringStylingOfChildren const):

dom/Element.h:

(WebCore::Element::isBeingDragged const):
(WebCore::Element::descendantsAffectedByPreviousSibling const):
(WebCore::Element::setDescendantsAffectedByPreviousSibling):
(WebCore::Element::childrenAffectedByDrag const): Deleted.
(WebCore::Element::setChildrenAffectedByDrag): Deleted.

dom/Node.h:
dom/UserActionElementSet.h:

(WebCore::UserActionElementSet::isBeingDragged):
(WebCore::UserActionElementSet::setBeingDragged):

Invalidate using PseudoClassChangeInvalidation that doesn't require any flags.

platform/DragImage.cpp:

(WebCore::ScopedNodeDragEnabler::ScopedNodeDragEnabler):
(WebCore::ScopedNodeDragEnabler::~ScopedNodeDragEnabler):

rendering/RenderBlock.cpp:

(WebCore::RenderBlock::updateDragState): Deleted.

rendering/RenderBlock.h:
rendering/RenderInline.cpp:

(WebCore::RenderInline::updateDragState): Deleted.

rendering/RenderInline.h:
rendering/RenderObject.cpp:

(WebCore::RenderObject::updateDragState): Deleted.
(WebCore::RenderObject::setIsDragging): Deleted.

rendering/RenderObject.h:

(WebCore::RenderObject::RenderObjectRareData::RenderObjectRareData):
(WebCore::RenderObject::isDragging const): Deleted.

rendering/style/RenderStyle.cpp:

(WebCore::RenderStyle::RenderStyle):

rendering/style/RenderStyle.h:

(WebCore::RenderStyle::NonInheritedFlags::operator== const):
(WebCore::RenderStyle::affectedByDrag const): Deleted.
(WebCore::RenderStyle::setAffectedByDrag): Deleted.

style/StyleRelations.cpp:

(WebCore::Style::commitRelationsToRenderStyle):
(WebCore::Style::commitRelations):

style/StyleRelations.h:

11:52 AM Changeset in webkit [258415] by aakash_jain@apple.com

2 edits
1 add in trunk/Tools

Add API endpoint in EWS django app to provide patch status in json format
https://bugs.webkit.org/show_bug.cgi?id=208940

Reviewed by Jonathan Bedard.

BuildSlaveSupport/ews-app/ews/urls.py: Added url for new api endpoint.
BuildSlaveSupport/ews-app/ews/views/status.py: Added.

11:36 AM Changeset in webkit [258414] by Kate Cheney

2 edits in trunk/Tools

WebKit2UseRemoteLayerTreeDrawingArea should be reset to NO between layout tests
https://bugs.webkit.org/show_bug.cgi?id=209055
<rdar://problem/60272692>

Reviewed by Simon Fraser.

Now that WebKitTestRunner has a bundleID, its' user default values
persist between tests. This patch resets WebKit2UseRemoteLayerTreeDrawingArea
to NO before running tests. It will be set to YES in PlatformWebView
if specified by the test.

WebKitTestRunner/mac/main.mm:

(setDefaultsToConsistentValuesForTesting):

11:24 AM Changeset in webkit [258413] by Jason_Lawrence

2 edits in trunk/LayoutTests

[ Mac wk1 ] http/tests/security/javascriptURL/xss-DENIED-to-javascript-url-in-foreign-domain-subframe.html is flaky failing.
https://bugs.webkit.org/show_bug.cgi?id=209067

Unreviewed test gardening.

platform/mac-wk1/TestExpectations:

11:10 AM Changeset in webkit [258412] by Konstantin Tokarev

10 edits
3 moves in trunk

[CMake] Eleminate mismatches between Find* module names and variables they set
https://bugs.webkit.org/show_bug.cgi?id=208948

Reviewed by Michael Catanzaro.

Source/cmake/FindLibseccomp.cmake:
Source/cmake/FindWPEBackend_fdo.cmake: Renamed from Source/cmake/FindWPEBackend-fdo.cmake.
Source/cmake/OptionsGTK.cmake:
Source/cmake/OptionsWPE.cmake:

Source/ThirdParty/libwebrtc:

CMakeLists.txt:
cmake/FindAlsaLib.cmake:
cmake/FindLibEvent.cmake:
cmake/FindLibOpus.cmake: Renamed from Source/ThirdParty/libwebrtc/cmake/FindOpus.cmake.
cmake/FindLibVpx.cmake: Renamed from Source/ThirdParty/libwebrtc/cmake/FindVpx.cmake.

Tools:

wpe/backends/CMakeLists.txt:

10:56 AM Changeset in webkit [258411] by graouts@webkit.org

2 edits in trunk/LayoutTests/imported/w3c

[iOS] 9 imported/w3c/web-platform-tests/pointerevents/pointerevent tests are failing since import in r253630
https://bugs.webkit.org/show_bug.cgi?id=209064
<rdar://problem/60330378>

Reviewed by Simon Fraser.

In r253630 we imported a host of new and updated WPT tests and these included changes to testdriver.js that our testdriver-vendor.js
implementation didn't know to handle. Specifically, pauses are now added after each pointer action to add a 16ms delay.

It was a mistake to use a stationary touch for pauses, instead we shuld just increase the time offset with the value set in the pause
and avoid changing any other state, so no resetting the last known x and y values, or adding a new touch into the event stream that
will be passed to UIScriptController.

And since there is now a built-in pause between pointer actions, there is also no need to set a harcoded value for a default
timeoffset, this is now provided directly by the action input.

web-platform-tests/resources/testdriver-vendor.js:

10:51 AM Changeset in webkit [258410] by Alexey Shvayka

4 edits in trunk

Bound functions should pass correct NewTarget value
https://bugs.webkit.org/show_bug.cgi?id=209057

Reviewed by Keith Miller.

JSTests:

test262/expectations.yaml: Mark 4 test cases as passing.

Source/JavaScriptCore:

This change implements steps 5-6 of bound function's Construct? method [1],
fixing bound function subclasses and aligning JSC with V8 and SpiderMonkey.

[1]: https://tc39.es/ecma262/#sec-bound-function-exotic-objects-construct-argumentslist-newtarget

runtime/JSBoundFunction.cpp:

(JSC::boundThisNoArgsFunctionConstruct):
(JSC::boundFunctionConstruct):

10:44 AM Changeset in webkit [258409] by Russell Epstein

4 edits in branches/safari-610.1.7-branch

Cherry-pick r258399. rdar://problem/60422524

Crash in TextIterator::node via TextManipulationController::replace
https://bugs.webkit.org/show_bug.cgi?id=209048

Reviewed by Wenson Hsieh.

Source/WebCore:

The crash was caused by item.start being null in TextManipulationController::replace for a paragraph
consisting of just an image because TextManipulationController::observeParagraphs never may never set
startOfCurrentParagraph in such a case (content.isTextContent can be false for an image!).

Fixed the bug by setting startOfCurrentParagraph to a position before the current content's node
when inserting a token for a RenderReplaced if it's null.

Test: TextManipulation.CompleteTextManipulationShouldReplaceContentsAroundParagraphWithJustImage

editing/TextManipulationController.cpp: (WebCore::TextManipulationController::observeParagraphs):

Tools:

Added a regression test.

TestWebKitAPI/Tests/WebKitCocoa/TextManipulation.mm: (TextManipulation.CompleteTextManipulationShouldReplaceContentsAroundParagraphWithJustImage):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@258399 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:44 AM Changeset in webkit [258408] by Russell Epstein

2 edits in branches/safari-610.1.7-branch/Source/WebKitLegacy/ios

Cherry-pick r258383. rdar://problem/60408777

rdar://problem/60359230 Mark locationManager:didChangeAuthorizationStatus: as deprecated.

Misc/WebGeolocationCoreLocationProvider.mm: (-[WebGeolocationCoreLocationProvider locationManager:didChangeAuthorizationStatus:]):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@258383 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:40 AM Changeset in webkit [258407] by aakash_jain@apple.com

2 edits in trunk/Tools

[ews-app] reduce logging
https://bugs.webkit.org/show_bug.cgi?id=209062

Reviewed by Jonathan Bedard.

BuildSlaveSupport/ews-app/ews/common/bugzilla.py:

(BugzillaBeautifulSoup.authenticate):
(BugzillaBeautifulSoup._load_query):

10:16 AM Changeset in webkit [258406] by Simon Fraser

2 edits in trunk/LayoutTests

[iOS WK2] Some pointerevents tests time out
https://bugs.webkit.org/show_bug.cgi?id=209026
<rdar://problem/60338691>

Reviewed by Wenson Hsieh.

Pointerevents tests that used ui.* functions threw errors in the UI-side script because ui._run() bungled
the callbacks. Fix ui._run() to take two arguments, the command name and all arguments except the callback,
which it adds.

The tests are skipped in Open Source because most of them require touch events.

pointerevents/utils.js:

(const.ui.new.UIController.prototype.swipe):
(const.ui.new.UIController.prototype.tap):
(const.ui.new.UIController.prototype.doubleTap):
(const.ui.new.UIController.prototype.doubleTapToZoom):
(const.ui.new.UIController.prototype.tapStylus):
(const.ui.new.UIController.prototype._runEvents):
(const.ui.new.UIController.prototype._run):
(const.ui.new.UIController):
(const.ui.new.UIController.prototype._run.): Deleted.
(const.ui.new.UIController.prototype._run.return.new.Promise): Deleted.

10:14 AM Changeset in webkit [258405] by Chris Dumez

2 edits in trunk/LayoutTests

[ macOS ] fast/frames/sandboxed-iframe-navigation-allowed.html is flaky failing
https://bugs.webkit.org/show_bug.cgi?id=206680
<rdar://problem/58840416>

Reviewed by Sam Weinig.

Make sure both iframes have finished loading before running the test. Previously, it was waiting for one of the
iframes to be loaded before doing the checks on both iframes. In some cases, the second iframe would not have
finished loading yet.

fast/frames/sandboxed-iframe-navigation-allowed.html:

10:05 AM Changeset in webkit [258404] by Alan Coon

8 edits in branches/safari-609.2.1.2-branch/Source

Versioning.

9:50 AM Changeset in webkit [258403] by Brent Fulgham

4 edits in trunk/Source/WebKit

Remove unused SmartMagnificationController Magnify message
https://bugs.webkit.org/show_bug.cgi?id=209036
<rdar://problem/59678060>

Reviewed by Tim Horton.

Remove the unused Magnify message from the SmartMagnificationController, since this is dead code.

UIProcess/ios/SmartMagnificationController.h:
UIProcess/ios/SmartMagnificationController.messages.in:
UIProcess/ios/SmartMagnificationController.mm:

(WebKit::SmartMagnificationController::magnify): Deleted.

9:35 AM Changeset in webkit [258402] by Andres Gonzalez

2 edits in trunk/Source/WebCore

[WebAccessibilityObjectWrapper renderWidgetChildren] does not need to run on main thread.
https://bugs.webkit.org/show_bug.cgi?id=209053
<rdar://problem/60349440>

Reviewed by Chris Fleizach.

Since we are caching the platform widget in IsolatedMode (NSView),
there is no need to dispatch renderWidgetChildren to the main thread.

accessibility/mac/WebAccessibilityObjectWrapperMac.mm:

(-[WebAccessibilityObjectWrapper renderWidgetChildren]):

9:22 AM Changeset in webkit [258401] by ddkilzer@apple.com

2 edits in trunk/Source/WebKit

WebPageProxy::SetPromisedDataForImage should validate its imageSize and archiveSize parameters
<https://webkit.org/b/209029>
<rdar://problem/60181394>

Reviewed by Youenn Fablet.

UIProcess/mac/WebPageProxyMac.mm:

(WebKit::WebPageProxy::setPromisedDataForImage):

Validate imageSize and archiveSize using MESSAGE_CHECK().
Add static_cast<size_t>() to imageSize and archiveSize parameters to denote type change.
Add nullptr check for SharedMemory::map() result with archiveHandle.

9:11 AM Changeset in webkit [258400] by Jacob Uphoff

2 edits in trunk/LayoutTests

[ macOS ] webgpu/whlsl/uint-bitwise.html is flaky crashing
https://bugs.webkit.org/show_bug.cgi?id=209056

Unreviewed test gardening

platform/mac/TestExpectations:

8:20 AM Changeset in webkit [258399] by rniwa@webkit.org

4 edits in trunk

Crash in TextIterator::node via TextManipulationController::replace
https://bugs.webkit.org/show_bug.cgi?id=209048

Reviewed by Wenson Hsieh.

Source/WebCore:

The crash was caused by item.start being null in TextManipulationController::replace for a paragraph
consisting of just an image because TextManipulationController::observeParagraphs never may never set
startOfCurrentParagraph in such a case (content.isTextContent can be false for an image!).

Fixed the bug by setting startOfCurrentParagraph to a position before the current content's node
when inserting a token for a RenderReplaced if it's null.

Test: TextManipulation.CompleteTextManipulationShouldReplaceContentsAroundParagraphWithJustImage

editing/TextManipulationController.cpp:

(WebCore::TextManipulationController::observeParagraphs):

Tools:

Added a regression test.

TestWebKitAPI/Tests/WebKitCocoa/TextManipulation.mm:

(TextManipulation.CompleteTextManipulationShouldReplaceContentsAroundParagraphWithJustImage):

7:55 AM Changeset in webkit [258398] by Diego Pino Garcia

2 edits in trunk/LayoutTests

[GTK] Gardening, update TestExpectations
https://bugs.webkit.org/show_bug.cgi?id=209047

Unreviewed gardening.

platform/gtk/TestExpectations:

7:53 AM WebKitGTK/2.26.x edited by Adrian Perez de Castro

Marked 2.26.5 merges as done (diff)

7:51 AM Changeset in webkit [258397] by Adrian Perez de Castro

2 edits in releases/WebKitGTK/webkit-2.26/Source/WebCore

Merge r257292 - PS-2019-006: [GTK] WebKit - AXObjectCache - m_deferredFocusedNodeChange - UaF
https://bugs.webkit.org/show_bug.cgi?id=204342

Reviewed by Carlos Garcia Campos.

m_deferredFocusedNodeChange keeps pairs of a old node and a new one
to update a focused node later. When a node is removed in the document,
it is also removed from the pair vector. The problem is only comparing
the new node in each pair with a removed node decides the removal.
In the case where the removed node lives in m_deferredFocusedNodeChange
as an old node, a crash happens while we get a renderer of the removed node
to handle focused elements. To fix this, we find all entries of which old node
is matched to the removed node, and set their first value null.

No new tests since no functionality changed.

accessibility/AXObjectCache.cpp:

(WebCore::AXObjectCache::remove):

7:51 AM Changeset in webkit [258396] by Adrian Perez de Castro

2 edits in releases/WebKitGTK/webkit-2.26/Source/WebKit

Merge r256703 - [Geoclue] Avoid usage of provider in callbacks after it has been destroyed
https://bugs.webkit.org/show_bug.cgi?id=207420

GeoclueGeolocationProvider was making non-cancelable g_dbus_proxy_call(s) with
bare |this| pointer.

Patch by Pavel Feldman <pavel.feldman@gmail.com> on 2020-02-15
Reviewed by Carlos Garcia Campos.

UIProcess/geoclue/GeoclueGeolocationProvider.cpp:

(WebKit::GeoclueGeolocationProvider::start):
(WebKit::GeoclueGeolocationProvider::stop):
(WebKit::GeoclueGeolocationProvider::setupManager):
(WebKit::GeoclueGeolocationProvider::createClient):
(WebKit::GeoclueGeolocationProvider::startClient):
(WebKit::GeoclueGeolocationProvider::didFail):

UIProcess/geoclue/GeoclueGeolocationProvider.h:

7:51 AM Changeset in webkit [258395] by Adrian Perez de Castro

3 edits
1 add in releases/WebKitGTK/webkit-2.26

Merge r258143 - Tail calls are broken on ARM_THUMB2 and MIPS
https://bugs.webkit.org/show_bug.cgi?id=197797

Reviewed by Yusuke Suzuki.

JSTests:

stress/tail-call-with-spilled-registers.js: Added.

Source/JavaScriptCore:

prepareForTailCall operation expects that header size + parameters
size is aligned with stack (alignment is 16-bytes for every architecture).
This means that headerSizeInBytes + argumentsIncludingThisInBytes needs
to be multiple of 16. This was not being preserved during getter IC code
for 32-bits. The code generated was taking in account only
headerSizeInRegisters (it is 4 on 32-bits) and argumentsIncludingThis
(that is always 1 for getters) and allocating 32-bytes when applying
operation (headerSize + argumentsIncludingThis) * 8 - sizeof(CallerFrameAndPC).
This results in a stack frame with size of 40 bytes (after we push
lr and sp). Since prepareForTailCall expects frames to be
16-bytes aligned, it will then calculate the top of such frame
considering it is 48 bytes, cloberring values of previous frame and
causing unexpected behavior. This patch is fixing how this IC code
calculates the stack frame using roundArgumentCountToAlignFrame(numberOfParameters)
aligning with what we do on code without IC installed.
This was not a problem for getter and setter IC on 64-bits because
roundArgumentCountToAlignFrame(1) == 1 and roundArgumentCountToAlignFrame(2) == 3
while it is roundArgumentCountToAlignFrame(1) == 2 and
roundArgumentCountToAlignFrame(2) == 2 for MIPS and ARMv7.

bytecode/AccessCase.cpp:

(JSC::AccessCase::generateImpl):

5:01 AM Changeset in webkit [258394] by Adrian Perez de Castro

4 edits in releases/WebKitGTK/webkit-2.26/Source/WebCore

Merge r254680 - Do not detect the stopped animations in Nicosia::Animation to avoid flashback
https://bugs.webkit.org/show_bug.cgi?id=206280

Patch by Tomoki Imai <Tomoki Imai> on 2020-01-16
Reviewed by Carlos Garcia Campos.

This fixes the animation flashback issue found in https://webkit.org/blog-files/3d-transforms/morphing-cubes.html.
The flashback was caused by using the old layer transform matrix saved when the animation has been started.

The root cause is an inconsistency of animation state in Nicosia::Animation and CoordinatedGraphicsLayer.
For Nicosia::Animation, ThreadedCompositor increases MonitonicTime for animation every frame, and calls Nicosia::Animation::apply.
For CoordinatedGraphicsLayer, CSSAnimationController updates animations list and if the animation has been finished it updates CSS value.
There is a chance to use old layer state while the Nicosia::Animation stopped, but CoordinatedGraphicsLayer still obtains old CSS value and animations.

In this patch, all the Nicosia::Animation is considered to have "AnimationFillMode::Forwards" or "AnimationFillMode::Both",
which means they are active and use the last position when the animation is stopped.
Stopping and removing animations should be only done by CSSAnimationController and CoordinatedGraphicsScene
as they can remove the animation from the list and update the CSS value at the same time.

Mac implementation GraphicsLayerCA has a similar logic, it replaces AnimationFillMode with Forwards or Both.
https://trac.webkit.org/browser/webkit/trunk/Source/WebCore/platform/graphics/ca/GraphicsLayerCA.cpp?rev=254502#L3248

Tested manually with https://webkit.org/blog-files/3d-transforms/morphing-cubes.html

platform/graphics/nicosia/NicosiaAnimation.cpp:

(Nicosia::Animation::apply): Return the last value for stopped animations to avoid flickering
(Nicosia::Animation::isActive const): Removed. It should always return true because
all the animations are considered as fillsForwards in Nicosia::Animation to avoid flashback.
(Nicosia::Animations::hasActiveAnimationsOfType const): Remove isActive check.
(Nicosia::Animations::getActiveAnimations() const): Removed. It returns whole animations list because all the animations are active.

platform/graphics/nicosia/NicosiaAnimation.h:
platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:

(WebCore::CoordinatedGraphicsLayer::flushCompositingStateForThisLayerOnly):

3:37 AM Changeset in webkit [258393] by Carlos Garcia Campos

3 edits in trunk/Source/WebKit

[SOUP] Notify web process about WebSocket handshake request and response
https://bugs.webkit.org/show_bug.cgi?id=208994

Reviewed by Youenn Fablet.

This makes WebSockets appear again in web inspector.

NetworkProcess/soup/WebSocketTaskSoup.cpp:

(WebKit::WebSocketTask::WebSocketTask): Save the handshake message and notify the channel when the request is sent.
(WebKit::WebSocketTask::didConnect): Notify the channel that handshake response has been received.
(WebKit::WebSocketTask::didFail): Notify the channel that handshake response has been received if handshake
failed.

NetworkProcess/soup/WebSocketTaskSoup.h:

3:31 AM Changeset in webkit [258392] by commit-queue@webkit.org

2 edits in trunk/Source/WebCore

-Wredundant-move in CSSPropertyParserHelpers.cpp
https://bugs.webkit.org/show_bug.cgi?id=209019

Patch by Michael Catanzaro <Michael Catanzaro> on 2020-03-13
Reviewed by Youenn Fablet.

Silence compiler warning by removing improper WTFMove().

css/parser/CSSPropertyParserHelpers.cpp:

(WebCore::CSSPropertyParserHelpers::consumeDeprecatedRadialGradient):

3:13 AM Changeset in webkit [258391] by youenn@apple.com

14 edits
2 adds in trunk

Apply rotation at source level if WebRTC sink ask so
https://bugs.webkit.org/show_bug.cgi?id=205645

Reviewed by Eric Carlson.

Source/WebCore:

Add a virtual method to RealtimeMediaSource to pass the information that the sink prefers the frames to be rotated before sending them.

Source/WebKit:

UIProcess/Cocoa/UserMediaCaptureManagerProxy.cpp:

UIProcess/Cocoa/UserMediaCaptureManagerProxy.h:
UIProcess/Cocoa/UserMediaCaptureManagerProxy.messages.in:
WebProcess/cocoa/UserMediaCaptureManager.cpp:

(WebKit::UserMediaCaptureManager::Source::setShouldApplyRotation):

LayoutTests:

webrtc/video-rotation-no-cvo-expected.txt: Added.
webrtc/video-rotation-no-cvo.html: Added.

3:10 AM Changeset in webkit [258390] by youenn@apple.com

13 edits in trunk/Source

Remove use of PlatformMediaSession types in AudioSession
https://bugs.webkit.org/show_bug.cgi?id=208995

Reviewed by Eric Carlson.

Source/WebCore:

Remove type for beginInterruption since AudioSession always trigger system interruptions.
Have a dedicated type for endInterruption.
No change of behavior.

platform/audio/AudioSession.cpp:

(WebCore::AudioSession::beginInterruption):
(WebCore::AudioSession::endInterruption):

platform/audio/AudioSession.h:
platform/audio/ios/AudioSessionIOS.mm:

(-[WebInterruptionObserverHelper interruption:]):
(WebCore::AudioSession::beginInterruption):
(WebCore::AudioSession::endInterruption):

platform/audio/ios/MediaSessionManagerIOS.h:

Source/WebKit:

Update code according WebCore API changes.
Make use of AudioSession current code path to make RemoteAudioSession notify its observers.

GPUProcess/media/RemoteAudioSessionProxy.cpp:

(WebKit::RemoteAudioSessionProxy::setCategory):
(WebKit::RemoteAudioSessionProxy::beginInterruption):
(WebKit::RemoteAudioSessionProxy::endInterruption):

GPUProcess/media/RemoteAudioSessionProxy.h:
GPUProcess/media/RemoteAudioSessionProxyManager.cpp:

(WebKit::RemoteAudioSessionProxyManager::tryToSetActiveForProcess):
(WebKit::RemoteAudioSessionProxyManager::beginAudioSessionInterruption):
(WebKit::RemoteAudioSessionProxyManager::endAudioSessionInterruption):

GPUProcess/media/RemoteAudioSessionProxyManager.h:
WebProcess/GPU/media/RemoteAudioSession.cpp:

(WebKit::RemoteAudioSession::beginInterruption): Deleted.
(WebKit::RemoteAudioSession::endInterruption): Deleted.

WebProcess/GPU/media/RemoteAudioSession.h:
WebProcess/GPU/media/RemoteAudioSession.messages.in:

2:46 AM Changeset in webkit [258389] by rniwa@webkit.org

2 edits in trunk/Source/WebKit

Release build fix after r258384.

WebProcess/Plugins/PDF/PDFPlugin.mm:

(WebKit::PDFPlugin::threadEntry):
(WebKit::PDFPlugin::ByteRangeRequest::maybeComplete):

1:33 AM Changeset in webkit [258388] by Antti Koivisto

11 edits in trunk/Source/WebCore

Remove unused affectedBy style flags
https://bugs.webkit.org/show_bug.cgi?id=209009

Reviewed by Antoine Quint.

These flags are unused after r258321. Remove the flags and the code that generates them.

css/SelectorChecker.cpp:

(WebCore::SelectorChecker::checkOne const):

cssjit/SelectorCompiler.cpp:

(WebCore::SelectorCompiler::addStyleRelationFunction):
(WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementIsActive):
(WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementIsHovered):
(WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementHasFocusWithin):

dom/Element.cpp:

(WebCore::Element::hasFlagsSetDuringStylingOfChildren const):
(WebCore::Element::resetStyleRelations):

dom/Element.h:

(WebCore::Element::styleAffectedByEmpty const):
(WebCore::Element::descendantsAffectedByPreviousSibling const):
(WebCore::Element::setStyleAffectedByEmpty):
(WebCore::Element::setDescendantsAffectedByPreviousSibling):
(WebCore::Element::styleAffectedByActive const): Deleted.
(WebCore::Element::styleAffectedByFocusWithin const): Deleted.
(WebCore::Element::childrenAffectedByHover const): Deleted.
(WebCore::Element::setStyleAffectedByFocusWithin): Deleted.
(WebCore::Element::setChildrenAffectedByHover): Deleted.
(WebCore::Element::setStyleAffectedByActive): Deleted.

dom/Node.h:
rendering/style/RenderStyle.cpp:

(WebCore::RenderStyle::RenderStyle):

rendering/style/RenderStyle.h:

(WebCore::RenderStyle::affectedByDrag const):
(WebCore::RenderStyle::NonInheritedFlags::operator== const):
(WebCore::RenderStyle::affectedByHover const): Deleted.
(WebCore::RenderStyle::affectedByActive const): Deleted.
(WebCore::RenderStyle::setAffectedByHover): Deleted.
(WebCore::RenderStyle::setAffectedByActive): Deleted.

style/StyleRelations.cpp:

(WebCore::Style::commitRelationsToRenderStyle):
(WebCore::Style::commitRelations):

style/StyleRelations.h:
style/StyleSharingResolver.cpp:

(WebCore::Style::SharingResolver::canShareStyleWithElement const):

Compare the hasFocusWithin bit instead.

12:57 AM Changeset in webkit [258387] by ysuzuki@apple.com

2 edits in trunk/Source/JavaScriptCore

Unreviewed, change ASSERT to ASSERT_WITH_SECURITY_IMPLICATION since it is now enabled under ENABLE(SECURITY_ASSERTIONS)
https://bugs.webkit.org/show_bug.cgi?id=209041
<rdar://problem/59705631>

runtime/JSCast.h:

(JSC::jsCast):

12:53 AM Changeset in webkit [258386] by ysuzuki@apple.com

9 edits in trunk/Source

Report crashed cell in jsCast in debug builds
https://bugs.webkit.org/show_bug.cgi?id=209041
<rdar://problem/59705631>

Reviewed by Mark Lam.

Source/JavaScriptCore:

To collect more information when crashing with jsCast, we attempt to use reportZappedCellAndCrash.
If it succeeds, we can get more information in registers. We enable this only for ASSERT_ENABLED
build. For non ASSERT_ENABLED, we keep the original assertion since this assertion can be enabled
via ENABLE(SECURITY_ASSERTIONS).

heap/SlotVisitor.cpp:

(JSC::SlotVisitor::appendToMarkStack):
(JSC::SlotVisitor::visitChildren):
(JSC::SlotVisitor::reportZappedCellAndCrash): Deleted.

heap/SlotVisitor.h:
runtime/JSCast.h:

(JSC::jsCast):

runtime/JSCell.cpp:

(JSC::reportZappedCellAndCrash):

runtime/JSCell.h:

Source/WebCore:

We should take JSLock when touching JSC::VM.

page/MemoryRelease.cpp:

(WebCore::logMemoryStatisticsAtTimeOfDeath):

page/PerformanceLogging.cpp:

(WebCore::PerformanceLogging::memoryUsageStatistics):

12:24 AM Changeset in webkit [258385] by sbarati@apple.com

2 edits in trunk/Tools

Pull in JS tests from "Internal" when there are "Internal" tests in an adjacent directory
https://bugs.webkit.org/show_bug.cgi?id=209038

Reviewed by Keith Miller.

This allows us to automatically pull in some tests that are in non open sourced Apple
checkouts.

Context Navigation

Timeline

Mar 17, 2020:

Mar 16, 2020:

Mar 15, 2020:

Mar 14, 2020:

Mar 13, 2020:

Download in other formats: