Context Navigation

← Previous Period
Next Period →

Timeline

Mar 7, 2022:

11:28 PM Changeset in webkit [290976] by Simon Fraser

16 edits in trunk/Source

Rename VolatilityState to SetNonVolatileResult
https://bugs.webkit.org/show_bug.cgi?id=237562

Reviewed by Tim Horton.

Pure rename. I want to use VolatilityState to actually reflect state.

Source/WebCore:

platform/graphics/ConcreteImageBuffer.h:
platform/graphics/ImageBuffer.h:
platform/graphics/ImageBufferBackend.h:

(WebCore::ImageBufferBackend::setNonVolatile):

platform/graphics/cg/ImageBufferIOSurfaceBackend.cpp:

(WebCore::ImageBufferIOSurfaceBackend::setNonVolatile):

platform/graphics/cg/ImageBufferIOSurfaceBackend.h:
platform/graphics/cocoa/IOSurface.h:
platform/graphics/cocoa/IOSurface.mm:

(WebCore::IOSurface::state const):
(WebCore::IOSurface::setVolatile):
(WebCore::operator<<):

Source/WebKit:

GPUProcess/graphics/RemoteRenderingBackend.cpp:

(WebKit::RemoteRenderingBackend::markSurfaceNonVolatile):
(WebKit::RemoteRenderingBackend::swapToValidFrontBuffer):

Shared/RemoteLayerTree/RemoteLayerBackingStore.h:
Shared/RemoteLayerTree/RemoteLayerBackingStore.mm:

(WebKit::RemoteLayerBackingStore::setBufferNonVolatile):
(WebKit::RemoteLayerBackingStore::didMakeFrontBufferNonVolatile):

UIProcess/ViewSnapshotStore.h:
UIProcess/mac/ViewSnapshotStoreMac.mm:

(WebKit::ViewSnapshot::setVolatile):
(WebKit::ViewSnapshot::asLayerContents):

WebProcess/GPU/graphics/RemoteRenderingBackendProxy.cpp:

(WebKit::RemoteRenderingBackendProxy::markSurfaceNonVolatile):

WebProcess/GPU/graphics/RemoteRenderingBackendProxy.h:

11:18 PM Changeset in webkit [290975] by Elliott Williams

8 edits in trunk/Source/JavaScriptCore

[XCBuild] Emit a discovered dependency file from offlineasm
https://bugs.webkit.org/show_bug.cgi?id=237329

Reviewed by Keith Miller.

Xcode needs to know what files offlineasm uses and produces in order to schedule it
correctly in incremental builds. Rather than use generated xcfilelists like WebKit does
elsewhere in the project, emit a depfile from offlineasm based on the parse tree's source
files.

Discovered dependency files ("depfiles") are Makefile-formatted files which list the inputs
used to produce an output. They are emitting during the build to a temporary directory, and
ensure that subsequent incremental builds will re-run offlineasm when any of the included
sources change. This is the same mechanism clang uses to track header dependencies.

Unfortunately, the legacy build system will refuse to execute a script phase or rule that
emits a depfile. To work around this, convert the offlineasm pipeline to be based on build
rules, to be used by XCBuild only. The idea is that LowLevelInterpreter.asm is listed as a
source build file in JSCLLIntSettingsExtractor, JSCLLIntOffsetsExtractor, and
JavaScriptCore. Each target uses a build rule to generate its respective header from
LowLevelInterpreter.asm. Xcode schedules these rule executions before any clang tasks.

The legacy build system avoids executing the rules via EXCLUDED_SOURCE_FILE_NAMES, and
instead uses the existing build phases, which have "(Legacy)" in their names and are now
no-ops under XCBuild.

Aside from working around the legacy build system's limitations, using build rules is
probably a superior way to express what we're doing, as it gives Xcode the opportunity to
compile other objects in parallel, and could be easily extended to compile multiple discrete
asm files should the need arise.

Configurations/ToolExecutable.xcconfig: Build rules are XCBuild-only.
JavaScriptCore.xcodeproj/project.pbxproj: Add build rules, rename legacy scripts.
offlineasm/asm.rb: Add --depfile flag.
offlineasm/generate_offset_extractor.rb: Add --depfile flag.
offlineasm/generate_settings_extractor.rb: Add --depfile flag.

10:41 PM Changeset in webkit [290974] by achristensen@apple.com

4 edits
1 delete in trunk/Source/ThirdParty/libwebrtc

Unreviewed, reverting r290966.

Broke ews and make

Reverted changeset:

"[XCBuild] libwebrtc's headers are copied via rsync and do not
emit task outputs"
https://bugs.webkit.org/show_bug.cgi?id=237112
https://commits.webkit.org/r290966

9:18 PM Changeset in webkit [290973] by Russell Epstein

2 edits in branches/safari-613-branch/Source/WebKit

Cherry-pick r290961. rdar://problem/89912760

[macCatalyst] Compilation error: WebContentProcess.xib: error: macOS xibs do not support target device type "ipad".
https://bugs.webkit.org/show_bug.cgi?id=237549
rdar://89912760

Patch by Richard Houle <rhoule@apple.com> on 2022-03-07
Reviewed by Alexey Proskuryakov.

Xcode for macOS 12.5 complains that we bundle Mac XIBs inside our macCatalyst builds.

Configurations/BaseXPCService.xcconfig:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@290961 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7:27 PM Changeset in webkit [290972] by timothy_horton@apple.com

2 edits in trunk/Source/WebCore

Fix the build

platform/graphics/GraphicsContext.h:

7:07 PM Changeset in webkit [290971] by Brent Fulgham

4 edits in trunk/Source/WebKit

Remove remnants of WebKit.Plugin.64.xpc service
https://bugs.webkit.org/show_bug.cgi?id=237555
<rdar://84485232>

Reviewed by Alexey Proskuryakov.

Although plugins have been disabled for a number of years, the actual code behind this
feature was only removed this cycle (see Bugs 232462, 234354, and 234379). I noticed a few
remaining bits of the removed plugin process that should also be cleaned up.

Scripts/process-entitlements.sh:
Shared/EntryPointUtilities/Cocoa/XPCService/XPCServiceMain.mm:

(WebKit::XPCServiceEventHandler):

Shared/mac/AuxiliaryProcessMac.mm:

(WebKit::sandboxDirectory):
(WebKit::applySandbox):

7:00 PM Changeset in webkit [290970] by ddkilzer@apple.com

2 edits in trunk/Tools

Fix Release builds for sanitizers by defining RELEASE_WITHOUT_OPTIMIZATIONS
<https://webkit.org/b/237556>
<rdar://problem/89929061>

Reviewed by Kate Cheney.

sanitizer/sanitizer.xcconfig:

(OTHER_CFLAGS): Add -DRELEASE_WITHOUT_OPTIMIZATIONS so Release
builds at lower optimization levels don't fail.

6:12 PM Changeset in webkit [290969] by pvollan@apple.com

10 edits in trunk/Source

Preconnecting after process swap is a page load time improvement on some devices
https://bugs.webkit.org/show_bug.cgi?id=237055
<rdar://problem/89638872>

Reviewed by Geoffrey Garen.

Source/WebCore:

Export method.

platform/network/NetworkLoadMetrics.h:

Source/WebKit:

On some devices we see that doing a second preconnect on HTTP/1.1 is a significant page load time improvement.
This is due to the fact that most page loads on HTTP/1.1 will open several connections, and having two
preconnected connections instead of one, will speed up page load time. This patch implements this by starting
a second preconnect after the first has finished. It is important to wait until the first preconnect has
finished, otherwise the second preconnect will go to waste, since the underlying network layer does not yet
know if this is HTTP/1.1 or not. Since we do not see page load time improvement on iOS with this behavior,
it is currently only enabled for macOS. The next step is to investigate why it does not seem to be a page
load time improvement on iOS. We probably need to make sure the main resource load has started before we
start the second preconect. This will avoid that the second preconnect returns immediately.

NetworkProcess/NetworkConnectionToWebProcess.cpp:

(WebKit::NetworkConnectionToWebProcess::sendH2Ping):
(WebKit::NetworkConnectionToWebProcess::preconnectTo):

NetworkProcess/NetworkProcess.cpp:

(WebKit::NetworkProcess::preconnectTo):

NetworkProcess/PreconnectTask.cpp:

(WebKit::PreconnectTask::PreconnectTask):
(WebKit::PreconnectTask::didFinishLoading):
(WebKit::PreconnectTask::didFailLoading):
(WebKit::PreconnectTask::didFinish):

NetworkProcess/PreconnectTask.h:
NetworkProcess/cache/NetworkCacheSpeculativeLoadManager.cpp:

(WebKit::NetworkCache::SpeculativeLoadManager::preconnectForSubresource):

Source/WTF:

Add ENABLE guard for this behavior.

wtf/PlatformEnableCocoa.h:

5:39 PM Changeset in webkit [290968] by Jean-Yves Avenard

6 edits in trunk

Add ability to convert FragmentedSharedBuffer to CMBlockBuffer
https://bugs.webkit.org/show_bug.cgi?id=237075
Source/WebCore:

rdar://89338447

Reviewed by Jer Noble.

Add FragmentedSharedBuffer::getContiguousData and
FragmentedSharedBuffer::createCMBlockBuffer methods.

API tests added for getContiguousData.
createCMBlockBuffer will be used in a follow-up patch.

platform/SharedBuffer.cpp:

(WebCore::FragmentedSharedBuffer::getContiguousData const):

platform/SharedBuffer.h:
platform/cocoa/SharedBufferCocoa.mm:

(WebCore::FreeSharedBuffer):
(WebCore::FragmentedSharedBuffer::createCMBlockBuffer const):

Tools:

Reviewed by Jer Noble.

TestWebKitAPI/Tests/WebCore/SharedBuffer.cpp:

(TestWebKitAPI::TEST_F):

5:28 PM Changeset in webkit [290967] by Russell Epstein

2 edits in branches/safari-613-branch/Source/WebKit

Cherry-pick r285688. rdar://problem/85307256

[macOS] Add required methods to IOKit message filter
https://bugs.webkit.org/show_bug.cgi?id=233012
<rdar://85307256>

Reviewed by Brent Fulgham.

Add required methods to IOKit message filter on macOS.

WebProcess/com.apple.WebProcess.sb.in:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@285688 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5:26 PM Changeset in webkit [290966] by Elliott Williams

4 edits
1 add in trunk/Source/ThirdParty/libwebrtc

[XCBuild] libwebrtc's headers are copied via rsync and do not emit task outputs
https://bugs.webkit.org/show_bug.cgi?id=237112

Reviewed by Alexey Proskuryakov.

Reconfigure the Xcode project to copy libwebrtc's headers natively, using the same approach
as https://commits.webkit.org/247585@main and https://commits.webkit.org/247656@main.

Add a target for absl's headers, so that they can be copied and configured separately from
webrtc's headers. This target does not have any source files, so it is effectively
headers-only.

libwebrtc.xcodeproj is very messy and doesn't always align with the on-disk representation
of the project's sources, but I have combed through all the source directories to ensure
that all headers which aren't obviously testing or non-Mac-related are included.

Configurations/Base.xcconfig: Copy WK_WHICH_BUILD_SYSTEM from other projects.
Configurations/libabsl.xcconfig: Added.
Configurations/libwebrtc.xcconfig: Set header-related build settings.
libwebrtc.xcodeproj/project.pbxproj: Tons of header additions and visibility changes.

4:32 PM Changeset in webkit [290965] by Andres Gonzalez

5 edits
2 adds in trunk

Fix for <select> elements in isolated tree mode.
https://bugs.webkit.org/show_bug.cgi?id=237483
rdar://89530022

Reviewed by Chris Fleizach.

Source/WebCore:

Test: accessibility/dropdown-value.html

AXObjectCache was not updating the isolated tree for
AXMenuListValueChanged notifications. Added handleMenuListValueChanged()
for this purpose.

accessibility/AXObjectCache.cpp:

(WebCore::AXObjectCache::performDeferredCacheUpdate):
(WebCore::AXObjectCache::handleMenuListValueChanged):
(WebCore::AXObjectCache::updateIsolatedTree):

accessibility/AXObjectCache.h:

LayoutTests:

accessibility/dropdown-value-expected.txt: Added.
accessibility/dropdown-value.html: Added.

4:00 PM Changeset in webkit [290964] by Jean-Yves Avenard

9 edits
1 add in trunk

MediaTime::invalidTime() conversion to CMTime incorrectly creates a valid time.
https://bugs.webkit.org/show_bug.cgi?id=237473
rdar://problem/89814921

Reviewed by Jer Noble.

Source/WebCore:

Fly-by fix: update call to AVOutputContextOutputDevicesDidChangeNotification
now that the access macro got fixed.

API Test added.

platform/audio/ios/MediaSessionHelperIOS.mm:

(-[WebMediaSessionHelper startMonitoringAirPlayRoutes]):

platform/graphics/avfoundation/objc/AVRoutePickerViewTargetPicker.mm:

(WebCore::AVRoutePickerViewTargetPicker::outputContextInternal):
(WebCore::AVRoutePickerViewTargetPicker::routeDetector):
(WebCore::AVRoutePickerViewTargetPicker::invalidatePlaybackTargets):
(-[WebAVRoutePickerViewHelper notificationHandler:]):

Source/WebCore/PAL:

Fly-by fix: macro definition to access method
AVOutputContextOutputDevicesDidChangeNotification was incorrect.

pal/avfoundation/MediaTimeAVFoundation.cpp:

(PAL::toCMTime): Ensure that if the converted time was invalid. The
flag is carried accross.

pal/cocoa/AVFoundationSoftLink.h:

Tools:

Fly-by fixes: AVFoundationSoftLinkTest wasn't being compiled

TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
TestWebKitAPI/Tests/WebCore/cocoa/AVFoundationSoftLinkTest.mm:

(TestWebKitAPI::TEST):

TestWebKitAPI/Tests/WebCore/cocoa/CoreMediaUtilities.mm: Added.

(TestWebKitAPI::TEST):

3:51 PM Changeset in webkit [290963] by Russell Epstein

1 copy in tags/Safari-614.1.5.8

Tag Safari-614.1.5.8.

3:50 PM Changeset in webkit [290962] by Russell Epstein

3 edits in branches/safari-614.1.5-branch/Source/WebGPU

Cherry-pick r290960. rdar://problem/89920518

Catalyst build failure in WebGPU when building with SYSTEM_CONTENT_PATH
https://bugs.webkit.org/show_bug.cgi?id=237542

Reviewed by Saam Barati.

Updated create-symlink-to-altroot.sh to create the directory containing the output if is doesn't
exist in lieu of specifying an output file in the build step.
This is the way that other projects are configured.

Scripts/create-symlink-to-altroot.sh:
WebGPU.xcodeproj/project.pbxproj:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@290960 268f45cc-cd09-0410-ab3c-d52691b4dbfc

3:47 PM Changeset in webkit [290961] by commit-queue@webkit.org

2 edits in trunk/Source/WebKit

[macCatalyst] Compilation error: WebContentProcess.xib: error: macOS xibs do not support target device type "ipad".
https://bugs.webkit.org/show_bug.cgi?id=237549
rdar://89912760

Patch by Richard Houle <rhoule@apple.com> on 2022-03-07
Reviewed by Alexey Proskuryakov.

Xcode for macOS 12.5 complains that we bundle Mac XIBs inside our macCatalyst builds.

Configurations/BaseXPCService.xcconfig:

3:08 PM Changeset in webkit [290960] by msaboff@apple.com

3 edits in trunk/Source/WebGPU

Catalyst build failure in WebGPU when building with SYSTEM_CONTENT_PATH
https://bugs.webkit.org/show_bug.cgi?id=237542

Reviewed by Saam Barati.

Updated create-symlink-to-altroot.sh to create the directory containing the output if is doesn't
exist in lieu of specifying an output file in the build step.
This is the way that other projects are configured.

Scripts/create-symlink-to-altroot.sh:
WebGPU.xcodeproj/project.pbxproj:

3:07 PM Changeset in webkit [290959] by mark.lam@apple.com

2 edits in trunk/LayoutTests

Remove TestExpectations for imported/w3c/web-platform-tests/IndexedDB/key-generators/reading-autoincrement-indexes-cursors.any.worker.html.
https://bugs.webkit.org/show_bug.cgi?id=229244

Not reviewed.

TestExpectaions says this test will either pass or crash. However, the test history
at https://results.webkit.org/?suite=layout-tests&test=imported%2Fw3c%2Fweb-platform-tests%2FIndexedDB%2Fkey-generators%2Freading-autoincrement-indexes-cursors.any.worker.html
shows that this test hasn't crashed in a very long time.

Also local runs of the test on AppleSilicon with Debug WK1 pass with no crash.

platform/mac/TestExpectations:

2:32 PM Changeset in webkit [290958] by Chris Dumez

7 edits in trunk

allow-custom-protocols-navigation sandbox flag.
https://bugs.webkit.org/show_bug.cgi?id=237269
<rdar://problem/89899736>

Reviewed by Geoffrey Garen.

Source/WebCore:

Add support for allow-custom-protocols-navigation iframe sandbox flag to allow sandboxed iframes
to navigate to custom protocols, as per:

https://github.com/whatwg/html/pull/7654

We recently started preventing sandboxed iframes from navigating to custom protocols, which broke
Microsoft Teams. We added a quirk for Microsoft Teams which we should be able to drop once they
adopt this new sandbox flag.

dom/SecurityContext.cpp:

(WebCore::SecurityContext::isSupportedSandboxPolicy):
(WebCore::SecurityContext::parseSandboxPolicy):

dom/SecurityContext.h:

Source/WebKit:

Add support for allow-custom-protocols-navigation iframe sandbox flag to allow sandboxed iframes
to navigate to custom protocols, as per:

https://github.com/whatwg/html/pull/7654

UIProcess/WebPageProxy.cpp:

(WebKit::frameSandboxAllowsOpeningExternalCustomProtocols):

Tools:

Add API test coverage.

TestWebKitAPI/Tests/WebKitCocoa/Navigation.mm:

(TEST):

2:13 PM Changeset in webkit [290957] by Elliott Williams

3 edits in trunk/Source/WebKit

DerivedSources.make: Regenerate message receiver sources on Makefile changes
https://bugs.webkit.org/show_bug.cgi?id=237543

Reviewed by Alexey Proskuryakov.

This script depends on configuration and other sources in DerivedSources.make, so it should
regenerate when they change. Fixes one-time incremental build failures caused by r290896.

DerivedSources.make:

2:11 PM Changeset in webkit [290956] by Russell Epstein

6 edits
2 adds in branches/safari-613-branch

Cherry-pick r290853. rdar://problem/88669147

about:blank iframes do not always inherit parent CSP
https://bugs.webkit.org/show_bug.cgi?id=236347
<rdar://problem/88669147>

Reviewed by Brent Fulgham.

Source/WebCore:

Test: http/tests/security/contentSecurityPolicy/block-eval-onload-in-nested-about-blank-iframe.html

Usually we initialize CSP for window when we create a jsWindowProxy
for that frame. In this case, we load an about:blank iframe that
attempts to run eval() in the onload function of its own nested
iframe. Since we never run script in frame, we don't initialize a
jsWindowProxy and thus never propogate its CSP.

This fix checks the document's CSP in FrameLoader::clear when we
initialize a new JSGlobalObject and sets the eval value in the window
accordingly to properly enforce CSP.

bindings/js/ScriptController.cpp: (WebCore::ScriptController::enableEval):
bindings/js/ScriptController.h:
loader/FrameLoader.cpp: (WebCore::FrameLoader::clear):
page/csp/ContentSecurityPolicy.h: (WebCore::ContentSecurityPolicy::evalErrorMessage const):

LayoutTests:

http/tests/security/contentSecurityPolicy/block-eval-onload-in-nested-about-blank-iframe-expected.txt: Added.
http/tests/security/contentSecurityPolicy/block-eval-onload-in-nested-about-blank-iframe.html: Added We can't use modern js-test.js and related functions because js-test.js uses eval() and loading it makes the test time out when the eval is blocked by the document's CSP. We can't specify unsafe-eval because the whole point of this test is to block eval.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@290853 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:11 PM Changeset in webkit [290955] by Russell Epstein

4 edits
3 adds in branches/safari-613-branch

Cherry-pick r290812. rdar://problem/84662329

Element with position: sticky after sticking, starts to move incorrectly when scrolling
https://bugs.webkit.org/show_bug.cgi?id=231953
<rdar://84662329>

Reviewed by Sam Weinig.

Source/WebCore:

Sometimes we'd fail to push new StickyPositionViewportConstraints to the scrolling
tree, because operator== failed to compare m_constrainingRectAtLastLayout. This breaks
the requirement that the "last committed scroll position" for the overflow scrolling
node has to be updated in the same commit as the "constraining-rect-at-last-layout"
on the sticky node.

Test: scrollingcoordinator/scrolling-tree/sticky-in-overflow-stale-constraints.html

page/scrolling/ScrollingConstraints.cpp: (WebCore::operator<<):
page/scrolling/ScrollingConstraints.h: (WebCore::StickyPositionViewportConstraints::operator== const):

LayoutTests:

platform/ios-wk2/scrollingcoordinator/scrolling-tree/sticky-in-overflow-stale-constraints-expected.txt: Added.
scrollingcoordinator/scrolling-tree/sticky-in-overflow-stale-constraints-expected.txt: Added.
scrollingcoordinator/scrolling-tree/sticky-in-overflow-stale-constraints.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@290812 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:11 PM Changeset in webkit [290954] by Russell Epstein

13 edits in branches/safari-613-branch/Source/JavaScriptCore

Cherry-pick r290788. rdar://problem/83494949

Add a DeferTraps scope
https://bugs.webkit.org/show_bug.cgi?id=237306
<rdar://83494949>

Reviewed by Mark Lam.

bytecode/CodeBlock.cpp: (JSC::CodeBlock::CodeBlock): (JSC::CodeBlock::jettison): (JSC::CodeBlock::noticeIncomingCall):
bytecode/CodeBlock.h:
bytecode/RepatchInlines.h: (JSC::linkFor): (JSC::virtualForWithFunction):
dfg/DFGOperations.cpp: (JSC::DFG::JSC_DEFINE_JIT_OPERATION):
interpreter/Interpreter.cpp: (JSC::Interpreter::executeProgram): (JSC::Interpreter::executeCall): (JSC::Interpreter::executeConstruct): (JSC::Interpreter::execute): (JSC::Interpreter::executeModuleProgram):
interpreter/InterpreterInlines.h: (JSC::Interpreter::execute):
llint/LLIntSlowPaths.cpp: (JSC::LLInt::setUpCall):
runtime/ExceptionScope.h:
runtime/ScriptExecutable.cpp: (JSC::ScriptExecutable::installCode):
runtime/VMTraps.cpp: (JSC::VMTraps::handleTraps): (JSC::VMTraps::takeTopPriorityTrap):
runtime/VMTraps.h: (JSC::VMTraps::needHandling const): (JSC::VMTraps::maybeNeedHandling const): (JSC::VMTraps::hasTrapBit): (JSC::VMTraps::setTrapBit):
runtime/VMTrapsInlines.h: (JSC::DeferTraps::DeferTraps): (JSC::DeferTraps::~DeferTraps):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@290788 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:11 PM Changeset in webkit [290953] by Russell Epstein

11 edits
2 adds in branches/safari-613-branch

Cherry-pick r290785. rdar://problem/66568551

nasa.gov page with fixed backgrounds paints incorrectly on scroll
https://bugs.webkit.org/show_bug.cgi?id=237405
<rdar://66568551>

Reviewed by Antti Koivisto.
Source/WebCore:

https://www.nasa.gov/specials/artemis/ shows an issue where elements with background-attachment:fixed
don't repaint on scroll. This page has scrollable <html> and <body>, and the elements with fixed
backgrounds are composited, so this reveals that we fail to repaint composited children
of an overflow scroll in this case.

Fix by having RenderLayerScrollableArea::scrollTo() do repaints on slow repaint objects
which are scrolled by the current scroller.

Do some unrelated cleanup in code that I was going to use in this patch but turned out
not to need: rename hasFixedBackgroundImage() to hasAnyFixedBackground() for clarity,
and share the implementation with hasAnyLocalBackground().

Test: fast/repaint/background-attachment-fixed-in-composited-scroll.html

rendering/RenderElement.cpp: (WebCore::RenderElement::styleWillChange): (WebCore::RenderElement::willBeDestroyed):
rendering/RenderLayer.cpp:
rendering/RenderLayerScrollableArea.cpp: (WebCore::RenderLayerScrollableArea::scrollTo):
rendering/style/FillLayer.cpp: (WebCore::FillLayer::hasImageWithAttachment const): (WebCore::FillLayer::hasFixedImage const): Deleted.
rendering/style/FillLayer.h:
rendering/style/RenderStyle.cpp: (WebCore::RenderStyle::hasAnyLocalBackground const): Deleted.
rendering/style/RenderStyle.h: (WebCore::RenderStyle::hasBackgroundImage const): (WebCore::RenderStyle::hasAnyFixedBackground const): (WebCore::RenderStyle::hasAnyLocalBackground const): (WebCore::RenderStyle::hasFixedBackgroundImage const): Deleted.

LayoutTests:

Repaint test which is only valid for mac-wk2 (iOS does not support background-attachment:fixed).

TestExpectations:
fast/repaint/background-attachment-fixed-in-composited-scroll-expected.txt: Added.
fast/repaint/background-attachment-fixed-in-composited-scroll.html: Added.
platform/mac-wk2/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@290785 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:11 PM Changeset in webkit [290952] by Russell Epstein

6 edits
2 adds in branches/safari-613-branch

Cherry-pick r290778. rdar://problem/88297045

macOS Safari 15.2 Audio Echo Issue after camera pause/unpause
https://bugs.webkit.org/show_bug.cgi?id=235544
<rdar://problem/88297045>

Reviewed by Eric Carlson.

Source/WebCore:

After https://commits.webkit.org/r275600, the muted state of MediaPlayer would be set to the page muted state
without taking into consideration HTMLMediaElement.muted.
Update the call site to use effectiveMuted instead.
Add internals API to write a corresponding layout test.

Test: fast/mediastream/mediastreamtrack-audiovideo-mutepage.html

html/HTMLMediaElement.cpp:
testing/Internals.cpp:
testing/Internals.h:
testing/Internals.idl:

LayoutTests:

fast/mediastream/mediastreamtrack-audiovideo-mutepage-expected.txt: Added.
fast/mediastream/mediastreamtrack-audiovideo-mutepage.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@290778 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:11 PM Changeset in webkit [290951] by Russell Epstein

14 edits in branches/safari-613-branch

Cherry-pick r290765. rdar://problem/89232969

Throw proper exception on failed removeEntry() calls
https://bugs.webkit.org/show_bug.cgi?id=237382
<rdar://89232969>

Reviewed by Chris Dumez.

LayoutTests/imported/w3c:

web-platform-tests/file-system-access/sandboxed_FileSystemDirectoryHandle-getDirectoryHandle.https.any-expected.txt:
web-platform-tests/file-system-access/sandboxed_FileSystemDirectoryHandle-getDirectoryHandle.https.any.worker-expected.txt:
web-platform-tests/file-system-access/sandboxed_FileSystemDirectoryHandle-getFileHandle.https.any-expected.txt:
web-platform-tests/file-system-access/sandboxed_FileSystemDirectoryHandle-getFileHandle.https.any.worker-expected.txt:
web-platform-tests/file-system-access/sandboxed_FileSystemDirectoryHandle-removeEntry.https.any-expected.txt:
web-platform-tests/file-system-access/sandboxed_FileSystemDirectoryHandle-removeEntry.https.any.worker-expected.txt:

Source/WebKit:

Updated existing tests.

NetworkProcess/storage/FileSystemStorageError.h: (WebKit::convertToException):
NetworkProcess/storage/FileSystemStorageHandle.cpp: (WebKit::FileSystemStorageHandle::removeEntry):

LayoutTests:

storage/filesystemaccess/handle-move-expected.txt:
storage/filesystemaccess/handle-move-worker-expected.txt:
storage/filesystemaccess/resources/handle-move.js: (async test):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@290765 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:11 PM Changeset in webkit [290950] by Russell Epstein

2 edits in branches/safari-613-branch/Source/WebKit

Cherry-pick r290758. rdar://problem/89710486

[AppSSO] Correct logging messages to avoid confusing screeners that an error has occurred
https://bugs.webkit.org/show_bug.cgi?id=237390
<rdar://problem/89710486>

Reviewed by Simon Fraser.

The phrasing of the message in 'SOAuthorizationCoordinator::tryAuthorize' when a URL is not relevant for
AppSSO flows is:

AUTHORIZATIONCOORDINATOR_RELEASE_LOG("tryAuthorize: Cannot authorize the requested URL.");

This leads people spelunking logs to believe that the URL can't be authorized (perhaps due to an error).

Instead, we should more accurately report that the URL is not one that is mediated through an AppSSO flow,
and so no AppSSO processing is needed.

UIProcess/Cocoa/SOAuthorization/SOAuthorizationCoordinator.mm: (WebKit::SOAuthorizationCoordinator::tryAuthorize):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@290758 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:11 PM Changeset in webkit [290949] by Russell Epstein

2 edits in branches/safari-613-branch/Source/WebKit

Cherry-pick r290755. rdar://problem/89700242

[WebAuthn] Completion handler is not called when WebAuthn invoked without proper entitlements
https://bugs.webkit.org/show_bug.cgi?id=237380
<rdar://problem/89700242>

Reviewed by Chris Dumez.

WebAuthn is not permitted outside of Web Browser applications. When an application that lacks
the full web browser entitlement attempts to invoke WebAuthn flows, we do an early return. However,
the completion handler for this flow is bypassed, preventing applications from being informed of
this problem.

WebProcess/WebAuthentication/WebAuthenticatorCoordinator.cpp: (WebKit::WebAuthenticatorCoordinator::makeCredential): (WebKit::WebAuthenticatorCoordinator::getAssertion): (WebKit::WebAuthenticatorCoordinator::isUserVerifyingPlatformAuthenticatorAvailable):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@290755 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:11 PM Changeset in webkit [290948] by Russell Epstein

3 edits
2 adds in branches/safari-613-branch

Cherry-pick r290706. rdar://problem/89566459

REGRESSION(r285232) https://alvaromontoro.github.io/almond.css/demo/ looks wrong in Safari, ok in Chrome and Firefox
https://bugs.webkit.org/show_bug.cgi?id=237276
<rdar://problem/89566459>

Reviewed by Simon Fraser.

Source/WebCore:

r285232 introduced the isFixed() check as a resolvable preferred width type, but percent values are also resolvable as
block layout gets the horizontal constraint from the containing block chain (unlike the height percent values) -i.e. 'width: 50%' can be resolved during preferred width computation.

Test: fast/css-grid-layout/ascpect-ratio-with-percent-width.html

rendering/RenderBlock.cpp: (WebCore::RenderBlock::availableLogicalHeightForPercentageComputation const):

LayoutTests:

fast/css-grid-layout/ascpect-ratio-with-percent-width-expected.html: Added.
fast/css-grid-layout/ascpect-ratio-with-percent-width.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@290706 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:10 PM Changeset in webkit [290947] by Russell Epstein

5 edits in branches/safari-613-branch/Source/WebCore

Cherry-pick r290671. rdar://problem/87340464

Web app fails only when dev tools is open
https://bugs.webkit.org/show_bug.cgi?id=235017

Reviewed by Devin Rousso.

Using the ScriptExecutionContext from event.target()->scriptExecutionContext() can result the either having a
different script context from the one used when calling willHandleEvent, or the event target's context could be
nullptr. This can occur when handling the event in EventTarget::innerInvokeEventListeners results in a
context change for the event's target, like a MessagePort that has been disentangled, which sets the script
execution context to nullptr. Because we only need the script execution context to get the correct injected
script, and the correct injected script for the action below will always be the same injected script used in
willHandleEvent, we ignore the current script execution context of the event's target and use the context the
event's target had when it began invoking event listeners.

This change protects us both from the reported crash, as well as leaving an injected script in a bad state
because we did not call setEventValue and clearEventValue on matching injected scripts for a single event.

inspector/InspectorInstrumentation.cpp: (WebCore::InspectorInstrumentation::willHandleEventImpl): (WebCore::InspectorInstrumentation::didHandleEventImpl):
inspector/InspectorInstrumentation.h: (WebCore::InspectorInstrumentation::willHandleEvent): (WebCore::InspectorInstrumentation::didHandleEvent):
inspector/agents/InspectorDOMDebuggerAgent.cpp: (WebCore::InspectorDOMDebuggerAgent::willHandleEvent): (WebCore::InspectorDOMDebuggerAgent::didHandleEvent):
inspector/agents/InspectorDOMDebuggerAgent.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@290671 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:10 PM Changeset in webkit [290946] by Russell Epstein

2 edits in branches/safari-613-branch/Source/WebKit

Cherry-pick r290629. rdar://problem/88903506

[IPC] Do more hardening in WebSWServerConnection's client registration / unregistration
https://bugs.webkit.org/show_bug.cgi?id=237290
<rdar://88903506>

Reviewed by Alex Christensen.

Validate client identifiers sent by the WebContent process via IPC to make sure that the
process identifier of the client actually matches the process identifier of the process
we're connected to.

Also validate the SecurityOriginData to make sure it is not empty. We support sending
empty SecurityOriginData objects over IPC. However, they cannot be used as keys in
HashMaps.

If validation fails, we assume the WebContent process is compromised and we terminate it.

NetworkProcess/ServiceWorker/WebSWServerConnection.cpp: (WebKit::WebSWServerConnection::registerServiceWorkerClient): (WebKit::WebSWServerConnection::unregisterServiceWorkerClient):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@290629 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:10 PM Changeset in webkit [290945] by Russell Epstein

5 edits
7 adds in branches/safari-613-branch

Cherry-pick r290606. rdar://problem/89482882

[macOS] Unable to upload ".pages" files to file inputs accepting ".pages" and ".jpeg" files
https://bugs.webkit.org/show_bug.cgi?id=237219
rdar://89482882

Reviewed by Tim Horton and Said Abou-Hallawa.

Source/WebCore:

In r264286, WebKit began transcoding images of an unsupported format
to a supported format, for file inputs that accepted image types. For
example, selecting a HEIF image in an input that accepts JPEG images
would transcode the selected image to a JPEG image.

In order to determine when attempt transcoding, the logic added in
r264286 obtains the MIME type corresponding to the selected file's
extension, and compares that to the list of accepted MIME types.
If there is a mismatch, transcoding is attempted.

The ".pages" extension does not have a well-defined MIME type in
NSURLFileTypeMappings. This is due to the fact that a the extension
maps to both a file and a package type. Consequently, the retrieved
MIME type for ".pages" files is an empty string. Following r227051,
when the file input also accepts an image type, WebKit attempts to
transcode these files, and any others that do not have a well-defined
MIME type.

While the aforementioned behavior can be considered strange, it is not
an issue in practice, since WebKit will attempt to transcode the
image, fail to do so, and upload the original file. The failure is
detected in CGImageDestinationFinalize, which returns false if an image
was not successfully written. However, a recent regression in the
ImageIO framework is causing CGImageDestinationFinalize to return true,
even if image transcoding fails. This results in WebKit uploading a
zero byte JPEG file, when a user attempts to upload ".pages" files to
file inputs accepting ".pages" and ".jpeg" files.

Ideally, the described issue would be resolved by a fix in ImageIO.
However, a more immediate solution exists in WebKit: only attempt to
transcode files to an accepted image type, if the file selected is
image. ".pages" files are not images, and WebKit should not attempt
to transcode them. See below for further explanation of the solution.

Test: fast/forms/file/entries-api/pages-jpeg-open-panel.html

platform/graphics/cg/ImageUtilitiesCG.cpp: (WebCore::transcodeImage):

Prior to using ImageIO to perform transcoding, WebKit obtains a Uniform
Type Identifier for the selected file using CGImageSourceCreateWithURL
and CGImageSourceGetType. If the file is not an image, a null string is
returned. WebKit can use this information to avoid the transcoding
attempt, and avoid calls to ImageIO methods further down this method.
Specifically, this solution works around the ImageIO bug by avoiding
the call to CGImageDestinationFinalize for non-images. The solution is
also an overall improvement, as WebKit now avoids unnecessary calls to
multiple ImageIO methods, in cases where we know transcoding will fail.

LayoutTests:

Add a layout test that contains a file input that accepts ".pages" and
".jpeg" files, and attempts to upload a ".pages" file.

TestExpectations:
fast/forms/file/entries-api/pages-jpeg-open-panel-expected.txt: Added.
fast/forms/file/entries-api/pages-jpeg-open-panel.html: Added.
fast/forms/file/entries-api/pdf-jpeg-open-panel-expected.txt: Added.
fast/forms/file/entries-api/pdf-jpeg-open-panel.html: Added.
fast/forms/file/entries-api/resources/documents/document.pages: Added.
fast/forms/file/entries-api/resources/documents/document.pdf: Added.
platform/mac-wk2/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@290606 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:10 PM Changeset in webkit [290944] by Russell Epstein

2 edits in branches/safari-613-branch/Source/WebCore

Cherry-pick r290562. rdar://problem/88767033

Loading a USDZ url as the main resource renders as garbage
https://bugs.webkit.org/show_bug.cgi?id=237240
rdar://88767033

Reviewed by Antoine Quint.

We can't render a USD document if the ModelDocument feature is not enabled.

platform/MIMETypeRegistry.cpp: (WebCore::MIMETypeRegistry::canShowMIMEType):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@290562 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:10 PM Changeset in webkit [290943] by Russell Epstein

2 edits in branches/safari-613-branch/Source/WebCore

Cherry-pick r290560. rdar://problem/89526227

Use hasAttributeWithoutSynchronisation for checking inert attribute in Adjuster::adjust
https://bugs.webkit.org/show_bug.cgi?id=237248

Reviewed by Dean Jackson.

hasAttributeWithoutSynchronisation should be slightly faster than hasAttribute.

style/StyleAdjuster.cpp: (WebCore::Style::Adjuster::adjust const):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@290560 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:10 PM Changeset in webkit [290942] by Russell Epstein

3 edits
2 adds in branches/safari-613-branch

Cherry-pick r290559. rdar://problem/89510628

Optimize StyleSharingResolver inert checks
https://bugs.webkit.org/show_bug.cgi?id=237235

Reviewed by Youenn Fablet.

Source/WebCore:

inert is an boolean attribute, the only thing that matters for the StyleAdjuster
inertness adjustment is the presence of the attribute, not its value. E.g.
inert=false is the same as inert=inert or inert=true.

This saves getting and comparing values for those attributes, and also allows
inert=inert and inert=true or inert=false to start sharing style.

style/StyleSharingResolver.cpp: (WebCore::Style::SharingResolver::canShareStyleWithElement const):

LayoutTests:

Add small test that style sharing is not wrongly applied.

fast/css/inert-style-sharing-expected.html: Added.
fast/css/inert-style-sharing.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@290559 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:10 PM Changeset in webkit [290941] by Russell Epstein

11 edits
2 adds in branches/safari-613-branch

Cherry-pick r290554. rdar://problem/83757966

Remove Node::deprecatedIsInert
https://bugs.webkit.org/show_bug.cgi?id=230845

Reviewed by Antti Koivisto.

LayoutTests/imported/w3c:

This change unfortunately regresses focusability state when dynamically setting inert, due to a cached
computed style invalidation bug. This is minor in practice, since focusability usually gets queried in
user-initiated ways, when style already has fully been updated.

However, making this change will improve performance by avoiding a full DOM ancestor walk when there
is no inert attribute on the page, since we will only check a style bit after this patch.

web-platform-tests/html/semantics/interactive-elements/the-dialog-element/remove-dialog-should-unblock-document-expected.txt:
web-platform-tests/inert/inert-canvas-fallback-content.tentative-expected.txt:
web-platform-tests/inert/inert-node-is-unfocusable.tentative-expected.txt:

Source/WebCore:

This change unfortunately regresses focusability state when dynamically setting inert, due to a cached
computed style invalidation bug. This is minor in practice, since focusability usually gets queried in
user-initiated ways, when style already has fully been updated.

However, making this change will improve performance by avoiding a full DOM ancestor walk when there
is no inert attribute on the page, since we will only check a style bit after this patch.

dom/Element.cpp: (WebCore::Element::isFocusable const): (WebCore::Element::isFocusableWithoutResolvingFullStyle const): (WebCore::Element::isVisibleWithoutResolvingFullStyle const): Deleted.
dom/Element.h:
dom/Node.cpp: (WebCore::Node::deprecatedIsInert const): Deleted.
dom/Node.h:
html/HTMLAreaElement.cpp: (WebCore::HTMLAreaElement::isFocusable const):

LayoutTests:

platform/ios-wk2/imported/w3c/web-platform-tests/html/semantics/interactive-elements/the-dialog-element/dialog-focusing-steps-inert-expected.txt: Added.
platform/ios-wk2/imported/w3c/web-platform-tests/html/semantics/interactive-elements/the-dialog-element/dialog-showModal-expected.txt: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@290554 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:10 PM Changeset in webkit [290940] by Russell Epstein

2 edits in branches/safari-613-branch/Source/WebCore

Cherry-pick r290537. rdar://problem/89239935

Do not trigger didFail during FileReaderLoader Destruction
https://bugs.webkit.org/show_bug.cgi?id=237060

Patch by Brandon Stewart <Brandon> on 2022-02-25
Reviewed by Darin Adler.

Setting cancel() instead of terminate() will prevent the didFail() method from being triggered.
This method has the unfortunate side effect of trying to allocate memory, which is not allowed when
under going a sweep event.

fileapi/FileReaderLoader.cpp: (WebCore::FileReaderLoader::~FileReaderLoader):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@290537 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:10 PM Changeset in webkit [290939] by Russell Epstein

4 edits in branches/safari-613-branch/Source/JavaScriptCore

Cherry-pick r290510. rdar://problem/89364487

Web Inspector: [Cocoa] Split remote inspector message data into smaller chunks for large messages
https://bugs.webkit.org/show_bug.cgi?id=237110
<rdar://89364487>

Reviewed by Devin Rousso.

Messages over 2 MiB will now be split into multiple chunks, which allows us to not exceed any receiving daemon
process' memory limit under otherwise normal conditions. 2 MiB was chosen as a balance between not having to
split most messages at all and making sure that the messages (and any copies made during the relaying of the
messages) do not exceed the memory limits of the receiving daemon process.

In order to prevent us from sending chunked messages to a process that doesn't support them we check for a flag
to enable this functionality during connection setup.

inspector/remote/RemoteInspector.h:
inspector/remote/RemoteInspectorConstants.h:
inspector/remote/cocoa/RemoteInspectorCocoa.mm: (Inspector::RemoteInspector::sendMessageToRemote): (Inspector::RemoteInspector::receivedSetupMessage):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@290510 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:10 PM Changeset in webkit [290938] by Russell Epstein

4 edits
2 adds in branches/safari-613-branch

Cherry-pick r290430. rdar://problem/87713597

RELEASE_ASSERT(!renderer()); in WebCore::Node::~Node() + 479 (Node.cpp:366)
https://bugs.webkit.org/show_bug.cgi?id=235380

Patch by Frédéric Wang <fwang@igalia.com> on 2022-02-24
Reviewed by Ryosuke Niwa.

Source/WebCore:

RenderTreeUpdater::tearDownRenderers() browse the composed tree to tear down descendants.
However, element with a shadow root are handled specially in
ComposedTreeIterator::ComposedTreeIterator(), they have to be handled specially by calling
a tearDownLeftoverShadowHostChildren(). This patch does the same for slot elements which
are also handled specially in ComposedTreeIterator(). It also makes names within
tearDownLeftoverShadowHostChildren() more generic. This in particular fixes a release assert
when a slot with pseudo elements children is torn down.

Test: fast/shadow-dom/slot-with-pseudo-element-children-renderer-teardown.html

rendering/updating/RenderTreeUpdater.cpp: (WebCore::RenderTreeUpdater::tearDownRenderers): Also call tearDownLeftoverShadowHostChildren for a slot element and add a comment pointing to the method corresponding to these special cases. (WebCore::RenderTreeUpdater::tearDownLeftoverChildrenOfComposedTree): Renamed to remove "shadow host".
rendering/updating/RenderTreeUpdater.h: Ditto.

LayoutTests:

Add non-regression test.

fast/shadow-dom/slot-with-pseudo-element-children-renderer-teardown-expected.txt: Added.
fast/shadow-dom/slot-with-pseudo-element-children-renderer-teardown.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@290430 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:10 PM Changeset in webkit [290937] by Russell Epstein

2 edits in branches/safari-613-branch/LayoutTests

Cherry-pick r290385. rdar://problem/70464703

[Subpixel] imported/w3c/web-platform-tests/css/css-flexbox/auto-margins-001.html fails at certain font sizes
https://bugs.webkit.org/show_bug.cgi?id=217643
<rdar://problem/70464703>

Unreviewed gardening.

platform/ios-simulator-wk2/TestExpectations: It must have progressed at some point.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@290385 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:10 PM Changeset in webkit [290936] by Russell Epstein

4 edits
2 adds in branches/safari-613-branch

Cherry-pick r290356. rdar://problem/85765536

Crash when calling WEBGL_lose_context.loseContext() after the context has been lost
https://bugs.webkit.org/show_bug.cgi?id=236966

Patch by Kimmo Kinnunen <kkinnunen@apple.com> on 2022-02-23
Reviewed by Dean Jackson.

Source/WebCore:

WebGLRenderingContextBase::forceLostContext() would
try to synthesize a GL error to the underlying
m_context. However, m_context is cleared when a real
context loss happens. This happens for example when we
simulate a GPU status failure or when we create too
many contexts. The m_context is not currently cleared
when the page simulates context lost via WEBGL_lose_contexts.loseContext().

Test: webgl/lose-context-after-context-lost.html

html/canvas/WebGLRenderingContextBase.cpp: (WebCore::WebGLRenderingContextBase::synthesizeGLError):

LayoutTests:

webgl/lose-context-after-context-lost-expected.txt: Added.
webgl/lose-context-after-context-lost.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@290356 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:10 PM Changeset in webkit [290935] by Russell Epstein

2 edits in branches/safari-613-branch/Source/WebKit

Cherry-pick r290343. rdar://problem/85811396

Further restrict received IPC boolean values to 0 or 1
https://bugs.webkit.org/show_bug.cgi?id=236801
rdar://85811396

Patch by Simon Lewis <simon.lewis@apple.com> on 2022-02-22
Reviewed by Chris Dumez.

Return std::nullopt if a value larger than 1 is received.

Platform/IPC/ArgumentCoder.h: (IPC::ArgumentCoder<bool>::decode):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@290343 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:10 PM Changeset in webkit [290934] by Russell Epstein

14 edits
6 adds in branches/safari-613-branch

Cherry-pick r290306. rdar://problem/88352589

Make pointer-events checks for SVG take in account inert subtrees
https://bugs.webkit.org/show_bug.cgi?id=235836

Reviewed by Antti Koivisto.

LayoutTests/imported/w3c:

Added tests for both inert attribute & modal dialog cases.

web-platform-tests/html/semantics/interactive-elements/the-dialog-element/inert-svg-hittest-expected.txt: Added.
web-platform-tests/html/semantics/interactive-elements/the-dialog-element/inert-svg-hittest.html: Added.
web-platform-tests/inert/inert-svg-hittest.tentative-expected.txt: Added.
web-platform-tests/inert/inert-svg-hittest.tentative.html: Added.

Source/WebCore:

Re-using visibleToHitTesting in SVG code isn't possible, because visibleToHitTesting removes visibility: hidden;
content from hit-testing, which we do not want to here, since pointer-events has values for SVG which still
allow clicking content regardless of their visibility value (pointer-events: painted/fill/stroke/all).

Instead, we add an inert-aware effectivePointerEvents, similar to effectiveUserSelect and re-use that across the codebase.

Tests: imported/w3c/web-platform-tests/html/semantics/interactive-elements/the-dialog-element/inert-svg-hittest.html

imported/w3c/web-platform-tests/inert/inert-svg-hittest.tentative.html

rendering/RenderElement.cpp: (WebCore::RenderElement::styleWillChange):
rendering/RenderElement.h: (WebCore::RenderElement::visibleToHitTesting const):
rendering/RenderLayerCompositor.cpp: (WebCore::RenderLayerCompositor::layerStyleChanged):
rendering/style/RenderStyle.h: (WebCore::RenderStyle::effectivePointerEvents const):
rendering/svg/LegacyRenderSVGModelObject.cpp: (WebCore::LegacyRenderSVGModelObject::checkIntersection): (WebCore::LegacyRenderSVGModelObject::checkEnclosure):
rendering/svg/LegacyRenderSVGShape.cpp: (WebCore::LegacyRenderSVGShape::nodeAtFloatPoint):
rendering/svg/RenderSVGImage.cpp: (WebCore::RenderSVGImage::nodeAtFloatPoint):
rendering/svg/RenderSVGModelObject.cpp: (WebCore::RenderSVGModelObject::checkIntersection): (WebCore::RenderSVGModelObject::checkEnclosure):
rendering/svg/RenderSVGShape.cpp: (WebCore::RenderSVGShape::nodeAtPoint):
rendering/svg/RenderSVGText.cpp: (WebCore::RenderSVGText::nodeAtFloatPoint):
rendering/svg/SVGInlineTextBox.cpp: (WebCore::SVGInlineTextBox::nodeAtPoint):

LayoutTests:

iOS doesn't support test_actions, so it needs different baselines.

platform/ios-wk2/imported/w3c/web-platform-tests/html/semantics/interactive-elements/the-dialog-element/inert-svg-hittest-expected.txt: Added.
platform/ios-wk2/imported/w3c/web-platform-tests/inert/inert-svg-hittest.tentative-expected.txt: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@290306 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:10 PM Changeset in webkit [290933] by Russell Epstein

12 edits in branches/safari-613-branch/Source

Cherry-pick r290305. rdar://problem/89287719

Rename RenderStyle::userSelectIncludingInert to RenderStyle::effectiveUserSelect
https://bugs.webkit.org/show_bug.cgi?id=237033

Reviewed by Antti Koivisto.

This naming is consistent with other properties (effectiveDisplay/Appearance/PointerEvents/etc.).

Source/WebCore:

dom/Node.cpp: (WebCore::computeEditabilityFromComputedStyle): (WebCore::Node::canStartSelection const):
dom/Position.cpp: (WebCore::Position::nodeIsUserSelectNone): (WebCore::Position::nodeIsUserSelectAll):
page/EventHandler.cpp: (WebCore::EventHandler::canMouseDownStartSelect): (WebCore::EventHandler::selectCursor):
page/Frame.cpp: (WebCore::Frame::rangeForPoint):
rendering/RenderElement.cpp: (WebCore::RenderElement::selectionBackgroundColor const): (WebCore::RenderElement::selectionColor const):
rendering/RenderLayer.cpp: (WebCore::RenderLayer::calculateClipRects const):
rendering/RenderObject.cpp: (WebCore::RenderObject::collectSelectionGeometriesInternal):
rendering/style/RenderStyle.h: (WebCore::RenderStyle::effectiveUserSelect const): (WebCore::RenderStyle::userSelectIncludingInert const): Deleted.

Source/WebKit:

WebProcess/InjectedBundle/DOM/InjectedBundleNodeHandle.cpp: (WebKit::InjectedBundleNodeHandle::isSelectableTextNode const):
WebProcess/WebPage/ios/WebPageIOS.mm: (WebKit::selectionPositionInformation):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@290305 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:09 PM Changeset in webkit [290932] by Russell Epstein

4 edits
1 add in branches/safari-613-branch

Cherry-pick r290265. rdar://problem/88258776

[JSC] Add explicit exception check after appendWithoutSideEffects
https://bugs.webkit.org/show_bug.cgi?id=236986
rdar://88258776

Reviewed by Saam Barati.

JSTests:

stress/array-to-string-oom.js: Added.

Source/JavaScriptCore:

Add exception check after JSStringJoiner::appendWithoutSideEffects call since JSString::value can throw OOM error.

runtime/ArrayPrototype.cpp: (JSC::JSC_DEFINE_HOST_FUNCTION):
runtime/JSStringJoiner.h: (JSC::JSStringJoiner::append):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@290265 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:09 PM Changeset in webkit [290931] by Russell Epstein

2 edits in branches/safari-613-branch/Source/WebKit

Cherry-pick r290246. rdar://problem/85811396

Change IPC encoding of boolean type to use one bit
https://bugs.webkit.org/show_bug.cgi?id=236801
rdar://85811396

Patch by Simon Lewis <simon.lewis@apple.com> on 2022-02-21
Reviewed by Chris Dumez.

This patch ensures that only the lower bit is set in a boolean for IPC messages.

Platform/IPC/ArgumentCoder.h: (IPC::ArgumentCoder<bool>::encode): (IPC::ArgumentCoder<bool>::decode):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@290246 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:09 PM Changeset in webkit [290930] by Russell Epstein

2 edits in branches/safari-613-branch/LayoutTests/imported/w3c

Cherry-pick r290232. rdar://problem/88818132

Rebaseline inert-focus-in-frames.html after r290197.

Unreviewed test gardening.

For some reason, the rebaselining changes didn't make it in the patch.

web-platform-tests/html/semantics/interactive-elements/the-dialog-element/inert-focus-in-frames-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@290232 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:09 PM Changeset in webkit [290929] by Russell Epstein

3 edits in branches/safari-613-branch

Cherry-pick r290197. rdar://problem/88818132

Stop propagating inertness through iframes in Node::deprecatedIsInert()
https://bugs.webkit.org/show_bug.cgi?id=236512

Reviewed by Chris Dumez.

This is only a bug for Node::deprecatedIsInert(), so it only affects focus. Selection APIs, etc. weren't affected
before this bug.

LayoutTests/imported/w3c:

web-platform-tests/html/semantics/interactive-elements/the-dialog-element/inert-focus-in-frames-expected.txt:

Source/WebCore:

Test: web-platform-tests/html/semantics/interactive-elements/the-dialog-element/inert-focus-in-frames.html

dom/Node.cpp: (WebCore::Node::deprecatedIsInert const):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@290197 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:09 PM Changeset in webkit [290928] by Russell Epstein

4 edits in branches/safari-613-branch/Source/bmalloc

Cherry-pick r290195. rdar://problem/88402366

[libpas] Increase scavenger period from 100ms to 125ms in Darwin x64
https://bugs.webkit.org/show_bug.cgi?id=236873

Reviewed by Saam Barati.

Make x64 scavenger less aggressive while maintaining Membuster neutral
to make it less work.

libpas/src/libpas/pas_config_prefix.h:
libpas/src/libpas/pas_scavenger.c:
libpas/src/libpas/pas_utils.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@290195 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:09 PM Changeset in webkit [290927] by Russell Epstein

13 edits
2 moves
14 adds in branches/safari-613-branch/LayoutTests

Cherry-pick r290164. rdar://problem/89162532

Re-import inert and <dialog> WPT
https://bugs.webkit.org/show_bug.cgi?id=236808

Reviewed by Simon Fraser.

Commit: https://github.com/web-platform-tests/wpt/commit/0d483a3bea340a2c60cb7a4add49eb63cbba2a64

LayoutTests/imported/w3c:

web-platform-tests/html/semantics/interactive-elements/the-dialog-element/dialog-focus-shadow-double-nested-expected.txt: Renamed from LayoutTests/imported/w3c/web-platform-tests/html/semantics/interactive-elements/the-dialog-element/dialog-focus-shadow-delegatesfocus-expected.txt.
web-platform-tests/html/semantics/interactive-elements/the-dialog-element/dialog-focus-shadow-double-nested.html: Renamed from LayoutTests/imported/w3c/web-platform-tests/html/semantics/interactive-elements/the-dialog-element/dialog-focus-shadow-delegatesfocus.html.
web-platform-tests/html/semantics/interactive-elements/the-dialog-element/dialog-focus-shadow-expected.txt:
web-platform-tests/html/semantics/interactive-elements/the-dialog-element/dialog-focus-shadow.html:
web-platform-tests/html/semantics/interactive-elements/the-dialog-element/inert-focus-in-frames-expected.txt:
web-platform-tests/html/semantics/interactive-elements/the-dialog-element/inert-focus-in-frames.html:
web-platform-tests/html/semantics/interactive-elements/the-dialog-element/inert-label-focus.html:
web-platform-tests/html/semantics/interactive-elements/the-dialog-element/inertness-with-modal-dialogs-and-iframes-expected.txt:
web-platform-tests/html/semantics/interactive-elements/the-dialog-element/inertness-with-modal-dialogs-and-iframes.html:
web-platform-tests/html/semantics/interactive-elements/the-dialog-element/modal-dialog-scroll-height.html:
web-platform-tests/html/semantics/interactive-elements/the-dialog-element/w3c-import.log:
web-platform-tests/inert/dynamic-inert-on-focused-element.tentative-expected.txt: Added.
web-platform-tests/inert/dynamic-inert-on-focused-element.tentative.html: Added.
web-platform-tests/inert/inert-canvas-fallback-content.tentative-expected.txt: Added.
web-platform-tests/inert/inert-canvas-fallback-content.tentative.html: Added.
web-platform-tests/inert/inert-iframe-hittest.tentative-expected.txt: Added.
web-platform-tests/inert/inert-iframe-hittest.tentative.html: Added.
web-platform-tests/inert/inert-iframe-tabbing.tentative-expected.txt: Added.
web-platform-tests/inert/inert-iframe-tabbing.tentative.html: Added.
web-platform-tests/inert/inert-node-is-uneditable.tentative.html:
web-platform-tests/inert/inert-with-modal-dialog-001.tentative-expected.txt: Added.
web-platform-tests/inert/inert-with-modal-dialog-001.tentative.html: Added.
web-platform-tests/inert/inert-with-modal-dialog-002.tentative-expected.txt: Added.
web-platform-tests/inert/inert-with-modal-dialog-002.tentative.html: Added.
web-platform-tests/inert/w3c-import.log:

LayoutTests:

platform/ios-wk2/imported/w3c/web-platform-tests/inert/inert-iframe-hittest.tentative-expected.txt: Added.
platform/ios-wk2/imported/w3c/web-platform-tests/inert/inert-iframe-tabbing.tentative-expected.txt: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@290164 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:09 PM Changeset in webkit [290926] by jonlee@apple.com

2 edits in trunk/LayoutTests

Unreviewed gardening.

gpu-process/TestExpectations: Remove tests that were resolved by r290813.

2:09 PM Changeset in webkit [290925] by Russell Epstein

2 edits in branches/safari-613-branch/Source/WebCore

Cherry-pick r289859. rdar://problem/88491516

Skip positioned objects and line break boxes as they have no affect on width
https://bugs.webkit.org/show_bug.cgi?id=236514

Patch by Brandon Stewart <Brandon> on 2022-02-15
Reviewed by Myles C. Maxfield.

Align computeInlineDirectionPositionsForSegment() and computeExpansionForJustifiedText() logic.
Skipping positioned objects and line break boxes as they will not affect the width.

rendering/LegacyLineLayout.cpp: (WebCore::LegacyLineLayout::computeExpansionForJustifiedText):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@289859 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:09 PM Changeset in webkit [290924] by Russell Epstein

5 edits in branches/safari-613-branch/Source/WebCore

Cherry-pick r289814. rdar://problem/83101090

Do not update the fragmented flow state while internally mutating the render tree
https://bugs.webkit.org/show_bug.cgi?id=230896

Reviewed by Darin Adler.

RenderTree mutations (like those happening when creating/destroying anonymous blocks)
should not affect the fragment state of any renderer. This means that we should not have
to deal with things like creating/restoring placeholders/spanners while doing that.

There is already a IsInternalMove flag that is being used for that. Expand its usage
to a couple more methods to improve correctness.

rendering/LegacyRootInlineBox.cpp: (WebCore::LegacyRootInlineBox::~LegacyRootInlineBox): Do not remove the inline box from the ContainingFragmentMap if we're deleting the tree. It was causing ASSERTs trying to retrieve the enclosing fragmented flow in some cases.
rendering/updating/RenderTreeBuilder.cpp: (WebCore::RenderTreeBuilder::attachToRenderElementInternal): Use the RenderTreeBuilder's m_internalTreeBuilding instead of the argument. (WebCore::RenderTreeBuilder::move): Replace passing the IsInternalMove argument by a scope where we don't update the fragmented flow state. (WebCore::RenderTreeBuilder::detachFromRenderElement): Use the RenderTreeBuilder's m_internalMovesType instead of the argument.
rendering/updating/RenderTreeBuilder.h:
rendering/updating/RenderTreeBuilderInline.cpp: (WebCore::RenderTreeBuilder::Inline::splitInlines): Wrap the method by a scope in which fragmented flow state is not updated because we consider those operations internal arrangements of the tree.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@289814 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:09 PM Changeset in webkit [290923] by Russell Epstein

4 edits
2 adds in branches/safari-613-branch

Cherry-pick r289700. rdar://problem/85249360

WebGL2 AllowShared TypedArray should be accepted
https://bugs.webkit.org/show_bug.cgi?id=232662

Reviewed by Dean Jackson.

Source/WebCore:

Test: webgl/webgl-allow-shared-typed-array.html

TypedArray with [AllowShared] annotation is not handled properly, which results in handling it as Sequence<T>,
invoking iteration protocol to copy them. This patch adds that as the same to [AllowShared] ArrayBuffer / ArrayBufferView.

bindings/IDLTypes.h:
bindings/js/JSDOMConvertUnion.h:

LayoutTests:

webgl/webgl-allow-shared-typed-array-expected.txt: Added.
webgl/webgl-allow-shared-typed-array.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@289700 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:09 PM Changeset in webkit [290922] by Russell Epstein

2 edits in branches/safari-613-branch/Source/WebCore

Cherry-pick r289597. rdar://problem/88324745

Check bidiLevels are valid before reordering
https://bugs.webkit.org/show_bug.cgi?id=236378

Patch by Brandon Stewart <Brandon> on 2022-02-10
Reviewed by Alan Bujtas.

We were trusting that the bidiLevel was valid before calling the reorder.
If the bidiLevel ends up being greater than the MAX + 1 we end up in a situation where
the reordering will fail. The function returns void, so there is not a good way to check
for an error.

layout/formattingContexts/inline/InlineLineBuilder.cpp: (WebCore::Layout::LineBuilder::layoutInlineContent):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@289597 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:09 PM Changeset in webkit [290921] by Russell Epstein

6 edits
2 adds in branches/safari-613-branch

Cherry-pick r289533. rdar://problem/88452971

Settling of a fetch promise should be delayed in case page is entering page cache
https://bugs.webkit.org/show_bug.cgi?id=236292
<rdar://88452971>

Reviewed by Chris Dumez.

Source/WebCore:

Make sure to enqueue a task before resolving fetch promise as otherwise, page might continue running JavaScript.
Do this for worker as well for good measure.
We move signal aborted checks to two clients to handle rejecting fetch promise synchronously.

Test: http/tests/navigation/fetch-pagecache.html

Modules/cache/DOMCache.cpp:
Modules/fetch/FetchResponse.cpp:
Modules/fetch/FetchResponse.h:
Modules/fetch/WindowOrWorkerGlobalScopeFetch.cpp:
workers/service/FetchEvent.cpp:

LayoutTests:

http/tests/navigation/fetch-pagecache-expected.txt: Added.
http/tests/navigation/fetch-pagecache.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@289533 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:09 PM Changeset in webkit [290920] by Russell Epstein

11 edits in branches/safari-613-branch/Source/WebCore

Cherry-pick r289476. rdar://problem/88693354

AudioBuffer should take a lock while visiting m_channelWrappers
https://bugs.webkit.org/show_bug.cgi?id=236279

Reviewed by Keith Miller.

This patch fixes AudioBuffer's m_channelWrappers concurrency bug and related issues.

This patch removes problematic (and almost always wrong) move operator of JSValueInWrappedObject. To do that, we fixed AudioBuffer's concurrency issue where we access m_channelWrappers while it can be cleared concurrently in AudioBuffer::releaseMemory.
MessageEvent's m_data access is broken with concurrent GC thread. We must take a lock. And we must not use JSValueInWrappedObject in std::variant if it can be changed after constructor invocation.
Use JSValueInWrappedObject::clear instead of move with empty value.
File https://bugs.webkit.org/show_bug.cgi?id=236353. AbortSignal, MessageEvent, and CustomEvent miss write-barrier, which is semantically wrong.

Modules/webaudio/AudioBuffer.cpp: (WebCore::AudioBuffer::AudioBuffer): (WebCore::AudioBuffer::releaseMemory): (WebCore::AudioBuffer::visitChannelWrappers):
Modules/webaudio/AudioBuffer.h:
Modules/webaudio/AudioWorkletProcessor.cpp: (WebCore::AudioWorkletProcessor::buildJSArguments):
bindings/js/JSMessageEventCustom.cpp: (WebCore::JSMessageEvent::data const): (WebCore::JSMessageEvent::visitAdditionalChildren):
bindings/js/JSValueInWrappedObject.h:
dom/AbortSignal.cpp: (WebCore::AbortSignal::signalAbort):
dom/CustomEvent.cpp: (WebCore::CustomEvent::initCustomEvent):
dom/MessageEvent.cpp: (WebCore::MessageEvent::MessageEvent): (WebCore::m_jsData): (WebCore::MessageEvent::initMessageEvent): (WebCore::MessageEvent::memoryCost const): (WebCore::m_ports): Deleted.
dom/MessageEvent.h:
page/History.cpp: (WebCore::History::stateObjectAdded):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@289476 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:09 PM Changeset in webkit [290919] by Russell Epstein

8 edits in branches/safari-613-branch

Cherry-pick r289255. rdar://problem/88490742

Always sync ResourceRequest isAppInitiated request with NSURLRequest attribution value
https://bugs.webkit.org/show_bug.cgi?id=236167
<rdar://88490742>

Reviewed by Darin Adler.

Source/WebCore:

We should always keep the state of our 'isAppInitiated' flag in sync with the underlying
NSURLRequest object. This also corrects a problem where the 'setIsAppInitiated' method
does not mark the platform URL request as dirty, so it does not update with the correct
state of the flag.

Tests: New TestWebKitAPI Test (AppPrivacyReport.NSURLRequestConstructorAttribution)

platform/network/ResourceRequestBase.cpp: (WebCore::ResourceRequestBase::setIsAppInitiated):
platform/network/ResourceRequestBase.h:
platform/network/cf/ResourceRequest.h:
platform/network/cocoa/ResourceRequestCocoa.mm: (WebCore::ResourceRequest::ResourceRequest): (WebCore::ResourceRequest::doUpdatePlatformRequest): (WebCore::ResourceRequest::doUpdatePlatformHTTPBody): (WebCore::copyRequestWithStorageSession):
rendering/RenderThemeIOS.mm:

Tools:

TestWebKitAPI/TestWebKitAPI.xcodeproj/xcshareddata/xcschemes/TestWebKitAPI.xcscheme:
TestWebKitAPI/Tests/WebKitCocoa/AppPrivacyReport.mm:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@289255 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:09 PM Changeset in webkit [290918] by Russell Epstein

5 edits
5 adds in branches/safari-613-branch

Cherry-pick r289121. rdar://problem/88492251

Fix App Privacy Report redirect attribution
https://bugs.webkit.org/show_bug.cgi?id=236111

Reviewed by Brent Fulgham.

Source/WebCore:

Test: http/tests/app-privacy-report/user-attribution-redirect.html
Test: http/tests/app-privacy-report/app-attribution-redirect.html

platform/network/cf/ResourceRequestCFNet.cpp: (WebCore::ResourceRequest::updateFromDelegatePreservingOldProperties):

Source/WebKit:

NetworkProcess/cocoa/NetworkSessionCocoa.mm: (-[WKNetworkSessionDelegate URLSession:task:willPerformHTTPRedirection:newRequest:completionHandler:]):

LayoutTests:

http/tests/app-privacy-report/resources/redirect.js: Added.
http/tests/app-privacy-report/app-attribution-redirect-expected.txt: Added.
http/tests/app-privacy-report/app-attribution-redirect.html: Added.
http/tests/app-privacy-report/user-attribution-redirect-expected.txt: Added.
http/tests/app-privacy-report/user-attribution-redirect.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@289121 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:08 PM Changeset in webkit [290917] by Russell Epstein

5 edits
7 adds in branches/safari-613-branch

Cherry-pick r289101. rdar://problem/87625596

Two bopomofo tone marks are not moved to the correct place in vertical text with a particular bopomofo font
https://bugs.webkit.org/show_bug.cgi?id=235257
<rdar://problem/87625596>

Reviewed by Darin Adler.

.:

Thank you so much to Bobby Tung and But Ko for reporting this bug and providing a test font for it!!!

metadata/contributors.json:

Source/WebCore:

Turns out one of our character data tables was missing some characters.

I really dislike these kinds of fixes, because it's just perpetuating the fact that WebKit has big tables of characters
in its source code. A long-term fix would be a systemic replacement of this entire table with either Unicode property
lookup, or more ideally, removing the need for it in the first place. Unfortunately, at this point in the release cycle,
this fix probably needs to be smaller and more targetted.

Tests: fast/text/bopomofo-tone-marks-2.html

fast/text/bopomofo-tone-marks.html

platform/graphics/FontCascade.cpp: (WebCore::FontCascade::isCJKIdeographOrSymbol):

LayoutTests:

This can't be a WPT test because we only have permission to add the test font to the WebKit repository.

Thank you so much to Bobby Tung and But Ko for reporting this bug and providing a test font for it!!!

fast/text/bopomofo-tone-marks-2-expected-mismatch.html: Added.
fast/text/bopomofo-tone-marks-2.html: Added.
fast/text/bopomofo-tone-marks-expected-mismatch.html: Added.
fast/text/bopomofo-tone-marks.html: Added.
fast/text/resources/BopomofoGposSubset-Regular/BopomofoGposSubset-Regular.ttf: Added.
fast/text/resources/BopomofoGposSubset-Regular/LICENSE: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@289101 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:08 PM Changeset in webkit [290916] by Russell Epstein

3 edits in branches/safari-613-branch/Source/JavaScriptCore

Cherry-pick r289001. rdar://problem/88404556

[JSC] Crash on several pages after r287986
https://bugs.webkit.org/show_bug.cgi?id=236033

Reviewed by Tim Horton.

I noticed that Safari crashes when opening https://linux.die.net/man/3/localtime.
This is happening after r287986: we are calling [self release], but the [JSValue dealloc]
cannot work if _context is nil. We should add a guard.

API/JSValue.mm: (-[JSValue dealloc]):
API/tests/testapi.mm: (testObjectiveCAPIMain):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@289001 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:08 PM Changeset in webkit [290915] by Russell Epstein

2 edits in branches/safari-613-branch/Source/WTF

Cherry-pick r288746. rdar://problem/88093198

Enable inert attribute feature flag
https://bugs.webkit.org/show_bug.cgi?id=235668

Reviewed by Darin Adler.

Scripts/Preferences/WebPreferencesExperimental.yaml:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@288746 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:08 PM Changeset in webkit [290914] by Russell Epstein

5 edits in branches/safari-613-branch

Cherry-pick r288700. rdar://problem/86602114

Default to 32 bit refcount for CanMakeCheckedPtr
https://bugs.webkit.org/show_bug.cgi?id=235723
rdar://86602114

Reviewed by Darin Adler.

Source/WTF:

It is currently uint16_t for no good reason. It is no unreasonable to have an object being referenced
by a large number of other objects.

We just hit the first bug caused by overrunning it (in IFC).

wtf/CheckedRef.h:

uint16_t -> uint32_t

Tools:

TestWebKitAPI/Tests/WTF/CheckedPtr.cpp: (TestWebKitAPI::TEST):
TestWebKitAPI/Tests/WTF/CheckedRef.cpp:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@288700 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:08 PM Changeset in webkit [290913] by Russell Epstein

2 edits in branches/safari-613-branch/Source/WebCore

Cherry-pick r288450. rdar://problem/74932445

Remove customElements when transitioning documents
https://bugs.webkit.org/show_bug.cgi?id=222727

Patch by Rob Buis <rbuis@igalia.com> on 2022-01-24
Reviewed by Ryosuke Niwa.

Remove customElements when transitioning documents
of Window since the old document may be gone.

Test: fast/js-promise/js-promise-invalid-context-access.html

page/DOMWindow.cpp: (WebCore::DOMWindow::didSecureTransitionTo): (WebCore::DOMWindow::ensureCustomElementRegistry):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@288450 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:08 PM Changeset in webkit [290912] by Russell Epstein

2 edits in branches/safari-613-branch/Source/WebCore

Cherry-pick r288413. rdar://problem/86287467

REGRESSION (Safari 15?): Blob videos slow to pause, affects CBS and CNN
https://bugs.webkit.org/show_bug.cgi?id=234066

Reviewed by Jer Noble.

MediaPlayerPrivateMediaSourceAVFObjC::playInternal() calls [m_synchronizer setRate:],
which will make the return value of MediaPlayerPrivateMediaSourceAVFObjC::paused() change
from true to false. But it won't push the new paused value back to the Web process.

RemoteMediaPlayerProxy::play() does call sendCachedState() after calling
m_player->play(), but because MediaPlayerPrivateMediaSourceAVFObjC::playInternal() is not
called in the same run loop, sendCachedState() won't send back the updated paused value either.

In most cases, this is not an issue, because other member functions of RemoteMediaPlayerProxy
will call sendCachedState() to push the updated paused value back to the Web process later.
However, we did find some videos need the paused value to be pushed back the Web process
in a timely manner.

No new tests, manually tested.

platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm: (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::playInternal):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@288413 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:08 PM Changeset in webkit [290911] by Russell Epstein

2 edits in branches/safari-613-branch/Tools

Cherry-pick r288310. rdar://problem/80352256

[ iOS15 ] TestWebKitAPI.WebKit.ServerTrust and TestWebKitAPI.WebKit.FastServerTrust tests timing out
https://bugs.webkit.org/show_bug.cgi?id=231320
<rdar://80352256>

Patch by Alex Christensen <achristensen@webkit.org> on 2022-01-20
Reviewed by Chris Dumez.

SecTrustCopyCertificateChain returns a CFArrayRef of SecCertificateRef, not CFData.

TestWebKitAPI/Tests/WebKitCocoa/Challenge.mm: (verifyCertificateAndPublicKey): (TestWebKitAPI::TEST):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@288310 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:08 PM Changeset in webkit [290910] by Russell Epstein

2 edits in branches/safari-613-branch/Source/WebKit

Cherry-pick r288237. rdar://problem/87275093

WebKit::AuthenticatorPresenterCoordinator() constructor falls through ASSERT_NOT_REACHED()
https://bugs.webkit.org/show_bug.cgi?id=234991
<rdar://problem/87275093>

Reviewed by Darin Adler.

Drop unnecessary default: case in the switch statement since it handles all enum values already.

UIProcess/WebAuthentication/Cocoa/AuthenticatorPresenterCoordinator.mm: (WebKit::AuthenticatorPresenterCoordinator::AuthenticatorPresenterCoordinator):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@288237 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:08 PM Changeset in webkit [290909] by Russell Epstein

8 edits in branches/safari-613-branch/Source

Cherry-pick r287986. rdar://problem/87489048

Fix a few Objective-C object leaks due to early returns in init
https://bugs.webkit.org/show_bug.cgi?id=235162
<rdar://problem/87489048>

Reviewed by Wenson Hsieh.

Source/JavaScriptCore:

API/JSValue.mm: (-[JSValue initWithValue:inContext:]):

Source/WebCore:

platform/ios/WebAVPlayerController.mm: (-[WebAVPlayerController init]):

Source/WebKit:

UIProcess/ios/WKHoverPlatter.mm: (-[WKHoverPlatter initWithView:delegate:]):

Source/WebKitLegacy/mac:

Storage/WebDatabaseQuotaManager.mm: (WebCore::if):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@287986 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:08 PM Changeset in webkit [290908] by Russell Epstein

14 edits in branches/safari-613-branch/LayoutTests

Cherry-pick r287898. rdar://problem/86035420

Rewrite touch and drag tests to be more robust.
https://bugs.webkit.org/show_bug.cgi?id=235057
rdar://86035420

Reviewed by Wenson Hsieh.

Rewrite the touch-and-drag tests to check for selection changes, not specific text selections.
Specific selections and subject to small changes in font and layout, and all that is actually important is that
there have been selection changes based off of dragged touches.
The touch-event-radius test has been updated to use the screen size directly, since the radius is scaled by the screen size
internally. The output has been changed to not need to be updated when the test phone changes.

fast/events/touch/ios/double-tap-on-editable-content-for-selection-then-drag-down-to-change-selected-text-expected.txt:
fast/events/touch/ios/double-tap-on-editable-content-for-selection-then-drag-down-to-change-selected-text.html:
fast/events/touch/ios/double-tap-on-editable-content-for-selection-then-drag-up-to-change-selected-text-expected.txt:
fast/events/touch/ios/double-tap-on-editable-content-for-selection-then-drag-up-to-change-selected-text.html:
fast/events/touch/ios/long-press-on-editable-content-then-drag-up-to-change-selected-text.html:
fast/events/touch/ios/long-press-then-drag-down-to-change-selected-text-expected.txt:
fast/events/touch/ios/long-press-then-drag-down-to-change-selected-text.html:
fast/events/touch/ios/long-press-then-drag-to-select-text-expected.txt:
fast/events/touch/ios/long-press-then-drag-to-select-text.html:
fast/events/touch/ios/long-press-then-drag-up-to-change-selected-text-expected.txt:
fast/events/touch/ios/long-press-then-drag-up-to-change-selected-text.html:
fast/events/touch/ios/touch-event-radius-expected.txt:
fast/events/touch/ios/touch-event-radius.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@287898 268f45cc-cd09-0410-ab3c-d52691b4dbfc

1:55 PM Changeset in webkit [290907] by Angelos Oikonomopoulos

6 edits in trunk/Source/JavaScriptCore

AssemblyHelpersSpoolers: use load/store pair on ARMv7
https://bugs.webkit.org/show_bug.cgi?id=235112

Reviewed by Žan Doberšek.

Save ~1% code size for baseline JIT on JS2 by emitting load/store pair
instructions on 32-bit ARM.

assembler/ARMv7Assembler.h:

(JSC::ARMv6Assembler::vldmia):
(JSC::ARMv7Assembler::vstmia):

assembler/CPU.h:

(JSC::isARM):

assembler/MacroAssemblerARMv7.h:

(JSC::MacroAssemblerARMv7::loadPair64):
(JSC::MacroAssemblerARMv7::storePair64):

jit/AssemblyHelpers.cpp:

(JSC::AssemblyHelpers::copyLLIntBaselineCalleeSavesFromFrameOrRegisterToEntryFrameCalleeSavesBuffer):

jit/AssemblyHelpersSpoolers.h:

(JSC::AssemblyHelpers::LoadRegSpooler::executePair):
(JSC::AssemblyHelpers::StoreRegSpooler::executePair):
(JSC::AssemblyHelpers::CopySpooler::CopySpooler):
(JSC::AssemblyHelpers::CopySpooler::loadPair):
(JSC::AssemblyHelpers::CopySpooler::storePair):

1:19 PM Changeset in webkit [290906] by Russell Epstein

9 edits in branches/safari-614.1.5-branch/Source

Versioning.

WebKit-7614.1.5.8

1:16 PM Changeset in webkit [290905] by Jonathan Bedard

2 edits in trunk/Tools

[iOS] editing/async-clipboard/* 20 tests are flaky timeouts on iOS
https://bugs.webkit.org/show_bug.cgi?id=237372
<rdar://problem/89689914>

Reviewed by Alexey Proskuryakov.

Tools/CISupport/kill-old-processes: Kill "Simulator" process (since killing Simulator.app

won't do anything), shutdown simulators before killing processes. Check that simulators
are shut down before continuing.

Canonical link: https://commits.webkit.org/248136@main

1:11 PM Changeset in webkit [290904] by basuke.suzuki@sony.com

2 edits in trunk

Update Basuke Suzuki's status to reviewer
https://bugs.webkit.org/show_bug.cgi?id=237545

Unreviewed.

metadata/contributors.json:

12:59 PM Changeset in webkit [290903] by commit-queue@webkit.org

88 edits
1 delete in trunk/Source/WebKit

Remove unnecessary Async attribute in .messages.in files
https://bugs.webkit.org/show_bug.cgi?id=237491

Patch by Alex Christensen <achristensen@webkit.org> on 2022-03-07
Reviewed by Chris Dumez.

If there is a reply and no "Synchronous" then we can infer that it is asynchronous.

DerivedSources-input.xcfilelist:
DerivedSources-output.xcfilelist:
DerivedSources.make:
GPUProcess/GPUProcess.messages.in:
GPUProcess/media/RemoteAudioDestinationManager.messages.in:
GPUProcess/media/RemoteCDMFactoryProxy.h:
GPUProcess/media/RemoteCDMInstanceProxy.messages.in:
GPUProcess/media/RemoteCDMInstanceSessionProxy.messages.in:
GPUProcess/media/RemoteCDMProxy.messages.in:
GPUProcess/media/RemoteLegacyCDMFactoryProxy.h:
GPUProcess/media/RemoteMediaEngineConfigurationFactoryProxy.messages.in:
GPUProcess/media/RemoteMediaPlayerProxy.messages.in:
GPUProcess/media/RemoteMediaResourceManager.messages.in:
GPUProcess/media/RemoteSourceBufferProxy.messages.in:
GPUProcess/webrtc/RemoteAudioMediaStreamTrackRendererInternalUnitManager.messages.in:
GPUProcess/webrtc/RemoteMediaRecorder.messages.in:
GPUProcess/webrtc/RemoteMediaRecorderManager.messages.in:
GPUProcess/webrtc/RemoteSampleBufferDisplayLayerManager.messages.in:
NetworkProcess/Cookies/WebCookieManager.messages.in:
NetworkProcess/NetworkBroadcastChannelRegistry.messages.in:
NetworkProcess/NetworkConnectionToWebProcess.messages.in:
NetworkProcess/NetworkProcess.messages.in:
NetworkProcess/NetworkSocketChannel.messages.in:
NetworkProcess/ServiceWorker/WebSWServerConnection.messages.in:
NetworkProcess/ServiceWorker/WebSWServerToContextConnection.messages.in:
NetworkProcess/WebStorage/StorageManagerSet.messages.in:
NetworkProcess/cache/CacheStorageEngineConnection.messages.in:
NetworkProcess/cache/NetworkCache.cpp:

(WebKit::NetworkCache::Cache::startAsyncRevalidationIfNeeded):

NetworkProcess/storage/NetworkStorageManager.messages.in:
Scripts/webkit/messages.py:

(message_to_reply_forward_declaration):
(message_to_struct_declaration):
(forward_declarations_and_headers_for_replies):
(async_message_statement):
(sync_message_statement):
(generate_message_handler):
(generate_message_argument_description_implementation):

Scripts/webkit/model.py:

(generate_global_model):

Shared/ApplePay/WebPaymentCoordinatorProxy.messages.in:
Shared/AuxiliaryProcess.messages.in:
Shared/Notifications/NotificationManagerMessageHandler.messages.in:
UIProcess/Cocoa/UserMediaCaptureManagerProxy.messages.in:
UIProcess/Cocoa/VideoFullscreenManagerProxy.messages.in:
UIProcess/Downloads/DownloadProxy.messages.in:
UIProcess/Media/AudioSessionRoutingArbitratorProxy.messages.in:
UIProcess/Media/RemoteMediaSessionCoordinatorProxy.messages.in:
UIProcess/Network/NetworkProcessProxy.messages.in:
UIProcess/UserContent/WebUserContentControllerProxy.messages.in:
UIProcess/WebAuthentication/WebAuthenticatorCoordinatorProxy.messages.in:
UIProcess/WebAuthentication/WebAuthnProcessProxy.cpp:
UIProcess/WebAuthentication/WebAuthnProcessProxy.messages.in: Removed.
UIProcess/WebLockRegistryProxy.messages.in:
UIProcess/WebPageProxy.messages.in:
UIProcess/WebProcessProxy.messages.in:
UIProcess/XR/PlatformXRSystem.messages.in:
UIProcess/mac/SecItemShimProxy.messages.in:
WebAuthnProcess/WebAuthnConnectionToWebProcess.messages.in:
WebAuthnProcess/WebAuthnProcess.messages.in:
WebKit.xcodeproj/project.pbxproj:
WebProcess/Automation/WebAutomationSessionProxy.messages.in:
WebProcess/GPU/GPUProcessConnection.messages.in:
WebProcess/GPU/media/MediaPlayerPrivateRemote.messages.in:
WebProcess/GPU/media/SourceBufferPrivateRemote.messages.in:
WebProcess/Inspector/WebInspectorUIExtensionController.messages.in:
WebProcess/MediaSession/RemoteMediaSessionCoordinator.messages.in:
WebProcess/Network/NetworkProcessConnection.messages.in:
WebProcess/Storage/WebSWClientConnection.messages.in:
WebProcess/Storage/WebSWContextManagerConnection.messages.in:
WebProcess/Storage/WebSharedWorkerObjectConnection.messages.in:
WebProcess/WebCoreSupport/WebBroadcastChannelRegistry.messages.in:
WebProcess/WebPage/EventDispatcher.messages.in:
WebProcess/WebPage/WebPage.messages.in:
WebProcess/WebProcess.messages.in:
WebProcess/cocoa/VideoFullscreenManager.messages.in:

12:53 PM Changeset in webkit [290902] by Oriol Brufau

1 edit
4 deletes in trunk/LayoutTests

Remove duplicated platform expectations for computed-style.html, computed-style-without-renderer.html, getComputedStyle-basic.xhtml
https://bugs.webkit.org/show_bug.cgi?id=237534

Unreviewed test gardening.

platform/glib/fast/css/getComputedStyle/computed-style-expected.txt: Removed.
platform/glib/fast/css/getComputedStyle/computed-style-without-renderer-expected.txt: Removed.
platform/glib/svg/css/getComputedStyle-basic-expected.txt: Removed.
platform/ios/fast/css/getComputedStyle/computed-style-expected.txt: Removed.
platform/ios/fast/css/getComputedStyle/computed-style-without-renderer-expected.txt: Removed.
platform/ios/svg/css/getComputedStyle-basic-expected.txt: Removed.

12:29 PM Changeset in webkit [290901] by Chris Dumez

101 edits
1 delete in trunk

Optimize the passing of data across threads
https://bugs.webkit.org/show_bug.cgi?id=237502

Reviewed by Geoff Garen.

Source/WebCore:

Add more isolatedCopy() overloads that work on r-value references when the implementation
can be optimized. Also call isolatedCopy() / crossThreadCopy() on a r-value reference
whenever possible to leverage these optimizations.

Modules/cache/CacheQueryOptions.h:

(WebCore::CacheQueryOptions::isolatedCopy const):
(WebCore::CacheQueryOptions::isolatedCopy):

Modules/cache/DOMCacheEngine.cpp:

(WebCore::DOMCacheEngine::isolateCacheInfo): Deleted.
(WebCore::DOMCacheEngine::CacheInfos::isolatedCopy): Deleted.

Modules/cache/DOMCacheEngine.h:

(WebCore::DOMCacheEngine::CacheInfo::isolatedCopy const):
(WebCore::DOMCacheEngine::CacheInfo::isolatedCopy):
(WebCore::DOMCacheEngine::CacheInfos::isolatedCopy const):
(WebCore::DOMCacheEngine::CacheInfos::isolatedCopy):

Modules/cache/RetrieveRecordsOptions.h:

(WebCore::RetrieveRecordsOptions::isolatedCopy const):
(WebCore::RetrieveRecordsOptions::isolatedCopy):

Modules/cache/WorkerCacheStorageConnection.cpp:

(WebCore::WorkerCacheStorageConnection::retrieveCaches):
(WebCore::WorkerCacheStorageConnection::batchDeleteOperation):

Modules/entriesapi/DOMFileSystem.cpp:

(WebCore::ListedChild::isolatedCopy const):
(WebCore::ListedChild::isolatedCopy):
(WebCore::DOMFileSystem::listDirectory):

Modules/indexeddb/IDBDatabaseIdentifier.cpp:

(WebCore::IDBDatabaseIdentifier::isolatedCopy const):
(WebCore::IDBDatabaseIdentifier::isolatedCopy):

Modules/indexeddb/IDBDatabaseIdentifier.h:
Modules/indexeddb/IDBGetResult.cpp:

(WebCore::IDBGetResult::isolatedCopy):

Modules/indexeddb/IDBTransaction.cpp:

(WebCore::IDBTransaction::requestGetAllObjectStoreRecords):
(WebCore::IDBTransaction::requestGetAllIndexRecords):

Modules/indexeddb/server/MemoryObjectStore.cpp:

(WebCore::IDBServer::MemoryObjectStore::populateIndexWithExistingRecords):

Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:

(WebCore::IDBServer::SQLiteIDBBackingStore::updateOneIndexForAddRecord):

Modules/indexeddb/shared/IDBDatabaseNameAndVersion.h:

(WebCore::IDBDatabaseNameAndVersion::isolatedCopy const):
(WebCore::IDBDatabaseNameAndVersion::isolatedCopy):

Modules/indexeddb/shared/IDBError.cpp:

(WebCore::IDBError::isolatedCopy const): Deleted.

Modules/indexeddb/shared/IDBError.h:

(WebCore::IDBError::isolatedCopy const):
(WebCore::IDBError::isolatedCopy):

Modules/indexeddb/shared/IDBIndexInfo.cpp:

(WebCore::IDBIndexInfo::isolatedCopy const):
(WebCore::IDBIndexInfo::isolatedCopy):

Modules/indexeddb/shared/IDBIndexInfo.h:
Modules/indexeddb/shared/IDBObjectStoreInfo.cpp:

(WebCore::IDBObjectStoreInfo::isolatedCopy const):
(WebCore::IDBObjectStoreInfo::isolatedCopy):

Modules/indexeddb/shared/IDBObjectStoreInfo.h:
Modules/web-locks/WebLockManagerSnapshot.h:

(WebCore::WebLockManagerSnapshot::Info::isolatedCopy const):
(WebCore::WebLockManagerSnapshot::Info::isolatedCopy):
(WebCore::WebLockManagerSnapshot::isolatedCopy const):
(WebCore::WebLockManagerSnapshot::isolatedCopy):

Modules/webaudio/AudioParamDescriptor.h:

(WebCore::AudioParamDescriptor::isolatedCopy const):
(WebCore::AudioParamDescriptor::isolatedCopy):

Modules/webaudio/AudioWorkletGlobalScope.cpp:

(WebCore::AudioWorkletGlobalScope::registerProcessor):

Modules/webaudio/AudioWorkletThread.cpp:

(WebCore::AudioWorkletThread::AudioWorkletThread):

Modules/webaudio/AudioWorkletThread.h:

(WebCore::AudioWorkletThread::create):

Modules/webdatabase/DatabaseTask.cpp:

(WebCore::DatabaseOpenTask::doPerformTask):

Modules/webdatabase/DatabaseTracker.cpp:

(WebCore::DatabaseTracker::origins):
(WebCore::DatabaseTracker::addOpenDatabase):
(WebCore::DatabaseTracker::originLockFor):

Modules/websockets/WorkerThreadableWebSocketChannel.cpp:

(WebCore::WorkerThreadableWebSocketChannel::Peer::didConnect):

Sources.txt:
WebCore.xcodeproj/project.pbxproj:
contentextensions/ContentExtensionActions.cpp:

(WebCore::ContentExtensions::ModifyHeadersAction::isolatedCopy const):
(WebCore::ContentExtensions::ModifyHeadersAction::isolatedCopy):
(WebCore::ContentExtensions::ModifyHeadersAction::ModifyHeaderInfo::isolatedCopy const):
(WebCore::ContentExtensions::ModifyHeadersAction::ModifyHeaderInfo::isolatedCopy):
(WebCore::ContentExtensions::RedirectAction::isolatedCopy const):
(WebCore::ContentExtensions::RedirectAction::isolatedCopy):
(WebCore::ContentExtensions::RedirectAction::URLTransformAction::isolatedCopy const):
(WebCore::ContentExtensions::RedirectAction::URLTransformAction::isolatedCopy):
(WebCore::ContentExtensions::RedirectAction::URLTransformAction::QueryTransform::isolatedCopy const):
(WebCore::ContentExtensions::RedirectAction::URLTransformAction::QueryTransform::isolatedCopy):
(WebCore::ContentExtensions::RedirectAction::URLTransformAction::QueryTransform::QueryKeyValue::isolatedCopy const): Deleted.

contentextensions/ContentExtensionActions.h:

(WebCore::ContentExtensions::ActionWithStringMetadata::isolatedCopy const):
(WebCore::ContentExtensions::ActionWithStringMetadata::isolatedCopy):

contentextensions/ContentExtensionCompiler.cpp:

(WebCore::ContentExtensions::compileRuleList):

contentextensions/ContentExtensionParser.cpp:

(WebCore::ContentExtensions::loadTrigger):

contentextensions/ContentExtensionRule.cpp:

(WebCore::ContentExtensions::Trigger::isolatedCopy const):
(WebCore::ContentExtensions::Trigger::isolatedCopy):
(WebCore::ContentExtensions::Action::isolatedCopy const):
(WebCore::ContentExtensions::Action::isolatedCopy):

contentextensions/ContentExtensionRule.h:

(WebCore::ContentExtensions::Trigger::checkValidity):
(WebCore::ContentExtensions::ContentExtensionRule::isolatedCopy const):
(WebCore::ContentExtensions::ContentExtensionRule::isolatedCopy):
(WebCore::ContentExtensions::Trigger::~Trigger): Deleted.

dom/Exception.h:

(WebCore::Exception::isolatedCopy const):
(WebCore::Exception::isolatedCopy):
(WebCore::isolatedCopy): Deleted.

dom/ExceptionData.cpp: Removed.

(WebCore::ExceptionData::isolatedCopy const): Deleted.

dom/ExceptionData.h:

(WebCore::ExceptionData::isolatedCopy const):
(WebCore::ExceptionData::isolatedCopy):

dom/ExceptionOr.h:

(WebCore::isolatedCopy): Deleted.

html/DirectoryFileListCreator.cpp:

(WebCore::FileInformation::isolatedCopy const):
(WebCore::FileInformation::isolatedCopy):

html/FileInputType.cpp:

(WebCore::FileInputType::receiveDroppedFilesWithImageTranscoding):

html/parser/HTMLPreloadScanner.cpp:

(WebCore::TokenPreloadScanner::updatePredictedBaseURL):

loader/CrossOriginOpenerPolicy.cpp:

(WebCore::CrossOriginOpenerPolicy::isolatedCopy const):
(WebCore::CrossOriginOpenerPolicy::isolatedCopy):

loader/CrossOriginOpenerPolicy.h:
loader/DocumentLoader.cpp:

(WebCore::DocumentLoader::handleContentFilterDidBlock):

loader/FetchOptions.h:

(WebCore::FetchOptions::isolatedCopy const):
(WebCore::FetchOptions::isolatedCopy):

loader/PolicyContainer.h:

(WebCore::PolicyContainer::isolatedCopy const):
(WebCore::PolicyContainer::isolatedCopy):

loader/PrivateClickMeasurement.cpp:

(WebCore::PrivateClickMeasurement::UnlinkableToken::isolatedCopy const):
(WebCore::PrivateClickMeasurement::UnlinkableToken::isolatedCopy):
(WebCore::PrivateClickMeasurement::isolatedCopy const):
(WebCore::PrivateClickMeasurement::isolatedCopy):
(WebCore::PrivateClickMeasurement::SecretToken::isolatedCopy const): Deleted.
(WebCore::PrivateClickMeasurement::SourceSecretToken::isolatedCopy const): Deleted.
(WebCore::PrivateClickMeasurement::DestinationSecretToken::isolatedCopy const): Deleted.
(WebCore::PrivateClickMeasurement::EphemeralNonce::isolatedCopy const): Deleted.
(WebCore::PrivateClickMeasurement::SourceUnlinkableToken::isolatedCopy const): Deleted.
(WebCore::PrivateClickMeasurement::DestinationUnlinkableToken::isolatedCopy const): Deleted.

loader/PrivateClickMeasurement.h:

(WebCore::PrivateClickMeasurement::SourceSite::isolatedCopy const):
(WebCore::PrivateClickMeasurement::SourceSite::isolatedCopy):
(WebCore::PrivateClickMeasurement::AttributionDestinationSite::isolatedCopy const):
(WebCore::PrivateClickMeasurement::AttributionDestinationSite::isolatedCopy):
(WebCore::PrivateClickMeasurement::EphemeralNonce::isolatedCopy const):
(WebCore::PrivateClickMeasurement::EphemeralNonce::isolatedCopy):
(WebCore::PrivateClickMeasurement::SourceUnlinkableToken::isolatedCopy const):
(WebCore::PrivateClickMeasurement::SourceUnlinkableToken::isolatedCopy):
(WebCore::PrivateClickMeasurement::DestinationUnlinkableToken::isolatedCopy const):
(WebCore::PrivateClickMeasurement::DestinationUnlinkableToken::isolatedCopy):
(WebCore::PrivateClickMeasurement::SecretToken::isolatedCopy const):
(WebCore::PrivateClickMeasurement::SecretToken::isolatedCopy):
(WebCore::PrivateClickMeasurement::SourceSecretToken::isolatedCopy const):
(WebCore::PrivateClickMeasurement::SourceSecretToken::isolatedCopy):
(WebCore::PrivateClickMeasurement::DestinationSecretToken::isolatedCopy const):
(WebCore::PrivateClickMeasurement::DestinationSecretToken::isolatedCopy):

loader/ResourceTiming.cpp:

(WebCore::ResourceTiming::isolatedCopy const):
(WebCore::ResourceTiming::isolatedCopy):

loader/ResourceTiming.h:
loader/ServerTiming.cpp:

(WebCore::ServerTiming::isolatedCopy const):
(WebCore::ServerTiming::isolatedCopy):

loader/ServerTiming.h:
loader/WorkerThreadableLoader.cpp:
page/ClientOrigin.h:

(WebCore::ClientOrigin::isolatedCopy const):
(WebCore::ClientOrigin::isolatedCopy):

page/ProcessWarming.cpp:

(WebCore::ProcessWarming::prewarmWithInformation):

page/ProcessWarming.h:
page/csp/ContentSecurityPolicyResponseHeaders.cpp:

(WebCore::ContentSecurityPolicyResponseHeaders::isolatedCopy const):
(WebCore::ContentSecurityPolicyResponseHeaders::isolatedCopy):

page/csp/ContentSecurityPolicyResponseHeaders.h:
platform/FileChooser.h:

(WebCore::FileChooserFileInfo::isolatedCopy const):
(WebCore::FileChooserFileInfo::isolatedCopy):

platform/MediaSelectionOption.h:

(WebCore::MediaSelectionOption::isolatedCopy const):
(WebCore::MediaSelectionOption::isolatedCopy):

platform/RegistrableDomain.h:

(WebCore::RegistrableDomain::isolatedCopy const):
(WebCore::RegistrableDomain::isolatedCopy):

platform/graphics/FontCache.cpp:

(WebCore::FontCache::prewarm):

platform/graphics/FontCache.h:

(WebCore::FontCache::PrewarmInformation::isolatedCopy const):
(WebCore::FontCache::PrewarmInformation::isolatedCopy):

platform/graphics/FontGenericFamilies.cpp:

(WebCore::FontGenericFamilies::isolatedCopy const):
(WebCore::FontGenericFamilies::isolatedCopy):

platform/graphics/FontGenericFamilies.h:
platform/graphics/ImageSource.cpp:

(WebCore::ImageSource::startAsyncDecodingQueue):

platform/graphics/cocoa/FontCacheCoreText.cpp:

(WebCore::FontDatabase::collectionForFamily):
(WebCore::FontCache::prewarm):

platform/ios/WebVideoFullscreenControllerAVKit.mm:

(VideoFullscreenControllerContext::audioMediaSelectionOptionsChanged):
(VideoFullscreenControllerContext::legibleMediaSelectionOptionsChanged):
(isolatedCopy): Deleted.

platform/mediacapabilities/AudioConfiguration.h:

(WebCore::AudioConfiguration::isolatedCopy const):
(WebCore::AudioConfiguration::isolatedCopy):

platform/mediacapabilities/MediaConfiguration.h:

(WebCore::MediaConfiguration::isolatedCopy const):
(WebCore::MediaConfiguration::isolatedCopy):

platform/mediacapabilities/VideoConfiguration.h:

(WebCore::VideoConfiguration::isolatedCopy const):
(WebCore::VideoConfiguration::isolatedCopy):

platform/mediastream/RTCDataChannelHandler.h:

(WebCore::RTCDataChannelInit::isolatedCopy const):
(WebCore::RTCDataChannelInit::isolatedCopy):

platform/mediastream/mac/AVCaptureDeviceManager.mm:

(WebCore::AVCaptureDeviceManager::refreshCaptureDevices):

platform/network/HTTPHeaderMap.cpp:

(WebCore::HTTPHeaderMap::isolatedCopy const):
(WebCore::HTTPHeaderMap::isolatedCopy):

platform/network/HTTPHeaderMap.h:

(WebCore::HTTPHeaderMap::CommonHeader::isolatedCopy const):
(WebCore::HTTPHeaderMap::CommonHeader::isolatedCopy):
(WebCore::HTTPHeaderMap::UncommonHeader::isolatedCopy const):
(WebCore::HTTPHeaderMap::UncommonHeader::isolatedCopy):

workers/service/ServiceWorkerClients.cpp:

(WebCore::ServiceWorkerClients::claim):

workers/service/server/RegistrationDatabase.cpp:

(WebCore::RegistrationDatabase::schedulePushChanges):

worklets/WorkletParameters.h:

(WebCore::WorkletParameters::isolatedCopy const):
(WebCore::WorkletParameters::isolatedCopy):

Source/WebKit:

NetworkProcess/Classifier/ResourceLoadStatisticsDatabaseStore.cpp:

(WebKit::ResourceLoadStatisticsDatabaseStore::migrateDataToPCMDatabaseIfNecessary):

NetworkProcess/Classifier/WebResourceLoadStatisticsStore.h:

(WebKit::RegistrableDomainsToBlockCookiesFor::isolatedCopy const):
(WebKit::RegistrableDomainsToBlockCookiesFor::isolatedCopy):
(WebKit::RegistrableDomainsToDeleteOrRestrictWebsiteDataFor::isolatedCopy const):
(WebKit::RegistrableDomainsToDeleteOrRestrictWebsiteDataFor::isolatedCopy):

NetworkProcess/IndexedDB/WebIDBServer.cpp:

(WebKit::WebIDBServer::closeAndDeleteDatabasesForOrigins):

NetworkProcess/PrivateClickMeasurement/PrivateClickMeasurementDebugInfo.cpp:

(WebKit::PCM::DebugInfo::isolatedCopy const):
(WebKit::PCM::DebugInfo::isolatedCopy):
(WebKit::PCM::DebugInfo::Message::isolatedCopy const):
(WebKit::PCM::DebugInfo::Message::isolatedCopy):

NetworkProcess/PrivateClickMeasurement/PrivateClickMeasurementDebugInfo.h:
NetworkProcess/PrivateClickMeasurement/PrivateClickMeasurementStore.cpp:

(WebKit::PCM::Store::allAttributedPrivateClickMeasurement):

UIProcess/API/APIContentRuleListStore.cpp:

(API::ContentRuleListStore::compileContentRuleList):

UIProcess/Cocoa/ModalContainerControlClassifier.mm:

(WebKit::ModalContainerControlClassifier::classify):

UIProcess/Cocoa/WebProcessPoolCocoa.mm:

(WebKit::WebProcessPool::setMediaAccessibilityPreferences):

UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::didChooseFilesForOpenPanelWithImageTranscoding):

WebProcess/WebProcess.cpp:

(WebKit::WebProcess::prewarmWithDomainInformation):

WebProcess/WebProcess.h:

Source/WebKitLegacy:

Storage/InProcessIDBServer.cpp:

(InProcessIDBServer::didGetAllDatabaseNamesAndVersions):

Source/WTF:

Drop isolatedCopy() on Vector since CrossThreadCopier already has logic to
isolate-copy a Vector. The logic in CrossThreadCopier has the benefit of
working on types that do not implement isolatedCopy() (e.g. a Vector of
std::optional or a Vector of std::variant).

Improve the CrossThreadCopier to optimize the case where crossThreadCopy()
is called on a r-value reference in more cases. In particular, the logic
for Vector, HashSet, HashMap, std::pair, std::variant was improved. I
also added API test coverage for those.

The API tests also found a bug where crossThreadCopy() was incorrectly
moving the source when called on a std::variant that was not a r-value
reference. This bug is fixed in this patch too.

wtf/CrossThreadCopier.h:
wtf/Vector.h:

(WTF::Malloc>::isolatedCopy const): Deleted.
(WTF::Malloc>::isolatedCopy): Deleted.

wtf/mac/FileSystemMac.mm:

(WTF::FileSystem::setMetadataURL):

Tools:

Expand test coverage for crossThreadCopy() and make sure the optimizations are working
when called on a r-value reference.

TestWebKitAPI/Tests/WTF/CrossThreadCopier.cpp:

(TestWebKitAPI::TEST):

TestWebKitAPI/Tests/WTF/Vector.cpp:

(TestWebKitAPI::TEST):

11:27 AM Changeset in webkit [290900] by commit-queue@webkit.org

2 edits in trunk/LayoutTests

LayoutTests/webgl/max-active-contexts-gc.html is flaky
https://bugs.webkit.org/show_bug.cgi?id=237466

Patch by Kimmo Kinnunen <kkinnunen@apple.com> on 2022-03-07
Reviewed by Alexey Proskuryakov.
The test:

created 16 WebGL contexts
unreferenced 8 WebGL contexts.
forced gc
added 9 WebGL contexts.

The test tries to test that GC removes unreferenced contexts.
To assert this, it ends up with 17 contexts, which is 1 above
the maximum active limit. This means one context is lost and the
implementation prints one line of error.

Since the GC is not exact, sometimes it would only collect 7 of the 8
unreferenced contexts. This would mean two error messages.

Fix by trying to collect each time a context is unreferenced. This seems to be
more predictable.

webgl/max-active-contexts-gc.html:

11:21 AM Changeset in webkit [290899] by Chris Dumez

10 edits
3 adds in trunk

Make "true" count as truthy in window.open()'s boolean features
https://bugs.webkit.org/show_bug.cgi?id=237530

Reviewed by Alex Christensen.

LayoutTests/imported/w3c:

Import WPT test coverage.

resources/resource-files.json:
web-platform-tests/html/browsers/the-window-object/apis-for-creating-and-navigating-browsing-contexts-by-name/open-features-is-popup-condition.html:
web-platform-tests/html/browsers/the-window-object/support/w3c-import.log:
web-platform-tests/html/browsers/the-window-object/support/windowFeature-values-target.html: Added.
web-platform-tests/html/browsers/the-window-object/w3c-import.log:
web-platform-tests/html/browsers/the-window-object/window-open-noopener.html:
web-platform-tests/html/browsers/the-window-object/window-open-windowfeatures-values-expected.txt: Added.
web-platform-tests/html/browsers/the-window-object/window-open-windowfeatures-values.html: Added.

Source/WebCore:

Make "true" count as truthy in window.open()'s boolean features, as per:

https://github.com/whatwg/html/pull/7425

Test: imported/w3c/web-platform-tests/html/browsers/the-window-object/window-open-windowfeatures-values.html

page/WindowFeatures.cpp:

(WebCore::setWindowFeature):

LayoutTests:

tests-options.json:

11:13 AM Changeset in webkit [290898] by graouts@webkit.org

4 edits in trunk

[web-animations] animating "fill" and "stroke" to or from "currentColor" should work
https://bugs.webkit.org/show_bug.cgi?id=237531

Reviewed by Antti Koivisto.

LayoutTests/imported/w3c:

web-platform-tests/web-animations/responsive/to-color-change-expected.txt:

Source/WebCore:

Invalid colors should use the value for the "color" property on the provided RenderStyle.

animation/CSSPropertyAnimation.cpp:

10:18 AM Changeset in webkit [290897] by graouts@webkit.org

4 edits in trunk

Transition on text-decoration-color from currentColor jumps
https://bugs.webkit.org/show_bug.cgi?id=236992
<rdar://problem/89382835>

Reviewed by Antti Koivisto.

LayoutTests/imported/w3c:

web-platform-tests/web-animations/responsive/to-color-change-expected.txt:

Source/WebCore:

We need to use the MaybeInvalidColor tag to identify that this property can work with currentColor.

animation/CSSPropertyAnimation.cpp:

(WebCore::CSSPropertyAnimationWrapperMap::CSSPropertyAnimationWrapperMap):

10:00 AM Changeset in webkit [290896] by sihui_liu@apple.com

11 edits
1 delete in trunk/Source/WebKit

Delete WebIDBServer and WebIDBConnectionToClient
https://bugs.webkit.org/show_bug.cgi?id=237479

Reviewed by Chris Dumez.

The code is unused since r289474; remove it to avoid confusion when investigating issues including related
symbols.

CMakeLists.txt:
DerivedSources-input.xcfilelist:
DerivedSources-output.xcfilelist:
DerivedSources.make:
NetworkProcess/IndexedDB/WebIDBConnectionToClient.cpp: Removed.
NetworkProcess/IndexedDB/WebIDBConnectionToClient.h: Removed.
NetworkProcess/IndexedDB/WebIDBServer.cpp: Removed.
NetworkProcess/IndexedDB/WebIDBServer.h: Removed.
NetworkProcess/IndexedDB/WebIDBServer.messages.in: Removed.
NetworkProcess/NetworkProcess.cpp:
NetworkProcess/NetworkSession.cpp:
NetworkProcess/NetworkSession.h:
NetworkProcess/ios/NetworkProcessIOS.mm:
Sources.txt:
WebKit.xcodeproj/project.pbxproj:

9:53 AM Changeset in webkit [290895] by graouts@webkit.org

6 edits in trunk

[web-animations] text-emphasis shorthand should be animatable
https://bugs.webkit.org/show_bug.cgi?id=237529

Reviewed by Antti Koivisto.

LayoutTests/imported/w3c:

web-platform-tests/css/css-pseudo/parsing/marker-supported-properties-expected.txt:
web-platform-tests/css/css-pseudo/parsing/marker-supported-properties-in-animation-expected.txt:

Source/WebCore:

animation/CSSPropertyAnimation.cpp:

(WebCore::CSSPropertyAnimationWrapperMap::CSSPropertyAnimationWrapperMap):

css/CSSComputedStyleDeclaration.cpp:

(WebCore::valueForTextEmphasisStyle):
(WebCore::ComputedStyleExtractor::valueForPropertyInStyle):

9:52 AM Changeset in webkit [290894] by Jonathan Bedard

4 edits in trunk/Tools

[git-webkit] Derive branch name from bug title (Follow-up fix)
https://bugs.webkit.org/show_bug.cgi?id=237284
<rdar://problem/89578241>

Unreviewed follow-up fix.

Tools/Scripts/libraries/webkitscmpy/setup.py: Bump version.
Tools/Scripts/libraries/webkitscmpy/webkitscmpy/init.py: Ditto.
Tools/Scripts/libraries/webkitscmpy/webkitscmpy/test/branch_unittest.py:

(TestBranch.test_basic_svn): Using an integer will attempt to find a bug number.
(TestBranch.test_basic_git): Ditto.

Canonical link: https://commits.webkit.org/248125@main

9:37 AM Changeset in webkit [290893] by J Pascoe

7 edits in trunk/Source/WebKit

[WebAuthn] Provide global frame identifier to ASCAgent SPI
https://bugs.webkit.org/show_bug.cgi?id=237454
rdar://problem/89782147

Reviewed by Brent Fulgham.

For purposes related to conditional mediation, the ASCAgent SPI
need to know what frame requested the assertion. This patch starts
passing that along.

Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h:
UIProcess/WebAuthentication/AuthenticatorManager.cpp:

(WebKit::AuthenticatorManager::cancelRequest):
(WebKit::AuthenticatorManager::runPanel):

UIProcess/WebAuthentication/Cocoa/AuthenticationServicesCoreSoftLink.h:
UIProcess/WebAuthentication/Cocoa/AuthenticationServicesCoreSoftLink.mm:
UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm:

(WebKit::configurationAssertionRequestContext):
(WebKit::WebAuthenticatorCoordinatorProxy::contextForRequest):

UIProcess/WebAuthentication/WebAuthenticationRequestData.h:

9:29 AM Changeset in webkit [290892] by Peng Liu

4 edits in trunk/Source

Small cleanups of media code
https://bugs.webkit.org/show_bug.cgi?id=237496

Reviewed by Xabier Rodriguez-Calvar.

Source/WebCore:

No new tests. No behavior change.

html/HTMLMediaElement.cpp:

(WebCore::HTMLMediaElement::updatePlayState): schedulePlaybackControlsManagerUpdate() is
called in both branches.

Source/WebKit:

WebProcess/cocoa/PlaybackSessionManager.h: protected is not needed here.

9:13 AM Changeset in webkit [290891] by Chris Dumez

2 edits in trunk/LayoutTests

[Catalina Release wk1] imported/w3c/web-platform-tests/html/browsers/origin/cross-origin-objects/cross-origin-objects.html is a flaky failure
https://bugs.webkit.org/show_bug.cgi?id=230729
<rdar://problem/83469625>

Unreviewed, unskip test as the bots show no recent flakiness.

platform/mac-wk1/TestExpectations:

8:42 AM WebKitGTK/2.36.x edited by berto@igalia.com

Reproducible build fixes (diff)

8:37 AM Changeset in webkit [290890] by Adrian Perez de Castro

2 edits in trunk/Source/WebKit

[GTK] generate-automation-atom.py breaks reproducible builds
https://bugs.webkit.org/show_bug.cgi?id=237506

Reviewed by Carlos Garcia Campos.

Scripts/generate-automation-atom.py:

(append_functions): Sort utility functions to produce stable output.

7:56 AM Changeset in webkit [290889] by Jonathan Bedard

18 edits in trunk

[webkitbugspy] Allow creation of new issues
https://bugs.webkit.org/show_bug.cgi?id=237123
<rdar://problem/89388181>

Reviewed by Dewei Zhu.

metadata/trackers.json: Define project.
Tools/Scripts/libraries/webkitbugspy/setup.py: Bump version.
Tools/Scripts/libraries/webkitbugspy/webkitbugspy/init.py: Ditto.
Tools/Scripts/libraries/webkitbugspy/webkitbugspy/bugzilla.py:

(Tracker.projects): Return a dictionary of projects, components and versions.
(Tracker.create): Create a new bug, prompting user for product, component and version
if needed.

Tools/Scripts/libraries/webkitbugspy/webkitbugspy/github.py:

(Tracker.labels): Return a dictionary of all labels associated with the project.
(Tracker.projects): Return an empty dictionary.
(Tracker.create): Create a new issue.

Tools/Scripts/libraries/webkitbugspy/webkitbugspy/mocks/init.py: Export PROJECT data.
Tools/Scripts/libraries/webkitbugspy/webkitbugspy/mocks/base.py:

(Base.init): Mock trackers should define a project dictionary.

Tools/Scripts/libraries/webkitbugspy/webkitbugspy/mocks/bugzilla.py:

(Bugzilla.init):
(Bugzilla._product_details): Derive product details from project dictionary.
(Bugzilla._create): Create a new bug.
(Bugzilla.request): Handle requests for product details and bug creation.

Tools/Scripts/libraries/webkitbugspy/webkitbugspy/mocks/data.py:
Tools/Scripts/libraries/webkitbugspy/webkitbugspy/mocks/github.py:

(GitHub.init):
(GitHub._labels): Return a list of project labels.
(GitHub._create): Create a new issue.
(GitHub.request): Handle requests for labels and issue creation.

Tools/Scripts/libraries/webkitbugspy/webkitbugspy/mocks/radar.py:

(RadarClient.find_components): Mock radarclient's component search API.
(RadarClient.create_radar): Mock radarclient's radar creation API.
(Radar.Component): Added.
(Radar.exceptions): Added.

Tools/Scripts/libraries/webkitbugspy/webkitbugspy/radar.py:

(Tracker):
(Tracker.Encoder.default): Pass 'projects' to radar instances.
(Tracker.init): Callers should define projects to limit component scope.
(Tracker.projects): Search radar components to provide a subset relevant to the declared projects.
(Tracker.create): Create a radar, prompting user for component and version if needed.

Tools/Scripts/libraries/webkitbugspy/webkitbugspy/tests/bugzilla_unittest.py:

(TestBugzilla.test_state_why):
(TestBugzilla):
(TestBugzilla.test_projects):
(TestBugzilla.test_create):
(TestBugzilla.test_create_prompt):

Tools/Scripts/libraries/webkitbugspy/webkitbugspy/tests/github_unittest.py:

(TestGitHub.test_state_why):
(TestGitHub):
(TestGitHub.test_labels):
(TestGitHub.test_projects):
(TestGitHub.test_create):

Tools/Scripts/libraries/webkitbugspy/webkitbugspy/tests/radar_unittest.py:

(TestRadar.test_state_why):
(TestRadar):
(TestRadar.test_projects):
(TestRadar.test_create):
(TestRadar.test_create_prompt):

Tools/Scripts/libraries/webkitbugspy/webkitbugspy/tracker.py:

(Tracker.from_json): Pass 'projects' to radar instances.
(Tracker.projects): Add base-class implementation.
(Tracker.create): Ditto.

Canonical link: https://commits.webkit.org/248120@main

6:26 AM Changeset in webkit [290888] by graouts@webkit.org

10 edits in trunk

[web-animations] text-emphasis-style should support discrete animations
https://bugs.webkit.org/show_bug.cgi?id=237514

Reviewed by Antti Koivisto.

LayoutTests/imported/w3c:

web-platform-tests/css/css-pseudo/parsing/marker-supported-properties-expected.txt:
web-platform-tests/css/css-pseudo/parsing/marker-supported-properties-in-animation-expected.txt:
web-platform-tests/css/css-text-decor/inheritance-expected.txt:
web-platform-tests/web-animations/animation-model/animation-types/accumulation-per-property-002-expected.txt:
web-platform-tests/web-animations/animation-model/animation-types/addition-per-property-002-expected.txt:
web-platform-tests/web-animations/animation-model/animation-types/interpolation-per-property-002-expected.txt:

Source/WebCore:

animation/CSSPropertyAnimation.cpp:

(WebCore::CSSPropertyAnimationWrapperMap::CSSPropertyAnimationWrapperMap):

css/CSSComputedStyleDeclaration.cpp:

(WebCore::ComputedStyleExtractor::valueForPropertyInStyle):

6:24 AM Changeset in webkit [290887] by graouts@webkit.org

7 edits in trunk

[web-animations] text-emphasis-color should support non-discrete animations
https://bugs.webkit.org/show_bug.cgi?id=237518

Reviewed by Antti Koivisto.

LayoutTests/imported/w3c:

web-platform-tests/css/css-pseudo/parsing/marker-supported-properties-in-animation-expected.txt:
web-platform-tests/web-animations/animation-model/animation-types/accumulation-per-property-002-expected.txt:
web-platform-tests/web-animations/animation-model/animation-types/addition-per-property-002-expected.txt:
web-platform-tests/web-animations/animation-model/animation-types/interpolation-per-property-002-expected.txt:

Source/WebCore:

This property was mistakenly added as a discrete property when it was unprefixed.

animation/CSSPropertyAnimation.cpp:

(WebCore::CSSPropertyAnimationWrapperMap::CSSPropertyAnimationWrapperMap):

6:22 AM Changeset in webkit [290886] by graouts@webkit.org

4 edits in trunk

[web-animations] text-decoration-skip-ink should support discrete animations
https://bugs.webkit.org/show_bug.cgi?id=237512

Reviewed by Antti Koivisto.

LayoutTests/imported/w3c:

web-platform-tests/css/css-pseudo/parsing/marker-supported-properties-in-animation-expected.txt:

Source/WebCore:

animation/CSSPropertyAnimation.cpp:

(WebCore::CSSPropertyAnimationWrapperMap::CSSPropertyAnimationWrapperMap):

6:19 AM Changeset in webkit [290885] by graouts@webkit.org

4 edits in trunk

[web-animations] line-break should support discrete animations
https://bugs.webkit.org/show_bug.cgi?id=237520

Reviewed by Antti Koivisto.

LayoutTests/imported/w3c:

web-platform-tests/css/css-pseudo/parsing/marker-supported-properties-in-animation-expected.txt:

Source/WebCore:

animation/CSSPropertyAnimation.cpp:

(WebCore::CSSPropertyAnimationWrapperMap::CSSPropertyAnimationWrapperMap):

6:15 AM Changeset in webkit [290884] by graouts@webkit.org

15 edits in trunk

Parsing of list-style shorthand is incorrect
https://bugs.webkit.org/show_bug.cgi?id=237515

Reviewed by Antti Koivisto.

LayoutTests/imported/w3c:

web-platform-tests/css/css-lists/parsing/list-style-computed.sub-expected.txt:
web-platform-tests/css/css-lists/parsing/list-style-valid-expected.txt:
web-platform-tests/css/css-pseudo/parsing/marker-supported-properties-expected.txt:
web-platform-tests/css/css-pseudo/parsing/marker-supported-properties-in-animation-expected.txt:
web-platform-tests/css/cssom/shorthand-values-expected.txt:

Source/WebCore:

The spec at https://drafts.csswg.org/css-lists/#list-style-property says the order of the properties

in the "list-style" shorthand is <'list-style-position'>

<'list-style-image'>

<'list-style-type'>.

Additionally, the "none" value needs special handling such that it sets "list-style-type".

css/CSSProperties.json:
css/parser/CSSPropertyParser.cpp:

(WebCore::CSSPropertyParser::parseShorthand):

LayoutTests:

Some non-WPT tests had the wrong assumption on the shorthand order
for list-style, so we update those tests to match the spec.

Additionally, the WPT test css/css-lists/list-style-type-string-004.html now passes.

fast/css/cssText-shorthand-expected.txt:
fast/css/cssText-shorthand.html:
fast/css/getComputedStyle/getComputedStyle-list-style-shorthand-expected.txt:
fast/css/getComputedStyle/getComputedStyle-list-style-shorthand.html:
platform/mac/TestExpectations:

4:43 AM Changeset in webkit [290883] by berto@igalia.com

2 edits in trunk/Source/WebCore

makeprop.pl breaks reproducible builds
https://bugs.webkit.org/show_bug.cgi?id=237521

Reviewed by Carlos Garcia Campos.

css/makeprop.pl: Sort hash elements so the output file is always

the same across different builds.

3:47 AM Changeset in webkit [290882] by commit-queue@webkit.org

2 edits in trunk/Source/JavaScriptCore

[JSC] Add missing CPU(RISCV64) guards in CTI thunk prologue, epilogue generators
https://bugs.webkit.org/show_bug.cgi?id=237517

Unreviewed, adding missing CPU(RISCV64) guards to the CTI thunk prologue
and epilogue generators in CCallHelpers, reusing the ARM variants of the
pair push/pop calls.

Patch by Zan Dobersek <zdobersek@igalia.com> on 2022-03-07

jit/CCallHelpers.cpp:

(JSC::CCallHelpers::emitCTIThunkPrologue):
(JSC::CCallHelpers::emitCTIThunkEpilogue):

3:18 AM Changeset in webkit [290881] by Nikolas Zimmermann

3 edits in trunk/Source/WebCore

Add hasTransformOrPerspective() helper to RenderObject
https://bugs.webkit.org/show_bug.cgi?id=237469

Reviewed by Darin Adler.

Avoid duplicating the logic to test if a renderer is transformed in
multiple places. Currently RenderGeometryMap duplicates the logic to add
one extra condition, the presence of a 'perspective' property.

While I was at it: remove the redundant offsetPath() check in
RenderObject::hasTransform(), since RenderStyle::hasTransform()
already returns true if offsetPath() is non-null.

LBSE wants to extend hasTransform() by a new condition: hasSVGTransform().
Before this patch, the place in RenderGeometryMap was easy to miss, fix that,
by centralizing the logic in one place.

Covered by existing tests, no change in behaviour.

rendering/RenderGeometryMap.cpp:

(WebCore::canMapBetweenRenderersViaLayers): Use RenderObject::hasTransformOrPespective().

rendering/RenderObject.h:

(WebCore::RenderObject::hasTransform const): Remove redundant offsetPath() check.
(WebCore::RenderObject::hasTransformOrPespective const): Add new helper.

3:16 AM Changeset in webkit [290880] by Nikolas Zimmermann

7 edits
2 adds in trunk/Source/WebCore

[LBSE] Begin layer-aware RenderSVGTransformableContainer implementation
https://bugs.webkit.org/show_bug.cgi?id=237024

Reviewed by Rob Buis.

Create RenderSVGContainer based on the downstream LBSE implementation.

This patch does not yet enable the creation of RenderSVGContainer
renderers if LBSE is enabled, since the derived classes, such as
RenderSVGHiddenContainer / RenderSVGViewportContainer / ..., are still
missing in LBSE.

Covered by existing tests, no change in behaviour.

Sources.txt: Add RenderSVGTransformableContainer.* to build.
WebCore.xcodeproj/project.pbxproj: Ditto.
rendering/RenderObject.h:

(WebCore::RenderObject::isSVGTransformableContainer const):

rendering/svg/RenderSVGTransformableContainer.cpp: Added.

(WebCore::RenderSVGTransformableContainer::RenderSVGTransformableContainer):
(WebCore::associatedUseElement):
(WebCore::RenderSVGTransformableContainer::additionalContainerTranslation const):
(WebCore::RenderSVGTransformableContainer::calculateViewport):
(WebCore::RenderSVGTransformableContainer::layoutChildren):
(WebCore::RenderSVGTransformableContainer::updateFromStyle):
(WebCore::RenderSVGTransformableContainer::applyTransform const):
(WebCore::RenderSVGTransformableContainer::styleWillChange):
(WebCore::RenderSVGTransformableContainer::graphicsElement const):

rendering/svg/RenderSVGTransformableContainer.h: Added.
rendering/svg/SVGContainerLayout.cpp:

(WebCore::SVGContainerLayout::transformToRootChanged):

svg/SVGElement.cpp: Create renderer for <g> elements in LBSE mode.

(WebCore::createSVGLayerAwareElementSet):

svg/SVGGElement.cpp: Ditto.

(WebCore::SVGGElement::createElementRenderer):

2:19 AM Changeset in webkit [290879] by Matt Woodrow

9 edits
2 adds in trunk

Compute correct containing block override size for items that are subgridden in one dimension only.
https://bugs.webkit.org/show_bug.cgi?id=236951

Reviewed by Dean Jackson.

LayoutTests/imported/w3c:

Added new WPT similar to auto-track-sizing-001 which adds new variations
with nested subgrids and varying whether the other axis is subgridded.

web-platform-tests/css/css-grid/subgrid/auto-track-sizing-002-expected.html: Added.
web-platform-tests/css/css-grid/subgrid/auto-track-sizing-002.html: Added.

Source/WebCore:

Items that are subgridded in one dimension will be included in the track sizing algorithm of the
outer grid for that dimension. When measuring their size in the subgridded dimension, we need to
set their containing block size in the other (non-subgridded) dimension, which is only available
from the subgrid's track sizing, not the outer track sizes.

This recurses up to set the override size on the subgrid element instead, and forces a layout
there, which should copy down subgrid track sizes and compute the other dimension, making it
available on the inner item we need.

Test: imported/w3c/web-platform-tests/css/css-grid/subgrid/auto-track-sizing-002.html

rendering/GridLayoutFunctions.cpp:

(WebCore::GridLayoutFunctions::extraMarginForSubgridAncestors):

rendering/GridLayoutFunctions.h:
rendering/GridTrackSizingAlgorithm.cpp:

(WebCore::GridTrackSizingAlgorithmStrategy::updateOverridingContainingBlockContentSizeForChild const):

rendering/RenderGrid.cpp:

(WebCore::RenderGrid::isSubgridOf):

rendering/RenderGrid.h:

LayoutTests:

TestExpectations:

Marked existing WPT as passing.

2:17 AM Changeset in webkit [290878] by commit-queue@webkit.org

2 edits in trunk/Source/WebCore

Release_Assert | WebCore::Document::addTopLayerElement()
https://bugs.webkit.org/show_bug.cgi?id=237307

Patch by Frédéric Wang <fwang@igalia.com> on 2022-03-07
Reviewed by Chris Dumez.

setBooleanAttribute() call in HTMLDialogElement::showModal() dispatches a DOMSubtreeModified
event. Postpone it so that listeners cannot disconnect the dialog element.

html/HTMLDialogElement.cpp:

(WebCore::HTMLDialogElement::showModal): Add a queue to postpone event.

Mar 6, 2022:

10:43 PM Changeset in webkit [290877] by mmaxfield@apple.com

28 edits in trunk/Source/WebGPU

[WebGPU] Use C++ references instead of pointers where applicable
https://bugs.webkit.org/show_bug.cgi?id=237508

Reviewed by Tim Horton.

The header we're implementing uses pointers because it's a C header.
Our internal implementation can use references instead.

WebGPU/Adapter.h:
WebGPU/Adapter.mm:

(WebGPU::Adapter::getLimits):
(WebGPU::Adapter::getProperties):
(WebGPU::Adapter::requestDevice):
(wgpuAdapterGetLimits):
(wgpuAdapterGetProperties):
(wgpuAdapterRequestDevice):
(wgpuAdapterRequestDeviceWithBlock):

WebGPU/BindGroup.mm:

(WebGPU::Device::createBindGroup):

WebGPU/BindGroupLayout.mm:

(WebGPU::Device::createBindGroupLayout):

WebGPU/Buffer.mm:

(WebGPU::Device::createBuffer):

WebGPU/CommandEncoder.h:
WebGPU/CommandEncoder.mm:

(WebGPU::Device::createCommandEncoder):
(WebGPU::CommandEncoder::beginComputePass):
(WebGPU::CommandEncoder::beginRenderPass):
(WebGPU::CommandEncoder::copyBufferToTexture):
(WebGPU::CommandEncoder::copyTextureToBuffer):
(WebGPU::CommandEncoder::copyTextureToTexture):
(WebGPU::CommandEncoder::finish):
(wgpuCommandEncoderBeginComputePass):
(wgpuCommandEncoderBeginRenderPass):
(wgpuCommandEncoderCopyBufferToTexture):
(wgpuCommandEncoderCopyTextureToBuffer):
(wgpuCommandEncoderCopyTextureToTexture):
(wgpuCommandEncoderFinish):

WebGPU/ComputePipeline.mm:

(WebGPU::Device::createComputePipeline):
(WebGPU::Device::createComputePipelineAsync):

WebGPU/Device.h:
WebGPU/Device.mm:

(WebGPU::Device::getLimits):
(wgpuDeviceCreateBindGroup):
(wgpuDeviceCreateBindGroupLayout):
(wgpuDeviceCreateBuffer):
(wgpuDeviceCreateCommandEncoder):
(wgpuDeviceCreateComputePipeline):
(wgpuDeviceCreateComputePipelineAsync):
(wgpuDeviceCreateComputePipelineAsyncWithBlock):
(wgpuDeviceCreatePipelineLayout):
(wgpuDeviceCreateQuerySet):
(wgpuDeviceCreateRenderBundleEncoder):
(wgpuDeviceCreateRenderPipeline):
(wgpuDeviceCreateRenderPipelineAsync):
(wgpuDeviceCreateRenderPipelineAsyncWithBlock):
(wgpuDeviceCreateSampler):
(wgpuDeviceCreateShaderModule):
(wgpuDeviceCreateSwapChain):
(wgpuDeviceCreateTexture):
(wgpuDeviceGetLimits):

WebGPU/Instance.h:
WebGPU/Instance.mm:

(WebGPU::Instance::create):
(WebGPU::Instance::createSurface):
(WebGPU::Instance::requestAdapter):
(wgpuCreateInstance):
(wgpuInstanceCreateSurface):
(wgpuInstanceRequestAdapter):
(wgpuInstanceRequestAdapterWithBlock):

WebGPU/PipelineLayout.mm:

(WebGPU::Device::createPipelineLayout):

WebGPU/QuerySet.mm:

(WebGPU::Device::createQuerySet):

WebGPU/Queue.h:
WebGPU/Queue.mm:

(WebGPU::Queue::writeTexture):
(wgpuQueueWriteTexture):

WebGPU/RenderBundleEncoder.h:
WebGPU/RenderBundleEncoder.mm:

(WebGPU::Device::createRenderBundleEncoder):
(WebGPU::RenderBundleEncoder::finish):
(wgpuRenderBundleEncoderFinish):

WebGPU/RenderPassEncoder.h:
WebGPU/RenderPassEncoder.mm:

(WebGPU::RenderPassEncoder::setBlendConstant):
(wgpuRenderPassEncoderSetBlendConstant):

WebGPU/RenderPipeline.mm:

(WebGPU::Device::createRenderPipeline):
(WebGPU::Device::createRenderPipelineAsync):

WebGPU/Sampler.mm:

(WebGPU::Device::createSampler):

WebGPU/ShaderModule.h:
WebGPU/ShaderModule.mm:

(WebGPU::findShaderModuleParameters):
(WebGPU::Device::createShaderModule):
(WebGPU::ShaderModule::getCompilationInfo):
(wgpuShaderModuleGetCompilationInfo):
(wgpuShaderModuleGetCompilationInfoWithBlock):

WebGPU/SwapChain.mm:

(WebGPU::Device::createSwapChain):

WebGPU/Texture.h:
WebGPU/Texture.mm:

(WebGPU::Device::createTexture):
(WebGPU::Texture::createView):
(wgpuTextureCreateView):

7:52 PM Changeset in webkit [290876] by Lauro Moura

2 edits in trunk/Tools

[Flatpak SDK] Fix key expired treatment with Python3
https://bugs.webkit.org/show_bug.cgi?id=237509

Reviewed by Fujii Hironori.

flatpak/flatpakutils.py:

(FlatpakObject.flatpak_update):

9:39 AM Changeset in webkit [290875] by Wenson Hsieh

4 edits
1 add in trunk

[iOS] Layer tree can get indefinitely frozen if WKWebView is unparented underneath -[UIWindow dealloc]
https://bugs.webkit.org/show_bug.cgi?id=237505
rdar://85563958

Reviewed by Tim Horton.

Source/WebKit:

It's currently possible for the web page to get permanently stuck in frozen state, due to the
BackgroundApplication layer tree freeze reason; this occurs when the web view is unparented from the view
hierarchy underneath the scope of UIWindow's -dealloc method.

During -[UIWindow dealloc], the backpointer underlying the implementation of -[UIView window] is set to nil
immediately before the subclassing method hook -willMoveToWindow: is invoked on the view hierarchy. This means
that when -willMoveToWindow: is invoked, self.window will return nil. This, in turn, puts
WKApplicationStateTrackingView in a bad state because we bail early before resetting _applicationStateTracker
in the early return below, since we (erroneously) believe that we've already been unparented from the view
hierarchy, so we don't need to do anything.

if (!self._contentView.window

newWindow)

return;

As a result, if the same web view is eventually moved back into another visible window, -didMoveToWindow bails
before setting up the _applicationStateTracker again, since it already exists from when the previous window
was still active. This means -_applicationWillEnterForeground is never called when the web view is
reintroduced to the view hierarchy, so LayerTreeFreezeReason::BackgroundApplication is never lifted.

To address this, we simply remove the debug assertion for _applicationStateTracker, and instead check whether
the application state tracker exists or not for the logic of the early return. Doing so also makes the early
return in -willMoveToWindow: consistent with the logic in one in -didMoveToWindow, which already consults
_applicationStateTracker:

(void)didMoveToWindow

{

if (!self._contentView.window

_applicationStateTracker)

return;

Test: ApplicationStateTracking.WindowDeallocDoesNotPermanentlyFreezeLayerTree

UIProcess/ios/WKApplicationStateTrackingView.mm:

(-[WKApplicationStateTrackingView willMoveToWindow:]): See above.

Tools:

Add an API test to exercise the bug. This API test is comprised of the following series of steps:

Create the web view and add it under window #1.
Post a "did enter background" notification.
Deallocate window #1 (thereby unparenting the web view in the process).
Post a "will enter foreground" notification.
Add the web view under window #2.
Load some HTML content and wait for a presentation update.

Before the fix, this test times out because the layer tree is permanently frozen after step (3), due to the
BackgroundApplication reason, so the presentation update in step (6) never finishes.

TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
TestWebKitAPI/Tests/ios/ApplicationStateTracking.mm: Added.

(TestWebKitAPI::TEST):

9:28 AM Changeset in webkit [290874] by eric.carlson@apple.com

14 edits in trunk/Source

Push HTMLMediaElement renderer's contentBox rect to GPU process
https://bugs.webkit.org/show_bug.cgi?id=237444
rdar://84869202

Reviewed by Jer Noble.

Source/WebCore:

No new tests. This is a speculative fix, with new logging, for an issue I haven't
been able to reproduce.

html/HTMLMediaElement.cpp:

(WebCore::HTMLMediaElement::updateRenderer): Push mediaPlayerContentBoxRect to the
media player.

platform/graphics/MediaPlayer.cpp:

(WebCore::MediaPlayer::playerContentBoxRectChanged): Pass rect to platform player.

platform/graphics/MediaPlayer.h:
platform/graphics/MediaPlayerPrivate.h:

(WebCore::MediaPlayerPrivateInterface::playerContentBoxRectChanged):

Source/WebKit:

GPUProcess/media/RemoteMediaPlayerProxy.cpp:

(WebKit::RemoteMediaPlayerProxy::RemoteMediaPlayerProxy): Configuration now has
playerContentBoxRect.
(WebKit::RemoteMediaPlayerProxy::mediaPlayerContentBoxRect const):
(WebKit::RemoteMediaPlayerProxy::playerContentBoxRectChanged): Update playerContentBoxRect.

GPUProcess/media/RemoteMediaPlayerProxy.h:
GPUProcess/media/RemoteMediaPlayerProxy.messages.in:

GPUProcess/media/RemoteMediaPlayerProxyConfiguration.h:

(WebKit::RemoteMediaPlayerProxyConfiguration::encode const):
(WebKit::RemoteMediaPlayerProxyConfiguration::decode):

GPUProcess/media/cocoa/RemoteMediaPlayerProxyCocoa.mm:

(WebKit::RemoteMediaPlayerProxy::setVideoInlineSizeIfPossible): Convert from static
function so we can log.
(WebKit::RemoteMediaPlayerProxy::mediaPlayerFirstVideoFrameAvailable): Add logging.
(WebKit::RemoteMediaPlayerProxy::mediaPlayerRenderingModeChanged): Ditto.
(WebKit::RemoteMediaPlayerProxy::setVideoInlineSizeFenced): Ditto.
(WebKit::setVideoInlineSizeIfPossible): Deleted.

WebProcess/GPU/media/MediaPlayerPrivateRemote.cpp:

(WebKit::MediaPlayerPrivateRemote::playerContentBoxRectChanged):

WebProcess/GPU/media/MediaPlayerPrivateRemote.h:

WebProcess/GPU/media/RemoteMediaPlayerManager.cpp:

(WebKit::RemoteMediaPlayerManager::createRemoteMediaPlayer):

Mar 5, 2022:

10:59 PM Changeset in webkit [290873] by mark.lam@apple.com

2 edits in trunk/Source/JavaScriptCore

Fix JITOperationList::addPointers() to support JIT_OPERATION_VALIDATION_ASSERT_ENABLED.
https://bugs.webkit.org/show_bug.cgi?id=237504
<rdar://problem/89770507>

Reviewed by Saam Barati.

According to tagJSCCodePtrImpl(), we will only use an operation's validation entry
if Options::useJITCage(). Make JITOperationList::addPointers() conform to this.

assembler/JITOperationList.cpp:

(JSC::JITOperationList::addPointers):

10:50 PM Changeset in webkit [290872] by Simon Fraser

13 edits
1 delete in trunk/Source/WebCore

Replace IntRectExtent with RectEdges<int>
https://bugs.webkit.org/show_bug.cgi?id=237495

Reviewed by Sam Weinig.

IntRectExtent was just like RectEdges<int>, so remove it.

Add operator+= for RectEdges<>, and helpers to convert from RectEdges<int> to RectEdges<LayoutUnit>.

Code that previously added a IntRectExtent to a rect now uses .expand().

For some reason initializing a RectEdges<T> with arguments std::max<T> fails to
compile, so use intermediate variables in two places.

Headers.cmake:
WebCore.xcodeproj/project.pbxproj:
platform/LengthBox.cpp:

(WebCore::operator<<):

platform/LengthBox.h:

(WebCore::toLayoutBoxExtent):

platform/RectEdges.h:

(WebCore::RectEdges::isZero const):
(WebCore::operator+=):

platform/graphics/IntRectExtent.h: Removed.
platform/graphics/filters/FEDropShadow.cpp:

(WebCore::FEDropShadow::outsets const):

platform/graphics/filters/FilterFunction.h:
platform/graphics/filters/FilterOperations.cpp:

(WebCore::FilterOperations::outsets const):

platform/graphics/filters/FilterOperations.h:
rendering/CSSFilter.h:
rendering/RenderLayer.cpp:

(WebCore::RenderLayer::setFilterBackendNeedsRepaintingInRect):
(WebCore::transparencyClipBox):
(WebCore::RenderLayer::calculateClipRects const):

rendering/RenderLayerFilters.cpp:

(WebCore::RenderLayerFilters::beginFilterEffect):

1:55 PM Changeset in webkit [290871] by mark.lam@apple.com

3 edits in trunk/Source/JavaScriptCore

Optimize VMTraps::maybeNeedHandling().
https://bugs.webkit.org/show_bug.cgi?id=237503

Reviewed by Saam Barati.

There's no need for VMTraps::maybeNeedHandling() to mask the VMTraps bits for
events. Under normal circumstances, there are no traps firing and the traps bits
are 0 anyway. We should optimize for this and do away with the masking. Clients
who use VMTraps::maybeNeedHandling() should and current do call VMTraps::needHandling()
to get the real story on whether there are actually traps to handle or not. Hence,
the masking in VMTraps::maybeNeedHandling() is also not needed for correctness.

We know from experience that changes in RETURN_IN_EXCEPTION can have an impact on
performance. Perhaps this change can also help performance.

runtime/ExceptionScope.h:
runtime/VMTraps.h:

(JSC::VMTraps::maybeNeedHandling const):

1:24 PM Changeset in webkit [290870] by Alan Bujtas

4 edits in trunk

Remove non-standard display:block UA stylesheet rule for <layer>
https://bugs.webkit.org/show_bug.cgi?id=236730
<rdar://problem/89372670>

Reviewed by Antti Koivisto.

Source/WebCore:

This looks to be an old WebKit (khtml?) quirk.
See also https://bugs.chromium.org/p/chromium/issues/detail?id=1298197

css/html.css:

(address, article, aside, div, footer, header, hgroup, main, nav, section):
(address, article, aside, div, footer, header, hgroup, layer, main, nav, section): Deleted.

LayoutTests:

inspector/css/shadow-scoped-style-expected.txt:

10:55 AM Changeset in webkit [290869] by mark.lam@apple.com

8 edits in trunk/Source

Fix broken SuspendExceptionScope and remove redundant VM::DeferExceptionScope.
https://bugs.webkit.org/show_bug.cgi?id=237441
<rdar://problem/89769627>

Reviewed by Yusuke Suzuki.

Source/JavaScriptCore:

SuspendExceptionScope was meant to do exactly the same thing that VM::DeferExceptionScope
does, except that SuspendExceptionScope hasn't been updated to handle exception
handling via VMTraps bits.

This patch will fix SuspendExceptionScope to work like VM::DeferExceptionScope,
and remove the now redundant VM::DeferExceptionScope. SuspendExceptionScope is
the better name here because the scope actually suspends any pending exception.
This is different from other Defer scopes where we prevent some new event from
arising and defer the event to a later time.

interpreter/FrameTracers.h:

(JSC::SuspendExceptionScope::SuspendExceptionScope):
(JSC::SuspendExceptionScope::~SuspendExceptionScope):

interpreter/Interpreter.cpp:

(JSC::UnwindFunctor::notifyDebuggerOfUnwinding):

runtime/TypeProfilerLog.cpp:

(JSC::TypeProfilerLog::processLogEntries):

runtime/VM.h:

(JSC::VM::restorePreviousException): Deleted.
(JSC::VM::DeferExceptionScope::DeferExceptionScope): Deleted.
(JSC::VM::DeferExceptionScope::~DeferExceptionScope): Deleted.

Source/WebCore:

inspector/InspectorFrontendAPIDispatcher.cpp:

(WebCore::InspectorFrontendAPIDispatcher::evaluateExpression):

inspector/InspectorFrontendHost.cpp:

(WebCore::InspectorFrontendHost::evaluateScriptInExtensionTab):

9:18 AM Changeset in webkit [290868] by Alan Bujtas

5 edits in trunk

[IFC][Integration] Do not bail out on IFC content with floats inside.
https://bugs.webkit.org/show_bug.cgi?id=237494

Reviewed by Antti Koivisto.

Source/WebCore:

We have support for such content now.
(This gives a noticeable coverage boost on PLT5 content.)

layout/integration/LayoutIntegrationCoverage.cpp:

(WebCore::LayoutIntegration::canUseForChild):

LayoutTests:

platform/ios/css2.1/t0905-c5525-fltcont-00-d-g-expected.txt:
platform/mac/css2.1/t0905-c5525-fltcont-00-d-g-expected.txt:

8:57 AM Changeset in webkit [290867] by Antti Koivisto

24 edits in trunk

Resolve ::first-line style eagerly
https://bugs.webkit.org/show_bug.cgi?id=237362

Reviewed by Alan Bujtas.

Source/WebCore:

Compute ::first-line style during style resolution instead of lazily in render tree.
This fixes bugs and clarifies the architecture in ways that a helpful for features like
container queries.

As a side effect it also makes ::first-line style animatable.

rendering/RenderBlock.cpp:

(WebCore::RenderBlock::firstLineBlock const): Deleted.

rendering/RenderBlock.h:
rendering/RenderElement.cpp:

(WebCore::RenderElement::RenderElement):
(WebCore::RenderElement::firstLineStyle const):
(WebCore::RenderElement::styleWillChange):
(WebCore::RenderElement::computeFirstLineStyle const): Deleted.
(WebCore::RenderElement::invalidateCachedFirstLineStyle): Deleted.

rendering/RenderElement.h:
rendering/RenderObject.cpp:

(WebCore::RenderObject::firstLineBlock const): Deleted.

rendering/RenderObject.h:
rendering/RenderRubyRun.cpp:

(WebCore::RenderRubyRun::firstLineBlock const): Deleted.

rendering/RenderRubyRun.h:
rendering/RenderTable.cpp:

(WebCore::RenderTable::firstLineBlock const): Deleted.

rendering/RenderTable.h:
rendering/RenderText.cpp:

(WebCore::RenderText::findByDisplayContentsInlineWrapperCandidate): Deleted.

rendering/RenderText.h:
rendering/style/RenderStyle.cpp:

(WebCore::RenderStyle::getCachedPseudoStyle const):

rendering/style/RenderStyle.h:

(WebCore::generatesBox):

rendering/svg/RenderSVGText.cpp:

(WebCore::RenderSVGText::firstLineBlock const): Deleted.

rendering/svg/RenderSVGText.h:
rendering/updating/RenderTreeUpdaterGeneratedContent.cpp:

(WebCore::RenderTreeUpdater::GeneratedContent::updatePseudoElement):

style/StyleTreeResolver.cpp:

(WebCore::Style::TreeResolver::resolveElement):
(WebCore::Style::TreeResolver::resolvePseudoElement):
(WebCore::Style::TreeResolver::resolveInheritedFirstLinePseudoElement):
(WebCore::Style::TreeResolver::makeResolutionContextForInheritedFirstLine):
(WebCore::Style::TreeResolver::boxGeneratingParent const const):
(WebCore::Style::TreeResolver::parentBoxStyle const):
(WebCore::Style::TreeResolver::resolveComposedTree):
(WebCore::Style::TreeResolver::resolvePseudoStyle): Deleted.

style/StyleTreeResolver.h:

LayoutTests:

TestExpectations:
platform/mac/fast/forms/input-baseline-expected.txt:

8:26 AM Changeset in webkit [290866] by Alan Bujtas

2 edits in trunk/Source/WebCore

[LFC][Integration] RenderInline should use ADD_REASONS_AND_RETURN_IF_NEEDED
https://bugs.webkit.org/show_bug.cgi?id=237492

Reviewed by Antti Koivisto.

Content inside RenderInline should be accounted for when collecting coverage information.
(This patch also has a bit of a printModernLineLayoutCoverage&co refactoring.)

layout/integration/LayoutIntegrationCoverage.cpp:

(WebCore::LayoutIntegration::printTextForSubtree):
(WebCore::LayoutIntegration::contentLengthForSubtreeStayWithinBlockFlow):
(WebCore::LayoutIntegration::contentLengthForBlockFlow):
(WebCore::LayoutIntegration::printModernLineLayoutBlockList):
(WebCore::LayoutIntegration::printModernLineLayoutCoverage):
(WebCore::LayoutIntegration::canUseForChild):
(WebCore::LayoutIntegration::textLengthForSubtree): Deleted.
(WebCore::LayoutIntegration::collectNonEmptyLeafRenderBlockFlows): Deleted.
(WebCore::LayoutIntegration::collectNonEmptyLeafRenderBlockFlowsForCurrentPage): Deleted.

3:33 AM Changeset in webkit [290865] by youenn@apple.com

5 edits in trunk

Implement remote-inbound-rtp packetsLost
https://bugs.webkit.org/show_bug.cgi?id=237443

Reviewed by Eric Carlson.

Source/WebCore:

Take benefit of latest backend to expose RemoteInboundRtpStreamStats values inherited from ReceivedRtpStreamStats.
Covered by updated test.

Modules/mediastream/libwebrtc/LibWebRTCStatsCollector.cpp:

(WebCore::fillReceivedRtpStreamStats):
(WebCore::fillInboundRtpStreamStats):
(WebCore::fillRemoteInboundRtpStreamStats):

LayoutTests:

platform/mac/TestExpectations:
webrtc/video-stats.html:

3:18 AM Changeset in webkit [290864] by Oriol Brufau

3 edits
2 adds in trunk

[css-cascade] Let 'revert-layer' in lowest layer roll back to user styles
https://bugs.webkit.org/show_bug.cgi?id=237486

Reviewed by Antti Koivisto.

LayoutTests/imported/w3c:

Add test. It still has some remaining failures due to bug 236272.

web-platform-tests/css/css-cascade/all-prop-revert-layer-noop-expected.txt: Added.
web-platform-tests/css/css-cascade/all-prop-revert-layer-noop.html: Added.

Source/WebCore:

When 'revert-layer' was used in the lowest @layer, then it would behave
as 'unset'. This patch fixes ensureRollbackCascadeForRevertLayer() to
not return nullptr and instead return ensureRollbackCascadeForRevert()
in that case. This imples that 'revert-layer' will behave like 'revert'
and roll back to user (or UA) styles.

Test: imported/w3c/web-platform-tests/css/css-cascade/all-prop-revert-layer-noop.html

style/StyleBuilder.cpp:

(WebCore::Style::Builder::ensureRollbackCascadeForRevertLayer):

Mar 4, 2022:

11:22 PM Changeset in webkit [290863] by sihui_liu@apple.com

3 edits in trunk/Source/WebKit

Stop setting NSURLIsExcludedFromBackupKey attribute for localSorageDirectory in UI process
https://bugs.webkit.org/show_bug.cgi?id=237447

Reviewed by Chris Dumez.

Let's do that on storage thread in network process when the directory is used.

Covered by existing test: WKWebView.LocalStorageDirectoryExcludedFromBackup.

NetworkProcess/storage/OriginStorageManager.cpp:

(WebKit::OriginStorageManager::StorageBucket::resolvedLocalStoragePath):

UIProcess/WebsiteData/WebsiteDataStore.cpp:

(WebKit::WebsiteDataStore::parameters):

10:48 PM Clangd edited by Brandon

(diff)

10:02 PM Changeset in webkit [290862] by sihui_liu@apple.com

4 edits in trunk

Add null check for path in makeAllDirectories
https://bugs.webkit.org/show_bug.cgi?id=237477

Reviewed by Darin Adler.

Source/WTF:

wtf/posix/FileSystemPOSIX.cpp:

(WTF::FileSystemImpl::makeAllDirectories):

Tools:

TestWebKitAPI/Tests/WTF/FileSystem.cpp:

(TestWebKitAPI::TEST_F):

9:39 PM Changeset in webkit [290861] by Simon Fraser

3 edits in trunk/Source/WebCore

Optimize the padding in StyleRareInheritedData
https://bugs.webkit.org/show_bug.cgi?id=237488

Reviewed by Cameron McCormack.

Shrink StyleRareInheritedData from 280 bytes to 264 bytes on macOS.

Also fix a missing comparison of wordSpacing in operator==.

rendering/style/StyleRareInheritedData.cpp:

(WebCore::StyleRareInheritedData::StyleRareInheritedData):
(WebCore::StyleRareInheritedData::operator== const):

rendering/style/StyleRareInheritedData.h:

6:38 PM Changeset in webkit [290860] by Tyler Wilcock

2 edits in trunk/Source/WebCore

AX: Protect incoming object with Ref in AXObjectCache::textChanged
https://bugs.webkit.org/show_bug.cgi?id=237475

Reviewed by Chris Fleizach.

This is better practice as ascending the hierarchy could cause
the object to get deleted.

accessibility/AXObjectCache.cpp:

(WebCore::AXObjectCache::textChanged):

6:21 PM Changeset in webkit [290859] by commit-queue@webkit.org

3 edits in trunk/Source/WebKit

Change app launch scheme
https://bugs.webkit.org/show_bug.cgi?id=237480
rdar://89781553

Patch by Harrison Weinerman <hweinerman@apple.com> on 2022-03-04
Reviewed by Brady Eidson.

We need to change the app launch scheme and remove an entitlement that is no longer required.

Scripts/process-entitlements.sh:
webpushd/WebPushDaemon.mm:

(WebPushD::Daemon::notifyClientPushMessageIsAvailable):

6:03 PM Changeset in webkit [290858] by Tyler Wilcock

9 edits
3 adds in trunk

AX: [WebAccessibilityObjectWrapperMac AXAttributeStringSetFont] crashes when given a font with a nil postscript name, font family, or display name
https://bugs.webkit.org/show_bug.cgi?id=237373

Reviewed by Chris Fleizach and Andres Gonzalez.

Source/WebCore:

[WebAccessibilityObjectWrapperMac AXAttributeStringSetFont] crashes when given a font with a
nil postscript name, font family, or display name. This can be
triggered with a custom SVG @font-face -- for example:

@font-face {

font-family: 'Litherum';
src: url("resources/Litherum.svg") format(svg);

}

{ font-family: 'Litherum'; }

We fix this by checking if these values are nil before trying to add
them to a dictionary.

This patch also centralizes application of fonts to attributed strings
by moving AXAttributeStringSetFont to the base wrapper. In doing so,
we fix a bug where if [WebAccessibilityObjectWrapperBase AXAttributeStringSetStyle] was
called from a Mac-context, it set iOS font properties (e.g.
UIAccessibilityTokenFontFamily instead of NSAccessibilityFontFamilyKey).

Test: accessibility/svg-font-face.html

accessibility/mac/WebAccessibilityObjectWrapperBase.h:
accessibility/mac/WebAccessibilityObjectWrapperBase.mm:

(AXAttributedStringRangeIsValid): Added.
(AXAttributedStringSetFont): Added.

accessibility/mac/WebAccessibilityObjectWrapperMac.mm:

(AXAttributeStringSetStyle):
(AXAttributedStringAppendText):
(AXAttributedStringRangeIsValid):
Moved to base wrapper.
(AXAttributeStringSetFont):
Moved to base wrapper.

LayoutTests:

accessibility/resources/Litherum.svg: Added.
accessibility/svg-font-face-expected.txt: Added.
accessibility/svg-font-face.html: Added.
platform/glib/TestExpectations: Skip new test.
platform/ios/TestExpectations: Enable new test.
platform/win/TestExpectations: Skip new test.

platform/mac/accessibility/element-line-rects-and-text-expected.txt:

Before this patch, [WebAccessibilityObjectWrapperBase AXAttributeStringSetStyle] called the iOS
version of AXAttributeStringSetFont. This patch fixes this. The expectation for this test is updated as a result.

5:44 PM Changeset in webkit [290857] by Russell Epstein

18 edits
2 deletes in branches/safari-613-branch/Source/bmalloc

Apply patch. rdar://problem/89071706

5:06 PM Changeset in webkit [290856] by Patrick Angle

16 edits in trunk/Source

REGRESSION (r284472): [ Monterey ] http/tests/websocket/tests/hybi/inspector/send-and-recieve-debugger.html is failing
https://bugs.webkit.org/show_bug.cgi?id=237280

Reviewed by Devin Rousso.

Source/WebCore:

Covered by existing http/tests/websocket/tests/hybi/inspector/* test cases.

On macOS Monterey we use NSURLSession-based WebSockets by default, unlike earlier versions of macOS. The channel
for these sockets is implemented in WebKit::WebSocketChannel. The non-NSURLSession WebSockets channel (at
least on Cocoa platforms) is implemented in WebCore::WebSocketChannel.

As of r284472 the logic to delay the dispatch of received WebSocket message on platforms using
NSURLSession-based WebSockets is handled by WebCore::WebSocket, not the WebKit::WebSocketChannel.
WebKit::WebSocketChannel now immediately does the work it needs to, and only the delegated work to WebSocket
is queued and taken care of when the socket has resumed. This resulted in some of the instrumentation in
WebKit::WebSocketChannel being able to be called while the socket was suspended leading to events being logged
in the frontend "in the future" (e.g. before the paused script would have been able to be aware of them). To
correct this the WebKit::WebSocketChannel now provides a hook into its helper WebSocketChannelInspector
object to allow the WebCore::WebSocket to notify Web Inspector of events at the same time it is being
logically handled by the page.

Other ThreadableWebSocketChannel implementations will instead provide nullptr in place of a pointer to a
WebInspectorChannelInspector. WebCore::WebSocketChannel was not affected by the changes in r284472 as it has
a different way to guarantee that the methods containing InspectorInstrumentation were not called while the
channel was suspended (and enforced with numerous ASSERT(!m_suspended) checks).

Modules/websockets/ThreadableWebSocketChannel.h:

(WebCore::ThreadableWebSocketChannel::channelInspector const):

Modules/websockets/WebSocketChannelClient.h:
Add reason for error messages so they can be sent to Web Inspector.

Modules/websockets/WebSocket.cpp:

(WebCore::WebSocket::didReceiveMessage):
(WebCore::WebSocket::didReceiveBinaryData):
(WebCore::WebSocket::didReceiveMessageError):
(WebCore::WebSocket::didClose):

Modules/websockets/WebSocket.h:
Move inspector instrumentation calls from WebKit::WebSocketChannel to here so that they are not called until

the socket is resumed.

We also now wrap these instrumentation calls in an unlikely check for frontends to avoid allocating the

simulated call frames when Web Inspector isn't even open.

Modules/websockets/WebSocketChannelInspector.cpp:

(WebCore::WebSocketChannelInspector::WebSocketChannelInspector):
(WebCore::WebSocketChannelInspector::didCreateWebSocket const):
(WebCore::WebSocketChannelInspector::willSendWebSocketHandshakeRequest const):
(WebCore::WebSocketChannelInspector::didReceiveWebSocketHandshakeResponse const):
(WebCore::WebSocketChannelInspector::didCloseWebSocket const):
(WebCore::WebSocketChannelInspector::didReceiveWebSocketFrame const):
(WebCore::WebSocketChannelInspector::didSendWebSocketFrame const):
(WebCore::WebSocketChannelInspector::didReceiveWebSocketFrameError const):
(WebCore::WebSocketChannelInspector::createFrame):
(WebCore::WebSocketChannelInspector::didCreateWebSocket): Deleted.
(WebCore::WebSocketChannelInspector::willSendWebSocketHandshakeRequest): Deleted.
(WebCore::WebSocketChannelInspector::didReceiveWebSocketHandshakeResponse): Deleted.
(WebCore::WebSocketChannelInspector::didCloseWebSocket): Deleted.
(WebCore::WebSocketChannelInspector::didReceiveWebSocketFrame): Deleted.
(WebCore::WebSocketChannelInspector::didSendWebSocketFrame): Deleted.
(WebCore::WebSocketChannelInspector::didReceiveWebSocketFrameError): Deleted.

Modules/websockets/WebSocketChannelInspector.h:
Update to keep a WeakRef to the Document to reduce the amount of plumbing necessary to call these methods

from WebSocket.

Move static utility method createFrame here from WebKit::WebSocketChannel since it is only used for

inspector instrumentation.

Modules/websockets/WorkerThreadableWebSocketChannel.cpp:

(WebCore::WorkerThreadableWebSocketChannel::Peer::didReceiveMessageError):
(WebCore::WorkerThreadableWebSocketChannel::Bridge::connect):

Modules/websockets/WorkerThreadableWebSocketChannel.h:
Modules/websockets/ThreadableWebSocketChannelClientWrapper.cpp:

(WebCore::ThreadableWebSocketChannelClientWrapper::didReceiveMessageError):

Modules/websockets/ThreadableWebSocketChannelClientWrapper.h:
Modules/websockets/WebSocketChannel.cpp:

(WebCore::WebSocketChannel::fail):
(WebCore::WebSocketChannel::didFailSocketStream):

Modules/websockets/WebSocketChannel.h:
Update these classes to pass along a reason, if available, for errors.

Source/WebKit:

Move inspector instrumentation for things that should be delayed until the websocket has resumed (in general,
these are instrumentation points for receiving messages) into WebCore::WebSocket so that they are sent at the
expected time in the frontend, not "in the future" when script execution is suspended (e.g. while debugging).

WebProcess/Network/WebSocketChannel.cpp:

(WebKit::WebSocketChannel::notifySendFrame):
(WebKit::WebSocketChannel::connect):
(WebKit::WebSocketChannel::close):
(WebKit::WebSocketChannel::fail):
(WebKit::WebSocketChannel::disconnect):
(WebKit::WebSocketChannel::didReceiveText):
(WebKit::WebSocketChannel::didReceiveBinaryData):
(WebKit::WebSocketChannel::didClose):
(WebKit::WebSocketChannel::didReceiveMessageError):
(WebKit::WebSocketChannel::didSendHandshakeRequest):
(WebKit::WebSocketChannel::didReceiveHandshakeResponse):
(WebKit::createWebSocketFrameForWebInspector): Deleted.

WebProcess/Network/WebSocketChannel.h:

5:01 PM Changeset in webkit [290855] by Patrick Angle

2 edits in trunk/Source/WebKit

Web Inspector: [Cocoa] Continually opening and closing Web Inspector sometimes crashes
https://bugs.webkit.org/show_bug.cgi?id=237484

Reviewed by Darin Adler.

We need to handle operations on the main queue because webView:stopURLSchemeTask: will be called from the main
queue, and we must not be in middle the operation when we get the request to stop said operation, otherwise we
may attempt to call [urlSchemeTask did*], which is not permitted after we have been asked to stop that task.
If we add the operation for the WKURLSchemeTask to a different queue it is possible we will have already
started the operation on a background queue while at the same time are receiving a request to stop that same
WKURLSchemeTask.

UIProcess/Inspector/mac/WKInspectorResourceURLSchemeHandler.mm:

(-[WKInspectorResourceURLSchemeHandler webView:startURLSchemeTask:]):
(-[WKInspectorResourceURLSchemeHandler webView:stopURLSchemeTask:]):

4:48 PM Changeset in webkit [290854] by Chris Dumez

5 edits in trunk/Source/WebCore

Modernize OriginLock
https://bugs.webkit.org/show_bug.cgi?id=237485

Reviewed by Darin Adler.

OriginLock subclasses ThreadSafeRefCounted. As a result, it should have a create()
factory function instead of an error-prone public constructor. Its functions should
also take String parameters by const reference instead of by value.

Modules/webdatabase/DatabaseTracker.cpp:

(WebCore::DatabaseTracker::originLockFor):

Modules/webdatabase/DatabaseTracker.h:
Modules/webdatabase/OriginLock.cpp:

(WebCore::lockFileNameForPath):
(WebCore::OriginLock::OriginLock):
(WebCore::OriginLock::deleteLockFile):
(WebCore::OriginLock::lockFileNameForPath): Deleted.

Modules/webdatabase/OriginLock.h:

(WebCore::OriginLock::create):

3:45 PM Changeset in webkit [290853] by Kate Cheney

6 edits
2 adds in trunk

about:blank iframes do not always inherit parent CSP
https://bugs.webkit.org/show_bug.cgi?id=236347
<rdar://problem/88669147>

Reviewed by Brent Fulgham.

Source/WebCore:

Test: http/tests/security/contentSecurityPolicy/block-eval-onload-in-nested-about-blank-iframe.html

Usually we initialize CSP for window when we create a jsWindowProxy
for that frame. In this case, we load an about:blank iframe that
attempts to run eval() in the onload function of its own nested
iframe. Since we never run script in frame, we don't initialize a
jsWindowProxy and thus never propogate its CSP.

This fix checks the document's CSP in FrameLoader::clear when we
initialize a new JSGlobalObject and sets the eval value in the window
accordingly to properly enforce CSP.

bindings/js/ScriptController.cpp:

(WebCore::ScriptController::enableEval):

bindings/js/ScriptController.h:
loader/FrameLoader.cpp:

(WebCore::FrameLoader::clear):

page/csp/ContentSecurityPolicy.h:

(WebCore::ContentSecurityPolicy::evalErrorMessage const):

LayoutTests:

http/tests/security/contentSecurityPolicy/block-eval-onload-in-nested-about-blank-iframe-expected.txt: Added.
http/tests/security/contentSecurityPolicy/block-eval-onload-in-nested-about-blank-iframe.html: Added

We can't use modern js-test.js and related functions because
js-test.js uses eval() and loading it makes the test time out when the
eval is blocked by the document's CSP. We can't specify unsafe-eval
because the whole point of this test is to block eval.

3:31 PM Changeset in webkit [290852] by Robert Jenner

2 edits in trunk/LayoutTests

Update WPT css-scroll-snap tests
https://bugs.webkit.org/show_bug.cgi?id=237358

Unreviewed test gardening.

platform/ios-wk2/TestExpectations:

3:30 PM Changeset in webkit [290851] by Russell Epstein

9 edits in branches/safari-613-branch/Source

Versioning.

WebKit-7613.2.2

3:08 PM Changeset in webkit [290850] by mmaxfield@apple.com

11 edits in trunk

[iOS] Books ASSERTs upon opening a book with a debug build of WebKit
https://bugs.webkit.org/show_bug.cgi?id=237445
<rdar://problem/89776531>

Reviewed by Alex Christensen.

Source/WebCore:

platform/sql/SQLiteDatabase.cpp:

(WebCore::SQLiteDatabase::open):

Source/WebKit:

NetworkProcess/cache/NetworkCacheBlobStorage.cpp:

(WebKit::NetworkCache::BlobStorage::add):

UIProcess/API/APIContentRuleListStore.cpp:

(API::openAndMapContentRuleList):
(API::compiledToFile):

Source/WTF:

makeSafeToUseMemoryMapForPath() runs an ASSERT() that it was successful.
However, it's not always successful, so this ASSERT() was getting hit when
trying to open a book in Books. So, this patch makes the function return a
bool to indicate success, and updates callers to do something sensible if
it failed.

Test: FileSystemTest.makeSafeToUseMemoryMapForPath

wtf/FileSystem.cpp:

(WTF::FileSystemImpl::makeSafeToUseMemoryMapForPath):
(WTF::FileSystemImpl::mapToFile):

wtf/FileSystem.h:
wtf/cocoa/FileSystemCocoa.mm:

(WTF::FileSystemImpl::makeSafeToUseMemoryMapForPath):

Tools:

TestWebKitAPI/Tests/WTF/FileSystem.cpp:

(TestWebKitAPI::TEST_F):

2:57 PM Changeset in webkit [290849] by Chris Dumez

21 edits
2 adds in trunk

Home link on weather.gov is not working
https://bugs.webkit.org/show_bug.cgi?id=237451
<rdar://60409277>

Reviewed by Geoff Garen.

LayoutTests/imported/w3c:

web-platform-tests/html/browsers/browsing-the-web/overlapping-navigations-and-traversals/tentative/anchor-fragment-history-back-on-click-expected.txt: Added.
web-platform-tests/html/browsers/browsing-the-web/overlapping-navigations-and-traversals/tentative/anchor-fragment-history-back-on-click.html: Added.

Add layout test coverage (already upstreamed to WPT).

web-platform-tests/html/browsers/browsing-the-web/overlapping-navigations-and-traversals/tentative/cross-document-traversal-same-document-nav-expected.txt:
web-platform-tests/html/browsers/browsing-the-web/overlapping-navigations-and-traversals/tentative/same-document-traversal-same-document-nav-expected.txt:

Rebaseline a couple of WPT tests that are now failing. I have verified that these tests are fully failing (and in the same way) in Blink.
In Gecko, only the second subtest in each of these tests is failing.

Source/WebCore:

According to the HTML specification [1], when history.back() is called, we are supposed to
resolve the history entry based on the delta (-1), then we're supposed to queue a task to
traverse the history to that particular entry.

However, WebKit was merely scheduling a task to navigate the history with a delta of -1.
We only resolve the target history entry once the scheduled task runs asynchronously.
As a result, we could end up navigating to a different history entry than we'd expect if
the history list changes between the call to history.back() and the actual execution of
the task to traverse the history list. In particular, fragment navigations can cause
synchronous navigations and thus add new history entries.

On weather.gov, the "HOME" anchor looks like so:
<a href="#" onclick="history.back();">HOME</a>

Per the DOM specification, when clicking the anchor, we'd first call history.back() and
then run the anchor activation behavior that would do a fragment navigation to "#".
The history.back() call would schedule to task to navigate back, then we'd navigate to
"#" synchronously, which would add a new history entry. Once the task to navigate back
would run asynchronously, we would navigate back to the same page (but without the fragment)
instead of going back to the home page.

[1] https://html.spec.whatwg.org/multipage/history.html#traverse-the-history-by-a-delta

Test: imported/w3c/web-platform-tests/html/browsers/browsing-the-web/overlapping-navigations-and-traversals/tentative/anchor-fragment-history-back-on-click.html

history/BackForwardClient.h:
history/BackForwardController.cpp:

(WebCore::BackForwardController::containsItem const):

history/BackForwardController.h:
loader/EmptyClients.cpp:
loader/NavigationScheduler.cpp:

(WebCore::ScheduledHistoryNavigation::ScheduledHistoryNavigation):
(WebCore::NavigationScheduler::scheduleHistoryNavigation):

Source/WebKit:

WebProcess/WebPage/WebBackForwardListProxy.cpp:

(WebKit::WebBackForwardListProxy::removeItem):
(WebKit::WebBackForwardListProxy::containsItem const):

WebProcess/WebPage/WebBackForwardListProxy.h:

Source/WebKitLegacy/mac:

History/BackForwardList.h:
History/BackForwardList.mm:

(BackForwardList::containsItem const):
(BackForwardList::containsItem): Deleted.

Source/WebKitLegacy/win:

BackForwardList.cpp:

(BackForwardList::containsItem):

BackForwardList.h:
WebBackForwardList.cpp:

(WebBackForwardList::containsItem):

LayoutTests:

Skip WPT tests that is timing out. I have verified that this WPT test is timing out in Blink as well.

TestExpectations:

2:43 PM Changeset in webkit [290848] by Simon Fraser

3 edits in trunk/Source/WebCore

Use an OptionSet<> for GraphicsContextCGFlags
https://bugs.webkit.org/show_bug.cgi?id=237482

Reviewed by Wenson Hsieh.

Mechanical change to use an OptionSet<> for GraphicsContextCG::m_contextFlags.

platform/graphics/cg/GraphicsContextCG.cpp:

(WebCore::GraphicsContextCG::setIsCALayerContext):
(WebCore::GraphicsContextCG::isCALayerContext const):
(WebCore::GraphicsContextCG::setIsAcceleratedContext):
(WebCore::GraphicsContextCG::renderingMode const):

platform/graphics/cg/GraphicsContextPlatformPrivateCG.h:

(WebCore::GraphicsContextPlatformPrivate::GraphicsContextPlatformPrivate):
(): Deleted.

2:12 PM Changeset in webkit [290847] by Simon Fraser

2 edits in trunk/Source/WebKit

Crash under ScrollingCoordinatorMac::hasNodeWithAnimatedScrollChanged()
https://bugs.webkit.org/show_bug.cgi?id=237478
<rdar://89072235>

Reviewed by Alan Bujtas.

Crash data show that r290109 failed to fix this crash; the actual cause of the crash is a
null m_page on TiledCoreAnimationScrollingCoordinator, diagnosed by noting that the crash
offset corresponds to the offset of m_renderingUpdateRemainingSteps in Page.

WebProcess/WebPage/mac/TiledCoreAnimationScrollingCoordinator.mm:

(WebKit::TiledCoreAnimationScrollingCoordinator::hasNodeWithAnimatedScrollChanged):

2:10 PM Changeset in webkit [290846] by Chris Dumez

4 edits in trunk

URL's isolatedCopy() optimization when called on a r-value reference doesn't work
https://bugs.webkit.org/show_bug.cgi?id=237481

Reviewed by Geoffrey Garen.

Source/WTF:

URL has an isolatedCopy() implementation that attempts to optimize the case where
it is called on a r-value reference. The idea is to rely on the String's
isolatedCopy() implementation which is optimized when called on a r-value reference.

Note that there are some specific conditions under which the String implementation
is able to avoid the copy (see String::isSafeToSendToAnotherThread()).
Namely, the StringImpl's refcount needs to be 1 and it cannot be backed by an
AtomStringImpl.

The issue was that URL::isolatedCopy() would first copy the URL, which would copy
its m_string and thus bump its refcount. As a result, m_string's refcount could
never be 1 and the optimization could never kick in.

wtf/URL.cpp:

(WTF::URL::isolatedCopy):

Tools:

Add API test coverage.

TestWebKitAPI/Tests/WTF/URL.cpp:

(TestWebKitAPI::TEST_F):

2:08 PM Changeset in webkit [290845] by commit-queue@webkit.org

6 edits
3 adds in trunk/Source/WebCore

Support constants in IDL namespaces.
https://bugs.webkit.org/show_bug.cgi?id=232557
<radr://problem/85142162>

Patch by Dan Glastonbury <djg@apple.com> on 2022-03-04
Reviewed by Sam Weinig.

Test: bindings/script/test/TestNamespaceConst.idl

bindings/scripts/CodeGeneratorJS.pm:

(GenerateConstructorHelperMethods):
If namespace contains only constants, globalObject is unused
produces a compile error. Add UNUSED_PARAM to quiet error.

bindings/scripts/IDLAttributes.json:
bindings/scripts/IDLParser.pm:

(convertNamespaceToInterface): Copy namespace constants to new interface.
(applyTypedefs): Apply typedefs to namespace constants.
(parseNamespace): Added parsed constants to namespace's list of constants.
(parseNamespaceMember): Accept constants as namespace members.

bindings/scripts/test/BindingTestGlobalConstructors.idl:
bindings/scripts/test/JS/*: Updated.
bindings/scripts/test/SupplementalDependencies.dep:
bindings/scripts/test/TestNamespaceConst.idl: Added.

1:58 PM Changeset in webkit [290844] by Russell Epstein

1 copy in tags/Safari-614.1.5.7

Tag Safari-614.1.5.7.

1:44 PM Changeset in webkit [290843] by Russell Epstein

9 edits in branches/safari-614.1.5-branch/Source

Versioning.

WebKit-7614.1.5.7

1:00 PM Changeset in webkit [290842] by Russell Epstein

1 copy in tags/Safari-613.2.1

Tag Safari-613.2.1.

12:35 PM Changeset in webkit [290841] by Chris Dumez

8 edits
2 adds in trunk

Load event never firing after form is submitted
https://bugs.webkit.org/show_bug.cgi?id=235407
<rdar://problem/87831049>

Reviewed by Geoffrey Garen.

LayoutTests/imported/w3c:

Rebaseline WPT tests that are no longer timing out.

web-platform-tests/html/semantics/forms/form-submission-target/rel-base-target-expected.txt:
web-platform-tests/html/semantics/forms/form-submission-target/rel-button-target-expected.txt:
web-platform-tests/html/semantics/forms/form-submission-target/rel-form-target-expected.txt:
web-platform-tests/html/semantics/forms/form-submission-target/rel-input-target-expected.txt:

Source/WebCore:

In Document::implicitClose(), we early return (and thus don't fire the load
event) if there is a location change pending. To determine if there is a
location change pending, we rely on NavigationScheduler::locationChangePending()
which checks if there is a schedule navigation or not. This usually works fine.

However, when a form gets submitted with a target that is "_blank",
FrameLoader::submitForm() is not able to find the target frame (since we'll need
to create one) and it ends up using the current frame's scheduler. The idea is
that once the navigation actually triggers, FrameLoader::loadFrameRequest() will
check the target and create the new Frame.

The issue is that as a result of this, NavigationScheduler::locationChangePending()
returns true for the submitter's frame while such form submission is scheduled,
even though the navigation will actually happen in another (new) frame. To address
the issue, I updated NavigationScheduler::locationChangePending() to check that
the pending navigation is actually for the current frame.

Test: http/tests/loading/form-submission-no-load-event.html

loader/NavigationScheduler.cpp:

(WebCore::ScheduledNavigation::targetIsCurrentFrame const):
(WebCore::NavigationScheduler::locationChangePending):
(WebCore::ScheduledFormSubmission::ScheduledFormSubmission): Deleted.

LayoutTests:

Add layout test coverage (Based on reduction from Sam Sneddon).

http/tests/loading/form-submission-no-load-event-expected.txt: Added.
http/tests/loading/form-submission-no-load-event.html: Added.

12:33 PM Changeset in webkit [290840] by J Pascoe

2 edits in trunk/Source/WebKit

[WebAuthn] Don't use decidePolicyForLocalAuthenticator for Web Authentication Modern
https://bugs.webkit.org/show_bug.cgi?id=225646
rdar://78147681

Reviewed by Brent Fulgham.

decidePolicyForLocalAuthenticator is not implemented for the _WKWebAuthenticationPanelDelegate
used for modern because the prompt to allow Touch/FaceID comes earlier in the process.

UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm:

(WebKit::LocalAuthenticator::makeCredential):

11:40 AM Changeset in webkit [290839] by Said Abou-Hallawa

5 edits in trunk

[GPU Process] Canvas compositing buffer should be created through its GraphicsContext
https://bugs.webkit.org/show_bug.cgi?id=237260
rdar://89196918

Reviewed by Simon Fraser.

Source/WebCore:

If the backend of the underlying ImageBuffer of the canvas is remote the
compositing ImageBuffer will also be remote. This will transfer the whole
compositing operation to GPUProcess.

The layout test fast/canvas/canvas-composite-canvas.html crashes because
of this bug on the GPUP layout bots.

html/canvas/CanvasRenderingContext2DBase.cpp:

(WebCore::CanvasRenderingContext2DBase::fullCanvasCompositedDrawImage):
(WebCore::CanvasRenderingContext2DBase::createCompositingBuffer): Deleted.

html/canvas/CanvasRenderingContext2DBase.h:

LayoutTests:

gpu-process/TestExpectations:

11:15 AM Changeset in webkit [290838] by commit-queue@webkit.org

6 edits in trunk/Source/WebCore

"OffscreenCanvas" in IDLs doesn't seem to be able to be compiled
https://bugs.webkit.org/show_bug.cgi?id=232733
<rdar://problem/85318653>

Patch by Dan Glastonbury <djg@apple.com> on 2022-03-04
Reviewed by Sam Weinig.

OffscreenCanvas is controlled by ENABLE flags. Add conditional
compilation to handle OffscreenCanvas to the WebGPU IDL bindings
when the OffscreenCanvas feature is enabled.

Modules/WebGPU/GPUCanvasContext.cpp:

(WebCore::GPUCanvasContext::canvas):

Modules/WebGPU/GPUCanvasContext.h:
Modules/WebGPU/GPUCanvasContext.idl:

Add OffscreenCanvas to canvas attribute when it is enabled.

Modules/WebGPU/GPUImageCopyExternalImage.h:
Modules/WebGPU/GPUImageCopyExternalImage.idl:

Add OffscreenCanvas to source attribute when it is enabled.

10:46 AM Changeset in webkit [290837] by eric.carlson@apple.com

5 edits in trunk/Source/WebCore

[Cocoa] Crash in MediaPlayerPrivateAVFoundationObjC::createAVAssetForURL
https://bugs.webkit.org/show_bug.cgi?id=237456
rdar://80407863

Reviewed by Jer Noble.

platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp:

(WebCore::MediaPlayerPrivateAVFoundation::enableInheritURIQueryComponent const): Create
and use a static, never destroyed, AtomString instead of creating one every time
a AVURLAsset is created. New method used by both AVF media players.

platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.h:

platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp:

(WebCore::MediaPlayerPrivateAVFoundationCF::createAVAssetForURL): Call enableInheritURIQueryComponent.

platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:

(WebCore::MediaPlayerPrivateAVFoundationObjC::createAVAssetForURL): Ditto.

10:03 AM Changeset in webkit [290836] by sihui_liu@apple.com

5 edits in trunk/Source/WebCore

IDB serialization thread should pass isolated copy of IndexIDToIndexKeyMap to storage thread
https://bugs.webkit.org/show_bug.cgi?id=237455

Reviewed by Chris Dumez.

Modules/indexeddb/server/MemoryObjectStore.cpp:

(WebCore::IDBServer::MemoryObjectStore::addRecord):

Modules/indexeddb/server/UniqueIDBDatabase.cpp:

(WebCore::IDBServer::UniqueIDBDatabase::putOrAdd):

bindings/js/IDBBindingUtilities.cpp:

(WebCore::generateIndexKeyMapForValueIsolatedCopy):
(WebCore::generateIndexKeyMapForValue): Deleted.

bindings/js/IDBBindingUtilities.h:

9:44 AM Changeset in webkit [290835] by pvollan@apple.com

3 edits in trunk/Source/WebKit

[iOS] Hard link AVPictureInPictureController
https://bugs.webkit.org/show_bug.cgi?id=237227

Reviewed by Brent Fulgham.

Hard linking instead of soft linking should be a small performance improvement.

Configurations/WebKit.xcconfig:
UIProcess/Cocoa/WebProcessPoolCocoa.mm:

(WebKit::WebProcessPool::platformInitializeWebProcess):

9:16 AM Changeset in webkit [290834] by Aditya Keerthi

5 edits in trunk

[iOS] Unable to scroll to a found text range when there is an existing selection
https://bugs.webkit.org/show_bug.cgi?id=237407
rdar://89653213

Reviewed by Wenson Hsieh.

Source/WebCore:

Scrolling to a found text range is performed by creating a
TemporarySelectionChange and using the RevealSelectionBounds
TemporarySelectionOption. When a TemporarySelectionChange is
destroyed, the original selection is restored.

Currently, the selection is restored using the same set of selection
options used to make the temporary selection. Consequently, whenever a
"reveal" option is specified, WebKit scrolls to reveal the temporary
selection, and then scrolls again to reveal the original selection.
This behavior means that an attempt to scroll to a found text range
will fail if the document has an existing selection.

To fix, do not add any of the "reveal" options to the set of selection
options when restoring the original selection during a
TemporarySelectionChange. The only other features that use
TemporarySelectionChange with "reveal" options are App Highlights
and Scroll To Text Fragment. Neither of these features require WebKit
to scroll to the original selection.

editing/Editor.cpp:

(WebCore::TemporarySelectionChange::TemporarySelectionChange):
(WebCore::TemporarySelectionChange::~TemporarySelectionChange):
(WebCore::TemporarySelectionChange::setSelection):

editing/Editor.h:

Tools:

Add an API test that sets a selection in the document, finds some
text outside the viewport, and scrolls to make the found text
visible.

TestWebKitAPI/Tests/WebKitCocoa/FindInPage.mm:

(-[TestScrollViewDelegate init]):
(-[TestScrollViewDelegate scrollViewDidEndScrollingAnimation:]):
(TEST):

8:51 AM Changeset in webkit [290833] by Tyler Wilcock

3 edits in trunk/Source/WebCore

AX ITM: Updating m_pendingLoadingProgress can cause deadlock on AXIsolatedTree::m_changeLogLock
https://bugs.webkit.org/show_bug.cgi?id=237402

Reviewed by Chris Fleizach.

AXIsolatedTree::m_pendingLoadingProgress is currently guarded by
AXIsolatedTree::m_changeLogLock. Because loading can happen at any time,
deadlocks can happen in this sequence:

AXIsolatedTree::updateLoadingProgress is called on the main thread while the secondary thread holds the lock
The secondary thread is holding the lock to service an AX request, and said AX request does something to call into the main thread (e.g. AXLOGs an isolated object, which causes a dispatch to the main thread as part of AXIsolatedObject::outerHTML).
Deadlock

This patch fixes this by making m_loadingProgress threadsafe
via std::atomic<double> and removing m_pendingLoadingProgress.

This patch also removes an unnecessary acquisition of m_changeLogLock
in AXIsolatedTree::focusedNode(). This function is only called on the
secondary-thread, and only accesses secondary-thread safe functions
and member variables (nodeForID, m_focusedNodeID), so we don't need the lock.

accessibility/isolatedtree/AXIsolatedTree.cpp:

(WebCore::AXIsolatedTree::focusedNode):
Removed unnecessary m_changeLogLock acquisition.
(WebCore::AXIsolatedTree::updateLoadingProgress):
Update m_loadingProgress directly instead of the now deleted intermediary
m_pendingLoadingProgress.
(WebCore::AXIsolatedTree::applyPendingChanges):

accessibility/isolatedtree/AXIsolatedTree.h:

Remove m_pendingLoadingProgress.

7:49 AM Changeset in webkit [290832] by commit-queue@webkit.org

2 edits in trunk/Source/WebCore

Top layers should not be moved
https://bugs.webkit.org/show_bug.cgi?id=237305

Patch by Rob Buis <rbuis@igalia.com> on 2022-03-04
Reviewed by Tim Nguyen.

Top layers are always children of RenderView and should not be moved.

rendering/RenderElement.cpp:

(WebCore::RenderElement::moveLayers):

7:42 AM Changeset in webkit [290831] by graouts@webkit.org

4 edits in trunk

[web-animations] "inherit" values should trigger keyframe recomputation if any previous effect has changed that property
https://bugs.webkit.org/show_bug.cgi?id=237471

Reviewed by Antti Koivisto.

LayoutTests/imported/w3c:

web-platform-tests/web-animations/responsive/textIndent-expected.txt:

Source/WebCore:

When we fixed 237371 we only looked at the unanimated style, but we should account for any previous keyframe effect
modifying a property set to "inherit" for the current effect.

animation/KeyframeEffectStack.cpp:

(WebCore::KeyframeEffectStack::applyKeyframeEffects):

7:11 AM Changeset in webkit [290830] by Kate Cheney

4 edits
2 adds in trunk

CSP report does not get sent to the document in the case of a detached element
https://bugs.webkit.org/show_bug.cgi?id=237440
<rdar://problem/89081463>

Reviewed by Chris Dumez.

Source/WebCore:

Test: http/tests/security/contentSecurityPolicy/report-violation-to-document-after-element-has-been-detached.html

Only send a violation report to the element if it is connected. Check
right before dispatching in case the element gets detached after the
security policy violation has been created. If the element is not
connected in this case, we send the report to the document.

dom/Element.cpp:

(WebCore::Element::enqueueSecurityPolicyViolationEvent):

page/csp/ContentSecurityPolicy.cpp:

(WebCore::ContentSecurityPolicy::reportViolation const):
Also sets the composed value on the violation event as per the spec.

LayoutTests:

http/tests/security/contentSecurityPolicy/report-violation-to-document-after-element-has-been-detached-expected.txt: Added.
http/tests/security/contentSecurityPolicy/report-violation-to-document-after-element-has-been-detached.html: Added.

5:22 AM Changeset in webkit [290829] by youenn@apple.com

3 edits in trunk/Source/WebKit

LibWebRTCCodecs::setEncodeRates should send LibWebRTCCodecsProxy::SetEncodeRates only when the encoder is live
https://bugs.webkit.org/show_bug.cgi?id=237421

Reviewed by Darin Adler.

We were previously not asserting in LibWebRTCCodecsProxy::setEncodeRates and we were missing some encode rate orders.
This is due to the fact that when creating an encoder, we are hopping to main thread, then to work queue to send the message to create an encoder.
In LibWebRTCCodecs::setEncodeRates, we were hopping to main thread if needed.
If the encoder connection is null, we are now hopping to main thread, then to work queue as done when creating an encoder.
Since there is a time where LibWebRTCCodecsProxy::setEncodeRates might have sent encode rates, we bail out early to not set based on old bitrates.

Covered by existing tests not crashing in LibWebRTCCodecsProxy::setEncodeRates.

WebProcess/GPU/webrtc/LibWebRTCCodecs.cpp:

(WebKit::LibWebRTCCodecs::setEncodeRates):

WebProcess/GPU/webrtc/LibWebRTCCodecs.h:

5:16 AM Changeset in webkit [290828] by Angelos Oikonomopoulos

2 edits in trunk/Source/JavaScriptCore

[JSC] Improve reuse of known register values on ARMv7
https://bugs.webkit.org/show_bug.cgi?id=237424

Reviewed by Žan Doberšek.

Reduce the generated code size by introducing and pervasively using
setupArmAddress(AbsoluteAddress address, ...). This effectively
replaces sequences of e.g.

movw r6, cst1
movt r6, cst2
strd r0, r1, [r6]

with

strd r0, r1, [r6, offset]

when a close enough address is already available in r6.

While here, change short_move to only emit an add/sub if this results in an
actual reduction in code size. When the add/sub would be neutral,
prefer loading an immediate as that doesn't introduce a data dependency
between the instructions.

This results in a measurable but small (< 1%) reduction in the
generated code size on JS2.

Hat tip to Geza Lore for the suggestions.

assembler/MacroAssemblerARMv7.h:

(JSC::MacroAssemblerARMv7::add32):
(JSC::MacroAssemblerARMv7::add64):
(JSC::MacroAssemblerARMv7::or8):
(JSC::MacroAssemblerARMv7::or16):
(JSC::MacroAssemblerARMv7::or32):
(JSC::MacroAssemblerARMv7::sub32):
(JSC::MacroAssemblerARMv7::load32):
(JSC::MacroAssemblerARMv7::load8):
(JSC::MacroAssemblerARMv7::load16):
(JSC::MacroAssemblerARMv7::store32):
(JSC::MacroAssemblerARMv7::store8):
(JSC::MacroAssemblerARMv7::store16):
(JSC::MacroAssemblerARMv7::storePair32):
(JSC::MacroAssemblerARMv7::short_move):
(JSC::MacroAssemblerARMv7::add32Impl):
(JSC::MacroAssemblerARMv7::branch8):
(JSC::MacroAssemblerARMv7::branchTest32):
(JSC::MacroAssemblerARMv7::branchTest8):
(JSC::MacroAssemblerARMv7::branchTest16):
(JSC::MacroAssemblerARMv7::farJump):
(JSC::MacroAssemblerARMv7::absoluteAddressWithinShortOffset):
(JSC::MacroAssemblerARMv7::setupArmAddress):

4:01 AM Changeset in webkit [290827] by commit-queue@webkit.org

2 edits in trunk/Source/WebCore

Iteration to search for least active WebGLRenderingContextBase could use min_element
https://bugs.webkit.org/show_bug.cgi?id=237464

Patch by Kimmo Kinnunen <kkinnunen@apple.com> on 2022-03-04
Reviewed by Antti Koivisto.

Apply review comments after landing bug 222411 r290816.

html/canvas/WebGLRenderingContextBase.cpp:

(WebCore::addActiveContext):

3:55 AM Changeset in webkit [290826] by commit-queue@webkit.org

2 edits in trunk/Tools

[Flatpak SDK] Upgrade from llvm12 to llvm13
https://bugs.webkit.org/show_bug.cgi?id=237430

Patch by Philippe Normand <pnormand@igalia.com> on 2022-03-04
Reviewed by Adrian Perez de Castro.

flatpak/flatpakutils.py:

(WebkitFlatpak.run_in_sandbox):
(WebkitFlatpak._get_dependency_packages):

3:37 AM Changeset in webkit [290825] by Adrian Perez de Castro

2 edits in trunk/Source/WebKit

[GTK][WPE] Documentation for webkit_web_context_set_spell_checking_languages() is incomplete
https://bugs.webkit.org/show_bug.cgi?id=237465

Reviewed by Carlos Garcia Campos.

UIProcess/API/glib/WebKitWebContext.cpp: Improve documentation.

1:15 AM Changeset in webkit [290824] by youenn@apple.com

16 edits in trunk/Source/WebKit

Introduce routines to exchange SharedVideoFrame::Buffer directly
https://bugs.webkit.org/show_bug.cgi?id=237267

Reviewed by Eric Carlson.

Define explictly SharedVideoFrame::Buffer as Variant of the various buffer representations.
This allows to move more code in SharedVideoFrame for instance by adding direct support of sending webrtc::VideoFrame buffers in SharedVideoFrame.
Reuse that code in LibWebRTCCodecs as a refactoring/simplification.
Reuse that code in RemoteVideoFrameObjectHeap which allows to exchange IOSurfaces in case WebProcess can use them.
This is used when encoding such frames using software encoders.

Covered by existing tests.

GPUProcess/media/RemoteVideoFrameObjectHeap.cpp:
GPUProcess/media/RemoteVideoFrameObjectHeap.h:
GPUProcess/media/RemoteVideoFrameObjectHeap.messages.in:
GPUProcess/webrtc/LibWebRTCCodecsProxy.h:
GPUProcess/webrtc/LibWebRTCCodecsProxy.messages.in:
GPUProcess/webrtc/LibWebRTCCodecsProxy.mm:
WebKit.xcodeproj/project.pbxproj:
WebProcess/GPU/media/RemoteVideoFrameProxy.cpp:
WebProcess/GPU/webrtc/LibWebRTCCodecs.cpp:
WebProcess/GPU/webrtc/RemoteVideoFrameObjectHeapProxy.h:
WebProcess/GPU/webrtc/RemoteVideoFrameObjectHeapProxyProcessor.cpp:
WebProcess/GPU/webrtc/RemoteVideoFrameObjectHeapProxyProcessor.h:
WebProcess/GPU/webrtc/RemoteVideoFrameObjectHeapProxyProcessor.messages.in:
WebProcess/GPU/webrtc/SharedVideoFrame.cpp:
WebProcess/GPU/webrtc/SharedVideoFrame.h:

12:53 AM Changeset in webkit [290823] by graouts@webkit.org

8 edits in trunk

[web-animations] keyframe values set to "inherit" should recompute their values when the inherited value changes
https://bugs.webkit.org/show_bug.cgi?id=237371

Reviewed by Antti Koivisto.

LayoutTests/imported/w3c:

web-platform-tests/web-animations/responsive/lineHeight-expected.txt:
web-platform-tests/web-animations/responsive/opacity-expected.txt:
web-platform-tests/web-animations/responsive/textIndent-expected.txt:

Source/WebCore:

We now keep track of properties set to "inherit" in keyframes such that we may determine when the
computed value may have changed when resolving animations.

animation/KeyframeEffect.cpp:

(WebCore::KeyframeEffect::processKeyframes):

animation/KeyframeEffect.h:

(WebCore::KeyframeEffect::inheritedProperties const):

animation/KeyframeEffectStack.cpp:

(WebCore::KeyframeEffectStack::applyKeyframeEffects):

12:42 AM Changeset in webkit [290822] by sihui_liu@apple.com

3 edits in trunk/Source/WebCore

SQLiteDatabase::open should return early if journal mode cannot be set
https://bugs.webkit.org/show_bug.cgi?id=237130
<rdar://83130954>

Reviewed by Darin Adler.

Add early return in SQLiteDatabase::open if key operation fails; also make sure error is properly set and
database is closed in the case.

platform/sql/SQLiteDatabase.cpp:

(WebCore::SQLiteDatabase::open):
(WebCore::SQLiteDatabase::useWALJournalMode):
(WebCore::SQLiteDatabase::close):

platform/sql/SQLiteDatabase.h:

12:10 AM Changeset in webkit [290821] by youenn@apple.com

5 edits in trunk

webrtc/canvas-to-peer-connection.html is flakily failing a test assertion
https://bugs.webkit.org/show_bug.cgi?id=237423

Reviewed by Eric Carlson.

Source/WebCore:

Make sure the rotation session size is matching the buffer size.
Covered by updated test.

platform/graphics/cocoa/GraphicsContextGLCocoa.h:
platform/graphics/cocoa/GraphicsContextGLCocoa.mm:

(WebCore::GraphicsContextGLCocoa::paintCompositedResultsToMediaSample):

LayoutTests:

WebRTC pipeline is lossy so frames might disappear.
For that reason, we need to send multiple times the same frame to ensure we can read the expected frame.
To ensure we are not reading a previous test frame, what we do is changing the size of the canvas before doing the test.
This patch reduces the number of iterations to ensure the test is not too long to run.

webrtc/canvas-to-peer-connection.html:

12:07 AM Changeset in webkit [290820] by youenn@apple.com

4 edits in trunk/Source/WebCore

AVVideoCaptureSource should reuse CaptureDevice label
https://bugs.webkit.org/show_bug.cgi?id=237363
<rdar://88301613>

Reviewed by Eric Carlson.

We are getting AV device name through AVCaptureDevice.localizedName, first in UIProcess, then in GPUProcess.
To make sure we always use the ones from UIProcess (which are the ones exposed through mediaDevices.enumerateDevices),
We make sure to use CaptureDevice.label when creating an AVVideoCaptureSource.

Manually tested.

platform/mediastream/mac/AVVideoCaptureSource.h:
platform/mediastream/mac/AVVideoCaptureSource.mm:

(WebCore::AVVideoCaptureSource::create):
(WebCore::AVVideoCaptureSource::AVVideoCaptureSource):

platform/mediastream/mac/RealtimeMediaSourceCenterMac.cpp:

Mar 3, 2022:

11:55 PM Changeset in webkit [290819] by youenn@apple.com

4 edits in trunk/LayoutTests

fast/mediastream/getUserMedia-to-canvas-1.html and fast/mediastream/getUserMedia-to-canvas-2.html are failing on MacOS when remote video frame flag is enabled
https://bugs.webkit.org/show_bug.cgi?id=237042
<rdar://problem/89298601>

Reviewed by Eric Carlson.

Video element videoWidth/videoHeight are updated when track settings are changed,
and not when video frames being received.

This does not guarantee that videoWidth/videoHeight (main thread) are fully in sync
with the actual video frames (background thread) when there is a change of size.

We might be able to tighten this in MediaPlayerPrivateMediaStreamAVFObjC by only resorting on video frames.
In the meantime, we update the test to use requestVideoFrameCallback which provides accurate per frame metadata.

fast/mediastream/getUserMedia-to-canvas-1.html:
fast/mediastream/getUserMedia-to-canvas-2.html:
webrtc/routines.js:

10:58 PM Changeset in webkit [290818] by beidson@apple.com

13 edits in trunk/Source/WebKit

Add a new "Daemon -> Client" message type to webpushd
https://bugs.webkit.org/show_bug.cgi?id=237391

Reviewed by Alex Christensen.

Future work will need more messages like this.
So let's add the mechanism in a small standalone patch that uses it for debug messages.

No behavior change for now.

NetworkProcess/Notifications/Cocoa/WebPushDaemonConnectionCocoa.mm:

(WebKit::WebPushD::handleWebPushDaemonMessage):
(WebKit::WebPushD::Connection::connectionReceivedEvent):
(WebKit::WebPushD::Connection::connectionReceivedEvent const): Deleted.

NetworkProcess/Notifications/WebPushDaemonConnection.cpp:

(WebKit::WebPushD::Connection::debugMessage):

NetworkProcess/Notifications/WebPushDaemonConnection.h:

NetworkProcess/PrivateClickMeasurement/PrivateClickMeasurementConnection.h:
NetworkProcess/PrivateClickMeasurement/cocoa/PrivateClickMeasurementConnectionCocoa.mm:

(WebKit::PCM::Connection::connectionReceivedEvent):
(WebKit::PCM::Connection::connectionReceivedEvent const): Deleted.

Platform/IPC/DaemonConnection.h:

Shared/WebPushDaemonConstants.h:

(WebKit::WebPushD::daemonMessageTypeSendsReply):

webpushd/ICAppBundle.mm:

(WebPushD::broadcastDebugMessage):

webpushd/PushClientConnection.h:
webpushd/PushClientConnection.mm:

(WebPushD::ClientConnection::broadcastDebugMessage):
(WebPushD::ClientConnection::sendDebugMessage):
(WebPushD::ClientConnection::sendDaemonMessage const):

webpushd/WebPushDaemon.h:
webpushd/WebPushDaemon.mm:

(WebPushD::Daemon::broadcastDebugMessage):
(WebPushD::Daemon::broadcastAllConnectionIdentities):
(WebPushD::Daemon::connectionAdded):

10:38 PM Changeset in webkit [290817] by Ross Kirsling

2 edits in trunk/Source/WebKit

REGRESSION(r290815): Fix even more incorrect #if ENABLE(SERVICE_WORKER) usage in NetworkProcess
https://bugs.webkit.org/show_bug.cgi?id=237461

Unreviewed build fix.

NetworkProcess/NetworkProcess.cpp:

The existence of NetworkProcess::{getPendingPushMessages, processPushMessages} depend on ENABLE(SERVICE_WORKER);
it is only when they exist that their implementation depends on ENABLE(BUILT_IN_NOTIFICATIONS).

10:02 PM Changeset in webkit [290816] by commit-queue@webkit.org

14 edits
2 deletes in trunk

WebGL context count is not limited for GPU process
https://bugs.webkit.org/show_bug.cgi?id=222411

Patch by Kimmo Kinnunen <kkinnunen@apple.com> on 2022-03-03
Reviewed by Kenneth Russell.

Source/WebCore:

Move the context limit from the GraphicsContextGL implementation
level to WebGLRenderingContext level. This way the limit
is applied to the GPUP implementation too.

Recycle the context with the earliest activity (draw, readpixels)
instead of the creation order.

Stores the WebGL contexts to per-thread set and limits the size of the set.
The set is per-thread to support WebGL contexts in DOM as well as
offscreen canvas use-cases. Offscreen canvas is not implemented for Cocoa
but other ports may enable it.

Tested by:
LayoutTests/webgl/lose-context-after-context-lost.html
LayoutTests/webgl/many-contexts-access-after-loss.html
LayoutTests/webgl/many-contexts.html
LayoutTests/webgl/max-active-contexts-console-warning.html
LayoutTests/webgl/max-active-contexts-gc.html
LayoutTests/webgl/max-active-contexts-oldest-context-lost.html
LayoutTests/webgl/max-active-contexts-webglcontextlost-prevent-default.html

Headers.cmake:
Sources.txt:
WebCore.xcodeproj/project.pbxproj:
html/canvas/WebGLRenderingContextBase.cpp:

(WebCore::activeContexts):
(WebCore::addActiveContext):
(WebCore::removeActiveContext):
(WebCore::WebGLRenderingContextBase::WebGLRenderingContextBase):
(WebCore::WebGLRenderingContextBase::setGraphicsContextGL):
(WebCore::WebGLRenderingContextBase::destroyGraphicsContextGL):
(WebCore::WebGLRenderingContextBase::clearIfComposited):
(WebCore::WebGLRenderingContextBase::maybeRestoreContext):
(WebCore::WebGLRenderingContextBase::updateActiveOrdinal):

html/canvas/WebGLRenderingContextBase.h:

(WebCore::WebGLRenderingContextBase::activeOrdinal const):

platform/graphics/angle/GraphicsContextGLANGLE.cpp:
platform/graphics/cocoa/GraphicsContextGLCocoa.mm:

(WebCore::GraphicsContextGLANGLE::~GraphicsContextGLANGLE):

platform/graphics/cocoa/WebProcessGraphicsContextGLCocoa.mm:

(WebCore::createWebProcessGraphicsContextGL):

platform/graphics/opengl/GraphicsContextGLOpenGL.cpp:

(WebCore::GraphicsContextGLOpenGL::~GraphicsContextGLOpenGL):

platform/graphics/opengl/GraphicsContextGLOpenGLManager.cpp: Removed.
platform/graphics/opengl/GraphicsContextGLOpenGLManager.h: Removed.
platform/graphics/texmap/GraphicsContextGLTextureMapper.cpp:

(WebCore::createWebProcessGraphicsContextGL):

platform/graphics/texmap/GraphicsContextGLTextureMapperANGLE.cpp:

(WebCore::GraphicsContextGLANGLE::~GraphicsContextGLANGLE):

LayoutTests:

platform/ios-wk2/TestExpectations:

9:28 PM Changeset in webkit [290815] by Ben Nham

28 edits
2 adds in trunk

Enforce silent push quota
https://bugs.webkit.org/show_bug.cgi?id=236863

Reviewed by Brady Eidson.

Source/WebCore:

All PushSubscriptions are created with the userVisibleOnly flag set. This means that all
push events should result in a user-facing notification.

To enforce this, we use a quota system. A push subscription can process up to three silent
pushes. After three silent pushes, we remove the push subscription. To continue to receive
pushes, the user must navigate back to the website and the site must request permission to
send pushes again.

Originally we were going to use a more complicated quota system that moved subscriptions
from waking to non-waking before finally unsubscribing, but this seemed like it could lead
to subscriptions being in a partially-working state that would be hard to explain and reason
about. As a result, I've removed the wakeState column from PushDatabase and replaced it
a silentPushCount column.

To track whether or not a service worker has shown a notification while processing a push
event, we use a boolean flag on ServiceWorkerGlobalScope. This should be sufficient because
we currently only process one push event at a time.

Covered by existing and new API tests.

Modules/push-api/PushDatabase.cpp:

(WebCore::PushRecord::isolatedCopy const):
(WebCore::PushRecord::isolatedCopy):
(WebCore::PushDatabase::insertRecord):
(WebCore::makePushRecordFromRow):
(WebCore::PushDatabase::getRecordByTopic):
(WebCore::PushDatabase::getRecordByBundleIdentifierAndScope):
(WebCore::PushDatabase::getTopics):
(WebCore::PushDatabase::incrementSilentPushCount):
(WebCore::PushDatabase::removeRecordsByBundleIdentifierAndSecurityOrigin):

Modules/push-api/PushDatabase.h:
workers/service/ServiceWorkerGlobalScope.h:
workers/service/ServiceWorkerRegistration.cpp:

(WebCore::ServiceWorkerRegistration::showNotification):

workers/service/context/ServiceWorkerThread.cpp:

(WebCore::ServiceWorkerThread::queueTaskToFirePushEvent):

Source/WebKit:

If a push event doesn't result in a notification or if the associated promise rejects, then we increment the silent push count associated with that origin.
PushService now removes a subscription if the origin has reached its quota of silent pushes.

Covered by existing and new API tests.

NetworkProcess/NetworkProcess.cpp:

(WebKit::NetworkProcess::processPushMessage):

NetworkProcess/Notifications/NetworkNotificationManager.cpp:

(WebKit::NetworkNotificationManager::incrementSilentPushCount):
(WebKit::ReplyCaller<int>::callReply):

Shared/WebPushDaemonConstants.h:

(WebKit::WebPushD::messageTypeSendsReply):

UIProcess/API/Cocoa/WKProcessPool.mm:

(-[WKProcessPool _notificationManagerForTesting]):

webpushd/PushService.mm:

(WebPushD::updateTopicLists):
(WebPushD::PushService::incrementSilentPushCount):

webpushd/WebPushDaemon.mm:

(WebPushD::MessageInfo::incrementSilentPushCount::encodeReply):
(WebPushD::Daemon::decodeAndHandleMessage):
(WebPushD::Daemon::incrementSilentPushCount):

Tools:

Modified existing push tests to show a notification. Added a new test case to make sure that
subscriptions are removed when an origin reaches its quota of silent pushes.

TestWebKitAPI/TestNotificationProvider.cpp:

(TestWebKitAPI::notificationPermissions):
(TestWebKitAPI::TestNotificationProvider::TestNotificationProvider):
(TestWebKitAPI::TestNotificationProvider::~TestNotificationProvider):
(TestWebKitAPI::TestNotificationProvider::notificationPermissions):
(TestWebKitAPI::TestNotificationProvider::setPermission):

TestWebKitAPI/Tests/WebCore/PushDatabase.cpp:

(TestWebKitAPI::makeTemporaryDatabasePath):
(TestWebKitAPI::getTopicsSync):
(TestWebKitAPI::PushDatabaseTest::getTopics):
(TestWebKitAPI::PushDatabaseTest::removeRecordsByBundleIdentifierAndSecurityOrigin):
(TestWebKitAPI::PushDatabaseTest::incrementSilentPushCount):
(TestWebKitAPI::operator==):
(TestWebKitAPI::TEST_F):
(TestWebKitAPI::TEST):

TestWebKitAPI/cocoa/HTTPServer.mm:

(TestWebKitAPI::HTTPServer::origin const):

LayoutTests:

Update PushEvent tests to check that notifications are displayed.

http/wpt/push-api/pushEvent.any.js:

(promise_test.async const):
(promise_test.async if):

http/wpt/push-api/pushEvent.any.serviceworker-expected.txt:

8:40 PM Changeset in webkit [290814] by Ben Nham

2 edits in trunk/Source/WebKit

Allow webpushd to launch browser in background
https://bugs.webkit.org/show_bug.cgi?id=237114

Reviewed by Brady Eidson.

Now that webpushd is sandboxed on Mac (r289566), the LaunchServices SPI call to launch
Safari is now failing, because LaunchServices goes down a different path when there is a
sandboxed caller. In particular, it fails to launch Safari because Safari doesn't register
for the webkit-app-launch scheme. Safari also doesn't want to list this scheme in its plist.

For now, to unblock our testing, we're giving ourselves an entitlement to restore the
pre-sandboxed behavior of being able to launch Safari even though it doesn't register for
the webkit-app-launch scheme. We are still in discussions with LaunchServices and Safari
about if there is a better and more restrictive way of granting ourselves this ability.

Scripts/process-entitlements.sh:

8:08 PM Changeset in webkit [290813] by Devin Rousso

35 edits
5 adds in trunk/Source

[GPU Process] dont load Apple Pay button/logo PDFs in the WebProcess
https://bugs.webkit.org/show_bug.cgi?id=237177

Reviewed by Simon Fraser.

Source/WebCore:

platform/graphics/SystemImage.h: Added.

(WebCore::SystemImage::draw const):
(WebCore::SystemImage::SystemImage):
Introduce a new extendable class SystemImage that represents a collection of arguments
and methodology (that uses those arguments) to draw something from the system.
This patch introduces two concrete uses:

ApplePayButtonSystemImage uses PassKit SPI to draw an Apple Pay button.
ApplePayLogoSystemImage loads a PDF file of the Apple Pay logo from inside PassKit.

This architecture was chosen so that GraphicsContext doesn't have to know about Apple Pay
specific things, instead only dealing with a very generic interface (whos subclasses know
more specifically what to do with the data they're given).

Modules/applepay/ApplePayButtonSystemImage.h: Added.

(WebCore::ApplePayButtonSystemImage::create):
(WebCore::ApplePayButtonSystemImage::ApplePayButtonSystemImage):
(WebCore::ApplePayButtonSystemImage::encode const):
(WebCore::ApplePayButtonSystemImage::decode):
(isType):

Modules/applepay/ApplePayButtonSystemImage.mm: Added.

(WebCore::toPKPaymentButtonType):
(WebCore::toPKPaymentButtonStyle):
(WebCore::ApplePayButtonSystemImage::draw const):

css/CSSPrimitiveValueMappings.h:
rendering/style/RenderStyle.h:
rendering/style/RenderStyleConstants.cpp:
rendering/style/RenderStyleConstants.h:

Drive-by: Move ApplePayButtonStyle and ApplePayButtonType to ApplePayButtonSystemImage.h
so they can be used elsewhere (e.g. GPUProcess) without having to include everything else.

Modules/applepay/ApplePayLogoSystemImage.h: Added.

(WebCore::ApplePayLogoSystemImage::create):
(WebCore::ApplePayLogoSystemImage::ApplePayLogoSystemImage):
(WebCore::ApplePayLogoSystemImage::encode const):
(WebCore::ApplePayLogoSystemImage::decode):
(isType):

Modules/applepay/ApplePayLogoSystemImage.mm: Added.

(WebCore::passKitBundle):
(WebCore::loadPassKitPDFPage):
(WebCore::applePayLogoWhite):
(WebCore::applePayLogoBlack):
(WebCore::applePayLogoForStyle):
(WebCore::ApplePayLogoSystemImage::draw const):
Add a new ApplePayLogoStyle so that the WebProcess isn't able to provide an arbitrary PDF
to load when rendering -webkit-named-image(apple-pay-logo-[white,black]).

platform/cocoa/ThemeCocoa.mm:

(WebCore::ThemeCocoa::drawNamedImage const):
(WebCore::fitContextToBox): Deleted.
(WebCore::passKitBundle): Deleted.
(WebCore::loadPassKitPDFPage): Deleted.
(WebCore::applePayButtonLogoBlack): Deleted.
(WebCore::applePayButtonLogoWhite): Deleted.
(WebCore::drawApplePayButton): Deleted.

rendering/RenderThemeCocoa.mm:

(WebCore::RenderThemeCocoa::paintApplePayButton):
(WebCore::toPKPaymentButtonStyle): Deleted.
(WebCore::toPKPaymentButtonType): Deleted.
Move the logic that draws the Apple Pay button to a method on GraphicsContext so that it
can hook into the various GPUProcess flags/systems.

platform/graphics/GraphicsContext.h:
platform/graphics/GraphicsContext.cpp:

(WebCore::GraphicsContext::drawSystemImage): Added.

platform/graphics/BifurcatedGraphicsContext.h:
platform/graphics/BifurcatedGraphicsContext.cpp:

(WebCore::BifurcatedGraphicsContext::drawSystemImage): Added.

platform/graphics/NullGraphicsContext.h:

(WebCore::NullGraphicsContext::drawSystemImage): Added.

platform/graphics/displaylists/DisplayList.cpp:

(WebCore::DisplayList::DisplayList::append):

platform/graphics/displaylists/DisplayListItemBuffer.cpp:

(WebCore::DisplayList::ItemHandle::apply):
(WebCore::DisplayList::ItemHandle::destroy):
(WebCore::DisplayList::ItemHandle::safeCopy const):

platform/graphics/displaylists/DisplayListItemType.h:
platform/graphics/displaylists/DisplayListItemType.cpp:

(WebCore::DisplayList::sizeOfItemInBytes):
(WebCore::DisplayList::isDrawingItem):
(WebCore::DisplayList::isInlineItem):

platform/graphics/displaylists/DisplayListItems.h:

(WebCore::DisplayList::DrawSystemImage::DrawSystemImage): Added.
(WebCore::DisplayList::DrawSystemImage::systemImage const): Added.
(WebCore::DisplayList::DrawSystemImage::destination const): Added.
(WebCore::DisplayList::DrawSystemImage::globalBounds const): Added.
(WebCore::DisplayList::DrawSystemImage::localBounds const): Added.
(WebCore::DisplayList::DrawSystemImage::encode const): Added.
(WebCore::DisplayList::DrawSystemImage::decode): Added.

platform/graphics/displaylists/DisplayListItems.cpp:

(WebCore::DisplayList::DrawSystemImage::apply const): Added.
(WebCore::DisplayList::operator<<):

platform/graphics/displaylists/DisplayListRecorder.h:
platform/graphics/displaylists/DisplayListRecorder.cpp:

(WebCore::DisplayList::Recorder::drawSystemImage): Added.

platform/graphics/displaylists/DisplayListRecorderImpl.h:
platform/graphics/displaylists/DisplayListRecorderImpl.cpp:

(WebCore::DisplayList::RecorderImpl::recordDrawSystemImage): Added.
Add new DrawSystemImage display list item to handle GPUProcess drawing of SystemImage.

Headers.cmake:
Sources.txt:
SourcesCocoa.txt:
WebCore.xcodeproj/project.pbxproj:

Modules/model-element/scenekit/SceneKitModelLoaderUSD.mm:

Drive-by: Unified sources build fix.

Source/WebKit:

See Source/WebCore/ChangeLog for an explanation of SystemImage.

Shared/WebCoreArgumentCoders.h:
Shared/WebCoreArgumentCoders.cpp:

(IPC::ArgumentCoder<Ref<SystemImage>>::encode): Added.
(IPC::ArgumentCoder<Ref<SystemImage>>::decode): Added.
Support sending SystemImage (technically Ref<SystemImage>) across processes.

GPUProcess/graphics/RemoteDisplayListRecorder.messages.in:
GPUProcess/graphics/RemoteDisplayListRecorder.h:
GPUProcess/graphics/RemoteDisplayListRecorder.cpp:

(WebKit::RemoteDisplayListRecorder::drawSystemImage): Added.

WebProcess/GPU/graphics/RemoteDisplayListRecorderProxy.h:
WebProcess/GPU/graphics/RemoteDisplayListRecorderProxy.cpp:

(WebKit::RemoteDisplayListRecorderProxy::recordDrawSystemImage): Addded.
Add new DrawSystemImage display list item.

Scripts/webkit/messages.py:

(class_template_headers):
Add support for Ref<T> in IPC messages.

6:54 PM Changeset in webkit [290812] by Simon Fraser

4 edits
3 adds in trunk

Element with position: sticky after sticking, starts to move incorrectly when scrolling
https://bugs.webkit.org/show_bug.cgi?id=231953
<rdar://84662329>

Reviewed by Sam Weinig.

Source/WebCore:

Sometimes we'd fail to push new StickyPositionViewportConstraints to the scrolling
tree, because operator== failed to compare m_constrainingRectAtLastLayout. This breaks
the requirement that the "last committed scroll position" for the overflow scrolling
node has to be updated in the same commit as the "constraining-rect-at-last-layout"
on the sticky node.

Test: scrollingcoordinator/scrolling-tree/sticky-in-overflow-stale-constraints.html

page/scrolling/ScrollingConstraints.cpp:

(WebCore::operator<<):

page/scrolling/ScrollingConstraints.h:

(WebCore::StickyPositionViewportConstraints::operator== const):

LayoutTests:

platform/ios-wk2/scrollingcoordinator/scrolling-tree/sticky-in-overflow-stale-constraints-expected.txt: Added.
scrollingcoordinator/scrolling-tree/sticky-in-overflow-stale-constraints-expected.txt: Added.
scrollingcoordinator/scrolling-tree/sticky-in-overflow-stale-constraints.html: Added.

6:40 PM Changeset in webkit [290811] by Dewei Zhu

10 edits in trunk/Tools

'run-benchmark' script should log http requests during benchmark run.
https://bugs.webkit.org/show_bug.cgi?id=237076
<rdar://89270825>

Reviewed by Jonathan Bedard.

Relanding 290583 with fix.
Add support to log http requests during benchmark run for diagnostic purpose.
AutoInstall sets 'AUTOINSTALL_CA_CERT_PATH' to environment variables when certificate is specified,
and uses 'AUTOINSTALL_CA_CERT_PATH' when it's present in environment variables. This ensures scripts invoked
from subprocess can use autoinstalled correcctly.

Scripts/libraries/webkitcorepy/webkitcorepy/autoinstall.py:

(AutoInstall):
(AutoInstall.set_index):

Scripts/webkitpy/init.py: Update 'attr' package version to 20.3.0 so match upgraded twisted version
Scripts/webkitpy/autoinstalled/twisted.py: Upgrade twisted version to latest python2 & python3 compatibile

version with specified implicit dependencies.

Scripts/webkitpy/benchmark_runner/benchmark_runner.py: Ensure benchmark diagnostic directory is created.

(BenchmarkRunner.init):

Scripts/webkitpy/benchmark_runner/http_server_driver/http_server/twisted_http_server.py: Add '--log-path'

arugment to allow specify logging output and it defaults to '/tmp/run-benchmark-http.log'

Scripts/webkitpy/benchmark_runner/http_server_driver/http_server_driver.py:

(HTTPServerDriver.set_device_id):
(HTTPServerDriver):
(HTTPServerDriver.set_http_log):

Scripts/webkitpy/benchmark_runner/http_server_driver/simple_http_server_driver.py: Pass http log path to

twisted http server if specified.
(SimpleHTTPServerDriver.init):
(SimpleHTTPServerDriver.serve):
(SimpleHTTPServerDriver.set_http_log):

Scripts/webkitpy/benchmark_runner/run_benchmark.py: Fix a tiny bug that default_diagnose_dir() is involked twice in

argument parser help message.
(config_argument_parser):

Scripts/webkitpy/benchmark_runner/webserver_benchmark_runner.py: Set http request log path if diagnostic directory

is specified.
(WebServerBenchmarkRunner.init):

Canonical link: https://commits.webkit.org/248047@main

6:19 PM Changeset in webkit [290810] by Jonathan Bedard

4 edits in trunk/Tools

[git-webkit] Handle new PR with old branch name
https://bugs.webkit.org/show_bug.cgi?id=237457
<rdar://problem/89788939>

Reviewed by Dewei Zhu.

Tools/Scripts/libraries/webkitscmpy/setup.py: Bump version.
Tools/Scripts/libraries/webkitscmpy/webkitscmpy/init.py: Ditto.
Tools/Scripts/libraries/webkitscmpy/webkitscmpy/program/pull_request.py:

(PullRequest.main):

Canonical link: https://commits.webkit.org/248046@main

5:38 PM Changeset in webkit [290809] by Russell Epstein

1 copy in tags/Safari-614.1.5.6

Tag Safari-614.1.5.6.

5:38 PM Changeset in webkit [290808] by Russell Epstein

1 delete in tags/Safari-614.1.5.6

Remove tag.

5:36 PM Changeset in webkit [290807] by Russell Epstein

26 edits
12 adds in branches/safari-614.1.5-branch/Source

Cherry-pick r290805. rdar://problem/89053248

Copy WebKit frameworks and XPC processes to Secondary Path
https://bugs.webkit.org/show_bug.cgi?id=237394

Reviewed by Saam Barati.

Source/JavaScriptCore:

Added build configuration variables and scripts to copy the built Framework to the SYSTEM_SECONDARY_CONTENT_PATH
when it is set.

Configurations/Base.xcconfig:
JavaScriptCore.xcodeproj/project.pbxproj:
Scripts/copy-frameworks-to-secondary-path.sh: Added.

Source/ThirdParty/ANGLE:

Added build configuration variables and scripts to copy the built Framework to the SYSTEM_SECONDARY_CONTENT_PATH
when it is set.

ANGLE.xcodeproj/project.pbxproj:
Configurations/ANGLE-dynamic.xcconfig:
scripts/copy-frameworks-to-secondary-path.sh: Added.

Source/ThirdParty/libwebrtc:

Added build configuration variables and scripts to copy the built Framework to the SYSTEM_SECONDARY_CONTENT_PATH
when it is set.

Configurations/libwebrtc.xcconfig:
Scripts/copy-frameworks-to-secondary-path.sh: Added.
libwebrtc.xcodeproj/project.pbxproj:

Source/WebCore:

Added build configuration variables and scripts to copy the built Framework to the SYSTEM_SECONDARY_CONTENT_PATH
when it is set.

Configurations/WebCore.xcconfig:
Scripts/copy-frameworks-to-secondary-path.sh: Added.
WebCore.xcodeproj/project.pbxproj:

Source/WebGPU:

Added build configuration variables and scripts to copy the built Framework to the SYSTEM_SECONDARY_CONTENT_PATH
when it is set.

Configurations/WebGPU.xcconfig:
Scripts/copy-frameworks-to-secondary-path.sh: Added.
WebGPU.xcodeproj/project.pbxproj:

Source/WebInspectorUI:

Added build configuration variables and scripts to copy the built Framework to the SYSTEM_SECONDARY_CONTENT_PATH
when it is set.

Configurations/WebInspectorUIFramework.xcconfig:
Scripts/copy-frameworks-to-secondary-path.sh: Added.
WebInspectorUI.xcodeproj/project.pbxproj:

Source/WebKit:

Added build configuration variables and scripts to copy the built Framework as well as the XPC services
to the SYSTEM_SECONDARY_CONTENT_PATH when it is set. When copying the XPC services, we update the XPC
binaries to reference the frameworks from the SYSTEM_SECONDARY_CONTENT_PATH by updating
DYLD_VERSIONED_FRAMEWORK_PATH.

Configurations/Base.xcconfig:
Configurations/WebKitSwift.xcconfig:
Scripts/copy-frameworks-to-secondary-path.sh: Added.
Scripts/copy-xpc-services-to-secondary-path.sh: Added.
Scripts/update-dyld-environment-load-command: Added.
Scripts/webkitpy: Added.
Scripts/webkitpy/mach_o.py: Added. (_utf8_bytes_to_str): (_mach_o_int_field): (_mach_o_int_field._get_mach_o_int_field): (_mach_o_int_field._set_mach_o_int_field): (_mach_o_int_field._set_mach_o_int_field.func): (_mach_o_chararray_field): (_mach_o_chararray_field._get_mach_o_chararray_field): (_mach_o_chararray_field._set_mach_o_chararray_field): (_mach_o_chararray_field._set_mach_o_chararray_field.func): (_mach_o_varchar_field): (_mach_o_varchar_field._get_mach_o_varchar_field): (_mach_o_varchar_field._set_mach_o_varchar_field): (_mach_o_varchar_field._set_mach_o_varchar_field.func): (MachOCommand): (MachOCommand.init): (MachOSourceVersionCommand): (MachOSourceVersionCommand.version_str): (MachOSection): (MachOSection.init): (MachOSegmentCommand): (MachOSection32): (MachOSegment32Command): (MachOSegment32Command.init): (MachOSection64): (MachOSegment64Command): (MachOSegment64Command.init): (MachOLoadDylibCommand): (MachOLoadDylibCommand._version_str): (MachOLoadDylibCommand.compatibility_version_str): (MachOLoadDylibCommand.current_version_str): (MachODyldEnvironmentCommand): (MachODyldEnvironmentCommand.variable): (MachODyldEnvironmentCommand.value): (MachODyldEnvironmentCommand.build): (MachOIDDylibCommand): (MachOHeader): (MachOHeader.init): (MachOHeader.used_header_size): (MachOHeader.total_header_size): (MachOHeader.available_header_size): (MachOHeader.architecture_name): (MachOHeader.id_command): (MachOHeader.dyld_env_commands): (MachOHeader.dyld_versioned_framework_paths): (MachOHeader.filter_commands): (MachOHeader.update_file): (MachOHeader.parse_command): (MachOHeader32LE): (MachOHeader32LE.init): (MachOHeader64LE): (MachOHeader64LE.init): (MachOFile): (MachOFile.init): (is_macho_bytes): (is_macho_file): (enumerate_macho_files):
WebKit.xcodeproj/project.pbxproj:

Source/WebKitLegacy:

Added build configuration variables and scripts to copy the built Framework to the SYSTEM_SECONDARY_CONTENT_PATH
when it is set.

WebKitLegacy.xcodeproj/project.pbxproj:
scripts/copy-frameworks-to-secondary-path.sh: Added.

Source/WebKitLegacy/mac:

Added build configuration variables and scripts to copy the built Framework to the SYSTEM_SECONDARY_CONTENT_PATH
when it is set.

Configurations/Base.xcconfig:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@290805 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5:32 PM Changeset in webkit [290806] by sihui_liu@apple.com

9 edits in trunk

Text manipulation does not observe updated title element
https://bugs.webkit.org/show_bug.cgi?id=237435
rdar://87318842

Reviewed by Wenson Hsieh.

Source/WebCore:

TextManipulationController now monitors two types of nodes (after first-time manipulation):
(1) manipulated nodes with content update
(2) non-manipulated nodes (newly displayed or newly added)
We should make sure title element gets added to set (1) if it's newly created, and gets added to set (2) if its
text content is updated.

New test: TextManipulation.CompleteTextManipulationForTitleElement

dom/Document.cpp:

(WebCore::Document::setTitle):

dom/Text.cpp:

(WebCore::Text::setDataAndUpdate):

editing/TextManipulationController.cpp:

(WebCore::TextManipulationController::didUpdateContentForNode):
(WebCore::TextManipulationController::didAddOrCreateRendererForNode):
(WebCore::TextManipulationController::scheduleObservationUpdate):
(WebCore::TextManipulationController::replace):
(WebCore::TextManipulationController::didCreateRendererForElement): Deleted.
(WebCore::TextManipulationController::didUpdateContentForText): Deleted.
(WebCore::TextManipulationController::didCreateRendererForTextNode): Deleted.

editing/TextManipulationController.h:
html/HTMLTitleElement.cpp:
rendering/updating/RenderTreeUpdater.cpp:

(WebCore::RenderTreeUpdater::createRenderer):
(WebCore::RenderTreeUpdater::createTextRenderer):

Tools:

TestWebKitAPI/Tests/WebKitCocoa/TextManipulation.mm:

(TestWebKitAPI::TEST):

5:26 PM Changeset in webkit [290805] by msaboff@apple.com

26 edits
14 adds in trunk/Source

Copy WebKit frameworks and XPC processes to Secondary Path
https://bugs.webkit.org/show_bug.cgi?id=237394

Reviewed by Saam Barati.

Source/JavaScriptCore:

Added build configuration variables and scripts to copy the built Framework to the SYSTEM_SECONDARY_CONTENT_PATH
when it is set.

Configurations/Base.xcconfig:
JavaScriptCore.xcodeproj/project.pbxproj:
Scripts/copy-frameworks-to-secondary-path.sh: Added.

Source/ThirdParty/ANGLE:

Added build configuration variables and scripts to copy the built Framework to the SYSTEM_SECONDARY_CONTENT_PATH
when it is set.

ANGLE.xcodeproj/project.pbxproj:
Configurations/ANGLE-dynamic.xcconfig:
scripts/copy-frameworks-to-secondary-path.sh: Added.

Source/ThirdParty/libwebrtc:

Added build configuration variables and scripts to copy the built Framework to the SYSTEM_SECONDARY_CONTENT_PATH
when it is set.

Configurations/libwebrtc.xcconfig:
Scripts/copy-frameworks-to-secondary-path.sh: Added.
libwebrtc.xcodeproj/project.pbxproj:

Source/WebCore:

Added build configuration variables and scripts to copy the built Framework to the SYSTEM_SECONDARY_CONTENT_PATH
when it is set.

Configurations/WebCore.xcconfig:
Scripts/copy-frameworks-to-secondary-path.sh: Added.
WebCore.xcodeproj/project.pbxproj:

Source/WebGPU:

Added build configuration variables and scripts to copy the built Framework to the SYSTEM_SECONDARY_CONTENT_PATH
when it is set.

Configurations/WebGPU.xcconfig:
Scripts/copy-frameworks-to-secondary-path.sh: Added.
WebGPU.xcodeproj/project.pbxproj:

Source/WebInspectorUI:

Added build configuration variables and scripts to copy the built Framework to the SYSTEM_SECONDARY_CONTENT_PATH
when it is set.

Configurations/WebInspectorUIFramework.xcconfig:
Scripts/copy-frameworks-to-secondary-path.sh: Added.
WebInspectorUI.xcodeproj/project.pbxproj:

Source/WebKit:

Added build configuration variables and scripts to copy the built Framework as well as the XPC services
to the SYSTEM_SECONDARY_CONTENT_PATH when it is set. When copying the XPC services, we update the XPC
binaries to reference the frameworks from the SYSTEM_SECONDARY_CONTENT_PATH by updating
DYLD_VERSIONED_FRAMEWORK_PATH.

Configurations/Base.xcconfig:
Configurations/WebKitSwift.xcconfig:
Scripts/copy-frameworks-to-secondary-path.sh: Added.
Scripts/copy-xpc-services-to-secondary-path.sh: Added.
Scripts/update-dyld-environment-load-command: Added.
Scripts/webkitpy: Added.
Scripts/webkitpy/mach_o.py: Added.

(_utf8_bytes_to_str):
(_mach_o_int_field):
(_mach_o_int_field._get_mach_o_int_field):
(_mach_o_int_field._set_mach_o_int_field):
(_mach_o_int_field._set_mach_o_int_field.func):
(_mach_o_chararray_field):
(_mach_o_chararray_field._get_mach_o_chararray_field):
(_mach_o_chararray_field._set_mach_o_chararray_field):
(_mach_o_chararray_field._set_mach_o_chararray_field.func):
(_mach_o_varchar_field):
(_mach_o_varchar_field._get_mach_o_varchar_field):
(_mach_o_varchar_field._set_mach_o_varchar_field):
(_mach_o_varchar_field._set_mach_o_varchar_field.func):
(MachOCommand):
(MachOCommand.init):
(MachOSourceVersionCommand):
(MachOSourceVersionCommand.version_str):
(MachOSection):
(MachOSection.init):
(MachOSegmentCommand):
(MachOSection32):
(MachOSegment32Command):
(MachOSegment32Command.init):
(MachOSection64):
(MachOSegment64Command):
(MachOSegment64Command.init):
(MachOLoadDylibCommand):
(MachOLoadDylibCommand._version_str):
(MachOLoadDylibCommand.compatibility_version_str):
(MachOLoadDylibCommand.current_version_str):
(MachODyldEnvironmentCommand):
(MachODyldEnvironmentCommand.variable):
(MachODyldEnvironmentCommand.value):
(MachODyldEnvironmentCommand.build):
(MachOIDDylibCommand):
(MachOHeader):
(MachOHeader.init):
(MachOHeader.used_header_size):
(MachOHeader.total_header_size):
(MachOHeader.available_header_size):
(MachOHeader.architecture_name):
(MachOHeader.id_command):
(MachOHeader.dyld_env_commands):
(MachOHeader.dyld_versioned_framework_paths):
(MachOHeader.filter_commands):
(MachOHeader.update_file):
(MachOHeader.parse_command):
(MachOHeader32LE):
(MachOHeader32LE.init):
(MachOHeader64LE):
(MachOHeader64LE.init):
(MachOFile):
(MachOFile.init):
(is_macho_bytes):
(is_macho_file):
(enumerate_macho_files):

WebKit.xcodeproj/project.pbxproj:

Source/WebKitLegacy:

Added build configuration variables and scripts to copy the built Framework to the SYSTEM_SECONDARY_CONTENT_PATH
when it is set.

WebKitLegacy.xcodeproj/project.pbxproj:
scripts/copy-frameworks-to-secondary-path.sh: Added.

Source/WebKitLegacy/mac:

Added build configuration variables and scripts to copy the built Framework to the SYSTEM_SECONDARY_CONTENT_PATH
when it is set.

Configurations/Base.xcconfig:

5:21 PM Changeset in webkit [290804] by Alan Coon

1 copy in tags/Safari-614.1.5.6

Tag Safari-614.1.5.6.

5:08 PM Changeset in webkit [290803] by commit-queue@webkit.org

5 edits in trunk/Source/WebCore

Allow [SecureContext] extended attribute on namespaces.
https://bugs.webkit.org/show_bug.cgi?id=237401

Patch by Dan Glastonbury <djg@apple.com> on 2022-03-03
Reviewed by Alexey Shvayka.

bindings/scripts/IDLAttributes.json:

Enable SecureContext as a valid extended attribute on namespace.

bindings/scripts/test/BindingTestGlobalConstructors.idl:
bindings/scripts/test/JS/*: Updated
bindings/scripts/test/TestNamespaceObject.idl:

Added [SecureContext] to namespace

5:06 PM Changeset in webkit [290802] by commit-queue@webkit.org

6 edits in trunk

[JSC] Update wasm branch hinting
https://bugs.webkit.org/show_bug.cgi?id=237411

Patch by Tom Tartarin <tom@leaningtech.com> on 2022-03-03
Reviewed by Yusuke Suzuki.

JSTests:

Simplify the module tested with the updated format.

wasm/branch-hints/branchHintsModule.wasm:
wasm/branch-hints/branchHintsSection.js:

Source/JavaScriptCore:

Change the section's name.
Clarify semantics in the parser.

wasm/WasmBranchHintsSectionParser.cpp:

(JSC::Wasm::BranchHintsSectionParser::parse):

wasm/WasmSectionParser.cpp:

(JSC::Wasm::SectionParser::parseCustom):

5:04 PM Changeset in webkit [290801] by commit-queue@webkit.org

2 edits in trunk

Add Dan Glastonbury's name to contributors.json
https://bugs.webkit.org/show_bug.cgi?id=237453

Patch by Dan Glastonbury <djg@apple.com> on 2022-03-03
Reviewed by Alan Bujtas.

metadata/contributors.json:

4:57 PM Changeset in webkit [290800] by commit-queue@webkit.org

2 edits in trunk

Add myself (Anjali Kumar) to contributors.json
https://bugs.webkit.org/show_bug.cgi?id=237449

Patch by Anjali Kumar <anjalik_22@apple.com> on 2022-03-03
Reviewed by Patrick Angle.

metadata/contributors.json: Added myself.

4:53 PM Changeset in webkit [290799] by Lauro Moura

7 edits in trunk/Tools

[Python3] Switch a few more glib scripts to Python3
https://bugs.webkit.org/show_bug.cgi?id=237442

Reviewed by Adrian Perez de Castro.

Scripts/check-for-global-bss-symbols-in-webkitgtk-libs: Update

shebang.
(bss_symbols): Decode Popen bytes output.

gtk/jhbuildrc: Update shebang.
gtk/ycm_extra_conf.py: Ditto.
jhbuild/jhbuild-wrapper: Ditto.

(jhbuild_at_expected_revision): Decode Popen bytes output.

jhbuild/jhbuildrc_common.py: Remove uneeded shebang.
wpe/jhbuildrc: Update shebang.

3:46 PM Changeset in webkit [290798] by Robert Jenner

3 edits in trunk/Source/WebKit

Unreviewed, reverting r290752.

r290752 broke mutliple tests, slowing down the iOS15 EWS
queue.

Reverted changeset:

"[iOS] Hard link AVPictureInPictureController"
https://bugs.webkit.org/show_bug.cgi?id=237227
https://commits.webkit.org/r290752

3:25 PM Changeset in webkit [290797] by timothy_horton@apple.com

2 edits in trunk/Source/WebKit

WKContentView should explicitly request the system pointer in the fallback case
https://bugs.webkit.org/show_bug.cgi?id=237410
<rdar://79198381>

Reviewed by Anders Carlsson.

UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView pointerRegionForPositionInformation:point:]):
(-[WKContentView pointerInteraction:styleForRegion:]):
Instead of assuming a nil region and nil style will provide the system
pointer, provide a region the size of the WKContentView and explicitly
request the system pointer shape.

Also, drive-by adopt the API systemPointerStyle instead of the
deprecated SPI version.

2:51 PM Changeset in webkit [290796] by Jonathan Bedard

7 edits in trunk/Tools

[webkitcorepy] Disable prompt when saving credentials
https://bugs.webkit.org/show_bug.cgi?id=237438
<rdar://problem/89764417>

Reviewed by Aakash Jain.

Tools/Scripts/libraries/webkitbugspy/setup.py: Bump version.
Tools/Scripts/libraries/webkitbugspy/webkitbugspy/init.py: Ditto.
Tools/Scripts/libraries/webkitbugspy/webkitbugspy/github.py:

(Tracker.credentials): Pass 'save' to webkitcorepy.credentials.

Tools/Scripts/libraries/webkitcorepy/setup.py: Bump version.
Tools/Scripts/libraries/webkitcorepy/webkitcorepy/init.py: Ditto.
Tools/Scripts/libraries/webkitcorepy/webkitcorepy/credentials.py:

(credentials): Unless caller explicitly disables saving, assume that all credentials
should be saved to a system's keyring.

Tools/Scripts/libraries/webkitscmpy/setup.py: Bump version.
Tools/Scripts/libraries/webkitscmpy/webkitscmpy/init.py: Ditto.
Tools/Scripts/libraries/webkitscmpy/webkitscmpy/program/setup.py:

(Setup.github): Automatically save any prompted credentials.
(Setup.git): Ditto.

Tools/Scripts/libraries/webkitscmpy/webkitscmpy/remote/git_hub.py:

(GitHub.credentials): Pass 'save' to github.Tracker.credentials.

Canonical link: https://commits.webkit.org/248036@main

2:38 PM Changeset in webkit [290795] by Chris Dumez

3 edits in trunk/Source/WebKit

[macOS] WebContent processes crash with XPC_EXIT_REASON_SIGTERM_TIMEOUT when logging out
https://bugs.webkit.org/show_bug.cgi?id=237398
<rdar://88940229>

Reviewed by Darin Adler.

Because we don't use RunningBoard on macOS, we leak an OS transaction to control the lifetime of our XPC
services ourselves. However, one of the side effects of leaking this transaction is that the default SIGTERM
handler doesn't cleanly exit our XPC services when logging out or rebooting. This led to crashes with
XPC_EXIT_REASON_SIGTERM_TIMEOUT as termination reason (rdar://88940229).

To address the issue, we now set our own SIGTERM handler that releases the OS transaction and calls the
default SIGTERM handler to exit cleanly. In the future, we should likely adopt RunningBoard on macOS and
control our lifetime via process assertions instead of leaking this OS transaction.

Shared/EntryPointUtilities/Cocoa/XPCService/XPCServiceEntryPoint.h:

(WebKit::XPCServiceInitializer):

Shared/EntryPointUtilities/Cocoa/XPCService/XPCServiceEntryPoint.mm:

(WebKit::setOSTransaction):
(WebKit::XPCServiceExit):
(WebKit::osTransaction): Deleted.

2:07 PM Changeset in webkit [290794] by Wenson Hsieh

9 edits in trunk/Source/WebKit

[iOS] Further reduce hangs underneath -[WKContentView requestAutocorrectionContextWithCompletionHandler:]
https://bugs.webkit.org/show_bug.cgi?id=237387
rdar://89654600

Reviewed by Tim Horton.

Tweak the mitigations landed in r288925 to be even more aggressive. Currently, we preemptively send an
autocorrection context from the web process to the UI process after receiving an IPC message from the UI process
indicating that an input view has been shown. However, this message might arrive too late in cases where the web
process hangs immediately after we're done setting element focus, within the very same runloop; in such a
scenario, we'll still end up hanging underneath the sync autocorrection request underneath -_elementDidFocus:
in the UI process.

We can instead make this mitigation even more aggressive, by setting a flag on WebPage when we're about to
propagate an ElementDidFocus message to the UI process that (in lieu of the WebKit client) would normally
cause the keyboard to appear. During the next DOM selection change, we then consult this flag and preemptively
send an autocorrection context to the UI process.

Additionally, remove another safeguard in the original change in r288925 which effectively invalidated the
cached autocorrection context after the end of the runloop by setting _autocorrectionContextNeedsUpdate. This
was only done to narrow the scope of the fix to just the scenario where UIKit requests autocorrection contexts
multiple times in the same runloop iteration. However, this appears to be insufficient to tackle more scenarios
where UIKit frequently requests autocorrection contexts even though the selection has not changed; hopefully, by
leaving _autocorrectionContextNeedsUpdate := NO, we can mitigate some of these other cases.

UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView requestAutocorrectionContextWithCompletionHandler:]):

WebProcess/Plugins/PDF/PDFPlugin.mm:

(WebKit::PDFPlugin::notifySelectionChanged):

WebProcess/WebCoreSupport/WebEditorClient.cpp:

(WebKit::WebEditorClient::respondToChangedSelection):

WebProcess/WebCoreSupport/ios/WebChromeClientIOS.mm:

(WebKit::WebChromeClient::notifyRevealedSelectionByScrollingFrame):
(WebKit::WebChromeClient::didLayout):

WebProcess/WebCoreSupport/ios/WebEditorClientIOS.mm:

(WebKit::WebEditorClient::overflowScrollPositionChanged):
(WebKit::WebEditorClient::subFrameScrollPositionChanged):

WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::didScrollSelection):
(WebKit::WebPage::didChangeSelection):

Split didChangeSelection into two methods: didScrollSelection, which is invoked from codepaths where we're
scheduling an editor state after overflow or mainframe scrolling, and didChangeSelection, which now takes a
Frame indicating the frame that contains the changed selection. On iOS, we handle this by both scheduling an
editor state update, but also preemptively sending the autocorrection context to the UI process if we've just
focused an element that will probably cause the keyboard to appear (unless the client explicitly prevents it).

Note that we must check the frame containing the changed selection and bail if the render tree is in the
middle of being destroyed, so that we don't end up triggering layout (and release asserting) in the case where
we're clearing the selection during document teardown.

(WebKit::WebPage::resetFocusedElementForFrame):
(WebKit::WebPage::elementDidFocus):
(WebKit::WebPage::elementDidBlur):
(WebKit::WebPage::didCommitLoad):
(WebKit::WebPage::didChangeOverflowScrollPosition): Deleted.

WebProcess/WebPage/WebPage.h:

(WebKit::WebPage::setIsShowingInputViewForFocusedElement):

WebProcess/WebPage/ios/WebPageIOS.mm:

(WebKit::WebPage::updateSelectionAppearance):

Pass in frame to didChangeSelection.

(WebKit::WebPage::setIsShowingInputViewForFocusedElement): Deleted.

Move this back into the header, now that it's a straightforward setter again.

1:51 PM Changeset in webkit [290793] by Jonathan Bedard

7 edits in trunk/Tools

[git-webkit] Open pre-populated GitHub page for new tokens
https://bugs.webkit.org/show_bug.cgi?id=237436
<rdar://problem/89763053>

Reviewed by Ryan Haddad.

GitHub gives us a way to pre-populate its token generation web page. We should
open this page with appropriate arguments during setup.

Tools/Scripts/libraries/webkitbugspy/setup.py: Bump version.
Tools/Scripts/libraries/webkitbugspy/webkitbugspy/init.py: Ditto.
Tools/Scripts/libraries/webkitbugspy/webkitbugspy/github.py:

(Tracker.credentials): Make 'prompt' into a function, allowing us to open a url
and change the prompt based on the success of opening the url.

Tools/Scripts/libraries/webkitcorepy/setup.py: Bump version.
Tools/Scripts/libraries/webkitcorepy/webkitcorepy/init.py: Ditto.
Tools/Scripts/libraries/webkitcorepy/webkitcorepy/credentials.py:

(credentials): Allow 'prompt' to be callable.

Canonical link: https://commits.webkit.org/248033@main

1:19 PM Changeset in webkit [290792] by Lauro Moura

3 edits in trunk/Tools

[build.webkit.org] Add GTK queue using clang
https://bugs.webkit.org/show_bug.cgi?id=229637

Reviewed by Michael Catanzaro.

This commit adds a specific queue to build with clang in place of GCC.
It will help cover both toolchains and catch bugs and warnings
that happen to be raised by/to affect only clang.

Initially, it'll be a build-only queue, moving to a complete build and
tester in the future. It'll use clang-12, the version available in the
current SDK used by GTK and WPE.

CISupport/build-webkit-org/config.json:
CISupport/build-webkit-org/factories_unittest.py:

(TestExpectedBuildSteps):

1:02 PM Changeset in webkit [290791] by mmaxfield@apple.com

40 edits in trunk/Source/WebGPU

[WebGPU] Abide by the WebKit Style Guide
https://bugs.webkit.org/show_bug.cgi?id=237437

Reviewed by Darin Adler.

The style guide says "Do not place a space between the type name and the protocol name."

WebGPU/Adapter.h:

(WebGPU::Adapter::create):

WebGPU/Adapter.mm:

(WebGPU::Adapter::Adapter):
(WebGPU::deviceMeetsRequiredLimits):

WebGPU/BindGroup.h:

(WebGPU::BindGroup::create):
(WebGPU::BindGroup::vertexArgumentBuffer const):
(WebGPU::BindGroup::fragmentArgumentBuffer const):
(WebGPU::BindGroup::computeArgumentBuffer const):

WebGPU/BindGroup.mm:

(WebGPU::Device::createBindGroup):
(WebGPU::BindGroup::BindGroup):

WebGPU/BindGroupLayout.h:

(WebGPU::BindGroupLayout::create):
(WebGPU::BindGroupLayout::vertexArgumentEncoder const):
(WebGPU::BindGroupLayout::fragmentArgumentEncoder const):
(WebGPU::BindGroupLayout::computeArgumentEncoder const):

WebGPU/BindGroupLayout.mm:

(WebGPU::Device::createBindGroupLayout):
(WebGPU::BindGroupLayout::BindGroupLayout):

WebGPU/Buffer.h:

(WebGPU::Buffer::create):
(WebGPU::Buffer::buffer const):

WebGPU/Buffer.mm:

(WebGPU::Buffer::Buffer):

WebGPU/CommandBuffer.h:

(WebGPU::CommandBuffer::create):
(WebGPU::CommandBuffer::commandBuffer const):

WebGPU/CommandBuffer.mm:

(WebGPU::CommandBuffer::CommandBuffer):

WebGPU/CommandEncoder.h:

(WebGPU::CommandEncoder::create):

WebGPU/CommandEncoder.mm:

(WebGPU::CommandEncoder::CommandEncoder):

WebGPU/ComputePassEncoder.h:

(WebGPU::ComputePassEncoder::create):

WebGPU/ComputePassEncoder.mm:

(WebGPU::ComputePassEncoder::ComputePassEncoder):

WebGPU/ComputePipeline.h:

(WebGPU::ComputePipeline::create):
(WebGPU::ComputePipeline::computePipelineState const):

WebGPU/ComputePipeline.mm:

(WebGPU::createLibrary):
(WebGPU::createFunction):
(WebGPU::createComputePipelineState):
(WebGPU::ComputePipeline::ComputePipeline):

WebGPU/Device.h:
WebGPU/Device.mm:

(WebGPU::Device::create):
(WebGPU::Device::Device):

WebGPU/Instance.mm:

(WebGPU::sortedDevices):
(WebGPU::Instance::requestAdapter):

WebGPU/QuerySet.h:

(WebGPU::QuerySet::create):
(WebGPU::QuerySet::counterSampleBuffer const):

WebGPU/QuerySet.mm:

(WebGPU::QuerySet::QuerySet):

WebGPU/Queue.h:

(WebGPU::Queue::create):

WebGPU/Queue.mm:

(WebGPU::Queue::Queue):

WebGPU/RenderBundle.h:

(WebGPU::RenderBundle::create):
(WebGPU::RenderBundle::indirectCommandBuffer const):

WebGPU/RenderBundle.mm:

(WebGPU::RenderBundle::RenderBundle):

WebGPU/RenderBundleEncoder.h:

(WebGPU::RenderBundleEncoder::create):

WebGPU/RenderBundleEncoder.mm:

(WebGPU::RenderBundleEncoder::RenderBundleEncoder):

WebGPU/RenderPassEncoder.h:

(WebGPU::RenderPassEncoder::create):

WebGPU/RenderPassEncoder.mm:

(WebGPU::RenderPassEncoder::RenderPassEncoder):

WebGPU/RenderPipeline.h:

(WebGPU::RenderPipeline::create):
(WebGPU::RenderPipeline::renderPipelineState const):

WebGPU/RenderPipeline.mm:

(WebGPU::RenderPipeline::RenderPipeline):

WebGPU/Sampler.h:

(WebGPU::Sampler::create):
(WebGPU::Sampler::samplerState const):

WebGPU/Sampler.mm:

(WebGPU::Sampler::Sampler):

WebGPU/ShaderModule.h:

(WebGPU::ShaderModule::create):
(WebGPU::ShaderModule::library const):

WebGPU/ShaderModule.mm:

(WebGPU::ShaderModule::createLibrary):
(WebGPU::earlyCompileShaderModule):
(WebGPU::ShaderModule::ShaderModule):

WebGPU/Texture.h:

(WebGPU::Texture::create):
(WebGPU::Texture::texture const):

WebGPU/Texture.mm:

(WebGPU::Texture::Texture):

WebGPU/TextureView.h:

(WebGPU::TextureView::create):
(WebGPU::TextureView::texture const):

WebGPU/TextureView.mm:

(WebGPU::TextureView::TextureView):

12:22 PM Changeset in webkit [290790] by Russell Epstein

9 edits in branches/safari-613-branch/Source

Versioning.

WebKit-7613.2.1

12:21 PM Changeset in webkit [290789] by Russell Epstein

3 edits in branches/safari-613-branch/Source/JavaScriptCore

Cherry-pick r288363. rdar://problem/88995092

Fix build when using Visual Studio 2022
https://bugs.webkit.org/show_bug.cgi?id=235440

Reviewed by Antti Koivisto.

It doesn't like having a switch with a default but no cases.
This is cleaner with if statements anyways.
Also make members const because I can.

jit/JITCode.cpp: (JSC::JITCode::calleeSaveRegisters const):
jit/JITCode.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@288363 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:51 AM Changeset in webkit [290788] by sbarati@apple.com

13 edits in trunk/Source/JavaScriptCore

Add a DeferTraps scope
https://bugs.webkit.org/show_bug.cgi?id=237306
<rdar://83494949>

Reviewed by Mark Lam.

bytecode/CodeBlock.cpp:

(JSC::CodeBlock::CodeBlock):
(JSC::CodeBlock::jettison):
(JSC::CodeBlock::noticeIncomingCall):

bytecode/CodeBlock.h:
bytecode/RepatchInlines.h:

(JSC::linkFor):
(JSC::virtualForWithFunction):

dfg/DFGOperations.cpp:

(JSC::DFG::JSC_DEFINE_JIT_OPERATION):

interpreter/Interpreter.cpp:

(JSC::Interpreter::executeProgram):
(JSC::Interpreter::executeCall):
(JSC::Interpreter::executeConstruct):
(JSC::Interpreter::execute):
(JSC::Interpreter::executeModuleProgram):

interpreter/InterpreterInlines.h:

(JSC::Interpreter::execute):

llint/LLIntSlowPaths.cpp:

(JSC::LLInt::setUpCall):

runtime/ExceptionScope.h:
runtime/ScriptExecutable.cpp:

(JSC::ScriptExecutable::installCode):

runtime/VMTraps.cpp:

(JSC::VMTraps::handleTraps):
(JSC::VMTraps::takeTopPriorityTrap):

runtime/VMTraps.h:

(JSC::VMTraps::needHandling const):
(JSC::VMTraps::maybeNeedHandling const):
(JSC::VMTraps::hasTrapBit):
(JSC::VMTraps::setTrapBit):

runtime/VMTrapsInlines.h:

(JSC::DeferTraps::DeferTraps):
(JSC::DeferTraps::~DeferTraps):

11:04 AM Changeset in webkit [290787] by Russell Epstein

8 edits
2 adds in branches/safari-614.1.5-branch

Cherry-pick r290512. rdar://problem/89765722

[Tables] Incorrect table sizing when colgroup comes after tbody
https://bugs.webkit.org/show_bug.cgi?id=237205
<rdar://86582214>

Reviewed by Antti Koivisto.

Source/WebCore:

Let's use the colgroup for table sizing even when it comes after any thead, tbody, tfoot, and tr elements.
This makes WebKit match other rendering engines (see https://src.chromium.org/viewvc/blink?revision=159442&view=revision)

Test: fast/table/table-sizing-fails-when-colgroup-comes-after-content.html

rendering/RenderTable.cpp: (WebCore::RenderTable::firstColumn const):
rendering/RenderTableCol.cpp: (WebCore::RenderTableCol::nextColumn const):

LayoutTests:

fast/table/table-sizing-fails-when-colgroup-comes-after-content-expected.html: Added.
fast/table/table-sizing-fails-when-colgroup-comes-after-content.html: Added.
platform/mac/tables/mozilla_expected_failures/dom/appendCol1-expected.txt: Progression.
platform/mac/tables/mozilla_expected_failures/dom/appendColGroup1-expected.txt: Progression.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@290512 268f45cc-cd09-0410-ab3c-d52691b4dbfc

11:00 AM Changeset in webkit [290786] by Russell Epstein

9 edits in branches/safari-614.1.5-branch/Source

Versioning.

WebKit-7614.1.5.6

10:25 AM Changeset in webkit [290785] by Simon Fraser

11 edits
2 adds in trunk

nasa.gov page with fixed backgrounds paints incorrectly on scroll
https://bugs.webkit.org/show_bug.cgi?id=237405
<rdar://66568551>

Reviewed by Antti Koivisto.
Source/WebCore:

https://www.nasa.gov/specials/artemis/ shows an issue where elements with background-attachment:fixed
don't repaint on scroll. This page has scrollable <html> and <body>, and the elements with fixed
backgrounds are composited, so this reveals that we fail to repaint composited children
of an overflow scroll in this case.

Fix by having RenderLayerScrollableArea::scrollTo() do repaints on slow repaint objects
which are scrolled by the current scroller.

Do some unrelated cleanup in code that I was going to use in this patch but turned out
not to need: rename hasFixedBackgroundImage() to hasAnyFixedBackground() for clarity,
and share the implementation with hasAnyLocalBackground().

Test: fast/repaint/background-attachment-fixed-in-composited-scroll.html

rendering/RenderElement.cpp:

(WebCore::RenderElement::styleWillChange):
(WebCore::RenderElement::willBeDestroyed):

rendering/RenderLayer.cpp:
rendering/RenderLayerScrollableArea.cpp:

(WebCore::RenderLayerScrollableArea::scrollTo):

rendering/style/FillLayer.cpp:

(WebCore::FillLayer::hasImageWithAttachment const):
(WebCore::FillLayer::hasFixedImage const): Deleted.

rendering/style/FillLayer.h:
rendering/style/RenderStyle.cpp:

(WebCore::RenderStyle::hasAnyLocalBackground const): Deleted.

rendering/style/RenderStyle.h:

(WebCore::RenderStyle::hasBackgroundImage const):
(WebCore::RenderStyle::hasAnyFixedBackground const):
(WebCore::RenderStyle::hasAnyLocalBackground const):
(WebCore::RenderStyle::hasFixedBackgroundImage const): Deleted.

LayoutTests:

Repaint test which is only valid for mac-wk2 (iOS does not support background-attachment:fixed).

TestExpectations:
fast/repaint/background-attachment-fixed-in-composited-scroll-expected.txt: Added.
fast/repaint/background-attachment-fixed-in-composited-scroll.html: Added.
platform/mac-wk2/TestExpectations:

10:20 AM Changeset in webkit [290784] by mmaxfield@apple.com

4 edits in trunk

[Style] Forbid spaces between type names and protocol names in Objective-C
https://bugs.webkit.org/show_bug.cgi?id=237406

Reviewed by Darin Adler.

According to https://lists.webkit.org/pipermail/webkit-dev/2022-February/032130.html.

Tools:

Because the style checker uses regexes, we don't know what's a type name and what's
a protocol name, so the checker simplifies the problem and just checks for "id <".

Scripts/webkitpy/style/checkers/cpp.py:

(check_objc_protocol):
(check_style):

Websites/webkit.org:

code-style.md:

10:01 AM Changeset in webkit [290783] by jonlee@apple.com

3 edits in trunk/LayoutTests

Unreviewed test gardening.

gpu-process/TestExpectations:
platform/ios/TestExpectations:

9:56 AM Changeset in webkit [290782] by Alan Bujtas

3 edits
2 adds in trunk

A text node longer than 65,535 characters following another text node is invisible in a scrolling context
https://bugs.webkit.org/show_bug.cgi?id=237330
<rdar://problem/89645522>

Reviewed by Antti Koivisto.

Source/WebCore:

We split text content at 65536 characters (see Text::createWithLengthLimit)
InlineTextBox can only hold up to 65534 (max short unsigned) characters (unsigned short m_len { 0 };)

Arithmetic overflow produces 0 length inline text boxes and they get removed at
LegacyLineLayout::computeBlockDirectionPositionsForLine as redundant boxes.

Test: fast/text/text-overflow-over-64k.html

rendering/LegacyInlineTextBox.h: Let's just use unsigned. At this point we don't have that many

legacy inline text boxes anyway.

LayoutTests:

fast/text/text-overflow-over-64k-expected.html: Added.
fast/text/text-overflow-over-64k.html: Added.

9:30 AM Changeset in webkit [290781] by Ross Kirsling

2 edits in trunk/Source/WebKit

REGRESSION(r290776): NetworkSession::swServer depends on ENABLE(SERVICE_WORKER)
https://bugs.webkit.org/show_bug.cgi?id=237432

Unreviewed build fix.

NetworkProcess/NetworkProcess.cpp:

(WebKit::NetworkProcess::terminateRemoteWorkerContextConnectionWhenPossible):

9:25 AM Changeset in webkit [290780] by commit-queue@webkit.org

5 edits in trunk/Source/WebCore

Update IDLParser to support trailing commas in enums.
https://bugs.webkit.org/show_bug.cgi?id=232607
<rdar://problem/85189036>

Patch by Dan Glastonbury <djg@apple.com> on 2022-03-03
Reviewed by Sam Weinig.

Now compatible with the grammar specified by [1].

[1] https://webidl.spec.whatwg.org/#prod-EnumValueListComma

bindings/scripts/IDLParser.pm:

(parseEnumValues):

bindings/scripts/test/JS/JSTestObj.cpp:

(WebCore::convertEnumerationToString):
(WebCore::convertEnumerationToJS):
(WebCore::parseEnumeration<TestObj::EnumTrailingComma>):
(WebCore::expectedEnumerationValues<TestObj::EnumTrailingComma>):

bindings/scripts/test/JS/JSTestObj.h:
bindings/scripts/test/TestObj.idl:

9:24 AM Changeset in webkit [290779] by Antti Koivisto

11 edits in trunk/Source/WebCore

Simplify pseudo element resolution
https://bugs.webkit.org/show_bug.cgi?id=237413

Reviewed by Antoine Quint.

Remove ElementUpdates struct with a map that contains pseudo element updates.
Instead use a single ElementUpdate struct and pass the pseudo element styles
as cached pseudo styles of the element RenderStyle. Previously RenderTreeUpdater
would move them there.

rendering/updating/RenderTreeUpdater.cpp:

(WebCore::RenderTreeUpdater::Parent::Parent):
(WebCore::RenderTreeUpdater::updateRenderTree):
(WebCore::RenderTreeUpdater::pushParent):
(WebCore::RenderTreeUpdater::popParent):
(WebCore::RenderTreeUpdater::updateBeforeDescendants):
(WebCore::RenderTreeUpdater::updateAfterDescendants):
(WebCore::RenderTreeUpdater::updateElementRenderer):

rendering/updating/RenderTreeUpdater.h:
rendering/updating/RenderTreeUpdaterGeneratedContent.cpp:

(WebCore::RenderTreeUpdater::GeneratedContent::updatePseudoElement):
(WebCore::RenderTreeUpdater::GeneratedContent::needsPseudoElement):

rendering/updating/RenderTreeUpdaterGeneratedContent.h:
style/StyleTreeResolver.cpp:

(WebCore::Style::TreeResolver::computeDescendantsToResolve):
(WebCore::Style::TreeResolver::resolveElement):
(WebCore::Style::TreeResolver::shouldResolveElement):
(WebCore::Style::TreeResolver::resetDescendantStyleRelations):
(WebCore::Style::TreeResolver::resolveComposedTree):
(WebCore::Style::computeDescendantsToResolve): Deleted.
(WebCore::Style::shouldResolveElement): Deleted.
(WebCore::Style::resetDescendantStyleRelations): Deleted.

style/StyleTreeResolver.h:
style/StyleUpdate.cpp:

(WebCore::Style::Update::elementUpdate const):
(WebCore::Style::Update::elementUpdate):
(WebCore::Style::Update::elementStyle const):
(WebCore::Style::Update::elementStyle):
(WebCore::Style::Update::addElement):
(WebCore::Style::Update::elementUpdates const): Deleted.
(WebCore::Style::Update::elementUpdates): Deleted.

style/StyleUpdate.h:

8:57 AM Changeset in webkit [290778] by youenn@apple.com

6 edits
2 adds in trunk

macOS Safari 15.2 Audio Echo Issue after camera pause/unpause
https://bugs.webkit.org/show_bug.cgi?id=235544
<rdar://problem/88297045>

Reviewed by Eric Carlson.

Source/WebCore:

After https://commits.webkit.org/r275600, the muted state of MediaPlayer would be set to the page muted state
without taking into consideration HTMLMediaElement.muted.
Update the call site to use effectiveMuted instead.
Add internals API to write a corresponding layout test.

Test: fast/mediastream/mediastreamtrack-audiovideo-mutepage.html

html/HTMLMediaElement.cpp:
testing/Internals.cpp:
testing/Internals.h:
testing/Internals.idl:

LayoutTests:

fast/mediastream/mediastreamtrack-audiovideo-mutepage-expected.txt: Added.
fast/mediastream/mediastreamtrack-audiovideo-mutepage.html: Added.

8:53 AM Changeset in webkit [290777] by Jonathan Bedard

3 edits in trunk/Tools

[Python-3] Invoke webkit-patch with Python 3 by default (Follow-up fix)
https://bugs.webkit.org/show_bug.cgi?id=231591
<rdar://problem/84153640>

Unreviewed follow-up fix.

Scripts/webkitpy/tool/commands/download.py:

(AbstractRevertPrepCommand._prepare_state): Reason may be spread accross multiple arguments.

Scripts/webkitpy/tool/commands/download_unittest.py:

8:09 AM Changeset in webkit [290776] by Chris Dumez

22 edits in trunk

REGRESSION(r290356-r290351?): [ iOS EWS ] 3 imported/w3c/web-platform-tests/service-workers/service-worker/* tests are constant text failures.
https://bugs.webkit.org/show_bug.cgi?id=237160
<rdar://problem/89440067>

Reviewed by Youenn Fablet.

LayoutTests/imported/w3c:

Rebaseline test that is now passing.

web-platform-tests/service-workers/service-worker/fetch-request-no-freshness-headers.https-expected.txt:

Source/WebCore:

In r290352, I made a change so that the service worker is more likely to launch in the WebContent
process that caused it to launch. This is beneficial for performance and memory usage.

The partitioned-service-worker*.html service worker tests are relying on an ID variable that is
randomly generated inside the service worker and they expect this ID to not change during the
duration of the test. This means that if the service worker exits / relaunches, those tests start
failing because the ID changes.

The issue is that we have logic in WebProcessProxy::didStartProvisionalLoadForMainFrame() that
terminates the service workers running inside the WebProcess if a new eTLD+1 page is loaded inside
the process. We do so to try and achieve better process isolation between different sites. The
issue is that those tests launch a service worker and then open a new cross-site popup. When the
cross-site popup loads inside the same process, we'd make the decision to terminate the service
workers in this process and relaunch them in a new clean one, causing the tests to fail.

While it is true per the specification that service workers can be terminated / relaunched at
almost any point, there are exceptions. In particular, we should keep a service worker running
if it still has pending extendable events. For this reason, the tests rely on FetchEvent.waitUntil()
to keep the service worker running. Sadly, we would not obey that in this case.

To address the issue, we no longer unconditionally close the service worker context connection
when a WebProcess loads a new eTLD+1. Instead, we tell the network process to close that connection
as soon as possible. When the network process receives this IPC, it terminates the context
connection ONLY if the service workers using the connection have no pending events. If we cannot
close the context connection right away, we set a flag on the context connection to indicate that
we should close it as soon as possible. Currently, this flag is only used to close the connection
right away (no 10 second delay) once the connection no longer has any clients. I think that, ideally,
we'd close the connection as soon as the service workers no longer have pending events. However,
this adds complexity and is error-prone so I didn't implement it in this patch and merely added a
FIXME comment. As it stands, my patch STILL relaunches service workers in origin-clean processes
in the common case. It only fails to do so in the case where there are pending service worker
events which is a case where we had the correctness bug anyway.

No new tests, unskipped existing tests.

workers/service/server/SWServer.cpp:

(WebCore::SWServer::forEachServiceWorker const):
(WebCore::SWServer::terminateContextConnectionWhenPossible):
(WebCore::SWServer::unregisterServiceWorkerClient):

workers/service/server/SWServer.h:
workers/service/server/SWServerToContextConnection.cpp:

(WebCore::SWServerToContextConnection::SWServerToContextConnection):
(WebCore::SWServerToContextConnection::server const):
(WebCore::SWServerToContextConnection::terminateWhenPossible):

workers/service/server/SWServerToContextConnection.h:

(WebCore::SWServerToContextConnection::shouldTerminateWhenPossible const):

Source/WebKit:

In r290352, I made a change so that the service worker is more likely to launch in the WebContent
process that caused it to launch. This is beneficial for performance and memory usage.

NetworkProcess/NetworkProcess.cpp:

(WebKit::NetworkProcess::terminateRemoteWorkerContextConnectionWhenPossible):

NetworkProcess/NetworkProcess.h:
NetworkProcess/NetworkProcess.messages.in:
NetworkProcess/ServiceWorker/WebSWServerToContextConnection.cpp:

(WebKit::WebSWServerToContextConnection::WebSWServerToContextConnection):
(WebKit::WebSWServerToContextConnection::~WebSWServerToContextConnection):
(WebKit::WebSWServerToContextConnection::postMessageToServiceWorkerClient):
(WebKit::WebSWServerToContextConnection::close):

NetworkProcess/ServiceWorker/WebSWServerToContextConnection.h:
NetworkProcess/SharedWorker/WebSharedWorkerServer.cpp:

(WebKit::WebSharedWorkerServer::terminateContextConnectionWhenPossible):

NetworkProcess/SharedWorker/WebSharedWorkerServer.h:
NetworkProcess/SharedWorker/WebSharedWorkerServerToContextConnection.cpp:

(WebKit::WebSharedWorkerServerToContextConnection::removeSharedWorkerObject):

NetworkProcess/SharedWorker/WebSharedWorkerServerToContextConnection.h:
UIProcess/Network/NetworkProcessProxy.cpp:

(WebKit::NetworkProcessProxy::terminateRemoteWorkerContextConnectionWhenPossible):

UIProcess/Network/NetworkProcessProxy.h:
UIProcess/WebProcessProxy.cpp:

(WebKit::WebProcessProxy::didStartProvisionalLoadForMainFrame):

LayoutTests:

Unskip tests that are no longer failing.

platform/ios/TestExpectations:

7:22 AM Changeset in webkit [290775] by Adrian Perez de Castro

7 edits in trunk/Source

Non-unified build fixes, early March 2022 edition
https://bugs.webkit.org/show_bug.cgi?id=237420

Unreviewed non-unified build fixes.

Source/JavaScriptCore:

llint/LLIntExceptions.h: Add forward declaration for WasmInstruction.

Source/WebCore:

inspector/agents/InspectorDOMDebuggerAgent.h: Add forward declaration for ScriptExecutionContext.

Source/WebKit:

UIProcess/API/APIDataTask.cpp: Add missing inclusion of DataReference.h, remove

"#pragma once" from non-header file.

UIProcess/API/APIDataTaskClient.h: Add missing inclusion of DataReference.h.

5:09 AM Changeset in webkit [290774] by Martin Robinson

9 edits
21 adds in trunk/LayoutTests

Update WPT css-scroll-snap tests
https://bugs.webkit.org/show_bug.cgi?id=237358

Reviewed by Manuel Rego Casasnovas.

LayoutTests/imported/w3c:

resources/import-expectations.json:
resources/resource-files.json:
web-platform-tests/css/css-scroll-snap/capturing-snap-positions-expected.txt: Added.
web-platform-tests/css/css-scroll-snap/capturing-snap-positions.html: Added.
web-platform-tests/css/css-scroll-snap/input/keyboard.html:
web-platform-tests/css/css-scroll-snap/input/mouse-wheel-expected.txt: Added.
web-platform-tests/css/css-scroll-snap/input/mouse-wheel.html: Added.
web-platform-tests/css/css-scroll-snap/input/snap-area-overflow-boundary-expected.txt: Added.
web-platform-tests/css/css-scroll-snap/input/snap-area-overflow-boundary.html: Added.
web-platform-tests/css/css-scroll-snap/input/w3c-import.log:
web-platform-tests/css/css-scroll-snap/no-red-ref.html: Added.
web-platform-tests/css/css-scroll-snap/scroll-snap-root-001-ref.html: Added.
web-platform-tests/css/css-scroll-snap/scroll-snap-root-002-ref.html: Added.
web-platform-tests/css/css-scroll-snap/scroll-target-001-ref.html: Added.
web-platform-tests/css/css-scroll-snap/scroll-target-margin-005-expected.txt: Added.
web-platform-tests/css/css-scroll-snap/scroll-target-margin-005.html: Added.
web-platform-tests/css/css-scroll-snap/selection-target-expected.txt: Added.
web-platform-tests/css/css-scroll-snap/selection-target.html: Added.
web-platform-tests/css/css-scroll-snap/snap-after-initial-layout/scroll-snap-initial-layout-000-ref.html: Added.
web-platform-tests/css/css-scroll-snap/snap-after-initial-layout/scroll-snap-writing-mode-000-ref.html: Added.
web-platform-tests/css/css-scroll-snap/snap-after-initial-layout/snap-after-initial-layout-ref.html: Added.
web-platform-tests/css/css-scroll-snap/snap-after-initial-layout/w3c-import.log:
web-platform-tests/css/css-scroll-snap/support/common.js:

(waitForAnimationEnd.):
(waitForAnimationEnd):
(waitForWheelEvent):
(waitForScrollEnd):
(waitForScrollTo):

web-platform-tests/css/css-scroll-snap/w3c-import.log:

LayoutTests:

platform/glib/imported/w3c/web-platform-tests/css/css-scroll-snap/scroll-target-margin-005-expected.txt: Added.
platform/mac-wk1/imported/w3c/web-platform-tests/css/css-scroll-snap/scroll-target-margin-005-expected.txt: Added.

3:06 AM Changeset in webkit [290773] by Alan Bujtas

2 edits in trunk/Source/WebCore

REGRESSION (r290512): imported/blink/fast/table/crash-output-element-as-column-group.html asserts sometimes
https://bugs.webkit.org/show_bug.cgi?id=237393

Reviewed by Simon Fraser.

Merging https://chromium.googlesource.com/chromium/src/+/1cfc9b9c37f43567529b09a9824d6d3a7bd9abb6%5E%21/#F2
The reason why crash-output-element-as-column-group.html crashes after r290512 is because
now we allow colgroup after the table content (thead, tbody) -prior to r290512, this test was pretty much a no-op.

rendering/RenderTableCol.cpp:

(WebCore::RenderTableCol::updateFromElement):

2:08 AM Changeset in webkit [290772] by commit-queue@webkit.org

39 edits
6 copies
2 adds in trunk

Unreviewed, reverting r290756.
https://bugs.webkit.org/show_bug.cgi?id=237412

Speedometer2

Reverted changeset:

"[css] Implement 'text-decoration' as a shorthand."
https://bugs.webkit.org/show_bug.cgi?id=237175
https://commits.webkit.org/r290756

1:51 AM Changeset in webkit [290771] by commit-queue@webkit.org

7 edits in trunk/Tools

[Python3] Switch a couple glib/flatpak scripts to Python3
https://bugs.webkit.org/show_bug.cgi?id=237377

Patch by Philippe Normand <pnormand@igalia.com> on 2022-03-03
Reviewed by Carlos Garcia Campos.

Scripts/update-webkit-flatpak: Update shebang to Python3.
Scripts/webkit-flatpak: Ditto.
glib/api_test_runner.py: Ditto.
glib/common.py: Remove useless shebang.
glib/generate-inspector-gresource-manifest.py: Update shebang to Python3.
glib/svn-revision: Ditto.

Note: See TracTimeline for information about the timeline view.

Download in other formats:

RSS Feed