Timeline

View changes from
going back days
by author

Repository changesets Wiki changes

Jul 26, 2021:

9:42 PM Changeset in webkit [280337] by Said Abou-Hallawa

• 20 edits
  1 copy
  1 add in trunk/Source

Regulate the WebPage RenderingUpdates from the WebProcess to the GPUProcess
​https://bugs.webkit.org/show_bug.cgi?id=227791
<rdar://78430639>

Reviewed by Simon Fraser.

Source/WebCore:

Make ChromeClient decide whether a RenderingUpdate can be triggered or
should be rescheduled. Keep track of how many times RenderingUpdate was
rescheduled to ensure RenderingUpdate will be triggered anyway after a
certain number of reschedules.

• page/ChromeClient.h:

(WebCore::ChromeClient::canTriggerRenderingUpdate const):

• page/RenderingUpdateScheduler.cpp:

(WebCore::RenderingUpdateScheduler::displayRefreshFired):

• page/RenderingUpdateScheduler.h:

Source/WebKit:

This is the workflow to regulate the WebPage RenderingUpdates:

-- WebPage::finalizeRenderingUpdate() calls RemoteRenderingBackendProxy::

finalizeRenderingUpdate().

-- RemoteRenderingBackendProxy::finalizeRenderingUpdate() sends its

renderingUpdateID to GPUPProcess and asks it to process all the
pending DisplayList items.

-- RemoteRenderingBackend::finalizeRenderingUpdate) processes all the

pending items and sends the received renderingUpdateID back to the
WebProcess.

-- RemoteRenderingBackendProxy::didFinalizeRenderingUpdate() stores the

received didRenderingUpdateID.

-- RemoteRenderingBackendProxy::delayedRenderingUpdateCount() returns

'renderingUpdateID - didRenderingUpdateID' which is the number of
un-processed finalizeRenderingUpdate by GPUP.

-- WebPage::canTriggerRenderingUpdate() uses delayedRenderingUpdateCount()

to decides whether the current RenderingUpdate can be triggered or
should be rescheduled.

-- RenderingUpdateScheduler::displayRefreshFired() calls

WebPage::canTriggerRenderingUpdate() through the page chrome client.

• GPUProcess/graphics/RemoteRenderingBackend.cpp:

(WebKit::RemoteRenderingBackend::submit):
(WebKit::RemoteRenderingBackend::finalizeRenderingUpdate):

• GPUProcess/graphics/RemoteRenderingBackend.h:
• GPUProcess/graphics/RemoteRenderingBackend.messages.in:
• Scripts/webkit/messages.py:

(types_that_cannot_be_forward_declared):

• Shared/MonotonicObjectIdentifier.h: Copied from Source/WebKit/Shared/TransactionID.h.

(WebKit::MonotonicObjectIdentifier::MonotonicObjectIdentifier):
(WebKit::MonotonicObjectIdentifier::isHashTableDeletedValue const):
(WebKit::MonotonicObjectIdentifier::encode const):
(WebKit::MonotonicObjectIdentifier::decode):
(WebKit::MonotonicObjectIdentifier::operator== const):
(WebKit::MonotonicObjectIdentifier::operator> const):
(WebKit::MonotonicObjectIdentifier::operator>= const):
(WebKit::MonotonicObjectIdentifier::operator< const):
(WebKit::MonotonicObjectIdentifier::operator<= const):
(WebKit::MonotonicObjectIdentifier::operator!= const):
(WebKit::MonotonicObjectIdentifier::increment):
(WebKit::MonotonicObjectIdentifier::next const):
(WebKit::MonotonicObjectIdentifier::toUInt64 const):
(WebKit::MonotonicObjectIdentifier::operator bool const):
(WebKit::MonotonicObjectIdentifier::loggingString const):
(WebKit::MonotonicObjectIdentifier::hashTableDeletedValue):
(WebKit::MonotonicObjectIdentifier::isValidIdentifier):
(WebKit::operator<<):

• Shared/RenderingUpdateID.h: Added.
• Shared/TransactionID.h:

(WebKit::MonotonicObjectIdentifier::MonotonicObjectIdentifier): Deleted.
(WebKit::MonotonicObjectIdentifier::isHashTableDeletedValue const): Deleted.
(WebKit::MonotonicObjectIdentifier::encode const): Deleted.
(WebKit::MonotonicObjectIdentifier::decode): Deleted.
(WebKit::MonotonicObjectIdentifier::operator== const): Deleted.
(WebKit::MonotonicObjectIdentifier::operator> const): Deleted.
(WebKit::MonotonicObjectIdentifier::operator>= const): Deleted.
(WebKit::MonotonicObjectIdentifier::operator< const): Deleted.
(WebKit::MonotonicObjectIdentifier::operator<= const): Deleted.
(WebKit::MonotonicObjectIdentifier::operator!= const): Deleted.
(WebKit::MonotonicObjectIdentifier::increment): Deleted.
(WebKit::MonotonicObjectIdentifier::next const): Deleted.
(WebKit::MonotonicObjectIdentifier::toUInt64 const): Deleted.
(WebKit::MonotonicObjectIdentifier::operator bool const): Deleted.
(WebKit::MonotonicObjectIdentifier::loggingString const): Deleted.
(WebKit::MonotonicObjectIdentifier::hashTableDeletedValue): Deleted.
(WebKit::MonotonicObjectIdentifier::isValidIdentifier): Deleted.
(WebKit::operator<<): Deleted.

• WebKit.xcodeproj/project.pbxproj:
• WebProcess/GPU/graphics/RemoteRenderingBackendProxy.cpp:

(WebKit::RemoteRenderingBackendProxy::gpuProcessConnectionDidClose):
(WebKit::RemoteRenderingBackendProxy::finalizeRenderingUpdate):
(WebKit::RemoteRenderingBackendProxy::didFinalizeRenderingUpdate):

• WebProcess/GPU/graphics/RemoteRenderingBackendProxy.h:

(WebKit::RemoteRenderingBackendProxy::renderingUpdateID const):
(WebKit::RemoteRenderingBackendProxy::delayedRenderingUpdateCount const):

• WebProcess/GPU/graphics/RemoteRenderingBackendProxy.messages.in:
• WebProcess/GPU/graphics/RemoteResourceCacheProxy.cpp:

(WebKit::RemoteResourceCacheProxy::cacheFont):
(WebKit::RemoteResourceCacheProxy::prepareForNextRenderingUpdate):
(WebKit::RemoteResourceCacheProxy::clearFontMap):
(WebKit::RemoteResourceCacheProxy::finalizeRenderingUpdateForFonts):
(WebKit::RemoteResourceCacheProxy::finalizeRenderingUpdate):
(WebKit::RemoteResourceCacheProxy::didFinalizeRenderingUpdate): Deleted.

• WebProcess/GPU/graphics/RemoteResourceCacheProxy.h:
• WebProcess/WebCoreSupport/WebChromeClient.cpp:

(WebKit::WebChromeClient::canTriggerRenderingUpdate const):

• WebProcess/WebCoreSupport/WebChromeClient.h:
• WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::canTriggerRenderingUpdate const):
(WebKit::WebPage::finalizeRenderingUpdate):

• WebProcess/WebPage/WebPage.h:

7:21 PM Changeset in webkit [280336] by Wenson Hsieh

• 10 edits
  1 add in trunk

[macOS Monterey] Pressing Fn+E should present the emoji picker when editing
​https://bugs.webkit.org/show_bug.cgi?id=228300
rdar://77558672

Reviewed by Tim Horton.

Source/WebCore/PAL:

Add a new SPI declaration on NSMenu. See WebKit and WebKitLegacy changes for more information.

• pal/spi/mac/NSMenuSPI.h:

Source/WebKit:

In macOS Monterey, the system-wide Fn+E key command presents the Emoji & Symbols UI as a popover. However, this
new key command currently does not work in editable contexts in both WebKit1 and WebKit2 views on macOS, where
we end up just inserting the character "e".

This is because, on both ports, we attempt to interpret NSEvents by calling back into AppKit to handle the
event, recording the selectors that *would've* been performed, and then using this information to build up a
list of WebCore::KeyCommand for the event (which are later converted into editing commands). In WebKit2, we
call into -[NSTextInputContext handleEventByKeyboardLayout:] to handle the event, and capture the resulting
calls back into WKWebView by storing entries in m_collectedKeypressCommands (something similar happens in
WebKit1). In the case of these new Fn commands, they are handled by the system before entering
NSTextInputContext, so NSTextInputContext ends up handling them as regular text insertion.

As an aside, the reason the meta (⌘) key doesn't encounter this problem is because meta, option, control and
shift are considered valid key bindings in NSKeyBindingManager, whereas the function key mask is specifically
excluded from this list for compability reasons. NSTextInputContext consults NSKeyBindingManager in order to
check whether the given NSEvent is a known key binding in -handleEventByKeyboardLayout:, so it fails to
acknowledge Fn+E as a key binding.

To work around this, we adopt new AppKit SPI added in rdar://81123724 to determine whether an NSEvent maps to
any main menu items and avoid handling "Fn-*" key events as text insertion if they already map to items in the
main menu.

Test: KeyboardEventTests.FunctionKeyCommand

• UIProcess/Cocoa/WebViewImpl.mm:

(WebKit::WebViewImpl::collectKeyboardLayoutCommandsForEvent):

Source/WebKitLegacy/mac:

Apply a similar fix, this time for WebKit1 on macOS.

• WebView/WebHTMLView.mm:

(-[WebHTMLView insertText:]):

Only append "insertText:" for a corresponding NSEvent with the Function key held down if it doesn't also map
to a item in the main menu.

Tools:

Add a new API test that simulates a keypress for "Fn+E" with a main menu that contains a system menu item for
that key binding; the test then verifies that text was not inserted into the page as a result.

• TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
• TestWebKitAPI/Tests/mac/KeyboardEventTests.mm: Added.

(-[KeyboardTestMenu _containsItemMatchingEvent:includingDisabledItems:]):
(TestWebKitAPI::TEST):

• TestWebKitAPI/cocoa/TestWKWebView.h:
• TestWebKitAPI/cocoa/TestWKWebView.mm:

(-[TestWKWebView typeCharacter:]):
(-[TestWKWebView typeCharacter:modifiers:]):

6:43 PM Changeset in webkit [280335] by ysuzuki@apple.com

• 17 edits in trunk

Unreviewed, speculative revert of r280193
​https://bugs.webkit.org/show_bug.cgi?id=228142

Source/WebCore:

• html/parser/HTMLConstructionSite.cpp:

(WebCore::HTMLConstructionSite::insertTextNode):

• html/parser/HTMLConstructionSite.h:
• html/parser/HTMLDocumentParser.cpp:

(WebCore::HTMLDocumentParser::pumpTokenizerLoop):

• html/parser/HTMLMetaCharsetParser.cpp:

(WebCore::HTMLMetaCharsetParser::checkForMetaCharset):

• html/parser/HTMLPreloadScanner.cpp:

(WebCore::HTMLPreloadScanner::scan):

• html/parser/HTMLToken.h:

(WebCore::HTMLToken::clear):
(WebCore::HTMLToken::beginStartTag):
(WebCore::HTMLToken::beginEndTag):
(WebCore::HTMLToken::shrinkToBestFit): Deleted.

• html/parser/HTMLTokenizer.h:

(WebCore::HTMLTokenizer::shrinkToBestFit): Deleted.

• html/parser/HTMLTreeBuilder.cpp:

(WebCore::HTMLTreeBuilder::ExternalCharacterTokenBuffer::characterPredicate):
(WebCore::HTMLTreeBuilder::processFakeCharacters):
(WebCore::HTMLTreeBuilder::insertPhoneNumberLink):
(WebCore::HTMLTreeBuilder::linkifyPhoneNumbers):
(WebCore::HTMLTreeBuilder::processCharacterBuffer):
(WebCore::HTMLTreeBuilder::processCharacterBufferForInBody):
(WebCore::HTMLTreeBuilder::defaultForInTableText):
(WebCore::HTMLTreeBuilder::processTokenInForeignContent):

• html/parser/HTMLTreeBuilder.h:

Source/WTF:

• wtf/Vector.h:

(WTF::Malloc>::shrinkCapacity):
(WTF::Malloc>::shrinkToBestFit): Deleted.

• wtf/text/AtomStringImpl.cpp:

(WTF::UCharBufferTranslator::equal):
(WTF::LCharBufferTranslator::equal):
(WTF::BufferFromStaticDataTranslator::equal):

• wtf/text/StringView.h:

(WTF::StringView::stripLeadingMatchedCharacters): Deleted.

Tools:

• TestWebKitAPI/Tests/WTF/StringView.cpp:
• TestWebKitAPI/Tests/WTF/Vector.cpp:

6:40 PM Changeset in webkit [280334] by mmaxfield@apple.com

• 12 edits in trunk/Source

[GPU Process] Add resource use counter infrastructure to RemoteResourceCache
​https://bugs.webkit.org/show_bug.cgi?id=228222

Reviewed by Said Abou-Hallawa.

Source/WebCore:

This is part 2 of ​https://bugs.webkit.org/show_bug.cgi?id=228216.

No new tests because there is no behavior change yet. This patch is just adding infrastructure. For now, all these
use counts sent by the web process are 0 - I'll implement that part in 3 follow-up patches.

• platform/graphics/displaylists/DisplayListReplayer.h:

(WebCore::DisplayList::Replayer::Delegate::recordResourceUse):

Source/WebKit:

This patch adds the infrastructure for associating a counter with each resource in the RemoteResourceCache.
As the web process uses a resource during display list recording, it increments a counter, and as the GPU
process uses a resource, it increments a counter in the RemoteResourceCache. When the web process is done
with a resource, it sends a release message to the GPU process which crucially includes the web process's
counter. The GPU process has to then wait to actually delete the resource until its own use counter matches
the one it received from the web process. This patch implements this deferred deletion infrastructure
in the GPU process.

• GPUProcess/graphics/RemoteRenderingBackend.cpp:

(WebKit::RemoteRenderingBackend::ReplayerDelegate::recordResourceUse):
(WebKit::RemoteRenderingBackend::releaseRemoteResource): Pass the use count to the RemoteResourceCache.

• GPUProcess/graphics/RemoteRenderingBackend.h: Add the use count field.
• GPUProcess/graphics/RemoteRenderingBackend.messages.in: Ditto.
• GPUProcess/graphics/RemoteResourceCache.cpp:

(WebKit::RemoteResourceCache::cacheImageBuffer): It's actually okay if there's already an resource cached.
That just means that the web process started using a resource again before the GPU process consumed all
commands that used it the first time. All we need to do is increment the open count.
(WebKit::RemoteResourceCache::cacheNativeImage): Ditto.
(WebKit::RemoteResourceCache::cacheFont): Ditto.
(WebKit::RemoteResourceCache::ensureResourceUseCounter):
(WebKit::RemoteResourceCache::maybeRemoveResource): This is called whenever it's possible for us to be in
situation where we should be removing a resource (aka whenever the use count increments). It checks to see
if we can remove the resource, and if it can, does so.
(WebKit::RemoteResourceCache::recordResourceUse): The callback that runs for each resource use during
replaying. It can't actually delete any resources, so instead it just records which resources had their
use counts incremented, and waits for prune() to actually call maybeRemoveResource().
(WebKit::RemoteResourceCache::prune): After the replay is complete, call maybeRemoveResource() on all the
resources which had their use counters touched.
(WebKit::RemoteResourceCache::releaseRemoteResource): Put the relevant resource into the state where we
are waiting for the use counters to match before we can delete the resource. Also, call maybeRemoveResource()
so it can be deleted immediately if the counters already match.

• GPUProcess/graphics/RemoteResourceCache.h: Add a new data structure to hold the use counters. There's

a big comment in here that describes what these fields mean.

• WebProcess/GPU/graphics/RemoteImageBufferProxy.h:

(WebKit::RemoteImageBufferProxy::~RemoteImageBufferProxy): Send a dummy use count for now. This will be
implemented in a follow-up patch.

• WebProcess/GPU/graphics/RemoteRenderingBackendProxy.cpp:

(WebKit::RemoteRenderingBackendProxy::releaseRemoteResource): Add the useCount parameter.

• WebProcess/GPU/graphics/RemoteRenderingBackendProxy.h: Ditto.
• WebProcess/GPU/graphics/RemoteResourceCacheProxy.cpp:

(WebKit::RemoteResourceCacheProxy::releaseNativeImage): Send a dummy use count for now. This will be
implemented in a follow-up patch.
(WebKit::RemoteResourceCacheProxy::clearFontMap): Ditto.
(WebKit::RemoteResourceCacheProxy::finalizeRenderingUpdateForFonts): Ditto.

6:07 PM Changeset in webkit [280333] by Chris Dumez

• 13 edits
  2 adds in trunk

Location.href setter uses wrong window to resolve relative URLs
​https://bugs.webkit.org/show_bug.cgi?id=228287

Reviewed by Darin Adler.

LayoutTests/imported/w3c:

Rebaseline a few WPT tests now that more checks are passing.

• web-platform-tests/html/semantics/scripting-1/the-script-element/execution-timing/083-expected.txt:
• web-platform-tests/html/semantics/scripting-1/the-script-element/execution-timing/084-expected.txt:
• web-platform-tests/html/webappapis/scripting/processing-model-2/window-onerror-with-cross-frame-event-listeners-1-expected.txt:
• web-platform-tests/html/webappapis/scripting/processing-model-2/window-onerror-with-cross-frame-event-listeners-2-expected.txt:

Source/WebCore:

Location::setLocation() is using "firstWindow" to resolve any input relative URL.
We rely on JSC::VM::deprecatedVMEntryGlobalObject() to get the first/entry window.
However, the test I wrote shows that we were using the wrong window as "first window"
in some cases (since this test would pass in other browsers but not in WebKit).

It turns out that JSEventListener::handleEvent() had a VMEntryScope internally that
would impact the global object being returned by JSC::VM::deprecatedVMEntryGlobalObject().
We were incorrectly using the scriptExecutionContext passed as parameter when constructing
the VMEntryScope instead of using the global object of the function we're about to call.
This bug addresses this.

Credits to Geoff Garen for identifying the issue in JSEventListener::handleEvent().

Test: http/tests/dom/window-location-set-href-relative-url.html

• bindings/js/JSEventListener.cpp:

(WebCore::JSEventListener::handleEvent):

• page/Location.cpp:

(WebCore::Location::setLocation):

LayoutTests:

Add layout test coverage. This test is passing in Chome and Firefox but was failing with
WebKit.

• http/tests/dom/window-location-set-href-relative-url-expected.txt: Added.
• http/tests/dom/window-location-set-href-relative-url.html: Added.

5:37 PM Changeset in webkit [280332] by commit-queue@webkit.org

• 4 edits in trunk/Source/WebCore

This is responding to feedback on r280310.
​https://bugs.webkit.org/show_bug.cgi?id=227718

Patch by Johnson Zhou <​qiaosong_zhou@apple.com> on 2021-07-26
Reviewed by Alex Christensen.

• dom/FormDataEvent.h:

(WebCore::FormDataEvent::formData const):

• html/DOMFormData.cpp:

(WebCore::DOMFormData::create):
(WebCore::DOMFormData::clone const):
(WebCore::DOMFormData::clone): Deleted.

• html/DOMFormData.h:

5:34 PM Changeset in webkit [280331] by Eric Hutchison

• 2 edits in trunk/LayoutTests

imported/w3c/web-platform-tests/css/css-scoping/css-scoping-shadow-dynamic-remove-style-detached.html is a flaky failure.
​https://bugs.webkit.org/show_bug.cgi?id=228311.

Unreviewed test gardening.

• platform/mac/TestExpectations:

5:25 PM Changeset in webkit [280330] by Jean-Yves Avenard

• 4 edits
  2 adds in trunk

Video pauses after scrubbing with Touch Bar
​https://bugs.webkit.org/show_bug.cgi?id=228277
rdar://80606886

Reviewed by Jer Noble.

Source/WebCore:

In ​https://trac.webkit.org/r206487 ; in order to ensure that the playback state
was properly reflected following a seek using the touch bar, the element was paused.
It's unclear if that workaround is still required, but for now we will record if the
element was playing before the seek and if so, resume playback once the seek completes.
Now that the touch bar and Now Playing are hooked to the Media Session action handlers
the behaviour change will occur for all those components.

Test: media/media-session/play-after-seek.html

• html/HTMLMediaElement.cpp:

(WebCore::HTMLMediaElement::HTMLMediaElement): Initialize new member in constructor.
(WebCore::HTMLMediaElement::clearSeeking):
(WebCore::HTMLMediaElement::finishSeek): Call play() once seek completes if the element
was playing before.
(WebCore::HTMLMediaElement::pause): Ensure that if pause() is called before the seek
completes, the element stays paused.
(WebCore::HTMLMediaElement::handleSeekToPlaybackPosition): Record playing state before
pausing the element.

• html/HTMLMediaElement.h: Add new boolean member.

LayoutTests:

• media/media-session/play-after-seek-expected.txt: Added.
• media/media-session/play-after-seek.html: Added.

5:15 PM Changeset in webkit [280329] by Eric Hutchison

• 2 edits in trunk/LayoutTests

Update test expectations for inspector/canvas/recording-bitmaprenderer-memoryLimit.html.
​https://bugs.webkit.org/show_bug.cgi?id=227881.

Unreviewed test gardening.

• platform/mac-wk2/TestExpectations:

5:06 PM Changeset in webkit [280328] by jer.noble@apple.com

• 2 edits in trunk/Source/WebKit

REGRESSION: [iOS] ASSERTION FAILED: !m_messageReceiverMapCount under WebKit::RemoteAudioHardwareListener::~RemoteAudioHardwareListener()
​https://bugs.webkit.org/show_bug.cgi?id=228038
<rdar://problem/80705471>

Reviewed by Chris Dumez.

Remove RemoteAudioHardwareListener from the GPUProcessConnection messageMap when the connection closes.

• WebProcess/GPU/media/RemoteAudioHardwareListener.cpp:

(WebKit::RemoteAudioHardwareListener::gpuProcessConnectionDidClose):

5:06 PM Changeset in webkit [280327] by jer.noble@apple.com

• 6 edits in trunk/Source

[Cocoa] WebKit is making GroupActivities API calls for all WebKit clients
​https://bugs.webkit.org/show_bug.cgi?id=228299
<rdar://80802982>

Reviewed by Eric Carlson.

Source/WebKit:

Tie registering for GroupActivities notifications to the MediaSessionCoordinatorEnabled
WebPreference, and make the default value for that preference depend on having the
"com.apple.developer.group-session.urlactivity" entitlement. All WebKit clients with
that entitlement will have the preference enabled by default; all other clients will
have that preference disabled by default.

• Shared/WebPreferencesDefaultValues.cpp:

(WebKit::defaultMediaSessionCoordinatorEnabled):

• Shared/WebPreferencesDefaultValues.h:
• UIProcess/WebPageProxy.cpp:

(WebKit::m_limitsNavigationsToAppBoundDomains):
(WebKit::WebPageProxy::~WebPageProxy):
(WebKit::WebPageProxy::didCommitLoadForFrame):

Source/WTF:

• Scripts/Preferences/WebPreferencesExperimental.yaml:

5:02 PM Changeset in webkit [280326] by jer.noble@apple.com

• 2 edits in trunk/Source/WebKit

REGRESSION: [iOS] ASSERTION FAILED: !m_useCount in WebKit::SandboxExtension::~SandboxExtension()
​https://bugs.webkit.org/show_bug.cgi?id=228171
<rdar://problem/80926509>

Reviewed by Eric Carlson.

SandboxExtension expects to be revoked before it is destroyed, something that is done by
RemoteMediaPlayerProxy::invalidate(). However, invalidate() won't be called if the
RemoteMediaPlayerManagerProxy is destroyed before all its proxies are invalidated.

Ensure every RemoteMediaPlayerProxy contained by the RemoteMediaPlayerManagerProxy is
invalidated in RemoteMediaPlayerManagerProxy's destructor.

• GPUProcess/media/RemoteMediaPlayerManagerProxy.cpp:

(WebKit::RemoteMediaPlayerManagerProxy::~RemoteMediaPlayerManagerProxy):

• GPUProcess/media/RemoteMediaPlayerManagerProxy.h:

4:58 PM Changeset in webkit [280325] by commit-queue@webkit.org

• 4 edits in trunk

WKUserContentController.removeAllScriptMessageHandlers() doesn't release the message handlers
​https://bugs.webkit.org/show_bug.cgi?id=228271

Patch by Alex Christensen <​achristensen@webkit.org> on 2021-07-26
Reviewed by Sihui Liu.

Source/WebKit:

Covered by an API test.

• UIProcess/UserContent/WebUserContentControllerProxy.cpp:

(WebKit::WebUserContentControllerProxy::removeAllUserMessageHandlers):

Tools:

• TestWebKitAPI/Tests/WebKitCocoa/UserContentController.mm:

(TEST):

4:55 PM Changeset in webkit [280324] by Ayumi Kojima

• 2 edits in trunk/LayoutTests

[ iOS Debug ] http/tests/xmlhttprequest/access-control-preflight-credential-sync.html is a flaky crash.
​https://bugs.webkit.org/show_bug.cgi?id=228305

Unreviewed test gardening.

• platform/ios-wk2/TestExpectations:

4:54 PM Changeset in webkit [280323] by rniwa@webkit.org

• 4 edits in trunk/Source/WebCore

Deploy smart pointers in ApplyBlockElementCommand, IndentOutdentCommand and InsertListCommand
​https://bugs.webkit.org/show_bug.cgi?id=228304

Reviewed by Chris Dumez.

Use RefPtr in more places instead of raw pointers.

• editing/ApplyBlockElementCommand.cpp:

(WebCore::ApplyBlockElementCommand::formatSelection):
(WebCore::isNewLineAtPosition):
(WebCore::ApplyBlockElementCommand::rangeForParagraphSplittingTextNodesIfNeeded):
(WebCore::ApplyBlockElementCommand::endOfNextParagraphSplittingTextNodesIfNeeded):

• editing/IndentOutdentCommand.cpp:

(WebCore::IndentOutdentCommand::tryIndentingAsListItem):
(WebCore::IndentOutdentCommand::indentIntoBlockquote):
(WebCore::IndentOutdentCommand::outdentParagraph):

• editing/InsertListCommand.cpp:

(WebCore::InsertListCommand::mergeWithNeighboringLists):
(WebCore::InsertListCommand::unlistifyParagraph):
(WebCore::adjacentEnclosingList):
(WebCore::InsertListCommand::listifyParagraph):

4:51 PM Changeset in webkit [280322] by Alan Coon

• 1 copy in tags/Safari-611.3.10.1.6

Tag Safari-611.3.10.1.6.

4:37 PM Changeset in webkit [280321] by Eric Hutchison

• 2 edits in trunk/LayoutTests

[ Catalina+ Debug wk2 ] inspector/model/remote-object/iterator-large.html is a flaky timeout.
​https://bugs.webkit.org/show_bug.cgi?id=228210.

Unreviewed test gardening.

• platform/mac-wk2/TestExpectations:

4:27 PM Changeset in webkit [280320] by Eric Hutchison

• 2 edits in trunk/LayoutTests

Updated test expectations for fullscreen/full-screen-remove-children.html.
​https://bugs.webkit.org/show_bug.cgi?id=227874.

Unreviewed test gardening.

• platform/mac-wk2/TestExpectations:

3:09 PM Changeset in webkit [280319] by Kate Cheney

• 5 edits in trunk

ServiceWorkerRegistration.unregister method fails in WKWebView
​https://bugs.webkit.org/show_bug.cgi?id=227524
<rdar://problem/80264108>

Reviewed by Youenn Fablet.

Source/WebCore:

We should only check the app-bound domain list when registering a new
worker. Unregistering or updating an existing registration is fine because
we know that every registration has already gone through this check.

• workers/service/server/SWServer.cpp:

(WebCore::SWServer::addRegistrationFromStore):
(WebCore::SWServer::validateRegistrationDomain):
(WebCore::SWServer::scheduleJob):

• workers/service/server/SWServer.h:

Tools:

API test coverage. Drive-by fix to remove unnecessary WKWebView
configuration flags from tests that don't need them.

Note this will also fix ​https://bugs.webkit.org/show_bug.cgi?id=227531
where updating an existing worker fails after registering 3 domains,
but writing a test for that would require registering service workers
on 3 domains that are not localhost or a loopback IP address, which
we currently do not have infrastructure for.

Testing unregister was only possible because the script URL passed in
during the unregister job is null, so it does not get caught in the
localhost/loopback IP address check, unlike the update case.

• TestWebKitAPI/Tests/WebKitCocoa/InAppBrowserPrivacy.mm:

(TEST):
(-[SWInAppBrowserPrivacyMessageHandler userContentController:didReceiveScriptMessage:]):

3:07 PM Changeset in webkit [280318] by pvollan@apple.com

• 6 edits in trunk

The layout test fast/images/heic-as-background-image.html is a constant failure
​https://bugs.webkit.org/show_bug.cgi?id=228195
<rdar://80334724>

Reviewed by Said Abou-Hallawa.

Source/WebKit:

Call correct system function for required initialization.

No new tests, covered by existing test.

• WebProcess/cocoa/WebProcessCocoa.mm:

(WebKit::WebProcess::platformInitializeWebProcess):

Source/WTF:

Add HAVE macro for the system function CMPhotoIsTileDecoderAvailable.

• wtf/PlatformHave.h:

LayoutTests:

Update test expectations.

• platform/mac/TestExpectations:

2:59 PM Changeset in webkit [280317] by Kate Cheney

• 2 edits in trunk/Source/WebKit

Attribution context causes some performance regressions
​https://bugs.webkit.org/show_bug.cgi?id=228294

Unreviewed followup to address Darin's comment regarding unnecessary
semi-colons.

• NetworkProcess/cocoa/NetworkDataTaskCocoa.mm:

(processPCMRequest):
(overrideAttributionContext):

2:39 PM Changeset in webkit [280316] by Cameron McCormack

• 4 edits in trunk/Source/WebCore

Don't allow descriptors to be set to CSS-wide keywords
​https://bugs.webkit.org/show_bug.cgi?id=228218
<rdar://80675715>

Reviewed by Simon Fraser.

And store the parent rule type directly on
StyleRuleCSSStyleDeclaration so that we can still check it after
m_parentRule has been cleared.

• css/PropertySetCSSStyleDeclaration.cpp:

(WebCore::StyleRuleCSSStyleDeclaration::StyleRuleCSSStyleDeclaration):
(WebCore::StyleRuleCSSStyleDeclaration::cssParserContext const):

• css/PropertySetCSSStyleDeclaration.h:
• css/parser/CSSParserFastPaths.cpp:

(WebCore::parseKeywordValue):

2:26 PM Changeset in webkit [280315] by Russell Epstein

• 1 copy in tags/Safari-612.1.25

Tag Safari-612.1.25.

2:26 PM Changeset in webkit [280314] by Russell Epstein

• 1 delete in tags/Safari-612.1.25

Delete tag.

2:19 PM Changeset in webkit [280313] by Chris Dumez

• 3 edits in trunk/Source/WebCore

Rename activeWindow to incumbentWindow in the Location class
​https://bugs.webkit.org/show_bug.cgi?id=228295

Reviewed by Darin Adler.

Rename activeWindow to incumbentWindow in the Location class, since this is the naming used
both in the HTML specification and Location.idl.

• page/Location.cpp:

(WebCore::Location::setHref):
(WebCore::Location::setProtocol):
(WebCore::Location::setHost):
(WebCore::Location::setHostname):
(WebCore::Location::setPort):
(WebCore::Location::setPathname):
(WebCore::Location::setSearch):
(WebCore::Location::setHash):
(WebCore::Location::assign):
(WebCore::Location::replace):
(WebCore::Location::reload):
(WebCore::Location::setLocation):

• page/Location.h:

1:47 PM Changeset in webkit [280312] by commit-queue@webkit.org

• 3 edits
  2 adds in trunk

Crash in InsertParagraphSeparatorCommand::doApply
​https://bugs.webkit.org/show_bug.cgi?id=224977

Patch by Frédéric Wang <​fwang@igalia.com> on 2021-07-26
Reviewed by Ryosuke Niwa.

Source/WebCore:

Because <html> elements are handled specially in Position::isCandidate() (a) and
PositionIterator::isCandidate() (b), the function InsertParagraphSeparatorCommand::doApply()
may end up in a edge case where the startBlock is a sibling of the visible position per (a)
but isFirstInBlock,isLastInBlock is true,false per (b). This leads to hitting the debug
assertion ASSERT(startBlock->firstChild()) and dereferencing a nullptr pointer in release.
This patch fixes that by exiting early if the visible position is not a descendant of the
start block.

Test: editing/inserting/insert-paragraph-separator-with-html-elements-crash.html

• editing/InsertParagraphSeparatorCommand.cpp:

(WebCore::InsertParagraphSeparatorCommand::doApply):

LayoutTests:

Add regression test.

• editing/inserting/insert-paragraph-separator-with-html-elements-crash-expected.txt: Added.
• editing/inserting/insert-paragraph-separator-with-html-elements-crash.html: Added.

1:40 PM Changeset in webkit [280311] by Kate Cheney

• 2 edits in trunk/Source/WebKit

Attribution context causes some performance regressions
​https://bugs.webkit.org/show_bug.cgi?id=228294
<rdar://problem/76663528>

Reviewed by Per Arne Vollan.

Attribution context is used by the networking stack for a variety of
purposes, but is not always needed and can negatively affect
performance. For these reasons, we should override it in some cases.

• NetworkProcess/cocoa/NetworkDataTaskCocoa.mm:

(overrideAttributionContext):
(WebKit::NetworkDataTaskCocoa::NetworkDataTaskCocoa):

1:15 PM Changeset in webkit [280310] by commit-queue@webkit.org

• 37 edits
  3 adds in trunk

LayoutTests/imported/w3c:
Added FormDataEvent support.
​https://bugs.webkit.org/show_bug.cgi?id=227718

Patch by Johnson Zhou <​qiaosong_zhou@apple.com> on 2021-07-26
Reviewed by Chris Dumez.

• web-platform-tests/html/semantics/forms/form-submission-0/FormDataEvent.window-expected.txt:
• web-platform-tests/html/semantics/forms/form-submission-0/constructing-form-data-set-expected.txt:
• web-platform-tests/html/semantics/forms/form-submission-0/text-plain.window-expected.txt:
• web-platform-tests/html/semantics/forms/form-submission-0/urlencoded2.window-expected.txt:
• web-platform-tests/html/webappapis/scripting/events/event-handler-all-global-events-expected.txt:
• web-platform-tests/html/webappapis/scripting/events/event-handler-attributes-body-window-expected.txt:
• web-platform-tests/html/webappapis/scripting/events/event-handler-attributes-windowless-body-expected.txt:
• web-platform-tests/xhr/formdata-expected.txt:

Source/WebCore:
FormDataEvent added, and dispatched upon creation of DOMFormData or submission of HTMLFormElement.
​https://bugs.webkit.org/show_bug.cgi?id=227718

Patch by Johnson Zhou <​qiaosong_zhou@apple.com> on 2021-07-26
Reviewed by Chris Dumez.

• CMakeLists.txt:
• DerivedSources-input.xcfilelist:
• DerivedSources-output.xcfilelist:
• DerivedSources.make:
• Sources.txt:
• WebCore.xcodeproj/project.pbxproj:
• dom/EventNames.h:
• dom/EventNames.in:
• dom/FormDataEvent.cpp: Added.

(WebCore::FormDataEvent::create):
(WebCore::FormDataEvent::FormDataEvent):
(WebCore::FormDataEvent::eventInterface const):

• dom/FormDataEvent.h: Added.

(WebCore::FormDataEvent::formData const):

• dom/FormDataEvent.idl: Added.
• dom/GlobalEventHandlers.idl:
• html/DOMFormData.cpp:

(WebCore::DOMFormData::DOMFormData):
(WebCore::DOMFormData::create):
(WebCore::DOMFormData::clone):

• html/DOMFormData.h:

(WebCore::DOMFormData::create): Deleted.

• html/HTMLAttributeNames.in:
• html/HTMLElement.cpp:

(WebCore::HTMLElement::createEventHandlerNameMap):

• html/HTMLFormElement.cpp:

(WebCore::HTMLFormElement::submitIfPossible):
(WebCore::HTMLFormElement::submit):
(WebCore::HTMLFormElement::constructEntryList):

• html/HTMLFormElement.h:
• loader/FormSubmission.cpp:

(WebCore::FormSubmission::create):

• loader/FormSubmission.h:
• platform/network/FormData.cpp:

(WebCore::FormData::appendNonMultiPartKeyValuePairItems):

Source/WebInspectorUI:
FormDataEvent added.
​https://bugs.webkit.org/show_bug.cgi?id=227718

Patch by Qiaosong Zhou <​qiaosong_zhou@apple.com> on 2021-07-26
Reviewed by Chris Dumez.

• UserInterface/Models/ScriptTimelineRecord.js:

(WI.ScriptTimelineRecord.EventType.displayName):

LayoutTests:
Added support for FormDataEvent. Rebaselined.
​https://bugs.webkit.org/show_bug.cgi?id=227718

Patch by Johnson Zhou <​qiaosong_zhou@apple.com> on 2021-07-26
Reviewed by Chris Dumez.

• platform/ios-wk2/imported/w3c/web-platform-tests/html/dom/idlharness.https-expected.txt:
• platform/ios-wk2/imported/w3c/web-platform-tests/mathml/relations/html5-tree/math-global-event-handlers.tentative-expected.txt:
• platform/mac-wk1/imported/w3c/web-platform-tests/html/dom/idlharness.https-expected.txt:
• platform/mac-wk1/imported/w3c/web-platform-tests/mathml/relations/html5-tree/math-global-event-handlers.tentative-expected.txt:
• platform/mac-wk2/imported/w3c/web-platform-tests/html/dom/idlharness.https-expected.txt:
• platform/mac-wk2/imported/w3c/web-platform-tests/mathml/relations/html5-tree/math-global-event-handlers.tentative-expected.txt:

12:39 PM Changeset in webkit [280309] by ysuzuki@apple.com

• 2 edits in trunk/Source/JavaScriptCore

Add Temporal to features.json
​https://bugs.webkit.org/show_bug.cgi?id=228292

Reviewed by Myles C. Maxfield.

• features.json:

12:36 PM Changeset in webkit [280308] by jer.noble@apple.com

• 16 edits
  2 adds in trunk

[Cocoa] Playback stalls on bilibili.com
​https://bugs.webkit.org/show_bug.cgi?id=228239
<rdar://80419477>

Reviewed by Eric Carlson.

Source/WebCore:

Test: media/media-source/media-source-effectiveplaybackrate.html

bilibili.com will attempt to detect playback stalls by detecting when video.currentTime
returns the same value while video.paused is false. When the GPU process is enabled, we use
a heuristic to provide the answer to currentTime to avoid making synchronous calls to the
GPU process. This heuristic uses the reported playback rate of the MediaPlayerPrivate to
derive the currentTime. However, MediaPlayerPrivateAVFoundationObjC does not override the
default implementation of rate(), and so always returns a reported rate of zero.

To make the call less ambiguous, add a MediaPlayer and MediaPlayerPrivate effectiveRate()
method, which by default will just return rate(), as some ports only report the
requested rate and not the effective rate. Then add overrides for both rate() and
effectiveRate() on both MediaPlayerPrivateAVFoundationObjC and
MediaPlayerPrivateMediaSourceAVFObjC.

• html/HTMLMediaElement.cpp:

(WebCore::HTMLMediaElement::updatePlaybackRate):
(WebCore::HTMLMediaElement::mediaPlayerRateChanged):

• platform/graphics/MediaPlayer.cpp:

(WebCore::MediaPlayer::effectiveRate const):

• platform/graphics/MediaPlayer.h:
• platform/graphics/MediaPlayerPrivate.h:

(WebCore::MediaPlayerPrivateInterface::effectiveRate const):

• platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
• platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:

(WebCore::MediaPlayerPrivateAVFoundationObjC::rate const):
(WebCore::MediaPlayerPrivateAVFoundationObjC::effectiveRate const):

• platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
• platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:

(WebCore::MediaPlayerPrivateMediaSourceAVFObjC::rate const):
(WebCore::MediaPlayerPrivateMediaSourceAVFObjC::effectiveRate const):

• testing/Internals.cpp:

(WebCore::Internals::isMediaElementHidden):
(WebCore::Internals::elementEffectivePlaybackRate):

• testing/Internals.h:
• testing/Internals.idl:

Source/WebKit:

Replace rate() -> effectiveRate().

• GPUProcess/media/RemoteMediaPlayerProxy.cpp:

(WebKit::RemoteMediaPlayerProxy::mediaPlayerRateChanged):

LayoutTests:

• media/media-source/media-source-effectiveplaybackrate-expected.txt: Added.
• media/media-source/media-source-effectiveplaybackrate.html: Added.

12:22 PM Changeset in webkit [280307] by commit-queue@webkit.org

• 2 edits in trunk/Source/WebCore

[WebXR] WebXRSession::m_visibilityState is uninitialized
​https://bugs.webkit.org/show_bug.cgi?id=228286

Patch by Ada Chan <​ada.chan@apple.com> on 2021-07-26
Reviewed by Tim Horton.

WebXRSession::m_visibilityState should be initialized to XRVisibilityState::Visible.

• Modules/webxr/WebXRSession.h:

12:18 PM Changeset in webkit [280306] by Aditya Keerthi

• 7 edits
  2 adds in trunk

[iOS] Page background color does not update after UIUserInterfaceLevel change
​https://bugs.webkit.org/show_bug.cgi?id=228282
rdar://80490391

Reviewed by Wenson Hsieh.

Source/WebCore:

The default background color of the root element is a semantic color
that adapts to changes in user interface style (light/dark mode) and
user interface level (base/elevated).

Currently, the default background color is correctly recalculated
after a change to the user interface style. However, the existing
logic does not update the color unless there is a change to the user
interface style. This behavior is incorrect, since a change to the
user interface level, without a change to the user interface style,
is ignored.

A common scenario in which a user interface level change is not
accompanied by a user interface style change, is when a WKWebView is
created and then presented as a page sheet, form sheet, or popover.
In this scenario, the default background color is currently incorrect.

To fix, ensure that the background color is recalculated if any of the
traits that affect semantic colors is changed.

Test: fast/css/ios/update-user-interface-level.html

• page/FrameView.cpp:

(WebCore::FrameView::recalculateBaseBackgroundColor):

Recalculate the background color if any of the traits that affect
semantic colors is changed, not just a change in user interface
style (light/dark mode).

• page/FrameView.h:
• testing/InternalSettings.cpp:

Added a testing hook to change the current user interface level.

(WebCore::InternalSettings::resetToConsistentState):
(WebCore::InternalSettings::setUseDarkAppearance):
(WebCore::InternalSettings::setUseElevatedUserInterfaceLevel):

• testing/InternalSettings.h:
• testing/InternalSettings.idl:

LayoutTests:

Added a test to verify that a change in user interface level correctly
updates the page's background color.

• fast/css/ios/update-user-interface-level-expected.txt: Added.
• fast/css/ios/update-user-interface-level.html: Added.

12:01 PM Changeset in webkit [280305] by Ayumi Kojima

• 2 edits in trunk/LayoutTests

[ iOS Debug] 3 editing/pasteboard/smart-paste-paragraph tests are flaky failing.
​https://bugs.webkit.org/show_bug.cgi?id=228285

Unreviewed test gardening.

• platform/ipad/TestExpectations:

11:54 AM Changeset in webkit [280304] by Russell Epstein

• 1 copy in tags/Safari-612.1.24.11.5

Tag Safari-612.1.24.11.5.

11:52 AM Changeset in webkit [280303] by Russell Epstein

• 8 edits in branches/safari-612.1.24.11-branch/Source

Versioning.

WebKit-7612.1.24.11.5

11:45 AM Changeset in webkit [280302] by Eric Hutchison

• 3 edits in trunk/LayoutTests

REGRESSION (r279427): [ Mac wk1 and iOS ] imported/w3c/web-platform-tests/html/interaction/focus/the-autofocus-attribute/document-with-fragment-valid.html is a flaky failure.
​https://bugs.webkit.org/show_bug.cgi?id=227762.

Unreviewed test gardening.

• platform/ios-wk2/TestExpectations:
• platform/mac-wk1/TestExpectations:

11:43 AM Changeset in webkit [280301] by Russell Epstein

• 8 edits in branches/safari-611.3.10.1-branch/Source

Versioning.

WebKit-7611.3.10.1.6

11:42 AM Changeset in webkit [280300] by Chris Dumez

• 3 edits
  2 adds in trunk

XML documents end up with a unique origin in WebKit only
​https://bugs.webkit.org/show_bug.cgi?id=228254

Reviewed by Darin Adler.

Source/WebCore:

XML documents end up with a unique origin in WebKit only. They have a regular origin in Blink and Firefox.
This patch is aligning our behavior with other browsers.

Test: http/tests/misc/xml-document-origin.html

• xml/XMLTreeViewer.cpp:

(WebCore::XMLTreeViewer::transformDocumentToTreeView):

LayoutTests:

Add layout test coverage.

• http/tests/misc/xml-document-origin-expected.txt: Added.
• http/tests/misc/xml-document-origin.html: Added.

10:53 AM Changeset in webkit [280299] by Chris Dumez

• 2 edits in trunk/Source/WebKit

Make sure the ProcessAssertion gets destroyed on the main thread
​https://bugs.webkit.org/show_bug.cgi?id=228281
<rdar://81048308>

Reviewed by Geoffrey Garen.

Follow-up to r279877 to make sure that the ProcessAssertion gets destroyed on the main thread in
ProcessAssertion::acquireAsync(), even if the completionHandler is null.

• UIProcess/ios/ProcessAssertionIOS.mm:

(WebKit::ProcessAssertion::acquireAsync):

10:51 AM Changeset in webkit [280298] by jer.noble@apple.com

• 12 edits
  2 adds in trunk

[iOS] All home screen web apps resume when any home screen web app is foregrounded
​https://bugs.webkit.org/show_bug.cgi?id=228246
<rdar://72949281>

Reviewed by Eric Carlson.

Source/WebCore:

Test: media/video-page-visibility-restriction.html

On iOS, home screen web apps all run from the same UIProcess, SafariViewService. So when
one Web App is foregrounded, the SafariViewService itself is foregrounded, and all WKWebViews
(one for each Web App) are foregrounded as well, allowing all Web Apps to resume audio
playback. This is not ideal; ideally, all Web Apps will be allowed to continue to play
audio in the background. But until we can fix that bug, the current behavior of pausing
audio from Web App A when A is backgrounded, and resuming audio from A when Web App B is
foregrounded feels super broken.

Add a new WKPreference/WebPreference/Setting and matching MediaElementSession restriction
that will block playback of audible media elements when the media element's page is not
visible. When adopted by SafariViewService, this would keep multiple Web Apps (and indeed
SafariViewController pages) from starting playback when any other is foregrounded.

• html/HTMLMediaElement.cpp:

(WebCore::HTMLMediaElement::initializeMediaSession):
(WebCore::HTMLMediaElement::visibilityStateChanged):

• html/MediaElementSession.cpp:

(WebCore::MediaElementSession::visibilityChanged):
(WebCore::MediaElementSession::playbackStateChangePermitted const):

• html/MediaElementSession.h:
• platform/audio/PlatformMediaSession.h:
• testing/Internals.cpp:

(WebCore::Internals::setMediaElementRestrictions):

Source/WebKit:

Add a private WKPreference for setting the new WebPreference.

• UIProcess/API/Cocoa/WKPreferences.mm:

(-[WKPreferences _requiresPageVisibilityToPlayAudio]):
(-[WKPreferences _setRequiresPageVisibilityToPlayAudio:]):

• UIProcess/API/Cocoa/WKPreferencesPrivate.h:

Source/WTF:

• Scripts/Preferences/WebPreferences.yaml:

LayoutTests:

• media/video-page-visibility-restriction-expected.txt: Added.
• media/video-page-visibility-restriction.html: Added.

10:24 AM Changeset in webkit [280297] by Kocsen Chung

• 1 copy in tags/Safari-612.1.24.11.4

Tag Safari-612.1.24.11.4.

10:15 AM Changeset in webkit [280296] by Russell Epstein

• 8 edits
  2 adds in branches/safari-612.1.25-branch

Cherry-pick r280271. rdar://problem/81117003

REGRESSION (r279751): WebContent process often crashes when hovering over content on apple.com
​https://bugs.webkit.org/show_bug.cgi?id=228247
rdar://81010093

Reviewed by Tim Horton.

Source/WebCore:

Add an internal testing hook that can be used to trigger text recognition for the given element. While we should
eventually combine this with another testing hook to simulate VisionKit text recognition results, the new test
using this internal hook shouldn't make its way into VisionKit anyways, so this isn't necessary for now.

See WebKit ChangeLog for more details.

Test: fast/images/text-recognition/text-recognition-in-transparent-video.html

• testing/Internals.cpp: (WebCore::Internals::requestTextRecognition):
• testing/Internals.h:
• testing/Internals.idl:

Source/WebKit:

After r279751, the snapshot fallback codepath I added in createShareableBitmap to handle the edge case of
fully transparent images causes us to now take snapshots when hovering over fully transparent video elements,
and attempt to recognize text in them. This is because RenderVideo is a RenderImage subclass without a cached
image, so we'll end up going down the transparent renderer codepath instead of bailing with a null bitmap.

However, since CachedImages are null for video elements, before we even get to VisionKit, we end up crashing
with a nullptr-deref inside WebPage::requestTextRecognition, which assumes that RenderImage::cachedImage()
is non-null.

To address this, we make two minor adjustments (see below).

• WebProcess/WebCoreSupport/ShareableBitmapUtilities.cpp: (WebKit::createShareableBitmap):

Limit the snapshotting fallback to non-media images (i.e. non-RenderMedia).

• WebProcess/WebPage/WebPage.cpp: (WebKit::WebPage::requestTextRecognition):

Make this robust in the case where CachedImage is null, to avoid the possibility for similar crashes in the
future.

LayoutTests:

• fast/images/text-recognition/text-recognition-in-transparent-video-expected.txt: Added.
• fast/images/text-recognition/text-recognition-in-transparent-video.html: Added.

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@280271 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:15 AM Changeset in webkit [280295] by Kocsen Chung

• 8 edits in branches/safari-612.1.24.11-branch/Source

Versioning.

WebKit-7612.1.24.11.4

5:10 AM Changeset in webkit [280294] by Adrian Perez de Castro

• 1 copy in releases/WPE WebKit/webkit-2.32.3

WPE WebKit 2.32.3

5:10 AM Changeset in webkit [280293] by Adrian Perez de Castro

• 4 edits in releases/WebKitGTK/webkit-2.32

Unreviewed. Update OptionsWPE.cmake and NEWS for the 2.32.3 release

.:

• Source/cmake/OptionsWPE.cmake: Bump version numbers.

Source/WebKit:

• wpe/NEWS: Add release notes for 2.32.3

2:50 AM Changeset in webkit [280292] by commit-queue@webkit.org

• 3 edits in trunk/Source/WebCore

[Pipewire] Muting the display capture closes the Portal session
​https://bugs.webkit.org/show_bug.cgi?id=228265

Patch by Philippe Normand <​pnormand@igalia.com> on 2021-07-26
Reviewed by Xabier Rodriguez-Calvar.

The session should not be closed in that case, because setting the capture state to active
again would have no effect. This patch also removes useless CRLFs from WTFLogAlways() calls
and increases the session Close call timeout to 100ms, 10ms was too low, at least for my
setup.

• platform/mediastream/gstreamer/GStreamerDisplayCaptureDeviceManager.cpp:

(WebCore::GStreamerDisplayCaptureDeviceManager::createDisplayCaptureSource):
(WebCore::GStreamerDisplayCaptureDeviceManager::stopSource):

• platform/mediastream/gstreamer/GStreamerVideoCaptureSource.cpp:

(WebCore::GStreamerVideoCaptureSource::~GStreamerVideoCaptureSource):
(WebCore::GStreamerVideoCaptureSource::stopProducingData):

12:48 AM Changeset in webkit [280291] by commit-queue@webkit.org

• 4 edits in trunk/Source/WebKit

[GTK] MiniBrowser crashes when closed while capturing desktop
​https://bugs.webkit.org/show_bug.cgi?id=228232

Patch by Philippe Normand <​pnormand@igalia.com> on 2021-07-26
Reviewed by Adrian Perez de Castro.

Disconnect the WebView from the WebPageProxy just before the final GObject dispose call, in
order to avoid UIClient notifications on the being-disposed WebView.

• UIProcess/API/glib/WebKitUIClient.cpp:

(detachUIClientFromView):

• UIProcess/API/glib/WebKitUIClient.h:
• UIProcess/API/glib/WebKitWebView.cpp:

(webkitWebViewDispose):

12:42 AM Changeset in webkit [280290] by Ziran Sun

• 4 edits in trunk

[css-grid] svg image as grid items should use the overriding logical width/height when defined to compute the logical height/width
​https://bugs.webkit.org/show_bug.cgi?id=228105

Source/WebCore:

As discussed at ​https://github.com/w3c/csswg-drafts/issues/6286#issuecomment-866986544, degenerate
aspect ratios derived from SVG width/height attributes fall back to viewbox aspect ratio
(whether due to negative values or zero values).

When computing the logical height/width using an intrinsic aspect ratio, RenderReplaced uses the
overridingLogicalWidth/overridingLogicalHeight whenever defined as long as the flex or
grid item has an intrinsic size. For an SVG graphic though, it's common to have an intrinsic aspect
ratio but not to have an intrinsic width or height. For this special case, we still should use
overridingLogicalWidth/overridingLogicalHeight for logical height/width calculations.

Reviewed by Javier Fernandez.

• rendering/RenderReplaced.cpp:

(WebCore::RenderReplaced::computeReplacedLogicalWidth const):
(WebCore::RenderReplaced::computeReplacedLogicalHeight const):

LayoutTests:

Reviewed by Javier Fernandez.

Update TestExpectations as 4 failed grid WPT tests are now passing.

• TestExpectations:

Jul 25, 2021:

3:32 PM Changeset in webkit [280289] by Alexey Shvayka

• 36 edits
  2 adds in trunk

Partly implement Function.prototype.{caller,arguments} reflection proposal
​https://bugs.webkit.org/show_bug.cgi?id=158116

Reviewed by Yusuke Suzuki.

JSTests:

• ChakraCore/test/strict/19.function.baseline:
• ChakraCore/test/strict/22.callerCalleeArguments.baseline-jsc:
• microbenchmarks/function-prototype-get.js: Added.
• microbenchmarks/reflect-own-keys-function.js: Added.
• stress/for-in-shadow-non-enumerable.js:
• stress/function-hidden-as-caller.js:
• stress/has-own-property-arguments.js:
• stress/object-assign-fast-path.js:
• stress/put-to-proto-chain-overrides-put.js:
• stress/reflect-set.js:
• test262/config.yaml: Skip 3 test cases that are now incorrect.
• test262/expectations.yaml: Mark 2 test cases as passing.

Source/JavaScriptCore:

To ensure web-compatibility, only the safe subset of Function.prototype.{caller,arguments}
reflection proposal [1] is implemented, which is currently shipped in SpiderMonkey.

Complete list of differences from the proposed spec:

1. Cross-realm receiver function is allowed instead of throwing a TypeError.

Throwing is likely safe to ship, but #225997 needs to be fixed first for
custom properties to receive correct global object.

2. Cross-realm caller function is returned instead of null.

Hiding cross-realm caller may break things: we currently have a test for
the opposite behavior.

3. Defines "caller" and "arguments" setters that throw for disallowed receivers, instead failing silently in sloppy mode.

This is actually more restrictive than the spec, which is preferable,
and aligns with V8 and SM.

Most importantly, this patch removes own "caller" and "arguments" properties from
sloppy mode ES5 functions. They were non-configurable, making it harder to use
their holder as a ProxyTarget?. They were also non-writable, with a constantly
changing Value?, which violated the invariants of internal methods [2].

As a result, JSFunction methods are greatly simplified, especially defineOwnProperty()
and getOwnSpecialPropertyNames(). The latter is now 2.1x faster according to the
provided microbenchmark. Also, removes double "prototype" lookup from Get?,
which is a 10% progression.

[1]: ​https://github.com/claudepache/es-legacy-function-reflection
[2]: ​https://tc39.es/ecma262/#sec-invariants-of-the-essential-internal-methods

• runtime/ClonedArguments.cpp:

(JSC::ClonedArguments::getOwnPropertySlot):
(JSC::ClonedArguments::materializeSpecials):

• runtime/FunctionExecutable.h:
• runtime/FunctionPrototype.cpp:

(JSC::FunctionPrototype::addFunctionProperties):
(JSC::isAllowedReceiverFunctionForCallerAndArguments):
(JSC::RetrieveArgumentsFunctor::RetrieveArgumentsFunctor):
(JSC::RetrieveArgumentsFunctor::result const):
(JSC::RetrieveArgumentsFunctor::operator() const):
(JSC::retrieveArguments):
(JSC::JSC_DEFINE_CUSTOM_GETTER):
(JSC::RetrieveCallerFunctionFunctor::RetrieveCallerFunctionFunctor):
(JSC::RetrieveCallerFunctionFunctor::result const):
(JSC::RetrieveCallerFunctionFunctor::operator() const):
(JSC::retrieveCallerFunction):
(JSC::JSC_DEFINE_CUSTOM_SETTER):
(JSC::FunctionPrototype::initRestrictedProperties): Deleted.

• runtime/FunctionPrototype.h:
• runtime/JSFunction.cpp:

(JSC::JSFunction::getOwnPropertySlot):
(JSC::JSFunction::getOwnSpecialPropertyNames):
(JSC::JSFunction::put):
(JSC::JSFunction::deleteProperty):
(JSC::JSFunction::defineOwnProperty):
(JSC::RetrieveArgumentsFunctor::RetrieveArgumentsFunctor): Deleted.
(JSC::RetrieveArgumentsFunctor::result const): Deleted.
(JSC::RetrieveArgumentsFunctor::operator() const): Deleted.
(JSC::retrieveArguments): Deleted.
(JSC::JSC_DEFINE_CUSTOM_GETTER): Deleted.
(JSC::RetrieveCallerFunctionFunctor::RetrieveCallerFunctionFunctor): Deleted.
(JSC::RetrieveCallerFunctionFunctor::result const): Deleted.
(JSC::RetrieveCallerFunctionFunctor::operator() const): Deleted.
(JSC::retrieveCallerFunction): Deleted.

• runtime/JSGlobalObject.cpp:

(JSC::JSGlobalObject::init):
(JSC::JSGlobalObject::visitChildrenImpl):

• runtime/JSGlobalObject.h:

Remove unused m_throwTypeErrorGetterSetter and make ThrowTypeError? lazily-created.

• runtime/JSGlobalObjectFunctions.cpp:

(JSC::JSC_DEFINE_HOST_FUNCTION):

• runtime/JSGlobalObjectFunctions.h:
• runtime/JSObject.cpp:

(JSC::JSObject::putDirectCustomGetterSetterWithoutTransition):

• runtime/JSObject.h:

LayoutTests:

• inspector/model/remote-object-get-properties-expected.txt:
• inspector/runtime/getDisplayableProperties-expected.txt:
• inspector/runtime/getProperties-expected.txt:
• js/Object-getOwnPropertyNames-expected.txt:
• js/basic-strict-mode-expected.txt:
• js/kde/function_arguments-expected.txt:
• js/kde/script-tests/function_arguments.js:
• js/non-strict-function-properties-expected.txt:
• js/script-tests/Object-getOwnPropertyNames.js:
• js/script-tests/basic-strict-mode.js:
• js/script-tests/non-strict-function-properties.js:
• js/script-tests/throw-type-error-is-unique.js:

12:40 PM Changeset in webkit [280288] by Wenson Hsieh

• 20 edits
  2 adds in trunk

[iOS] Unified field is unselected after focusing URL bar if text was selected in a fixed position container
​https://bugs.webkit.org/show_bug.cgi?id=228269
rdar://80556392

Reviewed by Tim Horton.

Source/WebKit:

In Safari on iOS 15, if the selection (either ranged or caret) is inside a fixed position container when the
user taps on the unified field, we'll immediately clear the text selection inside the unified field upon
bringing up the keyboard. This happens because the tab pill in iOS 15 is lowered as the URL bar is focused,
which causes the web view to scroll slightly. This, in turn, induces a brief unstable scrolling tree state,
which then causes us to temporarily hide and show selection views while scrolling in unstable state (see
r209931) by calling -deactivateSelection and then -activateSelection on the text interaction assistant.
Calling -[UIWKTextInteractionAssistant activateSelection] then causes UIKit to dispatch a
UITextSelectionViewActivatedNotification; In the unified field, which is a UITextField subclass, UIKit code then
listens for this notification and responds to it by clearing the selection if the newly activated selection's
host view (WKContentView) is different than itself, thereby causing the bug.

To fix this, we simply make two (minor) adjustments to the logic for temporarily hiding and showing the
selection while performing an unstable scroll. See below for more details.

Test: editing/selection/ios/scrolling-with-fixed-selection-does-not-unselect-native-text-field.html

• UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView shouldHideSelectionWhenScrolling]):

Only hide and (later) restore the selection in non-editable text if the selection is ranged. This is because
caret selections in non-editable content are not user-visible anyways, so there's no need to temporarily
suppress the selection.

(-[WKContentView _updateChangedSelection:]):

Only attempt to show the selection views again if doing so doesn't cause us to steal first responder status away
from the existing first responder; otherwise, we'll wait until we -becomeFirstResponder to -activateSelection.

(-[WKContentView selectionInteractionAssistant]): Deleted.

Tools:

We already have some very basic support for installing and removing native text fields in the view hierarchy,
through TestRunner::(add|remove)ChromeInputField(). In order to support the new layout test, we additionally
implement the ability to:

• Set text inside the native chrome input field that was installed using addChromeInputField().
• Select all text inside the chrome input field.
• Query the chrome input field for the currently selected text.

We only support iOS for the time being, with stubs on other platforms, since the new test that uses this
functionality is iOS-specific; if needed in the future for a similar test on other platforms, we can implement
the stubbed testing hooks on TestRunner and PlatformWebView as well.

• DumpRenderTree/TestRunner.h:
• DumpRenderTree/mac/TestRunnerMac.mm:

(TestRunner::setTextInChromeInputField):
(TestRunner::selectChromeInputField):
(TestRunner::getSelectedTextInChromeInputField):

• DumpRenderTree/win/TestRunnerWin.cpp:

(TestRunner::setTextInChromeInputField):
(TestRunner::selectChromeInputField):
(TestRunner::getSelectedTextInChromeInputField):

• WebKitTestRunner/InjectedBundle/Bindings/TestRunner.idl:
• WebKitTestRunner/InjectedBundle/InjectedBundle.cpp:

(WTR::InjectedBundle::didReceiveMessageToPage):
(WTR::InjectedBundle::postSetTextInChromeInputField):
(WTR::InjectedBundle::postSelectChromeInputField):
(WTR::InjectedBundle::postGetSelectedTextInChromeInputField):

• WebKitTestRunner/InjectedBundle/InjectedBundle.h:
• WebKitTestRunner/InjectedBundle/TestRunner.cpp:

(WTR::TestRunner::setTextInChromeInputField):
(WTR::TestRunner::selectChromeInputField):
(WTR::TestRunner::getSelectedTextInChromeInputField):
(WTR::TestRunner::callSetTextInChromeInputFieldCallback):
(WTR::TestRunner::callSelectChromeInputFieldCallback):
(WTR::TestRunner::callGetSelectedTextInChromeInputFieldCallback):

• WebKitTestRunner/InjectedBundle/TestRunner.h:
• WebKitTestRunner/PlatformWebView.h:
• WebKitTestRunner/TestInvocation.cpp:

(WTR::TestInvocation::didReceiveMessageFromInjectedBundle):

• WebKitTestRunner/gtk/PlatformWebViewGtk.cpp:

(WTR::PlatformWebView::setTextInChromeInputField):
(WTR::PlatformWebView::selectChromeInputField):
(WTR::PlatformWebView::getSelectedTextInChromeInputField):

• WebKitTestRunner/ios/PlatformWebViewIOS.mm:

(WTR::chromeInputField):

Additionally do some light refactoring by pulling out logic for grabbing the chrome input field (i.e. a view
with a tag of 1 under the window) out into a separate helper method. Use this helper in a few places below.

(WTR::PlatformWebView::addChromeInputField):
(WTR::PlatformWebView::setTextInChromeInputField):
(WTR::PlatformWebView::selectChromeInputField):
(WTR::PlatformWebView::getSelectedTextInChromeInputField):
(WTR::PlatformWebView::removeChromeInputField):

• WebKitTestRunner/mac/PlatformWebViewMac.mm:

(WTR::PlatformWebView::setTextInChromeInputField):
(WTR::PlatformWebView::selectChromeInputField):
(WTR::PlatformWebView::getSelectedTextInChromeInputField):

• WebKitTestRunner/win/PlatformWebViewWin.cpp:

(WTR::PlatformWebView::setTextInChromeInputField):
(WTR::PlatformWebView::selectChromeInputField):
(WTR::PlatformWebView::getSelectedTextInChromeInputField):

• WebKitTestRunner/wpe/PlatformWebViewWPE.cpp:

(WTR::PlatformWebView::setTextInChromeInputField):
(WTR::PlatformWebView::selectChromeInputField):
(WTR::PlatformWebView::getSelectedTextInChromeInputField):

LayoutTests:

Add a new layout test that installs, focuses, and selects text inside a native UITextField (simulating Safari's
URL field) while the DOM selection is inside a fixed position container, and then scrolls the web view a bit to
temporarily induce an unstable scrolling tree state. After this, we verify that the text selection inside the
native text field has not been cleared.

See Tools/ changes for more details.

• editing/selection/ios/scrolling-with-fixed-selection-does-not-unselect-native-text-field-expected.txt: Added.
• editing/selection/ios/scrolling-with-fixed-selection-does-not-unselect-native-text-field.html: Added.
• resources/ui-helper.js:

(window.UIHelper.addChromeInputField):
(window.UIHelper.removeChromeInputField):
(window.UIHelper.setTextInChromeInputField):
(window.UIHelper.selectChromeInputField):
(window.UIHelper.getSelectedTextInChromeInputField):
(window.UIHelper):

11:55 AM WebKitGTK/2.32.x edited by Adrian Perez de Castro

(diff)

11:29 AM Changeset in webkit [280287] by commit-queue@webkit.org

• 2 edits in trunk

[GTK] USE_OPENGL_OR_ES should not be an automagic feature
​https://bugs.webkit.org/show_bug.cgi?id=228266

Patch by Michael Catanzaro <Michael Catanzaro> on 2021-07-25
Reviewed by Fujii Hironori.

The USE_OPENGL_OR_ES feature flag added in r271220 is currently automagic: that is, if
neither OpenGL nor OpenGL ES is available at build time, it gets silently disabled. This is
not OK because it makes it easy for distributors to accidentally fail to enable OpenGL
support. We should require manually disabling the feature with -DUSE_OPENGL_OR_ES=OFF in
order to build with OpenGL disabled.

• Source/cmake/OptionsGTK.cmake:

6:00 AM Changeset in webkit [280286] by cathiechen

• 1 edit
  1 add in trunk/PerformanceTests

[Performance test][css-contain] Add test to contain: size layout
​https://bugs.webkit.org/show_bug.cgi?id=227948

Reviewed by Ryosuke Niwa.

This test emulates the scenario that a small part of the page is changed. If it's applied contain: size layout,
the performance should be improved. This test is a transform of the test [1] in blink.

[1] third_party/blink/perf_tests/layout/css-contain-change-text.html

• Layout/css-contain-change-size.html: Added.

Jul 24, 2021:

1:11 PM Changeset in webkit [280285] by ysuzuki@apple.com

• 12 edits in trunk/Source/JavaScriptCore

[JSC] Change most of enum in Yarr to enum-class
​https://bugs.webkit.org/show_bug.cgi?id=228264

Reviewed by Mark Lam.

This patch simply changes most of enum to enum-class in Yarr.
We also remove YarrJIT YarrGenerator's template parameter since
it is not worth doubling code. We can just hold Yarr::JITCompileMode as m_compileMode.

• runtime/RegExp.cpp:

(JSC::RegExp::compile):
(JSC::RegExp::matchConcurrently):
(JSC::RegExp::compileMatchOnly):

• runtime/RegExp.h:
• runtime/RegExpInlines.h:

(JSC::RegExp::hasCodeFor):
(JSC::RegExp::compileIfNecessary):
(JSC::RegExp::matchInline):
(JSC::RegExp::hasMatchOnlyCodeFor):
(JSC::RegExp::compileIfNecessaryMatchOnly):

• yarr/Yarr.h:

(): Deleted.

• yarr/YarrInterpreter.cpp:

(JSC::Yarr::Interpreter::backtrackPatternCharacter):
(JSC::Yarr::Interpreter::backtrackPatternCasedCharacter):
(JSC::Yarr::Interpreter::matchCharacterClass):
(JSC::Yarr::Interpreter::backtrackCharacterClass):
(JSC::Yarr::Interpreter::matchBackReference):
(JSC::Yarr::Interpreter::backtrackBackReference):
(JSC::Yarr::Interpreter::parenthesesDoBacktrack):
(JSC::Yarr::Interpreter::matchParenthesesOnceBegin):
(JSC::Yarr::Interpreter::matchParenthesesOnceEnd):
(JSC::Yarr::Interpreter::backtrackParenthesesOnceBegin):
(JSC::Yarr::Interpreter::backtrackParenthesesOnceEnd):
(JSC::Yarr::Interpreter::matchParenthesesTerminalBegin):
(JSC::Yarr::Interpreter::matchParenthesesTerminalEnd):
(JSC::Yarr::Interpreter::backtrackParenthesesTerminalBegin):
(JSC::Yarr::Interpreter::matchParentheticalAssertionBegin):
(JSC::Yarr::Interpreter::matchParentheticalAssertionEnd):
(JSC::Yarr::Interpreter::backtrackParentheticalAssertionBegin):
(JSC::Yarr::Interpreter::backtrackParentheticalAssertionEnd):
(JSC::Yarr::Interpreter::matchParentheses):
(JSC::Yarr::Interpreter::backtrackParentheses):
(JSC::Yarr::Interpreter::matchDisjunction):
(JSC::Yarr::Interpreter::matchNonZeroDisjunction):
(JSC::Yarr::ByteCompiler::atomParenthesesOnceBegin):
(JSC::Yarr::ByteCompiler::atomParenthesesTerminalBegin):
(JSC::Yarr::ByteCompiler::atomParenthesesSubpatternBegin):
(JSC::Yarr::ByteCompiler::atomParentheticalAssertionBegin):
(JSC::Yarr::ByteCompiler::atomParentheticalAssertionEnd):
(JSC::Yarr::ByteCompiler::closeAlternative):
(JSC::Yarr::ByteCompiler::closeBodyAlternative):
(JSC::Yarr::ByteCompiler::atomParenthesesSubpatternEnd):
(JSC::Yarr::ByteCompiler::atomParenthesesOnceEnd):
(JSC::Yarr::ByteCompiler::atomParenthesesTerminalEnd):
(JSC::Yarr::ByteCompiler::emitDisjunction):
(JSC::Yarr::ByteCompiler::dumpDisjunction):

• yarr/YarrInterpreter.h:

(JSC::Yarr::ByteTerm::ByteTerm):
(JSC::Yarr::ByteTerm::BOL):
(JSC::Yarr::ByteTerm::CheckInput):
(JSC::Yarr::ByteTerm::UncheckInput):
(JSC::Yarr::ByteTerm::EOL):
(JSC::Yarr::ByteTerm::WordBoundary):
(JSC::Yarr::ByteTerm::BackReference):
(JSC::Yarr::ByteTerm::BodyAlternativeBegin):
(JSC::Yarr::ByteTerm::BodyAlternativeDisjunction):
(JSC::Yarr::ByteTerm::BodyAlternativeEnd):
(JSC::Yarr::ByteTerm::AlternativeBegin):
(JSC::Yarr::ByteTerm::AlternativeDisjunction):
(JSC::Yarr::ByteTerm::AlternativeEnd):
(JSC::Yarr::ByteTerm::SubpatternBegin):
(JSC::Yarr::ByteTerm::SubpatternEnd):
(JSC::Yarr::ByteTerm::DotStarEnclosure):

• yarr/YarrJIT.cpp:

(JSC::Yarr::jitCompile):

• yarr/YarrJIT.h:
• yarr/YarrParser.h:

(JSC::Yarr::Parser::CharacterClassParserDelegate::CharacterClassParserDelegate):
(JSC::Yarr::Parser::CharacterClassParserDelegate::atomPatternCharacter):
(JSC::Yarr::Parser::CharacterClassParserDelegate::atomBuiltInCharacterClass):
(JSC::Yarr::Parser::CharacterClassParserDelegate::end):

• yarr/YarrPattern.cpp:

(JSC::Yarr::YarrPatternConstructor::atomParenthesesSubpatternBegin):
(JSC::Yarr::YarrPatternConstructor::atomParentheticalAssertionBegin):
(JSC::Yarr::YarrPatternConstructor::atomBackReference):
(JSC::Yarr::YarrPatternConstructor::copyTerm):
(JSC::Yarr::YarrPatternConstructor::quantifyAtom):
(JSC::Yarr::YarrPatternConstructor::checkForTerminalParentheses):
(JSC::Yarr::YarrPatternConstructor::containsCapturingTerms):
(JSC::Yarr::YarrPatternConstructor::optimizeDotStarWrappedExpressions):
(JSC::Yarr::PatternTerm::dumpQuantifier):
(JSC::Yarr::PatternTerm::dump):

• yarr/YarrPattern.h:

(JSC::Yarr::PatternTerm::PatternTerm):
(JSC::Yarr::PatternTerm::ForwardReference):
(JSC::Yarr::PatternTerm::BOL):
(JSC::Yarr::PatternTerm::EOL):
(JSC::Yarr::PatternTerm::WordBoundary):
(JSC::Yarr::PatternTerm::isFixedWidthCharacterClass const):
(JSC::Yarr::PatternTerm::containsAnyCaptures):
(JSC::Yarr::PatternTerm::quantify):

1:23 AM Changeset in webkit [280284] by Devin Rousso

• 8 edits
  2 copies
  4 adds in trunk

[Apple Pay] Do not add coupon code ApplePayErrorCode values for systems that do not support it
​https://bugs.webkit.org/show_bug.cgi?id=228243

Reviewed by Wenson Hsieh.

Source/WebCore:

Test: http/tests/ssl/applepay/ApplePayError.html

• Modules/applepay/ApplePayErrorCode.idl:
• Modules/applepay/ApplePayErrorCode.h:

Source/WebKit:

• Platform/cocoa/PaymentAuthorizationPresenter.mm:

(WebKit::toPKPaymentErrorCode):

LayoutTests:

• http/tests/ssl/applepay/ApplePayError.html:
• http/tests/ssl/applepay/ApplePayError-expected.txt:
• platform/ios-14-wk2/http/tests/ssl/applepay/ApplePayError-expected.txt: Added.
• platform/mac-bigsur-wk2/http/tests/ssl/applepay/ApplePayError-expected.txt: Added.

1:20 AM Changeset in webkit [280283] by Devin Rousso

• 4 edits in trunk

[iOS] REGRESSION(r277505): -[WKWebView underPageBackgroundColor] also changes the scroll bar color
​https://bugs.webkit.org/show_bug.cgi?id=228259
<rdar://problem/80116822>

Reviewed by Tim Horton.

Source/WebKit:

If an application overrides the -underPageBackgroundColor with a dark color on a page that
has a light background color, the scroll bar will appear light to match the overridden value
of -underPageBackgroundColor instead of dark to match the page's background color.

Test: WKWebViewUnderPageBackgroundColor.MatchesScrollView

• UIProcess/API/ios/WKWebViewIOS.mm:

(baseScrollViewBackgroundColor):
(scrollViewBackgroundColor):
(-[WKWebView _updateScrollViewBackground]):
Add a flag to indicate whether the underPageBackgroundColor (which can be overridden by
API) or pageExtendedBackgroundColor should be used when calculating the value provided to
-[UIScrollView setBackgroundColor:] and -[UIScrollView setIndicatorStyle:]. The former
uses the underPageBackgroundColor since that is why that API exists and the latter uses
the pageExtendedBackgroundColor` since it is based on what is shown in the page, which is
what the scroll bar is drawn on top of.

Tools:

• TestWebKitAPI/Tests/WebKitCocoa/WKWebViewUnderPageBackgroundColor.mm:

(TEST.WKWebViewUnderPageBackgroundColor.MatchesScrollView):

Jul 23, 2021:

8:48 PM Changeset in webkit [280282] by Andres Gonzalez

• 9 edits
  2 adds in trunk

Add a method to WebAccessibilityObjectWrapper so that clients can retrieve the text of each line and their corresponding bounding rectangles.
​https://bugs.webkit.org/show_bug.cgi?id=228251
Source/WebCore:

rdar://77184036

Reviewed by Chris Fleizach.

Test: accessibility/ios-simulator/element-line-rects-and-text.html

Accessibility clients often need to retrieve a line of text and its
corresponding bounding rectangle screen coordinates. There was not a
clear way of doing this. This patch provides lineRectsAndText as the
mechanism to retrieve the lines of text and their corresponding
rectangles for a given accessibility object. This is the iOS
implementation. MacOS implementation will be done in a separate patch.

• accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:

(-[WebAccessibilityObjectWrapper stringsForSimpleRange:attributed:]):
(-[WebAccessibilityObjectWrapper arrayOfTextForTextMarkers:attributed:]):
(-[WebAccessibilityObjectWrapper lineRectsAndText]):
(-[WebAccessibilityObjectWrapper lineRectsForTextMarkerRange:]):

Tools:

Reviewed by Chris Fleizach.

• WebKitTestRunner/InjectedBundle/AccessibilityUIElement.cpp:

(WTR::AccessibilityUIElement::lineRectsAndText const):

• WebKitTestRunner/InjectedBundle/AccessibilityUIElement.h:
• WebKitTestRunner/InjectedBundle/Bindings/AccessibilityUIElement.idl:
• WebKitTestRunner/InjectedBundle/ios/AccessibilityUIElementIOS.mm:

(WTR::AccessibilityUIElement::lineRectsAndText const):

• WebKitTestRunner/InjectedBundle/mac/AccessibilityCommonMac.mm:

(WTR::makeJSArray):

LayoutTests:

Reviewed by Chris Fleizach.

• accessibility/ios-simulator/element-line-rects-and-text-expected.txt: Added.
• accessibility/ios-simulator/element-line-rects-and-text.html: Added.

8:40 PM Changeset in webkit [280281] by ysuzuki@apple.com

• 1 edit
  1 add in trunk/JSTests

[JSC] Add Speedometer2 jQuery-TodoMVC RegExp microbenchmark
​https://bugs.webkit.org/show_bug.cgi?id=228257

Reviewed by Mark Lam.

I instrumented JSC and extracted executed RegExp evaluations from Speedometer2/jQuery-TodoMVC
to easily test RegExp performance.

• microbenchmarks/jquery-todomvc-regexp.js: Added.

(x00.test):

6:56 PM Changeset in webkit [280280] by Alexey Shvayka

• 11 edits
  6 adds in trunk

[WebIDL] Properly validate and merge descriptors in [Replaceable] setter
​https://bugs.webkit.org/show_bug.cgi?id=227662

Reviewed by Sam Weinig.

Source/JavaScriptCore:

Extracts createDataProperty() method to keep WebIDL code generator as simple as possible,
and also to emphasize a subtle difference between
{ Value?: X } and
{ Value?: X, Writable?: true, Enumerable?: true, Configurable?: true }.

• runtime/JSONObject.cpp:

(JSC::Walker::walk):

• runtime/JSObject.cpp:

(JSC::definePropertyOnReceiverSlow):

• runtime/JSObject.h:
• runtime/JSObjectInlines.h:

(JSC::JSObject::createDataProperty):

• runtime/Lookup.h:

(JSC::replaceStaticPropertySlot): Deleted.

Source/WebCore:

The previous implementation relied on an invariant that structure property is absent
when [Replaceable] setter is called, which is no longer guaranteed after the introduction
of Object.defineProperty.

This patch replaces putDirect() with defineOwnProperty(), fixing the compliance with
invariants of internal methods [1]: an accessor property once observed as non-configurable
can't be reconfigured to have Value?. Both Chrome and Firefox properly validate descriptors.

Although DefineOwnProperty? failure is silently ignored by Chrome and the spec [2], WebKit now
throws a TypeError, which is a desired behavior for built-ins and was proven to be web-compatible
by Firefox. With WebKit being the second implementation that throws, the spec can be tightened.

After r264574, attributeChangeTransition() is called during defineOwnProperty(), ensuring inline
caching is correct. Also, this change adjusts window.opener setter [3].

[1] ​https://tc39.es/ecma262/#sec-invariants-of-the-essential-internal-methods
[2] ​https://heycam.github.io/webidl/#dfn-attribute-setter (step 4.5.5)
[3] ​https://html.spec.whatwg.org/multipage/browsers.html#dom-opener

Tests: fast/dom/replaceable-setter-throws-if-defineownproperty-fails.html

fast/dom/window-opener-setter-throws-if-defineownproperty-fails-1.html
fast/dom/window-opener-setter-throws-if-defineownproperty-fails-2.html

• bindings/js/JSDOMWindowCustom.cpp:

(WebCore::JSDOMWindow::setOpener):
(WebCore::JSDOMWindow::setOpenDatabase):

• bindings/scripts/CodeGeneratorJS.pm:

(AttributeSetterNeedsPropertyName):
(GenerateAttributeSetterBodyDefinition):
(GenerateAttributeSetterTrampolineDefinition):

• bindings/scripts/test/JS/JSTestObj.cpp:

LayoutTests:

• fast/dom/replaceable-setter-throws-if-defineownproperty-fails-expected.txt: Added.
• fast/dom/replaceable-setter-throws-if-defineownproperty-fails.html: Added.
• fast/dom/window-opener-setter-throws-if-defineownproperty-fails-1-expected.txt: Added.
• fast/dom/window-opener-setter-throws-if-defineownproperty-fails-1.html: Added.
• fast/dom/window-opener-setter-throws-if-defineownproperty-fails-2-expected.txt: Added.
• fast/dom/window-opener-setter-throws-if-defineownproperty-fails-2.html: Added.

6:43 PM Changeset in webkit [280279] by Russell Epstein

• 1 copy in tags/Safari-612.1.24.0.5

Tag Safari-612.1.24.0.5.

6:16 PM Changeset in webkit [280278] by Russell Epstein

• 1 copy in tags/Safari-612.1.24.11.3

Tag Safari-612.1.24.11.3.

6:14 PM Changeset in webkit [280277] by Russell Epstein

• 4 edits in branches/safari-612.1.24.11-branch

Cherry-pick r280274. rdar://problem/81044139

Make WKContentRuleListStore respond to same selectors as _WKUserContentExtensionStore
​https://bugs.webkit.org/show_bug.cgi?id=228253
Source/WebKit:

<rdar://81038849>

Patch by Alex Christensen <​achristensen@webkit.org> on 2021-07-23
Reviewed by Brian Weinstein.

We have an unfortunate situation where an old framework is calling code in a new framework that is giving it a WKContentRuleListStore
where it expects a _WKUserContentExtensionStore. As one of several mitigations for this problem, make the selectors able to be called.
Luckily it doesn't do much with the results. It just checks if they're null or not, and it passes any errors along. I added tests that do this.

• UIProcess/API/Cocoa/WKContentRuleListStore.mm: (-[WKContentRuleListStore compileContentExtensionForIdentifier:encodedContentExtension:completionHandler:]): (-[WKContentRuleListStore lookupContentExtensionForIdentifier:completionHandler:]): (-[WKContentRuleListStore removeContentExtensionForIdentifier:completionHandler:]):

Tools:

Patch by Alex Christensen <​achristensen@webkit.org> on 2021-07-23
Reviewed by Brian Weinstein.

• TestWebKitAPI/Tests/WebKitCocoa/WKContentExtensionStore.mm: (TEST_F):

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@280274 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6:10 PM Changeset in webkit [280276] by Russell Epstein

• 8 edits in branches/safari-612.1.24.11-branch/Source

Versioning.

WebKit-7612.1.24.11.3

6:02 PM Changeset in webkit [280275] by Eric Hutchison

• 2 edits in trunk/LayoutTests

[BigSur wk1 Debug ] imported/w3c/web-platform-tests/IndexedDB/idb_binary_key_conversion.htm is a flaky timeout .
​https://bugs.webkit.org/show_bug.cgi?id=228260.

Unreviewed test gardening.

• platform/mac-wk1/TestExpectations:

5:39 PM Changeset in webkit [280274] by commit-queue@webkit.org

• 4 edits in trunk

Make WKContentRuleListStore respond to same selectors as _WKUserContentExtensionStore
​https://bugs.webkit.org/show_bug.cgi?id=228253
Source/WebKit:

<rdar://81038849>

Patch by Alex Christensen <​achristensen@webkit.org> on 2021-07-23
Reviewed by Brian Weinstein.

We have an unfortunate situation where an old framework is calling code in a new framework that is giving it a WKContentRuleListStore
where it expects a _WKUserContentExtensionStore. As one of several mitigations for this problem, make the selectors able to be called.
Luckily it doesn't do much with the results. It just checks if they're null or not, and it passes any errors along. I added tests that do this.

• UIProcess/API/Cocoa/WKContentRuleListStore.mm:

(-[WKContentRuleListStore compileContentExtensionForIdentifier:encodedContentExtension:completionHandler:]):
(-[WKContentRuleListStore lookupContentExtensionForIdentifier:completionHandler:]):
(-[WKContentRuleListStore removeContentExtensionForIdentifier:completionHandler:]):

Tools:

Patch by Alex Christensen <​achristensen@webkit.org> on 2021-07-23
Reviewed by Brian Weinstein.

• TestWebKitAPI/Tests/WebKitCocoa/WKContentExtensionStore.mm:

(TEST_F):

5:03 PM Changeset in webkit [280273] by Eric Hutchison

• 2 edits in trunk/LayoutTests

[ Mac wk2 Debug ] inspector/canvas/create-context-webgl.html is a flaky failure.
​https://bugs.webkit.org/show_bug.cgi?id=228256.

Unreviewed test gardening.

• platform/mac-wk2/TestExpectations:

4:40 PM Changeset in webkit [280272] by Ayumi Kojima

• 2 edits in trunk/LayoutTests

[ iOS ] fast/mediastream/mediastreamtrack-audio-clone.html is a flaky failure.
​https://bugs.webkit.org/show_bug.cgi?id=228255

Unreviewed test gardening.

• platform/ios-wk2/TestExpectations:

4:21 PM Changeset in webkit [280271] by Wenson Hsieh

• 8 edits
  2 adds in trunk

REGRESSION (r279751): WebContent process often crashes when hovering over content on apple.com
​https://bugs.webkit.org/show_bug.cgi?id=228247
rdar://81010093

Reviewed by Tim Horton.

Source/WebCore:

Add an internal testing hook that can be used to trigger text recognition for the given element. While we should
eventually combine this with another testing hook to simulate VisionKit text recognition results, the new test
using this internal hook shouldn't make its way into VisionKit anyways, so this isn't necessary for now.

See WebKit ChangeLog for more details.

Test: fast/images/text-recognition/text-recognition-in-transparent-video.html

• testing/Internals.cpp:

(WebCore::Internals::requestTextRecognition):

• testing/Internals.h:
• testing/Internals.idl:

Source/WebKit:

After r279751, the snapshot fallback codepath I added in createShareableBitmap to handle the edge case of
fully transparent images causes us to now take snapshots when hovering over fully transparent video elements,
and attempt to recognize text in them. This is because RenderVideo is a RenderImage subclass without a cached
image, so we'll end up going down the transparent renderer codepath instead of bailing with a null bitmap.

However, since CachedImages are null for video elements, before we even get to VisionKit, we end up crashing
with a nullptr-deref inside WebPage::requestTextRecognition, which assumes that RenderImage::cachedImage()
is non-null.

To address this, we make two minor adjustments (see below).

• WebProcess/WebCoreSupport/ShareableBitmapUtilities.cpp:

(WebKit::createShareableBitmap):

Limit the snapshotting fallback to non-media images (i.e. non-RenderMedia).

• WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::requestTextRecognition):

Make this robust in the case where CachedImage is null, to avoid the possibility for similar crashes in the
future.

LayoutTests:

• fast/images/text-recognition/text-recognition-in-transparent-video-expected.txt: Added.
• fast/images/text-recognition/text-recognition-in-transparent-video.html: Added.

4:16 PM Changeset in webkit [280270] by Ayumi Kojima

• 2 edits in trunk/LayoutTests

REGRESSION: [ Mac ] media/video-buffering-allowed.html is flaky timeout.
​https://bugs.webkit.org/show_bug.cgi?id=217621

Unreviewed test gardening.

• platform/ios-wk2/TestExpectations:

4:13 PM Changeset in webkit [280269] by Russell Epstein

• 8 edits in branches/safari-612.1.24.0-branch/Source

Versioning.

WebKit-7612.1.24.0.5

3:57 PM Changeset in webkit [280268] by Eric Hutchison

• 2 edits in trunk/LayoutTests

[ BigSur wk2 Release arm64 ] fast/css-grid-layout floating-empty-grids.html is a flaky failure.
​https://bugs.webkit.org/show_bug.cgi?id=228252.

Unreviewed test gardening.

• platform/mac-wk2/TestExpectations:

3:55 PM Changeset in webkit [280267] by Russell Epstein

• 1 copy in tags/Safari-612.1.25

Tag Safari-612.1.25.

3:53 PM Changeset in webkit [280266] by Ayumi Kojima

• 2 edits in trunk/LayoutTests

REGRESSION: [iOS] ASSERTION FAILED: !m_messageReceiverMapCount under WebKit::RemoteAudioHardwareListener::~RemoteAudioHardwareListener()
​https://bugs.webkit.org/show_bug.cgi?id=228038

Unreviewed test gardening.

• platform/ios-wk2/TestExpectations:

3:50 PM Changeset in webkit [280265] by Russell Epstein

• 1 copy in tags/Safari-612.1.24.11.2

Tag Safari-612.1.24.11.2.

3:49 PM Changeset in webkit [280264] by Russell Epstein

• 8 edits in branches/safari-612.1.24.11-branch/Source

Versioning.

WebKit-7612.1.24.11.2

3:39 PM Changeset in webkit [280263] by Ayumi Kojima

• 2 edits in trunk/LayoutTests

[iOS 14] imported/w3c/web-platform-tests/webstorage/event_case_sensitive.html is a flaky failure.
​https://bugs.webkit.org/show_bug.cgi?id=226789

Unreviewed test gardening.

• platform/ios-wk2/TestExpectations:

3:20 PM Changeset in webkit [280262] by Eric Hutchison

• 1 edit in trunk/LayoutTests/platform/mac-wk2/TestExpectations

Need a short description (OOPS!).
Need the bug URL (OOPS!).

Reviewed by NOBODY (OOPS!).

• platform/mac-wk2/TestExpectations:

3:08 PM Changeset in webkit [280261] by Eric Hutchison

• 2 edits in trunk/LayoutTests

[ BigSur wk2 Release arm64 ] fast/selectors/selection-window-inactive.html is a flaky failure .
​https://bugs.webkit.org/show_bug.cgi?id=228248.

Unreviewed test gardening.

• platform/mac-wk2/TestExpectations:

3:05 PM Changeset in webkit [280260] by Chris Dumez

• 12 edits in trunk/Source

SharedBuffer::takeData() is a bit dangerous
​https://bugs.webkit.org/show_bug.cgi?id=228161

Reviewed by Darin Adler.

Source/WebCore:

SharedBuffer::takeData() is a bit dangerous since SharedBuffer is RefCounted and several object may be sharing ownership
of the buffer. Having one owner call takeData() in case ownership is shared leads to bugs such as Bug 228096.

To address the issue, I made SharedBuffer::takeData() private and introduced a new SharedBuffer::extractData() member
function which calls takeData() only if the SharedBuffer is not shared (RefCount is 1) and falls back to calling copyData()
otherwise. I also optimized copyData() a bit by iterating over the segments to build the vector, instead of calling the
potentially very slow SharedBuffer::data().

• Modules/fetch/FetchBodyConsumer.cpp:

(WebCore::FetchBodyConsumer::takeAsBlob):

• Modules/mediarecorder/MediaRecorder.cpp:

(WebCore::createDataAvailableEvent):

• editing/WebCorePasteboardFileReader.cpp:

(WebCore::WebCorePasteboardFileReader::readBuffer):

• editing/cocoa/WebContentReaderCocoa.mm:

(WebCore::createFragmentForImageAttachment):
(WebCore::WebContentReader::readImage):

• editing/gtk/WebContentReaderGtk.cpp:

(WebCore::WebContentReader::readImage):

• html/HTMLAttachmentElement.cpp:

(WebCore::HTMLAttachmentElement::updateEnclosingImageWithData):

• platform/SharedBuffer.cpp:

(WebCore::SharedBuffer::copyData):

• platform/SharedBuffer.h:

(WebCore::SharedBuffer::extractData):

• xml/XMLHttpRequest.cpp:

(WebCore::XMLHttpRequest::createResponseBlob):

Source/WTF:

Add Vector::uncheckedAppend() overload that takes in a Span.

• wtf/Vector.h:

(WTF::Vector::uncheckedAppend):
(WTF::Malloc>::uncheckedAppend):

2:43 PM Changeset in webkit [280259] by Russell Epstein

• 11 edits
  2 moves
  1 delete in branches/safari-612.1.25-branch/Source

Revert "Cherry-pick r280205. rdar://problem/80991517"

This reverts commit r280209.

2:01 PM Changeset in webkit [280258] by Robert Jenner

• 11 edits
  2 moves
  1 delete in trunk/Source

Unreviewed, reverting r280205.

Broke multiple WebAuthn tests.

Reverted changeset:

"REGRESSION (r278877) [Cocoa] WebAuthn stopped working for
non-Safari browsers"
​https://bugs.webkit.org/show_bug.cgi?id=228116
​https://commits.webkit.org/r280205

2:00 PM Changeset in webkit [280257] by Eric Hutchison

• 2 edits in trunk/LayoutTests

[BigSur wk1 Release arm64] imported/w3c/web-platform-tests/workers/modules/shared-worker-import-csp.html is a flaky failure.
​https://bugs.webkit.org/show_bug.cgi?id=228245.

Unreviewed test gardening.

• platform/mac-wk1/TestExpectations:

1:13 PM Changeset in webkit [280256] by Alexey Shvayka

• 44 edits
  16 adds in trunk

[JSC] Call custom accessors / values with their holder's global object
​https://bugs.webkit.org/show_bug.cgi?id=225997

Reviewed by Yusuke Suzuki.

JSTests:

• stress/custom-get-set-proto-chain-put.js:
• stress/getter-setter-globalobject-in-ic-2.js: Added.

LayoutTests/imported/w3c:

• web-platform-tests/WebIDL/ecmascript-binding/global-object-implicit-this-value-cross-realm-expected.txt: Added.
• web-platform-tests/WebIDL/ecmascript-binding/global-object-implicit-this-value-cross-realm.html: Added.
• web-platform-tests/WebIDL/ecmascript-binding/invalid-this-value-cross-realm-expected.txt: Added.
• web-platform-tests/WebIDL/ecmascript-binding/invalid-this-value-cross-realm.html: Added.
• web-platform-tests/WebIDL/ecmascript-binding/support/create-realm.js: Added.
• web-platform-tests/WebIDL/ecmascript-binding/support/dummy-iframe.html: Added.
• web-platform-tests/html/browsers/origin/cross-origin-objects/window-location-and-location-href-cross-realm-set-expected.txt: Added.
• web-platform-tests/html/browsers/origin/cross-origin-objects/window-location-and-location-href-cross-realm-set.html: Added.

• web-platform-tests/html/webappapis/scripting/events/compile-event-handler-settings-objects-expected.txt:
• web-platform-tests/html/webappapis/scripting/processing-model-2/integration-with-the-javascript-job-queue/promise-job-incumbent-expected.txt:
• web-platform-tests/service-workers/service-worker/fetch-request-css-cross-origin.https-expected.txt:
• web-platform-tests/webrtc-encoded-transform/sframe-transform-readable.html:

All these are confirmed progressions.

• web-platform-tests/performance-timeline/supportedEntryTypes-cross-realm-access-expected.txt: Added.
• web-platform-tests/performance-timeline/supportedEntryTypes-cross-realm-access.html: Added.

Source/JavaScriptCore:

Just like JS built-ins, getter / setter functions of WebIDL attributes are created in realm
of their holder interface [1][2], which is their _current_ realm for throwing an error [3].

With this patch, custom properties get correct global object instead of lexical, including
when inline cached, aligning them with functions and regular accessors.

The latter allowed switching JS built-ins to CustomAccessor (e.g. Symbol#description),
which is slightly more efficient to call from C++, doesn't need reification on first access,
and has nicer signature.

Also, renames WASM accessors to drop "func" and removes unused function length parameter.

[1]: ​https://heycam.github.io/webidl/#dfn-attribute-getter (step 2)
[2]: ​https://heycam.github.io/webidl/#dfn-attribute-setter (step 5)
[3]: ​https://heycam.github.io/webidl/#ecmascript-throw

• bytecode/AccessCase.cpp:

(JSC::AccessCase::generateImpl):

• create_hash_table:
• interpreter/CallFrame.cpp:

(JSC::CallFrame::globalObjectOfClosestCodeBlock):

• interpreter/CallFrame.h:
• runtime/IntlCollatorPrototype.cpp:

(JSC::JSC_DEFINE_CUSTOM_GETTER):

• runtime/IntlDateTimeFormatPrototype.cpp:

(JSC::JSC_DEFINE_CUSTOM_GETTER):

• runtime/IntlLocalePrototype.cpp:

(JSC::JSC_DEFINE_CUSTOM_GETTER):

• runtime/IntlNumberFormatPrototype.cpp:

(JSC::JSC_DEFINE_CUSTOM_GETTER):

• runtime/JSDataViewPrototype.cpp:

(JSC::JSC_DEFINE_CUSTOM_GETTER):

• runtime/JSObject.cpp:

(JSC::JSObject::putInlineSlow):

• runtime/PropertySlot.cpp:

(JSC::PropertySlot::customGetter const):

• runtime/PropertySlot.h:

(JSC::PropertySlot::getValue const):

• runtime/SymbolPrototype.cpp:

(JSC::JSC_DEFINE_CUSTOM_GETTER):

• tools/JSDollarVM.cpp:
• wasm/js/WebAssemblyInstancePrototype.cpp:

(JSC::JSC_DEFINE_CUSTOM_GETTER):
(JSC::JSC_DEFINE_HOST_FUNCTION): Deleted.

• wasm/js/WebAssemblyMemoryPrototype.cpp:

(JSC::JSC_DEFINE_CUSTOM_GETTER):

• wasm/js/WebAssemblyTablePrototype.cpp:

(JSC::JSC_DEFINE_CUSTOM_GETTER):

Source/WebCore:

This patch fixes cross-realm yet same-origin WebIDL attributes to throw errors in realm of
their accessor, while ensuring that window.location and location.href setters don't leak
cross-origin Object.prototype via thrown error.

Since Location setters relied on lexical global object to pass outgoing document.referrer,
they were updated to use IncumbentWindow as per spec [1]. callerGlobalObject() was reworked
to skip native / built-in callers and rely on VMEntryScope to accomodate top-level <script>
code navigating via Location setter, making the helper more versatile.

globalObjectOfClosestCodeBlock() fixed JSCustomSetterFunction instances and Location's
assign() / replace() methods to pass correct referrer.

Also, this change fixes static attributes like PerformanceObserver.supportedEntryTypes
to return wrappers of their realm instead of lexical.

[1] ​https://html.spec.whatwg.org/multipage/history.html#location-object-navigate (step 2)

Tests: imported/w3c/web-platform-tests/WebIDL/ecmascript-binding/global-object-implicit-this-value-cross-realm.html

imported/w3c/web-platform-tests/WebIDL/ecmascript-binding/invalid-this-value-cross-realm.html
imported/w3c/web-platform-tests/html/browsers/origin/cross-origin-objects/window-location-and-location-href-cross-realm-set.html
imported/w3c/web-platform-tests/performance-timeline/supportedEntryTypes-cross-realm-access.html

• bindings/js/JSDOMGlobalObject.cpp:

(WebCore::callerGlobalObject): Deleted.

• bindings/js/JSDOMGlobalObject.h:
• bindings/js/JSDOMWindowBase.cpp:

(WebCore::incumbentDOMWindow):

• bindings/js/JSDOMWindowBase.h:
• bindings/js/JSDOMWindowCustom.cpp:

(WebCore::JSDOMWindow::put):

• bindings/js/JSLocationCustom.cpp:

(WebCore::JSLocation::put):

• bindings/scripts/CodeGeneratorJS.pm:

(GenerateNamedGetterLambda):
(GenerateCallWithUsingReferences):
(GenerateCallWith):
Ensure IncumbentWindow comes before FirstWindow.

• bindings/scripts/test/JS/JSTestObj.cpp:
• bindings/scripts/test/TestObj.idl:

Remove attributes that relied on CallFrame since custom getters don't have it.

• page/Location.idl:

Remove [LegacyUnforgeable] from ancestorOrigins because it's set on the interface.

LayoutTests:

• fast/dom/HTMLObjectElement/object-as-frame-expected.txt:
• fast/dom/HTMLObjectElement/object-as-frame.html:
• fast/dom/HTMLObjectElement/resources: Added.
• fast/dom/HTMLObjectElement/resources/dummy-frame-1.html: Added.
• fast/dom/HTMLObjectElement/resources/dummy-frame-2.html: Added.
• fast/events/attribute-listener-cloned-from-frameless-doc-context-2.html:
• fast/events/attribute-listener-extracted-from-frameless-doc-context-2.html:

These tests used to pass as is, probably, due to combination of old (incorrect) behavior and
some implementation details of run-webkit-tests. They fail on MiniBrowser / Chrome / Firefox
unless modified not to use data:// protocol, which is not system under test.

• fast/frames/sandboxed-iframe-navigation-parent-expected.txt:
• fast/frames/sandboxed-iframe-navigation-parent.html:
• http/tests/security/frameNavigation/context-for-location-assign-expected.txt:

Revert the changes made in r174996. Location::assign() now uses correct (incumbent) Window
to set outgoing referrer and perform security checks, aligning WebKit with Chrome / Firefox.

• http/tests/security/frameNavigation/context-for-location-href-gopd-expected.txt: Added.
• http/tests/security/frameNavigation/context-for-location-href-gopd.html: Added.

1:04 PM Changeset in webkit [280255] by Eric Hutchison

• 2 edits in trunk/LayoutTests

Update test expectations for inspector/dom-debugger/event-breakpoint-with-navigation.html.
​https://bugs.webkit.org/show_bug.cgi?id=224291.

Unreviewed test gardening.

• platform/mac-wk1/TestExpectations:

12:57 PM Changeset in webkit [280254] by pvollan@apple.com

• 2 edits in trunk/Source/WebKit

[macOS] Reduce sandbox logging
​https://bugs.webkit.org/show_bug.cgi?id=228236

Reviewed by Tim Horton.

To improve performance, remove some sandbox logging in the WebContent process' sandbox.

• WebProcess/com.apple.WebProcess.sb.in:

11:52 AM Changeset in webkit [280253] by Chris Dumez

• 2 edits
  2 adds in trunk/LayoutTests

[iOS] imported/w3c/web-platform-tests/html/dom/idlharness.https.html is failing
​https://bugs.webkit.org/show_bug.cgi?id=228198
<rdar://problem/80982016>

Unreviewed, land iPad-specific baseline instead of marking the test as failing on iOS.
We are merely getting different results on iPhone and iPad because MediaSource is enabled
on iPad but not iPhone.

• platform/ios-wk2/TestExpectations:
• platform/ipad/imported/w3c/web-platform-tests/html/dom/idlharness.https-expected.txt: Added.

11:43 AM Changeset in webkit [280252] by Wenson Hsieh

• 3 edits in trunk/Source/WebKit

[watchOS] It should be possible to select contact AutoFill text suggestions in email and username fields
​https://bugs.webkit.org/show_bug.cgi?id=228237
rdar://77299680

Reviewed by Tim Horton.

After the changes in r278957, WKTextInputListViewController now presents modern Quickboard text input UI, as
well as contact AutoFill suggestions provided by Safari. For email and username fields (for which we currently
use PUICQuickboardController), this means that there's no longer any reason to prefer showing
PUICQuickboardController over WKTextInputListViewController, since both use modern text input UI (with support
for keychain AutoFill suggestions), but only the latter additionally supports contact AutoFill suggestions.

As such, we should change these to use WKTextInputListViewController instead of PUICQuickboardController. Note
that because contact AutoFill suggestions do not encompass passwords, it still makes more sense to pop directly
into PUICQuickboardController for password fields.

• Platform/spi/watchos/PepperUICoreSPI.h:
• UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView createQuickboardTextInputContext]):

Drive-by fix: additionally populate the placeholder of the text field in WKTextInputListViewController with
the input label text of the focused element (i.e., either placeholder text, the ARIA label, title, or text
content of an associated label).

(canUseQuickboardControllerFor):

11:36 AM Changeset in webkit [280251] by Ayumi Kojima

• 2 edits in trunk/LayoutTests

[iOS]imported/w3c/web-platform-tests/html/dom/idlharness.https.html is failing.
​https://bugs.webkit.org/show_bug.cgi?id=228198

Unreviewed test gardening.

• platform/ios-wk2/TestExpectations:

11:23 AM Changeset in webkit [280250] by commit-queue@webkit.org

• 5 edits
  4 adds in trunk

WebSocket traffic should be correctly assigned to either Developer or User.
​https://bugs.webkit.org/show_bug.cgi?id=227564
<rdar://problem/79307301>

Patch by Richard Houle <​rhoule@apple.com> on 2021-07-23
Reviewed by Kate Cheney.

Source/WebCore:

Tests: http/tests/app-privacy-report/websocket-isappinitiated.html

http/tests/app-privacy-report/websocket-isnotappinitiated.html

• Modules/websockets/ThreadableWebSocketChannel.cpp:

(WebCore::ThreadableWebSocketChannel::webSocketConnectRequest):

Source/WebKit:

• NetworkProcess/cocoa/NetworkSessionCocoa.mm:

(WebKit::NetworkSessionCocoa::createWebSocketTask):

LayoutTests:

• http/tests/app-privacy-report/websocket-isappinitiated-expected.txt: Added.
• http/tests/app-privacy-report/websocket-isappinitiated.html: Added.
• http/tests/app-privacy-report/websocket-isnotappinitiated-expected.txt: Added.
• http/tests/app-privacy-report/websocket-isnotappinitiated.html: Added.

11:12 AM Changeset in webkit [280249] by Russell Epstein

• 2 edits in branches/safari-612.1.25-branch/Source/WebKit

Cherry-pick r280183. rdar://problem/81027380

REGRESSION (r279992): Crashes under RemoteLayerBackingStore::applyBackingStoreToLayer() in macCatalyst
​https://bugs.webkit.org/show_bug.cgi?id=228181
rdar://80923581

Reviewed by Dan Bates.

• Shared/RemoteLayerTree/RemoteLayerBackingStore.mm: (WebKit::RemoteLayerBackingStore::applyBackingStoreToLayer): r279992 reorganized this code to determine the contents object and then set it on the layer, instead of setting it directly; this means that the lifetime of the contents object must be extended.

Interestingly, the common case (the CAMachPort case), as well as the
case I was actually adding in r279992 both were safe, because of the use
of autorelease. (macCatalyst uses IOSurface as layer contents directly,
without CAMachPort, so uses the one path that r279992 broke).

It is unnecessary to use autorelease; instead just store the contents
object in a RetainPtr until it is set.

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@280183 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:47 AM Changeset in webkit [280248] by Eric Hutchison

• 2 edits in trunk/LayoutTests

[ BigSur wk1 Debug arm64 ] imported/w3c/web-platform-tests/IndexedDB/idbcursor-iterating-update.htm is a flaky timeout.
​https://bugs.webkit.org/show_bug.cgi?id=228238.

Unreviewed test gardening.

• platform/mac-wk1/TestExpectations:

10:33 AM Changeset in webkit [280247] by sihui_liu@apple.com

• 2 edits in trunk/Source/WebKit

Generate simulated crash when UI process fails to get network process connection
​https://bugs.webkit.org/show_bug.cgi?id=228203

Reviewed by Geoffrey Garen.

To help diagnose the issue that web process sometimes fails to get connection to the network process
(rdar://80760179), as UI process should have more information about it than web process.

• UIProcess/Network/NetworkProcessProxy.cpp:

(WebKit::NetworkProcessProxy::getNetworkProcessConnection):

10:27 AM Changeset in webkit [280246] by Truitt Savell

• 13 edits
  5 copies
  98 adds in trunk

Migrate iOS 15 expectations to OpenSource and bump version numbers
​https://bugs.webkit.org/show_bug.cgi?id=228202

Reviewed by Ryan Haddad.

Tools:

• Scripts/webkitpy/port/ios.py:

(IOSPort):

• Scripts/webkitpy/port/ios_device_unittest.py:
• Scripts/webkitpy/port/ios_simulator_unittest.py:

(IOSSimulatorTest.make_port):
(IOSSimulatorTest.test_layout_test_searchpath_with_apple_additions):
(IOSSimulatorTest.test_layout_test_searchpath_without_apple_additions):
(IOSSimulatorTest.test_layout_searchpath_wih_device_type):

• Scripts/webkitpy/port/ios_testcase.py:

(IOSTest.make_port):

LayoutTests:

• platform/ios-14-wk2/TestExpectations: Added.
• platform/ios-14-wk2/fast/css/font-face-locally-installed-expected.txt: Copied from LayoutTests/platform/ios-wk2/fast/css/font-face-locally-installed-expected.txt.
• platform/ios-14-wk2/http/tests/websocket/tests/hybi/alert-in-event-handler-expected.txt: Added.
• platform/ios-14-wk2/http/tests/websocket/tests/hybi/bufferedAmount-after-close-expected.txt: Added.
• platform/ios-14-wk2/http/tests/websocket/tests/hybi/close-and-server-script-exception-expected.txt: Added.
• platform/ios-14-wk2/http/tests/websocket/tests/hybi/fragmented-frames-expected.txt: Added.
• platform/ios-14-wk2/http/tests/websocket/tests/hybi/handshake-fail-by-no-cr-expected.txt: Added.
• platform/ios-14-wk2/http/tests/websocket/tests/hybi/handshake-fail-by-null-char-in-status-expected.txt: Added.
• platform/ios-14-wk2/http/tests/websocket/tests/hybi/handshake-ok-with-http-version-beyond-1_1-expected.txt: Added.
• platform/ios-14-wk2/http/tests/websocket/tests/hybi/interleaved-fragments-expected.txt: Added.
• platform/ios-14-wk2/http/tests/websocket/tests/hybi/receive-arraybuffer-expected.txt: Added.
• platform/ios-14-wk2/http/tests/websocket/tests/hybi/workers/close-code-and-reason-expected.txt: Added.
• platform/ios-14-wk2/http/tests/websocket/tests/hybi/workers/receive-arraybuffer-expected.txt: Added.
• platform/ios-14-wk2/http/tests/websocket/tests/hybi/zero-length-text-expected.txt: Added.
• platform/ios-14-wk2/http/tests/workers/service/serviceworker-websocket.https-expected.txt: Added.
• platform/ios-14-wk2/imported/w3c/web-platform-tests/touch-events/idlharness.window-expected.txt: Added.
• platform/ios-14-wk2/imported/w3c/web-platform-tests/websockets/Send-65K-data.any-expected.txt: Added.
• platform/ios-14-wk2/imported/w3c/web-platform-tests/websockets/Send-binary-65K-arraybuffer.any-expected.txt: Added.
• platform/ios-14-wk2/imported/w3c/web-platform-tests/websockets/Send-binary-arraybuffer.any-expected.txt: Added.
• platform/ios-14-wk2/imported/w3c/web-platform-tests/websockets/Send-data.any-expected.txt: Added.
• platform/ios-14-wk2/imported/w3c/web-platform-tests/websockets/Send-paired-surrogates.any-expected.txt: Added.
• platform/ios-14-wk2/imported/w3c/web-platform-tests/websockets/basic-auth.any-expected.txt: Added.
• platform/ios-14-wk2/imported/w3c/web-platform-tests/websockets/basic-auth.any.worker-expected.txt: Added.
• platform/ios-14-wk2/imported/w3c/web-platform-tests/websockets/cookies/007-expected.txt: Added.
• platform/ios-14-wk2/imported/w3c/web-platform-tests/websockets/interfaces/WebSocket/bufferedAmount/bufferedAmount-arraybuffer-expected.txt: Added.
• platform/ios-14-wk2/imported/w3c/web-platform-tests/websockets/interfaces/WebSocket/bufferedAmount/bufferedAmount-blob-expected.txt: Added.
• platform/ios-14-wk2/imported/w3c/web-platform-tests/websockets/interfaces/WebSocket/bufferedAmount/bufferedAmount-getting-expected.txt: Added.
• platform/ios-14-wk2/imported/w3c/web-platform-tests/websockets/interfaces/WebSocket/bufferedAmount/bufferedAmount-large-expected.txt: Added.
• platform/ios-14-wk2/imported/w3c/web-platform-tests/websockets/interfaces/WebSocket/bufferedAmount/bufferedAmount-unicode-expected.txt: Added.
• platform/ios-14/TestExpectations: Added.
• platform/ios-14/fast/css/ios/system-color-for-css-value-expected.txt: Added.
• platform/ios-14/fast/forms/button-sizes-expected.txt: Copied from LayoutTests/platform/ios/fast/forms/button-sizes-expected.txt.
• platform/ios-14/fast/forms/input-button-sizes-expected.txt: Copied from LayoutTests/platform/ios/fast/forms/input-button-sizes-expected.txt.
• platform/ios-14/fast/forms/number/number-appearance-spinbutton-disabled-readonly-expected.txt: Copied from LayoutTests/platform/ios/fast/forms/number/number-appearance-spinbutton-disabled-readonly-expected.txt.
• platform/ios-14/fast/text/hyphenate-avoid-orphaned-word-expected.txt: Copied from LayoutTests/platform/ios/fast/text/hyphenate-avoid-orphaned-word-expected.txt.
• platform/ios-wk2/TestExpectations:
• platform/ios-wk2/fast/css/font-face-locally-installed-expected.txt:
• platform/ios-wk2/http/tests/websocket/tests/hybi/alert-in-event-handler-expected.txt: Added.
• platform/ios-wk2/http/tests/websocket/tests/hybi/bufferedAmount-after-close-in-busy-expected.txt: Added.
• platform/ios-wk2/http/tests/websocket/tests/hybi/close-and-server-script-exception-expected.txt: Added.
• platform/ios-wk2/http/tests/websocket/tests/hybi/fragmented-frames-expected.txt: Added.
• platform/ios-wk2/http/tests/websocket/tests/hybi/handshake-fail-by-no-cr-expected.txt: Added.
• platform/ios-wk2/http/tests/websocket/tests/hybi/handshake-fail-by-null-char-in-status-expected.txt: Added.
• platform/ios-wk2/http/tests/websocket/tests/hybi/handshake-ok-with-http-version-beyond-1_1-expected.txt: Added.
• platform/ios-wk2/http/tests/websocket/tests/hybi/interleaved-fragments-expected.txt: Added.
• platform/ios-wk2/http/tests/websocket/tests/hybi/receive-arraybuffer-expected.txt: Added.
• platform/ios-wk2/http/tests/websocket/tests/hybi/workers/close-code-and-reason-expected.txt: Added.
• platform/ios-wk2/http/tests/websocket/tests/hybi/workers/receive-arraybuffer-expected.txt: Added.
• platform/ios-wk2/http/tests/websocket/tests/hybi/zero-length-text-expected.txt: Added.
• platform/ios-wk2/http/tests/workers/service/serviceworker-websocket.https-expected.txt: Added.
• platform/ios-wk2/imported/w3c/web-platform-tests/touch-events/idlharness.window-expected.txt: Added.
• platform/ios-wk2/imported/w3c/web-platform-tests/websockets/Send-65K-data.any-expected.txt: Added.
• platform/ios-wk2/imported/w3c/web-platform-tests/websockets/Send-binary-65K-arraybuffer.any-expected.txt: Added.
• platform/ios-wk2/imported/w3c/web-platform-tests/websockets/Send-binary-arraybuffer.any-expected.txt: Added.
• platform/ios-wk2/imported/w3c/web-platform-tests/websockets/Send-data.any-expected.txt: Added.
• platform/ios-wk2/imported/w3c/web-platform-tests/websockets/Send-paired-surrogates.any-expected.txt: Added.
• platform/ios-wk2/imported/w3c/web-platform-tests/websockets/basic-auth.any-expected.txt: Added.
• platform/ios-wk2/imported/w3c/web-platform-tests/websockets/basic-auth.any.worker-expected.txt: Added.
• platform/ios-wk2/imported/w3c/web-platform-tests/websockets/cookies/007-expected.txt: Added.
• platform/ios-wk2/imported/w3c/web-platform-tests/websockets/interfaces/WebSocket/bufferedAmount/bufferedAmount-arraybuffer-expected.txt: Added.
• platform/ios-wk2/imported/w3c/web-platform-tests/websockets/interfaces/WebSocket/bufferedAmount/bufferedAmount-blob-expected.txt: Added.
• platform/ios-wk2/imported/w3c/web-platform-tests/websockets/interfaces/WebSocket/bufferedAmount/bufferedAmount-getting-expected.txt: Added.
• platform/ios-wk2/imported/w3c/web-platform-tests/websockets/interfaces/WebSocket/bufferedAmount/bufferedAmount-large-expected.txt: Added.
• platform/ios-wk2/imported/w3c/web-platform-tests/websockets/interfaces/WebSocket/bufferedAmount/bufferedAmount-unicode-expected.txt: Added.
• platform/ios/TestExpectations:
• platform/ios/fast/css/ios/system-color-for-css-value-expected.txt: Added.
• platform/ios/fast/forms/button-sizes-expected.txt:
• platform/ios/fast/forms/input-button-sizes-expected.txt:
• platform/ios/fast/forms/number/number-appearance-spinbutton-disabled-readonly-expected.txt:
• platform/ios/fast/text/hyphenate-avoid-orphaned-word-expected.txt:

9:51 AM Changeset in webkit [280245] by mmaxfield@apple.com

• 4 edits in trunk/Source/WebKit

[GPU Process] Migrate the DisplayList::Replayer::Delegate from RemoteImageBuffer to RemoteRenderingBackend
​https://bugs.webkit.org/show_bug.cgi?id=228219

Reviewed by Wenson Hsieh.

This is part 1 of ​https://bugs.webkit.org/show_bug.cgi?id=228216.

For this task, we need to count resource uses:

1. As the recorder in the web process records DisplayList items which reference resources, those uses need to increment a counter.
2. As the replayer in the GPU process replays DisplayList items which reference resources, those uses need to increment a parallel counter.

The most natural place for the counters to live is in RemoteResourceCacheProxy and RemoteResourceCache, respectively. These two classes
are accessible from the RemoteRenderingBackendProxy and RemoteRenderingBackend, respectively. The most natural interface between the
DisplayList classes like DisplayList::Recorder and DisplayList::Replayer and the higher level WebKit classes is to use their delegate
interfaces.

For 1 above, RemoteImageBufferProxy has access to the RemoteRenderingBackendProxy and is already a DisplayList::Recorder::Delegate, so
there's no problem there. However, for 2, messages are delivered first to the RemoteRenderingBackend, which is the place that has access to
the RemoteResourceCache. Making the RemoteRenderingBackend have the DisplayList::Replayer::Delegate would be a natural place to either
A) call the necessary function in the RemoteImageBuffer, or B) interact with the RemoteResourceCache to increment the necessary counter.

Indeed, this makes a lot of sense because, for 2 of the 3 delegate methods, RemoteImageBuffer just immediately turns around and forwards
the call to the RemoteRenderingBackend anyway. So, migrating this interface to RemoteRenderingBackend actually ends up making it a bit
simpler.

No new tests because there is no behavior change.

• GPUProcess/graphics/RemoteImageBuffer.h:

(WebKit::RemoteImageBuffer::apply):
(): Deleted.

• GPUProcess/graphics/RemoteRenderingBackend.cpp:

(WebKit::RemoteRenderingBackend::ReplayerDelegate::ReplayerDelegate):
(WebKit::RemoteRenderingBackend::ReplayerDelegate::apply):
(WebKit::RemoteRenderingBackend::ReplayerDelegate::didCreateMaskImageBuffer):
(WebKit::RemoteRenderingBackend::ReplayerDelegate::didResetMaskImageBuffer):
(WebKit::RemoteRenderingBackend::submit):

• GPUProcess/graphics/RemoteRenderingBackend.h:

9:07 AM Changeset in webkit [280244] by Aditya Keerthi

• 14 edits
  7 copies
  5 adds in trunk

[macOS] Repainting artifacts when moving input type=range slider thumb
​https://bugs.webkit.org/show_bug.cgi?id=228135
rdar://76247487

Reviewed by Tim Horton.

Source/WebCore:

• rendering/RenderThemeMac.mm:

(WebCore::RenderThemeMac::adjustSliderThumbSize const):

The size of NSSliderCell's knob increased in Big Sur. Consequently, the
knob was being painted outside of its box. Unfortunately, there is
currently no way to obtain the size programmatically, so we are forced
to update the hardcoded size.

LayoutTests:

Rebaselined tests to account for the change to the size of the slider
thumb.

• fast/dom/HTMLInputElement/input-slider-update-expected.txt:
• fast/repaint/block-inputrange-repaint-expected.txt:
• fast/repaint/block-inputrange-repaint.html:
• fast/repaint/slider-thumb-drag-release-expected.txt:
• platform/gtk/fast/repaint/block-inputrange-repaint-expected.txt:
• platform/mac-catalina/fast/dom/HTMLInputElement/input-slider-update-expected.txt: Copied from LayoutTests/fast/dom/HTMLInputElement/input-slider-update-expected.txt.
• platform/mac-catalina/fast/forms/input-appearance-height-expected.txt: Copied from LayoutTests/platform/mac/fast/forms/input-appearance-height-expected.txt.
• platform/mac-catalina/fast/forms/range/input-appearance-range-expected.txt: Copied from LayoutTests/platform/mac/fast/forms/range/input-appearance-range-expected.txt.
• platform/mac-catalina/fast/forms/range/slider-padding-expected.txt: Copied from LayoutTests/platform/mac/fast/forms/range/slider-padding-expected.txt.
• platform/mac-catalina/fast/forms/range/slider-thumb-shared-style-expected.txt: Copied from LayoutTests/platform/mac/fast/forms/range/slider-thumb-shared-style-expected.txt.
• platform/mac-catalina/fast/forms/range/thumbslider-no-parent-slider-expected.txt: Copied from LayoutTests/platform/mac/fast/forms/range/thumbslider-no-parent-slider-expected.txt.
• platform/mac-catalina/fast/repaint/block-inputrange-repaint-expected.txt: Added.
• platform/mac-catalina/fast/repaint/slider-thumb-drag-release-expected.txt: Copied from LayoutTests/fast/repaint/slider-thumb-drag-release-expected.txt.
• platform/mac/fast/forms/box-shadow-override-expected.txt:
• platform/mac/fast/forms/input-appearance-height-expected.txt:
• platform/mac/fast/forms/range/input-appearance-range-expected.txt:
• platform/mac/fast/forms/range/slider-padding-expected.txt:
• platform/mac/fast/forms/range/slider-thumb-shared-style-expected.txt:
• platform/mac/fast/forms/range/thumbslider-no-parent-slider-expected.txt:

8:38 AM Changeset in webkit [280243] by commit-queue@webkit.org

• 4 edits in trunk/Source/WebCore

[GStreamer][1.19] Warnings due to AppSinkCallbacks struct growth
​https://bugs.webkit.org/show_bug.cgi?id=228229

Patch by Philippe Normand <​pnormand@igalia.com> on 2021-07-23
Reviewed by Xabier Rodriguez-Calvar.

A new callback was added, for event notifications.

• platform/audio/gstreamer/AudioFileReaderGStreamer.cpp:

(WebCore::AudioFileReader::handleNewDeinterleavePad):

• platform/audio/gstreamer/AudioSourceProviderGStreamer.cpp:

(WebCore::AudioSourceProviderGStreamer::handleNewDeinterleavePad):

• platform/graphics/gstreamer/ImageDecoderGStreamer.cpp:

(WebCore::ImageDecoderGStreamer::InnerDecoder::connectDecoderPad):

4:39 AM Changeset in webkit [280242] by Devin Rousso

• 5 edits in trunk

[Modern Media Controls] [macOS] Only show total duration when the elapsed time is visible
​https://bugs.webkit.org/show_bug.cgi?id=228191
<rdar://problem/80529918>

Reviewed by Eric Carlson.

Source/WebCore:

When a <video> is narrow (~250px) WebKit will drop the elapsed time, meaning that only the
scrubber and duration are visible. It's not very helpful to show just the duration because
it never changes, requiring the user to do the mental math of dividing the scrubber width
by the total duration to figure out how much time is left (and has elapsed). Showing the
remaining time is better because it at least helps the user not have to figure out how much
longer the <video> will play (which is more useful/actionable than knowing the duration).

Test: media/modern-media-controls/time-control/time-control.html

• Modules/modern-media-controls/controls/time-control.js:

(TimeControl):
(TimeControl.prototype.handleEvent):
(TimeControl.prototype.get _canShowDurationTimeLabel): Added.
(TimeControl.prototype._durationOrRemainingTimeLabel):
(TimeControl.prototype._performIdealLayout):
Rename _showDurationTimeLabel to _shouldShowDurationTimeLabel and add another private
getter _canShowDurationTimeLabel that only is true when this.elapsedTimeLabel.visible.
Use both to decide whether duration or remaining is shown/updated/etc..

LayoutTests:

• media/modern-media-controls/time-control/time-control.html:
• media/modern-media-controls/time-control/time-control-expected.txt:

4:03 AM Changeset in webkit [280241] by Carlos Garcia Campos

• 1 copy in releases/WebKitGTK/webkit-2.32.3

WebKitGTK 2.32.3

4:03 AM Changeset in webkit [280240] by Carlos Garcia Campos

• 4 edits in releases/WebKitGTK/webkit-2.32

Unreviewed. Update OptionsGTK.cmake and NEWS for 2.32.3 release

.:

• Source/cmake/OptionsGTK.cmake: Bump version numbers.

Source/WebKit:

• gtk/NEWS: Add release notes for 2.32.3

3:51 AM Changeset in webkit [280239] by Philippe Normand

• 12 edits
  1 add
  1 delete in trunk

[GLib] Remove libportal dependency
​https://bugs.webkit.org/show_bug.cgi?id=228056

Reviewed by Carlos Garcia Campos.

.:

• Source/cmake/FindLIBPORTAL.cmake: Removed.
• Source/cmake/GStreamerChecks.cmake:

Source/WebCore:

The pure-GDBus approach allows us to request the input device (Monitor or Window) depending
on the CaptureDevice type and make the mouse cursor visible in the generated video stream.
Also requesting capture support within computeCaptureDevices() was a bad idea because this
being used by the enumerateMediaDevices API could potentially spam the user with permission
popups.

• platform/GStreamer.cmake:
• platform/mediastream/gstreamer/GStreamerCaptureDeviceManager.cpp:
• platform/mediastream/gstreamer/GStreamerCaptureDeviceManager.h:
• platform/mediastream/gstreamer/GStreamerDisplayCaptureDeviceManager.cpp: Added.

(WebCore::GStreamerDisplayCaptureDeviceManager::singleton):
(WebCore::GStreamerDisplayCaptureDeviceManager::GStreamerDisplayCaptureDeviceManager):
(WebCore::GStreamerDisplayCaptureDeviceManager::~GStreamerDisplayCaptureDeviceManager):
(WebCore::GStreamerDisplayCaptureDeviceManager::computeCaptureDevices):
(WebCore::GStreamerDisplayCaptureDeviceManager::createDisplayCaptureSource):
(WebCore::GStreamerDisplayCaptureDeviceManager::stopSource):
(WebCore::GStreamerDisplayCaptureDeviceManager::waitResponseSignal):

• platform/mediastream/gstreamer/GStreamerVideoCaptureSource.cpp:

(WebCore::GStreamerVideoCaptureSource::createPipewireSource):
(WebCore::GStreamerVideoCaptureSource::factory):
(WebCore::GStreamerVideoCaptureSource::displayFactory):
(WebCore::GStreamerVideoCaptureSource::GStreamerVideoCaptureSource):
(WebCore::GStreamerVideoCaptureSource::stopProducingData):

• platform/mediastream/gstreamer/GStreamerVideoCaptureSource.h:
• platform/mediastream/gstreamer/GStreamerVideoCapturer.cpp:
• platform/mediastream/gstreamer/GStreamerVideoCapturer.h:

Source/WTF:

• Scripts/Preferences/WebPreferencesExperimental.yaml: Enable screen capture on GStreamer

ports. The PIPEWIRE ifdef is redundant.

3:11 AM Changeset in webkit [280238] by Carlos Garcia Campos

• 2 edits in releases/WebKitGTK/webkit-2.32/Source/WebCore

Merge r276352 - Use BlobURL::getOriginURL in more places
​https://bugs.webkit.org/show_bug.cgi?id=224857

Reviewed by Alex Christensen.

Covered by existing tests.

• loader/PolicyChecker.cpp:

(WebCore::FrameLoader::PolicyChecker::extendBlobURLLifetimeIfNecessary const):

3:11 AM Changeset in webkit [280237] by Carlos Garcia Campos

• 4 edits
  3 adds in releases/WebKitGTK/webkit-2.32

Merge r276012 - REGRESSION(Safari 14): iframe with blob url does not work with sandboxing
​https://bugs.webkit.org/show_bug.cgi?id=222312
<rdar://problem/74927624>

Reviewed by Chris Dumez.

Source/WebCore:

In ​https://trac.webkit.org/r275884, we correctly compute whether a blob is to be considered secure or not.
For that, we need to have the blob URL registered with its document origin.
Update PolicyChecker to properly register the temporoary blob URL with its document origin.

Test: http/tests/security/sandbox-iframe-and-blob.https.html

• loader/PolicyChecker.cpp:

(WebCore::FrameLoader::PolicyChecker::extendBlobURLLifetimeIfNecessary const):

LayoutTests:

• http/tests/security/resources/sandbox-iframe-and-blob-frame.html: Added.
• http/tests/security/sandbox-iframe-and-blob.https-expected.txt: Added.
• http/tests/security/sandbox-iframe-and-blob.https.html: Added.
• platform/win/TestExpectations:

3:11 AM Changeset in webkit [280236] by Carlos Garcia Campos

• 11 edits in releases/WebKitGTK/webkit-2.32

Merge r276230 - Blob URLs should use for their owner origin for CSP checks
​https://bugs.webkit.org/show_bug.cgi?id=224535
<rdar://76458106>

Reviewed by Alex Christensen.

Source/WebCore:

Before the patch, we were checking blob origin directly with ancestors.
As per ​https://w3c.github.io/webappsec-csp/#match-url-to-source-expression step 4.1,
we need to get the URL origin, which by spec is the origin of the blob creator.
We only do this for navigation loads as script loads should be kept the current way, as a cross-site scripting protection,
and to remain compatible with other browsers.

Make some refactoring to add helper routines to get origin and secure context state of blob URLs in BlobURL.
Make use of it in MixedContentChecker as a refactoring.
Make use of the helper routine in ContentSecurityPolicySource::matches to fix the bug.

Test: http/tests/security/frame-src-and-blob-download.https.html

• fileapi/BlobURL.cpp:

(WebCore::blobOwner):
(WebCore::BlobURL::getOriginURL):
(WebCore::BlobURL::isSecureBlobURL):

• fileapi/BlobURL.h:
• fileapi/ThreadableBlobRegistry.cpp:

(WebCore::isBlobURLContainsNullOrigin):

• loader/MixedContentChecker.cpp:

(WebCore::MixedContentChecker::isMixedContent):

• page/SecurityOrigin.cpp:

(WebCore::SecurityOrigin::isSecure):

• page/csp/ContentSecurityPolicy.cpp:

(WebCore::ContentSecurityPolicy::urlMatchesSelf const):

• page/csp/ContentSecurityPolicy.h:
• page/csp/ContentSecurityPolicySourceList.cpp:

(WebCore::ContentSecurityPolicySourceList::matches const):

LayoutTests:

• http/tests/security/frame-src-and-blob-download.https-expected.txt: Added.
• http/tests/security/frame-src-and-blob-download.https.html:
• http/tests/security/resources/frame-src-and-blob-download-frame.html: Added.
• platform/mac-wk1/TestExpectations:
• platform/win/TestExpectations:

2:03 AM Changeset in webkit [280235] by Adrian Perez de Castro

• 3 edits
  1 add in releases/WebKitGTK/webkit-2.32

Merge r278819 - ​https://bugs.webkit.org/show_bug.cgi?id=226576
<rdar://problem/78810362>

Reviewed by Yusuke Suzuki.

JSTests:

• stress/short-circuit-read-modify-write-cant-write-dst-before-tdz-check.js: Added.

(let.result.eval.try.captureV):
(catch):

Source/JavaScriptCore:

ShortCircuitReadModifyResolveNode can't emit a value into
its result until after it emits a TDZ check. We were temporarily
storing the result of the get_from_scope into the dst. Then
we'd emit the TDZ check. The TDZ check can throw, and it could
lead to us returning TDZ from the eval itself. Instead, we need
to use a temporary to emit a TDZ check on. Only after the TDZ check
passes can we move the temporary into the result.

• bytecompiler/NodesCodegen.cpp:

(JSC::ShortCircuitReadModifyResolveNode::emitBytecode):

2:03 AM Changeset in webkit [280234] by Adrian Perez de Castro

• 4 edits
  1 add in releases/WebKitGTK/webkit-2.32

Merge r278578 - Short circuit read modify write nodes emit byte code that uses the wrong locals
​https://bugs.webkit.org/show_bug.cgi?id=226576
<rdar://problem/78810362>

Reviewed by Yusuke Suzuki.

JSTests:

• stress/short-circuit-read-modify-should-use-the-write-virtual-registers.js: Added.

(eval):

Source/JavaScriptCore:

It's never a good idea to use the wrong local :-)

This patch also adds support for dumping predecessors of basic blocks
in the bytecode dump.

• bytecode/BytecodeDumper.cpp:

(JSC::CodeBlockBytecodeDumper<Block>::dumpGraph):

• bytecompiler/NodesCodegen.cpp:

(JSC::ShortCircuitReadModifyResolveNode::emitBytecode):
(JSC::ShortCircuitReadModifyDotNode::emitBytecode):
(JSC::ShortCircuitReadModifyBracketNode::emitBytecode):

2:00 AM Changeset in webkit [280233] by Adrian Perez de Castro

• 19 edits in releases/WebKitGTK/webkit-2.32/Source/JavaScriptCore

Merge r276609 - numCalleeLocals, numParameters, and numVars should be unsigned
​https://bugs.webkit.org/show_bug.cgi?id=224995

Patch by Keith Miller <​keith_miller@apple.com> on 2021-04-26
Reviewed by Mark Lam.

All of the various CodeBlock classes currently have the
numCalleeLocals and numVars marked as ints. I believe this is just
a historical artifact or because VirtualRegister's offset is an
int to make handling constants easier. Regardless, it's a bit
strange to not handle the sign conversion at the point of
comparison between a VirtualRegister offset and the local/var
count. This doesn't completely fix every place we use ints for
these values but starts on the right track. Lastly, I also added
some Check<unsigned>s to the wasm parser for sanity checking.

• bytecode/CodeBlock.cpp:

(JSC::CodeBlock::setNumParameters):
(JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeIndexSlow):

• bytecode/CodeBlock.h:

(JSC::CodeBlock::numParameters const):
(JSC::CodeBlock::numberOfArgumentsToSkip const):
(JSC::CodeBlock::numCalleeLocals const):
(JSC::CodeBlock::numVars const):
(JSC::CodeBlock::numTmps const):
(JSC::CodeBlock::addressOfNumParameters):
(JSC::CodeBlock::isTemporaryRegister):

• bytecode/UnlinkedCodeBlock.h:

(JSC::UnlinkedCodeBlock::numCalleeLocals const):
(JSC::UnlinkedCodeBlock::numVars const):

• bytecode/UnlinkedCodeBlockGenerator.h:

(JSC::UnlinkedCodeBlockGenerator::numCalleeLocals const):
(JSC::UnlinkedCodeBlockGenerator::numVars const):
(JSC::UnlinkedCodeBlockGenerator::setNumCalleeLocals):
(JSC::UnlinkedCodeBlockGenerator::setNumVars):
(JSC::UnlinkedCodeBlockGenerator::setNumParameters):

• bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::generate):
(JSC::BytecodeGenerator::emitPushFunctionNameScope):

• bytecompiler/BytecodeGeneratorBaseInlines.h:

(JSC::BytecodeGeneratorBase<Traits>::newRegister):

• dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::handleRecursiveTailCall):
(JSC::DFG::ByteCodeParser::inliningCost):
(JSC::DFG::ByteCodeParser::parseBlock):

• dfg/DFGOSREntrypointCreationPhase.cpp:

(JSC::DFG::OSREntrypointCreationPhase::run):

• dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::checkArgumentTypes):

• ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::lower):

• ftl/FTLOSREntry.cpp:

(JSC::FTL::prepareOSREntry):

• interpreter/CallFrameClosure.h:
• interpreter/ProtoCallFrameInlines.h:

(JSC::ProtoCallFrame::init):

• jit/JIT.cpp:

(JSC::JIT::compileWithoutLinking):

• runtime/CommonSlowPaths.h:

(JSC::CommonSlowPaths::numberOfStackPaddingSlots):
(JSC::CommonSlowPaths::numberOfStackPaddingSlotsWithExtraSlots):

• wasm/WasmFunctionCodeBlock.h:

(JSC::Wasm::FunctionCodeBlock::numVars const):
(JSC::Wasm::FunctionCodeBlock::numCalleeLocals const):
(JSC::Wasm::FunctionCodeBlock::setNumVars):
(JSC::Wasm::FunctionCodeBlock::setNumCalleeLocals):

• wasm/WasmLLIntGenerator.cpp:

(JSC::Wasm::LLIntGenerator::push):
(JSC::Wasm::LLIntGenerator::getDropKeepCount):
(JSC::Wasm::LLIntGenerator::walkExpressionStack):
(JSC::Wasm::LLIntGenerator::checkConsistency):
(JSC::Wasm::LLIntGenerator::materializeConstantsAndLocals):
(JSC::Wasm::LLIntGenerator::splitStack):
(JSC::Wasm::LLIntGenerator::finalize):
(JSC::Wasm::LLIntGenerator::callInformationForCaller):
(JSC::Wasm::LLIntGenerator::addLoop):
(JSC::Wasm::LLIntGenerator::addTopLevel):
(JSC::Wasm::LLIntGenerator::addBlock):
(JSC::Wasm::LLIntGenerator::addIf):
(JSC::Wasm::LLIntGenerator::addElseToUnreachable):

1:59 AM Changeset in webkit [280232] by Carlos Garcia Campos

• 5 edits in releases/WebKitGTK/webkit-2.32/Source/WebCore

Merge r278964 - Protect Element before calling dispatchMouseEvent() on it
​https://bugs.webkit.org/show_bug.cgi?id=226767
<rdar://problem/79009112>

Reviewed by Ryosuke Niwa.

• page/EventHandler.cpp:

(WebCore::EventHandler::updateMouseEventTargetNode):
(WebCore::EventHandler::dispatchMouseEvent):

• page/PointerLockController.cpp:

(WebCore::PointerLockController::dispatchLockedMouseEvent):

• page/Quirks.cpp:

(WebCore::Quirks::triggerOptionalStorageAccessQuirk const):

1:48 AM Changeset in webkit [280231] by Carlos Garcia Campos

• 2 edits in releases/WebKitGTK/webkit-2.32/Source/WebCore

Merge r278166 - Pass frame ref during navigationPolicyCompletionHandler
​https://bugs.webkit.org/show_bug.cgi?id=226268
<rdar://problem/78512383>

Reviewed by Ryosuke Niwa.

Pass the active frame to the navigationPolicyCompletionHandler lambda as a Ref to
ensure it is kept alive during the policy check and subsequent steps.

• loader/DocumentLoader.cpp:

(WebCore::DocumentLoader::willSendRequest):

1:47 AM Changeset in webkit [280230] by Carlos Garcia Campos

• 2 edits in releases/WebKitGTK/webkit-2.32/Source/WebCore

Merge r276611 - Remove redundant frameDetached() from the SVGImage destructor
​https://bugs.webkit.org/show_bug.cgi?id=221616
<rdar://problem/74149106>

Reviewed by Chris Dumez.

SVGImage was originally written such that it has two separate objects:
a page and a frame; see ​https://trac.webkit.org/r18470. So it made sense
at that time to clean up the page and the frame separately. The Frame
was cleaned up by telling the frame's loader that the frameDetached().

This code is not necessary right now since the page owns the main frame.
And its destructor recursively detaches itself from all the frames.

• svg/graphics/SVGImage.cpp:

(WebCore::SVGImage::~SVGImage):

1:29 AM Changeset in webkit [280229] by Carlos Garcia Campos

• 2 edits in releases/WebKitGTK/webkit-2.32/Source/WebCore

Merge r276206 - Perform port blocking earlier in the load
​https://bugs.webkit.org/show_bug.cgi?id=224525
<rdar://problem/75440591>

Unreviewed follow-up (suggested by David Kilzer)

• loader/DocumentLoader.cpp:

(WebCore::DocumentLoader::willSendRequest): Restore an m_frame nullptr check.,

1:29 AM Changeset in webkit [280228] by Carlos Garcia Campos

• 3 edits
  2 adds in releases/WebKitGTK/webkit-2.32/LayoutTests

Merge r276289 - [GTK][WPE] Unreviewed test gardening. Emit new port baselines after r276193.

• platform/gtk/TestExpectations:
• platform/gtk/security/block-test-expected.txt: Added.
• platform/wpe/security/block-test-expected.txt:

1:29 AM Changeset in webkit [280227] by Carlos Garcia Campos

• 2 edits
  2 adds in releases/WebKitGTK/webkit-2.32/LayoutTests

Merge r276215 - [GLIB] Unreviewed test gardening. Emit new baseline after r276193.

• platform/glib/TestExpectations:
• platform/glib/http/tests/xmlhttprequest/simple-cross-origin-denied-events-post-expected.txt: Added.

1:29 AM Changeset in webkit [280226] by Carlos Garcia Campos

• 29 edits
  4 copies
  2 adds in releases/WebKitGTK/webkit-2.32

Merge r276193 - Perform port blocking earlier in the load
​https://bugs.webkit.org/show_bug.cgi?id=224525
<rdar://problem/75440591>

Reviewed by Darin Adler.

Source/WebCore:

WebKit blocks loads to URLs with any of the prohibited ports defined in
the engine. This blocking happens late in the load process, allowing
connections to be made (and observed). Instead, we should stop the load
early, at the same time we perform other checks.

Test: http/tests/security/form-blocked-port.html

• html/HTMLMediaElement.cpp:

(WebCore::HTMLMediaElement::isSafeToLoadURL): Add a check for prohibited ports,
and block (with relevant logging) if a load to a denied port is attempted.

• loader/DocumentLoader.cpp:

(WebCore::DocumentLoader::willSendRequest): Ditto.

• loader/FrameLoader.cpp:

(WebCore::FrameLoader::loadFrameRequest): Ditto.
(WebCore::FrameLoader::reportBlockedLoadFailed): Ditto.

• loader/FrameLoader.h:
• loader/PingLoader.cpp:

(WebCore::PingLoader::loadImage): Ditto.

• loader/ResourceLoader.cpp:

(WebCore::ResourceLoader::init): Ditto.

• loader/SubframeLoader.cpp:

(WebCore::FrameLoader::SubframeLoader::pluginIsLoadable): Ditto.
(WebCore::FrameLoader::SubframeLoader::loadSubframe): Ditto.

• loader/cache/CachedResourceLoader.cpp:

(WebCore::CachedResourceLoader::canRequest): Ditto.
(WebCore::CachedResourceLoader::canRequestAfterRedirection const): Ditto.

Tools:

Update URLScheme test to use a non-prohibited port for the test. Tests of
failed fetches are already handled in WPT and other tests, so using a valid
port here should continue to be a valid test.

• TestWebKitAPI/Tests/WebKitCocoa/WKURLSchemeHandler-1.mm:

(-[FrameSchemeHandler webView:startURLSchemeTask:]): Use allowed port or the test
instead of 123.

LayoutTests:

WebKit blocks loads to URLs with any of the prohibited ports defined in
the engine. This blocking happens late in the load process, allowing
connections to be made (and observed). Instead, we should stop the load
early, at the same time we perform other checks.

Note: The fact that we now block loads earlier means that we do not fire
'willSendRequestForFrame' for blocked ports, so WebKitTestRunner no longer
outputs a message to stdout. Those errors are reported in the JS console,
but since some test paths are specified to always output JS console messages
to stderrr (for example the WPT tests), we have to revise out test expectations
for a few cases.

• fast/loader/cancel-load-during-port-block-timer.html: Revised expectation to reflect new console error message.
• http/tests/cache/cancel-during-failure-crash-expected.txt: Ditto.
• http/tests/preload/download_resources_from_invalid_headers-expected.txt: Update to reflect a preflight is not executed for a blocked port.
• http/tests/preload/resources/nph-invalid_resources_from_header.pl: Update to reflect that we do not preload from restricted ports.
• http/tests/security/blocked-on-redirect-expected.txt: Revised expectation to match revised error message.
• http/tests/security/form-blocked-port.html: Added.
• http/tests/security/form-blocked-port-expected.txt: Added.
• http/tests/xmlhttprequest/cross-origin-redirect-responseURL-expected.txt: Revised expectation for revised error message.
• http/tests/xmlhttprequest/redirect-cross-origin-2-expected.txt: Ditto.
• http/tests/xmlhttprequest/redirect-cross-origin-expected.txt: Ditto.
• http/tests/xmlhttprequest/simple-cross-origin-denied-events.html: Instead of using a port WebKit blocks (7), use one that is not blocked but is unlikely to be active (as originally intended). This retains the expected test behavior since we now block loads to restricted ports earlier in the load process.
• http/tests/xmlhttprequest/simple-cross-origin-denied-events-post.html: Ditto.
• http/tests/xmlhttprequest/simple-cross-origin-denied-events-post-expected.txt: Update test output to reflect that we are attempting to load from port 8 instead of port 7.
• http/wpt/beacon/beacon-async-error-logging-expected.txt: Ditto.
• http/wpt/beacon/beacon-async-error-logging.html: Update to reflect a preflight is not executed for a blocked port.
• imported/w3c/web-platform-tests/fetch/api/request/request-bad-port.any-expected.txt: Since we block before executing the load, TestRunner no longer outputs an error message to stdout. Instead, they appear in stderr (since all 'wpt' tests are marked to dump console.log output to stderr).
• imported/w3c/web-platform-tests/fetch/api/request/request-bad-port.any.worker-expected.txt: Ditto.
• platform/mac-wk1/http/tests/xmlhttprequest/redirect-cross-origin-post-expected.txt: Revise to reflect change in console logging (the functional test results are identical).
• platform/mac-wk1/http/tests/xmlhttprequest/simple-cross-origin-denied-events-post-expected.txt: Ditto.
• platform/win/http/tests/xmlhttprequest/redirect-cross-origin-post-expected.txt: Ditto.
• platform/win/http/tests/xmlhttprequest/simple-cross-origin-denied-events-post-expected.txt: Ditto.
• platform/wk2/http/tests/security/blocked-on-redirect-expected.txt: Ditto.

1:29 AM Changeset in webkit [280225] by Carlos Garcia Campos

• 9 edits in releases/WebKitGTK/webkit-2.32

Merge r275831 - Block loading for port 10080
​https://bugs.webkit.org/show_bug.cgi?id=224432

Reviewed by Alex Christensen.

LayoutTests/imported/w3c:

• web-platform-tests/fetch/api/request/request-bad-port.any-expected.txt:
• web-platform-tests/fetch/api/request/request-bad-port.any.js:
• web-platform-tests/fetch/api/request/request-bad-port.any.worker-expected.txt:
• web-platform-tests/websockets/Create-blocked-port.any-expected.txt:
• web-platform-tests/websockets/Create-blocked-port.any.js:
• web-platform-tests/websockets/Create-blocked-port.any.worker-expected.txt:

Source/WTF:

Follow Chrome and Firefox by blocking port 10080.

• wtf/URL.cpp:

(WTF::portAllowed):

1:17 AM Changeset in webkit [280224] by Adrian Perez de Castro

• 2 edits in releases/WebKitGTK/webkit-2.32/Source/JavaScriptCore

Merge r276527 - [YARR Interpreter] Improper backtrack of parentheses with non-zero based greedy quantifiers
​https://bugs.webkit.org/show_bug.cgi?id=224983

Reviewed by Mark Lam.

When we backtrack a parentheses with a greedy non zero based quantifier,
we don't properly restore for the case where we hadn't reached the minimum count.
We now save the input position on entry and restore it when we backtrack for
this case. We also properly release the allocated ParenthesesDisjunctionContext's.

• yarr/YarrInterpreter.cpp:

(JSC::Yarr::Interpreter::matchParentheses):
(JSC::Yarr::Interpreter::backtrackParentheses):

1:14 AM Changeset in webkit [280223] by Adrian Perez de Castro

• 2 edits in releases/WebKitGTK/webkit-2.32/Source/JavaScriptCore

Merge r276524 - Fix B3 strength reduction for shl.
​https://bugs.webkit.org/show_bug.cgi?id=224913
rdar://76978874

Reviewed by Michael Saboff.

If the operation can potentially either underflow or overflow, then the result
can be any value.

• b3/B3ReduceStrength.cpp:

1:08 AM Changeset in webkit [280222] by Carlos Garcia Campos

• 2 edits in releases/WebKitGTK/webkit-2.32/Source/WebCore

Merge r273752 - Crash under KeyframeEffect::setTarget()
​https://bugs.webkit.org/show_bug.cgi?id=222591
<rdar://problem/74281295>

Reviewed by David Kilzer.

The Styleable returned by targetStyleable() holds a reference to the Element that at
this point is m_target (assuming it's non-null). However, once we set the new value
for m_target, if the only reference to the original target was held by this KeyframeEffect,
then that element will be deallocated and by the time we call didChangeTargetStyleable()
it will be gone.

To address, we create a RefPtr<Element> in the scope of KeyframeEffect::setTarget()
protecting the Styleable's element while didChangeTargetStyleable() is called.

• animation/KeyframeEffect.cpp:

(WebCore::KeyframeEffect::setTarget):

1:03 AM Changeset in webkit [280221] by Carlos Garcia Campos

• 2 edits in trunk/Source/WebCore/platform/gtk/po

Updated Swedish translation
​https://bugs.webkit.org/show_bug.cgi?id=228206

Patch by Anders Jonsson <​anders.jonsson@norsjovallen.se> on 2021-07-23
Rubber-stamped by Carlos Garcia Campos.

• sv.po:

1:01 AM Changeset in webkit [280220] by Carlos Garcia Campos

• 2 edits in trunk/Source/WebCore/platform/gtk/po

[GTK] [l10n] Updated Ukrainian translation of WebKitGTK+
​https://bugs.webkit.org/show_bug.cgi?id=228188

Patch by Yuri Chornoivan <​yurchor@ukr.net> on 2021-07-23
Rubber-stamped by Carlos Garcia Campos.

• uk.po:

12:59 AM Changeset in webkit [280219] by Carlos Garcia Campos

• 2 edits in trunk/Source/WebCore/platform/gtk/po

[l10n] [pt_BR] Updated Brazilian Portuguese translation
​https://bugs.webkit.org/show_bug.cgi?id=227623

Patch by Rafael Fontenelle <​rafaelff@gnome.org> on 2021-07-23
Rubber-stamped by Carlos Garcia Campos.

• pt_BR.po:

12:30 AM Changeset in webkit [280218] by commit-queue@webkit.org

• 2 edits in trunk/LayoutTests

Removed incorrect test from webgl tests.
​https://bugs.webkit.org/show_bug.cgi?id=220720

Patch by Eleni Maria Stea <hikiko> on 2021-07-23
Reviewed by Kenneth Russell.

The removed test was based on the incorrect assumption that
deleted buffer names remain valid until the object they used to
refer to is destroyed. According to the WebGL spec:
​https://www.khronos.org/registry/webgl/specs/1.0.3/ section:
5.14.5 isBuffer "Return false if the buffer's invalidated flag
is set", this is not true and names become invalid immediately.

• fast/canvas/webgl/oes-vertex-array-object.html:

Jul 22, 2021:

8:20 PM Changeset in webkit [280217] by Devin Rousso

• 2 edits in trunk/Source/WebKit

[Live Text] [iOS] Analysis should also search for any App Clip codes
​https://bugs.webkit.org/show_bug.cgi?id=228207

Reviewed by Wenson Hsieh.

• UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView imageAnalysisGestureDidBegin:]):
(-[WKContentView imageAnalysisGestureDidTimeOut:]):

8:17 PM Changeset in webkit [280216] by sbarati@apple.com

• 2 edits in trunk/JSTests

JSTests/stress/test-out-of-memory shouldn't assume that we always OOM
​https://bugs.webkit.org/show_bug.cgi?id=228213

Reviewed by Mark Lam.

• stress/test-out-of-memory.js:

8:17 PM Changeset in webkit [280215] by ysuzuki@apple.com

• 2 edits in trunk/JSTests

Reduce iteration of microbenchmarks/memcpy-typed-loop.js
​https://bugs.webkit.org/show_bug.cgi?id=228214

Reviewed by Saam Barati.

Observing frequent timeout (e.g. ​https://ews-build.webkit.org/#/builders/1/builds/44698).
We do not need to have such a large # of iterations.

• microbenchmarks/memcpy-typed-loop.js:

7:14 PM Changeset in webkit [280214] by Aditya Keerthi

• 3 edits in trunk/Source/WebKit

[iOS] Unable to open arxiv links on Chrome
​https://bugs.webkit.org/show_bug.cgi?id=228205
rdar://78225849

Reviewed by Tim Horton.

-[WKWebView _snapshotRect:intoImageOfWidth:completionHandler:] currently
expects the width to be specified in pixels. However, the PDFKit SPI
used to snapshot a PDF expects a width in points. This led to WebKit
requesting extremely large snapshots, resulting in a crash in PDFKit.

To fix, use points instead of pixels in the PDF snapshotting path.
Also, ensure the scale factor of the returned image matches the
the scale used by PDFKit (the screen scale), as opposed to WebKit's
own "page" device scale factor, which can be overridden.

• UIProcess/API/Cocoa/WKWebView.mm:

(-[WKWebView takeSnapshotWithConfiguration:completionHandler:]):

• UIProcess/API/ios/WKWebViewIOS.mm:

7:00 PM Changeset in webkit [280213] by Said Abou-Hallawa

• 2 edits in trunk/Source/WebCore

Unreviewed, reverting 280130.
​https://bugs.webkit.org/show_bug.cgi?id=228212

Introduced MotionMark regression

Reverted changeset:

• rendering/RenderBlock.cpp:

(WebCore::RenderBlock::simplifiedLayout):

7:00 PM Changeset in webkit [280212] by Robert Jenner

• 3 edits in trunk/LayoutTests

Batch add test expectations for Monterey on Open Source
​https://bugs.webkit.org/show_bug.cgi?id=228200

Unreviewed test gardening.

• platform/mac-wk2/TestExpectations:
• platform/mac/TestExpectations:

5:09 PM Changeset in webkit [280211] by Chris Dumez

• 2 edits in trunk/Source/WebCore

The network process fails to take a locked file assertion when executing a SQLiteStatement outside a transaction
​https://bugs.webkit.org/show_bug.cgi?id=228194

Reviewed by Geoffrey Garen.

The network process fails to take a locked file assertion when executing a SQLiteStatement outside a transaction.
This means we may suspend in the middle of that statement and crash due to holding locked files.

To address this, we now make sure to bump the transaction count during the sqlite3_step() call if we're not
in the middle of a transaction and the current statement is not read-only (e.g. SELECT). Note that SQLite will
implicitly create a transaction for us in such cases.

• platform/sql/SQLiteStatement.cpp:

(WebCore::SQLiteStatement::step):

5:08 PM Changeset in webkit [280210] by Robert Jenner

• 3 edits in trunk/LayoutTests

Batch add test expectations for Monterey on Open Source
​https://bugs.webkit.org/show_bug.cgi?id=228200

Unreviewed test gardening.

• platform/mac-wk1/TestExpectations:
• platform/mac/TestExpectations: Adjusting expectations for Monterey.

5:08 PM Changeset in webkit [280209] by Alan Coon

• 11 edits
  2 moves
  1 add in branches/safari-612.1.25-branch/Source

Cherry-pick r280205. rdar://problem/80991517

REGRESSION (r278877) [Cocoa] WebAuthn stopped working for non-Safari browsers
​https://bugs.webkit.org/show_bug.cgi?id=228116
<rdar://problem/80693607>

Reviewed by Per Arne Vollan.

Source/WebKit:

We should not be using the PAC key to confirm a valid WebContent process is the source of
WebAuthn-related messages. Instead, we should confirm the message source is an Apple-signed
executable, and that the signining identity is for the WebContent process.

• Shared/Cocoa/CodeSigning.h: Renamed from Source/WebKit/Shared/mac/CodeSigning.h.
• Shared/Cocoa/CodeSigning.mm: Renamed from Source/WebKit/Shared/mac/CodeSigning.mm. (WebKit::codeSigningIdentifier): (WebKit::codeSigningIdentifierForCurrentProcess): (WebKit::codeSigningIdentifierAndPlatformBinaryStatus): Added.
• Shared/Cocoa/XPCEndpoint.mm: (WebKit::XPCEndpoint::XPCEndpoint): Update to use new method.
• SourcesCocoa.txt:
• UIProcess/Cocoa/WebProcessProxyCocoa.mm: (WebKit::WebProcessProxy::messageSourceIsValidWebContentProcess):
• UIProcess/WebProcessProxy.cpp: (WebKit:WebProcessProxy::getWebAuthnProcessConnection): Update for new message check name.
• UIProcess/WebProcessProxy.h:
• WebKit.xcodeproj/project.pbxproj:

Source/WTF:

Add new SPI header for code signing features.

• WTF.xcodeproj/project.pbxproj:
• wtf/spi/cocoa/SecuritySPI.h: Move some SecTask calls out of PLATFORM(MAC).
• wtf/spi/darwin/CodeSignSPI.h: Added.

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@280205 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4:46 PM Changeset in webkit [280208] by Robert Jenner

• 2 edits in trunk/LayoutTests

[BigSur+ Wk2] imported/w3c/web-platform-t ests/media-source/mediasour ce-seek-during-pending-seek .html is a flakey failure
​https://bugs.webkit.org/show_bug.cgi?id=222183

Unreviewed test gardening.

• platform/mac-wk2/TestExpectations: Including BigSur+ on existing expectations.

4:37 PM Changeset in webkit [280207] by Robert Jenner

• 3 edits in trunk/LayoutTests

[ BigSur+ iOS Release wk2 ] 2 imported/w3c/web-platform-tests/webrtc are flakey text failures (223385)
​https://bugs.webkit.org/show_bug.cgi?id=223385

Unreviewed test gardening.

• platform/ios/TestExpectations:
• platform/mac-wk2/TestExpectations:

4:02 PM Changeset in webkit [280206] by Ayumi Kojima

• 2 edits in trunk/LayoutTests

[iOS] media/video-presentation-mode.html is a flaky timeout.
​https://bugs.webkit.org/show_bug.cgi?id=228204

Unreviewed test gardening.

• platform/ios-wk2/TestExpectations:

3:58 PM Changeset in webkit [280205] by Brent Fulgham

• 11 edits
  2 moves
  1 add in trunk/Source

REGRESSION (r278877) [Cocoa] WebAuthn stopped working for non-Safari browsers
​https://bugs.webkit.org/show_bug.cgi?id=228116
<rdar://problem/80693607>

Reviewed by Per Arne Vollan.

Source/WebKit:

We should not be using the PAC key to confirm a valid WebContent process is the source of
WebAuthn-related messages. Instead, we should confirm the message source is an Apple-signed
executable, and that the signining identity is for the WebContent process.

• Shared/Cocoa/CodeSigning.h: Renamed from Source/WebKit/Shared/mac/CodeSigning.h.
• Shared/Cocoa/CodeSigning.mm: Renamed from Source/WebKit/Shared/mac/CodeSigning.mm.

(WebKit::codeSigningIdentifier):
(WebKit::codeSigningIdentifierForCurrentProcess):
(WebKit::codeSigningIdentifierAndPlatformBinaryStatus): Added.

• Shared/Cocoa/XPCEndpoint.mm:

(WebKit::XPCEndpoint::XPCEndpoint): Update to use new method.

• SourcesCocoa.txt:
• UIProcess/Cocoa/WebProcessProxyCocoa.mm:

(WebKit::WebProcessProxy::messageSourceIsValidWebContentProcess):

• UIProcess/WebProcessProxy.cpp:

(WebKit:WebProcessProxy::getWebAuthnProcessConnection): Update for new message check name.

• UIProcess/WebProcessProxy.h:
• WebKit.xcodeproj/project.pbxproj:

Source/WTF:

Add new SPI header for code signing features.

• WTF.xcodeproj/project.pbxproj:
• wtf/spi/cocoa/SecuritySPI.h: Move some SecTask calls out of PLATFORM(MAC).
• wtf/spi/darwin/CodeSignSPI.h: Added.

3:52 PM Changeset in webkit [280204] by Robert Jenner

• 4 edits in trunk/LayoutTests

Batch add test expectations for Monterey on Open Source
​https://bugs.webkit.org/show_bug.cgi?id=228200

Unreviewed test gardening.

• platform/mac-wk1/TestExpectations:
• platform/mac-wk2/TestExpectations:
• platform/mac/TestExpectations:

3:48 PM Changeset in webkit [280203] by Brent Fulgham

• 2 edits in trunk/Source/WebKit

REGRESSION (r277873, r280105): [macOS] Correct two sandbox typos (228201)
​https://bugs.webkit.org/show_bug.cgi?id=228201
<rdar://problem/80983916>

Reviewed by Per Arne Vollan.

Correct two typos in the macOS Sandbox (WebContent process).

• WebProcess/com.apple.WebProcess.sb.in:

3:45 PM Changeset in webkit [280202] by beidson@apple.com

• 2 edits in trunk/Source/WebKit

Revert part of r279089 that was done a little bit too early.
<rdar://80663503> and ​https://bugs.webkit.org/show_bug.cgi?id=228174

Reviewed by Chris Dumez.

• Configurations/WebKit.xcconfig:

3:40 PM Changeset in webkit [280201] by mmaxfield@apple.com

• 3 edits
  2 adds in trunk

[Cocoa] ".SF Arabic" should not be able to be looked up by name (because it is dot-prefixed)
​https://bugs.webkit.org/show_bug.cgi?id=228018
<rdar://problem/80691654>

Reviewed by Simon Fraser.

Source/WebCore:

Dot-prefixed font names are not supported. The supported way of using SF Arabic is to use
system-ui with Arabic text. It will fall back to SF Arabic.

Test: fast/text/sf-arabic-lookup-by-name.html

• platform/graphics/cocoa/FontCacheCoreText.cpp:

(WebCore::platformFontLookupWithFamily): Special case this font name, similar to how
we have other special cases for other dot-prefixed fonts. Ideally we would change this
check to just if the leading character is a dot, but that change would be too scary at
this point in the release cycle.

LayoutTests:

• fast/text/sf-arabic-lookup-by-name-expected.html: Added.
• fast/text/sf-arabic-lookup-by-name.html: Added.

3:11 PM Changeset in webkit [280200] by Eric Hutchison

• 2 edits in trunk/LayoutTests

[BigSur Debug] imported/w3c/web-platform-tests/xhr/event-upload-progress-crossorigin.any.worker.html is a flaky failure.
​https://bugs.webkit.org/show_bug.cgi?id=222385.

Unreviewed test gardening.

• platform/mac/TestExpectations:

3:07 PM Changeset in webkit [280199] by ysuzuki@apple.com

• 9 edits
  1 move in trunk/Source/WebCore

Rename AtomicHTMLToken to AtomHTMLToken
​https://bugs.webkit.org/show_bug.cgi?id=228196

Reviewed by Geoffrey Garen.

We should rename AtomicHTMLToken to AtomHTMLToken as we did for AtomString (AtomicString => AtomString).

• WebCore.xcodeproj/project.pbxproj:
• html/parser/AtomHTMLToken.h: Renamed from Source/WebCore/html/parser/AtomicHTMLToken.h.

(WebCore::AtomHTMLToken::AtomHTMLToken):
(WebCore::AtomHTMLToken::type const):
(WebCore::AtomHTMLToken::name const):
(WebCore::AtomHTMLToken::setName):
(WebCore::AtomHTMLToken::selfClosing const):
(WebCore::AtomHTMLToken::attributes):
(WebCore::AtomHTMLToken::attributes const):
(WebCore::AtomHTMLToken::characters const):
(WebCore::AtomHTMLToken::charactersLength const):
(WebCore::AtomHTMLToken::charactersIsAll8BitData const):
(WebCore::AtomHTMLToken::comment const):
(WebCore::AtomHTMLToken::forceQuirks const):
(WebCore::AtomHTMLToken::publicIdentifier const):
(WebCore::AtomHTMLToken::systemIdentifier const):
(WebCore::AtomHTMLToken::initializeAttributes):

• html/parser/HTMLConstructionSite.cpp:

(WebCore::setAttributes):
(WebCore::HTMLConstructionSite::insertHTMLHtmlStartTagBeforeHTML):
(WebCore::HTMLConstructionSite::mergeAttributesFromTokenIntoElement):
(WebCore::HTMLConstructionSite::insertHTMLHtmlStartTagInBody):
(WebCore::HTMLConstructionSite::insertHTMLBodyStartTagInBody):
(WebCore::HTMLConstructionSite::insertDoctype):
(WebCore::HTMLConstructionSite::insertComment):
(WebCore::HTMLConstructionSite::insertCommentOnDocument):
(WebCore::HTMLConstructionSite::insertCommentOnHTMLHtmlElement):
(WebCore::HTMLConstructionSite::insertHTMLHeadElement):
(WebCore::HTMLConstructionSite::insertHTMLBodyElement):
(WebCore::HTMLConstructionSite::insertHTMLFormElement):
(WebCore::HTMLConstructionSite::insertHTMLElement):
(WebCore::HTMLConstructionSite::insertHTMLElementOrFindCustomElementInterface):
(WebCore::HTMLConstructionSite::insertSelfClosingHTMLElement):
(WebCore::HTMLConstructionSite::insertFormattingElement):
(WebCore::HTMLConstructionSite::insertScriptElement):
(WebCore::HTMLConstructionSite::insertForeignElement):
(WebCore::HTMLConstructionSite::createElement):
(WebCore::HTMLConstructionSite::createHTMLElementOrFindCustomElementInterface):
(WebCore::HTMLConstructionSite::createHTMLElement):
(WebCore::HTMLConstructionSite::createElementFromSavedToken):

• html/parser/HTMLConstructionSite.h:
• html/parser/HTMLDocumentParser.cpp:

(WebCore::HTMLDocumentParser::constructTreeFromHTMLToken):

• html/parser/HTMLStackItem.h:

(WebCore::HTMLStackItem::HTMLStackItem):
(WebCore::HTMLStackItem::create):

• html/parser/HTMLTreeBuilder.cpp:

(WebCore::HTMLTreeBuilder::ExternalCharacterTokenBuffer::ExternalCharacterTokenBuffer):
(WebCore::HTMLTreeBuilder::constructTree):
(WebCore::HTMLTreeBuilder::processToken):
(WebCore::HTMLTreeBuilder::processDoctypeToken):
(WebCore::HTMLTreeBuilder::processFakeStartTag):
(WebCore::HTMLTreeBuilder::processFakeEndTag):
(WebCore::HTMLTreeBuilder::processFakePEndTagIfPInButtonScope):
(WebCore::shouldClose):
(WebCore::adjustSVGTagNameCase):
(WebCore::adjustAttributes):
(WebCore::adjustSVGAttributes):
(WebCore::adjustMathMLAttributes):
(WebCore::adjustForeignAttributes):
(WebCore::HTMLTreeBuilder::processStartTagForInBody):
(WebCore::HTMLTreeBuilder::insertGenericHTMLElement):
(WebCore::HTMLTreeBuilder::processTemplateStartTag):
(WebCore::HTMLTreeBuilder::processTemplateEndTag):
(WebCore::HTMLTreeBuilder::processEndOfFileForInTemplateContents):
(WebCore::HTMLTreeBuilder::processStartTagForInTable):
(WebCore::HTMLTreeBuilder::processStartTag):
(WebCore::HTMLTreeBuilder::processHtmlStartTagForInBody):
(WebCore::HTMLTreeBuilder::processBodyEndTagForInBody):
(WebCore::HTMLTreeBuilder::processAnyOtherEndTagForInBody):
(WebCore::HTMLTreeBuilder::callTheAdoptionAgency):
(WebCore::HTMLTreeBuilder::processEndTagForInTableBody):
(WebCore::HTMLTreeBuilder::processEndTagForInRow):
(WebCore::HTMLTreeBuilder::processEndTagForInCell):
(WebCore::HTMLTreeBuilder::processEndTagForInBody):
(WebCore::HTMLTreeBuilder::processEndTagForInTable):
(WebCore::HTMLTreeBuilder::processEndTag):
(WebCore::HTMLTreeBuilder::processComment):
(WebCore::HTMLTreeBuilder::processCharacter):
(WebCore::HTMLTreeBuilder::insertPhoneNumberLink):
(WebCore::HTMLTreeBuilder::processEndOfFile):
(WebCore::HTMLTreeBuilder::defaultForBeforeHTML):
(WebCore::HTMLTreeBuilder::defaultForBeforeHead):
(WebCore::HTMLTreeBuilder::defaultForInHead):
(WebCore::HTMLTreeBuilder::defaultForInHeadNoscript):
(WebCore::HTMLTreeBuilder::defaultForAfterHead):
(WebCore::HTMLTreeBuilder::processStartTagForInHead):
(WebCore::HTMLTreeBuilder::processGenericRCDATAStartTag):
(WebCore::HTMLTreeBuilder::processGenericRawTextStartTag):
(WebCore::HTMLTreeBuilder::processScriptStartTag):
(WebCore::HTMLTreeBuilder::shouldProcessTokenInForeignContent):
(WebCore::hasAttribute):
(WebCore::HTMLTreeBuilder::processTokenInForeignContent):
(WebCore::HTMLTreeBuilder::parseError):

• html/parser/HTMLTreeBuilder.h:
• html/parser/TextDocumentParser.cpp:

(WebCore::TextDocumentParser::insertFakePreElement):

2:37 PM Changeset in webkit [280198] by sbarati@apple.com

• 11 edits
  1 add in trunk

AirStackSlot's uint16_t byte size is too small
​https://bugs.webkit.org/show_bug.cgi?id=228193
<rdar://80888059>

Reviewed by Mark Lam.

JSTests:

• stress/stack-slot-needs-to-use-more-than-uint16.js: Added.

Source/JavaScriptCore:

• b3/B3Procedure.cpp:

(JSC::B3::Procedure::addStackSlot):

• b3/B3Procedure.h:
• b3/air/AirCode.cpp:

(JSC::B3::Air::Code::addStackSlot):

• b3/air/AirCode.h:
• b3/air/AirStackSlot.cpp:

(JSC::B3::Air::StackSlot::StackSlot):

• b3/air/AirStackSlot.h:

(JSC::B3::Air::StackSlot::ensureSize):

• ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::lower):

• ftl/FTLOutput.cpp:

(JSC::FTL::Output::lockedStackSlot):

• ftl/FTLOutput.h:

2:30 PM Changeset in webkit [280197] by Eric Hutchison

• 2 edits in trunk/LayoutTests

[BigSur wk2 arm64] imported/w3c/web-platform-tests/html/cross-origin-opener-policy/header-parsing.https.html is a flaky failure.
​https://bugs.webkit.org/show_bug.cgi?id=228197.

Unreviewwed test gardening.

• platform/mac-wk2/TestExpectations:

1:59 PM Changeset in webkit [280196] by Truitt Savell

• 43 edits
  68 copies
  4 moves
  141 adds
  1 delete in trunk

Migrate Monterey expectations to OpenSource and bump version numbers
​https://bugs.webkit.org/show_bug.cgi?id=228090

Reviewed by Ryan Haddad.

Tools:

• Scripts/webkitpy/port/mac.py:

(MacPort):

• Scripts/webkitpy/port/mac_unittest.py:

(MacTest.test_monterey_baseline_search_path):
(MacTest.test_big_sur_baseline_search_path): Deleted.

LayoutTests:

• TestExpectations:
• media/media-source/content/test-vp8-malformed-header-manifest.json: Renamed from LayoutTests/platform/mac-bigsur/media/media-source/content/test-vp8-malformed-header-manifest.json.
• media/media-source/content/test-vp8-malformed-header.webm: Renamed from LayoutTests/platform/mac-bigsur/media/media-source/content/test-vp8-malformed-header.webm.
• media/media-source/media-source-webm-vp8-malformed-header-expected.txt: Renamed from LayoutTests/platform/mac-bigsur/media/media-source/media-source-webm-vp8-malformed-header-expected.txt.
• media/media-source/media-source-webm-vp8-malformed-header.html: Renamed from LayoutTests/platform/mac-bigsur/media/media-source/media-source-webm-vp8-malformed-header.html.
• media/media-webm-no-duration-expected.txt: Renamed from LayoutTests/platform/mac-bigsur/media/media-webm-no-duration-expected.txt.
• media/media-webm-no-duration.html: Renamed from LayoutTests/platform/mac-bigsur/media/media-webm-no-duration.html.
• platform/mac-bigsur-wk1/editing/mac/attributed-string/anchor-element-expected.txt: Copied from LayoutTests/platform/mac-wk1/editing/mac/attributed-string/anchor-element-expected.txt.
• platform/mac-bigsur-wk1/editing/mac/attributed-string/attrib-string-colors-with-color-filter-expected.txt: Copied from LayoutTests/platform/mac-wk1/editing/mac/attributed-string/attrib-string-colors-with-color-filter-expected.txt.
• platform/mac-bigsur-wk1/editing/mac/attributed-string/attribute-string-for-copy-with-color-filter-expected.txt: Copied from LayoutTests/platform/mac-wk1/editing/mac/attributed-string/attribute-string-for-copy-with-color-filter-expected.txt.
• platform/mac-bigsur-wk1/editing/mac/attributed-string/attributed-string-across-shadow-boundaries-1-expected.txt: Copied from LayoutTests/platform/mac-wk1/editing/mac/attributed-string/attributed-string-across-shadow-boundaries-1-expected.txt.
• platform/mac-bigsur-wk1/editing/mac/attributed-string/attributed-string-across-shadow-boundaries-2-expected.txt: Copied from LayoutTests/platform/mac-wk1/editing/mac/attributed-string/attributed-string-across-shadow-boundaries-2-expected.txt.
• platform/mac-bigsur-wk1/editing/mac/attributed-string/attributed-string-across-shadow-boundaries-3-expected.txt: Copied from LayoutTests/platform/mac-wk1/editing/mac/attributed-string/attributed-string-across-shadow-boundaries-3-expected.txt.
• platform/mac-bigsur-wk1/editing/mac/attributed-string/attributed-string-across-shadow-boundaries-4-expected.txt: Copied from LayoutTests/platform/mac-wk1/editing/mac/attributed-string/attributed-string-across-shadow-boundaries-4-expected.txt.
• platform/mac-bigsur-wk1/editing/mac/attributed-string/attributed-string-across-shadow-boundaries-5-expected.txt: Copied from LayoutTests/platform/mac-wk1/editing/mac/attributed-string/attributed-string-across-shadow-boundaries-5-expected.txt.
• platform/mac-bigsur-wk1/editing/mac/attributed-string/attributed-string-across-shadow-boundaries-with-style-1-expected.txt: Copied from LayoutTests/platform/mac-wk1/editing/mac/attributed-string/attributed-string-across-shadow-boundaries-with-style-1-expected.txt.
• platform/mac-bigsur-wk1/editing/mac/attributed-string/attributed-string-across-shadow-boundaries-with-style-2-expected.txt: Copied from LayoutTests/platform/mac-wk1/editing/mac/attributed-string/attributed-string-across-shadow-boundaries-with-style-2-expected.txt.
• platform/mac-bigsur-wk1/editing/mac/attributed-string/attributed-string-for-typing-expected.txt: Copied from LayoutTests/platform/mac-wk1/editing/mac/attributed-string/attributed-string-for-typing-expected.txt.
• platform/mac-bigsur-wk1/editing/mac/attributed-string/attributed-string-for-typing-with-color-filter-expected.txt: Copied from LayoutTests/platform/mac-wk1/editing/mac/attributed-string/attributed-string-for-typing-with-color-filter-expected.txt.
• platform/mac-bigsur-wk1/editing/mac/attributed-string/basic-expected.txt: Copied from LayoutTests/platform/mac-wk1/editing/mac/attributed-string/basic-expected.txt.
• platform/mac-bigsur-wk1/editing/mac/attributed-string/comment-cdata-section-expected.txt: Copied from LayoutTests/platform/mac-wk1/editing/mac/attributed-string/comment-cdata-section-expected.txt.
• platform/mac-bigsur-wk1/editing/mac/attributed-string/font-size-expected.txt: Copied from LayoutTests/platform/mac-wk1/editing/mac/attributed-string/font-size-expected.txt.
• platform/mac-bigsur-wk1/editing/mac/attributed-string/font-style-variant-effect-expected.txt: Copied from LayoutTests/platform/mac-wk1/editing/mac/attributed-string/font-style-variant-effect-expected.txt.
• platform/mac-bigsur-wk1/editing/mac/attributed-string/font-weight-expected.txt: Copied from LayoutTests/platform/mac-wk1/editing/mac/attributed-string/font-weight-expected.txt.
• platform/mac-bigsur-wk1/editing/mac/attributed-string/letter-spacing-expected.txt: Copied from LayoutTests/platform/mac-wk1/editing/mac/attributed-string/letter-spacing-expected.txt.
• platform/mac-bigsur-wk1/editing/mac/attributed-string/text-decorations-expected.txt: Copied from LayoutTests/platform/mac-wk1/editing/mac/attributed-string/text-decorations-expected.txt.
• platform/mac-bigsur-wk1/editing/mac/attributed-string/vertical-align-expected.txt: Copied from LayoutTests/platform/mac-wk1/editing/mac/attributed-string/vertical-align-expected.txt.
• platform/mac-bigsur-wk1/fast/scrolling/latching/iframe-latch-small-deltas-expected.txt: Copied from LayoutTests/platform/mac-wk1/fast/scrolling/latching/iframe-latch-small-deltas-expected.txt.
• platform/mac-bigsur-wk2/fast/events/contextmenu-lookup-action-for-image-expected.txt: Added.
• platform/mac-bigsur-wk2/http/tests/security/mixedContent/websocket/insecure-websocket-in-iframe-expected.txt: Added.
• platform/mac-bigsur-wk2/http/tests/security/mixedContent/websocket/insecure-websocket-in-main-frame-expected.txt: Added.
• platform/mac-bigsur-wk2/imported/w3c/web-platform-tests/media-source/mediasource-invalid-codec-expected.txt: Added.
• platform/mac-bigsur-wk2/imported/w3c/web-platform-tests/service-workers/service-worker/websocket-in-service-worker.https-expected.txt: Added.
• platform/mac-bigsur-wk2/imported/w3c/web-platform-tests/service-workers/service-worker/websocket.https-expected.txt: Added.
• platform/mac-bigsur-wk2/imported/w3c/web-platform-tests/websockets/Send-65K-data.any-expected.txt: Added.
• platform/mac-bigsur-wk2/imported/w3c/web-platform-tests/websockets/Send-binary-65K-arraybuffer.any-expected.txt: Added.
• platform/mac-bigsur-wk2/imported/w3c/web-platform-tests/websockets/Send-binary-arraybuffer.any-expected.txt: Added.
• platform/mac-bigsur-wk2/imported/w3c/web-platform-tests/websockets/Send-data.any-expected.txt: Added.
• platform/mac-bigsur-wk2/imported/w3c/web-platform-tests/websockets/Send-paired-surrogates.any-expected.txt: Added.
• platform/mac-bigsur-wk2/imported/w3c/web-platform-tests/websockets/basic-auth.any-expected.txt: Added.
• platform/mac-bigsur-wk2/imported/w3c/web-platform-tests/websockets/basic-auth.any.worker-expected.txt: Added.
• platform/mac-bigsur-wk2/imported/w3c/web-platform-tests/websockets/interfaces/WebSocket/bufferedAmount/bufferedAmount-arraybuffer-expected.txt: Added.
• platform/mac-bigsur-wk2/imported/w3c/web-platform-tests/websockets/interfaces/WebSocket/bufferedAmount/bufferedAmount-blob-expected.txt: Added.
• platform/mac-bigsur-wk2/imported/w3c/web-platform-tests/websockets/interfaces/WebSocket/bufferedAmount/bufferedAmount-getting-expected.txt: Added.
• platform/mac-bigsur-wk2/imported/w3c/web-platform-tests/websockets/interfaces/WebSocket/bufferedAmount/bufferedAmount-large-expected.txt: Added.
• platform/mac-bigsur-wk2/imported/w3c/web-platform-tests/websockets/interfaces/WebSocket/bufferedAmount/bufferedAmount-unicode-expected.txt: Added.
• platform/mac-bigsur-wk2/imported/w3c/web-platform-tests/websockets/remove-own-iframe-during-onerror.window-expected.txt: Added.
• platform/mac-bigsur/fast/forms/button-sizes-expected.txt: Copied from LayoutTests/platform/mac/fast/forms/button-sizes-expected.txt.
• platform/mac-bigsur/fast/forms/input-appearance-spinbutton-expected.txt: Copied from LayoutTests/platform/mac/fast/forms/input-appearance-spinbutton-expected.txt.
• platform/mac-bigsur/fast/forms/number/number-appearance-spinbutton-disabled-readonly-expected.txt: Copied from LayoutTests/platform/mac/fast/forms/number/number-appearance-spinbutton-disabled-readonly-expected.txt.
• platform/mac-bigsur/fast/forms/select/optgroup-rendering-expected.txt: Copied from LayoutTests/platform/mac/fast/forms/select/optgroup-rendering-expected.txt.
• platform/mac-bigsur/fast/text/basic/014-expected.txt: Copied from LayoutTests/platform/mac/fast/text/basic/014-expected.txt.
• platform/mac-bigsur/fast/text/capitalize-boundaries-expected.txt: Copied from LayoutTests/platform/mac/fast/text/capitalize-boundaries-expected.txt.
• platform/mac-bigsur/fast/text/hyphenate-avoid-orphaned-word-expected.txt: Copied from LayoutTests/platform/mac/fast/text/hyphenate-avoid-orphaned-word-expected.txt.
• platform/mac-bigsur/fast/text/hyphenate-character-expected.txt: Copied from LayoutTests/platform/mac/fast/text/hyphenate-character-expected.txt.
• platform/mac-bigsur/fast/text/hyphenate-first-word-expected.txt: Copied from LayoutTests/platform/mac/fast/text/hyphenate-first-word-expected.txt.
• platform/mac-bigsur/fast/text/hyphenate-limit-before-after-expected.txt: Copied from LayoutTests/platform/mac/fast/text/hyphenate-limit-before-after-expected.txt.
• platform/mac-bigsur/fast/text/hyphenate-limit-lines-expected.txt: Copied from LayoutTests/platform/mac/fast/text/hyphenate-limit-lines-expected.txt.
• platform/mac-bigsur/fast/text/hyphenate-locale-expected.txt: Copied from LayoutTests/platform/mac/fast/text/hyphenate-locale-expected.txt.
• platform/mac-bigsur/fast/text/hyphens-expected.txt: Copied from LayoutTests/platform/mac/fast/text/hyphens-expected.txt.
• platform/mac-bigsur/fast/text/midword-break-after-breakable-char-expected.txt: Copied from LayoutTests/platform/mac/fast/text/midword-break-after-breakable-char-expected.txt.
• platform/mac-bigsur/inspector/css/get-system-fonts-expected.txt: Added.
• platform/mac-bigsur/media/media-source/mediasource-addsourcebuffer-expected.txt: Added.
• platform/mac-bigsur/media/media-source/mediasource-invalid-codec-expected.txt: Added.
• platform/mac-bigsur/platform/mac/fast/loader/file-url-mimetypes-3-expected.txt: Added.
• platform/mac-bigsur/platform/mac/fast/text/international/Geeza-Pro-vertical-metrics-adjustment-expected.txt: Added.
• platform/mac-catalina-wk1/editing/mac/attributed-string/anchor-element-expected.txt: Copied from LayoutTests/platform/mac-wk1/editing/mac/attributed-string/anchor-element-expected.txt.
• platform/mac-catalina-wk1/editing/mac/attributed-string/attrib-string-colors-with-color-filter-expected.txt: Copied from LayoutTests/platform/mac-wk1/editing/mac/attributed-string/attrib-string-colors-with-color-filter-expected.txt.
• platform/mac-catalina-wk1/editing/mac/attributed-string/attribute-string-for-copy-with-color-filter-expected.txt: Copied from LayoutTests/platform/mac-wk1/editing/mac/attributed-string/attribute-string-for-copy-with-color-filter-expected.txt.
• platform/mac-catalina-wk1/editing/mac/attributed-string/attributed-string-across-shadow-boundaries-1-expected.txt: Copied from LayoutTests/platform/mac-wk1/editing/mac/attributed-string/attributed-string-across-shadow-boundaries-1-expected.txt.
• platform/mac-catalina-wk1/editing/mac/attributed-string/attributed-string-across-shadow-boundaries-2-expected.txt: Copied from LayoutTests/platform/mac-wk1/editing/mac/attributed-string/attributed-string-across-shadow-boundaries-2-expected.txt.
• platform/mac-catalina-wk1/editing/mac/attributed-string/attributed-string-across-shadow-boundaries-3-expected.txt: Copied from LayoutTests/platform/mac-wk1/editing/mac/attributed-string/attributed-string-across-shadow-boundaries-3-expected.txt.
• platform/mac-catalina-wk1/editing/mac/attributed-string/attributed-string-across-shadow-boundaries-4-expected.txt: Copied from LayoutTests/platform/mac-wk1/editing/mac/attributed-string/attributed-string-across-shadow-boundaries-4-expected.txt.
• platform/mac-catalina-wk1/editing/mac/attributed-string/attributed-string-across-shadow-boundaries-5-expected.txt: Copied from LayoutTests/platform/mac-wk1/editing/mac/attributed-string/attributed-string-across-shadow-boundaries-5-expected.txt.
• platform/mac-catalina-wk1/editing/mac/attributed-string/attributed-string-across-shadow-boundaries-with-style-1-expected.txt: Copied from LayoutTests/platform/mac-wk1/editing/mac/attributed-string/attributed-string-across-shadow-boundaries-with-style-1-expected.txt.
• platform/mac-catalina-wk1/editing/mac/attributed-string/attributed-string-across-shadow-boundaries-with-style-2-expected.txt: Copied from LayoutTests/platform/mac-wk1/editing/mac/attributed-string/attributed-string-across-shadow-boundaries-with-style-2-expected.txt.
• platform/mac-catalina-wk1/editing/mac/attributed-string/attributed-string-for-typing-expected.txt: Copied from LayoutTests/platform/mac-wk1/editing/mac/attributed-string/attributed-string-for-typing-expected.txt.
• platform/mac-catalina-wk1/editing/mac/attributed-string/attributed-string-for-typing-with-color-filter-expected.txt: Copied from LayoutTests/platform/mac-wk1/editing/mac/attributed-string/attributed-string-for-typing-with-color-filter-expected.txt.
• platform/mac-catalina-wk1/editing/mac/attributed-string/basic-expected.txt: Copied from LayoutTests/platform/mac-wk1/editing/mac/attributed-string/basic-expected.txt.
• platform/mac-catalina-wk1/editing/mac/attributed-string/comment-cdata-section-expected.txt: Copied from LayoutTests/platform/mac-wk1/editing/mac/attributed-string/comment-cdata-section-expected.txt.
• platform/mac-catalina-wk1/editing/mac/attributed-string/font-size-expected.txt: Copied from LayoutTests/platform/mac-wk1/editing/mac/attributed-string/font-size-expected.txt.
• platform/mac-catalina-wk1/editing/mac/attributed-string/font-style-variant-effect-expected.txt: Copied from LayoutTests/platform/mac-wk1/editing/mac/attributed-string/font-style-variant-effect-expected.txt.
• platform/mac-catalina-wk1/editing/mac/attributed-string/font-weight-expected.txt: Copied from LayoutTests/platform/mac-wk1/editing/mac/attributed-string/font-weight-expected.txt.
• platform/mac-catalina-wk1/editing/mac/attributed-string/letter-spacing-expected.txt: Copied from LayoutTests/platform/mac-wk1/editing/mac/attributed-string/letter-spacing-expected.txt.
• platform/mac-catalina-wk1/editing/mac/attributed-string/text-decorations-expected.txt: Copied from LayoutTests/platform/mac-wk1/editing/mac/attributed-string/text-decorations-expected.txt.
• platform/mac-catalina-wk1/editing/mac/attributed-string/vertical-align-expected.txt: Copied from LayoutTests/platform/mac-wk1/editing/mac/attributed-string/vertical-align-expected.txt.
• platform/mac-catalina-wk1/fast/scrolling/latching/iframe-latch-small-deltas-expected.txt: Copied from LayoutTests/platform/mac-wk1/fast/scrolling/latching/iframe-latch-small-deltas-expected.txt.
• platform/mac-catalina-wk2/fast/events/contextmenu-lookup-action-for-image-expected.txt: Added.
• platform/mac-catalina-wk2/http/tests/security/mixedContent/websocket/insecure-websocket-in-iframe-expected.txt: Added.
• platform/mac-catalina-wk2/http/tests/security/mixedContent/websocket/insecure-websocket-in-main-frame-expected.txt: Added.
• platform/mac-catalina-wk2/imported/w3c/web-platform-tests/media-source/mediasource-invalid-codec-expected.txt: Added.
• platform/mac-catalina-wk2/imported/w3c/web-platform-tests/service-workers/service-worker/websocket-in-service-worker.https-expected.txt: Added.
• platform/mac-catalina-wk2/imported/w3c/web-platform-tests/service-workers/service-worker/websocket.https-expected.txt: Added.
• platform/mac-catalina-wk2/imported/w3c/web-platform-tests/websockets/Send-65K-data.any-expected.txt: Added.
• platform/mac-catalina-wk2/imported/w3c/web-platform-tests/websockets/Send-binary-65K-arraybuffer.any-expected.txt: Added.
• platform/mac-catalina-wk2/imported/w3c/web-platform-tests/websockets/Send-binary-arraybuffer.any-expected.txt: Added.
• platform/mac-catalina-wk2/imported/w3c/web-platform-tests/websockets/Send-data.any-expected.txt: Added.
• platform/mac-catalina-wk2/imported/w3c/web-platform-tests/websockets/Send-paired-surrogates.any-expected.txt: Added.
• platform/mac-catalina-wk2/imported/w3c/web-platform-tests/websockets/basic-auth.any-expected.txt: Added.
• platform/mac-catalina-wk2/imported/w3c/web-platform-tests/websockets/basic-auth.any.worker-expected.txt: Added.
• platform/mac-catalina-wk2/imported/w3c/web-platform-tests/websockets/interfaces/WebSocket/bufferedAmount/bufferedAmount-arraybuffer-expected.txt: Added.
• platform/mac-catalina-wk2/imported/w3c/web-platform-tests/websockets/interfaces/WebSocket/bufferedAmount/bufferedAmount-blob-expected.txt: Added.
• platform/mac-catalina-wk2/imported/w3c/web-platform-tests/websockets/interfaces/WebSocket/bufferedAmount/bufferedAmount-getting-expected.txt: Added.
• platform/mac-catalina-wk2/imported/w3c/web-platform-tests/websockets/interfaces/WebSocket/bufferedAmount/bufferedAmount-large-expected.txt: Added.
• platform/mac-catalina-wk2/imported/w3c/web-platform-tests/websockets/interfaces/WebSocket/bufferedAmount/bufferedAmount-unicode-expected.txt: Added.
• platform/mac-catalina-wk2/imported/w3c/web-platform-tests/websockets/remove-own-iframe-during-onerror.window-expected.txt: Added.
• platform/mac-catalina/fast/text/basic/014-expected.txt: Copied from LayoutTests/platform/mac/fast/text/basic/014-expected.txt.
• platform/mac-catalina/fast/text/capitalize-boundaries-expected.txt: Copied from LayoutTests/platform/mac/fast/text/capitalize-boundaries-expected.txt.
• platform/mac-catalina/fast/text/hyphenate-avoid-orphaned-word-expected.txt: Copied from LayoutTests/platform/mac/fast/text/hyphenate-avoid-orphaned-word-expected.txt.
• platform/mac-catalina/fast/text/hyphenate-character-expected.txt: Copied from LayoutTests/platform/mac/fast/text/hyphenate-character-expected.txt.
• platform/mac-catalina/fast/text/hyphenate-first-word-expected.txt: Copied from LayoutTests/platform/mac/fast/text/hyphenate-first-word-expected.txt.
• platform/mac-catalina/fast/text/hyphenate-limit-before-after-expected.txt: Copied from LayoutTests/platform/mac/fast/text/hyphenate-limit-before-after-expected.txt.
• platform/mac-catalina/fast/text/hyphenate-limit-lines-expected.txt: Copied from LayoutTests/platform/mac/fast/text/hyphenate-limit-lines-expected.txt.
• platform/mac-catalina/fast/text/hyphenate-locale-expected.txt: Copied from LayoutTests/platform/mac/fast/text/hyphenate-locale-expected.txt.
• platform/mac-catalina/fast/text/hyphens-expected.txt: Copied from LayoutTests/platform/mac/fast/text/hyphens-expected.txt.
• platform/mac-catalina/fast/text/midword-break-after-breakable-char-expected.txt: Copied from LayoutTests/platform/mac/fast/text/midword-break-after-breakable-char-expected.txt.
• platform/mac-catalina/imported/w3c/web-platform-tests/media-source/mediasource-addsourcebuffer-expected.txt: Added.
• platform/mac-catalina/imported/w3c/web-platform-tests/media-source/mediasource-invalid-codec-expected.txt: Added.
• platform/mac-catalina/inspector/css/get-system-fonts-expected.txt: Added.
• platform/mac-catalina/platform/mac/fast/loader/file-url-mimetypes-3-expected.txt: Added.
• platform/mac-catalina/platform/mac/fast/text/international/Geeza-Pro-vertical-metrics-adjustment-expected.txt: Added.
• platform/mac-wk1/TestExpectations:
• platform/mac-wk1/editing/mac/attributed-string/anchor-element-expected.txt:
• platform/mac-wk1/editing/mac/attributed-string/attrib-string-colors-with-color-filter-expected.txt:
• platform/mac-wk1/editing/mac/attributed-string/attribute-string-for-copy-with-color-filter-expected.txt:
• platform/mac-wk1/editing/mac/attributed-string/attributed-string-across-shadow-boundaries-1-expected.txt:
• platform/mac-wk1/editing/mac/attributed-string/attributed-string-across-shadow-boundaries-2-expected.txt:
• platform/mac-wk1/editing/mac/attributed-string/attributed-string-across-shadow-boundaries-3-expected.txt:
• platform/mac-wk1/editing/mac/attributed-string/attributed-string-across-shadow-boundaries-4-expected.txt:
• platform/mac-wk1/editing/mac/attributed-string/attributed-string-across-shadow-boundaries-5-expected.txt:
• platform/mac-wk1/editing/mac/attributed-string/attributed-string-across-shadow-boundaries-with-style-1-expected.txt:
• platform/mac-wk1/editing/mac/attributed-string/attributed-string-across-shadow-boundaries-with-style-2-expected.txt:
• platform/mac-wk1/editing/mac/attributed-string/attributed-string-for-typing-expected.txt:
• platform/mac-wk1/editing/mac/attributed-string/attributed-string-for-typing-with-color-filter-expected.txt:
• platform/mac-wk1/editing/mac/attributed-string/basic-expected.txt:
• platform/mac-wk1/editing/mac/attributed-string/comment-cdata-section-expected.txt:
• platform/mac-wk1/editing/mac/attributed-string/font-size-expected.txt:
• platform/mac-wk1/editing/mac/attributed-string/font-style-variant-effect-expected.txt:
• platform/mac-wk1/editing/mac/attributed-string/font-weight-expected.txt:
• platform/mac-wk1/editing/mac/attributed-string/letter-spacing-expected.txt:
• platform/mac-wk1/editing/mac/attributed-string/text-decorations-expected.txt:
• platform/mac-wk1/editing/mac/attributed-string/vertical-align-expected.txt:
• platform/mac-wk1/fast/scrolling/latching/iframe-latch-small-deltas-expected.txt:
• platform/mac-wk2/TestExpectations:
• platform/mac-wk2/fast/events/contextmenu-lookup-action-for-image-expected.txt: Added.
• platform/mac-wk2/http/tests/security/mixedContent/websocket/insecure-websocket-in-iframe-expected.txt: Added.
• platform/mac-wk2/http/tests/security/mixedContent/websocket/insecure-websocket-in-main-frame-expected.txt: Added.
• platform/mac-wk2/imported/w3c/web-platform-tests/media-source/mediasource-invalid-codec-expected.txt: Added.
• platform/mac-wk2/imported/w3c/web-platform-tests/service-workers/service-worker/websocket-in-service-worker.https-expected.txt: Added.
• platform/mac-wk2/imported/w3c/web-platform-tests/service-workers/service-worker/websocket.https-expected.txt: Added.
• platform/mac-wk2/imported/w3c/web-platform-tests/websockets/Send-65K-data.any-expected.txt: Added.
• platform/mac-wk2/imported/w3c/web-platform-tests/websockets/Send-binary-65K-arraybuffer.any-expected.txt: Added.
• platform/mac-wk2/imported/w3c/web-platform-tests/websockets/Send-binary-arraybuffer.any-expected.txt: Added.
• platform/mac-wk2/imported/w3c/web-platform-tests/websockets/Send-data.any-expected.txt: Added.
• platform/mac-wk2/imported/w3c/web-platform-tests/websockets/Send-paired-surrogates.any-expected.txt: Added.
• platform/mac-wk2/imported/w3c/web-platform-tests/websockets/basic-auth.any-expected.txt: Added.
• platform/mac-wk2/imported/w3c/web-platform-tests/websockets/basic-auth.any.worker-expected.txt: Added.
• platform/mac-wk2/imported/w3c/web-platform-tests/websockets/interfaces/WebSocket/bufferedAmount/bufferedAmount-arraybuffer-expected.txt: Added.
• platform/mac-wk2/imported/w3c/web-platform-tests/websockets/interfaces/WebSocket/bufferedAmount/bufferedAmount-blob-expected.txt: Added.
• platform/mac-wk2/imported/w3c/web-platform-tests/websockets/interfaces/WebSocket/bufferedAmount/bufferedAmount-getting-expected.txt: Added.
• platform/mac-wk2/imported/w3c/web-platform-tests/websockets/interfaces/WebSocket/bufferedAmount/bufferedAmount-large-expected.txt: Added.
• platform/mac-wk2/imported/w3c/web-platform-tests/websockets/interfaces/WebSocket/bufferedAmount/bufferedAmount-unicode-expected.txt: Added.
• platform/mac-wk2/imported/w3c/web-platform-tests/websockets/remove-own-iframe-during-onerror.window-expected.txt: Added.
• platform/mac/TestExpectations:
• platform/mac/fast/forms/button-sizes-expected.txt:
• platform/mac/fast/forms/input-appearance-spinbutton-expected.txt:
• platform/mac/fast/forms/number/number-appearance-spinbutton-disabled-readonly-expected.txt:
• platform/mac/fast/forms/select/optgroup-rendering-expected.txt:
• platform/mac/fast/text/basic/014-expected.txt:
• platform/mac/fast/text/capitalize-boundaries-expected.txt:
• platform/mac/fast/text/hyphenate-avoid-orphaned-word-expected.txt:
• platform/mac/fast/text/hyphenate-character-expected.txt:
• platform/mac/fast/text/hyphenate-first-word-expected.txt:
• platform/mac/fast/text/hyphenate-limit-before-after-expected.txt:
• platform/mac/fast/text/hyphenate-limit-lines-expected.txt:
• platform/mac/fast/text/hyphenate-locale-expected.txt:
• platform/mac/fast/text/hyphens-expected.txt:
• platform/mac/fast/text/midword-break-after-breakable-char-expected.txt:
• platform/mac/inspector/css/get-system-fonts-expected.txt: Added.
• platform/mac/media/media-source/media-source-webm-vp8-malformed-header-expected.png: Added.
• platform/mac/platform/mac/fast/loader/file-url-mimetypes-3-expected.txt: Added.

1:05 PM Changeset in webkit [280195] by sbarati@apple.com

• 9 edits in trunk/Source

Fix uses of Dependency::fence with respect to the compiler outsmarting us
​https://bugs.webkit.org/show_bug.cgi?id=227757
<rdar://problem/80280931>

Reviewed by Robin Morisset.

Source/JavaScriptCore:

We were running into issues on arm64 with respect to the memory model
ordering of loads, and how the compiler optimized code around Dependency::fence.
The issue manifested as calls to isMarked incorrectly returning true.

To see the issue, let's consider a program like this:
a = load(p1)
b = load(p2)
if (a != b) return;
d = Dependency::fence(b)

At the point of defining the dependency, the compiler has proven
a == b. So, instead of building the dependency on the register used
for b, we end up using the register for a. So the actual compiled
code ends up with a dependency on load(p1), not load(p2).

To fix this, we end up adding a new API, Dependency::loadEndFence(pointer,
result), which is defined as:

template<typename T>
static Dependency loadAndFence(T* pointer, T& output)
{

T value = *opaque(pointer);
Dependency dependency = Dependency::fence(value);
output = opaque(value);
return dependency;

}

The reason for this is that it split "b" in the above program into two values,
and the "b" the program compares against is not known to the compiler to be
the same value that we build a dependency on.

• heap/MarkedBlock.h:

(JSC::MarkedBlock::aboutToMark):
(JSC::MarkedBlock::isMarked):

• runtime/JSObject.cpp:

(JSC::JSObject::visitButterflyImpl):

• runtime/JSObject.h:

(JSC::JSObject::fencedButterfly):

• runtime/SparseArrayValueMap.cpp:

(JSC::SparseArrayEntry::getConcurrently):
(JSC::SparseArrayEntry::getConcurrently const): Deleted.

• runtime/SparseArrayValueMap.h:
• runtime/Structure.h:

(JSC::Structure::fencedIndexingMode):

• runtime/StructureIDBlob.h:

(JSC::StructureIDBlob::fencedIndexingModeIncludingHistory):

Source/WTF:

• wtf/Atomics.h:

(WTF::opaque):
(WTF::Dependency::loadAndFence):

1:04 PM Changeset in webkit [280194] by ysuzuki@apple.com

• 2 edits in trunk/Source/WTF

Unreviewed, follow-up after r280193
​https://bugs.webkit.org/show_bug.cgi?id=228142

I accidentally reverted auto change when switching branches.

• wtf/text/AtomStringImpl.cpp:

(WTF::UCharBufferTranslator::equal):
(WTF::LCharBufferTranslator::equal):
(WTF::BufferFromStaticDataTranslator::equal):

12:18 PM Changeset in webkit [280193] by ysuzuki@apple.com

• 17 edits in trunk

Micro-optimize innerHTML
​https://bugs.webkit.org/show_bug.cgi?id=228142

Reviewed by Simon Fraser.

Source/WebCore:

No behavior change.

This patch does some micro optimizations revealed by the profiler when running some of Speedometer2 tests which intensively use innerHTML.
This offers improvement in jQuery-TodoMVC and Vanilla-ES2015-Babel-Webpack-TodoMVC since both are super innerHTML heavy benchmarks.

---

| subtest | ms | ms | b / a | pValue (significance using False Discovery Rate) |

---

| Elm-TodoMVC |126.862500 |126.687500 |0.998621 | 0.673462 |
| VueJS-TodoMVC |27.775000 |27.645833 |0.995350 | 0.741588 |
| EmberJS-TodoMVC |129.350000 |129.129167 |0.998293 | 0.624196 |
| BackboneJS-TodoMVC |51.129167 |51.204167 |1.001467 | 0.716622 |
| Preact-TodoMVC |21.870833 |21.337500 |0.975614 | 0.217771 |
| AngularJS-TodoMVC |139.854167 |140.266667 |1.002950 | 0.489838 |
| Vanilla-ES2015-TodoMVC |69.229167 |68.895833 |0.995185 | 0.238772 |
| Inferno-TodoMVC |68.391667 |68.266667 |0.998172 | 0.762281 |
| Flight-TodoMVC |77.979167 |78.166667 |1.002404 | 0.710324 |
| Angular2-TypeScript-TodoMVC |39.741667 |39.966667 |1.005662 | 0.524123 |
| VanillaJS-TodoMVC |55.416667 |55.512500 |1.001729 | 0.781447 |
| jQuery-TodoMVC |268.812500 |266.966667 |0.993133 | 0.003384 (significant) |
| EmberJS-Debug-TodoMVC |345.383333 |345.662500 |1.000808 | 0.695259 |
| React-TodoMVC |90.679167 |90.179167 |0.994486 | 0.067477 |
| React-Redux-TodoMVC |152.691667 |152.687500 |0.999973 | 0.991207 |
| Vanilla-ES2015-Babel-Webpack-TodoMVC |66.487500 |65.729167 |0.988594 | 0.000118 (significant) |

---

a mean = 242.12319
b mean = 242.80485
pValue = 0.1992654128
(Bigger means are better.)
1.003 times better
Results ARE NOT significant

• html/parser/HTMLConstructionSite.cpp:

(WebCore::HTMLConstructionSite::insertTextNode):

• html/parser/HTMLConstructionSite.h:
• html/parser/HTMLDocumentParser.cpp:

(WebCore::HTMLDocumentParser::pumpTokenizerLoop): We do not need to call shrinkToBestFit in fragment parsing case since
we will discard HTMLToken soon.

• html/parser/HTMLMetaCharsetParser.cpp:

(WebCore::HTMLMetaCharsetParser::checkForMetaCharset):

• html/parser/HTMLPreloadScanner.cpp:

(WebCore::HTMLPreloadScanner::scan):

• html/parser/HTMLToken.h:

(WebCore::HTMLToken::clear): We found that these clear calls cause performance problem according to the Instruments: we
repeatedly use this Vector, and we repeatedly allocate and deallocate this Vector unnecessarily. We use resize(0) instead
to avoid this allocation and deallocation.
(WebCore::HTMLToken::shrinkToBestFit): But HTMLToken is kept so long, so at some point, we would like to make backing storage
small. So, we add shrinkToBestFit and we call it only after finishing batching of HTMLToken processing.
(WebCore::HTMLToken::beginStartTag):
(WebCore::HTMLToken::beginEndTag):

• html/parser/HTMLTokenizer.h:

(WebCore::HTMLTokenizer::shrinkToBestFit):

• html/parser/HTMLTreeBuilder.cpp:

(WebCore::HTMLTreeBuilder::ExternalCharacterTokenBuffer::characterPredicate):
(WebCore::HTMLTreeBuilder::insertPhoneNumberLink):
(WebCore::HTMLTreeBuilder::linkifyPhoneNumbers):
(WebCore::HTMLTreeBuilder::processCharacterBuffer):
(WebCore::HTMLTreeBuilder::processCharacterBufferForInBody):
(WebCore::HTMLTreeBuilder::defaultForInTableText):
(WebCore::HTMLTreeBuilder::processTokenInForeignContent):
(WebCore::HTMLTreeBuilder::processFakeCharacters): Deleted. It is dead code before this patch.

• html/parser/HTMLTreeBuilder.h:

Source/WTF:

• wtf/Vector.h:

(WTF::Malloc>::shrinkToBestFit): This shrinks the backing storage to "appropriate for the living Vector".

• wtf/text/AtomStringImpl.cpp:

(WTF::UCharBufferTranslator::equal): WTF::equal for String does not check hash. This is because computing hash is expensive
and we would like to avoid that if it is not necessary. But when inserting string into AtomStringTable, we can use hash value
since they must be already computed because of HashMap's requirement. So let's use it before calling WTF::equal.
(WTF::LCharBufferTranslator::equal):
(WTF::BufferFromStaticDataTranslator::equal):

• wtf/text/StringView.h:

(WTF::StringView::stripLeadingMatchedCharacters): Add this and use it in HTMLTreeBuilder.

Tools:

• TestWebKitAPI/Tests/WTF/StringView.cpp:

(TestWebKitAPI::TEST):

• TestWebKitAPI/Tests/WTF/Vector.cpp:

(TestWebKitAPI::TEST):

12:13 PM Changeset in webkit [280192] by Ayumi Kojima

• 2 edits in trunk/LayoutTests

REGRESSION: [iOS] ASSERTION FAILED: !m_messageReceiverMapCount under WebKit::RemoteAudioHardwareListener::~RemoteAudioHardwareListener().
​https://bugs.webkit.org/show_bug.cgi?id=228038

Unreviewed test gardening.

• platform/ios-wk2/TestExpectations:

12:12 PM Changeset in webkit [280191] by keith_miller@apple.com

• 3 edits in trunk/Source/JavaScriptCore

useProfiler option should automatically disable concurrent JIT
​https://bugs.webkit.org/show_bug.cgi?id=228152

Reviewed by Saam Barati.

The bytecode profiler is not thread safe so we should have
recomputeDependentOptions() disable concurrent JIT. Also, fix the
jsc CLI to set the useProfiler option rather than have its own
state. Note, we call Options::setOption() rather than setting the
Options::useProfiler() option directly as setOption calls
recomputeDependentOptions() for us.

• jsc.cpp:

(CommandLine::parseArguments):
(runJSC):

• runtime/Options.cpp:

(JSC::Options::recomputeDependentOptions):
(JSC::Options::ensureOptionsAreCoherent):

12:00 PM Changeset in webkit [280190] by Wenson Hsieh

• 3 edits in trunk/Source/WebCore

Rename EventHandler::m_textRecognitionHoverTimerFired()
​https://bugs.webkit.org/show_bug.cgi?id=228183
rdar://78933684

Reviewed by Tim Horton.

When upstreaming support for Live Text in WebKit, I accidentally renamed the method
imageExtractionTimerFired() to m_textRecognitionHoverTimerFired().

• page/EventHandler.cpp:

(WebCore::EventHandler::EventHandler):
(WebCore::EventHandler::textRecognitionHoverTimerFired):
(WebCore::EventHandler::m_textRecognitionHoverTimerFired): Deleted.

• page/EventHandler.h:

11:26 AM Changeset in webkit [280189] by Eric Hutchison

• 2 edits in trunk/LayoutTests

[Mac wk2] http/tests/media/hls/hls-webvtt-seek-backwards.html is a flaky timeout.
​https://bugs.webkit.org/show_bug.cgi?id=228189.

Unreviewed test gardening.

• platform/mac-wk2/TestExpectations:

11:18 AM Changeset in webkit [280188] by Russell Epstein

• 1 copy in tags/Safari-612.1.24.11.1

Tag Safari-612.1.24.11.1.

11:10 AM Changeset in webkit [280187] by Russell Epstein

• 7 edits in branches/safari-612.1.24.11-branch/Source/JavaScriptCore

Cherry-pick r280066. rdar://problem/80851562

[JSC] StructureStubInfo's m_identifier should follow to the same protocol of inlineAccessBaseStructure
​https://bugs.webkit.org/show_bug.cgi?id=228092

Reviewed by Saam Barati.

In r279813, we fixed a race condition related to inlineAccessBaseStructure: while we clear inlineAccessBaseStructure,
we still run code relying on this field's value until stub version of the code is generated. As a result,
we run the code which relies on the cells that are already collected. And we have the same problem with
m_identifier field too. This patch makes m_identifier follow to the same protocol of inlineAccessBaseStructure
so that we fix this race issue too: both fields will be alive until we switch to the code that are not relying on these
fields.

We also make inlineAccessBaseStructure to m_inlineAccessBaseStructure to easily find that this is member field.
And we also use setWithoutWriteBarrier for m_inlineAccessBaseStructure since we emit codeBlock->vm().heap.writeBarrier(codeBlock)
immediately after that.

• bytecode/AccessCase.cpp: (JSC::AccessCase::fromStructureStubInfo):
• bytecode/GetByStatus.cpp: (JSC::GetByStatus::computeForStubInfoWithoutExitSiteFeedback):
• bytecode/InByStatus.cpp: (JSC::InByStatus::computeForStubInfoWithoutExitSiteFeedback):
• bytecode/PutByIdStatus.cpp: (JSC::PutByIdStatus::computeForStubInfo):
• bytecode/StructureStubInfo.cpp: (JSC::StructureStubInfo::initGetByIdSelf): (JSC::StructureStubInfo::initArrayLength): (JSC::StructureStubInfo::initStringLength): (JSC::StructureStubInfo::initPutByIdReplace): (JSC::StructureStubInfo::initInByIdSelf): (JSC::StructureStubInfo::addAccessCase): (JSC::StructureStubInfo::reset): (JSC::StructureStubInfo::visitAggregateImpl): (JSC::StructureStubInfo::visitWeakReferences): (JSC::StructureStubInfo::propagateTransitions): (JSC::StructureStubInfo::setCacheType): Deleted.
• bytecode/StructureStubInfo.h:

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@280066 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:10 AM Changeset in webkit [280186] by Russell Epstein

• 7 edits
  1 add in branches/safari-612.1.24.11-branch

Cherry-pick r280050. rdar://problem/80851606

[JSC] InByStatus / InByVariant should visit CacheableIdentifier
​https://bugs.webkit.org/show_bug.cgi?id=228088
rdar://80794604

Reviewed by Mark Lam.

JSTests:

• stress/in-by-variant-should-mark-cacheable-identifier.js: Added. (foo): (let.handler.has):

Source/JavaScriptCore:

After r278445, InByVariant holds CacheableIdentifier. And this can have
String/Symbol cells if this variant is generated by in_by_val. In that
case, we must visit this cell as GetByStatus / GetByVariant are doing.

• bytecode/InByStatus.cpp: (JSC::InByStatus::visitAggregateImpl):
• bytecode/InByStatus.h:
• bytecode/InByVariant.cpp: (JSC::InByVariant::visitAggregateImpl):
• bytecode/InByVariant.h:
• bytecode/RecordedStatuses.cpp: (JSC::RecordedStatuses::visitAggregateImpl):

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@280050 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:10 AM Changeset in webkit [280185] by Russell Epstein

• 2 edits in branches/safari-612.1.24.11-branch/Source/WebKit

Cherry-pick r280001. rdar://problem/80788656

macOS Safari network sessions not being marked as being from a browser
​https://bugs.webkit.org/show_bug.cgi?id=228028
<rdar://problem/80648664>

Reviewed by Brent Fulgham.

Move WebKitAdditions to open source to communicate full web browser
status to the networking stack. In the macOS case, we don't have
a full browser entitlement, so we should check for Safari.

• NetworkProcess/cocoa/NetworkSessionCocoa.mm: (WebKit::SessionWrapper::initialize): The name com.apple.WebKit.InAppBrowser is not the most accurate name, but changing it would require syncing with other parts of the network stack. We should do this in a separate bug.

git-svn-id: ​https://svn.webkit.org/repository/webkit/trunk@280001 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:06 AM Changeset in webkit [280184] by Russell Epstein

• 8 edits in branches/safari-612.1.24.11-branch/Source

Versioning.

WebKit-7612.1.24.11.1

11:04 AM Changeset in webkit [280183] by timothy_horton@apple.com

• 2 edits in trunk/Source/WebKit

REGRESSION (r279992): Crashes under RemoteLayerBackingStore::applyBackingStoreToLayer() in macCatalyst
​https://bugs.webkit.org/show_bug.cgi?id=228181
rdar://80923581

Reviewed by Dan Bates.

• Shared/RemoteLayerTree/RemoteLayerBackingStore.mm:

(WebKit::RemoteLayerBackingStore::applyBackingStoreToLayer):
r279992 reorganized this code to determine the contents object and then
set it on the layer, instead of setting it directly; this means that the
lifetime of the contents object must be extended.

Interestingly, the common case (the CAMachPort case), as well as the
case I was actually adding in r279992 both were safe, because of the use
of autorelease. (macCatalyst uses IOSurface as layer contents directly,
without CAMachPort, so uses the one path that r279992 broke).

It is unnecessary to use autorelease; instead just store the contents
object in a RetainPtr until it is set.

10:53 AM Changeset in webkit [280182] by Russell Epstein

• 1 copy in branches/safari-612.1.24.11-branch

New branch.

10:44 AM Changeset in webkit [280181] by commit-queue@webkit.org

• 10 edits in trunk

XHR.send(Document) should replace mismatched surrogates with replacement character before sending
​https://bugs.webkit.org/show_bug.cgi?id=228170

Patch by Alex Christensen <​achristensen@webkit.org> on 2021-07-22
Reviewed by Chris Dumez.

LayoutTests/imported/w3c:

• web-platform-tests/xhr/send-entity-body-document-bogus-expected.txt:

Source/WebCore:

This matches the behavior of Chrome and Firefox.
Covered by a newly passing WPT test.

• bindings/js/JSDOMConvertStrings.cpp:

(WebCore::identifierToUSVString):
(WebCore::valueToUSVString):
(WebCore::stringToUSVString): Deleted.

• bindings/js/JSDOMConvertStrings.h:
• css/parser/CSSTokenizer.cpp:

(WebCore::preprocessString):

• xml/XMLHttpRequest.cpp:

(WebCore::XMLHttpRequest::send):

Source/WTF:

• wtf/text/WTFString.cpp:

(WTF::replaceUnpairedSurrogatesWithReplacementCharacter):

• wtf/text/WTFString.h:

Move from WebCore, rename as suggested, update spec link to one that works.

10:28 AM Changeset in webkit [280180] by Peng Liu

• 2 edits in trunk/Tools

[ BigSur Debug ] TestWebKitAPI.GPUProcess.CrashWhilePlayingAudioViaCreateMediaElementSource is flaky, hitting ASSERTION FAILED: !isInRoutingArbitrationForToken(token)
​https://bugs.webkit.org/show_bug.cgi?id=227728

Unreviewed API test gardening.

• TestWebKitAPI/Tests/WebKitCocoa/GPUProcess.mm:

(TEST):

10:18 AM Changeset in webkit [280179] by vjaquez@igalia.com

• 3 edits in trunk/Source/WebCore

Compilation error with gcc version 9.3.0 (Buildroot 2020.08-14-ge5a2a90)
​https://bugs.webkit.org/show_bug.cgi?id=228184

Reviewed by Chris Dumez.

Turn destructors into virtual ones for RTCRtpReceiver and RTCRtpSender.

It seems that gcc doesn't create a virtual table for these classes, while clang does. That
would the cause, when compiling clang, ImplementationLacksVTable is not needed in the IDL
file. The approach for this fix to force the virtual table creation by turning destructors
into virtual.

No new tests needed.

• Modules/mediastream/RTCRtpReceiver.h:
• Modules/mediastream/RTCRtpSender.h:

10:07 AM Changeset in webkit [280178] by Megan Gardner

• 11 edits in trunk/Source

Avoid Quick Note overlay when scrolling to show a highlight
​https://bugs.webkit.org/show_bug.cgi?id=228172

Reviewed by Wenson Hsieh and Tim Horton.

When scrolling to show the selected highlight after clicking on one in the QuickNote overlay,
make sure to avoid the Quick Note overlay, so that the user can actually see the highlight.
This required calculating more information about the selection rect for iOS, and also piping through
information to have the selection rect be the entire rect, rather that just the caret and the end of selection.

Source/WebCore:

• Modules/highlight/AppHighlightStorage.cpp:

(WebCore::AppHighlightStorage::attemptToRestoreHighlightAndScroll):

• editing/Editor.cpp:

(WebCore::TemporarySelectionChange::setSelection):

• editing/Editor.h:
• editing/FrameSelection.cpp:

(WebCore::FrameSelection::setSelection):
(WebCore::FrameSelection::updateAndRevealSelection):
(WebCore::FrameSelection::selectionBounds const):

• editing/FrameSelection.h:

Source/WebKit:

• Platform/spi/Cocoa/SynapseSPI.h:
• UIProcess/API/ios/WKWebViewIOS.mm:

(-[WKWebView adjustScrollRect:]):
(-[WKWebView _scrollToRect:origin:minimumScrollDistance:]):

• UIProcess/Cocoa/WebPageProxyCocoa.mm:

(WebKit::WebPageProxy::appHighlightsNoteOverlayRect):

• UIProcess/WebPageProxy.h:

9:56 AM Changeset in webkit [280177] by Russell Epstein

• 1 copy in branches/safari-612.1.25-branch

New branch.

9:49 AM Changeset in webkit [280176] by sihui_liu@apple.com

• 17 edits
  3 deletes in trunk

[macOS Debug] Layout Test imported/w3c/web-platform-tests/IndexedDB/open-request-queue.html is a flaky timeout.
​https://bugs.webkit.org/show_bug.cgi?id=172044

Reviewed by Chris Dumez.

LayoutTests/imported/w3c:

• web-platform-tests/IndexedDB/open-request-queue-expected.txt:

Source/WebCore:

We used to start handling delete request when there is still open request in flight. We should start a request
after previous requests are done, to match spec (​https://www.w3.org/TR/IndexedDB/#delete-a-database) and other
browsers' behavior.

Updated and rebaselined existing tests.

• Modules/indexeddb/server/UniqueIDBDatabase.cpp:

(WebCore::IDBServer::UniqueIDBDatabase::handleDatabaseOperations):
(WebCore::IDBServer::UniqueIDBDatabase::startVersionChangeTransaction):

LayoutTests:

• platform/mac-wk1/TestExpectations:
• platform/mac-wk2/TestExpectations:
• storage/indexeddb/delete-in-upgradeneeded-close-in-open-success-expected.txt:
• storage/indexeddb/delete-in-upgradeneeded-close-in-open-success-private-expected.txt:
• storage/indexeddb/delete-in-upgradeneeded-close-in-versionchange-expected.txt:
• storage/indexeddb/delete-in-upgradeneeded-close-in-versionchange-private-expected.txt:
• storage/indexeddb/deletedatabase-delayed-by-open-and-versionchange-expected.txt:
• storage/indexeddb/deletedatabase-delayed-by-open-and-versionchange-private-expected.txt:
• storage/indexeddb/deletedatabase-delayed-by-open-and-versionchange-workers-expected.txt:
• storage/indexeddb/intversion-long-queue-expected.txt:
• storage/indexeddb/intversion-long-queue-private-expected.txt:
• storage/indexeddb/modern/deletedatabase-2-private.html: Removed. This test checks if a delete request is

started when there are ongoing open requests. We are removing this behavior to match spec so we don't need to
keep the test.

• storage/indexeddb/modern/deletedatabase-2.html: Removed. Ditto.
• storage/indexeddb/modern/resources/deletedatabase-2.js: Removed. Ditto.
• storage/indexeddb/resources/delete-in-upgradeneeded-close-in-open-success.js:

(versionChangeCallback):
(deleteBlockedCallback):

• storage/indexeddb/resources/delete-in-upgradeneeded-close-in-versionchange.js:

(initiallyDeleted):

• storage/indexeddb/resources/deletedatabase-delayed-by-open-and-versionchange.js:

(onOpenSuccess):

9:37 AM Changeset in webkit [280175] by Alan Bujtas

• 3 edits
  2 adds in trunk

REGRESSION(r269745) Google Developers maps does not fully load
​https://bugs.webkit.org/show_bug.cgi?id=228182
<rdar://79787819>

Reviewed by Antti Koivisto.

Source/WebCore:

IFC integration does not support cases when the inline level element stretches as the containing block size changes.
This should include both percent and calc width/height values.

Test: fast/inline/incorrect-sizing-with-calc.html

• layout/integration/LayoutIntegrationCoverage.cpp:

(WebCore::LayoutIntegration::canUseForChild):

LayoutTests:

• fast/inline/incorrect-sizing-with-calc-expected.html: Added.
• fast/inline/incorrect-sizing-with-calc.html: Added.

9:27 AM Changeset in webkit [280174] by commit-queue@webkit.org

• 9 edits in trunk

nullptr crash in ApplyStyleCommand::applyRelativeFontStyleChange
​https://bugs.webkit.org/show_bug.cgi?id=223974

Patch by Frédéric Wang <​fwang@igalia.com> on 2021-07-22
Reviewed by Darin Adler.

Source/WebCore:

WebCore::documentOrder does not handle well elements like <summary> that contains a
shadow substree. This is causing assertion failures in debug build when setting start/end
selection and nullptr crashes in release build when trying to browse selection between these
start and end nodes. This patch fixes that issue by switching to shadow including tree order
for these particular cases. It introduces a generic treeOrder<TreeType>(a, b) function that
can be used for TreeType = ShadowIncludingTree as well as by WebCore::documentOrder.

• dom/Node.cpp: Explicitly instantiate commonInclusiveAncestor<ShadowIncludingTree> so that it can be used

by WebCore::treeOrder.

• dom/Position.cpp: Explicitly instantiate templates.

(WebCore::treeOrder): Convert documentOrder to a template parametrized by TreeType.
(WebCore::documentOrder): Implement it with treeOrder<ComposedTree>.

• dom/Position.h: Delcare new template.
• editing/ApplyStyleCommand.cpp:

(WebCore::ApplyStyleCommand::updateStartEnd): Use treeOrder<ShadowIncludingTree>.
(WebCore::ApplyStyleCommand::removeInlineStyle): Ditto.

• editing/VisiblePosition.cpp:

(WebCore::documentOrder): Use treeOrder<ShadowIncludingTree>.

• editing/VisibleSelection.cpp:

(WebCore::VisibleSelection::setBaseAndExtentToDeepEquivalents): Use treeOrder<ShadowIncludingTree>.
(WebCore::VisibleSelection::setWithoutValidation): Ditto.

Tools:

• TestWebKitAPI/Tests/WebCore/DocumentOrder.cpp: Update FIXME.

4:48 AM Changeset in webkit [280173] by commit-queue@webkit.org

• 3 edits in trunk/Source/WTF

Add CPU(RISCV64)
​https://bugs.webkit.org/show_bug.cgi?id=228178

Patch by Zan Dobersek <​zdobersek@igalia.com> on 2021-07-22
Reviewed by Adrian Perez de Castro.

Detect when compiling for the RISC-V 64-bit architecture and define
the WTF_CPU_RISCV64 macro under that condition, enabling use of
CPU(RISCV64) build guards.

• wtf/PageBlock.h: Use 4 kB as the page size ceiling for CPU(RISCV64).
• wtf/PlatformCPU.h:

3:54 AM Changeset in webkit [280172] by Philippe Normand

• 16 edits in trunk

[GLib] Expose API to access/modify capture devices states
​https://bugs.webkit.org/show_bug.cgi?id=227902

Reviewed by Carlos Garcia Campos.

Source/WebKit:

Introduce new GLib API (and corresponding GObject properties):

webkit_web_view_get_camera_capture_state
webkit_web_view_get_microphone_capture_state
webkit_web_view_set_camera_capture_state
webkit_web_view_set_microphone_capture_state
webkit_web_view_get_display_capture_state
webkit_web_view_set_display_capture_state
webkit_user_media_permission_is_for_display_device

This can be useful in Web browsers willing to indicate the status of the capture devices
currently in use by the WebView.

Covered by API tests.

• UIProcess/API/glib/WebKitUIClient.cpp:
• UIProcess/API/glib/WebKitUserMediaPermissionRequest.cpp:

(webkit_user_media_permission_is_for_display_device):

• UIProcess/API/glib/WebKitWebView.cpp:

(webkitWebViewMediaCaptureStateDidChange):
(webkitWebViewSetProperty):
(webkitWebViewGetProperty):
(webkit_web_view_class_init):
(webkitWebViewConfigureMediaCapture):
(webkit_web_view_get_camera_capture_state):
(webkit_web_view_set_camera_capture_state):
(webkit_web_view_get_microphone_capture_state):
(webkit_web_view_set_microphone_capture_state):
(webkit_web_view_get_display_capture_state):
(webkit_web_view_set_display_capture_state):

• UIProcess/API/glib/WebKitWebViewPrivate.h:
• UIProcess/API/gtk/WebKitUserMediaPermissionRequest.h:
• UIProcess/API/gtk/WebKitWebView.h:
• UIProcess/API/gtk/docs/webkit2gtk-4.0-sections.txt:
• UIProcess/API/wpe/WebKitUserMediaPermissionRequest.h:
• UIProcess/API/wpe/WebKitWebView.h:
• UIProcess/API/wpe/docs/wpe-1.0-sections.txt:

Tools:

The GTK MiniBrowser is now able to show media capture indicators, through the URI entry. A
new API test was added, checking support for getDisplayMedia().

• MiniBrowser/gtk/BrowserTab.c:

(decidePermissionRequest):

• MiniBrowser/gtk/BrowserWindow.c:

(webViewMediaCaptureStateChanged):
(webViewUriEntryIconPressed):
(browserWindowSwitchTab):

• TestWebKitAPI/Tests/WebKitGLib/TestUIClient.cpp:

(testWebViewUserMediaPermissionRequests):
(testWebViewAudioOnlyUserMediaPermissionRequests):
(testWebViewDisplayUserMediaPermissionRequests):
(beforeAll):

• TestWebKitAPI/glib/WebKitGLib/WebViewTest.cpp:

(displayCaptureChanged):
(WebViewTest::waitUntilDisplayCaptureStateChangedTo):
(microphoneCaptureChanged):
(WebViewTest::waitUntilMicrophoneCaptureStateChangedTo):
(cameraCaptureChanged):
(WebViewTest::waitUntilCameraCaptureStateChangedTo):

• TestWebKitAPI/glib/WebKitGLib/WebViewTest.h:
• flatpak/flatpakutils.py:

(WebkitFlatpak.run_in_sandbox):

2:00 AM Changeset in webkit [280171] by Martin Robinson

• 15 edits in trunk/Source

[css-scroll-snap] Pass the full target point when selecting a snap offset
​https://bugs.webkit.org/show_bug.cgi?id=228023

Reviewed by Frédéric Wang.

Source/WebCore:

Pass the full proposed destination scroll offset when calling closestSnapOffset. For
now, only the component in the scroll direction is used, but eventually the other
component will be used to avoid snapping to snap areas that are entirely off the screen.

No new tests. This change is simply a refactor in preparation for a behavior
change and shouldn't change behavior itself.

• page/scrolling/ScrollSnapOffsetsInfo.cpp:

(WebCore::closestSnapOffsetWithInfoAndAxis):
(WebCore::LayoutScrollSnapOffsetsInfo::closestSnapOffset const):
(WebCore::FloatScrollSnapOffsetsInfo::closestSnapOffset const):

• page/scrolling/ScrollSnapOffsetsInfo.h:
• page/scrolling/nicosia/ScrollingTreeScrollingNodeDelegateNicosia.cpp:

(WebCore::ScrollingTreeScrollingNodeDelegateNicosia::handleWheelEvent):

• platform/ScrollAnimator.cpp:

(WebCore::ScrollAnimator::scroll):
(WebCore::ScrollAnimator::adjustScrollOffsetForSnappingIfNeeded):

• platform/ScrollAnimator.h:
• platform/ScrollController.cpp:

(WebCore::ScrollController::setNearestScrollSnapIndexForAxisAndOffset):
(WebCore::ScrollController::adjustScrollDestination):
(WebCore::ScrollController::updateActiveScrollSnapIndexForClientOffset):
(WebCore::ScrollController::resnapAfterLayout):

• platform/ScrollController.h:
• platform/ScrollSnapAnimatorState.cpp:

(WebCore::ScrollSnapAnimatorState::setupAnimationForState):
(WebCore::ScrollSnapAnimatorState::targetOffsetForStartOffset const):

• platform/ScrollSnapAnimatorState.h:
• platform/ScrollableArea.cpp:

(WebCore::ScrollableArea::doPostThumbMoveSnapping):

Source/WebKit:

• UIProcess/RemoteLayerTree/RemoteScrollingCoordinatorProxy.h:
• UIProcess/RemoteLayerTree/ios/RemoteScrollingCoordinatorProxyIOS.mm:

(WebKit::RemoteScrollingCoordinatorProxy::adjustTargetContentOffsetForSnapping):
(WebKit::RemoteScrollingCoordinatorProxy::closestSnapOffsetForMainFrameScrolling const):

• UIProcess/RemoteLayerTree/ios/ScrollingTreeScrollingNodeDelegateIOS.mm:

(-[WKScrollingNodeScrollViewDelegate scrollViewWillEndDragging:withVelocity:targetContentOffset:]):