WebKit-https.git
16 months agoEditors should not automatically trim trailing whitespace.
mark.lam@apple.com [Thu, 4 Jun 2020 19:02:47 +0000 (19:02 +0000)]
Editors should not automatically trim trailing whitespace.
https://bugs.webkit.org/show_bug.cgi?id=212763

Reviewed by Yusuke Suzuki.

Doing so would force a lot of unnecessary code changes and make patches hard to
review.  It is common WebKit practice to not make unrelated changes in patches.

* .editorconfig:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262555 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[ iOS wk2 ] animations/play-state-paused.html is flaky failing.
graouts@webkit.org [Thu, 4 Jun 2020 18:28:17 +0000 (18:28 +0000)]
[ iOS wk2 ] animations/play-state-paused.html is flaky failing.
https://bugs.webkit.org/show_bug.cgi?id=212641
<rdar://problem/63879230>

Reviewed by Dean Jackson.

Rewrite this test to use the AnimationTest helper that will non-flakily check animated values while an animation is running.

* animations/play-state-paused-expected.txt:
* animations/play-state-paused.html:
* platform/ios-wk2/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262548 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[iOS] Validate index parameter in PlatformPasteboard
cdumez@apple.com [Thu, 4 Jun 2020 18:06:57 +0000 (18:06 +0000)]
[iOS] Validate index parameter in PlatformPasteboard
https://bugs.webkit.org/show_bug.cgi?id=212713
<rdar://problem/60068765>

Reviewed by Alex Christensen.

Follow-up to r262529 to also make sure that the index is not negative after
casting to NSInteger.

* platform/ios/PlatformPasteboardIOS.mm:
(WebCore::PlatformPasteboard::readBuffer const):
(WebCore::PlatformPasteboard::readString const):
(WebCore::PlatformPasteboard::readURL const):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262547 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[Cocoa] Adopt read-only mode for preferences in the WebContent process
pvollan@apple.com [Thu, 4 Jun 2020 18:04:38 +0000 (18:04 +0000)]
[Cocoa] Adopt read-only mode for preferences in the WebContent process
https://bugs.webkit.org/show_bug.cgi?id=212411
Source/WebCore/PAL:

Reviewed by Darin Adler.

* pal/spi/cf/CFUtilitiesSPI.h:

Source/WebKit:

<rdar://problem/63640788>

Reviewed by Darin Adler.

The WebContent process should never write preferences. Adopt read-only mode for preferences.
This will fix some sandbox violations when the UI process is notifying the WebContent process
about preference changes. When notified, the WebContent process will use the preferences API
to write those preferences in-process, but there should be no attempt at writing these new
values to disk, which this patch will ensure.

No new tests, since this is fixing a benign sandbox violation.

* Shared/EntryPointUtilities/Cocoa/XPCService/XPCServiceMain.mm:
(WebKit::XPCServiceMain):

Source/WTF:

Reviewed by Darin Adler.

Create HAVE define indicating support for read-only preference SPI.

* wtf/PlatformHave.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262546 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[EME][GStreamer] cdmProxyAttached does not need to force a bump ref in the signature
calvaris@igalia.com [Thu, 4 Jun 2020 17:33:24 +0000 (17:33 +0000)]
[EME][GStreamer] cdmProxyAttached does not need to force a bump ref in the signature
https://bugs.webkit.org/show_bug.cgi?id=212754

Reviewed by Philippe Normand.

cdmProxyAttached is currently receiving a RefPtr<CDMProxy> in the
signature, what causes a ref bump when the function is called. A
const RefPtr<CDMProxy>& is more suitable cause the reference is
already bumped when the CDMProxy assigned in the decryptor
attribute.

No new tests, just a rework.

* platform/graphics/gstreamer/eme/WebKitClearKeyDecryptorGStreamer.cpp:
(cdmProxyAttached):
* platform/graphics/gstreamer/eme/WebKitCommonEncryptionDecryptorGStreamer.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262545 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoUpdate test262 to commit 290ceba31fea
shvaikalesh@gmail.com [Thu, 4 Jun 2020 17:15:39 +0000 (17:15 +0000)]
Update test262 to commit 290ceba31fea
https://bugs.webkit.org/show_bug.cgi?id=212752

Reviewed by Ross Kirsling.

* test262/config.yaml: Unskip tests fixed in r260990.
* test262/expectations.yaml:
* test262/latest-changes-summary.txt:
* test262/test/*: Updated.
* test262/test262-Revision.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262544 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[iOS] The WebContent process should be allowed to consume an extension to the running...
pvollan@apple.com [Thu, 4 Jun 2020 16:51:02 +0000 (16:51 +0000)]
[iOS] The WebContent process should be allowed to consume an extension to the runningboard service
https://bugs.webkit.org/show_bug.cgi?id=212753
<rdar://problem/63948859>

Reviewed by Chris Dumez.

The WebContent process on iOS is failing to consume an extension to the runningboard service, because it is not allowed to do so.

* Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262543 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoWork around broken system version macro
timothy_horton@apple.com [Thu, 4 Jun 2020 16:08:44 +0000 (16:08 +0000)]
Work around broken system version macro
https://bugs.webkit.org/show_bug.cgi?id=212726

Reviewed by Dan Bernstein.

Source/bmalloc:

* Configurations/DebugRelease.xcconfig:

Source/JavaScriptCore:

* Configurations/DebugRelease.xcconfig:

Source/ThirdParty/ANGLE:

* Configurations/DebugRelease.xcconfig:

Source/ThirdParty/libwebrtc:

* Configurations/DebugRelease.xcconfig:

Source/WebCore:

* Configurations/DebugRelease.xcconfig:

Source/WebCore/PAL:

* Configurations/DebugRelease.xcconfig:

Source/WebInspectorUI:

* Configurations/DebugRelease.xcconfig:

Source/WebKit:

* Configurations/DebugRelease.xcconfig:

Source/WebKitLegacy/mac:

* Configurations/DebugRelease.xcconfig:

Source/WTF:

* Configurations/DebugRelease.xcconfig:

Tools:

* ContentExtensionTester/Configurations/DebugRelease.xcconfig:
* DumpRenderTree/mac/Configurations/DebugRelease.xcconfig:
* ImageDiff/cg/Configurations/DebugRelease.xcconfig:
* MiniBrowser/Configurations/DebugRelease.xcconfig:
* TestWebKitAPI/Configurations/DebugRelease.xcconfig:
* WebEditingTester/Configurations/DebugRelease.xcconfig:
* WebKitTestRunner/Configurations/DebugRelease.xcconfig:
* lldb/lldbWebKitTester/Configurations/DebugRelease.xcconfig:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262542 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[watchOS] Re-enable content filtering in the simulator build
aestes@apple.com [Thu, 4 Jun 2020 16:02:13 +0000 (16:02 +0000)]
[watchOS] Re-enable content filtering in the simulator build
https://bugs.webkit.org/show_bug.cgi?id=212711
<rdar://problem/63938350>

Reviewed by Wenson Hsieh.

Source/JavaScriptCore:

* Configurations/FeatureDefines.xcconfig:

Source/WebCore:

* Configurations/FeatureDefines.xcconfig:

Source/WebCore/PAL:

* Configurations/FeatureDefines.xcconfig:

Source/WebKit:

* Configurations/FeatureDefines.xcconfig:

Source/WebKitLegacy/mac:

* Configurations/FeatureDefines.xcconfig:

Source/WTF:

* wtf/PlatformHave.h:

Tools:

* TestWebKitAPI/Configurations/FeatureDefines.xcconfig:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262541 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoReset fragment line info when the relatively positioned inline box becomes static...
zalan@apple.com [Thu, 4 Jun 2020 15:49:50 +0000 (15:49 +0000)]
Reset fragment line info when the relatively positioned inline box becomes static with block child.
https://bugs.webkit.org/show_bug.cgi?id=212724
<rdar://problem/62847534>

Reviewed by Simon Fraser.

adjustFragmentedFlowStateOnContainingBlockChangeIfNeeded was missing the case when the
block container was inside an inline box. It happens when the inline box is relatively positioned while the
child block box is absolutely positioned.
RenderFragmentedFlow keeps track of the associated root lineboxes in m_lineToFragmentMap.
In adjustFragmentedFlowStateOnContainingBlockChangeIfNeeded, when the block is no longer part of the fragment
we remove these cached lineboxes from the m_lineToFragmentMap.
This patch fixes the case when the cached lineboxes are generated by a child block box.

* rendering/RenderElement.cpp:
(WebCore::RenderElement::adjustFragmentedFlowStateOnContainingBlockChangeIfNeeded):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262540 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoResync web-platform-tests/2dcontext from upstream
cdumez@apple.com [Thu, 4 Jun 2020 15:07:11 +0000 (15:07 +0000)]
Resync web-platform-tests/2dcontext from upstream
https://bugs.webkit.org/show_bug.cgi?id=212639

Reviewed by Youenn Fablet.

LayoutTests/imported/w3c:

Resync web-platform-tests/2dcontext from upstream d3ea88514a93b7b6968.

* resources/import-expectations.json:
* resources/resource-files.json:
* web-platform-tests/2dcontext/*: Removed.
* web-platform-tests/html/canvas/element/*: Added.
* web-platform-tests/html/canvas/resources/*: Added.
* web-platform-tests/html/canvas/tools/*: Added.

LayoutTests:

* TestExpectations:
* canvas/philip/tests/2d.drawImage.incomplete.emptysrc.html:
* canvas/philip/tests/2d.drawImage.incomplete.nosrc.html:
* canvas/philip/tests/2d.drawImage.incomplete.removedsrc.html:
* canvas/philip/tests/2d.pattern.image.incomplete.emptysrc.html:
* canvas/philip/tests/2d.pattern.image.incomplete.removedsrc.html:
* gpu-process/TestExpectations:
* platform/glib/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-drawImage-expected.txt: Removed.
* platform/glib/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-flipY-expected.txt: Removed.
* platform/glib/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-invalid-args-expected.txt: Removed.
* platform/glib/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-origin.sub-expected.txt: Removed.
* platform/glib/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-transfer-expected.txt: Removed.
* platform/gtk/TestExpectations:
* platform/gtk/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-serializable-expected.txt: Removed.
* platform/ios-simulator/TestExpectations:
* platform/ios-wk2/TestExpectations:
* platform/ios/TestExpectations:
* platform/ios/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-invalid-args-expected.txt: Removed.
* platform/mac/TestExpectations:
* platform/mac/imported/w3c/web-platform-tests/2dcontext/line-styles/2d.line.cap.round-expected.txt: Removed.
* platform/win/TestExpectations:
* platform/wpe/TestExpectations:
* platform/wpe/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-serializable-expected.txt: Removed.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262539 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoITP SQLite Database should only vacuum once per day
katherine_cheney@apple.com [Thu, 4 Jun 2020 15:03:04 +0000 (15:03 +0000)]
ITP SQLite Database should only vacuum once per day
https://bugs.webkit.org/show_bug.cgi?id=212712
<rdar://problem/63939711>

Reviewed by Brent Fulgham.

Currently the SQLite Database runs a vacuum command each time statistics
are processed. This is probably too frequent, because the database
rarely needs to delete large amounts of data. We can cut this down to once a day.

* NetworkProcess/Classifier/ResourceLoadStatisticsDatabaseStore.cpp:
* NetworkProcess/Classifier/ResourceLoadStatisticsDatabaseStore.h:
* NetworkProcess/Classifier/WebResourceLoadStatisticsStore.cpp:
(WebKit::WebResourceLoadStatisticsStore::performDailyTasks):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262538 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[GLIB][GTK] Gardening, update test expectations and baselines after r262525
dpino@igalia.com [Thu, 4 Jun 2020 14:46:16 +0000 (14:46 +0000)]
[GLIB][GTK] Gardening, update test expectations and baselines after r262525
https://bugs.webkit.org/show_bug.cgi?id=212751

Unreviewed gardening.

* platform/glib/TestExpectations:
* platform/glib/imported/w3c/web-platform-tests/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-same-none-block-expected.txt: Added after r262312.
* platform/glib/imported/w3c/web-platform-tests/content-security-policy/frame-ancestors/frame-ancestors-nested-cross-in-same-self-block-expected.txt: Added after r262312.
* platform/glib/imported/w3c/web-platform-tests/content-security-policy/frame-ancestors/frame-ancestors-nested-same-in-same-self-allow-expected.txt: Added after r262312.
* platform/glib/imported/w3c/web-platform-tests/websockets/unload-a-document/002-expected.txt: Removed after r262312.
* platform/glib/imported/w3c/web-platform-tests/websockets/unload-a-document/004-expected.txt: Removed after r262312.
* platform/gtk/TestExpectations:
* platform/gtk/imported/w3c/web-platform-tests/encoding/single-byte-decoder-expected.txt: Added after r262235.
* platform/gtk/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-video-element/resize-during-playback-expected.txt: Removed after r262254.
* platform/gtk/js/dom/dom-static-property-for-in-iteration-expected.txt: Updated after r262235.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262537 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoUnreviewed, reverting r262527 and r262531.
jacob_uphoff@apple.com [Thu, 4 Jun 2020 14:44:50 +0000 (14:44 +0000)]
Unreviewed, reverting r262527 and r262531.

The commit 262527 caused over 100 web platform tests to fail
and 262531 edited the file after

Reverted changesets:

"Resync web-platform-tests/2dcontext from upstream"
https://bugs.webkit.org/show_bug.cgi?id=212639
https://trac.webkit.org/changeset/262527

"[GTK][WPE] Gardening, temporarily disable offscreen-canvas
tests"
https://bugs.webkit.org/show_bug.cgi?id=212738
https://trac.webkit.org/changeset/262531

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262536 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoSpeculativeJIT::compileDateGet()'s slow path does not need an exception check.
mark.lam@apple.com [Thu, 4 Jun 2020 14:40:48 +0000 (14:40 +0000)]
SpeculativeJIT::compileDateGet()'s slow path does not need an exception check.
https://bugs.webkit.org/show_bug.cgi?id=212645

Reviewed by Yusuke Suzuki.

SpeculativeJIT::compileDateGet() implements a bunch of Date intrinsics which call
into a C++ operation function do their work.  However, the call to these operation
functions were done using a slow path generator configured to automatically
emit exception checks after the call.  These exception checks are unneeded because
those functions will not throw any exceptions.

This issue was found with JSC stress test runs on a debug build.  The doesGC
verifier was failing on the exceptionFuzz/date-format-xparb.js test.  The reason
is because doesGC does not expect any these Date intrinsics to throw any exceptions,
but SpeculativeJIT was emitting the unneeded exception checks there.  These
exception check sites get turned into throw sites by the exceptionFuzzer, and
they allocate an Error object there.  This allocation made the doesGC verifier
not happy.

This patch fixes this issue by changing SpeculativeJIT::compileDateGet() to
pass ExceptionCheckRequirement::CheckNotNeeded to the slow path generator.

The patch also proves that all the operation functions cannot throw any exceptions.
Previously, the operations passes a VM& to the Date functions.  The purpose for
doing this is so that the Date functions can work with a few date cache data
structures stored as VM fields.

This patch refactors those VM fields into a VM::DateCache struct, and changed all
those Date functions to take a VM::DateCache& instead of a VM&.  Since the Date
functions no longer take a VM&, this proves that they cannot throw because they
would need a VM& to make a ThrowScope in order to throw.

Update: Yusuke pointed out that the lack of a JSGlobalObject* argument is sufficient
to guarantee that the Date functions cannot throw.  However, we'll keep this
DateCache refactoring since it provides additional info that the Date functions
only operate on the DateCache fields and nothing else in VM.

Also removed DFG::JITCompile's fastExceptionCheck() which is unused.

* dfg/DFGJITCompiler.h:
(JSC::DFG::JITCompiler::fastExceptionCheck): Deleted.
* dfg/DFGOperations.cpp:
* dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compileDateGet):
* runtime/DateConstructor.cpp:
(JSC::millisecondsFromComponents):
(JSC::callDate):
* runtime/DateInstance.cpp:
(JSC::DateInstance::calculateGregorianDateTime const):
(JSC::DateInstance::calculateGregorianDateTimeUTC const):
* runtime/DateInstance.h:
* runtime/DatePrototype.cpp:
(JSC::formatLocaleDate):
(JSC::formateDateInstance):
(JSC::dateProtoFuncToISOString):
(JSC::dateProtoFuncGetFullYear):
(JSC::dateProtoFuncGetUTCFullYear):
(JSC::dateProtoFuncGetMonth):
(JSC::dateProtoFuncGetUTCMonth):
(JSC::dateProtoFuncGetDate):
(JSC::dateProtoFuncGetUTCDate):
(JSC::dateProtoFuncGetDay):
(JSC::dateProtoFuncGetUTCDay):
(JSC::dateProtoFuncGetHours):
(JSC::dateProtoFuncGetUTCHours):
(JSC::dateProtoFuncGetMinutes):
(JSC::dateProtoFuncGetUTCMinutes):
(JSC::dateProtoFuncGetSeconds):
(JSC::dateProtoFuncGetUTCSeconds):
(JSC::dateProtoFuncGetTimezoneOffset):
(JSC::setNewValueFromTimeArgs):
(JSC::setNewValueFromDateArgs):
(JSC::dateProtoFuncSetYear):
(JSC::dateProtoFuncGetYear):
* runtime/JSDateMath.cpp:
(JSC::localTimeOffset):
(JSC::gregorianDateTimeToMS):
(JSC::msToGregorianDateTime):
(JSC::parseDate):
* runtime/JSDateMath.h:
* runtime/VM.cpp:
(JSC::VM::resetDateCache):
* runtime/VM.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262535 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoFix 32bit build broken at r262513
pmatos@igalia.com [Thu, 4 Jun 2020 13:37:34 +0000 (13:37 +0000)]
Fix 32bit build broken at r262513
https://bugs.webkit.org/show_bug.cgi?id=212735

Unreviewed Gardening.

Proper fix is being worked out under https://bugs.webkit.org/show_bug.cgi?id=212734

* dfg/DFGOSRExit.cpp:
(JSC::DFG::OSRExit::compileExit):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262534 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoMinor optimisation to RemoteAudioBusData::decode
youenn@apple.com [Thu, 4 Jun 2020 13:24:07 +0000 (13:24 +0000)]
Minor optimisation to RemoteAudioBusData::decode
https://bugs.webkit.org/show_bug.cgi?id=212692

Reviewed by Eric Carlson.

* WebProcess/GPU/media/RemoteAudioBusData.h:
(WebKit::RemoteAudioBusData::decode):
Use releaseNonNull to remove some count churn.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262533 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoRead MediaPlayerPrivateMediaStreamAVFObjC::m_canEnqueueDisplayLayer after the lock
youenn@apple.com [Thu, 4 Jun 2020 13:01:35 +0000 (13:01 +0000)]
Read MediaPlayerPrivateMediaStreamAVFObjC::m_canEnqueueDisplayLayer after the lock
https://bugs.webkit.org/show_bug.cgi?id=212693

Reviewed by Eric Carlson.

In case destroyLayers is called and shortly after ensureLayers is also called, the m_canEnqueueDisplayLayer check in enqueueVideoSample
might be bypassed. Make sure to lock before checking m_canEnqueueDisplayLayer in enqueueVideoSample.
For good measure, set m_canEnqueueDisplayLayer to false after locking in destroyLayers.

* platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::enqueueVideoSample):
(WebCore::MediaPlayerPrivateMediaStreamAVFObjC::destroyLayers):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262532 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[GTK][WPE] Gardening, temporarily disable offscreen-canvas tests
dpino@igalia.com [Thu, 4 Jun 2020 10:35:43 +0000 (10:35 +0000)]
[GTK][WPE] Gardening, temporarily disable offscreen-canvas tests
https://bugs.webkit.org/show_bug.cgi?id=212738

Unreviewed gardening.

The test started failing after r262527. Disable the tests temporarily
to let the test bots pass.

* platform/gtk/TestExpectations:
* platform/wpe/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262531 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[Flatpak SDK] Update definitions
commit-queue@webkit.org [Thu, 4 Jun 2020 08:47:54 +0000 (08:47 +0000)]
[Flatpak SDK] Update definitions
https://bugs.webkit.org/show_bug.cgi?id=212698

Patch by Philippe Normand <pnormand@igalia.com> on 2020-06-04
Reviewed by Žan Doberšek.

* buildstream/elements/freedesktop-sdk.bst: Update to FDO 19.08.11
* buildstream/elements/sdk/gtk.bst: Update GTK4
* buildstream/patches/fdo/0001-Pango-Bump-to-1.45-master.patch: Added. Needed for GTK4
* buildstream/patches/fdo/0001-Add-Jack.patch: Removed. This will be used when we update to the 20.08 FDO SDK.
* buildstream/patches/fdo/0001-components-xdg-desktop-portal.bst-Update-to-1.6.0.patch: Removed. Ditto.
* buildstream/patches/fdo/0002-Update-PipeWire-to-0.3.1.patch: Removed. Ditto.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262530 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[iOS] Validate index parameter in PlatformPasteboard
cdumez@apple.com [Thu, 4 Jun 2020 02:25:30 +0000 (02:25 +0000)]
[iOS] Validate index parameter in PlatformPasteboard
https://bugs.webkit.org/show_bug.cgi?id=212713
<rdar://problem/60068765>

Reviewed by Wenson Hsieh.

Validate index parameter in PlatformPasteboard, before calling [NSIndexSet indexSetWithIndex:].
Per documentation, index needs to be in the range [0 .. NSNotFound-1].

* platform/ios/PlatformPasteboardIOS.mm:
(WebCore::PlatformPasteboard::readBuffer const):
(WebCore::PlatformPasteboard::readString const):
(WebCore::PlatformPasteboard::readURL const):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262529 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[Apple Pay] Add new values for -apple-pay-button-type
aestes@apple.com [Thu, 4 Jun 2020 01:57:38 +0000 (01:57 +0000)]
[Apple Pay] Add new values for -apple-pay-button-type
https://bugs.webkit.org/show_bug.cgi?id=212684
<rdar://problem/63908535>

Reviewed by Anders Carlsson.

Source/WebCore:

Where available, added new values for -apple-pay-button-type and introduced ApplePaySession v10.

New test: http/tests/ssl/applepay/ApplePayButton.html

* Modules/applepay/PaymentCoordinatorClient.cpp:
(WebCore::PaymentCoordinatorClient::supportsVersion):
* accessibility/AccessibilityRenderObject.cpp:
(WebCore::AccessibilityRenderObject::applePayButtonDescription const):
* css/CSSPrimitiveValueMappings.h:
(WebCore::CSSPrimitiveValue::CSSPrimitiveValue):
(WebCore::CSSPrimitiveValue::operator ApplePayButtonType const):
* css/CSSValueKeywords.in:
* css/parser/CSSParserFastPaths.cpp:
(WebCore::CSSParserFastPaths::isValidKeywordPropertyAndValue):
* en.lproj/Localizable.strings:
* platform/LocalizedStrings.cpp:
(WebCore::AXApplePayReloadLabel):
(WebCore::AXApplePayAddMoneyLabel):
(WebCore::AXApplePayTopUpLabel):
(WebCore::AXApplePayOrderLabel):
(WebCore::AXApplePayRentLabel):
(WebCore::AXApplePaySupportLabel):
(WebCore::AXApplePayContributeLabel):
(WebCore::AXApplePayTipLabel):
* platform/LocalizedStrings.h:
* rendering/RenderThemeCocoa.mm:
(WebCore::toPKPaymentButtonType):
* rendering/style/RenderStyleConstants.cpp:
(WebCore::operator<<):
* rendering/style/RenderStyleConstants.h:
* rendering/style/StyleRareNonInheritedData.h:

Source/WTF:

* wtf/PlatformEnableCocoa.h:

LayoutTests:

* http/tests/ssl/applepay/ApplePayButton-expected.txt: Added.
* http/tests/ssl/applepay/ApplePayButton.html:
* http/tests/ssl/applepay/ApplePayButtonV4.html: Removed.
* platform/mac/http/tests/ssl/applepay/ApplePayButton-expected.png: Removed.
* platform/mac/http/tests/ssl/applepay/ApplePayButton-expected.txt: Removed.
* platform/mac/http/tests/ssl/applepay/ApplePayButtonV4-expected.png: Removed.
* platform/mac/http/tests/ssl/applepay/ApplePayButtonV4-expected.txt: Removed.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262528 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoResync web-platform-tests/2dcontext from upstream
cdumez@apple.com [Thu, 4 Jun 2020 01:05:36 +0000 (01:05 +0000)]
Resync web-platform-tests/2dcontext from upstream
https://bugs.webkit.org/show_bug.cgi?id=212639

Reviewed by Youenn Fablet.

LayoutTests/imported/w3c:

Resync web-platform-tests/2dcontext from upstream d3ea88514a93b7b6968.

* resources/import-expectations.json:
* resources/resource-files.json:
* web-platform-tests/2dcontext/*: Removed.
* web-platform-tests/html/canvas/element/*: Added.
* web-platform-tests/html/canvas/resources/*: Added.
* web-platform-tests/html/canvas/tools/*: Added.

LayoutTests:

* TestExpectations:
* canvas/philip/tests/2d.drawImage.incomplete.emptysrc.html:
* canvas/philip/tests/2d.drawImage.incomplete.nosrc.html:
* canvas/philip/tests/2d.drawImage.incomplete.removedsrc.html:
* canvas/philip/tests/2d.pattern.image.incomplete.emptysrc.html:
* canvas/philip/tests/2d.pattern.image.incomplete.removedsrc.html:
* gpu-process/TestExpectations:
* platform/glib/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-drawImage-expected.txt: Removed.
* platform/glib/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-flipY-expected.txt: Removed.
* platform/glib/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-invalid-args-expected.txt: Removed.
* platform/glib/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-origin.sub-expected.txt: Removed.
* platform/glib/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-transfer-expected.txt: Removed.
* platform/gtk/TestExpectations:
* platform/gtk/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-serializable-expected.txt: Removed.
* platform/ios-simulator/TestExpectations:
* platform/ios-wk2/TestExpectations:
* platform/ios/TestExpectations:
* platform/ios/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-invalid-args-expected.txt: Removed.
* platform/mac/TestExpectations:
* platform/mac/imported/w3c/web-platform-tests/2dcontext/line-styles/2d.line.cap.round-expected.txt: Removed.
* platform/win/TestExpectations:
* platform/wpe/TestExpectations:
* platform/wpe/imported/w3c/web-platform-tests/2dcontext/imagebitmap/createImageBitmap-serializable-expected.txt: Removed.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262527 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[watchOS] fast/events/watchos/change-focus-during-change-event.html crashes
wenson_hsieh@apple.com [Thu, 4 Jun 2020 00:25:02 +0000 (00:25 +0000)]
[watchOS] fast/events/watchos/change-focus-during-change-event.html crashes
https://bugs.webkit.org/show_bug.cgi?id=212722
<rdar://problem/60633339>

Reviewed by Andy Estes.

When HAVE(QUICKBOARD_COLLECTION_VIEWS) is enabled, the codepath that's used to simulate interacting with the
select menu view controller on watchOS will crash, since it tries to pretend that the user has selected an item
in a table view section (`PUICQuickboardListSectionTextOptions`) that only exists when Quickboard collection
views are disabled. Fix the crash by adjusting the testing codepath to select the item in the first section when
HAVE(QUICKBOARD_COLLECTION_VIEWS) is defined.

* UIProcess/ios/forms/WKSelectMenuListViewController.mm:
(-[WKSelectMenuListViewController selectItemAtIndex:]):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262526 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoInserted text placeholder should vertically align to top and behave like block-level...
dbates@webkit.org [Thu, 4 Jun 2020 00:01:55 +0000 (00:01 +0000)]
Inserted text placeholder should vertically align to top and behave like block-level element when it has 0 width
https://bugs.webkit.org/show_bug.cgi?id=212716
<rdar://problem/62672479>

Reviewed by Darin Adler.

Source/WebCore:

Refine the appearance of a text placeholder based on feedback:
    1. If the width of the placeholder is 0 then put it on its own line. This is accomplished by making it
       CSS "display: block".
    2. Vertically align the placeholder with the top of the line.

Both of these refinements are to make the rendering more like TextKit's rendering.

Tests: editing/text-placeholder/insert-into-content-editable-non-zero-width-and-height.html
       editing/text-placeholder/insert-into-content-editable-zero-width.html

* html/shadow/TextPlaceholderElement.cpp:

LayoutTests:

Add tests.

* editing/text-placeholder/insert-into-content-editable-non-zero-width-and-height-expected.html: Added.
* editing/text-placeholder/insert-into-content-editable-non-zero-width-and-height.html: Added.
* editing/text-placeholder/insert-into-content-editable-zero-width-expected.html: Added.
* editing/text-placeholder/insert-into-content-editable-zero-width.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262525 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoRelease Assert @ WebCore::RenderTreeBuilder::RenderTreeBuilder
commit-queue@webkit.org [Wed, 3 Jun 2020 23:22:39 +0000 (23:22 +0000)]
Release Assert @ WebCore::RenderTreeBuilder::RenderTreeBuilder
https://bugs.webkit.org/show_bug.cgi?id=212714

Patch by Pinki Gyanchandani <pgyanchandani@apple.com> on 2020-06-03
Reviewed by Geoffrey Garen.

Source/WebCore:

Widget removal in the middle of building a Render Tree causes side effects, leading to Release Assert. Moved the scope for suspension of widgets
update to RenderTreeBuilder instead of having it in RenderTreeUpdater.

Also made sure that the WidgetHierarchyUpdatesSuspensionScope::moveWidgets() should handle all widgets scheduled to move, including new widgets
scheduled during moveWidgets().

Test: fast/rendering/widget-removal-in-render-tree-builder-crash.html

* rendering/RenderWidget.cpp:
(WebCore::WidgetHierarchyUpdatesSuspensionScope::moveWidgets):
* rendering/updating/RenderTreeBuilder.h:
* rendering/updating/RenderTreeUpdater.cpp:
(WebCore::RenderTreeUpdater::tearDownRenderers):

LayoutTests:

Added a regression test.

* fast/rendering/widget-removal-in-render-tree-builder-crash-expected.txt: Added.
* fast/rendering/widget-removal-in-render-tree-builder-crash.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262524 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoDisable B3 hoistLoopInvariantValues by default
tzagallo@apple.com [Wed, 3 Jun 2020 23:18:30 +0000 (23:18 +0000)]
Disable B3 hoistLoopInvariantValues by default
https://bugs.webkit.org/show_bug.cgi?id=212511
<rdar://problem/63813245>

Reviewed by Mark Lam.

JSTests:

* microbenchmarks/interpreter-wasm.js: Added.
(key.in.Module.Module.hasOwnProperty):
(quit_):
(locateFile):
(ENVIRONMENT_IS_NODE.read_):
(ENVIRONMENT_IS_NODE.readBinary):
(ENVIRONMENT_IS_NODE.quit_):
(ENVIRONMENT_IS_NODE.Module.string_appeared_here):
(else.read_):
(else.readBinary):
(else.quit_):
(else):
(else.xhr.onload):
(else.readAsync):
(else.setWindowTitle):
(key.in.moduleOverrides.moduleOverrides.hasOwnProperty):
(dynamicAlloc):
(getNativeTypeSize):
(warnOnce):
(convertJsFunctionToWasm):
(addFunctionWasm):
(removeFunctionWasm):
(setTempRet0):
(setValue):
(assert):
(getCFunc):
(toC.string_appeared_here):
(convertReturnValue):
(ccall):
(UTF8ArrayToString):
(UTF8ToString):
(stringToUTF8Array):
(stringToUTF8):
(lengthBytesUTF8):
(allocateUTF8OnStack):
(writeArrayToMemory):
(writeAsciiToMemory):
(updateGlobalBufferAndViews):
(callRuntimeCallbacks):
(preRun):
(initRuntime):
(preMain):
(exitRuntime):
(postRun):
(addOnPreRun):
(addOnPostRun):
(addRunDependency):
(removeRunDependency):
(hasPrefix):
(isDataURI):
(isFileURI):
(getBinary):
(getBinaryPromise):
(createWasm.receiveInstance):
(createWasm.receiveInstantiatedSource):
(createWasm.instantiateArrayBuffer):
(createWasm.instantiateAsync.):
(createWasm.instantiateAsync):
(createWasm):
(__ATINIT__.push.func):
(demangle):
(demangleAll):
(_emscripten_get_sbrk_ptr):
(_emscripten_memcpy_big):
(abortOnCannotGrowMemory):
(_emscripten_resize_heap):
(PATH.splitPath):
(PATH.normalizeArray):
(PATH.normalize):
(PATH.dirname):
(PATH.basename):
(PATH.extname):
(PATH.join):
(PATH.join2):
(SYSCALLS.printChar):
(SYSCALLS.getStr):
(SYSCALLS.get64):
(_fd_write):
(_setTempRet0):
(___wasm_call_ctors.Module.string_appeared_here):
(_main.Module.string_appeared_here):
(_malloc.Module.string_appeared_here):
(___errno_location.Module.string_appeared_here):
(_free.Module.string_appeared_here):
(stackSave.Module.string_appeared_here):
(stackAlloc.Module.string_appeared_here):
(stackRestore.Module.string_appeared_here):
(__growWasmMemory.Module.string_appeared_here):
(dynCall_ii.Module.string_appeared_here):
(dynCall_iiii.Module.string_appeared_here):
(dynCall_jiji.Module.string_appeared_here):
(ExitStatus):
(dependenciesFulfilled):
(callMain):
(run.doRun):
(run):
(exit):
* microbenchmarks/interpreter-wasm.wasm: Added.

Source/JavaScriptCore:

The hoistLoopInvariantValues optimization in B3 does not calculate the cost of hoisting the candidates.
For example, in the test case provided with the bug, a switch inside a loop can lead to hoisting the body
of several switch cases which would never be executed. Other than leading to worse runtime, this also
increases the pressure in the register allocate, leading to worse compile times (~10x worse in this case).
I have added a FIXME to consider adding cost calculation and re-enabling this pass, but given that we
already have LICM in DFG, it should be ok to disable it for now.

* b3/B3Generate.cpp:
(JSC::B3::generateToAir):
* runtime/OptionsList.h:

Tools:

Enable the B3 hoistLoopInvariantValues pass in one of our existing configurations to
avoid bit rot since we'd like to re-enable it eventually.

* Scripts/run-jsc-stress-tests:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262523 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[ macOS wk1 debug ] svg/custom/textPath-change-id.svg is a flaky failure
jacob_uphoff@apple.com [Wed, 3 Jun 2020 22:55:34 +0000 (22:55 +0000)]
[ macOS wk1 debug ] svg/custom/textPath-change-id.svg is a flaky failure
https://bugs.webkit.org/show_bug.cgi?id=212721

Unreviewed test gardening.

* platform/mac-wk2/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262518 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoGardening: fix broken Windows debug build.
mark.lam@apple.com [Wed, 3 Jun 2020 22:15:59 +0000 (22:15 +0000)]
Gardening: fix broken Windows debug build.
https://bugs.webkit.org/show_bug.cgi?id=212680

Not reviewed.

* dfg/DFGDoesGCCheck.cpp:
(JSC::DFG::DoesGCCheck::verifyCanGC):
* dfg/DFGDoesGCCheck.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262517 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoRefactor long press test to reflect current behaviour.
megan_gardner@apple.com [Wed, 3 Jun 2020 21:34:30 +0000 (21:34 +0000)]
Refactor long press test to reflect current behaviour.
https://bugs.webkit.org/show_bug.cgi?id=212709
<rdar://problem/59572126>

Reviewed by Wenson Hsieh.

Previously, if you long pressed on editable content, the selection assistant would be triggered
in the wrong mode and you could not modify or interact with the selection. With changes and
refactors that have happened in UIKit and WebKit, the selection can be interacted with
correctly inside of an editable area. We should now allow and test for this behavior.

* fast/events/touch/ios/long-press-on-editable-expected.txt:
* fast/events/touch/ios/long-press-on-editable.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262516 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[Text manipulation] Extract the value attribute in inputs of type "text" and "search"
wenson_hsieh@apple.com [Wed, 3 Jun 2020 21:08:21 +0000 (21:08 +0000)]
[Text manipulation] Extract the value attribute in inputs of type "text" and "search"
https://bugs.webkit.org/show_bug.cgi?id=212706
<rdar://problem/63876969>

Reviewed by Tim Horton.

Source/WebCore:

Allow text manipulation to extract text for the value of text fields that were not last modified by user input.
Aside from button types, it generally doesn't make sense to perform text manipulation over arbitrary input
element values, especially for text field types such as passwords, URLs, emails, and numbers. However, some
webpages set the `value` of inputs to implement `placeholder`-like behavior in text fields, and we need to be
compatible with this.

Tests:  TextManipulation.StartTextManipulationExtractsValuesFromTextInputs
        TextManipulation.CompleteTextManipulationInButtonsAndTextFields

* editing/TextManipulationController.cpp:
(WebCore::shouldExtractValueForTextManipulation):

Unfortunately, we need to check the type attribute here against "text", since inputs of type "date" and "time"
fall back to text fields on macOS, and we still want to avoid extracting values for these.

(WebCore::isAttributeForTextManipulation):

Pull the `value` attribute of this out into a separate method, above.

(WebCore::TextManipulationController::observeParagraphs):
(WebCore::TextManipulationController::replace):

Treat the text field value separately from other attributes by calling `HTMLInputElement::value()` upon
extraction, and `HTMLInputElement::setValue()` upon replacement.

Tools:

Add a new test case (similar to the existing test `StartTextManipulationExtractsValuesFromButtonInputs`) to
verify that we extract text from the `value` of inputs of type "text" and "search".

* TestWebKitAPI/Tests/WebKitCocoa/TextManipulation.mm:
(TestWebKitAPI::TEST):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262515 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoREGRESSION: (r262456): [ Mac ] media/modern-media-controls/media-controller/media...
peng.liu6@apple.com [Wed, 3 Jun 2020 20:57:44 +0000 (20:57 +0000)]
REGRESSION: (r262456): [ Mac ] media/modern-media-controls/media-controller/media-controller-inline-to-fullscreen-to-pip-to-inline.html is timing out.
https://bugs.webkit.org/show_bug.cgi?id=212694

Reviewed by Jer Noble.

Enable the mock video presentation mode of the WebKitTestRunner in the test,
and only request a video element to change its video presentation mode after
the previous change is completed.

* media/modern-media-controls/media-controller/media-controller-inline-to-fullscreen-to-pip-to-inline-expected.txt:
* media/modern-media-controls/media-controller/media-controller-inline-to-fullscreen-to-pip-to-inline.html:
* platform/mac/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262514 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[Re-landing] Enhance DoesGC verification to print more useful info when verification...
mark.lam@apple.com [Wed, 3 Jun 2020 20:23:30 +0000 (20:23 +0000)]
[Re-landing] Enhance DoesGC verification to print more useful info when verification fails.
https://bugs.webkit.org/show_bug.cgi?id=212680

Reviewed by Yusuke Susuki.

When DoesGC verification fails, the first step of debugging it would be to find
out what and which DFG node resulted in the failed verification.  In pre-existing
code, all we get is an assertion failure.

This patch makes it so that the verifier will dump useful info.  Here's an example:

    Error: DoesGC failed @ D@34 DateGetInt32OrNaN in #DtCHMz:[0x1135bd1d0->0x1135bcab0->0x1135e5c80, DFGFunctionCall, 150 (DidTryToEnterInLoop)]
        [0] frame 0x7ffee8285660 {
          name:
          sourceURL:
          isInlinedFrame: false
          callee: 0x1135f6820
          returnPC: 0x50ce61248ae6
          callerFrame: 0x7ffee82856f0
          rawLocationBits: 5 0x5
          codeBlock: 0x1135bd1d0 #DtCHMz:[0x1135bd1d0->0x1135bcab0->0x1135e5c80, DFGFunctionCall, 150 (DidTryToEnterInLoop)]
            hasCodeOrigins: true
            callSiteIndex: 5 of 13
            jitCode: 0x113020200 start 0x50ce61214c60 end 0x50ce61219b00
            line: 1
            column: 60
          EntryFrame: 0x7ffee8285860
        }
        [1] frame 0x7ffee82856f0 {
          name:
          sourceURL: date-format-xparb.js
          isInlinedFrame: false
          callee: 0x1135f65a0
          returnPC: 0x50ce61227e99
          callerFrame: 0x7ffee8285770
          rawLocationBits: 4 0x4
          codeBlock: 0x1135bd0a0 #BU6Zcd:[0x1135bd0a0->0x1135bc260->0x1135e5180, DFGFunctionCall, 112 (DidTryToEnterInLoop)]
            hasCodeOrigins: true
            callSiteIndex: 4 of 12
            jitCode: 0x113004000 start 0x50ce61212c60 end 0x50ce61214960
            line: 26
            column: 22
          EntryFrame: 0x7ffee8285860
        }
        [2] frame 0x7ffee8285770 {
          name:
          sourceURL: date-format-xparb.js
          isInlinedFrame: false
          callee: 0x1135f64e0
          returnPC: 0x108058eb1
          callerFrame: 0x7ffee82857e0
          rawLocationBits: 1001 0x3e9
          codeBlock: 0x1135bc130 #DAS9xe:[0x1135bc130->0x1135e5100, BaselineFunctionCall, 1149]
            bc#1001 of 1149
            line: 417
            column: 38
          EntryFrame: 0x7ffee8285860
        }
        [3] frame 0x7ffee82857e0 {
          name: global code
          sourceURL: date-format-xparb.js
          isInlinedFrame: false
          callee: 0x1130f97b8
          returnPC: 0x108039043
          callerFrame: 0x0
          rawLocationBits: 23 0x17
          codeBlock: 0x1135bc000 <global>#CukXvt:[0x1135bc000->0x1130cd768, LLIntGlobal, 81]
            bc#23 of 81
            line: 425
            column: 3
          EntryFrame: 0x7ffee8285860
        }

    ASSERTION FAILED: expectDoesGC()

The error message now comes with the node index, NodeType, codeBlock which this
failure was found in, and the JS call stack that led to the failure.

Changes made:

1. Introduced a DoesGCCheck value that is used to encode some of the above data.

   Previously, we only recorded whether doesGC() returns true or false for the
   Node.  Now, we record the nodeIndex and nodeOp as well.

   Note that we also set DoesGC expectations for OSR exits.  So, DoesGCCheck
   includes Special cases for those.

2. Added store64(TrustedImm64 imm, const void* address) emitters for X86_64 and ARM64.
   Also added a test for this new emitter in testmasm.

* CMakeLists.txt:
* JavaScriptCore.xcodeproj/project.pbxproj:
* Sources.txt:
* assembler/MacroAssemblerARM64.h:
(JSC::MacroAssemblerARM64::store64):
* assembler/MacroAssemblerX86_64.h:
(JSC::MacroAssemblerX86_64::store64):
* assembler/testmasm.cpp:
(JSC::testStore64Imm64AddressPointer):
(JSC::run):
* dfg/DFGDoesGCCheck.cpp: Copied from Source/JavaScriptCore/dfg/DFGDoesGCCheck.cpp.
* dfg/DFGDoesGCCheck.h: Copied from Source/JavaScriptCore/dfg/DFGDoesGCCheck.h.
* dfg/DFGGraph.cpp:
* dfg/DFGOSRExit.cpp:
(JSC::DFG::operationCompileOSRExit):
(JSC::DFG::OSRExit::compileExit):
* dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileNode):
* ftl/FTLOSRExitCompiler.cpp:
(JSC::FTL::compileStub):
(JSC::FTL::operationCompileFTLOSRExit):
* heap/CompleteSubspace.cpp:
(JSC::CompleteSubspace::tryAllocateSlow):
(JSC::CompleteSubspace::reallocatePreciseAllocationNonVirtual):
* heap/CompleteSubspaceInlines.h:
(JSC::CompleteSubspace::allocateNonVirtual):
* heap/DeferGC.h:
(JSC::DeferGC::~DeferGC):
* heap/GCDeferralContextInlines.h:
(JSC::GCDeferralContext::~GCDeferralContext):
* heap/Heap.cpp:
(JSC::Heap::collectNow):
(JSC::Heap::collectAsync):
(JSC::Heap::collectSync):
(JSC::Heap::stopIfNecessarySlow):
(JSC::Heap::collectIfNecessaryOrDefer):
* heap/Heap.h:
(JSC::Heap::addressOfDoesGC):
(JSC::Heap::setDoesGCExpectation):
(JSC::Heap::verifyCanGC):
(JSC::Heap::expectDoesGC const): Deleted.
(JSC::Heap::setExpectDoesGC): Deleted.
(JSC::Heap::addressOfExpectDoesGC): Deleted.
* heap/HeapInlines.h:
(JSC::Heap::acquireAccess):
(JSC::Heap::stopIfNecessary):
* heap/LocalAllocatorInlines.h:
(JSC::LocalAllocator::allocate):
* heap/PreciseAllocation.cpp:
(JSC::PreciseAllocation::tryCreate):
(JSC::PreciseAllocation::createForLowerTier):
* runtime/JSString.h:
(JSC::jsSingleCharacterString):
(JSC::JSString::toAtomString const):
(JSC::JSString::toExistingAtomString const):
(JSC::JSString::value const):
(JSC::JSString::tryGetValue const):
(JSC::JSRopeString::unsafeView const):
(JSC::JSRopeString::viewWithUnderlyingString const):
(JSC::JSString::unsafeView const):
* runtime/RegExpMatchesArray.h:
(JSC::createRegExpMatchesArray):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262513 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoREGRESSION: [macOS WK2] Layout Test fast/mediastream/device-cha nge-event-2.html...
jacob_uphoff@apple.com [Wed, 3 Jun 2020 20:16:27 +0000 (20:16 +0000)]
REGRESSION: [macOS WK2] Layout Test fast/mediastream/device-cha nge-event-2.html is a flaky timeout
https://bugs.webkit.org/show_bug.cgi?id=188924

Unreviewed test gardening.

* platform/mac-wk2/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262512 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoDisallow responses when a response contains invalid header values
commit-queue@webkit.org [Wed, 3 Jun 2020 19:59:04 +0000 (19:59 +0000)]
Disallow responses when a response contains invalid header values
https://bugs.webkit.org/show_bug.cgi?id=184493

Patch by Rob Buis <rbuis@igalia.com> on 2020-06-03
Reviewed by Darin Adler.

LayoutTests/imported/w3c:

Update improved test results and import fetch/h1-parsing.

* web-platform-tests/fetch/api/basic/header-value-combining.any-expected.txt:
* web-platform-tests/fetch/api/basic/header-value-combining.any.worker-expected.txt:
* web-platform-tests/fetch/api/basic/header-value-null-byte.any-expected.txt:
* web-platform-tests/fetch/api/basic/header-value-null-byte.any.worker-expected.txt:
* web-platform-tests/fetch/h1-parsing/resources-with-0x00-in-header.window-expected.txt: Added.
* web-platform-tests/fetch/h1-parsing/resources-with-0x00-in-header.window.html: Added.
* web-platform-tests/fetch/h1-parsing/resources-with-0x00-in-header.window.js: Added.
(async_test.t.t.step_timeout):
* web-platform-tests/fetch/h1-parsing/resources/README.md: Added.
* web-platform-tests/fetch/h1-parsing/resources/blue-with-0x00-in-a-header.asis: Added.
* web-platform-tests/fetch/h1-parsing/resources/document-with-0x00-in-header.py: Added.
(main):
* web-platform-tests/fetch/h1-parsing/resources/script-with-0x00-in-header.py: Added.
(main):
* web-platform-tests/fetch/h1-parsing/resources/w3c-import.log: Added.
* web-platform-tests/fetch/h1-parsing/w3c-import.log: Added.
* web-platform-tests/xhr/headers-normalize-response-expected.txt:

Source/WebCore:

From the Fetch specification [1]:
"A value is a byte sequence that matches the following conditions:
"- Contains no 0x00 (NUL) or HTTP newline bytes."

[1] https://fetch.spec.whatwg.org/#concept-header-value

Tests: imported/w3c/web-platform-tests/fetch/h1-parsing/resources-with-0x00-in-header.window.html
       imported/web-platform-tests/fetch/api/basic/header-value-combining.any.html
       imported/web-platform-tests/fetch/api/basic/header-value-combining.any.worker.html
       imported/web-platform-tests/fetch/api/basic/header-value-null-byte.any.html
       imported/web-platform-tests/fetch/api/basic/header-value-null-byte.any.worker.html
       imported/web-platform-tests/xhr/headers-normalize-response.htm

* Modules/fetch/FetchHeaders.cpp:
(WebCore::canWriteHeader):
(WebCore::appendToHeaderMap):
(WebCore::FetchHeaders::filterAndFill):
* loader/DocumentThreadableLoader.cpp:
(WebCore::DocumentThreadableLoader::loadRequest):
* loader/SubresourceLoader.cpp:
(WebCore::SubresourceLoader::didReceiveResponse):
* platform/network/HTTPParsers.cpp:
(WebCore::isValidHTTPHeaderValue):
* platform/network/ResourceResponseBase.cpp:
(WebCore::ResourceResponseBase::containsInvalidHTTPHeaders const):
* platform/network/ResourceResponseBase.h:

LayoutTests:

Update improved test results.

* platform/glib/imported/w3c/web-platform-tests/fetch/api/basic/header-value-combining.any-expected.txt:
* platform/glib/imported/w3c/web-platform-tests/fetch/api/basic/header-value-combining.any.worker-expected.txt:
* platform/ios-12/imported/w3c/web-platform-tests/fetch/api/basic/header-value-combining.any-expected.txt:
* platform/ios-12/imported/w3c/web-platform-tests/fetch/api/basic/header-value-combining.any.worker-expected.txt:
* platform/ios/imported/w3c/web-platform-tests/fetch/api/basic/header-value-combining.any-expected.txt:
* platform/ios/imported/w3c/web-platform-tests/fetch/api/basic/header-value-combining.any.worker-expected.txt:
* platform/mac-mojave/imported/w3c/web-platform-tests/fetch/api/basic/header-value-combining.any-expected.txt:
* platform/mac-mojave/imported/w3c/web-platform-tests/fetch/api/basic/header-value-combining.any.worker-expected.txt:
* platform/mac/imported/w3c/web-platform-tests/fetch/api/basic/header-value-combining.any-expected.txt:
* platform/mac/imported/w3c/web-platform-tests/fetch/api/basic/header-value-combining.any.worker-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262511 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoDFGSSAConversionPhase.cpp needs to #include OperandsInlines.h.
mark.lam@apple.com [Wed, 3 Jun 2020 19:55:31 +0000 (19:55 +0000)]
DFGSSAConversionPhase.cpp needs to #include OperandsInlines.h.
https://bugs.webkit.org/show_bug.cgi?id=212687

Reviewed by Keith Miller.

Without this, strange build failures can happen with unified builds.

For example, the Windows build started failing due a linkage error in this file
when the patch from https://bugs.webkit.org/show_bug.cgi?id=212680 landed.
212680 introduced a new .cpp file, and that probably bumped DFGSSAConversionPhase.cpp
into another unified unit, thereby depriving it from seeing the OperandsInlines.h
#include'd by another .cpp.

* dfg/DFGSSAConversionPhase.cpp:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262510 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[iOS] TestWTF.WTF_Lock.ContendedShortSection is consistently timing out on debug...
msaboff@apple.com [Wed, 3 Jun 2020 19:47:48 +0000 (19:47 +0000)]
[iOS] TestWTF.WTF_Lock.ContendedShortSection is consistently timing out on debug simulator builds
https://bugs.webkit.org/show_bug.cgi?id=211650

Reviewed by Saam Barati.

The prior change to disable this test for Debug actually enabled it
only for Debug IOS builds of any type, simulator or real HW.

This test has intermittently failed or timed out on Debug simulator
builds for for almost a year.  We want to test Release builds as well as
hardware builds. Therefore we should disable Debug simulator builds,
and test all other variants.

* TestWebKitAPI/Tests/WTF/Lock.cpp:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262509 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[iOS] Hide the PiP button in fullscreen mode if PiP is disabled in preferences
jer.noble@apple.com [Wed, 3 Jun 2020 19:45:55 +0000 (19:45 +0000)]
[iOS] Hide the PiP button in fullscreen mode if PiP is disabled in preferences
https://bugs.webkit.org/show_bug.cgi?id=212699
<rdar://problem/60391437>

Reviewed by Eric Carlson.

In r260474, we hid the PiP button in fullscreen when PiP was unsupported on the
current device; we must also hide the PiP button when clients have disabled PiP
via preferences.

* UIProcess/ios/fullscreen/WKFullScreenViewController.mm:
(-[WKFullScreenViewController videoControlsManagerDidChange]):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262508 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agodataTransfer.types is empty when handling the "dragstart" event
wenson_hsieh@apple.com [Wed, 3 Jun 2020 19:41:50 +0000 (19:41 +0000)]
dataTransfer.types is empty when handling the "dragstart" event
https://bugs.webkit.org/show_bug.cgi?id=212685
<rdar://problem/61368402>

Reviewed by Andy Estes.

Source/WebCore:

Implements several currently stubbed methods on StaticPasteboard, so that the DataTransfer provided to the page
on the "dragstart" event contains the DOM-exposed data types that will be written to the system pasteboard. This
includes "text/html", "text/plain", and "text/uri-list".

Tests:  DragAndDropTests.DataTransferTypesOnDragStartForTextSelection
        DragAndDropTests.DataTransferTypesOnDragStartForImage
        DragAndDropTests.DataTransferTypesOnDragStartForLink

...as well as several existing tests in DragAndDropTestsIOS.mm that attempt to set pasteboard data during the
dragstart event:

        DragAndDropTests.DataTransferSanitizeHTML
        DragAndDropTests.DataTransferSetDataCannotWritePlatformTypes
        DragAndDropTests.DataTransferSetDataInvalidURL
        DragAndDropTests.DataTransferSetDataUnescapedURL
        DragAndDropTests.DataTransferSetDataValidURL

* dom/DataTransfer.cpp:
(WebCore::DataTransfer::commitToPasteboard):

Only commit data to the native pasteboard if the page actually tried to write or modify the data. This allows us
to preserve existing behavior by allowing DragController to write dragged data to the pasteboard normally in the
case where the page didn't specify any custom data. In the case where the page does specify custom data, we will
write this custom data *in addition* to any default data that was written to the static pasteboard. While this
is a departure from our current behavior (which is to treat the pasteboard as a blank slate that contains only
whatever custom data was provided by the page), it matches behavior in both Chrome and Firefox, and is likely
more compatible with webpages that don't have UA-specific logic targeting WebKit.

* editing/cocoa/EditorCocoa.mm:
(WebCore::Editor::writeSelectionToPasteboard):

Avoid calling into the injected bundle (as well as writing a few particular non-web-exposed types, such as web
archive data) in the case where we're writing to a static pasteboard (there's no point in doing this for the
static pasteboard, and in the worst case, it could confuse some internal clients).

* editing/ios/EditorIOS.mm:
(WebCore::Editor::writeImageToPasteboard): Ditto.
* editing/mac/EditorMac.mm:
(WebCore::Editor::writeImageToPasteboard):

Ditto. But additionally, introduce a markup string to PasteboardImage, so that we will expose the "text/html"
type when starting a drag on an image element.

* page/DragController.cpp:
(WebCore::DragController::startDrag):

Only attempt to call into `Pasteboard::writeTrustworthyWebURLsPboardType` in the case where the pasteboard
supports this type (i.e. on macOS). This fixes an existing assertion that was hit by my new API test, which
attempts to override the contents of the pasteboard with custom data while starting a drag on a link.

* page/EventHandler.cpp:
(WebCore::EventHandler::handleDrag):

Since the StaticPasteboard contains data before the page has written anything, don't use `Pasteboard::hasData()`
to determine whether there's custom data; instead, use the new `hasNonDefaultData()` method on
`StaticPasteboard` (see below).

* platform/Pasteboard.cpp:
(WebCore::Pasteboard::canWriteTrustworthyWebURLsPboardType):

On non-macOS ports, return false.

* platform/Pasteboard.h:
* platform/StaticPasteboard.cpp:
(WebCore::StaticPasteboard::hasNonDefaultData const):

Keep track of whether the page attempted to stage any custom data during "dragstart" by maintaining the set of
types written by the page, via calls to `writeString()` and similar. I'm using a set of types here instead of a
simple `bool` flag to ensure correctness in the case where the page adds a type, and then later removes that
same custom type, such that there is no longer non-default data.

(WebCore::StaticPasteboard::writeString):
(WebCore::StaticPasteboard::writeData):
(WebCore::StaticPasteboard::writeStringInCustomData):
(WebCore::StaticPasteboard::clear):

See above.

(WebCore::StaticPasteboard::writeMarkup):
(WebCore::StaticPasteboard::writePlainText):
(WebCore::StaticPasteboard::write):

Implement these methods by writing to the `PasteboardCustomData`. These methods are invoked by our own code
rather than the bindings, and should only be used to stage default data types when starting a drag.

* platform/StaticPasteboard.h:
* platform/mac/PasteboardMac.mm:
(WebCore::Pasteboard::write):
(WebCore::Pasteboard::canWriteTrustworthyWebURLsPboardType):

Tools:

Adds new API tests and test infrastructure to verify that DataTransfer types and data are accessible during
the "dragstart" event. See below for more details.

* TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
* TestWebKitAPI/Tests/WebKitCocoa/DragAndDropTests.mm:
(-[TestWKWebView selectElementWithID:]):
(-[DragAndDropSimulator dragFromElementWithID:to:]):

Add a few (very specialized) helper methods to assist with simulating drags over the various elements in the new
drag and drop test harness page below (dragstart-data.html).

(runDragStartDataTestCase):

Test the following scenarios (split between three API tests) by dumping the resulting DataTransfer types and
their data strings, and observing the results:

- Dragging a normal text selection.
- Dragging a normal text selection, and then adding a URL string.
- Dragging a normal text selection, and then adding a custom pasteboard type.
- Dragging a normal text selection, but then replacing the data with just a URL string.
- Dragging a normal text selection, but then replacing the data with just a custom data type.
- Dragging an image element.
- Dragging an image element, and then overriding the plain text data.
- Dragging a link (anchor element).
- Dragging a link, and then adding a custom type.

* TestWebKitAPI/Tests/WebKitCocoa/dragstart-data.html: Added.

Add a new test harness to help test DataTransfer types when starting a drag. This test page can also be used as
a manual test harness, by simply opening the test page, starting drags on the various elements and observing the
output in the textarea.

* TestWebKitAPI/Tests/WebKitCocoa/dump-datatransfer-types.html:

Tweak this test page to replace the DataTransfer with custom data (rather than simply append it) by calling
`DataTransfer.clearData()` prior to writing the custom types.

* TestWebKitAPI/Tests/ios/DragAndDropTestsIOS.mm:
* TestWebKitAPI/cocoa/TestWKWebView.h:
* TestWebKitAPI/cocoa/TestWKWebView.mm:
(-[TestWKWebViewHostWindow initWithWebView:contentRect:styleMask:backing:defer:]):

Add a `__weak` reference on TestWKWebViewHostWindow back to the TestWKWebView, so that we can consult
`-eventTimestamp` when synthesizing mouse events on macOS during API tests.

(-[TestWKWebViewHostWindow _mouseDownAtPoint:simulatePressure:clickCount:]):
(-[TestWKWebViewHostWindow _mouseUpAtPoint:clickCount:]):
(-[TestWKWebViewHostWindow initWithWebView:frame:]):
(-[TestWKWebView _setUpTestWindow:]):
(-[TestWKWebView setEventTimestampOffset:]):
(-[TestWKWebView eventTimestamp]):

Add a mechanism to offset synthetic event timestamps by a given time interval (i.e. the event timestamp offset).

(-[TestWKWebView mouseMoveToPoint:withFlags:]):
(-[TestWKWebView _mouseEventWithType:atLocation:]):
(-[TestWKWebView typeCharacter:]):
* TestWebKitAPI/mac/DragAndDropSimulatorMac.mm:
(-[DragAndDropSimulator runFrom:to:]):

While simulating drag and drop on macOS, use `-setEventTimestampOffset:` to "leap forward" in time, so that the
150 millisecond delay when dragging a text selection doesn't prevent drags from beginning.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262507 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoCrash with uncaught exception: *** -[AVSampleBufferAudioRenderer enqueueSampleBuffer...
jer.noble@apple.com [Wed, 3 Jun 2020 19:25:43 +0000 (19:25 +0000)]
Crash with uncaught exception: *** -[AVSampleBufferAudioRenderer enqueueSampleBuffer:] Sample buffer has media type 'vide' instead of 'soun'
https://bugs.webkit.org/show_bug.cgi?id=212646
<rdar://problem/63040834>

Reviewed by Eric Carlson.

Protect against the possibility of AVStreamDataParser generating non-video or -audio samples in an otherwise
video- or audio-track. Check the format description attached to the sample before appending, and ASSERT in
debug builds and ERROR_LOG in release builds, as this is an exceptional condition.

* platform/graphics/FourCC.h:
(WTF::LogArgument<WebCore::FourCC>::toString):
* platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
(WebCore::SourceBufferPrivateAVFObjC::enqueueSample):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262506 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoAny active sqlite transactions for the ITP database should be aborted when the networ...
katherine_cheney@apple.com [Wed, 3 Jun 2020 19:13:26 +0000 (19:13 +0000)]
Any active sqlite transactions for the ITP database should be aborted when the network process suspends.
https://bugs.webkit.org/show_bug.cgi?id=212608
<rdar://problem/60540768>

Reviewed by Chris Dumez.

Source/WebCore:

Add WEBCORE_EXPORT macro to use interrupt() function in
ResourceLoadStatisticsDatabaseStore.

* platform/sql/SQLiteDatabase.h:

Source/WebKit:

Calls to WebResourceLoadStatisticsStore::suspend() should abort any
active SQLite transactions. Unfinished transactions will hold the lock
of a database file and could cause the network process to crash when
suspending.

* NetworkProcess/Classifier/ResourceLoadStatisticsDatabaseStore.cpp:
(WebKit::ResourceLoadStatisticsDatabaseStore::ResourceLoadStatisticsDatabaseStore):
(WebKit::ResourceLoadStatisticsDatabaseStore::~ResourceLoadStatisticsDatabaseStore):
Store all ResourceLoadStatisticsDatabaseStore instances in a static
HashSet so existing transactions can be aborted when the process is
preparing to suspend.

(WebKit::ResourceLoadStatisticsDatabaseStore::interrupt):
* NetworkProcess/Classifier/ResourceLoadStatisticsDatabaseStore.h:
* NetworkProcess/Classifier/WebResourceLoadStatisticsStore.cpp:
(WebKit::WebResourceLoadStatisticsStore::suspend):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262505 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoVersioning.
alancoon@apple.com [Wed, 3 Jun 2020 19:13:04 +0000 (19:13 +0000)]
Versioning.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262504 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoAX: SVG text node with content is described as "empty group" even if it's not empty
andresg_22@apple.com [Wed, 3 Jun 2020 19:07:39 +0000 (19:07 +0000)]
AX: SVG text node with content is described as "empty group" even if it's not empty
https://bugs.webkit.org/show_bug.cgi?id=210315

Reviewed by Darin Adler.

Source/WebCore:

Test: accessibility/svg-text.html

SVGText elements are conveyed as AXGroups and cannot have a description
or help property, but instead the content of the element is exposed as
static text.

* accessibility/AccessibilitySVGElement.cpp:
(WebCore::AccessibilitySVGElement::accessibilityDescription const):
(WebCore::AccessibilitySVGElement::helpText const):
* accessibility/AccessibilitySVGElement.h:

LayoutTests:

* accessibility/svg-text-expected.txt: Added.
* accessibility/svg-text.html: Added.
* accessibility/w3c-svg-name-calculation.html: Expected name for an SVG
text element should be "". Its text content is exposed as a child static text accessibility object.
* platform/mac/accessibility/w3c-svg-name-calculation-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262500 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoText manipulation sometimes fails to replace text in attributes
sihui_liu@apple.com [Wed, 3 Jun 2020 19:04:28 +0000 (19:04 +0000)]
Text manipulation sometimes fails to replace text in attributes
https://bugs.webkit.org/show_bug.cgi?id=212701

Reviewed by Wenson Hsieh.

Source/WebCore:

Concatenate replacement tokens of same identifier for attribute like we do for title and option element in
r260393.

Covered by test: TextManipulation.CompleteTextManipulationShouldReplaceTextContentWithMultipleTokens

* editing/TextManipulationController.cpp:
(WebCore::TextManipulationController::replace):

Tools:

Modify TextManipulation.CompleteTextManipulationShouldReplaceTextContentWithMultipleTokens to cover text
manipulation for attributes.

* TestWebKitAPI/Tests/WebKitCocoa/TextManipulation.mm:
(TestWebKitAPI::TEST):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262499 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[ macOS ] REGRESSION(r262366): webgl/1.0.3/conformance/canvas/buffer-offscreen-test...
dino@apple.com [Wed, 3 Jun 2020 18:48:00 +0000 (18:48 +0000)]
[ macOS ] REGRESSION(r262366): webgl/1.0.3/conformance/canvas/buffer-offscreen-test.html & webgl/2.0.0/conformance/canvas/buffer-offscreen-test.html are constant failures
https://bugs.webkit.org/show_bug.cgi?id=212594
<rdar://problem/63828783>

Reviewed by Eric Carlson.

The change in r262366 split the OpenGL work to prepare a canvas for rendering from the actual painting
(or compositing in this case). Canvas elements were being "prepared" at the end of the HTML run loop
if they'd done anything that would change pixels. The problem is that canvas elements that are not in
the document body are never composited, and thus should never be prepared, otherwise they will clear
their drawing buffer. In other words, a canvas in this state must keep the same buffer through
each rendering frame.

The solution is to check if the canvas is in the tree scope at the time we consider preparing
it for display.

* dom/Document.cpp:
(WebCore::Document::prepareCanvasesForDisplayIfNeeded):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262498 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoWebProcessPool::notifyPreferencesChanged() is unsafely called on a background thread
cdumez@apple.com [Wed, 3 Jun 2020 18:40:47 +0000 (18:40 +0000)]
WebProcessPool::notifyPreferencesChanged() is unsafely called on a background thread
https://bugs.webkit.org/show_bug.cgi?id=212697
<rdar://problem/63876652>

Reviewed by Per Arne Vollan.

Make sure we dispatch to the main thread in [WKPreferenceObserver preferenceDidChange] before
we iterate over the process pools and call WebProcessPool::notifyPreferencesChanged() on each
one.

* UIProcess/Cocoa/PreferenceObserver.mm:
(-[WKPreferenceObserver preferenceDidChange:key:encodedValue:]):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262497 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[iOS] Reduce sandbox logging by permitting necessary sysctl
bfulgham@apple.com [Wed, 3 Jun 2020 18:39:02 +0000 (18:39 +0000)]
[iOS] Reduce sandbox logging by permitting necessary sysctl
https://bugs.webkit.org/show_bug.cgi?id=212710
<rdar://problem/63900239>

Reviewed by Per Arne Vollan.

Telemetry indicates that we need to access "sysctl.name2oid" in the
Network process during error handling for HTTP connections. Allow this
access and avoid generating unnecessary logging for this case.

* Resources/SandboxProfiles/ios/com.apple.WebKit.Networking.sb:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262496 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoStorage Access API: Add setting for per-page storage access scope
wilander@apple.com [Wed, 3 Jun 2020 18:07:49 +0000 (18:07 +0000)]
Storage Access API: Add setting for per-page storage access scope
https://bugs.webkit.org/show_bug.cgi?id=212682
<rdar://problem/63904824>

Reviewed by Brent Fulgham.

Source/WebCore:

This is a follow-up patch to https://bugs.webkit.org/show_bug.cgi?id=212114,
adding an off-by-default setting and a test case for per-page storage access.

Test: http/tests/storageAccess/request-and-grant-access-with-per-page-scope-access-from-another-frame.html

* dom/DocumentStorageAccess.cpp:
(WebCore::DocumentStorageAccess::requestStorageAccess):
* page/Settings.yaml:
* testing/InternalSettings.cpp:
(WebCore::InternalSettings::setStorageAccessAPIPerPageScopeEnabled):
* testing/InternalSettings.h:
* testing/InternalSettings.idl:

LayoutTests:

* http/tests/storageAccess/request-and-grant-access-with-per-page-scope-access-from-another-frame-expected.txt: Added.
* http/tests/storageAccess/request-and-grant-access-with-per-page-scope-access-from-another-frame.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262495 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[WPE] lint-test-expectations doesn't work when platform is WPE
dpino@igalia.com [Wed, 3 Jun 2020 17:46:51 +0000 (17:46 +0000)]
[WPE] lint-test-expectations doesn't work when platform is WPE
https://bugs.webkit.org/show_bug.cgi?id=212700

Reviewed by Carlos Alberto Lopez Perez.

When passing arguments '--wpe' or '--platform=wpe*',
lint-test-expectations does nothing for WPE, despite currently
there are many lint errors in WPE's TestExpectations file.

As a side-effect of this patch, now `Tools/Scripts/webkit-path
rebaseline` lists the WPE Release and Debug bots.

* Scripts/webkitpy/port/builders.py: Add WPE to the list of
exact_matches and fuzzy_matches.
* Scripts/webkitpy/tool/commands/rebaseline_unittest.py:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262494 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoAllow using web processes for service workers even though they loaded about URLs...
jbedard@apple.com [Wed, 3 Jun 2020 17:32:26 +0000 (17:32 +0000)]
Allow using web processes for service workers even though they loaded about URLs (Follow-up fix)
https://bugs.webkit.org/show_bug.cgi?id=212464

Unreviewed build fix.

* TestWebKitAPI/Tests/WebKitCocoa/ServiceWorkerBasic.mm: didFinishNavigation is now used unconditionally.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262493 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoFix non-unified --jsc-only build.
mark.lam@apple.com [Wed, 3 Jun 2020 17:31:13 +0000 (17:31 +0000)]
Fix non-unified --jsc-only build.
https://bugs.webkit.org/show_bug.cgi?id=212707

Reviewed by Yusuke Suzuki.

These files need JSGlobalObjectInlines.h.  But rather than adding yet another
#include, we'll just remove many individual ones and just #include JSCInlines.h
instead.

* wasm/js/JSToWasmICCallee.cpp:
* wasm/js/WebAssemblyCompileErrorConstructor.cpp:
* wasm/js/WebAssemblyCompileErrorPrototype.cpp:
* wasm/js/WebAssemblyGlobalPrototype.cpp:
* wasm/js/WebAssemblyInstanceConstructor.cpp:
* wasm/js/WebAssemblyInstancePrototype.cpp:
* wasm/js/WebAssemblyLinkErrorConstructor.cpp:
* wasm/js/WebAssemblyLinkErrorPrototype.cpp:
* wasm/js/WebAssemblyModulePrototype.cpp:
* wasm/js/WebAssemblyRuntimeErrorConstructor.cpp:
* wasm/js/WebAssemblyRuntimeErrorPrototype.cpp:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262492 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[WPE] Gardening, lint WPE test expectations
dpino@igalia.com [Wed, 3 Jun 2020 16:59:45 +0000 (16:59 +0000)]
[WPE] Gardening, lint WPE test expectations
https://bugs.webkit.org/show_bug.cgi?id=212705

Unreviewed gardening.

* platform/wpe/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262491 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoAdd more logging related to service worker fetch event handling
youenn@apple.com [Wed, 3 Jun 2020 16:13:36 +0000 (16:13 +0000)]
Add more logging related to service worker fetch event handling
https://bugs.webkit.org/show_bug.cgi?id=212632
<rdar://problem/63913271>

Unreviewed.
Build fix.

* WebProcess/Storage/WebServiceWorkerFetchTaskClient.cpp:
(WebKit::WebServiceWorkerFetchTaskClient::continueDidReceiveResponse):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262490 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoREGRESSION: (r262432): [ iOS wk2 ] imported/w3c/web-platform-tests/service-workers...
lawrence.j@apple.com [Wed, 3 Jun 2020 16:00:02 +0000 (16:00 +0000)]
REGRESSION: (r262432): [ iOS wk2 ] imported/w3c/web-platform-tests/service-workers/service-worker/fetch-request-no-freshness-headers.https.html is flaky failing.
https://bugs.webkit.org/show_bug.cgi?id=212696

Unreviewed test gardening.

* platform/ios-wk2/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262489 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoREGRESSION: (r262456): [ Mac ] media/modern-media-controls/media-controller/media...
lawrence.j@apple.com [Wed, 3 Jun 2020 15:44:52 +0000 (15:44 +0000)]
REGRESSION: (r262456): [ Mac ] media/modern-media-controls/media-controller/media-controller-inline-to-fullscreen-to-pip-to-inline.html is timing out.
https://bugs.webkit.org/show_bug.cgi?id=212694

Unreviewed test gardening.

* platform/mac/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262488 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoPass WebPageProxyIdentifier to PreconnectTask
commit-queue@webkit.org [Wed, 3 Jun 2020 15:37:49 +0000 (15:37 +0000)]
Pass WebPageProxyIdentifier to PreconnectTask
https://bugs.webkit.org/show_bug.cgi?id=212648

Patch by Alex Christensen <achristensen@webkit.org> on 2020-06-03
Reviewed by Chris Dumez.

Otherwise, AuthenticationManager::didReceiveAuthenticationChallenge sometimes returned early because there was no pageID.
Observed connecting to real websites from my home wifi.  Unable to test using local servers because connecting happens too fast.

* NetworkProcess/NetworkProcess.cpp:
(WebKit::NetworkProcess::preconnectTo):
* NetworkProcess/NetworkProcess.h:
* NetworkProcess/NetworkProcess.messages.in:
* UIProcess/Network/NetworkProcessProxy.cpp:
(WebKit::NetworkProcessProxy::preconnectTo):
* UIProcess/Network/NetworkProcessProxy.h:
* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::preconnectTo):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262487 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoMake generated C++ code use modern C++
commit-queue@webkit.org [Wed, 3 Jun 2020 14:29:10 +0000 (14:29 +0000)]
Make generated C++ code use modern C++
https://bugs.webkit.org/show_bug.cgi?id=190714

Patch by Rob Buis <rbuis@igalia.com> on 2020-06-03
Reviewed by Jonathan Bedard.

Source/JavaScriptCore:

Update inspector protocol generator and rebaseline the tests.

* inspector/scripts/codegen/cpp_generator_templates.py:
* inspector/scripts/codegen/generate_cpp_protocol_types_header.py:
* inspector/scripts/tests/expected/commands-with-async-attribute.json-result:
* inspector/scripts/tests/expected/commands-with-optional-call-return-parameters.json-result:
* inspector/scripts/tests/expected/domains-with-varying-command-sizes.json-result:
* inspector/scripts/tests/expected/enum-values.json-result:
* inspector/scripts/tests/expected/events-with-optional-parameters.json-result:
* inspector/scripts/tests/expected/same-type-id-different-domain.json-result:
* inspector/scripts/tests/expected/type-declaration-aliased-primitive-type.json-result:
* inspector/scripts/tests/expected/type-declaration-array-type.json-result:
* inspector/scripts/tests/expected/type-declaration-enum-type.json-result:
* inspector/scripts/tests/expected/type-declaration-object-type.json-result:
* inspector/scripts/tests/expected/type-requiring-runtime-casts.json-result:
* yarr/generateYarrUnicodePropertyTables.py:

Source/WebCore:

Replace typedef usage by alias-declaration.

No new tests. No change in behavior.

* css/makeprop.pl:
* dom/make_names.pl:
(printHeaderHead):
(printInit):
(printTypeHelpersHeaderFile):
(printFactoryCppFile):
(printFactoryHeaderFile):
(printWrapperFactoryCppFile):
(printWrapperFactoryHeaderFile):

Source/WebKit:

Replace typedef usage by alias-declaration.

* Scripts/test-legacyMessages.h:
* Scripts/test-superclassMessages.h:
* Scripts/testMessages.h:
* Scripts/webkit/messages.py:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262486 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[GTK4] WTR: Forward key events to the active popup menu
carlosgc@webkit.org [Wed, 3 Jun 2020 13:48:05 +0000 (13:48 +0000)]
[GTK4] WTR: Forward key events to the active popup menu
https://bugs.webkit.org/show_bug.cgi?id=212690

Reviewed by Adrian Perez de Castro.

I forgot to remove the ifdefs when added support for popup menus in r262414.

* UIProcess/API/gtk/WebKitWebViewBase.cpp:
(webkitWebViewBaseSynthesizeKeyEvent):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262485 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[GTK4] Fix input methods
carlosgc@webkit.org [Wed, 3 Jun 2020 13:46:37 +0000 (13:46 +0000)]
[GTK4] Fix input methods
https://bugs.webkit.org/show_bug.cgi?id=212317

Reviewed by Adrian Perez de Castro.

Stop using GdkEvent to synthesize compositing events, add a specific NativeWebKeyboardEvent constructor for them.

* Shared/NativeWebKeyboardEvent.h:
* Shared/gtk/NativeWebKeyboardEventGtk.cpp:
(WebKit::NativeWebKeyboardEvent::NativeWebKeyboardEvent):
* UIProcess/API/gtk/WebKitInputMethodContextImplGtk.cpp:
(webkitInputMethodContextImplGtkSetClientWidget):
(webkitInputMethodContextImplGtkSetClientWindow): Deleted.
* UIProcess/API/gtk/WebKitInputMethodContextImplGtk.h:
* UIProcess/API/gtk/WebKitWebViewBase.cpp:
(webkitWebViewBaseRealize):
(webkitWebViewBaseUnrealize):
(webkitWebViewBaseKeyPressEvent):
(webkitWebViewBaseKeyReleaseEvent):
(webkitWebViewBaseFocusEnter):
(webkitWebViewBaseFocusLeave):
(webkitWebViewBaseKeyPressed):
(webkitWebViewBaseKeyReleased):
(toplevelWindowIsActiveChanged):
(webkitWebViewBaseSynthesizeCompositionKeyPress):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262484 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[GTK4] Implement file chooser
commit-queue@webkit.org [Wed, 3 Jun 2020 10:08:21 +0000 (10:08 +0000)]
[GTK4] Implement file chooser
https://bugs.webkit.org/show_bug.cgi?id=212322

Patch by Santosh Mahto <santosh.mahto@collabora.com> on 2020-06-03
Reviewed by Carlos Garcia Campos.

Port FileChooser to gtk4, Now FileChooser uses undeprecated api's.
Covered by existing tests.

* UIProcess/API/gtk/WebKitWebViewGtk.cpp:
(fileChooserDialogResponseCallback):
(webkitWebViewRunFileChooser):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262483 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[GTK4] Implement emoji chooser
carlosgc@webkit.org [Wed, 3 Jun 2020 09:12:00 +0000 (09:12 +0000)]
[GTK4] Implement emoji chooser
https://bugs.webkit.org/show_bug.cgi?id=212330

Reviewed by Adrian Perez de Castro.

GtkEmojiChooser is public API in GTK4, so just use that instead of our own.

* UIProcess/API/gtk/WebKitEmojiChooser.cpp:
(emojiActivated): Close the popover before emitting emoji-picked for consistency with GTK.
* UIProcess/API/gtk/WebKitWebViewBase.cpp:
(_WebKitWebViewBasePrivate::_WebKitWebViewBasePrivate):
(_WebKitWebViewBasePrivate::releaseEmojiChooserTimerFired):
(webkitWebViewBaseDispose):
(emojiChooserClosed):
(webkitWebViewBaseShowEmojiChooser):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262482 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[css-grid] Dynamically setting "position: absolute" in a grid item doesn't trigger...
jfernandez@igalia.com [Wed, 3 Jun 2020 07:31:29 +0000 (07:31 +0000)]
[css-grid] Dynamically setting "position: absolute" in a grid item doesn't trigger a relayout of that element
https://bugs.webkit.org/show_bug.cgi?id=191465

Reviewed by Manuel Rego Casasnovas.

Source/WebCore:

From Blink r484620 by Sergio Villar <svillar@igalia.com>

Containing block overrides not cleared for position:absolute

Whenever a position:absolute block gets a new containing block the
previously set containing block overrides are not cleared. This causes the
block not to be properly layout for its new containing block (for example
when using relative sizes).

In particular this affects grid items which always get a containing block
override size (which represent the grid areas) in case their
containing block switches from the grid container to a grid ancestor.

No new tests, as this change is covered by current web platform tests.

* rendering/RenderBlock.cpp:
(WebCore::RenderBlock::insertPositionedObject): Clear the containing block's override width and height.

LayoutTests:

Several tests pass now thanks to this change.

* TestExpectations: Removed failure expectations, since now these tests pass now.
  - absolute-positioning-changing-containing-block-001.html
  - grid-item-absolute-positioning-dynamic-001.html

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262481 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoAdd more logging related to service worker fetch event handling
youenn@apple.com [Wed, 3 Jun 2020 07:28:11 +0000 (07:28 +0000)]
Add more logging related to service worker fetch event handling
https://bugs.webkit.org/show_bug.cgi?id=212632

Reviewed by Chris Dumez.

Source/WebCore:

Add logging related to creating/canceling/deleting fetch event handler related client.
No change of behavior.

* workers/service/context/ServiceWorkerThreadProxy.cpp:
(WebCore::ServiceWorkerThreadProxy::startFetch):
(WebCore::ServiceWorkerThreadProxy::cancelFetch):
(WebCore::ServiceWorkerThreadProxy::removeFetch):

Source/WebKit:

Add logging to identify the page ID and frame ID used by a service worker.
Add logging to identify what is happening in the case of a response being buffered for navigation purposes.

* WebProcess/Storage/WebSWContextManagerConnection.cpp:
(WebKit::ServiceWorkerFrameLoaderClient::ServiceWorkerFrameLoaderClient):
(WebKit::WebSWContextManagerConnection::installServiceWorker):
(WebKit::WebSWContextManagerConnection::continueDidReceiveFetchResponse):
* WebProcess/Storage/WebServiceWorkerFetchTaskClient.cpp:
(WebKit::WebServiceWorkerFetchTaskClient::didFail):
(WebKit::WebServiceWorkerFetchTaskClient::didFinish):
(WebKit::WebServiceWorkerFetchTaskClient::continueDidReceiveResponse):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262480 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoASSERTION FAILED: isCell() under WebCore::JSDOMConstructor seen with webaudio/the...
ysuzuki@apple.com [Wed, 3 Jun 2020 06:53:16 +0000 (06:53 +0000)]
ASSERTION FAILED: isCell() under WebCore::JSDOMConstructor seen with webaudio/the-audio-api/the-audiocontext-interface/audiocontextoptions.html
https://bugs.webkit.org/show_bug.cgi?id=212650

Reviewed by Mark Lam.

Source/WebCore:

Some DOM constructor can return jsNull. For example, AudioContext constructor can return jsNull when it exceeds # of hardware audio contexts.
However CodeGeneratorJS assumes that DOM constructor always returns an object, or throws an exception.
This patch adds object check after DOM constructor call to handle the jsNull case while it does not change the existing semantics.

* bindings/scripts/CodeGeneratorJS.pm:
(GenerateConstructorDefinition):

LayoutTests:

* platform/ios/TestExpectations:
* platform/mac/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262479 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoRolling out r262475 to unbreak Windows bot.
mark.lam@apple.com [Wed, 3 Jun 2020 06:25:50 +0000 (06:25 +0000)]
Rolling out r262475 to unbreak Windows bot.
https://bugs.webkit.org/show_bug.cgi?id=212680

Not reviewed.

* CMakeLists.txt:
* JavaScriptCore.xcodeproj/project.pbxproj:
* Sources.txt:
* assembler/MacroAssemblerARM64.h:
* assembler/MacroAssemblerX86_64.h:
* assembler/testmasm.cpp:
(JSC::testCountTrailingZeros64WithoutNullCheck):
(JSC::run):
(JSC::testStore64Imm64AddressPointer): Deleted.
* dfg/DFGDoesGCCheck.cpp: Removed.
* dfg/DFGDoesGCCheck.h: Removed.
* dfg/DFGGraph.cpp:
* dfg/DFGOSRExit.cpp:
(JSC::DFG::operationCompileOSRExit):
(JSC::DFG::OSRExit::compileExit):
* dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileNode):
* ftl/FTLOSRExitCompiler.cpp:
(JSC::FTL::compileStub):
(JSC::FTL::operationCompileFTLOSRExit):
* heap/CompleteSubspace.cpp:
(JSC::CompleteSubspace::tryAllocateSlow):
(JSC::CompleteSubspace::reallocatePreciseAllocationNonVirtual):
* heap/CompleteSubspaceInlines.h:
(JSC::CompleteSubspace::allocateNonVirtual):
* heap/DeferGC.h:
(JSC::DeferGC::~DeferGC):
* heap/GCDeferralContextInlines.h:
(JSC::GCDeferralContext::~GCDeferralContext):
* heap/Heap.cpp:
(JSC::Heap::collectNow):
(JSC::Heap::collectAsync):
(JSC::Heap::collectSync):
(JSC::Heap::stopIfNecessarySlow):
(JSC::Heap::collectIfNecessaryOrDefer):
* heap/Heap.h:
(JSC::Heap::expectDoesGC const):
(JSC::Heap::setExpectDoesGC):
(JSC::Heap::addressOfExpectDoesGC):
(JSC::Heap::addressOfDoesGC): Deleted.
(JSC::Heap::setDoesGCExpectation): Deleted.
(JSC::Heap::verifyCanGC): Deleted.
* heap/HeapInlines.h:
(JSC::Heap::acquireAccess):
(JSC::Heap::stopIfNecessary):
* heap/LocalAllocatorInlines.h:
(JSC::LocalAllocator::allocate):
* heap/PreciseAllocation.cpp:
(JSC::PreciseAllocation::tryCreate):
(JSC::PreciseAllocation::createForLowerTier):
* runtime/JSString.h:
(JSC::jsSingleCharacterString):
(JSC::JSString::toAtomString const):
(JSC::JSString::toExistingAtomString const):
(JSC::JSString::value const):
(JSC::JSString::tryGetValue const):
(JSC::JSRopeString::unsafeView const):
(JSC::JSRopeString::viewWithUnderlyingString const):
(JSC::JSString::unsafeView const):
* runtime/RegExpMatchesArray.h:
(JSC::createRegExpMatchesArray):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262478 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[iOS] WKProcessAssertionBackgroundTaskManager incorrectly ignores expiration notifica...
cdumez@apple.com [Wed, 3 Jun 2020 05:29:14 +0000 (05:29 +0000)]
[iOS] WKProcessAssertionBackgroundTaskManager incorrectly ignores expiration notifications for daemons
https://bugs.webkit.org/show_bug.cgi?id=212619

Reviewed by Alex Christensen.

WKProcessAssertionBackgroundTaskManager was incorrectly ignoring process assertion expiration notifications
for daemons, because it was relying on visibility to make decisions. For daemons (or ViewServices), we would
not get application visibility notifications and would therefore always assume the app is visible.
As a result, _handleBackgroundTaskExpiration would think it received an outdated expiration notification for
a visible app and would simply re-take the assertion right away.

To address the issue, we now rely on a RunningBoard API that lets us know if the suspension timer has been
started or not (and how much remains on the timer). If the suspension timer is not active when get receive
the expiration notification, we know it is an outdated notification and we ignore it (release and re-take
assertion right away). This can happen if we did not have time to process the expiration notification before
suspended and thus only get it upon resuming. It can also happen if the user re-activates the app right after
the expiration notice has been sent.

* Platform/spi/ios/RunningBoardServicesSPI.h:
* UIProcess/ios/ProcessAssertionIOS.mm:
(processHasActiveRunTimeLimitation):
(-[WKProcessAssertionBackgroundTaskManager init]):
(-[WKProcessAssertionBackgroundTaskManager _updateBackgroundTask]):
(-[WKProcessAssertionBackgroundTaskManager _handleBackgroundTaskExpiration]):
(-[WKProcessAssertionBackgroundTaskManager _handleBackgroundTaskExpirationOnMainThread]):
(-[WKProcessAssertionBackgroundTaskManager _releaseBackgroundTask]):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262477 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoEventRegion::translate() needs to offset the wheel event regions
simon.fraser@apple.com [Wed, 3 Jun 2020 04:54:21 +0000 (04:54 +0000)]
EventRegion::translate() needs to offset the wheel event regions
https://bugs.webkit.org/show_bug.cgi?id=212683

Reviewed by Zalan Bujtas.

Source/WebCore:

EventRegion::translate() failed to offset the wheel event regions, which resulted
in wrong reasons for GraphicsLayers with a non-zero offsetFromRenderer.

Test: fast/scrolling/mac/wheel-event-listener-region-layer-offset.html

* rendering/EventRegion.cpp:
(WebCore::EventRegion::translate):

LayoutTests:

* fast/scrolling/mac/wheel-event-listener-region-layer-offset-expected.txt: Added.
* fast/scrolling/mac/wheel-event-listener-region-layer-offset.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262476 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoEnhance DoesGC verification to print more useful info when verification fails.
mark.lam@apple.com [Wed, 3 Jun 2020 04:47:30 +0000 (04:47 +0000)]
Enhance DoesGC verification to print more useful info when verification fails.
https://bugs.webkit.org/show_bug.cgi?id=212680

Reviewed by Yusuke Suzuki.

When DoesGC verification fails, the first step of debugging it would be to find
out what and which DFG node resulted in the failed verification.  In pre-existing
code, all we get is an assertion failure.

This patch makes it so that the verifier will dump useful info.  Here's an example:

    Error: DoesGC failed @ D@34 DateGetInt32OrNaN in #DtCHMz:[0x1135bd1d0->0x1135bcab0->0x1135e5c80, DFGFunctionCall, 150 (DidTryToEnterInLoop)]
        [0] frame 0x7ffee8285660 {
          name:
          sourceURL:
          isInlinedFrame: false
          callee: 0x1135f6820
          returnPC: 0x50ce61248ae6
          callerFrame: 0x7ffee82856f0
          rawLocationBits: 5 0x5
          codeBlock: 0x1135bd1d0 #DtCHMz:[0x1135bd1d0->0x1135bcab0->0x1135e5c80, DFGFunctionCall, 150 (DidTryToEnterInLoop)]
            hasCodeOrigins: true
            callSiteIndex: 5 of 13
            jitCode: 0x113020200 start 0x50ce61214c60 end 0x50ce61219b00
            line: 1
            column: 60
          EntryFrame: 0x7ffee8285860
        }
        [1] frame 0x7ffee82856f0 {
          name:
          sourceURL: date-format-xparb.js
          isInlinedFrame: false
          callee: 0x1135f65a0
          returnPC: 0x50ce61227e99
          callerFrame: 0x7ffee8285770
          rawLocationBits: 4 0x4
          codeBlock: 0x1135bd0a0 #BU6Zcd:[0x1135bd0a0->0x1135bc260->0x1135e5180, DFGFunctionCall, 112 (DidTryToEnterInLoop)]
            hasCodeOrigins: true
            callSiteIndex: 4 of 12
            jitCode: 0x113004000 start 0x50ce61212c60 end 0x50ce61214960
            line: 26
            column: 22
          EntryFrame: 0x7ffee8285860
        }
        [2] frame 0x7ffee8285770 {
          name:
          sourceURL: date-format-xparb.js
          isInlinedFrame: false
          callee: 0x1135f64e0
          returnPC: 0x108058eb1
          callerFrame: 0x7ffee82857e0
          rawLocationBits: 1001 0x3e9
          codeBlock: 0x1135bc130 #DAS9xe:[0x1135bc130->0x1135e5100, BaselineFunctionCall, 1149]
            bc#1001 of 1149
            line: 417
            column: 38
          EntryFrame: 0x7ffee8285860
        }
        [3] frame 0x7ffee82857e0 {
          name: global code
          sourceURL: date-format-xparb.js
          isInlinedFrame: false
          callee: 0x1130f97b8
          returnPC: 0x108039043
          callerFrame: 0x0
          rawLocationBits: 23 0x17
          codeBlock: 0x1135bc000 <global>#CukXvt:[0x1135bc000->0x1130cd768, LLIntGlobal, 81]
            bc#23 of 81
            line: 425
            column: 3
          EntryFrame: 0x7ffee8285860
        }

    ASSERTION FAILED: expectDoesGC()

The error message now comes with the node index, NodeType, codeBlock which this
failure was found in, and the JS call stack that led to the failure.

Changes made:

1. Introduced a DoesGCCheck value that is used to encode some of the above data.

   Previously, we only recorded whether doesGC() returns true or false for the
   Node.  Now, we record the nodeIndex and nodeOp as well.

   Note that we also set DoesGC expectations for OSR exits.  So, DoesGCCheck
   includes Special cases for those.

2. Added store64(TrustedImm64 imm, const void* address) emitters for X86_64 and ARM64.
   Also added a test for this new emitter in testmasm.

* CMakeLists.txt:
* JavaScriptCore.xcodeproj/project.pbxproj:
* Sources.txt:
* assembler/MacroAssemblerARM64.h:
(JSC::MacroAssemblerARM64::store64):
* assembler/MacroAssemblerX86_64.h:
(JSC::MacroAssemblerX86_64::store64):
* assembler/testmasm.cpp:
(JSC::testStore64Imm64AddressPointer):
(JSC::run):
* dfg/DFGDoesGCCheck.cpp: Added.
(JSC::DFG::DoesGCCheck::verifyCanGC):
* dfg/DFGDoesGCCheck.h: Added.
(JSC::DFG::DoesGCCheck::DoesGCCheck):
(JSC::DFG::DoesGCCheck::encode):
(JSC::DFG::DoesGCCheck::set):
(JSC::DFG::DoesGCCheck::expectDoesGC):
(JSC::DFG::DoesGCCheck::special):
(JSC::DFG::DoesGCCheck::nodeIndex):
(JSC::DFG::DoesGCCheck::nodeOp):
(JSC::DFG::DoesGCCheck::isSpecial):
(JSC::DFG::DoesGCCheck::specialIndex):
(JSC::DFG::DoesGCCheck::bits):
* dfg/DFGGraph.cpp:
* dfg/DFGOSRExit.cpp:
(JSC::DFG::operationCompileOSRExit):
(JSC::DFG::OSRExit::compileExit):
* dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileNode):
* ftl/FTLOSRExitCompiler.cpp:
(JSC::FTL::compileStub):
(JSC::FTL::operationCompileFTLOSRExit):
* heap/CompleteSubspace.cpp:
(JSC::CompleteSubspace::tryAllocateSlow):
(JSC::CompleteSubspace::reallocatePreciseAllocationNonVirtual):
* heap/CompleteSubspaceInlines.h:
(JSC::CompleteSubspace::allocateNonVirtual):
* heap/DeferGC.h:
(JSC::DeferGC::~DeferGC):
* heap/GCDeferralContextInlines.h:
(JSC::GCDeferralContext::~GCDeferralContext):
* heap/Heap.cpp:
(JSC::Heap::collectNow):
(JSC::Heap::collectAsync):
(JSC::Heap::collectSync):
(JSC::Heap::stopIfNecessarySlow):
(JSC::Heap::collectIfNecessaryOrDefer):
* heap/Heap.h:
(JSC::Heap::addressOfDoesGC):
(JSC::Heap::setDoesGCExpectation):
(JSC::Heap::verifyCanGC):
(JSC::Heap::expectDoesGC const): Deleted.
(JSC::Heap::setExpectDoesGC): Deleted.
(JSC::Heap::addressOfExpectDoesGC): Deleted.
* heap/HeapInlines.h:
(JSC::Heap::acquireAccess):
(JSC::Heap::stopIfNecessary):
* heap/LocalAllocatorInlines.h:
(JSC::LocalAllocator::allocate):
* heap/PreciseAllocation.cpp:
(JSC::PreciseAllocation::tryCreate):
(JSC::PreciseAllocation::createForLowerTier):
* runtime/JSString.h:
(JSC::jsSingleCharacterString):
(JSC::JSString::toAtomString const):
(JSC::JSString::toExistingAtomString const):
(JSC::JSString::value const):
(JSC::JSString::tryGetValue const):
(JSC::JSRopeString::unsafeView const):
(JSC::JSRopeString::viewWithUnderlyingString const):
(JSC::JSString::unsafeView const):
* runtime/RegExpMatchesArray.h:
(JSC::createRegExpMatchesArray):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262475 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoChange ANGLE's header postprocessing script to not rely on timestamps
krollin@apple.com [Wed, 3 Jun 2020 03:59:46 +0000 (03:59 +0000)]
Change ANGLE's header postprocessing script to not rely on timestamps
https://bugs.webkit.org/show_bug.cgi?id=212623
<rdar://problem/63856997>

Reviewed by David Kilzer.
Reviewed by Kennneth Russell.

Some WebKit builds involve multiple passes, where each pass is a
superset of the previous pass. In the cases where each pass produces
the same files, it is required that files be produced in exactly the
same way in each of those passes. A build process that relies on a
file containing a timestamp trips up that prerequisite.

adjust-angle-include-paths.sh uses such a mechanism, using a timestamp
file to determine if any exported headers need to be post-processed.
Since this violates our prerequisite, we need a different approach.
Instead of using a timestamp, always perform the post-processing, but
write the output to a temporary location. Then see if it differs from
what's in the actual final destination. If the two files diff, then
copy the one from the temporary location to the final destination.

This approach does cause more work in the area of post-processing.
However, this post-processing is actually very cheap. And avoiding the
post-processing is not actually the original goal of the timestamp.
The actual goal is to avoid touching the modification dates of the
exported headers, which would then cause a lot of downstream
rebuilding. The new approach with the temporary files also achieves
that goal.

* CMakeLists.txt:
* adjust-angle-include-paths.sh:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262474 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[iOS] fast/events/touch/ios/content-observation/opacity-change-happens-on-touchstart...
zalan@apple.com [Wed, 3 Jun 2020 03:48:52 +0000 (03:48 +0000)]
[iOS] fast/events/touch/ios/content-observation/opacity-change-happens-on-touchstart-with-transition2.html is a flaky failure
https://bugs.webkit.org/show_bug.cgi?id=212660
<rdar://problem/61948534>

Reviewed by Simon Fraser.

When the device is busy and the transition gets delayed, the opacity change could miss the content observation window.
Forcing synchronous style change makes is less flaky.

* fast/events/touch/ios/content-observation/opacity-change-happens-on-touchstart-with-transition2.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262473 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoFollowup to r262438
simon.fraser@apple.com [Wed, 3 Jun 2020 03:01:14 +0000 (03:01 +0000)]
Followup to r262438

Remove scrollingcoordinator/mac/latching/horizontal-overflow-back-swipe.html from TestExpectations
now that it should no longer be flaky.

* platform/mac/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262472 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoAdd a helper method to populate a DataTransfer before dispatching a "dragstart" event
wenson_hsieh@apple.com [Wed, 3 Jun 2020 01:50:46 +0000 (01:50 +0000)]
Add a helper method to populate a DataTransfer before dispatching a "dragstart" event
https://bugs.webkit.org/show_bug.cgi?id=212614
Work towards <rdar://problem/61368402>

Reviewed by Tim Horton.

Add a helper method in DragController to pre-populate the StaticPasteboard-backed DataTransfer before
dispatching the "dragstart" event. There should be no change in behavior yet, since StaticPasteboard doesn't
implement methods for writing data to the pasteboard, which this new method uses.

* page/DragController.cpp:
(WebCore::DragController::prepareForDragStart const):
(WebCore::DragController::hitTestResultForDragStart const):
(WebCore::DragController::startDrag):
* page/DragController.h:
* page/EventHandler.cpp:
(WebCore::EventHandler::dispatchDragStartEventOnSourceElement):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262469 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoLayout test failures: media/video-create-with-user-gesture.html and media/video-restr...
peng.liu6@apple.com [Wed, 3 Jun 2020 01:38:28 +0000 (01:38 +0000)]
Layout test failures: media/video-create-with-user-gesture.html and media/video-restricted-no-preload-auto.html
https://bugs.webkit.org/show_bug.cgi?id=212666

Reviewed by Eric Carlson.

Set event handlers before set the video source.

* media/video-create-with-user-gesture.html:
* media/video-restricted-no-preload-auto-expected.txt:
* media/video-restricted-no-preload-auto.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262468 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoVMInspector APIs should be taking a VM* instead of a JSGlobalObject*.
mark.lam@apple.com [Wed, 3 Jun 2020 01:25:32 +0000 (01:25 +0000)]
VMInspector APIs should be taking a VM* instead of a JSGlobalObject*.
https://bugs.webkit.org/show_bug.cgi?id=212676

Reviewed by Saam Barati and Robin Morisset.

This because:
1. None of the functions currently taking a JSGlobalObject* actually need the
   globalObject.  All of them need the VM.
2. The role of the VMInspector is to enable inspection of the VM.  By requiring
   that it be passed a JSGlobalObject*, we were actually preventing the VMInspector
   from being used in code that have a VM to inspect but don't have a JSGlobalObject
   to use.

The reason I'm choosing to pass VM* instead of VM& is because it makes these
functions trivial to call using lldb interactively.  The VMInspector functions
are also intentionally designed so that they can be used for this purpose.
On occasion, I may have to cast literal numbers (addresses) to VM*.  Technically,
I could cast a number to VM* and dereference it to get a VM& too.  However, at
present, lldb is often buggy and not always reliable with casts.  I would like to
lessen the chance that lldb fails on me when I'm deep in the middle of a debugging
session, and have a need to call one of these functions.

* tools/JSDollarVM.cpp:
(JSC::functionGC):
(JSC::functionEdenGC):
(JSC::functionCodeBlockForFrame):
(JSC::codeBlockFromArg):
(JSC::functionDumpCallFrame):
(JSC::functionDumpStack):
* tools/VMInspector.cpp:
(JSC::VMInspector::currentThreadOwnsJSLock):
(JSC::ensureCurrentThreadOwnsJSLock):
(JSC::VMInspector::gc):
(JSC::VMInspector::edenGC):
(JSC::VMInspector::isValidCodeBlock):
(JSC::VMInspector::codeBlockForFrame):
(JSC::VMInspector::dumpCallFrame):
(JSC::VMInspector::dumpStack):
* tools/VMInspector.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262467 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoREGRESSION[r260844]: [GTK][WPE] Inspector GResource no longer updated after WebInspec...
chris.reid@sony.com [Wed, 3 Jun 2020 00:57:56 +0000 (00:57 +0000)]
REGRESSION[r260844]: [GTK][WPE] Inspector GResource no longer updated after WebInspectorUI file updates
https://bugs.webkit.org/show_bug.cgi?id=212583

Reviewed by Adrian Perez de Castro.

Add a cmake dependency on inspector resource stamp so the Glib
Inspector resources rebuild when the stamp is updated.

* InspectorGResources.cmake:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262466 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoASSERTION FAILED: isCell() under WebCore::JSDOMConstructor seen with webaudio/the...
ryanhaddad@apple.com [Wed, 3 Jun 2020 00:46:58 +0000 (00:46 +0000)]
ASSERTION FAILED: isCell() under WebCore::JSDOMConstructor seen with webaudio/the-audio-api/the-audiocontext-interface/audiocontextoptions.html
https://bugs.webkit.org/show_bug.cgi?id=212650

Unreviewed test gardening.

* platform/ios/TestExpectations: Skip this test on debug since it always asserts.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262465 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoASSERTION FAILED: isCell() under WebCore::JSDOMConstructor seen with webaudio/the...
ryanhaddad@apple.com [Wed, 3 Jun 2020 00:38:49 +0000 (00:38 +0000)]
ASSERTION FAILED: isCell() under WebCore::JSDOMConstructor seen with webaudio/the-audio-api/the-audiocontext-interface/audiocontextoptions.html
https://bugs.webkit.org/show_bug.cgi?id=212650

Unreviewed test gardening.

* platform/mac/TestExpectations: Skip this test on debug since it always asserts.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262464 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoAXIsolatedTree::updateNode should not call nodeForID.
andresg_22@apple.com [Tue, 2 Jun 2020 23:59:24 +0000 (23:59 +0000)]
AXIsolatedTree::updateNode should not call nodeForID.
https://bugs.webkit.org/show_bug.cgi?id=212662

Reviewed by Chris Fleizach.

In isolated tree mode AXIsolatedTree::nodeForID should be called only
on the secondary AX thread. So removing the need to call nodeForID in
updateNode by using AXCoreObject::childrenIDs() instead of retrieving
the isolated node to access its children IDs.

* accessibility/isolatedtree/AXIsolatedTree.cpp:
(WebCore::AXIsolatedTree::updateNode):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262463 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoRevert FEATURES_DEFINES related changes
krollin@apple.com [Tue, 2 Jun 2020 23:52:01 +0000 (23:52 +0000)]
Revert FEATURES_DEFINES related changes
https://bugs.webkit.org/show_bug.cgi?id=212664
<rdar://problem/63893033>

Reviewed by Andy Estes.

Bug 262310, Bug 262311, Bug 262318, and Bug 262331 involve changes to
FEATURE_DEFINES and how the values there relate to those found in the
Platform*.h files. Those changes break XCBuild (by removing the
.xcfilelist related to UnifiedSources and the process for generating
them), and so are being reverted.

.:

* Source/cmake/OptionsFTW.cmake:
* Source/cmake/OptionsMac.cmake:
* Source/cmake/WebKitFeatures.cmake:

Source/JavaScriptCore:

* Configurations/FeatureDefines.xcconfig:

Source/WebCore:

No new tests -- build changes.

* Configurations/FeatureDefines.xcconfig:
* Configurations/GenerateUnifiedSources.xcconfig: Added.
* DerivedSources-input.xcfilelist:
* DerivedSources-output.xcfilelist:
* DerivedSources.make:
* Modules/applepay/ApplePayError.idl:
* Modules/applepay/ApplePayPaymentAuthorizationResult.idl:
* Modules/applepay/ApplePayPaymentContact.idl:
* Modules/applepay/ApplePayPaymentMethodUpdate.idl:
* Modules/applepay/ApplePayRequestBase.idl:
* Modules/applepay/ApplePaySession.idl:
* Modules/applepay/ApplePayShippingContactUpdate.idl:
* Modules/applepay/ApplePayShippingMethodUpdate.idl:
* Modules/applepay/PaymentCoordinatorClient.cpp:
(WebCore::PaymentCoordinatorClient::supportsVersion):
* Modules/applepay/paymentrequest/ApplePayPaymentHandler.cpp:
(WebCore::ApplePayPaymentHandler::computePaymentMethodErrors const):
* Scripts/generate-unified-sources.sh:
* UnifiedSources-output.xcfilelist: Added.
* WebCore.xcodeproj/project.pbxproj:
* accessibility/AccessibilityRenderObject.cpp:
(WebCore::AccessibilityRenderObject::applePayButtonDescription const):
* css/CSSPrimitiveValueMappings.h:
(WebCore::CSSPrimitiveValue::CSSPrimitiveValue):
(WebCore::CSSPrimitiveValue::operator ApplePayButtonType const):
* css/CSSValueKeywords.in:
* css/parser/CSSParserFastPaths.cpp:
(WebCore::CSSParserFastPaths::isValidKeywordPropertyAndValue):
* rendering/RenderThemeCocoa.mm:
(WebCore::toPKPaymentButtonType):
* rendering/style/RenderStyleConstants.cpp:
(WebCore::operator<<):
* rendering/style/RenderStyleConstants.h:

Source/WebCore/PAL:

* Configurations/FeatureDefines.xcconfig:

Source/WebKit:

* Configurations/FeatureDefines.xcconfig:

Source/WebKitLegacy/mac:

* Configurations/FeatureDefines.xcconfig:

Tools:

* Scripts/webkitperl/FeatureList.pm:
* Scripts/webkitpy/generate_xcfilelists_lib/generators.py:
(WebCoreGenerator):
(WebCoreGenerator._get_generate_unified_sources_script):
* TestWebKitAPI/Configurations/FeatureDefines.xcconfig:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262462 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoUnreviewed, reverting r262424.
ryanhaddad@apple.com [Tue, 2 Jun 2020 23:34:11 +0000 (23:34 +0000)]
Unreviewed, reverting r262424.

Caused webkitpy test failure

Reverted changeset:

"Make generated C++ code use modern C++"
https://bugs.webkit.org/show_bug.cgi?id=190714
https://trac.webkit.org/changeset/262424

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262461 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoRevise PVRTC compressed texture validation in ANGLE backend for WebGL
commit-queue@webkit.org [Tue, 2 Jun 2020 23:18:03 +0000 (23:18 +0000)]
Revise PVRTC compressed texture validation in ANGLE backend for WebGL
https://bugs.webkit.org/show_bug.cgi?id=212612

Patch by Kenneth Russell <kbr@chromium.org> on 2020-06-02
Reviewed by Dean Jackson.

Correct the block sizes of PVRTC textures, and incorporate minimum
block sizes for width and height, as required by these formats.

* src/libANGLE/formatutils.cpp:
(gl::BuildInternalFormatInfoMap):
(gl::InternalFormat::computeCompressedImageSize const):
(gl::InternalFormat::getCompressedImageMinBlocks const):
* src/libANGLE/formatutils.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262460 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[ Mojave wk2 Debug ] fast/scrolling/mac/scrollbars/select-overlay-scrollbar-hovered...
lawrence.j@apple.com [Tue, 2 Jun 2020 23:10:26 +0000 (23:10 +0000)]
[ Mojave wk2 Debug ] fast/scrolling/mac/scrollbars/select-overlay-scrollbar-hovered.html is flaky failing and flaky timing out.
https://bugs.webkit.org/show_bug.cgi?id=212667

Unreviewed test gardening.

* platform/mac-wk2/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262459 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[ Mac wk1 Debug ] svg/custom/textPath-insert-path.svg is flaky failing.
lawrence.j@apple.com [Tue, 2 Jun 2020 22:33:46 +0000 (22:33 +0000)]
[ Mac wk1 Debug ] svg/custom/textPath-insert-path.svg is flaky failing.
https://bugs.webkit.org/show_bug.cgi?id=212665

Unreviewed test gardening.

* platform/mac-wk1/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262457 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoStressing webkitSetPresentationMode leads to wrong inline video dimensions
peng.liu6@apple.com [Tue, 2 Jun 2020 22:26:02 +0000 (22:26 +0000)]
Stressing webkitSetPresentationMode leads to wrong inline video dimensions
https://bugs.webkit.org/show_bug.cgi?id=202425

Reviewed by Eric Carlson.

Source/WebCore:

Make the HTMLVideoElement::setFullscreenMode() robust under stress tests
by ignoring a request when the video element is not ready yet.

Manually tested.

* dom/Element.h:
(WebCore::Element::didStopBeingFullscreenElement):
Add a callback to indicate that the element has exited fullscreen.
* dom/FullscreenManager.cpp:
(WebCore::FullscreenManager::didExitFullscreen):
Call Element::didStopBeingFullscreenElement() when the element has exited fullscreen.

* html/HTMLMediaElement.cpp:
(WebCore::HTMLMediaElement::enterFullscreen):
* html/HTMLMediaElement.h:

* html/HTMLVideoElement.cpp:
(WebCore::HTMLVideoElement::webkitDisplayingFullscreen):
This function will return true when a video element is in the process to exit
fullscreen/picture-in-picture until it has completed the process. Therefore, a page
can safely request the video element to enter fullscreen/picture-in-picture when
this function returns false.

(WebCore::HTMLVideoElement::setFullscreenMode):
(WebCore::HTMLVideoElement::didBecomeFullscreenElement):
(WebCore::HTMLVideoElement::didStopBeingFullscreenElement):
(WebCore::HTMLVideoElement::didEnterFullscreen): Deleted.
(WebCore::HTMLVideoElement::didExitFullscreen): Deleted.
* html/HTMLVideoElement.h:
Add a flag m_isChangingPresentationMode. webkitSetPresentationMode() will only
change the presentation mode when the flag is false.

Source/WebKit:

* WebProcess/cocoa/VideoFullscreenManager.mm:
(WebKit::VideoFullscreenManager::didEnterFullscreen):
(WebKit::VideoFullscreenManager::didCleanupFullscreen):

Source/WebKitLegacy/mac:

Move DumpRenderTree's implementation of the mock video presentation mode from WebView
to WebChromeClient and call videoElement.didStopBeingFullscreenElement() when a video
element exits fullscreen.

* WebCoreSupport/WebChromeClient.h:
* WebCoreSupport/WebChromeClient.mm:
(WebChromeClient::setMockVideoPresentationModeEnabled):
(WebChromeClient::enterVideoFullscreenForVideoElement):
(WebChromeClient::exitVideoFullscreenForVideoElement):
(WebChromeClient::exitVideoFullscreenToModeWithoutAnimation):
* WebView/WebView.mm:
(-[WebView _enterVideoFullscreenForVideoElement:mode:]):
(-[WebView _exitVideoFullscreen]):
(-[WebView _setMockVideoPresentationModeEnabled:]): Deleted.
* WebView/WebViewData.h:
* WebView/WebViewInternal.h:

Tools:

* TestWebKitAPI/Tests/WebKitCocoa/WKWebViewCloseAllMediaPresentations.mm:
(TEST):

LayoutTests:

Enable the mock video presentation mode in WebKitTestRunner and
only request a video element to enter/exit fullscreen/picture-in-picture when
the element is ready to do so (by checking the attribute webkitDisplayingFullscreen).

* media/modern-media-controls/placard-support/placard-support-pip-expected.txt:
* media/modern-media-controls/placard-support/placard-support-pip.html:
* media/presentationmodechanged-fired-once-expected.txt:
* media/presentationmodechanged-fired-once.html:
* media/video-presentation-mode-expected.txt:
* media/video-presentation-mode.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262456 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoAssert network process is not suspended when trying to merge new ITP data
katherine_cheney@apple.com [Tue, 2 Jun 2020 22:13:07 +0000 (22:13 +0000)]
Assert network process is not suspended when trying to merge new ITP data
https://bugs.webkit.org/show_bug.cgi?id=212663
<rdar://problem/63892899>

Reviewed by Chris Dumez.

Add a debug assert to check if statistics are being merged into the
ITP database after prepareToSuspend() has been called. If this assert
is hit, it means the ITP database thread is not being stopped when
the process is suspended.

* NetworkProcess/Classifier/WebResourceLoadStatisticsStore.cpp:
(WebKit::WebResourceLoadStatisticsStore::resourceLoadStatisticsUpdated):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262455 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[ macOS ] scrollingcoordinator/mac/latching/horizontal-overflow-back-swipe.html is...
simon.fraser@apple.com [Tue, 2 Jun 2020 20:44:06 +0000 (20:44 +0000)]
[ macOS ] scrollingcoordinator/mac/latching/horizontal-overflow-back-swipe.html is flaky timing out
https://bugs.webkit.org/show_bug.cgi?id=210351
<rdar://problem/61601464>

Reviewed by Tim Horton.

Try to deflake this test. It timed out when all the wheel events were received in the UI process
before the ViewGestureController had received a response from the web process about whether the
first event had been handled. Fix by adding a rAF() wait in the middle of sending the events.

Also register the swipe callback before starting the event sending.

* scrollingcoordinator/mac/latching/horizontal-overflow-back-swipe.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262438 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoAdd ENABLE(WHEEL_EVENT_REGIONS), enabled on macOS which is the only platform that...
simon.fraser@apple.com [Tue, 2 Jun 2020 20:17:13 +0000 (20:17 +0000)]
Add ENABLE(WHEEL_EVENT_REGIONS), enabled on macOS which is the only platform that needs wheel event regions for scrolling thread hit-testing
https://bugs.webkit.org/show_bug.cgi?id=212620

Reviewed by Tim Horton.

Surround code related to wheel event regions with ENABLE(WHEEL_EVENT_REGIONS).

Eventually we'll use this same code for touch event regions, and when we do, we
can rejigger the #ifdefs.

Source/WebCore:

* rendering/EventRegion.cpp:
(WebCore::EventRegion::operator== const):
(WebCore::EventRegion::unite):
(WebCore::EventRegion::containsEditableElementsInRect const):
(WebCore::EventRegion::dump const):
* rendering/EventRegion.h:
* rendering/RenderLayerBacking.cpp:
(WebCore::RenderLayerBacking::paintDebugOverlays):

Source/WTF:

* wtf/PlatformEnable.h:
* wtf/PlatformEnableCocoa.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262437 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoREGRESSION(r261387): Introduced sandbox violations
pvollan@apple.com [Tue, 2 Jun 2020 20:04:00 +0000 (20:04 +0000)]
REGRESSION(r261387): Introduced sandbox violations
https://bugs.webkit.org/show_bug.cgi?id=212634

Reviewed by Darin Adler.

Source/WebCore/PAL:

Declare Launch Services class.

* pal/spi/cocoa/LaunchServicesSPI.h:

Source/WebKit:

The change set r261387 introduced some new mach lookup sandbox violations, when attempting to close Launch Services connections that were not open.
Fix this by only attempting to close open connections, and do it while holding the extension to the database mapping service.

No new tests, since this patch is fixing benign sandbox violations.

* WebProcess/cocoa/WebProcessCocoa.mm:
(WebKit::WebProcess::platformInitializeWebProcess):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262435 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoChange Gigacage::Config to use storage in WebConfig::g_config instead of its own.
mark.lam@apple.com [Tue, 2 Jun 2020 19:43:17 +0000 (19:43 +0000)]
Change Gigacage::Config to use storage in WebConfig::g_config instead of its own.
https://bugs.webkit.org/show_bug.cgi?id=212585
<rdar://problem/63812487>

Reviewed by Yusuke Suzuki.

Source/bmalloc:

1. Gigacage::Config now reserves and expect space to be available in an external
   WebConfig::g_config buffer.  Gigacage does not allocate that buffer.

2. Moved Gigacage::Config to GigacageConfig.h.
   This allows WTFConfig.h to include GigacageConfig.h instead of all of Gigacage.h.

3. Moved Gigacage::Kind to GigacageKind.h.
   Otherwise, Gigacage::Kind would need to move to GigacageConfig.h which is a
   weird place to put it.

4. Removed freezeGigacageConfig(), unfreezeGigacageConfig(), and
   permanentlyFreezeGigacageConfig().

   It is no longer possible to temporarily freeze and unfreeze the Gigacage::Config
   because it now share the same memory page with higher level Configs.

   permanentlyFreezeGigacageConfig() is no longer needed because it is subsumed
   by WTF::Config::permanentlyFreeze(), which will freeze the entire WebConfig::g_config
   buffer.

   One difference in behavior here is that Gigacage::Config data used to be permanently
   frozen as soon as forbidDisablingPrimitiveGigacage() is called.  Now, it isn't
   permanently frozen until the end of the construction of the first JSC::VM instance
   in the process (just like the other Config records).  This still guarantees that
   it is frozen before any JS script can run.

5. Previously, disablePrimitiveGigacage() works by nullifying the Primitive gigacage
   base pointer.  We can no longer do that because the base pointer will be frozen
   on VM instantiation.  Instead, if not forbidden, we now disable the Primitive
   gigacage by setting a disablePrimitiveGigacageRequested bool variable that is
   not frozen in the Gigacage::Config.

   To check if the Primitive gigacage is enabled, the LLInt, AssemblyHelpers::cageConditionally(),
   and runtime functions will check the following conditions:

       g_gigacageConfig.basePtr(Primitive) &&
           (disablingPrimitiveGigacageIsForbidden() || disableNotRequestedForPrimitiveGigacage())

       The base pointer being null means the gigacage was never set up.

       If disablingPrimitiveGigacageIsForbidden() is true, then we don't care
       whether a disable request has been received.

       Otherwise, the gigacage is only enabled if it has been set up, and a
       disable request has not been received.

       Note that the first 2 terms are frozen in the Gigacage::Config.  Only the
       last term is a runtime variable.  If disabling is forbidden, then the
       runtime variable never comes into play.

   The FTL does not rely on a runtime check for whether the Primitive gigacage is
   enabled or not.  Instead, it relies on a watchpoint to handle this.  So, it
   just works, and there's no performance penalty with adding the 2 extra terms
   to check.

   Note also that the jsc shell and the WebProcess will forbid disabling of the
   Primitive gigacage.  This means the AssemblyHelpers::cageConditionally() will
   also not generate the runtime checks for the 2 extra terms.

   Only the LLInt and runtime functions will have to do work to check the 2 extra
   terms.  But because these are not in perf critical paths, this is ok.

   Note that we're deliberately gating the disablePrimitiveGigacageRequested
   variable check on disablingPrimitiveGigacageIsForbidden though, logically, the
   isEnable check does not really depend on whether disabling is forbidden or not.
   We do this because disablingPrimitiveGigacageIsForbidden is frozen in the Config,
   and it is, therefore, a stronger guarantee of correctness whereas the variable
   can be corrupted.

6. Replaced isDisablingPrimitiveGigacageForbidden(), canPrimitiveGigacageBeDisabled(),
   and isPrimitiveGigacagePermanentlyEnabled() with disablingPrimitiveGigacageIsForbidden().

* CMakeLists.txt:
* bmalloc.xcodeproj/project.pbxproj:
* bmalloc/Gigacage.cpp:
(Gigacage::ensureGigacage):
(Gigacage::disablePrimitiveGigacage):
(Gigacage::forbidDisablingPrimitiveGigacage):
(Gigacage::bmalloc::freezeGigacageConfig): Deleted.
(Gigacage::bmalloc::unfreezeGigacageConfig): Deleted.
(Gigacage::bmalloc::permanentlyFreezeGigacageConfig): Deleted.
(Gigacage::bmalloc::UnfreezeGigacageConfigScope::UnfreezeGigacageConfigScope): Deleted.
(Gigacage::bmalloc::UnfreezeGigacageConfigScope::~UnfreezeGigacageConfigScope): Deleted.
(Gigacage::isDisablingPrimitiveGigacageForbidden): Deleted.
* bmalloc/Gigacage.h:
(Gigacage::disablingPrimitiveGigacageIsForbidden):
(Gigacage::disableNotRequestedForPrimitiveGigacage):
(Gigacage::isEnabled):
(Gigacage::basePtr):
(Gigacage::caged):
(Gigacage::forbidDisablingPrimitiveGigacage):
(): Deleted.
(Gigacage::Config::basePtr const): Deleted.
(Gigacage::Config::setBasePtr): Deleted.
(Gigacage::isPrimitiveGigacagePermanentlyEnabled): Deleted.
(Gigacage::canPrimitiveGigacageBeDisabled): Deleted.
* bmalloc/GigacageConfig.h: Added.
(Gigacage::Config::basePtr const):
(Gigacage::Config::setBasePtr):
* bmalloc/GigacageKind.h: Added.
* bmalloc/Heap.cpp:
(bmalloc::Heap::usingGigacage):
* bmalloc/mbmalloc.cpp:

Source/JavaScriptCore:

* assembler/testmasm.cpp:
(JSC::testCagePreservesPACFailureBit):
* dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::cageTypedArrayStorage):
* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::caged):
* jit/AssemblyHelpers.h:
(JSC::AssemblyHelpers::cageConditionally):
* llint/LowLevelInterpreter64.asm:
* runtime/JSCConfig.h:
(JSC::Config::isPermanentlyFrozen):

Source/WTF:

We now think of the various Config records as being allocated from parts of a
WebConfig::g_config buffer.  WTF::Config will manage the mechanics of freezing
that buffer.  And the JSC VM is still the determiner of if/when to freeze the
buffer, and it will do this at the end of the construction of the very first
VM instance (as before).

Gigacage::Config reserves space in WebConfig::g_config.
WTF::Config will honor that reservation and place itself after that.
JSC::Config will continue to place itself at WTF::Config::spaceForExtensions.

The upside of this approach this is that we can now share the same memory page
for all the Configs, and can freeze them in one go.

The downside is that g_gigacageConfig, g_wtfConfig, and g_jscConfig now have to
be macros.  This results in some weirdness e.g. they are no longer qualified by
namespaces: referring to WTF::g_wtfConfig is now incorrect.

* wtf/Gigacage.h:
(Gigacage::disablingPrimitiveGigacageIsForbidden):
(Gigacage::isDisablingPrimitiveGigacageForbidden): Deleted.
(Gigacage::isPrimitiveGigacagePermanentlyEnabled): Deleted.
(Gigacage::canPrimitiveGigacageBeDisabled): Deleted.
* wtf/WTFConfig.cpp:
(WTF::Config::permanentlyFreeze):
* wtf/WTFConfig.h:
(): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262434 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoAvoid calling axBackingObject multiple times in [WebAccessibilityObjectWrapper roleDe...
andresg_22@apple.com [Tue, 2 Jun 2020 18:43:04 +0000 (18:43 +0000)]
Avoid calling axBackingObject multiple times in [WebAccessibilityObjectWrapper roleDescription].
https://bugs.webkit.org/show_bug.cgi?id=212643

Reviewed by Chris Fleizach.

No new functionality.

Avoid unnecessary overhead of calling axBackingObject multiple times in
roleDescription. axBackingObject is not just a getter but involves
checking whether isolated tree mode is enabled.

* accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
(-[WebAccessibilityObjectWrapper subrole]):
(-[WebAccessibilityObjectWrapper roleDescription]):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262433 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoAllow using web processes for service workers even though they loaded about URLs
youenn@apple.com [Tue, 2 Jun 2020 18:38:26 +0000 (18:38 +0000)]
Allow using web processes for service workers even though they loaded about URLs
https://bugs.webkit.org/show_bug.cgi?id=212464

Reviewed by Chris Dumez.

Source/WebKit:

Before the patch, a web process that loads about:blank will not be able to run service workers.
A web process that is running service workers and is loading an about:blank page will also kill its service workers.
To prevent this, do not take into account about:blank URLs for the computation of the registrable domain of a process.

Covered by API tests.

* UIProcess/WebProcessProxy.cpp:
(WebKit::WebProcessProxy::didStartProvisionalLoadForMainFrame):

Tools:

* TestWebKitAPI/Tests/WebKitCocoa/ServiceWorkerBasic.mm:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262432 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoLanding expectations for tests that were recently imported but did not have them
jacob_uphoff@apple.com [Tue, 2 Jun 2020 18:19:18 +0000 (18:19 +0000)]
Landing expectations for tests that were recently imported but did not have them

Unreviewed test gardening

* platform/ios/imported/w3c/web-platform-tests/dom/events/scrolling/input-text-scroll-event-when-using-arrow-keys-expected.txt: Added.
* platform/ios/imported/w3c/web-platform-tests/dom/events/scrolling/overscroll-deltas-expected.txt: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262431 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoPass nullptr for the 2nd argument of FileReaderLoader
commit-queue@webkit.org [Tue, 2 Jun 2020 18:10:55 +0000 (18:10 +0000)]
Pass nullptr for the 2nd argument of FileReaderLoader
https://bugs.webkit.org/show_bug.cgi?id=212642

Patch by Tetsuharu Ohzeki <tetsuharu.ohzeki@gmail.com> on 2020-06-02
Reviewed by Darin Adler.

Instead of passing `0`, `nullptr` is better
because `FileReaderLoader` takes a pointer.

* fileapi/FileReaderSync.cpp:
(WebCore::FileReaderSync::readAsArrayBuffer):
(WebCore::FileReaderSync::readAsBinaryString):
(WebCore::FileReaderSync::readAsText):
(WebCore::FileReaderSync::readAsDataURL):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262430 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agomacCatalyst: WKWebView's tint color is not propagated to Web Content process
timothy_horton@apple.com [Tue, 2 Jun 2020 17:14:48 +0000 (17:14 +0000)]
macCatalyst: WKWebView's tint color is not propagated to Web Content process
https://bugs.webkit.org/show_bug.cgi?id=212630

Reviewed by Anders Carlsson.

* Shared/WebPageCreationParameters.cpp:
(WebKit::WebPageCreationParameters::encode const):
(WebKit::WebPageCreationParameters::decode):
* Shared/WebPageCreationParameters.h:
* UIProcess/Cocoa/PageClientImplCocoa.h:
* UIProcess/PageClient.h:
* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::creationParameters):
* WebProcess/WebPage/WebPage.cpp:
* WebProcess/WebPage/WebPage.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262429 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoUIColor and NSColor WebCore::Color factories should return invalid colors for nil...
timothy_horton@apple.com [Tue, 2 Jun 2020 17:11:43 +0000 (17:11 +0000)]
UIColor and NSColor WebCore::Color factories should return invalid colors for nil input colors
https://bugs.webkit.org/show_bug.cgi?id=212631

Reviewed by Anders Carlsson.

* platform/graphics/mac/ColorMac.mm:
(WebCore::colorFromNSColor):
(WebCore::semanticColorFromNSColor):
* platform/ios/ColorIOS.mm:
(WebCore::colorFromUIColor):
This doesn't affect any code currently in WebKit, but it is very, very surprising
that these functions happily accept a null color, assert in debug, but in release
do crazy things like try to paint the null color into a small bitmap to figure out
what it really is.

Also, this matches the behavior of the Color constructors that take CGColorRef.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262428 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoREGRESSION (r258949): Dynamic user accent color changes are not respected by WKWebView
timothy_horton@apple.com [Tue, 2 Jun 2020 17:09:18 +0000 (17:09 +0000)]
REGRESSION (r258949): Dynamic user accent color changes are not respected by WKWebView
https://bugs.webkit.org/show_bug.cgi?id=212628
<rdar://problem/63436275>

Reviewed by Per Arne Vollan.

Two issues with the "CFPrefs Direct Mode" mechanism caused dynamic changes to the
user accent color preference to not be respected anymore:

- the default change, when synchronized to the Web Content process, was
written into the wrong domain, because of bug 212627.

- AppKit caches the resolved accent color; the cache is invalidated when the
a CoreUI notification is posted. Since we synchronize preferences ourselves,
the ordering of the default change and notification are no longer guaranteed,
so AppKit sometimes reads and re-caches the old accent color.

* WebProcess/cocoa/WebProcessCocoa.mm:
(WebKit::userAccentColorPreferenceKey):
(WebKit::shouldWriteToAppDomainForPreferenceKey):
(WebKit::WebProcess::notifyPreferencesChanged):
To fix the first problem, write the default into the standardUserDefaults.
This is just a workaround, we need a more general solution to this problem
for all global preferences. We know it's OK in this case, because AppKit
happens to read from standardUserDefaults.

(WebKit::dispatchSimulatedNotificationsForPreferenceChange):
To fix the second problem, re-emit the notification once we have synchronized
the preference to the Web Content process.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262427 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[ iOS wk2 ] animations/play-state-paused.html is flaky failing.
lawrence.j@apple.com [Tue, 2 Jun 2020 17:07:41 +0000 (17:07 +0000)]
[ iOS wk2 ] animations/play-state-paused.html is flaky failing.
https://bugs.webkit.org/show_bug.cgi?id=212641

Unreviewed test gardening.

* platform/ios-wk2/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262426 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoMultiDeleteByOffset should not always def
sbarati@apple.com [Tue, 2 Jun 2020 16:55:15 +0000 (16:55 +0000)]
MultiDeleteByOffset should not always def
https://bugs.webkit.org/show_bug.cgi?id=212621
<rdar://problem/63824182>

Reviewed by Yusuke Suzuki.

JSTests:

* stress/multi-del-by-offset-doesnt-always-def-osr-entry.js: Added.
(foo):
* stress/multi-del-by-offset-doesnt-always-def.js: Added.
(foo):
(let.p.set undefined):

Source/JavaScriptCore:

Clobberize used to claim that MultiDeleteByOffset always defd a value.
That's an incorrect modeling of MultiDeleteByOffset though, since it might
have delete misses in its variant list. This would lead us to incorrectly
CSE when we shouldn't. This patch fixes this by saying MultiDeleteByOffset
only defs when all its cases write out a value (are hits).

* dfg/DFGClobberize.h:
(JSC::DFG::clobberize):
* dfg/DFGNode.cpp:
(JSC::DFG::MultiDeleteByOffsetData::allVariantsStoreEmpty const):
* dfg/DFGNode.h:
* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileMultiDeleteByOffset):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262425 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months agoMake generated C++ code use modern C++
commit-queue@webkit.org [Tue, 2 Jun 2020 16:10:54 +0000 (16:10 +0000)]
Make generated C++ code use modern C++
https://bugs.webkit.org/show_bug.cgi?id=190714

Patch by Rob Buis <rbuis@igalia.com> on 2020-06-02
Reviewed by Sam Weinig.

Source/JavaScriptCore:

Update inspector protocol generator and rebaseline the tests.

* inspector/scripts/codegen/cpp_generator_templates.py:
* inspector/scripts/codegen/generate_cpp_protocol_types_header.py:
* inspector/scripts/tests/expected/commands-with-async-attribute.json-result:
* inspector/scripts/tests/expected/commands-with-optional-call-return-parameters.json-result:
* inspector/scripts/tests/expected/domains-with-varying-command-sizes.json-result:
* inspector/scripts/tests/expected/enum-values.json-result:
* inspector/scripts/tests/expected/events-with-optional-parameters.json-result:
* inspector/scripts/tests/expected/same-type-id-different-domain.json-result:
* inspector/scripts/tests/expected/type-declaration-aliased-primitive-type.json-result:
* inspector/scripts/tests/expected/type-declaration-array-type.json-result:
* inspector/scripts/tests/expected/type-declaration-enum-type.json-result:
* inspector/scripts/tests/expected/type-declaration-object-type.json-result:
* inspector/scripts/tests/expected/type-requiring-runtime-casts.json-result:
* yarr/generateYarrUnicodePropertyTables.py:

Source/WebCore:

Replace typedef usage by alias-declaration.

No new tests. No change in behavior.

* css/makeprop.pl:
* dom/make_names.pl:
(printHeaderHead):
(printInit):
(printTypeHelpersHeaderFile):
(printFactoryCppFile):
(printFactoryHeaderFile):
(printWrapperFactoryCppFile):
(printWrapperFactoryHeaderFile):

Source/WebKit:

Replace typedef usage by alias-declaration.

* Scripts/webkit/messages.py:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262424 268f45cc-cd09-0410-ab3c-d52691b4dbfc

16 months ago[ iOS debug ] REGRESSION(r262254): imported/w3c/web-platform-tests/2dcontext/fill...
jacob_uphoff@apple.com [Tue, 2 Jun 2020 16:05:35 +0000 (16:05 +0000)]
[ iOS debug ] REGRESSION(r262254): imported/w3c/web-platform-tests/2dcontext/fill-and-stroke-styles/canvas_colorsandstyles_createlineargradient_001.htm is a constant timeout
https://bugs.webkit.org/show_bug.cgi?id=212636

Unreviewed test gardening

* platform/ios-wk2/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@262423 268f45cc-cd09-0410-ab3c-d52691b4dbfc