WebKit-https.git
6 months ago[GTK][WPE] WTR: fix handling of WebsiteDataStore
carlosgc@webkit.org [Wed, 8 Apr 2020 06:19:23 +0000 (06:19 +0000)]
[GTK][WPE] WTR: fix handling of WebsiteDataStore
https://bugs.webkit.org/show_bug.cgi?id=210106

Reviewed by Adrian Perez de Castro.

Source/WebKit:

Add WKContextSetPrimaryWebsiteDataStore() to expose WebProcessPool::setPrimaryDataStore().

* UIProcess/API/C/WKContext.cpp:
(WKContextSetPrimaryWebsiteDataStore):
* UIProcess/API/C/WKContextPrivate.h:

Tools:

The TestController::defaultWebsiteDataStore() is created and used but never really assigned to the
context. Since we are not assigning a WebsiteDataStore to the context, and we don't use the default
WebsiteDataStore, when a new page is created, we end up creating the default one (with the default config,
instead of the one created by WTR).

* WebKitTestRunner/TestController.cpp:
(WTR::TestController::platformAdjustContext): Set defaultWebsiteDataStore() as the primary data store of the
context like the GLib API does.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259705 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[Clang 10] Fix -Wimplicit-int-float-conversion compilation warnings in TestWebKitAPI
Hironori.Fujii@sony.com [Wed, 8 Apr 2020 05:46:25 +0000 (05:46 +0000)]
[Clang 10] Fix -Wimplicit-int-float-conversion compilation warnings in TestWebKitAPI
https://bugs.webkit.org/show_bug.cgi?id=210067

Reviewed by Darin Adler.

There are test cases for overflow, non-overflow, underflow and
non-underflow edge cases in WTF.clampToIntegerFloat test.
maxPlusOne<int> can be used for overflow edge case, INT_MIN for
non-underflow. This change added code to calculate values for
non-overflow and underflow cases.

* TestWebKitAPI/Tests/WTF/MathExtras.cpp:
(TestWebKitAPI::TEST(WTF.clampToIntegerFloat)):
* TestWebKitAPI/Tests/WebCore/FloatRect.cpp:
(TestWebKitAPI::TEST(FloatRect.EnclosingIntRect)): Replaced
shiftMaxXEdgeTo(INT_MAX) with shiftMaxXEdgeTo(0) because it also
causes overflow for enclosingIntRect.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259704 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[css-values-4] Support font-relative lh and rlh unit
commit-queue@webkit.org [Wed, 8 Apr 2020 04:45:45 +0000 (04:45 +0000)]
[css-values-4] Support font-relative lh and rlh unit
https://bugs.webkit.org/show_bug.cgi?id=195180

Patch by Tyler Wilcock <twilco.o@protonmail.com> on 2020-04-07
Reviewed by Antti Koivisto.

LayoutTests/imported/w3c:

Pass all 'lh' and 'rlh' tests, minus the '2rlh in font-size on root' test which may be a bug in the test itself: https://github.com/web-platform-tests/wpt/issues/22055

* web-platform-tests/css/css-values/lh-rlh-on-root-001-expected.txt:

Source/WebCore:

Implement support for 'lh' and 'rlh' units.
https://www.w3.org/TR/css-values-4/#font-relative-lengths

* css/CSSCalculationValue.cpp:
(WebCore::calcUnitCategory):
(WebCore::calculationCategoryForCombination):
(WebCore::hasDoubleValue):
* css/CSSGradientValue.cpp:
(WebCore::CSSLinearGradientValue::createGradient):
(WebCore::CSSRadialGradientValue::createGradient):
(WebCore::CSSConicGradientValue::createGradient):
* css/CSSPrimitiveValue.cpp:
(WebCore::isValidCSSUnitTypeForDoubleConversion):
(WebCore::isStringType):
(WebCore::CSSPrimitiveValue::cleanup):
(WebCore::CSSPrimitiveValue::computeNonCalcLengthDouble):
(WebCore::CSSPrimitiveValue::unitTypeString):
(WebCore::CSSPrimitiveValue::formatNumberForCustomCSSText const):
(WebCore::CSSPrimitiveValue::equals const):
(WebCore::CSSPrimitiveValue::collectDirectComputationalDependencies const):
(WebCore::CSSPrimitiveValue::collectDirectRootComputationalDependencies const):
* css/CSSPrimitiveValue.h:
(WebCore::CSSPrimitiveValue::isFontRelativeLength):
(WebCore::CSSPrimitiveValue::isLength):
* css/CSSPrimitiveValueMappings.h:
(WebCore::CSSPrimitiveValue::convertingToLengthRequiresNonNullStyle const):
* css/CSSToLengthConversionData.cpp:
(WebCore::CSSToLengthConversionData::viewportWidthFactor const):
(WebCore::CSSToLengthConversionData::viewportHeightFactor const):
(WebCore::CSSToLengthConversionData::viewportMinFactor const):
(WebCore::CSSToLengthConversionData::viewportMaxFactor const):
* css/CSSToLengthConversionData.h: Replace bool 'm_computingFontSize' with Optional<CSSPropertyID> that indicates the property being computed, where none means the property being computed is unknown or unimportant to know.
(WebCore::CSSToLengthConversionData::CSSToLengthConversionData): Add 'parentStyle' parameter, necessary for calculating lh/rlh unit values.
(WebCore::CSSToLengthConversionData::parentStyle const):
(WebCore::CSSToLengthConversionData::computingFontSize const):
(WebCore::CSSToLengthConversionData::computingLineHeight const):
(WebCore::CSSToLengthConversionData::copyWithAdjustedZoom const):
(WebCore::CSSToLengthConversionData::copyWithAdjustedZoomAndPropertyToCompute const):
* css/CSSUnits.cpp:
(WebCore::operator<<):
* css/CSSUnits.h:
* css/MediaQueryEvaluator.cpp:
(WebCore::MediaQueryEvaluator::evaluate const):
* css/parser/CSSParserToken.cpp:
(WebCore::cssPrimitiveValueUnitFromTrie):
* css/parser/CSSPropertyParserHelpers.cpp:
(WebCore::CSSPropertyParserHelpers::consumeLength):
* css/parser/SizesAttributeParser.cpp:
(WebCore::SizesAttributeParser::computeLength):
(WebCore::SizesAttributeParser::effectiveSizeDefaultValue):
* html/shadow/TextControlInnerElements.cpp:
(WebCore::TextControlInnerElement::resolveCustomStyle):
* rendering/RenderElement.h:
(WebCore::RenderElement::parentStyle const):
* rendering/RenderThemeIOS.mm:
(WebCore::applyCommonButtonPaddingToStyle):
(WebCore::RenderThemeIOS::adjustButtonStyle const):
* rendering/style/RenderStyle.cpp: Extract 'computedLineHeight' behavior into separate 'computeLineHeight' function so logic can be reused elsewhere.
(WebCore::RenderStyle::computedLineHeight const):
(WebCore::RenderStyle::computeLineHeight const):
* rendering/style/RenderStyle.h:
* style/StyleBuilderConverter.h: Extract zoom calculation logic out of 'csstoLengthConversionDataWithTextZoomFactor' into separate 'zoomWithTextZoomFactor' function so logic can be reused elsewhere.
(WebCore::Style::zoomWithTextZoomFactor):
(WebCore::Style::BuilderConverter::csstoLengthConversionDataWithTextZoomFactor):
(WebCore::Style::BuilderConverter::convertLineHeight):
* style/StyleBuilderCustom.h:
(WebCore::Style::BuilderCustom::applyValueFontSize):
* style/StyleBuilderState.cpp:
(WebCore::Style::BuilderState::BuilderState):

LayoutTests:

Implement support for the font-relative 'lh' and 'rlh' units.
https://www.w3.org/TR/css-values-4/#font-relative-lengths

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259703 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[iOS] webrtc/h265.html is consistently timing out
ryanhaddad@apple.com [Wed, 8 Apr 2020 03:59:00 +0000 (03:59 +0000)]
[iOS] webrtc/h265.html is consistently timing out
https://bugs.webkit.org/show_bug.cgi?id=210173

Unreviewed test gardening.

* platform/ios/TestExpectations: Skip the test on iOS.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259702 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agofastclick.com: A Gradient banner is missing
zalan@apple.com [Wed, 8 Apr 2020 03:36:05 +0000 (03:36 +0000)]
fastclick.com: A Gradient banner is missing
https://bugs.webkit.org/show_bug.cgi?id=210169
<rdar://problem/60680979>

Reviewed by Simon Fraser.

Source/WebCore:

This patch ensures that if the non-fixed specified size for the background content computes to be a close-to-zero value, we produce at least one device pixel size content.
(and this is similar to what we do for FillSizeType::Contain/Cover.)

Test: fast/backgrounds/generated-bck-image-with-small-relative-size.html

* rendering/RenderBoxModelObject.cpp:
(WebCore::RenderBoxModelObject::calculateFillTileSize const):

LayoutTests:

* fast/backgrounds/generated-bck-image-with-small-relative-size-expected.html: Added.
* fast/backgrounds/generated-bck-image-with-small-relative-size.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259701 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[iOS] Deny mach lookup access to the runningboard service in the WebContent process
pvollan@apple.com [Wed, 8 Apr 2020 02:38:42 +0000 (02:38 +0000)]
[iOS] Deny mach lookup access to the runningboard service in the WebContent process
https://bugs.webkit.org/show_bug.cgi?id=209933

Reviewed by Chris Dumez.

Source/WebKit:

Creating the dependency process assertion in the WebContent process requires access to runningboard, but since
this is only done on process startup, we can issue a temporary extension to the runningboard service, which
will be immediately revoked after the process assertion has been created.

Test: fast/sandbox/ios/sandbox-mach-lookup.html

* Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:
* Shared/WebProcessCreationParameters.cpp:
(WebKit::WebProcessCreationParameters::encode const):
(WebKit::WebProcessCreationParameters::decode):
* Shared/WebProcessCreationParameters.h:
* UIProcess/Cocoa/WebProcessPoolCocoa.mm:
(WebKit::WebProcessPool::platformInitializeWebProcess):
* WebProcess/WebProcess.cpp:
(WebKit::WebProcess::initializeConnection):
* WebProcess/cocoa/WebProcessCocoa.mm:
(WebKit::WebProcess::platformInitializeWebProcess):

LayoutTests:

* fast/sandbox/ios/sandbox-mach-lookup-expected.txt:
* fast/sandbox/ios/sandbox-mach-lookup.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259700 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[ews] Add unit tests for layout tests factories
aakash_jain@apple.com [Wed, 8 Apr 2020 01:38:41 +0000 (01:38 +0000)]
[ews] Add unit tests for layout tests factories
https://bugs.webkit.org/show_bug.cgi?id=210150

Reviewed by Jonathan Bedard.

* BuildSlaveSupport/ews-build/factories_unittest.py:
(TestLayoutTestsFactory):
(TestLayoutTestsFactory.test_macos_wk1_release_factory): Added unit-test.
(TestLayoutTestsFactory.test_macos_wk1_debug_factory): Ditto.
(TestLayoutTestsFactory.test_macos_wk2_factory): Ditto.
(TestLayoutTestsFactory.test_ios_wk2_factory): Ditto.
(TestGTKFactory): Renamed.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259699 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoUnreviewed. remove the build warning below since r243033.
jh718.park@samsung.com [Wed, 8 Apr 2020 00:59:37 +0000 (00:59 +0000)]
Unreviewed. remove the build warning below since r243033.
warning: unused parameter ‘pageMuted’ [-Wunused-parameter]

No new tests, no new behaviors.

* platform/mediastream/RealtimeMediaSource.cpp:
(WebCore::RealtimeMediaSource::setInterrupted):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259698 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[ews] Improve summary for CheckPatchRelevance build step
aakash_jain@apple.com [Wed, 8 Apr 2020 00:38:33 +0000 (00:38 +0000)]
[ews] Improve summary for CheckPatchRelevance build step
https://bugs.webkit.org/show_bug.cgi?id=210146

Reviewed by Jonathan Bedard.

* BuildSlaveSupport/ews-build/steps.py:
(CheckPatchRelevance): Improved success message.
(CheckPatchRelevance.start):
(CheckPatchRelevance.getResultSummary): Improved failure message.
* BuildSlaveSupport/ews-build/steps_unittest.py: Updated unit-tests.
* BuildSlaveSupport/ews-app/ews/views/statusbubble.py: Updated accordingly.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259694 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoITP Debug Mode logs should be more generic now that it blocks all third-party cookies...
wilander@apple.com [Wed, 8 Apr 2020 00:34:20 +0000 (00:34 +0000)]
ITP Debug Mode logs should be more generic now that it blocks all third-party cookies by default
https://bugs.webkit.org/show_bug.cgi?id=210133
<rdar://problem/61399686>

Reviewed by Brent Fulgham.

No new tests. Just a change of logging.

* NetworkProcess/Classifier/ResourceLoadStatisticsDatabaseStore.cpp:
(WebKit::ResourceLoadStatisticsMemoryStore::updateCookieBlocking):
    Now logs if either vector has entries and uses more generic language.
* NetworkProcess/Classifier/ResourceLoadStatisticsMemoryStore.cpp:
(WebKit::ResourceLoadStatisticsMemoryStore::updateCookieBlocking):
    Now logs if either vector has entries and uses more generic language.
* NetworkProcess/Classifier/ResourceLoadStatisticsStore.cpp:
(WebKit::ResourceLoadStatisticsStore::debugLogDomainsInBatches):
    Removed hard-coded references to third-party cookie blocking and parameterized it instead.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259693 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoMove the misplaced statement to the proper place where in
jh718.park@samsung.com [Wed, 8 Apr 2020 00:32:13 +0000 (00:32 +0000)]
Move the misplaced statement to the proper place where in
RESOURCE_LOAD_STATISTICS macro.

This patch removes the build warning below since r259275.
warning: unused variable ‘sameSiteStrictEnforcementEnabled’ [-Wunused-variable]

No new tests, no new behavior changes.

* UIProcess/WebProcessPool.cpp:
(WebKit::WebProcessPool::ensureNetworkProcess):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259688 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoAX: VoiceOver can't activate combobox when textfield is inside it
cfleizach@apple.com [Tue, 7 Apr 2020 23:43:29 +0000 (23:43 +0000)]
AX: VoiceOver can't activate combobox when textfield is inside it
https://bugs.webkit.org/show_bug.cgi?id=210081

Reviewed by Joanmarie Diggs.

Source/WebCore:

Change accessKeyAction to return whether a simulated click event was dispatched.
Accessibility uses that information to decide whether it should sent an event afterwards, because
some objects accessKeyAction is only to focus(). AX is expected here to press on the object (and possibly focus).

Test: accessibility/activation-of-input-field-inside-other-element.html

* accessibility/AccessibilityObject.cpp:
(WebCore::AccessibilityObject::press):
* dom/Element.h:
(WebCore::Element::accessKeyAction):
* html/BaseCheckableInputType.cpp:
(WebCore::BaseCheckableInputType::accessKeyAction):
* html/BaseCheckableInputType.h:
* html/BaseChooserOnlyDateAndTimeInputType.cpp:
(WebCore::BaseChooserOnlyDateAndTimeInputType::accessKeyAction):
* html/BaseChooserOnlyDateAndTimeInputType.h:
* html/BaseClickableWithKeyInputType.cpp:
(WebCore::BaseClickableWithKeyInputType::accessKeyAction):
* html/BaseClickableWithKeyInputType.h:
* html/HTMLAnchorElement.cpp:
(WebCore::HTMLAnchorElement::accessKeyAction):
* html/HTMLAnchorElement.h:
* html/HTMLButtonElement.cpp:
(WebCore::HTMLButtonElement::accessKeyAction):
* html/HTMLButtonElement.h:
* html/HTMLElement.cpp:
(WebCore::HTMLElement::accessKeyAction):
* html/HTMLElement.h:
* html/HTMLInputElement.cpp:
(WebCore::HTMLInputElement::accessKeyAction):
* html/HTMLInputElement.h:
* html/HTMLLabelElement.cpp:
(WebCore::HTMLLabelElement::accessKeyAction):
* html/HTMLLabelElement.h:
* html/HTMLLegendElement.cpp:
(WebCore::HTMLLegendElement::accessKeyAction):
* html/HTMLLegendElement.h:
* html/HTMLOptGroupElement.cpp:
(WebCore::HTMLOptGroupElement::accessKeyAction):
* html/HTMLOptGroupElement.h:
* html/HTMLOptionElement.cpp:
(WebCore::HTMLOptionElement::accessKeyAction):
* html/HTMLOptionElement.h:
* html/HTMLSelectElement.cpp:
(WebCore::HTMLSelectElement::accessKeyAction):
* html/HTMLSelectElement.h:
* html/HTMLTextAreaElement.cpp:
(WebCore::HTMLTextAreaElement::accessKeyAction):
* html/HTMLTextAreaElement.h:
* html/HiddenInputType.cpp:
(WebCore::HiddenInputType::accessKeyAction):
* html/HiddenInputType.h:
* html/InputType.cpp:
(WebCore::InputType::accessKeyAction):
* html/InputType.h:
* html/RangeInputType.cpp:
(WebCore::RangeInputType::accessKeyAction):
* html/RangeInputType.h:
* svg/SVGElement.cpp:
(WebCore::SVGElement::accessKeyAction):
* svg/SVGElement.h:

LayoutTests:

* accessibility/activation-of-input-field-inside-other-element-expected.txt: Added.
* accessibility/activation-of-input-field-inside-other-element.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259687 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[ iOS ] http/tests/security/appcache-in-private-browsing.html is flaky timing out
lawrence.j@apple.com [Tue, 7 Apr 2020 23:42:34 +0000 (23:42 +0000)]
[ iOS ] http/tests/security/appcache-in-private-browsing.html is flaky timing out
https://bugs.webkit.org/show_bug.cgi?id=206750

Unreviewed test gardening.

* platform/ios-wk2/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259686 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[ Catalina wk2 ] webrtc/peer-connection-audio-mute2.html is flaky timing out.
lawrence.j@apple.com [Tue, 7 Apr 2020 23:25:33 +0000 (23:25 +0000)]
[ Catalina wk2 ] webrtc/peer-connection-audio-mute2.html is flaky timing out.
https://bugs.webkit.org/show_bug.cgi?id=210165

Unreviewed test gardening.

* platform/mac-wk2/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259684 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[JSC] Collect-continuously thread should take m_collectContinuouslyLock while it...
ysuzuki@apple.com [Tue, 7 Apr 2020 23:24:52 +0000 (23:24 +0000)]
[JSC] Collect-continuously thread should take m_collectContinuouslyLock while it is waking up concurrent collector thread
https://bugs.webkit.org/show_bug.cgi?id=210163

Reviewed by Saam Barati.

JSTests:

* stress/collect-continuously-should-not-wake-concurrent-collector-after-prevent-collection-is-called.js: Added.
(let.theCode):

Source/JavaScriptCore:

Collect-Continuously thread has fancy race issue.

In Heap::preventCollection, we first take m_collectContinuouslyLock to ensure collect-continuously thread is not working, and then
we ensure collector thread is stopped by using waitForCollector. However our collect-continuously thread is implemented like this.

        while (!m_shouldStopCollectingContinuously) {
            { // (A)
                LockHolder locker(*m_threadLock);
                if (m_requests.isEmpty()) {
                    m_requests.append(WTF::nullopt);
                    m_lastGrantedTicket++;
                    m_threadCondition->notifyOne(locker);  // (B) WAKING UP concurrent collector thread.
                }
            }

            {
                LockHolder locker(m_collectContinuouslyLock);
                ...
                while (!hasElapsed(timeToWakeUp) && !m_shouldStopCollectingContinuously)
                    m_collectContinuouslyCondition.waitUntil(m_collectContinuouslyLock, timeToWakeUp);
            }
        }

Even if m_collectContinuouslyLock is taken, collect-continuously thread is still able to wake up concurrent collector thread
since (B)'s code is not guarded by m_collectContinuouslyLock. The following sequence can happen,

    1. The main thread calls Heap::preventCollection to ensure all collection is stopped.
    2. The collect-continuously thread is at (A) point.
    3. The main thread takes m_collectContinuouslyLock. This is OK.
    4. The main thread calls waitForCollector to ensure that concurrent collector thread is stopped.
    5. The collect-continuously thread executes (B). It is allowed since this is not guarded by m_collectContinuouslyLock. So, concurrent collector starts working.
    6. While the main thread called Heap::preventCollection, concurrent collector starts collection!

We should guard (A)'s block with m_collectContinuouslyLock too.

* heap/Heap.cpp:
(JSC::Heap::notifyIsSafeToCollect):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259683 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[ iOS wk2 ] http/wpt/cache-storage/cache-put-keys.https.any.html is flaky failing.
jacob_uphoff@apple.com [Tue, 7 Apr 2020 23:12:58 +0000 (23:12 +0000)]
[ iOS wk2 ] http/wpt/cache-storage/cache-put-keys.https.any.html is flaky failing.
https://bugs.webkit.org/show_bug.cgi?id=207496

Unreviewed test gardening.

* platform/ios-simulator-wk2/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259682 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoDelete ICs can't cache dictionaries
sbarati@apple.com [Tue, 7 Apr 2020 23:11:21 +0000 (23:11 +0000)]
Delete ICs can't cache dictionaries
https://bugs.webkit.org/show_bug.cgi?id=210147
<rdar://problem/61382405>

Reviewed by Tadeu Zagallo.

JSTests:

* stress/dont-cache-delete-ic-on-dictionary-2.js: Added.
(assert):
(makeDictionary):
(foo):
* stress/dont-cache-delete-ic-on-dictionary.js: Added.
(assert):
(foo):

Source/JavaScriptCore:

We were happily caching delete IC cases on a dictionary object.
This is clearly wrong, as we might cache a miss on a dictionary
on a property "P", even though we might add "P" to the structure
without transitioning it.

* jit/Repatch.cpp:
(JSC::tryCacheDeleteBy):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259681 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[WebAuthn] Cancel WebAuthn requests when users cancel LocalAuthentication prompts
jiewen_tan@apple.com [Tue, 7 Apr 2020 23:01:20 +0000 (23:01 +0000)]
[WebAuthn] Cancel WebAuthn requests when users cancel LocalAuthentication prompts
https://bugs.webkit.org/show_bug.cgi?id=209923
<rdar://problem/61223713>

Reviewed by Brent Fulgham.

Source/WebCore:

Covered by new tests within existing test files.

* testing/MockWebAuthenticationConfiguration.h:
(WebCore::MockWebAuthenticationConfiguration::LocalConfiguration::encode const):
(WebCore::MockWebAuthenticationConfiguration::LocalConfiguration::decode):
* testing/MockWebAuthenticationConfiguration.idl:
Adds a new parameter to reflect user cancellations on LocalAuthentication UI.

Source/WebKit:

This patch intents to streamline WebAuthn local authenticator UX a bit more. Here, we should treat user
cancellation of the LocalAuthentication UI as if it were being done on the UI Client's WebAuthn UI.

* UIProcess/WebAuthentication/Authenticator.h:
* UIProcess/WebAuthentication/AuthenticatorManager.cpp:
(WebKit::AuthenticatorManager::cancelRequest):
* UIProcess/WebAuthentication/AuthenticatorManager.h:
* UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.h:
* UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm:
(WebKit::LocalAuthenticator::continueMakeCredentialAfterUserVerification):
(WebKit::LocalAuthenticator::continueGetAssertionAfterUserVerification):
(WebKit::LocalAuthenticator::validateUserVerification const):
* UIProcess/WebAuthentication/Cocoa/LocalConnection.h:
* UIProcess/WebAuthentication/Cocoa/LocalConnection.mm:
(WebKit::LocalConnection::verifyUser const):
* UIProcess/WebAuthentication/Mock/MockLocalConnection.mm:
(WebKit::MockLocalConnection::MockLocalConnection):
(WebKit::MockLocalConnection::verifyUser const):
(WebKit::MockLocalConnection::filterResponses const):
* WebKit.xcodeproj/project.pbxproj:

Tools:

Modifies existing tests to accommodate changes in MockWebAuthenticationConfiguration.idl.

* TestWebKitAPI/Tests/WebKitCocoa/web-authentication-get-assertion-la.html:
* TestWebKitAPI/Tests/WebKitCocoa/web-authentication-make-credential-la-duplicate-credential.html:
* TestWebKitAPI/Tests/WebKitCocoa/web-authentication-make-credential-la-error.html:
* TestWebKitAPI/Tests/WebKitCocoa/web-authentication-make-credential-la.html:

LayoutTests:

Adds a new test for the change and modifies existing tests to accommodate changes in MockWebAuthenticationConfiguration.idl.

* http/wpt/webauthn/public-key-credential-create-failure-local-silent.https.html:
* http/wpt/webauthn/public-key-credential-create-failure-local.https-expected.txt:
* http/wpt/webauthn/public-key-credential-create-failure-local.https.html:
* http/wpt/webauthn/public-key-credential-create-success-local.https.html:
* http/wpt/webauthn/public-key-credential-get-failure-local-silent.https.html:
* http/wpt/webauthn/public-key-credential-get-failure-local.https.html:
* http/wpt/webauthn/public-key-credential-get-success-local.https.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259680 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[ macOS ] Update sandbox rules for storage
commit-queue@webkit.org [Tue, 7 Apr 2020 22:50:50 +0000 (22:50 +0000)]
[ macOS ] Update sandbox rules for storage
https://bugs.webkit.org/show_bug.cgi?id=210120
<rdar://problem/60972224>

Patch by Sihui Liu <sihui_liu@hotmail.com> on 2020-04-07
Reviewed by Geoffrey Garen.

This direcotry is used for cookie storage.

* NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259679 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[ macOS debug ] REGRESSION (r259463): http/tests/media/clearkey/collect-webkit-media...
jacob_uphoff@apple.com [Tue, 7 Apr 2020 22:41:24 +0000 (22:41 +0000)]
[ macOS debug ] REGRESSION (r259463): http/tests/media/clearkey/collect-webkit-media-session.html is failing
https://bugs.webkit.org/show_bug.cgi?id=209989

Unreviewed test gardening.

* platform/mac-wk2/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259678 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoNot using strict mode within ClassDeclaration statement
tzagallo@apple.com [Tue, 7 Apr 2020 22:32:21 +0000 (22:32 +0000)]
Not using strict mode within ClassDeclaration statement
https://bugs.webkit.org/show_bug.cgi?id=205578
<rdar://problem/58194589>

Reviewed by Yusuke Suzuki.

JSTests:

* stress/inline-strict-delete.js: Added.
(assert):
(bar):
(foo):
* stress/superclass-expression-strictness.js: Added.
(f.try.c):
(f):

Source/JavaScriptCore:

We correctly set strict mode when parsing classes, but we did not set it when emitting bytecode.
However, that means that we can now have a subset of a code block's bytecode that must be run in
strict mode, even when the code block itself is not strict. As it turns out, there are only ten
opcodes that need to be aware of strictness, so an extra `mode` operand was added to these opcodes.
The mode then needs to be propagated through baseline, DFG and FTL.

* API/APICallbackFunction.h:
(JSC::APICallbackFunction::call):
* API/JSCallbackObjectFunctions.h:
(JSC::JSCallbackObject<Parent>::call):
* API/JSContextRef.cpp:
(JSContextGetGlobalObject):
* CMakeLists.txt:
* JavaScriptCore.xcodeproj/project.pbxproj:
* Sources.txt:
* bytecode/BytecodeDumper.cpp:
* bytecode/BytecodeGeneratorification.cpp:
(JSC::BytecodeGeneratorification::run):
* bytecode/BytecodeList.rb:
* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::dumpAssumingJITType const):
(JSC::CodeBlock::finishCreation):
* bytecode/CodeBlock.h:
(JSC::CodeBlock::isConstructor const):
(JSC::CodeBlock::isKnownCell):
* bytecode/ExecutableInfo.h:
(JSC::ExecutableInfo::ExecutableInfo):
(JSC::ExecutableInfo::usesEval const):
* bytecode/Fits.h:
* bytecode/InlineCallFrame.cpp:
(JSC::InlineCallFrame::dumpInContext const):
* bytecode/InlineCallFrame.h:
(JSC::InlineCallFrame::isInStrictContext const):
* bytecode/PutByIdFlags.cpp:
(WTF::printInternal):
* bytecode/PutByIdFlags.h:
(JSC::PutByIdFlags::create):
(JSC::PutByIdFlags::createDirect):
(JSC::PutByIdFlags::isDirect const):
(JSC::PutByIdFlags::ecmaMode const):
(JSC::PutByIdFlags::PutByIdFlags):
* bytecode/PutByIdStatus.cpp:
(JSC::PutByIdStatus::computeFromLLInt):
* bytecode/UnlinkedCodeBlock.cpp:
(JSC::UnlinkedCodeBlock::UnlinkedCodeBlock):
* bytecode/UnlinkedCodeBlock.h:
(JSC::UnlinkedCodeBlock::isConstructor const):
* bytecode/UnlinkedCodeBlockGenerator.h:
(JSC::UnlinkedCodeBlockGenerator::needsClassFieldInitializer const):
* bytecode/UnlinkedFunctionExecutable.cpp:
(JSC::generateUnlinkedFunctionCodeBlock):
* bytecompiler/BytecodeGenerator.cpp:
(JSC::BytecodeGenerator::BytecodeGenerator):
(JSC::BytecodeGenerator::emitGetFromScope):
(JSC::BytecodeGenerator::emitPutToScope):
(JSC::BytecodeGenerator::emitPutById):
(JSC::BytecodeGenerator::emitDirectPutById):
(JSC::BytecodeGenerator::emitDeleteById):
(JSC::BytecodeGenerator::emitPutByVal):
(JSC::BytecodeGenerator::emitDirectPutByVal):
(JSC::BytecodeGenerator::emitDeleteByVal):
(JSC::BytecodeGenerator::emitCall):
(JSC::BytecodeGenerator::emitPushFunctionNameScope):
(JSC::BytecodeGenerator::emitReadOnlyExceptionIfNeeded):
(JSC::BytecodeGenerator::emitToThis):
* bytecompiler/BytecodeGenerator.h:
(JSC::BytecodeGenerator::generate):
(JSC::BytecodeGenerator::ecmaMode const):
(JSC::StrictModeScope::StrictModeScope):
* bytecompiler/NodesCodegen.cpp:
(JSC::AssignResolveNode::emitBytecode):
(JSC::EmptyLetExpression::emitBytecode):
(JSC::ForInNode::emitLoopHeader):
(JSC::ForOfNode::emitBytecode):
(JSC::ClassExprNode::emitBytecode):
(JSC::BindingNode::bindValue const):
(JSC::AssignmentElementNode::bindValue const):
* debugger/DebuggerCallFrame.cpp:
(JSC::DebuggerCallFrame::thisValue const):
(JSC::DebuggerCallFrame::evaluateWithScopeExtension):
* dfg/DFGAbstractInterpreterInlines.h:
(JSC::DFG::isToThisAnIdentity):
(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
* dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::addCall):
(JSC::DFG::ByteCodeParser::handleCall):
(JSC::DFG::ByteCodeParser::handleInlining):
(JSC::DFG::ByteCodeParser::handleDOMJITCall):
(JSC::DFG::ByteCodeParser::handleDeleteById):
(JSC::DFG::ByteCodeParser::emitPutById):
(JSC::DFG::ByteCodeParser::handlePutById):
(JSC::DFG::ByteCodeParser::parseBlock):
(JSC::DFG::ByteCodeParser::parseCodeBlock):
(JSC::DFG::ByteCodeParser::handlePutByVal):
* dfg/DFGConstantFoldingPhase.cpp:
(JSC::DFG::ConstantFoldingPhase::foldConstants):
* dfg/DFGFixupPhase.cpp:
(JSC::DFG::FixupPhase::fixupToThis):
* dfg/DFGGraph.h:
(JSC::DFG::Graph::globalThisObjectFor):
* dfg/DFGNode.h:
(JSC::DFG::Node::hasECMAMode):
(JSC::DFG::Node::ecmaMode):
* dfg/DFGOpInfo.h:
(JSC::DFG::OpInfo::OpInfo):
* dfg/DFGOperations.cpp:
* dfg/DFGPreciseLocalClobberize.h:
(JSC::DFG::PreciseLocalClobberizeAdaptor::readTop):
* dfg/DFGPredictionPropagationPhase.cpp:
* dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileDoublePutByVal):
(JSC::DFG::SpeculativeJIT::compilePutByValForIntTypedArray):
(JSC::DFG::SpeculativeJIT::compilePutByValForCellWithString):
(JSC::DFG::SpeculativeJIT::compilePutByValForCellWithSymbol):
(JSC::DFG::SpeculativeJIT::compilePutDynamicVar):
(JSC::DFG::SpeculativeJIT::compilePutByIdFlush):
(JSC::DFG::SpeculativeJIT::compilePutById):
(JSC::DFG::SpeculativeJIT::compilePutByIdDirect):
(JSC::DFG::SpeculativeJIT::compilePutByIdWithThis):
(JSC::DFG::SpeculativeJIT::compileToThis):
(JSC::DFG::SpeculativeJIT::cachedPutById):
* dfg/DFGSpeculativeJIT.h:
* dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::emitCall):
(JSC::DFG::SpeculativeJIT::compile):
(JSC::DFG::SpeculativeJIT::compileDeleteById):
(JSC::DFG::SpeculativeJIT::compileDeleteByVal):
* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileToThis):
(JSC::FTL::DFG::LowerDFGToB3::compilePutByIdWithThis):
(JSC::FTL::DFG::LowerDFGToB3::compilePutByValWithThis):
(JSC::FTL::DFG::LowerDFGToB3::compilePutById):
(JSC::FTL::DFG::LowerDFGToB3::compilePutByVal):
(JSC::FTL::DFG::LowerDFGToB3::compileDelBy):
(JSC::FTL::DFG::LowerDFGToB3::compileDeleteById):
(JSC::FTL::DFG::LowerDFGToB3::compileDeleteByVal):
(JSC::FTL::DFG::LowerDFGToB3::compileCallEval):
(JSC::FTL::DFG::LowerDFGToB3::compilePutDynamicVar):
* inspector/JSInjectedScriptHost.cpp:
(Inspector::JSInjectedScriptHost::internalConstructorName):
* interpreter/Interpreter.cpp:
(JSC::eval):
(JSC::Interpreter::execute):
* interpreter/Interpreter.h:
* jit/AssemblyHelpers.h:
* jit/JITCall.cpp:
(JSC::JIT::compileCallEval):
* jit/JITInlineCacheGenerator.cpp:
(JSC::JITPutByIdGenerator::slowPathFunction):
* jit/JITInlineCacheGenerator.h:
(JSC::JITPutByIdGenerator::JITPutByIdGenerator):
* jit/JITInlines.h:
(JSC::JIT::linkSlowCaseIfNotJSCell):
(JSC::JIT::emitJumpSlowCaseIfNotJSCell):
* jit/JITOperations.cpp:
* jit/JITOperations.h:
* jit/JITPropertyAccess.cpp:
(JSC::JIT::emitPutByValWithCachedId):
(JSC::JIT::emitSlow_op_put_by_val):
(JSC::JIT::emitSlow_op_del_by_id):
(JSC::JIT::emitSlow_op_del_by_val):
(JSC::JIT::emit_op_put_by_id):
* jit/JITPropertyAccess32_64.cpp:
(JSC::JIT::emitSlow_op_put_by_val):
* jit/Repatch.cpp:
(JSC::tryCacheDeleteBy):
(JSC::repatchDeleteBy):
* jit/Repatch.h:
* llint/LLIntSlowPaths.cpp:
(JSC::LLInt::LLINT_SLOW_PATH_DECL):
(JSC::LLInt::commonCallEval):
* runtime/ArrayPrototype.cpp:
(JSC::arrayProtoFuncToString):
(JSC::arrayProtoFuncToLocaleString):
(JSC::arrayProtoFuncJoin):
(JSC::arrayProtoFuncPop):
(JSC::arrayProtoFuncPush):
(JSC::arrayProtoFuncReverse):
(JSC::arrayProtoFuncShift):
(JSC::arrayProtoFuncSlice):
(JSC::arrayProtoFuncSplice):
(JSC::arrayProtoFuncUnShift):
(JSC::arrayProtoFuncIndexOf):
(JSC::arrayProtoFuncLastIndexOf):
* runtime/CachedTypes.cpp:
(JSC::CachedCodeBlock::usesEval const):
(JSC::UnlinkedCodeBlock::UnlinkedCodeBlock):
(JSC::CachedCodeBlock<CodeBlockType>::encode):
* runtime/ClonedArguments.cpp:
(JSC::ClonedArguments::getOwnPropertySlot):
(JSC::ClonedArguments::materializeSpecials):
* runtime/CodeCache.cpp:
(JSC::generateUnlinkedCodeBlockImpl):
* runtime/CommonSlowPaths.cpp:
(JSC::SLOW_PATH_DECL):
* runtime/CommonSlowPathsInlines.h:
(JSC::CommonSlowPaths::tryCachePutToScopeGlobal):
(JSC::CommonSlowPaths::tryCacheGetFromScopeGlobal):
* runtime/Completion.cpp:
(JSC::evaluate):
* runtime/DirectEvalExecutable.cpp:
(JSC::DirectEvalExecutable::create):
* runtime/DirectEvalExecutable.h:
* runtime/ECMAMode.cpp: Copied from Source/JavaScriptCore/bytecode/PutByIdFlags.cpp.
(JSC::ECMAMode::dump const):
* runtime/ECMAMode.h: Copied from Source/JavaScriptCore/bytecode/PutByIdFlags.h.
(JSC::ECMAMode::fromByte):
(JSC::ECMAMode::strict):
(JSC::ECMAMode::sloppy):
(JSC::ECMAMode::isStrict const):
(JSC::ECMAMode::value const):
(JSC::ECMAMode::ECMAMode):
* runtime/EvalExecutable.h:
(JSC::EvalExecutable::executableInfo const):
* runtime/FunctionExecutable.h:
* runtime/GetPutInfo.cpp:
(JSC::GetPutInfo::dump const):
* runtime/GetPutInfo.h:
(JSC::GetPutInfo::GetPutInfo):
(JSC::GetPutInfo::ecmaMode const):
* runtime/GetterSetter.cpp:
(JSC::callSetter):
* runtime/IndirectEvalExecutable.cpp:
(JSC::IndirectEvalExecutable::create):
(JSC::IndirectEvalExecutable::IndirectEvalExecutable):
* runtime/IndirectEvalExecutable.h:
* runtime/JSCJSValue.cpp:
(JSC::JSValue::toThisSlowCase const):
(JSC::JSValue::putToPrimitive):
* runtime/JSCJSValue.h:
* runtime/JSCell.cpp:
(JSC::JSCell::toThis):
* runtime/JSFunction.cpp:
(JSC::JSFunction::selectStructureForNewFuncExp):
(JSC::JSFunction::callerGetter):
* runtime/JSGlobalObjectFunctions.cpp:
(JSC::globalFuncEval):
(JSC::globalFuncProtoGetter):
(JSC::globalFuncProtoSetter):
* runtime/JSObject.cpp:
(JSC::JSObject::putInlineSlow):
(JSC::JSObject::setPrototypeWithCycleCheck):
* runtime/JSScope.cpp:
(JSC::JSScope::toThis):
* runtime/JSString.cpp:
(JSC::JSString::toThis):
* runtime/LiteralParser.cpp:
(JSC::LiteralParser<CharType>::parse):
* runtime/ModuleProgramExecutable.h:
* runtime/NullSetterFunction.cpp:
(JSC::GetCallerStrictnessFunctor::operator() const):
(JSC::NullSetterFunctionInternal::callReturnUndefined):
* runtime/ObjectPrototype.cpp:
(JSC::objectProtoFuncValueOf):
(JSC::objectProtoFuncHasOwnProperty):
(JSC::objectProtoFuncIsPrototypeOf):
(JSC::objectProtoFuncDefineGetter):
(JSC::objectProtoFuncDefineSetter):
(JSC::objectProtoFuncLookupGetter):
(JSC::objectProtoFuncLookupSetter):
(JSC::objectProtoFuncPropertyIsEnumerable):
(JSC::objectProtoFuncToLocaleString):
(JSC::objectProtoFuncToString):
* runtime/ProgramExecutable.cpp:
(JSC::ProgramExecutable::initializeGlobalProperties):
* runtime/ProgramExecutable.h:
* runtime/ProxyObject.cpp:
(JSC::performProxyCall):
* runtime/ScriptExecutable.h:
(JSC::ScriptExecutable::isArrowFunctionContext const):
(JSC::ScriptExecutable::isInStrictContext const):
* runtime/SparseArrayValueMap.cpp:
(JSC::SparseArrayEntry::put):

Source/WebCore:

Test: JSTests/ stress/superclass-expression-strictness.js

* bindings/js/JSDOMWindowCustom.cpp:
(WebCore::IDLOperation<JSDOMWindow>::cast):
* bindings/js/JSEventTargetCustom.h:
(WebCore::IDLOperation<JSEventTarget>::call):
* bindings/scripts/CodeGeneratorJS.pm:
(GenerateImplementation):

LayoutTests:

Fix the test since it contained incorrect code.

* js/class-syntax-method-names-expected.txt:
* js/script-tests/class-syntax-method-names.js:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259676 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoUnreviewed, reverting r259655.
ryanhaddad@apple.com [Tue, 7 Apr 2020 22:27:35 +0000 (22:27 +0000)]
Unreviewed, reverting r259655.

Caused assertion failures and timeouts on iOS bots

Reverted changeset:

"Return app-bound sessions for instances where
WKAppBoundDomains is"
https://bugs.webkit.org/show_bug.cgi?id=210124
https://trac.webkit.org/changeset/259655

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259675 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoMerge DependencyAssertion into ProcessAssertion
cdumez@apple.com [Tue, 7 Apr 2020 22:09:36 +0000 (22:09 +0000)]
Merge DependencyAssertion into ProcessAssertion
https://bugs.webkit.org/show_bug.cgi?id=210076

Reviewed by Alex Christensen.

Source/WebKit:

Merge DependencyAssertion into ProcessAssertion. After r259610, ProcessAssertion can use
RunningBoard assertions so there is no longer any need to a separate DependencyAssertion
class. We can simply introduce a new assertion type to ProcessAssertion.

* Shared/DependencyProcessAssertion.cpp: Removed.
* Shared/DependencyProcessAssertion.h: Removed.
* Shared/ios/DependencyProcessAssertionIOS.mm: Removed.
* Sources.txt:
* SourcesCocoa.txt:
* UIProcess/ProcessAssertion.h:
* UIProcess/ios/ProcessAssertionIOS.mm:
(-[WKProcessAssertionBackgroundTaskManager init]):
(-[WKProcessAssertionBackgroundTaskManager _hasBackgroundTask]):
(-[WKProcessAssertionBackgroundTaskManager _updateBackgroundTask]):
(-[WKProcessAssertionBackgroundTaskManager _releaseBackgroundTask]):
(WebKit::runningBoardNameForAssertionType):
* WebKit.xcodeproj/project.pbxproj:
* WebProcess/WebProcess.cpp:
(WebKit::WebProcess::initializeConnection):
* WebProcess/WebProcess.h:

Source/WTF:

* wtf/PlatformHave.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259674 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoSimplify and fortify network getNetworkProcessConnection and getGPUProcessConnection
commit-queue@webkit.org [Tue, 7 Apr 2020 22:07:54 +0000 (22:07 +0000)]
Simplify and fortify network getNetworkProcessConnection and getGPUProcessConnection
https://bugs.webkit.org/show_bug.cgi?id=210142
<rdar://problem/59488963>

Patch by Alex Christensen <achristensen@webkit.org> on 2020-04-07
Reviewed by Youenn Fablet.

We have reports of hangs inside WebKit::getNetworkProcessConnection that seem to last forever.
Some of the reports indicate the network process is being suspended while a connection is being established with it.

To fix this issue we do three things:
1. We take a foregroundActivity when sending an async message to establish a connection.
2. We use sendWithAsyncReply which already has logic to handle the case where we are currently launching the process.
   Instead of the complicated retry logic, we add a retry attempt in WebProcessPool if the connection identifier is invalid.
3. Add some release logging so we can better diagnose problems with this flow in the future.

The functional change is adding the foreground activity, which should prevent some hangs.
The rest is just to make this code more sane to understand and debug.
I do the same changes to NetworkProcess and GPUProcess because they are intended to be the same.  The latter is based on the former.

The API test WebKit.NetworkProcessCrashWithPendingConnection covers what happens when the network process crashes during connection establishment.
It fails if we don't retry somewhere, which I did in WebProcessPool.  We also need to try again in getNetworkProcessConnection and getGPUProcessConnection.
If it fails twice, there's nothing we can do, and we crash the web process to avoid a crash loop.

* UIProcess/GPU/GPUProcessProxy.cpp:
(WebKit::GPUProcessProxy::getGPUProcessConnection):
(WebKit::GPUProcessProxy::didFinishLaunching):
(WebKit::GPUProcessProxy::~GPUProcessProxy): Deleted.
(WebKit::GPUProcessProxy::openGPUProcessConnection): Deleted.
* UIProcess/GPU/GPUProcessProxy.h:
* UIProcess/Network/NetworkProcessProxy.cpp:
(WebKit::NetworkProcessProxy::~NetworkProcessProxy):
(WebKit::NetworkProcessProxy::getNetworkProcessConnection):
(WebKit::NetworkProcessProxy::networkProcessCrashed):
(WebKit::NetworkProcessProxy::didFinishLaunching):
(WebKit::NetworkProcessProxy::openNetworkProcessConnection): Deleted.
* UIProcess/Network/NetworkProcessProxy.h:
* UIProcess/WebProcessPool.cpp:
(WebKit::WebProcessPool::networkProcessCrashed):
(WebKit::WebProcessPool::getNetworkProcessConnection):
(WebKit::WebProcessPool::getGPUProcessConnection):
* UIProcess/WebProcessPool.h:
* WebProcess/GPU/GPUProcessConnectionInfo.h:
(WebKit::GPUProcessConnectionInfo::identifier const):
(WebKit::GPUProcessConnectionInfo::identifier): Deleted.
* WebProcess/Network/NetworkProcessConnectionInfo.h:
(WebKit::NetworkProcessConnectionInfo::identifier const):
(WebKit::NetworkProcessConnectionInfo::identifier): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259673 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoUse RectEdges<> in some scrolling tree code
simon.fraser@apple.com [Tue, 7 Apr 2020 21:33:04 +0000 (21:33 +0000)]
Use RectEdges<> in some scrolling tree code
https://bugs.webkit.org/show_bug.cgi?id=210141

Reviewed by Tim Horton.
Source/WebCore:

Add utility functions on ScrollingTreeScrollingNode to get pinned and rubberband state.
Use them to push main frame state to the scrolling tree (which we do so we can safely
access the state from the EventDispatcher thread).

* page/scrolling/ScrollingTree.cpp:
(WebCore::ScrollingTree::setMainFramePinnedState):
(WebCore::ScrollingTree::setMainFrameCanRubberBand):
(WebCore::ScrollingTree::willWheelEventStartSwipeGesture):
(WebCore::ScrollingTree::setMainFramePinState): Deleted.
(WebCore::ScrollingTree::setCanRubberBandState): Deleted.
* page/scrolling/ScrollingTree.h:
* page/scrolling/ScrollingTreeScrollingNode.cpp:
(WebCore::ScrollingTreeScrollingNode::edgePinnedState const):
(WebCore::ScrollingTreeScrollingNode::isRubberBanding const):
* page/scrolling/ScrollingTreeScrollingNode.h:
* page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:
(WebCore::ScrollingTreeFrameScrollingNodeMac::updateMainFramePinAndRubberbandState):

Source/WebKit:

Construct a RectEdges<>. Order is top, right, bottom, left.

* WebProcess/WebPage/EventDispatcher.cpp:
(WebKit::EventDispatcher::wheelEvent):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259672 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoAX: Change ATK mapping of the ARIA alert and alertdialog roles
jdiggs@igalia.com [Tue, 7 Apr 2020 21:14:16 +0000 (21:14 +0000)]
AX: Change ATK mapping of the ARIA alert and alertdialog roles
https://bugs.webkit.org/show_bug.cgi?id=210121

Reviewed by Chris Fleizach.

Source/WebCore:

The ARIA alert role is a live region; not a dialog/message box. In contrast,
the ATK alert role is for dialogs such as a warning message which should be
presented immediately to the user. Because of the similarity in role names,
the original mappings in the Core-AAM were not ideal. They have recently
been fixed so we need to update our implementation accordingly.

Changed mappings
- alertdialog from ATK_ROLE_DIALOG to ATK_ROLE_ALERT
- alert from ATK_ROLE_ALERT to ATK_ROLE_NOTIFICATION

Updated existing tests to reflect this change.

* accessibility/atk/WebKitAccessible.cpp:
(atkRole):

Tools:

Add support for ATK_ROLE_NOTIFICATION.

* WebKitTestRunner/InjectedBundle/atk/AccessibilityUIElementAtk.cpp:

LayoutTests:

* accessibility/aria-mappings-expected.txt: Updated.
* accessibility/gtk/xml-roles-exposed-expected.txt: Updated.
* platform/gtk/accessibility/gtk/xml-roles-exposed-expected.txt: Updated.
* platform/gtk/accessibility/roles-exposed-expected.txt: Updated.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259671 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[GLIB] Avoid potential segfault in getPlatformEditorState
lmoura@igalia.com [Tue, 7 Apr 2020 21:09:43 +0000 (21:09 +0000)]
[GLIB] Avoid potential segfault in getPlatformEditorState
https://bugs.webkit.org/show_bug.cgi?id=210149

Reviewed by Carlos Alberto Lopez Perez.

Avoid potential surroundingRange dereference segfault.

* WebProcess/WebPage/glib/WebPageGLib.cpp:
(WebKit::WebPage::getPlatformEditorState const):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259670 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoPreventing touch events should not prevent gestures installed above WKWebView from...
wenson_hsieh@apple.com [Tue, 7 Apr 2020 21:00:49 +0000 (21:00 +0000)]
Preventing touch events should not prevent gestures installed above WKWebView from recognizing
https://bugs.webkit.org/show_bug.cgi?id=210080
<rdar://problem/61365814>

Reviewed by Tim Horton.

Source/WebKit:

Makes a small adjustment to native gesture deferral logic, so that gestures installed above WKWebView (in the
view hierarchy) are not prevented from recognizing by WKDeferringGestureRecognizer. This makes it possible for
WebKit clients to install custom gestures outside of WKWebView that cannot be prevented by web content, without
having to create a separate window and pass touches through to the WKWebView.

Test: fast/events/touch/ios/prevent-default-with-window-tap-gesture.html

* UIProcess/ios/WKContentViewInteraction.mm:
(-[WKContentView deferringGestureRecognizer:shouldDeferOtherGestureRecognizer:]):

Tools:

Add a UIScriptController helper method that allows a test to install a tap gesture recognizer on the UIWindow
containing the web view. This method additionally takes a JavaScript callback, which is invoked when the tap
gesture is recognized.

* TestRunnerShared/UIScriptContext/Bindings/UIScriptController.idl:
* TestRunnerShared/UIScriptContext/UIScriptContext.h:
* TestRunnerShared/UIScriptContext/UIScriptController.h:
(WTR::UIScriptController::installTapGestureOnWindow):
* WebKitTestRunner/cocoa/TestRunnerWKWebView.h:
* WebKitTestRunner/cocoa/TestRunnerWKWebView.mm:
(-[TestRunnerWKWebView resetInteractionCallbacks]):
(-[TestRunnerWKWebView didRecognizeTapOnWindow]):
(-[TestRunnerWKWebView windowTapRecognizedCallback]):
(-[TestRunnerWKWebView setWindowTapRecognizedCallback:]):
(-[TestRunnerWKWebView willMoveToWindow:]):
(-[TestRunnerWKWebView didMoveToWindow]):
(-[TestRunnerWKWebView gestureRecognizer:shouldRecognizeSimultaneouslyWithGestureRecognizer:]):
* WebKitTestRunner/ios/UIScriptControllerIOS.h:
* WebKitTestRunner/ios/UIScriptControllerIOS.mm:
(WTR::UIScriptControllerIOS::installTapGestureOnWindow):

LayoutTests:

Add a new layout test to verify that calling preventDefault() on touchstart doesn't prevent gesture recognizers
installed above the WKWebView from recognizing. To do this, we use the new UIScriptController method to add a
gesture recognizer to the window containing the web view, and then simulate a tap over an element that prevents
the touchstart event.

* fast/events/touch/ios/prevent-default-with-window-tap-gesture-expected.txt: Added.
* fast/events/touch/ios/prevent-default-with-window-tap-gesture.html: Added.
* resources/ui-helper.js:
(window.UIHelper.async activateElementAfterInstallingTapGestureOnWindow.return.new.Promise.):
(window.UIHelper.async activateElementAfterInstallingTapGestureOnWindow.return.new.Promise):
(window.UIHelper.async activateElementAfterInstallingTapGestureOnWindow):
(window.UIHelper):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259669 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agotest262/Runner.pm ignores "async" flag
shvaikalesh@gmail.com [Tue, 7 Apr 2020 20:49:06 +0000 (20:49 +0000)]
test262/Runner.pm ignores "async" flag
https://bugs.webkit.org/show_bug.cgi?id=210127

Reviewed by Ross Kirsling.

JSTests:

* test262/expectations.yaml: Mark 56 test cases as failing.

Tools:

This change adds dereferencing for `$data->{flags}` array, making `grep` work as
expected. Other flags are correctly handled by `getScenarios` function, which
gets a dereferenced array as an argument.

* Scripts/test262/Runner.pm:
(runTest):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259668 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoUnreviewed, reverting r259446.
tsavell@apple.com [Tue, 7 Apr 2020 20:23:50 +0000 (20:23 +0000)]
Unreviewed, reverting r259446.

Broke Windows testing

Reverted changeset:

"[Windows] Ignore render tree dump based results on Windows"
https://bugs.webkit.org/show_bug.cgi?id=209897
https://trac.webkit.org/changeset/259446

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259667 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoWeb Inspector: focus outline of scope bar is clipped
nvasilyev@apple.com [Tue, 7 Apr 2020 20:17:53 +0000 (20:17 +0000)]
Web Inspector: focus outline of scope bar is clipped
https://bugs.webkit.org/show_bug.cgi?id=209877
<rdar://problem/61173598>

Reviewed by Timothy Hatcher.

* UserInterface/Views/ScopeBar.css:
(.scope-bar):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259666 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoWeb Automation: Automation.inspectBrowsingContext should bring Web Inspector to front...
bburg@apple.com [Tue, 7 Apr 2020 20:07:46 +0000 (20:07 +0000)]
Web Automation: Automation.inspectBrowsingContext should bring Web Inspector to front automatically
https://bugs.webkit.org/show_bug.cgi?id=210137

Reviewed by Joseph Pecoraro.

* UIProcess/Automation/mac/WebAutomationSessionMac.mm:
(WebKit::WebAutomationSession::inspectBrowsingContext):
Previously, calling connect() would preload Web Inspector but not show its window. This
made it awkward to use the 'safari:automaticInspection' capability without subsequently
evaluating a `debugger;` statement to bring Web Inspector to front.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259665 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[ews] Add unit-test for CheckPatchRelevance build step
aakash_jain@apple.com [Tue, 7 Apr 2020 19:59:24 +0000 (19:59 +0000)]
[ews] Add unit-test for CheckPatchRelevance build step
https://bugs.webkit.org/show_bug.cgi?id=210140

Reviewed by Jonathan Bedard.

* BuildSlaveSupport/ews-build/steps_unittest.py: Added unit-tests.
(TestCheckPatchRelevance):
(TestCheckPatchRelevance.test_relevant_patch):
(TestCheckPatchRelevance.test_non_relevant_patch):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259660 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoMake StylePropertyShorthand iterable
antti@apple.com [Tue, 7 Apr 2020 19:43:30 +0000 (19:43 +0000)]
Make StylePropertyShorthand iterable
https://bugs.webkit.org/show_bug.cgi?id=210117

Reviewed by Darin Adler.

Enable modern for-loops.

* animation/AnimationTimeline.cpp:
(WebCore::transitionMatchesProperty):
(WebCore::compileTransitionPropertiesInStyle):
* css/CSSComputedStyleDeclaration.cpp:
(WebCore::updateStyleIfNeededForProperty):
* css/StyleProperties.cpp:
(WebCore::StyleProperties::propertyIsImportant const):
(WebCore::MutableStyleProperties::setProperty):
* css/StylePropertyShorthand.h:
(WebCore::StylePropertyShorthand::begin const):
(WebCore::StylePropertyShorthand::end const):
* css/parser/CSSPropertyParser.cpp:
(WebCore::CSSPropertyParser::addExpandedPropertyForValue):
* inspector/agents/InspectorCSSAgent.cpp:
(WebCore::InspectorCSSAgent::getSupportedCSSProperties):
* page/animation/CSSPropertyAnimation.cpp:
(WebCore::CSSPropertyAnimationWrapperMap::CSSPropertyAnimationWrapperMap):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259659 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoUpdate JSTests to assume ICU 60+
ross.kirsling@sony.com [Tue, 7 Apr 2020 19:35:54 +0000 (19:35 +0000)]
Update JSTests to assume ICU 60+
https://bugs.webkit.org/show_bug.cgi?id=210085

Reviewed by Yusuke Suzuki.

* stress/intl-collator.js:
* stress/intl-constructors-with-proxy.js:
* stress/intl-datetimeformat.js:
* stress/intl-default-locale.js:
* stress/intl-numberformat-format-to-parts.js:
* stress/intl-numberformat.js: Ensure a test case doesn't depend on behavior changed in ICU 64.
* stress/intl-object.js:
* stress/intl-pluralrules.js: Correct two invalid test cases.
* test262/config.yaml:
Remove skips.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259658 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoFix my conflict Markers
tsavell@apple.com [Tue, 7 Apr 2020 18:58:34 +0000 (18:58 +0000)]
Fix my conflict Markers
https://trac.webkit.org/changeset/259656/webkit

Unreviewed test gardening.

* platform/mac-wk1/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259657 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoREGRESSION: (r258434) [ Mac WK1 ] media/track/track-css-user-override.html is a flaky...
tsavell@apple.com [Tue, 7 Apr 2020 18:53:56 +0000 (18:53 +0000)]
REGRESSION: (r258434) [ Mac WK1 ] media/track/track-css-user-override.html is a flaky failure
https://bugs.webkit.org/show_bug.cgi?id=210134

unreviewed test gardening.

* platform/mac-wk1/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259656 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoReturn app-bound sessions for instances where WKAppBoundDomains is
katherine_cheney@apple.com [Tue, 7 Apr 2020 18:43:45 +0000 (18:43 +0000)]
Return app-bound sessions for instances where WKAppBoundDomains is
empty
https://bugs.webkit.org/show_bug.cgi?id=210124
<rdar://problem/61276630>

Reviewed by Brent Fulgham.

Source/WebKit:

No new tests. Behavior confirmed by existing In-App Browser Privacy
tests.

* NetworkProcess/cocoa/NetworkSessionCocoa.mm:
(WebKit::NetworkSessionCocoa::sessionWrapperForTask):
Remove the flag checking if In-App Browser Privacy is enabled. We
should return an app-bound session if WKAppBoundDomains is empty so
we no longer need to check the flag here.

* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::setIsNavigatingToAppBoundDomain):
(WebKit::WebPageProxy::decidePolicyForNavigationAction):
* UIProcess/WebPageProxy.h:
As described above, we no longer need to check the flag in this
instance as we are determining behavior based on the WKAppBoundDomains
list. Also moved the logic for checking an empty list to setIsNavigatingToAppBoundDomain,
so it should take an Optional (WTF::nullopt indicates an empty list).

* UIProcess/WebsiteData/Cocoa/WebsiteDataStoreCocoa.mm:
(WebKit::WebsiteDataStore::initializeAppBoundDomains):
Use the flag to enable internal debugging for testing purposes.

* UIProcess/API/APIHTTPCookieStore.cpp:
(API::HTTPCookieStore::filterAppBoundCookies):
Flag no longer needed. This should be gated by whether the domains
list is empty or not.

Tools:

Cleaned up tests to turn the flag on at the start of each In-App
Browser Privacy test.

* TestWebKitAPI/Tests/WebKitCocoa/InAppBrowserPrivacy.mm:
(cleanUpInAppBrowserPrivacyTestSettings):
(initializeInAppBrowserPrivacyTestSettings):
(TEST):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259655 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoRAMification should have a way of gathering vmmaps for each test at the end of each run
sbarati@apple.com [Tue, 7 Apr 2020 18:41:13 +0000 (18:41 +0000)]
RAMification should have a way of gathering vmmaps for each test at the end of each run
https://bugs.webkit.org/show_bug.cgi?id=210060

Reviewed by Yusuke Suzuki.

PerformanceTests:

When I was debugging a memory issue, I needed to gather vmmaps for each
RAMification subtest. This patch is checking in the code I wrote to be able
to do this. It works by:
- Passing in an argument to RAMification saying we want vmmaps at the end of
each subtest run.
- RAMification invokes jsc with an environment variable that tells the shell
to wait for one character of input from stdin before exiting.
- The jsc shell also disables the bmalloc scavenger while waiting for input so the
vmmap we take from the python runner script represents the "footprint" score
of the benchmark. If the scavenger ran, it would end up releasing too much
memory for the vmmap to be useful.
- The python script runs a vmmap, and then communicates to the jsc process
when the vmmap finishes running.

* JetStream2/RAMification.py:
(parseArgs):
(BaseRunner.__init__):
(BaseRunner.getResults):
(LocalRunner.runOneTest):
(main):
(main.runTestList):

Source/bmalloc:

* bmalloc/Scavenger.cpp:
(bmalloc::Scavenger::scavenge):
(bmalloc::Scavenger::partialScavenge):
* bmalloc/Scavenger.h:
(bmalloc::Scavenger::disable):
* bmalloc/bmalloc.cpp:
(bmalloc::api::disableScavenger):
* bmalloc/bmalloc.h:

Source/JavaScriptCore:

* jsc.cpp:
(main):

Source/WTF:

* wtf/FastMalloc.cpp:
(WTF::fastDisableScavenger):
* wtf/FastMalloc.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259652 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agodocumentFragment.getElementById() should not work for empty-string IDs
cdumez@apple.com [Tue, 7 Apr 2020 18:40:07 +0000 (18:40 +0000)]
documentFragment.getElementById() should not work for empty-string IDs
https://bugs.webkit.org/show_bug.cgi?id=210111

Reviewed by Geoffrey Garen.

LayoutTests/imported/w3c:

Import test coverage from upstream WPT.

* web-platform-tests/dom/nodes/DocumentFragment-getElementById-expected.txt: Added.
* web-platform-tests/dom/nodes/DocumentFragment-getElementById.html: Added.

Source/WebCore:

Make sure that getElementById() returns null when given an empty string ID:
- https://dom.spec.whatwg.org/#concept-id

Test: imported/w3c/web-platform-tests/dom/nodes/DocumentFragment-getElementById.html

* dom/DocumentFragment.cpp:
(WebCore::DocumentFragment::getElementById const):
* dom/TreeScope.cpp:
(WebCore::TreeScope::getElementById const):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259651 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoWKUserScripts deferred from injection are not injected if -[WKWebView _notifyUserScri...
timothy@apple.com [Tue, 7 Apr 2020 18:37:44 +0000 (18:37 +0000)]
WKUserScripts deferred from injection are not injected if -[WKWebView _notifyUserScripts] is called early.
https://bugs.webkit.org/show_bug.cgi?id=210131
rdar://problem/61368446

Reviewed by Brady Eidson.

Source/WebCore:

If Page::notifyToInjectUserScripts() is called early, before Frame::injectUserScripts() happens,
m_hasBeenNotifiedToInjectUserScripts will be false, allowing scripts to build up in m_userScriptsAwaitingNotification
and never being injected (since Page::notifyToInjectUserScripts() will not be called again).

* page/Page.cpp:
(WebCore::Page::notifyToInjectUserScripts): Set m_hasBeenNotifiedToInjectUserScripts to true when called.

Tools:

* TestWebKitAPI/Tests/WebKitCocoa/UserContentController.mm:
(TEST):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259650 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoWeb Inspector: unable to see cookies on pages that have subframes which have been...
drousso@apple.com [Tue, 7 Apr 2020 18:19:18 +0000 (18:19 +0000)]
Web Inspector: unable to see cookies on pages that have subframes which have been denied access to cookies
https://bugs.webkit.org/show_bug.cgi?id=210125
<rdar://problem/61357992>

Reviewed by Timothy Hatcher.

Previously, the same boolean value was re-used when checking whether that URL and `document`
pairs is able to access cookies, meaning that if the last check returned `false`, the logic
would incorrectly think that none of the URL and `document` pairs would have access to any
cookies, resulting in an empty array.

Instead of using this all-or-nothing boolean, if a URL and `document` pair is not able to
access cookies, simply ignore it and move on to the next pair.

* inspector/agents/InspectorPageAgent.cpp:
(WebCore::InspectorPageAgent::getCookies):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259649 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[iOS] Add message to message filter in the WebContent sandbox
pvollan@apple.com [Tue, 7 Apr 2020 18:18:36 +0000 (18:18 +0000)]
[iOS] Add message to message filter in the WebContent sandbox
https://bugs.webkit.org/show_bug.cgi?id=210130

Reviewed by Brent Fulgham.

Add a required syscall-mach message to the message filter in the WebContent sandbox on iOS.

* Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259648 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoTextManipulationController fails to replace a paragraph that ends with a br
rniwa@webkit.org [Tue, 7 Apr 2020 18:10:10 +0000 (18:10 +0000)]
TextManipulationController fails to replace a paragraph that ends with a br
https://bugs.webkit.org/show_bug.cgi?id=210099

Reviewed by Wenson Hsieh.

Source/WebCore:

The bug was caused by TextManipulationController::replace not ignoring the br at the end of a paragraph
even through it doesn't appear as a token. We also need to insert this br back at the end of the paragraph
when completing the manipulation.

* editing/TextManipulationController.cpp:
(WebCore::TextManipulationController::replace):

Tools:

Added regression tests.

* TestWebKitAPI/Tests/WebKitCocoa/TextManipulation.mm:
(TextManipulation.CompleteTextManipulationReplaceMultipleSimpleParagraphsSeparatedByBR):
(TextManipulation.CompleteTextManipulationReplaceParagraphsSeparatedByWrappedBR):
(TextManipulation.CompleteTextManipulationFailWhenBRIsInserted):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259647 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[JSC] ScopedArgumentsTable should handle OOM in tolerant manner
ysuzuki@apple.com [Tue, 7 Apr 2020 18:04:57 +0000 (18:04 +0000)]
[JSC] ScopedArgumentsTable should handle OOM in tolerant manner
https://bugs.webkit.org/show_bug.cgi?id=210126

Reviewed by Mark Lam.

JSTests:

* stress/scoped-arguments-table-should-be-tolerant-for-oom.js: Added.
(canThrow):
(bar):
(get bar):
(foo):
(i.canThrow):

Source/JavaScriptCore:

This patch makes ScopedArgumentsTable allocations OOM tolerant to throw OOM error when allocation fails.

* bytecompiler/BytecodeGenerator.cpp:
(JSC::BytecodeGenerator::BytecodeGenerator):
* runtime/CachedTypes.cpp:
(JSC::CachedScopedArgumentsTable::decode const):
* runtime/ScopedArguments.cpp:
(JSC::ScopedArguments::unmapArgument):
* runtime/ScopedArgumentsTable.cpp:
(JSC::ScopedArgumentsTable::tryClone):
(JSC::ScopedArgumentsTable::trySetLength):
(JSC::ScopedArgumentsTable::trySet):
(JSC::ScopedArgumentsTable::clone): Deleted.
(JSC::ScopedArgumentsTable::setLength): Deleted.
(JSC::ScopedArgumentsTable::set): Deleted.
* runtime/ScopedArgumentsTable.h:
* runtime/SymbolTable.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259646 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[JSC] JSWrapperObject should use JSInternalFieldObjectImpl
ysuzuki@apple.com [Tue, 7 Apr 2020 17:39:24 +0000 (17:39 +0000)]
[JSC] JSWrapperObject should use JSInternalFieldObjectImpl
https://bugs.webkit.org/show_bug.cgi?id=210019

Reviewed by Mark Lam.

JSWrapperObject's mechanism can be basically implemented by using JSInternalFieldObjectImpl.
We should leverage JSInternalFieldObjectImpl to implement JSWrapperObject since it can pave
the way to implementing Object-Allocation-Sinking and faster access to value etc. in DFG without
duplicating code.

We also noticed that we are storing classInfo to JSWrapperObject when allocating StringObject in
DFG and FTL while JSWrapperObject is no longer inheriting JSDestructibleObject! But it turned out
that this is safe since the subsequent JSWrapperObject::internalValue setting can overwrite it.
We remove this wrong store.

* dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileNewStringObject):
* dfg/DFGSpeculativeJIT.h:
(JSC::DFG::SpeculativeJIT::emitAllocateDestructibleObject): Deleted.
* ftl/FTLAbstractHeapRepository.cpp:
(JSC::FTL::AbstractHeapRepository::AbstractHeapRepository):
* ftl/FTLAbstractHeapRepository.h:
* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileNewStringObject):
(JSC::FTL::DFG::LowerDFGToB3::compileToStringOrCallStringConstructorOrStringValueOf):
* jit/AssemblyHelpers.h:
(JSC::AssemblyHelpers::emitAllocateDestructibleObject): Deleted.
* runtime/BigIntObject.h:
* runtime/BooleanObject.h:
* runtime/JSDestructibleObject.h:
(JSC::JSDestructibleObject::classInfo const):
(JSC::JSDestructibleObject::classInfoOffset): Deleted.
* runtime/JSWrapperObject.cpp:
(JSC::JSWrapperObject::visitChildren):
* runtime/JSWrapperObject.h:
(JSC::JSWrapperObject::internalValueOffset):
(JSC::JSWrapperObject::internalValue const):
(JSC::JSWrapperObject::setInternalValue):
(JSC::JSWrapperObject::createStructure): Deleted.
* runtime/NumberObject.h:
* runtime/StringObject.h:
* runtime/SymbolObject.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259645 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoMake sure playback of remote audio tracks is stable even if pages are using webaudio
jer.noble@apple.com [Tue, 7 Apr 2020 17:26:40 +0000 (17:26 +0000)]
Make sure playback of remote audio tracks is stable even if pages are using webaudio
https://bugs.webkit.org/show_bug.cgi?id=210052

Reviewed by Eric Carlson.

If a client requests data from AudioSampleDataSource, and the time requested happens to land
precicely on the end of the AudioSampleDataSoure's CARingBuffer's range, the function will get
into an inconsistent state where it believes both that not enough samples are available to
fulfill the request, but also that the number of frames available is equal to the number of
requested frames. This is due to an off-by-one error, where the end of the CARingBuffer's range
is incorrectly treated as inclusive, rather than exclusive. All subsequent requests will start at
sampleCount + timestamp, as if that data was returned correctly, rather than returning zeros,
propogating the error to future requests.

Fix this state by correctly checking if timestamp is greater-than-or-equal-to endFrame. This will
cause the method to return zero frames, and correctly apply an offset so the next request will start
at the same effective timestamp.

* platform/audio/mac/AudioSampleDataSource.mm:
(WebCore::AudioSampleDataSource::pullSamplesInternal):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259644 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[GStreamer] Log a warning if playbin is not found
aboya@igalia.com [Tue, 7 Apr 2020 16:38:32 +0000 (16:38 +0000)]
[GStreamer] Log a warning if playbin is not found
https://bugs.webkit.org/show_bug.cgi?id=210112

Reviewed by Philippe Normand.

I spent quite a bit of time looking in the debugger for what ended up
being a trivial configuration issue because there was no logging
showing any obvious problem. Let's add it.

* platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
(WebCore::MediaPlayerPrivateGStreamer::isAvailable):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259643 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[GTK] Gardening, update TestExpectations
dpino@igalia.com [Tue, 7 Apr 2020 16:29:16 +0000 (16:29 +0000)]
[GTK] Gardening, update TestExpectations
https://bugs.webkit.org/show_bug.cgi?id=210118

Unreviewed gardening.

Add more tests failing in EWS gtk-wk2 bot but not in test bot.

* platform/gtk/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259642 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[GTK] CMake find module for GTK4
aperez@igalia.com [Tue, 7 Apr 2020 16:25:17 +0000 (16:25 +0000)]
[GTK] CMake find module for GTK4
https://bugs.webkit.org/show_bug.cgi?id=210110

Reviewed by Don Olmstead.

.:

Rename FindGTK3.cmake as FindGTK.cmake, make it provide a GTK::GTK imported target,
and rewrite the logic to detect which targets (backends) have been built into GTK
to use the "targets" pkg-config variable instead of checking for multiple pkg-config
modules.

* Source/cmake/FindGDK3.cmake: Removed.
* Source/cmake/FindGTK.cmake: Added.
* Source/cmake/FindGTK3.cmake: Removed. This is now unused because the GTK::GTK target
will transitively depend on GDK3 when using GTK3 and bring in the compiler and linker
options automatically without needing to use a separate find module for GDK.
* Source/cmake/OptionsGTK.cmake: Use the GTK::GTK imported target, change variables
prefixed with GTK3_ to use the GTK_ prefix, and remove variables which are not needed
anymore when using the target (GTK_LIBRARIES, GTK_INCLUDE_DIRS, GDK_LIBRARIES and
GDK_INCLUDE_DIRS).

Source/WebCore:

No new tests needed.

* PlatformGTK.cmake: Use the GTK::GTK imported target.

Source/WebCore/PAL:

* pal/PlatformGTK.cmake: Use the GTK::GTK imported target.

Tools:

* MiniBrowser/gtk/CMakeLists.txt: Use the GTK::GTK imported target.
* TestWebKitAPI/PlatformGTK.cmake: Ditto.
* TestWebKitAPI/glib/PlatformGTK.cmake: Ditto.
* WebKitTestRunner/PlatformGTK.cmake: Ditto.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259641 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoREGRESSION (r259383-259384): ASSERTION FAILED: 'Completion handler should always...
youenn@apple.com [Tue, 7 Apr 2020 16:09:43 +0000 (16:09 +0000)]
REGRESSION (r259383-259384): ASSERTION FAILED: 'Completion handler should always be called' seen with http/wpt/service-workers/service-worker-different-process.https.html
https://bugs.webkit.org/show_bug.cgi?id=209977

Reviewed by Chris Dumez.

* UIProcess/AuxiliaryProcessProxy.cpp:
(WebKit::AuxiliaryProcessProxy::~AuxiliaryProcessProxy):
In case AuxiliaryProcessProxy has some enqueued messages but process crashes on launch for instance,
we should call the completion handlers and fail.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259640 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[GTK] Gardening, IndexedDB flaky failures
dpino@igalia.com [Tue, 7 Apr 2020 16:09:21 +0000 (16:09 +0000)]
[GTK] Gardening, IndexedDB flaky failures
https://bugs.webkit.org/show_bug.cgi?id=210116

Unreviewed gardening.

* platform/gtk/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259639 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[JSC] Inlined IC should get right JSGlobalObject
ysuzuki@apple.com [Tue, 7 Apr 2020 16:04:57 +0000 (16:04 +0000)]
[JSC] Inlined IC should get right JSGlobalObject
https://bugs.webkit.org/show_bug.cgi?id=210092

Reviewed by Tadeu Zagallo.

JSTests:

* stress/getter-setter-globalobject-in-ic.js: Added.
(shouldBe):
(valueFunc):
(accessorFunc):
(valueTest):
(accessorTest):

Source/JavaScriptCore:

In DFG / FTL, CodeBlock in AccessCase is the DFG / FTL CodeBlock which includes all the inlined CodeBlocks.
If inlining happens with CodeBlock which has different JSGlobalObject, CodeBlock->globalObject() is different
to the actual lexical JSGlobalObject of the IC. So basically, we should not rely on codeBlock->globalObject() in IC.

This patch passes the correct lexical JSGlobalObject to IC to use. We do not retain this JSGlobalObject.
Since this is lexical JSGlobalObject of that IC, the owner CodeBlock of this IC should already retain it (even if this
JSGlobalObject is one of inlined CodeBlock since the owner CodeBlock retains inlined lower-tier CodeBlocks).

* bytecode/AccessCase.cpp:
(JSC::AccessCase::generateImpl):
* bytecode/PolymorphicAccess.cpp:
(JSC::PolymorphicAccess::regenerate):
* bytecode/PolymorphicAccess.h:
* bytecode/StructureStubInfo.cpp:
(JSC::StructureStubInfo::addAccessCase):
* bytecode/StructureStubInfo.h:
* jit/Repatch.cpp:
(JSC::tryCacheGetBy):
(JSC::tryCacheArrayGetByVal):
(JSC::tryCachePutByID):
(JSC::tryCacheDeleteBy):
(JSC::tryCacheInByID):
(JSC::tryCacheInstanceOf):
* tools/JSDollarVM.cpp:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259638 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoVisitedLinkStore.messages.in and VisitedLinkStore::addVisitedLinkHashFromPage() don...
ddkilzer@apple.com [Tue, 7 Apr 2020 16:00:52 +0000 (16:00 +0000)]
VisitedLinkStore.messages.in and VisitedLinkStore::addVisitedLinkHashFromPage() don't agree on type of `linkHash`
<https://webkit.org/b/210094>
<rdar://problem/60334644>

Reviewed by Chris Dumez.

* Scripts/webkit/messages.py:
(types_that_cannot_be_forward_declared):
- Don't forward-declare WebCore::SharedStringHash as a class
  since it is a uint32_t.
* UIProcess/VisitedLinkStore.messages.in:
- Use WebCore::SharedStringHash type for `linkHash` to fix the
  type mismatch.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259637 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[JSC] $.evalScript should check exception when accessing "global"
ysuzuki@apple.com [Tue, 7 Apr 2020 15:48:08 +0000 (15:48 +0000)]
[JSC] $.evalScript should check exception when accessing "global"
https://bugs.webkit.org/show_bug.cgi?id=210114
<rdar://problem/61388482>

Reviewed by Keith Miller.

JSTests:

* stress/eval-script-global-access-exception-check.js: Added.
(shouldThrow):

Source/JavaScriptCore:

$.evalScript should check exception after "global" property access since it can throw an error if it is an accessor.

* jsc.cpp:
(functionDollarEvalScript):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259636 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoUnreviewed, drop bad assertion introduced in r259610.
cdumez@apple.com [Tue, 7 Apr 2020 15:23:33 +0000 (15:23 +0000)]
Unreviewed, drop bad assertion introduced in r259610.

On some bots (in particular OpenSource iOS ones), we are unable to take the assertion
so this assertion does not hold true.

* UIProcess/ios/ProcessAssertionIOS.mm:
(WebKit::ProcessAssertion::ProcessAssertion):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259635 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoReset mock capture devices between layout tests
youenn@apple.com [Tue, 7 Apr 2020 14:16:53 +0000 (14:16 +0000)]
Reset mock capture devices between layout tests
https://bugs.webkit.org/show_bug.cgi?id=210098

Reviewed by Eric Carlson.

This fixes fast/mediastream/anonymize-device-name.html
failure since https://trac.webkit.org/changeset/259477/webkit.

* WebKitTestRunner/TestController.cpp:
(WTR::TestController::resetStateToConsistentValues):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259634 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoInitialization of modal nodes should happen lazily, not in the AXObjectCache constructor.
andresg_22@apple.com [Tue, 7 Apr 2020 11:52:25 +0000 (11:52 +0000)]
Initialization of modal nodes should happen lazily, not in the AXObjectCache constructor.
https://bugs.webkit.org/show_bug.cgi?id=210090

Reviewed by Chris Fleizach.

- The initialization of modal nodes was performed in the AXObjectCache
constructor, which is not necessary. Instead, this change performs the
initialization of the modal nodes before they are needed.
- updateCurrentModalNode was replaced with currentModalNode, and its
implementation cleaned up.
- Now the initialization and update of AXObjectCached::m_modalNodesSet
and m_currentMOdalNode is clearer.

* accessibility/AXObjectCache.cpp:
(WebCore::AXObjectCache::AXObjectCache):
(WebCore::AXObjectCache::findModalNodes):
(WebCore::AXObjectCache::currentModalNode const):
(WebCore::AXObjectCache::modalNode):
(WebCore::AXObjectCache::handleModalChange):
(WebCore::AXObjectCache::updateCurrentModalNode): Renamed currentModalNode.
* accessibility/AXObjectCache.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259633 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoRemove unnecessary memory allocation from RealtimeIncomingAudioSourceCocoa::OnData
youenn@apple.com [Tue, 7 Apr 2020 11:14:01 +0000 (11:14 +0000)]
Remove unnecessary memory allocation from RealtimeIncomingAudioSourceCocoa::OnData
https://bugs.webkit.org/show_bug.cgi?id=209969

Reviewed by Eric Carlson.

Instead of allocating a new buffer for every audio chunk and copy the audio chunk,
Create a WebAudioBufferList once (without any buffer allocation) and set the audio buffer pointer
given by libwebrtc as the WebAudioBufferList buffer pointer.
We do not take care of muted state anymore since this is done by consumers anyway.
Covered by existing tests.

* platform/mediastream/mac/RealtimeIncomingAudioSourceCocoa.cpp:
(WebCore::RealtimeIncomingAudioSourceCocoa::OnData):
* platform/mediastream/mac/RealtimeIncomingAudioSourceCocoa.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259632 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[GTK] gtk_icon_info_free is deprecated since GTK+ 3.8
csaavedra@igalia.com [Tue, 7 Apr 2020 09:47:36 +0000 (09:47 +0000)]
[GTK] gtk_icon_info_free is deprecated since GTK+ 3.8
https://bugs.webkit.org/show_bug.cgi?id=118381

Reviewed by Carlos Garcia Campos.

GtkIconInfo is a GObject since 3.8, update accordingly.

* platform/graphics/gtk/ImageGtk.cpp:
(WebCore::loadMissingImageIconFromTheme):
* platform/gtk/GUniquePtrGtk.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259631 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoAdd release asserts to KeyframeEffectStack::ensureEffectsAreSorted()
dougk@apple.com [Tue, 7 Apr 2020 08:25:59 +0000 (08:25 +0000)]
Add release asserts to KeyframeEffectStack::ensureEffectsAreSorted()
https://bugs.webkit.org/show_bug.cgi?id=210084
<rdar://problem/61359275>

Reviewed by Ryosuke Niwa.

To ensure any potential problems in KeyframeEffectStack::ensureEffectsAreSorted() are found closer to the
root cause, add several RELEASE_ASSERTs throughout this function (and its associated comparison function).
This should guard against null pointers/null WeakPtrs, as well as other state problems which would be
unexpected for the comparison function used by std::sort.

No new tests; this only adds additional asserts, so there is no change to functionality, and this code is
covered by existing tests.

* animation/KeyframeEffectStack.cpp:
(WebCore::KeyframeEffectStack::ensureEffectsAreSorted):
* animation/WebAnimationUtilities.cpp:
(WebCore::compareAnimationsByCompositeOrder):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259630 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoUse GlobalFrameIdentifier in NavigationAction
commit-queue@webkit.org [Tue, 7 Apr 2020 07:55:57 +0000 (07:55 +0000)]
Use GlobalFrameIdentifier in NavigationAction
https://bugs.webkit.org/show_bug.cgi?id=210036

Patch by Rob Buis <rbuis@igalia.com> on 2020-04-07
Reviewed by Darin Adler.

Source/WebCore:

Use GlobalFrameIdentifier in NavigationAction rather than adding
yet another custom data type.

* loader/NavigationAction.cpp:
(WebCore::createGlobalFrameIdentifier):
(WebCore::m_globalFrameIdentifier):
* loader/NavigationAction.h:
(WebCore::NavigationAction::Requester::globalFrameIdentifier const):
(WebCore::NavigationAction::Requester::pageID const): Deleted.
(WebCore::NavigationAction::Requester::frameID const): Deleted.

Source/WebKit:

Adapt to API change.

* WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:
(WebKit::WebFrameLoaderClient::dispatchDecidePolicyForNavigationAction):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259629 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoVersioning.
alancoon@apple.com [Tue, 7 Apr 2020 06:54:13 +0000 (06:54 +0000)]
Versioning.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259625 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoNullptr crash in CompositeEditCommand::splitTreeToNode when inserting image in anchor...
shihchieh_lee@apple.com [Tue, 7 Apr 2020 06:29:24 +0000 (06:29 +0000)]
Nullptr crash in CompositeEditCommand::splitTreeToNode when inserting image in anchor element that has uneditable parent
https://bugs.webkit.org/show_bug.cgi?id=210004
<rdar://problem/61206583>

Reviewed by Ryosuke Niwa.

Source/WebCore:

RemoveNodePreservingChildren can fail and leave the children dangling if the parent of the node
is uneditable. Added editability check for the to-be-removed node.

Test: editing/inserting/insert-img-anchor-uneditable-parent.html

* editing/RemoveNodePreservingChildrenCommand.cpp:
(WebCore::RemoveNodePreservingChildrenCommand::doApply):

LayoutTests:

Added a regression test for the crash.

* editing/inserting/insert-img-anchor-uneditable-parent-expected.txt: Added.
* editing/inserting/insert-img-anchor-uneditable-parent.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259624 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[GTK][WPE] Gardening EXIF orientation failure.
lmoura@igalia.com [Tue, 7 Apr 2020 04:59:57 +0000 (04:59 +0000)]
[GTK][WPE] Gardening EXIF orientation failure.

Unreviewed test gardening.

* platform/gtk/TestExpectations:
* platform/wpe/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259623 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoREGRESSION (r259531?): [iOS] TestWebKitAPI.WebKitLegacy.ScrollingDoesNotPauseMedia...
peng.liu6@apple.com [Tue, 7 Apr 2020 03:39:38 +0000 (03:39 +0000)]
REGRESSION (r259531?): [iOS] TestWebKitAPI.WebKitLegacy.ScrollingDoesNotPauseMedia is timing out
https://bugs.webkit.org/show_bug.cgi?id=210013

Reviewed by Daniel Bates.

Fix mistakes in the test and make it more reliable.

* TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
* TestWebKitAPI/Tests/WebKitLegacy/ios/ScrollingDoesNotPauseMedia.mm:
(-[ScrollingDoesNotPauseMediaDelegate handleEvent:]):
(TestWebKitAPI::TEST):
* TestWebKitAPI/Tests/WebKitLegacy/ios/one-video.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259622 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[Cocoa] REGRESSION(r254389): fast/text/international/system-language/declarative...
mmaxfield@apple.com [Tue, 7 Apr 2020 02:23:22 +0000 (02:23 +0000)]
[Cocoa] REGRESSION(r254389): fast/text/international/system-language/declarative-language.html is failing
https://bugs.webkit.org/show_bug.cgi?id=208023
<rdar://problem/59461792>

Reviewed by Simon Fraser.

minimizedLanguagesFromLanguages() is supposed to minimize the language list;
that's its whole raison d'être

* fast/text/international/system-language/declarative-language-expected.txt:
* fast/text/international/system-language/declarative-language.html:
* platform/mac/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259621 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoUse-after-move of Vector<ManipulationToken> in TextManipulationController::observePar...
ddkilzer@apple.com [Tue, 7 Apr 2020 02:16:48 +0000 (02:16 +0000)]
Use-after-move of Vector<ManipulationToken> in TextManipulationController::observeParagraphs()
<https://webkit.org/b/210086>

Reviewed by Ryosuke Niwa.

* editing/TextManipulationController.cpp:
(WebCore::TextManipulationController::observeParagraphs):
- Replace WTFMove() with std::exchange() to fix the clang static
  analyzer warning.  For WTF::Vector, this has no change in
  behavior.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259620 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoNullptr crash in WebCore::lastPositionInNode when indenting text node that has user...
shihchieh_lee@apple.com [Tue, 7 Apr 2020 01:45:56 +0000 (01:45 +0000)]
Nullptr crash in WebCore::lastPositionInNode when indenting text node that has user-select:all parent.
https://bugs.webkit.org/show_bug.cgi?id=210016
<rdar://problem/61014577>

Reviewed by Ryosuke Niwa.

Source/WebCore:

In rangeForParagraphSplittingTextNodesIfNeeded, added null check for previousSibling()
after splitTextNode is called, and returns empty positions to caller.

In formatSelection, check the returned positions from rangeForParagraphSplittingTextNodesIfNeeded
and stop indenting the rest of the paragraphs.

Test: fast/editing/indent-pre-user-select-all-crash.html

* editing/ApplyBlockElementCommand.cpp:
(WebCore::ApplyBlockElementCommand::formatSelection):
(WebCore::ApplyBlockElementCommand::rangeForParagraphSplittingTextNodesIfNeeded):

LayoutTests:

Added a regression test for the crash.

* fast/editing/indent-pre-user-select-all-crash-expected.txt: Added.
* fast/editing/indent-pre-user-select-all-crash.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259619 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoWeb Inspector: `console.log(...)` appear as `CONSOLE LOG LOG` in the system console
drousso@apple.com [Tue, 7 Apr 2020 01:04:05 +0000 (01:04 +0000)]
Web Inspector: `console.log(...)` appear as `CONSOLE LOG LOG` in the system console
https://bugs.webkit.org/show_bug.cgi?id=210083

Reviewed by Timothy Hatcher.

Source/JavaScriptCore:

* runtime/ConsoleClient.cpp:
(JSC::appendMessagePrefix):

Source/WebCore:

* page/PageConsoleClient.cpp:
(WebCore::PageConsoleClient::addMessage):
Use the actual `MessageSource` and `MessageType` when printing console messages.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259618 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[CMake] Use WEBKIT_EXECUTABLE in DumpRenderTree
don.olmstead@sony.com [Tue, 7 Apr 2020 00:58:30 +0000 (00:58 +0000)]
[CMake] Use WEBKIT_EXECUTABLE in DumpRenderTree
https://bugs.webkit.org/show_bug.cgi?id=210059

Reviewed by Fujii Hironori.

.:

Add a DumpRenderTree derived sources directory.

* Source/cmake/WebKitFS.cmake:

Tools:

Modify CMake code to use WEBKIT_EXECUTABLE when creating DumpRenderTree.

* DumpRenderTree/CMakeLists.txt:
* DumpRenderTree/PlatformWin.cmake:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259617 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoImageDiff: Don't build with ASan in automation
jbedard@apple.com [Tue, 7 Apr 2020 00:26:34 +0000 (00:26 +0000)]
ImageDiff: Don't build with ASan in automation
https://bugs.webkit.org/show_bug.cgi?id=210057
<rdar://problem/61234753>

Reviewed by David Kilzer.

* ImageDiff/cg/Configurations/ImageDiff.xcconfig: Disable ASan.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259616 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoCreate a way to signal if the WKAppBoundDomains list is empty
katherine_cheney@apple.com [Tue, 7 Apr 2020 00:11:43 +0000 (00:11 +0000)]
Create a way to signal if the WKAppBoundDomains list is empty
https://bugs.webkit.org/show_bug.cgi?id=210074
<rdar://problem/61359228>

Reviewed by Brent Fulgham.

Updates the WebFramePolicyListener to return an Optional<NavigatingToAppBoundDomain>
to signal if the WKAppBoundDomains list is empty. If so, we don't want to update
any app-bound domain parameters in WebPageProxy.

* UIProcess/WebFramePolicyListenerProxy.cpp:
(WebKit::WebFramePolicyListenerProxy::didReceiveAppBoundDomainResult):
* UIProcess/WebFramePolicyListenerProxy.h:
* UIProcess/WebFrameProxy.cpp:
(WebKit::WebFrameProxy::setUpPolicyListenerProxy):
* UIProcess/WebFrameProxy.h:
* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::decidePolicyForNavigationAction):
(WebKit::WebPageProxy::decidePolicyForNewWindowAction):
(WebKit::WebPageProxy::decidePolicyForResponseShared):
* UIProcess/WebsiteData/Cocoa/WebsiteDataStoreCocoa.mm:
(WebKit::WebsiteDataStore::beginAppBoundDomainCheck):
Changed the WebFramePolicyListener to take a NavigatingToAppBoundDomain
type as opposed to a boolean to allow it to handle the empty value.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259615 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoREGRESSION: 68000 JSC tests failing.
mark.lam@apple.com [Tue, 7 Apr 2020 00:11:24 +0000 (00:11 +0000)]
REGRESSION: 68000 JSC tests failing.
https://bugs.webkit.org/show_bug.cgi?id=210078
<rdar://problem/61364513>

Reviewed by Yusuke Suzuki.

The missing exception check is in jsc shell's GlobalObject::finishCreation().
Since this is just a debugging tool, and this exception will never be thrown in
practice, I've placated the validator by RELEASE_ASSERT'ing that the exception
will never be thrown.

* jsc.cpp:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259614 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoREGRESSION: 4 TestWebKitAPI.DragAndDropTests.DataTransferSetData tests failing on iOS
wenson_hsieh@apple.com [Tue, 7 Apr 2020 00:00:04 +0000 (00:00 +0000)]
REGRESSION: 4 TestWebKitAPI.DragAndDropTests.DataTransferSetData tests failing on iOS
https://bugs.webkit.org/show_bug.cgi?id=209685
<rdar://problem/60987461>

Reviewed by Megan Gardner.

After updating a WebKit open source test runner to iOS 13.4, 4 pasteboard-related API tests began to fail in
release builds on that particular bot. Logging statements added in r259465, r259518, r259534, and r259541
strongly suggest that this is due to an IPC dispatch race when clearing the platform pasteboard before writing
custom pasteboard data. On iOS, the former is dispatched asynchronously, while the latter is dispatched as sync
IPC. This means that if the UI process happens to be waiting for a sync IPC response from the web process, it
will end up handling the incoming IPC messages out of order by immediately dispatching sync IPC (in this case,
writing custom pasteboard data) before dispatching the async IPC (clearing data). This causes the custom
pasteboard data to be cleared on the platform pasteboard immediately after it is written.

To fix this, we limit clearing pasteboard data to when we would've otherwise avoided writing any custom
pasteboard data, and additionally make it so that writing custom pasteboard data always clears out any pre-
existing content on the pasteboard (obviating the need for a separate message to clear the pasteboard). Note
that writing custom pasteboard data always clears the existing pasteboard on macOS and iOS -- on macOS, we use
`-declareTypes:owner:`; on iOS, we use `-setItemProviders:`; in the case of macCatalyst, we `-setItems:`.

* dom/DataTransfer.cpp:
(WebCore::DataTransfer::commitToPasteboard):

Push the call to clear the pasteboard down from the call sites of `commitToPasteboard` into `commitToPasteboard`
itself; then, only explicitly clear the pasteboard in the case where we aren't writing custom pasteboard data
(i.e. either custom pasteboard data is disabled, or there is no data to write),

(WebCore::DataTransfer::moveDragState): See above.
* editing/Editor.cpp:
(WebCore::dispatchClipboardEvent): See above.
* platform/ios/WebItemProviderPasteboard.mm:
(-[WebItemProviderPasteboard stageRegistrationLists:]):

Remove always-on logging added in r259541 to help diagnose the test failures.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259613 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[ Mac wk1 Debug ] inspector/debugger/evaluateOnCallFrame-errors.html is flaky failing.
lawrence.j@apple.com [Mon, 6 Apr 2020 23:39:40 +0000 (23:39 +0000)]
[ Mac wk1 Debug ] inspector/debugger/evaluateOnCallFrame-errors.html is flaky failing.
https://bugs.webkit.org/show_bug.cgi?id=210079

Unreviewed test gardening.

* platform/mac-wk1/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259612 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoDelete line boxes when moving text renderers between block flows
zalan@apple.com [Mon, 6 Apr 2020 23:34:51 +0000 (23:34 +0000)]
Delete line boxes when moving text renderers between block flows
https://bugs.webkit.org/show_bug.cgi?id=210000

Reviewed by Antti Koivisto.

After style and/or tree mutation the existing line boxes are destroyed during the subsequent layout.
When the text renderer moves between block flows and the destination block flow initiates a different
type of line layout, we need to make sure the previous line content is cleaned up properly.

* rendering/RenderBlockFlow.cpp:
(WebCore::RenderBlockFlow::layoutSimpleLines):
(WebCore::RenderBlockFlow::layoutLFCLines):
* rendering/RenderText.cpp:
(WebCore::RenderText::removeAndDestroyTextBoxes):
(WebCore::RenderText::dirtyLineBoxes):
(WebCore::RenderText::deleteLineBoxes):
* rendering/RenderText.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259611 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[iOS] Transition most process assertions to RunningBoard
cdumez@apple.com [Mon, 6 Apr 2020 23:25:58 +0000 (23:25 +0000)]
[iOS] Transition most process assertions to RunningBoard
https://bugs.webkit.org/show_bug.cgi?id=210065
<rdar://problem/61354901>

Reviewed by Geoffrey Garen.

Transition most process assertions to RunningBoard, instead of legacy BKSProcessAssertion.
The only assertion that still uses BKSProcessAssertion is the MediaPlayback once because
we do not have a RunningBoard equivalent for this one yet (see <rdar://problem/61263147>).

* UIProcess/ProcessAssertion.h:
* UIProcess/ios/ProcessAssertionIOS.mm:
(-[WKRBSAssertionDelegate assertionWillInvalidate:]):
(-[WKRBSAssertionDelegate assertion:didInvalidateWithError:]):
(WebKit::runningBoardNameForAssertionType):
(WebKit::ProcessAssertion::ProcessAssertion):
(WebKit::ProcessAssertion::~ProcessAssertion):
(WebKit::ProcessAssertion::processAssertionWasInvalidated):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259610 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoUpdate my committer status
commit-queue@webkit.org [Mon, 6 Apr 2020 23:16:28 +0000 (23:16 +0000)]
Update my committer status
https://bugs.webkit.org/show_bug.cgi?id=210072

Patch by Kenneth Russell <kbr@chromium.org> on 2020-04-06
Reviewed by Dean Jackson.

Update contributors.json to reflect that my lapsed committer
status was recently reinstated.

* Scripts/webkitpy/common/config/contributors.json:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259607 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoUpdate minimum ICU version to 60.2
ross.kirsling@sony.com [Mon, 6 Apr 2020 23:15:45 +0000 (23:15 +0000)]
Update minimum ICU version to 60.2
https://bugs.webkit.org/show_bug.cgi?id=209694

Reviewed by Darin Adler.

.:

* Source/cmake/OptionsAppleWin.cmake:
* Source/cmake/OptionsCommon.cmake:
* Source/cmake/OptionsFTW.cmake:
* Source/cmake/OptionsGTK.cmake:
* Source/cmake/OptionsJSCOnly.cmake:
* Source/cmake/OptionsMac.cmake:
* Source/cmake/OptionsPlayStation.cmake:
* Source/cmake/OptionsWPE.cmake:
* Source/cmake/OptionsWinCairo.cmake:
Indicate 60.2 as minimum version (as required by GTK for supporting Ubuntu 18.04 LTS).
Also ensure that the C++ API is hidden for all platforms.

Source/JavaScriptCore:

* icu/LICENSE: Deleted.
* icu/README: Deleted.
Remove leftover files following r219155.

* runtime/IntlDateTimeFormat.cpp:
(JSC::IntlDateTimeFormat::UFieldPositionIteratorDeleter::operator() const):
(JSC::IntlDateTimeFormat::partTypeString):
(JSC::IntlDateTimeFormat::formatToParts):
* runtime/IntlDateTimeFormat.h:
* runtime/IntlDateTimeFormatPrototype.cpp:
(JSC::IntlDateTimeFormatPrototype::finishCreation):
(JSC::IntlDateTimeFormatPrototypeFuncFormatToParts):
* runtime/IntlNumberFormat.cpp:
(JSC::IntlNumberFormat::partTypeString):
(JSC::IntlNumberFormat::formatToParts):
* runtime/IntlNumberFormat.h:
* runtime/IntlNumberFormatPrototype.cpp:
(JSC::IntlNumberFormatPrototype::finishCreation):
(JSC::IntlNumberFormatPrototypeFuncFormatToParts):
* runtime/IntlPluralRules.cpp:
(JSC::IntlPluralRules::resolvedOptions):
(JSC::IntlPluralRules::select):
* runtime/IntlPluralRules.h:
* runtime/JSGlobalObjectFunctions.cpp:
(JSC::decode):
Remove obsoleted compile-time version checks.

Source/WebCore:

* PlatformMac.cmake:
* WebCore.xcodeproj/project.pbxproj:
* icu/LICENSE: Deleted.
* icu/README: Deleted.
Remove leftover files following r219155 as well as a corresponding Xcode step.

* editing/cocoa/DataDetection.mm:
(WebCore::buildQuery):
* page/ios/FrameIOS.mm:
(WebCore::Frame::interpretationsForCurrentRoot const):
* platform/cocoa/KeyEventCocoa.mm:
(WebCore::keyForCharCode):
* platform/cocoa/TelephoneNumberDetectorCocoa.cpp:
(WebCore::TelephoneNumberDetector::find):
* platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
(WebCore::MediaPlayerPrivateAVFoundationObjC::shouldWaitForLoadingOfResource):
* platform/graphics/cocoa/FontCacheCoreText.cpp:
(WebCore::createFontForCharacters):
(WebCore::FontCache::prewarm):
* platform/graphics/mac/ComplexTextControllerCoreText.mm:
(WebCore::provideStringAndAttributes):
* platform/graphics/mac/GlyphPageMac.cpp:
(WebCore::GlyphPage::fill):
Manually convert between UChar and UniChar/unichar where needed.

* platform/text/CharacterProperties.h:
(WebCore::isEmojiGroupCandidate):
(WebCore::isEmojiWithPresentationByDefault):
(WebCore::isEmojiModifierBase):
(WebCore::icuLibraryUnderstandsSupplementalSymbolsAndPictographs): Deleted.
Remove obsoleted compile-time and runtime version checks.

Source/WebKit:

* WebProcess/InjectedBundle/API/mac/WKDOMTextIterator.mm:
(-[WKDOMTextIterator currentTextPointer]):
Manually convert between UChar and UniChar/unichar where needed.

Source/WebKitLegacy/mac:

* Misc/WebKitNSStringExtras.mm:
(-[NSString _web_drawAtPoint:font:textColor:]):
(-[NSString _web_widthWithFont:]):
* WebCoreSupport/WebVisitedLinkStore.mm:
(WebVisitedLinkStore::addVisitedLink):
* WebView/WebTextIterator.mm:
(-[WebTextIterator currentTextPointer]):
Manually convert between UChar and UniChar/unichar where needed.

Source/WTF:

This patch has two immediate motivations:
  1. To properly introduce a minimum ICU version for WebKit as a whole
     (responding to a pain point identified in bug 209579)
  2. To support the development of ECMA-402 Intl API features, which JSC is quite behind on
     (and which often boil down to exposing ICU functionality to JavaScript)

* icu/LICENSE:
* icu/README:
* icu/unicode/:
Update ICU headers to major version 62, the version included in macOS Mojave.

* wtf/text/AtomString.h:
* wtf/text/WTFString.h:
Remove obsoleted compile-time version checks.

* wtf/text/cocoa/StringCocoa.mm:
(WTF::String::String):
* wtf/text/cocoa/StringViewCocoa.mm:
(WTF::StringView::createNSString const):
(WTF::StringView::createNSStringWithoutCopying const):
Manually convert between UChar and UniChar/unichar where needed.

Tools:

* TestWebKitAPI/Tests/WTF/StringConcatenate.cpp:
Remove obsoleted compile-time version checks.

* DumpRenderTree/TestRunner.cpp:
(TestRunner::runUIScript):
* TestWebKitAPI/Tests/WebCore/LineBreaking.mm:
(breakingLocationsFromICU):
Manually convert between UChar and UniChar/unichar where needed.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259606 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoMake ScrollableArea TextStream-loggable
simon.fraser@apple.com [Mon, 6 Apr 2020 21:59:37 +0000 (21:59 +0000)]
Make ScrollableArea TextStream-loggable
https://bugs.webkit.org/show_bug.cgi?id=210042

Reviewed by Darin Adler.

ScrollableArea is a pure virtual base class, so has to dump via a virtual function,
so add debugDescription() and implement it in derived classes.

Make the common pattern be that operator<<(TextStream&, ...) calls debugDescription.

Source/WebCore:

* page/Frame.cpp:
(WebCore::Frame::debugDescription const):
(WebCore::operator<<):
* page/Frame.h:
* page/FrameView.cpp:
(WebCore::FrameView::debugDescription const):
(WebCore::operator<<):
* page/FrameView.h:
* platform/ScrollView.cpp:
(WebCore::ScrollView::debugDescription const):
* platform/ScrollView.h:
* platform/ScrollableArea.cpp:
(WebCore::operator<<):
* platform/ScrollableArea.h:
* rendering/RenderLayer.cpp:
(WebCore::RenderLayer::debugDescription const):
(WebCore::RenderLayer::calculateClipRects const):
* rendering/RenderLayer.h:
* rendering/RenderLayerCompositor.cpp:
(WebCore::RenderLayerCompositor::updateCompositingLayers):
* rendering/RenderListBox.cpp:
(WebCore::RenderListBox::debugDescription const):
* rendering/RenderListBox.h:

Source/WebKit:

* UIProcess/win/WebPopupMenuProxyWin.cpp:
(WebKit::WebPopupMenuProxyWin::debugDescription const):
* UIProcess/win/WebPopupMenuProxyWin.h:
* WebProcess/Plugins/PDF/PDFPlugin.h:
* WebProcess/Plugins/PDF/PDFPlugin.mm:
(WebKit::PDFPlugin::debugDescription const):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259597 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agostorage/indexeddb/value-cursor-cycle.html is flaky failing because it incorrectly...
lawrence.j@apple.com [Mon, 6 Apr 2020 21:59:15 +0000 (21:59 +0000)]
storage/indexeddb/value-cursor-cycle.html is flaky failing because it incorrectly thinks our JS GC is precise.
https://bugs.webkit.org/show_bug.cgi?id=210046

Unreviewed test gardening.

* platform/mac/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259596 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoNullptr crash in CompositeEditCommand::moveParagraphContentsToNewBlockIfNecessary...
shihchieh_lee@apple.com [Mon, 6 Apr 2020 21:44:11 +0000 (21:44 +0000)]
Nullptr crash in CompositeEditCommand::moveParagraphContentsToNewBlockIfNecessary with draggable text
https://bugs.webkit.org/show_bug.cgi?id=209999
<rdar://problem/58978340>

Reviewed by Ryosuke Niwa.

Source/WebCore:

VisibleParagraphStart/End may return empty VisiblePosition if no proper element or node
can be used as position candidate. Add null check for the returned VisiblePositions.

Test: fast/css/style-change-draggable-text.html

* editing/CompositeEditCommand.cpp:
(WebCore::CompositeEditCommand::moveParagraphContentsToNewBlockIfNecessary):

LayoutTests:

Added a regression test for the crash.

* fast/css/style-change-draggable-text-expected.txt: Added.
* fast/css/style-change-draggable-text.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259595 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoStrengthen the ASSERT in ImageDecoderAVFObjC::storeSampleBuffer().
jer.noble@apple.com [Mon, 6 Apr 2020 20:53:56 +0000 (20:53 +0000)]
Strengthen the ASSERT in ImageDecoderAVFObjC::storeSampleBuffer().
https://bugs.webkit.org/show_bug.cgi?id=209972
<rdar://problem/60727431>

Reviewed by Brent Fulgham.

* platform/graphics/avfoundation/objc/ImageDecoderAVFObjC.mm:
(WebCore::ImageDecoderAVFObjC::storeSampleBuffer):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259594 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[ Mac wk2 ] http/tests/media/track-in-band-hls-metadata.html is flaky crashing.
jer.noble@apple.com [Mon, 6 Apr 2020 20:48:29 +0000 (20:48 +0000)]
[ Mac wk2 ] http/tests/media/track-in-band-hls-metadata.html is flaky crashing.
https://bugs.webkit.org/show_bug.cgi?id=209490
<rdar://problem/60837555>

Reviewed by Darin Adler.

Source/WebCore:

To ensure the TaskDispatcher doesn't get destroyed on a background thread at the same time it's
executing tasks on the main thread, when a GenericTaskQueue is destroyed on a background thread,
move the TaskDispatcher into a task, and use the dispatcher itself to destroy itself on the
main thread.

* platform/GenericTaskQueue.h:
(WebCore::GenericTaskQueue::GenericTaskQueue):
(WebCore::GenericTaskQueue::~GenericTaskQueue):
(WebCore::GenericTaskQueue::enqueueTask):

LayoutTests:

* platform/mac-wk2/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259593 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[GTK][WPE] Re-enable WPT web-animations animation-types tests and updating baselines
rego@igalia.com [Mon, 6 Apr 2020 20:37:13 +0000 (20:37 +0000)]
[GTK][WPE] Re-enable WPT web-animations animation-types tests and updating baselines
https://bugs.webkit.org/show_bug.cgi?id=186139

Reviewed by Carlos Alberto Lopez Perez.

These tests are no longer timing out, so this patch unflags them from TestExpectations.
Apart from that the -expected.txt baselines are updated too.

* platform/gtk/TestExpectations:
* platform/gtk/imported/w3c/web-platform-tests/web-animations/animation-model/animation-types/accumulation-per-property-expected.txt:
* platform/gtk/imported/w3c/web-platform-tests/web-animations/animation-model/animation-types/addition-per-property-expected.txt:
* platform/gtk/imported/w3c/web-platform-tests/web-animations/animation-model/animation-types/interpolation-per-property-expected.txt:
* platform/wpe/TestExpectations:
* platform/wpe/imported/w3c/web-platform-tests/web-animations/animation-model/animation-types/accumulation-per-property-expected.txt:
* platform/wpe/imported/w3c/web-platform-tests/web-animations/animation-model/animation-types/addition-per-property-expected.txt:
* platform/wpe/imported/w3c/web-platform-tests/web-animations/animation-model/animation-types/interpolation-per-property-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259592 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoUnreviewed, reverting r259469.
commit-queue@webkit.org [Mon, 6 Apr 2020 20:36:58 +0000 (20:36 +0000)]
Unreviewed, reverting r259469.
https://bugs.webkit.org/show_bug.cgi?id=210066

Introduced media playback regression (Requested by perarne on
#webkit).

Reverted changeset:

"[iOS] Deny mach lookup access to the runningboard service in
the WebContent process"
https://bugs.webkit.org/show_bug.cgi?id=209933
https://trac.webkit.org/changeset/259469

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259591 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoUnreviewed sandbox compile fix.
pvollan@apple.com [Mon, 6 Apr 2020 20:26:48 +0000 (20:26 +0000)]
Unreviewed sandbox compile fix.

* Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259590 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoUpdate ANGLE to 2020-03-27
commit-queue@webkit.org [Mon, 6 Apr 2020 20:12:39 +0000 (20:12 +0000)]
Update ANGLE to 2020-03-27
https://bugs.webkit.org/show_bug.cgi?id=209689

Patch by Kenneth Russell <kbr@chromium.org> on 2020-04-06
Reviewed by Darin Adler.

Use update-angle.sh script by James Darpinian to roll ANGLE to
commit b387ce9389ede6a4ed3b831ab1b8187927fa295f in
https://chromium.googlesource.com/angle/angle .

changes.diff has been auto-updated with Apple's diffs relative to
upstream. No additional manual changes are made in this roll.
Long autogenerated file list omitted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259589 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[Clang 10] Fix -Wimplicit-int-float-conversion compilation warnings in JavaScriptCore
Hironori.Fujii@sony.com [Mon, 6 Apr 2020 20:07:45 +0000 (20:07 +0000)]
[Clang 10] Fix -Wimplicit-int-float-conversion compilation warnings in JavaScriptCore
https://bugs.webkit.org/show_bug.cgi?id=210038

Reviewed by Darin Adler.

Clang 10 reports a compilation warning in JavaScriptCore:
> ..\..\Source\JavaScriptCore\bytecode/CodeBlock.cpp(3002,24): warning: implicit conversion from 'unsigned long long' to 'double' changes value from 18446744073709551615 to 18446744073709551616 [-Wimplicit-int-float-conversion]
>     if (doubleResult > std::numeric_limits<size_t>::max())
>                      ~ ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Use a template variable maxPlusOne<T> which was added by r259537
for the purpose.

* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::predictedMachineCodeSize): Replaced '>' with '>=',
and std::numeric_limits<size_t>::max() with maxPlusOne<size_t>.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259588 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoRemove unnecessary Test262 harness file and implement $262.IsHTMLDDA
shvaikalesh@gmail.com [Mon, 6 Apr 2020 19:01:57 +0000 (19:01 +0000)]
Remove unnecessary Test262 harness file and implement $262.IsHTMLDDA
https://bugs.webkit.org/show_bug.cgi?id=187526

Reviewed by Darin Adler.

JSTests:

* stress/optional-chaining.js: Adjust test for callable masquerader.

Source/JavaScriptCore:

Test262 harness requires [1] $262.IsHTMLDDA to be an object with [[IsHTMLDDA]] slot [2],
much like `document.all`. It is used in a few tests to make sure that runtimes strictly
compare values with `null` and `undefined`.

With this change, `makeMasquerader` returns callable masquerader to mimic `document.all`
in the wild. In order to avoid `masqueradesAsUndefinedWatchpoint` being fired during
initialization of JSC shell, $262.IsHTMLDDA is a getter.

[1]: https://github.com/tc39/test262/blob/master/INTERPRETING.md#host-defined-functions
[2]: https://tc39.es/ecma262/#sec-IsHTMLDDA-internal-slot

* jsc.cpp:
(functionMakeMasquerader):
(functionCallMasquerader):
(JSC::Masquerader::Masquerader): Deleted.
(JSC::Masquerader::subspaceFor): Deleted.
(JSC::Masquerader::create): Deleted.
(JSC::Masquerader::createStructure): Deleted.
* runtime/JSObject.h:

Tools:

Removed file duplicates functionality of jsc.cpp's GlobalObject::finishCreation.

* Scripts/test262/Runner.pm:
* Scripts/test262/agent.js: Removed.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259587 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[ macOS ] inspector/debugger/break-in-constructor-before-super.html is a flaky failure
jacob_uphoff@apple.com [Mon, 6 Apr 2020 18:55:14 +0000 (18:55 +0000)]
[ macOS ] inspector/debugger/break-in-constructor-before-super.html is a flaky failure
https://bugs.webkit.org/show_bug.cgi?id=210062

Unreviewed test gardening.

* platform/mac/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259586 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago'currentcolor' doesn't need setHasExplicitlyInheritedProperties marking anymore
antti@apple.com [Mon, 6 Apr 2020 18:54:09 +0000 (18:54 +0000)]
'currentcolor' doesn't need setHasExplicitlyInheritedProperties marking anymore
https://bugs.webkit.org/show_bug.cgi?id=210017

Reviewed by Darin Adler.

Source/WebCore:

Removing this marking reveals problems in style update avoidance code in CSSComputedStyleDeclaration
that also need to be addressed. The problems are not specific to exlicit 'currentcolor', they also reproduce
with the initial value (thus the new test).

Test: fast/css/currentColor-initial-style-update.html

* css/CSSComputedStyleDeclaration.cpp:
(WebCore::nonInheritedColorPropertyHasValueCurrentColor):

Add a helper.

(WebCore::hasValidStyleForProperty):

Treat a non-inherited color property as inherited if it is 'currentcolor'.

(WebCore::updateStyleIfNeededForProperty):

Expand shorthands so properties like border-color test correctly.

* css/CSSProperty.cpp:
(WebCore::CSSProperty::isColorProperty):

Move here from CSSParserFastPaths.

* css/CSSProperty.h:
* css/parser/CSSParserFastPaths.cpp:
(WebCore::CSSParserFastPaths::maybeParseValue):
(WebCore::isColorPropertyID): Deleted.
* rendering/style/RenderStyle.cpp:
(WebCore::RenderStyle::unresolvedColorForProperty const):

Factor into a helper.
Handle all color values.

(WebCore::RenderStyle::colorResolvingCurrentColor const):

Renamed for clarity and some cleanups.

(WebCore::RenderStyle::visitedDependentColor const):
(WebCore::RenderStyle::colorIncludingFallback const): Deleted.
* rendering/style/RenderStyle.h:
(WebCore::RenderStyle::isCurrentColor):
* style/StyleBuilderState.cpp:
(WebCore::Style::BuilderState::colorFromPrimitiveValue const):

Remove setHasExplicitlyInheritedProperties marking.

LayoutTests:

* fast/css/currentColor-initial-style-update-expected.txt: Added.
* fast/css/currentColor-initial-style-update.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259585 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months ago[GTK] Remove unused header in web process
commit-queue@webkit.org [Mon, 6 Apr 2020 18:48:38 +0000 (18:48 +0000)]
[GTK] Remove unused header in web process
https://bugs.webkit.org/show_bug.cgi?id=210053

Patch by Víctor Manuel Jáquez Leal <vjaquez@igalia.com> on 2020-04-06
Reviewed by Michael Catanzaro.

Remove unused headers from code removed in r203774.

No new tests required.

* WebProcess/gtk/WebProcessMainGtk.cpp:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259584 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoAllow deleteById to be cached in the DFG
justin_michaud@apple.com [Mon, 6 Apr 2020 18:48:04 +0000 (18:48 +0000)]
Allow deleteById to be cached in the DFG
https://bugs.webkit.org/show_bug.cgi?id=208664

Reviewed by Saam Barati.

JSTests:

* microbenchmarks/delete-property-allocation-sinking.js: Added.
(assert):
(noInline.assert.blackbox):
(noInline.blackbox.doAlloc1):
(noInline.doAlloc1):
* microbenchmarks/polyvariant-delete-property.js: Added.
(assert):
(blackbox):
(noInline.blackbox.polyvariant):
(doAlloc1):
(noInline.doAlloc1.doAlloc2):
(noInline.doAlloc2):
* stress/delete-property-dfg-inline.js: Added.
(assert):
(noInline.assert.assert_throws):
(noInline.assert_throws.blackbox):
(noInline.blackbox.testSingleStructure.doAlloc1):
(noInline.blackbox.testSingleStructure):
(noInline.testSingleStructure.testInlineSingleStructure.doDelete2):
(noInline.testSingleStructure.testInlineSingleStructure.doAlloc2):
(noInline.testSingleStructure.testInlineSingleStructure):
(noInline.testInlineSingleStructure.testExit.doDelete3):
(noInline.testInlineSingleStructure.testExit):
(noInline.testExit.testSingleStructureMiss.doAlloc4):
(noInline.testExit.testSingleStructureMiss):
(noInline.testSingleStructureMiss.testSingleStructureMissStrict.string_appeared_here.doAlloc5):
(noInline.testSingleStructureMiss.testSingleStructureMissStrict):
(noInline.testSingleStructureMissStrict.testSingleStructureMissNonConfigurable.doAlloc6):
(noInline.testSingleStructureMissStrict.testSingleStructureMissNonConfigurable):
(noInline.testSingleStructureMissNonConfigurable.testSingleStructureEmpty.doAlloc7):
(noInline.testSingleStructureMissNonConfigurable.testSingleStructureEmpty):
(noInline.testSingleStructureEmpty.testPolymorphic.doDelete8):
(noInline.testSingleStructureEmpty.testPolymorphic):
(noInline.testPolymorphic.testPolyvariant.doDelete9):
(noInline.testPolymorphic.testPolyvariant.polyvariant):
(noInline.testPolymorphic.testPolyvariant):
(noInline.testPolyvariant.testConstantFolding.doDelete10):
(noInline.testPolyvariant.testConstantFolding):
(noInline.testConstantFolding.testObjectSinking.doAlloc11):
(noInline.testConstantFolding.testObjectSinking):
(noInline.testObjectSinking.testProxy.doAlloc12):
(noInline.testObjectSinking.testProxy.noInline.doDelete12):
(noInline.testObjectSinking.testProxy):
(noInline.testProxy.testTypedArray.doDelete12):
(noInline.testProxy.testTypedArray):
(noInline.testTypedArray.testMissMixed.doDelete13):
(noInline.testTypedArray.testMissMixed):
(noInline.testMissMixed.testMissNonMixed.doDelete14):
(noInline.testMissMixed.testMissNonMixed):
(noInline.testMissNonMixed.testByVal.doDelete15):
(noInline.testMissNonMixed.testByVal):

Source/JavaScriptCore:

When we see that the deleteById inline cache only saw one structure, we inline it into the DFG. This involves
creating a new node, FilterDeleteByStatus, and then turning these DeleteById nodes into a FilterDeleteByStatus,
CheckStructure, PutByOffset, then PutStructure (or just a CheckStructure in the case of a miss). The logic for
pessimising this optimization is the same as for PutById, giving inlined functions the opportunity to use only
the DFG profiling information, while everything else uses the DFG+Baseline information.

This also adds a MultiDeleteByOffset node, for the case when there are multiple structures seen by the delete. If
all of the cases are the same kind of miss, then we only emit a CheckStructure and constant.

Finally, if we see a delete by val with a single identifier, we inline that too.

This patch removes a dead code path from deleteProperty that checks if we need to nuke the object's butterfly.
This also fixes a bug where we were checking the neutering status of typed arrays for named properties when we should
only check for indexed properties. The behavior of this now matches for all tiers including when cached.

The benchmark shows a 2x improvement on polyvariant-delete-property, and a 50% improvement on delete-property-allocation-sinking.

* CMakeLists.txt:
* JavaScriptCore.xcodeproj/project.pbxproj:
* Sources.txt:
* bytecode/AccessCase.cpp:
(JSC::AccessCase::createDelete):
(JSC::AccessCase::generateImpl):
* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::getICStatusMap):
* bytecode/DeleteByIdVariant.cpp: Added.
(JSC::DeleteByIdVariant::DeleteByIdVariant):
(JSC::DeleteByIdVariant::~DeleteByIdVariant):
(JSC::DeleteByIdVariant::operator=):
(JSC::DeleteByIdVariant::attemptToMerge):
(JSC::DeleteByIdVariant::writesStructures const):
(JSC::DeleteByIdVariant::visitAggregate):
(JSC::DeleteByIdVariant::markIfCheap):
(JSC::DeleteByIdVariant::dump const):
(JSC::DeleteByIdVariant::finalize):
(JSC::DeleteByIdVariant::dumpInContext const):
* bytecode/DeleteByIdVariant.h: Added.
(JSC::DeleteByIdVariant::oldStructure const):
(JSC::DeleteByIdVariant::newStructure const):
(JSC::DeleteByIdVariant::result const):
(JSC::DeleteByIdVariant::offset const):
(JSC::DeleteByIdVariant::isPropertyUnset const):
(JSC::DeleteByIdVariant::identifier const):
(JSC::DeleteByIdVariant::overlaps):
* bytecode/DeleteByStatus.cpp: Added.
(JSC::DeleteByStatus::appendVariant):
(JSC::DeleteByStatus::computeForBaseline):
(JSC::DeleteByStatus::DeleteByStatus):
(JSC::DeleteByStatus::computeForStubInfoWithoutExitSiteFeedback):
(JSC::DeleteByStatus::computeFor):
(JSC::DeleteByStatus::slowVersion const):
(JSC::DeleteByStatus::merge):
(JSC::DeleteByStatus::filter):
(JSC::DeleteByStatus::singleIdentifier const):
(JSC::DeleteByStatus::visitAggregate):
(JSC::DeleteByStatus::markIfCheap):
(JSC::DeleteByStatus::finalize):
(JSC::DeleteByStatus::dump const):
* bytecode/DeleteByStatus.h: Added.
* bytecode/ICStatusMap.h:
* bytecode/RecordedStatuses.cpp:
(JSC::RecordedStatuses::operator=):
(JSC::RecordedStatuses::addDeleteByStatus):
(JSC::RecordedStatuses::visitAggregate):
(JSC::RecordedStatuses::markIfCheap):
* bytecode/RecordedStatuses.h:
(JSC::RecordedStatuses::forEachVector):
* dfg/DFGAbstractInterpreterInlines.h:
(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
(JSC::DFG::AbstractInterpreter<AbstractStateType>::filterICStatus):
* dfg/DFGArgumentsEliminationPhase.cpp:
* dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::handleDeleteById):
(JSC::DFG::ByteCodeParser::parseBlock):
* dfg/DFGClobberize.h:
(JSC::DFG::clobberize):
* dfg/DFGClobbersExitState.cpp:
(JSC::DFG::clobbersExitState):
* dfg/DFGConstantFoldingPhase.cpp:
(JSC::DFG::ConstantFoldingPhase::foldConstants):
(JSC::DFG::ConstantFoldingPhase::emitDeleteByOffset):
* dfg/DFGDoesGC.cpp:
(JSC::DFG::doesGC):
* dfg/DFGFixupPhase.cpp:
(JSC::DFG::FixupPhase::fixupNode):
* dfg/DFGGraph.cpp:
(JSC::DFG::Graph::dump):
* dfg/DFGGraph.h:
* dfg/DFGMayExit.cpp:
* dfg/DFGNode.cpp:
(JSC::DFG::MultiDeleteByOffsetData::writesStructures const):
* dfg/DFGNode.h:
(JSC::DFG::Node::hasMultiDeleteByOffsetData):
(JSC::DFG::Node::multiDeleteByOffsetData):
(JSC::DFG::Node::hasDeleteByStatus):
(JSC::DFG::Node::deleteByStatus):
* dfg/DFGNodeType.h:
* dfg/DFGObjectAllocationSinkingPhase.cpp:
* dfg/DFGPredictionPropagationPhase.cpp:
* dfg/DFGSafeToExecute.h:
(JSC::DFG::safeToExecute):
* dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* dfg/DFGTypeCheckHoistingPhase.cpp:
(JSC::DFG::TypeCheckHoistingPhase::identifyRedundantStructureChecks):
(JSC::DFG::TypeCheckHoistingPhase::identifyRedundantArrayChecks):
* dfg/DFGValidate.cpp:
* dfg/DFGVarargsForwardingPhase.cpp:
* ftl/FTLCapabilities.cpp:
(JSC::FTL::canCompile):
* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileNode):
(JSC::FTL::DFG::LowerDFGToB3::compileMultiDeleteByOffset):
* runtime/JSGenericTypedArrayViewInlines.h:
(JSC::JSGenericTypedArrayView<Adaptor>::deleteProperty):
* runtime/JSObject.cpp:
(JSC::JSObject::deleteProperty):
* runtime/Structure.h:
* runtime/StructureInlines.h:
(JSC::Structure::mayHaveIndexingHeader const): Deleted.
(JSC::Structure::canCacheDeleteIC const): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259583 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoImplement 1GB of executable memory on arm64
sbarati@apple.com [Mon, 6 Apr 2020 18:19:52 +0000 (18:19 +0000)]
Implement 1GB of executable memory on arm64
https://bugs.webkit.org/show_bug.cgi?id=208490
<rdar://problem/60797127>

Reviewed by Keith Miller.

JSTests:

Run JetStream2 wasm tests.

* wasm.yaml:
* wasm/lowExecutableMemory/executable-memory-oom.js:

PerformanceTests:

* JetStream2/JetStreamDriver.js:
(Driver.prototype.dumpJSONResultsIfNeeded):
(DefaultBenchmark.prototype.updateUIAfterRun):
(DefaultBenchmark):
(WSLBenchmark.prototype.updateUIAfterRun):
(WSLBenchmark):
(WasmBenchmark.prototype.updateUIAfterRun):
(WasmBenchmark):
(Driver.async fetchResources.statusElement.innerHTML.a.href.string_appeared_here):
(Driver.prototype.async fetchResources):

Source/JavaScriptCore:

This patch implements the 1GB executable memory space on arm64. To make this
work, we implement jumps larger than +/-128MB to use jump islands. Jump islands
work by splitting up the ~1GB region into 9 112MB chunks (1008 MB total). Each
chunk is split into two: 96MB of executable region, and 16MB of jump island region.
With this split, any jump inside a jump island region can get to the adjacent
island (forwards or backwards) in a single +/-128MB jump. When linking a jump
from A to B, where |A - B| > 128MB, we instead point the jump to an island,
where this island has a potential series of jumps that finally lands at B.

To allocate executable memory, use a MetaAllocator for each 96MB chunk. To
allocate islands, we have a bit vector we use to track used and freed islands.
We only grow this bit vector as islands are allocated, so it frequently
remains empty or very small.

The goal of this patch is to have minimal perf impact when not using islands,
so the data structures are designed to only incur overhead when actually using
islands. We expect the use of islands to be minimal. We use a red black tree
to track all island locations. This allows us to deallocate all islands when
an executable memory handle is freed. Typically, this red black tree is empty,
so freeing an executable memory handle incurs no extra overhead.

To make islands work for Wasm, we now have to link tier up code in two phases.
Previously, we would just patch jumps concurrently to Wasm threads running after
resetting the icache, knowing that we would be able to atomically update the jump
instruction to point to the new destination. However, now when repatching these
jumps in a world with jump islands, we might need to allocate islands depending
on the jump location and its target. So we now allocate and collect the set of islands,
then reset the icache, then atomically update the branch to point to the destination
(or an island that jumps to the destination). One important implementation detail
here is that for normal island repatching, if we have a jump from A to B, and it
allocates a set if islands X, we usually can deallocate X when repatching A to go to B'.
This is because the typical repatch scenario in JS happens when that code is not being
executed. For Wasm though, those islands X might be running while we want to repatch
A to go to B'. So instead of deallocating X, we just append to X in this scenario, and
we free the new set X' when the code itself is freed.

(This patch also fixes a bug in the Wasm LLInt to BBQ tier up that I spotted,
where we would publish a LLInt callee's BBQ replacement before we finished
linking the outgoing calls of the BBQ replacement.)

This patch also removes the old "CodeProfiling" code that has been unused for
a long time.

* JavaScriptCore.xcodeproj/project.pbxproj:
* Sources.txt:
* assembler/ARM64Assembler.h:
(JSC::ARM64Assembler::b):
(JSC::ARM64Assembler::bl):
(JSC::ARM64Assembler::replaceWithJump):
(JSC::ARM64Assembler::prepareForAtomicRelinkJumpConcurrently):
(JSC::ARM64Assembler::prepareForAtomicRelinkCallConcurrently):
(JSC::ARM64Assembler::computeJumpType):
(JSC::ARM64Assembler::canEmitJump):
(JSC::ARM64Assembler::linkJumpOrCall):
(JSC::ARM64Assembler::linkCompareAndBranch):
(JSC::ARM64Assembler::linkConditionalBranch):
(JSC::ARM64Assembler::linkTestAndBranch):
* assembler/AbstractMacroAssembler.h:
(JSC::AbstractMacroAssembler::prepareForAtomicRepatchNearCallConcurrently):
* assembler/LinkBuffer.cpp:
(JSC::LinkBuffer::copyCompactAndLinkCode):
(JSC::LinkBuffer::linkCode):
(JSC::LinkBuffer::allocate):
(JSC::LinkBuffer::performFinalization):
* assembler/LinkBuffer.h:
(JSC::LinkBuffer::LinkBuffer):
(JSC::LinkBuffer::setIsJumpIsland):
* assembler/MacroAssemblerCodeRef.h:
(JSC::MacroAssemblerCodeRef::MacroAssemblerCodeRef):
* jit/ExecutableAllocator.cpp:
(JSC::initializeJITPageReservation):
(JSC::ExecutableAllocator::initializeUnderlyingAllocator):
(JSC::ExecutableAllocator::isValid const):
(JSC::ExecutableAllocator::allocate):
(JSC::ExecutableAllocator::getJumpIslandTo):
(JSC::ExecutableAllocator::getJumpIslandToConcurrently):
(JSC::FixedVMPoolExecutableAllocator::~FixedVMPoolExecutableAllocator): Deleted.
* jit/ExecutableAllocator.h:
(JSC::ExecutableAllocatorBase::allocate):
* runtime/CommonSlowPaths.cpp:
* runtime/Completion.cpp:
(JSC::evaluate):
* runtime/JSModuleLoader.cpp:
(JSC::moduleLoaderParseModule):
* runtime/OptionsList.h:
* tools/CodeProfile.cpp:
(JSC::truncateTrace): Deleted.
(JSC::CodeProfile::sample): Deleted.
(JSC::CodeProfile::report): Deleted.
* tools/CodeProfile.h:
(JSC::CodeProfile::CodeProfile): Deleted.
(JSC::CodeProfile::parent): Deleted.
(JSC::CodeProfile::addChild): Deleted.
(): Deleted.
(JSC::CodeProfile::CodeRecord::CodeRecord): Deleted.
* tools/CodeProfiling.cpp:
(JSC::setProfileTimer): Deleted.
(JSC::profilingTimer): Deleted.
(JSC::CodeProfiling::sample): Deleted.
(JSC::CodeProfiling::notifyAllocator): Deleted.
(JSC::CodeProfiling::getOwnerUIDForPC): Deleted.
(JSC::CodeProfiling::begin): Deleted.
(JSC::CodeProfiling::end): Deleted.
* tools/CodeProfiling.h:
(): Deleted.
(JSC::CodeProfiling::CodeProfiling): Deleted.
(JSC::CodeProfiling::~CodeProfiling): Deleted.
(JSC::CodeProfiling::enabled): Deleted.
(JSC::CodeProfiling::beVerbose): Deleted.
(JSC::CodeProfiling::beVeryVerbose): Deleted.
* wasm/WasmBBQPlan.cpp:
(JSC::Wasm::BBQPlan::work):
* wasm/WasmCodeBlock.h:
* wasm/WasmOMGForOSREntryPlan.cpp:
(JSC::Wasm::OMGForOSREntryPlan::work):
* wasm/WasmOMGPlan.cpp:
(JSC::Wasm::OMGPlan::work):
* wasm/WasmPlan.cpp:
(JSC::Wasm::Plan::updateCallSitesToCallUs):
* wasm/WasmPlan.h:

Source/WTF:

* wtf/MetaAllocator.cpp:
(WTF::MetaAllocatorTracker::notify):
(WTF::MetaAllocatorTracker::release):
(WTF::MetaAllocator::release):
(WTF::MetaAllocatorHandle::MetaAllocatorHandle):
(WTF::MetaAllocatorHandle::~MetaAllocatorHandle):
(WTF::MetaAllocatorHandle::shrink):
(WTF::MetaAllocator::MetaAllocator):
(WTF::MetaAllocator::allocate):
(WTF::MetaAllocator::currentStatistics):
* wtf/MetaAllocator.h:
(WTF::MetaAllocatorTracker::find):
(WTF::MetaAllocator::allocate):
(WTF::MetaAllocator::currentStatistics):
(WTF::MetaAllocator::getLock): Deleted.
* wtf/MetaAllocatorHandle.h:
(WTF::MetaAllocatorHandle::allocator):
(WTF::MetaAllocatorHandle::isManaged): Deleted.
(WTF::MetaAllocatorHandle::ownerUID): Deleted.
* wtf/PlatformEnable.h:
* wtf/RedBlackTree.h:
* wtf/StdLibExtras.h:
(WTF::constructFixedSizeArrayWithArgumentsImpl):
(WTF::constructFixedSizeArrayWithArguments):

Tools:

* Scripts/run-jsc-stress-tests:
* TestWebKitAPI/Tests/WTF/MetaAllocator.cpp:
(TestWebKitAPI::TEST_F):
* TestWebKitAPI/Tests/WTF/RedBlackTree.cpp:
(TestWebKitAPI::TEST_F):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259582 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoMake RenderObject TextStream-loggable
simon.fraser@apple.com [Mon, 6 Apr 2020 18:09:10 +0000 (18:09 +0000)]
Make RenderObject TextStream-loggable
https://bugs.webkit.org/show_bug.cgi?id=210035

Post-landing followup. More use of StringBuilder's variadic append. Have Node::debugDescription() include
its address, and have derived classes get the base class debugDescription(). Add an override in Text.

* dom/Element.cpp:
(WebCore::Element::debugDescription const):
* dom/Node.cpp:
(WebCore::Node::debugDescription const):
* dom/Text.cpp:
(WebCore::Text::debugDescription const):
(WebCore::Text::formatForDebugger const):
* dom/Text.h:
* rendering/RenderObject.cpp:
(WebCore::RenderObject::debugDescription const):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259581 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoCrashTracer: MobileSafari at WebKit: WebKit::SystemPreviewController::updateProgress
dino@apple.com [Mon, 6 Apr 2020 18:08:21 +0000 (18:08 +0000)]
CrashTracer: MobileSafari at WebKit: WebKit::SystemPreviewController::updateProgress
https://bugs.webkit.org/show_bug.cgi?id=210040
rdar://51410841

Reviewed by Darin Adler.

It appears that the SystemPreviewController on WebPageProxy can
become null causing a call to an in-progress download to crash
as it tries to talk to the QuickLook delegate. Guard against this
by checking the SystemPreviewController each time.

* UIProcess/Cocoa/DownloadClient.mm:
(WebKit::systemPreviewController):
(WebKit::DownloadClient::didReceiveResponse):
(WebKit::DownloadClient::didReceiveData):
(WebKit::DownloadClient::processDidCrash):
(WebKit::DownloadClient::didFinish):
(WebKit::DownloadClient::didFail):
(WebKit::DownloadClient::didCancel):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259580 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoProcessAssertion should use ASCIILiteral for its reason
cdumez@apple.com [Mon, 6 Apr 2020 18:07:25 +0000 (18:07 +0000)]
ProcessAssertion should use ASCIILiteral for its reason
https://bugs.webkit.org/show_bug.cgi?id=210049

Reviewed by Alex Christensen.

ProcessAssertion should use ASCIILiteral for its reason, instead of a String.

* Shared/ios/DependencyProcessAssertionIOS.mm:
(WebKit::DependencyProcessAssertion::DependencyProcessAssertion):
* UIProcess/ProcessAssertion.cpp:
(WebKit::ProcessAssertion::ProcessAssertion):
* UIProcess/ProcessAssertion.h:
* UIProcess/ios/ProcessAssertionIOS.mm:
(WebKit::ProcessAssertion::ProcessAssertion):
(WebKit::ProcessAndUIAssertion::ProcessAndUIAssertion):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259579 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 months agoThe change of zoom shouldn't affect ResizeObserverSize
cathiechen@igalia.com [Mon, 6 Apr 2020 17:47:38 +0000 (17:47 +0000)]
The change of zoom shouldn't affect ResizeObserverSize
https://bugs.webkit.org/show_bug.cgi?id=209947

Reviewed by Simon Fraser.

Source/WebCore:

Zoom in/out shouldn't affect ResizeObserverSize. Use adjustLayoutUnitForAbsoluteZoom instead.

Test: imported/w3c/web-platform-tests/resize-observer/resize-observer-with-zoom.html

* page/ResizeObservation.cpp:
(WebCore::ResizeObservation::computeObservedSize const):

LayoutTests:

Add test for resizeObserver with zoom. The ResizeObserverSize shouldn't be effected by zooms.

* resize-observer/resize-observer-with-zoom-expected.txt: Added.
* resize-observer/resize-observer-with-zoom.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@259578 268f45cc-cd09-0410-ab3c-d52691b4dbfc