Timeline

View changes from
going back days
by author

Repository changesets Wiki changes

Apr 6, 2020:

11:58 PM Changeset in webkit [259626] by Alan Coon

• 1 copy in branches/safari-610.1.9-branch

New branch.

11:54 PM Changeset in webkit [259625] by Alan Coon

• 8 edits in trunk/Source

Versioning.

11:29 PM Changeset in webkit [259624] by Jack Lee

• 3 edits
  2 adds in trunk

Nullptr crash in CompositeEditCommand::splitTreeToNode when inserting image in anchor element that has uneditable parent
​https://bugs.webkit.org/show_bug.cgi?id=210004
<rdar://problem/61206583>

Reviewed by Ryosuke Niwa.

Source/WebCore:

RemoveNodePreservingChildren can fail and leave the children dangling if the parent of the node
is uneditable. Added editability check for the to-be-removed node.

Test: editing/inserting/insert-img-anchor-uneditable-parent.html

• editing/RemoveNodePreservingChildrenCommand.cpp:

(WebCore::RemoveNodePreservingChildrenCommand::doApply):

LayoutTests:

Added a regression test for the crash.

• editing/inserting/insert-img-anchor-uneditable-parent-expected.txt: Added.
• editing/inserting/insert-img-anchor-uneditable-parent.html: Added.

9:59 PM Changeset in webkit [259623] by Lauro Moura

• 3 edits in trunk/LayoutTests

[GTK][WPE] Gardening EXIF orientation failure.

Unreviewed test gardening.

• platform/gtk/TestExpectations:
• platform/wpe/TestExpectations:

8:39 PM Changeset in webkit [259622] by Peng Liu

• 3 edits
  1 add in trunk/Tools

REGRESSION (r259531?): [iOS] TestWebKitAPI.WebKitLegacy.ScrollingDoesNotPauseMedia is timing out
​https://bugs.webkit.org/show_bug.cgi?id=210013

Reviewed by Daniel Bates.

Fix mistakes in the test and make it more reliable.

• TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
• TestWebKitAPI/Tests/WebKitLegacy/ios/ScrollingDoesNotPauseMedia.mm:

(-[ScrollingDoesNotPauseMediaDelegate handleEvent:]):
(TestWebKitAPI::TEST):

• TestWebKitAPI/Tests/WebKitLegacy/ios/one-video.html: Added.

7:23 PM Changeset in webkit [259621] by mmaxfield@apple.com

• 4 edits in trunk/LayoutTests

[Cocoa] REGRESSION(r254389): fast/text/international/system-language/declarative-language.html is failing
​https://bugs.webkit.org/show_bug.cgi?id=208023
<rdar://problem/59461792>

Reviewed by Simon Fraser.

minimizedLanguagesFromLanguages() is supposed to minimize the language list;
that's its whole raison d'être

• fast/text/international/system-language/declarative-language-expected.txt:
• fast/text/international/system-language/declarative-language.html:
• platform/mac/TestExpectations:

7:16 PM Changeset in webkit [259620] by ddkilzer@apple.com

• 2 edits in trunk/Source/WebCore

Use-after-move of Vector<ManipulationToken> in TextManipulationController::observeParagraphs()
<​https://webkit.org/b/210086>

Reviewed by Ryosuke Niwa.

• editing/TextManipulationController.cpp:

(WebCore::TextManipulationController::observeParagraphs):

• Replace WTFMove() with std::exchange() to fix the clang static analyzer warning. For WTF::Vector, this has no change in behavior.

6:45 PM Changeset in webkit [259619] by Jack Lee

• 3 edits
  2 adds in trunk

Nullptr crash in WebCore::lastPositionInNode when indenting text node that has user-select:all parent.
​https://bugs.webkit.org/show_bug.cgi?id=210016
<rdar://problem/61014577>

Reviewed by Ryosuke Niwa.

Source/WebCore:

In rangeForParagraphSplittingTextNodesIfNeeded, added null check for previousSibling()
after splitTextNode is called, and returns empty positions to caller.

In formatSelection, check the returned positions from rangeForParagraphSplittingTextNodesIfNeeded
and stop indenting the rest of the paragraphs.

Test: fast/editing/indent-pre-user-select-all-crash.html

• editing/ApplyBlockElementCommand.cpp:

(WebCore::ApplyBlockElementCommand::formatSelection):
(WebCore::ApplyBlockElementCommand::rangeForParagraphSplittingTextNodesIfNeeded):

LayoutTests:

Added a regression test for the crash.

• fast/editing/indent-pre-user-select-all-crash-expected.txt: Added.
• fast/editing/indent-pre-user-select-all-crash.html: Added.

6:04 PM Changeset in webkit [259618] by Devin Rousso

• 4 edits in trunk/Source

Web Inspector: console.log(...) appear as CONSOLE LOG LOG in the system console
​https://bugs.webkit.org/show_bug.cgi?id=210083

Reviewed by Timothy Hatcher.

Source/JavaScriptCore:

• runtime/ConsoleClient.cpp:

(JSC::appendMessagePrefix):

Source/WebCore:

• page/PageConsoleClient.cpp:

(WebCore::PageConsoleClient::addMessage):
Use the actual MessageSource and MessageType when printing console messages.

5:58 PM Changeset in webkit [259617] by don.olmstead@sony.com

• 5 edits in trunk

[CMake] Use WEBKIT_EXECUTABLE in DumpRenderTree
​https://bugs.webkit.org/show_bug.cgi?id=210059

Reviewed by Fujii Hironori.

.:

Add a DumpRenderTree derived sources directory.

• Source/cmake/WebKitFS.cmake:

Tools:

Modify CMake code to use WEBKIT_EXECUTABLE when creating DumpRenderTree.

• DumpRenderTree/CMakeLists.txt:
• DumpRenderTree/PlatformWin.cmake:

5:26 PM Changeset in webkit [259616] by Jonathan Bedard

• 2 edits in trunk/Tools

ImageDiff: Don't build with ASan in automation
​https://bugs.webkit.org/show_bug.cgi?id=210057
<rdar://problem/61234753>

Reviewed by David Kilzer.

• ImageDiff/cg/Configurations/ImageDiff.xcconfig: Disable ASan.

5:11 PM Changeset in webkit [259615] by Kate Cheney

• 7 edits in trunk/Source/WebKit

Create a way to signal if the WKAppBoundDomains list is empty
​https://bugs.webkit.org/show_bug.cgi?id=210074
<rdar://problem/61359228>

Reviewed by Brent Fulgham.

Updates the WebFramePolicyListener to return an Optional<NavigatingToAppBoundDomain>
to signal if the WKAppBoundDomains list is empty. If so, we don't want to update
any app-bound domain parameters in WebPageProxy.

• UIProcess/WebFramePolicyListenerProxy.cpp:

(WebKit::WebFramePolicyListenerProxy::didReceiveAppBoundDomainResult):

• UIProcess/WebFramePolicyListenerProxy.h:
• UIProcess/WebFrameProxy.cpp:

(WebKit::WebFrameProxy::setUpPolicyListenerProxy):

• UIProcess/WebFrameProxy.h:
• UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::decidePolicyForNavigationAction):
(WebKit::WebPageProxy::decidePolicyForNewWindowAction):
(WebKit::WebPageProxy::decidePolicyForResponseShared):

• UIProcess/WebsiteData/Cocoa/WebsiteDataStoreCocoa.mm:

(WebKit::WebsiteDataStore::beginAppBoundDomainCheck):
Changed the WebFramePolicyListener to take a NavigatingToAppBoundDomain
type as opposed to a boolean to allow it to handle the empty value.

5:11 PM Changeset in webkit [259614] by mark.lam@apple.com

• 2 edits in trunk/Source/JavaScriptCore

REGRESSION: 68000 JSC tests failing.
​https://bugs.webkit.org/show_bug.cgi?id=210078
<rdar://problem/61364513>

Reviewed by Yusuke Suzuki.

The missing exception check is in jsc shell's GlobalObject::finishCreation().
Since this is just a debugging tool, and this exception will never be thrown in
practice, I've placated the validator by RELEASE_ASSERT'ing that the exception
will never be thrown.

• jsc.cpp:

5:00 PM Changeset in webkit [259613] by Wenson Hsieh

• 4 edits in trunk/Source/WebCore

REGRESSION: 4 TestWebKitAPI.DragAndDropTests.DataTransferSetData tests failing on iOS
​https://bugs.webkit.org/show_bug.cgi?id=209685
<rdar://problem/60987461>

Reviewed by Megan Gardner.

After updating a WebKit open source test runner to iOS 13.4, 4 pasteboard-related API tests began to fail in
release builds on that particular bot. Logging statements added in r259465, r259518, r259534, and r259541
strongly suggest that this is due to an IPC dispatch race when clearing the platform pasteboard before writing
custom pasteboard data. On iOS, the former is dispatched asynchronously, while the latter is dispatched as sync
IPC. This means that if the UI process happens to be waiting for a sync IPC response from the web process, it
will end up handling the incoming IPC messages out of order by immediately dispatching sync IPC (in this case,
writing custom pasteboard data) before dispatching the async IPC (clearing data). This causes the custom
pasteboard data to be cleared on the platform pasteboard immediately after it is written.

To fix this, we limit clearing pasteboard data to when we would've otherwise avoided writing any custom
pasteboard data, and additionally make it so that writing custom pasteboard data always clears out any pre-
existing content on the pasteboard (obviating the need for a separate message to clear the pasteboard). Note
that writing custom pasteboard data always clears the existing pasteboard on macOS and iOS -- on macOS, we use
-declareTypes:owner:; on iOS, we use -setItemProviders:; in the case of macCatalyst, we -setItems:.

• dom/DataTransfer.cpp:

(WebCore::DataTransfer::commitToPasteboard):

Push the call to clear the pasteboard down from the call sites of commitToPasteboard into commitToPasteboard
itself; then, only explicitly clear the pasteboard in the case where we aren't writing custom pasteboard data
(i.e. either custom pasteboard data is disabled, or there is no data to write),

(WebCore::DataTransfer::moveDragState): See above.

• editing/Editor.cpp:

(WebCore::dispatchClipboardEvent): See above.

• platform/ios/WebItemProviderPasteboard.mm:

(-[WebItemProviderPasteboard stageRegistrationLists:]):

Remove always-on logging added in r259541 to help diagnose the test failures.

4:39 PM Changeset in webkit [259612] by Jason_Lawrence

• 2 edits in trunk/LayoutTests

[ Mac wk1 Debug ] inspector/debugger/evaluateOnCallFrame-errors.html is flaky failing.
​https://bugs.webkit.org/show_bug.cgi?id=210079

Unreviewed test gardening.

• platform/mac-wk1/TestExpectations:

4:34 PM Changeset in webkit [259611] by Alan Bujtas

• 4 edits in trunk/Source/WebCore

Delete line boxes when moving text renderers between block flows
​https://bugs.webkit.org/show_bug.cgi?id=210000

Reviewed by Antti Koivisto.

After style and/or tree mutation the existing line boxes are destroyed during the subsequent layout.
When the text renderer moves between block flows and the destination block flow initiates a different
type of line layout, we need to make sure the previous line content is cleaned up properly.

• rendering/RenderBlockFlow.cpp:

(WebCore::RenderBlockFlow::layoutSimpleLines):
(WebCore::RenderBlockFlow::layoutLFCLines):

• rendering/RenderText.cpp:

(WebCore::RenderText::removeAndDestroyTextBoxes):
(WebCore::RenderText::dirtyLineBoxes):
(WebCore::RenderText::deleteLineBoxes):

• rendering/RenderText.h:

4:25 PM Changeset in webkit [259610] by Chris Dumez

• 4 edits in trunk/Source/WebKit

[iOS] Transition most process assertions to RunningBoard
​https://bugs.webkit.org/show_bug.cgi?id=210065
<rdar://problem/61354901>

Reviewed by Geoffrey Garen.

Transition most process assertions to RunningBoard, instead of legacy BKSProcessAssertion.
The only assertion that still uses BKSProcessAssertion is the MediaPlayback once because
we do not have a RunningBoard equivalent for this one yet (see <rdar://problem/61263147>).

• UIProcess/ProcessAssertion.h:
• UIProcess/ios/ProcessAssertionIOS.mm:

(-[WKRBSAssertionDelegate assertionWillInvalidate:]):
(-[WKRBSAssertionDelegate assertion:didInvalidateWithError:]):
(WebKit::runningBoardNameForAssertionType):
(WebKit::ProcessAssertion::ProcessAssertion):
(WebKit::ProcessAssertion::~ProcessAssertion):
(WebKit::ProcessAssertion::processAssertionWasInvalidated):

4:17 PM Changeset in webkit [259609] by Alan Coon

• 1 edit in branches/safari-609.2.1.2-branch/Source/WebKit/UIProcess/WebPageProxy.cpp

Unreviewed build fix. rdar://problem/61231877

No member named 'counts' in 'WebKit::WebBackForwardList'

4:17 PM Changeset in webkit [259608] by Alan Coon

• 1 edit in branches/safari-609.2.1.2-branch/Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp

Unreviewed build fix. rdar://problem/61231922

Change DoubleEqualAndOrdered to DoubleEqual to avoid build failure.

4:16 PM Changeset in webkit [259607] by commit-queue@webkit.org

• 2 edits in trunk/Tools

Update my committer status
​https://bugs.webkit.org/show_bug.cgi?id=210072

Patch by Kenneth Russell <​kbr@chromium.org> on 2020-04-06
Reviewed by Dean Jackson.

Update contributors.json to reflect that my lapsed committer
status was recently reinstated.

• Scripts/webkitpy/common/config/contributors.json:

4:15 PM Changeset in webkit [259606] by Ross Kirsling

• 219 edits
  10 adds
  2 deletes in trunk

Update minimum ICU version to 60.2
​https://bugs.webkit.org/show_bug.cgi?id=209694

Reviewed by Darin Adler.

.:

• Source/cmake/OptionsAppleWin.cmake:
• Source/cmake/OptionsCommon.cmake:
• Source/cmake/OptionsFTW.cmake:
• Source/cmake/OptionsGTK.cmake:
• Source/cmake/OptionsJSCOnly.cmake:
• Source/cmake/OptionsMac.cmake:
• Source/cmake/OptionsPlayStation.cmake:
• Source/cmake/OptionsWPE.cmake:
• Source/cmake/OptionsWinCairo.cmake:

Indicate 60.2 as minimum version (as required by GTK for supporting Ubuntu 18.04 LTS).
Also ensure that the C++ API is hidden for all platforms.

Source/JavaScriptCore:

• icu/LICENSE: Deleted.
• icu/README: Deleted.

Remove leftover files following r219155.

• runtime/IntlDateTimeFormat.cpp:

(JSC::IntlDateTimeFormat::UFieldPositionIteratorDeleter::operator() const):
(JSC::IntlDateTimeFormat::partTypeString):
(JSC::IntlDateTimeFormat::formatToParts):

• runtime/IntlDateTimeFormat.h:
• runtime/IntlDateTimeFormatPrototype.cpp:

(JSC::IntlDateTimeFormatPrototype::finishCreation):
(JSC::IntlDateTimeFormatPrototypeFuncFormatToParts):

• runtime/IntlNumberFormat.cpp:

(JSC::IntlNumberFormat::partTypeString):
(JSC::IntlNumberFormat::formatToParts):

• runtime/IntlNumberFormat.h:
• runtime/IntlNumberFormatPrototype.cpp:

(JSC::IntlNumberFormatPrototype::finishCreation):
(JSC::IntlNumberFormatPrototypeFuncFormatToParts):

• runtime/IntlPluralRules.cpp:

(JSC::IntlPluralRules::resolvedOptions):
(JSC::IntlPluralRules::select):

• runtime/IntlPluralRules.h:
• runtime/JSGlobalObjectFunctions.cpp:

(JSC::decode):
Remove obsoleted compile-time version checks.

Source/WebCore:

• PlatformMac.cmake:
• WebCore.xcodeproj/project.pbxproj:
• icu/LICENSE: Deleted.
• icu/README: Deleted.

Remove leftover files following r219155 as well as a corresponding Xcode step.

• editing/cocoa/DataDetection.mm:

(WebCore::buildQuery):

• page/ios/FrameIOS.mm:

(WebCore::Frame::interpretationsForCurrentRoot const):

• platform/cocoa/KeyEventCocoa.mm:

(WebCore::keyForCharCode):

• platform/cocoa/TelephoneNumberDetectorCocoa.cpp:

(WebCore::TelephoneNumberDetector::find):

• platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:

(WebCore::MediaPlayerPrivateAVFoundationObjC::shouldWaitForLoadingOfResource):

• platform/graphics/cocoa/FontCacheCoreText.cpp:

(WebCore::createFontForCharacters):
(WebCore::FontCache::prewarm):

• platform/graphics/mac/ComplexTextControllerCoreText.mm:

(WebCore::provideStringAndAttributes):

• platform/graphics/mac/GlyphPageMac.cpp:

(WebCore::GlyphPage::fill):
Manually convert between UChar and UniChar/unichar where needed.

• platform/text/CharacterProperties.h:

(WebCore::isEmojiGroupCandidate):
(WebCore::isEmojiWithPresentationByDefault):
(WebCore::isEmojiModifierBase):
(WebCore::icuLibraryUnderstandsSupplementalSymbolsAndPictographs): Deleted.
Remove obsoleted compile-time and runtime version checks.

Source/WebKit:

• WebProcess/InjectedBundle/API/mac/WKDOMTextIterator.mm:

(-[WKDOMTextIterator currentTextPointer]):
Manually convert between UChar and UniChar/unichar where needed.

Source/WebKitLegacy/mac:

• Misc/WebKitNSStringExtras.mm:

(-[NSString _web_drawAtPoint:font:textColor:]):
(-[NSString _web_widthWithFont:]):

• WebCoreSupport/WebVisitedLinkStore.mm:

(WebVisitedLinkStore::addVisitedLink):

• WebView/WebTextIterator.mm:

(-[WebTextIterator currentTextPointer]):
Manually convert between UChar and UniChar/unichar where needed.

Source/WTF:

This patch has two immediate motivations:

1. To properly introduce a minimum ICU version for WebKit as a whole (responding to a pain point identified in bug 209579)
2. To support the development of ECMA-402 Intl API features, which JSC is quite behind on (and which often boil down to exposing ICU functionality to JavaScript)

• icu/LICENSE:
• icu/README:
• icu/unicode/:

Update ICU headers to major version 62, the version included in macOS Mojave.

• wtf/text/AtomString.h:
• wtf/text/WTFString.h:

Remove obsoleted compile-time version checks.

• wtf/text/cocoa/StringCocoa.mm:

(WTF::String::String):

• wtf/text/cocoa/StringViewCocoa.mm:

(WTF::StringView::createNSString const):
(WTF::StringView::createNSStringWithoutCopying const):
Manually convert between UChar and UniChar/unichar where needed.

Tools:

• TestWebKitAPI/Tests/WTF/StringConcatenate.cpp:

Remove obsoleted compile-time version checks.

• DumpRenderTree/TestRunner.cpp:

(TestRunner::runUIScript):

• TestWebKitAPI/Tests/WebCore/LineBreaking.mm:

(breakingLocationsFromICU):
Manually convert between UChar and UniChar/unichar where needed.

4:05 PM Changeset in webkit [259605] by Alan Coon

• 2 edits in branches/safari-609-branch/Source/WebKit

Cherry-pick r259580. rdar://problem/61352477

CrashTracer: MobileSafari at WebKit: WebKit::SystemPreviewController::updateProgress
​https://bugs.webkit.org/show_bug.cgi?id=210040
rdar://51410841

Reviewed by Darin Adler.

It appears that the SystemPreviewController on WebPageProxy can
become null causing a call to an in-progress download to crash
as it tries to talk to the QuickLook delegate. Guard against this
by checking the SystemPreviewController each time.

• UIProcess/Cocoa/DownloadClient.mm: (WebKit::systemPreviewController): (WebKit::DownloadClient::didReceiveResponse): (WebKit::DownloadClient::didReceiveData): (WebKit::DownloadClient::processDidCrash): (WebKit::DownloadClient::didFinish): (WebKit::DownloadClient::didFail): (WebKit::DownloadClient::didCancel):

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@259580 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4:05 PM Changeset in webkit [259604] by Alan Coon

• 2 edits in branches/safari-609-branch/Source/WebCore

Cherry-pick r259538. rdar://problem/61352452

Additional sanity checks in compareAnimationsByCompositeOrder()
​https://bugs.webkit.org/show_bug.cgi?id=209996

Reviewed by Geoffrey Garen.

compareAnimationsByCompositeOrder() is used by std::sort() which requires strict weak ordering.
This adds additional checks to ensure strict weak ordering is maintained, first by ensuring
the transitionProperty string is different before returning that comparison, then by only using
if the animation is a CSSTransition or CSSAnimation if the left hand and right hand sides differ.
This should leave all remaining cases to sort by the global animation list.

No new tests; this should be covered by existing tests and should not change functionality
otherwise.

• animation/WebAnimationUtilities.cpp: (WebCore::compareAnimationsByCompositeOrder):

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@259538 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4:05 PM Changeset in webkit [259603] by Alan Coon

• 2 edits in branches/safari-609-branch/Source/WebCore

Cherry-pick r259519. rdar://problem/61352446

ASSERTION FAILED: objectStoreInfo in SQLiteIDBBackingStore::getRecord
​https://bugs.webkit.org/show_bug.cgi?id=209976
<rdar://problem/55005363>

Reviewed by Geoffrey Garen.

Return error if objectStoreInfo is null in SQLiteIDBBackingStore::getRecord, because there is a possibility
SQLiteIDBBackingStore does not have requested objectStoreInfo.

• Modules/indexeddb/server/SQLiteIDBBackingStore.cpp: (WebCore::IDBServer::SQLiteIDBBackingStore::getRecord):

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@259519 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4:05 PM Changeset in webkit [259602] by Alan Coon

• 2 edits in branches/safari-609-branch/Source/JavaScriptCore

Cherry-pick r259424. rdar://problem/61352472

[JSC] RecordedStatuses's assignment should be guarded by CodeBlock's lock
​https://bugs.webkit.org/show_bug.cgi?id=209935
<rdar://problem/59443383>

Reviewed by Mark Lam.

Previously RecordedStatuses are not touched by GC. But now, GC visits RecordedStatuses.
This means that modifying RecordedStatuses should be guarded by CodeBlock's lock if
it is reachable from CodeBlock.
In DFG::Plan::reallyAdd, we already installed DFG::JITCode into the CodeBlock so that
RecordedStatuses is reachable from CodeBlock. We should lock CodeBlock's lock while
performing WTFMove(RecordedStatuses).

We do not need to emit write-barrier here because (1) DFG::Plan::reallyAdd is executed
while GC is deferred and (2) we emit write-barrier to CodeBlock before deferred GC is executed.

• dfg/DFGPlan.cpp: (JSC::DFG::Plan::reallyAdd):

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@259424 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4:05 PM Changeset in webkit [259601] by Alan Coon

• 12 edits in branches/safari-609-branch/Source

Cherry-pick r259315. rdar://problem/61352448

Regression(r253357) DeviceMotionEvent acceleration and rotationRate are null
​https://bugs.webkit.org/show_bug.cgi?id=209831
<rdar://problem/60720953>

Reviewed by Darin Adler.

Source/WebCore:

The issue was that DeviceMotionClientIOS::motionChanged() would only initialize the
acceleration and rotationRate if [m_motionManager gyroAvailable] returned YES. After
r253357, m_motionManager is nil because we get motion data from the UIProcess so
[m_motionManager gyroAvailable] would always resolve to NO.

To address the issue, I made the rotationRate parameters to motionChanged() optional
and we rely on them being set to know if gyro data is available. Note that I did not
make the acceleration optional because according to [1], all devices have an
accelerometer.

[1] ​https://developer.apple.com/documentation/coremotion/cmmotionmanager/1616094-devicemotionavailable?language=objc

• platform/ios/DeviceMotionClientIOS.h:
• platform/ios/DeviceMotionClientIOS.mm: (WebCore::DeviceMotionClientIOS::motionChanged):
• platform/ios/DeviceOrientationUpdateProvider.h:
• platform/ios/MotionManagerClient.h: (WebCore::MotionManagerClient::motionChanged):
• platform/ios/WebCoreMotionManager.mm: (-[WebCoreMotionManager sendAccelerometerData:]):

Source/WebKit:

• UIProcess/ios/WebDeviceOrientationUpdateProviderProxy.h:
• UIProcess/ios/WebDeviceOrientationUpdateProviderProxy.mm: (WebKit::WebDeviceOrientationUpdateProviderProxy::motionChanged):
• WebProcess/WebCoreSupport/WebDeviceOrientationUpdateProvider.cpp: (WebKit::WebDeviceOrientationUpdateProvider::deviceMotionChanged):
• WebProcess/WebCoreSupport/WebDeviceOrientationUpdateProvider.h:
• WebProcess/WebCoreSupport/WebDeviceOrientationUpdateProvider.messages.in:

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@259315 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4:05 PM Changeset in webkit [259600] by Alan Coon

• 3 edits in branches/safari-609-branch/Source/JavaScriptCore

Cherry-pick r259264. rdar://problem/61352442

[JSC] DFGArrayMode::alreadyChecked should have NonArray check when ArrayMode is NonArray+SlowPutArrayStorage
​https://bugs.webkit.org/show_bug.cgi?id=209791

Reviewed by Saam Barati.

DFGArrayMode::alreadyChecked with NonArray+SlowPutArrayStorage should check NonArray condition.

• dfg/DFGArrayMode.cpp: (JSC::DFG::ArrayMode::alreadyChecked const):
• dfg/DFGArrayMode.h: (JSC::DFG::ArrayMode::arrayModesWithIndexingShapes const):

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@259264 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4:05 PM Changeset in webkit [259599] by Alan Coon

• 14 edits in branches/safari-609-branch/Source/WebCore

Cherry-pick r258434. rdar://problem/61352465

Safari sometimes crashes when switch video into PiP mode
​https://bugs.webkit.org/show_bug.cgi?id=208904

Reviewed by Simon Fraser.

With this patch, MediaControlTextTrackContainerElement won't paint its subtree
to an image buffer (for the captions in video fullscreen or picture-in-picture mode)
when the cues are updated. Instead, it only sets the flag m_needsGenerateTextTrackRepresentation
to true after running layout based on the new cues. After that, it paints its subtree
to an image buffer if needed at the end of Page::updateRendering() when the layout is clean.
TextTrackRepresentationCocoa will use the image buffer to set the content of the layer
for captions in video fullscreen or picture-in-picture mode.

MediaControlTextTrackContainerElement class is responsible for rendering the captions in both:
1) a video player in the inline mode.
2) a video player in "video fullscreen" or picture-in-picture mode.
This patch refactors some functions to make their responsibilities clear.

• Modules/mediacontrols/MediaControlsHost.cpp: (WebCore::MediaControlsHost::updateTextTrackRepresentationImageIfNeeded):
• Modules/mediacontrols/MediaControlsHost.h:
• dom/Document.cpp: (WebCore::Document::setMediaElementShowingTextTrack): (WebCore::Document::clearMediaElementShowingTextTrack): (WebCore::Document::updateTextTrackRepresentationImageIfNeeded):
• dom/Document.h:

Functions textTracksAreReady(), textTrackReadyStateChanged() and configureTextTrackDisplay()
should be wrapped with "#if ENABLE(VIDEO_TRACK)".

• html/HTMLMediaElement.cpp: (WebCore::HTMLMediaElement::setTextTrackRepresentation): (WebCore::HTMLMediaElement::textTracksAreReady const): (WebCore::HTMLMediaElement::textTrackReadyStateChanged): (WebCore::HTMLMediaElement::configureTextTrackDisplay): (WebCore::HTMLMediaElement::updateTextTrackRepresentationImageIfNeeded):
• html/HTMLMediaElement.h:

• html/shadow/MediaControlElements.cpp: (WebCore::MediaControlTextTrackContainerElement::createElementRenderer): (WebCore::MediaControlTextTrackContainerElement::updateDisplay): (WebCore::MediaControlTextTrackContainerElement::updateTextTrackRepresentationImageIfNeeded): (WebCore::MediaControlTextTrackContainerElement::updateTextTrackRepresentationIfNeeded): (WebCore::MediaControlTextTrackContainerElement::clearTextTrackRepresentation): (WebCore::MediaControlTextTrackContainerElement::updateTextTrackStyle): (WebCore::MediaControlTextTrackContainerElement::enteredFullscreen): (WebCore::MediaControlTextTrackContainerElement::updateVideoDisplaySize): (WebCore::MediaControlTextTrackContainerElement::updateSizes): (WebCore::MediaControlTextTrackContainerElement::createTextTrackRepresentationImage): (WebCore::MediaControlTextTrackContainerElement::textTrackRepresentationBoundsChanged): (WebCore::MediaControlTextTrackContainerElement::updateTextTrackRepresentation): Deleted. (WebCore::MediaControlTextTrackContainerElement::updateTextTrackRepresentationStyle): Deleted. (WebCore::MediaControlTextTrackContainerElement::layoutIfNecessary): Deleted. (WebCore::MediaControlTextTrackContainerElement::updateCueStyles): Deleted.
• html/shadow/MediaControlElements.h:
• html/shadow/MediaControls.cpp: (WebCore::MediaControls::updateTextTrackRepresentationImageIfNeeded):
• html/shadow/MediaControls.h:
• page/Page.cpp: (WebCore::Page::updateRendering):
• rendering/RenderMediaControlElements.cpp: (WebCore::RenderMediaControlTextTrackContainer::RenderMediaControlTextTrackContainer): (WebCore::RenderMediaControlTextTrackContainer::layout): (WebCore::RenderTextTrackContainerElement::RenderTextTrackContainerElement): Deleted. (WebCore::RenderTextTrackContainerElement::layout): Deleted.
• rendering/RenderMediaControlElements.h:

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@258434 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3:47 PM Changeset in webkit [259598] by Alan Coon

• 3 edits in branches/safari-609.2.1.2-branch/Source/JavaScriptCore

Cherry-pick r259264. rdar://problem/61352437

[JSC] DFGArrayMode::alreadyChecked should have NonArray check when ArrayMode is NonArray+SlowPutArrayStorage
​https://bugs.webkit.org/show_bug.cgi?id=209791

Reviewed by Saam Barati.

DFGArrayMode::alreadyChecked with NonArray+SlowPutArrayStorage should check NonArray condition.

• dfg/DFGArrayMode.cpp: (JSC::DFG::ArrayMode::alreadyChecked const):
• dfg/DFGArrayMode.h: (JSC::DFG::ArrayMode::arrayModesWithIndexingShapes const):

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@259264 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:59 PM Changeset in webkit [259597] by Simon Fraser

• 21 edits in trunk/Source

Make ScrollableArea TextStream-loggable
​https://bugs.webkit.org/show_bug.cgi?id=210042

Reviewed by Darin Adler.

ScrollableArea is a pure virtual base class, so has to dump via a virtual function,
so add debugDescription() and implement it in derived classes.

Make the common pattern be that operator<<(TextStream&, ...) calls debugDescription.

Source/WebCore:

• page/Frame.cpp:

(WebCore::Frame::debugDescription const):
(WebCore::operator<<):

• page/Frame.h:
• page/FrameView.cpp:

(WebCore::FrameView::debugDescription const):
(WebCore::operator<<):

• page/FrameView.h:
• platform/ScrollView.cpp:

(WebCore::ScrollView::debugDescription const):

• platform/ScrollView.h:
• platform/ScrollableArea.cpp:

(WebCore::operator<<):

• platform/ScrollableArea.h:
• rendering/RenderLayer.cpp:

(WebCore::RenderLayer::debugDescription const):
(WebCore::RenderLayer::calculateClipRects const):

• rendering/RenderLayer.h:
• rendering/RenderLayerCompositor.cpp:

(WebCore::RenderLayerCompositor::updateCompositingLayers):

• rendering/RenderListBox.cpp:

(WebCore::RenderListBox::debugDescription const):

• rendering/RenderListBox.h:

Source/WebKit:

• UIProcess/win/WebPopupMenuProxyWin.cpp:

(WebKit::WebPopupMenuProxyWin::debugDescription const):

• UIProcess/win/WebPopupMenuProxyWin.h:
• WebProcess/Plugins/PDF/PDFPlugin.h:
• WebProcess/Plugins/PDF/PDFPlugin.mm:

(WebKit::PDFPlugin::debugDescription const):

2:59 PM Changeset in webkit [259596] by Jason_Lawrence

• 2 edits in trunk/LayoutTests

storage/indexeddb/value-cursor-cycle.html is flaky failing because it incorrectly thinks our JS GC is precise.
​https://bugs.webkit.org/show_bug.cgi?id=210046

Unreviewed test gardening.

• platform/mac/TestExpectations:

2:44 PM Changeset in webkit [259595] by Jack Lee

• 3 edits
  2 adds in trunk

Nullptr crash in CompositeEditCommand::moveParagraphContentsToNewBlockIfNecessary with draggable text
​https://bugs.webkit.org/show_bug.cgi?id=209999
<rdar://problem/58978340>

Reviewed by Ryosuke Niwa.

Source/WebCore:

VisibleParagraphStart/End may return empty VisiblePosition if no proper element or node
can be used as position candidate. Add null check for the returned VisiblePositions.

Test: fast/css/style-change-draggable-text.html

• editing/CompositeEditCommand.cpp:

(WebCore::CompositeEditCommand::moveParagraphContentsToNewBlockIfNecessary):

LayoutTests:

Added a regression test for the crash.

• fast/css/style-change-draggable-text-expected.txt: Added.
• fast/css/style-change-draggable-text.html: Added.

1:53 PM Changeset in webkit [259594] by jer.noble@apple.com

• 2 edits in trunk/Source/WebCore

Strengthen the ASSERT in ImageDecoderAVFObjC::storeSampleBuffer().
​https://bugs.webkit.org/show_bug.cgi?id=209972
<rdar://problem/60727431>

Reviewed by Brent Fulgham.

• platform/graphics/avfoundation/objc/ImageDecoderAVFObjC.mm:

(WebCore::ImageDecoderAVFObjC::storeSampleBuffer):

1:48 PM Changeset in webkit [259593] by jer.noble@apple.com

• 4 edits in trunk

[ Mac wk2 ] http/tests/media/track-in-band-hls-metadata.html is flaky crashing.
​https://bugs.webkit.org/show_bug.cgi?id=209490
<rdar://problem/60837555>

Reviewed by Darin Adler.

Source/WebCore:

To ensure the TaskDispatcher doesn't get destroyed on a background thread at the same time it's
executing tasks on the main thread, when a GenericTaskQueue is destroyed on a background thread,
move the TaskDispatcher into a task, and use the dispatcher itself to destroy itself on the
main thread.

• platform/GenericTaskQueue.h:

(WebCore::GenericTaskQueue::GenericTaskQueue):
(WebCore::GenericTaskQueue::~GenericTaskQueue):
(WebCore::GenericTaskQueue::enqueueTask):

LayoutTests:

• platform/mac-wk2/TestExpectations:

1:37 PM Changeset in webkit [259592] by Manuel Rego Casasnovas

• 9 edits in trunk/LayoutTests

[GTK][WPE] Re-enable WPT web-animations animation-types tests and updating baselines
​https://bugs.webkit.org/show_bug.cgi?id=186139

Reviewed by Carlos Alberto Lopez Perez.

These tests are no longer timing out, so this patch unflags them from TestExpectations.
Apart from that the -expected.txt baselines are updated too.

• platform/gtk/TestExpectations:
• platform/gtk/imported/w3c/web-platform-tests/web-animations/animation-model/animation-types/accumulation-per-property-expected.txt:
• platform/gtk/imported/w3c/web-platform-tests/web-animations/animation-model/animation-types/addition-per-property-expected.txt:
• platform/gtk/imported/w3c/web-platform-tests/web-animations/animation-model/animation-types/interpolation-per-property-expected.txt:
• platform/wpe/TestExpectations:
• platform/wpe/imported/w3c/web-platform-tests/web-animations/animation-model/animation-types/accumulation-per-property-expected.txt:
• platform/wpe/imported/w3c/web-platform-tests/web-animations/animation-model/animation-types/addition-per-property-expected.txt:
• platform/wpe/imported/w3c/web-platform-tests/web-animations/animation-model/animation-types/interpolation-per-property-expected.txt:

1:36 PM Changeset in webkit [259591] by commit-queue@webkit.org

• 5 edits in trunk

Unreviewed, reverting r259469.
​https://bugs.webkit.org/show_bug.cgi?id=210066

Introduced media playback regression (Requested by perarne on
#webkit).

Reverted changeset:

"[iOS] Deny mach lookup access to the runningboard service in
the WebContent process"
​https://bugs.webkit.org/show_bug.cgi?id=209933
​https://trac.webkit.org/changeset/259469

1:26 PM Changeset in webkit [259590] by pvollan@apple.com

• 2 edits in trunk/Source/WebKit

Unreviewed sandbox compile fix.

• Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:

1:12 PM Changeset in webkit [259589] by commit-queue@webkit.org

• 539 edits
  258 adds
  19 deletes in trunk/Source/ThirdParty/ANGLE

Update ANGLE to 2020-03-27
​https://bugs.webkit.org/show_bug.cgi?id=209689

Patch by Kenneth Russell <​kbr@chromium.org> on 2020-04-06
Reviewed by Darin Adler.

Use update-angle.sh script by James Darpinian to roll ANGLE to
commit b387ce9389ede6a4ed3b831ab1b8187927fa295f in
​https://chromium.googlesource.com/angle/angle .

changes.diff has been auto-updated with Apple's diffs relative to
upstream. No additional manual changes are made in this roll.
Long autogenerated file list omitted.

1:07 PM Changeset in webkit [259588] by Fujii Hironori

• 2 edits in trunk/Source/JavaScriptCore

[Clang 10] Fix -Wimplicit-int-float-conversion compilation warnings in JavaScriptCore
​https://bugs.webkit.org/show_bug.cgi?id=210038

Reviewed by Darin Adler.

Clang 10 reports a compilation warning in JavaScriptCore:

..\..\Source\JavaScriptCore\bytecode/CodeBlock.cpp(3002,24): warning: implicit conversion from 'unsigned long long' to 'double' changes value from 18446744073709551615 to 18446744073709551616 [-Wimplicit-int-float-conversion]

if (doubleResult > std::numeric_limits<size_t>::max())

~ ^~

Use a template variable maxPlusOne<T> which was added by r259537
for the purpose.

• bytecode/CodeBlock.cpp:

(JSC::CodeBlock::predictedMachineCodeSize): Replaced '>' with '>=',
and std::numeric_limits<size_t>::max() with maxPlusOne<size_t>.

12:01 PM Changeset in webkit [259587] by Alexey Shvayka

• 7 edits
  1 delete in trunk

Remove unnecessary Test262 harness file and implement $262.IsHTMLDDA
​https://bugs.webkit.org/show_bug.cgi?id=187526

Reviewed by Darin Adler.

JSTests:

• stress/optional-chaining.js: Adjust test for callable masquerader.

Source/JavaScriptCore:

Test262 harness requires [1] $262.IsHTMLDDA to be an object with IsHTMLDDA? slot [2],
much like document.all. It is used in a few tests to make sure that runtimes strictly
compare values with null and undefined.

With this change, makeMasquerader returns callable masquerader to mimic document.all
in the wild. In order to avoid masqueradesAsUndefinedWatchpoint being fired during
initialization of JSC shell, $262.IsHTMLDDA is a getter.

[1]: ​https://github.com/tc39/test262/blob/master/INTERPRETING.md#host-defined-functions
[2]: ​https://tc39.es/ecma262/#sec-IsHTMLDDA-internal-slot

• jsc.cpp:

(functionMakeMasquerader):
(functionCallMasquerader):
(JSC::Masquerader::Masquerader): Deleted.
(JSC::Masquerader::subspaceFor): Deleted.
(JSC::Masquerader::create): Deleted.
(JSC::Masquerader::createStructure): Deleted.

• runtime/JSObject.h:

Tools:

Removed file duplicates functionality of jsc.cpp's GlobalObject::finishCreation.

• Scripts/test262/Runner.pm:
• Scripts/test262/agent.js: Removed.

11:55 AM Changeset in webkit [259586] by Jacob Uphoff

• 2 edits in trunk/LayoutTests

[ macOS ] inspector/debugger/break-in-constructor-before-super.html is a flaky failure
​https://bugs.webkit.org/show_bug.cgi?id=210062

Unreviewed test gardening.

• platform/mac/TestExpectations:

11:54 AM Changeset in webkit [259585] by Antti Koivisto

• 9 edits
  2 adds in trunk

'currentcolor' doesn't need setHasExplicitlyInheritedProperties marking anymore
​https://bugs.webkit.org/show_bug.cgi?id=210017

Reviewed by Darin Adler.

Source/WebCore:

Removing this marking reveals problems in style update avoidance code in CSSComputedStyleDeclaration
that also need to be addressed. The problems are not specific to exlicit 'currentcolor', they also reproduce
with the initial value (thus the new test).

Test: fast/css/currentColor-initial-style-update.html

• css/CSSComputedStyleDeclaration.cpp:

(WebCore::nonInheritedColorPropertyHasValueCurrentColor):

Add a helper.

(WebCore::hasValidStyleForProperty):

Treat a non-inherited color property as inherited if it is 'currentcolor'.

(WebCore::updateStyleIfNeededForProperty):

Expand shorthands so properties like border-color test correctly.

• css/CSSProperty.cpp:

(WebCore::CSSProperty::isColorProperty):

Move here from CSSParserFastPaths.

• css/CSSProperty.h:
• css/parser/CSSParserFastPaths.cpp:

(WebCore::CSSParserFastPaths::maybeParseValue):
(WebCore::isColorPropertyID): Deleted.

• rendering/style/RenderStyle.cpp:

(WebCore::RenderStyle::unresolvedColorForProperty const):

Factor into a helper.
Handle all color values.

(WebCore::RenderStyle::colorResolvingCurrentColor const):

Renamed for clarity and some cleanups.

(WebCore::RenderStyle::visitedDependentColor const):
(WebCore::RenderStyle::colorIncludingFallback const): Deleted.

• rendering/style/RenderStyle.h:

(WebCore::RenderStyle::isCurrentColor):

• style/StyleBuilderState.cpp:

(WebCore::Style::BuilderState::colorFromPrimitiveValue const):

Remove setHasExplicitlyInheritedProperties marking.

LayoutTests:

• fast/css/currentColor-initial-style-update-expected.txt: Added.
• fast/css/currentColor-initial-style-update.html: Added.

11:48 AM Changeset in webkit [259584] by commit-queue@webkit.org

• 2 edits in trunk/Source/WebKit

[GTK] Remove unused header in web process
​https://bugs.webkit.org/show_bug.cgi?id=210053

Patch by Víctor Manuel Jáquez Leal <​vjaquez@igalia.com> on 2020-04-06
Reviewed by Michael Catanzaro.

Remove unused headers from code removed in r203774.

No new tests required.

• WebProcess/gtk/WebProcessMainGtk.cpp:

11:48 AM Changeset in webkit [259583] by Justin Michaud

• 38 edits
  7 adds in trunk

Allow deleteById to be cached in the DFG
​https://bugs.webkit.org/show_bug.cgi?id=208664

Reviewed by Saam Barati.

JSTests:

• microbenchmarks/delete-property-allocation-sinking.js: Added.

(assert):
(noInline.assert.blackbox):
(noInline.blackbox.doAlloc1):
(noInline.doAlloc1):

• microbenchmarks/polyvariant-delete-property.js: Added.

(assert):
(blackbox):
(noInline.blackbox.polyvariant):
(doAlloc1):
(noInline.doAlloc1.doAlloc2):
(noInline.doAlloc2):

• stress/delete-property-dfg-inline.js: Added.

(assert):
(noInline.assert.assert_throws):
(noInline.assert_throws.blackbox):
(noInline.blackbox.testSingleStructure.doAlloc1):
(noInline.blackbox.testSingleStructure):
(noInline.testSingleStructure.testInlineSingleStructure.doDelete2):
(noInline.testSingleStructure.testInlineSingleStructure.doAlloc2):
(noInline.testSingleStructure.testInlineSingleStructure):
(noInline.testInlineSingleStructure.testExit.doDelete3):
(noInline.testInlineSingleStructure.testExit):
(noInline.testExit.testSingleStructureMiss.doAlloc4):
(noInline.testExit.testSingleStructureMiss):
(noInline.testSingleStructureMiss.testSingleStructureMissStrict.string_appeared_here.doAlloc5):
(noInline.testSingleStructureMiss.testSingleStructureMissStrict):
(noInline.testSingleStructureMissStrict.testSingleStructureMissNonConfigurable.doAlloc6):
(noInline.testSingleStructureMissStrict.testSingleStructureMissNonConfigurable):
(noInline.testSingleStructureMissNonConfigurable.testSingleStructureEmpty.doAlloc7):
(noInline.testSingleStructureMissNonConfigurable.testSingleStructureEmpty):
(noInline.testSingleStructureEmpty.testPolymorphic.doDelete8):
(noInline.testSingleStructureEmpty.testPolymorphic):
(noInline.testPolymorphic.testPolyvariant.doDelete9):
(noInline.testPolymorphic.testPolyvariant.polyvariant):
(noInline.testPolymorphic.testPolyvariant):
(noInline.testPolyvariant.testConstantFolding.doDelete10):
(noInline.testPolyvariant.testConstantFolding):
(noInline.testConstantFolding.testObjectSinking.doAlloc11):
(noInline.testConstantFolding.testObjectSinking):
(noInline.testObjectSinking.testProxy.doAlloc12):
(noInline.testObjectSinking.testProxy.noInline.doDelete12):
(noInline.testObjectSinking.testProxy):
(noInline.testProxy.testTypedArray.doDelete12):
(noInline.testProxy.testTypedArray):
(noInline.testTypedArray.testMissMixed.doDelete13):
(noInline.testTypedArray.testMissMixed):
(noInline.testMissMixed.testMissNonMixed.doDelete14):
(noInline.testMissMixed.testMissNonMixed):
(noInline.testMissNonMixed.testByVal.doDelete15):
(noInline.testMissNonMixed.testByVal):

Source/JavaScriptCore:

When we see that the deleteById inline cache only saw one structure, we inline it into the DFG. This involves
creating a new node, FilterDeleteByStatus, and then turning these DeleteById nodes into a FilterDeleteByStatus,
CheckStructure, PutByOffset, then PutStructure (or just a CheckStructure in the case of a miss). The logic for
pessimising this optimization is the same as for PutById, giving inlined functions the opportunity to use only
the DFG profiling information, while everything else uses the DFG+Baseline information.

This also adds a MultiDeleteByOffset node, for the case when there are multiple structures seen by the delete. If
all of the cases are the same kind of miss, then we only emit a CheckStructure and constant.

Finally, if we see a delete by val with a single identifier, we inline that too.

This patch removes a dead code path from deleteProperty that checks if we need to nuke the object's butterfly.
This also fixes a bug where we were checking the neutering status of typed arrays for named properties when we should
only check for indexed properties. The behavior of this now matches for all tiers including when cached.

The benchmark shows a 2x improvement on polyvariant-delete-property, and a 50% improvement on delete-property-allocation-sinking.

• CMakeLists.txt:
• JavaScriptCore.xcodeproj/project.pbxproj:
• Sources.txt:
• bytecode/AccessCase.cpp:

(JSC::AccessCase::createDelete):
(JSC::AccessCase::generateImpl):

• bytecode/CodeBlock.cpp:

(JSC::CodeBlock::getICStatusMap):

• bytecode/DeleteByIdVariant.cpp: Added.

(JSC::DeleteByIdVariant::DeleteByIdVariant):
(JSC::DeleteByIdVariant::~DeleteByIdVariant):
(JSC::DeleteByIdVariant::operator=):
(JSC::DeleteByIdVariant::attemptToMerge):
(JSC::DeleteByIdVariant::writesStructures const):
(JSC::DeleteByIdVariant::visitAggregate):
(JSC::DeleteByIdVariant::markIfCheap):
(JSC::DeleteByIdVariant::dump const):
(JSC::DeleteByIdVariant::finalize):
(JSC::DeleteByIdVariant::dumpInContext const):

• bytecode/DeleteByIdVariant.h: Added.

(JSC::DeleteByIdVariant::oldStructure const):
(JSC::DeleteByIdVariant::newStructure const):
(JSC::DeleteByIdVariant::result const):
(JSC::DeleteByIdVariant::offset const):
(JSC::DeleteByIdVariant::isPropertyUnset const):
(JSC::DeleteByIdVariant::identifier const):
(JSC::DeleteByIdVariant::overlaps):

• bytecode/DeleteByStatus.cpp: Added.

(JSC::DeleteByStatus::appendVariant):
(JSC::DeleteByStatus::computeForBaseline):
(JSC::DeleteByStatus::DeleteByStatus):
(JSC::DeleteByStatus::computeForStubInfoWithoutExitSiteFeedback):
(JSC::DeleteByStatus::computeFor):
(JSC::DeleteByStatus::slowVersion const):
(JSC::DeleteByStatus::merge):
(JSC::DeleteByStatus::filter):
(JSC::DeleteByStatus::singleIdentifier const):
(JSC::DeleteByStatus::visitAggregate):
(JSC::DeleteByStatus::markIfCheap):
(JSC::DeleteByStatus::finalize):
(JSC::DeleteByStatus::dump const):

• bytecode/DeleteByStatus.h: Added.
• bytecode/ICStatusMap.h:
• bytecode/RecordedStatuses.cpp:

(JSC::RecordedStatuses::operator=):
(JSC::RecordedStatuses::addDeleteByStatus):
(JSC::RecordedStatuses::visitAggregate):
(JSC::RecordedStatuses::markIfCheap):

• bytecode/RecordedStatuses.h:

(JSC::RecordedStatuses::forEachVector):

• dfg/DFGAbstractInterpreterInlines.h:

(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
(JSC::DFG::AbstractInterpreter<AbstractStateType>::filterICStatus):

• dfg/DFGArgumentsEliminationPhase.cpp:
• dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::handleDeleteById):
(JSC::DFG::ByteCodeParser::parseBlock):

• dfg/DFGClobberize.h:

(JSC::DFG::clobberize):

• dfg/DFGClobbersExitState.cpp:

(JSC::DFG::clobbersExitState):

• dfg/DFGConstantFoldingPhase.cpp:

(JSC::DFG::ConstantFoldingPhase::foldConstants):
(JSC::DFG::ConstantFoldingPhase::emitDeleteByOffset):

• dfg/DFGDoesGC.cpp:

(JSC::DFG::doesGC):

• dfg/DFGFixupPhase.cpp:

(JSC::DFG::FixupPhase::fixupNode):

• dfg/DFGGraph.cpp:

(JSC::DFG::Graph::dump):

• dfg/DFGGraph.h:
• dfg/DFGMayExit.cpp:
• dfg/DFGNode.cpp:

(JSC::DFG::MultiDeleteByOffsetData::writesStructures const):

• dfg/DFGNode.h:

(JSC::DFG::Node::hasMultiDeleteByOffsetData):
(JSC::DFG::Node::multiDeleteByOffsetData):
(JSC::DFG::Node::hasDeleteByStatus):
(JSC::DFG::Node::deleteByStatus):

• dfg/DFGNodeType.h:
• dfg/DFGObjectAllocationSinkingPhase.cpp:
• dfg/DFGPredictionPropagationPhase.cpp:
• dfg/DFGSafeToExecute.h:

(JSC::DFG::safeToExecute):

• dfg/DFGSpeculativeJIT32_64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

• dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::compile):

• dfg/DFGTypeCheckHoistingPhase.cpp:

(JSC::DFG::TypeCheckHoistingPhase::identifyRedundantStructureChecks):
(JSC::DFG::TypeCheckHoistingPhase::identifyRedundantArrayChecks):

• dfg/DFGValidate.cpp:
• dfg/DFGVarargsForwardingPhase.cpp:
• ftl/FTLCapabilities.cpp:

(JSC::FTL::canCompile):

• ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileNode):
(JSC::FTL::DFG::LowerDFGToB3::compileMultiDeleteByOffset):

• runtime/JSGenericTypedArrayViewInlines.h:

(JSC::JSGenericTypedArrayView<Adaptor>::deleteProperty):

• runtime/JSObject.cpp:

(JSC::JSObject::deleteProperty):

• runtime/Structure.h:
• runtime/StructureInlines.h:

(JSC::Structure::mayHaveIndexingHeader const): Deleted.
(JSC::Structure::canCacheDeleteIC const): Deleted.

11:19 AM Changeset in webkit [259582] by sbarati@apple.com

• 36 edits
  1 add
  4 deletes in trunk

Implement 1GB of executable memory on arm64
​https://bugs.webkit.org/show_bug.cgi?id=208490
<rdar://problem/60797127>

Reviewed by Keith Miller.

JSTests:

Run JetStream2 wasm tests.

• wasm.yaml:
• wasm/lowExecutableMemory/executable-memory-oom.js:

PerformanceTests:

• JetStream2/JetStreamDriver.js:

(Driver.prototype.dumpJSONResultsIfNeeded):
(DefaultBenchmark.prototype.updateUIAfterRun):
(DefaultBenchmark):
(WSLBenchmark.prototype.updateUIAfterRun):
(WSLBenchmark):
(WasmBenchmark.prototype.updateUIAfterRun):
(WasmBenchmark):
(Driver.async fetchResources.statusElement.innerHTML.a.href.string_appeared_here):
(Driver.prototype.async fetchResources):

Source/JavaScriptCore:

This patch implements the 1GB executable memory space on arm64. To make this
work, we implement jumps larger than +/-128MB to use jump islands. Jump islands
work by splitting up the ~1GB region into 9 112MB chunks (1008 MB total). Each
chunk is split into two: 96MB of executable region, and 16MB of jump island region.
With this split, any jump inside a jump island region can get to the adjacent
island (forwards or backwards) in a single +/-128MB jump. When linking a jump
from A to B, where |A - B| > 128MB, we instead point the jump to an island,
where this island has a potential series of jumps that finally lands at B.

To allocate executable memory, use a MetaAllocator for each 96MB chunk. To
allocate islands, we have a bit vector we use to track used and freed islands.
We only grow this bit vector as islands are allocated, so it frequently
remains empty or very small.

The goal of this patch is to have minimal perf impact when not using islands,
so the data structures are designed to only incur overhead when actually using
islands. We expect the use of islands to be minimal. We use a red black tree
to track all island locations. This allows us to deallocate all islands when
an executable memory handle is freed. Typically, this red black tree is empty,
so freeing an executable memory handle incurs no extra overhead.

To make islands work for Wasm, we now have to link tier up code in two phases.
Previously, we would just patch jumps concurrently to Wasm threads running after
resetting the icache, knowing that we would be able to atomically update the jump
instruction to point to the new destination. However, now when repatching these
jumps in a world with jump islands, we might need to allocate islands depending
on the jump location and its target. So we now allocate and collect the set of islands,
then reset the icache, then atomically update the branch to point to the destination
(or an island that jumps to the destination). One important implementation detail
here is that for normal island repatching, if we have a jump from A to B, and it
allocates a set if islands X, we usually can deallocate X when repatching A to go to B'.
This is because the typical repatch scenario in JS happens when that code is not being
executed. For Wasm though, those islands X might be running while we want to repatch
A to go to B'. So instead of deallocating X, we just append to X in this scenario, and
we free the new set X' when the code itself is freed.

(This patch also fixes a bug in the Wasm LLInt to BBQ tier up that I spotted,
where we would publish a LLInt callee's BBQ replacement before we finished
linking the outgoing calls of the BBQ replacement.)

This patch also removes the old "CodeProfiling" code that has been unused for
a long time.

• JavaScriptCore.xcodeproj/project.pbxproj:
• Sources.txt:
• assembler/ARM64Assembler.h:

(JSC::ARM64Assembler::b):
(JSC::ARM64Assembler::bl):
(JSC::ARM64Assembler::replaceWithJump):
(JSC::ARM64Assembler::prepareForAtomicRelinkJumpConcurrently):
(JSC::ARM64Assembler::prepareForAtomicRelinkCallConcurrently):
(JSC::ARM64Assembler::computeJumpType):
(JSC::ARM64Assembler::canEmitJump):
(JSC::ARM64Assembler::linkJumpOrCall):
(JSC::ARM64Assembler::linkCompareAndBranch):
(JSC::ARM64Assembler::linkConditionalBranch):
(JSC::ARM64Assembler::linkTestAndBranch):

• assembler/AbstractMacroAssembler.h:

(JSC::AbstractMacroAssembler::prepareForAtomicRepatchNearCallConcurrently):

• assembler/LinkBuffer.cpp:

(JSC::LinkBuffer::copyCompactAndLinkCode):
(JSC::LinkBuffer::linkCode):
(JSC::LinkBuffer::allocate):
(JSC::LinkBuffer::performFinalization):

• assembler/LinkBuffer.h:

(JSC::LinkBuffer::LinkBuffer):
(JSC::LinkBuffer::setIsJumpIsland):

• assembler/MacroAssemblerCodeRef.h:

(JSC::MacroAssemblerCodeRef::MacroAssemblerCodeRef):

• jit/ExecutableAllocator.cpp:

(JSC::initializeJITPageReservation):
(JSC::ExecutableAllocator::initializeUnderlyingAllocator):
(JSC::ExecutableAllocator::isValid const):
(JSC::ExecutableAllocator::allocate):
(JSC::ExecutableAllocator::getJumpIslandTo):
(JSC::ExecutableAllocator::getJumpIslandToConcurrently):
(JSC::FixedVMPoolExecutableAllocator::~FixedVMPoolExecutableAllocator): Deleted.

• jit/ExecutableAllocator.h:

(JSC::ExecutableAllocatorBase::allocate):

• runtime/CommonSlowPaths.cpp:
• runtime/Completion.cpp:

(JSC::evaluate):

• runtime/JSModuleLoader.cpp:

(JSC::moduleLoaderParseModule):

• runtime/OptionsList.h:
• tools/CodeProfile.cpp:

(JSC::truncateTrace): Deleted.
(JSC::CodeProfile::sample): Deleted.
(JSC::CodeProfile::report): Deleted.

• tools/CodeProfile.h:

(JSC::CodeProfile::CodeProfile): Deleted.
(JSC::CodeProfile::parent): Deleted.
(JSC::CodeProfile::addChild): Deleted.
(): Deleted.
(JSC::CodeProfile::CodeRecord::CodeRecord): Deleted.

• tools/CodeProfiling.cpp:

(JSC::setProfileTimer): Deleted.
(JSC::profilingTimer): Deleted.
(JSC::CodeProfiling::sample): Deleted.
(JSC::CodeProfiling::notifyAllocator): Deleted.
(JSC::CodeProfiling::getOwnerUIDForPC): Deleted.
(JSC::CodeProfiling::begin): Deleted.
(JSC::CodeProfiling::end): Deleted.

• tools/CodeProfiling.h:

(): Deleted.
(JSC::CodeProfiling::CodeProfiling): Deleted.
(JSC::CodeProfiling::~CodeProfiling): Deleted.
(JSC::CodeProfiling::enabled): Deleted.
(JSC::CodeProfiling::beVerbose): Deleted.
(JSC::CodeProfiling::beVeryVerbose): Deleted.

• wasm/WasmBBQPlan.cpp:

(JSC::Wasm::BBQPlan::work):

• wasm/WasmCodeBlock.h:
• wasm/WasmOMGForOSREntryPlan.cpp:

(JSC::Wasm::OMGForOSREntryPlan::work):

• wasm/WasmOMGPlan.cpp:

(JSC::Wasm::OMGPlan::work):

• wasm/WasmPlan.cpp:

(JSC::Wasm::Plan::updateCallSitesToCallUs):

• wasm/WasmPlan.h:

Source/WTF:

• wtf/MetaAllocator.cpp:

(WTF::MetaAllocatorTracker::notify):
(WTF::MetaAllocatorTracker::release):
(WTF::MetaAllocator::release):
(WTF::MetaAllocatorHandle::MetaAllocatorHandle):
(WTF::MetaAllocatorHandle::~MetaAllocatorHandle):
(WTF::MetaAllocatorHandle::shrink):
(WTF::MetaAllocator::MetaAllocator):
(WTF::MetaAllocator::allocate):
(WTF::MetaAllocator::currentStatistics):

• wtf/MetaAllocator.h:

(WTF::MetaAllocatorTracker::find):
(WTF::MetaAllocator::allocate):
(WTF::MetaAllocator::currentStatistics):
(WTF::MetaAllocator::getLock): Deleted.

• wtf/MetaAllocatorHandle.h:

(WTF::MetaAllocatorHandle::allocator):
(WTF::MetaAllocatorHandle::isManaged): Deleted.
(WTF::MetaAllocatorHandle::ownerUID): Deleted.

• wtf/PlatformEnable.h:
• wtf/RedBlackTree.h:
• wtf/StdLibExtras.h:

(WTF::constructFixedSizeArrayWithArgumentsImpl):
(WTF::constructFixedSizeArrayWithArguments):

Tools:

• Scripts/run-jsc-stress-tests:
• TestWebKitAPI/Tests/WTF/MetaAllocator.cpp:

(TestWebKitAPI::TEST_F):

• TestWebKitAPI/Tests/WTF/RedBlackTree.cpp:

(TestWebKitAPI::TEST_F):

11:09 AM Changeset in webkit [259581] by Simon Fraser

• 6 edits in trunk/Source/WebCore

Make RenderObject TextStream-loggable
​https://bugs.webkit.org/show_bug.cgi?id=210035

Post-landing followup. More use of StringBuilder's variadic append. Have Node::debugDescription() include
its address, and have derived classes get the base class debugDescription(). Add an override in Text.

• dom/Element.cpp:

(WebCore::Element::debugDescription const):

• dom/Node.cpp:

(WebCore::Node::debugDescription const):

• dom/Text.cpp:

(WebCore::Text::debugDescription const):
(WebCore::Text::formatForDebugger const):

• dom/Text.h:
• rendering/RenderObject.cpp:

(WebCore::RenderObject::debugDescription const):

11:08 AM Changeset in webkit [259580] by dino@apple.com

• 2 edits in trunk/Source/WebKit

CrashTracer: MobileSafari at WebKit: WebKit::SystemPreviewController::updateProgress
​https://bugs.webkit.org/show_bug.cgi?id=210040
rdar://51410841

Reviewed by Darin Adler.

It appears that the SystemPreviewController on WebPageProxy can
become null causing a call to an in-progress download to crash
as it tries to talk to the QuickLook delegate. Guard against this
by checking the SystemPreviewController each time.

• UIProcess/Cocoa/DownloadClient.mm:

(WebKit::systemPreviewController):
(WebKit::DownloadClient::didReceiveResponse):
(WebKit::DownloadClient::didReceiveData):
(WebKit::DownloadClient::processDidCrash):
(WebKit::DownloadClient::didFinish):
(WebKit::DownloadClient::didFail):
(WebKit::DownloadClient::didCancel):

11:07 AM Changeset in webkit [259579] by Chris Dumez

• 5 edits in trunk/Source/WebKit

ProcessAssertion should use ASCIILiteral for its reason
​https://bugs.webkit.org/show_bug.cgi?id=210049

Reviewed by Alex Christensen.

ProcessAssertion should use ASCIILiteral for its reason, instead of a String.

• Shared/ios/DependencyProcessAssertionIOS.mm:

(WebKit::DependencyProcessAssertion::DependencyProcessAssertion):

• UIProcess/ProcessAssertion.cpp:

(WebKit::ProcessAssertion::ProcessAssertion):

• UIProcess/ProcessAssertion.h:
• UIProcess/ios/ProcessAssertionIOS.mm:

(WebKit::ProcessAssertion::ProcessAssertion):
(WebKit::ProcessAndUIAssertion::ProcessAndUIAssertion):

10:47 AM Changeset in webkit [259578] by cathiechen

• 3 edits
  2 adds in trunk

The change of zoom shouldn't affect ResizeObserverSize
​https://bugs.webkit.org/show_bug.cgi?id=209947

Reviewed by Simon Fraser.

Source/WebCore:

Zoom in/out shouldn't affect ResizeObserverSize. Use adjustLayoutUnitForAbsoluteZoom instead.

Test: imported/w3c/web-platform-tests/resize-observer/resize-observer-with-zoom.html

• page/ResizeObservation.cpp:

(WebCore::ResizeObservation::computeObservedSize const):

LayoutTests:

Add test for resizeObserver with zoom. The ResizeObserverSize shouldn't be effected by zooms.

• resize-observer/resize-observer-with-zoom-expected.txt: Added.
• resize-observer/resize-observer-with-zoom.html: Added.

10:41 AM Changeset in webkit [259577] by graouts@webkit.org

• 13 edits in trunk

[Web Animations] Move Document.getAnimations() to DocumentOrShadowRoot
​https://bugs.webkit.org/show_bug.cgi?id=202192
<rdar://problem/55697775>

Reviewed by Antti Koivisto.

LayoutTests/imported/w3c:

Update the test relevant to DocumentOrShadowRoot.getAnimations() from upstream and record three new PASS results in it. We also get two new PASS from a harness test.

• web-platform-tests/web-animations/idlharness.window-expected.txt:
• web-platform-tests/web-animations/interfaces/DocumentOrShadowRoot/getAnimations-expected.txt:
• web-platform-tests/web-animations/interfaces/DocumentOrShadowRoot/getAnimations.html:
• web-platform-tests/web-animations/testcommon.js:

(async insertFrameAndAwaitLoad):

Source/WebCore:

We remove the getAnimations() declaration from the Document interface and instead move it on the DocumentOrShadowRoot interface.

We add the new method Document::matchingAnimations() which takes a lambda that is provided an animation's effect's target to determine whether
that animation should be found in the list of animations.

In the case of Document::getAnimations(), we filter out animations targeting elements hosted in shadow roots, while in ShadowRoot:getAnimations(),
we filter out animations targeting elements that are not hosted in the shadow root the method was called on.

• dom/Document.cpp:

(WebCore::Document::getAnimations):
(WebCore::Document::matchingAnimations):

• dom/Document.h:
• dom/Document.idl:
• dom/DocumentOrShadowRoot.idl:
• dom/Element.cpp:

(WebCore::Element::getAnimations):

• dom/ShadowRoot.cpp:

(WebCore::ShadowRoot::getAnimations):

• dom/ShadowRoot.h:

10:35 AM Changeset in webkit [259576] by ysuzuki@apple.com

• 3 edits
  1 add in trunk

[JSC] Since ArrayBufferViewWatchpointAdaptor::add can fire watchpoints, DFG::Plan should check validity of CodeBlock after executing reallyAdd
​https://bugs.webkit.org/show_bug.cgi?id=210055
<rdar://problem/61331962>

Reviewed by Keith Miller.

JSTests:

• stress/array-buffer-view-watchpoint-can-be-fired-in-really-add-in-dfg.js: Added.

(xxx.foo):

Source/JavaScriptCore:

Since ArrayBufferViewWatchpointAdaptor::add can fire watchpoints, it is possible that the DFG CodeBlock is already invalidated after executing DFG::Plan::reallyAdd.
We should check CodeBlock's validity again and terminate DFG::Plan::finalizeWithoutNotifyingCallback with CompilationInvalidated if CodeBlock got invalidated.

• dfg/DFGPlan.cpp:

(JSC::DFG::Plan::finalizeWithoutNotifyingCallback):

10:21 AM Changeset in webkit [259575] by Darin Adler

• 72 edits
  5 deletes in trunk

Stop using live ranges in DocumentMarkerController
​https://bugs.webkit.org/show_bug.cgi?id=209985

Reviewed by Antti Koivisto.

Source/WebCore:

• Removed uses of live ranges from DocumentMarkerController.
• Removed "active/inactive text match marker", which was only ever used by Chromium, and has been dead code in WebKit for while now.
• Made a replacement for Range::absoluteTextQuads, in RenderObject, and moved all callers over.
• Added a fast path for Node::isCharacterDataNode that makes it work without a virtual function call for the common node types.
• Added a Node::length function that matches the DOM specification's definiton of a node's length, part of how ranges are defined.
• Added a structure OffsetRange to represent start/end offsets within a single character data node. This is a common idiom to handle possible partial selection of text nodes at the start and end of the range when iterating text within a range.
• Changed DocumentMarker functions to use OffsetRange.
• Added helper functions for turning a vector of quads into a vector of bounding box rectangles, and for computing a union of all the rectangles, since both of these are common coding patterns.
• Added an intersectingNodes function, producing a for-loop-compatible range for iterating all nodes covered by a DOM range.
• Changed RenderObject::SetLayoutNeededForbiddenScope so it can be used without an #if at each call site, expands to nothing in release builds.
• Eliminated uses of RetainPtr<id> instead of just id to pass arguments.

• dom/CharacterData.h: Updated since isCharacterDataNode is no longer a

virtual function.

• dom/Document.cpp:

(WebCore::Document::textInserted): Pass an OffsetRange to removeMarkers.
(WebCore::Document::textRemoved): Ditto.

• dom/DocumentMarker.h: Removed most platform-specific functions.

Removed the active match boolean, which was only ever used for Chromium.
Use OffsetRange. Updated some obsolete comments.

• dom/DocumentMarkerController.cpp: Removed include of "Range.h".

(WebCore::DocumentMarkerController::collectTextRanges): Change return value
to return a structure with a node and an offset range rather than using a
SimpleRange; adds clarity to the fact that it's guranteed to be only a
single node. May even want to consider some day moving TextIterator over
to this, but it's definitely better here for now.
(WebCore::DocumentMarkerController::addMarker): Updated for the change to
collectTextRanges and to DocumentMarker construction, and to use construction
syntax that doesn't repeat the DocumentMarker class name. Deleted overloads
that are no longer needed.
(WebCore::DocumentMarkerController::addMarkerToNode): Ditto.
(WebCore::DocumentMarkerController::addTextMatchMarker): Ditto.
(WebCore::DocumentMarkerController::addDictationPhraseWithAlternativesMarker): Deleted.
(WebCore::DocumentMarkerController::addDictationResultMarker): Deleted.
(WebCore::DocumentMarkerController::addDraggedContentMarker): Updated as above.
(WebCore::DocumentMarkerController::addPlatformTextCheckingMarker): Deleted.
(WebCore::DocumentMarkerController::copyMarkers): Fix a mistake where copying
markers would have a side effect of modifying the original.
(WebCore::DocumentMarkerController::removeMarkers): Just have this call
filterMarkers with null for the function.
(WebCore::DocumentMarkerController::filterMarkers): Updated for the change to
collectTextRanges and to pass a OffsetRange.
(WebCore::updateRenderedRectsForMarker): Use SimpleRange instead of a live
range. Use the new RenderObject::absoluteTextQuads and boundingBoxes functions
to make this clearer and simpler.
(WebCore::shouldInsertAsSeparateMarker): Update for changes to DocumentMarker.
(WebCore::DocumentMarkerController::copyMarkers): Take an OffsetRange instead
of a start and length. Also removed the unused "delta" argument since all
callers were passing 0.
(WebCore::DocumentMarkerController::removeMarkers): Removed unneeded
check if a key is still in the map.
(WebCore::DocumentMarkerController::forEach): Added. Shared logic for the multiple
functions that iterate the markers covered by a SimpleRange.
(WebCore::DocumentMarkerController::markersInRange): Call forEach.
(WebCore::DocumentMarkerController::repaintMarkers): Simplified loops.
(WebCore::DocumentMarkerController::setMarkersActive): Deleted. Was only
used for Chromium and has been dead code since.
(WebCore::DocumentMarkerController::hasMarkers): Call forEach.
(WebCore::DocumentMarkerController::clearDescriptionOnMarkersIntersectingRange):
Call forEach.

• dom/DocumentMarkerController.h: Updated for the above.

• dom/Element.cpp:

(WebCore::Element::boundsInRootViewSpace): Use unitedBoundingBoxes.
(WebCore::Element::absoluteEventBounds): Ditto.
(WebCore::Element::boundingAbsoluteRectWithoutLayout): Ditto.

• dom/Node.h: Added inline fast path for isCharacterDataNode.

Moved some inline function bodies out of class definition so it's
easier to read it and get an overview.

• dom/Range.cpp:

(WebCore::Range::absoluteRectsForRangeInText const): Use boundingBoxes.
(WebCore::Range::absoluteTextQuads const): Deleted.
(WebCore::Range::borderAndTextRects const): Use boundingBoxes.

• dom/Range.h: Deleted absoluteTextQuads.

• dom/RenderedDocumentMarker.h: Use rvalue references and move.

• dom/SimpleRange.cpp:

(WebCore::fastIsCharacterData): Deleted. Moved the optimizations into
Node::isCharacterDataNode so now all callers get them.
(WebCore::length): Deleted. Moved to Node::length.
(WebCore::makeBoundaryPointAfterNodeContents): Use Node::length.
(WebCore::IntersectingNodeRange::first const): Added.
(WebCore::IntersectingNodeRange::sentinel const): Added.
(WebCore::characterDataOffsetRange): Added.
(WebCore::IntersectingNodeIterator::operator++): Added.

• dom/SimpleRange.h: Added intersectingNodes function, and the

IntersectingNodeRange and IntersectingNodeIterator classes used
to make it work. Added the OffsetRange structure and the
characterDataOffsetRange function, also to help with iteration.

• editing/AlternativeTextController.cpp:

(WebCore::AlternativeTextController::respondToMarkerAtEndOfWord):
Take out unneeded holds_alternative check.
(WebCore::AlternativeTextController::removeDictationAlternativesForMarker):
Removed unneeded assertion.
(WebCore::AlternativeTextController::dictationAlternativesForMarker):
Removed unneeded assertion.
(WebCore::AlternativeTextController::applyDictationAlternative):
Removed unneeded local variables.
(WebCore::AlternativeTextController::show): Pass reference to range
rather than pointer to rootViewRectForRange.
(WebCore::AlternativeTextController::timerFired): Ditto.
(WebCore::AlternativeTextController::rootViewRectForRange const):
Take a SimpleRange instead of a live range. Also use
RenderObject::absoluteTextQuads and unitedBoundingBoxes.

• editing/AlternativeTextController.h: Updated for above.

• editing/CompositeEditCommand.cpp:

(WebCore::CompositeEditCommand::replaceTextInNodePreservingMarkers):
Removed most of the code since we can copy marker data without
separate code for each type. Also use SimpleRange instead of a live range.

• editing/DictationCommand.cpp: Call addMarker instead of

addMarkerToNode.

• editing/Editing.cpp:

(WebCore::visiblePositionForIndexUsingCharacterIterator): Use
SimpleRange instead of a live range.

• editing/Editor.cpp:

(WebCore::Editor::updateMarkersForWordsAffectedByEditing):
Removed a local variable.

• editing/Editor.h: Remove use of RetainPtr<id> for arguments.

• editing/FrameSelection.cpp:

(WebCore::FrameSelection::getTextRectangles const): Deleted.
(WebCore::FrameSelection::getClippedVisibleTextRectangles const):
Merged the logic from getTextRectangles in here, and changed to
use RenderObject::absoluteTextQuads and boundingBoxes.

• editing/FrameSelection.h: Updated for above.

• editing/SplitTextNodeCommand.cpp:

(WebCore::SplitTextNodeCommand::doApply): Updated for changes to
the copyMarkers function.
(WebCore::SplitTextNodeCommand::doUnapply): Ditto.

• editing/cocoa/DataDetection.mm:

(WebCore::detectItemAtPositionWithRange): Use
RenderObject::absoluteTextQuads and unitedBoundingBoxes.

• editing/ios/DictationCommandIOS.cpp:

(WebCore::DictationCommandIOS::DictationCommandIOS): Remove use of
RetainPtr<id> for arguments.
(WebCore::DictationCommandIOS::create): Move from header.
(WebCore::DictationCommandIOS::doApply): Updated to do the work here
since we don't have addDictationPhraseWithAlternativesMarker any more.
Specifically, remove the first interpretation, which leaves behind a
vector of alternatives. Same for addDictationResultMarker.

• editing/ios/DictationCommandIOS.h: Updated for the above.

• editing/ios/EditorIOS.mm:

(WebCore::Editor::insertDictationPhrases): Take id instead of
RetainPtr<id>.
(WebCore::Editor::setDictationPhrasesAsChildOfElement): Changed
around since we don't have addDictationPhraseWithAlternativesMarker
or addDictationResultMarker any more.

• page/FrameView.cpp:

(WebCore::FrameView::paintContents): Update for changes to
SetLayoutNeededForbiddenScope.

• page/ios/FrameIOS.mm:

(WebCore::Frame::interpretationsForCurrentRoot const):
Get alternatives directly from DocumentMarker::data, now that
there is not a separate DocumentMarker::alternatives function.

• page/mac/ServicesOverlayController.mm:

(WebCore::textQuadsToBoundingRectForRange): Deleted.
(WebCore::ServicesOverlayController::buildPhoneNumberHighlights):
Use RenderObject::absoluteTextQuads, unitedBoundingBoxes,
and enclosingIntRect to do what textQuadsToBoundingRectForRange did.

• platform/SerializedPlatformDataCueValue.h: Remove definition of

id since that's now done in RetainPtr.h.

• platform/graphics/FloatQuad.cpp:

(WebCore::boundingBoxes): Added.
(WebCore::unitedBoundingBoxes): Added.

• platform/graphics/FloatQuad.h: A couple tweaks, plus declared the

functions above.

• platform/network/ResourceHandle.h: Remove definition of

id since that's now done in RetainPtr.h.

• platform/network/cf/AuthenticationChallenge.h: Ditto.

• rendering/InlineTextBox.cpp:

(WebCore::InlineTextBox::resolveStyleForMarkedText): Take out
isActiveMatch logic that was used for Chromium only.

• rendering/RenderBox.cpp:

(WebCore::RenderBox::minPreferredLogicalWidth const): Update for
changes to SetLayoutNeededForbiddenScope.
(WebCore::RenderBox::maxPreferredLogicalWidth const): Ditto.

• rendering/RenderCounter.cpp:

(WebCore::RenderCounter::computePreferredLogicalWidths): Ditto.

• rendering/RenderLayerBacking.cpp:

(WebCore::RenderLayerBacking::paintIntoLayer): Ditto.

• rendering/RenderObject.cpp:

(WebCore::RenderObject::SetLayoutNeededForbiddenScope::SetLayoutNeededForbiddenScope):
Changed to take a const& instead of a *.
(WebCore::RenderObject::SetLayoutNeededForbiddenScope::~SetLayoutNeededForbiddenScope):
Ditto.
(WebCore::RenderObject::markContainingBlocksForLayout): Update for
changes to SetLayoutNeededForbiddenScope.
(WebCore::RenderObject::absoluteBoundingBoxRect const): Use
unitedBoundingBoxes and enclosingIntRect.
(WebCore::RenderObject::absoluteBoundingBoxRectForRange): Use
the new RenderObject::absoluteTextQuads and unitedBoundingBoxes.
(WebCore::RenderObject::absoluteTextQuads): Added. Moved here from
Range::absoluteTextQuads, but refactored for simplicity and removed
the unused, and mildly complex to implement, feature that would
indicate whether some or all of the quads were from fixed positioning.

• rendering/RenderObject.h: Tweaked comments. Moved multi-line function

bodies out of the RenderObject class definition to make it easier to
read. Declared a new absoluteTextQuads function. Made
m_setNeedsLayoutForbidden so setNeedsLayoutIsForbidden can be const.
Conditionalized isSetNeedsLayoutForbidden and SetLayoutNeededForbiddenScope
so both can be used in production builds but expand to no code.

• rendering/RenderReplaced.cpp:

(WebCore::draggedContentContainsReplacedElement): Simplified and updated
now that the dragged content data no longer has its own named structure.
(WebCore::RenderReplaced::paint): Update for changes to
SetLayoutNeededForbiddenScope.

• rendering/RenderTableSection.cpp:

(WebCore::RenderTableSection::calcRowLogicalHeight): Ditto.
(WebCore::RenderTableSection::layoutRows): Ditto.

• rendering/RenderTheme.cpp:

(WebCore::RenderTheme::textSearchHighlightColor const): Removed the Chromium-only
concept of active vs. inactive text search highlight colors.
(WebCore::RenderTheme::platformTextSearchHighlightColor const): Ditto.
(WebCore::RenderTheme::activeTextSearchHighlightColor const): Deleted.
(WebCore::RenderTheme::inactiveTextSearchHighlightColor const): Deleted.
(WebCore::RenderTheme::platformActiveTextSearchHighlightColor const): Deleted.
(WebCore::RenderTheme::platformInactiveTextSearchHighlightColor const): Deleted.

• rendering/RenderTheme.h: Ditto.
• rendering/RenderThemeMac.h: Ditto.
• rendering/RenderThemeMac.mm:

(WebCore::RenderThemeMac::platformTextSearchHighlightColor const): Ditto.
(WebCore::RenderThemeMac::platformActiveTextSearchHighlightColor const): Deleted.
(WebCore::RenderThemeMac::platformInactiveTextSearchHighlightColor const): Deleted.

• testing/Internals.cpp:

(WebCore::Internals::addTextMatchMarker): Deleted. Was only used for a test
of Chromium-specific scroll tick marks.

• testing/Internals.h: Deleted addTextMatchMarker.
• testing/Internals.idl: Ditto.

Source/WebKit:

• UIProcess/ViewSnapshotStore.h: Removed unused "Cocoa without IOSurface" code paths.
• UIProcess/mac/ViewSnapshotStoreMac.mm:

(WebKit::ViewSnapshot::create): Ditto.
(WebKit::ViewSnapshot::ViewSnapshot): Ditto.
(WebKit::ViewSnapshot::setSurface): Ditto.
(WebKit::ViewSnapshot::hasImage const): Ditto.
(WebKit::ViewSnapshot::clearImage): Ditto.
(WebKit::ViewSnapshot::setVolatile): Ditto.
(WebKit::ViewSnapshot::asLayerContents): Ditto.
(WebKit::ViewSnapshot::asImageForTesting): Ditto.
(WebKit::ViewSnapshotStore::snapshottingContext): Deleted.

• WebProcess/WebPage/Cocoa/TextCheckingControllerProxy.mm:

(WebKit::TextCheckingControllerProxy::replaceRelativeToSelection): Updated since
addPlatformTextCheckingMarker no longer exists.
(WebKit::TextCheckingControllerProxy::removeAnnotationRelativeToSelection):
Updated since filterMarkers passes a reference instead of a pointer now.
(WebKit::TextCheckingControllerProxy::annotatedSubstringBetweenPositions):
Simplified code a bit by removing local variables.

• WebProcess/WebPage/Cocoa/WebPageCocoa.mm:

(WebKit::WebPage::dictionaryPopupInfoForRange): Use
RenderObject::absoluteTextQuads.

• WebProcess/WebPage/mac/WebPageMac.mm:

(WebKit::WebPage::performImmediateActionHitTestAtLocation): Use
RenderObject::absoluteTextQuads and unitedBoundingBoxes.

Source/WebKitLegacy/ios:

• WebCoreSupport/WebFrameIOS.mm:

(-[WebFrame previousUnperturbedDictationResultBoundaryFromPosition:]):
Update since DocumentMarker::metadata no longer exists.
(-[WebFrame nextUnperturbedDictationResultBoundaryFromPosition:]):
Ditto.

• WebCoreSupport/WebVisiblePosition.mm:

(-[WebVisiblePosition enclosingRangeWithDictationPhraseAlternatives:]):
Update since DocumentMarker::alternatives no longer exists.
(-[WebVisiblePosition enclosingRangeWithCorrectionIndicator]):
Ditto.

Source/WebKitLegacy/mac:

• DOM/DOM.mm:

(-[DOMNode absoluteQuadAndInsideFixedPosition:]): Use unitedBoundingBoxes.

• WebCoreSupport/WebEditorClient.mm:

(WebEditorClient::handleRequestedCandidates): Use RenderObject::absoluteTextQuads.

• WebView/WebFrame.mm:

(-[WebFrame getDictationResultRanges:andMetadatas:]): Updated since DocumentMarker no
longer has a dedicated metadata member function.
(-[WebFrame dictationResultMetadataForRange:]):

• WebView/WebImmediateActionController.mm:

(+[WebImmediateActionController _dictionaryPopupInfoForRange:inFrame:withLookupOptions:indicatorOptions:transition:]):
Use RenderObject::absoluteTextQuads.

Source/WTF:

• wtf/RetainPtr.h: Define "id" here when compiling non-ObjC so it's easier to use

RetainPtr<id> in any header file. Lets us stop doing this many other places.
Harmless when not needed.

Tools:

• TestWebKitAPI/Tests/WebCore/MarkedText.cpp:

(TestWebKitAPI::TEST): Update for change to DocumentMarker constructor.

LayoutTests:

• fast/scrolling/scrollbar-tickmarks-hittest-expected.txt: Removed.
• fast/scrolling/scrollbar-tickmarks-hittest.html: Removed.
• fast/scrolling/scrollbar-tickmarks-styled-expected.txt: Removed.
• fast/scrolling/scrollbar-tickmarks-styled.html: Removed.
• platform/gtk/fast/scrolling/scrollbar-tickmarks-styled-expected.png: Removed.
• platform/ios/TestExpectations: Removed expectation for scrollbar-tickmarks.

These were Chromium-specific tests.

• platform/mac-wk1/TestExpectations: Updated to expect flakiness instead of

repeatable failures for tests that passed locally.

• platform/mac/TestExpectations: Ditto.

10:01 AM Changeset in webkit [259574] by Jonathan Bedard

• 2 edits in trunk/Tools

run-api-tests spew "setup_environ_for_server" in verbose mode
​https://bugs.webkit.org/show_bug.cgi?id=210012
<rdar://problem/61306056>

Reviewed by Aakash Jain.

• Scripts/webkitpy/port/ios_simulator.py:

(IOSSimulatorPort.setup_environ_for_server): Do not log this function when called.

9:54 AM Changeset in webkit [259573] by pvollan@apple.com

• 3 edits in trunk/Source/WebKit

Add syscall to the WebContent sandbox
​https://bugs.webkit.org/show_bug.cgi?id=210048

Reviewed by Brent Fulgham.

Add a required syscall to the WebContent sandbox on iOS and macOS.

• Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:
• WebProcess/com.apple.WebProcess.sb.in:

8:41 AM Changeset in webkit [259572] by ysuzuki@apple.com

• 2 edits in trunk/Source/JavaScriptCore

[JSC] Put ensureStillAliveHere for Integer TypedArrays in GetByVal
​https://bugs.webkit.org/show_bug.cgi?id=210047

Reviewed by Mark Lam.

While r258381 puts ensureStillAliveHere in FTL to keep base alive for float/double TypedArrays,
we need to do the same thing for integer TypedArrays too. This patch places it.

• ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileGetByVal):

8:33 AM Changeset in webkit [259571] by Antti Koivisto

• 2 edits in trunk/Source/WebCore

Remove instance fields and methods from StyleColor
​https://bugs.webkit.org/show_bug.cgi?id=210045

Reviewed by Zalan Bujtas.

They are unused. The type itself remains as a namespace for static functions.
We might want bring it back later but there is no need to leave dead code around now.

• css/StyleColor.h:

(WebCore::StyleColor::StyleColor): Deleted.
(WebCore::StyleColor::currentColor): Deleted.
(WebCore::StyleColor::isCurrentColor const): Deleted.
(WebCore::StyleColor::getColor const): Deleted.
(WebCore::StyleColor::resolve const): Deleted.
(WebCore::operator==): Deleted.
(WebCore::operator!=): Deleted.

8:27 AM Changeset in webkit [259570] by Jacob Uphoff

• 3 edits in trunk/LayoutTests

[ macOS debug ] REGRESSION (r259463): http/tests/media/clearkey/collect-webkit-media-session.html is failing
​https://bugs.webkit.org/show_bug.cgi?id=209989

Unreviewed test gardening.

• platform/mac-wk1/TestExpectations:
• platform/mac-wk2/TestExpectations:

8:16 AM Changeset in webkit [259569] by graouts@webkit.org

• 2 edits in trunk/Tools

[macOS] TestWebKitAPI.WKUserContentController.UserStyleSheetAffectingOnlySpecificWebViewSharedConfiguration is a flaky timeout
​https://bugs.webkit.org/show_bug.cgi?id=209934
<rdar://problem/61229832>

Reviewed by Antti Koivisto.

Fix a couple of tests which would use -[WKWebView _test_waitForDidFinishNavigation] in a way where the navigation may have finished before the method was called.

• TestWebKitAPI/Tests/WebKitCocoa/UserContentController.mm:

(TEST):

2:57 AM Changeset in webkit [259568] by youenn@apple.com

• 16 edits
  1 copy
  1 add in trunk/Source

Add HEVC support in GPU Process for WebRTC
​https://bugs.webkit.org/show_bug.cgi?id=209857

Reviewed by Eric Carlson.

Source/ThirdParty/libwebrtc:

• Configurations/libwebrtc.iOS.exp:
• Configurations/libwebrtc.iOSsim.exp:
• Configurations/libwebrtc.mac.exp:
• Source/webrtc/sdk/WebKit/WebKitDecoder.h: Copied from Source/ThirdParty/libwebrtc/Source/webrtc/sdk/WebKit/WebKitUtilities.h.
• Source/webrtc/sdk/WebKit/WebKitDecoder.mm: Added.

(-[WK_RTCLocalVideoH264H265Decoder initH264DecoderWithCallback:]):
(-[WK_RTCLocalVideoH264H265Decoder initH265DecoderWithCallback:]):
(-[WK_RTCLocalVideoH264H265Decoder decodeData:size:timeStamp:]):
(-[WK_RTCLocalVideoH264H265Decoder releaseDecoder]):
(webrtc::videoDecoderCallbacks):
(webrtc::setVideoDecoderCallbacks):
(webrtc::RemoteVideoDecoder::RemoteVideoDecoder):
(webrtc::RemoteVideoDecoder::decodeComplete):
(webrtc::RemoteVideoDecoder::InitDecode):
(webrtc::RemoteVideoDecoder::Decode):
(webrtc::RemoteVideoDecoder::RegisterDecodeCompleteCallback):
(webrtc::RemoteVideoDecoder::Release):
(webrtc::RemoteVideoDecoderFactory::RemoteVideoDecoderFactory):
(webrtc::RemoteVideoDecoderFactory::GetSupportedFormats const):
(webrtc::RemoteVideoDecoderFactory::CreateVideoDecoder):
(webrtc::createWebKitDecoderFactory):
(webrtc::createLocalH264Decoder):
(webrtc::createLocalH265Decoder):
(webrtc::releaseLocalDecoder):
(webrtc::decodeFrame):

• Source/webrtc/sdk/WebKit/WebKitEncoder.mm:

(-[WK_RTCLocalVideoH264H265Encoder initWithCodecInfo:]):
(-[WK_RTCLocalVideoH264H265Encoder setCallback:]):
(-[WK_RTCLocalVideoH264H265Encoder releaseEncoder]):
(-[WK_RTCLocalVideoH264H265Encoder startEncodeWithSettings:numberOfCores:]):
(-[WK_RTCLocalVideoH264H265Encoder encode:codecSpecificInfo:frameTypes:]):
(-[WK_RTCLocalVideoH264H265Encoder setBitrate:framerate:]):
(webrtc::createLocalEncoder):
(webrtc::releaseLocalEncoder):
(webrtc::initializeLocalEncoder):
(webrtc::encodeLocalEncoderFrame):
(webrtc::setLocalEncoderRates):

• Source/webrtc/sdk/WebKit/WebKitUtilities.h:

(): Deleted.

• Source/webrtc/sdk/WebKit/WebKitUtilities.mm:

(webrtc::videoDecoderCallbacks): Deleted.
(webrtc::setVideoDecoderCallbacks): Deleted.
(webrtc::RemoteVideoDecoder::RemoteVideoDecoder): Deleted.
(webrtc::RemoteVideoDecoder::decodeComplete): Deleted.
(webrtc::RemoteVideoDecoder::InitDecode): Deleted.
(webrtc::RemoteVideoDecoder::Decode): Deleted.
(webrtc::RemoteVideoDecoder::RegisterDecodeCompleteCallback): Deleted.
(webrtc::RemoteVideoDecoder::Release): Deleted.
(webrtc::RemoteVideoDecoderFactory::RemoteVideoDecoderFactory): Deleted.
(webrtc::RemoteVideoDecoderFactory::GetSupportedFormats const): Deleted.
(webrtc::RemoteVideoDecoderFactory::CreateVideoDecoder): Deleted.
(webrtc::createWebKitDecoderFactory): Deleted.
(webrtc::createLocalDecoder): Deleted.
(webrtc::releaseLocalDecoder): Deleted.
(webrtc::decodeFrame): Deleted.

• Source/webrtc/sdk/objc/components/video_codec/RTCVideoDecoderH265.h:
• Source/webrtc/sdk/objc/components/video_codec/RTCVideoDecoderH265.mm:

(-[RTCVideoDecoderH265 decode:missingFrames:codecSpecificInfo:renderTimeMs:]):
(-[RTCVideoDecoderH265 decodeData:size:timeStamp:]):

• libwebrtc.xcodeproj/project.pbxproj:

Source/WebKit:

• GPUProcess/webrtc/LibWebRTCCodecsProxy.h:
• GPUProcess/webrtc/LibWebRTCCodecsProxy.messages.in:
• GPUProcess/webrtc/LibWebRTCCodecsProxy.mm:

(WebKit::LibWebRTCCodecsProxy::createH264Decoder):
(WebKit::LibWebRTCCodecsProxy::createH265Decoder):
(WebKit::LibWebRTCCodecsProxy::createEncoder):
(WebKit::LibWebRTCCodecsProxy::createDecoder): Deleted.

• WebProcess/GPU/webrtc/LibWebRTCCodecs.cpp:

(WebKit::createVideoDecoder):
(WebKit::createVideoEncoder):
(WebKit::LibWebRTCCodecs::createDecoder):
(WebKit::formatNameFromCodecType):
(WebKit::LibWebRTCCodecs::createEncoder):

• WebProcess/GPU/webrtc/LibWebRTCCodecs.h:

1:03 AM Changeset in webkit [259567] by commit-queue@webkit.org

• 4 edits
  2 adds in trunk

CanvasRenderingContext2D.drawImage should ignore the EXIF orientation if the image-orientation is none
​https://bugs.webkit.org/show_bug.cgi?id=209849

Patch by Said Abou-Hallawa <​sabouhallawa@apple.com> on 2020-04-06
Reviewed by Darin Adler.

Source/WebCore:

drawImage() will get the image-orientation of the HTMLImageElement from
its computed style. This will be passed to GraphicsContext::drawImage()
in the ImagePaintingOptions. Previously we were passing FromImage always.

Test: fast/images/image-orientation-none-canvas.html

• html/canvas/CanvasRenderingContext2DBase.cpp:

(WebCore::CanvasRenderingContext2DBase::drawImage):

• html/canvas/CanvasRenderingContext2DBase.h:

LayoutTests:

• fast/images/image-orientation-none-canvas-expected.html: Added.
• fast/images/image-orientation-none-canvas.html: Added.

Apr 5, 2020:

11:04 PM Changeset in webkit [259566] by commit-queue@webkit.org

• 2 edits in trunk/Source/WebCore

Remove code that has no effect from loadURL
​https://bugs.webkit.org/show_bug.cgi?id=210029

Patch by Rob Buis <​rbuis@igalia.com> on 2020-04-05
Reviewed by Darin Adler.

Remove setDomainForCachePartition from loadURL since it will be
overwritten in DocumentLoader::loadMainResource, this was
introduced by r213126.

• loader/FrameLoader.cpp:

(WebCore::FrameLoader::loadURL):

11:02 PM Changeset in webkit [259565] by Ross Kirsling

• 4 edits in trunk

DLLLauncherMain print to console instead of opening window on fatal error
​https://bugs.webkit.org/show_bug.cgi?id=206537

Reviewed by Fujii Hironori.

Source/JavaScriptCore:

• shell/DLLLauncherMain.cpp:

(fatalError):

Tools:

• win/DLLLauncher/DLLLauncherMain.cpp:

(fatalError):

9:34 PM Changeset in webkit [259564] by Ross Kirsling

• 5 edits
  1 add in trunk

JSC shell shouldn't treat NUL as a terminator when printing a JS string
​https://bugs.webkit.org/show_bug.cgi?id=210037

Reviewed by Darin Adler.

JSTests:

• .gitattributes:
• ChakraCore.yaml:
• ChakraCore/test/es5/hasItem.baseline-jsc: Added.

Update baseline and mark it diffable (as plaintext) in spite of containing \0.

Source/JavaScriptCore:

Since JS strings aren't null-terminated, it's probably a better experience to not stop printing when we see \0.
That is, 'abc\0def' should be printed as abcdef and not abc.

This patch updates our printing of evaluation results as well as the print / printErr / debug functions.

• jsc.cpp:

(printInternal):
(functionDebug):
(runInteractive):

9:22 PM Changeset in webkit [259563] by don.olmstead@sony.com

• 6 edits in trunk

[CMake] Use WEBKIT_EXECUTABLE in MiniBrowser
​https://bugs.webkit.org/show_bug.cgi?id=206894

Reviewed by Adrian Perez de Castro.

.:

Add a MiniBrowser derived sources directory.

• Source/cmake/WebKitFS.cmake:

Tools:

Modify CMake ports to use WEBKIT_EXECUTABLE when creating their respective
MiniBrowsers.

• MiniBrowser/gtk/CMakeLists.txt:
• MiniBrowser/win/CMakeLists.txt:
• MiniBrowser/wpe/CMakeLists.txt:

9:14 PM Changeset in webkit [259562] by Manuel Rego Casasnovas

• 11 edits
  2 adds in trunk

Computed style for "outline-offset" is wrong when "outline-style" is "none"
​https://bugs.webkit.org/show_bug.cgi?id=209913

Reviewed by Daniel Bates.

LayoutTests/imported/w3c:

Imported css/css-ui/parsing/outline-offset-computed.html from WPT.
And update baselines for web-animations tests.

• web-platform-tests/css/css-ui/parsing/outline-offset-computed-expected.txt: Added.
• web-platform-tests/css/css-ui/parsing/outline-offset-computed.html: Added.
• web-platform-tests/css/css-ui/parsing/w3c-import.log:
• web-platform-tests/web-animations/animation-model/animation-types/accumulation-per-property-expected.txt:
• web-platform-tests/web-animations/animation-model/animation-types/addition-per-property-expected.txt:
• web-platform-tests/web-animations/animation-model/animation-types/interpolation-per-property-expected.txt:

Source/WebCore:

Computed style for outline-offset was not returning the proper value
if "outline-style" was "none".
This was due to a check in RenderStyle::outlineOffset()
that this patch removes.

This code could be there because this is needed for "outline-width"
as specified in the spec (​https://drafts.csswg.org/css-ui/#outline-props),
however there's nothing about this on the "outline-offset" property.

Test: imported/w3c/web-platform-tests/css/css-ui/parsing/outline-offset-computed.html

• rendering/style/RenderStyle.cpp:

(WebCore::RenderStyle::outlineOffset const):

LayoutTests:

Update baselines for web-animations tests.

• platform/ios/imported/w3c/web-platform-tests/web-animations/animation-model/animation-types/accumulation-per-property-expected.txt:
• platform/ios/imported/w3c/web-platform-tests/web-animations/animation-model/animation-types/addition-per-property-expected.txt:
• platform/ios/imported/w3c/web-platform-tests/web-animations/animation-model/animation-types/interpolation-per-property-expected.txt:

9:02 PM Changeset in webkit [259561] by Peng Liu

• 4 edits in trunk/Source/WebCore

The value of [AVPlayerViewController isPictureInPicturePossible] is NO in the first attempt to enter PiP
​https://bugs.webkit.org/show_bug.cgi?id=204979

Reviewed by Darin Adler.

We should use "#if HAVE(AVOBSERVATIONCONTROLLER)" instead of
"#if HAVE(HAVE_AVOBSERVATIONCONTROLLER)".

Source/WebCore:

• platform/ios/VideoFullscreenInterfaceAVKit.mm:

(-[WebAVPlayerViewController initWithFullscreenInterface:]):
(VideoFullscreenInterfaceAVKit::doEnterFullscreen):

Source/WebCore/PAL:

• pal/spi/cocoa/AVKitSPI.h:

8:02 PM Changeset in webkit [259560] by don.olmstead@sony.com

• 16 edits
  1 copy in trunk

[CMake] Add WebKit::WebKit target
​https://bugs.webkit.org/show_bug.cgi?id=210033

Reviewed by Fujii Hironori.

.:

Use SET_AND_EXPOSE_TO_BUILD for the Plugin process since ENABLE(PLUGIN_PROCESS)
is used in the source code.

• Source/cmake/OptionsGTK.cmake:

Source/WebKit:

Use WEBKIT_EXECUTABLE macros for the Process executables. Rename the output
file names to fit with the macro's expectations.

Add Headers.cmake which lists out all the public headers that are currently
shared by the PlayStation and Windows ports. This is then included on each
platform that is using it. Additionally use WEBKIT_COPY_FILES to create a
target which copies headers.

Finally use WEBKIT_FRAMEWORK_TARGET to create a WebKit target. Its dependent
on the WebKit library itself, the processes being built, and any headers that
are copied. This ensures that everything is built for dependent targets.

• CMakeLists.txt:
• Headers.cmake: Copied from Source/WebKit/PlatformPlayStation.cmake.
• PlatformFTW.cmake:
• PlatformGTK.cmake:
• PlatformMac.cmake:
• PlatformPlayStation.cmake:
• PlatformWPE.cmake:
• PlatformWin.cmake:

Tools:

Use the WebKit::WebKit target for MiniBrowser and TestWebKit. This removes
the need to have WebProcess and NetworkProcess as dependencies since they are
attached to the WebKit::WebKit target.

Remove references to WebKitFrameworkHeaders as it is now WebKit_CopyHeaders.
It is also a dependency of WebKit::WebKit so it does not need to be listed
as a dependency.

• MiniBrowser/win/CMakeLists.txt:
• TestWebKitAPI/CMakeLists.txt:
• TestWebKitAPI/PlatformPlayStation.cmake:
• TestWebKitAPI/PlatformWin.cmake:
• WebKitTestRunner/CMakeLists.txt:

5:28 PM Changeset in webkit [259559] by Wenson Hsieh

• 2 edits in trunk/Source/WebCore

Address review comments after r259550
​https://bugs.webkit.org/show_bug.cgi?id=208472

Reviewed by Darin Adler.

• platform/ios/ValidationBubbleIOS.mm:

Change a few named constants to be constexpr instead, and add comments describing their purpose.

(label):
(updateLabelFrame):

Rename these helper functions and move them up the file. Turn what was previously named
WebValidationBubbleViewController_labelFrame into updateLabelFrame, and have it additionally update the
view controller's label's frame to avoid repeating this logic in the subclassed method implementations below.

(callSuper):
(WebValidationBubbleViewController_viewDidLoad):
(WebValidationBubbleViewController_viewWillLayoutSubviews):
(WebValidationBubbleViewController_viewSafeAreaInsetsDidChange):
(allocWebValidationBubbleViewControllerInstance):

Instead of using -valueForKey, use objc_getAssociatedObject and objc_setAssociatedObject, with
OBJC_ASSOCIATION_RETAIN_NONATOMIC.

(WebCore::ValidationBubble::ValidationBubble):
(invokeUIViewControllerSelector): Deleted.
(WebValidationBubbleViewController_dealloc): Deleted.

Remove the -dealloc override. We don't need this anymore, since we're now using associated objects with
OBJC_ASSOCIATION_RETAIN_NONATOMIC to hold on to and keep track of our label.

(WebValidationBubbleViewController_labelFrame): Deleted.
(WebValidationBubbleViewController_label): Deleted.

4:25 PM Changeset in webkit [259558] by ysuzuki@apple.com

• 3 edits in trunk/Source/JavaScriptCore

Putting "memory" back to ensureStillAliveHere
​https://bugs.webkit.org/show_bug.cgi?id=210028

Reviewed by Keith Miller.

We put "memory" back to make ensureStillAliveHere compiler-barrier.

• runtime/EnsureStillAliveHere.h:

(JSC::ensureStillAliveHere):

• runtime/JSCJSValue.h:

(JSC::ensureStillAliveHere):

4:23 PM Changeset in webkit [259557] by Simon Fraser

• 8 edits in trunk/Source/WebCore

Make RenderObject TextStream-loggable
​https://bugs.webkit.org/show_bug.cgi?id=210035

Reviewed by Zalan Bujtas.

Add operator<<(TextStream, const RenderObject&) and add virtual debugDescription() functions on
Node and RenderObject which should eventually replace the awkward formatForDebugger(char* buffer, unsigned length).

Convert RenderLayer to use renderer's debug description.

• dom/Element.cpp:

(WebCore::Element::debugDescription const):

• dom/Element.h:
• dom/Node.cpp:

(WebCore::Node::debugDescription const):
(WebCore::operator<<):

• dom/Node.h:
• rendering/RenderLayer.cpp:

(WebCore::RenderLayer::name const):

• rendering/RenderObject.cpp:

(WebCore::RenderObject::debugDescription const):
(WebCore::operator<<):

• rendering/RenderObject.h:

3:59 PM Changeset in webkit [259556] by mark.lam@apple.com

• 2 edits in trunk/Source/JavaScriptCore

ARM64 moveConditionallyDouble() for DoubleNotEqualAndOrdered is wrong.
​https://bugs.webkit.org/show_bug.cgi?id=210039
<rdar://problem/61321778>

Reviewed by Yusuke Suzuki.

For the scenario where the dest register is same as the then case register, there
is one csel instruction that should be checking the overflow condition to test
for unordered operands. Instead, we were testing for the not equal condition.
This patch fixes it to check for the overflow condition.

This bug was caught by testmasm.

• assembler/MacroAssemblerARM64.h:

(JSC::MacroAssemblerARM64::moveConditionallyAfterFloatingPointCompare):

3:01 PM Changeset in webkit [259555] by ddkilzer@apple.com

• 2 edits in trunk/Source/JavaScriptCore

Sort JavaScriptCore Xcode project file

• JavaScriptCore.xcodeproj/project.pbxproj: Sort the project

file to try to force buildbots to rebuild and resign
JavaScriptCore.framework. Some bots are stuck with a codesign
error after r259545.

11:23 AM Changeset in webkit [259554] by keith_miller@apple.com

• 3 edits in trunk/Source/JavaScriptCore

ensureStillAliveHere can take the value in any location
​https://bugs.webkit.org/show_bug.cgi?id=210028

Reviewed by Mark Lam.

It shouldn't matter if the value is on the stack or in a register
because we're not going to do anything with it. Also, there's no
reason to clobber memory.

• runtime/EnsureStillAliveHere.h:

(JSC::ensureStillAliveHere):

11:21 AM Changeset in webkit [259553] by zandobersek@gmail.com

• 9 edits in trunk/Source

Unreviewed, adding missing header inclusions to get
non-unified build building.

Source/JavaScriptCore:

• heap/HeapSnapshotBuilder.h:
• tools/Integrity.h:

Source/WebCore:

• html/HTMLCanvasElement.cpp:
• loader/ResourceLoadNotifier.h:
• workers/service/ServiceWorkerProvider.h:

Source/WebKit:

• Shared/UserContentControllerParameters.cpp:

11:11 AM Changeset in webkit [259552] by mark.lam@apple.com

• 2 edits in trunk/Source/JavaScriptCore

Change s_entropyBitsShiftForStructurePointer to 48 bits.
​https://bugs.webkit.org/show_bug.cgi?id=210022
<rdar://problem/61310696>

Reviewed by Keith Miller.

This is ok because the top 16 bits of the 64-bit address is not used. We can
fill out the top 16-bits of the encodedStructureBits with the lowest 16-bits of
the StructureID (which includes the 7-bits of entropy).

• runtime/StructureIDTable.h:

9:49 AM Changeset in webkit [259551] by dbates@webkit.org

• 4 edits in trunk/Tools

RequestTextInputContext.Simple iframe sub-tests may sometimes fail
​https://bugs.webkit.org/show_bug.cgi?id=210010
<rdar://problem/61303697>

Reviewed by Simon Fraser and Darin Adler.

Make the iframe sub tests wait until the DOM Load event has fired in the main frame.
When it fires this means that all immediate child frames (like the one added by these
sub tests) have fired their DOM Load event. This ensures deterministic results.

Also while I am here, extract out the iframe sub-tests into their own TEST() method
for testing and debugging convenience. I also fixed up -performAfterLoading so that
it wouldn't leak the user script string and made it work if called more than once in the
same TEST() by caching this script and only adding it to the user content controller
once. Moreover, removed duplication by writing it in terms of -performAfterReceivingMessage.

• TestWebKitAPI/Tests/WebKitCocoa/RequestTextInputContext.mm:

(TEST):
(webViewLoadHTMLStringAndWaitForDOMLoadEvent): Helper function to load an HTML string
into a web view and wait until a DOM Load event is fired at the main frame.

• TestWebKitAPI/cocoa/TestWKWebView.h:
• TestWebKitAPI/cocoa/TestWKWebView.mm:

(-[TestWKWebView performAfterLoading:]): Modernized and simplified. Modified user script
to use addEventListener() instead of onload as the latter overrides any existing load handler.
This user script is also added only to the main frame since all existing callers just
want to know that all main frame and immediate child frames loaded. Also listen for the load
event during the capture phase, which is a tiny bit faster to receive, instead of the bubbling
phase. See second paragraph above for more details on the changes I made to this function.

9:34 AM Changeset in webkit [259550] by Wenson Hsieh

• 3 edits in trunk/Source/WebCore

[iOS] Ugly and misaligned form validation bubble
​https://bugs.webkit.org/show_bug.cgi?id=208472
<rdar://problem/59984027>

Reviewed by Tim Horton.

In iOS 13, the view of a UIViewController that is presented as a popover encompasses the arrow (connected to
the popover) that points to the target rect. This means that our current logic for laying out the inner text
label of a form validation bubble on iOS no longer works, since it sets a frame that is offset vertically and
horizontally from the bounds of the view controller's view.

To fix this, we need to respect the safe area insets of the view controller's view when laying out the label.
The idiomatic way to do this is to subclass -viewSafeAreaInsetsDidChange and -viewWillLayoutSubviews on the view
controller, and update the subview's (i.e. label's) frame; unfortunately, since ValidationBubble is implemented
in WebCore, we can't explicitly link against UIKit, so we need to dynamically create a UIViewController subclass
and override these subclassing hooks to get our desired behavior.

• platform/ValidationBubble.h:
• platform/ios/ValidationBubbleIOS.mm:

(invokeUIViewControllerSelector):
(WebValidationBubbleViewController_dealloc):
(WebValidationBubbleViewController_viewDidLoad):
(WebValidationBubbleViewController_viewWillLayoutSubviews):
(WebValidationBubbleViewController_viewSafeAreaInsetsDidChange):
(WebValidationBubbleViewController_labelFrame):
(WebValidationBubbleViewController_label):
(allocWebValidationBubbleViewControllerInstance):

Subclass and create a custom UIViewController to ensure that the label is vertically centered in its popover.
See above for more details.

(WebCore::ValidationBubble::ValidationBubble):
(WebCore::ValidationBubble::show):

Minor style fixes: remove extraneous .get()s on RetainPtr, and use property syntax when possible.

(WebCore::ValidationBubble::setAnchorRect):

Additionally remove a line of code that currently forces the form validation popover to present below its target
rect (and therefore have an arrow pointing up). It wasn't apparent why this logic was added in r208361, but it
seems the intention wasn't to restrict the popover to presenting below the target.

This allows the form validation popover to show up in the case where the input element is aligned to the very
bottom of the web view, such that there isn't enough space below the field to show the validation bubble.

1:59 AM Changeset in webkit [259549] by ysuzuki@apple.com

• 2 edits in trunk/Source/JavaScriptCore

[JSC] JSArrayIterator's size is wrong
​https://bugs.webkit.org/show_bug.cgi?id=210020

Reviewed by Mark Lam.

Internal-size of JSArrayIterator should be 3, not 4.

• runtime/JSArrayIterator.h:

1:41 AM Changeset in webkit [259548] by mark.lam@apple.com

• 2 edits in trunk/Source/JavaScriptCore

Rolling out r259545: causing CodeSigning error in jsc EWS bot.
​https://bugs.webkit.org/show_bug.cgi?id=210018

Not reviewed.

• JavaScriptCore.xcodeproj/project.pbxproj:

1:34 AM Changeset in webkit [259547] by mark.lam@apple.com

• 24 edits
  2 adds in trunk/Source/JavaScriptCore

Add some structureID integrity checks to various runtime functions.
​https://bugs.webkit.org/show_bug.cgi?id=210015
<rdar://problem/58116514>

Reviewed by Keith Miller.

Specifically, implementations of toString(), toValue(), and a few others.
I also moved the HeapCell version of ensureStillAliveHere() into the new
EnsureStillAliveHere.h/cpp since it's useful for any pointers, not just HeapCells.

This change is performance neutral on JetStream 2.0, Speedometer-2, and PLT5.

• CMakeLists.txt:
• JavaScriptCore.xcodeproj/project.pbxproj:
• Sources.txt:
• heap/HeapCell.cpp:

(JSC::ensureStillAliveHere): Deleted.

• heap/HeapCell.h:

(JSC::ensureStillAliveHere): Deleted.

• heap/SlotVisitor.cpp:

(JSC::SlotVisitor::appendJSCellOrAuxiliary):

• runtime/ArrayPrototype.cpp:

(JSC::arrayProtoFuncToString):

• runtime/BigIntPrototype.cpp:

(JSC::bigIntProtoFuncToStringImpl):
(JSC::bigIntProtoFuncValueOf):

• runtime/BooleanPrototype.cpp:

(JSC::booleanProtoFuncToString):
(JSC::booleanProtoFuncValueOf):

• runtime/DatePrototype.cpp:

(JSC::formatLocaleDate):
(JSC::formateDateInstance):
(JSC::dateProtoFuncToISOString):
(JSC::dateProtoFuncToPrimitiveSymbol):

• runtime/EnsureStillAliveHere.cpp: Added.

(JSC::ensureStillAliveHere):

• runtime/EnsureStillAliveHere.h: Added.

(JSC::ensureStillAliveHere):

• runtime/ErrorInstance.cpp:

(JSC::ErrorInstance::sanitizedToString):

• runtime/ErrorPrototype.cpp:

(JSC::errorProtoFuncToString):

• runtime/FunctionPrototype.cpp:

(JSC::functionProtoFuncToString):

• runtime/JSCell.cpp:

(JSC::JSCell::toObjectSlow const):

• runtime/NumberPrototype.cpp:

(JSC::toThisNumber):

• runtime/ObjectPrototype.cpp:

(JSC::objectProtoFuncValueOf):
(JSC::objectProtoFuncToString):

• runtime/RegExpPrototype.cpp:

(JSC::regExpProtoFuncToString):

• runtime/StringPrototype.cpp:

(JSC::stringProtoFuncToString):

• runtime/StructureIDTable.h:

(JSC::StructureIDTable::validate):
(JSC::StructureIDTable::isValid): Deleted.

• runtime/SymbolPrototype.cpp:

(JSC::symbolProtoGetterDescription):
(JSC::symbolProtoFuncToString):
(JSC::symbolProtoFuncValueOf):

• tools/Integrity.h:
• tools/IntegrityInlines.h:

(JSC::Integrity::auditStructureID):

• wasm/js/WebAssemblyGlobalPrototype.cpp:

(JSC::getGlobal):

1:12 AM Changeset in webkit [259546] by Alexey Shvayka

• 10 edits in trunk

Octal escapes should be max 3 digits and syntax errors in Unicode patterns
​https://bugs.webkit.org/show_bug.cgi?id=167067

Reviewed by Ross Kirsling.

JSTests:

• test262/expectations.yaml: Mark 4 test cases as passing.

Source/JavaScriptCore:

This patch:

a) Adds SyntaxError for octal escapes in Unicode patterns, while preserving /\0/u
being parsed as null character escape. Grammar: ​https://tc39.es/ecma262/#prod-CharacterEscape

b) Limits consumeOctal() to 3 digits only, preventing it from consuming leading zeros.
Grammar: ​https://tc39.es/ecma262/#prod-annexB-LegacyOctalEscapeSequence

Both changes align JSC with V8 and SpiderMonkey.

• yarr/YarrErrorCode.cpp:

(JSC::Yarr::errorMessage):
(JSC::Yarr::errorToThrow):

• yarr/YarrErrorCode.h:
• yarr/YarrParser.h:

(JSC::Yarr::Parser::parseEscape):
(JSC::Yarr::Parser::consumeOctal):

LayoutTests:

• fast/regex/script-tests/pcre-test-1.js:
• js/regexp-unicode-expected.txt:
• js/script-tests/regexp-unicode.js:

Apr 4, 2020:

11:17 PM Changeset in webkit [259545] by keith_miller@apple.com

• 2 edits in trunk/Source/JavaScriptCore

copy jsc CLI into JavaScriptCore.framework earlier
​https://bugs.webkit.org/show_bug.cgi?id=210018

Reviewed by Mark Lam.

Some of our test scripts only copy the JavaScriptCore.framework
into the test directory and try to run jsc from there. We should
copy the jsc CLI ASAP so we don't need to build all the other test
binaries unless we actually need them.

• JavaScriptCore.xcodeproj/project.pbxproj:

10:09 PM Changeset in webkit [259544] by commit-queue@webkit.org

• 3 edits in trunk/Source/WebCore

Remove LockHistory parameter from loadWithNavigationAction
​https://bugs.webkit.org/show_bug.cgi?id=210007

Patch by Rob Buis <​rbuis@igalia.com> on 2020-04-04
Reviewed by Darin Adler.

Remove LockHistory parameter from loadWithNavigationAction since NavigationAction
has a member for this. Where needed explicitly set the LockHistory on the actions.

• loader/FrameLoader.cpp:

(WebCore::FrameLoader::loadURL):
(WebCore::FrameLoader::loadWithNavigationAction):
(WebCore::FrameLoader::loadPostRequest):
(WebCore::FrameLoader::continueLoadAfterNewWindowPolicy):
(WebCore::FrameLoader::loadDifferentDocumentItem):

• loader/FrameLoader.h:

9:16 PM Changeset in webkit [259543] by ddkilzer@apple.com

• 2 edits in trunk/Source/WebCore

Build fix v2: HTMLFormElement should use WeakPtr to keep track of its FormNamedItem
​https://bugs.webkit.org/show_bug.cgi?id=209925

• html/HTMLFormElement.cpp:

(WebCore::HTMLFormElement::elementFromPastNamesMap const):
(WebCore::HTMLFormElement::addToPastNamesMap):

• Apply macros consistently. Regressed in r259513 and was not fixed by r259527.

8:44 PM Changeset in webkit [259542] by Lauro Moura

• 3 edits in trunk/LayoutTests

[GTK] Update test baseline after r259438 and garden crashes

Unreviewed test gardening.

• platform/gtk/TestExpectations:
• platform/gtk/accessibility/menu-list-sends-change-notification-expected.txt:

5:42 PM Changeset in webkit [259541] by Wenson Hsieh

• 7 edits in trunk

Add a fourth round of logging to help diagnose <webkit.org/b/209685>
​https://bugs.webkit.org/show_bug.cgi?id=210011

Reviewed by Darin Adler.

Source/WebCore:

Augment logging in WebItemProviderPasteboard to additionally dump a backtrace when registering item providers
when initiating a drag on iOS. Logging thus far suggests that this is due to an IPC dispatch race when sending
the following messages to the UI process: WebPasteboardProxy::writeCustomData and
WebPasteboardProxy::writeStringToPasteboard. While writeCustomData is dispatched synchronously,
writeStringToPasteboard is dispatched asynchronously; this means that it is possible for the call to
writeCustomData to be dispatched before writeStringToPasteboard even if the web process sends the
writeCustomData message later, due to the UI-process-side mechanism for immediately dispatching incoming sync
IPC if it is currently processing sync IPC itself.

A backtrace here should help to confirm this theory.

• platform/ios/WebItemProviderPasteboard.mm:

(-[WebItemProviderPasteboard stageRegistrationLists:]):

Source/WebKit:

Remove all logging previously added to WKContentView and DragDropInteractionState.

• UIProcess/ios/DragDropInteractionState.mm:

(WebKit::DragDropInteractionState::stageDragItem):
(WebKit::DragDropInteractionState::clearStagedDragSource):

• UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView _didHandleDragStartRequest:]):

Tools:

Remove all logging previously added to DragAndDropSimulator.

• TestWebKitAPI/ios/DragAndDropSimulatorIOS.mm:

(-[DragAndDropSimulator _webView:adjustedDataInteractionItemProvidersForItemProvider:representingObjects:additionalData:]):

5:03 PM Changeset in webkit [259540] by Chris Dumez

• 20 edits in trunk

[iOS] Simplify ProcessAssertion class in preparation for switch to RunningBoard
​https://bugs.webkit.org/show_bug.cgi?id=209984
<rdar://problem/61273941>

Reviewed by Darin Adler.

Source/WebKit:

Simplify ProcessAssertion class in preparation for switch to RunningBoard. There
is a slight mismatch between the way BKS and RunningBoard process assertion API.
This refactoring makes it so that we can use the same ProcessAssertion class in
WebKit to work with either BKS or RunningBoard. Support for RunningBoard will
come later.

In particular, the following changes were made:

• Replace AssertionState & AssertionReason enums with a single ProcessAssertionType one since RunningBoard does not have 2 separate concepts.
• Drop ProcessAssertion::setState() since it is not possible to change the flags on an existing RunningBoard assertion. Instead, we are expected to create a brand new process assertion of the expected type.

• NetworkProcess/Downloads/DownloadMap.cpp:

(WebKit::DownloadMap::add):

• Platform/IPC/cocoa/ConnectionCocoa.mm:

(IPC::ConnectionTerminationWatchdog::ConnectionTerminationWatchdog):

• UIProcess/API/Cocoa/WKWebViewPrivateForTesting.h:
• UIProcess/API/Cocoa/WKWebViewTesting.mm:

(-[WKWebView _setAssertionTypeForTesting:]):
(-[WKWebView _setAssertionStateForTesting:]): Deleted.

• UIProcess/Downloads/DownloadProxyMap.cpp:

(WebKit::DownloadProxyMap::createDownloadProxy):

• UIProcess/GPU/GPUProcessProxy.h:
• UIProcess/Network/NetworkProcessProxy.cpp:

(WebKit::NetworkProcessProxy::sendProcessDidResume):
(WebKit::NetworkProcessProxy::takeUploadAssertion):
(WebKit::NetworkProcessProxy::didSetAssertionState): Deleted.

• UIProcess/Network/NetworkProcessProxy.h:
• UIProcess/ProcessAssertion.cpp:

(WebKit::ProcessAssertion::ProcessAssertion):
(WebKit::ProcessAssertion::setState): Deleted.

• UIProcess/ProcessAssertion.h:

(WebKit::ProcessAssertion::type const):
(WebKit::ProcessAssertion::state const): Deleted.

• UIProcess/ProcessThrottler.cpp:

(WebKit::ProcessThrottler::expectedAssertionType):
(WebKit::ProcessThrottler::updateAssertionTypeNow):
(WebKit::ProcessThrottler::setAssertionType):
(WebKit::ProcessThrottler::updateAssertionIfNeeded):
(WebKit::ProcessThrottler::didConnectToProcess):
(WebKit::ProcessThrottler::prepareToSuspendTimeoutTimerFired):
(WebKit::ProcessThrottler::processReadyToSuspend):
(WebKit::ProcessThrottler::sendPrepareToSuspendIPC):
(WebKit::ProcessThrottler::expectedAssertionState): Deleted.
(WebKit::ProcessThrottler::updateAssertionStateNow): Deleted.
(WebKit::ProcessThrottler::setAssertionState): Deleted.

• UIProcess/ProcessThrottler.h:
• UIProcess/ProcessThrottlerClient.h:

(WebKit::ProcessThrottlerClient::didSetAssertionType):

• UIProcess/WebProcessPool.cpp:

(WebKit::WebProcessPool::setWebProcessHasUploads):
(WebKit::WebProcessPool::setWebProcessIsPlayingAudibleMedia):

• UIProcess/WebProcessProxy.cpp:

(WebKit::WebProcessProxy::didSetAssertionType):
(WebKit::WebProcessProxy::didSetAssertionState): Deleted.

• UIProcess/WebProcessProxy.h:

(WebKit::WebProcessProxy::setAssertionTypeForTesting):
(WebKit::WebProcessProxy::setAssertionStateForTesting): Deleted.

• UIProcess/ios/ProcessAssertionIOS.mm:

(WebKit::flagsForAssertionType):
(WebKit::toBKSProcessAssertionReason):
(WebKit::ProcessAssertion::ProcessAssertion):
(WebKit::ProcessAndUIAssertion::updateRunInBackgroundCount):
(WebKit::ProcessAndUIAssertion::ProcessAndUIAssertion):
(WebKit::flagsForState): Deleted.
(WebKit::reasonForState): Deleted.
(WebKit::ProcessAssertion::setState): Deleted.
(WebKit::ProcessAndUIAssertion::setState): Deleted.

Tools:

• TestWebKitAPI/Tests/WebKitCocoa/ServiceWorkerBasic.mm:

4:44 PM Changeset in webkit [259539] by ddkilzer@apple.com

• 4 edits in trunk/Source/WebKit

[GPUP] Remove unnecessary RemoteCDMInstanceSessionIdentifier argument from RemoteCDMFactory::addSession()
<​https://webkit.org/b/210006>

Reviewed by Darin Adler.

• WebProcess/GPU/media/RemoteCDMFactory.cpp:

(WebKit::RemoteCDMFactory::addSession):

• Remove argument. Use session parameter to retrieve the ID.
• WebProcess/GPU/media/RemoteCDMFactory.h:

(WebKit::RemoteCDMFactory::addSession):

• Remove argument.
• WebProcess/GPU/media/RemoteCDMInstance.cpp:

(WebKit::RemoteCDMInstance::createSession):

• Remove argument.

3:39 PM Changeset in webkit [259538] by Doug Kelly

• 2 edits in trunk/Source/WebCore

Additional sanity checks in compareAnimationsByCompositeOrder()
​https://bugs.webkit.org/show_bug.cgi?id=209996

Reviewed by Geoffrey Garen.

compareAnimationsByCompositeOrder() is used by std::sort() which requires strict weak ordering.
This adds additional checks to ensure strict weak ordering is maintained, first by ensuring
the transitionProperty string is different before returning that comparison, then by only using
if the animation is a CSSTransition or CSSAnimation if the left hand and right hand sides differ.
This should leave all remaining cases to sort by the global animation list.

No new tests; this should be covered by existing tests and should not change functionality
otherwise.

• animation/WebAnimationUtilities.cpp:

(WebCore::compareAnimationsByCompositeOrder):

2:42 PM Changeset in webkit [259537] by Fujii Hironori

• 3 edits in trunk/Source/WTF

[Clang 10] Fix -Wimplicit-int-float-conversion compilation warnings in WTF
​https://bugs.webkit.org/show_bug.cgi?id=209955

Reviewed by Darin Adler.

Clang 10 reports a compilation warning for int to float
conversions losing the precision. The warning is often reported
for code converting a floating point value to an integer value.
For example:

Optional<int> positive_float_to_int(float f) {

if (f > INT_MAX)

return nullopt;

return static_cast<int>(f);

}

INT_MAX is implicitly converted float, but float can't keep the
precision of such large value. And, C++ spec doesn't specify
whether it would be rounded up or down. Above code should be
rewritten to:

Optional<int> positive_float_to_int(float f) {

if (f >= pow(2, 31))

return nullopt;

return static_cast<int>(f);

}

Instead of using pow, this change added a template variable
maxPlusOne<T>.

• wtf/MathExtras.h:

(powerOfTwo): Added.
(doubleToInteger): Added.
(maxPlusOne): Added.

• wtf/MediaTime.cpp:

(WTF::MediaTime::createWithFloat):
(WTF::MediaTime::createWithDouble):

12:36 PM Changeset in webkit [259536] by Alexey Shvayka

• 10 edits in trunk

'\u' should throw an early SyntaxError exception, but instead evaluates to 'u'
​https://bugs.webkit.org/show_bug.cgi?id=198790

Reviewed by Yusuke Suzuki.

JSTests:

• mozilla/ecma/Array/15.4.5.1-1.js:
• mozilla/ecma/LexicalConventions/7.7.4.js:
• test262/expectations.yaml: Mark 4 test cases as passing.

Source/JavaScriptCore:

This change removes special-case for '\u', invoking parseUnicodeEscape() right away,
aligning string literals with ES6 template literals. parseComplexEscape() method
signature is greatly simplified, JSC is aligned with V8 and SpiderMonkey.

Grammar: ​https://tc39.es/ecma262/#prod-UnicodeEscapeSequence
(Hex4Digits or '{' is required, otherwise parsing fails)

• parser/Lexer.cpp:

(JSC::Lexer<T>::parseComplexEscape):
(JSC::Lexer<T>::parseStringSlowCase):
(JSC::Lexer<T>::parseTemplateLiteral):

• parser/Lexer.h:

LayoutTests:

• js/script-tests/unicode-escape-sequences.js:
• js/unicode-escape-sequences-expected.txt:

11:56 AM Changeset in webkit [259535] by ysuzuki@apple.com

• 2 edits in trunk/JSTests

Unreviewed, skip stress/typed-array-subarray-can-throw-oom-error.js on memory-limited archs, and mark it slow
​https://bugs.webkit.org/show_bug.cgi?id=209974

• stress/typed-array-subarray-can-throw-oom-error.js:

11:52 AM Changeset in webkit [259534] by Wenson Hsieh

• 7 edits in trunk

Add even more logging to try and diagnose <webkit.org/b/209685>
​https://bugs.webkit.org/show_bug.cgi?id=210008

Reviewed by Tim Horton.

Source/WebCore:

• platform/ios/WebItemProviderPasteboard.mm:

(-[WebItemProviderPasteboard stageRegistrationLists:]):

Source/WebKit:

Revert all (except one) of the logging statements added in r259518, and add several new ones. This last logging
pass demonstrated that DragController had failed to start a drag, since -[WKContentView _didHandleDragStartRequest:]
receives word that the drag has started, yet there are no staged drag items.

• UIProcess/ios/DragDropInteractionState.mm:

(WebKit::DragDropInteractionState::stageDragItem):
(WebKit::DragDropInteractionState::clearStagedDragSource):

• UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView _didHandleAdditionalDragItemsRequest:]):
(-[WKContentView cleanUpDragSourceSessionState]):
(-[WKContentView _didPerformDragOperation:]):
(-[WKContentView _prepareToDragPromisedAttachment:]):
(-[WKContentView _dragInteraction:prepareForSession:completion:]):
(-[WKContentView dragInteraction:itemsForBeginningSession:]):
(-[WKContentView dragInteraction:willAnimateLiftWithAnimator:session:]):
(-[WKContentView dragInteraction:sessionWillBegin:]):
(-[WKContentView dragInteraction:session:didEndWithOperation:]):
(-[WKContentView dragInteraction:item:willAnimateCancelWithAnimator:]):
(-[WKContentView dropInteraction:canHandleSession:]):
(-[WKContentView dropInteraction:sessionDidEnter:]):
(-[WKContentView dropInteraction:sessionDidExit:]):
(-[WKContentView dropInteraction:performDrop:]):
(-[WKContentView dropInteraction:sessionDidEnd:]):

Tools:

Replace old logging with new logging (in different places).

• TestWebKitAPI/ios/DragAndDropSimulatorIOS.mm:

(-[DragAndDropSimulator runFrom:to:additionalItemRequestLocations:]):
(-[DragAndDropSimulator _advanceProgress]):
(-[DragAndDropSimulator _webView:adjustedDataInteractionItemProvidersForItemProvider:representingObjects:additionalData:]):

Rule out the possibility that the WebKit client (in this case, the drag and drop simulator) is overriding the
list of drag items by logging the given NSItemProvider that will be used to start the drag.

11:38 AM Changeset in webkit [259533] by mmaxfield@apple.com

• 2 edits in trunk/Source/WebCore

Ahom text is busted
​https://bugs.webkit.org/show_bug.cgi?id=209898
<rdar://problem/60571257>

Reviewed by Tim Horton.

​https://en.wikipedia.org/wiki/Ahom_language

The Ahom language, U+11700 - U+1173F, requires the complex text codepath.
This patch also makes some languages adjacent in codepoint-space (Dogra,
Dives Akuru, Nandinagari, Zanabazar Square, Soyombo, Warang Citi, and
Pau Cin Hau) use the complex path too.

At some point, we really need to make the fast text codepath opt-in instead
of opt-out. This patch is a simple band-aid fix until we can do that.

No new tests because I can't find an appropriately licenced font.
There is Noto Serif Ahom, but that's licenced under SIL OFL, and I'm
not sure if that's an acceptable license to be committed to WebKit.
​https://github.com/googlefonts/noto-fonts/tree/master/hinted/NotoSerifAhom

• platform/graphics/FontCascade.cpp:

(WebCore::FontCascade::characterRangeCodePath):

11:16 AM Changeset in webkit [259532] by Antti Koivisto

• 20 edits
  1 copy
  8 deletes in trunk

Implement the css-color-4 behavior for inheritance of currentColor
​https://bugs.webkit.org/show_bug.cgi?id=193171
<rdar://problem/47287516>

Reviewed by Simon Fraser.

LayoutTests/imported/w3c:

• web-platform-tests/css/css-text-decor/parsing/text-decoration-color-computed-expected.txt:
• web-platform-tests/css/css-transitions/currentcolor-animation-001-expected.txt:
• web-platform-tests/svg/pservers/scripted/stop-color-inheritance-currentcolor-expected.txt:

Source/WebCore:

In CSS3/4 'currentcolor' inherits as 'currentcolor' instead of as a resolved color value.

Value 'currentcolor' is represented in RenderStyle as invalid Color object. This has been true
even before the explicit property value for it was added. Fallback to 'color' has always been
the default behavior of most color properties.

As a result the correct behavior falls pretty easily from WebKit code. It essentially amounts to allowing
color properties to inherit normally even when they are invalid/currentcolor.

In future we might want to wrap RenderStyle color values into a type that makes 'currentcolor' more explicit.

• css/CSSComputedStyleDeclaration.cpp:

(WebCore::ComputedStyleExtractor::valueForPropertyInStyle):

• css/CSSGradientValue.cpp:

(WebCore::CSSGradientValue::gradientWithStylesResolved):

• css/CSSProperties.json:

• Remove 'no-default-color' which triggered to old inheritance behavior.
• Rename initial value invalidColor to currentColor for clarity.

• css/makeprop.pl:

Code for 'no-default-color' generation is not needed anymore.

(generateInheritValueSetter):

• page/animation/CSSPropertyAnimation.cpp:

(WebCore::CSSPropertyAnimationWrapperMap::CSSPropertyAnimationWrapperMap):

• rendering/style/RenderStyle.cpp:

(WebCore::RenderStyle::colorIncludingFallback const):

Resolve 'background-color' like the rest so setting it to 'currentcolor' works correctly.

• rendering/style/RenderStyle.h:

(WebCore::RenderStyle::currentColor):
(WebCore::RenderStyle::invalidColor): Deleted.

• style/StyleBuilderCustom.h:

(WebCore::Style::BuilderCustom::applyTextOrBoxShadowValue):

• style/StyleBuilderState.cpp:

(WebCore::Style::BuilderState::createFilterOperations):
(WebCore::Style::BuilderState::colorFromPrimitiveValue const):

Don't resolve 'currentcolor', instead return it as a value.

(WebCore::Style::BuilderState::colorFromPrimitiveValueWithResolvedCurrentColor const):

Helper for a few cases where we still resolve current color during style building time. It is
used for filters and generated images.

• style/StyleBuilderState.h:
• svg/SVGStopElement.cpp:

(WebCore::SVGStopElement::stopColorIncludingOpacity const):

Resolve 'currentcolor' during use time for svg color stops.

LayoutTests:

• TestExpectations:
• fast/borders/border-color-inherit-expected.html: Copied from LayoutTests/fast/borders/border-color-inherit.html.
• fast/borders/border-color-inherit.html:

Fix for the new behavior and make it a reftest.

• fast/css/webkit-text-fill-color-inherit.html:
• platform/gtk/fast/borders/border-color-inherit-expected.png: Removed.
• platform/gtk/fast/borders/border-color-inherit-expected.txt: Removed.
• platform/ios/fast/borders/border-color-inherit-expected.txt: Removed.
• platform/mac/fast/borders/border-color-inherit-expected.png: Removed.
• platform/mac/fast/borders/border-color-inherit-expected.txt: Removed.
• platform/win/fast/borders/border-color-inherit-expected.txt: Removed.
• platform/wincairo/fast/borders/border-color-inherit-expected.txt: Removed.
• platform/wpe/fast/borders/border-color-inherit-expected.txt: Removed.

10:06 AM Changeset in webkit [259531] by Peng Liu

• 10 edits
  2 adds in trunk

REGRESSION (r259095): ASSERTION FAILED: m_videoFullscreenMode != VideoFullscreenModeNone seen with TestWebKitAPI.WebKitLegacy.AudioSessionCategoryIOS
​https://bugs.webkit.org/show_bug.cgi?id=209680

Reviewed by Jer Noble.

Source/WebCore:

API test: WebKitLegacy.PreemptVideoFullscreen

Call fullscreenModeChanged(VideoFullscreenModeNone) right before calling the
functions of ChromeClient to make sure the state (m_videoFullscreenMode)
has the expected value when some callbacks come back to the video element.

• html/HTMLMediaElement.cpp:

(WebCore::HTMLMediaElement::dispatchEvent):
(WebCore::HTMLMediaElement::exitFullscreen):

Add null pointer checkings to fix two crashes found in stress tests.

• platform/ios/WebVideoFullscreenControllerAVKit.mm:

(VideoFullscreenControllerContext::requestVideoContentLayer):
(VideoFullscreenControllerContext::returnVideoContentLayer):

Source/WebKitLegacy/mac:

With this patch, the WebKit-Legacy can support multiple video elements request
to enter video fullscreen almost at the same time, and only the last one will succeed.
Also, this patch fixes webkit.org/b/209610 for WebKit-Legacy.

• WebView/WebView.mm:
• WebView/WebViewData.h:

Tools:

Add an API test for the video fullscreen support of WebKitLegacy on iOS.

• TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
• TestWebKitAPI/Tests/WebKitLegacy/ios/PreemptVideoFullscreen.mm: Added.

(-[VideoFullscreenStressUIWebViewDelegate webViewDidFinishLoad:]):
(-[VideoFullscreenStressUIWebViewDelegate uiWebView:didCommitLoadForFrame:]):
(-[VideoFullscreenStressUIWebViewDelegate handleEvent:]):
(TestWebKitAPI::TEST):

• TestWebKitAPI/Tests/WebKitLegacy/ios/two-videos.html: Added.

LayoutTests:

Remove the crashing expectation for media/media-fullscreen-return-to-inline.html

• platform/mac/TestExpectations:

9:14 AM Changeset in webkit [259530] by mark.lam@apple.com

• 2 edits in trunk/JSTests

Gardening: skip test for ARMv7 and MIPS to green the bots until the failure can be investigated.
​https://bugs.webkit.org/show_bug.cgi?id=210003

Not reviewed.

• stress/typed-array-subarray-can-throw-oom-error.js:

Apr 3, 2020:

11:13 PM Changeset in webkit [259529] by Alexey Shvayka

• 16 edits
  4 moves
  139 adds
  8 deletes in trunk/JSTests

Update test262 to commit 62b8fce38971
​https://bugs.webkit.org/show_bug.cgi?id=209979

Reviewed by Ross Kirsling.

• .gitattributes: Added.
• test262/config.yaml: Skip "logical-assignment-operators" and "Promise.any" features.
• test262/expectations.yaml:
• test262/harness/*: Updated.
• test262/latest-changes-summary.txt:
• test262/test/*: Updated.
• test262/test262-Revision.txt:

10:22 PM Changeset in webkit [259528] by ddkilzer@apple.com

• 2 edits in trunk/Source/WebKit

WebPlatformStrategies::{readBufferFromPasteboard,bufferForType} should validate their size parameter
<​https://webkit.org/b/209997>
<rdar://problem/60890565>

Reviewed by Wenson Hsieh.

• WebProcess/WebCoreSupport/WebPlatformStrategies.cpp:

(WebKit::WebPlatformStrategies::bufferForType):
(WebKit::WebPlatformStrategies::readBufferFromPasteboard):

• Validate the size parameter.

10:06 PM Changeset in webkit [259527] by ddkilzer@apple.com

• 2 edits in trunk/Source/WebCore

Build fix: HTMLFormElement should use WeakPtr to keep track of its FormNamedItem
​https://bugs.webkit.org/show_bug.cgi?id=209925

• html/HTMLFormElement.cpp:

(WebCore::HTMLFormElement::elementFromPastNamesMap const):

• Apply macros consistently. Regressed in r259513.

7:42 PM Changeset in webkit [259526] by Wenson Hsieh

• 3 edits in trunk/Source/WebKit

The IPC message “registerAttachmentsFromSerializedData" should be capitalized
​https://bugs.webkit.org/show_bug.cgi?id=209995
<rdar://problem/61283172>

Reviewed by Tim Horton.

Tweak the name of this IPC message so that it begins with a capital letter. No change in behavior.

• UIProcess/WebPageProxy.messages.in:
• WebProcess/WebCoreSupport/WebEditorClient.cpp:

(WebKit::WebEditorClient::registerAttachments):

6:04 PM Changeset in webkit [259525] by Jack Lee

• 3 edits in trunk/Source/WebCore

Protect contentFrame in SubframeLoader::loadOrRedirectSubframe with RefPtr.
​https://bugs.webkit.org/show_bug.cgi?id=127096
<rdar://problem/61221941>

Reviewed by Alex Christensen.

ContentFrame is used throughout loadOrRedirectSubframe so it needs to be protected with RefPtr.
And if loader changes frame in SubframeLoader::loadSubframe, return nullptr to notify the caller.

No new tests, covered by existing test.

• loader/SubframeLoader.cpp:

(WebCore::SubframeLoader::loadOrRedirectSubframe):
(WebCore::SubframeLoader::loadSubframe):

• loader/SubframeLoader.h:

6:01 PM Changeset in webkit [259524] by Devin Rousso

• 2 edits in trunk/Source/WebInspectorUI

Web Inspector: Sources: disclosure arrows should be shown if a folder is added to the navigation sidebar
​https://bugs.webkit.org/show_bug.cgi?id=209937

Reviewed by Timothy Hatcher.

• UserInterface/Views/SourcesNavigationSidebarPanel.js:

(WI.SourcesNavigationSidebarPanel.prototype.treeElementForRepresentedObject):
(WI.SourcesNavigationSidebarPanel.prototype._addStyleSheet):
(WI.SourcesNavigationSidebarPanel.prototype._addScript):

5:44 PM Changeset in webkit [259523] by commit-queue@webkit.org

• 47 edits in trunk

Add SPI to make WKUserScripts wait for a notification
​https://bugs.webkit.org/show_bug.cgi?id=209845
<rdar://problem/60342299>

Patch by Alex Christensen <​achristensen@webkit.org> on 2020-04-03
Reviewed by Chris Dumez.

Source/WebCore:

There's also SPI on WKWebView to provide this notification, and on WKWebViewConfiguration to start out with this notification.

• dom/ExtensionStyleSheets.cpp:

(WebCore::ExtensionStyleSheets::updateInjectedStyleSheetCache const):

• html/ImageDocument.cpp:

(WebCore::ImageDocument::createDocumentStructure):

• html/MediaDocument.cpp:

(WebCore::MediaDocumentParser::createDocumentStructure):

• html/PluginDocument.cpp:

(WebCore::PluginDocumentParser::createDocumentStructure):

• html/parser/HTMLConstructionSite.cpp:

(WebCore::HTMLConstructionSite::dispatchDocumentElementAvailableIfNeeded):

• loader/FrameLoader.cpp:

(WebCore::FrameLoader::finishedParsing):

• page/Frame.cpp:

(WebCore::Frame::injectUserScripts):
(WebCore::Frame::injectUserScriptImmediately):

• page/Page.cpp:

(WebCore::m_deviceOrientationUpdateProvider):
(WebCore::Page::notifyToInjectUserScripts):
(WebCore::Page::addUserScriptAwaitingNotification):
(WebCore::Page::injectUserStyleSheet):
(WebCore::Page::removeInjectedUserStyleSheet):

• page/Page.h:

(WebCore::Page::hasBeenNotifiedToInjectUserScripts const):

• page/PageConfiguration.h:
• page/UserContentTypes.h:

(): Deleted.

• page/UserScript.h:

(WebCore::UserScript::UserScript):
(WebCore::UserScript::waitForNotificationBeforeInjecting const):
(WebCore::UserScript::encode const):
(WebCore::UserScript::decode):

• page/UserScriptTypes.h:

(): Deleted.

• page/UserStyleSheet.h:

(WebCore::UserStyleSheet::UserStyleSheet):

• xml/parser/XMLDocumentParserLibxml2.cpp:

(WebCore::XMLDocumentParser::startElementNs):

Source/WebKit:

• Shared/API/c/WKSharedAPICast.h:

(WebKit::toUserScriptInjectionTime):
(WebKit::toWKUserScriptInjectionTime):
(WebKit::toUserContentInjectedFrames):

• Shared/WebPageCreationParameters.cpp:

(WebKit::WebPageCreationParameters::encode const):
(WebKit::WebPageCreationParameters::decode):

• Shared/WebPageCreationParameters.h:
• Shared/WebUserContentControllerDataTypes.cpp:

(WebKit::WebUserScriptData::decode):

• UIProcess/API/APIPageConfiguration.h:

(API::PageConfiguration::userScriptsShouldWaitUntilNotification const):
(API::PageConfiguration::setUserScriptsShouldWaitUntilNotification):

• UIProcess/API/APIUserScript.h:
• UIProcess/API/C/WKPageGroup.cpp:

(WKPageGroupAddUserScript):

• UIProcess/API/C/WKUserScriptRef.cpp:

(WKUserScriptCreateWithSource):
(WKUserScriptGetMainFrameOnly):

• UIProcess/API/Cocoa/WKUserScript.mm:

(-[WKUserScript initWithSource:injectionTime:forMainFrameOnly:]):
(-[WKUserScript isForMainFrameOnly]):
(-[WKUserScript _initWithSource:injectionTime:forMainFrameOnly:legacyWhitelist:legacyBlacklist:userContentWorld:]):
(-[WKUserScript _initWithSource:injectionTime:forMainFrameOnly:legacyWhitelist:legacyBlacklist:associatedURL:userContentWorld:]):
(-[WKUserScript _initWithSource:injectionTime:forMainFrameOnly:legacyWhitelist:legacyBlacklist:contentWorld:]):
(-[WKUserScript _initWithSource:injectionTime:forMainFrameOnly:legacyWhitelist:legacyBlacklist:associatedURL:contentWorld:]):
(-[WKUserScript _initWithSource:injectionTime:forMainFrameOnly:legacyWhitelist:legacyBlacklist:associatedURL:contentWorld:waitForNotification:]):

• UIProcess/API/Cocoa/WKUserScriptInternal.h:

(API::toWebCoreUserScriptInjectionTime):
(API::toWKUserScriptInjectionTime):

• UIProcess/API/Cocoa/WKUserScriptPrivate.h:
• UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView _notifyUserScripts]):

• UIProcess/API/Cocoa/WKWebViewConfiguration.mm:

(-[WKWebViewConfiguration _userScriptsShouldWaitUntilNotification]):
(-[WKWebViewConfiguration _setUserScriptsShouldWaitUntilNotification:]):

• UIProcess/API/Cocoa/WKWebViewConfigurationPrivate.h:
• UIProcess/API/Cocoa/WKWebViewPrivate.h:
• UIProcess/API/Cocoa/_WKUserStyleSheet.mm:

(-[_WKUserStyleSheet initWithSource:forMainFrameOnly:]):
(-[_WKUserStyleSheet initWithSource:forWKWebView:forMainFrameOnly:userContentWorld:]):
(-[_WKUserStyleSheet initWithSource:forMainFrameOnly:legacyWhitelist:legacyBlacklist:userContentWorld:]):
(-[_WKUserStyleSheet initWithSource:forMainFrameOnly:legacyWhitelist:legacyBlacklist:baseURL:userContentWorld:]):
(-[_WKUserStyleSheet isForMainFrameOnly]):

• UIProcess/WebPageProxy.cpp:
• UIProcess/WebPageProxy.h:
• WebProcess/UserContent/WebUserContentController.cpp:

(WebKit::WebUserContentController::addUserScriptInternal):

• WebProcess/WebPage/WebPage.cpp:

(WebKit::m_processDisplayName):
(WebKit::WebPage::notifyUserScripts):
(WebKit::WebPage::addUserScript):

• WebProcess/WebPage/WebPage.h:
• WebProcess/WebPage/WebPage.messages.in:

Source/WebKitLegacy/mac:

• WebView/WebView.mm:

(-[WebView _injectOutlookQuirksScript]):

Source/WebKitLegacy/win:

• WebView.cpp:

(WebView::addUserScriptToGroup):
(WebView::addUserStyleSheetToGroup):

Tools:

• TestWebKitAPI/Tests/WebKitCocoa/UserContentController.mm:

(TEST):

5:16 PM Changeset in webkit [259522] by commit-queue@webkit.org

• 2 edits in trunk/Source/WebCore

Use-after-move of formState in WebCore::PolicyChecker::checkNavigationPolicy()
​https://bugs.webkit.org/show_bug.cgi?id=209987

Patch by Alex Christensen <​achristensen@webkit.org> on 2020-04-03
Reviewed by Chris Dumez.

Use std::exchange because formState is used later.
No change in behavior, but this will allow use-after-move hunts to continue.

• loader/PolicyChecker.cpp:

(WebCore::PolicyChecker::checkNavigationPolicy):

4:45 PM Changeset in webkit [259521] by commit-queue@webkit.org

• 8 edits in trunk/Source/WebKit

Use AuthenticationChallenge instead of AuthenticationChallengeProxy for ResourceLoadDelegate
​https://bugs.webkit.org/show_bug.cgi?id=207639

Patch by Alex Christensen <​achristensen@webkit.org> on 2020-04-03
Reviewed by David Kilzer.

In r254345 my younger and more naive self used AuthenticationChallengeProxy instead of AuthenticationChallenge
because he didn't know about the WebCore::mac function, which is called by AuthenticationChallengeProxy, and it's
all I needed to get an NSURLAuthenticationChallenge. Skipping the AuthenticationChallengeProxy step cleans up
AuthenticationChallengeProxy by removing the unnecessary ability to have a null CompletionHandler.

Covered by existing tests.

• UIProcess/API/APIResourceLoadClient.h:
• UIProcess/Authentication/AuthenticationChallengeProxy.cpp:

(WebKit::AuthenticationChallengeProxy::AuthenticationChallengeProxy):
(): Deleted.

• UIProcess/Cocoa/ResourceLoadDelegate.h:
• UIProcess/Cocoa/ResourceLoadDelegate.mm:

(WebKit::ResourceLoadDelegate::ResourceLoadClient::didReceiveChallenge const):

• UIProcess/Network/NetworkProcessProxy.cpp:

(WebKit::NetworkProcessProxy::resourceLoadDidReceiveChallenge):

• UIProcess/WebPageProxy.cpp:
• UIProcess/WebPageProxy.h:

4:39 PM Changeset in webkit [259520] by Kate Cheney

• 8 edits in trunk

Prevent non app-bound domain cookies from being read or set using API calls
​https://bugs.webkit.org/show_bug.cgi?id=209926
<rdar://problem/61071428>

Reviewed by Brady Eidson.

Source/WebKit:

This patch filters out setting and fetching of cookies via API call
to only set or return app-bound cookies.

• UIProcess/API/APIHTTPCookieStore.cpp:

(API::HTTPCookieStore::filterAppBoundCookies):
This function queries the websiteDataStore for the WKAppBoundDomains
entries and filters out non app-bound domains.

(API::HTTPCookieStore::cookies):
(API::HTTPCookieStore::cookiesForURL):
(API::HTTPCookieStore::setCookies):
These functions were updated to set/return the cookies after they've
been filtered through the WKAppBoundDomains.

• UIProcess/API/APIHTTPCookieStore.h:
• UIProcess/API/Cocoa/WKWebsiteDataStore.mm:

(-[WKWebsiteDataStore _appBoundDomains:]):

• UIProcess/WebsiteData/Cocoa/WebsiteDataStoreCocoa.mm:

(WebKit::WebsiteDataStore::getAppBoundDomains const):
(WebKit::WebsiteDataStore::appBoundDomainsForTesting const): Deleted.
Utilize a function formerly used for testing only to be used in the
HTTPCookieStore.

• UIProcess/WebsiteData/WebsiteDataStore.h:

Tools:

Added 3 new API tests to test that non app-bound cookies are not being
set or returned via API calls. Also added a function to reset state
between tests for internal debugging.

• TestWebKitAPI/Tests/WebKitCocoa/InAppBrowserPrivacy.mm:

(setUpCookieTest):
(TEST):

3:55 PM Changeset in webkit [259519] by sihui_liu@apple.com

• 2 edits in trunk/Source/WebCore

ASSERTION FAILED: objectStoreInfo in SQLiteIDBBackingStore::getRecord
​https://bugs.webkit.org/show_bug.cgi?id=209976
<rdar://problem/55005363>

Reviewed by Geoffrey Garen.

Return error if objectStoreInfo is null in SQLiteIDBBackingStore::getRecord, because there is a possibility
SQLiteIDBBackingStore does not have requested objectStoreInfo.

• Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:

(WebCore::IDBServer::SQLiteIDBBackingStore::getRecord):

3:45 PM Changeset in webkit [259518] by Wenson Hsieh

• 7 edits in trunk

Add more logging to help diagnose <webkit.org/b/209685>
​https://bugs.webkit.org/show_bug.cgi?id=209988

Reviewed by Timothy Hatcher.

Source/WebCore:

Remove logging that was previously added in r259465.

• platform/ios/WebItemProviderPasteboard.mm:

(-[WebItemProviderPasteboard updateSupportedTypeIdentifiers:]):

Source/WebKit:

Replace logging that was previously added in r259465 with different logging. The fact that the prior logging
never showed up in the failing tests suggests that the problem happens earlier than I had expected, so we need
to ensure that codepaths for preparing and beginning a drag session are logged instead.

This turns several existing RELEASE_LOGs in WKContentView into NSLogs, so that they will show up in test
failure output when run on the bots.

• UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView _didHandleAdditionalDragItemsRequest:]):
(-[WKContentView _didHandleDragStartRequest:]):
(-[WKContentView cleanUpDragSourceSessionState]):
(-[WKContentView _didPerformDragOperation:]):
(-[WKContentView _prepareToDragPromisedAttachment:]):
(-[WKContentView _dragInteraction:prepareForSession:completion:]):
(-[WKContentView dragInteraction:itemsForBeginningSession:]):
(-[WKContentView dragInteraction:willAnimateLiftWithAnimator:session:]):
(-[WKContentView dragInteraction:sessionWillBegin:]):
(-[WKContentView dragInteraction:session:didEndWithOperation:]):
(-[WKContentView dragInteraction:item:willAnimateCancelWithAnimator:]):
(-[WKContentView dropInteraction:canHandleSession:]):
(-[WKContentView dropInteraction:sessionDidEnter:]):
(-[WKContentView dropInteraction:sessionDidUpdate:]):
(-[WKContentView dropInteraction:sessionDidExit:]):
(-[WKContentView dropInteraction:performDrop:]):
(-[WKContentView dropInteraction:sessionDidEnd:]):

Tools:

• TestWebKitAPI/Tests/ios/DragAndDropTestsIOS.mm:

Fix a few stray style mistakes (unnecessary .get()s).

• TestWebKitAPI/ios/DragAndDropSimulatorIOS.mm:

(-[DragAndDropSimulator runFrom:to:additionalItemRequestLocations:]):
(-[DragAndDropSimulator _advanceProgress]):

3:14 PM Changeset in webkit [259517] by Chris Dumez

• 2 edits in trunk/Source/WebKit

[iOS] Give RunningBoard entitlement to all our child processes
​https://bugs.webkit.org/show_bug.cgi?id=209986
<rdar://problem/61275270>

Reviewed by Geoffrey Garen.

Give RunningBoard entitlement to all our child processes on iOS. As we are
transitioning to RunningBoard process assertions, it is important for the
target process of those assertion to have the
com.apple.runningboard.assertions.webkit entitlement.

• Scripts/process-entitlements.sh:

3:04 PM Changeset in webkit [259516] by Truitt Savell

• 20 edits
  4 deletes in trunk

Unreviewed, reverting r259440.

Introduced 2 failing tests on Mac and iOS

Reverted changeset:

"Add SPI to configure WebsiteDataStores with a URL for
standalone web applications and use it to disable first-party
website data removal in ITP"
​https://bugs.webkit.org/show_bug.cgi?id=209634
​https://trac.webkit.org/changeset/259440

2:11 PM Changeset in webkit [259515] by Alan Coon

• 1 copy in tags/Safari-610.1.8.2

Tag Safari-610.1.8.2.

2:09 PM Changeset in webkit [259514] by Alan Coon

• 2 edits in branches/safari-610.1.8-branch/Source/ThirdParty/libwebrtc

Cherry-pick r259397. rdar://problem/61273057

Build fix after r259385.

Reviewed by David Kilzer, Youenn Fablet.

Convert isStandardFrameSize() into a lambda function since it only has one call site.

• Source/webrtc/sdk/objc/components/video_codec/RTCVideoEncoderH264.mm: (-[RTCVideoEncoderH264 resetCompressionSessionWithPixelFormat:]): (isStandardFrameSize): Deleted.

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@259397 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:05 PM Changeset in webkit [259513] by rniwa@webkit.org

• 3 edits in trunk/Source/WebCore

HTMLFormElement should use WeakPtr to keep track of its FormNamedItem
​https://bugs.webkit.org/show_bug.cgi?id=209925

Reviewed by Wenson Hsieh.

Like r259393, this patch replaces the HashMap of AtomString to the raw pointer of a FormNamedItem
by a HashMap of AtomString to WeakPtr of a FormNamedItem.

It also replaces a bunch of ASSERT_WITH_SECURITY_IMPLICATIONs with ASSERTs since there are no more
security implications left after this patch.

• html/HTMLFormElement.cpp:

(WebCore::HTMLFormElement::formElementIndex):
(WebCore::HTMLFormElement::removeFormElement):
(WebCore::HTMLFormElement::assertItemCanBeInPastNamesMap const):
(WebCore::HTMLFormElement::elementFromPastNamesMap const):
(WebCore::HTMLFormElement::addToPastNamesMap):
(WebCore::HTMLFormElement::removeFromPastNamesMap):

• html/HTMLFormElement.h:

1:55 PM Changeset in webkit [259512] by timothy_horton@apple.com

• 9 edits
  2 adds in trunk/Source

Add a visual debug indicator for locating and identifying all kinds of WebViews
​https://bugs.webkit.org/show_bug.cgi?id=209982
<rdar://problem/60339870>

Reviewed by Simon Fraser.

Source/WebCore:

Add a debug overlay that can be enabled with a single switch for all
*WebView variants, which indicates the type of *WebView in an unmissable,
gaudy fashion.

This is intended to address some shortcomings of existing mechanisms
that people use to answer the "what kind of web view is X app using?"
question. Specifically:

• it will appear even if the Web Content process does not launch or crashes
• it will appear even if a custom content view is being used (e.g. PDF)
• it will appear even if compositing is not enabled (e.g. in a legacy WebView on macOS)
• it explicitly states in written text the class name of the web view, with no need for interpreting colors
• it covers the entire web view, so cannot be accidentally obscured

No new tests, just debugging UI.

• SourcesCocoa.txt:
• WebCore.xcodeproj/project.pbxproj:
• testing/cocoa/WebViewVisualIdentificationOverlay.h: Added.
• testing/cocoa/WebViewVisualIdentificationOverlay.mm: Added.

(+[WebViewVisualIdentificationOverlay shouldIdentifyWebViews]):
Use a single default across all kinds of WebViews, instead of using
WebPreferences and friends, in order to make it extremely easy to turn on,
and because it's intended to be set globally, and is not useful on a
per-view basis.

(+[WebViewVisualIdentificationOverlay installForWebViewIfNeeded:kind:deprecated:]):
(-[WebViewVisualIdentificationOverlay initWithWebView:kind:deprecated:]):
(-[WebViewVisualIdentificationOverlay dealloc]):
(-[WebViewVisualIdentificationOverlay observeValueForKeyPath:ofObject:change:context:]):
(-[WebViewVisualIdentificationOverlay drawLayer:inContext:]):
Draw a wash and the class name over the entire face of the web view.
The wash is blue for WKWebView and red for all of the deprecated web views (WKView, WebView, UIWebView).

Source/WebKit:

• UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView _initializeWithConfiguration:]):

• UIProcess/API/mac/WKView.mm:

(-[WKView initWithFrame:processPool:configuration:]):
Adopt in WKWebView and WKView.

Source/WebKitLegacy/mac:

• WebView/WebView.mm:

(-[WebView _commonInitializationWithFrameName:groupName:]):
Adopt for WebView on macOS (UIWebView will install it itself on iOS).

• WebView/WebViewPrivate.h:

Expose _installVisualIdentificationOverlayForViewIfNeeded:kind: for UIWebView's use.
It is slightly unfortunate to expose SPI that uses UIView from a framework
underneath UIKit, but there is no other single place where this code can live
and not be a minor layering problem. Since it's debug UI, it seems passable.

1:40 PM Changeset in webkit [259511] by Alan Coon

• 2 edits in branches/safari-609-branch/Source/WebCore

Cherry-pick r259378. rdar://problem/61269720

Crash in WebCore::HTMLDocumentParser::insert
​https://bugs.webkit.org/show_bug.cgi?id=209892

Reviewed by Darin Adler.

Speculative fix to check that the parser hasn't been detached before running preload scanner.

No new tests since there is no reproduction and I couldn't come up with one.

• html/parser/HTMLDocumentParser.cpp: (WebCore::HTMLDocumentParser::pumpTokenizer): (WebCore::HTMLDocumentParser::insert):

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@259378 268f45cc-cd09-0410-ab3c-d52691b4dbfc

1:40 PM Changeset in webkit [259510] by Alan Coon

• 70 edits in branches/safari-609-branch/Source

Cherry-pick r259355. rdar://problem/61269744

Bindings that override getOwnPropertySlotByIndex need to say they MayHaveIndexedAccessors
​https://bugs.webkit.org/show_bug.cgi?id=209762

Reviewed by Darin Adler.

Source/JavaScriptCore:

Change indexingType to indexingModeIncludingHistory to more
clearly indicate the expected range of possible valid values.

• runtime/StructureInlines.h: (JSC::Structure::create):

Source/WebCore:

There may be places where we rely on this for semantic
correctness. I couldn't find any right now but we might as
well be conservative since this isn't a performance regression.

• bindings/js/JSDOMWindowProperties.h:
• bindings/scripts/CodeGeneratorJS.pm: (GenerateHeader):
• bindings/scripts/test/JS/JSInterfaceName.h: (WebCore::JSInterfaceName::createStructure):
• bindings/scripts/test/JS/JSMapLike.h: (WebCore::JSMapLike::createStructure):
• bindings/scripts/test/JS/JSReadOnlyMapLike.h: (WebCore::JSReadOnlyMapLike::createStructure):
• bindings/scripts/test/JS/JSReadOnlySetLike.h: (WebCore::JSReadOnlySetLike::createStructure):
• bindings/scripts/test/JS/JSSetLike.h: (WebCore::JSSetLike::createStructure):
• bindings/scripts/test/JS/JSTestActiveDOMObject.h: (WebCore::JSTestActiveDOMObject::createStructure):
• bindings/scripts/test/JS/JSTestCEReactions.h: (WebCore::JSTestCEReactions::createStructure):
• bindings/scripts/test/JS/JSTestCEReactionsStringifier.h: (WebCore::JSTestCEReactionsStringifier::createStructure):
• bindings/scripts/test/JS/JSTestCallTracer.h: (WebCore::JSTestCallTracer::createStructure):
• bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.h: (WebCore::JSTestClassWithJSBuiltinConstructor::createStructure):
• bindings/scripts/test/JS/JSTestDOMJIT.h: (WebCore::JSTestDOMJIT::createStructure):
• bindings/scripts/test/JS/JSTestEnabledBySetting.h: (WebCore::JSTestEnabledBySetting::createStructure):
• bindings/scripts/test/JS/JSTestEnabledForContext.h: (WebCore::JSTestEnabledForContext::createStructure):
• bindings/scripts/test/JS/JSTestEventConstructor.h: (WebCore::JSTestEventConstructor::createStructure):
• bindings/scripts/test/JS/JSTestEventTarget.h: (WebCore::JSTestEventTarget::createStructure):
• bindings/scripts/test/JS/JSTestException.h: (WebCore::JSTestException::createStructure):
• bindings/scripts/test/JS/JSTestGenerateIsReachable.h: (WebCore::JSTestGenerateIsReachable::createStructure):
• bindings/scripts/test/JS/JSTestGlobalObject.h: (WebCore::JSTestGlobalObject::createStructure):
• bindings/scripts/test/JS/JSTestIndexedSetterNoIdentifier.h: (WebCore::JSTestIndexedSetterNoIdentifier::createStructure):
• bindings/scripts/test/JS/JSTestIndexedSetterThrowingException.h: (WebCore::JSTestIndexedSetterThrowingException::createStructure):
• bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.h: (WebCore::JSTestIndexedSetterWithIdentifier::createStructure):
• bindings/scripts/test/JS/JSTestInterface.h:
• bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.h: (WebCore::JSTestInterfaceLeadingUnderscore::createStructure):
• bindings/scripts/test/JS/JSTestIterable.h: (WebCore::JSTestIterable::createStructure):
• bindings/scripts/test/JS/JSTestJSBuiltinConstructor.h: (WebCore::JSTestJSBuiltinConstructor::createStructure):
• bindings/scripts/test/JS/JSTestMediaQueryListListener.h: (WebCore::JSTestMediaQueryListListener::createStructure):
• bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.h: (WebCore::JSTestNamedAndIndexedSetterNoIdentifier::createStructure):
• bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.h: (WebCore::JSTestNamedAndIndexedSetterThrowingException::createStructure):
• bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.h: (WebCore::JSTestNamedAndIndexedSetterWithIdentifier::createStructure):
• bindings/scripts/test/JS/JSTestNamedConstructor.h: (WebCore::JSTestNamedConstructor::createStructure):
• bindings/scripts/test/JS/JSTestNamedDeleterNoIdentifier.h: (WebCore::JSTestNamedDeleterNoIdentifier::createStructure):
• bindings/scripts/test/JS/JSTestNamedDeleterThrowingException.h: (WebCore::JSTestNamedDeleterThrowingException::createStructure):
• bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.h: (WebCore::JSTestNamedDeleterWithIdentifier::createStructure):
• bindings/scripts/test/JS/JSTestNamedDeleterWithIndexedGetter.h: (WebCore::JSTestNamedDeleterWithIndexedGetter::createStructure):
• bindings/scripts/test/JS/JSTestNamedGetterCallWith.h: (WebCore::JSTestNamedGetterCallWith::createStructure):
• bindings/scripts/test/JS/JSTestNamedGetterNoIdentifier.h: (WebCore::JSTestNamedGetterNoIdentifier::createStructure):
• bindings/scripts/test/JS/JSTestNamedGetterWithIdentifier.h: (WebCore::JSTestNamedGetterWithIdentifier::createStructure):
• bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.h: (WebCore::JSTestNamedSetterNoIdentifier::createStructure):
• bindings/scripts/test/JS/JSTestNamedSetterThrowingException.h: (WebCore::JSTestNamedSetterThrowingException::createStructure):
• bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.h: (WebCore::JSTestNamedSetterWithIdentifier::createStructure):
• bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.h: (WebCore::JSTestNamedSetterWithIndexedGetter::createStructure):
• bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.h: (WebCore::JSTestNamedSetterWithIndexedGetterAndSetter::createStructure):
• bindings/scripts/test/JS/JSTestNamedSetterWithOverrideBuiltins.h: (WebCore::JSTestNamedSetterWithOverrideBuiltins::createStructure):
• bindings/scripts/test/JS/JSTestNamedSetterWithUnforgableProperties.h: (WebCore::JSTestNamedSetterWithUnforgableProperties::createStructure):
• bindings/scripts/test/JS/JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins.h: (WebCore::JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins::createStructure):
• bindings/scripts/test/JS/JSTestNode.h:
• bindings/scripts/test/JS/JSTestObj.h: (WebCore::JSTestObj::createStructure):
• bindings/scripts/test/JS/JSTestOverloadedConstructors.h: (WebCore::JSTestOverloadedConstructors::createStructure):
• bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.h: (WebCore::JSTestOverloadedConstructorsWithSequence::createStructure):
• bindings/scripts/test/JS/JSTestOverrideBuiltins.h: (WebCore::JSTestOverrideBuiltins::createStructure):
• bindings/scripts/test/JS/JSTestPluginInterface.h: (WebCore::JSTestPluginInterface::createStructure):
• bindings/scripts/test/JS/JSTestPromiseRejectionEvent.h: (WebCore::JSTestPromiseRejectionEvent::createStructure):
• bindings/scripts/test/JS/JSTestSerialization.h: (WebCore::JSTestSerialization::createStructure):
• bindings/scripts/test/JS/JSTestSerializationIndirectInheritance.h: (WebCore::JSTestSerializationIndirectInheritance::createStructure):
• bindings/scripts/test/JS/JSTestSerializationInherit.h: (WebCore::JSTestSerializationInherit::createStructure):
• bindings/scripts/test/JS/JSTestSerializationInheritFinal.h: (WebCore::JSTestSerializationInheritFinal::createStructure):
• bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.h: (WebCore::JSTestSerializedScriptValueInterface::createStructure):
• bindings/scripts/test/JS/JSTestStringifier.h: (WebCore::JSTestStringifier::createStructure):
• bindings/scripts/test/JS/JSTestStringifierAnonymousOperation.h: (WebCore::JSTestStringifierAnonymousOperation::createStructure):
• bindings/scripts/test/JS/JSTestStringifierNamedOperation.h: (WebCore::JSTestStringifierNamedOperation::createStructure):
• bindings/scripts/test/JS/JSTestStringifierOperationImplementedAs.h: (WebCore::JSTestStringifierOperationImplementedAs::createStructure):
• bindings/scripts/test/JS/JSTestStringifierOperationNamedToString.h: (WebCore::JSTestStringifierOperationNamedToString::createStructure):
• bindings/scripts/test/JS/JSTestStringifierReadOnlyAttribute.h: (WebCore::JSTestStringifierReadOnlyAttribute::createStructure):
• bindings/scripts/test/JS/JSTestStringifierReadWriteAttribute.h: (WebCore::JSTestStringifierReadWriteAttribute::createStructure):
• bindings/scripts/test/JS/JSTestTypedefs.h: (WebCore::JSTestTypedefs::createStructure):

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@259355 268f45cc-cd09-0410-ab3c-d52691b4dbfc

1:39 PM Changeset in webkit [259509] by Alan Coon

• 2 edits in branches/safari-609-branch/Source/WebKit

Cherry-pick r257209. rdar://problem/61269710

Protect from null session in NetworkDataTaskCocoa::restrictRequestReferrerToOriginIfNeeded
​https://bugs.webkit.org/show_bug.cgi?id=208127
rdar://problem/57937917

Reviewed by Chris Dumez.

In case of a data task whose session is destroyed, do not follow redirection early on.

• NetworkProcess/cocoa/NetworkDataTaskCocoa.mm: (WebKit::NetworkDataTaskCocoa::willPerformHTTPRedirection):

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@257209 268f45cc-cd09-0410-ab3c-d52691b4dbfc

1:39 PM Changeset in webkit [259508] by Alan Coon

• 16 edits in branches/safari-609-branch/Source

Cherry-pick r256900. rdar://problem/61269733

SWServer::claim should check for the service worker to be active
​https://bugs.webkit.org/show_bug.cgi?id=207739
<rdar://problem/45441129>

Reviewed by Alex Christensen.

Source/WebCore:

claim is only working for service workers that are active.
But there might be a time when a service worker is active in its web process but redundant in networking process.
Thus, we need to move the check from WebProcess to NetworkProcess.

• workers/service/ServiceWorkerClients.cpp: (WebCore::ServiceWorkerClients::claim):
• workers/service/context/SWContextManager.h:
• workers/service/server/SWServer.cpp: (WebCore::SWServer::claim):
• workers/service/server/SWServer.h:
• workers/service/server/SWServerToContextConnection.cpp: (WebCore::SWServerToContextConnection::claim):
• workers/service/server/SWServerToContextConnection.h:
• workers/service/server/SWServerWorker.cpp: (WebCore::SWServerWorker::claim): Deleted.
• workers/service/server/SWServerWorker.h: (WebCore::SWServerWorker::isActive const):

Source/WebKit:

Use Async Reply to remove the need for a map and passing integers around.

• NetworkProcess/ServiceWorker/WebSWServerToContextConnection.cpp: (WebKit::WebSWServerToContextConnection::claimCompleted): Deleted.
• NetworkProcess/ServiceWorker/WebSWServerToContextConnection.h:
• NetworkProcess/ServiceWorker/WebSWServerToContextConnection.messages.in:
• WebProcess/Storage/WebSWContextManagerConnection.cpp: (WebKit::WebSWContextManagerConnection::claim): (WebKit::WebSWContextManagerConnection::claimCompleted): Deleted.
• WebProcess/Storage/WebSWContextManagerConnection.h:
• WebProcess/Storage/WebSWContextManagerConnection.messages.in:

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@256900 268f45cc-cd09-0410-ab3c-d52691b4dbfc

1:33 PM Changeset in webkit [259507] by Kate Cheney

• 11 edits in trunk

Remove _setIsNavigatingToAppBoundDomain testing SPI
​https://bugs.webkit.org/show_bug.cgi?id=209973
<rdar://problem/61264350>

Reviewed by David Kilzer.

This SPI is no longer needed to set a webView as navigating to an
app-bound domain. We can now load a local file instead.

Source/WebKit:

No new tests, confirmed behavior by existing tests.

• UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView _setIsNavigatingToAppBoundDomain:completionHandler:]): Deleted.

• UIProcess/API/Cocoa/WKWebViewPrivate.h:
• UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::setIsNavigatingToAppBoundDomainTesting): Deleted.

• UIProcess/WebPageProxy.h:
• WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::setIsNavigatingToAppBoundDomainTesting): Deleted.

• WebProcess/WebPage/WebPage.h:
• WebProcess/WebPage/WebPage.messages.in:

Tools:

• TestWebKitAPI/Tests/WebKitCocoa/InAppBrowserPrivacy.mm:

(TEST):

• TestWebKitAPI/Tests/WebKitCocoa/in-app-browser-privacy-local-file.html:

1:28 PM Changeset in webkit [259506] by pvollan@apple.com

• 2 edits in trunk/Source/WebKit

Unreviewed sandbox compile fix.

• WebProcess/com.apple.WebProcess.sb.in:

1:13 PM Changeset in webkit [259505] by ddkilzer@apple.com

• 2 edits in trunk/Source/WebKit

[Cocoa] Update MESSAGE_CHECK macros used in WebProcessProxy::didCreateSleepDisabler/WebProcessProxy::didDestroySleepDisabler
<​https://webkit.org/b/209981>
<rdar://problem/61237674>

Reviewed by Darin Adler.

• UIProcess/WebProcessProxy.cpp:

(WebKit::WebProcessProxy::didCreateSleepDisabler):

• Remove MESSAGE_CHECK for identifier since decoding detects invalid values.
• Add MESSAGE_CHECK for reason since a NULL string would cause CFStringCreateWithCString() to crash later.

(WebKit::WebProcessProxy::didDestroySleepDisabler):

• Remove MESSAGE_CHECK for identifier since decoding detects invalid values.

1:12 PM Changeset in webkit [259504] by Alan Coon

• 8 edits in branches/safari-609-branch/Source

Versioning.

1:06 PM Changeset in webkit [259503] by Alan Coon

• 8 edits in branches/safari-610.1.8-branch/Source

Versioning.

12:58 PM Changeset in webkit [259502] by Alan Coon

• 70 edits in branches/safari-609.2.1.2-branch/Source

Cherry-pick r259355. rdar://problem/61269741

Bindings that override getOwnPropertySlotByIndex need to say they MayHaveIndexedAccessors
​https://bugs.webkit.org/show_bug.cgi?id=209762

Reviewed by Darin Adler.

Source/JavaScriptCore:

Change indexingType to indexingModeIncludingHistory to more
clearly indicate the expected range of possible valid values.

• runtime/StructureInlines.h: (JSC::Structure::create):

Source/WebCore:

There may be places where we rely on this for semantic
correctness. I couldn't find any right now but we might as
well be conservative since this isn't a performance regression.

• bindings/js/JSDOMWindowProperties.h:
• bindings/scripts/CodeGeneratorJS.pm: (GenerateHeader):
• bindings/scripts/test/JS/JSInterfaceName.h: (WebCore::JSInterfaceName::createStructure):
• bindings/scripts/test/JS/JSMapLike.h: (WebCore::JSMapLike::createStructure):
• bindings/scripts/test/JS/JSReadOnlyMapLike.h: (WebCore::JSReadOnlyMapLike::createStructure):
• bindings/scripts/test/JS/JSReadOnlySetLike.h: (WebCore::JSReadOnlySetLike::createStructure):
• bindings/scripts/test/JS/JSSetLike.h: (WebCore::JSSetLike::createStructure):
• bindings/scripts/test/JS/JSTestActiveDOMObject.h: (WebCore::JSTestActiveDOMObject::createStructure):
• bindings/scripts/test/JS/JSTestCEReactions.h: (WebCore::JSTestCEReactions::createStructure):
• bindings/scripts/test/JS/JSTestCEReactionsStringifier.h: (WebCore::JSTestCEReactionsStringifier::createStructure):
• bindings/scripts/test/JS/JSTestCallTracer.h: (WebCore::JSTestCallTracer::createStructure):
• bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.h: (WebCore::JSTestClassWithJSBuiltinConstructor::createStructure):
• bindings/scripts/test/JS/JSTestDOMJIT.h: (WebCore::JSTestDOMJIT::createStructure):
• bindings/scripts/test/JS/JSTestEnabledBySetting.h: (WebCore::JSTestEnabledBySetting::createStructure):
• bindings/scripts/test/JS/JSTestEnabledForContext.h: (WebCore::JSTestEnabledForContext::createStructure):
• bindings/scripts/test/JS/JSTestEventConstructor.h: (WebCore::JSTestEventConstructor::createStructure):
• bindings/scripts/test/JS/JSTestEventTarget.h: (WebCore::JSTestEventTarget::createStructure):
• bindings/scripts/test/JS/JSTestException.h: (WebCore::JSTestException::createStructure):
• bindings/scripts/test/JS/JSTestGenerateIsReachable.h: (WebCore::JSTestGenerateIsReachable::createStructure):
• bindings/scripts/test/JS/JSTestGlobalObject.h: (WebCore::JSTestGlobalObject::createStructure):
• bindings/scripts/test/JS/JSTestIndexedSetterNoIdentifier.h: (WebCore::JSTestIndexedSetterNoIdentifier::createStructure):
• bindings/scripts/test/JS/JSTestIndexedSetterThrowingException.h: (WebCore::JSTestIndexedSetterThrowingException::createStructure):
• bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.h: (WebCore::JSTestIndexedSetterWithIdentifier::createStructure):
• bindings/scripts/test/JS/JSTestInterface.h:
• bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.h: (WebCore::JSTestInterfaceLeadingUnderscore::createStructure):
• bindings/scripts/test/JS/JSTestIterable.h: (WebCore::JSTestIterable::createStructure):
• bindings/scripts/test/JS/JSTestJSBuiltinConstructor.h: (WebCore::JSTestJSBuiltinConstructor::createStructure):
• bindings/scripts/test/JS/JSTestMediaQueryListListener.h: (WebCore::JSTestMediaQueryListListener::createStructure):
• bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.h: (WebCore::JSTestNamedAndIndexedSetterNoIdentifier::createStructure):
• bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.h: (WebCore::JSTestNamedAndIndexedSetterThrowingException::createStructure):
• bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.h: (WebCore::JSTestNamedAndIndexedSetterWithIdentifier::createStructure):
• bindings/scripts/test/JS/JSTestNamedConstructor.h: (WebCore::JSTestNamedConstructor::createStructure):
• bindings/scripts/test/JS/JSTestNamedDeleterNoIdentifier.h: (WebCore::JSTestNamedDeleterNoIdentifier::createStructure):
• bindings/scripts/test/JS/JSTestNamedDeleterThrowingException.h: (WebCore::JSTestNamedDeleterThrowingException::createStructure):
• bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.h: (WebCore::JSTestNamedDeleterWithIdentifier::createStructure):
• bindings/scripts/test/JS/JSTestNamedDeleterWithIndexedGetter.h: (WebCore::JSTestNamedDeleterWithIndexedGetter::createStructure):
• bindings/scripts/test/JS/JSTestNamedGetterCallWith.h: (WebCore::JSTestNamedGetterCallWith::createStructure):
• bindings/scripts/test/JS/JSTestNamedGetterNoIdentifier.h: (WebCore::JSTestNamedGetterNoIdentifier::createStructure):
• bindings/scripts/test/JS/JSTestNamedGetterWithIdentifier.h: (WebCore::JSTestNamedGetterWithIdentifier::createStructure):
• bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.h: (WebCore::JSTestNamedSetterNoIdentifier::createStructure):
• bindings/scripts/test/JS/JSTestNamedSetterThrowingException.h: (WebCore::JSTestNamedSetterThrowingException::createStructure):
• bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.h: (WebCore::JSTestNamedSetterWithIdentifier::createStructure):
• bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.h: (WebCore::JSTestNamedSetterWithIndexedGetter::createStructure):
• bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.h: (WebCore::JSTestNamedSetterWithIndexedGetterAndSetter::createStructure):
• bindings/scripts/test/JS/JSTestNamedSetterWithOverrideBuiltins.h: (WebCore::JSTestNamedSetterWithOverrideBuiltins::createStructure):
• bindings/scripts/test/JS/JSTestNamedSetterWithUnforgableProperties.h: (WebCore::JSTestNamedSetterWithUnforgableProperties::createStructure):
• bindings/scripts/test/JS/JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins.h: (WebCore::JSTestNamedSetterWithUnforgablePropertiesAndOverrideBuiltins::createStructure):
• bindings/scripts/test/JS/JSTestNode.h:
• bindings/scripts/test/JS/JSTestObj.h: (WebCore::JSTestObj::createStructure):
• bindings/scripts/test/JS/JSTestOverloadedConstructors.h: (WebCore::JSTestOverloadedConstructors::createStructure):
• bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.h: (WebCore::JSTestOverloadedConstructorsWithSequence::createStructure):
• bindings/scripts/test/JS/JSTestOverrideBuiltins.h: (WebCore::JSTestOverrideBuiltins::createStructure):
• bindings/scripts/test/JS/JSTestPluginInterface.h: (WebCore::JSTestPluginInterface::createStructure):
• bindings/scripts/test/JS/JSTestPromiseRejectionEvent.h: (WebCore::JSTestPromiseRejectionEvent::createStructure):
• bindings/scripts/test/JS/JSTestSerialization.h: (WebCore::JSTestSerialization::createStructure):
• bindings/scripts/test/JS/JSTestSerializationIndirectInheritance.h: (WebCore::JSTestSerializationIndirectInheritance::createStructure):
• bindings/scripts/test/JS/JSTestSerializationInherit.h: (WebCore::JSTestSerializationInherit::createStructure):
• bindings/scripts/test/JS/JSTestSerializationInheritFinal.h: (WebCore::JSTestSerializationInheritFinal::createStructure):
• bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.h: (WebCore::JSTestSerializedScriptValueInterface::createStructure):
• bindings/scripts/test/JS/JSTestStringifier.h: (WebCore::JSTestStringifier::createStructure):
• bindings/scripts/test/JS/JSTestStringifierAnonymousOperation.h: (WebCore::JSTestStringifierAnonymousOperation::createStructure):
• bindings/scripts/test/JS/JSTestStringifierNamedOperation.h: (WebCore::JSTestStringifierNamedOperation::createStructure):
• bindings/scripts/test/JS/JSTestStringifierOperationImplementedAs.h: (WebCore::JSTestStringifierOperationImplementedAs::createStructure):
• bindings/scripts/test/JS/JSTestStringifierOperationNamedToString.h: (WebCore::JSTestStringifierOperationNamedToString::createStructure):
• bindings/scripts/test/JS/JSTestStringifierReadOnlyAttribute.h: (WebCore::JSTestStringifierReadOnlyAttribute::createStructure):
• bindings/scripts/test/JS/JSTestStringifierReadWriteAttribute.h: (WebCore::JSTestStringifierReadWriteAttribute::createStructure):
• bindings/scripts/test/JS/JSTestTypedefs.h: (WebCore::JSTestTypedefs::createStructure):

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@259355 268f45cc-cd09-0410-ab3c-d52691b4dbfc

12:58 PM Changeset in webkit [259501] by Alan Coon

• 3 edits in branches/safari-609.2.1.2-branch/Source/WebCore

Cherry-pick r259305. rdar://problem/61231978

Invalid memory access @ WebCore::FrameLoader::dispatchDidCommitLoad
​https://bugs.webkit.org/show_bug.cgi?id=209786

Patch by Pinki Gyanchandani <​pgyanchandani@apple.com> on 2020-03-31
Reviewed by Ryosuke Niwa.

No new tests. Reduced test would be added later. Currently issue is verified with the original testcase in associated radar-58416328.

Webkit1 only issue, where m_client.dispatchDidCommitLoad in FrameLoader::dispatchDidCommitLoad could cause the frame
to be destroyed, and m_frame still being accessed outside. Changes made to protect the DocumentLoader and Frame.

• loader/DocumentLoader.cpp: (WebCore::DocumentLoader::finishedLoading): (WebCore::DocumentLoader::handleSubstituteDataLoadNow):
• loader/FrameLoader.cpp: (WebCore::FrameLoader::receivedFirstData):

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@259305 268f45cc-cd09-0410-ab3c-d52691b4dbfc

12:58 PM Changeset in webkit [259500] by Alan Coon

• 2 edits in branches/safari-609.2.1.2-branch/Source/WebCore

Cherry-pick r259244. rdar://problem/61231864

Assertion failure in HTMLFormElement::formElementIndex
​https://bugs.webkit.org/show_bug.cgi?id=209643

Reviewed by Darin Adler.

The bug was caused by FormAssociatedElement::findAssociatedForm finding a wrong form element
when it's called on an element which appears later in the removed subtree.

When we find the new form element to associate this element with, check to make sure its root
element is that of the tree scope. This condition will be false if this element is in in the midst
of being removed.

• html/FormAssociatedElement.cpp: (WebCore::FormAssociatedElement::findAssociatedForm):

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@259244 268f45cc-cd09-0410-ab3c-d52691b4dbfc

12:58 PM Changeset in webkit [259499] by Alan Coon

• 2 edits in branches/safari-609.2.1.2-branch/Source/WebKit

Cherry-pick r259056. rdar://problem/61231908

Force Touch preview on ​file:/// URL works while clicking on the URL is blocked
​https://bugs.webkit.org/show_bug.cgi?id=209589
<rdar://57687893>

Reviewed by Antoine Quint.

The immediate action for links should never trigger on file: URLs.

• UIProcess/mac/WKImmediateActionController.mm: (-[WKImmediateActionController _defaultAnimationController]):

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@259056 268f45cc-cd09-0410-ab3c-d52691b4dbfc

12:58 PM Changeset in webkit [259498] by Alan Coon

• 3 edits in branches/safari-609.2.1.2-branch/Source/WebKit

Cherry-pick r258902. rdar://problem/61231866

IPC::Decoder::decodeFixedLengthData() should be marked WARN_UNUSED_RETURN
<​https://webkit.org/b/209448>
<rdar://problem/60797998>

Reviewed by Chris Dumez.

• Platform/IPC/ArgumentCoders.h: (struct VectorArgumentCoder::decode):
• Check the return value of Decoder::decodeFixedLengthData().
• Platform/IPC/Decoder.h: (IPC::Decoder::decodeFixedLengthData): Add WARN_UNUSED_RETURN.

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@258902 268f45cc-cd09-0410-ab3c-d52691b4dbfc

12:58 PM Changeset in webkit [259497] by Alan Coon

• 8 edits in branches/safari-609.2.1.2-branch/Source/JavaScriptCore

Cherry-pick r258901. rdar://problem/61231922

HasIndexedProperty should know about sane chain
​https://bugs.webkit.org/show_bug.cgi?id=209457

Reviewed by Saam Barati.

This patch makes it so HasIndexedProperty is aware of
sane chain. This is useful because, most of the time we do an
indexed in it is on an array. If the array has a sane chain (i.e.
no indexed properties on it's prototypes and has the default
prototype chain) then we can just test for the index being a hole.

Note, we could also just convert OOB indices into false but that
should happen in another patch.
​https://bugs.webkit.org/show_bug.cgi?id=209456

I didn't add any tests because it turns out we already have a ton.
I know this because I broke most of them repeatedly... >.>

• dfg/DFGAbstractInterpreterInlines.h: (JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
• dfg/DFGClobberize.h: (JSC::DFG::clobberize):
• dfg/DFGFixupPhase.cpp: (JSC::DFG::FixupPhase::fixupNode): (JSC::DFG::FixupPhase::setSaneChainIfPossible): (JSC::DFG::FixupPhase::convertToHasIndexedProperty):
• dfg/DFGNodeType.h:
• dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::compileHasIndexedProperty):
• ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::compileHasIndexedProperty): (JSC::FTL::DFG::LowerDFGToB3::speculateAndJump):
• jit/AssemblyHelpers.h: (JSC::AssemblyHelpers::isEmpty):

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@258901 268f45cc-cd09-0410-ab3c-d52691b4dbfc

12:58 PM Changeset in webkit [259496] by Alan Coon

• 2 edits in branches/safari-609.2.1.2-branch/Source/WebKit

Cherry-pick r258814. rdar://problem/61231972

decodeSharedBuffer() in WebCoreArgumentCoders.cpp should validate bufferSize
<​https://webkit.org/b/209373>
<rdar://problem/60610919>

Reviewed by Darin Adler.

• Shared/WebCoreArgumentCoders.cpp: (IPC::decodeSharedBuffer):
• Return early if bufferSize is too big.

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@258814 268f45cc-cd09-0410-ab3c-d52691b4dbfc

12:57 PM Changeset in webkit [259495] by Alan Coon

• 5 edits
  2 adds in branches/safari-609.2.1.2-branch

Cherry-pick r258799. rdar://problem/61231946

Content-Type & Nosniff Ignored on XML External Entity Resources
<​https://webkit.org/b/191171>
<rdar://problem/45763222>

Reviewed by Darin Adler.

Source/WebCore:

Test: http/tests/security/contentTypeOptions/nosniff-xml-external-entity.xhtml

• platform/MIMETypeRegistry.cpp: (WebCore::MIMETypeRegistry::isXMLEntityMIMEType): Add.
• platform/MIMETypeRegistry.h: (WebCore::MIMETypeRegistry::isXMLEntityMIMEType): Add.
• Checks for XML external entity MIME types.

• xml/parser/XMLDocumentParserLibxml2.cpp: (WebCore::externalEntityMimeTypeAllowedByNosniff): Add.
• Checks whether the MIME type is valid based on the presence of the "X-Content-Type-Options: nosniff" header. (WebCore::openFunc):
• Drop the contents of the resource that was returned and print an error message to the Web Inspector console if externalEntityMimeTypeAllowedByNosniff() says the MIME type is not allowed.

LayoutTests:

• http/tests/security/contentTypeOptions/nosniff-xml-external-entity-expected.txt: Add.
• http/tests/security/contentTypeOptions/nosniff-xml-external-entity.xhtml: Add.

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@258799 268f45cc-cd09-0410-ab3c-d52691b4dbfc

12:57 PM Changeset in webkit [259494] by Alan Coon

• 5 edits in branches/safari-609.2.1.2-branch

Cherry-pick r258741. rdar://problem/61231885

Sanitize suggested download filename received from web process
​https://bugs.webkit.org/show_bug.cgi?id=209300
<rdar://problem/59487723>

Patch by Alex Christensen <​achristensen@webkit.org> on 2020-03-19
Reviewed by Chris Dumez.

Source/WebKit:

• UIProcess/Downloads/DownloadProxy.cpp: (WebKit::DownloadProxy::decideDestinationWithSuggestedFilenameAsync):

LayoutTests:

• fast/dom/HTMLAnchorElement/anchor-file-blob-download-includes-backslash-expected.txt:
• fast/dom/HTMLAnchorElement/anchor-file-blob-download-includes-backslash.html:

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@258741 268f45cc-cd09-0410-ab3c-d52691b4dbfc

12:57 PM Changeset in webkit [259493] by Alan Coon

• 3 edits in branches/safari-609.2.1.2-branch/Source/ThirdParty/libwebrtc

Cherry-pick r258690. rdar://problem/61231915

Cherry pick usrsctp commit 790a7a2555aefb392a5a69923f1e9d17b4968467
​https://bugs.webkit.org/show_bug.cgi?id=209204
<rdar://problem/59362671>

Patch by Alex Christensen <​achristensen@webkit.org> on 2020-03-19
Reviewed by Youenn Fablet.

• Source/third_party/usrsctp/usrsctplib/usrsctplib/netinet/sctp_auth.c:
• Source/third_party/usrsctp/usrsctplib/usrsctplib/netinet/sctp_pcb.c:

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@258690 268f45cc-cd09-0410-ab3c-d52691b4dbfc

12:57 PM Changeset in webkit [259492] by Alan Coon

• 2 edits in branches/safari-609.2.1.2-branch/Source/WebKit

Cherry-pick r258559. rdar://problem/61231877

Terminate the WebContent process when receiving invalid IPC from a WebInspector session
​https://bugs.webkit.org/show_bug.cgi?id=209157
<rdar://problem/58961055>

Reviewed by Chris Dumez.

• UIProcess/WebPageProxy.cpp: (WebKit::WebPageProxy::backForwardGoToItemShared): Add a message check that we are not receiving the request from a WebInspector page. (WebKit::WebPageProxy::maybeInitializeSandboxExtensionHandle): Switch to a release assert.

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@258559 268f45cc-cd09-0410-ab3c-d52691b4dbfc

12:57 PM Changeset in webkit [259491] by Alan Coon

• 3 edits in branches/safari-609.2.1.2-branch/Source/WebCore

Cherry-pick r258464. rdar://problem/61231891

Call SVGTRefElement::buildPendingResource in SVGElement::didFinishInsertingNode
​https://bugs.webkit.org/show_bug.cgi?id=208981

Reviewed by Antti Koivisto.

This patch moves the call to SVGTRefElement::buildPendingResource from SVGElement::insertedIntoAncestor
to SVGElement::didFinishInsertingNode.

• svg/SVGElement.cpp: (WebCore::SVGElement::insertedIntoAncestor): Return true when the element has a pending resource ID. (WebCore::SVGElement::didFinishInsertingNode): Added. Calls buildPendingResourcesIfNeeded.
• svg/SVGElement.h:

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@258464 268f45cc-cd09-0410-ab3c-d52691b4dbfc

12:57 PM Changeset in webkit [259490] by Alan Coon

• 4 edits
  2 adds in branches/safari-609.2.1.2-branch

Cherry-pick r258459. rdar://problem/61231983

SVGMatrix should have the access right of its owner SVGTransform always
​https://bugs.webkit.org/show_bug.cgi?id=207462

Reviewed by Simon Fraser.

Source/WebCore:

The SVGMatrix needs to be reattached to its owner SVGTransform when the
access right of this owner changes. The access right of the owner changes
when it gets attached to or detached from a higher level owner.

Test: svg/dom/SVGTransformList-anim-read-only.html

• svg/SVGTransform.h:
• svg/properties/SVGProperty.h: (WebCore::SVGProperty::attach): (WebCore::SVGProperty::detach): (WebCore::SVGProperty::reattach):

LayoutTests:

• svg/dom/SVGTransformList-anim-read-only-expected.txt: Added.
• svg/dom/SVGTransformList-anim-read-only.html: Added.

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@258459 268f45cc-cd09-0410-ab3c-d52691b4dbfc

12:57 PM Changeset in webkit [259489] by Alan Coon

• 2 edits in branches/safari-609.2.1.2-branch/Source/WebKit

Cherry-pick r258401. rdar://problem/61231940

WebPageProxy::SetPromisedDataForImage should validate its imageSize and archiveSize parameters
<​https://webkit.org/b/209029>
<rdar://problem/60181394>

Reviewed by Youenn Fablet.

• UIProcess/mac/WebPageProxyMac.mm: (WebKit::WebPageProxy::setPromisedDataForImage):
• Validate imageSize and archiveSize using MESSAGE_CHECK().
• Add static_cast<size_t>() to imageSize and archiveSize parameters to denote type change.
• Add nullptr check for SharedMemory::map() result with archiveHandle.

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@258401 268f45cc-cd09-0410-ab3c-d52691b4dbfc

12:57 PM Changeset in webkit [259488] by Alan Coon

• 5 edits in branches/safari-609.2.1.2-branch/Source/WebCore

Cherry-pick r258278. rdar://problem/61231870

SVG filter triggers unstable layout.
​https://bugs.webkit.org/show_bug.cgi?id=207444
rdar://problem/59297004

Reviewed by Simon Fraser.

SVG filter code marks DOM nodes dirty and schedules style recalc outside of the SVG root
while in layout. This could lead to unstable layout and cause battery drain.
(See webkit.org/b/208903)

• rendering/RenderLayer.cpp: Remove filterNeedsRepaint(). It's a dangerously misleading name and should not be part of RenderLayer. (WebCore::RenderLayer::calculateClipRects const):
• rendering/RenderLayer.h:
• rendering/RenderLayerFilters.cpp: (WebCore::RenderLayerFilters::notifyFinished):
• rendering/svg/RenderSVGResourceContainer.cpp: (WebCore::RenderSVGResourceContainer::markAllClientsForInvalidation): (WebCore::RenderSVGResourceContainer::markAllClientLayersForInvalidation):

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@258278 268f45cc-cd09-0410-ab3c-d52691b4dbfc

12:57 PM Changeset in webkit [259487] by Alan Coon

• 3 edits
  1 add in branches/safari-609.2.1.2-branch

Cherry-pick r256766. rdar://problem/61231942

[Wasm] REGRESSION(r256665): Wasm->JS call IC needs to save memory size register
​https://bugs.webkit.org/show_bug.cgi?id=207849

Reviewed by Mark Lam.

JSTests:

• wasm/regress/regress-256665.js: Added. (f):

Source/JavaScriptCore:

When generating the call IC, we should select the callee saves using BoundsChecking mode in order
to obey to the calling conventions described in r256665. Currently, we won't restore the memory size
register when calling the Wasm LLInt through the call IC.

• wasm/js/WebAssemblyFunction.cpp: (JSC::WebAssemblyFunction::calleeSaves const):

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@256766 268f45cc-cd09-0410-ab3c-d52691b4dbfc

12:57 PM Changeset in webkit [259486] by Alan Coon

• 3 edits in branches/safari-609.2.1.2-branch/JSTests

Cherry-pick r256698. rdar://problem/61231902

Unreviewed: fix broken tests added in r256665
​https://bugs.webkit.org/show_bug.cgi?id=207727

Our inline WAT doesn't seem to like named blocks/branch targets.

• wasm/regress/llint-callee-saves-with-fast-memory.js:
• wasm/regress/llint-callee-saves-without-fast-memory.js:

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@256698 268f45cc-cd09-0410-ab3c-d52691b4dbfc

12:57 PM Changeset in webkit [259485] by Alan Coon

• 9 edits
  2 adds in branches/safari-609.2.1.2-branch

Cherry-pick r256665. rdar://problem/61231902

[WASM] Wasm interpreter's calling convention doesn't match Wasm JIT's convention.
​https://bugs.webkit.org/show_bug.cgi?id=207727

JSTests:

Reviewed by Mark Lam.

• wasm/regress/llint-callee-saves-with-fast-memory.js: Added.
• wasm/regress/llint-callee-saves-without-fast-memory.js: Added.

Source/JavaScriptCore:

Reviewed by Mark Lam.

The Wasm JIT has unusual calling conventions, which were further complicated by the addition
of the interpreter, and the interpreter did not correctly follow these conventions (by incorrectly
saving and restoring the callee save registers used for the memory base and size). Here's a summary
of the calling convention:

• When entering Wasm from JS, the wrapper must:
  • Preserve the base and size when entering LLInt regardless of the mode. (Prior to this patch we only preserved the base in Signaling mode)
  • Preserve the memory base in either mode, and the size for BoundsChecking.
• Both tiers must preserve every *other* register they use. e.g. the LLInt must preserve PB and wasmInstance, but must *not* preserve memoryBase and memorySize.
• Changes to memoryBase and memorySize are visible to the caller. This means that:
  • Intra-module calls can assume these registers are up-to-date even if the memory was resized. The only exception here is if the LLInt calls a signaling JIT, in which case the JIT will not update the size register, since it won't be using it.
  • Inter-module and JS calls require the caller to reload these registers. These calls may result in memory changes (e.g. the callee may call memory.grow).
  • A Signaling JIT caller must be aware that the LLInt may trash the size register, since it always bounds checks.

• llint/WebAssembly.asm:
• wasm/WasmAirIRGenerator.cpp: (JSC::Wasm::AirIRGenerator::addCall):
• wasm/WasmB3IRGenerator.cpp: (JSC::Wasm::B3IRGenerator::addCall):
• wasm/WasmCallee.cpp: (JSC::Wasm::LLIntCallee::calleeSaveRegisters):
• wasm/WasmCallingConvention.h:
• wasm/WasmLLIntPlan.cpp: (JSC::Wasm::LLIntPlan::didCompleteCompilation):
• wasm/WasmMemoryInformation.cpp: (JSC::Wasm::PinnedRegisterInfo::get): (JSC::Wasm::getPinnedRegisters): Deleted.

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@256665 268f45cc-cd09-0410-ab3c-d52691b4dbfc

12:57 PM Changeset in webkit [259484] by Alan Coon

• 2 edits in branches/safari-609.2.1.2-branch/Source/WebKit

Cherry-pick r254724. rdar://problem/61231960

IPC hardening for WebPageProxy::SetPromisedDataForImage message
​https://bugs.webkit.org/show_bug.cgi?id=206380
<rdar://problem/58625196>

Reviewed by Geoffrey Garen.

IPC hardening for WebPageProxy::SetPromisedDataForImage message. Make sure the shared memory handle sent over IPC is not null
and null check the SharedMemory object after calling SharedMemory::map().

• UIProcess/mac/WebPageProxyMac.mm: (WebKit::WebPageProxy::setPromisedDataForImage):

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@254724 268f45cc-cd09-0410-ab3c-d52691b4dbfc

12:50 PM Changeset in webkit [259483] by ddkilzer@apple.com

• 2 edits in trunk/Source/WebCore

REGRESSION (r8412): Use RetainPtr<> for NSMutableAttributedString in -[WebAccessibilityObjectWrapper doAXAttributedStringForTextMarkerRange:spellCheck:]
<​https://webkit.org/b/209980>

Reviewed by Darin Adler.

• accessibility/mac/WebAccessibilityObjectWrapperMac.mm:

(-[WebAccessibilityObjectWrapper doAXAttributedStringForTextMarkerRange:spellCheck:]):
Make use of RetainPtr<>.

12:25 PM Changeset in webkit [259482] by commit-queue@webkit.org

• 5 edits in trunk/Source

Fix bugs related to VideoTextureCopierCV and ANGLE roll script
​https://bugs.webkit.org/show_bug.cgi?id=209943

Patch by Kenneth Russell <​kbr@chromium.org> on 2020-04-03
Reviewed by Dean Jackson.

Source/ThirdParty/ANGLE:

Update the update-angle.sh script to take into account the new
procedure for generating ANGLE's commit ID header file. This
enables ANGLE rolls into WebKit again.

• update-angle.sh:

Source/WebCore:

Fixed longstanding preexisting bugs related to creation and
deletion of OpenGL objects inside VideoTextureCopierCV, including
in which context its internal framebuffer was created. Unbind the
output texture after hooking it up to the framebuffer to avoid any
appearance of rendering feedback loops.

Stop setting the WebGL compatibility context creation attribute
for VideoTextureCopier's context.

Covered by preexisting layout tests.

• platform/graphics/cocoa/GraphicsContextGLOpenGLCocoa.mm:

(WebCore::GraphicsContextGLOpenGL::GraphicsContextGLOpenGL):

• platform/graphics/cv/VideoTextureCopierCV.cpp:

(WebCore::VideoTextureCopierCV::VideoTextureCopierCV):
(WebCore::VideoTextureCopierCV::~VideoTextureCopierCV):
(WebCore::VideoTextureCopierCV::copyImageToPlatformTexture):
(WebCore::VideoTextureCopierCV::copyVideoTextureToPlatformTexture):

11:40 AM Changeset in webkit [259481] by ysuzuki@apple.com

• 3 edits
  1 add in trunk

[JSC] canonicalizeLocaleList should gracefully throw OOM error if input + error message is too large
​https://bugs.webkit.org/show_bug.cgi?id=209971
<rdar://problem/61258621>

Reviewed by Mark Lam.

JSTests:

• stress/intl-canonicalize-locale-list-error-oom.js: Added.

(shouldThrow):

Source/JavaScriptCore:

canonicalizeLocaleList generates error-message with input. If input is too large, error-message string
generation could fail due to OOM. We should gracefully throw OOM error instead of crashing. This strategy
follows to createError's error-message generation: if error-message generation fails, throwing OOM error.

• runtime/IntlObject.cpp:

(JSC::canonicalizeLocaleList):

11:34 AM Changeset in webkit [259480] by Ross Kirsling

• 8 edits
  13 adds
  39 deletes in trunk

Move Intl tests from LayoutTests to JSTests
​https://bugs.webkit.org/show_bug.cgi?id=209922

Reviewed by Yusuke Suzuki.

JSTests:

Intl doesn't depend on WebCore, so these tests shouldn't be layout tests.
(They do, however, require one method to be added to $vm.)

Since LayoutTests/js has its own test harness, I've also migrated each test case to use simpler assertions.

• stress/array-to-locale-string.js: Removed -- subsumed by the following test.
• stress/array-toLocaleString.js: Added.
• stress/date-toLocaleString.js: Added.
• stress/intl-collator.js: Added.
• stress/intl-datetimeformat.js: Added.
• stress/intl-default-locale.js: Added.
• stress/intl-numberformat-format-to-parts.js: Added.
• stress/intl-numberformat.js: Added.
• stress/intl-object.js: Added.
• stress/intl-pluralrules.js: Added.
• stress/number-toLocaleString.js: Added.
• stress/string-localeCompare.js: Added.
• stress/string-toLocaleLowerCase.js: Added.
• stress/string-toLocaleUpperCase.js: Added.

Source/JavaScriptCore:

• tools/JSDollarVM.cpp:

(JSC::functionSetUserPreferredLanguages):
(JSC::JSDollarVM::finishCreation):
Add $vm.setUserPreferredLanguages, as needed by stress/intl-default-locale.js.

LayoutTests:

• js/array-toLocaleString-expected.txt: Removed.
• js/array-toLocaleString.html: Removed.
• js/date-toLocaleString-expected.txt: Removed.
• js/date-toLocaleString.html: Removed.
• js/intl-collator-expected.txt: Removed.
• js/intl-collator.html: Removed.
• js/intl-datetimeformat-expected.txt: Removed.
• js/intl-datetimeformat.html: Removed.
• js/intl-default-locale-expected.txt: Removed.
• js/intl-default-locale.html: Removed.
• js/intl-expected.txt: Removed.
• js/intl-numberformat-expected.txt: Removed.
• js/intl-numberformat-format-to-parts-expected.txt: Removed.
• js/intl-numberformat-format-to-parts.html: Removed.
• js/intl-numberformat.html: Removed.
• js/intl-pluralrules-expected.txt: Removed.
• js/intl-pluralrules.html: Removed.
• js/intl.html: Removed.
• js/number-toLocaleString-expected.txt: Removed.
• js/number-toLocaleString.html: Removed.
• js/script-tests/array-toLocaleString.js: Removed.
• js/script-tests/date-toLocaleString.js: Removed.
• js/script-tests/intl-collator.js: Removed.
• js/script-tests/intl-datetimeformat.js: Removed.
• js/script-tests/intl-numberformat-format-to-parts.js: Removed.
• js/script-tests/intl-numberformat.js: Removed.
• js/script-tests/intl-pluralrules.js: Removed.
• js/script-tests/intl.js: Removed.
• js/script-tests/number-toLocaleString.js: Removed.
• js/script-tests/string-localeCompare.js: Removed.
• js/script-tests/string-toLocaleLowerCase.js: Removed.
• js/script-tests/string-toLocaleUpperCase.js: Removed.
• js/string-localeCompare-expected.txt: Removed.
• js/string-localeCompare.html: Removed.
• js/string-toLocaleLowerCase-expected.txt: Removed.
• js/string-toLocaleLowerCase.html: Removed.
• js/string-toLocaleUpperCase-expected.txt: Removed.
• js/string-toLocaleUpperCase.html: Removed.
• platform/ios-simulator/TestExpectations: Removed expectations.
• platform/ios/TestExpectations: Removed expectations.
• platform/mac/TestExpectations: Removed expectations.
• platform/win/TestExpectations: Removed expectations.

11:30 AM Changeset in webkit [259479] by Devin Rousso

• 2 edits in trunk/Source/JavaScriptCore

Web Inspector: increase the auto-inspect debugger timeout delay to account for slower networks/devices
​https://bugs.webkit.org/show_bug.cgi?id=209940
<rdar://problem/61120919>

Reviewed by Joseph Pecoraro.

• inspector/remote/cocoa/RemoteInspectorCocoa.mm:

(Inspector::RemoteInspector::updateAutomaticInspectionCandidate):

11:29 AM Changeset in webkit [259478] by ysuzuki@apple.com

• 3 edits
  1 add in trunk

[JSC] TypedArray#subarray should throw OOM error gracefully
​https://bugs.webkit.org/show_bug.cgi?id=209974
<rdar://problem/61253901>

Reviewed by Mark Lam.

JSTests:

• stress/typed-array-subarray-can-throw-oom-error.js: Added.

(foo):
(canThrow):
(bar):
(get bar):

Source/JavaScriptCore:

After r259069 change, possiblySharedBuffer can return nullptr if OOM happens.
However, TypedArray#subarray didn't handle this case properly. This patch throws
an OOM error appropriately if possiblySharedBuffer returns nullptr in TypedArray#subarray.

• runtime/JSGenericTypedArrayViewPrototypeFunctions.h:

(JSC::genericTypedArrayViewPrivateFuncSubarrayCreate):

11:22 AM Changeset in webkit [259477] by eric.carlson@apple.com

• 3 edits
  2 adds in trunk

Filter some capture device names
​https://bugs.webkit.org/show_bug.cgi?id=209941
<rdar://problem/59141886>

Reviewed by Youenn Fablet.

Source/WebCore:

Test: fast/mediastream/anonymize-device-name.html

• platform/mediastream/CaptureDevice.h:

(WebCore::CaptureDevice::label const):

LayoutTests:

• fast/mediastream/anonymize-device-name-expected.txt: Added.
• fast/mediastream/anonymize-device-name.html: Added.

11:06 AM Changeset in webkit [259476] by Megan Gardner

• 2 edits in trunk/Source/WebKit

Color Form Control does not come up on second selection in macCatalyst
​https://bugs.webkit.org/show_bug.cgi?id=209939
<rdar://problem/61131345>

Reviewed by Wenson Hsieh.

On selection and manual dismissal of the form, we need to also call accessoryDone,
as the UIKit callbacks are not called on manual dismissal.

• UIProcess/ios/forms/WKFormColorPicker.mm:

(-[WKColorPicker colorMatrixView:didTapColorButton:]):

11:00 AM Changeset in webkit [259475] by Keith Rollin

• 2 edits in trunk/Source/ThirdParty/ANGLE

Do not link with OpenGL on Apple platforms
​https://bugs.webkit.org/show_bug.cgi?id=209946
<rdar://problem/61237956>

Reviewed by Sam Weinig.

OpenGL is not used in our build of ANGLE. Attempting to link with it
causes warnings, which can turn into errors in some cases (in
particular, when building with Xcode's "new" build system).

• ANGLE.xcodeproj/project.pbxproj:

10:55 AM Changeset in webkit [259474] by Brent Fulgham

• 3 edits in trunk/Source/WebKit

[macOS] Update sandbox rules for correct sanitizer paths in current OS releases
​https://bugs.webkit.org/show_bug.cgi?id=209818
<rdar://problem/58422996>

Unreviewed follow-up based on feedback from the sanitizer team.

The change in r259317 left the original, incorrect, 'literal' form of the path, rather
than the correct 'subpath' form. This corrects that issue.

• NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in:
• WebProcess/com.apple.WebProcess.sb.in:

10:54 AM Changeset in webkit [259473] by Alan Coon

• 1 copy in tags/Safari-610.1.8.1

Tag Safari-610.1.8.1.

10:53 AM Changeset in webkit [259472] by Alan Coon

• 2 edits
  1 delete in branches/safari-610.1.8-branch/Source/ThirdParty/libwebrtc

Cherry-pick r259458. rdar://problem/61265583

Remove rtpplay.exe from the libwebrtc source folder
​https://bugs.webkit.org/show_bug.cgi?id=209957

Reviewed by Eric Carlson.

• .gitignore:
• Source/webrtc/data/voice_engine/stereo_rtp_files/rtpplay.exe: Removed.

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@259458 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:53 AM Changeset in webkit [259471] by Alan Coon

• 8 edits in branches/safari-610.1.8-branch/Source

Versioning.

10:43 AM Changeset in webkit [259470] by Brent Fulgham

• 3 edits in trunk/Source/WebKit

Remove unneeded sandbox access to some file paths
​https://bugs.webkit.org/show_bug.cgi?id=209938
<rdar://problem/59529620>

Reviewed by Per Arne Vollan.

Remove unnecessary access to some locations in /etc. These may have been needed in
the past, but the WebContent process no longer requires this access. We should
remove it.

• Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:
• WebProcess/com.apple.WebProcess.sb.in:

10:37 AM Changeset in webkit [259469] by pvollan@apple.com

• 5 edits in trunk

[iOS] Deny mach lookup access to the runningboard service in the WebContent process
​https://bugs.webkit.org/show_bug.cgi?id=209933
Source/WebKit:

<rdar://problem/56995639>

Reviewed by Brent Fulgham.

On iOS, after <​https://trac.webkit.org/changeset/258180/webkit>, mach lookup access to "com.apple.runningboard"
can be denied in the WebContent process.

Test: fast/sandbox/ios/sandbox-mach-lookup.html

• Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:

LayoutTests:

Reviewed by Brent Fulgham.

• fast/sandbox/ios/sandbox-mach-lookup-expected.txt:
• fast/sandbox/ios/sandbox-mach-lookup.html:

9:54 AM Changeset in webkit [259468] by Diego Pino Garcia

• 2 edits in trunk/Source/WebKit

REGRESSION(r259401): [GTK] Check surroundingRange is not null
​https://bugs.webkit.org/show_bug.cgi?id=209966

Reviewed by Darin Adler & Philippe Normand.

• WebProcess/WebPage/glib/WebPageGLib.cpp:

(WebKit::WebPage::getPlatformEditorState const):

9:53 AM Changeset in webkit [259467] by commit-queue@webkit.org

• 3 edits in trunk/Source/WebCore

Remove unused parameter from loadWithNavigationAction
​https://bugs.webkit.org/show_bug.cgi?id=209959

Patch by Rob Buis <​rbuis@igalia.com> on 2020-04-03
Reviewed by Darin Adler.

Remove unused parameter from loadWithNavigationAction.

• loader/FrameLoader.cpp:

(WebCore::FrameLoader::loadWithNavigationAction):
(WebCore::FrameLoader::load):
(WebCore::FrameLoader::loadWithDocumentLoader):
(WebCore::FrameLoader::reloadWithOverrideEncoding):
(WebCore::FrameLoader::reload):
(WebCore::FrameLoader::loadDifferentDocumentItem):

• loader/FrameLoader.h:

9:51 AM Changeset in webkit [259466] by ddkilzer@apple.com

• 36 edits in trunk

[Xcode] Replace ASAN_OTHER_CFLAGS and ASAN_OTHER_CPLUSPLUSFLAGS with $(inherited)
<​https://webkit.org/b/209963>
<rdar://problem/61257504>

Reviewed by Alexey Proskuryakov.

Source/bmalloc:

• Configurations/Base.xcconfig:
• Remove ASAN_OTHER_CFLAGS, ASAN_OTHER_CPLUSPLUSFLAGS and ASAN_OTHER_LDFLAGS.

Source/JavaScriptCore:

• Configurations/Base.xcconfig:
• Configurations/ToolExecutable.xcconfig:
• Remove ASAN_OTHER_CFLAGS, ASAN_OTHER_CPLUSPLUSFLAGS and ASAN_OTHER_LDFLAGS.

Source/ThirdParty:

• gtest/xcode/Config/General.xcconfig:
• Remove ASAN_OTHER_CFLAGS, ASAN_OTHER_CPLUSPLUSFLAGS and ASAN_OTHER_LDFLAGS.

Source/ThirdParty/ANGLE:

• ANGLE.xcodeproj/project.pbxproj:
• Configurations/Base.xcconfig:
• Remove ASAN_OTHER_CFLAGS, ASAN_OTHER_CPLUSPLUSFLAGS and ASAN_OTHER_LDFLAGS.

Source/ThirdParty/libwebrtc:

• Configurations/Base.xcconfig:
• Remove ASAN_OTHER_CFLAGS, ASAN_OTHER_CPLUSPLUSFLAGS and ASAN_OTHER_LDFLAGS.

Source/WebCore:

• Configurations/Base.xcconfig:
• Remove ASAN_OTHER_CFLAGS, ASAN_OTHER_CPLUSPLUSFLAGS and ASAN_OTHER_LDFLAGS.

Source/WebCore/PAL:

• Configurations/Base.xcconfig:
• Remove ASAN_OTHER_CFLAGS, ASAN_OTHER_CPLUSPLUSFLAGS and ASAN_OTHER_LDFLAGS.

Source/WebInspectorUI:

• Configurations/Base.xcconfig:
• Remove ASAN_OTHER_CFLAGS, ASAN_OTHER_CPLUSPLUSFLAGS and ASAN_OTHER_LDFLAGS.

Source/WebKit:

• Configurations/Base.xcconfig:
• Remove ASAN_OTHER_CFLAGS, ASAN_OTHER_CPLUSPLUSFLAGS and ASAN_OTHER_LDFLAGS.

Source/WebKitLegacy/mac:

• Configurations/Base.xcconfig:
• Remove ASAN_OTHER_CFLAGS, ASAN_OTHER_CPLUSPLUSFLAGS and ASAN_OTHER_LDFLAGS.

Source/WTF:

• Configurations/Base.xcconfig:
• Remove ASAN_OTHER_CFLAGS, ASAN_OTHER_CPLUSPLUSFLAGS and ASAN_OTHER_LDFLAGS.

Tools:

• asan/asan.xcconfig:
• Use $(inherited) to get rid of custom ASAN_OTHER_CFLAGS and ASAN_OTHER_CPLUSPLUSFLAGS. Note that ASAN_OTHER_LDFLAGS had been previously removed in r179312, but not in the other *.xcconfig files.

• ContentExtensionTester/Configurations/Base.xcconfig:
• DumpRenderTree/mac/Configurations/Base.xcconfig:
• ImageDiff/cg/Configurations/Base.xcconfig:
• MiniBrowser/Configurations/Base.xcconfig:
• MobileMiniBrowser/Configurations/Base.xcconfig:
• TestWebKitAPI/Configurations/Base.xcconfig:
• WebEditingTester/Configurations/Base.xcconfig:
• WebKitLauncher/Configurations/Base.xcconfig:
• WebKitTestRunner/Configurations/Base.xcconfig:
• lldb/lldbWebKitTester/Configurations/Base.xcconfig:
• Remove ASAN_OTHER_CFLAGS, ASAN_OTHER_CPLUSPLUSFLAGS and ASAN_OTHER_LDFLAGS.

9:43 AM Changeset in webkit [259465] by Wenson Hsieh

• 4 edits in trunk/Source

Add logging to help diagnose <webkit.org/b/209685>
​https://bugs.webkit.org/show_bug.cgi?id=209967

Reviewed by Darin Adler.

Source/WebCore:

Add logging to try and diagnose a handful of API test failures on iOS 13.4 test runners. The failures seem to
only reproduce in release builds on one particular bot; even then, the problem still doesn't reproduce when
running the API tests on this failing bot.

As such, add some logging to try and verify whether...
(1) the UI process is even attempting to update its supported item provider types, which should happen after

each drag session update.

(2) WKContentView is receiving calls to update the drag session in the first place.

• platform/ios/WebItemProviderPasteboard.mm:

(-[WebItemProviderPasteboard updateSupportedTypeIdentifiers:]):

Source/WebKit:

See WebCore/ChangeLog.

• UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView dropInteraction:sessionDidUpdate:]):

9:26 AM Changeset in webkit [259464] by aakash_jain@apple.com

• 3 edits in trunk/Tools

[ews] Improve error message when patch fails to apply to trunk
​https://bugs.webkit.org/show_bug.cgi?id=209965

Reviewed by Jonathan Bedard.

• BuildSlaveSupport/ews-build/steps.py:

(ApplyPatch.getResultSummary): Improved error message.
(ApplyPatch.evaluateCommand): Ditto.

• BuildSlaveSupport/ews-build/steps_unittest.py: Updated unit-tests.

8:58 AM Changeset in webkit [259463] by ysuzuki@apple.com

• 28 edits in trunk/Source/JavaScriptCore

Unreviewed, partially reverting Structure change due to Speedometer2 regression
​https://bugs.webkit.org/show_bug.cgi?id=207827

Not reverting WTF changes.

• bytecode/AccessCase.cpp:

(JSC::AccessCase::createTransition):
(JSC::AccessCase::createDelete):
(JSC::AccessCase::propagateTransitions const):

• bytecode/AccessCase.h:

(JSC::AccessCase::structure const):

• dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compileCheckSubClass):
(JSC::DFG::SpeculativeJIT::compileObjectKeys):
(JSC::DFG::SpeculativeJIT::compileCreateThis):
(JSC::DFG::SpeculativeJIT::compileCreatePromise):
(JSC::DFG::SpeculativeJIT::compileCreateInternalFieldObject):

• ftl/FTLAbstractHeapRepository.h:
• ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileObjectKeys):
(JSC::FTL::DFG::LowerDFGToB3::compileCreatePromise):
(JSC::FTL::DFG::LowerDFGToB3::compileCreateInternalFieldObject):
(JSC::FTL::DFG::LowerDFGToB3::compileCheckSubClass):
(JSC::FTL::DFG::LowerDFGToB3::loadStructureClassInfo): Deleted.
(JSC::FTL::DFG::LowerDFGToB3::loadStructureCachedPrototypeChainOrRareData): Deleted.

• jit/AssemblyHelpers.h:

(JSC::AssemblyHelpers::emitLoadClassInfoFromStructure): Deleted.

• jit/JITOpcodes.cpp:

(JSC::JIT::emit_op_create_this):

• jit/JITOpcodes32_64.cpp:

(JSC::JIT::emit_op_create_this):

• jit/Repatch.cpp:

(JSC::tryCachePutByID):
(JSC::tryCacheDeleteBy):

• llint/LLIntSlowPaths.cpp:

(JSC::LLInt::LLINT_SLOW_PATH_DECL):

• runtime/ClonedArguments.cpp:

(JSC::ClonedArguments::createStructure):

• runtime/ConcurrentJSLock.h:

(JSC::ConcurrentJSLockerBase::ConcurrentJSLockerBase):
(JSC::GCSafeConcurrentJSLocker::GCSafeConcurrentJSLocker):
(JSC::GCSafeConcurrentJSLocker::~GCSafeConcurrentJSLocker):
(JSC::ConcurrentJSLocker::ConcurrentJSLocker):
(JSC::GCSafeConcurrentJSLockerImpl::GCSafeConcurrentJSLockerImpl): Deleted.
(JSC::GCSafeConcurrentJSLockerImpl::~GCSafeConcurrentJSLockerImpl): Deleted.
(JSC::ConcurrentJSLockerImpl::ConcurrentJSLockerImpl): Deleted.

• runtime/JSCell.h:
• runtime/JSObject.cpp:

(JSC::JSObject::deleteProperty):
(JSC::JSObject::shiftButterflyAfterFlattening):

• runtime/JSObject.h:

(JSC::JSObject::getDirectConcurrently const):

• runtime/JSObjectInlines.h:

(JSC::JSObject::prepareToPutDirectWithoutTransition):

• runtime/JSType.cpp:

(WTF::printInternal):

• runtime/JSType.h:
• runtime/Structure.cpp:

(JSC::StructureTransitionTable::contains const):
(JSC::StructureTransitionTable::get const):
(JSC::StructureTransitionTable::add):
(JSC::Structure::dumpStatistics):
(JSC::Structure::Structure):
(JSC::Structure::create):
(JSC::Structure::findStructuresAndMapForMaterialization):
(JSC::Structure::materializePropertyTable):
(JSC::Structure::addPropertyTransitionToExistingStructureImpl):
(JSC::Structure::addPropertyTransitionToExistingStructureConcurrently):
(JSC::Structure::addNewPropertyTransition):
(JSC::Structure::removePropertyTransitionFromExistingStructureConcurrently):
(JSC::Structure::removeNewPropertyTransition):
(JSC::Structure::changePrototypeTransition):
(JSC::Structure::attributeChangeTransition):
(JSC::Structure::toDictionaryTransition):
(JSC::Structure::takePropertyTableOrCloneIfPinned):
(JSC::Structure::nonPropertyTransitionSlow):
(JSC::Structure::flattenDictionaryStructure):
(JSC::Structure::pin):
(JSC::Structure::pinForCaching):
(JSC::Structure::allocateRareData):
(JSC::Structure::ensurePropertyReplacementWatchpointSet):
(JSC::Structure::copyPropertyTableForPinning):
(JSC::Structure::add):
(JSC::Structure::remove):
(JSC::Structure::visitChildren):
(JSC::Structure::canCachePropertyNameEnumerator const):

• runtime/Structure.h:
• runtime/StructureInlines.h:

(JSC::Structure::get):
(JSC::Structure::forEachPropertyConcurrently):
(JSC::Structure::transitivelyTransitionedFrom):
(JSC::Structure::prototypeChain const):
(JSC::Structure::propertyReplacementWatchpointSet):
(JSC::Structure::checkOffsetConsistency const):
(JSC::Structure::add):
(JSC::Structure::remove):
(JSC::Structure::removePropertyWithoutTransition):
(JSC::Structure::setPropertyTable):
(JSC::Structure::setPreviousID):
(JSC::Structure::ruleOutUnseenProperty const): Deleted.
(JSC::Structure::seenProperties const): Deleted.
(JSC::Structure::addPropertyHashAndSeenProperty): Deleted.
(JSC::Structure::cachedPrototypeChain const): Deleted.
(JSC::Structure::setCachedPrototypeChain): Deleted.
(JSC::Structure::clearPropertyTable): Deleted.
(JSC::Structure::setOutOfLineTypeFlags): Deleted.
(JSC::Structure::setInlineCapacity): Deleted.
(JSC::Structure::setClassInfo): Deleted.
(JSC::Structure::clearPreviousID): Deleted.

• runtime/StructureRareData.cpp:

(JSC::StructureRareData::createStructure):
(JSC::StructureRareData::create):
(JSC::StructureRareData::StructureRareData):
(JSC::StructureRareData::visitChildren):

• runtime/StructureRareData.h:
• runtime/StructureRareDataInlines.h:

(JSC::StructureRareData::setPreviousID):
(JSC::StructureRareData::clearPreviousID):
(JSC::StructureRareData::setCachedPrototypeChain): Deleted.

• runtime/StructureTransitionTable.h:
• tools/JSDollarVM.cpp:

(JSC::JSDollarVMHelper::functionGetStructureTransitionList):

• wasm/js/WebAssemblyFunction.cpp:

(JSC::WebAssemblyFunction::jsCallEntrypointSlow):

8:50 AM Changeset in webkit [259462] by sihui_liu@apple.com

• 4 edits in trunk/LayoutTests

Flaky Test: storage/indexeddb/cursor-request-cycle.html
​https://bugs.webkit.org/show_bug.cgi?id=209796
<rdar://problem/60171737>

Reviewed by Geoffrey Garen.

gc() does not guarantee all objects to be collected in our current implementation. So, instead of verifying all
cursor and request objects are released, we now only check if any of them is collected, which is enough to show
there is no ref cycle.

• storage/indexeddb/cursor-request-cycle-expected.txt:
• storage/indexeddb/cursor-request-cycle-private-expected.txt:
• storage/indexeddb/resources/cursor-request-cycle.js:

(checkCursor):
(isAnyCollected):
(onOpen.otherRequest.onsuccess.otherRequestSuccess.finalRequest.onsuccess):
(onOpen.otherRequest.onsuccess):
(onOpen):
(onOpen.cursorRequest.onsuccess): Deleted.
(onOpen.otherRequest.onsuccess.otherRequestSuccess.cursorRequest.onsuccess): Deleted.

8:43 AM Changeset in webkit [259461] by sihui_liu@apple.com

• 5 edits
  2 adds in trunk

ASSERTION FAILED: m_delegate in IDBConnectionToClient::identifier()
​https://bugs.webkit.org/show_bug.cgi?id=209891
<rdar://problem/59293891>

Reviewed by Geoffrey Garen.

Source/WebCore:

IDBConnectionToClient::connectionToClientClosed() can lead UniqueIDBDatabase to start processing new requests,
and we should make sure it ignores the requests from the closed connection. Otherwise, the connection can be
held alive by the request being processed. We can do that by marking connection closed before calling
connectionToClientClosed on UniqueIDBDatabaseConnection.

API Test: IndexedDB.KillWebProcessWithOpenConnection

• Modules/indexeddb/server/IDBConnectionToClient.cpp:

(WebCore::IDBServer::IDBConnectionToClient::connectionToClientClosed):

Tools:

• TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
• TestWebKitAPI/Tests/WebKitCocoa/KillWebProcessWithOpenConnection-1.html: Added.
• TestWebKitAPI/Tests/WebKitCocoa/KillWebProcessWithOpenConnection-2.html: Added.
• TestWebKitAPI/Tests/WebKitCocoa/WebProcessKillIDBCleanup.mm:

(TEST):

8:21 AM Changeset in webkit [259460] by youenn@apple.com

• 2 edits in trunk/Source/WebKit

ServiceWorkerFetchTask::timeoutTimerFired should not call contextClosed
​https://bugs.webkit.org/show_bug.cgi?id=209906
<rdar://problem/61207801>

Reviewed by Chris Dumez.

Covered by http/tests/workers/service/basic-timeout.https.html no longer crashing.

• NetworkProcess/ServiceWorker/ServiceWorkerFetchTask.cpp:

(WebKit::ServiceWorkerFetchTask::timeoutTimerFired):
We should not call contextClosed now that we are nullying m_swServerConnection in contextClosed.
Instead, we should just call cannotHandle since the timer can only fire if we have not yet received any response.

7:57 AM Changeset in webkit [259459] by Adrian Perez de Castro

• 2 edits in trunk/Source/WebKit

Unreviewed fix after r259382

Rubber-stamped by Carlos Garcia Campos.

No new tests needed.

• UIProcess/API/glib/WebKitWebContext.cpp:

(webkit_web_context_register_uri_scheme): Change g_return_if_fail()
calls to actually check that the passed scheme is not one of the
special ones.

7:35 AM Changeset in webkit [259458] by youenn@apple.com

• 2 edits
  1 delete in trunk/Source/ThirdParty/libwebrtc

Remove rtpplay.exe from the libwebrtc source folder
​https://bugs.webkit.org/show_bug.cgi?id=209957

Reviewed by Eric Carlson.

• .gitignore:
• Source/webrtc/data/voice_engine/stereo_rtp_files/rtpplay.exe: Removed.

7:17 AM Changeset in webkit [259457] by aakash_jain@apple.com

• 2 edits in trunk/Tools

[ews] Display list of test failures along-with the layout-test build step
​https://bugs.webkit.org/show_bug.cgi?id=209912

Reviewed by Jonathan Bedard.

• BuildSlaveSupport/ews-build/steps.py:

(RunWebKitTests._addToLog):
(RunWebKitTests.commandComplete): Add list of test failures to 'test-failures' log which is displayed in UI.
(ReRunWebKitTests.commandComplete): Ditto.
(RunWebKitTestsWithoutPatch.commandComplete): Ditto.

7:11 AM Changeset in webkit [259456] by Philippe Normand

• 2 edits in trunk/Tools

REGRESSION(r259453): [Flatpak SDK] Build directory no longer bind-mounted when running tests
​https://bugs.webkit.org/show_bug.cgi?id=209960

Reviewed by Carlos Alberto Lopez Perez.

The bind-mount is always needed, not only when running build-webkit.

• flatpak/flatpakutils.py:

(WebkitFlatpak.run_in_sandbox):

6:56 AM Changeset in webkit [259455] by Alan Bujtas

• 3 edits
  2 adds in trunk

[MultiColumn] Infinite loop in RenderBlockFlow::pushToNextPageWithMinimumLogicalHeight
​https://bugs.webkit.org/show_bug.cgi?id=209948
<rdar://problem/59331899>

Reviewed by Antti Koivisto.

Source/WebCore:

pushToNextPageWithMinimumLogicalHeight is supposed to find the next page/column with enough space for the content.
However we keep finding the same column because it is not balanced properly yet (while in layout, they have the initial height of LayoutUnit::max).

Test: fast/multicol/infinite-loop-with-unbalanced-column.html

• rendering/RenderBlockFlow.cpp:

(WebCore::RenderBlockFlow::pushToNextPageWithMinimumLogicalHeight const):

LayoutTests:

• fast/multicol/infinite-loop-with-unbalanced-column-expected.txt: Added.
• fast/multicol/infinite-loop-with-unbalanced-column.html: Added.

5:09 AM Changeset in webkit [259454] by commit-queue@webkit.org

• 9 edits in trunk/JSTests

Re-enable previously skipped arm tests
​https://bugs.webkit.org/show_bug.cgi?id=209958

Patch by Paulo Matos <Paulo Matos> on 2020-04-03
Reviewed by Adrian Perez de Castro.

In the past year, some arm tests were skipped to keep the bots green.
All known issues affecting these tests were fixed and now can be unskipped.

• stress/JSArrayBufferView-byteOffset-is-racy-from-compiler-thread.js:
• stress/dont-range-based-iterate-vector-that-is-mutated.js:
• stress/generator-cell-with-type.js:
• stress/incremental-marking-should-not-dead-lock-in-new-property-transition.js:
• stress/racy-slow-put-cloned-arguments-when-having-a-bad-time.js:
• stress/sampling-profiler-should-not-sample-beyond-stack-bounds.js:
• stress/symbol-is-destructed-before-refing-underlying-symbol-impl.js:
• stress/toctou-having-a-bad-time-new-array.js:

4:10 AM Changeset in webkit [259453] by Diego Pino Garcia

• 2 edits in trunk/Tools

[Flatpak SDK] Create platform/Release directory only when build-webkit is called
​https://bugs.webkit.org/show_bug.cgi?id=209954

Reviewed by Philippe Normand.

• flatpak/flatpakutils.py:

(WebkitFlatpak.clean_args): Remove creation of self.build_path.
(WebkitFlatpak.run_in_sandbox): Create self.build_path if command is
build-webkit.

3:46 AM Changeset in webkit [259452] by youenn@apple.com

• 55 edits
  4 copies
  25 adds in trunk

Add initial support for WebRTC HEVC
​https://bugs.webkit.org/show_bug.cgi?id=204283

Reviewed by Eric Carlson.

Source/ThirdParty/libwebrtc:

Add H265 packetization/depacketization and ObjC H265 encoder/decoder.
Support is switchable using a boolean given to the decoder/encoder factories.

• Source/webrtc/api/video/video_codec_type.h:
• Source/webrtc/api/video_codecs/video_codec.cc:
• Source/webrtc/api/video_codecs/video_codec.h:

(webrtc::VideoCodecH265::operator!= const):

• Source/webrtc/api/video_codecs/video_encoder.cc:
• Source/webrtc/api/video_codecs/video_encoder.h:
• Source/webrtc/api/video_codecs/video_encoder_config.cc:
• Source/webrtc/api/video_codecs/video_encoder_config.h:
• Source/webrtc/build_overrides/build.gni:
• Source/webrtc/call/rtp_payload_params.cc:
• Source/webrtc/common_video/BUILD.gn:
• Source/webrtc/common_video/h265/h265_common.cc: Added.
• Source/webrtc/common_video/h265/h265_common.h: Added.
• Source/webrtc/common_video/h265/h265_pps_parser.cc: Added.
• Source/webrtc/common_video/h265/h265_pps_parser.h: Added.
• Source/webrtc/common_video/h265/h265_sps_parser.cc: Added.
• Source/webrtc/common_video/h265/h265_sps_parser.h: Added.
• Source/webrtc/common_video/h265/h265_vps_parser.cc: Added.
• Source/webrtc/common_video/h265/h265_vps_parser.h: Added.
• Source/webrtc/media/base/media_constants.cc:
• Source/webrtc/media/base/media_constants.h:
• Source/webrtc/modules/rtp_rtcp/BUILD.gn:
• Source/webrtc/modules/rtp_rtcp/source/create_video_rtp_depacketizer.cc:
• Source/webrtc/modules/rtp_rtcp/source/h265_sps_parser.cc: Added.
• Source/webrtc/modules/rtp_rtcp/source/h265_sps_parser.h: Added.

(webrtc::H265SpsParser::width):
(webrtc::H265SpsParser::height):

• Source/webrtc/modules/rtp_rtcp/source/rtp_format.cc:
• Source/webrtc/modules/rtp_rtcp/source/rtp_format_h265.cc: Added.
• Source/webrtc/modules/rtp_rtcp/source/rtp_format_h265.h: Added.

(webrtc::RtpPacketizerH265::Packet::Packet):
(webrtc::RtpPacketizerH265::PacketUnit::PacketUnit):
(webrtc::VideoRtpDepacketizerH265::~VideoRtpDepacketizerH265):

• Source/webrtc/modules/rtp_rtcp/source/rtp_sender_video.cc:
• Source/webrtc/modules/rtp_rtcp/source/rtp_video_header.h:
• Source/webrtc/modules/video_coding/BUILD.gn:
• Source/webrtc/modules/video_coding/codecs/h265/include/h265_globals.h: Added.
• Source/webrtc/modules/video_coding/encoded_frame.cc:
• Source/webrtc/modules/video_coding/h265_vps_sps_pps_tracker.cc: Added.
• Source/webrtc/modules/video_coding/h265_vps_sps_pps_tracker.h: Added.
• Source/webrtc/modules/video_coding/include/video_codec_interface.h:
• Source/webrtc/modules/video_coding/jitter_buffer_common.h:
• Source/webrtc/modules/video_coding/packet.cc:
• Source/webrtc/modules/video_coding/packet_buffer.cc:
• Source/webrtc/modules/video_coding/session_info.cc:
• Source/webrtc/modules/video_coding/session_info.h:
• Source/webrtc/rtc_base/experiments/min_video_bitrate_experiment.cc:
• Source/webrtc/sdk/WebKit/WebKitUtilities.h:
• Source/webrtc/sdk/WebKit/WebKitUtilities.mm:

(webrtc::createWebKitEncoderFactory):
(webrtc::createWebKitDecoderFactory):

• Source/webrtc/sdk/objc/components/video_codec/RTCCodecSpecificInfoH265+Private.h: Copied from Source/ThirdParty/libwebrtc/Source/webrtc/sdk/objc/components/video_codec/RTCDefaultVideoDecoderFactory.h.
• Source/webrtc/sdk/objc/components/video_codec/RTCCodecSpecificInfoH265.h: Added.
• Source/webrtc/sdk/objc/components/video_codec/RTCCodecSpecificInfoH265.mm: Added.

(-[RTCCodecSpecificInfoH265 nativeCodecSpecificInfo]):

• Source/webrtc/sdk/objc/components/video_codec/RTCDefaultVideoDecoderFactory.h:
• Source/webrtc/sdk/objc/components/video_codec/RTCDefaultVideoDecoderFactory.m:

(-[RTCDefaultVideoDecoderFactory initWithH265:]):
(-[RTCDefaultVideoDecoderFactory supportedCodecs]):
(-[RTCDefaultVideoDecoderFactory createDecoder:]):

• Source/webrtc/sdk/objc/components/video_codec/RTCDefaultVideoEncoderFactory.h:
• Source/webrtc/sdk/objc/components/video_codec/RTCDefaultVideoEncoderFactory.m:

(-[RTCDefaultVideoEncoderFactory initWithH265:]):
(+[RTCDefaultVideoEncoderFactory supportedCodecs]):
(-[RTCDefaultVideoEncoderFactory createEncoder:]):
(-[RTCDefaultVideoEncoderFactory supportedCodecs]):

• Source/webrtc/sdk/objc/components/video_codec/RTCH265ProfileLevelId.h: Copied from Source/ThirdParty/libwebrtc/Source/webrtc/sdk/objc/components/video_codec/RTCDefaultVideoDecoderFactory.h.
• Source/webrtc/sdk/objc/components/video_codec/RTCH265ProfileLevelId.mm: Added.
• Source/webrtc/sdk/objc/components/video_codec/RTCVideoDecoderH265.h: Copied from Source/ThirdParty/libwebrtc/Source/webrtc/sdk/objc/components/video_codec/RTCDefaultVideoDecoderFactory.h.
• Source/webrtc/sdk/objc/components/video_codec/RTCVideoDecoderH265.mm: Added.

(RTCH265FrameDecodeParams::RTCH265FrameDecodeParams):
(h265DecompressionOutputCallback):
(-[RTCVideoDecoderH265 init]):
(-[RTCVideoDecoderH265 dealloc]):
(-[RTCVideoDecoderH265 startDecodeWithNumberOfCores:]):
(-[RTCVideoDecoderH265 decode:missingFrames:codecSpecificInfo:renderTimeMs:]):
(-[RTCVideoDecoderH265 setCallback:]):
(-[RTCVideoDecoderH265 releaseDecoder]):
(-[RTCVideoDecoderH265 resetDecompressionSession]):
(-[RTCVideoDecoderH265 configureDecompressionSession]):
(-[RTCVideoDecoderH265 destroyDecompressionSession]):
(-[RTCVideoDecoderH265 setVideoFormat:]):
(-[RTCVideoDecoderH265 implementationName]):

• Source/webrtc/sdk/objc/components/video_codec/RTCVideoEncoderH265.h: Copied from Source/ThirdParty/libwebrtc/Source/webrtc/sdk/objc/components/video_codec/RTCDefaultVideoDecoderFactory.h.
• Source/webrtc/sdk/objc/components/video_codec/RTCVideoEncoderH265.mm: Added.

(-[RTCVideoEncoderH265 initWithCodecInfo:]):
(-[RTCVideoEncoderH265 dealloc]):
(-[RTCVideoEncoderH265 startEncodeWithSettings:numberOfCores:]):
(-[RTCVideoEncoderH265 encode:codecSpecificInfo:frameTypes:]):
(-[RTCVideoEncoderH265 setCallback:]):
(-[RTCVideoEncoderH265 setBitrate:framerate:]):
(-[RTCVideoEncoderH265 releaseEncoder]):
(-[RTCVideoEncoderH265 resetCompressionSession]):
(-[RTCVideoEncoderH265 configureCompressionSession]):
(-[RTCVideoEncoderH265 destroyCompressionSession]):
(-[RTCVideoEncoderH265 implementationName]):
(-[RTCVideoEncoderH265 setBitrateBps:]):
(-[RTCVideoEncoderH265 setEncoderBitrateBps:]):
(-[RTCVideoEncoderH265 frameWasEncoded:flags:sampleBuffer:width:height:renderTimeMs:timestamp:rotation:]):
(-[RTCVideoEncoderH265 scalingSettings]):

• Source/webrtc/sdk/objc/components/video_codec/nalu_rewriter.cc:
• Source/webrtc/sdk/objc/components/video_codec/nalu_rewriter.h:
• Source/webrtc/sdk/objc/native/src/objc_video_decoder_factory.mm:

(webrtc::ObjCVideoDecoderFactory::CreateVideoDecoder):

• Source/webrtc/sdk/objc/native/src/objc_video_encoder_factory.mm:

(webrtc::ObjCVideoEncoderFactory::CreateVideoEncoder):

• Source/webrtc/video/rtp_video_stream_receiver.cc:
• Source/webrtc/video/rtp_video_stream_receiver.h:
• Source/webrtc/video/send_statistics_proxy.cc:
• Source/webrtc/video/video_receive_stream.cc:
• Source/webrtc/video/video_stream_encoder.cc:
• libwebrtc.xcodeproj/project.pbxproj:

Source/WebCore:

Add a runtime flag for H265 in lieu of VP8 and pipe it to libwebrtc factories.
Test: webrtc/h265.html

• page/Page.cpp:

(WebCore::m_deviceOrientationUpdateProvider):

• page/RuntimeEnabledFeatures.h:

(WebCore::RuntimeEnabledFeatures::webRTCH265CodecEnabled const):
(WebCore::RuntimeEnabledFeatures::setWebRTCH265CodecEnabled):

• platform/mediastream/libwebrtc/LibWebRTCProvider.h:
• platform/mediastream/libwebrtc/LibWebRTCProviderCocoa.cpp:

(WebCore::LibWebRTCProviderCocoa::createDecoderFactory):
(WebCore::LibWebRTCProviderCocoa::createEncoderFactory):

• testing/Internals.cpp:

(WebCore::Internals::resetToConsistentState):

Source/WebKit:

Remove VP8 runtime flag and add a H365 runtime flag instead.

• Shared/WebPreferences.yaml:
• WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::updatePreferences):

LayoutTests:

• TestExpectations:
• webrtc/h265-expected.txt: Added.
• webrtc/h265.html: Added.

2:21 AM Changeset in webkit [259451] by Philippe Normand

• 2 edits in trunk/Tools

[Flatpak SDK] build-webkit --flatpak-cmakeargs option is ignored
​https://bugs.webkit.org/show_bug.cgi?id=209648

Reviewed by Žan Doberšek.

This patch removes redundant options from webkit-flatpak,
correctly handles the cmakeargs option and reduces the amount of
flatpak list calls performed.

• flatpak/flatpakutils.py:

(check_flatpak):
(FlatpakPackages.init):
(FlatpakPackage.is_installed):
(WebkitFlatpak.load_from_args):
(WebkitFlatpak.init):
(WebkitFlatpak.clean_args):
(WebkitFlatpak.run_in_sandbox):
(WebkitFlatpak.main):
(WebkitFlatpak.setup_dev_env):
(WebkitFlatpak.run_gdb):

2:13 AM Changeset in webkit [259450] by Diego Pino Garcia

• 2 edits in trunk/Tools

[Flatpak SDK] Call setup_icecc only if use_icecream is defined
​https://bugs.webkit.org/show_bug.cgi?id=209956

Reviewed by Philippe Normand.

• flatpak/flatpakutils.py:

(WebkitFlatpak.setup_dev_env):

1:38 AM Changeset in webkit [259449] by yousuke.kimoto@sony.com

• 4 edits in trunk/Source

FileSystem handle leaks in CurlCacheManager and NetworkCacheData when failed to open a file
​https://bugs.webkit.org/show_bug.cgi?id=209949

Reviewed by Fujii Hironori.

A file handle of FileSystem is not closed when the file handle doesn't
return its status. The handle should be released before returning.

No new tests, no behavior change.

Source/WebCore:

• platform/network/curl/CurlCacheManager.cpp:

(WebCore::CurlCacheManager::loadIndex):

Source/WebKit:

• NetworkProcess/cache/NetworkCacheData.cpp:

(WebKit::NetworkCache::mapFile):

12:24 AM Changeset in webkit [259448] by commit-queue@webkit.org

• 2 edits in trunk/JSTests

stress/ftl-gettypedarrayoffset-wasteful.js times out on arm/linux
​https://bugs.webkit.org/show_bug.cgi?id=198754

Patch by Paulo Matos <Paulo Matos> on 2020-04-03
Reviewed by Žan Doberšek.

Unskip test.

• stress/ftl-gettypedarrayoffset-wasteful.js:

12:21 AM Changeset in webkit [259447] by Peng Liu

• 6 edits in trunk/Source

WebCore::HTMLMediaElement::mediaCanStart crashes
​https://bugs.webkit.org/show_bug.cgi?id=209950

Reviewed by Jer Noble.

Source/WebCore:

Use WeakHashSet instead of HashSet to record MediaCanStartListeners in Document.

• dom/Document.cpp:

(WebCore::Document::addMediaCanStartListener):
(WebCore::Document::removeMediaCanStartListener):
(WebCore::Document::takeAnyMediaCanStartListener):

• dom/Document.h:
• page/MediaCanStartListener.h:

Source/WebKit:

UserMediaPermissionRequestManager does not need to inherit from
CanMakeWeakPtr<UserMediaPermissionRequestManager> because its
parent class MediaCanStartListener supports WeakPtr now.

• WebProcess/MediaStream/UserMediaPermissionRequestManager.h:

12:08 AM Changeset in webkit [259446] by Antti Koivisto

• 3 edits in trunk/Tools

[Windows] Ignore render tree dump based results on Windows
​https://bugs.webkit.org/show_bug.cgi?id=209897

Reviewed by Darin Adler.

Render tree dumps are port specific and so difficult to maintain. They are mostly very old and
have been superseded by more modern ref and text dump tests. They rarely reveal any port specific bugs.

This patch adds --ignore-render-tree-dump-results option to run-webkit-tests and enables it by
default on Apple Windows port.

With the option set the render tree dump tests are still run (so crashes are detected) but their
output is treated as if it always passed. Missing results are not written to disk.

• Scripts/webkitpy/layout_tests/controllers/single_test_runner.py:

(SingleTestRunner._compare_text):

• Scripts/webkitpy/layout_tests/run_webkit_tests.py:

(parse_args):
(_set_up_derived_options):

12:04 AM Changeset in webkit [259445] by Simon Fraser

• 4 edits in trunk/Source/WebCore

Flesh out enclosingScrollableArea() implementations
​https://bugs.webkit.org/show_bug.cgi?id=209953

Reviewed by Timothy Hatcher.

enclosingScrollableArea() is a virtual function on ScrollableArea. It's currently
only called in an unused iOS WebKit1 code path, but will soon be used for scroll
latching, so flesh out implementations.

Will be tested by future scroll latching tests.

• page/FrameView.cpp:

(WebCore::FrameView::enclosingScrollableArea const):

• rendering/RenderLayer.cpp:

(WebCore::RenderLayer::enclosingScrollableArea const):

• rendering/RenderListBox.cpp:

(WebCore::RenderListBox::enclosingScrollableArea const):

Apr 2, 2020:

10:57 PM Changeset in webkit [259444] by Alexey Shvayka

• 5 edits in trunk

TypedArray's DefineOwnProperty? is incorrect with partial descriptors
​https://bugs.webkit.org/show_bug.cgi?id=188875

Reviewed by Ross Kirsling.

JSTests:

• stress/typedarray-configure-index.js:
• test262/expectations.yaml: Mark 10 test cases as passing.

Source/JavaScriptCore:

This change implements steps 3.b.iv-v of TypedArray's DefineOwnProperty? method [1],
preventing type errors from being thrown if descriptor lacks Enumerable? or Writable?
field and aligning JSC with V8 and SpiderMonkey.

[1]: ​https://tc39.es/ecma262/#sec-integer-indexed-exotic-objects-defineownproperty-p-desc

• runtime/JSGenericTypedArrayViewInlines.h:

(JSC::JSGenericTypedArrayView<Adaptor>::defineOwnProperty):

10:46 PM Changeset in webkit [259443] by Simon Fraser

• 5 edits in trunk/Source/WebCore

Rename widgetDidHandleWheelEvent back to passWheelEventToWidget and make some functions private
​https://bugs.webkit.org/show_bug.cgi?id=209951

Reviewed by Zalan Bujtas.

Revert the rename from r199331, and make private wheel-event related functions that
are internal to EventHandler.

• page/EventHandler.cpp:

(WebCore::EventHandler::handleWheelEvent):
(WebCore::EventHandler::passWheelEventToWidget):
(WebCore::EventHandler::widgetDidHandleWheelEvent): Deleted.

• page/EventHandler.h:
• page/ios/EventHandlerIOS.mm:

(WebCore::EventHandler::passWheelEventToWidget):
(WebCore::EventHandler::widgetDidHandleWheelEvent): Deleted.

• page/mac/EventHandlerMac.mm:

(WebCore::EventHandler::passWheelEventToWidget):
(WebCore::EventHandler::widgetDidHandleWheelEvent): Deleted.

9:56 PM Changeset in webkit [259442] by James Savage

• 2 edits in trunk/Tools

Add myself, as a committer, to contributors.json.
​https://bugs.webkit.org/show_bug.cgi?id=209952.

• Scripts/webkitpy/common/config/contributors.json:

9:51 PM Changeset in webkit [259441] by James Savage

• 2 edits in trunk/Tools

Add myself to contributors.json.
​https://bugs.webkit.org/show_bug.cgi?id=209952.

• Scripts/webkitpy/common/config/contributors.json:

8:56 PM Changeset in webkit [259440] by wilander@apple.com

• 20 edits
  4 adds in trunk

Add SPI to configure WebsiteDataStores with a URL for standalone web applications and use it to disable first-party website data removal in ITP
​https://bugs.webkit.org/show_bug.cgi?id=209634
<rdar://problem/60943970>

Reviewed by Alex Christensen.

Source/WebKit:

This change adds a new property to _WKWebsiteDataStoreConfiguration.h called
standaloneApplicationURL with which the hosting application can inform the
website data store that it's running as a standalone web application.

This change also forwards an existing standaloneApplicationURL as a
WebCore::RegistrableDomain into ITP so that explicit exemptions can be made
to first parties of standalone web applications. The exemptions made here
all for all of ITP's website data removal. This part of the change is
covered by the new layout tests.

Tests: http/tests/resourceLoadStatistics/standalone-web-application-exempt-from-website-data-deletion-database.html

http/tests/resourceLoadStatistics/standalone-web-application-exempt-from-website-data-deletion.html

• NetworkProcess/Classifier/ResourceLoadStatisticsDatabaseStore.cpp:
• NetworkProcess/Classifier/ResourceLoadStatisticsMemoryStore.cpp:

(WebKit::ResourceLoadStatisticsMemoryStore::registrableDomainsToDeleteOrRestrictWebsiteDataFor):

• NetworkProcess/Classifier/ResourceLoadStatisticsStore.h:

(WebKit::ResourceLoadStatisticsStore::setStandaloneApplicationDomain):
(WebKit::ResourceLoadStatisticsStore::standaloneApplicationDomain const):

• NetworkProcess/Classifier/WebResourceLoadStatisticsStore.cpp:

(WebKit::WebResourceLoadStatisticsStore::setStandaloneApplicationDomain):

• NetworkProcess/Classifier/WebResourceLoadStatisticsStore.h:
• NetworkProcess/NetworkSession.cpp:

(WebKit::NetworkSession::NetworkSession):
(WebKit::NetworkSession::forwardResourceLoadStatisticsSettings):

• NetworkProcess/NetworkSession.h:
• Shared/ResourceLoadStatisticsParameters.h:

(WebKit::ResourceLoadStatisticsParameters::encode const):
(WebKit::ResourceLoadStatisticsParameters::decode):

• UIProcess/API/Cocoa/_WKWebsiteDataStoreConfiguration.h:
• UIProcess/API/Cocoa/_WKWebsiteDataStoreConfiguration.mm:

(-[_WKWebsiteDataStoreConfiguration standaloneApplicationURL]):
(-[_WKWebsiteDataStoreConfiguration setStandaloneApplication:]):

• UIProcess/WebProcessPool.cpp:

(WebKit::WebProcessPool::ensureNetworkProcess):

• UIProcess/WebsiteData/Cocoa/WebsiteDataStoreCocoa.mm:

(WebKit::WebsiteDataStore::platformSetNetworkParameters):

• UIProcess/WebsiteData/WebsiteDataStoreConfiguration.cpp:

(WebKit::WebsiteDataStoreConfiguration::copy const):

• UIProcess/WebsiteData/WebsiteDataStoreConfiguration.h:

(WebKit::WebsiteDataStoreConfiguration::standaloneApplicationURL const):
(WebKit::WebsiteDataStoreConfiguration::setStandaloneApplicationURL):

Tools:

Added a new test option called standaloneWebApplicationURL so that layout tests can
configure the website data store accordingly. Picking it up and using it requires
creating a new website data store with a configuration that has the standalone web
application URL.

• WebKitTestRunner/TestController.cpp:

(WTR::parseStringTestHeaderValueAsURL):
(WTR::updateTestOptionsFromTestHeader):

• WebKitTestRunner/TestOptions.h:
• WebKitTestRunner/cocoa/TestControllerCocoa.mm:

(WTR::TestController::platformCreateWebView):

LayoutTests:

• http/tests/resourceLoadStatistics/standalone-web-application-exempt-from-website-data-deletion-database-expected.txt: Added.
• http/tests/resourceLoadStatistics/standalone-web-application-exempt-from-website-data-deletion-database.html: Added.
• http/tests/resourceLoadStatistics/standalone-web-application-exempt-from-website-data-deletion-expected.txt: Added.
• http/tests/resourceLoadStatistics/standalone-web-application-exempt-from-website-data-deletion.html: Added.

7:49 PM Changeset in webkit [259439] by wilander@apple.com

• 3 edits in trunk/LayoutTests

Rebase expectation files for anchor tag tests with line number output
​https://bugs.webkit.org/show_bug.cgi?id=209945
<rdar://problem/61237662>

Unreviewed test gardening.

• http/tests/adClickAttribution/anchor-tag-attributes-validation-expected.txt:

Rebased since the lines of the console output have changed.

• http/tests/security/anchor-download-block-crossorigin-expected.txt:

Rebased since the lines of the console output have changed.

6:51 PM Changeset in webkit [259438] by Andres Gonzalez

• 6 edits
  1 add in trunk

Crash in RenderMenuList::didUpdateActiveOption.
​https://bugs.webkit.org/show_bug.cgi?id=208867
<rdar://problem/60035390>

Reviewed by Chris Fleizach.

Source/WebCore:

Enabled test accessibility/menu-list-sends-change-notification.html.

• Check the type of the AccessibilityObject before downcasting in RenderMenuList.
• Fixed handling of the AXMenuListValueChanged notification on the Mac.

This notification was previously ignored and hence the LayoutTest was failing.

• accessibility/mac/AXObjectCacheMac.mm:

(WebCore::AXObjectCache::postPlatformNotification):

• rendering/RenderMenuList.cpp:

(RenderMenuList::didUpdateActiveOption):

LayoutTests:

Enabled accessibility/menu-list-sends-change-notification.html test
and added the expected.txt file for it.

• accessibility/menu-list-sends-change-notification-expected.txt: Added.
• accessibility/menu-list-sends-change-notification.html:

6:24 PM Changeset in webkit [259437] by Devin Rousso

• 3 edits in trunk/Source/WebInspectorUI

Context menu for local storage puts quotes around key and value
​https://bugs.webkit.org/show_bug.cgi?id=209868

Reviewed by Joseph Pecoraro.

There are only two WI.DataGrid that support editing right now. Both of them use obvious
names for their columns (e.g. "Key", "Name", "Value", etc.), so rather than quote the column
name in the context menu, just display it as is.

• UserInterface/Views/DataGrid.js:

(WI.DataGrid.prototype._contextMenuInDataTable):

• Localizations/en.lproj/localizedStrings.js:

5:37 PM Changeset in webkit [259436] by commit-queue@webkit.org

• 9 edits
  2 deletes in trunk

Unreviewed, reverting r259390.
​https://bugs.webkit.org/show_bug.cgi?id=209944

It broke WinCairo builds (Requested by fujihiro on #webkit).

Reverted changeset:

"Enable offlineasm debug annotations for GCC"
​https://bugs.webkit.org/show_bug.cgi?id=207119
​https://trac.webkit.org/changeset/259390

5:37 PM Changeset in webkit [259435] by eric.carlson@apple.com

• 21 edits
  2 adds
  10 deletes in trunk/Source/WebCore

Remove unused media controls code
​https://bugs.webkit.org/show_bug.cgi?id=209875
<rdar://problem/61172738>

Remove code for the, now unused, C++ based media controls.

Reviewed by Daniel Bates.

No new tests, no functional change.

• Modules/mediacontrols/MediaControlsHost.cpp:

(WebCore::MediaControlsHost::textTrackContainer):

• Modules/mediacontrols/MediaControlsHost.h:
• Modules/plugins/QuickTimePluginReplacement.mm:
• Sources.txt:
• WebCore.xcodeproj/project.pbxproj:
• accessibility/AXObjectCache.cpp:

(WebCore::createFromRenderer):

• accessibility/AccessibilityMediaControls.cpp: Removed.
• accessibility/AccessibilityMediaControls.h: Removed.
• dom/Node.h:

(WebCore::Node::isMediaControlElement const): Deleted.
(WebCore::Node::isMediaControls const): Deleted.

• html/HTMLMediaElement.cpp:

(WebCore::HTMLMediaElement::HTMLMediaElement):
(WebCore::HTMLMediaElement::~HTMLMediaElement):
(WebCore::HTMLMediaElement::childShouldCreateRenderer const):
(WebCore::HTMLMediaElement::pauseAfterDetachedTask):
(WebCore::HTMLMediaElement::updateRenderer):
(WebCore::HTMLMediaElement::selectMediaResource):
(WebCore::HTMLMediaElement::mediaLoadingFailed):
(WebCore::HTMLMediaElement::setNetworkState):
(WebCore::HTMLMediaElement::changeNetworkStateFromLoadingToIdle):
(WebCore::HTMLMediaElement::setReadyState):
(WebCore::HTMLMediaElement::progressEventTimerFired):
(WebCore::HTMLMediaElement::setMuted):
(WebCore::HTMLMediaElement::playbackProgressTimerFired):
(WebCore::HTMLMediaElement::addTextTrack):
(WebCore::HTMLMediaElement::removeTextTrack):
(WebCore::HTMLMediaElement::didAddTextTrack):
(WebCore::HTMLMediaElement::ensureMediaControlsShadowRoot):
(WebCore::HTMLMediaElement::updateCaptionContainer):
(WebCore::HTMLMediaElement::layoutSizeChanged):
(WebCore::HTMLMediaElement::configureTextTracks):
(WebCore::HTMLMediaElement::mediaPlayerCharacteristicChanged):
(WebCore::HTMLMediaElement::updateVolume):
(WebCore::HTMLMediaElement::updatePlayState):
(WebCore::HTMLMediaElement::enterFullscreen):
(WebCore::HTMLMediaElement::exitFullscreen):
(WebCore::HTMLMediaElement::didBecomeFullscreenElement):
(WebCore::HTMLMediaElement::willStopBeingFullscreenElement):
(WebCore::HTMLMediaElement::textTrackReadyStateChanged):
(WebCore::HTMLMediaElement::configureTextTrackDisplay):
(WebCore::HTMLMediaElement::updateTextTrackDisplay):
(WebCore::HTMLMediaElement::updateTextTrackRepresentationImageIfNeeded):
(WebCore::HTMLMediaElement::setClosedCaptionsVisible):
(WebCore::HTMLMediaElement::configureMediaControls):
(WebCore::HTMLMediaElement::captionPreferencesChanged):
(WebCore::HTMLMediaElement::setController):
(WebCore::HTMLMediaElement::getCurrentMediaControlsStatus):
(WebCore::HTMLMediaElement::closeCaptionTracksChanged): Deleted.
(WebCore::HTMLMediaElement::mediaControls const): Deleted.
(WebCore::HTMLMediaElement::hasMediaControls const): Deleted.
(WebCore::HTMLMediaElement::createMediaControls): Deleted.

• html/HTMLMediaElement.h:

(WebCore::HTMLMediaElement::mediaControlsHost):

• html/shadow/MediaControlElementTypes.cpp: Removed.
• html/shadow/MediaControlElementTypes.h: Removed.
• html/shadow/MediaControlElements.cpp: Removed.
• html/shadow/MediaControlElements.h: Removed.
• html/shadow/MediaControlTextTrackContainerElement.cpp: Added.

(WebCore::MediaControlTextTrackContainerElement::create):
(WebCore::MediaControlTextTrackContainerElement::MediaControlTextTrackContainerElement):
(WebCore::MediaControlTextTrackContainerElement::createElementRenderer):
(WebCore::compareCueIntervalForDisplay):
(WebCore::MediaControlTextTrackContainerElement::updateDisplay):
(WebCore::MediaControlTextTrackContainerElement::updateTextTrackRepresentationImageIfNeeded):
(WebCore::MediaControlTextTrackContainerElement::processActiveVTTCue):
(WebCore::MediaControlTextTrackContainerElement::updateActiveCuesFontSize):
(WebCore::MediaControlTextTrackContainerElement::updateTextStrokeStyle):
(WebCore::MediaControlTextTrackContainerElement::updateTextTrackRepresentationIfNeeded):
(WebCore::MediaControlTextTrackContainerElement::clearTextTrackRepresentation):
(WebCore::MediaControlTextTrackContainerElement::updateTextTrackStyle):
(WebCore::MediaControlTextTrackContainerElement::enteredFullscreen):
(WebCore::MediaControlTextTrackContainerElement::exitedFullscreen):
(WebCore::MediaControlTextTrackContainerElement::updateVideoDisplaySize):
(WebCore::MediaControlTextTrackContainerElement::updateSizes):
(WebCore::MediaControlTextTrackContainerElement::createTextTrackRepresentationImage):
(WebCore::MediaControlTextTrackContainerElement::textTrackRepresentationBoundsChanged):
(WebCore::MediaControlTextTrackContainerElement::hide):
(WebCore::MediaControlTextTrackContainerElement::show):
(WebCore::MediaControlTextTrackContainerElement::isShowing const):
(WebCore::MediaControlTextTrackContainerElement::logger const):
(WebCore::MediaControlTextTrackContainerElement::logIdentifier const):
(WebCore::MediaControlTextTrackContainerElement::logChannel const):

• html/shadow/MediaControlTextTrackContainerElement.h: Added.
• html/shadow/MediaControls.cpp: Removed.
• html/shadow/MediaControls.h: Removed.
• page/CaptionUserPreferencesMediaAF.cpp:
• page/Page.cpp:

(WebCore::Page::setPageScaleFactor):
(WebCore::Page::setUserInterfaceLayoutDirection):

• rendering/RenderMediaControls.cpp: Removed.
• rendering/RenderMediaControls.h: Removed.
• rendering/RenderSlider.cpp:
• rendering/RenderTheme.cpp:
• rendering/RenderThemeAdwaita.cpp:
• rendering/RenderThemeCocoa.h:
• rendering/RenderThemeCocoa.mm:

(WebCore::RenderThemeCocoa::mediaControlsFormattedStringForDuration):

• rendering/RenderThemeIOS.mm:

(WebCore::RenderThemeIOS::mediaControlsStyleSheet):
(WebCore::RenderThemeIOS::modernMediaControlsStyleSheet):
(WebCore::RenderThemeIOS::mediaControlsScript):
(WebCore::RenderThemeIOS::mediaControlsBase64StringForIconNameAndType):

• rendering/RenderThemeMac.mm:

(WebCore::RenderThemeMac::mediaControlsStyleSheet):
(WebCore::RenderThemeMac::modernMediaControlsStyleSheet):
(WebCore::RenderThemeMac::mediaControlsScript):
(WebCore::RenderThemeMac::mediaControlsBase64StringForIconNameAndType):

• testing/Internals.cpp:

(WebCore::Internals::getCurrentMediaControlsStatusForElement):

5:19 PM Changeset in webkit [259434] by Said Abou-Hallawa

• 3 edits in trunk/LayoutTests

[ iOS wk2 ] fast/images/exif-orientation-background-image-repeat.html is flaky failing.
<rdar://problem/60921187>

Unreviewed test gardening.

Add "image-rendering: pixelated;" to the elements which render images to avoid unintended anti-aliasing.

• fast/images/exif-orientation-background-image-repeat-expected.html:
• fast/images/exif-orientation-background-image-repeat.html:

5:18 PM Changeset in webkit [259433] by Alan Coon

• 8 edits in trunk/Source

Versioning.

5:16 PM Changeset in webkit [259432] by Russell Epstein

• 8 edits in branches/safari-610.1.7-branch/Source

Versioning.

5:16 PM Changeset in webkit [259431] by Alan Coon

• 8 edits in branches/safari-609.2.1.2-branch/Source

Versioning.

5:13 PM Changeset in webkit [259430] by eric.carlson@apple.com

• 3 edits in trunk/Source/WebCore

Don't call -[AVCapture startRunning] when interruption ends
​https://bugs.webkit.org/show_bug.cgi?id=209919
<rdar://problem/61090625>

Calling -[AVCaptureSession startRunning] after a VideoNotAllowedInSideBySide interruption
ends triggers a bug in AVCapture that hangs the app for several seconds, but restarting the
capture session isn't necessary because it will restart automatically in that case.

Reviewed by Youenn Fablet.

Tested manually.

• platform/mediastream/mac/AVVideoCaptureSource.h: Remove InterruptionReason enum, convert

m_interruption to m_interrupted bool

• platform/mediastream/mac/AVVideoCaptureSource.mm:

(WebCore::AVVideoCaptureSource::AVVideoCaptureSource): Remove InterruptionReason enum checking.
(WebCore::AVVideoCaptureSource::stopProducingData): m_interruption -> m_interrupted.
(WebCore::AVVideoCaptureSource::interrupted const): Ditto.
(WebCore::AVVideoCaptureSource::captureSessionBeginInterruption): Ditto.
(WebCore::AVVideoCaptureSource::captureSessionEndInterruption): Ditto. Don't restart the session.
(-[WebCoreAVVideoCaptureSourceObserver observeValueForKeyPath:ofObject:change:context:]):
Drive-by fix: always log notifications to help with debugging.

5:05 PM Changeset in webkit [259429] by Alan Coon

• 1 copy in tags/Safari-609.2.1.2.11

Tag Safari-609.2.1.2.11.

4:52 PM Changeset in webkit [259428] by ddkilzer@apple.com

• 2 edits in trunk/Source/WebCore

REGRESSION (r258525): Leak of NSMutableAttributedString in -[WebAccessibilityObjectWrapper doAXAttributedStringForTextMarkerRange:spellCheck:]
<​https://webkit.org/b/209932>
<rdar://problem/61228565>

Reviewed by Chris Fleizach.

• accessibility/mac/WebAccessibilityObjectWrapperMac.mm:

(-[WebAccessibilityObjectWrapper doAXAttributedStringForTextMarkerRange:spellCheck:]):
Move early return to avoid leaking NSMutableAttributedString.

4:41 PM Changeset in webkit [259427] by Alan Coon

• 1 copy in tags/Safari-609.2.3

Tag Safari-609.2.3.

4:36 PM Changeset in webkit [259426] by Russell Epstein

• 1 copy in tags/Safari-610.1.7.7

Tag Safari-610.1.7.7.

4:25 PM Changeset in webkit [259425] by pvollan@apple.com

• 4 edits in trunk/Source

Unreviewed build fix after r259396.

Source/WebCore/PAL:

• pal/spi/cocoa/LaunchServicesSPI.h:

Source/WebKit:

• Shared/mac/AuxiliaryProcessMac.mm:

4:22 PM Changeset in webkit [259424] by ysuzuki@apple.com

• 2 edits in trunk/Source/JavaScriptCore

[JSC] RecordedStatuses's assignment should be guarded by CodeBlock's lock
​https://bugs.webkit.org/show_bug.cgi?id=209935
<rdar://problem/59443383>

Reviewed by Mark Lam.

Previously RecordedStatuses are not touched by GC. But now, GC visits RecordedStatuses.
This means that modifying RecordedStatuses should be guarded by CodeBlock's lock if
it is reachable from CodeBlock.
In DFG::Plan::reallyAdd, we already installed DFG::JITCode into the CodeBlock so that
RecordedStatuses is reachable from CodeBlock. We should lock CodeBlock's lock while
performing WTFMove(RecordedStatuses).

We do not need to emit write-barrier here because (1) DFG::Plan::reallyAdd is executed
while GC is deferred and (2) we emit write-barrier to CodeBlock before deferred GC is executed.

• dfg/DFGPlan.cpp:

(JSC::DFG::Plan::reallyAdd):

4:18 PM Changeset in webkit [259423] by Nikita Vasilyev

• 2 edits in trunk/Source/WebInspectorUI

Web Inspector: Network tab summary bar jiggles
​https://bugs.webkit.org/show_bug.cgi?id=209927

Reviewed by Timothy Hatcher.

• UserInterface/Views/NetworkTableContentView.css:

(.network-table > .statistics > .statistic > .text):

3:52 PM Changeset in webkit [259422] by Keith Rollin

• 2 edits in trunk/Source/ThirdParty/libwebrtc

Sort libwebrtc Xcode project file

• libwebrtc.xcodeproj/project.pbxproj:

2:58 PM Changeset in webkit [259421] by ddkilzer@apple.com

• 2 edits in trunk/Source/WebKit

WebPageProxy attachment methods should return early if attachment element is not enabled
<​https://webkit.org/b/209451>
<rdar://problem/60253260>

Reviewed by Chris Dumez.

• UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::registerAttachmentIdentifierFromData):
(WebKit::WebPageProxy::registerAttachmentIdentifierFromFilePath):
(WebKit::WebPageProxy::registerAttachmentIdentifier):
(WebKit::WebPageProxy::registerAttachmentsFromSerializedData):
(WebKit::WebPageProxy::cloneAttachmentData):
(WebKit::WebPageProxy::serializedAttachmentDataForIdentifiers):
(WebKit::WebPageProxy::didInsertAttachmentWithIdentifier):

• Add a message check for the attachment element being enabled.

(WebKit::WebPageProxy::didRemoveAttachmentWithIdentifier): Ditto.

• Also add a missing message check to validate identifier.

2:51 PM Changeset in webkit [259420] by rniwa@webkit.org

• 2 edits in trunk/LayoutTests

[iOS wk2 Debug] imported/w3c/web-platform-tests/mathml/presentation-markup/scripts/cramped-001.html is failing
​https://bugs.webkit.org/show_bug.cgi?id=207077

Remove the flaky failing expectation since the test appears to be passing now.

• platform/ios-wk2/TestExpectations:

2:49 PM Changeset in webkit [259419] by Chris Dumez

• 16 edits in trunk/Source/WebCore

ActiveDOMObject::hasPendingActivity() should stop preventing wrapper collection after ActiveDOMObject::stop() has been called
​https://bugs.webkit.org/show_bug.cgi?id=209886

Reviewed by Ryosuke Niwa.

ActiveDOMObject::stop() gets called when the script execution context is about to be destroyed.
ActiveDOMObject objects should no longer run script after that and there is therefore no point
in keeping the JS wrapper alive once stop() has been called. Worse, depending on the
implementation of virtualHasPendingActivity(), keeping the wrapper alive past this point may
actually cause JS wrapper leaks. Some of the virtualHasPendingActivity() were properly checking
if the context was stopped but not all of them. To address the issue, we now check
ActiveDOMObject::isContextStopped() in the JS bindings, in addition to
ActiveDOMObject::hasPendingActivity(), so that it is no longer possible to keep a JS wrapper
alive past the point where the script execution context has been stopped. This new approach
is a lot less leak/error prone.

• Modules/indexeddb/IDBDatabase.cpp:

(WebCore::IDBDatabase::virtualHasPendingActivity const):

• Modules/indexeddb/IDBOpenDBRequest.cpp:

(WebCore::IDBOpenDBRequest::requestCompleted):

• Modules/indexeddb/IDBRequest.cpp:

(WebCore::IDBRequest::virtualHasPendingActivity const):
(WebCore::IDBRequest::stop):
(WebCore::IDBRequest::enqueueEvent):
(WebCore::IDBRequest::dispatchEvent):

• Modules/indexeddb/IDBRequest.h:
• Modules/indexeddb/IDBTransaction.cpp:

(WebCore::IDBTransaction::virtualHasPendingActivity const):
(WebCore::IDBTransaction::stop):
(WebCore::IDBTransaction::notifyDidAbort):
(WebCore::IDBTransaction::enqueueEvent):
(WebCore::IDBTransaction::dispatchEvent):

• Modules/indexeddb/IDBTransaction.h:
• Modules/mediastream/MediaDevices.cpp:

(WebCore::MediaDevices::virtualHasPendingActivity const):

• bindings/scripts/CodeGeneratorJS.pm:

(GenerateImplementation):

• bindings/scripts/test/JS/JSTestInterface.cpp:

(WebCore::JSTestInterfaceOwner::isReachableFromOpaqueRoots):

• bindings/scripts/test/JS/JSTestNamedConstructor.cpp:

(WebCore::JSTestNamedConstructorOwner::isReachableFromOpaqueRoots):

• css/FontFace.cpp:

(WebCore::FontFace::virtualHasPendingActivity const):

• dom/ActiveDOMObject.h:
• html/HTMLCanvasElement.cpp:

(WebCore::HTMLCanvasElement::virtualHasPendingActivity const):

• workers/service/ServiceWorkerRegistration.cpp:

(WebCore::ServiceWorkerRegistration::getOrCreate):
(WebCore::ServiceWorkerRegistration::update):
(WebCore::ServiceWorkerRegistration::unregister):
(WebCore::ServiceWorkerRegistration::queueTaskToFireUpdateFoundEvent):
(WebCore::ServiceWorkerRegistration::stop):
(WebCore::ServiceWorkerRegistration::virtualHasPendingActivity const):

• workers/service/ServiceWorkerRegistration.h:

2:48 PM Changeset in webkit [259418] by mark.lam@apple.com

• 3 edits in trunk/Source/JavaScriptCore

HeapSnapshotBuilder::analyzeNode() should filter out duplicate cells.
​https://bugs.webkit.org/show_bug.cgi?id=209929
<rdar://problem/60974478>

Reviewed by Keith Miller.

HeapSnapshot::finalize() assumes that its list of cells contain no duplicate cells.
HeapSnapshot::appendNode() expects to only be called once for a cell. It doesn't
check for duplicates.

However, with the concurrent GC marker, there’s a racy chance that the same cell
is visited more than once by SlotVisitor, and therefore, SlotVisitor may call
HeapSnapshotBuilder::analyzeNode() (and HeapSnapshot::appendNode()) more than once
for the same cell.

The easiest and cleanest fix for this is to simply keep a HashSet of appended
cells in HeapSnapshotBuilder while it is building the snapshot. We can then use
the hash set to filter out already appended cells, and avoid adding duplicates to
the HeapSnapshot.

• heap/HeapSnapshotBuilder.cpp:

(JSC::HeapSnapshotBuilder::buildSnapshot):
(JSC::HeapSnapshotBuilder::analyzeNode):

• heap/HeapSnapshotBuilder.h:

2:35 PM Changeset in webkit [259417] by Simon Fraser

• 2 edits
  10 adds in trunk/LayoutTests

Add some more scroll-latching tests
​https://bugs.webkit.org/show_bug.cgi?id=209924

Reviewed by Zalan Bujtas.

Add three scroll latching tests.

iframe-latch-small-deltas.html tests that starting a second scroll where the dominant
direction can't be determined re-uses the previous latching. This test currently fails.

overflow-in-iframe-latching.html tests a wheel over a scrolled-to-top overflow inside
a not-scrolled-to-top iframe; the iframe should scroll. This test currently fails.

latching-and-wheel-events.html tests that wheel events always go to the innermost target,
even if not latched, and don't propagate across frame boundaries. This test passes
the event propagation part, but fails in a similar way to overflow-in-iframe-latching.html .

• fast/scrolling/latching/iframe-latch-small-deltas-expected.txt: Added.
• fast/scrolling/latching/iframe-latch-small-deltas.html: Added.
• fast/scrolling/latching/latching-and-wheel-events-expected.txt: Added.
• fast/scrolling/latching/latching-and-wheel-events.html: Added.
• fast/scrolling/latching/overflow-in-iframe-latching-expected.txt: Added.
• fast/scrolling/latching/overflow-in-iframe-latching.html: Added.
• platform/mac-wk1/fast/scrolling/latching/iframe-latch-small-deltas-expected.txt: Added.
• platform/mac-wk1/fast/scrolling/latching/latching-and-wheel-events-expected.txt: Added.
• platform/mac-wk1/fast/scrolling/latching/overflow-in-iframe-latching-expected.txt: Added.
• resources/ui-helper.js:

(window.UIHelper.async mouseWheelScrollAt):
(window.UIHelper.async waitForScrollCompletion):

2:35 PM Changeset in webkit [259416] by Simon Fraser

• 4 edits in trunk/Source/WebCore

Rename some wheel-event related functions
​https://bugs.webkit.org/show_bug.cgi?id=209918

Reviewed by Zalan Bujtas.

Rename some functions to describe what they do, rather than being generic "platform" things, to make
the code easier to read.

Similarly, rename m_clearLatchingStateTimer for what it does.

• page/EventHandler.cpp:

(WebCore::EventHandler::EventHandler):
(WebCore::EventHandler::clearLatchedStateTimerFired):
(WebCore::EventHandler::determineWheelEventTarget):
(WebCore::EventHandler::recordWheelEventForDeltaFilter):
(WebCore::EventHandler::processWheelEventForScrolling):
(WebCore::EventHandler::processWheelEventForScrollSnap):
(WebCore::EventHandler::completeWidgetWheelEvent):
(WebCore::EventHandler::handleWheelEvent):
(WebCore::EventHandler::platformPrepareForWheelEvents): Deleted.
(WebCore::EventHandler::platformRecordWheelEvent): Deleted.
(WebCore::EventHandler::platformCompleteWheelEvent): Deleted.
(WebCore::EventHandler::platformNotifyIfEndGesture): Deleted.

• page/EventHandler.h:
• page/mac/EventHandlerMac.mm:

(WebCore::EventHandler::clearOrScheduleClearingLatchedStateIfNeeded):
(WebCore::EventHandler::determineWheelEventTarget):
(WebCore::EventHandler::recordWheelEventForDeltaFilter):
(WebCore::EventHandler::processWheelEventForScrolling):
(WebCore::EventHandler::processWheelEventForScrollSnap):
(WebCore::EventHandler::platformPrepareForWheelEvents): Deleted.
(WebCore::EventHandler::platformRecordWheelEvent): Deleted.
(WebCore::EventHandler::platformCompleteWheelEvent): Deleted.
(WebCore::EventHandler::platformNotifyIfEndGesture): Deleted.

1:52 PM Changeset in webkit [259415] by pvollan@apple.com

• 2 edits in trunk/Source/WebCore/PAL

Unreviewed build fix after r259396.

• pal/spi/cocoa/LaunchServicesSPI.h:

1:49 PM Changeset in webkit [259414] by Chris Dumez

• 5 edits in trunk/Source

[iOS] Replace UIKit background task with a RunningBoard FinishTaskInterruptable assertion
​https://bugs.webkit.org/show_bug.cgi?id=209825
<rdar://problem/61118503>

Reviewed by Geoffrey Garen.

Source/WebKit:

Replace UIKit background task with a RunningBoard FinishTaskInterruptable assertion on iOS.
Our UIProcess gets terminated too frequently when the UIKit background task expires when
the UIProcess holds it for longer than 30 seconds in the background. The RunningBoard
FinishTaskInterruptable assertion is supposed to be equivalent but would cause suspension
of our UIProcess on expiration, instead of termination.

• UIProcess/ios/ProcessAssertionIOS.mm:

(-[WKProcessAssertionBackgroundTaskManager init]):
(-[WKProcessAssertionBackgroundTaskManager _scheduleReleaseTask]):
(-[WKProcessAssertionBackgroundTaskManager _cancelPendingReleaseTask]):
(-[WKProcessAssertionBackgroundTaskManager _hasBackgroundTask]):
(-[WKProcessAssertionBackgroundTaskManager _updateBackgroundTask]):
(-[WKProcessAssertionBackgroundTaskManager assertionWillInvalidate:]):
(-[WKProcessAssertionBackgroundTaskManager assertion:didInvalidateWithError:]):
(-[WKProcessAssertionBackgroundTaskManager _handleBackgroundTaskExpiration]):
(-[WKProcessAssertionBackgroundTaskManager _releaseBackgroundTask]):

Source/WTF:

Add build-time flag for WebKit-specific assertion in RunningBoard.

• wtf/PlatformHave.h:

1:45 PM Changeset in webkit [259413] by Alan Coon

• 1 copy in tags/Safari-610.1.8

Tag Safari-610.1.8.

1:44 PM Changeset in webkit [259412] by Alan Coon

• 1 delete in tags/Safari-610.1.8

Delete tag.

1:41 PM Changeset in webkit [259411] by Alan Coon

• 1 copy in branches/safari-610.1.8-branch

New branch.

1:41 PM Changeset in webkit [259410] by pvollan@apple.com

• 2 edits in trunk/Source/WebKit

[iOS] Allow use of syscall from the WebContent sandbox
​https://bugs.webkit.org/show_bug.cgi?id=209920
<rdar://problem/58743778>

Reviewed by Darin Adler.

Add syscall to the WebContent sandbox on iOS.

• Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:

1:38 PM Changeset in webkit [259409] by Brent Fulgham

• 4 edits in trunk/Source/WebKit

[iOS] Remove use of 'apple-signed-executable?' from Sandbox
​https://bugs.webkit.org/show_bug.cgi?id=209914
<rdar://problem/45088481>

Reviewed by Per Arne Vollan.

Some of the rules imported from the system sandbox make decisions based on whether the software is
an apple-signed executable or not. This predicate is not relevant for the WebKit processes, and
should be removed (it is always apple-signed).

This patch makes the following changes:

1. Removes all uses of 'apple-signed-executable?' (since it is always true for WebKit).
2. Removed two iCloud preference reads that are not used in WebKit.
3. Switches from the deprecated 'com.apple.ReportCrash.SimulateCrash' XPC service to its

correct name 'com.apple.osanalytics.osanalyticshelper'.

Covered by existing regression tests.

• Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb:
• Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb:
• Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:

1:33 PM Changeset in webkit [259408] by dbates@webkit.org

• 3 edits
  4 adds in trunk

Traverse float descendants when computing event and touch-action regions
​https://bugs.webkit.org/show_bug.cgi?id=209896
<rdar://problem/61196287>

Reviewed by Antti Koivisto.

Source/WebCore:

Consider floating objects when computing the event region and touch-action region.
For touch-action hit testing this means that CSS touch-action is honored on floating
objects.

Tests: fast/scrolling/ios/event-region-float.html

pointerevents/ios/touch-action-region-float.html

• rendering/RenderBlock.cpp:

(WebCore::RenderBlock::paintObject):

LayoutTests:

Add tests to ensure that floating objects are considered when computing the
event region and touch-action regions. Without this change, event-region-float.html
would not create an event region at all and touch-action-region-float.html
would not list the floating objects with "touch-action: none".

• fast/scrolling/ios/event-region-float-expected.txt: Added.
• fast/scrolling/ios/event-region-float.html: Added.
• pointerevents/ios/touch-action-region-float-expected.txt: Added.
• pointerevents/ios/touch-action-region-float.html: Added.

1:28 PM Changeset in webkit [259407] by Alan Coon

• 1 copy in tags/Safari-610.1.8

Tag Safari-610.1.8.

1:20 PM Changeset in webkit [259406] by Jason_Lawrence

• 2 edits in trunk/LayoutTests

[ Mac wk1 Debug ] inspector/css/add-css-property.html is flaky timing out.
​https://bugs.webkit.org/show_bug.cgi?id=209921

Unreviewed test gardening.

• platform/mac-wk1/TestExpectations:

1:05 PM Changeset in webkit [259405] by Ryan Haddad

• 2 edits in trunk/LayoutTests

Unreviewed test gardening.

• platform/mac-wk1/TestExpectations: Mark http/tests/inspector/network/har/har-page-aggressive-gc.html

as slow for mac-wk1 debug.

12:58 PM Changeset in webkit [259404] by jer.noble@apple.com

• 4 edits in trunk/Source/WebCore

Hulu.com gets stuck in a "loading" state when seeking
​https://bugs.webkit.org/show_bug.cgi?id=209916
<rdar://problem/55041979>

Reviewed by Eric Carlson.

Hulu.com depends on the "canplay" event firing after a seek to hide their loading indicator.
The HTML spec says that "canplay" should only be fired when moving from the HAVE_CURRENT_DATA
to HAVE_FUTURE_DATA or greater, but when seeking within the buffered range, the readyState
never drops below HAVE_FUTURE_DATA. To work around this behavior, add a quirk for Hulu.com
that always fires "canplay" after a seek completes, so long as the readyState is HAVE_FUTURE_DATA
or higher.

• html/HTMLMediaElement.cpp:

(WebCore::HTMLMediaElement::seekTask):
(WebCore::HTMLMediaElement::finishSeek):

• page/Quirks.cpp:

(WebCore::Quirks::needsCanPlayAfterSeekedQuirk const):

• page/Quirks.h:

12:16 PM Changeset in webkit [259403] by ddkilzer@apple.com

• 2 edits in trunk/Tools

REGRESSION (r234685): Leak of CALayer in createCoreAnimationLayer() in PluginObjectMac.mm
<​https://webkit.org/b/209915>

Reviewed by Darin Adler.

• DumpRenderTree/TestNetscapePlugIn/PluginObjectMac.mm:

(createCoreAnimationLayer): Use RetainPtr<> to fix leak.

12:06 PM Changeset in webkit [259402] by Wenson Hsieh

• 10 edits
  2 adds in trunk

Avoid null deref after inserting a text field with a list attribute
​https://bugs.webkit.org/show_bug.cgi?id=209909
<rdar://problem/60742229>

Reviewed by Ryosuke Niwa.

Source/WebCore:

On macOS, when painting a text field with an associated datalist (i.e. HTMLInputElement::list() is non-null),
we assume that the datalist suggestions dropdown button has a renderer (in other words, it does not have a style
of display: none).

Existing logic in TextFieldInputType is responsible for upholding this invariant -- when the list attribute
changes on an input field (e.g. when we parse the list attribute, or when it is set by JavaScript), we update
the inline display style of m_dataListDropdownIndicator, such that it is set to display: none only if there
is either no list attribute, or the list attribute is empty, or the list does not refer to a connected datalist
element. However, there is one scenario in which this invariant is violated. Consider the following:

1. An input field is created, and its list attribute is set to "foo". Importantly, it is not connected yet.
2. A datalist element with id "foo" is then created and then added to the document.
3. The input field created in (1) is then added to the document.

In this scenario, listAttributeTargetChanged() is invoked after (1), but since it is not connected, it has no
datalist yet, and so m_dataListDropdownIndicator will remain non-rendered. When it is later added to the DOM,
nothing attempts to m_dataListDropdownIndicator even though its list attribute now refers to a datalist, so
it remains hidden. When we later go to paint the input's datalist dropdown button in
RenderThemeMac::paintListButtonForInput, we assume that the dropdown button must be rendered because the input
has a datalist and subsequently crash since buttonElement->renderer() remains null.

To fix this, we add logic to update the datalist dropdown button's inline display style when it is connected to
the document with an existing, non-empty list attribute.

Test: fast/forms/datalist/append-input-with-list-attribute.html

• html/HTMLInputElement.cpp:

(WebCore::HTMLInputElement::parseAttribute):
(WebCore::HTMLInputElement::didFinishInsertingNode):

Notify the InputType subclass that the datalist element may have changed after an input element is connected
to the document with a non-empty list attribute.

(WebCore::HTMLInputElement::dataListMayHaveChanged):
(WebCore::ListAttributeTargetObserver::idTargetChanged):
(WebCore::HTMLInputElement::listAttributeTargetChanged): Deleted.

Rename listAttributeTargetChanged to dataListMayHaveChanged, since it is no longer called only when the list
attribute changes value, but rather when the input's datalist element may have changed.

• html/HTMLInputElement.h:
• html/InputType.cpp:

(WebCore::InputType::dataListMayHaveChanged):
(WebCore::InputType::listAttributeTargetChanged): Deleted.

• html/InputType.h:
• html/RangeInputType.cpp:

(WebCore::RangeInputType::dataListMayHaveChanged):
(WebCore::RangeInputType::listAttributeTargetChanged): Deleted.

• html/RangeInputType.h:
• html/TextFieldInputType.cpp:

(WebCore::TextFieldInputType::dataListMayHaveChanged):
(WebCore::TextFieldInputType::listAttributeTargetChanged): Deleted.

• html/TextFieldInputType.h:

LayoutTests:

Add a layout test to exercise the crashing scenario, and verify that the end result of programmatically
inserting the text field is identical to simply putting an input field with a datalist in the markup.

• fast/forms/datalist/append-input-with-list-attribute-expected.html: Added.
• fast/forms/datalist/append-input-with-list-attribute.html: Added.

11:57 AM Changeset in webkit [259401] by Darin Adler

• 52 edits in trunk

Remove all uses of live ranges from TextIterator
​https://bugs.webkit.org/show_bug.cgi?id=209723

Reviewed by Antti Koivisto.

Source/WebCore:

• Replaced TextIterator::getLocationAndLengthFromRange with a function named characterRange that computes a CharacterRange given a scope and a range.
• Removed the overload of plainText that takes a pointer to a live range.
• Update the many callers of plainText that pass a pointer to a live range to pass a reference instead, adding null checks as needed to preserve behavior.
• Rewrote some call sites to not use live ranges at all, or use them minimally.

• accessibility/AccessibilityObject.cpp:

(WebCore::AccessibilityObject::nextSentenceEndPosition const): Streamlined
the logic in this function, using a smaller number of null checks since the
functions we are calling also do null checks, simpler variable names and
fewer local variables. Pass a reference to a live range rather than a
pointer to the plainText function.
(WebCore::AccessibilityObject::previousSentenceStartPosition const): Ditto.
(WebCore::AccessibilityObject::nextParagraphEndPosition const): Ditto.
(WebCore::AccessibilityObject::previousParagraphStartPosition const): Ditto.

• accessibility/AccessibilityRenderObject.cpp:

(WebCore::AccessibilityRenderObject::textUnderElement const): Ditto.
(WebCore::boundsForRects): Converted this to a file-local function and changed
it to take a SimpleRange instead of a live range.
(WebCore::AccessibilityRenderObject::boundsForVisiblePositionRange const): Pass
a reference to a live range instead of a pointer.
(WebCore::AccessibilityRenderObject::boundsForRange const): Ditto.

• accessibility/AccessibilityRenderObject.h: Removed boundsForRects.

• accessibility/mac/WebAccessibilityObjectWrapperMac.mm:

(-[WebAccessibilityObjectWrapper _convertToNSRange:]): Rewrote to use
characterRange instead of TextIterator::getLocationAndLengthFromRange.

• dom/BoundaryPoint.h:

(WebCore::makeBoundaryPointBeforeNodeContents): Added.

• dom/Element.cpp:

(WebCore::Element::innerText): Pass a SimpleRange instead of a live range
to the plainText function.

• dom/Range.cpp:

(WebCore::Range::text const): Pass a reference to a live range instead of a
pointer to the plainText function.

• dom/SimpleRange.cpp:

(WebCore::makeBoundaryPointAfterNodeContents): Added.
(WebCore::makeRangeSelectingNodeContents): Use makeBoundaryPointBeforeNodeContents
and makeBoundaryPointAfterNodeContents

• editing/AlternativeTextController.cpp:

(WebCore::AlternativeTextController::applyPendingCorrection): Pass a reference
to a live range to plainText.
(WebCore::AlternativeTextController::show): Ditto.
(WebCore::AlternativeTextController::timerFired): Ditto.
(WebCore::AlternativeTextController::handleAlternativeTextUIResult): Ditto.
(WebCore::AlternativeTextController::recordAutocorrectionResponse): Ditto. Also
take a SimpleRange argument.
(WebCore::AlternativeTextController::markPrecedingWhitespaceForDeletedAutocorrectionAfterCommand):
Ditto.
(WebCore::AlternativeTextController::respondToMarkerAtEndOfWord):Ditto.

• editing/AlternativeTextController.h: Update for the above changes.

• editing/Editor.cpp:

(WebCore::Editor::markMisspellingsAfterTypingToWord): Pass a reference
to a live range to plainText.
(WebCore::correctSpellcheckingPreservingTextCheckingParagraph): Ditto.
Also refactor for simplicity and clarity.
(WebCore::Editor::markAndReplaceFor): Ditto.
(WebCore::Editor::changeBackToReplacedString): Ditto.
(WebCore::Editor::transpose): Ditto.
(WebCore::Editor::addRangeToKillRing): Ditto.
(WebCore::Editor::stringForCandidateRequest const): Ditto.

• editing/ReplaceRangeWithTextCommand.cpp:

(WebCore::ReplaceRangeWithTextCommand::doApply): Ditto.

• editing/ReplaceSelectionCommand.cpp:

(WebCore::ReplacementFragment::ReplacementFragment): Ditto.

• editing/SpellingCorrectionCommand.cpp:

(WebCore::SpellingCorrectionCommand::doApply): Ditto.

• editing/TextCheckingHelper.cpp:

(WebCore::TextCheckingParagraph::text const): Ditto.
(WebCore::TextCheckingHelper::findFirstMisspellingOrBadGrammar): Ditto.

• editing/TextIterator.cpp: Use more constexpr.

(WebCore::characterSubrange): Deleted. Moved the logic from this function
into the one place using it, the rangeForMatch function.
(WebCore::resolveCharacterLocation): Deleted. Moved to the header file.
(WebCore::TextIterator::getLocationAndLengthFromRange): Deleted.
(WebCore::plainText): Deleted the overload that takes a live range pointer.
(WebCore::plainTextUsingBackwardsTextIteratorForTesting): Deleted. Moved
the implementation to Internals. There's nothing special about the algorithm,
it uses SimplifiedBackwardsTextIterator in a simple way.
(WebCore::collapsedToBoundary): Deleted. Moved the code to the one place
it's used, the rangeForMatch function.
(WebCore::forEachMatch): Renamed from findPlainTextMatches and changed to
work without any use of live ranges and to use CharacterRange.
(WebCore::rangeForMatch): Rewrote to include more of the logic, removing
the collapsedToBoundary and characterSubrange functions, and to not use
any live ranges.
(WebCore::findClosestPlainText): Rewrote to tighten up the algorithm a
bit, break ties based on the search direction, and have less repetitive code.
(WebCore::findPlainText): Rewrote for clarity.

• editing/TextIterator.h: Removed the forward declaration of Range.

Removed the overload of plainText that takes a live range pointer. Moved
the functions that work with character ranges up to the top of the file,
grouped the other functions more logically. Deleted the
TextIterator::getLocationAndLengthFromRange function. Put some inline
function definitions here.

• editing/TypingCommand.cpp:

(WebCore::TypingCommand::markMisspellingsAfterTyping): Pass a reference
to a live range to plainText.

• editing/VisibleUnits.cpp:

(WebCore::charactersAroundPosition): Pass a SimpleRange to plainText
rather than a live range.

• editing/cocoa/DataDetection.mm:

(WebCore::detectItemAtPositionWithRange): Pass a reference to a live
range to plainText.

• editing/cocoa/DictionaryLookup.mm:

(WebCore::DictionaryLookup::rangeForSelection): Ditto.

• editing/cocoa/HTMLConverter.h: Tweaked #if a bit.

• editing/mac/DictionaryLookupLegacy.mm:

(WebCore::DictionaryLookup::rangeForSelection): Pass a reference to a
live range to plainText. Also rewrote logic to use mostly SimpleRange.
(WebCore::DictionaryLookup::rangeAtHitTestResult): Ditto.

• editing/markup.cpp:

(WebCore::StyledMarkupAccumulator::renderedTextRespectingRange): Ditto.

• html/HTMLTextAreaElement.cpp:

(WebCore::HTMLTextAreaElement::handleBeforeTextInsertedEvent const): Ditto.

• page/ContextMenuController.cpp:

(WebCore::ContextMenuController::contextMenuItemSelected): Ditto.

• page/DOMSelection.cpp:

(WebCore::DOMSelection::toString): Ditto.

• page/Page.cpp:

(WebCore::Page::replaceRangesWithText): Rewrote to replaces use of
TextIterator::getLocationAndLengthFromRange with characterRange.

• page/ios/FrameIOS.mm:

(WebCore::Frame::interpretationsForCurrentRoot const): Pass a
reference to a live range to plainText.

• testing/Internals.cpp:

(WebCore::Internals::locationFromRange): Use characterRange.
(WebCore::Internals::lengthFromRange): Ditto.
(WebCore::Internals::rangeAsTextUsingBackwardsTextIterator):
USe SimplifiedBackwardsTextIterator directly since we no longer have
the function plainTextUsingBackwardsTextIteratorForTesting.

Source/WebKit:

• Shared/EditingRange.cpp:

(WebKit::EditingRange::fromRange): Use characterRange.

• Shared/mac/AttributedString.h: Added a constructor that takes rvalue

references so we can initialize this slightly more efficiently.

• Shared/mac/AttributedString.mm:

(IPC::ArgumentCoder<WebKit::AttributedString>::decode): Pass rvalue
references when creating an AttributedString.

• UIProcess/mac/TextCheckerMac.mm:

(WebKit::TextChecker::updateSpellingUIWithGrammarString): Simplify the
code to remove some local variables that weren't helpful.

• WebProcess/WebPage/Cocoa/TextCheckingControllerProxy.h: Made the

annotatedSubstringBetweenPositions a static member function. Also used
const& argument types to cut down on reference count churn a bit.

• WebProcess/WebPage/Cocoa/TextCheckingControllerProxy.mm:

(WebKit::TextCheckingControllerProxy::rangeAndOffsetRelativeToSelection):
Streamlined and made this use characterCount instead of
TextIterator::getLocationAndLengthFromRange.
(WebKit::TextCheckingControllerProxy::replaceRelativeToSelection): Tweaked
the argument type.
(WebKit::TextCheckingControllerProxy::removeAnnotationRelativeToSelection):
Ditto. Also removed some unnecessary use of NSString.
(WebKit::TextCheckingControllerProxy::annotatedSubstringBetweenPositions):
Rewrote to no longer use live ranges.

• WebProcess/WebPage/Cocoa/WebPageCocoa.mm:

(WebKit::WebPage::getContentsAsAttributedString): Use construction and
rvalue references to tigten things up a bit.

• WebProcess/WebPage/WebFrame.cpp:

(WebKit::WebFrame::contentsAsString const): Use a SimpleRange instead of
a live range to pass to plainText.

• WebProcess/WebPage/glib/WebPageGLib.cpp:

(WebKit::WebPage::getPlatformEditorState const): Pass references to
live ranges to plainText.

• WebProcess/WebPage/ios/WebPageIOS.mm:

(WebKit::WebPage::updateSelectionWithDelta): Rewrote to minimize use of
live ranges.
(WebKit::WebPage::requestDocumentEditingContext): Ditto.

• WebProcess/WebPage/mac/WebPageMac.mm:

(WebKit::WebPage::getPlatformEditorState const): Pass reference to
a live range to plainText.

Source/WebKitLegacy/mac:

• WebCoreSupport/WebEditorClient.mm:

(WebEditorClient::updateSpellingUIWithGrammarString): Remove some unnecessary
use of local variabels for NSString.
(WebEditorClient::requestCandidatesForSelection): Pass a reference to a live
range to plainText.

• WebView/WebFrame.mm:

(-[WebFrame _stringForRange:]): Ditto.
(-[WebFrame _convertToNSRange:]): Use characterRange instead of
TextIterator::getLocationAndLengthFromRange.

Source/WebKitLegacy/win:

• WebFrame.cpp:

(WebFrame::string): Use a SimpleRange instead of a live range
to call plainText.

• WebView.cpp:

(WebView::selectedRangeForTesting): Use a SimpleRange instead
of a live range to call characterRange instead of
TextIterator::getLocationAndLengthFromRange.

LayoutTests:

• editing/text-iterator/find-string-on-flat-tree-expected.txt:
• editing/text-iterator/find-string-on-flat-tree.html:

Updated test for a progress where we properly find strings across a shadow boundary.

11:44 AM Changeset in webkit [259400] by Keith Rollin

• 2 edits in trunk/Source/WTF

Address static analysis warning in DataLog.cpp: Value stored to 'pathCharactersAvailable' is never read
​https://bugs.webkit.org/show_bug.cgi?id=202153
<rdar://problem/55671845>

Reviewed by David Kilzer.

Bug 168914 introduced some code that will initialize a variable to
zero, but then never use that variable afterwards. Address this by
removing the assignment.

• wtf/DataLog.cpp:

(WTF::setDataFile):

11:37 AM Changeset in webkit [259399] by ddkilzer@apple.com

• 20 edits in trunk

API::PageConfiguration may have conflicting preference values between WebPreferences and WebPreferencesStore::ValueMap instance variables
<​https://webkit.org/b/209678>
<rdar://problem/60981271>

Reviewed by Brent Fulgham.

Source/WebKit:

We fix this bug by removing
API::PageConfiguration::m_preferenceValues and
WebPageProxy::m_configurationPreferenceValues, and instead set
values directly on the WebPreferences object, which holds values
in its WebPreferencesStore instance variable. This change only
requires that the API::PageConfiguration object has
m_preferences set to a valid WebPreferences object before using
the settings APIs.

Covered by WKAttachment TestWebKitAPI tests and
editing/undo-manager layout tests, among others.

• UIProcess/API/APIPageConfiguration.cpp:

(API::PageConfiguration::copy const):

• Remove use of m_preferenceValues instance variable.
• UIProcess/API/APIPageConfiguration.h:
• Update headers after removing WebPreferencesStore.h.

(API::PageConfiguration::preferenceValues): Delete.

• Remove use of m_preferenceValues instance variable.

• UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView _setupPageConfiguration:]):

• Switch to use WebPreferences methods for settings.

• UIProcess/API/mac/WKView.mm:

(-[WKView initWithFrame:contextRef:pageGroupRef:relatedToPage:]):

• Create WebPreferences object for API::PageConfiguration object. This is what WebProcessPool::createWebPage() does when creating a WebPageProxy object.
• Switch to use WebPreferences method to set SystemLayoutDirection.

• UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::WebPageProxy):

• Remove initialization of m_configurationPreferenceValues.
• Switch to use WebPreferences method to set DisableScreenSizeOverride.

(WebKit::WebPageProxy::preferencesStore const):

• Simplify this method after removing m_configurationPreferenceValues.
• UIProcess/WebPageProxy.h:
• Remove m_configurationPreferenceValues.

Tools:

• TestWebKitAPI/Tests/WebKit/mac/GetBackingScaleFactor.mm:

(TestWebKitAPI::TEST):

• Fix WKView constructor to pass a valid WKPageGroupRef.

• WebKitTestRunner/TestController.cpp:

(WTR::updateTestOptionsFromTestHeader):

• WebKitTestRunner/TestOptions.h:

(WTR::TestOptions::hasSameInitializationOptions const):

• WebKitTestRunner/cocoa/TestControllerCocoa.mm:

(WTR::TestController::platformCreateWebView):

• Remove support for custom "enableUndoManagerAPI" setting since layout tests should use "internal:UndoManagerAPIEnabled" instead.

LayoutTests:

• editing/undo-manager/undo-manager-add-item-exceptions.html:
• editing/undo-manager/undo-manager-add-item.html:
• editing/undo-manager/undo-manager-delete-stale-undo-items.html:
• editing/undo-manager/undo-manager-interfaces.html:
• editing/undo-manager/undo-manager-item-labels.html:
• editing/undo-manager/undo-manager-keeps-wrapper-alive.html:
• editing/undo-manager/undo-manager-undo-redo-after-garbage-collection.html:
• Fix tests to use "internal:UndoManagerAPIEnabled=true" instead of custom "enableUndoManagerAPI=true" setting, which is being removed since it doesn't work after the changes to WebKit.

11:37 AM Changeset in webkit [259398] by pvollan@apple.com

• 3 edits in trunk/Source/WebCore/PAL

Unreviewed build fix.

• pal/spi/cocoa/CoreServicesSPI.h:
• pal/spi/cocoa/LaunchServicesSPI.h:

11:27 AM Changeset in webkit [259397] by Simon Fraser

• 2 edits in trunk/Source/ThirdParty/libwebrtc

Build fix after r259385.

Reviewed by David Kilzer, Youenn Fablet.

Convert isStandardFrameSize() into a lambda function since it only has one call site.

• Source/webrtc/sdk/objc/components/video_codec/RTCVideoEncoderH264.mm:

(-[RTCVideoEncoderH264 resetCompressionSessionWithPixelFormat:]):
(isStandardFrameSize): Deleted.

11:26 AM Changeset in webkit [259396] by pvollan@apple.com

• 6 edits
  1 add in trunk/Source

[macOS] Remove redundant call to check in with Launch Services
​https://bugs.webkit.org/show_bug.cgi?id=209911

Reviewed by Darin Adler.

Source/WebCore/PAL:

Move declarations to SPI header files.

• PAL.xcodeproj/project.pbxproj:
• pal/spi/cocoa/CoreServicesSPI.h: Added.
• pal/spi/cocoa/LaunchServicesSPI.h:

Source/WebKit:

There is no need to explicitly check in with Launch Services or call RegisterApplication in the WebContent process,
since this is handled when calling [NSApplication _accessibilityInitialize].

No new tests, since this only removes a redundant call, and should be covered by existing tests.

• Shared/mac/AuxiliaryProcessMac.mm:
• WebProcess/cocoa/WebProcessCocoa.mm:

(WebKit::WebProcess::platformInitializeWebProcess):
(WebKit::WebProcess::updateProcessName):
(WebKit::WebProcess::platformInitializeProcess):

11:12 AM Changeset in webkit [259395] by Chris Dumez

• 3 edits in trunk/LayoutTests

[ Mac wk1 ] fast/loader/child-frame-add-after-back-forward.html is flaky timing out.
​https://bugs.webkit.org/show_bug.cgi?id=209621
<rdar://problem/60937276>

Reviewed by Jonathan Bedard.

Update empty-document-goes-back.html to schedule the history.back() call *after* the load
event has been fired, so that a HistoryItem has actually been created.

• fast/loader/resources/empty-document-goes-back.html:
• platform/mac-wk1/TestExpectations:

11:07 AM Changeset in webkit [259394] by rniwa@webkit.org

• 2 edits in trunk/Source/WebCore

Remove a superflous blank line added in the previous commit as pointed out during the code review.

• html/HTMLFormElement.cpp:

(WebCore::HTMLFormElement::copyAssociatedElementsVector const):

11:04 AM Changeset in webkit [259393] by rniwa@webkit.org

• 13 edits in trunk/Source

HTMLFormElement should use WeakPtr to keep track of its associated elements
​https://bugs.webkit.org/show_bug.cgi?id=209894

Reviewed by Wenson Hsieh.

Source/WebCore:

Replaced the vector of raw pointers to FormAssociatedElement in HTMLFormElement by a vector
of WeakPtr to the equivalent HTMLElement. Most of code changes below are due to type of elements
in the vector changing from FormAssociatedElement to HTMLElement and needing conversion.

This patch also moves clearing of m_form from ~FormAssociatedElement to its subclasses'
destructors since we need to make a virtual function call to get HTMLElement* out of
FormAssociatedElement, which would be too late inside ~FormAssociatedElement.

No new tests since there should be no behavioral change.

• html/FormAssociatedElement.cpp:

(WebCore::FormAssociatedElement::~FormAssociatedElement): Assert that m_form had been cleared
instead of clearing it here.

• html/FormAssociatedElement.h:

(WebCore::FormAssociatedElement::clearForm): Added.

• html/FormController.cpp:

(WebCore::recordFormStructure):

• html/HTMLFormControlElement.cpp:

(WebCore::HTMLFormControlElement::~HTMLFormControlElement): Now calls clearForm. Also removed
the redundant comment.

• html/HTMLFormControlsCollection.cpp:

(WebCore::findFormAssociatedElement):
(WebCore::HTMLFormControlsCollection::unsafeFormControlElements const): Deleted.
(WebCore::HTMLFormControlsCollection::copyFormControlElementsVector const): Deleted.
(WebCore::HTMLFormControlsCollection::customElementAfter const):
(WebCore::HTMLFormControlsCollection::updateNamedElementCache const):

• html/HTMLFormControlsCollection.h:
• html/HTMLFormElement.cpp:

(WebCore::HTMLFormElement::~HTMLFormElement):
(WebCore::HTMLFormElement::removedFromAncestor):
(WebCore::HTMLFormElement::length const):
(WebCore::HTMLFormElement::textFieldValues const):
(WebCore::HTMLFormElement::resetAssociatedFormControlElements):
(WebCore::HTMLFormElement::formElementIndexWithFormAttribute):
(WebCore::HTMLFormElement::registerFormElement):
(WebCore::HTMLFormElement::removeFormElement):
(WebCore::HTMLFormElement::checkInvalidControlsAndCollectUnhandled):
(WebCore::HTMLFormElement::assertItemCanBeInPastNamesMap const):
(WebCore::HTMLFormElement::unsafeAssociatedElements const):
(WebCore::HTMLFormElement::copyAssociatedElementsVector const):

• html/HTMLFormElement.h:
• html/HTMLObjectElement.cpp:

(WebCore::HTMLObjectElement::~HTMLObjectElement): Added. Calls clearForm.

• html/HTMLObjectElement.h:

Source/WebKitLegacy/mac:

• WebView/WebHTMLRepresentation.mm:

(-[WebHTMLRepresentation elementWithName:inForm:]):
(-[WebHTMLRepresentation controlsInForm:]):

10:51 AM Changeset in webkit [259392] by commit-queue@webkit.org

• 20 edits in trunk

Add SPI to restrict loading to main resources or non-network loads
​https://bugs.webkit.org/show_bug.cgi?id=209893

Patch by Alex Christensen <​achristensen@webkit.org> on 2020-04-02
Reviewed by Tim Horton.

Source/WebCore:

This will allow two projects that currently use the injected bundle SPI to use these instead.
Covered by API tests.

• Modules/websockets/ThreadableWebSocketChannel.cpp:

(WebCore::ThreadableWebSocketChannel::validateURL):

• loader/ResourceLoadNotifier.cpp:

(WebCore::ResourceLoadNotifier::assignIdentifierToInitialRequest):
(WebCore::ResourceLoadNotifier::dispatchWillSendRequest):

• loader/ResourceLoadNotifier.h:
• page/Page.cpp:

(WebCore::m_loadsFromNetwork):
(WebCore::m_deviceOrientationUpdateProvider): Deleted.

• page/Page.h:

(WebCore::Page::loadsSubresources const):
(WebCore::Page::loadsFromNetwork const):

• page/PageConfiguration.h:

Source/WebKit:

• Shared/WebPageCreationParameters.cpp:

(WebKit::WebPageCreationParameters::encode const):
(WebKit::WebPageCreationParameters::decode):

• Shared/WebPageCreationParameters.h:
• UIProcess/API/APIPageConfiguration.cpp:

(API::PageConfiguration::copy const):

• UIProcess/API/APIPageConfiguration.h:

(API::PageConfiguration::loadsSubresources const):
(API::PageConfiguration::setLoadsSubresources):
(API::PageConfiguration::loadsFromNetwork const):
(API::PageConfiguration::setLoadsFromNetwork):

• UIProcess/API/Cocoa/WKWebViewConfiguration.mm:

(-[WKWebViewConfiguration _setLoadsFromNetwork:]):
(-[WKWebViewConfiguration _loadsFromNetwork]):
(-[WKWebViewConfiguration _setLoadsSubresources:]):
(-[WKWebViewConfiguration _loadsSubresources]):

• UIProcess/API/Cocoa/WKWebViewConfigurationPrivate.h:
• UIProcess/WebPageProxy.cpp:
• WebProcess/WebPage/WebPage.cpp:

(WebKit::m_processDisplayName):

Tools:

• TestWebKitAPI/Tests/WebKitCocoa/WKURLSchemeHandler-1.mm:
• TestWebKitAPI/cocoa/HTTPServer.h:

(TestWebKitAPI::HTTPServer::totalRequests const):

• TestWebKitAPI/cocoa/HTTPServer.mm:

(TestWebKitAPI::HTTPServer::respondToRequests):

10:36 AM Changeset in webkit [259391] by Jason_Lawrence

• 4 edits in trunk/LayoutTests

[ Mac wk2 Debug ] webrtc/datachannel/multiple-connections.html is flaky timing out.
​https://bugs.webkit.org/show_bug.cgi?id=209878

Unreviewed test gardening.

• platform/mac-wk1/TestExpectations:
• platform/mac-wk2/TestExpectations:
• platform/mac/TestExpectations:

9:39 AM Changeset in webkit [259390] by commit-queue@webkit.org

• 7 edits
  2 adds in trunk/Source

Enable offlineasm debug annotations for GCC
​https://bugs.webkit.org/show_bug.cgi?id=207119

Patch by Angelos Oikonomopoulos <Angelos Oikonomopoulos> on 2020-04-02
Reviewed by Darin Adler.

This simply reuses the existing code that generates debug
annotations, adding two workarounds for limitations in GCC and
GDB.

First, the .file directives that offlineasm inserts in inline asm
use file slots that conflict with those in the compilation unit
that includes LLIntAssembly.h (specifically,
LowLevelInterpreter.cpp). Clang's built-in assembler will
transparently fix that for us, but for GCC we need to
post-process the generated assembler.

Unfortunately, cmake doesn't allow us to introduce a compiler wrapper for a
single source file, so we need to create a separate target for it. This
wrapping only happens when building with GCC and the user has explicitly
requested debug information, either by selecting a Debug/RelWithDebInfo build
or setting GCC_OFFLINEASM_SOURCE_MAP.

Second, GDB will only look at the line table for a compilation unit if
it can first resolve the address to one of the known symbols in the
file. Introduce marker symbols to work around this bug.

• CMakeLists.txt:

9:12 AM Changeset in webkit [259389] by Jason_Lawrence

• 3 edits in trunk/LayoutTests

[ Mac and iOS ] svg/custom/animate-initial-pause-unpause.html is flaky timing out.
​https://bugs.webkit.org/show_bug.cgi?id=209908

Unreviewed test gardening.

• platform/ios-wk2/TestExpectations:
• platform/mac/TestExpectations:

8:59 AM Changeset in webkit [259388] by eric.carlson@apple.com

• 5 edits in trunk/Source/WebCore

[iOS] Allow WebKit to use camera in multi-tasking mode
​https://bugs.webkit.org/show_bug.cgi?id=209904

Reviewed by Youenn Fablet.

Source/WebCore:

• platform/mediastream/mac/AVVideoCaptureSource.mm:

(WebCore::AVVideoCaptureSource::setupSession):

Source/WebCore/PAL:

• pal/cocoa/AVFoundationSoftLink.h:
• pal/cocoa/AVFoundationSoftLink.mm:

8:58 AM Changeset in webkit [259387] by graouts@webkit.org

• 4 edits in trunk/Source/WebCore

Video previews on shutterstock.com don't play when tapped on iPadOS
​https://bugs.webkit.org/show_bug.cgi?id=209903
<rdar://problem/58844166>

Reviewed by Wenson Hsieh.

When tapping on a video preview after searching for a video on shutterstock.com, for instance on ​https://www.shutterstock.com/video/search/people,
we correctly enter the hover state thanks to our content observation heuristics, but the <video> preview inserted fails to play and show due to a
style rule setting a "display: none" style if the media-query "pointer: coarse" evaluates to true.

In order to improve this website's behavior on iPadOS, we add a new quirk that prevents the "pointer: coarse" media query from evaluating to true.
This new quirk, shouldPreventPointerMediaQueryFromEvaluatingToCoarse(), evaluates to true only for this this website.

• css/MediaQueryEvaluator.cpp:

(WebCore::pointerEvaluate):

• page/Quirks.cpp:

(WebCore::Quirks::shouldPreventPointerMediaQueryFromEvaluatingToCoarse const):

• page/Quirks.h:

8:44 AM Changeset in webkit [259386] by Kate Cheney

• 2 edits in trunk/Tools

Add additional WKAppBoundDomains to TestWebKitAPI's expectations after initializing eTLD+1 by default
​https://bugs.webkit.org/show_bug.cgi?id=209889
<rdar://problem/61184539>

Reviewed by Brent Fulgham.

Additional domains will now be included in TestWebKitAPI's
WKAppBoundDomains list after
​https://bugs.webkit.org/show_bug.cgi?id=209839 (Allow WKAppBoundDomains
to be initialized with eTLD+1 only (no protocol)).

• TestWebKitAPI/Tests/WebKitCocoa/InAppBrowserPrivacy.mm:

(TEST):

7:03 AM Changeset in webkit [259385] by youenn@apple.com

• 2 edits in trunk/Source/ThirdParty/libwebrtc

Temporarily restrict kVTVideoEncoderSpecification_RequiredLowLatency use to iOS
​https://bugs.webkit.org/show_bug.cgi?id=209902

Reviewed by Eric Carlson.

• Source/webrtc/sdk/WebKit/VideoProcessingSoftLink.h:

Our setup with this key does not work yet on MacOS, disable it for now on MacOS.

5:34 AM WebKitGTK/2.28.x edited by Adrian Perez de Castro

(diff)

5:07 AM Changeset in webkit [259384] by youenn@apple.com

• 3 edits
  3 adds in trunk

Debug crash: ASSERTION FAILED: m_ongoingFetches.contains(task.fetchIdentifier())
​https://bugs.webkit.org/show_bug.cgi?id=209743

Reviewed by Darin Adler.

Source/WebKit:

When context gets closed, we make ServiceWorkerFetchTask::m_serviceWorkerConnection null as it no longer
needs to send messages and does not need to unregister itself.

Test: http/wpt/service-workers/service-worker-crashing-while-fetching.https.html

• NetworkProcess/ServiceWorker/ServiceWorkerFetchTask.cpp:

(WebKit::ServiceWorkerFetchTask::contextClosed):

LayoutTests:

• http/wpt/service-workers/service-worker-crashing-while-fetching.https-expected.txt: Added.
• http/wpt/service-workers/service-worker-crashing-while-fetching.https.html: Added.
• http/wpt/service-workers/service-worker-lengthy-worker.js: Added.

(fetchTest):

4:00 AM Changeset in webkit [259383] by youenn@apple.com

• 30 edits in trunk

Remove synchronous termination of service workers
​https://bugs.webkit.org/show_bug.cgi?id=209666

Reviewed by Chris Dumez.

Source/WebCore:

Instead of supporting synchronous IPC to terminate a service worker, SWServerWorker will asynchronously ask for the service worker to terminate.
If it is not terminated after some time, SWServerWorker will then ask to terminate the process running the service worker.
Time is kept to 10 seconds.

We can then remove all synchronous related code related to termination.
We migrate the terminateServiceWorker internal API to be Promise based.

Covered by existing tests.

• testing/Internals.cpp:

(WebCore::Internals::terminateServiceWorker):

• testing/Internals.h:
• testing/Internals.idl:
• workers/service/ServiceWorkerProvider.h:
• workers/service/SWClientConnection.h:
• workers/service/WorkerSWClientConnection.cpp:
• workers/service/WorkerSWClientConnection.h:
• workers/service/server/SWServer.cpp:

(WebCore::SWServer::~SWServer):
(WebCore::SWServer::unregisterServiceWorkerClient):

• workers/service/server/SWServer.h:
• workers/service/server/SWServerToContextConnection.h:
• workers/service/server/SWServerWorker.cpp:

(WebCore::m_terminationTimer):
(WebCore::SWServerWorker::~SWServerWorker):
(WebCore::SWServerWorker::terminate):
(WebCore::SWServerWorker::startTermination):
(WebCore::SWServerWorker::terminateCompleted):
(WebCore::SWServerWorker::callTerminationCallbacks):
(WebCore::SWServerWorker::terminationTimerFired):
(WebCore::SWServerWorker::setState):
(WebCore::SWServerWorker::didFailHeartBeatCheck):

• workers/service/server/SWServerWorker.h:

(WebCore::SWServerWorker::terminate):

Source/WebKit:

Update IPC code according removal of synchronous termination of service worker.
Implement async-with-reply termination instead.

• NetworkProcess/ServiceWorker/WebSWServerConnection.cpp:

(WebKit::WebSWServerConnection::terminateWorkerFromClient):
(WebKit::WebSWServerConnection::fetchTaskTimedOut):

• NetworkProcess/ServiceWorker/WebSWServerConnection.h:
• NetworkProcess/ServiceWorker/WebSWServerConnection.messages.in:
• NetworkProcess/ServiceWorker/WebSWServerToContextConnection.cpp:

(WebKit::WebSWServerToContextConnection::terminateDueToUnresponsiveness):

• NetworkProcess/ServiceWorker/WebSWServerToContextConnection.h:
• WebProcess/Storage/WebServiceWorkerProvider.cpp:
• WebProcess/Storage/WebServiceWorkerProvider.h:
• WebProcess/Storage/WebSWClientConnection.cpp:

(WebKit::WebSWClientConnection::terminateWorkerForTesting):

• WebProcess/Storage/WebSWClientConnection.h:
• WebProcess/Storage/WebSWContextManagerConnection.cpp:
• WebProcess/Storage/WebSWContextManagerConnection.h:
• WebProcess/Storage/WebSWContextManagerConnection.messages.in:

LayoutTests:

• http/tests/workers/service/resources/postmessage-after-sw-process-crash.js:

(async event):

• http/tests/workers/service/resources/postmessage-after-terminate.js:

(async event):

• http/tests/workers/service/resources/postmessage-after-terminating-hung-worker.js:

(async event):

3:26 AM Changeset in webkit [259382] by Adrian Perez de Castro

• 2 edits in trunk/Source/WebKit

[WPE][GTK] Public API should not allow trying to register a special URI scheme
​https://bugs.webkit.org/show_bug.cgi?id=209900

Reviewed by Carlos Garcia Campos.

No new tests needed.

• UIProcess/API/glib/WebKitWebContext.cpp:

(webkit_web_context_register_uri_scheme): Use g_return_if_fail() to
check at the public API level whether the passed URI scheme is
special and bail out early.

3:09 AM Changeset in webkit [259381] by zandobersek@gmail.com

• 2 edits in trunk/Source/ThirdParty/libwebrtc

Unreviewed, fix libwebrtc build with GCC 9 after the M82 bump.

GCC 9 fails to process the FrameGeneratorCapturerConfig::ImageSlides::Crop
class, throwing an error due to the default member initializer for the
scroll_duration member being required before the end of the
encapsulating FrameGeneratorCapturerConfig::ImageSlides class.

This can be avoided by default-initializing the
FrameGeneratorCapturerConfig::ImageSlides::Crop member variable instead
of specific members of that class.

Similar fix will be pushed to the upstream repository.

• Source/webrtc/test/frame_generator_capturer.h:

2:12 AM WebKitGTK/2.28.x edited by berto@igalia.com

(diff)

1:45 AM Changeset in webkit [259380] by Carlos Garcia Campos

• 2 edits in trunk/Source/WebKit

[GTK] [2.28.0] The Yelp build crashes if DISPLAY is not set
​https://bugs.webkit.org/show_bug.cgi?id=209431

Reviewed by Carlos Alberto Lopez Perez.

Remove the assert when display is not X11 nor Wayland, and simply return false to ensure acceleration is not used.

• UIProcess/gtk/AcceleratedBackingStore.cpp:

(WebKit::AcceleratedBackingStore::checkRequirements):

12:43 AM Changeset in webkit [259379] by commit-queue@webkit.org

• 4 edits in trunk/Source/WebCore

Remove FrameLoader::addExtraFieldsToMainResourceRequest
​https://bugs.webkit.org/show_bug.cgi?id=209853

Patch by Rob Buis <​rbuis@igalia.com> on 2020-04-02
Reviewed by Darin Adler.

Remove FrameLoader::addExtraFieldsToMainResourceRequest since the call is
not needed in DocumentLoader and can be inlined in FrameLoader. The call
in DocumentLoader is no longer needed since adding the User-Agent header
is decoupled from addExtraFields functionality and the User-Agent header
will be added in CachedResourceLoader after any custom setting of the
user agent (setCustomUserAgent API).

Test: http/tests/navigation/useragent-reload.php

• loader/DocumentLoader.cpp:

(WebCore::DocumentLoader::startLoadingMainResource):

• loader/FrameLoader.cpp:

(WebCore::FrameLoader::load):
(WebCore::FrameLoader::addExtraFieldsToMainResourceRequest): Deleted.

• loader/FrameLoader.h: