WebKit-https.git
16 months agoRemove InitWebCoreThreadSystemInterface() in WKProcessPool _initWithConfiguration
sihui_liu@apple.com [Mon, 2 Jul 2018 20:50:17 +0000 (20:50 +0000)]
Remove InitWebCoreThreadSystemInterface() in WKProcessPool _initWithConfiguration
https://bugs.webkit.org/show_bug.cgi?id=187252

Reviewed by Dan Bernstein.

Clean up after <rdar://problem/15256572>.

* UIProcess/API/Cocoa/WKProcessGroup.mm:
(-[WKProcessGroup initWithInjectedBundleURL:]):
* UIProcess/API/Cocoa/WKProcessPool.mm:
(-[WKProcessPool _initWithConfiguration:]):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233431 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoCrash in WebCore::WebAnimation::timeToNextRequiredTick when running imported/w3c...
graouts@webkit.org [Mon, 2 Jul 2018 20:46:14 +0000 (20:46 +0000)]
Crash in WebCore::WebAnimation::timeToNextRequiredTick when running imported/w3c/web-platform-tests/web-animations/interfaces/Animatable/animate-no-browsing-context.html
https://bugs.webkit.org/show_bug.cgi?id=187145

Reviewed by Dean Jackson.

Ensure we have a resolved time value before trying to use it.

* animation/WebAnimation.cpp:
(WebCore::WebAnimation::timeToNextRequiredTick const):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233430 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[Web Animations] Crash in KeyframeEffectReadOnly::applyPendingAcceleratedActions()
graouts@webkit.org [Mon, 2 Jul 2018 20:45:29 +0000 (20:45 +0000)]
[Web Animations] Crash in KeyframeEffectReadOnly::applyPendingAcceleratedActions()
https://bugs.webkit.org/show_bug.cgi?id=187139

Reviewed by Dean Jackson.

Ensure we have a resolved time value before trying to use it.

* animation/KeyframeEffectReadOnly.cpp:
(WebCore::KeyframeEffectReadOnly::applyPendingAcceleratedActions):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233429 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[WPE][GTK] flatpakutils.py should respect set-webkit-configuration build type
mcatanzaro@igalia.com [Mon, 2 Jul 2018 19:02:18 +0000 (19:02 +0000)]
[WPE][GTK] flatpakutils.py should respect set-webkit-configuration build type
https://bugs.webkit.org/show_bug.cgi?id=187218

Reviewed by Philippe Normand.

Using the webkitpy Config module, if the build type is not passed on the command line, we
read it from WebKitBuild/Configuration and respect it.

* flatpak/flatpakutils.py:
(WebkitFlatpak.__init__):
(WebkitFlatpak.clean_args):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233428 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoInstanceOf IC should do generic if the prototype is not an object.
keith_miller@apple.com [Mon, 2 Jul 2018 18:04:54 +0000 (18:04 +0000)]
InstanceOf IC should do generic if the prototype is not an object.
https://bugs.webkit.org/show_bug.cgi?id=187250

Reviewed by Mark Lam.

JSTests:

* stress/instanceof-non-object-prototype.js: Added.
(let):
(test):
(i.catch):

Source/JavaScriptCore:

The old code was wrong for two reasons. First, the AccessCase expected that
the prototype value would be non-null. Second, we would end up returning
false instead of throwing an exception.

* jit/Repatch.cpp:
(JSC::tryCacheInstanceOf):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233427 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoBuiltins and host functions should get their own structures.
mark.lam@apple.com [Mon, 2 Jul 2018 17:51:21 +0000 (17:51 +0000)]
Builtins and host functions should get their own structures.
https://bugs.webkit.org/show_bug.cgi?id=187211
<rdar://problem/41646336>

Reviewed by Saam Barati.

JSTests:

* stress/regress-187211.js: Added.

Source/JavaScriptCore:

JSFunctions do lazy reification of properties, but ordinary functions applies
different rules of property reification than builtin and host functions.  Hence,
we should give builtins and host functions their own structures.

* runtime/JSFunction.cpp:
(JSC::JSFunction::selectStructureForNewFuncExp):
(JSC::JSFunction::create):
(JSC::JSFunction::getOwnPropertySlot):
* runtime/JSGlobalObject.cpp:
(JSC::JSGlobalObject::init):
(JSC::JSGlobalObject::visitChildren):
* runtime/JSGlobalObject.h:
(JSC::JSGlobalObject::hostFunctionStructure const):
(JSC::JSGlobalObject::arrowFunctionStructure const):
(JSC::JSGlobalObject::sloppyFunctionStructure const):
(JSC::JSGlobalObject::strictFunctionStructure const):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233426 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoReject getUserMedia promise if capture fails
youenn@apple.com [Mon, 2 Jul 2018 17:29:03 +0000 (17:29 +0000)]
Reject getUserMedia promise if capture fails
https://bugs.webkit.org/show_bug.cgi?id=187190

Reviewed by Eric Carlson.

In case PendingActivationMediaStream is notified of a change,
Check whether any track failed to capture.
If so, reject the promise.
Add more release logging in error case.

Covered by manual testing.

* Modules/mediastream/UserMediaRequest.cpp:
(WebCore::UserMediaRequest::PendingActivationMediaStream::~PendingActivationMediaStream):
(WebCore::UserMediaRequest::PendingActivationMediaStream::characteristicsChanged):
(WebCore::UserMediaRequest::mediaStreamIsReady):
(WebCore::UserMediaRequest::mediaStreamDidFail):
* Modules/mediastream/UserMediaRequest.h:
* platform/mediastream/MediaStreamPrivate.h:
* platform/mediastream/RealtimeMediaSource.cpp:
(WebCore::RealtimeMediaSource::captureFailed):
* platform/mediastream/mac/AVVideoCaptureSource.mm:
(WebCore::AVVideoCaptureSource::setupCaptureSession):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233425 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[GTK] [l10n] Updated Ukrainian translation of WebKitGTK+
commit-queue@webkit.org [Mon, 2 Jul 2018 17:16:38 +0000 (17:16 +0000)]
[GTK] [l10n] Updated Ukrainian translation of WebKitGTK+
https://bugs.webkit.org/show_bug.cgi?id=187231

Patch by Yuri Chornoivan <yurchor@ukr.net> on 2018-07-02
Rubber-stamped by Michael Catanzaro.

* uk.po:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233424 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoREGRESSION(r233381): Double WebResourceLoadStatisticsStore destructor invocation
zandobersek@gmail.com [Mon, 2 Jul 2018 15:27:28 +0000 (15:27 +0000)]
REGRESSION(r233381): Double WebResourceLoadStatisticsStore destructor invocation
https://bugs.webkit.org/show_bug.cgi?id=187247

Reviewed by Chris Dumez.

* UIProcess/WebResourceLoadStatisticsStore.cpp:
(WebKit::WebResourceLoadStatisticsStore::flushAndDestroyPersistentStore):
Don't call postTask() to dispatch this task, as that keeps a reference
to this WebResourceLoadStatisticsStore object and thus causes problems
when invoked from the destructor in the form of a second destructor
invocation that ends up crashing the process. Blocking nature of this
call should be enough to avoid WebResourceLoadStatisticsStore lifetime
issues.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233423 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoDelete display link when closing page or the WebContent process has crashed.
pvollan@apple.com [Mon, 2 Jul 2018 14:35:16 +0000 (14:35 +0000)]
Delete display link when closing page or the WebContent process has crashed.
https://bugs.webkit.org/show_bug.cgi?id=186895

Reviewed by Brent Fulgham.

If there is a running display link in the UI process, there is no need to keep it around if the
page is being closed or the WebContent process has crashed.

* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::close):
(WebKit::WebPageProxy::resetStateAfterProcessExited):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233422 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[WPE] Add touch support to WindowViewBackend
zandobersek@gmail.com [Mon, 2 Jul 2018 11:51:40 +0000 (11:51 +0000)]
[WPE] Add touch support to WindowViewBackend
https://bugs.webkit.org/show_bug.cgi?id=187245

Reviewed by Carlos Garcia Campos.

Add touch input support to the WindowViewBackend implementation,
plugging into the Wayland protocol in order to get properly notified
about these events, and then dispatching them against the appropriate
wpe_view_backend object so that WebKit can process them.

* wpe/backends/ViewBackend.cpp:
(WPEToolingBackends::ViewBackend::dispatchInputTouchEvent):
* wpe/backends/ViewBackend.h:
* wpe/backends/WindowViewBackend.cpp:
* wpe/backends/WindowViewBackend.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233421 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[Linux] Fix memory leak in WTF::forEachLine()
aboya@igalia.com [Mon, 2 Jul 2018 11:41:30 +0000 (11:41 +0000)]
[Linux] Fix memory leak in WTF::forEachLine()
https://bugs.webkit.org/show_bug.cgi?id=187174

Reviewed by Žan Doberšek.

* wtf/linux/MemoryFootprintLinux.cpp:
(WTF::forEachLine):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233420 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoUnreviewed WPE gardening.
zandobersek@gmail.com [Mon, 2 Jul 2018 11:30:52 +0000 (11:30 +0000)]
Unreviewed WPE gardening.

Adjust or add a few test expectations. Remove a bad text baseline for
one W3C Fetch test, add a proper text baseline for another.

* platform/wpe/TestExpectations:
* platform/wpe/imported/w3c/web-platform-tests/fetch/api/headers: Added.
* platform/wpe/imported/w3c/web-platform-tests/fetch/api/headers/header-values-expected.txt: Added.
* platform/wpe/imported/w3c/web-platform-tests/fetch/security: Removed.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233419 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoWTF's internal std::optional implementation should abort() on bad optional access
fred.wang@free.fr [Mon, 2 Jul 2018 10:12:57 +0000 (10:12 +0000)]
WTF's internal std::optional implementation should abort() on bad optional access
https://bugs.webkit.org/show_bug.cgi?id=186536

Unreviewed test gardening.

Patch by Frederic Wang <fwang@igalia.com> on 2018-07-02

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233418 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoWTF's internal std::optional implementation should abort() on bad optional access
commit-queue@webkit.org [Mon, 2 Jul 2018 07:56:47 +0000 (07:56 +0000)]
WTF's internal std::optional implementation should abort() on bad optional access
https://bugs.webkit.org/show_bug.cgi?id=186536

Patch by Frederic Wang <fwang@igalia.com> on 2018-07-02
Reviewed by Michael Catanzaro.

Source/WTF:

Currently, some ports built with recent compilers will cause the program to abort when one
tries to access the value of an unset std:optional (i.e. std::nullopt) as specified by C++17.
However, most ports still use WTF's internal std::optional implementation, which does not
verify illegal access. Hence it's not possible for developers working on these ports to
detect issues like bugs #186189, #186535, #186752, #186753, #187139, #187145 or #187243.
WTF's version of std::optional was introduced in bug #164199 but it was not possible to
verify the availability of the value inside constexpr member functions because the assert
might involve asm declarations. This commit introduces a new
RELEASE_ASSERT_UNDER_CONSTEXPR_CONTEXT macro (a simplified version of RELEASE_ASSERT that can
be used in constexpr context) and uses it in WTF's implementation of std::optional.

* wtf/Assertions.h: Define RELEASE_ASSERT_UNDER_CONSTEXPR_CONTEXT as a version of
RELEASE_ASSERT that can be used in constexpr context (in particular avoids asm declarations).
* wtf/Optional.h:
(std::optional::operator ->): Add an assert to ensure the optional value is available.
(std::optional::operator *): Ditto.
(std::optional::value const): Ditto.
(std::optional::value): Ditto.
(std::optional<T::value const): Ditto.

LayoutTests:

* TestExpectations: Mark two tests as crashing (bug #187145 and bug #187243).

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233417 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[GTK] ASSERTION FAILED: url == m_string in UserAgentQuirks test
commit-queue@webkit.org [Mon, 2 Jul 2018 07:49:28 +0000 (07:49 +0000)]
[GTK] ASSERTION FAILED: url == m_string in UserAgentQuirks test
https://bugs.webkit.org/show_bug.cgi?id=186838

This URL constructor expects canonicalized input, so fix the passed URL. I missed
this one some weeks ago since I had an older checkout.

Patch by Rob Buis <rbuis@igalia.com> on 2018-07-02
Reviewed by Michael Catanzaro.

* TestWebKitAPI/Tests/WebCore/UserAgentQuirks.cpp:
(TestWebKitAPI::TEST):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233416 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[WTF] RandomDevice should be initialized inside std::call_once
utatane.tea@gmail.com [Mon, 2 Jul 2018 04:24:33 +0000 (04:24 +0000)]
[WTF] RandomDevice should be initialized inside std::call_once
https://bugs.webkit.org/show_bug.cgi?id=186017

Reviewed by Darin Adler.

While Linux ports uses mutex-guarded static variables, Mac ports do not.
So we should guard static variables' initialization by using std::call_once.
This patch does it for RandomDevice.

* wtf/OSRandomSource.cpp:
(WTF::cryptographicallyRandomValuesFromOS):
* wtf/RandomDevice.h: Small fix for OS(FUCHSIA).

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233415 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[WK2] fast/parser/document-open-in-unload.html makes the following test crash
Hironori.Fujii@sony.com [Mon, 2 Jul 2018 01:52:14 +0000 (01:52 +0000)]
[WK2] fast/parser/document-open-in-unload.html makes the following test crash
https://bugs.webkit.org/show_bug.cgi?id=98345
<rdar://problem/12474923>

Reviewed by Ryosuke Niwa.

Source/WebCore:

m_documentLoader can become null in the middle of
FrameLoader::commitProvisionalLoad by stopping the loading.

No new tests (Covered by existing tests).

* loader/FrameLoader.cpp:
(WebCore::FrameLoader::commitProvisionalLoad): Do null check of m_documentLoader.

LayoutTests:

* platform/wk2/TestExpectations: Unskipped fast/parser/document-open-in-unload.html.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233414 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[Cocoa] LastResort in the font family list causes emoji with joiners to be rendered...
mmaxfield@apple.com [Mon, 2 Jul 2018 01:36:43 +0000 (01:36 +0000)]
[Cocoa] LastResort in the font family list causes emoji with joiners to be rendered as multiple .notdef characters
https://bugs.webkit.org/show_bug.cgi?id=187209
<rdar://problem/40920785>

Reviewed by Darin Adler.

Source/WebCore:

Inside our complex text codepath, we perform our own font fallback, which
includes a function that asks "can this font support this grapheme cluster?"
Because of the mechanics of how fonts work, the implementation of this
function is "Does the font's cmap table support every character of the
cluster?" We were using Font::glyphForCharacter() to determine this; however,
this function maps certain control characters to the zero width space
character (with the intention that these control characters shouldn't be
visible in the fast text codepath). That replacement, however, was causing
us to get false negatives, because Apple Color Emoji doesn't support zero
width space. Therefore, Apple Color Emoji was looking like it didn't support
emoji combining sequences.

The best solution to this would be to get Font::glyphForCharacter() to stop
performing these replacements (see https://bugs.webkit.org/show_bug.cgi?id=187166).
However, that is too risky of a change to be making right now. Instead,
a more localized solution is to implement a version of "Does the font's cmap
table support every character of the cluster" that doesn't perform the
substitutions. This patch does exactly that, and uses a bit vector to cache
the results. In order to not have a giant bit vector, we take the old code
path if we know the substitutions won't affect us (and uses ASSERT()s to
validate this) so the bit vector only holds at maximum 3 words of storage.

Test: fast/text/emoji-with-joiner.html

* platform/graphics/Font.cpp:
(WebCore::codePointSupportIndex):
(WebCore::createAndFillGlyphPage):
(WebCore::Font::platformSupportsCodePoint const):
(WebCore::Font::supportsCodePoint const):
(WebCore::Font::canRenderCombiningCharacterSequence const):
* platform/graphics/Font.h:
* platform/graphics/cocoa/FontCocoa.mm:
(WebCore::Font::platformSupportsCodePoint const):

Source/WTF:

* wtf/unicode/CharacterNames.h:

LayoutTests:

* fast/text/emoji-with-joiner-expected.txt: Added.
* fast/text/emoji-with-joiner.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233413 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[macOS] Text replacements that end with symbols are expanded immediately
wenson_hsieh@apple.com [Mon, 2 Jul 2018 00:47:47 +0000 (00:47 +0000)]
[macOS] Text replacements that end with symbols are expanded immediately
https://bugs.webkit.org/show_bug.cgi?id=187225
<rdar://problem/41112433>

Reviewed by Darin Adler.

Source/WebCore:

In shipping Safari, enabling grammar correction causes text shortcuts that end with symbols or punctuation marks
to immediately trigger when typing; normally, when grammar correction is off, this is only triggered after the
user has additionally inserted a punctuation mark or whitespace character after the replaced text.

This bug happens because enabling grammar checking causes the spell checking range to expand to the range of the
full sentence, so any text checking results that replace an existing range are triggered as long as they end
anywhere in the sentence. In contrast, when grammar checking is disabled, the spell checking range is limited to
the nearest adjacent word, which prevents text replacement from occurring elsewhere in the sentence.

However, after r232530, we now always expand the spell checking range to the extent of the sentence when a word
is typed regardless of whether grammar checking is enabled, which means that the issue described above now
happens everywhere. To fix this recent regression and the existing bug, we:

-   Augment our spellchecking codepaths to include a new automatic text replacement range, alongside
    spellchecking and paragraph ranges.
-   Let this automatic text replacement range be the range of the adjacent word in the case where the user has
    finished typing a word.
-   When marking and replacing text checking results, consult this new automatic text replacement instead of the
    spellchecking range.

This keeps the behavior grammar and sentence retro correction results intact, while limiting the scope in which
text replacement results are applied.

Test: editing/spelling/text-replacement-after-typing-to-word.html

* editing/AlternativeTextController.cpp:
(WebCore::AlternativeTextController::timerFired):
* editing/Editor.cpp:
(WebCore::Editor::replaceSelectionWithFragment):
(WebCore::Editor::markMisspellingsAfterTypingToWord):

Pass in the adjacent word range for the `automaticReplacementRange`, instead of the spell checking range (which
may be extended to the full range of the sentence).

(WebCore::Editor::markAllMisspellingsAndBadGrammarInRanges):

Add an `automaticReplacementRange` argument to markAllMisspellingsAndBadGrammarInRanges, and adjust call sites
to pass in a range (generally the same as the spell checking range, but in the case where a word has been typed,
this is a narrower range).

(WebCore::correctSpellcheckingPreservingTextCheckingParagraph):
(WebCore::Editor::markAndReplaceFor):

When replacing text, only allow text replacement in the automatic replacement range rather than the spell
checking range.

(WebCore::Editor::markMisspellingsAndBadGrammar):
* editing/Editor.h:
* editing/SpellChecker.cpp:
(WebCore::SpellCheckRequest::SpellCheckRequest):

Add a new version of this constructor that takes a single Range representing both the spellchecking range and
the automatic text replacement range, for convenience.

(WebCore::SpellCheckRequest::create):
* editing/SpellChecker.h:

Add plumbing for the automatic replacement range.

(WebCore::SpellCheckRequest::automaticReplacementRange const):
* editing/TextCheckingHelper.cpp:

Add plumbing for the automatic replacement range, and new helpers to locate the range as offsets within the
text checking paragraph range.

(WebCore::TextCheckingParagraph::TextCheckingParagraph):
(WebCore::TextCheckingParagraph::invalidateParagraphRangeValues):
(WebCore::TextCheckingParagraph::automaticReplacementStart const):
(WebCore::TextCheckingParagraph::automaticReplacementLength const):
* editing/TextCheckingHelper.h:

Tools:

Adds testing support for mocking NSSpellChecker's text checking results. See below for more details, and the new
layout test for an example of its usage.

* DumpRenderTree/DumpRenderTree.xcodeproj/project.pbxproj:
* DumpRenderTree/TestRunner.cpp:
(setSpellCheckerTextReplacementsCallback):

Add bindings support in TestRunner to specify a set of text replacement mappings. Each entry in the dictionary
maps a string representing an input to the NSSpellChecker to some information describing the spell checking
result that LayoutTestSpellChecker will return.

(TestRunner::staticFunctions):
* DumpRenderTree/TestRunner.h:
* DumpRenderTree/mac/DumpRenderTree.mm:
(resetWebViewToConsistentStateBeforeTesting):

Restore the original shared NSSpellchecker before transitioning to the next layout test, if needed.

* DumpRenderTree/mac/DumpRenderTreeSpellChecker.mm: Removed.
* DumpRenderTree/mac/TestRunnerMac.mm:
(TestRunner::setSpellCheckerLoggingEnabled):
(TestRunner::setSpellCheckerTextReplacements):

These testRunner methods ensure that `-[NSSpellChecker sharedSpellChecker]` is swizzled to return our mock
LayoutTestSpellChecker instance before calling into it.

* DumpRenderTree/win/TestRunnerWin.cpp:
(TestRunner::setSpellCheckerTextReplacements):
* TestRunnerShared/cocoa/LayoutTestSpellChecker.h: Renamed from Tools/DumpRenderTree/mac/DumpRenderTreeSpellChecker.h.
* TestRunnerShared/cocoa/LayoutTestSpellChecker.mm: Added.

Moved DumpRenderTreeSpellChecker to LayoutTestSpellChecker, and made it compile for both WebKitTestRunner
(modern WebKit) and DumpRenderTree (legacy WebKit) by putting it in TestRunnerShared.

(existingGlobalLayoutTestSpellChecker):
(ensureGlobalLayoutTestSpellChecker):
(stringForCorrectionResponse):
(nsTextCheckingType):
(-[LayoutTestTextCheckingResult initWithType:range:replacement:]):
(-[LayoutTestTextCheckingResult range]):
(-[LayoutTestTextCheckingResult resultType]):
(-[LayoutTestTextCheckingResult replacementString]):
(-[LayoutTestTextCheckingResult description]):

LayoutTestTextCheckingResult represents a fake NSTextCheckingResult containing spell checking results supplied
by the layout test.

(+[LayoutTestSpellChecker installIfNecessary]):
(+[LayoutTestSpellChecker uninstallAndReset]):

Helper methods to begin and end swizzling the shared NSSpellChecker.

(-[LayoutTestSpellChecker reset]):

Resets the state of the LayoutTestSpellChecker (this entails clearing the fake replacements dictionary and
turning off logging for recorded spellchecking responses).

(-[LayoutTestSpellChecker replacements]):
(-[LayoutTestSpellChecker setReplacements:]):
(-[LayoutTestSpellChecker setReplacementsFromJSObject:inContext:]):

Helper method to take a `JSObjectRef` supplied by the test runner and transform it into a map of spell checking
string inputs to LayoutTestTextCheckingResults.

(-[LayoutTestSpellChecker checkString:range:types:options:inSpellDocumentWithTag:orthography:wordCount:]):

Consult the text replacement map and bail early if a match is found, before calling into real NSSpellChecker
logic to perform spellchecking.

(-[LayoutTestSpellChecker recordResponse:toCorrection:forWord:language:inSpellDocumentWithTag:]):

Reimplement the original functionality in DumpRenderTreeSpellChecker to make `-recordResponse:…` print to stdout
by overriding the method and printing if the `-spellCheckerLoggingEnabled` property has been set to YES.

* WebKitTestRunner/WebKitTestRunner.xcodeproj/project.pbxproj:

LayoutTests:

Adds a layout test to check that if a user has configured a text replacement that ends with punctuation, then:
1. Typing that text replacement won't immediately trigger replacement.
2. Text replacement is triggered after pressing enter.

* editing/spelling/text-replacement-after-typing-to-word-expected.txt: Added.
* editing/spelling/text-replacement-after-typing-to-word.html: Added.
* platform/ios/TestExpectations:
* platform/mac-wk2/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233412 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[WPE][GTK] Fix retrieving backtrace from within flatpak sandbox in test runner
commit-queue@webkit.org [Sun, 1 Jul 2018 23:51:40 +0000 (23:51 +0000)]
[WPE][GTK] Fix retrieving backtrace from within flatpak sandbox in test runner
https://bugs.webkit.org/show_bug.cgi?id=187232

Patch by Thibault Saunier <tsaunier@igalia.com> on 2018-07-01
Reviewed by Michael Catanzaro.

The place where host tmp folder is mounted changed to /run/host/ we
need to take that into account.

Also explicitely close temporary files as relying on garbage collection to
remove them is a bad idea.

Also minor optimization avoiding to compile regex for each backtrace
retrieval.

* Scripts/webkitpy/port/linux_get_crash_log.py:
(GDBCrashLogGenerator):
(GDBCrashLogGenerator._get_tmp_file_name):
(GDBCrashLogGenerator._get_trace_from_systemd):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233411 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoJavaScriptCore: Fix clang static analyzer warnings: Assigned value is garbage or...
ddkilzer@apple.com [Sun, 1 Jul 2018 22:38:04 +0000 (22:38 +0000)]
JavaScriptCore: Fix clang static analyzer warnings: Assigned value is garbage or undefined
<https://webkit.org/b/187233>

Reviewed by Mark Lam.

* b3/air/AirEliminateDeadCode.cpp:
(JSC::B3::Air::eliminateDeadCode): Initialize `changed`.
* parser/ParserTokens.h:
(JSC::JSTextPosition::JSTextPosition): Add struct member
initialization. Simplify default constructor.
(JSC::JSTokenLocation::JSTokenData): Move largest struct in the
union to the beginning to make it easy to zero out all fields.
(JSC::JSTokenLocation::JSTokenLocation): Add struct member
initialization.  Simplify default constructor.  Note that
`endOffset` was not being initialized previously.
(JSC::JSTextPosition::JSToken): Add struct member initialization
where necessary.
* runtime/IntlObject.cpp:
(JSC::MatcherResult): Add struct member initialization.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233410 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[Cocoa] Improve ARC compatibility of more code in JavaScriptCore
darin@apple.com [Sun, 1 Jul 2018 18:23:52 +0000 (18:23 +0000)]
[Cocoa] Improve ARC compatibility of more code in JavaScriptCore
https://bugs.webkit.org/show_bug.cgi?id=186973

Reviewed by Dan Bernstein.

Source/JavaScriptCore:

* API/JSContext.mm:
(WeakContextRef::WeakContextRef): Deleted.
(WeakContextRef::~WeakContextRef): Deleted.
(WeakContextRef::get): Deleted.
(WeakContextRef::set): Deleted.

* API/JSContextInternal.h: Removed unneeded header guards since this is
an Objective-C++ header. Removed unused WeakContextRef class. Removed declaration
of method -[JSContext initWithGlobalContextRef:] and JSContext property wrapperMap
since neither is used outside the class implementation.

* API/JSManagedValue.mm:
(-[JSManagedValue initWithValue:]): Use a bridging cast.
(-[JSManagedValue dealloc]): Ditto.
(-[JSManagedValue didAddOwner:]): Ditto.
(-[JSManagedValue didRemoveOwner:]): Ditto.
(JSManagedValueHandleOwner::isReachableFromOpaqueRoots): Ditto.
(JSManagedValueHandleOwner::finalize): Ditto.
* API/JSValue.mm:
(+[JSValue valueWithNewRegularExpressionFromPattern:flags:inContext:]): Ditto.
(+[JSValue valueWithNewErrorFromMessage:inContext:]): Ditto.
(-[JSValue valueForProperty:]): Ditto.
(-[JSValue setValue:forProperty:]): Ditto.
(-[JSValue deleteProperty:]): Ditto.
(-[JSValue hasProperty:]): Ditto.
(-[JSValue invokeMethod:withArguments:]): Ditto.
(valueToObjectWithoutCopy): Ditto. Also removed unneeded explicit type names.
(valueToArray): Ditto.
(valueToDictionary): Ditto.
(objectToValueWithoutCopy): Ditto.
(objectToValue): Ditto.
* API/JSVirtualMachine.mm:
(+[JSVMWrapperCache addWrapper:forJSContextGroupRef:]): Ditto.
(+[JSVMWrapperCache wrapperForJSContextGroupRef:]): Ditto.
(-[JSVirtualMachine isOldExternalObject:]): Ditto.
(-[JSVirtualMachine addManagedReference:withOwner:]): Ditto.
(-[JSVirtualMachine removeManagedReference:withOwner:]): Ditto.
(-[JSVirtualMachine contextForGlobalContextRef:]): Ditto.
(-[JSVirtualMachine addContext:forGlobalContextRef:]): Ditto.
(scanExternalObjectGraph): Ditto.
(scanExternalRememberedSet): Ditto.
* API/JSWrapperMap.mm:
(makeWrapper): Ditto.
(-[JSObjCClassInfo wrapperForObject:inContext:]): Ditto.
(-[JSWrapperMap objcWrapperForJSValueRef:inContext:]): Ditto.
(tryUnwrapObjcObject): Ditto.
* API/ObjCCallbackFunction.mm:
(blockSignatureContainsClass): Ditto.
(objCCallbackFunctionForMethod): Switched from retain to CFRetain, but not
sure we will be keeping this the same way under ARC.
(objCCallbackFunctionForBlock): Use a bridging cast.

* API/ObjcRuntimeExtras.h:
(protocolImplementsProtocol): Use a more specific type that includes the
explicit __unsafe_unretained for copied protocol lists.
(forEachProtocolImplementingProtocol): Ditto.

* inspector/remote/cocoa/RemoteInspectorCocoa.mm:
(Inspector::convertNSNullToNil): Added to replace the CONVERT_NSNULL_TO_NIL macro.
(Inspector::RemoteInspector::receivedSetupMessage): Use convertNSNullToNil.

* inspector/remote/cocoa/RemoteInspectorXPCConnection.mm: Moved the
CFXPCBridge SPI to a header named CFXPCBridgeSPI.h.
(auditTokenHasEntitlement): Deleted. Moved to Entitlements.h/cpp in WTF.
(Inspector::RemoteInspectorXPCConnection::handleEvent): Use WTF::hasEntitlement.
(Inspector::RemoteInspectorXPCConnection::sendMessage): Use a bridging cast.

Source/WebKit:

* Shared/EntryPointUtilities/mac/XPCService/XPCServiceEntryPoint.mm:
(WebKit::XPCServiceInitializerDelegate::hasEntitlement): Use WTF::hasEntitlement.

* Shared/mac/SandboxUtilities.h: Removed connectedProcessHasEntitlement since
we can now use WTF::hasEntitlement instead.
* Shared/mac/SandboxUtilities.mm: Ditto.

* StorageProcess/ios/StorageProcessIOS.mm:
(WebKit::StorageProcess::parentProcessHasServiceWorkerEntitlement): Use
WTF::hasEntitlement.
* WebProcess/WebPage/ios/WebPageIOS.mm:
(WebKit::WebPage::parentProcessHasServiceWorkerEntitlement): Ditto.

Source/WTF:

* WTF.xcodeproj/project.pbxproj: Added CFXPCBridgeSPI.h, fixed a few
other small problems in the project file, and let Xcode fix a few too.

* wtf/cocoa/Entitlements.h: Added hasEntitlement function with overloads
for an audit token and an XPC connection.
* wtf/cocoa/Entitlements.mm:
(WTF::hasEntitlement): Added, with overloads for a SecTask, an audit token,
and an XPC connection.
(WTF::processHasEntitlement): Refactored to use the function above.

* wtf/spi/cocoa/CFXPCBridgeSPI.h: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233409 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoPort JavaScriptCore to OS(FUCHSIA)
abarth@webkit.org [Sun, 1 Jul 2018 06:52:34 +0000 (06:52 +0000)]
Port JavaScriptCore to OS(FUCHSIA)
https://bugs.webkit.org/show_bug.cgi?id=187223

Reviewed by Daniel Bates.

.:

* Source/cmake/OptionsJSCOnly.cmake: Add back ICU.

Source/JavaScriptCore:

* assembler/ARM64Assembler.h:
(JSC::ARM64Assembler::cacheFlush): Call zx_cache_flush to flush cache.
* runtime/MachineContext.h: Fuchsia has the same mcontext_t as glibc.
(JSC::MachineContext::stackPointerImpl):
(JSC::MachineContext::framePointerImpl):
(JSC::MachineContext::instructionPointerImpl):
(JSC::MachineContext::argumentPointer<1>):
(JSC::MachineContext::llintInstructionPointer):

Source/WTF:

* wtf/Platform.h: Fuchsia uses mcontext_t to provide machine context.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233408 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agotest-webkitpy never rebuilds lldbWebKitTester
dbates@webkit.org [Sun, 1 Jul 2018 06:00:27 +0000 (06:00 +0000)]
test-webkitpy never rebuilds lldbWebKitTester
https://bugs.webkit.org/show_bug.cgi?id=187229

Reviewed by David Kilzer.

Have test-webkitpy always call script build-lldbwebkittester to build lldbWebKitTester, if needed.

Currently test-webkitpy only calls script build-lldbwebkittester if lldbWebKitTester does not
exist in the build products directory for the active configuration (e.g. Debug); => we do not
build lldbWebKitTester again if its source changes (say, as a result of hacking on lldbWebKitTester).
Instead we should have test-webkitpy unconditionally call build-lldbwebkittester to ensure
that we have an up-to-date build of lldbWebKitTester.

* Scripts/webkitpy/test/main.py:
(Tester._run_tests):
(_find_lldb_webkit_tester): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233407 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoFollow-up: Fix clang static analyzer warnings: Garbage return value
ddkilzer@apple.com [Sun, 1 Jul 2018 02:12:26 +0000 (02:12 +0000)]
Follow-up: Fix clang static analyzer warnings: Garbage return value
<https://webkit.org/b/187224>

Address review feedback from Eric Carlson.

* platform/mediastream/MediaConstraints.h:
(WebCore::NumericConstraint::valueForCapabilityRange const):
- Use brace initialization for more local variables.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233406 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoAsan false positive: stack use after scope under WebCore::ApplyPropertyBorderImageMod...
mcatanzaro@igalia.com [Sun, 1 Jul 2018 01:49:50 +0000 (01:49 +0000)]
Asan false positive: stack use after scope under WebCore::ApplyPropertyBorderImageModifier in WebCore::Length::Length(WebCore::Length&&)
https://bugs.webkit.org/show_bug.cgi?id=186980
<rdar://problem/41409838>

Reviewed by Oliver Hunt.

We believe that we have found a bug in GCC's address sanitizer. It is blocking work on other
issues, so work around it by changing a temporary into a local variable.

* css/StyleBuilderCustom.h:
(WebCore::ApplyPropertyBorderImageModifier::applyInitialValue):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233405 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoFix off-by-one error in xdg_mime_get_simple_globs
mcatanzaro@igalia.com [Sun, 1 Jul 2018 01:15:38 +0000 (01:15 +0000)]
Fix off-by-one error in xdg_mime_get_simple_globs
https://bugs.webkit.org/show_bug.cgi?id=186554

Reviewed by Daniel Bates.

We have an off-by-one error here in some code that was added for WebKit. (This is not an
issue with upstream xdgmime.)

No new tests. This problem is caught by TestDownloads, but only when running with ASan
enabled.

* xdgmime/src/xdgmimecache.c:
(get_simple_globs):
* xdgmime/src/xdgmimeglob.c:
(get_simple_globs):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233404 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoFix clang static analyzer warnings: Garbage return value
ddkilzer@apple.com [Sun, 1 Jul 2018 00:06:38 +0000 (00:06 +0000)]
Fix clang static analyzer warnings: Garbage return value
<https://webkit.org/b/187224>

Reviewed by Eric Carlson.

Source/JavaScriptCore:

* bytecode/UnlinkedCodeBlock.cpp:
(JSC::UnlinkedCodeBlock::lineNumberForBytecodeOffset):
- Use brace initialization for local variables.
* debugger/DebuggerCallFrame.cpp:
(class JSC::LineAndColumnFunctor):
- Use class member initialization for member variables.

Source/WebCore:

* platform/mediastream/MediaConstraints.h:
(WebCore::NumericConstraint::valueForCapabilityRange const):
- Use brace initialization for local variables.

Source/WebKit:

* WebProcess/WebCoreSupport/WebPlatformStrategies.cpp:
(WebKit::WebPlatformStrategies::changeCount):
(WebKit::WebPlatformStrategies::addTypes):
(WebKit::WebPlatformStrategies::setTypes):
(WebKit::WebPlatformStrategies::setBufferForType):
(WebKit::WebPlatformStrategies::setPathnamesForType):
(WebKit::WebPlatformStrategies::setStringForType):
(WebKit::WebPlatformStrategies::getNumberOfFiles):
(WebKit::WebPlatformStrategies::getPasteboardItemsCount):
(WebKit::WebPlatformStrategies::writeCustomData):
* WebProcess/WebCoreSupport/mac/WebEditorClientMac.mm:
(WebKit::WebEditorClient::substitutionsPanelIsShowing):
- Use brace initialization for local variables.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233403 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[CMake] build-webkit should be able to enable address sanitizer
mcatanzaro@igalia.com [Sat, 30 Jun 2018 21:07:50 +0000 (21:07 +0000)]
[CMake] build-webkit should be able to enable address sanitizer
https://bugs.webkit.org/show_bug.cgi?id=187222

Reviewed by Daniel Bates.

If 'set-webkit-configuration --asan' has been run, then build-webkit should pass
-DENABLE_ADDRESS_SANITIZER=ON to CMake, so that it actually does something.

This also works for build-jsc.

* Scripts/webkitdirs.pm:
(generateBuildSystemFromCMakeProject):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233402 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoPort WTF to OS(FUCHSIA)
abarth@webkit.org [Sat, 30 Jun 2018 20:53:56 +0000 (20:53 +0000)]
Port WTF to OS(FUCHSIA)
https://bugs.webkit.org/show_bug.cgi?id=187221

Reviewed by Yusuke Suzuki.

* wtf/FastMalloc.cpp: Fuchsia does not have resource.h
(WTF::fastMallocStatistics): Skip collecting stats without resource.h
* wtf/InlineASM.h: Fuchsia uses ELF
* wtf/Platform.h: Define OS(FUCHSIA) as an OS(UNIX) variant
* wtf/RandomDevice.cpp: Call zx_cprng_draw for crypographic randomness
(WTF::RandomDevice::cryptographicallyRandomValues):
* wtf/ThreadingPthreads.cpp: Fuchsia does not have pthread_setschedparam
(WTF::Thread::changePriority):
* wtf/unix/CPUTimeFuchsia.cpp: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233401 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoUnreviewed, add missing PLATFORM(COCOA) guard after r233207
mcatanzaro@igalia.com [Sat, 30 Jun 2018 18:44:34 +0000 (18:44 +0000)]
Unreviewed, add missing PLATFORM(COCOA) guard after r233207
https://bugs.webkit.org/show_bug.cgi?id=186788
<rdar://problem/41094167>

* WebProcess/InjectedBundle/API/c/WKBundle.cpp:
(WKBundleExtendClassesForParameterCoder):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233400 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[LFC] Do not add the containing block's offset while computing the out-of-flow static...
zalan@apple.com [Sat, 30 Jun 2018 18:07:43 +0000 (18:07 +0000)]
[LFC] Do not add the containing block's offset while computing the out-of-flow static position.
https://bugs.webkit.org/show_bug.cgi?id=187202

Reviewed by Antti Koivisto.

The static position for an out-of-flow elements is
1. the distance from the parent's border box.
2. climbing up on the containing block chain and offset the containers until we reach the out-of-flow element's containing block.

* layout/FormattingContextGeometry.cpp:
(WebCore::Layout::staticVerticalPositionForOutOfFlowPositioned):
(WebCore::Layout::staticHorizontalPositionForOutOfFlowPositioned):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233399 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[LFC] If the top and bottom margins of a box are adjoining, then it is possible for...
zalan@apple.com [Sat, 30 Jun 2018 18:06:22 +0000 (18:06 +0000)]
[LFC] If the top and bottom margins of a box are adjoining, then it is possible for margins to collapse through it.
https://bugs.webkit.org/show_bug.cgi?id=187220

Reviewed by Antti Koivisto.

* layout/blockformatting/BlockMarginCollapse.cpp:
(WebCore::Layout::isMarginBottomCollapsedThrough):
(WebCore::Layout::BlockFormattingContext::MarginCollapse::collapsedMarginTopFromFirstChild):
(WebCore::Layout::BlockFormattingContext::MarginCollapse::marginTop):
(WebCore::Layout::BlockFormattingContext::MarginCollapse::marginBottom):
(WebCore::Layout::BlockFormattingContext::MarginCollapse::isMarginBottomCollapsedWithParent):
(WebCore::Layout::BlockFormattingContext::MarginCollapse::collapsedMarginBottomFromLastChild):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233398 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[LFC] Adjust final out-of-flow position with the computed margin value.
zalan@apple.com [Sat, 30 Jun 2018 18:04:58 +0000 (18:04 +0000)]
[LFC] Adjust final out-of-flow position with the computed margin value.
https://bugs.webkit.org/show_bug.cgi?id=187219

Reviewed by Antti Koivisto.

* layout/FormattingContext.cpp:
(WebCore::Layout::FormattingContext::computeOutOfFlowVerticalGeometry const):
(WebCore::Layout::FormattingContext::computeOutOfFlowHorizontalGeometry const):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233397 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoAdded a missing availability attribute.
mitz@apple.com [Sat, 30 Jun 2018 17:11:36 +0000 (17:11 +0000)]
Added a missing availability attribute.

* WebProcess/InjectedBundle/API/mac/WKWebProcessPlugIn.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233396 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoMake check_flatpak() not verbose when only trying to run command inside flatpak
commit-queue@webkit.org [Sat, 30 Jun 2018 14:24:22 +0000 (14:24 +0000)]
Make check_flatpak() not verbose when only trying to run command inside flatpak
https://bugs.webkit.org/show_bug.cgi?id=187187

Patch by Thibault Saunier <tsaunier@igalia.com> on 2018-06-30
Reviewed by Michael Catanzaro.

* flatpak/flatpakutils.py:
(run_in_sandbox_if_available):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233395 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[Web Animations] Make WPT test at timing-model/timelines/document-timelines.html...
graouts@webkit.org [Sat, 30 Jun 2018 13:43:26 +0000 (13:43 +0000)]
[Web Animations] Make WPT test at timing-model/timelines/document-timelines.html pass reliably
https://bugs.webkit.org/show_bug.cgi?id=186507
<rdar://problem/41000257>

Reviewed by Dean Jackson.

LayoutTests/imported/w3c:

Record WPT test progressions.

* web-platform-tests/web-animations/timing-model/timelines/document-timelines-expected.txt:

Source/WebCore:

The Web Animations spec, along with the HTML5 event loop spec, specify some assumptions on the time reported by
document.timeline.currentTime:

- it should only increase once per frame
- it should have the same value as the timestamp passed to requestAnimationFrame() callbacks

The WPT test at web-platform-tests/web-animations/timing-model/timelines/document-timelines.html relies on these
assumptions to be true so that we check that the start time of a new animation is not the same as the timeline time
when it was created, since it will be in the "play-pending" state for a frame.

In order to support this, we add two new methods on DocumentAnimationScheduler. First, when a scheduled display update
fires, we record the timestamp and expose it via lastTimestamp() such that DocumentTimeline and ScriptedAnimationController
can use the same value when updating animations. Then, to know whether code is run as a result of a display update, we
expose isFiring().

Now, within DocumentTimeline::currentTime(), we can cache the current time this way:

- if we're in the middle of a display update, use the value returned by lastTimestamp().
- otherwise, compute what would have been the ideal number of frames (at 60fps or less if throttled) and add those to
the lastTimestamp() value.

Then, we remove this cached current time when both currently-running JavaScript has completed and all animation update
code has completed by waiting on the invalidation task to run.

* animation/DocumentAnimationScheduler.cpp:
(WebCore::DocumentAnimationScheduler::displayRefreshFired):
* animation/DocumentAnimationScheduler.h:
(WebCore::DocumentAnimationScheduler::lastTimestamp):
(WebCore::DocumentAnimationScheduler::isFiring const):
* animation/DocumentTimeline.cpp:
(WebCore::DocumentTimeline::currentTime):
(WebCore::DocumentTimeline::performInvalidationTask):
(WebCore::DocumentTimeline::maybeClearCachedCurrentTime):
* animation/DocumentTimeline.h:
* dom/ScriptedAnimationController.cpp:
(WebCore::ScriptedAnimationController::serviceScriptedAnimations):
(WebCore::ScriptedAnimationController::documentAnimationSchedulerDidFire):

LayoutTests:

This test now passes reliably.

* TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233394 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[Web Animations] Make imported/mozilla/css-transitions/test_event-dispatch.html pass...
graouts@webkit.org [Sat, 30 Jun 2018 13:04:59 +0000 (13:04 +0000)]
[Web Animations] Make imported/mozilla/css-transitions/test_event-dispatch.html pass reliably
https://bugs.webkit.org/show_bug.cgi?id=183843

Unreviewed.

This test is no longer flaky, the fix for webkit.org/b/183834 fixed the issue.

* platform/ios/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233393 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoUnreviewed, rolling out r233391.
commit-queue@webkit.org [Sat, 30 Jun 2018 07:08:01 +0000 (07:08 +0000)]
Unreviewed, rolling out r233391.
https://bugs.webkit.org/show_bug.cgi?id=187217

This patch broke Windows ports (Requested by fredw on
#webkit).

Reverted changeset:

"WTF's internal std::optional implementation should abort() on
bad optional access"
https://bugs.webkit.org/show_bug.cgi?id=186536
https://trac.webkit.org/changeset/233391

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233392 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoWTF's internal std::optional implementation should abort() on bad optional access
commit-queue@webkit.org [Sat, 30 Jun 2018 06:42:04 +0000 (06:42 +0000)]
WTF's internal std::optional implementation should abort() on bad optional access
https://bugs.webkit.org/show_bug.cgi?id=186536

Patch by Frederic Wang <fwang@igalia.com> on 2018-06-29
Reviewed by Michael Catanzaro.

Source/WTF:

Currently, some ports built with recent compilers will cause the program to abort when one
tries to access the value of an unset std:optional (i.e. std::nullopt) as specified by C++17.
However, most ports still use WTF's internal std::optional implementation, which does not
verify illegal access. Hence it's not possible for developers working on these ports to
detect issues like bugs #186189, #186535, #186752, #186753, #187139 or #187145. WTF's version
of std::optional was introduced in bug #164199 but it was not possible to verify the
availability of the value inside constexpr member functions because the assert might involve
asm declarations. This commit introduces a new RELEASE_ASSERT_UNDER_CONSTEXPR_CONTEXT macro
(a simplified version of RELEASE_ASSERT that can be used in constexpr context) and uses it in
WTF's implementation of std::optional.

* wtf/Assertions.h: Define RELEASE_ASSERT_UNDER_CONSTEXPR_CONTEXT as a version of
RELEASE_ASSERT that can be used in constexpr context (in particular avoids asm declarations).
* wtf/Optional.h:
(std::optional::operator ->): Add an assert to ensure the optional value is available.
(std::optional::operator *): Ditto.
(std::optional::value const): Ditto.
(std::optional::value): Ditto.
(std::optional<T::value const): Ditto.

LayoutTests:

* TestExpectations: Mark one WebAnimations test as crashing (bug #187145).

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233391 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoCrash under WebCore::AXObjectCache::handleMenuItemSelected
n_wang@apple.com [Sat, 30 Jun 2018 05:40:44 +0000 (05:40 +0000)]
Crash under WebCore::AXObjectCache::handleMenuItemSelected
https://bugs.webkit.org/show_bug.cgi?id=186918
<rdar://problem/41365984>

Reviewed by Chris Fleizach.

Source/WebCore:

When a node is being destroyed, we deregister it from the AX cache through the Node's destructor.
But we did not remove the corresponding entry from the m_deferredFocusedNodeChange list. It would
then lead to a crash if we try to access the deleted node from m_deferredFocusedNodeChange.
Fixed it by removing the entry if the newly focused node is being destroyed.

Test: accessibility/accessibility-crash-focused-element-change.html

* accessibility/AXObjectCache.cpp:
(WebCore::AXObjectCache::remove):

LayoutTests:

* accessibility/accessibility-crash-focused-element-change-expected.txt: Added.
* accessibility/accessibility-crash-focused-element-change.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233390 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoREGRESSION (r232806): Facebook login fields have blue fill background instead of...
antti@apple.com [Sat, 30 Jun 2018 03:02:24 +0000 (03:02 +0000)]
REGRESSION (r232806): Facebook login fields have blue fill background instead of white
https://bugs.webkit.org/show_bug.cgi?id=187207
Source/WebCore:

<rdar://problem/41606349>

Reviewed by Tim Horton.

This happens because a 'prefers-dark-interface' media query on UA sheet always evaluates to true in dark mode.

Tests: fast/forms/input-background-ua-media-query.html

* css/MediaQueryEvaluator.cpp:
(WebCore::prefersDarkInterfaceEvaluate):

Make prefers-dark-interface media query match only when using system appearance.

LayoutTests:

Reviewed by Tim Horton.

* fast/forms/input-background-ua-media-query-expected.html: Added.
* fast/forms/input-background-ua-media-query.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233389 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agobuild-webkit: Perl "use of uninitialized value $previousContents"
dbates@webkit.org [Sat, 30 Jun 2018 02:12:45 +0000 (02:12 +0000)]
build-webkit: Perl "use of uninitialized value $previousContents"
https://bugs.webkit.org/show_bug.cgi?id=185776

Reviewed by Michael Catanzaro.

Fixes an issue where reading an empty cached argument file would cause
Perl "uninitialized value" warnings of the form:
    Use of uninitialized value $previousContents in chomp at C:/WebKit-BuildWorker/wincairo-wkl-debug/build/Tools/Scripts/webkitdirs.pm line 1969.
    Use of uninitialized value $previousContents in string ne at C:/WebKit-BuildWorker/wincairo-wkl-debug/build/Tools/Scripts/webkitdirs.pm line 1972.

* Scripts/webkitdirs.pm:
(isCachedArgumentfileOutOfDate):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233388 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoREGRESSION (r230921): Cannot log in to forums.swift.org using GitHub account
dbates@webkit.org [Sat, 30 Jun 2018 02:11:01 +0000 (02:11 +0000)]
REGRESSION (r230921): Cannot log in to forums.swift.org using GitHub account
https://bugs.webkit.org/show_bug.cgi?id=187197
<rdar://problem/40420821>

Reviewed by Brent Fulgham.

Source/WebCore:

Fixes an issue where a Same-Site cookies are not sent with any child window load if the
load is cross-origin with respect to the window's opener. One example where this issue
manifest itself was in the GitHub sign in flow on forums.swift.org.

Currently we always consider the origin of the window's opener (if we have one) when
determining whether a frame load request is same-origin and hence should send Same-Site
cookies when performing the request. So, when page A.com opens a child window to B.com and
then a person clicks a hyperlink or submits a form to B.com/b2 then we do not send Same-
Site cookies with the request to B.com/b2 (because its origin, B.com, is cross-origin
with its opener, A.com). But we should send Same-Site cookies with the request to B.com/b2
because it is same-origin with the page that initiated the request, B.com. Instead of
always considering the origin the window's opener for every frame load we should only
consider it for the first non-empty document load.

Tests: http/tests/cookies/same-site/fetch-in-about-blank-popup.html
       http/tests/cookies/same-site/post-from-cross-site-popup.html

* loader/FrameLoader.cpp:
(WebCore::FrameLoader::addExtraFieldsToRequest):

LayoutTests:

Add tests to ensure that Same-Site cookies are sent in a subsequent same-origin form submission
from a child window that is cross-origin with its opener. Also add a test to ensure that Same-Site
cookies are visible to an about:blank pop-up window (as about:blank is Same-Site with its opener
by definition of being same-origin with it).

* http/tests/cookies/same-site/fetch-in-about-blank-popup-expected.txt: Added.
* http/tests/cookies/same-site/fetch-in-about-blank-popup.html: Added.
* http/tests/cookies/same-site/post-from-cross-site-popup-expected.txt: Added.
* http/tests/cookies/same-site/post-from-cross-site-popup.html: Added.
* http/tests/cookies/same-site/resources/post-from-popup.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233387 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoPerl uninitialized value $isEnabled when running build-jsc using a CMake build
dbates@webkit.org [Sat, 30 Jun 2018 02:06:23 +0000 (02:06 +0000)]
Perl uninitialized value $isEnabled when running build-jsc using a CMake build
https://bugs.webkit.org/show_bug.cgi?id=187208

Reviewed by Tim Horton.

Share logic for computing the feature flags to enable in CMake with both script
build-webkit and script build-jsc instead of duplicating it. This also fixes a
bug in the version of this logic in build-jsc that was inadvertently not updated
in r222394. In r222394 we removed the notion of a default value for a feature flag
listed in webkitperl::FeatureList.

We keep the current behavior of build-jsc and leave it up to the build system
to determine whether to enable or disable ENABLE_EXPERIMENTAL_FEATURES.

* Scripts/build-jsc:
(buildMyProject):
(cMakeArgsFromFeatures): Deleted.
* Scripts/build-webkit:
(cMakeArgsFromFeatures): Deleted; moved to webkitdirs.pm.
* Scripts/webkitdirs.pm:
(cmakeArgsFromFeatures): Moved code from script build-webkit so that it can be shared
with build-jsc.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233386 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoAdd -apple-color-filter and system appearance toggles to MiniBrowser
timothy_horton@apple.com [Sat, 30 Jun 2018 01:20:02 +0000 (01:20 +0000)]
Add -apple-color-filter and system appearance toggles to MiniBrowser
https://bugs.webkit.org/show_bug.cgi?id=187210

Reviewed by Simon Fraser.

* MiniBrowser/mac/AppDelegate.m:
(defaultConfiguration):
* MiniBrowser/mac/SettingsController.h:
* MiniBrowser/mac/SettingsController.m:
(-[SettingsController _populateMenu]):
(-[SettingsController validateMenuItem:]):
(-[SettingsController toggleAppleColorFilterEnabled:]):
(-[SettingsController appleColorFilterEnabled]):
(-[SettingsController toggleUseSystemAppearance:]):
(-[SettingsController useSystemAppearance]):
* MiniBrowser/mac/WK1BrowserWindowController.m:
(-[WK1BrowserWindowController didChangeSettings]):
* MiniBrowser/mac/WK2BrowserWindowController.m:
(-[WK2BrowserWindowController didChangeSettings]):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233385 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoResource Load Statistics: Make network process calls only for the process pool that...
wilander@apple.com [Sat, 30 Jun 2018 01:07:38 +0000 (01:07 +0000)]
Resource Load Statistics: Make network process calls only for the process pool that the page belongs to
https://bugs.webkit.org/show_bug.cgi?id=187206
<rdar://problem/41659160>

Reviewed by Chris Dumez.

Instead of iterating over all process pools, we should resolve which
process pool the page belongs to and call the network process only for
that pool. This is especially important since we use WTFMove for the
completion handlers.

This patch also renames "callback" to "completionHandler" for
the functions touched.

A FIXME comment is added to WebsiteDataStore::getAllStorageAccessEntries()
where we currently don't have a page ID to do the lookup with.

* UIProcess/WebsiteData/WebsiteDataStore.cpp:
(WebKit::WebsiteDataStore::updatePrevalentDomainsToPartitionOrBlockCookies):
(WebKit::WebsiteDataStore::hasStorageAccessForFrameHandler):
(WebKit::WebsiteDataStore::getAllStorageAccessEntries):
(WebKit::WebsiteDataStore::grantStorageAccessHandler):
(WebKit::WebsiteDataStore::hasStorageAccess):
(WebKit::WebsiteDataStore::requestStorageAccess):
(WebKit::WebsiteDataStore::grantStorageAccess):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233384 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoUnreviewed. Try to fix Windows build after r233377
sbarati@apple.com [Sat, 30 Jun 2018 00:55:57 +0000 (00:55 +0000)]
Unreviewed. Try to fix Windows build after r233377

* builtins/BuiltinExecutables.cpp:
(JSC::BuiltinExecutables::createExecutable):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233383 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoSkip media/picture-in-picture-interruption.html on iOS since it relies on 'runWithKey...
ryanhaddad@apple.com [Sat, 30 Jun 2018 00:43:37 +0000 (00:43 +0000)]
Skip media/picture-in-picture-interruption.html on iOS since it relies on 'runWithKeyDown'.
https://bugs.webkit.org/show_bug.cgi?id=187181

Unreviewed test gardening.

* platform/ios/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233382 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoAdd utility methods to WebResourceLoadStatisticsStore to hop back and forth between...
cdumez@apple.com [Sat, 30 Jun 2018 00:35:29 +0000 (00:35 +0000)]
Add utility methods to WebResourceLoadStatisticsStore to hop back and forth between threads
https://bugs.webkit.org/show_bug.cgi?id=187200

Reviewed by Brent Fulgham.

Add utility methods to WebResourceLoadStatisticsStore to hop back and forth between threads,
in order the simplify the code a little bit.

* UIProcess/ResourceLoadStatisticsMemoryStore.cpp:
(WebKit::ResourceLoadStatisticsMemoryStore::ResourceLoadStatisticsMemoryStore):
* UIProcess/WebResourceLoadStatisticsStore.cpp:
(WebKit::WebResourceLoadStatisticsStore::setNotifyPagesWhenDataRecordsWereScanned):
(WebKit::WebResourceLoadStatisticsStore::setShouldClassifyResourcesBeforeDataRecordsRemoval):
(WebKit::WebResourceLoadStatisticsStore::setShouldSubmitTelemetry):
(WebKit::WebResourceLoadStatisticsStore::WebResourceLoadStatisticsStore):
(WebKit::WebResourceLoadStatisticsStore::postTask):
(WebKit::WebResourceLoadStatisticsStore::postTaskReply):
(WebKit::WebResourceLoadStatisticsStore::flushAndDestroyPersistentStore):
(WebKit::WebResourceLoadStatisticsStore::setResourceLoadStatisticsDebugMode):
(WebKit::WebResourceLoadStatisticsStore::scheduleStatisticsAndDataRecordsProcessing):
(WebKit::WebResourceLoadStatisticsStore::resourceLoadStatisticsUpdated):
(WebKit::WebResourceLoadStatisticsStore::hasStorageAccess):
(WebKit::WebResourceLoadStatisticsStore::requestStorageAccess):
(WebKit::WebResourceLoadStatisticsStore::requestStorageAccessUnderOpener):
(WebKit::WebResourceLoadStatisticsStore::grantStorageAccess):
(WebKit::WebResourceLoadStatisticsStore::performDailyTasks):
(WebKit::WebResourceLoadStatisticsStore::submitTelemetry):
(WebKit::WebResourceLoadStatisticsStore::logFrameNavigation):
(WebKit::WebResourceLoadStatisticsStore::logUserInteraction):
(WebKit::WebResourceLoadStatisticsStore::logNonRecentUserInteraction):
(WebKit::WebResourceLoadStatisticsStore::clearUserInteraction):
(WebKit::WebResourceLoadStatisticsStore::hasHadUserInteraction):
(WebKit::WebResourceLoadStatisticsStore::setLastSeen):
(WebKit::WebResourceLoadStatisticsStore::setPrevalentResource):
(WebKit::WebResourceLoadStatisticsStore::setVeryPrevalentResource):
(WebKit::WebResourceLoadStatisticsStore::isPrevalentResource):
(WebKit::WebResourceLoadStatisticsStore::isVeryPrevalentResource):
(WebKit::WebResourceLoadStatisticsStore::isRegisteredAsSubFrameUnder):
(WebKit::WebResourceLoadStatisticsStore::isRegisteredAsRedirectingTo):
(WebKit::WebResourceLoadStatisticsStore::clearPrevalentResource):
(WebKit::WebResourceLoadStatisticsStore::setGrandfathered):
(WebKit::WebResourceLoadStatisticsStore::isGrandfathered):
(WebKit::WebResourceLoadStatisticsStore::setSubframeUnderTopFrameOrigin):
(WebKit::WebResourceLoadStatisticsStore::setSubresourceUnderTopFrameOrigin):
(WebKit::WebResourceLoadStatisticsStore::setSubresourceUniqueRedirectTo):
(WebKit::WebResourceLoadStatisticsStore::setSubresourceUniqueRedirectFrom):
(WebKit::WebResourceLoadStatisticsStore::setTopFrameUniqueRedirectTo):
(WebKit::WebResourceLoadStatisticsStore::setTopFrameUniqueRedirectFrom):
(WebKit::WebResourceLoadStatisticsStore::scheduleCookiePartitioningUpdate):
(WebKit::WebResourceLoadStatisticsStore::scheduleCookiePartitioningUpdateForDomains):
(WebKit::WebResourceLoadStatisticsStore::scheduleClearPartitioningStateForDomains):
(WebKit::WebResourceLoadStatisticsStore::scheduleCookiePartitioningStateReset):
(WebKit::WebResourceLoadStatisticsStore::scheduleClearInMemory):
(WebKit::WebResourceLoadStatisticsStore::scheduleClearInMemoryAndPersistent):
(WebKit::WebResourceLoadStatisticsStore::setTimeToLiveUserInteraction):
(WebKit::WebResourceLoadStatisticsStore::setTimeToLiveCookiePartitionFree):
(WebKit::WebResourceLoadStatisticsStore::setMinimumTimeBetweenDataRecordsRemoval):
(WebKit::WebResourceLoadStatisticsStore::setGrandfatheringTime):
(WebKit::WebResourceLoadStatisticsStore::setMaxStatisticsEntries):
(WebKit::WebResourceLoadStatisticsStore::setPruneEntriesDownTo):
(WebKit::WebResourceLoadStatisticsStore::resetParametersToDefaultValues):
* UIProcess/WebResourceLoadStatisticsStore.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233381 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[Cocoa] reduce unnecessary use of .mm source files in WTF, spruce up some implementat...
darin@apple.com [Sat, 30 Jun 2018 00:23:43 +0000 (00:23 +0000)]
[Cocoa] reduce unnecessary use of .mm source files in WTF, spruce up some implementation details
https://bugs.webkit.org/show_bug.cgi?id=186924

Reviewed by Anders Carlsson.

* WTF.xcodeproj/project.pbxproj: Update for file and directory renames, file type changes,
and deletions.

* wtf/MemoryPressureHandler.cpp:
(WTF::MemoryPressureHandler::holdOff): Deleted empty placeholder; this one is not needed.

* wtf/PlatformMac.cmake: Update for file and directory renames, file type changes,
and deletions.

* wtf/cocoa/CPUTimeCocoa.cpp: Renamed from Source/WTF/wtf/cocoa/CPUTimeCocoa.mm.

* wtf/text/cocoa/StringImplCocoa.mm: Renamed from Source/WTF/wtf/text/mac/StringImplMac.mm.
Also removed an unneeded include.

* wtf/text/cocoa/StringViewCocoa.mm: Renamed from Source/WTF/wtf/text/mac/StringViewObjC.mm.

* wtf/text/cocoa/TextBreakIteratorInternalICUCocoa.cpp: Renamed from
Source/WTF/wtf/text/mac/TextBreakIteratorInternalICUMac.mm.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233380 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[macOS] Do not crash if there is an attempt to copy a file URL to the clipboard
commit-queue@webkit.org [Sat, 30 Jun 2018 00:06:25 +0000 (00:06 +0000)]
[macOS] Do not crash if there is an attempt to copy a file URL to the clipboard
https://bugs.webkit.org/show_bug.cgi?id=187183

Patch by Aditya Keerthi <akeerthi@apple.com> on 2018-06-29
Reviewed by Wenson Hsieh.

Source/WebKit:

r210683 introduced logic to prevent file URLs from being copied to the clipboard
in unexpected cases. The current logic always crashes the WebProcess if
webProcessProxy->checkURLReceivedFromWebProcess returns false. Instead of
crashing, we can fail silently and not copy anything to the clipboard.

* UIProcess/Cocoa/WebPasteboardProxyCocoa.mm:
(WebKit::WebPasteboardProxy::setPasteboardPathnamesForType): Removed call to markCurrentlyDispatchedMessageAsInvalid() which was causing the process to crash.

Tools:

Added a 'runSingly' option to the TestOptions struct. Setting this option to true
will force a new PlatformWebView to be created before running a test. This ensures
that any state set by previous tests are not preserved.

One example of the importance of having this ability is in the case where we want
to test functionality that deals with read access to files. If a test were to
load a valid file URL, universal read access will be granted in WebProcessProxy.
This prevents us from testing cases that rely on us not have universal read
access. Now, if we write the test using the 'runSingly' option, any state set
by previous tests is cleared. Consequently, our test will behave as expected.

* WebKitTestRunner/PlatformWebView.h:
(WTR::PlatformWebView::viewSupportsOptions const):
* WebKitTestRunner/TestController.cpp:
(WTR::updateTestOptionsFromTestHeader):
* WebKitTestRunner/TestOptions.h:
(WTR::TestOptions::hasSameInitializationOptions const):

LayoutTests:

Added a test to ensure that the WebProcess does not crash if we attempt to copy a
file URL to the clipboard. The test also ensures the clipboard content remains
unchanged.

* TestExpectations:
* http/tests/security/pasteboard-file-url-expected.txt: Added.
* http/tests/security/pasteboard-file-url.html: Added.
* platform/mac-wk2/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233379 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoDon't use tracePoints in JS/Wasm entry
sbarati@apple.com [Sat, 30 Jun 2018 00:05:36 +0000 (00:05 +0000)]
Don't use tracePoints in JS/Wasm entry
https://bugs.webkit.org/show_bug.cgi?id=187196

Reviewed by Mark Lam.

This puts VM entry and Wasm entry tracePoints behind a runtime
option. This is a ~4x speedup on a soon to be released Wasm
benchmark. tracePoints should basically never run more than 50
times a second. Entering the VM and entering Wasm are user controlled,
and can happen hundreds of thousands of times in a second. Depending
on how the Wasm/JS code is structured, this can be disastrous for
performance.

* runtime/Options.h:
* runtime/VMEntryScope.cpp:
(JSC::VMEntryScope::VMEntryScope):
(JSC::VMEntryScope::~VMEntryScope):
* wasm/WasmBBQPlan.cpp:
(JSC::Wasm::BBQPlan::compileFunctions):
* wasm/js/WebAssemblyFunction.cpp:
(JSC::callWebAssemblyFunction):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233378 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoWe shouldn't recurse into the parser when gathering metadata about various function...
sbarati@apple.com [Fri, 29 Jun 2018 23:40:25 +0000 (23:40 +0000)]
We shouldn't recurse into the parser when gathering metadata about various function offsets
https://bugs.webkit.org/show_bug.cgi?id=184074
<rdar://problem/37165897>

Reviewed by Mark Lam.

JSTests:

* microbenchmarks/try-get-by-id-basic.js:
(const.bench.f.const.fooPlusBar.createBuiltin):
* microbenchmarks/try-get-by-id-polymorphic.js:
(fooPlusBar.createBuiltin):
* stress/array-push-with-force-exit.js:
* stress/dont-crash-on-stack-overflow-when-parsing-builtin.js: Added.
(f):
* stress/dont-crash-on-stack-overflow-when-parsing-default-constructor.js: Added.
(foo):
(prototype.runNearStackLimit):
* stress/is-constructor.js:
* stress/tailCallForwardArguments.js:
(putFuncToPrivateName.createBuiltin):

Source/JavaScriptCore:

Prior to this patch, when we made a builtin, we had to make an UnlinkedFunctionExecutable
for that builtin. This required calling into the parser. However, the parser
may throw a stack overflow. We were not able to recover from that. The only
reason we called into the parser here is that we were gathering text offsets
and various metadata for things in the builtin function. This patch writes a
mini parser that figures this information out without calling into the full
parser. (I've also added a debug assert that verifies the mini parser stays in
sync with the full parser.) The result of this is that BuiltinExecutbles::createExecutable
always succeeds.

* builtins/AsyncFromSyncIteratorPrototype.js:
(globalPrivate.createAsyncFromSyncIterator):
(globalPrivate.AsyncFromSyncIteratorConstructor):
* builtins/BuiltinExecutables.cpp:
(JSC::BuiltinExecutables::createExecutable):
* builtins/GlobalOperations.js:
(globalPrivate.getter.overriddenName.string_appeared_here.speciesGetter):
(globalPrivate.speciesConstructor):
(globalPrivate.copyDataProperties):
(globalPrivate.copyDataPropertiesNoExclusions):
* builtins/PromiseOperations.js:
(globalPrivate.newHandledRejectedPromise):
* builtins/RegExpPrototype.js:
(globalPrivate.hasObservableSideEffectsForRegExpMatch):
(globalPrivate.hasObservableSideEffectsForRegExpSplit):
* builtins/StringPrototype.js:
(globalPrivate.hasObservableSideEffectsForStringReplace):
(globalPrivate.getDefaultCollator):
* parser/Nodes.cpp:
(JSC::FunctionMetadataNode::FunctionMetadataNode):
(JSC::FunctionMetadataNode::operator== const):
(JSC::FunctionMetadataNode::dump const):
* parser/Nodes.h:
* parser/Parser.h:
(JSC::parse):
* parser/ParserError.h:
(JSC::ParserError::type const):
* parser/ParserTokens.h:
(JSC::JSTextPosition::operator== const):
(JSC::JSTextPosition::operator!= const):
* parser/SourceCode.h:
(JSC::SourceCode::operator== const):
(JSC::SourceCode::operator!= const):
(JSC::SourceCode::subExpression const):
(JSC::SourceCode::subExpression): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233377 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoAX: [iOS] VoiceOver scroll position is jumpy in frames
n_wang@apple.com [Fri, 29 Jun 2018 23:33:30 +0000 (23:33 +0000)]
AX: [iOS] VoiceOver scroll position is jumpy in frames
https://bugs.webkit.org/show_bug.cgi?id=186956

Reviewed by Simon Fraser.

Source/WebCore:

iOS is using delegate scrolling and we should not take into account
the scroll offset when converting rects.

Also fixed a issue where we want to scroll the element into view even
if it's partially visible.

Test: fast/scrolling/ios/iframe-scroll-into-view.html

* accessibility/AccessibilityObject.cpp:
(WebCore::AccessibilityObject::scrollToMakeVisible const):
* platform/ScrollView.cpp:
(WebCore::ScrollView::contentsToContainingViewContents const):

LayoutTests:

* fast/scrolling/ios/iframe-scroll-into-view-expected.html: Added.
* fast/scrolling/ios/iframe-scroll-into-view.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233376 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[lldb-webkit] Non-empty strings may be pretty-printed as empty
dbates@webkit.org [Fri, 29 Jun 2018 23:17:45 +0000 (23:17 +0000)]
[lldb-webkit] Non-empty strings may be pretty-printed as empty
https://bugs.webkit.org/show_bug.cgi?id=187185

Reviewed by Simon Fraser.

For some reason lldb(1) sometimes has an issue accessing members of WTF::StringImplShape
via a WTF::StringImpl pointer (why?). Explicitly casting a WTF::StringImpl* to a
WTF::StringImplShape* before accessing such members makes LLDB happy.

I tried writing a test for this both for the LLVM project and to add to our lldb_webkit unit
tests to no avail. I have only been able to reproduce this bug sporadically during my WebCore/WebKit
debugging sessions so far.

* lldb/lldb_webkit.py:
(WTFStringImplProvider.__init__): Explicitly cast the WTF::StringImpl* to WTF::StringImplShape*.
(WTFStringImplProvider.get_data8): Update code now that we are directly accessing WTF::StringImplShape*.
(WTFStringImplProvider.get_data16): Ditto.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233375 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoWebKitLegacy: Can trigger recursive loads triggering debug assertions
cdumez@apple.com [Fri, 29 Jun 2018 22:56:29 +0000 (22:56 +0000)]
WebKitLegacy: Can trigger recursive loads triggering debug assertions
https://bugs.webkit.org/show_bug.cgi?id=187121
<rdar://problem/41259430>

Reviewed by Brent Fulgham.

Source/WebCore:

In order to support asynchronous policy delegates, r229722 added a call to
FrameLoader::clearProvisionalLoadForPolicyCheck() when starting a navigation
policy decision in PolicyChecker::checkNavigationPolicy(). This calls
stopLoading() on the current provisional loader if there is one, and potentially
calls the didFailProvisionalLoadWithError cleint delegate. This delegate call
is synchronous on WebKit1, so the client may start a new load from this delegate
and re-enter Webcore. This happens in practive with Quickens 2017 / 2018 on Mac.

Before r229722, this was not an issue because pending loads were canceled after
the (asynchronous) navigation policy decision, via FrameLoader::stopAllLoaders().
FrameLoader::stopAllLoaders() sets a m_inStopAllLoaders flag and we return early
in FrameLoader::loadRequest() when this flag is set to prevent recursive loads.

To maintain shipping behavior as much as possible, this patch introduces a similar
inClearProvisionalLoadForPolicyCheck which gets set during
FrameLoader::clearProvisionalLoadForPolicyCheck() and we prevent new loads while
this flag is set.

I have verified that Quickens 2017 / 2018 works again after this change and I added
API test coverage for this behavior.

* loader/FrameLoader.cpp:
(WebCore::FrameLoader::loadURL):
(WebCore::FrameLoader::load):
(WebCore::FrameLoader::clearProvisionalLoadForPolicyCheck):
* loader/FrameLoader.h:

Tools:

Add API test coverage.

* TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
* TestWebKitAPI/Tests/mac/StartLoadInDidFailProvisionalLoad.mm: Added.
(-[StartLoadInDidFailProvisionalLoadDelegate webView:didFailProvisionalLoadWithError:forFrame:]):
(-[StartLoadInDidFailProvisionalLoadDelegate webView:didFinishLoadForFrame:]):
(TestWebKitAPI::TEST):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233374 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoTeach bisect-builds to retrieve supported platforms from the rest api.
lforschler@apple.com [Fri, 29 Jun 2018 22:51:59 +0000 (22:51 +0000)]
Teach bisect-builds to retrieve supported platforms from the rest api.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233373 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agorun-jsc should print when jsc exits with non-zero status
keith_miller@apple.com [Fri, 29 Jun 2018 21:17:35 +0000 (21:17 +0000)]
run-jsc should print when jsc exits with non-zero status
https://bugs.webkit.org/show_bug.cgi?id=187192

Reviewed by Saam Barati.

* Scripts/run-jsc:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233372 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoRegression(r233359): Caused ITP tests to be flaky
cdumez@apple.com [Fri, 29 Jun 2018 21:00:50 +0000 (21:00 +0000)]
Regression(r233359): Caused ITP tests to be flaky
https://bugs.webkit.org/show_bug.cgi?id=187189

Reviewed by Youenn Fablet.

r233359 started using m_resolvedConfiguration.resourceLoadStatisticsDirectory instead of
m_configuration.resourceLoadStatisticsDirectory for the ITP path. This is consistent
with what we do for other database paths so that things like '~' in paths get resolved.

This introduced flakiness because the resourceLoadStatisticsDirectory was never getting
resolved and m_resolvedConfiguration.resourceLoadStatisticsDirectory was not set.
Update the WebsiteDataStore so that m_resolvedConfiguration.resourceLoadStatisticsDirectory
properly gets set to the resolved version of m_configuration.resourceLoadStatisticsDirectory.

* UIProcess/WebsiteData/WebsiteDataStore.cpp:
(WebKit::WebsiteDataStore::resolveDirectoriesIfNecessary):
(WebKit::WebsiteDataStore::enableResourceLoadStatisticsAndSetTestingCallback):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233371 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoLayout Test webrtc/datachannel/mdns-ice-candidates.html is flaky
ryanhaddad@apple.com [Fri, 29 Jun 2018 20:59:14 +0000 (20:59 +0000)]
Layout Test webrtc/datachannel/mdns-ice-candidates.html is flaky
https://bugs.webkit.org/show_bug.cgi?id=187180

Unreviewed test gardening.

Patch by Truitt Savell <tsavell@apple.com> on 2018-06-29

* TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233370 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoLayout Test js/error-should-not-strong-reference-global-object.html is flaky on macOS
ryanhaddad@apple.com [Fri, 29 Jun 2018 20:47:45 +0000 (20:47 +0000)]
Layout Test js/error-should-not-strong-reference-global-object.html is flaky on macOS
https://bugs.webkit.org/show_bug.cgi?id=187103

Unreviewed test gardening

Patch by Truitt Savell <tsavell@apple.com> on 2018-06-29

* platform/mac-wk2/TestExpectations:
* platform/mac/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233369 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[ews-build] Add timeout to webkitpy and webkitperl tests
aakash_jain@apple.com [Fri, 29 Jun 2018 20:25:44 +0000 (20:25 +0000)]
[ews-build] Add timeout to webkitpy and webkitperl tests
https://bugs.webkit.org/show_bug.cgi?id=187191

Reviewed by Lucas Forschler.

* BuildSlaveSupport/ews-build/steps.py:
(RunWebKitPerlTests.__init__): Set timeout of 2 minutes.
(RunWebKitPyTests.__init__): Ditto.
* BuildSlaveSupport/ews-build/steps_unittest.py: Updated unit-tests.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233368 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoResource Load Statistics: Don't create a WebResourceLoadStatisticsStore for ephemeral...
wilander@apple.com [Fri, 29 Jun 2018 20:11:39 +0000 (20:11 +0000)]
Resource Load Statistics: Don't create a WebResourceLoadStatisticsStore for ephemeral sessions
https://bugs.webkit.org/show_bug.cgi?id=187154
<rdar://problem/41487250>

Reviewed by Brent Fulgham and Chris Dumez.

Most of the changes in this patch remove the boolean parameter for tracking
ephemeral sessions and the IsReadOnly enum.

* UIProcess/API/Cocoa/WKWebsiteDataStore.mm:
(-[WKWebsiteDataStore _setResourceLoadStatisticsTestingCallback:]):
    Now returns early for ephemeral sessions.
* UIProcess/ResourceLoadStatisticsPersistentStorage.cpp:
(WebKit::ResourceLoadStatisticsPersistentStorage::ResourceLoadStatisticsPersistentStorage):
(WebKit::ResourceLoadStatisticsPersistentStorage::writeMemoryStoreToDisk):
(WebKit::ResourceLoadStatisticsPersistentStorage::scheduleOrWriteMemoryStore):
* UIProcess/ResourceLoadStatisticsPersistentStorage.h:
* UIProcess/WebResourceLoadStatisticsStore.cpp:
(WebKit::WebResourceLoadStatisticsStore::WebResourceLoadStatisticsStore):
* UIProcess/WebResourceLoadStatisticsStore.h:
* UIProcess/WebsiteData/WebsiteDataStore.cpp:
(WebKit::WebsiteDataStore::setResourceLoadStatisticsEnabled):
    Now returns early for ephemeral sessions.
(WebKit::WebsiteDataStore::enableResourceLoadStatisticsAndSetTestingCallback):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233367 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoInfinite loop if a <use> element references its ancestor and the DOMNodeInserted...
said@apple.com [Fri, 29 Jun 2018 19:24:45 +0000 (19:24 +0000)]
Infinite loop if a <use> element references its ancestor and the DOMNodeInserted event handler of one its ancestor's descents updates the document style
https://bugs.webkit.org/show_bug.cgi?id=186925

Reviewed by Antti Koivisto.

Source/WebCore:

This patches fixes two issues:
-- SVGTRefTargetEventListener should not assume it has to be attached to
target when its handleEvent() is called.
Because SVGTRefTargetEventListener::handleEvent() references the target
element, we just return if the listener is detached.

-- The <use> element should not clone its shadow tree if it references one
of its ancestors. The DOMNodeInserted of any node in the target element
tree may issue a document command. This document command will cause the
shadow tree to be re-cloned so this will cause infinite loop to happen.

Test: svg/dom/svg-use-infinite-loop-cloning.html

* svg/SVGTRefElement.cpp:
(WebCore::SVGTRefTargetEventListener::handleEvent):
* svg/SVGUseElement.cpp:
(WebCore::SVGUseElement::updateShadowTree):

LayoutTests:

* svg/dom/svg-use-infinite-loop-cloning-expected.txt: Added.
* svg/dom/svg-use-infinite-loop-cloning.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233366 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[WPE] Three CSS Grid Layout tests crash due to valueless std::optional access
rego@igalia.com [Fri, 29 Jun 2018 18:54:41 +0000 (18:54 +0000)]
[WPE] Three CSS Grid Layout tests crash due to valueless std::optional access
https://bugs.webkit.org/show_bug.cgi?id=186752

Reviewed by Frédéric Wang.

Source/WebCore:

This is a simple fix for the crash we're getting on WPE
in IndefiniteSizeStrategy::freeSpaceForStretchAutoTracksStep().

Covered by existent tests, just remove them from TestExpectations file.

* rendering/GridTrackSizingAlgorithm.cpp:
(WebCore::IndefiniteSizeStrategy::freeSpaceForStretchAutoTracksStep const):
Check if minSize is null before trying to access it's value.

LayoutTests:

* platform/wpe/TestExpectations: Remove tests from TestExpectations file
as they're passing now.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233365 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[WPE]: Fix exception handling when flatpak is not installed
clopez@igalia.com [Fri, 29 Jun 2018 18:12:50 +0000 (18:12 +0000)]
[WPE]: Fix exception handling when flatpak is not installed
https://bugs.webkit.org/show_bug.cgi?id=186771

Unreviewed followup-fix after r233362

This was causing failures when flatpak is not installed.

* flatpak/flatpakutils.py:
(check_flatpak):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233364 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[JSCOnly] Restore Windows build.
ross.kirsling@sony.com [Fri, 29 Jun 2018 17:55:24 +0000 (17:55 +0000)]
[JSCOnly] Restore Windows build.
https://bugs.webkit.org/show_bug.cgi?id=187127

Reviewed by Michael Catanzaro.

.:

* Source/cmake/OptionsJSCOnly.cmake:
Don't forget to set -DUCHAR_TYPE=wchar_t for ICU on Windows.
Use bin64/lib64 on Windows (for consistency with full WebKit build).

Tools:

* Scripts/build-jsc:
Fix condition for disabling FTL JIT on Windows.

* Scripts/webkitdirs.pm:
(executableProductDir):
JSCOnly should still use bin64 on Windows (for consistency with full WebKit build).
(determineIsWin64):
JSCOnly already defaults to 64-bit on Windows with Ninja -- ensure that this is true even with MSBuild.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233363 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[GTK][WPE]: Add a way to setup our development environment inside flatpak
commit-queue@webkit.org [Fri, 29 Jun 2018 17:47:17 +0000 (17:47 +0000)]
[GTK][WPE]: Add a way to setup our development environment inside flatpak
https://bugs.webkit.org/show_bug.cgi?id=186771

Patch by Thibault Saunier <tsaunier@igalia.com> on 2018-06-29
Reviewed by Carlos Alberto Lopez Perez.

Tools:

This patch introduce a way to setup the development environment inside flatpak[0]
removing the need for jhbuild when doing so. Anything needed to build/run minibrowser/ run
layout tests is provided either but the org.gnome.Sdk runtime or built with flatpak-builder.

The workflow is very similar to the "jhbuild based" one except that you should use update-webkit$PORTNAME-flatpak instead
of update-webkit$PORTNAME-libs and that script requires to specify a build configuration (--release is default).

Our scripts have been updated to be able to run inside that new build environment.

Since everything runs inside a flatpak sandbox, gdb needs to be run from within the sandbox, the script exposes a way to do it
easily with the `--gdb` option:

  $ webkit-flatpak --gdb [-m COREDUMPCTL MATCHES]

The Layout test `GDBCrashLogGenerator` has been taugth how to use that and is able to retrieve stacktrace as with the jhbuild based workflow.

[0] http://flatpak.org

* Scripts/build-webkit:
* Scripts/generate-jsc-bundle:
(main):
* Scripts/run-gtk-tests:
* Scripts/run-minibrowser:
* Scripts/run-webdriver-tests:
* Scripts/run-webkit-tests:
* Scripts/run-wpe-tests:
* Scripts/update-webkitgtk-libs:
* Scripts/update-webkitwpe-libs:
* Scripts/webkit-flatpak: Added.
* Scripts/webkitdirs.pm:
(getJhbuildPath):
(getFlatpakPath):
(inFlatpakSandbox):
(runInFlatpak):
(runInFlatpakIfAvalaible):
(wrapperPrefixIfNeeded):
(shouldUseFlatpak):
* Scripts/webkitpy/port/base.py:
(Port._path_to_apache):
(Port._is_flatpak):
(Port._apache_config_file_name_for_platform):
(Port._should_use_flatpak):
(Port):
(Port._in_flatpak_sandbox):
(Port._should_use_jhbuild):
* Scripts/webkitpy/port/gtk.py:
(GtkPort.setup_environ_for_server):
* Scripts/webkitpy/port/linux_get_crash_log.py:
(GDBCrashLogGenerator._get_trace_from_systemd):
(GDBCrashLogGenerator.generate_crash_log):
* Scripts/webkitpy/port/wpe.py:
(WPEPort.setup_environ_for_server):
* Scripts/webkitpy/w3c/wpt_runner.py:
(main):
* flatpak/files/default.xkm: Added.
* flatpak/files/httpd-autogen.sh: Added.
* flatpak/flatpakutils.py: Added.
(Colors):
(Console):
(Console.message):
(remove_extension_points):
(remove_comments):
(remove_comments._replacer):
(load_manifest):
(expand_manifest):
(FlatpakObject):
(FlatpakObject.__init__):
(FlatpakObject.flatpak):
(FlatpakPackages):
(FlatpakPackages.__init__):
(FlatpakPackages.__detect_packages):
(FlatpakPackages.__detect_packages.in):
(FlatpakPackages.__detect_runtimes):
(FlatpakPackages.__detect_apps):
(FlatpakPackages.__iter__):
(FlatpakRepos):
(FlatpakRepos.__init__):
(FlatpakRepos.update):
(FlatpakRepos.add):
(FlatpakRepo):
(FlatpakRepo.__init__):
(FlatpakRepo.repo_file):
(FlatpakPackage):
(FlatpakPackage.__init__):
(FlatpakPackage.__str__):
(FlatpakPackage.is_installed):
(FlatpakPackage.install):
(FlatpakPackage.update):
(WebkitFlatpak):
(WebkitFlatpak.load_from_args):
(WebkitFlatpak.__init__):
(WebkitFlatpak.check_flatpak):
(WebkitFlatpak.check_flatpak.comparable_version):
(WebkitFlatpak.clean_args):
(WebkitFlatpak.run_in_sandbox):
(WebkitFlatpak.run):
(WebkitFlatpak.has_environment):
(WebkitFlatpak.setup_dev_env):
(WebkitFlatpak.install_all):
(WebkitFlatpak.run_gdb):
(WebkitFlatpak.update_all):
(is_sandboxed):
(run_in_sandbox_if_available):
* flatpak/org.webkit.GTK.yaml: Added.
* flatpak/org.webkit.WPE.yaml: Added.
* flatpak/org.webkit.WebKit.yaml: Added.
* flatpak/patches/httpd-0001-configure-use-pkg-config-for-PCRE-detection.patch: Added.
* flatpak/patches/xvfb-0001-HACK-Avoid-compiling-a-kbm-file.patch: Added.

LayoutTests:

* http/conf/flatpak-httpd.conf: Added. Apache configuration file to be used inside flaptak.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233362 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoUnreviewed, rolling out r233349.
david_fenton@apple.com [Fri, 29 Jun 2018 17:42:00 +0000 (17:42 +0000)]
Unreviewed, rolling out r233349.

caused 42 crashes on iOS GuardMalloc and iOS ASan tests

Reverted changeset:

"[Web Animations] Using a Web Animation leaks the Document"
https://bugs.webkit.org/show_bug.cgi?id=187088
https://trac.webkit.org/changeset/233349

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233361 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoReturning PiP'd video to fullscreen while playing leaves video muted.
jer.noble@apple.com [Fri, 29 Jun 2018 17:15:08 +0000 (17:15 +0000)]
Returning PiP'd video to fullscreen while playing leaves video muted.
https://bugs.webkit.org/show_bug.cgi?id=187181
<rdar://problem/41408335>

Reviewed by Eric Carlson.

Source/WebCore:

Test: media/picture-in-picture-interruption.html

Don't reset the media session's state at the end of an interruption if it wasn't changed an the beginning of one.

* platform/audio/PlatformMediaSession.cpp:
(WebCore::PlatformMediaSession::endInterruption):
* testing/Internals.cpp:
(WebCore::Internals::mediaSessionState):
* testing/Internals.h:
* testing/Internals.idl:

LayoutTests:

* media/picture-in-picture-interruption-expected.txt: Added.
* media/picture-in-picture-interruption.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233360 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoStop using lambdas for WebResourceLoadStatisticsStore to interact with its WebsiteDat...
cdumez@apple.com [Fri, 29 Jun 2018 16:54:05 +0000 (16:54 +0000)]
Stop using lambdas for WebResourceLoadStatisticsStore to interact with its WebsiteDataStore
https://bugs.webkit.org/show_bug.cgi?id=187165

Reviewed by Brent Fulgham.

Stop using lambdas for WebResourceLoadStatisticsStore to interact with its WebsiteDataStore. Instead,
WebResourceLoadStatisticsStore now holds a weak pointer to its WebsiteDataStore and is able to call
methods on it directly. Reducing the indirection makes the code less complex and more understandable.

* UIProcess/WebResourceLoadStatisticsStore.cpp:
(WebKit::WebResourceLoadStatisticsStore::WebResourceLoadStatisticsStore):
(WebKit::WebResourceLoadStatisticsStore::callHasStorageAccessForFrameHandler):
(WebKit::WebResourceLoadStatisticsStore::callGrantStorageAccessHandler):
(WebKit::WebResourceLoadStatisticsStore::removeAllStorageAccess):
(WebKit::WebResourceLoadStatisticsStore::callUpdatePrevalentDomainsToPartitionOrBlockCookiesHandler):
(WebKit::WebResourceLoadStatisticsStore::callRemoveDomainsHandler):
* UIProcess/WebResourceLoadStatisticsStore.h:
* UIProcess/WebsiteData/WebsiteDataStore.cpp:
(WebKit::WebsiteDataStore::enableResourceLoadStatisticsAndSetTestingCallback):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233359 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoUnreviewed, rolling out r233347.
ryanhaddad@apple.com [Fri, 29 Jun 2018 15:24:59 +0000 (15:24 +0000)]
Unreviewed, rolling out r233347.

Causes crashes during WK1 tests.

Reverted changeset:

"Disable IsoHeaps when Gigacage is off"
https://bugs.webkit.org/show_bug.cgi?id=187160
https://trac.webkit.org/changeset/233347

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233358 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[LFC] When the formatting root is also a containing block for out-of-flow elements.
zalan@apple.com [Fri, 29 Jun 2018 15:20:47 +0000 (15:20 +0000)]
[LFC] When the formatting root is also a containing block for out-of-flow elements.
https://bugs.webkit.org/show_bug.cgi?id=187179

Reviewed by Antti Koivisto.

Out-of-flow descendants' layout requires their containing block height to be computed. This patch takes care of the case
when the containing block is also a formatting context root (e.g. relative positioned with overflow other than visible).

* layout/Verification.cpp:
(WebCore::Layout::LayoutContext::verifyAndOutputMismatchingLayoutTree const):
* layout/blockformatting/BlockFormattingContext.cpp:
(WebCore::Layout::BlockFormattingContext::layoutFormattingContextRoot const):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233357 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[LFC] Do not skip the next inflow sibling after finishing a formatting context root...
zalan@apple.com [Fri, 29 Jun 2018 14:47:06 +0000 (14:47 +0000)]
[LFC] Do not skip the next inflow sibling after finishing a formatting context root layout.
https://bugs.webkit.org/show_bug.cgi?id=187178

Reviewed by Antti Koivisto.

Since the block formatting layout is based on pre-order traversal, after finishing a formatting
context layout (which takes care of its entire subtre), we need to visit the next (in-flow)sibling.

* layout/blockformatting/BlockFormattingContext.cpp:
(WebCore::Layout::BlockFormattingContext::layout const):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233356 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoLayout Test imported/mozilla/css-animations/test_animation-starttime.html is failing.
pvollan@apple.com [Fri, 29 Jun 2018 14:17:38 +0000 (14:17 +0000)]
Layout Test imported/mozilla/css-animations/test_animation-starttime.html is failing.
https://bugs.webkit.org/show_bug.cgi?id=186807

Unreviewed test gardening.

* platform/win/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233355 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoLayout Test fast/text/mark-matches-broken-line-rendering.html is failing
pvollan@apple.com [Fri, 29 Jun 2018 14:10:28 +0000 (14:10 +0000)]
Layout Test fast/text/mark-matches-broken-line-rendering.html is failing
https://bugs.webkit.org/show_bug.cgi?id=187177

Unreviewed test gardening.

* platform/win/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233354 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[WPE] Some frames are dropped when using rAF to animate an element
magomez@igalia.com [Fri, 29 Jun 2018 13:52:19 +0000 (13:52 +0000)]
[WPE] Some frames are dropped when using rAF to animate an element
https://bugs.webkit.org/show_bug.cgi?id=187175

Always call renderNextFrame in ThreadedCompositor::requestDisplayRefreshMonitorUpdate()
so we have to process any pending layer flush request.

Reviewed by Žan Doberšek.

* Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.cpp:
(WebKit::ThreadedCompositor::handleDisplayRefreshMonitorUpdate):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233353 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoLayout Test compositing/animation/layer-for-filling-animation.html is a flaky failure
graouts@webkit.org [Fri, 29 Jun 2018 12:35:51 +0000 (12:35 +0000)]
Layout Test compositing/animation/layer-for-filling-animation.html is a flaky failure
https://bugs.webkit.org/show_bug.cgi?id=187163

Unreviewed.

This test needed to be modified to account for the pending state being updated at a different time,
so we just wait a frame to ensure the animation is ended. See r233325.

* compositing/animation/layer-for-filling-animation.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233352 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[mac][wk2] REGRESSION (Tiled Drawing): Some css3/ tests fail with fringing around...
graouts@webkit.org [Fri, 29 Jun 2018 12:34:04 +0000 (12:34 +0000)]
[mac][wk2] REGRESSION (Tiled Drawing): Some css3/ tests fail with fringing around tiled background-images that intersect tile boundaries
https://bugs.webkit.org/show_bug.cgi?id=122235

Unreviewed. This test has not been flaky on all ports by GTK for a long time.

* platform/ios-wk1/TestExpectations:
* platform/mac-wk2/TestExpectations:
* platform/wincairo/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233351 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[LFC] The static position for an out-of-flow box should include the previous sibling...
zalan@apple.com [Fri, 29 Jun 2018 07:55:53 +0000 (07:55 +0000)]
[LFC] The static position for an out-of-flow box should include the previous sibling's collapsed margin
https://bugs.webkit.org/show_bug.cgi?id=187169

Reviewed by Antti Koivisto.

When computing the static position of an absolutely positioned box, we need to look at the previous sibling's bottom margin.
If the previous sibling happens to collapse its bottom margin with the parent's bottom margin, we still need to account for it
and compute the static vertical position as if the bottom margin was not collapsed.

* layout/FormattingContext.cpp:
(WebCore::Layout::FormattingContext::computeFloatingHeightAndMargin const):
(WebCore::Layout::FormattingContext::computeOutOfFlowVerticalGeometry const):
* layout/FormattingContextGeometry.cpp:
(WebCore::Layout::staticVerticalPositionForOutOfFlowPositioned):
* layout/LayoutContext.cpp:
(WebCore::Layout::LayoutContext::initializeRoot):
* layout/Verification.cpp:
(WebCore::Layout::outputMismatchingBoxInformationIfNeeded):
* layout/blockformatting/BlockFormattingContext.cpp:
(WebCore::Layout::BlockFormattingContext::computeInFlowHeightAndMargin const):
* layout/displaytree/DisplayBox.cpp:
(WebCore::Display::Box::nonCollapsedMarginBox const):
* layout/displaytree/DisplayBox.h:
(WebCore::Display::Box::setHasValidVerticalNonCollapsedMargin):
(WebCore::Display::Box::setVerticalMargin):
(WebCore::Display::Box::setVerticalNonCollapsedMargin):
(WebCore::Display::Box::nonCollapsedMarginTop const):
(WebCore::Display::Box::nonCollapsedMarginBottom const):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233350 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[Web Animations] Using a Web Animation leaks the Document
graouts@webkit.org [Fri, 29 Jun 2018 05:45:34 +0000 (05:45 +0000)]
[Web Animations] Using a Web Animation leaks the Document
https://bugs.webkit.org/show_bug.cgi?id=187088
<rdar://problem/41392046>

Reviewed by Dean Jackson.

Source/WebCore:

Test: webanimations/leak-document-with-web-animation.html

We need to ensure that any remaining animation is cleared when the DocumentTimeline is detached from its Document.
We rename WebAnimation::prepareAnimationForRemoval() to WebAnimation::remove() since it really actively disassociates
the animation from its timeline.

* animation/AnimationTimeline.cpp:
(WebCore::AnimationTimeline::removeAnimationsForElement): We no longer need the call to removeAnimation()
since the new WebAnimation::remove() method will also set the timeline to null which will eventually call
removeAnimation() on the disassociated timeline.
* animation/DeclarativeAnimation.cpp:
(WebCore::DeclarativeAnimation::remove):
(WebCore::DeclarativeAnimation::prepareAnimationForRemoval): Deleted.
* animation/DeclarativeAnimation.h:
* animation/DocumentTimeline.cpp:
(WebCore::DocumentTimeline::detachFromDocument): Call remove() on all known animations.
* animation/WebAnimation.cpp:
(WebCore::WebAnimation::remove): Set the timeline to null to fully disassociate this animation from its timeline.
(WebCore::WebAnimation::setTimeline): Factor the internal timeline-association code out of this JS API method so
that we can call this code without any JS-facing implications.
(WebCore::WebAnimation::setTimelineInternal):
(WebCore::WebAnimation::prepareAnimationForRemoval): Deleted.
* animation/WebAnimation.h:

LayoutTests:

Add a new test that creates an Animation object in JS within an iframe and checks that removing
the iframe clears its Document.

* webanimations/leak-document-with-web-animation-expected.txt: Added.
* webanimations/leak-document-with-web-animation.html: Added.
* webanimations/resources/web-animation-leak-iframe.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233349 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[LFC] Out-of-flow positioned height does not necessarily equal to "bottom - top".
zalan@apple.com [Fri, 29 Jun 2018 03:45:47 +0000 (03:45 +0000)]
[LFC] Out-of-flow positioned height does not necessarily equal to "bottom - top".
https://bugs.webkit.org/show_bug.cgi?id=187168

Reviewed by Antti Koivisto.

According to the spec "For absolutely positioned elements, the used values of the vertical dimensions must satisfy this constraint:
'top' + 'margin-top' + 'border-top-width' + 'padding-top' + 'height' + 'padding-bottom' + 'border-bottom-width' + 'margin-bottom' + 'bottom' = height of containing block"
With a non-auto "height" value, the bottom - top does not necessarily compute to the height of the element.

* layout/FormattingContext.cpp:
(WebCore::Layout::FormattingContext::computeOutOfFlowVerticalGeometry const):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233348 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoDisable IsoHeaps when Gigacage is off
msaboff@apple.com [Fri, 29 Jun 2018 01:40:26 +0000 (01:40 +0000)]
Disable IsoHeaps when Gigacage is off
https://bugs.webkit.org/show_bug.cgi?id=187160

Reviewed by Saam Barati.

If Gigacage is disabled, it may be due to lack of address space.
Therefore we should also turn off IsoHeaps since it uses more virtual
address space as well.

* bmalloc/IsoTLS.cpp:
(bmalloc::IsoTLS::determineMallocFallbackState):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233347 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoIsoCellSet::sweepToFreeList() not safe when Full GC in process
msaboff@apple.com [Fri, 29 Jun 2018 01:37:38 +0000 (01:37 +0000)]
IsoCellSet::sweepToFreeList() not safe when Full GC in process
https://bugs.webkit.org/show_bug.cgi?id=187157

Reviewed by Mark Lam.

* heap/IsoCellSet.cpp:
(JSC::IsoCellSet::sweepToFreeList): Changed the "stale marks logic" to match what
is in MarkedBlock::Handle::specializedSweep where it takes into account whether
or not we are in the process of marking during a full GC.
* heap/MarkedBlock.h:
* heap/MarkedBlockInlines.h:
(JSC::MarkedBlock::Handle::areMarksStaleForSweep): New helper.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233346 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoFind in page for typographic quotes does not find low (German) quotes
commit-queue@webkit.org [Fri, 29 Jun 2018 01:19:51 +0000 (01:19 +0000)]
Find in page for typographic quotes does not find low (German) quotes
https://bugs.webkit.org/show_bug.cgi?id=187164
<rdar://problem/29612785>
Source/WebCore:

Patch by Olivia Barnett <obarnett@apple.com> on 2018-06-28
Reviewed by Tim Horton.

Added additional quote test to LayoutTests/fast/text/find-quotes.html.

Added functionality to replace German quotes when matching.

* editing/TextIterator.cpp:
(WebCore::foldQuoteMark):
(WebCore::foldQuoteMarks):

Source/WTF:

Patch by Olivia Barnett <obarnett@apple.com> on 2018-06-28
Reviewed by Tim Horton.

Added Unicode definitions for German quotation marks.

* wtf/unicode/CharacterNames.h:

LayoutTests:

Patch by Olivia Barnett <obarnett@apple.com> on 2018-06-28
Reviewed by Tim Horton.

Added additional test for German quotes.

* fast/text/find-quotes.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233345 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[iOS] Unreviewed test gardening.
zalan@apple.com [Fri, 29 Jun 2018 01:00:40 +0000 (01:00 +0000)]
[iOS] Unreviewed test gardening.

* platform/ios/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233344 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[LFC] Add block formatting only test cases
zalan@apple.com [Fri, 29 Jun 2018 00:53:22 +0000 (00:53 +0000)]
[LFC] Add block formatting only test cases
https://bugs.webkit.org/show_bug.cgi?id=187162

Reviewed by Antti Koivisto.

These tests are expected to generate the same tree output on every platform (no text, strictly block only).

* fast/block/block-only/absolute-auto-with-sibling-margin-bottom-expected.txt: Added.
* fast/block/block-only/absolute-auto-with-sibling-margin-bottom.html: Added.
* fast/block/block-only/absolute-height-stretch-expected.txt: Added.
* fast/block/block-only/absolute-height-stretch.html: Added.
* fast/block/block-only/absolute-left-auto-expected.txt: Added.
* fast/block/block-only/absolute-left-auto.html: Added.
* fast/block/block-only/absolute-left-right-top-bottom-auto-expected.txt: Added.
* fast/block/block-only/absolute-left-right-top-bottom-auto.html: Added.
* fast/block/block-only/absolute-nested-expected.txt: Added.
* fast/block/block-only/absolute-nested.html: Added.
* fast/block/block-only/absolute-nested2-expected.txt: Added.
* fast/block/block-only/absolute-nested2.html: Added.
* fast/block/block-only/absolute-position-when-containing-block-is-not-in-the-formatting-context-expected.txt: Added.
* fast/block/block-only/absolute-position-when-containing-block-is-not-in-the-formatting-context.html: Added.
* fast/block/block-only/absolute-position-when-containing-block-is-not-in-the-formatting-context2-expected.txt: Added.
* fast/block/block-only/absolute-position-when-containing-block-is-not-in-the-formatting-context2.html: Added.
* fast/block/block-only/absolute-simple-expected.txt: Added.
* fast/block/block-only/absolute-simple.html: Added.
* fast/block/block-only/absolute-width-shrink-to-fit-expected.txt: Added.
* fast/block/block-only/absolute-width-shrink-to-fit.html: Added.
* fast/block/block-only/absolute-width-stretch-expected.txt: Added.
* fast/block/block-only/absolute-width-stretch.html: Added.
* fast/block/block-only/absolute-with-static-block-position-nested-expected.txt: Added.
* fast/block/block-only/absolute-with-static-block-position-nested.html: Added.
* fast/block/block-only/almost-intruding-left-float-simple-expected.txt: Added.
* fast/block/block-only/almost-intruding-left-float-simple.html: Added.
* fast/block/block-only/border-simple-expected.txt: Added.
* fast/block/block-only/border-simple.html: Added.
* fast/block/block-only/fixed-nested-expected.txt: Added.
* fast/block/block-only/fixed-nested.html: Added.
* fast/block/block-only/float-left-when-container-has-padding-margin-expected.txt: Added.
* fast/block/block-only/float-left-when-container-has-padding-margin.html: Added.
* fast/block/block-only/floating-box-clear-both-simple-expected.txt: Added.
* fast/block/block-only/floating-box-clear-both-simple.html: Added.
* fast/block/block-only/floating-box-clear-right-simple-expected.txt: Added.
* fast/block/block-only/floating-box-clear-right-simple.html: Added.
* fast/block/block-only/floating-box-left-and-right-multiple-expected.txt: Added.
* fast/block/block-only/floating-box-left-and-right-multiple-with-top-offset-expected.txt: Added.
* fast/block/block-only/floating-box-left-and-right-multiple-with-top-offset.html: Added.
* fast/block/block-only/floating-box-left-and-right-multiple.html: Added.
* fast/block/block-only/floating-box-right-simple-expected.txt: Added.
* fast/block/block-only/floating-box-right-simple.html: Added.
* fast/block/block-only/floating-box-with-clear-siblings-expected.txt: Added.
* fast/block/block-only/floating-box-with-clear-siblings.html: Added.
* fast/block/block-only/floating-box-with-clear-simple-expected.txt: Added.
* fast/block/block-only/floating-box-with-clear-simple.html: Added.
* fast/block/block-only/floating-box-with-new-formatting-context-expected.txt: Added.
* fast/block/block-only/floating-box-with-new-formatting-context.html: Added.
* fast/block/block-only/floating-box-with-relative-positioned-sibling-expected.txt: Added.
* fast/block/block-only/floating-box-with-relative-positioned-sibling.html: Added.
* fast/block/block-only/floating-left-right-simple-expected.txt: Added.
* fast/block/block-only/floating-left-right-simple.html: Added.
* fast/block/block-only/floating-left-right-with-all-margins-expected.txt: Added.
* fast/block/block-only/floating-left-right-with-all-margins.html: Added.
* fast/block/block-only/floating-lefts-and-rights-simple-expected.txt: Added.
* fast/block/block-only/floating-lefts-and-rights-simple.html: Added.
* fast/block/block-only/floating-multiple-lefts-expected.txt: Added.
* fast/block/block-only/floating-multiple-lefts-in-body-expected.txt: Added.
* fast/block/block-only/floating-multiple-lefts-in-body.html: Added.
* fast/block/block-only/floating-multiple-lefts-multiple-lines-expected.txt: Added.
* fast/block/block-only/floating-multiple-lefts-multiple-lines.html: Added.
* fast/block/block-only/floating-multiple-lefts.html: Added.
* fast/block/block-only/floating-with-new-block-formatting-context-expected.txt: Added.
* fast/block/block-only/floating-with-new-block-formatting-context.html: Added.
* fast/block/block-only/margin-collapse-bottom-bottom-expected.txt: Added.
* fast/block/block-only/margin-collapse-bottom-bottom.html: Added.
* fast/block/block-only/margin-collapse-bottom-nested-expected.txt: Added.
* fast/block/block-only/margin-collapse-bottom-nested.html: Added.
* fast/block/block-only/margin-collapse-first-last-are-floating-expected.txt: Added.
* fast/block/block-only/margin-collapse-first-last-are-floating.html: Added.
* fast/block/block-only/margin-collapse-simple-expected.txt: Added.
* fast/block/block-only/margin-collapse-simple.html: Added.
* fast/block/block-only/margin-collapse-top-nested-expected.txt: Added.
* fast/block/block-only/margin-collapse-top-nested.html: Added.
* fast/block/block-only/margin-collapse-when-child-has-padding-border-expected.txt: Added.
* fast/block/block-only/margin-collapse-when-child-has-padding-border.html: Added.
* fast/block/block-only/margin-collapse-with-block-formatting-context-expected.txt: Added.
* fast/block/block-only/margin-collapse-with-block-formatting-context.html: Added.
* fast/block/block-only/margin-collapse-with-block-formatting-context2-expected.txt: Added.
* fast/block/block-only/margin-collapse-with-block-formatting-context2.html: Added.
* fast/block/block-only/margin-left-right-sizing-expected.txt: Added.
* fast/block/block-only/margin-left-right-sizing-out-of-flow-expected.txt: Added.
* fast/block/block-only/margin-left-right-sizing-out-of-flow.html: Added.
* fast/block/block-only/margin-left-right-sizing.html: Added.
* fast/block/block-only/margin-propagation-simple-content-height-expected.txt: Added.
* fast/block/block-only/margin-propagation-simple-content-height.html: Added.
* fast/block/block-only/margin-sibling-collapse-propagated-expected.txt: Added.
* fast/block/block-only/margin-sibling-collapse-propagated.html: Added.
* fast/block/block-only/margin-simple-expected.txt: Added.
* fast/block/block-only/margin-simple.html: Added.
* fast/block/block-only/negative-margin-simple-expected.txt: Added.
* fast/block/block-only/negative-margin-simple.html: Added.
* fast/block/block-only/padding-nested-expected.txt: Added.
* fast/block/block-only/padding-nested.html: Added.
* fast/block/block-only/padding-simple-expected.txt: Added.
* fast/block/block-only/padding-simple.html: Added.
* fast/block/block-only/relative-auto-expected.txt: Added.
* fast/block/block-only/relative-auto-with-parent-offset-expected.txt: Added.
* fast/block/block-only/relative-auto-with-parent-offset.html: Added.
* fast/block/block-only/relative-auto.html: Added.
* fast/block/block-only/relative-bottom-expected.txt: Added.
* fast/block/block-only/relative-bottom.html: Added.
* fast/block/block-only/relative-position-when-containing-block-is-not-in-the-formatting-context-expected.txt: Added.
* fast/block/block-only/relative-position-when-containing-block-is-not-in-the-formatting-context.html: Added.
* fast/block/block-only/relative-right-expected.txt: Added.
* fast/block/block-only/relative-right.html: Added.
* fast/block/block-only/relative-siblings-expected.txt: Added.
* fast/block/block-only/relative-siblings.html: Added.
* fast/block/block-only/relative-simple-expected.txt: Added.
* fast/block/block-only/relative-simple.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233343 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoMake sure the WebResourceLoadStatisticsStore gets destroyed on the main thread
cdumez@apple.com [Fri, 29 Jun 2018 00:05:59 +0000 (00:05 +0000)]
Make sure the WebResourceLoadStatisticsStore gets destroyed on the main thread
https://bugs.webkit.org/show_bug.cgi?id=187143

Reviewed by Youenn Fablet.

Have WebResourceLoadStatisticsStore subclass ThreadSafeRefCounted<WebResourceLoadStatisticsStore, WTF::DestructionThread::Main>
instead of IPC::Connection::WorkQueueMessageReceiver. This makes sure that the WebResourceLoadStatisticsStore
objects get destroyed on the main thread, even if the last ref was held by a background thread.

Also, methods called by IPC are now called on the main thread instead of the background queue. I think it is clearer for all
of WebResourceLoadStatisticsStore usage to be on the main thread. Expensive work is still done on the background queue, inside
the persistent / memory store classes.

* UIProcess/WebResourceLoadStatisticsStore.cpp:
(WebKit::WebResourceLoadStatisticsStore::~WebResourceLoadStatisticsStore):
(WebKit::WebResourceLoadStatisticsStore::flushAndDestroyPersistentStore):
(WebKit::WebResourceLoadStatisticsStore::resourceLoadStatisticsUpdated):
(WebKit::WebResourceLoadStatisticsStore::requestStorageAccessUnderOpener):
(WebKit::WebResourceLoadStatisticsStore::processWillOpenConnection):
(WebKit::WebResourceLoadStatisticsStore::processDidCloseConnection):
* UIProcess/WebResourceLoadStatisticsStore.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233342 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoREGRESSION (233281): fast/dom/location-new-window-no-crash.html and some other tests...
antti@apple.com [Thu, 28 Jun 2018 23:57:57 +0000 (23:57 +0000)]
REGRESSION (233281): fast/dom/location-new-window-no-crash.html and some other tests are timing out
https://bugs.webkit.org/show_bug.cgi?id=187156

Reviewed by Zalan Bujtas.

We need still need to re-enable memory cache client calls even when not doing other post-resolution callbacks.

* style/StyleTreeResolver.cpp:
(WebCore::Style::memoryCacheClientCallsResumeQueue):

Add a separate queue for this.

(WebCore::Style::suspendMemoryCacheClientCalls):
(WebCore::Style::PostResolutionCallbackDisabler::~PostResolutionCallbackDisabler):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233341 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoAdd nullptr check for xpc_connection_t in AuthenticationManager::initializeConnection
jiewen_tan@apple.com [Thu, 28 Jun 2018 23:57:01 +0000 (23:57 +0000)]
Add nullptr check for xpc_connection_t in AuthenticationManager::initializeConnection
https://bugs.webkit.org/show_bug.cgi?id=187110
<rdar://problem/41536815>

Reviewed by Brent Fulgham.

In some rare cases as shown by crash tracers that the passed xpc_connection_t object could be nullptr,
and xpc_connection_set_event_handler won't do the nullptr check on its parameters. Therefore, we should
do it by ourselves.

* Shared/Authentication/cocoa/AuthenticationManagerCocoa.mm:
(WebKit::AuthenticationManager::initializeConnection):
* UIProcess/Authentication/cocoa/AuthenticationChallengeProxyCocoa.mm:
(WebKit::AuthenticationChallengeProxy::sendClientCertificateCredentialOverXpc const):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233340 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[iOS] DataTransfer.getData always returns the empty string when dropping text
wenson_hsieh@apple.com [Thu, 28 Jun 2018 23:52:57 +0000 (23:52 +0000)]
[iOS] DataTransfer.getData always returns the empty string when dropping text
https://bugs.webkit.org/show_bug.cgi?id=187130
<rdar://problem/41014117>

Reviewed by Ryosuke Niwa.

Source/WebCore:

Currently, DataTransfer.getData() always returns the empty string on drop. This is because all data on drop is
backed by local files in the temporary directory, so the number of files is never 0; this, combined with the
fact that WebKit will suppress access to the DataTransfer object if there is one or more file in the pasteboard,
means that getData() never works for drag and drop on iOS at the moment. To fix this, we need to know whether a
dropped item provider is a file.

Ideally, we'd have a flag to tell us whether or not an NSItemProvider being dropped is a file, or instead just
inline data - in fact, this flag already exists in the form of UIPreferredPresentationStyle. Unfortunately, not
all apps that vend draggable files specify this, so we can't simply ask the item provider whether it's intended
to be a file. As a workaround, we can use several heuristics to determine the "file content state" of the drag
pasteboard on iOS (see below for more details).

This patch adds some plumbing through the client layers to grab a list of item information describing each
dropped item provider on iOS. Using this information, we tweak the logic in Pasteboard::fileContentState to make
an educated guess at whether or not the pasteboard really contains files; if we determine that the pasteboard
probably contains no files, we'll allow DataTransfer.getData() to retrieve information from the pasteboard.
Otherwise, if the pasteboard may contain files, we'll fall back to our current behavior of including the "Files"
type in DataTransfer.types and allowing the page to grab file data using DataTransfer.files or
DataTransfer.items.

Tests:  DataInteractionTests.DataTransferGetDataReadPlainAndRichText
        DataInteractionTests.DataTransferSuppressGetDataDueToPresenceOfTextFile

* dom/DataTransfer.cpp:
(WebCore::DataTransfer::filesFromPasteboardAndItemList const):

Check Pasteboard::fileContentState() to ensure that we don't expose files when DataTransfer.types does not
contain the "Files" type, and vice versa, and DataTranser.files is also empty in this case.

* dom/DataTransferItemList.cpp:
* platform/PasteboardItemInfo.h:

Add a couple of additional members to PasteboardItemInfo: suggestedFileName and hasDeclaredNonTextType, a flag
that indicates whether or not the pasteboard item has a type representation that is a declared type, but is not
a text type (i.e. does not conform to "public.text", "public.url", or rich text format with attachment types).

(WebCore::PasteboardItemInfo::encode const):
(WebCore::PasteboardItemInfo::decode):
* platform/PasteboardStrategy.h:
* platform/PlatformPasteboard.h:
* platform/cocoa/PasteboardCocoa.mm:
(WebCore::Pasteboard::fileContentState):

Instead of always considering a dropped item provider on iOS to represent a file, only do so if at least one of
the following conditions are met:
- The drop session contains multiple item providers (flocking text selections is a very rare use case).
- The item provider was explicitly marked as an attachment.
- The item provider has a suggested file name.
- The item provider has any other content that is not text.

In the case where none of the above conditions are met, the item provider (if it ends up being a file) is
essentially indistinguishable from inline data. An example of this is dropping a plain text file that is
unnamed, with no presentation style, and alongside no other items nor other known type representations. These
are cases in which whether the item is treated as a file or as inline data is (hopefully) irrelevant.

* platform/ios/PlatformPasteboardIOS.mm:
(WebCore::PlatformPasteboard::allPasteboardItemInfo):
(WebCore::PlatformPasteboard::informationForItemAtIndex):

Source/WebKit:

Add plumbing to grab information for each item in the pasteboard. See WebCore ChangeLog for more detail.

* UIProcess/Cocoa/WebPasteboardProxyCocoa.mm:
(WebKit::WebPasteboardProxy::allPasteboardItemInfo):
* UIProcess/WebPasteboardProxy.h:
* UIProcess/WebPasteboardProxy.messages.in:
* WebProcess/WebCoreSupport/WebPlatformStrategies.cpp:
(WebKit::WebPlatformStrategies::allPasteboardItemInfo):
* WebProcess/WebCoreSupport/WebPlatformStrategies.h:

Source/WebKitLegacy/mac:

Add plumbing to grab information for each item in the pasteboard. See WebCore ChangeLog for more detail.

* WebCoreSupport/WebPlatformStrategies.h:
* WebCoreSupport/WebPlatformStrategies.mm:
(WebPlatformStrategies::allPasteboardItemInfo):

Tools:

Add 2 new API tests to verify that:
-   When dropping an item with text, markup, and URL representations, the page is allowed to get "text/html",
    "text/plain" and "text/uri-list" data.
-   Adding a suggested name to a plain text item causes WebKit to treat it as a file, and suppress access to
    DataTransfer.getData().

Additionally tweaks a couple of existing API tests. Namely, in two API tests
(ExternalSourceOverrideDropFileUpload and ExternalSourceHTMLToUploadArea) only a markup string is dropped, and
we previously expected to handle the drop as a file. To allow this test to continue serving its purpose, tweak
them such that the registered items appear to be file-backed (i.e. by adding a suggested filename in one of the
tests, and specifying UIPreferredPresentationStyleAttachment in the other).

* TestWebKitAPI/Tests/ios/DataInteractionTests.mm:
(TestWebKitAPI::TEST):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233339 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoDon't force black text when TextIndicator draws backgrounds or all content.
timothy@apple.com [Thu, 28 Jun 2018 23:23:32 +0000 (23:23 +0000)]
Don't force black text when TextIndicator draws backgrounds or all content.
https://bugs.webkit.org/show_bug.cgi?id=187161
rdar://problem/40434644

Reviewed by Tim Horton.

* page/TextIndicator.cpp:
(WebCore::snapshotOptionsForTextIndicatorOptions):
Only set SnapshotOptionsForceBlackText when TextIndicatorOptionRespectTextColor and
TextIndicatorOptionPaintBackgrounds are not set.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233338 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoEarly return when handling fetch event in case service worker origin does not match...
youenn@apple.com [Thu, 28 Jun 2018 22:45:20 +0000 (22:45 +0000)]
Early return when handling fetch event in case service worker origin does not match origin of a subresource load
https://bugs.webkit.org/show_bug.cgi?id=187153
<rdar://problem/41329832>

Reviewed by Chris Dumez.

Stop crashing the service worker process in case a subresource load origin is not matching a service worker origin.
Instead, just return early so that the load will be handled by the network process.

Keep crashing in case a navigation load is not matching its service worker origin.
Add more logging to help with the debugging.

* WebProcess/Storage/WebSWContextManagerConnection.cpp:
(WebKit::logValidFetchError):
(WebKit::isValidFetch):
(WebKit::WebSWContextManagerConnection::startFetch):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233335 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoWeb Inspector: REGRESSION (r213000): copy from Search results content view broken
mattbaker@apple.com [Thu, 28 Jun 2018 22:38:41 +0000 (22:38 +0000)]
Web Inspector: REGRESSION (r213000): copy from Search results content view broken
https://bugs.webkit.org/show_bug.cgi?id=187020
<rdar://problem/40928766>

Reviewed by Timothy Hatcher.

Since WI._copy listens for a copy event from the document, it is called
after CodeMirror handles the event and sets clipboard data. If WI._copy
finds a custom copy handler to call, that handler can determine whether
to overwrite the current clipboard data, or leave it alone.

SearchTabContentView's handleCopyEvent method should return early if the
content tree outline doesn't have the focus. This prevents the selection
in the TextEditor from being overwritten, without any special knowledge of
the content browser's current view.

* UserInterface/Views/SearchTabContentView.js:
(WI.SearchTabContentView.prototype.handleCopyEvent):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233334 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoFix a bug ComponentBase that wrong content template may be used.
dewei_zhu@apple.com [Thu, 28 Jun 2018 22:14:39 +0000 (22:14 +0000)]
Fix a bug ComponentBase that wrong content template may be used.
https://bugs.webkit.org/show_bug.cgi?id=187159

Reviewed by Ryosuke Niwa.

ComponentBase uses '_parsed' to mark whether content and style templates of a class
is parsed. However, derived class parsing will be skipped as 'Derive._parsed' is available
via prototype chain whenever the base class is parsed.

* browser-tests/component-base-tests.js: Added unit tests.
* public/v3/components/base.js: Added 'hasOwnProperty' to make sure current class is parsed.
(ComponentBase.prototype._ensureShadowTree):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233333 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoUnreviewed, rolling out r226652.
Basuke.Suzuki@sony.com [Thu, 28 Jun 2018 22:13:04 +0000 (22:13 +0000)]
Unreviewed, rolling out r226652.
https://bugs.webkit.org/show_bug.cgi?id=180827

"PlatformInfo should never be instantiated in isolation. So, PlatformInfo should
not have default argument values. The preferred way to get a PlatformInfo object
is to instantiate a Host object." (Requested by dbates).

Reverted changeset:

"[webkitpy] PlatformInfo should have default argument for casual use"
https://bugs.webkit.org/show_bug.cgi?id=180827

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233332 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoFullscreen exits when placeholder is removed then added during a single runloop.
commit-queue@webkit.org [Thu, 28 Jun 2018 21:55:04 +0000 (21:55 +0000)]
Fullscreen exits when placeholder is removed then added during a single runloop.
https://bugs.webkit.org/show_bug.cgi?id=187079

Patch by Jeremy Jones <jeremyj@apple.com> on 2018-06-28
Reviewed by Jer Noble.

Instead of closing fullscreen as soon as the placeholder is removed from the view hierarchy,
give the placeholder until the next runloop to be re-added to the view hierarchy.

* UIProcess/ios/fullscreen/WKFullScreenWindowControllerIOS.mm:
(-[WKFullScreenWindowController placeholderWillMoveToSuperview:]):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233331 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoTry to address test failures on the bots.
simon.fraser@apple.com [Thu, 28 Jun 2018 21:54:26 +0000 (21:54 +0000)]
Try to address test failures on the bots.

Allow the test to distinguish between a failure to find the variable, and an error
reporting vector capacity.

* lldb/lldb_webkit_unittest.py:
(TestSummaryProviders.serial_test_WTFVectorProvider_empty_vector):
(TestSummaryProviders.serial_test_WTFVectorProvider_vector_size_and_capacity):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@233330 268f45cc-cd09-0410-ab3c-d52691b4dbfc