Timeline



Apr 28, 2021:

8:55 PM Changeset in webkit [276748] by rniwa@webkit.org
  • 2 edits in trunk/Source/WebCore

Use a WeakHashSet for Document::m_mediaElements
https://bugs.webkit.org/show_bug.cgi?id=225082

Unreviewed. Address the review comments by Chris & Darin.

  • dom/Document.cpp:

(WebCore::Document::forEachMediaElement):

6:53 PM Changeset in webkit [276747] by Chris Dumez
  • 8 edits in trunk/Source/WebCore

Crash under WebCore::AudioNodeOutput::pull(WebCore::AudioBus*, unsigned long)
https://bugs.webkit.org/show_bug.cgi?id=225174
<rdar://77270701>

Unreviewed, revert r274767 as it introduced this crash.

  • Modules/webaudio/AudioNodeInput.cpp:

(WebCore::AudioNodeInput::connect):
(WebCore::AudioNodeInput::disconnect):
(WebCore::AudioNodeInput::disable):
(WebCore::AudioNodeInput::enable):
(WebCore::AudioNodeInput::bus):
(WebCore::AudioNodeInput::sumAllConnections):
(WebCore::AudioNodeInput::pull):

  • Modules/webaudio/AudioNodeInput.h:
  • Modules/webaudio/AudioNodeOutput.cpp:

(WebCore::AudioNodeOutput::disable):
(WebCore::AudioNodeOutput::enable):

  • Modules/webaudio/AudioParam.cpp:

(WebCore::AudioParam::calculateFinalValues):

  • Modules/webaudio/AudioSummingJunction.cpp:

(WebCore::AudioSummingJunction::addOutput):
(WebCore::AudioSummingJunction::removeOutput):
(WebCore::AudioSummingJunction::updateRenderingState):
(WebCore::AudioSummingJunction::maximumNumberOfChannels const):

  • Modules/webaudio/AudioSummingJunction.h:

(WebCore::AudioSummingJunction::renderingOutput):
(WebCore::AudioSummingJunction::renderingOutput const):
(WebCore::AudioSummingJunction::isConnected const):
(WebCore::AudioSummingJunction::numberOfConnections const):

  • Modules/webaudio/WebKitAudioPannerNode.cpp:

(WebCore::WebKitAudioPannerNode::notifyAudioSourcesConnectedToNode):

6:36 PM Changeset in webkit [276746] by Wenson Hsieh
  • 6 edits
    2 adds in trunk

[iOS] Coalesce adjacent selection geometries when rendering individual selection quads
https://bugs.webkit.org/show_bug.cgi?id=225054

Reviewed by Tim Horton.

Source/WebCore:

Add a heuristic to coalesce adjacent selection geometries when SelectionRenderingBehavior::UseIndividualQuads
is active. Currently, we pass them directly through to the list of coalesced geometries inside
RenderObject::collectSelectionGeometries, but this can lead to almost perfectly adjacent selection quads
showing a narrow gap in between their selection views.

Instead, we can detect this case where neighboring quads can be united into a single quad without significantly
changing the geometry. Rather than append the new selection geometry in this case, we simply adjust the last
selection geometry's quad so that it encompasses the new selection geometry as well, by extending the top right
and bottom right extent points of the last selection quad to the new selection quad's extent points.

See below for more details.

Test: fast/images/image-extraction/ios/coalesce-selection-rects-in-image-overlay.html

  • html/HTMLElement.h: WEBCORE_EXPORT a couple of helper methods.
  • rendering/RenderObject.cpp:

(WebCore::RenderObject::collectSelectionGeometriesInternal):

Avoid sorting selection geometries by bounding rect logicalLeft in the case where we're not coalescing
bounding rects (and also update the preceding comment accordingly).

(WebCore::coalesceSelectionGeometryWithAdjacentQuadsIfPossible):

Add a new helper to unite neighboring quads if: (1) the top right and bottom right of the current quad are very
close to the top left and bottom left of the next quad (respectively), and (2) the angle of rotation of the
bounding rect of the current quad is very close to that of the next quad.

(WebCore::RenderObject::collectSelectionGeometries):

Use the above helper method to either coalesce or append selection geometries to the final vector of coalesced
geometries.

Source/WebKit:

Make some further minor adjustments to selection behavior in image overlays on iOS. In particular, when using
selection handles to modify the selected range, shift the start and end of the selected range so that they're at
the beginning and end of text runs, respectively.

  • WebProcess/WebPage/ios/WebPageIOS.mm:

(WebKit::insideImageOverlay):
(WebKit::expandForImageOverlay):
(WebKit::rangeForPointInRootViewCoordinates):

LayoutTests:

Add a new layout test to verify that adjacent selection rects rotated by the same amount can be coalesced.

  • fast/images/image-extraction/ios/coalesce-selection-rects-in-image-overlay-expected.txt: Added.
  • fast/images/image-extraction/ios/coalesce-selection-rects-in-image-overlay.html: Added.
6:00 PM Changeset in webkit [276745] by commit-queue@webkit.org
  • 3 edits
    2 adds in trunk

[aspect-ratio] Treat border/padding correctly for box-sizing: border-box
https://bugs.webkit.org/show_bug.cgi?id=225015

Patch by Rob Buis <rbuis@igalia.com> on 2021-04-28
Reviewed by Darin Adler.

LayoutTests/imported/w3c:

Import WPT test for this.

  • web-platform-tests/css/css-sizing/aspect-ratio/block-aspect-ratio-035-expected.xht: Added.
  • web-platform-tests/css/css-sizing/aspect-ratio/block-aspect-ratio-035.html: Added.

Source/WebCore:

When computing logical height in aspect-ratio case, to compute the automatic
minimum size [1] for min-height: auto, the padding was always subtracted,
however it should only be subtracted in the box-sizing: content-box case.

Test: imported/w3c/web-platform-tests/css/css-sizing/aspect-ratio/block-aspect-ratio-035.html

[1] https://www.w3.org/TR/css-sizing-4/#aspect-ratio-minimum

  • rendering/RenderBox.cpp:

(WebCore::RenderBox::computeLogicalHeight const):

5:51 PM Changeset in webkit [276744] by Devin Rousso
  • 27 edits
    1 add in trunk

experiment with averaging sampling colors across the top of the page as the scroll area background
https://bugs.webkit.org/show_bug.cgi?id=224987
<rdar://problem/76251889>

Reviewed by Darin Adler.

Source/WebCore:

Tests: SampledPageTopColor.ZeroMaxDifference

SampledPageTopColor.NegativeMaxDifference
SampledPageTopColor.SolidColor
SampledPageTopColor.DifferentColorsWithoutOutlierBelowMaxDifference
SampledPageTopColor.DifferentColorsWithLeftOutlierAboveMaxDifference
SampledPageTopColor.DifferentColorsWithMiddleOutlierAboveMaxDifference
SampledPageTopColor.DifferentColorsWithRightOutlierAboveMaxDifference
SampledPageTopColor.DifferentColorsIndividuallyAboveMaxDifference
SampledPageTopColor.DifferentColorsCumulativelyAboveMaxDifference
SampledPageTopColor.DisplayP3
SampledPageTopColor.ExperimentalUseSampledPageTopColorForScrollAreaBackgroundColor

  • dom/Document.h:

(WebCore::Document::sampledPageTopColor const): Added.

  • dom/Document.cpp:

(WebCore::Document::enqueuePaintTimingEntryIfNeeded):
(WebCore::colorDifference): Added.
(WebCore::averageColor): Added.
(WebCore::Document::determineSampledPageTopColor): Added.
Wait until the first contentful paint before sampling. Don't sample if that location would
fall into a 3rd-party <iframe>. Currently use 5 snapshots across the top of the page,
allowing for one of either the first or last snapshot to be an outlier, which is not
included in the average of the other snapshots that's used as the final color value. If the
Lab color difference between any two snapshots (unless it's the first or last snapshot as
described above) or across all the (non-outlier) snapshots is too large, bail. Only enabled
if the SampledPageTopColorMaxDifference setting is greater than 0.

  • page/Page.h:
  • page/Page.cpp:

(WebCore::Page::sampledPageTopColor const): Added.

  • page/ChromeClient.h:

(WebCore::ChromeClient::didSamplePageTopColor const): Added.
Pass along the sampledPageTopColor to the UIProcess after it's determined or if the above
logic bails (so that the WKWebView can adjust _sampledPageTopColor to nil).

  • rendering/RenderLayerCompositor.cpp:

(WebCore::RenderLayerCompositor::rootBackgroundColorOrTransparencyChanged):
Use the sampledPageTopColor if the UseSampledPageTopColorForScrollAreaBackgroundColor
internal preference is enabled instead of the CSS background-color of the <html>/<body>.

Source/WebKit:

  • WebProcess/WebCoreSupport/WebChromeClient.h:
  • WebProcess/WebCoreSupport/WebChromeClient.cpp:

(WebKit::WebChromeClient::didSamplePageTopColor const): Added.

  • WebProcess/WebPage/WebPage.h:
  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::didSamplePageTopColor): Added.
Pass along the sampledPageTopColor to the UIProcess.

  • UIProcess/WebPageProxy.messages.in:
  • UIProcess/WebPageProxy.h:

(WebKit::WebPageProxy::sampledPageTopColor): Added.

  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::scrollAreaBackgroundColor const):
(WebKit::WebPageProxy::didSamplePageTopColor): Added.
Use the sampledPageTopColor if the UseSampledPageTopColorForScrollAreaBackgroundColor
internal preference is enabled instead of the CSS background-color of the <html>/<body>.

  • UIProcess/PageClient.h:

(WebKit::PageClient::sampledPageTopColorWillChange): Added.
(WebKit::PageClient::sampledPageTopColorDidChange): Added.

  • UIProcess/Cocoa/PageClientImplCocoa.h:
  • UIProcess/Cocoa/PageClientImplCocoa.mm:

(WebKit::PageClientImplCocoa::sampledPageTopColorWillChange): Added.
(WebKit::PageClientImplCocoa::sampledPageTopColorDidChange): Added.
Add ObjC KVO support for -[WKWebView _sampledPageTopColor].

  • UIProcess/API/Cocoa/WKWebViewPrivate.h:
  • UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView _setupPageConfiguration:]):
(-[WKWebView _sampledPageTopColor]): Added.

  • UIProcess/API/Cocoa/WKWebViewConfigurationPrivate.h:
  • UIProcess/API/Cocoa/WKWebViewConfiguration.mm:

(-[WKWebViewConfiguration init]):
(-[WKWebViewConfiguration copyWithZone:]):
(-[WKWebViewConfiguration _setSampledPageTopColorMaxDifference:]): Added.
(-[WKWebViewConfiguration _sampledPageTopColorMaxDifference]): Added.
Provide SPI to configure the SampledPageTopColorMaxDifference preference when
creating the WKWebView. Expose the result as _sampledPageTopColor SPI.

Source/WTF:

  • Scripts/Preferences/WebPreferences.yaml:

Add a SampledPageTopColorMaxDifference setting that controls both whether or not to sample
colors from the top of the page (only if value > 0) and the max Lab color difference allowed
across all samples.

  • Scripts/Preferences/WebPreferencesInternal.yaml:

Add a UseSampledPageTopColorForScrollAreaBackgroundColor internal setting that controls
whether the sampled page top color can be used as the overscroll area background color.

Tools:

  • TestWebKitAPI/Tests/WebKitCocoa/SampledPageTopColor.mm: Added.

(-[TestKVOWrapper initWithObservable:keyPath:callback:]):
(-[TestKVOWrapper dealloc]):
(-[TestKVOWrapper observeValueForKeyPath:ofObject:change:context:]):
(createWebViewWithSampledPageTopColorMaxDifference):
(waitForSampledPageTopColorToChangeForHTML):
(createHTMLGradientWithColorStops):
(TEST.SampledPageTopColor.ZeroMaxDifference):
(TEST.SampledPageTopColor.NegativeMaxDifference):
(TEST.SampledPageTopColor.SolidColor):
(TEST.SampledPageTopColor.DifferentColorsWithoutOutlierBelowMaxDifference):
(TEST.SampledPageTopColor.DifferentColorsWithLeftOutlierAboveMaxDifference):
(TEST.SampledPageTopColor.DifferentColorsWithMiddleOutlierAboveMaxDifference):
(TEST.SampledPageTopColor.DifferentColorsWithRightOutlierAboveMaxDifference):
(TEST.SampledPageTopColor.DifferentColorsIndividuallyAboveMaxDifference):
(TEST.SampledPageTopColor.DifferentColorsCumulativelyAboveMaxDifference):
(TEST.SampledPageTopColor.DisplayP3):
(TEST.SampledPageTopColor.ExperimentalUseSampledPageTopColorForScrollAreaBackgroundColor):

  • TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
5:45 PM Changeset in webkit [276743] by Robert Jenner
  • 2 edits in trunk/LayoutTests

[ iOS wk2 EWS ] imported/w3c/web-platform-tests/workers/interfaces/DedicatedWorkerGlobalScope/postMessage/structured-clone-message.html is flaky crash
https://bugs.webkit.org/show_bug.cgi?id=225169

Unreviewed test gardening.

  • platform/ios-simulator-wk2/TestExpectations: Updating expectations to Pass Crash due to a negative impact on EWS.
5:25 PM Changeset in webkit [276742] by Wenson Hsieh
  • 4 edits in trunk/Source

[iOS] Web content process occasionally crashes under VisibleSelection::adjustPositionForEnd
https://bugs.webkit.org/show_bug.cgi?id=225072
rdar://77159489

Reviewed by Darin Adler.

Source/WebCore:

Remove a helper method that was added in r276688, which we no longer need.

  • dom/Position.h:

(WebCore::Position::isInTreeScope const): Deleted.

Source/WebKit:

The fix for this crash that I landed in r276688 was based on a misunderstanding that accessing treeScope()
would trigger a null pointer deref if isInTreeScope() is false. This is not the case, since the treeScope
of a Node is a separate notion from whether that Node is connected to said tree scope.

Since this crash is really due to dereferencing a null container node in the case where selectionStart or
selectionEnd are null, a better fix is to just check the nullity of the container node.

  • WebProcess/WebPage/ios/WebPageIOS.mm:

(WebKit::rangeForPointInRootViewCoordinates):

5:17 PM Changeset in webkit [276741] by Kate Cheney
  • 2 edits in trunk/Source/WTF

Disable App Bound Requests on macOS
https://bugs.webkit.org/show_bug.cgi?id=225155
<rdar://problem/77288787>

App-bound requests is causing potential performance issues on macOS.
We should disable it while we investigate further.

Reviewed by Brent Fulgham.

  • wtf/PlatformEnableCocoa.h:
4:22 PM Changeset in webkit [276740] by basuke.suzuki@sony.com
  • 4 edits in trunk/Source

Suppress warnings for %{private}s format specifier
https://bugs.webkit.org/show_bug.cgi?id=225137

Reviewed by Alex Christensen.

Add PRIVATE_LOG_STRING macro which is defined depending on if
os_log() is used or rather old printf().
See also: https://bugs.webkit.org/show_bug.cgi?id=207478

Source/WebKit:

  • NetworkProcess/Classifier/ResourceLoadStatisticsDatabaseStore.cpp:

(WebKit::ResourceLoadStatisticsDatabaseStore::openITPDatabase):
(WebKit::ResourceLoadStatisticsDatabaseStore::enableForeignKeys):
(WebKit::ResourceLoadStatisticsDatabaseStore::currentTableAndIndexQueries):
(WebKit::ResourceLoadStatisticsDatabaseStore::columnsForTable):
(WebKit::ResourceLoadStatisticsDatabaseStore::addMissingColumnsToTable):
(WebKit::ResourceLoadStatisticsDatabaseStore::renameColumnInTable):
(WebKit::ResourceLoadStatisticsDatabaseStore::addMissingTablesIfNecessary):
(WebKit::ResourceLoadStatisticsDatabaseStore::isEmpty const):
(WebKit::ResourceLoadStatisticsDatabaseStore::insertObservedDomain):
(WebKit::ResourceLoadStatisticsDatabaseStore::relationshipExists const):
(WebKit::ResourceLoadStatisticsDatabaseStore::domainID const):
(WebKit::ResourceLoadStatisticsDatabaseStore::insertDomainRelationshipList):
(WebKit::ResourceLoadStatisticsDatabaseStore::populateFromMemoryStore):
(WebKit::ResourceLoadStatisticsDatabaseStore::mergeStatistic):
(WebKit::ResourceLoadStatisticsDatabaseStore::mergeStatistics):
(WebKit::ResourceLoadStatisticsDatabaseStore::incrementRecordsDeletedCountForDomains):
(WebKit::ResourceLoadStatisticsDatabaseStore::recursivelyFindNonPrevalentDomainsThatRedirectedToThisDomain):
(WebKit::ResourceLoadStatisticsDatabaseStore::markAsPrevalentIfHasRedirectedToPrevalent):
(WebKit::ResourceLoadStatisticsDatabaseStore::requestStorageAccess):
(WebKit::ResourceLoadStatisticsDatabaseStore::requestStorageAccessUnderOpener):
(WebKit::ResourceLoadStatisticsDatabaseStore::grandfatherDataForDomains):
(WebKit::ResourceLoadStatisticsDatabaseStore::ensurePrevalentResourcesForDebugMode):
(WebKit::ResourceLoadStatisticsDatabaseStore::clearTopFrameUniqueRedirectsToSinceSameSiteStrictEnforcement):
(WebKit::ResourceLoadStatisticsDatabaseStore::setUserInteraction):
(WebKit::ResourceLoadStatisticsDatabaseStore::clearUserInteraction):
(WebKit::ResourceLoadStatisticsDatabaseStore::hasHadUserInteraction):
(WebKit::ResourceLoadStatisticsDatabaseStore::setPrevalentResource):
(WebKit::ResourceLoadStatisticsDatabaseStore::setDomainsAsPrevalent):
(WebKit::ResourceLoadStatisticsDatabaseStore::predicateValueForDomain const):
(WebKit::ResourceLoadStatisticsDatabaseStore::clearPrevalentResource):
(WebKit::ResourceLoadStatisticsDatabaseStore::setGrandfathered):
(WebKit::ResourceLoadStatisticsDatabaseStore::setIsScheduledForAllButCookieDataRemoval):
(WebKit::ResourceLoadStatisticsDatabaseStore::getMostRecentlyUpdatedTimestamp const):
(WebKit::ResourceLoadStatisticsDatabaseStore::ensureResourceStatisticsForRegistrableDomain):
(WebKit::ResourceLoadStatisticsDatabaseStore::clearDatabaseContents):
(WebKit::ResourceLoadStatisticsDatabaseStore::removeDataForDomain):
(WebKit::ResourceLoadStatisticsDatabaseStore::cookieAccess):
(WebKit::ResourceLoadStatisticsDatabaseStore::clearGrandfathering):
(WebKit::ResourceLoadStatisticsDatabaseStore::pruneStatisticsIfNeeded):
(WebKit::ResourceLoadStatisticsDatabaseStore::updateLastSeen):
(WebKit::ResourceLoadStatisticsDatabaseStore::updateDataRecordsRemoved):
(WebKit::ResourceLoadStatisticsDatabaseStore::isCorrectSubStatisticsCount):
(WebKit::ResourceLoadStatisticsDatabaseStore::getDomainStringFromDomainID const):
(WebKit::ResourceLoadStatisticsDatabaseStore::appendSubStatisticList const):
(WebKit::ResourceLoadStatisticsDatabaseStore::resourceToString const):
(WebKit::ResourceLoadStatisticsDatabaseStore::domainIDExistsInDatabase):
(WebKit::ResourceLoadStatisticsDatabaseStore::updateOperatingDatesParameters):
(WebKit::ResourceLoadStatisticsDatabaseStore::includeTodayAsOperatingDateIfNecessary):
(WebKit::ResourceLoadStatisticsDatabaseStore::insertExpiredStatisticForTesting):
(WebKit::ResourceLoadStatisticsDatabaseStore::findPrivateClickMeasurement):
(WebKit::ResourceLoadStatisticsDatabaseStore::insertPrivateClickMeasurement):
(WebKit::ResourceLoadStatisticsDatabaseStore::markAllUnattributedPrivateClickMeasurementAsExpiredForTesting):
(WebKit::ResourceLoadStatisticsDatabaseStore::removeUnattributed):
(WebKit::ResourceLoadStatisticsDatabaseStore::allAttributedPrivateClickMeasurement):
(WebKit::ResourceLoadStatisticsDatabaseStore::clearPrivateClickMeasurement):
(WebKit::ResourceLoadStatisticsDatabaseStore::clearExpiredPrivateClickMeasurement):
(WebKit::ResourceLoadStatisticsDatabaseStore::privateClickMeasurementToString):
(WebKit::ResourceLoadStatisticsDatabaseStore::clearSentAttribution):
(WebKit::ResourceLoadStatisticsDatabaseStore::markAttributedPrivateClickMeasurementsAsExpiredForTesting):

Source/WTF:

  • wtf/Assertions.h:
4:00 PM Changeset in webkit [276739] by Cameron McCormack
  • 3 edits
    2 adds in trunk

Don't create custom scrollbars for fullscreen placeholders.
https://bugs.webkit.org/show_bug.cgi?id=225141
Source/WebCore:

<rdar://64800098>

Reviewed by Darin Adler.

We can end up calling RenderScrollbar::createCustomScrollbar with
element = nullptr from RenderLayerScrollableArea::createScrollbar,
when the renderer is a RenderFullscreenPlaceholder.

We don't need to bother with scrollbars for the placeholder, so check to
make sure we have a valid element before creating custom scollbars.

Test: fullscreen/full-screen-crash-custom-scrollbars.html

  • rendering/RenderLayerScrollableArea.cpp:

(WebCore::RenderLayerScrollableArea::createScrollbar):

LayoutTests:

Reviewed by Darin Adler.

  • fullscreen/full-screen-crash-custom-scrollbars-expected.txt: Added.
  • fullscreen/full-screen-crash-custom-scrollbars.html: Added.
3:50 PM Changeset in webkit [276738] by Russell Epstein
  • 1 copy in tags/Safari-611.2.6

Tag Safari-611.2.6.

3:49 PM Changeset in webkit [276737] by Chris Dumez
  • 2 edits in trunk/Source/WebCore

Make sure we invalidate the iterator in StorageMap::clear()
https://bugs.webkit.org/show_bug.cgi?id=225164

Reviewed by Alex Christensen.

I recently introduced StorageMap::clear() but failed to call invalidateIterator()
like we do in other StorageMap functions that modify the internal HashMap. Since
we cleared the HashMap, we don't want to be keeping a HashMap iterator around.
Looking at the code, I do not think this can cause crashes because the
index >= length() check would fail in StorageMap::key(unsigned). That said, it
is best not to keep a bad iterator around.

  • storage/StorageMap.cpp:

(WebCore::StorageMap::clear):

3:46 PM Changeset in webkit [276736] by Chris Dumez
  • 2 edits in trunk/LayoutTests

REGRESSION(r276689): [ iOS wk2 ] platform/ios/ios/storage/domstorage/5mb-quota.html is a constant text failure
https://bugs.webkit.org/show_bug.cgi?id=225160
<rdar://problem/77279334>

Reviewed by Jonathan Bedard.

Apply the same fix that was applied to storage/domstorage/quota.html in r276689. Use unicode characters
in the local storage strings so that the test still fails when it expects to, despite the new more
accurate string byte size calculation. This was using ASCII characters so it was not really reaching the
5MB quota.

  • platform/ios/ios/storage/domstorage/5mb-quota.html:
3:31 PM Changeset in webkit [276735] by Jonathan Bedard
  • 2 edits in trunk/Tools

[webkitpy] Refactor SimulatorDevice
https://bugs.webkit.org/show_bug.cgi?id=225158

Reviewed by Stephanie Lewis.

  • Scripts/webkitpy/xcode/simulated_device.py:

(SimulatedDeviceManager._get_device_identifier_for_type): Handle partially defined device types.
(SimulatedDevice.is_usable): Place Home Screen services into dictionary.

2:59 PM Changeset in webkit [276734] by commit-queue@webkit.org
  • 3 edits
    1 delete in trunk/Source/ThirdParty/ANGLE

Stop building libANGLE.a
https://bugs.webkit.org/show_bug.cgi?id=225162
<rdar://problem/57349384>

Patch by Alex Christensen <achristensen@webkit.org> on 2021-04-28
Reviewed by Alexey Proskuryakov.

Now that everyone's linking against the dylib, we don't need to build the static library any more.

  • ANGLE.xcodeproj/project.pbxproj:
  • Configurations/ANGLE-dynamic.xcconfig:
  • src/empty.cpp: Removed.
2:54 PM Changeset in webkit [276733] by rniwa@webkit.org
  • 9 edits in trunk

When IPC testing API is enabled, GPU process shouldn't kill Web Process
https://bugs.webkit.org/show_bug.cgi?id=225143
<rdar://70692277>

Reviewed by Chris Dumez.

Source/WebKit:

Set Connection::g_ignoreInvalidMessageForTesting on createGPUConnectionToWebProcess
when the IPC testing API is enabled.

Tests: IPCTestingAPI.CanSendSyncMessageToGPUProcess

IPCTestingAPI.CanSendAsyncMessageToGPUProcess
IPCTestingAPI.CanSendInvalidAsyncMessageToGPUProcessWithoutTermination

  • GPUProcess/GPUConnectionToWebProcess.cpp:

(WebKit::GPUConnectionToWebProcess::didReceiveInvalidMessage): Exit early without
killing the Web process if IPC testing API is enabled.

  • GPUProcess/GPUProcess.cpp:

(WebKit::GPUProcess::createGPUConnectionToWebProcess): Set the aforementioned flag
on the IPC connection.

  • Shared/GPUProcessConnectionParameters.h:

(WebKit::GPUProcessConnectionParameters): Added ignoreInvalidMessageForTesting.
(WebKit::GPUProcessConnectionParameters::encode const):
(WebKit::GPUProcessConnectionParameters::decode):

  • UIProcess/WebPageProxy.cpp:

(WebKit::m_limitsNavigationsToAppBoundDomains): Cleanup. Use a helper function.

  • UIProcess/WebProcessPool.cpp:

(WebKit::WebProcessPool::getGPUProcessConnection): Set the value of
GPUProcessConnectionParameters::ignoreInvalidMessageForTesting based on the value
of WebProcessProxy::m_ignoreInvalidMessageForTesting.

  • UIProcess/WebProcessProxy.h:

(WebKit::WebProcessProxy::ignoreInvalidMessageForTesting const): Added.

Tools:

Added tests for sending IPC messages to GPU process via IPC testing API.

  • TestWebKitAPI/Tests/WebKitCocoa/IPCTestingAPI.mm:

(IPCTestingAPI.CanSendInvalidAsyncMessageToUIProcessWithoutTermination): Renamed from
CanSendInvalidAsyncMessageWithoutTermination.
(IPCTestingAPI.CanSendInvalidSyncMessageToUIProcessWithoutTermination): Renamed from
CanSendInvalidMessageWithoutTermination.
(IPCTestingAPI.CanSendSyncMessageToGPUProcess): Added.
(IPCTestingAPI.CanSendAsyncMessageToGPUProcess): Added.
(IPCTestingAPI.CanSendInvalidAsyncMessageToGPUProcessWithoutTermination): Added.

1:07 PM Changeset in webkit [276732] by commit-queue@webkit.org
  • 3 edits in trunk/Source/WebKit

Unreviewed, reverting r276658.
https://bugs.webkit.org/show_bug.cgi?id=225161

Introduced perf regression

Reverted changeset:

"Enforce IOKit filtering"
https://bugs.webkit.org/show_bug.cgi?id=223937
https://trac.webkit.org/changeset/276658

1:03 PM Changeset in webkit [276731] by Chris Gambrell
  • 2 edits in trunk/LayoutTests

[ Win ] 4 http/tests/security/contentSecurityPolicy/ tests are failing
https://bugs.webkit.org/show_bug.cgi?id=225071
<rdar://problem/77172923>

Reviewed by Jonathan Bedard.

  • http/tests/resources/redirect.py:

(add_cache_control):
(addCacheControl): Deleted.

12:59 PM Changeset in webkit [276730] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebKit

REGRESSION(r275267) Network process crashes in Data::adoptMap
https://bugs.webkit.org/show_bug.cgi?id=225159
<rdar://77066555>

Patch by Alex Christensen <achristensen@webkit.org> on 2021-04-28
Reviewed by Geoffrey Garen.

There was a missing check to see if mapping was successful.

  • NetworkProcess/cache/NetworkCacheData.cpp:

(WebKit::NetworkCache::Data::mapToFile const):

12:35 PM Changeset in webkit [276729] by Wenson Hsieh
  • 8 edits
    2 adds in trunk

Fine-tune some more selection behaviors in image overlays
https://bugs.webkit.org/show_bug.cgi?id=225121

Reviewed by Tim Horton.

Source/WebCore:

Make some additional minor refinements to selection behaviors in image overlays.

Test: fast/images/image-extraction/mac/select-image-overlay-with-mouse-drag-2.html

DragAndDropTests.DragSelectedTextInImageOverlay

  • html/HTMLElement.cpp:

(WebCore::HTMLElement::updateWithImageExtractionResult):

Unless -webkit-user-select: none; is explicitly set, make each of the text containers under each line have
-webkit-user-select: all;, so that text selection snaps to the boundaries of each piece of text.

  • page/DragController.cpp:

(WebCore::DragController::startDrag):

Drive-by fix: avoid dragging image overlay text out as rich text.

  • page/EventHandler.cpp:

(WebCore::nodeToSelectOnMouseDownForNode):

Make an exception for image overlay text, such that we don't select text upon handling a "mousedown" event, even
though the text has -webkit-user-select: all;. Also, deploy RefPtr in a few places while I'm here.

(WebCore::expandSelectionToRespectSelectOnMouseDown):

Drive-by fix: deploy RefPtr in a few places.

Tools:

Add an API test to verify that selected text inside image overlays is dragged out as plain text only.

  • TestWebKitAPI/Tests/WebKit/simple-image-overlay.html:
  • TestWebKitAPI/Tests/WebKitCocoa/DragAndDropTests.mm:

(TEST):

LayoutTests:

Add a new layout test to verify that text selection expands to contain all text underneath selected text
containers.

  • fast/images/image-extraction/mac/select-image-overlay-with-mouse-drag-2-expected.html: Added.
  • fast/images/image-extraction/mac/select-image-overlay-with-mouse-drag-2.html: Added.
12:26 PM Changeset in webkit [276728] by commit-queue@webkit.org
  • 5 edits in trunk/LayoutTests/imported/w3c

[css-grid] Accurize expected result to 0.5 pixel for some contentSpaceAround tests in abspos
https://bugs.webkit.org/show_bug.cgi?id=225145

Patch by Ziran Sun <Ziran Sun> on 2021-04-28
Reviewed by Manuel Rego Casasnovas.

There is a 0.5 pixel difference on expected data width for some contentSpaceAround tests in grid
among platforms. This change is to sync the change in WPT and update expectation files.

  • web-platform-tests/css/css-grid/abspos/grid-positioned-items-content-alignment-001-expected.txt:
  • web-platform-tests/css/css-grid/abspos/grid-positioned-items-content-alignment-001.html:
  • web-platform-tests/css/css-grid/abspos/grid-positioned-items-content-alignment-rtl-001-expected.txt:
  • web-platform-tests/css/css-grid/abspos/grid-positioned-items-content-alignment-rtl-001.html:
12:00 PM Changeset in webkit [276727] by achristensen@apple.com
  • 8 edits in trunk

Add SPI to query whether a URL would be upgraded to HTTPS
https://bugs.webkit.org/show_bug.cgi?id=225154
<rdar://77269904>

Reviewed by Geoff Garen.

Source/WebCore:

Covered by API tests.

  • contentextensions/ContentExtensionsBackend.cpp:

(WebCore::ContentExtensions::ContentExtensionsBackend::shouldBeMadeSecure):

  • contentextensions/ContentExtensionsBackend.h:

Source/WebKit:

  • UIProcess/API/Cocoa/WKWebView.mm:

(+[WKWebView _shouldUpgradeToHTTPS:]):

  • UIProcess/API/Cocoa/WKWebViewPrivate.h:

Tools:

  • TestWebKitAPI/Tests/WebKitCocoa/WKWebViewConfiguration.mm:

(TEST):

11:53 AM Changeset in webkit [276726] by basuke.suzuki@sony.com
  • 2 edits in trunk/Source/WebCore

[clang] Remove implicit cast related warnings
https://bugs.webkit.org/show_bug.cgi?id=225139

Reviewed by Darin Adler.

Added explicit cast to suppress warning.
Behavior is not changed from implicit cast.

No new tests because there's no behavior change.

  • layout/inlineformatting/InlineLine.cpp:

(WebCore::Layout::Line::Run::removeTrailingLetterSpacing):

11:15 AM Changeset in webkit [276725] by Alan Coon
  • 1 copy in tags/Safari-607.3.13

Tag Safari-607.3.13.

11:12 AM Changeset in webkit [276724] by Alan Coon
  • 8 edits
    2 adds in branches/safari-607-branch/Source/WebCore

Apply patch. rdar://problem/77237713

11:07 AM Changeset in webkit [276723] by Alan Coon
  • 7 edits in branches/safari-607-branch/Source

Versioning.

WebKit-7607.3.13

10:56 AM Changeset in webkit [276722] by Jonathan Bedard
  • 2 edits in trunk/Tools

[configure-xcode-for-embedded-development] Support Xcode 12.5
https://bugs.webkit.org/show_bug.cgi?id=225127

Reviewed by Stephanie Lewis.

  • Scripts/configure-xcode-for-embedded-development: Add definition of

com.apple.package-type.mach-o-executable and com.apple.product-type.tool instead
of copying from the MacOS SDK.

10:27 AM Changeset in webkit [276721] by Brent Fulgham
  • 7 edits in trunk/Source/WebKit

[iOS] [GPU] The UI process should issue mach sandbox extensions to 'iconservices'
https://bugs.webkit.org/show_bug.cgi?id=225111
<rdar://problem/68366888>

Reviewed by Per Arne Vollan.

In Bug 205443 we did work to extend access to non-web-browsing services to the WebContent process only when
needed. This was lost in the transition to the GPU Process, and should be added back.

This change does the following:

  1. Adds sandbox extension handles for the iconservices (and related) services to the GPU process creation parameters.
  2. Updates the GPUProcessProxy to extend iconservices when waranted, and add them to the creation parameter structure.
  3. Updates the GPUProcess to consume the extensions (when granted).
  4. Makes a GPU process-specific version of the 'nonBrowserServices' static function for use by GPUProcessProxy. This is needed because fewer services are needed in the GPU process than in the WebContent process.
  5. Removes unused telemetry from the WebContent process sandbox.
  6. Switches the GPU process sandbox to deny iconservices (and related) by default, and to consume the extensions instead.

Tested by exisiting TestWebKitAPI tests.

  • GPUProcess/GPUProcess.cpp:

(WebKit::GPUProcess::initializeGPUProcess):

  • GPUProcess/GPUProcessCreationParameters.cpp:

(WebKit::GPUProcessCreationParameters::encode const):
(WebKit::GPUProcessCreationParameters::decode):

  • GPUProcess/GPUProcessCreationParameters.h:
  • Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb:
  • Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:
  • UIProcess/GPU/GPUProcessProxy.cpp:

(WebKit::GPUProcessProxy::GPUProcessProxy):

10:19 AM Changeset in webkit [276720] by commit-queue@webkit.org
  • 6 edits in trunk

Remove support for NPAPI plugins in WebView
https://bugs.webkit.org/show_bug.cgi?id=224449

Patch by Alex Christensen <achristensen@webkit.org> on 2021-04-28
Reviewed by Geoffrey Garen.

Source/WebKitLegacy/mac:

In r275912 I turned off all plugin support in WebView after looking into use of NP_Initialize, the entry point for NPAPI plugins.
That was too aggressive, as we found some use of the older WebKit plugin entry point, plugInViewWithArguments, and reverted in r276652.
This cuts out only support for NPAPI plugins for now.

  • WebCoreSupport/WebFrameLoaderClient.mm:

(WebFrameLoaderClient::createPlugin):

Source/WTF:

  • Scripts/Preferences/WebPreferencesInternal.yaml:

Tools:

  • DumpRenderTree/TestOptions.cpp:

(WTR::TestOptions::defaults):

10:13 AM Changeset in webkit [276719] by mark.lam@apple.com
  • 46 edits
    1 add in trunk

Fix exception assertions in light of the TerminationException.
https://bugs.webkit.org/show_bug.cgi?id=225128
rdar://76694909

Reviewed by Robin Morisset.

JSTests:

  • stress/suppress-TerminationException-in-JSFunction-prototypeForConstruction.js: Added.

Source/JavaScriptCore:

Some pre-existing functions assertNoException() or releaseAssertNoException().
These assertion may not be valid anymore in light of the TerminationException, and
require some fix up:

  1. If it makes sense to convert the assertion into an exception check, then do so.

For example, see objectPrototypeToString(), slow_path_create_this().

  1. If the assertion is at the end of a function just before it returns, or if the remaining code in the function will not be affected by the pending exception, then we can replace the assertion as follows:

assertNoException() => assertNoExceptionExceptTermination()
releaseAssertNoException() => releaseAssertNoExceptionExceptTermination()

For example, see objectPrototypeHasOwnProperty(), JSObject::getOwnNonIndexPropertyNames().

  1. If the assertion is in a function where perf is not absolutely critical, and the function isn't calling any other functions that will re-enter the VM or potentially get stuck in an infinite loop, then we can use a DeferTermination scope to defer termination.

For example, see Debugger::pauseIfNeeded(), SamplingProfiler::StackFrame::nameFromCallee().

  1. If the assertion is in an initializer function is only run once and adding exception checks would complicate the code more than it's worth (an engineering judgement), then use a DeferTermination scope.

For example, see ProgramExecutable::initializeGlobalProperties(), setupAdaptiveWatchpoint().

Some leaf (or near-leaf) functions that currently DECLARE_CATCH_SCOPE() may also
fall under this category.

For example, see JSFunction::prototypeForConstruction().

  • bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::addBigIntConstant):

  • debugger/Debugger.cpp:

(JSC::Debugger::pauseIfNeeded):

  • dfg/DFGOperations.cpp:

(JSC::DFG::JSC_DEFINE_JIT_OPERATION):

  • interpreter/Interpreter.cpp:

(JSC::notifyDebuggerOfUnwinding):
(JSC::Interpreter::executeProgram):
(JSC::Interpreter::debug):

  • interpreter/ShadowChicken.cpp:

(JSC::ShadowChicken::functionsOnStack):

  • jsc.cpp:

(runWithOptions):

  • parser/ParserArena.cpp:

(JSC::IdentifierArena::makeBigIntDecimalIdentifier):

  • runtime/AbstractModuleRecord.cpp:

(JSC::AbstractModuleRecord::finishCreation):

  • runtime/CommonSlowPaths.cpp:

(JSC::JSC_DEFINE_COMMON_SLOW_PATH):

  • runtime/ErrorInstance.cpp:

(JSC::ErrorInstance::sanitizedMessageString):
(JSC::ErrorInstance::sanitizedNameString):

  • runtime/ExceptionScope.h:

(JSC::ExceptionScope::assertNoExceptionExceptTermination):
(JSC::ExceptionScope::releaseAssertNoExceptionExceptTermination):

  • runtime/JSFunction.cpp:

(JSC::JSFunction::prototypeForConstruction):

  • runtime/JSGenericTypedArrayViewPrototypeFunctions.h:

(JSC::genericTypedArrayViewProtoFuncIncludes):
(JSC::genericTypedArrayViewProtoFuncIndexOf):
(JSC::genericTypedArrayViewProtoFuncLastIndexOf):
(JSC::genericTypedArrayViewPrivateFuncSubarrayCreate):

  • runtime/JSGlobalObject.cpp:

(JSC::setupAdaptiveWatchpoint):
(JSC::JSGlobalObject::init):
(JSC::JSGlobalObject::defineOwnProperty):
(JSC::JSGlobalObject::tryInstallSpeciesWatchpoint):

  • runtime/JSModuleLoader.cpp:

(JSC::printableModuleKey):

  • runtime/JSModuleNamespaceObject.cpp:

(JSC::JSModuleNamespaceObject::finishCreation):

  • runtime/JSObject.cpp:

(JSC::JSObject::ordinaryToPrimitive const):
(JSC::JSObject::getOwnNonIndexPropertyNames):

  • runtime/JSTemplateObjectDescriptor.cpp:

(JSC::JSTemplateObjectDescriptor::createTemplateObject):

  • runtime/JSTypedArrayViewPrototype.cpp:
  • runtime/ObjectPrototype.cpp:

(JSC::objectPrototypeHasOwnProperty):
(JSC::objectPrototypeToString):

  • runtime/ProgramExecutable.cpp:

(JSC::ProgramExecutable::initializeGlobalProperties):

  • runtime/SamplingProfiler.cpp:

(JSC::SamplingProfiler::StackFrame::nameFromCallee):

  • tools/JSDollarVM.cpp:

(JSC::JSC_DEFINE_HOST_FUNCTION):

Source/WebCore:

A few changes plus rebasing bindings test results.

  • Modules/plugins/QuickTimePluginReplacement.mm:

(WebCore::QuickTimePluginReplacement::installReplacement):

  • bindings/js/JSDOMExceptionHandling.cpp:

(WebCore::propagateExceptionSlowPath):
(WebCore::throwNotSupportedError):
(WebCore::throwInvalidStateError):
(WebCore::throwSecurityError):
(WebCore::throwDOMSyntaxError):
(WebCore::throwDataCloneError):

  • bindings/js/JSDOMGlobalObject.cpp:

(WebCore::JSC_DEFINE_HOST_FUNCTION):

  • bindings/js/JSDOMGlobalObjectTask.cpp:
  • bindings/js/JSDOMMapLike.cpp:

(WebCore::getBackingMap):

  • bindings/js/JSDOMSetLike.cpp:

(WebCore::getBackingSet):

  • bindings/js/JSMicrotaskCallback.h:

(WebCore::JSMicrotaskCallback::call):

  • bindings/js/SerializedScriptValue.cpp:

(WebCore::CloneDeserializer::readTerminal):

  • bindings/js/WritableStream.cpp:

(WebCore::WritableStreamInternal::callFunction):
(WebCore::WritableStream::lock):

  • bindings/scripts/CodeGeneratorJS.pm:

(GeneratePut):
(GeneratePutByIndex):
(GenerateDefineOwnProperty):

  • bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.cpp:

(WebCore::JSTestNamedAndIndexedSetterNoIdentifier::put):
(WebCore::JSTestNamedAndIndexedSetterNoIdentifier::putByIndex):
(WebCore::JSTestNamedAndIndexedSetterNoIdentifier::defineOwnProperty):

  • bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.cpp:

(WebCore::JSTestNamedAndIndexedSetterThrowingException::put):
(WebCore::JSTestNamedAndIndexedSetterThrowingException::putByIndex):
(WebCore::JSTestNamedAndIndexedSetterThrowingException::defineOwnProperty):

  • bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.cpp:

(WebCore::JSTestNamedAndIndexedSetterWithIdentifier::put):
(WebCore::JSTestNamedAndIndexedSetterWithIdentifier::putByIndex):
(WebCore::JSTestNamedAndIndexedSetterWithIdentifier::defineOwnProperty):

  • bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.cpp:

(WebCore::JSTestNamedSetterNoIdentifier::put):
(WebCore::JSTestNamedSetterNoIdentifier::putByIndex):
(WebCore::JSTestNamedSetterNoIdentifier::defineOwnProperty):

  • bindings/scripts/test/JS/JSTestNamedSetterThrowingException.cpp:

(WebCore::JSTestNamedSetterThrowingException::put):
(WebCore::JSTestNamedSetterThrowingException::putByIndex):
(WebCore::JSTestNamedSetterThrowingException::defineOwnProperty):

  • bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.cpp:

(WebCore::JSTestNamedSetterWithIdentifier::put):
(WebCore::JSTestNamedSetterWithIdentifier::putByIndex):
(WebCore::JSTestNamedSetterWithIdentifier::defineOwnProperty):

  • bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.cpp:

(WebCore::JSTestNamedSetterWithIndexedGetter::put):
(WebCore::JSTestNamedSetterWithIndexedGetter::putByIndex):
(WebCore::JSTestNamedSetterWithIndexedGetter::defineOwnProperty):

  • bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.cpp:

(WebCore::JSTestNamedSetterWithIndexedGetterAndSetter::put):
(WebCore::JSTestNamedSetterWithIndexedGetterAndSetter::putByIndex):
(WebCore::JSTestNamedSetterWithIndexedGetterAndSetter::defineOwnProperty):

  • bindings/scripts/test/JS/JSTestNamedSetterWithLegacyUnforgeableProperties.cpp:

(WebCore::JSTestNamedSetterWithLegacyUnforgeableProperties::put):
(WebCore::JSTestNamedSetterWithLegacyUnforgeableProperties::putByIndex):
(WebCore::JSTestNamedSetterWithLegacyUnforgeableProperties::defineOwnProperty):

  • html/HTMLMediaElement.cpp:

(WebCore::HTMLMediaElement::didAddUserAgentShadowRoot):
(WebCore::HTMLMediaElement::updateMediaControlsAfterPresentationModeChange):
(WebCore::HTMLMediaElement::getCurrentMediaControlsStatus):

9:54 AM Changeset in webkit [276718] by Alan Bujtas
  • 8 edits in trunk/Source/WebCore

Remove redundant RenderObject::isInFlowRenderFragmentedFlow
https://bugs.webkit.org/show_bug.cgi?id=225152

Reviewed by Antti Koivisto.

Now that RenderObject::isOutOfFlowRenderFragmentedFlow() is gone (r276707), isInFlowRenderFragmentedFlow() is really just a isRenderFragmentedFlow() check.

  • rendering/RenderBlock.cpp:

(WebCore::RenderBlock::selectionGaps):
(WebCore::isChildHitTestCandidate):

  • rendering/RenderBlockFlow.cpp:

(WebCore::RenderBlockFlow::updateStylesForColumnChildren):

  • rendering/RenderBox.cpp:

(WebCore::RenderBox::skipContainingBlockForPercentHeightCalculation const):

  • rendering/RenderBox.h:

(WebCore::RenderBox::canHaveOutsideFragmentRange const):

  • rendering/RenderLayer.cpp:

(WebCore::RenderLayer::shouldBeNormalFlowOnly const):
(WebCore::RenderLayer::updateLayerPositions):
(WebCore::RenderLayer::updatePagination):
(WebCore::RenderLayer::calculateClipRects const):

  • rendering/RenderObject.h:

(WebCore::RenderObject::isRenderGrid const):
(WebCore::RenderObject::isInFlowRenderFragmentedFlow const): Deleted.

  • rendering/updating/RenderTreeBuilderMultiColumn.cpp:

(WebCore::RenderTreeBuilder::MultiColumn::multiColumnDescendantInserted):

9:29 AM Changeset in webkit [276717] by youenn@apple.com
  • 6 edits
    2 adds in trunk

Set audio transceiver nMax to 1
https://bugs.webkit.org/show_bug.cgi?id=225149
<rdar://75956639>

Reviewed by Alex Christensen.

Source/WebCore:

Implement step 8.4 of https://w3c.github.io/webrtc-pc/#dom-rtcpeerconnection-addtransceiver and set nMax for audio to 1.

Test: webrtc/audio-addTransceiver.html

  • Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:

(WebCore::LibWebRTCMediaEndpoint::createTransceiverBackends):
(WebCore::LibWebRTCMediaEndpoint::addTransceiver):

  • Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.h:
  • Modules/mediastream/libwebrtc/LibWebRTCUtils.cpp:

(WebCore::fromRtpTransceiverInit):

  • Modules/mediastream/libwebrtc/LibWebRTCUtils.h:

LayoutTests:

  • webrtc/audio-addTransceiver-expected.txt: Added.
  • webrtc/audio-addTransceiver.html: Added.
8:44 AM Changeset in webkit [276716] by commit-queue@webkit.org
  • 4 edits in trunk/LayoutTests

Use will-change: opacity instead of will-change: transform in fixed-inside-sticky-no-stacking-context-2.html
https://bugs.webkit.org/show_bug.cgi?id=224910

Patch by Tim Nguyen <ntim@apple.com> on 2021-04-28
Reviewed by Antti Koivisto.

will-change: transform creates a containing block per-spec, which would affect this test, so we use a property
that can create a stacking context, but not a containing block (will-change: opacity).

  • platform/ios-simulator-wk2/TestExpectations:
  • scrollingcoordinator/ios/fixed-inside-sticky-no-stacking-context-2.html:
  • scrollingcoordinator/ios/fixed-inside-sticky-no-stacking-context-2-expected.html:
8:44 AM Changeset in webkit [276715] by Chris Dumez
  • 37 edits in trunk/Source

Drop ModernUnprefixedWebAudio & AudioWorklet experimental feature flags
https://bugs.webkit.org/show_bug.cgi?id=225130

Reviewed by Eric Carlson.

Drop ModernUnprefixedWebAudio & AudioWorklet experimental feature flags now that
these features have shipped. It also doesn't make sense to disable them given
that the prefixed WebAudio API is no longer exposed and there is no feature flag
to turn the legacy prefixed API back on.

Source/WebCore:

  • Modules/webaudio/AnalyserNode.idl:
  • Modules/webaudio/AudioBuffer.idl:
  • Modules/webaudio/AudioBufferSourceNode.idl:
  • Modules/webaudio/AudioContext.idl:
  • Modules/webaudio/AudioParamMap.idl:
  • Modules/webaudio/AudioProcessingEvent.idl:
  • Modules/webaudio/AudioWorklet.idl:
  • Modules/webaudio/AudioWorkletNode.idl:
  • Modules/webaudio/AudioWorkletNodeOptions.idl:
  • Modules/webaudio/BaseAudioContext.idl:
  • Modules/webaudio/BiquadFilterNode.idl:
  • Modules/webaudio/ChannelMergerNode.idl:
  • Modules/webaudio/ChannelSplitterNode.idl:
  • Modules/webaudio/ConstantSourceNode.idl:
  • Modules/webaudio/ConstantSourceOptions.idl:
  • Modules/webaudio/ConvolverNode.idl:
  • Modules/webaudio/DelayNode.idl:
  • Modules/webaudio/DynamicsCompressorNode.idl:
  • Modules/webaudio/GainNode.idl:
  • Modules/webaudio/IIRFilterNode.idl:
  • Modules/webaudio/MediaElementAudioSourceNode.idl:
  • Modules/webaudio/MediaStreamAudioDestinationNode.idl:
  • Modules/webaudio/MediaStreamAudioSourceNode.idl:
  • Modules/webaudio/OfflineAudioContext.idl:
  • Modules/webaudio/OscillatorNode.idl:
  • Modules/webaudio/PannerNode.idl:
  • Modules/webaudio/PeriodicWave.idl:
  • Modules/webaudio/StereoPannerNode.idl:
  • Modules/webaudio/WaveShaperNode.idl:

Source/WebKitLegacy/mac:

  • WebView/WebPreferenceKeysPrivate.h:
  • WebView/WebPreferences.mm:

(-[WebPreferences modernUnprefixedWebAudioEnabled]): Deleted.
(-[WebPreferences setModernUnprefixedWebAudioEnabled:]): Deleted.
(-[WebPreferences audioWorkletEnabled]): Deleted.
(-[WebPreferences setAudioWorkletEnabled:]): Deleted.

  • WebView/WebPreferencesPrivate.h:

Source/WTF:

  • Scripts/Preferences/WebPreferencesExperimental.yaml:
8:36 AM Changeset in webkit [276714] by Razvan Caliman
  • 4 edits
    1 add in trunk/Source/WebInspectorUI

Web Inspector: CSS Grid - measure usage of grid overlay options
https://bugs.webkit.org/show_bug.cgi?id=225060
<rdar://75843294>

Reviewed by BJ Burg.

Add telemetry instrumentation to track grid overlay configurations and time spent using them.

  • UserInterface/Base/Main.js:

(WI.contentLoaded):

  • UserInterface/Controllers/GridOverlayConfigurationDiagnosticEventRecorder.js: Added.

(WI.GridOverlayConfigurationDiagnosticEventRecorder):
(WI.GridOverlayConfigurationDiagnosticEventRecorder.get eventSamplingInterval):
(WI.GridOverlayConfigurationDiagnosticEventRecorder.prototype.setup):
(WI.GridOverlayConfigurationDiagnosticEventRecorder.prototype.teardown):
(WI.GridOverlayConfigurationDiagnosticEventRecorder.prototype._handleGridOverlayShown):
(WI.GridOverlayConfigurationDiagnosticEventRecorder.prototype._handleGridOverlayHidden):
(WI.GridOverlayConfigurationDiagnosticEventRecorder.prototype.handleEvent):
(WI.GridOverlayConfigurationDiagnosticEventRecorder.prototype._startEventSamplingTimer):
(WI.GridOverlayConfigurationDiagnosticEventRecorder.prototype._stopEventSamplingTimer):
(WI.GridOverlayConfigurationDiagnosticEventRecorder.prototype._sampleCurrentOverlayConfiguration):
(WI.GridOverlayConfigurationDiagnosticEventRecorder.prototype._didObserveUserInteraction):
(WI.GridOverlayConfigurationDiagnosticEventRecorder.prototype._handleWindowFocus):
(WI.GridOverlayConfigurationDiagnosticEventRecorder.prototype._handleWindowBlur):
(WI.GridOverlayConfigurationDiagnosticEventRecorder.prototype._handleWindowKeyDown):
(WI.GridOverlayConfigurationDiagnosticEventRecorder.prototype._handleWindowMouseDown):

  • UserInterface/Controllers/OverlayManager.js:

(WI.OverlayManager.prototype.hasVisibleGridOverlays):

  • UserInterface/Main.html:
8:29 AM WebKitGTK/2.32.x edited by Adrian Perez de Castro
(diff)
8:29 AM Changeset in webkit [276713] by Adrian Perez de Castro
  • 9 edits in releases/WebKitGTK/webkit-2.32/Source

Merge r275871 - [GStreamer] CaptureDevice monitor used from UIProcess
https://bugs.webkit.org/show_bug.cgi?id=222888

Patch by Philippe Normand <pnormand@igalia.com> on 2021-04-13
Source/WebCore:

Reviewed by Youenn Fablet .

Move the device observer infrastructure from the WebKit UserMediaProcessManager to the
RealtimeMediaSourceCenter.

  • platform/mediastream/CaptureDevice.h:

(WebCore::haveDevicesChanged):

  • platform/mediastream/RealtimeMediaSourceCenter.cpp:

(WebCore::RealtimeMediaSourceCenter::RealtimeMediaSourceCenter):
(WebCore::RealtimeMediaSourceCenter::Observer::~Observer):
(WebCore::RealtimeMediaSourceCenter::addDevicesChangedObserver):
(WebCore::RealtimeMediaSourceCenter::removeDevicesChangedObserver):
(WebCore::RealtimeMediaSourceCenter::captureDevicesChanged):
(WebCore::RealtimeMediaSourceCenter::triggerDevicesChangedObservers):
(WebCore::RealtimeMediaSourceCenter::setDevicesChangedObserver): Deleted.

  • platform/mediastream/RealtimeMediaSourceCenter.h:

(WebCore::RealtimeMediaSourceCenter::Observer::devicesChanged):

Source/WebKit:

Reviewed by Youenn Fablet.

GStreamer ports aim to reduce usage of the GStreamer library in the UIProcess and thus
should not relay capture devicechange monitoring to the UIProcess. For the long term we plan
to migrate media processing to the GPUProcess but for now we have to maintain the media
pipelines in the WebProcess. Initializing GStreamer in multiple processes (including the
UIProcess) has a significant performance impact on embedded platforms, that's why we try to
avoid it as much as possible.

The device monitoring code from the UserMediaProcessManager was partly moved to the
RealtimeMediaSourceCenter so that it can be easily reused by GStreamer ports from the
UserMediaPermissionRequestManager.

  • UIProcess/UserMediaProcessManager.cpp:

(WebKit::UserMediaProcessManager::UserMediaProcessManager):
(WebKit::UserMediaProcessManager::updateCaptureDevices):
(WebKit::UserMediaProcessManager::devicesChanged):
(WebKit::UserMediaProcessManager::beginMonitoringCaptureDevices):

  • UIProcess/UserMediaProcessManager.h:
  • WebProcess/MediaStream/UserMediaPermissionRequestManager.cpp:

(WebKit::UserMediaPermissionRequestManager::UserMediaPermissionRequestManager):
(WebKit::UserMediaPermissionRequestManager::updateCaptureDevices):
(WebKit::UserMediaPermissionRequestManager::DeviceObserver::devicesChanged):
(WebKit::UserMediaPermissionRequestManager::addDeviceChangeObserver):

  • WebProcess/MediaStream/UserMediaPermissionRequestManager.h:

(WebKit::UserMediaPermissionRequestManager::DeviceObserver::DeviceObserver):

8:20 AM Changeset in webkit [276712] by Chris Dumez
  • 2 edits in trunk/Source/WebKit

Crash under GPUProcessProxy::getGPUProcessConnection()
https://bugs.webkit.org/show_bug.cgi?id=224017
<rdar://75146104>

Reviewed by Darin Adler.

The crash would happen when replyToPendingMessages() get called in the AuxiliaryProcessProxy
destructor and there would be a pending getGPUProcessConnection() IPC. The lambda in
WebProcessPool::getGPUProcessConnection() would check if a WeakPtr to the WebProcessPool is
valid before calling ensureGPUProcess().getGPUProcessConnection(). However, at this point,
the WebProcessPool destructor is still running so the WeakPtr is still valid but
ensureGPUProcess().getGPUProcessConnection() will crash because the GPUProcessProxy
destructor has already run.

  • UIProcess/WebProcessPool.cpp:

(WebKit::WebProcessPool::~WebProcessPool):
Drop code that was causing the GPUProcessProxy to reply to all its pending IPC messages whenenever
a WebProcessPool gets destroyed. This is incorrect since a GPUProcessProxy may be shared by several
WebProcessPool objects. Note that the AuxiliaryProcessProxy destructor already takes care of
calling replyToPendingMessages().

(WebKit::WebProcessPool::getGPUProcessConnection):
Protect the WebProcessPool is the lambda to prevent the case where this lambda gets called and the
WebProcessPool & GPUProcessProxy are in the middle of destruction.

7:33 AM WebKitGTK/2.32.x edited by Adrian Perez de Castro
(diff)
7:33 AM Changeset in webkit [276711] by Adrian Perez de Castro
  • 3 edits in releases/WebKitGTK/webkit-2.32/Source/WebCore

Merge r275596 - [GStreamer] Only seek to change the rate un updatePlaybackRate() when needed
https://bugs.webkit.org/show_bug.cgi?id=224235

Reviewed by Alicia Boya Garcia.

A seek is used by MediaPlayerPrivateGStreamer to update the playback
rate used in the pipeline. There's a special case when the rate is 0.0.
This actually means "paused" and, when set, the pipeline is changed to
PAUSED and no updatePlaybackRate() call is made because of an early
return (and therefore, no seek). When the rate is restored to a
non-zero value, the pipeline is set again to PLAYING, but a
call to updatePlaybackRate() is done, which implies an unconditional
seek.

It should be possible to do the seek in updatePlaybackRate() only if the
rate changed with respect to the original one, instead of always doing
it. This would avoid unneeded seeks, which are complex operations that
can trigger collateral issues such as the one addressed in
https://bugs.webkit.org/show_bug.cgi?id=223742.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

(WebCore::MediaPlayerPrivateGStreamer::updatePlaybackRate): Only seek when the playback rate hasn't changed.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h: Document m_lastPlaybackRate purpose.
7:31 AM Changeset in webkit [276710] by Adrian Perez de Castro
  • 2 edits in releases/WebKitGTK/webkit-2.32/Source/WebCore

Merge r275757 - Unreviewed, GStreamer Thunder decryptor build fix after r275599

  • platform/graphics/gstreamer/eme/WebKitThunderDecryptorGStreamer.cpp:

(decrypt):

7:31 AM Changeset in webkit [276709] by Adrian Perez de Castro
  • 2 edits in releases/WebKitGTK/webkit-2.32/Source/WebCore

Merge r275654 - Unreviewed. Fixed build warning.

  • platform/graphics/gstreamer/eme/WebKitCommonEncryptionDecryptorGStreamer.h: Avoid C-linkage warning.
7:31 AM WebKitGTK/2.32.x edited by Adrian Perez de Castro
(diff)
7:31 AM Changeset in webkit [276708] by Adrian Perez de Castro
  • 11 edits in releases/WebKitGTK/webkit-2.32/Source/WebCore

Merge r275599 - [EME][GStreamer] Abort decryptor operations immediately and without errors on flush
https://bugs.webkit.org/show_bug.cgi?id=223742

Reviewed by Xabier Rodriguez-Calvar.

A decryptor transformInPlace() operation can cause potentially long waits in
two situations:

  • transformInPlace() is waiting to get the cdmProxy.
  • The CDMProxy::decrypt() method is internally waiting for a specific key to become available.

If a seek operation is performed during those long waits, the main thread will
be blocked until the seek finishes the conditions those long waits are waiting
for will never be fulfilled (because the operations that complete them happen
in the main thread, which is blocked), the internal wait timeouts will trigger
and the decoder will trigger an unrecoverable error.

The solution for this is to break the waits by issuing the right notifications,
and to detect the flushes performed by the seek, distinguising this special
"abort" case from a regular error, so that the situation is no longer
unrecoverable.

This solution involves changes in several layers. A public
CDMProxy::abortWaitingForKey() method is exposed to allow the decryptor to
awake the inner waitFor() that checks for the key. The cdmProxy wait is also
awaken in case there's no cdmProxy available yet.

In order to distinguish if the awakenings are caused by real errors (no
cdmProxy, no key available) or by a flush operation (caused by the seek), the
decryptor first needs to keep track of the "flushing" state and allow other
objects to know about it. CDMProxy is one of those objects, but due to layer
limitations it can't directly ask about it to the decryptor (it can't "see"
it).

A new CDMProxyDecryptionClient interface is created, and the decryptor will
hold an implementation of it (as CDMProxyDecryptorClientImplementation).
CDMProxy can then know the client isAborting(), and the client will know the
decryptor and will ask about it.

As the pipeline, and thus the decryptor, can be destroyed at any moment,
the client holds a WeakPtr to the decryptor and will only ask if isAborting()
if the pointer is still alive.

  • platform/encryptedmedia/CDMProxy.cpp:

(WebCore::CDMProxy::abortWaitingForKey const): Notify waiting threads.
(WebCore::CDMProxy::tryWaitForKeyHandle const): Take a client and ask it if it's aborting.
(WebCore::CDMProxy::getOrWaitForKeyHandle const): Pass the client along.
(WebCore::CDMProxy::getOrWaitForKeyValue const): Ditto.

  • platform/encryptedmedia/CDMProxy.h: Declaration and usage of the CDMProxyDecryptionClient interface.
  • platform/graphics/gstreamer/eme/CDMProxyClearKey.cpp:

(WebCore::CDMProxyClearKey::cencSetDecryptionKey): Pass the client along from the context.

  • platform/graphics/gstreamer/eme/CDMProxyClearKey.h: Store client in the cencDecryptContext.
  • platform/graphics/gstreamer/eme/CDMProxyThunder.cpp:

(WebCore::CDMProxyThunder::getDecryptionSession const): Pass the client along from the context.
(WebCore::CDMProxyThunder::decrypt): Abort operations aren't an error, so just trigger a warning if there's no session.

  • platform/graphics/gstreamer/eme/CDMProxyThunder.h: Store client in DecryptionContext.
  • platform/graphics/gstreamer/eme/WebKitClearKeyDecryptorGStreamer.cpp:

(decrypt): Ask for client to the superclass and store it in the context.

  • platform/graphics/gstreamer/eme/WebKitCommonEncryptionDecryptorGStreamer.cpp:

(CDMProxyDecryptionClientImplementation::CDMProxyDecryptionClientImplementation): Implementation of the CDMProxyDecryptionClient interface.
(CDMProxyDecryptionClientImplementation::isAborting): Ask if the decryptor is flushing.
(constructed): Initialize the client.
(transformInPlace): Check the flush status after waiting for the CDMProxy and for the decryption performed by the subclasses. Release the lock when not needed.
(isCDMProxyAvailable): Renamed mutex to be more generic.
(attachCDMProxy): Ditto. Also renamed condition for the same reason.
(sinkEventHandler): Manage isFlushing status and awake waits for cdmProxy or for session depending on the lifecycle stage.
(webKitMediaCommonEncryptionDecryptIsFlushing): Expose isFlushing status.
(webKitMediaCommonEncryptionDecryptGetCDMProxyDecryptionClient): Return Weak reference to the client.
(changeState): Renamed condition.
(setContext): Renamed mutex.

  • platform/graphics/gstreamer/eme/WebKitCommonEncryptionDecryptorGStreamer.h: New getters for isFlushing and the client.
  • platform/graphics/gstreamer/eme/WebKitThunderDecryptorGStreamer.cpp:

(decrypt): Ask for client to the superclass and store it in the context.

7:21 AM WebKitGTK/2.32.x edited by Adrian Perez de Castro
(diff)
6:30 AM Changeset in webkit [276707] by Alan Bujtas
  • 7 edits in trunk/Source/WebCore

Remove unused RenderObject::isOutOfFlowRenderFragmentedFlow
https://bugs.webkit.org/show_bug.cgi?id=225133

Reviewed by Simon Fraser.

Out-of-flow fragmented flows were originally added for CSS regions (r91760) to provide
an anonymous container for the region content. This is not to be confused with a multi-column box with
"position: absolute/fixed" (such content would still generate an in-flow fragment container).

  • rendering/RenderBox.cpp:

(WebCore::RenderBox::computeVisibleRectInContainer const):

  • rendering/RenderBoxModelObject.cpp:

(WebCore::RenderBoxModelObject::mapAbsoluteToLocalPoint const):

  • rendering/RenderElement.h:

(WebCore::RenderElement::canContainFixedPositionObjects const):

  • rendering/RenderLayer.cpp:

(WebCore::accumulateOffsetTowardsAncestor):
(WebCore::RenderLayer::hitTestContents const):
(WebCore::RenderLayer::calculateClipRects const):

  • rendering/RenderLayer.h:

(WebCore::RenderLayer::isRenderFragmentedFlow const):
(WebCore::RenderLayer::isOutOfFlowRenderFragmentedFlow const): Deleted.

  • rendering/RenderObject.h:

(WebCore::RenderObject::isInFlowRenderFragmentedFlow const):
(WebCore::RenderObject::isOutOfFlowRenderFragmentedFlow const): Deleted.

6:30 AM Changeset in webkit [276706] by commit-queue@webkit.org
  • 14 edits
    2 adds in trunk

Asserting that function or variable is accessed in a certain thread should be simpler and more robust
https://bugs.webkit.org/show_bug.cgi?id=224971

Patch by Kimmo Kinnunen <kkinnunen@apple.com> on 2021-04-28
Reviewed by Darin Adler.

Source/WebKit:

Use ThreadAssertions in RemoteGraphicsContextGL implementations
as an example.

  • GPUProcess/graphics/RemoteGraphicsContextGL.cpp:

(WebKit::RemoteGraphicsContextGL::RemoteGraphicsContextGL):
(WebKit::RemoteGraphicsContextGL::~RemoteGraphicsContextGL):
(WebKit::RemoteGraphicsContextGL::initialize):
(WebKit::RemoteGraphicsContextGL::stopListeningForIPC):
(WebKit::RemoteGraphicsContextGL::displayWasReconfigured):
(WebKit::RemoteGraphicsContextGL::workQueueInitialize):
(WebKit::RemoteGraphicsContextGL::workQueueUninitialize):
(WebKit::RemoteGraphicsContextGL::didComposite):
(WebKit::RemoteGraphicsContextGL::forceContextLost):
(WebKit::RemoteGraphicsContextGL::dispatchContextChangedNotification):
(WebKit::RemoteGraphicsContextGL::reshape):
(WebKit::RemoteGraphicsContextGL::prepareForDisplay):
(WebKit::RemoteGraphicsContextGL::synthesizeGLError):
(WebKit::RemoteGraphicsContextGL::getError):
(WebKit::RemoteGraphicsContextGL::ensureExtensionEnabled):
(WebKit::RemoteGraphicsContextGL::notifyMarkContextChanged):
(WebKit::RemoteGraphicsContextGL::paintRenderingResultsToCanvas):
(WebKit::RemoteGraphicsContextGL::paintCompositedResultsToCanvas):
(WebKit::RemoteGraphicsContextGL::paintImageDataToImageBuffer):
(WebKit::RemoteGraphicsContextGL::copyTextureFromMedia):
(WebKit::RemoteGraphicsContextGL::simulateEventForTesting):

  • GPUProcess/graphics/RemoteGraphicsContextGL.h:
  • GPUProcess/graphics/RemoteGraphicsContextGLCocoa.cpp:

(WebKit::RemoteGraphicsContextGLCocoa::platformWorkQueueInitialize):
(WebKit::RemoteGraphicsContextGLCocoa::prepareForDisplay):

  • GPUProcess/graphics/RemoteGraphicsContextGLFunctionsGenerated.h:

Source/WTF:

Adds support for more fine-grained thread assertion than
ASSERT(isMainThread()) / ASSERT(!isMainThread())

  • WTF.xcodeproj/project.pbxproj:
  • wtf/CMakeLists.txt:
  • wtf/Compiler.h:

Add NO_UNIQUE_ADDRESS which can be used to declare members that are empty in
RELEASE builds. The declaration avoids increasing the size of the enclosing type.
This should be used with ThreadAssertion:
class MyThreadAware {

....
NO_UNIQUE_ADDRESS ThreadAssertion m_ownerThread;

};

  • wtf/ThreadAssertions.h: Added.

Add ThreadAssertion class that can be held as a member of a type.
This allows consistent assertions that the code in the type
runs in the expected thread.

Add NamedAssertion& WTF::mainThread.
Add NamedAssertion& WTF::mainRunLoop.
These are only to be used in thread safety analysis phase. These are undefined
symbols, it is an error to reference them.

Adds functions assertIsMainThread() and assertIsMainRunLoop() to replace
patterns of ASSERT(isMainThread()), ASSERT(isMainRunLoop().
In addition to behaving as the direct ASSERT behaves, the functions
enable compile-time thread safety analysis to know that the calling
scope has the assertions. These can be optionally then used in the
function and member signatures to require the assertions.

Tools:

Add simple tests to make sure code in ThreadAssertions.h
compiles.

  • Scripts/generate-gpup-webgl:

Use ThreadAssertions in RemoteGraphicsContextGL implementation
as an example.

  • TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
  • TestWebKitAPI/Tests/WTF/ThreadAssertionsTest.cpp: Added.

(TestWebKitAPI::TEST):
(TestWebKitAPI::WTF_REQUIRES_LOCK):

5:25 AM Changeset in webkit [276705] by magomez@igalia.com
  • 2 edits in trunk/Source/WebCore

Unreviewed, fixing GTK and WPE build with external holepunch enabled after r269907.

  • platform/graphics/holepunch/MediaPlayerPrivateHolePunch.h: update signature of load method.
3:42 AM Changeset in webkit [276704] by aakash_jain@apple.com
  • 1 edit
    1 delete in trunk/Tools

Delete unused iExploder
https://bugs.webkit.org/show_bug.cgi?id=225118

Rubber-stamped by Alexey Proskuryakov.

  • iExploder: Removed.
3:35 AM WebKitGTK/2.32.x edited by Adrian Perez de Castro
(diff)
2:36 AM Changeset in webkit [276703] by Adrian Perez de Castro
  • 2 edits in releases/WebKitGTK/webkit-2.32/Source/WebCore

Merge r275528 - [GStreamer] At EOS, change position to match duration, not the other way around.
https://bugs.webkit.org/show_bug.cgi?id=224237

Reviewed by Philippe Normand.

The criteria used to check if playback has finished is currentTime >=
duration. Currently MediaPlayerPrivateGStreamer::didEnd() ensures this
in an awkward way: by changing the duration so that it matches
currentTime, rather than the other way around.

This meant a duration change at the end of playback most of the time,
with a slightly different duration each time, since currentTime is
cached periodically.

This patch reworks that function to work more naturally and less racy:

First, only if the stream doesn't have a set duration (e.g. live
stream), we set a duration to currentTime, as defined in the spec.

Second, at EOS we update currentTime to match duration, rather than
the other way around.

This patch doesn't introduce changes in test results.

  • platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

(WebCore::MediaPlayerPrivateGStreamer::didEnd):

2:36 AM WebKitGTK/2.32.x edited by Adrian Perez de Castro
(diff)
2:36 AM Changeset in webkit [276702] by Adrian Perez de Castro
  • 4 edits in releases/WebKitGTK/webkit-2.32

Merge r275634 - [GTK] webkit://gpu should print runtime libwpe and wpebackend-fdo versions
https://bugs.webkit.org/show_bug.cgi?id=224298

Patch by Michael Catanzaro <Michael Catanzaro> on 2021-04-07
Reviewed by Adrian Perez de Castro.

.:

  • Source/cmake/OptionsGTK.cmake:

Source/WebKit:

  • UIProcess/API/glib/WebKitProtocolHandler.cpp:

(WebKit::WebKitProtocolHandler::handleGPU):

2:36 AM Changeset in webkit [276701] by Adrian Perez de Castro
  • 4 edits
    2 adds in releases/WebKitGTK/webkit-2.32

Merge r275821 - [MSE][GStreamer] Crash in WebCore::PlaybackPipeline::addSourceBuffer when setting duration and preload is set to none
https://bugs.webkit.org/show_bug.cgi?id=224260

Patch by Philippe Normand <pnormand@igalia.com> on 2021-04-12
Reviewed by Xabier Rodriguez-Calvar.

Source/WebCore:

Disable delayed loading for the GStreamer MSE player, we want the MSE source element to be
configured ASAP, otherwise the playback pipeline will fail in various ways (duration
notifications sent too early, crashes in addSourceBuffer, crashes in attachTracks, and so
on).

Test: media/media-source/media-source-no-preload-set-duration-crash.html

  • platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp:

(WebCore::MediaPlayerPrivateGStreamerMSE::durationChanged):

LayoutTests:

  • media/media-source/media-source-no-preload-set-duration-crash-expected.txt: Added.
  • media/media-source/media-source-no-preload-set-duration-crash.html: Added.
2:32 AM WebKitGTK/2.32.x edited by Adrian Perez de Castro
(diff)
2:32 AM Changeset in webkit [276700] by Adrian Perez de Castro
  • 6 edits
    1 copy in releases/WebKitGTK/webkit-2.32/Source/JavaScriptCore

Merge r275920 - Move cloneUBreakIterator declaration to IntlWorkaround.h
https://bugs.webkit.org/show_bug.cgi?id=224511

Reviewed by Yusuke Suzuki.

Follow up to r275856. There's ultimately no reason IntlWorkaround.cpp needs to be headerless;
this was tied to some confusion about how to successfully include ubrk.h in two different ways.

  • JavaScriptCore.xcodeproj/project.pbxproj:
  • runtime/IntlSegmenter.cpp:
  • runtime/IntlSegmenter.h:
  • runtime/IntlSegments.cpp:
  • runtime/IntlWorkaround.cpp:
  • runtime/IntlWorkaround.h: Added.
2:32 AM Changeset in webkit [276699] by Adrian Perez de Castro
  • 6 edits
    1 add in releases/WebKitGTK/webkit-2.32/Source/JavaScriptCore

Merge r275856 - ICU 69 deprecates ubrk_safeClone in favor of ubrk_clone
https://bugs.webkit.org/show_bug.cgi?id=224093

Reviewed by Yusuke Suzuki.

In a shining example of "disappointing library practices", ICU 69 deprecates ubrk_safeClone in favor of
a new *draft* API ubrk_clone, meaning that no function with this functionality is exposed by default.

This patch introduces a function cloneUBreakIterator to abstract over this change; however, since we need to:

  1. confine the effects of disabling U_HIDE_DRAFT_API to a non-unified implementation file
  2. still be able to include ubrk.h from IntlSegmenter.h to instantiate ICUDeleter<ubrk_close> (*not* clone!)

...the new helper function is introduced in a *headerless* implementation file, IntlWorkaround.cpp.

  • JavaScriptCore.xcodeproj/project.pbxproj:
  • Sources.txt:
  • runtime/IntlSegmenter.cpp:

(JSC::IntlSegmenter::segment const):

  • runtime/IntlSegmenter.h:
  • runtime/IntlSegments.cpp:

(JSC::IntlSegments::createSegmentIterator):

  • runtime/IntlWorkaround.cpp: Added.

(JSC::cloneUBreakIterator):

1:51 AM Changeset in webkit [276698] by Manuel Rego Casasnovas
  • 8 edits
    2 adds in trunk

[selectors] Using a modifier key on an element makes it stop matching :focus-visible
https://bugs.webkit.org/show_bug.cgi?id=225075

Reviewed by Ryosuke Niwa.

LayoutTests/imported/w3c:

  • web-platform-tests/css/selectors/focus-visible-021-expected.txt: Added.
  • web-platform-tests/css/selectors/focus-visible-021.html: Added.

Source/WebCore:

When we used a modifier key on a element that was matching :focus-visible, we stopped matching :focus-visible.
That was wrong, we shouldn't just start matching :focus-visible when a modifier key is used but not the other way around.

This patches fixed that without doing any work if the element is already matching :focus-visible when the user type a key.

Test: imported/w3c/web-platform-tests/css/selectors/focus-visible-021.html

  • dom/Element.cpp:

(WebCore::shouldAlwaysHaveFocusVisibleWhenFocused): Helper method for inputs and content editable elements.
(WebCore::Element::setFocus): Use the new helper method.
(WebCore::Element::setHasFocusVisible): Add asserts to avoid setting/unsetting :focus-visible flag wrongly.

  • dom/Node.cpp:

(WebCore::Node::isContentEditable const): Just mark as const.
(WebCore::Node::isContentRichlyEditable const): Ditto.

  • dom/Node.h: Ditto.
  • page/EventHandler.cpp:

(WebCore::EventHandler::internalKeyEvent): Don't do anything regarding :focus-visible flag if the element already matches :focus-visible.

LayoutTests:

  • platform/ios/TestExpectations: Skip new test.
1:39 AM Changeset in webkit [276697] by Cameron McCormack
  • 3 edits
    2 adds in trunk

Make img elements perform source selection even when not in the document.
https://bugs.webkit.org/show_bug.cgi?id=222801

Reviewed by Ryosuke Niwa.

LayoutTests/imported/w3c:

  • web-platform-tests/html/semantics/embedded-content/the-img-element/source-media-outside-doc-expected.txt: Added.
  • web-platform-tests/html/semantics/embedded-content/the-img-element/source-media-outside-doc.html: Added.

Source/WebCore:

The rules for image source selection in the HTML spec do not prevent
them from running when an <img> is not in the document. So we update
HTMLImageElement to call selectImageSource() when inserted into and
removed from a <picture> without checking whether it's in a document.

Test: imported/w3c/web-platform-tests/html/semantics/embedded-content/the-img-element/source-media-outside-doc.html

  • html/HTMLImageElement.cpp:

(WebCore::HTMLImageElement::~HTMLImageElement): Remove useless call to
setPictureElement, since all it does is clear a weak pointer.
(WebCore::HTMLImageElement::insertedIntoAncestor):
(WebCore::HTMLImageElement::removedFromAncestor):

1:09 AM Changeset in webkit [276696] by commit-queue@webkit.org
  • 3 edits in trunk/Source/WebCore

Use a WeakHashSet for Document::m_mediaElements
https://bugs.webkit.org/show_bug.cgi?id=225082

Patch by Ian Gilbert <iang@apple.com> on 2021-04-28
Reviewed by Ryosuke Niwa.

Refactoring to use weak pointer instead of raw pointer.
No observable change of behavior.

  • dom/Document.cpp:

(WebCore::Document::registerMediaElement):
(WebCore::Document::unregisterMediaElement):
(WebCore::Document::forEachMediaElement):

  • dom/Document.h:
12:36 AM Changeset in webkit [276695] by commit-queue@webkit.org
  • 5 edits in trunk/Source

[WPE][GTK] More correct fixes for stack size issues on musl libc
https://bugs.webkit.org/show_bug.cgi?id=225099

Patch by Daniel Kolesa <Daniel Kolesa> on 2021-04-28
Reviewed by Adrian Perez de Castro.

Partial revert https://bugs.webkit.org/show_bug.cgi?id=210068

Source/JavaScriptCore:

After fixing the thread stack issues in WTF properly, we can revert
the JSC options changes, which are actually harmful since they result
in JSC being unstable. Previously, softReservedZoneSize was causing a
crash when set to 128K because of the main thread stack bounds, and
this is now fixed. We can keep the maxPerThreadStackUsage at 5M as
well; there is no fundamental difference from how things are done on
glibc anymore.

  • runtime/OptionsList.h:

Source/WTF:

While the changes in r236306 stopped JSC from crashing outright,
they are not correct, since they also make it rather unstable.

To counter this, increase stack size for threads on Linux with
non-glibc/bionic libcs to 1 megabyte, which is a robust enough
value that should always be sufficient.

While at it, the previous approach to musl thread stack size was
breaking use of DEFAULT_THREAD_STACK_SIZE_IN_KB (if defined) as
well as not properly taking care of the unused parameter. Move
the code to a more appropriate place, which solves these problems.

All this is however not enough, since there is still the main thread;
using pthread_attr_getstack on a main thread is not reliable since main
thread stacks are allowed to grow, and we expect the bounds to always
be constant. On glibc, this already behaved right, but e.g. on musl
(and possibly other C libraries) this is not necessarily the case - at
the point of the check, it was returning 128k (since that's the initial
size reserved by the kernel). Therefore, do the same thing as on Darwin
and use process resource limits to get the boundary on Linux as well.

This results in JavaScriptCore behaving correctly on musl libc and
allows us to drop the options special-casing that was in place.

  • wtf/StackBounds.cpp:

(WTF::StackBounds::currentThreadStackBoundsInternal):

  • wtf/Threading.cpp:

(WTF::stackSize):

12:07 AM Changeset in webkit [276694] by Cameron McCormack
  • 33 edits in trunk/LayoutTests

Fix some test typos.
https://bugs.webkit.org/show_bug.cgi?id=225040

Reviewed by Ryosuke Niwa.

  • http/tests/canvas/color-fonts/ctm-sbix-2.html:
  • http/tests/canvas/color-fonts/ctm-sbix-3.html:
  • http/tests/canvas/color-fonts/ctm-sbix-4.html:
  • http/tests/canvas/color-fonts/ctm-sbix.html:
  • http/tests/canvas/color-fonts/fill-color-sbix-2.html:
  • http/tests/canvas/color-fonts/fill-color-sbix-3.html:
  • http/tests/canvas/color-fonts/fill-color-sbix-4.html:
  • http/tests/canvas/color-fonts/fill-color-sbix.html:
  • http/tests/canvas/color-fonts/fill-color-shadow-ctm-sbix-expected.html:
  • http/tests/canvas/color-fonts/fill-color-shadow-ctm-sbix.html:
  • http/tests/canvas/color-fonts/fill-color-shadow-sbix-expected.html:
  • http/tests/canvas/color-fonts/fill-color-shadow-sbix.html:
  • http/tests/canvas/color-fonts/fill-gradient-sbix-2.html:
  • http/tests/canvas/color-fonts/fill-gradient-sbix-3.html:
  • http/tests/canvas/color-fonts/fill-gradient-sbix-4.html:
  • http/tests/canvas/color-fonts/fill-gradient-sbix.html:
  • http/tests/canvas/color-fonts/linedash-sbix-expected.html:
  • http/tests/canvas/color-fonts/linedash-sbix.html:
  • http/tests/canvas/color-fonts/stroke-color-sbix-expected.html:
  • http/tests/canvas/color-fonts/stroke-color-sbix.html:
  • http/tests/canvas/color-fonts/stroke-color-shadow-ctm-sbix-expected.html:
  • http/tests/canvas/color-fonts/stroke-color-shadow-ctm-sbix.html:
  • http/tests/canvas/color-fonts/stroke-color-shadow-sbix-expected.html:
  • http/tests/canvas/color-fonts/stroke-color-shadow-sbix.html:
  • http/tests/canvas/color-fonts/stroke-gradient-sbix-2.html:
  • http/tests/canvas/color-fonts/stroke-gradient-sbix-3.html:
  • http/tests/canvas/color-fonts/stroke-gradient-sbix-4.html:
  • http/tests/canvas/color-fonts/stroke-gradient-sbix.html:
  • http/tests/canvas/color-fonts/text-sbix-2.html:
  • http/tests/canvas/color-fonts/text-sbix-3.html:
  • http/tests/canvas/color-fonts/text-sbix-4.html:
  • http/tests/canvas/color-fonts/text-sbix.html:
12:00 AM Changeset in webkit [276693] by commit-queue@webkit.org
  • 2 edits in trunk/Source/ThirdParty/ANGLE

ANGLE should be compiled with thread-safe statics
https://bugs.webkit.org/show_bug.cgi?id=224854

Patch by Kimmo Kinnunen <kkinnunen@apple.com> on 2021-04-28
Reviewed by Kenneth Russell.

Compile ANGLE with normal thread-safe c++ local statics.
No known threading failures. Based on ad-hoc risk vs benefit
evaluation of today and after future merges, it appears
better to err in the side of caution.

  • Configurations/Base.xcconfig:

Apr 27, 2021:

11:39 PM Changeset in webkit [276692] by basuke.suzuki@sony.com
  • 4 edits in trunk/Source

[PlayStation] Suppress warnings for %llu format specifier for uint64_t.
https://bugs.webkit.org/show_bug.cgi?id=225138

Reviewed by Darin Adler.

PRIu64 from <cstdint> should be use to format uint64_t value in printf.

Source/WebCore:

No new tests because there's no behavior change.

  • workers/service/server/SWServerWorker.cpp:

(WebCore::SWServerWorker::startTermination):

Source/WebKit:

  • NetworkProcess/ServiceWorker/WebSWServerConnection.cpp:

(WebKit::WebSWServerConnection::createFetchTask):
(WebKit::WebSWServerConnection::startFetch):

11:26 PM Changeset in webkit [276691] by commit-queue@webkit.org
  • 12 edits
    1 copy
    1 add in trunk

Add a Condition type that supports thread safety analysis
https://bugs.webkit.org/show_bug.cgi?id=224970

Patch by Kimmo Kinnunen <kkinnunen@apple.com> on 2021-04-27
Reviewed by Darin Adler.

Source/WebKit:

Use CheckedCondition and CheckedLock as an example of the
added implementations.

  • Platform/IPC/Connection.cpp:

(IPC::Connection::waitForMessage):
(IPC::Connection::processIncomingMessage):
(IPC::Connection::connectionDidClose):

  • Platform/IPC/Connection.h:

(IPC::Connection::WTF_GUARDED_BY_LOCK):
Use CheckedCondition (as an example).

Mark up variables protected by
IPC::Connection::m_waitForMessageMutex
to use thread safety analysis.

  • Shared/mac/MediaFormatReader/MediaTrackReader.cpp:

(WebKit::MediaTrackReader::greatestPresentationTime const):
Fix unlocked access.

(WebKit::MediaTrackReader::addSample):
(WebKit::MediaTrackReader::waitForSample const):
(WebKit::MediaTrackReader::finishParsing):
(WebKit::MediaTrackReader::copyProperty):
(WebKit::MediaTrackReader::finalize):

  • Shared/mac/MediaFormatReader/MediaTrackReader.h:

Use CheckedCondition (as an example).

Mark up variables protected by
MediaTrackReader::m_sampleStorageLock
to use thread safety analysis.

Source/WTF:

Add CheckedCondition, a condition variable to be used with CheckedLock.
Use thread safety analysis annotations for CheckedCondition.

  • WTF.xcodeproj/project.pbxproj:
  • wtf/CMakeLists.txt:
  • wtf/CheckedCondition.h: Added.
  • wtf/CheckedLock.h:

Tools:

A simple test for CheckedCondition to make sure
it compiles.

  • TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
  • TestWebKitAPI/Tests/WTF/CheckedConditionTest.cpp: Copied from Tools/TestWebKitAPI/Tests/WTF/CheckedLockTest.cpp.

(TestWebKitAPI::TEST):

  • TestWebKitAPI/Tests/WTF/CheckedLockTest.cpp:
9:50 PM Changeset in webkit [276690] by svillar@igalia.com
  • 4 edits in trunk/LayoutTests

[css-flexbox] Fix expectations of a WPT test that works fine
https://bugs.webkit.org/show_bug.cgi?id=225097

Reviewed by Manuel Rego Casasnovas.

LayoutTests/imported/w3c:

  • web-platform-tests/css/css-flexbox/css-flexbox-img-expand-evenly-expected.html:

Fixed the paths of some images that were not properly converted during import.

LayoutTests:

9:43 PM Changeset in webkit [276689] by Chris Dumez
  • 8 edits in trunk

Improve local storage size estimation for quota limitation
https://bugs.webkit.org/show_bug.cgi?id=225123

Reviewed by Alex Christensen.

Source/WebCore:

Improve local storage size estimation for quota limitation:

  • Rely on String::sizeInBytes() to compute the String size, instead of using String::length() * sizeof(UChar)
  • Make estimation consistent between StorageMap & LocalStorageDatabase
  • storage/StorageMap.cpp:

(WebCore::StorageMap::setItem):
(WebCore::StorageMap::setItemIgnoringQuota):
(WebCore::StorageMap::removeItem):
(WebCore::StorageMap::clear):
(WebCore::StorageMap::importItems):
(WebCore::StorageMap::Impl::copy const):

  • storage/StorageMap.h:

Source/WebKit:

Improve local storage size estimation for quota limitation:

  • Rely on String::sizeInBytes() to compute the String size, instead of using String::length() * sizeof(UChar)
  • Make estimation consistent between StorageMap & LocalStorageDatabase
  • NetworkProcess/WebStorage/LocalStorageDatabase.cpp:

(WebKit::LocalStorageDatabase::removeItem):
(WebKit::LocalStorageDatabase::setItem):
(WebKit::estimateEntrySize): Deleted.

  • NetworkProcess/WebStorage/LocalStorageDatabase.h:

LayoutTests:

Update test to use unicode in the Strings so that the file reaches the quota without
changing the test too much. The test was using ASCII and was thus able to store all
the strings without reaching the quota due to our updated String size calculation.

  • storage/domstorage/quota.html:
7:54 PM Changeset in webkit [276688] by Wenson Hsieh
  • 5 edits
    2 adds in trunk

[iOS] Web content process occasionally crashes under VisibleSelection::adjustPositionForEnd
https://bugs.webkit.org/show_bug.cgi?id=225072
rdar://77159489

Reviewed by Darin Adler.

Source/WebCore:

Add a helper method to check whether or not the given Position is in a tree scope. See WebKit/ChangeLog for
more details.

Test: editing/selection/ios/clear-selection-while-moving-selection-handles.html

  • dom/Position.h:

(WebCore::Position::isInTreeScope const):

Source/WebKit:

Make rangeForPointInRootViewCoordinates robust in the case where the original selection may have become
orphaned or null, by checking that the targetNode and existing selectionStart or selectionEnd are in a
tree scope before accessing treeScope().

  • WebProcess/WebPage/ios/WebPageIOS.mm:

(WebKit::rangeForPointInRootViewCoordinates):

LayoutTests:

Add a layout test that programmatically clears the selection in the middle of changing it by moving selection
handles.

  • editing/selection/ios/clear-selection-while-moving-selection-handles-expected.txt: Added.
  • editing/selection/ios/clear-selection-while-moving-selection-handles.html: Added.
6:55 PM Changeset in webkit [276687] by Diego Pino Garcia
  • 2 edits in trunk/LayoutTests

[GLIB] Unreviewed test gardening. fast/replaced/pdf-as-embed-with-no-mime-type-is-not-blank.html is failing after r276635.

  • platform/glib/TestExpectations:
6:01 PM Changeset in webkit [276686] by fpizlo@apple.com
  • 3 edits in trunk/Source/JavaScriptCore

Get the bytecode profiler working again
https://bugs.webkit.org/show_bug.cgi?id=225129

Reviewed by Saam Barati.

The bytecode profiler was broken because it was trying to look at unset labels. This patch
improves our label discipline a bit so we don't try to look at unset labels.

  • dfg/DFGJITCompiler.cpp:

(JSC::DFG::JITCompiler::linkOSRExits):

  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::emitInvalidationPoint):

5:54 PM Changeset in webkit [276685] by Alan Coon
  • 2 edits in branches/safari-611-branch/Source/WebCore

Unreviewed build fix. rdar://problem/77211405

Added blobOwner declaration from trac.webkit.org/r276230.

5:44 PM Changeset in webkit [276684] by Alan Coon
  • 6 edits in branches/safari-612.1.12-branch

Cherry-pick r276652. rdar://problem/77235499

Unreviewed, reverting r275912.
rdar://77179042

Broke internal client

Reverted changeset:

"Remove support for NPAPI plugins in WebView"
https://bugs.webkit.org/show_bug.cgi?id=224449
https://commits.webkit.org/r275912

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@276652 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5:44 PM Changeset in webkit [276683] by Alan Coon
  • 2 edits in branches/safari-612.1.12-branch/Source/WebKit

Cherry-pick r276590. rdar://problem/77235569

[iOS] Update sandbox message filter syntax
https://bugs.webkit.org/show_bug.cgi?id=223384

Reviewed by Brent Fulgham.

Update sandbox message filter syntax on iOS. The previous syntax should also still be supported.

  • Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@276590 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5:18 PM Changeset in webkit [276682] by Ben Nham
  • 3 edits in trunk/Source/WTF

Memory pressure events should be logged to com.apple.WebKit subsystem
https://bugs.webkit.org/show_bug.cgi?id=225112

Reviewed by Chris Dumez.

Currently memory pressure events are logged to the default os_log subsystem instead of the
com.apple.WebKit subsystem. This makes it hard to capture such events using common logging
prefs (e.g. a pref that persists all logs from the WebKit subsystem).

To fix this, call WTFInitializeLogChannelStatesFromString at init time. This associates the
WTFLogChannel with an os_log object that sends the messages to the WebKit subsystem.

  • wtf/MemoryPressureHandler.cpp:

(WTF::MemoryPressureHandler::singleton):

  • wtf/cocoa/MemoryPressureHandlerCocoa.mm:

(WTF::MemoryPressureHandler::install):

5:04 PM Changeset in webkit [276681] by Patrick Angle
  • 3 edits in trunk/Source/WebInspectorUI

Web Inspector: Rename "Open in New Tab" context menu item to "Open in New Window"
https://bugs.webkit.org/show_bug.cgi?id=225125

Reviewed by BJ Burg.

Update the context menu item label, as the "Open in..." context menu item opens the target item in a new window,
not a new tab.

  • Localizations/en.lproj/localizedStrings.js:
  • UserInterface/Views/ContextMenuUtilities.js:

(WI.appendContextMenuItemsForURL):

4:53 PM Changeset in webkit [276680] by Patrick Angle
  • 7 edits
    4 adds in trunk

Web Inspector: Default Audits script are minified in release builds
https://bugs.webkit.org/show_bug.cgi?id=225009

Reviewed by BJ Burg.

Source/WebInspectorUI:

Covered by new test:

  • inspector/audit/non-minified-default-audits.html

The default audits have been moved out of AuditManager.js and into a special DefaultAudits.js in the new
NonMinified directory, which contains JavaScript sources that should be included in Main.js and
TestCombined.js, but should not have whitespace stripped from their contents because the whitespace is
important to the script. For example, the source for the default audits are visible to the user, and therefore
we want to present well-formatted source in those contexts.

  • Scripts/combine-resources.pl:
  • Added NonMinified directory to list of default inputDirectoryPattern exceptions for combining resources.
  • Added --skip-concatenate-tag so that we don't add tags for script we will eventually append to another script.
  • Scripts/copy-user-interface-resources.pl:
  • Handle NonMinified directory for sources that will be appended to Main.js, but should not be minified.
  • Handle NonMinified directory for sources that will be appended to TestCombined.js.

(combineOrStripResourcesForWebKitAdditions):

  • Drive-by fix for typo in combineOrStripResourcesForWebKitAdditions that caused errors to be emitted during builds.
  • UserInterface/Controllers/AuditManager.js:

(WI.AuditManager.prototype._addDefaultTests):
(WI.AuditManager):
(WI.AuditManager.prototype._addDefaultTests.const.levelPass): Deleted.
(WI.AuditManager.prototype._addDefaultTests.const.levelWarn): Deleted.
(WI.AuditManager.prototype._addDefaultTests.const.levelFail): Deleted.
(WI.AuditManager.prototype._addDefaultTests.const.levelError): Deleted.
(WI.AuditManager.prototype._addDefaultTests.const.levelUnsupported): Deleted.
(WI.AuditManager.prototype._addDefaultTests.const.dataDOMNodes): Deleted.
(WI.AuditManager.prototype._addDefaultTests.const.dataDOMAttributes): Deleted.
(WI.AuditManager.prototype._addDefaultTests.const.dataErrors): Deleted.
(WI.AuditManager.prototype._addDefaultTests.const.dataCustom): Deleted.
(WI.AuditManager.prototype._addDefaultTests.const.getElementsByComputedRole): Deleted.
(WI.AuditManager.prototype._addDefaultTests.const.getActiveDescendant): Deleted.
(WI.AuditManager.prototype._addDefaultTests.const.getChildNodes): Deleted.
(WI.AuditManager.prototype._addDefaultTests.const.getComputedProperties): Deleted.
(WI.AuditManager.prototype._addDefaultTests.const.getControlledNodes): Deleted.
(WI.AuditManager.prototype._addDefaultTests.const.getFlowedNodes): Deleted.
(WI.AuditManager.prototype._addDefaultTests.const.getMouseEventNode): Deleted.
(WI.AuditManager.prototype._addDefaultTests.const.getOwnedNodes): Deleted.
(WI.AuditManager.prototype._addDefaultTests.const.getParentNode): Deleted.
(WI.AuditManager.prototype._addDefaultTests.const.getSelectedChildNodes): Deleted.
(WI.AuditManager.prototype._addDefaultTests.const.hasEventListeners): Deleted.
(WI.AuditManager.prototype._addDefaultTests.const.hasEventListenersClick): Deleted.
(WI.AuditManager.prototype._addDefaultTests.const.getResources): Deleted.
(WI.AuditManager.prototype._addDefaultTests.const.getResourceContent): Deleted.
(WI.AuditManager.prototype._addDefaultTests.const.unsupported): Deleted.
(WI.AuditManager.prototype._addDefaultTests.hasChildWithRole): Deleted.
(WI.AuditManager.prototype._addDefaultTests.const.testMenuRoleForRequiredChildren): Deleted.
(WI.AuditManager.prototype._addDefaultTests.const.testGridRoleForRequiredChildren): Deleted.
(WI.AuditManager.prototype._addDefaultTests.const.testForAriaLabelledBySpelling): Deleted.
(WI.AuditManager.prototype._addDefaultTests.const.testForMultipleBanners): Deleted.
(WI.AuditManager.prototype._addDefaultTests.const.testForLinkLabels): Deleted.
(WI.AuditManager.prototype._addDefaultTests.const.testRowGroupRoleForRequiredChildren): Deleted.
(WI.AuditManager.prototype._addDefaultTests.const.testTableRoleForRequiredChildren): Deleted.
(WI.AuditManager.prototype._addDefaultTests.const.testForMultipleLiveRegions): Deleted.
(WI.AuditManager.prototype._addDefaultTests.const.testListBoxRoleForRequiredChildren): Deleted.
(WI.AuditManager.prototype._addDefaultTests.const.testImageLabels): Deleted.
(WI.AuditManager.prototype._addDefaultTests.const.testForAriaHiddenFalse): Deleted.
(WI.AuditManager.prototype._addDefaultTests.const.testTreeRoleForRequiredChildren): Deleted.
(WI.AuditManager.prototype._addDefaultTests.const.testRadioGroupRoleForRequiredChildren): Deleted.
(WI.AuditManager.prototype._addDefaultTests.const.testFeedRoleForRequiredChildren): Deleted.
(WI.AuditManager.prototype._addDefaultTests.const.testTabListRoleForRequiredChildren): Deleted.
(WI.AuditManager.prototype._addDefaultTests.const.testButtonLabels): Deleted.
(WI.AuditManager.prototype._addDefaultTests.const.testRowRoleForRequiredChildren): Deleted.
(WI.AuditManager.prototype._addDefaultTests.const.testListRoleForRequiredChildren): Deleted.
(WI.AuditManager.prototype._addDefaultTests.const.testComboBoxRoleForRequiredChildren): Deleted.
(WI.AuditManager.prototype._addDefaultTests.const.testForMultipleMainContentSections): Deleted.
(WI.AuditManager.prototype._addDefaultTests.const.testDialogsForLabels): Deleted.
(WI.AuditManager.prototype._addDefaultTests.const.testForInvalidAriaHiddenValue): Deleted.
(WI.AuditManager.prototype._addDefaultTests.removeWhitespace): Deleted.

  • UserInterface/Main.html:
  • UserInterface/NonMinified/DefaultAudits.js: Added.

(WI.DefaultAudits.levelPass):
(WI.DefaultAudits.levelWarn):
(WI.DefaultAudits.levelFail):
(WI.DefaultAudits.levelError):
(WI.DefaultAudits.levelUnsupported):
(WI.DefaultAudits.dataDOMNodes):
(WI.DefaultAudits.dataDOMAttributes):
(WI.DefaultAudits.dataErrors):
(WI.DefaultAudits.dataCustom):
(WI.DefaultAudits.getElementsByComputedRole):
(WI.DefaultAudits.getActiveDescendant):
(WI.DefaultAudits.getChildNodes):
(WI.DefaultAudits.getComputedProperties):
(WI.DefaultAudits.getControlledNodes):
(WI.DefaultAudits.getFlowedNodes):
(WI.DefaultAudits.getMouseEventNode):
(WI.DefaultAudits.getOwnedNodes):
(WI.DefaultAudits.getParentNode):
(WI.DefaultAudits.getSelectedChildNodes):
(WI.DefaultAudits.hasEventListeners):
(WI.DefaultAudits.hasEventListenersClick):
(WI.DefaultAudits.getResources):
(WI.DefaultAudits.getResourceContent):
(WI.DefaultAudits.unsupported):
(hasChildWithRole):
(WI.DefaultAudits.testMenuRoleForRequiredChildren):
(WI.DefaultAudits.testGridRoleForRequiredChildren):
(WI.DefaultAudits.testForAriaLabelledBySpelling):
(WI.DefaultAudits.testForMultipleBanners):
(WI.DefaultAudits.testForLinkLabels):
(WI.DefaultAudits.testRowGroupRoleForRequiredChildren):
(WI.DefaultAudits.testTableRoleForRequiredChildren):
(WI.DefaultAudits.testForMultipleLiveRegions):
(WI.DefaultAudits.testListBoxRoleForRequiredChildren):
(WI.DefaultAudits.testImageLabels):
(WI.DefaultAudits.testForAriaHiddenFalse):
(WI.DefaultAudits.testTreeRoleForRequiredChildren):
(WI.DefaultAudits.testRadioGroupRoleForRequiredChildren):
(WI.DefaultAudits.testFeedRoleForRequiredChildren):
(WI.DefaultAudits.testTabListRoleForRequiredChildren):
(WI.DefaultAudits.testButtonLabels):
(WI.DefaultAudits.testRowRoleForRequiredChildren):
(WI.DefaultAudits.testListRoleForRequiredChildren):
(WI.DefaultAudits.testComboBoxRoleForRequiredChildren):
(WI.DefaultAudits.testForMultipleMainContentSections):
(WI.DefaultAudits.testDialogsForLabels):
(WI.DefaultAudits.testForInvalidAriaHiddenValue):

  • UserInterface/Test.html:

LayoutTests:

Added test to check that whitespace is preserved in default audits.

  • inspector/audit/non-minified-default-audits-expected.txt: Added.
  • inspector/audit/non-minified-default-audits.html: Added.
4:40 PM Changeset in webkit [276679] by Cameron McCormack
  • 4 edits
    2 adds in trunk

Associate a picture element with an img only if the img is a direct child.
https://bugs.webkit.org/show_bug.cgi?id=225044

Reviewed by Ryosuke Niwa.

LayoutTests/imported/w3c:

  • web-platform-tests/html/semantics/embedded-content/the-img-element/img-picture-ancestor-expected.txt: Added.
  • web-platform-tests/html/semantics/embedded-content/the-img-element/img-picture-ancestor.html: Added.

Source/WebCore:

Test: imported/w3c/web-platform-tests/html/semantics/embedded-content/the-img-element/img-picture-ancestor.html

  • html/HTMLImageElement.cpp:

(WebCore::HTMLImageElement::insertedIntoAncestor):
(WebCore::HTMLImageElement::removedFromAncestor):

  • html/parser/HTMLConstructionSite.cpp:

(WebCore::HTMLConstructionSite::createHTMLElementOrFindCustomElementInterface):

4:35 PM Changeset in webkit [276678] by Chris Dumez
  • 13 edits in trunk/Source

IPC::decoder::decode() should mark decoder as invalid when failing
https://bugs.webkit.org/show_bug.cgi?id=225117

Reviewed by Darin Adler.

IPC::decoder::decode() should mark decoder as invalid when failing, instead of relying
on individual type decoders to do so. This makes type decoders a bit simpler and less
error-prone.

Source/WebCore:

  • Modules/highlight/AppHighlight.h:

(WebCore::AppHighlight::decode):

Source/WebKit:

  • Platform/IPC/ArgumentCoders.cpp:

(IPC::ArgumentCoder<CString>::decode):
(IPC::decodeStringText):

  • Platform/IPC/ArgumentCoders.h:
  • Platform/IPC/Connection.cpp:

(IPC::Connection::dispatchMessageReceiverMessage):
(IPC::Connection::dispatchSyncMessage):

  • Platform/IPC/Decoder.cpp:

(IPC::m_destinationID):

  • Platform/IPC/Decoder.h:

(IPC::Decoder::decode):
(IPC::Decoder::operator>>):

  • Platform/IPC/HandleMessage.h:

(IPC::handleMessage):
(IPC::handleMessageSynchronous):
(IPC::handleMessageSynchronousWantsConnection):
(IPC::handleMessageAsync):
(IPC::handleMessageAsyncWantsConnection):

  • WebProcess/Plugins/Plugin.cpp:

(WebKit::Plugin::Parameters::decode):

4:01 PM Changeset in webkit [276677] by commit-queue@webkit.org
  • 19 edits
    2 adds in trunk

charset in contentType used in Blob.prototype.slice(start, end, contentType) is lost
https://bugs.webkit.org/show_bug.cgi?id=225057

Patch by Alex Christensen <achristensen@webkit.org> on 2021-04-27
Reviewed by Chris Dumez.

Source/WebCore:

When calling Blob.slice, use the content type from the call, not from the sliced-from blob.
This matches Chrome and Firefox.

When no content type is given, browsers disagree on what happens, so keep existing behavior in that case.

Test: fast/files/blob-content-type.html

  • fileapi/Blob.cpp:

(WebCore::Blob::Blob):

  • fileapi/ThreadableBlobRegistry.cpp:

(WebCore::ThreadableBlobRegistry::registerBlobURLForSlice):

  • fileapi/ThreadableBlobRegistry.h:
  • platform/network/BlobRegistry.h:
  • platform/network/BlobRegistryImpl.cpp:

(WebCore::BlobRegistryImpl::registerBlobURLForSlice):

  • platform/network/BlobRegistryImpl.h:

Source/WebKit:

  • NetworkProcess/NetworkConnectionToWebProcess.cpp:

(WebKit::NetworkConnectionToWebProcess::registerBlobURLForSlice):

  • NetworkProcess/NetworkConnectionToWebProcess.h:
  • NetworkProcess/NetworkConnectionToWebProcess.messages.in:
  • NetworkProcess/NetworkProcessPlatformStrategies.cpp:

(WebKit::NetworkProcessPlatformStrategies::createBlobRegistry):

  • WebProcess/FileAPI/BlobRegistryProxy.cpp:

(WebKit::BlobRegistryProxy::registerBlobURLForSlice):

  • WebProcess/FileAPI/BlobRegistryProxy.h:

Source/WebKitLegacy/mac:

  • WebCoreSupport/WebPlatformStrategies.mm:

Source/WebKitLegacy/win:

  • WebCoreSupport/WebPlatformStrategies.cpp:

LayoutTests:

  • fast/files/blob-content-type-expected.txt: Added.
  • fast/files/blob-content-type.html: Added.
3:52 PM Changeset in webkit [276676] by mark.lam@apple.com
  • 6 edits
    1 add in trunk/Source/JavaScriptCore

Move ExceptionExpectation into its own .h file.
https://bugs.webkit.org/show_bug.cgi?id=225124

Reviewed by Robin Morisset.

Also fixed some compiler warnings.

  • CMakeLists.txt:
  • JavaScriptCore.xcodeproj/project.pbxproj:
  • runtime/ExceptionExpectation.h: Added.
  • runtime/ExceptionHelpers.h:
  • runtime/HashMapImplInlines.h:

(JSC::jsMapHashImpl):

  • runtime/JSGenericTypedArrayViewInlines.h:

(JSC::JSGenericTypedArrayView<Adaptor>::setWithSpecificType):
(JSC::JSGenericTypedArrayView<Adaptor>::getOwnPropertySlotByIndex):

3:50 PM Changeset in webkit [276675] by Alan Coon
  • 8 edits in branches/safari-612.1.11-branch/Source

Versioning.

WebKit-7612.1.11.8

3:48 PM Changeset in webkit [276674] by Ruben Turcios
  • 8 edits in trunk/Source

Versioning.

WebKit-7612.1.13

3:46 PM Changeset in webkit [276673] by Aditya Keerthi
  • 2 edits in trunk/LayoutTests

REGRESSION (r273154): fast/forms/ios/scroll-to-reveal-focused-select.html is timing out
https://bugs.webkit.org/show_bug.cgi?id=225122
<rdar://problem/77041996>

Reviewed by Wenson Hsieh.

  • fast/forms/ios/scroll-to-reveal-focused-select.html:

Updated the test to account for the fact that <select> options are no
longer displayed as a keyboard input view.

3:31 PM Changeset in webkit [276672] by Ruben Turcios
  • 1 copy in branches/safari-612.1.12-branch

New branch.

3:11 PM Changeset in webkit [276671] by Fujii Hironori
  • 2 edits in trunk/Source/WebKit

HashTableConstIterator's consistency assertion fails while closing m_webIDBServers in NetworkProcess::didClose since r275846
https://bugs.webkit.org/show_bug.cgi?id=225089

Reviewed by Chris Dumez.

The items of m_webIDBServers were removed while iterating
m_webIDBServers.

Move m_webIDBServers to a temporary HashMap before iterating.

  • NetworkProcess/NetworkProcess.cpp:

(WebKit::NetworkProcess::didClose):

3:09 PM Changeset in webkit [276670] by Sam Sneddon
  • 6 edits in trunk/Tools

Make TestInput immutable
https://bugs.webkit.org/show_bug.cgi?id=224989

Reviewed by Jonathan Bedard.

The main point here is moving computing reference_files and
should_run_pixel_test to when we initially construct TestInput, as at
this point this happens in the some process and thread (since bug
221577), hence there's no real reason for it to happen later.

In doing this, I've eliminated Port.should_run_as_pixel_test on the
basis that no port actually overrode this to apply any different logic,
especially given it seems unlikely that any port would want to use
different logic here. (Note that ports still have some control through
Port.default_pixel_tests.)

With this done, it should then be possible to make TestInput immutable,
which should help make things easier to understand.

Expect, as it happens, there was a reason for it to happen later: we
previously generated all the TestInputs twice, once to find out how
many workers we need and then another time to actually run them (plus
potentially a third time for retries!). There's no actual reason to do
this, so move the creation to Manager.run and pass that list around
instead of the Tests.

  • Scripts/webkitpy/layout_tests/controllers/layout_test_runner.py:

(LayoutTestRunner.run_tests): Don't update TestInput.
(LayoutTestRunner._update_test_input): Deleted.

  • Scripts/webkitpy/layout_tests/controllers/manager.py:

(Manager._test_input_for_file): Moved from _update_test_input and
Port.should_run_as_pixel_test.
(Manager._get_test_inputs): Deleted.
(Manager._multiply_test_inputs): Simplify code used to generated
repeated/rerun test inputs.
(Manager._update_worker_count): Don't create TestInputs; take
test_inputs as arg.
(Manager._set_up_run): Rename test_names to test_inputs.
(Manager.run): Create TestInput objects here.
(Manager._run_test_subset): Take TestInputs not Tests, generate new
TestInputs for retry if needed.
(Manager._run_tests): Don't create TestInputs; take test_inputs as arg.

  • Scripts/webkitpy/layout_tests/models/test.py: Fly-by: use slots.
  • Scripts/webkitpy/layout_tests/models/test_input.py:

(TestInput): Migrate to attrs.
(TestInput.init): Deleted.
(TestInput.repr): Deleted.

  • Scripts/webkitpy/port/base.py:

(Port.should_run_as_pixel_test): Deleted.
(Port._should_run_as_pixel_test): Deleted.

3:06 PM Changeset in webkit [276669] by Sam Sneddon
  • 2 edits in trunk/Tools

Optimize Port._expected_baselines_for_suffixes
https://bugs.webkit.org/show_bug.cgi?id=225115

Reviewed by Jonathan Bedard.

This takes out the join() and splitext() calls from the inner loop as
they are loop invariant, and account for a large proportion of the
function's execution time. After this, exists() account for almost
all.

  • Scripts/webkitpy/port/base.py:

(Port._expected_baselines_for_suffixes):

2:07 PM Changeset in webkit [276668] by Alan Coon
  • 6 edits
    2 adds in branches/safari-611-branch

Cherry-pick r276357. rdar://problem/77211423

REGRESSION(r256107): Text moves around when selecting at https://www.tokyo-sports.co.jp/entame/news/2834187/
https://bugs.webkit.org/show_bug.cgi?id=224839
<rdar://74958484>

Reviewed by Darin Adler.

Source/WebCore:

Pass in locale information when constructing the text iterator for the content (locale affects soft wrap opportunities).

Test: fast/text/line-break-with-locale.html

  • layout/inlineformatting/InlineTextItem.cpp: (WebCore::Layout::InlineTextItem::createAndAppendTextItems):
  • layout/inlineformatting/text/TextUtil.cpp: In addition to locale, add missing line breaking mode. (WebCore::Layout::TextUtil::lineBreakIteratorMode):
  • layout/inlineformatting/text/TextUtil.h:

LayoutTests:

  • fast/text/line-break-with-locale-expected.html: Added.
  • fast/text/line-break-with-locale.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@276357 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:07 PM Changeset in webkit [276667] by Alan Coon
  • 2 edits in branches/safari-611-branch/Source/WebCore

Cherry-pick r276352. rdar://problem/77211405

Use BlobURL::getOriginURL in more places
https://bugs.webkit.org/show_bug.cgi?id=224857

Reviewed by Alex Christensen.

Covered by existing tests.

  • loader/PolicyChecker.cpp: (WebCore::FrameLoader::PolicyChecker::extendBlobURLLifetimeIfNecessary const):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@276352 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:07 PM Changeset in webkit [276666] by Alan Coon
  • 4 edits
    3 adds in branches/safari-611-branch

Cherry-pick r276012. rdar://problem/77211405

REGRESSION(Safari 14): iframe with blob url does not work with sandboxing
https://bugs.webkit.org/show_bug.cgi?id=222312
<rdar://problem/74927624>

Reviewed by Chris Dumez.

Source/WebCore:

In https://trac.webkit.org/r275884, we correctly compute whether a blob is to be considered secure or not.
For that, we need to have the blob URL registered with its document origin.
Update PolicyChecker to properly register the temporoary blob URL with its document origin.

Test: http/tests/security/sandbox-iframe-and-blob.https.html

  • loader/PolicyChecker.cpp: (WebCore::FrameLoader::PolicyChecker::extendBlobURLLifetimeIfNecessary const):

LayoutTests:

  • http/tests/security/resources/sandbox-iframe-and-blob-frame.html: Added.
  • http/tests/security/sandbox-iframe-and-blob.https-expected.txt: Added.
  • http/tests/security/sandbox-iframe-and-blob.https.html: Added.
  • platform/win/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@276012 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:07 PM Changeset in webkit [276665] by Alan Coon
  • 2 edits in branches/safari-611-branch/Source/WebCore/fileapi

Apply patch. rdar://problem/77211405

2:07 PM Changeset in webkit [276664] by Alan Coon
  • 19 edits in branches/safari-611-branch/Source/JavaScriptCore

Cherry-pick r276609. rdar://problem/77211512

numCalleeLocals, numParameters, and numVars should be unsigned
https://bugs.webkit.org/show_bug.cgi?id=224995

Reviewed by Mark Lam.

All of the various CodeBlock classes currently have the
numCalleeLocals and numVars marked as ints. I believe this is just
a historical artifact or because VirtualRegister's offset is an
int to make handling constants easier. Regardless, it's a bit
strange to not handle the sign conversion at the point of
comparison between a VirtualRegister offset and the local/var
count. This doesn't completely fix every place we use ints for
these values but starts on the right track. Lastly, I also added
some Check<unsigned>s to the wasm parser for sanity checking.

  • bytecode/CodeBlock.cpp: (JSC::CodeBlock::setNumParameters): (JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeIndexSlow):
  • bytecode/CodeBlock.h: (JSC::CodeBlock::numParameters const): (JSC::CodeBlock::numberOfArgumentsToSkip const): (JSC::CodeBlock::numCalleeLocals const): (JSC::CodeBlock::numVars const): (JSC::CodeBlock::numTmps const): (JSC::CodeBlock::addressOfNumParameters): (JSC::CodeBlock::isTemporaryRegister):
  • bytecode/UnlinkedCodeBlock.h: (JSC::UnlinkedCodeBlock::numCalleeLocals const): (JSC::UnlinkedCodeBlock::numVars const):
  • bytecode/UnlinkedCodeBlockGenerator.h: (JSC::UnlinkedCodeBlockGenerator::numCalleeLocals const): (JSC::UnlinkedCodeBlockGenerator::numVars const): (JSC::UnlinkedCodeBlockGenerator::setNumCalleeLocals): (JSC::UnlinkedCodeBlockGenerator::setNumVars): (JSC::UnlinkedCodeBlockGenerator::setNumParameters):
  • bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::generate): (JSC::BytecodeGenerator::emitPushFunctionNameScope):
  • bytecompiler/BytecodeGeneratorBaseInlines.h: (JSC::BytecodeGeneratorBase<Traits>::newRegister):
  • dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::handleRecursiveTailCall): (JSC::DFG::ByteCodeParser::inliningCost): (JSC::DFG::ByteCodeParser::parseBlock):
  • dfg/DFGOSREntrypointCreationPhase.cpp: (JSC::DFG::OSREntrypointCreationPhase::run):
  • dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::checkArgumentTypes):
  • ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::lower):
  • ftl/FTLOSREntry.cpp: (JSC::FTL::prepareOSREntry):
  • interpreter/CallFrameClosure.h:
  • interpreter/ProtoCallFrameInlines.h: (JSC::ProtoCallFrame::init):
  • jit/JIT.cpp: (JSC::JIT::compileWithoutLinking):
  • runtime/CommonSlowPaths.h: (JSC::CommonSlowPaths::numberOfStackPaddingSlots): (JSC::CommonSlowPaths::numberOfStackPaddingSlotsWithExtraSlots):
  • wasm/WasmFunctionCodeBlock.h: (JSC::Wasm::FunctionCodeBlock::numVars const): (JSC::Wasm::FunctionCodeBlock::numCalleeLocals const): (JSC::Wasm::FunctionCodeBlock::setNumVars): (JSC::Wasm::FunctionCodeBlock::setNumCalleeLocals):
  • wasm/WasmLLIntGenerator.cpp: (JSC::Wasm::LLIntGenerator::push): (JSC::Wasm::LLIntGenerator::getDropKeepCount): (JSC::Wasm::LLIntGenerator::walkExpressionStack): (JSC::Wasm::LLIntGenerator::checkConsistency): (JSC::Wasm::LLIntGenerator::materializeConstantsAndLocals): (JSC::Wasm::LLIntGenerator::splitStack): (JSC::Wasm::LLIntGenerator::finalize): (JSC::Wasm::LLIntGenerator::callInformationForCaller): (JSC::Wasm::LLIntGenerator::addLoop): (JSC::Wasm::LLIntGenerator::addTopLevel): (JSC::Wasm::LLIntGenerator::addBlock): (JSC::Wasm::LLIntGenerator::addIf): (JSC::Wasm::LLIntGenerator::addElseToUnreachable):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@276609 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:07 PM Changeset in webkit [276663] by Alan Coon
  • 2 edits in branches/safari-611-branch/Source/WebCore

Cherry-pick r276611. rdar://problem/77211533

Remove redundant frameDetached() from the SVGImage destructor
https://bugs.webkit.org/show_bug.cgi?id=221616
<rdar://problem/74149106>

Reviewed by Chris Dumez.

SVGImage was originally written such that it has two separate objects:
a page and a frame; see https://trac.webkit.org/r18470. So it made sense
at that time to clean up the page and the frame separately. The Frame
was cleaned up by telling the frame's loader that the frameDetached().

This code is not necessary right now since the page owns the main frame.
And its destructor recursively detaches itself from all the frames.

  • svg/graphics/SVGImage.cpp: (WebCore::SVGImage::~SVGImage):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@276611 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:07 PM Changeset in webkit [276662] by Alan Coon
  • 2 edits in branches/safari-611-branch/Source/WebCore

Cherry-pick r276530. rdar://problem/77211441

Crash in constructCustomElementSynchronously
https://bugs.webkit.org/show_bug.cgi?id=224992
<rdar://66988026>

Reviewed by Tadeu Zagallo.

Exit early when the global object is nullptr although this shouldn't happen.

No new tests since we have no reproductions.

  • bindings/js/JSCustomElementInterface.cpp: (WebCore::JSCustomElementInterface::tryToConstructCustomElement): Added a null check.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@276530 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:07 PM Changeset in webkit [276661] by Alan Coon
  • 5 edits
    2 adds in branches/safari-611-branch

Cherry-pick r274170. rdar://problem/77194450

REGRESSION (r273003): Animated style may lose original display property value
https://bugs.webkit.org/show_bug.cgi?id=222979
rdar://75056684

Reviewed by Zalan Bujtas.

Source/WebCore:

Test: fast/animation/animation-display-style-adjustment.html

The original (non-blockified) display property value is saved in the beginning of Style::Adjuster::adjust.
It is needed to implement absolute positioning correctly in some situations. However with animations
the style adjustment code may run twice on the same style and the second run will clobber the saved original value.

  • rendering/RenderTheme.cpp: (WebCore::RenderTheme::adjustStyle):
  • rendering/style/RenderStyle.h: (WebCore::RenderStyle::setDisplay):

Always save the original value when setting the property normally.

(WebCore::RenderStyle::setEffectiveDisplay):
(WebCore::RenderStyle::setOriginalDisplay): Deleted.

Add setEffectiveDisplay that doesn't affect the original value for adjuster use.

  • style/StyleAdjuster.cpp: (WebCore::Style::Adjuster::adjust const):

Remove the saving of the original value.
Use setEffectiveDisplay in all adjuster code, preserving the original value.

(WebCore::Style::Adjuster::adjustDisplayContentsStyle const):
(WebCore::Style::Adjuster::adjustSVGElementStyle):
(WebCore::Style::Adjuster::adjustForSiteSpecificQuirks const):

LayoutTests:

  • fast/animation/animation-display-style-adjustment-expected.html: Added.
  • fast/animation/animation-display-style-adjustment.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@274170 268f45cc-cd09-0410-ab3c-d52691b4dbfc

1:56 PM Changeset in webkit [276660] by Alexey Shvayka
  • 22 edits
    2 adds in trunk

[JSC] Remove defaultValue() from the method table
https://bugs.webkit.org/show_bug.cgi?id=225032

Reviewed by Darin Adler.

Source/JavaScriptCore:

This patch not only removes the unnecessary method table entry, but also makes
the presence of custom ToPrimitive behavior observable to userland code.

To maintain object identity and (possibly) enable caching, Symbol.toPrimitive
method is stored on a structure. To avoid any potential breakage, it's made
replaceable and configurable, covering the case when its holder is a ProxyTarget?.

For JSCallbackObject, Symbol.toPrimitive method is created only if ConvertToType
callback is present, before initialization is performed.

Also, this change adds additional ordinaryToPrimitive() cast to fix the invariant
that toPrimitive() returns a primitive value, which was broken if ConvertToType
callback returned an object. The invariant is enforced by the spec [1][2] and is
validated via assertion in JSValue::toStringSlowCase().

[1]: https://tc39.es/ecma262/#sec-toprimitive (step 2.b.vi)
[2]: https://tc39.es/ecma262/#sec-ordinarytoprimitive (step 6)

  • API/JSCallbackObject.h:
  • API/JSCallbackObjectFunctions.h:

(JSC::JSCallbackObject<Parent>::init):
(JSC::JSCallbackObject<Parent>::customToPrimitive):
(JSC::JSCallbackObject<Parent>::defaultValue): Deleted.

  • API/tests/testapiScripts/testapi.js:
  • runtime/ClassInfo.h:
  • runtime/JSCell.cpp:

(JSC::JSCell::defaultValue): Deleted.

  • runtime/JSCell.h:
  • runtime/JSObject.cpp:

(JSC::JSObject::toPrimitive const):
(JSC::JSObject::defaultValue): Deleted.

  • runtime/JSObject.h:
  • runtime/Operations.cpp:

(JSC::jsAddSlowCase):

Source/WebCore:

Test: platform/mac/fast/dom/objc-wrapper-toprimitive.html

  • bindings/js/JSPluginElementFunctions.cpp:

(WebCore::pluginElementCustomGetOwnPropertySlot):

  • bridge/objc/objc_runtime.h:
  • bridge/objc/objc_runtime.mm:

(JSC::Bindings::ObjcFallbackObjectImp::finishCreation):
(JSC::Bindings::ObjcFallbackObjectImp::getOwnPropertySlot):
(JSC::Bindings::JSC_DEFINE_HOST_FUNCTION):
(JSC::Bindings::ObjcFallbackObjectImp::defaultValue): Deleted.

  • bridge/runtime_object.cpp:

(JSC::Bindings::RuntimeObject::finishCreation):
(JSC::Bindings::RuntimeObject::getOwnPropertySlot):
(JSC::Bindings::JSC_DEFINE_HOST_FUNCTION):
(JSC::Bindings::RuntimeObject::defaultValue): Deleted.

  • bridge/runtime_object.h:

LayoutTests:

  • platform/mac/fast/dom/objc-wrapper-toprimitive-expected.txt: Added.
  • platform/mac/fast/dom/objc-wrapper-toprimitive.html: Added.
  • platform/wk2/TestExpectations:
  • plugins/npruntime/tostring-expected.txt:
  • plugins/npruntime/tostring.html:
  • plugins/npruntime/valueof-expected.txt:
  • plugins/npruntime/valueof.html:
1:55 PM Changeset in webkit [276659] by Chris Dumez
  • 11 edits in trunk/Source

Copy-on-write semantics should be an internal implementation detail of StorageMap
https://bugs.webkit.org/show_bug.cgi?id=225108

Reviewed by Alex Christensen.

Source/WebCore:

Instead of making the StorageMap RefCounted and requiring the client to potentially
replace its StorageMap whenever it calls functions that modify the StorageMap, the
copy-on-write semantics in now an internal implementation detail of StorageMap.

To achieve this, the following changes were made:

  • StorageMap is no longer RefCounted. Instead, it has an internal Impl data member that is RefCounted.
  • The internal Impl data member is the one that gets copied on write.
  • Functions that modify the StorageMap no longer need to return a StorageMap.
  • Add a clear() function for convenience.
  • storage/StorageMap.cpp:

(WebCore::StorageMap::StorageMap):
(WebCore::StorageMap::invalidateIterator):
(WebCore::StorageMap::setIteratorToIndex):
(WebCore::StorageMap::length const):
(WebCore::StorageMap::key):
(WebCore::StorageMap::getItem const):
(WebCore::StorageMap::setItem):
(WebCore::StorageMap::setItemIgnoringQuota):
(WebCore::StorageMap::removeItem):
(WebCore::StorageMap::clear):
(WebCore::StorageMap::contains const):
(WebCore::StorageMap::importItems):
(WebCore::StorageMap::Impl::copy const):

  • storage/StorageMap.h:

(WebCore::StorageMap::items const):
(WebCore::StorageMap::Impl::create):

Source/WebKit:

Update StorageArea due to StorageMap API changes.

  • NetworkProcess/WebStorage/StorageArea.cpp:

(WebKit::StorageArea::StorageArea):
(WebKit::StorageArea::setItem):
(WebKit::StorageArea::removeItem):
(WebKit::StorageArea::clear):
(WebKit::StorageArea::items const):
(WebKit::StorageArea::openDatabaseAndImportItemsIfNeeded const):

  • NetworkProcess/WebStorage/StorageArea.h:

Source/WebKitLegacy:

Update StorageAreaImpl due to StorageMap API changes.

  • Storage/StorageAreaImpl.cpp:

(WebKit::StorageAreaImpl::StorageAreaImpl):
(WebKit::StorageAreaImpl::length):
(WebKit::StorageAreaImpl::key):
(WebKit::StorageAreaImpl::item):
(WebKit::StorageAreaImpl::setItem):
(WebKit::StorageAreaImpl::removeItem):
(WebKit::StorageAreaImpl::clear):
(WebKit::StorageAreaImpl::contains):
(WebKit::StorageAreaImpl::importItems):
(WebKit::StorageAreaImpl::clearForOriginDeletion):
(WebKit::StorageAreaImpl::sessionChanged):

  • Storage/StorageAreaImpl.h:
1:37 PM Changeset in webkit [276658] by pvollan@apple.com
  • 3 edits in trunk/Source/WebKit

Enforce IOKit filtering
https://bugs.webkit.org/show_bug.cgi?id=223937
<rdar://problem/76271551>

Reviewed by Brent Fulgham.

Enforce IOKit method filtering based on telemetry. This patch also adds IOKit method telemetry for some Apple Silicion
IOKit classes, which were overlooked in the first telemetry phase.

  • Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:
  • WebProcess/com.apple.WebProcess.sb.in:
1:28 PM Changeset in webkit [276657] by Aditya Keerthi
  • 184 edits in trunk

[iOS][FCR] Add borders for better control visibility
https://bugs.webkit.org/show_bug.cgi?id=225058
<rdar://problem/77161616>

Reviewed by Sam Weinig.

Source/WebCore:

The solid gray backgrounds of new form controls have poor visibility on
site's that have gray-ish backgrounds or draw the controls on top of
a gray area. To fix this, borders are added to all controls to ensure
visibility no matter the background.

The border color is the system background color. This means the border
is invisible on white backgrounds in light mode, and dark backgrounds
in dark mode, ensuring the controls match UIKit styles on backgrounds
where they are guaranteed to be visible. However, these borders are
visible when the page/area background has a similar color to the control
background, improving control visibility.

To paint the borders, a mix of UA stylesheet changes and custom painting
changes are used. This approach is taken to maintain our existing level
of stylability. UA stylesheet changes were applied to controls that
specified a "1px solid black" border in the old design. The border is
now brought back, but with a different color. For controls that have
always had completely custom painting (independent of styles), the
border is painted by the theme.

  • css/html.css:

Specify a "1px solid -webkit-control-background" border on controls
that previously (pre-redesign) specified a border in the UA stylesheet.

  • css/legacyFormControlsIOS.css:

(select:focus):

Move the <select> focus style into the legacy stylesheet, since it
should not apply to the new design.

  • rendering/RenderThemeIOS.mm:

(WebCore::RenderThemeIOS::paintCheckbox):

Paint the checkbox border inside the painting rect, and inset the
actual checkbox by the border. This is necessary, checkboxes use
"box-sizing: border-box", and we do not want to increase the overall
size of checkboxes for compatibility reasons.

(WebCore::RenderThemeIOS::paintRadio):

Painted in a similar manner as checkboxes.

(WebCore::RenderThemeIOS::paintProgressBarWithFormControlRefresh):
(WebCore::RenderThemeIOS::paintMeter):
(WebCore::RenderThemeIOS::paintSliderTrackWithFormControlRefresh):

Slider tracks are already inset by the border size, so we can just
draw a border in the available area.

LayoutTests:

Rebaselined tests to account for changes in appearance.

  • accessibility/ios-simulator/unobscured-content-rect-expected.txt:
  • accessibility/ios-simulator/unobscured-content-rect.html:
  • editing/editable-region/search-field-basic-expected.txt:
  • fast/forms/date/date-input-rendering-basic-expected.txt:
  • fast/forms/date/date-pseudo-elements-expected.txt:
  • fast/forms/ios/form-control-refresh/checkbox/border.html:

Specify a border style, so that the border applies. Note that this test
is currently failing on internal bots.

  • fast/forms/ios/form-control-refresh/checkbox/subpixel-clipping-expected-mismatch.html:
  • fast/forms/ios/form-control-refresh/checkbox/subpixel-clipping.html:

Add a green background so that the (white) border is visible.

  • fast/forms/ios/form-control-refresh/radio/border.html:
  • fast/forms/ios/form-control-refresh/radio/subpixel-clipping-expected-mismatch.html:
  • fast/forms/ios/form-control-refresh/radio/subpixel-clipping.html:
  • fast/forms/time/time-input-rendering-basic-expected.txt:
  • platform/ios-simulator/fast/forms/datalist/datalist-searchinput-appearance-expected.txt:
  • platform/ios-wk2/compositing/contents-opaque/control-layer-expected.txt:
  • platform/ios-wk2/editing/pasteboard/4641033-expected.txt:
  • platform/ios-wk2/editing/pasteboard/4944770-1-expected.txt:
  • platform/ios-wk2/editing/pasteboard/4944770-2-expected.txt:
  • platform/ios-wk2/editing/selection/caret-before-select-expected.txt:
  • platform/ios-wk2/fast/block/margin-collapse/103-expected.txt:
  • platform/ios-wk2/fast/forms/basic-buttons-expected.txt:
  • platform/ios-wk2/fast/forms/targeted-frame-submission-expected.txt:
  • platform/ios-wk2/fast/overflow/scroll-nested-positioned-layer-in-overflow-expected.txt:
  • platform/ios-wk2/fast/overflow/scrollRevealButton-expected.txt:
  • platform/ios-wk2/fast/parser/document-write-option-expected.txt:
  • platform/ios-wk2/fast/spatial-navigation/snav-multiple-select-focusring-expected.txt:
  • platform/ios-wk2/imported/w3c/web-platform-tests/css/css-pseudo/file-chooser-button-display-toggle-crash.tentative-expected.txt:
  • platform/ios-wk2/imported/w3c/web-platform-tests/html/rendering/widgets/baseline-alignment-and-overflow.tentative-expected.txt:
  • platform/ios-wk2/imported/w3c/web-platform-tests/html/rendering/widgets/button-layout/abspos-expected.txt:
  • platform/ios-wk2/imported/w3c/web-platform-tests/html/rendering/widgets/select-wrap-no-spill.optional-expected.txt:
  • platform/ios/css2.1/20110323/replaced-elements-001-expected.txt:
  • platform/ios/css3/flexbox/button-expected.txt:
  • platform/ios/editing/selection/3690703-2-expected.txt:
  • platform/ios/editing/selection/3690703-expected.txt:
  • platform/ios/editing/selection/3690719-expected.txt:
  • platform/ios/editing/selection/4397952-expected.txt:
  • platform/ios/editing/selection/5240265-expected.txt:
  • platform/ios/editing/selection/replaced-boundaries-3-expected.txt:
  • platform/ios/editing/selection/select-box-expected.txt:
  • platform/ios/editing/selection/select-element-paragraph-boundary-expected.txt:
  • platform/ios/editing/selection/selection-button-text-expected.txt:
  • platform/ios/fast/block/float/float-avoidance-expected.txt:
  • platform/ios/fast/block/positioning/inline-block-relposition-expected.txt:
  • platform/ios/fast/css/continuationCrash-expected.txt:
  • platform/ios/fast/css/focus-ring-exists-for-search-field-expected.txt:
  • platform/ios/fast/css/input-search-padding-expected.txt:
  • platform/ios/fast/css/margin-top-bottom-dynamic-expected.txt:
  • platform/ios/fast/css/rtl-ordering-expected.txt:
  • platform/ios/fast/css/text-input-with-webkit-border-radius-expected.txt:
  • platform/ios/fast/css/text-overflow-input-expected.txt:
  • platform/ios/fast/css/text-transform-select-expected.txt:
  • platform/ios/fast/dom/HTMLTableColElement/resize-table-using-col-width-expected.txt:
  • platform/ios/fast/dom/HTMLTextAreaElement/reset-textarea-expected.txt:
  • platform/ios/fast/dynamic/positioned-movement-with-positioned-children-expected.txt:
  • platform/ios/fast/forms/001-expected.txt:
  • platform/ios/fast/forms/003-expected.txt:
  • platform/ios/fast/forms/004-expected.txt:
  • platform/ios/fast/forms/basic-selects-expected.txt:
  • platform/ios/fast/forms/blankbuttons-expected.txt:
  • platform/ios/fast/forms/box-shadow-override-expected.txt:
  • platform/ios/fast/forms/button-align-expected.txt:
  • platform/ios/fast/forms/button-cannot-be-nested-expected.txt:
  • platform/ios/fast/forms/button-default-title-expected.txt:
  • platform/ios/fast/forms/button-generated-content-expected.txt:
  • platform/ios/fast/forms/button-positioned-expected.txt:
  • platform/ios/fast/forms/button-sizes-expected.txt:
  • platform/ios/fast/forms/button-style-color-expected.txt:
  • platform/ios/fast/forms/button-table-styles-expected.txt:
  • platform/ios/fast/forms/button-text-transform-expected.txt:
  • platform/ios/fast/forms/button-white-space-expected.txt:
  • platform/ios/fast/forms/control-clip-expected.txt:
  • platform/ios/fast/forms/control-clip-overflow-expected.txt:
  • platform/ios/fast/forms/control-restrict-line-height-expected.txt:
  • platform/ios/fast/forms/disabled-select-change-index-expected.txt:
  • platform/ios/fast/forms/file/file-input-direction-expected.txt:
  • platform/ios/fast/forms/file/file-input-disabled-expected.txt:
  • platform/ios/fast/forms/form-element-geometry-expected.txt:
  • platform/ios/fast/forms/formmove3-expected.txt:
  • platform/ios/fast/forms/hidden-listbox-expected.txt:
  • platform/ios/fast/forms/input-appearance-height-expected.txt:
  • platform/ios/fast/forms/input-button-sizes-expected.txt:
  • platform/ios/fast/forms/input-first-letter-expected.txt:
  • platform/ios/fast/forms/input-value-expected.txt:
  • platform/ios/fast/forms/listbox-bidi-align-expected.txt:
  • platform/ios/fast/forms/listbox-scrollbar-incremental-load-expected.txt:
  • platform/ios/fast/forms/listbox-width-change-expected.txt:
  • platform/ios/fast/forms/menulist-clip-expected.txt:
  • platform/ios/fast/forms/menulist-deselect-update-expected.txt:
  • platform/ios/fast/forms/menulist-narrow-width-expected.txt:
  • platform/ios/fast/forms/menulist-no-overflow-expected.txt:
  • platform/ios/fast/forms/menulist-option-wrap-expected.txt:
  • platform/ios/fast/forms/menulist-restrict-line-height-expected.txt:
  • platform/ios/fast/forms/menulist-separator-painting-expected.txt:
  • platform/ios/fast/forms/menulist-style-color-expected.txt:
  • platform/ios/fast/forms/menulist-width-change-expected.txt:
  • platform/ios/fast/forms/option-script-expected.txt:
  • platform/ios/fast/forms/option-strip-whitespace-expected.txt:
  • platform/ios/fast/forms/option-text-clip-expected.txt:
  • platform/ios/fast/forms/placeholder-pseudo-style-expected.txt:
  • platform/ios/fast/forms/search-cancel-button-style-sharing-expected.txt:
  • platform/ios/fast/forms/search-display-none-cancel-button-expected.txt:
  • platform/ios/fast/forms/search-input-rtl-expected.txt:
  • platform/ios/fast/forms/search/search-zoom-computed-style-height-expected.txt:
  • platform/ios/fast/forms/select-align-expected.txt:
  • platform/ios/fast/forms/select-background-none-expected.txt:
  • platform/ios/fast/forms/select-baseline-expected.txt:
  • platform/ios/fast/forms/select-block-background-expected.txt:
  • platform/ios/fast/forms/select-change-listbox-size-expected.txt:
  • platform/ios/fast/forms/select-change-listbox-to-popup-expected.txt:
  • platform/ios/fast/forms/select-change-popup-to-listbox-expected.txt:
  • platform/ios/fast/forms/select-dirty-parent-pref-widths-expected.txt:
  • platform/ios/fast/forms/select-disabled-appearance-expected.txt:
  • platform/ios/fast/forms/select-element-focus-ring-expected.txt:
  • platform/ios/fast/forms/select-empty-option-height-expected.txt:
  • platform/ios/fast/forms/select-initial-position-expected.txt:
  • platform/ios/fast/forms/select-list-box-with-height-expected.txt:
  • platform/ios/fast/forms/select-selected-expected.txt:
  • platform/ios/fast/forms/select-style-expected.txt:
  • platform/ios/fast/forms/select-visual-hebrew-expected.txt:
  • platform/ios/fast/forms/select-writing-direction-natural-expected.txt:
  • platform/ios/fast/forms/select/optgroup-rendering-expected.txt:
  • platform/ios/fast/forms/selectlist-minsize-expected.txt:
  • platform/ios/fast/forms/stuff-on-my-optgroup-expected.txt:
  • platform/ios/fast/html/details-replace-summary-child-expected.txt:
  • platform/ios/fast/html/details-replace-text-expected.txt:
  • platform/ios/fast/html/keygen-expected.txt:
  • platform/ios/fast/invalid/014-expected.txt:
  • platform/ios/fast/replaced/replaced-breaking-expected.txt:
  • platform/ios/fast/replaced/replaced-breaking-mixture-expected.txt:
  • platform/ios/fast/replaced/three-selects-break-expected.txt:
  • platform/ios/fast/replaced/width100percent-button-expected.txt:
  • platform/ios/fast/replaced/width100percent-menulist-expected.txt:
  • platform/ios/fast/replaced/width100percent-searchfield-expected.txt:
  • platform/ios/fast/selectors/064-expected.txt:
  • platform/ios/fast/table/append-cells2-expected.txt:
  • platform/ios/fast/table/remove-td-display-none-expected.txt:
  • platform/ios/fast/text/drawBidiText-expected.txt:
  • platform/ios/fast/text/international/bidi-listbox-atsui-expected.txt:
  • platform/ios/fast/text/international/bidi-listbox-expected.txt:
  • platform/ios/fast/text/international/bidi-menulist-expected.txt:
  • platform/ios/fast/text/international/hindi-spacing-expected.txt:
  • platform/ios/fast/text/international/pop-up-button-text-alignment-and-direction-expected.txt:
  • platform/ios/svg/custom/foreign-object-skew-expected.txt:
  • platform/ios/svg/custom/inline-svg-in-xhtml-expected.txt:
  • platform/ios/tables/mozilla/bugs/bug1188-expected.txt:
  • platform/ios/tables/mozilla/bugs/bug1318-expected.txt:
  • platform/ios/tables/mozilla/bugs/bug138725-expected.txt:
  • platform/ios/tables/mozilla/bugs/bug18359-expected.txt:
  • platform/ios/tables/mozilla/bugs/bug2479-2-expected.txt:
  • platform/ios/tables/mozilla/bugs/bug2479-3-expected.txt:
  • platform/ios/tables/mozilla/bugs/bug2479-4-expected.txt:
  • platform/ios/tables/mozilla/bugs/bug26178-expected.txt:
  • platform/ios/tables/mozilla/bugs/bug28928-expected.txt:
  • platform/ios/tables/mozilla/bugs/bug29326-expected.txt:
  • platform/ios/tables/mozilla/bugs/bug33855-expected.txt:
  • platform/ios/tables/mozilla/bugs/bug39209-expected.txt:
  • platform/ios/tables/mozilla/bugs/bug4382-expected.txt:
  • platform/ios/tables/mozilla/bugs/bug4429-expected.txt:
  • platform/ios/tables/mozilla/bugs/bug44505-expected.txt:
  • platform/ios/tables/mozilla/bugs/bug46368-1-expected.txt:
  • platform/ios/tables/mozilla/bugs/bug46368-2-expected.txt:
  • platform/ios/tables/mozilla/bugs/bug51037-expected.txt:
  • platform/ios/tables/mozilla/bugs/bug51727-expected.txt:
  • platform/ios/tables/mozilla/bugs/bug52505-expected.txt:
  • platform/ios/tables/mozilla/bugs/bug52506-expected.txt:
  • platform/ios/tables/mozilla/bugs/bug60749-expected.txt:
  • platform/ios/tables/mozilla/bugs/bug68912-expected.txt:
  • platform/ios/tables/mozilla/bugs/bug7342-expected.txt:
  • platform/ios/tables/mozilla/bugs/bug92647-2-expected.txt:
  • platform/ios/tables/mozilla/bugs/bug96334-expected.txt:
  • platform/ios/tables/mozilla/collapsing_borders/bug41262-4-expected.txt:
  • platform/ios/tables/mozilla/core/margins-expected.txt:
  • platform/ios/tables/mozilla/dom/tableDom-expected.txt:
  • platform/ios/tables/mozilla/other/move_row-expected.txt:
  • platform/ios/tables/mozilla_expected_failures/bugs/bug1725-expected.txt:
  • platform/ios/tables/mozilla_expected_failures/bugs/bug2479-5-expected.txt:
  • platform/ios/tables/mozilla_expected_failures/bugs/bug58402-2-expected.txt:
  • platform/ios/tables/mozilla_expected_failures/collapsing_borders/bug41262-5-expected.txt:
  • platform/ios/tables/mozilla_expected_failures/collapsing_borders/bug41262-6-expected.txt:
  • platform/ios/transforms/2d/zoom-menulist-expected.txt:
1:04 PM Changeset in webkit [276656] by Alexey Shvayka
  • 98 edits
    7 adds in trunk

[WebIDL] window.CSS should be non-callable object with correct Symbol.toStringTag
https://bugs.webkit.org/show_bug.cgi?id=220855

Reviewed by Sam Weinig.

LayoutTests/imported/w3c:

  • web-platform-tests/console/idlharness.any-expected.txt:
  • web-platform-tests/console/idlharness.any.worker-expected.txt:
  • web-platform-tests/css/cssom/CSS-namespace-object-class-string-expected.txt:
  • web-platform-tests/css/cssom/idlharness-expected.txt:
  • web-platform-tests/resources/idlharness.js:

Sync from upstream 15ecbfebd504.

  • web-platform-tests/wasm/jsapi/idlharness.any-expected.txt:
  • web-platform-tests/wasm/jsapi/idlharness.any.worker-expected.txt:

Source/WebCore:

Although window.CSS is the only namespace object currently handled by code generator,
it's being extended by multiple Houdini specs [1], so keeping it generated is important.

This patch brings spec compliance [2] and web interop while striking a balance between
reducing generated code, avoiding indirection in the generator, and a small code diff.

Feature-wise, a namespace object is a subset of an interface; so instead of creating a
separate harness for it, like for callback interfaces, namespace objects are converted
to interfaces before being handed over to code generator, with a flag on.

While we can reduce the generated code even further, namely around subspaceForImpl(),
this change rather aligns namespace objects with [JSBuiltin] interfaces to avoid making
generator more complicated and introducing an interface with distinct set of methods.

Web-facing changes for window.CSS are:

  1. Removed Call? and Construct? methods, making typeof CSS return "object", which is used for feature detection (thus important for web interop).
  2. Removed "length" / "name" / "prototype" properties.
  3. Changed Prototype? value to %Object.prototype%.
  4. Added Symbol.toStringTag property with correct descriptor.

All of the above were proven web-compatible by Blink and Gecko.

Also, this patch limits the usage of NeedsConstructorProperty only to
%Interface%.prototype.constructor, as its name suggests.

[1] https://ishoudinireadyyet.com
[2] https://heycam.github.io/webidl/#namespace-object

Tests: imported/w3c/web-platform-tests/css/cssom/idlharness.html

imported/w3c/web-platform-tests/css/cssom/CSS-namespace-object-class-string.html

  • WebCore.xcodeproj/project.pbxproj:
  • bindings/js/JSDOMConstructorNotCallable.h: Added.

(WebCore::JSDOMConstructorNotCallable::subspaceFor):
(WebCore::JSDOMConstructorNotCallable::JSDOMConstructorNotCallable):
(WebCore::JSDOMConstructorNotCallable::initializeProperties):
(WebCore::JSDOMConstructorNotCallable<JSClass>::create):
(WebCore::JSDOMConstructorNotCallable<JSClass>::createStructure):
(WebCore::JSDOMConstructorNotCallable<JSClass>::finishCreation):

  • bindings/scripts/CodeGeneratorJS.pm:

(NeedsImplementationClass):
(GenerateHeader):
(GenerateImplementation):
(GeneratePrototypeDeclaration):
(GetConstructorTemplateClassName):
(GenerateConstructorHelperMethods):
(NeedsConstructorProperty):

  • bindings/scripts/IDLAttributes.json:
  • bindings/scripts/IDLParser.pm:

(convertNamespaceToInterface):
(Parse):
(parseNamespace):

  • bindings/scripts/preprocess-idls.pl:

(containsInterfaceOrCallbackInterfaceFromIDL):
(getInterfaceExtendedAttributesFromIDL):

  • bindings/scripts/test/JS/*: Updated.
  • css/DOMCSSNamespace+CSSPainting.idl:
  • css/DOMCSSNamespace+CSSPropertiesandValues.idl:
  • css/DOMCSSNamespace.idl:
12:49 PM Changeset in webkit [276655] by keith_miller@apple.com
  • 8 edits in trunk/Source/JavaScriptCore

StructureStubInfo and PolymorphicAccess should account for their non-GC memory
https://bugs.webkit.org/show_bug.cgi?id=225113

Reviewed by Mark Lam.

We don't pass the ConcurrentJSLocker to the helper methods here since the
DECLARE_VISIT_AGGREGATE macro does not allow for extra parameters to be passed.
I filed https://bugs.webkit.org/show_bug.cgi?id=225114 to track that.

  • bytecode/CodeBlock.cpp:

(JSC::CodeBlock::JITData::size const):

  • bytecode/PolymorphicAccess.cpp:

(JSC::PolymorphicAccess::extraMemoryInBytes const):

  • bytecode/PolymorphicAccess.h:
  • bytecode/StructureStubInfo.cpp:

(JSC::StructureStubInfo::extraMemoryInBytes):

  • bytecode/StructureStubInfo.h:
12:41 PM Changeset in webkit [276654] by Ryan Haddad
  • 2 edits in trunk/Tools

[ews] Configure bots for stress test queue
https://bugs.webkit.org/show_bug.cgi?id=225000

Reviewed by Aakash Jain.

  • CISupport/ews-build/config.json: Add ews181 and ews182.
12:02 PM Changeset in webkit [276653] by Chris Dumez
  • 14 edits in trunk/Source

Don't keep local storage data in memory in the NetworkProcess
https://bugs.webkit.org/show_bug.cgi?id=225065

Reviewed by Alex Christensen.

Source/WebCore:

  • platform/sql/SQLiteDatabase.h:
  • platform/sql/SQLiteFileSystem.h:

Export a couple more symbols.

  • storage/StorageMap.cpp:

(WebCore::StorageMap::clear):

  • storage/StorageMap.h:

Add a clear() function to StorageMap so that StorageArea doesn't reconstruct a
new StorageMap object unnecessarily when:

  • The StorageMap is not shared
  • The StorageMap is empty (and clear() is a no-op)

Source/WebKit:

When a WebPage would start to use the local storage API, the WebProcess
would send a sync IPC to the NetworkProcess to retrieve all the local
storage entries for the origin. The NetworkProcess would read those
entries from a SQLite database and send them back to the WebProcess.
Both the NetworkProcess would keep the entries in memory, in a
StorageMap object (which is basically a HashMap). On some sites, the
strings in the local storage may be very large. It is useful for the
WebProcess to keep them in memory for performance reasons, especially
considering that the Web API is synchronous. However, there is no real
need to keep them in memory in the Network Process side, especially
given that the WebProcess already has its own copy. On the network
process side, we can get rid of the StorageMap entirely in the local
storage case and 100% rely on the SQLite database. This is what this
patch implements.

A/B testing shows this is a 2-3% progression on Membuster. There does
not appear to be a meaningful progression on PLUM sadly. This is also
neutral on PLT.

  • NetworkProcess/WebStorage/LocalStorageDatabase.cpp:

(WebKit::estimateEntrySize):
(WebKit::LocalStorageDatabase::create):
(WebKit::LocalStorageDatabase::LocalStorageDatabase):
(WebKit::LocalStorageDatabase::openDatabase):
(WebKit::LocalStorageDatabase::tryToOpenDatabase):
(WebKit::LocalStorageDatabase::items const):
(WebKit::LocalStorageDatabase::removeItem):
(WebKit::LocalStorageDatabase::item const):
(WebKit::LocalStorageDatabase::setItem):
(WebKit::LocalStorageDatabase::clear):
(WebKit::LocalStorageDatabase::close):
(WebKit::LocalStorageDatabase::databaseIsEmpty const):
(WebKit::LocalStorageDatabase::openIfExisting):
(WebKit::LocalStorageDatabase::scopedStatement const):

  • NetworkProcess/WebStorage/LocalStorageDatabase.h:
  • Update LocalStorageDatabase API to match more closely the API of StorageMap. This way StorageArea can rely on the LocalStorageDatabase entirely instead of the StorageMap with minimal changes.
  • Add quota support similarly to what is done in StorageArea so that LocalStorageDatabase::setItem() fails when the quota is reached.
  • Cache the SQLiteStatements for performance reasons
  • NetworkProcess/WebStorage/LocalStorageNamespace.cpp:

(WebKit::LocalStorageNamespace::flushAndClose):
We no longer need to call syncToDatabase() before closing since
LocalStorageDatabase no longer has a queue on pending operations.

  • NetworkProcess/WebStorage/StorageArea.cpp:

(WebKit::StorageArea::StorageArea):
(WebKit::StorageArea::addListener):
(WebKit::StorageArea::removeListener):
(WebKit::StorageArea::setItem):
(WebKit::StorageArea::removeItem):
(WebKit::StorageArea::clear):
(WebKit::StorageArea::items const):
(WebKit::StorageArea::ensureDatabase const):

  • NetworkProcess/WebStorage/StorageArea.h:

If the StorageArea is used for local storage, we now don't even initialize
a StorageMap and rely entirely on LocalStorageDatabase. If the StorageArea
is used for session storage, we keep using a StorageMap since there is no
backing database. This is fairly straightforward because I updated the
LocalStorageDatabase API to match fairly closely the StorageMap one.

  • NetworkProcess/WebStorage/StorageManagerSet.cpp:

(WebKit::StorageManagerSet::waitUntilSyncingLocalStorageFinished):

Source/WebKitLegacy:

  • Storage/StorageAreaImpl.cpp:

(WebKit::StorageAreaImpl::clear):
(WebKit::StorageAreaImpl::clearForOriginDeletion):
Use the new StorageMap::clear() to avoid constructing a new StorageMap unnecessarily
when:

  • The StorageMap is not shared
  • The StorageMap is empty
11:52 AM Changeset in webkit [276652] by achristensen@apple.com
  • 6 edits in trunk

Unreviewed, reverting r275912.
rdar://77179042

Broke internal client

Reverted changeset:

"Remove support for NPAPI plugins in WebView"
https://bugs.webkit.org/show_bug.cgi?id=224449
https://commits.webkit.org/r275912

11:52 AM Changeset in webkit [276651] by Chris Dumez
  • 2 edits in trunk/Source/WebKit

[IPC Hardening] Make sure IPC::Decoder constructors consistently call markInvalid() when decoding fails
https://bugs.webkit.org/show_bug.cgi?id=225110
<rdar://76547775>

Reviewed by Darin Adler.

One of the IPC::Decoder constructors was failing to call markInvalid() after failing to
decoder the message name.

  • Platform/IPC/Decoder.cpp:

(IPC::m_destinationID):

11:50 AM Changeset in webkit [276650] by youenn@apple.com
  • 3 edits in trunk/Source/ThirdParty/libwebrtc

Disable WebRTC trace event macros
https://bugs.webkit.org/show_bug.cgi?id=225104
<rdar://76146558>

Reviewed by Eric Carlson.

We are not using trace events so we can disable them as a small optimization.

  • Configurations/libwebrtc.xcconfig:
  • Configurations/libwebrtcpcrtc.xcconfig:
11:39 AM Changeset in webkit [276649] by youenn@apple.com
  • 2 edits in trunk/Source/WebCore

SWContextManager::postMessageToServiceWorker should check for valid service worker
https://bugs.webkit.org/show_bug.cgi?id=225096
<rdar://76718162>

Reviewed by Chris Dumez.

There is no guarantee that serviceWorker is not null.
For instance UIProcess may ask WebProcess to terminate all service workers in parallel to network process sending a message to it.

  • workers/service/context/SWContextManager.cpp:

(WebCore::SWContextManager::postMessageToServiceWorker):

11:13 AM Changeset in webkit [276648] by Chris Dumez
  • 12 edits in trunk/Source

Ask LocalStorage database to free as much memory as possible on memory pressure
https://bugs.webkit.org/show_bug.cgi?id=225109

Reviewed by Geoffrey Garen.

Source/WebCore:

Add releaseMemory() function to SQLiteDatabase that calls sqlite3_db_release_memory()
to free as much memory as possible.

  • platform/sql/SQLiteDatabase.cpp:

(WebCore::SQLiteDatabase::releaseMemory):

  • platform/sql/SQLiteDatabase.h:

Source/WebKit:

Ask LocalStorage database to free as much memory as possible on memory pressure.
Some of the strings in the database can be large and we don't want SQLite to be
holding on to those for performance reason when we are under memory pressure.

This seems to be a ~1.75% improvement on PLUM/nytimes-home and a ~1% improvement
on PLUM/wikipedia, sadly not enough to show an impact on the overal PLUM score.

  • NetworkProcess/NetworkProcess.cpp:

(WebKit::NetworkProcess::lowMemoryHandler):

  • NetworkProcess/NetworkProcess.h:
  • NetworkProcess/WebStorage/LocalStorageDatabase.cpp:

(WebKit::LocalStorageDatabase::handleLowMemoryWarning):

  • NetworkProcess/WebStorage/LocalStorageDatabase.h:
  • NetworkProcess/WebStorage/StorageArea.cpp:

(WebKit::StorageArea::handleLowMemoryWarning):

  • NetworkProcess/WebStorage/StorageArea.h:
  • NetworkProcess/WebStorage/StorageManagerSet.cpp:

(WebKit::StorageManagerSet::handleLowMemoryWarning):

  • NetworkProcess/WebStorage/StorageManagerSet.h:
11:10 AM Changeset in webkit [276647] by Wenson Hsieh
  • 3 edits in trunk/LayoutTests

fast/events/ios/dragstart-on-image-by-long-pressing.html sometimes fails with a text diff
https://bugs.webkit.org/show_bug.cgi?id=225107
rdar://77048635

Reviewed by Darin Adler.

For some reason, when running this layout test in a newly created simulator, the drag cancel preview animation
will finish animating *just* before the "dragend" event is dispatched, which causes the test to fail with a text
diff due to the missing PASS Ended drag output.

Address this by making the test robust in both cases (where the animation ends before the page receives
"dragend" and vice versa) by only finishing the test when we've met both conditions.

  • fast/events/ios/dragstart-on-image-by-long-pressing-expected.txt:
  • fast/events/ios/dragstart-on-image-by-long-pressing.html:
10:40 AM Changeset in webkit [276646] by Angelos Oikonomopoulos
  • 2 edits in trunk/Tools

[JSC] Autoscale jobs for remote boards
https://bugs.webkit.org/show_bug.cgi?id=225100

Reviewed by Mark Lam.

When using --gnu-parallel-runner, let GNU parallel handle the number of jobs
unless the user has explicitly requested a specific number of remote processes.

Previously, run-jsc-stress-tests would set numChildProcesses by querying the
first remote, under the assumption that the remotes are homogeneous. The number
of jobs inferred by looking at the CPUs of the first remote may be
inappropriate for the rest of the remotes.

  • Scripts/run-jsc-stress-tests:
10:18 AM Changeset in webkit [276645] by don.olmstead@sony.com
  • 9 edits in trunk

[CMake] Don't use FORWARDING_HEADERS_DIR for GTK WebKit headers
https://bugs.webkit.org/show_bug.cgi?id=225006

Reviewed by Michael Catanzaro.

.:

Create CMake variables WebKit2Gtk_FRAMEWORK_HEADERS_DIR and WebKit2Gtk_DERIVED_SOURCES_DIR
to represent where the WebKit2 GTK headers and derived sources will reside. The names and
locations set then follow along with the conventions used for the other frameworks.

  • Source/cmake/OptionsGTK.cmake:

Source/WebInspectorUI:

Use WebKit2Gtk_FRAMEWORK_HEADERS_DIR and WebKit2Gtk_DERIVED_SOURCES_DIR for WebKit2 GTK
headers instead of FORWARDING_HEADERS_DIR and DERIVED_SOURCES_DIR.

  • PlatformGTK.cmake:

Source/WebKit:

Use WebKit2Gtk_FRAMEWORK_HEADERS_DIR and WebKit2Gtk_DERIVED_SOURCES_DIR for WebKit2 GTK
headers instead of FORWARDING_HEADERS_DIR and DERIVED_SOURCES_DIR.

  • PlatformGTK.cmake:

Tools:

Use WebKit2Gtk_FRAMEWORK_HEADERS_DIR and WebKit2Gtk_DERIVED_SOURCES_DIR for WebKit2 GTK
headers instead of FORWARDING_HEADERS_DIR and DERIVED_SOURCES_DIR.

  • MiniBrowser/gtk/CMakeLists.txt:
  • TestWebKitAPI/glib/PlatformGTK.cmake:
10:08 AM Changeset in webkit [276644] by Brent Fulgham
  • 10 edits in trunk/Source

[iOS] [GPU] The UI process should issue the mach sandbox extension to 'com.apple.AGXCompilerService'
https://bugs.webkit.org/show_bug.cgi?id=225004
<rdar://problem/68362930>

Reviewed by Darin Adler.

In Bug 203915 and Bug 210616 we did work to only extend access to AGX-related graphics facilities on relevant hardware. This was
lost in the transition to the GPU Process and should be added back.

Source/WebCore:

This change moves the definition of the AGX-related services and IOKit classes to the AGXCompilerService compilation unit so that
it can be shared by the WebContent and GPUProcess code paths.

Tested by existing graphics tests.

  • platform/cocoa/AGXCompilerService.cpp:

(WebCore::agxCompilerServices):
(WebCore::agxCompilerClasses):

  • platform/cocoa/AGXCompilerService.h:

Source/WebKit:

This change does the following:

  1. Adds sandbox extension handles for the AGX-related compiler services and IOKit classes to the GPUProcess creation parameters.
  2. Updates the GPUProcessProxy to extend AGX features when warranted and add them to the creation parameter structure.
  3. Updates the GPUProcess to consume the extensions (when granted).
  4. Updates the WebProcessPool to use the WebCore version of the 'agxCompilerClasses' and 'agxCompilerServices' functions.
  5. Moves the 'agxCompilerClasses' and 'agxCompilerServices' functions to WebCore, alongside the other AGX functions.

It also corrects the sandbox rule for the AGXCompilerService in the GPU Process sandbox, which incorrectly called it a 'global-name',
when it is an xpc-service.

Tested by existing graphics tests.

  • GPUProcess/GPUProcess.cpp:

(WebKit::GPUProcess::initializeGPUProcess):

  • GPUProcess/GPUProcessCreationParameters.cpp:

(WebKit::GPUProcessCreationParameters::encode const):
(WebKit::GPUProcessCreationParameters::decode):

  • GPUProcess/GPUProcessCreationParameters.h:
  • Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb: Correct AGX compiler service type.
  • UIProcess/Cocoa/WebProcessPoolCocoa.mm:

(WebKit::nonBrowserServices):
(WebKit::WebProcessPool::platformInitializeWebProcess):
(WebKit::agxCompilerClasses): Deleted.
(WebKit::agxCompilerServices): Deleted.

  • UIProcess/GPU/GPUProcessProxy.cpp:

(WebKit::GPUProcessProxy::GPUProcessProxy):

9:40 AM Changeset in webkit [276643] by graouts@webkit.org
  • 4 edits in trunk

Correctly interpolate stroke-dasharray in the discrete case
https://bugs.webkit.org/show_bug.cgi?id=225105

Reviewed by Antti Koivisto.

LayoutTests/imported/w3c:

Mark 3 WPT progressions.

  • web-platform-tests/web-animations/animation-model/animation-types/interpolation-per-property-002-expected.txt:

Source/WebCore:

  • animation/CSSPropertyAnimation.cpp:

(WebCore::blendFunc):

9:23 AM Changeset in webkit [276642] by Russell Epstein
  • 8 edits in branches/safari-611-branch/Source

Versioning.

WebKit-7611.2.6

9:18 AM Changeset in webkit [276641] by Chris Fleizach
  • 2 edits in trunk/Source/WebKit

AX: Smart invert>Safari>images & other colors improperly invert
https://bugs.webkit.org/show_bug.cgi?id=225077
<rdar://problem/77176061>

Reviewed by Alan Bujtas.

The invert colors property is gathered during the screen data collection phase.
So properly update the value in WebCore, we need to resend these properties when
accessibility settings change.

  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::accessibilitySettingsDidChange):

8:34 AM Changeset in webkit [276640] by Jonathan Bedard
  • 2 edits in trunk/Websites/bugs.webkit.org

Bugzilla needs to linkify identifiers (Part 2)
https://bugs.webkit.org/show_bug.cgi?id=224312
<rdar://problem/75845629>

Reviewed by Aakash Jain.

  • extensions/Commits/Extension.pm:

(bug_format_comment): Add regex to replace identifiers with a commits.webkit.org link.
(_replace_reference): This function replaces both revisions and identifiers.
(_replace_revision): Renamed _replace_reference.

8:29 AM Changeset in webkit [276639] by graouts@webkit.org
  • 4 edits in trunk

Fix animation of the visibility CSS property between "hidden" and "collapse"
https://bugs.webkit.org/show_bug.cgi?id=225103

Reviewed by Antti Koivisto.

LayoutTests/imported/w3c:

Mark 1 WPT progression.

  • web-platform-tests/web-animations/animation-model/animation-types/interpolation-per-property-002-expected.txt:

Source/WebCore:

The Web Animations spec details the special behavior when animating the visibility property
in https://drafts.csswg.org/web-animations-1/#animating-visibility. There it says that when
interpolating between non-visible values, we should use discrete interpolation formula.

  • animation/CSSPropertyAnimation.cpp:

(WebCore::blendFunc):

7:25 AM Changeset in webkit [276638] by graouts@webkit.org
  • 6 edits in trunk

Correctly specify interpolation of page-break-* properties
https://bugs.webkit.org/show_bug.cgi?id=225098

Reviewed by Antti Koivisto.

LayoutTests/imported/w3c:

Mark 15 WPT progressions.

  • web-platform-tests/web-animations/animation-model/animation-types/accumulation-per-property-002-expected.txt:
  • web-platform-tests/web-animations/animation-model/animation-types/addition-per-property-002-expected.txt:
  • web-platform-tests/web-animations/animation-model/animation-types/interpolation-per-property-002-expected.txt:

Source/WebCore:

As it turns out the page-break-* properties are shorthands of the break-* properties.

  • animation/CSSPropertyAnimation.cpp:

(WebCore::CSSPropertyAnimationWrapperMap::CSSPropertyAnimationWrapperMap):

7:06 AM Changeset in webkit [276637] by Alan Bujtas
  • 3 edits
    2 adds in trunk
[RenderTreeBuilder] ASSERTION FAILED: ancestor->style().columnSpan() != ColumnSpan::All
!isValidColumnSpanner(fragmentedFlow, *ancestor) in WebCore::isValidColumnSpanner

https://bugs.webkit.org/show_bug.cgi?id=225078
<rdar://76127681>

Reviewed by Antti Koivisto.

Source/WebCore:

MultiColumnBuilder::multiColumnDescendantInserted() expects up-to-date fragmentedFlowState on the newly inserted renderer.

Test: fast/multicol/nested-spanner-assert.html

  • rendering/updating/RenderTreeBuilder.cpp:

(WebCore::RenderTreeBuilder::normalizeTreeAfterStyleChange):
(WebCore::RenderTreeBuilder::childFlowStateChangesAndAffectsParentBlock):

LayoutTests:

  • fast/multicol/nested-spanner-assert-expected.txt: Added.
  • fast/multicol/nested-spanner-assert.html: Added.
7:02 AM Changeset in webkit [276636] by aakash_jain@apple.com
  • 4 edits in trunk/Tools

Rename slave to worker in TestFailures
https://bugs.webkit.org/show_bug.cgi?id=225079

Reviewed by Jonathan Bedard.

  • CISupport/build-webkit-org/public_html/TestFailures/scripts/Builder.js:
  • CISupport/build-webkit-org/public_html/TestFailures/scripts/builders_unittests.js:
  • CISupport/build-webkit-org/public_html/TestFailures/scripts/results_unittests.js:
4:50 AM Changeset in webkit [276635] by commit-queue@webkit.org
  • 5 edits
    1 delete in trunk

[Flatpak SDK] Direct AVIF loading does not work.
https://bugs.webkit.org/show_bug.cgi?id=222867

Patch by Philippe Normand <pnormand@igalia.com> on 2021-04-27
Reviewed by Michael Catanzaro.

Source/WebKit:

  • NetworkProcess/soup/NetworkDataTaskSoup.cpp:

(WebKit::NetworkDataTaskSoup::didGetFileInfo): Use mime-type reported for local files by gio
only as a last resort. Our MIMETypeRegistry is more reliable in these cases.

Tools/buildstream:

  • elements/sdk-platform.bst:
  • elements/sdk/intltool.bst: Removed.
  • elements/sdk/shared-mime-info.bst: Bump to version 2.1 which has support for detecting AVIF bitstreams.
3:15 AM Changeset in webkit [276634] by svillar@igalia.com
  • 4 edits in trunk

[css-flexbox] percent children don't resolve against the flex basis on a fully inflexible item with fixed flex-basis
https://bugs.webkit.org/show_bug.cgi?id=210478

Reviewed by Darin Adler.

Source/WebCore:

Flexbox spec defines some additional cases where sizes could be considered definite despite they are
actually indefinite. One of those cases is whenever we have a fully inflexible item with a definite
flex-basis. In that case we should allow desdendants of flex item to resolve against the post-flexing
size of the flex item which is basically the value of the definite flex-basis. Note that in the majority
of cases those percentages are resolved before flexing the item and not recomputed after that.

  • rendering/RenderFlexibleBox.cpp:

(WebCore::RenderFlexibleBox::useChildOverridingMainSizeForPercentageResolution): let descendants of
fully inflexible flex items with definite flex-basis to resolve against the post-flexing size. Also added
some documentation because that part of the code is far from obvious for the casual reader.

LayoutTests:

3:04 AM Changeset in webkit [276633] by youenn@apple.com
  • 13 edits in trunk/Source

Add memory allocation checks in more realtime audio capture/rendering places
https://bugs.webkit.org/show_bug.cgi?id=224750

Reviewed by Eric Carlson.

Source/WebCore:

Add FastMalloc macros to catch memory allocation in audio sensitive threads.
Update LibWebRTCAudioModule and RealtimeIncomingAudioSourceCocoa to not rely on Function creation but rely on Timer for large audio gap logging.
Update BaseAudioSharedUnit to not allocate a vector each time an audio sample is captured.

Covered by existing tests.

  • platform/mediastream/RealtimeIncomingAudioSource.h:
  • platform/mediastream/libwebrtc/LibWebRTCAudioModule.cpp:

(WebCore::LibWebRTCAudioModule::LibWebRTCAudioModule):
(WebCore::LibWebRTCAudioModule::StartPlayout):
(WebCore::LibWebRTCAudioModule::StopPlayout):
(WebCore::LibWebRTCAudioModule::logTimerFired):
(WebCore::LibWebRTCAudioModule::computeDelayUntilNextPolling):
(WebCore::LibWebRTCAudioModule::pollAudioData):

  • platform/mediastream/libwebrtc/LibWebRTCAudioModule.h:
  • platform/mediastream/mac/AudioMediaStreamTrackRendererCocoa.cpp:

(WebCore::AudioMediaStreamTrackRendererCocoa::pushSamples):

  • platform/mediastream/mac/BaseAudioSharedUnit.cpp:

(WebCore::BaseAudioSharedUnit::addClient):
(WebCore::BaseAudioSharedUnit::removeClient):
(WebCore::BaseAudioSharedUnit::audioSamplesAvailable):

  • platform/mediastream/mac/BaseAudioSharedUnit.h:
  • platform/mediastream/mac/RealtimeIncomingAudioSourceCocoa.cpp:

(WebCore::RealtimeIncomingAudioSourceCocoa::RealtimeIncomingAudioSourceCocoa):
(WebCore::RealtimeIncomingAudioSourceCocoa::startProducingData):
(WebCore::RealtimeIncomingAudioSourceCocoa::stopProducingData):
(WebCore::RealtimeIncomingAudioSourceCocoa::logTimerFired):
(WebCore::RealtimeIncomingAudioSourceCocoa::OnData):

  • platform/mediastream/mac/RealtimeIncomingAudioSourceCocoa.h:

Source/WebKit:

  • UIProcess/Cocoa/UserMediaCaptureManagerProxy.cpp:
  • WebProcess/GPU/webrtc/AudioMediaStreamTrackRenderer.cpp:

(WebKit::AudioMediaStreamTrackRenderer::pushSamples):
(WebKit::AudioMediaStreamTrackRenderer::storageChanged):

1:11 AM Changeset in webkit [276632] by Angelos Oikonomopoulos
  • 3 edits in trunk/JSTests

[JSC] Skip tests failing on Loongson 3A4000
https://bugs.webkit.org/show_bug.cgi?id=225091

Reviewed by Yusuke Suzuki.

This new hardware is much faster when it comes to running JSC tests (and
hopefully more reliable than the ci20 boards currently in use), so skip the
couple of tests that fail, so that we can test the Loongson box in production.

  • ChakraCore.yaml:
  • stress/arguments-properties-order.js:
12:42 AM Changeset in webkit [276631] by commit-queue@webkit.org
  • 3 edits
    2 adds in trunk

Check globalObject for null
https://bugs.webkit.org/show_bug.cgi?id=223793

Patch by Rob Buis <rbuis@igalia.com> on 2021-04-27
Reviewed by Youenn Fablet.

Source/WebCore:

Check globalObject for null in RTCRtpSFrameTransform::createStreams
before deferencing.

Test: http/tests/webrtc/sframe-transform-write.html

  • Modules/mediastream/RTCRtpSFrameTransform.cpp:

(WebCore::RTCRtpSFrameTransform::createStreams):

LayoutTests:

  • http/tests/webrtc/sframe-transform-write-expected.txt: Added.
  • http/tests/webrtc/sframe-transform-write.html: Added.
12:36 AM Changeset in webkit [276630] by commit-queue@webkit.org
  • 3 edits
    2 adds in trunk

[MathML] Assertion failure in RenderTreeNeedsLayoutChecker
https://bugs.webkit.org/show_bug.cgi?id=224903

Patch by Frédéric Wang <fwang@igalia.com> on 2021-04-27
Reviewed by Alan Bujtas.

Source/WebCore:

After r226180, RenderMathMLRow no longer performs layout of its "embellished operator"
children only its core <mo> descendant, which is causing dirty layout.

Test: mathml/vertical-embellished-op-dirty-layout.html

  • rendering/mathml/RenderMathMLRow.cpp:

(WebCore::RenderMathMLRow::stretchVerticalOperatorsAndLayoutChildren): always layout the
"embellished operator" child, after its core <mo>.

LayoutTests:

Add regression test with all vertical embellished operators (other than <mo>) supported
by WebKit.

  • mathml/vertical-embellished-op-dirty-layout-expected.txt: Added.
  • mathml/vertical-embellished-op-dirty-layout.html: Added.

Apr 26, 2021:

11:19 PM Changeset in webkit [276629] by commit-queue@webkit.org
  • 3 edits
    2 adds in trunk

Remove rounding logic in RenderGeometryMap::mapContainer
https://bugs.webkit.org/show_bug.cgi?id=218577

Patch by Rob Buis <rbuis@igalia.com> on 2021-04-26
Reviewed by Simon Fraser.

Source/WebCore:

Remove rounding logic in RenderGeometryMap::mapContainer and
add the LayoutSize to FloatPoint using FloatPoint::move() to
match what is done in TransformState::translateMappedCoordinates.

Test: fast/layers/geometry-map-accumulated-offset-assert.html

  • platform/graphics/transforms/TransformState.cpp:

(WebCore::TransformState::translateMappedCoordinates):

  • rendering/RenderGeometryMap.cpp:

(WebCore::RenderGeometryMap::mapToContainer const):

LayoutTests:

Add test for this.

  • fast/layers/geometry-map-accumulated-offset-assert-expected.txt: Added.
  • fast/layers/geometry-map-accumulated-offset-assert.html: Added.
10:44 PM Changeset in webkit [276628] by Manuel Rego Casasnovas
  • 13 edits
    2 adds in trunk

REGRESSION (r276264): Reproducible crash in WebCore::UserActionElementSet::clearFlags
https://bugs.webkit.org/show_bug.cgi?id=224957

Reviewed by Ryosuke Niwa.

Source/WebCore:

The crash was due to a problem with the focus and focus-visible flags getting out of sync.
The problem was related to how we deal we script focus in Element::focus(),
we were setting the focus-visible flag before doing focus,
and if the element was moved to a different document in that process,
we were resetting the flag for the same element, but pointing to the new document.
So the old document still kept information about the element and the flag, and it shouldn't.

This patch is based on a patch by Ryosuke Niwa <rniwa@webkit.org>.
The approach to solve the issue is to consolidate the timing for both focus and focus-visible flags
so they don't get out of sync.
For that we add a new FocusVisibility enum to FocusOptions, and we pass it to Element::setFocus()
and use it to pass a different value to Element::setHasFocusVisible().

Test: fast/selectors/focus-visible-crash.html

  • dom/Document.cpp:

(WebCore::Document::setFocusedElement):

  • dom/Element.cpp:

(WebCore::Element::setFocus):
(WebCore::Element::focus):

  • dom/Element.h:
  • dom/FocusOptions.h:
  • html/HTMLAreaElement.cpp:

(WebCore::HTMLAreaElement::setFocus):

  • html/HTMLAreaElement.h:
  • html/HTMLFrameElementBase.cpp:

(WebCore::HTMLFrameElementBase::setFocus):

  • html/HTMLFrameElementBase.h:
  • page/EventHandler.cpp:

(WebCore::EventHandler::internalKeyEvent):

  • page/FocusController.cpp:

(WebCore::FocusController::advanceFocusInDocumentOrder):

  • page/FrameView.cpp:

(WebCore::FrameView::scrollToFragmentInternal):

LayoutTests:

  • fast/selectors/focus-visible-crash-expected.txt: Added.
  • fast/selectors/focus-visible-crash.html: Added.
10:31 PM Changeset in webkit [276627] by commit-queue@webkit.org
  • 8 edits
    2 adds in trunk

Create a containing block when relevant properties are set in the current element will-change
https://bugs.webkit.org/show_bug.cgi?id=167868

Patch by Tim Nguyen <ntim@apple.com> on 2021-04-26
Reviewed by Alan Bujtas.

Per spec, any CSS property that is susceptible to create a containing block should create one when put on the
current element's will-change.

Relevant WPT are enabled.

Test: fast/css/will-change/will-change-creates-containing-block.html

LayoutTests/imported/w3c:

  • web-platform-tests/css/css-box/parsing/padding-computed-expected.txt:

Source/WebCore:

  • rendering/RenderElement.h:

(WebCore::RenderElement::canContainFixedPositionObjects const):
(WebCore::RenderElement::canContainAbsolutelyPositionedObjects const):

  • rendering/style/WillChangeData.cpp:

(WebCore::WillChangeData::createsContainingBlockForOutOfFlowPositioned const):

  • rendering/style/WillChangeData.h:

LayoutTests:

  • TestExpectations:
  • fast/css/will-change/will-change-creates-containing-block-expected.html: Added.
  • fast/css/will-change/will-change-creates-containing-block.html: Added.
7:59 PM Changeset in webkit [276626] by Wenson Hsieh
  • 30 edits in trunk

Subdivide image overlay text into one or more elements per line
https://bugs.webkit.org/show_bug.cgi?id=225038
rdar://75505043

Reviewed by Tim Horton and Devin Rousso.

Source/WebCore:

Refactor some image extraction and image overlay code to allow for multiple elements containing text per line.
See comments below for more details.

Changes covered by augmenting existing layout tests.

  • html/HTMLElement.cpp:

(WebCore::HTMLElement::updateWithImageExtractionResult):

The crux of this change is in this method. Currently, an image overlay has one or more div elements underneath
the root container element, each of which represents a single line (i.e. contains a text node and a line break).
Instead, we make each of these line container divs contain one or more div elements that represent further
subdivided text within each line.

See the corresponding additions patch for more details.

  • html/shadow/imageOverlay.css:

(div#image-overlay):
(div.image-overlay-line, .image-overlay-text):
(.image-overlay-text::selection):

Adjust UA stylesheet to account for the changes in updateWithImageExtractionResult.

(div.image-overlay-text): Deleted.
(div.image-overlay-text::selection): Deleted.

  • platform/ImageExtractionResult.h:

(WebCore::ImageExtractionTextData::ImageExtractionTextData):
(WebCore::ImageExtractionLineData::ImageExtractionLineData):
(WebCore::ImageExtractionLineData::encode const):
(WebCore::ImageExtractionLineData::decode):

Refactor this data structure, by splitting it into ImageExtractionLineData and ImageExtractionTextData.

(WebCore::ImageExtractionResult::isEmpty const):
(WebCore::ImageExtractionResult::encode const):
(WebCore::ImageExtractionResult::decode):

  • platform/graphics/FloatPoint.h:

(WebCore::FloatPoint::rotate):

Add a helper method to rotate a 2D FloatPoint by a given angle, about a given point.

  • platform/graphics/GeometryUtilities.cpp:

(WebCore::rotatedBoundingRectWithMinimumAngleOfRotation):
(WebCore::rotatedBoundingRect): Deleted.

  • platform/graphics/GeometryUtilities.h:
  • testing/Internals.cpp:

(WebCore::getQuad):
(WebCore::makeDataForLine):
(WebCore::Internals::installImageOverlay):

  • testing/Internals.h:
  • testing/Internals.idl:

Adjust this internal testing hook to accept a list of ImageOverlayLine dictionaries, each of which contains a
list of ImageOverlayText dictionaries.

Tools:

Adjust several existing layout tests after changing internals.installImageOverlay. See WebCore ChangeLog for
more details. Additionally, rename a WebCore geometry helper method.

  • TestWebKitAPI/Tests/WebCore/FloatQuadTests.cpp:

(TestWebKitAPI::TEST):

  • TestWebKitAPI/Tests/WebKit/simple-image-overlay.html:

LayoutTests:

Adjust several existing layout tests after changing internals.installImageOverlay. See WebCore ChangeLog for
more details.

  • fast/images/image-extraction/basic-image-overlay.html:
  • fast/images/image-extraction/click-link-with-image-overlay.html:
  • fast/images/image-extraction/image-overlay-creation-is-idempotent.html:
  • fast/images/image-extraction/image-overlay-in-image-with-zero-font-size.html:
  • fast/images/image-extraction/image-overlay-with-selection-styles-expected.html:
  • fast/images/image-extraction/image-overlay-with-selection-styles.html:
  • fast/images/image-extraction/ios/reselect-word-in-image-overlay.html:
  • fast/images/image-extraction/ios/select-word-in-image-overlay-inside-link.html:
  • fast/images/image-extraction/ios/select-word-in-image-overlay.html:
  • fast/images/image-extraction/ios/selection-rects-in-image-overlay.html:
  • fast/images/image-extraction/mac/copy-image-overlay-text-with-context-menu.html:
  • fast/images/image-extraction/mac/select-image-overlay-in-link-with-mouse-drag.html:
  • fast/images/image-extraction/mac/select-image-overlay-with-mouse-drag-does-not-fire-click.html:
  • fast/images/image-extraction/mac/select-image-overlay-with-mouse-drag.html:
  • fast/images/image-extraction/mac/select-word-in-draggable-image-overlay.html:
  • fast/images/image-extraction/mac/select-word-in-transparent-image-overlay.html:
6:09 PM Changeset in webkit [276625] by keith_miller@apple.com
  • 3 edits in trunk/Source/JavaScriptCore

UnlinkedCodeBlock should have better accounting for extra memory
https://bugs.webkit.org/show_bug.cgi?id=225080

Reviewed by Mark Lam.

Right now we aren't telling the JS GC about the extra memory
attached to UnlinkedCodeBlocks. It looks like on at least some sites this
can be a fairly large percentage of the total memory retained by
the JS object graph. This is very similar to the change we made for
CodeBlocks in r276610.

  • bytecode/UnlinkedCodeBlock.cpp:

(JSC::UnlinkedCodeBlock::visitChildrenImpl):
(JSC::UnlinkedCodeBlock::RareData::sizeInBytes const):

  • bytecode/UnlinkedCodeBlock.h:
5:34 PM Changeset in webkit [276624] by ChangSeok Oh
  • 2 edits in trunk/LayoutTests

Enable AVIF tests for glib platforms
https://bugs.webkit.org/show_bug.cgi?id=225039

Reviewed by Philippe Normand.

This change enables avif tests for glib based platforms.

  • platform/glib/TestExpectations:
5:23 PM Changeset in webkit [276623] by commit-queue@webkit.org
  • 6 edits in trunk/Source/WebKit

Add more eager OOB checks when creating DisplayListReaderHandle & DisplayListWriterHandle.
https://bugs.webkit.org/show_bug.cgi?id=225055
<rdar://71896663>

Patch by Tim Nguyen <ntim@apple.com> on 2021-04-26
Reviewed by Wenson Hsieh.

There were already some OOB checks for both classes, this revision adds checks at creation-time.
Also add a comment on top of SharedDisplayListHandle.h to mention that only subclasses use it.

  • GPUProcess/graphics/DisplayListReaderHandle.h:

(WebKit::DisplayListReaderHandle::create):

  • GPUProcess/graphics/RemoteRenderingBackend.cpp:

(WebKit::RemoteRenderingBackend::didCreateSharedDisplayListHandle):

  • Shared/SharedDisplayListHandle.h:

(WebKit::SharedDisplayListHandle::SharedDisplayListHandle):

  • WebProcess/GPU/graphics/DisplayListWriterHandle.h:

(WebKit::DisplayListWriterHandle::create):

  • WebProcess/GPU/graphics/RemoteRenderingBackendProxy.cpp:

(WebKit::RemoteRenderingBackendProxy::createItemBuffer):

5:20 PM Changeset in webkit [276622] by Alan Coon
  • 8 edits in branches/safari-612.1.11-branch/Source

Versioning.

WebKit-7612.1.11.7

5:04 PM Changeset in webkit [276621] by achristensen@apple.com
  • 58 edits in trunk/Source

Consistently include headers with <Framework/Header.h>
https://bugs.webkit.org/show_bug.cgi?id=225067

Reviewed by Alexey Proskuryakov.

Source/WebCore:

When building with CMake, if a header is included as <Framework/Header.h> in some files
and "Header.h" in others, when compiling a cpp file in the same directory as Header.h,
there doesn't seem to be a way to tell it to include from the Framework directory before
searching the same directory as the cpp file. To solve this, we use consistent include style
for each header.

  • editing/cocoa/DictionaryLookup.mm:
  • platform/graphics/avfoundation/objc/AVOutputDeviceMenuControllerTargetPicker.mm:
  • platform/graphics/avfoundation/objc/AVRoutePickerViewTargetPicker.mm:
  • platform/graphics/avfoundation/objc/MediaPlaybackTargetPickerMac.mm:
  • platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
  • platform/graphics/cocoa/GraphicsContextGLOpenGLCocoa.mm:
  • platform/graphics/cocoa/IOSurface.mm:
  • platform/mac/PlatformScreenMac.mm:
  • testing/Internals.cpp:

Source/WebKit:

  • Shared/API/Cocoa/_WKRenderingProgressEventsInternal.h:
  • Shared/API/Cocoa/_WKSameDocumentNavigationTypeInternal.h:
  • UIProcess/API/Cocoa/NSAttributedString.mm:
  • UIProcess/API/Cocoa/WKBrowsingContextGroupInternal.h:
  • UIProcess/API/Cocoa/WKConnectionInternal.h:
  • UIProcess/API/Cocoa/WKNavigationDataInternal.h:
  • UIProcess/API/Cocoa/WKScriptMessage.mm:
  • UIProcess/API/Cocoa/WKSecurityOriginInternal.h:
  • UIProcess/API/Cocoa/WKWebView.mm:
  • UIProcess/API/Cocoa/WKWebViewConfiguration.mm:
  • UIProcess/API/Cocoa/WKWebViewConfigurationInternal.h:
  • UIProcess/API/Cocoa/WKWebViewInternal.h:
  • UIProcess/API/Cocoa/WKWebpagePreferences.mm:
  • UIProcess/API/Cocoa/WKWebpagePreferencesInternal.h:
  • UIProcess/API/Cocoa/_WKActivatedElementInfoInternal.h:
  • UIProcess/API/Cocoa/_WKAttachment.mm:
  • UIProcess/API/Cocoa/_WKAttachmentInternal.h:
  • UIProcess/API/Cocoa/_WKAuthenticatorResponseInternal.h:
  • UIProcess/API/Cocoa/_WKInspectorConfiguration.mm:
  • UIProcess/API/Cocoa/_WKThumbnailView.mm:
  • UIProcess/API/Cocoa/_WKUserContentFilterInternal.h:
  • UIProcess/API/Cocoa/_WKWebAuthenticationPanelForTesting.h:
  • UIProcess/API/Cocoa/_WKWebAuthenticationPanelInternal.h:
  • UIProcess/API/mac/WKWebViewMac.h:
  • UIProcess/API/mac/WKWebViewMac.mm:
  • UIProcess/Cocoa/MediaUtilities.h:
  • UIProcess/Cocoa/PageClientImplCocoa.mm:
  • UIProcess/Cocoa/SOAuthorization/PopUpSOAuthorizationSession.mm:
  • UIProcess/Cocoa/SOAuthorization/SOAuthorizationSession.mm:
  • UIProcess/Cocoa/UIDelegate.mm:
  • UIProcess/Cocoa/WKContactPicker.mm:
  • UIProcess/Cocoa/WKShareSheet.mm:
  • UIProcess/Cocoa/WKWebViewContentProviderRegistry.mm:
  • UIProcess/Cocoa/WebViewImpl.h:
  • UIProcess/Cocoa/WebViewImpl.mm:
  • UIProcess/Inspector/mac/RemoteWebInspectorUIProxyMac.mm:
  • UIProcess/Inspector/mac/WKInspectorViewController.mm:
  • UIProcess/WebAuthentication/Cocoa/WebAuthenticationPanelClient.mm:
  • UIProcess/ios/WKContentViewInteraction.h:
  • UIProcess/mac/HighPerformanceGPUManager.mm:
  • WebProcess/InjectedBundle/API/Cocoa/WKWebProcessPlugInFrameInternal.h:
  • WebProcess/InjectedBundle/API/Cocoa/WKWebProcessPlugInFramePrivate.h:
  • WebProcess/InjectedBundle/API/Cocoa/WKWebProcessPlugInNodeHandle.mm:
  • WebProcess/InjectedBundle/API/Cocoa/WKWebProcessPlugInNodeHandlePrivate.h:
  • WebProcess/InjectedBundle/API/Cocoa/WKWebProcessPlugInRangeHandleInternal.h:
  • WebProcess/InjectedBundle/API/mac/WKDOMInternals.h:
  • WebProcess/InjectedBundle/API/mac/WKDOMTextIterator.mm:
4:42 PM Changeset in webkit [276620] by Kate Cheney
  • 8 edits
    1 add in trunk

ResourceLoadStatisticsDatabaseStore::aggregatedThirdPartyData() hangs for a long time
https://bugs.webkit.org/show_bug.cgi?id=225063
<rdar://problem/76248557>

Reviewed by Brent Fulgham.

Source/WebKit:

Unique index values speed up sqlite database queries, and prevent
repeated entries in tables without primary keys. Its possible to
get into a state where some tables in the ITP database do not have index
values. We should check on open if the database has index values, and
create them if not. This may require migrating existing data and
removing repeated entries.

  • NetworkProcess/Classifier/ResourceLoadStatisticsDatabaseStore.cpp:

Remove semi-colons in CREATE UNIQUE INDEX queries. They aren't needed
and if we remove them we can use these constexpr values to check for
the correct stored index later on.

(WebKit::stripIndexQueryToMatchStoredValue):
We use CREATE UNIQUE INDEX IF NOT EXISTS to avoid an error if the
unique index already exists, but the value is stored in the database
without the "IF NOT EXISTS" portion. In order to check for correct
values we need to strip this out.

(WebKit::expectedTableAndIndexQueries):
(WebKit::ResourceLoadStatisticsDatabaseStore::checkForMissingTablesInSchema):
(WebKit::ResourceLoadStatisticsDatabaseStore::currentTableAndIndexQueries):
Return the schema and index for a given table. If the index is empty
that means SQLite created an automatic index and we should return
WTF::nullopt.

(WebKit::ResourceLoadStatisticsDatabaseStore::needsUpdatedPrivateClickMeasurementSchema):
(WebKit::ResourceLoadStatisticsDatabaseStore::missingUniqueIndices):
(WebKit::ResourceLoadStatisticsDatabaseStore::missingReferenceToObservedDomains):
(WebKit::ResourceLoadStatisticsDatabaseStore::needsUpdatedSchema):
(WebKit::insertDistinctValuesInTableQuery):
Since unique indices prevent repeat entries, tables without them might
have repeated entries. We need to select only one of each entry to
migrate to the new tables. This picks the one with the most recent
lastUpdated time.

(WebKit::ResourceLoadStatisticsDatabaseStore::migrateDataToNewTablesIfNecessary):
(WebKit::ResourceLoadStatisticsDatabaseStore::addMissingTablesIfNecessary):
(WebKit::ResourceLoadStatisticsDatabaseStore::createUniqueIndices):
This fix revealed an index that is never created. I added it here.

(WebKit::ResourceLoadStatisticsDatabaseStore::isCorrectSubStatisticsCount):

  • NetworkProcess/Classifier/ResourceLoadStatisticsDatabaseStore.h:
  • UIProcess/API/Cocoa/WKWebsiteDataStore.mm:

(-[WKWebsiteDataStore _isRelationshipOnlyInDatabaseOnce:thirdParty:completionHandler:]):

  • UIProcess/API/Cocoa/WKWebsiteDataStorePrivate.h:

Convert SPI previously only used for layout tests to be used for an
API test where we can load a database with repeated values to ensure
the migration is correct after my change.

Tools:

Test coverage. Currently API testing is the only way to test data
migration and schema changes in the ITP database because we can load
a pre-seeded database and check the correct values after migration.
We should add some ability for unit testing in the future.

  • TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
  • TestWebKitAPI/Tests/WebKitCocoa/ResourceLoadStatistics.mm:

(TEST):

4:42 PM Changeset in webkit [276619] by Ben Nham
  • 5 edits in trunk/Source

Reduce memory footprint for background tabs
https://bugs.webkit.org/show_bug.cgi?id=225007

Reviewed by Chris Dumez.

When a WebContent process contains only non-visible pages (e.g. if it is a background tab),
we should attempt to reduce our memory footprint after some time interval to help relieve
system-wide memory pressure. This is enabled only on Mac because iOS already does something
similar just before WebContent suspends.

Source/WebKit:

  • WebProcess/WebProcess.cpp:

(WebKit::WebProcess::pageDidEnterWindow):
(WebKit::WebProcess::pageWillLeaveWindow):
(WebKit::WebProcess::nonVisibleProcessGraphicsCleanupTimerFired):
(WebKit::WebProcess::nonVisibleProcessMemoryCleanupTimerFired):
(WebKit::WebProcess::nonVisibleProcessCleanupTimerFired): Deleted.

  • WebProcess/WebProcess.h:

Source/WTF:

  • wtf/PlatformEnableCocoa.h:
4:04 PM Changeset in webkit [276618] by Ben Nham
  • 2 edits in trunk/Source/WebKit

Handle warning-level memory notifications more aggressively
https://bugs.webkit.org/show_bug.cgi?id=225008

Reviewed by Chris Dumez.

We've found that in some workloads, the critical-level memory pressure handler releases
significantly more memory than the warning-level memory pressure handler. On Macs, it is
likely that the memory pressure coincides with swapping. So when we get even a warning-level
notification from the OS, we should err on the side of releasing more memory to help relieve
the swapping state. To do this, treat warning level notifications the same as critical level
notifications on Mac if the WebProcess is in the background.

  • WebProcess/WebProcess.cpp:

(WebKit::WebProcess::initializeWebProcess):

3:37 PM Changeset in webkit [276617] by Alan Bujtas
  • 2 edits in trunk/LayoutTests

[ Win ] fast/text/line-break-with-locale.html is failing on Windows
https://bugs.webkit.org/show_bug.cgi?id=225074
<rdar://problem/77174542>

Unreviewed test gardening.

  • platform/win/TestExpectations:
2:54 PM Changeset in webkit [276616] by Nikita Vasilyev
  • 5 edits in trunk/Source/WebInspectorUI

Web Inspector: Audit Tab: Edits are not committed when leaving edit mode unless you first click into another text field
https://bugs.webkit.org/show_bug.cgi?id=224318
<rdar://problem/76382755>

Reviewed by Devin Rousso.

Save test and setup code when pressing "Done" button. Don't rely on the blur event because it doesn't fire on
the focused element when it's removed from the DOM.

  • UserInterface/Models/AuditTestBase.js:

(WI.AuditTestBase.prototype.set setup):

  • UserInterface/Models/AuditTestCase.js:

(WI.AuditTestCase.prototype.set test):
Allow setting test and setup after editing is finished.

  • UserInterface/Views/AuditTestCaseContentView.js:

(WI.AuditTestCaseContentView.prototype.layout):
(WI.AuditTestCaseContentView.prototype.saveEditedData):

  • UserInterface/Views/AuditTestContentView.js:

(WI.AuditTestContentView.prototype.detached):
Saving test on detached saves it when selecting a different test in the navigation sidebar.

(WI.AuditTestContentView.prototype.saveEditedData):
(WI.AuditTestContentView.prototype._createSetupEditor):
(WI.AuditTestContentView.prototype._handleEditingChanged):
(WI.AuditTestContentView):

2:44 PM Changeset in webkit [276615] by achristensen@apple.com
  • 4 edits
    1 add in trunk/Source/WebCore/PAL

Add missing SPI declarations
https://bugs.webkit.org/show_bug.cgi?id=225061

Reviewed by Alexey Proskuryakov.

  • PAL.xcodeproj/project.pbxproj:
  • pal/cocoa/CryptoKitCBridgingSoftLink.h:
  • pal/spi/cocoa/CryptoKitCBridgingSPI.h: Added.
  • pal/spi/mac/DataDetectorsSPI.h:
2:37 PM Changeset in webkit [276614] by achristensen@apple.com
  • 17 edits in trunk

Update Mac-specific CMake files
https://bugs.webkit.org/show_bug.cgi?id=225064

Rubber-stamped by Tim Horton.

.:

  • Source/cmake/OptionsMac.cmake:
  • Source/cmake/WebKitCommon.cmake:

Source/JavaScriptCore:

  • PlatformMac.cmake:

Source/ThirdParty/ANGLE:

  • PlatformMac.cmake:

Source/WebCore:

  • PlatformMac.cmake:

Source/WebCore/PAL:

  • pal/PlatformMac.cmake:

Source/WebKit:

  • PlatformMac.cmake:

Source/WebKitLegacy:

  • PlatformMac.cmake:

Tools:

  • MiniBrowser/mac/CMakeLists.txt:
2:31 PM Changeset in webkit [276613] by aakash_jain@apple.com
  • 2 edits in trunk/Tools

[ews-app] Status bubble should only display important messages in pop-over - part 4
https://bugs.webkit.org/show_bug.cgi?id=225076

Reviewed by Jonathan Bedard.

  • CISupport/ews-app/ews/views/statusbubble.py:

(StatusBubble):

2:03 PM Changeset in webkit [276612] by mark.lam@apple.com
  • 3 edits
    1 add in trunk

%TypedArray%.prototype.sort() should not use a regular array as a temp buffer.
https://bugs.webkit.org/show_bug.cgi?id=225062
rdar://77021547

Reviewed by Yusuke Suzuki.

JSTests:

  • stress/typedarray-sort-should-not-use-a-regular-array-as-temp-buffer.js: Added.

Source/JavaScriptCore:

%TypedArray%.prototype.sort() should not be affected by property changes in
Array.prototype.

References:
[1] https://tc39.es/ecma262/#sec-%typedarray%.prototype.sort
[2] https://tc39.es/ecma262/#sec-array.prototype.sort
[3] https://tc39.es/ecma262/#sec-sortcompare

  • builtins/TypedArrayPrototype.js:

(globalPrivate.typedArrayMergeSort):

2:01 PM Changeset in webkit [276611] by Said Abou-Hallawa
  • 2 edits in trunk/Source/WebCore

Remove redundant frameDetached() from the SVGImage destructor
https://bugs.webkit.org/show_bug.cgi?id=221616
<rdar://problem/74149106>

Reviewed by Chris Dumez.

SVGImage was originally written such that it has two separate objects:
a page and a frame; see https://trac.webkit.org/r18470. So it made sense
at that time to clean up the page and the frame separately. The Frame
was cleaned up by telling the frame's loader that the frameDetached().

This code is not necessary right now since the page owns the main frame.
And its destructor recursively detaches itself from all the frames.

  • svg/graphics/SVGImage.cpp:

(WebCore::SVGImage::~SVGImage):

1:22 PM Changeset in webkit [276610] by keith_miller@apple.com
  • 6 edits in trunk/Source

CodeBlock should do a better job accounting for extra memory it allocates.
https://bugs.webkit.org/show_bug.cgi?id=225068

Reviewed by Mark Lam.

Source/JavaScriptCore:

Right now we aren't telling the JS GC about the extra memory
attached to CodeBlocks. It looks like on at least some sites this
can be a fairly large percentage of the total memory retained by
the JS object graph.

  • bytecode/CodeBlock.cpp:

(JSC::CodeBlock::visitChildren):
(JSC::CodeBlock::JITData::size const):

  • bytecode/CodeBlock.h:
  • jit/JITCodeMap.h:

(JSC::JITCodeMap::memorySize const):

Source/WTF:

Small convenience function to help compute the memory used by a Bag for JS GC
accounting.

  • wtf/Bag.h:
1:20 PM Changeset in webkit [276609] by keith_miller@apple.com
  • 19 edits in trunk/Source/JavaScriptCore

numCalleeLocals, numParameters, and numVars should be unsigned
https://bugs.webkit.org/show_bug.cgi?id=224995

Reviewed by Mark Lam.

All of the various CodeBlock classes currently have the
numCalleeLocals and numVars marked as ints. I believe this is just
a historical artifact or because VirtualRegister's offset is an
int to make handling constants easier. Regardless, it's a bit
strange to not handle the sign conversion at the point of
comparison between a VirtualRegister offset and the local/var
count. This doesn't completely fix every place we use ints for
these values but starts on the right track. Lastly, I also added
some Check<unsigned>s to the wasm parser for sanity checking.

  • bytecode/CodeBlock.cpp:

(JSC::CodeBlock::setNumParameters):
(JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeIndexSlow):

  • bytecode/CodeBlock.h:

(JSC::CodeBlock::numParameters const):
(JSC::CodeBlock::numberOfArgumentsToSkip const):
(JSC::CodeBlock::numCalleeLocals const):
(JSC::CodeBlock::numVars const):
(JSC::CodeBlock::numTmps const):
(JSC::CodeBlock::addressOfNumParameters):
(JSC::CodeBlock::isTemporaryRegister):

  • bytecode/UnlinkedCodeBlock.h:

(JSC::UnlinkedCodeBlock::numCalleeLocals const):
(JSC::UnlinkedCodeBlock::numVars const):

  • bytecode/UnlinkedCodeBlockGenerator.h:

(JSC::UnlinkedCodeBlockGenerator::numCalleeLocals const):
(JSC::UnlinkedCodeBlockGenerator::numVars const):
(JSC::UnlinkedCodeBlockGenerator::setNumCalleeLocals):
(JSC::UnlinkedCodeBlockGenerator::setNumVars):
(JSC::UnlinkedCodeBlockGenerator::setNumParameters):

  • bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::generate):
(JSC::BytecodeGenerator::emitPushFunctionNameScope):

  • bytecompiler/BytecodeGeneratorBaseInlines.h:

(JSC::BytecodeGeneratorBase<Traits>::newRegister):

  • dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::handleRecursiveTailCall):
(JSC::DFG::ByteCodeParser::inliningCost):
(JSC::DFG::ByteCodeParser::parseBlock):

  • dfg/DFGOSREntrypointCreationPhase.cpp:

(JSC::DFG::OSREntrypointCreationPhase::run):

  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::checkArgumentTypes):

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::lower):

  • ftl/FTLOSREntry.cpp:

(JSC::FTL::prepareOSREntry):

  • interpreter/CallFrameClosure.h:
  • interpreter/ProtoCallFrameInlines.h:

(JSC::ProtoCallFrame::init):

  • jit/JIT.cpp:

(JSC::JIT::compileWithoutLinking):

  • runtime/CommonSlowPaths.h:

(JSC::CommonSlowPaths::numberOfStackPaddingSlots):
(JSC::CommonSlowPaths::numberOfStackPaddingSlotsWithExtraSlots):

  • wasm/WasmFunctionCodeBlock.h:

(JSC::Wasm::FunctionCodeBlock::numVars const):
(JSC::Wasm::FunctionCodeBlock::numCalleeLocals const):
(JSC::Wasm::FunctionCodeBlock::setNumVars):
(JSC::Wasm::FunctionCodeBlock::setNumCalleeLocals):

  • wasm/WasmLLIntGenerator.cpp:

(JSC::Wasm::LLIntGenerator::push):
(JSC::Wasm::LLIntGenerator::getDropKeepCount):
(JSC::Wasm::LLIntGenerator::walkExpressionStack):
(JSC::Wasm::LLIntGenerator::checkConsistency):
(JSC::Wasm::LLIntGenerator::materializeConstantsAndLocals):
(JSC::Wasm::LLIntGenerator::splitStack):
(JSC::Wasm::LLIntGenerator::finalize):
(JSC::Wasm::LLIntGenerator::callInformationForCaller):
(JSC::Wasm::LLIntGenerator::addLoop):
(JSC::Wasm::LLIntGenerator::addTopLevel):
(JSC::Wasm::LLIntGenerator::addBlock):
(JSC::Wasm::LLIntGenerator::addIf):
(JSC::Wasm::LLIntGenerator::addElseToUnreachable):

1:03 PM Changeset in webkit [276608] by Russell Epstein
  • 1 copy in tags/Safari-612.1.11.6

Tag Safari-612.1.11.6.

12:46 PM Changeset in webkit [276607] by Fujii Hironori
  • 2 edits in trunk/Source/WebCore

REGRESSION(r272379) [Win] Some emojis are painted with a blank square on the right side of it
https://bugs.webkit.org/show_bug.cgi?id=225047

Reviewed by Don Olmstead.

imported/w3c/web-platform-tests/mathml/relations/css-styling tests cover this change.

  • platform/graphics/WidthIterator.cpp:

(WebCore::WidthIterator::advanceInternal): Don't add the 0 glyphs for Windows too.

11:44 AM Changeset in webkit [276606] by Russell Epstein
  • 1 copy in tags/Safari-607.3.12

Tag Safari-607.3.12.

11:42 AM Changeset in webkit [276605] by Russell Epstein
  • 3 edits
    5 adds in branches/safari-607-branch

Cherry-pick r271368. rdar://problem/77160704

Keep newly created IDBIndex objects in deleted map when IDBTransaction is aborted
https://bugs.webkit.org/show_bug.cgi?id=220489
<rdar://problem/70498831>

Patch by Sihui Liu <sihui_liu@appe.com> on 2021-01-11
Reviewed by Youenn Fablet.

Source/WebCore:

When an upgrade transaction is aborted, we move objects from m_deletedIndexes to m_referencedIndexes to revert
the index deletion operation. When updating m_referencedIndexes, we did not check whether key already exists.
Therefore, some indexes in m_referencedIndexes would be replaced and destroyed (since m_referencedIndexes holds
unique pointers) when the index is still referenced by JS.

Tests: storage/indexeddb/modern/abort-index-info-private.html

storage/indexeddb/modern/abort-index-info.html

  • Modules/indexeddb/IDBObjectStore.cpp: (WebCore::IDBObjectStore::rollbackForVersionChangeAbort):

LayoutTests:

  • storage/indexeddb/modern/abort-index-info-expected.txt: Added.
  • storage/indexeddb/modern/abort-index-info-private-expected.txt: Added.
  • storage/indexeddb/modern/abort-index-info-private.html: Added.
  • storage/indexeddb/modern/abort-index-info.html: Added.
  • storage/indexeddb/modern/resources/abort-index-info.js: Added. (prepareDatabase): (versionChangeSuccessCallback.secondRequest.onerror): (versionChangeSuccessCallback): (secondUpgradeNeeded): (checkState):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@271368 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:12 AM Changeset in webkit [276604] by Aditya Keerthi
  • 3 edits in trunk/LayoutTests

REGRESSION: fast/forms/ios/ipad/open-picker-using-keyboard.html is timing out
https://bugs.webkit.org/show_bug.cgi?id=225053
<rdar://problem/77042251>

Reviewed by Wenson Hsieh.

Update the test to account for the fact that <select> elements now
present a context menu rather than a popover.

  • fast/forms/ios/ipad/open-picker-using-keyboard-expected.txt:
  • fast/forms/ios/ipad/open-picker-using-keyboard.html:
11:08 AM Changeset in webkit [276603] by Devin Rousso
  • 4 edits in trunk/Source/WebInspectorUI

Web Inspector: Audit: Uncaught Exception: Failed to execute 'delete' on 'IDBObjectStore': The parameter is not a valid key range.
https://bugs.webkit.org/show_bug.cgi?id=224993

Reviewed by BJ Burg.

  • UserInterface/Controllers/AuditManager.js:

(WI.AuditManager.prototype.async processJSON):
(WI.AuditManager.prototype.async addTest):

  • UserInterface/Views/AuditNavigationSidebarPanel.js:

(WI.AuditNavigationSidebarPanel.prototype.willDismissPopover):

  • UserInterface/Views/AuditTreeElement.js:

(WI.AuditTreeElement.prototype.populateContextMenu):
Make sure to save any newly created audits not already in WI.objectStores.audits immediately
so that if the developer tries to delete it before exiting Edit mode (which is normally when
everything is saved) an exception isn't thrown about it not being in WI.objectStores.audits.

10:45 AM Changeset in webkit [276602] by Chris Gambrell
  • 87 edits
    8 adds
    13 deletes in trunk/LayoutTests

[LayoutTests] Convert http/tests/resources convert PHP to Python
https://bugs.webkit.org/show_bug.cgi?id=224622
<rdar://problem/76727052>

Reviewed by Jonathan Bedard.

  • http/tests/appcache/fallback.html:
  • http/tests/appcache/main-resource-fallback-for-network-error-crash.html:
  • http/tests/appcache/main-resource-hash.html:
  • http/tests/appcache/main-resource-redirect.html:
  • http/tests/appcache/multi-fallback.html:
  • http/tests/appcache/non-html.xhtml:
  • http/tests/appcache/offline-access.html:
  • http/tests/appcache/remove-cache.html:
  • http/tests/appcache/resources/fail-on-update-2.py:
  • http/tests/appcache/resources/fail-on-update.py:
  • http/tests/appcache/resources/fallback.manifest:
  • http/tests/appcache/resources/main-resource-redirect-frame.py:
  • http/tests/appcache/resources/main-resource-redirect.manifest:
  • http/tests/appcache/resources/multi-fallback.manifest:
  • http/tests/appcache/resources/non-html.manifest:
  • http/tests/appcache/resources/offline-access-frame.html:
  • http/tests/appcache/resources/offline-access.js:

(test):

  • http/tests/appcache/resources/offline-access.manifest:
  • http/tests/appcache/resources/remove-cache.py:
  • http/tests/cache/network-error-during-revalidation.html:
  • http/tests/cache/resources/network-error-during-revalidation-frame.html:
  • http/tests/cache/subresource-fragment-identifier.html:
  • http/tests/cookies/same-site/fetch-after-navigating-iframe-in-cross-origin-page.html:
  • http/tests/cookies/same-site/fetch-after-top-level-navigation-initiated-from-iframe-in-cross-origin-page.html:
  • http/tests/cookies/same-site/fetch-in-cross-origin-iframe.html:
  • http/tests/css/border-image-loading.html:
  • http/tests/css/css-image-loading.html:
  • http/tests/css/css-image-valued-shape.html:
  • http/tests/css/font-face-src-loading.html:
  • http/tests/css/mask-image-loading.html:
  • http/tests/css/reflection-mask-image-loading.html:
  • http/tests/css/resources/request-logging.js:

(ResourceLogging.CallCommand):

  • http/tests/css/vertical-align-baseline-after-image-load-2-expected.html:
  • http/tests/css/vertical-align-baseline-after-image-load-2.html:
  • http/tests/css/vertical-align-baseline-after-image-load-3-expected.html:
  • http/tests/css/vertical-align-baseline-after-image-load-3.html:
  • http/tests/css/vertical-align-baseline-after-image-load-expected.html:
  • http/tests/css/vertical-align-baseline-after-image-load.html:
  • http/tests/fetch/clone-response-body.html:
  • http/tests/fetch/closing-while-fetching.html:
  • http/tests/fetch/fetch-cors-with-referrer.html:
  • http/tests/fetch/fetching-same-resource-with-different-options-expected.txt:
  • http/tests/fetch/fetching-same-resource-with-different-options.html:
  • http/tests/fetch/get-response-body-while-loading.html:
  • http/tests/images/decode-slow-load-static-image.html:
  • http/tests/images/draw-pattern-slow-load-large-image.html:
  • http/tests/images/gif-progressive-load.html:
  • http/tests/images/image-supports-video.html:
  • http/tests/images/jpeg-partial-load.html:
  • http/tests/images/loading-image-border.html:
  • http/tests/images/loading-image-no-border.html:
  • http/tests/images/mp4-partial-load.html:
  • http/tests/images/png-partial-load-no-alpha.html:
  • http/tests/images/png-partial-load.html:
  • http/tests/images/png-progressive-load.html:
  • http/tests/images/webp-partial-load.html:
  • http/tests/images/webp-progressive-load.html:
  • http/tests/loading/preload-img-test.html:
  • http/tests/local/fileapi/file-last-modified-using-open-panel.html:
  • http/tests/local/fileapi/file-last-modified.html:
  • http/tests/local/fileapi/resources/temp-file-utils.js:

(createTempFile):
(touchTempFile):
(removeTempFile):

  • http/tests/local/link-stylesheet-load-order-preload.html:
  • http/tests/local/link-stylesheet-load-order.html:
  • http/tests/media/track/track-webvtt-slow-loading-2.html:
  • http/tests/media/track/track-webvtt-slow-loading.html:
  • http/tests/misc/repeat-open-cancel.html:
  • http/tests/navigation/pending-location-change-assert.html:
  • http/tests/preload/delaying_onload_link_preload_after_discovery_image.html:
  • http/tests/preload/dynamic_remove_preload_href.html:
  • http/tests/preload/not_delaying_window_onload_before_discovery.html:
  • http/tests/preload/not_evicting_preload_at_onload.html:
  • http/tests/resources/basic-auth.php: Removed.
  • http/tests/resources/digest-auth: Removed.
  • http/tests/resources/download-json-with-delay.php: Removed.
  • http/tests/resources/download-json-with-delay.py: Added.
  • http/tests/resources/echo-iframe-src.php: Removed.
  • http/tests/resources/echo-iframe-src.py: Added.
  • http/tests/resources/file-last-modified.php: Removed.
  • http/tests/resources/file-last-modified.py: Added.
  • http/tests/resources/load-and-stall.php: Removed.
  • http/tests/resources/load-and-stall.py: Added.
  • http/tests/resources/network-simulator.php: Removed.
  • http/tests/resources/network-simulator.py: Added.

(temp_path_base):
(generate_no_cache_http_header):
(content_type):
(generate_response):
(handle_increate_resource_count_command):
(handle_reset_resource_count_command):
(handle_get_resource_count_command):
(handle_start_resource_requests_log):
(handle_get_resource_requests_log):
(handle_log_resource_request):

  • http/tests/resources/portabilityLayer.py:

(set_state):

  • http/tests/resources/redirect-to-video-if-accepted.php: Removed.
  • http/tests/resources/redirect-to-video-if-accepted.py: Added.
  • http/tests/resources/reset-temp-file.php: Removed.
  • http/tests/resources/reset-temp-file.py:
  • http/tests/resources/slow-image.php: Removed.
  • http/tests/resources/slow-image.py: Added.
  • http/tests/resources/slow-notify-done.php: Removed.
  • http/tests/resources/slow-notify-done.py: Added.
  • http/tests/resources/touch-temp-file.php: Removed.
  • http/tests/resources/touch-temp-file.py:
  • http/tests/resources/write-temp-file.php: Removed.
  • http/tests/resources/write-temp-file.py:
  • http/tests/security/XFrameOptions/x-frame-options-ancestors-same-origin-allow.html:
  • http/tests/security/resources/allow-if-origin.py:
  • http/tests/swipe/swipe-back-with-outstanding-load-cancellation.html:
  • http/tests/xmlhttprequest/resources/access-control-basic-preflight-cache-invalidation.py:
  • http/tests/xmlhttprequest/resources/access-control-basic-preflight-cache-timeout.py:
  • http/tests/xmlhttprequest/resources/access-control-basic-preflight-cache.py:
  • http/tests/xmlhttprequest/resources/access-control-preflight-denied-xsrf.py:
  • http/tests/xmlhttprequest/resources/no-custom-header.py:
  • http/tests/xmlhttprequest/resources/redirect-cross-origin-tripmine.py:
  • http/tests/xmlhttprequest/resources/remember-bad-password/count-failures.py:
  • http/tests/xmlhttprequest/state-after-network-error.html:
10:38 AM Changeset in webkit [276601] by Russell Epstein
  • 2 edits in branches/safari-607-branch/Source/JavaScriptCore

Cherry-pick r276527. rdar://problem/77160646

[YARR Interpreter] Improper backtrack of parentheses with non-zero based greedy quantifiers
https://bugs.webkit.org/show_bug.cgi?id=224983

Reviewed by Mark Lam.

When we backtrack a parentheses with a greedy non zero based quantifier,
we don't properly restore for the case where we hadn't reached the minimum count.
We now save the input position on entry and restore it when we backtrack for
this case. We also properly release the allocated ParenthesesDisjunctionContext's.

  • yarr/YarrInterpreter.cpp: (JSC::Yarr::Interpreter::matchParentheses): (JSC::Yarr::Interpreter::backtrackParentheses):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@276527 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:38 AM Changeset in webkit [276600] by Russell Epstein
  • 2 edits in branches/safari-607-branch/Source/JavaScriptCore

Cherry-pick r276524. rdar://problem/77160578

Fix B3 strength reduction for shl.
https://bugs.webkit.org/show_bug.cgi?id=224913
rdar://76978874

Reviewed by Michael Saboff.

If the operation can potentially either underflow or overflow, then the result
can be any value.

  • b3/B3ReduceStrength.cpp:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@276524 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:36 AM Changeset in webkit [276599] by Ruben Turcios
  • 8 edits in branches/safari-612.1.11-branch/Source

Versioning.

WebKit-7612.1.11.6

10:35 AM Changeset in webkit [276598] by Aditya Keerthi
  • 4 edits in trunk

REGRESSION (r271861): [iOS] Accessory bar navigation to elements outside the viewport fails
https://bugs.webkit.org/show_bug.cgi?id=224980
<rdar://problem/77042311>

Reviewed by Wenson Hsieh.

Source/WebKit:

r271861 introduced logic to prevent obscured elements from being
focusable using the accessory bar, using hit testing. However, it also
prevented elements outside the viewport from participating in accessory
bar navigation.

To fix, include HitTestRequest::IgnoreClipping in the hit test request
options. This ensures that hit test requests are not clipped to the
viewport.

Note that this behavior is covered by an existing test, but the test
only failed on smaller devices.

  • WebProcess/WebPage/ios/WebPageIOS.mm:

(WebKit::isObscuredElement):

LayoutTests:

  • fast/forms/ios/accessory-bar-navigation.html:

Increase the space between input elements, so that the second input is
positioned out of the viewport on larger devices.

10:32 AM Changeset in webkit [276597] by don.olmstead@sony.com
  • 3 edits in trunk/Tools

[CMake] Modernize WebKit GLib testing
https://bugs.webkit.org/show_bug.cgi?id=225052

Reviewed by Adrian Perez de Castro.

Set values on targets directly rather than the older add_definitions and
include_directories style. Clean up the code and format it properly.

A NO_GTEST_USAGE definition is used to prevent gtest from being included when an alternate
testing framework is used.

  • TestWebKitAPI/config.h:
  • TestWebKitAPI/glib/CMakeLists.txt:
10:26 AM Changeset in webkit [276596] by don.olmstead@sony.com
  • 2 edits in trunk

[PlayStation] Fix build break after r276368
https://bugs.webkit.org/show_bug.cgi?id=225056

Reviewed by Ross Kirsling.

Ensure that the OpenGL::GLES target is created.

  • Source/cmake/OptionsPlayStation.cmake:
9:33 AM Changeset in webkit [276595] by Russell Epstein
  • 7 edits in branches/safari-607-branch/Source

Versioning.

WebKit-7607.3.12

9:30 AM Changeset in webkit [276594] by Alexey Shvayka
  • 3 edits in trunk/Source/WebCore

[WebIDL] Remove [CallNamedSetterOnlyForSupportedProperties] extended attribute
https://bugs.webkit.org/show_bug.cgi?id=225049

Reviewed by Sam Weinig.

It was part of the old CSSStyleDeclaration named getter implementation,
which was removed in r275808.

No new tests, no behavior change.

  • bindings/scripts/CodeGeneratorJS.pm:

(GenerateInvokeNamedPropertySetter):
(GeneratePut):
(GeneratePutByIndex):
(GenerateDefineOwnProperty):

  • bindings/scripts/IDLAttributes.json:
9:14 AM Changeset in webkit [276593] by don.olmstead@sony.com
  • 10 edits in trunk

Fix includes for some GTK/GLib headers
https://bugs.webkit.org/show_bug.cgi?id=225020

Reviewed by Adrian Perez de Castro.

Source/WebKit:

An include was assuming Source/WebKit as its root.

  • UIProcess/API/glib/WebKitInitialize.cpp:

Tools:

Update include paths to use their correct <> path.

  • TestWebKitAPI/Tests/WebKitGLib/TestInputMethodContext.cpp:
  • TestWebKitAPI/Tests/WebKitGLib/TestUIClient.cpp:
  • TestWebKitAPI/Tests/WebKitGLib/WebProcessTest.cpp:
  • TestWebKitAPI/glib/WebKitGLib/WebViewTest.cpp:
  • TestWebKitAPI/glib/WebKitGLib/gtk/WebViewTestGtk.cpp:
  • TestWebKitAPI/gtk/PlatformWebViewGtk.cpp:
  • WebKitTestRunner/gtk/EventSenderProxyGtk.cpp:
8:21 AM Changeset in webkit [276592] by Alexey Shvayka
  • 102 edits
    15 adds in trunk

[JSC] OrdinarySet should invoke custom Set? methods
https://bugs.webkit.org/show_bug.cgi?id=217916

Reviewed by Yusuke Suzuki.

JSTests:

  • microbenchmarks/put-slow-no-cache-array.js: Added.
  • microbenchmarks/put-slow-no-cache-function.js: Added.
  • microbenchmarks/put-slow-no-cache-js-proxy.js: Added.
  • microbenchmarks/put-slow-no-cache-long-prototype-chain.js: Added.
  • microbenchmarks/put-slow-no-cache.js: Added.
  • microbenchmarks/reflect-set-with-receiver.js: Added.
  • stress/custom-get-set-proto-chain-put.js:
  • stress/module-namespace-access-set-fails.js: Added.
  • stress/put-non-reified-static-accessor-or-custom.js: Added.
  • stress/put-non-reified-static-function-or-custom.js: Added.
  • stress/put-to-primitive-non-reified-static-custom.js: Added.
  • stress/put-to-primitive.js: Added.
  • stress/put-to-proto-chain-overrides-put.js: Added.
  • stress/typed-array-canonical-numeric-index-string-set.js: Added.

LayoutTests/imported/w3c:

  • web-platform-tests/WebIDL/ecmascript-binding/interface-object-set-receiver-expected.txt: Added.
  • web-platform-tests/WebIDL/ecmascript-binding/interface-object-set-receiver.html: Added.
  • web-platform-tests/WebIDL/ecmascript-binding/interface-prototype-constructor-set-receiver-expected.txt:
  • web-platform-tests/WebIDL/ecmascript-binding/interface-prototype-constructor-set-receiver.html:

Source/JavaScriptCore:

This patch fixes putInlineSlow() to handle special properties (like JSFunction's "name"
and JSArray's "length") in prototype chain. When such property is encountered, prototype
chain traversal is stopped; if it's read-only, a TypeError is thrown in strict mode.

This change adds OverridesPut out of line type info flag, and utilizes it in putInlineSlow()
to invoke overriden methods. While this approach requires put() methods to be aware of
altered receivers, it renders several benefits:

  1. put() method can be used for both "real" Set? overrides and special properties, with its return value remaining bool;
  2. it is simpler, faster, and more predictable than calling GetOwnProperty? in putInlineSlow() or adding defineOwnPropertyViaPut() to the method table.

Removes ordinarySetSlow() for non-index properties, which didn't invoke some Set?
methods as well. Instead, definePropertyOnReceiver() is introduced for altered receivers,
which performs correctly when reached because:

  1. all special properties were already handled (unless it's Reflect.set);
  2. performing putDirectInternal() is unobservable (unless ProxyObject was seen);
  3. putDirectInternal() now fully implements property definition of OrdinarySet [1];
  4. put() override is required if a spec defines custom DefineOwnProperty?.

Since indexed puts handle overrides / altered receivers quite differently, they will
be fixed in a follow-up, completely removing ordinarySetSlow().

Also, by merging putEntry() / putToPrimitive() into putInlineSlow() and introducing
putInlineFastReplacingStaticPropertyIfNeeded() helper, this patch fixes a few bugs:

  1. Direct Set? to non-reified static property now preserves its attributes when replacing Value?.
  2. Prototype chain Set? to non-reified static property now throws if receiver is non-extensible.
  3. Non-reified static writable property now shadows read-only one that is further in prototype chain.
  4. Non-reified static properties in prototype chain of a primitive are now considered.

Fixes a few issues that were previously unobservable:

  1. PropertyAttribute::CustomValue is now unset when a setter-less property is reassigned.
  2. uint64_t putByIndexInline() now calls put() via method table like uint32_t counterpart.

Other notable refactors:

  1. Inlines callCustomSetter(), dropping weird TriState return value.
  2. Simplifies initialization of StringPrototype.
  3. Simplifies isThisValueAltered() to pointer comparisons at non-JSProxy call sites.
  4. Removes doPutPropertySecurityCheck() methods as the same checks are performed by put() methods.
  5. Removes prototypeChainMayInterceptStoreTo(), which pretty much duplicated canPerformFastPutInline().
  6. Removes dummy JSArrayBufferView::put() method.
  7. Removes now unused lookupPut().

Aligns JSC with V8 and SpiderMonkey.

This patch carefully preserves the current behavior of Reflect.set with CustomValue
and prototype chain Set? to a JSCallbackObject / legacy platform object.

This change is performance-neutral on /put/ microbenchmarks as it doesn't affect
caching, only the slow path. Reflect.set with JSFinalObject receiver is 130% faster.
putInlineSlow() microbenchmarks progress by 4-18%.

[1]: https://tc39.es/ecma262/#sec-ordinarysetwithowndescriptor (step 3)

  • API/JSCallbackObject.h:
  • API/JSCallbackObjectFunctions.h:

(JSC::JSCallbackObject<Parent>::put):

  • API/tests/testapiScripts/testapi.js:
  • debugger/DebuggerScope.h:
  • runtime/ClassInfo.h:
  • runtime/ClonedArguments.h:
  • runtime/CustomGetterSetter.cpp:

(JSC::callCustomSetter): Deleted.

  • runtime/CustomGetterSetter.h:
  • runtime/ErrorConstructor.h:
  • runtime/ErrorInstance.h:
  • runtime/GenericArguments.h:
  • runtime/GenericArgumentsInlines.h:

(JSC::GenericArguments<Type>::put):

  • runtime/GetterSetter.h:
  • runtime/JSArray.cpp:

(JSC::JSArray::put):

  • runtime/JSArray.h:
  • runtime/JSArrayBufferView.cpp:

(JSC::JSArrayBufferView::put): Deleted.

  • runtime/JSArrayBufferView.h:
  • runtime/JSCJSValue.cpp:

(JSC::JSValue::putToPrimitive):

  • runtime/JSCell.cpp:

(JSC::JSCell::doPutPropertySecurityCheck): Deleted.

  • runtime/JSCell.h:
  • runtime/JSFunction.cpp:

(JSC::JSFunction::put):

  • runtime/JSFunction.h:
  • runtime/JSGenericTypedArrayView.h:
  • runtime/JSGlobalLexicalEnvironment.h:
  • runtime/JSGlobalObject.cpp:

(JSC::JSGlobalObject::put):

  • runtime/JSGlobalObject.h:
  • runtime/JSLexicalEnvironment.h:
  • runtime/JSModuleEnvironment.h:
  • runtime/JSModuleNamespaceObject.h:
  • runtime/JSObject.cpp:

(JSC::JSObject::getOwnPropertySlot):
(JSC::JSObject::putInlineSlow):
(JSC::definePropertyOnReceiverSlow):
(JSC::JSObject::definePropertyOnReceiver):
(JSC::JSObject::putInlineFastReplacingStaticPropertyIfNeeded):
(JSC::JSObject::doPutPropertySecurityCheck): Deleted.
(JSC::JSObject::prototypeChainMayInterceptStoreTo): Deleted.

  • runtime/JSObject.h:

(JSC::JSObject::putByIndexInline):
(JSC::JSObject::hasNonReifiedStaticProperties):
(JSC::JSObject::getOwnPropertySlot):
(JSC::JSObject::putDirect):
(JSC::JSObject::doPutPropertySecurityCheck): Deleted.

  • runtime/JSObjectInlines.h:

(JSC::JSObject::canPerformFastPutInlineExcludingProto):
(JSC::JSObject::putInlineForJSObject):
(JSC::JSObject::putInlineFast):
(JSC::JSObject::putDirectInternal):

  • runtime/JSProxy.h:
  • runtime/JSTypeInfo.h:

(JSC::TypeInfo::hasStaticPropertyTable const):
(JSC::TypeInfo::overridesPut const):
(JSC::TypeInfo::getOwnPropertySlotMayBeWrongAboutDontEnum const):
(JSC::TypeInfo::hasPutPropertySecurityCheck const): Deleted.

  • runtime/Lookup.h:

(JSC::putEntry): Deleted.
(JSC::lookupPut): Deleted.

  • runtime/PropertySlot.h:
  • runtime/ProxyObject.cpp:

(JSC::ProxyObject::put):

  • runtime/ProxyObject.h:
  • runtime/PutPropertySlot.h:

(JSC::PutPropertySlot::PutPropertySlot):
(JSC::PutPropertySlot::context const):
(JSC::PutPropertySlot::isTaintedByOpaqueObject const):
(JSC::PutPropertySlot::setIsTaintedByOpaqueObject):

  • runtime/ReflectObject.cpp:

(JSC::JSC_DEFINE_HOST_FUNCTION):

  • runtime/RegExpObject.cpp:

(JSC::RegExpObject::put):

  • runtime/RegExpObject.h:
  • runtime/StringObject.cpp:

(JSC::StringObject::put):

  • runtime/StringObject.h:
  • runtime/StringPrototype.cpp:

(JSC::StringPrototype::finishCreation):
(JSC::StringPrototype::create):

  • runtime/StringPrototype.h:
  • runtime/Structure.cpp:

(JSC::Structure::validateFlags):

  • runtime/Structure.h:

(JSC::Structure::hasNonReifiedStaticProperties const):

  • tools/JSDollarVM.cpp:

Source/WebCore:

Fixes:

  1. Legacy platform object's Set? now guards against altered receiver [1]. (aligns with Blink).
  2. Direct Set? to window.%Interface% constructor now preserves DontEnum attribute [2]. (aligns with Blink and Gecko).
  3. Cross-origin non-index put() now throws SecurityError instead of silently failing [3]. (aligns with Blink and Gecko).

Refactors:

  1. Simplifies cross-origin JSDOMWindow::put(), aligning it with JSLocation::put().
  2. Replaces lookupPut() with direct setter call in JSRemoteDOMWindow::put().
  3. Removes now unused doPutPropertySecurityCheck() methods.

Tests: js/dom/script-tests/reflect-set-onto-dom.js

imported/w3c/web-platform-tests/WebIDL/ecmascript-binding/interface-object-set-receiver.html
http/tests/security/cross-frame-access-object-getPrototypeOf-in-put.html

[1] https://heycam.github.io/webidl/#legacy-platform-object-set (step 1)
[2] https://heycam.github.io/webidl/#define-the-global-property-references (step 3.1.3)
[3] https://html.spec.whatwg.org/multipage/browsers.html#crossoriginset-(-o,-p,-v,-receiver-) (step 4)

  • bindings/js/JSDOMWindowCustom.cpp:

(WebCore::JSDOMWindow::put):
(WebCore::JSDOMWindow::doPutPropertySecurityCheck): Deleted.

  • bindings/js/JSLocationCustom.cpp:

(WebCore::JSLocation::doPutPropertySecurityCheck): Deleted.

  • bindings/js/JSRemoteDOMWindowCustom.cpp:

(WebCore::JSRemoteDOMWindow::put):

  • bindings/scripts/CodeGeneratorJS.pm:

(GeneratePut):
(GenerateHeader):

  • bindings/scripts/test/JS/*: Updated.
  • bridge/objc/objc_runtime.h:
  • bridge/runtime_array.h:
  • bridge/runtime_object.h:

Source/WebKit:

  • WebProcess/Plugins/Netscape/JSNPObject.h:

LayoutTests:

  • http/tests/security/cross-frame-access-object-getPrototypeOf-in-put-expected.txt:
  • http/tests/security/cross-frame-access-object-getPrototypeOf-in-put.html:
  • js/dom/reflect-set-onto-dom-expected.txt:
  • js/dom/script-tests/reflect-set-onto-dom.js:
8:04 AM Changeset in webkit [276591] by don.olmstead@sony.com
  • 2 edits in trunk/Source/WebCore

ANGLE X11 build fixes
https://bugs.webkit.org/show_bug.cgi?id=225003

Reviewed by Kenneth Russell.

X11 headers define a bunch of macros with common terms, interfering with WebCore and WTF
enum values. As a workaround, we explicitly undef them.

This is the same fix as the one to GLContext.h in r274869 but applied to the ANGLE headers
that are including X11.

  • platform/graphics/angle/ANGLEHeaders.h:
7:28 AM Changeset in webkit [276590] by pvollan@apple.com
  • 2 edits in trunk/Source/WebKit

[iOS] Update sandbox message filter syntax
https://bugs.webkit.org/show_bug.cgi?id=223384

Reviewed by Brent Fulgham.

Update sandbox message filter syntax on iOS. The previous syntax should also still be supported.

  • Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:
7:22 AM Changeset in webkit [276589] by Diego Pino Garcia
  • 1 edit
    2 adds in trunk/LayoutTests

[GLIB] Unreviewed test gardening. Emit new GLIB baselines after r276584.

  • platform/glib/imported/w3c/web-platform-tests/shadow-dom/event-on-pseudo-element-crash-expected.txt: Added.
  • platform/glib/imported/w3c/web-platform-tests/shadow-dom/imperative-slot-api-crash-expected.txt: Added.
6:17 AM Changeset in webkit [276588] by Antti Koivisto
  • 10 edits in trunk/Source/WebCore

Refcount Style::Resolver
https://bugs.webkit.org/show_bug.cgi?id=225048

Reviewed by Ryosuke Niwa.

For safety, and to allow more sharing in the future.

  • css/DOMCSSRegisterCustomProperty.cpp:

(WebCore::DOMCSSRegisterCustomProperty::registerProperty):

  • dom/Document.cpp:

(WebCore::Document::userAgentShadowTreeStyleResolver):

  • dom/Document.h:
  • style/StyleResolver.cpp:

Also make the Resolver ISO-allocated.

(WebCore::Style::Resolver::create):

  • style/StyleResolver.h:
  • style/StyleScope.cpp:

(WebCore::Style::Scope::resolver):

  • style/StyleScope.h:
  • style/StyleTreeResolver.cpp:

(WebCore::Style::TreeResolver::Scope::Scope):
(WebCore::Style::TreeResolver::Scope::~Scope):
(WebCore::Style::TreeResolver::styleForStyleable):
(WebCore::Style::TreeResolver::resolveElement):
(WebCore::Style::TreeResolver::resolvePseudoStyle):
(WebCore::Style::TreeResolver::resolve):

  • style/StyleTreeResolver.h:
5:27 AM Changeset in webkit [276587] by Razvan Caliman
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: REGRESSION(r270134) Elements Tab: Details Sidebar toggle is unexpectedly disabled after switching from Timelines tab
https://bugs.webkit.org/show_bug.cgi?id=224772
<rdar://73470211>

Reviewed by Devin Rousso.

Ensure the logic for identifying and showing the represented object for the selected DOMNode
is not run unless the Elements Tab is visible. This guards agains the partial setting of state
when the Elements Tab is not the default tab while opening Web Inspector.

  • UserInterface/Views/ElementsTabContentView.js:

(WI.ElementsTabContentView):
(WI.ElementsTabContentView.prototype.showRepresentedObject):
(WI.ElementsTabContentView.prototype.attached):
(WI.ElementsTabContentView.prototype.detached):
(WI.ElementsTabContentView.prototype._showDOMTreeContentViewIfNeeded):
(WI.ElementsTabContentView.prototype._mainFrameDidChange):
(WI.ElementsTabContentView.prototype._mainResourceDidChange):

4:59 AM Changeset in webkit [276586] by eocanha@igalia.com
  • 10 edits
    2 deletes in trunk

[GStreamer] media/track/in-band/ layout tests introduced in r154908 are failing
https://bugs.webkit.org/show_bug.cgi?id=120665

Reviewed by Philippe Normand.

Source/WebCore:

Solved a deadlock when processing samples from a text track while the main thread is starting to play.
In those circumstances, the text sink is set by Playbin as non-async, so the main thread calling
MediaPlayerPrivateGStreamer::play() is blocked waiting for the preroll to finish. While prerolling,
a text sample is detected in a non-main thread and sent to the main thread for processing. The current
code waits in the non-main thread for the processing to finish, but that won't ever happen because
the main thread is busy in play() waiting for the preroll to complete. Since the non-main thread
doesn't need any result from the main thread, a simple change to avoid the wait is enough to solve the
deadlock.

There was also a bug preventing all the languages of the text tracks being detected on time. Sometimes
the tag event specifying the track language emitted by the demuxer arrives too late to the
webkittextcombiner sink pad (up to several seconds since sent!) and the language remains unset when
the test checks for it. As a result, the test fails because the second track isn't reported to be in
French language ("fr"). The solution to this is to find an earlier (more upstream) pad and listen
there for the (sticky) tag events. There can be multiple tag events, so all of them are checked until
one having the GST_TAG_LANGUAGE_CODE tag is found.

Covered by existing tests (now unskipped).

  • platform/graphics/gstreamer/TextSinkGStreamer.cpp:

(webkitTextSinkHandleSample): Don't wait for handleTextSample() to be completed in the main thread. This avoids the deadlock.

  • platform/graphics/gstreamer/TrackPrivateBaseGStreamer.cpp:

(WebCore::findBestUpstreamPad): Find a pad more upstream than the current one.
(WebCore::TrackPrivateBaseGStreamer::TrackPrivateBaseGStreamer): Call setPad() instead of setting it by hand here.
(WebCore::TrackPrivateBaseGStreamer::setPad): Also manage m_bestUpstreamPad in parallel to m_pad. Add a probe to listen to the tag events instead of checking the "tags" property (the property wasn't present in the best upstream pad).
(WebCore::TrackPrivateBaseGStreamer::disconnect): Remove the probe from m_bestUpstreamPad, instead of removing the old notify::tags listener from m_pad.
(WebCore::TrackPrivateBaseGStreamer::tagsChanged): Check the sticky tag events until the language one is found (or the last event if no language event is available).

  • platform/graphics/gstreamer/TrackPrivateBaseGStreamer.h: Added m_bestUpstreamPad and m_eventProbe. Moved setPad() implementation to the cpp file.

Tools:

Fix media/track/in-band/tests

Add libkate as dependency, so gst-plugins-bad detects it and can build the GstKateDec element.
This isn't actually needed when using Flatpak (the dependency has been added there), but is still
useful when using jhbuild and is also coherent with the need of other multimedia dependencies
such as libvpx.

  • gtk/install-dependencies:
  • wpe/install-dependencies:

LayoutTests:

Removed track-in-band-mpegts-metadata.html because it relies on private streams on mpegts
and those won't ever be exposed by tsdemux. Made testCuesAddedOnce() test more robust
when finding text tracks.

  • media/content/user-private-streams.ts: Removed.
  • media/in-band-tracks.js:

(pollProgress): Make sure that the function repeated at intervals is properly stopped in all the cases.
(canplaythrough): More robust track detection.
(testCuesAddedOnce): Ditto.

  • media/track/in-band/track-in-band-mpegts-metadata.html: Removed.
  • platform/glib/TestExpectations: Unskip media/track/in-band tests.
3:56 AM Changeset in webkit [276585] by rniwa@webkit.org
  • 4 edits in trunk

Implement ShadowRoot.prototype.delegatesFocus attribute
https://bugs.webkit.org/show_bug.cgi?id=224805

Reviewed by Antti Koivisto.

LayoutTests/imported/w3c:

Rebaselined now that test casses are passing.

  • web-platform-tests/shadow-dom/focus/ShadowRoot-delegatesFocus-expected.txt:

Source/WebCore:

Added the IDL attribute. Chrome had supported this IDL attribute for ages.

Test: imported/w3c/web-platform-tests/shadow-dom/focus/ShadowRoot-delegatesFocus.html

  • dom/ShadowRoot.idl:
2:25 AM Changeset in webkit [276584] by rniwa@webkit.org
  • 16 edits
    24 adds
    7 deletes in trunk/LayoutTests

Resync WPT shadow DOM tests as of 02f0cc10
https://bugs.webkit.org/show_bug.cgi?id=225042

Reviewed by Antti Koivisto.

LayoutTests/imported/w3c:

Resync'ed shadow DOM tests as of 02f0cc10c4e92627ccfd8b30ce03e04278af5224.

  • resources/resource-files.json:
  • web-platform-tests/shadow-dom/accesskey.tentative-expected.txt: Added.
  • web-platform-tests/shadow-dom/accesskey.tentative.html: Added.
  • web-platform-tests/shadow-dom/declarative/declarative-after-attachshadow.tentative.html:
  • web-platform-tests/shadow-dom/declarative/declarative-shadow-dom-attachment.tentative.html:
  • web-platform-tests/shadow-dom/declarative/declarative-shadow-dom-basic.tentative.html:
  • web-platform-tests/shadow-dom/declarative/declarative-shadow-dom-opt-in.tentative.html:
  • web-platform-tests/shadow-dom/declarative/declarative-with-disabled-shadow.tentative-expected.txt: Added.
  • web-platform-tests/shadow-dom/declarative/declarative-with-disabled-shadow.tentative.html: Added.
  • web-platform-tests/shadow-dom/declarative/getinnerhtml.tentative.html:
  • web-platform-tests/shadow-dom/declarative/innerhtml-before-closing-tag.tentative-expected.txt: Added.
  • web-platform-tests/shadow-dom/declarative/innerhtml-before-closing-tag.tentative.html: Renamed from innerhtml-before-closing-tag.html.
  • web-platform-tests/shadow-dom/declarative/innerhtml-on-ordinary-template.tentative-expected.txt: Added.
  • web-platform-tests/shadow-dom/declarative/innerhtml-on-ordinary-template.tentative.html: Renamed from innerhtml-on-ordinary-template.html.
  • web-platform-tests/shadow-dom/declarative/move-template-before-closing-tag.tentative-expected.txt: Added.
  • web-platform-tests/shadow-dom/declarative/move-template-before-closing-tag.tentative.html: Renamed from move-template-before-closing-tag.html.
  • web-platform-tests/shadow-dom/declarative/script-access.tentative.html:
  • web-platform-tests/shadow-dom/declarative/w3c-import.log:
  • web-platform-tests/shadow-dom/event-on-pseudo-element-crash.html: Added.
  • web-platform-tests/shadow-dom/focus/ShadowRoot-delegatesFocus-expected.txt: Added.
  • web-platform-tests/shadow-dom/focus/ShadowRoot-delegatesFocus.html: Added.
  • web-platform-tests/shadow-dom/focus/focus-selector-delegatesFocus.html:
  • web-platform-tests/shadow-dom/focus/w3c-import.log:
  • web-platform-tests/shadow-dom/imperative-slot-api-crash-expected.txt: Added.
  • web-platform-tests/shadow-dom/imperative-slot-api-crash.html: Added.
  • web-platform-tests/shadow-dom/imperative-slot-api-expected.txt: Added.
  • web-platform-tests/shadow-dom/imperative-slot-api-slotchange-expected.txt: Renamed from slots-imperative-api-slotchange.tentative-expected.txt.
  • web-platform-tests/shadow-dom/imperative-slot-api-slotchange.html: Renamed from slots-imperative-api-slotchange.tentative.html.
  • web-platform-tests/shadow-dom/imperative-slot-api.html: Renamed from slots-imperative-slot-api.tentative.html.
  • web-platform-tests/shadow-dom/nested-slot-remove-crash-expected.txt:
  • web-platform-tests/shadow-dom/nested-slot-remove-crash.html:
  • web-platform-tests/shadow-dom/w3c-import.log:

LayoutTests:

Rebaselined the test and added platform specific results for the crash tests.

  • platform/ios/imported/w3c/web-platform-tests/shadow-dom/imperative-slot-api-crash-expected.txt: Added.
  • platform/ios/imported/w3c/web-platform-tests/shadow-dom/event-on-pseudo-element-crash-expected.txt: Added.
  • platform/mac/imported/w3c/web-platform-tests/shadow-dom/event-on-pseudo-element-crash-expected.txt: Added.
  • platform/glib/imported/w3c/web-platform-tests/shadow-dom/nested-slot-remove-crash-expected.txt: Rebaselined.
2:04 AM Changeset in webkit [276583] by Angelos Oikonomopoulos
  • 2 edits in trunk/Source/WTF

Bump CeilingOnPageSize to 16KB on MIPS
https://bugs.webkit.org/show_bug.cgi?id=225030

Reviewed by Michael Catanzaro.

  • wtf/PageBlock.h:
1:21 AM Changeset in webkit [276582] by commit-queue@webkit.org
  • 3 edits
    2 adds in trunk

embed element with the src attribute set prevents WebKitTestRunner from exiting
https://bugs.webkit.org/show_bug.cgi?id=223791

Patch by Carlos Garcia Campos <cgarcia@igalia.com> on 2021-04-26
Reviewed by Ryosuke Niwa.

Source/WebCore:

The problem is that the load never finishes, so WTR keeps waiting for the final message from injected bundle
that happens when the page is loaded. When the src attribute is changed,
HTMLPlugInImageElement::updateImageLoaderWithNewURLSoon() is called. That calls
HTMLPlugInImageElement::scheduleUpdateForAfterStyleResolution() that increases the document load event delay
count and queues a style post resolution callback. The document load event delay count is decreased in
HTMLPlugInImageElement::updateAfterStyleResolution(), called by the style post resolution callback. But the
callback is never called because the embed element is not in tree, and it's never added, keeping the document
load event delay unbalanced. We should not call scheduleUpdateForAfterStyleResolution() when the element
is not in render tree, since we know Node::invalidateStyle() will return early and style post resolution
callbacks will not be called. If the element is added to the tree eventually,
scheduleUpdateForAfterStyleResolution() will be called by didRecalcStyle, so the image will be loaded.

Test: fast/images/embed-image-onload-src-change.html

  • html/HTMLPlugInImageElement.cpp:

(WebCore::HTMLPlugInImageElement::updateImageLoaderWithNewURLSoon):

LayoutTests:

Add new test.

  • fast/images/embed-image-onload-src-change-expected.txt: Added.
  • fast/images/embed-image-onload-src-change.html: Added.

Apr 25, 2021:

10:51 PM Changeset in webkit [276581] by rniwa@webkit.org
  • 2 edits in trunk/Tools

Add an option to not enable all experimental features in DumpRenderTree
https://bugs.webkit.org/show_bug.cgi?id=225041

Reviewed by Wenson Hsieh.

Added --no-enable-all-experimental-features to DumpRenderTree as we did
for WebKitTestRunner in r276559.

  • DumpRenderTree/mac/DumpRenderTree.mm:

(setWebPreferencesForTestOptions):
(initializeGlobalsFromCommandLineOptions):

10:24 PM Changeset in webkit [276580] by rniwa@webkit.org
  • 4 edits in trunk/LayoutTests

Unreviewesd EWS fixes.

Skip http/tests/security/referrer-policy-header-multipart.html on WebKit1
after r276526 split it out of http/tests/security/referrer-policy-header.html

  • platform/mac-wk1/TestExpectations:
  • platform/win/TestExpectations:
  • platform/wincairo/TestExpectations:
7:05 PM Changeset in webkit [276579] by Fujii Hironori
  • 2 edits in trunk/LayoutTests

[WinCairo] Unreviewed test gardening

  • platform/wincairo/TestExpectations:
6:03 PM Changeset in webkit [276578] by ChangSeok Oh
  • 6 edits
    2 adds in trunk

Fix a crash caused by AVIF decoding failure
https://bugs.webkit.org/show_bug.cgi?id=223843
<rdar://problem/76205084>

Reviewed by Philippe Normand.

Source/WebCore:

A crash happens when the image count is accessed in AVIFImageDecoder::tryDecodeSize.
This is because an instance of AVIFImageReader is destroyed by setFailed()
in AVIFImageReader::parseHeader. Deciding a failure was hasty because
parsing can fail when necessary data is not received yet. To fix this,
we call setFailed in AVIFImageReader::parseHeader only when all data is received.

Test: http/tests/images/avif-partial-load-crash.html

  • platform/image-decoders/avif/AVIFImageDecoder.cpp:

(WebCore::AVIFImageDecoder::tryDecodeSize):

  • platform/image-decoders/avif/AVIFImageReader.cpp:

(WebCore::AVIFImageReader::parseHeader):
(WebCore::AVIFImageReader::repetitionCount const):

  • platform/image-decoders/avif/AVIFImageReader.h:

LayoutTests:

Check if partial load of avif images crashes.

  • TestExpectations: Skip the test for non-gtk platforms.
  • http/tests/images/avif-partial-load-crash-expected.txt: Added.
  • http/tests/images/avif-partial-load-crash.html: Added.
3:59 PM Changeset in webkit [276577] by Darin Adler
  • 6 edits in trunk

Fix handling of overflow of /= and *= operators with double over Checked<uint64_t> and other 64-bit types.
https://bugs.webkit.org/show_bug.cgi?id=224835

Reviewed by Chris Dumez.

Source/WebCore:

  • platform/graphics/gpu/cocoa/GPUBindGroupAllocatorMetal.mm:

(WebCore::GPUBindGroupAllocator::reallocate): Use integer math instead of floating point math to increase
the size by 25% each time through the loop, staying within the capabilities of our checked integer class.

Source/WTF:

  • wtf/CheckedArithmetic.h: Since it is quite difficult to write correct implementations of the

operations where we multiply or divide a checked integer by a floating point number, deleted
those functions, which were barely used. Also corrected return types of various member functions,
which were unconventional "const Type", replacing them with the conventional "Type" for functions
that return a distinct value, "Type&" for assignment operators, and bool for relational operators.

Tools:

  • TestWebKitAPI/Tests/WTF/CheckedArithmeticOperations.cpp:

Removed tests of the "/=" operator with floating point arguments, no longer supported.

3:53 PM Changeset in webkit [276576] by Cameron McCormack
  • 5 edits in trunk/Source/WebCore

Remove templated operator<<(TextStream&, T*) that interferes with raw pointer formatting.
https://bugs.webkit.org/show_bug.cgi?id=224962

Reviewed by Darin Adler.

We can end up calling into this one (which unhelpfully casts its
argument to intptr_t) instead of the const void* one in
TextStream.h.

Removing this means we can drop static_cast<const void*>(...) in
various places in debugging output code.

  • rendering/RenderLayer.cpp:

(WebCore::outputPaintOrderTreeRecursive):

  • rendering/RenderTreeAsText.cpp:

(WebCore::RenderTreeAsText::writeRenderObject):

  • rendering/svg/SVGRenderTreeAsText.cpp:

(WebCore::writeStandardPrefix):

  • rendering/svg/SVGRenderTreeAsText.h:
3:06 PM Changeset in webkit [276575] by rniwa@webkit.org
  • 24 edits
    1 delete in trunk/Source/WebCore

Make more IndexedDB objects iso-heap'ed
https://bugs.webkit.org/show_bug.cgi?id=225029

Reviewed by Darin Adler.

Deployed IsoHeap on more IndexedDB objects.

  • Modules/indexeddb/IDBFactory.cpp:
  • Modules/indexeddb/IDBFactory.h:
  • Modules/indexeddb/IDBGetAllResult.cpp:
  • Modules/indexeddb/IDBGetAllResult.h:
  • Modules/indexeddb/IDBGetResult.cpp:
  • Modules/indexeddb/IDBGetResult.h:
  • Modules/indexeddb/IDBIndex.cpp:
  • Modules/indexeddb/IDBIndex.h:
  • Modules/indexeddb/IDBKey.cpp:
  • Modules/indexeddb/IDBKey.h:
  • Modules/indexeddb/IDBObjectStore.cpp:
  • Modules/indexeddb/IDBObjectStore.h:
  • Modules/indexeddb/IDBRecordIdentifier.h: Removed since it's not used anywhere.
  • Modules/indexeddb/IDBRequest.cpp:
  • Modules/indexeddb/IDBRequest.h:
  • Modules/indexeddb/client/IDBConnectionProxy.cpp:
  • Modules/indexeddb/client/IDBConnectionProxy.h:
  • Modules/indexeddb/client/IDBConnectionToServer.cpp:
  • Modules/indexeddb/client/IDBConnectionToServer.h:
  • Modules/indexeddb/client/TransactionOperation.cpp:
  • Modules/indexeddb/client/TransactionOperation.h:
  • Modules/indexeddb/shared/IDBDatabaseInfo.cpp:
  • Modules/indexeddb/shared/IDBDatabaseInfo.h:
  • WebCore.xcodeproj/project.pbxproj:
2:45 PM Changeset in webkit [276574] by Devin Rousso
  • 9 edits
    1 delete in trunk/Source

Add ALWAYS_LOG_WITH_STREAM macro for easier development/debugging
https://bugs.webkit.org/show_bug.cgi?id=224959

Reviewed by Darin Adler.

It's often very helpful to use existing operator<< defined on objects, but annoying to
have to copypaste the boilerplate code that creates a WTF::TextStream and uses it in a
WTFLogAlways or wait for a debug build to enable existing LOG_WITH_STREAM.

Source/WebCore:

  • platform/Logging.h:

Move contents of pal/LogMacros.h to wtf/Assertions.h.

Source/WebCore/PAL:

  • pal/LogMacros.h: Removed.
  • PAL.xcodeproj/project.pbxproj:
  • pal/CMakeLists.txt:

Move contents of pal/LogMacros.h to wtf/Assertions.h.

Source/WebKit:

  • Platform/Logging.h:

Move contents of pal/LogMacros.h to wtf/Assertions.h.

Source/WTF:

  • wtf/Assertions.h:

(LOG_WITH_STREAM): Moved from Source/WebCore/pal/LogMacros.h.
(ALWAYS_LOG_WITH_STREAM): Added.
Add ALWAYS_LOG_WITH_STREAM so that one change existing LOG when debugging with minimal
friction. As an example, many times I've wished I could've just changed
`

LOG_WITH_STREAM(Channel, stream << node);

`
to something like
`

ALWAYS_LOG_WITH_STREAM(stream << node);

`
and avoid having to modify the surrounding code too much.

2:09 PM Changeset in webkit [276573] by Devin Rousso
  • 2 edits in trunk/Source/WebInspectorUI

Web Inspector: Audit: REGRESSION(?): creating a new test in Edit mode causes the Results folder to appear
https://bugs.webkit.org/show_bug.cgi?id=224994

Reviewed by Darin Adler.

  • UserInterface/Views/AuditNavigationSidebarPanel.js:

(WI.AuditNavigationSidebarPanel.prototype._addTest):

2:00 PM Changeset in webkit [276572] by commit-queue@webkit.org
  • 8 edits
    1 add in trunk

[css-flexbox] Table layout disregards overriding width
https://bugs.webkit.org/show_bug.cgi?id=224934

Patch by Felipe Erias <Felipe Erias> on 2021-04-25
Reviewed by Darin Adler.

LayoutTests/imported/w3c:

Update expectations.

  • web-platform-tests/css/css-flexbox/table-with-percent-intrinsic-width-expected.txt: This test now passes.

Source/WebCore:

If a table's parent has set an overriding width on it, that value will get preference over the one from
the table's "width" property. This fixes several tests where the width assigned by the flexbox algorithm
did not match the width of the table after layout.

  • rendering/AutoTableLayout.cpp:

(WebCore::AutoTableLayout::applyPreferredLogicalWidthQuirks const): Give precedence to the element's
overriding width if it has been set.

  • rendering/RenderTable.cpp:

(WebCore::RenderTable::updateLogicalWidth): Give precedence to the element's overriding width if it
has been set, instead of discarding it if it is smaller than the style width.
(WebCore::RenderTable::computePreferredLogicalWidths): Take the overriding width into account when
computing the preferred min/max values for the element.

LayoutTests:

  • TestExpectations: Remove three WPT tests that now pass.
  • platform/glib/TestExpectations: Remove one WPT test that now passes.
  • platform/gtk/imported/w3c/web-platform-tests/css/css-flexbox/flex-item-contains-strict-expected.txt: Added.
1:38 PM Changeset in webkit [276571] by jer.noble@apple.com
  • 5 edits in trunk/Source/WebKit

[GPUP] REGRESSION: Selecting play/pause on Spotify.com causes page to reload
https://bugs.webkit.org/show_bug.cgi?id=225023
<rdar://76985997>

Reviewed by Darin Adler.

A zero ObjectIdentifier is apparently invalid, which causes a debug ASSERT on the sending
side and a SIGKILL on the receiving side. Replace the zero ObjectIdentifier message when
clearing a LegacyCDMSession with an Optional<ObjectIdentifier>, and send an explicit
WTF::nullopt when clearing.

  • GPUProcess/media/RemoteMediaPlayerProxy.cpp:

(WebKit::RemoteMediaPlayerProxy::mediaPlayerCachedKeyForKeyId const):
(WebKit::RemoteMediaPlayerProxy::setLegacyCDMSession):

  • GPUProcess/media/RemoteMediaPlayerProxy.h:
  • GPUProcess/media/RemoteMediaPlayerProxy.messages.in:
  • WebProcess/GPU/media/MediaPlayerPrivateRemote.cpp:

(WebKit::MediaPlayerPrivateRemote::setCDMSession):

1:32 PM Changeset in webkit [276570] by jer.noble@apple.com
  • 5 edits in trunk/Source/WebKit

[GPUP][iOS] Silent video playback can interrupt system audio
https://bugs.webkit.org/show_bug.cgi?id=225031
<rdar://76652073>

Reviewed by Eric Carlson.

When the WebContent process asks the GPU Process to set the AVAudioSession audio session
category, the GPU Process as an optimization returns early if the session category being
requested is the same as has already been set. However, the default value of the category
is "None" (which translates to AVAudioSessionCategoryAmbient), and setting the category
to "None" becomes a no-op due to this default. As such, the GPUP never sets the underlying
AVAudioSession's category away from the default, which is AVAudioSessionCategorySoloAmbient,
and thus will interrupt other audio during playback.

Additionally, there's a subtle logic error where the audio session category is not changed
when a given WebContent process (and it's RemoteAudioSession & Proxy) goes away.

The fix for both of these issues is to re-calculate the correct audio session category
when a RemoteAudioSessionProxy is added or removed from RemoteAudioSessionProxyManager.
Since "None" is the default value for a RemoteAudioSessionProxy, the mere act of adding
a new RemoteAudioSessionProxy (which is created when a WebContent process is created)
will cause the audio session category to be set to AVAudioSessionCategoryAmbient.

  • GPUProcess/media/RemoteAudioSessionProxy.cpp:

(WebKit::RemoteAudioSessionProxy::setCategory):

  • GPUProcess/media/RemoteAudioSessionProxy.h:
  • GPUProcess/media/RemoteAudioSessionProxyManager.cpp:

(WebKit::RemoteAudioSessionProxyManager::addProxy):
(WebKit::RemoteAudioSessionProxyManager::removeProxy):
(WebKit::RemoteAudioSessionProxyManager::updateCategory):
(WebKit::RemoteAudioSessionProxyManager::setCategoryForProcess): Deleted.

  • GPUProcess/media/RemoteAudioSessionProxyManager.h:
12:17 PM Changeset in webkit [276569] by commit-queue@webkit.org
  • 7 edits in trunk/Source/ThirdParty/ANGLE

[Metal ANGLE] support primitive restart behavior with simple data types
https://bugs.webkit.org/show_bug.cgi?id=225011

Primitive restart behavior for simple data types is not defined in Metal. Add a pre-draw pass to
create a set of restart indices, rather than re-write the index buffer. This pass avoids
storing more copies of the index buffer: instead, we cache the location of restart indices, and
use them to build draw lists.

Patch by Kyle Piddington <Kyle Piddington> on 2021-04-25
Reviewed by Dean Jackson.

  • src/libANGLE/renderer/metal/BufferMtl.h:
  • src/libANGLE/renderer/metal/BufferMtl.mm:

(rx::IndexConversionBufferMtl::IndexConversionBufferMtl):
(rx::BufferMtl::markConversionBuffersDirty):
(rx::calculateRestartRanges):
(rx::BufferMtl::getRestartIndices):

  • src/libANGLE/renderer/metal/ContextMtl.h:
  • src/libANGLE/renderer/metal/ContextMtl.mm:

(rx::ContextMtl::drawLineLoopElements):
(rx::ContextMtl::drawElementsImpl):
(rx::ContextMtl::drawElementsSimpleTypesPrimitiveRestart): Deleted.

  • src/libANGLE/renderer/metal/VertexArrayMtl.h:
  • src/libANGLE/renderer/metal/VertexArrayMtl.mm:

(rx::VertexArrayMtl::getIndexBuffer):
(rx::VertexArrayMtl::getDrawIndices):
(rx::VertexArrayMtl::convertIndexBuffer):
(rx::VertexArrayMtl::streamIndexBufferFromClient):

12:16 PM Changeset in webkit [276568] by commit-queue@webkit.org
  • 2 edits in trunk/Source/ThirdParty/ANGLE

[Metal ANGLE] Temporarily remove AST validation even for debug builds
https://bugs.webkit.org/show_bug.cgi?id=224991
rdar://76299178

Patch by John Cunningham <johncunningham@apple.com> on 2021-04-25
Reviewed by Kenneth Russell.

  • src/libANGLE/renderer/metal/ShaderMtl.mm:

(rx::ShaderMtl::compileImplMtl):

12:06 PM Changeset in webkit [276567] by commit-queue@webkit.org
  • 3 edits in trunk/Source/ThirdParty/ANGLE

[Metal ANGLE] Select proper IOSurface backing format for WebGL environment
https://bugs.webkit.org/show_bug.cgi?id=224948
<rdar://76284889>

Depending on the architecture, WebCore expects different
IOSurface texture targets for the main buffer. When running catalyst on
Arm64 devices, Metal-ANGLE needs to select the TEXTURE_2D texture target for our
IOSurface/Pbuffer bind point, rather than TEXTURE_RECTANGLE.

Reviewed by Dean Jackson.

Patch by Kyle Piddington <Kyle Piddington> on 2021-04-25

  • src/libANGLE/renderer/metal/DisplayMtl.h:
  • src/libANGLE/renderer/metal/DisplayMtl.mm:

(rx::needsEAGLOnMac):
(rx::DisplayMtl::EGLDrawingBufferTextureTarget):
(rx::DisplayMtl::generateConfigs):

11:35 AM Changeset in webkit [276566] by dino@apple.com
  • 2 edits in trunk/Source/WebKit

[WebXR] Should be enabled when WEBXR_INTERNALS is true
https://bugs.webkit.org/show_bug.cgi?id=225026
<rdar://problem/77111380>

Reviewed by Sam Weinig.

  • Shared/WebPreferencesDefaultValues.cpp:

(WebKit::defaultWebXREnabled): Return true when HAVE(WEBXR_INTERNALS).

10:43 AM Changeset in webkit [276565] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebCore

css-contain category missing from CSSProperties.json
https://bugs.webkit.org/show_bug.cgi?id=224990

Patch by Tyler Wilcock <Tyler Wilcock> on 2021-04-25
Reviewed by Darin Adler.

  • css/CSSProperties.json:

Add missing css-contain category to avoid style lint errors. Example
error:

ERROR: Source/WebCore/css/CSSProperties.json:0: property "contain" has category "css-contain" which is not in the set of categories. [json/syntax] [5]

10:39 AM Changeset in webkit [276564] by commit-queue@webkit.org
  • 2 edits in trunk/Tools

jsonchecker.py validate_string uses Python 2 basestring type instead of Python 2/3 str type
https://bugs.webkit.org/show_bug.cgi?id=224978

Patch by Tyler Wilcock <Tyler Wilcock> on 2021-04-25
Reviewed by Darin Adler.

validate_string uses the Python 2 basestring type instead of the Python 2/3
str type. This causes the check to exit early the first time it validates
a string with this error:

name 'basestring' is not defined

This resulted in jsonchecker not checking the file beyond the first
string validation.

I believe this caused jsonchecker to miss a bug in one of my previous
patches in which I put the "settings-flag" property in the wrong
place:

https://bugs.webkit.org/show_bug.cgi?id=224718#c20

  • Scripts/webkitpy/style/checkers/jsonchecker.py:

(JSONCSSPropertiesChecker.validate_string):
validate_string with Python 2 / 3 str type instead of Python 2
basestring.

Apr 24, 2021:

10:59 PM Changeset in webkit [276563] by rniwa@webkit.org
  • 4 edits in trunk/Source/WebCore

Deploy Ref/RefPtr in DeleteSelectionCommand
https://bugs.webkit.org/show_bug.cgi?id=225028

Reviewed by Wenson Hsieh.

Deployed smart pointers in DeleteSelectionCommand.

Also deployed ScriptDisallowedScope around the code which accesses the render tree.

No new tests since there should be no observable behavioral differences.

  • editing/DeleteSelectionCommand.cpp:

(WebCore::isTableRowEmpty):
(WebCore::isSpecialHTMLElement): Moved from Editing.cpp.
(WebCore::firstInSpecialElement): Ditto.
(WebCore::lastInSpecialElement): Ditto.
(WebCore::positionBeforeContainingSpecialElement): Ditto. Now returns a pair instead of returning
Position and "returning" the special element via an out argument.
(WebCore::positionAfterContainingSpecialElement): Ditto.
(WebCore::DeleteSelectionCommand::initializeStartEnd):
(WebCore::DeleteSelectionCommand::initializePositionData):
(WebCore::DeleteSelectionCommand::handleSpecialCaseBRDelete):
(WebCore::firstEditablePositionInNode):
(WebCore::DeleteSelectionCommand::insertBlockPlaceholderForTableCellIfNeeded):
(WebCore::DeleteSelectionCommand::removeNode):
(WebCore::DeleteSelectionCommand::handleGeneralDelete):
(WebCore::DeleteSelectionCommand::mergeParagraphs):
(WebCore::DeleteSelectionCommand::removePreviouslySelectedEmptyTableRows):
(WebCore::DeleteSelectionCommand::originalStringForAutocorrectionAtBeginningOfSelection):
(WebCore::DeleteSelectionCommand::doApply):

  • editing/Editing.cpp:

(WebCore::isRenderedTable): Return false when the node is not a HTMLElement for consistency.
(WebCore::isSpecialHTMLElement): Moved to DeleteSelectionCommand.cpp.
(WebCore::firstInSpecialElement): Ditto.
(WebCore::lastInSpecialElement): Ditto.
(WebCore::positionBeforeContainingSpecialElement): Ditto.
(WebCore::positionAfterContainingSpecialElement): Ditto.

  • editing/Editing.h:
7:12 PM Changeset in webkit [276562] by timothy_horton@apple.com
  • 15 edits
    5 adds in trunk

Changing the source of a model element with clipping applied does not update the model
https://bugs.webkit.org/show_bug.cgi?id=224917

Reviewed by Simon Fraser.

Source/WebCore:

Tests: model-element/model-element-contents-layer-updates-with-clipping.html

model-element/model-element-contents-layer-updates.html

Previously, a <model> with a contents clipping layer (e.g. border-radius)
would not reparent its contents layer in the right place when setContentsToModel
was called again (because the source changed), leaving the old model
contents layer in place.

  • platform/graphics/ca/GraphicsLayerCA.cpp:

(WebCore::GraphicsLayerCA::updateSublayerList):
Ensure that updateSublayerList always parents contentsLayer in one of its two homes:
under contentsClippingLayer, if it exists; otherwise, directly under the primary layer.

(WebCore::GraphicsLayerCA::setContentsToModel):
Drive-by fix a bug revealed by the tests for this patch: when swapping out the
contents layer in setContentsToModel, we also need to mark ContentsRectsChanged,
or the new contents layer will not get its bounds set during the subsequent flush.

(WebCore::GraphicsLayerCA::setContentsToPlatformLayer):
Remove special-case code that was added to fix this bug just for setContentsToPlatformLayer;
this case is now correctly handled for all contents layers by updateSublayerList.

(WebCore::GraphicsLayerCA::dumpInnerLayer const):

  • platform/graphics/GraphicsLayerClient.h:
  • platform/graphics/ca/PlatformCALayer.cpp:

(WebCore::PlatformCALayer::dumpAdditionalProperties):

  • platform/graphics/ca/PlatformCALayer.h:
  • testing/Internals.cpp:

(WebCore::toPlatformLayerTreeFlags):

  • testing/Internals.h:
  • testing/Internals.idl:

Add a bit to platformLayerTreeAsText() that makes PlatformCALayerRemoteModelHosting
dump the size of the model that it is hosting, which is used in the test for this bug.

Remove the IncludeOpacity bit since we can just always log opacity if it's not the default.

Source/WebKit:

  • WebProcess/WebPage/RemoteLayerTree/PlatformCALayerRemoteModelHosting.h:
  • WebProcess/WebPage/RemoteLayerTree/PlatformCALayerRemoteModelHosting.mm:

(WebKit::PlatformCALayerRemoteModelHosting::dumpAdditionalProperties):
Add a bit to platformLayerTreeAsText() that makes PlatformCALayerRemoteModelHosting
dump the size of the model that it is hosting, which is used in the test for this bug.

LayoutTests:

  • model-element/model-element-contents-layer-updates-expected.txt: Added.
  • model-element/model-element-contents-layer-updates-with-clipping-expected.txt: Added.
  • model-element/model-element-contents-layer-updates-with-clipping.html: Added.
  • model-element/model-element-contents-layer-updates.html: Added.
  • model-element/resources/cube.usdz: Added.
  • platform/ios-wk2/TestExpectations:
  • platform/mac/TestExpectations:

Add tests that ensure that adding a <model> with one source, then changing
it to another, correctly updates the content layer. Test this both
with and without clipping (the without-clipping case passed before this change,
with-clipping failed).

These tests only work on Cocoa ports with UI-side compositing enabled
because they depend on the PlatformCALayer subclass holding on to the model
data (and logging its size) in order to distinguish between the two models.

5:50 PM Changeset in webkit [276561] by aakash_jain@apple.com
  • 2 edits in trunk/Tools

Rename slave to worker in webkitpy - part 2
https://bugs.webkit.org/show_bug.cgi?id=224988

Reviewed by Jonathan Bedard.

  • Scripts/webkitpy/common/system/crashlogs_unittest.py:
5:47 PM Changeset in webkit [276560] by Russell Epstein
  • 1 copy in tags/Safari-611.2.5

Tag Safari-611.2.5.

5:39 PM Changeset in webkit [276559] by rniwa@webkit.org
  • 8 edits in trunk/Tools

Add an option to not enable all experimental features in WebKitTestRunner
https://bugs.webkit.org/show_bug.cgi?id=224958

Reviewed by Tim Horton.

Added --no-enable-all-experimental-features to run-webkit-tests and WebKitTestRunner.

It causes a crash in DumpRenderTree for now. We should rectify this in the future
when we align the behaviors of WebKitTestRunner and DumpRenderTree.

  • Scripts/webkitpy/layout_tests/run_webkit_tests.py:

(parse_args): Added --no-enable-all-experimental-features.

  • Scripts/webkitpy/port/driver.py:

(Driver.cmd_line): Pass along the option to WebKitTestRunner.

  • WebKitTestRunner/Options.cpp:

(WTR::handleOptionNoEnableAllExperimentalFeatures): Added.
(WTR::OptionsHandler::OptionsHandler): Added --no-enable-all-experimental-features.

  • WebKitTestRunner/Options.h:
  • WebKitTestRunner/TestController.cpp:

(WTR::TestController::initialize):
(WTR::TestController::resetPreferencesToConsistentValues):

  • WebKitTestRunner/TestController.h:
3:31 PM Changeset in webkit [276558] by commit-queue@webkit.org
  • 4 edits
    2 adds in trunk

Crash in BreakBlockquoteCommand::doApply()
https://bugs.webkit.org/show_bug.cgi?id=224941

Patch by Julian Gonzalez <julian_a_gonzalez@apple.com> on 2021-04-24
Reviewed by Ryosuke Niwa.

Source/WebCore:

Despite assertions to the contrary, it is possible for there not to be any node
to move into the new blockquote in BreakBlockquoteCommand::doApply() as a result
of layout updates, so remove the assertions and handle this case.

Test: editing/pasteboard/paste-as-quotation-then-paste-crash.html

  • editing/BreakBlockquoteCommand.cpp:

(WebCore::BreakBlockquoteCommand::doApply):

LayoutTests:

Add test for this crash, running only on Release for now.
Thanks to Tuomas Karkkainen for its basic structure.

  • TestExpectations:
  • editing/pasteboard/paste-as-quotation-then-paste-crash-expected.txt: Added.
  • editing/pasteboard/paste-as-quotation-then-paste-crash.html: Added.
2:29 PM Changeset in webkit [276557] by Russell Epstein
  • 8 edits in branches/safari-611-branch/Source

Versioning.

WebKit-7611.2.5

2:21 PM Changeset in webkit [276556] by Russell Epstein
  • 8 edits in branches/safari-611-branch/Source/WebKit

Reland r275846 with Unreviewed crash fix. rdar://77106929

Corrects crash due to bad merge.

2:14 PM Changeset in webkit [276555] by Russell Epstein
  • 8 edits in branches/safari-611-branch/Source/WebKit

Revert "Re-land Cherry-pick r275846. rdar://problem/76727548"

This reverts commit r276398.

12:36 PM Changeset in webkit [276554] by graouts@webkit.org
  • 11 edits in trunk

Improve parsing and computed style of the rotate CSS property
https://bugs.webkit.org/show_bug.cgi?id=225019

Reviewed by Dean Jackson.

LayoutTests/imported/w3c:

Mark 2 WPT progressions and add some new parsing WPT tests for rotate.

  • web-platform-tests/css/css-transforms/animation/rotate-composition-expected.txt: We don't support additive interpolation,

the FAIL result is most likely a test that passed without proper support for the feature which now fails due to lack of
support for this feature.

  • web-platform-tests/css/css-transforms/parsing/rotate-parsing-valid-expected.txt:
  • web-platform-tests/css/css-transforms/parsing/rotate-parsing-valid.html:
  • web-platform-tests/web-animations/animation-model/animation-types/accumulation-per-property-002-expected.txt:
  • web-platform-tests/web-animations/animation-model/animation-types/addition-per-property-002-expected.txt:
  • web-platform-tests/web-animations/animation-model/animation-types/interpolation-per-property-002-expected.txt:

Source/WebCore:

There were a few issues with how we parsed the rotate CSS property and how we dealt with it
when resolving the computed style.

When parsing, we required individual vector coordinates to be 1 when others were 0 for a vector
to be considered parallel with the x, y or z axis. We now support any positive value. Then, as
we create the TransformOperation from the CSSValue, we must set the type to ROTATE_3D instead
of ROTATE_Z if the z axis was specified through the CSS value. Indeed, ROTATE_Z is equivalent
to ROTATE and without setting this type to ROTATE_3D, TransformOperation::is3DOperation() would
return false.

This is important because when figuring out the computed style, we should only return an angle
without a rotation vector if TransformOperation::is3DOperation() is false. For the case where
the operation was specified in 3D, we now use the same rule used when parsing to determine
whether the rotation vector is parallel with the x, y or z axis to use the matching keywords.

  • css/CSSComputedStyleDeclaration.cpp:

(WebCore::computedRotate):

  • css/TransformFunctions.cpp:

(WebCore::rotateForValue):

  • css/parser/CSSPropertyParser.cpp:

(WebCore::consumeRotate):

12:35 PM Changeset in webkit [276553] by graouts@webkit.org
  • 6 edits in trunk

Support interpolation of the background-repeat shorthand
https://bugs.webkit.org/show_bug.cgi?id=225016

Reviewed by Dean Jackson.

LayoutTests/imported/w3c:

Mark 10 WPT progressions.

  • web-platform-tests/web-animations/animation-model/animation-types/accumulation-per-property-001-expected.txt:
  • web-platform-tests/web-animations/animation-model/animation-types/addition-per-property-001-expected.txt:
  • web-platform-tests/web-animations/animation-model/animation-types/interpolation-per-property-001-expected.txt:

Source/WebCore:

  • animation/CSSPropertyAnimation.cpp:

(WebCore::CSSPropertyAnimationWrapperMap::CSSPropertyAnimationWrapperMap):

12:33 PM Changeset in webkit [276552] by graouts@webkit.org
  • 7 edits in trunk

Fix interpolation of the clip CSS property
https://bugs.webkit.org/show_bug.cgi?id=225017

Reviewed by Dean Jackson.

LayoutTests/imported/w3c:

Mark 13 WPT progressions.

  • web-platform-tests/web-animations/animation-model/animation-types/accumulation-per-property-001-expected.txt:
  • web-platform-tests/web-animations/animation-model/animation-types/addition-per-property-001-expected.txt:
  • web-platform-tests/web-animations/animation-model/animation-types/interpolation-per-property-001-expected.txt:
  • web-platform-tests/web-animations/animation-model/keyframe-effects/effect-value-iteration-composite-operation-expected.txt:

Source/WebCore:

While we interpolated the clip value correctly, we wouldn't set the RenderStyle bit that
indicates that there is a non-auto value in the first place. With a new dedicated wrapper,
we can ensure we set the bit correctly as we blend, and that we use discrete interpolation
if both the from and to values aren't auto.

  • animation/CSSPropertyAnimation.cpp:

(WebCore::CSSPropertyAnimationWrapperMap::CSSPropertyAnimationWrapperMap):

12:32 PM Changeset in webkit [276551] by graouts@webkit.org
  • 5 edits in trunk

Computed style for the translate CSS property should use px for the z value
https://bugs.webkit.org/show_bug.cgi?id=225018

Reviewed by Dean Jackson.

LayoutTests/imported/w3c:

Mark a single WPT progression.

  • web-platform-tests/css/css-transforms/animation/translate-composition-expected.txt:
  • web-platform-tests/web-animations/animation-model/animation-types/interpolation-per-property-002-expected.txt:

Source/WebCore:

  • css/CSSComputedStyleDeclaration.cpp:

(WebCore::computedTranslate):

9:02 AM Changeset in webkit [276550] by commit-queue@webkit.org
  • 16 edits in trunk

Refactor ValueRange from enum to enum class
https://bugs.webkit.org/show_bug.cgi?id=224981

Patch by Tyler Wilcock <Tyler Wilcock> on 2021-04-24
Reviewed by Sam Weinig.

Source/WebCore:

Refactor ValueRange from:

enum ValueRange {

ValueRangeAll,
ValueRangeNonNegative

}

to:

enum ValueRange : uint8_t {

All,
NonNegative

}

making it smaller (one byte versus four) and harder to misuse (no
auto-coercion to number types).

  • animation/CSSPropertyAnimation.cpp:

(WebCore::blendFunc):
Refactor ValueRangeAll and ValueRangeNonNegative to ValueRange::All
and ValueRange::NonNegative.

  • css/CSSCalculationValue.cpp:

(WebCore::CSSCalcValue::create):
Refactor ValueRangeAll and ValueRangeNonNegative to ValueRange::All
and ValueRange::NonNegative.

  • css/CSSCalculationValue.h:

(WebCore::CSSCalcValue::createCalculationValue const):
(WebCore::CSSCalcValue::setPermittedValueRange):
Refactor ValueRangeAll and ValueRangeNonNegative to ValueRange::All
and ValueRange::NonNegative.

  • css/MediaQueryExpression.cpp:

(WebCore::consumeFirstValue):
Refactor ValueRangeAll and ValueRangeNonNegative to ValueRange::All
and ValueRange::NonNegative.

  • css/parser/CSSPropertyParser.cpp:

(WebCore::CSSPropertyParser::consumeTransformOrigin):
(WebCore::consumeLetterSpacing):
(WebCore::consumeWordSpacing):
(WebCore::consumeTabSize):
(WebCore::consumeTextSizeAdjust):
(WebCore::consumeFontSize):
(WebCore::consumeLineHeight):
(WebCore::consumeSize):
(WebCore::consumeTextIndent):
(WebCore::consumeScrollPadding):
(WebCore::consumeMaxWidthOrHeight):
(WebCore::consumeWidthOrHeight):
(WebCore::consumeMarginOrOffset):
(WebCore::consumeClipComponent):
(WebCore::consumeLineClamp):
(WebCore::consumeHyphenateLimit):
(WebCore::consumeColumnWidth):
(WebCore::consumeGapLength):
(WebCore::consumeZoom):
(WebCore::consumeAnimationIterationCount):
(WebCore::consumeAnimationValue):
(WebCore::consumeLineWidth):
(WebCore::consumeTranslate3d):
(WebCore::consumeNumbers):
(WebCore::consumePerspective):
(WebCore::consumeTransformValue):
(WebCore::consumeTranslate):
(WebCore::consumeScale):
(WebCore::consumeRotate):
(WebCore::consumePositionLonghand):
(WebCore::consumeFlexBasis):
(WebCore::consumeKerning):
(WebCore::consumeStrokeDasharray):
(WebCore::consumeBaselineShift):
(WebCore::consumeRxOrRy):
(WebCore::consumeBorderRadiusCorner):
(WebCore::consumeTextUnderlineOffset):
(WebCore::consumeTextDecorationThickness):
(WebCore::consumeVerticalAlign):
(WebCore::consumeShapeRadius):
(WebCore::consumeBasicShapePolygon):
(WebCore::consumeRadii):
(WebCore::consumeBasicShapeInset):
(WebCore::consumeBorderImageSlice):
(WebCore::consumeBorderImageOutset):
(WebCore::consumeBorderImageWidth):
(WebCore::consumeReflect):
(WebCore::consumeBackgroundSize):
(WebCore::consumeFitContent):
(WebCore::consumeGridBreadth):
(WebCore::consumeInitialLetter):
(WebCore::consumeWebkitMarqueeIncrement):
(WebCore::consumeWebkitMarqueeRepetition):
(WebCore::consumeWebkitMarqueeSpeed):
(WebCore::consumeAspectRatio):
(WebCore::CSSPropertyParser::parseSingleValue):
(WebCore::CSSPropertyParser::consumeBorderSpacing):
(WebCore::CSSPropertyParser::consumeFlex):
Refactor ValueRangeAll and ValueRangeNonNegative to ValueRange::All
and ValueRange::NonNegative.

  • css/parser/CSSPropertyParserHelpers.cpp:

(WebCore::CSSPropertyParserHelpers::consumeNumberOrPercentDividedBy100Raw):
(WebCore::CSSPropertyParserHelpers::CalcParser::CalcParser):
(WebCore::CSSPropertyParserHelpers::consumeNumberRaw):
(WebCore::CSSPropertyParserHelpers::consumeFontWeightNumberRaw):
(WebCore::CSSPropertyParserHelpers::consumeLengthRaw):
(WebCore::CSSPropertyParserHelpers::consumePercentRaw):
(WebCore::CSSPropertyParserHelpers::consumeAngleRaw):
(WebCore::CSSPropertyParserHelpers::consumeAngleWorkerSafe):
(WebCore::CSSPropertyParserHelpers::consumeTime):
(WebCore::CSSPropertyParserHelpers::consumePositionComponent):
(WebCore::CSSPropertyParserHelpers::consumeDeprecatedGradientPoint):
(WebCore::CSSPropertyParserHelpers::consumeDeprecatedGradient):
(WebCore::CSSPropertyParserHelpers::consumeGradientColorStops):
(WebCore::CSSPropertyParserHelpers::consumeDeprecatedRadialGradient):
(WebCore::CSSPropertyParserHelpers::consumeRadialGradient):
(WebCore::CSSPropertyParserHelpers::consumeFilterFunction):
(WebCore::CSSPropertyParserHelpers::consumeSingleShadow):
(WebCore::CSSPropertyParserHelpers::consumeFontSizeRaw):
(WebCore::CSSPropertyParserHelpers::consumeLineHeightRaw):
Refactor ValueRangeAll and ValueRangeNonNegative to ValueRange::All
and ValueRange::NonNegative.

  • css/parser/CSSPropertyParserHelpers.h:

Refactor ValueRangeAll and ValueRangeNonNegative to ValueRange::All
and ValueRange::NonNegative.

  • css/parser/CSSPropertyParserWorkerSafe.cpp:

(WebCore::CSSPropertyParserHelpersWorkerSafe::consumeFontStretch):
(WebCore::CSSPropertyParserHelpersWorkerSafe::consumeFontStretchRange):
Refactor ValueRangeAll and ValueRangeNonNegative to ValueRange::All
and ValueRange::NonNegative.

  • page/IntersectionObserver.cpp:

(WebCore::parseRootMargin):
Refactor ValueRangeAll and ValueRangeNonNegative to ValueRange::All
and ValueRange::NonNegative.

  • platform/CalculationValue.h:

(WebCore::CalculationValue::CalculationValue):
Refactor ValueRangeAll and ValueRangeNonNegative to ValueRange::All
and ValueRange::NonNegative.

  • platform/Length.cpp:

(WebCore::convertTo100PercentMinusLength):
(WebCore::blendMixedTypes):
(WebCore::blend):
Refactor ValueRangeAll and ValueRangeNonNegative to ValueRange::All
and ValueRange::NonNegative.

  • platform/Length.h:

Refactor enum ValueRange to enum class ValueRange.

  • style/StyleBuilderConverter.h:

(WebCore::Style::BuilderConverter::convertTo100PercentMinusLength):
Refactor ValueRangeAll and ValueRangeNonNegative to ValueRange::All
and ValueRange::NonNegative.

Tools:

ValueRange has been refactored from enum to enum class : uint8_t to
make it smaller and harder to misuse.

  • TestWebKitAPI/Tests/WebCore/CalculationValue.cpp:

(TestWebKitAPI::createTestValue):
Refactor ValueRangeAll and ValueRangeNonNegative to ValueRange::All
and ValueRange::NonNegative.

6:42 AM Changeset in webkit [276549] by Alan Bujtas
  • 3 edits
    2 adds in trunk

[RenderTreeBuilder] Subtree moving should clear the floats on all the descendants
https://bugs.webkit.org/show_bug.cgi?id=224996
<rdar://76837320>

Reviewed by Antti Koivisto.

Source/WebCore:

While moving a subtree, we invalidate the floating object list so that we don't end up with incorrectly placed floats (they'll get regenerated during the subsequent layout).
A float can be "assigned" to more than one RenderBlockFlow (e.g intruding floats). It's very common that a set of descendant RenderBlockFlow
renderers "see" the same set of floats (each RenderBlockFlow has its own list of floating objects).
Now the invalidation is based on ancestor-to-descendant direction starting with finding the outer most containing block for a particular float (see outermostBlockContainingFloatingObject)
The invalidation logic also expects no gaps in the ancestor chain e.g.

RenderBlockFlow (A) -> float X

RenderBlockFlow (B) -> float X

RenderBlockFlow (C) -> float X

if float X is assigned to both A and C, then it must be assigned to B as well.

RenderBlockFlow::removeFloatingObjects() simply removes the float from the renderer. It does not invalidate the ancestor/descendant chain.
e.g. calling B.removeFloatingObjects() would just remove float X from RenderBlockFlow (B)

RenderBlockFlow (A) -> float X

RenderBlockFlow (B)

RenderBlockFlow (C) -> float X

and any subsequent invalidation attempt would fail to clear up A or C (depending on whether it is initiated on A or C).

Test: fast/multicol/floating-boxes-moved-under-multi-column.html

  • rendering/updating/RenderTreeBuilder.cpp:

(WebCore::RenderTreeBuilder::moveChildren):

LayoutTests:

  • fast/multicol/floating-boxes-moved-under-multi-column-expected.txt: Added.
  • fast/multicol/floating-boxes-moved-under-multi-column.html: Added.
6:10 AM Changeset in webkit [276548] by Alan Bujtas
  • 2 edits in trunk/Source/WebCore

[LFC] Ignore content height and width when 'contain: size' is present
https://bugs.webkit.org/show_bug.cgi?id=225013

Reviewed by Antti Koivisto.

Enable size containment for "shrink to fit width" and for "height: auto" formatting context roots.
https://www.w3.org/TR/css-contain-2/#size-containment.

  • layout/FormattingContextGeometry.cpp:

(WebCore::Layout::FormattingContext::Geometry::contentHeightForFormattingContextRoot const):
(WebCore::Layout::FormattingContext::Geometry::shrinkToFitWidth):

12:41 AM Changeset in webkit [276547] by commit-queue@webkit.org
  • 4 edits
    2 adds in trunk

Move selectedOptions cache invalidation timing
https://bugs.webkit.org/show_bug.cgi?id=224894

Patch by Rob Buis <rbuis@igalia.com> on 2021-04-24
Reviewed by Ryosuke Niwa.

Source/WebCore:

Move selectedOptions cache invalidation timing out
of setSelectedState, having it in setSelectedState
can cause selectedOptions cache invalidation while
determining the cache.

Test: fast/dom/HTMLSelectElement/selected-options-item-crash.html

  • html/HTMLOptionElement.cpp:

(WebCore::HTMLOptionElement::setSelectedState):

  • html/HTMLSelectElement.cpp:

(WebCore::HTMLSelectElement::updateListBoxSelection):
(WebCore::HTMLSelectElement::selectOption):
(WebCore::HTMLSelectElement::deselectItemsWithoutValidation):
(WebCore::HTMLSelectElement::restoreFormControlState):
(WebCore::HTMLSelectElement::reset):
(WebCore::HTMLSelectElement::updateSelectedState):

LayoutTests:

Add test for this.

  • fast/dom/HTMLSelectElement/selected-options-item-crash-expected.txt: Added.
  • fast/dom/HTMLSelectElement/selected-options-item-crash.html: Added.
Note: See TracTimeline for information about the timeline view.