WebKit.git
6 days agoAX: AXIsolatedTree::updateChildren sometimes fails to update isolated subtrees when... master
tyler_w@apple.com [Thu, 23 Jun 2022 16:44:06 +0000 (16:44 +0000)]
AX: AXIsolatedTree::updateChildren sometimes fails to update isolated subtrees when the given live object is ignored
https://bugs.webkit.org/show_bug.cgi?id=241735

Reviewed by Andres Gonzalez.

Our current algorithm in AXIsolatedTree::updateChildren is:

  1. If the object we got an AXChildrenChanged notification
  for is in the isolated tree, update its isolated children

  2. Otherwise, ascend the ancestry to the nearest
  in-isolated-tree ancestor, and update the children of that
  object

This is not always adequate when the object passed to updateChildren
is ignored, as in some cases the ancestor has no children changes
but the subtrees of the ignored object do.

This patch fixes this by also checking the live-children of the ignored
object for any that have unitialized children. If so, we call
AXIsolatedTree::updateChildren on those too.

* Source/WebCore/accessibility/AccessibilityObject.h:
(WebCore::AccessibilityObject::childrenInitialized const):
Move from private to public.
* Source/WebCore/accessibility/isolatedtree/AXIsolatedTree.cpp:
(WebCore::AXIsolatedTree::updateChildren):

link: https://commits.webkit.org/251784@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295779 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 days agoIgnore history items added by JS without user interaction when navigation back/forwar...
cdumez@apple.com [Thu, 23 Jun 2022 16:16:19 +0000 (16:16 +0000)]
Ignore history items added by JS without user interaction when navigation back/forward via the WKWebView API
https://bugs.webkit.org/show_bug.cgi?id=241885
<rdar://94838657>

Reviewed by Geoffrey Garen.

Ignore history items added by JS without user interaction when navigation
back/forward via the WKWebView API. This is a behavior similar to the
intervention made in Chrome (https://bugs.chromium.org/p/chromium/issues/detail?id=907167)
to prevent websites from hijacking the back/forward list.

When an history item is added by JS via history.pushState() and without a user
gesture, we now set a flag on that HistoryItem to remember this. Later on, when
calling [WKWebView goBack] or [WKWebView goForward], we will skip the history
item that have this flag set. This behavior occurs behind a linked-on-after
check to reduce the compatibility risk.

Also, navigations via other means (e.g. via JavaScript) are not impacted and will
ignore this new flag.

* Source/WTF/wtf/cocoa/RuntimeApplicationChecksCocoa.h:
* Source/WebCore/history/HistoryItem.h:
(WebCore::HistoryItem::setWasCreatedByJSWithoutUserInteraction):
(WebCore::HistoryItem::wasCreatedByJSWithoutUserInteraction const):
* Source/WebCore/loader/HistoryController.cpp:
(WebCore::FrameLoader::HistoryController::pushState):
* Source/WebKit/Shared/SessionState.cpp:
(WebKit::PageState::encode const):
(WebKit::PageState::decode):
* Source/WebKit/Shared/SessionState.h:
* Source/WebKit/Shared/WebBackForwardListItem.h:
(WebKit::WebBackForwardListItem::wasCreatedByJSWithoutUserInteraction const):
* Source/WebKit/UIProcess/WebPageProxy.cpp:
(WebKit::itemSkippingBackForwardItemsAddedByJSWithoutUserGesture):
(WebKit::WebPageProxy::goForward):
(WebKit::WebPageProxy::goBack):
* Source/WebKit/WebProcess/WebCoreSupport/SessionStateConversion.cpp:
(WebKit::toBackForwardListItemState):
* Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
* Tools/TestWebKitAPI/Tests/WebKit/WKBackForwardList.mm:
(TEST):
* Tools/TestWebKitAPI/cocoa/TestNavigationDelegate.h:
* Tools/TestWebKitAPI/cocoa/TestNavigationDelegate.mm:
(-[TestNavigationDelegate _webView:navigation:didSameDocumentNavigation:]):
(-[TestNavigationDelegate waitForDidFinishNavigationOrSameDocumentNavigation]):
(-[WKWebView _test_waitForDidFinishNavigationOrSameDocumentNavigation]):

link: https://commits.webkit.org/251783@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295778 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 days ago[Merge-Queue] Commit directly to GitHub
jbedard@apple.com [Thu, 23 Jun 2022 16:14:06 +0000 (16:14 +0000)]
[Merge-Queue] Commit directly to GitHub
https://bugs.webkit.org/show_bug.cgi?id=241899
<rdar://93108587>

Reviewed by Aakash Jain.

* Tools/CISupport/ews-build/factories.py:
(CommitQueueFactory.__init__): Remove git-svn steps.
(MergeQueueFactoryBase.__init__): Ditto.
(MergeQueueFactory.__init__): Update pull-request before pushing commit to main.
(UnsafeMergeQueueFactory.__init__): Ditto.
* Tools/CISupport/ews-build/factories_unittest.py:
(TestExpectedBuildSteps):
* Tools/CISupport/ews-build/steps.py:
(PushCommitToWebKitRepo):
(PushCommitToWebKitRepo.__init__):
(PushCommitToWebKitRepo.start): Push commit to 'origin'.
(PushCommitToWebKitRepo.evaluateCommand): Remove git-svn, replace revision with hash.
Pull requests are updated before landing instead of after.
(PushCommitToWebKitRepo.hash_from_commit_text): Extract hash from git command.
(DetermineLandedIdentifier.evaluateCommand): Use hash instead of revision.
(DetermineLandedIdentifier.url_for_hash_details): Ditto.
(DetermineLandedIdentifier.identifier_for_hash): Ditto.
(DetermineLandedIdentifier.comment_text_for_bug): Use hash instead of revision, use
identifier as the default commit format.
(Canonicalize.run): Delete identifiers.json to ensure canonicalization is correct,
reset the commit and author time.
(PushCommitToWebKitRepo.svn_revision_from_commit_text): Deleted.
(DetermineLandedIdentifier.url_for_revision_details): Deleted.
(DetermineLandedIdentifier.identifier_for_revision): Deleted.
(AddAuthorToCommitMessage): Deleted.
(GitSvnFetch): Deleted.
(ResetGitSvn): Deleted.
(DetermineAuthor): Deleted.
* Tools/CISupport/ews-build/steps_unittest.py:

link: https://commits.webkit.org/251782@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295777 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 days ago[ Mac EWS ] imported/w3c/web-platform-tests/workers/semantics/multiple-workers/004...
commit-queue@webkit.org [Thu, 23 Jun 2022 12:43:18 +0000 (12:43 +0000)]
[ Mac EWS ] imported/w3c/web-platform-tests/workers/semantics/multiple-workers/004.html is a flaky text failure
https://bugs.webkit.org/show_bug.cgi?id=237095
rdar://problem/89367636

Patch by Youenn Fablet <youennf@gmail.com> on 2022-06-23
Reviewed by Chris Dumez.

As per https://html.spec.whatwg.org/multipage/workers.html#concept-WorkerGlobalScope-owner-set,
a WorkerGlobalScope owner set should preserve the insertion order.
imported/w3c/web-platform-tests/workers/semantics/multiple-workers/004.html might be flakky as we sometimes do not run the shared worker synchronously.
In that case, we will send the connect event on the shared worker set.
Before the patch, the shared worker set would not be ordered so it might happen that the first connect event is related to an iframe SharedWorker.
After the patch, we ensure that the first SharedWorker (NetworkProcess being the place where insertion happens) will be the first to trigger the connect event.
This is done by changing the SharedWorker object set from a Map to a ListHashSet.
Covered by added LayoutTests/http/wpt/service-workers/shared-workers/connect-event-ordering.html

* LayoutTests/http/wpt/service-workers/shared-workers: Added.
* LayoutTests/platform/mac-wk2/TestExpectations:
* Source/WebKit/NetworkProcess/SharedWorker/WebSharedWorker.cpp:
* Source/WebKit/NetworkProcess/SharedWorker/WebSharedWorker.h:

link: https://commits.webkit.org/251781@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295776 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 days agoREGRESSION (251257@main): [ macOS wk1 ] fast/replaced/encrypted-pdf-as-object-and...
antti@apple.com [Thu, 23 Jun 2022 12:40:44 +0000 (12:40 +0000)]
REGRESSION (251257@main): [ macOS wk1 ] fast/replaced/encrypted-pdf-as-object-and-embed.html is a flaky crash
https://bugs.webkit.org/show_bug.cgi?id=241879
<rdar://95728601>

Reviewed by Antoine Quint.

* LayoutTests/platform/mac-wk1/TestExpectations:
* Source/WebCore/style/StyleScope.cpp:
(WebCore::Style::Scope::updateQueryContainerState):

Null test the view. It can be null on WK1.

link: https://commits.webkit.org/251780@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295775 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 days ago[GLIB] MediaSessionGlib shows multiple players for a single video
commit-queue@webkit.org [Thu, 23 Jun 2022 11:58:08 +0000 (11:58 +0000)]
[GLIB] MediaSessionGlib shows multiple players for a single video
https://bugs.webkit.org/show_bug.cgi?id=241857

Patch by Philippe Normand <philn@igalia.com> on 2022-06-23
Reviewed by Carlos Garcia Campos.

The MediaSession is now registered on DBus lazily, only if any of its properties changes.

* Source/WebCore/platform/audio/glib/MediaSessionGLib.cpp:
(WebCore::MediaSessionGLib::MediaSessionGLib):
(WebCore::MediaSessionGLib::~MediaSessionGLib):
(WebCore::MediaSessionGLib::ensureMprisSessionRegistered):
(WebCore::MediaSessionGLib::emitPositionChanged):
(WebCore::MediaSessionGLib::emitPropertiesChanged):
* Source/WebCore/platform/audio/glib/MediaSessionGLib.h:

link: https://commits.webkit.org/251779@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295774 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 days agoRTCInboundRtpStreamStats should have a framesDropped property
commit-queue@webkit.org [Thu, 23 Jun 2022 10:01:41 +0000 (10:01 +0000)]
RTCInboundRtpStreamStats  should have a framesDropped property
https://bugs.webkit.org/show_bug.cgi?id=241844
rdar://problem/95669239

Patch by Youenn Fablet <youennf@gmail.com> on 2022-06-23
Reviewed by Eric Carlson.

We should add framesDropped to RTCReceivedRtpStreamStats as per spec but our WebRC backend only supports it in RTCInboundRtpStreamStats.
Let's add this property there since this is used by some applications.

* LayoutTests/imported/w3c/web-platform-tests/webrtc/RTCPeerConnection-mandatory-getStats.https.html:
* LayoutTests/webrtc/video-stats.html:
* Source/WebCore/Modules/mediastream/libwebrtc/LibWebRTCStatsCollector.cpp:
(WebCore::fillReceivedRtpStreamStats):
(WebCore::fillInboundRtpStreamStats):

link: https://commits.webkit.org/251778@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295773 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 days agoUse correct offsets type in multiDrawElements* functions
commit-queue@webkit.org [Thu, 23 Jun 2022 09:56:38 +0000 (09:56 +0000)]
Use correct offsets type in multiDrawElements* functions
https://bugs.webkit.org/show_bug.cgi?id=241802

Patch by Alexey Knyazev <3479527+lexaknyazev@users.noreply.github.com> on 2022-06-23
Reviewed by Kimmo Kinnunen.

The spec defines `offsets` as arrays of GLsizei, not GLint.
Both types are aliases of `int` anyway.

Fixed a typo in multiDrawElementsInstancedWEBGL validation message.

Query for extension support on WebGL 2.0 contexts. No functional
changes implied because WebGL 2.0 is ANGLE-only.

* Source/WebCore/html/canvas/WebGL2RenderingContext.cpp:
(WebCore::WebGL2RenderingContext::getExtension):
* Source/WebCore/html/canvas/WebGLMultiDraw.cpp:
(WebCore::WebGLMultiDraw::multiDrawElementsInstancedWEBGL):
* Source/WebCore/platform/graphics/GraphicsContextGL.h:
* Source/WebCore/platform/graphics/angle/GraphicsContextGLANGLE.cpp:
(WebCore::GraphicsContextGLANGLE::multiDrawElementsANGLE):
(WebCore::GraphicsContextGLANGLE::multiDrawElementsInstancedANGLE):
* Source/WebCore/platform/graphics/angle/GraphicsContextGLANGLE.h:
* Source/WebCore/platform/graphics/opengl/GraphicsContextGLOpenGL.cpp:
(WebCore::GraphicsContextGLOpenGL::multiDrawElementsANGLE):
(WebCore::GraphicsContextGLOpenGL::multiDrawElementsInstancedANGLE):
* Source/WebCore/platform/graphics/opengl/GraphicsContextGLOpenGL.h:
* Source/WebKit/GPUProcess/graphics/RemoteGraphicsContextGL.cpp:
(WebKit::RemoteGraphicsContextGL::multiDrawElementsANGLE):
(WebKit::RemoteGraphicsContextGL::multiDrawElementsInstancedANGLE):
* Source/WebKit/WebProcess/GPU/graphics/RemoteGraphicsContextGLProxy.cpp:
(WebKit::RemoteGraphicsContextGLProxy::multiDrawElementsANGLE):
(WebKit::RemoteGraphicsContextGLProxy::multiDrawElementsInstancedANGLE):
* Source/WebKit/WebProcess/GPU/graphics/RemoteGraphicsContextGLProxy.h:

link: https://commits.webkit.org/251777@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295772 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 days ago[WTF] Use CompactPtr in AtomStringTable if it is more efficient
ysuzuki@apple.com [Thu, 23 Jun 2022 08:23:58 +0000 (08:23 +0000)]
[WTF] Use CompactPtr in AtomStringTable if it is more efficient
https://bugs.webkit.org/show_bug.cgi?id=241883

Reviewed by Darin Adler.

1. We add HashTable support for CompactPtr. Correctly setting up HashTraits and Hashers so that we can have HashSet<CompactPtr<T>>.
2. Use CompactPtr in AtomStringTable if it is more efficient than PackedPtr<StringImpl>. Typically, this means we are in iOS.

* Source/WTF/wtf/CompactPtr.h:
(WTF::CompactPtr::CompactPtr):
(WTF::CompactPtr::encode):
(WTF::CompactPtr::decode):
(WTF::CompactPtr::isHashTableDeletedValue const):
(WTF::CompactPtrTraits::hashTableDeletedValue):
(WTF::CompactPtrTraits::isHashTableDeletedValue):
* Source/WTF/wtf/Forward.h:
* Source/WTF/wtf/HashTraits.h:
(WTF::HashTraits<CompactPtr<P>>::emptyValue):
(WTF::HashTraits<CompactPtr<P>>::isEmptyValue):
(WTF::HashTraits<CompactPtr<P>>::peek):
* Source/WTF/wtf/text/AtomStringImpl.cpp:
(WTF::UCharBufferTranslator::equal):
(WTF::UCharBufferTranslator::translate):
(WTF::HashAndUTF8CharactersTranslator::equal):
(WTF::HashAndUTF8CharactersTranslator::translate):
(WTF::SubstringTranslator::translate):
(WTF::SubstringTranslator8::equal):
(WTF::SubstringTranslator16::equal):
(WTF::LCharBufferTranslator::equal):
(WTF::LCharBufferTranslator::translate):
(WTF::BufferFromStaticDataTranslator::equal):
(WTF::BufferFromStaticDataTranslator::translate):
* Source/WTF/wtf/text/AtomStringTable.h:
* Tools/TestWebKitAPI/Tests/WTF/CompactPtr.cpp:
(TestWebKitAPI::TEST):

link: https://commits.webkit.org/251776@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295771 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 days ago[JSC] Set up wasm stack |this| first
ysuzuki@apple.com [Thu, 23 Jun 2022 07:45:56 +0000 (07:45 +0000)]
[JSC] Set up wasm stack |this| first
https://bugs.webkit.org/show_bug.cgi?id=241907
rdar://problem/94397072

Reviewed by Mark Lam.

We should set up the stack's |thisValue| first.

* Source/JavaScriptCore/wasm/WasmAirIRGenerator.cpp:
(JSC::Wasm::AirIRGenerator::AirIRGenerator):

link: https://commits.webkit.org/251775@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295770 268f45cc-cd09-0410-ab3c-d52691b4dbfc

6 days agoMake sure to close connections in webrtc/datachannel/mdns-ice-candidates.html
commit-queue@webkit.org [Thu, 23 Jun 2022 06:35:37 +0000 (06:35 +0000)]
Make sure to close connections in webrtc/datachannel/mdns-ice-candidates.html
https://bugs.webkit.org/show_bug.cgi?id=241846

Patch by Youenn Fablet <youennf@gmail.com> on 2022-06-22
Reviewed by Eric Carlson.

Make sure to close connections by using await instead of return.
Add some logging to further check the failing test in bots.
Remove some unnecessary code.

* LayoutTests/webrtc/datachannel/mdns-ice-candidates-expected.txt:
* LayoutTests/webrtc/datachannel/mdns-ice-candidates.html:

link: https://commits.webkit.org/251774@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295769 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 days agoPartially revert r295530
pvollan@apple.com [Thu, 23 Jun 2022 03:45:31 +0000 (03:45 +0000)]
Partially revert r295530
https://bugs.webkit.org/show_bug.cgi?id=241900

Unreviewed, partially revert r295530 since the system part is not ready.

* Source/WTF/wtf/PlatformHave.h:

link: https://commits.webkit.org/251773@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295768 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 days agoRenderElement::addLayers should check for dialog content before inserting layers
zalan@apple.com [Thu, 23 Jun 2022 03:22:03 +0000 (03:22 +0000)]
RenderElement::addLayers should check for dialog content before inserting layers
https://bugs.webkit.org/show_bug.cgi?id=241874

Reviewed by Simon Fraser.

addLayers stops (recursive) descending in the render tree soon after it finds a root (R) with layer.
It says that if a subtree root (R) has a layer then all layers in this subtree must have already been inserted into the layer tree at an earlier time.
(it simply assumes that any layer in the subtree is a child of (R), or some other layers in the subtree)

<div id=container>
  <div id=R>
    <div id=child>

The insertion is bottom to top; we attach
1, (child) to (R) first
2, followed by (R) to (container)
addLayers assumes that when (R) is being inserted (#2), we don't have to descend into (R)'s subtree since any renderer's layer that was inserted before (at #1) must have already been parented.

However toplayer/backdrop content is an exception where the parent layer may be outside of the subtree but still accessible. In such cases subsequent insertions (and the recursive nature of finding layer parents) could lead to double parenting where we try to insert the same layer into the layer tree multiple times.

* Source/WebCore/rendering/RenderElement.cpp:
(WebCore::addLayers):
(WebCore::RenderElement::insertedIntoTree):
(WebCore::RenderElement::addLayers): Deleted.
* Source/WebCore/rendering/RenderElement.h:

link: https://commits.webkit.org/251772@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295767 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 days agoChange offlineasm to emit more efficient LLInt code.
mark.lam@apple.com [Thu, 23 Jun 2022 02:56:36 +0000 (02:56 +0000)]
Change offlineasm to emit more efficient LLInt code.
https://bugs.webkit.org/show_bug.cgi?id=241856

Reviewed by Yusuke Suzuki.

1. Ruby treats numeric 0 as truthy.  However, there's a test in arm64LowerMalformedLoadStoreAddresses
   which assumes a value of 0 would be false.  As a result, we see offlineasm emit inefficient LLInt
   code like this:
    ".loc 3 821\n"        "movz x16, #0 \n"                    // LowLevelInterpreter64.asm:821
                          "add x13, x3, x16 \n"
                          "ldr x0, [x13] \n"

  ...  instead of this:
    ".loc 3 821\n"        "ldr x0, [x3] \n"                    // LowLevelInterpreter64.asm:821

   This patch fixes this.

2. offlineasm's emitARM64MoveImmediate chooses to use `movn` instead of `movz` based on whether a
   64-bit value is negative or not.  Instead, it should be making that decision based on the number of
   halfwords (16-bits) in the value that is 0xffff vs 0.  As a result, offlineasm emits code like this:
    ".loc 1 1638\n"       "movn x27, #1, lsl #48 \n"           // LowLevelInterpreter.asm:1638
                          "movk x27, #0, lsl #32 \n"
                          "movk x27, #0, lsl #16 \n"
                          "movk x27, #0 \n"

  ...  instead of this:
    ".loc 1 1638\n"       "movz x27, #65534, lsl #48 \n"       // LowLevelInterpreter.asm:1638

   This patch fixes this.

3. offlineasm is trivially assuming the range of immediate offsets for ldr/str instructions is
   [-255..4095].  However, that's only the range for byte sized load-stores.  For 32-bit, the range
   is actually [-255..16380].  For 64-bit, the range is actually [-255..32760].  As a result,
    offlineasm emits code like this:
    ".loc 1 633\n"        "movn x16, #16383 \n"                // LowLevelInterpreter.asm:633
    ".loc 1 1518\n"       "and x3, x3, x16 \n"                 // LowLevelInterpreter.asm:1518
    ".loc 1 1519\n"       "movz x16, #16088 \n"                // LowLevelInterpreter.asm:1519
                          "add x17, x3, x16 \n"
                          "ldr x3, [x17] \n"

  ...  instead of this:
    ".loc 1 633\n"        "movn x17, #16383 \n"                // LowLevelInterpreter.asm:633
    ".loc 1 1518\n"       "and x3, x3, x17 \n"                 // LowLevelInterpreter.asm:1518
    ".loc 1 1519\n"       "ldr x3, [x3, #16088] \n"            // LowLevelInterpreter.asm:1519

   This patch fixes this for 64-bit and 32-bit load-stores.  16-bit load-stores also has a wider
   range, but for now, it will continue to use the conservative range.

   This patch also introduces an `isMalformedArm64LoadAStoreAddress` so that this range check can be
   done consistently in all the places that checks for it.

4. offlineasm is eagerly emitting no-op arguments in instructions, e.g. "lsl #0", and adding 0.
   As a result, offlineasm emits code like this:
    ".loc 3 220\n"        "movz x13, #51168, lsl #0 \n"        // LowLevelInterpreter64.asm:220
                          "add x17, x1, x13, lsl #0 \n"
                          "ldr w4, [x17, #0] \n"

  ...  instead of this:
    ".loc 3 220\n"        "movz x13, #51168 \n"                // LowLevelInterpreter64.asm:220
                          "add x17, x1, x13 \n"
                          "ldr w4, [x17] \n"

   This unnecessary arguments are actually very common throughout the emitted LLIntAssembly.h.

   This patch removes these unnecessary arguments, which makes the emitted LLInt code more human
   readable due to less clutter.

This patch has passed the testapi and JSC stress tests with a Release build on an M1 Mac.

I also manually verified that the emitARM64MoveImmediate code is working properly by
hacking up LowLevelInterpreter64.asm to emit moves of constants of different values in
the ranges, and for load-store instructions of different sizes, and visually inspecting
the emitted code.

* Source/JavaScriptCore/offlineasm/arm64.rb:

link: https://commits.webkit.org/251771@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295766 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 days agoAdding padding on a horizontal scroller prevents last item from being fully viewable
zalan@apple.com [Thu, 23 Jun 2022 02:54:49 +0000 (02:54 +0000)]
Adding padding on a horizontal scroller prevents last item from being fully viewable
https://bugs.webkit.org/show_bug.cgi?id=236142
<rdar://problem/88495053>

Reviewed by Simon Fraser.

Flex box's padding end should be taken into account when computing scrollable overflow.

* LayoutTests/fast/overflow/flex-box-overflow-with-padding-end-expected.html: Added.
* LayoutTests/fast/overflow/flex-box-overflow-with-padding-end.html: Added.
* Source/WebCore/rendering/RenderBlock.cpp:
(WebCore::RenderBlock::computeOverflow):

css3/flexbox/overflow-and-padding.html: matching Blink.

link: https://commits.webkit.org/251770@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295765 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 days agoNull check parent node in InsertListCommand::unlistifyParagraph
achristensen@apple.com [Thu, 23 Jun 2022 01:48:47 +0000 (01:48 +0000)]
Null check parent node in InsertListCommand::unlistifyParagraph
https://bugs.webkit.org/show_bug.cgi?id=241889

Reviewed by Wenson Hsieh.

* Source/WebCore/editing/InsertListCommand.cpp:
(WebCore::InsertListCommand::doApplyForSingleParagraph):
(WebCore::InsertListCommand::unlistifyParagraph):
* Source/WebCore/editing/InsertListCommand.h:

link: https://commits.webkit.org/251769@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295764 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 days agoUnreviewed, update .github/CODEOWNERS for TestWebKitAPI
ysuzuki@apple.com [Thu, 23 Jun 2022 01:19:42 +0000 (01:19 +0000)]
Unreviewed, update .github/CODEOWNERS for TestWebKitAPI
https://bugs.webkit.org/show_bug.cgi?id=241897

Update .github/CODEOWNERS to more correctly add reviewer requests for TestWebKitAPI.

* .github/CODEOWNERS:

link: https://commits.webkit.org/251768@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295763 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 days ago[Cocoa] Register Alternate WebM Player skeleton
commit-queue@webkit.org [Thu, 23 Jun 2022 01:03:50 +0000 (01:03 +0000)]
[Cocoa] Register Alternate WebM Player skeleton
https://bugs.webkit.org/show_bug.cgi?id=241769
<rdar://95542551>

Patch by Youssef Soliman <youssefdevelops@gmail.com> on 2022-06-22
Reviewed by Eric Carlson.

Added the alternate WebM player skeleton and registered it behind
the internal feature flag.

* Source/WTF/Scripts/Preferences/WebPreferencesInternal.yaml:
* Source/WebCore/PlatformMac.cmake:
* Source/WebCore/SourcesCocoa.txt:
* Source/WebCore/WebCore.xcodeproj/project.pbxproj:
* Source/WebCore/page/RuntimeEnabledFeatures.cpp:
(WebCore::RuntimeEnabledFeatures::setAlternateWebMPlayerEnabled):
* Source/WebCore/page/RuntimeEnabledFeatures.h:
(WebCore::RuntimeEnabledFeatures::alternateWebMPlayerEnabled const):
* Source/WebCore/platform/audio/PlatformMediaSessionManager.cpp:
(WebCore::PlatformMediaSessionManager::setAlternateWebMPlayerEnabled):
(WebCore::PlatformMediaSessionManager::alternateWebMPlayerEnabled):
* Source/WebCore/platform/audio/PlatformMediaSessionManager.h:
* Source/WebCore/platform/graphics/MediaPlayer.cpp:
(WebCore::WTF_REQUIRES_LOCK):
* Source/WebCore/platform/graphics/MediaPlayerEnums.h:
* Source/WebCore/platform/graphics/cocoa/MediaPlayerPrivateWebM.h: Added.
* Source/WebCore/platform/graphics/cocoa/MediaPlayerPrivateWebM.mm: Added.
(WebCore::MediaPlayerPrivateWebM::MediaPlayerPrivateWebM):
(WebCore::MediaPlayerPrivateWebM::~MediaPlayerPrivateWebM):
(WebCore::mimeTypeCache):
(WebCore::MediaPlayerPrivateWebM::getSupportedTypes):
(WebCore::MediaPlayerPrivateWebM::supportsType):
(WebCore::MediaPlayerPrivateWebM::load):
(WebCore::MediaPlayerPrivateWebM::cancelLoad):
(WebCore::MediaPlayerPrivateWebM::platformLayer const):
(WebCore::MediaPlayerPrivateWebM::play):
(WebCore::MediaPlayerPrivateWebM::pause):
(WebCore::MediaPlayerPrivateWebM::setPageIsVisible):
(WebCore::MediaPlayerPrivateWebM::currentMediaTime const):
(WebCore::MediaPlayerPrivateWebM::buffered const):
(WebCore::MediaPlayerPrivateWebM::didLoadingProgress const):
(WebCore::MediaPlayerPrivateWebM::logChannel const):
(WebCore::MediaPlayerPrivateWebM::registerMediaEngine):

Changes were done to the GPUProcessPreferences object to consolidate
all changes when adding a new feature to just one file.

* Source/WebKit/GPUProcess/GPUProcess.cpp:
(WebKit::GPUProcess::updateGPUProcessPreferences):
* Source/WebKit/GPUProcess/GPUProcessPreferences.cpp:
(WebKit::GPUProcessPreferences::GPUProcessPreferences):
(WebKit::GPUProcessPreferences::copyEnabledWebPreferences):
(WebKit::GPUProcessPreferences::encode const):
(WebKit::GPUProcessPreferences::decode):
* Source/WebKit/GPUProcess/GPUProcessPreferences.h:
* Source/WebKit/UIProcess/GPU/GPUProcessProxy.cpp:
(WebKit::GPUProcessProxy::updatePreferences):
* Source/WebKit/WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::updatePreferences):
* Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm:
(WebKit::WebProcess::platformInitializeWebProcess):

link: https://commits.webkit.org/251767@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295762 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 days agogit-webkit land should apply the merge-queue label
jbedard@apple.com [Thu, 23 Jun 2022 01:02:14 +0000 (01:02 +0000)]
git-webkit land should apply the merge-queue label
https://bugs.webkit.org/show_bug.cgi?id=240308
<rdar://problem/93501363>

Reviewed by Ryan Haddad.

* Tools/Scripts/libraries/webkitcorepy/setup.py: Bump version.
* Tools/Scripts/libraries/webkitcorepy/webkitcorepy/__init__.py: Ditto.
* Tools/Scripts/libraries/webkitcorepy/webkitcorepy/arguments.py:
(NoAction.__call__): Support --un along with --no- to invert option.
* Tools/Scripts/libraries/webkitscmpy/setup.py: Bump version.
* Tools/Scripts/libraries/webkitscmpy/webkitscmpy/__init__.py: Ditto.
* Tools/Scripts/libraries/webkitscmpy/webkitscmpy/program/land.py:
(Land.parser): Invoke PullRequest's parser.
(Land.merge_queue): Update (or create) pull-request and add merge-queue label to.
(Land.main): Support PullRequest options including automatic commit creation, squashing and PR creation.
* Tools/Scripts/libraries/webkitscmpy/webkitscmpy/program/pull_request.py:
(PullRequest): Add merge-queue and unsafe-merge-queue labels.
(PullRequest.parser): Add --no-squash option.
(PullRequest.create_pull_request): Remove merge-queue labels, allow caller to specify a callback.
(PullRequest.main): Create commit even when squashing.
* Tools/Scripts/libraries/webkitscmpy/webkitscmpy/test/land_unittest.py:
(repository):
(TestLand.test_with_oops):
(TestLand.test_default):
(TestLand.test_canonicalize):
(TestLand.test_svn):
(TestLand.test_default_with_radar):
(TestLand.test_canonicalize_with_bugzilla):
(TestLand.test_svn_with_bugzilla):
(TestLandGitHub.webserver):
(TestLandGitHub):
* Tools/Scripts/libraries/webkitscmpy/webkitscmpy/test/pull_request_unittest.py:
* Tools/Scripts/libraries/webkitscmpy/webkitscmpy/test/revert_unittest.py:
(test_update):
* Tools/Scripts/libraries/webkitscmpy/webkitscmpy/test/squash_unittest.py:
(TestSquash.test_github_with_previous_history):
(TestSquash.test_github_without_previous_history):

link: https://commits.webkit.org/251766@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295761 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 days ago[PlayStation] Turn on WebP support
don.olmstead@sony.com [Thu, 23 Jun 2022 00:51:40 +0000 (00:51 +0000)]
[PlayStation] Turn on WebP support
https://bugs.webkit.org/show_bug.cgi?id=241887

Reviewed by Ross Kirsling.

Turn USE_WEBP to ON. Load WebP as a shared library if applicable.

* Source/WebKit/WebProcess/EntryPoint/playstation/WebProcessMain.cpp:
* Source/cmake/OptionsPlayStation.cmake:
* Tools/MiniBrowser/playstation/main.cpp:
* Tools/TestWebKitAPI/playstation/main.cpp:

link: https://commits.webkit.org/251765@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295760 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 days agoAdd mach_port_get_refs to the iOS WebContent sandbox on older iOS versions.
mattwoodrow@apple.com [Thu, 23 Jun 2022 00:49:20 +0000 (00:49 +0000)]
Add mach_port_get_refs to the iOS WebContent sandbox on older iOS versions.
https://bugs.webkit.org/show_bug.cgi?id=241882

Reviewed by Per Arne Vollan.

* Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in:

link: https://commits.webkit.org/251764@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295759 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 days agoChange contributor status of Dan Glastonbury to committer
commit-queue@webkit.org [Thu, 23 Jun 2022 00:16:29 +0000 (00:16 +0000)]
Change contributor status of Dan Glastonbury to committer

Patch by Dan Glastonbury <djg@apple.com> on 2022-06-22
Unreviewed change.

* metadata/contributors.json:

link: https://commits.webkit.org/251763@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295758 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 days agoMute capture when disconnected from hardware console
eric.carlson@apple.com [Thu, 23 Jun 2022 00:05:18 +0000 (00:05 +0000)]
Mute capture when disconnected from hardware console
rdar://87794804

Reviewed by Brent Fulgham

* Source/WebCore/PAL/pal/spi/cg/CoreGraphicsSPI.h
* Source/WebCore/page/ActivityState.cpp
* Source/WebCore/page/ActivityState.h
* Source/WebKit/UIProcess/API/Cocoa/WKWebViewPrivateForTesting.h
* Source/WebKit/UIProcess/API/Cocoa/WKWebViewTesting.mm
* Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm
* Source/WebKit/UIProcess/Cocoa/WebProcessProxyCocoa.mm
* Source/WebKit/UIProcess/WebPageProxy.cpp
* Source/WebKit/UIProcess/WebPageProxy.h
* Source/WebKit/UIProcess/WebProcessPool.h
* Source/WebKit/UIProcess/WebProcessProxy.h
* Source/WebKit/UIProcess/mac/WindowServerConnection.h
* Source/WebKit/UIProcess/mac/WindowServerConnection.mm
* Tools/TestWebKitAPI/Tests/WebKit/GetUserMedia.mm

link: https://commits.webkit.org/251761@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295757 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 days agoImplement painting for MSE videos using -[AVSampleBufferDisplayLayer copyDisplayedPix...
wenson_hsieh@apple.com [Thu, 23 Jun 2022 00:04:40 +0000 (00:04 +0000)]
Implement painting for MSE videos using -[AVSampleBufferDisplayLayer copyDisplayedPixelBuffer]
https://bugs.webkit.org/show_bug.cgi?id=241788
rdar://94325004

Reviewed by Eric Carlson.

In r292811, we enabled MSE inline painting on iOS 16 and macOS Ventura; this was intentionally
limited to these versions, since CoreMedia made refinements in these OS versions to prune the
`AVSampleBufferVideoOutput` queue more frequently, in order to avoid a large increase in memory use
while playing MSE videos, due to accumulating excess video output frame data. However, this more
frequent pruning interval has led to significantly increased power use when playing MSE video, due
to the extra work done every time the pruning timer fires.

To ensure that Live Text in MSE video and MSE to canvas painting still work in iOS 16 and macOS
Ventura, we instead adopt new AVFoundation SPI that allows us to ask `AVSampleBufferDisplayLayer`
directly for the currently displayed pixel buffer. As opposed to the `AVSampleBufferVideoOutput`-
based approach, this will only kick in if MSE video inline painting is actually requested (either by
the page, or from within the engine, in the case of Live Text), which avoids both increased memory
use and power use.

On versions of macOS and iOS that don't have the new SPI, we simply fall back to the
`AVSampleBufferVideoOutput`-based snapshotting approach that we currently use. We also fall back to
using the video output if the display layer is empty, in which case the backing `CAImageQueue` won't
contain _any_ displayed surfaces (which means `-copyDisplayedPixelBuffer` will always end up
returning null). By refactoring logic to create and set `m_videoOutput` out into a helper method
(`updateVideoOutput`) that's invoked after we've finished setting up the sample buffer display
layer, we can transition as needed between setting and unsetting the video output, based on whether
or not the display layer is actually displaying any content.

There should be no change in behavior, apart from less memory and power use due to not spinning up
the `AVSampleBufferVideoOutput` queue whenever we play MSE videos. See below for more details.

* Source/WTF/Scripts/Preferences/WebPreferencesExperimental.yaml:

Gate MSE inline painting on `HAVE(AVSAMPLEBUFFERDISPLAYLAYER_COPYDISPLAYEDPIXELBUFFER)`, instead of
`HAVE(LOW_AV_SAMPLE_BUFFER_PRUNING_INTERVAL)`.

* Source/WTF/wtf/PlatformHave.h:

Add a new feature flag to guard the availability of the new AVFoundation SPI,
`-[AVSampleBufferDisplayLayer copyDisplayedPixelBuffer]`.

* Source/WebCore/PAL/pal/spi/cocoa/AVFoundationSPI.h:

Add a staging declaration for `-copyDisplayedPixelBuffer`, so that we can maintain source
compatibility when building against older versions of the iOS 16 or macOS Ventura SDKs.

* Source/WebCore/html/canvas/WebGLRenderingContextBase.cpp:
(WebCore::WebGLRenderingContextBase::texImageSourceHelper):
* Source/WebCore/platform/graphics/MediaPlayer.cpp:
* Source/WebCore/platform/graphics/MediaPlayer.h:
* Source/WebCore/platform/graphics/MediaPlayerPrivate.h:

Replace more uses of `HAVE(LOW_AV_SAMPLE_BUFFER_PRUNING_INTERVAL)` with the new flag
`HAVE(AVSAMPLEBUFFERDISPLAYLAYER_COPYDISPLAYEDPIXELBUFFER)`, which is now used to guard availability
of MSE inline painting. The purpose of guarding this logic behind
`!HAVE(LOW_AV_SAMPLE_BUFFER_PRUNING_INTERVAL)` in the first place seems to have been to limit the
`willBeAskedToPaintGL()` codepaths to versions of macOS and iOS, where we can't enable MSE inline
painting due to lack of system support. Since "system support" now depends on the availability of
`-copyDisplayedPixelBuffer`, we should change to use that flag instead of one about pruning interval
frequency. This also allows us to remove the `HAVE(LOW_AV_SAMPLE_BUFFER_PRUNING_INTERVAL)` flag
altogether, now that there isn't any code that needs to be guarded by it.

* Source/WebCore/platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
* Source/WebCore/platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
(WebCore::MediaPlayerPrivateMediaSourceAVFObjC::updateLastPixelBuffer):

Adjust this logic to ask `m_sampleBufferDisplayLayer` for a copy of the last displayed pixel buffer,
instead of grabbing it from the video output, if possible.

(WebCore::MediaPlayerPrivateMediaSourceAVFObjC::shouldEnsureLayer const):
(WebCore::MediaPlayerPrivateMediaSourceAVFObjC::acceleratedRenderingStateChanged):
(WebCore::MediaPlayerPrivateMediaSourceAVFObjC::updateVideoOutput):

Factor out logic for creating or destroying the video output into a separate helper method, that's
invoked after updating the display layer.

(WebCore::MediaPlayerPrivateMediaSourceAVFObjC::ensureLayer):
(WebCore::MediaPlayerPrivateMediaSourceAVFObjC::readbackMethod const):

Replace `isVideoOutputAvailable()` with another helper method, that returns a strongly typed enum
indicating which readback method to use. `None` indicates that readback isn't supported,
`CopyPixelBufferFromDisplayLayer` indicates that we'll use the new AVFoundation SPI method, and
`UseVideoOutput` indicates that we'll fall back to `AVSampleBufferVideoOutput`.

(WebCore::MediaPlayerPrivateMediaSourceAVFObjC::isVideoOutputAvailable const): Deleted.
* Source/WebKit/GPUProcess/media/RemoteMediaPlayerProxy.h:
* Source/WebKit/GPUProcess/media/RemoteMediaPlayerProxy.messages.in:
* Source/WebKit/GPUProcess/media/cocoa/RemoteMediaPlayerProxyCocoa.mm:
* Source/WebKit/WebProcess/GPU/media/MediaPlayerPrivateRemote.cpp:
* Source/WebKit/WebProcess/GPU/media/MediaPlayerPrivateRemote.h:

link: https://commits.webkit.org/251761@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295756 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 days agoFix CodeSign error caused by Product Dependencies phase
emw@apple.com [Wed, 22 Jun 2022 23:33:57 +0000 (23:33 +0000)]
Fix CodeSign error caused by Product Dependencies phase
https://bugs.webkit.org/show_bug.cgi?id=241713

Unreviewed build fix.

Product Dependencies phases must be set to the "Products Directory"
destination. Otherwise, they unintentionally embed the dependencies into
their target's build product. This one must have been a default setting
that got overlooked.

* Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:

link: https://commits.webkit.org/251760@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295755 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 days agoBuild is broken: bitwise operation between different enumeration types in ShareableBi...
timothy_horton@apple.com [Wed, 22 Jun 2022 23:01:03 +0000 (23:01 +0000)]
Build is broken: bitwise operation between different enumeration types in ShareableBitmapCG.cpp
https://bugs.webkit.org/show_bug.cgi?id=241876

Unreviewed build fix.

* Source/WebKit/Shared/cg/ShareableBitmapCG.cpp:
(WebKit::bitmapInfo):
Add some casts.

link: https://commits.webkit.org/251759@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295754 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 days ago[Gardening]: REGRESSION (251257@main): [ macOS wk1 ] fast/replaced/encrypted-pdf...
rackler@apple.com [Wed, 22 Jun 2022 22:48:04 +0000 (22:48 +0000)]
[Gardening]: REGRESSION (251257@main): [ macOS wk1 ] fast/replaced/encrypted-pdf-as-object-and-embed.html is a flaky crash
https://bugs.webkit.org/show_bug.cgi?id=241879
<rdar://95728601>

Unreviewed test gardening.

* LayoutTests/platform/mac-wk1/TestExpectations:

link: https://commits.webkit.org/251758@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295753 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 days ago[XCBuild] Fix validation errors caused by copying to symlink framework bundle directories
emw@apple.com [Wed, 22 Jun 2022 22:44:36 +0000 (22:44 +0000)]
[XCBuild] Fix validation errors caused by copying to symlink framework bundle directories

Unreviewed build fix.

Prefix a few destination paths with $(WK_FRAMEWORK_VERSION_PREFIX). The
build system needs to know the real paths these items are copied to for
it to be able to schedule them ahead of tasks which depend on them.

* Source/WebCore/WebCore.xcodeproj/project.pbxproj:
* Source/WebKit/WebKit.xcodeproj/project.pbxproj:
* Source/WebKitLegacy/WebKitLegacy.xcodeproj/project.pbxproj: Remove
  "Copy Mig Files into Private Framework Headers" because it has no
  members. The files were removed in
  https://bugs.webkit.org/show_bug.cgi?id=232462.

link: https://commits.webkit.org/251757@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295752 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 days agoREGRESSION (iOS 16): System controls overlap website controls (affects SquareSpace...
wenson_hsieh@apple.com [Wed, 22 Jun 2022 22:42:57 +0000 (22:42 +0000)]
REGRESSION (iOS 16): System controls overlap website controls (affects SquareSpace, medium.com, and others)
https://bugs.webkit.org/show_bug.cgi?id=241837
rdar://95658478

Reviewed by Aditya Keerthi.

On iOS 16, the callout bar (which is now built on top of `UIEditMenuInteraction`) no longer respects
evasion rects, passed in through the `UIWKInteractionViewProtocol` delegate method
`-requestRectsToEvadeForSelectionCommandsWithCompletionHandler:`. This was previously used to avoid
overlapping interactable controls on the page when presenting the callout bar, which the layout
test `editing/selection/ios/avoid-showing-callout-menu-over-controls.html` exercises.

To fix this, we're adding a replacement SPI in UIKit, allowing WebKit to vend a preferred
`UIEditMenuArrowDirection` which will be consulted when presenting the edit menu interaction in
order to show the callout bar.

For more details, see: rdar://95652872.

* Source/WebKit/UIProcess/ios/WKContentViewInteraction.mm:
(-[WKContentView requestPreferredArrowDirectionForEditMenuWithCompletionHandler:]):

In the case where there are clickable controls above the selection, use `UIEditMenuArrowDirectionUp`
to make the callout bar present _below_ the selection instead of above; otherwise, simply go with
the default behavior, which puts the callout bar above the selection.

(-[WKContentView requestRectsToEvadeForSelectionCommandsWithCompletionHandler:]):

Pull out common logic for requesting a list of rects to evade into a separate internal helper
method, and use this common helper method to implement both the legacy delegate method (which no
longer works on iOS 16), as well as the new delegate method in iOS 16. For now, I opted to still
implement both methods, such that this test will pass on both iOS 15 and iOS 16 (but only with the
changes in rdar://95652872).

(-[WKContentView _requestEvasionRectsAboveSelectionIfNeeded:]):
* Tools/TestWebKitAPI/Tests/WebKitCocoa/ImageAnalysisTests.mm:

Also, adopt the new SPI in an API test that simulates callout bar appearance on iOS 16.

(TestWebKitAPI::simulateCalloutBarAppearance):
* Tools/TestWebKitAPI/cocoa/TestWKWebView.h:
* Tools/TestWebKitAPI/ios/UIKitSPI.h:
* Tools/WebKitTestRunner/ios/UIScriptControllerIOS.mm:
(WTR::internalClassNamed):
(WTR::UIScriptControllerIOS::menuRect const):
(WTR::UIScriptControllerIOS::contextMenuRect const):

Additionally tweak a couple of script controller hooks, to work with the new `UIEditMenuInteraction`
-based callout bars on iOS 16.

link: https://commits.webkit.org/251756@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295751 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 days agoRename attributeContainsJavascriptURL to attributeContainsJavaScriptURL
ntim@apple.com [Wed, 22 Jun 2022 22:07:32 +0000 (22:07 +0000)]
Rename attributeContainsJavascriptURL to attributeContainsJavaScriptURL
https://bugs.webkit.org/show_bug.cgi?id=241872

Reviewed by Wenson Hsieh.

with a capital S

* Source/WebCore/dom/Element.cpp:
(WebCore::Element::attributeContainsJavaScriptURL const):
(WebCore::Element::stripScriptingAttributes const):
(WebCore::Element::attributeContainsJavascriptURL const): Deleted.
* Source/WebCore/dom/Element.h:
* Source/WebCore/editing/ReplaceSelectionCommand.cpp:
(WebCore::ReplacementFragment::removeContentsWithSideEffects):
* Source/WebCore/editing/markup.cpp:
(WebCore::StyledMarkupAccumulator::appendStartTag):
* Source/WebCore/svg/SVGAnimationElement.cpp:
(WebCore::SVGAnimationElement::attributeContainsJavaScriptURL const):
(WebCore::SVGAnimationElement::attributeContainsJavascriptURL const): Deleted.
* Source/WebCore/svg/SVGAnimationElement.h:

link: https://commits.webkit.org/251755@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295750 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 days ago[GTK] Crash in WebCore::TextureMapperLayer::paintSelf
magomez@igalia.com [Wed, 22 Jun 2022 21:41:28 +0000 (21:41 +0000)]
[GTK] Crash in WebCore::TextureMapperLayer::paintSelf
https://bugs.webkit.org/show_bug.cgi?id=240283

Reviewed by Carlos Garcia Campos.

There are 4 cases that can happen after there has been a layerFlush and
we're adopting the new state in the composition stage:

1. The layer is removed from the tree and the proxy is not assigned to
   any other layer: the deletion of the layer causes an invalidation of
   the proxy and both are destroyed afterwards. This works fine.

2. The layer is removed from the tree and the proxy is reassigned to a
   new layer: the deletion of the first layer causes the invalidation of
   the proxy, which is then activated on the second layer. As the first
   layer is destroyed, we don't have to worry about dangling references
   from it to the proxy's currentBuffer. This works fine.

3. The layer is kept in the tree and the proxy gets disassociated from
   it and not used by any other layer: we detect that the proxy is not
   used anymore and call invalidate on it, but the layer keeps a
   reference to the proxy's currentBuffer, which has been deleted during
   invalidate, which leads to a crash when trying to render the layer.

4. The layer is kept in the tree and the proxy gets associated to a new
   layer: as we detect that the proxy is still being used it's not
   invalidated, but it gets activated on the second layer. The first
   layer keeps a reference to the proxy's currentBuffer, which will be
   destroyed a bit later when swapBuffers is called on the proxy. This
   leads to a crash when trying to render the first layer.

This patch addresses cases 3. and 4. described above.

* Source/WebCore/platform/graphics/texmap/TextureMapperPlatformLayerProxyGL.cpp:
(WebCore::TextureMapperPlatformLayerProxyGL::activateOnCompositingThread):
Ensure that the layer no longer keeps a reference to the current buffer if the
proxy is already active on a different layer.
(WebCore::TextureMapperPlatformLayerProxyGL::invalidate): Ensure that
the invalidated layer does not keep a reference to the current buffer.

link: https://commits.webkit.org/251754@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295749 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 days agoDon't install webpushd on catalyst
sbarati@apple.com [Wed, 22 Jun 2022 21:01:40 +0000 (21:01 +0000)]
Don't install webpushd on catalyst
https://bugs.webkit.org/show_bug.cgi?id=241860

Reviewed by Alexey Proskuryakov.

* Source/JavaScriptCore/Configurations/SDKVariant.xcconfig:
* Source/ThirdParty/ANGLE/Configurations/SDKVariant.xcconfig:
* Source/ThirdParty/gtest/xcode/Config/SDKVariant.xcconfig:
* Source/ThirdParty/libwebrtc/Configurations/SDKVariant.xcconfig:
* Source/WTF/Configurations/SDKVariant.xcconfig:
* Source/WebCore/Configurations/SDKVariant.xcconfig:
* Source/WebCore/PAL/Configurations/SDKVariant.xcconfig:
* Source/WebGPU/Configurations/SDKVariant.xcconfig:
* Source/WebInspectorUI/Configurations/SDKVariant.xcconfig:
* Source/WebKit/Configurations/BaseTarget.xcconfig:
* Source/WebKit/Configurations/SDKVariant.xcconfig:
* Source/WebKitLegacy/mac/Configurations/SDKVariant.xcconfig:
* Source/bmalloc/Configurations/SDKVariant.xcconfig:

link: https://commits.webkit.org/251753@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295748 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 days agoMake SVGAnimateElement respect javascriptMarkupEnabled
ntim@apple.com [Wed, 22 Jun 2022 20:11:59 +0000 (20:11 +0000)]
Make SVGAnimateElement respect javascriptMarkupEnabled
https://bugs.webkit.org/show_bug.cgi?id=241820
<rdar://92834618 >

Reviewed by Said Abou-Hallawa.

from/to/values attributes should be stripped in presence of javascript URLs with the pref on.

* Source/WebCore/dom/Element.cpp:
(WebCore::Element::attributeContainsJavascriptURL const):
(WebCore::Element::stripScriptingAttributes const):
(WebCore::Element::isJavaScriptURLAttribute const): Deleted.
* Source/WebCore/dom/Element.h:
* Source/WebCore/editing/ReplaceSelectionCommand.cpp:
(WebCore::ReplacementFragment::removeContentsWithSideEffects):
* Source/WebCore/editing/markup.cpp:
(WebCore::StyledMarkupAccumulator::appendStartTag):
* Source/WebCore/svg/SVGAnimationElement.cpp:
(WebCore::SVGAnimationElement::attributeContainsJavascriptURL const):
* Source/WebCore/svg/SVGAnimationElement.h:
* Tools/TestWebKitAPI/Tests/WebKitCocoa/WKWebViewConfiguration.mm:
(TEST):

link: https://commits.webkit.org/251752@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295747 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 days agoREGRESSION(r294536): NativeImages copied from ImageBufferIOSurfaceBackend are mutated...
commit-queue@webkit.org [Wed, 22 Jun 2022 19:59:07 +0000 (19:59 +0000)]
REGRESSION(r294536): NativeImages copied from ImageBufferIOSurfaceBackend are mutated after copy
https://bugs.webkit.org/show_bug.cgi?id=241367

Patch by Kimmo Kinnunen <kkinnunen@apple.com> on 2022-06-22
Reviewed by Said Abou-Hallawa.

With GPUP, ImageBuffer IOSurface modifications happen in the GPUP.
In r294536 it was changed that WP creates NativeImage instances with CGImage instances
created from IOSurfaces mapped in WP. These CGImages do not know that the underlying IOSurface changes
in the other process.

Detach the CGImages from the IOSurface before the first write to the ImageBuffer
is being sent to GPUP. This is done with the ensureNativeImagesHaveCopiedBackingStore() call.

* LayoutTests/fast/canvas/canvas-pattern-from-modified-canvas-expected.txt: Added.
* LayoutTests/fast/canvas/canvas-pattern-from-modified-canvas.html: Added.
* Source/WebCore/platform/graphics/ImageBuffer.h:
(WebCore::ImageBuffer::backingStoreWillChange):
(WebCore::ImageBuffer::setNeedsFlush): Deleted.
* Source/WebCore/platform/graphics/cg/ImageBufferIOSurfaceBackend.cpp:
(WebCore::ImageBufferIOSurfaceBackend::~ImageBufferIOSurfaceBackend):
(WebCore::ImageBufferIOSurfaceBackend::invalidateCachedNativeImage const):
(WebCore::ImageBufferIOSurfaceBackend::copyNativeImage const):
(WebCore::ImageBufferIOSurfaceBackend::ensureNativeImagesHaveCopiedBackingStore):
* Source/WebCore/platform/graphics/cg/ImageBufferIOSurfaceBackend.h:
* Source/WebKit/WebProcess/GPU/graphics/RemoteDisplayListRecorderProxy.h:
(WebKit::RemoteDisplayListRecorderProxy::send):
* Source/WebKit/WebProcess/GPU/graphics/RemoteImageBufferProxy.h:
(WebKit::RemoteImageBufferProxy::setNeedsFlush):
(WebKit::RemoteImageBufferProxy::prepareForBackingStoreChange):

link: https://commits.webkit.org/251751@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295746 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 days ago[git-webkit] Redact certain bug details
jbedard@apple.com [Wed, 22 Jun 2022 19:43:03 +0000 (19:43 +0000)]
[git-webkit] Redact certain bug details
https://bugs.webkit.org/show_bug.cgi?id=241833
<rdar://problem/95421487>

Reviewed by Ryan Haddad.

* Tools/Scripts/libraries/webkitbugspy/setup.py: Bump version.
* Tools/Scripts/libraries/webkitbugspy/webkitbugspy/__init__.py: Ditto.
* Tools/Scripts/libraries/webkitbugspy/webkitbugspy/bugzilla.py:
(Tracker.__init__): Pass redaction map to base class.
* Tools/Scripts/libraries/webkitbugspy/webkitbugspy/github.py:
(Tracker.__init__): Ditto.
* Tools/Scripts/libraries/webkitbugspy/webkitbugspy/issue.py:
(Issue.redacted): Check if the issue matches any redaction filters.
* Tools/Scripts/libraries/webkitbugspy/webkitbugspy/radar.py:
(Tracker.__init__): Pass redaction map to base class.
* Tools/Scripts/libraries/webkitbugspy/webkitbugspy/tests/bugzilla_unittest.py:
* Tools/Scripts/libraries/webkitbugspy/webkitbugspy/tests/github_unittest.py:
* Tools/Scripts/libraries/webkitbugspy/webkitbugspy/tests/radar_unittest.py:
* Tools/Scripts/libraries/webkitbugspy/webkitbugspy/tracker.py:
(Tracker.from_json): Pass redaction map if it's defined.
(Tracker.__init__): Populate redaction map with regexes.
* Tools/Scripts/libraries/webkitscmpy/setup.py: Bump version.
* Tools/Scripts/libraries/webkitscmpy/webkitscmpy/__init__.py: Ditto.
* Tools/Scripts/libraries/webkitscmpy/webkitscmpy/program/branch.py:
(Branch.main): Redact branch name if the issue is a redacted configuration.
* Tools/Scripts/libraries/webkitscmpy/webkitscmpy/program/commit.py:
(Commit.main): Redact issue title if the issue is a redacted configuration.
* Tools/Scripts/libraries/webkitscmpy/webkitscmpy/test/pull_request_unittest.py:
* metadata/trackers.json: Redact all radars and security bugs.

link: https://commits.webkit.org/251750@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295745 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 days agoAdd more GC tests for ResizeObserver
cdumez@apple.com [Wed, 22 Jun 2022 19:25:25 +0000 (19:25 +0000)]
Add more GC tests for ResizeObserver
https://bugs.webkit.org/show_bug.cgi?id=231260
<rdar://84168766>

Reviewed by Ryosuke Niwa.

Add more GC tests for ResizeObserver, matching the ones we have for IntersectionObserver.

* LayoutTests/resize-observer/observe-disconnected-target-crash-expected.txt: Added.
* LayoutTests/resize-observer/observe-disconnected-target-crash.html: Added.
* LayoutTests/resize-observer/observe-then-disconnect-target-expected.txt: Added.
* LayoutTests/resize-observer/observe-then-disconnect-target.html: Added.

link: https://commits.webkit.org/251748@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295744 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 days agoUpdate test262 (2021.06.21)
ross.kirsling@sony.com [Wed, 22 Jun 2022 19:25:25 +0000 (19:25 +0000)]
Update test262 (2021.06.21)
https://bugs.webkit.org/show_bug.cgi?id=241840

Reviewed by Yusuke Suzuki.

* JSTests/test262/config.yaml:
* JSTests/test262/expectations.yaml:
* JSTests/test262/harness/temporalHelpers.js:
* JSTests/test262/latest-changes-summary.txt:
* JSTests/test262/test/:
* JSTests/test262/test262-Revision.txt:

link: https://commits.webkit.org/251748@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295743 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 days agoAdd cathiechen GitHub account to contributors.json.
cathiechen@igalia.com [Wed, 22 Jun 2022 18:49:12 +0000 (18:49 +0000)]
Add cathiechen GitHub account to contributors.json.
https://bugs.webkit.org/show_bug.cgi?id=241861

Unreviewed.

* metadata/contributors.json:
Add cathiechen GitHub account.

link: https://commits.webkit.org/251747@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295742 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 days ago[git-webkit] Support ranges in find
jbedard@apple.com [Wed, 22 Jun 2022 18:36:58 +0000 (18:36 +0000)]
[git-webkit] Support ranges in find
https://bugs.webkit.org/show_bug.cgi?id=241806
<rdar://95601346>

Reviewed by Ryan Haddad.

* Tools/Scripts/libraries/webkitscmpy/setup.py: Bump version.
* Tools/Scripts/libraries/webkitscmpy/webkitscmpy/__init__.py: Ditto.
* Tools/Scripts/libraries/webkitscmpy/webkitscmpy/local/git.py:
(Git.commits): Use '..'' instead of '...'
* Tools/Scripts/libraries/webkitscmpy/webkitscmpy/program/find.py:
(Info.main): Support .. based range queries.
(Find): Add 'list' alias.
* Tools/Scripts/libraries/webkitscmpy/webkitscmpy/test/find_unittest.py:

link: https://commits.webkit.org/251746@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295741 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 days agoMake sure return value of dispatch_source_create is memory managed correctly
achristensen@apple.com [Wed, 22 Jun 2022 18:35:44 +0000 (18:35 +0000)]
Make sure return value of dispatch_source_create is memory managed correctly
https://bugs.webkit.org/show_bug.cgi?id=241836
rdar://95625990

Reviewed by Chris Dumez.

* Source/WTF/wtf/cocoa/MemoryPressureHandlerCocoa.mm:
(WTF::memoryPressureEventSource):
(WTF::timerEventSource):
(WTF::MemoryPressureHandler::install):
(WTF::MemoryPressureHandler::uninstall):
(WTF::MemoryPressureHandler::holdOff):
* Source/WTF/wtf/threads/Signals.cpp:
(WTF::startMachExceptionHandlerThread):
* Source/WebKit/Shared/EntryPointUtilities/Cocoa/XPCService/XPCServiceEntryPoint.mm:
(WebKit::setOSTransaction):

link: https://commits.webkit.org/251745@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295740 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 days ago[GLIB] Fix invalid D-Bus name for MPRIS
pgriffis@igalia.com [Wed, 22 Jun 2022 18:12:01 +0000 (18:12 +0000)]
[GLIB] Fix invalid D-Bus name for MPRIS
https://bugs.webkit.org/show_bug.cgi?id=241807

Reviewed by Philippe Normand.

A mistake introduced in #1651 used a bus name where a segment started with
a number which is not allowed. Change this to `.instance-$INSTANCE_ID` to fix that.

* Source/WebCore/platform/audio/glib/MediaSessionGLib.cpp:
(WebCore::MediaSessionGLib::MediaSessionGLib):

link: https://commits.webkit.org/251744@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295739 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 days ago[ews-build.webkit.org] Remove check-github-integrity (Part 1)
jbedard@apple.com [Wed, 22 Jun 2022 18:02:36 +0000 (18:02 +0000)]
[ews-build.webkit.org] Remove check-github-integrity (Part 1)
https://bugs.webkit.org/show_bug.cgi?id=241859
<rdar://93108238>

Reviewed by Ryan Haddad.

* Tools/CISupport/ews-build/factories.py:
(CommitQueueFactory.__init__): Remove VerifyGitHubIntegrity.
(MergeQueueFactoryBase.__init__): Ditto.
* Tools/CISupport/ews-build/factories_unittest.py:
(TestExpectedBuildSteps):
* Tools/CISupport/ews-build/steps.py:
(VerifyGitHubIntegrity): Deleted.
* Tools/CISupport/ews-build/steps_unittest.py:

link: https://commits.webkit.org/251743@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295738 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 days agoREGRESSION (r293506): [ iOS ][ macOS ] imported/w3c/web-platform-tests/service-worker...
commit-queue@webkit.org [Wed, 22 Jun 2022 17:57:21 +0000 (17:57 +0000)]
REGRESSION (r293506): [ iOS ][ macOS ] imported/w3c/web-platform-tests/service-workers/service-worker/registration-updateviacache.https.html is a flaky failure
https://bugs.webkit.org/show_bug.cgi?id=240074
rdar://problem/92742526

Patch by Youenn Fablet <youennf@gmail.com> on 2022-06-22
Reviewed by Chris Dumez.

Before r293506, we were refreshing the imported scripts from network process only.
We are now correctly refreshing them from the caller of update.
This makes it possible to load the same scripts from various processes (web process, service worker process), which have different memory caches.
The failure happened due to the fact that different subtests were importing the same subscript with various options.
This triggered storing the subscript in different memory caches.
Some tests expect cache to kick in and expect in that case to have the same resource.
If the cache kicks in, but on different memory caches, we end up with different resources.
To prevent this in the test, we simply append the test name to each subscript import.

* LayoutTests/imported/w3c/web-platform-tests/service-workers/service-worker/resources/update-max-aged-worker.py:
(main):
* LayoutTests/platform/mac/TestExpectations:

link: https://commits.webkit.org/251742@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295737 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 days ago[ WK2 ] Layout Test http/wpt/service-workers/update-service-worker.https.html is...
commit-queue@webkit.org [Wed, 22 Jun 2022 17:23:25 +0000 (17:23 +0000)]
[ WK2 ] Layout Test http/wpt/service-workers/update-service-worker.https.html is a flaky Timeout
https://bugs.webkit.org/show_bug.cgi?id=187766
rdar://problem/59459120

Patch by Youenn Fablet <youennf@gmail.com> on 2022-06-22
Reviewed by Darin Adler.

Make sure scope is fine with script URL.

* LayoutTests/http/wpt/service-workers/update-service-worker.https.html:
* LayoutTests/platform/wk2/TestExpectations:

link: https://commits.webkit.org/251741@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295736 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 days ago[GPUP] Avoid race in GPUP teardown
mmaxfield@apple.com [Wed, 22 Jun 2022 17:13:56 +0000 (17:13 +0000)]
[GPUP] Avoid race in GPUP teardown
https://bugs.webkit.org/show_bug.cgi?id=241770

Reviewed by Simon Fraser.

When there's a low memory warning, the GPU process runs GPUProcess::tryExitIfUnused(), which sends a message
to the UI process to kill the GPU process. The Web process notices this, and runs
RemoteRenderingBackendProxy::disconnectGPUProcess(), which doesn't destroy the RemoteRenderingBackendProxy,
but does set it's internal m_gpuProcessConnection to nullptr.

However, we may be in the middle of a rendering update in the web process. If there's a rendering update
pending, WebPage::finalizeRenderingUpdate() runs, which calls finalizeRenderingUpdate() on the
RemoteRenderingBackendProxy if it exists, which then immediately tries to send a stream message to the GPU
process. Sending a message to the GPU process of course runs ensureGPUProcessConnection() to lazily create
the GPU process.

Therefore, if the low memory warning happens in the middle of a rendering update, the GPU process is killed,
but then it is immediately respawned, just to do 0 work and live forever. This is contrary to the point of
killing the GPU process under memory pressure.

This patch changes the logic of RemoteRenderingBackendProxy::finalizeRenderingUpdate() to avoid restarting
the GPU Process if the connection to it is destroyed. Philosophically, it doesn't make much sense for the
_finalization_ routine of a rendering update to start up the whole GPU process. If we're in the middle of an
animation or something, the GPU process probably won't get killed (because it isn't idle), but even if it does,
the next frame of the animation will start up the GPU process again. This patch just modifies the behavior of
the finalization routine.

I hit this when working on https://github.com/WebKit/WebKit/pull/1464. With this patch applied, the failure
rate of GPUProcess.ExitsUnderMemoryPressureCanvasCase goes from 60% to 0%.

Test: GPUProcess.ExitsUnderMemoryPressureCanvasCase

* Source/WebKit/WebProcess/GPU/graphics/RemoteRenderingBackendProxy.cpp:
(WebKit::RemoteRenderingBackendProxy::finalizeRenderingUpdate):

link: https://commits.webkit.org/251740@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295735 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 days agoCVPixelBufferGetBytePointerCallback should check for CVPixelBufferGetBaseAddress...
commit-queue@webkit.org [Wed, 22 Jun 2022 17:11:51 +0000 (17:11 +0000)]
CVPixelBufferGetBytePointerCallback should check for CVPixelBufferGetBaseAddress returning nullptr
https://bugs.webkit.org/show_bug.cgi?id=241845
rdar://95622853

Patch by Youenn Fablet <youennf@gmail.com> on 2022-06-22
Reviewed by Eric Carlson.

CVPixelBufferGetBaseAddress may return nullptr in some cases.
In that case, return early.

* Source/WebCore/platform/graphics/cv/PixelBufferConformerCV.cpp:
(WebCore::CVPixelBufferGetBytePointerCallback):

link: https://commits.webkit.org/251739@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295734 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 days agoWeb Inspector: Some CSS rules for Cocoa media controls defined in inline styles insid...
pangle@apple.com [Wed, 22 Jun 2022 16:33:23 +0000 (16:33 +0000)]
Web Inspector: Some CSS rules for Cocoa media controls defined in inline styles inside user agent shadow root are not correctly parsed
https://bugs.webkit.org/show_bug.cgi?id=241815
rdar://85053718

Reviewed by Devin Rousso.

New test case: inspector/css/getMatchedStylesForNodeUserAgentShadowRoot.html

CSSSelectorParser has an exception that allows it to parse the following rules when the parser is in UASheetMode:
video[controls]::-webkit-media-text-track-container.visible-controls-bar
video::-webkit-media-text-track-container b
video::-webkit-media-text-track-container u
video::-webkit-media-text-track-container i
video::-webkit-media-text-track-container .hidden

These are technically invalid CSS selectors because only user action pseudo classes should be allowed after pseudo
element selectors, however exceptions exist in CSSSelectorParser to explicitly allow these otherwise invalid selectors
when the pseudo element is a WebKit-specific selector and the parsing mode is UASheetMode.

Web Inspector's InspectorStyleSheet did not previously set any special parsing mode because in a majority of cases we
never need to do this parsing of UA styles text because we do not need to resolve the actual locations of rules in a
source file since they are uneditable. These rules, being declared in the shadow root, are actually editable. To support
these rules, we now check if the owner node of the style sheet is part of a user agent shadow root, and set the parsing
mode to UASheetMode if it is.

* Source/WebCore/inspector/InspectorStyleSheet.cpp:
(ParsedStyleSheet::isInUserAgentShadowTree const):
(ParsedStyleSheet::ParsedStyleSheet):
(WebCore::InspectorStyleSheet::InspectorStyleSheet):
(WebCore::InspectorStyleSheet::ensureSourceData):

* LayoutTests/inspector/css/getMatchedStylesForNodeUserAgentShadowRoot-expected.txt: Added.
* LayoutTests/inspector/css/getMatchedStylesForNodeUserAgentShadowRoot.html: Added.

link: https://commits.webkit.org/251738@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295733 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 days ago[ iOS ] editing/selection/ios/show-callout-bar-after-selecting-word.html is a flaky...
wenson_hsieh@apple.com [Wed, 22 Jun 2022 16:07:32 +0000 (16:07 +0000)]
[ iOS ] editing/selection/ios/show-callout-bar-after-selecting-word.html is a flaky timeout
https://bugs.webkit.org/show_bug.cgi?id=240544
rdar://93458507

Reviewed by Aditya Keerthi.

Currently, any LayoutTest that attempts to wait for (or interact with) the callout bar after
selecting text fails, due to the fact that on iOS 16, the callout bar is implemented using a
`UIEditMenuInteraction` on the content view, which doesn't use the extant classes for managing and
observing callout bar UI -- i.e. `UIMenuController`, `UICalloutBar` and the associated global
notifications.

Unfortunately, when using iOS 16, there are no longer any global notifications that the test harness
can listen for to detect when the callout bar has been presented or dismissed. To keep these tests
passing on iOS 16, we introduce a mechanism to the test harness to intercept edit menu interaction
delegate method calls, and notify `TestController` when the edit menu has completed its presention
or dismissal animations.

Also, tweak a flaky layout test that exercises this logic to be more robust — see below for more
detail.

* LayoutTests/editing/selection/ios/show-callout-bar-after-selecting-word.html:

Additionally, adjust this layout test to explicitly wait for the 'Select' menu action before trying
to select that item -- this might mitigate potential flakiness on iOS 15, due to calling
`UIHelper.chooseMenuAction()` too early.

* Source/WTF/wtf/PlatformHave.h:

Add a new build-time flag to guard the availability of `UIEditMenuInteraction`.

* Tools/WebKitTestRunner/TestController.h:
* Tools/WebKitTestRunner/WebKitTestRunner.xcodeproj/project.pbxproj:
* Tools/WebKitTestRunner/cocoa/TestRunnerWKWebView.h:
* Tools/WebKitTestRunner/cocoa/TestRunnerWKWebView.mm:
(-[TestRunnerWKWebView textEffectsWindow]):

Add a helper method to return the web view's associated text effects window. This is used below in
`TestController` when recursively searching the view hierarchy for callout menu buttons with a given
label string (e.g. "Select", "Select All", "Copy", etc.), because these buttons and labels now exist
within the view hierarchy of the `UITextEffectsWindow` on iOS 16, when using the edit menu
interaction.

(-[TestRunnerWKWebView currentEditMenuInteraction]):

Add a helper method to grab the edit menu interaction corresponding to text selection on the content
view.

(-[TestRunnerWKWebView didPresentEditMenuInteraction:]):
(-[TestRunnerWKWebView didDismissEditMenuInteraction:]):

Plumb into the existing `-_didHideMenu` and `-_didShowMenu` methods, which we currently use to
observe callout bar presentation and dismissal. This allows the test harness to simultaneously
support iOS 15 and iOS 16, for layout tests that exercise the callout bar.

(-[TestRunnerWKWebView immediatelyDismissEditMenuInteractionIfNeeded]):

Add a hook to immediately dismiss the callout bar between layout tests, that is compatible with
UIEditMenuInteraction-backed callout bars.

* Tools/WebKitTestRunner/ios/EditMenuInteractionSwizzler.h: Added.
* Tools/WebKitTestRunner/ios/EditMenuInteractionSwizzler.mm: Added.

Add a helper class to swizzle `-[UIEditMenuInteraction initWithDelegate:]`, and call the original
method implementation with an object that wraps the given `UIEditMenuInteractionDelegate` in another
object (`EditMenuInteractionDelegateWrapper`) that forwards all selector invocations to the original
delegate (in practice: `_UIContextMenuInteractionBasedTextContextInteraction`), but additionally
implements the `-willPresentMenuForConfiguration:` and `-willDismissMenuForConfiguration:` delegate
hooks and adds animation completion blocks that call out to the global `TestController`.

This allows us to passively observe calls to
`-editMenuInteraction:(will|did)PresentMenuForConfiguration:animator:`, without affecting the
internal UIKit implementation of the text interaction assistant's edit menu interaction.

(-[EditMenuInteractionDelegateWrapper initWithDelegate:]):
(-[EditMenuInteractionDelegateWrapper forwardInvocation:]):
(-[EditMenuInteractionDelegateWrapper respondsToSelector:]):
(-[EditMenuInteractionDelegateWrapper methodSignatureForSelector:]):
(-[EditMenuInteractionDelegateWrapper editMenuInteraction:willPresentMenuForConfiguration:animator:]):
(-[EditMenuInteractionDelegateWrapper editMenuInteraction:willDismissMenuForConfiguration:animator:]):
(-[UIEditMenuInteraction swizzled_initWithDelegate:]):
(WTR::EditMenuInteractionSwizzler::EditMenuInteractionSwizzler):
(WTR::EditMenuInteractionSwizzler::~EditMenuInteractionSwizzler):
* Tools/WebKitTestRunner/ios/TestControllerIOS.mm:
(WTR::TestController::platformInitialize):

Initialize the edit menu interaction swizzler.

(WTR::TestController::platformResetStateToConsistentValues):
(WTR::TestController::didPresentEditMenuInteraction):
(WTR::TestController::didDismissEditMenuInteraction):
* Tools/WebKitTestRunner/ios/UIScriptControllerIOS.mm:
(WTR::UIScriptControllerIOS::rectForMenuAction const):

link: https://commits.webkit.org/251737@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295732 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 days agoDownloading DMG using WKDownload errors with "You do not have permission"
achristensen@apple.com [Wed, 22 Jun 2022 15:56:57 +0000 (15:56 +0000)]
Downloading DMG using WKDownload errors with "You do not have permission"
https://bugs.webkit.org/show_bug.cgi?id=234249

Reviewed by Chris Dumez.

Applications downloaded from the sandboxed network process can't be opened
on macOS because they have QTN_FLAG_HARD set.  The network process can't remove
this and shouldn't be given such permission.  However, WKDownload may be used
by unsandboxed applications such as TestWebKitAPI that do have permission to
remove QTN_FLAG_HARD.  If this is the case, we should try to make the application
able to be opened when finishing the download.  I verified you still get the warning
"Application Name" is an app downloaded from the Internet. Are you sure you want to open it?
but you no longer get the warning that can't be bypassed.

* Source/WebCore/PAL/PAL.xcodeproj/project.pbxproj:
* Source/WebCore/PAL/pal/spi/mac/QuarantineSPI.h: Renamed from Source/WebKit/Platform/spi/mac/QuarantineSPI.h.
(QuarantineFileDeleter::operator ()):
Added helper for std::unique_ptr use with qtn_file_t
* Source/WebKit/NetworkProcess/Downloads/Download.cpp:
(WebKit::Download::Download):
* Source/WebKit/NetworkProcess/Downloads/Download.h:
(WebKit::Download::sessionID const):
(WebKit::Download::suggestedName const): Deleted.
* Source/WebKit/Shared/mac/AuxiliaryProcessMac.mm:
* Source/WebKit/UIProcess/Cocoa/WKShareSheet.mm:
* Source/WebKit/UIProcess/Cocoa/WebPageProxyCocoa.mm:
* Source/WebKit/UIProcess/Downloads/DownloadProxy.cpp:
(WebKit::DownloadProxy::updateQuarantinePropertiesIfPossible):
(WebKit::DownloadProxy::didFinish):
* Source/WebKit/UIProcess/Downloads/DownloadProxy.h:
* Source/WebKit/WebKit.xcodeproj/project.pbxproj:
* Tools/TestWebKitAPI/Tests/WebKitCocoa/Download.mm:
(tempFileThatDoesNotExist):
Introduce a non-ASCII character to make sure file system representation code works as expected

link: https://commits.webkit.org/251736@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295731 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 days agoCrash under WebCore::DataDetection::detectContentInRange()
cdumez@apple.com [Wed, 22 Jun 2022 15:16:08 +0000 (15:16 +0000)]
Crash under WebCore::DataDetection::detectContentInRange()
https://bugs.webkit.org/show_bug.cgi?id=241823
<rdar://95110928>

Reviewed by Wenson Hsieh.

The crash occurs in the wild when calling TextIterator::range() and
TextIterator::m_positionNode is null. Do some hardening and early return before
calling TextIterator::range() and TextIterator::atEnd() returns true to avoid
the issue.

* Source/WebCore/editing/cocoa/DataDetection.mm:
(WebCore::DataDetection::detectContentInRange):

link: https://commits.webkit.org/251735@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295730 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 days ago[CSS Container Queries] rem units don't work in queries
antti@apple.com [Wed, 22 Jun 2022 13:40:19 +0000 (13:40 +0000)]
[CSS Container Queries] rem units don't work in queries
https://bugs.webkit.org/show_bug.cgi?id=241852

Reviewed by Antoine Quint.

* LayoutTests/imported/w3c/web-platform-tests/css/css-contain/container-queries/font-relative-units-dynamic-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/css/css-contain/container-queries/font-relative-units-expected.txt:
* Source/WebCore/style/ContainerQueryEvaluator.cpp:
(WebCore::Style::ContainerQueryEvaluator::selectContainer const):

Correctly pass the document element style instead of the view style.

link: https://commits.webkit.org/251734@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295729 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 days ago[web-animations] support custom properties in @keyframes rules
graouts@webkit.org [Wed, 22 Jun 2022 13:36:56 +0000 (13:36 +0000)]
[web-animations] support custom properties in @keyframes rules
https://bugs.webkit.org/show_bug.cgi?id=241843

Reviewed by Antti Koivisto.

We start work towards broad support of custom properties in animations by adding support
for custom properties in @keyframes rules.

The first thing required is to allow KeyframeList and KeyframeValue to track custom properties
on top of common properties (CSSPropertyID). To that end, we add HashSet<AtomString> members
to both those classes and ensure KeyframeList::insert() adds any new custom property found
on the inserted KeyframeValue to the KeyframeList. Dedicated methods, such as
KeyframeValue::addCustomProperty() allow setting what custom properties are found on the
KeyframeValue.

Then, we need to detect that we have custom properties set in @keyframes rules. We update
Style::Resolver::styleForKeyframe() to determine whether a property in a keyframe is a
CSSCustomPropertyValue, and if it is, we get its name and use KeyframeValue::addCustomProperty()
to add it to the keyframe.

Finally, we must actually blend custom properties. Since custom properties are only animated
discretely, the logic here is simple and we add a new CSSPropertyAnimation::blendCustomProperty()
method which simply gets the custom property from either the from or to style depending on what side
of the 0.5 boundary we are.

We call this new method from KeyframeEffect::setAnimatedPropertiesInStyle() where we must now not
only iterate through common properties (CSSPropertyID) but also custom properties. We now wrap much
of that function's logic into a lambda which takes in an std::variant<CSSPropertyID, AtomString> type
with some simple checks to deal with either type in the lambda body.

* LayoutTests/imported/w3c/web-platform-tests/css/css-contain/container-queries/container-inner-at-rules-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/css/css-contain/container-queries/container-longhand-animation-type-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/css/css-properties-values-api/at-property-animation-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/css/css-properties-values-api/font-size-animation-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/css/css-properties-values-api/registered-property-revert-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/css/css-variables/variable-animation-from-to-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/css/css-variables/variable-animation-over-transition-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/css/css-variables/variable-animation-to-only-expected.txt:
* Source/WebCore/animation/CSSPropertyAnimation.cpp:
(WebCore::CSSPropertyAnimation::blendProperties):
(WebCore::CSSPropertyAnimation::blendCustomProperty):
* Source/WebCore/animation/CSSPropertyAnimation.h:
* Source/WebCore/animation/KeyframeEffect.cpp:
(WebCore::KeyframeEffect::setAnimatedPropertiesInStyle):
* Source/WebCore/rendering/style/KeyframeList.cpp:
(WebCore::KeyframeList::insert):
(WebCore::KeyframeList::copyKeyframes):
(WebCore::KeyframeList::containsAnimatableProperty const): Any and all custom properties is considered animatable.
* Source/WebCore/rendering/style/KeyframeList.h:
(WebCore::KeyframeValue::addCustomProperty):
(WebCore::KeyframeValue::containsCustomProperty const):
(WebCore::KeyframeValue::customProperties const):
(WebCore::KeyframeList::addCustomProperty):
(WebCore::KeyframeList::containsCustomProperty const):
(WebCore::KeyframeList::customProperties const):
* Source/WebCore/style/StyleResolver.cpp:
(WebCore::Style::Resolver::styleForKeyframe):

link: https://commits.webkit.org/251733@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295728 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 days agoAX ITM: Update the target node of a ChildrenChanged notification in addition of updat...
andresg_22@apple.com [Wed, 22 Jun 2022 12:41:33 +0000 (12:41 +0000)]
AX ITM: Update the target node of a ChildrenChanged notification in addition of updating its children.
https://bugs.webkit.org/show_bug.cgi?id=241834

Reviewed by Chris Fleizach.

Fixes several tests in isolated tree mode, including:
    accessibility/mac/figure-element.html [ Failure ]
    accessibility/mac/progress-with-label-element.html [ Failure ]
    accessibility/mac/label-element-changing-children-string-value.html [ Timeout ]
    accessibility/mac/label-element-changing-textcontent-string-value.html [ Timeout ]
    accessibility/visible-elements.html [ Timeout ]

In updateChildren, replaced AXIsolatedTree::updateRelatedProperties with updateNodeAndDependetnProperties to replace the whole object instead of individual properties. This will update several properties that depend on the children of any given object such as those properties that compute textUnderElement. The added cost should be marginal given that updating the children is a lot more costly.

* LayoutTests/accessibility/mac/label-element-changing-children-string-value-expected.txt:
* LayoutTests/accessibility/mac/label-element-changing-children-string-value.html:
* Source/WebCore/accessibility/isolatedtree/AXIsolatedTree.cpp:
(WebCore::AXIsolatedTree::updateNodeAndDependentProperties):
(WebCore::AXIsolatedTree::updateChildren):
(WebCore::AXIsolatedTree::updateTableProperties): Deleted.
(WebCore::AXIsolatedTree::updateTreeItemProperties): Deleted.
(WebCore::AXIsolatedTree::updateRelatedProperties): Deleted.
* Source/WebCore/accessibility/isolatedtree/AXIsolatedTree.h:

link: https://commits.webkit.org/251732@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295727 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 days ago[CSS Container Queries] Improper style sharing with container queries
antti@apple.com [Wed, 22 Jun 2022 12:20:21 +0000 (12:20 +0000)]
[CSS Container Queries] Improper style sharing with container queries
https://bugs.webkit.org/show_bug.cgi?id=241848

Reviewed by Antoine Quint.

Elements affected by container queries may get different style even though DOM is perfectly symmetric because containers have different sizes.

* LayoutTests/fast/css/container-query-style-sharing-expected.html: Added.
* LayoutTests/fast/css/container-query-style-sharing.html: Added.
* Source/WebCore/style/StyleSharingResolver.cpp:
(WebCore::Style::SharingResolver::canShareStyleWithElement const):

link: https://commits.webkit.org/251731@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295726 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 days ago[GLIB] Change MPRIS bus name to be sandbox friendly
pgriffis@igalia.com [Wed, 22 Jun 2022 09:20:20 +0000 (09:20 +0000)]
[GLIB] Change MPRIS bus name to be sandbox friendly
https://bugs.webkit.org/show_bug.cgi?id=241807

Reviewed by Philippe Normand.

When an application has an ID this changes the name to be
org.mpris.MediaPlayer2.$APP_ID.$INSTANCE_ID which is permitted
by default with flatpak and now with our bubblewrap sandbox.

Instead of the previous org.mpris.MediaPlayer2.$APP_ID-$INSTANCE_ID
which would be blocked by sandboxes unless they allowed an
overly broad org.mpris.MediaPlayer2.* permission.

* Source/WebCore/platform/audio/glib/MediaSessionGLib.cpp:
(WebCore::MediaSessionGLib::MediaSessionGLib):

link: https://commits.webkit.org/251730@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295725 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 days ago[GTK][WPE] Timeline recording not working properly on new HTTP inspector
commit-queue@webkit.org [Wed, 22 Jun 2022 08:31:19 +0000 (08:31 +0000)]
[GTK][WPE] Timeline recording not working properly on new HTTP inspector
https://bugs.webkit.org/show_bug.cgi?id=240792

Patch by Carlos Garcia Campos <cgarcia@igalia.com> on 2022-06-22
Reviewed by Michael Catanzaro.

The remote inspector calls setIsVisible on frontendLoaded. In case of
HTTP server we should do the same when the frontend is loaded.

* Source/WebInspectorUI/UserInterface/Base/BrowserInspectorFrontendHost.js:
(window.InspectorFrontendHost.WI.BrowserInspectorFrontendHost.prototype.loaded):

link: https://commits.webkit.org/251729@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295724 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 days agoRemove KeyframeList::addProperty()
commit-queue@webkit.org [Wed, 22 Jun 2022 06:25:54 +0000 (06:25 +0000)]
Remove KeyframeList::addProperty()
https://bugs.webkit.org/show_bug.cgi?id=241805

Patch by Antoine Quint <graouts@apple.com> on 2022-06-21
Reviewed by Dean Jackson.

This method is not needed since KeyframeList::insert() already adds the properties
of the newly inserted keyframe to KeyframeList::m_properties.

* Source/WebCore/animation/KeyframeEffect.cpp:
(WebCore::KeyframeEffect::updateBlendingKeyframes):
(WebCore::KeyframeEffect::computeCSSTransitionBlendingKeyframes):
* Source/WebCore/rendering/style/KeyframeList.h:
(WebCore::KeyframeList::addProperty): Deleted.

link: https://commits.webkit.org/251728@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295723 268f45cc-cd09-0410-ab3c-d52691b4dbfc

7 days agoEliminate one repaint from SVGResourcesCache::clientLayoutChanged
heycam@apple.com [Wed, 22 Jun 2022 05:58:16 +0000 (05:58 +0000)]
Eliminate one repaint from SVGResourcesCache::clientLayoutChanged
https://bugs.webkit.org/show_bug.cgi?id=241822

Reviewed by Simon Fraser.

SVGResourcesCache::clientLayoutChanged is called under all of the SVG
render object layout functions, to invalidate the SVG resource and
repaint the element. But all of the layout functions will already
repaint the element due to their LayoutRepainter on the stack.

This repaint can be expensive due to the rectangle calculations. We can
skip it by passing false into clientLayoutChanged.

This is an improvement of 3% on the MotionMark Suits sub-test on some
devices.

* Source/WebCore/rendering/svg/SVGResourcesCache.cpp:
(WebCore::SVGResourcesCache::clientLayoutChanged):

link: https://commits.webkit.org/251727@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295722 268f45cc-cd09-0410-ab3c-d52691b4dbfc

8 days agoAX: Live AX objects can be destroyed while building a node change for them
tyler_w@apple.com [Wed, 22 Jun 2022 04:11:35 +0000 (04:11 +0000)]
AX: Live AX objects can be destroyed while building a node change for them
https://bugs.webkit.org/show_bug.cgi?id=241810

Reviewed by Chris Fleizach.

While building a node change in AXIsolatedTree::nodeChangeForObject,
the initialization of several different `AXPropertyName`s can cause layout,
which in turn can cause the backing live object to be deleted. This
causes a crash.

This patch fixes this by holding a `Ref` to the AccessibilityObject,
ensuring it stays alive for as long we need it.

I wasn't able to make a layout test for this, as the circumstances to
reproduce the issue are complex.

* Source/WebCore/accessibility/isolatedtree/AXIsolatedObject.cpp:
(WebCore::AXIsolatedObject::AXIsolatedObject):
(WebCore::AXIsolatedObject::create):
(WebCore::AXIsolatedObject::initializeProperties):
* Source/WebCore/accessibility/isolatedtree/AXIsolatedObject.h:
* Source/WebCore/accessibility/isolatedtree/AXIsolatedTree.cpp:
(WebCore::AXIsolatedTree::nodeChangeForObject):
* Source/WebCore/accessibility/isolatedtree/AXIsolatedTree.h:
* Source/WebCore/accessibility/isolatedtree/mac/AXIsolatedObjectMac.mm:
(WebCore::AXIsolatedObject::initializePlatformProperties):

link: https://commits.webkit.org/251726@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295721 268f45cc-cd09-0410-ab3c-d52691b4dbfc

8 days agoAX ITM: Fix for accessibility/mac/details-summary.html in isolated tree mode.
andresg_22@apple.com [Wed, 22 Jun 2022 03:50:19 +0000 (03:50 +0000)]
AX ITM: Fix for accessibility/mac/details-summary.html in isolated tree mode.
https://bugs.webkit.org/show_bug.cgi?id=241804

Reviewed by Darin Adler.

Need to check for null the accessible object in the waitFor function before calling isExpanded. Also buffering the output in a variable makes the test run faster.

* LayoutTests/accessibility/mac/details-summary-expected.txt:
* LayoutTests/accessibility/mac/details-summary.html:

link: https://commits.webkit.org/251725@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295720 268f45cc-cd09-0410-ab3c-d52691b4dbfc

8 days agostd::variant decoding with out-of-bounds index should fail instead of decoding the...
achristensen@apple.com [Wed, 22 Jun 2022 03:22:54 +0000 (03:22 +0000)]
std::variant decoding with out-of-bounds index should fail instead of decoding the 0'th type
https://bugs.webkit.org/show_bug.cgi?id=241813

Reviewed by Chris Dumez.

* Source/WebKit/Platform/IPC/ArgumentCoders.h:

link: https://commits.webkit.org/251724@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295719 268f45cc-cd09-0410-ab3c-d52691b4dbfc

8 days agoDon't allocate device pixel ratio scaled backing stores for layers that contain only...
mattwoodrow@apple.com [Wed, 22 Jun 2022 03:12:18 +0000 (03:12 +0000)]
Don't allocate device pixel ratio scaled backing stores for layers that contain only unscaled bitmap content
https://bugs.webkit.org/show_bug.cgi?id=241450

Reviewed by Simon Fraser.

* Source/WebCore/platform/graphics/GraphicsLayer.cpp:
(WebCore::GraphicsLayer::GraphicsLayer):
* Source/WebCore/platform/graphics/GraphicsLayer.h:
(WebCore::GraphicsLayer::setAppliesDeviceScale):
(WebCore::GraphicsLayer::appliesDeviceScale const):
(WebCore::GraphicsLayer::deviceScaleFactor const):
* Source/WebCore/rendering/RenderLayerBacking.cpp:
(WebCore::PaintedContentsInfo::isUnscaledBitmapOnly):
(WebCore::PaintedContentsInfo::contentsTypeDetermination):
(WebCore::RenderLayerBacking::updateConfiguration):
(WebCore::RenderLayerBacking::isUnscaledBitmapOnly const):
* Source/WebCore/rendering/RenderLayerBacking.h:

Adds isUnscaledBitmapOnly to check if a layer contains only a <canvas>/image,
and no other rasterized content, and that the bitmap is drawn unscaled.
If so, uses setAppliesDeviceScale to disable hidpi backing stores for this layer.

* Source/WebCore/platform/graphics/LayerTreeAsTextOptions.h:
* Source/WebCore/platform/graphics/ca/GraphicsLayerCA.cpp:
(WebCore::GraphicsLayerCA::dumpAdditionalProperties const):
* Source/WebCore/testing/Internals.cpp:
(WebCore::toLayerTreeAsTextOptions):
* Source/WebCore/testing/Internals.h:
* Source/WebCore/testing/Internals.idl:

Adds new internals.LAYER_TREE_INCLUDES_DEVICE_SCALE flag for layer tree dumping, in order
to test whether a layer has a high dpi backing store or not.

* LayoutTests/compositing/canvas/hidpi-canvas-backing-store-expected.txt: Added.
* LayoutTests/compositing/canvas/hidpi-canvas-backing-store-invalidation-expected.txt: Added.
* LayoutTests/compositing/canvas/hidpi-canvas-backing-store-invalidation.html: Added.
* LayoutTests/compositing/canvas/hidpi-canvas-backing-store.html: Added.

Adds new test for low-dpi backing store for a layer containing only a canvas, and an invalidation
test to check that we go back to hidpi when we add a rasterized outline.

link: https://commits.webkit.org/251723@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295718 268f45cc-cd09-0410-ab3c-d52691b4dbfc

8 days agoTextureMapper: mask should be applied after filter is applied
Hironori.Fujii@sony.com [Wed, 22 Jun 2022 03:09:26 +0000 (03:09 +0000)]
TextureMapper: mask should be applied after filter is applied
https://bugs.webkit.org/show_bug.cgi?id=241772

Reviewed by Don Olmstead.

If an element has both a mask-image and filters, the mask should be
applied after the filters.

BitmapTextureGL::applyFilters didn't actually apply the last filter.
It stored the last filter information in it, and applied the last
filter when blitting onto the target. If the element has a mask,
applyFilters should apply all filters before applying the mask.

* LayoutTests/compositing/masks/mask-and-drop-shadow-expected.html: Added.
* LayoutTests/compositing/masks/mask-and-drop-shadow.html: Added.
* Source/WebCore/platform/graphics/texmap/BitmapTexture.h:
(WebCore::BitmapTexture::applyFilters):
* Source/WebCore/platform/graphics/texmap/BitmapTextureGL.cpp:
(WebCore::BitmapTextureGL::applyFilters):
* Source/WebCore/platform/graphics/texmap/BitmapTextureGL.h:
* Source/WebCore/platform/graphics/texmap/TextureMapperLayer.cpp:
(WebCore::TextureMapperLayer::computeOverlapRegions):
(WebCore::TextureMapperLayer::paintIntoSurface):

link: https://commits.webkit.org/251722@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295717 268f45cc-cd09-0410-ab3c-d52691b4dbfc

8 days agoImplement CSSNumericValue.equals
achristensen@apple.com [Wed, 22 Jun 2022 03:00:34 +0000 (03:00 +0000)]
Implement CSSNumericValue.equals
https://bugs.webkit.org/show_bug.cgi?id=241378

Reviewed by Chris Dumez.

This is an off-by-default experimental feature.

* LayoutTests/imported/w3c/web-platform-tests/css/css-typed-om/stylevalue-subclasses/numeric-objects/equals.tentative-expected.txt:
* Source/WebCore/bindings/js/JSCSSStyleValueCustom.cpp:
(WebCore::toJSNewlyCreated):
* Source/WebCore/css/typedom/CSSNumericValue.cpp:
(WebCore::CSSNumericValue::equals):
* Source/WebCore/css/typedom/CSSNumericValue.h:
(): Deleted.
* Source/WebCore/css/typedom/CSSStyleValue.h:
(WebCore::isCSSNumericValue):
(WebCore::isCSSMathValue):
* Source/WebCore/css/typedom/CSSUnitValue.cpp:
(WebCore::CSSUnitValue::equals const):
* Source/WebCore/css/typedom/CSSUnitValue.h:
* Source/WebCore/css/typedom/numeric/CSSMathInvert.cpp:
(WebCore::CSSMathInvert::CSSMathInvert):
(WebCore::CSSMathInvert::equals const):
* Source/WebCore/css/typedom/numeric/CSSMathInvert.h:
* Source/WebCore/css/typedom/numeric/CSSMathMax.h:
* Source/WebCore/css/typedom/numeric/CSSMathMin.h:
* Source/WebCore/css/typedom/numeric/CSSMathNegate.cpp:
(WebCore::CSSMathNegate::CSSMathNegate):
(WebCore::CSSMathNegate::equals const):
* Source/WebCore/css/typedom/numeric/CSSMathNegate.h:
* Source/WebCore/css/typedom/numeric/CSSMathProduct.h:
* Source/WebCore/css/typedom/numeric/CSSMathSum.h:
* Source/WebCore/css/typedom/numeric/CSSMathValue.h:
(WebCore::CSSMathValue::CSSMathValue):
(WebCore::CSSMathValue::equalsImpl const):

link: https://commits.webkit.org/251721@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295716 268f45cc-cd09-0410-ab3c-d52691b4dbfc

8 days agoRenderBox::hasHorizontalLayoutOverflow/hasVerticalLayoutOverflow use incorrect coordi...
zalan@apple.com [Wed, 22 Jun 2022 02:41:14 +0000 (02:41 +0000)]
RenderBox::hasHorizontalLayoutOverflow/hasVerticalLayoutOverflow use incorrect coordinate space
https://bugs.webkit.org/show_bug.cgi?id=241796

Reviewed by Simon Fraser.

RenderBox::x() and y() are in the coordinate space of the containing block while layoutOverflowRect is relative to the box's border box. These functions would compute overflow true if the box happens to have some offset (through margin or positioning) even without actual overflow.

* LayoutTests/fast/overflow/horizontal-overflow-with-offset-expected.txt: Added.
* LayoutTests/fast/overflow/horizontal-overflow-with-offset.html: Added.
* LayoutTests/fast/overflow/vertical-overflow-with-offset-expected.txt: Added.
* LayoutTests/fast/overflow/vertical-overflow-with-offset.html: Added.
* Source/WebCore/rendering/RenderBox.h:
(WebCore::RenderBox::hasHorizontalLayoutOverflow const):
(WebCore::RenderBox::hasVerticalLayoutOverflow const):

link: https://commits.webkit.org/251720@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295715 268f45cc-cd09-0410-ab3c-d52691b4dbfc

8 days ago[JSC] Use m_structureCacheClearedWatchpoint in more DFG nodes
shvaikalesh@gmail.com [Wed, 22 Jun 2022 02:38:43 +0000 (02:38 +0000)]
[JSC] Use m_structureCacheClearedWatchpoint in more DFG nodes
https://bugs.webkit.org/show_bug.cgi?id=241575

Reviewed by Yusuke Suzuki.

Not sure if this is observable, but it's worth to align with ObjectCreate for consistency.

* Source/JavaScriptCore/dfg/DFGAbstractInterpreterInlines.h:
(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
* Source/JavaScriptCore/dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::parseBlock):
(JSC::DFG::ByteCodeParser::handleCreateInternalFieldObject):
* Source/JavaScriptCore/dfg/DFGConstantFoldingPhase.cpp:
(JSC::DFG::ConstantFoldingPhase::foldConstants):

link: https://commits.webkit.org/251719@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295714 268f45cc-cd09-0410-ab3c-d52691b4dbfc

8 days agoSupport waiting for event in custom element
commit-queue@webkit.org [Wed, 22 Jun 2022 02:14:04 +0000 (02:14 +0000)]
Support waiting for event in custom element
https://bugs.webkit.org/show_bug.cgi?id=241812

Patch by Youssef Soliman <youssefdevelops@gmail.com> on 2022-06-21
Reviewed by Eric Carlson.

Some media related layout tests require event listeners on custom HTML elements.

* LayoutTests/media/video-test.js:
(waitForEventAndFailFor):
(waitForEventAndTest):
(waitForEventAndTestFor):

link: https://commits.webkit.org/251718@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295713 268f45cc-cd09-0410-ab3c-d52691b4dbfc

8 days ago[WebGPU] Make Parser class declaration visible to unit tests for testing
commit-queue@webkit.org [Wed, 22 Jun 2022 01:58:49 +0000 (01:58 +0000)]
[WebGPU] Make Parser class declaration visible to unit tests for testing
https://bugs.webkit.org/show_bug.cgi?id=241738

Patch by Kiet Ho <tho22@apple.com> on 2022-06-21
Reviewed by Myles C. Maxfield.

The existing parser interface (WGSL::parseLChar() and WGSL::parseUChar())
only accepts entirely valid shader module, which makes it difficult to
write unit tests targeting individual aspects of the parser (for example,
only testing the type declaration or unary expression parsing logic). This
commit moves the Parser class declaration from the .cpp file to a private
header file (ParserPrivate.h), and makes private methods that parse
individual grammar rules public. This gives unit tests access to those
methods to test them.

* Source/WebGPU/WGSL/Parser.cpp:
(WGSL::Parser::Parser): Deleted.
(WGSL::Parser::current): Deleted.
* Source/WebGPU/WGSL/ParserPrivate.h: Added.
(WGSL::Parser::Parser):
(WGSL::Parser::current):
* Source/WebGPU/WebGPU.xcodeproj/project.pbxproj:

link: https://commits.webkit.org/251717@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295712 268f45cc-cd09-0410-ab3c-d52691b4dbfc

8 days agoSchedule/fire an event when selection changes for select() and setRangeText().
zsun@igalia.com [Wed, 22 Jun 2022 01:55:30 +0000 (01:55 +0000)]
Schedule/fire an event when selection changes for select() and setRangeText().
https://bugs.webkit.org/show_bug.cgi?id=241366

Reviewed by Darin Adler.

As per step 6 at [1], if either extent or direction of the text control to be modified,
we need to queue an element task on the user interaction task source given the element
to fire an select event with the bubbles attribute initialized to true. We addressed
some cases in Bug 238142. This is to fix the missing cases.

This patch also introduces WPT test select-event.html back to WebKit. For some reason, it
was removed in a previous resync patch.

[1] https://html.spec.whatwg.org/multipage/form-control-infrastructure.html#set-the-selection-range

* LayoutTests/imported/w3c/web-platform-tests/html/semantics/forms/textfieldselection/select-event-expected.txt: Added.
* LayoutTests/imported/w3c/web-platform-tests/html/semantics/forms/textfieldselection/select-event.html: Added.
* LayoutTests/platform/gtk/imported/w3c/web-platform-tests/html/semantics/forms/textfieldselection/select-event-expected.txt
* Source/WebCore/html/HTMLTextFormControlElement.cpp:
(WebCore::HTMLTextFormControlElement::select):
(WebCore::HTMLTextFormControlElement::setRangeText):

link: https://commits.webkit.org/251716@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295711 268f45cc-cd09-0410-ab3c-d52691b4dbfc

8 days ago[JSC] Add tests ensuring that extraMemorySize is monotonically increasing until full...
ysuzuki@apple.com [Wed, 22 Jun 2022 01:34:32 +0000 (01:34 +0000)]
[JSC] Add tests ensuring that extraMemorySize is monotonically increasing until full-collection happens
https://bugs.webkit.org/show_bug.cgi?id=241832
rdar://95384643

Reviewed by Mark Lam.

This patch adds tests ensuring that extraMemorySize is monotonically increasing until full-collection happens.
If this assumption is broken, GC scheduling can be confused. And we crash with existing assertions.

* JSTests/stress/array-buffer-transfer-should-not-reduce-extra-memory-size.js: Added.

link: https://commits.webkit.org/251715@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295710 268f45cc-cd09-0410-ab3c-d52691b4dbfc

8 days agoCleanup fullscreen logic
commit-queue@webkit.org [Wed, 22 Jun 2022 01:23:47 +0000 (01:23 +0000)]
Cleanup fullscreen logic
https://bugs.webkit.org/show_bug.cgi?id=241811

Patch by Youssef Soliman <youssefdevelops@gmail.com> on 2022-06-21
Reviewed by Eric Carlson.

Cleaned up the logic used when entering fullscreen.

* Source/WebCore/html/HTMLMediaElement.cpp:
(WebCore::HTMLMediaElement::enterFullscreen):
* Source/WebCore/page/ChromeClient.h:
(WebCore::ChromeClient::canEnterVideoFullscreen const):
* Source/WebCore/page/Quirks.cpp:
(WebCore::Quirks::allowLayeredFullscreenVideos const):
* Source/WebCore/page/Quirks.h:
* Source/WebKit/WebProcess/WebCoreSupport/WebChromeClient.cpp:
(WebKit::WebChromeClient::canEnterVideoFullscreen const):
* Source/WebKit/WebProcess/WebCoreSupport/WebChromeClient.h:
* Source/WebKit/WebProcess/cocoa/VideoFullscreenManager.h:
* Source/WebKit/WebProcess/cocoa/VideoFullscreenManager.mm:
(WebKit::VideoFullscreenManager::canEnterVideoFullscreen const):
(WebKit::VideoFullscreenManager::enterVideoFullscreenForVideoElement):
(WebKit::VideoFullscreenManager::exitVideoFullscreenForVideoElement):
(WebKit::VideoFullscreenManager::exitVideoFullscreenToModeWithoutAnimation):
(WebKit::VideoFullscreenManager::setCurrentlyInFullscreen):
* Source/WebKitLegacy/mac/WebCoreSupport/WebChromeClient.h:
* Source/WebKitLegacy/mac/WebCoreSupport/WebChromeClient.mm:
(WebChromeClient::canEnterVideoFullscreen const):

link: https://commits.webkit.org/251714@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295709 268f45cc-cd09-0410-ab3c-d52691b4dbfc

8 days ago[GPUP] Send GPU preferences in single IPC message
commit-queue@webkit.org [Wed, 22 Jun 2022 01:16:05 +0000 (01:16 +0000)]
[GPUP] Send GPU preferences in single IPC message
https://bugs.webkit.org/show_bug.cgi?id=241809
rdar://95636552

Patch by Youssef Soliman <youssefdevelops@gmail.com> on 2022-06-21
Reviewed by Eric Carlson.

Currently the `GPUProcessProxy::updatePreferences` method sends preferences
from the web process in multiple IPC messages to the GPU process. These messages
should be consolidated into one package and sent across in a single message.

* Source/WebKit/GPUProcess/GPUProcess.cpp:
(WebKit::GPUProcess::updateGPUProcessPreferences):
(WebKit::GPUProcess::updatePreference):
(WebKit::GPUProcess::setWebMParserEnabled): Deleted.
(WebKit::GPUProcess::setWebMFormatReaderEnabled): Deleted.
(WebKit::GPUProcess::setOpusDecoderEnabled): Deleted.
(WebKit::GPUProcess::setVorbisDecoderEnabled): Deleted.
(WebKit::GPUProcess::setMediaSourceInlinePaintingEnabled): Deleted.
(WebKit::GPUProcess::setSampleBufferContentKeySessionSupportEnabled): Deleted.
* Source/WebKit/GPUProcess/GPUProcess.h:
* Source/WebKit/GPUProcess/GPUProcess.messages.in:
* Source/WebKit/GPUProcess/GPUProcessPreferences.cpp: Added.
(WebKit::GPUProcessPreferences::encode const):
(WebKit::GPUProcessPreferences::decode):
* Source/WebKit/GPUProcess/GPUProcessPreferences.h: Added.
* Source/WebKit/Sources.txt:
* Source/WebKit/UIProcess/GPU/GPUProcessProxy.cpp:
(WebKit::GPUProcessProxy::updatePreferences):
* Source/WebKit/UIProcess/GPU/GPUProcessProxy.h:
* Source/WebKit/WebKit.xcodeproj/project.pbxproj:

link: https://commits.webkit.org/251713@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295708 268f45cc-cd09-0410-ab3c-d52691b4dbfc

8 days agoConnectionCocoa doesn't receive disconnect notifications before the client has finish...
mattwoodrow@apple.com [Wed, 22 Jun 2022 01:05:31 +0000 (01:05 +0000)]
ConnectionCocoa doesn't receive disconnect notifications before the client has finished initialising
https://bugs.webkit.org/show_bug.cgi?id=241666

Reviewed by Kimmo Kinnunen.

Adds a MACH_NOTIFY_NO_SENDERS notification to the receive port of a server-side Connection object, so that
we can receive notifications if we fail to initialize the client side of the connection.
This gets removed again once the client side initialization completes, since we already have handling for
disconnections from that point onwards.

The test WebProcessTerminationAfterTooManyGPUProcessCrashes would hang in case the GPU Process would be
restarted and the test would terminate it before the connection was fully established, before the WebContent
process would receive the send right. The test is written in such a way that it is expected is that the GPUP
kill happens only after the connection has been re-established and the audio is playing.

* Source/WebKit/Platform/IPC/cocoa/ConnectionCocoa.mm:
(IPC::requestNoSenderNotifications):
(IPC::clearNoSenderNotifications):
(IPC::Connection::open):
(IPC::Connection::receiveSourceEventHandler):

* Tools/TestWebKitAPI/Tests/WebKitCocoa/GPUProcess.mm:
(TEST):

Adds some early returns for failure cases, so that we don't call kill(0, 9).

link: https://commits.webkit.org/251712@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295707 268f45cc-cd09-0410-ab3c-d52691b4dbfc

8 days agoDecomposedGlyphs should notify observers in destructor
heycam@apple.com [Wed, 22 Jun 2022 00:39:46 +0000 (00:39 +0000)]
DecomposedGlyphs should notify observers in destructor
https://bugs.webkit.org/show_bug.cgi?id=241752

Reviewed by Simon Fraser.

Currently old DecomposedGlyphs objects will hang around in the GPU process until
the document goes away, instead of (as is intended) when the display list they
are in is removed from the GlyphDisplayListCache.

* Source/WebCore/platform/graphics/DecomposedGlyphs.cpp:
(WebCore::DecomposedGlyphs::~DecomposedGlyphs):

link: https://commits.webkit.org/251711@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295706 268f45cc-cd09-0410-ab3c-d52691b4dbfc

8 days agoAllow access to power log service in internal builds
pvollan@apple.com [Wed, 22 Jun 2022 00:17:21 +0000 (00:17 +0000)]
Allow access to power log service in internal builds
https://bugs.webkit.org/show_bug.cgi?id=241688
<rdar://82442196>

Reviewed by Geoffrey Garen.

Allow access to power log service in the GPU process in internal builds.

* Source/WebKit/GPUProcess/mac/com.apple.WebKit.GPUProcess.sb.in:

link: https://commits.webkit.org/251710@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295705 268f45cc-cd09-0410-ab3c-d52691b4dbfc

8 days agoconstructJSHTMLElement() should protect `document` and `elementInterface`
shvaikalesh@gmail.com [Wed, 22 Jun 2022 00:15:30 +0000 (00:15 +0000)]
constructJSHTMLElement() should protect `document` and `elementInterface`
https://bugs.webkit.org/show_bug.cgi?id=241827
<rdar://94610860>

Reviewed by Mark Lam.

* Source/WebCore/bindings/js/JSHTMLElementCustom.cpp:
(WebCore::constructJSHTMLElement):
* Source/WebKit/WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::runModal):

link: https://commits.webkit.org/251709@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295704 268f45cc-cd09-0410-ab3c-d52691b4dbfc

8 days agoUnreviewed, revert "The extraMemorySize() get wrong when transferring ArrayBuffer...
ysuzuki@apple.com [Tue, 21 Jun 2022 23:57:05 +0000 (23:57 +0000)]
Unreviewed, revert "The extraMemorySize() get wrong when transferring ArrayBuffer from Worker VM"
https://bugs.webkit.org/show_bug.cgi?id=241826
rdar://95384643

This reverts commit 71960bed2a3ee0917367bc4144911a9e8168deea.

m_extraMemorySize must be monotonically increasing during GC cycles until
full-collection happens. And after the full-collection, it is adjusted.
We already adjusted it in sweep of m_arrayBuffer, so, we should not reduce
that number. This is used for GC invocation scheduling. So, if we would like to
have a number which more precisely reflecting the current status,
then we should have yet another one. And we can still use extraMemorySize
since it will be adjusted after the full-collection. So we can consider
that transferred array-buffer is collected at the full-collection.

link: https://commits.webkit.org/251708@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295703 268f45cc-cd09-0410-ab3c-d52691b4dbfc

8 days ago[WebAuthn] Fix crash when making assertions
j_pascoe@apple.com [Tue, 21 Jun 2022 23:51:24 +0000 (23:51 +0000)]
[WebAuthn] Fix crash when making assertions
https://bugs.webkit.org/show_bug.cgi?id=241814
rdar://95618710

Reviewed by Brent Fulgham.

We return an NSData inside _WKAuthenticatorAssertionResponse with ref count 0. To fix this,
we use autorelease as we do in the _WKAuthenticatorAttestationResponse case.

* Source/WebKit/UIProcess/API/Cocoa/_WKWebAuthenticationPanel.mm:
(wkAuthenticatorAssertionResponse):

link: https://commits.webkit.org/251707@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295702 268f45cc-cd09-0410-ab3c-d52691b4dbfc

8 days agogetComputedStyle(img).height returns string of a rounded int not a float
commit-queue@webkit.org [Tue, 21 Jun 2022 23:28:41 +0000 (23:28 +0000)]
getComputedStyle(img).height returns string of a rounded int not a float
https://bugs.webkit.org/show_bug.cgi?id=206161
<rdar://93860607>

Patch by Sammy Gill <sgill26@apple.com> on 2022-06-21
Reviewed by Alan Bujtas.

When computing the logical height/width for a replaced element, we may
need to calculate it using (used width) / (intrinsic ratio) or
(used height) / (intrinsic ratio). In either case, these are the
used values according to the spec, which means they may be floats.

Currently, WebKit performs these computations, but it also rounds them
leading to an incorrect value. By removing these calls to round, the
computed value should line up with what is specified in the spec.

As a result of this change, several tests needed to be rebaselined since
the generated content was slightly different. In the test cases, there
were certain elements that computed a slightly different width/height
value, which resulted in different dimensions that were used in the
rendering as well as in the output of the tests. Depending on how the
dimensions of an element changed, this could have in turn caused a
nearby element to get rendered slightly differetly as well. For example,
if an element had a slight increase in its height, this could have
caused a neighboring element to have a slightly different position in
the y dimension. The more of these interactions/differences there are
would mean we would see a greater difference in the expected vs actual
output (e.g. css1/text_properties/vertical_align.html).

However, this change should be seen as a progression when comparing the
tests with the results of other browsers. By loading up the tests in
other browsers, you can see that the dimensions that are calculated
are more in line with the new values generated with this patch.

Referenced spec: https://www.w3.org/TR/CSS21/visudet.html#propdef-height

* Source/WebCore/rendering/RenderReplaced.cpp:
(WebCore::resolveWidthForRatio):
(WebCore::RenderReplaced::computeReplacedLogicalWidth const):
(WebCore::resolveHeightForRatio):
(WebCore::RenderReplaced::computeReplacedLogicalHeight const):
* LayoutTests/imported/w3c/web-platform-tests/html/rendering/replaced-elements/attributes-for-embedded-content-and-images/img-aspect-ratio-expected.txt:
* LayoutTests/fast/block/positioning/replaced-inside-fixed-top-bottom-expected.txt:
* LayoutTests/fast/writing-mode/block-level-images-expected.txt:
* LayoutTests/imported/w3c/web-platform-tests/css/css-sizing/replaced-fractional-height-from-aspect-ratio-expected.txt:
* LayoutTests/platform/mac/css1/box_properties/width-expected.txt:
* LayoutTests/platform/mac/css1/formatting_model/replaced_elements-expected.txt:
* LayoutTests/platform/mac/css1/text_properties/vertical_align-expected.txt:
* LayoutTests/platform/mac/fast/repaint/block-layout-inline-children-replaced-expected.txt:
* LayoutTests/platform/mac/fast/replaced/width100percent-image-expected.txt:
* LayoutTests/platform/mac/svg/wicd/test-rightsizing-b-expected.txt:
* LayoutTests/platform/mac/tables/mozilla/bugs/bug14929-expected.txt:
* LayoutTests/platform/mac/tables/mozilla_expected_failures/bugs/bug85016-expected.txt:
* LayoutTests/svg/css/max-width-2-expected.html:
* LayoutTests/platform/glib/css2.1/t090501-c414-flt-03-b-g-expected.txt:
* LayoutTests/platform/glib/fast/block/positioning/replaced-inside-fixed-top-bottom-expected.txt:
* LayoutTests/platform/glib/tables/mozilla_expected_failures/bugs/bug85016-expected.txt:
* LayoutTests/platform/gtk/css1/box_properties/width-expected.txt:
* LayoutTests/platform/gtk/css1/formatting_model/replaced_elements-expected.txt:
* LayoutTests/platform/gtk/css1/text_properties/vertical_align-expected.txt:
* LayoutTests/platform/gtk/css2.1/t090501-c414-flt-03-b-g-expected.png:
* LayoutTests/platform/gtk/fast/repaint/block-layout-inline-children-replaced-expected.png:
* LayoutTests/platform/gtk/fast/repaint/block-layout-inline-children-replaced-expected.txt:
* LayoutTests/platform/gtk/fast/replaced/width100percent-image-expected.txt:
* LayoutTests/platform/gtk/tables/mozilla/bugs/bug14929-expected.txt:
* LayoutTests/platform/ios/css1/text_properties/vertical_align-expected.txt:
* LayoutTests/platform/ios/fast/replaced/width100percent-image-expected.txt:
* LayoutTests/platform/ios/tables/mozilla/bugs/bug14929-expected.txt:
* LayoutTests/platform/ios/tables/mozilla_expected_failures/bugs/bug85016-expected.txt:
* LayoutTests/platform/glib/TestExpectations:
* LayoutTests/platform/gtk/TestExpectations:

link: https://commits.webkit.org/251706@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295701 268f45cc-cd09-0410-ab3c-d52691b4dbfc

8 days agoAdd null checks for connection in UniqueIDBDatabaseTransaction and UniqueIDBDatabase
sihui_liu@apple.com [Tue, 21 Jun 2022 23:25:32 +0000 (23:25 +0000)]
Add null checks for connection in UniqueIDBDatabaseTransaction and UniqueIDBDatabase
https://bugs.webkit.org/show_bug.cgi?id=241792
rdar://95011134

Reviewed by Youenn Fablet.

* Source/WebCore/Modules/indexeddb/server/UniqueIDBDatabase.cpp:
(WebCore::IDBServer::UniqueIDBDatabase::startVersionChangeTransaction):
(WebCore::IDBServer::UniqueIDBDatabase::clearTransactionsOnConnection):
(WebCore::IDBServer::UniqueIDBDatabase::openDBRequestCancelled):
(WebCore::IDBServer::UniqueIDBDatabase::commitTransaction):
(WebCore::IDBServer::UniqueIDBDatabase::abortTransaction):
(WebCore::IDBServer::UniqueIDBDatabase::immediateClose):
* Source/WebCore/Modules/indexeddb/server/UniqueIDBDatabaseTransaction.cpp:
(WebCore::IDBServer::UniqueIDBDatabaseTransaction::UniqueIDBDatabaseTransaction):
(WebCore::IDBServer::UniqueIDBDatabaseTransaction::~UniqueIDBDatabaseTransaction):
(WebCore::IDBServer::UniqueIDBDatabaseTransaction::databaseConnection const):
(WebCore::IDBServer::UniqueIDBDatabaseTransaction::abort):
(WebCore::IDBServer::UniqueIDBDatabaseTransaction::abortWithoutCallback):
(WebCore::IDBServer::UniqueIDBDatabaseTransaction::database const):
(WebCore::IDBServer::UniqueIDBDatabaseTransaction::commit):
(WebCore::IDBServer::UniqueIDBDatabaseTransaction::createObjectStore):
(WebCore::IDBServer::UniqueIDBDatabaseTransaction::deleteObjectStore):
(WebCore::IDBServer::UniqueIDBDatabaseTransaction::renameObjectStore):
(WebCore::IDBServer::UniqueIDBDatabaseTransaction::clearObjectStore):
(WebCore::IDBServer::UniqueIDBDatabaseTransaction::createIndex):
(WebCore::IDBServer::UniqueIDBDatabaseTransaction::deleteIndex):
(WebCore::IDBServer::UniqueIDBDatabaseTransaction::renameIndex):
(WebCore::IDBServer::UniqueIDBDatabaseTransaction::putOrAdd):
(WebCore::IDBServer::UniqueIDBDatabaseTransaction::getRecord):
(WebCore::IDBServer::UniqueIDBDatabaseTransaction::getAllRecords):
(WebCore::IDBServer::UniqueIDBDatabaseTransaction::getCount):
(WebCore::IDBServer::UniqueIDBDatabaseTransaction::deleteRecord):
(WebCore::IDBServer::UniqueIDBDatabaseTransaction::openCursor):
(WebCore::IDBServer::UniqueIDBDatabaseTransaction::iterateCursor):
(WebCore::IDBServer::UniqueIDBDatabaseTransaction::objectStoreIdentifiers):
(WebCore::IDBServer::UniqueIDBDatabaseTransaction::didActivateInBackingStore):
(WebCore::IDBServer::UniqueIDBDatabaseTransaction::databaseConnection): Deleted.
* Source/WebCore/Modules/indexeddb/server/UniqueIDBDatabaseTransaction.h:
* Source/WebCore/Modules/indexeddb/shared/IDBResultData.cpp:
(WebCore::IDBResultData::openDatabaseUpgradeNeeded):
* Source/WebCore/Modules/indexeddb/shared/IDBResultData.h:

link: https://commits.webkit.org/251705@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295700 268f45cc-cd09-0410-ab3c-d52691b4dbfc

8 days agoWeb Inspector: Fonts details sidebar in Elements tab has empty space for filter bar
pangle@apple.com [Tue, 21 Jun 2022 23:22:07 +0000 (23:22 +0000)]
Web Inspector: Fonts details sidebar in Elements tab has empty space for filter bar
https://bugs.webkit.org/show_bug.cgi?id=241817
rdar://problem/95634156

Reviewed by Devin Rousso.

As pointed out by Devin, passing undefined to `toggle` here acts as if we didn't pass a value, not as a falsy value.

* Source/WebInspectorUI/UserInterface/Views/GeneralStyleDetailsSidebarPanel.js:
(WI.GeneralStyleDetailsSidebarPanel.prototype._showPanel):

link: https://commits.webkit.org/251703@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295699 268f45cc-cd09-0410-ab3c-d52691b4dbfc

8 days agoAllow build-and-collect-pgo-profiles to write files
commit-queue@webkit.org [Tue, 21 Jun 2022 23:21:07 +0000 (23:21 +0000)]
Allow build-and-collect-pgo-profiles to write files
https://bugs.webkit.org/show_bug.cgi?id=241692
<rdar://95311491>

Patch by Brianna Fan <briannaf@berkeley.edu> on 2022-06-21
Reviewed by Dewei Zhu.

Ran into a missing profiles issue as required permissions to write were missing.
Fixed this issue by moving a code block in GenerateProfiles.h.

* Source/WTF/wtf/GenerateProfiles.h:
(WTF::registerProfileGenerationCallback):

link: https://commits.webkit.org/251703@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295698 268f45cc-cd09-0410-ab3c-d52691b4dbfc

8 days agoBlock access to socket syscalls
pvollan@apple.com [Tue, 21 Jun 2022 23:01:30 +0000 (23:01 +0000)]
Block access to socket syscalls
https://bugs.webkit.org/show_bug.cgi?id=241722

Reviewed by Geoffrey Garen.

Block access to socket syscalls in the WebContent process. These are used by the legacy ASL logging system.
The legacy logging system is rarely used in the WebContent process.

* Source/WebKit/Resources/SandboxProfiles/ios/com.apple.WebKit.WebContent.sb.in:
* Source/WebKit/WebProcess/com.apple.WebProcess.sb.in:

link: https://commits.webkit.org/251702@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295697 268f45cc-cd09-0410-ab3c-d52691b4dbfc

8 days agoFix spelling error identifer -> identifier.
commit-queue@webkit.org [Tue, 21 Jun 2022 22:39:28 +0000 (22:39 +0000)]
Fix spelling error identifer -> identifier.
https://bugs.webkit.org/show_bug.cgi?id=241787

Patch by Youssef Soliman <youssefdevelops@gmail.com> on 2022-06-21
Reviewed by Jonathan Bedard and Ross Kirsling.

Across multiple files, the word "identifier" is misspelled as "identifer"

* Source/WebCore/Modules/filesystemaccess/FileSystemHandleCloseScope.h:
(WebCore::FileSystemHandleCloseScope::FileSystemHandleCloseScope):
* Source/WebCore/bindings/scripts/CodeGeneratorJS.pm:
(GenerateDeletePropertyCommon):
* Source/WebCore/bindings/scripts/test/JS/JSTestNamedDeleterNoIdentifier.cpp:
(WebCore::JSTestNamedDeleterNoIdentifier::deleteProperty):
(WebCore::JSTestNamedDeleterNoIdentifier::deletePropertyByIndex):
* Source/WebCore/bindings/scripts/test/JS/JSTestNamedDeleterThrowingException.cpp:
(WebCore::JSTestNamedDeleterThrowingException::deleteProperty):
(WebCore::JSTestNamedDeleterThrowingException::deletePropertyByIndex):
* Source/WebCore/bindings/scripts/test/JS/JSTestNamedDeleterWithIndexedGetter.cpp:
(WebCore::JSTestNamedDeleterWithIndexedGetter::deleteProperty):
* Source/WebKit/GPUProcess/graphics/RemoteRenderingBackend.cpp:
(WebKit::RemoteRenderingBackend::prepareLayerBuffersForDisplay):
* Source/WebKit/Shared/ObjectIdentifierReferenceTracker.h:
* Source/WebKit/UIProcess/API/APIContentWorld.cpp:
(API::ContentWorld::worldForIdentifier):
* Source/WebKit/WebProcess/GPU/graphics/RemoteRenderingBackendProxy.cpp:
(WebKit::RemoteRenderingBackendProxy::ensureGPUProcessConnection):
* Source/WebKit/WebProcess/Storage/WebSWContextManagerConnection.messages.in:
* Source/WebKit/webpushd/PushClientConnection.mm:
(WebPushD::ClientConnection::broadcastDebugMessage):
* Tools/MiniBrowser/mac/WK2BrowserWindowController.m:
(-[WK2BrowserWindowController updateTitle:]):
* Tools/Scripts/libraries/webkitscmpy/webkitscmpy/program/__init__.py:
* Tools/Scripts/libraries/webkitscmpy/webkitscmpy/program/revert.py:
(Revert.parser):
* Tools/Scripts/libraries/webkitscmpy/webkitscmpy/program/squash.py:
(Squash.parser):

link: https://commits.webkit.org/251701@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295696 268f45cc-cd09-0410-ab3c-d52691b4dbfc

8 days agoOnly support downloading previews in captive portal mode
j_pascoe@apple.com [Tue, 21 Jun 2022 22:34:05 +0000 (22:34 +0000)]
Only support downloading previews in captive portal mode
https://bugs.webkit.org/show_bug.cgi?id=241741
<rdar://92037537>

Reviewed by Brent Fulgham.

* Source/WebKit/UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::decidePolicyForResponseShared):
Set policy for previews to download

link: https://commits.webkit.org/251700@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295695 268f45cc-cd09-0410-ab3c-d52691b4dbfc

8 days agoNotificationEventEnabled should be enabled macOS Ventura+
j_pascoe@apple.com [Tue, 21 Jun 2022 22:11:33 +0000 (22:11 +0000)]
NotificationEventEnabled should be enabled macOS Ventura+
https://bugs.webkit.org/show_bug.cgi?id=241605
rdar://94441142

Reviewed by Alex Christensen.

* Source/WTF/wtf/PlatformEnable.h:
This API should only be enabled on macOS 13 and later.
* LayoutTests/TestExpectations:
* LayoutTests/platform/mac-wk2/TestExpectations:
* Tools/TestWebKitAPI/Tests/WebKitCocoa/PushAPI.mm:
* Tools/TestWebKitAPI/Tests/WebKitCocoa/WebPushDaemon.mm:
Update test expectations to account for these being macOS Ventura+

link: https://commits.webkit.org/251699@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295694 268f45cc-cd09-0410-ab3c-d52691b4dbfc

8 days ago[JSC] Fix Temporal regulateTime's constraints for milliseconds, microseconds, and...
ysuzuki@apple.com [Tue, 21 Jun 2022 22:08:27 +0000 (22:08 +0000)]
[JSC] Fix Temporal regulateTime's constraints for milliseconds, microseconds, and nanoseconds
https://bugs.webkit.org/show_bug.cgi?id=241818
rdar://95534859

Reviewed by Ross Kirsling.

This patch fixes constraints for milliseconds, microseconds, and nanoseconds in constrainTime.
It should be from 0 to 999, not to 1000[1].

[1]: https://tc39.es/proposal-temporal/#sec-temporal-constraintime

* JSTests/stress/temporal-plaintime-tostring-1000-millisecond.js: Added.
(shouldBe):
(throw.new.Error):
* Source/JavaScriptCore/runtime/TemporalPlainTime.cpp:
(JSC::constrainTime):

link: https://commits.webkit.org/251698@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295693 268f45cc-cd09-0410-ab3c-d52691b4dbfc

8 days ago-Wmismatched-new-delete warning spam from CSSStyleValue.h
commit-queue@webkit.org [Tue, 21 Jun 2022 22:00:27 +0000 (22:00 +0000)]
-Wmismatched-new-delete warning spam from CSSStyleValue.h
https://bugs.webkit.org/show_bug.cgi?id=241516

Patch by Michael Catanzaro <mcatanzaro@redhat.com> on 2022-06-21
Reviewed by Chris Dumez.

I cannot find any reason behind this warning. Mismatched new/delete is
very serious if true, but in this case, I just do not see it. If we are
doing something wrong, it must be somehow related to the iso heap, but
don't think we are.

* Source/WebCore/css/typedom/CSSStyleValue.h:

link: https://commits.webkit.org/251697@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295692 268f45cc-cd09-0410-ab3c-d52691b4dbfc

8 days agoDisable system preview in captive portal mode
j_pascoe@apple.com [Tue, 21 Jun 2022 21:50:42 +0000 (21:50 +0000)]
Disable system preview in captive portal mode
https://bugs.webkit.org/show_bug.cgi?id=241739
rdar://90563679

Reviewed by Brent Fulgham.

* Source/WebKit/WebProcess/WebPage/WebPage.cpp:
(WebKit::adjustSettingsForCaptivePortal):
Disable system preview when in captive portal mode.

link: https://commits.webkit.org/251696@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295691 268f45cc-cd09-0410-ab3c-d52691b4dbfc

8 days agoUse PageIdentifier, not WebPageProxy's identifier for WKPageGetIdentifier
j_pascoe@apple.com [Tue, 21 Jun 2022 21:35:26 +0000 (21:35 +0000)]
Use PageIdentifier, not WebPageProxy's identifier for WKPageGetIdentifier
https://bugs.webkit.org/show_bug.cgi?id=241701
rdar://problem/95332001

Reviewed by Chris Dumez.

* Source/WebKit/UIProcess/API/C/WKPage.cpp:
(WKPageGetIdentifier):
Use webPageID, not identifier.

link: https://commits.webkit.org/251695@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295690 268f45cc-cd09-0410-ab3c-d52691b4dbfc

8 days ago[iOS 16] Previously dictated input is inserted in next field when changing focused...
wenson_hsieh@apple.com [Tue, 21 Jun 2022 21:27:16 +0000 (21:27 +0000)]
[iOS 16] Previously dictated input is inserted in next field when changing focused element
https://bugs.webkit.org/show_bug.cgi?id=241751
rdar://84995538

Reviewed by Megan Gardner.

When changing focus between text fields while continuous dictation is active, dictated text in the
previously focused text field is inserted in the newly focused field. This happens because UIKit
attempts to update the dictation string one final time prior to changing the keyboard input
delegate; however, this doesn't work in `WKWebView`, due to the fact that the previous field has
already been blurred by the time we handle element focus and reload input views in the UI process.

Mitigate this by treating `-replaceDictatedText:withText:` and `-insertText:` as no-ops in the case
where they are triggered while hiding the keyboard; note that this only changes behavior in cases
where UIKit would've otherwise inserted or modified text in newly focused elements, while only
having text input and autocorrection context from the previously focused element -- as such, it's
very unlikely that any (intended) platform editing behaviors in WebKit2 depend on the ability to
insert text in this specific scenario.

* Source/WebKit/UIProcess/ios/WKContentViewInteraction.h:

Add a new `_isHidingKeyboard` flag.

* Source/WebKit/UIProcess/ios/WKContentViewInteraction.mm:
(-[WKContentView replaceDictatedText:withText:]):
(-[WKContentView insertText:]):
(-[WKContentView _hideKeyboard]):

Set `_isHidingKeyboard` during the scope of this method call.

link: https://commits.webkit.org/251694@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295689 268f45cc-cd09-0410-ab3c-d52691b4dbfc

8 days agoAdopt new function to set video decoder behavior
pvollan@apple.com [Tue, 21 Jun 2022 21:06:40 +0000 (21:06 +0000)]
Adopt new function to set video decoder behavior
https://bugs.webkit.org/show_bug.cgi?id=241603

Reviewed by Geoffrey Garen.

The only behavior change from this is that common video decoders will not be permitted in the WebContent process.

* Source/WebKit/WebProcess/cocoa/WebProcessCocoa.mm:
(WebKit::WebProcess::platformInitializeWebProcess):

link: https://commits.webkit.org/251693@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295688 268f45cc-cd09-0410-ab3c-d52691b4dbfc

8 days agoTestWebKitAPI.WebKit2.CrashGPUProcessWhileCapturingAndCalling is failing on BigSur bot
commit-queue@webkit.org [Tue, 21 Jun 2022 16:22:18 +0000 (16:22 +0000)]
TestWebKitAPI.WebKit2.CrashGPUProcessWhileCapturingAndCalling is failing on BigSur bot
https://bugs.webkit.org/show_bug.cgi?id=241798

Patch by Youenn Fablet <youennf@gmail.com> on 2022-06-21
Reviewed by Eric Carlson.

* Tools/TestWebKitAPI/Tests/WebKit/GetUserMedia.mm:
* Tools/TestWebKitAPI/Tests/WebKit/getUserMedia.html:
Adding some more tests and logging to investigate what is wrong with the test in BigSur.

link: https://commits.webkit.org/251692@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295687 268f45cc-cd09-0410-ab3c-d52691b4dbfc

8 days agoA HTMLMediaElement created while page is interrupted should be able to autoplay
commit-queue@webkit.org [Tue, 21 Jun 2022 14:24:23 +0000 (14:24 +0000)]
A HTMLMediaElement created while page is interrupted should be able to autoplay
https://bugs.webkit.org/show_bug.cgi?id=241783

Patch by Youenn Fablet <youennf@gmail.com> on 2022-06-21
Reviewed by Eric Carlson.

Previously, a session created while manager is interrupted would get its state set to interrupted.
When end of interruption happens, it would not be restarted since its interruption count would be set to 0.
Instead, manager now stores the last interruption.
In case of a new session, we now call beginInterruption instead of setting the session state directly.
This allows to have an interruption count set to 1 and thus uninterrupt the session when the end of interruption signal happens.

Covered by added test.

* LayoutTests/fast/mediastream/video-created-while-interrupted-expected.txt: Added.
* LayoutTests/fast/mediastream/video-created-while-interrupted.html: Added.
* Source/WebCore/platform/audio/PlatformMediaSessionManager.cpp:
(WebCore::PlatformMediaSessionManager::beginInterruption):
(WebCore::PlatformMediaSessionManager::endInterruption):
(WebCore::PlatformMediaSessionManager::addSession):
(WebCore::PlatformMediaSessionManager::sessionWillBeginPlayback):
(WebCore::PlatformMediaSessionManager::processSystemWillSleep):
(WebCore::PlatformMediaSessionManager::processSystemDidWake):
* Source/WebCore/platform/audio/PlatformMediaSessionManager.h:
(WebCore::PlatformMediaSessionManager::isInterrupted const):

link: https://commits.webkit.org/251691@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295686 268f45cc-cd09-0410-ab3c-d52691b4dbfc

8 days agoAX ITM: Fix for accessibility/language-attribute-change.html in isolated tree mode...
andresg_22@apple.com [Tue, 21 Jun 2022 13:16:48 +0000 (13:16 +0000)]
AX ITM: Fix for accessibility/language-attribute-change.html in isolated tree mode. web content
https://bugs.webkit.org/show_bug.cgi?id=241794

Reviewed by Chris Fleizach.

* Source/WebCore/accessibility/AXObjectCache.cpp:
When the lang attribute changes, we need to update the object for which the attribute changed in addition to updating its children.
(WebCore::AXObjectCache::updateIsolatedTree):
* Tools/WebKitTestRunner/InjectedBundle/AccessibilityController.cpp:
(WTR::AccessibilityController::executeOnAXThreadAndWait):
Made the complete local variable std::atomic since it is accessed on and off the main thread.

link: https://commits.webkit.org/251690@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295685 268f45cc-cd09-0410-ab3c-d52691b4dbfc

8 days agoApply implicit clears and clearBuffer commands in proper order
commit-queue@webkit.org [Tue, 21 Jun 2022 08:52:19 +0000 (08:52 +0000)]
Apply implicit clears and clearBuffer commands in proper order
https://bugs.webkit.org/show_bug.cgi?id=241765

Patch by Alexey Knyazev <3479527+lexaknyazev@users.noreply.github.com> on 2022-06-21
Reviewed by Kimmo Kinnunen.

Merging clearBuffer comamnds with implicit clears was producing
incorrect results, especially with enabled scissor test.

To resolve that, treat clearBuffer commands as draw calls,
i.e., apply implicit clears before them and notify the canvas
after, if needed.

It may be possible to reintroduce merged and/or skipped clears
provided that such an optimization does not break any tests.

See conformance2/rendering/clearbuffer-and-draw.html

* Source/WebCore/html/canvas/WebGL2RenderingContext.cpp:
(WebCore::WebGL2RenderingContext::clearBufferiv):
(WebCore::WebGL2RenderingContext::clearBufferuiv):
(WebCore::WebGL2RenderingContext::clearBufferfv):
(WebCore::WebGL2RenderingContext::clearBufferfi):

link: https://commits.webkit.org/251689@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295684 268f45cc-cd09-0410-ab3c-d52691b4dbfc

8 days ago[LBSE] Add support for <path>
commit-queue@webkit.org [Tue, 21 Jun 2022 08:26:31 +0000 (08:26 +0000)]
[LBSE] Add support for <path>
https://bugs.webkit.org/show_bug.cgi?id=240864

Patch by Nikolas Zimmermann <nzimmermann@igalia.com> on 2022-06-21
Reviewed by Rob Buis.

Rename RenderSVGPath -> LegacyRenderSVGPath and adapt callees.

Re-introduce RenderSVGPath for LBSE, and activate
renderer creation for <path>, if LBSE is enabled at run-time.

This allows a 22 more SVG 1.1 testcases to pass with LBSE.

* LayoutTests/platform/mac-monterey-wk2-lbse-text/TestExpectations:
* LayoutTests/platform/mac-monterey-wk2-lbse-text/svg/W3C-SVG-1.1/animate-elem-04-t-expected.txt:
* LayoutTests/platform/mac-monterey-wk2-lbse-text/svg/W3C-SVG-1.1/animate-elem-05-t-expected.txt:
* LayoutTests/platform/mac-monterey-wk2-lbse-text/svg/W3C-SVG-1.1/animate-elem-06-t-expected.txt:
* LayoutTests/platform/mac-monterey-wk2-lbse-text/svg/W3C-SVG-1.1/animate-elem-07-t-expected.txt:
* LayoutTests/platform/mac-monterey-wk2-lbse-text/svg/W3C-SVG-1.1/animate-elem-08-t-expected.txt:
* LayoutTests/platform/mac-monterey-wk2-lbse-text/svg/W3C-SVG-1.1/animate-elem-09-t-expected.txt:
* LayoutTests/platform/mac-monterey-wk2-lbse-text/svg/W3C-SVG-1.1/animate-elem-10-t-expected.txt:
* LayoutTests/platform/mac-monterey-wk2-lbse-text/svg/W3C-SVG-1.1/animate-elem-11-t-expected.txt:
* LayoutTests/platform/mac-monterey-wk2-lbse-text/svg/W3C-SVG-1.1/animate-elem-12-t-expected.txt:
* LayoutTests/platform/mac-monterey-wk2-lbse-text/svg/W3C-SVG-1.1/animate-elem-28-t-expected.txt:
* LayoutTests/platform/mac-monterey-wk2-lbse-text/svg/W3C-SVG-1.1/animate-elem-30-t-expected.txt:
* LayoutTests/platform/mac-monterey-wk2-lbse-text/svg/W3C-SVG-1.1/animate-elem-34-t-expected.txt:
* LayoutTests/platform/mac-monterey-wk2-lbse-text/svg/W3C-SVG-1.1/animate-elem-36-t-expected.txt:
* LayoutTests/platform/mac-monterey-wk2-lbse-text/svg/W3C-SVG-1.1/animate-elem-37-t-expected.txt:
* LayoutTests/platform/mac-monterey-wk2-lbse-text/svg/W3C-SVG-1.1/animate-elem-44-t-expected.txt:
* LayoutTests/platform/mac-monterey-wk2-lbse-text/svg/W3C-SVG-1.1/animate-elem-83-t-expected.txt:
* LayoutTests/platform/mac-monterey-wk2-lbse-text/svg/W3C-SVG-1.1/coords-viewattr-01-b-expected.txt:
* LayoutTests/platform/mac-monterey-wk2-lbse-text/svg/W3C-SVG-1.1/extend-namespace-01-f-expected.txt:
* LayoutTests/platform/mac-monterey-wk2-lbse-text/svg/W3C-SVG-1.1/filters-offset-01-b-expected.txt:
* LayoutTests/platform/mac-monterey-wk2-lbse-text/svg/W3C-SVG-1.1/fonts-elem-01-t-expected.txt:
* LayoutTests/platform/mac-monterey-wk2-lbse-text/svg/W3C-SVG-1.1/fonts-elem-02-t-expected.txt:
* LayoutTests/platform/mac-monterey-wk2-lbse-text/svg/W3C-SVG-1.1/fonts-elem-03-b-expected.txt:
* LayoutTests/platform/mac-monterey-wk2-lbse-text/svg/W3C-SVG-1.1/fonts-elem-04-b-expected.txt:
* LayoutTests/platform/mac-monterey-wk2-lbse-text/svg/W3C-SVG-1.1/fonts-elem-07-b-expected.txt:
* LayoutTests/platform/mac-monterey-wk2-lbse-text/svg/W3C-SVG-1.1/linking-a-05-t-expected.txt:
* LayoutTests/platform/mac-monterey-wk2-lbse-text/svg/W3C-SVG-1.1/metadata-example-01-b-expected.txt:
* LayoutTests/platform/mac-monterey-wk2-lbse-text/svg/W3C-SVG-1.1/painting-fill-03-t-expected.txt:
* LayoutTests/platform/mac-monterey-wk2-lbse-text/svg/W3C-SVG-1.1/painting-marker-01-f-expected.txt:
* LayoutTests/platform/mac-monterey-wk2-lbse-text/svg/W3C-SVG-1.1/painting-marker-02-f-expected.txt:
* LayoutTests/platform/mac-monterey-wk2-lbse-text/svg/W3C-SVG-1.1/painting-marker-03-f-expected.txt:
* LayoutTests/platform/mac-monterey-wk2-lbse-text/svg/W3C-SVG-1.1/painting-stroke-03-t-expected.txt:
* LayoutTests/platform/mac-monterey-wk2-lbse-text/svg/W3C-SVG-1.1/painting-stroke-04-t-expected.txt:
* LayoutTests/platform/mac-monterey-wk2-lbse-text/svg/W3C-SVG-1.1/painting-stroke-07-t-expected.txt:
* LayoutTests/platform/mac-monterey-wk2-lbse-text/svg/W3C-SVG-1.1/paths-data-01-t-expected.txt:
* LayoutTests/platform/mac-monterey-wk2-lbse-text/svg/W3C-SVG-1.1/paths-data-02-t-expected.txt:
* LayoutTests/platform/mac-monterey-wk2-lbse-text/svg/W3C-SVG-1.1/paths-data-03-f-expected.txt:
* LayoutTests/platform/mac-monterey-wk2-lbse-text/svg/W3C-SVG-1.1/paths-data-04-t-expected.txt:
* LayoutTests/platform/mac-monterey-wk2-lbse-text/svg/W3C-SVG-1.1/paths-data-05-t-expected.txt:
* LayoutTests/platform/mac-monterey-wk2-lbse-text/svg/W3C-SVG-1.1/paths-data-06-t-expected.txt:
* LayoutTests/platform/mac-monterey-wk2-lbse-text/svg/W3C-SVG-1.1/paths-data-07-t-expected.txt:
* LayoutTests/platform/mac-monterey-wk2-lbse-text/svg/W3C-SVG-1.1/paths-data-08-t-expected.txt:
* LayoutTests/platform/mac-monterey-wk2-lbse-text/svg/W3C-SVG-1.1/paths-data-09-t-expected.txt:
* LayoutTests/platform/mac-monterey-wk2-lbse-text/svg/W3C-SVG-1.1/paths-data-10-t-expected.txt:
* LayoutTests/platform/mac-monterey-wk2-lbse-text/svg/W3C-SVG-1.1/paths-data-12-t-expected.txt:
* LayoutTests/platform/mac-monterey-wk2-lbse-text/svg/W3C-SVG-1.1/paths-data-13-t-expected.txt:
* LayoutTests/platform/mac-monterey-wk2-lbse-text/svg/W3C-SVG-1.1/paths-data-14-t-expected.txt:
* LayoutTests/platform/mac-monterey-wk2-lbse-text/svg/W3C-SVG-1.1/paths-data-15-t-expected.txt:
* LayoutTests/platform/mac-monterey-wk2-lbse-text/svg/W3C-SVG-1.1/render-elems-01-t-expected.txt:
* LayoutTests/platform/mac-monterey-wk2-lbse-text/svg/W3C-SVG-1.1/render-elems-02-t-expected.txt:
* LayoutTests/platform/mac-monterey-wk2-lbse-text/svg/W3C-SVG-1.1/render-elems-03-t-expected.txt:
* LayoutTests/platform/mac-monterey-wk2-lbse-text/svg/W3C-SVG-1.1/struct-frag-06-t-expected.txt:
* Source/WebCore/Sources.txt:
* Source/WebCore/WebCore.xcodeproj/project.pbxproj:
* Source/WebCore/accessibility/AccessibilitySVGElement.cpp:
(WebCore::AccessibilitySVGElement::determineAccessibilityRole):
* Source/WebCore/rendering/RenderObject.h:
(WebCore::RenderObject::isLegacySVGPath const):
(WebCore::RenderObject::isSVGPathOrLegacySVGPath const):
* Source/WebCore/rendering/RenderTreeAsText.cpp:
* Source/WebCore/rendering/svg/LegacyRenderSVGPath.cpp: Copied from Source/WebCore/rendering/svg/RenderSVGPath.cpp.
(WebCore::LegacyRenderSVGPath::LegacyRenderSVGPath):
(WebCore::LegacyRenderSVGPath::updateShapeFromElement):
(WebCore::LegacyRenderSVGPath::calculateUpdatedStrokeBoundingBox const):
(WebCore::useStrokeStyleToFill):
(WebCore::LegacyRenderSVGPath::strokeShape const):
(WebCore::LegacyRenderSVGPath::shapeDependentStrokeContains):
(WebCore::LegacyRenderSVGPath::shouldStrokeZeroLengthSubpath const):
(WebCore::LegacyRenderSVGPath::zeroLengthLinecapPath const):
(WebCore::LegacyRenderSVGPath::zeroLengthSubpathRect const):
(WebCore::LegacyRenderSVGPath::updateZeroLengthSubpaths):
(WebCore::LegacyRenderSVGPath::isRenderingDisabled const):
* Source/WebCore/rendering/svg/LegacyRenderSVGPath.h: Copied from Source/WebCore/rendering/svg/RenderSVGPath.h.
* Source/WebCore/rendering/svg/LegacyRenderSVGShape.h:
* Source/WebCore/rendering/svg/RenderSVGHiddenContainer.cpp:
* Source/WebCore/rendering/svg/RenderSVGPath.cpp:
(WebCore::RenderSVGPath::RenderSVGPath):
(WebCore::RenderSVGPath::updateShapeFromElement):
(WebCore::RenderSVGPath::strokeShape const):
(WebCore::RenderSVGPath::shapeDependentStrokeContains):
* Source/WebCore/rendering/svg/RenderSVGPath.h:
* Source/WebCore/rendering/svg/RenderSVGShape.h:
* Source/WebCore/rendering/svg/SVGRenderTreeAsText.cpp:
* Source/WebCore/svg/SVGElement.cpp:
(WebCore::createSVGLayerAwareElementSet):
* Source/WebCore/svg/SVGGraphicsElement.cpp:
(WebCore::SVGGraphicsElement::createElementRenderer):
* Source/WebCore/svg/SVGPathElement.cpp:
(WebCore::SVGPathElement::svgAttributeChanged):
(WebCore::SVGPathElement::getBBox):
(WebCore::SVGPathElement::createElementRenderer):
* Source/WebCore/svg/SVGPolyElement.cpp:
(WebCore::SVGPolyElement::svgAttributeChanged):
(WebCore::SVGPolyElement::approximateMemoryCost const):

link: https://commits.webkit.org/251688@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295683 268f45cc-cd09-0410-ab3c-d52691b4dbfc

8 days agoAlign uniform*, WebGLMultiDraw, and GraphicsContextGLANGLE functions
commit-queue@webkit.org [Tue, 21 Jun 2022 08:19:14 +0000 (08:19 +0000)]
Align uniform*, WebGLMultiDraw, and GraphicsContextGLANGLE functions
https://bugs.webkit.org/show_bug.cgi?id=241748

Patch by Alexey Knyazev <3479527+lexaknyazev@users.noreply.github.com> on 2022-06-21
Reviewed by Kimmo Kinnunen.

* Added const qualifiers and rvalue ref to WebGL2RenderingContext::uniform*
* Removed TypedList redefinition from WebGLMultiDraw
* Added rvalue ref to typed arrays in WebGLMultiDraw::multiDraw*
* Removed extra validation from WebGLRenderingContextBase::uniform1*
* Added checkGPUStatus to draw and clear commands in GraphicsContextGLANGLE

* Source/WebCore/html/canvas/WebGL2RenderingContext.cpp:
(WebCore::WebGL2RenderingContext::uniform1ui):
(WebCore::WebGL2RenderingContext::uniform2ui):
(WebCore::WebGL2RenderingContext::uniform3ui):
(WebCore::WebGL2RenderingContext::uniform4ui):
(WebCore::WebGL2RenderingContext::uniform1uiv):
(WebCore::WebGL2RenderingContext::uniform2uiv):
(WebCore::WebGL2RenderingContext::uniform3uiv):
(WebCore::WebGL2RenderingContext::uniform4uiv):
(WebCore::WebGL2RenderingContext::uniformMatrix2x3fv):
(WebCore::WebGL2RenderingContext::uniformMatrix3x2fv):
(WebCore::WebGL2RenderingContext::uniformMatrix2x4fv):
(WebCore::WebGL2RenderingContext::uniformMatrix4x2fv):
(WebCore::WebGL2RenderingContext::uniformMatrix3x4fv):
(WebCore::WebGL2RenderingContext::uniformMatrix4x3fv):
(WebCore::WebGL2RenderingContext::uniform1fv):
(WebCore::WebGL2RenderingContext::uniform2fv):
(WebCore::WebGL2RenderingContext::uniform3fv):
(WebCore::WebGL2RenderingContext::uniform4fv):
(WebCore::WebGL2RenderingContext::uniform1iv):
(WebCore::WebGL2RenderingContext::uniform2iv):
(WebCore::WebGL2RenderingContext::uniform3iv):
(WebCore::WebGL2RenderingContext::uniform4iv):
(WebCore::WebGL2RenderingContext::uniformMatrix2fv):
(WebCore::WebGL2RenderingContext::uniformMatrix3fv):
(WebCore::WebGL2RenderingContext::uniformMatrix4fv):
* Source/WebCore/html/canvas/WebGL2RenderingContext.h:
* Source/WebCore/html/canvas/WebGLMultiDraw.cpp:
(WebCore::WebGLMultiDraw::multiDrawArraysWEBGL):
(WebCore::WebGLMultiDraw::multiDrawArraysInstancedWEBGL):
(WebCore::WebGLMultiDraw::multiDrawElementsWEBGL):
(WebCore::WebGLMultiDraw::multiDrawElementsInstancedWEBGL):
* Source/WebCore/html/canvas/WebGLMultiDraw.h:
* Source/WebCore/html/canvas/WebGLRenderingContextBase.cpp:
(WebCore::WebGLRenderingContextBase::uniform1i):
(WebCore::WebGLRenderingContextBase::uniform1iv):
* Source/WebCore/platform/graphics/angle/GraphicsContextGLANGLE.cpp:
(WebCore::GraphicsContextGLANGLE::drawRangeElements):
(WebCore::GraphicsContextGLANGLE::clearBufferiv):
(WebCore::GraphicsContextGLANGLE::clearBufferuiv):
(WebCore::GraphicsContextGLANGLE::clearBufferfv):
(WebCore::GraphicsContextGLANGLE::clearBufferfi):
(WebCore::GraphicsContextGLANGLE::multiDrawArraysANGLE):
(WebCore::GraphicsContextGLANGLE::multiDrawArraysInstancedANGLE):
(WebCore::GraphicsContextGLANGLE::multiDrawElementsANGLE):
(WebCore::GraphicsContextGLANGLE::multiDrawElementsInstancedANGLE):

link: https://commits.webkit.org/251687@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295682 268f45cc-cd09-0410-ab3c-d52691b4dbfc

8 days agoApplicationCacheHost::isApplicationCacheEnabled() should check for its page being...
commit-queue@webkit.org [Tue, 21 Jun 2022 06:42:47 +0000 (06:42 +0000)]
ApplicationCacheHost::isApplicationCacheEnabled() should check for its page being null
https://bugs.webkit.org/show_bug.cgi?id=241776

Patch by Youenn Fablet <youennf@gmail.com> on 2022-06-20
Reviewed by Alex Christensen.

* Source/WebCore/loader/appcache/ApplicationCacheHost.cpp:
(WebCore::ApplicationCacheHost::isApplicationCacheEnabled):
Add page null check.

link: https://commits.webkit.org/251686@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295681 268f45cc-cd09-0410-ab3c-d52691b4dbfc

8 days agoEnhance RawPointer to take function pointers as well.
mark.lam@apple.com [Tue, 21 Jun 2022 06:37:29 +0000 (06:37 +0000)]
Enhance RawPointer to take function pointers as well.
https://bugs.webkit.org/show_bug.cgi?id=241773

Reviewed by Yusuke Suzuki.

Also add PageBlock::end and PageReservation::end methods to make code a little
more readable (motivated by a RawPointer use).

* Source/JavaScriptCore/API/JSMarkingConstraintPrivate.cpp:
(JSContextGroupAddMarkingConstraint):
* Source/JavaScriptCore/heap/HeapFinalizerCallback.cpp:
(JSC::HeapFinalizerCallback::dump const):
* Source/JavaScriptCore/jit/ExecutableAllocator.cpp:
(JSC::initializeJITPageReservation):
* Source/WTF/wtf/PageBlock.h:
(WTF::PageBlock::end const):
* Source/WTF/wtf/PageReservation.h:
* Source/WTF/wtf/RawPointer.h:
(WTF::RawPointer::RawPointer):

link: https://commits.webkit.org/251685@main
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@295680 268f45cc-cd09-0410-ab3c-d52691b4dbfc