Context Navigation

Use [AtomString] where appropriate in IDL files for performance. I added [AtomString] on the
IDL side whenever our C++ implementation uses AtomString.

Without this, the generated bindings code will generate a String, which will then get atomized
once passed to our implementation. This means we're doing unnecessary String allocations in
cases where the AtomString is already in the AtomStringTable.

dom/Attr.idl:
dom/Document+HTML.idl:
dom/Document.cpp: (WebCore::Document::createAttribute):
dom/Document.h:
dom/Document.idl:
dom/Element.cpp: (WebCore::Element::getAttribute const):
dom/Element.idl:
dom/ElementContentEditable.idl:
dom/Event.idl:
dom/FocusEvent.idl:
dom/FormDataEvent.idl:
dom/HashChangeEvent.idl:
dom/InputEvent.idl:
dom/KeyboardEvent.idl:
dom/MessageEvent.idl:
dom/MouseEvent.idl:
dom/MutationEvent.idl:
dom/NamedNodeMap.idl:
dom/Node.idl:
dom/OverflowEvent.idl:
dom/PageTransitionEvent.idl:
dom/PointerEvent.idl:
dom/ProgressEvent.idl:
dom/PromiseRejectionEvent.idl:
dom/SecurityPolicyViolationEvent.idl:
dom/TextEvent.idl:
dom/TouchEvent.idl:
dom/TransitionEvent.idl:
dom/UIEvent.idl:
dom/WheelEvent.idl:
html/HTMLButtonElement.idl:
html/HTMLDocument.idl:
html/HTMLElement.idl:
html/HTMLFormElement.idl:
html/HTMLImageElement.idl:
html/HTMLInputElement.idl:
html/HTMLLinkElement.idl:
html/HTMLMediaElement.idl:
html/HTMLScriptElement.idl:
html/HTMLTableCellElement.idl:
html/HTMLTrackElement.idl:
html/MediaEncryptedEvent.idl:
html/SubmitEvent.idl:
html/track/AudioTrack.idl:
html/track/AudioTrackList.idl:
html/track/TextTrack.idl:
html/track/TextTrackList.idl:
html/track/VTTRegion.idl:
html/track/VideoTrack.idl:
html/track/VideoTrackList.idl:
page/DOMWindow.idl:
page/UserMessageHandlersNamespace.idl:
storage/StorageEvent.idl:
svg/SVGAltGlyphElement.idl:
svg/SVGStyleElement.idl:
workers/service/ExtendableEvent.idl:
workers/service/ExtendableMessageEvent.idl:
workers/service/FetchEvent.idl:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@292854 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:39 PM Changeset in webkit [293080] by Alan Coon

13 edits
2 adds in branches/safari-613-branch

Cherry-pick r292274. rdar://problem/80544133

[Cocoa] Automatically relayout the page when new fonts are installed
https://bugs.webkit.org/show_bug.cgi?id=238483
<rdar://problem/80544133>

Reviewed by Chris Dumez.

Source/WebCore:

This patch simply calls setNeedsRecalcStyleInAllFrames on every Page when we receive a
kCTFontManagerRegisteredFontsChangedNotification.

FontCache::invalidateAllFontCaches() can't do this directly because it's in platform/ and
therefore isn't allowed to know what Pages are. Instead, this patch takes a process-global
callback and calls that instead. This callback is set at initialization time.

Test: fast/text/install-font-style-recalc.html

page/Page.cpp: (WebCore::m_contentSecurityPolicyModeForExtension): (WebCore::Page::firstTimeInitialization):
page/Page.h:
platform/graphics/FontCache.cpp: (WebCore::Function<void): (WebCore::FontCache::registerFontCacheInvalidationCallback): (WebCore::FontCache::invalidateAllFontCaches):
platform/graphics/FontCache.h:

Tools:

Make TestRunner::dumpResourceLoadStatistics() clear any currently-recorded statistics.
This avoids the problem where spurious layouts during the time when the page has been created but
before the test has begun record irrelevant statistics.

WebKitTestRunner/InjectedBundle/InjectedBundle.cpp: (WTR::InjectedBundle::beginTesting): (WTR::InjectedBundle::clearResourceLoadStatistics):
WebKitTestRunner/InjectedBundle/InjectedBundle.h:
WebKitTestRunner/InjectedBundle/TestRunner.cpp: (WTR::TestRunner::dumpResourceLoadStatistics):

LayoutTests:

TestExpectations:
fast/text/install-font-style-recalc-expected.txt: Added.
fast/text/install-font-style-recalc.html: Added.
platform/ios-wk2/TestExpectations:
platform/mac-wk2/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@292274 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:39 PM Changeset in webkit [293079] by Alan Coon

8 edits
2 adds in branches/safari-613-branch

Cherry-pick r292079. rdar://problem/88512506

Don't mutate children during RenderGrid::computeIntrinsicLogicalWidths unless we're about to re-layout.
https://bugs.webkit.org/show_bug.cgi?id=237732

Reviewed by Dean Jackson.

Source/WebCore:

Test: fast/css-grid-layout/compute-intrinsic-logical-widths-should-not-mutate-children.html

rendering/GridTrackSizingAlgorithm.cpp: (WebCore::GridTrackSizingAlgorithm::gridAreaBreadthForChild const): (WebCore::GridTrackSizingAlgorithm::advanceNextState): (WebCore::GridTrackSizingAlgorithm::isValidTransition const):
rendering/GridTrackSizingAlgorithm.h:
rendering/RenderGrid.cpp: (WebCore::RenderGrid::layoutBlock): (WebCore::RenderGrid::computeIntrinsicLogicalWidths const):
rendering/RenderGrid.h:

computeIntrinsicLogicalWidths can re-layout children (via performGridItemsPreLayout, as well as during
the track sizing algorithm), and does so using the estimated track sizes. This can be incorrect, and if
we're not about to do a full layout on this RenderGrid, it can leave the children in an invalid state.

This caches the intrinsic sizes when we do a full layout, so that we can use these values instead when
we just want to query the RenderGrid without mutating anything.

LayoutTests:

Don't mutate children during computeIntrinsicWidth

TestExpectations:
fast/css-grid-layout/compute-intrinsic-logical-widths-should-not-mutate-children-expected.html: Added.
fast/css-grid-layout/compute-intrinsic-logical-widths-should-not-mutate-children.html: Added.
platform/ios/TestExpectations:

Marked existing WPT as passing on MacOS (since we run layout multiple times there).
Added new test for this implementation-specific bug.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@292079 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:39 PM Changeset in webkit [293078] by Alan Coon

16 edits
2 adds in branches/safari-613-branch

Cherry-pick r291759. rdar://problem/89589891

[iOS] WebKit app is sometimes not "Now Playing" during initial playback
https://bugs.webkit.org/show_bug.cgi?id=236993
<rdar://88827167>

Reviewed by Eric Carlson.

Source/WebCore:

Test: media/audio-session-category-at-most-recent-playback.html

Recently, we have added the concept of "preparingToPlay" to PlatformMediaSession to allow
the correct category to be set if updateSessionState() is called after playback is allowed
by the MediaSessionManager, but before playback is actually started by the media element.
However, this depends on updateSessionState() being called synchronously during playback.
We disabled this synchronous update in r269077 due to the large runtime cost when a large
number of media elements are created (but not used) at once.

Relax this asynchronous update in the case where the state is moving to "Playing", which
ensures that the correct AudioSessionCategory is set before playback starts, rather than
immediately afterward.

To support testing that the category was correctly set before playback started, add an
ivar to HTMLMediaElement that is set to the current AudioSessionCategory immediately before
the media element instructs the MediaPlayer to start playback. Expose this ivar to Internals.

Drive-by fixes: AudioSession::CategoryType cannot be forward declared, as it is a public
member of a class. Allow the enum to be forward declared by moving the declaration outside
the class, but allow current uses of the enum to continue by typedefing it inside the class
to the original enum name. Add an IDL enumeration matching the AudioSession one in Interals.idl
and convert the existing audioSessionCategory() call to use the new enumeration.

(Unforunately in the case where USE_AUDIO_SESSION is not set, the enumeration must be re-
declared. This can be removed and the entire implementation wrapped in a USE() check, once
the bindings generator is extended to allow "Conditional="-style attributes for USE checks.)

The added test is flakey due to a previous change which would keep the MediaSession category
in "MediaPlayback" for up to 2s after playback ends. To counteract this flakiness, reset the
state of the PlatformMediaSessionManager between tests.

html/HTMLMediaElement.cpp: (WebCore::m_categoryAtMostRecentPlayback): (WebCore::HTMLMediaElement::playPlayer): (WebCore::m_logIdentifier): Deleted.
html/HTMLMediaElement.h: (WebCore::HTMLMediaElement::categoryAtMostRecentPlayback const):
platform/audio/AudioSession.h:
platform/audio/PlatformMediaSessionManager.cpp: (WebCore::PlatformMediaSessionManager::sessionStateChanged):
platform/audio/PlatformMediaSessionManager.h: (WebCore::PlatformMediaSessionManager::resetSessionState):
platform/audio/cocoa/MediaSessionManagerCocoa.h:
platform/audio/cocoa/MediaSessionManagerCocoa.mm: (WebCore::MediaSessionManagerCocoa::resetSessionState):
testing/Internals.cpp: (WebCore::Internals::resetToConsistentState):
testing/Internals.cpp: (WebCore::Internals::audioSessionCategory const): (WebCore::Internals::categoryAtMostRecentPlayback const):
testing/Internals.h:
testing/Internals.idl:

LayoutTests:

Fix the audio-session-category test. Creating the oscilator actually does change the
AudioSession category to "Ambient", but (previously) only in the next run loop, so a
synchronous test that the AudioSession category is "None" succeeds. Now that starting
playback (as happens when creating an audio node) changes the AudioSession synchronously,
the test begins failing.

media/audio-session-category-at-most-recent-playback-expected.txt: Added.
media/audio-session-category-at-most-recent-playback.html: Added.
media/audio-session-category-expected.txt:
media/audio-session-category.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@291759 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:38 PM Changeset in webkit [293077] by Alan Coon

5 edits in branches/safari-613-branch/Source/WebCore

Cherry-pick r290997. rdar://problem/79950080

[iOS] Flash media controls when a fullscreen video resets its source
https://bugs.webkit.org/show_bug.cgi?id=237493

Reviewed by Jer Noble.

Source/WebCore:

Some pages reset the fullscreen video's source when a user rotates the device.
The screen will become black for a while, and users might think the player is broken.
With this patch, the player will show the media controls for 1 second when the source
is changed, so that users will know the player is working.

platform/ios/VideoFullscreenInterfaceAVKit.h:
platform/ios/VideoFullscreenInterfaceAVKit.mm: _presentingViewController is only used for watchOS. (-[WebAVPlayerViewController flashPlaybackControlsWithDuration:]): (VideoFullscreenInterfaceAVKit::setPlayerIdentifier):

Source/WebCore/PAL:

pal/spi/cocoa/AVKitSPI.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@290997 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:38 PM Changeset in webkit [293076] by Alan Coon

20 edits
4 adds in branches/safari-613-branch/Source

Cherry-pick r289531. rdar://problem/88023949

Introduce SignedPtrTraits which enables Ref pointers to be protected with PtrTags.
https://bugs.webkit.org/show_bug.cgi?id=235588
rdar://88023849

Patch by Gavin Phillips <gavin.p@apple.com> on 2022-02-10
Reviewed by Mark Lam.

Create and adopt SignedPtrTraits which can be used to apply and verify PtrTag signatures
to pointers stored in and tracked by WTF:Ref.

Source/WebCore:

bindings/js/JSDOMWrapper.h: (WebCore::JSDOMWrapper::wrapped const): (WebCore::JSDOMWrapper::offsetOfWrapped): (WebCore::JSDOMWrapper::hasCustomPtrTraits):
bindings/scripts/CodeGeneratorJS.pm: (GetParentClassName): (GetImplClassPtrTag): (GenerateHeader): (GetTaggedWrapperForInterface):
bindings/scripts/IDLAttributes.json:
bindings/scripts/test/BindingTestGlobalConstructors.idl:
bindings/scripts/test/JS/JSTestGlobalObject.cpp: (WebCore::jsTestGlobalObject_TestTaggedWrapperConstructorGetter): (WebCore::JSC_DEFINE_CUSTOM_GETTER):
bindings/scripts/test/JS/JSTestTaggedWrapper.cpp: Added. (WebCore::JSTestTaggedWrapperDOMConstructor::prototypeForStructure): (WebCore::JSTestTaggedWrapperDOMConstructor::initializeProperties): (WebCore::JSTestTaggedWrapperPrototype::finishCreation): (WebCore::JSTestTaggedWrapper::JSTestTaggedWrapper): (WebCore::JSTestTaggedWrapper::finishCreation): (WebCore::JSTestTaggedWrapper::createPrototype): (WebCore::JSTestTaggedWrapper::prototype): (WebCore::JSTestTaggedWrapper::getConstructor): (WebCore::JSTestTaggedWrapper::destroy): (WebCore::JSC_DEFINE_CUSTOM_GETTER): (WebCore::JSTestTaggedWrapper::subspaceForImpl): (WebCore::JSTestTaggedWrapper::analyzeHeap): (WebCore::JSTestTaggedWrapperOwner::isReachableFromOpaqueRoots): (WebCore::JSTestTaggedWrapperOwner::finalize): (WebCore::toJSNewlyCreated): (WebCore::toJS): (WebCore::JSTestTaggedWrapper::toWrapped):
bindings/scripts/test/JS/JSTestTaggedWrapper.h: Added. (WebCore::JSTestTaggedWrapper::create): (WebCore::JSTestTaggedWrapper::createStructure): (WebCore::JSTestTaggedWrapper::subspaceFor): (WebCore::wrapperOwner): (WebCore::wrapperKey): (WebCore::toJS): (WebCore::toJSNewlyCreated):
bindings/scripts/test/SupplementalDependencies.dep:
bindings/scripts/test/TestTaggedWrapper.idl: Added.
css/DOMMatrixReadOnly.idl:
dom/DOMPointReadOnly.idl:
dom/DOMQuad.idl:
dom/DOMRectReadOnly.idl:
domjit/JSDocumentDOMJIT.cpp: (WebCore::compileDocumentDocumentElementAttribute): (WebCore::compileDocumentBodyAttribute):
domjit/JSNodeDOMJIT.cpp: (WebCore::createCallDOMGetterForOffsetAccess): (WebCore::compileNodeOwnerDocumentAttribute):
html/TimeRanges.idl:
html/canvas/OffscreenCanvasRenderingContext2D.idl:
html/canvas/PaintRenderingContext2D.idl:
svg/SVGMatrix.idl:

Source/WTF:

WTF.xcodeproj/project.pbxproj:
wtf/CMakeLists.txt:
wtf/SignedPtr.h: Added. (WTF::SignedPtr::SignedPtr): (WTF::SignedPtr::get const): (WTF::SignedPtr::set): (WTF::SignedPtr::clear): (WTF::SignedPtr::operator-> const): (WTF::SignedPtr::operator* const): (WTF::SignedPtr::operator! const): (WTF::SignedPtr::operator UnspecifiedBoolType const): (WTF::SignedPtr::operator bool const): (WTF::SignedPtr::operator=): (WTF::SignedPtr::exchange): (WTF::SignedPtr::swap): (WTF::SignedPtrTraits::exchange): (WTF::SignedPtrTraits::swap): (WTF::SignedPtrTraits::unwrap): (WTF::SignedPtrTraits::hashTableDeletedValue): (WTF::SignedPtrTraits::isHashTableDeletedValue):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@289531 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:38 PM Changeset in webkit [293075] by Alan Coon

6 edits
1 add in branches/safari-613-branch

Cherry-pick r292680. rdar://problem/91323230

The Youtube plugin replacement should only work for actual Youtube URLs
https://bugs.webkit.org/show_bug.cgi?id=239003
<rdar://91323230>

Reviewed by Brent Fulgham.

Source/WebCore:

The Youtube plugin replacement was too permissive and was falling back to using
the original URL in cases there the original URL wasn't an expected Youtube
URL. This patch hardens the plugin replacement and drops the URL if it is not
a valid youtube URL instead.

Covered by new API test.

Modules/plugins/YouTubePluginReplacement.cpp: (WebCore::isYouTubeURL): (WebCore::processAndCreateYouTubeURL): (WebCore::YouTubePluginReplacement::youTubeURLFromAbsoluteURL):

Tools:

Add API test coverage.

TestWebKitAPI/SourcesCocoa.txt:
TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
TestWebKitAPI/Tests/WebCore/YouTubePluginReplacement.cpp: (TestWebKitAPI::test): (TestWebKitAPI::TEST_F):
TestWebKitAPI/Tests/WebKitCocoa/YoutubeReplacementPlugin.mm: Added. (TEST):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@292680 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:38 PM Changeset in webkit [293074] by Alan Coon

11 edits
2 adds in branches/safari-613-branch

Cherry-pick r292049. rdar://problem/89104216

[macOS] Muted video is sometimes paused when entering fullscreen
https://bugs.webkit.org/show_bug.cgi?id=238462
rdar://89104216

Reviewed by Jer Noble.

Source/WebCore:

Test: media/fullscreen-when-muted.html

html/HTMLMediaElement.cpp: (WebCore::HTMLMediaElement::didMoveToNewDocument): Add logging. (WebCore::HTMLMediaElement::elementIsHidden const): Consider both element fullscreen and video fullscreen. (WebCore::HTMLMediaElement::visibilityStateChanged): Use elementIsHidden. (WebCore::HTMLMediaElement::shouldOverrideBackgroundPlaybackRestriction const): Add logging for the one case that didn't have it. (WebCore::HTMLMediaElement::updateMediaPlayer): New, wrap MediaPlayer functions that are called frequently by RenderVideo so we can only call them when necessary.
html/HTMLMediaElement.h: (WebCore::HTMLMediaElement::elementIsHidden const): Deleted.

html/MediaElementSession.cpp: (WebCore::MediaElementSession::visibilityChanged): Just use elementIsHidden, it already accounts for fullscreen.

platform/graphics/MediaPlayer.cpp: (WebCore::MediaPlayer::setVisibleInViewport): Do nothing when visibility is not changing.

platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm: (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::setPageIsVisible): Add logging.

rendering/RenderVideo.cpp: (WebCore::RenderVideo::updatePlayer): Call HTMLMediaElement::updateMediaPlayer instead of calling MediaPlayer directly.

Source/WebKit:

WebProcess/GPU/media/MediaPlayerPrivateRemote.cpp: (WebKit::MediaPlayerPrivateRemote::setPageIsVisible): Track visibility and do nothing when it doesn't change. (WebKit::MediaPlayerPrivateRemote::setShouldMaintainAspectRatio): Ditto for aspect ratio.
WebProcess/GPU/media/MediaPlayerPrivateRemote.h:

LayoutTests:

media/fullscreen-when-muted-expected.txt: Added.
media/fullscreen-when-muted.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@292049 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:38 PM Changeset in webkit [293073] by Alan Coon

3 edits in branches/safari-613-branch/Source/WebKit

Cherry-pick r292044. rdar://problem/86662565

Don't send sync RemoteMediaPlayerProxy messages that we know will fail
https://bugs.webkit.org/show_bug.cgi?id=238467
rdar://86662565

Reviewed by Jer Noble.

WebProcess/GPU/media/MediaPlayerPrivateRemote.cpp: (WebKit::MediaPlayerPrivateRemote::videoFrameForCurrentTime): Return early if readyState is less than HaveCurrentData, or if the first frame is not available.

WebProcess/GPU/media/cocoa/MediaPlayerPrivateRemoteCocoa.mm: (WebKit::MediaPlayerPrivateRemote::nativeImageForCurrentTime): Ditto. (WebKit::MediaPlayerPrivateRemote::colorSpace): Ditto.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@292044 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:38 PM Changeset in webkit [293072] by Alan Coon

6 edits in branches/safari-613-branch

Cherry-pick r291606. rdar://problem/91446317

Website policies are not respected when doing COOP based process swap
https://bugs.webkit.org/show_bug.cgi?id=238036
<rdar://89616625>

Reviewed by Chris Dumez.

Source/WebKit:

In case of normal process swap, we make use of website policies so everything is fine.
For COOP based process swap, this happens later on, at a point where we lost website policies.
To overcome this, we store the website policies used by a navigation inside the API::Navigation object.
It is used by continueNavigationInNewProcess to correctly initialize the new WebPage website policies.
We then set the website policies in the navigation object just before continuing the load in the same process,
as process swap may happen later when inspecting the response.
Minor refactoring in continueNavigationInNewProcess to get the policies directly from the given Navigation object.
Minor refactoring in receivedNavigationPolicyDecision to make the code doing process swap clearer.

Covered by API test.

UIProcess/API/APINavigation.h: (API::Navigation::setWebsitePoliciesForProcessSwap): (API::Navigation::takeWebsitePoliciesForProcessSwap):
UIProcess/WebPageProxy.cpp: (WebKit::WebPageProxy::receivedNavigationPolicyDecision): (WebKit::WebPageProxy::receivedPolicyDecision): (WebKit::WebPageProxy::continueNavigationInNewProcess): (WebKit::WebPageProxy::triggerBrowsingContextGroupSwitchForNavigation):
UIProcess/WebPageProxy.h:

Tools:

TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@291606 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:38 PM Changeset in webkit [293071] by Alan Coon

19 edits
3 adds in branches/safari-613-branch

Cherry-pick r291589. rdar://problem/90511155

LayoutTests/imported/w3c:
BroadcastChannel instances in distinct opaque origins can communicate
https://bugs.webkit.org/show_bug.cgi?id=238090
<rdar://problem/90511155>

Reviewed by Alex Christensen.

Import web-platform-tests test coverage.

web-platform-tests/webmessaging/broadcastchannel/opaque-origin-expected.txt: Added.
web-platform-tests/webmessaging/broadcastchannel/opaque-origin.html: Added.
web-platform-tests/webmessaging/broadcastchannel/w3c-import.log:

Source/WebCore:
BroadcastChannel instances in distinct opaque origins can communicate
https://bugs.webkit.org/show_bug.cgi?id=238090
<rdar://problem/90511155>

Reviewed by Alex Christensen.

The issue is that we would use a ClientOrigin to distinguish origins for BroadcastChannel,
which relies on SecurityOriginData internally. A unique/opaque SecurityOrigin becomes an empty
SecurityOriginData upon conversion. As a result, when comparing ClientOrigin objects from
unique SecurityOrigins, they would compare as equal.

To address the issue, I introduced a new PartitionedSecurityOrigin type which is similar
to ClientOrigin but stores SecurityOrigin objects internally, instead of SecurityOriginData
objects. PartitionedSecurityOrigin's operator==() is such that different SecurityOrigins
would not be equal but the same unique SecurityOrigin would be. I then used this new
PartitionedSecurityOrigin type as key in our HashMap on the WebProcess side instead of
ClientOrigin. This allows communication between several BroadcastChannels from the same
unique origin, while preventing communication between distinct opaque origins.

When the PartitionedSecurityOrigin contains an opaque security origin, we don't involve
the Network Process at all since the destination can only be in the same WebProcess.

Test: imported/w3c/web-platform-tests/webmessaging/broadcastchannel/opaque-origin.html

Headers.cmake:
WebCore.xcodeproj/project.pbxproj:
dom/BroadcastChannel.cpp: (WebCore::shouldPartitionOrigin): (WebCore::BroadcastChannel::MainThreadBridge::registerChannel): (WebCore::BroadcastChannel::MainThreadBridge::unregisterChannel): (WebCore::BroadcastChannel::MainThreadBridge::postMessage):
dom/BroadcastChannelRegistry.h:
loader/EmptyClients.cpp:
page/PartitionedSecurityOrigin.h: Added. (WebCore::PartitionedSecurityOrigin::PartitionedSecurityOrigin): (WebCore::PartitionedSecurityOrigin::isHashTableDeletedValue const): (WebCore::PartitionedSecurityOrigin::isHashTableEmptyValue const): (WebCore::operator==): (WTF::add): (WTF::PartitionedSecurityOriginHash::hash): (WTF::PartitionedSecurityOriginHash::equal): (WTF::HashTraits<WebCore::PartitionedSecurityOrigin>::emptyValue): (WTF::HashTraits<WebCore::PartitionedSecurityOrigin>::constructEmptyValue): (WTF::HashTraits<WebCore::PartitionedSecurityOrigin>::isEmptyValue): (WTF::HashTraits<WebCore::PartitionedSecurityOrigin>::peek): (WTF::HashTraits<WebCore::PartitionedSecurityOrigin>::take):

Source/WebKit:
BroadcastChannel instances in distinct opaque origins can communicate
https://bugs.webkit.org/show_bug.cgi?id=238090
<rdar://problem/90511155>

Reviewed by Alex Christensen.

The issue is that we would use a ClientOrigin to distinguish origins for BroadcastChannel,
which relies on SecurityOriginData internally. A unique/opaque SecurityOrigin becomes an empty
SecurityOriginData upon conversion. As a result, when comparing ClientOrigin objects from
unique SecurityOrigins, they would compare as equal.

To address the issue, I introduced a new PartitionedSecurityOrigin type which is similar
to ClientOrigin but stores SecurityOrigin objects internally, instead of SecurityOriginData
objects. PartitionedSecurityOrigin's operator==() is such that different SecurityOrigins
would not be equal but the same unique SecurityOrigin would be. I then used this new
PartitionedSecurityOrigin type as key in our HashMap on the WebProcess side instead of
ClientOrigin. This allows communication between several BroadcastChannels from the same
unique origin, while preventing communication between distinct opaque origins.

When the PartitionedSecurityOrigin contains an opaque security origin, we don't involve
the Network Process at all since the destination can only be in the same WebProcess.

WebProcess/WebCoreSupport/WebBroadcastChannelRegistry.cpp: (WebKit::toClientOrigin): (WebKit::WebBroadcastChannelRegistry::registerChannel): (WebKit::WebBroadcastChannelRegistry::unregisterChannel): (WebKit::WebBroadcastChannelRegistry::postMessage): (WebKit::WebBroadcastChannelRegistry::postMessageLocally): (WebKit::WebBroadcastChannelRegistry::postMessageToRemote): (WebKit::WebBroadcastChannelRegistry::networkProcessCrashed):
WebProcess/WebCoreSupport/WebBroadcastChannelRegistry.h:

Source/WebKitLegacy:
Dust off Mac CMake build
https://bugs.webkit.org/show_bug.cgi?id=238121

Reviewed by Yusuke Suzuki.

PlatformMac.cmake:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@291589 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:38 PM Changeset in webkit [293070] by Alan Coon

6 edits
2 adds in branches/safari-613-branch

Cherry-pick r291689. rdar://problem/88461772

REGRESSION (iOS 15.1 / r280824) QuickLook - model not loading when passing extra parameters
https://bugs.webkit.org/show_bug.cgi?id=236069
<rdar://problem/88461772>

Reviewed by Darin Adler.

Source/WebCore:

To extend the lifetime of Blob objects while loading/downloading is pending, we rely to
BlobURLHandle objects, which tell the NetworkProcess that we still need this blob data,
even if the corresponding Blob object gets GC'd by JS. The issue here is that the load
was not using the vanilla blob URL but was intead appending a fragment to the URL. As
a result, BlobRegistryImpl::registerBlobURLHandle() would fail to look up the
corresponding blob data and would fail to extend its lifetime.

To address the issue, BlobRegistryImpl::registerBlobURLHandle() / unregisterBlobURLHandle()
now strip fragments from the blob URL, similarly to what was already done inside
BlobRegistryImpl::getBlobDataFromURL().

Test: fast/files/blob-with-fragment-as-frame-url.html

platform/network/BlobRegistryImpl.cpp: (WebCore::blobURLWithoutFragment): (WebCore::BlobRegistryImpl::registerBlobURLHandle): (WebCore::BlobRegistryImpl::unregisterBlobURLHandle):

Source/WebKit:

Fix theoretical blob data leak. A WebContent process could create several BlobURLHandles for
the same blob URL. This would result in several calls to NetworkConnectionToWebProcess::registerBlobURLHandle()
for the same URL and several calls to to BlobRegistryImpl::registerBlobURLHandle() for the
same URL as well. BlobRegistryImpl is using a HashCountedSet for m_blobReferences in order
to deal with this fact. However, NetworkConnectionToWebProcess was using a simple HashSet
for m_blobURLHandles. As a result, if the WebContent process would exit and didClose()
would get called, the NetworkConnectionToWebProcess may call BlobRegistryImpl::unregisterBlobURLHandle()
only once even though the WebContent process had several handles for this URL, which would
not fully remove the URL from BlobRegistryImpl's HashCountedSet. To address the issue,
NetworkConnectionToWebProcess::m_blobURLHandles is now a HashCountedSet too and we call
BlobRegistryImpl::unregisterBlobURLHandle() as many times as needed in didClose().

NetworkProcess/NetworkConnectionToWebProcess.cpp: (WebKit::NetworkConnectionToWebProcess::didClose):
NetworkProcess/NetworkConnectionToWebProcess.h:

LayoutTests:

Add layout test coverage.

fast/files/blob-with-fragment-as-frame-url-expected.txt: Added.
fast/files/blob-with-fragment-as-frame-url.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@291689 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:38 PM Changeset in webkit [293069] by Alan Coon

8 edits in branches/safari-613-branch/Source/WebKit

Cherry-pick r291371. rdar://problem/72058321

CoreIPC Hardening: Add user gesture check when saving images
https://bugs.webkit.org/show_bug.cgi?id=237839
<rdar://72058321>

Reviewed by Chris Dumez.

Add check to confirm that attempts to store images in the user's Photo
Library and attempts to store data in the pasteboard were triggered by
a user gesture.

UIProcess/WebPageProxy.cpp: (WebKit::WebPageProxy::writePromisedAttachmentToPasteboard): Message check the authorization token before performing the write.
UIProcess/WebPageProxy.h:
UIProcess/WebPageProxy.messages.in:
UIProcess/ios/WebPageProxyIOS.mm: (WebKit::WebPageProxy::isValidPerformActionOnElementAuthorizationToken const): Added. (WebKit::WebPageProxy::performActionOnElement): Added. (WebKit::WebPageProxy::saveImageToLibrary): Message check the authorization token before performing the save.
WebProcess/WebPage/WebPage.h:
WebProcess/WebPage/WebPage.messages.in:
WebProcess/WebPage/ios/WebPageIOS.mm: (WebKit::WebPage::performActionOnElement):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@291371 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:38 PM Changeset in webkit [293068] by Alan Coon

3 edits
2 adds in branches/safari-613-branch

Cherry-pick r291281. rdar://problem/90245637

Crash in KeyframeList.cpp:183 in WebCore::KeyframeList::fillImplicitKeyframes
https://bugs.webkit.org/show_bug.cgi?id=237858

Reviewed by Antoine Quint.

Source/WebCore:

When filling implicit key frames, we iterate through the current keyframes (m_keyframes),
and cache the address of the implicitZeroKeyframe and implicitOneKeyframe.

However, if we're not provided with an existing implicit zero keyframe, we will create a new one
and insert it to the list of current keyframes.

This mutates m_keyframes and the old address for the implicitOneKeyframe would no longer be valid.
Thus we should iterate through the current keyframes, after the insertion, to get the latest address.

Test: animations/fill-implicit-keyframes-crash.html

rendering/style/KeyframeList.cpp: (WebCore::KeyframeList::fillImplicitKeyframes):

LayoutTests:

animations/fill-implicit-keyframes-crash-expected.txt: Added.
animations/fill-implicit-keyframes-crash.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@291281 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:38 PM Changeset in webkit [293067] by Alan Coon

8 edits
2 adds in branches/safari-613-branch

Cherry-pick r290201. rdar://problem/88672183

REGRESSION (r287524): hihello.me does not show sliding sheet at the bottom of the page
https://bugs.webkit.org/show_bug.cgi?id=236838
rdar://88672183

Reviewed by Dean Jackson.

LayoutTests/imported/w3c:

Add new WPT tests to check we correctly compute implicit keyframes when a 0% and/or 100% keyframe
is defined but only specifies a timing function. One test checks the output of getKeyframes() and
the other that we correctly account for the implicit vaues when computing styles.

web-platform-tests/css/css-animations/KeyframeEffect-getKeyframes.tentative-expected.txt:
web-platform-tests/css/css-animations/KeyframeEffect-getKeyframes.tentative.html:
web-platform-tests/css/css-animations/animation-multiple-from-to-keyframes-with-only-timing-function-expected.txt: Added.
web-platform-tests/css/css-animations/animation-multiple-from-to-keyframes-with-only-timing-function.html: Added.

Source/WebCore:

When we fixed bug 234799 we fixed the behavior of keyframe deduplication in
Style::Resolver::keyframeRulesForName(). While this was a good fix, code that
relied on the KeyframeList that would eventually be yielded from that function
did not quite correctly add implicit keyframes for the 0% and 100% case in some
relatively obscure situation.

The site hihello.me made this shortcoming apparent. This site has this odd keyframe rule:

from, 60%, 75%, 90%, to {

animation-timing-function: cubic-bezier(0.215, 0.61, 0.355, 1);

}

It appears the intention of the author with this rule is to replicate the timing function
on multiple keyframes. However, this does not work. This timing function will not be used
for *anything* since if a rule is specified without an animation-timing-function value it
will use the value set on the element, not one on a different keyframe.

This also means that while there are explicit 0% and 100% keyframes, they are not adequate
to then compute implicit properties since the timing function wouldn't match the default
timing function (unless the element that those keyframes are applied to would happen to
specify that exact same timing function).

To correctly handle this, we need to do several things.

First of all, we remove the implicit keyframe code found in KeyframeEffect::getKeyframes()
and let KeyframeList::fillImplicitKeyframes() do all the work to correctly fill-in values
for properties not eplicitly specified on a 0% or 100% keyframe.

This means we need to improve that function to correctly do the task that it's supposed to
do. Now provided with a KeyframeEffect and an underlying style as parameters, for 0% and
100% it correctly:

compiles a list of implicit properties for the given keyframe
find a compatible keyframe for the implicit properties or create one
set the implicit properties on that compatible keyframe to match the values found in the underlying style

This correctly takes cares of calls to getKeyframes() as well as the generation of keyframes
passed down to RenderLayerBacking when starting an accelerated animation.

But RenderLayerBacking also had some outdated assumptions on the KeyframeList it receives.
Indeed, it would always assume that a 0% or 100% keyframe would *always* specify properties
for the animated property. That was incorrect since we correctly deduplicate keyframes and
having several 0% or 100% keyframes is perfectly valid. Now we don't give special treatment
to 0% or 100% keyframes in RenderLayerBacking::startAnimation() and always check that a keyframe
features values for the animated property before creating an animation value to send down
to GraphicsLayer.

Finally, another place we make assumptions on implicit keyframes was when resolving styles
as effects are applied in KeyframeEffect::setAnimatedPropertiesInStyle(). There we assumed
that a 0% or 100% keyframe would always qualify as a keyframe containing the animated property,
whereas the steps for resolving styles as specified by the Web Animations specification has
logic to deal with the case where we don't find a 0% or 100% keyframe with an explicit value
for the animated property. So we simplified the checks there to only ever check for an
explicit value.

This rather obscure way to specify keyframes was not previously tested by WPT, so this patch
improves the testing coverage in a way that would have caught this regression in the first place.

Test: imported/w3c/web-platform-tests/css/css-animations/animation-multiple-from-to-keyframes-with-only-timing-function.html

animation/KeyframeEffect.cpp: (WebCore::KeyframeEffect::getKeyframes): (WebCore::KeyframeEffect::setAnimatedPropertiesInStyle): (WebCore::KeyframeEffect::applyPendingAcceleratedActions):
rendering/RenderLayerBacking.cpp: (WebCore::RenderLayerBacking::startAnimation):
rendering/style/KeyframeList.cpp: (WebCore::KeyframeList::insert): (WebCore::KeyframeList::fillImplicitKeyframes):
rendering/style/KeyframeList.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@290201 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:37 PM Changeset in webkit [293066] by Alan Coon

9 edits in branches/safari-613-branch/Source

Apply patch. rdar://problem/90968659

10:37 PM Changeset in webkit [293065] by Alan Coon

3 edits in branches/safari-613-branch/Source/WebCore

Cherry-pick r291808. rdar://problem/91446363

FormDataConsumer callback happens more than once with an exception
https://bugs.webkit.org/show_bug.cgi?id=238091

In case of an error, it is not expected for the FormDataConsumer callback to happen
more than once with an exception. To avoid this, we introduce FormDataConsumer::didFail
which cancels/clears everything after reporting an error.

Reviewed by Youenn Fablet.

Modules/fetch/FormDataConsumer.cpp: (WebCore::FormDataConsumer::read): (WebCore::FormDataConsumer::consumeFile): (WebCore::FormDataConsumer::consumeBlob): (WebCore::FormDataConsumer::didFail): (WebCore::FormDataConsumer::cancel):
Modules/fetch/FormDataConsumer.h: (WebCore::FormDataConsumer::isCancelled):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@291808 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:37 PM Changeset in webkit [293064] by Alan Coon

3 edits in branches/safari-613-branch/Source/WebCore

Cherry-pick r288680. rdar://91446363

Detect failed ThreadableLoader creation in FileReaderLoader.
https://bugs.webkit.org/show_bug.cgi?id=235566

Patch by Gavin Phillips <gavin.p@apple.com> on 2022-01-27
Reviewed by Youenn Fablet.

When we fail to successfully create a ThreadableLoader in FileReaderLoader we should catch
the failure and return early.

Modules/fetch/FormDataConsumer.cpp: (WebCore::FormDataConsumer::consumeBlob):
fileapi/FileReaderLoader.cpp: (WebCore::FileReaderLoader::start):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@288680 268f45cc-cd09-0410-ab3c-d52691b4dbfc

10:31 PM Changeset in webkit [293063] by graouts@webkit.org

6 edits in trunk/Source

[model] set canonicalWebPageURL and urlFragment on ASVInlinePreview on iOS
https://bugs.webkit.org/show_bug.cgi?id=239502
rdar://87352281

Reviewed by Dean Jackson.

Source/WebCore/PAL:

Add the canonicalWebPageURL and urlFragment properties to the SPI declarations.

pal/spi/ios/SystemPreviewSPI.h:

Source/WebKit:

Set the canonicalWebPageURL and urlFragment properties on the ASVInlinePreview prior to
entering fullscreen.

UIProcess/Cocoa/ModelElementControllerCocoa.mm:

(WebKit::ModelElementController::takeModelElementFullscreen):

UIProcess/ModelElementController.h:
UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::takeModelElementFullscreen):

Canonical link: https://commits.webkit.org/249793@main

10:31 PM Changeset in webkit [293062] by commit-queue@webkit.org

5 edits in trunk/Source/WebCore

Remove unnecessary String allocations in CSSPrimitiveValue::unitTypeString
https://bugs.webkit.org/show_bug.cgi?id=239529

Patch by Alex Christensen <achristensen@webkit.org> on 2022-04-19
Reviewed by Chris Dumez.

css/CSSPrimitiveValue.cpp:

(WebCore::CSSPrimitiveValue::unitTypeString):

css/CSSPrimitiveValue.h:
css/typedom/CSSUnitValue.cpp:

(WebCore::CSSUnitValue::unit const):
(WebCore::CSSUnitValue::unitSerialization const):

css/typedom/CSSUnitValue.h:

10:16 PM Changeset in webkit [293061] by commit-queue@webkit.org

2 edits in trunk/LayoutTests

[ Release wk2 arm64 ] fast/selectors/selection-window-inactive-stroke-color.html is a flaky image-only failure
https://bugs.webkit.org/show_bug.cgi?id=228337

Unreviewed test gardening.

LayoutTests/platform/mac-wk2/TestExpectations:

Canonical link: https://commits.webkit.org/249792@main

10:11 PM Changeset in webkit [293060] by Ben Nham

17 edits in trunk

Handle public token updates in webpushd
https://bugs.webkit.org/show_bug.cgi?id=239042

Reviewed by Brady Eidson.

Source/WebCore:

When the public token associated with our push service changes, we have to invalidate all
push subscriptions, since they all derive from the public token. This is only expected to
happen in very rare cases, e.g. keychain corruption.

To implement this, we now listen for public token updates from our push service, and pass
that on to PushDatabase. PushDatabase persists the token and deletes all subscriptions on
token change if necessary.

I had to change the schema to allow for this. openAndMigrateDatabaseImpl now migrates
existing data on schema change rather than nuking the whole database so users won't lose
their existing subscriptions.

Modules/push-api/PushDatabase.cpp:

(WebCore::openAndMigrateDatabaseImpl):
(WebCore::PushDatabase::updatePublicToken):
(WebCore::PushDatabase::getPublicToken):

Source/WebKit:

Shared/WebPushDaemonConstants.h:

(WebKit::WebPushD::messageTypeSendsReply):

webpushd/ApplePushServiceConnection.mm:

(-[_WKAPSConnectionDelegate connection:didReceivePublicToken:]):
(-[_WKAPSConnectionDelegate connection:didReceiveIncomingMessage:]):

webpushd/MockPushServiceConnection.mm:

(WebPushD::MockPushServiceConnection::MockPushServiceConnection):
(WebPushD::MockPushServiceConnection::setPublicTokenForTesting):

webpushd/PushService.mm:

(WebPushD::PushService::PushService):
(WebPushD::PushService::setPublicTokenForTesting):
(WebPushD::PushService::didReceivePublicToken):

webpushd/PushServiceConnection.mm:

(WebPushD::PushServiceConnection::startListeningForPublicToken):
(WebPushD::PushServiceConnection::didReceivePublicToken):
(WebPushD::PushServiceConnection::setPublicTokenForTesting):

webpushd/WebPushDaemon.mm:

(WebPushD::Daemon::decodeAndHandleMessage):
(WebPushD::Daemon::setPublicTokenForTesting):

Tools:

Test that public token updates are handled properly at the PushDatabase and WebPushDaemon levels
Test schema migration in PushDatabase

TestWebKitAPI/Tests/WebCore/PushDatabase.cpp:

(TestWebKitAPI::createDatabaseSync):
(TestWebKitAPI::getPublicTokenSync):
(TestWebKitAPI::updatePublicTokenSync):
(TestWebKitAPI::getRecordByBundleIdentifierAndScopeSync):
(TestWebKitAPI::getRowIdentifiersSync):
(TestWebKitAPI::PushDatabaseTest::getPublicToken):
(TestWebKitAPI::PushDatabaseTest::updatePublicToken):
(TestWebKitAPI::PushDatabaseTest::getRecordByBundleIdentifierAndScope):
(TestWebKitAPI::PushDatabaseTest::getRowIdentifiers):
(TestWebKitAPI::TEST_F):
(TestWebKitAPI::TEST):
(TestWebKitAPI::createDatabaseFromStatements):

TestWebKitAPI/Tests/WebKitCocoa/WebPushDaemon.mm:

8:05 PM Changeset in webkit [293059] by Chris Dumez

84 edits in trunk/Source

Use more r-value references for Text / CharacterData classes
https://bugs.webkit.org/show_bug.cgi?id=239481

Reviewed by Sam Weinig.

Source/WebCore:

Use more r-value references for Text / CharacterData classes, which infected
a lot of the surrounding code. This avoids some ref-counting churn.

dom/CDATASection.cpp:

(WebCore::CDATASection::CDATASection):
(WebCore::CDATASection::create):
(WebCore::CDATASection::cloneNodeInternal):
(WebCore::CDATASection::virtualCreate):

dom/CDATASection.h:
dom/CharacterData.h:

(WebCore::CharacterData::CharacterData):

dom/Comment.cpp:

(WebCore::Comment::Comment):
(WebCore::Comment::create):
(WebCore::Comment::cloneNodeInternal):

dom/Comment.h:
dom/ContainerNode.cpp:

(WebCore::ContainerNode::stringReplaceAll):

dom/ContainerNode.h:
dom/DOMImplementation.cpp:

(WebCore::DOMImplementation::createHTMLDocument):

dom/DOMImplementation.h:
dom/Document.cpp:

(WebCore::Document::createTextNode):
(WebCore::Document::createComment):
(WebCore::Document::createCDATASection):
(WebCore::Document::createProcessingInstruction):
(WebCore::Document::createEditingTextNode):
(WebCore::Document::setTitle):

dom/Document.h:
dom/Element.cpp:

(WebCore::Element::insertAdjacentText):

dom/Element.h:
dom/ImageOverlay.cpp:

(WebCore::ImageOverlay::installImageOverlayStyleSheet):
(WebCore::ImageOverlay::updateSubtree):

dom/Node.cpp:

(WebCore::Node::convertNodesOrStringsIntoNode):
(WebCore::Node::setTextContent):

dom/Node.h:
dom/ProcessingInstruction.cpp:

(WebCore::ProcessingInstruction::ProcessingInstruction):
(WebCore::ProcessingInstruction::create):
(WebCore::ProcessingInstruction::cloneNodeInternal):

dom/ProcessingInstruction.h:
dom/Text.cpp:

(WebCore::Text::create):
(WebCore::Text::createEditingText):
(WebCore::Text::cloneNodeInternal):
(WebCore::Text::virtualCreate):
(WebCore::Text::createWithLengthLimit):

dom/Text.h:

(WebCore::Text::Text):

dom/mac/ImageControlsMac.cpp:

(WebCore::ImageControlsMac::createImageControls):

editing/CreateLinkCommand.cpp:

(WebCore::CreateLinkCommand::doApply):

editing/Editing.cpp:

(WebCore::createTabSpanElement):

editing/Editing.h:
editing/Editor.cpp:

(WebCore::Editor::styleForSelectionStart):

editing/InsertLineBreakCommand.cpp:

(WebCore::InsertLineBreakCommand::doApply):

editing/InsertTextCommand.cpp:

(WebCore::InsertTextCommand::positionInsideTextNode):

editing/ReplaceSelectionCommand.cpp:

(WebCore::ReplaceSelectionCommand::addSpacesForSmartReplace):

editing/TextManipulationController.cpp:

(WebCore::TextManipulationController::replace):

editing/markup.cpp:

(WebCore::createFragmentFromText):
(WebCore::createFragmentForTransformToFragment):

editing/markup.h:
html/BaseDateAndTimeInputType.cpp:

(WebCore::BaseDateAndTimeInputType::updateInnerTextValue):

html/BaseDateAndTimeInputType.h:
html/FTPDirectoryDocument.cpp:

(WebCore::FTPDirectoryDocumentParser::appendEntry):
(WebCore::FTPDirectoryDocumentParser::createTDForFilename):
(WebCore::FTPDirectoryDocumentParser::parseAndAppendOneLine):

html/HTMLAnchorElement.cpp:

(WebCore::HTMLAnchorElement::setText):

html/HTMLAnchorElement.h:
html/HTMLElement.cpp:

(WebCore::HTMLElement::setInnerText):
(WebCore::HTMLElement::setOuterText):

html/HTMLElement.h:
html/HTMLMeterElement.cpp:

(WebCore::HTMLMeterElement::didAddUserAgentShadowRoot):

html/HTMLOptionElement.cpp:

(WebCore::HTMLOptionElement::createForLegacyFactoryFunction):
(WebCore::HTMLOptionElement::setText):

html/HTMLOptionElement.h:
html/HTMLOutputElement.cpp:

(WebCore::HTMLOutputElement::setValue):
(WebCore::HTMLOutputElement::setDefaultValue):

html/HTMLOutputElement.h:
html/HTMLScriptElement.cpp:

(WebCore::HTMLScriptElement::setText):

html/HTMLScriptElement.h:
html/HTMLTextAreaElement.cpp:

(WebCore::HTMLTextAreaElement::setValueCommon):
(WebCore::HTMLTextAreaElement::setDefaultValue):
(WebCore::HTMLTextAreaElement::updatePlaceholderText):

html/HTMLTextAreaElement.h:
html/HTMLTextFormControlElement.cpp:

(WebCore::HTMLTextFormControlElement::setInnerTextValue):

html/HTMLTextFormControlElement.h:
html/HTMLTitleElement.cpp:

(WebCore::HTMLTitleElement::setText):

html/HTMLTitleElement.h:
html/TextFieldInputType.cpp:

(WebCore::TextFieldInputType::updatePlaceholderText):

html/parser/AtomHTMLToken.h:

(WebCore::AtomHTMLToken::comment):

html/parser/HTMLConstructionSite.cpp:

(WebCore::HTMLConstructionSite::insertComment):
(WebCore::HTMLConstructionSite::insertCommentOnDocument):
(WebCore::HTMLConstructionSite::insertCommentOnHTMLHtmlElement):
(WebCore::HTMLConstructionSite::insertTextNode):

html/shadow/DateTimeEditElement.cpp:

(WebCore::DateTimeEditBuilder::visitLiteral):

html/shadow/DateTimeFieldElement.cpp:

(WebCore::DateTimeFieldElement::updateVisibleValue):

html/track/TextTrackCue.cpp:

(WebCore::TextTrackCue::rebuildDisplayTree):

html/track/VTTCue.cpp:

(WebCore::VTTCue::getDisplayTree):

html/track/WebVTTParser.cpp:

(WebCore::WebVTTTreeBuilder::buildFromString):
(WebCore::WebVTTTreeBuilder::constructTreeFromToken):

page/DragController.cpp:

(WebCore::documentFragmentFromDragData):

platform/text/DateTimeFormat.h:
platform/text/PlatformLocale.cpp:

(WebCore::DateTimeStringBuilder::visitLiteral):

svg/SVGTRefElement.cpp:

(WebCore::SVGTRefElement::updateReferencedText):
(WebCore::SVGTRefElement::detachTarget):

xml/XMLErrors.cpp:

(WebCore::createXHTMLParserErrorHeader):
(WebCore::XMLErrors::insertErrorMessageBlock):

xml/XMLTreeViewer.cpp:

(WebCore::XMLTreeViewer::transformDocumentToTreeView):

xml/XSLTProcessor.cpp:

(WebCore::XSLTProcessor::transformToFragment):

xml/parser/XMLDocumentParser.cpp:

(WebCore::XMLDocumentParser::createLeafTextNode):
(WebCore::XMLDocumentParser::parseDocumentFragment):

Source/WTF:

Add a function to AtomString to release its String. This is convenient when you have an AtomString
and need a String&&.

wtf/text/AtomString.h:

7:47 PM Changeset in webkit [293058] by ysuzuki@apple.com

21 edits in branches/safari-613-branch/Source/JavaScriptCore

Cherry-pick r292493, rdar://91370257

Call Structure::get instead of Structure::getConcurrently on the mutator thread
https://bugs.webkit.org/show_bug.cgi?id=238823

Reviewed by Yusuke Suzuki.

We try to call Structure::get instead of Structure::getConcurrently when
we know for sure we're on the main thread. This is because getConcurrently
is slower than get.

bytecode/AccessCase.cpp: (JSC::AccessCase::couldStillSucceed const): (JSC::AccessCase::generateImpl):
bytecode/AdaptiveInferredPropertyValueWatchpointBase.cpp: (JSC::AdaptiveInferredPropertyValueWatchpointBase::install):
bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.cpp: (JSC::LLIntPrototypeLoadAdaptiveStructureWatchpoint::install):
bytecode/ObjectPropertyCondition.cpp: (JSC::ObjectPropertyCondition::structureEnsuresValidityAssumingImpurePropertyWatchpoint const): (JSC::ObjectPropertyCondition::isStillValidAssumingImpurePropertyWatchpoint const): (JSC::ObjectPropertyCondition::isStillValid const): (JSC::ObjectPropertyCondition::structureEnsuresValidity const):
bytecode/ObjectPropertyCondition.h:
bytecode/ObjectPropertyConditionSet.cpp: (JSC::ObjectPropertyConditionSet::structuresEnsureValidity const): (JSC::generateConditionsForPropertyMiss): (JSC::generateConditionsForPropertySetterMiss): (JSC::generateConditionsForPrototypePropertyHit): (JSC::generateConditionsForPrototypePropertyHitCustom): (JSC::generateConditionsForPrototypeEquivalenceConcurrently): (JSC::generateConditionsForPropertyMissConcurrently): (JSC::generateConditionsForPropertySetterMissConcurrently): (JSC::generateConditionForSelfEquivalence): (JSC::ObjectPropertyConditionSet::structuresEnsureValidityAssumingImpurePropertyWatchpoint const): Deleted. (JSC::ObjectPropertyConditionSet::isValidAndWatchable const): Deleted.
bytecode/ObjectPropertyConditionSet.h:
bytecode/PropertyCondition.cpp: (JSC::PropertyCondition::isStillValidAssumingImpurePropertyWatchpoint const): (JSC::watchabilityToConcurrency): (JSC::PropertyCondition::isStillValid const): (JSC::PropertyCondition::isWatchableWhenValid const): (JSC::PropertyCondition::isWatchableAssumingImpurePropertyWatchpoint const): (JSC::PropertyCondition::isWatchable const):
bytecode/PropertyCondition.h:
dfg/DFGAdaptiveStructureWatchpoint.cpp: (JSC::DFG::AdaptiveStructureWatchpoint::install):
dfg/DFGByteCodeParser.cpp: (JSC::DFG::ByteCodeParser::check): (JSC::DFG::ByteCodeParser::planLoad):
dfg/DFGConstantFoldingPhase.cpp: (JSC::DFG::ConstantFoldingPhase::tryFoldAsPutByOffset):
dfg/DFGDesiredWatchpoints.h: (JSC::DFG::AdaptiveStructureWatchpointAdaptor::hasBeenInvalidated):
dfg/DFGGraph.cpp: (JSC::DFG::Graph::watchCondition):
llint/LLIntSlowPaths.cpp: (JSC::LLInt::setupGetByIdPrototypeCache):
runtime/CachedSpecialPropertyAdaptiveStructureWatchpoint.cpp: (JSC::CachedSpecialPropertyAdaptiveStructureWatchpoint::install):
runtime/JSGlobalObject.cpp: (JSC::JSGlobalObject::tryInstallSpeciesWatchpoint):
runtime/JSObject.h: (JSC::JSObject::getDirect const):
runtime/Structure.h: (JSC::Structure::get):
runtime/StructureRareData.cpp: (JSC::StructureRareData::cacheSpecialPropertySlow):

Canonical link: https://commits.webkit.org/249341@main
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@292493 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7:39 PM Changeset in webkit [293057] by ysuzuki@apple.com

14 edits in branches/safari-613-branch/Source

Cherry-pick r292714, rdar://91584856

[JSC] Reduce use of unnecessary cryptographicallyRandom numbers
https://bugs.webkit.org/show_bug.cgi?id=239026

Reviewed by Saam Barati.

Source/JavaScriptCore:

This patch removes cryptographically random calls in some of super hot critical path.
MarkedBlock's use is very hot and it appears on Speedometer2 artrace. But this is just
a random shuffling of freelist, and WeakRandom is enough for that. This patch replaces
them with WeakRandom. It offers 0.3% improvement in Speedometer2.

assembler/AbstractMacroAssembler.cpp: (JSC::AbstractMacroAssemblerBase::initializeRandom): (WTF::printInternal):
assembler/AbstractMacroAssembler.h: (JSC::AbstractMacroAssemblerBase::random): (JSC::AbstractMacroAssembler::AbstractMacroAssembler): (JSC::AbstractMacroAssembler::random): Deleted.
b3/air/AirCode.cpp: (JSC::B3::Air::Code::Code):
b3/air/AirCode.h: (JSC::B3::Air::Code::weakRandom): Deleted.
heap/MarkedBlockInlines.h: (JSC::MarkedBlock::Handle::specializedSweep):
runtime/VM.cpp: (JSC::VM::VM):
runtime/VM.h: (JSC::VM::heapRandom):

Source/WebCore:

We use createVersion4UUIDStringWeak since there is no need to use cryptographically random numbers for KeyframeEffect names.

animation/KeyframeEffect.cpp: (WebCore::KeyframeEffect::copyPropertiesFromSource): (WebCore::KeyframeEffect::updateBlendingKeyframes): (WebCore::KeyframeEffect::computeCSSTransitionBlendingKeyframes):

Source/WTF:

We add createVersion4UUIDStringWeak, which can generate UUID with WeakRandom numbers.

wtf/UUID.cpp: (WTF::convertRandomUInt128ToUUIDVersion4): (WTF::generateCryptographicallyRandomUUIDVersion4): (WTF::generateWeakRandomUUIDVersion4): (WTF::UUID::UUID): (WTF::createVersion4UUIDStringWeak):
wtf/UUID.h:
wtf/WeakRandom.h:

Canonical link: https://commits.webkit.org/249504@main
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@292714 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7:32 PM Changeset in webkit [293056] by Chris Dumez

26 edits in trunk

Replace String::replaceWithLiteral() with a String::replace() overload that takes in an ASCIILiteral
https://bugs.webkit.org/show_bug.cgi?id=239500

Reviewed by Darin Adler.

Source/WebCore:

Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:

(WebCore::IDBServer::SQLiteIDBBackingStore::encodeDatabaseName):

display/css/DisplayTextBox.cpp:

(WebCore::Display::TextBox::debugDescription const):

dom/Node.cpp:

(WebCore::Node::showNode const):

dom/Text.cpp:

(WebCore::appendTextRepresentation):

editing/EditingStyle.cpp:

(WebCore::StyleChange::extractTextStyles):

editing/Editor.cpp:

(WebCore::Editor::selectedText const):

editing/MarkupAccumulator.cpp:

(WebCore::MarkupAccumulator::appendQuotedURLAttributeValue):

editing/markup.cpp:

(WebCore::StyledMarkupAccumulator::takeResults):

html/URLDecomposition.cpp:

(WebCore::URLDecomposition::setSearch):

layout/layouttree/LayoutTreeBuilder.cpp:

(WebCore::Layout::outputLayoutBox):

loader/FormSubmission.cpp:

(WebCore::appendMailtoPostFormDataToURL):

rendering/LegacyInlineTextBox.cpp:

(WebCore::LegacyInlineTextBox::outputLineBox const):

rendering/RenderObject.cpp:

(WebCore::RenderObject::outputRenderObject const):

xml/XSLTProcessor.cpp:

(WebCore::transformTextStringToXHTMLDocumentString):

Source/WTF:

Replace String::replaceWithLiteral() with a String::replace() overload that takes in an ASCIILiteral.
replaceWithLiteral() was encouraging people not to use ASCIILiteral and the ""_s suffix and calling
replace() with an ASCIILiteral would result in less efficient code, which goes against the idea of
ASCIILiteral.

To address this, String::replaceWithLiteral() is removed. Now, callers can call String::replace()
with an ASCIILiteral instead and it will result in code that is as efficient. I have verified that
this change is perf-neutral on Speedometer on both Apple Silicon and Intel.

wtf/text/WTFString.h:

(WTF::String::replace):
(WTF::String::replaceWithLiteral): Deleted.

Tools:

TestWebKitAPI/Tests/WTF/WTFString.cpp:

(TestWebKitAPI::TEST):

7:24 PM Changeset in webkit [293055] by ysuzuki@apple.com

41 edits
4 adds in branches/safari-613-branch

Cherry-pick r292697, rdar://91547350

[JSC] DFG / FTL should be aware of JSString's String replacement
https://bugs.webkit.org/show_bug.cgi?id=238918

Reviewed by Saam Barati.

JSTests:

stress/resolve-rope-get-by-val.js: Added. (shouldBe): (test):
stress/resolve-rope-string-char-at.js: Added. (shouldBe): (test):
stress/resolve-rope-string-char-code-at.js: Added. (shouldBe): (test):
stress/resolve-rope-string-code-point-at.js: Added. (shouldBe): (test):

Source/JavaScriptCore:

After r289359, String in JSString* can be replaced even after it is resolved. When atomizing String inside JSString*,
we may replace the existing one to new AtomStringImpl if different AtomStringImpl is already registered in the
AtomStringTable. However, DFG / FTL GetIndexedPropertyStorage assumes that StringImpl* in JSString* never changes after
resolving. And this is wrong.

This patch decouples String handling in GetIndexedPropertyStorage as ResolveRope DFG node. GetIndexedPropertyStorage no
longer handles JSString and it is now tailored to object cases. ResolveRope does not expose StringImpl::m_data pointer,
and instead it keeps resolved JSString*. After this change,

GetByVal(String:@0, Untyped:@1, GetIndexedProperty(String:@0))

is changed to

GetByVal(ResolveRope(String:@0), Untyped:@1)

Also, we revisit all the value(...) callsites (by changing function name) and ensure that we have no code assuming String
cannot be changed after resolving.

A/B test ensured that this is perf-neutral.

b3/B3Generate.cpp: (JSC::B3::generateToAir):
bytecompiler/BytecodeGenerator.cpp: (JSC::BytecodeGenerator::emitEqualityOpImpl):
dfg/DFGAbstractInterpreterInlines.h: (JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
dfg/DFGClobberize.h: (JSC::DFG::clobberize):
dfg/DFGConstantFoldingPhase.cpp: (JSC::DFG::ConstantFoldingPhase::foldConstants):
dfg/DFGDoesGC.cpp: (JSC::DFG::doesGC):
dfg/DFGFixupPhase.cpp: (JSC::DFG::FixupPhase::fixupNode): (JSC::DFG::FixupPhase::checkArray):
dfg/DFGNode.h: (JSC::DFG::Node::hasStorageChild const): (JSC::DFG::Node::storageChildIndex):
dfg/DFGNodeType.h:
dfg/DFGOperations.cpp: (JSC::DFG::JSC_DEFINE_JIT_OPERATION):
dfg/DFGOperations.h:
dfg/DFGPredictionPropagationPhase.cpp:
dfg/DFGSafeToExecute.h: (JSC::DFG::safeToExecute):
dfg/DFGSpeculativeJIT.cpp: (JSC::DFG::SpeculativeJIT::compileGetCharCodeAt): (JSC::DFG::SpeculativeJIT::compileGetByValOnString):
dfg/DFGSpeculativeJIT.h:
dfg/DFGSpeculativeJIT32_64.cpp: (JSC::DFG::SpeculativeJIT::compile):
dfg/DFGSpeculativeJIT64.cpp: (JSC::DFG::SpeculativeJIT::compile): (JSC::DFG::SpeculativeJIT::compileStringCodePointAt):
dfg/DFGTypeCheckHoistingPhase.cpp: (JSC::DFG::TypeCheckHoistingPhase::identifyRedundantStructureChecks): (JSC::DFG::TypeCheckHoistingPhase::identifyRedundantArrayChecks):
ftl/FTLCapabilities.cpp: (JSC::FTL::canCompile):
ftl/FTLCompile.cpp: (JSC::FTL::compile):
ftl/FTLLowerDFGToB3.cpp: (JSC::FTL::DFG::LowerDFGToB3::compileNode): (JSC::FTL::DFG::LowerDFGToB3::compileGetIndexedPropertyStorage): (JSC::FTL::DFG::LowerDFGToB3::compileResolveRope): (JSC::FTL::DFG::LowerDFGToB3::compileStringCharAtImpl): (JSC::FTL::DFG::LowerDFGToB3::compileStringCharCodeAt): (JSC::FTL::DFG::LowerDFGToB3::compileStringCodePointAt):
jsc.cpp: (JSC_DEFINE_HOST_FUNCTION):
runtime/HashMapImplInlines.h: (JSC::jsMapHashImpl):
runtime/InternalFunction.cpp: (JSC::InternalFunction::name): (JSC::InternalFunction::displayName): (JSC::InternalFunction::calculatedDisplayName):
runtime/InternalFunction.h:
runtime/JSBoundFunction.h:
runtime/JSCJSValueInlines.h: (JSC::toPreferredPrimitiveType):
runtime/JSModuleLoader.cpp: (JSC::JSModuleLoader::importModule):
runtime/JSONObject.cpp: (JSC::Stringifier::appendStringifiedValue):
runtime/JSPropertyNameEnumerator.cpp: (JSC::JSPropertyNameEnumerator::computeNext):
runtime/JSRemoteFunction.h:
runtime/Operations.h: (JSC::jsString): (JSC::compareBigIntToOtherPrimitive): (JSC::compareBigInt32ToOtherPrimitive):
runtime/RegExpMatchesArray.h: (JSC::createRegExpMatchesArray):
runtime/StringPrototype.cpp: (JSC::JSC_DEFINE_JIT_OPERATION): (JSC::JSC_DEFINE_HOST_FUNCTION):
runtime/SymbolConstructor.cpp: (JSC::JSC_DEFINE_HOST_FUNCTION):
tools/JSDollarVM.cpp: (JSC::JSC_DEFINE_HOST_FUNCTION):

Source/WebCore:

bindings/js/JSDOMWindowBase.cpp: (WebCore::JSDOMWindowBase::reportViolationForUnsafeEval):

Canonical link: https://commits.webkit.org/249489@main
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@292697 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7:05 PM Changeset in webkit [293054] by Simon Fraser

3 edits in trunk/Source/WebCore

EventHandler should use a WeakPtr for m_resizeLayer
https://bugs.webkit.org/show_bug.cgi?id=239515

Reviewed by Wenson Hsieh.

Use a WeakPtr for m_resizeLayer.

page/EventHandler.cpp:

(WebCore::EventHandler::handleMousePressEvent):

page/EventHandler.h:

6:29 PM Changeset in webkit [293053] by Alan Coon

3 edits in branches/safari-613-branch/Source

Cherry-pick r290874. rdar://problem/84869202

Integrator's note: partial cherry-pick in conjunction with earlier applied patch.

Push HTMLMediaElement renderer's contentBox rect to GPU process
https://bugs.webkit.org/show_bug.cgi?id=237444
rdar://84869202

Reviewed by Jer Noble.

Source/WebCore:

No new tests. This is a speculative fix, with new logging, for an issue I haven't
been able to reproduce.

html/HTMLMediaElement.cpp: (WebCore::HTMLMediaElement::updateRenderer): Push mediaPlayerContentBoxRect to the media player.
platform/graphics/MediaPlayer.cpp: (WebCore::MediaPlayer::playerContentBoxRectChanged): Pass rect to platform player.
platform/graphics/MediaPlayer.h:
platform/graphics/MediaPlayerPrivate.h: (WebCore::MediaPlayerPrivateInterface::playerContentBoxRectChanged):

Source/WebKit:

GPUProcess/media/RemoteMediaPlayerProxy.cpp: (WebKit::RemoteMediaPlayerProxy::RemoteMediaPlayerProxy): Configuration now has playerContentBoxRect. (WebKit::RemoteMediaPlayerProxy::mediaPlayerContentBoxRect const): (WebKit::RemoteMediaPlayerProxy::playerContentBoxRectChanged): Update playerContentBoxRect.
GPUProcess/media/RemoteMediaPlayerProxy.h:
GPUProcess/media/RemoteMediaPlayerProxy.messages.in:

GPUProcess/media/RemoteMediaPlayerProxyConfiguration.h: (WebKit::RemoteMediaPlayerProxyConfiguration::encode const): (WebKit::RemoteMediaPlayerProxyConfiguration::decode):

GPUProcess/media/cocoa/RemoteMediaPlayerProxyCocoa.mm: (WebKit::RemoteMediaPlayerProxy::setVideoInlineSizeIfPossible): Convert from static function so we can log. (WebKit::RemoteMediaPlayerProxy::mediaPlayerFirstVideoFrameAvailable): Add logging. (WebKit::RemoteMediaPlayerProxy::mediaPlayerRenderingModeChanged): Ditto. (WebKit::RemoteMediaPlayerProxy::setVideoInlineSizeFenced): Ditto. (WebKit::setVideoInlineSizeIfPossible): Deleted.

WebProcess/GPU/media/MediaPlayerPrivateRemote.cpp: (WebKit::MediaPlayerPrivateRemote::playerContentBoxRectChanged):
WebProcess/GPU/media/MediaPlayerPrivateRemote.h:

WebProcess/GPU/media/RemoteMediaPlayerManager.cpp: (WebKit::RemoteMediaPlayerManager::createRemoteMediaPlayer):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@290874 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5:45 PM Changeset in webkit [293052] by commit-queue@webkit.org

51 edits in trunk

Implement most of CSS typed OM object stringifiers
https://bugs.webkit.org/show_bug.cgi?id=239483

Patch by Alex Christensen <achristensen@webkit.org> on 2022-04-19
Reviewed by Simon Fraser.

LayoutTests/imported/w3c:

web-platform-tests/css/css-typed-om/stylevalue-serialization/cssKeywordValue.tentative-expected.txt:
web-platform-tests/css/css-typed-om/stylevalue-serialization/cssMathValue.tentative-expected.txt:
web-platform-tests/css/css-typed-om/stylevalue-serialization/cssTransformValue.tentative-expected.txt:

Source/WebCore:

This is an off-by-default experimental feature.
Covered by web platform tests.

css/typedom/CSSKeywordValue.cpp:

(WebCore::CSSKeywordValue::serialize const):

css/typedom/CSSKeywordValue.h:
css/typedom/CSSOMVariableReferenceValue.cpp:

(WebCore::CSSOMVariableReferenceValue::toString const):
(WebCore::CSSOMVariableReferenceValue::serialize const):

css/typedom/CSSOMVariableReferenceValue.h:
css/typedom/CSSStyleImageValue.cpp:

(WebCore::CSSStyleImageValue::serialize const):
(WebCore::CSSStyleImageValue::document const):

css/typedom/CSSStyleImageValue.h:
css/typedom/CSSStyleValue.cpp:

(WebCore::CSSStyleValue::toString const):
(WebCore::CSSStyleValue::serialize const):

css/typedom/CSSStyleValue.h:
css/typedom/CSSUnitValue.cpp:

(WebCore::CSSUnitValue::serialize const):

css/typedom/CSSUnitValue.h:
css/typedom/CSSUnparsedValue.cpp:

(WebCore::CSSUnparsedValue::serialize const):
(WebCore::CSSUnparsedValue::toString const): Deleted.

css/typedom/CSSUnparsedValue.h:
css/typedom/numeric/CSSMathInvert.cpp:

(WebCore::CSSMathInvert::serialize const):

css/typedom/numeric/CSSMathInvert.h:
css/typedom/numeric/CSSMathMax.cpp:

(WebCore::CSSMathMax::serialize const):

css/typedom/numeric/CSSMathMax.h:
css/typedom/numeric/CSSMathMin.cpp:

(WebCore::CSSMathMin::serialize const):

css/typedom/numeric/CSSMathMin.h:
css/typedom/numeric/CSSMathNegate.cpp:

(WebCore::CSSMathNegate::serialize const):

css/typedom/numeric/CSSMathNegate.h:
css/typedom/numeric/CSSMathProduct.cpp:

(WebCore::CSSMathProduct::serialize const):

css/typedom/numeric/CSSMathProduct.h:
css/typedom/numeric/CSSMathSum.cpp:

(WebCore::CSSMathSum::serialize const):

css/typedom/numeric/CSSMathSum.h:
css/typedom/numeric/CSSNumericArray.cpp:

(WebCore::CSSNumericArray::forEach):

css/typedom/numeric/CSSNumericArray.h:
css/typedom/transform/CSSMatrixComponent.cpp:

(WebCore::CSSMatrixComponent::serialize const):
(WebCore::CSSMatrixComponent::toMatrix):
(WebCore::CSSMatrixComponent::toString const): Deleted.

css/typedom/transform/CSSMatrixComponent.h:
css/typedom/transform/CSSPerspective.cpp:

(WebCore::CSSPerspective::serialize const):
(WebCore::CSSPerspective::toMatrix):
(WebCore::CSSPerspective::toString const): Deleted.

css/typedom/transform/CSSPerspective.h:
css/typedom/transform/CSSRotate.cpp:

(WebCore::CSSRotate::serialize const):
(WebCore::CSSRotate::toMatrix):
(WebCore::CSSRotate::toString const): Deleted.

css/typedom/transform/CSSRotate.h:
css/typedom/transform/CSSScale.cpp:

(WebCore::CSSScale::serialize const):
(WebCore::CSSScale::toMatrix):
(WebCore::CSSScale::toString const): Deleted.

css/typedom/transform/CSSScale.h:
css/typedom/transform/CSSSkew.cpp:

(WebCore::CSSSkew::serialize const):
(WebCore::CSSSkew::toMatrix):
(WebCore::CSSSkew::toString const): Deleted.

css/typedom/transform/CSSSkew.h:
css/typedom/transform/CSSSkewX.cpp:

(WebCore::CSSSkewX::serialize const):
(WebCore::CSSSkewX::toMatrix):
(WebCore::CSSSkewX::toString const): Deleted.

css/typedom/transform/CSSSkewX.h:
css/typedom/transform/CSSSkewY.cpp:

(WebCore::CSSSkewY::serialize const):
(WebCore::CSSSkewY::toMatrix):
(WebCore::CSSSkewY::toString const): Deleted.

css/typedom/transform/CSSSkewY.h:
css/typedom/transform/CSSTransformComponent.cpp:

(WebCore::CSSTransformComponent::toString const):

css/typedom/transform/CSSTransformComponent.h:
css/typedom/transform/CSSTransformValue.cpp:

(WebCore::CSSTransformValue::serialize const):

css/typedom/transform/CSSTransformValue.h:
css/typedom/transform/CSSTranslate.cpp:

(WebCore::CSSTranslate::serialize const):
(WebCore::CSSTranslate::toMatrix):
(WebCore::CSSTranslate::toString const): Deleted.

css/typedom/transform/CSSTranslate.h:

5:25 PM Changeset in webkit [293051] by Wenson Hsieh

4 edits in trunk

[iOS] Dictation text that contains emojis is inserted twice upon finalization
https://bugs.webkit.org/show_bug.cgi?id=239508
rdar://91895524

Reviewed by Aditya Keerthi.

Source/WebKit:

WebPage::replaceDictatedText contains logic to only proceed with text replacement in the case where the
dictated text still matches the text before the current selection. To ensure this, it marches backwards through
visible positions from the start of the selection, for a total number of times equal to the length of the
expected string (oldText). If the text within this found range (i.e. from the position before the start of the
selection, to the start of the selection) no longer matches the oldText provided by the client, we return
early and do nothing.

However, this logic fails in the case where oldText contains emojis (or more generally, multiple codepoints
that combine to form a single grapheme cluster), since the length of the string is more than the number of
visible position iterations needed to find the correct starting position for the range. As a result, we end up
not replacing any characters, and when UIKit dictation code later calls -insertText: with the final dictation
string, we end up duplicating the finalized dictation text.

To address this issue, simply advance backwards by grapheme count instead of the raw string length to keep the
starting visible position consistent with the start of the range that we're trying to replace.

Test: UIWKInteractionViewProtocol.ReplaceDictatedTextContainingEmojis

WebProcess/WebPage/ios/WebPageIOS.mm:

(WebKit::WebPage::replaceDictatedText):
(WebKit::WebPage::applyAutocorrectionInternal):

Also add a FIXME here around similar code that might also be susceptible to the same bug. However, in this case,
we avoid the problem because of subsequent logic that adjusts the starting position to try and match the
expected string. We may be able to remove or further limit this extra adjustment by using grapheme cluster count
here instead of string length when finding the initial starting position.

Tools:

Add an API test to exercise the change.

TestWebKitAPI/Tests/ios/UIWKInteractionViewProtocol.mm:

(TestWebKitAPI::TEST):

5:23 PM Changeset in webkit [293050] by Chris Dumez

7 edits in trunk/Source/WebCore

Use SortedArrayMap in parseEnumeration<>() in the JS bindings
https://bugs.webkit.org/show_bug.cgi?id=239503

Reviewed by Darin Adler.

Use SortedArrayMap in parseEnumeration<>() in the JS bindings, which should be slightly
better for performance.

bindings/scripts/CodeGeneratorJS.pm:

(GenerateEnumerationImplementationContent):

bindings/scripts/test/JS/JSTestCallbackInterface.cpp:

(WebCore::parseEnumeration<TestCallbackInterface::Enum>):

bindings/scripts/test/JS/JSTestDefaultToJSONEnum.cpp:

(WebCore::parseEnumeration<TestDefaultToJSONEnum>):

bindings/scripts/test/JS/JSTestObj.cpp:

(WebCore::parseEnumeration<TestObj::EnumType>):
(WebCore::parseEnumeration<TestObj::EnumTrailingComma>):
(WebCore::parseEnumeration<TestObj::Optional>):
(WebCore::parseEnumeration<AlternateEnumName>):
(WebCore::parseEnumeration<TestObj::EnumA>):
(WebCore::parseEnumeration<TestObj::EnumB>):
(WebCore::parseEnumeration<TestObj::EnumC>):
(WebCore::parseEnumeration<TestObj::Kind>):
(WebCore::parseEnumeration<TestObj::Size>):
(WebCore::parseEnumeration<TestObj::Confidence>):

bindings/scripts/test/JS/JSTestStandaloneDictionary.cpp:

(WebCore::parseEnumeration<TestStandaloneDictionary::EnumInStandaloneDictionaryFile>):

bindings/scripts/test/JS/JSTestStandaloneEnumeration.cpp:

(WebCore::parseEnumeration<TestStandaloneEnumeration>):

5:10 PM Changeset in webkit [293049] by Alan Coon

1 copy in tags/WebKit-7613.2.6.1.2

Tag WebKit-7613.2.6.1.2.

5:05 PM Changeset in webkit [293048] by Alan Coon

3 edits in branches/safari-613.2.6.1-branch/Source/WebKit

Cherry-pick r292431. rdar://problem/91311117

Revert r291598
https://bugs.webkit.org/show_bug.cgi?id=238842
<rdar://90677955>

Reviewed by Geoff Garen.

It caused some problems and needs further analysis.

NetworkProcess/cocoa/NetworkSessionCocoa.mm: (WebKit::NetworkSessionCocoa::createWebSocketTask):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@292431 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5:03 PM Changeset in webkit [293047] by Alan Coon

9 edits in branches/safari-613.2.6.1-branch/Source

Versioning.

WebKit-7613.2.6.1.2

4:56 PM Changeset in webkit [293046] by Russell Epstein

9 edits in branches/safari-614.1.10-branch/Source

Versioning.

WebKit-7614.1.10.3

4:41 PM Changeset in webkit [293045] by mark.lam@apple.com

2 edits in trunk

Update my GitHub login.

metadata/contributors.json:

4:25 PM Changeset in webkit [293044] by ntim@apple.com

2 edits in trunk/Source/WebCore

Clean up SVGs added by r293038
https://bugs.webkit.org/show_bug.cgi?id=239522

Reviewed by Wenson Hsieh.

The old SVGs apply clip-paths on rectangles (corresponding to the shapes), then fill those clipped rectangles.
Instead fill/stroke the shapes directly and remove the rectangles.

Also remove version="1.1" from other SVGs which is unnecessary.

css/html.css:

(input::-webkit-credentials-auto-fill-button):
(input::-webkit-credentials-auto-fill-button:hover):
(input::-webkit-credentials-auto-fill-button:active):
(input::-webkit-contacts-auto-fill-button):
(input::-webkit-credit-card-auto-fill-button):

4:23 PM Changeset in webkit [293043] by msaboff@apple.com

10 edits in trunk

Various WebKit tools need to be told about the system content path
https://bugs.webkit.org/show_bug.cgi?id=239516

Reviewed by Ryan Haddad.

Source/JavaScriptCore:

Added the INSTALL_PATH_PREFIX to the INSTALL_PATH for TestAPI and the JSC tools.
This will contain the system content path prefix when enabled.

Configurations/TestAPI.xcconfig:
Configurations/ToolExecutable.xcconfig:

Tools:

Added the INSTALL_PATH_PREFIX to the INSTALL_PATH for the webkit test tools.
This will contain the system content path prefix when enabled.

DumpRenderTree/mac/Configurations/Base.xcconfig:
DumpRenderTree/mac/Configurations/DumpRenderTree.xcconfig:
DumpRenderTree/mac/Configurations/LayoutTestHelper.xcconfig:
DumpRenderTree/mac/Configurations/TestNetscapePlugIn.xcconfig:
WebKitTestRunner/Configurations/Base.xcconfig:
WebKitTestRunner/Configurations/BaseTarget.xcconfig:

4:13 PM Changeset in webkit [293042] by Chris Dumez

41 edits in trunk/Source

Inline Element::shadowRoot()
https://bugs.webkit.org/show_bug.cgi?id=239460

Reviewed by Darin Adler.

Source/WebCore:

Inline Element::shadowRoot() given that it is small and shows up in Speedometer profiles.

bindings/js/JSCustomElementInterface.cpp:
css/CSSComputedStyleDeclaration.cpp:
css/SelectorChecker.cpp:
dom/ComposedTreeAncestorIterator.h:
dom/ComposedTreeIterator.cpp:
dom/ComposedTreeIterator.h:
dom/ContainerNode.cpp:
dom/ContainerNodeAlgorithms.cpp:
dom/Document.cpp:
dom/Element.cpp:

(WebCore::Element::elementRareData const): Deleted.
(WebCore::Element::shadowRoot const): Deleted.

dom/Element.h:
dom/ElementInlines.h:
dom/ElementRareData.h:

(WebCore::Element::elementRareData const):
(WebCore::Element::shadowRoot const):

dom/EventPath.cpp:
dom/ImageOverlay.cpp:
dom/mac/ImageControlsMac.cpp:
editing/TextIterator.cpp:
editing/cocoa/DataDetection.h:
editing/cocoa/DataDetection.mm:

(WebCore::DataDetection::findDataDetectionResultElementInImageOverlay):

editing/cocoa/HTMLConverter.mm:
editing/markup.cpp:
html/HTMLDetailsElement.cpp:
html/HTMLImageElement.cpp:
page/ios/FrameIOS.mm:
rendering/RenderFileUploadControl.cpp:
style/PseudoClassChangeInvalidation.cpp:
style/StyleInvalidator.cpp:
style/StyleScope.cpp:
svg/SVGTRefElement.cpp:
testing/Internals.cpp:

Source/WebKit:

I moved findDataDetectionResultElementInImageOverlay() to WebCore since it only relies on WebCore
things. This function relies on ElementRareData but ElementRareData.h is not currently exported
from WebCore.

WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::updateWithTextRecognitionResult):
(WebKit::WebPage::findDataDetectionResultElementInImageOverlay): Deleted.

WebProcess/WebPage/WebPage.h:
WebProcess/WebPage/ios/WebPageIOS.mm:

(WebKit::dataDetectorImageOverlayPositionInformation):

3:32 PM Changeset in webkit [293041] by ysuzuki@apple.com

4 edits in trunk/Source/JavaScriptCore

REGRESSION(r292372): cloop crashes on s390x
https://bugs.webkit.org/show_bug.cgi?id=238956

Reviewed by Mark Lam.

Source/JavaScriptCore/jit/AssemblyHelpers.h:

(JSC::AssemblyHelpers::calleeFrameCodeBlockBeforeCall):
(JSC::AssemblyHelpers::calleeFrameCodeBlockBeforeTailCall):

Source/JavaScriptCore/jit/ThunkGenerators.cpp:

(JSC::boundFunctionCallGenerator):
(JSC::remoteFunctionCallGenerator):

Source/JavaScriptCore/llint/LowLevelInterpreter.asm:

Canonical link: https://commits.webkit.org/249780@main

3:10 PM Changeset in webkit [293040] by mark.lam@apple.com

2 edits in trunk

Adding my GitHub credentials.

metadata/contributors.json:

3:04 PM Changeset in webkit [293039] by commit-queue@webkit.org

13 edits
3 deletes in trunk

Unreviewed, reverting r292947.
https://bugs.webkit.org/show_bug.cgi?id=239520

Introduced new assertion failures

Reverted changeset:

"Make release assertion in Document::updateLayout more precise
for FrameSelection::setSelection"
https://bugs.webkit.org/show_bug.cgi?id=239431
https://commits.webkit.org/r292947

2:53 PM Changeset in webkit [293038] by commit-queue@webkit.org

4 edits in trunk

Update in-field icons for credential fields
https://bugs.webkit.org/show_bug.cgi?id=239336

Patch by Ricky Mondello <Ricky Mondello> on 2022-04-19
Reviewed by Wenson Hsieh.

Source/WebCore:

This new styling is only appropriate for Cocoa platforms.

css/html.css:

(input::-webkit-credentials-auto-fill-button):
(input::-webkit-credentials-auto-fill-button:hover):
(input::-webkit-credentials-auto-fill-button:active):

LayoutTests:

platform/mac/fast/forms/auto-fill-button/input-auto-fill-button-expected.txt:

2:47 PM Changeset in webkit [293037] by sihui_liu@apple.com

3 edits in trunk/Source/WebKit

Add logging for WebsiteDataStore data fetch and removal
https://bugs.webkit.org/show_bug.cgi?id=239409

Reviewed by Chris Dumez.

This would help us debug issues like rdar://91422245.

NetworkProcess/NetworkProcess.cpp:

(WebKit::NetworkProcess::fetchWebsiteData):
(WebKit::NetworkProcess::deleteWebsiteData):
(WebKit::NetworkProcess::deleteWebsiteDataForOrigins):

UIProcess/WebsiteData/WebsiteDataStore.cpp:

(WebKit::WebsiteDataStore::fetchDataAndApply):
(WebKit::WebsiteDataStore::removeData):

1:36 PM Changeset in webkit [293036] by Jonathan Bedard

2 edits in trunk

Correction to botwatcher github username to contributors json

Reviewed by Jonathan Bedard.

metadata/contributors.json:

Canonical link: https://commits.webkit.org/249775@main

1:33 PM Changeset in webkit [293035] by commit-queue@webkit.org

3 edits in trunk/Source/WebKit

ASSERTION FAILED: !m_isInitializingSendSource crashes on the bots
https://bugs.webkit.org/show_bug.cgi?id=239399

Patch by Kimmo Kinnunen <kkinnunen@apple.com> on 2022-04-19
Reviewed by Chris Dumez.

Avoid sending messages to IPC::Connection before the connection is open.
There's multiple logic problems as well as a race to toggle m_isInitializingSendSource.

Commit "RemoteRenderingBackend should have dedicated IPC::Connection for out-of-stream messages"
would make RRBProxy in WP create the "server" IPC::Connection and send that to RRB in GPUP.

This would cause RRB in GPUP to ASSERT(...

!m_isInitializingSendSource) fail in

the IPC work queue.

For "client" connection, IPC::Connection::open() will run in the calling queue, toggling
m_isInitializingSendSource = true. The m_isInitializingSendSource = false will be toggled
in the message send queue by the send source initialization callback.

If the caller has already enqueued messages before calling open(), the callbacks the
sendMessage() or open() schedules might run the functions which do not expect to be dispatched unless
m_isInitializingSendSource == false.

This commit just fixes the send vs open order, but does not fix the underlying problems.
They are tracked in bug 239494, which should also add tests for the case.

GPUProcess/graphics/RemoteRenderingBackend.cpp:

(WebKit::RemoteRenderingBackend::RemoteRenderingBackend):
(WebKit::RemoteRenderingBackend::startListeningForIPC):

Platform/IPC/cocoa/ConnectionCocoa.mm:

(IPC::Connection::sendOutgoingMessage):
Expand one ASSERT(!a && !b) to individual assertions in order to catch the exact problem easier.

1:31 PM Changeset in webkit [293034] by Jonathan Bedard

2 edits in trunk/Tools

[ews-build.webkit.org] GitHub usernames are case insensitive
https://bugs.webkit.org/show_bug.cgi?id=239509
<rdar://problem/91971337>

Reviewed by Aakash Jain.

Tools/CISupport/ews-build/steps.py:

(GitHub.email_for_owners): Treat all GitHub usernames as lowercase.
(Contributors.load): Ditto.
(ValidateCommitterAndReviewer.is_reviewer): Ditto.
(ValidateCommitterAndReviewer.is_committer): Ditto.
(ValidateCommitterAndReviewer.full_name_from_email): Ditto.
(AddReviewerMixin.gitCommitEnvironment): Ditto.
(AddAuthorToCommitMessage.author): Ditto.

Canonical link: https://commits.webkit.org/249773@main

1:27 PM Changeset in webkit [293033] by commit-queue@webkit.org

17 edits in trunk/Source

[WebXR] Update Device::initializeTrackingAndRendering() to take in more parameters regarding the session setup
https://bugs.webkit.org/show_bug.cgi?id=239476

Patch by Ada Chan <adachan@apple.com> on 2022-04-19
Reviewed by Dean Jackson.

Source/WebCore:

Pass in document's origin and session features to Device::initializeTrackingAndRendering().

Modules/webxr/WebXRSession.cpp:

(WebCore::WebXRSession::WebXRSession):

Modules/webxr/WebXRSystem.h:
platform/xr/PlatformXR.h:
platform/xr/openxr/PlatformXROpenXR.cpp:

(PlatformXR::OpenXRDevice::initializeTrackingAndRendering):

platform/xr/openxr/PlatformXROpenXR.h:
testing/WebFakeXRDevice.cpp:

(WebCore::SimulatedXRDevice::initializeTrackingAndRendering):

testing/WebFakeXRDevice.h:

Source/WebKit:

Pass in document's origin and session features to Device::initializeTrackingAndRendering().

Shared/XR/XRDeviceProxy.cpp:

(WebKit::XRDeviceProxy::initializeTrackingAndRendering):

Shared/XR/XRDeviceProxy.h:
UIProcess/XR/PlatformXRCoordinator.h:
UIProcess/XR/PlatformXRSystem.cpp:

(WebKit::PlatformXRSystem::initializeTrackingAndRendering):

UIProcess/XR/PlatformXRSystem.h:
UIProcess/XR/PlatformXRSystem.messages.in:
WebProcess/XR/PlatformXRSystemProxy.cpp:

(WebKit::PlatformXRSystemProxy::initializeTrackingAndRendering):

WebProcess/XR/PlatformXRSystemProxy.h:

1:08 PM Changeset in webkit [293032] by mmaxfield@apple.com

3 edits in trunk/Source/WebCore

[Cocoa] Add explanatory comments in fillVectorWithVerticalGlyphPositions() and simplify it somewhat
https://bugs.webkit.org/show_bug.cgi?id=239480

Reviewed by Alan Bujtas.

This adds a lot of explanatory text in fillVectorWithVerticalGlyphPositions(). It also rewrites some of it to
call shared functions (computeOverallTextMatrixInternal() and computeVerticalTextMatrixInternal()) instead of
reimplementing the contents of those functions.

The last thing this patch does is it stops adding in CTFontGetMatrix() to the text matrix, because:

It's always the identity, because we never create a font with one of these things
Even if it wasn't the identity, Core Text already applies it itself, so if we apply it, it would be double

applied.

No new tests because there is no behavior change.

platform/graphics/FontCascade.h:
platform/graphics/coretext/FontCascadeCoreText.cpp:

(WebCore::computeBaseOverallTextMatrix):
(WebCore::computeOverallTextMatrix):
(WebCore::computeBaseVerticalTextMatrix):
(WebCore::computeVerticalTextMatrix):
(WebCore::fillVectorWithVerticalGlyphPositions):
(WebCore::showGlyphsWithAdvances):

12:24 PM Changeset in webkit [293031] by graouts@webkit.org

11 edits in trunk/Source/WebKit

[model] ready promise does not work on iOS
https://bugs.webkit.org/show_bug.cgi?id=239395
rdar://91761135

Reviewed by Dean Jackson.

We actually never communicated success or failure when creating the ASVInlinePreview
in the UI process on iOS in WKModelView. We now provide a reference to the WebPageProxy
and a GraphicsLayer::PlatformLayerID when creating a WKModelView so that we can message
the Web process and have WebPage look for the matching ARKitInlinePreviewModelPlayerIOS
to notify of load success or failure via the ModelPlayerClient protocol which is already
implemented by HTMLModelElement.

UIProcess/RemoteLayerTree/ios/RemoteLayerTreeHostIOS.mm:

(WebKit::RemoteLayerTreeHost::makeNode):

UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::modelInlinePreviewDidLoad):
(WebKit::WebPageProxy::modelInlinePreviewDidFailToLoad):

UIProcess/WebPageProxy.h:
UIProcess/ios/WKModelView.h:
UIProcess/ios/WKModelView.mm:

(-[WKModelView initWithModel:layerID:page:]):
(-[WKModelView createPreview]):
(-[WKModelView initWithModel:]): Deleted.

WebProcess/Model/ios/ARKitInlinePreviewModelPlayerIOS.h:
WebProcess/Model/ios/ARKitInlinePreviewModelPlayerIOS.mm:

(WebKit::ARKitInlinePreviewModelPlayerIOS::ARKitInlinePreviewModelPlayerIOS):
(WebKit::ARKitInlinePreviewModelPlayerIOS::~ARKitInlinePreviewModelPlayerIOS):
(WebKit::ARKitInlinePreviewModelPlayerIOS::modelPlayerForPageAndLayerID):
(WebKit::ARKitInlinePreviewModelPlayerIOS::pageLoadedModelInlinePreview):
(WebKit::ARKitInlinePreviewModelPlayerIOS::pageFailedToLoadModelInlinePreview):

WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::modelInlinePreviewDidLoad):
(WebKit::WebPage::modelInlinePreviewDidFailToLoad):

WebProcess/WebPage/WebPage.h:
WebProcess/WebPage/WebPage.messages.in:

Canonical link: https://commits.webkit.org/249770@main

12:00 PM Changeset in webkit [293030] by Wenson Hsieh

15 edits in trunk

[iOS] Text selection flickers when inserting text using dictation
https://bugs.webkit.org/show_bug.cgi?id=239467
rdar://91895659

Reviewed by Aditya Keerthi.

Source/WebCore:

Add a method to invalidate TemporarySelectionChange and IgnoreSelectionChangeForScope, which immediately
reverts Editor::ignoreSelectionChanges() state to false without triggering an appearance update, and also
ensures that the RAII object's destructor is a noop.

See WebKit/ChangeLog for more details.

editing/Editor.cpp:

(WebCore::TemporarySelectionChange::invalidate):
(WebCore::TemporarySelectionChange::~TemporarySelectionChange):

Make the destructor robust in the case where m_document has been cleared out already due to invalidating the
temporary selection change.

editing/Editor.h:

Also mark these as non-copyable and fast-allocated, while we're here. Since these are RAII objects, we never
expect them to be copied, and the WTF_MAKE_FAST_ALLOCATED allows us to use WTF::makeUnique when creating
unique pointers to these helper objects.

(WebCore::IgnoreSelectionChangeForScope::invalidate):

Source/WebKit:

Implement two new SPI methods on UIWKInteractionViewProtocol (to be added in rdar://91919121), which UIKit uses
to encapsulate text input changes while inserting final dictation results (specifically, a call to
-replaceDictatedText:withText:, followed by one or more calls to -insertText:).

During this scope, we suppress all DOM selection changes from propagating to the client (thereby causing visible
text selection updates) by creating and holding on to a IgnoreSelectionChangeForScope RAII object. At the end
of this scope, we then schedule one final editor state update after resetting the scope, to ensure that the
final selection state propagates to the UI process.

Test: UIWKInteractionViewProtocol.SuppressSelectionChangesDuringDictation

UIProcess/WebPageProxy.h:
UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView willInsertFinalDictationResult]):
(-[WKContentView didInsertFinalDictationResult]):
(-[WKContentView _updateChangedSelection:]):

UIProcess/ios/WebPageProxyIOS.mm:

(WebKit::WebPageProxy::willInsertFinalDictationResult):
(WebKit::WebPageProxy::didInsertFinalDictationResult):

Plumb these method calls into the web process, through WebPageProxy and WebPage.

WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::didCommitLoad):

If (for any reason) we're committing a load while holding on to m_ignoreSelectionChangeScopeForDictation,
forcibly call Editor::setIgnoreSelectionChanges(false, RevealSelection::No) and destroy the scoped object.

WebProcess/WebPage/WebPage.h:

Add m_ignoreSelectionChangeScopeForDictation, which is set in willInsertFinalDictationResult and
unset in didInsertFinalDictationResult below.

WebProcess/WebPage/WebPage.messages.in:
WebProcess/WebPage/ios/WebPageIOS.mm:

(WebKit::WebPage::replaceSelectedText):
(WebKit::WebPage::replaceDictatedText):

Deploy IgnoreSelectionChangeForScope here, so that if we're already ignoring selection changes due to
m_ignoreSelectionChangeScopeForDictation, we won't prematurely revert "ignore selection change" state (this is
because this RAII helper object consults the preexisting state of document.editor().ignoreSelectionChanges()
before calling into setIgnoreSelectionChanges, and effectively becomes a no-op if the bit was already set).

(WebKit::WebPage::willInsertFinalDictationResult):
(WebKit::WebPage::didInsertFinalDictationResult):

Tools:

Add an API test to verify that -willInsertFinalDictationResult and -didInsertFinalDictationResult correctly
suppresses intermediate editor UI updates.

TestWebKitAPI/Tests/ios/UIWKInteractionViewProtocol.mm:

(-[EditorStateObserver initWithWebView:]):
(-[EditorStateObserver _webView:editorStateDidChange:]):
(TestWebKitAPI::setUpEditableWebViewAndWaitForInputSession):
(TestWebKitAPI::TEST):

TestWebKitAPI/cocoa/TestWKWebView.h:
TestWebKitAPI/ios/UIKitSPI.h:

11:54 AM Changeset in webkit [293029] by commit-queue@webkit.org

2 edits in trunk/LayoutTests

fast/css/sticky/sticky-left.html is a flaky image failure
https://bugs.webkit.org/show_bug.cgi?id=227467

Unreviewed test gardening.

LayoutTests/platform/mac-wk2/TestExpectations:

Canonical link: https://commits.webkit.org/249768@main

11:23 AM Changeset in webkit [293028] by ntim@apple.com

6 edits
6 adds
10 deletes in trunk

user-select: none shouldn't affect editability
https://bugs.webkit.org/show_bug.cgi?id=118009

Reviewed by Antti Koivisto.

LayoutTests/imported/w3c:

web-platform-tests/css/css-ui/user-select-none-in-editable-expected.txt: Added.
web-platform-tests/css/css-ui/user-select-none-in-editable.html: Added.
web-platform-tests/css/css-ui/user-select-none-on-input-expected.txt: Added.
web-platform-tests/css/css-ui/user-select-none-on-input.html: Added.

Source/WebCore:

Tests: editing/selection/user-select-js-property.html

imported/w3c/web-platform-tests/css/css-ui/user-select-none-in-editable.html
imported/w3c/web-platform-tests/css/css-ui/user-select-none-on-input.html

Change effectiveUserSelect to take in account -webkit-user-modify.

rendering/style/RenderStyle.cpp:

(WebCore::RenderStyle::effectiveUserSelect const):

rendering/style/RenderStyle.h:

(WebCore::RenderStyle::effectiveUserSelect const): Deleted.

LayoutTests:

Removed tests that were testing old behavior
Added new tests for new behavior (imported from the Blink codebase)

editing/selection/4866671.html: Removed.
editing/selection/5779984-1-expected.txt: Removed.
editing/selection/5779984-1.html: Removed.
editing/selection/user-select-js-property-expected.txt: Added.
editing/selection/user-select-js-property.html: Added.
platform/gtk/editing/selection/4866671-expected.png: Removed.
platform/gtk/editing/selection/4866671-expected.txt: Removed.
platform/ios/TestExpectations:
platform/ios/editing/selection/4866671-expected.txt: Removed.
platform/mac/editing/selection/4866671-expected.png: Removed.
platform/mac/editing/selection/4866671-expected.txt: Removed.
platform/win/editing/selection/4866671-expected.txt: Removed.
platform/wincairo/editing/selection/4866671-expected.txt: Removed.

11:15 AM Changeset in webkit [293027] by Antti Koivisto

9 edits in trunk/Source/WebCore

[LFC][Integration] Use WeakPtr for InlineContent in iterator
https://bugs.webkit.org/show_bug.cgi?id=239492

Reviewed by Alan Bujtas.

Simplify the logic and increase robustness.

layout/integration/inline/InlineIteratorBoxModernPath.h:

(WebCore::InlineIterator::BoxModernPath::atEnd const):

If the layout goes away we are "at end", avoiding hitting null pointers.

layout/integration/inline/InlineIteratorLineBoxModernPath.h:

(WebCore::InlineIterator::LineBoxIteratorModernPath::atEnd const):

layout/integration/inline/LayoutIntegrationInlineContent.cpp:

(WebCore::LayoutIntegration::InlineContent::~InlineContent):
(WebCore::LayoutIntegration::InlineContent::clearAndDetach): Deleted.

No need for "detached" state, InlineContent is simply deleted.

layout/integration/inline/LayoutIntegrationInlineContent.h:

RefCounted -> CanMakeWeakPtr

(WebCore::LayoutIntegration::InlineContent::create): Deleted.

layout/integration/inline/LayoutIntegrationLineLayout.cpp:

(WebCore::LayoutIntegration::LineLayout::adjustForPagination):
(WebCore::LayoutIntegration::LineLayout::ensureInlineContent):
(WebCore::LayoutIntegration::LineLayout::clearInlineContent):

layout/integration/inline/LayoutIntegrationLineLayout.h:
layout/integration/inline/LayoutIntegrationPagination.cpp:

(WebCore::LayoutIntegration::makeAdjustedContent):
(WebCore::LayoutIntegration::adjustLinePositionsForPagination):

layout/integration/inline/LayoutIntegrationPagination.h:

11:07 AM Changeset in webkit [293026] by dino@apple.com

2 edits in trunk

Adding GitHub username.

metadata/contributors.json:

11:02 AM Changeset in webkit [293025] by Jonathan Bedard

2 edits in trunk/Tools

[ews-build.webkit.org] Resolve conflicting Mixin inheritance
https://bugs.webkit.org/show_bug.cgi?id=239504
<rdar://problem/91968024>

Reviewed by Aakash Jain.

Tools/CISupport/ews-build/steps.py:

(GitHubMixin.fetch_data_from_url_with_authentication_github): Renamed from fetch_data_from_url_with_authentication.
(GitHubMixin.get_pr_json): Invoke GitHub specific version.
(GitHubMixin.get_reviewers): Ditto.
(GitHubMixin.remove_labels): Ditto.
(BugzillaMixin.fetch_data_from_url_with_authentication_bugzilla): Renamed from fetch_data_from_url_with_authentication.
(BugzillaMixin.get_patch_json): Invoke buildbot specific version.
(BugzillaMixin.get_bug_json): Ditto.
(GitHubMixin.fetch_data_from_url_with_authentication): Renamed to fetch_data_from_url_with_authentication_github.
(BugzillaMixin.fetch_data_from_url_with_authentication): Renamed to fetch_data_from_url_with_authentication_bugzilla.

Canonical link: https://commits.webkit.org/249764@main

10:57 AM Changeset in webkit [293024] by Chris Dumez

6 edits in trunk/Source

Introduce makeAtomString()
https://bugs.webkit.org/show_bug.cgi?id=239464

Reviewed by Sam Weinig.

Source/WebCore:

Adopt makeAtomString() in a few places where it is useful.

html/parser/HTMLTreeBuilder.cpp:

(WebCore::HTMLTreeBuilder::insertPhoneNumberLink):

page/FrameTree.cpp:

(WebCore::FrameTree::generateUniqueName const):

svg/SVGLengthValue.cpp:

(WebCore::SVGLengthValue::valueAsAtomString const):

Source/WTF:

Introduce makeAtomString() which is an optimized version of makeString() when the caller knows it wants an
AtomString. It may avoid a StringImpl allocation when the string is already in the AtomStringTable.

wtf/text/StringConcatenate.h:

(WTF::tryMakeAtomStringFromAdapters):
(WTF::tryMakeAtomString):
(WTF::makeAtomString):

10:35 AM Changeset in webkit [293023] by Jonathan Bedard

2 edits in trunk/Tools

[build.webkit.org] Use identifier as version when uploading artifacts (Follow-up fix)
https://bugs.webkit.org/show_bug.cgi?id=239321
<rdar://problem/91734798>

Reviewed by Aakash Jain and Ryan Haddad.

Tools/CISupport/build-webkit-org/steps.py:

(UploadTestResults): Strip leading r.
(ExtractTestResults.init): Ditto.

Canonical link: https://commits.webkit.org/249762@main

10:31 AM Changeset in webkit [293022] by aakash_jain@apple.com

1 edit in trunk/Tools/CISupport/.gitignore

Remove public_html from .gitignore file for CISupport
https://bugs.webkit.org/show_bug.cgi?id=239501

Reviewed by Ross Kirsling.

Tools/CISupport/.gitignore:

Canonical link: https://commits.webkit.org/249761@main

10:24 AM Changeset in webkit [293021] by commit-queue@webkit.org

8 edits in trunk

Fix runtime expose scope check for shadow realms
https://bugs.webkit.org/show_bug.cgi?id=238381

LayoutTests/imported/w3c:

Reviewed Darin Adler.

Updated idlharness expectations to reflect the fix for
AbortController.timeout visibility

Patch by Joseph Griego <jgriego@igalia.com> on 2022-04-19

web-platform-tests/dom/idlharness-shadowrealm.window-expected.txt:

Source/WebCore:

Patch by Joseph Griego <jgriego@igalia.com> on 2022-04-19
Reviewed by Darin Adler.

Because shadow realms re-use their incubating realm's execution context
it doesn't make sense to check the is${expose_scope}GlobalScope
methods on ScriptExecutionContext anymore--instead, we'll use the type
information on the JSGlobalScope wrapper

This is at least justified in part by the fact that
JSDOMGlobalObject#scriptExecutionContext already does this internally
today to actually fetch the execution context, so, we can at least be
assured that this behaves the same way.

Some global scopes (notably, here, AudioWorklet) do not have distinct
wrapper types so we need to add a side condition to the generated code,
which we do after the type check.

Also removes ScriptExecutionContext::isShadowRealmGlobalScope as it's
now dead code and was never overridden anyways (a mistake left over
from the initial integration)

Tests: idlharness tests, including fixed visibility of
AbortController.timeout

bindings/scripts/CodeGeneratorJS.pm:

(GenerateRuntimeEnableConditionalStringForExposeScope):

bindings/scripts/test/JS/JSExposedStar.cpp:

(WebCore::JSExposedStarPrototype::finishCreation):

bindings/scripts/test/JS/JSTestDefaultToJSONFilteredByExposed.cpp:

(WebCore::JSTestDefaultToJSONFilteredByExposedPrototype::finishCreation):
(WebCore::jsTestDefaultToJSONFilteredByExposedPrototypeFunction_toJSONBody):

bindings/scripts/test/JS/JSTestObj.cpp:

(WebCore::JSTestObjPrototype::finishCreation):

dom/ScriptExecutionContext.h:

(WebCore::ScriptExecutionContext::isServiceWorkerGlobalScope const):
(WebCore::ScriptExecutionContext::isShadowRealmGlobalScope const): Deleted.

10:19 AM Changeset in webkit [293020] by ysuzuki@apple.com

3 edits in trunk/Source/JavaScriptCore

Unreviewed, disable UnlinkedDFG code in x64
https://bugs.webkit.org/show_bug.cgi?id=237863

dfg/DFGPlan.cpp:

(JSC::DFG::Plan::compileInThreadImpl):

jit/GPRInfo.h:

(JSC::GPRInfo::toRegister):

10:14 AM Changeset in webkit [293019] by Jonathan Bedard

1 edit in trunk/metadata/contributors.json

Adding botwatchers github usernames to contributors json

Reviewed by Jonathan Bedard.

metadata/contributors.json:

Canonical link: https://commits.webkit.org/249758@main

9:45 AM Changeset in webkit [293018] by ysuzuki@apple.com

4 edits in trunk/Source/JavaScriptCore

Unreviewed, do not use RELEASE_ASSERT_NOT_REACHED in super hot path to suppress warnings
https://bugs.webkit.org/show_bug.cgi?id=239290

bytecode/PropertyCondition.cpp:

(JSC::watchabilityToConcurrency):

runtime/JSObject.h:

(JSC::JSObject::getDirect const):

runtime/Structure.h:

(JSC::Structure::get):

8:58 AM Changeset in webkit [293017] by Simon Fraser

8 edits in trunk/Source/WebKit

Use ProcessTerminationReason::Unresponsive for unresponsive network processes
https://bugs.webkit.org/show_bug.cgi?id=239401

Reviewed by Chris Dumez.

NetworkProcessProxy used ProcessTerminationReason::RequestedByClient for all callers
of terminate(). Move the call to networkProcessDidTerminate() out to callers of
terminate() so they can pass the correct reasons.

Also use processTerminationReasonToString() in some more logs, and fix a log string
typo introduced in the previous commit.

UIProcess/GPU/GPUProcessProxy.cpp:

(WebKit::GPUProcessProxy::gpuProcessExited):

UIProcess/Network/NetworkProcessProxy.cpp:

(WebKit::NetworkProcessProxy::terminate):
(WebKit::NetworkProcessProxy::didBecomeUnresponsive):
(WebKit::NetworkProcessProxy::didReceiveInvalidMessage):

UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::resetStateAfterProcessTermination):

UIProcess/WebProcessPool.cpp:

(WebKit::WebProcessPool::gpuProcessExited):

UIProcess/WebProcessProxy.cpp:

(WebKit::WebProcessProxy::gpuProcessExited):
(WebKit::WebProcessProxy::processDidTerminateOrFailedToLaunch):

8:45 AM Changeset in webkit [293016] by aakash_jain@apple.com

5 edits in trunk/Tools

Delete old buildbot code from bot watchers dashboard
https://bugs.webkit.org/show_bug.cgi?id=239497

Reviewed by Jonathan Bedard.

Tools/CISupport/build-webkit-org/public_html/dashboard/Scripts/Buildbot.js:
Tools/CISupport/build-webkit-org/public_html/dashboard/Scripts/BuildbotIteration.js:
Tools/CISupport/build-webkit-org/public_html/dashboard/Scripts/BuildbotQueue.js:
Tools/CISupport/build-webkit-org/public_html/dashboard/Scripts/WebKitBuildbot.js:

Canonical link: https://commits.webkit.org/249755@main

5:32 AM Changeset in webkit [293015] by zan@falconsigh.net

6 edits
3 adds in trunk/Source/WebKit

[GTK][WPE][GPUProcess] Add RemoteGraphicsContextGLGBM, RemoteGraphicsContextGLProxyGBM
https://bugs.webkit.org/show_bug.cgi?id=239348

Reviewed by Carlos Garcia Campos.

Provide RemoteGraphicsContextGL and RemoteGraphicsContextGLProxy
implementations guarded by and based on USE(LIBGBM) functionality,
usable by the GTK and WPE ports when jointly enabled with ANGLE
backing of WebGL execution.

RemoteGraphicsContextGLGBM is the GPUProcess-side GL executor.
Internally it spawns a GraphicsContextGLGBM instance, and once invoked,
the PrepareForDisplay() IPC message returns the reply with the DMABuf
object that was used as the rendering backing in that context instance.

RemoteGraphicsContextGLProxyGBM is the WebProcess-side counterpart.
Besides relaying the prepare-for-display request, it also manages the
GraphicsLayerContentsDisplayDelegate object which handles presenting
DMABuf objects arriving from the GPUProcess. That delegate is of the
NicosiaDisplayDelegate type, a slim class also handling a
Nicosia::ContentLayer object through which any arriving DMABuf is
presented in the TextureMapper tree.

GPUProcess/graphics/RemoteGraphicsContextGL.cpp:
GPUProcess/graphics/RemoteGraphicsContextGL.h:
GPUProcess/graphics/RemoteGraphicsContextGL.messages.in:
GPUProcess/graphics/RemoteGraphicsContextGLGBM.cpp: Added.

(WebKit::RemoteGraphicsContextGLGBM::RemoteGraphicsContextGLGBM):
(WebKit::RemoteGraphicsContextGLGBM::platformWorkQueueInitialize):
(WebKit::RemoteGraphicsContextGLGBM::prepareForDisplay):
(WebKit::RemoteGraphicsContextGL::create):

SourcesGTK.txt:
SourcesWPE.txt:
WebProcess/GPU/graphics/gbm/RemoteGraphicsContextGLProxyGBM.cpp: Added.

(WebKit::NicosiaDisplayDelegate::NicosiaDisplayDelegate):
(WebKit::NicosiaDisplayDelegate::~NicosiaDisplayDelegate):
(WebKit::NicosiaDisplayDelegate::platformLayer const):
(WebKit::NicosiaDisplayDelegate::swapBuffersIfNeeded):
(WebKit::RemoteGraphicsContextGLProxyGBM::RemoteGraphicsContextGLProxyGBM):
(WebKit::RemoteGraphicsContextGLProxyGBM::layerContentsDisplayDelegate):
(WebKit::RemoteGraphicsContextGLProxyGBM::prepareForDisplay):
(WebKit::RemoteGraphicsContextGLProxy::create):

4:42 AM Changeset in webkit [293014] by commit-queue@webkit.org

2 edits in trunk/Source/WebCore

[GStreamer][WebRTC] Minor cleanup in IncomingSourceGStreamer
https://bugs.webkit.org/show_bug.cgi?id=239417

Patch by Philippe Normand <pnormand@igalia.com> on 2022-04-19
Reviewed by Xabier Rodriguez-Calvar.

platform/mediastream/gstreamer/RealtimeIncomingSourceGStreamer.cpp: Remove un-needed include.

(WebCore::RealtimeIncomingSourceGStreamer::registerClient): Minor optimization, create
string only for GStreamer builds enabling debug support.

Canonical link: https://commits.webkit.org/249753@main

3:56 AM Changeset in webkit [293013] by commit-queue@webkit.org

2 edits in trunk/Source/WebCore

[GStreamer] Runtime warning when the player configures the avdec AV1 decoder
https://bugs.webkit.org/show_bug.cgi?id=238991

Patch by Philippe Normand <pnormand@igalia.com> on 2022-04-19
Reviewed by Xabier Rodriguez-Calvar.

Not all libav GStreamer decoders have a max-threads property, the AV1 decoder for instance
does not. So we need to check the property is present before attempting to set it, in order
to avoid runtime warnings.

platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:

(WebCore::MediaPlayerPrivateGStreamer::configureVideoDecoder):

3:36 AM Changeset in webkit [293012] by ntim@apple.com

2 edits in trunk/LayoutTests

[iOS] Also skip resize-orthogonal-containing-block.html
https://bugs.webkit.org/show_bug.cgi?id=239459

Unreviewed test gardening.

I should have done this with the other resize tests.

platform/ios/TestExpectations:

2:28 AM Changeset in webkit [293011] by ntim@apple.com

2 edits in trunk/Source/WebCore

Clean up Element::isFocusableWithoutResolvingFullStyle()
https://bugs.webkit.org/show_bug.cgi?id=239028

Reviewed by Antti Koivisto.

dom/Element.cpp:

(WebCore::Element::isFocusableWithoutResolvingFullStyle const):

1:48 AM Changeset in webkit [293010] by Martin Robinson

2 edits in trunk/Source/JavaScriptCore

Fix the address sanitizer build when building with gcc
https://bugs.webkit.org/show_bug.cgi?id=238869

Reviewed by Philippe Normand.

runtime/ConfigFile.cpp:

(JSC::ConfigFile::ConfigFile):

1:06 AM Changeset in webkit [293009] by ysuzuki@apple.com

31 edits in trunk/Source/JavaScriptCore

[JSC] Use constants buffer in DFG
https://bugs.webkit.org/show_bug.cgi?id=237863

Reviewed by Saam Barati.

This patch newly introduces LinkableConstant concept. We replace TrustedImmPtr::weakPointer with
that, and it can be switched between two modes: (1) just embedding a constant pointer in machine code
or (2) emitting a load from specific callee-save register. We use (2) for unlinked DFG code so that
we can start decoupling constants from machine code, which will be separately allocated as DFG constant buffer.
To introduce this mechanism, we introduce CCallHelpers::ConstantMaterializer concept, which can be used
to materialize constant in a specified way in CCallHelpers. And we use this to implement DFG LinkableConstant.

We also avoid embedding global object pointer in the tail call by modifying CallFrameShuffler to save it.

Source/JavaScriptCore/assembler/MacroAssemblerARM64.h:

(JSC::MacroAssemblerARM64::transfer64):
(JSC::MacroAssemblerARM64::transferPtr):
(JSC::MacroAssemblerARM64::branch64):
(JSC::MacroAssemblerARM64::branchPtr):

Source/JavaScriptCore/assembler/MacroAssemblerRISCV64.h:

(JSC::MacroAssemblerRISCV64::transfer64):
(JSC::MacroAssemblerRISCV64::transferPtr):
(JSC::MacroAssemblerRISCV64::branch64):
(JSC::MacroAssemblerRISCV64::branchPtr):

Source/JavaScriptCore/assembler/MacroAssemblerX86_64.h:

(JSC::MacroAssemblerX86_64::transfer64):
(JSC::MacroAssemblerX86_64::transferPtr):
(JSC::MacroAssemblerX86_64::branch64):
(JSC::MacroAssemblerX86_64::branchPtr):

Source/JavaScriptCore/bytecode/CodeBlock.cpp:

(JSC::CodeBlock::setupWithLinkableBaselineCode):
(JSC::CodeBlock::~CodeBlock):
(JSC::CodeBlock::propagateTransitions):
(JSC::CodeBlock::finalizeJITInlineCaches):
(JSC::CodeBlock::getICStatusMap):
(JSC::CodeBlock::findStubInfo):
(JSC::CodeBlock::resetBaselineJITData):
(JSC::CodeBlock::stronglyVisitStrongReferences):
(JSC::CodeBlock::findPC):

Source/JavaScriptCore/bytecode/CodeBlock.h:

(JSC::CodeBlock::offsetOfJITData):
(JSC::CodeBlock::baselineJITData):
(JSC::CodeBlock::setDFGJITData):
(JSC::CodeBlock::dfgJITData):
(JSC::CodeBlock::offsetOfBaselineJITData): Deleted.

Source/JavaScriptCore/dfg/DFGCallArrayAllocatorSlowPathGenerator.h:
Source/JavaScriptCore/dfg/DFGJITCode.h:
Source/JavaScriptCore/dfg/DFGJITCompiler.cpp:

(JSC::DFG::JITCompiler::compileSetupRegistersForEntry):
(JSC::DFG::JITCompiler::compileFunction):
(JSC::DFG::JITCompiler::loadLinkableConstant):
(JSC::DFG::JITCompiler::storeLinkableConstant):
(JSC::DFG::JITCompiler::LinkableConstant::LinkableConstant):
(JSC::DFG::JITCompiler::LinkableConstant::materialize):
(JSC::DFG::JITCompiler::LinkableConstant::poke):

Source/JavaScriptCore/dfg/DFGJITCompiler.h:

(JSC::DFG::JITCompiler::branchLinkableConstant):
(JSC::DFG::JITCompiler::branchWeakPtr): Deleted.

Source/JavaScriptCore/dfg/DFGJITFinalizer.cpp:

(JSC::DFG::JITFinalizer::finalize):

Source/JavaScriptCore/dfg/DFGPlan.cpp:

(JSC::DFG::Plan::addLinkableConstant):
(JSC::DFG::Plan::finalizeJITData):

Source/JavaScriptCore/dfg/DFGPlan.h:
Source/JavaScriptCore/dfg/DFGSaneStringGetByValSlowPathGenerator.h:
Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::emitGetCallee):
(JSC::DFG::SpeculativeJIT::silentFill):
(JSC::DFG::SpeculativeJIT::compileDeleteById):
(JSC::DFG::SpeculativeJIT::compileDeleteByVal):
(JSC::DFG::SpeculativeJIT::compileInById):
(JSC::DFG::SpeculativeJIT::compileInByVal):
(JSC::DFG::SpeculativeJIT::compileHasPrivate):
(JSC::DFG::SpeculativeJIT::compilePushWithScope):
(JSC::DFG::SpeculativeJIT::compileStringSlice):
(JSC::DFG::SpeculativeJIT::compileToLowerCase):
(JSC::DFG::SpeculativeJIT::compileCurrentBlock):
(JSC::DFG::SpeculativeJIT::compileCheckTraps):
(JSC::DFG::SpeculativeJIT::compileContiguousPutByVal):
(JSC::DFG::SpeculativeJIT::compileDoublePutByVal):
(JSC::DFG::SpeculativeJIT::compilePutByVal):
(JSC::DFG::SpeculativeJIT::compileGetByValOnString):
(JSC::DFG::SpeculativeJIT::compileFromCharCode):
(JSC::DFG::SpeculativeJIT::compilePutByValForIntTypedArray):

Source/JavaScriptCore/dfg/DFGSpeculativeJIT.h:

(JSC::DFG::SpeculativeJIT::TrustedImmPtr::TrustedImmPtr):
(JSC::DFG::SpeculativeJIT::callOperationWithCallFrameRollbackOnException):
(JSC::DFG::SpeculativeJIT::branchLinkableConstant):

Source/JavaScriptCore/dfg/DFGSpeculativeJIT32_64.cpp:

(JSC::DFG::SpeculativeJIT::cachedGetById):
(JSC::DFG::SpeculativeJIT::cachedGetByIdWithThis):
(JSC::DFG::SpeculativeJIT::nonSpeculativeNonPeepholeCompareNullOrUndefined):
(JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeBranchNullOrUndefined):
(JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeStrictEq):
(JSC::DFG::SpeculativeJIT::genericJSValueNonPeepholeStrictEq):
(JSC::DFG::SpeculativeJIT::emitCall):
(JSC::DFG::SpeculativeJIT::compileToBooleanObjectOrOther):
(JSC::DFG::SpeculativeJIT::emitObjectOrOtherBranch):
(JSC::DFG::SpeculativeJIT::compileGetByVal):
(JSC::DFG::SpeculativeJIT::compile):
(JSC::DFG::SpeculativeJIT::compileArithRandom):

Source/JavaScriptCore/dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::cachedGetById):
(JSC::DFG::SpeculativeJIT::cachedGetByIdWithThis):
(JSC::DFG::SpeculativeJIT::nonSpeculativeNonPeepholeCompareNullOrUndefined):
(JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeBranchNullOrUndefined):
(JSC::DFG::SpeculativeJIT::nonSpeculativePeepholeStrictEq):
(JSC::DFG::SpeculativeJIT::genericJSValueNonPeepholeStrictEq):
(JSC::DFG::SpeculativeJIT::emitCall):
(JSC::DFG::SpeculativeJIT::compileCompareEqPtr):
(JSC::DFG::SpeculativeJIT::compileToBooleanObjectOrOther):
(JSC::DFG::SpeculativeJIT::emitObjectOrOtherBranch):
(JSC::DFG::SpeculativeJIT::emitUntypedBranch):
(JSC::DFG::SpeculativeJIT::compileGetByVal):
(JSC::DFG::SpeculativeJIT::compileRegExpTestInline):
(JSC::DFG::SpeculativeJIT::compile):

Source/JavaScriptCore/dfg/DFGThunks.cpp:

(JSC::DFG::osrEntryThunkGenerator):

Source/JavaScriptCore/jit/AssemblyHelpers.cpp:

(JSC::AssemblyHelpers::executableFor): Deleted.

Source/JavaScriptCore/jit/AssemblyHelpers.h:

(JSC::AssemblyHelpers::globalObjectFor): Deleted.

Source/JavaScriptCore/jit/CCallHelpers.h:

(JSC::CCallHelpers::pokeForArgument):
(JSC::CCallHelpers::setupArgumentsImpl):

Source/JavaScriptCore/jit/GPRInfo.h:

(JSC::GPRInfo::toRegister):

Source/JavaScriptCore/jit/JIT.cpp:

(JSC::JIT::privateCompileMainPass):
(JSC::JIT::emitMaterializeMetadataAndConstantPoolRegisters):

Source/JavaScriptCore/jit/JITOpcodes.cpp:

(JSC::JIT::emit_op_catch):

Source/JavaScriptCore/jit/JITOperations.cpp:

(JSC::JSC_DEFINE_JIT_OPERATION):

Source/JavaScriptCore/jit/JITOperations.h:
Source/JavaScriptCore/jit/RegisterSet.cpp:

(JSC::RegisterSet::llintBaselineCalleeSaveRegisters):
(JSC::RegisterSet::dfgCalleeSaveRegisters):

Source/JavaScriptCore/llint/LLIntData.h:
Source/JavaScriptCore/llint/LowLevelInterpreter.asm:
Source/JavaScriptCore/runtime/JSGlobalObject.h:

(JSC::JSGlobalObject::offsetOfGlobalThis):

Canonical link: https://commits.webkit.org/249748@main

Apr 18, 2022:

11:38 PM Changeset in webkit [293008] by zan@falconsigh.net

2 edits in trunk/Source/WebCore

Remove the PlatformMediaEngineClassName macro
https://bugs.webkit.org/show_bug.cgi?id=239384

Reviewed by Philippe Normand.

Remove the PlatformMediaEngineClassName macro used in the MediaPlayer
implementation file. It's only used for two media engines.

For GStreamer, the code can be simplified and grouped under a single
if-block. For USE_MEDIA_FOUNDATION, the relevant call can similarly be
guarded by the corresponding build guards.

platform/graphics/MediaPlayer.cpp:

(WebCore::WTF_REQUIRES_LOCK):

10:26 PM Changeset in webkit [293007] by mmaxfield@apple.com

5 edits in trunk/LayoutTests

[WebGPU] Unskip api/validation/createSampler.html 🎉
https://bugs.webkit.org/show_bug.cgi?id=239448

Reviewed by Darin Adler.

Turns out we were already passing it.

http/tests/webgpu/webgpu/api/validation/createSampler-expected.txt:
platform/ios-device-wk1/TestExpectations:
platform/ios-simulator-wk1/TestExpectations:
platform/mac-wk1/TestExpectations:

8:25 PM Changeset in webkit [293006] by Tyler Wilcock

22 edits
5 adds in trunk

AX: Update the isolated tree in response to AXElementBusyChanged and AXTextChanged notifications
https://bugs.webkit.org/show_bug.cgi?id=239434

Reviewed by Chris Fleizach.

Source/WebCore:

We need to update the isolated tree in response to these notifications.

This patch also makes AccessibilityNodeObjects (e.g. for display:contents elements)
properly report AXCoreObject::isBusy by moving AccessibilityRenderObject's implementation
to AccessibilityNodeObject. This also required AccessibilityRenderObject::elementAttributeValue
to move as well.

Tests: accessibility/text-updates-after-dynamic-change.html

accessibility/aria-busy-updates-after-dynamic-change.html

accessibility/AXObjectCache.cpp:

(WebCore::AXObjectCache::updateIsolatedTree):

accessibility/AccessibilityNodeObject.cpp:

(WebCore::AccessibilityNodeObject::isBusy const):
Moved from AccessibilityRenderObject.
(WebCore::AccessibilityNodeObject::elementAttributeValue const):
Moved from AccessibilityRenderObject.

accessibility/AccessibilityNodeObject.h:
accessibility/AccessibilityRenderObject.cpp:

(WebCore::AccessibilityRenderObject::setElementAttributeValue):
Delete this method as it was unused.
(WebCore::AccessibilityRenderObject::elementAttributeValue const):
Moved to AccessibilityNodeObject.
(WebCore::AccessibilityRenderObject::isBusy const):
Moved to AccessibilityNodeObject.

accessibility/AccessibilityRenderObject.h:

Tools:

Added necessary tooling to enable querying AX object busy state for
the test added with this patch.

DumpRenderTree/AccessibilityUIElement.cpp:

(getIsBusyCallback):
(AccessibilityUIElement::getJSClass):

DumpRenderTree/AccessibilityUIElement.h:
DumpRenderTree/ios/AccessibilityUIElementIOS.mm:

(AccessibilityUIElement::isBusy const):

DumpRenderTree/mac/AccessibilityUIElementMac.mm:

(AccessibilityUIElement::isBusy const):

DumpRenderTree/win/AccessibilityUIElementWin.cpp:

(AccessibilityUIElement::isBusy const):

WebKitTestRunner/InjectedBundle/AccessibilityUIElement.h:
WebKitTestRunner/InjectedBundle/Bindings/AccessibilityUIElement.idl:
WebKitTestRunner/InjectedBundle/atspi/AccessibilityUIElementAtspi.cpp:

(WTR::AccessibilityUIElement::isBusy const):

WebKitTestRunner/InjectedBundle/ios/AccessibilityUIElementIOS.mm:

(WTR::AccessibilityUIElement::isBusy const):

WebKitTestRunner/InjectedBundle/mac/AccessibilityUIElementMac.mm:

(WTR::AccessibilityUIElement::isBusy const):

WebKitTestRunner/InjectedBundle/win/AccessibilityUIElementWin.cpp:

(WTR::AccessibilityUIElement::isBusy const):

LayoutTests:

accessibility/text-updates-after-dynamic-change-expected.txt: Added.
accessibility/text-updates-after-dynamic-change.html: Added.
accessibility/aria-busy-updates-after-dynamic-change-expected.txt: Added.
accessibility/aria-busy-updates-after-dynamic-change.html: Added.
platform/glib/TestExpectations:

Skip new test.

platform/ios/TestExpectations:

Enable new tests.

platform/ios/accessibility/text-updates-after-dynamic-change-expected.txt: Added.
platform/win/TestExpectations:

Skip aria-busy-updates-after-dynamic-change.html.

7:45 PM Changeset in webkit [293005] by commit-queue@webkit.org

37 edits in trunk

Implement CSSTransformValue.is2D
https://bugs.webkit.org/show_bug.cgi?id=239462

Patch by Alex Christensen <achristensen@webkit.org> on 2022-04-18
Reviewed by Simon Fraser.

LayoutTests/imported/w3c:

web-platform-tests/css/css-typed-om/stylevalue-subclasses/cssMatrixComponent.tentative-expected.txt:
web-platform-tests/css/css-typed-om/stylevalue-subclasses/cssRotate.tentative-expected.txt:
web-platform-tests/css/css-typed-om/stylevalue-subclasses/cssScale.tentative-expected.txt:
web-platform-tests/css/css-typed-om/stylevalue-subclasses/cssTransformValue.tentative-expected.txt:
web-platform-tests/css/css-typed-om/stylevalue-subclasses/cssPerspective.tentative-expected.txt:

Source/WebCore:

This is an off-by-default feature.
Covered by WPT tests.

bindings/js/JSCSSTransformComponentCustom.cpp:

(WebCore::toJSNewlyCreated):

css/typedom/CSSNumericValue.cpp:

(WebCore::CSSNumericValue::rectifyNumberish):

css/typedom/CSSNumericValue.h:
css/typedom/numeric/CSSNumericType.h:

(WebCore::CSSNumericType::valueForType const):
(WebCore::CSSNumericType::nonZeroEntryCount const):
(WebCore::CSSNumericType::matches const):
(WebCore::CSSNumericType::matchesNumber const):

css/typedom/transform/CSSMatrixComponent.cpp:

(WebCore::CSSMatrixComponent::create):
(WebCore::CSSMatrixComponent::CSSMatrixComponent):

css/typedom/transform/CSSMatrixComponent.h:

(WebCore::CSSMatrixComponent::create): Deleted.

css/typedom/transform/CSSMatrixComponent.idl:
css/typedom/transform/CSSRotate.cpp:

(WebCore::CSSRotate::create):
(WebCore::CSSRotate::CSSRotate):
(WebCore::CSSRotate::setX):
(WebCore::CSSRotate::setY):
(WebCore::CSSRotate::setZ):
(WebCore::CSSRotate::setAngle):

css/typedom/transform/CSSRotate.h:

(WebCore::CSSRotate::x):
(WebCore::CSSRotate::y):
(WebCore::CSSRotate::z):
(WebCore::CSSRotate::setX): Deleted.
(WebCore::CSSRotate::setY): Deleted.
(WebCore::CSSRotate::setZ): Deleted.
(WebCore::CSSRotate::setAngle): Deleted.

css/typedom/transform/CSSScale.cpp:

(WebCore::CSSScale::create):
(WebCore::CSSScale::CSSScale):

css/typedom/transform/CSSScale.h:

(WebCore::CSSScale::x const):
(WebCore::CSSScale::y const):
(WebCore::CSSScale::z const):
(WebCore::CSSScale::x): Deleted.
(WebCore::CSSScale::y): Deleted.
(WebCore::CSSScale::z): Deleted.

css/typedom/transform/CSSTransformComponent.cpp:

(WebCore::CSSTransformComponent::toString const):
(WebCore::CSSTransformComponent::toMatrix): Deleted.

css/typedom/transform/CSSTransformComponent.h:

(WebCore::CSSTransformComponent::CSSTransformComponent):
(WebCore::CSSTransformComponent::getType const): Deleted.

css/typedom/transform/CSSTransformValue.cpp:

(WebCore::CSSTransformValue::create):
(WebCore::CSSTransformValue::setItem):
(WebCore::CSSTransformValue::is2D const):
(WebCore::CSSTransformValue::setIs2D): Deleted.

css/typedom/transform/CSSTransformValue.h:
css/typedom/transform/CSSTranslate.h:

5:54 PM Changeset in webkit [293004] by Wenson Hsieh

2 edits in trunk/LayoutTests

[iOS] fast/events/touch/force-press-event.html fails on iPhones with top safe area insets
https://bugs.webkit.org/show_bug.cgi?id=239475

Reviewed by Darin Adler.

Adjust this test so that it simulates a force press over the center of the target element.

platform/iphone-7/fast/events/touch/force-press-event.html:

5:50 PM Changeset in webkit [293003] by Alan Coon

3 edits
2 adds in branches/safari-613-branch

Cherry-pick r292858. rdar://problem/90699078

[web-animations] REGRESSION(r291527): assertion hit during teardown of document with CSS Animations
https://bugs.webkit.org/show_bug.cgi?id=239291
rdar://90699078

Reviewed by Dean Jackson.

Source/WebCore:

When a CSS Animation is not considered to be relevant anymore, it is removed from both AnimationTimeline::m_animations
and Styleable::animations(). However, if that animation becomes relevant again, it will be added back to the associated
effect stack as well as AnimationTimeline::m_animations but not to Styleable::animations().

This causes a problem because when eventually that CSS Animation's target is removed from the tree, such as during
document teardown, Styleable::cancelDeclarativeAnimations() will be called an iterate over Styleable::animations()
to find declarative animations to cancel. Since the CSS animation was not added to Styleable::animations(), it will
not be canceled and the associated effect will not be removed from the effect stack.

Later in Styleable::cancelDeclarativeAnimations(), the list of associated CSS Animation names is cleared.

If during that teardown an animation resolution is performed, such as within a "beforeunload" event listener as
shown in the new test, we will get into a state where there are effects left in the effect stack of the element
being torn down but no associated CSS Animation names and we will hit the RELEASE_ASSERT_NOT_REACHED() at the
end of compareCSSAnimations().

To fix this, we simply ensure that we add animations back to Styleable::animations() within
AnimationTimeline::animationTimingDidChange() the same way we add the animations back to
AnimationTimeline::m_animations.

Test: webanimations/css-animation-resolution-during-teardown.html

animation/AnimationTimeline.cpp: (WebCore::AnimationTimeline::animationTimingDidChange):

LayoutTests:

Add a new test that would have asserted prior to the source change.

webanimations/css-animation-resolution-during-teardown-expected.txt: Added.
webanimations/css-animation-resolution-during-teardown.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@292858 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5:50 PM Changeset in webkit [293002] by Alan Coon

3 edits in branches/safari-613-branch/Source/WebKit

Cherry-pick r292846. rdar://problem/88965550

Adjust when _setPrivacyProxyFailClosedForUnreachableNonMainHosts is called
https://bugs.webkit.org/show_bug.cgi?id=237735

Reviewed by Geoff Garen.

This is recommitting http://trac.webkit.org/r291598 but leaving the definition of PrivateRelayed::Yes and ::No
based on whether metrics._privacyStance == nw_connection_privacy_stance_direct instead of nw_connection_privacy_stance_failed.
It has flip flopped several times in the various related commits, but it needs to be nw_connection_privacy_stance_direct.
I manually verified that this fixes <rdar://88965550> without reintroducing <rdar://90677955>.

NetworkProcess/cocoa/NetworkDataTaskCocoa.mm: (WebKit::NetworkDataTaskCocoa::NetworkDataTaskCocoa):
NetworkProcess/cocoa/NetworkSessionCocoa.mm: (-[WKNetworkSessionDelegate URLSession:dataTask:didReceiveResponse:completionHandler:]): (WebKit::NetworkSessionCocoa::createWebSocketTask):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@292846 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5:50 PM Changeset in webkit [293001] by Alan Coon

5 edits in branches/safari-613-branch/Source/WebCore

Cherry-pick r292779. rdar://problem/89750945

RejectedPromiseTracker can be recreated if we are in a worker / worklet whose execution is terminating
https://bugs.webkit.org/show_bug.cgi?id=239130

Reviewed by Chris Dumez.

We update ScriptExecutionContext::ensureRejectedPromiseTrackerSlow so that we wont
recreate the promise tracker if we are in a worker / worklet whose execution is terminating.

bindings/js/JSDOMGlobalObject.cpp: (WebCore::JSDOMGlobalObject::promiseRejectionTracker):
bindings/js/JSExecState.cpp: (WebCore::JSExecState::didLeaveScriptContext):
dom/ScriptExecutionContext.cpp: (WebCore::ScriptExecutionContext::ensureRejectedPromiseTrackerSlow):
dom/ScriptExecutionContext.h: (WebCore::ScriptExecutionContext::ensureRejectedPromiseTracker):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@292779 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5:50 PM Changeset in webkit [293000] by Alan Coon

2 edits in branches/safari-613-branch/Source/ThirdParty/ANGLE

Cherry-pick r292743. rdar://problem/91437430

This WebGL example crashes
https://bugs.webkit.org/show_bug.cgi?id=238953

Null-check subnodes while performing a deep copy for
loops, and branches. These nodes can be null in some cases

Reviewed by Dean Jackson.

src/compiler/translator/IntermNode.cpp: (sh::TIntermBranch::TIntermBranch): (sh::TIntermLoop::TIntermLoop):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@292743 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5:50 PM Changeset in webkit [292999] by Alan Coon

2 edits in branches/safari-613-branch/Source/WebCore

Cherry-pick r292638. rdar://problem/91255370

Simplify / Optimize the whitespace cache implementation
https://bugs.webkit.org/show_bug.cgi?id=238736
<rdar://problem/91255370>

Reviewed by Darin Adler.

Follow-up to r292310 to add missing blank lines.

html/parser/HTMLConstructionSite.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@292638 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5:50 PM Changeset in webkit [292998] by Alan Coon

4 edits in branches/safari-613-branch/Source

Cherry-pick r292609. rdar://problem/90882766

Broaden TypedArray API fix to all apps not just Bleacher Report
https://bugs.webkit.org/show_bug.cgi?id=238955

Reviewed by Saam Barati.

Source/JavaScriptCore:

API/JSTypedArray.cpp: (isLinkedBeforeTypedArrayLengthQuirk): (JSObjectGetArrayBufferByteLength): (isBleecherReport): Deleted.

Source/WTF:

wtf/cocoa/RuntimeApplicationChecksCocoa.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@292609 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5:50 PM Changeset in webkit [292997] by Alan Coon

7 edits
1 add in branches/safari-613-branch

Cherry-pick r292594. rdar://problem/91467003

[JSC] Fire structure transition watchpoint in Structure::finishCreation instead of Structure constructor
https://bugs.webkit.org/show_bug.cgi?id=238980

Reviewed by Saam Barati.

JSTests:

stress/heap-allocation-in-did-structure-transition-watchpoint.js: Added. (isPropertyOfType): (getProperties): (getObjects): (getRandomObject): (getRandomProperty): (callGC): (get var):

Source/JavaScriptCore:

After https://github.com/WebKit/WebKit/commit/dc3a347474a183891f8e07966dc09e684d7a1d13 change,
we start using Structure::get in the main thread. However one of the difference between Structure::get and
Structure::getConcurrently is that it can allocate GC memory: PropertyTable can be materialized.

Structure constructor was firing structure transition watchpoint. And some of watchpoints were using
Structure::getConcurrently. That's fine before, but now, it becomes Structure::get. It is not OK since
we cannot allocate GC memory inside constructor of GC managed objects.

This patch split didTransitionFromThisStructure into didTransitionFromThisStructureWithoutFiringWatchpoint and
fireStructureTransitionWatchpoint. And firing watchpoints in Structure::finishCreation instead of Structure
constructor so that we can allocate GC memory while firing watchpoints.

runtime/BrandedStructure.cpp: (JSC::BrandedStructure::BrandedStructure): (JSC::BrandedStructure::create):
runtime/BrandedStructure.h:
runtime/Structure.cpp: (JSC::Structure::Structure): (JSC::Structure::didTransitionFromThisStructureWithoutFiringWatchpoint const): (JSC::Structure::fireStructureTransitionWatchpoint const): (JSC::Structure::didTransitionFromThisStructure const):
runtime/Structure.h: (JSC::Structure::finishCreation):
runtime/StructureInlines.h: (JSC::Structure::create):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@292594 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5:50 PM Changeset in webkit [292996] by Alan Coon

4 edits in branches/safari-613-branch/Source/WebCore

Cherry-pick r292585. rdar://problem/90553831

When using a TrackDisplayUpdateScope queue updateActiveTextTrackCues as a task
https://bugs.webkit.org/show_bug.cgi?id=238963

Reviewed by Eric Carlson.

The HTMLMediaElement::didRemoveTextTrack call is done under ScriptDisallowedScope but this path
currently can call updateActiveTextTrackCues which could result in updating the layout downstream.
To resolve this we execute updateActiveTextTrackCues under a queueCancellableTaskKeepingObjectAlive call.

We also add a needed check in RenderVTTCue::initializeLayoutParameters exposed by queueing the task.

html/HTMLMediaElement.cpp: (WebCore::HTMLMediaElement::endIgnoringTrackDisplayUpdateRequests): (WebCore::HTMLMediaElement::cancelPendingTasks):
html/HTMLMediaElement.h:
rendering/RenderVTTCue.cpp: (WebCore::RenderVTTCue::initializeLayoutParameters):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@292585 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5:50 PM Changeset in webkit [292995] by Alan Coon

4 edits in branches/safari-613-branch/Source/WebCore

Cherry-pick r292563. rdar://problem/88969850

(Safari 15 - iOS15): Increased audio latency on streaming via webrtc
https://bugs.webkit.org/show_bug.cgi?id=236363
<rdar://problem/88969850>

Reviewed by Eric Carlson.

On macOS 12.3, the default preferred buffer size is roughly 100 ms.
This is ok for regular audio playback but is not desirable when playing realtime audio.
To reduce the perceived latency, we now reduce the preferred buffer size to 20ms
whenever playing an audio MediaStreamTrack, similarly to when capturing audio.

Manually tested.

platform/audio/PlatformMediaSession.cpp:
platform/audio/PlatformMediaSession.h:
platform/audio/cocoa/MediaSessionManagerCocoa.mm:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@292563 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5:49 PM Changeset in webkit [292994] by Alan Coon

2 edits in branches/safari-613-branch/Source/WebCore

Cherry-pick r292560. rdar://problem/90924861

Iterate over copy of animated properties in WebCore::WebAnimation::commitStyles
https://bugs.webkit.org/show_bug.cgi?id=238940

Reviewed by Antoine Quint.

WebAnimation::resolve can end up clearing the animated properties during iteration.

The proposal here will make a copy of the properties before applying the steps
outlined in the spec.

animation/WebAnimation.cpp: (WebCore::WebAnimation::commitStyles):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@292560 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5:49 PM Changeset in webkit [292993] by Alan Coon

4 edits
4 adds in branches/safari-613-branch

Cherry-pick r292522. rdar://problem/91130503

NBSP characters drawn in fonts that don't support the space character turn into boxes
https://bugs.webkit.org/show_bug.cgi?id=238836
<rdar://problem/91130503>

Reviewed by Alan Bujtas.

Source/WebCore:

We have some historical code in WebKit where we swap out the non-breaking space glyph
for the space glyphs when rendering. This is not what the other browsers do; they will
faithfully render the non-breaking space glyph. This patch aligns with the other
browsers.

This patch also fixes a similar problem with tab characters. Other browsers never
render any visible tab glyphs, even if the font has a visible glyph for the tab
character. This patch implements this.

This patch also only clobbers the glyphs used for carriageReturn and newlineCharacter
if the replacement glyph exists.

Test: fast/text/nbsp-no-space.html

platform/graphics/WidthIterator.cpp: (WebCore::WidthIterator::applyCSSVisibilityRules):

LayoutTests:

fast/text/nbsp-no-space-expected.html: Added.
fast/text/nbsp-no-space.html: Added.
fast/text/resources/Ahem-nbsp-no-space.ttf: Added. Supports NBSP but not space.
fast/text/resources/Ahem-visible-tab-and-space.ttf: Added. Has visible glyphs for tab and space.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@292522 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5:49 PM Changeset in webkit [292992] by Alan Coon

4 edits
1 add in branches/safari-613-branch

Cherry-pick r292484. rdar://problem/89253391

[JSC] Substring resolving should check 8bit / 16bit again
https://bugs.webkit.org/show_bug.cgi?id=236775
<rdar://problem/89253391>

Reviewed by Saam Barati.

JSTests:

stress/8bit-16bit-atomize-conversion.js: Added. (main.v64): (main):

Source/JavaScriptCore:

Substring JSString is wrapping JSString. Thus it is possible that underlying JSString's 8Bit / 16Bit status
becomes different from substring JSString wrapper's bit. We should not assume they are the same.

runtime/JSString.cpp: (JSC::JSRopeString::resolveRopeInternal const): (JSC::JSRopeString::resolveRopeToAtomString const): (JSC::JSRopeString::resolveRopeToExistingAtomString const): (JSC::JSRopeString::resolveRopeInternal8 const): Deleted. (JSC::JSRopeString::resolveRopeInternal16 const): Deleted.
runtime/JSString.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@292484 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5:49 PM Changeset in webkit [292991] by Alan Coon

2 edits in branches/safari-613-branch/Source/WebCore

Cherry-pick r292482. rdar://problem/91299672

Check for document page in WorkerMessagingProxy::createCacheStorageConnection
https://bugs.webkit.org/show_bug.cgi?id=238872

Reviewed by Chris Dumez.

Add a check to the document page, similarily to how it is currently done in
WorkerMessagingProxy::createRTCDataChannelRemoteHandlerConnection.

workers/WorkerMessagingProxy.cpp: (WebCore::WorkerMessagingProxy::createCacheStorageConnection):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@292482 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5:49 PM Changeset in webkit [292990] by Alan Coon

9 edits in branches/safari-613-branch/Source/JavaScriptCore

Cherry-pick r292475. rdar://problem/91078546

CSE should be more careful with values that have WritesPinned, ExitsSideways, or are of different sizes
https://bugs.webkit.org/show_bug.cgi?id=238302

Reviewed by Saam Barati.

1) CSE for WasmAddressValue searches for any nodes marked with WritesPinned between all paths from the redundant
WasmAddressValue to the replacement that dominates it. For a switch construct, we might miss some paths while
performing this DFS of predecessor blocks because the termination condition was a break instead of a continue.

2) The CSE phase looks for a pattern it calls a store after clobber. That is, two stores to the same location where
the first store is not observable. It searches for reads and writes that overlap with the store and its clobber, and
bails if it finds them. When we add in CSE for WasmAddressValue, we expose the fact that WasmBoundsCheck has ExitSideways
but does not claim to read top, even though the code it exits to totally can. This can cause us to eliminate an observable store.

3) The store after clobber phase does not check that the size of the clobber is the same as the size of the store. Again,
this is usually hidden by JavaScript because the sizes are usually the same. Also, when WASM fast memory is enabled, this
bug is hidden because the loads/stores say that they may trap. That is why the unity test case only failed on iOS (although
it does fail on mac with XPC_JSC_useWebAssemblyFastMemory=0).

b3/B3EliminateCommonSubexpressions.cpp:
b3/testb3.h:
b3/testb3_8.cpp: (testWasmAddressDoesNotCSE): (addCopyTests):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@292475 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5:49 PM Changeset in webkit [292989] by Alan Coon

2 edits in branches/safari-613-branch/Source/WebCore

Cherry-pick r292418. rdar://problem/91312118

Avoid unnecessary traversal when updating list markers
https://bugs.webkit.org/show_bug.cgi?id=238795

Reviewed by Anders Carlsson.

This code could use a full rewrite but there are also some simple optimizations that can be done.

rendering/RenderListItem.cpp: (WebCore::nextListItemHelper):

Don't advance into non-rendered subtrees. We won't find any renderers there.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@292418 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5:49 PM Changeset in webkit [292988] by Alan Coon

5 edits in branches/safari-613-branch

Cherry-pick r292401. rdar://problem/83168970

5 Media API tests are flakily timing out on iOS14
https://bugs.webkit.org/show_bug.cgi?id=230321
<rdar://problem/83168970>

Reviewed by Jer Noble.

Source/WebKit:

Un-skipped API test WKWebViewPausePlayingAudioTests.OutOfWindow

UIProcess/ios/WebPageProxyIOS.mm: (WebKit::WebPageProxy::applicationWillEnterForegroundForMedia): Log the correct name.

WebProcess/WebPage/ios/WebPageIOS.mm: (WebKit::WebPage::applicationDidEnterBackgroundForMedia): Call PlatformMediaSessionManager. (WebKit::WebPage::applicationWillEnterForegroundForMedia): Ditto.

Tools:

TestWebKitAPI/Tests/ios/WKWebViewPausePlayingAudioTests.mm: (TestWebKitAPI::TEST):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@292401 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5:49 PM Changeset in webkit [292987] by Alan Coon

4 edits
2 adds in branches/safari-613-branch

Cherry-pick r292400. rdar://problem/89382543

[macOS][selectors] :focus-visible matching on button focused via script (after clicking on a different button)
https://bugs.webkit.org/show_bug.cgi?id=236782
<rdar://problem/89382543>

Reviewed by Antti Koivisto.

LayoutTests/imported/w3c:

Add specific test for <button> element.

web-platform-tests/css/selectors/focus-visible-script-focus-008-b-expected.txt: Added.
web-platform-tests/css/selectors/focus-visible-script-focus-008-b.html: Added.

Source/WebCore:

Document::m_latestFocusTrigger was not being updated after clicking on a button (or other form controls)
on platforms different than GTK and WPE.
This is because HTMLFormControlElement::isMouseFocusable() returns false on such platforms.

This issue is causing problems with :focus-visible, as the button is not actually focused via mouse click,
if you move the focus via script afterwards, the new focused element always match :focus-visible.

This patch is a workaround to solve that issue, by updating m_latestFocusTrigger on Document
even if the element is not actually focused.
That way :focus-visible doesn't match if there's a script focus afterwards.

Fix :focus-visible after clicking on a button on Mac

Test: imported/w3c/web-platform-tests/css/selectors/focus-visible-script-focus-008-b.html

dom/Document.h: (WebCore::Document::setLatestFocusTrigger):
page/EventHandler.cpp: (WebCore::EventHandler::dispatchMouseEvent):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@292400 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5:49 PM Changeset in webkit [292986] by Alan Coon

4 edits in branches/safari-613-branch/Source/WebKit

Cherry-pick r292319. rdar://problem/89916360

Remove display list map entry before remote resource
https://bugs.webkit.org/show_bug.cgi?id=238764

Reviewed by Simon Fraser.

GPUProcess/graphics/RemoteDisplayListRecorder.cpp: (WebKit::RemoteDisplayListRecorder::clearImageBufferReference):
GPUProcess/graphics/RemoteDisplayListRecorder.h:
GPUProcess/graphics/RemoteRenderingBackend.cpp: (WebKit::RemoteRenderingBackend::releaseRemoteResourceWithQualifiedIdentifier):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@292319 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5:49 PM Changeset in webkit [292985] by Alan Coon

3 edits in branches/safari-613-branch/Source/WebCore

Cherry-pick r292310. rdar://problem/91255370

Simplify / Optimize the whitespace cache implementation
https://bugs.webkit.org/show_bug.cgi?id=238736

Reviewed by Sam Weinig.

Instead of using 2 C arrays of size maximumCachedStringLength + 1 Vector with an inline
buffer of size maximumCachedStringLength, we now used a single FixedVector of size
maximumCachedStringLength.

Because the Vector has an inline buffer whose size is the max size of the cache, using
a FixedVector is just more efficient. It also means we don't need to store indexes in
that Vector in a separate C array. Finally, I used a struct named AtomStringWithCode to
store { AtomString, uint64 code } so we don't need separate containers for the AtomString
and the code.

Note that I added VectorTraits for the new AtomStringWithCode struct to make sure it can
get initialized via a simple memset.

This is a 0.25-0.3% progression on Speedometer according to A/B bots.

html/parser/HTMLConstructionSite.cpp: (WebCore::WhitespaceCache::lookup):
html/parser/HTMLConstructionSite.h: (WebCore::WhitespaceCache::WhitespaceCache):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@292310 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5:49 PM Changeset in webkit [292984] by Alan Coon

2 edits in branches/safari-613-branch/Source/JavaScriptCore

Cherry-pick r292269. rdar://problem/91204413

AI should do int32 optimization in ValueRep
https://bugs.webkit.org/show_bug.cgi?id=238699

Reviewed by Saam Barati.

When constant folding an int52 into a ValueRep AI doesn't
do our normal int32 boxing optimization. I'm not sure if
it matters since I couldn't find a test but it probably
doesn't hurt.

dfg/DFGAbstractInterpreterInlines.h: (JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@292269 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5:49 PM Changeset in webkit [292983] by Alan Coon

10 edits in branches/safari-613-branch

Cherry-pick r291852. rdar://problem/83235846

Improve rebuilding of ruby subtrees
https://bugs.webkit.org/show_bug.cgi?id=238365

Source/WebCore:

Patch by Frédéric Wang <fwang@igalia.com> on 2022-03-25
Reviewed by Alan Bujtas.

Don't collapse generated Ruby subtree when tearing down children and take into account the
fact that anonymous before/after node can belong to a display: content child.

rendering/updating/RenderTreeBuilder.cpp: (WebCore::RenderTreeBuilder::destroyAndCleanUpAnonymousWrappers): Don't collapse.
rendering/updating/RenderTreeBuilderRuby.cpp: (WebCore::lastRubyRun): Child can be also be an anonymous after content. (WebCore::RenderTreeBuilder::Ruby::findOrCreateParentForChild): When beforeChild is an anonymous before/after, just fallback to appending to the last ruby run.

LayoutTests:

Patch by Frederic Wang <fred.wang@free.fr> on 2022-03-25
Reviewed by Alan Bujtas.

Expectation for rubyDOM-remove-text2.html is updated now that we don't collapse anonymous
RenderRubyBase nodes.

platform/gtk/fast/ruby/rubyDOM-remove-text2-expected.txt: Updated.
platform/ios/fast/ruby/rubyDOM-remove-text2-expected.txt: Updated.
platform/mac/fast/ruby/rubyDOM-remove-text2-expected.txt: Updated.
platform/win/fast/ruby/rubyDOM-remove-text2-expected.txt: Updated.
platform/wincairo/fast/ruby/rubyDOM-remove-text2-expected.txt: Updated.
platform/wpe/fast/ruby/rubyDOM-remove-text2-expected.txt: Updated.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@291852 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5:49 PM Changeset in webkit [292982] by Alan Coon

4 edits in branches/safari-613-branch/LayoutTests

Cherry-pick r290622. rdar://problem/90454629

REBASELINE [ iOS15 ] fast/text/khmer-lao-font.html is a constant text failure
<rdar://88841324>

Unreviewed test gardening. Rebaseline for iOS15.

platform/ios-wk2/TestExpectations:
platform/ios-wk2/fast/text/khmer-lao-font-expected.txt:
platform/ios/fast/text/khmer-lao-font-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@290622 268f45cc-cd09-0410-ab3c-d52691b4dbfc

5:49 PM Changeset in webkit [292981] by Alan Coon

2 edits
1 copy
1 add in branches/safari-613-branch/LayoutTests

Cherry-pick r289834. rdar://problem/90455347

Rebaslining fonts/monospace.html for Monterey.
https://bugs.webkit.org/show_bug.cgi?id=236619

Unreviewed test gardening.

Patch by Matteo Flores <Matteo Flores> on 2022-02-15

platform/mac-catalina/fonts/monospace-expected.txt: Copied from LayoutTests/platform/mac/fonts/monospace-expected.txt.
platform/mac/fonts/monospace-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@289834 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4:46 PM Changeset in webkit [292980] by pvollan@apple.com

3 edits in trunk/Source/WebKit

Block system calls in the Network process
https://bugs.webkit.org/show_bug.cgi?id=238935
<rdar://47323426>

Reviewed by Geoffrey Garen.

Block unused system calls in the Network process on macOS and iOS. This is based on collected telemetry.

NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in:
Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb.in:

4:42 PM Changeset in webkit [292979] by Alan Coon

9 edits in branches/safari-613-branch/Source

Versioning.

WebKit-7613.2.7

4:06 PM Changeset in webkit [292978] by mark.lam@apple.com

2 edits in trunk/Source/JavaScriptCore

The VMTraps signal handler should no return SignalAction::NotHandled on codeBlockSet lock contention.
https://bugs.webkit.org/show_bug.cgi?id=239457

Reviewed by Yusuke Suzuki.

The signal handler is triggered by the mutator thread due to the installed halt
instructions in JIT code (which we already confirmed higher up in the signal handler).
Hence, the mutator cannot be in C++ code, and therefore, cannot be already holding
the codeBlockSet lock. The only time the codeBlockSet lock could be in contention
is if the Sampling Profiler thread is holding it. In that case, we'll simply wait
till the Sampling Profiler is done with it. There are no lock ordering issues w.r.t.
the Sampling Profiler on this code path.

Note that it is not ok to return SignalAction::NotHandled here if we see contention.
Doing so will cause the fault to be handled by the default handler, which will crash.
It is also not productive to return SignalAction::Handled on contention. Doing so
will simply trigger this fault handler over and over again. We might as well wait
for the Sampling Profiler to release the lock, which is what we should do.

This issue was detected by the stress/get-array-length-concurrently-change-mode.js.ftl-no-cjit-validate-sampling-profiler
test, resulting in intermittent crashes.

runtime/VMTraps.cpp:

3:48 PM Changeset in webkit [292977] by pvollan@apple.com

2 edits in trunk/Source/WebKit

[iOS][WP] Add telemetry with backtrace for network related system calls
https://bugs.webkit.org/show_bug.cgi?id=239465

Reviewed by Darin Adler.

Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in:

3:24 PM Changeset in webkit [292976] by Chris Dumez

7 edits in trunk/Source

Use convertToASCIILowercase() less and more SortedArrayMap / SortedArraySet
https://bugs.webkit.org/show_bug.cgi?id=239453

Reviewed by Darin Adler.

Source/WebCore:

Modules/applicationmanifest/ApplicationManifestParser.cpp:

(WebCore::ApplicationManifestParser::parseDisplay):

platform/graphics/MediaPlayer.cpp:

(WebCore::MediaPlayer::supportsType):

platform/graphics/avfoundation/MediaPlayerPrivateAVFoundation.cpp:

(WebCore::MediaPlayerPrivateAVFoundation::isUnsupportedMIMEType):

platform/graphics/avfoundation/objc/AVAssetMIMETypeCache.mm:

(WebCore::AVAssetMIMETypeCache::isUnsupportedContainerType):

Source/WebDriver:

WebDriverService.cpp:

(WebDriver::WebDriverService::toCommandHTTPMethod):

3:10 PM Changeset in webkit [292975] by commit-queue@webkit.org

3 edits in trunk/Source/WebKit

Unreviewed, reverting r292957.
https://bugs.webkit.org/show_bug.cgi?id=239468

Introduced crash

Reverted changeset:

"Block system calls in the Network process"
https://bugs.webkit.org/show_bug.cgi?id=238935
https://commits.webkit.org/r292957

2:54 PM Changeset in webkit [292974] by Elliott Williams

2 edits in trunk/Tools/CISupport/build-webkit-org

[buildbot] Increase the compile timeout to account for delayed output from clang/XCBuild
https://bugs.webkit.org/show_bug.cgi?id=239455

Reviewed by Aakash Jain.

Tools/CISupport/build-webkit-org/steps.py:

(CompileWebKit):
(CompileWebKit.init): Change the default timeout to 30 minutes.

Tools/CISupport/build-webkit-org/steps_unittest.py: Update expectations.

(TestCompileWebKit.test_success):
(TestCompileWebKit.test_success_gtk):
(TestCompileWebKit.test_success_wpe):
(TestCompileWebKit.test_failure):
(TestCompileJSCOnly.test_success):
(TestCompileJSCOnly.test_failure):

Canonical link: https://commits.webkit.org/249737@main

2:44 PM Changeset in webkit [292973] by Matt Woodrow

8 edits
8 adds in trunk

Implement support for aligning baselines through subgrids
https://bugs.webkit.org/show_bug.cgi?id=238643

Reviewed by Javier Fernandez.

LayoutTests/imported/w3c:

web-platform-tests/css/css-grid/subgrid/baseline-002-expected.html: Added.
web-platform-tests/css/css-grid/subgrid/baseline-002.html: Added.
web-platform-tests/css/css-grid/subgrid/baseline-003-expected.html: Added.
web-platform-tests/css/css-grid/subgrid/baseline-003.html: Added.
web-platform-tests/css/css-grid/subgrid/baseline-004-expected.html: Added.
web-platform-tests/css/css-grid/subgrid/baseline-004.html: Added.
web-platform-tests/css/css-grid/subgrid/baseline-005-expected.html: Added.
web-platform-tests/css/css-grid/subgrid/baseline-005.html: Added.

Added new WPT variants of the baseline tests, for the case where the introspected subgrid
has padding that affects the baseline position, and for the case where the subgrid uses an
orthogonal writing mode.

Source/WebCore:

Implement baseline sharing recursion into subgrids

Tests: imported/w3c/web-platform-tests/css/css-grid/subgrid/baseline-002.html

imported/w3c/web-platform-tests/css/css-grid/subgrid/baseline-003.html
imported/w3c/web-platform-tests/css/css-grid/subgrid/baseline-004.html
imported/w3c/web-platform-tests/css/css-grid/subgrid/baseline-005.html

rendering/GridBaselineAlignment.cpp:

(WebCore::GridBaselineAlignment::ascentForChild const):
(WebCore::GridBaselineAlignment::descentForChild const):
(WebCore::GridBaselineAlignment::updateBaselineAlignmentContext):
(WebCore::BaselineGroup::BaselineGroup):
(WebCore::BaselineGroup::update):
(WebCore::BaselineContext::BaselineContext):
(WebCore::BaselineContext::updateSharedGroup):

rendering/GridBaselineAlignment.h:

(WebCore::BaselineGroup::maxAscent const):
(WebCore::BaselineGroup::maxDescent const): Deleted.

rendering/GridLayoutFunctions.h:
rendering/GridTrackSizingAlgorithm.cpp:

(WebCore::GridTrackSizingAlgorithm::canParticipateInBaselineAlignment const):
(WebCore::GridTrackSizingAlgorithm::updateBaselineAlignmentContext):
(WebCore::GridTrackSizingAlgorithm::baselineOffsetForChild const):
(WebCore::GridTrackSizingAlgorithm::cacheBaselineAlignedItem):

rendering/GridTrackSizingAlgorithm.h:
rendering/RenderGrid.cpp:

(WebCore::cacheBaselineAlignedChildren):
(WebCore::RenderGrid::computeIntrinsicLogicalWidths const):
(WebCore::RenderGrid::performGridItemsPreLayout const):
(WebCore::RenderGrid::alignSelfForChild const):
(WebCore::RenderGrid::justifySelfForChild const):
(WebCore::RenderGrid::columnAxisBaselineOffsetForChild const):
(WebCore::RenderGrid::rowAxisBaselineOffsetForChild const):

Moves the code for collecting baseline aligned children into a shared helper function, and adds
support for recursing into subgrid children (restricted to the axes that subgrid was applied).

Fixes align/justifySelfForChild to check if the child is a subgrid and overrides the result to 'stretch', so
that we're correctly stretching subgrids, not the children of subgrids (covered by new tests).

2:37 PM Changeset in webkit [292972] by Brent Fulgham

4 edits in trunk/Source/WebKit

Remove the deprecated CaptivePortal enablement key
https://bugs.webkit.org/show_bug.cgi?id=239456

Reviewed by Wenson Hsieh.

This is a minor code cleanup to remove an old default key
we used in the early experiments with this behavior.

UIProcess/API/Cocoa/_WKSystemPreferences.mm:

(+[_WKSystemPreferences isCaptivePortalModeEnabled]):

UIProcess/API/Cocoa/_WKSystemPreferencesInternal.h:
UIProcess/Cocoa/WebProcessPoolCocoa.mm:

(WebKit::WebProcessPool::notifyPreferencesChanged):

2:35 PM Changeset in webkit [292971] by pvollan@apple.com

7 edits in trunk/Source/WebKit

Fix incorrect syscall name in sandboxes
https://bugs.webkit.org/show_bug.cgi?id=239454

Reviewed by Darin Adler.

GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in:
NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in:
Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb.in:
Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb.in:
Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in:
WebProcess/com.apple.WebProcess.sb.in:

2:20 PM Changeset in webkit [292970] by Simon Fraser

11 edits in trunk

Allow C API clients to get the WKProcessTerminationReason in processDidCrash functions, and use in WebKitTestRunner
https://bugs.webkit.org/show_bug.cgi?id=239400

Reviewed by Sam Weinig.

Source/WebKit:

Introduce WKContextClientV4 with "did crash" functions that take a ProcessID and WKProcessTerminationReason.
WebContextClient will call the new functions if registered, otherwise the old ones.

Have WebProcessPool::networkProcessDidTerminate() and WebProcessPool::gpuProcessExited() call
the client for more types of reasons; ExceededMemoryLimit and ExceededCPULimit only apply
to the web process, so the behavior change here is to call m_client.networkProcessDidCrash()
for ProcessTerminationReason::Unresponsive.

UIProcess/API/C/WKContext.h:
UIProcess/WebContextClient.cpp:

(WebKit::WebContextClient::networkProcessDidCrash):
(WebKit::WebContextClient::serviceWorkerProcessDidCrash):
(WebKit::WebContextClient::gpuProcessDidCrash):

UIProcess/WebContextClient.h:
UIProcess/WebProcessPool.cpp:

(WebKit::shouldReportAuxiliaryProcessCrash):
(WebKit::WebProcessPool::networkProcessDidTerminate):
(WebKit::WebProcessPool::serviceWorkerProcessCrashed):
(WebKit::WebProcessPool::gpuProcessExited):

UIProcess/WebProcessPool.h:
UIProcess/WebProcessProxy.cpp:

(WebKit::WebProcessProxy::processDidTerminateOrFailedToLaunch):

Tools:

Standardize the "didCrash" callbacks to use the WKContextClientV4 "with details" versions,
and use them to print out crash reasons.

WebKitTestRunner/TestController.cpp:

(WTR::TestController::generatePageConfiguration):
(WTR::TestController::networkProcessDidCrashWithDetails):
(WTR::TestController::serviceWorkerProcessDidCrashWithDetails):
(WTR::TestController::gpuProcessDidCrashWithDetails):
(WTR::terminationReasonToString):
(WTR::TestController::networkProcessDidCrash):
(WTR::TestController::serviceWorkerProcessDidCrash):
(WTR::TestController::gpuProcessDidCrash):
(WTR::TestController::webProcessDidTerminate):

WebKitTestRunner/TestController.h:

1:55 PM Changeset in webkit [292969] by Alan Coon

1 copy in tags/WebKit-7614.1.10.2

Tag WebKit-7614.1.10.2.

1:44 PM Changeset in webkit [292968] by Russell Epstein

9 edits in branches/safari-614.1.10-branch/Source

Versioning.

WebKit-7614.1.10.2

1:29 PM Changeset in webkit [292967] by Tyler Wilcock

4 edits in trunk/Source/WebCore

Node changes created by AXIsolatedTree::updateNode are overwritten when performed during AXIsolatedTree::collectNodeChangesForSubtree
https://bugs.webkit.org/show_bug.cgi?id=239398

Reviewed by Andres Gonzalez.

We currently do the wrong thing in this scenario:

A dynamic page change causes an element to be included on the page, so we create a node change for it and its subtree by calling collectNodeChangesForSubtree. This causes a call to children() on the live object.

In the process of (or after) updating the children of the live object, we perform some operation that triggers AXIsolatedTree::updateNode on said object. AccessibilityRenderObject::updateRoleAfterChildrenCreation would be an example of this if it were properly coded to update the isolated tree if the object's role changes (I'll address that in a separate patch). updateNode results in a node change with the correct properties being added to m_pendingAppends.

collectNodeChangesForSubtree (started in step 1) finishes, and queues a node change for the same object, but with the wrong properties (because it was created before step 2). Because it comes after the node change added in step 2 to m_pendingAppends, it wins, and we add an object with the wrong properties to the tree.

This patch fixes this with a new AXIsolatedTree::m_unresolvedPendingAppends member
variable. This is a HashMap with an AXID key, representing the object to create a node
change for. Now, both collectNodeChangesForSubtree and updateNode will add an entry
to this HashMap, allowing it to be resolved it (i.e. by creating the node change) at a later time.

This is both more correct (as it prevents any ordering bugs entirely), and more
efficient, because we now never create multiple node changes for the same object.

This patch also necessitated other code cleanup items:

m_unresolvedPendingAppends allows us to remove the idsBeingChanged parameter we passed to several functions since this member variable does the same thing.

m_pendingNodeRemovals has been deleted. The only thing adding to this was AXIsolatedTree::updateNode, and it did so unnecessarily, since we already handle the case where we are replacing an existing object when proessing m_pendingAppends.

This patch also fixes an issue found by Andres Gonzalez in https://bugs.webkit.org/show_bug.cgi?id=239402.
AXIsolatedTree::updateNode should not immediately attach the wrapper to the new object on the main thread
since it could be in use on the AX thread. To make this more clear, the attachWrapper parameter has been
changed from a bool to an enum called AttachWrapper with values OnMainThread and OnAXThread.

Fixes six tests in isolated tree mode:

accessibility/aria-labelledby-overrides-label.html
accessibility/aria-role-on-label.html
accessibility/mac/label-element-all-text-string-value.html
accessibility/mac/label-element-with-hidden-control.html
accessibility/mac/label-element-all-text-string-value.html
accessibility/mac/slider-allows-title-ui-element.html

accessibility/AXObjectCache.cpp:

(WebCore::AXObjectCache::treeData):

accessibility/isolatedtree/AXIsolatedTree.cpp:

(WebCore::AXIsolatedTree::create):
(WebCore::AXIsolatedTree::generateSubtree):
(WebCore::AXIsolatedTree::nodeChangeForObject):
(WebCore::AXIsolatedTree::queueRemovals):
Added. Allows you to queue objects for removal from contexts where you
don't already hold a lock.
(WebCore::AXIsolatedTree::queueRemovalsLocked):
Added. Allows you to queue objects for removal from contexts where you
already hold a lock.
(WebCore::AXIsolatedTree::queueRemovalsAndUnresolvedChanges):
Added. Replaces AXIsolatedTree::queueChangesAndRemovals.
(WebCore::AXIsolatedTree::collectNodeChangesForSubtree):
(WebCore::AXIsolatedTree::updateNode):
(WebCore::AXIsolatedTree::updateChildren):
(WebCore::AXIsolatedTree::removeNode):
(WebCore::AXIsolatedTree::removeSubtreeFromNodeMap):
(WebCore::AXIsolatedTree::applyPendingChanges):
Change local variable name from object to existingObject as this makes
the code much more clear.

accessibility/isolatedtree/AXIsolatedTree.h:

(WebCore::AXIsolatedTree::queueChangesAndRemovals): Deleted.

1:25 PM Changeset in webkit [292966] by Jonathan Bedard

2 edits in trunk/Tools

[ews.webkit.org] Reduce status updates
https://bugs.webkit.org/show_bug.cgi?id=239414
<rdar://problem/91839873>

Reviewed by Aakash Jain.

We're starting to bump against our API limits, many very short steps report
their status, only to be imiediately overwritten. Skip step started updates.

Tools/CISupport/ews-build/events.py:

(Events.stepStarted):

Canonical link: https://commits.webkit.org/249731@main

12:49 PM Changeset in webkit [292965] by Ryan Haddad

1 edit
8 adds in trunk/LayoutTests

REGRESSION (249698@main): 4 payment request layout tests failing on Big Sur
https://bugs.webkit.org/show_bug.cgi?id=239461

Unreviewed test gardening.

platform/mac-bigsur/http/tests/paymentrequest/payment-request-change-shipping-option.https-expected.txt: Added.
platform/mac-bigsur/http/tests/paymentrequest/updateWith-shippingOptions.https-expected.txt: Added.
platform/mac-bigsur/imported/w3c/web-platform-tests/payment-request/payment-request-constructor.https.sub-expected.txt: Added.
platform/mac-bigsur/imported/w3c/web-platform-tests/payment-request/payment-request-shippingOption-attribute.https-expected.txt: Added.

12:36 PM Changeset in webkit [292964] by ntim@apple.com

2 edits in trunk/LayoutTests

[iOS] Skip CSS resize tests added by r292559
https://bugs.webkit.org/show_bug.cgi?id=239459

Unreviewed test gardening.

iOS doesn't support CSS resize.

platform/ios/TestExpectations:

11:56 AM Changeset in webkit [292963] by Chris Dumez

13 edits in trunk/Source/WebCore

Optimize nodeHasRole()
https://bugs.webkit.org/show_bug.cgi?id=239430
<rdar://problem/91857547>

Reviewed by Darin Adler.

Optimize nodeHasRole() by calling spaceSplitStringContainsValue() instead of constructing a
SpaceSplitString (which is expensive simply for looking for a single value). Also take a
StringView in parameter to avoid constructing a String unnecessarily (most call sites pass
an ASCIILiteral).

accessibility/AXObjectCache.cpp:

(WebCore::nodeHasRole):

accessibility/AXObjectCache.h:

(WebCore::nodeHasRole):

accessibility/AccessibilityObject.cpp:

(WebCore::AccessibilityObject::elementsFromAttribute const):
(WebCore::AccessibilityObject::ariaElementsReferencedByAttribute const):

dom/ClassCollection.h:

(WebCore::ClassCollection::ClassCollection):

dom/Element.cpp:

(WebCore::Element::classAttributeChanged):
(WebCore::Element::partAttributeChanged):

dom/SpaceSplitString.cpp:

(WebCore::SpaceSplitString::set):
(WebCore::SpaceSplitString::spaceSplitStringContainsValue):

dom/SpaceSplitString.h:

(WebCore::SpaceSplitString::SpaceSplitString):

html/Autofill.cpp:

(WebCore::AutofillData::createFromHTMLFormControlElement):

html/HTMLAnchorElement.cpp:

(WebCore::HTMLAnchorElement::parseAttribute):
(WebCore::HTMLAnchorElement::sendPings):

inspector/InspectorAuditAccessibilityObject.cpp:

(WebCore::InspectorAuditAccessibilityObject::getComputedProperties):

inspector/agents/InspectorDOMAgent.cpp:

(WebCore::InspectorDOMAgent::buildObjectForAccessibilityProperties):

page/EventHandler.cpp:

(WebCore::findDropZone):

11:46 AM Changeset in webkit [292962] by commit-queue@webkit.org

3 edits in trunk

[PGO] Fix build on intel machines
https://bugs.webkit.org/show_bug.cgi?id=239396

Reviewed by Jonathan Bedard.

We should use the correct comparison operator for Perl strings when checking
if we are building with PGO profile generation enabled.

Canonical link: https://commits.webkit.org/249727@main

11:30 AM Changeset in webkit [292961] by Said Abou-Hallawa

10 edits in trunk/Source/WebKit

REGRESSION(r288847): GPU Process crash under GPUProcess::canExitUnderMemoryPressure()
https://bugs.webkit.org/show_bug.cgi?id=238558
rdar://91052033

Reviewed by Kimmo Kinnunen.

Use the rendering resources request count to keep the GPU process alive.

RemoteRenderingBackend updates it when active image buffers change.
RemoteGraphicsContextGL updates it on creation and destruction.
RemoteMediaPlayerProxy updates it on creation and destruction.

Remove RemoterRenderingBackend::updateRenderingResourceRequest(), the
count is now counted by RemoteImageBuffer creation, destruction.

Remove RemoterRenderingBackend::allowsExitUnderMemoryPressure(), it was
crashing due to race between the function and the work queue cleanup task.

Remove RemoteMediaPlayerManagerProxy::allowsExitUnderMemoryPressure(),
the count is already counted by RemoteMediaPlayerProxy creation, destruction.

Based on the initial patch by Kimmo Kinnunen.

GPUProcess/GPUConnectionToWebProcess.cpp:

(WebKit::GPUConnectionToWebProcess::allowsExitUnderMemoryPressure const):

GPUProcess/graphics/QualifiedResourceHeap.h:

(WebKit::QualifiedResourceHeap::hasImageBuffer const): Deleted.
(WebKit::QualifiedResourceHeap::hasNativeImage const): Deleted.
(WebKit::QualifiedResourceHeap::hasFont const): Deleted.

GPUProcess/graphics/RemoteImageBuffer.h:

(WebKit::RemoteImageBuffer::m_renderingResourcesRequest):

GPUProcess/graphics/RemoteRenderingBackend.cpp:

(WebKit::RemoteRenderingBackend::createImageBufferWithQualifiedIdentifier):
(WebKit::RemoteRenderingBackend::releaseRemoteResourceWithQualifiedIdentifier):
(WebKit::RemoteRenderingBackend::updateRenderingResourceRequest): Deleted.
(WebKit::RemoteRenderingBackend::allowsExitUnderMemoryPressure const): Deleted.

GPUProcess/graphics/RemoteRenderingBackend.h:
GPUProcess/graphics/RemoteResourceCache.h:

(WebKit::RemoteResourceCache::resourceHeap const): Deleted.
(WebKit::RemoteResourceCache::hasActiveDrawables const): Deleted.

GPUProcess/graphics/ScopedRenderingResourcesRequest.h:

(WebKit::hasOutstandingRenderingResourceUsage):

GPUProcess/media/RemoteMediaPlayerManagerProxy.cpp:

(WebKit::RemoteMediaPlayerManagerProxy::deleteMediaPlayer):
(WebKit::RemoteMediaPlayerManagerProxy::allowsExitUnderMemoryPressure const): Deleted.

GPUProcess/media/RemoteMediaPlayerManagerProxy.h:

10:56 AM Changeset in webkit [292960] by Chris Dumez

44 edits in trunk/Source/WebCore

Use AtomString as early as possible when string will eventually get atomized
https://bugs.webkit.org/show_bug.cgi?id=239427

Reviewed by Darin Adler.

css/StyleProperties.cpp:

(WebCore::StyleProperties::asText const):
(WebCore::StyleProperties::asTextAtom const):
(WebCore::StyleProperties::asTextInternal const):

css/StyleProperties.h:
dom/DOMStringMap.idl:
dom/DatasetDOMStringMap.cpp:

(WebCore::DatasetDOMStringMap::setNamedItem):

dom/DatasetDOMStringMap.h:
dom/Document.cpp:

(WebCore::Document::createAttribute):
(WebCore::Document::createAttributeNS):

dom/ElementContentEditable.idl:
dom/StyledElement.cpp:

(WebCore::StyledElement::synchronizeStyleAttributeInternalImpl):
(WebCore::StyledElement::invalidateStyleAttribute):

editing/ApplyStyleCommand.cpp:

(WebCore::ApplyStyleCommand::applyRelativeFontStyleChange):
(WebCore::ApplyStyleCommand::removeEmbeddingUpToEnclosingBlock):
(WebCore::ApplyStyleCommand::applyInlineStyleToNodeRange):
(WebCore::ApplyStyleCommand::removeCSSStyle):
(WebCore::ApplyStyleCommand::applyInlineStyleToPushDown):
(WebCore::ApplyStyleCommand::applyInlineStyleChange):

editing/ReplaceSelectionCommand.cpp:

(WebCore::ReplacementFragment::ReplacementFragment):
(WebCore::ReplaceSelectionCommand::inverseTransformColor):
(WebCore::ReplaceSelectionCommand::removeRedundantStylesAndKeepStyleSpanInline):
(WebCore::ReplaceSelectionCommand::handleStyleSpans):

html/DOMTokenList.cpp:

(WebCore::tokenContainsHTMLSpace):
(WebCore::DOMTokenList::validateToken):
(WebCore::DOMTokenList::validateTokens):
(WebCore::DOMTokenList::addInternal):
(WebCore::DOMTokenList::add):
(WebCore::DOMTokenList::removeInternal):
(WebCore::DOMTokenList::remove):
(WebCore::DOMTokenList::setValue):

html/DOMTokenList.h:
html/DOMTokenList.idl:
html/FileInputType.cpp:

(WebCore::UploadButtonElement::createInternal):

html/HTMLButtonElement.cpp:

(WebCore::HTMLButtonElement::formControlType const):

html/HTMLButtonElement.idl:
html/HTMLElement.cpp:

(WebCore::HTMLElement::setEnterKeyHint):

html/HTMLElement.h:
html/HTMLFormControlElement.cpp:

(WebCore::HTMLFormControlElement::setFormEnctype):
(WebCore::HTMLFormControlElement::setFormMethod):
(WebCore::HTMLFormControlElement::setAutocomplete):

html/HTMLFormControlElement.h:
html/HTMLFormElement.cpp:

(WebCore::HTMLFormElement::setAction):
(WebCore::HTMLFormElement::setEnctype):
(WebCore::HTMLFormElement::setMethod):

html/HTMLFormElement.h:
html/HTMLFormElement.idl:
html/HTMLImageElement.cpp:

(WebCore::HTMLImageElement::setSrc):
(WebCore::HTMLImageElement::setDecoding):

html/HTMLImageElement.h:
html/HTMLImageElement.idl:
html/HTMLInputElement.cpp:

(WebCore::HTMLInputElement::defaultValue const):
(WebCore::HTMLInputElement::setDefaultValue):

html/HTMLInputElement.h:
html/HTMLInputElement.idl:
html/HTMLOptionElement.cpp:

(WebCore::HTMLOptionElement::createForLegacyFactoryFunction):
(WebCore::HTMLOptionElement::setValue):
(WebCore::HTMLOptionElement::setLabel):

html/HTMLOptionElement.h:
html/HTMLOptionElement.idl:
html/InputTypeNames.cpp:

(WebCore::InputTypeNames::button):

html/TextFieldInputType.cpp:

(WebCore::TextFieldInputType::createAutoFillButton):

html/shadow/TextControlInnerElements.cpp:

(WebCore::SearchFieldCancelButtonElement::create):

page/Frame.h:
page/ios/FrameIOS.mm:

(WebCore::Frame::initWithSimpleHTMLDocument):

svg/SVGLengthValue.cpp:

(WebCore::SVGLengthValue::valueAsAtomString const):

svg/SVGLengthValue.h:
svg/SVGMarkerElement.cpp:

(WebCore::SVGMarkerElement::orient const):
(WebCore::SVGMarkerElement::setOrient):

svg/SVGMarkerElement.h:
svg/SVGMarkerElement.idl:
svg/SVGUseElement.cpp:

(WebCore::SVGUseElement::transferSizeAttributesToTargetClone const):

10:49 AM Changeset in webkit [292959] by Elliott Williams

33 edits in trunk

[XCBuild] Use XCBuild for all command-line and project builds
https://bugs.webkit.org/show_bug.cgi?id=238916

Reviewed by Alexey Proskuryakov.

Source/bmalloc:

bmalloc.xcodeproj/project.pbxproj:

Source/JavaScriptCore:

Switch to the new build system, without changing anything about our
build order. Make will still build projects one-at-a-time, but this
drops our dependency on the legacy build system.

JavaScriptCore.xcodeproj/project.pbxproj:

Source/ThirdParty/ANGLE:

ANGLE.xcodeproj/project.pbxproj:

Source/ThirdParty/libwebrtc:

libwebrtc.xcodeproj/project.pbxproj:

Source/WebCore:

WebCore.xcodeproj/project.pbxproj:

Source/WebGPU:

WebGPU.xcodeproj/project.pbxproj:

Source/WebInspectorUI:

WebInspectorUI.xcodeproj/project.pbxproj:

Source/WebKit:

WebKit.xcodeproj/project.pbxproj:

Source/WebKitLegacy:

WebKitLegacy.xcodeproj/project.pbxproj:

Source/WTF:

WTF.xcodeproj/project.pbxproj:

Tools:

There are a few projects in Tools/ which are checked in but not built
as part of the normal Make or build-webkit workflow. I've updated
them, and noted below which ones were already failing to build.

ContentExtensionTester/ContentExtensionTester.xcodeproj/project.pbxproj:
DumpRenderTree/DumpRenderTree.xcodeproj/project.pbxproj:
EditingHistory/EditingHistory.xcodeproj/project.pbxproj: Fails to

build locally, updated anyway.

FontWithFeatures/FontWithFeatures.xcodeproj/project.pbxproj: Fails

to build locally, updated anyway.

ImageDiff/ImageDiff.xcodeproj/project.pbxproj:
MiniBrowser/MiniBrowser.xcodeproj/project.pbxproj:
MiniBrowserSwiftUI/MiniBrowserSwiftUI.xcodeproj/project.pbxproj:
MobileMiniBrowser/MobileMiniBrowser.xcodeproj/project.pbxproj:
TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
WebEditingTester/WebEditingTester.xcodeproj/project.pbxproj: Fails

to build locally, updated anyway.

WebKitTestRunner/WebKitTestRunner.xcodeproj/project.pbxproj:

10:02 AM Changeset in webkit [292958] by Jonathan Bedard

2 edits in trunk/Tools

[Merge-Queue] Handle label addition race condition
https://bugs.webkit.org/show_bug.cgi?id=238973
<rdar://problem/91452352>

Reviewed by Aakash Jain.

Tools/CISupport/ews-build/events.py:

(GitHubEventHandlerNoEdits.handle_pull_request): Wait for 10 seconds before processing
label additions.

Canonical link: https://commits.webkit.org/249723@main

9:46 AM Changeset in webkit [292957] by pvollan@apple.com

3 edits in trunk/Source/WebKit

Block system calls in the Network process
https://bugs.webkit.org/show_bug.cgi?id=238935
<rdar://47323426>

Reviewed by Geoffrey Garen.

Block unused system calls in the Network process on macOS and iOS. This is based on collected telemetry.

NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in:
Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb.in:

9:30 AM Changeset in webkit [292956] by Wenson Hsieh

2 edits in trunk/Source/WebKit

Unreviewed, fix the internal watchOS engineering build

In the case where HAVE(UIKIT_WITH_MOUSE_SUPPORT) is off, internal watchOS engineering builds fail due to
shouldEnableAlternativeMouseGestureRecognizers being unused. Fix this, and do some minor cleanup in this code
while we're here:

Remove extra space before _alternateMouseGestureRecognizer.get().
Move * to the correct side for Objective-C instances.
Fix a typo: "alternativeMouseRecgnizer" => "alternativeMouseRecognizer".

UIProcess/ios/WKContentViewInteraction.mm:

(shouldEnableAlternativeMouseGestureRecognizers):
(-[WKContentView _configureMouseGestureRecognizer]):

9:09 AM Changeset in webkit [292955] by Wenson Hsieh

5 edits in trunk

Make the main video heuristic robust when video elements are added after entering fullscreen
https://bugs.webkit.org/show_bug.cgi?id=239438
rdar://91867187

Reviewed by Eric Carlson.

Source/WebKit:

Adjust the heuristic for identifying the most prominent video element in an element fullscreen container, such
that it can detect video elements that are inserted into the document after we've already entered fullscreen
mode. See below for more details.

Exercised by a new internal API test.

WebProcess/FullScreen/WebFullScreenManager.cpp:

(WebKit::WebFullScreenManager::setElement):

Listen for several events (play, pause, loadedmetadata) that are bubbled up to the fullscreen container element,
from any media element underneath the fullscreen container; in response to these events, we re-run the main
fullscreen video element heuristic to update m_mainVideoElement (and cancel and reschedule the video
extraction timer, if this main video element changed).

(WebKit::WebFullScreenManager::enterFullScreenForElement):
(WebKit::WebFullScreenManager::didEnterFullScreen):

Pull existing logic for walking through the element fullscreen DOM in search of video elements out into a new
helper method, updateMainVideoElement, that's invoked both when we finish entering fullscreen mode, and when
observing any of the new events that bubble up to the fullscreen container.

(WebKit::WebFullScreenManager::updateMainVideoElement):
(WebKit::WebFullScreenManager::handleEvent):
(WebKit::WebFullScreenManager::setMainVideoElement):

WebProcess/FullScreen/WebFullScreenManager.h:

Tools:

Add a helper method to a test page used in API tests; see the radar for more information.

TestWebKitAPI/Tests/WebKitCocoa/element-fullscreen.html:

7:33 AM Changeset in webkit [292954] by Alan Bujtas

5 edits
24 moves
1 add in trunk/Source/WebCore

[IFC][Integration] Move inline integration under layout/integration/inline
https://bugs.webkit.org/show_bug.cgi?id=239441

Reviewed by Antti Koivisto.

This is in preparation for implementing additional integrated FCs.

CMakeLists.txt:
Headers.cmake:
Sources.txt:
WebCore.xcodeproj/project.pbxproj:
layout/integration/inline/InlineIteratorBox.cpp: Renamed from Source/WebCore/layout/integration/InlineIteratorBox.cpp.

(WebCore::InlineIterator::BoxIterator::BoxIterator):
(WebCore::InlineIterator::BoxIterator::operator== const):
(WebCore::InlineIterator::BoxIterator::atEnd const):
(WebCore::InlineIterator::Box::nextOnLine const):
(WebCore::InlineIterator::Box::previousOnLine const):
(WebCore::InlineIterator::Box::nextOnLineIgnoringLineBreak const):
(WebCore::InlineIterator::Box::previousOnLineIgnoringLineBreak const):
(WebCore::InlineIterator::Box::lineBox const):
(WebCore::InlineIterator::Box::style const):
(WebCore::InlineIterator::Box::selectionState const):
(WebCore::InlineIterator::LeafBoxIterator::LeafBoxIterator):
(WebCore::InlineIterator::LeafBoxIterator::traverseNextOnLine):
(WebCore::InlineIterator::LeafBoxIterator::traversePreviousOnLine):
(WebCore::InlineIterator::LeafBoxIterator::traverseNextOnLineIgnoringLineBreak):
(WebCore::InlineIterator::LeafBoxIterator::traversePreviousOnLineIgnoringLineBreak):
(WebCore::InlineIterator::boxFor):
(WebCore::InlineIterator::Box::modernPath const):
(WebCore::InlineIterator::Box::legacyPath const):

layout/integration/inline/InlineIteratorBox.h: Renamed from Source/WebCore/layout/integration/InlineIteratorBox.h.

(WebCore::InlineIterator::Box::logicalTop const):
(WebCore::InlineIterator::Box::logicalBottom const):
(WebCore::InlineIterator::Box::logicalLeft const):
(WebCore::InlineIterator::Box::logicalRight const):
(WebCore::InlineIterator::Box::logicalWidth const):
(WebCore::InlineIterator::Box::logicalHeight const):
(WebCore::InlineIterator::Box::leftmostCaretOffset const):
(WebCore::InlineIterator::Box::rightmostCaretOffset const):
(WebCore::InlineIterator::Box::direction const):
(WebCore::InlineIterator::Box::isLeftToRightDirection const):
(WebCore::InlineIterator::BoxIterator::operator bool const):
(WebCore::InlineIterator::BoxIterator::operator!= const):
(WebCore::InlineIterator::BoxIterator::operator== const):
(WebCore::InlineIterator::BoxIterator::operator* const):
(WebCore::InlineIterator::BoxIterator::operator-> const):
(WebCore::InlineIterator::BoxIterator::BoxIterator):
(WebCore::InlineIterator::Box::Box):
(WebCore::InlineIterator::Box::isText const):
(WebCore::InlineIterator::Box::isInlineBox const):
(WebCore::InlineIterator::Box::isRootInlineBox const):
(WebCore::InlineIterator::Box::visualRect const):
(WebCore::InlineIterator::Box::visualRectIgnoringBlockDirection const):
(WebCore::InlineIterator::Box::isHorizontal const):
(WebCore::InlineIterator::Box::isLineBreak const):
(WebCore::InlineIterator::Box::minimumCaretOffset const):
(WebCore::InlineIterator::Box::maximumCaretOffset const):
(WebCore::InlineIterator::Box::bidiLevel const):
(WebCore::InlineIterator::Box::renderer const):
(WebCore::InlineIterator::Box::legacyInlineBox const):
(WebCore::InlineIterator::Box::inlineBox const):

layout/integration/inline/InlineIteratorBoxLegacyPath.h: Renamed from Source/WebCore/layout/integration/InlineIteratorBoxLegacyPath.h.

(WebCore::InlineIterator::BoxLegacyPath::BoxLegacyPath):
(WebCore::InlineIterator::BoxLegacyPath::isText const):
(WebCore::InlineIterator::BoxLegacyPath::isInlineBox const):
(WebCore::InlineIterator::BoxLegacyPath::isRootInlineBox const):
(WebCore::InlineIterator::BoxLegacyPath::visualRectIgnoringBlockDirection const):
(WebCore::InlineIterator::BoxLegacyPath::isHorizontal const):
(WebCore::InlineIterator::BoxLegacyPath::isLineBreak const):
(WebCore::InlineIterator::BoxLegacyPath::minimumCaretOffset const):
(WebCore::InlineIterator::BoxLegacyPath::maximumCaretOffset const):
(WebCore::InlineIterator::BoxLegacyPath::bidiLevel const):
(WebCore::InlineIterator::BoxLegacyPath::hasHyphen const):
(WebCore::InlineIterator::BoxLegacyPath::text const):
(WebCore::InlineIterator::BoxLegacyPath::start const):
(WebCore::InlineIterator::BoxLegacyPath::end const):
(WebCore::InlineIterator::BoxLegacyPath::length const):
(WebCore::InlineIterator::BoxLegacyPath::selectableRange const):
(WebCore::InlineIterator::BoxLegacyPath::createTextRun const):
(WebCore::InlineIterator::BoxLegacyPath::renderer const):
(WebCore::InlineIterator::BoxLegacyPath::traverseNextTextBox):
(WebCore::InlineIterator::BoxLegacyPath::traverseNextOnLine):
(WebCore::InlineIterator::BoxLegacyPath::traversePreviousOnLine):
(WebCore::InlineIterator::BoxLegacyPath::traverseNextInlineBox):
(WebCore::InlineIterator::BoxLegacyPath::traversePreviousInlineBox):
(WebCore::InlineIterator::BoxLegacyPath::firstLeafBoxForInlineBox const):
(WebCore::InlineIterator::BoxLegacyPath::lastLeafBoxForInlineBox const):
(WebCore::InlineIterator::BoxLegacyPath::operator== const):
(WebCore::InlineIterator::BoxLegacyPath::atEnd const):
(WebCore::InlineIterator::BoxLegacyPath::legacyInlineBox const):
(WebCore::InlineIterator::BoxLegacyPath::rootInlineBox const):
(WebCore::InlineIterator::BoxLegacyPath::inlineTextBox const):
(WebCore::InlineIterator::BoxLegacyPath::inlineFlowBox const):

layout/integration/inline/InlineIteratorBoxModernPath.h: Renamed from Source/WebCore/layout/integration/InlineIteratorBoxModernPath.h.

(WebCore::InlineIterator::BoxModernPath::BoxModernPath):
(WebCore::InlineIterator::BoxModernPath::isText const):
(WebCore::InlineIterator::BoxModernPath::isInlineBox const):
(WebCore::InlineIterator::BoxModernPath::isRootInlineBox const):
(WebCore::InlineIterator::BoxModernPath::visualRectIgnoringBlockDirection const):
(WebCore::InlineIterator::BoxModernPath::isHorizontal const):
(WebCore::InlineIterator::BoxModernPath::isLineBreak const):
(WebCore::InlineIterator::BoxModernPath::minimumCaretOffset const):
(WebCore::InlineIterator::BoxModernPath::maximumCaretOffset const):
(WebCore::InlineIterator::BoxModernPath::bidiLevel const):
(WebCore::InlineIterator::BoxModernPath::hasHyphen const):
(WebCore::InlineIterator::BoxModernPath::text const):
(WebCore::InlineIterator::BoxModernPath::start const):
(WebCore::InlineIterator::BoxModernPath::end const):
(WebCore::InlineIterator::BoxModernPath::length const):
(WebCore::InlineIterator::BoxModernPath::selectableRange const):
(WebCore::InlineIterator::BoxModernPath::createTextRun const):
(WebCore::InlineIterator::BoxModernPath::renderer const):
(WebCore::InlineIterator::BoxModernPath::traverseNextTextBox):
(WebCore::InlineIterator::BoxModernPath::traverseNextOnLine):
(WebCore::InlineIterator::BoxModernPath::traversePreviousOnLine):
(WebCore::InlineIterator::BoxModernPath::traverseNextInlineBox):
(WebCore::InlineIterator::BoxModernPath::traversePreviousInlineBox):
(WebCore::InlineIterator::BoxModernPath::firstLeafBoxForInlineBox const):
(WebCore::InlineIterator::BoxModernPath::lastLeafBoxForInlineBox const):
(WebCore::InlineIterator::BoxModernPath::operator== const):
(WebCore::InlineIterator::BoxModernPath::atEnd const):
(WebCore::InlineIterator::BoxModernPath::box const):
(WebCore::InlineIterator::BoxModernPath::inlineContent const):
(WebCore::InlineIterator::BoxModernPath::isWithinInlineBox):
(WebCore::InlineIterator::BoxModernPath::traverseNextBox):
(WebCore::InlineIterator::BoxModernPath::traversePreviousBox):
(WebCore::InlineIterator::BoxModernPath::traverseNextLeaf):
(WebCore::InlineIterator::BoxModernPath::traversePreviousLeaf):
(WebCore::InlineIterator::BoxModernPath::traverseNextWithSameLayoutBox):
(WebCore::InlineIterator::BoxModernPath::traversePreviousWithSameLayoutBox):
(WebCore::InlineIterator::BoxModernPath::setAtEnd):
(WebCore::InlineIterator::BoxModernPath::boxes const):
(WebCore::InlineIterator::BoxModernPath::line const):
(WebCore::InlineIterator::BoxModernPath::renderText const):
(WebCore::InlineIterator::BoxModernPath::direction const):

layout/integration/inline/InlineIteratorInlineBox.cpp: Renamed from Source/WebCore/layout/integration/InlineIteratorInlineBox.cpp.

(WebCore::InlineIterator::InlineBox::InlineBox):
(WebCore::InlineIterator::InlineBox::hasClosedLeftAndRightEdge const):
(WebCore::InlineIterator::InlineBox::nextInlineBox const):
(WebCore::InlineIterator::InlineBox::previousInlineBox const):
(WebCore::InlineIterator::InlineBox::firstLeafBox const):
(WebCore::InlineIterator::InlineBox::lastLeafBox const):
(WebCore::InlineIterator::InlineBox::endLeafBox const):
(WebCore::InlineIterator::InlineBoxIterator::InlineBoxIterator):
(WebCore::InlineIterator::InlineBoxIterator::traverseNextInlineBox):
(WebCore::InlineIterator::InlineBoxIterator::traversePreviousInlineBox):
(WebCore::InlineIterator::firstInlineBoxFor):
(WebCore::InlineIterator::firstRootInlineBoxFor):
(WebCore::InlineIterator::inlineBoxFor):

layout/integration/inline/InlineIteratorInlineBox.h: Renamed from Source/WebCore/layout/integration/InlineIteratorInlineBox.h.

(WebCore::InlineIterator::InlineBox::renderer const):
(WebCore::InlineIterator::InlineBox::legacyInlineBox const):
(WebCore::InlineIterator::InlineBoxIterator::InlineBoxIterator):
(WebCore::InlineIterator::InlineBoxIterator::operator* const):
(WebCore::InlineIterator::InlineBoxIterator::operator-> const):
(WebCore::InlineIterator::InlineBoxIterator::get const):
(WebCore::InlineIterator::InlineBox::iterator const):
(isType):

layout/integration/inline/InlineIteratorLineBox.cpp: Renamed from Source/WebCore/layout/integration/InlineIteratorLineBox.cpp.

(WebCore::InlineIterator::LineBoxIterator::LineBoxIterator):
(WebCore::InlineIterator::LineBoxIterator::atEnd const):
(WebCore::InlineIterator::LineBoxIterator::traverseNext):
(WebCore::InlineIterator::LineBoxIterator::traversePrevious):
(WebCore::InlineIterator::LineBoxIterator::operator== const):
(WebCore::InlineIterator::firstLineBoxFor):
(WebCore::InlineIterator::lastLineBoxFor):
(WebCore::InlineIterator::LineBox::next const):
(WebCore::InlineIterator::LineBox::previous const):
(WebCore::InlineIterator::LineBox::firstLeafBox const):
(WebCore::InlineIterator::LineBox::lastLeafBox const):
(WebCore::InlineIterator::closestBoxForHorizontalPosition):

layout/integration/inline/InlineIteratorLineBox.h: Renamed from Source/WebCore/layout/integration/InlineIteratorLineBox.h.

(WebCore::InlineIterator::LineBox::height const):
(WebCore::InlineIterator::LineBoxIterator::LineBoxIterator):
(WebCore::InlineIterator::LineBoxIterator::operator++):
(WebCore::InlineIterator::LineBoxIterator::operator bool const):
(WebCore::InlineIterator::LineBoxIterator::operator!= const):
(WebCore::InlineIterator::LineBoxIterator::operator== const):
(WebCore::InlineIterator::LineBoxIterator::operator* const):
(WebCore::InlineIterator::LineBoxIterator::operator-> const):
(WebCore::InlineIterator::previousLineBoxContentBottomOrBorderAndPadding):
(WebCore::InlineIterator::contentStartInBlockDirection):
(WebCore::InlineIterator::LineBox::LineBox):
(WebCore::InlineIterator::LineBox::contentLogicalTop const):
(WebCore::InlineIterator::LineBox::contentLogicalBottom const):
(WebCore::InlineIterator::LineBox::contentLogicalTopAdjustedForPrecedingLineBox const):
(WebCore::InlineIterator::LineBox::contentLogicalBottomAdjustedForFollowingLineBox const):
(WebCore::InlineIterator::LineBox::top const):
(WebCore::InlineIterator::LineBox::bottom const):
(WebCore::InlineIterator::LineBox::inkOverflowTop const):
(WebCore::InlineIterator::LineBox::inkOverflowBottom const):
(WebCore::InlineIterator::LineBox::contentLogicalLeft const):
(WebCore::InlineIterator::LineBox::contentLogicalRight const):
(WebCore::InlineIterator::LineBox::contentLogicalWidth const):
(WebCore::InlineIterator::LineBox::isHorizontal const):
(WebCore::InlineIterator::LineBox::baselineType const):
(WebCore::InlineIterator::LineBox::containingBlock const):
(WebCore::InlineIterator::LineBox::containingFragment const):
(WebCore::InlineIterator::LineBox::isFirstAfterPageBreak const):
(WebCore::InlineIterator::LineBox::isFirst const):

layout/integration/inline/InlineIteratorLineBoxLegacyPath.h: Renamed from Source/WebCore/layout/integration/InlineIteratorLineBoxLegacyPath.h.

(WebCore::InlineIterator::LineBoxIteratorLegacyPath::LineBoxIteratorLegacyPath):
(WebCore::InlineIterator::LineBoxIteratorLegacyPath::contentLogicalTop const):
(WebCore::InlineIterator::LineBoxIteratorLegacyPath::contentLogicalBottom const):
(WebCore::InlineIterator::LineBoxIteratorLegacyPath::contentLogicalTopAdjustedForPrecedingLineBox const):
(WebCore::InlineIterator::LineBoxIteratorLegacyPath::contentLogicalBottomAdjustedForFollowingLineBox const):
(WebCore::InlineIterator::LineBoxIteratorLegacyPath::top const):
(WebCore::InlineIterator::LineBoxIteratorLegacyPath::bottom const):
(WebCore::InlineIterator::LineBoxIteratorLegacyPath::inkOverflowTop const):
(WebCore::InlineIterator::LineBoxIteratorLegacyPath::inkOverflowBottom const):
(WebCore::InlineIterator::LineBoxIteratorLegacyPath::contentLogicalLeft const):
(WebCore::InlineIterator::LineBoxIteratorLegacyPath::contentLogicalRight const):
(WebCore::InlineIterator::LineBoxIteratorLegacyPath::isHorizontal const):
(WebCore::InlineIterator::LineBoxIteratorLegacyPath::baselineType const):
(WebCore::InlineIterator::LineBoxIteratorLegacyPath::containingBlock const):
(WebCore::InlineIterator::LineBoxIteratorLegacyPath::containingFragment const):
(WebCore::InlineIterator::LineBoxIteratorLegacyPath::isFirstAfterPageBreak const):
(WebCore::InlineIterator::LineBoxIteratorLegacyPath::traverseNext):
(WebCore::InlineIterator::LineBoxIteratorLegacyPath::traversePrevious):
(WebCore::InlineIterator::LineBoxIteratorLegacyPath::operator== const):
(WebCore::InlineIterator::LineBoxIteratorLegacyPath::atEnd const):
(WebCore::InlineIterator::LineBoxIteratorLegacyPath::firstLeafBox const):
(WebCore::InlineIterator::LineBoxIteratorLegacyPath::lastLeafBox const):

layout/integration/inline/InlineIteratorLineBoxModernPath.h: Renamed from Source/WebCore/layout/integration/InlineIteratorLineBoxModernPath.h.

(WebCore::InlineIterator::LineBoxIteratorModernPath::LineBoxIteratorModernPath):
(WebCore::InlineIterator::LineBoxIteratorModernPath::contentLogicalTop const):
(WebCore::InlineIterator::LineBoxIteratorModernPath::contentLogicalBottom const):
(WebCore::InlineIterator::LineBoxIteratorModernPath::top const):
(WebCore::InlineIterator::LineBoxIteratorModernPath::bottom const):
(WebCore::InlineIterator::LineBoxIteratorModernPath::inkOverflowTop const):
(WebCore::InlineIterator::LineBoxIteratorModernPath::inkOverflowBottom const):
(WebCore::InlineIterator::LineBoxIteratorModernPath::contentLogicalTopAdjustedForPrecedingLineBox const):
(WebCore::InlineIterator::LineBoxIteratorModernPath::contentLogicalBottomAdjustedForFollowingLineBox const):
(WebCore::InlineIterator::LineBoxIteratorModernPath::contentLogicalLeft const):
(WebCore::InlineIterator::LineBoxIteratorModernPath::contentLogicalRight const):
(WebCore::InlineIterator::LineBoxIteratorModernPath::isHorizontal const):
(WebCore::InlineIterator::LineBoxIteratorModernPath::baselineType const):
(WebCore::InlineIterator::LineBoxIteratorModernPath::containingBlock const):
(WebCore::InlineIterator::LineBoxIteratorModernPath::containingFragment const):
(WebCore::InlineIterator::LineBoxIteratorModernPath::isFirstAfterPageBreak const):
(WebCore::InlineIterator::LineBoxIteratorModernPath::traverseNext):
(WebCore::InlineIterator::LineBoxIteratorModernPath::traversePrevious):
(WebCore::InlineIterator::LineBoxIteratorModernPath::operator== const):
(WebCore::InlineIterator::LineBoxIteratorModernPath::atEnd const):
(WebCore::InlineIterator::LineBoxIteratorModernPath::firstLeafBox const):
(WebCore::InlineIterator::LineBoxIteratorModernPath::lastLeafBox const):
(WebCore::InlineIterator::LineBoxIteratorModernPath::setAtEnd):
(WebCore::InlineIterator::LineBoxIteratorModernPath::lines const):
(WebCore::InlineIterator::LineBoxIteratorModernPath::line const):

layout/integration/inline/InlineIteratorLogicalOrderTraversal.cpp: Renamed from Source/WebCore/layout/integration/InlineIteratorLogicalOrderTraversal.cpp.

(WebCore::InlineIterator::makeTextLogicalOrderCacheIfNeeded):
(WebCore::InlineIterator::updateTextLogicalOrderCacheIfNeeded):
(WebCore::InlineIterator::firstTextBoxInLogicalOrderFor):
(WebCore::InlineIterator::nextTextBoxInLogicalOrder):
(WebCore::InlineIterator::makeLineLogicalOrderCache):
(WebCore::InlineIterator::updateLineLogicalOrderCacheIfNeeded):
(WebCore::InlineIterator::firstLeafOnLineInLogicalOrder):
(WebCore::InlineIterator::lastLeafOnLineInLogicalOrder):
(WebCore::InlineIterator::nextLeafOnLineInLogicalOrder):
(WebCore::InlineIterator::previousLeafOnLineInLogicalOrder):
(WebCore::InlineIterator::firstLeafOnLineInLogicalOrderWithNode):
(WebCore::InlineIterator::lastLeafOnLineInLogicalOrderWithNode):

layout/integration/inline/InlineIteratorLogicalOrderTraversal.h: Renamed from Source/WebCore/layout/integration/InlineIteratorLogicalOrderTraversal.h.

(WebCore::InlineIterator::leafBoxesInLogicalOrder):

layout/integration/inline/InlineIteratorTextBox.cpp: Renamed from Source/WebCore/layout/integration/InlineIteratorTextBox.cpp.

(WebCore::InlineIterator::TextBox::nextTextBox const):
(WebCore::InlineIterator::TextBox::selectionRect const):
(WebCore::InlineIterator::TextBox::offsetForPosition const):
(WebCore::InlineIterator::TextBox::positionForOffset const):
(WebCore::InlineIterator::TextBox::isCombinedText const):
(WebCore::InlineIterator::TextBox::fontCascade const):
(WebCore::InlineIterator::TextBoxIterator::TextBoxIterator):
(WebCore::InlineIterator::TextBoxIterator::traverseNextTextBox):
(WebCore::InlineIterator::firstTextBoxFor):
(WebCore::InlineIterator::textBoxFor):
(WebCore::InlineIterator::textBoxesFor):

layout/integration/inline/InlineIteratorTextBox.h: Renamed from Source/WebCore/layout/integration/InlineIteratorTextBox.h.

(WebCore::InlineIterator::TextBox::renderer const):
(WebCore::InlineIterator::TextBox::legacyInlineBox const):
(WebCore::InlineIterator::TextBoxIterator::TextBoxIterator):
(WebCore::InlineIterator::TextBoxIterator::operator++):
(WebCore::InlineIterator::TextBoxIterator::operator* const):
(WebCore::InlineIterator::TextBoxIterator::operator-> const):
(WebCore::InlineIterator::TextBoxIterator::get const):
(WebCore::InlineIterator::TextBoxRange::TextBoxRange):
(WebCore::InlineIterator::TextBoxRange::begin const):
(WebCore::InlineIterator::TextBoxRange::end const):
(WebCore::InlineIterator::TextBox::hasHyphen const):
(WebCore::InlineIterator::TextBox::TextBox):
(WebCore::InlineIterator::TextBox::text const):
(WebCore::InlineIterator::TextBox::start const):
(WebCore::InlineIterator::TextBox::end const):
(WebCore::InlineIterator::TextBox::length const):
(WebCore::InlineIterator::TextBox::selectableRange const):
(WebCore::InlineIterator::TextBox::createTextRun const):
(isType):

layout/integration/inline/LayoutIntegrationInlineContent.cpp: Renamed from Source/WebCore/layout/integration/LayoutIntegrationInlineContent.cpp.

(WebCore::LayoutIntegration::InlineContent::InlineContent):
(WebCore::LayoutIntegration::InlineContent::hasContent const):
(WebCore::LayoutIntegration:: const):
(WebCore::LayoutIntegration::InlineContent::~InlineContent):
(WebCore::LayoutIntegration::InlineContent::rendererForLayoutBox const):
(WebCore::LayoutIntegration::InlineContent::containingBlock const):
(WebCore::LayoutIntegration::InlineContent::indexForBox const):
(WebCore::LayoutIntegration::InlineContent::firstBoxForLayoutBox const):
(WebCore::LayoutIntegration::InlineContent::firstBoxIndexForLayoutBox const):
(WebCore::LayoutIntegration::InlineContent::nonRootInlineBoxIndexesForLayoutBox const):
(WebCore::LayoutIntegration::InlineContent::clearAndDetach):
(WebCore::LayoutIntegration::InlineContent::releaseCaches):
(WebCore::LayoutIntegration::InlineContent::shrinkToFit):

layout/integration/inline/LayoutIntegrationInlineContent.h: Renamed from Source/WebCore/layout/integration/LayoutIntegrationInlineContent.h.

(WebCore::LayoutIntegration::InlineContent::create):
(WebCore::LayoutIntegration::InlineContent::hasVisualOverflow const):
(WebCore::LayoutIntegration::InlineContent::setHasVisualOverflow):
(WebCore::LayoutIntegration::InlineContent::lineForBox const):
(WebCore::LayoutIntegration::InlineContent::lineLayout const):
(WebCore::LayoutIntegration::InlineContent::traverseNonRootInlineBoxes):

layout/integration/inline/LayoutIntegrationInlineContentBuilder.cpp: Renamed from Source/WebCore/layout/integration/LayoutIntegrationInlineContentBuilder.cpp.

(WebCore::LayoutIntegration::operator+):
(WebCore::LayoutIntegration::lineOverflowLogicalWidth):
(WebCore::LayoutIntegration::InlineContentBuilder::InlineContentBuilder):
(WebCore::LayoutIntegration::InlineContentBuilder::build const):
(WebCore::LayoutIntegration::InlineContentBuilder::createDisplayLines const):

layout/integration/inline/LayoutIntegrationInlineContentBuilder.h: Renamed from Source/WebCore/layout/integration/LayoutIntegrationInlineContentBuilder.h.
layout/integration/inline/LayoutIntegrationLine.h: Renamed from Source/WebCore/layout/integration/LayoutIntegrationLine.h.

(WebCore::LayoutIntegration::Line::Line):
(WebCore::LayoutIntegration::Line::firstBoxIndex const):
(WebCore::LayoutIntegration::Line::boxCount const):
(WebCore::LayoutIntegration::Line::lineBoxTop const):
(WebCore::LayoutIntegration::Line::lineBoxBottom const):
(WebCore::LayoutIntegration::Line::lineBoxLeft const):
(WebCore::LayoutIntegration::Line::lineBoxRight const):
(WebCore::LayoutIntegration::Line::lineBoxHeight const):
(WebCore::LayoutIntegration::Line::lineBoxWidth const):
(WebCore::LayoutIntegration::Line::enclosingContentTop const):
(WebCore::LayoutIntegration::Line::enclosingContentBottom const):
(WebCore::LayoutIntegration::Line::scrollableOverflow const):
(WebCore::LayoutIntegration::Line::inkOverflow const):
(WebCore::LayoutIntegration::Line::baseline const):
(WebCore::LayoutIntegration::Line::baselineType const):
(WebCore::LayoutIntegration::Line::isHorizontal const):
(WebCore::LayoutIntegration::Line::contentLogicalOffset const):
(WebCore::LayoutIntegration::Line::contentLogicalWidth const):

layout/integration/inline/LayoutIntegrationLineLayout.cpp: Renamed from Source/WebCore/layout/integration/LayoutIntegrationLineLayout.cpp.

(WebCore::LayoutIntegration::LineLayout::LineLayout):
(WebCore::LayoutIntegration::LineLayout::~LineLayout):
(WebCore::LayoutIntegration::LineLayout::blockContainer):
(WebCore::LayoutIntegration::LineLayout::containing):
(WebCore::LayoutIntegration::LineLayout::isEnabled):
(WebCore::LayoutIntegration::LineLayout::canUseFor):
(WebCore::LayoutIntegration::LineLayout::canUseForAfterStyleChange):
(WebCore::LayoutIntegration::LineLayout::canUseForAfterInlineBoxStyleChange):
(WebCore::LayoutIntegration::LineLayout::shouldSwitchToLegacyOnInvalidation const):
(WebCore::LayoutIntegration::LineLayout::updateReplacedDimensions):
(WebCore::LayoutIntegration::LineLayout::updateInlineBlockDimensions):
(WebCore::LayoutIntegration::LineLayout::updateInlineTableDimensions):
(WebCore::LayoutIntegration::LineLayout::updateListItemDimensions):
(WebCore::LayoutIntegration::LineLayout::updateListMarkerDimensions):
(WebCore::LayoutIntegration::contentLogicalWidthForRenderer):
(WebCore::LayoutIntegration::contentLogicalHeightForRenderer):
(WebCore::LayoutIntegration::horizontalLogicalMargin):
(WebCore::LayoutIntegration::verticalLogicalMargin):
(WebCore::LayoutIntegration::logicalBorder):
(WebCore::LayoutIntegration::logicalPadding):
(WebCore::LayoutIntegration::LineLayout::updateLayoutBoxDimensions):
(WebCore::LayoutIntegration::LineLayout::updateLineBreakBoxDimensions):
(WebCore::LayoutIntegration::LineLayout::updateInlineBoxDimensions):
(WebCore::LayoutIntegration::LineLayout::updateStyle):
(WebCore::LayoutIntegration::LineLayout::computeIntrinsicWidthConstraints):
(WebCore::LayoutIntegration::LineLayout::layout):
(WebCore::LayoutIntegration::LineLayout::constructContent):
(WebCore::LayoutIntegration::LineLayout::updateFormattingRootGeometryAndInvalidate):
(WebCore::LayoutIntegration::LineLayout::prepareLayoutState):
(WebCore::LayoutIntegration::LineLayout::prepareFloatingState):
(WebCore::LayoutIntegration::LineLayout::contentLogicalHeight const):
(WebCore::LayoutIntegration::LineLayout::lineCount const):
(WebCore::LayoutIntegration::LineLayout::hasVisualOverflow const):
(WebCore::LayoutIntegration::LineLayout::firstLinePhysicalBaseline const):
(WebCore::LayoutIntegration::LineLayout::lastLineLogicalBaseline const):
(WebCore::LayoutIntegration::LineLayout::adjustForPagination):
(WebCore::LayoutIntegration::LineLayout::collectOverflow):
(WebCore::LayoutIntegration::LineLayout::ensureInlineContent):
(WebCore::LayoutIntegration::LineLayout::textBoxesFor const):
(WebCore::LayoutIntegration::LineLayout::boxFor const):
(WebCore::LayoutIntegration::LineLayout::firstInlineBoxFor const):
(WebCore::LayoutIntegration::LineLayout::firstRootInlineBox const):
(WebCore::LayoutIntegration::LineLayout::firstLineBox const):
(WebCore::LayoutIntegration::LineLayout::lastLineBox const):
(WebCore::LayoutIntegration::LineLayout::firstInlineBoxRect const):
(WebCore::LayoutIntegration::LineLayout::enclosingBorderBoxRectFor const):
(WebCore::LayoutIntegration::LineLayout::visualOverflowBoundingBoxRectFor const):
(WebCore::LayoutIntegration::LineLayout::collectInlineBoxRects const):
(WebCore::LayoutIntegration::LineLayout::rendererForLayoutBox const):
(WebCore::LayoutIntegration::LineLayout::rootLayoutBox const):
(WebCore::LayoutIntegration::LineLayout::rootLayoutBox):
(WebCore::LayoutIntegration::flippedContentOffsetIfNeeded):
(WebCore::LayoutIntegration::LineLayout::paint):
(WebCore::LayoutIntegration::flippedRectForWritingMode):
(WebCore::LayoutIntegration::LineLayout::hitTest):
(WebCore::LayoutIntegration::LineLayout::releaseCaches):
(WebCore::LayoutIntegration::LineLayout::clearInlineContent):
(WebCore::LayoutIntegration::LineLayout::ensureLineDamage):
(WebCore::LayoutIntegration::LineLayout::outputLineTree const):

layout/integration/inline/LayoutIntegrationLineLayout.h: Renamed from Source/WebCore/layout/integration/LayoutIntegrationLineLayout.h.

(WebCore::LayoutIntegration::LineLayout::isPaginated const):
(WebCore::LayoutIntegration::LineLayout::flow const):
(WebCore::LayoutIntegration::LineLayout::flow):

layout/integration/inline/LayoutIntegrationPagination.cpp: Renamed from Source/WebCore/layout/integration/LayoutIntegrationPagination.cpp.

(WebCore::LayoutIntegration::computeLineTopAndBottomWithOverflow):
(WebCore::LayoutIntegration::computeLineBreakIndex):
(WebCore::LayoutIntegration::computeOffsetAfterLineBreak):
(WebCore::LayoutIntegration::setPageBreakForLine):
(WebCore::LayoutIntegration::updateMinimumPageHeight):
(WebCore::LayoutIntegration::makeAdjustedContent):
(WebCore::LayoutIntegration::adjustLinePositionsForPagination):

layout/integration/inline/LayoutIntegrationPagination.h: Renamed from Source/WebCore/layout/integration/LayoutIntegrationPagination.h.
layout/integration/inline/LineSelection.h: Renamed from Source/WebCore/layout/integration/LineSelection.h.

(WebCore::LineSelection::logicalTop):
(WebCore::LineSelection::logicalBottom):
(WebCore::LineSelection::logicalRect):
(WebCore::LineSelection::physicalRect):
(WebCore::LineSelection::logicalTopAdjustedForPrecedingBlock):
(WebCore::LineSelection::selectionState):

5:35 AM Changeset in webkit [292953] by Martin Robinson

16 edits
1 copy
9 adds in trunk/LayoutTests

TestRunner testdriver does not properly focus elements before sending keys to them
https://bugs.webkit.org/show_bug.cgi?id=237589

Reviewed by Carlos Garcia Campos.

LayoutTests/imported/w3c:

web-platform-tests/css/css-scroll-snap/input/keyboard-expected.txt:
web-platform-tests/css/css-scroll-snap/input/keyboard.html:
web-platform-tests/css/css-scroll-snap/input/snap-area-overflow-boundary-expected.txt:
web-platform-tests/css/css-scroll-snap/input/snap-area-overflow-boundary.html:
web-platform-tests/html/semantics/forms/input-change-event-properties-expected.txt:
web-platform-tests/html/semantics/forms/textfieldselection/selection-expected.txt:
web-platform-tests/html/semantics/forms/the-input-element/defaultValue-clobbering-expected.txt:
web-platform-tests/html/semantics/forms/the-input-element/email-set-value-expected.txt:
web-platform-tests/html/semantics/forms/the-input-element/maxlength-number-expected.txt:
web-platform-tests/html/semantics/forms/the-input-element/radio-double-activate-pseudo-expected.txt:
web-platform-tests/html/semantics/selectors/pseudo-classes/invalid-after-clone-expected.txt:
web-platform-tests/resources/testdriver-vendor.js: When sending keys, first focus the element

in question.

LayoutTests:

platform/gtk/imported/w3c/web-platform-tests/html/semantics/forms/input-change-event-properties-expected.txt: Added.
platform/ios-simulator/imported/w3c/web-platform-tests/html/semantics/selectors/pseudo-classes/invalid-after-clone-expected.txt: Copied from LayoutTests/imported/w3c/web-platform-tests/html/semantics/selectors/pseudo-classes/invalid-after-clone-expected.txt.
platform/ios/TestExpectations:
platform/mac-wk1/TestExpectations:
platform/mac-wk1/imported/w3c/web-platform-tests/html/semantics/forms/input-change-event-properties-expected.txt: Added.
platform/mac/imported/w3c/web-platform-tests/css/css-scroll-snap/input/keyboard-expected.txt: Added.
platform/mac/imported/w3c/web-platform-tests/css/selectors/focus-visible-008-expected.txt:

4:47 AM Changeset in webkit [292952] by clopez@igalia.com

2 edits in trunk/Source/WebCore

[GTK][WPE] Build fix after r292951
https://bugs.webkit.org/show_bug.cgi?id=239426

Debug build was broken on GTK and WPE after r292951. Fix it.

Unreviewed build-fix.

No new tests, no change in behaviour.

platform/network/MIMEHeader.cpp:

(WebCore::MIMEHeader::parseContentTransferEncoding):

Apr 17, 2022:

10:55 PM Changeset in webkit [292951] by Chris Dumez

40 edits in trunk/Source

Leverage StringView in more places
https://bugs.webkit.org/show_bug.cgi?id=239426

Reviewed by Sam Weinig.

Leverage StringView in more places, to reduce the number of String allocations.

Source/WebCore:

Modules/applicationmanifest/ApplicationManifestParser.cpp:

(WebCore::ApplicationManifestParser::parseDisplay):
(WebCore::ApplicationManifestParser::parseIcons):

Modules/indexeddb/server/SQLiteIDBCursor.cpp:

(WebCore::IDBServer::SQLiteIDBCursor::createSQLiteStatement):

Modules/indexeddb/server/SQLiteIDBCursor.h:
Modules/webdatabase/Database.cpp:

(WebCore::setTextValueInDatabase):
(WebCore::retrieveTextResultFromDatabase):

accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:

(-[WebAccessibilityObjectWrapper determineIsAccessibilityElement]):
(appendStringToResult): Deleted.
(accessibleElementsForObjects): Deleted.
(rendererForView): Deleted.

css/parser/MediaQueryParser.h:

(WebCore::MediaQueryParser::MediaQueryData::setMediaType):

editing/Editor.cpp:

(WebCore::Editor::transpose):

editing/FrameSelection.cpp:

(WebCore::FrameSelection::debugRenderer const):

html/MediaFragmentURIParser.cpp:

(WebCore::collectFraction):
(WebCore::MediaFragmentURIParser::parseNPTTime):

html/StepRange.cpp:

(WebCore::StepRange::parseStep):

html/StepRange.h:
html/parser/HTMLParserIdioms.cpp:

(WebCore::parseToDecimalForNumberType):
(WebCore::parseToDoubleForNumberType):

html/parser/HTMLParserIdioms.h:
inspector/agents/InspectorDOMAgent.cpp:

(WebCore::InspectorDOMAgent::setAttributesAsText):

layout/formattingContexts/inline/InlineItemsBuilder.cpp:

(WebCore::Layout::replaceNonPreservedNewLineCharactersAndAppend):

layout/integration/LayoutIntegrationCoverage.cpp:

(WebCore::LayoutIntegration::printTextForSubtree):

page/TextIndicator.cpp:

(WebCore::containsOnlyWhiteSpaceText):

platform/Decimal.cpp:

(WebCore::Decimal::fromString):

platform/Decimal.h:
platform/network/CacheValidation.cpp:

(WebCore::parseCacheHeader):
(WebCore::parseCacheControlDirectives):

platform/network/HTTPParsers.cpp:

(WebCore::filenameFromHTTPContentDisposition):

platform/network/HTTPParsers.h:
platform/network/MIMEHeader.cpp:

(WebCore::retrieveKeyValuePairs):
(WebCore::MIMEHeader::parseContentTransferEncoding):

platform/network/MIMEHeader.h:
platform/network/ParsedContentType.cpp:

(WebCore::ParsedContentType::setContentType):

platform/network/ResourceResponseBase.cpp:

(WebCore::ResourceResponseBase::isAttachment const):
(WebCore::ResourceResponseBase::isAttachmentWithFilename const):

platform/network/curl/ResourceResponseCurl.cpp:

(WebCore::ResourceResponse::platformSuggestedFilename const):

platform/sql/SQLiteDatabase.cpp:

(WebCore::SQLiteDatabase::executeCommandSlow):
(WebCore::SQLiteDatabase::clearAllTables):
(WebCore::SQLiteDatabase::prepareStatementSlow):
(WebCore::SQLiteDatabase::prepareHeapStatementSlow):

platform/sql/SQLiteDatabase.h:
platform/xr/PlatformXR.h:

(PlatformXR::parseSessionFeatureDescriptor):

svg/SVGAnimationElement.cpp:

(WebCore::parseKeyTimes):
(WebCore::SVGAnimationElement::parseAttribute):

Source/WebKit:

WebProcess/WebPage/Cocoa/WebPageCocoa.mm:

(WebKit::WebPage::dictionaryPopupInfoForRange):

Source/WebKitLegacy/mac:

WebView/WebImmediateActionController.mm:

(+[WebImmediateActionController _dictionaryPopupInfoForRange:inFrame:withLookupOptions:indicatorOptions:transition:]):

Source/WTF:

wtf/text/StringImpl.cpp:
wtf/text/StringImpl.h:

(WTF::isNotSpaceOrNewline):

wtf/text/WTFString.h:

2:52 PM Changeset in webkit [292950] by mark.lam@apple.com

4 edits in trunk/Source/JavaScriptCore

Harden JSObject::setPrototypeOf.
https://bugs.webkit.org/show_bug.cgi?id=239440

Reviewed by Yusuke Suzuki.

runtime/JSObject.cpp:

(JSC::JSObject::setPrototypeDirect):
(JSC::JSObject::setPrototypeWithCycleCheck):

runtime/JSObject.h:
runtime/ObjectConstructor.cpp:

(JSC::objectConstructorSetPrototypeOf):

2:01 PM Changeset in webkit [292949] by Lauro Moura

5 edits in trunk/Source/WebCore

Unreviewed, non-unified build fixes after 249632@main
https://bugs.webkit.org/show_bug.cgi?id=239436

workers/DedicatedWorkerThread.cpp:
workers/WorkerGlobalScope.cpp:
workers/WorkerScriptLoader.cpp:
workers/service/ServiceWorkerClientData.cpp:

6:32 AM Changeset in webkit [292948] by Alan Bujtas

2 edits in trunk/Source/WebCore

RenderDeprecatedFlexibleBox::applyLineClamp should use size_t
https://bugs.webkit.org/show_bug.cgi?id=239389

Reviewed by Darin Adler.

Use size_t consistently in applyLineClamp.
While LineClampValue is int based, it can also be a percent type which expands the clamping range to size_t.

getHeightForLineCount -> use size_t and drop the magic -1.
heightForLineCount -> return LayoutUnit instead of int.

rendering/RenderDeprecatedFlexibleBox.cpp:

(WebCore::getHeightForLineCount):
(WebCore::heightForLineCount):
(WebCore::RenderDeprecatedFlexibleBox::applyLineClamp):

1:08 AM Changeset in webkit [292947] by rniwa@webkit.org

13 edits
3 adds in trunk

Make release assertion in Document::updateLayout more precise for FrameSelection::setSelection
https://bugs.webkit.org/show_bug.cgi?id=239431

Reviewed by Alan Bujtas.

Source/WebCore:

Avoid the assertion failure by allowing no-op layout updates within FrameSelection::setSelection.

To do this, this patch introduces a new RAII object, UpToDateLayoutScope, which denotes when when the layout
is up-to-date and therefore does not require a new layout update. When this scope exists in the stack frame,
we allow calls to Document::updateLayout even inside ScriptDisallowedScope. We also assert that nobody attempts
to schedule a new style resolution or layout when this object exists.

Test: fast/forms/textarea-selection-update-during-DOMNodeRemoved-crash.html

WebCore.xcodeproj/project.pbxproj:
dom/Document.cpp:

(WebCore::Document::scheduleStyleRecalc):
(WebCore::Document::updateLayout):

dom/Document.h:

(WebCore::Document::upToDateLayoutScopeCount const):
(WebCore::Document::incrementUpToDateLayoutScopeCount):
(WebCore::Document::decrementUpToDateLayoutScopeCount):

editing/FrameSelection.cpp:

(WebCore::FrameSelection::setSelection):

page/FrameViewLayoutContext.cpp:

(WebCore::FrameViewLayoutContext::scheduleLayout):

rendering/RenderObject.h:

(WebCore::RenderObject::isSetNeedsLayoutForbidden const):

rendering/UpToDateLayoutScope.h: Added.

(WebCore::UpToDateLayoutScope::UpToDateLayoutScope):
(WebCore::UpToDateLayoutScope::~UpToDateLayoutScope):
(WebCore::UpToDateLayoutScope::scopeIfLayoutIsUpToUpdate):
(WebCore::UpToDateLayoutScope::needsLayout):

LayoutTests:

Add a regression test, and fix existing accessibility tests which were mutating DOM inside setSelection
via should* functions. In production, this will never happen since accessibility notification will be sent
to UI process asynchronously and accesssibility code won't try to mutate DOM synchronously.

accessibility/mac/focus-setting-selection-syncronizing-not-clearing-expected.txt: Rebaselined.
accessibility/mac/focus-setting-selection-syncronizing-not-clearing.html: Delay DOM mutations in should*

until the notification is over.

accessibility/mac/selection-change-userinfo.html: Ditto.
accessibility/mac/selection-sync.html: Ditto.
accessibility/mac/selection-value-changes-for-aria-textbox.html: Ditto.
fast/forms/textarea-selection-update-during-DOMNodeRemoved-crash-expected.txt: Added.
fast/forms/textarea-selection-update-during-DOMNodeRemoved-crash.html: Added.

Apr 16, 2022:

9:22 PM Changeset in webkit [292946] by mark.lam@apple.com

2 edits in trunk/Source/JavaScriptCore

Fix a deadlock in VMTraps.
https://bugs.webkit.org/show_bug.cgi?id=239421
<rdar://problem/91851592>

Reviewed by Michael Saboff.

The sampling profiler first acquires the codeBlockSet lock followed by the ThreadSuspendLocker.
VMTraps, on the other hand, first acquires the ThreadSuspendLocker followed by the
codeBlockSet lock. As a result, VMTraps can deadlock with the Sampling Profiler
thread, and leave the mutator in a suspended state, or forever blocked on the
codeBlockSet lock.

This was discovered while running the stress/has-indexed-property-with-worsening-array-mode.js.ftl-no-cjit-validate-sampling-profiler
test on a Debug build of jsc on an M1 MBP. Since it requires a race condition to
reproduce, reproducibility is not always reliable.

runtime/VMTraps.cpp:

(JSC::VMTraps::tryInstallTrapBreakpoints):

8:56 PM Changeset in webkit [292945] by Chris Dumez

22 edits in trunk

Drop String::truncate() and use String::left() instead
https://bugs.webkit.org/show_bug.cgi?id=239412

Reviewed by Darin Adler.

Source/WebCore:

Modules/highlight/AppHighlightStorage.cpp:

(WebCore::createAppHighlightRangeData):

dom/FragmentDirectiveParser.cpp:

(WebCore::FragmentDirectiveParser::parseFragmentDirective):

html/HTMLImageElement.cpp:

(WebCore::HTMLImageElement::bestFitSourceFromPictureElement):

html/TextFieldInputType.cpp:

(WebCore::TextFieldInputType::handleBeforeTextInsertedEvent):

loader/FTPDirectoryParser.h:

(WebCore::ListResult::clear):

loader/FrameLoader.cpp:

(WebCore::FrameLoader::didBeginDocument):

page/CaptionUserPreferencesMediaAF.cpp:

(WebCore::languageIdentifier):

platform/graphics/avfoundation/objc/AVAssetTrackUtilities.mm:

(WebCore::contentTypesToCodecs):

platform/text/hyphen/HyphenationLibHyphen.cpp:

(WebCore::scanDirectoryForDictionaries):

platform/win/ClipboardUtilitiesWin.cpp:

(WebCore::extractURL):

Source/WebKit:

Shared/mac/AuxiliaryProcessMac.mm:

(WebKit::getUserDirectorySuffix):

Source/WebKitLegacy/win:

WebDownloadCFNet.cpp:

(WebDownload::initToResumeWithBundle):

Source/WTF:

String::truncate() and String::left() have identical behavior. The only difference is that truncate()
modifies the String in place (which is a bit confusing), while left() returns a new String, without
modifying the original. To simplify our API, I am dropping String::truncate().

wtf/text/WTFString.cpp:

(WTF::String::truncate): Deleted.

wtf/text/WTFString.h:
wtf/unix/LanguageUnix.cpp:

(WTF::platformLanguage):

wtf/win/LanguageWin.cpp:

(WTF::localeInfo):

Tools:

WebKitTestRunner/InjectedBundle/InjectedBundlePage.cpp:

(WTR::InjectedBundlePage::willAddMessageToConsole):

8:13 PM Changeset in webkit [292944] by Wenson Hsieh

5 edits in trunk

[macOS] Image controls are editable and prevent drops in editable web views
https://bugs.webkit.org/show_bug.cgi?id=239423
rdar://81027082

Reviewed by Darin Adler.

Source/WebCore:

Adjust the UA stylesheet for image controls (i.e., the services dropdown menu button) such that:

The container for image controls is non-editable, and:
The container above the button (which encompasses the bounds of the host image) ignores hit-testing.

This ensures that we're able to handle a drop over an image with image controls in an editable web view, by
inserting the dropped content before or after the image element (as opposed to either inserting it inside the
shadow root of the image, or not handling the drop via editing at all).

Test: WKAttachmentTestsMac.DropImageOverImageWithControls

dom/mac/ImageControlsMac.cpp:

(WebCore::ImageControlsMac::createImageControls):

html/shadow/mac/imageControlsMac.css:

(#if defined(ENABLE_SERVICE_CONTROLS) && ENABLE_SERVICE_CONTROLS):
(button#image-controls-button):

Make the contents of the image controls container non-selectable, and also avoid hit-testing over the container.

(:host(:hover) button#image-controls-button):
(div#image-controls button#image-controls-button): Deleted.

Ensure that the services menu button itself can still be activated by setting pointer-events: auto; when the
host element (i.e. the img) is hovered. It's important that we use the host element's hover state instead of
the containing #image-controls, since this container now has pointer-events: none;.

These changes make it still possible to reveal and interact with the services menu button, but allows
drag-and-drop to avoid hit-testing into shadow root content for an image with controls.

(div#image-controls:hover button#image-controls-button): Deleted.

Tools:

Add a new API test to exercise the change.

TestWebKitAPI/Tests/WebKitCocoa/WKAttachmentTests.mm:

(TestWebKitAPI::TEST):

3:59 PM Changeset in webkit [292943] by Chris Dumez

4 edits in trunk/Source/WebCore

Optimize id matching in AccessibilityObject::ariaElementsReferencedByAttribute()
https://bugs.webkit.org/show_bug.cgi?id=239406
<rdar://problem/91829358>

Reviewed by Darin Adler.

For every element in the DOM tree, the function would get the value of ones of its attributes,
then construct a SpaceSplitString (which would tokenize and atomize every space-separated
component in the value), and finally see if the SpaceSplitString contains the id we're looking
for. This was unnecessarily expensive.

This patch revives SpaceSplitString::spaceSplitStringContainsValue() which was unused and makes
it work with a StringView input instead of only a const char*/LChar*. We now use this function
inside AccessibilityObject::ariaElementsReferencedByAttribute() to avoid the construction of
a SpaceSplitString. spaceSplitStringContainsValue() simply iterates the string until it finds
an HTML space, then compare the chunk of characters with the provided StringView. If it matches,
it returns early, otherwise, it keeps searching till the end of the String.

accessibility/AccessibilityObject.cpp:

(WebCore::AccessibilityObject::ariaElementsReferencedByAttribute const):

dom/SpaceSplitString.cpp:

(WebCore::tokenizeSpaceSplitString):
(WebCore::TokenIsEqualToCharactersTokenProcessor::TokenIsEqualToCharactersTokenProcessor):
(WebCore::TokenIsEqualToCharactersTokenProcessor::processToken):
(WebCore::spaceSplitStringContainsValueInternal):
(WebCore::SpaceSplitString::spaceSplitStringContainsValue):
(WebCore::TokenIsEqualToCStringTokenProcessor::TokenIsEqualToCStringTokenProcessor): Deleted.
(WebCore::TokenIsEqualToCStringTokenProcessor::processToken): Deleted.
(WebCore::TokenIsEqualToCStringTokenProcessor::referenceStringWasFound const): Deleted.

dom/SpaceSplitString.h:

(WebCore::SpaceSplitString::spaceSplitStringContainsValue): Deleted.

1:31 PM Changeset in webkit [292942] by Chris Dumez

10 edits in trunk/Source

Replace complex String::insert() with a simplified makeStringByInserting() free function
https://bugs.webkit.org/show_bug.cgi?id=239370

Reviewed by Darin Adler.

Source/WebCore:

Modules/mediasource/MediaSource.cpp:

(WebCore::addVP9FullRangeVideoFlagToContentType):

dom/CharacterData.cpp:

(WebCore::CharacterData::insertData):
(WebCore::CharacterData::replaceData):

html/HTMLTextFormControlElement.cpp:

(WebCore::HTMLTextFormControlElement::setRangeText):

platform/network/DataURLDecoder.cpp:

(WebCore::DataURLDecoder::DecodeTask::process):

platform/win/PasteboardWin.cpp:

(WebCore::createGlobalImageFileDescriptor):

Source/WTF:

wtf/text/WTFString.cpp:

(WTF::makeStringByInserting):
(WTF::String::insert): Deleted.
(WTF::String::append): Deleted.

wtf/text/WTFString.h:

12:28 PM Changeset in webkit [292941] by mmaxfield@apple.com

2 edits in trunk/Source/WebGPU

[WebGPU] Fix the Big Sur build
https://bugs.webkit.org/show_bug.cgi?id=239422

Unreviewed.

HardwareLimits.mm:338:23: error: constexpr function never produces a constant expression [-Winvalid-constexpr]

WebGPU/HardwareLimits.mm:

(WebGPU::checkLimits):

Apr 15, 2022:

9:47 PM Changeset in webkit [292940] by mmaxfield@apple.com

13 edits
1 copy
1 add in trunk/Source

[WebGPU] Implement hardware limits
https://bugs.webkit.org/show_bug.cgi?id=239377

Reviewed by Darin Adler.

Source/WebCore/PAL:

This patch adds support for "limits" as described in https://gpuweb.github.io/gpuweb/#limits.
Various operations query the limits of the device to know whether the requested operation is
within range. E.g. if content tries to make a texture too big, this is how we catch it ahead of
time.

pal/graphics/WebGPU/Impl/WebGPUAdapterImpl.cpp:

(PAL::WebGPU::AdapterImpl::requestDevice):

Source/WebGPU:

We gather the values of the limits from the Metal Feature Set Tables
at https://developer.apple.com/metal/Metal-Feature-Set-Tables.pdf.

There are no limit tables for the Common families, so we use Apple
and Mac families instead.

Test: webgpu/api/validation/createTexture

WebGPU.xcodeproj/project.pbxproj:
WebGPU/Adapter.h:

(WebGPU::Adapter::create):

WebGPU/Adapter.mm:

(WebGPU::Adapter::Adapter):
(WebGPU::Adapter::requestDevice):
(WebGPU::Adapter::requestInvalidDevice):
(wgpuAdapterRequestInvalidDeviceWithBlock):
(WebGPU::deviceMeetsRequiredLimits): Deleted.

WebGPU/Device.h:
WebGPU/Device.mm:

(WebGPU::Device::create):
(WebGPU::Device::Device):

WebGPU/HardwareLimits.h: Copied from Source/WebGPU/WebGPU/Adapter.h.
WebGPU/HardwareLimits.mm: Added.

(WebGPU::apple3):
(WebGPU::apple4):
(WebGPU::apple5):
(WebGPU::apple6):
(WebGPU::apple7):
(WebGPU::mac2):
(WebGPU::rawLimits):
(WebGPU::checkLimits):
(WebGPU::limits):
(WebGPU::isValid):
(WebGPU::anyLimitIsBetterThan):

WebGPU/Instance.mm:

(WebGPU::Instance::requestAdapter):

WebGPU/Texture.mm:

(WebGPU::Device::validateCreateTexture):
(WebGPU::Texture::createView):

WebGPU/WebGPUExt.h:

Source/WTF:

Add missing #include.

wtf/PageBlock.h:

9:44 PM Changeset in webkit [292939] by Chris Dumez

58 edits in trunk/Source

Leverage StringView in more places to avoid some String allocations
https://bugs.webkit.org/show_bug.cgi?id=239356

Reviewed by Darin Adler.

Source/JavaScriptCore:

inspector/ContentSearchUtilities.cpp:

(Inspector::ContentSearchUtilities::getRegularExpressionMatchesByLines):
(Inspector::ContentSearchUtilities::findMagicComment):

runtime/ExceptionHelpers.cpp:

(JSC::invalidParameterInSourceAppender):
(JSC::invalidParameterInstanceofSourceAppender):

runtime/IntlDateTimeFormat.cpp:

(JSC::IntlDateTimeFormat::formatToParts const):
(JSC::IntlDateTimeFormat::formatRangeToParts):

runtime/IntlListFormat.cpp:

(JSC::IntlListFormat::formatToParts const):

runtime/IntlNumberFormat.cpp:

(JSC::IntlNumberFormat::formatRangeToPartsInternal):

tools/FunctionOverrides.cpp:

(JSC::initializeOverrideInfo):

Source/WebCore:

Modules/fetch/FetchBodyConsumer.cpp:

(WebCore::FetchBodyConsumer::packageFormData):

Modules/mediastream/libwebrtc/LibWebRTCRtpTransceiverBackend.cpp:

(WebCore::toRtpCodecCapability):

Modules/model-element/scenekit/SceneKitModelLoader.mm:

(WebCore::mimeTypeUtilizingFileExtensionOverridingForLocalFiles):

Modules/plugins/PluginReplacement.h:

(WebCore::ReplacementPlugin::supportsFileExtension const):

Modules/plugins/YouTubePluginReplacement.cpp:

(WebCore::YouTubePluginReplacement::supportsFileExtension):

Modules/plugins/YouTubePluginReplacement.h:
animation/KeyframeEffect.cpp:

(WebCore::KeyframeEffect::setPseudoElement):

css/ContainerQueryParser.cpp:

(WebCore::ContainerQueryParser::consumePlainSizeFeature):

css/parser/CSSSelectorParser.cpp:

(WebCore::consumeANPlusB):

dom/SecurityContext.cpp:

(WebCore::SecurityContext::parseSandboxPolicy):

dom/SecurityContext.h:
fileapi/ThreadableBlobRegistry.cpp:

(WebCore::isBlobURLContainsNullOrigin):

html/DOMTokenList.cpp:

(WebCore::DOMTokenList::updateTokensFromAttributeValue):

html/DOMTokenList.h:
html/HTMLMapElement.cpp:

(WebCore::HTMLMapElement::parseAttribute):

html/HTMLPlugInElement.cpp:

(WebCore::pluginReplacementForType):

html/track/WebVTTParser.cpp:

(WebCore::WebVTTParser::checkAndCreateRegion):
(WebCore::WebVTTParser::checkAndStoreRegion):
(WebCore::WebVTTParser::checkStyleSheet):
(WebCore::WebVTTParser::checkAndStoreStyleSheet):

html/track/WebVTTParser.h:
inspector/InspectorStyleSheet.cpp:

(WebCore::StyleSheetHandler::observeProperty):
(WebCore::StyleSheetHandler::observeComment):

layout/formattingContexts/inline/InlineLineBuilder.cpp:

(WebCore::Layout::toString):

layout/formattingContexts/inline/display/InlineDisplayContentBuilder.cpp:

(WebCore::Layout::InlineDisplayContentBuilder::appendTextDisplayBox):

layout/layouttree/LayoutInlineTextBox.h:

(WebCore::Layout::InlineTextBox::content const):

loader/appcache/ApplicationCacheStorage.cpp:

(WebCore::ApplicationCacheStorage::store):
(WebCore::ApplicationCacheStorage::writeDataToUniqueFileInDirectory):

loader/appcache/ApplicationCacheStorage.h:
loader/cache/CachedSVGFont.cpp:

(WebCore::CachedSVGFont::getSVGFontById const):
(WebCore::CachedSVGFont::maybeInitializeExternalSVGFontElement):

loader/cache/CachedSVGFont.h:
page/Location.cpp:

(WebCore::Location::setHash):

page/Page.cpp:

(WebCore::Page::userStyleSheetLocationChanged):

page/UserContentURLPattern.cpp:

(WebCore::UserContentURLPattern::parse):

page/UserContentURLPattern.h:

(WebCore::UserContentURLPattern::UserContentURLPattern):

platform/MIMETypeRegistry.cpp:

(WebCore::typesForCommonExtension):
(WebCore::MIMETypeRegistry::mediaMIMETypeForExtension):

platform/MIMETypeRegistry.h:
platform/cocoa/DragImageCocoa.mm:

(WebCore::createDragImageIconForCachedImageFilename):

platform/graphics/MediaPlayer.cpp:

(WebCore::MediaPlayer::load):

platform/graphics/angle/GraphicsContextGLANGLE.cpp:

(WebCore::GraphicsContextGLANGLE::getUnmangledInfoLog):

platform/graphics/avfoundation/InbandTextTrackPrivateAVF.cpp:

(WebCore::InbandTextTrackPrivateAVF::processCueAttributes):

platform/graphics/opengl/GraphicsContextGLOpenGL.cpp:

(WebCore::GraphicsContextGLOpenGL::getUnmangledInfoLog):

platform/network/HTTPParsers.cpp:

(WebCore::parseStructuredFieldValue):
(WebCore::parseRange):

platform/network/HTTPParsers.h:
platform/network/MIMEHeader.cpp:

(WebCore::retrieveKeyValuePairs):

platform/network/ParsedContentType.cpp:

(WebCore::ParsedContentType::setContentType):

platform/network/ParsedContentType.h:
rendering/RenderListMarker.cpp:

(WebCore::RenderListMarker::textRun const):

Source/WebKit:

Platform/cocoa/ImageAnalysisUtilities.mm:

(WebKit::makeTextRecognitionResult):

UIProcess/Cocoa/MediaPermissionUtilities.mm:

(WebKit::visibleDomain):

WebProcess/Plugins/PluginView.cpp:

(WebKit::PluginView::performJavaScriptURLRequest):

Source/WebKitLegacy/mac:

Misc/WebUserContentURLPattern.mm:

(-[WebUserContentURLPattern initWithPatternString:]):

8:41 PM Changeset in webkit [292938] by Chris Dumez

23 edits in trunk/Source/WebCore

Rename WebCore::webCoreBuiltinNames() to WebCore::builtinNames()
https://bugs.webkit.org/show_bug.cgi?id=239408

Reviewed by Darin Adler.

bindings/js/JSDOMGlobalObject.cpp:

(WebCore::JSDOMGlobalObject::addBuiltinGlobals):

bindings/js/JSDOMMapLike.cpp:

(WebCore::getBackingMap):

bindings/js/JSDOMSetLike.cpp:

(WebCore::getBackingSet):

bindings/js/JSDOMWindowBase.cpp:

(WebCore::JSDOMWindowBase::initStaticGlobals):
(WebCore::JSDOMWindowBase::finishCreation):
(WebCore::JSDOMWindowBase::updateDocument):

bindings/js/JSDOMWindowCustom.cpp:

(WebCore::jsDOMWindowGetOwnPropertySlotRestrictedAccess):
(WebCore::JSDOMWindow::getOwnPropertySlot):
(WebCore::JSDOMWindow::put):
(WebCore::addCrossOriginPropertyNames):
(WebCore::JSDOMWindow::defineOwnProperty):
(WebCore::JSDOMWindow::setOpener):
(WebCore::JSDOMWindow::openDatabase const):
(WebCore::JSDOMWindow::setOpenDatabase):

bindings/js/JSEventListener.cpp:

(WebCore::JSEventListener::handleEvent):

bindings/js/JSLocationCustom.cpp:

(WebCore::getOwnPropertySlotCommon):
(WebCore::JSLocation::put):

bindings/js/JSRemoteDOMWindowCustom.cpp:

(WebCore::JSRemoteDOMWindow::put):

bindings/js/ReadableStream.cpp:

(WebCore::ReadableStream::create):
(WebCore::ReadableStream::lock):

bindings/js/ScriptController.cpp:

(WebCore::ScriptController::setupModuleScriptHandlers):

bindings/js/ScriptModuleLoader.cpp:

(WebCore::rejectToPropagateNetworkError):
(WebCore::rejectWithFetchError):

bindings/js/WebCoreJSClientData.h:

(WebCore::builtinNames):
(WebCore::webCoreBuiltinNames): Deleted.

bindings/scripts/CodeGeneratorJS.pm:

(GenerateImplementation):

bindings/scripts/test/JS/JSDOMWindow.cpp:

(WebCore::JSDOMWindow::finishCreation):

bindings/scripts/test/JS/JSTestConditionallyReadWrite.cpp:

(WebCore::JSTestConditionallyReadWritePrototype::finishCreation):
(WebCore::JSTestConditionallyReadWrite::finishCreation):

bindings/scripts/test/JS/JSTestEnabledBySetting.cpp:

(WebCore::JSTestEnabledBySetting::finishCreation):

bindings/scripts/test/JS/JSTestEnabledForContext.cpp:

(WebCore::JSTestEnabledForContext::finishCreation):

bindings/scripts/test/JS/JSTestGlobalObject.cpp:

(WebCore::JSTestGlobalObject::finishCreation):

bindings/scripts/test/JS/JSTestObj.cpp:

(WebCore::JSTestObjPrototype::finishCreation):

html/HTMLMediaElement.cpp:

(WebCore::controllerJSValue):
(WebCore::HTMLMediaElement::didAddUserAgentShadowRoot):

testing/Internals.cpp:

(WebCore::Internals::cloneArrayBuffer):

workers/WorkerOrWorkletScriptController.cpp:

(WebCore::WorkerOrWorkletScriptController::loadModuleSynchronously):
(WebCore::WorkerOrWorkletScriptController::loadAndEvaluateModule):

6:59 PM Changeset in webkit [292937] by Jonathan Bedard

9 edits in trunk

[git-webkit] Allow projects to declare alternate remotes
https://bugs.webkit.org/show_bug.cgi?id=239261
<rdar://problem/91654752>

Reviewed by Dewei Zhu.

Tools/Scripts/libraries/webkitscmpy/setup.py: Bump verison.
Tools/Scripts/libraries/webkitscmpy/webkitscmpy/init.py: Ditto.
Tools/Scripts/libraries/webkitscmpy/webkitscmpy/local/git.py:

(Git.remote): Move logic to remote.Scm.from_url.

Tools/Scripts/libraries/webkitscmpy/webkitscmpy/program/setup.py:

(Setup.github): Allow user to specify trailing remote name.
(Setup._add_remote): Add a remote or modify exising remote.
(Setup._fork_remote): Determine a remote url based on origin url.
(Setup.git): If the project declares remotes, check if the user is using the righ origin. Warn them
if they are not. Check if the user has access to alternate remotes, if they do, add those remotes
and create forks for them. Fetch all fork remotes. Do not fork repository if origin does not match
declared origin.

Tools/Scripts/libraries/webkitscmpy/webkitscmpy/remote/scm.py:

(Scm.from_url): Moved logic from local.Git.remote.

Tools/Scripts/libraries/webkitscmpy/webkitscmpy/test/setup_unittest.py:
metadata/git_config_extension: Add expected remotes.

Canonical link: https://commits.webkit.org/249702@main

6:16 PM Changeset in webkit [292936] by Jonathan Bedard

2 edits in trunk/Websites/webkit.org

[webkit.org] Remove leading r from archive revisions (Follow-up fix)
https://bugs.webkit.org/show_bug.cgi?id=239322
<rdar://problem/91735590>

Reviewed by Alexey Proskuryakov.

Websites/webkit.org/wp-content/themes/webkit/build-archives.php:

Identifiers are strings, not integers. Use new v3 endpoint.

Canonical link: https://commits.webkit.org/249700@main

6:16 PM Changeset in webkit [292935] by Wenson Hsieh

4 edits in trunk/Source/WebKit

Add a helper function to perform additional setup on VKCImageAnalysis(Interaction|OverlayView)
https://bugs.webkit.org/show_bug.cgi?id=239391
rdar://91466567

Reviewed by Tim Horton.

Add a helper function to ImageAnalysisUtilities, and call it on both iOS (WKContentView) and macOS
(WebViewImpl).

Platform/cocoa/ImageAnalysisUtilities.h:
UIProcess/Cocoa/WebViewImpl.mm:

(WebKit::WebViewImpl::installImageAnalysisOverlayView):

UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView _singleTapIdentified:]):
(-[WKContentView installImageAnalysisInteraction:]):
(-[WKContentView imageAnalysisInteraction:shouldBeginAtPoint:forAnalysisType:]):

Add support for toggling the Live Text overlay when tapping on the image analysis button owned by the
interaction. This custom handling is necessary, since the synthetic tap gesture recognizer does not recognize
simultaneously alongside the tap gesture for VisionKit's UIButton, and we can't (easily) grab VisionKit's
button's tap gesture to add failure requirements to our synthetic tap gesture.

6:11 PM Changeset in webkit [292934] by commit-queue@webkit.org

2 edits in trunk/Source/WTF

IGNORE_WARNINGS_BEGIN should not warn about unrecognized warnings
https://bugs.webkit.org/show_bug.cgi?id=239344

Patch by Michael Catanzaro <Michael Catanzaro> on 2022-04-15
Reviewed by Darin Adler.

If the compiler does not support has_warning(), then let's also
suppress -Wpragmas to avoid warnings about unrecognized warnings.

Let's make a couple drive-by cleanups as well. Notably,
IGNORE_WARNINGS_BEGIN_IMPL_ is unused and can be removed.

Source/WTF/wtf/Compiler.h:

Canonical link: https://commits.webkit.org/249699@main

5:49 PM Changeset in webkit [292933] by Matteo Flores

7 edits in trunk/LayoutTests

REBASLINE: [ Monterey wk2 ] 7 /paymentrequest/* tests are constant text failures https://bugs.webkit.org/show_bug.cgi?id=238908 Unreviewed rebasline & test gardening. * http/tests/paymentrequest/updateWith-shippingOptions.https-expected.txt: * platform/mac-wk2/TestExpectations: * platform/ios-wk2/TestExpectations:

5:18 PM Changeset in webkit [292932] by Karl Rackler

2 edits in trunk/LayoutTests

[ Monterey wk2 ] WebGL conformance tests are a flaky time out
Adding additional tests
https://bugs.webkit.org/show_bug.cgi?id=239388

Unreviewed test gardening.

platform/mac-wk2/TestExpectations:

5:11 PM Changeset in webkit [292931] by Karl Rackler

2 edits in trunk/LayoutTests

[ Monterey wk2 debug ] WebGL conformance tests are a flaky time out
Adding additional tests
https://bugs.webkit.org/show_bug.cgi?id=239386

Unreviewed test gardening.

platform/mac-wk2/TestExpectations:

5:07 PM Changeset in webkit [292930] by Justin Michaud

2 edits in trunk

Add GitHub info to contributors.json
https://bugs.webkit.org/show_bug.cgi?id=239410

Reviewed by Yusuke Suzuki.

metadata/contributors.json:

5:00 PM Changeset in webkit [292929] by ysuzuki@apple.com

545 edits in trunk

[JSC] Remove VM& parameter from structure related code including jsDyamicCast
https://bugs.webkit.org/show_bug.cgi?id=239362

Reviewed by Darin Adler.

As structure lookup no longer requires VM&, we can remove bunch of VM& parameter from various methods: classInfo, structure, methodTable etc.
And it leads to removing VM& from jsDynamicCast. This is important since this makes it possible to incorporate the underlying mechanism of
WebCore downcast + jsDynamicCast. I like keeping jsDynamicCast name since it is clear that this is JSCell, but we can (1) unify the underlying
implementations and (2) add static_assert(std::base_v<T, JSCell>) in jsDynamicCast so that we can keep jsDynamicCast interface.
It also has a chance to avoid unnecessary load of VM& in various places.

We still keep JSXXX::toWrapped's VM& parameter since it is possible that we need VM& for querying wrapped one. Once we are confident that we no
longer need it even in the future, we will remove that too in a separate patch.

We also rename Structure::classInfo to Structure::classInfoForCells, and hiding Structure::classInfo function since JSCell::classInfo and
Structure::classInfoForCellsare different.

Tools/DumpRenderTree/TestRunner.cpp:

(setAudioResultCallback):
(TestRunner::setOpenPanelFilesMediaIcon):

Source/JavaScriptCore/API/APICallbackFunction.h:

(JSC::APICallbackFunction::constructImpl):

Source/JavaScriptCore/API/APICast.h:

(toJS):
(toJSForGC):

Source/JavaScriptCore/API/JSAPIGlobalObject.mm:

(JSC::JSAPIGlobalObject::moduleLoaderResolve):

Source/JavaScriptCore/API/JSCallbackConstructor.cpp:

(JSC::JSCallbackConstructor::finishCreation):

Source/JavaScriptCore/API/JSCallbackFunction.cpp:

(JSC::JSCallbackFunction::finishCreation):

Source/JavaScriptCore/API/JSCallbackObjectFunctions.h:

(JSC::JSCallbackObject<Parent>::asCallbackObject):
(JSC::JSCallbackObject<Parent>::finishCreation):
(JSC::JSCallbackObject<Parent>::init):
(JSC::JSCallbackObject<Parent>::getOwnPropertySlot):
(JSC::JSCallbackObject<Parent>::getOwnPropertySlotByIndex):
(JSC::JSCallbackObject<Parent>::customToPrimitive):
(JSC::JSCallbackObject<Parent>::staticFunctionGetterImpl):

Source/JavaScriptCore/API/JSContext.mm:

(-[JSContext evaluateJSScript:]):

Source/JavaScriptCore/API/JSContextRef.cpp:

(JSContextGetGlobalObject):
(JSGlobalContextSetUnhandledRejectionCallback):

Source/JavaScriptCore/API/JSObjectRef.cpp:

(JSObjectGetPrototype):
(JSObjectSetProperty):
(JSObjectSetPropertyForKey):
(JSObjectSetPropertyAtIndex):
(classInfoPrivate):
(JSObjectGetPrivate):
(JSObjectSetPrivate):
(JSObjectGetPrivateProperty):
(JSObjectSetPrivateProperty):
(JSObjectDeletePrivateProperty):
(JSObjectIsFunction):
(JSObjectCallAsFunction):
(JSObjectIsConstructor):
(JSObjectCallAsConstructor):
(JSObjectGetProxyTarget):

Source/JavaScriptCore/API/JSTypedArray.cpp:

(JSValueGetTypedArrayType):
(JSObjectMakeTypedArrayWithArrayBuffer):
(JSObjectMakeTypedArrayWithArrayBufferAndOffset):
(JSObjectGetTypedArrayBytesPtr):
(JSObjectGetTypedArrayLength):
(JSObjectGetTypedArrayByteLength):
(JSObjectGetTypedArrayByteOffset):
(JSObjectGetTypedArrayBuffer):
(JSObjectGetArrayBufferBytesPtr):
(JSObjectGetArrayBufferByteLength):

Source/JavaScriptCore/API/JSValue.mm:

(isDate):
(isArray):
(valueToObjectWithoutCopy):

Source/JavaScriptCore/API/JSValueRef.cpp:

(JSValueIsArray):
(JSValueIsDate):
(JSValueIsObjectOfClass):
(JSValueIsInstanceOfConstructor):

Source/JavaScriptCore/API/JSWeakObjectMapRefPrivate.cpp:
Source/JavaScriptCore/API/JSWrapperMap.mm:

(putNonEnumerable):
(copyMethodsToObject):
(tryUnwrapObjcObject):

Source/JavaScriptCore/API/ObjCCallbackFunction.h:
Source/JavaScriptCore/API/ObjCCallbackFunction.mm:

(tryUnwrapConstructor):

Source/JavaScriptCore/API/glib/JSCClass.cpp:

(isWrappedObject):

Source/JavaScriptCore/API/glib/JSCValue.cpp:

(jsc_value_object_define_property_data):
(jscValueObjectDefinePropertyAccessor):
(jsc_value_is_array_buffer):
(jsc_value_typed_array_get_type):

Source/JavaScriptCore/API/glib/JSCWrapperMap.cpp:

(JSC::WrapperMap::wrappedObject const):

Source/JavaScriptCore/API/tests/JSWrapperMapTests.mm:

(+[JSWrapperMapTests testStructureIdentity]):

Source/JavaScriptCore/bindings/ScriptFunctionCall.cpp:

(Deprecated::ScriptFunctionCall::call):

Source/JavaScriptCore/bindings/ScriptValue.cpp:

(Inspector::jsToInspectorValue):

Source/JavaScriptCore/bytecode/AccessCase.cpp:

(JSC::AccessCase::fromStructureStubInfo):
(JSC::AccessCase::generateImpl):

Source/JavaScriptCore/bytecode/AdaptiveInferredPropertyValueWatchpointBase.cpp:

(JSC::AdaptiveInferredPropertyValueWatchpointBase::install):

Source/JavaScriptCore/bytecode/ArrayProfile.cpp:

(JSC::ArrayProfile::observeIndexedRead):

Source/JavaScriptCore/bytecode/ArrayProfile.h:
Source/JavaScriptCore/bytecode/CallLinkStatus.cpp:

(JSC::CallLinkStatus::filter):

Source/JavaScriptCore/bytecode/CallLinkStatus.h:
Source/JavaScriptCore/bytecode/CallVariant.cpp:

(JSC::CallVariant::filter):

Source/JavaScriptCore/bytecode/CallVariant.h:

(JSC::CallVariant::internalFunction const):
(JSC::CallVariant::function const):
(JSC::CallVariant::isClosureCall const):
(JSC::CallVariant::executable const):
(JSC::CallVariant::functionExecutable const):
(JSC::CallVariant::nativeExecutable const):

Source/JavaScriptCore/bytecode/CodeBlock.cpp:

(JSC::CodeBlock::CodeBlock):
(JSC::CodeBlock::finishCreation):
(JSC::CodeBlock::isConstantOwnedByUnlinkedCodeBlock const):
(JSC::CodeBlock::setConstantRegisters):
(JSC::CodeBlock::determineLiveness):
(JSC::CodeBlock::replacement):
(JSC::CodeBlock::computeCapabilityLevel):
(JSC::CodeBlock::nameForRegister):

Source/JavaScriptCore/bytecode/GetByStatus.cpp:

(JSC::GetByStatus::computeForStubInfoWithoutExitSiteFeedback):

Source/JavaScriptCore/bytecode/InByStatus.cpp:

(JSC::InByStatus::computeForStubInfoWithoutExitSiteFeedback):

Source/JavaScriptCore/bytecode/LLIntPrototypeLoadAdaptiveStructureWatchpoint.cpp:

(JSC::LLIntPrototypeLoadAdaptiveStructureWatchpoint::install):

Source/JavaScriptCore/bytecode/ObjectAllocationProfileInlines.h:

(JSC::ObjectAllocationProfileBase<Derived>::possibleDefaultPropertyCount):

Source/JavaScriptCore/bytecode/ObjectPropertyCondition.cpp:

(JSC::ObjectPropertyCondition::attemptToMakeEquivalenceWithoutBarrier const):

Source/JavaScriptCore/bytecode/ObjectPropertyCondition.h:

(JSC::ObjectPropertyCondition::isValidValueForPresence const):

Source/JavaScriptCore/bytecode/ObjectPropertyConditionSet.cpp:

(JSC::generateConditionsForPrototypePropertyHitCustom):
(JSC::generateConditionsForInstanceOf):
(JSC::prepareChainForCaching):

Source/JavaScriptCore/bytecode/PolyProtoAccessChain.cpp:

(JSC::PolyProtoAccessChain::tryCreate):

Source/JavaScriptCore/bytecode/PropertyCondition.cpp:

(JSC::PropertyCondition::isValidValueForAttributes):
(JSC::PropertyCondition::isValidValueForPresence const):
(JSC::PropertyCondition::attemptToMakeEquivalenceWithoutBarrier const):

Source/JavaScriptCore/bytecode/PropertyCondition.h:
Source/JavaScriptCore/bytecode/PutByStatus.cpp:

(JSC::PutByStatus::computeForStubInfo):

Source/JavaScriptCore/bytecode/Repatch.cpp:

(JSC::jsToWasmICCodePtr):
(JSC::actionForCell):
(JSC::tryCacheGetBy):
(JSC::tryCacheArrayGetByVal):
(JSC::tryCachePutBy):
(JSC::tryCacheArrayPutByVal):
(JSC::repatchDeleteBy):
(JSC::tryCacheInBy):
(JSC::repatchInBy):
(JSC::tryCacheHasPrivateBrand):
(JSC::tryCacheCheckPrivateBrand):
(JSC::tryCacheInstanceOf):
(JSC::linkPolymorphicCall):

Source/JavaScriptCore/bytecode/Repatch.h:
Source/JavaScriptCore/bytecode/RepatchInlines.h:

(JSC::handleHostCall):
(JSC::linkFor):
(JSC::virtualForWithFunction):

Source/JavaScriptCore/bytecode/StructureStubClearingWatchpoint.cpp:

(JSC::StructureTransitionStructureStubClearingWatchpoint::fireInternal):

Source/JavaScriptCore/bytecode/StructureStubInfo.cpp:

(JSC::StructureStubInfo::visitWeakReferences):
(JSC::StructureStubInfo::propagateTransitions):

Source/JavaScriptCore/bytecode/StructureStubInfo.h:

(JSC::StructureStubInfo::inlineAccessBaseStructure):

Source/JavaScriptCore/debugger/Debugger.cpp:

(JSC::Debugger::attach):
(JSC::Debugger::exception):

Source/JavaScriptCore/debugger/DebuggerCallFrame.cpp:

(JSC::DebuggerCallFrame::functionName const):
(JSC::DebuggerCallFrame::scope):
(JSC::DebuggerCallFrame::type const):

Source/JavaScriptCore/debugger/DebuggerScope.cpp:

(JSC::DebuggerScope::create):
(JSC::DebuggerScope::put):
(JSC::DebuggerScope::deleteProperty):
(JSC::DebuggerScope::defineOwnProperty):
(JSC::DebuggerScope::name const):
(JSC::DebuggerScope::location const):

Source/JavaScriptCore/dfg/DFGAbstractInterpreterInlines.h:

(JSC::DFG::isToThisAnIdentity):
(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
(JSC::DFG::AbstractInterpreter<AbstractStateType>::filterICStatus):

Source/JavaScriptCore/dfg/DFGAbstractValue.cpp:

(JSC::DFG::AbstractValue::mergeOSREntryValue):

Source/JavaScriptCore/dfg/DFGAdaptiveStructureWatchpoint.cpp:

(JSC::DFG::AdaptiveStructureWatchpoint::install):

Source/JavaScriptCore/dfg/DFGArgumentsEliminationPhase.cpp:
Source/JavaScriptCore/dfg/DFGArrayMode.cpp:

(JSC::DFG::ArrayMode::refine const):

Source/JavaScriptCore/dfg/DFGByteCodeParser.cpp:

(JSC::DFG::ByteCodeParser::get):
(JSC::DFG::ByteCodeParser::handleIntrinsicCall):
(JSC::DFG::ByteCodeParser::handleTypedArrayConstructor):
(JSC::DFG::ByteCodeParser::handleConstantInternalFunction):
(JSC::DFG::ByteCodeParser::check):
(JSC::DFG::ByteCodeParser::planLoad):
(JSC::DFG::ByteCodeParser::checkPresenceForReplace):
(JSC::DFG::ByteCodeParser::load):
(JSC::DFG::ByteCodeParser::parseBlock):
(JSC::DFG::ByteCodeParser::handlePutByVal):
(JSC::DFG::ByteCodeParser::handleCreateInternalFieldObject):

Source/JavaScriptCore/dfg/DFGConstantFoldingPhase.cpp:

(JSC::DFG::ConstantFoldingPhase::foldConstants):
(JSC::DFG::ConstantFoldingPhase::addStructureTransitionCheck):
(JSC::DFG::ConstantFoldingPhase::tryFoldAsPutByOffset):

Source/JavaScriptCore/dfg/DFGDesiredWeakReferences.cpp:

(JSC::DFG::DesiredWeakReferences::reallyAdd):

Source/JavaScriptCore/dfg/DFGFixupPhase.cpp:

(JSC::DFG::FixupPhase::fixupNode):
(JSC::DFG::FixupPhase::fixupMakeRope):
(JSC::DFG::FixupPhase::setSaneChainIfPossible):

Source/JavaScriptCore/dfg/DFGFrozenValue.h:

(JSC::DFG::FrozenValue::FrozenValue):
(JSC::DFG::FrozenValue::dynamicCast):

Source/JavaScriptCore/dfg/DFGGraph.cpp:

(JSC::DFG::Graph::dump):
(JSC::DFG::Graph::tryGetConstantProperty):
(JSC::DFG::Graph::tryGetConstantClosureVar):
(JSC::DFG::Graph::tryGetFoldableView):
(JSC::DFG::Graph::freeze):
(JSC::DFG::Graph::getRegExpPrototypeProperty):
(JSC::DFG::Graph::isStringPrototypeMethodSane):
(JSC::DFG::Graph::canOptimizeStringObjectAccess):

Source/JavaScriptCore/dfg/DFGGraph.h:
Source/JavaScriptCore/dfg/DFGLazyJSValue.cpp:

(JSC::DFG::LazyJSValue::tryGetStringImpl const):
(JSC::DFG::LazyJSValue::tryGetString const):

Source/JavaScriptCore/dfg/DFGLazyJSValue.h:
Source/JavaScriptCore/dfg/DFGNode.h:

(JSC::DFG::Node::dynamicCastConstant):

Source/JavaScriptCore/dfg/DFGOperations.cpp:

(JSC::DFG::putByVal):
(JSC::DFG::getByValObject):
(JSC::DFG::JSC_DEFINE_JIT_OPERATION):
(JSC::DFG::defineDataProperty):
(JSC::DFG::defineAccessorProperty):
(JSC::DFG::putDynamicVar):

Source/JavaScriptCore/dfg/DFGSafeToExecute.h:

(JSC::DFG::safeToExecute):

Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp:

(JSC::DFG::SpeculativeJIT::compileGetByValOnString):

Source/JavaScriptCore/dfg/DFGSpeculativeJIT32_64.cpp:

(JSC::DFG::SpeculativeJIT::emitCall):

Source/JavaScriptCore/dfg/DFGSpeculativeJIT64.cpp:

(JSC::DFG::SpeculativeJIT::emitCall):

Source/JavaScriptCore/dfg/DFGStrengthReductionPhase.cpp:

(JSC::DFG::StrengthReductionPhase::handleNode):

Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp:

(JSC::FTL::DFG::LowerDFGToB3::compileMakeRope):
(JSC::FTL::DFG::LowerDFGToB3::compileStringCharAtImpl):
(JSC::FTL::DFG::LowerDFGToB3::compileCompareStrictEq):

Source/JavaScriptCore/ftl/FTLOperations.cpp:

(JSC::FTL::JSC_DEFINE_JIT_OPERATION):

Source/JavaScriptCore/heap/GCAssertions.h:
Source/JavaScriptCore/heap/Heap.cpp:

(JSC::GatherExtraHeapData::GatherExtraHeapData):
(JSC::GatherExtraHeapData::operator() const):
(JSC::Heap::gatherExtraHeapData):
(JSC::Heap::protectedObjectTypeCounts):
(JSC::Heap::objectTypeCounts):
(JSC::Heap::addCoreConstraints):

Source/JavaScriptCore/heap/HeapCellType.cpp:

(JSC::DefaultDestroyFunc::operator() const):

Source/JavaScriptCore/heap/HeapSnapshotBuilder.cpp:

(JSC::HeapSnapshotBuilder::descriptionForCell const):
(JSC::HeapSnapshotBuilder::json):

Source/JavaScriptCore/heap/SlotVisitor.cpp:

(JSC::validate):
(JSC::SlotVisitor::visitChildren):

Source/JavaScriptCore/heap/VerifierSlotVisitor.cpp:

(JSC::VerifierSlotVisitor::visitChildren):

Source/JavaScriptCore/inspector/InjectedScriptManager.cpp:

(Inspector::InjectedScriptManager::createInjectedScript):

Source/JavaScriptCore/inspector/JSInjectedScriptHost.cpp:

(Inspector::JSInjectedScriptHost::finishCreation):
(Inspector::JSInjectedScriptHost::isPromiseRejectedWithNativeGetterTypeError):
(Inspector::JSInjectedScriptHost::subtype):
(Inspector::JSInjectedScriptHost::functionDetails):
(Inspector::JSInjectedScriptHost::getInternalProperties):
(Inspector::JSInjectedScriptHost::proxyTargetValue):
(Inspector::JSInjectedScriptHost::weakMapSize):
(Inspector::JSInjectedScriptHost::weakMapEntries):
(Inspector::JSInjectedScriptHost::weakSetSize):
(Inspector::JSInjectedScriptHost::weakSetEntries):
(Inspector::JSInjectedScriptHost::iteratorEntries):
(Inspector::JSInjectedScriptHost::queryInstances):

Source/JavaScriptCore/inspector/JSInjectedScriptHost.h:
Source/JavaScriptCore/inspector/JSInjectedScriptHostPrototype.cpp:

(Inspector::JSInjectedScriptHostPrototype::finishCreation):
(Inspector::JSC_DEFINE_HOST_FUNCTION):

Source/JavaScriptCore/inspector/JSJavaScriptCallFrame.cpp:

(Inspector::JSJavaScriptCallFrame::finishCreation):
(Inspector::JSJavaScriptCallFrame::caller const):
(Inspector::JSJavaScriptCallFrame::scopeChain const):

Source/JavaScriptCore/inspector/JSJavaScriptCallFramePrototype.cpp:

(Inspector::JSJavaScriptCallFramePrototype::finishCreation):
(Inspector::JSC_DEFINE_HOST_FUNCTION):

Source/JavaScriptCore/inspector/ScriptArguments.cpp:

(Inspector::ScriptArguments::getArgumentAtIndexAsString const):

Source/JavaScriptCore/inspector/ScriptCallStackFactory.cpp:

(Inspector::extractSourceInformationFromException):

Source/JavaScriptCore/inspector/agents/InspectorHeapAgent.cpp:

(Inspector::InspectorHeapAgent::snapshot):
(Inspector::InspectorHeapAgent::getPreview):
(Inspector::InspectorHeapAgent::getRemoteObject):

Source/JavaScriptCore/interpreter/CachedCall.h:

(JSC::CachedCall::CachedCall):

Source/JavaScriptCore/interpreter/CallFrame.cpp:

(JSC::CallFrame::convertToStackOverflowFrame):

Source/JavaScriptCore/interpreter/Interpreter.cpp:

(JSC::UnwindFunctor::UnwindFunctor):
(JSC::UnwindFunctor::operator() const):
(JSC::UnwindFunctor::notifyDebuggerOfUnwinding):
(JSC::sanitizeRemoteFunctionException):
(JSC::Interpreter::executeProgram):
(JSC::Interpreter::executeCall):
(JSC::Interpreter::executeConstruct):
(JSC::Interpreter::execute):
(JSC::Interpreter::executeModuleProgram):

Source/JavaScriptCore/interpreter/ShadowChicken.cpp:

(JSC::ShadowChicken::Packet::dump const):
(JSC::ShadowChicken::Frame::dump const):
(JSC::ShadowChicken::update):

Source/JavaScriptCore/interpreter/StackVisitor.cpp:

(JSC::StackVisitor::Frame::calleeSaveRegistersForUnwinding):

Source/JavaScriptCore/jit/JITOperations.cpp:

(JSC::getWrappedValue):
(JSC::JSC_DEFINE_JIT_OPERATION):
(JSC::setPrivateField):
(JSC::definePrivateField):
(JSC::putByVal):
(JSC::putByValOptimize):
(JSC::directPutByValOptimize):
(JSC::putPrivateNameOptimize):
(JSC::newFunctionCommon):
(JSC::getByVal):
(JSC::deleteById):
(JSC::deleteByVal):

Source/JavaScriptCore/jsc.cpp:

(JSC_DEFINE_CUSTOM_SETTER):
(JSC_DEFINE_HOST_FUNCTION):
(checkException):
(runJSC):

Source/JavaScriptCore/llint/LLIntSlowPaths.cpp:

(JSC::LLInt::LLINT_SLOW_PATH_DECL):
(JSC::LLInt::setupGetByIdPrototypeCache):
(JSC::LLInt::performLLIntGetByID):
(JSC::LLInt::getByVal):
(JSC::LLInt::handleHostCall):
(JSC::LLInt::setUpCall):
(JSC::LLInt::llint_throw_stack_overflow_error):

Source/JavaScriptCore/runtime/AbstractModuleRecord.cpp:

(JSC::AbstractModuleRecord::finishCreation):
(JSC::AbstractModuleRecord::link):
(JSC::AbstractModuleRecord::evaluate):

Source/JavaScriptCore/runtime/AggregateErrorConstructor.cpp:

(JSC::AggregateErrorConstructor::finishCreation):

Source/JavaScriptCore/runtime/AggregateErrorPrototype.cpp:

(JSC::AggregateErrorPrototype::finishCreation):

Source/JavaScriptCore/runtime/ArrayBuffer.cpp:

(JSC::ArrayBuffer::notifyDetaching):

Source/JavaScriptCore/runtime/ArrayConstructor.cpp:

(JSC::JSC_DEFINE_HOST_FUNCTION):

Source/JavaScriptCore/runtime/ArrayIteratorPrototype.cpp:

(JSC::ArrayIteratorPrototype::finishCreation):

Source/JavaScriptCore/runtime/ArrayPrototype.cpp:

(JSC::ArrayPrototype::finishCreation):
(JSC::setLength):
(JSC::speciesWatchpointIsValid):
(JSC::holesMustForwardToPrototype):
(JSC::fastJoin):
(JSC::canUseDefaultArrayJoinForToString):
(JSC::JSC_DEFINE_HOST_FUNCTION):
(JSC::toLocaleString):
(JSC::fastIndexOf):
(JSC::moveElements):

Source/JavaScriptCore/runtime/AsyncFromSyncIteratorPrototype.cpp:

(JSC::AsyncFromSyncIteratorPrototype::finishCreation):

Source/JavaScriptCore/runtime/AsyncFunctionPrototype.cpp:

(JSC::AsyncFunctionPrototype::finishCreation):

Source/JavaScriptCore/runtime/AsyncGeneratorFunctionPrototype.cpp:

(JSC::AsyncGeneratorFunctionPrototype::finishCreation):

Source/JavaScriptCore/runtime/AsyncGeneratorPrototype.cpp:

(JSC::AsyncGeneratorPrototype::finishCreation):

Source/JavaScriptCore/runtime/AsyncIteratorPrototype.cpp:

(JSC::AsyncIteratorPrototype::finishCreation):

Source/JavaScriptCore/runtime/AtomicsObject.cpp:

(JSC::AtomicsObject::finishCreation):

Source/JavaScriptCore/runtime/BatchedTransitionOptimizer.h:

(JSC::BatchedTransitionOptimizer::BatchedTransitionOptimizer):

Source/JavaScriptCore/runtime/BigIntConstructor.cpp:

(JSC::BigIntConstructor::finishCreation):

Source/JavaScriptCore/runtime/BigIntObject.cpp:

(JSC::BigIntObject::finishCreation):

Source/JavaScriptCore/runtime/BigIntPrototype.cpp:

(JSC::BigIntPrototype::finishCreation):
(JSC::toThisBigIntValue):

Source/JavaScriptCore/runtime/BooleanObject.cpp:

(JSC::BooleanObject::finishCreation):

Source/JavaScriptCore/runtime/BooleanPrototype.cpp:

(JSC::BooleanPrototype::finishCreation):
(JSC::JSC_DEFINE_HOST_FUNCTION):

Source/JavaScriptCore/runtime/CachedSpecialPropertyAdaptiveStructureWatchpoint.cpp:

(JSC::CachedSpecialPropertyAdaptiveStructureWatchpoint::install):

Source/JavaScriptCore/runtime/CachedTypes.cpp:

(JSC::CachedJSValue::encode):
(JSC::encodeCodeBlock):

Source/JavaScriptCore/runtime/CallData.cpp:

(JSC::call):

Source/JavaScriptCore/runtime/CellSize.h:

(JSC::cellSize):

Source/JavaScriptCore/runtime/ClonedArguments.cpp:

(JSC::ClonedArguments::createEmpty):
(JSC::ClonedArguments::createWithInlineFrame):
(JSC::ClonedArguments::createWithMachineFrame):
(JSC::ClonedArguments::createByCopyingFrom):
(JSC::ClonedArguments::getOwnPropertySlot):
(JSC::ClonedArguments::materializeSpecials):

Source/JavaScriptCore/runtime/CodeCache.cpp:

(JSC::CodeCacheMap::pruneSlowCase):
(JSC::CodeCache::write):
(JSC::writeCodeBlock):

Source/JavaScriptCore/runtime/CodeCache.h:
Source/JavaScriptCore/runtime/CommonSlowPaths.cpp:

(JSC::JSC_DEFINE_COMMON_SLOW_PATH):
(JSC::createInternalFieldObject):
(JSC::iteratorNextTryFastImpl):

Source/JavaScriptCore/runtime/CommonSlowPaths.h:

(JSC::CommonSlowPaths::opInByVal):
(JSC::CommonSlowPaths::originalStructureBeforePut):
(JSC::CommonSlowPaths::putDirectWithReify):
(JSC::CommonSlowPaths::putDirectAccessorWithReify):

Source/JavaScriptCore/runtime/CommonSlowPathsInlines.h:

(JSC::CommonSlowPaths::tryCachePutToScopeGlobal):
(JSC::CommonSlowPaths::tryCacheGetFromScopeGlobal):

Source/JavaScriptCore/runtime/ConsoleObject.cpp:

(JSC::ConsoleObject::finishCreation):

Source/JavaScriptCore/runtime/ConstructData.cpp:

(JSC::construct):

Source/JavaScriptCore/runtime/DateConstructor.cpp:

(JSC::constructDate):

Source/JavaScriptCore/runtime/DateInstance.cpp:

(JSC::DateInstance::finishCreation):

Source/JavaScriptCore/runtime/DatePrototype.cpp:

(JSC::formateDateInstance):
(JSC::DatePrototype::finishCreation):
(JSC::JSC_DEFINE_HOST_FUNCTION):
(JSC::setNewValueFromTimeArgs):
(JSC::setNewValueFromDateArgs):

Source/JavaScriptCore/runtime/DeferredWorkTimer.cpp:

(JSC::DeferredWorkTimer::doWork):

Source/JavaScriptCore/runtime/DirectArguments.h:
Source/JavaScriptCore/runtime/Error.cpp:

(JSC::getStackTrace):
(JSC::addErrorInfo):

Source/JavaScriptCore/runtime/ErrorInstance.cpp:

(JSC::ErrorInstance::finishCreation):
(JSC::ErrorInstance::sanitizedNameString):

Source/JavaScriptCore/runtime/ErrorPrototype.cpp:

(JSC::ErrorPrototypeBase::finishCreation):

Source/JavaScriptCore/runtime/ExceptionHelpers.cpp:

(JSC::errorDescriptionForValue):
(JSC::createError):
(JSC::createInvalidFunctionApplyParameterError):

Source/JavaScriptCore/runtime/FinalizationRegistryConstructor.cpp:

(JSC::JSC_DEFINE_HOST_FUNCTION):

Source/JavaScriptCore/runtime/FinalizationRegistryPrototype.cpp:

(JSC::FinalizationRegistryPrototype::finishCreation):
(JSC::getFinalizationRegistry):
(JSC::JSC_DEFINE_HOST_FUNCTION):

Source/JavaScriptCore/runtime/FunctionPrototype.cpp:

(JSC::FunctionPrototype::finishCreation):
(JSC::JSC_DEFINE_HOST_FUNCTION):
(JSC::JSC_DEFINE_CUSTOM_GETTER):
(JSC::RetrieveCallerFunctionFunctor::operator() const):
(JSC::JSC_DEFINE_CUSTOM_SETTER):

Source/JavaScriptCore/runtime/GeneratorFunctionPrototype.cpp:

(JSC::GeneratorFunctionPrototype::finishCreation):

Source/JavaScriptCore/runtime/GeneratorPrototype.cpp:

(JSC::GeneratorPrototype::finishCreation):

Source/JavaScriptCore/runtime/GenericArgumentsInlines.h:

(JSC::GenericArguments<Type>::getOwnPropertySlot):

Source/JavaScriptCore/runtime/GetterSetter.cpp:

(JSC::GetterSetter::callGetter):
(JSC::GetterSetter::callSetter):

Source/JavaScriptCore/runtime/GetterSetter.h:
Source/JavaScriptCore/runtime/HasOwnPropertyCache.h:

(JSC::HasOwnPropertyCache::tryAdd):

Source/JavaScriptCore/runtime/InternalFunction.cpp:

(JSC::InternalFunction::InternalFunction):
(JSC::InternalFunction::createSubclassStructure):
(JSC::getFunctionRealm):

Source/JavaScriptCore/runtime/IntlCollator.cpp:

(JSC::IntlCollator::finishCreation):

Source/JavaScriptCore/runtime/IntlCollatorPrototype.cpp:

(JSC::IntlCollatorPrototype::finishCreation):
(JSC::JSC_DEFINE_CUSTOM_GETTER):
(JSC::JSC_DEFINE_HOST_FUNCTION):

Source/JavaScriptCore/runtime/IntlDateTimeFormat.cpp:

(JSC::IntlDateTimeFormat::finishCreation):

Source/JavaScriptCore/runtime/IntlDateTimeFormatPrototype.cpp:

(JSC::IntlDateTimeFormatPrototype::finishCreation):
(JSC::IntlDateTimeFormat::handleDateTimeValue):
(JSC::JSC_DEFINE_CUSTOM_GETTER):
(JSC::JSC_DEFINE_HOST_FUNCTION):

Source/JavaScriptCore/runtime/IntlDisplayNames.cpp:

(JSC::IntlDisplayNames::finishCreation):

Source/JavaScriptCore/runtime/IntlDisplayNamesPrototype.cpp:

(JSC::IntlDisplayNamesPrototype::finishCreation):
(JSC::JSC_DEFINE_HOST_FUNCTION):

Source/JavaScriptCore/runtime/IntlListFormat.cpp:

(JSC::IntlListFormat::finishCreation):

Source/JavaScriptCore/runtime/IntlListFormatPrototype.cpp:

(JSC::IntlListFormatPrototype::finishCreation):
(JSC::JSC_DEFINE_HOST_FUNCTION):

Source/JavaScriptCore/runtime/IntlLocale.cpp:

(JSC::IntlLocale::finishCreation):
(JSC::IntlLocale::initializeLocale):

Source/JavaScriptCore/runtime/IntlLocalePrototype.cpp:

(JSC::IntlLocalePrototype::finishCreation):
(JSC::JSC_DEFINE_HOST_FUNCTION):
(JSC::JSC_DEFINE_CUSTOM_GETTER):

Source/JavaScriptCore/runtime/IntlNumberFormat.cpp:

(JSC::IntlNumberFormat::finishCreation):

Source/JavaScriptCore/runtime/IntlNumberFormatPrototype.cpp:

(JSC::IntlNumberFormatPrototype::finishCreation):
(JSC::JSC_DEFINE_CUSTOM_GETTER):
(JSC::JSC_DEFINE_HOST_FUNCTION):

Source/JavaScriptCore/runtime/IntlObject.cpp:

(JSC::createCollatorConstructor):
(JSC::createDateTimeFormatConstructor):
(JSC::createDisplayNamesConstructor):
(JSC::createListFormatConstructor):
(JSC::createLocaleConstructor):
(JSC::createNumberFormatConstructor):
(JSC::createPluralRulesConstructor):
(JSC::createRelativeTimeFormatConstructor):
(JSC::createSegmenterConstructor):
(JSC::IntlObject::finishCreation):
(JSC::canonicalizeLocaleList):

Source/JavaScriptCore/runtime/IntlObjectInlines.h:

(JSC::constructIntlInstanceWithWorkaroundForLegacyIntlConstructor):
(JSC::unwrapForLegacyIntlConstructor):

Source/JavaScriptCore/runtime/IntlPluralRules.cpp:

(JSC::IntlPluralRules::finishCreation):

Source/JavaScriptCore/runtime/IntlPluralRulesPrototype.cpp:

(JSC::IntlPluralRulesPrototype::finishCreation):
(JSC::JSC_DEFINE_HOST_FUNCTION):

Source/JavaScriptCore/runtime/IntlRelativeTimeFormat.cpp:

(JSC::IntlRelativeTimeFormat::finishCreation):

Source/JavaScriptCore/runtime/IntlRelativeTimeFormatPrototype.cpp:

(JSC::IntlRelativeTimeFormatPrototype::finishCreation):
(JSC::JSC_DEFINE_HOST_FUNCTION):

Source/JavaScriptCore/runtime/IntlSegmentIterator.cpp:

(JSC::IntlSegmentIterator::finishCreation):

Source/JavaScriptCore/runtime/IntlSegmentIteratorPrototype.cpp:

(JSC::IntlSegmentIteratorPrototype::finishCreation):
(JSC::JSC_DEFINE_HOST_FUNCTION):

Source/JavaScriptCore/runtime/IntlSegmenter.cpp:

(JSC::IntlSegmenter::finishCreation):

Source/JavaScriptCore/runtime/IntlSegmenterPrototype.cpp:

(JSC::IntlSegmenterPrototype::finishCreation):
(JSC::JSC_DEFINE_HOST_FUNCTION):

Source/JavaScriptCore/runtime/IntlSegments.cpp:

(JSC::IntlSegments::finishCreation):

Source/JavaScriptCore/runtime/IntlSegmentsPrototype.cpp:

(JSC::IntlSegmentsPrototype::finishCreation):
(JSC::JSC_DEFINE_HOST_FUNCTION):

Source/JavaScriptCore/runtime/IteratorOperations.cpp:

(JSC::iteratorNext):
(JSC::iteratorClose):
(JSC::iteratorForIterable):
(JSC::getIterationMode):

Source/JavaScriptCore/runtime/IteratorPrototype.cpp:

(JSC::IteratorPrototype::finishCreation):

Source/JavaScriptCore/runtime/JSArray.cpp:

(JSC::JSArray::eagerlyInitializeButterfly):
(JSC::JSArray::unshiftCountSlowCase):
(JSC::JSArray::appendMemcpy):
(JSC::JSArray::fastSlice):
(JSC::JSArray::shiftCountWithArrayStorage):
(JSC::JSArray::shiftCountWithAnyIndexingType):
(JSC::JSArray::unshiftCountWithArrayStorage):
(JSC::JSArray::isIteratorProtocolFastAndNonObservable):

Source/JavaScriptCore/runtime/JSArray.h:

(JSC::JSArray::finishCreation):
(JSC::asArray):
(JSC::isJSArray):

Source/JavaScriptCore/runtime/JSArrayBuffer.h:

(JSC::toPossiblySharedArrayBuffer):

Source/JavaScriptCore/runtime/JSArrayBufferConstructor.cpp:

(JSC::JSC_DEFINE_HOST_FUNCTION):

Source/JavaScriptCore/runtime/JSArrayBufferPrototype.cpp:

(JSC::arrayBufferSpeciesConstructorSlow):
(JSC::arrayBufferSlice):
(JSC::arrayBufferByteLength):

Source/JavaScriptCore/runtime/JSArrayBufferPrototypeInlines.h:

(JSC::speciesWatchpointIsValid):
(JSC::arrayBufferSpeciesConstructor):

Source/JavaScriptCore/runtime/JSArrayBufferView.cpp:

(JSC::JSArrayBufferView::finishCreation):
(JSC::JSArrayBufferView::unsharedJSBuffer):
(JSC::JSArrayBufferView::possiblySharedJSBuffer):
(JSC::JSArrayBufferView::slowDownAndWasteMemory):
(JSC::validateTypedArray):

Source/JavaScriptCore/runtime/JSArrayBufferViewInlines.h:

(JSC::JSArrayBufferView::toWrapped):
(JSC::JSArrayBufferView::toWrappedAllowShared):

Source/JavaScriptCore/runtime/JSArrayInlines.h:

(JSC::JSArray::canFastCopy):
(JSC::JSArray::canDoFastIndexedAccess):
(JSC::JSArray::pushInline):

Source/JavaScriptCore/runtime/JSAsyncFunction.cpp:

(JSC::JSAsyncFunction::createImpl):
(JSC::JSAsyncFunction::create):
(JSC::JSAsyncFunction::createWithInvalidatedReallocationWatchpoint):

Source/JavaScriptCore/runtime/JSAsyncGeneratorFunction.cpp:

(JSC::JSAsyncGeneratorFunction::createImpl):
(JSC::JSAsyncGeneratorFunction::create):
(JSC::JSAsyncGeneratorFunction::createWithInvalidatedReallocationWatchpoint):

Source/JavaScriptCore/runtime/JSBoundFunction.cpp:

(JSC::JSC_DEFINE_HOST_FUNCTION):
(JSC::getBoundFunctionStructure):
(JSC::JSBoundFunction::create):
(JSC::JSBoundFunction::finishCreation):

Source/JavaScriptCore/runtime/JSCJSValue.cpp:

(JSC::JSValue::putToPrimitive):
(JSC::JSValue::dumpForBacktrace const):
(JSC::JSValue::toWTFStringForConsole const):

Source/JavaScriptCore/runtime/JSCJSValue.h:
Source/JavaScriptCore/runtime/JSCJSValueInlines.h:

(JSC::JSValue::isCallable const):
(JSC::JSValue::isCallableWithConcurrency const):
(JSC::JSValue::isConstructor const):
(JSC::JSValue::isConstructorWithConcurrency const):
(JSC::JSValue::inherits const):
(JSC::JSValue::classInfoOrNull const):
(JSC::JSValue::toThis const):
(JSC::JSValue::put):
(JSC::JSValue::putByIndex):
(JSC::JSValue::structureOrNull const):
(JSC::JSValue::equalSlowCaseInline):

Source/JavaScriptCore/runtime/JSCallee.cpp:

(JSC::JSCallee::finishCreation):

Source/JavaScriptCore/runtime/JSCast.h:

(JSC::jsCast):
(JSC::JSCastingHelpers::FinalTypeDispatcher::inheritsGeneric):
(JSC::JSCastingHelpers::inheritsJSTypeImpl):
(JSC::JSCastingHelpers::InheritsTraits::inherits):
(JSC::JSCastingHelpers::inherits):
(JSC::jsDynamicCast):
(JSC::jsSecureCast):

Source/JavaScriptCore/runtime/JSCell.cpp:

(JSC::JSCell::dump const):
(JSC::JSCell::dumpToStream):
(JSC::JSCell::estimatedSizeInBytes const):
(JSC::JSCell::put):
(JSC::JSCell::putByIndex):
(JSC::JSCell::deleteProperty):
(JSC::JSCell::deletePropertyByIndex):
(JSC::JSCell::className const):

Source/JavaScriptCore/runtime/JSCell.h:
Source/JavaScriptCore/runtime/JSCellInlines.h:

(JSC::JSCell::visitChildrenImpl):
(JSC::JSCell::isCallableWithConcurrency):
(JSC::JSCell::isConstructorWithConcurrency):
(JSC::JSCell::isCallable):
(JSC::JSCell::isConstructor):
(JSC::JSCell::setStructure):
(JSC::JSCell::methodTable const):
(JSC::JSCell::inherits const):
(JSC::JSCell::classInfo const):
(JSC::JSCell::toBoolean const):
(JSC::JSCell::putInline):

Source/JavaScriptCore/runtime/JSCustomGetterFunction.cpp:

(JSC::JSC_DEFINE_HOST_FUNCTION):

Source/JavaScriptCore/runtime/JSDataViewPrototype.cpp:

(JSC::JSDataViewPrototype::finishCreation):
(JSC::getData):
(JSC::setData):
(JSC::JSC_DEFINE_CUSTOM_GETTER):

Source/JavaScriptCore/runtime/JSFinalizationRegistry.cpp:

(JSC::JSFinalizationRegistry::finishCreation):
(JSC::JSFinalizationRegistry::registerTarget):

Source/JavaScriptCore/runtime/JSFunction.cpp:

(JSC::JSFunction::create):
(JSC::JSFunction::finishCreation):
(JSC::JSFunction::name):
(JSC::JSFunction::toString):
(JSC::getCalculatedDisplayName):
(JSC::JSFunction::reifyLength):
(JSC::JSFunction::reifyLazyPropertyIfNeeded):
(JSC::JSFunction::reifyLazyPropertyForHostOrBuiltinIfNeeded):
(JSC::JSFunction::reifyLazyBoundNameIfNeeded):
(JSC::JSFunction::assertTypeInfoFlagInvariants):

Source/JavaScriptCore/runtime/JSFunction.h:

(JSC::JSFunction::createImpl):

Source/JavaScriptCore/runtime/JSFunctionInlines.h:

(JSC::JSFunction::createWithInvalidatedReallocationWatchpoint):
(JSC::JSFunction::isRemoteFunction const):
(JSC::isRemoteFunction):
(JSC::JSFunction::asStringConcurrently const):

Source/JavaScriptCore/runtime/JSGeneratorFunction.cpp:

(JSC::JSGeneratorFunction::createImpl):
(JSC::JSGeneratorFunction::create):
(JSC::JSGeneratorFunction::createWithInvalidatedReallocationWatchpoint):

Source/JavaScriptCore/runtime/JSGenericTypedArrayView.h:

(JSC::toPossiblySharedNativeTypedView):

Source/JavaScriptCore/runtime/JSGenericTypedArrayViewConstructorInlines.h:

(JSC::constructCustomArrayBufferIfNeeded):
(JSC::constructGenericTypedArrayViewWithArguments):
(JSC::constructGenericTypedArrayViewImpl):

Source/JavaScriptCore/runtime/JSGenericTypedArrayViewInlines.h:

(JSC::JSGenericTypedArrayView<Adaptor>::set):

Source/JavaScriptCore/runtime/JSGenericTypedArrayViewPrototypeFunctions.h:

(JSC::speciesConstruct):
(JSC::genericTypedArrayViewProtoFuncSet):
(JSC::genericTypedArrayViewProtoFuncSlice):
(JSC::genericTypedArrayViewPrivateFuncSubarrayCreate):

Source/JavaScriptCore/runtime/JSGenericTypedArrayViewPrototypeInlines.h:

(JSC::JSGenericTypedArrayViewPrototype<ViewClass>::finishCreation):

Source/JavaScriptCore/runtime/JSGlobalObject.cpp:

(JSC::JSC_DEFINE_HOST_FUNCTION):
(JSC::setupAdaptiveWatchpoint):
(JSC::JSGlobalObject::init):
(JSC::lastInPrototypeChain):
(JSC::JSGlobalObject::haveABadTime):
(JSC::JSGlobalObject::fixupPrototypeChainWithObjectPrototype):
(JSC::JSGlobalObject::resetPrototype):
(JSC::JSGlobalObject::tryInstallSpeciesWatchpoint):
(JSC::JSGlobalObject::finishCreation):

Source/JavaScriptCore/runtime/JSGlobalObjectFunctions.cpp:

(JSC::JSC_DEFINE_HOST_FUNCTION):

Source/JavaScriptCore/runtime/JSGlobalObjectInlines.h:

(JSC::JSGlobalObject::arrayPrototypeChainIsSane):
(JSC::JSGlobalObject::stringPrototypeChainIsSane):

Source/JavaScriptCore/runtime/JSInternalPromise.cpp:

(JSC::JSInternalPromise::then):

Source/JavaScriptCore/runtime/JSLexicalEnvironment.cpp:

(JSC::JSLexicalEnvironment::getOwnPropertySlot):
(JSC::JSLexicalEnvironment::put):

Source/JavaScriptCore/runtime/JSMap.cpp:

(JSC::JSMap::isIteratorProtocolFastAndNonObservable):

Source/JavaScriptCore/runtime/JSMicrotask.cpp:

(JSC::JSMicrotask::run):

Source/JavaScriptCore/runtime/JSModuleEnvironment.cpp:

(JSC::JSModuleEnvironment::getOwnPropertySlot):

Source/JavaScriptCore/runtime/JSModuleLoader.cpp:

(JSC::JSModuleLoader::finishCreation):
(JSC::JSModuleLoader::dependencyKeysIfEvaluated):
(JSC::JSModuleLoader::provideFetch):
(JSC::JSModuleLoader::loadAndEvaluateModule):
(JSC::JSModuleLoader::loadModule):
(JSC::JSModuleLoader::linkAndEvaluateModule):
(JSC::JSModuleLoader::requestImportModule):
(JSC::JSModuleLoader::evaluateNonVirtual):
(JSC::JSModuleLoader::getModuleNamespaceObject):
(JSC::JSC_DEFINE_HOST_FUNCTION):

Source/JavaScriptCore/runtime/JSModuleNamespaceObject.cpp:

(JSC::JSModuleNamespaceObject::finishCreation):

Source/JavaScriptCore/runtime/JSModuleNamespaceObject.h:
Source/JavaScriptCore/runtime/JSModuleRecord.cpp:

(JSC::JSModuleRecord::finishCreation):

Source/JavaScriptCore/runtime/JSNativeStdFunction.cpp:

(JSC::JSNativeStdFunction::finishCreation):

Source/JavaScriptCore/runtime/JSONObject.cpp:

(JSC::JSONObject::finishCreation):
(JSC::unwrapBoxedPrimitive):
(JSC::Stringifier::Stringifier):
(JSC::Stringifier::toJSON):
(JSC::Stringifier::appendStringifiedValue):
(JSC::Stringifier::Holder::appendNextProperty):
(JSC::Walker::walk):
(JSC::JSC_DEFINE_HOST_FUNCTION):

Source/JavaScriptCore/runtime/JSObject.cpp:

(JSC::JSObject::visitButterflyImpl):
(JSC::JSObject::estimatedSize):
(JSC::JSObject::calculatedClassName):
(JSC::JSObject::getOwnPropertySlotByIndex):
(JSC::ordinarySetSlow):
(JSC::JSObject::putInlineSlow):
(JSC::definePropertyOnReceiverSlow):
(JSC::JSObject::definePropertyOnReceiver):
(JSC::JSObject::putInlineFastReplacingStaticPropertyIfNeeded):
(JSC::JSObject::putByIndex):
(JSC::JSObject::enterDictionaryIndexingModeWhenArrayStorageAlreadyExists):
(JSC::JSObject::notifyPresenceOfIndexedAccessors):
(JSC::JSObject::createInitialIndexedStorage):
(JSC::JSObject::createArrayStorage):
(JSC::JSObject::createInitialArrayStorage):
(JSC::JSObject::convertUndecidedToInt32):
(JSC::JSObject::convertUndecidedToDouble):
(JSC::JSObject::convertUndecidedToContiguous):
(JSC::JSObject::constructConvertedArrayStorageWithoutCopyingElements):
(JSC::JSObject::convertUndecidedToArrayStorage):
(JSC::JSObject::convertInt32ToDouble):
(JSC::JSObject::convertInt32ToContiguous):
(JSC::JSObject::convertInt32ToArrayStorage):
(JSC::JSObject::convertDoubleToContiguous):
(JSC::JSObject::convertDoubleToArrayStorage):
(JSC::JSObject::convertContiguousToArrayStorage):
(JSC::JSObject::convertFromCopyOnWrite):
(JSC::JSObject::tryMakeWritableInt32Slow):
(JSC::JSObject::tryMakeWritableDoubleSlow):
(JSC::JSObject::tryMakeWritableContiguousSlow):
(JSC::JSObject::ensureArrayStorageSlow):
(JSC::JSObject::switchToSlowPutArrayStorage):
(JSC::JSObject::setPrototypeDirect):
(JSC::JSObject::setPrototypeWithCycleCheck):
(JSC::JSObject::getPrototype):
(JSC::JSObject::setPrototype):
(JSC::JSObject::putDirectCustomAccessor):
(JSC::JSObject::putDirectNonIndexAccessor):
(JSC::JSObject::hasEnumerableProperty const):
(JSC::JSObject::deleteProperty):
(JSC::callToPrimitiveFunction):
(JSC::JSObject::ordinaryToPrimitive const):
(JSC::JSObject::getOwnStaticPropertySlot):
(JSC::JSObject::findPropertyHashEntry const):
(JSC::JSObject::hasInstance):
(JSC::JSObject::getPropertyNames):
(JSC::JSObject::getOwnNonIndexPropertyNames):
(JSC::JSObject::seal):
(JSC::JSObject::freeze):
(JSC::JSObject::preventExtensions):
(JSC::JSObject::isExtensible):
(JSC::JSObject::reifyAllStaticProperties):
(JSC::JSObject::fillGetterPropertySlot):
(JSC::canDoFastPutDirectIndex):
(JSC::JSObject::defineOwnIndexedProperty):
(JSC::JSObject::putByIndexBeyondVectorLengthWithoutAttributes):
(JSC::JSObject::putByIndexBeyondVectorLengthWithArrayStorage):
(JSC::JSObject::putByIndexBeyondVectorLength):
(JSC::JSObject::putDirectIndexBeyondVectorLengthWithArrayStorage):
(JSC::JSObject::putDirectIndexSlowOrBeyondVectorLength):
(JSC::JSObject::getNewVectorLength):
(JSC::JSObject::increaseVectorLength):
(JSC::JSObject::ensureLengthSlow):
(JSC::JSObject::reallocateAndShrinkButterfly):
(JSC::JSObject::allocateMoreOutOfLineStorage):
(JSC::JSObject::getOwnPropertyDescriptor):
(JSC::JSObject::convertToDictionary):
(JSC::JSObject::convertToUncacheableDictionary):
(JSC::JSObject::shiftButterflyAfterFlattening):
(JSC::JSObject::getEnumerableLength):
(JSC::JSObject::getMethod):
(JSC::JSObject::anyObjectInChainMayInterceptIndexedAccesses const):
(JSC::JSObject::needsSlowPutIndexing const):
(JSC::JSObject::suggestedArrayStorageTransition const):

Source/JavaScriptCore/runtime/JSObject.h:

(JSC::JSObject::putByIndexInline):
(JSC::JSObject::hasIndexingHeader const):
(JSC::JSObject::getDirectIndex):
(JSC::JSObject::getDirect const):
(JSC::JSObject::getDirectOffset):
(JSC::JSObject::hasCustomProperties):
(JSC::JSObject::hasGetterSetterProperties):
(JSC::JSObject::hasCustomGetterSetterProperties):
(JSC::JSObject::hasNonReifiedStaticProperties):
(JSC::JSObject::isSealed):
(JSC::JSObject::isFrozen):
(JSC::JSObject::isStructureExtensible):
(JSC::JSObject::indexingShouldBeSparse):
(JSC::JSObject::staticPropertiesReified):
(JSC::JSObject::flattenDictionaryObject):
(JSC::JSObject::finishCreation):
(JSC::JSNonFinalObject::finishCreation):
(JSC::JSObject::getPrototypeDirect const):
(JSC::JSObject::getPrototype):
(JSC::JSObject::getOwnNonIndexPropertySlot):
(JSC::JSObject::fillCustomGetterPropertySlot):
(JSC::JSObject::getOwnPropertySlotImpl):
(JSC::JSObject::butterflyPreCapacity):
(JSC::JSObject::butterflyTotalSize):

Source/JavaScriptCore/runtime/JSObjectInlines.h:

(JSC::JSObject::canPerformFastPutInlineExcludingProto):
(JSC::JSObject::canPerformFastPutInline):
(JSC::JSObject::getPropertySlot):
(JSC::JSObject::getNonIndexPropertySlot):
(JSC::JSObject::getOwnPropertySlotInline):
(JSC::JSObject::mayInterceptIndexedAccesses):
(JSC::JSObject::putInlineForJSObject):
(JSC::JSObject::createDataProperty):
(JSC::JSObject::hasOwnProperty const):
(JSC::JSObject::putDirectInternal):
(JSC::JSObject::validatePutOwnDataProperty):
(JSC::getCallData):
(JSC::getConstructData):
(JSC::JSObject::deleteProperty):
(JSC::JSObject::getPrivateFieldSlot):
(JSC::JSObject::hasPrivateField):
(JSC::JSObject::getNonReifiedStaticPropertyNames):
(JSC::JSObject::hasPrivateBrand):
(JSC::JSObject::checkPrivateBrand):
(JSC::JSObject::setPrivateBrand):

Source/JavaScriptCore/runtime/JSPromise.cpp:

(JSC::JSPromise::createNewPromiseCapability):
(JSC::JSPromise::resolvedPromise):
(JSC::callFunction):
(JSC::JSPromise::resolve):
(JSC::JSPromise::reject):
(JSC::JSPromise::performPromiseThen):

Source/JavaScriptCore/runtime/JSPropertyNameEnumerator.cpp:

(JSC::getEnumerablePropertyNames):

Source/JavaScriptCore/runtime/JSPropertyNameEnumerator.h:

(JSC::propertyNameEnumerator):

Source/JavaScriptCore/runtime/JSProxy.cpp:

(JSC::JSProxy::setTarget):
(JSC::JSProxy::getOwnPropertySlot):
(JSC::JSProxy::getOwnPropertySlotByIndex):
(JSC::JSProxy::put):
(JSC::JSProxy::putByIndex):
(JSC::JSProxy::defineOwnProperty):
(JSC::JSProxy::deleteProperty):
(JSC::JSProxy::isExtensible):
(JSC::JSProxy::preventExtensions):
(JSC::JSProxy::deletePropertyByIndex):
(JSC::JSProxy::getOwnPropertyNames):
(JSC::JSProxy::setPrototype):
(JSC::JSProxy::getPrototype):

Source/JavaScriptCore/runtime/JSRemoteFunction.cpp:

(JSC::wrapValue):
(JSC::JSC_DEFINE_HOST_FUNCTION):
(JSC::JSRemoteFunction::tryCreate):
(JSC::JSRemoteFunction::finishCreation):

Source/JavaScriptCore/runtime/JSScope.cpp:

(JSC::abstractAccess):
(JSC::JSScope::resolve):
(JSC::JSScope::resolveScopeForHoistingFuncDeclInEval):
(JSC::JSScope::symbolTable):

Source/JavaScriptCore/runtime/JSScope.h:
Source/JavaScriptCore/runtime/JSSet.cpp:

(JSC::JSSet::isIteratorProtocolFastAndNonObservable):

Source/JavaScriptCore/runtime/JSString.cpp:

(JSC::JSString::dumpToStream):

Source/JavaScriptCore/runtime/JSStringIterator.cpp:

(JSC::JSStringIterator::finishCreation):

Source/JavaScriptCore/runtime/JSTypedArrayViewPrototype.cpp:

(JSC::JSC_DEFINE_HOST_FUNCTION):
(JSC::JSTypedArrayViewPrototype::finishCreation):

Source/JavaScriptCore/runtime/Lookup.cpp:

(JSC::reifyStaticAccessor):
(JSC::setUpStaticFunctionSlot):

Source/JavaScriptCore/runtime/Lookup.h:

(JSC::getStaticPropertySlotFromTable):
(JSC::reifyStaticProperty):

Source/JavaScriptCore/runtime/MapConstructor.cpp:

(JSC::JSC_DEFINE_HOST_FUNCTION):

Source/JavaScriptCore/runtime/MapIteratorPrototype.cpp:

(JSC::MapIteratorPrototype::finishCreation):

Source/JavaScriptCore/runtime/MapPrototype.cpp:

(JSC::MapPrototype::finishCreation):
(JSC::getMap):

Source/JavaScriptCore/runtime/MathObject.cpp:

(JSC::MathObject::finishCreation):

Source/JavaScriptCore/runtime/NativeErrorConstructor.cpp:

(JSC::NativeErrorConstructorBase::finishCreation):

Source/JavaScriptCore/runtime/NumberConstructor.cpp:

(JSC::NumberConstructor::finishCreation):

Source/JavaScriptCore/runtime/NumberObject.cpp:

(JSC::NumberObject::finishCreation):

Source/JavaScriptCore/runtime/NumberPrototype.cpp:

(JSC::NumberPrototype::finishCreation):
(JSC::toThisNumber):
(JSC::JSC_DEFINE_HOST_FUNCTION):

Source/JavaScriptCore/runtime/ObjectConstructor.cpp:

(JSC::objectConstructorGetOwnPropertyDescriptors):
(JSC::objectAssignGeneric):
(JSC::JSC_DEFINE_HOST_FUNCTION):
(JSC::toPropertyDescriptor):
(JSC::defineProperties):
(JSC::setIntegrityLevel):
(JSC::testIntegrityLevel):
(JSC::objectConstructorSeal):
(JSC::objectConstructorFreeze):
(JSC::ownPropertyKeys):

Source/JavaScriptCore/runtime/ObjectConstructorInlines.h:

(JSC::objectAssignFast):

Source/JavaScriptCore/runtime/ObjectInitializationScope.cpp:

(JSC::ObjectInitializationScope::verifyPropertiesAreInitialized):

Source/JavaScriptCore/runtime/ObjectPrototype.cpp:

(JSC::ObjectPrototype::finishCreation):
(JSC::objectPrototypeHasOwnProperty):
(JSC::JSC_DEFINE_HOST_FUNCTION):
(JSC::inferBuiltinTag):
(JSC::objectPrototypeToString):

Source/JavaScriptCore/runtime/Operations.cpp:

(JSC::jsTypeStringForValueWithConcurrency):
(JSC::normalizePrototypeChain):

Source/JavaScriptCore/runtime/Operations.h:

(JSC::jsTypeofIsObjectWithConcurrency):
(JSC::jsTypeofIsFunctionWithConcurrency):

Source/JavaScriptCore/runtime/ProgramExecutable.cpp:

(JSC::ProgramExecutable::initializeGlobalProperties):

Source/JavaScriptCore/runtime/PropertySlot.cpp:

(JSC::PropertySlot::customGetter const):

Source/JavaScriptCore/runtime/ProxyObject.cpp:

(JSC::ProxyObject::structureForTarget):
(JSC::ProxyObject::finishCreation):
(JSC::ProxyObject::performInternalMethodGetOwnProperty):
(JSC::ProxyObject::put):
(JSC::ProxyObject::putByIndexCommon):
(JSC::JSC_DEFINE_HOST_FUNCTION):
(JSC::ProxyObject::deleteProperty):
(JSC::ProxyObject::deletePropertyByIndex):
(JSC::ProxyObject::performPreventExtensions):
(JSC::ProxyObject::performDefineOwnProperty):
(JSC::ProxyObject::performGetOwnPropertyNames):

Source/JavaScriptCore/runtime/ReflectObject.cpp:

(JSC::ReflectObject::finishCreation):
(JSC::JSC_DEFINE_HOST_FUNCTION):

Source/JavaScriptCore/runtime/RegExpConstructor.cpp:

(JSC::RegExpConstructor::finishCreation):
(JSC::constructRegExp):

Source/JavaScriptCore/runtime/RegExpConstructor.h:

(JSC::isRegExp):

Source/JavaScriptCore/runtime/RegExpObject.cpp:

(JSC::RegExpObject::finishCreation):

Source/JavaScriptCore/runtime/RegExpPrototype.cpp:

(JSC::RegExpPrototype::finishCreation):
(JSC::JSC_DEFINE_HOST_FUNCTION):

Source/JavaScriptCore/runtime/RegExpStringIteratorPrototype.cpp:

(JSC::RegExpStringIteratorPrototype::finishCreation):

Source/JavaScriptCore/runtime/RuntimeType.cpp:

(JSC::runtimeTypeForValue):

Source/JavaScriptCore/runtime/RuntimeType.h:
Source/JavaScriptCore/runtime/SamplingProfiler.cpp:

(JSC::SamplingProfiler::processUnverifiedStackTraces):
(JSC::SamplingProfiler::StackFrame::nameFromCallee):
(JSC::SamplingProfiler::reportTopBytecodes):

Source/JavaScriptCore/runtime/ScriptExecutable.cpp:

(JSC::ScriptExecutable::installCode):
(JSC::ScriptExecutable::hasClearableCode const):
(JSC::ScriptExecutable::newCodeBlockFor):
(JSC::ScriptExecutable::newReplacementCodeBlockFor):
(JSC::ScriptExecutable::prepareForExecutionImpl):
(JSC::ScriptExecutable::overrideLineNumber const):
(JSC::ScriptExecutable::typeProfilingStartOffset const):
(JSC::ScriptExecutable::typeProfilingEndOffset const):

Source/JavaScriptCore/runtime/ScriptExecutable.h:
Source/JavaScriptCore/runtime/SetConstructor.cpp:

(JSC::JSC_DEFINE_HOST_FUNCTION):

Source/JavaScriptCore/runtime/SetIteratorPrototype.cpp:

(JSC::SetIteratorPrototype::finishCreation):

Source/JavaScriptCore/runtime/SetPrototype.cpp:

(JSC::SetPrototype::finishCreation):
(JSC::getSet):

Source/JavaScriptCore/runtime/ShadowRealmObject.cpp:

(JSC::ShadowRealmObject::finishCreation):

Source/JavaScriptCore/runtime/ShadowRealmPrototype.cpp:

(JSC::ShadowRealmPrototype::finishCreation):
(JSC::JSC_DEFINE_HOST_FUNCTION):

Source/JavaScriptCore/runtime/SparseArrayValueMap.cpp:

(JSC::SparseArrayValueMap::putEntry):
(JSC::SparseArrayValueMap::putDirect):

Source/JavaScriptCore/runtime/StringIteratorPrototype.cpp:

(JSC::StringIteratorPrototype::finishCreation):

Source/JavaScriptCore/runtime/StringObject.cpp:

(JSC::StringObject::finishCreation):

Source/JavaScriptCore/runtime/StringPrototype.cpp:

(JSC::StringPrototype::finishCreation):
(JSC::replaceUsingRegExpSearch):
(JSC::replaceUsingStringSearch):
(JSC::replace):
(JSC::JSC_DEFINE_HOST_FUNCTION):

Source/JavaScriptCore/runtime/Structure.cpp:

(JSC::Structure::materializePropertyTable):
(JSC::Structure::holesMustForwardToPrototype const):
(JSC::Structure::flattenDictionaryStructure):

Source/JavaScriptCore/runtime/Structure.h:
Source/JavaScriptCore/runtime/StructureCache.cpp:

(JSC::StructureCache::emptyStructureForPrototypeFromBaseStructure):

Source/JavaScriptCore/runtime/StructureChain.cpp:

(JSC::StructureChain::create):
(JSC::StructureChain::finishCreation):

Source/JavaScriptCore/runtime/StructureInlines.h:

(JSC::Structure::create):
(JSC::Structure::get):
(JSC::Structure::prototypeChain const):
(JSC::Structure::isValid const):
(JSC::Structure::shouldConvertToPolyProto):

Source/JavaScriptCore/runtime/StructureRareData.cpp:

(JSC::StructureRareData::cacheSpecialPropertySlow):

Source/JavaScriptCore/runtime/Symbol.cpp:

(JSC::Symbol::finishCreation):

Source/JavaScriptCore/runtime/SymbolObject.cpp:

(JSC::SymbolObject::finishCreation):

Source/JavaScriptCore/runtime/SymbolPrototype.cpp:

(JSC::SymbolPrototype::finishCreation):
(JSC::tryExtractSymbol):
(JSC::JSC_DEFINE_CUSTOM_GETTER):
(JSC::JSC_DEFINE_HOST_FUNCTION):

Source/JavaScriptCore/runtime/TemporalCalendarPrototype.cpp:

(JSC::TemporalCalendarPrototype::finishCreation):
(JSC::JSC_DEFINE_HOST_FUNCTION):
(JSC::defaultMergeFields):

Source/JavaScriptCore/runtime/TemporalDuration.cpp:

(JSC::TemporalDuration::finishCreation):
(JSC::TemporalDuration::fromDurationLike):
(JSC::TemporalDuration::toTemporalDuration):
(JSC::TemporalDuration::from):

Source/JavaScriptCore/runtime/TemporalDurationPrototype.cpp:

(JSC::TemporalDurationPrototype::finishCreation):
(JSC::JSC_DEFINE_HOST_FUNCTION):
(JSC::JSC_DEFINE_CUSTOM_GETTER):

Source/JavaScriptCore/runtime/TemporalInstant.cpp:
Source/JavaScriptCore/runtime/TemporalInstantPrototype.cpp:

(JSC::TemporalInstantPrototype::finishCreation):
(JSC::JSC_DEFINE_HOST_FUNCTION):
(JSC::JSC_DEFINE_CUSTOM_GETTER):

Source/JavaScriptCore/runtime/TemporalNow.cpp:

(JSC::TemporalNow::finishCreation):

Source/JavaScriptCore/runtime/TemporalObject.cpp:

(JSC::createCalendarConstructor):
(JSC::createNowObject):
(JSC::createDurationConstructor):
(JSC::createInstantConstructor):
(JSC::createPlainDateConstructor):
(JSC::createPlainTimeConstructor):
(JSC::createTimeZoneConstructor):
(JSC::TemporalObject::finishCreation):

Source/JavaScriptCore/runtime/TemporalPlainDate.cpp:

(JSC::TemporalPlainDate::finishCreation):

Source/JavaScriptCore/runtime/TemporalPlainDateConstructor.cpp:

(JSC::JSC_DEFINE_HOST_FUNCTION):

Source/JavaScriptCore/runtime/TemporalPlainDatePrototype.cpp:

(JSC::TemporalPlainDatePrototype::finishCreation):
(JSC::JSC_DEFINE_HOST_FUNCTION):
(JSC::JSC_DEFINE_CUSTOM_GETTER):

Source/JavaScriptCore/runtime/TemporalPlainTime.cpp:

(JSC::TemporalPlainTime::finishCreation):
(JSC::getTemporalCalendarWithISODefault):
(JSC::TemporalPlainTime::from):
(JSC::TemporalPlainTime::with const):

Source/JavaScriptCore/runtime/TemporalPlainTimeConstructor.cpp:

(JSC::JSC_DEFINE_HOST_FUNCTION):

Source/JavaScriptCore/runtime/TemporalPlainTimePrototype.cpp:

(JSC::TemporalPlainTimePrototype::finishCreation):
(JSC::JSC_DEFINE_HOST_FUNCTION):
(JSC::JSC_DEFINE_CUSTOM_GETTER):

Source/JavaScriptCore/runtime/TemporalTimeZonePrototype.cpp:

(JSC::TemporalTimeZonePrototype::finishCreation):
(JSC::JSC_DEFINE_HOST_FUNCTION):

Source/JavaScriptCore/runtime/TestRunnerUtils.cpp:

(JSC::getExecutableForFunction):

Source/JavaScriptCore/runtime/ThrowScope.cpp:

(JSC::ThrowScope::throwException):

Source/JavaScriptCore/runtime/TypeProfilerLog.cpp:

(JSC::TypeProfilerLog::processLogEntries):

Source/JavaScriptCore/runtime/VM.cpp:

(JSC::VM::throwException):
(JSC::VM::callPromiseRejectionCallback):

Source/JavaScriptCore/runtime/WeakMapConstructor.cpp:

(JSC::JSC_DEFINE_HOST_FUNCTION):

Source/JavaScriptCore/runtime/WeakMapPrototype.cpp:

(JSC::WeakMapPrototype::finishCreation):
(JSC::getWeakMap):

Source/JavaScriptCore/runtime/WeakObjectRefPrototype.cpp:

(JSC::WeakObjectRefPrototype::finishCreation):
(JSC::getWeakRef):

Source/JavaScriptCore/runtime/WeakSetConstructor.cpp:

(JSC::JSC_DEFINE_HOST_FUNCTION):

Source/JavaScriptCore/runtime/WeakSetPrototype.cpp:

(JSC::WeakSetPrototype::finishCreation):
(JSC::getWeakSet):

Source/JavaScriptCore/tools/HeapVerifier.cpp:

(JSC::HeapVerifier::validateJSCell):
(JSC::HeapVerifier::reportCell):

Source/JavaScriptCore/tools/JSDollarVM.cpp:

(JSC::JSC_DEFINE_HOST_FUNCTION):
(JSC::getExecutableForFunction):
(JSC::codeBlockFromArg):
(JSC::callWithStackSizeProbeFunction):
(JSC::JSC_DEFINE_HOST_FUNCTION_WITH_ATTRIBUTES):
(JSC::JSDollarVM::finishCreation):

Source/JavaScriptCore/tools/VMInspector.cpp:

(JSC::VMInspector::dumpCellMemoryToStream):

Source/JavaScriptCore/tools/VMInspector.h:
Source/JavaScriptCore/tools/VMInspectorInlines.h:

(JSC::VMInspector::verifyCellSize):
(JSC::VMInspector::verifyCell):

Source/JavaScriptCore/wasm/WasmGlobal.cpp:

(JSC::Wasm::Global::set):

Source/JavaScriptCore/wasm/WasmInstance.cpp:

(JSC::Wasm::Instance::setFunctionWrapper):
(JSC::Wasm::Instance::initElementSegment):

Source/JavaScriptCore/wasm/WasmOperations.cpp:

(JSC::Wasm::JSC_DEFINE_JIT_OPERATION):
(JSC::Wasm::setWasmTableElement):

Source/JavaScriptCore/wasm/WasmSlowPaths.cpp:

(JSC::LLInt::doWasmCallRef):
(JSC::LLInt::WASM_SLOW_PATH_DECL):

Source/JavaScriptCore/wasm/js/JSWebAssembly.cpp:

(JSC::JSWebAssembly::finishCreation):
(JSC::JSC_DEFINE_HOST_FUNCTION):

Source/JavaScriptCore/wasm/js/JSWebAssemblyException.cpp:

(JSC::JSWebAssemblyException::finishCreation):

Source/JavaScriptCore/wasm/js/JSWebAssemblyGlobal.cpp:

(JSC::JSWebAssemblyGlobal::finishCreation):

Source/JavaScriptCore/wasm/js/JSWebAssemblyHelpers.h:

(JSC::getWasmBufferFromValue):
(JSC::createSourceBufferFromValue):
(JSC::isWebAssemblyHostFunction):
(JSC::fromJSValue):

Source/JavaScriptCore/wasm/js/JSWebAssemblyInstance.cpp:

(JSC::JSWebAssemblyInstance::finishCreation):

Source/JavaScriptCore/wasm/js/JSWebAssemblyMemory.cpp:

(JSC::JSWebAssemblyMemory::finishCreation):

Source/JavaScriptCore/wasm/js/JSWebAssemblyModule.cpp:

(JSC::JSWebAssemblyModule::finishCreation):

Source/JavaScriptCore/wasm/js/JSWebAssemblyTable.cpp:

(JSC::JSWebAssemblyTable::finishCreation):

Source/JavaScriptCore/wasm/js/WebAssemblyCompileErrorPrototype.cpp:

(JSC::WebAssemblyCompileErrorPrototype::finishCreation):

Source/JavaScriptCore/wasm/js/WebAssemblyExceptionConstructor.cpp:

(JSC::JSC_DEFINE_HOST_FUNCTION):

Source/JavaScriptCore/wasm/js/WebAssemblyExceptionPrototype.cpp:

(JSC::WebAssemblyExceptionPrototype::finishCreation):
(JSC::getException):
(JSC::getTag):
(JSC::JSC_DEFINE_HOST_FUNCTION):

Source/JavaScriptCore/wasm/js/WebAssemblyFunctionBase.cpp:

(JSC::WebAssemblyFunctionBase::finishCreation):

Source/JavaScriptCore/wasm/js/WebAssemblyGlobalConstructor.cpp:

(JSC::JSC_DEFINE_HOST_FUNCTION):

Source/JavaScriptCore/wasm/js/WebAssemblyGlobalPrototype.cpp:

(JSC::getGlobal):
(JSC::WebAssemblyGlobalPrototype::finishCreation):

Source/JavaScriptCore/wasm/js/WebAssemblyInstanceConstructor.cpp:

(JSC::JSC_DEFINE_HOST_FUNCTION):

Source/JavaScriptCore/wasm/js/WebAssemblyInstancePrototype.cpp:

(JSC::getInstance):
(JSC::WebAssemblyInstancePrototype::finishCreation):

Source/JavaScriptCore/wasm/js/WebAssemblyLinkErrorPrototype.cpp:

(JSC::WebAssemblyLinkErrorPrototype::finishCreation):

Source/JavaScriptCore/wasm/js/WebAssemblyMemoryPrototype.cpp:

(JSC::getMemory):
(JSC::WebAssemblyMemoryPrototype::finishCreation):

Source/JavaScriptCore/wasm/js/WebAssemblyModuleConstructor.cpp:

(JSC::JSC_DEFINE_HOST_FUNCTION):

Source/JavaScriptCore/wasm/js/WebAssemblyModulePrototype.cpp:

(JSC::WebAssemblyModulePrototype::finishCreation):

Source/JavaScriptCore/wasm/js/WebAssemblyModuleRecord.cpp:

(JSC::WebAssemblyModuleRecord::finishCreation):
(JSC::WebAssemblyModuleRecord::initializeImports):
(JSC::WebAssemblyModuleRecord::initializeExports):
(JSC::WebAssemblyModuleRecord::evaluate):

Source/JavaScriptCore/wasm/js/WebAssemblyRuntimeErrorPrototype.cpp:

(JSC::WebAssemblyRuntimeErrorPrototype::finishCreation):

Source/JavaScriptCore/wasm/js/WebAssemblyTableConstructor.cpp:

(JSC::JSC_DEFINE_HOST_FUNCTION):

Source/JavaScriptCore/wasm/js/WebAssemblyTablePrototype.cpp:

(JSC::getTable):
(JSC::JSC_DEFINE_HOST_FUNCTION):
(JSC::WebAssemblyTablePrototype::finishCreation):

Source/JavaScriptCore/wasm/js/WebAssemblyTagPrototype.cpp:

(JSC::WebAssemblyTagPrototype::finishCreation):
(JSC::getTag):

Source/JavaScriptCore/wasm/js/WebAssemblyWrapperFunction.cpp:

(JSC::WebAssemblyWrapperFunction::create):
(JSC::WebAssemblyWrapperFunction::finishCreation):
(JSC::JSC_DEFINE_HOST_FUNCTION):

Source/WebKit/WebProcess/Automation/WebAutomationSessionProxy.cpp:

(WebKit::WebAutomationSessionProxy::setScriptObject):
(WebKit::WebAutomationSessionProxy::elementForNodeHandle):

Source/WebKit/WebProcess/InjectedBundle/InjectedBundle.cpp:

(WebKit::InjectedBundle::reportException):

Source/WebKit/WebProcess/WebPage/IPCTestingAPI.cpp:

(WebKit::IPCTestingAPI::encodeArgument):

Source/WebKit/WebProcess/WebPage/WebFrame.cpp:

(WebKit::WebFrame::counterValue):

Source/WebKitLegacy/mac/DOM/DOM.mm:

(+[DOMNode _nodeFromJSWrapper:]):

Source/WebKitLegacy/mac/WebView/WebFrame.mm:

(-[WebFrame _stringByEvaluatingJavaScriptFromString:withGlobalObject:inScriptWorld:]):

Source/WebKitLegacy/mac/WebView/WebView.mm:

(+[WebView _reportException:inContext:]):
(aeDescFromJSValue):

Source/WebKitLegacy/win/WebFrame.cpp:

(WebFrame::stringByEvaluatingJavaScriptInScriptWorld):

Source/WebKitLegacy/win/WebView.cpp:

(WebView::reportException):

Source/WebCore/Modules/webaudio/AudioWorkletGlobalScope.cpp:

(WebCore::AudioWorkletGlobalScope::registerProcessor):
(WebCore::AudioWorkletGlobalScope::createProcessor):

Source/WebCore/Modules/webaudio/AudioWorkletProcessor.cpp:

(WebCore::copyDataFromBusesToJSArray):
(WebCore::copyDataFromParameterMapToJSObject):
(WebCore::zeroJSArray):
(WebCore::AudioWorkletProcessor::buildJSArguments):

Source/WebCore/bindings/js/CommonVM.cpp:

(WebCore::lexicalFrameFromCommonVM):

Source/WebCore/bindings/js/DOMGCOutputConstraint.cpp:

(WebCore::DOMGCOutputConstraint::executeImplImpl):

Source/WebCore/bindings/js/IDBBindingUtilities.cpp:

(WebCore::get):
(WebCore::createIDBKeyFromValue):

Source/WebCore/bindings/js/InternalWritableStream.cpp:

(WebCore::invokeWritableStreamFunction):

Source/WebCore/bindings/js/JSCSSRuleListCustom.cpp:

(WebCore::JSCSSRuleListOwner::isReachableFromOpaqueRoots):

Source/WebCore/bindings/js/JSCallbackData.cpp:

(WebCore::JSCallbackData::invokeCallback):

Source/WebCore/bindings/js/JSCustomElementInterface.cpp:

(WebCore::constructCustomElementSynchronously):
(WebCore::JSCustomElementInterface::upgradeElement):
(WebCore::JSCustomElementInterface::invokeCallback):

Source/WebCore/bindings/js/JSCustomElementRegistryCustom.cpp:

(WebCore::getCustomElementCallback):
(WebCore::JSCustomElementRegistry::define):

Source/WebCore/bindings/js/JSDOMAbstractOperations.h:

(WebCore::isVisibleNamedProperty):
(WebCore::accessVisibleNamedProperty):

Source/WebCore/bindings/js/JSDOMAsyncIterator.h:

(WebCore::JSIterator>::next):
(WebCore::JSIterator>::runNextSteps):
(WebCore::JSIterator>::finishCreation):

Source/WebCore/bindings/js/JSDOMBuiltinConstructor.h:

(WebCore::JSDOMBuiltinConstructor<JSClass>::finishCreation):

Source/WebCore/bindings/js/JSDOMCastThisValue.h:

(WebCore::castThisValue):

Source/WebCore/bindings/js/JSDOMConstructor.h:

(WebCore::JSDOMConstructor<JSClass>::finishCreation):

Source/WebCore/bindings/js/JSDOMConstructorNotCallable.h:

(WebCore::JSDOMConstructorNotCallable<JSClass>::finishCreation):

Source/WebCore/bindings/js/JSDOMConstructorNotConstructable.h:

(WebCore::JSDOMConstructorNotConstructable<JSClass>::finishCreation):

Source/WebCore/bindings/js/JSDOMConvertBufferSource.h:

(WebCore::toPossiblySharedArrayBufferView):

Source/WebCore/bindings/js/JSDOMConvertCallbacks.h:

(WebCore::Converter<IDLCallbackFunction<T>>::convert):

Source/WebCore/bindings/js/JSDOMConvertDate.cpp:

(WebCore::valueToDate):

Source/WebCore/bindings/js/JSDOMConvertPromise.h:

(WebCore::Converter<IDLPromise<T>>::convert):

Source/WebCore/bindings/js/JSDOMConvertRecord.h:
Source/WebCore/bindings/js/JSDOMConvertScheduledAction.h:

(WebCore::Converter<IDLScheduledAction>::convert):

Source/WebCore/bindings/js/JSDOMConvertXPathNSResolver.h:

(WebCore::Converter<IDLInterface<XPathNSResolver>>::convert):

Source/WebCore/bindings/js/JSDOMExceptionHandling.cpp:

(WebCore::reportException):
(WebCore::retrieveErrorMessageWithoutName):
(WebCore::retrieveErrorMessage):

Source/WebCore/bindings/js/JSDOMGlobalObject.cpp:

(WebCore::JSC_DEFINE_HOST_FUNCTION):
(WebCore::JSDOMGlobalObject::finishCreation):
(WebCore::JSDOMGlobalObject::scriptExecutionContext const):
(WebCore::scriptModuleLoader):

Source/WebCore/bindings/js/JSDOMGlobalObject.h:

(WebCore::toJSDOMGlobalObject):

Source/WebCore/bindings/js/JSDOMGuardedObject.h:

(WebCore::DOMGuarded::guarded const):

Source/WebCore/bindings/js/JSDOMIterator.h:

(WebCore::iteratorForEach):
(WebCore::IteratorTraits>::next):
(WebCore::IteratorTraits>::finishCreation):

Source/WebCore/bindings/js/JSDOMLegacyFactoryFunction.h:

(WebCore::JSDOMLegacyFactoryFunction<JSClass>::finishCreation):

Source/WebCore/bindings/js/JSDOMMapLike.cpp:

(WebCore::clearBackingMap):
(WebCore::setToBackingMap):
(WebCore::forwardFunctionCallToBackingMap):
(WebCore::forwardForEachCallToBackingMap):

Source/WebCore/bindings/js/JSDOMMicrotask.cpp:

(WebCore::JSDOMMicrotask::run):

Source/WebCore/bindings/js/JSDOMPromise.cpp:

(WebCore::DOMPromise::whenPromiseIsSettled):

Source/WebCore/bindings/js/JSDOMPromiseDeferred.cpp:

(WebCore::createRejectedPromiseWithTypeError):

Source/WebCore/bindings/js/JSDOMPromiseDeferred.h:

(WebCore::callPromiseFunction):

Source/WebCore/bindings/js/JSDOMSetLike.cpp:

(WebCore::clearBackingSet):
(WebCore::addToBackingSet):
(WebCore::forwardFunctionCallToBackingSet):
(WebCore::forwardForEachCallToBackingSet):

Source/WebCore/bindings/js/JSDOMWindowBase.cpp:

(WebCore::JSDOMWindowBase::finishCreation):

Source/WebCore/bindings/js/JSDOMWindowCustom.cpp:

(WebCore::JSDOMWindow::queueMicrotask):
(WebCore::JSDOMWindow::toWrapped):

Source/WebCore/bindings/js/JSDOMWindowProperties.cpp:

(WebCore::JSDOMWindowProperties::finishCreation):
(WebCore::JSDOMWindowProperties::getOwnPropertySlot):

Source/WebCore/bindings/js/JSDOMWrapper.cpp:

(WebCore::JSDOMObject::JSDOMObject):

Source/WebCore/bindings/js/JSDeprecatedCSSOMValueCustom.cpp:

(WebCore::JSDeprecatedCSSOMValueOwner::isReachableFromOpaqueRoots):

Source/WebCore/bindings/js/JSDocumentCustom.h:

(JSC::JSCastingHelpers::InheritsTraits<WebCore::JSDocument>::inherits):

Source/WebCore/bindings/js/JSElementCustom.h:

(JSC::JSCastingHelpers::InheritsTraits<WebCore::JSElement>::inherits):

Source/WebCore/bindings/js/JSErrorHandler.cpp:

(WebCore::JSErrorHandler::handleEvent):

Source/WebCore/bindings/js/JSEventCustom.h:

(JSC::JSCastingHelpers::InheritsTraits<WebCore::JSEvent>::inherits):

Source/WebCore/bindings/js/JSEventListener.cpp:

(WebCore::JSEventListener::handleEvent):
(WebCore::JSEventListener::functionName const):

Source/WebCore/bindings/js/JSEventTargetCustom.cpp:

(WebCore::JSEventTarget::toWrapped):
(WebCore::jsEventTargetCast):

Source/WebCore/bindings/js/JSExecState.cpp:

(WebCore::executionContext):

Source/WebCore/bindings/js/JSNavigatorCustom.cpp:

(WebCore::JSNavigator::getUserMedia):

Source/WebCore/bindings/js/JSNodeCustom.cpp:

(WebCore::JSNode::pushEventHandlerScope const):

Source/WebCore/bindings/js/JSNodeCustom.h:

(JSC::JSCastingHelpers::InheritsTraits<WebCore::JSNode>::inherits):

Source/WebCore/bindings/js/JSNodeListCustom.cpp:

(WebCore::JSNodeListOwner::isReachableFromOpaqueRoots):

Source/WebCore/bindings/js/JSPluginElementFunctions.cpp:

(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::pluginElementCustomGetOwnPropertySlot):
(WebCore::pluginElementCustomPut):
(WebCore::JSC_DEFINE_HOST_FUNCTION):

Source/WebCore/bindings/js/JSReadableStreamSourceCustom.cpp:

(WebCore::JSReadableStreamSource::start):

Source/WebCore/bindings/js/JSShadowRealmGlobalScopeBase.cpp:

(WebCore::JSShadowRealmGlobalScopeBase::finishCreation):

Source/WebCore/bindings/js/JSWindowProxy.cpp:

(WebCore::JSWindowProxy::finishCreation):
(WebCore::JSWindowProxy::setWindow):
(WebCore::JSWindowProxy::wrapped const):
(WebCore::JSWindowProxy::toWrapped):

Source/WebCore/bindings/js/JSWorkerGlobalScopeBase.cpp:

(WebCore::JSWorkerGlobalScopeBase::finishCreation):

Source/WebCore/bindings/js/JSWorkerGlobalScopeCustom.cpp:

(WebCore::JSWorkerGlobalScope::queueMicrotask):

Source/WebCore/bindings/js/JSWorkletGlobalScopeBase.cpp:

(WebCore::JSWorkletGlobalScopeBase::finishCreation):

Source/WebCore/bindings/js/ReadableStream.cpp:

(WebCore::invokeReadableStreamFunction):
(WebCore::checkReadableStream):
(WebCore::ReadableStream::isDisturbed):

Source/WebCore/bindings/js/ReadableStream.h:

(WebCore::JSReadableStreamWrapperConverter::toWrapped):

Source/WebCore/bindings/js/ReadableStreamDefaultController.cpp:

(WebCore::invokeReadableStreamDefaultControllerFunction):

Source/WebCore/bindings/js/ScheduledAction.cpp:

(WebCore::ScheduledAction::executeFunctionInContext):

Source/WebCore/bindings/js/ScriptController.cpp:

(WebCore::ScriptController::evaluateModule):
(WebCore::ScriptController::callInWorld):
(WebCore::ScriptController::executeAsynchronousUserAgentScriptInWorld):

Source/WebCore/bindings/js/ScriptModuleLoader.cpp:

(WebCore::ScriptModuleLoader::fetch):
(WebCore::ScriptModuleLoader::evaluate):

Source/WebCore/bindings/js/SerializedScriptValue.cpp:

(WebCore::CloneSerializer::isArray):
(WebCore::CloneSerializer::isMap):
(WebCore::CloneSerializer::isSet):
(WebCore::CloneSerializer::getProperty):
(WebCore::CloneSerializer::toJSArrayBuffer):
(WebCore::CloneSerializer::dumpArrayBufferView):
(WebCore::CloneSerializer::dumpDOMPoint):
(WebCore::CloneSerializer::dumpDOMRect):
(WebCore::CloneSerializer::dumpDOMMatrix):
(WebCore::CloneSerializer::dumpIfTerminal):
(WebCore::CloneSerializer::serialize):
(WebCore::CloneDeserializer::CloneDeserializer):
(WebCore::CloneDeserializer::readArrayBufferViewImpl):
(WebCore::CloneDeserializer::readTerminal):

Source/WebCore/bindings/js/StructuredClone.cpp:

(WebCore::JSC_DEFINE_HOST_FUNCTION):

Source/WebCore/bindings/js/WindowProxy.cpp:

(WebCore::WindowProxy::clearJSWindowProxiesNotMatchingDOMWindow):

Source/WebCore/bindings/scripts/CodeGeneratorJS.pm:

(GeneratePut):
(GeneratePutByIndex):
(GenerateOverloadDispatcher):
(GenerateImplementation):
(GenerateAttributeSetterBodyDefinition):
(GenerateCallbackImplementationContent):
(GenerateConstructorHelperMethods):

Source/WebCore/bindings/scripts/test/JS/JSDOMWindow.cpp:

(WebCore::JSDOMWindowDOMConstructor::initializeProperties):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSDOMWindow::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSDedicatedWorkerGlobalScope.cpp:

(WebCore::JSDedicatedWorkerGlobalScopeDOMConstructor::initializeProperties):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):

Source/WebCore/bindings/scripts/test/JS/JSExposedStar.cpp:

(WebCore::JSExposedStar::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSExposedStar::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSExposedToWorkerAndWindow.cpp:

(WebCore::JSExposedToWorkerAndWindow::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSExposedToWorkerAndWindow::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSPaintWorkletGlobalScope.cpp:

(WebCore::JSPaintWorkletGlobalScopeDOMConstructor::initializeProperties):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):

Source/WebCore/bindings/scripts/test/JS/JSServiceWorkerGlobalScope.cpp:

(WebCore::JSServiceWorkerGlobalScopeDOMConstructor::initializeProperties):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):

Source/WebCore/bindings/scripts/test/JS/JSShadowRealmGlobalScope.cpp:

(WebCore::JSShadowRealmGlobalScopeDOMConstructor::initializeProperties):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSShadowRealmGlobalScope::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSSharedWorkerGlobalScope.cpp:

(WebCore::JSSharedWorkerGlobalScopeDOMConstructor::initializeProperties):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):

Source/WebCore/bindings/scripts/test/JS/JSTestCEReactions.cpp:

(WebCore::JSTestCEReactions::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::setJSTestCEReactions_stringifierAttributeSetter):
(WebCore::setJSTestCEReactions_stringifierAttributeNotNeededSetter):
(WebCore::JSTestCEReactions::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestCEReactionsStringifier.cpp:

(WebCore::JSTestCEReactionsStringifier::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestCEReactionsStringifier::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestCallTracer.cpp:

(WebCore::JSTestCallTracer::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestCallTracer::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestCallbackFunction.cpp:

(WebCore::JSTestCallbackFunction::JSTestCallbackFunction):

Source/WebCore/bindings/scripts/test/JS/JSTestCallbackFunctionRethrow.cpp:

(WebCore::JSTestCallbackFunctionRethrow::JSTestCallbackFunctionRethrow):

Source/WebCore/bindings/scripts/test/JS/JSTestCallbackFunctionWithThisObject.cpp:

(WebCore::JSTestCallbackFunctionWithThisObject::JSTestCallbackFunctionWithThisObject):

Source/WebCore/bindings/scripts/test/JS/JSTestCallbackFunctionWithTypedefs.cpp:

(WebCore::JSTestCallbackFunctionWithTypedefs::JSTestCallbackFunctionWithTypedefs):

Source/WebCore/bindings/scripts/test/JS/JSTestCallbackInterface.cpp:

(WebCore::JSTestCallbackInterface::JSTestCallbackInterface):

Source/WebCore/bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp:

(WebCore::JSTestClassWithJSBuiltinConstructor::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestClassWithJSBuiltinConstructor::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestConditionalIncludes.cpp:

(WebCore::JSTestConditionalIncludes::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestConditionalIncludes::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestConditionallyReadWrite.cpp:

(WebCore::JSTestConditionallyReadWrite::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestConditionallyReadWrite::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestDOMJIT.cpp:

(WebCore::JSTestDOMJIT::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):

Source/WebCore/bindings/scripts/test/JS/JSTestDefaultToJSON.cpp:

(WebCore::JSTestDefaultToJSON::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestDefaultToJSON::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestDefaultToJSONFilteredByExposed.cpp:

(WebCore::JSTestDefaultToJSONFilteredByExposed::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestDefaultToJSONFilteredByExposed::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestDefaultToJSONIndirectInheritance.cpp:

(WebCore::JSTestDefaultToJSONIndirectInheritance::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):

Source/WebCore/bindings/scripts/test/JS/JSTestDefaultToJSONInherit.cpp:

(WebCore::JSTestDefaultToJSONInherit::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):

Source/WebCore/bindings/scripts/test/JS/JSTestDefaultToJSONInheritFinal.cpp:

(WebCore::JSTestDefaultToJSONInheritFinal::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):

Source/WebCore/bindings/scripts/test/JS/JSTestDelegateToSharedSyntheticAttribute.cpp:

(WebCore::JSTestDelegateToSharedSyntheticAttribute::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestDelegateToSharedSyntheticAttribute::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestDomainSecurity.cpp:

(WebCore::JSTestDomainSecurity::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestDomainSecurity::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestEnabledBySetting.cpp:

(WebCore::JSTestEnabledBySetting::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestEnabledBySetting::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestEnabledForContext.cpp:

(WebCore::JSTestEnabledForContext::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestEnabledForContext::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestEventConstructor.cpp:

(WebCore::JSTestEventConstructor::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):

Source/WebCore/bindings/scripts/test/JS/JSTestEventTarget.cpp:

(WebCore::JSTestEventTarget::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestEventTarget::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestException.cpp:

(WebCore::JSTestException::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestException::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestGenerateAddOpaqueRoot.cpp:

(WebCore::JSTestGenerateAddOpaqueRoot::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestGenerateAddOpaqueRoot::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:

(WebCore::JSTestGenerateIsReachable::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestGenerateIsReachable::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestGlobalObject.cpp:

(WebCore::JSTestGlobalObjectDOMConstructor::initializeProperties):
(WebCore::JSTestGlobalObject::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestGlobalObject::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestIndexedSetterNoIdentifier.cpp:

(WebCore::JSTestIndexedSetterNoIdentifier::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestIndexedSetterNoIdentifier::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestIndexedSetterThrowingException.cpp:

(WebCore::JSTestIndexedSetterThrowingException::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestIndexedSetterThrowingException::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestIndexedSetterWithIdentifier.cpp:

(WebCore::JSTestIndexedSetterWithIdentifier::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestIndexedSetterWithIdentifier::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestInterface.cpp:

(WebCore::JSTestInterface::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestInterface::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.cpp:

(WebCore::JSTestInterfaceLeadingUnderscore::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestInterfaceLeadingUnderscore::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestIterable.cpp:

(WebCore::JSTestIterable::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestIterable::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp:

(WebCore::JSTestJSBuiltinConstructor::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):

Source/WebCore/bindings/scripts/test/JS/JSTestLegacyFactoryFunction.cpp:

(WebCore::JSTestLegacyFactoryFunction::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestLegacyFactoryFunction::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestLegacyNoInterfaceObject.cpp:

(WebCore::JSTestLegacyNoInterfaceObject::finishCreation):
(WebCore::JSTestLegacyNoInterfaceObject::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestLegacyOverrideBuiltIns.cpp:

(WebCore::JSTestLegacyOverrideBuiltIns::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestLegacyOverrideBuiltIns::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestMapLike.cpp:

(WebCore::JSTestMapLike::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestMapLike::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestMapLikeWithOverriddenOperations.cpp:

(WebCore::JSTestMapLikeWithOverriddenOperations::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestMapLikeWithOverriddenOperations::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestNamedAndIndexedSetterNoIdentifier.cpp:

(WebCore::JSTestNamedAndIndexedSetterNoIdentifier::finishCreation):
(WebCore::JSTestNamedAndIndexedSetterNoIdentifier::put):
(WebCore::JSTestNamedAndIndexedSetterNoIdentifier::putByIndex):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestNamedAndIndexedSetterNoIdentifier::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestNamedAndIndexedSetterThrowingException.cpp:

(WebCore::JSTestNamedAndIndexedSetterThrowingException::finishCreation):
(WebCore::JSTestNamedAndIndexedSetterThrowingException::put):
(WebCore::JSTestNamedAndIndexedSetterThrowingException::putByIndex):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestNamedAndIndexedSetterThrowingException::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestNamedAndIndexedSetterWithIdentifier.cpp:

(WebCore::JSTestNamedAndIndexedSetterWithIdentifier::finishCreation):
(WebCore::JSTestNamedAndIndexedSetterWithIdentifier::put):
(WebCore::JSTestNamedAndIndexedSetterWithIdentifier::putByIndex):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestNamedAndIndexedSetterWithIdentifier::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestNamedDeleterNoIdentifier.cpp:

(WebCore::JSTestNamedDeleterNoIdentifier::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestNamedDeleterNoIdentifier::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestNamedDeleterThrowingException.cpp:

(WebCore::JSTestNamedDeleterThrowingException::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestNamedDeleterThrowingException::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestNamedDeleterWithIdentifier.cpp:

(WebCore::JSTestNamedDeleterWithIdentifier::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestNamedDeleterWithIdentifier::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestNamedDeleterWithIndexedGetter.cpp:

(WebCore::JSTestNamedDeleterWithIndexedGetter::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestNamedDeleterWithIndexedGetter::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestNamedGetterCallWith.cpp:

(WebCore::JSTestNamedGetterCallWith::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestNamedGetterCallWith::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestNamedGetterNoIdentifier.cpp:

(WebCore::JSTestNamedGetterNoIdentifier::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestNamedGetterNoIdentifier::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestNamedGetterWithIdentifier.cpp:

(WebCore::JSTestNamedGetterWithIdentifier::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestNamedGetterWithIdentifier::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterNoIdentifier.cpp:

(WebCore::JSTestNamedSetterNoIdentifier::finishCreation):
(WebCore::JSTestNamedSetterNoIdentifier::put):
(WebCore::JSTestNamedSetterNoIdentifier::putByIndex):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestNamedSetterNoIdentifier::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterThrowingException.cpp:

(WebCore::JSTestNamedSetterThrowingException::finishCreation):
(WebCore::JSTestNamedSetterThrowingException::put):
(WebCore::JSTestNamedSetterThrowingException::putByIndex):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestNamedSetterThrowingException::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithIdentifier.cpp:

(WebCore::JSTestNamedSetterWithIdentifier::finishCreation):
(WebCore::JSTestNamedSetterWithIdentifier::put):
(WebCore::JSTestNamedSetterWithIdentifier::putByIndex):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestNamedSetterWithIdentifier::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetter.cpp:

(WebCore::JSTestNamedSetterWithIndexedGetter::finishCreation):
(WebCore::JSTestNamedSetterWithIndexedGetter::put):
(WebCore::JSTestNamedSetterWithIndexedGetter::putByIndex):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestNamedSetterWithIndexedGetter::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithIndexedGetterAndSetter.cpp:

(WebCore::JSTestNamedSetterWithIndexedGetterAndSetter::finishCreation):
(WebCore::JSTestNamedSetterWithIndexedGetterAndSetter::put):
(WebCore::JSTestNamedSetterWithIndexedGetterAndSetter::putByIndex):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestNamedSetterWithIndexedGetterAndSetter::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithLegacyOverrideBuiltIns.cpp:

(WebCore::JSTestNamedSetterWithLegacyOverrideBuiltIns::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestNamedSetterWithLegacyOverrideBuiltIns::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithLegacyUnforgeableProperties.cpp:

(WebCore::JSTestNamedSetterWithLegacyUnforgeableProperties::finishCreation):
(WebCore::JSTestNamedSetterWithLegacyUnforgeableProperties::put):
(WebCore::JSTestNamedSetterWithLegacyUnforgeableProperties::putByIndex):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestNamedSetterWithLegacyUnforgeableProperties::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestNamedSetterWithLegacyUnforgeablePropertiesAndLegacyOverrideBuiltIns.cpp:

(WebCore::JSTestNamedSetterWithLegacyUnforgeablePropertiesAndLegacyOverrideBuiltIns::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestNamedSetterWithLegacyUnforgeablePropertiesAndLegacyOverrideBuiltIns::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestNamespaceConst.cpp:

(WebCore::JSTestNamespaceConst::finishCreation):

Source/WebCore/bindings/scripts/test/JS/JSTestNamespaceObject.cpp:

(WebCore::JSTestNamespaceObject::finishCreation):

Source/WebCore/bindings/scripts/test/JS/JSTestNode.cpp:

(WebCore::JSTestNode::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):

Source/WebCore/bindings/scripts/test/JS/JSTestObj.cpp:

(WebCore::JSTestObj::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::setJSTestObj_putForwardsAttributeSetter):
(WebCore::setJSTestObj_putForwardsNullableAttributeSetter):
(WebCore::jsTestObjPrototypeFunction_overloadedMethodOverloadDispatcher):
(WebCore::jsTestObjPrototypeFunction_overloadedMethodWithOptionalParameterOverloadDispatcher):
(WebCore::jsTestObjPrototypeFunction_overloadedMethodWithDistinguishingUnionOverloadDispatcher):
(WebCore::jsTestObjPrototypeFunction_overloadedMethodWith2DistinguishingUnionsOverloadDispatcher):
(WebCore::jsTestObjPrototypeFunction_overloadedMethodWithNonDistinguishingUnionOverloadDispatcher):
(WebCore::jsTestObjPrototypeFunction_overloadWithNullableUnionOverloadDispatcher):
(WebCore::jsTestObjPrototypeFunction_overloadWithNullableNonDistinguishingParameterOverloadDispatcher):
(WebCore::jsTestObjPrototypeFunction_testPromiseOverloadedFunctionOverloadDispatcher):
(WebCore::JSTestObj::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestOperationConditional.cpp:

(WebCore::JSTestOperationConditional::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestOperationConditional::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:

(WebCore::JSTestOverloadedConstructorsDOMConstructor::construct):
(WebCore::JSTestOverloadedConstructors::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestOverloadedConstructors::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.cpp:

(WebCore::JSTestOverloadedConstructorsWithSequence::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestOverloadedConstructorsWithSequence::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestPluginInterface.cpp:

(WebCore::JSTestPluginInterface::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestPluginInterface::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestPromiseRejectionEvent.cpp:

(WebCore::JSTestPromiseRejectionEvent::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):

Source/WebCore/bindings/scripts/test/JS/JSTestReadOnlyMapLike.cpp:

(WebCore::JSTestReadOnlyMapLike::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestReadOnlyMapLike::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestReadOnlySetLike.cpp:

(WebCore::JSTestReadOnlySetLike::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestReadOnlySetLike::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestReportExtraMemoryCost.cpp:

(WebCore::JSTestReportExtraMemoryCost::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestReportExtraMemoryCost::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:

(WebCore::JSTestSerializedScriptValueInterface::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestSerializedScriptValueInterface::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestSetLike.cpp:

(WebCore::JSTestSetLike::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestSetLike::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestSetLikeWithOverriddenOperations.cpp:

(WebCore::JSTestSetLikeWithOverriddenOperations::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestSetLikeWithOverriddenOperations::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestStringifier.cpp:

(WebCore::JSTestStringifier::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestStringifier::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestStringifierAnonymousOperation.cpp:

(WebCore::JSTestStringifierAnonymousOperation::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestStringifierAnonymousOperation::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestStringifierNamedOperation.cpp:

(WebCore::JSTestStringifierNamedOperation::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestStringifierNamedOperation::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestStringifierOperationImplementedAs.cpp:

(WebCore::JSTestStringifierOperationImplementedAs::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestStringifierOperationImplementedAs::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestStringifierOperationNamedToString.cpp:

(WebCore::JSTestStringifierOperationNamedToString::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestStringifierOperationNamedToString::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestStringifierReadOnlyAttribute.cpp:

(WebCore::JSTestStringifierReadOnlyAttribute::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestStringifierReadOnlyAttribute::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestStringifierReadWriteAttribute.cpp:

(WebCore::JSTestStringifierReadWriteAttribute::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestStringifierReadWriteAttribute::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestTaggedWrapper.cpp:

(WebCore::JSTestTaggedWrapper::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestTaggedWrapper::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestTypedefs.cpp:

(WebCore::JSTestTypedefs::finishCreation):
(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSTestTypedefs::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSTestVoidCallbackFunction.cpp:

(WebCore::JSTestVoidCallbackFunction::JSTestVoidCallbackFunction):

Source/WebCore/bindings/scripts/test/JS/JSWorkerGlobalScope.cpp:

(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSWorkerGlobalScope::toWrapped):

Source/WebCore/bindings/scripts/test/JS/JSWorkletGlobalScope.cpp:

(WebCore::JSC_DEFINE_CUSTOM_GETTER):
(WebCore::JSWorkletGlobalScope::toWrapped):

Source/WebCore/bridge/objc/ObjCRuntimeObject.mm:

(JSC::Bindings::ObjCRuntimeObject::finishCreation):

Source/WebCore/bridge/objc/WebScriptObject.mm:

(-[WebScriptObject _isSafeScript]):
(-[WebScriptObject callWebScriptMethod:withArguments:]):
(-[WebScriptObject setValue:forKey:]):
(-[WebScriptObject setWebScriptValueAtIndex:value:]):
(+[WebScriptObject _convertValueToObjcValue:originRootObject:rootObject:]):

Source/WebCore/bridge/objc/objc_instance.mm:

(JSC::Bindings::ObjcInstance::getMethod):
(JSC::Bindings::ObjcInstance::invokeMethod):

Source/WebCore/bridge/objc/objc_runtime.mm:

(JSC::Bindings::ObjcFallbackObjectImp::finishCreation):
(JSC::Bindings::JSC_DEFINE_HOST_FUNCTION):

Source/WebCore/bridge/runtime_array.cpp:

(JSC::RuntimeArray::finishCreation):
(JSC::JSC_DEFINE_CUSTOM_GETTER):

Source/WebCore/bridge/runtime_method.cpp:

(JSC::RuntimeMethod::finishCreation):
(JSC::JSC_DEFINE_CUSTOM_GETTER):
(JSC::JSC_DEFINE_HOST_FUNCTION):

Source/WebCore/bridge/runtime_object.cpp:

(JSC::Bindings::RuntimeObject::finishCreation):
(JSC::Bindings::JSC_DEFINE_HOST_FUNCTION):

Source/WebCore/html/HTMLMediaElement.cpp:

(WebCore::controllerJSValue):
(WebCore::HTMLMediaElement::updateCaptionContainer):
(WebCore::HTMLMediaElement::ensureMediaControlsInjectedScript):
(WebCore::HTMLMediaElement::setControllerJSProperty):
(WebCore::HTMLMediaElement::didAddUserAgentShadowRoot):
(WebCore::HTMLMediaElement::updateMediaControlsAfterPresentationModeChange):
(WebCore::HTMLMediaElement::getCurrentMediaControlsStatus):

Source/WebCore/html/PDFDocument.cpp:

(WebCore::PDFDocument::sendPDFArrayBuffer):

Source/WebCore/inspector/InspectorController.cpp:

(WebCore::InspectorController::canAccessInspectedScriptState const):

Source/WebCore/inspector/InspectorFrontendAPIDispatcher.cpp:

(WebCore::InspectorFrontendAPIDispatcher::evaluateOrQueueExpression):

Source/WebCore/inspector/WebInjectedScriptHost.cpp:

(WebCore::WebInjectedScriptHost::subtype):
(WebCore::WebInjectedScriptHost::isHTMLAllCollection):

Source/WebCore/inspector/agents/InspectorDOMAgent.cpp:

(WebCore::InspectorDOMAgent::buildObjectForEventListener):

Source/WebCore/page/Frame.cpp:

(WebCore::Frame::fromJSContext):
(WebCore::Frame::contentFrameFromWindowOrFrameElement):

Source/WebCore/page/WindowOrWorkerGlobalScope.cpp:

(WebCore::WindowOrWorkerGlobalScope::reportError):

Source/WebCore/testing/Internals.cpp:

(WebCore::Internals::parserMetaData):
(WebCore::Internals::cloneArrayBuffer):

Source/WebCore/workers/WorkerOrWorkletScriptController.cpp:

(WebCore::WorkerOrWorkletScriptController::loadAndEvaluateModule):
(WebCore::WorkerOrWorkletScriptController::initScriptWithSubclass):

Source/WebCore/worklets/PaintWorkletGlobalScope.cpp:

(WebCore::PaintWorkletGlobalScope::registerPaint):

Canonical link: https://commits.webkit.org/249694@main

4:26 PM Changeset in webkit [292928] by Brent Fulgham

9 edits in trunk/Source/WebKit

Add new dyld support sandbox rules
https://bugs.webkit.org/show_bug.cgi?id=238389
<rdar://90593887>

Reviewed by Eric Carlson.

Update sandbox profiles to adopt a new dyld-related utility file
on platforms where it exists.

GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in:
NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in:
Resources/SandboxProfiles/ios/com.apple.WebKit.GPU.sb.in:
Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb.in:
Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in:
Resources/SandboxProfiles/ios/com.apple.WebKit.adattributiond.sb.in:
WebProcess/com.apple.WebProcess.sb.in:
webpushd/mac/com.apple.WebKit.webpushd.sb.in:

4:25 PM Changeset in webkit [292927] by Karl Rackler

2 edits in trunk/LayoutTests

[ Monterey wk2 ] 2 css-transforms tests are flaky failing
https://bugs.webkit.org/show_bug.cgi?id=239407

Unreviewed test gardening.

platform/mac-wk2/TestExpectations:

3:56 PM Changeset in webkit [292926] by sbarati@apple.com

2 edits in trunk

Unreviewed. Add my github into to contributors.json.

metadata/contributors.json:

3:37 PM Changeset in webkit [292925] by Russell Epstein

1 copy in tags/WebKit-7614.1.10.1

Tag WebKit-7614.1.10.1.

3:30 PM Changeset in webkit [292924] by Alan Coon

3 edits in branches/safari-613-branch/Source/WebKit

Cherry-pick r292431. rdar://problem/90677955

Revert r291598
https://bugs.webkit.org/show_bug.cgi?id=238842
<rdar://90677955>

Reviewed by Geoff Garen.

It caused some problems and needs further analysis.

NetworkProcess/cocoa/NetworkSessionCocoa.mm: (WebKit::NetworkSessionCocoa::createWebSocketTask):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@292431 268f45cc-cd09-0410-ab3c-d52691b4dbfc

2:49 PM Changeset in webkit [292923] by graouts@webkit.org

3 edits
4 adds in trunk

WKWebView false positive when testing a.relList.supports("ar"), fails to open USDZ in AR QuickLook
https://bugs.webkit.org/show_bug.cgi?id=239135
<rdar://problem/91798041>

Reviewed by Tim Horton.

Source/WebCore:

Only return "true" for a.relList.supports("ar") when the SystemPreviewEnabled setting is "true".

Tests: system-preview/rel-ar-setting-disabled.html

system-preview/rel-ar-setting-enabled.html

html/HTMLAnchorElement.cpp:

(WebCore::HTMLAnchorElement::relList):

LayoutTests:

Add tests to check a.relList.supports("ar") returns the expected value based on
the SystemPreviewEnabled setting value.

system-preview/rel-ar-setting-disabled-expected.txt: Added.
system-preview/rel-ar-setting-disabled.html: Added.
system-preview/rel-ar-setting-enabled-expected.txt: Added.
system-preview/rel-ar-setting-enabled.html: Added.

Canonical link: https://commits.webkit.org/249690@main

2:43 PM Changeset in webkit [292922] by Karl Rackler

2 edits in trunk/LayoutTests

[ Mac ] fast/css/counters/element-removal-crash.xhtml is a flaky failure
https://bugs.webkit.org/show_bug.cgi?id=239405

Unreviewed test gardening.

platform/mac/TestExpectations:

1:59 PM Changeset in webkit [292921] by Brent Fulgham

2 edits in trunk/Source/WebKit

REGRESSION (r291843): Broken Netflix and Amazon video playback
https://bugs.webkit.org/show_bug.cgi?id=239397
<rdar://91313460>

Unreviewed revert of r291843.

WebProcess/WebPage/WebPage.cpp:

(WebKit::adjustSettingsForCaptivePortal):

12:54 PM Changeset in webkit [292920] by mark.lam@apple.com

3 edits in trunk/Source/JavaScriptCore

Apply purifyNaN in more places.
https://bugs.webkit.org/show_bug.cgi?id=239393

Reviewed by Saam Barati.

Also removed some unused functions.

wasm/WasmInstance.h:

(JSC::Wasm::Instance::loadI64Global const):
(JSC::Wasm::Instance::loadF32Global const): Deleted.
(JSC::Wasm::Instance::loadF64Global const): Deleted.

wasm/js/JSWebAssemblyHelpers.h:

(JSC::toJSValue):

12:04 PM Changeset in webkit [292919] by Russell Epstein

1 copy in tags/WebKit-7614.1.9.5

Tag WebKit-7614.1.9.5.

12:00 PM Changeset in webkit [292918] by Russell Epstein

9 edits in branches/safari-614.1.9-branch/Source

Versioning.

WebKit-7614.1.9.5

11:53 AM Changeset in webkit [292917] by Ross Kirsling

2 edits in trunk/Tools

Fix parsePlatformFamily on bot watcher's dashboard.
https://bugs.webkit.org/show_bug.cgi?id=239394

Reviewed by Jonathan Bedard.

CISupport/build-webkit-org/public_html/dashboard/Scripts/Settings.js:

(Settings.prototype.parsePlatformFamily):
Allow for the "family of one" case.

Canonical link: https://commits.webkit.org/249686@main

11:45 AM Changeset in webkit [292916] by Russell Epstein

14 edits in branches/safari-613-branch/Source

Apply patch. rdar://problem/84869202

11:08 AM Changeset in webkit [292915] by timothy_horton@apple.com

2 edits in trunk/Source/WebCore

Non-fatal fault under RenderThemeIOS::paintAttachment due to use of dynamic UIColors
https://bugs.webkit.org/show_bug.cgi?id=239376
<rdar://88141235>

Reviewed by Wenson Hsieh.

No new tests; not observable except for the lack of os_log_fault,
which we currently don't capture.

rendering/RenderThemeIOS.mm:

(WebCore::attachmentTitleColor):
(WebCore::attachmentSubtitleColor):
(WebCore::RenderAttachmentInfo::RenderAttachmentInfo):
Make use of RenderThemeIOS's cache of system colors, instead of
retrieving them from UIColor directly, for <attachment> text colors.

This is important because we must avoid using dynamic UIColors in the
Web Content process directly (see r254373); this is just repairing
a small missing piece of that patch.

11:02 AM Changeset in webkit [292914] by timothy_horton@apple.com

8 edits
2 deletes in trunk/Source

Make it possible to adjust the final trait collection applied by LocalCurrentTraitCollection
https://bugs.webkit.org/show_bug.cgi?id=239375
rdar://problem/87115393

Reviewed by Wenson Hsieh.

Source/WebCore:

SourcesCocoa.txt:
WebCore.xcodeproj/project.pbxproj:
platform/ios/LocalCurrentTraitCollection.mm:

(WebCore::adjustedTraitCollection):
(WebCore::LocalCurrentTraitCollection::LocalCurrentTraitCollection):

platform/ios/WebCoreUIColorExtras.h: Removed.
platform/ios/WebCoreUIColorExtras.mm: Removed.
rendering/RenderThemeIOS.mm:

(WebCore::cssValueSystemColorInformationList):
(WebCore::systemColorFromCSSValueSystemColorInformation):
(WebCore::CSSValueSystemColorInformation::function): Deleted.
Partially revert r291564, and add an addition point for LocalCurrentTraitCollection instead.

Source/WebKit:

UIProcess/API/ios/WKWebViewIOS.mm:

(scrollViewBackgroundColor):

UIProcess/ios/PageClientImplIOS.mm:

(WebKit::PageClientImpl::contentViewBackgroundColor):

10:38 AM Changeset in webkit [292913] by J Pascoe

38 edits in trunk

Source/WebCore:
[WebAuthn] Implement getTransports() and getAuthenticatorData() on AuthenticatorAttestationResponse
https://bugs.webkit.org/show_bug.cgi?id=238966
rdar://problem/91449906

This change implements the getTransports() and getAuthenticatorData() functions
on AuthenticatorAttestationResponse. For security keys, the supported transports of
the key are parsed from authenticatorGetInfo. For the local authenticator, the supported
transports are specified according to which features are available. getAuthenticatorData()
is a convenience method for RPs who want to avoid parsing CBOR.

Reviewed by Brent Fulgham.

Modules/webauthn/AuthenticatorAttestationResponse.cpp:

(WebCore::AuthenticatorAttestationResponse::create):
(WebCore::AuthenticatorAttestationResponse::AuthenticatorAttestationResponse):
(WebCore::AuthenticatorAttestationResponse::data const):
(WebCore::AuthenticatorAttestationResponse::getTransports const):
(WebCore::AuthenticatorAttestationResponse::getAuthenticatorData const):

Modules/webauthn/AuthenticatorAttestationResponse.h:
Modules/webauthn/AuthenticatorAttestationResponse.idl:
Modules/webauthn/AuthenticatorResponse.cpp:

(WebCore::AuthenticatorResponse::tryCreate):

Modules/webauthn/AuthenticatorResponse.h:
Modules/webauthn/AuthenticatorResponseData.h:

(WebCore::AuthenticatorResponseData::encode const):
(WebCore::AuthenticatorResponseData::decode):

Modules/webauthn/AuthenticatorTransport.h:
Modules/webauthn/AuthenticatorTransport.idl:
Modules/webauthn/WebAuthenticationConstants.h:
Modules/webauthn/WebAuthenticationUtils.cpp:

(WebCore::convertArrayBufferToVector):

Modules/webauthn/WebAuthenticationUtils.h:
Modules/webauthn/fido/AuthenticatorGetInfoResponse.cpp:

(fido::AuthenticatorGetInfoResponse::setTransports):
(fido::toStringVector):
(fido::encodeAsCBOR):

Modules/webauthn/fido/AuthenticatorGetInfoResponse.h:
Modules/webauthn/fido/DeviceResponseConverter.cpp:

(fido::convertStringToAuthenticatorTransport):
(fido::readCTAPMakeCredentialResponse):
(fido::readCTAPGetInfoResponse):

Modules/webauthn/fido/DeviceResponseConverter.h:
Modules/webauthn/fido/U2fResponseConverter.cpp:

(fido::readU2fRegisterResponse):

Modules/webauthn/fido/U2fResponseConverter.h:

(fido::readU2fRegisterResponse):

Source/WebKit:
[WebAuthn] Implement getTransports() and getAuthenticatorData() on AuthenticatorAttestationResponse
https://bugs.webkit.org/show_bug.cgi?id=238966
rdar://problem/91449906

Reviewed by Brent Fulgham.

Platform/spi/Cocoa/AuthenticationServicesCoreSPI.h:
UIProcess/API/Cocoa/_WKAuthenticatorAttestationResponse.h:
UIProcess/API/Cocoa/_WKAuthenticatorAttestationResponse.mm:

(-[_WKAuthenticatorAttestationResponse initWithClientDataJSON:rawId:extensions:attestationObject:attachment:transports:]):
(-[_WKAuthenticatorAttestationResponse initWithClientDataJSON:rawId:extensions:attestationObject:attachment:]): Deleted.

UIProcess/API/Cocoa/_WKAuthenticatorAttestationResponseInternal.h:
UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm:

(wkExtensionsClientOutputs):
(wkAuthenticatorAttestationResponse):
(wkAuthenticatorAssertionResponse):

UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm:

(WebKit::LocalAuthenticatorInternal::transports):
(WebKit::LocalAuthenticator::continueMakeCredentialAfterUserVerification):
(WebKit::LocalAuthenticator::continueMakeCredentialAfterAttested):

UIProcess/WebAuthentication/Cocoa/WebAuthenticatorCoordinatorProxy.mm:

(WebKit::toASCDescriptor):
(WebKit::toAuthenticatorTransports):
(WebKit::continueAfterRequest):

UIProcess/WebAuthentication/fido/CtapAuthenticator.cpp:

(WebKit::CtapAuthenticator::continueMakeCredentialAfterResponseReceived):
(WebKit::CtapAuthenticator::transports):

UIProcess/WebAuthentication/fido/CtapAuthenticator.h:
UIProcess/WebAuthentication/fido/CtapDriver.h:

(WebKit::CtapDriver::transport const):
(WebKit::CtapDriver::protocol const):
(WebKit::CtapDriver::CtapDriver):

UIProcess/WebAuthentication/fido/CtapHidDriver.cpp:

(WebKit::CtapHidDriver::CtapHidDriver):

UIProcess/WebAuthentication/fido/CtapNfcDriver.cpp:

(WebKit::CtapNfcDriver::CtapNfcDriver):

UIProcess/WebAuthentication/fido/U2fAuthenticator.cpp:

(WebKit::U2fAuthenticator::continueRegisterCommandAfterResponseReceived):

Tools:
[WebAuthn] Implement getTransports() and getAuthenticatorData() on AuthenticatorAttestationResponse
https://bugs.webkit.org/show_bug.cgi?id=238966
rdar://problem/91449906

Reviewed by Brent Fulgham.

Add tests for parsing transports from getInfo.

TestWebKitAPI/Tests/WebCore/CtapResponseTest.cpp:

(TestWebKitAPI::TEST):

TestWebKitAPI/Tests/WebCore/FidoTestData.h:

LayoutTests:
[WebAuthn] Implement getTransports() and getAuthenticatorData() on AuthenticatorAttestationResponse
https://bugs.webkit.org/show_bug.cgi?id=238966
rdar://problem/91449906

Reviewed by Brent Fulgham.

Add getTransports() to test.

http/wpt/webauthn/public-key-credential-create-success-hid.https.html:
http/wpt/webauthn/resources/util.js:

10:23 AM Changeset in webkit [292912] by Simon Fraser

16 edits
1 copy in trunk/Source/WebKit

Use the ProcessTerminationReason enum for all the process types
https://bugs.webkit.org/show_bug.cgi?id=239372

Reviewed by Chris Dumez.

WebProcess, NetworkProcess and GPUProcess all had their own "termination reasons" enums.
Use ProcessTerminationReason for all of them (noting values that only apply to the web process).
Also provide a helper function to turn the reasons into a string.

Shared/ProcessTerminationReason.cpp: Copied from Source/WebKit/Shared/ProcessTerminationReason.h.

(WebKit::processTerminationReasonToString):

Shared/ProcessTerminationReason.h:
Sources.txt:
UIProcess/API/C/WKAPICast.h:

(WebKit::toAPI):

UIProcess/Cocoa/NavigationState.mm:

(WebKit::wkProcessTerminationReason):

UIProcess/GPU/GPUProcessProxy.cpp:

(WebKit::GPUProcessProxy::gpuProcessExited):
(WebKit::GPUProcessProxy::processIsReadyToExit):
(WebKit::GPUProcessProxy::didClose):
(WebKit::GPUProcessProxy::didFinishLaunching):
(WebKit::GPUProcessProxy::didBecomeUnresponsive):

UIProcess/GPU/GPUProcessProxy.h:
UIProcess/Network/NetworkProcessProxy.cpp:

(WebKit::NetworkProcessProxy::terminate):
(WebKit::NetworkProcessProxy::networkProcessDidTerminate):
(WebKit::NetworkProcessProxy::didClose):
(WebKit::NetworkProcessProxy::didFinishLaunching):
(WebKit::NetworkProcessProxy::didExceedMemoryLimit):

UIProcess/Network/NetworkProcessProxy.h:
UIProcess/WebPageProxy.cpp:

(WebKit::shouldReloadAfterProcessTermination):
(WebKit::WebPageProxy::gpuProcessExited):
(WebKit::processTerminationReasonToString): Deleted.

UIProcess/WebPageProxy.h:
UIProcess/WebProcessPool.cpp:

(WebKit::WebProcessPool::networkProcessDidTerminate):
(WebKit::WebProcessPool::gpuProcessExited):

UIProcess/WebProcessPool.h:
UIProcess/WebProcessProxy.cpp:

(WebKit::WebProcessProxy::gpuProcessExited):

UIProcess/WebProcessProxy.h:
WebKit.xcodeproj/project.pbxproj:

10:11 AM Changeset in webkit [292911] by Brandon

4 edits in trunk/Source/WebCore

Parent Mismatch
https://bugs.webkit.org/show_bug.cgi?id=239390

Reviewed by Simon Fraser.

The oldParent and layer->parent() may be different under certain circumstances.
To account for this, we can just use the layer->parent() and remove the use
of oldParent. This also has the benefit of simplifying the moveLayers() function.

rendering/RenderElement.cpp:

(WebCore::RenderElement::moveLayers):

rendering/RenderElement.h:
rendering/RenderLayer.cpp:

(WebCore::RenderLayer::insertOnlyThisLayer):

9:24 AM Changeset in webkit [292910] by youenn@apple.com

8 edits in trunk/Source/ThirdParty/libwebrtc

Rename libwebrtc ObjC NSString utility routines
https://bugs.webkit.org/show_bug.cgi?id=239287
<rdar://91431764>

Reviewed by Eric Carlson.

Add rtc prefix to NSString utility routines to prevent symbol collision.

Source/webrtc/sdk/objc/api/peerconnection/RTCRtpEncodingParameters.mm:

(-[RTCRtpEncodingParameters initWithNativeParameters:]):
(-[RTCRtpEncodingParameters nativeParameters]):

Source/webrtc/sdk/objc/api/peerconnection/RTCVideoCodecInfo+Private.mm:

(-[RTCVideoCodecInfo initWithNativeSdpVideoFormat:]):
(-[RTCVideoCodecInfo nativeSdpVideoFormat]):

Source/webrtc/sdk/objc/components/video_codec/RTCH264ProfileLevelId.mm:
Source/webrtc/sdk/objc/helpers/NSString+StdString.h:
Source/webrtc/sdk/objc/helpers/NSString+StdString.mm:

(-[NSString rtcStdString]):
(+[NSString rtcStdStringForString:]):
(+[NSString rtcStringForStdString:]):
(-[NSString stdString]): Deleted.
(+[NSString stdStringForString:]): Deleted.
(+[NSString stringForStdString:]): Deleted.

Source/webrtc/sdk/objc/native/src/objc_video_decoder_factory.mm:
Source/webrtc/sdk/objc/native/src/objc_video_encoder_factory.mm:

9:04 AM Changeset in webkit [292909] by Karl Rackler

2 edits in trunk/LayoutTests

[ Monterey wk2 ] WebGL conformance tests are a flaky time out
https://bugs.webkit.org/show_bug.cgi?id=239388

Unreviewed test gardening.

platform/mac-wk2/TestExpectations:

8:41 AM Changeset in webkit [292908] by Karl Rackler

2 edits in trunk/LayoutTests

[ Monterey wk2 debug ] WebGL conformance tests are a flaky time out
https://bugs.webkit.org/show_bug.cgi?id=239386

Unreviewed test gardening.

platform/mac-wk2/TestExpectations:

8:12 AM Changeset in webkit [292907] by youenn@apple.com

5 edits
1 add in trunk

Sandboxed iframe loads should match a service worker registration based on sandbox flags
https://bugs.webkit.org/show_bug.cgi?id=239379

Reviewed by Chris Dumez.

LayoutTests/imported/w3c:

web-platform-tests/service-workers/service-worker/sandboxed-iframe-fetch-event.https-expected.txt: Added.

Source/WebCore:

Coverdd by updated tests.

loader/DocumentLoader.cpp:

Sandboxed iframes have a null origin and should not be intercepted by service workers.

LayoutTests:

TestExpectations:

7:02 AM WebKitGTK/2.36.x edited by Michael Catanzaro

(diff)

6:53 AM Changeset in webkit [292906] by commit-queue@webkit.org

6 edits
17 adds in trunk/LayoutTests

Import css/css-sizing/aspect-ratio tests from WPT
https://bugs.webkit.org/show_bug.cgi?id=239378

Patch by Rob Buis <rbuis@igalia.com> on 2022-04-15
Reviewed by Tim Nguyen.

LayoutTests/imported/w3c:

Import based on SHA e0b8f9b500.

resources/resource-files.json:
web-platform-tests/css/css-sizing/aspect-ratio/flex-aspect-ratio-034-expected.xht: Added.
web-platform-tests/css/css-sizing/aspect-ratio/flex-aspect-ratio-034.html: Added.
web-platform-tests/css/css-sizing/aspect-ratio/flex-aspect-ratio-035-expected.xht: Added.
web-platform-tests/css/css-sizing/aspect-ratio/flex-aspect-ratio-035.html: Added.
web-platform-tests/css/css-sizing/aspect-ratio/flex-aspect-ratio-036-expected.xht: Added.
web-platform-tests/css/css-sizing/aspect-ratio/flex-aspect-ratio-036.html: Added.
web-platform-tests/css/css-sizing/aspect-ratio/flex-aspect-ratio-037-expected.xht: Added.
web-platform-tests/css/css-sizing/aspect-ratio/flex-aspect-ratio-037.html: Added.
web-platform-tests/css/css-sizing/aspect-ratio/flex-aspect-ratio-038-expected.xht: Added.
web-platform-tests/css/css-sizing/aspect-ratio/flex-aspect-ratio-038.html: Added.
web-platform-tests/css/css-sizing/aspect-ratio/fractional-aspect-ratio-expected.txt: Added.
web-platform-tests/css/css-sizing/aspect-ratio/fractional-aspect-ratio.html: Added.
web-platform-tests/css/css-sizing/aspect-ratio/intrinsic-size-011.html:
web-platform-tests/css/css-sizing/aspect-ratio/large-aspect-ratio-crash.html: Added.
web-platform-tests/css/css-sizing/aspect-ratio/replaced-element-035-expected.html: Added.
web-platform-tests/css/css-sizing/aspect-ratio/replaced-element-035-ref.html: Added.
web-platform-tests/css/css-sizing/aspect-ratio/replaced-element-035.html: Added.
web-platform-tests/css/css-sizing/aspect-ratio/select-element-001-ref.html: Added.
web-platform-tests/css/css-sizing/aspect-ratio/w3c-import.log:

LayoutTests:

TestExpectations:

6:15 AM Changeset in webkit [292905] by youenn@apple.com

26 edits
4 adds in trunk

ServiceWorker.postMessage() doesn't work from inside iframe
https://bugs.webkit.org/show_bug.cgi?id=213984
<rdar://problem/65203340>

Reviewed by Chris Dumez.

LayoutTests/imported/w3c:

web-platform-tests/service-workers/service-worker/about-blank-replacement.https-expected.txt:
web-platform-tests/service-workers/service-worker/client-url-of-blob-url-worker.https-expected.txt:
web-platform-tests/service-workers/service-worker/clients-matchall-blob-url-worker.https-expected.txt:

Source/WebCore:

postMessage was not working as we do not postMessage to a service worker if the source is not registered.
We now register service worker clients more aggresively and pass the client origin to better handle blob and about:blank clients.
We also add support for registering/unregistering worker clients when they get suspended/resumed.
To make sure a worker client is removed in failure case, WorkerScriptLoader is unregistering the service worker client if
the service worker data was not taken by its Worker.

Test: http/wpt/service-workers/about-blank-iframe.html

dom/Document.cpp:
loader/DocumentLoader.cpp:
workers/DedicatedWorkerThread.cpp:
workers/WorkerGlobalScope.cpp:
workers/WorkerGlobalScope.h:
workers/WorkerScriptLoader.cpp:
workers/service/SWClientConnection.h:
workers/service/WorkerSWClientConnection.cpp:
workers/service/WorkerSWClientConnection.h:

Source/WebKit:

Pass the full ClientOrigin when registering a service worker client.
Filter out clients that cannot be matched:

non HTTP/blob/about:blank clients
sandboxed HTTP clients

NetworkProcess/ServiceWorker/WebSWServerConnection.cpp:
NetworkProcess/ServiceWorker/WebSWServerConnection.h:
NetworkProcess/ServiceWorker/WebSWServerConnection.messages.in:
WebProcess/Storage/WebSWClientConnection.cpp:
WebProcess/Storage/WebSWClientConnection.h:

LayoutTests:

http/wpt/service-workers/about-blank-iframe-expected.txt: Added.
http/wpt/service-workers/about-blank-iframe-worker.js: Added.
http/wpt/service-workers/about-blank-iframe.html: Added.
http/tests/workers/service/client-added-to-clients-when-restored-from-page-cache.html:
http/tests/workers/service/client-removed-from-clients-while-in-page-cache-expected.txt:
http/tests/workers/service/client-removed-from-clients-while-in-page-cache.html:
http/tests/workers/service/other_resources/test.html:
http/tests/workers/service/resources/getClientIds-worker.js:

4:41 AM Changeset in webkit [292904] by Claudio Saavedra

6 edits in trunk

[GTK] Default initialize GTK-specific print info in WebKit::PrintInfo
https://bugs.webkit.org/show_bug.cgi?id=196542

Reviewed by Adrian Perez de Castro.

Source/WebKit:

printInfoFromWKPrintInfo() will not initialize GTK-specific bits,
leading to problems down the road with IPC encoders, so add default values.

Shared/PrintInfo.h:

LayoutTests:

LayoutTests/platform/gtk/TestExpectations: Remove now passing tests
platform/gtk/editing/execCommand/print-expected.png: Update expectations
platform/gtk/editing/execCommand/print-expected.txt:

2:53 AM Changeset in webkit [292903] by zan@falconsigh.net

4 edits in trunk/Source

[GTK][WPE] Remove exclusive build guards around GPU process preferences, code
https://bugs.webkit.org/show_bug.cgi?id=239331

Reviewed by Philippe Normand.

Source/WebKit:

WebProcess/WebCoreSupport/WebChromeClient.cpp:

(WebKit::WebChromeClient::createGraphicsContextGL const):
Remove restrictive guards around the check for remote-WebGL execution,
only remaining guard being ENABLE(GPU_PROCESS).

Source/WTF:

Scripts/Preferences/WebPreferencesExperimental.yaml:

Make the UseGPUProcessForWebGLEnabled option also usable for the GTK and
WPE ports.

2:37 AM Changeset in webkit [292902] by graouts@webkit.org

23 edits
2 adds in trunk

[model] ASVInlinePreview objects don't get cleared when the model source changes
https://bugs.webkit.org/show_bug.cgi?id=239064
<rdar://problem/90391037>

Reviewed by Dean Jackson.

Source/WebCore:

Expose two new window.internals methods for tests to be able to query the list of UUIDs
currently loaded in the UI process and get the UUID for a given <model> element.

Test: model-element/model-element-inline-preview-deletion-upon-source-change.html

Modules/model-element/HTMLModelElement.cpp:

(WebCore::HTMLModelElement::inlinePreviewUUIDForTesting const):

Modules/model-element/HTMLModelElement.h:
Modules/model-element/HTMLModelElement.idl:
Modules/model-element/ModelPlayer.cpp:

(WebCore::ModelPlayer::inlinePreviewUUIDForTesting const):

Modules/model-element/ModelPlayer.h:
loader/FrameLoaderClient.h:
testing/Internals.cpp:

(WebCore::Internals::modelInlinePreviewUUIDs const):
(WebCore::Internals::modelInlinePreviewUUIDForModelElement const):

testing/Internals.h:
testing/Internals.idl:

Source/WebKit:

We add a new ModelElementDestroyRemotePreview message going from the Web process to the
UI process to notify that an ASVInlinePreview with a given UUID should be cleared. This
message is sent via ~ARKitInlinePreviewModelPlayerMac since any unused resource will
trigger the destruction of such objects.

For testing purposes, we also add a new ModelInlinePreviewUUIDs message going from the
Web process to the UI process to retreive the list of UUIDs for the ASVInlinePreview
objects currently loaded in the UI process. This will allow tests to check whether
the UUID for a given <model> element is correctly removed from the UI process.

UIProcess/Cocoa/ModelElementControllerCocoa.mm:

(WebKit::ModelElementController::modelElementDestroyRemotePreview):
(WebKit::ModelElementController::inlinePreviewUUIDs):

UIProcess/ModelElementController.h:
UIProcess/WebPageProxy.cpp:

(WebKit::WebPageProxy::modelElementDestroyRemotePreview):
(WebKit::WebPageProxy::modelInlinePreviewUUIDs):

UIProcess/WebPageProxy.h:
UIProcess/WebPageProxy.messages.in:
WebProcess/Model/mac/ARKitInlinePreviewModelPlayerMac.h:
WebProcess/Model/mac/ARKitInlinePreviewModelPlayerMac.mm:

(WebKit::ARKitInlinePreviewModelPlayerMac::~ARKitInlinePreviewModelPlayerMac):
(WebKit::ARKitInlinePreviewModelPlayerMac::inlinePreviewUUIDForTesting const):

WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:

(WebKit::WebFrameLoaderClient::modelInlinePreviewUUIDs const):

WebProcess/WebCoreSupport/WebFrameLoaderClient.h:

LayoutTests:

Add a new test which loads a <model> element with a valid resource, checks its UUID against
those loaded in the UI process, and then removes the <model> source to check that same UUID
is not longer loaded.

This test is currently disabled on OpenSource bots.

model-element/model-element-inline-preview-deletion-upon-source-change-expected.txt: Added.
model-element/model-element-inline-preview-deletion-upon-source-change.html: Added.
platform/ios/TestExpectations:
platform/mac/TestExpectations:

Note: See TracTimeline for information about the timeline view.

Download in other formats:

RSS Feed