Timeline



Jul 27, 2021:

11:19 PM Changeset in webkit [280377] by Robert Jenner
  • 1 edit
    1 delete in trunk/LayoutTests

[LayoutTests] Delete unused LayoutTests/fullscreen resources
https://bugs.webkit.org/show_bug.cgi?id=226831

Reviewed by Alex Christensen.

Removing un-used resoruces after php tests were converted to Python.

  • fullscreen/resources/not-allowed.html: Removed.
10:55 PM Changeset in webkit [280376] by jh718.park@samsung.com
  • 2 edits in trunk/Source/WebCore

Unreviewed. Remove the build warning below since r280332.
warning: redundant move in return statement [-Wredundant-move]

No new tests, no new behaviors.

  • html/DOMFormData.cpp:

(WebCore::DOMFormData::create):

9:35 PM Changeset in webkit [280375] by sihui_liu@apple.com
  • 8 edits in trunk/LayoutTests

Update platform specific TestExpectations for imported IndexedDB tests
https://bugs.webkit.org/show_bug.cgi?id=228241

Reviewed by Alex Christensen.

Update LayoutTests/TestExpectations based on latest test results as we have fixed some existing issues, and
these tests should not fail now.

  • platform/ios-device/TestExpectations:
  • platform/ios-simulator-wk2/TestExpectations:
  • platform/ios-wk2/TestExpectations:
  • platform/ios/TestExpectations:
  • platform/mac-wk1/TestExpectations:
  • platform/mac-wk2/TestExpectations:
  • platform/mac/TestExpectations:
8:56 PM Changeset in webkit [280374] by Devin Rousso
  • 19 edits
    2 adds in trunk

[Modern Media Controls] [macOS] Overflow button still shows as on even after contextmenu is dismissed
https://bugs.webkit.org/show_bug.cgi?id=228310
<rdar://problem/81124786>

Reviewed by Wenson Hsieh.

Source/WebCore:

Test: media/modern-media-controls/overflow-support/button-state.html

  • page/ContextMenuController.h:
  • page/ContextMenuController.cpp:

(WebCore::ContextMenuController::didDismissContextMenu): Added.

  • page/ContextMenuProvider.h:

(WebCore::ContextMenuProvider::didDismissContextMenu): Added.
Add plumbing from WebKit to the ContextMenuProvider for when the contextmenu is dismissed.

  • Modules/mediacontrols/MediaControlsHost.cpp:

(WebCore::MediaControlsContextMenuProvider::didDismissContextMenu): Added.
When the contextmenu is dismissed, invoke the callback provided to MediaControlsHost::showMediaControlsContextMenu
as that's the signal to the MediaController that the contextmenu interaction is over,
which adjusts the on state of the Button.

Source/WebKit:

Pipe along the -[NSMenuDelegate menuDidClose:] signal to the WebProcess so the WebCore::ContextMenuProvider
can handle it if needed.

  • UIProcess/WebContextMenuProxy.cpp:

(WebKit::WebContextMenuProxy::useContextMenuItems):

  • UIProcess/mac/WebContextMenuProxyMac.mm:

(-[WKMenuDelegate menuWillOpen:]):
(-[WKMenuDelegate menuDidClose:]):

  • UIProcess/WebPageProxy.h:
  • UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::showContextMenu):
(WebKit::WebPageProxy::didShowContextMenu):
(WebKit::WebPageProxy::didDismissContextMenu): Added.

  • WebProcess/WebPage/WebContextMenu.cpp:

(WebKit::WebContextMenu::show):

  • WebProcess/WebPage/WebPage.messages.in:
  • WebProcess/WebPage/WebPage.h:

(WebKit::WebPage::startWaitingForContextMenuToShow): Added.
(WebKit::WebPage::contextMenuShowing): Deleted.
(WebKit::WebPage::contextMenuHidden): Deleted.

  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::didShowContextMenu): Added.
(WebKit::WebPage::didDismissContextMenu): Added.
(WebKit::WebPage::mouseEvent):
Drive-by: Rename m_contextMenuShowing to m_waitingForContextMenuToShow for clarity.

Tools:

  • WebKitTestRunner/cocoa/TestRunnerWKWebView.mm:

(-[TestRunnerWKWebView dismissActiveMenu]):
(-[TestRunnerWKWebView immediatelyDismissContextMenuIfNeeded]):
(-[TestRunnerWKWebView _dismissAllContextMenuInteractions]): Added.

LayoutTests:

  • media/modern-media-controls/overflow-support/button-state.html: Added.
  • media/modern-media-controls/overflow-support/button-state-expected.txt: Added.
  • media/modern-media-controls/overflow-support/playback-speed.html:
  • media/modern-media-controls/tracks-support/click-track-in-contextmenu.html:

Adjust how these tests wait for and dismiss the contextmenu.

8:02 PM Changeset in webkit [280373] by Russell Epstein
  • 1 copy in tags/Safari-612.1.24.11.6

Tag Safari-612.1.24.11.6.

8:01 PM Changeset in webkit [280372] by Russell Epstein
  • 2 edits in branches/safari-612.1.24.11-branch/Source/WebKit

Cherry-pick r280351. rdar://problem/81196087

The bundle path of downlevel Safari is wrong
https://bugs.webkit.org/show_bug.cgi?id=228339

Reviewed by Jer Noble.

Fix the bundle path. The correct path is "/Library/Apple/System/Library/StagedFrameworks/Safari".

  • Shared/Cocoa/WebPreferencesDefaultValuesCocoa.mm: (WebKit::isFeatureFlagEnabled):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@280351 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7:58 PM Changeset in webkit [280371] by Russell Epstein
  • 8 edits in branches/safari-612.1.24.11-branch/Source

Versioning.

WebKit-7612.1.24.11.6

7:32 PM Changeset in webkit [280370] by Patrick Angle
  • 2 edits in trunk/Source/JavaScriptCore

Web Inspector: [Cocoa] "RemoteInspector XPC connection to relay failed." messages are confusing in StdErr
https://bugs.webkit.org/show_bug.cgi?id=228303

Reviewed by Darin Adler.

Remove overly verbose and confusing WTFLogAlways messages added in r278413, which can confuse applications
listening to stderr of a process using JavaScriptCore.

  • inspector/remote/cocoa/RemoteInspectorCocoa.mm:

(Inspector::RemoteInspector::xpcConnectionFailed):

7:20 PM Changeset in webkit [280369] by rniwa@webkit.org
  • 2 edits in trunk/Source/WebCore

[macOS] Stop away unpaired surrogate pair in findNextWordFromIndex:forward:
https://bugs.webkit.org/show_bug.cgi?id=228496

Reviewed by Darin Adler.

Replace unpaired surrogate pairs with the replacement character before calling findNextWordFromIndex:forward:

  • platform/text/mac/TextBoundaries.mm:

(WebCore::findNextWordFromIndex):

6:38 PM Changeset in webkit [280368] by Amir Mark Jr.
  • 1 edit
    3 deletes in trunk/LayoutTests

[LayoutTests] Delete unused LayoutTests/inspector resources
https://bugs.webkit.org/show_bug.cgi?id=226800

Reviewed by Jonathan Bedard.

  • inspector/console/resources/errors.css: Removed.
  • inspector/dom/resources/highlight-iframe.html: Removed.
  • inspector/network/resources/data-intercepted.json: Removed.
6:25 PM Changeset in webkit [280367] by Robert Jenner
  • 1 edit
    2 deletes in trunk/LayoutTests

Revert "Batch add test expectations for Monterey and iOS on Open Source"

This reverts commit 0b351bd1e35436f327b82ef38626748dba4b6bb6.

5:55 PM Changeset in webkit [280366] by Diego Pino Garcia
  • 7 edits in trunk/Tools

[GTK][WPE] Fix wrong path to GLIB dependencies introduced in r280354.

Unreviewed follow-up fix.

  • gtk/dependencies/apt:
  • gtk/dependencies/dnf:
  • gtk/dependencies/pacman:
  • wpe/dependencies/apt:
  • wpe/dependencies/dnf:
  • wpe/dependencies/pacman:
5:47 PM Changeset in webkit [280365] by Jonathan Bedard
  • 2 edits in trunk/Tools

[build.webkit.org] Simulator temp files filling up disk
https://bugs.webkit.org/show_bug.cgi?id=228335
<rdar://problem/81171840>

Reviewed by Aakash Jain.

  • CISupport/kill-old-processes:

(main): Delete stale simulator files.

5:21 PM Changeset in webkit [280364] by Alexey Shvayka
  • 5 edits in trunk

ProxyObject callees should be skipped during Function.prototype.caller resolution
https://bugs.webkit.org/show_bug.cgi?id=228341

Reviewed by Yusuke Suzuki.

Source/JavaScriptCore:

Just like a bound function, a Proxy with nullish "apply" handler merely forwards
Call? to its target [1], without pushing onto the execution context stack.
This fact is also noted in Function.prototype.{caller,arguments} reflection proposal [2].

This patch aligns JSC with V8 and SpiderMonkey if Proxy's "apply" handler is userland
or nullish. However, since JSC implements proper tail calls, Function.prototype.caller
result is divergent from other engines if the handler is Reflect.apply, which performs
a tail call that gets optimized away [2] (unless called by another Proxy).

[1]: https://tc39.es/ecma262/#sec-proxy-object-internal-methods-and-internal-slots-call-thisargument-argumentslist (step 8)
[2]: https://github.com/claudepache/es-legacy-function-reflection/blob/master/spec.md#get-functionprototypecaller (see notes)

  • runtime/FunctionPrototype.cpp:

(JSC::RetrieveCallerFunctionFunctor::operator() const):

LayoutTests:

  • js/caller-property-expected.txt:
  • js/script-tests/caller-property.js:
5:12 PM Changeset in webkit [280363] by Eric Hutchison
  • 2 edits in trunk/LayoutTests

[BigSur wk2 Debug arm64] fast/text/emoji-overlap.html is a flaky image-only failure.
https://bugs.webkit.org/show_bug.cgi?id=228528.

Unreviewed test gardening.

  • platform/mac-wk2/TestExpectations:
4:59 PM Changeset in webkit [280362] by aakash_jain@apple.com
  • 1 edit
    1 add in trunk/Tools

Add .gitignore file for CISupport
https://bugs.webkit.org/show_bug.cgi?id=228113

Reviewed by Jonathan Bedard.

  • CISupport/.gitignore: Added.
4:48 PM Changeset in webkit [280361] by mmaxfield@apple.com
  • 7 edits in trunk/Source

[GPU Process] Code cleanup after r280356
https://bugs.webkit.org/show_bug.cgi?id=228495

Reviewed by Wenson Hsieh.

Source/WebCore:

3 things:

  1. Rename cacheNativeImage()/cacheFont() to recordNativeImageUse()/recordFontUse() since it does more

than caching now

  1. Mark overridden functions as final in RemoteImageBufferProxy because no class inherits from it
  2. Remove unnecessary WebCore:: where it isn't necessary

No new tests because there is no behavior change.

  • platform/graphics/displaylists/DisplayListRecorder.cpp:

(WebCore::DisplayList::Recorder::putPixelBuffer):
(WebCore::DisplayList::Recorder::recordNativeImageUse):
(WebCore::DisplayList::Recorder::appendStateChangeItem):
(WebCore::DisplayList::Recorder::appendDrawGlyphsItemWithCachedFont):
(WebCore::DisplayList::Recorder::drawImageBuffer):
(WebCore::DisplayList::Recorder::drawNativeImage):
(WebCore::DisplayList::Recorder::drawPattern):
(WebCore::DisplayList::Recorder::cacheNativeImage): Deleted.

  • platform/graphics/displaylists/DisplayListRecorder.h:

(WebCore::DisplayList::Recorder::Delegate::recordNativeImageUse):
(WebCore::DisplayList::Recorder::Delegate::recordFontUse):
(WebCore::DisplayList::Recorder::Delegate::cacheNativeImage): Deleted.
(WebCore::DisplayList::Recorder::Delegate::cacheFont): Deleted.

Source/WebKit:

  • WebProcess/GPU/graphics/RemoteImageBufferProxy.h:

(WebKit::RemoteImageBufferProxy::putPixelBuffer):

  • WebProcess/GPU/graphics/RemoteResourceCacheProxy.cpp:

(WebKit::RemoteResourceCacheProxy::recordNativeImageUse):
(WebKit::RemoteResourceCacheProxy::recordFontUse):
(WebKit::RemoteResourceCacheProxy::cacheNativeImage): Deleted.
(WebKit::RemoteResourceCacheProxy::cacheFont): Deleted.

  • WebProcess/GPU/graphics/RemoteResourceCacheProxy.h:
4:45 PM Changeset in webkit [280360] by Robert Jenner
  • 2 edits in trunk/LayoutTests

Batch add test expectations for Monterey and iOS on Open Source
https://bugs.webkit.org/show_bug.cgi?id=228200

Unreviewed test gardening.

  • platform/mac/platform/mac/fast/text/international/Geeza-Pro-vertical-metrics-adjustment-expected.txt:
4:30 PM Changeset in webkit [280359] by Aditya Keerthi
  • 5 edits
    2 adds in trunk

[iOS] REGRESSION: Tapping a <select> element does not show a menu on many websites
https://bugs.webkit.org/show_bug.cgi?id=228340
rdar://77137768

Reviewed by Wenson Hsieh.

Source/WebKit:

Many sites add a touchend event listener to their select elements, that
is responsible for focusing the element. With the introduction of
asynchronous touch events, the single tap gesture recognizer can be
deferred to the point it occurs after the UIProcess is notified that an
element has been focused. This is problematic, since the UIProcess
creates and displays inputs peripherals in response to element focus,
but the gesture recognizer can dismiss presented peripherals via
-[WKFormPeripheral endEditing]. Consequently, many sites immediately
display and dismiss the input peripheral.

To fix, only call -[WKFormPeripheral endEditing] if the peripheral
was already being displayed once the tap gesture began. This ensures we
do not immediately display and dismiss peripherals.

Note that with the redesigned form controls, the call to endEditing is
unnecessary, as the presented views handle their own dismissal. However,
the logic is still needed for the old select control (using a keyboard
input view), to commit value changes. The old control is displayed on
apps linked against iOS 13 or earlier. This behavior is tested in
fast/forms/ios/select-picker-change-and-focus-another-select.html.

Test: fast/forms/ios/form-control-refresh/select/focus-select-in-touchend.html

  • UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView _singleTapIdentified:]):
(-[WKContentView _singleTapRecognized:]):

  • UIProcess/ios/forms/WKFormPeripheral.h:
  • UIProcess/ios/forms/WKFormPeripheralBase.h:

LayoutTests:

Added a test to verify that tapping a select element, that focuses itself
inside a touchend listener, displays a menu.

  • fast/forms/ios/form-control-refresh/select/focus-select-in-touchend-expected.txt: Added.
  • fast/forms/ios/form-control-refresh/select/focus-select-in-touchend.html: Added.
4:19 PM Changeset in webkit [280358] by Peng Liu
  • 2 edits in trunk/Source/WebKit

Safari hangs when entering PiP from (element) fullscreen
https://bugs.webkit.org/show_bug.cgi?id=228332

Reviewed by Eric Carlson.

When a video element's ancestor element is in fullscreen and the video element
is entering picture-in-picture, WKFullScreenWindowController in the UI process
will notify the WebContent process that the ancestor element needs to exit fullscreen.
However, some sites call document.webkitExitFullscreen() to request the ancestor
element to exit fullscreen proactively. Both WebContent process and UI process will
try to do the same thing and may lead to a race condition.

That was not an issue before r274460 because WebFullScreenManager::requestExitFullScreen()
will ignore the request from the UI process if the WebContent process has already
started the steps to exit fullscreen.

This patch stops the UI process sending the exit fullscreen request if a WebContent
process has started the steps to exit fullscreen.

Manually tested.

  • UIProcess/mac/WKFullScreenWindowController.mm:

(-[WKFullScreenWindowController didEnterPictureInPicture]):

4:17 PM Changeset in webkit [280357] by Ayumi Kojima
  • 2 edits in trunk/LayoutTests

[ iOS ] media/track/track-in-band-duplicate-tracks-when-source-changes.html is a flaky timeout.
https://bugs.webkit.org/show_bug.cgi?id=228364

Unreviewed test gardening.

  • platform/ios-wk2/TestExpectations:
3:52 PM Changeset in webkit [280356] by mmaxfield@apple.com
  • 5 edits in trunk/Source

[GPU Process] Start tracking resource uses for NativeImages and Fonts
https://bugs.webkit.org/show_bug.cgi?id=228224

Reviewed by Said Abou-Hallawa.

Source/WebCore:

This is part 3 of https://bugs.webkit.org/show_bug.cgi?id=228216.

This patch triggers the infrastructure added in https://bugs.webkit.org/show_bug.cgi?id=228222 by tracking
resource use counts in the web process. RemoteResourceCacheProxy already is notified whenever a resource
is used, so it records how many of these notifications it receives, and sends that count to the GPU process
with the release message. When the GPU process replays the display lists, it also keeps track of how many
uses it encountered for the resource, via calling through the Replayer::Delegate.

Covered by existing tests.

  • platform/graphics/displaylists/DisplayListReplayer.cpp:

(WebCore::DisplayList::applyNativeImageItem):
(WebCore::DisplayList::applySetStateItem):
(WebCore::DisplayList::applyFontItem):
(WebCore::DisplayList::Replayer::applyItem):

Source/WebKit:

This patch extends the existing resource tracking HashMaps used in RemoteResourceCacheProxy to continue
to record what they were recording before, but also include this new resource use count information.

  • WebProcess/GPU/graphics/RemoteResourceCacheProxy.cpp:

(WebKit::RemoteResourceCacheProxy::~RemoteResourceCacheProxy):
(WebKit::RemoteResourceCacheProxy::cacheNativeImage):
(WebKit::RemoteResourceCacheProxy::cacheFont):
(WebKit::RemoteResourceCacheProxy::releaseNativeImage):
(WebKit::RemoteResourceCacheProxy::clearFontMap):
(WebKit::RemoteResourceCacheProxy::finalizeRenderingUpdateForFonts):

  • WebProcess/GPU/graphics/RemoteResourceCacheProxy.h:
3:52 PM Changeset in webkit [280355] by Robert Jenner
  • 2 edits in trunk/LayoutTests

Batch add test expectations for Monterey and iOS on Open Source
https://bugs.webkit.org/show_bug.cgi?id=228200

Unreviewed test gardening.

  • platform/mac-wk1/TestExpectations:
3:51 PM Changeset in webkit [280354] by Diego Pino Garcia
  • 7 edits
    3 copies
    1 add in trunk/Tools

[GTK][WPE] Move WebKitGTK and WPE dependency packages to a common GLIB list
https://bugs.webkit.org/show_bug.cgi?id=228326

Reviewed by Adrian Perez de Castro.

WebKitGTK and WPE share many dependency packages. Until now each port
maintained its own list of dependencies. It was a common mistake to
add a new package dependency to one of the ports but not to the other
one.

This patch adds a common GLIB for dependency packages, which can help
prevent mistakes like the one described above.

  • glib/dependencies/apt: Copied from Tools/wpe/dependencies/apt.
  • glib/dependencies/dnf: Copied from Tools/wpe/dependencies/dnf.
  • glib/dependencies/pacman: Copied from Tools/wpe/dependencies/pacman.
  • gtk/dependencies/apt:
  • gtk/dependencies/dnf:
  • gtk/dependencies/pacman:
  • wpe/dependencies/apt:
  • wpe/dependencies/dnf:
  • wpe/dependencies/pacman:
3:42 PM Changeset in webkit [280353] by Robert Jenner
  • 1 edit
    4 adds in trunk/LayoutTests

Batch add test expectations for Monterey and iOS on Open Source
https://bugs.webkit.org/show_bug.cgi?id=228200

Uneviewed test gardening.

  • platform/ios-14-wk2/imported/w3c/web-platform-tests/css/cssom/css-style-attr-decl-block-expected.txt: Added.
  • platform/ios-wk2/imported/w3c/web-platform-tests/css/cssom/css-style-attr-decl-block-expected.txt: Added.
3:33 PM Changeset in webkit [280352] by Ayumi Kojima
  • 2 edits in trunk/LayoutTests

[ iOS Release ] imported/w3c/web-platform-tests/webrtc/RTCRtpReceiver-getContributingSources.https.html is a flaky failure.
https://bugs.webkit.org/show_bug.cgi?id=228462

RUnreviewed test gardening.

  • platform/ios-wk2/TestExpectations:
3:15 PM Changeset in webkit [280351] by Peng Liu
  • 2 edits in trunk/Source/WebKit

The bundle path of downlevel Safari is wrong
https://bugs.webkit.org/show_bug.cgi?id=228339

Reviewed by Jer Noble.

Fix the bundle path. The correct path is "/Library/Apple/System/Library/StagedFrameworks/Safari".

  • Shared/Cocoa/WebPreferencesDefaultValuesCocoa.mm:

(WebKit::isFeatureFlagEnabled):

2:44 PM Changeset in webkit [280350] by Eric Hutchison
  • 2 edits in trunk/LayoutTests

[ BigSur Release arm64 ] fast/speechsynthesis/speech-synthesis-speak-empty-string.html is a flaky failure.
https://bugs.webkit.org/show_bug.cgi?id=228396.

Unreviewed test gardening.

  • platform/mac/TestExpectations:
2:36 PM Changeset in webkit [280349] by dino@apple.com
  • 5 edits in trunk/Source/ThirdParty/ANGLE

3.5 MB system-wide footprint impact due to thread-locals in libANGLE
https://bugs.webkit.org/show_bug.cgi?id=228240
rdar://79504783

Reviewed by Ken Russell and Geoff Garen.

Apple's dyld has a bug where thread_local variables are dirtied on
process launch, causing a memory regression. Work around this
temporarily in ANGLE by using pthread thread local storage.

I don't expect this to be upstreamed to ANGLE unless they
want it. If it isn't, this patch will have to be applied until
the dyld bug is fixed.

  • src/libANGLE/Context.cpp: Implement some methods to get/set what was

the global variable gCurrentValidContext.
(gl::GetCurrentValidContextTLSIndex):
(gl::GetCurrentValidContextTLS):
(gl::SetCurrentValidContextTLS):
(gl::Context::setContextLost):

  • src/libANGLE/Context.h:
  • src/libGLESv2/global_state.cpp: Ditto, but for gCurrentThread.

(egl::GetCurrentThreadTLSIndex):
(egl::GetCurrentThreadTLS):
(egl::SetCurrentThreadTLS):
(egl::GetCurrentThread):
(egl::SetContextCurrent):

  • src/libGLESv2/global_state.h:

(gl::GetGlobalContext):
(gl::GetValidGlobalContext):

11:55 AM Changeset in webkit [280348] by Ayumi Kojima
  • 2 edits in trunk/LayoutTests

[ iOS ] media/track/track-forced-subtitles-in-band.html is a flaky timeout.
https://bugs.webkit.org/show_bug.cgi?id=228334

Unreviewed test gardening.

  • platform/ios-wk2/TestExpectations:
11:52 AM Changeset in webkit [280347] by commit-queue@webkit.org
  • 2 edits in trunk/Tools

[results.webkit.org] Tooltips should remain visible when hovering over commit representations
https://bugs.webkit.org/show_bug.cgi?id=228330

Patch by Kevin Neal <kevin_neal@apple.com> on 2021-07-27
Reviewed by Jonathan Bedard.

  • Scripts/libraries/resultsdbpy/resultsdbpy/view/static/js/timeline.js:

(xAxisFromScale):

11:45 AM Changeset in webkit [280346] by Eric Hutchison
  • 2 edits in trunk/LayoutTests

[BigSur wk2 Release arm64] fast/selectors/selection-window-inactive-stroke-color.html is a flaky image-only failure.
https://bugs.webkit.org/show_bug.cgi?id=228337.

Unreviewed test gardening.

  • platform/mac-wk2/TestExpectations:
11:14 AM Changeset in webkit [280345] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebKit

Fix WebProcess sandbox profile when ENABLE_SANDBOX_MESSAGE_FILTER is disabled
https://bugs.webkit.org/show_bug.cgi?id=228220

Patch by Saagar Jha <saagar@saagarjha.com> on 2021-07-27
Reviewed by Per Arne Vollan.

A couple of new filters turn into empty lists when ENABLE_SANDBOX_MESSAGE_FILTER is NO;
we shouldn't be evaluating them at all, so we need to move the check out.

  • WebProcess/com.apple.WebProcess.sb.in: Factor the conditional check out of the filters.
11:00 AM Changeset in webkit [280344] by Truitt Savell
  • 1 edit
    33 adds in trunk/LayoutTests

Additional new baselines for Monterey
https://bugs.webkit.org/show_bug.cgi?id=228090

Unreviewed test gardening.

  • platform/mac-bigsur-wk2/http/tests/websocket/tests/hybi/close-and-server-script-exception-expected.txt: Added.
  • platform/mac-bigsur-wk2/http/tests/websocket/tests/hybi/close-code-and-reason-expected.txt: Added.
  • platform/mac-bigsur-wk2/http/tests/websocket/tests/hybi/handshake-fail-by-no-cr-expected.txt: Added.
  • platform/mac-bigsur-wk2/http/tests/websocket/tests/hybi/handshake-fail-by-null-char-in-status-expected.txt: Added.
  • platform/mac-bigsur-wk2/http/tests/websocket/tests/hybi/handshake-ok-with-http-version-beyond-1_1-expected.txt: Added.
  • platform/mac-bigsur-wk2/http/tests/websocket/tests/hybi/send-object-tostring-check-expected.txt: Added.
  • platform/mac-bigsur-wk2/http/tests/websocket/tests/hybi/workers/close-code-and-reason-expected.txt: Added.
  • platform/mac-catalina-wk2/http/tests/websocket/tests/hybi/send-object-tostring-check-expected.txt: Added.
  • platform/mac-wk2/http/tests/websocket/tests/hybi/alert-in-event-handler-expected.txt: Added.
  • platform/mac-wk2/http/tests/websocket/tests/hybi/client-close-2-expected.txt: Added.
  • platform/mac-wk2/http/tests/websocket/tests/hybi/client-close-expected.txt: Added.
  • platform/mac-wk2/http/tests/websocket/tests/hybi/close-and-server-script-exception-expected.txt: Added.
  • platform/mac-wk2/http/tests/websocket/tests/hybi/close-code-and-reason-expected.txt: Added.
  • platform/mac-wk2/http/tests/websocket/tests/hybi/handshake-fail-by-no-cr-expected.txt: Added.
  • platform/mac-wk2/http/tests/websocket/tests/hybi/handshake-fail-by-null-char-in-status-expected.txt: Added.
  • platform/mac-wk2/http/tests/websocket/tests/hybi/handshake-ok-with-http-version-beyond-1_1-expected.txt: Added.
  • platform/mac-wk2/http/tests/websocket/tests/hybi/invalid-encode-length-expected.txt: Added.
  • platform/mac-wk2/http/tests/websocket/tests/hybi/receive-arraybuffer-expected.txt: Added.
  • platform/mac-wk2/http/tests/websocket/tests/hybi/send-object-tostring-check-expected.txt: Added.
  • platform/mac-wk2/http/tests/websocket/tests/hybi/workers/close-code-and-reason-expected.txt: Added.
  • platform/mac-wk2/http/tests/websocket/tests/hybi/workers/receive-arraybuffer-expected.txt: Added.
  • platform/mac-wk2/http/tests/websocket/tests/hybi/zero-length-text-expected.txt: Added.
10:25 AM Changeset in webkit [280343] by Ayumi Kojima
  • 2 edits in trunk/LayoutTests

[iOS Release] 2 imported/w3c/web-platform-tests/worklets tests are flaky failing.
https://bugs.webkit.org/show_bug.cgi?id=228327

Unreviewed test gardening.

  • platform/ios-wk2/TestExpectations:
10:20 AM Changeset in webkit [280342] by commit-queue@webkit.org
  • 5 edits in trunk

document.referrer value is missing trailing slash
https://bugs.webkit.org/show_bug.cgi?id=215080

Patch by Alex Christensen <achristensen@webkit.org> on 2021-07-27
Reviewed by John Wilander.

Source/WebCore:

This matches the behavior of Chrome and Firefox.
The solution is similar to that of bug 227795.
Covered by a few layout tests.

  • dom/Document.cpp:

(WebCore::Document::referrer):

LayoutTests:

  • http/tests/resourceLoadStatistics/downgrade-document-referrer-nested-third-party-iframe-expected.txt:
  • http/tests/resourceLoadStatistics/downgrade-document-referrer-third-party-iframe-expected.txt:
9:34 AM Changeset in webkit [280341] by commit-queue@webkit.org
  • 3 edits in trunk

[CMake] Add WTF_CPU_RISCV64
https://bugs.webkit.org/show_bug.cgi?id=228322

Patch by Zan Dobersek <zdobersek@igalia.com> on 2021-07-27
Reviewed by Adrian Perez de Castro.

Define the WTF_CPU_RISCV64 CMake macro when the specified system
processor name begins with 'riscv64'. This should also cover potential
RISC-V processor names ingrained with specific ISA extensions that are
then detectable at compile-time through specified C macros.

For WTF_CPU_RISCV64, default to disabling JIT and FTL features at the
CMake level until they are properly supported. Defaulting to system
malloc can already be avoided, but CLoop is necessary for now.

  • Source/cmake/WebKitCommon.cmake:
  • Source/cmake/WebKitFeatures.cmake:
9:23 AM Changeset in webkit [280340] by Ayumi Kojima
  • 2 edits in trunk/LayoutTests

[iOS Release] imported/w3c/web-platform-tests/worklets/audio-worklet-service-worker-interception.https.html is flaky.
https://bugs.webkit.org/show_bug.cgi?id=228327

Unreviewed test gardening.

  • platform/ios-wk2/TestExpectations:
4:57 AM Changeset in webkit [280339] by Diego Pino Garcia
  • 3 edits
    9 adds in trunk/Tools

[GTK][WPE] Organize list of package dependencies into separated files
https://bugs.webkit.org/show_bug.cgi?id=228276

Reviewed by Adrian Perez de Castro.

When deploying a new bot from scratch for Ubuntu LTS, which builds
using system libraries, I realized the list of package dependencies
for WPE is not exhaustive.

This patch refactorizes the package dependencies list putting each
group of dependencies on its own file depending on platform (apt, dnf,
pacman and brew).

On a follow-up step I plan to put in common the WebKitGTK and WPE
dependencies plus add the missing WPE package dependencies. Also I'll
remove the duplicated packages that are currently happening in the
dependencies list of several platforms.

  • gtk/dependencies/apt: Added.
  • gtk/dependencies/brew: Added.
  • gtk/dependencies/dnf: Added.
  • gtk/dependencies/pacman: Added.
  • gtk/install-dependencies:
  • wpe/dependencies/apt: Added.
  • wpe/dependencies/dnf: Added.
  • wpe/dependencies/pacman: Added.
  • wpe/install-dependencies:
2:44 AM Changeset in webkit [280338] by commit-queue@webkit.org
  • 2 edits in trunk/LayoutTests

Unskip some css-flexbox WPT tests that pass
https://bugs.webkit.org/show_bug.cgi?id=228320

Patch by Rob Buis <rbuis@igalia.com> on 2021-07-27
Reviewed by Manuel Rego Casasnovas.

Unskip some css-flexbox WPT tests that pass.

Jul 26, 2021:

9:42 PM Changeset in webkit [280337] by Said Abou-Hallawa
  • 20 edits
    1 copy
    1 add in trunk/Source

Regulate the WebPage RenderingUpdates from the WebProcess to the GPUProcess
https://bugs.webkit.org/show_bug.cgi?id=227791
<rdar://78430639>

Reviewed by Simon Fraser.

Source/WebCore:

Make ChromeClient decide whether a RenderingUpdate can be triggered or
should be rescheduled. Keep track of how many times RenderingUpdate was
rescheduled to ensure RenderingUpdate will be triggered anyway after a
certain number of reschedules.

  • page/ChromeClient.h:

(WebCore::ChromeClient::canTriggerRenderingUpdate const):

  • page/RenderingUpdateScheduler.cpp:

(WebCore::RenderingUpdateScheduler::displayRefreshFired):

  • page/RenderingUpdateScheduler.h:

Source/WebKit:

This is the workflow to regulate the WebPage RenderingUpdates:

-- WebPage::finalizeRenderingUpdate() calls RemoteRenderingBackendProxy::

finalizeRenderingUpdate().

-- RemoteRenderingBackendProxy::finalizeRenderingUpdate() sends its

renderingUpdateID to GPUPProcess and asks it to process all the
pending DisplayList items.

-- RemoteRenderingBackend::finalizeRenderingUpdate) processes all the

pending items and sends the received renderingUpdateID back to the
WebProcess.

-- RemoteRenderingBackendProxy::didFinalizeRenderingUpdate() stores the

received didRenderingUpdateID.

-- RemoteRenderingBackendProxy::delayedRenderingUpdateCount() returns

'renderingUpdateID - didRenderingUpdateID' which is the number of
un-processed finalizeRenderingUpdate by GPUP.

-- WebPage::canTriggerRenderingUpdate() uses delayedRenderingUpdateCount()

to decides whether the current RenderingUpdate can be triggered or
should be rescheduled.

-- RenderingUpdateScheduler::displayRefreshFired() calls

WebPage::canTriggerRenderingUpdate() through the page chrome client.

  • GPUProcess/graphics/RemoteRenderingBackend.cpp:

(WebKit::RemoteRenderingBackend::submit):
(WebKit::RemoteRenderingBackend::finalizeRenderingUpdate):

  • GPUProcess/graphics/RemoteRenderingBackend.h:
  • GPUProcess/graphics/RemoteRenderingBackend.messages.in:
  • Scripts/webkit/messages.py:

(types_that_cannot_be_forward_declared):

  • Shared/MonotonicObjectIdentifier.h: Copied from Source/WebKit/Shared/TransactionID.h.

(WebKit::MonotonicObjectIdentifier::MonotonicObjectIdentifier):
(WebKit::MonotonicObjectIdentifier::isHashTableDeletedValue const):
(WebKit::MonotonicObjectIdentifier::encode const):
(WebKit::MonotonicObjectIdentifier::decode):
(WebKit::MonotonicObjectIdentifier::operator== const):
(WebKit::MonotonicObjectIdentifier::operator> const):
(WebKit::MonotonicObjectIdentifier::operator>= const):
(WebKit::MonotonicObjectIdentifier::operator< const):
(WebKit::MonotonicObjectIdentifier::operator<= const):
(WebKit::MonotonicObjectIdentifier::operator!= const):
(WebKit::MonotonicObjectIdentifier::increment):
(WebKit::MonotonicObjectIdentifier::next const):
(WebKit::MonotonicObjectIdentifier::toUInt64 const):
(WebKit::MonotonicObjectIdentifier::operator bool const):
(WebKit::MonotonicObjectIdentifier::loggingString const):
(WebKit::MonotonicObjectIdentifier::hashTableDeletedValue):
(WebKit::MonotonicObjectIdentifier::isValidIdentifier):
(WebKit::operator<<):

  • Shared/RenderingUpdateID.h: Added.
  • Shared/TransactionID.h:

(WebKit::MonotonicObjectIdentifier::MonotonicObjectIdentifier): Deleted.
(WebKit::MonotonicObjectIdentifier::isHashTableDeletedValue const): Deleted.
(WebKit::MonotonicObjectIdentifier::encode const): Deleted.
(WebKit::MonotonicObjectIdentifier::decode): Deleted.
(WebKit::MonotonicObjectIdentifier::operator== const): Deleted.
(WebKit::MonotonicObjectIdentifier::operator> const): Deleted.
(WebKit::MonotonicObjectIdentifier::operator>= const): Deleted.
(WebKit::MonotonicObjectIdentifier::operator< const): Deleted.
(WebKit::MonotonicObjectIdentifier::operator<= const): Deleted.
(WebKit::MonotonicObjectIdentifier::operator!= const): Deleted.
(WebKit::MonotonicObjectIdentifier::increment): Deleted.
(WebKit::MonotonicObjectIdentifier::next const): Deleted.
(WebKit::MonotonicObjectIdentifier::toUInt64 const): Deleted.
(WebKit::MonotonicObjectIdentifier::operator bool const): Deleted.
(WebKit::MonotonicObjectIdentifier::loggingString const): Deleted.
(WebKit::MonotonicObjectIdentifier::hashTableDeletedValue): Deleted.
(WebKit::MonotonicObjectIdentifier::isValidIdentifier): Deleted.
(WebKit::operator<<): Deleted.

  • WebKit.xcodeproj/project.pbxproj:
  • WebProcess/GPU/graphics/RemoteRenderingBackendProxy.cpp:

(WebKit::RemoteRenderingBackendProxy::gpuProcessConnectionDidClose):
(WebKit::RemoteRenderingBackendProxy::finalizeRenderingUpdate):
(WebKit::RemoteRenderingBackendProxy::didFinalizeRenderingUpdate):

  • WebProcess/GPU/graphics/RemoteRenderingBackendProxy.h:

(WebKit::RemoteRenderingBackendProxy::renderingUpdateID const):
(WebKit::RemoteRenderingBackendProxy::delayedRenderingUpdateCount const):

  • WebProcess/GPU/graphics/RemoteRenderingBackendProxy.messages.in:
  • WebProcess/GPU/graphics/RemoteResourceCacheProxy.cpp:

(WebKit::RemoteResourceCacheProxy::cacheFont):
(WebKit::RemoteResourceCacheProxy::prepareForNextRenderingUpdate):
(WebKit::RemoteResourceCacheProxy::clearFontMap):
(WebKit::RemoteResourceCacheProxy::finalizeRenderingUpdateForFonts):
(WebKit::RemoteResourceCacheProxy::finalizeRenderingUpdate):
(WebKit::RemoteResourceCacheProxy::didFinalizeRenderingUpdate): Deleted.

  • WebProcess/GPU/graphics/RemoteResourceCacheProxy.h:
  • WebProcess/WebCoreSupport/WebChromeClient.cpp:

(WebKit::WebChromeClient::canTriggerRenderingUpdate const):

  • WebProcess/WebCoreSupport/WebChromeClient.h:
  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::canTriggerRenderingUpdate const):
(WebKit::WebPage::finalizeRenderingUpdate):

  • WebProcess/WebPage/WebPage.h:
7:21 PM Changeset in webkit [280336] by Wenson Hsieh
  • 10 edits
    1 add in trunk

[macOS Monterey] Pressing Fn+E should present the emoji picker when editing
https://bugs.webkit.org/show_bug.cgi?id=228300
rdar://77558672

Reviewed by Tim Horton.

Source/WebCore/PAL:

Add a new SPI declaration on NSMenu. See WebKit and WebKitLegacy changes for more information.

  • pal/spi/mac/NSMenuSPI.h:

Source/WebKit:

In macOS Monterey, the system-wide Fn+E key command presents the Emoji & Symbols UI as a popover. However, this
new key command currently does not work in editable contexts in both WebKit1 and WebKit2 views on macOS, where
we end up just inserting the character "e".

This is because, on both ports, we attempt to interpret NSEvents by calling back into AppKit to handle the
event, recording the selectors that *would've* been performed, and then using this information to build up a
list of WebCore::KeyCommand for the event (which are later converted into editing commands). In WebKit2, we
call into -[NSTextInputContext handleEventByKeyboardLayout:] to handle the event, and capture the resulting
calls back into WKWebView by storing entries in m_collectedKeypressCommands (something similar happens in
WebKit1). In the case of these new Fn commands, they are handled by the system before entering
NSTextInputContext, so NSTextInputContext ends up handling them as regular text insertion.

As an aside, the reason the meta (⌘) key doesn't encounter this problem is because meta, option, control and
shift are considered valid key bindings in NSKeyBindingManager, whereas the function key mask is specifically
excluded from this list for compability reasons. NSTextInputContext consults NSKeyBindingManager in order to
check whether the given NSEvent is a known key binding in -handleEventByKeyboardLayout:, so it fails to
acknowledge Fn+E as a key binding.

To work around this, we adopt new AppKit SPI added in rdar://81123724 to determine whether an NSEvent maps to
any main menu items and avoid handling "Fn-*" key events as text insertion if they already map to items in the
main menu.

Test: KeyboardEventTests.FunctionKeyCommand

  • UIProcess/Cocoa/WebViewImpl.mm:

(WebKit::WebViewImpl::collectKeyboardLayoutCommandsForEvent):

Source/WebKitLegacy/mac:

Apply a similar fix, this time for WebKit1 on macOS.

  • WebView/WebHTMLView.mm:

(-[WebHTMLView insertText:]):

Only append "insertText:" for a corresponding NSEvent with the Function key held down if it doesn't also map
to a item in the main menu.

Tools:

Add a new API test that simulates a keypress for "Fn+E" with a main menu that contains a system menu item for
that key binding; the test then verifies that text was not inserted into the page as a result.

  • TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
  • TestWebKitAPI/Tests/mac/KeyboardEventTests.mm: Added.

(-[KeyboardTestMenu _containsItemMatchingEvent:includingDisabledItems:]):
(TestWebKitAPI::TEST):

  • TestWebKitAPI/cocoa/TestWKWebView.h:
  • TestWebKitAPI/cocoa/TestWKWebView.mm:

(-[TestWKWebView typeCharacter:]):
(-[TestWKWebView typeCharacter:modifiers:]):

6:43 PM Changeset in webkit [280335] by ysuzuki@apple.com
  • 17 edits in trunk

Unreviewed, speculative revert of r280193
https://bugs.webkit.org/show_bug.cgi?id=228142

Source/WebCore:

  • html/parser/HTMLConstructionSite.cpp:

(WebCore::HTMLConstructionSite::insertTextNode):

  • html/parser/HTMLConstructionSite.h:
  • html/parser/HTMLDocumentParser.cpp:

(WebCore::HTMLDocumentParser::pumpTokenizerLoop):

  • html/parser/HTMLMetaCharsetParser.cpp:

(WebCore::HTMLMetaCharsetParser::checkForMetaCharset):

  • html/parser/HTMLPreloadScanner.cpp:

(WebCore::HTMLPreloadScanner::scan):

  • html/parser/HTMLToken.h:

(WebCore::HTMLToken::clear):
(WebCore::HTMLToken::beginStartTag):
(WebCore::HTMLToken::beginEndTag):
(WebCore::HTMLToken::shrinkToBestFit): Deleted.

  • html/parser/HTMLTokenizer.h:

(WebCore::HTMLTokenizer::shrinkToBestFit): Deleted.

  • html/parser/HTMLTreeBuilder.cpp:

(WebCore::HTMLTreeBuilder::ExternalCharacterTokenBuffer::characterPredicate):
(WebCore::HTMLTreeBuilder::processFakeCharacters):
(WebCore::HTMLTreeBuilder::insertPhoneNumberLink):
(WebCore::HTMLTreeBuilder::linkifyPhoneNumbers):
(WebCore::HTMLTreeBuilder::processCharacterBuffer):
(WebCore::HTMLTreeBuilder::processCharacterBufferForInBody):
(WebCore::HTMLTreeBuilder::defaultForInTableText):
(WebCore::HTMLTreeBuilder::processTokenInForeignContent):

  • html/parser/HTMLTreeBuilder.h:

Source/WTF:

  • wtf/Vector.h:

(WTF::Malloc>::shrinkCapacity):
(WTF::Malloc>::shrinkToBestFit): Deleted.

  • wtf/text/AtomStringImpl.cpp:

(WTF::UCharBufferTranslator::equal):
(WTF::LCharBufferTranslator::equal):
(WTF::BufferFromStaticDataTranslator::equal):

  • wtf/text/StringView.h:

(WTF::StringView::stripLeadingMatchedCharacters): Deleted.

Tools:

  • TestWebKitAPI/Tests/WTF/StringView.cpp:
  • TestWebKitAPI/Tests/WTF/Vector.cpp:
6:40 PM Changeset in webkit [280334] by mmaxfield@apple.com
  • 12 edits in trunk/Source

[GPU Process] Add resource use counter infrastructure to RemoteResourceCache
https://bugs.webkit.org/show_bug.cgi?id=228222

Reviewed by Said Abou-Hallawa.

Source/WebCore:

This is part 2 of https://bugs.webkit.org/show_bug.cgi?id=228216.

No new tests because there is no behavior change yet. This patch is just adding infrastructure. For now, all these
use counts sent by the web process are 0 - I'll implement that part in 3 follow-up patches.

  • platform/graphics/displaylists/DisplayListReplayer.h:

(WebCore::DisplayList::Replayer::Delegate::recordResourceUse):

Source/WebKit:

This patch adds the infrastructure for associating a counter with each resource in the RemoteResourceCache.
As the web process uses a resource during display list recording, it increments a counter, and as the GPU
process uses a resource, it increments a counter in the RemoteResourceCache. When the web process is done
with a resource, it sends a release message to the GPU process which crucially includes the web process's
counter. The GPU process has to then wait to actually delete the resource until its own use counter matches
the one it received from the web process. This patch implements this deferred deletion infrastructure
in the GPU process.

  • GPUProcess/graphics/RemoteRenderingBackend.cpp:

(WebKit::RemoteRenderingBackend::ReplayerDelegate::recordResourceUse):
(WebKit::RemoteRenderingBackend::releaseRemoteResource): Pass the use count to the RemoteResourceCache.

  • GPUProcess/graphics/RemoteRenderingBackend.h: Add the use count field.
  • GPUProcess/graphics/RemoteRenderingBackend.messages.in: Ditto.
  • GPUProcess/graphics/RemoteResourceCache.cpp:

(WebKit::RemoteResourceCache::cacheImageBuffer): It's actually okay if there's already an resource cached.
That just means that the web process started using a resource again before the GPU process consumed all
commands that used it the first time. All we need to do is increment the open count.
(WebKit::RemoteResourceCache::cacheNativeImage): Ditto.
(WebKit::RemoteResourceCache::cacheFont): Ditto.
(WebKit::RemoteResourceCache::ensureResourceUseCounter):
(WebKit::RemoteResourceCache::maybeRemoveResource): This is called whenever it's possible for us to be in
situation where we should be removing a resource (aka whenever the use count increments). It checks to see
if we can remove the resource, and if it can, does so.
(WebKit::RemoteResourceCache::recordResourceUse): The callback that runs for each resource use during
replaying. It can't actually delete any resources, so instead it just records which resources had their
use counts incremented, and waits for prune() to actually call maybeRemoveResource().
(WebKit::RemoteResourceCache::prune): After the replay is complete, call maybeRemoveResource() on all the
resources which had their use counters touched.
(WebKit::RemoteResourceCache::releaseRemoteResource): Put the relevant resource into the state where we
are waiting for the use counters to match before we can delete the resource. Also, call maybeRemoveResource()
so it can be deleted immediately if the counters already match.

  • GPUProcess/graphics/RemoteResourceCache.h: Add a new data structure to hold the use counters. There's

a big comment in here that describes what these fields mean.

  • WebProcess/GPU/graphics/RemoteImageBufferProxy.h:

(WebKit::RemoteImageBufferProxy::~RemoteImageBufferProxy): Send a dummy use count for now. This will be
implemented in a follow-up patch.

  • WebProcess/GPU/graphics/RemoteRenderingBackendProxy.cpp:

(WebKit::RemoteRenderingBackendProxy::releaseRemoteResource): Add the useCount parameter.

  • WebProcess/GPU/graphics/RemoteRenderingBackendProxy.h: Ditto.
  • WebProcess/GPU/graphics/RemoteResourceCacheProxy.cpp:

(WebKit::RemoteResourceCacheProxy::releaseNativeImage): Send a dummy use count for now. This will be
implemented in a follow-up patch.
(WebKit::RemoteResourceCacheProxy::clearFontMap): Ditto.
(WebKit::RemoteResourceCacheProxy::finalizeRenderingUpdateForFonts): Ditto.

6:07 PM Changeset in webkit [280333] by Chris Dumez
  • 13 edits
    2 adds in trunk

Location.href setter uses wrong window to resolve relative URLs
https://bugs.webkit.org/show_bug.cgi?id=228287

Reviewed by Darin Adler.

LayoutTests/imported/w3c:

Rebaseline a few WPT tests now that more checks are passing.

  • web-platform-tests/html/semantics/scripting-1/the-script-element/execution-timing/083-expected.txt:
  • web-platform-tests/html/semantics/scripting-1/the-script-element/execution-timing/084-expected.txt:
  • web-platform-tests/html/webappapis/scripting/processing-model-2/window-onerror-with-cross-frame-event-listeners-1-expected.txt:
  • web-platform-tests/html/webappapis/scripting/processing-model-2/window-onerror-with-cross-frame-event-listeners-2-expected.txt:

Source/WebCore:

Location::setLocation() is using "firstWindow" to resolve any input relative URL.
We rely on JSC::VM::deprecatedVMEntryGlobalObject() to get the first/entry window.
However, the test I wrote shows that we were using the wrong window as "first window"
in some cases (since this test would pass in other browsers but not in WebKit).

It turns out that JSEventListener::handleEvent() had a VMEntryScope internally that
would impact the global object being returned by JSC::VM::deprecatedVMEntryGlobalObject().
We were incorrectly using the scriptExecutionContext passed as parameter when constructing
the VMEntryScope instead of using the global object of the function we're about to call.
This bug addresses this.

Credits to Geoff Garen for identifying the issue in JSEventListener::handleEvent().

Test: http/tests/dom/window-location-set-href-relative-url.html

  • bindings/js/JSEventListener.cpp:

(WebCore::JSEventListener::handleEvent):

  • page/Location.cpp:

(WebCore::Location::setLocation):

LayoutTests:

Add layout test coverage. This test is passing in Chome and Firefox but was failing with
WebKit.

  • http/tests/dom/window-location-set-href-relative-url-expected.txt: Added.
  • http/tests/dom/window-location-set-href-relative-url.html: Added.
5:37 PM Changeset in webkit [280332] by commit-queue@webkit.org
  • 4 edits in trunk/Source/WebCore

This is responding to feedback on r280310.
https://bugs.webkit.org/show_bug.cgi?id=227718

Patch by Johnson Zhou <qiaosong_zhou@apple.com> on 2021-07-26
Reviewed by Alex Christensen.

  • dom/FormDataEvent.h:

(WebCore::FormDataEvent::formData const):

  • html/DOMFormData.cpp:

(WebCore::DOMFormData::create):
(WebCore::DOMFormData::clone const):
(WebCore::DOMFormData::clone): Deleted.

  • html/DOMFormData.h:
5:34 PM Changeset in webkit [280331] by Eric Hutchison
  • 2 edits in trunk/LayoutTests

imported/w3c/web-platform-tests/css/css-scoping/css-scoping-shadow-dynamic-remove-style-detached.html is a flaky failure.
https://bugs.webkit.org/show_bug.cgi?id=228311.

Unreviewed test gardening.

  • platform/mac/TestExpectations:
5:25 PM Changeset in webkit [280330] by Jean-Yves Avenard
  • 4 edits
    2 adds in trunk

Video pauses after scrubbing with Touch Bar
https://bugs.webkit.org/show_bug.cgi?id=228277
rdar://80606886

Reviewed by Jer Noble.

Source/WebCore:

In https://trac.webkit.org/r206487 ; in order to ensure that the playback state
was properly reflected following a seek using the touch bar, the element was paused.
It's unclear if that workaround is still required, but for now we will record if the
element was playing before the seek and if so, resume playback once the seek completes.
Now that the touch bar and Now Playing are hooked to the Media Session action handlers
the behaviour change will occur for all those components.

Test: media/media-session/play-after-seek.html

  • html/HTMLMediaElement.cpp:

(WebCore::HTMLMediaElement::HTMLMediaElement): Initialize new member in constructor.
(WebCore::HTMLMediaElement::clearSeeking):
(WebCore::HTMLMediaElement::finishSeek): Call play() once seek completes if the element
was playing before.
(WebCore::HTMLMediaElement::pause): Ensure that if pause() is called before the seek
completes, the element stays paused.
(WebCore::HTMLMediaElement::handleSeekToPlaybackPosition): Record playing state before
pausing the element.

  • html/HTMLMediaElement.h: Add new boolean member.

LayoutTests:

  • media/media-session/play-after-seek-expected.txt: Added.
  • media/media-session/play-after-seek.html: Added.
5:15 PM Changeset in webkit [280329] by Eric Hutchison
  • 2 edits in trunk/LayoutTests

Update test expectations for inspector/canvas/recording-bitmaprenderer-memoryLimit.html.
https://bugs.webkit.org/show_bug.cgi?id=227881.

Unreviewed test gardening.

  • platform/mac-wk2/TestExpectations:
5:06 PM Changeset in webkit [280328] by jer.noble@apple.com
  • 2 edits in trunk/Source/WebKit

REGRESSION: [iOS] ASSERTION FAILED: !m_messageReceiverMapCount under WebKit::RemoteAudioHardwareListener::~RemoteAudioHardwareListener()
https://bugs.webkit.org/show_bug.cgi?id=228038
<rdar://problem/80705471>

Reviewed by Chris Dumez.

Remove RemoteAudioHardwareListener from the GPUProcessConnection messageMap when the connection closes.

  • WebProcess/GPU/media/RemoteAudioHardwareListener.cpp:

(WebKit::RemoteAudioHardwareListener::gpuProcessConnectionDidClose):

5:06 PM Changeset in webkit [280327] by jer.noble@apple.com
  • 6 edits in trunk/Source

[Cocoa] WebKit is making GroupActivities API calls for all WebKit clients
https://bugs.webkit.org/show_bug.cgi?id=228299
<rdar://80802982>

Reviewed by Eric Carlson.

Source/WebKit:

Tie registering for GroupActivities notifications to the MediaSessionCoordinatorEnabled
WebPreference, and make the default value for that preference depend on having the
"com.apple.developer.group-session.urlactivity" entitlement. All WebKit clients with
that entitlement will have the preference enabled by default; all other clients will
have that preference disabled by default.

  • Shared/WebPreferencesDefaultValues.cpp:

(WebKit::defaultMediaSessionCoordinatorEnabled):

  • Shared/WebPreferencesDefaultValues.h:
  • UIProcess/WebPageProxy.cpp:

(WebKit::m_limitsNavigationsToAppBoundDomains):
(WebKit::WebPageProxy::~WebPageProxy):
(WebKit::WebPageProxy::didCommitLoadForFrame):

Source/WTF:

  • Scripts/Preferences/WebPreferencesExperimental.yaml:
5:02 PM Changeset in webkit [280326] by jer.noble@apple.com
  • 2 edits in trunk/Source/WebKit

REGRESSION: [iOS] ASSERTION FAILED: !m_useCount in WebKit::SandboxExtension::~SandboxExtension()
https://bugs.webkit.org/show_bug.cgi?id=228171
<rdar://problem/80926509>

Reviewed by Eric Carlson.

SandboxExtension expects to be revoked before it is destroyed, something that is done by
RemoteMediaPlayerProxy::invalidate(). However, invalidate() won't be called if the
RemoteMediaPlayerManagerProxy is destroyed before all its proxies are invalidated.

Ensure every RemoteMediaPlayerProxy contained by the RemoteMediaPlayerManagerProxy is
invalidated in RemoteMediaPlayerManagerProxy's destructor.

  • GPUProcess/media/RemoteMediaPlayerManagerProxy.cpp:

(WebKit::RemoteMediaPlayerManagerProxy::~RemoteMediaPlayerManagerProxy):

  • GPUProcess/media/RemoteMediaPlayerManagerProxy.h:
4:58 PM Changeset in webkit [280325] by commit-queue@webkit.org
  • 4 edits in trunk

WKUserContentController.removeAllScriptMessageHandlers() doesn't release the message handlers
https://bugs.webkit.org/show_bug.cgi?id=228271

Patch by Alex Christensen <achristensen@webkit.org> on 2021-07-26
Reviewed by Sihui Liu.

Source/WebKit:

Covered by an API test.

  • UIProcess/UserContent/WebUserContentControllerProxy.cpp:

(WebKit::WebUserContentControllerProxy::removeAllUserMessageHandlers):

Tools:

  • TestWebKitAPI/Tests/WebKitCocoa/UserContentController.mm:

(TEST):

4:55 PM Changeset in webkit [280324] by Ayumi Kojima
  • 2 edits in trunk/LayoutTests

[ iOS Debug ] http/tests/xmlhttprequest/access-control-preflight-credential-sync.html is a flaky crash.
https://bugs.webkit.org/show_bug.cgi?id=228305

Unreviewed test gardening.

  • platform/ios-wk2/TestExpectations:
4:54 PM Changeset in webkit [280323] by rniwa@webkit.org
  • 4 edits in trunk/Source/WebCore

Deploy smart pointers in ApplyBlockElementCommand, IndentOutdentCommand and InsertListCommand
https://bugs.webkit.org/show_bug.cgi?id=228304

Reviewed by Chris Dumez.

Use RefPtr in more places instead of raw pointers.

  • editing/ApplyBlockElementCommand.cpp:

(WebCore::ApplyBlockElementCommand::formatSelection):
(WebCore::isNewLineAtPosition):
(WebCore::ApplyBlockElementCommand::rangeForParagraphSplittingTextNodesIfNeeded):
(WebCore::ApplyBlockElementCommand::endOfNextParagraphSplittingTextNodesIfNeeded):

  • editing/IndentOutdentCommand.cpp:

(WebCore::IndentOutdentCommand::tryIndentingAsListItem):
(WebCore::IndentOutdentCommand::indentIntoBlockquote):
(WebCore::IndentOutdentCommand::outdentParagraph):

  • editing/InsertListCommand.cpp:

(WebCore::InsertListCommand::mergeWithNeighboringLists):
(WebCore::InsertListCommand::unlistifyParagraph):
(WebCore::adjacentEnclosingList):
(WebCore::InsertListCommand::listifyParagraph):

4:51 PM Changeset in webkit [280322] by Alan Coon
  • 1 copy in tags/Safari-611.3.10.1.6

Tag Safari-611.3.10.1.6.

4:37 PM Changeset in webkit [280321] by Eric Hutchison
  • 2 edits in trunk/LayoutTests

[ Catalina+ Debug wk2 ] inspector/model/remote-object/iterator-large.html is a flaky timeout.
https://bugs.webkit.org/show_bug.cgi?id=228210.

Unreviewed test gardening.

  • platform/mac-wk2/TestExpectations:
4:27 PM Changeset in webkit [280320] by Eric Hutchison
  • 2 edits in trunk/LayoutTests

Updated test expectations for fullscreen/full-screen-remove-children.html.
https://bugs.webkit.org/show_bug.cgi?id=227874.

Unreviewed test gardening.

  • platform/mac-wk2/TestExpectations:
3:09 PM Changeset in webkit [280319] by Kate Cheney
  • 5 edits in trunk

ServiceWorkerRegistration.unregister method fails in WKWebView
https://bugs.webkit.org/show_bug.cgi?id=227524
<rdar://problem/80264108>

Reviewed by Youenn Fablet.

Source/WebCore:

We should only check the app-bound domain list when registering a new
worker. Unregistering or updating an existing registration is fine because
we know that every registration has already gone through this check.

  • workers/service/server/SWServer.cpp:

(WebCore::SWServer::addRegistrationFromStore):
(WebCore::SWServer::validateRegistrationDomain):
(WebCore::SWServer::scheduleJob):

  • workers/service/server/SWServer.h:

Tools:

API test coverage. Drive-by fix to remove unnecessary WKWebView
configuration flags from tests that don't need them.

Note this will also fix https://bugs.webkit.org/show_bug.cgi?id=227531
where updating an existing worker fails after registering 3 domains,
but writing a test for that would require registering service workers
on 3 domains that are not localhost or a loopback IP address, which
we currently do not have infrastructure for.

Testing unregister was only possible because the script URL passed in
during the unregister job is null, so it does not get caught in the
localhost/loopback IP address check, unlike the update case.

  • TestWebKitAPI/Tests/WebKitCocoa/InAppBrowserPrivacy.mm:

(TEST):
(-[SWInAppBrowserPrivacyMessageHandler userContentController:didReceiveScriptMessage:]):

3:07 PM Changeset in webkit [280318] by pvollan@apple.com
  • 6 edits in trunk

The layout test fast/images/heic-as-background-image.html is a constant failure
https://bugs.webkit.org/show_bug.cgi?id=228195
<rdar://80334724>

Reviewed by Said Abou-Hallawa.

Source/WebKit:

Call correct system function for required initialization.

No new tests, covered by existing test.

  • WebProcess/cocoa/WebProcessCocoa.mm:

(WebKit::WebProcess::platformInitializeWebProcess):

Source/WTF:

Add HAVE macro for the system function CMPhotoIsTileDecoderAvailable.

  • wtf/PlatformHave.h:

LayoutTests:

Update test expectations.

  • platform/mac/TestExpectations:
2:59 PM Changeset in webkit [280317] by Kate Cheney
  • 2 edits in trunk/Source/WebKit

Attribution context causes some performance regressions
https://bugs.webkit.org/show_bug.cgi?id=228294

Unreviewed followup to address Darin's comment regarding unnecessary
semi-colons.

  • NetworkProcess/cocoa/NetworkDataTaskCocoa.mm:

(processPCMRequest):
(overrideAttributionContext):

2:39 PM Changeset in webkit [280316] by Cameron McCormack
  • 4 edits in trunk/Source/WebCore

Don't allow descriptors to be set to CSS-wide keywords
https://bugs.webkit.org/show_bug.cgi?id=228218
<rdar://80675715>

Reviewed by Simon Fraser.

And store the parent rule type directly on
StyleRuleCSSStyleDeclaration so that we can still check it after
m_parentRule has been cleared.

  • css/PropertySetCSSStyleDeclaration.cpp:

(WebCore::StyleRuleCSSStyleDeclaration::StyleRuleCSSStyleDeclaration):
(WebCore::StyleRuleCSSStyleDeclaration::cssParserContext const):

  • css/PropertySetCSSStyleDeclaration.h:
  • css/parser/CSSParserFastPaths.cpp:

(WebCore::parseKeywordValue):

2:26 PM Changeset in webkit [280315] by Russell Epstein
  • 1 copy in tags/Safari-612.1.25

Tag Safari-612.1.25.

2:26 PM Changeset in webkit [280314] by Russell Epstein
  • 1 delete in tags/Safari-612.1.25

Delete tag.

2:19 PM Changeset in webkit [280313] by Chris Dumez
  • 3 edits in trunk/Source/WebCore

Rename activeWindow to incumbentWindow in the Location class
https://bugs.webkit.org/show_bug.cgi?id=228295

Reviewed by Darin Adler.

Rename activeWindow to incumbentWindow in the Location class, since this is the naming used
both in the HTML specification and Location.idl.

  • page/Location.cpp:

(WebCore::Location::setHref):
(WebCore::Location::setProtocol):
(WebCore::Location::setHost):
(WebCore::Location::setHostname):
(WebCore::Location::setPort):
(WebCore::Location::setPathname):
(WebCore::Location::setSearch):
(WebCore::Location::setHash):
(WebCore::Location::assign):
(WebCore::Location::replace):
(WebCore::Location::reload):
(WebCore::Location::setLocation):

  • page/Location.h:
1:47 PM Changeset in webkit [280312] by commit-queue@webkit.org
  • 3 edits
    2 adds in trunk

Crash in InsertParagraphSeparatorCommand::doApply
https://bugs.webkit.org/show_bug.cgi?id=224977

Patch by Frédéric Wang <fwang@igalia.com> on 2021-07-26
Reviewed by Ryosuke Niwa.

Source/WebCore:

Because <html> elements are handled specially in Position::isCandidate() (a) and
PositionIterator::isCandidate() (b), the function InsertParagraphSeparatorCommand::doApply()
may end up in a edge case where the startBlock is a sibling of the visible position per (a)
but isFirstInBlock,isLastInBlock is true,false per (b). This leads to hitting the debug
assertion ASSERT(startBlock->firstChild()) and dereferencing a nullptr pointer in release.
This patch fixes that by exiting early if the visible position is not a descendant of the
start block.

Test: editing/inserting/insert-paragraph-separator-with-html-elements-crash.html

  • editing/InsertParagraphSeparatorCommand.cpp:

(WebCore::InsertParagraphSeparatorCommand::doApply):

LayoutTests:

Add regression test.

  • editing/inserting/insert-paragraph-separator-with-html-elements-crash-expected.txt: Added.
  • editing/inserting/insert-paragraph-separator-with-html-elements-crash.html: Added.
1:40 PM Changeset in webkit [280311] by Kate Cheney
  • 2 edits in trunk/Source/WebKit

Attribution context causes some performance regressions
https://bugs.webkit.org/show_bug.cgi?id=228294
<rdar://problem/76663528>

Reviewed by Per Arne Vollan.

Attribution context is used by the networking stack for a variety of
purposes, but is not always needed and can negatively affect
performance. For these reasons, we should override it in some cases.

  • NetworkProcess/cocoa/NetworkDataTaskCocoa.mm:

(overrideAttributionContext):
(WebKit::NetworkDataTaskCocoa::NetworkDataTaskCocoa):

1:15 PM Changeset in webkit [280310] by commit-queue@webkit.org
  • 37 edits
    3 adds in trunk

LayoutTests/imported/w3c:
Added FormDataEvent support.
https://bugs.webkit.org/show_bug.cgi?id=227718

Patch by Johnson Zhou <qiaosong_zhou@apple.com> on 2021-07-26
Reviewed by Chris Dumez.

  • web-platform-tests/html/semantics/forms/form-submission-0/FormDataEvent.window-expected.txt:
  • web-platform-tests/html/semantics/forms/form-submission-0/constructing-form-data-set-expected.txt:
  • web-platform-tests/html/semantics/forms/form-submission-0/text-plain.window-expected.txt:
  • web-platform-tests/html/semantics/forms/form-submission-0/urlencoded2.window-expected.txt:
  • web-platform-tests/html/webappapis/scripting/events/event-handler-all-global-events-expected.txt:
  • web-platform-tests/html/webappapis/scripting/events/event-handler-attributes-body-window-expected.txt:
  • web-platform-tests/html/webappapis/scripting/events/event-handler-attributes-windowless-body-expected.txt:
  • web-platform-tests/xhr/formdata-expected.txt:

Source/WebCore:
FormDataEvent added, and dispatched upon creation of DOMFormData or submission of HTMLFormElement.
https://bugs.webkit.org/show_bug.cgi?id=227718

Patch by Johnson Zhou <qiaosong_zhou@apple.com> on 2021-07-26
Reviewed by Chris Dumez.

  • CMakeLists.txt:
  • DerivedSources-input.xcfilelist:
  • DerivedSources-output.xcfilelist:
  • DerivedSources.make:
  • Sources.txt:
  • WebCore.xcodeproj/project.pbxproj:
  • dom/EventNames.h:
  • dom/EventNames.in:
  • dom/FormDataEvent.cpp: Added.

(WebCore::FormDataEvent::create):
(WebCore::FormDataEvent::FormDataEvent):
(WebCore::FormDataEvent::eventInterface const):

  • dom/FormDataEvent.h: Added.

(WebCore::FormDataEvent::formData const):

  • dom/FormDataEvent.idl: Added.
  • dom/GlobalEventHandlers.idl:
  • html/DOMFormData.cpp:

(WebCore::DOMFormData::DOMFormData):
(WebCore::DOMFormData::create):
(WebCore::DOMFormData::clone):

  • html/DOMFormData.h:

(WebCore::DOMFormData::create): Deleted.

  • html/HTMLAttributeNames.in:
  • html/HTMLElement.cpp:

(WebCore::HTMLElement::createEventHandlerNameMap):

  • html/HTMLFormElement.cpp:

(WebCore::HTMLFormElement::submitIfPossible):
(WebCore::HTMLFormElement::submit):
(WebCore::HTMLFormElement::constructEntryList):

  • html/HTMLFormElement.h:
  • loader/FormSubmission.cpp:

(WebCore::FormSubmission::create):

  • loader/FormSubmission.h:
  • platform/network/FormData.cpp:

(WebCore::FormData::appendNonMultiPartKeyValuePairItems):

Source/WebInspectorUI:
FormDataEvent added.
https://bugs.webkit.org/show_bug.cgi?id=227718

Patch by Qiaosong Zhou <qiaosong_zhou@apple.com> on 2021-07-26
Reviewed by Chris Dumez.

  • UserInterface/Models/ScriptTimelineRecord.js:

(WI.ScriptTimelineRecord.EventType.displayName):

LayoutTests:
Added support for FormDataEvent. Rebaselined.
https://bugs.webkit.org/show_bug.cgi?id=227718

Patch by Johnson Zhou <qiaosong_zhou@apple.com> on 2021-07-26
Reviewed by Chris Dumez.

  • platform/ios-wk2/imported/w3c/web-platform-tests/html/dom/idlharness.https-expected.txt:
  • platform/ios-wk2/imported/w3c/web-platform-tests/mathml/relations/html5-tree/math-global-event-handlers.tentative-expected.txt:
  • platform/mac-wk1/imported/w3c/web-platform-tests/html/dom/idlharness.https-expected.txt:
  • platform/mac-wk1/imported/w3c/web-platform-tests/mathml/relations/html5-tree/math-global-event-handlers.tentative-expected.txt:
  • platform/mac-wk2/imported/w3c/web-platform-tests/html/dom/idlharness.https-expected.txt:
  • platform/mac-wk2/imported/w3c/web-platform-tests/mathml/relations/html5-tree/math-global-event-handlers.tentative-expected.txt:
12:39 PM Changeset in webkit [280309] by ysuzuki@apple.com
  • 2 edits in trunk/Source/JavaScriptCore

Add Temporal to features.json
https://bugs.webkit.org/show_bug.cgi?id=228292

Reviewed by Myles C. Maxfield.

  • features.json:
12:36 PM Changeset in webkit [280308] by jer.noble@apple.com
  • 16 edits
    2 adds in trunk

[Cocoa] Playback stalls on bilibili.com
https://bugs.webkit.org/show_bug.cgi?id=228239
<rdar://80419477>

Reviewed by Eric Carlson.

Source/WebCore:

Test: media/media-source/media-source-effectiveplaybackrate.html

bilibili.com will attempt to detect playback stalls by detecting when video.currentTime
returns the same value while video.paused is false. When the GPU process is enabled, we use
a heuristic to provide the answer to currentTime to avoid making synchronous calls to the
GPU process. This heuristic uses the reported playback rate of the MediaPlayerPrivate to
derive the currentTime. However, MediaPlayerPrivateAVFoundationObjC does not override the
default implementation of rate(), and so always returns a reported rate of zero.

To make the call less ambiguous, add a MediaPlayer and MediaPlayerPrivate effectiveRate()
method, which by default will just return rate(), as some ports only report the
requested rate and not the effective rate. Then add overrides for both rate() and
effectiveRate() on both MediaPlayerPrivateAVFoundationObjC and
MediaPlayerPrivateMediaSourceAVFObjC.

  • html/HTMLMediaElement.cpp:

(WebCore::HTMLMediaElement::updatePlaybackRate):
(WebCore::HTMLMediaElement::mediaPlayerRateChanged):

  • platform/graphics/MediaPlayer.cpp:

(WebCore::MediaPlayer::effectiveRate const):

  • platform/graphics/MediaPlayer.h:
  • platform/graphics/MediaPlayerPrivate.h:

(WebCore::MediaPlayerPrivateInterface::effectiveRate const):

  • platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.h:
  • platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:

(WebCore::MediaPlayerPrivateAVFoundationObjC::rate const):
(WebCore::MediaPlayerPrivateAVFoundationObjC::effectiveRate const):

  • platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
  • platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:

(WebCore::MediaPlayerPrivateMediaSourceAVFObjC::rate const):
(WebCore::MediaPlayerPrivateMediaSourceAVFObjC::effectiveRate const):

  • testing/Internals.cpp:

(WebCore::Internals::isMediaElementHidden):
(WebCore::Internals::elementEffectivePlaybackRate):

  • testing/Internals.h:
  • testing/Internals.idl:

Source/WebKit:

Replace rate() -> effectiveRate().

  • GPUProcess/media/RemoteMediaPlayerProxy.cpp:

(WebKit::RemoteMediaPlayerProxy::mediaPlayerRateChanged):

LayoutTests:

  • media/media-source/media-source-effectiveplaybackrate-expected.txt: Added.
  • media/media-source/media-source-effectiveplaybackrate.html: Added.
12:22 PM Changeset in webkit [280307] by commit-queue@webkit.org
  • 2 edits in trunk/Source/WebCore

[WebXR] WebXRSession::m_visibilityState is uninitialized
https://bugs.webkit.org/show_bug.cgi?id=228286

Patch by Ada Chan <ada.chan@apple.com> on 2021-07-26
Reviewed by Tim Horton.

WebXRSession::m_visibilityState should be initialized to XRVisibilityState::Visible.

  • Modules/webxr/WebXRSession.h:
12:18 PM Changeset in webkit [280306] by Aditya Keerthi
  • 7 edits
    2 adds in trunk

[iOS] Page background color does not update after UIUserInterfaceLevel change
https://bugs.webkit.org/show_bug.cgi?id=228282
rdar://80490391

Reviewed by Wenson Hsieh.

Source/WebCore:

The default background color of the root element is a semantic color
that adapts to changes in user interface style (light/dark mode) and
user interface level (base/elevated).

Currently, the default background color is correctly recalculated
after a change to the user interface style. However, the existing
logic does not update the color unless there is a change to the user
interface style. This behavior is incorrect, since a change to the
user interface level, without a change to the user interface style,
is ignored.

A common scenario in which a user interface level change is not
accompanied by a user interface style change, is when a WKWebView is
created and then presented as a page sheet, form sheet, or popover.
In this scenario, the default background color is currently incorrect.

To fix, ensure that the background color is recalculated if any of the
traits that affect semantic colors is changed.

Test: fast/css/ios/update-user-interface-level.html

  • page/FrameView.cpp:

(WebCore::FrameView::recalculateBaseBackgroundColor):

Recalculate the background color if any of the traits that affect
semantic colors is changed, not just a change in user interface
style (light/dark mode).

  • page/FrameView.h:
  • testing/InternalSettings.cpp:

Added a testing hook to change the current user interface level.

(WebCore::InternalSettings::resetToConsistentState):
(WebCore::InternalSettings::setUseDarkAppearance):
(WebCore::InternalSettings::setUseElevatedUserInterfaceLevel):

  • testing/InternalSettings.h:
  • testing/InternalSettings.idl:

LayoutTests:

Added a test to verify that a change in user interface level correctly
updates the page's background color.

  • fast/css/ios/update-user-interface-level-expected.txt: Added.
  • fast/css/ios/update-user-interface-level.html: Added.
12:01 PM Changeset in webkit [280305] by Ayumi Kojima
  • 2 edits in trunk/LayoutTests

[ iOS Debug] 3 editing/pasteboard/smart-paste-paragraph tests are flaky failing.
https://bugs.webkit.org/show_bug.cgi?id=228285

Unreviewed test gardening.

  • platform/ipad/TestExpectations:
11:54 AM Changeset in webkit [280304] by Russell Epstein
  • 1 copy in tags/Safari-612.1.24.11.5

Tag Safari-612.1.24.11.5.

11:52 AM Changeset in webkit [280303] by Russell Epstein
  • 8 edits in branches/safari-612.1.24.11-branch/Source

Versioning.

WebKit-7612.1.24.11.5

11:45 AM Changeset in webkit [280302] by Eric Hutchison
  • 3 edits in trunk/LayoutTests

REGRESSION (r279427): [ Mac wk1 and iOS ] imported/w3c/web-platform-tests/html/interaction/focus/the-autofocus-attribute/document-with-fragment-valid.html is a flaky failure.
https://bugs.webkit.org/show_bug.cgi?id=227762.

Unreviewed test gardening.

  • platform/ios-wk2/TestExpectations:
  • platform/mac-wk1/TestExpectations:
11:43 AM Changeset in webkit [280301] by Russell Epstein
  • 8 edits in branches/safari-611.3.10.1-branch/Source

Versioning.

WebKit-7611.3.10.1.6

11:42 AM Changeset in webkit [280300] by Chris Dumez
  • 3 edits
    2 adds in trunk

XML documents end up with a unique origin in WebKit only
https://bugs.webkit.org/show_bug.cgi?id=228254

Reviewed by Darin Adler.

Source/WebCore:

XML documents end up with a unique origin in WebKit only. They have a regular origin in Blink and Firefox.
This patch is aligning our behavior with other browsers.

Test: http/tests/misc/xml-document-origin.html

  • xml/XMLTreeViewer.cpp:

(WebCore::XMLTreeViewer::transformDocumentToTreeView):

LayoutTests:

Add layout test coverage.

  • http/tests/misc/xml-document-origin-expected.txt: Added.
  • http/tests/misc/xml-document-origin.html: Added.
10:53 AM Changeset in webkit [280299] by Chris Dumez
  • 2 edits in trunk/Source/WebKit

Make sure the ProcessAssertion gets destroyed on the main thread
https://bugs.webkit.org/show_bug.cgi?id=228281
<rdar://81048308>

Reviewed by Geoffrey Garen.

Follow-up to r279877 to make sure that the ProcessAssertion gets destroyed on the main thread in
ProcessAssertion::acquireAsync(), even if the completionHandler is null.

  • UIProcess/ios/ProcessAssertionIOS.mm:

(WebKit::ProcessAssertion::acquireAsync):

10:51 AM Changeset in webkit [280298] by jer.noble@apple.com
  • 12 edits
    2 adds in trunk

[iOS] All home screen web apps resume when any home screen web app is foregrounded
https://bugs.webkit.org/show_bug.cgi?id=228246
<rdar://72949281>

Reviewed by Eric Carlson.

Source/WebCore:

Test: media/video-page-visibility-restriction.html

On iOS, home screen web apps all run from the same UIProcess, SafariViewService. So when
one Web App is foregrounded, the SafariViewService itself is foregrounded, and all WKWebViews
(one for each Web App) are foregrounded as well, allowing all Web Apps to resume audio
playback. This is not ideal; ideally, all Web Apps will be allowed to continue to play
audio in the background. But until we can fix that bug, the current behavior of pausing
audio from Web App A when A is backgrounded, and resuming audio from A when Web App B is
foregrounded feels super broken.

Add a new WKPreference/WebPreference/Setting and matching MediaElementSession restriction
that will block playback of audible media elements when the media element's page is not
visible. When adopted by SafariViewService, this would keep multiple Web Apps (and indeed
SafariViewController pages) from starting playback when any other is foregrounded.

  • html/HTMLMediaElement.cpp:

(WebCore::HTMLMediaElement::initializeMediaSession):
(WebCore::HTMLMediaElement::visibilityStateChanged):

  • html/MediaElementSession.cpp:

(WebCore::MediaElementSession::visibilityChanged):
(WebCore::MediaElementSession::playbackStateChangePermitted const):

  • html/MediaElementSession.h:
  • platform/audio/PlatformMediaSession.h:
  • testing/Internals.cpp:

(WebCore::Internals::setMediaElementRestrictions):

Source/WebKit:

Add a private WKPreference for setting the new WebPreference.

  • UIProcess/API/Cocoa/WKPreferences.mm:

(-[WKPreferences _requiresPageVisibilityToPlayAudio]):
(-[WKPreferences _setRequiresPageVisibilityToPlayAudio:]):

  • UIProcess/API/Cocoa/WKPreferencesPrivate.h:

Source/WTF:

  • Scripts/Preferences/WebPreferences.yaml:

LayoutTests:

  • media/video-page-visibility-restriction-expected.txt: Added.
  • media/video-page-visibility-restriction.html: Added.
10:24 AM Changeset in webkit [280297] by Kocsen Chung
  • 1 copy in tags/Safari-612.1.24.11.4

Tag Safari-612.1.24.11.4.

10:15 AM Changeset in webkit [280296] by Russell Epstein
  • 8 edits
    2 adds in branches/safari-612.1.25-branch

Cherry-pick r280271. rdar://problem/81117003

REGRESSION (r279751): WebContent process often crashes when hovering over content on apple.com
https://bugs.webkit.org/show_bug.cgi?id=228247
rdar://81010093

Reviewed by Tim Horton.

Source/WebCore:

Add an internal testing hook that can be used to trigger text recognition for the given element. While we should
eventually combine this with another testing hook to simulate VisionKit text recognition results, the new test
using this internal hook shouldn't make its way into VisionKit anyways, so this isn't necessary for now.

See WebKit ChangeLog for more details.

Test: fast/images/text-recognition/text-recognition-in-transparent-video.html

  • testing/Internals.cpp: (WebCore::Internals::requestTextRecognition):
  • testing/Internals.h:
  • testing/Internals.idl:

Source/WebKit:

After r279751, the snapshot fallback codepath I added in createShareableBitmap to handle the edge case of
fully transparent images causes us to now take snapshots when hovering over fully transparent video elements,
and attempt to recognize text in them. This is because RenderVideo is a RenderImage subclass without a cached
image, so we'll end up going down the transparent renderer codepath instead of bailing with a null bitmap.

However, since CachedImages are null for video elements, before we even get to VisionKit, we end up crashing
with a nullptr-deref inside WebPage::requestTextRecognition, which assumes that RenderImage::cachedImage()
is non-null.

To address this, we make two minor adjustments (see below).

  • WebProcess/WebCoreSupport/ShareableBitmapUtilities.cpp: (WebKit::createShareableBitmap):

Limit the snapshotting fallback to non-media images (i.e. non-RenderMedia).

  • WebProcess/WebPage/WebPage.cpp: (WebKit::WebPage::requestTextRecognition):

Make this robust in the case where CachedImage is null, to avoid the possibility for similar crashes in the
future.

LayoutTests:

  • fast/images/text-recognition/text-recognition-in-transparent-video-expected.txt: Added.
  • fast/images/text-recognition/text-recognition-in-transparent-video.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@280271 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:15 AM Changeset in webkit [280295] by Kocsen Chung
  • 8 edits in branches/safari-612.1.24.11-branch/Source

Versioning.

WebKit-7612.1.24.11.4

5:10 AM Changeset in webkit [280294] by Adrian Perez de Castro
  • 1 copy in releases/WPE WebKit/webkit-2.32.3

WPE WebKit 2.32.3

5:10 AM Changeset in webkit [280293] by Adrian Perez de Castro
  • 4 edits in releases/WebKitGTK/webkit-2.32

Unreviewed. Update OptionsWPE.cmake and NEWS for the 2.32.3 release

.:

  • Source/cmake/OptionsWPE.cmake: Bump version numbers.

Source/WebKit:

  • wpe/NEWS: Add release notes for 2.32.3
2:50 AM Changeset in webkit [280292] by commit-queue@webkit.org
  • 3 edits in trunk/Source/WebCore

[Pipewire] Muting the display capture closes the Portal session
https://bugs.webkit.org/show_bug.cgi?id=228265

Patch by Philippe Normand <pnormand@igalia.com> on 2021-07-26
Reviewed by Xabier Rodriguez-Calvar.

The session should not be closed in that case, because setting the capture state to active
again would have no effect. This patch also removes useless CRLFs from WTFLogAlways() calls
and increases the session Close call timeout to 100ms, 10ms was too low, at least for my
setup.

  • platform/mediastream/gstreamer/GStreamerDisplayCaptureDeviceManager.cpp:

(WebCore::GStreamerDisplayCaptureDeviceManager::createDisplayCaptureSource):
(WebCore::GStreamerDisplayCaptureDeviceManager::stopSource):

  • platform/mediastream/gstreamer/GStreamerVideoCaptureSource.cpp:

(WebCore::GStreamerVideoCaptureSource::~GStreamerVideoCaptureSource):
(WebCore::GStreamerVideoCaptureSource::stopProducingData):

12:48 AM Changeset in webkit [280291] by commit-queue@webkit.org
  • 4 edits in trunk/Source/WebKit

[GTK] MiniBrowser crashes when closed while capturing desktop
https://bugs.webkit.org/show_bug.cgi?id=228232

Patch by Philippe Normand <pnormand@igalia.com> on 2021-07-26
Reviewed by Adrian Perez de Castro.

Disconnect the WebView from the WebPageProxy just before the final GObject dispose call, in
order to avoid UIClient notifications on the being-disposed WebView.

  • UIProcess/API/glib/WebKitUIClient.cpp:

(detachUIClientFromView):

  • UIProcess/API/glib/WebKitUIClient.h:
  • UIProcess/API/glib/WebKitWebView.cpp:

(webkitWebViewDispose):

12:42 AM Changeset in webkit [280290] by Ziran Sun
  • 4 edits in trunk

[css-grid] svg image as grid items should use the overriding logical width/height when defined to compute the logical height/width
https://bugs.webkit.org/show_bug.cgi?id=228105

Source/WebCore:

As discussed at https://github.com/w3c/csswg-drafts/issues/6286#issuecomment-866986544, degenerate
aspect ratios derived from SVG width/height attributes fall back to viewbox aspect ratio
(whether due to negative values or zero values).

When computing the logical height/width using an intrinsic aspect ratio, RenderReplaced uses the
overridingLogicalWidth/overridingLogicalHeight whenever defined as long as the flex or
grid item has an intrinsic size. For an SVG graphic though, it's common to have an intrinsic aspect
ratio but not to have an intrinsic width or height. For this special case, we still should use
overridingLogicalWidth/overridingLogicalHeight for logical height/width calculations.

Reviewed by Javier Fernandez.

  • rendering/RenderReplaced.cpp:

(WebCore::RenderReplaced::computeReplacedLogicalWidth const):
(WebCore::RenderReplaced::computeReplacedLogicalHeight const):

LayoutTests:

Reviewed by Javier Fernandez.

Update TestExpectations as 4 failed grid WPT tests are now passing.

Jul 25, 2021:

3:32 PM Changeset in webkit [280289] by Alexey Shvayka
  • 36 edits
    2 adds in trunk

Partly implement Function.prototype.{caller,arguments} reflection proposal
https://bugs.webkit.org/show_bug.cgi?id=158116

Reviewed by Yusuke Suzuki.

JSTests:

  • ChakraCore/test/strict/19.function.baseline:
  • ChakraCore/test/strict/22.callerCalleeArguments.baseline-jsc:
  • microbenchmarks/function-prototype-get.js: Added.
  • microbenchmarks/reflect-own-keys-function.js: Added.
  • stress/for-in-shadow-non-enumerable.js:
  • stress/function-hidden-as-caller.js:
  • stress/has-own-property-arguments.js:
  • stress/object-assign-fast-path.js:
  • stress/put-to-proto-chain-overrides-put.js:
  • stress/reflect-set.js:
  • test262/config.yaml: Skip 3 test cases that are now incorrect.
  • test262/expectations.yaml: Mark 2 test cases as passing.

Source/JavaScriptCore:

To ensure web-compatibility, only the safe subset of Function.prototype.{caller,arguments}
reflection proposal [1] is implemented, which is currently shipped in SpiderMonkey.

Complete list of differences from the proposed spec:

  1. Cross-realm receiver function is allowed instead of throwing a TypeError.

Throwing is likely safe to ship, but #225997 needs to be fixed first for
custom properties to receive correct global object.

  1. Cross-realm caller function is returned instead of null.

Hiding cross-realm caller may break things: we currently have a test for
the opposite behavior.

  1. Defines "caller" and "arguments" setters that throw for disallowed receivers, instead failing silently in sloppy mode.

This is actually more restrictive than the spec, which is preferable,
and aligns with V8 and SM.

Most importantly, this patch removes own "caller" and "arguments" properties from
sloppy mode ES5 functions. They were non-configurable, making it harder to use
their holder as a ProxyTarget?. They were also non-writable, with a constantly
changing Value?, which violated the invariants of internal methods [2].

As a result, JSFunction methods are greatly simplified, especially defineOwnProperty()
and getOwnSpecialPropertyNames(). The latter is now 2.1x faster according to the
provided microbenchmark. Also, removes double "prototype" lookup from Get?,
which is a 10% progression.

[1]: https://github.com/claudepache/es-legacy-function-reflection
[2]: https://tc39.es/ecma262/#sec-invariants-of-the-essential-internal-methods

  • runtime/ClonedArguments.cpp:

(JSC::ClonedArguments::getOwnPropertySlot):
(JSC::ClonedArguments::materializeSpecials):

  • runtime/FunctionExecutable.h:
  • runtime/FunctionPrototype.cpp:

(JSC::FunctionPrototype::addFunctionProperties):
(JSC::isAllowedReceiverFunctionForCallerAndArguments):
(JSC::RetrieveArgumentsFunctor::RetrieveArgumentsFunctor):
(JSC::RetrieveArgumentsFunctor::result const):
(JSC::RetrieveArgumentsFunctor::operator() const):
(JSC::retrieveArguments):
(JSC::JSC_DEFINE_CUSTOM_GETTER):
(JSC::RetrieveCallerFunctionFunctor::RetrieveCallerFunctionFunctor):
(JSC::RetrieveCallerFunctionFunctor::result const):
(JSC::RetrieveCallerFunctionFunctor::operator() const):
(JSC::retrieveCallerFunction):
(JSC::JSC_DEFINE_CUSTOM_SETTER):
(JSC::FunctionPrototype::initRestrictedProperties): Deleted.

  • runtime/FunctionPrototype.h:
  • runtime/JSFunction.cpp:

(JSC::JSFunction::getOwnPropertySlot):
(JSC::JSFunction::getOwnSpecialPropertyNames):
(JSC::JSFunction::put):
(JSC::JSFunction::deleteProperty):
(JSC::JSFunction::defineOwnProperty):
(JSC::RetrieveArgumentsFunctor::RetrieveArgumentsFunctor): Deleted.
(JSC::RetrieveArgumentsFunctor::result const): Deleted.
(JSC::RetrieveArgumentsFunctor::operator() const): Deleted.
(JSC::retrieveArguments): Deleted.
(JSC::JSC_DEFINE_CUSTOM_GETTER): Deleted.
(JSC::RetrieveCallerFunctionFunctor::RetrieveCallerFunctionFunctor): Deleted.
(JSC::RetrieveCallerFunctionFunctor::result const): Deleted.
(JSC::RetrieveCallerFunctionFunctor::operator() const): Deleted.
(JSC::retrieveCallerFunction): Deleted.

  • runtime/JSGlobalObject.cpp:

(JSC::JSGlobalObject::init):
(JSC::JSGlobalObject::visitChildrenImpl):

  • runtime/JSGlobalObject.h:

Remove unused m_throwTypeErrorGetterSetter and make ThrowTypeError? lazily-created.

  • runtime/JSGlobalObjectFunctions.cpp:

(JSC::JSC_DEFINE_HOST_FUNCTION):

  • runtime/JSGlobalObjectFunctions.h:
  • runtime/JSObject.cpp:

(JSC::JSObject::putDirectCustomGetterSetterWithoutTransition):

  • runtime/JSObject.h:

LayoutTests:

  • inspector/model/remote-object-get-properties-expected.txt:
  • inspector/runtime/getDisplayableProperties-expected.txt:
  • inspector/runtime/getProperties-expected.txt:
  • js/Object-getOwnPropertyNames-expected.txt:
  • js/basic-strict-mode-expected.txt:
  • js/kde/function_arguments-expected.txt:
  • js/kde/script-tests/function_arguments.js:
  • js/non-strict-function-properties-expected.txt:
  • js/script-tests/Object-getOwnPropertyNames.js:
  • js/script-tests/basic-strict-mode.js:
  • js/script-tests/non-strict-function-properties.js:
  • js/script-tests/throw-type-error-is-unique.js:
12:40 PM Changeset in webkit [280288] by Wenson Hsieh
  • 20 edits
    2 adds in trunk

[iOS] Unified field is unselected after focusing URL bar if text was selected in a fixed position container
https://bugs.webkit.org/show_bug.cgi?id=228269
rdar://80556392

Reviewed by Tim Horton.

Source/WebKit:

In Safari on iOS 15, if the selection (either ranged or caret) is inside a fixed position container when the
user taps on the unified field, we'll immediately clear the text selection inside the unified field upon
bringing up the keyboard. This happens because the tab pill in iOS 15 is lowered as the URL bar is focused,
which causes the web view to scroll slightly. This, in turn, induces a brief unstable scrolling tree state,
which then causes us to temporarily hide and show selection views while scrolling in unstable state (see
r209931) by calling -deactivateSelection and then -activateSelection on the text interaction assistant.
Calling -[UIWKTextInteractionAssistant activateSelection] then causes UIKit to dispatch a
UITextSelectionViewActivatedNotification; In the unified field, which is a UITextField subclass, UIKit code then
listens for this notification and responds to it by clearing the selection if the newly activated selection's
host view (WKContentView) is different than itself, thereby causing the bug.

To fix this, we simply make two (minor) adjustments to the logic for temporarily hiding and showing the
selection while performing an unstable scroll. See below for more details.

Test: editing/selection/ios/scrolling-with-fixed-selection-does-not-unselect-native-text-field.html

  • UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView shouldHideSelectionWhenScrolling]):

Only hide and (later) restore the selection in non-editable text if the selection is ranged. This is because
caret selections in non-editable content are not user-visible anyways, so there's no need to temporarily
suppress the selection.

(-[WKContentView _updateChangedSelection:]):

Only attempt to show the selection views again if doing so doesn't cause us to steal first responder status away
from the existing first responder; otherwise, we'll wait until we -becomeFirstResponder to -activateSelection.

(-[WKContentView selectionInteractionAssistant]): Deleted.

Tools:

We already have some very basic support for installing and removing native text fields in the view hierarchy,
through TestRunner::(add|remove)ChromeInputField(). In order to support the new layout test, we additionally
implement the ability to:

  • Set text inside the native chrome input field that was installed using addChromeInputField().
  • Select all text inside the chrome input field.
  • Query the chrome input field for the currently selected text.

We only support iOS for the time being, with stubs on other platforms, since the new test that uses this
functionality is iOS-specific; if needed in the future for a similar test on other platforms, we can implement
the stubbed testing hooks on TestRunner and PlatformWebView as well.

  • DumpRenderTree/TestRunner.h:
  • DumpRenderTree/mac/TestRunnerMac.mm:

(TestRunner::setTextInChromeInputField):
(TestRunner::selectChromeInputField):
(TestRunner::getSelectedTextInChromeInputField):

  • DumpRenderTree/win/TestRunnerWin.cpp:

(TestRunner::setTextInChromeInputField):
(TestRunner::selectChromeInputField):
(TestRunner::getSelectedTextInChromeInputField):

  • WebKitTestRunner/InjectedBundle/Bindings/TestRunner.idl:
  • WebKitTestRunner/InjectedBundle/InjectedBundle.cpp:

(WTR::InjectedBundle::didReceiveMessageToPage):
(WTR::InjectedBundle::postSetTextInChromeInputField):
(WTR::InjectedBundle::postSelectChromeInputField):
(WTR::InjectedBundle::postGetSelectedTextInChromeInputField):

  • WebKitTestRunner/InjectedBundle/InjectedBundle.h:
  • WebKitTestRunner/InjectedBundle/TestRunner.cpp:

(WTR::TestRunner::setTextInChromeInputField):
(WTR::TestRunner::selectChromeInputField):
(WTR::TestRunner::getSelectedTextInChromeInputField):
(WTR::TestRunner::callSetTextInChromeInputFieldCallback):
(WTR::TestRunner::callSelectChromeInputFieldCallback):
(WTR::TestRunner::callGetSelectedTextInChromeInputFieldCallback):

  • WebKitTestRunner/InjectedBundle/TestRunner.h:
  • WebKitTestRunner/PlatformWebView.h:
  • WebKitTestRunner/TestInvocation.cpp:

(WTR::TestInvocation::didReceiveMessageFromInjectedBundle):

  • WebKitTestRunner/gtk/PlatformWebViewGtk.cpp:

(WTR::PlatformWebView::setTextInChromeInputField):
(WTR::PlatformWebView::selectChromeInputField):
(WTR::PlatformWebView::getSelectedTextInChromeInputField):

  • WebKitTestRunner/ios/PlatformWebViewIOS.mm:

(WTR::chromeInputField):

Additionally do some light refactoring by pulling out logic for grabbing the chrome input field (i.e. a view
with a tag of 1 under the window) out into a separate helper method. Use this helper in a few places below.

(WTR::PlatformWebView::addChromeInputField):
(WTR::PlatformWebView::setTextInChromeInputField):
(WTR::PlatformWebView::selectChromeInputField):
(WTR::PlatformWebView::getSelectedTextInChromeInputField):
(WTR::PlatformWebView::removeChromeInputField):

  • WebKitTestRunner/mac/PlatformWebViewMac.mm:

(WTR::PlatformWebView::setTextInChromeInputField):
(WTR::PlatformWebView::selectChromeInputField):
(WTR::PlatformWebView::getSelectedTextInChromeInputField):

  • WebKitTestRunner/win/PlatformWebViewWin.cpp:

(WTR::PlatformWebView::setTextInChromeInputField):
(WTR::PlatformWebView::selectChromeInputField):
(WTR::PlatformWebView::getSelectedTextInChromeInputField):

  • WebKitTestRunner/wpe/PlatformWebViewWPE.cpp:

(WTR::PlatformWebView::setTextInChromeInputField):
(WTR::PlatformWebView::selectChromeInputField):
(WTR::PlatformWebView::getSelectedTextInChromeInputField):

LayoutTests:

Add a new layout test that installs, focuses, and selects text inside a native UITextField (simulating Safari's
URL field) while the DOM selection is inside a fixed position container, and then scrolls the web view a bit to
temporarily induce an unstable scrolling tree state. After this, we verify that the text selection inside the
native text field has not been cleared.

See Tools/ changes for more details.

  • editing/selection/ios/scrolling-with-fixed-selection-does-not-unselect-native-text-field-expected.txt: Added.
  • editing/selection/ios/scrolling-with-fixed-selection-does-not-unselect-native-text-field.html: Added.
  • resources/ui-helper.js:

(window.UIHelper.addChromeInputField):
(window.UIHelper.removeChromeInputField):
(window.UIHelper.setTextInChromeInputField):
(window.UIHelper.selectChromeInputField):
(window.UIHelper.getSelectedTextInChromeInputField):
(window.UIHelper):

11:55 AM WebKitGTK/2.32.x edited by Adrian Perez de Castro
(diff)
11:29 AM Changeset in webkit [280287] by commit-queue@webkit.org
  • 2 edits in trunk

[GTK] USE_OPENGL_OR_ES should not be an automagic feature
https://bugs.webkit.org/show_bug.cgi?id=228266

Patch by Michael Catanzaro <Michael Catanzaro> on 2021-07-25
Reviewed by Fujii Hironori.

The USE_OPENGL_OR_ES feature flag added in r271220 is currently automagic: that is, if
neither OpenGL nor OpenGL ES is available at build time, it gets silently disabled. This is
not OK because it makes it easy for distributors to accidentally fail to enable OpenGL
support. We should require manually disabling the feature with -DUSE_OPENGL_OR_ES=OFF in
order to build with OpenGL disabled.

  • Source/cmake/OptionsGTK.cmake:
6:00 AM Changeset in webkit [280286] by cathiechen
  • 1 edit
    1 add in trunk/PerformanceTests

[Performance test][css-contain] Add test to contain: size layout
https://bugs.webkit.org/show_bug.cgi?id=227948

Reviewed by Ryosuke Niwa.

This test emulates the scenario that a small part of the page is changed. If it's applied contain: size layout,
the performance should be improved. This test is a transform of the test [1] in blink.

[1] third_party/blink/perf_tests/layout/css-contain-change-text.html

  • Layout/css-contain-change-size.html: Added.

Jul 24, 2021:

1:11 PM Changeset in webkit [280285] by ysuzuki@apple.com
  • 12 edits in trunk/Source/JavaScriptCore

[JSC] Change most of enum in Yarr to enum-class
https://bugs.webkit.org/show_bug.cgi?id=228264

Reviewed by Mark Lam.

This patch simply changes most of enum to enum-class in Yarr.
We also remove YarrJIT YarrGenerator's template parameter since
it is not worth doubling code. We can just hold Yarr::JITCompileMode as m_compileMode.

  • runtime/RegExp.cpp:

(JSC::RegExp::compile):
(JSC::RegExp::matchConcurrently):
(JSC::RegExp::compileMatchOnly):

  • runtime/RegExp.h:
  • runtime/RegExpInlines.h:

(JSC::RegExp::hasCodeFor):
(JSC::RegExp::compileIfNecessary):
(JSC::RegExp::matchInline):
(JSC::RegExp::hasMatchOnlyCodeFor):
(JSC::RegExp::compileIfNecessaryMatchOnly):

  • yarr/Yarr.h:

(): Deleted.

  • yarr/YarrInterpreter.cpp:

(JSC::Yarr::Interpreter::backtrackPatternCharacter):
(JSC::Yarr::Interpreter::backtrackPatternCasedCharacter):
(JSC::Yarr::Interpreter::matchCharacterClass):
(JSC::Yarr::Interpreter::backtrackCharacterClass):
(JSC::Yarr::Interpreter::matchBackReference):
(JSC::Yarr::Interpreter::backtrackBackReference):
(JSC::Yarr::Interpreter::parenthesesDoBacktrack):
(JSC::Yarr::Interpreter::matchParenthesesOnceBegin):
(JSC::Yarr::Interpreter::matchParenthesesOnceEnd):
(JSC::Yarr::Interpreter::backtrackParenthesesOnceBegin):
(JSC::Yarr::Interpreter::backtrackParenthesesOnceEnd):
(JSC::Yarr::Interpreter::matchParenthesesTerminalBegin):
(JSC::Yarr::Interpreter::matchParenthesesTerminalEnd):
(JSC::Yarr::Interpreter::backtrackParenthesesTerminalBegin):
(JSC::Yarr::Interpreter::matchParentheticalAssertionBegin):
(JSC::Yarr::Interpreter::matchParentheticalAssertionEnd):
(JSC::Yarr::Interpreter::backtrackParentheticalAssertionBegin):
(JSC::Yarr::Interpreter::backtrackParentheticalAssertionEnd):
(JSC::Yarr::Interpreter::matchParentheses):
(JSC::Yarr::Interpreter::backtrackParentheses):
(JSC::Yarr::Interpreter::matchDisjunction):
(JSC::Yarr::Interpreter::matchNonZeroDisjunction):
(JSC::Yarr::ByteCompiler::atomParenthesesOnceBegin):
(JSC::Yarr::ByteCompiler::atomParenthesesTerminalBegin):
(JSC::Yarr::ByteCompiler::atomParenthesesSubpatternBegin):
(JSC::Yarr::ByteCompiler::atomParentheticalAssertionBegin):
(JSC::Yarr::ByteCompiler::atomParentheticalAssertionEnd):
(JSC::Yarr::ByteCompiler::closeAlternative):
(JSC::Yarr::ByteCompiler::closeBodyAlternative):
(JSC::Yarr::ByteCompiler::atomParenthesesSubpatternEnd):
(JSC::Yarr::ByteCompiler::atomParenthesesOnceEnd):
(JSC::Yarr::ByteCompiler::atomParenthesesTerminalEnd):
(JSC::Yarr::ByteCompiler::emitDisjunction):
(JSC::Yarr::ByteCompiler::dumpDisjunction):

  • yarr/YarrInterpreter.h:

(JSC::Yarr::ByteTerm::ByteTerm):
(JSC::Yarr::ByteTerm::BOL):
(JSC::Yarr::ByteTerm::CheckInput):
(JSC::Yarr::ByteTerm::UncheckInput):
(JSC::Yarr::ByteTerm::EOL):
(JSC::Yarr::ByteTerm::WordBoundary):
(JSC::Yarr::ByteTerm::BackReference):
(JSC::Yarr::ByteTerm::BodyAlternativeBegin):
(JSC::Yarr::ByteTerm::BodyAlternativeDisjunction):
(JSC::Yarr::ByteTerm::BodyAlternativeEnd):
(JSC::Yarr::ByteTerm::AlternativeBegin):
(JSC::Yarr::ByteTerm::AlternativeDisjunction):
(JSC::Yarr::ByteTerm::AlternativeEnd):
(JSC::Yarr::ByteTerm::SubpatternBegin):
(JSC::Yarr::ByteTerm::SubpatternEnd):
(JSC::Yarr::ByteTerm::DotStarEnclosure):

  • yarr/YarrJIT.cpp:

(JSC::Yarr::jitCompile):

  • yarr/YarrJIT.h:
  • yarr/YarrParser.h:

(JSC::Yarr::Parser::CharacterClassParserDelegate::CharacterClassParserDelegate):
(JSC::Yarr::Parser::CharacterClassParserDelegate::atomPatternCharacter):
(JSC::Yarr::Parser::CharacterClassParserDelegate::atomBuiltInCharacterClass):
(JSC::Yarr::Parser::CharacterClassParserDelegate::end):

  • yarr/YarrPattern.cpp:

(JSC::Yarr::YarrPatternConstructor::atomParenthesesSubpatternBegin):
(JSC::Yarr::YarrPatternConstructor::atomParentheticalAssertionBegin):
(JSC::Yarr::YarrPatternConstructor::atomBackReference):
(JSC::Yarr::YarrPatternConstructor::copyTerm):
(JSC::Yarr::YarrPatternConstructor::quantifyAtom):
(JSC::Yarr::YarrPatternConstructor::checkForTerminalParentheses):
(JSC::Yarr::YarrPatternConstructor::containsCapturingTerms):
(JSC::Yarr::YarrPatternConstructor::optimizeDotStarWrappedExpressions):
(JSC::Yarr::PatternTerm::dumpQuantifier):
(JSC::Yarr::PatternTerm::dump):

  • yarr/YarrPattern.h:

(JSC::Yarr::PatternTerm::PatternTerm):
(JSC::Yarr::PatternTerm::ForwardReference):
(JSC::Yarr::PatternTerm::BOL):
(JSC::Yarr::PatternTerm::EOL):
(JSC::Yarr::PatternTerm::WordBoundary):
(JSC::Yarr::PatternTerm::isFixedWidthCharacterClass const):
(JSC::Yarr::PatternTerm::containsAnyCaptures):
(JSC::Yarr::PatternTerm::quantify):

1:23 AM Changeset in webkit [280284] by Devin Rousso
  • 8 edits
    2 copies
    4 adds in trunk

[Apple Pay] Do not add coupon code ApplePayErrorCode values for systems that do not support it
https://bugs.webkit.org/show_bug.cgi?id=228243

Reviewed by Wenson Hsieh.

Source/WebCore:

Test: http/tests/ssl/applepay/ApplePayError.html

  • Modules/applepay/ApplePayErrorCode.idl:
  • Modules/applepay/ApplePayErrorCode.h:

Source/WebKit:

  • Platform/cocoa/PaymentAuthorizationPresenter.mm:

(WebKit::toPKPaymentErrorCode):

LayoutTests:

  • http/tests/ssl/applepay/ApplePayError.html:
  • http/tests/ssl/applepay/ApplePayError-expected.txt:
  • platform/ios-14-wk2/http/tests/ssl/applepay/ApplePayError-expected.txt: Added.
  • platform/mac-bigsur-wk2/http/tests/ssl/applepay/ApplePayError-expected.txt: Added.
1:20 AM Changeset in webkit [280283] by Devin Rousso
  • 4 edits in trunk

[iOS] REGRESSION(r277505): -[WKWebView underPageBackgroundColor] also changes the scroll bar color
https://bugs.webkit.org/show_bug.cgi?id=228259
<rdar://problem/80116822>

Reviewed by Tim Horton.

Source/WebKit:

If an application overrides the -underPageBackgroundColor with a dark color on a page that
has a light background color, the scroll bar will appear light to match the overridden value
of -underPageBackgroundColor instead of dark to match the page's background color.

Test: WKWebViewUnderPageBackgroundColor.MatchesScrollView

  • UIProcess/API/ios/WKWebViewIOS.mm:

(baseScrollViewBackgroundColor):
(scrollViewBackgroundColor):
(-[WKWebView _updateScrollViewBackground]):
Add a flag to indicate whether the underPageBackgroundColor (which can be overridden by
API) or pageExtendedBackgroundColor should be used when calculating the value provided to
-[UIScrollView setBackgroundColor:] and -[UIScrollView setIndicatorStyle:]. The former
uses the underPageBackgroundColor since that is why that API exists and the latter uses
the pageExtendedBackgroundColor` since it is based on what is shown in the page, which is
what the scroll bar is drawn on top of.

Tools:

  • TestWebKitAPI/Tests/WebKitCocoa/WKWebViewUnderPageBackgroundColor.mm:

(TEST.WKWebViewUnderPageBackgroundColor.MatchesScrollView):

Jul 23, 2021:

8:48 PM Changeset in webkit [280282] by Andres Gonzalez
  • 9 edits
    2 adds in trunk

Add a method to WebAccessibilityObjectWrapper so that clients can retrieve the text of each line and their corresponding bounding rectangles.
https://bugs.webkit.org/show_bug.cgi?id=228251
Source/WebCore:

rdar://77184036

Reviewed by Chris Fleizach.

Test: accessibility/ios-simulator/element-line-rects-and-text.html

Accessibility clients often need to retrieve a line of text and its
corresponding bounding rectangle screen coordinates. There was not a
clear way of doing this. This patch provides lineRectsAndText as the
mechanism to retrieve the lines of text and their corresponding
rectangles for a given accessibility object. This is the iOS
implementation. MacOS implementation will be done in a separate patch.

  • accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:

(-[WebAccessibilityObjectWrapper stringsForSimpleRange:attributed:]):
(-[WebAccessibilityObjectWrapper arrayOfTextForTextMarkers:attributed:]):
(-[WebAccessibilityObjectWrapper lineRectsAndText]):
(-[WebAccessibilityObjectWrapper lineRectsForTextMarkerRange:]):

Tools:

Reviewed by Chris Fleizach.

  • WebKitTestRunner/InjectedBundle/AccessibilityUIElement.cpp:

(WTR::AccessibilityUIElement::lineRectsAndText const):

  • WebKitTestRunner/InjectedBundle/AccessibilityUIElement.h:
  • WebKitTestRunner/InjectedBundle/Bindings/AccessibilityUIElement.idl:
  • WebKitTestRunner/InjectedBundle/ios/AccessibilityUIElementIOS.mm:

(WTR::AccessibilityUIElement::lineRectsAndText const):

  • WebKitTestRunner/InjectedBundle/mac/AccessibilityCommonMac.mm:

(WTR::makeJSArray):

LayoutTests:

Reviewed by Chris Fleizach.

  • accessibility/ios-simulator/element-line-rects-and-text-expected.txt: Added.
  • accessibility/ios-simulator/element-line-rects-and-text.html: Added.
8:40 PM Changeset in webkit [280281] by ysuzuki@apple.com
  • 1 edit
    1 add in trunk/JSTests

[JSC] Add Speedometer2 jQuery-TodoMVC RegExp microbenchmark
https://bugs.webkit.org/show_bug.cgi?id=228257

Reviewed by Mark Lam.

I instrumented JSC and extracted executed RegExp evaluations from Speedometer2/jQuery-TodoMVC
to easily test RegExp performance.

  • microbenchmarks/jquery-todomvc-regexp.js: Added.

(x00.test):

6:56 PM Changeset in webkit [280280] by Alexey Shvayka
  • 11 edits
    6 adds in trunk

[WebIDL] Properly validate and merge descriptors in [Replaceable] setter
https://bugs.webkit.org/show_bug.cgi?id=227662

Reviewed by Sam Weinig.

Source/JavaScriptCore:

Extracts createDataProperty() method to keep WebIDL code generator as simple as possible,
and also to emphasize a subtle difference between
{ Value?: X } and
{ Value?: X, Writable?: true, Enumerable?: true, Configurable?: true }.

  • runtime/JSONObject.cpp:

(JSC::Walker::walk):

  • runtime/JSObject.cpp:

(JSC::definePropertyOnReceiverSlow):

  • runtime/JSObject.h:
  • runtime/JSObjectInlines.h:

(JSC::JSObject::createDataProperty):

  • runtime/Lookup.h:

(JSC::replaceStaticPropertySlot): Deleted.

Source/WebCore:

The previous implementation relied on an invariant that structure property is absent
when [Replaceable] setter is called, which is no longer guaranteed after the introduction
of Object.defineProperty.

This patch replaces putDirect() with defineOwnProperty(), fixing the compliance with
invariants of internal methods [1]: an accessor property once observed as non-configurable
can't be reconfigured to have Value?. Both Chrome and Firefox properly validate descriptors.

Although DefineOwnProperty? failure is silently ignored by Chrome and the spec [2], WebKit now
throws a TypeError, which is a desired behavior for built-ins and was proven to be web-compatible
by Firefox. With WebKit being the second implementation that throws, the spec can be tightened.

After r264574, attributeChangeTransition() is called during defineOwnProperty(), ensuring inline
caching is correct. Also, this change adjusts window.opener setter [3].

[1] https://tc39.es/ecma262/#sec-invariants-of-the-essential-internal-methods
[2] https://heycam.github.io/webidl/#dfn-attribute-setter (step 4.5.5)
[3] https://html.spec.whatwg.org/multipage/browsers.html#dom-opener

Tests: fast/dom/replaceable-setter-throws-if-defineownproperty-fails.html

fast/dom/window-opener-setter-throws-if-defineownproperty-fails-1.html
fast/dom/window-opener-setter-throws-if-defineownproperty-fails-2.html

  • bindings/js/JSDOMWindowCustom.cpp:

(WebCore::JSDOMWindow::setOpener):
(WebCore::JSDOMWindow::setOpenDatabase):

  • bindings/scripts/CodeGeneratorJS.pm:

(AttributeSetterNeedsPropertyName):
(GenerateAttributeSetterBodyDefinition):
(GenerateAttributeSetterTrampolineDefinition):

  • bindings/scripts/test/JS/JSTestObj.cpp:

LayoutTests:

  • fast/dom/replaceable-setter-throws-if-defineownproperty-fails-expected.txt: Added.
  • fast/dom/replaceable-setter-throws-if-defineownproperty-fails.html: Added.
  • fast/dom/window-opener-setter-throws-if-defineownproperty-fails-1-expected.txt: Added.
  • fast/dom/window-opener-setter-throws-if-defineownproperty-fails-1.html: Added.
  • fast/dom/window-opener-setter-throws-if-defineownproperty-fails-2-expected.txt: Added.
  • fast/dom/window-opener-setter-throws-if-defineownproperty-fails-2.html: Added.
6:43 PM Changeset in webkit [280279] by Russell Epstein
  • 1 copy in tags/Safari-612.1.24.0.5

Tag Safari-612.1.24.0.5.

6:16 PM Changeset in webkit [280278] by Russell Epstein
  • 1 copy in tags/Safari-612.1.24.11.3

Tag Safari-612.1.24.11.3.

6:14 PM Changeset in webkit [280277] by Russell Epstein
  • 4 edits in branches/safari-612.1.24.11-branch

Cherry-pick r280274. rdar://problem/81044139

Make WKContentRuleListStore respond to same selectors as _WKUserContentExtensionStore
https://bugs.webkit.org/show_bug.cgi?id=228253
Source/WebKit:

<rdar://81038849>

Patch by Alex Christensen <achristensen@webkit.org> on 2021-07-23
Reviewed by Brian Weinstein.

We have an unfortunate situation where an old framework is calling code in a new framework that is giving it a WKContentRuleListStore
where it expects a _WKUserContentExtensionStore. As one of several mitigations for this problem, make the selectors able to be called.
Luckily it doesn't do much with the results. It just checks if they're null or not, and it passes any errors along. I added tests that do this.

  • UIProcess/API/Cocoa/WKContentRuleListStore.mm: (-[WKContentRuleListStore compileContentExtensionForIdentifier:encodedContentExtension:completionHandler:]): (-[WKContentRuleListStore lookupContentExtensionForIdentifier:completionHandler:]): (-[WKContentRuleListStore removeContentExtensionForIdentifier:completionHandler:]):

Tools:

Patch by Alex Christensen <achristensen@webkit.org> on 2021-07-23
Reviewed by Brian Weinstein.

  • TestWebKitAPI/Tests/WebKitCocoa/WKContentExtensionStore.mm: (TEST_F):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@280274 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6:10 PM Changeset in webkit [280276] by Russell Epstein
  • 8 edits in branches/safari-612.1.24.11-branch/Source

Versioning.

WebKit-7612.1.24.11.3

6:02 PM Changeset in webkit [280275] by Eric Hutchison
  • 2 edits in trunk/LayoutTests

[BigSur wk1 Debug ] imported/w3c/web-platform-tests/IndexedDB/idb_binary_key_conversion.htm is a flaky timeout .
https://bugs.webkit.org/show_bug.cgi?id=228260.

Unreviewed test gardening.

  • platform/mac-wk1/TestExpectations:
5:39 PM Changeset in webkit [280274] by commit-queue@webkit.org
  • 4 edits in trunk

Make WKContentRuleListStore respond to same selectors as _WKUserContentExtensionStore
https://bugs.webkit.org/show_bug.cgi?id=228253
Source/WebKit:

<rdar://81038849>

Patch by Alex Christensen <achristensen@webkit.org> on 2021-07-23
Reviewed by Brian Weinstein.

We have an unfortunate situation where an old framework is calling code in a new framework that is giving it a WKContentRuleListStore
where it expects a _WKUserContentExtensionStore. As one of several mitigations for this problem, make the selectors able to be called.
Luckily it doesn't do much with the results. It just checks if they're null or not, and it passes any errors along. I added tests that do this.

  • UIProcess/API/Cocoa/WKContentRuleListStore.mm:

(-[WKContentRuleListStore compileContentExtensionForIdentifier:encodedContentExtension:completionHandler:]):
(-[WKContentRuleListStore lookupContentExtensionForIdentifier:completionHandler:]):
(-[WKContentRuleListStore removeContentExtensionForIdentifier:completionHandler:]):

Tools:

Patch by Alex Christensen <achristensen@webkit.org> on 2021-07-23
Reviewed by Brian Weinstein.

  • TestWebKitAPI/Tests/WebKitCocoa/WKContentExtensionStore.mm:

(TEST_F):

5:03 PM Changeset in webkit [280273] by Eric Hutchison
  • 2 edits in trunk/LayoutTests

[ Mac wk2 Debug ] inspector/canvas/create-context-webgl.html is a flaky failure.
https://bugs.webkit.org/show_bug.cgi?id=228256.

Unreviewed test gardening.

  • platform/mac-wk2/TestExpectations:
4:40 PM Changeset in webkit [280272] by Ayumi Kojima
  • 2 edits in trunk/LayoutTests

[ iOS ] fast/mediastream/mediastreamtrack-audio-clone.html is a flaky failure.
https://bugs.webkit.org/show_bug.cgi?id=228255

Unreviewed test gardening.

  • platform/ios-wk2/TestExpectations:
4:21 PM Changeset in webkit [280271] by Wenson Hsieh
  • 8 edits
    2 adds in trunk

REGRESSION (r279751): WebContent process often crashes when hovering over content on apple.com
https://bugs.webkit.org/show_bug.cgi?id=228247
rdar://81010093

Reviewed by Tim Horton.

Source/WebCore:

Add an internal testing hook that can be used to trigger text recognition for the given element. While we should
eventually combine this with another testing hook to simulate VisionKit text recognition results, the new test
using this internal hook shouldn't make its way into VisionKit anyways, so this isn't necessary for now.

See WebKit ChangeLog for more details.

Test: fast/images/text-recognition/text-recognition-in-transparent-video.html

  • testing/Internals.cpp:

(WebCore::Internals::requestTextRecognition):

  • testing/Internals.h:
  • testing/Internals.idl:

Source/WebKit:

After r279751, the snapshot fallback codepath I added in createShareableBitmap to handle the edge case of
fully transparent images causes us to now take snapshots when hovering over fully transparent video elements,
and attempt to recognize text in them. This is because RenderVideo is a RenderImage subclass without a cached
image, so we'll end up going down the transparent renderer codepath instead of bailing with a null bitmap.

However, since CachedImages are null for video elements, before we even get to VisionKit, we end up crashing
with a nullptr-deref inside WebPage::requestTextRecognition, which assumes that RenderImage::cachedImage()
is non-null.

To address this, we make two minor adjustments (see below).

  • WebProcess/WebCoreSupport/ShareableBitmapUtilities.cpp:

(WebKit::createShareableBitmap):

Limit the snapshotting fallback to non-media images (i.e. non-RenderMedia).

  • WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::requestTextRecognition):

Make this robust in the case where CachedImage is null, to avoid the possibility for similar crashes in the
future.

LayoutTests:

  • fast/images/text-recognition/text-recognition-in-transparent-video-expected.txt: Added.
  • fast/images/text-recognition/text-recognition-in-transparent-video.html: Added.
4:16 PM Changeset in webkit [280270] by Ayumi Kojima
  • 2 edits in trunk/LayoutTests

REGRESSION: [ Mac ] media/video-buffering-allowed.html is flaky timeout.
https://bugs.webkit.org/show_bug.cgi?id=217621

Unreviewed test gardening.

  • platform/ios-wk2/TestExpectations:
4:13 PM Changeset in webkit [280269] by Russell Epstein
  • 8 edits in branches/safari-612.1.24.0-branch/Source

Versioning.

WebKit-7612.1.24.0.5

3:57 PM Changeset in webkit [280268] by Eric Hutchison
  • 2 edits in trunk/LayoutTests

[ BigSur wk2 Release arm64 ] fast/css-grid-layout floating-empty-grids.html is a flaky failure.
https://bugs.webkit.org/show_bug.cgi?id=228252.

Unreviewed test gardening.

  • platform/mac-wk2/TestExpectations:
3:55 PM Changeset in webkit [280267] by Russell Epstein
  • 1 copy in tags/Safari-612.1.25

Tag Safari-612.1.25.

3:53 PM Changeset in webkit [280266] by Ayumi Kojima
  • 2 edits in trunk/LayoutTests

REGRESSION: [iOS] ASSERTION FAILED: !m_messageReceiverMapCount under WebKit::RemoteAudioHardwareListener::~RemoteAudioHardwareListener()
https://bugs.webkit.org/show_bug.cgi?id=228038

Unreviewed test gardening.

  • platform/ios-wk2/TestExpectations:
3:50 PM Changeset in webkit [280265] by Russell Epstein
  • 1 copy in tags/Safari-612.1.24.11.2

Tag Safari-612.1.24.11.2.

3:49 PM Changeset in webkit [280264] by Russell Epstein
  • 8 edits in branches/safari-612.1.24.11-branch/Source

Versioning.

WebKit-7612.1.24.11.2

3:39 PM Changeset in webkit [280263] by Ayumi Kojima
  • 2 edits in trunk/LayoutTests

[iOS 14] imported/w3c/web-platform-tests/webstorage/event_case_sensitive.html is a flaky failure.
https://bugs.webkit.org/show_bug.cgi?id=226789

Unreviewed test gardening.

  • platform/ios-wk2/TestExpectations:
3:20 PM Changeset in webkit [280262] by Eric Hutchison
  • 1 edit in trunk/LayoutTests/platform/mac-wk2/TestExpectations

Need a short description (OOPS!).
Need the bug URL (OOPS!).

Reviewed by NOBODY (OOPS!).

  • platform/mac-wk2/TestExpectations:
3:08 PM Changeset in webkit [280261] by Eric Hutchison
  • 2 edits in trunk/LayoutTests

[ BigSur wk2 Release arm64 ] fast/selectors/selection-window-inactive.html is a flaky failure .
https://bugs.webkit.org/show_bug.cgi?id=228248.

Unreviewed test gardening.

  • platform/mac-wk2/TestExpectations:
3:05 PM Changeset in webkit [280260] by Chris Dumez
  • 12 edits in trunk/Source

SharedBuffer::takeData() is a bit dangerous
https://bugs.webkit.org/show_bug.cgi?id=228161

Reviewed by Darin Adler.

Source/WebCore:

SharedBuffer::takeData() is a bit dangerous since SharedBuffer is RefCounted and several object may be sharing ownership
of the buffer. Having one owner call takeData() in case ownership is shared leads to bugs such as Bug 228096.

To address the issue, I made SharedBuffer::takeData() private and introduced a new SharedBuffer::extractData() member
function which calls takeData() only if the SharedBuffer is not shared (RefCount is 1) and falls back to calling copyData()
otherwise. I also optimized copyData() a bit by iterating over the segments to build the vector, instead of calling the
potentially very slow SharedBuffer::data().

  • Modules/fetch/FetchBodyConsumer.cpp:

(WebCore::FetchBodyConsumer::takeAsBlob):

  • Modules/mediarecorder/MediaRecorder.cpp:

(WebCore::createDataAvailableEvent):

  • editing/WebCorePasteboardFileReader.cpp:

(WebCore::WebCorePasteboardFileReader::readBuffer):

  • editing/cocoa/WebContentReaderCocoa.mm:

(WebCore::createFragmentForImageAttachment):
(WebCore::WebContentReader::readImage):

  • editing/gtk/WebContentReaderGtk.cpp:

(WebCore::WebContentReader::readImage):

  • html/HTMLAttachmentElement.cpp:

(WebCore::HTMLAttachmentElement::updateEnclosingImageWithData):

  • platform/SharedBuffer.cpp:

(WebCore::SharedBuffer::copyData):

  • platform/SharedBuffer.h:

(WebCore::SharedBuffer::extractData):

  • xml/XMLHttpRequest.cpp:

(WebCore::XMLHttpRequest::createResponseBlob):

Source/WTF:

Add Vector::uncheckedAppend() overload that takes in a Span.

  • wtf/Vector.h:

(WTF::Vector::uncheckedAppend):
(WTF::Malloc>::uncheckedAppend):

2:43 PM Changeset in webkit [280259] by Russell Epstein
  • 11 edits
    2 moves
    1 delete in branches/safari-612.1.25-branch/Source

Revert "Cherry-pick r280205. rdar://problem/80991517"

This reverts commit r280209.

2:01 PM Changeset in webkit [280258] by Robert Jenner
  • 11 edits
    2 moves
    1 delete in trunk/Source

Unreviewed, reverting r280205.

Broke multiple WebAuthn tests.

Reverted changeset:

"REGRESSION (r278877) [Cocoa] WebAuthn stopped working for
non-Safari browsers"
https://bugs.webkit.org/show_bug.cgi?id=228116
https://commits.webkit.org/r280205

2:00 PM Changeset in webkit [280257] by Eric Hutchison
  • 2 edits in trunk/LayoutTests

[BigSur wk1 Release arm64] imported/w3c/web-platform-tests/workers/modules/shared-worker-import-csp.html is a flaky failure.
https://bugs.webkit.org/show_bug.cgi?id=228245.

Unreviewed test gardening.

  • platform/mac-wk1/TestExpectations:
1:13 PM Changeset in webkit [280256] by Alexey Shvayka
  • 44 edits
    16 adds in trunk

[JSC] Call custom accessors / values with their holder's global object
https://bugs.webkit.org/show_bug.cgi?id=225997

Reviewed by Yusuke Suzuki.

JSTests:

  • stress/custom-get-set-proto-chain-put.js:
  • stress/getter-setter-globalobject-in-ic-2.js: Added.

LayoutTests/imported/w3c:

  • web-platform-tests/WebIDL/ecmascript-binding/global-object-implicit-this-value-cross-realm-expected.txt: Added.
  • web-platform-tests/WebIDL/ecmascript-binding/global-object-implicit-this-value-cross-realm.html: Added.
  • web-platform-tests/WebIDL/ecmascript-binding/invalid-this-value-cross-realm-expected.txt: Added.
  • web-platform-tests/WebIDL/ecmascript-binding/invalid-this-value-cross-realm.html: Added.
  • web-platform-tests/WebIDL/ecmascript-binding/support/create-realm.js: Added.
  • web-platform-tests/WebIDL/ecmascript-binding/support/dummy-iframe.html: Added.
  • web-platform-tests/html/browsers/origin/cross-origin-objects/window-location-and-location-href-cross-realm-set-expected.txt: Added.
  • web-platform-tests/html/browsers/origin/cross-origin-objects/window-location-and-location-href-cross-realm-set.html: Added.
  • web-platform-tests/html/webappapis/scripting/events/compile-event-handler-settings-objects-expected.txt:
  • web-platform-tests/html/webappapis/scripting/processing-model-2/integration-with-the-javascript-job-queue/promise-job-incumbent-expected.txt:
  • web-platform-tests/service-workers/service-worker/fetch-request-css-cross-origin.https-expected.txt:
  • web-platform-tests/webrtc-encoded-transform/sframe-transform-readable.html:

All these are confirmed progressions.

  • web-platform-tests/performance-timeline/supportedEntryTypes-cross-realm-access-expected.txt: Added.
  • web-platform-tests/performance-timeline/supportedEntryTypes-cross-realm-access.html: Added.

Source/JavaScriptCore:

Just like JS built-ins, getter / setter functions of WebIDL attributes are created in realm
of their holder interface [1][2], which is their _current_ realm for throwing an error [3].

With this patch, custom properties get correct global object instead of lexical, including
when inline cached, aligning them with functions and regular accessors.

The latter allowed switching JS built-ins to CustomAccessor (e.g. Symbol#description),
which is slightly more efficient to call from C++, doesn't need reification on first access,
and has nicer signature.

Also, renames WASM accessors to drop "func" and removes unused function length parameter.

[1]: https://heycam.github.io/webidl/#dfn-attribute-getter (step 2)
[2]: https://heycam.github.io/webidl/#dfn-attribute-setter (step 5)
[3]: https://heycam.github.io/webidl/#ecmascript-throw

  • bytecode/AccessCase.cpp:

(JSC::AccessCase::generateImpl):

  • create_hash_table:
  • interpreter/CallFrame.cpp:

(JSC::CallFrame::globalObjectOfClosestCodeBlock):

  • interpreter/CallFrame.h:
  • runtime/IntlCollatorPrototype.cpp:

(JSC::JSC_DEFINE_CUSTOM_GETTER):

  • runtime/IntlDateTimeFormatPrototype.cpp:

(JSC::JSC_DEFINE_CUSTOM_GETTER):

  • runtime/IntlLocalePrototype.cpp:

(JSC::JSC_DEFINE_CUSTOM_GETTER):

  • runtime/IntlNumberFormatPrototype.cpp:

(JSC::JSC_DEFINE_CUSTOM_GETTER):

  • runtime/JSDataViewPrototype.cpp:

(JSC::JSC_DEFINE_CUSTOM_GETTER):

  • runtime/JSObject.cpp:

(JSC::JSObject::putInlineSlow):

  • runtime/PropertySlot.cpp:

(JSC::PropertySlot::customGetter const):

  • runtime/PropertySlot.h:

(JSC::PropertySlot::getValue const):

  • runtime/SymbolPrototype.cpp:

(JSC::JSC_DEFINE_CUSTOM_GETTER):

  • tools/JSDollarVM.cpp:
  • wasm/js/WebAssemblyInstancePrototype.cpp:

(JSC::JSC_DEFINE_CUSTOM_GETTER):
(JSC::JSC_DEFINE_HOST_FUNCTION): Deleted.

  • wasm/js/WebAssemblyMemoryPrototype.cpp:

(JSC::JSC_DEFINE_CUSTOM_GETTER):

  • wasm/js/WebAssemblyTablePrototype.cpp:

(JSC::JSC_DEFINE_CUSTOM_GETTER):

Source/WebCore:

This patch fixes cross-realm yet same-origin WebIDL attributes to throw errors in realm of
their accessor, while ensuring that window.location and location.href setters don't leak
cross-origin Object.prototype via thrown error.

Since Location setters relied on lexical global object to pass outgoing document.referrer,
they were updated to use IncumbentWindow as per spec [1]. callerGlobalObject() was reworked
to skip native / built-in callers and rely on VMEntryScope to accomodate top-level <script>
code navigating via Location setter, making the helper more versatile.

globalObjectOfClosestCodeBlock() fixed JSCustomSetterFunction instances and Location's
assign() / replace() methods to pass correct referrer.

Also, this change fixes static attributes like PerformanceObserver.supportedEntryTypes
to return wrappers of their realm instead of lexical.

[1] https://html.spec.whatwg.org/multipage/history.html#location-object-navigate (step 2)

Tests: imported/w3c/web-platform-tests/WebIDL/ecmascript-binding/global-object-implicit-this-value-cross-realm.html

imported/w3c/web-platform-tests/WebIDL/ecmascript-binding/invalid-this-value-cross-realm.html
imported/w3c/web-platform-tests/html/browsers/origin/cross-origin-objects/window-location-and-location-href-cross-realm-set.html
imported/w3c/web-platform-tests/performance-timeline/supportedEntryTypes-cross-realm-access.html

  • bindings/js/JSDOMGlobalObject.cpp:

(WebCore::callerGlobalObject): Deleted.

  • bindings/js/JSDOMGlobalObject.h:
  • bindings/js/JSDOMWindowBase.cpp:

(WebCore::incumbentDOMWindow):

  • bindings/js/JSDOMWindowBase.h:
  • bindings/js/JSDOMWindowCustom.cpp:

(WebCore::JSDOMWindow::put):

  • bindings/js/JSLocationCustom.cpp:

(WebCore::JSLocation::put):

  • bindings/scripts/CodeGeneratorJS.pm:

(GenerateNamedGetterLambda):
(GenerateCallWithUsingReferences):
(GenerateCallWith):
Ensure IncumbentWindow comes before FirstWindow.

  • bindings/scripts/test/JS/JSTestObj.cpp:
  • bindings/scripts/test/TestObj.idl:

Remove attributes that relied on CallFrame since custom getters don't have it.

  • page/Location.idl:

Remove [LegacyUnforgeable] from ancestorOrigins because it's set on the interface.

LayoutTests:

  • fast/dom/HTMLObjectElement/object-as-frame-expected.txt:
  • fast/dom/HTMLObjectElement/object-as-frame.html:
  • fast/dom/HTMLObjectElement/resources: Added.
  • fast/dom/HTMLObjectElement/resources/dummy-frame-1.html: Added.
  • fast/dom/HTMLObjectElement/resources/dummy-frame-2.html: Added.
  • fast/events/attribute-listener-cloned-from-frameless-doc-context-2.html:
  • fast/events/attribute-listener-extracted-from-frameless-doc-context-2.html:

These tests used to pass as is, probably, due to combination of old (incorrect) behavior and
some implementation details of run-webkit-tests. They fail on MiniBrowser / Chrome / Firefox
unless modified not to use data:// protocol, which is not system under test.

  • fast/frames/sandboxed-iframe-navigation-parent-expected.txt:
  • fast/frames/sandboxed-iframe-navigation-parent.html:
  • http/tests/security/frameNavigation/context-for-location-assign-expected.txt:

Revert the changes made in r174996. Location::assign() now uses correct (incumbent) Window
to set outgoing referrer and perform security checks, aligning WebKit with Chrome / Firefox.

  • http/tests/security/frameNavigation/context-for-location-href-gopd-expected.txt: Added.
  • http/tests/security/frameNavigation/context-for-location-href-gopd.html: Added.
1:04 PM Changeset in webkit [280255] by Eric Hutchison
  • 2 edits in trunk/LayoutTests

Update test expectations for inspector/dom-debugger/event-breakpoint-with-navigation.html.
https://bugs.webkit.org/show_bug.cgi?id=224291.

Unreviewed test gardening.

  • platform/mac-wk1/TestExpectations:
12:57 PM Changeset in webkit [280254] by pvollan@apple.com
  • 2 edits in trunk/Source/WebKit

[macOS] Reduce sandbox logging
https://bugs.webkit.org/show_bug.cgi?id=228236

Reviewed by Tim Horton.

To improve performance, remove some sandbox logging in the WebContent process' sandbox.

  • WebProcess/com.apple.WebProcess.sb.in:
11:52 AM Changeset in webkit [280253] by Chris Dumez
  • 2 edits
    2 adds in trunk/LayoutTests

[iOS] imported/w3c/web-platform-tests/html/dom/idlharness.https.html is failing
https://bugs.webkit.org/show_bug.cgi?id=228198
<rdar://problem/80982016>

Unreviewed, land iPad-specific baseline instead of marking the test as failing on iOS.
We are merely getting different results on iPhone and iPad because MediaSource is enabled
on iPad but not iPhone.

  • platform/ios-wk2/TestExpectations:
  • platform/ipad/imported/w3c/web-platform-tests/html/dom/idlharness.https-expected.txt: Added.
11:43 AM Changeset in webkit [280252] by Wenson Hsieh
  • 3 edits in trunk/Source/WebKit

[watchOS] It should be possible to select contact AutoFill text suggestions in email and username fields
https://bugs.webkit.org/show_bug.cgi?id=228237
rdar://77299680

Reviewed by Tim Horton.

After the changes in r278957, WKTextInputListViewController now presents modern Quickboard text input UI, as
well as contact AutoFill suggestions provided by Safari. For email and username fields (for which we currently
use PUICQuickboardController), this means that there's no longer any reason to prefer showing
PUICQuickboardController over WKTextInputListViewController, since both use modern text input UI (with support
for keychain AutoFill suggestions), but only the latter additionally supports contact AutoFill suggestions.

As such, we should change these to use WKTextInputListViewController instead of PUICQuickboardController. Note
that because contact AutoFill suggestions do not encompass passwords, it still makes more sense to pop directly
into PUICQuickboardController for password fields.

  • Platform/spi/watchos/PepperUICoreSPI.h:
  • UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView createQuickboardTextInputContext]):

Drive-by fix: additionally populate the placeholder of the text field in WKTextInputListViewController with
the input label text of the focused element (i.e., either placeholder text, the ARIA label, title, or text
content of an associated label).

(canUseQuickboardControllerFor):

11:36 AM Changeset in webkit [280251] by Ayumi Kojima
  • 2 edits in trunk/LayoutTests

[iOS]imported/w3c/web-platform-tests/html/dom/idlharness.https.html is failing.
https://bugs.webkit.org/show_bug.cgi?id=228198

Unreviewed test gardening.

  • platform/ios-wk2/TestExpectations:
11:23 AM Changeset in webkit [280250] by commit-queue@webkit.org
  • 5 edits
    4 adds in trunk

WebSocket traffic should be correctly assigned to either Developer or User.
https://bugs.webkit.org/show_bug.cgi?id=227564
<rdar://problem/79307301>

Patch by Richard Houle <rhoule@apple.com> on 2021-07-23
Reviewed by Kate Cheney.

Source/WebCore:

Tests: http/tests/app-privacy-report/websocket-isappinitiated.html

http/tests/app-privacy-report/websocket-isnotappinitiated.html

  • Modules/websockets/ThreadableWebSocketChannel.cpp:

(WebCore::ThreadableWebSocketChannel::webSocketConnectRequest):

Source/WebKit:

  • NetworkProcess/cocoa/NetworkSessionCocoa.mm:

(WebKit::NetworkSessionCocoa::createWebSocketTask):

LayoutTests:

  • http/tests/app-privacy-report/websocket-isappinitiated-expected.txt: Added.
  • http/tests/app-privacy-report/websocket-isappinitiated.html: Added.
  • http/tests/app-privacy-report/websocket-isnotappinitiated-expected.txt: Added.
  • http/tests/app-privacy-report/websocket-isnotappinitiated.html: Added.
11:12 AM Changeset in webkit [280249] by Russell Epstein
  • 2 edits in branches/safari-612.1.25-branch/Source/WebKit

Cherry-pick r280183. rdar://problem/81027380

REGRESSION (r279992): Crashes under RemoteLayerBackingStore::applyBackingStoreToLayer() in macCatalyst
https://bugs.webkit.org/show_bug.cgi?id=228181
rdar://80923581

Reviewed by Dan Bates.

  • Shared/RemoteLayerTree/RemoteLayerBackingStore.mm: (WebKit::RemoteLayerBackingStore::applyBackingStoreToLayer): r279992 reorganized this code to determine the contents object and then set it on the layer, instead of setting it directly; this means that the lifetime of the contents object must be extended.

Interestingly, the common case (the CAMachPort case), as well as the
case I was actually adding in r279992 both were safe, because of the use
of autorelease. (macCatalyst uses IOSurface as layer contents directly,
without CAMachPort, so uses the one path that r279992 broke).

It is unnecessary to use autorelease; instead just store the contents
object in a RetainPtr until it is set.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@280183 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:47 AM Changeset in webkit [280248] by Eric Hutchison
  • 2 edits in trunk/LayoutTests

[ BigSur wk1 Debug arm64 ] imported/w3c/web-platform-tests/IndexedDB/idbcursor-iterating-update.htm is a flaky timeout.
https://bugs.webkit.org/show_bug.cgi?id=228238.

Unreviewed test gardening.

  • platform/mac-wk1/TestExpectations:
10:33 AM Changeset in webkit [280247] by sihui_liu@apple.com
  • 2 edits in trunk/Source/WebKit

Generate simulated crash when UI process fails to get network process connection
https://bugs.webkit.org/show_bug.cgi?id=228203

Reviewed by Geoffrey Garen.

To help diagnose the issue that web process sometimes fails to get connection to the network process
(rdar://80760179), as UI process should have more information about it than web process.

  • UIProcess/Network/NetworkProcessProxy.cpp:

(WebKit::NetworkProcessProxy::getNetworkProcessConnection):

10:27 AM Changeset in webkit [280246] by Truitt Savell
  • 13 edits
    5 copies
    98 adds in trunk

Migrate iOS 15 expectations to OpenSource and bump version numbers
https://bugs.webkit.org/show_bug.cgi?id=228202

Reviewed by Ryan Haddad.

Tools:

  • Scripts/webkitpy/port/ios.py:

(IOSPort):

  • Scripts/webkitpy/port/ios_device_unittest.py:
  • Scripts/webkitpy/port/ios_simulator_unittest.py:

(IOSSimulatorTest.make_port):
(IOSSimulatorTest.test_layout_test_searchpath_with_apple_additions):
(IOSSimulatorTest.test_layout_test_searchpath_without_apple_additions):
(IOSSimulatorTest.test_layout_searchpath_wih_device_type):

  • Scripts/webkitpy/port/ios_testcase.py:

(IOSTest.make_port):

LayoutTests:

  • platform/ios-14-wk2/TestExpectations: Added.
  • platform/ios-14-wk2/fast/css/font-face-locally-installed-expected.txt: Copied from LayoutTests/platform/ios-wk2/fast/css/font-face-locally-installed-expected.txt.
  • platform/ios-14-wk2/http/tests/websocket/tests/hybi/alert-in-event-handler-expected.txt: Added.
  • platform/ios-14-wk2/http/tests/websocket/tests/hybi/bufferedAmount-after-close-expected.txt: Added.
  • platform/ios-14-wk2/http/tests/websocket/tests/hybi/close-and-server-script-exception-expected.txt: Added.
  • platform/ios-14-wk2/http/tests/websocket/tests/hybi/fragmented-frames-expected.txt: Added.
  • platform/ios-14-wk2/http/tests/websocket/tests/hybi/handshake-fail-by-no-cr-expected.txt: Added.
  • platform/ios-14-wk2/http/tests/websocket/tests/hybi/handshake-fail-by-null-char-in-status-expected.txt: Added.
  • platform/ios-14-wk2/http/tests/websocket/tests/hybi/handshake-ok-with-http-version-beyond-1_1-expected.txt: Added.
  • platform/ios-14-wk2/http/tests/websocket/tests/hybi/interleaved-fragments-expected.txt: Added.
  • platform/ios-14-wk2/http/tests/websocket/tests/hybi/receive-arraybuffer-expected.txt: Added.
  • platform/ios-14-wk2/http/tests/websocket/tests/hybi/workers/close-code-and-reason-expected.txt: Added.
  • platform/ios-14-wk2/http/tests/websocket/tests/hybi/workers/receive-arraybuffer-expected.txt: Added.
  • platform/ios-14-wk2/http/tests/websocket/tests/hybi/zero-length-text-expected.txt: Added.
  • platform/ios-14-wk2/http/tests/workers/service/serviceworker-websocket.https-expected.txt: Added.
  • platform/ios-14-wk2/imported/w3c/web-platform-tests/touch-events/idlharness.window-expected.txt: Added.
  • platform/ios-14-wk2/imported/w3c/web-platform-tests/websockets/Send-65K-data.any-expected.txt: Added.
  • platform/ios-14-wk2/imported/w3c/web-platform-tests/websockets/Send-binary-65K-arraybuffer.any-expected.txt: Added.
  • platform/ios-14-wk2/imported/w3c/web-platform-tests/websockets/Send-binary-arraybuffer.any-expected.txt: Added.
  • platform/ios-14-wk2/imported/w3c/web-platform-tests/websockets/Send-data.any-expected.txt: Added.
  • platform/ios-14-wk2/imported/w3c/web-platform-tests/websockets/Send-paired-surrogates.any-expected.txt: Added.
  • platform/ios-14-wk2/imported/w3c/web-platform-tests/websockets/basic-auth.any-expected.txt: Added.
  • platform/ios-14-wk2/imported/w3c/web-platform-tests/websockets/basic-auth.any.worker-expected.txt: Added.
  • platform/ios-14-wk2/imported/w3c/web-platform-tests/websockets/cookies/007-expected.txt: Added.
  • platform/ios-14-wk2/imported/w3c/web-platform-tests/websockets/interfaces/WebSocket/bufferedAmount/bufferedAmount-arraybuffer-expected.txt: Added.
  • platform/ios-14-wk2/imported/w3c/web-platform-tests/websockets/interfaces/WebSocket/bufferedAmount/bufferedAmount-blob-expected.txt: Added.
  • platform/ios-14-wk2/imported/w3c/web-platform-tests/websockets/interfaces/WebSocket/bufferedAmount/bufferedAmount-getting-expected.txt: Added.
  • platform/ios-14-wk2/imported/w3c/web-platform-tests/websockets/interfaces/WebSocket/bufferedAmount/bufferedAmount-large-expected.txt: Added.
  • platform/ios-14-wk2/imported/w3c/web-platform-tests/websockets/interfaces/WebSocket/bufferedAmount/bufferedAmount-unicode-expected.txt: Added.
  • platform/ios-14/TestExpectations: Added.
  • platform/ios-14/fast/css/ios/system-color-for-css-value-expected.txt: Added.
  • platform/ios-14/fast/forms/button-sizes-expected.txt: Copied from LayoutTests/platform/ios/fast/forms/button-sizes-expected.txt.
  • platform/ios-14/fast/forms/input-button-sizes-expected.txt: Copied from LayoutTests/platform/ios/fast/forms/input-button-sizes-expected.txt.
  • platform/ios-14/fast/forms/number/number-appearance-spinbutton-disabled-readonly-expected.txt: Copied from LayoutTests/platform/ios/fast/forms/number/number-appearance-spinbutton-disabled-readonly-expected.txt.
  • platform/ios-14/fast/text/hyphenate-avoid-orphaned-word-expected.txt: Copied from LayoutTests/platform/ios/fast/text/hyphenate-avoid-orphaned-word-expected.txt.
  • platform/ios-wk2/TestExpectations:
  • platform/ios-wk2/fast/css/font-face-locally-installed-expected.txt:
  • platform/ios-wk2/http/tests/websocket/tests/hybi/alert-in-event-handler-expected.txt: Added.
  • platform/ios-wk2/http/tests/websocket/tests/hybi/bufferedAmount-after-close-in-busy-expected.txt: Added.
  • platform/ios-wk2/http/tests/websocket/tests/hybi/close-and-server-script-exception-expected.txt: Added.
  • platform/ios-wk2/http/tests/websocket/tests/hybi/fragmented-frames-expected.txt: Added.
  • platform/ios-wk2/http/tests/websocket/tests/hybi/handshake-fail-by-no-cr-expected.txt: Added.
  • platform/ios-wk2/http/tests/websocket/tests/hybi/handshake-fail-by-null-char-in-status-expected.txt: Added.
  • platform/ios-wk2/http/tests/websocket/tests/hybi/handshake-ok-with-http-version-beyond-1_1-expected.txt: Added.
  • platform/ios-wk2/http/tests/websocket/tests/hybi/interleaved-fragments-expected.txt: Added.
  • platform/ios-wk2/http/tests/websocket/tests/hybi/receive-arraybuffer-expected.txt: Added.
  • platform/ios-wk2/http/tests/websocket/tests/hybi/workers/close-code-and-reason-expected.txt: Added.
  • platform/ios-wk2/http/tests/websocket/tests/hybi/workers/receive-arraybuffer-expected.txt: Added.
  • platform/ios-wk2/http/tests/websocket/tests/hybi/zero-length-text-expected.txt: Added.
  • platform/ios-wk2/http/tests/workers/service/serviceworker-websocket.https-expected.txt: Added.
  • platform/ios-wk2/imported/w3c/web-platform-tests/touch-events/idlharness.window-expected.txt: Added.
  • platform/ios-wk2/imported/w3c/web-platform-tests/websockets/Send-65K-data.any-expected.txt: Added.
  • platform/ios-wk2/imported/w3c/web-platform-tests/websockets/Send-binary-65K-arraybuffer.any-expected.txt: Added.
  • platform/ios-wk2/imported/w3c/web-platform-tests/websockets/Send-binary-arraybuffer.any-expected.txt: Added.
  • platform/ios-wk2/imported/w3c/web-platform-tests/websockets/Send-data.any-expected.txt: Added.
  • platform/ios-wk2/imported/w3c/web-platform-tests/websockets/Send-paired-surrogates.any-expected.txt: Added.
  • platform/ios-wk2/imported/w3c/web-platform-tests/websockets/basic-auth.any-expected.txt: Added.
  • platform/ios-wk2/imported/w3c/web-platform-tests/websockets/basic-auth.any.worker-expected.txt: Added.
  • platform/ios-wk2/imported/w3c/web-platform-tests/websockets/cookies/007-expected.txt: Added.
  • platform/ios-wk2/imported/w3c/web-platform-tests/websockets/interfaces/WebSocket/bufferedAmount/bufferedAmount-arraybuffer-expected.txt: Added.
  • platform/ios-wk2/imported/w3c/web-platform-tests/websockets/interfaces/WebSocket/bufferedAmount/bufferedAmount-blob-expected.txt: Added.
  • platform/ios-wk2/imported/w3c/web-platform-tests/websockets/interfaces/WebSocket/bufferedAmount/bufferedAmount-getting-expected.txt: Added.
  • platform/ios-wk2/imported/w3c/web-platform-tests/websockets/interfaces/WebSocket/bufferedAmount/bufferedAmount-large-expected.txt: Added.
  • platform/ios-wk2/imported/w3c/web-platform-tests/websockets/interfaces/WebSocket/bufferedAmount/bufferedAmount-unicode-expected.txt: Added.
  • platform/ios/TestExpectations:
  • platform/ios/fast/css/ios/system-color-for-css-value-expected.txt: Added.
  • platform/ios/fast/forms/button-sizes-expected.txt:
  • platform/ios/fast/forms/input-button-sizes-expected.txt:
  • platform/ios/fast/forms/number/number-appearance-spinbutton-disabled-readonly-expected.txt:
  • platform/ios/fast/text/hyphenate-avoid-orphaned-word-expected.txt:
9:51 AM Changeset in webkit [280245] by mmaxfield@apple.com
  • 4 edits in trunk/Source/WebKit

[GPU Process] Migrate the DisplayList::Replayer::Delegate from RemoteImageBuffer to RemoteRenderingBackend
https://bugs.webkit.org/show_bug.cgi?id=228219

Reviewed by Wenson Hsieh.

This is part 1 of https://bugs.webkit.org/show_bug.cgi?id=228216.

For this task, we need to count resource uses:

  1. As the recorder in the web process records DisplayList items which reference resources, those uses need to increment a counter.
  2. As the replayer in the GPU process replays DisplayList items which reference resources, those uses need to increment a parallel counter.

The most natural place for the counters to live is in RemoteResourceCacheProxy and RemoteResourceCache, respectively. These two classes
are accessible from the RemoteRenderingBackendProxy and RemoteRenderingBackend, respectively. The most natural interface between the
DisplayList classes like DisplayList::Recorder and DisplayList::Replayer and the higher level WebKit classes is to use their delegate
interfaces.

For 1 above, RemoteImageBufferProxy has access to the RemoteRenderingBackendProxy and is already a DisplayList::Recorder::Delegate, so
there's no problem there. However, for 2, messages are delivered first to the RemoteRenderingBackend, which is the place that has access to
the RemoteResourceCache. Making the RemoteRenderingBackend have the DisplayList::Replayer::Delegate would be a natural place to either
A) call the necessary function in the RemoteImageBuffer, or B) interact with the RemoteResourceCache to increment the necessary counter.

Indeed, this makes a lot of sense because, for 2 of the 3 delegate methods, RemoteImageBuffer just immediately turns around and forwards
the call to the RemoteRenderingBackend anyway. So, migrating this interface to RemoteRenderingBackend actually ends up making it a bit
simpler.

No new tests because there is no behavior change.

  • GPUProcess/graphics/RemoteImageBuffer.h:

(WebKit::RemoteImageBuffer::apply):
(): Deleted.

  • GPUProcess/graphics/RemoteRenderingBackend.cpp:

(WebKit::RemoteRenderingBackend::ReplayerDelegate::ReplayerDelegate):
(WebKit::RemoteRenderingBackend::ReplayerDelegate::apply):
(WebKit::RemoteRenderingBackend::ReplayerDelegate::didCreateMaskImageBuffer):
(WebKit::RemoteRenderingBackend::ReplayerDelegate::didResetMaskImageBuffer):
(WebKit::RemoteRenderingBackend::submit):

  • GPUProcess/graphics/RemoteRenderingBackend.h:
9:07 AM Changeset in webkit [280244] by Aditya Keerthi
  • 14 edits
    7 copies
    5 adds in trunk

[macOS] Repainting artifacts when moving input type=range slider thumb
https://bugs.webkit.org/show_bug.cgi?id=228135
rdar://76247487

Reviewed by Tim Horton.

Source/WebCore:

  • rendering/RenderThemeMac.mm:

(WebCore::RenderThemeMac::adjustSliderThumbSize const):

The size of NSSliderCell's knob increased in Big Sur. Consequently, the
knob was being painted outside of its box. Unfortunately, there is
currently no way to obtain the size programmatically, so we are forced
to update the hardcoded size.

LayoutTests:

Rebaselined tests to account for the change to the size of the slider
thumb.

  • fast/dom/HTMLInputElement/input-slider-update-expected.txt:
  • fast/repaint/block-inputrange-repaint-expected.txt:
  • fast/repaint/block-inputrange-repaint.html:
  • fast/repaint/slider-thumb-drag-release-expected.txt:
  • platform/gtk/fast/repaint/block-inputrange-repaint-expected.txt:
  • platform/mac-catalina/fast/dom/HTMLInputElement/input-slider-update-expected.txt: Copied from LayoutTests/fast/dom/HTMLInputElement/input-slider-update-expected.txt.
  • platform/mac-catalina/fast/forms/input-appearance-height-expected.txt: Copied from LayoutTests/platform/mac/fast/forms/input-appearance-height-expected.txt.
  • platform/mac-catalina/fast/forms/range/input-appearance-range-expected.txt: Copied from LayoutTests/platform/mac/fast/forms/range/input-appearance-range-expected.txt.
  • platform/mac-catalina/fast/forms/range/slider-padding-expected.txt: Copied from LayoutTests/platform/mac/fast/forms/range/slider-padding-expected.txt.
  • platform/mac-catalina/fast/forms/range/slider-thumb-shared-style-expected.txt: Copied from LayoutTests/platform/mac/fast/forms/range/slider-thumb-shared-style-expected.txt.
  • platform/mac-catalina/fast/forms/range/thumbslider-no-parent-slider-expected.txt: Copied from LayoutTests/platform/mac/fast/forms/range/thumbslider-no-parent-slider-expected.txt.
  • platform/mac-catalina/fast/repaint/block-inputrange-repaint-expected.txt: Added.
  • platform/mac-catalina/fast/repaint/slider-thumb-drag-release-expected.txt: Copied from LayoutTests/fast/repaint/slider-thumb-drag-release-expected.txt.
  • platform/mac/fast/forms/box-shadow-override-expected.txt:
  • platform/mac/fast/forms/input-appearance-height-expected.txt:
  • platform/mac/fast/forms/range/input-appearance-range-expected.txt:
  • platform/mac/fast/forms/range/slider-padding-expected.txt:
  • platform/mac/fast/forms/range/slider-thumb-shared-style-expected.txt:
  • platform/mac/fast/forms/range/thumbslider-no-parent-slider-expected.txt:
8:38 AM Changeset in webkit [280243] by commit-queue@webkit.org
  • 4 edits in trunk/Source/WebCore

[GStreamer][1.19] Warnings due to AppSinkCallbacks struct growth
https://bugs.webkit.org/show_bug.cgi?id=228229

Patch by Philippe Normand <pnormand@igalia.com> on 2021-07-23
Reviewed by Xabier Rodriguez-Calvar.

A new callback was added, for event notifications.

  • platform/audio/gstreamer/AudioFileReaderGStreamer.cpp:

(WebCore::AudioFileReader::handleNewDeinterleavePad):

  • platform/audio/gstreamer/AudioSourceProviderGStreamer.cpp:

(WebCore::AudioSourceProviderGStreamer::handleNewDeinterleavePad):

  • platform/graphics/gstreamer/ImageDecoderGStreamer.cpp:

(WebCore::ImageDecoderGStreamer::InnerDecoder::connectDecoderPad):

4:39 AM Changeset in webkit [280242] by Devin Rousso
  • 5 edits in trunk

[Modern Media Controls] [macOS] Only show total duration when the elapsed time is visible
https://bugs.webkit.org/show_bug.cgi?id=228191
<rdar://problem/80529918>

Reviewed by Eric Carlson.

Source/WebCore:

When a <video> is narrow (~250px) WebKit will drop the elapsed time, meaning that only the
scrubber and duration are visible. It's not very helpful to show just the duration because
it never changes, requiring the user to do the mental math of dividing the scrubber width
by the total duration to figure out how much time is left (and has elapsed). Showing the
remaining time is better because it at least helps the user not have to figure out how much
longer the <video> will play (which is more useful/actionable than knowing the duration).

Test: media/modern-media-controls/time-control/time-control.html

  • Modules/modern-media-controls/controls/time-control.js:

(TimeControl):
(TimeControl.prototype.handleEvent):
(TimeControl.prototype.get _canShowDurationTimeLabel): Added.
(TimeControl.prototype._durationOrRemainingTimeLabel):
(TimeControl.prototype._performIdealLayout):
Rename _showDurationTimeLabel to _shouldShowDurationTimeLabel and add another private
getter _canShowDurationTimeLabel that only is true when this.elapsedTimeLabel.visible.
Use both to decide whether duration or remaining is shown/updated/etc..

LayoutTests:

  • media/modern-media-controls/time-control/time-control.html:
  • media/modern-media-controls/time-control/time-control-expected.txt:
4:03 AM Changeset in webkit [280241] by Carlos Garcia Campos
  • 1 copy in releases/WebKitGTK/webkit-2.32.3

WebKitGTK 2.32.3

4:03 AM Changeset in webkit [280240] by Carlos Garcia Campos
  • 4 edits in releases/WebKitGTK/webkit-2.32

Unreviewed. Update OptionsGTK.cmake and NEWS for 2.32.3 release

.:

  • Source/cmake/OptionsGTK.cmake: Bump version numbers.

Source/WebKit:

  • gtk/NEWS: Add release notes for 2.32.3
3:51 AM Changeset in webkit [280239] by Philippe Normand
  • 12 edits
    1 add
    1 delete in trunk

[GLib] Remove libportal dependency
https://bugs.webkit.org/show_bug.cgi?id=228056

Reviewed by Carlos Garcia Campos.

.:

  • Source/cmake/FindLIBPORTAL.cmake: Removed.
  • Source/cmake/GStreamerChecks.cmake:

Source/WebCore:

The pure-GDBus approach allows us to request the input device (Monitor or Window) depending
on the CaptureDevice type and make the mouse cursor visible in the generated video stream.
Also requesting capture support within computeCaptureDevices() was a bad idea because this
being used by the enumerateMediaDevices API could potentially spam the user with permission
popups.

  • platform/GStreamer.cmake:
  • platform/mediastream/gstreamer/GStreamerCaptureDeviceManager.cpp:
  • platform/mediastream/gstreamer/GStreamerCaptureDeviceManager.h:
  • platform/mediastream/gstreamer/GStreamerDisplayCaptureDeviceManager.cpp: Added.

(WebCore::GStreamerDisplayCaptureDeviceManager::singleton):
(WebCore::GStreamerDisplayCaptureDeviceManager::GStreamerDisplayCaptureDeviceManager):
(WebCore::GStreamerDisplayCaptureDeviceManager::~GStreamerDisplayCaptureDeviceManager):
(WebCore::GStreamerDisplayCaptureDeviceManager::computeCaptureDevices):
(WebCore::GStreamerDisplayCaptureDeviceManager::createDisplayCaptureSource):
(WebCore::GStreamerDisplayCaptureDeviceManager::stopSource):
(WebCore::GStreamerDisplayCaptureDeviceManager::waitResponseSignal):

  • platform/mediastream/gstreamer/GStreamerVideoCaptureSource.cpp:

(WebCore::GStreamerVideoCaptureSource::createPipewireSource):
(WebCore::GStreamerVideoCaptureSource::factory):
(WebCore::GStreamerVideoCaptureSource::displayFactory):
(WebCore::GStreamerVideoCaptureSource::GStreamerVideoCaptureSource):
(WebCore::GStreamerVideoCaptureSource::stopProducingData):

  • platform/mediastream/gstreamer/GStreamerVideoCaptureSource.h:
  • platform/mediastream/gstreamer/GStreamerVideoCapturer.cpp:
  • platform/mediastream/gstreamer/GStreamerVideoCapturer.h:

Source/WTF:

  • Scripts/Preferences/WebPreferencesExperimental.yaml: Enable screen capture on GStreamer

ports. The PIPEWIRE ifdef is redundant.

3:11 AM Changeset in webkit [280238] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.32/Source/WebCore

Merge r276352 - Use BlobURL::getOriginURL in more places
https://bugs.webkit.org/show_bug.cgi?id=224857

Reviewed by Alex Christensen.

Covered by existing tests.

  • loader/PolicyChecker.cpp:

(WebCore::FrameLoader::PolicyChecker::extendBlobURLLifetimeIfNecessary const):

3:11 AM Changeset in webkit [280237] by Carlos Garcia Campos
  • 4 edits
    3 adds in releases/WebKitGTK/webkit-2.32

Merge r276012 - REGRESSION(Safari 14): iframe with blob url does not work with sandboxing
https://bugs.webkit.org/show_bug.cgi?id=222312
<rdar://problem/74927624>

Reviewed by Chris Dumez.

Source/WebCore:

In https://trac.webkit.org/r275884, we correctly compute whether a blob is to be considered secure or not.
For that, we need to have the blob URL registered with its document origin.
Update PolicyChecker to properly register the temporoary blob URL with its document origin.

Test: http/tests/security/sandbox-iframe-and-blob.https.html

  • loader/PolicyChecker.cpp:

(WebCore::FrameLoader::PolicyChecker::extendBlobURLLifetimeIfNecessary const):

LayoutTests:

  • http/tests/security/resources/sandbox-iframe-and-blob-frame.html: Added.
  • http/tests/security/sandbox-iframe-and-blob.https-expected.txt: Added.
  • http/tests/security/sandbox-iframe-and-blob.https.html: Added.
  • platform/win/TestExpectations:
3:11 AM Changeset in webkit [280236] by Carlos Garcia Campos
  • 11 edits in releases/WebKitGTK/webkit-2.32

Merge r276230 - Blob URLs should use for their owner origin for CSP checks
https://bugs.webkit.org/show_bug.cgi?id=224535
<rdar://76458106>

Reviewed by Alex Christensen.

Source/WebCore:

Before the patch, we were checking blob origin directly with ancestors.
As per https://w3c.github.io/webappsec-csp/#match-url-to-source-expression step 4.1,
we need to get the URL origin, which by spec is the origin of the blob creator.
We only do this for navigation loads as script loads should be kept the current way, as a cross-site scripting protection,
and to remain compatible with other browsers.

Make some refactoring to add helper routines to get origin and secure context state of blob URLs in BlobURL.
Make use of it in MixedContentChecker as a refactoring.
Make use of the helper routine in ContentSecurityPolicySource::matches to fix the bug.

Test: http/tests/security/frame-src-and-blob-download.https.html

  • fileapi/BlobURL.cpp:

(WebCore::blobOwner):
(WebCore::BlobURL::getOriginURL):
(WebCore::BlobURL::isSecureBlobURL):

  • fileapi/BlobURL.h:
  • fileapi/ThreadableBlobRegistry.cpp:

(WebCore::isBlobURLContainsNullOrigin):

  • loader/MixedContentChecker.cpp:

(WebCore::MixedContentChecker::isMixedContent):

  • page/SecurityOrigin.cpp:

(WebCore::SecurityOrigin::isSecure):

  • page/csp/ContentSecurityPolicy.cpp:

(WebCore::ContentSecurityPolicy::urlMatchesSelf const):

  • page/csp/ContentSecurityPolicy.h:
  • page/csp/ContentSecurityPolicySourceList.cpp:

(WebCore::ContentSecurityPolicySourceList::matches const):

LayoutTests:

  • http/tests/security/frame-src-and-blob-download.https-expected.txt: Added.
  • http/tests/security/frame-src-and-blob-download.https.html:
  • http/tests/security/resources/frame-src-and-blob-download-frame.html: Added.
  • platform/mac-wk1/TestExpectations:
  • platform/win/TestExpectations:
2:03 AM Changeset in webkit [280235] by Adrian Perez de Castro
  • 3 edits
    1 add in releases/WebKitGTK/webkit-2.32

Merge r278819 - https://bugs.webkit.org/show_bug.cgi?id=226576
<rdar://problem/78810362>

Reviewed by Yusuke Suzuki.

JSTests:

  • stress/short-circuit-read-modify-write-cant-write-dst-before-tdz-check.js: Added.

(let.result.eval.try.captureV):
(catch):

Source/JavaScriptCore:

ShortCircuitReadModifyResolveNode can't emit a value into
its result until after it emits a TDZ check. We were temporarily
storing the result of the get_from_scope into the dst. Then
we'd emit the TDZ check. The TDZ check can throw, and it could
lead to us returning TDZ from the eval itself. Instead, we need
to use a temporary to emit a TDZ check on. Only after the TDZ check
passes can we move the temporary into the result.

  • bytecompiler/NodesCodegen.cpp:

(JSC::ShortCircuitReadModifyResolveNode::emitBytecode):

2:03 AM Changeset in webkit [280234] by Adrian Perez de Castro
  • 4 edits
    1 add in releases/WebKitGTK/webkit-2.32

Merge r278578 - Short circuit read modify write nodes emit byte code that uses the wrong locals
https://bugs.webkit.org/show_bug.cgi?id=226576
<rdar://problem/78810362>

Reviewed by Yusuke Suzuki.

JSTests:

  • stress/short-circuit-read-modify-should-use-the-write-virtual-registers.js: Added.

(eval):

Source/JavaScriptCore:

It's never a good idea to use the wrong local :-)

This patch also adds support for dumping predecessors of basic blocks
in the bytecode dump.

  • bytecode/BytecodeDumper.cpp:

(JSC::CodeBlockBytecodeDumper<Block>::dumpGraph):

  • bytecompiler/NodesCodegen.cpp:

(JSC::ShortCircuitReadModifyResolveNode::emitBytecode):
(JSC::ShortCircuitReadModifyDotNode::emitBytecode):
(JSC::ShortCircuitReadModifyBracketNode::emitBytecode):

2:00 AM Changeset in webkit [280233] by Adrian Perez de Castro
  • 19 edits in releases/WebKitGTK/webkit-2.32/Source/JavaScriptCore

Merge r276609 - numCalleeLocals, numParameters, and numVars should be unsigned
https://bugs.webkit.org/show_bug.cgi?id=224995

Patch by Keith Miller <keith_miller@apple.com> on 2021-04-26
Reviewed by Mark Lam.

All of the various CodeBlock classes currently have the
numCalleeLocals and numVars marked as ints. I believe this is just
a historical artifact or because VirtualRegister's offset is an
int to make handling constants easier. Regardless, it's a bit
strange to not handle the sign conversion at the point of
comparison between a VirtualRegister offset and the local/var
count. This doesn't completely fix every place we use ints for
these values but starts on the right track. Lastly, I also added
some Check<unsigned>s to the wasm parser for sanity checking.

  • bytecode/CodeBlock.cpp:

(JSC::CodeBlock::setNumParameters):
(JSC::CodeBlock::ensureCatchLivenessIsComputedForBytecodeIndexSlow):

  • bytecode/CodeBlock.h:

(JSC::CodeBlock::numParameters const):
(JSC::CodeBlock::numberOfArgumentsToSkip const):
(JSC::CodeBlock::numCalleeLocals const):
(JSC::CodeBlock::numVars const):
(JSC::CodeBlock::numTmps const):
(JSC::CodeBlock::addressOfNumParameters):
(JSC::CodeBlock::isTemporaryRegister):

  • bytecode/UnlinkedCodeBlock.h:

(JSC::UnlinkedCodeBlock::numCalleeLocals const):
(JSC::UnlinkedCodeBlock::numVars const):

  • bytecode/UnlinkedCodeBlockGenerator.h:

(JSC::UnlinkedCodeBlockGenerator::numCalleeLocals const):
(JSC::UnlinkedCodeBlockGenerator::numVars const):
(JSC::UnlinkedCodeBlockGenerator::setNumCalleeLocals):
(JSC::UnlinkedCodeBlockGenerator::setNumVars):
(JSC::UnlinkedCodeBlockGenerator::setNumParameters):

  • bytecompiler/BytecodeGenerator.cpp:

(JSC::BytecodeGenerator::generate):
(JSC::BytecodeGenerator::emitPushFunctionNameScope):

  • bytecompiler/BytecodeGeneratorBaseInlines.h:

(JSC::BytecodeGeneratorBase<Traits>::newRegister):

  • dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::handleRecursiveTailCall):
(JSC::DFG::ByteCodeParser::inliningCost):
(JSC::DFG::ByteCodeParser::parseBlock):

  • dfg/DFGOSREntrypointCreationPhase.cpp:

(JSC::DFG::OSREntrypointCreationPhase::run):

  • dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::checkArgumentTypes):

  • ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::lower):

  • ftl/FTLOSREntry.cpp:

(JSC::FTL::prepareOSREntry):

  • interpreter/CallFrameClosure.h:
  • interpreter/ProtoCallFrameInlines.h:

(JSC::ProtoCallFrame::init):

  • jit/JIT.cpp:

(JSC::JIT::compileWithoutLinking):

  • runtime/CommonSlowPaths.h:

(JSC::CommonSlowPaths::numberOfStackPaddingSlots):
(JSC::CommonSlowPaths::numberOfStackPaddingSlotsWithExtraSlots):

  • wasm/WasmFunctionCodeBlock.h:

(JSC::Wasm::FunctionCodeBlock::numVars const):
(JSC::Wasm::FunctionCodeBlock::numCalleeLocals const):
(JSC::Wasm::FunctionCodeBlock::setNumVars):
(JSC::Wasm::FunctionCodeBlock::setNumCalleeLocals):

  • wasm/WasmLLIntGenerator.cpp:

(JSC::Wasm::LLIntGenerator::push):
(JSC::Wasm::LLIntGenerator::getDropKeepCount):
(JSC::Wasm::LLIntGenerator::walkExpressionStack):
(JSC::Wasm::LLIntGenerator::checkConsistency):
(JSC::Wasm::LLIntGenerator::materializeConstantsAndLocals):
(JSC::Wasm::LLIntGenerator::splitStack):
(JSC::Wasm::LLIntGenerator::finalize):
(JSC::Wasm::LLIntGenerator::callInformationForCaller):
(JSC::Wasm::LLIntGenerator::addLoop):
(JSC::Wasm::LLIntGenerator::addTopLevel):
(JSC::Wasm::LLIntGenerator::addBlock):
(JSC::Wasm::LLIntGenerator::addIf):
(JSC::Wasm::LLIntGenerator::addElseToUnreachable):

1:59 AM Changeset in webkit [280232] by Carlos Garcia Campos
  • 5 edits in releases/WebKitGTK/webkit-2.32/Source/WebCore

Merge r278964 - Protect Element before calling dispatchMouseEvent() on it
https://bugs.webkit.org/show_bug.cgi?id=226767
<rdar://problem/79009112>

Reviewed by Ryosuke Niwa.

  • page/EventHandler.cpp:

(WebCore::EventHandler::updateMouseEventTargetNode):
(WebCore::EventHandler::dispatchMouseEvent):

  • page/PointerLockController.cpp:

(WebCore::PointerLockController::dispatchLockedMouseEvent):

  • page/Quirks.cpp:

(WebCore::Quirks::triggerOptionalStorageAccessQuirk const):

1:48 AM Changeset in webkit [280231] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.32/Source/WebCore

Merge r278166 - Pass frame ref during navigationPolicyCompletionHandler
https://bugs.webkit.org/show_bug.cgi?id=226268
<rdar://problem/78512383>

Reviewed by Ryosuke Niwa.

Pass the active frame to the navigationPolicyCompletionHandler lambda as a Ref to
ensure it is kept alive during the policy check and subsequent steps.

  • loader/DocumentLoader.cpp:

(WebCore::DocumentLoader::willSendRequest):

1:47 AM Changeset in webkit [280230] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.32/Source/WebCore

Merge r276611 - Remove redundant frameDetached() from the SVGImage destructor
https://bugs.webkit.org/show_bug.cgi?id=221616
<rdar://problem/74149106>

Reviewed by Chris Dumez.

SVGImage was originally written such that it has two separate objects:
a page and a frame; see https://trac.webkit.org/r18470. So it made sense
at that time to clean up the page and the frame separately. The Frame
was cleaned up by telling the frame's loader that the frameDetached().

This code is not necessary right now since the page owns the main frame.
And its destructor recursively detaches itself from all the frames.

  • svg/graphics/SVGImage.cpp:

(WebCore::SVGImage::~SVGImage):

1:29 AM Changeset in webkit [280229] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.32/Source/WebCore

Merge r276206 - Perform port blocking earlier in the load
https://bugs.webkit.org/show_bug.cgi?id=224525
<rdar://problem/75440591>

Unreviewed follow-up (suggested by David Kilzer)

  • loader/DocumentLoader.cpp:

(WebCore::DocumentLoader::willSendRequest): Restore an m_frame nullptr check.,

1:29 AM Changeset in webkit [280228] by Carlos Garcia Campos
  • 3 edits
    2 adds in releases/WebKitGTK/webkit-2.32/LayoutTests

Merge r276289 - [GTK][WPE] Unreviewed test gardening. Emit new port baselines after r276193.

  • platform/gtk/TestExpectations:
  • platform/gtk/security/block-test-expected.txt: Added.
  • platform/wpe/security/block-test-expected.txt:
1:29 AM Changeset in webkit [280227] by Carlos Garcia Campos
  • 2 edits
    2 adds in releases/WebKitGTK/webkit-2.32/LayoutTests

Merge r276215 - [GLIB] Unreviewed test gardening. Emit new baseline after r276193.

  • platform/glib/TestExpectations:
  • platform/glib/http/tests/xmlhttprequest/simple-cross-origin-denied-events-post-expected.txt: Added.
1:29 AM Changeset in webkit [280226] by Carlos Garcia Campos
  • 29 edits
    4 copies
    2 adds in releases/WebKitGTK/webkit-2.32

Merge r276193 - Perform port blocking earlier in the load
https://bugs.webkit.org/show_bug.cgi?id=224525
<rdar://problem/75440591>

Reviewed by Darin Adler.

Source/WebCore:

WebKit blocks loads to URLs with any of the prohibited ports defined in
the engine. This blocking happens late in the load process, allowing
connections to be made (and observed). Instead, we should stop the load
early, at the same time we perform other checks.

Test: http/tests/security/form-blocked-port.html

  • html/HTMLMediaElement.cpp:

(WebCore::HTMLMediaElement::isSafeToLoadURL): Add a check for prohibited ports,
and block (with relevant logging) if a load to a denied port is attempted.

  • loader/DocumentLoader.cpp:

(WebCore::DocumentLoader::willSendRequest): Ditto.

  • loader/FrameLoader.cpp:

(WebCore::FrameLoader::loadFrameRequest): Ditto.
(WebCore::FrameLoader::reportBlockedLoadFailed): Ditto.

  • loader/FrameLoader.h:
  • loader/PingLoader.cpp:

(WebCore::PingLoader::loadImage): Ditto.

  • loader/ResourceLoader.cpp:

(WebCore::ResourceLoader::init): Ditto.

  • loader/SubframeLoader.cpp:

(WebCore::FrameLoader::SubframeLoader::pluginIsLoadable): Ditto.
(WebCore::FrameLoader::SubframeLoader::loadSubframe): Ditto.

  • loader/cache/CachedResourceLoader.cpp:

(WebCore::CachedResourceLoader::canRequest): Ditto.
(WebCore::CachedResourceLoader::canRequestAfterRedirection const): Ditto.

Tools:

Update URLScheme test to use a non-prohibited port for the test. Tests of
failed fetches are already handled in WPT and other tests, so using a valid
port here should continue to be a valid test.

  • TestWebKitAPI/Tests/WebKitCocoa/WKURLSchemeHandler-1.mm:

(-[FrameSchemeHandler webView:startURLSchemeTask:]): Use allowed port or the test
instead of 123.

LayoutTests:

WebKit blocks loads to URLs with any of the prohibited ports defined in
the engine. This blocking happens late in the load process, allowing
connections to be made (and observed). Instead, we should stop the load
early, at the same time we perform other checks.

Note: The fact that we now block loads earlier means that we do not fire
'willSendRequestForFrame' for blocked ports, so WebKitTestRunner no longer
outputs a message to stdout. Those errors are reported in the JS console,
but since some test paths are specified to always output JS console messages
to stderrr (for example the WPT tests), we have to revise out test expectations
for a few cases.

  • fast/loader/cancel-load-during-port-block-timer.html: Revised expectation to reflect new console error message.
  • http/tests/cache/cancel-during-failure-crash-expected.txt: Ditto.
  • http/tests/preload/download_resources_from_invalid_headers-expected.txt: Update to reflect a preflight is not executed for a blocked port.
  • http/tests/preload/resources/nph-invalid_resources_from_header.pl: Update to reflect that we do not preload from restricted ports.
  • http/tests/security/blocked-on-redirect-expected.txt: Revised expectation to match revised error message.
  • http/tests/security/form-blocked-port.html: Added.
  • http/tests/security/form-blocked-port-expected.txt: Added.
  • http/tests/xmlhttprequest/cross-origin-redirect-responseURL-expected.txt: Revised expectation for revised error message.
  • http/tests/xmlhttprequest/redirect-cross-origin-2-expected.txt: Ditto.
  • http/tests/xmlhttprequest/redirect-cross-origin-expected.txt: Ditto.
  • http/tests/xmlhttprequest/simple-cross-origin-denied-events.html: Instead of using a port WebKit blocks (7), use one that is not blocked but is unlikely to be active (as originally intended). This retains the expected test behavior since we now block loads to restricted ports earlier in the load process.
  • http/tests/xmlhttprequest/simple-cross-origin-denied-events-post.html: Ditto.
  • http/tests/xmlhttprequest/simple-cross-origin-denied-events-post-expected.txt: Update test output to reflect that we are attempting to load from port 8 instead of port 7.
  • http/wpt/beacon/beacon-async-error-logging-expected.txt: Ditto.
  • http/wpt/beacon/beacon-async-error-logging.html: Update to reflect a preflight is not executed for a blocked port.
  • imported/w3c/web-platform-tests/fetch/api/request/request-bad-port.any-expected.txt: Since we block before executing the load, TestRunner no longer outputs an error message to stdout. Instead, they appear in stderr (since all 'wpt' tests are marked to dump console.log output to stderr).
  • imported/w3c/web-platform-tests/fetch/api/request/request-bad-port.any.worker-expected.txt: Ditto.
  • platform/mac-wk1/http/tests/xmlhttprequest/redirect-cross-origin-post-expected.txt: Revise to reflect change in console logging (the functional test results are identical).
  • platform/mac-wk1/http/tests/xmlhttprequest/simple-cross-origin-denied-events-post-expected.txt: Ditto.
  • platform/win/http/tests/xmlhttprequest/redirect-cross-origin-post-expected.txt: Ditto.
  • platform/win/http/tests/xmlhttprequest/simple-cross-origin-denied-events-post-expected.txt: Ditto.
  • platform/wk2/http/tests/security/blocked-on-redirect-expected.txt: Ditto.
1:29 AM Changeset in webkit [280225] by Carlos Garcia Campos
  • 9 edits in releases/WebKitGTK/webkit-2.32

Merge r275831 - Block loading for port 10080
https://bugs.webkit.org/show_bug.cgi?id=224432

Reviewed by Alex Christensen.

LayoutTests/imported/w3c:

  • web-platform-tests/fetch/api/request/request-bad-port.any-expected.txt:
  • web-platform-tests/fetch/api/request/request-bad-port.any.js:
  • web-platform-tests/fetch/api/request/request-bad-port.any.worker-expected.txt:
  • web-platform-tests/websockets/Create-blocked-port.any-expected.txt:
  • web-platform-tests/websockets/Create-blocked-port.any.js:
  • web-platform-tests/websockets/Create-blocked-port.any.worker-expected.txt:

Source/WTF:

Follow Chrome and Firefox by blocking port 10080.

  • wtf/URL.cpp:

(WTF::portAllowed):

1:17 AM Changeset in webkit [280224] by Adrian Perez de Castro
  • 2 edits in releases/WebKitGTK/webkit-2.32/Source/JavaScriptCore

Merge r276527 - [YARR Interpreter] Improper backtrack of parentheses with non-zero based greedy quantifiers
https://bugs.webkit.org/show_bug.cgi?id=224983

Reviewed by Mark Lam.

When we backtrack a parentheses with a greedy non zero based quantifier,
we don't properly restore for the case where we hadn't reached the minimum count.
We now save the input position on entry and restore it when we backtrack for
this case. We also properly release the allocated ParenthesesDisjunctionContext's.

  • yarr/YarrInterpreter.cpp:

(JSC::Yarr::Interpreter::matchParentheses):
(JSC::Yarr::Interpreter::backtrackParentheses):

1:14 AM Changeset in webkit [280223] by Adrian Perez de Castro
  • 2 edits in releases/WebKitGTK/webkit-2.32/Source/JavaScriptCore

Merge r276524 - Fix B3 strength reduction for shl.
https://bugs.webkit.org/show_bug.cgi?id=224913
rdar://76978874

Reviewed by Michael Saboff.

If the operation can potentially either underflow or overflow, then the result
can be any value.

  • b3/B3ReduceStrength.cpp:
1:08 AM Changeset in webkit [280222] by Carlos Garcia Campos
  • 2 edits in releases/WebKitGTK/webkit-2.32/Source/WebCore

Merge r273752 - Crash under KeyframeEffect::setTarget()
https://bugs.webkit.org/show_bug.cgi?id=222591
<rdar://problem/74281295>

Reviewed by David Kilzer.

The Styleable returned by targetStyleable() holds a reference to the Element that at
this point is m_target (assuming it's non-null). However, once we set the new value
for m_target, if the only reference to the original target was held by this KeyframeEffect,
then that element will be deallocated and by the time we call didChangeTargetStyleable()
it will be gone.

To address, we create a RefPtr<Element> in the scope of KeyframeEffect::setTarget()
protecting the Styleable's element while didChangeTargetStyleable() is called.

  • animation/KeyframeEffect.cpp:

(WebCore::KeyframeEffect::setTarget):

1:03 AM Changeset in webkit [280221] by Carlos Garcia Campos
  • 2 edits in trunk/Source/WebCore/platform/gtk/po

Updated Swedish translation
https://bugs.webkit.org/show_bug.cgi?id=228206

Patch by Anders Jonsson <anders.jonsson@norsjovallen.se> on 2021-07-23
Rubber-stamped by Carlos Garcia Campos.

  • sv.po:
1:01 AM Changeset in webkit [280220] by Carlos Garcia Campos
  • 2 edits in trunk/Source/WebCore/platform/gtk/po

[GTK] [l10n] Updated Ukrainian translation of WebKitGTK+
https://bugs.webkit.org/show_bug.cgi?id=228188

Patch by Yuri Chornoivan <yurchor@ukr.net> on 2021-07-23
Rubber-stamped by Carlos Garcia Campos.

  • uk.po:
12:59 AM Changeset in webkit [280219] by Carlos Garcia Campos
  • 2 edits in trunk/Source/WebCore/platform/gtk/po

[l10n] [pt_BR] Updated Brazilian Portuguese translation
https://bugs.webkit.org/show_bug.cgi?id=227623

Patch by Rafael Fontenelle <rafaelff@gnome.org> on 2021-07-23
Rubber-stamped by Carlos Garcia Campos.

  • pt_BR.po:
12:30 AM Changeset in webkit [280218] by commit-queue@webkit.org
  • 2 edits in trunk/LayoutTests

Removed incorrect test from webgl tests.
https://bugs.webkit.org/show_bug.cgi?id=220720

Patch by Eleni Maria Stea <hikiko> on 2021-07-23
Reviewed by Kenneth Russell.

The removed test was based on the incorrect assumption that
deleted buffer names remain valid until the object they used to
refer to is destroyed. According to the WebGL spec:
https://www.khronos.org/registry/webgl/specs/1.0.3/ section:
5.14.5 isBuffer "Return false if the buffer's invalidated flag
is set", this is not true and names become invalid immediately.

  • fast/canvas/webgl/oes-vertex-array-object.html:
Note: See TracTimeline for information about the timeline view.