[webkit-changes] [WebKit/WebKit] e1aade: Branch WebKitGTK for 2.24
Adrian Perez
noreply at github.com
Thu Dec 1 10:44:32 PST 2022
Branch: refs/heads/webkitgtk/2.24
Home: https://github.com/WebKit/WebKit
Commit: e1aadee31cc317c50b97e08b271ff7a09c63fcb9
https://github.com/WebKit/WebKit/commit/e1aadee31cc317c50b97e08b271ff7a09c63fcb9
Author: Carlos Garcia Campos <carlosgc at webkit.org>
Date: 2019-02-12 (Tue, 12 Feb 2019)
Changed paths:
Log Message:
-----------
Branch WebKitGTK for 2.24
Commit: 02fdcd20ccea951c60783a5ed9719f4753d0a22d
https://github.com/WebKit/WebKit/commit/02fdcd20ccea951c60783a5ed9719f4753d0a22d
Author: Carlos Garcia Campos <carlosgc at webkit.org>
Date: 2019-02-12 (Tue, 12 Feb 2019)
Changed paths:
M Source/WebKit/UIProcess/API/APIProcessPoolConfiguration.cpp
M Source/WebKit/UIProcess/API/APIProcessPoolConfiguration.h
M Source/WebKit/UIProcess/API/C/WKContext.cpp
M Source/WebKit/UIProcess/API/C/WKContext.h
M Source/WebKit/UIProcess/API/Cocoa/WKProcessPool.mm
M Source/WebKit/UIProcess/API/Cocoa/WKProcessPoolPrivate.h
M Source/WebKit/UIProcess/API/Cocoa/_WKProcessPoolConfiguration.h
M Source/WebKit/UIProcess/API/Cocoa/_WKProcessPoolConfiguration.mm
M Source/WebKit/UIProcess/API/glib/WebKitWebContext.cpp
M Source/WebKit/UIProcess/WebProcessPool.cpp
M Source/WebKit/UIProcess/WebProcessPool.h
M Tools/MiniBrowser/mac/AppDelegate.m
M Tools/TestWebKitAPI/Tests/WebKit/UserMedia.cpp
M Tools/TestWebKitAPI/Tests/WebKitCocoa/ResponsivenessTimer.mm
M Tools/TestWebKitAPI/Tests/WebKitCocoa/ServiceWorkerBasic.mm
M Tools/TestWebKitAPI/Tests/WebKitCocoa/UserContentController.mm
M Tools/TestWebKitAPI/Tests/WebKitCocoa/WKProcessPoolConfiguration.mm
Log Message:
-----------
Revert r240363 - Deprecate API to limit the maximum number of WebProcesses
This reverts commit r240363.
Commit: 6b07edaaa7a692ae5031dea04b62539f33a2030a
https://github.com/WebKit/WebKit/commit/6b07edaaa7a692ae5031dea04b62539f33a2030a
Author: Alan Bujtas <zalan at apple.com>
Date: 2019-02-13 (Wed, 13 Feb 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/layout/inlineformatting/InlineFormattingContext.cpp
M Source/WebCore/layout/inlineformatting/InlineFormattingContext.h
M Tools/ChangeLog
M Tools/LayoutReloaded/misc/LFC-passing-tests.txt
Log Message:
-----------
Merge r241294 - [LFC][IFC] Add intrinsic width support for float boxes.
https://bugs.webkit.org/show_bug.cgi?id=194528
Reviewed by Antti Koivisto.
Source/WebCore:
This patch implements a very simple float box support for intrinsic width.
* layout/inlineformatting/InlineFormattingContext.cpp:
(WebCore::Layout::InlineFormattingContext::computeIntrinsicWidthConstraints const):
(WebCore::Layout::InlineFormattingContext::computeIntrinsicWidthForFloatBox const):
(WebCore::Layout::InlineFormattingContext::computeIntrinsicWidthForInlineBlock const):
(WebCore::Layout::InlineFormattingContext::computeMargin const):
(WebCore::Layout::InlineFormattingContext::computeIntrinsicWidthForFormattingContextRoot const): Deleted.
* layout/inlineformatting/InlineFormattingContext.h:
Tools:
Expand tests coverage (2 new tests -> 800).
(This is the correct test ordering --runs-singly --child-processes=1)
* LayoutReloaded/misc/LFC-passing-tests.txt:
Commit: ffe22030da2ed26b9b4b766b801555e0c145b180
https://github.com/WebKit/WebKit/commit/ffe22030da2ed26b9b4b766b801555e0c145b180
Author: Alan Bujtas <zalan at apple.com>
Date: 2019-02-13 (Wed, 13 Feb 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/layout/FormattingContext.cpp
M Source/WebCore/layout/FormattingContext.h
M Source/WebCore/layout/inlineformatting/InlineFormattingContext.cpp
M Source/WebCore/layout/inlineformatting/InlineFormattingContext.h
Log Message:
-----------
Merge r241295 - [LFC] Remove redundant InlineFormattingContext::computeBorderAndPadding
https://bugs.webkit.org/show_bug.cgi?id=194540
Reviewed by Antti Koivisto.
Use FormattingContext::computeBorderAndPadding instead.
* layout/FormattingContext.cpp:
(WebCore::Layout::FormattingContext::computeBorderAndPadding const):
* layout/FormattingContext.h:
* layout/inlineformatting/InlineFormattingContext.cpp:
(WebCore::Layout::InlineFormattingContext::computeBorderAndPadding const): Deleted.
* layout/inlineformatting/InlineFormattingContext.h:
Commit: 7b9f8b2055d0c820ed4ef8d34c90e7567dd975c8
https://github.com/WebKit/WebKit/commit/7b9f8b2055d0c820ed4ef8d34c90e7567dd975c8
Author: Antti Koivisto <koivisto at iki.fi>
Date: 2019-02-13 (Wed, 13 Feb 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/page/scrolling/ScrollingTree.cpp
Log Message:
-----------
Merge r241296 - Crash in WebCore::ScrollingTree::updateTreeFromStateNode
https://bugs.webkit.org/show_bug.cgi?id=194538
<rdar://problem/47841926>
Reviewed by Zalan Bujtas.
* page/scrolling/ScrollingTree.cpp:
(WebCore::ScrollingTree::updateTreeFromStateNode):
Make sure we don't leave node entry behind in m_nodeMap in case we failed to add it to the parent.
Commit: 560a8fd7e2030804905a4deb50270fe5fb1657af
https://github.com/WebKit/WebKit/commit/560a8fd7e2030804905a4deb50270fe5fb1657af
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-02-13 (Wed, 13 Feb 2019)
Changed paths:
M LayoutTests/ChangeLog
M LayoutTests/platform/wpe/TestExpectations
Log Message:
-----------
Merge r241298 - Unreviewed WPE gardening. Unskip content extensions tests after r241283
* platform/wpe/TestExpectations: Unskip content extensions tests, and list
as failing those known to not pass due to missing expectaions or timeouts.
Commit: 92d9550334d5815ccb6af72ff4e103cbe8992b40
https://github.com/WebKit/WebKit/commit/92d9550334d5815ccb6af72ff4e103cbe8992b40
Author: Mark Lam <mark.lam at apple.com>
Date: 2019-02-13 (Wed, 13 Feb 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/bindings/js/JSNodeCustom.h
M Source/WebCore/bindings/scripts/CodeGeneratorJS.pm
M Source/WebCore/bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp
Log Message:
-----------
Merge r241300 - Add some null checks in JSNodeCustom.h's root() and generated isReachableFromOpaqueRoots() functions.
https://bugs.webkit.org/show_bug.cgi?id=194530
<rdar://problem/47973274>
Reviewed by Chris Dumez.
This is needed to fix a null pointer dereference that arises from the following scenario:
1. a Document detaches from its StyleSheetList.
2. the JSStyleSheetList that is associated with the detached StyleSheetList has yet
to be scanned and collected by the GC.
3. the GC eventually looks for the opaque root of the StyleSheetList's owner, and
discovers a null owner pointer.
This patch fixes this issue by applying the following null checks:
1. Add a null check in JSNodeCustom.h's root().
root() is called from a isReachableFromOpaqueRoots() generated by CodeGeneratorJS.pm.
isReachableFromOpaqueRoots() calls a ownerNode() method and passes its result
to root(). However, depending on which class the ownerNode() method belongs to,
it can either return a pointer or a reference. The null check only makes sense
in the pointer case.
To accommodate the 2 forms, root() itself is has an overload that takes a
reference instead of a pointer.
Since CodeGeneratorJS.pm can't tell what the generated class' ownerNode()
returns, it can't discern when the result is a pointer and apply the null check.
Instead, we just add the null check to the version of root() that takes a
pointer. If the node pointer is null, we'll return a null opaque root.
2. Fix CodeGeneratorJS.pm to null check the opaque root before using it.
* bindings/js/JSNodeCustom.h:
(WebCore::root):
* bindings/scripts/CodeGeneratorJS.pm:
(GenerateImplementation):
* bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:
(WebCore::JSTestGenerateIsReachableOwner::isReachableFromOpaqueRoots):
Commit: a98961ff909d67c28fa62b421af76a448bb19eec
https://github.com/WebKit/WebKit/commit/a98961ff909d67c28fa62b421af76a448bb19eec
Author: Joseph Pecoraro <pecoraro at apple.com>
Date: 2019-02-13 (Wed, 13 Feb 2019)
Changed paths:
M Source/WebInspectorUI/ChangeLog
M Source/WebInspectorUI/UserInterface/Views/CPUTimelineView.js
Log Message:
-----------
Merge r241301 - Web Inspector: Remove unused maxUsage in CPUTimelineView
https://bugs.webkit.org/show_bug.cgi?id=194526
Patch by Joseph Pecoraro <pecoraro at apple.com> on 2019-02-12
Reviewed by Devin Rousso.
* UserInterface/Views/CPUTimelineView.js:
(WI.CPUTimelineView):
(WI.CPUTimelineView.prototype.shown):
Commit: 8538d19e7fa17b47c7f0ae1632fa2f97c91b6f9b
https://github.com/WebKit/WebKit/commit/8538d19e7fa17b47c7f0ae1632fa2f97c91b6f9b
Author: Devin Rousso <drousso at apple.com>
Date: 2019-02-13 (Wed, 13 Feb 2019)
Changed paths:
M Source/WebInspectorUI/ChangeLog
M Source/WebInspectorUI/UserInterface/Views/TimelineOverview.js
M Source/WebInspectorUI/UserInterface/Views/TimelineOverviewGraph.js
M Source/WebInspectorUI/UserInterface/Views/TimelineRecordBar.js
M Source/WebInspectorUI/UserInterface/Views/TimelineRecordingContentView.js
Log Message:
-----------
Merge r241302 - Web Inspector: Timelines: clicking on an empty space in the overview should deselect any selected record bar
https://bugs.webkit.org/show_bug.cgi?id=194365
<rdar://problem/47868426>
Reviewed by Joseph Pecoraro.
* UserInterface/Views/TimelineRecordBar.js:
(WI.TimelineRecordBar.prototype._handleClick):
Mark the "click" event so that later listeners know it was handled by `WI.TimelineRecordBar`.
* UserInterface/Views/TimelineOverview.js:
(WI.TimelineOverview):
(WI.TimelineOverview.prototype._instrumentAdded):
(WI.TimelineOverview.prototype._instrumentRemoved):
(WI.TimelineOverview.prototype._handleGraphsContainerClick): Added.
(WI.TimelineOverview.prototype._handleOverviewGraphRecordSelected): Added.
(WI.TimelineOverview.prototype._recordSelected):
Listen for "click" on the graph container and deselect all records when fired, unless the
click was marked by a `WI.TimelineRecordBar`.
* UserInterface/Views/TimelineRecordingContentView.js:
(WI.TimelineRecordingContentView.prototype._recordSelected):
Ensure that all `WI.TimelineView` update their selected record whenever it changes for any
other `WI.TimelineView` (or if there is no selected record).
* UserInterface/Views/TimelineOverviewGraph.js:
(WI.TimelineOverviewGraph.prototype.didLayoutSubtree): Added.
Drive-by: since `WI.TimelineRecordBar` are reused when combining, we need to re-determine
which one holds the currently selected record.
Commit: b2bd605308e7b89016e625d923f1618fffabdeb0
https://github.com/WebKit/WebKit/commit/b2bd605308e7b89016e625d923f1618fffabdeb0
Author: Michael Catanzaro <mcatanzaro at gnome.org>
Date: 2019-02-13 (Wed, 13 Feb 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/inspector/remote/glib/RemoteInspectorGlib.cpp
M Source/JavaScriptCore/inspector/remote/glib/RemoteInspectorServer.cpp
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/gtk/WebProcessPoolGtk.cpp
M Source/WebKit/UIProcess/wpe/WebProcessPoolWPE.cpp
Log Message:
-----------
Merge r241304 - [WPE][GTK] Unsafe g_unsetenv() use in WebProcessPool::platformInitialize
https://bugs.webkit.org/show_bug.cgi?id=194370
Reviewed by Darin Adler.
Source/JavaScriptCore:
Change a couple WTFLogAlways to use g_warning, for good measure. Of course this isn't
necessary, but it will make errors more visible.
* inspector/remote/glib/RemoteInspectorGlib.cpp:
(Inspector::RemoteInspector::start):
(Inspector::dbusConnectionCallAsyncReadyCallback):
* inspector/remote/glib/RemoteInspectorServer.cpp:
(Inspector::RemoteInspectorServer::start):
Source/WebKit:
It is incorrect to use g_unsetenv() here because it is MT-Unsafe. We know that it is
impossible and unreasonable to expect the application has not started other threads at this
point, and threads will be calling getenv(). WebKit itself has probably already started
threads of its own.
Fortunately, the remote inspector in the web process is already prepared to deal with
failure to connect to the inspector server, so we don't need to do anything except stop
messing with the environment.
Note these files are copies of each other. I'll merge them together in a follow-up patch.
* UIProcess/gtk/WebProcessPoolGtk.cpp:
(WebKit::initializeRemoteInspectorServer):
(WebKit::WebProcessPool::platformInitialize):
* UIProcess/wpe/WebProcessPoolWPE.cpp:
(WebKit::initializeRemoteInspectorServer):
(WebKit::WebProcessPool::platformInitialize):
Commit: 936de3aaad6a1975d56e0a89d9c658d567dc2655
https://github.com/WebKit/WebKit/commit/936de3aaad6a1975d56e0a89d9c658d567dc2655
Author: Commit Queue <commit-queue at webkit.org>
Date: 2019-02-13 (Wed, 13 Feb 2019)
Changed paths:
M Source/bmalloc/ChangeLog
M Source/bmalloc/bmalloc/Chunk.h
M Source/bmalloc/bmalloc/Heap.cpp
M Source/bmalloc/bmalloc/Heap.h
M Source/bmalloc/bmalloc/SmallPage.h
Log Message:
-----------
Merge r241305 - Unreviewed, rolling out r241182.
https://bugs.webkit.org/show_bug.cgi?id=194547
causes a 2-3% Speedometer2 regression. (Requested by
keith_miller on #webkit).
Reverted changeset:
"bmalloc uses more memory on iOS compared to macOS due to
physical page size differences"
https://bugs.webkit.org/show_bug.cgi?id=192389
https://trac.webkit.org/changeset/241182
Commit: 1adddf203d1377ce3f5361ac9e9776e05c5a3d83
https://github.com/WebKit/WebKit/commit/1adddf203d1377ce3f5361ac9e9776e05c5a3d83
Author: Alex Christensen <achristensen at apple.com>
Date: 2019-02-13 (Wed, 13 Feb 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/WebProcess/WebPage/WebPage.cpp
M Source/WebKit/WebProcess/WebPage/WebPage.h
M Source/WebKit/WebProcess/WebProcess.h
M Tools/ChangeLog
M Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj
A Tools/TestWebKitAPI/Tests/WebKitCocoa/BundleRetainPagePlugIn.mm
M Tools/TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm
Log Message:
-----------
Merge r241306 - WebPage::close needs to remove all message receivers associated with that WebPage, not WebPage::~WebPage
https://bugs.webkit.org/show_bug.cgi?id=194522
<rdar://problem/47789393>
Reviewed by Chris Dumez.
Source/WebKit:
The InjectedBundle SPI can retain the WebPage or wrapping objects (WKWebProcessPlugInBrowserContextController/WKBundlePageRef).
This can make it so WebPage::close is called before WebPage::~WebPage, and if the SuspendedPageProxy is reused for a subsequent
navigation to the same domain, the WebProcess is reused with a different WebPage instance with the same PageID, which causes problems
when another WebPage registers message handlers and then the previous WebPage is destroyed, which removes both message handlers.
* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::~WebPage):
(WebKit::WebPage::close):
(WebKit::WebPage::mainFrameDidLayout):
* WebProcess/WebPage/WebPage.h:
* WebProcess/WebProcess.h:
(WebKit::WebProcess::eventDispatcher):
Tools:
* TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
* TestWebKitAPI/Tests/WebKitCocoa/BundleRetainPagePlugIn.mm: Added.
(-[BundleRetainPagePlugIn webProcessPlugIn:didCreateBrowserContextController:]):
* TestWebKitAPI/Tests/WebKitCocoa/ProcessSwapOnNavigation.mm:
Commit: a2c8bddac5ccb4a96d97ec12c3e1286ecbc57c97
https://github.com/WebKit/WebKit/commit/a2c8bddac5ccb4a96d97ec12c3e1286ecbc57c97
Author: Chris Fleizach <cfleizach at apple.com>
Date: 2019-02-13 (Wed, 13 Feb 2019)
Changed paths:
M LayoutTests/ChangeLog
M LayoutTests/accessibility/loading-iframe-sends-notification-expected.txt
M LayoutTests/accessibility/loading-iframe-sends-notification.html
Log Message:
-----------
Merge r241307 - AX: Fix flaky accessibility/loading-iframe-sends-notification.html
https://bugs.webkit.org/show_bug.cgi?id=194546
Reviewed by Zalan Bujtas.
This test was relying on timing between load events being sent and accessibility events being sent.
We don't need to do that, we can more directly test this interplay.
* accessibility/loading-iframe-sends-notification-expected.txt:
* accessibility/loading-iframe-sends-notification.html:
Commit: 1cd969d75adeb97593abe270bfae53556fe9ee92
https://github.com/WebKit/WebKit/commit/1cd969d75adeb97593abe270bfae53556fe9ee92
Author: Youenn Fablet <youennf at gmail.com>
Date: 2019-02-13 (Wed, 13 Feb 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/inspector/agents/InspectorNetworkAgent.cpp
M Source/WebCore/loader/SubresourceLoader.h
M Source/WebKit/ChangeLog
M Source/WebKit/WebProcess/Network/WebLoaderStrategy.cpp
Log Message:
-----------
Merge r241308 - Make use of is<SubresourceLoader>
https://bugs.webkit.org/show_bug.cgi?id=194541
Reviewed by Alex Christensen.
Source/WebCore:
No change of behavior.
* inspector/agents/InspectorNetworkAgent.cpp:
(WebCore::InspectorNetworkAgent::didReceiveResponse):
* loader/SubresourceLoader.h:
(isType):
Source/WebKit:
* WebProcess/Network/WebLoaderStrategy.cpp:
(WebKit::WebLoaderStrategy::scheduleLoadFromNetworkProcess):
Commit: 25199962a9f84231c9785297404d828de2545e86
https://github.com/WebKit/WebKit/commit/25199962a9f84231c9785297404d828de2545e86
Author: Carlos Garcia Campos <carlosgc at webkit.org>
Date: 2019-02-13 (Wed, 13 Feb 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/dfg/DFGDoesGC.cpp
Log Message:
-----------
MNerge r241314 - Unreviewed, fix -Wimplicit-fallthrough warning after r241140
https://bugs.webkit.org/show_bug.cgi?id=194399
<rdar://problem/47889777>
* dfg/DFGDoesGC.cpp:
(JSC::DFG::doesGC):
Commit: db84951bc34fb9bd050ed82bbe0f28241a27d55f
https://github.com/WebKit/WebKit/commit/db84951bc34fb9bd050ed82bbe0f28241a27d55f
Author: Joseph Pecoraro <pecoraro at apple.com>
Date: 2019-02-13 (Wed, 13 Feb 2019)
Changed paths:
M Source/WebInspectorUI/ChangeLog
M Source/WebInspectorUI/UserInterface/Models/Timeline.js
Log Message:
-----------
Merge r241315 - Web Inspector: Timeline.prototype.recordsInTimeRange uses a property most records do not have
https://bugs.webkit.org/show_bug.cgi?id=194549
Patch by Joseph Pecoraro <pecoraro at apple.com> on 2019-02-12
Reviewed by Devin Rousso.
* UserInterface/Models/Timeline.js:
(WI.Timeline.prototype.recordsInTimeRange):
Commit: 2c1c6b8ffa982951fca5c6fe4559694e5f9b8ee8
https://github.com/WebKit/WebKit/commit/2c1c6b8ffa982951fca5c6fe4559694e5f9b8ee8
Author: Michael Catanzaro <mcatanzaro at gnome.org>
Date: 2019-02-13 (Wed, 13 Feb 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/contentextensions/DFABytecode.h
M Source/WebCore/contentextensions/DFABytecodeCompiler.h
M Source/WebCore/contentextensions/URLFilterParser.cpp
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/API/C/WKUserContentExtensionStoreRef.cpp
Log Message:
-----------
Merge r241316 - Unreviewed, fix build warnings after content extensions enablement
https://bugs.webkit.org/show_bug.cgi?id=193622
<rdar://problem/47982850>
Source/WebCore:
* contentextensions/DFABytecode.h:
(WebCore::ContentExtensions::instructionSizeWithArguments):
* contentextensions/DFABytecodeCompiler.h:
* contentextensions/URLFilterParser.cpp:
(WebCore::ContentExtensions::URLFilterParser::statusString):
Source/WebKit:
* UIProcess/API/C/WKUserContentExtensionStoreRef.cpp:
(toResult):
Commit: 9858b57a3afb45ea7975cdaba0f1f55571ef4e78
https://github.com/WebKit/WebKit/commit/9858b57a3afb45ea7975cdaba0f1f55571ef4e78
Author: Alex Christensen <achristensen at apple.com>
Date: 2019-02-13 (Wed, 13 Feb 2019)
Changed paths:
M LayoutTests/ChangeLog
M LayoutTests/platform/wk2/TestExpectations
M Source/WebCore/ChangeLog
M Source/WebCore/inspector/PageScriptDebugServer.cpp
M Source/WebKit/ChangeLog
M Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.cpp
M Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.h
M Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.messages.in
M Source/WebKit/NetworkProcess/NetworkDataTask.h
M Source/WebKit/NetworkProcess/NetworkDataTaskBlob.cpp
M Source/WebKit/NetworkProcess/NetworkDataTaskBlob.h
M Source/WebKit/NetworkProcess/NetworkLoad.cpp
M Source/WebKit/NetworkProcess/NetworkLoad.h
M Source/WebKit/NetworkProcess/NetworkLoadParameters.h
M Source/WebKit/NetworkProcess/NetworkResourceLoadParameters.cpp
M Source/WebKit/NetworkProcess/NetworkResourceLoader.cpp
M Source/WebKit/NetworkProcess/NetworkResourceLoader.h
M Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.h
M Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.mm
M Source/WebKit/NetworkProcess/curl/NetworkDataTaskCurl.cpp
M Source/WebKit/NetworkProcess/curl/NetworkDataTaskCurl.h
M Source/WebKit/NetworkProcess/soup/NetworkDataTaskSoup.cpp
M Source/WebKit/NetworkProcess/soup/NetworkDataTaskSoup.h
M Source/WebKit/WebProcess/Network/WebLoaderStrategy.cpp
M Tools/ChangeLog
M Tools/WebKitTestRunner/InjectedBundle/Bindings/TestRunner.idl
M Tools/WebKitTestRunner/InjectedBundle/TestRunner.cpp
M Tools/WebKitTestRunner/InjectedBundle/TestRunner.h
Log Message:
-----------
Merge r241317 - Remove setDefersLoading infrastructure from WebKit2
https://bugs.webkit.org/show_bug.cgi?id=194506
Reviewed by Brady Eidson.
Source/WebCore:
setDefersLoading is inherently racy from WebCore to the NetworkProcess,
it adds unwanted complexity to the initialization and use of network objects,
and it has led to many unrecoverable hang bugs over the years.
We needed to force it into WebKit2 to transition some existing clients who relied on it,
but we have recently finished transitioning those clients to other solutions, mostly
completion handlers.
* inspector/PageScriptDebugServer.cpp:
(WebCore::PageScriptDebugServer::setJavaScriptPaused):
Source/WebKit:
* NetworkProcess/NetworkConnectionToWebProcess.cpp:
(WebKit::NetworkConnectionToWebProcess::setDefersLoading): Deleted.
* NetworkProcess/NetworkConnectionToWebProcess.h:
* NetworkProcess/NetworkConnectionToWebProcess.messages.in:
* NetworkProcess/NetworkDataTask.h:
* NetworkProcess/NetworkDataTaskBlob.cpp:
(WebKit::NetworkDataTaskBlob::suspend): Deleted.
* NetworkProcess/NetworkDataTaskBlob.h:
* NetworkProcess/NetworkLoad.cpp:
(WebKit::NetworkLoad::initialize):
(WebKit::NetworkLoad::setDefersLoading): Deleted.
* NetworkProcess/NetworkLoad.h:
* NetworkProcess/NetworkLoadParameters.h:
* NetworkProcess/NetworkResourceLoadParameters.cpp:
(WebKit::NetworkResourceLoadParameters::encode const):
(WebKit::NetworkResourceLoadParameters::decode):
* NetworkProcess/NetworkResourceLoader.cpp:
(WebKit::NetworkResourceLoader::start):
(WebKit::NetworkResourceLoader::startNetworkLoad):
(WebKit::NetworkResourceLoader::setDefersLoading): Deleted.
* NetworkProcess/NetworkResourceLoader.h:
* NetworkProcess/cocoa/NetworkDataTaskCocoa.h:
* NetworkProcess/cocoa/NetworkDataTaskCocoa.mm:
(WebKit::NetworkDataTaskCocoa::suspend): Deleted.
* NetworkProcess/curl/NetworkDataTaskCurl.cpp:
(WebKit::NetworkDataTaskCurl::suspend): Deleted.
* NetworkProcess/curl/NetworkDataTaskCurl.h:
* NetworkProcess/soup/NetworkDataTaskSoup.cpp:
(WebKit::NetworkDataTaskSoup::suspend): Deleted.
* NetworkProcess/soup/NetworkDataTaskSoup.h:
* WebProcess/Network/WebLoaderStrategy.cpp:
(WebKit::WebLoaderStrategy::scheduleLoadFromNetworkProcess):
(WebKit::WebLoaderStrategy::setDefersLoading):
Tools:
* WebKitTestRunner/InjectedBundle/Bindings/TestRunner.idl:
* WebKitTestRunner/InjectedBundle/TestRunner.cpp:
(WTR::TestRunner::setDefersLoading): Deleted.
* WebKitTestRunner/InjectedBundle/TestRunner.h:
LayoutTests:
* platform/wk2/TestExpectations:
Commit: 136c4e70e83562c7311fb7436bea887a394f16b2
https://github.com/WebKit/WebKit/commit/136c4e70e83562c7311fb7436bea887a394f16b2
Author: Alex Christensen <achristensen at webkit.org>
Date: 2019-02-13 (Wed, 13 Feb 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/fast/canvas/bitmaprenderer-created-after-toBlob-expected.txt
A LayoutTests/fast/canvas/bitmaprenderer-created-after-toBlob.html
M Source/WebCore/ChangeLog
M Source/WebCore/html/HTMLCanvasElement.cpp
Log Message:
-----------
Merger r241319 - Remove setDefersLoading infrastructure from WebKit2
https://bugs.webkit.org/show_bug.cgi?id=194506
Patch by Alex Christensen <achristensen at webkit.org> on 2019-02-12
Reviewed by Brady Eidson.
setDefersLoading is inherently racy from WebCore to the NetworkProcess,
it adds unwanted complexity to the initialization and use of network objects,
and it has led to many unrecoverable hang bugs over the years.
We needed to force it into WebKit2 to transition some existing clients who relied on it,
but we have recently finished transitioning those clients to other solutions, mostly
completion handlers.
* inspector/PageScriptDebugServer.cpp:
(WebCore::PageScriptDebugServer::setJavaScriptPaused):
LayoutTests:
BitmapRenderer should handle existing ImageBuffers
https://bugs.webkit.org/show_bug.cgi?id=194555
<rdar://problem/47857150>
Reviewed by Tim Horton.
Test that creates a canvas, triggers an ImageBuffer to be created, then
creates the bitmaprenderer context.
* fast/canvas/bitmaprenderer-created-after-toBlob-expected.txt: Added.
* fast/canvas/bitmaprenderer-created-after-toBlob.html: Added.
Commit: 71e754483398a8918e3ba7c2900a8bbaeae78d56
https://github.com/WebKit/WebKit/commit/71e754483398a8918e3ba7c2900a8bbaeae78d56
Author: Carlos Garcia Campos <carlosgc at webkit.org>
Date: 2019-02-13 (Wed, 13 Feb 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/WebProcess/Network/WebLoaderStrategy.cpp
Log Message:
-----------
Merege r241330 - Remove firing assertion after r241317
https://bugs.webkit.org/show_bug.cgi?id=194506
* WebProcess/Network/WebLoaderStrategy.cpp:
(WebKit::WebLoaderStrategy::setDefersLoading):
The creation of a PageGroupLoadDeferrer in Chrome.cpp tries to defer loading.
See comments in Chrome::runJavaScriptAlert et al.
This was necessary with WebKitLegacy, so keep it, but it doesn't need to do anything in modern WebKit.
Commit: b2ad45f5740dca964141ac49e97cf79da1b56ae4
https://github.com/WebKit/WebKit/commit/b2ad45f5740dca964141ac49e97cf79da1b56ae4
Author: Rob Buis <rbuis at igalia.com>
Date: 2019-02-13 (Wed, 13 Feb 2019)
Changed paths:
M LayoutTests/imported/w3c/ChangeLog
M LayoutTests/imported/w3c/web-platform-tests/fetch/data-urls/processing.any-expected.txt
M LayoutTests/imported/w3c/web-platform-tests/fetch/data-urls/processing.any.worker-expected.txt
M Source/WebCore/ChangeLog
M Source/WebCore/platform/network/DataURLDecoder.cpp
Log Message:
-----------
Merge r241333 - Align with Fetch on data: URLs
https://bugs.webkit.org/show_bug.cgi?id=182325
Patch by Rob Buis <rbuis at igalia.com> on 2019-02-12
Reviewed by Alex Christensen.
LayoutTests/imported/w3c:
Update improved test expectations.
* web-platform-tests/fetch/data-urls/processing.any-expected.txt:
* web-platform-tests/fetch/data-urls/processing.any.worker-expected.txt:
Source/WebCore:
The MIME type part of the data url should be serialized as
specified in step 3 under "data" [1].
Test: web-platform-tests/fetch/data-urls/processing.any.js
[1] https://fetch.spec.whatwg.org/#concept-scheme-fetch
* platform/network/DataURLDecoder.cpp:
(WebCore::DataURLDecoder::parseMediaType):
Commit: 07d4f22f54b8677eea3a8806d37e95186229521f
https://github.com/WebKit/WebKit/commit/07d4f22f54b8677eea3a8806d37e95186229521f
Author: Robin Morisset <rmorisset at apple.com>
Date: 2019-02-13 (Wed, 13 Feb 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/b3/B3Value.cpp
Log Message:
-----------
Merge r241335 - Make B3Value::returnsBool() more precise
https://bugs.webkit.org/show_bug.cgi?id=194457
Reviewed by Saam Barati.
It is currently used repeatedly in B3ReduceStrength, as well as once in B3LowerToAir.
It has a needlessly complex rule for BitAnd, and has no rule for other easy cases such as BitOr or Select.
No new tests added as this should be indirectly tested by the already existing tests.
* b3/B3Value.cpp:
(JSC::B3::Value::returnsBool const):
Commit: b881d1b1beff972b21df8717b9e73c34db223829
https://github.com/WebKit/WebKit/commit/b881d1b1beff972b21df8717b9e73c34db223829
Author: Youenn Fablet <youennf at gmail.com>
Date: 2019-02-13 (Wed, 13 Feb 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/WebProcess/Network/WebLoaderStrategy.cpp
M Source/WebKit/WebProcess/Storage/WebServiceWorkerProvider.cpp
M Source/WebKit/WebProcess/Storage/WebServiceWorkerProvider.h
Log Message:
-----------
Merge r241338 - WebServiceWorkerProvider::handleFetch no longer needs a CachedResource parameter
https://bugs.webkit.org/show_bug.cgi?id=194548
Reviewed by Alex Christensen.
* WebProcess/Network/WebLoaderStrategy.cpp:
(WebKit::WebLoaderStrategy::scheduleLoad):
* WebProcess/Storage/WebServiceWorkerProvider.cpp:
(WebKit::WebServiceWorkerProvider::handleFetch):
* WebProcess/Storage/WebServiceWorkerProvider.h:
Commit: 1db78e7cfb63a24fd94da987aaf6d9e8d4887a72
https://github.com/WebKit/WebKit/commit/1db78e7cfb63a24fd94da987aaf6d9e8d4887a72
Author: Commit Queue <commit-queue at webkit.org>
Date: 2019-02-13 (Wed, 13 Feb 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/loader/MediaResourceLoader.cpp
M Source/WebCore/loader/MediaResourceLoader.h
M Source/WebCore/platform/graphics/PlatformMediaResourceLoader.h
M Source/WebCore/platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp
M Source/WebCore/platform/network/cocoa/WebCoreNSURLSession.mm
Log Message:
-----------
Merge r241350 - Unreviewed, rolling out r241273.
https://bugs.webkit.org/show_bug.cgi?id=194579
This change is causing a flaky assertion failure crash in High
Sierra Debug (Requested by ShawnRoberts on #webkit).
Reverted changeset:
"Stop using setDefersLoading from WebCore"
https://bugs.webkit.org/show_bug.cgi?id=194315
https://trac.webkit.org/changeset/241273
Commit: e660c87521afc7acea11f0555e1fcf7ac8540e38
https://github.com/WebKit/WebKit/commit/e660c87521afc7acea11f0555e1fcf7ac8540e38
Author: Benjamin Poulain <benjamin at webkit.org>
Date: 2019-02-13 (Wed, 13 Feb 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/ResponsivenessTimer.cpp
M Source/WebKit/UIProcess/ResponsivenessTimer.h
M Source/WebKit/UIProcess/WebPageProxy.cpp
M Source/WebKit/UIProcess/WebProcessProxy.cpp
M Source/WebKit/UIProcess/WebProcessProxy.h
Log Message:
-----------
Merge r241351 - Responsiveness timers are too expensive for frequent events
https://bugs.webkit.org/show_bug.cgi?id=194003
Reviewed by Geoffrey Garen.
With each event, we set a responsivness timer to check if the WebProcess
is responsive, and reset the timer when the WebProcess sends an answer.
For frequent events (e.g. wheel events, mouse force events, etc),
we are spamming the kernel with hundreds of timers per second.
That is a bit inefficient.
Another source of inefficiency comes from the timer implementation
itself. Stopping a RunLoop::Timer removes the timer from every mode
and invalidate the timer. It becomes costly since we do it a lot.
With this patch, I tweak ResponsivenessTimer and its use to minimize
how often we schedule system timers.
The first change is to not stop the timer when we get the stop()
calls if we expect more events to come in. Instead, we keep track
if we care about the timeout or not in the attribute "m_waitingForTimer".
When the next event starts, we can reschedule the timer without ever
having told the kernel about the stop.
If there are no next events, the timeout fires but m_waitingForTimer
is false. To avoid idle wake up, the lazy stop is only used when having
following events is common.
The second improvements comes from not even rescheduling the timer
when restarted. Instead of changing the timer, we let the original timer
fire and re-shedule a new one with the missing time.
For more context, also see patches r240759 and r240944.
* UIProcess/ResponsivenessTimer.cpp:
(WebKit::ResponsivenessTimer::ResponsivenessTimer):
(WebKit::ResponsivenessTimer::invalidate):
(WebKit::ResponsivenessTimer::timerFired):
(WebKit::ResponsivenessTimer::start):
(WebKit::ResponsivenessTimer::startWithLazyStop):
(WebKit::ResponsivenessTimer::stop):
(WebKit::ResponsivenessTimer::processTerminated):
(WebKit::ResponsivenessTimer::~ResponsivenessTimer): Deleted.
* UIProcess/ResponsivenessTimer.h:
(WebKit::ResponsivenessTimer::hasActiveTimer const):
* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::processNextQueuedMouseEvent):
(WebKit::WebPageProxy::sendWheelEvent):
(WebKit::WebPageProxy::handleKeyboardEvent):
(WebKit::WebPageProxy::handleGestureEvent):
* UIProcess/WebProcessProxy.cpp:
(WebKit::WebProcessProxy::isResponsiveWithLazyStop):
* UIProcess/WebProcessProxy.h:
Commit: 05fc818d854921602bb218a671be890a9f11ade7
https://github.com/WebKit/WebKit/commit/05fc818d854921602bb218a671be890a9f11ade7
Author: Ryosuke Niwa <rniwa at webkit.org>
Date: 2019-02-13 (Wed, 13 Feb 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/loader/PolicyChecker.cpp
M Source/WebKit/ChangeLog
M Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp
Log Message:
-----------
https://bugs.webkit.org/show_bug.cgi?id=194582
Reviewed by Antti Koivisto.
Source/WebCore:
Check the zero-ness of m_policyCheck first so that we can differentiate process ID being wrong
from the non-generated identifier being sent to us as it was the case in this failure.
* loader/PolicyChecker.cpp:
Source/WebKit:
The bug was caused by WebFrameLoaderClient::dispatchDecidePolicyForNavigationAction invoking the callback
with responseIdentifier even when we had failed to send the policy check IPC. Clearly, responseIdentifier
is invalid in that case, and we should be using requestIdentifier instead.
Unfortunately no new tests since I'm not aware of a way to make sendSync fail in this case.
* WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:
(WebKit::WebFrameLoaderClient::dispatchDecidePolicyForNavigationAction):
Commit: b804ffd7ced124db26ecd729c2d1861cacfdb8eb
https://github.com/WebKit/WebKit/commit/b804ffd7ced124db26ecd729c2d1861cacfdb8eb
Author: Ryosuke Niwa <rniwa at webkit.org>
Date: 2019-02-13 (Wed, 13 Feb 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/WebProcess/WebPage/WebPage.cpp
Log Message:
-----------
Merge r241401 - Crash in Page::setActivityState because m_page is null
https://bugs.webkit.org/show_bug.cgi?id=194584
Reviewed by Antti Koivisto.
Add a null check to avoid the crash. Also add a debug assertion to help diagnose this in the future.
* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::setActivityState):
Commit: 18d7eec91e6ee0302bdca9085280946ca2d3a71b
https://github.com/WebKit/WebKit/commit/18d7eec91e6ee0302bdca9085280946ca2d3a71b
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-02-13 (Wed, 13 Feb 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/cairo/FontCairoHarfbuzzNG.cpp
Log Message:
-----------
Merge r241402 - [FreeType] Unable to render some Hebrew characters
https://bugs.webkit.org/show_bug.cgi?id=194498
Reviewed by Michael Catanzaro.
We are failing to find a font for some of the combining character sequences because normalization is failing due
to overflow error. In case of overflow, normalize returns the required length for the normalized characters, so
we should handle that case to resize the output buffer and try again.
* platform/graphics/cairo/FontCairoHarfbuzzNG.cpp:
(WebCore::FontCascade::fontForCombiningCharacterSequence const):
Commit: 727a6d2fc3c950b4a4f836dc13d3680cc30c8dff
https://github.com/WebKit/WebKit/commit/727a6d2fc3c950b4a4f836dc13d3680cc30c8dff
Author: Fujii Hironori <Hironori.Fujii at sony.com>
Date: 2019-02-14 (Thu, 14 Feb 2019)
Changed paths:
M LayoutTests/ChangeLog
M LayoutTests/platform/gtk/TestExpectations
M LayoutTests/platform/wpe/TestExpectations
Log Message:
-----------
Merge r241430 - [GTK][WPE] Don't use DumpJSConsoleLogInStdErr expectation in platform TestExpectations
https://bugs.webkit.org/show_bug.cgi?id=194587
Unreviewed gardening.
* platform/gtk/TestExpectations: Removed DumpJSConsoleLogInStdErr markers which are marked in top TestExpectations.
* platform/wpe/TestExpectations: Ditto.
Commit: 06daa4d3f4de40231f9242b1ae4e935dda4313b6
https://github.com/WebKit/WebKit/commit/06daa4d3f4de40231f9242b1ae4e935dda4313b6
Author: Tadeu Zagallo <tzagallo at apple.com>
Date: 2019-02-14 (Thu, 14 Feb 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/runtime/CodeCache.cpp
Log Message:
-----------
Merge r241431 - SourceCode should be copied when generating bytecode for functions
https://bugs.webkit.org/show_bug.cgi?id=194536
Reviewed by Saam Barati.
The FunctionExecutable might be collected while generating the bytecode
for nested functions, in which case the SourceCode reference would no
longer be valid.
* runtime/CodeCache.cpp:
(JSC::generateUnlinkedCodeBlockForFunctions):
Commit: d9ffbb5905ecb43c67890eaf96a36beb72bad7f1
https://github.com/WebKit/WebKit/commit/d9ffbb5905ecb43c67890eaf96a36beb72bad7f1
Author: Sihui Liu <sihui_liu at apple.com>
Date: 2019-02-14 (Thu, 14 Feb 2019)
Changed paths:
M LayoutTests/ChangeLog
M LayoutTests/fast/dom/reference-cycle-leaks.html
M LayoutTests/platform/win/TestExpectations
A LayoutTests/storage/indexeddb/resources/result-request-cycle.js
A LayoutTests/storage/indexeddb/resources/value-cursor-cycle.js
A LayoutTests/storage/indexeddb/result-request-cycle-expected.txt
A LayoutTests/storage/indexeddb/result-request-cycle.html
A LayoutTests/storage/indexeddb/value-cursor-cycle-expected.txt
A LayoutTests/storage/indexeddb/value-cursor-cycle.html
Log Message:
-----------
Merge r241436 - Add two regression tests for reference cycle in IndexedDB
https://bugs.webkit.org/show_bug.cgi?id=194527
Reviewed by Geoffrey Garen.
* fast/dom/reference-cycle-leaks.html:
* platform/win/TestExpectations:
The added tests are failing on win bots for unknown reasons, propably related to webkit.org/b/193540. Skip them
on win.
* storage/indexeddb/resources/result-request-cycle.js: Added.
(prepareDatabase):
* storage/indexeddb/resources/value-cursor-cycle.js: Added.
(prepareDatabase):
(onOpen.cursorRequest.onsuccess):
* storage/indexeddb/result-request-cycle-expected.txt: Added.
* storage/indexeddb/result-request-cycle.html: Added.
* storage/indexeddb/value-cursor-cycle-expected.txt: Added.
* storage/indexeddb/value-cursor-cycle.html: Added.
Commit: c764be8484cd04303da26beab2d299817c160ae9
https://github.com/WebKit/WebKit/commit/c764be8484cd04303da26beab2d299817c160ae9
Author: Alex Christensen <achristensen at apple.com>
Date: 2019-02-14 (Thu, 14 Feb 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/NetworkProcess/NetworkProcess.cpp
M Source/WebKit/NetworkProcess/NetworkProcess.h
M Source/WebKit/NetworkProcess/NetworkProcess.messages.in
M Source/WebKit/PluginProcess/PluginControllerProxy.cpp
M Source/WebKit/PluginProcess/PluginControllerProxy.h
M Source/WebKit/PluginProcess/PluginControllerProxy.messages.in
M Source/WebKit/Shared/Plugins/NPObjectMessageReceiver.cpp
M Source/WebKit/Shared/Plugins/NPObjectMessageReceiver.h
M Source/WebKit/Shared/Plugins/NPObjectMessageReceiver.messages.in
M Source/WebKit/UIProcess/mac/SecItemShimProxy.cpp
M Source/WebKit/UIProcess/mac/SecItemShimProxy.h
M Source/WebKit/UIProcess/mac/SecItemShimProxy.messages.in
Log Message:
-----------
Merge r241441 - Remove legacy sync messaging in some IPC code
https://bugs.webkit.org/show_bug.cgi?id=194561
Reviewed by Geoffrey Garen.
Changing some LegacySync messages to Delayed messages. We should probably rename Delayed to Sync.
There are too many ways to send messages. Let's work to get rid of the old one.
* NetworkProcess/NetworkProcess.cpp:
(WebKit::NetworkProcess::setAllowsAnySSLCertificateForWebSocket):
(WebKit::NetworkProcess::processWillSuspendImminently):
* NetworkProcess/NetworkProcess.h:
* NetworkProcess/NetworkProcess.messages.in:
* PluginProcess/PluginControllerProxy.cpp:
(WebKit::PluginControllerProxy::handleWheelEvent):
(WebKit::PluginControllerProxy::handleMouseEnterEvent):
(WebKit::PluginControllerProxy::handleMouseLeaveEvent):
(WebKit::PluginControllerProxy::handleKeyboardEvent):
(WebKit::PluginControllerProxy::handleEditingCommand):
(WebKit::PluginControllerProxy::isEditingCommandEnabled):
(WebKit::PluginControllerProxy::handlesPageScaleFactor):
(WebKit::PluginControllerProxy::requiresUnifiedScaleFactor):
(WebKit::PluginControllerProxy::paintEntirePlugin):
(WebKit::PluginControllerProxy::supportsSnapshotting):
(WebKit::PluginControllerProxy::snapshot):
(WebKit::PluginControllerProxy::getPluginScriptableNPObject):
(WebKit::PluginControllerProxy::getFormValue):
* PluginProcess/PluginControllerProxy.h:
* PluginProcess/PluginControllerProxy.messages.in:
* Shared/Plugins/NPObjectMessageReceiver.cpp:
(WebKit::NPObjectMessageReceiver::deallocate):
(WebKit::NPObjectMessageReceiver::hasMethod):
(WebKit::NPObjectMessageReceiver::invoke):
(WebKit::NPObjectMessageReceiver::invokeDefault):
(WebKit::NPObjectMessageReceiver::hasProperty):
(WebKit::NPObjectMessageReceiver::getProperty):
(WebKit::NPObjectMessageReceiver::setProperty):
(WebKit::NPObjectMessageReceiver::removeProperty):
(WebKit::NPObjectMessageReceiver::enumerate):
(WebKit::NPObjectMessageReceiver::construct):
* Shared/Plugins/NPObjectMessageReceiver.h:
* Shared/Plugins/NPObjectMessageReceiver.messages.in:
* UIProcess/mac/SecItemShimProxy.cpp:
(WebKit::SecItemShimProxy::secItemRequest):
* UIProcess/mac/SecItemShimProxy.h:
* UIProcess/mac/SecItemShimProxy.messages.in:
Commit: 0c21b2f4f4130db6e384b9a5fb92504cf51c6bc4
https://github.com/WebKit/WebKit/commit/0c21b2f4f4130db6e384b9a5fb92504cf51c6bc4
Author: Tadeu Zagallo <tzagallo at apple.com>
Date: 2019-02-14 (Thu, 14 Feb 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/runtime/CodeCache.cpp
M Source/JavaScriptCore/runtime/CodeCache.h
Log Message:
-----------
Merge r241442 - CodeBlocks read from disk should not be re-written
https://bugs.webkit.org/show_bug.cgi?id=194535
Reviewed by Michael Saboff.
Keep track of which CodeBlocks have been read from disk or have already
been serialized in CodeCache.
* runtime/CodeCache.cpp:
(JSC::CodeCache::write):
* runtime/CodeCache.h:
(JSC::SourceCodeValue::SourceCodeValue):
(JSC::CodeCacheMap::fetchFromDiskImpl):
Commit: 84b7e85448b5921dfb5a04c3220dc098c4034c84
https://github.com/WebKit/WebKit/commit/84b7e85448b5921dfb5a04c3220dc098c4034c84
Author: Tadeu Zagallo <tzagallo at apple.com>
Date: 2019-02-14 (Thu, 14 Feb 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/runtime/CachedTypes.cpp
Log Message:
-----------
Merge r241447 - VariableLengthObject::allocate<T> should initialize objects
https://bugs.webkit.org/show_bug.cgi?id=194534
Reviewed by Michael Saboff.
`buffer()` should not be called for empty VariableLengthObjects, but
these cases were not being caught due to the objects not being properly
initialized. Fix it so that allocate calls the constructor and fix the
assertion failues.
* runtime/CachedTypes.cpp:
(JSC::CachedObject::operator new):
(JSC::VariableLengthObject::allocate):
(JSC::CachedVector::encode):
(JSC::CachedVector::decode const):
(JSC::CachedUniquedStringImpl::decode const):
(JSC::CachedBitVector::encode):
(JSC::CachedBitVector::decode const):
(JSC::CachedArray::encode):
(JSC::CachedArray::decode const):
(JSC::CachedImmutableButterfly::CachedImmutableButterfly):
(JSC::CachedBigInt::decode const):
Commit: d588079b28edd213949b70fc14713099b1f9e586
https://github.com/WebKit/WebKit/commit/d588079b28edd213949b70fc14713099b1f9e586
Author: Antti Koivisto <koivisto at iki.fi>
Date: 2019-02-14 (Thu, 14 Feb 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/NetworkProcess/cache/CacheStorageEngine.cpp
Log Message:
-----------
Merge r241448 - Crash in WebKit::CacheStorage::Engine::cachesRootPath
https://bugs.webkit.org/show_bug.cgi?id=194588
<rdar://problem/46363997>
Reviewed by Youenn Fablet.
* NetworkProcess/cache/CacheStorageEngine.cpp:
(WebKit::CacheStorage::Engine::cachesRootPath):
Salt may have not been initialized yet when the Engine is destroyed.
Commit: 0e442cf1cdeda2f16f5df6079a22aa8e18dc2310
https://github.com/WebKit/WebKit/commit/0e442cf1cdeda2f16f5df6079a22aa8e18dc2310
Author: Mark Lam <mark.lam at apple.com>
Date: 2019-02-14 (Thu, 14 Feb 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/runtime/StructureIDTable.cpp
M Source/JavaScriptCore/runtime/StructureIDTable.h
Log Message:
-----------
Merge r241449 - Create a randomized free list for new StructureIDs on StructureIDTable resize.
https://bugs.webkit.org/show_bug.cgi?id=194566
<rdar://problem/47975502>
Reviewed by Michael Saboff.
Also isolate 32-bit implementation of StructureIDTable out more so the 64-bit
implementation is a little easier to read.
This patch appears to be perf neutral on JetStream2 (as run from the command line).
* runtime/StructureIDTable.cpp:
(JSC::StructureIDTable::StructureIDTable):
(JSC::StructureIDTable::makeFreeListFromRange):
(JSC::StructureIDTable::resize):
(JSC::StructureIDTable::allocateID):
(JSC::StructureIDTable::deallocateID):
* runtime/StructureIDTable.h:
(JSC::StructureIDTable::get):
(JSC::StructureIDTable::deallocateID):
(JSC::StructureIDTable::allocateID):
(JSC::StructureIDTable::flushOldTables):
Commit: 14faa8d641245da62ae1f1eb6b7a913dce93f40a
https://github.com/WebKit/WebKit/commit/14faa8d641245da62ae1f1eb6b7a913dce93f40a
Author: Eric Carlson <eric.carlson at apple.com>
Date: 2019-02-14 (Thu, 14 Feb 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/html/HTMLMediaElement.cpp
M Source/WebCore/platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm
Log Message:
-----------
Merge r241450 - Revert r240434
https://bugs.webkit.org/show_bug.cgi?id=194600
<rdar://problem/48044566>
Reviewed by Brent Fulgham.
* html/HTMLMediaElement.cpp:
(WebCore::HTMLMediaElement::setVolume):
(WebCore::HTMLMediaElement::mediaPlayerVolumeChanged):
(WebCore::HTMLMediaElement::updateVolume):
* platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
(WebCore::MediaPlayerPrivateAVFoundationObjC::setVolume):
Commit: f0f64d83aeef98a5cb01683a9ad910fcb3f5e566
https://github.com/WebKit/WebKit/commit/f0f64d83aeef98a5cb01683a9ad910fcb3f5e566
Author: Michael Catanzaro <mcatanzaro at gnome.org>
Date: 2019-02-14 (Thu, 14 Feb 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/WebProcess/WebPage/WebPage.cpp
Log Message:
-----------
Merge r241453 - Fix -Wformat warning from r241401
https://bugs.webkit.org/show_bug.cgi?id=194584
<rdar://problem/47761293>
* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::setActivityState):
Commit: d354684f18bae46d0fbae6d21043962c5c6ff647
https://github.com/WebKit/WebKit/commit/d354684f18bae46d0fbae6d21043962c5c6ff647
Author: Sihui Liu <sihui_liu at apple.com>
Date: 2019-02-14 (Thu, 14 Feb 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/Modules/indexeddb/server/UniqueIDBDatabase.cpp
M Source/WebCore/Modules/indexeddb/server/UniqueIDBDatabase.h
Log Message:
-----------
Merge r241468 - REGRESSION: [ Mac Debug WK2 ] Layout Test storage/indexeddb/key-type-infinity-private.html is a flaky crash
https://bugs.webkit.org/show_bug.cgi?id=194413
<rdar://problem/47897254>
Reviewed by Brady Eidson.
IDB clients expected transaction operations to be executed in order, but in
UniqueIDBDatabase::immediateCloseForUserDelete, callbacks in callback map were errored out randomly.
This patch added a callback queue to UniqueIDBDatabase to make sure callbacks will be called in the same order
as IDB Server receives the request.
* Modules/indexeddb/server/UniqueIDBDatabase.cpp:
(WebCore::IDBServer::UniqueIDBDatabase::storeCallbackOrFireError):
(WebCore::IDBServer::UniqueIDBDatabase::immediateCloseForUserDelete):
(WebCore::IDBServer::UniqueIDBDatabase::performErrorCallback):
(WebCore::IDBServer::UniqueIDBDatabase::performKeyDataCallback):
(WebCore::IDBServer::UniqueIDBDatabase::performGetResultCallback):
(WebCore::IDBServer::UniqueIDBDatabase::performGetAllResultsCallback):
(WebCore::IDBServer::UniqueIDBDatabase::performCountCallback):
(WebCore::IDBServer::UniqueIDBDatabase::forgetErrorCallback):
* Modules/indexeddb/server/UniqueIDBDatabase.h:
Commit: 5e723df60168c6c424690a9dc366755097e10183
https://github.com/WebKit/WebKit/commit/5e723df60168c6c424690a9dc366755097e10183
Author: Michael Catanzaro <mcatanzaro at gnome.org>
Date: 2019-02-14 (Thu, 14 Feb 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/Modules/mediasource/SourceBuffer.cpp
Log Message:
-----------
Merge r241472 - Unreviewed, fix unused variable warnings after r241148/r241251
https://bugs.webkit.org/show_bug.cgi?id=194348
<rdar://problem/47566449>
* Modules/mediasource/SourceBuffer.cpp:
(WebCore::SourceBuffer::sourceBufferPrivateDidReceiveRenderingError):
(WebCore::SourceBuffer::evictCodedFrames):
(WebCore::SourceBuffer::provideMediaData):
Commit: 721330234e69b7c5f1e9347ce922932a30889f5c
https://github.com/WebKit/WebKit/commit/721330234e69b7c5f1e9347ce922932a30889f5c
Author: Michael Catanzaro <mcatanzaro at gnome.org>
Date: 2019-02-14 (Thu, 14 Feb 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/SourcesGTK.txt
M Source/WebKit/SourcesWPE.txt
A Source/WebKit/UIProcess/glib/WebProcessPoolGLib.cpp
R Source/WebKit/UIProcess/gtk/WebProcessPoolGtk.cpp
R Source/WebKit/UIProcess/wpe/WebProcessPoolWPE.cpp
Log Message:
-----------
Merge r241474 - [WPE][GTK] Merge WebProcessPoolWPE.cpp and WebProcessPoolGtk.cpp
https://bugs.webkit.org/show_bug.cgi?id=194551
Reviewed by Carlos Garcia Campos.
* SourcesGTK.txt:
* SourcesWPE.txt:
* UIProcess/glib/WebProcessPoolGLib.cpp: Renamed from Source/WebKit/UIProcess/gtk/WebProcessPoolGtk.cpp.
(WebKit::initializeRemoteInspectorServer):
(WebKit::memoryPressureMonitorDisabled):
(WebKit::WebProcessPool::platformInitialize):
(WebKit::WebProcessPool::platformInitializeWebProcess):
(WebKit::WebProcessPool::platformInvalidateContext):
(WebKit::WebProcessPool::platformResolvePathsForSandboxExtensions):
* UIProcess/wpe/WebProcessPoolWPE.cpp: Removed.
Commit: f9165d549badf6d503e3230fe122bc219aebe001
https://github.com/WebKit/WebKit/commit/f9165d549badf6d503e3230fe122bc219aebe001
Author: Saam Barati <sbarati at apple.com>
Date: 2019-02-14 (Thu, 14 Feb 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/wasm/WasmAirIRGenerator.cpp
Log Message:
-----------
Merge r241475 - AirIRGenerator::addSwitch switch patchpoint needs to model clobbering the scratch register
https://bugs.webkit.org/show_bug.cgi?id=194610
Reviewed by Michael Saboff.
BinarySwitch might use the scratch register. We must model the
effects of that properly. This is already caught by our br-table
tests on arm64.
* wasm/WasmAirIRGenerator.cpp:
(JSC::Wasm::AirIRGenerator::addSwitch):
Commit: 8ab35f636f87e840d3c0a3897e3f82aec6e1d3ab
https://github.com/WebKit/WebKit/commit/8ab35f636f87e840d3c0a3897e3f82aec6e1d3ab
Author: Jiewen Tan <jiewen_tan at apple.com>
Date: 2019-02-14 (Thu, 14 Feb 2019)
Changed paths:
M LayoutTests/ChangeLog
M LayoutTests/platform/mac/fast/loader/webarchive-encoding-respected.html
M LayoutTests/webarchive/loading/cache-expired-subresource.html
M LayoutTests/webarchive/loading/javascript-url-iframe-crash.html
M LayoutTests/webarchive/loading/mainresource-null-mimetype-crash.html
M LayoutTests/webarchive/loading/missing-data.html
M LayoutTests/webarchive/loading/object.html
M LayoutTests/webarchive/loading/test-loading-archive-subresource-null-mimetype.html
M LayoutTests/webarchive/loading/test-loading-archive-subresource.html
M LayoutTests/webarchive/loading/test-loading-archive.html
M LayoutTests/webarchive/loading/test-loading-top-archive.html
M LayoutTests/webarchive/loading/video-in-webarchive.html
M Source/WebCore/ChangeLog
M Source/WebCore/dom/Document.h
M Source/WebCore/loader/DocumentLoader.cpp
M Source/WebCore/loader/DocumentLoader.h
M Source/WebCore/loader/FrameLoadRequest.h
M Source/WebCore/loader/FrameLoader.cpp
M Source/WebCore/loader/FrameLoader.h
M Source/WebCore/page/DragController.cpp
M Source/WebCore/testing/Internals.cpp
M Source/WebCore/testing/Internals.h
M Source/WebCore/testing/Internals.idl
M Source/WebKit/ChangeLog
M Source/WebKit/WebProcess/WebPage/WebPage.cpp
M Tools/ChangeLog
M Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj
A Tools/TestWebKitAPI/Tests/mac/LoadWebArchive.mm
A Tools/TestWebKitAPI/Tests/mac/helloworld.webarchive
A Tools/TestWebKitAPI/Tests/mac/load-web-archive-1.html
A Tools/TestWebKitAPI/Tests/mac/load-web-archive-2.html
M Tools/TestWebKitAPI/cocoa/DragAndDropSimulator.h
M Tools/TestWebKitAPI/ios/DragAndDropSimulatorIOS.mm
M Tools/TestWebKitAPI/mac/DragAndDropSimulatorMac.mm
Log Message:
-----------
Merge r241480 - Further restricting webarchive loads
https://bugs.webkit.org/show_bug.cgi?id=194567
<rdar://problem/47610130>
Reviewed by Youenn Fablet.
Source/WebCore:
This patch futher restricts main frame webarchive loads to the followings:
1) loaded by clients;
2) loaded by drag;
3) reloaded from any of the previous two.
It moves setAlwaysAllowLocalWebarchive, which is used for testing only, from Document
to FrameLoader such that the option is remembered during redirections.
Covered by API tests.
* dom/Document.h:
(WebCore::Document::setAlwaysAllowLocalWebarchive): Deleted.
(WebCore::Document::alwaysAllowLocalWebarchive const): Deleted.
* loader/DocumentLoader.cpp:
(WebCore::DocumentLoader::disallowWebArchive const):
* loader/DocumentLoader.h:
(WebCore::DocumentLoader::setAllowsWebArchiveForMainFrame):
(WebCore::DocumentLoader::allowsWebArchiveForMainFrame):
* loader/FrameLoadRequest.h:
(WebCore::FrameLoadRequest::setIsRequestFromClientOrUserInput):
(WebCore::FrameLoadRequest::isRequestFromClientOrUserInput):
* loader/FrameLoader.cpp:
(WebCore::FrameLoader::load):
(WebCore::FrameLoader::reload):
* loader/FrameLoader.h:
(WebCore::FrameLoader::setAlwaysAllowLocalWebarchive):
(WebCore::FrameLoader::alwaysAllowLocalWebarchive const):
* page/DragController.cpp:
(WebCore::DragController::performDragOperation):
* testing/Internals.cpp:
(WebCore::Internals::setAlwaysAllowLocalWebarchive const):
* testing/Internals.h:
* testing/Internals.idl:
Source/WebKit:
* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::loadRequest):
Set a flag to indicate a load is started from clients.
Tools:
Besides adding API tests, this patch also enhances DragAndDropSimulator to allow
navigations on drop.
* TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
* TestWebKitAPI/Tests/mac/LoadWebArchive.mm: Added.
(-[TestLoadWebArchiveNavigationDelegate webView:didFinishNavigation:]):
(-[TestLoadWebArchiveNavigationDelegate webView:didFailProvisionalNavigation:withError:]):
(-[TestLoadWebArchiveNavigationDelegate webView:createWebViewWithConfiguration:forNavigationAction:windowFeatures:]):
(TestWebKitAPI::TEST):
* TestWebKitAPI/Tests/mac/helloworld.webarchive: Added.
* TestWebKitAPI/Tests/mac/load-web-archive-1.html: Added.
* TestWebKitAPI/Tests/mac/load-web-archive-2.html: Added.
* TestWebKitAPI/cocoa/DragAndDropSimulator.h:
* TestWebKitAPI/mac/DragAndDropSimulatorMac.mm:
(-[DragAndDropSimulator initWithWebViewFrame:configuration:]):
(-[DragAndDropSimulator _webView:dragDestinationActionMaskForDraggingInfo:]):
LayoutTests:
* platform/mac/fast/loader/webarchive-encoding-respected.html:
* webarchive/loading/cache-expired-subresource.html:
* webarchive/loading/javascript-url-iframe-crash.html:
* webarchive/loading/mainresource-null-mimetype-crash.html:
* webarchive/loading/missing-data.html:
* webarchive/loading/object.html:
* webarchive/loading/test-loading-archive-subresource-null-mimetype.html:
* webarchive/loading/test-loading-archive-subresource.html:
* webarchive/loading/test-loading-archive.html:
* webarchive/loading/test-loading-top-archive.html:
* webarchive/loading/video-in-webarchive.html:
Commit: 731243c887f158498d49db107c92cab837859e10
https://github.com/WebKit/WebKit/commit/731243c887f158498d49db107c92cab837859e10
Author: Jer Noble <jer.noble at apple.com>
Date: 2019-02-14 (Thu, 14 Feb 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/fast/shadow-dom/fullscreen-in-shadow-full-screen-ancestor-expected.txt
A LayoutTests/fast/shadow-dom/fullscreen-in-shadow-full-screen-ancestor.html
M LayoutTests/platform/ios-wk2/TestExpectations
M Source/WebCore/ChangeLog
M Source/WebCore/dom/Element.cpp
Log Message:
-----------
Merge r241484 - Entering fullscreen inside a shadow root will not set fullscreen pseudoclasses outside of root
https://bugs.webkit.org/show_bug.cgi?id=194516
<rdar://problem/44678353>
Reviewed by Antoine Quint.
Source/WebCore:
Test: fast/shadow-dom/fullscreen-in-shadow-full-screen-ancestor.html
When walking up the element ancestor chain, use parentElementInComposedTree() to
walk past the shadow root boundary.
* dom/Element.cpp:
(WebCore::parentCrossingFrameBoundaries):
LayoutTests:
* fast/shadow-dom/fullscreen-in-shadow-full-screen-ancestor-expected.txt: Added.
* fast/shadow-dom/fullscreen-in-shadow-full-screen-ancestor.html: Added.
* platform/ios-wk2/TestExpectations:
Commit: 9d5e3e274123b8f71967ec119a932d66ac009b0e
https://github.com/WebKit/WebKit/commit/9d5e3e274123b8f71967ec119a932d66ac009b0e
Author: Alicia Boya Garcia <aboya at igalia.com>
Date: 2019-02-14 (Thu, 14 Feb 2019)
Changed paths:
M LayoutTests/ChangeLog
M LayoutTests/platform/gtk/TestExpectations
M LayoutTests/platform/gtk/editing/pasteboard/smart-paste-007-expected.txt
M LayoutTests/platform/gtk/editing/pasteboard/smart-paste-008-expected.txt
Log Message:
-----------
Merge r241491 - Unreviewed GTK test gardening
https://bugs.webkit.org/show_bug.cgi?id=194631
* platform/gtk/TestExpectations:
* platform/gtk/editing/pasteboard/smart-paste-007-expected.txt:
* platform/gtk/editing/pasteboard/smart-paste-008-expected.txt:
Commit: 5949ace58b80c1c4e341b40a2efa2c8584a94a66
https://github.com/WebKit/WebKit/commit/5949ace58b80c1c4e341b40a2efa2c8584a94a66
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-02-14 (Thu, 14 Feb 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/dfg/DFGOperations.cpp
M Source/JavaScriptCore/runtime/CommonSlowPaths.cpp
M Source/JavaScriptCore/runtime/JSString.h
M Source/JavaScriptCore/runtime/Operations.cpp
M Source/JavaScriptCore/runtime/Operations.h
M Source/WTF/ChangeLog
M Source/WTF/wtf/text/StringImpl.h
Log Message:
-----------
Merge r241493 - We should only make rope strings when concatenating strings long enough.
https://bugs.webkit.org/show_bug.cgi?id=194465
Reviewed by Mark Lam.
Source/JavaScriptCore:
This patch stops us from allocating a rope string if the resulting
rope would be smaller than the size of the JSRopeString object we
would need to allocate.
This patch also adds paths so that we don't unnecessarily allocate
JSString cells for primitives we are going to concatenate with a
string anyway.
The important change from the previous one is that we do not apply
the above rule to JSRopeStrings generated by JSStrings. If we convert
it to JSString, comparison of memory consumption becomes the following,
because JSRopeString does not have StringImpl until it is resolved.
sizeof(JSRopeString) v.s. sizeof(JSString) + sizeof(StringImpl) + content
Since sizeof(JSString) + sizeof(StringImpl) is larger than sizeof(JSRopeString),
resolving eagerly increases memory footprint. The point is that we need to
account newly created JSString and JSRopeString from the operands. This is the
reason why this patch adds different thresholds for each jsString functions.
This patch also avoids concatenation for ropes conservatively. Many ropes are
temporary cells. So we do not resolve eagerly if one of operands is already a
rope.
In CLI execution, this change is performance neutral in JetStream2 (run 6 times, 1 for warming up and average in latter 5.).
Before: 159.3778
After: 160.72340000000003
* dfg/DFGOperations.cpp:
* runtime/CommonSlowPaths.cpp:
(JSC::SLOW_PATH_DECL):
* runtime/JSString.h:
(JSC::JSString::isRope const):
* runtime/Operations.cpp:
(JSC::jsAddSlowCase):
* runtime/Operations.h:
(JSC::jsString):
(JSC::jsAddNonNumber):
(JSC::jsAdd):
Source/WTF:
* wtf/text/StringImpl.h:
(WTF::StringImpl::headerSize):
Commit: 10474c33dd80b65cd19b749c213ce1e7556f67b9
https://github.com/WebKit/WebKit/commit/10474c33dd80b65cd19b749c213ce1e7556f67b9
Author: Chris Fleizach <cfleizach at apple.com>
Date: 2019-02-14 (Thu, 14 Feb 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/accessibility/AXObjectCache.cpp
Log Message:
-----------
Merge r241494 - AX: Crash in handleMenuOpen
https://bugs.webkit.org/show_bug.cgi?id=194627
Reviewed by Zalan Bujtas.
Tests run under libGuardMalloc will cause crashes.
This list of objects is a Node list, not an Element list, so we were
not removing some nodes when they were being deallocated.
* accessibility/AXObjectCache.cpp:
(WebCore::AXObjectCache::remove):
Commit: 711eaabf0eb8871bdde20ec392d0e64f2dbdc08e
https://github.com/WebKit/WebKit/commit/711eaabf0eb8871bdde20ec392d0e64f2dbdc08e
Author: Joseph Pecoraro <pecoraro at apple.com>
Date: 2019-02-14 (Thu, 14 Feb 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/inspector/agents/InspectorDOMAgent.cpp
M Source/WebCore/inspector/agents/InspectorDOMAgent.h
Log Message:
-----------
Merge r241495 - Web Inspector: Crash when inspecting an element that constantly changes visibility
https://bugs.webkit.org/show_bug.cgi?id=194632
<rdar://problem/48060258>
Patch by Joseph Pecoraro <pecoraro at apple.com> on 2019-02-13
Reviewed by Matt Baker and Devin Rousso.
* inspector/agents/InspectorDOMAgent.h:
* inspector/agents/InspectorDOMAgent.cpp:
(WebCore::InspectorDOMAgent::processAccessibilityChildren):
(WebCore::InspectorDOMAgent::buildObjectForAccessibilityProperties):
Don't use rvalue-references as that was taking ownership and deleting
the object we want to keep around. Instead simplify this to just use
references so no ref counting changes happen.
Commit: a5f6a897bda6a33bcca08636c15ac9638d330147
https://github.com/WebKit/WebKit/commit/a5f6a897bda6a33bcca08636c15ac9638d330147
Author: Nikita Vasilyev <nvasilyev at apple.com>
Date: 2019-02-14 (Thu, 14 Feb 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/inspector/css/modify-inline-style-expected.txt
A LayoutTests/inspector/css/modify-inline-style.html
M Source/WebInspectorUI/ChangeLog
M Source/WebInspectorUI/UserInterface/Models/DOMNodeStyles.js
Log Message:
-----------
Merge r241497 - Web Inspector: Styles: valid values in style attributes are reported as unsupported property values
https://bugs.webkit.org/show_bug.cgi?id=194619
<rdar://problem/47917373>
Reviewed by Devin Rousso.
Source/WebInspectorUI:
Payload of inline styles may contain `range` that doesn't match
the actual text of the payload - it has an extra empty line at the end.
Mismatching ranges caused data corruption.
* UserInterface/Models/DOMNodeStyles.js:
(WI.DOMNodeStyles.prototype._parseStylePropertyPayload):
LayoutTests:
* inspector/css/modify-inline-style-expected.txt: Added.
* inspector/css/modify-inline-style.html: Added.
Commit: 9b90089e8d2463351887c74168b1c5a5f8f7bca7
https://github.com/WebKit/WebKit/commit/9b90089e8d2463351887c74168b1c5a5f8f7bca7
Author: Ryosuke Niwa <rniwa at webkit.org>
Date: 2019-02-14 (Thu, 14 Feb 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/fast/dom/timer-destruction-during-firing-expected.txt
A LayoutTests/fast/dom/timer-destruction-during-firing.html
M Source/WebCore/ChangeLog
M Source/WebCore/page/DOMTimer.cpp
Log Message:
-----------
Merge r241499 - Crash in DOMTimer::fired
https://bugs.webkit.org/show_bug.cgi?id=194638
Reviewed by Brent Fulgham.
Source/WebCore:
This patch continues the saga of hunting down timer related crashes after r239814, r225985, r227934.
The crash was caused by the bug that we don't remove a DOMTimer from NestedTimersMap if a DOMTimer
is created & installed inside another DOMTimer's callback (via execute call in DOMTimer::fired).
Fixed the crash by using a Ref in NestedTimersMap. This will keep the timer alive until we exit
from DOMTimer::fired. Because DOMTimer::fired always calls stopTracking() which clears the map
we would not leak these DOM timers.
We could, alternatively, use WeakPtr in NestedTimersMap but that would unnecessarily increase the
size of DOMTimer for a very marginal benefit of DOMTimer objcets being deleted slightly earlier.
Deleting itself in DOMTimer's destructor involves more logic & house keeping in the timer code,
and is no longer the preferred approach when dealing with these classes of bugs in WebKit.
Test: fast/dom/timer-destruction-during-firing.html
* page/DOMTimer.cpp:
(WebCore::NestedTimersMap::add):
(WebCore::DOMTimer::install):
(WebCore::DOMTimer::fired):
LayoutTests:
Added a regression test. It needs debug assertions without the fix.
* fast/dom/timer-destruction-during-firing-expected.txt: Added.
* fast/dom/timer-destruction-during-firing.html: Added.
Commit: 9d286ed76eaefb0914ff7b8539e03a9c86ff7a29
https://github.com/WebKit/WebKit/commit/9d286ed76eaefb0914ff7b8539e03a9c86ff7a29
Author: Ryosuke Niwa <rniwa at webkit.org>
Date: 2019-02-14 (Thu, 14 Feb 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/WebProcess/WebPage/WebFrame.cpp
M Tools/ChangeLog
M Tools/TestWebKitAPI/Tests/WebKit/DidRemoveFrameFromHiearchyInPageCache_Bundle.cpp
Log Message:
-----------
Merge r241500 - Crash in WKBundleFrameGetParentFrame when called inside didRemoveFrameFromHierarchy
https://bugs.webkit.org/show_bug.cgi?id=194641
Reviewed by Geoffrey Garen.
Source/WebKit:
Fixed the bug by adding a null check to WebFrame::parentFrame.
* WebProcess/WebPage/WebFrame.cpp:
(WebKit::WebFrame::parentFrame const):
Tools:
Added a call to WKBundleFrameGetParentFrame to an existing test for didRemoveFrameFromHierarchy
so that the test would fail without this fix.
* TestWebKitAPI/Tests/WebKit/DidRemoveFrameFromHiearchyInPageCache_Bundle.cpp:
(TestWebKitAPI::didRemoveFrameFromHierarchyCallback):
Commit: f6227149f9f01cf38e9c37a0eb9473a45e2b0133
https://github.com/WebKit/WebKit/commit/f6227149f9f01cf38e9c37a0eb9473a45e2b0133
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-02-14 (Thu, 14 Feb 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/API/gtk/WebKitScriptDialogImpl.cpp
M Source/WebKit/UIProcess/API/gtk/WebKitScriptDialogImpl.h
M Source/WebKit/UIProcess/API/gtk/WebKitWebViewGtk.cpp
Log Message:
-----------
Merge r241515 - [GTK] Use a scrolled window for script alerts text
https://bugs.webkit.org/show_bug.cgi?id=184875
Reviewed by Michael Catanzaro.
To ensure long text doesn't make the dialog bigger.
* UIProcess/API/gtk/WebKitScriptDialogImpl.cpp:
(webkitScriptDialogImplConstructed): Use PANGO_ELLIPSIZE_END for the title and add a scrolled window for the body.
(webkitScriptDialogImplSetText): Helper function to set the dialog body, ensuring the scrolled window fills the
dialog available size.
(webkitScriptDialogImplNew): It now receives the maximum size and uses webkitScriptDialogImplSetText().
* UIProcess/API/gtk/WebKitScriptDialogImpl.h:
* UIProcess/API/gtk/WebKitWebViewGtk.cpp:
(webkitWebViewScriptDialog): Pass the 80% of the web view size as the maximum size of script dialogs.
Commit: e072068cecd146870013df93d4799ef280db1aca
https://github.com/WebKit/WebKit/commit/e072068cecd146870013df93d4799ef280db1aca
Author: Michael Catanzaro <mcatanzaro at igalia.com>
Date: 2019-02-14 (Thu, 14 Feb 2019)
Changed paths:
M ChangeLog
M Source/WebKit/ChangeLog
M Source/WebKit/PlatformGTK.cmake
M Source/WebKit/SourcesGTK.txt
M Source/WebKit/SourcesWPE.txt
M Source/WebKit/UIProcess/API/glib/WebKitWebContext.cpp
M Source/WebKit/UIProcess/API/gtk/WebKitWebContext.h
M Source/WebKit/UIProcess/API/gtk/docs/webkit2gtk-4.0-sections.txt
M Source/WebKit/UIProcess/API/wpe/WebKitWebContext.h
M Source/WebKit/UIProcess/API/wpe/docs/wpe-0.1-sections.txt
R Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp
R Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.h
R Source/WebKit/UIProcess/Launcher/glib/FlatpakLauncher.cpp
R Source/WebKit/UIProcess/Launcher/glib/FlatpakLauncher.h
M Source/WebKit/UIProcess/Launcher/glib/ProcessLauncherGLib.cpp
M Source/WebKit/UIProcess/WebProcessPool.h
M Source/WebKit/UIProcess/glib/WebProcessProxyGLib.cpp
M Source/cmake/OptionsGTK.cmake
M Source/cmake/WebKitFeatures.cmake
Log Message:
-----------
[WPE][GTK][STABLE] Remove sandbox APIs from 2.24 branch
https://bugs.webkit.org/show_bug.cgi?id=194553
Patch by Michael Catanzaro <mcatanzaro at igalia.com> on 2019-02-14
Reviewed by Carlos Garcia Campos.
.:
* Source/cmake/OptionsGTK.cmake:
* Source/cmake/WebKitFeatures.cmake:
Source/WebKit:
* PlatformGTK.cmake:
* SourcesGTK.txt:
* SourcesWPE.txt:
* UIProcess/API/glib/WebKitWebContext.cpp:
(webkit_web_context_set_sandbox_enabled): Deleted.
(webkit_web_context_add_path_to_sandbox): Deleted.
(webkit_web_context_get_sandbox_enabled): Deleted.
* UIProcess/API/gtk/WebKitWebContext.h:
* UIProcess/API/gtk/docs/webkit2gtk-4.0-sections.txt:
* UIProcess/API/wpe/WebKitWebContext.h:
* UIProcess/API/wpe/docs/wpe-0.1-sections.txt:
* UIProcess/Launcher/glib/BubblewrapLauncher.cpp: Removed.
* UIProcess/Launcher/glib/BubblewrapLauncher.h: Removed.
* UIProcess/Launcher/glib/FlatpakLauncher.cpp: Removed.
* UIProcess/Launcher/glib/FlatpakLauncher.h: Removed.
* UIProcess/Launcher/glib/ProcessLauncherGLib.cpp:
(WebKit::ProcessLauncher::launchProcess):
(WebKit::isInsideFlatpak): Deleted.
* UIProcess/WebProcessPool.h:
* UIProcess/glib/WebProcessProxyGLib.cpp:
(WebKit::WebProcessProxy::platformGetLaunchOptions):
Commit: f850c3f9817d8a0abf5b9dcd02c2cbfb43aa8df3
https://github.com/WebKit/WebKit/commit/f850c3f9817d8a0abf5b9dcd02c2cbfb43aa8df3
Author: Carlos Garcia Campos <carlosgc at webkit.org>
Date: 2019-02-14 (Thu, 14 Feb 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/webkitglib-symbols.map
Log Message:
-----------
Unreviewed. Add missing symbols to webkitglib-symbols.map
Add symbols global in JSC and present in WebKit.
* webkitglib-symbols.map:
Commit: 0bab4ce6c85f318d6ee6cc1dd245be5181d7d472
https://github.com/WebKit/WebKit/commit/0bab4ce6c85f318d6ee6cc1dd245be5181d7d472
Author: Carlos Garcia Campos <carlosgc at webkit.org>
Date: 2019-02-14 (Thu, 14 Feb 2019)
Changed paths:
M ChangeLog
M Source/WebKit/ChangeLog
M Source/WebKit/gtk/NEWS
M Source/cmake/OptionsGTK.cmake
Log Message:
-----------
Unreviewed. Update OptionsGTK.cmake and NEWS for 2.23.90 release
.:
* Source/cmake/OptionsGTK.cmake: Bump version numbers
Source/WebKit:
* gtk/NEWS: Add release notes for 2.23.90.
Commit: 63c91297cfacab89ff3f972e1d7f575674607d9e
https://github.com/WebKit/WebKit/commit/63c91297cfacab89ff3f972e1d7f575674607d9e
Author: Youenn Fablet <youennf at gmail.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/NetworkProcess/cache/CacheStorageEngine.cpp
Log Message:
-----------
Merge r241544 - Do not add a caches to its engine if the salt cannot be initialized
https://bugs.webkit.org/show_bug.cgi?id=194604
Reviewed by Antti Koivisto.
This is a follow-up to https://bugs.webkit.org/show_bug.cgi?id=194588.
We should return early if initialize fails.
* NetworkProcess/cache/CacheStorageEngine.cpp:
(WebKit::CacheStorage::Engine::readCachesFromDisk):
Commit: 9be337b0ffbb72150908e33a0bd5032f022e3147
https://github.com/WebKit/WebKit/commit/9be337b0ffbb72150908e33a0bd5032f022e3147
Author: Alan Bujtas <zalan at apple.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/layout/FormattingContext.h
M Source/WebCore/layout/FormattingContextGeometry.cpp
M Source/WebCore/layout/blockformatting/BlockFormattingContextGeometry.cpp
M Source/WebCore/layout/inlineformatting/InlineFormattingContext.cpp
M Tools/ChangeLog
M Tools/LayoutReloaded/misc/LFC-passing-tests.txt
Log Message:
-----------
Merge r241545 - [LFC] Shrink-to-fit-width should be constrained by min/max width
https://bugs.webkit.org/show_bug.cgi?id=194653
Reviewed by Antti Koivisto.
Source/WebCore:
Use the fixed value of min-width/max-width to constrain the computed preferred width.
* layout/FormattingContext.h:
* layout/FormattingContextGeometry.cpp:
(WebCore::Layout::FormattingContext::Geometry::constrainByMinMaxWidth):
* layout/blockformatting/BlockFormattingContextGeometry.cpp:
(WebCore::Layout::BlockFormattingContext::Geometry::intrinsicWidthConstraints):
* layout/inlineformatting/InlineFormattingContext.cpp:
(WebCore::Layout::InlineFormattingContext::computeIntrinsicWidthConstraints const):
Tools:
* LayoutReloaded/misc/LFC-passing-tests.txt:
Commit: 48eeadccb5a69889555ebcef43cdeedcdc272d6d
https://github.com/WebKit/WebKit/commit/48eeadccb5a69889555ebcef43cdeedcdc272d6d
Author: Alan Bujtas <zalan at apple.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/fast/block/block-only/block-replaced-with-vertical-margins-expected.html
A LayoutTests/fast/block/block-only/block-replaced-with-vertical-margins.html
M Source/WebCore/ChangeLog
M Source/WebCore/layout/blockformatting/BlockMarginCollapse.cpp
M Tools/ChangeLog
M Tools/LayoutReloaded/misc/LFC-passing-tests.txt
Log Message:
-----------
Merge r241546 - [LFC][BFC][MarginCollapse] Replaced boxes don't collapse through their margins
https://bugs.webkit.org/show_bug.cgi?id=194622
Reviewed by Antti Koivisto.
Source/WebCore:
Ensure that block replaced boxes don't collapse through their vertical margins.
Test: fast/block/block-only/block-replaced-with-vertical-margins.html
* layout/blockformatting/BlockMarginCollapse.cpp:
(WebCore::Layout::BlockFormattingContext::MarginCollapse::marginsCollapseThrough):
* page/FrameViewLayoutContext.cpp:
(WebCore::layoutUsingFormattingContext):
Tools:
* LayoutReloaded/misc/LFC-passing-tests.txt:
LayoutTests:
* fast/block/block-only/block-replaced-with-vertical-margins-expected.html: Added.
* fast/block/block-only/block-replaced-with-vertical-margins.html: Added.
Commit: a1a9eb1315a936b09407ce06850aa3c22f515242
https://github.com/WebKit/WebKit/commit/a1a9eb1315a936b09407ce06850aa3c22f515242
Author: BJ Burg <bburg at apple.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/inspector/protocol/DOM.json
M Source/WebCore/ChangeLog
M Source/WebCore/inspector/agents/InspectorDOMAgent.cpp
M Source/WebInspectorUI/UserInterface/Models/DOMNode.js
Log Message:
-----------
Merge r241547 - Web Inspector: don't include accessibility role in DOM.Node object payloads
https://bugs.webkit.org/show_bug.cgi?id=194623
<rdar://problem/36384037>
Reviewed by Devin Rousso.
Source/JavaScriptCore:
Remove property of DOM.Node that is no longer being sent.
* inspector/protocol/DOM.json:
Source/WebCore:
Accessibility properties are complicated to fetch at all the points where we want to build and push nodes immediately.
Turning on AX often indirectly causes style recalc and layout. This is bad because we are often building nodes in the
first place due to a DOM node tree update (i.e., NodeInserted).
It turns out that DOM.getAccessibilityPropertiesForNode is called every time we display
the computed role in the Elements Tab > Nodes Sidebar > Accessibility Section. So it is not
necessary to collect this information in a problematic way when initially pushing the node, as
it will be updated anyway.
No new tests, no change in behavior.
* inspector/agents/InspectorDOMAgent.cpp:
(WebCore::InspectorDOMAgent::buildObjectForNode):
Commit: 83ff77b9686bdba594171b51e5991868d789d57c
https://github.com/WebKit/WebKit/commit/83ff77b9686bdba594171b51e5991868d789d57c
Author: Chris Fleizach <cfleizach at apple.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/Shared/WebPreferences.yaml
M Tools/ChangeLog
M Tools/WebKitTestRunner/TestController.cpp
Log Message:
-----------
Merge r241549 - AX: ARIA Reflection was disabled in error
https://bugs.webkit.org/show_bug.cgi?id=194647
<rdar://problem/48068336>
Reviewed by Ryosuke Niwa.
Source/WebKit:
* Shared/WebPreferences.yaml:
Tools:
Remove test override now that this feature should be enabled by default.
* WebKitTestRunner/TestController.cpp:
(WTR::TestController::resetPreferencesToConsistentValues):
Commit: 7d9924df6513b649165cfe11b61180cda9340ea7
https://github.com/WebKit/WebKit/commit/7d9924df6513b649165cfe11b61180cda9340ea7
Author: Tadeu Zagallo <tzagallo at apple.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/runtime/CachedTypes.cpp
Log Message:
-----------
Merge r241550 - CachedBitVector's size must be converted from bits to bytes
https://bugs.webkit.org/show_bug.cgi?id=194441
Reviewed by Saam Barati.
CachedBitVector used its size in bits for memcpy. That didn't cause any
issues when encoding, since the size in bits was also used in the allocation,
but would overflow the actual BitVector buffer when decoding.
* runtime/CachedTypes.cpp:
(JSC::CachedBitVector::encode):
(JSC::CachedBitVector::decode const):
Commit: 9c7c3d1ff58a340c95d537d332d403d7d72d6866
https://github.com/WebKit/WebKit/commit/9c7c3d1ff58a340c95d537d332d403d7d72d6866
Author: Milo Casagrande <milo at milo.name>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M Source/WebCore/platform/gtk/po/ChangeLog
M Source/WebCore/platform/gtk/po/it.po
Log Message:
-----------
Merge r241551 - [l10n] Updated Italian translation of WebKitGTK+
https://bugs.webkit.org/show_bug.cgi?id=194652
Patch by Milo Casagrande <milo at milo.name> on 2019-02-14
Rubber-stamped by Michael Catanzaro.
* it.po:
Commit: bc25a170dbc510daf9a7c73d6dca1de6e0923641
https://github.com/WebKit/WebKit/commit/bc25a170dbc510daf9a7c73d6dca1de6e0923641
Author: Tadeu Zagallo <tzagallo at apple.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/bytecode/UnlinkedFunctionExecutable.cpp
M Source/JavaScriptCore/bytecode/UnlinkedFunctionExecutable.h
M Source/JavaScriptCore/runtime/CodeCache.cpp
Log Message:
-----------
Merge r241552 - generateUnlinkedCodeBlockForFunctions shouldn't need to create a FunctionExecutable just to get its source code
https://bugs.webkit.org/show_bug.cgi?id=194576
Reviewed by Saam Barati.
Extract a new function, `linkedSourceCode` from UnlinkedFunctionExecutable::link
and use it in `generateUnlinkedCodeBlockForFunctions` instead.
* bytecode/UnlinkedFunctionExecutable.cpp:
(JSC::UnlinkedFunctionExecutable::linkedSourceCode const):
(JSC::UnlinkedFunctionExecutable::link):
* bytecode/UnlinkedFunctionExecutable.h:
* runtime/CodeCache.cpp:
(JSC::generateUnlinkedCodeBlockForFunctions):
Commit: 057b822312973f070182190323de12bd15b2a9c0
https://github.com/WebKit/WebKit/commit/057b822312973f070182190323de12bd15b2a9c0
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/runtime/VM.cpp
Log Message:
-----------
Merge r241557 - [JSC] Should have default NativeJITCode
https://bugs.webkit.org/show_bug.cgi?id=194634
Reviewed by Mark Lam.
In JSC_useJIT=false mode, we always create identical NativeJITCode for call and construct when we create NativeExecutable.
This is meaningless since we do not modify NativeJITCode after the creation. This patch adds singleton used as a default one.
Since NativeJITCode (& JITCode) is ThreadSafeRefCounted, we can just share it in a whole process level. This removes 446 NativeJITCode
allocations, which takes 14KB.
* runtime/VM.cpp:
(JSC::jitCodeForCallTrampoline):
(JSC::jitCodeForConstructTrampoline):
(JSC::VM::getHostFunction):
Commit: f63a6befdc7e072e7313b4e35dea6488839023c7
https://github.com/WebKit/WebKit/commit/f63a6befdc7e072e7313b4e35dea6488839023c7
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/dfg/DFGJITCode.h
M Source/JavaScriptCore/dfg/DFGJITFinalizer.cpp
M Source/JavaScriptCore/jit/JITCode.cpp
M Source/JavaScriptCore/jit/JITCode.h
M Source/JavaScriptCore/llint/LLIntEntrypoint.cpp
Log Message:
-----------
Merge r241560 - [JSC] Non-JIT entrypoints should share NativeJITCode per entrypoint type
https://bugs.webkit.org/show_bug.cgi?id=194659
Reviewed by Mark Lam.
Non-JIT entrypoints create NativeJITCode every time it is called. But it is meaningless since these entry point code are identical.
We should create one per entrypoint type (for function, we should have CodeForCall and CodeForConstruct) and continue to use them.
And we use NativeJITCode instead of DirectJITCode if it does not have difference between usual entrypoint and arity check entrypoint.
* dfg/DFGJITCode.h:
* dfg/DFGJITFinalizer.cpp:
(JSC::DFG::JITFinalizer::finalize):
(JSC::DFG::JITFinalizer::finalizeFunction):
* jit/JITCode.cpp:
(JSC::DirectJITCode::initializeCodeRefForDFG):
(JSC::DirectJITCode::initializeCodeRef): Deleted.
(JSC::NativeJITCode::initializeCodeRef): Deleted.
* jit/JITCode.h:
* llint/LLIntEntrypoint.cpp:
(JSC::LLInt::setFunctionEntrypoint):
(JSC::LLInt::setEvalEntrypoint):
(JSC::LLInt::setProgramEntrypoint):
(JSC::LLInt::setModuleProgramEntrypoint): Retagged is removed since the tag is the same.
Commit: 53b22d2ae78906e34d1c0b0cb3e7bd166c476aa4
https://github.com/WebKit/WebKit/commit/53b22d2ae78906e34d1c0b0cb3e7bd166c476aa4
Author: Michael Catanzaro <mcatanzaro at gnome.org>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/API/glib/WebKitSettings.cpp
M Source/WebKit/UIProcess/API/glib/WebKitWebView.cpp
M Source/WebKit/UIProcess/API/gtk/docs/webkit2gtk-docs.sgml
M Source/WebKit/WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMPrivateGtk.h
M Source/WebKit/gtk/webkit2gtk-web-extension.pc.in
M Source/WebKit/gtk/webkit2gtk.pc.in
Log Message:
-----------
Merge r241563 - [GTK] WebKitGTK+ -> WebKitGTK
https://bugs.webkit.org/show_bug.cgi?id=194658
Reviewed by Alex Christensen.
This renames WebKitGTK+ to WebKitGTK in a few user-visible places: the API documentation,
the pkg-config, and an error message.
In a couple places where it's exposed in WPE documentation, WPE is now mentioned, or the
reference to "WebKitGTK+" is changed to just "WebKit."
* UIProcess/API/glib/WebKitSettings.cpp:
(webkit_settings_class_init):
* UIProcess/API/glib/WebKitWebView.cpp:
* UIProcess/API/gtk/docs/webkit2gtk-docs.sgml:
* WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMPrivateGtk.h:
* gtk/webkit2gtk-web-extension.pc.in:
* gtk/webkit2gtk.pc.in:
Commit: 8f882277542525004ebd9d8a41b8d39d7416d7b7
https://github.com/WebKit/WebKit/commit/8f882277542525004ebd9d8a41b8d39d7416d7b7
Author: Youenn Fablet <youennf at gmail.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/NetworkProcess/cache/CacheStorageEngineCaches.cpp
M Source/WebKit/NetworkProcess/cache/CacheStorageEngineCaches.h
Log Message:
-----------
Merge r241565 - ASSERTION FAILED: m_caches.isEmpty() || !m_pendingInitializationCallbacks.isEmpty() in WebKit::CacheStorage::Caches::clearMemoryRepresentation()
https://bugs.webkit.org/show_bug.cgi?id=188393
<rdar://problem/43025665>
Reviewed by Alex Christensen.
In case Caches::dispose is called, clearMemoryRepresentation might be called if there is no active cache.
We also ensure to not clear the memory representation if there is any remaining removed cache.
Update the clearMemoryRepresentation assertion to take that into account.
In case a Caches is cleared twice, the clearMemoryRepresentation assertion will assert while it should not.
In that case m_storage is null the second time. Update the assertion accordingly.
* NetworkProcess/cache/CacheStorageEngineCaches.cpp:
(WebKit::CacheStorage::Caches::hasActiveCache const):
(WebKit::CacheStorage::Caches::dispose):
(WebKit::CacheStorage::Caches::clearMemoryRepresentation):
* NetworkProcess/cache/CacheStorageEngineCaches.h:
Commit: 98504e44c082d5bbb707323a4694f8379a9f4dea
https://github.com/WebKit/WebKit/commit/98504e44c082d5bbb707323a4694f8379a9f4dea
Author: Joseph Pecoraro <pecoraro at apple.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/css/CSSStyleSheet.cpp
Log Message:
-----------
Merge r241567 - Web Inspector: Occasional crash under WebCore::CSSStyleSheet::item called from Inspector
https://bugs.webkit.org/show_bug.cgi?id=194671
<rdar://problem/47628191>
Patch by Joseph Pecoraro <pecoraro at apple.com> on 2019-02-14
Reviewed by Devin Rousso.
* css/CSSStyleSheet.cpp:
(WebCore::CSSStyleSheet::item):
A crash may happen if the m_childRuleCSSOMWrappers Vector gets out of
sync with the m_contents list of rules. In particular if the wrappers
vector is shorter than the rule list. We tried exercising code paths
that modify these lists but were not able to reproduce the crash.
To avoid a crash we can make this access safer and avoid the original
overflow. At the same time we will keep and promote the assertion that
would catch the lists getting out of sync in debug builds.
Commit: 51f7947097b7d9b71f20673aa5f5dc946c9997a1
https://github.com/WebKit/WebKit/commit/51f7947097b7d9b71f20673aa5f5dc946c9997a1
Author: Saam Barati <sbarati at apple.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/microbenchmarks/cache-get-variables-under-tdz-in-bytecode-generator.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/builtins/BuiltinExecutables.cpp
M Source/JavaScriptCore/bytecode/UnlinkedFunctionExecutable.cpp
M Source/JavaScriptCore/bytecode/UnlinkedFunctionExecutable.h
M Source/JavaScriptCore/bytecompiler/BytecodeGenerator.cpp
M Source/JavaScriptCore/bytecompiler/BytecodeGenerator.h
M Source/JavaScriptCore/parser/VariableEnvironment.cpp
M Source/JavaScriptCore/parser/VariableEnvironment.h
M Source/JavaScriptCore/runtime/CodeCache.cpp
Log Message:
-----------
Merge r241571 - Cache the results of BytecodeGenerator::getVariablesUnderTDZ
https://bugs.webkit.org/show_bug.cgi?id=194583
<rdar://problem/48028140>
Reviewed by Yusuke Suzuki.
JSTests:
* microbenchmarks/cache-get-variables-under-tdz-in-bytecode-generator.js: Added.
Source/JavaScriptCore:
This patch makes it so that getVariablesUnderTDZ caches a result of
CompactVariableMap::Handle. getVariablesUnderTDZ is costly when
it's called in an environment where there are a lot of variables.
This patch makes it so we cache its results. This is profitable when
getVariablesUnderTDZ is called repeatedly with the same environment
state. This is common since we call this every time we encounter a
function definition/expression node.
* builtins/BuiltinExecutables.cpp:
(JSC::BuiltinExecutables::createExecutable):
* bytecode/UnlinkedFunctionExecutable.cpp:
(JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable):
* bytecode/UnlinkedFunctionExecutable.h:
* bytecompiler/BytecodeGenerator.cpp:
(JSC::BytecodeGenerator::popLexicalScopeInternal):
(JSC::BytecodeGenerator::liftTDZCheckIfPossible):
(JSC::BytecodeGenerator::pushTDZVariables):
(JSC::BytecodeGenerator::getVariablesUnderTDZ):
(JSC::BytecodeGenerator::restoreTDZStack):
* bytecompiler/BytecodeGenerator.h:
(JSC::BytecodeGenerator::makeFunction):
* parser/VariableEnvironment.cpp:
(JSC::CompactVariableMap::Handle::Handle):
(JSC::CompactVariableMap::Handle::operator=):
* parser/VariableEnvironment.h:
(JSC::CompactVariableMap::Handle::operator bool const):
* runtime/CodeCache.cpp:
(JSC::CodeCache::getUnlinkedGlobalFunctionExecutable):
Commit: ec05c0ca2fc8c89f65350a530fd3b734ef388ebd
https://github.com/WebKit/WebKit/commit/ec05c0ca2fc8c89f65350a530fd3b734ef388ebd
Author: Commit Queue <commit-queue at webkit.org>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M LayoutTests/ChangeLog
R LayoutTests/inspector/css/modify-inline-style-expected.txt
R LayoutTests/inspector/css/modify-inline-style.html
M Source/WebInspectorUI/ChangeLog
M Source/WebInspectorUI/UserInterface/Models/DOMNodeStyles.js
Log Message:
-----------
Merge r241572 - Unreviewed, rolling out r241497.
https://bugs.webkit.org/show_bug.cgi?id=194676
New test times out (Requested by NVI on #webkit).
Reverted changeset:
"Web Inspector: Styles: valid values in style attributes are
reported as unsupported property values"
https://bugs.webkit.org/show_bug.cgi?id=194619
https://trac.webkit.org/changeset/241497
Commit: f350aeda33d87ade7373773381fa485d58f7b7de
https://github.com/WebKit/WebKit/commit/f350aeda33d87ade7373773381fa485d58f7b7de
Author: Brent Fulgham <bfulgham at webkit.org>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/NetworkProcess/Classifier/WebResourceLoadStatisticsStore.cpp
M Source/WebKit/UIProcess/WebsiteData/WebsiteDataStore.cpp
M Source/WebKit/WebProcess/WebPage/WebPage.cpp
Log Message:
-----------
Merge r241574 - REGRESSION (r240446): Storage Access API does not handle domains consistently
https://bugs.webkit.org/show_bug.cgi?id=194664
Reviewed by Alex Christensen.
During my refactoring of the ResourceLoadStatistics code, I introduced two bugs:
(1) I neglected to be consistent in my use of 'primaryDomain', causing some Storage
Access API code paths to store approves under one domain (e.g., 'www.example.com'),
while checking status under the eTLD+1 (e.g., 'example.com'). The exact string matching
requirement caused these to get missed.
(2) I used a move operator before a final set of copies of domain names, leading to
some empty strings being passed to Storage Access API calls.
Both issues are corrected in this patch.
* NetworkProcess/Classifier/WebResourceLoadStatisticsStore.cpp:
(WebKit::WebResourceLoadStatisticsStore::setPrevalentResourceForDebugMode): Always make the
domain comply with our 'primaryDomain' logic.
(WebKit::WebResourceLoadStatisticsStore::hasStorageAccess): Ditto.
(WebKit::WebResourceLoadStatisticsStore::requestStorageAccessGranted): Ditto.
(WebKit::WebResourceLoadStatisticsStore::logFrameNavigation): Ditto.
(WebKit::WebResourceLoadStatisticsStore::logWebSocketLoading): Ditto.
(WebKit::WebResourceLoadStatisticsStore::logSubresourceLoading): Ditto.
(WebKit::WebResourceLoadStatisticsStore::logSubresourceRedirect): Ditto.
(WebKit::WebResourceLoadStatisticsStore::logUserInteraction): Ditto.
(WebKit::WebResourceLoadStatisticsStore::clearUserInteraction): Ditto.
(WebKit::WebResourceLoadStatisticsStore::hasHadUserInteraction): Ditto.
(WebKit::WebResourceLoadStatisticsStore::setLastSeen): Ditto.
(WebKit::WebResourceLoadStatisticsStore::setPrevalentResource): Ditto.
(WebKit::WebResourceLoadStatisticsStore::setVeryPrevalentResource): Ditto.
(WebKit::WebResourceLoadStatisticsStore::isPrevalentResource): Ditto.
(WebKit::WebResourceLoadStatisticsStore::isVeryPrevalentResource): Ditto.
(WebKit::WebResourceLoadStatisticsStore::isRegisteredAsSubresourceUnder): Ditto.
(WebKit::WebResourceLoadStatisticsStore::isRegisteredAsSubFrameUnder): Ditto.
(WebKit::WebResourceLoadStatisticsStore::isRegisteredAsRedirectingTo): Ditto.
(WebKit::WebResourceLoadStatisticsStore::clearPrevalentResource): Ditto.
(WebKit::WebResourceLoadStatisticsStore::setGrandfathered): Ditto.
(WebKit::WebResourceLoadStatisticsStore::isGrandfathered): Ditto.
(WebKit::WebResourceLoadStatisticsStore::setSubframeUnderTopFrameOrigin): Ditto.
(WebKit::WebResourceLoadStatisticsStore::setSubresourceUnderTopFrameOrigin): Ditto.
(WebKit::WebResourceLoadStatisticsStore::setSubresourceUniqueRedirectTo): Ditto.
(WebKit::WebResourceLoadStatisticsStore::setSubresourceUniqueRedirectFrom): Ditto.
(WebKit::WebResourceLoadStatisticsStore::setTopFrameUniqueRedirectTo): Ditto.
(WebKit::WebResourceLoadStatisticsStore::setTopFrameUniqueRedirectFrom): Ditto.
* UIProcess/WebsiteData/WebsiteDataStore.cpp:
(WebKit::WebsiteDataStore::hasStorageAccess): Always make the
domain comply with our 'primaryDomain' logic.
(WebKit::WebsiteDataStore::requestStorageAccess): Ditto. Also make copy of domain
names before moving them to the completion handler.
(WebKit::WebsiteDataStore::grantStorageAccess): Ditto.
* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::hasStorageAccess): Always make the domain comply with our
'primaryDomain' logic.
(WebKit::WebPage::requestStorageAccess): Ditto.
Commit: 4a13f00c3c3c5208214abbdff68b10e76d27a02b
https://github.com/WebKit/WebKit/commit/4a13f00c3c3c5208214abbdff68b10e76d27a02b
Author: Saam Barati <sbarati at apple.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/b3/air/AirLowerStackArgs.cpp
M Source/JavaScriptCore/b3/air/AirOpcode.opcodes
M Source/JavaScriptCore/b3/air/testair.cpp
Log Message:
-----------
Merge r241577 - lowerStackArgs should lower Lea32/64 on ARM64 to Add
https://bugs.webkit.org/show_bug.cgi?id=194656
Reviewed by Yusuke Suzuki.
On arm64, Lea is just implemented as an add. However, Air treats it as an
address with a given width. Because of this width, we were incorrectly
computing whether or not this immediate could fit into the instruction itself
or it needed to be explicitly put into a register. This patch makes
AirLowerStackArgs lower Lea to Add on arm64.
* b3/air/AirLowerStackArgs.cpp:
(JSC::B3::Air::lowerStackArgs):
* b3/air/AirOpcode.opcodes:
* b3/air/testair.cpp:
Commit: b3f9438255235b6b8182388f99ff8eac894f4ba2
https://github.com/WebKit/WebKit/commit/b3f9438255235b6b8182388f99ff8eac894f4ba2
Author: Saam Barati <sbarati at apple.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/tail-call-many-arguments.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj
M Source/JavaScriptCore/Sources.txt
A Source/JavaScriptCore/b3/air/AirAllocateRegistersAndStackAndGenerateCode.cpp
A Source/JavaScriptCore/b3/air/AirAllocateRegistersAndStackAndGenerateCode.h
M Source/JavaScriptCore/b3/air/AirCode.cpp
M Source/JavaScriptCore/b3/air/AirCode.h
M Source/JavaScriptCore/b3/air/AirGenerate.cpp
M Source/JavaScriptCore/b3/air/AirHandleCalleeSaves.cpp
M Source/JavaScriptCore/b3/air/AirHandleCalleeSaves.h
M Source/JavaScriptCore/b3/air/AirTmpMap.h
M Source/JavaScriptCore/runtime/Options.h
M Source/JavaScriptCore/wasm/WasmAirIRGenerator.cpp
M Source/JavaScriptCore/wasm/WasmAirIRGenerator.h
M Source/JavaScriptCore/wasm/WasmB3IRGenerator.cpp
M Source/JavaScriptCore/wasm/WasmBBQPlan.cpp
M Source/JavaScriptCore/wasm/WasmFunctionParser.h
M Source/JavaScriptCore/wasm/WasmValidate.cpp
M Source/WTF/ChangeLog
M Source/WTF/wtf/IndexMap.h
M Tools/ChangeLog
M Tools/Scripts/run-jsc-stress-tests
Log Message:
-----------
Merge r241579 - [WebAssembly] Write a new register allocator for Air O0 and make BBQ use it
https://bugs.webkit.org/show_bug.cgi?id=194036
Reviewed by Yusuke Suzuki.
JSTests:
* stress/tail-call-many-arguments.js: Added.
(foo):
(bar):
Source/JavaScriptCore:
This patch adds a new Air-O0 backend. Air-O0 runs fewer passes and doesn't
use linear scan for register allocation. Instead of linear scan, Air-O0 does
mostly block-local register allocation, and it does this as it's emitting
code directly. The register allocator uses liveness analysis to reduce
the number of spills. Doing register allocation as we're emitting code
allows us to skip editing the IR to insert spills, which saves a non trivial
amount of compile time. For stack allocation, we give each Tmp its own slot.
This is less than ideal. We probably want to do some trivial live range analysis
in the future. The reason this isn't a deal breaker for Wasm is that this patch
makes it so that we reuse Tmps as we're generating Air IR in the AirIRGenerator.
Because Wasm is a stack machine, we trivially know when we kill a stack value (its last use).
This patch is another 25% Wasm startup time speedup. It seems to be worth
another 1% on JetStream2.
* JavaScriptCore.xcodeproj/project.pbxproj:
* Sources.txt:
* b3/air/AirAllocateRegistersAndStackAndGenerateCode.cpp: Added.
(JSC::B3::Air::GenerateAndAllocateRegisters::GenerateAndAllocateRegisters):
(JSC::B3::Air::GenerateAndAllocateRegisters::buildLiveRanges):
(JSC::B3::Air::GenerateAndAllocateRegisters::insertBlocksForFlushAfterTerminalPatchpoints):
(JSC::B3::Air::callFrameAddr):
(JSC::B3::Air::GenerateAndAllocateRegisters::flush):
(JSC::B3::Air::GenerateAndAllocateRegisters::spill):
(JSC::B3::Air::GenerateAndAllocateRegisters::alloc):
(JSC::B3::Air::GenerateAndAllocateRegisters::freeDeadTmpsIfNeeded):
(JSC::B3::Air::GenerateAndAllocateRegisters::assignTmp):
(JSC::B3::Air::GenerateAndAllocateRegisters::isDisallowedRegister):
(JSC::B3::Air::GenerateAndAllocateRegisters::prepareForGeneration):
(JSC::B3::Air::GenerateAndAllocateRegisters::generate):
* b3/air/AirAllocateRegistersAndStackAndGenerateCode.h: Added.
* b3/air/AirCode.cpp:
* b3/air/AirCode.h:
* b3/air/AirGenerate.cpp:
(JSC::B3::Air::prepareForGeneration):
(JSC::B3::Air::generateWithAlreadyAllocatedRegisters):
(JSC::B3::Air::generate):
* b3/air/AirHandleCalleeSaves.cpp:
(JSC::B3::Air::handleCalleeSaves):
* b3/air/AirHandleCalleeSaves.h:
* b3/air/AirTmpMap.h:
* runtime/Options.h:
* wasm/WasmAirIRGenerator.cpp:
(JSC::Wasm::AirIRGenerator::didKill):
(JSC::Wasm::AirIRGenerator::newTmp):
(JSC::Wasm::AirIRGenerator::AirIRGenerator):
(JSC::Wasm::parseAndCompileAir):
(JSC::Wasm::AirIRGenerator::addOp<OpType::I64TruncUF64>):
(JSC::Wasm::AirIRGenerator::addOp<OpType::I64TruncUF32>):
* wasm/WasmAirIRGenerator.h:
* wasm/WasmB3IRGenerator.cpp:
(JSC::Wasm::B3IRGenerator::didKill):
* wasm/WasmBBQPlan.cpp:
(JSC::Wasm::BBQPlan::compileFunctions):
* wasm/WasmFunctionParser.h:
(JSC::Wasm::FunctionParser<Context>::parseBody):
(JSC::Wasm::FunctionParser<Context>::parseExpression):
* wasm/WasmValidate.cpp:
(JSC::Wasm::Validate::didKill):
Source/WTF:
* wtf/IndexMap.h:
(WTF::IndexMap::at):
(WTF::IndexMap::at const):
(WTF::IndexMap::operator[]):
(WTF::IndexMap::operator[] const):
Tools:
* Scripts/run-jsc-stress-tests:
Commit: 63c73941e5dd9ebb218229c1bb122d115fe081d3
https://github.com/WebKit/WebKit/commit/63c73941e5dd9ebb218229c1bb122d115fe081d3
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M Source/bmalloc/ChangeLog
M Source/bmalloc/bmalloc/Scavenger.cpp
Log Message:
-----------
Merge r241580 - [bmalloc] Do not start scavenger thread if we use system malloc
https://bugs.webkit.org/show_bug.cgi?id=194674
Reviewed by Mark Lam.
We always start the scavenger thread even if system malloc is used by the environment variable like "Malloc=1".
Because bmalloc allocation goes to the system malloc if "Malloc=1" is set, we do not need to scavenge. This patch
changes it not to start the scavenger thread.
* bmalloc/Scavenger.cpp:
(bmalloc::Scavenger::Scavenger):
Commit: 73161159e7e92150f54c80f977e62f4f097b7d84
https://github.com/WebKit/WebKit/commit/73161159e7e92150f54c80f977e62f4f097b7d84
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M Source/bmalloc/ChangeLog
M Source/bmalloc/bmalloc/Gigacage.cpp
Log Message:
-----------
Merge r241581 - [bmalloc] NSBundle-based application name check should be executed after debug-heap environment variable check
https://bugs.webkit.org/show_bug.cgi?id=194694
Reviewed by Mark Lam.
Interestingly, NSBundle allocates fair amount of memory and keeps it for a process-long time. For example, it
allocates global NSConcreteHashTable, which takes 2.5KB. This patch changes the order of gigacage-check, we
first check "Malloc=1" status, and then check the process name through NSBundle. This allows us to remove NSBundle
related allocation in JSC initialization in the system malloc mode.
* bmalloc/Gigacage.cpp:
(Gigacage::shouldBeEnabled):
Commit: 07726cd36bf9658d67dfc4cc04d89751d35c7a07
https://github.com/WebKit/WebKit/commit/07726cd36bf9658d67dfc4cc04d89751d35c7a07
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/dfg/DFGOSRExitPreparation.cpp
M Source/JavaScriptCore/dfg/DFGPlan.h
M Source/JavaScriptCore/dfg/DFGWorklist.cpp
M Source/JavaScriptCore/dfg/DFGWorklist.h
M Source/JavaScriptCore/heap/Heap.cpp
M Source/JavaScriptCore/jit/JITWorklist.cpp
M Source/JavaScriptCore/jit/JITWorklist.h
M Source/JavaScriptCore/llint/LLIntSlowPaths.cpp
M Source/JavaScriptCore/runtime/VM.cpp
M Source/JavaScriptCore/runtime/VM.h
Log Message:
-----------
Merge r241582 - [JSC] Do not even allocate JIT worklists in non-JIT mode
https://bugs.webkit.org/show_bug.cgi?id=194693
Reviewed by Mark Lam.
Heap always allocates JIT worklists for Baseline, DFG, and FTL. While they do not have actual threads, Worklist itself already allocates some memory.
And we do not perform any GC operations that are only meaningful in JIT environment.
1. We add VM::canUseJIT() check in Heap's ensureXXXWorklist things to prevent them from being allocated.
2. We remove DFG marking constraint in non-JIT mode.
3. We do not gather conservative roots from scratch buffers under the non-JIT mode (BTW, # of scratch buffers are always zero in non-JIT mode)
4. We do not visit JITStubRoutineSet.
5. Align JITWorklist function names to the other worklists.
* dfg/DFGOSRExitPreparation.cpp:
(JSC::DFG::prepareCodeOriginForOSRExit):
* dfg/DFGPlan.h:
* dfg/DFGWorklist.cpp:
(JSC::DFG::markCodeBlocks): Deleted.
* dfg/DFGWorklist.h:
* heap/Heap.cpp:
(JSC::Heap::completeAllJITPlans):
(JSC::Heap::iterateExecutingAndCompilingCodeBlocks):
(JSC::Heap::gatherScratchBufferRoots):
(JSC::Heap::removeDeadCompilerWorklistEntries):
(JSC::Heap::stopThePeriphery):
(JSC::Heap::suspendCompilerThreads):
(JSC::Heap::resumeCompilerThreads):
(JSC::Heap::addCoreConstraints):
* jit/JITWorklist.cpp:
(JSC::JITWorklist::existingGlobalWorklistOrNull):
(JSC::JITWorklist::ensureGlobalWorklist):
(JSC::JITWorklist::instance): Deleted.
* jit/JITWorklist.h:
* llint/LLIntSlowPaths.cpp:
(JSC::LLInt::jitCompileAndSetHeuristics):
* runtime/VM.cpp:
(JSC::VM::~VM):
(JSC::VM::gatherScratchBufferRoots):
(JSC::VM::gatherConservativeRoots): Deleted.
* runtime/VM.h:
Commit: 9e1540da5b4443dd8ac4237fdb82cf30f40ee7bf
https://github.com/WebKit/WebKit/commit/9e1540da5b4443dd8ac4237fdb82cf30f40ee7bf
Author: Dominik Infuehr <dinfuehr at igalia.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M Source/WTF/ChangeLog
M Source/WTF/wtf/Threading.h
M Source/WTF/wtf/posix/ThreadingPOSIX.cpp
M Source/WTF/wtf/threads/Signals.cpp
Log Message:
-----------
Merge r241583 - Fix deadlock on Linux/x64 between SamplingProfiler and VMTraps
https://bugs.webkit.org/show_bug.cgi?id=194014
Reviewed by Michael Catanzaro.
Do not block SIGUSR1 when installing signal handlers, since this signal
is used to suspend/resume machine threads on Linux.
ftl-ai-filter-phantoms-should-clear-clear-value.js deadlocked with
enabled watchdog and sampling.
Deadlock happened in the following situation:
Thread 1 (Sampling): SamplingProfiler.cpp:takeSample takes all needed locks
and then tries to suspend the main thread.
Thread 2 (Watchdog/VMTraps): Before the Sampling-Thread suspends the main thread
a signal is caught and the signal handler is invoked (VMTraps.cpp:SignalSender).
SignalSender tries to lock codeBlockSet, but this is already locked by the
SamplingProfiler.
The SamplingProfiler can only give up the lock when it suspends
the thread. However since the VMTraps signal handler is active, all other signals blocked,
therefore the SamplingProfiler also waits until its signal handler is invoked.
This patch fixes this by not blocking SIGUSR1 in installSignalHandler, since
it is used to suspend/resume threads on Linux.
* wtf/Threading.h:
* wtf/posix/ThreadingPOSIX.cpp:
* wtf/threads/Signals.cpp:
(WTF::installSignalHandler):
Commit: d1226e71cd4441bdd63af6d4f4eb1eb3b009cb8a
https://github.com/WebKit/WebKit/commit/d1226e71cd4441bdd63af6d4f4eb1eb3b009cb8a
Author: Philippe Normand <pnormand at igalia.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/GStreamer.cmake
M Source/WebCore/platform/graphics/MediaPlayer.cpp
M Source/WebCore/platform/graphics/MediaPlayer.h
M Source/WebCore/platform/graphics/MediaPlayerEnums.h
M Source/WebCore/platform/graphics/gstreamer/GStreamerCommon.cpp
M Source/WebCore/platform/graphics/gstreamer/GStreamerCommon.h
A Source/WebCore/platform/graphics/gstreamer/GStreamerRegistryScanner.cpp
A Source/WebCore/platform/graphics/gstreamer/GStreamerRegistryScanner.h
A Source/WebCore/platform/graphics/gstreamer/MediaEngineConfigurationFactoryGStreamer.cpp
A Source/WebCore/platform/graphics/gstreamer/MediaEngineConfigurationFactoryGStreamer.h
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp
M Source/WebCore/platform/graphics/gstreamer/mse/AppendPipeline.cpp
A Source/WebCore/platform/graphics/gstreamer/mse/GStreamerRegistryScannerMSE.cpp
A Source/WebCore/platform/graphics/gstreamer/mse/GStreamerRegistryScannerMSE.h
M Source/WebCore/platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp
M Source/WebCore/platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.h
M Source/WebCore/platform/mediacapabilities/MediaEngineConfigurationFactory.cpp
Log Message:
-----------
Merge r241585 - Decoding media-capabilities configuration initial support
https://bugs.webkit.org/show_bug.cgi?id=191191
Reviewed by Xabier Rodriguez-Calvar.
This patch enables basic platform probing for GStreamer decoders,
optionally using Hardware decoding capabilities. The previous code
for decoders/demuxers probing partially duplicated between the MSE
player and its parent class was moved to a new module called
GStreamerRegistryScanner. There is one instance of it for the MSE player
and one for the parent class.
The scanner can check for the presence of the GstElement Hardware
metadata classifier in decoders and thus advise the
MediaEngineConfigurationFactoryGStreamer that hardware decoding is
supported or not. This is only a first step though. The scanner
should also probably attempt a NULL->READY transition on decoders
to validate specific input caps are supported. As this might
require changes in GStreamer, this part of the patch wasn't
included.
This patch is covered by the existing media tests.
* platform/GStreamer.cmake: New files.
* platform/graphics/MediaPlayer.cpp: Add support for converting
SupportsType enum to string.
(WebCore::convertEnumerationToString):
* platform/graphics/MediaPlayer.h: Ditto.
* platform/graphics/MediaPlayerEnums.h: Ditto.
* platform/graphics/gstreamer/GStreamerCommon.cpp: Move
gstRegistryHasElementForMediaType to GStreamerRegistryScanner.
* platform/graphics/gstreamer/GStreamerCommon.h: Ditto.
* platform/graphics/gstreamer/GStreamerRegistryScanner.cpp: Added.
(WebCore::GStreamerRegistryScanner::singleton):
(WebCore::GStreamerRegistryScanner::GStreamerRegistryScanner): Initialize
supported mime-types and codecs from the GStreamer registry.
(WebCore::GStreamerRegistryScanner::~GStreamerRegistryScanner): Free the element factories.
(WebCore::GStreamerRegistryScanner::gstRegistryHasElementForMediaType):
Check the input caps are supported, optionally using hardware
device.
(WebCore::GStreamerRegistryScanner::fillMimeTypeSetFromCapsMapping):
Moved from MediaPlayerPrivateGStreamer{,MSE}.
(WebCore::GStreamerRegistryScanner::initialize): Ditto.
(WebCore::GStreamerRegistryScanner::supportsCodec const): Ditto.
(WebCore::GStreamerRegistryScanner::supportsAllCodecs const): Ditto.
(WebCore::GStreamerRegistryScanner::isDecodingSupported const): Check
the given configuration is supported. For now hardware support is
checked for video configurations only as it is quite uncommon
anyway to have hardware-enabled audio decoders.
* platform/graphics/gstreamer/GStreamerRegistryScanner.h: Added.
(WebCore::GStreamerRegistryScanner::mimeTypeSet):
(WebCore::GStreamerRegistryScanner::supportsContainerType const):
(WebCore::GStreamerRegistryScanner::RegistryLookupResult::operator bool const):
* platform/graphics/gstreamer/MediaEngineConfigurationFactoryGStreamer.cpp: Added.
(WebCore::createMediaPlayerDecodingConfigurationGStreamer):
* platform/graphics/gstreamer/MediaEngineConfigurationFactoryGStreamer.h: Added.
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
Rely on new GStreamerRegistryScanner and add some debugging macros.
(WebCore::MediaPlayerPrivateGStreamer::getSupportedTypes):
(WebCore::MediaPlayerPrivateGStreamer::supportsType):
* platform/graphics/gstreamer/mse/AppendPipeline.cpp: Ditto. Also
plug qtdemux for AAC containers, this is an explicit consequence
of finer-grained codecs probing.
(WebCore::AppendPipeline::AppendPipeline):
(WebCore::AppendPipeline::parseDemuxerSrcPadCaps):
* platform/graphics/gstreamer/mse/GStreamerRegistryScannerMSE.cpp: Added.
(WebCore::GStreamerRegistryScannerMSE::singleton):
(WebCore::GStreamerRegistryScannerMSE::GStreamerRegistryScannerMSE):
* platform/graphics/gstreamer/mse/GStreamerRegistryScannerMSE.h: Added.
* platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp:
Rely on new GStreamerRegistryScanner and add some debugging macros.
(WebCore::MediaPlayerPrivateGStreamerMSE::getSupportedTypes):
(WebCore::MediaPlayerPrivateGStreamerMSE::supportsType):
* platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.h:
* platform/mediacapabilities/MediaEngineConfigurationFactory.cpp:
(WebCore::factories): GStreamer support.
Commit: f5f9157f60ef6d31f19dc3d571dcd4c1daa1db78
https://github.com/WebKit/WebKit/commit/f5f9157f60ef6d31f19dc3d571dcd4c1daa1db78
Author: Darin Adler <darin at apple.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/accessibility/win/AccessibilityObjectWrapperWin.cpp
M Source/WebCore/page/linux/ResourceUsageOverlayLinux.cpp
M Source/WebCore/platform/audio/gstreamer/AudioSourceProviderGStreamer.cpp
M Source/WebCore/platform/glib/UserAgentGLib.cpp
M Source/WebCore/platform/graphics/gstreamer/GStreamerCommon.cpp
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp
M Source/WebCore/platform/graphics/gstreamer/mse/AppendPipeline.cpp
M Source/WebCore/platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp
M Source/WebCore/platform/graphics/gtk/ImageBufferGtk.cpp
M Source/WebCore/platform/mediastream/gstreamer/GStreamerAudioCaptureSource.cpp
M Source/WebCore/platform/mediastream/gstreamer/GStreamerCaptureDeviceManager.cpp
M Source/WebCore/platform/mediastream/gstreamer/GStreamerMediaStreamSource.cpp
M Source/WebCore/platform/mediastream/gstreamer/GStreamerVideoCaptureSource.cpp
M Source/WebCore/platform/network/curl/CookieJarDB.cpp
M Source/WebCore/platform/win/SearchPopupMenuDB.cpp
M Source/WebKit/ChangeLog
M Source/WebKit/NetworkProcess/NetworkProcess.cpp
M Source/WebKit/NetworkProcess/soup/NetworkProcessSoup.cpp
M Source/WebKit/UIProcess/API/glib/IconDatabase.cpp
M Source/WebKit/UIProcess/gtk/InputMethodFilter.cpp
M Source/WebKitLegacy/win/ChangeLog
M Source/WebKitLegacy/win/WebView.cpp
M Tools/ChangeLog
M Tools/DumpRenderTree/win/DumpRenderTree.cpp
M Tools/TestWebKitAPI/win/PlatformUtilitiesWin.cpp
M Tools/WebKitTestRunner/InjectedBundle/atk/AccessibilityNotificationHandlerAtk.cpp
M Tools/WebKitTestRunner/InjectedBundle/atk/AccessibilityUIElementAtk.cpp
Log Message:
-----------
Merge r241587 - Replace more uses of String::format with StringConcatenate (mostly non-Apple platform-specific cases)
https://bugs.webkit.org/show_bug.cgi?id=194487
Reviewed by Daniel Bates.
Source/WebCore:
* accessibility/win/AccessibilityObjectWrapperWin.cpp:
(WebCore::AccessibilityObjectWrapper::accessibilityAttributeValue): Use makeString
instead of String::format.
* page/linux/ResourceUsageOverlayLinux.cpp:
(WebCore::formatByteNumber): Use String::number instead of String::format.
* platform/audio/gstreamer/AudioSourceProviderGStreamer.cpp:
(WebCore::AudioSourceProviderGStreamer::AudioSourceProviderGStreamer):
Use makeString instead of String::format.
* platform/glib/UserAgentGLib.cpp:
(WebCore::platformVersionForUAString): Ditto.
* platform/graphics/gstreamer/GStreamerCommon.cpp:
(WebCore::simpleBusMessageCallback): Ditto.
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
(WebCore::MediaPlayerPrivateGStreamer::handleMessage): Ditto.
* platform/graphics/gstreamer/mse/AppendPipeline.cpp:
(WebCore::AppendPipeline::AppendPipeline): Ditto.
(WebCore::AppendPipeline::handleStateChangeMessage): Ditto.
(WebCore::AppendPipeline::resetParserState): Ditto.
* platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp:
(WebCore::MediaPlayerPrivateGStreamerMSE::load): Ditto.
(WebCore::MediaPlayerPrivateGStreamerMSE::doSeek): Ditto.
* platform/graphics/gtk/ImageBufferGtk.cpp:
(WebCore::encodeImage): Use String::number instead of String::format.
* platform/mediastream/gstreamer/GStreamerAudioCaptureSource.cpp:
(WebCore::GStreamerAudioCaptureSource::create): Use makeString instead of
String::format.
* platform/mediastream/gstreamer/GStreamerCaptureDeviceManager.cpp:
(WebCore::GStreamerCaptureDeviceManager::addDevice): Ditto.
* platform/mediastream/gstreamer/GStreamerMediaStreamSource.cpp:
(WebCore::webkitMediaStreamSrcAddPad): Ditto.
* platform/mediastream/gstreamer/GStreamerVideoCaptureSource.cpp:
(WebCore::GStreamerVideoCaptureSource::create): Ditto.
* platform/network/curl/CookieJarDB.cpp:
(WebCore::CookieJarDB::verifySchemaVersion): Ditto.
* platform/win/SearchPopupMenuDB.cpp:
(WebCore::SearchPopupMenuDB::verifySchemaVersion): Ditto.
Source/WebKit:
* NetworkProcess/NetworkProcess.cpp:
(WebKit::NetworkProcess::switchToNewTestingSession): Use makeString instead of String::format.
* NetworkProcess/soup/NetworkProcessSoup.cpp:
(WebKit::buildAcceptLanguages): Ditto.
* UIProcess/API/glib/IconDatabase.cpp:
(WebKit::IconDatabase::performURLImport): Ditto.
* UIProcess/gtk/InputMethodFilter.cpp:
(WebKit::InputMethodFilter::logConfirmCompositionForTesting): Ditto.
(WebKit::InputMethodFilter::logSetPreeditForTesting): Ditto.
Source/WebKitLegacy/win:
* WebView.cpp:
(webKitVersionString): Use makeString instead of String::format.
Tools:
* DumpRenderTree/win/DumpRenderTree.cpp:
(applicationId): Use makeString instead of String::format.
(main): Ditto.
* TestWebKitAPI/win/PlatformUtilitiesWin.cpp:
(TestWebKitAPI::Util::createURLForResource): Ditto.
* WebKitTestRunner/InjectedBundle/atk/AccessibilityNotificationHandlerAtk.cpp:
(WTR::AccessibilityNotificationHandler::connectAccessibilityCallbacks): Ditto.
* WebKitTestRunner/InjectedBundle/atk/AccessibilityUIElementAtk.cpp:
(WTR::attributeSetToString): Use StringBuilder functions directly instead of g_strconcat.
(WTR::attributesOfElement): Use StringBuilder functions directly instead of String::format.
(WTR::createStringWithAttributes): Use appendLiteral.
(WTR::AccessibilityUIElement::helpText const): Ditto.
(WTR::AccessibilityUIElement::attributedStringForRange): Use StringBuilder functions
directly instead of using String::format.
(WTR::AccessibilityUIElement::url): Use makeString instead of String::format.
(WTR::stringAtOffset): Use StringBuilder::appendNumber instead of String::format.
Commit: 0f5acfc0bd597cb53117a1825393013509b29017
https://github.com/WebKit/WebKit/commit/0f5acfc0bd597cb53117a1825393013509b29017
Author: Wenson Hsieh <wenson_hsieh at apple.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/editing/ApplyStyleCommand.cpp
M Source/WebCore/editing/EditingStyle.cpp
M Source/WebCore/editing/EditingStyle.h
Log Message:
-----------
Merge r241588 - Refactor EditingStyle::textDirection to return an Optional<WritingDirection> instead of a bool
https://bugs.webkit.org/show_bug.cgi?id=194686
Reviewed by Ryosuke Niwa.
Changes EditingStyle::textDirection to return an Optional<WritingDirection>, instead of taking a reference to
the resulting WritingDirection. No change in behavior.
* editing/ApplyStyleCommand.cpp:
(WebCore::ApplyStyleCommand::splitAncestorsWithUnicodeBidi):
(WebCore::ApplyStyleCommand::applyInlineStyle):
* editing/EditingStyle.cpp:
(WebCore::EditingStyle::textDirection const):
(WebCore::EditingStyle::textDirectionForSelection):
* editing/EditingStyle.h:
Commit: dc5daa7198ede1f9805cbe550b471568c90df881
https://github.com/WebKit/WebKit/commit/dc5daa7198ede1f9805cbe550b471568c90df881
Author: Philippe Normand <pnormand at igalia.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp
Log Message:
-----------
Merge r241590 - [GStreamer] Simplify GObject class name check
https://bugs.webkit.org/show_bug.cgi?id=194537
Patch by Philippe Normand <pnormand at igalia.com> on 2019-02-15
Reviewed by Michael Catanzaro.
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
(WebCore::MediaPlayerPrivateGStreamer::uriDecodeBinElementAddedCallback):
Use G_OBJECT_TYPE_NAME() to filter out uridecodebin child
elements.
Commit: 8128405be7e8fe8351518e3d0a3743b8be3e39b7
https://github.com/WebKit/WebKit/commit/8128405be7e8fe8351518e3d0a3743b8be3e39b7
Author: Alan Bujtas <zalan at apple.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/fast/block/block-only/out-of-flow-is-never-float-box-expected.html
A LayoutTests/fast/block/block-only/out-of-flow-is-never-float-box.html
M Source/WebCore/ChangeLog
M Source/WebCore/layout/layouttree/LayoutBox.cpp
M Tools/ChangeLog
M Tools/LayoutReloaded/misc/LFC-passing-tests.txt
Log Message:
-----------
Merge r241591 - [LFC] Out-of-flow box is never a float box
https://bugs.webkit.org/show_bug.cgi?id=194704
Reviewed by Antti Koivisto.
Source/WebCore:
We can't have it both ways. Absolute positioning wins.
Test: fast/block/block-only/out-of-flow-is-never-float-box.html
* layout/layouttree/LayoutBox.cpp:
(WebCore::Layout::Box::isFloatingPositioned const):
(WebCore::Layout::Box::isLeftFloatingPositioned const):
(WebCore::Layout::Box::isRightFloatingPositioned const):
Tools:
* LayoutReloaded/misc/LFC-passing-tests.txt:
LayoutTests:
* fast/block/block-only/out-of-flow-is-never-float-box-expected.html: Added.
* fast/block/block-only/out-of-flow-is-never-float-box.html: Added.
Commit: 41522b6f4dcff51b9f3ab2d5b88cb60dc4c06b96
https://github.com/WebKit/WebKit/commit/41522b6f4dcff51b9f3ab2d5b88cb60dc4c06b96
Author: Alex Christensen <achristensen at apple.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/Platform/IPC/HandleMessage.h
M Source/WebKit/Scripts/webkit/messages.py
M Source/WebKit/UIProcess/WebStorage/StorageManager.cpp
M Source/WebKit/UIProcess/WebStorage/StorageManager.h
M Source/WebKit/UIProcess/WebStorage/StorageManager.messages.in
Log Message:
-----------
Merge r241595 - IPC code should support messages with both Delayed and WantsConnection attributes
https://bugs.webkit.org/show_bug.cgi?id=194679
Reviewed by Geoffrey Garen.
* Platform/IPC/HandleMessage.h:
(IPC::callMemberFunctionImpl):
(IPC::callMemberFunction):
(IPC::handleMessageDelayedWantsConnection):
* Scripts/webkit/messages.py:
* UIProcess/WebStorage/StorageManager.cpp:
(WebKit::StorageManager::getValues):
* UIProcess/WebStorage/StorageManager.h:
* UIProcess/WebStorage/StorageManager.messages.in:
Commit: 3074210eacfecdcd68da60ffd462da84288d4425
https://github.com/WebKit/WebKit/commit/3074210eacfecdcd68da60ffd462da84288d4425
Author: Alex Christensen <achristensen at apple.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/Scripts/webkit/LegacyMessageReceiver-expected.cpp
M Source/WebKit/Scripts/webkit/MessageReceiver-expected.cpp
Log Message:
-----------
Merge r241604 - Update IPC code generator unit test expectations after r241595
https://bugs.webkit.org/show_bug.cgi?id=194679
* Scripts/webkit/LegacyMessageReceiver-expected.cpp:
(WebKit::WebPage::didReceiveSyncWebPageMessage):
* Scripts/webkit/MessageReceiver-expected.cpp:
(WebKit::WebPage::didReceiveSyncMessage):
Commit: b1fdd13e16dd2c7709b49dc6759a3b9767be3de4
https://github.com/WebKit/WebKit/commit/b1fdd13e16dd2c7709b49dc6759a3b9767be3de4
Author: Youenn Fablet <youennf at gmail.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/page/Performance.cpp
Log Message:
-----------
Merge r241598 - Performance should not fire events when its context is stopped
https://bugs.webkit.org/show_bug.cgi?id=194689
Reviewed by Alex Christensen.
Stop the timer when its context is destroyed.
Add an assertion to ensure the timer does not fire after context is destroyed.
* page/Performance.cpp:
(WebCore::Performance::stop):
Commit: dcece15b97a7fc6e8dae02cf520b58f7ded64522
https://github.com/WebKit/WebKit/commit/dcece15b97a7fc6e8dae02cf520b58f7ded64522
Author: Youenn Fablet <youennf at gmail.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/Modules/websockets/WebSocket.cpp
M Source/WebCore/Modules/websockets/WebSocket.h
Log Message:
-----------
Merge r241599 - WebSocket should not fire events after being stopped
https://bugs.webkit.org/show_bug.cgi?id=194690
Reviewed by Geoffrey Garen.
dispatchOrQueueErrorEvent is scheduled using RunLoop::main().dispatch or dispatch_async.
This makes it possible to dispatch an event while WebSocket is already stopped.
Instead, use Document::postTask so that the task is only executed if WebSocket is not stopped.
As a refactoring, make use of PendingActivity to keep track of setPendingActivity/unsetPendingActivity more easily.
* Modules/websockets/WebSocket.cpp:
(WebCore::WebSocket::stop):
(WebCore::WebSocket::connect):
* Modules/websockets/WebSocket.h:
Commit: 1a647858fecd524cd0a3ba409d68b89de3498b33
https://github.com/WebKit/WebKit/commit/1a647858fecd524cd0a3ba409d68b89de3498b33
Author: Youenn Fablet <youennf at gmail.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/Modules/mediastream/NavigatorMediaDevices.idl
M Source/WebCore/bindings/scripts/CodeGeneratorJS.pm
M Source/WebCore/bindings/scripts/IDLAttributes.json
M Source/WebCore/dom/ScriptExecutionContext.cpp
M Source/WebCore/dom/ScriptExecutionContext.h
M Tools/ChangeLog
M Tools/TestWebKitAPI/Tests/WebKitCocoa/UserMediaDisabled.mm
Log Message:
-----------
Merge r241602 - Make navigator.mediaDevices SecureContext
https://bugs.webkit.org/show_bug.cgi?id=194666
Reviewed by Eric Carlson.
Source/WebCore:
Make navigator.mediaDevices SecureContext.
This can still be enabled for unsecure context using the existing page settings.
To cover that case, introduce ContextHasMediaDevices custom IDL keyword.
Covered by API test.
* Modules/mediastream/NavigatorMediaDevices.idl:
* bindings/scripts/CodeGeneratorJS.pm:
(GenerateRuntimeEnableConditionalString):
* bindings/scripts/IDLAttributes.json:
* dom/ScriptExecutionContext.cpp:
(WebCore::ScriptExecutionContext::hasMediaDevices const):
(WebCore::ScriptExecutionContext::hasServiceWorkerScheme const):
* dom/ScriptExecutionContext.h:
Tools:
* TestWebKitAPI/Tests/WebKitCocoa/UserMediaDisabled.mm:
(MediaCaptureDisabledTest::loadTestAndWaitForMessage):
(TEST_F):
Commit: 73168d9d0f4e721b01badcf3d59dc7af504308d1
https://github.com/WebKit/WebKit/commit/73168d9d0f4e721b01badcf3d59dc7af504308d1
Author: Youenn Fablet <youennf at gmail.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/network/FormData.h
M Source/WebCore/platform/network/ResourceErrorBase.h
M Source/WebCore/workers/service/context/ServiceWorkerFetch.cpp
M Source/WebCore/workers/service/context/ServiceWorkerFetch.h
M Source/WebCore/workers/service/context/ServiceWorkerThreadProxy.cpp
M Source/WebCore/workers/service/context/ServiceWorkerThreadProxy.h
M Source/WebKit/ChangeLog
M Source/WebKit/NetworkProcess/NetworkProcess.cpp
M Source/WebKit/NetworkProcess/NetworkProcess.h
M Source/WebKit/NetworkProcess/NetworkProcess.messages.in
M Source/WebKit/NetworkProcess/ServiceWorker/WebSWServerConnection.cpp
M Source/WebKit/NetworkProcess/ServiceWorker/WebSWServerConnection.h
M Source/WebKit/NetworkProcess/ServiceWorker/WebSWServerConnection.messages.in
M Source/WebKit/WebProcess/Storage/ServiceWorkerClientFetch.cpp
M Source/WebKit/WebProcess/Storage/ServiceWorkerClientFetch.h
M Source/WebKit/WebProcess/Storage/ServiceWorkerClientFetch.messages.in
M Source/WebKit/WebProcess/Storage/WebSWClientConnection.cpp
M Source/WebKit/WebProcess/Storage/WebSWClientConnection.h
M Source/WebKit/WebProcess/Storage/WebSWContextManagerConnection.cpp
M Source/WebKit/WebProcess/Storage/WebSWContextManagerConnection.h
M Source/WebKit/WebProcess/Storage/WebSWContextManagerConnection.messages.in
M Source/WebKit/WebProcess/Storage/WebServiceWorkerFetchTaskClient.cpp
M Source/WebKit/WebProcess/Storage/WebServiceWorkerFetchTaskClient.h
Log Message:
-----------
Merge r241603 - Make ServiceWorkerClientFetch closer to WebResourceLoader
https://bugs.webkit.org/show_bug.cgi?id=194651
Reviewed by Alex Christensen.
Source/WebCore:
Check for redirection response and if so call a specific client API.
Ensure ServiceWorkerFetch::Client gets called in the service worker thread proxy
so that its m_connection is only accessed on that thread.
Covered by existing tests.
* platform/network/FormData.h:
* platform/network/ResourceErrorBase.h:
* workers/service/context/ServiceWorkerFetch.cpp:
(WebCore::ServiceWorkerFetch::processResponse):
* workers/service/context/ServiceWorkerFetch.h:
* workers/service/context/ServiceWorkerThreadProxy.cpp:
(WebCore::ServiceWorkerThreadProxy::cancelFetch):
(WebCore::ServiceWorkerThreadProxy::continueDidReceiveFetchResponse):
* workers/service/context/ServiceWorkerThreadProxy.h:
Source/WebKit:
The goal of this refactoring is to, at some point use the regular network process load path for service worker loads.
This should simplify things and allow less IPC exchanges, for instance in the case of fetch not handled by service worker.
Introduce two IPC messages for supporting redirect responses and allow the didReceiveResponse/continueDidReceiveResponse
handshake for navigation loads.
This makes ServiceWorker having to buffer load information for this particular case.
* NetworkProcess/NetworkProcess.cpp:
(WebKit::NetworkProcess::didReceiveFetchRedirectResponse):
(WebKit::NetworkProcess::didReceiveFetchResponse):
* NetworkProcess/NetworkProcess.h:
* NetworkProcess/NetworkProcess.messages.in:
* NetworkProcess/ServiceWorker/WebSWServerConnection.cpp:
(WebKit::WebSWServerConnection::continueDidReceiveFetchResponse):
(WebKit::WebSWServerConnection::didReceiveFetchRedirectResponse):
(WebKit::WebSWServerConnection::didReceiveFetchResponse):
* NetworkProcess/ServiceWorker/WebSWServerConnection.h:
* NetworkProcess/ServiceWorker/WebSWServerConnection.messages.in:
* WebProcess/Storage/ServiceWorkerClientFetch.cpp:
(WebKit::ServiceWorkerClientFetch::start):
(WebKit::ServiceWorkerClientFetch::didReceiveRedirectResponse):
(WebKit::ServiceWorkerClientFetch::didReceiveResponse):
(WebKit::ServiceWorkerClientFetch::didReceiveData):
(WebKit::ServiceWorkerClientFetch::didFinish):
(WebKit::ServiceWorkerClientFetch::didFail):
(WebKit::ServiceWorkerClientFetch::didNotHandle):
(WebKit::ServiceWorkerClientFetch::cancel):
* WebProcess/Storage/ServiceWorkerClientFetch.h:
* WebProcess/Storage/ServiceWorkerClientFetch.messages.in:
* WebProcess/Storage/WebSWClientConnection.cpp:
(WebKit::WebSWClientConnection::startFetch):
(WebKit::WebSWClientConnection::cancelFetch):
(WebKit::WebSWClientConnection::continueDidReceiveFetchResponse):
* WebProcess/Storage/WebSWClientConnection.h:
* WebProcess/Storage/WebSWContextManagerConnection.cpp:
(WebKit::WebSWContextManagerConnection::continueDidReceiveFetchResponse):
(WebKit::WebSWContextManagerConnection::startFetch):
* WebProcess/Storage/WebSWContextManagerConnection.h:
* WebProcess/Storage/WebSWContextManagerConnection.messages.in:
* WebProcess/Storage/WebServiceWorkerFetchTaskClient.cpp:
(WebKit::WebServiceWorkerFetchTaskClient::WebServiceWorkerFetchTaskClient):
(WebKit::WebServiceWorkerFetchTaskClient::didReceiveRedirection):
(WebKit::WebServiceWorkerFetchTaskClient::didReceiveResponse):
(WebKit::WebServiceWorkerFetchTaskClient::didReceiveData):
(WebKit::WebServiceWorkerFetchTaskClient::didReceiveFormDataAndFinish):
(WebKit::WebServiceWorkerFetchTaskClient::didFail):
(WebKit::WebServiceWorkerFetchTaskClient::didFinish):
(WebKit::WebServiceWorkerFetchTaskClient::continueDidReceiveResponse):
* WebProcess/Storage/WebServiceWorkerFetchTaskClient.h:
Commit: 6d6b3d089ef46746e7c24c20393c6a2ceda23be6
https://github.com/WebKit/WebKit/commit/6d6b3d089ef46746e7c24c20393c6a2ceda23be6
Author: Youenn Fablet <youennf at gmail.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/WebProcess/Storage/WebServiceWorkerFetchTaskClient.h
Log Message:
-----------
Merge r241609 - Make ServiceWorkerClientFetch closer to WebResourceLoader
https://bugs.webkit.org/show_bug.cgi?id=194651
Unreviewed, build fix for WPE.
* WebProcess/Storage/WebServiceWorkerFetchTaskClient.h:
Commit: 15c36ce0ce90b2b3801161b8e6fc8b68254b2a2d
https://github.com/WebKit/WebKit/commit/15c36ce0ce90b2b3801161b8e6fc8b68254b2a2d
Author: Per Arne Vollan <pvollan at apple.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M LayoutTests/ChangeLog
M LayoutTests/media/track/captions-webvtt/css-styling.vtt
M Source/WebCore/ChangeLog
M Source/WebCore/html/track/WebVTTParser.cpp
Log Message:
-----------
Merge r241608 - [WebVTT] Inline WebVTT styles should start with '::cue'
https://bugs.webkit.org/show_bug.cgi?id=194227
Reviewed by Eric Carlson.
Source/WebCore:
The original fix in r241203 is not sufficient, since it only checks if the CSS string starts
with '::cue'. Before accepting a CSS string from a WebVTT file, it should be checked that
all selectors starts with '::cue'.
Test: media/track/track-cue-css.html
* html/track/WebVTTParser.cpp:
(WebCore::WebVTTParser::checkAndStoreStyleSheet):
LayoutTests:
Add invalid 'STYLE' blocks which the WebVTT parser should reject.
* media/track/captions-webvtt/css-styling.vtt:
Commit: 9b8caced07e26a15203f5579bb9d07865837c361
https://github.com/WebKit/WebKit/commit/9b8caced07e26a15203f5579bb9d07865837c361
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/dfg/DFGWorklist.cpp
M Source/JavaScriptCore/wasm/WasmWorklist.cpp
Log Message:
-----------
Merge r241610 - [JSC] DFG, FTL, and Wasm worklist creation should be fenced
https://bugs.webkit.org/show_bug.cgi?id=194714
Reviewed by Mark Lam.
Let's consider about the following extreme case.
1. VM (A) is created.
2. Another VM (B) is created on a different thread.
3. (A) is being destroyed. It calls DFG::existingWorklistForIndexOrNull in a destructor.
4. At the same time, (B) starts using DFG Worklist and it is instantiated in call_once.
5. But (A) reads the pointer directly through DFG::existingWorklistForIndexOrNull.
6. (A) sees the half-baked worklist, which may be in the middle of creation.
This patch puts store-store fence just before putting a pointer to a global variable.
This fence is executed only three times at most, for DFG, FTL, and Wasm worklist initializations.
* dfg/DFGWorklist.cpp:
(JSC::DFG::ensureGlobalDFGWorklist):
(JSC::DFG::ensureGlobalFTLWorklist):
* wasm/WasmWorklist.cpp:
(JSC::Wasm::ensureWorklist):
Commit: 48e47bc0d47ab170fdb4dd61190700802be463c3
https://github.com/WebKit/WebKit/commit/48e47bc0d47ab170fdb4dd61190700802be463c3
Author: Robin Morisset <rmorisset at apple.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/regexp-replace-double-watchpoint.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/bytecode/CodeBlock.cpp
M Source/JavaScriptCore/dfg/DFGCommonData.cpp
M Source/JavaScriptCore/dfg/DFGCommonData.h
Log Message:
-----------
Merge r241613 - [JSC] CodeBlock::jettison should clear related watchpoints
https://bugs.webkit.org/show_bug.cgi?id=194544
Reviewed by Mark Lam.
* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::jettison):
* dfg/DFGCommonData.h:
(JSC::DFG::CommonData::clearWatchpoints): Added.
* dfg/CommonData.cpp:
(JSC::DFG::CommonData::clearWatchpoints): Added.
Commit: 189a6bf3b18b3b639883f9bcb1233d0ba05052fb
https://github.com/WebKit/WebKit/commit/189a6bf3b18b3b639883f9bcb1233d0ba05052fb
Author: Mark Lam <mark.lam at apple.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/sampling-profiler-stack-trace-with-double-quote-in-function-name.js
A JSTests/stress/type-profiler-with-double-quote-in-constructor-name.js
A JSTests/stress/type-profiler-with-double-quote-in-field-name.js
A JSTests/stress/type-profiler-with-double-quote-in-optional-field-name.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/runtime/SamplingProfiler.cpp
M Source/JavaScriptCore/runtime/TypeSet.cpp
Log Message:
-----------
Merge r241615 - SamplingProfiler::stackTracesAsJSON() should escape strings.
https://bugs.webkit.org/show_bug.cgi?id=194649
<rdar://problem/48072386>
Reviewed by Saam Barati.
JSTests:
* stress/sampling-profiler-stack-trace-with-double-quote-in-function-name.js: Added.
* stress/type-profiler-with-double-quote-in-constructor-name.js: Added.
* stress/type-profiler-with-double-quote-in-field-name.js: Added.
* stress/type-profiler-with-double-quote-in-optional-field-name.js: Added.
Source/JavaScriptCore:
Ditto for TypeSet::toJSONString() and TypeSet::toJSONString().
* runtime/SamplingProfiler.cpp:
(JSC::SamplingProfiler::stackTracesAsJSON):
* runtime/TypeSet.cpp:
(JSC::TypeSet::toJSONString const):
(JSC::StructureShape::toJSONString const):
Commit: 5feddc3a5f4e893df921e81ccfaf514b36e93ef7
https://github.com/WebKit/WebKit/commit/5feddc3a5f4e893df921e81ccfaf514b36e93ef7
Author: Nikita Vasilyev <nvasilyev at apple.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/inspector/css/modify-inline-style-expected.txt
A LayoutTests/inspector/css/modify-inline-style.html
M Source/WebInspectorUI/ChangeLog
M Source/WebInspectorUI/UserInterface/Models/DOMNodeStyles.js
Log Message:
-----------
Merge r241623 - Web Inspector: Styles: valid values in style attributes are reported as unsupported property values
https://bugs.webkit.org/show_bug.cgi?id=194619
<rdar://problem/47917373>
Source/WebInspectorUI:
Reviewed by Devin Rousso.
Payload of inline styles may contain `range` that doesn't match
the actual text of the payload - it has an extra empty line at the end.
Mismatching ranges caused data corruption.
* UserInterface/Models/DOMNodeStyles.js:
(WI.DOMNodeStyles.prototype._parseStylePropertyPayload):
LayoutTests:
Reviewed by Devin Rousso and Joseph Pecoraro.
* inspector/css/modify-inline-style-expected.txt: Added.
* inspector/css/modify-inline-style.html: Added.
Commit: 24fae77349230b0dbfba9b1069e235fde19fa0aa
https://github.com/WebKit/WebKit/commit/24fae77349230b0dbfba9b1069e235fde19fa0aa
Author: Ryosuke Niwa <rniwa at webkit.org>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M LayoutTests/ChangeLog
M LayoutTests/platform/mac-wk1/TestExpectations
A LayoutTests/plugins/unsupported-plugin-with-replacement-in-iframe-crash-expected.txt
A LayoutTests/plugins/unsupported-plugin-with-replacement-in-iframe-crash.html
M Source/WebCore/ChangeLog
M Source/WebCore/html/HTMLPlugInElement.cpp
Log Message:
-----------
Merge r241626 - Crash in the hit testing code via HTMLPlugInElement::isReplacementObscured()
https://bugs.webkit.org/show_bug.cgi?id=194691
Reviewed by Simon Fraser.
Source/WebCore:
The crash was caused by HTMLPlugInElement::isReplacementObscured updating the document
without updating the layout of ancestor documents (i.e. documents in which frame owner
elements appear) even though it hit-tests against the top-level document's RenderView.
Fixed the bug by updating the layout of the top-level document as needed.
Test: plugins/unsupported-plugin-with-replacement-in-iframe-crash.html
* html/HTMLPlugInElement.cpp:
(WebCore::HTMLPlugInElement::isReplacementObscured):
LayoutTests:
Added a regression test. It hits the newly added debug assertion without the fix.
* platform/mac-wk1/TestExpectations: Skip the test since DumpRenderTree doesn't support
testRunner.setPluginSupportedMode.
* plugins/unsupported-plugin-with-replacement-in-iframe-crash-expected.txt: Added.
* plugins/unsupported-plugin-with-replacement-in-iframe-crash.html: Added.
Commit: c59d9bf0c8f8c24b3b2b1de7f1cecf2400359674
https://github.com/WebKit/WebKit/commit/c59d9bf0c8f8c24b3b2b1de7f1cecf2400359674
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/runtime/InitializeThreading.cpp
M Source/JavaScriptCore/runtime/JSLock.cpp
Log Message:
-----------
Merge r241630 - [JSC] Do not initialize Wasm related data if Wasm is not enabled
https://bugs.webkit.org/show_bug.cgi?id=194728
Reviewed by Mark Lam.
Under non-JIT mode, these data structures are unnecessary. Should not allocate extra memory for that.
* runtime/InitializeThreading.cpp:
(JSC::initializeThreading):
* runtime/JSLock.cpp:
(JSC::JSLock::didAcquireLock):
Commit: ca12d427fd57fb388ad2e7fc62d51adac2f63369
https://github.com/WebKit/WebKit/commit/ca12d427fd57fb388ad2e7fc62d51adac2f63369
Author: Chris Dumez <cdumez at apple.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/page/Page.cpp
Log Message:
-----------
Merge r241632 - Sample domainsVisited diagnostic logging
https://bugs.webkit.org/show_bug.cgi?id=194657
Reviewed by Ryosuke Niwa.
Sample domainsVisited diagnostic logging, we are getting a lot of data from
this key and this is hurting our other keys.
* page/Page.cpp:
(WebCore::Page::logNavigation):
Commit: a19a9680c405db1fce26870a784b86b0ec7feb25
https://github.com/WebKit/WebKit/commit/a19a9680c405db1fce26870a784b86b0ec7feb25
Author: Michael Saboff <msaboff at apple.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/regexp-unicode-within-string.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/yarr/YarrJIT.cpp
Log Message:
-----------
Merge r241634 - RELEASE_ASSERT at com.apple.JavaScriptCore: JSC::jsSubstringOfResolved
https://bugs.webkit.org/show_bug.cgi?id=194558
Reviewed by Saam Barati.
JSTests:
New regression test.
* stress/regexp-unicode-within-string.js: Added.
Source/JavaScriptCore:
Added an in bounds check before the read of the next character for Unicode regular expressions
for pattern generation that didn't already have such checks.
* yarr/YarrJIT.cpp:
(JSC::Yarr::YarrGenerator::generatePatternCharacterOnce):
(JSC::Yarr::YarrGenerator::generatePatternCharacterFixed):
(JSC::Yarr::YarrGenerator::generateCharacterClassOnce):
(JSC::Yarr::YarrGenerator::generateCharacterClassFixed):
Commit: 31de38470f1c91694fde3f3b2d93c1a4db6fe251
https://github.com/WebKit/WebKit/commit/31de38470f1c91694fde3f3b2d93c1a4db6fe251
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/runtime/JSGlobalObject.cpp
M Source/JavaScriptCore/runtime/JSGlobalObject.h
M Source/WebCore/ChangeLog
M Source/WebCore/Modules/streams/ReadableByteStreamInternals.js
Log Message:
-----------
Merge r241637 - [JSC] Make builtin objects more lazily initialized under non-JIT mode
https://bugs.webkit.org/show_bug.cgi?id=194727
Reviewed by Saam Barati.
Source/JavaScriptCore:
Boolean, Symbol, and Number constructors and prototypes are initialized eagerly, but this is largely
because concurrent compiler can touch NumberPrototype etc. when traversing object's prototypes. This
means that eager initialization is not necessary under non-JIT mode. While we can investigate all the
accesses to these prototypes from the concurrent compiler threads, this "lazily initialize under non-JIT"
is safe and beneficial to non-JIT mode. This patch lazily initializes them under non-JIT mode, and
drop some @Number references to avoid eager initialization. This removes some object allocations and 1
MarkedBlock allocation just for Symbols.
* runtime/JSGlobalObject.cpp:
(JSC::JSGlobalObject::init):
(JSC::JSGlobalObject::visitChildren):
* runtime/JSGlobalObject.h:
(JSC::JSGlobalObject::numberToStringWatchpoint):
(JSC::JSGlobalObject::booleanPrototype const):
(JSC::JSGlobalObject::numberPrototype const):
(JSC::JSGlobalObject::symbolPrototype const):
(JSC::JSGlobalObject::booleanObjectStructure const):
(JSC::JSGlobalObject::symbolObjectStructure const):
(JSC::JSGlobalObject::numberObjectStructure const):
(JSC::JSGlobalObject::stringObjectStructure const):
Source/WebCore:
* Modules/streams/ReadableByteStreamInternals.js:
(privateInitializeReadableByteStreamController):
(readableByteStreamControllerRespond):
Commit: 82115a775cadfdab7c610579667525a992560995
https://github.com/WebKit/WebKit/commit/82115a775cadfdab7c610579667525a992560995
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/runtime/JSGlobalObject.cpp
M Source/JavaScriptCore/runtime/RegExpCache.cpp
M Source/JavaScriptCore/runtime/RegExpCache.h
M Source/JavaScriptCore/runtime/RegExpCachedResult.cpp
M Source/JavaScriptCore/runtime/RegExpCachedResult.h
M Source/JavaScriptCore/runtime/VM.cpp
Log Message:
-----------
Merge r241640 - [JSC] Lazily create empty RegExp
https://bugs.webkit.org/show_bug.cgi?id=194735
Reviewed by Keith Miller.
Some scripts do not have any RegExp. In that case, allocating MarkedBlock for RegExp is costly.
Previously, there was always one RegExp, "empty RegExp". This patch lazily creates it and drop
one MarkedBlock.
* runtime/JSGlobalObject.cpp:
(JSC::JSGlobalObject::init):
* runtime/RegExpCache.cpp:
(JSC::RegExpCache::ensureEmptyRegExpSlow):
(JSC::RegExpCache::initialize): Deleted.
* runtime/RegExpCache.h:
(JSC::RegExpCache::ensureEmptyRegExp):
(JSC::RegExpCache::emptyRegExp const): Deleted.
* runtime/RegExpCachedResult.cpp:
(JSC::RegExpCachedResult::lastResult):
* runtime/RegExpCachedResult.h:
* runtime/VM.cpp:
(JSC::VM::VM):
Commit: be27e9cdc2406d9c33c25cffe9771e30da0edb8a
https://github.com/WebKit/WebKit/commit/be27e9cdc2406d9c33c25cffe9771e30da0edb8a
Author: Youenn Fablet <youennf at gmail.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/NetworkProcess/NetworkDataTask.cpp
Log Message:
-----------
Merge r241641 - NetworkDataTask should check its client before calling shouldCaptureExtraNetworkLoadMetrics
https://bugs.webkit.org/show_bug.cgi?id=194732
Reviewed by Geoffrey Garen.
NetworkDataTask may be kept alive if refing it after its NetworkLoad is gone.
This might happen for instance in DownloadManager or when checking for TLS certificates.
In that case, if the NetworkLoad gets destroyed, it clears the client of the NetworkDataTask.
To ensure that NetworkDataTask does not try to use its client, add a null check.
* NetworkProcess/NetworkDataTask.cpp:
(WebKit::NetworkDataTask::shouldCaptureExtraNetworkLoadMetrics const):
Commit: dfe2ef30f448cb4e117419df9154eb476c535d06
https://github.com/WebKit/WebKit/commit/dfe2ef30f448cb4e117419df9154eb476c535d06
Author: Joseph Pecoraro <pecoraro at apple.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M Source/WebInspectorUI/ChangeLog
M Source/WebInspectorUI/UserInterface/Protocol/RemoteObject.js
M Source/WebInspectorUI/UserInterface/Views/ConsoleMessageView.js
Log Message:
-----------
Merge r241643 - Web Inspector: Logging a native function to the console, such as `alert`, produces unhandled rejection
https://bugs.webkit.org/show_bug.cgi?id=194740
Patch by Joseph Pecoraro <pecoraro at apple.com> on 2019-02-15
Reviewed by Matt Baker.
* UserInterface/Protocol/RemoteObject.js:
(WI.RemoteObject.prototype.findFunctionSourceCodeLocation):
In case of a protocol error (common when attempting to get a location
for a native function) produce the NoSourceFound result.
* UserInterface/Views/ConsoleMessageView.js:
(WI.ConsoleMessageView.prototype._appendLocationLink):
Simplify with an arrow function.
Commit: 603c0fe1e70e683883b84de59bf63905735fbc9b
https://github.com/WebKit/WebKit/commit/603c0fe1e70e683883b84de59bf63905735fbc9b
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/builtins/BuiltinNames.h
M Source/JavaScriptCore/builtins/ObjectConstructor.js
M Source/JavaScriptCore/runtime/JSGlobalObject.cpp
Log Message:
-----------
Merge r241644 - [JSC] Remove unused global private variables
https://bugs.webkit.org/show_bug.cgi?id=194741
Reviewed by Joseph Pecoraro.
There are some private functions and constants that are no longer referenced from builtin JS code.
This patch cleans up them.
* builtins/BuiltinNames.h:
* builtins/ObjectConstructor.js:
(entries):
* runtime/JSGlobalObject.cpp:
(JSC::JSGlobalObject::init):
Commit: e33ef209d0407d1e1acf25eabcfa8555d526c0ba
https://github.com/WebKit/WebKit/commit/e33ef209d0407d1e1acf25eabcfa8555d526c0ba
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/bytecode/UnlinkedFunctionExecutable.cpp
M Source/JavaScriptCore/bytecode/UnlinkedFunctionExecutable.h
M Source/JavaScriptCore/debugger/DebuggerLocation.cpp
M Source/JavaScriptCore/inspector/ScriptDebugServer.cpp
M Source/JavaScriptCore/parser/Lexer.h
M Source/JavaScriptCore/parser/Parser.h
M Source/JavaScriptCore/parser/SourceProvider.h
M Source/JavaScriptCore/runtime/CachedTypes.cpp
M Source/JavaScriptCore/runtime/CodeCache.cpp
M Source/JavaScriptCore/runtime/CodeCache.h
M Source/JavaScriptCore/runtime/FunctionExecutable.h
M Source/JavaScriptCore/runtime/SamplingProfiler.cpp
Log Message:
-----------
Merge r241645 - [JSC] Shrink UnlinkedFunctionExecutable
https://bugs.webkit.org/show_bug.cgi?id=194733
Reviewed by Mark Lam.
UnlinkedFunctionExecutable has sourceURLDirective and sourceMappingURLDirective. These
directives can be found in the comment of non typical function's source code (Program,
Eval code, and Global function from function constructor etc.), and tricky thing is that
SourceProvider's directives are updated by Parser. The reason why we have these fields in
UnlinkedFunctionExecutable is that we need to update the SourceProvider's directives even
if we skip parsing by using CodeCache. These fields are effective only if (1)
UnlinkedFunctionExecutable is for non typical function things, and (2) it has sourceURLDirective
or sourceMappingURLDirective. This is rare enough to purge them to a separated
UnlinkedFunctionExecutable::RareData to make UnlinkedFunctionExecutable small.
sizeof(UnlinkedFunctionExecutable) is very important since it is super frequently allocated
cell. Furthermore, the current JSC allocates two MarkedBlocks for UnlinkedFunctionExecutable
in JSGlobalObject initialization, but the usage of the second MarkedBlock is quite low (8%).
If we can reduce the size of UnlinkedFunctionExecutable, we can make them one MarkedBlock.
Since UnlinkedFunctionExecutable is allocated from IsoSubspace, we do not need to fit it to
one of size class.
This patch adds RareData to UnlinkedFunctionExecutable and move some rare datas into RareData.
And kill one MarkedBlock allocation in JSC initialization phase.
* bytecode/UnlinkedFunctionExecutable.cpp:
(JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable):
(JSC::UnlinkedFunctionExecutable::ensureRareDataSlow):
* bytecode/UnlinkedFunctionExecutable.h:
* debugger/DebuggerLocation.cpp:
(JSC::DebuggerLocation::DebuggerLocation):
* inspector/ScriptDebugServer.cpp:
(Inspector::ScriptDebugServer::dispatchDidParseSource):
* parser/Lexer.h:
(JSC::Lexer::sourceURLDirective const):
(JSC::Lexer::sourceMappingURLDirective const):
(JSC::Lexer::sourceURL const): Deleted.
(JSC::Lexer::sourceMappingURL const): Deleted.
* parser/Parser.h:
(JSC::Parser<LexerType>::parse):
* parser/SourceProvider.h:
(JSC::SourceProvider::sourceURLDirective const):
(JSC::SourceProvider::sourceMappingURLDirective const):
(JSC::SourceProvider::setSourceURLDirective):
(JSC::SourceProvider::setSourceMappingURLDirective):
(JSC::SourceProvider::sourceURL const): Deleted. We rename it from sourceURL to sourceURLDirective
since it is the correct name.
(JSC::SourceProvider::sourceMappingURL const): Deleted. We rename it from sourceMappingURL to
sourceMappingURLDirective since it is the correct name.
* runtime/CachedTypes.cpp:
(JSC::CachedSourceProviderShape::encode):
(JSC::CachedFunctionExecutableRareData::encode):
(JSC::CachedFunctionExecutableRareData::decode const): CachedFunctionExecutable did not have
sourceMappingURL to sourceMappingURLDirective. So this patch keeps the same logic.
(JSC::CachedFunctionExecutable::rareData const):
(JSC::CachedFunctionExecutable::encode):
(JSC::CachedFunctionExecutable::decode const):
(JSC::UnlinkedFunctionExecutable::UnlinkedFunctionExecutable):
* runtime/CodeCache.cpp:
(JSC::CodeCache::getUnlinkedGlobalCodeBlock):
(JSC::CodeCache::getUnlinkedGlobalFunctionExecutable):
* runtime/CodeCache.h:
(JSC::generateUnlinkedCodeBlockImpl):
* runtime/FunctionExecutable.h:
* runtime/SamplingProfiler.cpp:
(JSC::SamplingProfiler::StackFrame::url):
Commit: 51aba829471b3544273d85f6c5216fcbd0ca97ee
https://github.com/WebKit/WebKit/commit/51aba829471b3544273d85f6c5216fcbd0ca97ee
Author: Alan Bujtas <zalan at apple.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/fast/block/block-only/min-max-and-preferred-width-simple-expected.html
A LayoutTests/fast/block/block-only/min-max-and-preferred-width-simple.html
M Source/WebCore/ChangeLog
M Source/WebCore/layout/blockformatting/BlockFormattingContextGeometry.cpp
M Tools/ChangeLog
M Tools/LayoutReloaded/misc/LFC-passing-tests.txt
Log Message:
-----------
Merge r241646 - [LFC] Apply min/max width constraints to preferred width computation
https://bugs.webkit.org/show_bug.cgi?id=194739
Reviewed by Simon Fraser.
Source/WebCore:
Ensure that both min-height and max-height are taken into account while computing the preferred width.
Test: fast/block/block-only/min-max-and-preferred-width-simple.html
* layout/blockformatting/BlockFormattingContextGeometry.cpp:
(WebCore::Layout::BlockFormattingContext::Geometry::intrinsicWidthConstraints):
Tools:
* LayoutReloaded/misc/LFC-passing-tests.txt:
LayoutTests:
* fast/block/block-only/min-max-and-preferred-width-simple-expected.html: Added.
* fast/block/block-only/min-max-and-preferred-width-simple.html: Added.
Commit: 28c526f47feda00179d7155959d90194e02cd5f9
https://github.com/WebKit/WebKit/commit/28c526f47feda00179d7155959d90194e02cd5f9
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/runtime/BigIntObject.cpp
M Source/JavaScriptCore/runtime/BooleanConstructor.cpp
M Source/JavaScriptCore/runtime/BooleanObject.cpp
M Source/JavaScriptCore/runtime/BooleanObject.h
M Source/JavaScriptCore/runtime/DateInstance.cpp
M Source/JavaScriptCore/runtime/DateInstance.h
M Source/JavaScriptCore/runtime/DatePrototype.cpp
M Source/JavaScriptCore/runtime/JSCPoison.h
M Source/JavaScriptCore/runtime/JSWrapperObject.h
M Source/JavaScriptCore/runtime/NumberObject.cpp
M Source/JavaScriptCore/runtime/NumberObject.h
M Source/JavaScriptCore/runtime/StringConstructor.cpp
M Source/JavaScriptCore/runtime/StringObject.cpp
M Source/JavaScriptCore/runtime/StringObject.h
M Source/JavaScriptCore/runtime/SymbolObject.cpp
M Source/JavaScriptCore/runtime/SymbolObject.h
Log Message:
-----------
Merge r241649 - [JSC] JSWrapperObject should not be destructible
https://bugs.webkit.org/show_bug.cgi?id=194743
Reviewed by Saam Barati.
JSWrapperObject should be just a wrapper object for JSValue, thus, it should not be a JSDestructibleObject.
Currently it is destructible object because DateInstance uses it. This patch changes Base of DateInstance from
JSWrapperObject to JSDestructibleObject, and makes JSWrapperObject non-destructible.
* runtime/BigIntObject.cpp:
(JSC::BigIntObject::BigIntObject):
* runtime/BooleanConstructor.cpp:
(JSC::BooleanConstructor::finishCreation):
* runtime/BooleanObject.cpp:
(JSC::BooleanObject::BooleanObject):
* runtime/BooleanObject.h:
* runtime/DateInstance.cpp:
(JSC::DateInstance::DateInstance):
(JSC::DateInstance::finishCreation):
* runtime/DateInstance.h:
* runtime/DatePrototype.cpp:
(JSC::dateProtoFuncGetTime):
(JSC::dateProtoFuncSetTime):
(JSC::setNewValueFromTimeArgs):
(JSC::setNewValueFromDateArgs):
(JSC::dateProtoFuncSetYear):
* runtime/JSCPoison.h:
* runtime/JSWrapperObject.h:
(JSC::JSWrapperObject::JSWrapperObject):
* runtime/NumberObject.cpp:
(JSC::NumberObject::NumberObject):
* runtime/NumberObject.h:
* runtime/StringConstructor.cpp:
(JSC::StringConstructor::finishCreation):
* runtime/StringObject.cpp:
(JSC::StringObject::StringObject):
* runtime/StringObject.h:
(JSC::StringObject::internalValue const):
* runtime/SymbolObject.cpp:
(JSC::SymbolObject::SymbolObject):
* runtime/SymbolObject.h:
Commit: 62bf234d0e0d1b03e2d26153212660d134ab2ece
https://github.com/WebKit/WebKit/commit/62bf234d0e0d1b03e2d26153212660d134ab2ece
Author: mattbaker at apple.com <mattbaker at apple.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M LayoutTests/ChangeLog
M LayoutTests/inspector/table/resources/table-utilities.js
R LayoutTests/inspector/unit-tests/index-set-expected.txt
R LayoutTests/inspector/unit-tests/index-set.html
M LayoutTests/inspector/unit-tests/set-utilities-expected.txt
M LayoutTests/inspector/unit-tests/set-utilities.html
M Source/WebInspectorUI/ChangeLog
R Source/WebInspectorUI/UserInterface/Base/IndexSet.js
M Source/WebInspectorUI/UserInterface/Base/Utilities.js
M Source/WebInspectorUI/UserInterface/Controllers/SelectionController.js
M Source/WebInspectorUI/UserInterface/Main.html
M Source/WebInspectorUI/UserInterface/Test.html
M Source/WebInspectorUI/UserInterface/Views/CookieStorageContentView.js
M Source/WebInspectorUI/UserInterface/Views/DOMTreeOutline.js
M Source/WebInspectorUI/UserInterface/Views/NetworkTableContentView.js
M Source/WebInspectorUI/UserInterface/Views/Table.js
M Source/WebInspectorUI/UserInterface/Views/TreeOutline.js
Log Message:
-----------
Merge r241652 - Web Inspector: Frontend performance is very slow reloading theverge.com - 50% of time in TreeOutline _indexOfTreeElement
https://bugs.webkit.org/show_bug.cgi?id=193605
<rdar://problem/47403986>
Reviewed by Devin Rousso.
Source/WebInspectorUI:
SelectionController should track an unordered Set of represented objects
instead of an ordered set of indexes. This eliminates the costly and
error-prone updates needed to keep the selected indexes in sync as items
are added and removed from TreeOutline (and Table, to a far lesser extent).
The SelectionController interface is largely the same. Class and delegate
methods have been renamed to reflect the change from indexes to objects.
SelectionController tracks selected items in selection order. For the
operations that rely on objects being in insertion order, the controller
uses a comparator function provided at construction time.
* UserInterface/Base/IndexSet.js: Removed.
No longer used. SelectionController now uses a plain Set.
* UserInterface/Base/Utilities.js:
(value):
(get return):
Add utilities previously supplied by IndexSet and used by SelectionController.
* UserInterface/Controllers/SelectionController.js:
(WI.SelectionController):
(WI.SelectionController.prototype.get lastSelectedItem):
(WI.SelectionController.prototype.get selectedItems):
(WI.SelectionController.prototype.set allowsMultipleSelection):
(WI.SelectionController.prototype.hasSelectedItem):
(WI.SelectionController.prototype.selectItem):
(WI.SelectionController.prototype.deselectItem):
(WI.SelectionController.prototype.selectAll):
(WI.SelectionController.prototype.deselectAll):
(WI.SelectionController.prototype.removeSelectedItems):
(WI.SelectionController.prototype.reset):
(WI.SelectionController.prototype.didRemoveItems):
(WI.SelectionController.prototype.handleKeyDown):
(WI.SelectionController.prototype.handleItemMouseDown):
(WI.SelectionController.prototype._deselectAllAndSelect):
(WI.SelectionController.prototype._selectItemsFromArrowKey):
(WI.SelectionController.prototype._firstSelectableItem):
(WI.SelectionController.prototype._lastSelectableItem):
(WI.SelectionController.prototype._previousSelectableItem):
(WI.SelectionController.prototype._nextSelectableItem):
(WI.SelectionController.prototype._updateSelectedItems):
(WI.SelectionController.prototype._addRange):
(WI.SelectionController.prototype._deleteRange):
(WI.SelectionController.prototype.get numberOfItems): Deleted.
(WI.SelectionController.prototype.didInsertItem): Deleted.
(WI.SelectionController.prototype.handleItemMouseDown.normalizeRange): Deleted.
(WI.SelectionController.prototype._nextSelectableIndex): Deleted.
(WI.SelectionController.prototype._previousSelectableIndex): Deleted.
* UserInterface/Main.html:
* UserInterface/Test.html:
Remove IndexSet.
* UserInterface/Views/CookieStorageContentView.js:
(WI.CookieStorageContentView.prototype.tableIndexForRepresentedObject):
(WI.CookieStorageContentView.prototype.tableRepresentedObjectForIndex):
* UserInterface/Views/DOMTreeOutline.js:
(WI.DOMTreeOutline.prototype.objectForSelection):
* UserInterface/Views/NetworkTableContentView.js:
(WI.NetworkTableContentView.prototype.tableIndexForRepresentedObject):
(WI.NetworkTableContentView.prototype.tableRepresentedObjectForIndex):
* UserInterface/Views/Table.js:
(WI.Table):
(WI.Table.prototype.get selectedRow):
(WI.Table.prototype.get selectedRows):
(WI.Table.prototype.isRowSelected):
(WI.Table.prototype.selectRow):
(WI.Table.prototype.deselectRow):
(WI.Table.prototype.removeRow):
(WI.Table.prototype.removeSelectedRows):
(WI.Table.prototype.selectionControllerSelectionDidChange):
(WI.Table.prototype.selectionControllerFirstSelectableItem):
(WI.Table.prototype.selectionControllerLastSelectableItem):
(WI.Table.prototype.selectionControllerPreviousSelectableItem):
(WI.Table.prototype.selectionControllerNextSelectableItem):
(WI.Table.prototype._handleMouseDown):
(WI.Table.prototype._removeRows):
(WI.Table.prototype._indexForRepresentedObject):
(WI.Table.prototype._representedObjectForIndex):
(WI.Table.prototype.selectionControllerNumberOfItems): Deleted.
(WI.Table.prototype.selectionControllerNextSelectableIndex): Deleted.
(WI.Table.prototype.selectionControllerPreviousSelectableIndex): Deleted.
(WI.Table.prototype._toggleSelectedRowStyle): Deleted.
* UserInterface/Views/TreeOutline.js:
(WI.TreeOutline.compareSiblings):
(WI.TreeOutline):
(WI.TreeOutline.prototype.get selectedTreeElement):
(WI.TreeOutline.prototype.set selectedTreeElement):
(WI.TreeOutline.prototype.get selectedTreeElements):
(WI.TreeOutline.prototype.removeChildAtIndex):
(WI.TreeOutline.prototype.removeChildren):
(WI.TreeOutline.prototype._rememberTreeElement):
(WI.TreeOutline.prototype.getCachedTreeElement):
(WI.TreeOutline.prototype.selectionControllerSelectionDidChange):
(WI.TreeOutline.prototype.selectionControllerFirstSelectableItem):
(WI.TreeOutline.prototype.selectionControllerLastSelectableItem):
(WI.TreeOutline.prototype.selectionControllerPreviousSelectableItem):
(WI.TreeOutline.prototype.selectionControllerNextSelectableItem):
(WI.TreeOutline.prototype.objectForSelection):
(WI.TreeOutline._generateStyleRulesIfNeeded):
(WI.TreeOutline.prototype.selectionControllerNextSelectableIndex): Deleted.
(WI.TreeOutline.prototype.selectionControllerPreviousSelectableIndex): Deleted.
(WI.TreeOutline._generateStyleRulesIfNeeded._indexesForSubtree.numberOfElementsInSubtree): Deleted.
LayoutTests:
* inspector/table/resources/table-utilities.js:
(TestPage.registerInitializer.InspectorTest.TableDataSource.prototype.tableIndexForRepresentedObject):
(TestPage.registerInitializer.InspectorTest.TableDataSource.prototype.tableRepresentedObjectForIndex):
(TestPage.registerInitializer.InspectorTest.TableDataSource):
New Table data source methods.
* inspector/unit-tests/index-set-expected.txt: Removed.
* inspector/unit-tests/index-set.html: Removed.
* inspector/unit-tests/set-utilities-expected.txt:
* inspector/unit-tests/set-utilities.html:
Remove IndexSet tests and update tests for Set utilities to include new
helper methods `equals` and `difference`, and `firstValue`.
Commit: b4bf35fc5f270c4cb82c5b9d8d9fa36848f35e79
https://github.com/WebKit/WebKit/commit/b4bf35fc5f270c4cb82c5b9d8d9fa36848f35e79
Author: Saam Barati <sbarati at apple.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/incremental-marking-should-not-dead-lock-in-new-property-transition.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/heap/Heap.cpp
M Source/JavaScriptCore/runtime/Structure.cpp
Log Message:
-----------
Merge r241655 - Deadlock when adding a Structure property transition and then doing incremental marking
https://bugs.webkit.org/show_bug.cgi?id=194767
Reviewed by Mark Lam.
JSTests:
* stress/incremental-marking-should-not-dead-lock-in-new-property-transition.js: Added.
Source/JavaScriptCore:
This can happen in the following scenario:
You have a Structure S. S is on the mark stack. Then:
1. S grabs its lock
2. S adds a new property transition
3. We find out we need to do some incremental marking
4. We mark S
5. visitChildren on S will try to grab its lock
6. We are now in a deadlock
* heap/Heap.cpp:
(JSC::Heap::performIncrement):
* runtime/Structure.cpp:
(JSC::Structure::addNewPropertyTransition):
Commit: d5be630f371b6dac9cfcb8d55ae171cc76957973
https://github.com/WebKit/WebKit/commit/d5be630f371b6dac9cfcb8d55ae171cc76957973
Author: Saam Barati <sbarati at apple.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/wasm/WasmB3IRGenerator.cpp
Log Message:
-----------
Merge r241657 - WasmB3IRGenerator models some effects incorrectly
https://bugs.webkit.org/show_bug.cgi?id=194038
Reviewed by Keith Miller.
* wasm/WasmB3IRGenerator.cpp:
(JSC::Wasm::B3IRGenerator::restoreWasmContextInstance):
(JSC::Wasm::B3IRGenerator::restoreWebAssemblyGlobalState):
These two functions were using global state instead of the
arguments passed into the function.
(JSC::Wasm::B3IRGenerator::addOp<F64ConvertUI64>):
(JSC::Wasm::B3IRGenerator::addOp<OpType::F32ConvertUI64>):
(JSC::Wasm::B3IRGenerator::addOp<OpType::I64TruncUF64>):
(JSC::Wasm::B3IRGenerator::addOp<OpType::I64TruncUF32>):
Any patchpoint that allows scratch register usage must
also say that it clobbers the scratch registers.
Commit: cc29984618df7d9c53f0a02a1003ef531983cd3a
https://github.com/WebKit/WebKit/commit/cc29984618df7d9c53f0a02a1003ef531983cd3a
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/gtk/DragAndDropHandler.cpp
Log Message:
-----------
Merge r241659 - [GTK] Crash while filling selection data during drag and drop
https://bugs.webkit.org/show_bug.cgi?id=194698
Reviewed by Michael Catanzaro.
I can't reproduce this, but it seems that m_draggingSelectionData is nullptr in fillDragData(). That can happen
when startDrag cancels a previous DND operation, because the new m_draggingSelectionData is set before the
current DND operation is cancelled, which sets it to nullptr.
* UIProcess/gtk/DragAndDropHandler.cpp:
(WebKit::DragAndDropHandler::startDrag): Finish the previous operation before setting m_draggingSelectionData.
Commit: da70a94159297c02ad5b802fda845d58d5a608e8
https://github.com/WebKit/WebKit/commit/da70a94159297c02ad5b802fda845d58d5a608e8
Author: Tadeu Zagallo <tzagallo at apple.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M Source/JavaScriptCore/CMakeLists.txt
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/DerivedSources-output.xcfilelist
M Source/JavaScriptCore/DerivedSources.make
M Source/JavaScriptCore/runtime/CachedTypes.cpp
M Source/JavaScriptCore/runtime/CodeCache.h
Log Message:
-----------
Merge r241660 - Add version number to cached bytecode
https://bugs.webkit.org/show_bug.cgi?id=194768
<rdar://problem/48147968>
Reviewed by Saam Barati.
Add a version number to the bytecode cache that should be unique per build.
* CMakeLists.txt:
* DerivedSources-output.xcfilelist:
* DerivedSources.make:
* runtime/CachedTypes.cpp:
(JSC::Encoder::malloc):
(JSC::GenericCacheEntry::GenericCacheEntry):
(JSC::CacheEntry::CacheEntry):
(JSC::CacheEntry::encode):
(JSC::CacheEntry::decode const):
(JSC::GenericCacheEntry::decode const):
(JSC::decodeCodeBlockImpl):
* runtime/CodeCache.h:
(JSC::CodeCacheMap::fetchFromDiskImpl):
Commit: f4b1a2da6023be0074d8463601bb16008d31fa46
https://github.com/WebKit/WebKit/commit/f4b1a2da6023be0074d8463601bb16008d31fa46
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-02-18 (Mon, 18 Feb 2019)
Changed paths:
M Source/JavaScriptCore/runtime/BigIntObject.cpp
M Source/JavaScriptCore/runtime/BooleanConstructor.cpp
M Source/JavaScriptCore/runtime/BooleanObject.cpp
M Source/JavaScriptCore/runtime/BooleanObject.h
M Source/JavaScriptCore/runtime/DateInstance.cpp
M Source/JavaScriptCore/runtime/DateInstance.h
M Source/JavaScriptCore/runtime/DatePrototype.cpp
M Source/JavaScriptCore/runtime/JSCPoison.h
M Source/JavaScriptCore/runtime/JSWrapperObject.h
M Source/JavaScriptCore/runtime/NumberObject.cpp
M Source/JavaScriptCore/runtime/NumberObject.h
M Source/JavaScriptCore/runtime/StringConstructor.cpp
M Source/JavaScriptCore/runtime/StringObject.cpp
M Source/JavaScriptCore/runtime/StringObject.h
M Source/JavaScriptCore/runtime/SymbolObject.cpp
M Source/JavaScriptCore/runtime/SymbolObject.h
Log Message:
-----------
Revert r241713 - Merge r241649 - [JSC] JSWrapperObject should not be destructible"
This reverts commit r241713.
Commit: a72b2e874dcdc152860a99ccff08fb0ae5daf83f
https://github.com/WebKit/WebKit/commit/a72b2e874dcdc152860a99ccff08fb0ae5daf83f
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-02-20 (Wed, 20 Feb 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/runtime/BigIntObject.cpp
M Source/JavaScriptCore/runtime/BooleanConstructor.cpp
M Source/JavaScriptCore/runtime/BooleanObject.cpp
M Source/JavaScriptCore/runtime/BooleanObject.h
M Source/JavaScriptCore/runtime/DateInstance.cpp
M Source/JavaScriptCore/runtime/DateInstance.h
M Source/JavaScriptCore/runtime/DatePrototype.cpp
M Source/JavaScriptCore/runtime/JSCPoison.h
M Source/JavaScriptCore/runtime/JSWrapperObject.h
M Source/JavaScriptCore/runtime/NumberObject.cpp
M Source/JavaScriptCore/runtime/NumberObject.h
M Source/JavaScriptCore/runtime/StringConstructor.cpp
M Source/JavaScriptCore/runtime/StringObject.cpp
M Source/JavaScriptCore/runtime/StringObject.h
M Source/JavaScriptCore/runtime/SymbolObject.cpp
M Source/JavaScriptCore/runtime/SymbolObject.h
Log Message:
-----------
Merge r241649 - [JSC] JSWrapperObject should not be destructible
https://bugs.webkit.org/show_bug.cgi?id=194743
Reviewed by Saam Barati.
JSWrapperObject should be just a wrapper object for JSValue, thus, it should not be a JSDestructibleObject.
Currently it is destructible object because DateInstance uses it. This patch changes Base of DateInstance from
JSWrapperObject to JSDestructibleObject, and makes JSWrapperObject non-destructible.
* runtime/BigIntObject.cpp:
(JSC::BigIntObject::BigIntObject):
* runtime/BooleanConstructor.cpp:
(JSC::BooleanConstructor::finishCreation):
* runtime/BooleanObject.cpp:
(JSC::BooleanObject::BooleanObject):
* runtime/BooleanObject.h:
* runtime/DateInstance.cpp:
(JSC::DateInstance::DateInstance):
(JSC::DateInstance::finishCreation):
* runtime/DateInstance.h:
* runtime/DatePrototype.cpp:
(JSC::dateProtoFuncGetTime):
(JSC::dateProtoFuncSetTime):
(JSC::setNewValueFromTimeArgs):
(JSC::setNewValueFromDateArgs):
(JSC::dateProtoFuncSetYear):
* runtime/JSCPoison.h:
* runtime/JSWrapperObject.h:
(JSC::JSWrapperObject::JSWrapperObject):
* runtime/NumberObject.cpp:
(JSC::NumberObject::NumberObject):
* runtime/NumberObject.h:
* runtime/StringConstructor.cpp:
(JSC::StringConstructor::finishCreation):
* runtime/StringObject.cpp:
(JSC::StringObject::StringObject):
* runtime/StringObject.h:
(JSC::StringObject::internalValue const):
* runtime/SymbolObject.cpp:
(JSC::SymbolObject::SymbolObject):
* runtime/SymbolObject.h:
Commit: ab3e9d840d6dd3610b1a43a45f22558942341d26
https://github.com/WebKit/WebKit/commit/ab3e9d840d6dd3610b1a43a45f22558942341d26
Author: Tomáš Popela <tpopela at redhat.com>
Date: 2019-02-20 (Wed, 20 Feb 2019)
Changed paths:
M JSTests/ChangeLog
M JSTests/stress/sampling-profiler-stack-trace-with-double-quote-in-function-name.js
Log Message:
-----------
Merge r241661 - Unreviewed, skip the test on platforms without sampling profiler
* stress/sampling-profiler-stack-trace-with-double-quote-in-function-name.js:
(platformSupportsSamplingProfiler.foo):
(platformSupportsSamplingProfiler.test):
(platformSupportsSamplingProfiler):
(foo): Deleted.
(test): Deleted.
Commit: a2ea5a9f5bd1a71a2d7ac3a5e0b89b5a5ffca9b8
https://github.com/WebKit/WebKit/commit/a2ea5a9f5bd1a71a2d7ac3a5e0b89b5a5ffca9b8
Author: Dominik Infuehr <dinfuehr at igalia.com>
Date: 2019-02-20 (Wed, 20 Feb 2019)
Changed paths:
M JSTests/ChangeLog
M JSTests/stress/tagged-template-object-collect.js
Log Message:
-----------
Merge r241662 - [ARM] Test gardening: Test running out of executable memory
https://bugs.webkit.org/show_bug.cgi?id=194771
Unreviewed. Do not run test without LLInt, test is running out of executable
memory on ARM otherwise.
* stress/tagged-template-object-collect.js:
Commit: 4799f10ca31453537fd199df7b7186b391bb29cc
https://github.com/WebKit/WebKit/commit/4799f10ca31453537fd199df7b7186b391bb29cc
Author: Devin Rousso <drousso at apple.com>
Date: 2019-02-20 (Wed, 20 Feb 2019)
Changed paths:
M Source/WebInspectorUI/ChangeLog
M Source/WebInspectorUI/Localizations/en.lproj/localizedStrings.js
M Source/WebInspectorUI/UserInterface/Models/Resource.js
Log Message:
-----------
Merge r241732 - Web Inspector: duplicate left double quotation mark (\u201C) in 'Unable to show certificate for “%s“.'
https://bugs.webkit.org/show_bug.cgi?id=194782
<rdar://problem/48159683>
Reviewed by Joseph Pecoraro.
* UserInterface/Models/Resource.js:
(WI.Resource.prototype.async showCertificate):
* Localizations/en.lproj/localizedStrings.js:
Commit: 2dc42f0fd45ea282b799baaef954602d28c7ff40
https://github.com/WebKit/WebKit/commit/2dc42f0fd45ea282b799baaef954602d28c7ff40
Author: Tadeu Zagallo <tzagallo at apple.com>
Date: 2019-02-20 (Wed, 20 Feb 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/runtime/CachedTypes.cpp
M Source/WTF/ChangeLog
M Source/WTF/wtf/UUID.cpp
M Source/WTF/wtf/UUID.h
M Tools/ChangeLog
M Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj
A Tools/TestWebKitAPI/Tests/WTF/UUID.cpp
Log Message:
-----------
Merge r241733 - Bytecode cache should a have a boot-specific validation
https://bugs.webkit.org/show_bug.cgi?id=194769
<rdar://problem/48149509>
Reviewed by Keith Miller.
Source/JavaScriptCore:
Add the boot UUID to the cached bytecode to enforce that it is not reused
across reboots.
* runtime/CachedTypes.cpp:
(JSC::Encoder::malloc):
(JSC::GenericCacheEntry::GenericCacheEntry):
(JSC::GenericCacheEntry::tag const):
(JSC::CacheEntry::CacheEntry):
(JSC::CacheEntry::decode const):
(JSC::GenericCacheEntry::decode const):
(JSC::encodeCodeBlock):
Source/WTF:
Add helper to get kern.bootsessionuuid from sysctl
* wtf/UUID.cpp:
(WTF::bootSessionUUIDString):
* wtf/UUID.h:
Tools:
Add test for WTF::bootSessionUUIDString()
* TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
* TestWebKitAPI/Tests/WTF/UUID.cpp: Added.
(TEST):
Commit: 1317adb3def4a7afe3c5fa99882a270fc097ecaf
https://github.com/WebKit/WebKit/commit/1317adb3def4a7afe3c5fa99882a270fc097ecaf
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-02-20 (Wed, 20 Feb 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/lazy-initialization-done-a-priori-if-jit-enabled.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/runtime/JSGlobalObject.h
M Source/JavaScriptCore/runtime/LazyClassStructure.h
M Source/JavaScriptCore/runtime/LazyProperty.h
Log Message:
-----------
Merge r241741 - [JSC] Add LazyClassStructure::getInitializedOnMainThread
https://bugs.webkit.org/show_bug.cgi?id=194784
<rdar://problem/48154820>
Reviewed by Mark Lam.
JSTests:
* stress/lazy-initialization-done-a-priori-if-jit-enabled.js: Added.
(getProperties):
(getRandomProperty):
(i.catch):
Source/JavaScriptCore:
LazyClassStructure::get and LazyProperty::get functions do not allow compiler threads to call them. But for booleanPrototype, numberPrototype and symbolPrototype cases,
we would like to call them from compiler threads. We eagerly initialize them if VM::canUseJIT() is true, so that compiler threads can safely call LazyClassStructure::get
and LazyProperty::get for booleanPrototype, numberPrototype and symbolPrototype. But still assertion hits because the assertion requires that these functions need to be
called in non compiler threads. Calling `getConcurrently()` is not possible since symbolPrototype() function is called from both the main thread and compiler threads,
and we would like to lazily initialize SymbolPrototype object if it is called from the main thread, which can happen with non-JIT configuration.
This patch adds `getInitializedOnMainThread()`. Compiler threads can call it only when we know that the value is already initialized on the main thread. The main thread
can call it at anytime and this function lazily initializes the value. This is useful to make some of prototypes lazy with non-JIT configuration: With non-JIT configuration,
this function is always called from the main thread and it initializes the value lazily. Non-JIT configuration does not care about compiler threads since they do not exist.
With JIT configuration, we eagerly initialize them in JSGlobalObject::init so that `getInitializedOnMainThread()` always succeeds.
Basically, `getInitializedOnMainThread()` is `get` with different assertion location: While `get` always crashes if it is called from compiler threads, `getInitializedOnMainThread()`
crashes only when actual initialization happens on compiler threads. We do not merge them since `get` is still useful to find accidental initialization from compiler threads.
* runtime/JSGlobalObject.h:
(JSC::JSGlobalObject::booleanPrototype const):
(JSC::JSGlobalObject::numberPrototype const):
(JSC::JSGlobalObject::symbolPrototype const):
* runtime/LazyClassStructure.h:
(JSC::LazyClassStructure::getInitializedOnMainThread const):
(JSC::LazyClassStructure::prototypeInitializedOnMainThread const):
(JSC::LazyClassStructure::constructorInitializedOnMainThread const):
* runtime/LazyProperty.h:
(JSC::LazyProperty::get const):
(JSC::LazyProperty::getInitializedOnMainThread const):
Commit: d2d77541e2e9c73aaba04d1a7a2e66167b3c12b7
https://github.com/WebKit/WebKit/commit/d2d77541e2e9c73aaba04d1a7a2e66167b3c12b7
Author: John Wilander <wilander at apple.com>
Date: 2019-02-20 (Wed, 20 Feb 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/http/tests/storageAccess/remove-requesting-iframe-expected.txt
A LayoutTests/http/tests/storageAccess/remove-requesting-iframe.html
A LayoutTests/http/tests/storageAccess/resources/request-storage-access-and-immediately-postmessage-iframe.html
M Source/WebCore/ChangeLog
M Source/WebCore/dom/Document.cpp
M Source/WebCore/loader/ResourceLoadObserver.cpp
M Source/WebKit/ChangeLog
M Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.cpp
Log Message:
-----------
Merge r241743 - Check the existence of the frame in Document::hasFrameSpecificStorageAccess() and Document::setHasFrameSpecificStorageAccess()
https://bugs.webkit.org/show_bug.cgi?id=194777
<rdar://problem/47731945>
Reviewed by Geoffrey Garen and Chris Dumez.
Source/WebCore:
Test: http/tests/storageAccess/remove-requesting-iframe.html
* dom/Document.cpp:
(WebCore::Document::hasFrameSpecificStorageAccess const):
Now checks for the existence of the frame.
(WebCore::Document::setHasFrameSpecificStorageAccess):
Now checks for the existence of the frame.
* loader/ResourceLoadObserver.cpp:
(WebCore::ResourceLoadObserver::logUserInteractionWithReducedTimeResolution):
Now checks that the session ID is valid.
Source/WebKit:
* NetworkProcess/NetworkConnectionToWebProcess.cpp:
(WebKit::NetworkConnectionToWebProcess::logUserInteraction):
Now returns early if the incoming session ID is invalid.
Added an ASSERT to help us find other call sites passing invalid session IDs.
LayoutTests:
* http/tests/storageAccess/remove-requesting-iframe-expected.txt: Added.
* http/tests/storageAccess/remove-requesting-iframe.html: Added.
* http/tests/storageAccess/resources/request-storage-access-and-immediately-postmessage-iframe.html: Added.
Commit: 81a91b546be3bdd93c55b807ea129d57bc586b2c
https://github.com/WebKit/WebKit/commit/81a91b546be3bdd93c55b807ea129d57bc586b2c
Author: Oriol Brufau <obrufau at igalia.com>
Date: 2019-02-20 (Wed, 20 Feb 2019)
Changed paths:
M LayoutTests/imported/w3c/ChangeLog
A LayoutTests/imported/w3c/web-platform-tests/css/css-grid/layout-algorithm/grid-fit-content-percentage-expected.txt
A LayoutTests/imported/w3c/web-platform-tests/css/css-grid/layout-algorithm/grid-fit-content-percentage.html
M LayoutTests/imported/w3c/web-platform-tests/css/css-grid/layout-algorithm/w3c-import.log
M Source/WebCore/ChangeLog
M Source/WebCore/rendering/GridTrackSizingAlgorithm.cpp
Log Message:
-----------
Merge r241746 - [css-grid] Handle indefinite percentages in fit-content()
https://bugs.webkit.org/show_bug.cgi?id=194509
Patch by Oriol Brufau <obrufau at igalia.com> on 2019-02-18
Reviewed by Javier Fernandez.
LayoutTests/imported/w3c:
Import WPT test.
* web-platform-tests/css/css-grid/layout-algorithm/grid-fit-content-percentage-expected.txt: Added.
* web-platform-tests/css/css-grid/layout-algorithm/grid-fit-content-percentage.html: Added.
* web-platform-tests/css/css-grid/layout-algorithm/w3c-import.log:
Source/WebCore:
Test: imported/w3c/web-platform-tests/css/css-grid/layout-algorithm/grid-fit-content-percentage.html
If the size of the grid container depends on the size of its tracks,
a percentage in fit-content() is indefinite. Without this patch, some
places treated this case as fit-content(0), which prevented the grid
container from growing enough to contain the max-content contribution
of its grid items.
This patch treats such fit-content() as minmax(auto, max-content),
but once the size of the grid container is known and it is laid out
"for real", then the percentage is definite and it's used.
* rendering/GridTrackSizingAlgorithm.cpp:
(WebCore::GridTrackSizingAlgorithm::gridTrackSize const):
(WebCore::GridTrackSizingAlgorithm::initializeTrackSizes):
Commit: e415457da7df37d9fe000525c86f04f296e1ce9a
https://github.com/WebKit/WebKit/commit/e415457da7df37d9fe000525c86f04f296e1ce9a
Author: Darin Adler <darin at apple.com>
Date: 2019-02-20 (Wed, 20 Feb 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/heap/HeapSnapshotBuilder.cpp
M Source/JavaScriptCore/parser/Lexer.cpp
M Source/WTF/ChangeLog
M Source/WTF/WTF.xcodeproj/project.pbxproj
M Source/WTF/wtf/CMakeLists.txt
A Source/WTF/wtf/HexNumber.cpp
M Source/WTF/wtf/HexNumber.h
A Source/WTF/wtf/Logger.cpp
M Source/WTF/wtf/Logger.h
M Source/WTF/wtf/text/StringConcatenateNumbers.h
M Source/WebCore/ChangeLog
M Source/WebCore/Modules/websockets/WebSocket.cpp
M Source/WebCore/PAL/ChangeLog
M Source/WebCore/PAL/pal/FileSizeFormatter.cpp
M Source/WebCore/css/CSSMarkup.cpp
M Source/WebCore/css/CSSPrimitiveValue.cpp
M Source/WebCore/css/CSSUnicodeRangeValue.cpp
M Source/WebCore/html/HTMLMediaElement.h
M Source/WebCore/html/canvas/WebGLRenderingContextBase.cpp
M Source/WebCore/html/track/TextTrackCue.cpp
M Source/WebCore/html/track/TextTrackCue.h
M Source/WebCore/page/linux/ResourceUsageOverlayLinux.cpp
M Source/WebCore/platform/cocoa/KeyEventCocoa.mm
M Source/WebCore/platform/gamepad/mac/HIDGamepad.cpp
M Source/WebCore/platform/graphics/Color.cpp
M Source/WebCore/platform/graphics/FloatPolygon.cpp
M Source/WebCore/platform/graphics/FloatPolygon.h
M Source/WebCore/platform/graphics/ca/GraphicsLayerCA.cpp
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp
M Source/WebCore/platform/gtk/PlatformKeyboardEventGtk.cpp
M Source/WebCore/platform/libwpe/PlatformKeyboardEventLibWPE.cpp
M Source/WebCore/platform/mediastream/libwebrtc/GStreamerVideoEncoderFactory.cpp
M Source/WebCore/platform/text/TextCodecLatin1.cpp
M Source/WebCore/platform/win/GDIObjectCounter.cpp
M Source/WebCore/platform/win/KeyEventWin.cpp
M Source/WebCore/rendering/FloatingObjects.cpp
M Source/WebCore/rendering/FloatingObjects.h
M Source/WebCore/rendering/RenderFragmentContainer.cpp
M Source/WebCore/rendering/RenderFragmentContainer.h
M Source/WebCore/rendering/RenderFragmentedFlow.h
M Source/WebCore/testing/Internals.cpp
M Source/WebKit/ChangeLog
M Source/WebKit/Platform/IPC/win/ConnectionWin.cpp
M Source/WebKit/Shared/win/WebEventFactory.cpp
M Source/WebKit/UIProcess/API/APINavigation.cpp
M Source/WebKit/UIProcess/SuspendedPageProxy.cpp
M Source/WebKit/UIProcess/WebBackForwardList.cpp
M Source/WebKit/UIProcess/gtk/InputMethodFilter.cpp
Log Message:
-----------
Merge r241751 - Continue reducing use of String::format, now focusing on hex: "%p", "%x", etc.
https://bugs.webkit.org/show_bug.cgi?id=194752
Reviewed by Daniel Bates.
Source/JavaScriptCore:
* heap/HeapSnapshotBuilder.cpp:
(JSC::HeapSnapshotBuilder::json): Added back the "0x" that was removed when changing
this file to use appendUnsignedAsHex instead of "%p". The intent at that time was to
keep behavior the same, so let's do that.
* parser/Lexer.cpp:
(JSC::Lexer<T>::invalidCharacterMessage const): Use makeString and hex instead of
String::format and "%04x".
Source/WebCore:
* Modules/websockets/WebSocket.cpp: Added an include of HexNumber.h. This previously
got included because of Logger.h, but that no longer pulls in HexNumber.h.
* css/CSSMarkup.cpp: Removed unneeded include of StringBuffer.h.
* css/CSSPrimitiveValue.cpp: Ditto.
* css/CSSUnicodeRangeValue.cpp:
(WebCore::CSSUnicodeRangeValue::customCSSText const): Use makeString and hex instead
of String::format and "%x".
* html/HTMLMediaElement.h:
(WTF::ValueToString<WebCore::TextTrackCue::string): Use a non-template function,
TextTrackCure::debugString, so we don't need to use HextNumber.h in a header.
* html/canvas/WebGLRenderingContextBase.cpp:
(GetErrorString): Use makeString and hex instead of String::format and "%04x".
* html/track/TextTrackCue.cpp:
(WebCore::TextTrackCue::debugString const): Added. Moved string conversion here
from HTMLMediaElement.h and use makeString instead of String::format. Also use
the word "debug" to make it clear that it's not OK to use this string, with a
pointer value serialized into it, outside of debugging.
* html/track/TextTrackCue.h: Added TextTrackCue::debugString.
* page/linux/ResourceUsageOverlayLinux.cpp:
(WebCore::formatByteNumber): Use makeString and FormattedNumber::fixedWidth
instead of String::format and "%.1f" etc.
* platform/cocoa/KeyEventCocoa.mm:
(WebCore::keyIdentifierForCharCode): Use the new hex function here instead of
the old code that did each of the four characters explicitly.
* platform/gamepad/mac/HIDGamepad.cpp:
(WebCore::HIDGamepad::HIDGamepad): Use makeString instead of String::format.
* platform/graphics/Color.cpp:
(WebCore::Color::nameForRenderTreeAsText const): Use hex instead of doing each
digit separately.
* platform/graphics/FloatPolygon.cpp:
(WebCore::FloatPolygonEdge::debugString const): Added. Moved string conversion here
from the header and use makeString instead of String::format. Also use
the word "debug" to make it clear that it's not OK to use this string, with a
pointer value serialized into it, outside of debugging.
* platform/graphics/FloatPolygon.h: Updated for the above.
* platform/graphics/ca/GraphicsLayerCA.cpp:
(WebCore::GraphicsLayerCA::setName): Use makeString instead of String::format.
(WebCore::GraphicsLayerCA::recursiveCommitChanges): DItto.
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
(WebCore::MediaPlayerPrivateGStreamer::load): Ditto.
(WebCore::MediaPlayerPrivateGStreamer::createGSTPlayBin): Ditto.
* platform/gtk/PlatformKeyboardEventGtk.cpp:
(WebCore::PlatformKeyboardEvent::keyIdentifierForGdkKeyCode): Ditto.
* platform/libwpe/PlatformKeyboardEventLibWPE.cpp:
(WebCore::PlatformKeyboardEvent::keyIdentifierForWPEKeyCode): Ditto.
* platform/mediastream/libwebrtc/GStreamerVideoEncoderFactory.cpp:
(WebCore::GStreamerVideoEncoder::makeElement): Ditto.
(WebCore::GStreamerVideoEncoder::InitEncode): Ditto.
* platform/text/TextCodecLatin1.cpp: Removed unneeded include of StringBuffer.h
and "using namespace WTF".
* platform/win/GDIObjectCounter.cpp:
(WebCore::GDIObjectCounter::GDIObjectCounter): Use makeString instead of String::format.
* platform/win/KeyEventWin.cpp:
(WebCore::keyIdentifierForWindowsKeyCode): Ditto.
* rendering/FloatingObjects.cpp:
(WebCore::FloatingObject::debugString const): Added. Moved string conversion here
from the header and use makeString instead of String::format. Also use
the word "debug" to make it clear that it's not OK to use this string, with a
pointer value serialized into it, outside of debugging.
* rendering/FloatingObjects.h: Updated for the above.
* rendering/RenderFragmentContainer.cpp:
(WebCore::RenderFragmentContainer::debugString const): Added. Moved string
conversion here from the header and use makeString instead of String::format.
Also use the word "debug" to make it clear that it's not OK to use this string,
with a pointer value serialized into it, outside of debugging.
* rendering/RenderFragmentContainer.h: Updated for the above.
* rendering/RenderFragmentedFlow.h: Ditto.
* testing/Internals.cpp:
(WebCore::Internals::address): Use makeString instead of String::format.
Source/WebCore/PAL:
* pal/FileSizeFormatter.cpp:
(fileSizeDescription): Use makeString instead of String::format.
Source/WebKit:
* Platform/IPC/win/ConnectionWin.cpp:
(IPC::Connection::createServerAndClientIdentifiers): Use makeString instead of
String::format.
* Shared/win/WebEventFactory.cpp:
(WebKit::keyIdentifierFromEvent): Ditto.
* UIProcess/API/APINavigation.cpp:
(API::Navigation::loggingString const): Use hex instead of String::format.
* UIProcess/SuspendedPageProxy.cpp:
(WebKit::SuspendedPageProxy::loggingString const): Ditto.
* UIProcess/WebBackForwardList.cpp:
(WebKit::WebBackForwardList::loggingString): Added a "0x".
* UIProcess/gtk/InputMethodFilter.cpp:
(WebKit::InputMethodFilter::logHandleKeyboardEventForTesting): Use makeString and hex
instead of String::format and "%x".
(WebKit::InputMethodFilter::logHandleKeyboardEventWithCompositionResultsForTesting):
Ditto.
Source/WTF:
* WTF.xcodeproj/project.pbxproj: Added HexNumber.cpp and Logger.cpp.
* wtf/CMakeLists.txt: Ditto.
* wtf/HexNumber.cpp: Added.
(WTF::Internal::appendHex): Non-inline, non-template hex formatting logic.
* wtf/HexNumber.h:
(WTF::Internal::appendHex): Refactored main logic of appendUnsignedAsHex and
appendUnsignedAsHexFixedSize so they can be reused in a function named hex for
use with StringTypeAdapter.
(WTF::appendUnsignedAsHex): Ditto.
(WTF::appendUnsignedAsHexFixedSize): Ditto.
(WTF::hex): Added.
(WTF::StringTypeAdapter<HexNumberBuffer>): Added.
* wtf/Logger.cpp: Added.
function and moved it here so that we don't need to include HexNumber.h
in Logger.h. Since HexNumber.h has substantial code in it, it's good if we
don't include it in any other headers.
* wtf/Logger.h:
(WTF::LogArgument<Logger::LogSiteIdentifier>::toString): Changed to call
* wtf/text/StringConcatenateNumbers.h: Replaced overloaded writeTo functions
with function templates and used StringImpl::copyCharacters instead of
hand-written loops.
Commit: d4e202390cd50b0183e29305cca2908194795576
https://github.com/WebKit/WebKit/commit/d4e202390cd50b0183e29305cca2908194795576
Author: Mark Lam <mark.lam at apple.com>
Date: 2019-02-20 (Wed, 20 Feb 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/dfg/DFGDoesGC.cpp
Log Message:
-----------
Merge r241753 - Fix DFG doesGC() for CompareEq/Less/LessEq/Greater/GreaterEq and CompareStrictEq nodes.
https://bugs.webkit.org/show_bug.cgi?id=194800
<rdar://problem/48183773>
Reviewed by Yusuke Suzuki.
Fix doesGC() for the following nodes:
CompareEq:
CompareLess:
CompareLessEq:
CompareGreater:
CompareGreaterEq:
CompareStrictEq:
Only return false (i.e. does not GC) for child node use kinds that have
been vetted to not do anything that can GC. For all other use kinds
(including StringUse and BigIntUse), we return true (i.e. does GC).
* dfg/DFGDoesGC.cpp:
(JSC::DFG::doesGC):
Commit: 984a7a7b3e91629bfbfd68c44a1a1a084686e356
https://github.com/WebKit/WebKit/commit/984a7a7b3e91629bfbfd68c44a1a1a084686e356
Author: Dominik Infuehr <dinfuehr at igalia.com>
Date: 2019-02-20 (Wed, 20 Feb 2019)
Changed paths:
M JSTests/ChangeLog
M JSTests/stress/sampling-profiler-richards.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/assembler/MacroAssemblerARMv7.h
Log Message:
-----------
Merge r241756 - [ARM] Fix crash with sampling profiler
https://bugs.webkit.org/show_bug.cgi?id=194772
Reviewed by Mark Lam.
JSTests:
Do not skip test since crash with sampling profiler is now fixed.
* stress/sampling-profiler-richards.js:
Source/JavaScriptCore:
sampling-profiler-richards.js was crashing with an enabled sampling profiler. add32
did not update the stack pointer in a single instruction. The src register was first
moved into the stack pointer, the immediate imm was added in a subsequent instruction.
This was problematic when a signal handler was invoked before applying the immediate,
when the stack pointer is still set to the temporary value. Avoid this by calculating src+imm in
a temporary register and then move it in one go into the stack pointer.
* assembler/MacroAssemblerARMv7.h:
(JSC::MacroAssemblerARMv7::add32):
Commit: a47216648efe64269418d22eb58a066e43f5ecb5
https://github.com/WebKit/WebKit/commit/a47216648efe64269418d22eb58a066e43f5ecb5
Author: Tadeu Zagallo <tzagallo at apple.com>
Date: 2019-02-20 (Wed, 20 Feb 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/jsc.cpp
M Source/JavaScriptCore/parser/SourceProvider.h
M Source/JavaScriptCore/runtime/CodeCache.cpp
M Source/JavaScriptCore/runtime/CodeCache.h
Log Message:
-----------
Merge r241758 - Move bytecode cache-related filesystem code out of CodeCache
https://bugs.webkit.org/show_bug.cgi?id=194675
Reviewed by Saam Barati.
The code is only used for the bytecode-cache tests, so it should live in
jsc.cpp rather than in the CodeCache. The logic now lives in ShellSourceProvider,
which overrides the a virtual method in SourceProvider, `cacheBytecode`,
in order to write the cache to disk.
* jsc.cpp:
(ShellSourceProvider::create):
(ShellSourceProvider::~ShellSourceProvider):
(ShellSourceProvider::cachePath const):
(ShellSourceProvider::loadBytecode):
(ShellSourceProvider::ShellSourceProvider):
(jscSource):
(GlobalObject::moduleLoaderFetch):
(functionDollarEvalScript):
(runWithOptions):
* parser/SourceProvider.h:
(JSC::SourceProvider::cacheBytecode const):
* runtime/CodeCache.cpp:
(JSC::writeCodeBlock):
* runtime/CodeCache.h:
(JSC::CodeCacheMap::fetchFromDiskImpl):
Commit: 87aa2178197b26dc53499a447a1077f46de7672f
https://github.com/WebKit/WebKit/commit/87aa2178197b26dc53499a447a1077f46de7672f
Author: Pablo Saavedra <psaavedra at igalia.com>
Date: 2019-02-20 (Wed, 20 Feb 2019)
Changed paths:
M Tools/ChangeLog
M Tools/Scripts/webkitpy/thirdparty/__init__.py
Log Message:
-----------
Merge r241759 - pytest is not correctly auto-installed
https://bugs.webkit.org/show_bug.cgi?id=194707
Patch by Pablo Saavedra <psaavedra at igalia.com> on 2019-02-19
Reviewed by Carlos Garcia Campos.
* Scripts/webkitpy/thirdparty/__init__.py:
(AutoinstallImportHook._install_pytest):
Commit: 9a313619f05c854964820b294a3a0aaddba1294a
https://github.com/WebKit/WebKit/commit/9a313619f05c854964820b294a3a0aaddba1294a
Author: Robin Morisset <rmorisset at apple.com>
Date: 2019-02-20 (Wed, 20 Feb 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/b3/B3ReduceStrength.cpp
Log Message:
-----------
Merge r241768 - B3ReduceStrength::simplifyCFG() could do a lot more on each iteration
https://bugs.webkit.org/show_bug.cgi?id=194475
Reviewed by Saam Barati.
B3ReduceStrength::simplifyCFG() does three optimizations (which I will call A, B and C):
- A makes any terminal that points to a block that is empty except for a jump point to that jump's target instead.
- B transforms any branch or switch that points to a single block into a jump
- C finds blocks ending with jumps, whose successor has a single predecessor, and inline that successor block in place of the jump
It currently is limited in the following way:
- A and C can only fire once per block per iteration
- B can create jumps that would trigger A, but they may not be seen until the next iteration
Both problems are mitigated by going through the blocks in post-order, so that when a block is optimized most of its successors have already been optimized.
In a sense it is the symmetric of the peephole optimizer that goes in pre-order so that when an instruction is optimized most of its children have already been optimized.
On JetStream2 it reduces the average number of iterations from 3.35 to 3.24.
* b3/B3ReduceStrength.cpp:
Commit: 1b9025bd22b70e9278dfe99474c9af19efebed05
https://github.com/WebKit/WebKit/commit/1b9025bd22b70e9278dfe99474c9af19efebed05
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-02-20 (Wed, 20 Feb 2019)
Changed paths:
M Source/JavaScriptCore/CMakeLists.txt
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj
M Source/JavaScriptCore/Sources.txt
M Source/JavaScriptCore/runtime/JSGlobalObject.cpp
A Source/JavaScriptCore/runtime/JSNonDestructibleProxy.cpp
A Source/JavaScriptCore/runtime/JSNonDestructibleProxy.h
M Source/JavaScriptCore/runtime/JSProxy.h
M Source/JavaScriptCore/runtime/Options.cpp
Log Message:
-----------
Merge r241769 - [JSC] Introduce JSNonDestructibleProxy for JavaScriptCore.framework's GlobalThis
https://bugs.webkit.org/show_bug.cgi?id=194799
Reviewed by Saam Barati.
JSProxy is destructible one because we have JSWindowProxy which has ref counted object.
However, JavaScriptCore.framework's JSProxy for GlobalThis does not need to be destructible.
This is important since we need to separate Heap subspaces between destructible and non-destructible objects.
If we can put more and more objects in non-destructible status, we can get rid of low-usage MarkedBlock.
This patch adds JSNonDestructibleProxy, which is not destructible JSProxy. While it inherits JSDestructibleObject,
we can make the subclass still non-destructible thanks to Subspace mechanism. This drops one more low-usage MarkedBlock.
* CMakeLists.txt:
* JavaScriptCore.xcodeproj/project.pbxproj:
* Sources.txt:
* runtime/JSGlobalObject.cpp:
(JSC::JSGlobalObject::resetPrototype):
(JSC::JSGlobalObject::finishCreation):
* runtime/JSNonDestructibleProxy.cpp: Added.
* runtime/JSNonDestructibleProxy.h: Added.
(JSC::JSNonDestructibleProxy::subspaceFor):
(JSC::JSNonDestructibleProxy::create):
(JSC::JSNonDestructibleProxy::createStructure):
(JSC::JSNonDestructibleProxy::JSNonDestructibleProxy):
* runtime/JSProxy.h:
(JSC::JSProxy::JSProxy):
Commit: 349c277dc6e4d4380e11e92d7b679e3babe970c4
https://github.com/WebKit/WebKit/commit/349c277dc6e4d4380e11e92d7b679e3babe970c4
Author: Mark Lam <mark.lam at apple.com>
Date: 2019-02-20 (Wed, 20 Feb 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/dfg/DFGDoesGC.cpp
Log Message:
-----------
Merge r241772 - Fix DFG doesGC() for TryGetById and ProfileType nodes.
https://bugs.webkit.org/show_bug.cgi?id=194821
<rdar://problem/48206690>
Reviewed by Saam Barati.
Fix doesGC() for the following nodes:
ProfileType:
calls operationProcessTypeProfilerLogDFG(), which can calculatedClassName(),
which can call JSString::tryGetValue(), which can resolve a rope.
TryGetById:
calls operationTryGetByIdOptimize(), which can startWatchingPropertyForReplacements()
on a structure, which can allocate StructureRareData.
* dfg/DFGDoesGC.cpp:
(JSC::DFG::doesGC):
Commit: 6356e82c4d66a415c031d51e7f85faab85ca4aaa
https://github.com/WebKit/WebKit/commit/6356e82c4d66a415c031d51e7f85faab85ca4aaa
Author: Alex Christensen <achristensen at apple.com>
Date: 2019-02-20 (Wed, 20 Feb 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp
Log Message:
-----------
Merge r241777 - Remove assertion introduced in r229683
https://bugs.webkit.org/show_bug.cgi?id=194825
<rdar://problem/47628258>
Reviewed by Geoffrey Garen.
* WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:
(WebKit::WebFrameLoaderClient::dispatchWillSubmitForm):
If we reach this code and the form's original Document's Frame has been destroyed,
we have already been told to submit the form so do so, just like we do if the WebPage
has been destroyed. This is a rare edge case having to do with the timing of Frame
destruction and decidePolicyForNavigationAction response, which unfortunately does not
reproduce with a test case unless the timing of IPC is just right.
Commit: e5b7c878dbf8a3f6fb44da29e3da0dc752c68030
https://github.com/WebKit/WebKit/commit/e5b7c878dbf8a3f6fb44da29e3da0dc752c68030
Author: Ryosuke Niwa <rniwa at webkit.org>
Date: 2019-02-20 (Wed, 20 Feb 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/fast/loader/navigate-with-post-to-new-target-after-back-forward-navigation-expected.txt
A LayoutTests/fast/loader/navigate-with-post-to-new-target-after-back-forward-navigation.html
M Source/WebCore/ChangeLog
M Source/WebCore/loader/FrameLoader.cpp
Log Message:
-----------
Merge r241780 - REGRESSION(r240909): Release assertion in FrameLoader::loadPostRequest when opening new window
https://bugs.webkit.org/show_bug.cgi?id=194820
Reviewed by Geoffrey Garen.
Source/WebCore:
This release assertion was wrong. The invocation of PolicyChecker::checkNewWindowPolicy in FrameLoader
doesn’t require PolicyChecker's load type to be set in PolicyChecker because FrameLoader's
continueLoadAfterNewWindowPolicy invokes loadWithNavigationAction which sets the load type later,
and we don't rely on PolicyChecker's load type until then.
Fixed the crash by removing relese asserts before invoking checkNewWindowPolicy accordingly.
This patch reverts r241015 since it too was asserting that PolicyChecker's load type is set before
invoking checkNewWindowPolicy which is not the right assumption.
Test: fast/loader/navigate-with-post-to-new-target-after-back-forward-navigation.html
* loader/FrameLoader.cpp:
(WebCore::FrameLoader::loadURL):
(WebCore::FrameLoader::load):
(WebCore::FrameLoader::loadPostRequest):
LayoutTests:
Added a regression test.
* fast/loader/navigate-with-post-to-new-target-after-back-forward-navigation-expected.txt: Added.
* fast/loader/navigate-with-post-to-new-target-after-back-forward-navigation.html: Added.
Commit: 55056902c1c9aea94bf650457e50709c43a0b542
https://github.com/WebKit/WebKit/commit/55056902c1c9aea94bf650457e50709c43a0b542
Author: Robin Morisset <rmorisset at apple.com>
Date: 2019-02-20 (Wed, 20 Feb 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/interpreter/CachedCall.h
Log Message:
-----------
Merge r241781 - CachedCall should not consider it UNLIKELY that it will not stack overflow
https://bugs.webkit.org/show_bug.cgi?id=194831
Reviewed by Mark Lam.
* interpreter/CachedCall.h:
(JSC::CachedCall::CachedCall):
Commit: d9887a083ed7c03c4c3ee4190a8b6a49374cc356
https://github.com/WebKit/WebKit/commit/d9887a083ed7c03c4c3ee4190a8b6a49374cc356
Author: Robin Morisset <rmorisset at apple.com>
Date: 2019-02-20 (Wed, 20 Feb 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/b3/B3LowerToAir.cpp
M Source/JavaScriptCore/b3/testb3.cpp
Log Message:
-----------
Merge r241783 - B3-O2 incorrectly optimizes this subtest
https://bugs.webkit.org/show_bug.cgi?id=194625
Reviewed by Saam Barati.
Trivial fix. Instead of doing
if (!cond) foo else bar => if (cond) bar else foo
B3LowerToAir was doing
if (x^C) foo else bar => if (cond) bar else foo whenever C&1, even if C was for example 3.
* b3/B3LowerToAir.cpp:
* b3/testb3.cpp:
(JSC::B3::testBitNotOnBooleanAndBranch32):
(JSC::B3::testNotOnBooleanAndBranch32): Added.
Commit: 6ac99a2fd6323ac1cf2e962f3a12fa4772274077
https://github.com/WebKit/WebKit/commit/6ac99a2fd6323ac1cf2e962f3a12fa4772274077
Author: Simon Fraser <simon.fraser at apple.com>
Date: 2019-02-20 (Wed, 20 Feb 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/compositing/visibility/root-visibility-toggle-expected.txt
A LayoutTests/compositing/visibility/root-visibility-toggle.html
A LayoutTests/platform/mac-wk1/compositing/visibility/root-visibility-toggle-expected.txt
M Source/WebCore/ChangeLog
M Source/WebCore/page/Frame.h
M Source/WebCore/platform/graphics/GraphicsLayer.cpp
M Source/WebCore/platform/graphics/GraphicsLayerClient.h
M Source/WebCore/rendering/RenderLayerBacking.cpp
M Source/WebCore/rendering/RenderLayerBacking.h
M Source/WebCore/rendering/RenderLayerCompositor.cpp
M Source/WebCore/testing/Internals.cpp
M Source/WebCore/testing/Internals.h
M Source/WebCore/testing/Internals.idl
Log Message:
-----------
Merge r241788 - REGRESSION (r238090): Toggling visibility on the <html> element can result in a blank web view
https://bugs.webkit.org/show_bug.cgi?id=194827
rdar://problem/47620594
Reviewed by Antti Koivisto.
Source/WebCore:
Incremental compositing updates, added in rr238090, use repaints as a trigger for re-evaluating
layer configurations, since a repaint implies that a layer gains painted content. This is done
via the call to setNeedsCompositingConfigurationUpdate() in RenderLayerBacking::setContentsNeedDisplay{InRect}.
The RenderView's layer is opted out of this to avoid doing lots of redundant layer config recomputation
for the root. The configuration state that matters here is whether the layer contains painted content,
and therefore needs backing store; this is computed by RenderLayerBacking::isSimpleContainerCompositingLayer(),
and feeds into GraphicsLayer::drawsContent().
However, if <html> starts as "visibility:hidden" or "opacity:0", as some sites do to hide incremental loading,
then we'll fail to recompute 'drawsContent' for the root and leave the root with drawsContent=false, which
causes RenderLayerBacking::setContentsNeedDisplay{InRect} to short-circuit, and then we paint nothing.
Ironically, 'drawsContent' doesn't actually save any backing store for the root, since it has no affect on
the root tile caches; we always make tiles. So the simple fix here is to change RenderLayerBacking::isSimpleContainerCompositingLayer()
to always return false for the RenderView's layer (the root).
Testing this was tricky; ref testing doesn't work because we force repaint, and we normally skip
properties of the root in layer tree dumps to hide WK1/WK2 differences. Therefore I had to add
LAYER_TREE_INCLUDES_ROOT_LAYER_PROPERTIES and fix RenderLayerBacking::shouldDumpPropertyForLayer to
respect it.
Test: compositing/visibility/root-visibility-toggle.html
* page/Frame.h:
* platform/graphics/GraphicsLayer.cpp:
(WebCore::GraphicsLayer::dumpProperties const):
* platform/graphics/GraphicsLayerClient.h:
(WebCore::GraphicsLayerClient::shouldDumpPropertyForLayer const):
* rendering/RenderLayerBacking.cpp:
(WebCore::RenderLayerBacking::isSimpleContainerCompositingLayer const):
(WebCore::RenderLayerBacking::shouldDumpPropertyForLayer const):
* rendering/RenderLayerBacking.h:
* rendering/RenderLayerCompositor.cpp:
(WebCore::RenderLayerCompositor::layerTreeAsText):
* testing/Internals.cpp:
(WebCore::toLayerTreeFlags):
* testing/Internals.h:
* testing/Internals.idl:
LayoutTests:
Test dumps layer tree with RenderLayerBacking::shouldDumpPropertyForLayer to show that the root has (drawsContent 1)
* compositing/visibility/root-visibility-toggle-expected.txt: Added.
* compositing/visibility/root-visibility-toggle.html: Added.
* platform/mac-wk1/compositing/visibility/root-visibility-toggle-expected.txt: Added.
Commit: b0dbebda8deb1e26b821fbf73c9aecce273ee062
https://github.com/WebKit/WebKit/commit/b0dbebda8deb1e26b821fbf73c9aecce273ee062
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-02-20 (Wed, 20 Feb 2019)
Changed paths:
M Source/bmalloc/ChangeLog
M Source/bmalloc/bmalloc/Allocator.cpp
M Source/bmalloc/bmalloc/Allocator.h
M Source/bmalloc/bmalloc/Cache.cpp
M Source/bmalloc/bmalloc/Cache.h
M Source/bmalloc/bmalloc/Deallocator.cpp
M Source/bmalloc/bmalloc/Deallocator.h
Log Message:
-----------
Merge r241789 - [bmalloc] bmalloc::Cache should not be instantiated if we are using system malloc
https://bugs.webkit.org/show_bug.cgi?id=194811
Reviewed by Mark Lam.
bmalloc::Cache is very large. It is 13KB. Since it exists per HeapKind, it takes 40KB.
But this is meaningless if we are under the system malloc mode by using "Malloc=1". We
found that it continues using so much dirty memory region even under the system malloc mode.
This patch avoids instantiation of bmalloc::Cache under the system malloc mode.
* bmalloc/Allocator.cpp:
(bmalloc::Allocator::Allocator):
(bmalloc::Allocator::tryAllocate):
(bmalloc::Allocator::allocateImpl):
(bmalloc::Allocator::reallocateImpl):
(bmalloc::Allocator::allocateSlowCase):
Allocator is a per Cache object. So we no longer need to keep m_debugHeap. If debug heap is enabled,
Allocator is never created.
* bmalloc/Allocator.h:
* bmalloc/Cache.cpp:
(bmalloc::debugHeap):
(bmalloc::Cache::Cache):
(bmalloc::Cache::tryAllocateSlowCaseNullCache):
(bmalloc::Cache::allocateSlowCaseNullCache):
(bmalloc::Cache::deallocateSlowCaseNullCache):
(bmalloc::Cache::tryReallocateSlowCaseNullCache):
(bmalloc::Cache::reallocateSlowCaseNullCache):
* bmalloc/Cache.h:
(bmalloc::Cache::tryAllocate):
(bmalloc::Cache::tryReallocate):
If the debug heap mode is enabled, we keep Cache::getFast() returning nullptr. And in the slow path case, we use debugHeap.
This makes bmalloc fast path fast, while we avoid Cache instantiation.
* bmalloc/Deallocator.cpp:
(bmalloc::Deallocator::Deallocator):
(bmalloc::Deallocator::scavenge):
(bmalloc::Deallocator::deallocateSlowCase):
* bmalloc/Deallocator.h:
Ditto for Deallocator.
Commit: d7e876ca2165cb2b181e14f8346d9249bc936844
https://github.com/WebKit/WebKit/commit/d7e876ca2165cb2b181e14f8346d9249bc936844
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-02-20 (Wed, 20 Feb 2019)
Changed paths:
M Source/WTF/ChangeLog
M Source/WTF/wtf/glib/GRefPtr.cpp
M Source/WTF/wtf/glib/GRefPtr.h
M Source/WebCore/ChangeLog
M Source/WebCore/platform/gtk/po/POTFILES.in
M Source/WebKit/ChangeLog
M Source/WebKit/PlatformGTK.cmake
M Source/WebKit/PlatformWPE.cmake
M Source/WebKit/SourcesGTK.txt
M Source/WebKit/SourcesWPE.txt
M Source/WebKit/UIProcess/API/glib/WebKitError.cpp
M Source/WebKit/UIProcess/API/glib/WebKitUserContent.cpp
A Source/WebKit/UIProcess/API/glib/WebKitUserContentFilterStore.cpp
M Source/WebKit/UIProcess/API/glib/WebKitUserContentManager.cpp
M Source/WebKit/UIProcess/API/glib/WebKitUserContentPrivate.h
M Source/WebKit/UIProcess/API/gtk/WebKitAutocleanups.h
M Source/WebKit/UIProcess/API/gtk/WebKitError.h
M Source/WebKit/UIProcess/API/gtk/WebKitUserContent.h
A Source/WebKit/UIProcess/API/gtk/WebKitUserContentFilterStore.h
M Source/WebKit/UIProcess/API/gtk/WebKitUserContentManager.h
M Source/WebKit/UIProcess/API/gtk/docs/webkit2gtk-4.0-sections.txt
M Source/WebKit/UIProcess/API/gtk/webkit2.h
M Source/WebKit/UIProcess/API/wpe/WebKitError.h
M Source/WebKit/UIProcess/API/wpe/WebKitUserContent.h
A Source/WebKit/UIProcess/API/wpe/WebKitUserContentFilterStore.h
M Source/WebKit/UIProcess/API/wpe/WebKitUserContentManager.h
M Source/WebKit/UIProcess/API/wpe/docs/wpe-0.1-sections.txt
M Source/WebKit/UIProcess/API/wpe/webkit.h
M Tools/ChangeLog
M Tools/MiniBrowser/gtk/main.c
M Tools/MiniBrowser/wpe/main.cpp
A Tools/TestWebKitAPI/Tests/WebKitGLib/TestWebKitUserContentFilterStore.cpp
M Tools/TestWebKitAPI/Tests/WebKitGLib/TestWebKitUserContentManager.cpp
M Tools/TestWebKitAPI/glib/CMakeLists.txt
Log Message:
-----------
Merge r241790 - [WPE][GTK] Enable support for CONTENT_EXTENSIONS
https://bugs.webkit.org/show_bug.cgi?id=167941
Reviewed by Carlos Garcia Campos.
Source/WebCore:
* platform/gtk/po/POTFILES.in: Added WebKitUserContentFilterStore.cpp
to the list of files with translatable strings.
Source/WebKit:
Adds new API to manage a collection of content extensions on disk (including compilation
of new ones) using WebKitUserContentFilterStore; the associated WebKitUserContentFilter
type (which represents a compiled content extension); and the functions needed to enable
and disable them for a given WebKitUserContentManager.
The WebKitUserContentFilterStore public API is expressed in abstract terms of "saving"
filters into the store (which involves compiling the JSON source rule set); and "loading"
them back as main operations. This way we do not disclose to users of the API any detail
about compilation, nor how contents are laid out on disk, and the documentation explicitly
tells about only using the provided functions to manipulate the on-disk contents. This
way we allow ourselves some leeway if the implementation needs changing in the future.
* PlatformGTK.cmake: Added WebKitUserContentFilterStore.h to the list of public API headers.
* PlatformWPE.cmake: Ditto.
* SourcesGTK.txt: Added WebKitUserContentFilterStore.cpp
* SourcesWPE.txt: Ditto.
* UIProcess/API/glib/WebKitError.cpp: Add definition of webkit_user_content_filter_error_quark().
* UIProcess/API/glib/WebKitUserContent.cpp: Added WebKitUserContentFilter.
(_WebKitUserContentFilter::_WebKitUserContentFilter):
(webkit_user_content_filter_ref):
(webkit_user_content_filter_unref):
(webkit_user_content_filter_get_identifier):
(webkitUserContentFilterCreate):
(webkitUserContentFilterGetContentRuleList):
* UIProcess/API/glib/WebKitUserContentFilterStore.cpp: Added.
(toGError): Utility function to convert content extension error codes to GError.
(webkit_user_content_filter_store_class_init):
(webkit_user_content_filter_store_new):
(webkit_user_content_filter_store_get_path):
(webkitUserContentFilterStoreSaveBytes): Common function used as final step for all the
functions which save (compile) JSON rule sets into the store, to avoid duplicating code.
(webkit_user_content_filter_store_save):
(webkit_user_content_filter_store_save_finish):
(webkit_user_content_filter_store_save_from_file):
(webkit_user_content_filter_store_save_from_file_finish):
(webkit_user_content_filter_store_remove):
(webkit_user_content_filter_store_remove_finish):
(webkit_user_content_filter_store_load):
(webkit_user_content_filter_store_lookup_finish):
(webkit_user_content_filter_store_fetch_identifiers):
(webkit_user_content_filter_store_fetch_identifiers_finish):
* UIProcess/API/glib/WebKitUserContentManager.cpp: Added definitions for the new API
functions to add and remove filters from an user content manager.
(webkit_user_content_manager_add_filter):
(webkit_user_content_manager_remove_filter):
(webkit_user_content_manager_remove_all_filters):
* UIProcess/API/glib/WebKitUserContentPrivate.h: Added declarations for
webkitUserContentFilterCreate() and webkitUserContentFilterGetContentRuleList().
* UIProcess/API/gtk/WebKitAutocleanups.h: Added autocleanups for WebKitUserContentFilter
and WebKitUserContentFilterStore.
* UIProcess/API/gtk/WebKitError.h: Added declarations for WEBKIT_USER_CONTENT_FILTER_ERROR
plus the associated webkit_user_content_filter_error_quark() function and
WebKitUserContentFilterErrror enum.
* UIProcess/API/gtk/WebKitUserContent.h: Added declarations for WebKitUserContentFilter
and its associated functions.
* UIProcess/API/gtk/WebKitUserContentFilterStore.h: Added.
* UIProcess/API/gtk/WebKitUserContentManager.h: Added declarations for the functions to
add and remove filters from the user content manager.
* UIProcess/API/gtk/docs/webkit2gtk-4.0-sections.txt: Added new API functions and types to
be included in the documentation.
* UIProcess/API/gtk/webkit2.h: Added inclusion of WebKitUserContentFilterStore.h
* UIProcess/API/wpe/WebKitError.h: Same as for the GTK port header.
* UIProcess/API/wpe/WebKitUserContent.h: Same as for the GTK port header.
* UIProcess/API/wpe/WebKitUserContentFilterStore.h: Added.
* UIProcess/API/wpe/WebKitUserContentManager.h: Same as for the GTK port header.
* UIProcess/API/wpe/docs/wpe-0.1-sections.txt: Added new API functions and types to be
included in the documentation.
* UIProcess/API/wpe/webkit.h: Added inclusion of WebKitUserContentFilterStore.h
Source/WTF:
Add specialization of the refGPtr() and derefGPtr() templates for GMappedFile.
* wtf/glib/GRefPtr.cpp:
(WTF::refGPtr): Added.
(WTF::derefGPtr): Added.
* wtf/glib/GRefPtr.h: Declare template specializations.
Tools:
* MiniBrowser/gtk/main.c:
(filterSavedCallback): Added.
(main): Support loading a JSON rule set file for content filtering.
* MiniBrowser/wpe/main.cpp:
(filterSavedCallback): Added.
(main): Support loading a JSON rule set file for content filtering.
* TestWebKitAPI/Tests/WebKitGLib/TestWebKitUserContentFilterStore.cpp: Added.
(WTF::refGPtr): Added locally for WebKitUserContentFilter, as it would not be used anywhere else.
(WTF::derefGPtr): Ditto.
(testEmptyStore):
(testSaveInvalidFilter):
(testSaveLoadFilter):
(testSavedFilterIdentifierMatch):
(testRemoveFilter):
(testSaveMultipleFilters):
(testSaveFilterFromFile):
(testFilterPersistence):
(beforeAll):
(afterAll):
* TestWebKitAPI/Tests/WebKitGLib/TestWebKitUserContentManager.cpp:
(removeOldInjectedContentAndResetLists): Also reset content filters.
(isCSSBlockedForURLAtPath): Added. Tests whether the test filter, which blocks a
CSS style sheet, has blocked the load of the CSS by looking at the resulting style of
the element affected by the style sheet.
(getUserContentFilter): Added. Stores the test filter in a WebKitUserContentFilterStore
and returns it to be used by tests.
(testUserContentManagerContentFilter): Added. Tests whether adding and removing a filter
from the WebKitUserContentManager results in the a CSS style sheet being blocked.
(serverCallback): Add support for serving a CSS style sheet for testing.
(beforeAll): Add call to testUserContentManagerContentFilter().
* TestWebKitAPI/glib/CMakeLists.txt: Added TestWebKitUserContentFilterStore.
Commit: 6e09ca1431d9d55dfaba5cb4975716898027c3f1
https://github.com/WebKit/WebKit/commit/6e09ca1431d9d55dfaba5cb4975716898027c3f1
Author: Carlos Garcia Campos <carlosgc at webkit.org>
Date: 2019-02-20 (Wed, 20 Feb 2019)
Changed paths:
M ChangeLog
M Source/WebKit/ChangeLog
M Source/WebKit/gtk/NEWS
M Source/cmake/OptionsGTK.cmake
Log Message:
-----------
Unreviewed. Update OptionsGTK.cmake and NEWS for 2.23.91 release
.:
* Source/cmake/OptionsGTK.cmake: Bump version numbers
Source/WebKit:
* gtk/NEWS: Add release notes for 2.23.91.
Commit: c075e702b41cb1155f8e9725df29efc0cdd054dd
https://github.com/WebKit/WebKit/commit/c075e702b41cb1155f8e9725df29efc0cdd054dd
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-02-21 (Thu, 21 Feb 2019)
Changed paths:
M ChangeLog
M Source/cmake/FindWPEBackend-fdo.cmake
M Tools/ChangeLog
M Tools/TestWebKitAPI/PlatformWPE.cmake
Log Message:
-----------
Merged r241866 - [WPE] Do not hardcode WPEBackend-fdo library name for linking tests
https://bugs.webkit.org/show_bug.cgi?id=194901
Unreviewed build fix.
.:
* Source/cmake/FindWPEBackend-fdo.cmake: Use WPEBACKEND_FDO as prefix
for the output variables instead of WPEBackend-fdo, for consistency
with other usages of of find_package_handle_standard_args().
Tools:
* TestWebKitAPI/PlatformWPE.cmake: Set TestWebKitAPIBase to be linked
against the detected ${WPEBACKEND_FDO_LIBRARIES} instead of hardcoding
WPEBackend-fdo-0.1 as library name.
Commit: 0a772651e31d423e90b3ff4c432ac2260129a6a1
https://github.com/WebKit/WebKit/commit/0a772651e31d423e90b3ff4c432ac2260129a6a1
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-02-21 (Thu, 21 Feb 2019)
Changed paths:
M ChangeLog
M Source/WebKit/ChangeLog
M Source/WebKit/wpe/NEWS
M Source/cmake/OptionsWPE.cmake
Log Message:
-----------
Unreviewed. Update OptionsWPE.cmake and NEWS for 2.23.90 release
build-wpe-releng/..:
* Source/cmake/OptionsWPE.cmake: Bump version numbers.
build-wpe-releng/../Source/WebKit:
* wpe/NEWS: Add release notes for 2.23.90
Commit: d7141e0b39750a0f5377a90c9c2c2e14b4cee830
https://github.com/WebKit/WebKit/commit/d7141e0b39750a0f5377a90c9c2c2e14b4cee830
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-02-22 (Fri, 22 Feb 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/PlatformWPE.cmake
Log Message:
-----------
Merged r241935 - wpewebkit-2.23.90 Failing to build on Fedora
https://bugs.webkit.org/show_bug.cgi?id=194922
Unreviewed. Fix path to WebKitUserContentFilterStore.h in WPE_API_INSTALLED_HEADERS.
* PlatformWPE.cmake:
Commit: bd5f3e8ee9708cdece7dfc71a3ac4fcb38007e4b
https://github.com/WebKit/WebKit/commit/bd5f3e8ee9708cdece7dfc71a3ac4fcb38007e4b
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-02-22 (Fri, 22 Feb 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/API/gtk/docs/webkit2gtk-4.0.types
M Source/WebKit/UIProcess/API/gtk/docs/webkit2gtk-docs.sgml
M Source/WebKit/UIProcess/API/wpe/docs/wpe-docs.sgml
Log Message:
-----------
Merged r241936 - [WPE][GTK] No API documentation generated for WebKitUserContentFilterStore
https://bugs.webkit.org/show_bug.cgi?id=194908
Reviewed by Carlos Garcia Campos.
* UIProcess/API/gtk/docs/webkit2gtk-4.0.types: Add entry for webkit_user_content_filter_store_get_type().
* UIProcess/API/gtk/docs/webkit2gtk-docs.sgml: Add entry for WebKitUserContentFilterStore.
* UIProcess/API/wpe/docs/wpe-docs.sgml: Ditto.
Commit: a8702c9c499fe437ad439584dd68d540726de28d
https://github.com/WebKit/WebKit/commit/a8702c9c499fe437ad439584dd68d540726de28d
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-02-22 (Fri, 22 Feb 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
Log Message:
-----------
Merged r241753 - Fix DFG doesGC() for CompareEq/Less/LessEq/Greater/GreaterEq and CompareStrictEq nodes.
https://bugs.webkit.org/show_bug.cgi?id=194800
<rdar://problem/48183773>
Reviewed by Yusuke Suzuki.
Fix doesGC() for the following nodes:
CompareEq:
CompareLess:
CompareLessEq:
CompareGreater:
CompareGreaterEq:
CompareStrictEq:
Only return false (i.e. does not GC) for child node use kinds that have
been vetted to not do anything that can GC. For all other use kinds
(including StringUse and BigIntUse), we return true (i.e. does GC).
* dfg/DFGDoesGC.cpp:
(JSC::DFG::doesGC):
Commit: 2d8ae601d1501921868ce89bc10eaef1a01e7bba
https://github.com/WebKit/WebKit/commit/2d8ae601d1501921868ce89bc10eaef1a01e7bba
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-02-27 (Wed, 27 Feb 2019)
Changed paths:
M ChangeLog
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/API/wpe/WPEView.cpp
M Source/WebKit/UIProcess/API/wpe/qt/WPEQtViewBackend.cpp
M Source/WebKit/UIProcess/glib/WebProcessPoolGLib.cpp
M Source/cmake/FindWPEBackend-fdo.cmake
M Source/cmake/OptionsWPE.cmake
M Tools/ChangeLog
M Tools/TestWebKitAPI/glib/WebKitGLib/TestMain.h
M Tools/TestWebKitAPI/glib/WebKitGLib/wpe/WebViewTestWPE.cpp
M Tools/wpe/backends/HeadlessViewBackend.cpp
M Tools/wpe/backends/ViewBackend.cpp
M Tools/wpe/backends/WindowViewBackend.cpp
M Tools/wpe/jhbuild.modules
Log Message:
-----------
Merged r242055 - [WPE] Bump WPEBackend-fdo requirement to API version 1.0
https://bugs.webkit.org/show_bug.cgi?id=195001
Reviewed by Carlos Garcia Campos.
.:
* Source/cmake/FindWPEBackend-fdo.cmake: Use WPEBackend-fdo-1.0.
* Source/cmake/OptionsWPE.cmake: Ditto.
Source/WebKit:
API version 1.0 always includes the functionality previously guarded with
WPE_BACKEND_CHECK_VERSION(): remove the guards and always use the new functions
unconditionally.
* UIProcess/API/wpe/WPEView.cpp:
(WKWPE::View::View): Remove usage of WPE_BACKEND_CHECK_VERSION().
(WKWPE::m_backend): Ditto.
* UIProcess/API/wpe/qt/WPEQtViewBackend.cpp:
(WPEQtViewBackend::WPEQtViewBackend): Use libWPEBackend-fdo-1.0 as
library name, remove call to wpe_fdo_initialize_for_egl_display().
(WPEQtViewBackend::create): Call wpe_fdo_initialize_for_egl_display()
here, to bail out early in case initialization fails.
* UIProcess/glib/WebProcessPoolGLib.cpp:
(WebKit::WebProcessPool::platformInitializeWebProcess): Remove usage of
WPE_BACKEND_CHECK_VERSION().
Tools:
API version 1.0 always includes the functionality previously guarded with
WPE_BACKEND_CHECK_VERSION(): remove the guards and always use the new functions
unconditionally.
* TestWebKitAPI/glib/WebKitGLib/TestMain.h:
(Test::createWebViewBackend): Remove usage of WPE_BACKEND_CHECK_VERSION().
* TestWebKitAPI/glib/WebKitGLib/wpe/WebViewTestWPE.cpp:
(WebViewTest::showInWindow): Ditto.
(WebViewTest::hideView): Ditto.
* wpe/backends/HeadlessViewBackend.cpp:
(WPEToolingBackends::HeadlessViewBackend::HeadlessViewBackend): Ditto.
* wpe/backends/ViewBackend.cpp:
(WPEToolingBackends::ViewBackend::ViewBackend): Use libWPEBackend-fdo-1.0 as library name.
* wpe/backends/WindowViewBackend.cpp:
(WPEToolingBackends::WindowViewBackend::WindowViewBackend): Remove usage of
WPE_BACKEND_CHECK_VERSION().
* wpe/jhbuild.modules: Build a version WPEBackend-fdo with the updated API version.
Commit: f0427f5254bc894ca5e47ce59aae809dbcae0be5
https://github.com/WebKit/WebKit/commit/f0427f5254bc894ca5e47ce59aae809dbcae0be5
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-03-03 (Sun, 03 Mar 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/PlatformWPE.cmake
A Source/WebKit/UIProcess/API/wpe/WebKitAutocleanups.h
M Source/WebKit/UIProcess/API/wpe/webkit.h
A Source/WebKit/WebProcess/InjectedBundle/API/wpe/WebKitWebExtensionAutocleanups.h
M Source/WebKit/WebProcess/InjectedBundle/API/wpe/webkit-web-extension.h
Log Message:
-----------
[WPE] Public API headers are missing autocleanup definitions
https://bugs.webkit.org/show_bug.cgi?id=195211
Reviewed by Philippe Normand.
* PlatformWPE.cmake: List new API headers as installable.
* UIProcess/API/wpe/WebKitAutocleanups.h: Added. This is a copy of the header from the GTK
port, adapted to fit the WPE port.
* UIProcess/API/wpe/webkit.h: Add inclusion of WebKitAutocleanups.h
* WebProcess/InjectedBundle/API/wpe/WebKitWebExtensionAutocleanups.h: Added. Also adapted
from the equivalent header of the GTK port.
* WebProcess/InjectedBundle/API/wpe/webkit-web-extension.h: Add inclusion of
WebKitWebExtensionAutocleanups.h
Commit: 0e9a15b52bc5e8771a338276fa5424abfeed0669
https://github.com/WebKit/WebKit/commit/0e9a15b52bc5e8771a338276fa5424abfeed0669
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-03-04 (Mon, 04 Mar 2019)
Changed paths:
M Tools/ChangeLog
M Tools/wpe/backends/WindowViewBackend.cpp
Log Message:
-----------
Merged r242344 - [WPE] Inline wl_array_for_each to workaround C++ compatibility issue
https://bugs.webkit.org/show_bug.cgi?id=194898
Reviewed by Žan Doberšek.
* wpe/backends/WindowViewBackend.cpp: wl_array_for_each relies on
a GCC extension that permits arithmetic on void* pointer. Inline
the macro until this issue is fixed upstream.
Commit: a3a9782f5f4986ba0f83cc3f8c627a00b06e49b3
https://github.com/WebKit/WebKit/commit/a3a9782f5f4986ba0f83cc3f8c627a00b06e49b3
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-03-04 (Mon, 04 Mar 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/glib/WebProcessPoolGLib.cpp
Log Message:
-----------
Unreviewed build fix after r242163
This fixes WPE aftyer the backport for r242055 wrongly added a piece of code which is
needed only in trunk and depends on changes introduced by a patch that is not being
merged for 2.24.
* UIProcess/glib/WebProcessPoolGLib.cpp:
(WebKit::WebProcessPool::platformInitializeWebProcess): Remove unneeded code.
Commit: 7fd379a2ad4a351aaf50031732fb7e52f75df2ba
https://github.com/WebKit/WebKit/commit/7fd379a2ad4a351aaf50031732fb7e52f75df2ba
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/WebProcess/Plugins/WebPluginInfoProvider.cpp
Log Message:
-----------
Merge r241817 - [GTK] Epiphany searching for plugins even if plugins are disabled
https://bugs.webkit.org/show_bug.cgi?id=194352
Patch by Carlos Garcia Campos <cgarcia at igalia.com> on 2019-02-20
Reviewed by Michael Catanzaro.
Check pluginsEnabled setting before trying to get plugins from UI process.
* WebProcess/Plugins/WebPluginInfoProvider.cpp:
(WebKit::WebPluginInfoProvider::populatePluginCache):
Commit: 246f7159fd065d24b3c0c9aa8785d6fd01011270
https://github.com/WebKit/WebKit/commit/246f7159fd065d24b3c0c9aa8785d6fd01011270
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/Shared/WebProcessCreationParameters.cpp
M Source/WebKit/Shared/WebProcessCreationParameters.h
M Source/WebKit/UIProcess/Launcher/glib/ProcessLauncherGLib.cpp
M Source/WebKit/UIProcess/glib/WebProcessPoolGLib.cpp
M Source/WebKit/WebProcess/glib/WebProcessGLib.cpp
M Source/WebKit/WebProcess/wpe/WebProcessMainWPE.cpp
Log Message:
-----------
Merge r241816 - [WPE] Send client host fd and library name as web process creation parameters
https://bugs.webkit.org/show_bug.cgi?id=194494
Reviewed by Žan Doberšek.
Instead of using command line arguments. The code is simpler and we don't need wpe specific code in process
launcher glib implementation.
* Shared/WebProcessCreationParameters.cpp:
(WebKit::WebProcessCreationParameters::encode const):
(WebKit::WebProcessCreationParameters::decode):
* Shared/WebProcessCreationParameters.h:
* UIProcess/Launcher/glib/ProcessLauncherGLib.cpp:
(WebKit::ProcessLauncher::launchProcess):
* UIProcess/glib/WebProcessPoolGLib.cpp:
(WebKit::WebProcessPool::platformInitializeWebProcess):
* WebProcess/glib/WebProcessGLib.cpp:
(WebKit::WebProcess::platformInitializeWebProcess):
* WebProcess/wpe/WebProcessMainWPE.cpp:
Commit: dc898db40d4154241a438df90e496174a7c0cb84
https://github.com/WebKit/WebKit/commit/dc898db40d4154241a438df90e496174a7c0cb84
Author: Commit Queue <commit-queue at webkit.org>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/bmalloc/ChangeLog
M Source/bmalloc/bmalloc/Allocator.cpp
M Source/bmalloc/bmalloc/Allocator.h
M Source/bmalloc/bmalloc/Cache.cpp
M Source/bmalloc/bmalloc/Cache.h
M Source/bmalloc/bmalloc/Deallocator.cpp
M Source/bmalloc/bmalloc/Deallocator.h
Log Message:
-----------
Merge r241818 - Unreviewed, rolling out r241789.
https://bugs.webkit.org/show_bug.cgi?id=194856
GuardMalloc crashes (Requested by yusukesuzuki on #webkit).
Reverted changeset:
"[bmalloc] bmalloc::Cache should not be instantiated if we are
using system malloc"
https://bugs.webkit.org/show_bug.cgi?id=194811
https://trac.webkit.org/changeset/241789
Commit: 4cb8e97e2dc5d4a6ab8046af60df282023472b3e
https://github.com/WebKit/WebKit/commit/4cb8e97e2dc5d4a6ab8046af60df282023472b3e
Author: Don Olmstead <don.olmstead at sony.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/workers/service/server/RegistrationDatabase.cpp
M Source/WebKit/ChangeLog
M Source/WebKit/WebProcess/Storage/ServiceWorkerClientFetch.cpp
Log Message:
-----------
Merge r241820 - [MSVC] Fix compilation errors with lambdas in Service Workers
https://bugs.webkit.org/show_bug.cgi?id=194841
Reviewed by Alex Christensen.
Source/WebCore:
No new tests. No change in behavior.
MSVC has problems with the scoping of `this` within a nested lambda. In these cases `this` is
referring to the enclosing lambda according to MSVC. This patch works around this behavior
through by using the `protectedThis` pattern in WebKit code.
* workers/service/server/RegistrationDatabase.cpp:
(WebCore::RegistrationDatabase::openSQLiteDatabase):
Source/WebKit:
* WebProcess/Storage/ServiceWorkerClientFetch.cpp:
(WebKit::ServiceWorkerClientFetch::didReceiveRedirectResponse):
Commit: 93cd29ff8432e91f3b4c0c8b12071793d2b48ccf
https://github.com/WebKit/WebKit/commit/93cd29ff8432e91f3b4c0c8b12071793d2b48ccf
Author: Loïc Yhuel <loic.yhuel at softathome.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M LayoutTests/ChangeLog
M LayoutTests/TestExpectations
A LayoutTests/http/tests/inspector/network/contentextensions/blocked-websocket-crash-expected.txt
A LayoutTests/http/tests/inspector/network/contentextensions/blocked-websocket-crash.html
A LayoutTests/http/tests/inspector/network/contentextensions/blocked-websocket-crash.html.json
M LayoutTests/platform/gtk/TestExpectations
M LayoutTests/platform/mac-wk2/TestExpectations
M LayoutTests/platform/wpe/TestExpectations
M Source/WebCore/ChangeLog
M Source/WebCore/Modules/websockets/WebSocketChannel.h
M Source/WebCore/inspector/agents/page/PageNetworkAgent.cpp
Log Message:
-----------
Merge r241824 - Fix crash when opening Web Inspector after a WebSocket was blocked by content extensions
https://bugs.webkit.org/show_bug.cgi?id=194819
Patch by Loïc Yhuel <loic.yhuel at softathome.com> on 2019-02-20
Reviewed by Joseph Pecoraro.
Source/WebCore:
Test: http/tests/inspector/network/contentextensions/blocked-websocket-crash.html
* Modules/websockets/WebSocketChannel.h:
(WebCore::WebSocketChannel::hasCreatedHandshake):
* inspector/agents/page/PageNetworkAgent.cpp:
Ignore WebSocketChannel without an WebSocketHandshake, which would crash in InspectorNetworkAgent::enable.
LayoutTests:
* TestExpectations: Skip the test by default, like http/tests/contentextensions
* http/tests/inspector/network/contentextensions/blocked-websocket-crash-expected.txt: Added.
* http/tests/inspector/network/contentextensions/blocked-websocket-crash.html: Added.
* http/tests/inspector/network/contentextensions/blocked-websocket-crash.html.json: Added.
* platform/gtk/TestExpectations: Unskip the test
* platform/mac-wk2/TestExpectations: Ditto
* platform/wpe/TestExpectations: Ditto
Commit: 1682a4cf8190d071f9ab20d53ff241eaa8c9a101
https://github.com/WebKit/WebKit/commit/1682a4cf8190d071f9ab20d53ff241eaa8c9a101
Author: Simon Fraser <simon.fraser at apple.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/rendering/RenderLayerCompositor.cpp
Log Message:
-----------
Merge r241830 - REGRESSION (r241788>): ASSERTION FAILED: !m_normalFlowListDirty in TestWebKitAPI.WebKit.ResizeReversePaginatedWebView test
https://bugs.webkit.org/show_bug.cgi?id=194866
Reviewed by Antti Koivisto.
r241788 removed some calls that updated layer lists (normal flow and z-order) during compositing updates, causing
a later call to RenderLayerCompositor::recursiveRepaintLayer() to assert when the lists were dirty. Fix by updating
the lists in RenderLayerCompositor::recursiveRepaintLayer(), as we do in various other places.
* rendering/RenderLayerCompositor.cpp:
(WebCore::RenderLayerCompositor::recursiveRepaintLayer):
Commit: e6ad2dd080b58fe6cdf6f14a1d258949b2a534cd
https://github.com/WebKit/WebKit/commit/e6ad2dd080b58fe6cdf6f14a1d258949b2a534cd
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/bmalloc/ChangeLog
M Source/bmalloc/bmalloc/Allocator.cpp
M Source/bmalloc/bmalloc/Allocator.h
M Source/bmalloc/bmalloc/Cache.cpp
M Source/bmalloc/bmalloc/Cache.h
M Source/bmalloc/bmalloc/Deallocator.cpp
M Source/bmalloc/bmalloc/Deallocator.h
M Source/bmalloc/bmalloc/bmalloc.cpp
Log Message:
-----------
Merge r241832 - [bmalloc] bmalloc::Cache should not be instantiated if we are using system malloc
https://bugs.webkit.org/show_bug.cgi?id=194811
Reviewed by Mark Lam.
bmalloc::Cache is very large. It is 13KB. Since it exists per HeapKind, it takes 40KB.
But this is meaningless if we are under the system malloc mode by using "Malloc=1". We
found that it continues using so much dirty memory region even under the system malloc mode.
This patch avoids instantiation of bmalloc::Cache under the system malloc mode.
* bmalloc/Allocator.cpp:
(bmalloc::Allocator::Allocator):
(bmalloc::Allocator::tryAllocate):
(bmalloc::Allocator::allocateImpl):
(bmalloc::Allocator::reallocateImpl):
(bmalloc::Allocator::allocateSlowCase):
Allocator is a per Cache object. So we no longer need to keep m_debugHeap. If debug heap is enabled,
Allocator is never created.
* bmalloc/Allocator.h:
* bmalloc/Cache.cpp:
(bmalloc::debugHeap):
(bmalloc::Cache::Cache):
(bmalloc::Cache::tryAllocateSlowCaseNullCache):
(bmalloc::Cache::allocateSlowCaseNullCache):
(bmalloc::Cache::deallocateSlowCaseNullCache):
(bmalloc::Cache::tryReallocateSlowCaseNullCache):
(bmalloc::Cache::reallocateSlowCaseNullCache):
* bmalloc/Cache.h:
(bmalloc::Cache::tryAllocate):
(bmalloc::Cache::tryReallocate):
If the debug heap mode is enabled, we keep Cache::getFast() returning nullptr. And in the slow path case, we use debugHeap.
This makes bmalloc fast path fast, while we avoid Cache instantiation.
* bmalloc/Deallocator.cpp:
(bmalloc::Deallocator::Deallocator):
(bmalloc::Deallocator::scavenge):
(bmalloc::Deallocator::deallocateSlowCase):
* bmalloc/Deallocator.h:
Ditto for Deallocator.
* bmalloc/bmalloc.cpp:
(bmalloc::api::isEnabled):
We used `getFastCase()` for Heap. But it is basically wrong since we do not have any guarantee that someone already initializes
Heap when this is called. Previously, luckily, Cache is initialized, and Cache initialized Heap. But Cache initialization is removed
for system malloc mode and now PerProcess<PerHeapKind<Heap>>::getFastCase() returns nullptr at an early phase. This patch just uses
Environment::isDebugHeapEnabled() instead.
Commit: 70f2f96d8d107393a9b807604c37f534434b70ea
https://github.com/WebKit/WebKit/commit/70f2f96d8d107393a9b807604c37f534434b70ea
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/bmalloc/ChangeLog
M Source/bmalloc/bmalloc/Cache.cpp
M Source/bmalloc/bmalloc/DebugHeap.cpp
M Source/bmalloc/bmalloc/DebugHeap.h
M Source/bmalloc/bmalloc/IsoTLS.cpp
Log Message:
-----------
Merge r241837 - [bmalloc] DebugHeap::malloc does not have "try" version.
https://bugs.webkit.org/show_bug.cgi?id=194837
Reviewed by Mark Lam.
Since DebugHeap::malloc does not have "try" version, our tryAllocate implementation does not work well with DebugHeap.
This patch adds crashOnFailure flag to DebugHeap::malloc.
* bmalloc/Cache.cpp:
(bmalloc::Cache::tryAllocateSlowCaseNullCache):
(bmalloc::Cache::allocateSlowCaseNullCache):
* bmalloc/DebugHeap.cpp:
(bmalloc::DebugHeap::malloc):
* bmalloc/DebugHeap.h:
* bmalloc/IsoTLS.cpp:
(bmalloc::IsoTLS::debugMalloc):
Commit: 0572e58586491ecc88c8c18bc87082a6051af3b6
https://github.com/WebKit/WebKit/commit/0572e58586491ecc88c8c18bc87082a6051af3b6
Author: Said Abou-Hallawa <sabouhallawa at apple.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/fast/canvas/canvas-drawImage-composite-copy-expected.html
A LayoutTests/fast/canvas/canvas-drawImage-composite-copy.html
M Source/WebCore/ChangeLog
M Source/WebCore/html/canvas/CanvasRenderingContext2DBase.cpp
M Source/WebCore/platform/graphics/ImageBuffer.cpp
M Source/WebCore/platform/graphics/ImageBuffer.h
Log Message:
-----------
Merge r241840 - drawImage() clears the canvas if it's the source of the image and globalCompositeOperation is "copy"
https://bugs.webkit.org/show_bug.cgi?id=194746
Patch by Said Abou-Hallawa <sabouhallawa at apple.com> on 2019-02-20
Reviewed by Dean Jackson.
Source/WebCore:
Test: fast/canvas/canvas-drawImage-composite-copy.html
If the source canvas of drawImage() is the same as the destination and
globalCompositeOperation is set to "copy", copy the srcRect from the
canvas to a temporary buffer before calling clearCanvas() then drawImage
from this temporary buffer.
* html/canvas/CanvasRenderingContext2DBase.cpp:
(WebCore::CanvasRenderingContext2DBase::drawImage):
* platform/graphics/ImageBuffer.cpp:
(WebCore::ImageBuffer::copyRectToBuffer):
* platform/graphics/ImageBuffer.h:
LayoutTests:
* fast/canvas/canvas-drawImage-composite-copy-expected.html: Added.
* fast/canvas/canvas-drawImage-composite-copy.html: Added.
Commit: 5f7f8ecf2a8893e488d075a321fbdaebf4d93f5d
https://github.com/WebKit/WebKit/commit/5f7f8ecf2a8893e488d075a321fbdaebf4d93f5d
Author: Alex Christensen <achristensen at webkit.org>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/loader/PolicyChecker.cpp
Log Message:
-----------
Merge r241842 - Always call CompletionHandlers after r240909
https://bugs.webkit.org/show_bug.cgi?id=194823
Patch by Alex Christensen <achristensen at webkit.org> on 2019-02-20
Reviewed by Ryosuke Niwa.
* loader/PolicyChecker.cpp:
(WebCore::PolicyChecker::checkNavigationPolicy):
(WebCore::PolicyChecker::checkNewWindowPolicy):
Commit: 9d70cd90c0df2bbb53ce465c80e9fb008298796b
https://github.com/WebKit/WebKit/commit/9d70cd90c0df2bbb53ce465c80e9fb008298796b
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/bmalloc/ChangeLog
M Source/bmalloc/bmalloc/Allocator.cpp
M Source/bmalloc/bmalloc/Cache.cpp
M Source/bmalloc/bmalloc/DebugHeap.cpp
M Source/bmalloc/bmalloc/DebugHeap.h
M Source/bmalloc/bmalloc/Environment.h
M Source/bmalloc/bmalloc/Heap.cpp
M Source/bmalloc/bmalloc/Heap.h
M Source/bmalloc/bmalloc/IsoTLS.cpp
M Source/bmalloc/bmalloc/IsoTLS.h
M Source/bmalloc/bmalloc/IsoTLSInlines.h
M Source/bmalloc/bmalloc/ObjectType.cpp
M Source/bmalloc/bmalloc/ObjectType.h
M Source/bmalloc/bmalloc/Scavenger.cpp
M Source/bmalloc/bmalloc/bmalloc.cpp
Log Message:
-----------
Merge r241847 - [bmalloc] bmalloc::Heap is allocated even though we use system malloc mode
https://bugs.webkit.org/show_bug.cgi?id=194836
Reviewed by Mark Lam.
Previously, bmalloc::Heap holds DebugHeap, and delegates allocation and deallocation to debug heap.
However, bmalloc::Heap is large. We would like to avoid initialization of bmalloc::Heap under the
system malloc mode.
This patch extracts out DebugHeap from bmalloc::Heap, and logically puts this in a boundary of
bmalloc::api. bmalloc::api delegates allocation and deallocation to DebugHeap if DebugHeap is enabled.
Otherwise, using bmalloc's usual mechanism. The challenge is that we would like to keep bmalloc fast
path fast.
1. For IsoHeaps, we use the similar techniques done in Cache. If the debug mode is enabled, we always go
to the slow path of the IsoHeap allocation, and keep IsoTLS::get() returning nullptr. In the slow path,
we just fallback to the usual bmalloc::api::tryMalloc implementation. This is efficient because bmalloc
continues using the fast path.
2. For the other APIs, like freeLargeVirtual, we just put DebugHeap check because this API itself takes fair
amount of time. Then debug heap check does not matter.
* bmalloc/Allocator.cpp:
(bmalloc::Allocator::reallocateImpl):
* bmalloc/Cache.cpp:
(bmalloc::Cache::tryAllocateSlowCaseNullCache):
(bmalloc::Cache::allocateSlowCaseNullCache):
(bmalloc::Cache::deallocateSlowCaseNullCache):
(bmalloc::Cache::tryReallocateSlowCaseNullCache):
(bmalloc::Cache::reallocateSlowCaseNullCache):
(): Deleted.
(bmalloc::debugHeap): Deleted.
* bmalloc/DebugHeap.cpp:
* bmalloc/DebugHeap.h:
(bmalloc::DebugHeap::tryGet):
* bmalloc/Heap.cpp:
(bmalloc::Heap::Heap):
(bmalloc::Heap::footprint):
(bmalloc::Heap::tryAllocateLarge):
(bmalloc::Heap::deallocateLarge):
* bmalloc/Heap.h:
(bmalloc::Heap::debugHeap): Deleted.
* bmalloc/IsoTLS.cpp:
(bmalloc::IsoTLS::IsoTLS):
(bmalloc::IsoTLS::isUsingDebugHeap): Deleted.
(bmalloc::IsoTLS::debugMalloc): Deleted.
(bmalloc::IsoTLS::debugFree): Deleted.
* bmalloc/IsoTLS.h:
* bmalloc/IsoTLSInlines.h:
(bmalloc::IsoTLS::allocateSlow):
(bmalloc::IsoTLS::deallocateSlow):
* bmalloc/ObjectType.cpp:
(bmalloc::objectType):
* bmalloc/ObjectType.h:
* bmalloc/Scavenger.cpp:
(bmalloc::Scavenger::Scavenger):
* bmalloc/bmalloc.cpp:
(bmalloc::api::tryLargeZeroedMemalignVirtual):
(bmalloc::api::freeLargeVirtual):
(bmalloc::api::scavenge):
(bmalloc::api::isEnabled):
(bmalloc::api::setScavengerThreadQOSClass):
(bmalloc::api::commitAlignedPhysical):
(bmalloc::api::decommitAlignedPhysical):
(bmalloc::api::enableMiniMode):
Commit: 3ab8c49674f77b4ea358ef0fcd84dd49a439b657
https://github.com/WebKit/WebKit/commit/3ab8c49674f77b4ea358ef0fcd84dd49a439b657
Author: Ryosuke Niwa <rniwa at webkit.org>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/page/DOMWindow.cpp
M Source/WebCore/page/DOMWindowExtension.cpp
Log Message:
-----------
Merge r241848 - Crash in DOMWindowExtension::suspendForPageCache
https://bugs.webkit.org/show_bug.cgi?id=194871
Reviewed by Chris Dumez.
This is a speculative fix for a crash in DOMWindowExtension::suspendForPageCache.
We think it's possible for DOMWindowExtension::suspendForPageCache notifying the clients via
dispatchWillDisconnectDOMWindowExtensionFromGlobalObject to remove other DOMWindowExtension's.
Check that each DOMWindowProperty is still in m_properties before invoking suspendForPageCache
to avoid the crash.
* page/DOMWindow.cpp:
(WebCore::DOMWindow::willDestroyCachedFrame):
(WebCore::DOMWindow::willDestroyDocumentInFrame):
(WebCore::DOMWindow::willDetachDocumentFromFrame):
(WebCore::DOMWindow::suspendForPageCache):
(WebCore::DOMWindow::resumeFromPageCache):
* page/DOMWindowExtension.cpp:
(WebCore::DOMWindowExtension::suspendForPageCache):
Commit: 473ef582ac5a907eb4d134bb81f12cac8d30ecec
https://github.com/WebKit/WebKit/commit/473ef582ac5a907eb4d134bb81f12cac8d30ecec
Author: Mark Lam <mark.lam at apple.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/dfg/DFGOSRExit.cpp
M Source/JavaScriptCore/dfg/DFGSpeculativeJIT64.cpp
M Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp
M Source/JavaScriptCore/ftl/FTLOSRExitCompiler.cpp
M Source/JavaScriptCore/heap/Heap.h
M Source/JavaScriptCore/jit/JITArithmetic.cpp
M Source/JavaScriptCore/runtime/JSCellInlines.h
M Source/JavaScriptCore/runtime/JSString.h
Log Message:
-----------
Merge r241849 - Add code to validate expected GC activity modelled by doesGC() against what the runtime encounters.
https://bugs.webkit.org/show_bug.cgi?id=193938
<rdar://problem/47616277>
Reviewed by Michael Saboff, Saam Barati, and Robin Morisset.
In DFG::SpeculativeJIT::compile() and FTL::LowerDFGToB3::compileNode(), before
emitting code / B3IR for each DFG node, we emit a write to set Heap::m_expectDoesGC
to the value returned by doesGC() for that node. In the runtime (i.e. in allocateCell()
and functions that can resolve a rope), we assert that Heap::m_expectDoesGC is
true.
This validation code is currently only enabled for debug builds. It is disabled
for release builds by default, but it can easily be made to run on release builds
as well by forcing ENABLE_DFG_DOES_GC_VALIDATION to 1 in Heap.h.
To allow this validation code to run on release builds as well, the validation uses
RELEASE_ASSERT instead of ASSERT.
To ensure that Heap.h is #include'd for all files that needs to do this validation
(so that the validation code is accidentally disabled), we guard the validation
code with an if conditional on constexpr bool validateDFGDoesGC (instead of using
a #if ENABLE(DFG_DOES_GC_VALIDATION)). This way, if Heap.h isn't #include'd, the
validation code will fail to build (no silent failures).
Currently, all JSC tests and Layout tests should pass with this validation enabled
in debug builds. We'll only see new failures if there's a regression or if new
tests reveal a previously untested code path that has an undetected issue.
* dfg/DFGOSRExit.cpp:
(JSC::DFG::OSRExit::executeOSRExit):
(JSC::DFG::OSRExit::compileExit):
* dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileNode):
* ftl/FTLOSRExitCompiler.cpp:
(JSC::FTL::compileStub):
* heap/Heap.h:
(JSC::Heap::expectDoesGC const):
(JSC::Heap::setExpectDoesGC):
(JSC::Heap::addressOfExpectDoesGC):
* jit/JITArithmetic.cpp:
(JSC::JIT::emit_compareAndJump):
* runtime/JSCellInlines.h:
(JSC::tryAllocateCellHelper):
* runtime/JSString.h:
(JSC::jsSingleCharacterString):
(JSC::JSString::toAtomicString const):
(JSC::JSString::toExistingAtomicString const):
(JSC::JSString::value const):
(JSC::JSString::tryGetValue const):
(JSC::JSRopeString::unsafeView const):
(JSC::JSRopeString::viewWithUnderlyingString const):
(JSC::JSString::unsafeView const):
Commit: 07539dd8e0e642f1b1644048de7786c036728892
https://github.com/WebKit/WebKit/commit/07539dd8e0e642f1b1644048de7786c036728892
Author: Alex Christensen <achristensen at webkit.org>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/WTF/ChangeLog
M Source/WTF/wtf/URLHelpers.cpp
M Source/WTF/wtf/cocoa/NSURLExtras.mm
Log Message:
-----------
Merge r241856 - URL percent-encode operations should use checked arithmetic for buffer allocation length
https://bugs.webkit.org/show_bug.cgi?id=194877
<rdar://problem/48212062>
Patch by Alex Christensen <achristensen at webkit.org> on 2019-02-20
Reviewed by Tim Horton.
* wtf/URLHelpers.cpp:
(WTF::URLHelpers::userVisibleURL):
* wtf/cocoa/NSURLExtras.mm:
(WTF::dataWithUserTypedString):
Commit: 638760da67c8fc6ddc64c1f2ae118f3581a599bf
https://github.com/WebKit/WebKit/commit/638760da67c8fc6ddc64c1f2ae118f3581a599bf
Author: Simon Fraser <simon.fraser at apple.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/rendering/RenderLayerCompositor.cpp
Log Message:
-----------
Merge r241860 - REGRESSION (240698): Fixed position banners flicker and move when scrolling on iOS
https://bugs.webkit.org/show_bug.cgi?id=194889
rdar://problem/47755552
Reviewed by Tim Horton.
After r240698 we could commit scrolling changes for a fixed node where the "viewportRectAtLastLayout" and the layer
position were mismatched; this happened when AsyncScrollingCoordinator::reconcileScrollingState() came back from the UI process
with an unstable update and set a new layoutViewport, then some other layout triggered a compositing tree update. During the tree
update, we'd update the fixed scrolling node with the new viewport, and an old layer position.
Fix by ensuring that we only update the geometry info for a scrolling tree node when we update layer geometry for the corresponding
layer.
Not currently testable.
* rendering/RenderLayerCompositor.cpp:
(WebCore::RenderLayerCompositor::updateBackingAndHierarchy):
Commit: 1b37245d77729c325f463a9b343790475c5904a1
https://github.com/WebKit/WebKit/commit/1b37245d77729c325f463a9b343790475c5904a1
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/llint/LowLevelInterpreter32_64.asm
M Source/JavaScriptCore/llint/LowLevelInterpreter64.asm
M Source/JavaScriptCore/runtime/SymbolTable.cpp
M Source/JavaScriptCore/runtime/SymbolTable.h
Log Message:
-----------
Merge r241862 - [JSC] Remove WatchpointSet creation for SymbolTable entries if VM::canUseJIT() returns false
https://bugs.webkit.org/show_bug.cgi?id=194891
Reviewed by Geoffrey Garen.
WatchpointSet in SymbolTable is used to fold the value into a constant in JIT tiers. And it is
not useful under the non-JIT mode. This patch avoids creation of WatchpointSet in SymbolTable
if VM::canUseJIT() returns false.
* llint/LowLevelInterpreter32_64.asm:
* llint/LowLevelInterpreter64.asm:
* runtime/SymbolTable.cpp:
(JSC::SymbolTableEntry::addWatchpoint): Deleted.
* runtime/SymbolTable.h:
(JSC::SymbolTableEntry::isWatchable const):
(JSC::SymbolTableEntry::watchpointSet):
Commit: b9ef96a1c07e0665c4f9c107d71c157dc96ef7fd
https://github.com/WebKit/WebKit/commit/b9ef96a1c07e0665c4f9c107d71c157dc96ef7fd
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/llint/LowLevelInterpreter32_64.asm
Log Message:
-----------
Merge r242067 - [JSC] stress/function-constructor-reading-from-global-lexical-environment.js fails in 32bit arch
https://bugs.webkit.org/show_bug.cgi?id=195030
<rdar://problem/48385088>
Reviewed by Saam Barati.
While LLInt64 has checkTDZInGlobalPutToScopeIfNecessary for op_put_to_scope GlobalLexicalVar to check the value in the variable slot is not empty,
this check is missing in LLInt32_64. Previously, this check was subsumed accidentally by the WatchpointSet check in GlobalLexicalVar in `notifyWrite`:
because no "put" attempt succeeds here, the status WatchpointSet was ClearWatchpoint, we always go to the slow path, and we always throw the TDZ error
before configuring the WatchpointSet in the slow path. But after r241862, WatchpointSet is not used under non-JIT configuration. This skips WatchpointSet
check and LLInt32_64 starts failing tests because of lack of checkTDZInGlobalPutToScopeIfNecessary. This patch adds checkTDZInGlobalPutToScopeIfNecessary
in LLInt32_64 too. This patch fixes the following four failing tests.
stress/function-constructor-reading-from-global-lexical-environment.js.bytecode-cache
stress/function-constructor-reading-from-global-lexical-environment.js.default
stress/global-lexical-variable-tdz.js.bytecode-cache
stress/global-lexical-variable-tdz.js.default
* llint/LowLevelInterpreter32_64.asm:
Commit: 810c9499c954bc8f87dff02bd84a09e7c6dfca2d
https://github.com/WebKit/WebKit/commit/810c9499c954bc8f87dff02bd84a09e7c6dfca2d
Author: Rob Buis <rbuis at igalia.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M LayoutTests/imported/w3c/ChangeLog
M LayoutTests/imported/w3c/web-platform-tests/xhr/overridemimetype-blob-expected.txt
M Source/WebCore/ChangeLog
M Source/WebCore/platform/network/ParsedContentType.cpp
M Source/WebCore/platform/network/ParsedContentType.h
M Tools/ChangeLog
M Tools/TestWebKitAPI/Tests/WebCore/ParsedContentType.cpp
Log Message:
-----------
Merge r241863 - Update MIME type parser
https://bugs.webkit.org/show_bug.cgi?id=180526
Patch by Rob Buis <rbuis at igalia.com> on 2019-02-21
Reviewed by Darin Adler.
LayoutTests/imported/w3c:
Update improved test expectations.
* web-platform-tests/xhr/overridemimetype-blob-expected.txt:
Source/WebCore:
Further testing showed the MIME parser needs these fixes:
- stripWhitespace is wrong for removing HTTP whitespace, use
stripLeadingAndTrailingHTTPSpaces instead.
- HTTP Token code points checking for Rfc2045 and Mimesniff were
mixed up, use the dedicated isValidHTTPToken for Mimesniff mode.
- Quoted Strings were not unescaped/escaped, this seems ok for
serializing but is wrong when gettings individual parameter values.
Implement [1] and [2] Step 2.4 to properly unescape and escape.
This change also tries to avoid hard to read uses of find.
Test: ParsedContentType.Serialize
[1] https://fetch.spec.whatwg.org/#collect-an-http-quoted-string
[2] https://mimesniff.spec.whatwg.org/#serializing-a-mime-type
* platform/network/ParsedContentType.cpp:
(WebCore::skipSpaces):
(WebCore::parseToken):
(WebCore::isNotQuoteOrBackslash):
(WebCore::collectHTTPQuotedString):
(WebCore::containsNonTokenCharacters):
(WebCore::parseQuotedString):
(WebCore::ParsedContentType::parseContentType):
(WebCore::ParsedContentType::create):
(WebCore::ParsedContentType::setContentType):
(WebCore::containsNonQuoteStringTokenCharacters):
(WebCore::ParsedContentType::setContentTypeParameter):
(WebCore::ParsedContentType::serialize const):
(WebCore::substringForRange): Deleted.
(WebCore::isNonTokenCharacter): Deleted.
(WebCore::isNonQuotedStringTokenCharacter): Deleted.
* platform/network/ParsedContentType.h:
Tools:
Add tests involving leading and trailing whitespace, non-token
characters and quoted strings.
* TestWebKitAPI/Tests/WebCore/ParsedContentType.cpp:
(TestWebKitAPI::TEST):
Commit: 2ca0072c6a1ae505a70a65fd320eaa3ac690ddef
https://github.com/WebKit/WebKit/commit/2ca0072c6a1ae505a70a65fd320eaa3ac690ddef
Author: Devin Rousso <drousso at apple.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/WebInspectorUI/ChangeLog
M Source/WebInspectorUI/UserInterface/Controllers/DOMManager.js
Log Message:
-----------
Merge r241874 - Web Inspector: DOM Debugger: node-specific event breakpoints aren't cleared/recalculated on navigation
https://bugs.webkit.org/show_bug.cgi?id=194874
<rdar://problem/48253415>
Reviewed by Joseph Pecoraro.
* UserInterface/Controllers/DOMManager.js:
(WI.DOMManager.prototype._setDocument):
(WI.DOMManager.prototype.removeBreakpointForEventListener):
Commit: 7e1d32ab2bab9bcf97ba69199705a0031623f9a9
https://github.com/WebKit/WebKit/commit/7e1d32ab2bab9bcf97ba69199705a0031623f9a9
Author: Sihui Liu <sihui_liu at apple.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/Modules/indexeddb/server/UniqueIDBDatabase.cpp
Log Message:
-----------
Merge r241913 - IndexedDB: leak UniqueIDBDatabase in layout tests
https://bugs.webkit.org/show_bug.cgi?id=194870
<rdar://problem/48163812>
Reviewed by Geoffrey Garen.
UniqueIDBDatabase owns a pointer to itself after it is hard closed. It should release the pointer when it
receives confirmation from clients and all pending tasks are done. UniqueIDBDatabase already checks whether the
pointer should be released when a database task finishes, but it didn't perform a check when a confirm message
is received.
No new test as the order of task completion and confirmation arrival is uncertain.
* Modules/indexeddb/server/UniqueIDBDatabase.cpp:
(WebCore::IDBServer::UniqueIDBDatabase::confirmDidCloseFromServer):
Commit: 9d6b640557199ee89836f37bbeb0c4ab70634358
https://github.com/WebKit/WebKit/commit/9d6b640557199ee89836f37bbeb0c4ab70634358
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/inspector/scripts/codegen/cpp_generator_templates.py
M Source/JavaScriptCore/inspector/scripts/tests/all/expected/definitions-with-mac-platform.json-result
M Source/JavaScriptCore/inspector/scripts/tests/generic/expected/enum-values.json-result
M Source/JavaScriptCore/inspector/scripts/tests/generic/expected/events-with-optional-parameters.json-result
M Source/JavaScriptCore/inspector/scripts/tests/generic/expected/generate-domains-with-feature-guards.json-result
M Source/JavaScriptCore/inspector/scripts/tests/mac/expected/definitions-with-mac-platform.json-result
M Source/JavaScriptCore/jit/ExecutableAllocator.h
M Source/JavaScriptCore/jsc.cpp
M Source/JavaScriptCore/runtime/JSRunLoopTimer.h
M Source/JavaScriptCore/tools/VMInspector.h
M Source/JavaScriptCore/wasm/WasmThunks.h
Log Message:
-----------
Merge r241923 - [JSC] Use Fast Malloc as much as possible
https://bugs.webkit.org/show_bug.cgi?id=194316
Reviewed by Mark Lam.
We should use Fast Malloc as much as possible to offer the whole memory view to bmalloc.
* inspector/scripts/codegen/cpp_generator_templates.py:
* inspector/scripts/tests/all/expected/definitions-with-mac-platform.json-result:
* inspector/scripts/tests/generic/expected/enum-values.json-result:
* inspector/scripts/tests/generic/expected/events-with-optional-parameters.json-result:
* inspector/scripts/tests/generic/expected/generate-domains-with-feature-guards.json-result:
* inspector/scripts/tests/mac/expected/definitions-with-mac-platform.json-result:
* jit/ExecutableAllocator.h:
* jsc.cpp:
* runtime/JSRunLoopTimer.h:
* tools/VMInspector.h:
* wasm/WasmThunks.h:
Commit: bd2b0e2d85707c880afcf69b953877d33dbccaf5
https://github.com/WebKit/WebKit/commit/bd2b0e2d85707c880afcf69b953877d33dbccaf5
Author: Mark Lam <mark.lam at apple.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/dfg/DFGOSRExit.cpp
M Source/JavaScriptCore/ftl/FTLOSRExitCompiler.cpp
M Source/JavaScriptCore/heap/CompleteSubspace.cpp
M Source/JavaScriptCore/heap/CompleteSubspaceInlines.h
M Source/JavaScriptCore/heap/DeferGC.h
M Source/JavaScriptCore/heap/GCDeferralContext.h
M Source/JavaScriptCore/heap/GCDeferralContextInlines.h
M Source/JavaScriptCore/heap/Heap.cpp
M Source/JavaScriptCore/heap/HeapInlines.h
M Source/JavaScriptCore/heap/LargeAllocation.cpp
M Source/JavaScriptCore/heap/LocalAllocatorInlines.h
M Source/JavaScriptCore/runtime/DisallowScope.h
M Source/JavaScriptCore/runtime/JSCellInlines.h
M Source/JavaScriptCore/runtime/RegExpMatchesArray.h
Log Message:
-----------
Merge r241927 - Add more doesGC() assertions.
https://bugs.webkit.org/show_bug.cgi?id=194911
<rdar://problem/48285723>
Reviewed by Saam Barati and Yusuke Suzuki.
* dfg/DFGOSRExit.cpp:
(JSC::DFG::OSRExit::compileOSRExit):
- Set expectDoesGC here because we no longer have to worry about missing store
barriers in optimized code after this point. This will prevent false positive
assertion failures arising from functions called beneath compileOSRExit().
(JSC::DFG::OSRExit::compileExit):
- Add a comment to explain why the generated ramp needs to set expectDoesGC even
though compileOSRExit() also sets it. Reason: compileOSRExit() is only called
for the first OSR from this code origin, the generated ramp is called for many
subsequents OSR exits from this code origin.
* ftl/FTLOSRExitCompiler.cpp:
(JSC::FTL::compileStub):
- Added a comment for the equivalent reason to the one above.
(JSC::FTL::compileFTLOSRExit):
- Set expectDoesGC here because we no longer have to worry about missing store
barriers in optimized code after this point. This will prevent false positive
assertion failures arising from functions called beneath compileFTLOSRExit().
* heap/CompleteSubspace.cpp:
(JSC::CompleteSubspace::tryAllocateSlow):
* heap/CompleteSubspaceInlines.h:
(JSC::CompleteSubspace::allocateNonVirtual):
- assert expectDoesGC.
* heap/DeferGC.h:
(JSC::DeferGC::~DeferGC):
- assert expectDoesGC.
- Also added WTF_FORBID_HEAP_ALLOCATION to DeferGC, DeferGCForAWhile, and DisallowGC
because all 3 should be stack allocated RAII objects.
* heap/GCDeferralContext.h:
* heap/GCDeferralContextInlines.h:
(JSC::GCDeferralContext::~GCDeferralContext):
- Added WTF_FORBID_HEAP_ALLOCATION.
- assert expectDoesGC.
* heap/Heap.cpp:
(JSC::Heap::collectNow):
(JSC::Heap::collectAsync):
(JSC::Heap::collectSync):
(JSC::Heap::stopIfNecessarySlow):
(JSC::Heap::collectIfNecessaryOrDefer):
* heap/HeapInlines.h:
(JSC::Heap::acquireAccess):
(JSC::Heap::stopIfNecessary):
* heap/LargeAllocation.cpp:
(JSC::LargeAllocation::tryCreate):
* heap/LocalAllocatorInlines.h:
(JSC::LocalAllocator::allocate):
- conservatively assert expectDoesGC on these functions that may trigger a GC
though they don't always do.
* runtime/DisallowScope.h:
- DisallowScope should be stack allocated because it's an RAII object.
* runtime/JSCellInlines.h:
(JSC::tryAllocateCellHelper):
- Remove the expectDoesGC assertion because it is now covered by assertions in
CompleteSubspace, LargeAllocation, and LocalAllocator.
* runtime/RegExpMatchesArray.h:
(JSC::createRegExpMatchesArray):
- assert expectDoesGC.
Commit: ff521f57c8c7a64111c45b5ee4296e6e10b72114
https://github.com/WebKit/WebKit/commit/ff521f57c8c7a64111c45b5ee4296e6e10b72114
Author: Darin Adler <darin at apple.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/fast/forms/access-key-shadow-and-ordering-expected.txt
A LayoutTests/fast/forms/access-key-shadow-and-ordering.html
M Source/WebCore/ChangeLog
M Source/WebCore/accessibility/AccessibilityObject.cpp
M Source/WebCore/accessibility/AccessibilityRenderObject.cpp
M Source/WebCore/dom/ContainerNode.cpp
M Source/WebCore/dom/DecodedDataDocumentParser.cpp
M Source/WebCore/dom/Document.cpp
M Source/WebCore/dom/Document.h
M Source/WebCore/dom/Document.idl
M Source/WebCore/dom/Element.cpp
M Source/WebCore/dom/Node.cpp
M Source/WebCore/dom/Node.h
M Source/WebCore/editing/ReplaceSelectionCommand.cpp
M Source/WebCore/html/FormAssociatedElement.cpp
M Source/WebCore/html/HTMLAreaElement.cpp
M Source/WebCore/html/HTMLFormElement.cpp
M Source/WebCore/html/HTMLSelectElement.cpp
M Source/WebCore/html/HTMLTextAreaElement.cpp
M Source/WebCore/loader/DocumentLoader.cpp
M Source/WebCore/loader/DocumentWriter.cpp
M Source/WebCore/loader/DocumentWriter.h
M Source/WebCore/page/DragController.cpp
M Source/WebCore/page/EventHandler.cpp
M Source/WebCore/page/FocusController.cpp
M Source/WebCore/workers/service/context/ServiceWorkerThreadProxy.cpp
M Source/WebInspectorUI/ChangeLog
M Source/WebInspectorUI/UserInterface/Models/NativeFunctionParameters.js
M Source/WebKit/ChangeLog
M Source/WebKit/WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMDocumentGtk.cpp
M Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp
M Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.h
M Source/WebKitLegacy/mac/ChangeLog
M Source/WebKitLegacy/mac/DOM/DOMDocument.mm
Log Message:
-----------
Merge r241932 - Some refinements for Node and Document
https://bugs.webkit.org/show_bug.cgi?id=194764
Reviewed by Ryosuke Niwa.
Source/WebCore:
* accessibility/AccessibilityObject.cpp:
(WebCore::AccessibilityObject::press): Use shadowHost instead of
deprecatedShadowAncestorNode.
(WebCore::AccessibilityObject::axObjectCache const): Tweak coding style.
(WebCore::AccessibilityObject::focusedUIElement const): Use existing page
function to streamline.
* accessibility/AccessibilityRenderObject.cpp:
(WebCore::AccessibilityRenderObject::accessKey const): Use
attributeWithoutSynchronization for efficiency and consistency with other
code working with the accesskey attribute.
* dom/ContainerNode.cpp:
(WebCore::ContainerNode::childrenChanged): Added call to
invalidateAccessKeyCache, replacing old scheme tied to style recalculation.
* dom/DecodedDataDocumentParser.cpp:
(WebCore::DecodedDataDocumentParser::appendBytes): Update for name and return
type change of createDecoderIfNeeded to decoder.
(WebCore::DecodedDataDocumentParser::flush): Ditto.
* dom/Document.cpp:
(WebCore::Document::elementForAccessKey): Renamed from getElementForAccessKey
to match WebKit coding style. Changed to use unique_ptr instead of separate
boolean to keep track of map validity status.
(WebCore::Document::buildAccessKeyCache): Renamed from buildAccessKeyMap to
clarify that this is a cache. Changed to use composedTreeDescendants rather
than explicit calls to shadowRoot. Use add instead of set so that first element
in document order wins, instead of last element in document order. Updated
to make a new map in a new unique_ptr instead of populating a map.
(WebCore::Document::invalidateAccessKeyCacheSlowCase): Renamed from
invalidateAccessKeyMap, and left an inline part in the header so the fast case
of quickly checking for a null pointer can be inlined.
(WebCore::Document::doctype const): Use downcast instead of static_cast.
(WebCore::Document::scheduleStyleRecalc): Moved call to invalidateAccessKeyMap
from here to childrenChanged and accesskey attribute change handling.
(WebCore::Document::processFormatDetection): Set m_isTelephoneNumberParsingAllowed
directly since this is the only place that does it and we don't need to factor
that one line of code into a function.
(WebCore::Document::getOverrideStyle): Moved to header since it's just a stub
that always returns nullptr and can be inlined.
(WebCore::Document::setIsTelephoneNumberParsingAllowed): Deleted.
(WebCore::Document::ensureTemplateDocument): Removed nullptr frame argument to
the create function, since Document::create now always involves no frame.
(WebCore::Document::didAssociateFormControl): Changed argument type to a reference
and simplified the logic with a local variable.
(WebCore::Document::didAssociateFormControlsTimerFired): Simplified the null
checks and rearranged things so that m_associatedFormControls will always
get cleared even if the document is no longer associated with a page.
* dom/Document.h: Removed unnnecessary explicit values for enumerations (first
value is always zero, etc.) and formatted simple enumerations in a single line
for easier reading. Moved Document::create fucntion bodies out of line, removed
the frame argument from the simple "create with URL" overload and made the frame
argument for createNonRenderedPlaceholder be a reference rather than a pointer.
Renamed getElementByAccessKey to elementForAccessKey, invalidateAccessKeyMap to
invalidateAccessKeyCache, buildAccessKeyMap to buildAccessKeCache,
m_elementsByAccessKey to m_accessKeyCache and changed its type.
Removed bogus "DOM methods" comment, unused setParserFeature friend declaration,
setIsTelephoneNumberParsingAllowed function, and m_accessKeyMapValid flag.
* dom/Document.idl: Added comment highlighting that getOverrideStyle is just a
placeholder returning null.
* dom/Element.cpp:
(WebCore::Element::attributeChanged): Call invalidateAccessKeyCache when the
value of the accesskey attribute is changed. Also moved the class attribute code
so the attributes here are in alphabetical order (only class and id were out of
alphabetical order).
* dom/Node.cpp:
(WebCore::Node::isDescendantOrShadowDescendantOf const): Rewrote to no longer
use deprecatedShadowAncestorNode and used boolean operators to make it a
single line and easier to understand. Also added a FIXME since the
containsIncludingShadowDOM function is so similar, yet differently written.
(WebCore::Node::contains const): Rewrote as a single line to make this easier
to read and to *slightly* improve the speed in the "this == node" case.
(WebCore::Node::containsIncludingHostElements const): Use downcast.
(WebCore::Node::deprecatedShadowAncestorNode const): Deleted.
* dom/Node.h: Deleted now-unused deprecatedShadowAncestorNode.
* editing/ReplaceSelectionCommand.cpp:
(WebCore::ReplacementFragment::ReplacementFragment): Rewrote to use shadowHost
instead of deprecatedShadowAncestorNode.
* html/FormAssociatedElement.cpp:
(WebCore::FormAssociatedElement::resetFormOwner): Pass reference to
didAssociateFormControl.
(WebCore::FormAssociatedElement::formAttributeChanged): Ditto.
* html/HTMLAreaElement.cpp:
(WebCore::HTMLAreaElement::parseAttribute): Removed special case for accesskey
attribute, because we want to call the base class parseAttribute in that case.
* html/HTMLFormElement.cpp:
(WebCore::HTMLFormElement::insertedIntoAncestor): Pass reference to
didAssociateFormControl.
* html/HTMLSelectElement.cpp:
(WebCore::HTMLSelectElement::parseAttribute): Removed special case for accesskey
attribute with mysterious FIXME, because we want to call the base class
parseAttribute in that case. The old code had no effect before; the access key
logic would still find the attribute; if the goal is to ignore the attribute
for these elements we will need a different solution.
* html/HTMLTextAreaElement.cpp:
(WebCore::HTMLTextAreaElement::parseAttribute): Ditto.
* loader/DocumentLoader.cpp:
(WebCore::DocumentLoader::DocumentLoader): Removed code that was always passing
nullptr as the frame for the newly created DocumentWriter. It used m_frame, but
m_frame was always null.
(WebCore::DocumentLoader::attachToFrame): Pass reference to DocumentWriter::setFrame.
* loader/DocumentWriter.cpp:
(WebCore::DocumentWriter::DocumentWriter): Deleted. The old version set m_frame to
the passed in frame, which was always nullptr, and initialized some booleans and an
enumeration, which are now initialized in the class definition.
(WebCore::DocumentWriter::createDocument): Pass a reference for the frame.
(WebCore::DocumentWriter::begin): Updated now that State is an enum class.
(WebCore::DocumentWriter::decoder): Renamed from createDecoderIfNeeded and changed
to return a reference.
(WebCore::DocumentWriter::addData): Use RELEASE_ASSERT instead of if/CRASH and
updated now that State is an enum class.
(WebCore::DocumentWriter::insertDataSynchronously): Updated now that State is an
enum class.
(WebCore::DocumentWriter::end): Ditto.
* loader/DocumentWriter.h: Removed unneeded include and forward declaration.
Removed the frame pointer argument to the constructor, caller was always passing a
nullptr. Changed argument to setFrame to be a reference. Renamed createDecoderIfNeeded
to decoder and changed it to return a reference. Initialized m_frame,
m_hasReceivedSomeData, m_encodingWasChosenByUser, and m_state here so we don't need
to initialize them in a constructor. Renamed the enum from WriterState to State since
it's a member of DocumentWriter already, and made it an enum class rather than ending
each enumeration value with WritingState.
* page/DragController.cpp:
(WebCore::isEnabledColorInput): Removed boolean argument setToShadowAncestor. The
one caller that formerly passed true now calls the new hasEnabledColorInputAsShadowHost
function instead.
(WebCore::hasEnabledColorInputAsShadowHost): Added.
(WebCore::elementUnderMouse): Use shadowHost instead of deprecatedShadowAncestorNode.
Also added FIXME since it seems this should instead be using parentElementInComposedTree.
(WebCore::DragController::concludeEditDrag): Removed "false" argument to isEnabledColorInput.
(WebCore::DragController::canProcessDrag): Removed "true" argument to isEnabledColorInput
and added call to hasEnabledColorInputAsShadowHost. Also put the value of the node to drag
into a local variable to simplify code.
(WebCore::DragController::draggableElement const): Removed "false" argument to isEnabledColorInput.
* page/EventHandler.cpp:
(WebCore::EventHandler::handleAccessKey): Update name of elementForAccessKey.
* page/FocusController.cpp:
(WebCore::clearSelectionIfNeeded): Use shadowHost instead of deprecatedShadowAncestorNode.
* workers/service/context/ServiceWorkerThreadProxy.cpp:
(WebCore::createPageForServiceWorker): Pass reference instead of pointer for frame to
Document::createNonRenderedPlaceholder.
Source/WebInspectorUI:
* UserInterface/Models/NativeFunctionParameters.js: Removed getOverrideStyle
because this deprecated non-working function is no longer something web authors
should be thinking about or typing.
Source/WebKit:
* WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMDocumentGtk.cpp:
(webkit_dom_document_get_override_style): Changed to return nullptr directly instead of
calling a bunch of WebCore code first. No real value in checking arguments or doing any work.
* WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:
(WebKit::WebFrameLoaderClient::shouldAlwaysUsePluginDocument const): Deleted.
No need to override the function inherited from the base class, nor to keep track of the
unnecessary task of implementing this some day.
* WebProcess/WebCoreSupport/WebFrameLoaderClient.h: Updated for the above.
Source/WebKitLegacy/mac:
* DOM/DOMDocument.mm:
(-[DOMDocument getOverrideStyle:pseudoElement:]): Return nil without calling
through to WebCore or even looking at the arguments.
(-[DOMDocument getOverrideStyle::]): Ditto.
LayoutTests:
fast/forms/access-key-shadow-and-ordering-expected.txt: Added.
fast/forms/access-key-shadow-and-ordering.html: Added.
Commit: aae72a051d35fd4b4e771baddb9c6fa4e9393d5b
https://github.com/WebKit/WebKit/commit/aae72a051d35fd4b4e771baddb9c6fa4e9393d5b
Author: Rob Buis <rbuis at igalia.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M LayoutTests/ChangeLog
M LayoutTests/TestExpectations
M Source/WebCore/ChangeLog
M Source/WebCore/mathml/MathMLElement.cpp
Log Message:
-----------
Merge r241942 - Fix unitless usage of mathsize
https://bugs.webkit.org/show_bug.cgi?id=194940
Patch by Rob Buis <rbuis at igalia.com> on 2019-02-22
Reviewed by Frédéric Wang.
Source/WebCore:
Convert unitless lengths to percentage values to correct the computed
font size.
* mathml/MathMLElement.cpp:
(WebCore::convertToPercentageIfNeeded):
(WebCore::MathMLElement::collectStyleForPresentationAttribute):
LayoutTests:
Tests lengths-1.html and length-3.html now pass.
* TestExpectations:
Commit: 87ff66e9d20e880536f83935d7e8ea509ae17094
https://github.com/WebKit/WebKit/commit/87ff66e9d20e880536f83935d7e8ea509ae17094
Author: Alexander Mikhaylenko <alexm at gnome.org>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/ViewGestureController.h
M Source/WebKit/UIProcess/gtk/ViewGestureControllerGtk.cpp
Log Message:
-----------
Merge r241952 - [GTK] Navigation gesture improvements
https://bugs.webkit.org/show_bug.cgi?id=194943
Patch by Alexander Mikhaylenko <exalm7659 at gmail.com> on 2019-02-22
Reviewed by Michael Catanzaro.
Cancel the gesture if progress is less than 0.5 and velocity is not high enough.
Allow to continue the gesture during animation. Introduce finished state to be used
when showing snapshot after the animation ends.
Fix duration calculation, also slow it down so that the initial velocity matches
what it was during the gesture.
* UIProcess/ViewGestureController.h: Add shouldCancel() and State::Finishing to SwipeProgressTracker.
* UIProcess/gtk/ViewGestureControllerGtk.cpp:
(WebKit::ViewGestureController::SwipeProgressTracker::handleEvent):
Fix velocity calculation, allow scrolling during State::Animating.
(WebKit::ViewGestureController::SwipeProgressTracker::shouldCancel): Added.
(WebKit::ViewGestureController::SwipeProgressTracker::startAnimation): Use shouldCancel() and fix duration calculation.
(WebKit::ViewGestureController::SwipeProgressTracker::endAnimation): Set state to State::Finishing when the animation ends.
Commit: ac6f53f32f67820523b508bddf575c875c82e355
https://github.com/WebKit/WebKit/commit/ac6f53f32f67820523b508bddf575c875c82e355
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/runtime/SmallStrings.cpp
M Source/JavaScriptCore/runtime/SmallStrings.h
M Source/JavaScriptCore/runtime/VM.cpp
Log Message:
-----------
Merge r241954,r241955 - [JSC] SmallStringsStorage is unnecessary
https://bugs.webkit.org/show_bug.cgi?id=194939
Reviewed by Mark Lam.
SmallStrings hold common small JSStrings. Their underlying StringImpl is also held by SmallStringsStorage.
But it is duplicate since we can get StringImpl from small JSStrings. This patch removes SmallStringsStorage,
and get StringImpls from JSStrings if necessary.
We also add m_canAccessHeap flag to SmallStrings. At the time of VM destruction, JSStrings are destroyed when
VM's Heap is finalized. We must not touch JSStrings before VM's heap (and JSStrings in SmallStrings) is initialized,
and after VM's Heap is destroyed. We add this m_canAccessHeap flag to allow users to get StringImpl during the
this sensitive period. If m_canAccessHeap is false, we get StringImpl from AtomicStringImpl::add.
* runtime/SmallStrings.cpp:
(JSC::SmallStrings::initializeCommonStrings):
(JSC::SmallStrings::singleCharacterStringRep):
(JSC::SmallStringsStorage::rep): Deleted.
(JSC::SmallStringsStorage::SmallStringsStorage): Deleted.
(JSC::SmallStrings::createSingleCharacterString): Deleted.
* runtime/SmallStrings.h:
(JSC::SmallStrings::setCanAccessHeap):
* runtime/VM.cpp:
(JSC::VM::VM):
(JSC::VM::~VM):
Commit: 27f43e0ecaee2f5934923ea71812c48708c349e0
https://github.com/WebKit/WebKit/commit/27f43e0ecaee2f5934923ea71812c48708c349e0
Author: Robin Morisset <rmorisset at apple.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/b3/B3ReduceStrength.cpp
M Source/JavaScriptCore/b3/testb3.cpp
Log Message:
-----------
Merge r241964 - B3ReduceStrength: missing peephole optimizations for binary operations
https://bugs.webkit.org/show_bug.cgi?id=194252
Reviewed by Saam Barati.
Adds several sets of optimizations for BitAnd, BitOr and BitXor.
Using BitAnd distributivity over BitOr and BitXor:
Turn any of these (for Op == BitOr || Op == BitXor):
Op(BitAnd(x1, x2), BitAnd(x1, x3))
Op(BitAnd(x2, x1), BitAnd(x1, x3))
Op(BitAnd(x1, x2), BitAnd(x3, x1))
Op(BitAnd(x2, x1), BitAnd(x3, x1))
Into this: BitAnd(Op(x2, x3), x1)
And any of these:
Op(BitAnd(x1, x2), x1)
Op(BitAnd(x2, x1), x1)
Op(x1, BitAnd(x1, x2))
Op(x1, BitAnd(x2, x1))
Into this: BitAnd(Op(x2, x1), x1)
This second set is equivalent to doing x1 => BitAnd(x1, x1), and then applying the first set.
Using de Morgan laws (we represent not as BitXor with allOnes):
BitAnd(BitXor(x1, allOnes), BitXor(x2, allOnes)) => BitXor(BitOr(x1, x2), allOnes)
BitOr(BitXor(x1, allOnes), BitXor(x2, allOnes) => BitXor(BitAnd(x1, x2), allOnes)
BitOr(BitXor(x, allOnes), c) => BitXor(BitAnd(x, ~c), allOnes)
BitAnd(BitXor(x, allOnes), c) => BitXor(BitOr(x, ~c), allOnes)
The latter two are equivalent to doing c => BitXor(~c, allOnes), and then applying the former two.
All of these transformations either reduce the number of operations (which we always do when possible), or bring the expression closer to having:
- BitXor with all ones at the outermost
- then BitAnd
- then other BitXor
- then BitOr at the innermost.
These transformations that don't directly reduce the number of operations are still useful for normalization (helping things like CSE), and also can enable
more optimizations (for example BitXor with all ones can easily cancel each other once they are all at the outermost level).
* b3/B3ReduceStrength.cpp:
* b3/testb3.cpp:
(JSC::B3::testBitAndNotNot):
(JSC::B3::testBitAndNotImm):
(JSC::B3::testBitOrAndAndArgs):
(JSC::B3::testBitOrAndSameArgs):
(JSC::B3::testBitOrNotNot):
(JSC::B3::testBitOrNotImm):
(JSC::B3::testBitXorAndAndArgs):
(JSC::B3::testBitXorAndSameArgs):
(JSC::B3::run):
Commit: cd8b35f478b3aee9ff133381ceec844fac6cb2c2
https://github.com/WebKit/WebKit/commit/cd8b35f478b3aee9ff133381ceec844fac6cb2c2
Author: Sihui Liu <sihui_liu at apple.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/Modules/indexeddb/server/IDBConnectionToClient.cpp
M Source/WebCore/Modules/indexeddb/server/IDBConnectionToClient.h
M Source/WebCore/Modules/indexeddb/server/UniqueIDBDatabase.cpp
M Source/WebCore/Modules/indexeddb/server/UniqueIDBDatabase.h
Log Message:
-----------
Merge r241967 - Crash under IDBServer::IDBConnectionToClient::identifier() const
https://bugs.webkit.org/show_bug.cgi?id=194843
<rdar://problem/48203102>
Reviewed by Geoffrey Garen.
UniqueIDBDatabase should ignore requests from connections that are already closed.
Tests are hard to create without some tricks on UniqueIDBDatabase so this fix is verified manually.
One test is created by adding delay to UniqueIDBDatabase::openBackingStore on the background thread to make sure
disconnection of web process happens before UniqueIDBDatabase::didOpenBackingStore, because didOpenBackingStore
may start a version change transaction and ask for identifier from the connection that is already gone.
* Modules/indexeddb/server/IDBConnectionToClient.cpp:
(WebCore::IDBServer::IDBConnectionToClient::connectionToClientClosed):
* Modules/indexeddb/server/IDBConnectionToClient.h:
(WebCore::IDBServer::IDBConnectionToClient::isClosed):
* Modules/indexeddb/server/UniqueIDBDatabase.cpp:
(WebCore::IDBServer::UniqueIDBDatabase::clearStalePendingOpenDBRequests):
(WebCore::IDBServer::UniqueIDBDatabase::handleDatabaseOperations):
(WebCore::IDBServer::UniqueIDBDatabase::operationAndTransactionTimerFired):
* Modules/indexeddb/server/UniqueIDBDatabase.h:
Commit: c817b5670a12cdcc75037e5997367aaff0822ff1
https://github.com/WebKit/WebKit/commit/c817b5670a12cdcc75037e5997367aaff0822ff1
Author: Robin Morisset <rmorisset at apple.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/has-indexed-property-with-worsening-array-mode.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/dfg/DFGByteCodeParser.cpp
Log Message:
-----------
Merge r241968 - DFGBytecodeParser should not declare that a node won't clobberExit if DFGFixupPhase can later declare it does clobberExit
https://bugs.webkit.org/show_bug.cgi?id=194953
<rdar://problem/47595253>
Reviewed by Saam Barati.
JSTests:
I could not make this work without the infinite loop, so I am using a watchdog to be able to use it as a regression test.
* stress/has-indexed-property-with-worsening-array-mode.js: Added.
Source/JavaScriptCore:
For each node that
(a) may or may not clobberExit depending on their arrayMode
(b) and get their arrayMode from profiling information in DFGBytecodeParser
(c) and can have their arrayMode refined by DFGFixupPhase,
We must make sure to be conservative in the DFGBytecodeParser and treat it as if it unconditionnally clobbered the exit.
Otherwise we will hit a validation failure after fixup if the next node was marked ExitValid and exits to the same semantic origin.
The list of nodes that fit (a) is:
- StringCharAt
- HasIndexProperty
- GetByVal
- PutByValDirect
- PutByVal
- PutByValAlias
- GetIndexedPropertyStorage
Out of these, the following also fit (b) and (c):
- HasIndexedProperty
- GetByVal
- PutByValDirect
- PutByVal
GetByVal already had "m_exitOK = false; // GetByVal must be treated as if it clobbers exit state, since FixupPhase may make it generic."
So we just have to fix the other three the same way.
* dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::parseBlock):
(JSC::DFG::ByteCodeParser::handlePutByVal):
Commit: 55116ffe38aeb378c9c073af29308f71e4addd8f
https://github.com/WebKit/WebKit/commit/55116ffe38aeb378c9c073af29308f71e4addd8f
Author: Mark Lam <mark.lam at apple.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/runtime/StringPrototype.cpp
M Source/WTF/ChangeLog
M Source/WTF/wtf/CheckedArithmetic.h
Log Message:
-----------
Merge r241991 - Add an exception check and some assertions in StringPrototype.cpp.
https://bugs.webkit.org/show_bug.cgi?id=194962
<rdar://problem/48013416>
Reviewed by Yusuke Suzuki and Saam Barati.
Source/JavaScriptCore:
* runtime/StringPrototype.cpp:
(JSC::jsSpliceSubstrings):
(JSC::jsSpliceSubstringsWithSeparators):
(JSC::operationStringProtoFuncReplaceRegExpEmptyStr):
Source/WTF:
Add an AssertNoOverflow overflow handler which allows us to do CheckedArithmetic
for assertion purpose only on debug builds but sacrifices no performance on
release builds.
* wtf/CheckedArithmetic.h:
(WTF::AssertNoOverflow::overflowed):
(WTF::AssertNoOverflow::clearOverflow):
(WTF::AssertNoOverflow::crash):
(WTF::AssertNoOverflow::hasOverflowed const):
(WTF::observesOverflow):
(WTF::observesOverflow<AssertNoOverflow>):
(WTF::safeAdd):
(WTF::safeSub):
(WTF::safeMultiply):
(WTF::Checked::operator+=):
(WTF::Checked::operator-=):
(WTF::Checked::operator*=):
(WTF::operator+):
(WTF::operator-):
(WTF::operator*):
Commit: a8306ab0d5beb9c582e865bd4e4b6a7e3f37008a
https://github.com/WebKit/WebKit/commit/a8306ab0d5beb9c582e865bd4e4b6a7e3f37008a
Author: Michael Catanzaro <mcatanzaro at gnome.org>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/WTF/ChangeLog
M Source/WTF/wtf/URLHelpers.cpp
Log Message:
-----------
Merge r241998 - Unreviewed, fix find/replace error from r232178
Looks like this was the only such error in that commit.
* wtf/URLHelpers.cpp:
(WTF::URLHelpers::isLookalikeCharacter):
Commit: 08c7ff4fb3962803c54678bf303920dea6efc55b
https://github.com/WebKit/WebKit/commit/08c7ff4fb3962803c54678bf303920dea6efc55b
Author: Michael Catanzaro <mcatanzaro at gnome.org>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/SourcesWPE.txt
M Source/WebKit/UIProcess/WebMemoryPressureHandler.cpp
M Source/WebKit/UIProcess/glib/WebProcessPoolGLib.cpp
Log Message:
-----------
Merge r242012 - [WPE] Install MemoryPressureHandler in UIProcess
https://bugs.webkit.org/show_bug.cgi?id=194617
Reviewed by Žan Doberšek.
Currently only GTK and Cocoa ports run MemoryPressureHandler in the UI process. WPE should
too.
We need @no-unify to avoid changing the unified source bundles under API/, which are
notoriously fragile. (WebMemoryPressureHandler.cpp sorts just above API/.)
* SourcesWPE.txt:
* UIProcess/WebMemoryPressureHandler.cpp:
(WebKit::installMemoryPressureHandler):
* UIProcess/glib/WebProcessPoolGLib.cpp:
(WebKit::WebProcessPool::platformInitialize):
Commit: ecbf9f895b0e8f7b7d072d08649cd0a1c7004f12
https://github.com/WebKit/WebKit/commit/ecbf9f895b0e8f7b7d072d08649cd0a1c7004f12
Author: Michael Catanzaro <mcatanzaro at gnome.org>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/UserAgentQuirks.cpp
M Tools/ChangeLog
M Tools/TestWebKitAPI/Tests/WebCore/UserAgentQuirks.cpp
Log Message:
-----------
Merge r242013 - [WPE][GTK] Remove user agent quirk for washingtonpost.com
https://bugs.webkit.org/show_bug.cgi?id=194981
Reviewed by Žan Doberšek.
Source/WebCore:
Remove user agent quirk for washingtonpost.com because we support JPEG 2000 now.
* platform/UserAgentQuirks.cpp:
(WebCore::urlRequiresChromeBrowser):
Tools:
* TestWebKitAPI/Tests/WebCore/UserAgentQuirks.cpp:
(TestWebKitAPI::TEST):
Commit: 1c0cae595263559d60391d8bd542e4e729a9d49f
https://github.com/WebKit/WebKit/commit/1c0cae595263559d60391d8bd542e4e729a9d49f
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/bytecode/BytecodeIntrinsicRegistry.cpp
M Source/JavaScriptCore/bytecode/BytecodeIntrinsicRegistry.h
M Source/JavaScriptCore/dfg/DFGByteCodeParser.cpp
M Source/JavaScriptCore/dfg/DFGOperations.cpp
M Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp
M Source/JavaScriptCore/dfg/DFGSpeculativeJIT64.cpp
M Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp
M Source/JavaScriptCore/runtime/MapConstructor.cpp
M Source/JavaScriptCore/runtime/SetConstructor.cpp
M Source/JavaScriptCore/runtime/VM.cpp
M Source/JavaScriptCore/runtime/VM.h
Log Message:
-----------
Merge r242015 - [JSC] Lazily create sentinel Map and Set buckets
https://bugs.webkit.org/show_bug.cgi?id=194975
Reviewed by Saam Barati.
If VM::canUseJIT() returns false, we can lazily initialize sentinel Map and Set buckets.
This patch adds getters to VM which lazily allocate these buckets. We eagerly initialize
them if VM::canUseJIT() returns true since they can be touched from DFG and FTL.
* bytecode/BytecodeIntrinsicRegistry.cpp:
(JSC::BytecodeIntrinsicRegistry::BytecodeIntrinsicRegistry):
(JSC::BytecodeIntrinsicRegistry::sentinelMapBucketValue):
(JSC::BytecodeIntrinsicRegistry::sentinelSetBucketValue):
* bytecode/BytecodeIntrinsicRegistry.h:
* dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::handleIntrinsicCall):
* dfg/DFGOperations.cpp:
* dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileGetMapBucketNext):
* dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileGetMapBucket):
(JSC::FTL::DFG::LowerDFGToB3::compileGetMapBucketNext):
* runtime/MapConstructor.cpp:
(JSC::mapPrivateFuncMapBucketNext):
* runtime/SetConstructor.cpp:
(JSC::setPrivateFuncSetBucketNext):
* runtime/VM.cpp:
(JSC::VM::VM):
(JSC::VM::sentinelSetBucketSlow):
(JSC::VM::sentinelMapBucketSlow):
* runtime/VM.h:
(JSC::VM::sentinelSetBucket):
(JSC::VM::sentinelMapBucket):
Commit: 402db404d35c67550ae3b6e517f308f528d8948b
https://github.com/WebKit/WebKit/commit/402db404d35c67550ae3b6e517f308f528d8948b
Author: Miguel Gomez <magomez at igalia.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M ChangeLog
A ManualTests/wpe/video-player-holepunch-external.html
A ManualTests/wpe/video-player-holepunch-gstreamer.html
R ManualTests/wpe/video-player-holepunch.html
M Source/WebCore/ChangeLog
M Source/WebCore/PlatformWPE.cmake
A Source/WebCore/platform/HolePunch.cmake
M Source/WebCore/platform/graphics/MediaPlayer.cpp
A Source/WebCore/platform/graphics/holepunch/MediaPlayerPrivateHolePunch.cpp
A Source/WebCore/platform/graphics/holepunch/MediaPlayerPrivateHolePunch.h
M Source/WebCore/platform/graphics/texmap/TextureMapperPlatformLayerBuffer.cpp
M Source/cmake/OptionsWPE.cmake
Log Message:
-----------
Merge r242033 - [WPE] Add support for holepunch using an external video player
https://bugs.webkit.org/show_bug.cgi?id=194899
Reviewed by Xabier Rodriguez-Calvar.
.:
Add EXTERNAL_HOLEPUNCH option to the WPE port. Add a manual test to check the
feature. Rename and update the test for GStreamer holepunch to avoid confusion.
* ManualTests/wpe/video-player-holepunch-external.html: Added.
* ManualTests/wpe/video-player-holepunch-gstreamer.html: Renamed from ManualTests/wpe/video-player-holepunch.html.
* Source/cmake/OptionsWPE.cmake:
Source/WebCore:
Implement the holepunch feature to allow playback using an external player. This creates
a new dummy MediaPlayerPrivateHolePunch that accepts only the type "video/holepunch", and
whose goal is to just draw a transparent rectangle in the position where the video should be.
This can be used to allow a player placed on a lower plane than the browser to become visible.
Added ManualTest wpe/video-player-holepunch-external.html to test the feature.
* PlatformWPE.cmake:
* platform/HolePunch.cmake: Added.
* platform/graphics/MediaPlayer.cpp:
(WebCore::buildMediaEnginesVector):
* platform/graphics/holepunch/MediaPlayerPrivateHolePunch.cpp: Added.
(WebCore::MediaPlayerPrivateHolePunch::MediaPlayerPrivateHolePunch):
(WebCore::MediaPlayerPrivateHolePunch::~MediaPlayerPrivateHolePunch):
(WebCore::MediaPlayerPrivateHolePunch::platformLayer const):
(WebCore::MediaPlayerPrivateHolePunch::naturalSize const):
(WebCore::MediaPlayerPrivateHolePunch::pushNextHolePunchBuffer):
(WebCore::MediaPlayerPrivateHolePunch::swapBuffersIfNeeded):
(WebCore::MediaPlayerPrivateHolePunch::proxy const):
(WebCore::mimeTypeCache):
(WebCore::MediaPlayerPrivateHolePunch::getSupportedTypes):
(WebCore::MediaPlayerPrivateHolePunch::supportsType):
(WebCore::MediaPlayerPrivateHolePunch::registerMediaEngine):
(WebCore::MediaPlayerPrivateHolePunch::notifyReadyState):
* platform/graphics/holepunch/MediaPlayerPrivateHolePunch.h: Added.
* platform/graphics/texmap/TextureMapperPlatformLayerBuffer.cpp:
(WebCore::TextureMapperPlatformLayerBuffer::paintToTextureMapper):
Commit: 1dd041d36d75d80c6c62a609178ff97fbb6c7dec
https://github.com/WebKit/WebKit/commit/1dd041d36d75d80c6c62a609178ff97fbb6c7dec
Author: Alicia Boya Garcia <aboya at igalia.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/gstreamer/mse/AppendPipeline.cpp
M Source/WebCore/platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp
M Source/WebCore/platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.h
Log Message:
-----------
Merge r242034 - [MSE][GStreamer] Batch player duration updates
https://bugs.webkit.org/show_bug.cgi?id=194220
Reviewed by Xabier Rodriguez-Calvar.
This saves up a ton of CPU cycles doing layout unnecessarily when all
the appended frames extend the duration of the movie, like in
YTTV 2018 59.DASHLatencyVP9.
This patch is an optimization that introduces no new behavior.
* platform/graphics/gstreamer/mse/AppendPipeline.cpp:
(WebCore::AppendPipeline::consumeAppsinkAvailableSamples):
* platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp:
(WebCore::MediaPlayerPrivateGStreamerMSE::blockDurationChanges):
(WebCore::MediaPlayerPrivateGStreamerMSE::unblockDurationChanges):
(WebCore::MediaPlayerPrivateGStreamerMSE::durationChanged):
* platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.h:
Commit: 72815ee1fc029a6248b137ea3bab9152d7c1e4b6
https://github.com/WebKit/WebKit/commit/72815ee1fc029a6248b137ea3bab9152d7c1e4b6
Author: Charlie Turner <cturner at igalia.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/gstreamer/eme/WebKitCommonEncryptionDecryptorGStreamer.cpp
Log Message:
-----------
Merge r242035 - [EME][GStreamer] Replace caps field loop with gst_structure_remove_fields
https://bugs.webkit.org/show_bug.cgi?id=194992
Reviewed by Xabier Rodriguez-Calvar.
Refactoring, no new tests.
* platform/graphics/gstreamer/eme/WebKitCommonEncryptionDecryptorGStreamer.cpp:
(transformCaps): Simplify the code a little. The idea to use this
utility function came from a review upstream here:
https://gitlab.freedesktop.org/gstreamer/gst-devtools/merge_requests/67
Commit: 17f735c6842e9bf453aeaf4b556041e8df4d078e
https://github.com/WebKit/WebKit/commit/17f735c6842e9bf453aeaf4b556041e8df4d078e
Author: Michael Catanzaro <mcatanzaro at gnome.org>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/glib/WebProcessPoolGLib.cpp
Log Message:
-----------
Merge r242042 - [WPE][GTK] Clean up handling of WEBKIT_FORCE_COMPLEX_TEXT
https://bugs.webkit.org/show_bug.cgi?id=194614
Reviewed by Carlos Garcia Campos.
This environment variable is now enabled for WPE, not just for GTK.
It is now possible to use this environment variable to enable complex text, not just to
disable it.
WebProcessPool::setAlwaysUsesComplexTextCodePath is fixed to be respected even when this
environment variable is set, although WPE and GTK will never do so.
* UIProcess/glib/WebProcessPoolGLib.cpp:
(WebKit::WebProcessPool::platformInitialize):
(WebKit::WebProcessPool::platformInitializeWebProcess):
Commit: 49b3e93444d7f3f33e8c7a92d11de3498fe45c66
https://github.com/WebKit/WebKit/commit/49b3e93444d7f3f33e8c7a92d11de3498fe45c66
Author: Sihui Liu <sihui_liu at apple.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M LayoutTests/ChangeLog
M LayoutTests/TestExpectations
M LayoutTests/platform/wk2/TestExpectations
A LayoutTests/storage/indexeddb/IDBObject-leak-expected.txt
A LayoutTests/storage/indexeddb/IDBObject-leak.html
M Source/WebCore/ChangeLog
M Source/WebCore/Modules/indexeddb/IDBDatabase.cpp
M Source/WebCore/Modules/indexeddb/IDBTransaction.cpp
M Source/WebCore/Modules/indexeddb/IDBTransaction.h
M Source/WebCore/testing/Internals.cpp
M Source/WebCore/testing/Internals.h
M Source/WebCore/testing/Internals.idl
Log Message:
-----------
Merge r242043 - IndexedDB: IDBDatabase and IDBTransaction are leaked in layout tests
https://bugs.webkit.org/show_bug.cgi?id=194709
Reviewed by Geoffrey Garen.
Source/WebCore:
When connection to IDB server is closed, IDBTransaction would abort without notifying IDBDatabase, so
IDBDatabase didn't clear its reference to IDBTransaction which created a reference cycle.
Also IDBTransaction didn't clear its reference to IDBRequest in this case and it led to another reference cycle
between IDBOpenDBRequest and IDBTransaction.
Test: storage/indexeddb/IDBObject-leak.html
* Modules/indexeddb/IDBDatabase.cpp:
(WebCore::IDBDatabase::connectionToServerLost):
* Modules/indexeddb/IDBTransaction.cpp:
(WebCore::IDBTransaction::IDBTransaction):
(WebCore::IDBTransaction::~IDBTransaction):
(WebCore::IDBTransaction::connectionClosedFromServer):
* Modules/indexeddb/IDBTransaction.h:
* testing/Internals.cpp:
(WebCore::Internals::numberOfIDBTransactions const):
* testing/Internals.h:
* testing/Internals.idl:
LayoutTests:
* TestExpectations:
* platform/wk2/TestExpectations:
* storage/indexeddb/IDBObject-leak-expected.txt: Added.
* storage/indexeddb/IDBObject-leak.html: Added.
Commit: b51ff3b5df61cb0ca21171389d3de943babf5cc0
https://github.com/WebKit/WebKit/commit/b51ff3b5df61cb0ca21171389d3de943babf5cc0
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/JavaScriptCore/CMakeLists.txt
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/DerivedSources-input.xcfilelist
M Source/JavaScriptCore/DerivedSources.make
M Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj
M Source/JavaScriptCore/builtins/BuiltinNames.h
M Source/JavaScriptCore/builtins/DatePrototype.js
R Source/JavaScriptCore/builtins/NumberPrototype.js
M Source/JavaScriptCore/builtins/StringPrototype.js
M Source/JavaScriptCore/runtime/JSGlobalObject.cpp
M Source/JavaScriptCore/runtime/JSGlobalObject.h
M Source/JavaScriptCore/runtime/JSGlobalObjectFunctions.cpp
M Source/JavaScriptCore/runtime/JSGlobalObjectFunctions.h
M Source/JavaScriptCore/runtime/NumberPrototype.cpp
M Source/JavaScriptCore/runtime/StringPrototype.cpp
Log Message:
-----------
Merge r242047 - [JSC] Drop direct references to Intl constructors by rewriting Intl JS builtins in C++
https://bugs.webkit.org/show_bug.cgi?id=194976
Reviewed by Michael Saboff.
This patch paves the way to making IntlObject allocation lazy by removing direct references
to Intl constructors (Intl.Collator etc.) from builtin JS. To achieve that,
1. We implement String.prototype.toLocaleCompare and Number.prototype.toLocaleString in C++
instead of JS builtins. Since these functions end up calling ICU C++ runtime, writing them in
JS does not offer performance improvement.
2. We remove @DateTimeFormat constructor reference, and instead, exposing @dateTimeFormat function,
which returns formatted string directly. We still have JS builtins for DateTimeFormat things
because the initialization of its "options" JSObject involves many get_by_id / put_by_id things,
which are efficient in JS. But we avoid exposing @DateTimeFormat directly, so that Intl constructors
can be lazily allocated.
* CMakeLists.txt:
* DerivedSources-input.xcfilelist:
* DerivedSources.make:
* JavaScriptCore.xcodeproj/project.pbxproj:
* builtins/BuiltinNames.h:
* builtins/DatePrototype.js:
(toLocaleString):
(toLocaleDateString):
(toLocaleTimeString):
* builtins/NumberPrototype.js: Removed.
* builtins/StringPrototype.js:
(intrinsic.StringPrototypeReplaceIntrinsic.replace):
(globalPrivate.getDefaultCollator): Deleted.
* runtime/JSGlobalObject.cpp:
(JSC::JSGlobalObject::init):
(JSC::JSGlobalObject::visitChildren):
(JSC::JSGlobalObject::defaultCollator):
* runtime/JSGlobalObject.h:
* runtime/JSGlobalObjectFunctions.cpp:
(JSC::globalFuncDateTimeFormat):
* runtime/JSGlobalObjectFunctions.h:
* runtime/NumberPrototype.cpp:
(JSC::NumberPrototype::finishCreation):
(JSC::throwVMToThisNumberError):
(JSC::numberProtoFuncToExponential):
(JSC::numberProtoFuncToFixed):
(JSC::numberProtoFuncToPrecision):
(JSC::numberProtoFuncToString):
(JSC::numberProtoFuncToLocaleString):
(JSC::numberProtoFuncValueOf):
* runtime/StringPrototype.cpp:
(JSC::StringPrototype::finishCreation):
(JSC::stringProtoFuncLocaleCompare):
Commit: ad0c4380ae7fde069d0a08805c7e59c1a62547f5
https://github.com/WebKit/WebKit/commit/ad0c4380ae7fde069d0a08805c7e59c1a62547f5
Author: Sam Weinig <sam at webkit.org>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/WTF/ChangeLog
M Source/WTF/WTF.xcodeproj/project.pbxproj
M Source/WTF/wtf/CMakeLists.txt
A Source/WTF/wtf/dtoa/AUTHORS
R Source/WTF/wtf/dtoa/README
A Source/WTF/wtf/dtoa/README.md
M Source/WTF/wtf/dtoa/bignum-dtoa.cc
M Source/WTF/wtf/dtoa/bignum-dtoa.h
M Source/WTF/wtf/dtoa/bignum.cc
M Source/WTF/wtf/dtoa/bignum.h
M Source/WTF/wtf/dtoa/cached-powers.cc
M Source/WTF/wtf/dtoa/cached-powers.h
M Source/WTF/wtf/dtoa/diy-fp.cc
M Source/WTF/wtf/dtoa/diy-fp.h
M Source/WTF/wtf/dtoa/double-conversion.cc
M Source/WTF/wtf/dtoa/double-conversion.h
R Source/WTF/wtf/dtoa/double.h
M Source/WTF/wtf/dtoa/fast-dtoa.cc
M Source/WTF/wtf/dtoa/fast-dtoa.h
M Source/WTF/wtf/dtoa/fixed-dtoa.cc
M Source/WTF/wtf/dtoa/fixed-dtoa.h
A Source/WTF/wtf/dtoa/ieee.h
M Source/WTF/wtf/dtoa/strtod.cc
M Source/WTF/wtf/dtoa/strtod.h
M Source/WTF/wtf/dtoa/utils.h
Log Message:
-----------
Merge r242048 - Update double-conversion to the latest version
https://bugs.webkit.org/show_bug.cgi?id=194994
Import the latest version of the double-conversion library based on
https://github.com/google/double-conversion/commit/990c44707c70832dc1ce1578048c2198bafd3307
In additon to importing the code, the following changes were applied (or re-applied) to maintain
parity with what we had previously:
- Add #include "config.h" to each cpp file.
- Put everything inside the WTF namespace.
- Changed all in library includes to be of the form #include <wtf/dtoa/FILE.h>.
- Renamed double_conversion::Vector<> to double_conversion::BufferReference<>.
- Replaced duplicated functions with ASCIICType.h variants
- Made CachedPower table a constexpr.
- Exported (via WTF_EXPORT_PRIVATE) several functions in double-conversion.h.
- Made substantial changes to StringToDoubleConverter to avoid unnecessary overhead of
parameterization, as we only ever want one configuration. Instead of constructing a
configured class and calling StringToDouble on it, StringToDouble is now a static
function. This allows a bunch of now dead code (hex support, octal support, etc.) to
be eliminated. As StringToDoubleConverter now supports single precision floats, some
additional templating of StringToIeee was added to avoid extra unnecessary branching.
- Added RemoveCharacters function to double_conversion::StringBuilder.
Patch by Sam Weinig <sam at webkit.org> on 2019-02-25
Reviewed by Darin Adler.
* WTF.xcodeproj/project.pbxproj:
* wtf/CMakeLists.txt:
* wtf/dtoa/AUTHORS: Added.
* wtf/dtoa/README: Removed.
* wtf/dtoa/README.md: Added.
* wtf/dtoa/bignum-dtoa.cc:
* wtf/dtoa/bignum-dtoa.h:
* wtf/dtoa/bignum.cc:
* wtf/dtoa/bignum.h:
(WTF::double_conversion::Bignum::Times10):
(WTF::double_conversion::Bignum::Equal):
(WTF::double_conversion::Bignum::LessEqual):
(WTF::double_conversion::Bignum::Less):
(WTF::double_conversion::Bignum::PlusEqual):
(WTF::double_conversion::Bignum::PlusLessEqual):
(WTF::double_conversion::Bignum::PlusLess):
(WTF::double_conversion::Bignum::EnsureCapacity):
(WTF::double_conversion::Bignum::BigitLength const):
* wtf/dtoa/cached-powers.cc:
* wtf/dtoa/cached-powers.h:
* wtf/dtoa/diy-fp.cc:
* wtf/dtoa/diy-fp.h:
(WTF::double_conversion::DiyFp::DiyFp):
(WTF::double_conversion::DiyFp::Subtract):
(WTF::double_conversion::DiyFp::Minus):
(WTF::double_conversion::DiyFp::Times):
(WTF::double_conversion::DiyFp::Normalize):
(WTF::double_conversion::DiyFp::f const):
(WTF::double_conversion::DiyFp::e const):
(WTF::double_conversion::DiyFp::set_f):
(WTF::double_conversion::DiyFp::set_e):
* wtf/dtoa/double-conversion.cc:
* wtf/dtoa/double-conversion.h:
(WTF::double_conversion::DoubleToStringConverter::DoubleToStringConverter):
(WTF::double_conversion::DoubleToStringConverter::ToShortest const):
(WTF::double_conversion::DoubleToStringConverter::ToShortestSingle const):
(WTF::double_conversion::StringToDoubleConverter::StringToDoubleConverter):
* wtf/dtoa/double.h: Removed.
* wtf/dtoa/fast-dtoa.cc:
* wtf/dtoa/fast-dtoa.h:
* wtf/dtoa/fixed-dtoa.cc:
* wtf/dtoa/fixed-dtoa.h:
* wtf/dtoa/ieee.h: Added.
(WTF::double_conversion::double_to_uint64):
(WTF::double_conversion::uint64_to_double):
(WTF::double_conversion::float_to_uint32):
(WTF::double_conversion::uint32_to_float):
(WTF::double_conversion::Double::Double):
(WTF::double_conversion::Double::AsDiyFp const):
(WTF::double_conversion::Double::AsNormalizedDiyFp const):
(WTF::double_conversion::Double::AsUint64 const):
(WTF::double_conversion::Double::NextDouble const):
(WTF::double_conversion::Double::PreviousDouble const):
(WTF::double_conversion::Double::Exponent const):
(WTF::double_conversion::Double::Significand const):
(WTF::double_conversion::Double::IsDenormal const):
(WTF::double_conversion::Double::IsSpecial const):
(WTF::double_conversion::Double::IsNan const):
(WTF::double_conversion::Double::IsInfinite const):
(WTF::double_conversion::Double::Sign const):
(WTF::double_conversion::Double::UpperBoundary const):
(WTF::double_conversion::Double::NormalizedBoundaries const):
(WTF::double_conversion::Double::LowerBoundaryIsCloser const):
(WTF::double_conversion::Double::value const):
(WTF::double_conversion::Double::SignificandSizeForOrderOfMagnitude):
(WTF::double_conversion::Double::Infinity):
(WTF::double_conversion::Double::NaN):
(WTF::double_conversion::Double::DiyFpToUint64):
(WTF::double_conversion::Single::Single):
(WTF::double_conversion::Single::AsDiyFp const):
(WTF::double_conversion::Single::AsUint32 const):
(WTF::double_conversion::Single::Exponent const):
(WTF::double_conversion::Single::Significand const):
(WTF::double_conversion::Single::IsDenormal const):
(WTF::double_conversion::Single::IsSpecial const):
(WTF::double_conversion::Single::IsNan const):
(WTF::double_conversion::Single::IsInfinite const):
(WTF::double_conversion::Single::Sign const):
(WTF::double_conversion::Single::NormalizedBoundaries const):
(WTF::double_conversion::Single::UpperBoundary const):
(WTF::double_conversion::Single::LowerBoundaryIsCloser const):
(WTF::double_conversion::Single::value const):
(WTF::double_conversion::Single::Infinity):
(WTF::double_conversion::Single::NaN):
* wtf/dtoa/strtod.cc:
* wtf/dtoa/strtod.h:
* wtf/dtoa/utils.h:
(abort_noreturn):
(WTF::double_conversion::Max):
(WTF::double_conversion::Min):
(WTF::double_conversion::StrLength):
(WTF::double_conversion::BufferReference::BufferReference):
(WTF::double_conversion::BufferReference::SubVector):
(WTF::double_conversion::BufferReference::length const):
(WTF::double_conversion::BufferReference::is_empty const):
(WTF::double_conversion::BufferReference::start const):
(WTF::double_conversion::BufferReference::operator[] const):
(WTF::double_conversion::BufferReference::first):
(WTF::double_conversion::BufferReference::last):
(WTF::double_conversion::StringBuilder::StringBuilder):
(WTF::double_conversion::StringBuilder::~StringBuilder):
(WTF::double_conversion::StringBuilder::size const):
(WTF::double_conversion::StringBuilder::position const):
(WTF::double_conversion::StringBuilder::Reset):
(WTF::double_conversion::StringBuilder::AddCharacter):
(WTF::double_conversion::StringBuilder::AddString):
(WTF::double_conversion::StringBuilder::AddSubstring):
(WTF::double_conversion::StringBuilder::AddPadding):
(WTF::double_conversion::StringBuilder::RemoveCharacters):
(WTF::double_conversion::StringBuilder::Finalize):
(WTF::double_conversion::StringBuilder::is_finalized const):
(WTF::double_conversion::BitCast):
(WTF::double_conversion::BufferReference::SubBufferReference): Deleted.
(WTF::double_conversion::StringBuilder::SetPosition): Deleted.
Commit: bfdc5b033cc58c1e7bd96a7330336c747acf4d8f
https://github.com/WebKit/WebKit/commit/bfdc5b033cc58c1e7bd96a7330336c747acf4d8f
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/runtime/IntlCollatorConstructor.h
M Source/JavaScriptCore/runtime/IntlDateTimeFormatConstructor.h
M Source/JavaScriptCore/runtime/IntlNumberFormatConstructor.h
M Source/JavaScriptCore/runtime/IntlObject.cpp
M Source/JavaScriptCore/runtime/IntlObject.h
M Source/JavaScriptCore/runtime/IntlPluralRulesConstructor.h
M Source/JavaScriptCore/runtime/JSGlobalObject.cpp
M Source/JavaScriptCore/runtime/JSGlobalObject.h
M Source/JavaScriptCore/runtime/JSGlobalObjectFunctions.cpp
M Source/JavaScriptCore/runtime/NumberPrototype.cpp
M Source/JavaScriptCore/runtime/StringPrototype.cpp
Log Message:
-----------
Merge r242064 - [JSC] Make Intl fields lazily-allocated
https://bugs.webkit.org/show_bug.cgi?id=195022
Reviewed by Mark Lam.
This patch makes the following memory footprint optimization in IntlObject.
1. Make IntlObject fields including Intl.Collator lazily-allocated because we already removed direct references from JS builtins to these constructors (@Collator etc.).
2. Move LazyProperty<IntlObject, Structure> structures from IntlObject to JSGlobalObject. This makes sizeof(IntlObject) the same to the other ones of usual runtime Objects,
and drop one MarkedBlock.
* runtime/IntlCollatorConstructor.h:
* runtime/IntlDateTimeFormatConstructor.h:
* runtime/IntlNumberFormatConstructor.h:
* runtime/IntlObject.cpp:
(JSC::createCollatorConstructor):
(JSC::createNumberFormatConstructor):
(JSC::createDateTimeFormatConstructor):
(JSC::createPluralRulesConstructor):
(JSC::IntlObject::finishCreation):
(JSC::IntlObject::visitChildren): Deleted.
* runtime/IntlObject.h:
* runtime/IntlPluralRulesConstructor.h:
* runtime/JSGlobalObject.cpp:
(JSC::JSGlobalObject::init):
(JSC::JSGlobalObject::visitChildren):
(JSC::JSGlobalObject::defaultCollator):
* runtime/JSGlobalObject.h:
(JSC::JSGlobalObject::collatorStructure):
(JSC::JSGlobalObject::numberFormatStructure):
(JSC::JSGlobalObject::dateTimeFormatStructure):
(JSC::JSGlobalObject::pluralRulesStructure):
(JSC::JSGlobalObject::intlObject const): Deleted.
* runtime/JSGlobalObjectFunctions.cpp:
(JSC::globalFuncDateTimeFormat):
* runtime/NumberPrototype.cpp:
(JSC::numberProtoFuncToLocaleString):
* runtime/StringPrototype.cpp:
(JSC::stringProtoFuncLocaleCompare):
Commit: 4c8be52fad0088f2f5b66eea1c582f0660420c02
https://github.com/WebKit/WebKit/commit/4c8be52fad0088f2f5b66eea1c582f0660420c02
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
Log Message:
-----------
Merge r242067 - [JSC] stress/function-constructor-reading-from-global-lexical-environment.js fails in 32bit arch
https://bugs.webkit.org/show_bug.cgi?id=195030
<rdar://problem/48385088>
Reviewed by Saam Barati.
While LLInt64 has checkTDZInGlobalPutToScopeIfNecessary for op_put_to_scope GlobalLexicalVar to check the value in the variable slot is not empty,
this check is missing in LLInt32_64. Previously, this check was subsumed accidentally by the WatchpointSet check in GlobalLexicalVar in `notifyWrite`:
because no "put" attempt succeeds here, the status WatchpointSet was ClearWatchpoint, we always go to the slow path, and we always throw the TDZ error
before configuring the WatchpointSet in the slow path. But after r241862, WatchpointSet is not used under non-JIT configuration. This skips WatchpointSet
check and LLInt32_64 starts failing tests because of lack of checkTDZInGlobalPutToScopeIfNecessary. This patch adds checkTDZInGlobalPutToScopeIfNecessary
in LLInt32_64 too. This patch fixes the following four failing tests.
stress/function-constructor-reading-from-global-lexical-environment.js.bytecode-cache
stress/function-constructor-reading-from-global-lexical-environment.js.default
stress/global-lexical-variable-tdz.js.bytecode-cache
stress/global-lexical-variable-tdz.js.default
* llint/LowLevelInterpreter32_64.asm:
Commit: 8b62ac9a0b2d2eb60e8f9a35a6f42af61c883bc2
https://github.com/WebKit/WebKit/commit/8b62ac9a0b2d2eb60e8f9a35a6f42af61c883bc2
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/heap/Heap.cpp
M Source/JavaScriptCore/heap/Heap.h
M Source/JavaScriptCore/heap/HeapInlines.h
M Source/JavaScriptCore/heap/MarkingConstraintSolver.cpp
M Source/JavaScriptCore/heap/SlotVisitor.h
Log Message:
-----------
Merge r242070 - [JSC] Revert r226885 to make SlotVisitor creation lazy
https://bugs.webkit.org/show_bug.cgi?id=195013
Reviewed by Saam Barati.
We once changed SlotVisitor creation apriori to drop the lock. Also, it turns out that SlotVisitor is memory-consuming.
We should defer SlotVisitor creation until it is actually required. This patch reverts r226885. Even with this patch,
we still hold many SlotVisitors after we execute many parallel markers at least once. But recovering the feature of
dynamically allocating SlotVisitors helps further memory optimizations in this area.
* heap/Heap.cpp:
(JSC::Heap::Heap):
(JSC::Heap::runBeginPhase):
* heap/Heap.h:
* heap/HeapInlines.h:
(JSC::Heap::forEachSlotVisitor):
(JSC::Heap::numberOfSlotVisitors):
* heap/MarkingConstraintSolver.cpp:
(JSC::MarkingConstraintSolver::didVisitSomething const):
* heap/SlotVisitor.h:
Commit: 9553ea206624ea3d6cfbf83d2cf971b34650b950
https://github.com/WebKit/WebKit/commit/9553ea206624ea3d6cfbf83d2cf971b34650b950
Author: Guillaume Emont <guijemont at igalia.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/microbenchmarks/array-prototype-join-uninitialized.js
A JSTests/stress/array-prototype-join-uninitialized.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/runtime/ArrayPrototype.cpp
M Source/JavaScriptCore/runtime/JSStringInlines.h
M Source/JavaScriptCore/runtime/StringPrototype.cpp
Log Message:
-----------
Merge r242081 - [JSC] Repeat string created from Array.prototype.join() take too much memory
https://bugs.webkit.org/show_bug.cgi?id=193912
Reviewed by Saam Barati.
JSTests:
Added a test and a microbenchmark for corner cases of
Array.prototype.join() with an uninitialized array.
* microbenchmarks/array-prototype-join-uninitialized.js: Added.
* stress/array-prototype-join-uninitialized.js: Added.
(testArray):
(testABC):
(B):
(C):
Source/JavaScriptCore:
Added a fast case in Array.prototype.join when the array is
uninitialized.
* runtime/ArrayPrototype.cpp:
(JSC::canUseFastJoin):
(JSC::fastJoin):
* runtime/JSStringInlines.h:
(JSC::repeatCharacter): moved from StringPrototype.cpp
* runtime/StringPrototype.cpp:
Commit: 955c8cad25e6c4aad94f899e83d7737999c777e6
https://github.com/WebKit/WebKit/commit/955c8cad25e6c4aad94f899e83d7737999c777e6
Author: Philippe Normand <pnormand at igalia.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/page/Frame.cpp
M Source/WebCore/page/Frame.h
M Source/WebCore/page/FrameView.cpp
M Source/WebCore/page/FrameView.h
M Source/WebCore/testing/Internals.cpp
M Source/WebKit/ChangeLog
M Source/WebKit/PlatformWPE.cmake
M Source/WebKit/Shared/CoordinatedGraphics/CoordinatedGraphicsScene.cpp
M Source/WebKit/Shared/CoordinatedGraphics/CoordinatedGraphicsScene.h
M Source/WebKit/Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.cpp
M Source/WebKit/Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.h
M Source/WebKit/Shared/WebPageCreationParameters.cpp
M Source/WebKit/Shared/WebPageCreationParameters.h
M Source/WebKit/SourcesWPE.txt
M Source/WebKit/UIProcess/API/Cocoa/WKWebView.mm
M Source/WebKit/UIProcess/API/glib/WebKitWebView.cpp
M Source/WebKit/UIProcess/API/gtk/WebKitWebViewGtk.cpp
A Source/WebKit/UIProcess/API/wpe/WebKitColor.cpp
A Source/WebKit/UIProcess/API/wpe/WebKitColor.h
A Source/WebKit/UIProcess/API/wpe/WebKitColorPrivate.h
M Source/WebKit/UIProcess/API/wpe/WebKitWebView.h
M Source/WebKit/UIProcess/API/wpe/WebKitWebViewWPE.cpp
M Source/WebKit/UIProcess/API/wpe/docs/wpe-0.1-sections.txt
M Source/WebKit/UIProcess/API/wpe/docs/wpe-docs.sgml
M Source/WebKit/UIProcess/Cocoa/WebViewImpl.mm
M Source/WebKit/UIProcess/WebPageProxy.cpp
M Source/WebKit/UIProcess/WebPageProxy.h
M Source/WebKit/UIProcess/cairo/BackingStoreCairo.cpp
M Source/WebKit/UIProcess/gtk/AcceleratedBackingStore.cpp
M Source/WebKit/UIProcess/gtk/AcceleratedBackingStore.h
M Source/WebKit/UIProcess/gtk/AcceleratedBackingStoreWayland.cpp
M Source/WebKit/UIProcess/gtk/AcceleratedBackingStoreX11.cpp
M Source/WebKit/UIProcess/win/WebView.cpp
M Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp
M Source/WebKit/WebProcess/WebPage/AcceleratedDrawingArea.cpp
M Source/WebKit/WebProcess/WebPage/AcceleratedDrawingArea.h
M Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/CoordinatedLayerTreeHost.cpp
M Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/CoordinatedLayerTreeHost.h
M Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/ThreadedCoordinatedLayerTreeHost.cpp
M Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/ThreadedCoordinatedLayerTreeHost.h
M Source/WebKit/WebProcess/WebPage/DrawingArea.h
M Source/WebKit/WebProcess/WebPage/DrawingAreaImpl.cpp
M Source/WebKit/WebProcess/WebPage/LayerTreeHost.h
M Source/WebKit/WebProcess/WebPage/WebPage.cpp
M Source/WebKit/WebProcess/WebPage/WebPage.h
M Source/WebKit/WebProcess/WebPage/WebPage.messages.in
M Source/WebKitLegacy/win/ChangeLog
M Source/WebKitLegacy/win/WebCoreSupport/WebFrameLoaderClient.cpp
M Source/WebKitLegacy/win/WebFrame.cpp
M Tools/ChangeLog
M Tools/MiniBrowser/wpe/main.cpp
M Tools/TestWebKitAPI/Tests/WebKitGLib/TestWebKitWebView.cpp
Log Message:
-----------
Merge r242082 - [WPE] Add API for webview background color configuration
https://bugs.webkit.org/show_bug.cgi?id=192305
Source/WebCore:
Reviewed by Michael Catanzaro.
Adapt the FrameView API to allow a default non-white background color.
* page/Frame.cpp:
(WebCore::Frame::createView): Replace isTransparent argument with a background color one.
* page/Frame.h:
* page/FrameView.cpp:
(WebCore::FrameView::recalculateBaseBackgroundColor): Use Color::transparent if m_isTransparent is true.
(WebCore::FrameView::updateBackgroundRecursively): Allow the fallback background color to be non-white, this is
used only in non-dark-mode-css build configurations.
* page/FrameView.h:
* testing/Internals.cpp:
(WebCore::Internals::setViewIsTransparent): Use Color::transparent if transparent is true.
Source/WebKit:
Reviewed by Michael Catanzaro.
In the case of WPE we need to send the background color to the web process to be used as the background color of
the page. This patch adapts the GTK+ implementation to do the same, since it's a lot simpler. The patch also
removes the SetDrawsBackground message in favor of the new SetBackgroundColor message that receives an optional
color.
* PlatformWPE.cmake: Add new WPE API for WebKitColor boxed type.
* Shared/CoordinatedGraphics/CoordinatedGraphicsScene.cpp:
(WebKit::CoordinatedGraphicsScene::paintToCurrentGLContext): Remove background rendering and opacity handling.
* Shared/CoordinatedGraphics/CoordinatedGraphicsScene.h:
* Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.cpp:
(WebKit::ThreadedCompositor::renderLayerTree): Remove drawsBakground and always clear the context with
transparent color.
* Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.h:
* Shared/WebPageCreationParameters.cpp:
(WebKit::WebPageCreationParameters::encode const): Replace drawsBackground with backgroundColor.
(WebKit::WebPageCreationParameters::decode): Ditto.
* Shared/WebPageCreationParameters.h:
* SourcesWPE.txt:
* UIProcess/API/glib/WebKitWebView.cpp:
* UIProcess/API/gtk/WebKitWebViewGtk.cpp:
(webkit_web_view_set_background_color):
(webkit_web_view_get_background_color):
* UIProcess/API/wpe/WebKitColor.cpp: Added.
(webkit_color_copy):
(webkit_color_free):
(webkitColorToWebCoreColor):
(webkitColorFillFromWebCoreColor):
(webkit_color_parse):
* UIProcess/API/wpe/WebKitColor.h: Added.
* UIProcess/API/wpe/WebKitColorPrivate.h: Added.
* UIProcess/API/wpe/WebKitWebView.h: Implement webkit_web_view_set_background_color API.
* UIProcess/API/wpe/WebKitWebViewWPE.cpp: Ditto.
(webkit_web_view_set_background_color):
(webkit_web_view_get_background_color):
* UIProcess/API/wpe/docs/wpe-0.1-sections.txt: Add new symbols.
* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::setDrawsBackground): Set a transparent background color when false is passed.
(WebKit::WebPageProxy::setBackgroundColor): Send background color to the WebProcess.
(WebKit::WebPageProxy::creationParameters): Replace drawsBackground with backgroundColor.
* UIProcess/WebPageProxy.h:
(WebKit::WebPageProxy::drawsBackground const):
(WebKit::WebPageProxy::backgroundColor const):
* UIProcess/cairo/BackingStoreCairo.cpp:
(WebKit::BackingStore::incorporateUpdate): Remove GTK+ code to handle background color.
* UIProcess/gtk/AcceleratedBackingStore.cpp:
* UIProcess/gtk/AcceleratedBackingStore.h: Make paint() pure virtual and remove the implementation.
* UIProcess/gtk/AcceleratedBackingStoreWayland.cpp:
(WebKit::AcceleratedBackingStoreWayland::paint): Dot not call AcceleratedBackingStore::paint() now that is pure virtual.
* UIProcess/gtk/AcceleratedBackingStoreX11.cpp:
(WebKit::AcceleratedBackingStoreX11::paint): Ditto.
* WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:
(WebKit::WebFrameLoaderClient::transitionToCommittedForNewPage): Use background color as provided by the
UIProcess when creating the FrameView.
* WebProcess/WebPage/AcceleratedDrawingArea.cpp:
* WebProcess/WebPage/AcceleratedDrawingArea.h:
* WebProcess/WebPage/CoordinatedGraphics/CoordinatedLayerTreeHost.cpp:
* WebProcess/WebPage/CoordinatedGraphics/CoordinatedLayerTreeHost.h:
* WebProcess/WebPage/CoordinatedGraphics/ThreadedCoordinatedLayerTreeHost.cpp:
(WebKit::ThreadedCoordinatedLayerTreeHost::setIsDiscardable):
* WebProcess/WebPage/CoordinatedGraphics/ThreadedCoordinatedLayerTreeHost.h:
* WebProcess/WebPage/DrawingArea.h:
* WebProcess/WebPage/DrawingAreaImpl.cpp:
(WebKit::DrawingAreaImpl::display): Remove special case for transparent background.
* WebProcess/WebPage/LayerTreeHost.h:
* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::setBackgroundColor): New API for background color configuration. Proxies to FrameView and DrawingArea.
* WebProcess/WebPage/WebPage.h:
(WebKit::WebPage::backgroundColor const): Read-only access to the current background color.
* WebProcess/WebPage/WebPage.messages.in: Replace SetDrawsBackground message with SetBackgroundColor.
Source/WebKitLegacy/win:
Patch by Philippe Normand <pnormand at igalia.com> on 2019-02-26
Reviewed by Michael Catanzaro.
* WebCoreSupport/WebFrameLoaderClient.cpp:
(WebFrameLoaderClient::transitionToCommittedForNewPage): Create
FrameView with background color.
Tools:
Patch by Philippe Normand <pnormand at igalia.com> on 2019-02-26
Reviewed by Michael Catanzaro.
* MiniBrowser/wpe/main.cpp:
(main): Add a new option to configure the webview background
color. Example: --bg-color=transparent.
* TestWebKitAPI/Tests/WebKitGLib/TestWebKitWebView.cpp:
(testWebViewBackgroundColor): Enable background color API tests for WPE.
(beforeAll): Ditto.
Commit: ef06f5fa16bc7604e6dc3bdb4423e5bb9921fcce
https://github.com/WebKit/WebKit/commit/ef06f5fa16bc7604e6dc3bdb4423e5bb9921fcce
Author: Guillaume Emont <guijemont at igalia.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
Log Message:
-----------
Merge r242083 - [JSC] Fix compilation on 32-bit platforms after r242071
https://bugs.webkit.org/show_bug.cgi?id=195042
Reviewed by Carlos Garcia Campos.
* jit/AssemblyHelpers.cpp:
(JSC::AssemblyHelpers::emitLoadStructure):
Commit: 726b10a0d4d4a3858ba1e855dbf5a5b84be5b442
https://github.com/WebKit/WebKit/commit/726b10a0d4d4a3858ba1e855dbf5a5b84be5b442
Author: Philippe Normand <pnormand at igalia.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/egl/GLContextEGL.cpp
Log Message:
-----------
Merge r242084 - [EGL] Runtime support for RGB565 pixel layout
https://bugs.webkit.org/show_bug.cgi?id=194817
Reviewed by Carlos Garcia Campos.
Currently our graphics pipeline always relies on a ARGB8888 (32
bpp) pixel configuration. On some low-end (old) embedded platforms
the graphics driver is sometimes optimized for 16 bpp
configurations, such as RGB565. On those platforms the application
can now set the WEBKIT_EGL_PIXEL_LAYOUT environment variable to
"RGB565" to adjust to the best pixel configuration supported by
the screen and graphics driver.
* platform/graphics/egl/GLContextEGL.cpp:
(WebCore::GLContextEGL::getEGLConfig):
Commit: bec8e06cf8a099e445c510151a9a8cf0833efb31
https://github.com/WebKit/WebKit/commit/bec8e06cf8a099e445c510151a9a8cf0833efb31
Author: Mark Lam <mark.lam at apple.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp
M Source/JavaScriptCore/heap/SlotVisitor.cpp
M Source/JavaScriptCore/jit/AssemblyHelpers.cpp
M Source/JavaScriptCore/jit/AssemblyHelpers.h
M Source/JavaScriptCore/jit/SpecializedThunkJIT.h
M Source/JavaScriptCore/llint/LowLevelInterpreter.asm
M Source/JavaScriptCore/llint/LowLevelInterpreter64.asm
M Source/JavaScriptCore/runtime/StructureIDTable.cpp
M Source/JavaScriptCore/runtime/StructureIDTable.h
Log Message:
-----------
Merge r242096 - [Re-landing] Add some randomness into the StructureID.
https://bugs.webkit.org/show_bug.cgi?id=194989
<rdar://problem/47975563>
Reviewed by Yusuke Suzuki.
1. On 64-bit, the StructureID will now be encoded as:
----------------------------------------------------------------
| 1 Nuke Bit | 24 StructureIDTable index bits | 7 entropy bits |
----------------------------------------------------------------
The entropy bits are chosen at random and assigned when a StructureID is
allocated.
2. Instead of Structure pointers, the StructureIDTable will now contain
encodedStructureBits, which is encoded as such:
----------------------------------------------------------------
| 7 entropy bits | 57 structure pointer bits |
----------------------------------------------------------------
The entropy bits here are the same 7 bits used in the encoding of the
StructureID for this structure entry in the StructureIDTable.
3. Retrieval of the structure pointer given a StructureID is now computed as
follows:
index = structureID >> 7; // with arithmetic shift.
encodedStructureBits = structureIDTable[index];
structure = encodedStructureBits ^ (structureID << 57);
We use an arithmetic shift for the right shift because that will preserve
the nuke bit in the high bit of the index if the StructureID was not
decontaminated before use as expected.
4. Remove unused function loadArgumentWithSpecificClass() in SpecializedThunkJIT.
5. Define StructureIDTable::m_size to be the number of allocated StructureIDs
instead of always being the same as m_capacity.
6. Change StructureIDTable::s_unusedID's value to 0.
Its previous value of unusedPointer i.e. 0xd1e7beef, does not make sense for
StructureID on 64-bit. Also, there was never any code that initializes unused
IDs to the s_unusedID. The only meaningful value for s_unusedID is 0, which
is the ID we'll get when the freelist is empty, prompting a resize of the
structureIDTable.
This patch appears to be perf neutral on JetStream 2 run via the cli on a
11" MacBook Air, 13" MacBook Pro, iPhone 6S, and iPhone XR.
* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::loadStructure):
* heap/SlotVisitor.cpp:
(JSC::SlotVisitor::appendJSCellOrAuxiliary):
* jit/AssemblyHelpers.cpp:
(JSC::AssemblyHelpers::emitLoadStructure):
* jit/AssemblyHelpers.h:
* jit/SpecializedThunkJIT.h:
(JSC::SpecializedThunkJIT::loadArgumentWithSpecificClass): Deleted.
* llint/LowLevelInterpreter.asm:
* llint/LowLevelInterpreter64.asm:
* runtime/StructureIDTable.cpp:
(JSC::StructureIDTable::StructureIDTable):
(JSC::StructureIDTable::makeFreeListFromRange):
(JSC::StructureIDTable::resize):
(JSC::StructureIDTable::allocateID):
(JSC::StructureIDTable::deallocateID):
* runtime/StructureIDTable.h:
(JSC::StructureIDTable::decode):
(JSC::StructureIDTable::encode):
(JSC::StructureIDTable::get):
(JSC::StructureIDTable::isValid):
Commit: 15f132f03a9265702fb71e19617ed2bf9f61cae9
https://github.com/WebKit/WebKit/commit/15f132f03a9265702fb71e19617ed2bf9f61cae9
Author: Mark Lam <mark.lam at apple.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/jit/AssemblyHelpers.cpp
Log Message:
-----------
Merge r242101 - Gardening: 32-bit build fix after r242096.
https://bugs.webkit.org/show_bug.cgi?id=194989
Not reviewed.
* jit/AssemblyHelpers.cpp:
(JSC::AssemblyHelpers::emitLoadStructure):
Commit: 23550e116df8d7709896485d049b48c89e97888c
https://github.com/WebKit/WebKit/commit/23550e116df8d7709896485d049b48c89e97888c
Author: Mark Lam <mark.lam at apple.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/runtime/StructureIDTable.cpp
M Source/JavaScriptCore/runtime/StructureIDTable.h
Log Message:
-----------
Merge r242103 - Misc cleanup in StructureIDTable after r242096.
https://bugs.webkit.org/show_bug.cgi?id=195063
Reviewed by Saam Barati.
* runtime/StructureIDTable.cpp:
(JSC::StructureIDTable::allocateID):
- RELEASE_ASSERT that the StructureID allocation will succeed.
* runtime/StructureIDTable.h:
(JSC::StructureIDTable::decode):
(JSC::StructureIDTable::encode):
- Add back a comment that Yusuke requested but was lost when the patch was rolled
out and relanded.
- Applied bitwise_casts that Saam requested.
Commit: 507fcaa0e16e009aef795851c06f5c1465ecda45
https://github.com/WebKit/WebKit/commit/507fcaa0e16e009aef795851c06f5c1465ecda45
Author: Mark Lam <mark.lam at apple.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/JavaScriptCore/API/JSCallbackObject.h
M Source/JavaScriptCore/API/JSObjectRef.cpp
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/assembler/MacroAssemblerCodeRef.h
M Source/JavaScriptCore/b3/B3LowerMacros.cpp
M Source/JavaScriptCore/b3/testb3.cpp
M Source/JavaScriptCore/dfg/DFGOSRExitCompilerCommon.h
M Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp
M Source/JavaScriptCore/dfg/DFGSpeculativeJIT.h
M Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp
M Source/JavaScriptCore/jit/AssemblyHelpers.h
M Source/JavaScriptCore/jit/ThunkGenerators.cpp
M Source/JavaScriptCore/runtime/JSCPoison.h
M Source/JavaScriptCore/runtime/JSDestructibleObject.h
M Source/JavaScriptCore/runtime/JSSegmentedVariableObject.h
M Source/JavaScriptCore/runtime/Structure.h
M Source/JavaScriptCore/runtime/VM.h
M Source/JavaScriptCore/wasm/WasmB3IRGenerator.cpp
M Source/JavaScriptCore/wasm/WasmBinding.cpp
Log Message:
-----------
Merge r242100 - Unpoison MacroAssemblerCodePtr, ClassInfo pointers, and a few other things.
https://bugs.webkit.org/show_bug.cgi?id=195039
Reviewed by Saam Barati.
1. Unpoison MacroAssemblerCodePtrs, ReturnAddressPtr.
2. Replace PoisonedClassInfoPtr with ClassInfo*.
3. Replace PoisonedMasmPtr with const void*.
4. Remove all references to CodeBlockPoison, JITCodePoison, and GlobalDataPoison.
* API/JSCallbackObject.h:
* API/JSObjectRef.cpp:
(classInfoPrivate):
* assembler/MacroAssemblerCodeRef.h:
(JSC::FunctionPtr::FunctionPtr):
(JSC::FunctionPtr::executableAddress const):
(JSC::FunctionPtr::retaggedExecutableAddress const):
(JSC::ReturnAddressPtr::ReturnAddressPtr):
(JSC::ReturnAddressPtr::value const):
(JSC::MacroAssemblerCodePtr::MacroAssemblerCodePtr):
(JSC::MacroAssemblerCodePtr::createFromExecutableAddress):
(JSC::MacroAssemblerCodePtr:: const):
(JSC::MacroAssemblerCodePtr::operator! const):
(JSC::MacroAssemblerCodePtr::operator== const):
(JSC::MacroAssemblerCodePtr::hash const):
(JSC::MacroAssemblerCodePtr::emptyValue):
(JSC::MacroAssemblerCodePtr::deletedValue):
(JSC::FunctionPtr<tag>::FunctionPtr):
(JSC::MacroAssemblerCodePtr::poisonedPtr const): Deleted.
* b3/B3LowerMacros.cpp:
* b3/testb3.cpp:
(JSC::B3::testInterpreter):
* dfg/DFGOSRExitCompilerCommon.h:
(JSC::DFG::adjustFrameAndStackInOSRExitCompilerThunk):
* dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileCheckSubClass):
(JSC::DFG::SpeculativeJIT::compileNewStringObject):
(JSC::DFG::SpeculativeJIT::emitSwitchIntJump):
(JSC::DFG::SpeculativeJIT::emitSwitchImm):
(JSC::DFG::SpeculativeJIT::emitSwitchCharStringJump):
(JSC::DFG::SpeculativeJIT::emitSwitchChar):
* dfg/DFGSpeculativeJIT.h:
* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileNewStringObject):
(JSC::FTL::DFG::LowerDFGToB3::compileCheckSubClass):
* jit/AssemblyHelpers.h:
(JSC::AssemblyHelpers::emitAllocateDestructibleObject):
* jit/ThunkGenerators.cpp:
(JSC::virtualThunkFor):
(JSC::boundThisNoArgsFunctionCallGenerator):
* runtime/JSCPoison.h:
* runtime/JSDestructibleObject.h:
(JSC::JSDestructibleObject::classInfo const):
* runtime/JSSegmentedVariableObject.h:
(JSC::JSSegmentedVariableObject::classInfo const):
* runtime/Structure.h:
* runtime/VM.h:
* wasm/WasmB3IRGenerator.cpp:
(JSC::Wasm::B3IRGenerator::addCall):
(JSC::Wasm::B3IRGenerator::addCallIndirect):
* wasm/WasmBinding.cpp:
(JSC::Wasm::wasmToWasm):
Commit: acdb6601c7be7dfd8d086827ba9da5f09828d72e
https://github.com/WebKit/WebKit/commit/acdb6601c7be7dfd8d086827ba9da5f09828d72e
Author: Dominik Infuehr <dinfuehr at igalia.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M ChangeLog
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/assembler/MacroAssemblerPrinter.cpp
M Source/JavaScriptCore/assembler/testmasm.cpp
M Source/JavaScriptCore/bytecode/InByIdStatus.cpp
M Source/JavaScriptCore/runtime/CachedTypes.cpp
M Source/JavaScriptCore/runtime/JSBigInt.h
M Source/JavaScriptCore/tools/JSDollarVM.cpp
M Source/cmake/WebKitCompilerFlags.cmake
Log Message:
-----------
Merge r242109 - Fix warnings on ARM and MIPS
https://bugs.webkit.org/show_bug.cgi?id=195049
Reviewed by Mark Lam.
.:
Disable warnings for changes to the ABI with GCC 7.1.
* Source/cmake/WebKitCompilerFlags.cmake:
Source/JavaScriptCore:
Fix all warnings on ARM and MIPS.
* assembler/MacroAssemblerPrinter.cpp:
(JSC::Printer::printMemory):
* assembler/testmasm.cpp:
(JSC::testProbeModifiesStackValues):
* bytecode/InByIdStatus.cpp:
(JSC::InByIdStatus::computeFor):
* runtime/CachedTypes.cpp:
(JSC::VariableLengthObject::buffer const):
* runtime/JSBigInt.h:
* tools/JSDollarVM.cpp:
(JSC::codeBlockFromArg):
Commit: d6d7d4cc5c68dab82da93d802d1d280b225f19d6
https://github.com/WebKit/WebKit/commit/d6d7d4cc5c68dab82da93d802d1d280b225f19d6
Author: Sihui Liu <sihui_liu at apple.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/Modules/indexeddb/IDBDatabase.cpp
M Source/WebCore/Modules/indexeddb/IDBTransaction.cpp
M Source/WebCore/Modules/indexeddb/client/IDBConnectionProxy.cpp
M Source/WebCore/Modules/indexeddb/client/IDBConnectionProxy.h
M Source/WebCore/Modules/indexeddb/client/TransactionOperation.h
Log Message:
-----------
Merge r242110 - [Mac WK2] storage/indexeddb/IDBObject-leak.html is flaky
https://bugs.webkit.org/show_bug.cgi?id=195036
Reviewed by Geoffrey Garen.
When connection to IDBServer is lost, IDBDatabase in web process should not only stop active transactions, but
also transactions in committing process.
Also, TransactionOpration should clear its perform function when the operation is being completed, otherwise
there is a reference cycle of TransactionOpration.
Covered by existing tests storage/indexeddb/IDBObject-leak.html.
* Modules/indexeddb/IDBDatabase.cpp:
(WebCore::IDBDatabase::connectionToServerLost): notify committing transasctions that connection is lost.
* Modules/indexeddb/IDBTransaction.cpp:
(WebCore::IDBTransaction::connectionClosedFromServer): notify IDBConnectionProxy that transaction ends.
* Modules/indexeddb/client/IDBConnectionProxy.cpp:
(WebCore::IDBClient::IDBConnectionProxy::forgetTransaction): clear finished transactions.
* Modules/indexeddb/client/IDBConnectionProxy.h:
* Modules/indexeddb/client/TransactionOperation.h:
(WebCore::IDBClient::TransactionOperation::doComplete): clear perform function unconditionally when the
operation is in completion process.
Commit: e06f3dc4b5dbbe213999ffbfda45e9d4e171980b
https://github.com/WebKit/WebKit/commit/e06f3dc4b5dbbe213999ffbfda45e9d4e171980b
Author: Mark Lam <mark.lam at apple.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/wasm/regress/wasmToJS-should-purify-NaNs.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/runtime/JSCJSValue.h
M Source/JavaScriptCore/runtime/TypedArrayAdaptors.h
M Source/JavaScriptCore/wasm/js/WasmToJS.cpp
Log Message:
-----------
Merge r242114 - wasmToJS() should purify incoming NaNs.
https://bugs.webkit.org/show_bug.cgi?id=194807
<rdar://problem/48189132>
Reviewed by Saam Barati.
JSTests:
* wasm/regress/wasmToJS-should-purify-NaNs.js: Added.
Source/JavaScriptCore:
* runtime/JSCJSValue.h:
(JSC::jsNumber):
* runtime/TypedArrayAdaptors.h:
(JSC::IntegralTypedArrayAdaptor::toJSValue):
* wasm/js/WasmToJS.cpp:
(JSC::Wasm::wasmToJS):
Commit: 9e6a96112962c803560bc9bf85f8a0c77d632328
https://github.com/WebKit/WebKit/commit/9e6a96112962c803560bc9bf85f8a0c77d632328
Author: Keith Miller <keith_miller at apple.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/WTF/ChangeLog
M Source/WTF/wtf/NeverDestroyed.h
M Source/WebCore/ChangeLog
M Source/WebCore/dom/make_names.pl
Log Message:
-----------
Merge r242116 - Code quality cleanup in NeverDestroyed
https://bugs.webkit.org/show_bug.cgi?id=194824
Source/WebCore:
Reviewed by Mark Lam.
name_names.pl should not just assume the layout of LazyNeverDestroyed.
* dom/make_names.pl:
(printNamesCppFile):
Source/WTF:
Reviewed by Yusuke Suzuki.
First, move data members to the end of the class per WebKit
style. Also, add forbid heap allocation since we expect the
NeverDestroyed classes to be static.
* wtf/NeverDestroyed.h:
Commit: d89d5c0688c08d2754516fb8b74a1b0165fad1d1
https://github.com/WebKit/WebKit/commit/d89d5c0688c08d2754516fb8b74a1b0165fad1d1
Author: Wenson Hsieh <wenson_hsieh at apple.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/editing/undo/redo-text-insertion-in-non-editable-node-expected.txt
A LayoutTests/editing/undo/redo-text-insertion-in-non-editable-node.html
M Source/WebCore/ChangeLog
M Source/WebCore/editing/InsertIntoTextNodeCommand.cpp
M Source/WebCore/editing/InsertIntoTextNodeCommand.h
Log Message:
-----------
Merge r242117 - Remove conditional compile guard for InsertIntoTextNodeCommand::doReapply
https://bugs.webkit.org/show_bug.cgi?id=195067
<rdar://problem/44812080>
Reviewed by Tim Horton.
Source/WebCore:
This iOS-specific override was introduced to fix <rdar://problem/7114425>, in which the last typed character
would be revealed when redoing text input on iOS inside a password field. The associated change fixed this bug
by overriding doReapply on iOS to only insert text (instead of additionally handling password echo); however, it
really makes sense to skip password echo when redoing on all platforms, so we can just remove the platform-
specific guards around this logic.
Doing this allows us to add the `hasEditableStyle()` check on iOS when redoing text insertion, which results in
a very subtle behavior change covered by the new layout test below.
Test: editing/undo/redo-text-insertion-in-non-editable-node.html
* editing/InsertIntoTextNodeCommand.cpp:
(WebCore::InsertIntoTextNodeCommand::doReapply):
* editing/InsertIntoTextNodeCommand.h:
LayoutTests:
Add a new layout test to verify that redoing text insertion in a non-editable element (which was previously
editable) does not mutate the text nodes affected by editing. This test case currently fails on iOS, since we
take a separate codepath when redoing that does not contain this additional check.
* editing/undo/redo-text-insertion-in-non-editable-node-expected.txt: Added.
* editing/undo/redo-text-insertion-in-non-editable-node.html: Added.
Commit: 48413a0f338fda6273dbae29d9a406b3df389caa
https://github.com/WebKit/WebKit/commit/48413a0f338fda6273dbae29d9a406b3df389caa
Author: Mark Lam <mark.lam at apple.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/JavaScriptCore/API/JSAPIWrapperObject.h
M Source/JavaScriptCore/API/JSCallbackFunction.h
M Source/JavaScriptCore/API/JSCallbackObject.h
M Source/JavaScriptCore/API/glib/JSAPIWrapperGlobalObject.h
M Source/JavaScriptCore/CMakeLists.txt
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj
M Source/JavaScriptCore/Sources.txt
M Source/JavaScriptCore/bytecode/AccessCase.cpp
M Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp
M Source/JavaScriptCore/dfg/DFGSpeculativeJIT.h
M Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp
M Source/JavaScriptCore/ftl/FTLOutput.h
M Source/JavaScriptCore/jit/AssemblyHelpers.cpp
M Source/JavaScriptCore/jit/AssemblyHelpers.h
M Source/JavaScriptCore/jit/JITOpcodes.cpp
M Source/JavaScriptCore/jit/JITPropertyAccess.cpp
M Source/JavaScriptCore/jit/Repatch.cpp
M Source/JavaScriptCore/jit/ThunkGenerators.cpp
M Source/JavaScriptCore/parser/UnlinkedSourceCode.h
M Source/JavaScriptCore/runtime/ArrayPrototype.h
M Source/JavaScriptCore/runtime/CustomGetterSetter.h
M Source/JavaScriptCore/runtime/InitializeThreading.cpp
M Source/JavaScriptCore/runtime/InternalFunction.cpp
M Source/JavaScriptCore/runtime/InternalFunction.h
M Source/JavaScriptCore/runtime/JSArrayBuffer.h
M Source/JavaScriptCore/runtime/JSBoundFunction.h
R Source/JavaScriptCore/runtime/JSCPoison.cpp
R Source/JavaScriptCore/runtime/JSCPoison.h
M Source/JavaScriptCore/runtime/JSFunction.h
M Source/JavaScriptCore/runtime/JSGlobalObject.h
M Source/JavaScriptCore/runtime/JSScriptFetchParameters.h
M Source/JavaScriptCore/runtime/JSScriptFetcher.h
M Source/JavaScriptCore/runtime/JSString.h
M Source/JavaScriptCore/runtime/NativeExecutable.cpp
M Source/JavaScriptCore/runtime/NativeExecutable.h
M Source/JavaScriptCore/runtime/Options.h
M Source/JavaScriptCore/runtime/ScopedArguments.h
M Source/JavaScriptCore/runtime/Structure.cpp
M Source/JavaScriptCore/runtime/StructureTransitionTable.h
M Source/JavaScriptCore/runtime/WriteBarrier.h
M Source/JavaScriptCore/wasm/WasmB3IRGenerator.cpp
M Source/JavaScriptCore/wasm/WasmInstance.h
M Source/JavaScriptCore/wasm/js/JSToWasm.cpp
M Source/JavaScriptCore/wasm/js/JSWebAssemblyCodeBlock.h
M Source/JavaScriptCore/wasm/js/JSWebAssemblyInstance.cpp
M Source/JavaScriptCore/wasm/js/JSWebAssemblyInstance.h
M Source/JavaScriptCore/wasm/js/JSWebAssemblyMemory.h
M Source/JavaScriptCore/wasm/js/JSWebAssemblyModule.h
M Source/JavaScriptCore/wasm/js/JSWebAssemblyTable.cpp
M Source/JavaScriptCore/wasm/js/JSWebAssemblyTable.h
M Source/JavaScriptCore/wasm/js/WasmToJS.cpp
M Source/JavaScriptCore/wasm/js/WebAssemblyFunctionBase.h
M Source/JavaScriptCore/wasm/js/WebAssemblyModuleRecord.cpp
M Source/JavaScriptCore/wasm/js/WebAssemblyModuleRecord.h
M Source/JavaScriptCore/wasm/js/WebAssemblyToJSCallee.h
M Source/JavaScriptCore/wasm/js/WebAssemblyWrapperFunction.h
Log Message:
-----------
Merge r242123 - Remove poisons in JSCPoison and uses of them.
https://bugs.webkit.org/show_bug.cgi?id=195082
Reviewed by Yusuke Suzuki.
Also removed unused poisoning code in WriteBarrier, AssemblyHelpers,
DFG::SpeculativeJIT, FTLLowerDFGToB3, and FTL::Output.
* API/JSAPIWrapperObject.h:
(JSC::JSAPIWrapperObject::wrappedObject):
* API/JSCallbackFunction.h:
* API/JSCallbackObject.h:
* API/glib/JSAPIWrapperGlobalObject.h:
* CMakeLists.txt:
* JavaScriptCore.xcodeproj/project.pbxproj:
* Sources.txt:
* bytecode/AccessCase.cpp:
(JSC::AccessCase::generateWithGuard):
* dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileGetByValOnScopedArguments):
(JSC::DFG::SpeculativeJIT::compileGetArrayLength):
(JSC::DFG::SpeculativeJIT::compileNewFunctionCommon):
(JSC::DFG::SpeculativeJIT::compileGetExecutable):
(JSC::DFG::SpeculativeJIT::compileCreateThis):
* dfg/DFGSpeculativeJIT.h:
(JSC::DFG::SpeculativeJIT::TrustedImmPtr::weakPoisonedPointer): Deleted.
* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileGetExecutable):
(JSC::FTL::DFG::LowerDFGToB3::compileGetArrayLength):
(JSC::FTL::DFG::LowerDFGToB3::compileGetByVal):
(JSC::FTL::DFG::LowerDFGToB3::compileNewFunction):
(JSC::FTL::DFG::LowerDFGToB3::weakPointer):
(JSC::FTL::DFG::LowerDFGToB3::dynamicPoison): Deleted.
(JSC::FTL::DFG::LowerDFGToB3::dynamicPoisonOnLoadedType): Deleted.
(JSC::FTL::DFG::LowerDFGToB3::dynamicPoisonOnType): Deleted.
(JSC::FTL::DFG::LowerDFGToB3::weakPoisonedPointer): Deleted.
* ftl/FTLOutput.h:
(JSC::FTL::Output::weakPoisonedPointer): Deleted.
* jit/AssemblyHelpers.cpp:
(JSC::AssemblyHelpers::emitDynamicPoison): Deleted.
(JSC::AssemblyHelpers::emitDynamicPoisonOnLoadedType): Deleted.
(JSC::AssemblyHelpers::emitDynamicPoisonOnType): Deleted.
* jit/AssemblyHelpers.h:
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_create_this):
* jit/JITPropertyAccess.cpp:
(JSC::JIT::emitScopedArgumentsGetByVal):
* jit/Repatch.cpp:
(JSC::linkPolymorphicCall):
* jit/ThunkGenerators.cpp:
(JSC::virtualThunkFor):
(JSC::nativeForGenerator):
(JSC::boundThisNoArgsFunctionCallGenerator):
* parser/UnlinkedSourceCode.h:
* runtime/ArrayPrototype.h:
* runtime/CustomGetterSetter.h:
(JSC::CustomGetterSetter::getter const):
(JSC::CustomGetterSetter::setter const):
* runtime/InitializeThreading.cpp:
(JSC::initializeThreading):
* runtime/InternalFunction.cpp:
(JSC::InternalFunction::getCallData):
(JSC::InternalFunction::getConstructData):
* runtime/InternalFunction.h:
(JSC::InternalFunction::nativeFunctionFor):
* runtime/JSArrayBuffer.h:
* runtime/JSBoundFunction.h:
* runtime/JSCPoison.cpp: Removed.
* runtime/JSCPoison.h: Removed.
* runtime/JSFunction.h:
* runtime/JSGlobalObject.h:
* runtime/JSScriptFetchParameters.h:
* runtime/JSScriptFetcher.h:
* runtime/JSString.h:
* runtime/NativeExecutable.cpp:
(JSC::NativeExecutable::hashFor const):
* runtime/NativeExecutable.h:
* runtime/Options.h:
* runtime/ScopedArguments.h:
* runtime/Structure.cpp:
(JSC::StructureTransitionTable::setSingleTransition):
* runtime/StructureTransitionTable.h:
(JSC::StructureTransitionTable::map const):
(JSC::StructureTransitionTable::weakImpl const):
(JSC::StructureTransitionTable::setMap):
* runtime/WriteBarrier.h:
* wasm/WasmB3IRGenerator.cpp:
* wasm/WasmInstance.h:
* wasm/js/JSToWasm.cpp:
(JSC::Wasm::createJSToWasmWrapper):
* wasm/js/JSWebAssemblyCodeBlock.h:
* wasm/js/JSWebAssemblyInstance.cpp:
(JSC::JSWebAssemblyInstance::JSWebAssemblyInstance):
(JSC::JSWebAssemblyInstance::visitChildren):
* wasm/js/JSWebAssemblyInstance.h:
* wasm/js/JSWebAssemblyMemory.h:
* wasm/js/JSWebAssemblyModule.h:
* wasm/js/JSWebAssemblyTable.cpp:
(JSC::JSWebAssemblyTable::JSWebAssemblyTable):
(JSC::JSWebAssemblyTable::grow):
(JSC::JSWebAssemblyTable::clearFunction):
* wasm/js/JSWebAssemblyTable.h:
* wasm/js/WasmToJS.cpp:
(JSC::Wasm::materializeImportJSCell):
(JSC::Wasm::handleBadI64Use):
(JSC::Wasm::wasmToJS):
* wasm/js/WebAssemblyFunctionBase.h:
* wasm/js/WebAssemblyModuleRecord.cpp:
(JSC::WebAssemblyModuleRecord::link):
(JSC::WebAssemblyModuleRecord::evaluate):
* wasm/js/WebAssemblyModuleRecord.h:
* wasm/js/WebAssemblyToJSCallee.h:
* wasm/js/WebAssemblyWrapperFunction.h:
Commit: 1cd9c8bff8b08458654e9e63d3a35d225cd7209a
https://github.com/WebKit/WebKit/commit/1cd9c8bff8b08458654e9e63d3a35d225cd7209a
Author: Mark Lam <mark.lam at apple.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/WTF/ChangeLog
M Source/WTF/WTF.xcodeproj/project.pbxproj
M Source/WTF/wtf/Bag.h
M Source/WTF/wtf/CMakeLists.txt
M Source/WTF/wtf/Platform.h
R Source/WTF/wtf/Poisoned.cpp
R Source/WTF/wtf/Poisoned.h
R Source/WTF/wtf/PoisonedUniquePtr.h
M Source/WTF/wtf/Ref.h
M Source/WTF/wtf/RefCountedArray.h
M Source/WTF/wtf/RefPtr.h
M Source/WTF/wtf/WTFAssertions.cpp
M Tools/ChangeLog
M Tools/TestWebKitAPI/CMakeLists.txt
M Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj
R Tools/TestWebKitAPI/Tests/WTF/Poisoned.cpp
R Tools/TestWebKitAPI/Tests/WTF/PoisonedRef.cpp
R Tools/TestWebKitAPI/Tests/WTF/PoisonedRefPtr.cpp
R Tools/TestWebKitAPI/Tests/WTF/PoisonedUniquePtr.cpp
R Tools/TestWebKitAPI/Tests/WTF/PoisonedUniquePtrForNonTriviallyDestructibleArrays.cpp
R Tools/TestWebKitAPI/Tests/WTF/PoisonedUniquePtrForTriviallyDestructibleArrays.cpp
Log Message:
-----------
Merge r242127 - Remove remaining poisoning code.
https://bugs.webkit.org/show_bug.cgi?id=194138
Reviewed by Saam Barati.
Source/WTF:
This patch removes the instantiation of Poisoned variants of the various containers
but retains the ability of those containers to work with pointer traits. This
allows us to use them with smart pointers in the future (just like we used to with
Poisoned values). At minimum, this ability will be useful when we want to insert
an observer into the container storage type for debugging purposes, or to collect
statistics for profiling.
* WTF.xcodeproj/project.pbxproj:
* wtf/Bag.h:
* wtf/CMakeLists.txt:
* wtf/Platform.h:
* wtf/Poisoned.cpp: Removed.
* wtf/Poisoned.h: Removed.
* wtf/PoisonedUniquePtr.h: Removed.
* wtf/Ref.h:
* wtf/RefCountedArray.h:
* wtf/RefPtr.h:
* wtf/WTFAssertions.cpp:
Tools:
* TestWebKitAPI/CMakeLists.txt:
* TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
* TestWebKitAPI/Tests/WTF/Poisoned.cpp: Removed.
* TestWebKitAPI/Tests/WTF/PoisonedRef.cpp: Removed.
* TestWebKitAPI/Tests/WTF/PoisonedRefPtr.cpp: Removed.
* TestWebKitAPI/Tests/WTF/PoisonedUniquePtr.cpp: Removed.
* TestWebKitAPI/Tests/WTF/PoisonedUniquePtrForNonTriviallyDestructibleArrays.cpp: Removed.
* TestWebKitAPI/Tests/WTF/PoisonedUniquePtrForTriviallyDestructibleArrays.cpp: Removed.
Commit: a090a126fb2f0b7ca7b8ac94f74b2e709b8af3ad
https://github.com/WebKit/WebKit/commit/a090a126fb2f0b7ca7b8ac94f74b2e709b8af3ad
Author: Ulrich Pflueger <up at nanocosmos.de>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/media/media-source/media-source-append-variable-frame-lengths-with-matching-durations-expected.txt
A LayoutTests/media/media-source/media-source-append-variable-frame-lengths-with-matching-durations.html
M Source/WebCore/ChangeLog
M Source/WebCore/Modules/mediasource/SourceBuffer.cpp
Log Message:
-----------
Merge r242129 - [MSE] SourceBuffer sample time increment vs. last frame duration check is broken
https://bugs.webkit.org/show_bug.cgi?id=194747
<rdar://problem/48148469>
Patch by Ulrich Pflueger <up at nanocosmos.de> on 2019-02-27
Reviewed by Jer Noble.
Source/WebCore:
Prevent unintended frame drops by including last frame duration in discontinuity check.
Test: media/media-source/media-source-append-variable-frame-lengths-with-matching-durations.html
* Modules/mediasource/SourceBuffer.cpp:
(WebCore::SourceBuffer::sourceBufferPrivateDidReceiveSample):
LayoutTests:
* media/media-source/media-source-append-variable-frame-lengths-with-matching-durations-expected.txt: Added.
* media/media-source/media-source-append-variable-frame-lengths-with-matching-durations.html: Added.
Commit: 56b7d8c9204b0f9f4d193727e414332dc96905a0
https://github.com/WebKit/WebKit/commit/56b7d8c9204b0f9f4d193727e414332dc96905a0
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/read-dead-bytecode-locals-in-must-handle-values1.js
A JSTests/stress/read-dead-bytecode-locals-in-must-handle-values2.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/bytecode/Operands.h
M Source/JavaScriptCore/dfg/DFGCFAPhase.cpp
M Source/JavaScriptCore/dfg/DFGDriver.cpp
M Source/JavaScriptCore/dfg/DFGDriver.h
M Source/JavaScriptCore/dfg/DFGJITCode.cpp
M Source/JavaScriptCore/dfg/DFGJITCode.h
M Source/JavaScriptCore/dfg/DFGOperations.cpp
M Source/JavaScriptCore/dfg/DFGPlan.cpp
M Source/JavaScriptCore/dfg/DFGPlan.h
M Source/JavaScriptCore/dfg/DFGPredictionInjectionPhase.cpp
M Source/JavaScriptCore/dfg/DFGTypeCheckHoistingPhase.cpp
M Source/JavaScriptCore/ftl/FTLOSREntry.cpp
M Source/JavaScriptCore/jit/JITOperations.cpp
Log Message:
-----------
Merge r242192 - [JSC] mustHandleValues for dead bytecode locals should be ignored in DFG phases
https://bugs.webkit.org/show_bug.cgi?id=195144
<rdar://problem/47595961>
Reviewed by Mark Lam.
JSTests:
* stress/read-dead-bytecode-locals-in-must-handle-values1.js: Added.
(bar):
(foo):
* stress/read-dead-bytecode-locals-in-must-handle-values2.js: Added.
(bar):
(foo):
Source/JavaScriptCore:
DFGMaximalFlushInsertionPhase inserts Flush for all the locals at the end of basic blocks. This enlarges the live ranges of
locals in DFG, and it sometimes makes DFG value live while it is dead in bytecode. The issue happens when we use mustHandleValues
to widen AbstractValue in CFAPhase. At that time, DFG tells "this value is live in DFG", but it may be dead in the bytecode level.
At that time, we attempt to merge AbstractValue with dead mustHandleValue, which is cleared as jsUndefined() in
DFG::Plan::cleanMustHandleValuesIfNecessary before start compilation, and crash because jsUndefined() may be irrelevant to the FlushFormat
in VariableAccessData.
This patch makes the type of mustHandleValues Operands<Optional<JSValue>>. We clear dead JSValues in DFG::Plan::cleanMustHandleValuesIfNecessary.
And we skip handling dead mustHandleValue in DFG phases.
* bytecode/Operands.h:
(JSC::Operands::isLocal const):
(JSC::Operands::isVariable const): Deleted.
* dfg/DFGCFAPhase.cpp:
(JSC::DFG::CFAPhase::injectOSR):
* dfg/DFGDriver.cpp:
(JSC::DFG::compileImpl):
(JSC::DFG::compile):
* dfg/DFGDriver.h:
* dfg/DFGJITCode.cpp:
(JSC::DFG::JITCode::reconstruct):
* dfg/DFGJITCode.h:
* dfg/DFGOperations.cpp:
* dfg/DFGPlan.cpp:
(JSC::DFG::Plan::Plan):
(JSC::DFG::Plan::checkLivenessAndVisitChildren):
(JSC::DFG::Plan::cleanMustHandleValuesIfNecessary):
* dfg/DFGPlan.h:
(JSC::DFG::Plan::mustHandleValues const):
* dfg/DFGPredictionInjectionPhase.cpp:
(JSC::DFG::PredictionInjectionPhase::run):
* dfg/DFGTypeCheckHoistingPhase.cpp:
(JSC::DFG::TypeCheckHoistingPhase::disableHoistingAcrossOSREntries):
* ftl/FTLOSREntry.cpp:
(JSC::FTL::prepareOSREntry):
* jit/JITOperations.cpp:
Commit: 45761d371ad48143c5291f592429e833553c23b8
https://github.com/WebKit/WebKit/commit/45761d371ad48143c5291f592429e833553c23b8
Author: Mark Lam <mark.lam at apple.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/parser-should-record-token-location-of-new-dot-target.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/parser/Parser.cpp
Log Message:
-----------
Merge r242193 - The parser is failing to record the token location of new in new.target.
https://bugs.webkit.org/show_bug.cgi?id=195127
<rdar://problem/39645578>
Reviewed by Yusuke Suzuki.
JSTests:
* stress/parser-should-record-token-location-of-new-dot-target.js: Added.
Source/JavaScriptCore:
Also adjust the token location for the following to be as shown:
new.target
^
super
^
import.meta
^
* parser/Parser.cpp:
(JSC::Parser<LexerType>::parseMemberExpression):
Commit: 2e1e436013a1631f68b9947492462d35ade7cba4
https://github.com/WebKit/WebKit/commit/2e1e436013a1631f68b9947492462d35ade7cba4
Author: Myles C. Maxfield <mmaxfield at apple.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/fast/text/text-combine-crash-2-expected.html
A LayoutTests/fast/text/text-combine-crash-2.html
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/cocoa/FontDescriptionCocoa.cpp
M Source/WebCore/rendering/RenderCombineText.cpp
Log Message:
-----------
Merge r242237 - Use-after-move in RenderCombineText::combineTextIfNeeded()
https://bugs.webkit.org/show_bug.cgi?id=195188
Reviewed by Zalan Bujtas.
Source/WebCore:
r241288 uncovered an existing problem with our text-combine code. r242204 alleviated the
symptom, but this patch fixes the source of the problem (and reverts r242204).
The code in RenderCombineText::combineTextIfNeeded() has a bit that’s like:
FontDescription bestFitDescription;
while (...) {
FontCascade compressedFont(WTFMove(bestFitDescription), ...);
...
}
Clearly this is wrong.
Test: fast/text/text-combine-crash-2.html
* platform/graphics/cocoa/FontDescriptionCocoa.cpp:
(WebCore::FontDescription::platformResolveGenericFamily):
* rendering/RenderCombineText.cpp:
(WebCore::RenderCombineText::combineTextIfNeeded):
LayoutTests:
* fast/text/text-combine-crash-2-expected.html: Added.
* fast/text/text-combine-crash-2.html: Added.
Commit: ac4be664a8696f9290cd46678c3c256f57b646a7
https://github.com/WebKit/WebKit/commit/ac4be664a8696f9290cd46678c3c256f57b646a7
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/microbenchmarks/make-rope.js
M JSTests/stress/to-lower-case-intrinsic-on-empty-rope.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj
M Source/JavaScriptCore/assembler/MacroAssemblerARM64.h
M Source/JavaScriptCore/assembler/MacroAssemblerX86Common.h
M Source/JavaScriptCore/bytecode/AccessCase.cpp
M Source/JavaScriptCore/bytecode/InlineAccess.cpp
M Source/JavaScriptCore/bytecode/InlineAccess.h
M Source/JavaScriptCore/dfg/DFGOperations.cpp
M Source/JavaScriptCore/dfg/DFGOperations.h
M Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp
M Source/JavaScriptCore/dfg/DFGSpeculativeJIT.h
M Source/JavaScriptCore/dfg/DFGSpeculativeJIT32_64.cpp
M Source/JavaScriptCore/dfg/DFGSpeculativeJIT64.cpp
M Source/JavaScriptCore/ftl/FTLAbstractHeapRepository.cpp
M Source/JavaScriptCore/ftl/FTLAbstractHeapRepository.h
M Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp
M Source/JavaScriptCore/jit/AssemblyHelpers.cpp
M Source/JavaScriptCore/jit/AssemblyHelpers.h
M Source/JavaScriptCore/jit/JITInlines.h
M Source/JavaScriptCore/jit/Repatch.cpp
M Source/JavaScriptCore/jit/ThunkGenerators.cpp
M Source/JavaScriptCore/llint/LowLevelInterpreter.asm
M Source/JavaScriptCore/llint/LowLevelInterpreter32_64.asm
M Source/JavaScriptCore/llint/LowLevelInterpreter64.asm
M Source/JavaScriptCore/runtime/JSString.cpp
M Source/JavaScriptCore/runtime/JSString.h
M Source/JavaScriptCore/runtime/JSStringInlines.h
M Source/JavaScriptCore/runtime/ObjectPrototype.cpp
M Source/JavaScriptCore/runtime/RegExpMatchesArray.h
M Source/JavaScriptCore/runtime/RegExpObjectInlines.h
M Source/JavaScriptCore/runtime/RegExpPrototype.cpp
M Source/JavaScriptCore/runtime/SmallStrings.cpp
M Source/JavaScriptCore/runtime/SmallStrings.h
M Source/JavaScriptCore/runtime/StringPrototype.cpp
A Source/JavaScriptCore/runtime/StringPrototypeInlines.h
M Source/WTF/ChangeLog
M Source/WTF/wtf/text/StringImpl.h
M Source/WTF/wtf/text/WTFString.cpp
M Source/WTF/wtf/text/WTFString.h
Log Message:
-----------
Merge r242252 - [JSC] sizeof(JSString) should be 16
https://bugs.webkit.org/show_bug.cgi?id=194375
Reviewed by Saam Barati.
JSTests:
* microbenchmarks/make-rope.js: Added.
(makeRope):
* stress/to-lower-case-intrinsic-on-empty-rope.js: We no longer allow 0 length JSString except for jsEmptyString singleton per VM.
(returnRope.helper): Deleted.
(returnRope): Deleted.
Source/JavaScriptCore:
This patch reduces sizeof(JSString) from 24 to 16 to fit it into GC heap cell atom. And it also reduces sizeof(JSRopeString) from 48 to 32.
Both classes cut 16 bytes per instance in GC allocation. This new layout is used in 64bit architectures which has little endianess.
JSString no longer has length and flags directly. JSString has String, and we query information to this String instead of holding duplicate
information in JSString. We embed isRope bit into this String's pointer so that we can convert JSRopeString to JSString in an atomic manner.
We emit store-store fence before we put String pointer. This should exist even before this patch, so this patch also fixes one concurrency issue.
The old JSRopeString separately had JSString* fibers along with String. In this patch, we merge the first JSString* fiber and String pointer
storage into one to reduce the size of JSRopeString. JSRopeString has three pointer width storage. We pick 48bit effective address of JSString*
fibers to compress three fibers + length + flags into three pointer width storage.
In 64bit architecture, JSString and JSRopeString have the following memory layout to make sizeof(JSString) == 16 and sizeof(JSRopeString) == 32.
JSString has only one pointer. We use it for String. length() and is8Bit() queries go to StringImpl. In JSRopeString, we reuse the above pointer
place for the 1st fiber. JSRopeString has three fibers so its size is 48. To keep length and is8Bit flag information in JSRopeString, JSRopeString
encodes these information into the fiber pointers. is8Bit flag is encoded in the 1st fiber pointer. length is embedded directly, and two fibers
are compressed into 12bytes. isRope information is encoded in the first fiber's LSB.
Since length of JSRopeString should be frequently accessed compared to each fiber, we put length in contiguous 32byte field, and compress 2nd
and 3rd fibers into the following 80byte fields. One problem is that now 2nd and 3rd fibers are split. Storing and loading 2nd and 3rd fibers
are not one pointer load operation. To make concurrent collector work correctly, we must initialize 2nd and 3rd fibers at JSRopeString creation
and we must not modify these part later.
0 8 10 16 32 48
JSString [ ID ][ header ][ String pointer 0]
JSRopeString [ ID ][ header ][ flags ][ 1st fiber 1][ length ][2nd lower32][2nd upper16][3rd lower16][3rd upper32]
^
isRope bit
Since fibers in JSRopeString are not initialized in atomic pointer store manner, we must initialize all the fiber fields at JSRopeString creation.
To achieve this, we modify our JSRopeString::RopeBuilder implementation not to create half-baked JSRopeString.
This patch also makes an empty JSString singleton per VM. This makes evaluation of JSString in boolean context one pointer comparison. This is
critical in this change since this patch enlarges the code necessary to get length from JSString in JIT. Without this guarantee, our code of boolean
context evaluation is bloated. This patch hides all the JSString::create and JSRopeString::create in the private permission. JSString and JSRopeString
creation is only allowed from jsString and related helper functions and they return a singleton empty JSString if the length is zero. We also change
JSRopeString::RopeBuilder not to construct an empty JSRopeString.
This patch is performance neutral in Speedometer2 and JetStream2. And it improves RAMification by 2.7%.
* JavaScriptCore.xcodeproj/project.pbxproj:
* assembler/MacroAssemblerARM64.h:
(JSC::MacroAssemblerARM64::storeZero16):
* assembler/MacroAssemblerX86Common.h:
(JSC::MacroAssemblerX86Common::storeZero16):
(JSC::MacroAssemblerX86Common::store16):
* bytecode/AccessCase.cpp:
(JSC::AccessCase::generateImpl):
* bytecode/InlineAccess.cpp:
(JSC::InlineAccess::dumpCacheSizesAndCrash):
(JSC::linkCodeInline):
(JSC::InlineAccess::isCacheableStringLength):
(JSC::InlineAccess::generateStringLength):
* bytecode/InlineAccess.h:
(JSC::InlineAccess::sizeForPropertyAccess):
(JSC::InlineAccess::sizeForPropertyReplace):
(JSC::InlineAccess::sizeForLengthAccess):
* dfg/DFGOperations.cpp:
* dfg/DFGOperations.h:
* dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileStringSlice):
(JSC::DFG::SpeculativeJIT::compileToLowerCase):
(JSC::DFG::SpeculativeJIT::compileGetCharCodeAt):
(JSC::DFG::SpeculativeJIT::compileGetByValOnString):
(JSC::DFG::SpeculativeJIT::compileStringEquality):
(JSC::DFG::SpeculativeJIT::compileStringZeroLength):
(JSC::DFG::SpeculativeJIT::compileLogicalNotStringOrOther):
(JSC::DFG::SpeculativeJIT::emitStringBranch):
(JSC::DFG::SpeculativeJIT::emitStringOrOtherBranch):
(JSC::DFG::SpeculativeJIT::compileGetIndexedPropertyStorage):
(JSC::DFG::SpeculativeJIT::compileGetArrayLength):
(JSC::DFG::SpeculativeJIT::emitPopulateSliceIndex):
(JSC::DFG::SpeculativeJIT::compileArraySlice):
(JSC::DFG::SpeculativeJIT::compileArrayIndexOf):
(JSC::DFG::SpeculativeJIT::speculateStringIdentAndLoadStorage):
(JSC::DFG::SpeculativeJIT::emitSwitchCharStringJump):
(JSC::DFG::SpeculativeJIT::emitSwitchStringOnString):
(JSC::DFG::SpeculativeJIT::compileMakeRope): Deleted.
* dfg/DFGSpeculativeJIT.h:
* dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
(JSC::DFG::SpeculativeJIT::compileMakeRope):
* dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compile):
(JSC::DFG::SpeculativeJIT::compileMakeRope):
* ftl/FTLAbstractHeapRepository.cpp:
(JSC::FTL::AbstractHeapRepository::AbstractHeapRepository):
* ftl/FTLAbstractHeapRepository.h:
* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileGetIndexedPropertyStorage):
(JSC::FTL::DFG::LowerDFGToB3::compileGetArrayLength):
(JSC::FTL::DFG::LowerDFGToB3::compileMakeRope):
(JSC::FTL::DFG::LowerDFGToB3::compileStringCharAt):
(JSC::FTL::DFG::LowerDFGToB3::compileStringCharCodeAt):
(JSC::FTL::DFG::LowerDFGToB3::compileCompareStrictEq):
(JSC::FTL::DFG::LowerDFGToB3::compileStringToUntypedStrictEquality):
(JSC::FTL::DFG::LowerDFGToB3::compileSwitch):
(JSC::FTL::DFG::LowerDFGToB3::mapHashString):
(JSC::FTL::DFG::LowerDFGToB3::compileMapHash):
(JSC::FTL::DFG::LowerDFGToB3::compileHasOwnProperty):
(JSC::FTL::DFG::LowerDFGToB3::compileStringSlice):
(JSC::FTL::DFG::LowerDFGToB3::compileToLowerCase):
(JSC::FTL::DFG::LowerDFGToB3::stringsEqual):
(JSC::FTL::DFG::LowerDFGToB3::boolify):
(JSC::FTL::DFG::LowerDFGToB3::switchString):
(JSC::FTL::DFG::LowerDFGToB3::isRopeString):
(JSC::FTL::DFG::LowerDFGToB3::isNotRopeString):
(JSC::FTL::DFG::LowerDFGToB3::speculateStringIdent):
* jit/AssemblyHelpers.cpp:
(JSC::AssemblyHelpers::emitConvertValueToBoolean):
(JSC::AssemblyHelpers::branchIfValue):
* jit/AssemblyHelpers.h:
(JSC::AssemblyHelpers::branchIfRopeStringImpl):
(JSC::AssemblyHelpers::branchIfNotRopeStringImpl):
* jit/JITInlines.h:
(JSC::JIT::emitLoadCharacterString):
* jit/Repatch.cpp:
(JSC::tryCacheGetByID):
* jit/ThunkGenerators.cpp:
(JSC::stringGetByValGenerator):
(JSC::stringCharLoad):
* llint/LowLevelInterpreter.asm:
* llint/LowLevelInterpreter32_64.asm:
* llint/LowLevelInterpreter64.asm:
* runtime/JSString.cpp:
(JSC::JSString::createEmptyString):
(JSC::JSRopeString::RopeBuilder<RecordOverflow>::expand):
(JSC::JSString::dumpToStream):
(JSC::JSString::estimatedSize):
(JSC::JSString::visitChildren):
(JSC::JSRopeString::resolveRopeInternal8 const):
(JSC::JSRopeString::resolveRopeInternal8NoSubstring const):
(JSC::JSRopeString::resolveRopeInternal16 const):
(JSC::JSRopeString::resolveRopeInternal16NoSubstring const):
(JSC::JSRopeString::resolveRopeToAtomicString const):
(JSC::JSRopeString::convertToNonRope const):
(JSC::JSRopeString::resolveRopeToExistingAtomicString const):
(JSC::JSRopeString::resolveRopeWithFunction const):
(JSC::JSRopeString::resolveRope const):
(JSC::JSRopeString::resolveRopeSlowCase8 const):
(JSC::JSRopeString::resolveRopeSlowCase const):
(JSC::JSRopeString::outOfMemory const):
(JSC::JSRopeString::visitFibers): Deleted.
(JSC::JSRopeString::clearFibers const): Deleted.
* runtime/JSString.h:
(JSC::JSString::uninitializedValueInternal const):
(JSC::JSString::valueInternal const):
(JSC::JSString::JSString):
(JSC::JSString::finishCreation):
(JSC::JSString::create):
(JSC::JSString::offsetOfValue):
(JSC::JSString::isRope const):
(JSC::JSString::is8Bit const):
(JSC::JSString::length const):
(JSC::JSString::tryGetValueImpl const):
(JSC::JSString::toAtomicString const):
(JSC::JSString::toExistingAtomicString const):
(JSC::JSString::value const):
(JSC::JSString::tryGetValue const):
(JSC::JSRopeString::unsafeView const):
(JSC::JSRopeString::viewWithUnderlyingString const):
(JSC::JSString::unsafeView const):
(JSC::JSString::viewWithUnderlyingString const):
(JSC::JSString::offsetOfLength): Deleted.
(JSC::JSString::offsetOfFlags): Deleted.
(JSC::JSString::setIs8Bit const): Deleted.
(JSC::JSString::setLength): Deleted.
(JSC::JSString::string): Deleted.
(JSC::jsStringBuilder): Deleted.
* runtime/JSStringInlines.h:
(JSC::JSString::~JSString):
(JSC::JSString::equal const):
* runtime/ObjectPrototype.cpp:
(JSC::objectProtoFuncToString):
* runtime/RegExpMatchesArray.h:
(JSC::createRegExpMatchesArray):
* runtime/RegExpObjectInlines.h:
(JSC::collectMatches):
* runtime/RegExpPrototype.cpp:
(JSC::regExpProtoFuncSplitFast):
* runtime/SmallStrings.cpp:
(JSC::SmallStrings::initializeCommonStrings):
(JSC::SmallStrings::createEmptyString): Deleted.
* runtime/SmallStrings.h:
* runtime/StringPrototype.cpp:
(JSC::stringProtoFuncSlice):
* runtime/StringPrototypeInlines.h: Added.
(JSC::stringSlice):
Source/WTF:
* wtf/text/StringImpl.h:
(WTF::StringImpl::flagIs8Bit):
(WTF::StringImpl::flagIsAtomic):
(WTF::StringImpl::flagIsSymbol):
(WTF::StringImpl::maskStringKind):
* wtf/text/WTFString.cpp:
(WTF::nullString):
* wtf/text/WTFString.h:
Commit: c7d88b635e939ef138cc459ea8288cba19c368ae
https://github.com/WebKit/WebKit/commit/c7d88b635e939ef138cc459ea8288cba19c368ae
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Tools/ChangeLog
M Tools/lldb/lldb_webkit.py
Log Message:
-----------
Merge r242260 - Unreviewed, fix lldb webkitpy tests
https://bugs.webkit.org/show_bug.cgi?id=194375
Since we changed the value of Is8Bit flag in StringImpl, we change lldb webkitpy tests accordingly.
* lldb/lldb_webkit.py:
(WTFStringImplProvider.is_8bit):
Commit: c4dd0cd4b294e15fb490c274a834ee6ffb172d4b
https://github.com/WebKit/WebKit/commit/c4dd0cd4b294e15fb490c274a834ee6ffb172d4b
Author: Dominik Infuehr <dinfuehr at igalia.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/assembler/MacroAssemblerARMv7.cpp
Log Message:
-----------
Merge r242261 - [ARM] Fix assembler warnings in ctiMasmProbeTrampoline
https://bugs.webkit.org/show_bug.cgi?id=195164
Reviewed by Mark Lam.
Short branches in IT blocks are deprecated in AArch32. In addition the
the conditional branch was the only instruction in the IT block. Short
branches are able to encode the condition code themselves, the additional
IT instruction is not needed.
The assembler was also warning that writing into APSR without a bitmask
was deprecated. Therefore use APSR_nzcvq instead, this generates the same
instruction encoding.
* assembler/MacroAssemblerARMv7.cpp:
Commit: 2ec78e1e9c73366f63d4690e516eef1f8da4be43
https://github.com/WebKit/WebKit/commit/2ec78e1e9c73366f63d4690e516eef1f8da4be43
Author: Youenn Fablet <youennf at gmail.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/Modules/indexeddb/IndexedDB.h
M Source/WebKit/ChangeLog
M Source/WebKit/NetworkProcess/IndexedDB/WebIDBConnectionToClient.cpp
M Source/WebKit/NetworkProcess/IndexedDB/WebIDBConnectionToClient.h
M Source/WebKit/NetworkProcess/IndexedDB/WebIDBConnectionToClient.messages.in
M Source/WebKit/Scripts/webkit/messages.py
M Source/WebKit/WebProcess/Databases/IndexedDB/WebIDBConnectionToServer.cpp
Log Message:
-----------
Merge r242281 - Serialize IndexedDB::ObjectStoreOverwriteMode as an enum
https://bugs.webkit.org/show_bug.cgi?id=195213
Reviewed by Alex Christensen.
Source/WebCore:
Add traits to enable enum IPC encoding.
No change of behavior.
* Modules/indexeddb/IndexedDB.h:
Source/WebKit:
Make use of enum trait to automatically check for correct enum value when receiving a putOrAdd message.
* NetworkProcess/IndexedDB/WebIDBConnectionToClient.cpp:
(WebKit::WebIDBConnectionToClient::putOrAdd):
* NetworkProcess/IndexedDB/WebIDBConnectionToClient.h:
* NetworkProcess/IndexedDB/WebIDBConnectionToClient.messages.in:
* Scripts/webkit/messages.py:
* WebProcess/Databases/IndexedDB/WebIDBConnectionToServer.cpp:
(WebKit::WebIDBConnectionToServer::putOrAdd):
Commit: 018fa9baea59c1df5400340f9d1366a562c8f537
https://github.com/WebKit/WebKit/commit/018fa9baea59c1df5400340f9d1366a562c8f537
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp
M Source/JavaScriptCore/dfg/DFGSpeculativeJIT32_64.cpp
M Source/JavaScriptCore/dfg/DFGSpeculativeJIT64.cpp
Log Message:
-----------
Merge r242286 - [JSC] Use runtime calls for DFG MakeRope if !CPU(ADDRESS64)
https://bugs.webkit.org/show_bug.cgi?id=195221
Reviewed by Mark Lam.
ARM32_64 builds DFG 64bit, but the size of address is 32bit. Make DFG MakeRope a runtime call not only for DFG 32_64,
but also DFG 64 with !CPU(ADDRESS64). This patch unifies compileMakeRope again, and use a runtime call for !CPU(ADDRESS64).
* dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileMakeRope):
* dfg/DFGSpeculativeJIT32_64.cpp:
(JSC::DFG::SpeculativeJIT::compileMakeRope): Deleted.
* dfg/DFGSpeculativeJIT64.cpp:
(JSC::DFG::SpeculativeJIT::compileMakeRope): Deleted.
Commit: 6d24db4867b090121c477f77b657c36cb6c3385c
https://github.com/WebKit/WebKit/commit/6d24db4867b090121c477f77b657c36cb6c3385c
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/runtime/JSString.h
Log Message:
-----------
Merge r242299 - [JSC] Fix FTL build on ARM32_64 by adding stubs for JSRopeString::offsetOfXXX
https://bugs.webkit.org/show_bug.cgi?id=195235
Reviewed by Saam Barati.
This is a workaround until https://bugs.webkit.org/show_bug.cgi?id=195234 is done.
* runtime/JSString.h:
Commit: 5c57e259987aae8b4a383b7c2976cc493273ce1f
https://github.com/WebKit/WebKit/commit/5c57e259987aae8b4a383b7c2976cc493273ce1f
Author: Darin Adler <darin at apple.com>
Date: 2019-03-05 (Tue, 05 Mar 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/bytecode/CodeBlock.cpp
M Source/WTF/ChangeLog
M Source/WTF/wtf/Assertions.cpp
M Source/WTF/wtf/HexNumber.h
M Source/WTF/wtf/text/StringConcatenate.h
M Source/WTF/wtf/text/StringConcatenateNumbers.h
M Source/WTF/wtf/text/StringOperators.h
M Source/WTF/wtf/text/StringView.h
M Source/WTF/wtf/text/WTFString.cpp
M Source/WTF/wtf/text/WTFString.h
M Source/WebCore/ChangeLog
M Source/WebCore/dom/Document.cpp
M Source/WebCore/html/FTPDirectoryDocument.cpp
M Source/WebCore/mathml/MathMLElement.cpp
M Source/WebCore/page/cocoa/ResourceUsageOverlayCocoa.mm
M Source/WebCore/page/linux/ResourceUsageOverlayLinux.cpp
M Source/WebCore/platform/DateComponents.cpp
M Source/WebCore/platform/LocalizedStrings.cpp
M Source/WebCore/platform/audio/HRTFElevation.cpp
M Source/WebCore/platform/mock/MockRealtimeVideoSource.cpp
M Source/WebCore/rendering/RenderLayerCompositor.cpp
M Source/WebCore/rendering/RenderTheme.cpp
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm
M Source/WebKitLegacy/win/ChangeLog
M Source/WebKitLegacy/win/FullscreenVideoController.cpp
M Tools/ChangeLog
M Tools/TestWebKitAPI/Tests/WTF/StringConcatenate.cpp
Log Message:
-----------
Merge r242308 - Finish removing String::format
https://bugs.webkit.org/show_bug.cgi?id=194893
Reviewed by Daniel Bates.
Source/JavaScriptCore:
* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::nameForRegister): Use makeString instead of String::format,
using the new "pad" function.
Source/WebCore:
* dom/Document.cpp:
(WebCore::Document::lastModified const): Use makeString and pad.
* html/FTPDirectoryDocument.cpp:
(WebCore::processFileDateString): Ditto.
* mathml/MathMLElement.cpp:
(WebCore::convertToPercentageIfNeeded): Use makeString and FormattedNumber.
* page/cocoa/ResourceUsageOverlayCocoa.mm:
(WebCore::ResourceUsageOverlay::platformDraw): Use makeString and pad.
* page/linux/ResourceUsageOverlayLinux.cpp:
(WebCore::cpuUsageString): Use makeString, FormattedNumber, and pad.
(WebCore::gcTimerString): Use String::number.
* platform/DateComponents.cpp:
(WebCore::DateComponents::toStringForTime const): Use makeString and pad.
(WebCore::DateComponents::toString const): Ditto.
* platform/LocalizedStrings.cpp: Removed comment that mentioned String::format,
and that was also inaccurate.
* platform/audio/HRTFElevation.cpp:
(WebCore::HRTFElevation::calculateKernelsForAzimuthElevation):
Use makeString and pad.
* platform/mock/MockRealtimeVideoSource.cpp:
(WebCore::MockRealtimeVideoSource::drawText): Ditto.
* rendering/RenderLayerCompositor.cpp:
(WebCore::RenderLayerCompositor::logLayerInfo): Ditto.
* rendering/RenderTheme.cpp:
(WebCore::RenderTheme::formatMediaControlsTime const): Ditto.
Source/WebKit:
* UIProcess/WebAuthentication/Cocoa/LocalAuthenticator.mm:
(WebKit::LocalAuthenticator::getAssertion): Use makeString, attempting to fix
a problem where we passed an NSData * to format with a "%s"."
Source/WebKitLegacy/win:
* FullscreenVideoController.cpp:
(timeToString): Use makeString and pad.
Source/WTF:
* wtf/Assertions.cpp:
(WTF::createWithFormatAndArguments): Moved this here from WTFString.cpp.
(WTFLog): Use WTF::createWithFormatAndArguments instead of String::format.
* wtf/HexNumber.h: Deleted unneeded toString function.
* wtf/text/StringConcatenate.h: Got rid of unneeded forward declaration of
StringTypeAdapter, since that's now in Forward.h. Tweaked formatting of templates
a bit. Use function templates for writeTo functions rather than having two of each.
Removed unused toString functions. Optimized case where we use have a UChar* and
a length of zero to not force the result to be 16-bit. Also gets rid of a small
NO_RETURN_DUE_TO_CRASH mess that we don't need. Refactored constructors to use some
static member helper functions to compute string lengths. Added the pad function
and the PaddingSpecification struct template, so we can add padding to anything
we can turn into a string. Got rid of the special case overload for single
arguments, since it only worked for things that the String constructor can handle.
Instead we will now use StringTypeAdapter, which works for more types. Possibly
less optimal for some special cases, which we could specialize for later if we like.
* wtf/text/StringConcatenateNumbers.h: Ditto.
* wtf/text/StringOperators.h: Ditto.
* wtf/text/StringView.h: Ditto.
* wtf/text/WTFString.cpp:
(WTF::createWithFormatAndArguments): Deleted.
(WTF::String::format): Deleted.
* wtf/text/WTFString.h: Deleted declaration of String::format.
Commit: 6fc04d8f9dfcc047d5f8844207702f26987d65bd
https://github.com/WebKit/WebKit/commit/6fc04d8f9dfcc047d5f8844207702f26987d65bd
Author: Wenson Hsieh <wenson_hsieh at apple.com>
Date: 2019-03-06 (Wed, 06 Mar 2019)
Changed paths:
M LayoutTests/ChangeLog
M LayoutTests/platform/ios/TestExpectations
M LayoutTests/platform/mac/TestExpectations
M Source/WebCore/ChangeLog
M Source/WebCore/html/HTMLFormControlElement.cpp
Log Message:
-----------
Merge r242309 - [Datalist] fast/forms/datalist/datalist-child-validation.html crashes with a debug assertion in isValidFormControlElement()
https://bugs.webkit.org/show_bug.cgi?id=190620
<rdar://problem/19226679>
Reviewed by Ryosuke Niwa.
Source/WebCore:
Fixes and re-enables an existing layout test that is asserting on debug builds (and failing on release builds).
To understand why we hit this assertion, we first note several observations:
- The validity of a form control (`isValid()`) depends on the value of `willValidate()`.
- Both of these results are cached in member variables: `m_isValid` and `m_willValidate`, respectively.
- `willValidate()` changes the cached value of `m_willValidate` if necessary, but `isValid()` uses the
cached value without update.
Now, consider the following scenario:
1. Something changes in the DOM that changes the result of `willValidate()`. This can happen as a result of
several things:
a. The form control changes readonly state
b. The form control changes disabled state
c. The form control is added to a datalist element
d. The form control is removed from a datalist element
2. Call `willValidate()`.
3. Call `isValid()`.
In scenarios (a) - (c), we ensure that cached form control validity (`m_isValid`) is updated alongside
`m_willValidate` by invoking `setNeedsWillValidateCheck()`, such that the result of `isValid()` matches the
result of `m_isValid` in step (3). However, in the last scenario (d), we don't do this, which causes form
control validity to fall out of sync with the result of `isValid()`. To fix the bug, we update willValidate and
isValid when a form control is removed from an ancestor, only if one of its ancestors is a datalist element.
* html/HTMLFormControlElement.cpp:
(WebCore::HTMLFormControlElement::insertedIntoAncestor):
(WebCore::HTMLFormControlElement::removedFromAncestor):
Make a couple of minor tweaks:
- Currently, we always invalidate `m_dataListAncestorState` by resetting the state to `Unknown` when the form
control is removed from an ancestor or inserted. Instead, we only need to reset it when the form control
already has an ancestor that is a datalist (in the case where it's being removed) or when the form control
does not yet have an ancestor (in the case where it is being added).
- If the form control was inside a datalist prior to removal, recompute its cached value of `m_willValidate`,
as well as its cached validity (`m_isValid`).
LayoutTests:
Re-enables a crashing layout test. See WebCore ChangeLog for more details.
* platform/ios/TestExpectations:
* platform/mac/TestExpectations:
Commit: 27e507fb5f9e52ce66a031ac696977e3ce1305b9
https://github.com/WebKit/WebKit/commit/27e507fb5f9e52ce66a031ac696977e3ce1305b9
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-03-06 (Wed, 06 Mar 2019)
Changed paths:
M Source/WebKit/ChangeLog
Log Message:
-----------
Merge r242312 - [WPE] Public API headers are missing autocleanup definitions
https://bugs.webkit.org/show_bug.cgi?id=195211
Reviewed by Philippe Normand.
* PlatformWPE.cmake: List new API headers as installable.
* UIProcess/API/wpe/WebKitAutocleanups.h: Added. This is a copy of the header from the GTK
port, adapted to fit the WPE port.
* UIProcess/API/wpe/webkit.h: Add inclusion of WebKitAutocleanups.h
* WebProcess/InjectedBundle/API/wpe/WebKitWebExtensionAutocleanups.h: Added. Also adapted
from the equivalent header of the GTK port.
* WebProcess/InjectedBundle/API/wpe/webkit-web-extension.h: Add inclusion of
WebKitWebExtensionAutocleanups.h
Commit: 8fd34b47de80cce8ad6e5ca66b91fae52657b086
https://github.com/WebKit/WebKit/commit/8fd34b47de80cce8ad6e5ca66b91fae52657b086
Author: Darin Adler <darin at apple.com>
Date: 2019-03-06 (Wed, 06 Mar 2019)
Changed paths:
M Source/WTF/ChangeLog
M Source/WTF/wtf/DecimalNumber.cpp
M Source/WTF/wtf/DecimalNumber.h
M Source/WTF/wtf/JSONValues.cpp
M Source/WTF/wtf/dtoa.cpp
M Source/WTF/wtf/dtoa.h
M Source/WTF/wtf/text/StringConcatenateNumbers.h
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/Color.cpp
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/PerActivityStateCPUUsageSampler.cpp
Log Message:
-----------
Merge r242316 - Fixed makeString(float) to do shortest-form serialization without first converting to double
https://bugs.webkit.org/show_bug.cgi?id=195142
Reviewed by Daniel Bates.
Source/WebCore:
* platform/graphics/Color.cpp: Removed unneeded include of DecimalNumber.h.
Source/WebKit:
* UIProcess/PerActivityStateCPUUsageSampler.cpp: Removed unneeded include of DecimalNumber.h.
Source/WTF:
* wtf/DecimalNumber.cpp: Removed unneeded includes.
* wtf/DecimalNumber.h: Removed unused constructors; over time we will be
deprecating DecimalNumber, so we should removed the unused parts. Also
marked the constructor explicit, removed types used only for arguments for
the constructors, and removed the sign, exponent, significand, and precision
member functions.
* wtf/JSONValues.cpp:
(WTF::JSONImpl::Value::writeJSON const): Updated for changes to DecimalNumber
switched from NumberToLStringBuffer to NumberToStringBuffer, and for use of
std::array instead of C arrays.
* wtf/dtoa.cpp: Removed unused dtoaRoundSF and dtoaRoundDP functions.
(WTF::dtoa): Updated to use std::array instead of C arrays.
(WTF::dtoaRoundSF): Removed.
(WTF::dtoaRoundDP): Removed.
(WTF::numberToString): Added an overload for float and updated to use std::array.
(WTF::formatStringTruncatingTrailingZerosIfNeeded): Updated to use std::array.
(WTF::numberToFixedPrecisionString): Ditto.
(WTF::numberToFixedWidthString): Ditto.
* wtf/dtoa.h: Changed arrays to be std::array instead of C arrays so the
array types will be checked. Removed dtoaRoundSF and dtoaRoundDP.
Added float overloads for numberToString, numberToFixedPrecisionString,
and numberToFixedWidthString. The only one of these that is called at this
time is numberToString, called by the floating point StringTypeAdapter in
StringConcatenateNummbers.h.
* wtf/text/StringConcatenateNumbers.h: Updated for std::array.
Commit: 2f327f8eb93ee017a6a80ae11c9c0cf06871cd27
https://github.com/WebKit/WebKit/commit/2f327f8eb93ee017a6a80ae11c9c0cf06871cd27
Author: Michael Catanzaro <mcatanzaro at gnome.org>
Date: 2019-03-06 (Wed, 06 Mar 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/SharedBuffer.cpp
Log Message:
-----------
Merge r242327 - -Wformat error in SharedBuffer::tryCreateArrayBuffer
https://bugs.webkit.org/show_bug.cgi?id=195004
Reviewed by Darin Adler.
Seems C++ has no format specifier appropriate for printing the result of sizeof. We should
just not try to print it. Anyway, that's easy in this case, because sizeof(char) is
guaranteed to be 1. This code was an attempt to be pedantic to account for mythical systems
with char larger than one byte, but perhaps it didn't realize sizeof always returns
multiples of char and so sizeof(char) is always one even on such mythical systems.
Note the sizeof(char) use two lines up is left since it's not clear that switching it to 1
would actually be more readable.
* platform/SharedBuffer.cpp:
(WebCore::SharedBuffer::tryCreateArrayBuffer const):
Commit: 3bc0e805b78c03c492e219994b4ea387693b330b
https://github.com/WebKit/WebKit/commit/3bc0e805b78c03c492e219994b4ea387693b330b
Author: Michael Catanzaro <mcatanzaro at gnome.org>
Date: 2019-03-06 (Wed, 06 Mar 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/network/soup/SoupNetworkSession.cpp
Log Message:
-----------
Merge r242328 - [SOUP] Cleanups in SoupNetworkSession
https://bugs.webkit.org/show_bug.cgi?id=195247
Reviewed by Daniel Bates.
This renames clientCertificates to allowedCertificates, since they are not client
certificates at all, but server certificates. It also adds a using statement to avoid
repeating the long type of the map, and avoids an unnecessary copy.
* platform/network/soup/SoupNetworkSession.cpp:
(WebCore::allowedCertificates):
(WebCore::SoupNetworkSession::checkTLSErrors):
(WebCore::SoupNetworkSession::allowSpecificHTTPSCertificateForHost):
(WebCore::clientCertificates): Deleted.
Commit: 4bc6aa613a2d3d1cd4b1aee69fd7475721b5d346
https://github.com/WebKit/WebKit/commit/4bc6aa613a2d3d1cd4b1aee69fd7475721b5d346
Author: Darin Adler <darin at apple.com>
Date: 2019-03-06 (Wed, 06 Mar 2019)
Changed paths:
M LayoutTests/ChangeLog
M LayoutTests/fast/css/large-value-csstext-expected.txt
M LayoutTests/imported/w3c/ChangeLog
M LayoutTests/imported/w3c/web-platform-tests/web-animations/animation-model/keyframe-effects/effect-value-iteration-composite-operation-expected.txt
M LayoutTests/media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-volume-styles-expected.txt
M LayoutTests/media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-volume-styles.html
M LayoutTests/platform/ios/imported/w3c/web-platform-tests/web-animations/animation-model/animation-types/accumulation-per-property-expected.txt
M LayoutTests/platform/ios/imported/w3c/web-platform-tests/web-animations/animation-model/animation-types/addition-per-property-expected.txt
M LayoutTests/platform/ios/imported/w3c/web-platform-tests/web-animations/animation-model/animation-types/interpolation-per-property-expected.txt
M LayoutTests/platform/mac/imported/w3c/web-platform-tests/web-animations/animation-model/animation-types/accumulation-per-property-expected.txt
M LayoutTests/platform/mac/imported/w3c/web-platform-tests/web-animations/animation-model/animation-types/addition-per-property-expected.txt
M LayoutTests/platform/mac/imported/w3c/web-platform-tests/web-animations/animation-model/animation-types/interpolation-per-property-expected.txt
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/runtime/NumberPrototype.cpp
M Source/WTF/ChangeLog
M Source/WTF/WTF.xcodeproj/project.pbxproj
M Source/WTF/wtf/CMakeLists.txt
R Source/WTF/wtf/DecimalNumber.cpp
R Source/WTF/wtf/DecimalNumber.h
M Source/WTF/wtf/JSONValues.cpp
M Source/WTF/wtf/dtoa.cpp
M Source/WTF/wtf/dtoa.h
M Source/WebCore/ChangeLog
M Source/WebCore/css/CSSPrimitiveValue.cpp
M Source/WebCore/css/CSSPrimitiveValue.h
Log Message:
-----------
Merge r242330 - Retire legacy dtoa function and DecimalNumber class
https://bugs.webkit.org/show_bug.cgi?id=195253
Reviewed by Daniel Bates.
LayoutTests/imported/w3c:
* web-platform-tests/web-animations/animation-model/keyframe-effects/effect-value-iteration-composite-operation-expected.txt:
Rebaseline still-failing part of this test that dumps super-small numbers that are formatted
differently by the new code (exponential style).
Source/JavaScriptCore:
* runtime/NumberPrototype.cpp:
(JSC::numberProtoFuncToExponential): Removed dependency on NumberToStringBufferLength,
using NumberToStringBuffer instead. Also tweaked style of implementation a bit.
Source/WebCore:
* css/CSSPrimitiveValue.cpp:
(WebCore::CSSPrimitiveValue::formatNumberValue const): Use makeString instead
of DecimalNumber. Also changed return type to String and use StringView and
removed special handling of literals.
(WebCore::CSSPrimitiveValue::formatNumberForCustomCSSText const): Removed an
unnecessary use of StringBuilder.
* css/CSSPrimitiveValue.h: Updated for changes to formatNumberValue.
Source/WTF:
* WTF.xcodeproj/project.pbxproj: Removed DecimalNumber.cpp/h.
* wtf/CMakeLists.txt: Ditto.
* wtf/DecimalNumber.cpp: Removed.
* wtf/DecimalNumber.h: Removed.
* wtf/JSONValues.cpp:
(WTF::JSONImpl::Value::writeJSON const): Use
StringBuilder::appendECMAScriptNumber instead of custom logic
using the DecimalNumber class.
* wtf/dtoa.cpp:
(WTF::storeInc): Deleted.
(WTF::BigInt): Deleted.
(WTF::multadd): Deleted.
(WTF::hi0bits): Deleted.
(WTF::lo0bits): Deleted.
(WTF::i2b): Deleted.
(WTF::mult): Deleted.
(WTF::P5Node::P5Node): Deleted.
(WTF::pow5mult): Deleted.
(WTF::lshift): Deleted.
(WTF::cmp): Deleted.
(WTF::diff): Deleted.
(WTF::d2b): Deleted.
(WTF::quorem): Deleted.
(WTF::dtoa): Deleted.
* wtf/dtoa.h: Removed DtoaBuffer, dtoa, and NumberToStringBufferLength.
LayoutTests:
* fast/css/large-value-csstext-expected.txt:
* media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-volume-styles-expected.txt:
* media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-volume-styles.html:
Updated expected value to expect exponential syntax for super-small numbers that are formatted
differently by the new code.
* platform/ios/imported/w3c/web-platform-tests/web-animations/animation-model/animation-types/accumulation-per-property-expected.txt:
* platform/ios/imported/w3c/web-platform-tests/web-animations/animation-model/animation-types/addition-per-property-expected.txt:
* platform/ios/imported/w3c/web-platform-tests/web-animations/animation-model/animation-types/interpolation-per-property-expected.txt:
* platform/mac/imported/w3c/web-platform-tests/web-animations/animation-model/animation-types/accumulation-per-property-expected.txt:
* platform/mac/imported/w3c/web-platform-tests/web-animations/animation-model/animation-types/addition-per-property-expected.txt:
* platform/mac/imported/w3c/web-platform-tests/web-animations/animation-model/animation-types/interpolation-per-property-expected.txt:
Rebaseline still-failing parts of these tests that dump super-small numbers that are formatted
differently by the new code. Still probably needs to be done for 4 other platforms.
Commit: b95fc5bac56e5f40ce7e27ab1d99b01f2986f7bc
https://github.com/WebKit/WebKit/commit/b95fc5bac56e5f40ce7e27ab1d99b01f2986f7bc
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-03-06 (Wed, 06 Mar 2019)
Changed paths:
M Source/WebCore/platform/gtk/po/ChangeLog
M Source/WebCore/platform/gtk/po/POTFILES.in
Log Message:
-----------
Merge r242348 - Unreviewed. Update POTFILES.in after r239627.
* POTFILES.in:
Commit: 4bf115c0c3a3a31323aa776d3b2bff1f053c57f8
https://github.com/WebKit/WebKit/commit/4bf115c0c3a3a31323aa776d3b2bff1f053c57f8
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-03-06 (Wed, 06 Mar 2019)
Changed paths:
M Source/JavaScriptCore/API/glib/JSCCallbackFunction.cpp
M Source/JavaScriptCore/ChangeLog
M Tools/ChangeLog
M Tools/TestWebKitAPI/Tests/JavaScriptCore/glib/TestJSC.cpp
Log Message:
-----------
Merge r242349 - [GLib] Returning G_TYPE_OBJECT from a constructor does not work
https://bugs.webkit.org/show_bug.cgi?id=195206
Reviewed by Žan Doberšek.
Source/JavaScriptCore:
We are freeing the newly created object before returning from the constructor.
* API/glib/JSCCallbackFunction.cpp:
(JSC::JSCCallbackFunction::construct):
Tools:
Add a new test case.
* TestWebKitAPI/Tests/JavaScriptCore/glib/TestJSC.cpp:
(testJSCClass):
Commit: 848df5c95bfa3ae327cb6ce185b7bb6b992ece76
https://github.com/WebKit/WebKit/commit/848df5c95bfa3ae327cb6ce185b7bb6b992ece76
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-03-06 (Wed, 06 Mar 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/API/gtk/WebKitAutocleanups.h
M Source/WebKit/UIProcess/API/wpe/WebKitAutocleanups.h
M Source/WebKit/WebProcess/InjectedBundle/API/gtk/WebKitWebExtensionAutocleanups.h
M Source/WebKit/WebProcess/InjectedBundle/API/wpe/WebKitWebExtensionAutocleanups.h
Log Message:
-----------
Merge r242351 - [GTK][WPE] Wrong license header in WebKit{,WebExtension}Autocleanups.h
https://bugs.webkit.org/show_bug.cgi?id=195245
Reviewed by Carlos Garcia Campos.
Changed license headers to contain the LGPL, which is the correct one for the GTK
and WPE ports. The change was agreed by the contributors to the files involved.
* UIProcess/API/gtk/WebKitAutocleanups.h:
* UIProcess/API/wpe/WebKitAutocleanups.h:
* WebProcess/InjectedBundle/API/gtk/WebKitWebExtensionAutocleanups.h:
* WebProcess/InjectedBundle/API/wpe/WebKitWebExtensionAutocleanups.h:
Commit: 5e294d59b52d43f0e9536aba21b5bf2991513c12
https://github.com/WebKit/WebKit/commit/5e294d59b52d43f0e9536aba21b5bf2991513c12
Author: Karl Leplat <karl.leplat_ext at softathome.com>
Date: 2019-03-06 (Wed, 06 Mar 2019)
Changed paths:
M Source/WebDriver/ChangeLog
M Source/WebDriver/Session.cpp
Log Message:
-----------
Merge r242352 - WebDriver: fix String not terminated with null caracter
https://bugs.webkit.org/show_bug.cgi?id=195274
Patch by Karl Leplat <karl.leplat_ext at softathome.com> on 2019-03-04
Reviewed by Carlos Garcia Campos.
This has been detected by an exception returned by the function
evaluateJavaScriptFunction with the message :
[native code]: JS ERROR SyntaxError: Unexpected keyword 'function'. Expected ')' to end a compound expression.
keyword 'function' has been initialized with a string that come from char array, not a null-terminated string.
* Session.cpp:
(WebDriver::Session::fullscreenWindow):
(WebDriver::Session::findElements):
(WebDriver::Session::isElementSelected):
(WebDriver::Session::isElementDisplayed):
(WebDriver::Session::getElementAttribute):
(WebDriver::Session::elementClear):
Commit: 2a6f386563cf69b553a5300f36598d88be3fd0a1
https://github.com/WebKit/WebKit/commit/2a6f386563cf69b553a5300f36598d88be3fd0a1
Author: Michael Catanzaro <mcatanzaro at gnome.org>
Date: 2019-03-06 (Wed, 06 Mar 2019)
Changed paths:
M Source/WTF/ChangeLog
M Source/WTF/wtf/URLHelpers.cpp
Log Message:
-----------
Merge r242353 - URLHelpers should use unorm2_quickCheck before converting to NFC
https://bugs.webkit.org/show_bug.cgi?id=194272
Reviewed by Darin Adler.
If the string is already in normalization form C, don't try to normalize it.
* wtf/URLHelpers.cpp:
(WTF::URLHelpers::toNormalizationFormC):
Commit: 7fa78dac959db7899b85abb4e5a8cf5a59099e04
https://github.com/WebKit/WebKit/commit/7fa78dac959db7899b85abb4e5a8cf5a59099e04
Author: Piotr Drąg <piotrdrag at gmail.com>
Date: 2019-03-06 (Wed, 06 Mar 2019)
Changed paths:
M Source/WebCore/platform/gtk/po/ChangeLog
M Source/WebCore/platform/gtk/po/pl.po
Log Message:
-----------
Merge r242436 - [GTK][l10n] Updated Polish translation of WebKitGTK for 2.24
https://bugs.webkit.org/show_bug.cgi?id=194859
Patch by Piotr Drąg <piotrdrag at gmail.com> on 2019-03-05
Rubber-stamped by Carlos Garcia Campos.
* pl.po:
Commit: 8777d25ebcfc35f2afd2d112e198cdbec89226ea
https://github.com/WebKit/WebKit/commit/8777d25ebcfc35f2afd2d112e198cdbec89226ea
Author: Carlos Garcia Campos <carlosgc at webkit.org>
Date: 2019-03-06 (Wed, 06 Mar 2019)
Changed paths:
M ChangeLog
M Source/WebKit/ChangeLog
M Source/WebKit/gtk/NEWS
M Source/cmake/OptionsGTK.cmake
Log Message:
-----------
Unreviewed. Update OptionsGTK.cmake and NEWS for 2.23.92 release
.:
* Source/cmake/OptionsGTK.cmake: Bump version numbers.
Source/WebKit:
* gtk/NEWS: Add release notes for 2.23.92.
Commit: 8dfc2023c56362e9f3d4c955e90d070e7e1eba13
https://github.com/WebKit/WebKit/commit/8dfc2023c56362e9f3d4c955e90d070e7e1eba13
Author: Robin Morisset <rmorisset at apple.com>
Date: 2019-03-13 (Wed, 13 Mar 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/licm-dead-code.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/dfg/DFGLICMPhase.cpp
Log Message:
-----------
Merge r242276 - DFG: Loop-invariant code motion (LICM) should not hoist dead code
https://bugs.webkit.org/show_bug.cgi?id=194945
<rdar://problem/48311657>
Reviewed by Saam Barati.
* dfg/DFGLICMPhase.cpp:
(JSC::DFG::LICMPhase::run):
Commit: bb3b32a90813f44afa60197aace3cc191617e81e
https://github.com/WebKit/WebKit/commit/bb3b32a90813f44afa60197aace3cc191617e81e
Author: Saam Barati <sbarati at apple.com>
Date: 2019-03-13 (Wed, 13 Mar 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/optional-def-arg-width-should-be-both-early-and-late-use.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/b3/air/AirLowerAfterRegAlloc.cpp
M Source/JavaScriptCore/b3/air/AirPadInterference.h
M Source/JavaScriptCore/b3/air/AirReportUsedRegisters.cpp
M Source/JavaScriptCore/b3/testb3.cpp
Log Message:
-----------
Merge r242569 - Air::reportUsedRegisters must padInterference
https://bugs.webkit.org/show_bug.cgi?id=195303
<rdar://problem/48270343>
Reviewed by Keith Miller.
JSTests:
* stress/optional-def-arg-width-should-be-both-early-and-late-use.js: Added.
Source/JavaScriptCore:
reportUsedRegisters uses reg liveness to eliminate loads/moves into dead
registers. However, liveness can report incorrect results in certain
scenarios when considering liveness at instruction boundaries. For example,
it can go wrong when an Inst has a LateUse of a register and the following
Inst has an EarlyDef of that same register. Such a scenario could lead us
to incorrectly say the register is not live-in to the first Inst. Pad
interference inserts Nops between such instruction boundaries that cause
this issue.
The test with this patch fixes the issue in reportUsedRegisters. This patch
also conservatively makes it so that lowerAfterRegAlloc calls padInterference
since it also reasons about liveness.
* b3/air/AirLowerAfterRegAlloc.cpp:
(JSC::B3::Air::lowerAfterRegAlloc):
* b3/air/AirPadInterference.h:
* b3/air/AirReportUsedRegisters.cpp:
(JSC::B3::Air::reportUsedRegisters):
* b3/testb3.cpp:
(JSC::B3::testReportUsedRegistersLateUseNotDead):
(JSC::B3::run):
Commit: 5fc0f9c6ea8c3f008b89708b811780e327332ed9
https://github.com/WebKit/WebKit/commit/5fc0f9c6ea8c3f008b89708b811780e327332ed9
Author: Wenson Hsieh <wenson_hsieh at apple.com>
Date: 2019-03-13 (Wed, 13 Mar 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/fast/forms/datalist/change-input-type-after-closing-datalist-suggestions-expected.txt
A LayoutTests/fast/forms/datalist/change-input-type-after-closing-datalist-suggestions.html
M Source/WebCore/ChangeLog
M Source/WebCore/platform/DataListSuggestionPicker.h
M Source/WebKit/ChangeLog
M Source/WebKit/WebProcess/WebPage/WebPage.cpp
M Source/WebKit/WebProcess/WebPage/WebPage.h
Log Message:
-----------
Merge r242587 - Crash when attempting to change input type while dismissing datalist suggestions
https://bugs.webkit.org/show_bug.cgi?id=195384
<rdar://problem/48563718>
Reviewed by Brent Fulgham.
Source/WebCore:
When closing a datalist suggestion menu, WebPageProxy sends a message to WebPage instructing it to tell its
active datalist suggestions picker to close. However, for a myriad of reasons, the suggestions picker (kept
alive by its text input type) may have already gone away by this point. To mitigate this, make WebPage weakly
reference its active datalist suggestions picker.
Test: fast/forms/datalist/change-input-type-after-closing-datalist-suggestions.html
* platform/DataListSuggestionPicker.h:
Make DataListSuggestionPicker capable of being weakly referenced. Additionally, fix some minor preexisting
issues in this header (#imports instead of #includes, as well as an unnecessary include of IntRect.h).
Source/WebKit:
See WebCore ChangeLog for more details.
* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::setActiveDataListSuggestionPicker):
(WebKit::WebPage::didSelectDataListOption):
(WebKit::WebPage::didCloseSuggestions):
* WebProcess/WebPage/WebPage.h:
Turn m_activeDataListSuggestionPicker from a raw pointer into a WeakPtr.
LayoutTests:
Add a new layout test to exercise this scenario.
* fast/forms/datalist/change-input-type-after-closing-datalist-suggestions-expected.txt: Added.
* fast/forms/datalist/change-input-type-after-closing-datalist-suggestions.html: Added.
Commit: 2df6d731088c546e589cef4aabd39b922b5fe56b
https://github.com/WebKit/WebKit/commit/2df6d731088c546e589cef4aabd39b922b5fe56b
Author: Mark Lam <mark.lam at apple.com>
Date: 2019-03-13 (Wed, 13 Mar 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/stack-overflow-in-custom-hasInstance.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/runtime/JSObject.cpp
Log Message:
-----------
Merge r242667 - Stack overflow crash in JSC::JSObject::hasInstance.
https://bugs.webkit.org/show_bug.cgi?id=195458
<rdar://problem/48710195>
Reviewed by Yusuke Suzuki.
JSTests:
* stress/stack-overflow-in-custom-hasInstance.js: Added.
Source/JavaScriptCore:
* runtime/JSObject.cpp:
(JSC::JSObject::hasInstance):
Commit: 8a1529394ff4095ffd368a240ceac5523adc964f
https://github.com/WebKit/WebKit/commit/8a1529394ff4095ffd368a240ceac5523adc964f
Author: Miguel Gomez <magomez at igalia.com>
Date: 2019-03-13 (Wed, 13 Mar 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/filters/FilterOperation.h
Log Message:
-----------
Merge r242639 - Use a thread safe refcounter for FilterOperation.
https://bugs.webkit.org/show_bug.cgi?id=194149
Reviewed by Carlos Garcia Campos.
Use a thread safe refcounter for FilterOperation.
* platform/graphics/filters/FilterOperation.h:
Commit: 6914209f260e2b63dfe2c30d64d028ad966e54f3
https://github.com/WebKit/WebKit/commit/6914209f260e2b63dfe2c30d64d028ad966e54f3
Author: Said Abou-Hallawa <sabouhallawa at apple.com>
Date: 2019-03-13 (Wed, 13 Mar 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/svg/dom/SVGPathSegList-insert-from-animating-animPathSegList-expected.txt
A LayoutTests/svg/dom/SVGPathSegList-insert-from-animating-animPathSegList.svg
M Source/WebCore/ChangeLog
M Source/WebCore/svg/SVGPathSegList.cpp
Log Message:
-----------
Merge r242515 - SVGPathSegList.insertItemBefore() should fail if the newItem belongs to an animating animPathSegList
https://bugs.webkit.org/show_bug.cgi?id=195333
<rdar://problem/48475802>
Reviewed by Simon Fraser.
Source/WebCore:
Because the SVG1.1 specs states that the newItem should be removed from
its original list before adding it to another list,
SVGPathSegList.insertItemBefore() should fail if the new item belongs to
an animating animPathSegList since it is read-only.
Test: svg/dom/SVGPathSegList-insert-from-animating-animPathSegList.svg
* svg/SVGPathSegList.cpp:
(WebCore::SVGPathSegList::processIncomingListItemValue):
LayoutTests:
* svg/dom/SVGPathSegList-insert-from-animating-animPathSegList-expected.txt: Added.
* svg/dom/SVGPathSegList-insert-from-animating-animPathSegList.svg: Added.
Commit: 089dc85d38def5550bb0624eb73737372c91f6af
https://github.com/WebKit/WebKit/commit/089dc85d38def5550bb0624eb73737372c91f6af
Author: Mark Lam <mark.lam at apple.com>
Date: 2019-03-13 (Wed, 13 Mar 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/HasIndexedProperty-does-gc.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/dfg/DFGDoesGC.cpp
Log Message:
-----------
Merge r242810 - The HasIndexedProperty node does GC.
https://bugs.webkit.org/show_bug.cgi?id=195559
<rdar://problem/48767923>
Reviewed by Yusuke Suzuki.
JSTests:
* stress/HasIndexedProperty-does-gc.js: Added.
Source/JavaScriptCore:
HasIndexedProperty can call the slow path operationHasIndexedPropertyByInt(),
which can eventually call JSString::getIndex(), which can resolve a rope.
* dfg/DFGDoesGC.cpp:
(JSC::DFG::doesGC):
Commit: 7824118c467d22859665003d2b01f9238978daa6
https://github.com/WebKit/WebKit/commit/7824118c467d22859665003d2b01f9238978daa6
Author: Dean Jackson <dino at apple.com>
Date: 2019-03-13 (Wed, 13 Mar 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/fast/canvas/webgl/largeBuffer-expected.txt
A LayoutTests/fast/canvas/webgl/largeBuffer.html
M Source/WebCore/ChangeLog
M Source/WebCore/html/canvas/WebGLBuffer.cpp
Log Message:
-----------
Merge r242826 - [WebGL] WebGLBuffer can be too large
https://bugs.webkit.org/show_bug.cgi?id=195068
<rdar://problem/48414289>
Reviewed by Antoine Quint.
Source/WebCore:
When creating an element array buffer, make sure to
test against the maximum size of an ArrayBuffer, rather
than just assume it can be created.
Test: fast/canvas/webgl/largeBuffer.html
* html/canvas/WebGLBuffer.cpp:
(WebCore::WebGLBuffer::associateBufferDataImpl):
LayoutTests:
* fast/canvas/webgl/largeBuffer-expected.txt: Added.
* fast/canvas/webgl/largeBuffer.html: Added.
Commit: 10bf3454b1bdc7175ea9d6e2e4b8e700e3d50dc5
https://github.com/WebKit/WebKit/commit/10bf3454b1bdc7175ea9d6e2e4b8e700e3d50dc5
Author: Miguel Gomez <magomez at igalia.com>
Date: 2019-03-13 (Wed, 13 Mar 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp
Log Message:
-----------
Merge r242864 - [CoordinatedGraphics] Null dereference in CoordinatedGraphicsLayer::setCoordinatorIncludingSubLayersIfNeeded
https://bugs.webkit.org/show_bug.cgi?id=195615
Reviewed by Carlos Garcia Campos.
Exit early if we don't receive a valid coordinator.
* platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
(WebCore::CoordinatedGraphicsLayer::setCoordinatorIncludingSubLayersIfNeeded):
Commit: 52236805fe9ff6b51430fe5070659ac2bcc77d1e
https://github.com/WebKit/WebKit/commit/52236805fe9ff6b51430fe5070659ac2bcc77d1e
Author: Milo Casagrande <milo at milo.name>
Date: 2019-03-13 (Wed, 13 Mar 2019)
Changed paths:
M Source/WebCore/platform/gtk/po/ChangeLog
M Source/WebCore/platform/gtk/po/it.po
Log Message:
-----------
Merge r242863 - [l10n] Updated Italian translation of WebKitGTK+
https://bugs.webkit.org/show_bug.cgi?id=195620
Patch by Milo Casagrande <milo at milo.name> on 2019-03-13
Rubber-stamped by Carlos Garcia Campos.
* it.po:
Commit: 7815d1d4fc7658416eda7757568ef4b5205f18ec
https://github.com/WebKit/WebKit/commit/7815d1d4fc7658416eda7757568ef4b5205f18ec
Author: Žan Doberšek <zdobersek at igalia.com>
Date: 2019-03-13 (Wed, 13 Mar 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/egl/GLContextEGL.cpp
Log Message:
-----------
Merge r242640 - GLContextEGL: desired EGL config should search for 8-bit components by default
https://bugs.webkit.org/show_bug.cgi?id=195413
Reviewed by Carlos Garcia Campos.
The EGL config search in GLContextEGL should by default look for
RGBA8888 configurations while allowing RGB565 as an alternative.
This prevents from accidentally landing on an RGBA1010102
configuration that is available with some graphics stacks, and which is
not expected in e.g. window snapshotting that's done for layout test
output comparison.
* platform/graphics/egl/GLContextEGL.cpp:
(WebCore::GLContextEGL::getEGLConfig): EGL config search should by
default request 8-bit color channels.
Commit: 6e55722ae1f5ac1ba66be95ccc1be95f6004f14f
https://github.com/WebKit/WebKit/commit/6e55722ae1f5ac1ba66be95ccc1be95f6004f14f
Author: Tomáš Popela <tpopela at redhat.com>
Date: 2019-03-13 (Wed, 13 Mar 2019)
Changed paths:
M Tools/ChangeLog
M Tools/gtkdoc/generate-gtkdoc
M Tools/gtkdoc/gtkdoc.py
Log Message:
-----------
Merge r242637 - [GTK] Make Tools/gtkdoc python3 compatible
https://bugs.webkit.org/show_bug.cgi?id=195359
Reviewed by Carlos Garcia Campos.
* gtkdoc/generate-gtkdoc:
ConfigParser was reworked in Python 3.2 so we have adapt the code to
work with Python 2 and 3.
(get_gtkdoc_module_paths):
The iteritems() was removed in Python 3, so let's use items() that's
available in Python 2 and 3.
(get_generator_for_config):
* gtkdoc/gtkdoc.py:
(GTKDoc._run_command):
The sys.stdout.write() is expecting str in Python 3 and not bytes
(that are coming from stdout.encode()). Use sys.stdout.buffer.write()
for passing the bytes there.
Commit: a456b33d71f57f7d52112a93339b5c0980c121b0
https://github.com/WebKit/WebKit/commit/a456b33d71f57f7d52112a93339b5c0980c121b0
Author: Philippe Normand <pnormand at igalia.com>
Date: 2019-03-13 (Wed, 13 Mar 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h
M Source/WebCore/platform/graphics/texmap/TextureMapperPlatformLayerProxy.cpp
M Source/WebCore/platform/graphics/texmap/TextureMapperPlatformLayerProxy.h
Log Message:
-----------
Merge r242793 - [GStreamer][v4l2] Synchronous video texture flushing support
https://bugs.webkit.org/show_bug.cgi?id=195453
Reviewed by Xabier Rodriguez-Calvar.
The v4l2 video decoder currently requires that downstream users of
the graphics resources complete any pending draw call and release
resources before returning from the DRAIN query.
To accomplish this the player monitors the pipeline and whenever a
v4l2 decoder is added, synchronous video texture flushing support
is enabled. Additionally and for all decoder configurations, a
flush is performed before disposing of the player.
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
(WebCore::MediaPlayerPrivateGStreamer::playbinDeepElementAddedCallback):
Monitor elements added to the decodebin bin.
(WebCore::MediaPlayerPrivateGStreamer::decodebinElementAdded): Set
a flag if a v4l2 decoder was added in decodebin.
(WebCore::MediaPlayerPrivateGStreamer::createGSTPlayBin): Connect
to the deep-element-added signal so as to monitor pipeline
topology updates.
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
(WebCore::MediaPlayerPrivateGStreamerBase::~MediaPlayerPrivateGStreamerBase):
Flush video texture before disposing of the player.
(WebCore::MediaPlayerPrivateGStreamerBase::flushCurrentBuffer):
Synchronously flush if the pipeline contains a v4l2 decoder.
(WebCore::MediaPlayerPrivateGStreamerBase::createGLAppSink): Monitor push events only.
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:
* platform/graphics/texmap/TextureMapperPlatformLayerProxy.cpp:
(WebCore::TextureMapperPlatformLayerProxy::pushNextBuffer): New
boolean flag used mostly to trigger synchronous flush conditions.
(WebCore::TextureMapperPlatformLayerProxy::dropCurrentBufferWhilePreservingTexture):
Optionally drop the current buffer in a synchronous manner. By
default the method keeps operating asynchronously.
* platform/graphics/texmap/TextureMapperPlatformLayerProxy.h:
Commit: a3e70f8eee1465f8b7fe314b9855e32df19b4082
https://github.com/WebKit/WebKit/commit/a3e70f8eee1465f8b7fe314b9855e32df19b4082
Author: Carlos Garcia Campos <carlosgc at webkit.org>
Date: 2019-03-13 (Wed, 13 Mar 2019)
Changed paths:
M ChangeLog
M Source/WebKit/ChangeLog
M Source/WebKit/gtk/NEWS
M Source/cmake/OptionsGTK.cmake
Log Message:
-----------
Unreviewed. Update OptionsGTK.cmake and NEWS for 2.24.0 release
.:
* Source/cmake/OptionsGTK.cmake: Bump version numbers.
Source/WebKit:
* gtk/NEWS: Add release notes for 2.24.0.
Commit: bc2d28a2ea9600293845a385263de3114585ae33
https://github.com/WebKit/WebKit/commit/bc2d28a2ea9600293845a385263de3114585ae33
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-03-18 (Mon, 18 Mar 2019)
Changed paths:
M ChangeLog
M Source/WebKit/ChangeLog
M Source/WebKit/wpe/wpe-web-extension.pc.in
M Source/WebKit/wpe/wpe-webkit.pc.in
M Source/cmake/FindWPE.cmake
M Tools/ChangeLog
M Tools/flatpak/org.webkit.WPEModules.yaml
M Tools/wpe/jhbuild.modules
Log Message:
-----------
Merged r243060 - [WPE] Bump dependencies to wpe-1.0 and wpebackend-fdo-1.0
https://bugs.webkit.org/show_bug.cgi?id=195786
Reviewed by Philippe Normand.
.:
* Source/cmake/FindWPE.cmake: Check for the wpe-1.0 pkg-config package.
Source/WebKit:
* wpe/wpe-web-extension.pc.in: Change dependency to wpe-1.0
* wpe/wpe-webkit.pc.in: Ditto.
Tools:
* flatpak/org.webkit.WPEModules.yaml: Use libwpe 1.1.90 and wpebackend-fdo 1.1.91.
* wpe/jhbuild.modules: Ditto.
Commit: 9c36cbbd3e29a8724e3e5d4e746237b486b37621
https://github.com/WebKit/WebKit/commit/9c36cbbd3e29a8724e3e5d4e746237b486b37621
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-03-18 (Mon, 18 Mar 2019)
Changed paths:
M Tools/ChangeLog
M Tools/wpe/manifest.txt.in
Log Message:
-----------
Merged r243066 - [WPE] Tarballs generated with “make dist” cannot build documentation
https://bugs.webkit.org/show_bug.cgi?id=195885
Reviewed by Carlos Garcia Campos.
* wpe/manifest.txt.in: Add missing Tools/glib/common.py file to be included in release tarballs.
Commit: c8dcb1edc710bb2cc811997287d554a1173f9fbd
https://github.com/WebKit/WebKit/commit/c8dcb1edc710bb2cc811997287d554a1173f9fbd
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-03-18 (Mon, 18 Mar 2019)
Changed paths:
M ChangeLog
M Source/WebKit/ChangeLog
R Source/WebKit/UIProcess/API/wpe/docs/wpe-0.1-sections.txt
A Source/WebKit/UIProcess/API/wpe/docs/wpe-1.0-sections.txt
R Source/WebKit/WebProcess/InjectedBundle/API/wpe/docs/wpe-webextensions-0.1-sections.txt
A Source/WebKit/WebProcess/InjectedBundle/API/wpe/docs/wpe-webextensions-1.0-sections.txt
M Source/cmake/OptionsWPE.cmake
Log Message:
-----------
Merged r243073 - [WPE] Bump public API to wpe-1.0
https://bugs.webkit.org/show_bug.cgi?id=195887
Reviewed by Philippe Normand.
.:
* Source/cmake/OptionsWPE.cmake: Bump public API version to 1.0
Source/WebKit:
* UIProcess/API/wpe/docs/wpe-1.0-sections.txt: Renamed from Source/WebKit/UIProcess/API/wpe/docs/wpe-0.1-sections.txt.
* WebProcess/InjectedBundle/API/wpe/docs/wpe-webextensions-1.0-sections.txt: Renamed from Source/WebKit/WebProcess/InjectedBundle/API/wpe/docs/wpe-webextensions-0.1-sections.txt.
Commit: 6f27cae71d6b125830056b70f7bfdb0479ae88a9
https://github.com/WebKit/WebKit/commit/6f27cae71d6b125830056b70f7bfdb0479ae88a9
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-03-18 (Mon, 18 Mar 2019)
Changed paths:
M ChangeLog
M Source/WebKit/ChangeLog
M Source/WebKit/wpe/NEWS
M Source/cmake/OptionsWPE.cmake
Log Message:
-----------
Unreviewed. Update OptionsWPE.cmake and NEWS for the 2.23.91 release
build-rc/..:
* Source/cmake/OptionsWPE.cmake: Bump version numbers.
build-rc/../Source/WebKit:
* wpe/NEWS: Add release notes for 2.23.91
Commit: 4eb01573a03baf65247acd45c50638b3f17356b4
https://github.com/WebKit/WebKit/commit/4eb01573a03baf65247acd45c50638b3f17356b4
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-03-27 (Wed, 27 Mar 2019)
Changed paths:
M ChangeLog
M Source/WebKit/ChangeLog
M Source/WebKit/wpe/NEWS
M Source/cmake/OptionsWPE.cmake
Log Message:
-----------
Unreviewed. Update OptionsWPE.cmake and NEWS for the 2.24.0 release
.:
* Source/cmake/OptionsWPE.cmake: Bump version numbers.
Source/WebKit:
* wpe/NEWS: Add release notes for 2.24.0
Commit: 206b4bcd6830649ae08053f2f8483cd2173baaf7
https://github.com/WebKit/WebKit/commit/206b4bcd6830649ae08053f2f8483cd2173baaf7
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-03-27 (Wed, 27 Mar 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/page/DOMWindow.cpp
Log Message:
-----------
Merged r243104 - REGRESSION(r236862): early frame decoupling leaves JSC ArrayBuffer objects lingering
https://bugs.webkit.org/show_bug.cgi?id=195322
Reviewed by Ryosuke Niwa.
Since r236862, DOMWindow objects get disconnected from their Frame object as soon as
their iframe element gets removed from the document. Previously, DOMWindow was a
FrameDestructionObserver and would stay connected to its frame until the frame died.
This means that some of the work that we were doing in DOMWindow::frameDestroyed() and
Document::willDetachPage() no longer happens for subframe windows because they get
disconnected from their frame because they get a chance to get such notifications.
To address this issue, we now also do this work in DOMWindow::willDetachDocumentFromFrame()
which gets called when the iframe gets removed from the document and the document / window
get disconnected from the Frame element.
No new tests, verified locally that the leak is gone on JetStream.
* page/DOMWindow.cpp:
(WebCore::DOMWindow::willDetachDocumentFromFrame):
Commit: 0048a5e660b6de83173493b8acadbcd981159001
https://github.com/WebKit/WebKit/commit/0048a5e660b6de83173493b8acadbcd981159001
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-03-27 (Wed, 27 Mar 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/media/media-source/media-source-append-twice-overlapping-sync-frame-expected.txt
A LayoutTests/media/media-source/media-source-append-twice-overlapping-sync-frame.html
M Source/WebCore/ChangeLog
M Source/WebCore/Modules/mediasource/SourceBuffer.cpp
Log Message:
-----------
Merged r243138 - [MSE] Use tolerance in eraseBeginTime
https://bugs.webkit.org/show_bug.cgi?id=195911
Reviewed by Jer Noble.
Source/WebCore:
https://bugs.webkit.org/show_bug.cgi?id=190085 introduced tolerance
when erasing frames during the Coded Frame Processing algorithm in
such a way that, in files with less than perfect timestamps, a frame
existing before after the current append is not erased accidentally
due to small overlaps.
This patch takes care of the opposite problem: we don't want an old
frame being accidentally NOT erased by a new one with the same
timestamps just because these overlaps make
highestPresentationTimestamp very slightly higher than the frame PTS.
This bug in practice causes some frames of the old quality to not be
erased when the new quality is appended, resulting in some seemingly
still frames from a different quality appearing at some points during
WebM video in presence of quality changes.
This bug can be reduced to this minimal test case that illustrates the
timestamp imprecission of a typical WebM file:
function sampleRun(generation) {
return concatenateSamples([
makeASample( 0, 0, 166667, 1000000, 1, SAMPLE_FLAG.SYNC, generation),
makeASample(167000, 167000, 166667, 1000000, 1, SAMPLE_FLAG.NONE, generation),
makeASample(333000, 333000, 166667, 1000000, 1, SAMPLE_FLAG.SYNC, generation), // overlaps previous frame
makeASample(500000, 500000, 166667, 1000000, 1, SAMPLE_FLAG.NONE, generation),
]);
}
After appending this twice it would be expected that the second
generation takes fully over the first, since the timestamps are
completely the same. Due to the bug, sync frames with an overlap, like
the third one in that list, actually persist from the first
generation, due to lack of tolerance when comparing the start of a new
frame with highestPresentationTimestamp.
This patch introduces the tolerance in that case too to fix this
problem.
Test: media/media-source/media-source-append-twice-overlapping-sync-frame.html
* Modules/mediasource/SourceBuffer.cpp:
(WebCore::SourceBuffer::sourceBufferPrivateDidReceiveSample):
LayoutTests:
* media/media-source/media-source-append-twice-overlapping-sync-frame-expected.txt: Added.
* media/media-source/media-source-append-twice-overlapping-sync-frame.html: Added.
Commit: 85b6dcb276d41b3b294b46f1813449774b321050
https://github.com/WebKit/WebKit/commit/85b6dcb276d41b3b294b46f1813449774b321050
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-03-27 (Wed, 27 Mar 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/media/media-source/content/test-green-6s-320x240.mp4
A LayoutTests/media/media-source/content/test-red-3s-480x360.mp4
A LayoutTests/media/media-source/media-source-samples-resolution-change-expected.txt
A LayoutTests/media/media-source/media-source-samples-resolution-change.html
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/gstreamer/mse/AppendPipeline.cpp
Log Message:
-----------
Merged r243199 - [MSE][GStreamer] Fix handling of resolution changes in AppendPipeline
https://bugs.webkit.org/show_bug.cgi?id=195855
Reviewed by Xabier Rodriguez-Calvar.
Source/WebCore:
MediaSample instances produced by the AppendPipeline were not
accounting for resolution changes. The causes of this are twofold:
1) m_presentationSize is set by connectDemuxerSrcPadToAppsink() (by
calling parseDemuxerSrcPadCaps()), but not by appsinkCapsChanged().
2) appsinkCapsChanged() was being called in the main thread as an
asynchronous task. In consequence, even if m_presentationSize is set
there, many samples with the new resolution would still be wrapped in
a MediaSampleGStreamer using the old resolution by the main thread
running consumeAppsinkAvailableSamples() before appsinkCapsChanged()
is dispatched.
This patch fixes these problems by updating m_presentationSize in
appsinkCapsChanged() and making the streaming thread block until the
main thread has dispatched appsinkCapsChanged(). This way the handling
of caps changes is serialized with the handling of frames.
Test: media/media-source/media-source-samples-resolution-change.html
* platform/graphics/gstreamer/mse/AppendPipeline.cpp:
(WebCore::AppendPipeline::AppendPipeline):
(WebCore::AppendPipeline::appsinkCapsChanged):
LayoutTests:
* media/media-source/content/test-green-6s-320x240.mp4: Added.
* media/media-source/content/test-red-3s-480x360.mp4: Added.
* media/media-source/media-source-samples-resolution-change-expected.txt: Added.
* media/media-source/media-source-samples-resolution-change.html: Added.
Commit: 4a61f3acaae4361525876b5cd3253a97664877cf
https://github.com/WebKit/WebKit/commit/4a61f3acaae4361525876b5cd3253a97664877cf
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-03-27 (Wed, 27 Mar 2019)
Changed paths:
M LayoutTests/ChangeLog
M LayoutTests/imported/w3c/ChangeLog
A LayoutTests/imported/w3c/web-platform-tests/media-source/mediasource-correct-frames-after-reappend-expected.txt
A LayoutTests/imported/w3c/web-platform-tests/media-source/mediasource-correct-frames-after-reappend.html
A LayoutTests/imported/w3c/web-platform-tests/media-source/mediasource-correct-frames-expected.txt
A LayoutTests/imported/w3c/web-platform-tests/media-source/mediasource-correct-frames.html
A LayoutTests/imported/w3c/web-platform-tests/media-source/mp4/test-boxes-audio.mp4
A LayoutTests/imported/w3c/web-platform-tests/media-source/mp4/test-boxes-video.mp4
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/gstreamer/mse/PlaybackPipeline.cpp
Log Message:
-----------
Merged r243372 - [MSE][GStreamer] Don't construct segments on PlaybackPipeline::flush
https://bugs.webkit.org/show_bug.cgi?id=195867
Reviewed by Xabier Rodriguez-Calvar.
LayoutTests/imported/w3c:
These tests check that video and audio are roughly in sync with each
other and with the reported player position during MSE playback.
* web-platform-tests/media-source/mediasource-correct-frames-after-reappend-expected.txt: Added.
* web-platform-tests/media-source/mediasource-correct-frames-after-reappend.html: Added.
* web-platform-tests/media-source/mediasource-correct-frames-expected.txt: Added.
* web-platform-tests/media-source/mediasource-correct-frames.html: Added.
* web-platform-tests/media-source/mp4/test-boxes-audio.mp4: Added.
* web-platform-tests/media-source/mp4/test-boxes-video.mp4: Added.
Source/WebCore:
The previous approach did not really work for flushes on only one
branch, as setting reset-time in FLUSH_STOP affects the running time
of the entire pipeline, causing timing issues in the other branch.
Since it's preferable not to interfere with the other branch if
possible, setting reset-time to FALSE fixes that problem.
Also, it's not necessary to fabricate a segment. Since we are not
seeking, only the base needs to be adjusted, and gstbasesrc already
handles this correctly by default.
This fixes an audio/video synchronization bug in YT when some
automatic quality changes occur.
Tests: imported/w3c/web-platform-tests/media-source/mediasource-correct-frames-after-reappend.html
imported/w3c/web-platform-tests/media-source/mediasource-correct-frames.html
* platform/graphics/gstreamer/mse/PlaybackPipeline.cpp:
(WebCore::PlaybackPipeline::flush):
LayoutTests:
Drawing an MSE video in a canvas seems to be failing in Mac. That
functionality is necessary for the tests introduced with this patch,
therefore they fail there. Marking them as Skip.
* platform/mac/TestExpectations:
Commit: 4cde809017ba60ad66a6da6e91ad11f88b5d6324
https://github.com/WebKit/WebKit/commit/4cde809017ba60ad66a6da6e91ad11f88b5d6324
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-03-27 (Wed, 27 Mar 2019)
Changed paths:
M LayoutTests/ChangeLog
M LayoutTests/platform/gtk/TestExpectations
M LayoutTests/platform/gtk/media/video-playing-and-pause-expected.txt
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h
M Source/WebCore/platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp
Log Message:
-----------
Merged r243489 - [GStreamer] Sound loop with Google Hangouts and WhatsApp notifications
https://bugs.webkit.org/show_bug.cgi?id=189471
Reviewed by Xabier Rodriguez-Calvar.
Source/WebCore:
The media duration is now cached (again). The loop issue was
triggered by the previous version of the code returning positive
infinite duration in didEnd(), followed by the timeupdate event
propagation that would trick the HTMLMediaElement into a new call
to play(). Now the cached duration is updated to current position
at EOS (for forward playback direction only), so the media element
no longer triggers a new play call for those cases.
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
(WebCore::MediaPlayerPrivateGStreamer::MediaPlayerPrivateGStreamer):
(WebCore::MediaPlayerPrivateGStreamer::loadFull):
(WebCore::MediaPlayerPrivateGStreamer::playbackPosition const):
(WebCore::MediaPlayerPrivateGStreamer::platformDuration const):
(WebCore::MediaPlayerPrivateGStreamer::durationMediaTime const):
(WebCore::MediaPlayerPrivateGStreamer::currentMediaTime const):
(WebCore::MediaPlayerPrivateGStreamer::didEnd):
(WebCore::MediaPlayerPrivateGStreamer::durationChanged):
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
* platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp:
(WebCore::MediaPlayerPrivateGStreamerMSE::currentMediaTime const):
LayoutTests:
* platform/gtk/TestExpectations:
* platform/gtk/media/video-playing-and-pause-expected.txt:
Commit: c84850f36850e17655bbb7266146cee198698bb4
https://github.com/WebKit/WebKit/commit/c84850f36850e17655bbb7266146cee198698bb4
Author: Philippe Normand <pnormand at igalia.com>
Date: 2019-03-27 (Wed, 27 Mar 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/API/wpe/qt/WPEQtView.h
Log Message:
-----------
Merged r243492 - [WPE][Qt] Uninitialized racy ViewBackend
https://bugs.webkit.org/show_bug.cgi?id=196247
Patch by Philippe Normand <pnormand at igalia.com> on 2019-03-26
Reviewed by Carlos Garcia Campos.
* UIProcess/API/wpe/qt/WPEQtView.h: Initialize the backend pointer to nullptr.
Commit: 1dabfc6ea5b65c80a63545dbfd75dd887ba00ec4
https://github.com/WebKit/WebKit/commit/1dabfc6ea5b65c80a63545dbfd75dd887ba00ec4
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-03-27 (Wed, 27 Mar 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp
Log Message:
-----------
Merged r243538 - Build failure with gstreamer 1.12.5 if USE_GSTREAMER_GL is enabled
https://bugs.webkit.org/show_bug.cgi?id=196178
Reviewed by Xabier Rodriguez-Calvar.
The gst/gl/gl.h header needs to be included before
GraphicsContext3D.h to avoid declaration conflicts with
OpenGLShims.
Based on a patch from Mike Gorse <mgorse at suse.com>
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
(WebCore::GstVideoFrameHolder::GstVideoFrameHolder):
Commit: e025fe0cd295d4582560bc67fa4f9dcf8e3a8efd
https://github.com/WebKit/WebKit/commit/e025fe0cd295d4582560bc67fa4f9dcf8e3a8efd
Author: Michael Catanzaro <mcatanzaro at igalia.com>
Date: 2019-04-08 (Mon, 08 Apr 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/API/glib/WebKitWebView.cpp
M Source/WebKit/UIProcess/API/glib/WebKitWebViewPrivate.h
M Source/WebKit/UIProcess/API/gtk/PageClientImpl.cpp
M Source/WebKit/UIProcess/API/wpe/APIViewClient.h
M Source/WebKit/UIProcess/API/wpe/PageClientImpl.cpp
M Source/WebKit/UIProcess/API/wpe/PageClientImpl.h
M Source/WebKit/UIProcess/API/wpe/WPEView.cpp
M Source/WebKit/UIProcess/API/wpe/WPEView.h
M Source/WebKit/UIProcess/PageLoadState.h
M Tools/ChangeLog
M Tools/TestWebKitAPI/Tests/WebKitGLib/TestLoaderClient.cpp
Log Message:
-----------
Merge r242788 - [WPE][GTK] Load events may occur in unexpected order when JS redirects page before subresource load finishes
https://bugs.webkit.org/show_bug.cgi?id=194131
Source/WebKit:
Reviewed by Michael Catanzaro.
Ensure we emit the load-failed and load-changed with finished event when there's still an ongoing load when a
new provisional load strarts. Previous load fails with cancelled error.
* UIProcess/API/glib/WebKitWebView.cpp:
(webkitWebViewWillStartLoad): Call webkitWebViewLoadFailed() if current page load state is not finished.
* UIProcess/API/glib/WebKitWebViewPrivate.h:
* UIProcess/API/gtk/PageClientImpl.cpp:
(WebKit::PageClientImpl::didStartProvisionalLoadForMainFrame): Call webkitWebViewWillStartLoad().
* UIProcess/API/wpe/APIViewClient.h:
(API::ViewClient::willStartLoad): Add willStartLoad() to API::ViewClient
* UIProcess/API/wpe/PageClientImpl.cpp:
(WebKit::PageClientImpl::didStartProvisionalLoadForMainFrame): Call WPEView::willStartLoad().
* UIProcess/API/wpe/PageClientImpl.h:
* UIProcess/API/wpe/WPEView.cpp:
(WKWPE::View::willStartLoad): Call API::ViewClient::willStartLoad().
* UIProcess/API/wpe/WPEView.h:
* UIProcess/PageLoadState.h:
(WebKit::PageLoadState::isProvisional const):
(WebKit::PageLoadState::isCommitted const):
(WebKit::PageLoadState::isFinished const):
Tools:
Patch by Michael Catanzaro <mcatanzaro at igalia.com> on 2019-03-12
Reviewed by Michael Catanzaro.
* TestWebKitAPI/Tests/WebKitGLib/TestLoaderClient.cpp:
(uriChanged):
(testUnfinishedSubresourceLoad):
(serverCallback):
(beforeAll):
Commit: cda7f7755d8a0ef1b40af56a74d45458fbe9fc89
https://github.com/WebKit/WebKit/commit/cda7f7755d8a0ef1b40af56a74d45458fbe9fc89
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-04-08 (Mon, 08 Apr 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/API/glib/WebKitWebView.cpp
M Tools/ChangeLog
M Tools/TestWebKitAPI/Tests/WebKitGLib/TestLoaderClient.cpp
M Tools/TestWebKitAPI/Tests/WebKitGLib/WebExtensionTest.cpp
Log Message:
-----------
Merge r243434 - [GTK][WPE] Do not allow changes in active URI before provisional load starts for non-API requests
https://bugs.webkit.org/show_bug.cgi?id=194208
Reviewed by Michael Catanzaro.
* UIProcess/API/glib/WebKitWebView.cpp:
(webkitWebViewWillStartLoad): Block updates of active URL.
(webkitWebViewLoadChanged): Unblock updates of active URL on WEBKIT_LOAD_STARTED.
Commit: 42188ef65880beeacb1f3dd632dec141937842f3
https://github.com/WebKit/WebKit/commit/42188ef65880beeacb1f3dd632dec141937842f3
Author: Alex Christensen <achristensen at apple.com>
Date: 2019-04-08 (Mon, 08 Apr 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/loader/MediaResourceLoader.cpp
M Source/WebCore/loader/MediaResourceLoader.h
M Source/WebCore/platform/graphics/PlatformMediaResourceLoader.h
M Source/WebCore/platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp
M Source/WebCore/platform/network/cocoa/WebCoreNSURLSession.mm
Log Message:
-----------
Merge r241444 - Stop using setDefersLoading from WebCore
https://bugs.webkit.org/show_bug.cgi?id=194315
Reviewed by Jer Noble.
That is what CompletionHandlers are for.
* loader/MediaResourceLoader.cpp:
(WebCore::MediaResource::responseReceived):
(WebCore::MediaResource::setDefersLoading): Deleted.
* loader/MediaResourceLoader.h:
* platform/graphics/PlatformMediaResourceLoader.h:
(WebCore::PlatformMediaResourceClient::responseReceived):
(WebCore::PlatformMediaResource::stop):
(WebCore::PlatformMediaResource::setDefersLoading): Deleted.
* platform/network/cocoa/WebCoreNSURLSession.mm:
(WebCore::WebCoreNSURLSessionDataTaskClient::responseReceived):
(-[WebCoreNSURLSessionDataTask resource:receivedResponse:completionHandler:]):
(-[WebCoreNSURLSessionDataTask _setDefersLoading:]): Deleted.
(-[WebCoreNSURLSessionDataTask resource:receivedResponse:]): Deleted.
Commit: b860c204973929ad9e890ac3399c8930f9642834
https://github.com/WebKit/WebKit/commit/b860c204973929ad9e890ac3399c8930f9642834
Author: Philippe Normand <pnormand at igalia.com>
Date: 2019-04-08 (Mon, 08 Apr 2019)
Changed paths:
M LayoutTests/ChangeLog
M LayoutTests/http/tests/media/video-play-stall-seek-expected.txt
M LayoutTests/platform/gtk/TestExpectations
M LayoutTests/platform/gtk/http/tests/media/hls/video-controls-live-stream-expected.txt
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/gstreamer/MainThreadNotifier.h
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp
M Source/WebCore/platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp
M Source/WebCore/platform/graphics/gstreamer/WebKitWebSourceGStreamer.h
Log Message:
-----------
Merge r243058 - [GStreamer] Rewrite HTTP source element using pushsrc base class
https://bugs.webkit.org/show_bug.cgi?id=195631
Reviewed by Xabier Rodriguez-Calvar.
Source/WebCore:
If we want to use webkitwebsrc in adaptivedemux (HLS, DASH, etc)
we need a source element that behaves like souphttpsrc, which is
implemented using pushsrc. This rewrite might also fix some seek
issues.
No new tests, existing http/tests/media tests cover this patch.
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
(WebCore::MediaPlayerPrivateGStreamer::handleMessage):
* platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
(webkit_web_src_class_init):
(webkitWebSrcReset):
(webkit_web_src_init):
(webKitWebSrcCreate):
(webKitWebSrcStart):
(webKitWebSrcCloseSession):
(webKitWebSrcStop):
(webKitWebSrcGetSize):
(webKitWebSrcIsSeekable):
(webKitWebSrcDoSeek):
(webKitWebSrcQuery):
(webKitWebSrcUnLock):
(webKitWebSrcUnLockStop):
(webKitWebSrcChangeState):
(CachedResourceStreamingClient::checkUpdateBlocksize):
(CachedResourceStreamingClient::responseReceived):
(CachedResourceStreamingClient::dataReceived):
(CachedResourceStreamingClient::accessControlCheckFailed):
(CachedResourceStreamingClient::loadFailed):
(CachedResourceStreamingClient::loadFinished):
* platform/graphics/gstreamer/WebKitWebSourceGStreamer.h:
LayoutTests:
* platform/gtk/TestExpectations:
* platform/gtk/http/tests/media/hls/video-controls-live-stream-expected.txt:
Update expectations, though it's not really related with this
patch.
Commit: 8e31fdb86f5c58d5a92db31c88b3e144a7216a15
https://github.com/WebKit/WebKit/commit/8e31fdb86f5c58d5a92db31c88b3e144a7216a15
Author: Philippe Normand <pnormand at igalia.com>
Date: 2019-04-08 (Mon, 08 Apr 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h
M Source/WebCore/platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp
Log Message:
-----------
Merge r243140 - REGRESSION(r243058): [GStreamer] 3 tests now timing out
https://bugs.webkit.org/show_bug.cgi?id=195888
Reviewed by Xabier Rodriguez-Calvar.
A breaking change was introduced in r243058. Now on-disk-buffering
is disabled when the reported Content-Length is 0 or not present
at all. This broke the progress event logic in didLoadProgress()
because leading to progress events not being fired as expected.
The proposed solution is to make webkitwebsrc notify the player
every time the network process receives data from the network. So
the player can now easily determine if the load progressed by
checking the reported statistics.
No new tests, existing media tests cover this change.
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
(WebCore::MediaPlayerPrivateGStreamer::handleMessage):
(WebCore::MediaPlayerPrivateGStreamer::didLoadingProgress const):
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
* platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
(CachedResourceStreamingClient::dataReceived):
Commit: 8198fa891b458bdeb4d71aece7b0bb901f1a7b6d
https://github.com/WebKit/WebKit/commit/8198fa891b458bdeb4d71aece7b0bb901f1a7b6d
Author: Philippe Normand <pnormand at igalia.com>
Date: 2019-04-08 (Mon, 08 Apr 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp
M Source/WebCore/platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp
M Source/WebCore/platform/graphics/gstreamer/WebKitWebSourceGStreamer.h
Log Message:
-----------
Merge r243197 - [GStreamer] Switch back to webkitwebsrc for adaptive streaming fragments downloading
https://bugs.webkit.org/show_bug.cgi?id=195948
Reviewed by Xabier Rodriguez-Calvar.
The webkitwebsrc element now behaves much better when used through
GStreamer's adaptivedemux, so use it for all WebKit media
downloads. The MediaPlayer needed by the webkitwebsrc element now
travels through GstContext messages and queries so that it can be
shared by multiple elements, typically the first webkitwebsrc
element downloads the HLS manifest and then adaptivedemux, through
uridownloader, will create new webkitwebsrc elements for fragments
downloading. Those new elements will query the first webkitwebsrc
element for its context.
The previous hack used to check SecurityOrigins can
also be cleaned-up. The origins are now cached upon reception of
the HTTP headers message from webkitwebsrc.
No new tests, existing http/tests/media/hls tests cover this change.
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
(WebCore::MediaPlayerPrivateGStreamer::setPlaybinURL):
(WebCore::MediaPlayerPrivateGStreamer::loadFull):
(WebCore::MediaPlayerPrivateGStreamer::handleMessage):
(WebCore::MediaPlayerPrivateGStreamer::loadNextLocation):
(WebCore::MediaPlayerPrivateGStreamer::wouldTaintOrigin const):
(WebCore::convertToInternalProtocol): Deleted.
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
(WebCore::MediaPlayerPrivateGStreamerBase::handleSyncMessage):
* platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
(webkit_web_src_class_init):
(webKitWebSrcSetContext):
(webKitWebSrcStart):
(webKitWebSrcGetProtocols):
(webKitWebSrcSetUri):
(CachedResourceStreamingClient::responseReceived):
(convertPlaybinURI): Deleted.
(webKitSrcWouldTaintOrigin): Deleted.
* platform/graphics/gstreamer/WebKitWebSourceGStreamer.h:
Commit: e8fe1f03af38049d37a3ab57043590456b623be7
https://github.com/WebKit/WebKit/commit/e8fe1f03af38049d37a3ab57043590456b623be7
Author: Philippe Normand <pnormand at igalia.com>
Date: 2019-04-08 (Mon, 08 Apr 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h
M Source/WebCore/platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp
Log Message:
-----------
Merge r243537 - [GStreamer] Remove the HLS queue buffering query hack
https://bugs.webkit.org/show_bug.cgi?id=196244
Reviewed by Xabier Rodriguez-Calvar.
Because the http src element now provides network statistics to
the player we can now compute an estimation of the data loading in
case the buffering query isn't handled by any element of the
pipeline.
No new tests, existing HLS tests cover this change.
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
(WebCore::MediaPlayerPrivateGStreamer::fillTimerFired):
(WebCore::findHLSQueue): Deleted.
(WebCore::isHLSProgressing): Deleted.
Commit: 7d02db38431ab39d2503c2e61eebe54239298824
https://github.com/WebKit/WebKit/commit/7d02db38431ab39d2503c2e61eebe54239298824
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-04-08 (Mon, 08 Apr 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/Shared/CoordinatedGraphics/threadedcompositor/CompositingRunLoop.cpp
M Source/WebKit/Shared/CoordinatedGraphics/threadedcompositor/CompositingRunLoop.h
Log Message:
-----------
Merge r242266 - [ThreadedCompositor] Simply the compositing run loop worker thread
https://bugs.webkit.org/show_bug.cgi?id=195208
Patch by Carlos Garcia Campos <cgarcia at igalia.com> on 2019-03-01
Reviewed by Don Olmstead.
We can remove the WorkQueuePool, since we never really supported more than one thread, and now that single
process model non longer exists it doesn't even make sense. We can simply use a RunLoop instead of a WorkQueue
so that the implementation is not specific to the generic WorkQueue implementation.
* Shared/CoordinatedGraphics/threadedcompositor/CompositingRunLoop.cpp:
(WebKit::createRunLoop): Helper function to create the RunLoop in a worker thread before m_updateTimer is initialized.
(WebKit::CompositingRunLoop::CompositingRunLoop): Use createRunLoop().
(WebKit::CompositingRunLoop::~CompositingRunLoop): Stop the worker thread run loop in the next main run loop iteration.
(WebKit::CompositingRunLoop::performTask): Use m_runLoop.
(WebKit::CompositingRunLoop::performTaskSync): Ditto.
(WebKit::WorkQueuePool::singleton): Deleted.
(WebKit::WorkQueuePool::dispatch): Deleted.
(WebKit::WorkQueuePool::runLoop): Deleted.
(WebKit::WorkQueuePool::invalidate): Deleted.
(WebKit::WorkQueuePool::WorkQueuePool): Deleted.
(WebKit::WorkQueuePool::getOrCreateWorkQueueForContext): Deleted.
(): Deleted.
* Shared/CoordinatedGraphics/threadedcompositor/CompositingRunLoop.h:
Commit: b982d4536d58debcf7b6e5726401e38d9268e7c0
https://github.com/WebKit/WebKit/commit/b982d4536d58debcf7b6e5726401e38d9268e7c0
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-04-08 (Mon, 08 Apr 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/PlatformWin.cmake
M Source/WebKit/Shared/CoordinatedGraphics/threadedcompositor/ThreadedDisplayRefreshMonitor.h
M Source/WebKit/SourcesGTK.txt
M Source/WebKit/SourcesWPE.txt
M Source/WebKit/WebProcess/WebPage/AcceleratedDrawingArea.cpp
M Source/WebKit/WebProcess/WebPage/AcceleratedDrawingArea.h
R Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/CoordinatedLayerTreeHost.cpp
R Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/CoordinatedLayerTreeHost.h
A Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/LayerTreeHost.cpp
A Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/LayerTreeHost.h
R Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/ThreadedCoordinatedLayerTreeHost.cpp
R Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/ThreadedCoordinatedLayerTreeHost.h
M Source/WebKit/WebProcess/WebPage/DrawingAreaImpl.cpp
R Source/WebKit/WebProcess/WebPage/LayerTreeHost.cpp
R Source/WebKit/WebProcess/WebPage/LayerTreeHost.h
Log Message:
-----------
Merge r242199 - [CoordinatedGraphics] Unify all LayerTreeHost classes
https://bugs.webkit.org/show_bug.cgi?id=195094
Reviewed by Žan Doberšek.
There's no reason to have 3 classes, since currently LayerTreeHost is only used by coordinated graphics based
ports.
* PlatformWin.cmake:
* SourcesGTK.txt:
* SourcesWPE.txt:
* WebProcess/WebPage/AcceleratedDrawingArea.cpp:
(WebKit::AcceleratedDrawingArea::enterAcceleratedCompositingMode):
(WebKit::AcceleratedDrawingArea::exitAcceleratedCompositingModeNow):
* WebProcess/WebPage/AcceleratedDrawingArea.h:
* WebProcess/WebPage/CoordinatedGraphics/CoordinatedLayerTreeHost.cpp: Removed.
* WebProcess/WebPage/CoordinatedGraphics/CoordinatedLayerTreeHost.h: Removed.
* WebProcess/WebPage/CoordinatedGraphics/LayerTreeHost.cpp: Renamed from Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/ThreadedCoordinatedLayerTreeHost.cpp.
(WebKit::LayerTreeHost::LayerTreeHost):
(WebKit::LayerTreeHost::~LayerTreeHost):
(WebKit::LayerTreeHost::setLayerFlushSchedulingEnabled):
(WebKit::LayerTreeHost::scheduleLayerFlush):
(WebKit::LayerTreeHost::cancelPendingLayerFlush):
(WebKit::LayerTreeHost::layerFlushTimerFired):
(WebKit::LayerTreeHost::setRootCompositingLayer):
(WebKit::LayerTreeHost::setViewOverlayRootLayer):
(WebKit::LayerTreeHost::invalidate):
(WebKit::LayerTreeHost::scrollNonCompositedContents):
(WebKit::LayerTreeHost::forceRepaint):
(WebKit::LayerTreeHost::forceRepaintAsync):
(WebKit::LayerTreeHost::sizeDidChange):
(WebKit::LayerTreeHost::pauseRendering):
(WebKit::LayerTreeHost::resumeRendering):
(WebKit::LayerTreeHost::graphicsLayerFactory):
(WebKit::LayerTreeHost::contentsSizeChanged):
(WebKit::LayerTreeHost::didChangeViewportAttributes):
(WebKit::LayerTreeHost::didChangeViewport):
(WebKit::LayerTreeHost::setIsDiscardable):
(WebKit::LayerTreeHost::setNativeSurfaceHandleForCompositing):
(WebKit::LayerTreeHost::deviceOrPageScaleFactorChanged):
(WebKit::LayerTreeHost::createDisplayRefreshMonitor):
(WebKit::LayerTreeHost::didFlushRootLayer):
(WebKit::LayerTreeHost::commitSceneState):
(WebKit::LayerTreeHost::frameComplete):
(WebKit::LayerTreeHost::nativeSurfaceHandleForCompositing):
(WebKit::LayerTreeHost::didDestroyGLContext):
(WebKit::LayerTreeHost::willRenderFrame):
(WebKit::LayerTreeHost::didRenderFrame):
(WebKit::LayerTreeHost::requestDisplayRefreshMonitorUpdate):
(WebKit::LayerTreeHost::handleDisplayRefreshMonitorUpdate):
(WebKit::LayerTreeHost::renderNextFrame):
* WebProcess/WebPage/CoordinatedGraphics/LayerTreeHost.h: Renamed from Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/ThreadedCoordinatedLayerTreeHost.h.
* WebProcess/WebPage/DrawingAreaImpl.cpp:
(WebKit::DrawingAreaImpl::setNeedsDisplay):
(WebKit::DrawingAreaImpl::setNeedsDisplayInRect):
* WebProcess/WebPage/LayerTreeHost.cpp: Removed.
* WebProcess/WebPage/LayerTreeHost.h: Removed.
* WebPage/win/LayerTreeHost.h: Added.
Commit: 09e2db6f65e766183308c20f6c020d6491c9e4d2
https://github.com/WebKit/WebKit/commit/09e2db6f65e766183308c20f6c020d6491c9e4d2
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-04-08 (Mon, 08 Apr 2019)
Changed paths:
M ChangeLog
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/GraphicsContext3D.h
M Source/WebCore/platform/graphics/PlatformLayer.h
M Source/WebCore/platform/graphics/cairo/ImageBufferCairo.cpp
M Source/WebCore/platform/graphics/cairo/ImageBufferDataCairo.h
M Source/WebCore/platform/graphics/nicosia/NicosiaPaintingEngineThreaded.cpp
M Source/WebCore/platform/graphics/nicosia/NicosiaPaintingEngineThreaded.h
M Source/WebCore/platform/graphics/nicosia/texmap/NicosiaGC3DLayer.cpp
M Source/WebCore/platform/graphics/opengl/GraphicsContext3DOpenGL.cpp
M Source/WebCore/platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp
M Source/WebCore/platform/graphics/opengl/GraphicsContext3DOpenGLES.cpp
M Source/WebCore/platform/graphics/texmap/GraphicsContext3DTextureMapper.cpp
M Source/WebCore/platform/graphics/texmap/TextureMapperGC3DPlatformLayer.cpp
M Source/WebCore/platform/graphics/texmap/TextureMapperGC3DPlatformLayer.h
M Source/WebCore/platform/graphics/texmap/TextureMapperPlatformLayerBuffer.cpp
M Source/WebCore/platform/graphics/texmap/TextureMapperPlatformLayerBuffer.h
M Source/WebCore/platform/graphics/texmap/TextureMapperPlatformLayerProxy.cpp
M Source/WebCore/platform/graphics/texmap/TextureMapperPlatformLayerProxy.h
M Source/WebCore/platform/graphics/texmap/TextureMapperPlatformLayerProxyProvider.h
M Source/WebCore/platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp
M Source/WebCore/rendering/RenderLayerBacking.cpp
M Source/WebCore/rendering/RenderLayerCompositor.cpp
M Source/WebKit/ChangeLog
M Source/WebKit/Shared/CoordinatedGraphics/CoordinatedGraphicsScene.cpp
M Source/WebKit/Shared/CoordinatedGraphics/CoordinatedGraphicsScene.h
M Source/WebKit/Shared/CoordinatedGraphics/SimpleViewportController.cpp
M Source/WebKit/Shared/CoordinatedGraphics/SimpleViewportController.h
M Source/WebKit/Shared/CoordinatedGraphics/threadedcompositor/CompositingRunLoop.cpp
M Source/WebKit/Shared/CoordinatedGraphics/threadedcompositor/CompositingRunLoop.h
M Source/WebKit/Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.cpp
M Source/WebKit/Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.h
M Source/WebKit/Shared/CoordinatedGraphics/threadedcompositor/ThreadedDisplayRefreshMonitor.cpp
M Source/WebKit/Shared/CoordinatedGraphics/threadedcompositor/ThreadedDisplayRefreshMonitor.h
M Source/WebKit/WebProcess/WebPage/AcceleratedDrawingArea.cpp
M Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/LayerTreeHost.cpp
M Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/LayerTreeHost.h
M Source/WebKit/WebProcess/WebPage/DrawingAreaImpl.cpp
M Source/WebKit/WebProcess/WebPage/WebPage.cpp
M Source/WebKit/WebProcess/gtk/WebProcessMainGtk.cpp
M Source/cmake/OptionsGTK.cmake
M Source/cmake/OptionsPlayStation.cmake
M Source/cmake/OptionsWPE.cmake
Log Message:
-----------
Merge r242205 - [CoordinatedGraphics] Remove COORDINATED_GRAPHICS_THREADED option
https://bugs.webkit.org/show_bug.cgi?id=195159
Patch by Carlos Garcia Campos <cgarcia at igalia.com> on 2019-02-28
Reviewed by Don Olmstead.
.:
* Source/cmake/OptionsGTK.cmake:
* Source/cmake/OptionsPlayStation.cmake:
* Source/cmake/OptionsWPE.cmake:
Source/WebCore:
Use COORDINATED_GRAPHICS instead.
* platform/graphics/GraphicsContext3D.h:
* platform/graphics/PlatformLayer.h:
* platform/graphics/cairo/ImageBufferCairo.cpp:
(WebCore::ImageBufferData::ImageBufferData):
(WebCore::ImageBufferData::~ImageBufferData):
* platform/graphics/cairo/ImageBufferDataCairo.h:
* platform/graphics/nicosia/NicosiaPaintingEngineThreaded.cpp:
* platform/graphics/nicosia/NicosiaPaintingEngineThreaded.h:
* platform/graphics/nicosia/texmap/NicosiaGC3DLayer.cpp:
(Nicosia::GC3DLayer::swapBuffersIfNeeded):
* platform/graphics/opengl/GraphicsContext3DOpenGL.cpp:
(WebCore::GraphicsContext3D::reshapeFBOs):
* platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
(WebCore::GraphicsContext3D::prepareTexture):
* platform/graphics/opengl/GraphicsContext3DOpenGLES.cpp:
(WebCore::GraphicsContext3D::reshapeFBOs):
* platform/graphics/texmap/GraphicsContext3DTextureMapper.cpp:
(WebCore::GraphicsContext3D::GraphicsContext3D):
(WebCore::GraphicsContext3D::~GraphicsContext3D):
* platform/graphics/texmap/TextureMapperGC3DPlatformLayer.cpp:
(WebCore::TextureMapperGC3DPlatformLayer::TextureMapperGC3DPlatformLayer):
(WebCore::TextureMapperGC3DPlatformLayer::~TextureMapperGC3DPlatformLayer):
* platform/graphics/texmap/TextureMapperGC3DPlatformLayer.h:
* platform/graphics/texmap/TextureMapperPlatformLayerBuffer.cpp:
* platform/graphics/texmap/TextureMapperPlatformLayerBuffer.h:
* platform/graphics/texmap/TextureMapperPlatformLayerProxy.cpp:
* platform/graphics/texmap/TextureMapperPlatformLayerProxy.h:
* platform/graphics/texmap/TextureMapperPlatformLayerProxyProvider.h:
* platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
(WebCore::CoordinatedGraphicsLayer::setContentsNeedsDisplay):
(WebCore::CoordinatedGraphicsLayer::setContentsToPlatformLayer):
(WebCore::CoordinatedGraphicsLayer::updatePlatformLayer):
* rendering/RenderLayerBacking.cpp:
(WebCore::RenderLayerBacking::paintsIntoWindow const):
* rendering/RenderLayerCompositor.cpp:
(WebCore::RenderLayerCompositor::shouldCompositeOverflowControls const):
Source/WebKit:
Use COORDINATED_GRAPHICS instead.
* Shared/CoordinatedGraphics/CoordinatedGraphicsScene.cpp:
(WebKit::CoordinatedGraphicsScene::onNewBufferAvailable):
* Shared/CoordinatedGraphics/CoordinatedGraphicsScene.h:
* Shared/CoordinatedGraphics/SimpleViewportController.cpp:
* Shared/CoordinatedGraphics/SimpleViewportController.h:
* Shared/CoordinatedGraphics/threadedcompositor/CompositingRunLoop.cpp:
* Shared/CoordinatedGraphics/threadedcompositor/CompositingRunLoop.h:
* Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.cpp:
* Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.h:
* Shared/CoordinatedGraphics/threadedcompositor/ThreadedDisplayRefreshMonitor.cpp:
* Shared/CoordinatedGraphics/threadedcompositor/ThreadedDisplayRefreshMonitor.h:
* WebProcess/WebPage/AcceleratedDrawingArea.cpp:
(WebKit::AcceleratedDrawingArea::mainFrameContentSizeChanged):
(WebKit::AcceleratedDrawingArea::enterAcceleratedCompositingMode):
* WebProcess/WebPage/CoordinatedGraphics/LayerTreeHost.cpp:
* WebProcess/WebPage/CoordinatedGraphics/LayerTreeHost.h:
* WebProcess/WebPage/DrawingAreaImpl.cpp:
(WebKit::DrawingAreaImpl::updatePreferences):
* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::sendViewportAttributesChanged):
(WebKit::WebPage::viewportPropertiesDidChange):
* WebProcess/gtk/WebProcessMainGtk.cpp:
Commit: 79419824b005ab2d57b760331c251cdd062f9d0a
https://github.com/WebKit/WebKit/commit/79419824b005ab2d57b760331c251cdd062f9d0a
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-04-08 (Mon, 08 Apr 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/PlatformGTK.cmake
M Source/WebKit/PlatformWPE.cmake
M Source/WebKit/PlatformWin.cmake
M Source/WebKit/Shared/DrawingAreaInfo.h
M Source/WebKit/SourcesGTK.txt
M Source/WebKit/SourcesWPE.txt
M Source/WebKit/UIProcess/API/gtk/PageClientImpl.cpp
M Source/WebKit/UIProcess/API/gtk/WebKitWebViewBase.cpp
M Source/WebKit/UIProcess/API/wpe/PageClientImpl.cpp
R Source/WebKit/UIProcess/AcceleratedDrawingAreaProxy.cpp
R Source/WebKit/UIProcess/AcceleratedDrawingAreaProxy.h
A Source/WebKit/UIProcess/CoordinatedGraphics/DrawingAreaProxyCoordinatedGraphics.cpp
A Source/WebKit/UIProcess/CoordinatedGraphics/DrawingAreaProxyCoordinatedGraphics.h
R Source/WebKit/UIProcess/DrawingAreaProxyImpl.cpp
R Source/WebKit/UIProcess/DrawingAreaProxyImpl.h
M Source/WebKit/UIProcess/gtk/AcceleratedBackingStoreX11.cpp
M Source/WebKit/UIProcess/win/PageClientImpl.cpp
M Source/WebKit/UIProcess/win/WebView.cpp
R Source/WebKit/WebProcess/WebPage/AcceleratedDrawingArea.cpp
R Source/WebKit/WebProcess/WebPage/AcceleratedDrawingArea.h
A Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/DrawingAreaCoordinatedGraphics.cpp
A Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/DrawingAreaCoordinatedGraphics.h
M Source/WebKit/WebProcess/WebPage/DrawingArea.cpp
M Source/WebKit/WebProcess/WebPage/DrawingArea.h
R Source/WebKit/WebProcess/WebPage/DrawingAreaImpl.cpp
R Source/WebKit/WebProcess/WebPage/DrawingAreaImpl.h
Log Message:
-----------
Merge r242346 - [CoordinatedGraphics] Unify DrawingArea classes
https://bugs.webkit.org/show_bug.cgi?id=195167
Reviewed by Žan Doberšek.
Add DrawingAreaProxyCoordinatedGraphics and DrawingAreaCoordinatedGraphics.
* PlatformGTK.cmake:
* PlatformWPE.cmake:
* PlatformWin.cmake:
* Shared/DrawingAreaInfo.h:
* SourcesGTK.txt:
* SourcesWPE.txt:
* UIProcess/API/gtk/PageClientImpl.cpp:
(WebKit::PageClientImpl::createDrawingAreaProxy):
(WebKit::PageClientImpl::viewSize):
* UIProcess/API/gtk/WebKitWebViewBase.cpp:
(webkitWebViewBaseRealize):
(webkitWebViewBaseUnrealize):
(webkitWebViewBaseDraw):
(webkitWebViewBaseSizeAllocate):
(webkitWebViewBaseDidRelaunchWebProcess):
(webkitWebViewBasePageClosed):
* UIProcess/API/wpe/PageClientImpl.cpp:
(WebKit::PageClientImpl::createDrawingAreaProxy):
* UIProcess/AcceleratedDrawingAreaProxy.cpp: Removed.
* UIProcess/CoordinatedGraphics/DrawingAreaProxyCoordinatedGraphics.cpp: Added.
(WebKit::DrawingAreaProxyCoordinatedGraphics::DrawingAreaProxyCoordinatedGraphics):
(WebKit::DrawingAreaProxyCoordinatedGraphics::~DrawingAreaProxyCoordinatedGraphics):
(WebKit::DrawingAreaProxyCoordinatedGraphics::paint):
(WebKit::DrawingAreaProxyCoordinatedGraphics::sizeDidChange):
(WebKit::DrawingAreaProxyCoordinatedGraphics::deviceScaleFactorDidChange):
(WebKit::DrawingAreaProxyCoordinatedGraphics::waitForBackingStoreUpdateOnNextPaint):
(WebKit::DrawingAreaProxyCoordinatedGraphics::setBackingStoreIsDiscardable):
(WebKit::DrawingAreaProxyCoordinatedGraphics::update):
(WebKit::DrawingAreaProxyCoordinatedGraphics::didUpdateBackingStoreState):
(WebKit::DrawingAreaProxyCoordinatedGraphics::enterAcceleratedCompositingMode):
(WebKit::DrawingAreaProxyCoordinatedGraphics::exitAcceleratedCompositingMode):
(WebKit::DrawingAreaProxyCoordinatedGraphics::updateAcceleratedCompositingMode):
(WebKit::DrawingAreaProxyCoordinatedGraphics::incorporateUpdate):
(WebKit::DrawingAreaProxyCoordinatedGraphics::alwaysUseCompositing const):
(WebKit::DrawingAreaProxyCoordinatedGraphics::backingStoreStateDidChange):
(WebKit::DrawingAreaProxyCoordinatedGraphics::sendUpdateBackingStoreState):
(WebKit::DrawingAreaProxyCoordinatedGraphics::waitForAndDispatchDidUpdateBackingStoreState):
(WebKit::DrawingAreaProxyCoordinatedGraphics::discardBackingStoreSoon):
(WebKit::DrawingAreaProxyCoordinatedGraphics::discardBackingStore):
(WebKit::DrawingAreaProxyCoordinatedGraphics::setNativeSurfaceHandleForCompositing):
(WebKit::DrawingAreaProxyCoordinatedGraphics::destroyNativeSurfaceHandleForCompositing):
(WebKit::DrawingAreaProxyCoordinatedGraphics::DrawingMonitor::DrawingMonitor):
(WebKit::DrawingAreaProxyCoordinatedGraphics::DrawingMonitor::~DrawingMonitor):
(WebKit::DrawingAreaProxyCoordinatedGraphics::DrawingMonitor::webViewDrawCallback):
(WebKit::DrawingAreaProxyCoordinatedGraphics::DrawingMonitor::start):
(WebKit::DrawingAreaProxyCoordinatedGraphics::DrawingMonitor::stop):
(WebKit::DrawingAreaProxyCoordinatedGraphics::DrawingMonitor::didDraw):
(WebKit::DrawingAreaProxyCoordinatedGraphics::dispatchAfterEnsuringDrawing):
* UIProcess/CoordinatedGraphics/DrawingAreaProxyCoordinatedGraphics.h: Renamed from Source/WebKit/UIProcess/AcceleratedDrawingAreaProxy.h.
* UIProcess/DrawingAreaProxyImpl.cpp: Removed.
* UIProcess/DrawingAreaProxyImpl.h: Removed.
* UIProcess/gtk/AcceleratedBackingStoreX11.cpp:
(WebKit::AcceleratedBackingStoreX11::update):
* UIProcess/win/PageClientImpl.cpp:
(WebKit::PageClientImpl::createDrawingAreaProxy):
* UIProcess/win/WebView.cpp:
(WebKit::WebView::paint):
* WebProcess/WebPage/AcceleratedDrawingArea.cpp: Removed.
* WebProcess/WebPage/CoordinatedGraphics/DrawingAreaCoordinatedGraphics.cpp: Added.
(WebKit::DrawingAreaCoordinatedGraphics::DrawingAreaCoordinatedGraphics):
(WebKit::DrawingAreaCoordinatedGraphics::~DrawingAreaCoordinatedGraphics):
(WebKit::DrawingAreaCoordinatedGraphics::setNeedsDisplay):
(WebKit::DrawingAreaCoordinatedGraphics::setNeedsDisplayInRect):
(WebKit::DrawingAreaCoordinatedGraphics::scroll):
(WebKit::DrawingAreaCoordinatedGraphics::forceRepaint):
(WebKit::DrawingAreaCoordinatedGraphics::forceRepaintAsync):
(WebKit::DrawingAreaCoordinatedGraphics::setLayerTreeStateIsFrozen):
(WebKit::DrawingAreaCoordinatedGraphics::updatePreferences):
(WebKit::DrawingAreaCoordinatedGraphics::mainFrameContentSizeChanged):
(WebKit::DrawingAreaCoordinatedGraphics::deviceOrPageScaleFactorChanged):
(WebKit::DrawingAreaCoordinatedGraphics::didChangeViewportAttributes):
(WebKit::DrawingAreaCoordinatedGraphics::graphicsLayerFactory):
(WebKit::DrawingAreaCoordinatedGraphics::setRootCompositingLayer):
(WebKit::DrawingAreaCoordinatedGraphics::scheduleCompositingLayerFlush):
(WebKit::DrawingAreaCoordinatedGraphics::layerHostDidFlushLayers):
(WebKit::DrawingAreaCoordinatedGraphics::createDisplayRefreshMonitor):
(WebKit::DrawingAreaCoordinatedGraphics::setNativeSurfaceHandleForCompositing):
(WebKit::DrawingAreaCoordinatedGraphics::destroyNativeSurfaceHandleForCompositing):
(WebKit::DrawingAreaCoordinatedGraphics::activityStateDidChange):
(WebKit::DrawingAreaCoordinatedGraphics::attachViewOverlayGraphicsLayer):
(WebKit::DrawingAreaCoordinatedGraphics::updateBackingStoreState):
(WebKit::DrawingAreaCoordinatedGraphics::didUpdate):
(WebKit::DrawingAreaCoordinatedGraphics::sendDidUpdateBackingStoreState):
(WebKit::DrawingAreaCoordinatedGraphics::exitAcceleratedCompositingModeSoon):
(WebKit::DrawingAreaCoordinatedGraphics::exitAcceleratedCompositingModeNow):
(WebKit::DrawingAreaCoordinatedGraphics::discardPreviousLayerTreeHost):
(WebKit::DrawingAreaCoordinatedGraphics::suspendPainting):
(WebKit::DrawingAreaCoordinatedGraphics::resumePainting):
(WebKit::DrawingAreaCoordinatedGraphics::enterAcceleratedCompositingMode):
(WebKit::DrawingAreaCoordinatedGraphics::exitAcceleratedCompositingMode):
(WebKit::DrawingAreaCoordinatedGraphics::scheduleDisplay):
(WebKit::DrawingAreaCoordinatedGraphics::displayTimerFired):
(WebKit::DrawingAreaCoordinatedGraphics::display):
(WebKit::shouldPaintBoundsRect):
* WebProcess/WebPage/CoordinatedGraphics/DrawingAreaCoordinatedGraphics.h: Renamed from Source/WebKit/WebProcess/WebPage/AcceleratedDrawingArea.h.
* WebProcess/WebPage/DrawingArea.cpp:
(WebKit::DrawingArea::create):
* WebProcess/WebPage/DrawingArea.h:
(WebKit::DrawingArea::layerFlushThrottlingIsActive const):
* WebProcess/WebPage/DrawingAreaImpl.cpp: Removed.
* WebProcess/WebPage/DrawingAreaImpl.h: Removed.
Commit: 9fc4c91ab8b7747480e122855bf7581bb7d1f742
https://github.com/WebKit/WebKit/commit/9fc4c91ab8b7747480e122855bf7581bb7d1f742
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-04-08 (Mon, 08 Apr 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.cpp
M Source/WebKit/Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.h
M Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/DrawingAreaCoordinatedGraphics.cpp
M Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/LayerTreeHost.cpp
Log Message:
-----------
Merge r242364 - [CoordinatedGraphics] The compositing loop is still running even after exiting AC mode
https://bugs.webkit.org/show_bug.cgi?id=195270
Patch by Carlos Garcia Campos <cgarcia at igalia.com> on 2019-03-04
Reviewed by Don Olmstead.
Suspend the threaded compositor when the painting is paused or layer flush disabled, and resume it again when
painting is resumed and layer flush enabled.
* Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.cpp:
(WebKit::ThreadedCompositor::suspend): Increment the suspend counter and mark the scene as inactive if it was suspended.
(WebKit::ThreadedCompositor::resume): Decrement the suspend counter and mark the scene as active if it's now resumed.
* Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.h:
* WebProcess/WebPage/CoordinatedGraphics/DrawingAreaCoordinatedGraphics.cpp:
(WebKit::DrawingAreaCoordinatedGraphics::forceRepaint): Return early if layer tree state is frozen.
(WebKit::DrawingAreaCoordinatedGraphics::forceRepaintAsync): Ditto.
* WebProcess/WebPage/CoordinatedGraphics/LayerTreeHost.cpp:
(WebKit::LayerTreeHost::setLayerFlushSchedulingEnabled): Call ThreadedCompositor::suspend()/resume().
(WebKit::LayerTreeHost::pauseRendering): Call ThreadedCompositor::suspend.
(WebKit::LayerTreeHost::resumeRendering): Call ThreadedCompositor::resume().
Commit: 3ae4c1709a014938343df0522258346eaa9134a8
https://github.com/WebKit/WebKit/commit/3ae4c1709a014938343df0522258346eaa9134a8
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-04-08 (Mon, 08 Apr 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/Shared/CoordinatedGraphics/threadedcompositor/CompositingRunLoop.cpp
M Source/WebKit/Shared/CoordinatedGraphics/threadedcompositor/CompositingRunLoop.h
M Source/WebKit/Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.cpp
Log Message:
-----------
Merge r242597 - REGRESSION(r242364): [WPE] Do not stop the compositing run loop update timer on suspend
https://bugs.webkit.org/show_bug.cgi?id=195410
Patch by Carlos Garcia Campos <cgarcia at igalia.com> on 2019-03-07
Reviewed by Žan Doberšek.
Calling CompositingRunLoop::stopUpdates() on suspend is leaving the threaded compositor in an inconsistent
state, failing to resume and stopping the updates forever. This is causing timeouts in WPE layout tests. Instead
of calling stopUpdates(), a new suspend() is called, that stops the update timer, without changing the current
updae tha compositing state. A new method resume() is also added to schedule an update if needed.
* Shared/CoordinatedGraphics/threadedcompositor/CompositingRunLoop.cpp:
(WebKit::CompositingRunLoop::suspend): Set state as suspended and stop the update timer.
(WebKit::CompositingRunLoop::resume): Set state as not suspended and start the update timer if it was scheduled
while suspended.
(WebKit::CompositingRunLoop::scheduleUpdate): Do not start the update timer when suspended.
(WebKit::CompositingRunLoop::compositionCompleted): Ditto.
(WebKit::CompositingRunLoop::updateCompleted): Ditto.
(WebKit::CompositingRunLoop::updateTimerFired): Add an assert to ensure the update timer is not fired while suspended.
* Shared/CoordinatedGraphics/threadedcompositor/CompositingRunLoop.h:
* Shared/CoordinatedGraphics/threadedcompositor/ThreadedCompositor.cpp:
(WebKit::ThreadedCompositor::suspend): Call CompositingRunLoop::suspend() instead of stopUpdates().
(WebKit::ThreadedCompositor::resume): Call CompositingRunLoop::resume().
Commit: 8ad52a7e7f0edb529851d138ba91d227ebb952ce
https://github.com/WebKit/WebKit/commit/8ad52a7e7f0edb529851d138ba91d227ebb952ce
Author: Fujii Hironori <Hironori.Fujii at sony.com>
Date: 2019-04-08 (Mon, 08 Apr 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/Shared/CoordinatedGraphics/threadedcompositor/CompositingRunLoop.cpp
Log Message:
-----------
Merge r242771 - [CoordinatedGraphics] ASSERTION FAILED: !m_state.isSuspended
https://bugs.webkit.org/show_bug.cgi?id=195550
Reviewed by Carlos Garcia Campos.
CompositingRunLoop::suspend() locks a mutex and stops the update
timer. But, the timer can be fired after the lock was acquired and
before the timer is stopped.
* Shared/CoordinatedGraphics/threadedcompositor/CompositingRunLoop.cpp:
(WebKit::CompositingRunLoop::updateTimerFired): Removed the
assertion. Return early if m_state.isSuspended.
Commit: 25d66a12c6816367ea9310f20ac2be45e155e216
https://github.com/WebKit/WebKit/commit/25d66a12c6816367ea9310f20ac2be45e155e216
Author: Fujii Hironori <Hironori.Fujii at sony.com>
Date: 2019-04-08 (Mon, 08 Apr 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/Shared/CoordinatedGraphics/CoordinatedGraphicsScene.cpp
Log Message:
-----------
Merge r243475 - [Coordinated Graphics][WinCairo] ASSERTION FAILED: state.id == m_nicosia.state.id
https://bugs.webkit.org/show_bug.cgi?id=196190
Reviewed by Žan Doberšek.
This assertion assumes the pre-committed and the committed scenes
are identical. But, the pre-committed scene is updated in the main
thread. Removed the false assertion.
* Shared/CoordinatedGraphics/CoordinatedGraphicsScene.cpp:
(WebKit::CoordinatedGraphicsScene::purgeGLResources): Remove the
assertion. Removed layers of committed scene, not pre-committed
scene.
Commit: 8f3d50e51c2442a6725c5098d217e05084aeb561
https://github.com/WebKit/WebKit/commit/8f3d50e51c2442a6725c5098d217e05084aeb561
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-04-08 (Mon, 08 Apr 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/DrawingAreaCoordinatedGraphics.cpp
Log Message:
-----------
Merge r243796 - [CoordinatedGraphics] Hidden pages are not suspended after a web view resize
https://bugs.webkit.org/show_bug.cgi?id=196487
Reviewed by Žan Doberšek.
When resizing the window, the hidden tabs are updated too, to avoid flickering or getting the old size when
switching tabs. For that we need to resume painting but we are not suspending it again after the update.
* WebProcess/WebPage/CoordinatedGraphics/DrawingAreaCoordinatedGraphics.cpp:
(WebKit::DrawingAreaCoordinatedGraphics::updateBackingStoreState): Suspend the painting again after a
synchronous update if needed.
Commit: 3808b751a139088d1ac911bb56bcbcf072859961
https://github.com/WebKit/WebKit/commit/3808b751a139088d1ac911bb56bcbcf072859961
Author: Tomoki Imai <Tomoki.Imai at sony.com>
Date: 2019-04-08 (Mon, 08 Apr 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/CoordinatedGraphics/DrawingAreaProxyCoordinatedGraphics.cpp
M Source/WebKit/UIProcess/CoordinatedGraphics/DrawingAreaProxyCoordinatedGraphics.h
Log Message:
-----------
Merge r243505 - Assertion failure !isInAcceleratedCompositingMode() in DrawingAreaProxyCoordinatedGraphics::incorporateUpdate when forceCompositingMode is turned on
https://bugs.webkit.org/show_bug.cgi?id=195879
Patch by Tomoki Imai <Tomoki.Imai at sony.com> on 2019-03-26
Reviewed by Carlos Garcia Campos.
The root cause is that DrawingAreaProxyCoordinatedGraphics::isInAcceleratedCompositingMode checks both of alwaysUseCompositing() and !m_layerTreeContext.isEmpty().
alwaysUseCompositing() refers preferences, which is written by the application (UIProcess).
On the other hand, m_layerTreeContext is changed when it receives enterAcceleratedCompositingMode/exitAcceleratedCompositingMode from WebProcess.
It results when we set forceCompositingMode and acceleratedCompositingEnabled to true, WebProcess and UIProcess is out of sync until WebProcess sends enterAcceleratedCompositingMode message.
In such situation, WebProcess sends incorporateUpdate to UIProcess because WebProcess is in non-AC mode, but isInAcceleratedCompositingMode becomes true in UIProcess side.
* UIProcess/CoordinatedGraphics/DrawingAreaProxyCoordinatedGraphics.cpp:
(WebKit::DrawingAreaProxyCoordinatedGraphics::~DrawingAreaProxyCoordinatedGraphics): Should call exitAcceleratedCompositingMode even when alwaysUseCompositing is true.
(WebKit::DrawingAreaProxyCoordinatedGraphics::enterAcceleratedCompositingMode): enterAcceleratedCompositingMode should check enterAcceleratedCompositingMode is not called twice.
* UIProcess/CoordinatedGraphics/DrawingAreaProxyCoordinatedGraphics.h: Remove alwaysUseCompositing from isInAcceleratedCompositingMode
Commit: a5b85a5176a665abfd69c89b8df84392e7910a9c
https://github.com/WebKit/WebKit/commit/a5b85a5176a665abfd69c89b8df84392e7910a9c
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-04-08 (Mon, 08 Apr 2019)
Changed paths:
M LayoutTests/ChangeLog
M LayoutTests/platform/gtk/fast/text/international/hebrew-vowels-expected.png
M LayoutTests/platform/gtk/fast/text/international/hebrew-vowels-expected.txt
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/cairo/FontCairo.cpp
M Source/WebCore/platform/graphics/cairo/GraphicsContextImplCairo.cpp
M Source/WebCore/platform/graphics/harfbuzz/ComplexTextControllerHarfBuzz.cpp
Log Message:
-----------
Merge r243602 - [FreeType] Incorrect application of glyph positioning in the Y direction
https://bugs.webkit.org/show_bug.cgi?id=161493
Reviewed by Michael Catanzaro.
Source/WebCore:
Use the first glyph origin as the initial advance of every complex text run.
* platform/graphics/cairo/FontCairo.cpp:
(WebCore::FontCascade::drawGlyphs): Update the yOffset using the height advance.
* platform/graphics/cairo/GraphicsContextImplCairo.cpp:
(WebCore::GraphicsContextImplCairo::drawGlyphs): Ditto.
* platform/graphics/harfbuzz/ComplexTextControllerHarfBuzz.cpp:
(WebCore::ComplexTextController::ComplexTextRun::ComplexTextRun): Set the initial advance.
LayoutTests:
Rebaseline fast/text/international/hebrew-vowels.html.
* platform/gtk/fast/text/international/hebrew-vowels-expected.png:
* platform/gtk/fast/text/international/hebrew-vowels-expected.txt:
Commit: 1a06f45b027f0297c8503a71e193b563388abad8
https://github.com/WebKit/WebKit/commit/1a06f45b027f0297c8503a71e193b563388abad8
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-04-08 (Mon, 08 Apr 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp
Log Message:
-----------
Merge r243860 - [ATK] Don't touch accessibility tree in WebFrameLoaderClient::dispatchDidClearWindowObjectInWorld
https://bugs.webkit.org/show_bug.cgi?id=193914
Reviewed by Michael Catanzaro.
Move it to dispatchDidFinishDocumentLoad, since we know we have the document at that point and we can create the
root accessibility object wrapper.
* WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:
(WebKit::WebFrameLoaderClient::dispatchDidFinishDocumentLoad):
(WebKit::WebFrameLoaderClient::dispatchDidClearWindowObjectInWorld):
Commit: ff957fb87ab5b9ecb7c2dc9f45af465834ce133a
https://github.com/WebKit/WebKit/commit/ff957fb87ab5b9ecb7c2dc9f45af465834ce133a
Author: Michael Catanzaro <mcatanzaro at gnome.org>
Date: 2019-04-08 (Mon, 08 Apr 2019)
Changed paths:
M LayoutTests/ChangeLog
R LayoutTests/fast/forms/editing-value-expected.txt
R LayoutTests/fast/forms/editing-value.html
M Source/WebCore/ChangeLog
M Source/WebCore/html/HTMLInputElement.cpp
M Source/WebCore/html/HTMLInputElement.h
M Source/WebCore/testing/Internals.cpp
M Source/WebCore/testing/Internals.h
M Source/WebCore/testing/Internals.idl
M Source/WebKit/ChangeLog
M Source/WebKit/WebProcess/InjectedBundle/API/glib/DOM/WebKitDOMElement.cpp
M Source/WebKit/WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLInputElement.cpp
Log Message:
-----------
Merge r243804 - Get rid of HTMLInputElement::setEditingValue
https://bugs.webkit.org/show_bug.cgi?id=196402
Reviewed by Darin Adler.
Source/WebCore:
HTMLInputElement::setEditingValue is only used for Epiphany password autofill. We did it
this way because that's what Chrome uses for autofill, but Apple uses
HTMLInputElement::setValueForUser. Let's switch to that instead, then we can get rid of
setEditingValue.
This fixes logging into ting.com after username and password are autofilled by Epiphany.
Before this change, the login would fail unless you first manually edit either the username
or the password field.
* html/HTMLInputElement.cpp:
(WebCore::HTMLInputElement::setEditingValue): Deleted.
* html/HTMLInputElement.h:
* testing/Internals.cpp:
(WebCore::Internals::setEditingValue): Deleted.
* testing/Internals.h:
* testing/Internals.idl:
Source/WebKit:
* WebProcess/InjectedBundle/API/glib/DOM/WebKitDOMElement.cpp:
(webkit_dom_element_html_input_element_set_editing_value):
* WebProcess/InjectedBundle/API/gtk/DOM/WebKitDOMHTMLInputElement.cpp:
(webkit_dom_html_input_element_set_editing_value):
LayoutTests:
* fast/forms/editing-value-expected.txt: Removed.
* fast/forms/editing-value-null-renderer-expected.txt: Removed.
* fast/forms/editing-value-null-renderer.html: Removed.
* fast/forms/editing-value.html: Removed.
Commit: f30ead204c1d9cd37ca4b460d91a9b583dc88e0a
https://github.com/WebKit/WebKit/commit/f30ead204c1d9cd37ca4b460d91a9b583dc88e0a
Author: Michael Catanzaro <mcatanzaro at gnome.org>
Date: 2019-04-08 (Mon, 08 Apr 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/API/glib/WebKitWebResource.cpp
M Tools/ChangeLog
M Tools/TestWebKitAPI/Tests/WebKitGLib/TestResources.cpp
Log Message:
-----------
Merge r243608 - [WPE][GTK] webkit_web_resource_get_data_finish can return NULL without setting error
https://bugs.webkit.org/show_bug.cgi?id=186276
Reviewed by Carlos Garcia Campos.
Source/WebKit:
Currently it's possible for webkit_web_resource_get_data_finish() to return NULL without
setting the error parameter. This is illegal because it is an API guarantee (and a GObject
convention) that if an error parameter exists, it should be set whenever a function call
returns NULL. Epiphany correctly dereferences the error in this case without checking if it
is NULL, because it knows it does not have to, and crashes. Fix this. We'll return a byte
array of length 1 containing a NUL character. This isn't great, but there's not really any
better solution without deprecating the API or returning an error code to indicate an empty
resource, and it at least fixes the Epiphany crash.
This does not fix bug #186276, in which this function incorrectly returns no data when it
ought to. But that is a different bug. Now, at least we won't crash when no data is
available.
* UIProcess/API/glib/WebKitWebResource.cpp:
(resourceDataCallback):
Tools:
* TestWebKitAPI/Tests/WebKitGLib/TestResources.cpp:
(webViewLoadChanged):
(testWebResourceGetDataError):
(testWebResourceGetDataEmpty):
(beforeAll):
(webViewloadChanged): Deleted.
Commit: dd00fda938a2985b213539d2c2bd79359489143e
https://github.com/WebKit/WebKit/commit/dd00fda938a2985b213539d2c2bd79359489143e
Author: Sergio Villar Senin <svillar at igalia.com>
Date: 2019-04-08 (Mon, 08 Apr 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/UserAgentQuirks.cpp
M Tools/ChangeLog
M Tools/TestWebKitAPI/Tests/WebCore/UserAgentQuirks.cpp
Log Message:
-----------
Merge r243971 - [GTK][WPE] outlook.live.com displays old-fashioned UI
https://bugs.webkit.org/show_bug.cgi?id=196642
Reviewed by Carlos Garcia Campos.
Source/WebCore:
The new good looking UI is shown as long as pretend we're a Mac in the UA.
* platform/UserAgentQuirks.cpp:
(WebCore::urlRequiresChromeBrowser):
Tools:
* TestWebKitAPI/Tests/WebCore/UserAgentQuirks.cpp:
(TestWebKitAPI::TEST): New Mac platform quirk test.
Commit: 78614c9b33c01199a1bfe05ea173fe8084e60829
https://github.com/WebKit/WebKit/commit/78614c9b33c01199a1bfe05ea173fe8084e60829
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-04-08 (Mon, 08 Apr 2019)
Changed paths:
M Source/JavaScriptCore/API/APIUtils.h
M Source/JavaScriptCore/API/glib/JSCValue.cpp
M Source/JavaScriptCore/ChangeLog
Log Message:
-----------
Merge r243200 - [GLIB] Optimize jsc_value_object_define_property_data|accessor
https://bugs.webkit.org/show_bug.cgi?id=195679
Reviewed by Saam Barati.
Use direct C++ call instead of using the JSC GLib API to create the descriptor object and invoke Object.defineProperty().
* API/glib/JSCValue.cpp:
(jsc_value_object_define_property_data):
(jsc_value_object_define_property_accessor):
Commit: 40dac31c22a416d8dd0f1577db8d2b185689bb41
https://github.com/WebKit/WebKit/commit/40dac31c22a416d8dd0f1577db8d2b185689bb41
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-04-08 (Mon, 08 Apr 2019)
Changed paths:
M Source/JavaScriptCore/API/glib/JSCCallbackFunction.cpp
M Source/JavaScriptCore/API/glib/JSCClass.cpp
M Source/JavaScriptCore/API/glib/JSCValue.cpp
M Source/JavaScriptCore/ChangeLog
M Tools/ChangeLog
M Tools/TestWebKitAPI/Tests/JavaScriptCore/glib/TestJSC.cpp
Log Message:
-----------
Merge r243283 - [GLib] Returning G_TYPE_OBJECT from a method does not work
https://bugs.webkit.org/show_bug.cgi?id=195574
Reviewed by Michael Catanzaro.
Source/JavaScriptCore:
Add more documentation to clarify the ownership of wrapped objects when created and when returned by functions.
* API/glib/JSCCallbackFunction.cpp:
(JSC::JSCCallbackFunction::construct): Also allow to return boxed types from a constructor.
* API/glib/JSCClass.cpp:
* API/glib/JSCValue.cpp:
Tools:
Add new test cases to check the behavior of constructors and functions returning GObject and boxed types.
* TestWebKitAPI/Tests/JavaScriptCore/glib/TestJSC.cpp:
(getGFile):
(getParent):
(createGString):
(getGString):
(getGStringCopyWillRaise):
(getGStringCopy):
(getGStringStr):
(getGStringLen):
(freeGString):
(testJSCClass):
Commit: 74cdd6ce469c9f07a267009be0f17cfb82fb9baa
https://github.com/WebKit/WebKit/commit/74cdd6ce469c9f07a267009be0f17cfb82fb9baa
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-04-08 (Mon, 08 Apr 2019)
Changed paths:
M Source/JavaScriptCore/API/glib/JSCClass.cpp
M Source/JavaScriptCore/API/glib/JSCValue.cpp
M Source/JavaScriptCore/ChangeLog
M Tools/ChangeLog
M Tools/TestWebKitAPI/Tests/JavaScriptCore/glib/TestJSC.cpp
Log Message:
-----------
Merge r243289 - [GLIB] User data not correctly passed to callback of functions and constructors with no parameters
https://bugs.webkit.org/show_bug.cgi?id=196073
Patch by Carlos Garcia Campos <cgarcia at igalia.com> on 2019-03-21
Reviewed by Michael Catanzaro.
Source/JavaScriptCore:
This is because GClosure always expects a first parameter as instance. In case of functions or constructors with
no parameters we insert a fake instance which is just a null pointer that is ignored by the callback. But
if the function/constructor has user data the callback will expect one parameter for the user data. In that case
we can simply swap instance/user data so that the fake instance will be the second argument and user data the
first one.
* API/glib/JSCClass.cpp:
(jscClassCreateConstructor): Use g_cclosure_new_swap() if parameters is empty and user data was provided.
* API/glib/JSCValue.cpp:
(jscValueFunctionCreate): Ditto.
Tools:
Add test cases to check functions and constructors with no arguments but receiving user data.
* TestWebKitAPI/Tests/JavaScriptCore/glib/TestJSC.cpp:
(checkUserData):
(testJSCFunction):
(fooCreateWithUserData):
(testJSCClass):
Commit: bbc312b0996736be7f9eced833460238d3bac374
https://github.com/WebKit/WebKit/commit/bbc312b0996736be7f9eced833460238d3bac374
Author: Miguel Gomez <magomez at igalia.com>
Date: 2019-04-08 (Mon, 08 Apr 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp
M Source/WebCore/platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h
Log Message:
-----------
Merge r243866 - [GTK][WPE] Use a timer to request the creation of pending tiles
https://bugs.webkit.org/show_bug.cgi?id=196594
Reviewed by Žan Doberšek.
Use a timer to request pending tile creation, as calls to notifyFlushRequired() are discarded
while inside a layer flush.
* platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
(WebCore::CoordinatedGraphicsLayer::CoordinatedGraphicsLayer):
(WebCore::CoordinatedGraphicsLayer::flushCompositingStateForThisLayerOnly):
(WebCore::CoordinatedGraphicsLayer::updateContentBuffers):
(WebCore::CoordinatedGraphicsLayer::requestPendingTileCreationTimerFired):
* platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:
Commit: e18608404494b4c853ffeda95cc57ac68c453c10
https://github.com/WebKit/WebKit/commit/e18608404494b4c853ffeda95cc57ac68c453c10
Author: Xan Lopez <xan at igalia.com>
Date: 2019-04-08 (Mon, 08 Apr 2019)
Changed paths:
M CMakeLists.txt
M ChangeLog
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/assembler/MacroAssemblerX86Common.cpp
M Source/JavaScriptCore/assembler/MacroAssemblerX86Common.h
A Source/cmake/FindSSE2.cmake
Log Message:
-----------
Merge r243989 - [CMake] Detect SSE2 at compile time
https://bugs.webkit.org/show_bug.cgi?id=196488
Patch by Xan Lopez <xan at igalia.com> on 2019-04-08
Reviewed by Carlos Garcia Campos.
.:
* CMakeLists.txt: Use FindSSE2.cmake to detect SSE2 support.
* Source/cmake/FindSSE2.cmake: Added.
Source/JavaScriptCore:
* assembler/MacroAssemblerX86Common.cpp: Remove unnecessary (and
incorrect) static_assert.
Commit: 49b37011907ea2eda0cd5537f304fab7b46cc696
https://github.com/WebKit/WebKit/commit/49b37011907ea2eda0cd5537f304fab7b46cc696
Author: Wenson Hsieh <wenson_hsieh at apple.com>
Date: 2019-04-08 (Mon, 08 Apr 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/fast/forms/remove-associated-element-after-gc-expected.txt
A LayoutTests/fast/forms/remove-associated-element-after-gc.html
M Source/WebCore/ChangeLog
M Source/WebCore/html/HTMLFormControlElement.cpp
M Source/WebCore/html/HTMLFormElement.cpp
Log Message:
-----------
Merge r242917 - Fix an edge case where HTMLFormElement::removeFormElement is invoked twice with the same element
https://bugs.webkit.org/show_bug.cgi?id=195663
<rdar://problem/48576391>
Reviewed by Ryosuke Niwa.
Source/WebCore:
Currently, it's possible for HTMLFormControlElement's destructor to be reentrant. This may happen if the form
control element is ref'd while carrying out its destructor's logic. This may happen in two places in
HTMLFormControlElement (didChangeForm and resetDefaultButton), both of which actually don't require ensuring a
protected reference to the form control element since they should never result in any script execution.
To fix the bug, convert these strong references into raw pointers, and add ScriptDisallowedScope to ensure that
we don't change these codepaths in the future, such that they trigger arbitrary script execution.
Test: fast/forms/remove-associated-element-after-gc.html
* html/HTMLFormControlElement.cpp:
(WebCore::HTMLFormControlElement::didChangeForm):
* html/HTMLFormElement.cpp:
(WebCore::HTMLFormElement::resetDefaultButton):
LayoutTests:
Add a layout test to exercise the scenario described in the WebCore ChangeLog.
* fast/forms/remove-associated-element-after-gc-expected.txt: Added.
* fast/forms/remove-associated-element-after-gc.html: Added.
Commit: 91bcf080a68b0ebfdc6eac00ded5ebdfbf3e586a
https://github.com/WebKit/WebKit/commit/91bcf080a68b0ebfdc6eac00ded5ebdfbf3e586a
Author: Alan Bujtas <zalan at apple.com>
Date: 2019-04-08 (Mon, 08 Apr 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/fast/ruby/crash-when-paginated-ruby-expected.txt
A LayoutTests/fast/ruby/crash-when-paginated-ruby.html
M LayoutTests/platform/mac/TestExpectations
M Source/WebCore/ChangeLog
M Source/WebCore/rendering/RenderMultiColumnFlow.cpp
Log Message:
-----------
Merge r242919 - Use RenderBox::previousSiblingBox/nextSiblingBox in RenderMultiColumnFlow
https://bugs.webkit.org/show_bug.cgi?id=195701
<rdar://problem/48448658>
Reviewed by Simon Fraser.
Source/WebCore:
It's safer to use existing RenderBox functions to get sibling boxes.
Test: fast/ruby/crash-when-paginated-ruby.html
* rendering/RenderMultiColumnFlow.cpp:
(WebCore::RenderMultiColumnFlow::nextColumnSetOrSpannerSiblingOf):
(WebCore::RenderMultiColumnFlow::previousColumnSetOrSpannerSiblingOf):
LayoutTests:
* fast/ruby/crash-when-paginated-ruby-expected.txt: Added.
* fast/ruby/crash-when-paginated-ruby.html: Added.
Commit: 34b940779ad519af974aee5e3239d54a72057413
https://github.com/WebKit/WebKit/commit/34b940779ad519af974aee5e3239d54a72057413
Author: Alan Bujtas <zalan at apple.com>
Date: 2019-04-08 (Mon, 08 Apr 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/rendering/RenderListMarker.cpp
M Source/WebCore/rendering/RenderListMarker.h
Log Message:
-----------
Merge r242921 - [WeakPtr] RenderListMarker::m_listItem should be a WeakPtr
https://bugs.webkit.org/show_bug.cgi?id=195704
<rdar://problem/48486278>
Reviewed by Simon Fraser.
* rendering/RenderListMarker.cpp:
(WebCore::RenderListMarker::RenderListMarker):
(WebCore::RenderListMarker::paint):
(WebCore::RenderListMarker::layout):
(WebCore::RenderListMarker::updateContent):
(WebCore::RenderListMarker::computePreferredLogicalWidths):
(WebCore::RenderListMarker::lineHeight const):
(WebCore::RenderListMarker::baselinePosition const):
(WebCore::RenderListMarker::suffix const):
(WebCore::RenderListMarker::isInside const):
(WebCore::RenderListMarker::getRelativeMarkerRect):
* rendering/RenderListMarker.h:
Commit: 0089d8abeb4e69688449d18691233a4a0438bb8d
https://github.com/WebKit/WebKit/commit/0089d8abeb4e69688449d18691233a4a0438bb8d
Author: Alan Bujtas <zalan at apple.com>
Date: 2019-04-08 (Mon, 08 Apr 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/fast/block/float/list-marker-is-float-crash-expected.txt
A LayoutTests/fast/block/float/list-marker-is-float-crash.html
M Source/WebCore/ChangeLog
M Source/WebCore/rendering/RenderListMarker.cpp
Log Message:
-----------
Merge r242943 - Cleanup inline boxes when list marker gets blockified
https://bugs.webkit.org/show_bug.cgi?id=195746
<rdar://problem/48049175>
Reviewed by Antti Koivisto.
Source/WebCore:
Normally when an element gets blockified (inline -> block) we destroy its renderer and construct a new one (RenderInline -> RenderBlock).
During this process the associated inline boxtree gets destroyed as well. Since RenderListMarker is just a generic RenderBox, the blockifying
change does not require a new renderer.
This patch takes care of destroying the inline boxtree when the marker gains block display type.
Test: fast/block/float/list-marker-is-float-crash.html
* rendering/RenderListMarker.cpp:
(WebCore::RenderListMarker::styleDidChange):
LayoutTests:
* fast/block/float/list-marker-is-float-crash-expected.txt: Added.
* fast/block/float/list-marker-is-float-crash.html: Added.
Commit: 7f1db1be93037c96889dd9e288772086dca858b1
https://github.com/WebKit/WebKit/commit/7f1db1be93037c96889dd9e288772086dca858b1
Author: Ryosuke Niwa <rniwa at webkit.org>
Date: 2019-04-08 (Mon, 08 Apr 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/dom/Document.cpp
M Source/WebCore/dom/Document.h
M Source/WebCore/dom/Node.cpp
Log Message:
-----------
Merge r242964 - Storing a Node in Ref/RefPtr inside its destructor results in double delete
https://bugs.webkit.org/show_bug.cgi?id=195661
Reviewed by Brent Fulgham.
Set Node::m_refCount to 1 before calling its virtual destructor.
This is a security mitigation to prevent any code which ends up storing the node to Ref / RefPtr
inside the destructor, which is a programming error caught by debug assertions, from triggering
a double-delete on the same Node.
Such a code would hit the debug assertions in Node::deref() because m_inRemovedLastRefFunction
had been set to true by then.
* dom/Document.cpp:
(WebCore::Document::removedLastRef):
* dom/Document.h:
(WebCore::Document::decrementReferencingNodeCount):
* dom/Node.cpp:
(WebCore::Node::~Node):
(WebCore::Node::removedLastRef):
Commit: 3eba6902c9adbd5372210909dbb2366735118a00
https://github.com/WebKit/WebKit/commit/3eba6902c9adbd5372210909dbb2366735118a00
Author: Mark Lam <mark.lam at apple.com>
Date: 2019-04-08 (Mon, 08 Apr 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/structure-flattenDictionary-should-clear-unused-property-slots.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/runtime/Structure.cpp
Log Message:
-----------
Merge r243069 - Structure::flattenDictionary() should clear unused property slots.
https://bugs.webkit.org/show_bug.cgi?id=195871
<rdar://problem/48959497>
Reviewed by Michael Saboff.
JSTests:
* stress/structure-flattenDictionary-should-clear-unused-property-slots.js: Added.
Source/JavaScriptCore:
It currently attempts to do this but fails because it's actually clearing up the
preCapacity region instead. The fix is simply to account for the preCapacity
when computing the start address of the property slots.
* runtime/Structure.cpp:
(JSC::Structure::flattenDictionaryStructure):
Commit: 6938f1d7371dfd16454cbf4f1d505feae436c38a
https://github.com/WebKit/WebKit/commit/6938f1d7371dfd16454cbf4f1d505feae436c38a
Author: Ryosuke Niwa <rniwa at webkit.org>
Date: 2019-04-08 (Mon, 08 Apr 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/fast/dom/append-child-with-mutation-event-removal-and-circular-insertion-expected.txt
A LayoutTests/fast/dom/append-child-with-mutation-event-removal-and-circular-insertion.html
A LayoutTests/fast/dom/append-child-with-mutation-event-removal-and-circular-shadow-insertion-expected.txt
A LayoutTests/fast/dom/append-child-with-mutation-event-removal-and-circular-shadow-insertion.html
A LayoutTests/fast/dom/append-child-with-mutation-event-removal-and-circular-template-insertion-expected.txt
A LayoutTests/fast/dom/append-child-with-mutation-event-removal-and-circular-template-insertion.html
A LayoutTests/fast/dom/insert-child-with-mutation-event-removal-and-circular-insertion-expected.txt
A LayoutTests/fast/dom/insert-child-with-mutation-event-removal-and-circular-insertion.html
A LayoutTests/fast/dom/insert-child-with-mutation-event-removal-and-circular-shadow-insertion-expected.txt
A LayoutTests/fast/dom/insert-child-with-mutation-event-removal-and-circular-shadow-insertion.html
A LayoutTests/fast/dom/insert-child-with-mutation-event-removal-and-circular-template-insertion-expected.txt
A LayoutTests/fast/dom/insert-child-with-mutation-event-removal-and-circular-template-insertion.html
A LayoutTests/fast/dom/replace-child-with-mutation-event-removal-and-circular-insertion-expected.txt
A LayoutTests/fast/dom/replace-child-with-mutation-event-removal-and-circular-insertion.html
A LayoutTests/fast/dom/replace-child-with-mutation-event-removal-and-circular-shadow-insertion-expected.txt
A LayoutTests/fast/dom/replace-child-with-mutation-event-removal-and-circular-shadow-insertion.html
A LayoutTests/fast/dom/replace-child-with-mutation-event-removal-and-circular-template-insertion-expected.txt
A LayoutTests/fast/dom/replace-child-with-mutation-event-removal-and-circular-template-insertion.html
M Source/WebCore/ChangeLog
M Source/WebCore/dom/ContainerNode.cpp
Log Message:
-----------
Merge r243175 - Reparenting during a mutation event inside appendChild could result in a circular DOM tree
https://bugs.webkit.org/show_bug.cgi?id=192825
Reviewed by Zalan Bujtas.
Source/WebCore:
The bug was caused by appendChildWithoutPreInsertionValidityCheck, insertBefore and replaceChild
checking the circular dependency against newChild instead of targets even though when newChild
is a document fragment, appendChildWithoutPreInsertionValidityCheck inserts the children of
the document fragment. Fixed the bug by checking the circular dependency against each target child.
Also fixed the bug that checkAcceptChildGuaranteedNodeTypes was not considering shadow inclusive
ancestors or template host elements.
Tests: fast/dom/append-child-with-mutation-event-removal-and-circular-insertion.html
fast/dom/append-child-with-mutation-event-removal-and-circular-shadow-insertion.html
fast/dom/append-child-with-mutation-event-removal-and-circular-template-insertion.html
fast/dom/insert-child-with-mutation-event-removal-and-circular-insertion.html
fast/dom/insert-child-with-mutation-event-removal-and-circular-shadow-insertion.html
fast/dom/insert-child-with-mutation-event-removal-and-circular-template-insertion.html
fast/dom/replace-child-with-mutation-event-removal-and-circular-insertion.html
fast/dom/replace-child-with-mutation-event-removal-and-circular-shadow-insertion.html
fast/dom/replace-child-with-mutation-event-removal-and-circular-template-insertion.html
* dom/ContainerNode.cpp:
(WebCore::checkAcceptChildGuaranteedNodeTypes):
(WebCore::ContainerNode::insertBefore):
(WebCore::ContainerNode::replaceChild):
(WebCore::ContainerNode::appendChildWithoutPreInsertionValidityCheck):
LayoutTests:
Added regression tests.
* fast/dom/append-child-with-mutation-event-removal-and-circular-insertion-expected.txt: Added.
* fast/dom/append-child-with-mutation-event-removal-and-circular-insertion.html: Added.
* fast/dom/append-child-with-mutation-event-removal-and-circular-shadow-insertion-expected.txt: Added.
* fast/dom/append-child-with-mutation-event-removal-and-circular-shadow-insertion.html: Added.
* fast/dom/append-child-with-mutation-event-removal-and-circular-template-insertion-expected.txt: Added.
* fast/dom/append-child-with-mutation-event-removal-and-circular-template-insertion.html: Added.
* fast/dom/insert-child-with-mutation-event-removal-and-circular-insertion-expected.txt: Added.
* fast/dom/insert-child-with-mutation-event-removal-and-circular-insertion.html: Added.
* fast/dom/insert-child-with-mutation-event-removal-and-circular-shadow-insertion-expected.txt: Added.
* fast/dom/insert-child-with-mutation-event-removal-and-circular-shadow-insertion.html: Added.
* fast/dom/insert-child-with-mutation-event-removal-and-circular-template-insertion-expected.txt: Added.
* fast/dom/insert-child-with-mutation-event-removal-and-circular-template-insertion.html: Added.
* fast/dom/replace-child-with-mutation-event-removal-and-circular-insertion-expected.txt: Added.
* fast/dom/replace-child-with-mutation-event-removal-and-circular-insertion.html: Added.
* fast/dom/replace-child-with-mutation-event-removal-and-circular-shadow-insertion-expected.txt: Added.
* fast/dom/replace-child-with-mutation-event-removal-and-circular-shadow-insertion.html: Added.
* fast/dom/replace-child-with-mutation-event-removal-and-circular-template-insertion-expected.txt: Added.
* fast/dom/replace-child-with-mutation-event-removal-and-circular-template-insertion.html: Added.
Commit: 53b2fcb285e61ee4d7f9f17924734e431a9fe25a
https://github.com/WebKit/WebKit/commit/53b2fcb285e61ee4d7f9f17924734e431a9fe25a
Author: Ryosuke Niwa <rniwa at webkit.org>
Date: 2019-04-08 (Mon, 08 Apr 2019)
Changed paths:
M LayoutTests/ChangeLog
M LayoutTests/fast/dom/replace-child-with-mutation-event-removal-and-circular-template-insertion-expected.txt
Log Message:
-----------
Merge r243182 - Rebaseline the test after r243175. It got somehow landed with failing expectations.
* fast/dom/replace-child-with-mutation-event-removal-and-circular-template-insertion-expected.txt:
Commit: 4d9444028b4d57200d9aa7fc4d372827bbb67be1
https://github.com/WebKit/WebKit/commit/4d9444028b4d57200d9aa7fc4d372827bbb67be1
Author: Mark Lam <mark.lam at apple.com>
Date: 2019-04-08 (Mon, 08 Apr 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/new_array_with_spread-should-cap-array-size-to-MIN_ARRAY_STORAGE_CONSTRUCTION_LENGTH.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/assembler/AbortReason.h
M Source/JavaScriptCore/dfg/DFGOperations.cpp
M Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp
M Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp
M Source/JavaScriptCore/runtime/ArrayConventions.h
M Source/JavaScriptCore/runtime/CommonSlowPaths.cpp
Log Message:
-----------
Merge r243280 - Cap length of an array with spread to MIN_ARRAY_STORAGE_CONSTRUCTION_LENGTH.
https://bugs.webkit.org/show_bug.cgi?id=196055
<rdar://problem/49067448>
Reviewed by Yusuke Suzuki.
JSTests:
* stress/new_array_with_spread-should-cap-array-size-to-MIN_ARRAY_STORAGE_CONSTRUCTION_LENGTH.js: Added.
Source/JavaScriptCore:
We are doing this because:
1. We expect the array to be densely packed.
2. SpeculativeJIT::compileAllocateNewArrayWithSize() (and the FTL equivalent)
expects the array length to be less than MIN_ARRAY_STORAGE_CONSTRUCTION_LENGTH
if we don't want to use an ArrayStorage shape.
3. There's no reason why an array with spread needs to be that large anyway.
MIN_ARRAY_STORAGE_CONSTRUCTION_LENGTH is plenty.
In this patch, we also add a debug assert in compileAllocateNewArrayWithSize() and
emitAllocateButterfly() to check for overflows.
* assembler/AbortReason.h:
* dfg/DFGOperations.cpp:
* dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileCreateRest):
(JSC::DFG::SpeculativeJIT::compileNewArrayWithSpread):
(JSC::DFG::SpeculativeJIT::emitAllocateButterfly):
(JSC::DFG::SpeculativeJIT::compileAllocateNewArrayWithSize):
* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileNewArrayWithSpread):
* runtime/ArrayConventions.h:
* runtime/CommonSlowPaths.cpp:
(JSC::SLOW_PATH_DECL):
Commit: 2f6f0d045599898d41dfd33a52a1088c0698ff94
https://github.com/WebKit/WebKit/commit/2f6f0d045599898d41dfd33a52a1088c0698ff94
Author: Brent Fulgham <bfulgham at webkit.org>
Date: 2019-04-08 (Mon, 08 Apr 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/WebColorPicker.cpp
M Source/WebKit/UIProcess/WebPageProxy.cpp
Log Message:
-----------
Merge r243291 - Fix possible memory leak when dismissing a color picker
https://bugs.webkit.org/show_bug.cgi?id=196026
<rdar://problem/48778568>
Reviewed by Wenson Hsieh.
Fix a problem with WebPageProxy::endColorPicker where an early return could leave a color picker
with a +1 reference count after dismissing it.
* UIProcess/WebColorPicker.cpp:
(WebKit::WebColorPicker::endPicker):
* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::endColorPicker):
(WebKit::WebPageProxy::didEndColorPicker):
Commit: e888eb7e80ed031790b3267f51afafba1d70ccc2
https://github.com/WebKit/WebKit/commit/e888eb7e80ed031790b3267f51afafba1d70ccc2
Author: Ryosuke Niwa <rniwa at webkit.org>
Date: 2019-04-08 (Mon, 08 Apr 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/fast/dom/insert-template-parent-into-adopted-content-expected.txt
A LayoutTests/fast/dom/insert-template-parent-into-adopted-content.html
M LayoutTests/imported/w3c/ChangeLog
M LayoutTests/imported/w3c/web-platform-tests/html/semantics/scripting-1/the-template-element/template-element/template-content-hierarcy-expected.txt
M Source/WebCore/ChangeLog
M Source/WebCore/dom/ContainerNode.cpp
M Source/WebCore/dom/Node.cpp
M Source/WebCore/dom/Node.h
Log Message:
-----------
Merge r243233 - appendChild should throw when inserting an ancestor of a template into its content adopted to another document
https://bugs.webkit.org/show_bug.cgi?id=195984
Reviewed by Darin Adler.
LayoutTests/imported/w3c:
Rebaselined the test that is not fully passing.
* web-platform-tests/html/semantics/scripting-1/the-template-element/template-element/template-content-hierarcy-expected.txt:
Source/WebCore:
The WPT test caught a bug that appendChild and other DOM insertion functions were incorrectly assuming that
any node that's in a HTML template element has the current document's template document as its owner.
The assumption is wrong when the template element's content DocumentFragment is adopted to another document.
Fixed the bug by always checking the ancestor host elements in checkAcceptChild. Also
Test: fast/dom/insert-template-parent-into-adopted-content.html
* dom/ContainerNode.cpp:
(WebCore::isInTemplateContent): Deleted. This code is simply wrong.
(WebCore::containsConsideringHostElements): Deleted. Call sites are updated to use containsIncludingHostElements.
(WebCore::containsIncludingHostElements): Moved from Node.cpp and optimized this code a bit. It's more efficient
to get the parent node and check for ShadowRoot and DocumentFragment only when the parent is null than to check
for those two node types before getting the parent node.
(WebCore::checkAcceptChild): Merged two code paths to call containsIncludingHostElements. The early return for
a pseudo element is there only to prevent tree corruption in release build even in the presence of a major bug
so it shouldn't be an spec compliance issue.
* dom/Node.cpp:
(WebCore::Node::containsIncludingHostElements const): Deleted.
* dom/Node.h:
LayoutTests:
Added a regression test.
* fast/dom/insert-template-parent-into-adopted-content-expected.txt: Added.
* fast/dom/insert-template-parent-into-adopted-content.html: Added.
Commit: 0959c47e9179a513903415a9837967403648f11a
https://github.com/WebKit/WebKit/commit/0959c47e9179a513903415a9837967403648f11a
Author: Alan Bujtas <zalan at apple.com>
Date: 2019-04-08 (Mon, 08 Apr 2019)
Changed paths:
M LayoutTests/ChangeLog
M LayoutTests/TestExpectations
A LayoutTests/fast/css/first-letter-and-float-crash-expected.txt
A LayoutTests/fast/css/first-letter-and-float-crash.html
M Source/WebCore/ChangeLog
M Source/WebCore/rendering/updating/RenderTreeBuilderFirstLetter.cpp
Log Message:
-----------
Merge r243331 - Do not insert the first-letter anonymous container until after we've constructed the first-letter renderer.
https://bugs.webkit.org/show_bug.cgi?id=195919
<rdar://problem/48573434>
Reviewed by Brent Fulgham.
Source/WebCore:
When the container is injected too early, we might end up removing it as part of the collapsing logic
while the text renderer is being removed (replaced with the first letter + remaining text).
Test: fast/css/first-letter-and-float-crash.html
* rendering/updating/RenderTreeBuilderFirstLetter.cpp:
(WebCore::RenderTreeBuilder::FirstLetter::createRenderers):
LayoutTests:
* fast/css/first-letter-and-float-crash-expected.txt: Added.
* fast/css/first-letter-and-float-crash.html: Added.
* platform/mac/TestExpectations:
Commit: 5552c616585cf53d4f467548c068aff6c2c4dc49
https://github.com/WebKit/WebKit/commit/5552c616585cf53d4f467548c068aff6c2c4dc49
Author: Jer Noble <jer.noble at apple.com>
Date: 2019-04-08 (Mon, 08 Apr 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/html/shadow/MediaControlElements.cpp
Log Message:
-----------
Merge r243341 - Inband Text Track cues interspersed with Data cues can display out of order.
https://bugs.webkit.org/show_bug.cgi?id=196095
Reviewed by Eric Carlson.
The compareCueIntervalForDisplay() comparator depends on a virtual function, isPositionedAbove(TextTrackCue* other),
but this comparison returns inconsistent results for cueA->isPositionedAbove(cueB) and cueB->isPositionedAbove(cueA)
if the two cues are different subclasses of TextTrackCue.
The underlying algorithm should be fixed in a future patch, but for now, remove all non-displaying cues from the array
of activeCues before sorting, rather than after when iterating over the sorted list of activeCues.
* html/shadow/MediaControlElements.cpp:
(WebCore::MediaControlTextTrackContainerElement::updateDisplay):
Commit: 2203518ec194c45a4f31b180907a8b0412240f3b
https://github.com/WebKit/WebKit/commit/2203518ec194c45a4f31b180907a8b0412240f3b
Author: Dean Jackson <dino at apple.com>
Date: 2019-04-08 (Mon, 08 Apr 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/fast/canvas/webgl/vertexAttribPointer-with-bad-offset-expected.txt
A LayoutTests/fast/canvas/webgl/vertexAttribPointer-with-bad-offset.html
M Source/WebCore/ChangeLog
M Source/WebCore/html/canvas/WebGLRenderingContextBase.cpp
Log Message:
-----------
Merge r243506 - vertexAttribPointer must restrict offset parameter
https://bugs.webkit.org/show_bug.cgi?id=196261
<rdar://problem/48458086>
Reviewed by Antoine Quint.
Source/WebCore:
This WebGL function should fail if the offset parameter is
not within [0, max 32-bit int].
Test: fast/canvas/webgl/vertexAttribPointer-with-bad-offset.html
* html/canvas/WebGLRenderingContextBase.cpp:
(WebCore::WebGLRenderingContextBase::vertexAttribPointer):
LayoutTests:
Add a test where the offset parameter is out of bounds.
* fast/canvas/webgl/vertexAttribPointer-with-bad-offset-expected.txt: Added.
* fast/canvas/webgl/vertexAttribPointer-with-bad-offset.html: Added.
Commit: 12dfc063eb855857bb3da1303c93196afb1d073e
https://github.com/WebKit/WebKit/commit/12dfc063eb855857bb3da1303c93196afb1d073e
Author: Carlos Garcia Campos <carlosgc at webkit.org>
Date: 2019-04-08 (Mon, 08 Apr 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/map-b3-licm-infinite-loop.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/b3/testb3.cpp
M Source/WTF/ChangeLog
M Source/WTF/WTF.xcodeproj/project.pbxproj
M Source/WTF/wtf/BackwardsGraph.h
M Source/WTF/wtf/CMakeLists.txt
A Source/WTF/wtf/SpanningTree.h
Log Message:
-----------
BackwardsGraph needs to consider back edges as the backward's root successor
https://bugs.webkit.org/show_bug.cgi?id=195991
Reviewed by Filip Pizlo.
JSTests:
* stress/map-b3-licm-infinite-loop.js: Added.
Source/JavaScriptCore:
* b3/testb3.cpp:
(JSC::B3::testInfiniteLoopDoesntCauseBadHoisting):
(JSC::B3::run):
Source/WTF:
Previously, our backwards graph analysis was slightly wrong. The idea of
backwards graph is that the root of the graph has edges to terminals in
the original graph. And then the original directed edges in the graph are flipped.
However, we weren't considering loops as a form of terminality. For example,
we wouldn't consider an infinite loop as a terminal. So there were no edges
from the root to a node in the infinite loop. This lead us to make mistakes
when we used backwards dominators to compute control flow equivalence.
This is better understood in an example:
```
preheader:
while (1) {
if (!isCell(v))
continue;
load structure ID
if (cond)
continue;
return
}
```
In the previous version of this algorithm, the only edge from the backwards
root would be to the block containing the return. This would lead us to
believe that the loading of the structureID backwards dominates the preheader,
leading us to believe it's control flow equivalent to preheader. This is
obviously wrong, since we can loop forever if "v" isn't a cell.
The solution here is to treat any backedge in the graph as a "terminal" node.
Since a backedge implies the existence of a loop.
In the above example, the backwards root now has an edge to both blocks with
"continue". This prevents us from falsely claiming that the return is control
flow equivalent with the preheader.
This patch uses DFS spanning trees to compute back edges. An edge
u->v is a back edge when u is a descendent of v in the DFS spanning
tree of the Graph.
* WTF.xcodeproj/project.pbxproj:
* wtf/BackwardsGraph.h:
(WTF::BackwardsGraph::BackwardsGraph):
* wtf/SpanningTree.h: Added.
(SpanningTree::SpanningTree):
(SpanningTree::isDescendent):
Commit: 523a2aebd0b2e9363b9d0ad0db9532d96c7b755f
https://github.com/WebKit/WebKit/commit/523a2aebd0b2e9363b9d0ad0db9532d96c7b755f
Author: Ryosuke Niwa <rniwa at webkit.org>
Date: 2019-04-08 (Mon, 08 Apr 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/html/CanvasBase.cpp
M Source/WebCore/html/CanvasBase.h
M Source/WebCore/html/CustomPaintCanvas.cpp
M Source/WebCore/html/CustomPaintCanvas.h
M Source/WebCore/html/HTMLCanvasElement.cpp
M Source/WebCore/html/HTMLCanvasElement.h
M Source/WebCore/html/OffscreenCanvas.cpp
M Source/WebCore/html/OffscreenCanvas.h
Log Message:
-----------
Merge r243820 - Crash in HTMLCanvasElement::createContext2d after the element got adopted to a new document
https://bugs.webkit.org/show_bug.cgi?id=196527
Reviewed by Antti Koivisto.
We need to update CanvasBase::m_scriptExecutionContext when HTMLCanvasElement moves from
one document to another. Fixed the bug by making CanvasBase::scriptExecutionContext make
a virtual function call instead of directly storing a raw pointer. In HTMLCanvasElement,
we use Node::scriptExecutionContext(). Use ContextDestructionObserver in CustomPaintCanvas
and OffscreenCanvas instead of a raw pointer.
Unfortunately, no new tests since there is no reproducible test case.
* html/CanvasBase.cpp:
(WebCore::CanvasBase::CanvasBase):
* html/CanvasBase.h:
(WebCore::CanvasBase::scriptExecutionContext const):
* html/CustomPaintCanvas.cpp:
(WebCore::CustomPaintCanvas::CustomPaintCanvas):
* html/CustomPaintCanvas.h:
* html/HTMLCanvasElement.cpp:
(WebCore::HTMLCanvasElement::HTMLCanvasElement):
* html/HTMLCanvasElement.h:
* html/OffscreenCanvas.cpp:
(WebCore::OffscreenCanvas::OffscreenCanvas):
* html/OffscreenCanvas.h:
Commit: c4010226ff71ead5d5cd2e66554d07535f5e02d8
https://github.com/WebKit/WebKit/commit/c4010226ff71ead5d5cd2e66554d07535f5e02d8
Author: Myles C. Maxfield <mmaxfield at apple.com>
Date: 2019-04-08 (Mon, 08 Apr 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/fast/text/font-face-set-destroy-document-expected.html
A LayoutTests/fast/text/font-face-set-destroy-document.html
M Source/WebCore/ChangeLog
M Source/WebCore/css/CSSFontFace.h
M Source/WebCore/css/CSSFontFaceSet.cpp
M Source/WebCore/css/CSSFontFaceSet.h
M Source/WebCore/css/CSSFontSelector.h
Log Message:
-----------
Merge r243828 - Documents can be destroyed before their CSSFontFaceSet is destroyed
https://bugs.webkit.org/show_bug.cgi?id=195830
Reviewed by Darin Adler.
Source/WebCore:
CSSFontFaceSet has a raw pointer to its owning document. JS can keep the CSSFontFaceSet alive (by using FontFaceSet)
and can destroy the document at any time. When the document is destroyed, the link between the two objects needs to
be severed.
Test: fast/text/font-face-set-destroy-document.html
* css/CSSFontFace.cpp:
(WebCore::CSSFontFace::CSSFontFace):
* css/CSSFontFace.h:
* css/CSSFontFaceSet.cpp:
(WebCore::CSSFontFaceSet::CSSFontFaceSet):
(WebCore::CSSFontFaceSet::ensureLocalFontFacesForFamilyRegistered):
* css/CSSFontFaceSet.h:
* css/CSSFontSelector.cpp:
(WebCore::CSSFontSelector::CSSFontSelector):
(WebCore::CSSFontSelector::addFontFaceRule):
* css/CSSFontSelector.h:
* css/FontFace.cpp:
(WebCore::FontFace::FontFace):
LayoutTests:
* fast/text/font-face-set-destroy-document-expected.html: Added.
* fast/text/font-face-set-destroy-document.html: Added.
Commit: 7efb6fafb22832562c3694146cdb143c04d8c681
https://github.com/WebKit/WebKit/commit/7efb6fafb22832562c3694146cdb143c04d8c681
Author: Carlos Garcia Campos <carlosgc at webkit.org>
Date: 2019-04-09 (Tue, 09 Apr 2019)
Changed paths:
M ChangeLog
M Source/WebKit/ChangeLog
M Source/WebKit/gtk/NEWS
M Source/cmake/OptionsGTK.cmake
Log Message:
-----------
Unreviewed. Update OptionsGTK.cmake and NEWS for 2.24.1 release
.:
* Source/cmake/OptionsGTK.cmake: Bump version numbers.
Source/WebKit:
* gtk/NEWS: Add release notes for 2.24.1.
Commit: b85fa72193503f9047a294babedeb2ac11fc7338
https://github.com/WebKit/WebKit/commit/b85fa72193503f9047a294babedeb2ac11fc7338
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-04-19 (Fri, 19 Apr 2019)
Changed paths:
M Source/WTF/ChangeLog
M Source/WTF/wtf/glib/RunLoopSourcePriority.h
Log Message:
-----------
Merged r244108 - [WPE] Avoid async IO starving timers
https://bugs.webkit.org/show_bug.cgi?id=196733
Reviewed by Carlos Garcia Campos.
If AsyncIONetwork and DiskCacheRead priorities are higher than
MainThreadSharedTimer the timers get starved. This causes the NetworkProcess
to accumulate MB of data instead of handing it down to the WebProcess (done
using a Timer). This eventually causes an Out Of Memory kill on the
NetworkProcess on some embedded platforms with low memory limits.
This patch levels the three priorities to the same value, while still leaving
DiskCacheWrite with less priority than DiskCacheRead.
* wtf/glib/RunLoopSourcePriority.h: Changed RunLoopSourcePriority values for WPE.
Commit: fca5a9d959670de1e568ae1ba5267ed520b9a31c
https://github.com/WebKit/WebKit/commit/fca5a9d959670de1e568ae1ba5267ed520b9a31c
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-04-19 (Fri, 19 Apr 2019)
Changed paths:
M ChangeLog
M Source/WebKit/ChangeLog
M Source/WebKit/wpe/NEWS
M Source/cmake/OptionsWPE.cmake
Log Message:
-----------
Unreviewed. Update OptionsWPE.cmake and NEWS for the 2.24.1 release
build-wpe-releng/..:
* Source/cmake/OptionsWPE.cmake: Bump version numbers.
build-wpe-releng/../Source/WebKit:
* wpe/NEWS: Add release notes for 2.24.1.
Commit: 25c9bc6551bb2f2563f50d83bd8e6f3cc6fb7581
https://github.com/WebKit/WebKit/commit/25c9bc6551bb2f2563f50d83bd8e6f3cc6fb7581
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-05-09 (Thu, 09 May 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/API/gtk/WebKitWebViewBase.cpp
M Source/WebKit/UIProcess/WebPageProxy.h
M Source/WebKit/UIProcess/gtk/WebPageProxyGtk.cpp
Log Message:
-----------
Merge r243861 - [ATK] Embed the AtkSocket as soon as we receive the plug ID
https://bugs.webkit.org/show_bug.cgi?id=196534
Reviewed by Michael Catanzaro.
We are currently storing the ID and waiting for the next time get_accessible is called to embed the socket. We
can simply embed the socket when the plug ID is received.
* UIProcess/API/gtk/WebKitWebViewBase.cpp:
(webkitWebViewBaseGetAccessible):
* UIProcess/WebPageProxy.h:
* UIProcess/gtk/WebPageProxyGtk.cpp:
(WebKit::WebPageProxy::bindAccessibilityTree):
Commit: 4ff3d26b49fb8b56126010cc95c818c2ae9d68ba
https://github.com/WebKit/WebKit/commit/4ff3d26b49fb8b56126010cc95c818c2ae9d68ba
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-05-09 (Thu, 09 May 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/SourcesGTK.txt
M Source/WebKit/WebProcess/WebPage/WebPage.h
A Source/WebKit/WebProcess/WebPage/atk/WebKitWebPageAccessibilityObject.cpp
A Source/WebKit/WebProcess/WebPage/atk/WebKitWebPageAccessibilityObject.h
R Source/WebKit/WebProcess/WebPage/atk/WebPageAccessibilityObject.h
R Source/WebKit/WebProcess/WebPage/atk/WebPageAccessibilityObjectAtk.cpp
M Source/WebKit/WebProcess/WebPage/gtk/WebPageGtk.cpp
M Tools/ChangeLog
M Tools/Scripts/webkitpy/style/checkers/cpp.py
M Tools/Scripts/webkitpy/style/checkers/cpp_unittest.py
Log Message:
-----------
Merge r243863 - [ATK] Cleanup WebPageAccessibilityObjectAtk
https://bugs.webkit.org/show_bug.cgi?id=196537
Reviewed by Michael Catanzaro.
Source/WebKit:
Several changes and cleanups:
- Add WebKit prefix so that style checker doesn't complain about GObject conventions.
- Rename the header to remove the Atk prefix to match the cpp file and class name.
- Use pragma once.
- Use nullptr instead of 0.
- Use WEBKIT_DEFINE_TYPE instead of G_DEFINE_TYPE.
- Return generic AtkObject* from constructor.
* SourcesGTK.txt:
* WebProcess/WebPage/WebPage.h:
* WebProcess/WebPage/atk/WebKitWebPageAccessibilityObject.cpp: Renamed from Source/WebKit/WebProcess/WebPage/atk/WebPageAccessibilityObjectAtk.cpp.
(accessibilityRootObjectWrapper):
(webkitWebPageAccessibilityObjectInitialize):
(webkitWebPageAccessibilityObjectGetIndexInParent):
(webkitWebPageAccessibilityObjectGetNChildren):
(webkitWebPageAccessibilityObjectRefChild):
(webkit_web_page_accessibility_object_class_init):
(webkitWebPageAccessibilityObjectNew):
(webkitWebPageAccessibilityObjectRefresh):
* WebProcess/WebPage/atk/WebKitWebPageAccessibilityObject.h: Added.
* WebProcess/WebPage/atk/WebPageAccessibilityObject.h: Removed.
* WebProcess/WebPage/gtk/WebPageGtk.cpp:
(WebKit::WebPage::platformInitialize):
(WebKit::WebPage::updateAccessibilityTree):
Tools:
Also consider files under atk directories as exceptions for GObject conventions.
* Scripts/webkitpy/style/checkers/cpp.py:
(check_identifier_name_in_declaration):
Commit: ba4aa54ef2b6084e0ffb7792bf33c091344a0feb
https://github.com/WebKit/WebKit/commit/ba4aa54ef2b6084e0ffb7792bf33c091344a0feb
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-05-09 (Thu, 09 May 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/accessibility/atk/AXObjectCacheAtk.cpp
Log Message:
-----------
Merge r243864 - [ATK] Wrong index passed to AtkObject::children-changed::add signal in AXObjectCache::attachWrapper()
https://bugs.webkit.org/show_bug.cgi?id=196538
Reviewed by Michael Catanzaro.
In most of the cases the parent is not found, probably because the child is not a direct descendant of the
parent returned by parentObjectUnignored(). We need to handle the case of find() returning notFound.
* accessibility/atk/AXObjectCacheAtk.cpp:
(WebCore::AXObjectCache::attachWrapper): Use -1 as the index when find() returns notFound.
Commit: a6186fb1662ec9788916e0493b6986825100119c
https://github.com/WebKit/WebKit/commit/a6186fb1662ec9788916e0493b6986825100119c
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-05-09 (Thu, 09 May 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/accessibility/AccessibilityObject.h
M Source/WebCore/accessibility/atk/AXObjectCacheAtk.cpp
M Source/WebCore/accessibility/atk/AccessibilityObjectAtk.cpp
M Source/WebCore/accessibility/atk/WebKitAccessibleInterfaceComponent.cpp
M Source/WebCore/accessibility/atk/WebKitAccessibleInterfaceHypertext.cpp
M Source/WebCore/accessibility/atk/WebKitAccessibleInterfaceSelection.cpp
M Source/WebCore/accessibility/atk/WebKitAccessibleInterfaceTable.cpp
M Source/WebCore/accessibility/atk/WebKitAccessibleInterfaceTableCell.cpp
M Source/WebCore/accessibility/atk/WebKitAccessibleInterfaceText.cpp
M Source/WebCore/accessibility/atk/WebKitAccessibleWrapperAtk.cpp
M Source/WebCore/editing/atk/FrameSelectionAtk.cpp
M Source/WebKit/ChangeLog
M Source/WebKit/WebProcess/WebPage/atk/WebKitWebPageAccessibilityObject.cpp
Log Message:
-----------
Merge r243928 - [ATK] Use a smart pointer for AccessibilityObject wrapper and remove GTK specific code
https://bugs.webkit.org/show_bug.cgi?id=196593
<rdar://problem/49599153>
Reviewed by Michael Catanzaro.
Source/WebCore:
We have specific code for GTK to get/set the wrapper only because we don't use smart pointers. Also use
WebKitAccessible as AccessibilityObjectWrapper instead of generic AtkObject, to enforce wrappers to be
WebKitAccessible instances. This requires a few casts to AtkObject.
* accessibility/AccessibilityObject.h:
(WebCore::AccessibilityObject::setWrapper):
* accessibility/AccessibilityObjectInterface.h:
* accessibility/atk/AXObjectCacheAtk.cpp:
(WebCore::AXObjectCache::detachWrapper):
(WebCore::AXObjectCache::attachWrapper):
(WebCore::notifyChildrenSelectionChange):
(WebCore::AXObjectCache::postPlatformNotification):
(WebCore::AXObjectCache::nodeTextChangePlatformNotification):
(WebCore::AXObjectCache::frameLoadingEventPlatformNotification):
(WebCore::AXObjectCache::platformHandleFocusedUIElementChanged):
* accessibility/atk/AccessibilityObjectAtk.cpp:
* accessibility/atk/WebKitAccessibleInterfaceComponent.cpp:
(webkitAccessibleComponentRefAccessibleAtPoint):
* accessibility/atk/WebKitAccessibleInterfaceHypertext.cpp:
(webkitAccessibleHypertextGetLink):
(webkitAccessibleHypertextGetNLinks):
* accessibility/atk/WebKitAccessibleInterfaceSelection.cpp:
(webkitAccessibleSelectionRefSelection):
* accessibility/atk/WebKitAccessibleInterfaceTable.cpp:
(webkitAccessibleTableRefAt):
(webkitAccessibleTableGetColumnHeader):
(webkitAccessibleTableGetRowHeader):
(webkitAccessibleTableGetCaption):
* accessibility/atk/WebKitAccessibleInterfaceTableCell.cpp:
(convertToGPtrArray):
(webkitAccessibleTableCellGetTable):
* accessibility/atk/WebKitAccessibleInterfaceText.cpp:
(accessibilityObjectLength):
* accessibility/atk/WebKitAccessibleWrapperAtk.cpp:
(setAtkRelationSetFromCoreObject):
(atkParentOfRootObject):
(webkitAccessibleGetParent):
(webkitAccessibleRefChild):
(isTextWithCaret):
* editing/atk/FrameSelectionAtk.cpp:
(WebCore::emitTextSelectionChange):
(WebCore::maybeEmitTextFocusChange):
Source/WebKit:
* WebProcess/WebPage/atk/WebKitWebPageAccessibilityObject.cpp:
(accessibilityRootObjectWrapper): Cast wrapper() as AtkObject.
Commit: faf3d12b2d939867968a0b495fd6dacf1ec93441
https://github.com/WebKit/WebKit/commit/faf3d12b2d939867968a0b495fd6dacf1ec93441
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-05-09 (Thu, 09 May 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/SourcesGTK.txt
M Source/WebCore/accessibility/atk/AXObjectCacheAtk.cpp
A Source/WebCore/accessibility/atk/WebKitAccessible.cpp
A Source/WebCore/accessibility/atk/WebKitAccessible.h
M Source/WebCore/accessibility/atk/WebKitAccessibleHyperlink.cpp
M Source/WebCore/accessibility/atk/WebKitAccessibleInterfaceAction.cpp
M Source/WebCore/accessibility/atk/WebKitAccessibleInterfaceComponent.cpp
M Source/WebCore/accessibility/atk/WebKitAccessibleInterfaceDocument.cpp
M Source/WebCore/accessibility/atk/WebKitAccessibleInterfaceEditableText.cpp
M Source/WebCore/accessibility/atk/WebKitAccessibleInterfaceHypertext.cpp
M Source/WebCore/accessibility/atk/WebKitAccessibleInterfaceImage.cpp
M Source/WebCore/accessibility/atk/WebKitAccessibleInterfaceSelection.cpp
M Source/WebCore/accessibility/atk/WebKitAccessibleInterfaceTable.cpp
M Source/WebCore/accessibility/atk/WebKitAccessibleInterfaceTableCell.cpp
M Source/WebCore/accessibility/atk/WebKitAccessibleInterfaceText.cpp
M Source/WebCore/accessibility/atk/WebKitAccessibleInterfaceValue.cpp
M Source/WebCore/accessibility/atk/WebKitAccessibleUtil.cpp
M Source/WebCore/accessibility/atk/WebKitAccessibleUtil.h
R Source/WebCore/accessibility/atk/WebKitAccessibleWrapperAtk.cpp
R Source/WebCore/accessibility/atk/WebKitAccessibleWrapperAtk.h
M Source/WebCore/editing/atk/FrameSelectionAtk.cpp
Log Message:
-----------
Merge r243970 - [ATK] Cleanup accessible wrapper base class
https://bugs.webkit.org/show_bug.cgi?id=196601
Reviewed by Mario Sanchez Prada.
Cleanups:
- Rename WebKitAccessibleWrapperAtk cpp and header as WebKitAccessible for consistency with the class name.
- Use WEBKIT_DEFINE_TYPE instead of custom type registration. This ensures that all CStrings used in private
struct are no longer leaked.
- Move core object pointer to the private struct.
- Remove confusing core() function and simply get the core object from the private struct.
- Use nullptr instead of 0 and other coding style issues.
- Rename cacheAndReturnAtkProperty as webkitAccessibleCacheAndReturnAtkProperty and use WebKitAccessible as
instance parameter.
- Make webkitAccessibleGetAccessibilityObject() return a reference, since we use a fallback object on detach it
never returns nullptr.
- Move objectFocusedAndCaretOffsetUnignored() to WebKitAccessibleUtil.
* SourcesGTK.txt:
* accessibility/atk/AXObjectCacheAtk.cpp:
* accessibility/atk/WebKitAccessible.cpp: Renamed from Source/WebCore/accessibility/atk/WebKitAccessibleWrapperAtk.cpp.
(webkitAccessibleGetName):
(webkitAccessibleGetDescription):
(setAtkRelationSetFromCoreObject):
(isRootObject):
(webkitAccessibleGetParent):
(webkitAccessibleGetNChildren):
(webkitAccessibleRefChild):
(webkitAccessibleGetIndexInParent):
(webkitAccessibleGetAttributes):
(atkRole):
(webkitAccessibleGetRole):
(webkitAccessibleRefStateSet):
(webkitAccessibleRefRelationSet):
(webkitAccessibleInit):
(webkitAccessibleGetObjectLocale):
(webkit_accessible_class_init):
(interfaceMaskFromObject):
(uniqueAccessibilityTypeName):
(accessibilityTypeFromObject):
(webkitAccessibleNew):
(webkitAccessibleGetAccessibilityObject):
(webkitAccessibleDetach):
(webkitAccessibleIsDetached):
(webkitAccessibleCacheAndReturnAtkProperty):
* accessibility/atk/WebKitAccessible.h: Renamed from Source/WebCore/accessibility/atk/WebKitAccessibleWrapperAtk.h.
* accessibility/atk/WebKitAccessibleHyperlink.cpp:
(core):
* accessibility/atk/WebKitAccessibleInterfaceAction.cpp:
(core):
(webkitAccessibleActionGetKeybinding):
(webkitAccessibleActionGetName):
* accessibility/atk/WebKitAccessibleInterfaceComponent.cpp:
(core):
* accessibility/atk/WebKitAccessibleInterfaceDocument.cpp:
(core):
(documentAttributeValue):
* accessibility/atk/WebKitAccessibleInterfaceEditableText.cpp:
(core):
* accessibility/atk/WebKitAccessibleInterfaceHypertext.cpp:
(core):
* accessibility/atk/WebKitAccessibleInterfaceImage.cpp:
(core):
(webkitAccessibleImageGetImageDescription):
* accessibility/atk/WebKitAccessibleInterfaceSelection.cpp:
(core):
* accessibility/atk/WebKitAccessibleInterfaceTable.cpp:
(core):
* accessibility/atk/WebKitAccessibleInterfaceTableCell.cpp:
(core):
* accessibility/atk/WebKitAccessibleInterfaceText.cpp:
(core):
* accessibility/atk/WebKitAccessibleInterfaceValue.cpp:
(core):
* accessibility/atk/WebKitAccessibleUtil.cpp:
(objectFocusedAndCaretOffsetUnignored):
* accessibility/atk/WebKitAccessibleUtil.h:
* editing/atk/FrameSelectionAtk.cpp:
Commit: 595d5a1500382e291971cc819072c8d46380ed6e
https://github.com/WebKit/WebKit/commit/595d5a1500382e291971cc819072c8d46380ed6e
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-05-09 (Thu, 09 May 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/accessibility/atk/WebKitAccessibleHyperlink.cpp
M Source/WebCore/accessibility/atk/WebKitAccessibleHyperlink.h
M Source/WebCore/accessibility/atk/WebKitAccessibleInterfaceHyperlinkImpl.cpp
Log Message:
-----------
Merge r244072 - [ATK] Cleanup WebKitAccessibleHyperlink
https://bugs.webkit.org/show_bug.cgi?id=196602
Reviewed by Michael Catanzaro.
Cleanups:
- Rename webkitAccessibleHyperlinkNew() as webkitAccessibleHyperlinkGetOrCreate() and move the code to get/set
the object data here.
- Use WEBKIT_DEFINE_TYPE instead of custom type registration. This ensures that all CStrings used in private
struct are no longer leaked.
- Remove all confusing core() functions and simply use webkitAccessibleGetAccessibilityObject().
- Use nullptr instead of 0 and other coding style issues.
* accessibility/atk/WebKitAccessibleHyperlink.cpp:
(webkitAccessibleHyperlinkActionDoAction):
(webkitAccessibleHyperlinkActionGetNActions):
(webkitAccessibleHyperlinkActionGetDescription):
(webkitAccessibleHyperlinkActionGetKeybinding):
(webkitAccessibleHyperlinkActionGetName):
(atk_action_interface_init):
(webkitAccessibleHyperlinkGetURI):
(webkitAccessibleHyperlinkGetObject):
(rangeLengthForObject):
(webkitAccessibleHyperlinkGetStartIndex):
(webkitAccessibleHyperlinkGetEndIndex):
(webkitAccessibleHyperlinkIsValid):
(webkitAccessibleHyperlinkGetNAnchors):
(webkitAccessibleHyperlinkIsSelectedLink):
(webkitAccessibleHyperlinkGetProperty):
(webkitAccessibleHyperlinkSetProperty):
(webkit_accessible_hyperlink_class_init):
(webkitAccessibleHyperlinkGetOrCreate):
(core): Deleted.
(atkActionInterfaceInit): Deleted.
(getRangeLengthForObject): Deleted.
(webkitAccessibleHyperlinkFinalize): Deleted.
(webkitAccessibleHyperlinkClassInit): Deleted.
(webkitAccessibleHyperlinkInit): Deleted.
(webkitAccessibleHyperlinkGetType): Deleted.
(webkitAccessibleHyperlinkNew): Deleted.
(webkitAccessibleHyperlinkGetAccessibilityObject): Deleted.
* accessibility/atk/WebKitAccessibleHyperlink.h:
* accessibility/atk/WebKitAccessibleInterfaceHyperlinkImpl.cpp:
(webkitAccessibleHyperlinkImplGetHyperlink):
(webkitAccessibleHyperlinkImplInterfaceInit):
Commit: b44b959d9629287b2b848c5cd7dd463b3e6c0c43
https://github.com/WebKit/WebKit/commit/b44b959d9629287b2b848c5cd7dd463b3e6c0c43
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-05-09 (Thu, 09 May 2019)
Changed paths:
M LayoutTests/ChangeLog
M LayoutTests/accessibility/insert-children-assert.html
M LayoutTests/platform/gtk/TestExpectations
M Source/WebCore/ChangeLog
M Source/WebCore/accessibility/AccessibilityRenderObject.cpp
Log Message:
-----------
Merge r244105 - [ATK] Test accessibility/insert-children-assert.html is crashing since added in r216980
https://bugs.webkit.org/show_bug.cgi?id=172281
<rdar://problem/37030990>
Reviewed by Joanmarie Diggs.
Source/WebCore:
The crash happens because at some point the test tries to get the anonymous block text, getting the RenderText as
first child and RenderFullScreen as last child and the latter doesn't have a node. This is because in atk we do
things differently, we don't include the static text elements individually, but parent element uses
textUnderElement() to get all the pieces together. We can just turn the asserts into actual nullptr checks.
Fixes: accessibility/insert-children-assert.html
* accessibility/AccessibilityRenderObject.cpp:
(WebCore::AccessibilityRenderObject::textUnderElement const):
LayoutTests:
Update the test to expect the whole content text on atk and remove the test expectations.
* accessibility/insert-children-assert.html:
* platform/gtk/TestExpectations:
Commit: 29b9364174240e5317b9a46af0e4ae553038243c
https://github.com/WebKit/WebKit/commit/29b9364174240e5317b9a46af0e4ae553038243c
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-05-09 (Thu, 09 May 2019)
Changed paths:
M LayoutTests/ChangeLog
M LayoutTests/platform/gtk/TestExpectations
M Source/WebCore/ChangeLog
M Source/WebCore/accessibility/AXObjectCache.cpp
M Source/WebCore/accessibility/AXObjectCache.h
M Source/WebCore/accessibility/atk/AXObjectCacheAtk.cpp
M Source/WebCore/accessibility/ios/AXObjectCacheIOS.mm
M Source/WebCore/accessibility/mac/AXObjectCacheMac.mm
M Source/WebCore/accessibility/win/AXObjectCacheWin.cpp
M Source/WebCore/accessibility/wpe/AXObjectCacheWPE.cpp
Log Message:
-----------
Merge r244107 - [ATK] Defer the emision of AtkObject::children-changed signal after layout is done
https://bugs.webkit.org/show_bug.cgi?id=187948
Reviewed by Michael Catanzaro.
Source/WebCore:
The signal AtkObject::children-changed is emitted from AXObjectCache::attachWrapper() and
AXObjectCache::detachWrapper(). Both can be called in the middle of a layout, so we need to defer the emission
of the signal after the layout is done, to avoid other atk entry points from being called at that point, since
most of them update the backing store at the beginning.
Fixes: accessibility/children-changed-sends-notification.html
* accessibility/AXObjectCache.cpp:
(WebCore::AXObjectCache::performDeferredCacheUpdate): Call platformPerformDeferredCacheUpdate().
* accessibility/AXObjectCache.h:
* accessibility/atk/AXObjectCacheAtk.cpp:
(WebCore::wrapperParent): Helper to get the AtkObject parent of a given WebKitAccessible.
(WebCore::AXObjectCache::detachWrapper): Add wrapper to m_deferredDetachedWrapperList.
(WebCore::AXObjectCache::attachWrapper): Add object to m_deferredAttachedWrapperObjectList.
(WebCore::AXObjectCache::platformPerformDeferredCacheUpdate): Emit AtkObject::children-changed::add for objects
in m_deferredAttachedWrapperObjectList and AtkObject::children-changed::remove for wrappers in m_deferredDetachedWrapperList.
* accessibility/ios/AXObjectCacheIOS.mm:
(WebCore::AXObjectCache::platformPerformDeferredCacheUpdate):
* accessibility/mac/AXObjectCacheMac.mm:
(WebCore::AXObjectCache::platformPerformDeferredCacheUpdate):
* accessibility/win/AXObjectCacheWin.cpp:
(WebCore::AXObjectCache::platformPerformDeferredCacheUpdate):
* accessibility/wpe/AXObjectCacheWPE.cpp:
(WebCore::AXObjectCache::platformPerformDeferredCacheUpdate):
LayoutTests:
Remove expectations of accessibility/children-changed-sends-notification.html that passes now.
* platform/gtk/TestExpectations:
Commit: ff182129b015add1e7b104b9987b9650d6a252c1
https://github.com/WebKit/WebKit/commit/ff182129b015add1e7b104b9987b9650d6a252c1
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-05-09 (Thu, 09 May 2019)
Changed paths:
M LayoutTests/ChangeLog
M LayoutTests/accessibility/aria-hidden-false-works-in-subtrees.html
M LayoutTests/platform/gtk/TestExpectations
M LayoutTests/platform/gtk/accessibility/aria-hidden-false-works-in-subtrees-expected.txt
M Source/WebCore/ChangeLog
M Source/WebCore/accessibility/AccessibilityNodeObject.cpp
M Source/WebCore/accessibility/atk/WebKitAccessible.cpp
Log Message:
-----------
Merge r244187 - [GTK] Layout test accessibility/aria-hidden-false-works-in-subtrees.html fails after r184890
https://bugs.webkit.org/show_bug.cgi?id=146718
<rdar://problem/21722487>
Reviewed by Joanmarie Diggs.
Source/WebCore:
Allow to get the text under element for nodes hidden in DOM but explicitly exposed to accessibility with
aria-hidden="false".
Fixes: accessibility/aria-hidden-false-works-in-subtrees.html
* accessibility/AccessibilityNodeObject.cpp:
(WebCore::AccessibilityNodeObject::textUnderElement const):
* accessibility/atk/WebKitAccessible.cpp:
(roleIsTextType): Also consider ApplicationGroup role as text elements, so that <div>text</div> is equivalent to
<div role="roup">test</div>.
LayoutTests:
Update test to ATK behavior, rebaseline it and remove the expectations.
* accessibility/aria-hidden-false-works-in-subtrees.html:
* platform/gtk/TestExpectations:
* platform/gtk/accessibility/aria-hidden-false-works-in-subtrees-expected.txt:
Commit: b0080f46169b54ce7219f31f6f5d92fd27d5a5f9
https://github.com/WebKit/WebKit/commit/b0080f46169b54ce7219f31f6f5d92fd27d5a5f9
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-05-09 (Thu, 09 May 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp
M Source/WebKit/WebProcess/WebPage/WebPage.h
M Source/WebKit/WebProcess/WebPage/atk/WebKitWebPageAccessibilityObject.cpp
M Source/WebKit/WebProcess/WebPage/atk/WebKitWebPageAccessibilityObject.h
M Source/WebKit/WebProcess/WebPage/gtk/WebPageGtk.cpp
M Tools/ChangeLog
M Tools/TestWebKitAPI/Tests/WebKitGtk/AccessibilityTestServer.cpp
M Tools/TestWebKitAPI/Tests/WebKitGtk/TestWebKitAccessibility.cpp
Log Message:
-----------
Merge r244212 - [GTK] REGRESSION(r243860): Many tests failing
https://bugs.webkit.org/show_bug.cgi?id=196791
Reviewed by Joanmarie Diggs.
Source/WebKit:
Calling updateAccessibilityTree() on document loaded was causing a re-layout because of the backing store update
that confused all those tests. We shouldn't need to update the accessibility tree on document load, it should
happen automatically when root object is attached/detached. This patch emits children-changed::add when the root
object wrapper is attached and children-changed::remove when the root object is detached. That way ATs are
notified of the changes in the accessibility tree.
* WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:
(WebKit::WebFrameLoaderClient::dispatchDidFinishDocumentLoad): Remove call to WebPage::updateAccessibilityTree().
* WebProcess/WebPage/WebPage.h: Remove updateAccessibilityTree().
* WebProcess/WebPage/atk/WebKitWebPageAccessibilityObject.cpp:
(coreRootObjectWrapperDetachedCallback): Emit children-changed::remove.
(rootWebAreaWrapper): Helper to get the root WebArea wrapper.
(accessibilityRootObjectWrapper): Set the parent here when root object is created and emit children-changed::add.
(webkitWebPageAccessibilityObjectRefChild): Dot no set the parent here, it's now set when the root object is created.
* WebProcess/WebPage/atk/WebKitWebPageAccessibilityObject.h: Remove webkitWebPageAccessibilityObjectRefresh().
* WebProcess/WebPage/gtk/WebPageGtk.cpp:
Tools:
Rework the accessibility unit test to use DBus for the communication with the server. This way we can load
multiple documents and check that accessibility hierarchy is updated after a navigation.
* TestWebKitAPI/Tests/WebKitGtk/AccessibilityTestServer.cpp:
(loadChangedCallback):
* TestWebKitAPI/Tests/WebKitGtk/TestWebKitAccessibility.cpp:
(AccessibilityTest::AccessibilityTest):
(AccessibilityTest::~AccessibilityTest):
(AccessibilityTest::loadHTMLAndWaitUntilFinished):
(AccessibilityTest::findTestServerApplication):
(AccessibilityTest::findDocumentWeb):
(AccessibilityTest::findRootObject):
(AccessibilityTest::waitUntilChildrenRemoved):
(AccessibilityTest::ensureProxy):
(testAtspiBasicHierarchy):
(beforeAll):
(afterAll):
LayoutTests:
Remove expectations for tests that pass now.
* platform/gtk/TestExpectations:
Commit: e17a9e0d98b164fe7e39329f51bd3b6f9d13831c
https://github.com/WebKit/WebKit/commit/e17a9e0d98b164fe7e39329f51bd3b6f9d13831c
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-05-09 (Thu, 09 May 2019)
Changed paths:
M LayoutTests/ChangeLog
M LayoutTests/platform/gtk/TestExpectations
M Source/WebCore/ChangeLog
M Source/WebCore/accessibility/atk/WebKitAccessible.cpp
M Tools/ChangeLog
M Tools/WebKitTestRunner/InjectedBundle/atk/AccessibilityUIElementAtk.cpp
Log Message:
-----------
Merge r244498 - REGRESSION(r241289): [GTK] accessibility/removed-continuation-element-causes-crash.html and accessibility/removed-anonymous-block-child-causes-crash.html crashes
https://bugs.webkit.org/show_bug.cgi?id=194630
Reviewed by Michael Catanzaro.
Source/WebCore:
Do not assume core object always has a wrapper in webkitAccessibleRefChild().
Fixes: accessibility/removed-continuation-element-causes-crash.html
accessibility/removed-anonymous-block-child-causes-crash.html
* accessibility/atk/WebKitAccessible.cpp:
(webkitAccessibleRefChild): Return early if wrapper is nullptr.
Tools:
Return early from getAttributeSet() is passed in accessible is nullptr.
* WebKitTestRunner/InjectedBundle/atk/AccessibilityUIElementAtk.cpp:
LayoutTests:
Remove expectations for tests that are passing now.
* platform/gtk/TestExpectations:
Commit: 337939a39140ef6683b83ce5725efb1011e77411
https://github.com/WebKit/WebKit/commit/337939a39140ef6683b83ce5725efb1011e77411
Author: Álvaro Torralba <donfrutosgomez at gmail.com>
Date: 2019-05-09 (Thu, 09 May 2019)
Changed paths:
M Source/WebCore/platform/gtk/po/ChangeLog
M Source/WebCore/platform/gtk/po/es.po
Log Message:
-----------
Merge r244189 - Updated Spanish translation
https://bugs.webkit.org/show_bug.cgi?id=196810
Patch by Álvaro Torralba <donfrutosgomez at gmail.com> on 2019-04-11
Rubber-stamped by Michael Catanzaro.
* es.po:
Commit: c06529b6a80eeefac40c89d307ae1ec86342035e
https://github.com/WebKit/WebKit/commit/c06529b6a80eeefac40c89d307ae1ec86342035e
Author: scootergrisen <scootergrisen at gmail.com>
Date: 2019-05-09 (Thu, 09 May 2019)
Changed paths:
M Source/WebCore/platform/gtk/po/ChangeLog
A Source/WebCore/platform/gtk/po/da.po
Log Message:
-----------
Merge r244734 - Add Danish translation
https://bugs.webkit.org/show_bug.cgi?id=194850
Patch by scootergrisen <scootergrisen at gmail.com> on 2019-04-29
Rubber-stamped by Michael Catanzaro.
* da.po: Added.
Commit: 80266315d18fa04090d7a21a2e8c0f7d2f98f940
https://github.com/WebKit/WebKit/commit/80266315d18fa04090d7a21a2e8c0f7d2f98f940
Author: Yuri Chornoivan <yurchor at ukr.net>
Date: 2019-05-09 (Thu, 09 May 2019)
Changed paths:
M Source/WebCore/platform/gtk/po/ChangeLog
M Source/WebCore/platform/gtk/po/uk.po
Log Message:
-----------
Merge r244735 - [GTK] [l10n] Updated Ukrainian translation of WebKitGTK+
https://bugs.webkit.org/show_bug.cgi?id=197364
Patch by Yuri Chornoivan <yurchor at ukr.net> on 2019-04-29
Rubber-stamped by Michael Catanzaro.
* uk.po:
Commit: f864a05d7654592909c15da8e3cf68ae525511cb
https://github.com/WebKit/WebKit/commit/f864a05d7654592909c15da8e3cf68ae525511cb
Author: Álvaro Torralba <donfrutosgomez at gmail.com>
Date: 2019-05-09 (Thu, 09 May 2019)
Changed paths:
M Source/WebCore/platform/gtk/po/ChangeLog
M Source/WebCore/platform/gtk/po/es.po
Log Message:
-----------
Merge r244805 - Update Spanish Translation
https://bugs.webkit.org/show_bug.cgi?id=197407
Patch by Álvaro Torralba <donfrutosgomez at gmail.com> on 2019-04-30
Rubber-stamped by Michael Catanzaro.
* es.po:
Commit: a1003e6fdfd1c02f804877ba021d2a9b961afa86
https://github.com/WebKit/WebKit/commit/a1003e6fdfd1c02f804877ba021d2a9b961afa86
Author: Alexander Mikhaylenko <alexm at gnome.org>
Date: 2019-05-09 (Thu, 09 May 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/gtk/ViewGestureControllerGtk.cpp
Log Message:
-----------
Merge r244649 - [GTK] Back/Forward gesture interferes with scrolling
https://bugs.webkit.org/show_bug.cgi?id=197168
Patch by Alexander Mikhaylenko <exalm7659 at gmail.com> on 2019-04-25
Reviewed by Michael Catanzaro.
When the gesture is released with 0 velocity close to an edge of the webview,
the finishing animation is way too long, and in some cases it can look like the
gesture is already over, when it's still animating. By scrolling vertically while
that happens, it's possible to reset animation over and over again.
To reduce the duration in this case, instead of using maximum possible duration
(400ms), introduce a base velocity and use it for calculating the duration if
the actual velocity, relative to the end point, is equal to or less than 0.
* UIProcess/gtk/ViewGestureControllerGtk.cpp:
(WebKit::ViewGestureController::SwipeProgressTracker::startAnimation):
Commit: 9f18153a7a3ec48884a0d60ad941abaddc700bc6
https://github.com/WebKit/WebKit/commit/9f18153a7a3ec48884a0d60ad941abaddc700bc6
Author: Tomoki Imai <Tomoki.Imai at sony.com>
Date: 2019-05-09 (Thu, 09 May 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/ShadowBlur.cpp
M Source/WebCore/platform/graphics/ShadowBlur.h
M Source/WebCore/platform/graphics/cairo/CairoOperations.cpp
Log Message:
-----------
Merge r244913 - [Cairo] Improve ShadowBlur performance using tiling optimization
https://bugs.webkit.org/show_bug.cgi?id=197308
Patch by Tomoki Imai <Tomoki.Imai at sony.com> on 2019-05-03
Reviewed by Žan Doberšek.
Enable tiling tiling-based optimization for drawRectShadow() and drawInsetShadow().
Since r228776, cairo ports doesn't have tiling-based optimization.
For AppleWin, this patch refactors code and it shares almost same code as cairo port.
Only the difference is that AppleWin uses ScratchBuffer, but cairo ports doesn't.
This should avoid a performance regression for AppleWin.
No new tests, covered by existing tests.
* platform/graphics/ShadowBlur.cpp:
(WebCore::calculateLobes):
Fix stylecheck errors
(WebCore::ShadowBlur::blurLayerImage):
Fix stylecheck errors
(WebCore::ShadowBlur::calculateLayerBoundingRect):
We don't use position of m_sourceRect, so change the type to FloatSize.
(WebCore::ShadowBlur::drawShadowBuffer):
Use m_layerSize instead of m_shadowedResultSize to fillRect, as m_layerSize is always smaller than m_shadowedResultSize.
It's because in m_layerSize is equal to m_shadowedResultSize if it's not clipped.
Clipping doesn't increase size of m_layerSize, so m_layerSize is always smaller than or equal to m_shadowedResultSize.
(WebCore::ShadowBlur::templateSize const):
Fix stylecheck errors
(WebCore::ShadowBlur::drawRectShadow):
(WebCore::ShadowBlur::drawInsetShadow):
(WebCore::ShadowBlur::drawRectShadowWithoutTiling):
(WebCore::ShadowBlur::drawInsetShadowWithoutTiling):
(WebCore::ShadowBlur::drawRectShadowWithTiling):
(WebCore::ShadowBlur::drawInsetShadowWithTiling):
Incorporate tile-based drawing.
To accomplish it, this patch abstracts GraphicsContext::drawImageBuffer to ShadowBlur::DrawImageCallback,
GraphicsContext::fillRect to ShadowBlur::FillRectCallback, drawing rect with hole to ShadowBlur::FillRectWithHoleCallback.
Variants which takes GraphicsContext as parameter now just calls another drawRectShadow.
(WebCore::ShadowBlur::drawLayerPieces):
Instead of graphicsContext.drawImageBuffer, call corresponding callback.
(WebCore::ShadowBlur::drawLayerPiecesAndFillCenter):
This function calls drawLayerPieces and fill center for outer shadow.
Drawing outer shadow requires another callback for graphicsContext.fillRect.
(WebCore::ShadowBlur::drawShadowLayer):
Use m_layerSize instead of m_shadowedResultSize to fillRect,
as m_layerSize is always smaller than m_shadowedResultSize.
* platform/graphics/ShadowBlur.h:
Rename m_sourceRect to m_shadowedResultSize, and change it to FloatSize from FloatRect.
Remove GraphicsContext usage as much as possible and replace them by corresponding callbacks.
* platform/graphics/cairo/CairoOperations.cpp:
(WebCore::Cairo::drawShadowImage):
This function corresponds to ShadowBlur::DrawImageCallback.
(WebCore::Cairo::fillShadowBuffer):
Erase sourceRect, as it's always bigger than layerSize.
(WebCore::Cairo::drawPathShadow):
(WebCore::Cairo::drawGlyphsShadow):
Erase unused parameter.
(WebCore::Cairo::fillRect):
(WebCore::Cairo::fillRoundedRect):
(WebCore::Cairo::fillRectWithRoundedHole):
For tile-based optimization, add extra arguments to drawRectShadow.
(WebCore::Cairo::drawSurface):
Erase unused parameter.
Commit: 9b80b0db30ffd8ce066aa935663fb94fed2ba3d5
https://github.com/WebKit/WebKit/commit/9b80b0db30ffd8ce066aa935663fb94fed2ba3d5
Author: Alexander Mikhaylenko <alexm at gnome.org>
Date: 2019-05-09 (Thu, 09 May 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/gtk/GestureController.cpp
Log Message:
-----------
Merge r245055 - [GTK] Pinch Zooming has no maximum
https://bugs.webkit.org/show_bug.cgi?id=194865
Patch by Alexander Mikhaylenko <exalm7659 at gmail.com> on 2019-05-08
Reviewed by Michael Catanzaro.
Set maximum zoom to 3.0, reflecting the value on macOS and iOS.
* UIProcess/gtk/GestureController.cpp:
(WebKit::GestureController::ZoomGesture::scaleChanged):
Commit: 1e190570f5623418c5f8b65b9730af9a40bac661
https://github.com/WebKit/WebKit/commit/1e190570f5623418c5f8b65b9730af9a40bac661
Author: Philippe Normand <pnormand at igalia.com>
Date: 2019-05-09 (Thu, 09 May 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h
M Source/WebCore/platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp
M Source/WebCore/platform/graphics/gstreamer/WebKitWebSourceGStreamer.h
Log Message:
-----------
Merge r244109 - [GStreamer] Adaptive streaming playback broken with GStreamer < 1.12
https://bugs.webkit.org/show_bug.cgi?id=196765
Reviewed by Xabier Rodriguez-Calvar.
Without the following patch in gst-plugins-bad, the uridownloader
doesn't relay need-context messages to its parent, so in our case
the player can't share its context with secondary webkitwebsrc
elements and a RELEASE_ASSERT is hit in the WebProcess.
So the workaround is to use again webkit+ protocol prefixes for
GStreamer versions older than 1.12.
https://gitlab.freedesktop.org/gstreamer/gst-plugins-bad/commit/8cf858fb27919e1d631223375f81b98055623733
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
(WebCore::convertToInternalProtocol):
(WebCore::MediaPlayerPrivateGStreamer::setPlaybinURL):
(WebCore::MediaPlayerPrivateGStreamer::loadFull):
(WebCore::MediaPlayerPrivateGStreamer::handleMessage):
(WebCore::MediaPlayerPrivateGStreamer::wouldTaintOrigin const):
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
* platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
(webKitWebSrcStart):
(webKitWebSrcGetProtocols):
(convertPlaybinURI):
(webKitWebSrcSetUri):
(CachedResourceStreamingClient::responseReceived):
(webKitSrcWouldTaintOrigin):
* platform/graphics/gstreamer/WebKitWebSourceGStreamer.h:
Commit: ecb715df18fdae9595f7703f2554818f6d633ae0
https://github.com/WebKit/WebKit/commit/ecb715df18fdae9595f7703f2554818f6d633ae0
Author: Philippe Normand <pnormand at igalia.com>
Date: 2019-05-09 (Thu, 09 May 2019)
Changed paths:
M LayoutTests/ChangeLog
M LayoutTests/platform/gtk/TestExpectations
A LayoutTests/platform/gtk/imported/w3c/web-platform-tests/html/semantics/embedded-content/media-elements/mime-types/canPlayType-expected.txt
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/gstreamer/GStreamerRegistryScanner.cpp
Log Message:
-----------
Merge r244111 - there is no vp8 support in youtube.com/html5 page with libwebkit2gtk 2.24 (MSE enabled)
https://bugs.webkit.org/show_bug.cgi?id=196615
Reviewed by Xabier Rodriguez-Calvar.
Source/WebCore:
Add vp8.0 and vp9.0 in supported mime-types if the corresponding video decoders are found.
No new tests, existing web-platform-tests cover this change.
* platform/graphics/gstreamer/GStreamerRegistryScanner.cpp:
(WebCore::GStreamerRegistryScanner::initialize):
LayoutTests:
Update WPE baselines and add/unskip the
imported/w3c/web-platform-tests/html/semantics/embedded-content/media-elements/mime-types/canPlayType.html test in GTK.
* platform/gtk/TestExpectations:
* platform/gtk/imported/w3c/web-platform-tests/html/semantics/embedded-content/media-elements/mime-types/canPlayType-expected.txt: Copied from LayoutTests/platform/wpe/imported/w3c/web-platform-tests/html/semantics/embedded-content/media-elements/mime-types/canPlayType-expected.txt.
* platform/wpe/imported/w3c/web-platform-tests/html/semantics/embedded-content/media-elements/mime-types/canPlayType-expected.txt:
Commit: e9f09b0e0427886b92b93d40c5e3781d6963894a
https://github.com/WebKit/WebKit/commit/e9f09b0e0427886b92b93d40c5e3781d6963894a
Author: Philippe Normand <pnormand at igalia.com>
Date: 2019-05-09 (Thu, 09 May 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/gstreamer/GStreamerCommon.cpp
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h
Log Message:
-----------
Merge r244584 - [GStreamer] Crash in AudioTrackPrivate with playbin3 enabled
https://bugs.webkit.org/show_bug.cgi?id=196913
Reviewed by Xabier Rodriguez-Calvar.
The crash was due to a playbin3 code path being triggered during
MSE playback, which is not supposed to work in playbin3 anyway.
The problem is that setting the USE_PLAYBIN3 environment variable
to "1" makes the GStreamer playback plugin register the playbin3
element under the playbin name. So that leads to playbin3 being
used everywhere in WebKit where we assume the playbin element is
used. So the proposed solution is to:
- use a WebKit-specific environment variable instead of the
GStreamer USE_PLAYBIN3 variable.
- emit a warning if the USE_PLAYBIN3 environment variable is
detected. We can't unset it ourselves for security reasons.
The patch also includes a code cleanup of the player method
handling the pipeline creation. The previous code had a bug
leading to playbin3 being used for MSE.
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
(WebCore::MediaPlayerPrivateGStreamer::createGSTPlayBin):
Commit: b6c873e5baf2f3477def3fd6b5568c7b79ec3a71
https://github.com/WebKit/WebKit/commit/b6c873e5baf2f3477def3fd6b5568c7b79ec3a71
Author: Philippe Normand <pnormand at igalia.com>
Date: 2019-05-09 (Thu, 09 May 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h
Log Message:
-----------
Merge r243644 - [GStreamer] imxvpudecoder detection and handling
https://bugs.webkit.org/show_bug.cgi?id=196346
Reviewed by Xabier Rodriguez-Calvar.
When the imxvpudecoder is used, the texture sampling of the
directviv-uploaded texture returns an RGB value, so there's no need
to convert it. This patch also includes a refactoring of the
ImageRotation flag handling. The flag is now computed once only
and stored in an instance variable.
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
(WebCore::MediaPlayerPrivateGStreamer::createGSTPlayBin):
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
(WebCore::GstVideoFrameHolder::GstVideoFrameHolder):
(WebCore::MediaPlayerPrivateGStreamerBase::~MediaPlayerPrivateGStreamerBase):
(WebCore::MediaPlayerPrivateGStreamerBase::pushTextureToCompositor):
(WebCore::MediaPlayerPrivateGStreamerBase::flushCurrentBuffer):
(WebCore::MediaPlayerPrivateGStreamerBase::copyVideoTextureToPlatformTexture):
(WebCore::MediaPlayerPrivateGStreamerBase::nativeImageForCurrentTime):
(WebCore::MediaPlayerPrivateGStreamerBase::setVideoSourceOrientation):
(WebCore::MediaPlayerPrivateGStreamerBase::updateTextureMapperFlags):
(WebCore::texMapFlagFromOrientation): Deleted.
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:
Commit: d179dd07b0173be417929d478dd7c5217edd1cd2
https://github.com/WebKit/WebKit/commit/d179dd07b0173be417929d478dd7c5217edd1cd2
Author: Philippe Normand <pnormand at igalia.com>
Date: 2019-05-09 (Thu, 09 May 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h
Log Message:
-----------
Merge r244587 - [GTK][GStreamer] Flaky ASSERTION FAILED: m_lock.isHeld() in TextureMapperPlatformLayerProxy
https://bugs.webkit.org/show_bug.cgi?id=196739
Reviewed by Xabier Rodriguez-Calvar.
The crash was triggered because m_videoDecoderPlatform not being
explicitely set, its value would be inferred as one of the enum
class values. Making it Optional avoids this issue.
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:
Commit: 9865638571f521b0d513a7351db95836530b09cb
https://github.com/WebKit/WebKit/commit/9865638571f521b0d513a7351db95836530b09cb
Author: Philippe Normand <pnormand at igalia.com>
Date: 2019-05-09 (Thu, 09 May 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/gstreamer/MainThreadNotifier.h
M Source/WebCore/platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp
Log Message:
-----------
Merge r244640 - [REGRESSION(r243197)][GStreamer] http/tests/media/clearkey/collect-webkit-media-session.html hits an ASSERT
https://bugs.webkit.org/show_bug.cgi?id=197230
Reviewed by Xabier Rodriguez-Calvar.
Perform the resource loader disposal and destruction from the main
thread. Also ensure there's no circular reference between the
CachedResourceStreamingClient and WebKitWebSrc when disposing of
the private WebKitWebSrc storage.
* platform/graphics/gstreamer/MainThreadNotifier.h:
* platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
(_WebKitWebSrcPrivate::~_WebKitWebSrcPrivate):
(webkit_web_src_class_init):
(webKitWebSrcDispose):
(webKitWebSrcCloseSession):
(webKitWebSrcFinalize): Deleted.
Commit: 96bfb83e483b8594306e52691f3cde75a0d87cb6
https://github.com/WebKit/WebKit/commit/96bfb83e483b8594306e52691f3cde75a0d87cb6
Author: Philippe Normand <pnormand at igalia.com>
Date: 2019-05-09 (Thu, 09 May 2019)
Changed paths:
M LayoutTests/ChangeLog
M LayoutTests/platform/gtk/TestExpectations
M LayoutTests/platform/gtk/fast/replaced/border-radius-clip-expected.txt
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h
Log Message:
-----------
Merge r244641 - [GStreamer] gst_element_get_state: assertion 'GST_IS_ELEMENT (element)' failed in WebCore::MediaPlayerPrivateGStreamer::paused
https://bugs.webkit.org/show_bug.cgi?id=196691
Reviewed by Eric Carlson.
Source/WebCore:
For gif assets, fail media loading early and notify the
MediaPlayer by setting both network and ready states, so that the
MediaPlayer will try with with the next media engine or pass the
error to HTMLMediaElement if there are none.
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
(WebCore::MediaPlayerPrivateGStreamer::loadFull):
(WebCore::MediaPlayerPrivateGStreamer::loadingFailed):
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
LayoutTests:
Unflag test no longer crashing.
* platform/gtk/TestExpectations:
* platform/gtk/fast/replaced/border-radius-clip-expected.txt:
Commit: e40ec6f7882521b5ba7e180bbc86ae1ee26b1e0b
https://github.com/WebKit/WebKit/commit/e40ec6f7882521b5ba7e180bbc86ae1ee26b1e0b
Author: Philippe Normand <pnormand at igalia.com>
Date: 2019-05-09 (Thu, 09 May 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp
Log Message:
-----------
Merge r245054 - REGRESSION(r243197): [GStreamer] Error playing redirected streams
https://bugs.webkit.org/show_bug.cgi?id=197410
Reviewed by Carlos Garcia Campos.
Revert the change introduced in r243197 that was checking the
redirected URI instead of the original URI. Non-main URIs should
be ignored only when they are HLS (or similar) fragments.
Test http/tests/security/canvas-remote-read-remote-video-hls.html still passes.
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
(WebCore::MediaPlayerPrivateGStreamer::handleMessage):
Commit: e05e256cf2424eefb031c281317765cf643990f2
https://github.com/WebKit/WebKit/commit/e05e256cf2424eefb031c281317765cf643990f2
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-05-09 (Thu, 09 May 2019)
Changed paths:
M Tools/ChangeLog
M Tools/MiniBrowser/gtk/BrowserTab.c
M Tools/MiniBrowser/gtk/BrowserTab.h
M Tools/MiniBrowser/gtk/BrowserWindow.c
M Tools/MiniBrowser/gtk/main.c
Log Message:
-----------
Merge r244583 - [GTK] MiniBrowser: also set the passed bg-color when receiving arguments
https://bugs.webkit.org/show_bug.cgi?id=197156
Reviewed by Michael Catanzaro.
The background color is only set when MiniBrowser is launched without arguments. This regressed when tabs
support was added.
* MiniBrowser/gtk/BrowserTab.c:
(browser_tab_set_background_color): Set the passed in color as web view background color.
* MiniBrowser/gtk/BrowserTab.h:
* MiniBrowser/gtk/BrowserWindow.c:
(browser_window_init): Initialize backgroundColor.
(browser_window_append_view): Call browser_tab_set_background_color().
(browser_window_set_background_color): Save the passed in color. This function should now be called before tabs
are added.
* MiniBrowser/gtk/main.c:
(main): Call browser_window_set_background_color() before creating the tabs.
Commit: 1757b5a4e22abf2a4160dcf7ab52632e5a050155
https://github.com/WebKit/WebKit/commit/1757b5a4e22abf2a4160dcf7ab52632e5a050155
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-05-09 (Thu, 09 May 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/Font.cpp
Log Message:
-----------
Merge r245094 - REGRESSION(r239915): [FreeType] White space skipped when rendering plain text with noto CJK font
https://bugs.webkit.org/show_bug.cgi?id=197658
Reviewed by Michael Catanzaro.
Since r239915 we no longer overwrite control characters with zero width space, they are handled later when
filling the glyph pages. In Font::platformGlyphInit() there's an optimization to get the glyph of zero with
space character that assumes that control characters are always overwritten. Since the glyph for character at 0
index is always overwritten with zero width space, we can avoid loading the page for the actual zero width space
character and use the first page instead. In the particular case of noto CJK font, character at 0 is mapped to
the same glyph as space character, so space and zero width space end up being the same glyph. That breaks the
space width calculation, that returns 0 when isZeroWidthSpaceGlyph() is true. That's why spaces are no
longer rendered, ComplexTextController::adjustGlyphsAndAdvances() is setting the x advance for the space glyphs
to 0.
* platform/graphics/Font.cpp:
(WebCore::Font::platformGlyphInit): Use the actual zero width space page to get the glyph instead of 0 when
using FreeType.
Commit: 927fea430273b4227e656ca8a58f174b761b53ab
https://github.com/WebKit/WebKit/commit/927fea430273b4227e656ca8a58f174b761b53ab
Author: Saam Barati <sbarati at apple.com>
Date: 2019-05-09 (Thu, 09 May 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/inferred-types-regex-matches-array.js
Log Message:
-----------
Merge r243906 - createRegExpMatchesArray does not respect inferred types
https://bugs.webkit.org/show_bug.cgi?id=193287
Reviewed by Yusuke Suzuki.
This checks in the test case for 193287. This issue was discovered by
Samuel Groß of Google Project Zero.
* stress/inferred-types-regex-matches-array.js: Added.
Commit: e1957c57c30e7fd76b32cdd22cb01a219b73c361
https://github.com/WebKit/WebKit/commit/e1957c57c30e7fd76b32cdd22cb01a219b73c361
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-05-09 (Thu, 09 May 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/arrow-function-and-use-strict-directive.js
A JSTests/stress/arrow-function-syntax.js
M LayoutTests/ChangeLog
M LayoutTests/inspector/runtime/parse-expected.txt
M LayoutTests/inspector/runtime/parse.html
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/parser/ASTBuilder.h
M Source/JavaScriptCore/parser/Lexer.cpp
M Source/JavaScriptCore/parser/Lexer.h
M Source/JavaScriptCore/parser/Parser.cpp
M Source/JavaScriptCore/parser/Parser.h
Log Message:
-----------
Merge r244038 - Unreviewed, rolling in r243948 with test fix
https://bugs.webkit.org/show_bug.cgi?id=196486
JSTests:
* stress/arrow-function-and-use-strict-directive.js: Added.
* stress/arrow-function-syntax.js: Added.
(checkSyntax):
(checkSyntaxError):
Source/JavaScriptCore:
* parser/ASTBuilder.h:
(JSC::ASTBuilder::createString):
* parser/Lexer.cpp:
(JSC::Lexer<T>::parseMultilineComment):
(JSC::Lexer<T>::lexWithoutClearingLineTerminator):
(JSC::Lexer<T>::lex): Deleted.
* parser/Lexer.h:
(JSC::Lexer::hasLineTerminatorBeforeToken const):
(JSC::Lexer::setHasLineTerminatorBeforeToken):
(JSC::Lexer<T>::lex):
(JSC::Lexer::prevTerminator const): Deleted.
(JSC::Lexer::setTerminator): Deleted.
* parser/Parser.cpp:
(JSC::Parser<LexerType>::allowAutomaticSemicolon):
(JSC::Parser<LexerType>::parseSingleFunction):
(JSC::Parser<LexerType>::parseStatementListItem):
(JSC::Parser<LexerType>::maybeParseAsyncFunctionDeclarationStatement):
(JSC::Parser<LexerType>::parseFunctionInfo):
(JSC::Parser<LexerType>::parseClass):
(JSC::Parser<LexerType>::parseExportDeclaration):
(JSC::Parser<LexerType>::parseAssignmentExpression):
(JSC::Parser<LexerType>::parseYieldExpression):
(JSC::Parser<LexerType>::parseProperty):
(JSC::Parser<LexerType>::parsePrimaryExpression):
(JSC::Parser<LexerType>::parseMemberExpression):
* parser/Parser.h:
(JSC::Parser::nextWithoutClearingLineTerminator):
(JSC::Parser::lexCurrentTokenAgainUnderCurrentContext):
(JSC::Parser::internalSaveLexerState):
(JSC::Parser::restoreLexerState):
LayoutTests:
The test relied on the wrong EOF token's offset. This patch also fixes the test.
* inspector/runtime/parse-expected.txt:
* inspector/runtime/parse.html:
Commit: df7bd9721b756c8c3577d20b37fcf33ab1a27e9a
https://github.com/WebKit/WebKit/commit/df7bd9721b756c8c3577d20b37fcf33ab1a27e9a
Author: Robin Morisset <rmorisset at apple.com>
Date: 2019-05-09 (Thu, 09 May 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/runtime/ArrayBuffer.h
M Source/JavaScriptCore/runtime/JSBoundFunction.cpp
Log Message:
-----------
Merge r244222 - Use padding at end of ArrayBuffer
https://bugs.webkit.org/show_bug.cgi?id=196823
Reviewed by Filip Pizlo.
* runtime/ArrayBuffer.h:
Commit: 4cfc4b8e888900414d8549bc31935d27389521fc
https://github.com/WebKit/WebKit/commit/4cfc4b8e888900414d8549bc31935d27389521fc
Author: Saam Barati <sbarati at apple.com>
Date: 2019-05-09 (Thu, 09 May 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/check-stack-overflow-before-value-profiling-arguments.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/jit/JIT.cpp
Log Message:
-----------
Merge r244865 - Baseline JIT should do argument value profiling after checking for stack overflow
https://bugs.webkit.org/show_bug.cgi?id=197052
<rdar://problem/50009602>
Reviewed by Yusuke Suzuki.
JSTests:
* stress/check-stack-overflow-before-value-profiling-arguments.js: Added.
Source/JavaScriptCore:
Otherwise, we may do value profiling without running a write barrier, which
is against the rules of how we do value profiling.
* jit/JIT.cpp:
(JSC::JIT::compileWithoutLinking):
Commit: 0b5df36c8e36bf8a8a8abc9a070bb1802df6a928
https://github.com/WebKit/WebKit/commit/0b5df36c8e36bf8a8a8abc9a070bb1802df6a928
Author: Brent Fulgham <bfulgham at webkit.org>
Date: 2019-05-09 (Thu, 09 May 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/applicationmanifest/display-mode-bad-manifest-expected.txt
A LayoutTests/applicationmanifest/display-mode-bad-manifest.html
A LayoutTests/applicationmanifest/resources/bad.manifest
M LayoutTests/js/dom/JSON-parse-expected.txt
M LayoutTests/js/resources/JSON-parse.js
M Source/WTF/ChangeLog
M Source/WTF/wtf/JSONValues.cpp
M Tools/TestWebKitAPI/Tests/WTF/JSONValue.cpp
Log Message:
-----------
Merge r245028 - Correct JSON parser to address unterminated escape character
https://bugs.webkit.org/show_bug.cgi?id=197582
<rdar://problem/50459177>
Reviewed by Alex Christensen.
Source/WTF:
Correct JSON parser code to properly deal with unterminated escape
characters.
* wtf/JSONValues.cpp:
(WTF::JSONImpl::decodeString):
(WTF::JSONImpl::parseStringToken):
LayoutTests:
* applicationmanifest/display-mode-bad-manifest-expected.txt:
* applicationmanifest/display-mode-bad-manifest.html:
* applicationmanifest/resources/bad.manifest: Added.
* js/resources/JSON-parse.js: Add test case for unterminated escape.
* js/dom/JSON-parse-expected.txt: Add new test case.
* TestWebKitAPI/Tests/WTF/JSONValue.cpp: Add new false test case
for unterminated escape character.
Commit: d53abe2964c113d638c14e533b8844004e48421e
https://github.com/WebKit/WebKit/commit/d53abe2964c113d638c14e533b8844004e48421e
Author: Xan Lopez <xan at igalia.com>
Date: 2019-05-09 (Thu, 09 May 2019)
Changed paths:
M CMakeLists.txt
M ChangeLog
A Source/cmake/DetectSSE2.cmake
R Source/cmake/FindSSE2.cmake
M Source/cmake/WebKitCompilerFlags.cmake
M Tools/ChangeLog
M Tools/Scripts/webkitdirs.pm
Log Message:
-----------
Merge r245127 - [CMake] Detect SSE2 at compile time
https://bugs.webkit.org/show_bug.cgi?id=196488
Patch by Xan López <xan at igalia.com> on 2019-05-09
Reviewed by Carlos Garcia Campos.
.:
* Source/cmake/DetectSSE2.cmake: Added.
* Source/cmake/WebKitCompilerFlags.cmake: Detect SSE2 support and
add SSE2 to the global compiler flags.
Tools:
* Scripts/webkitdirs.pm:
(generateBuildSystemFromCMakeProject): Do not add SSE2 flags here
for x86 builds. This is now handled in WebKitCompilerFlags.cmake.
Commit: 831c471fd750d2c8a5e86aad1575b85ec7347725
https://github.com/WebKit/WebKit/commit/831c471fd750d2c8a5e86aad1575b85ec7347725
Author: Wenson Hsieh <wenson_hsieh at apple.com>
Date: 2019-05-17 (Fri, 17 May 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/fast/events/contextmenu-reentrancy-crash-expected.txt
A LayoutTests/fast/events/contextmenu-reentrancy-crash.html
M Source/WebCore/ChangeLog
M Source/WebCore/page/ContextMenuController.cpp
M Source/WebCore/page/ContextMenuController.h
Log Message:
-----------
Merge r242749 - [macOS] Dispatching reentrant "contextmenu" events may cause crashes
https://bugs.webkit.org/show_bug.cgi?id=195571
<rdar://problem/48086046>
Reviewed by Andy Estes.
Source/WebCore:
Make ContextMenuController::handleContextMenuEvent robust against reentrancy by guarding it with a boolean flag.
As demonstrated in the test case, it is currently possible to force WebKit into a bad state by dispatching a
synthetic "contextmenu" event from within the scope of one of the "before(copy|cut|paste)" events triggered as
a result of handling a context menu event.
Test: fast/events/contextmenu-reentrancy-crash.html
* page/ContextMenuController.cpp:
(WebCore::ContextMenuController::handleContextMenuEvent):
* page/ContextMenuController.h:
LayoutTests:
Add a test to verify that triggering reentrant "contextmenu" events from script does not cause a crash.
* fast/events/contextmenu-reentrancy-crash-expected.txt: Added.
* fast/events/contextmenu-reentrancy-crash.html: Added.
Commit: c1d0aa0369873c4636fe7b8b368d499025a68338
https://github.com/WebKit/WebKit/commit/c1d0aa0369873c4636fe7b8b368d499025a68338
Author: Michael Saboff <msaboff at apple.com>
Date: 2019-05-17 (Fri, 17 May 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/regexp-backref-inbounds.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/yarr/YarrJIT.cpp
Log Message:
-----------
Merge r242838 - REGRESSION (iOS 12.2): Webpage using CoffeeScript crashes
https://bugs.webkit.org/show_bug.cgi?id=195613
Reviewed by Mark Lam.
JSTests:
New regression test.
* stress/regexp-backref-inbounds.js: Added.
(testRegExp):
Source/JavaScriptCore:
The bug here is in Yarr JIT backreference matching code. We are incorrectly
using a checkedOffset / inputPosition correction when checking for the available
length left in a string. It is improper to do these corrections as a backreference's
match length is based on what was matched in the referenced capture group and not
part of the checkedOffset and inputPosition computed when we compiled the RegExp.
In some cases, the resulting incorrect calculation would allow us to go past
the subject string's length. Removed these adjustments.
After writing tests for the first bug, found another bug where the non-greedy
backreference backtracking code didn't do an "are we at the end of the input?" check.
This caused an infinite loop as we'd jump from the backtracking code back to
try matching one more backreference, fail and then backtrack.
* yarr/YarrJIT.cpp:
(JSC::Yarr::YarrGenerator::generateBackReference):
(JSC::Yarr::YarrGenerator::backtrackBackReference):
Commit: 6d871dcc8c1702347d25246c312dbb5afb1adbba
https://github.com/WebKit/WebKit/commit/6d871dcc8c1702347d25246c312dbb5afb1adbba
Author: Alan Bujtas <zalan at apple.com>
Date: 2019-05-17 (Fri, 17 May 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/fast/text/simple-line-layout-with-text-underline-position-expected.html
A LayoutTests/fast/text/simple-line-layout-with-text-underline-position.html
M Source/WebCore/ChangeLog
M Source/WebCore/rendering/SimpleLineLayout.cpp
Log Message:
-----------
Merge r243605 - [SimpleLineLayout] Disable SLL when text-underline-position is not auto.
https://bugs.webkit.org/show_bug.cgi?id=196338
<rdar://problem/47975167>
Reviewed by Daniel Bates.
Source/WebCore:
Disable simple line layout unconditionally on non-auto text-underline-position content. We don't support it yet.
Test: fast/text/simple-line-layout-with-text-underline-position.html
* rendering/SimpleLineLayout.cpp:
(WebCore::SimpleLineLayout::canUseForStyle):
LayoutTests:
* fast/text/simple-line-layout-with-text-underline-position-expected.html: Added.
* fast/text/simple-line-layout-with-text-underline-position.html: Added.
Commit: 9043d72b9de71130797381cbf09ec9b77f287859
https://github.com/WebKit/WebKit/commit/9043d72b9de71130797381cbf09ec9b77f287859
Author: Simon Fraser <simon.fraser at apple.com>
Date: 2019-05-17 (Fri, 17 May 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/compositing/backing/foreground-layer-no-paints-into-ancestor-expected.html
A LayoutTests/compositing/backing/foreground-layer-no-paints-into-ancestor.html
M Source/WebCore/ChangeLog
M Source/WebCore/rendering/RenderLayerCompositor.cpp
Log Message:
-----------
Merge r243786 - REGRESSION (r238266): Exchange 2013 Outlook Web Access displays partially blank page when creating new e-mail
https://bugs.webkit.org/show_bug.cgi?id=196522
Source/WebCore:
rdar://problem/49472941
Reviewed by Zalan Bujtas.
In this content a layer is composited to clip descendants, and has negative z-order children,
so we compute that it "paints into ancestor", and has a foreground layer. This combination doesn't
make sense, and when the layer becomes scrollable, we end up with bad paint phases on layers, and
fail to paint the contents.
Fix by ensuring that a layer has its own backing store if it requires a foreground layer
by virtue of having negative z-order children.
Test: compositing/backing/foreground-layer-no-paints-into-ancestor.html
* rendering/RenderLayerCompositor.cpp:
(WebCore::RenderLayerCompositor::requiresOwnBackingStore const):
LayoutTests:
Reviewed by Zalan Bujtas.
* compositing/backing/foreground-layer-no-paints-into-ancestor-expected.html: Added.
* compositing/backing/foreground-layer-no-paints-into-ancestor.html: Added.
Commit: 4f4843dbc78fac7541beefb80d2cdc9be869bcd6
https://github.com/WebKit/WebKit/commit/4f4843dbc78fac7541beefb80d2cdc9be869bcd6
Author: Myles C. Maxfield <mmaxfield at apple.com>
Date: 2019-05-17 (Fri, 17 May 2019)
Changed paths:
M ChangeLog
M LayoutTests/ChangeLog
R LayoutTests/fast/text/trailing-word-expected.html
R LayoutTests/fast/text/trailing-word.html
M LayoutTests/platform/gtk/TestExpectations
R LayoutTests/platform/mac/fast/text/trailing-word-parse-expected.txt
R LayoutTests/platform/mac/fast/text/trailing-word-parse.html
M LayoutTests/platform/win/TestExpectations
M Source/JavaScriptCore/ChangeLog
M Source/WebCore/ChangeLog
M Source/WebCore/PAL/ChangeLog
M Source/WebCore/css/CSSComputedStyleDeclaration.cpp
M Source/WebCore/css/CSSPrimitiveValueMappings.h
M Source/WebCore/css/CSSProperties.json
M Source/WebCore/css/CSSValueKeywords.in
M Source/WebCore/css/parser/CSSParserFastPaths.cpp
M Source/WebCore/rendering/SimpleLineLayout.cpp
M Source/WebCore/rendering/SimpleLineLayoutCoverage.cpp
M Source/WebCore/rendering/SimpleLineLayoutCoverage.h
M Source/WebCore/rendering/line/BreakingContext.h
M Source/WebCore/rendering/style/RenderStyle.h
M Source/WebCore/rendering/style/RenderStyleConstants.h
M Source/WebCore/rendering/style/StyleRareInheritedData.cpp
M Source/WebCore/rendering/style/StyleRareInheritedData.h
M Source/WebInspectorUI/ChangeLog
M Source/WebInspectorUI/UserInterface/Models/CSSKeywordCompletions.js
M Source/WebKit/ChangeLog
M Source/WebKitLegacy/mac/ChangeLog
M Source/cmake/WebKitFeatures.cmake
M Tools/ChangeLog
M Tools/Scripts/webkitperl/FeatureList.pm
Log Message:
-----------
Merge r243819 - Remove support for -apple-trailing-word
https://bugs.webkit.org/show_bug.cgi?id=196525
Reviewed by Zalan Bujtas.
This CSS property is nonstandard and not used.
.:
* Source/cmake/WebKitFeatures.cmake:
Source/JavaScriptCore:
* Configurations/FeatureDefines.xcconfig:
Source/WebCore:
* Configurations/FeatureDefines.xcconfig:
* css/CSSComputedStyleDeclaration.cpp:
(WebCore::ComputedStyleExtractor::valueForPropertyinStyle):
* css/CSSPrimitiveValueMappings.h:
(WebCore::CSSPrimitiveValue::operator TrailingWord const): Deleted.
* css/CSSProperties.json:
* css/CSSValueKeywords.in:
* css/parser/CSSParserFastPaths.cpp:
(WebCore::CSSParserFastPaths::isValidKeywordPropertyAndValue):
(WebCore::CSSParserFastPaths::isKeywordPropertyID):
* rendering/SimpleLineLayout.cpp:
(WebCore::SimpleLineLayout::canUseForStyle):
* rendering/SimpleLineLayoutCoverage.cpp:
(WebCore::SimpleLineLayout::printReason):
* rendering/SimpleLineLayoutCoverage.h:
* rendering/line/BreakingContext.h:
(WebCore::BreakingContext::BreakingContext):
(WebCore::BreakingContext::lineBreak):
(WebCore::BreakingContext::clearLineBreakIfFitsOnLine):
(WebCore::BreakingContext::commitLineBreakClear):
(WebCore::BreakingContext::commitLineBreakAtCurrentWidth):
(WebCore::BreakingContext::handleBR):
(WebCore::BreakingContext::handleFloat):
(WebCore::BreakingContext::handleText):
(WebCore::BreakingContext::handleEndOfLine):
(WebCore::BreakingContext::InlineIteratorHistory::InlineIteratorHistory): Deleted.
(WebCore::BreakingContext::InlineIteratorHistory::push): Deleted.
(WebCore::BreakingContext::InlineIteratorHistory::update): Deleted.
(WebCore::BreakingContext::InlineIteratorHistory::renderer const): Deleted.
(WebCore::BreakingContext::InlineIteratorHistory::offset const): Deleted.
(WebCore::BreakingContext::InlineIteratorHistory::nextBreakablePosition const): Deleted.
(WebCore::BreakingContext::InlineIteratorHistory::atTextParagraphSeparator const): Deleted.
(WebCore::BreakingContext::InlineIteratorHistory::previousInSameNode const): Deleted.
(WebCore::BreakingContext::InlineIteratorHistory::get const): Deleted.
(WebCore::BreakingContext::InlineIteratorHistory::current const): Deleted.
(WebCore::BreakingContext::InlineIteratorHistory::historyLength const): Deleted.
(WebCore::BreakingContext::InlineIteratorHistory::moveTo): Deleted.
(WebCore::BreakingContext::InlineIteratorHistory::increment): Deleted.
(WebCore::BreakingContext::InlineIteratorHistory::clear): Deleted.
(WebCore::BreakingContext::optimalLineBreakLocationForTrailingWord): Deleted.
* rendering/style/RenderStyle.h:
(WebCore::RenderStyle::trailingWord const): Deleted.
(WebCore::RenderStyle::setTrailingWord): Deleted.
(WebCore::RenderStyle::initialTrailingWord): Deleted.
* rendering/style/RenderStyleConstants.h:
* rendering/style/StyleRareInheritedData.cpp:
(WebCore::StyleRareInheritedData::StyleRareInheritedData):
(WebCore::StyleRareInheritedData::operator== const):
* rendering/style/StyleRareInheritedData.h:
Source/WebCore/PAL:
* Configurations/FeatureDefines.xcconfig:
Source/WebInspectorUI:
* UserInterface/Models/CSSKeywordCompletions.js:
Source/WebKit:
* Configurations/FeatureDefines.xcconfig:
Source/WebKitLegacy/mac:
* Configurations/FeatureDefines.xcconfig:
Tools:
* Scripts/webkitperl/FeatureList.pm:
* TestWebKitAPI/Configurations/FeatureDefines.xcconfig:
LayoutTests:
* fast/text/trailing-word-expected.html: Removed.
* fast/text/trailing-word.html: Removed.
* platform/gtk/TestExpectations:
* platform/mac/fast/text/trailing-word-parse-expected.txt: Removed.
* platform/mac/fast/text/trailing-word-parse.html: Removed.
* platform/win/TestExpectations:
Commit: e6840f15a2d0196b0bfd1d0273559ab5a55a0d34
https://github.com/WebKit/WebKit/commit/e6840f15a2d0196b0bfd1d0273559ab5a55a0d34
Author: Myles C. Maxfield <mmaxfield at apple.com>
Date: 2019-05-17 (Fri, 17 May 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/fast/text/trailing-word-detection-expected.txt
A LayoutTests/fast/text/trailing-word-detection.html
M LayoutTests/platform/gtk/TestExpectations
M LayoutTests/platform/win/TestExpectations
M PerformanceTests/ChangeLog
M PerformanceTests/MotionMark/resources/debug-runner/motionmark.css
M Source/JavaScriptCore/ChangeLog
M Source/WebCore/ChangeLog
M Source/WebCore/PAL/ChangeLog
M Source/WebCore/css/CSSComputedStyleDeclaration.cpp
M Source/WebCore/css/CSSPrimitiveValueMappings.h
M Source/WebCore/css/CSSProperties.json
M Source/WebCore/css/CSSValueKeywords.in
M Source/WebCore/css/parser/CSSParserFastPaths.cpp
M Source/WebCore/rendering/style/RenderStyle.h
M Source/WebCore/rendering/style/RenderStyleConstants.h
M Source/WebKit/ChangeLog
M Source/WebKitLegacy/mac/ChangeLog
M Tools/ChangeLog
Log Message:
-----------
Merge r243841 - -apple-trailing-word is needed for browser detection
https://bugs.webkit.org/show_bug.cgi?id=196575
Unreviewed.
PerformanceTests:
* MotionMark/resources/debug-runner/motionmark.css:
(#intro .start-benchmark p):
Source/JavaScriptCore:
* Configurations/FeatureDefines.xcconfig:
Source/WebCore:
This is an unreviewed partial revert of r243819. Turns out there are some websites
which use this property to do browser detection. So, we need to continue to parse
the property, but we don't need the property to do anything.
Test: fast/text/trailing-word-detection.html
* Configurations/FeatureDefines.xcconfig:
* css/CSSComputedStyleDeclaration.cpp:
(WebCore::ComputedStyleExtractor::valueForPropertyinStyle):
* css/CSSPrimitiveValueMappings.h:
(WebCore::CSSPrimitiveValue::CSSPrimitiveValue):
(WebCore::CSSPrimitiveValue::operator TrailingWord const):
* css/CSSProperties.json:
* css/CSSValueKeywords.in:
* css/parser/CSSParserFastPaths.cpp:
(WebCore::CSSParserFastPaths::isValidKeywordPropertyAndValue):
(WebCore::CSSParserFastPaths::isKeywordPropertyID):
* rendering/style/RenderStyle.h:
(WebCore::RenderStyle::trailingWord const):
(WebCore::RenderStyle::setTrailingWord):
(WebCore::RenderStyle::initialTrailingWord):
* rendering/style/RenderStyleConstants.h:
Source/WebCore/PAL:
* Configurations/FeatureDefines.xcconfig:
Source/WebKit:
* Configurations/FeatureDefines.xcconfig:
Source/WebKitLegacy/mac:
* Configurations/FeatureDefines.xcconfig:
Tools:
* TestWebKitAPI/Configurations/FeatureDefines.xcconfig:
LayoutTests:
* fast/text/trailing-word-detection-expected.txt: Added.
* fast/text/trailing-word-detection.html: Added.
* platform/gtk/TestExpectations:
* platform/win/TestExpectations:
Commit: 746d77a0902f3137cfb6e74af5f85276902cdcc3
https://github.com/WebKit/WebKit/commit/746d77a0902f3137cfb6e74af5f85276902cdcc3
Author: Daniel Bates <dbates at webkit.org>
Date: 2019-05-17 (Fri, 17 May 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/http/tests/cookies/same-site/user-load-cross-site-redirect-expected.txt
A LayoutTests/http/tests/cookies/same-site/user-load-cross-site-redirect.php
M Source/WebCore/ChangeLog
M Source/WebCore/loader/FrameLoader.cpp
M Source/WebCore/platform/network/ResourceRequestBase.cpp
Log Message:
-----------
Merge r241918 - Same Site Lax cookies are not sent with cross-site redirect from client-initiated load
https://bugs.webkit.org/show_bug.cgi?id=194906
<rdar://problem/44305947>
Reviewed by Brent Fulgham.
Source/WebCore:
Ensure that a request for a top-level navigation is annotated as such regardless of whether
the request has a computed Same Site policy.
"New loads" initiated by a the client (Safari) either by API or a human either explicitly
typing a URL in the address bar or Command + clicking a hyperlink to open it in a new window/tab
are always considered Same Site. This is by definition from the spec. [1] as we aren't navigating
from an existing page. (Command + click should be thought of as a convenience to the user from
having to copy the hyperlink's URL, create a new window, and paste the URL into the address bar).
Currently the frame loader marks a request as a top-level navigation if and only if the request
does not have a pre-computed Same Site policy. However, "New loads" have a pre-computed Same Site
policy. So, these loads would never be marked as a top-level navigation by the frame loading code.
Therefore, if the "new load" turned out to be a cross-site redirect then WebKit would incorrectly
tell the networking stack that the load was a cross-site, non-top-level navigation, and per the
Same Site spec [2], the networking stack would not send Same Site Lax cookies. Instead,
WebKit should unconditionally ensure that requests are marked as a top-level navigation, if applicable.
[1] See Note for (1) in <https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis-02#section-5.2>
[2] <https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis-02#section-5.3.7.1>
Test: http/tests/cookies/same-site/user-load-cross-site-redirect.php
* loader/FrameLoader.cpp:
(WebCore::FrameLoader::addExtraFieldsToRequest): Unconditionally update the request's top-
level navigation bit.
* platform/network/ResourceRequestBase.cpp:
(WebCore::ResourceRequestBase::setAsIsolatedCopy): Unconditionally copy a request's top-
level navigation bit.
LayoutTests:
Add a test that is representative of a user loading a cross-site page that redirects
to a page that expects Same Site Lax cookies.
* http/tests/cookies/same-site/user-load-cross-site-redirect-expected.txt: Added.
* http/tests/cookies/same-site/user-load-cross-site-redirect.php: Added.
Commit: b47f55c2b675fa933eafd1a70252c8718d6b7762
https://github.com/WebKit/WebKit/commit/b47f55c2b675fa933eafd1a70252c8718d6b7762
Author: Daniel Bates <dbates at webkit.org>
Date: 2019-05-17 (Fri, 17 May 2019)
Changed paths:
M LayoutTests/ChangeLog
M LayoutTests/http/tests/cookies/same-site/user-load-cross-site-redirect-expected.txt
M LayoutTests/http/tests/cookies/same-site/user-load-cross-site-redirect.php
Log Message:
-----------
Merge r241931 - Fix the test failure following r241918
(https://bugs.webkit.org/show_bug.cgi?id=194906)
For some reason strict cookies are sent via HTTP in WK1 and not in WK2. Will investigate in <https://bugs.webkit.org/show_bug.cgi?id=194933>.
This sub-test failure occurs with and without the patch. As the primary purpose of this test
was to ensure correctness for Same Site lax cookies, I've amended the test and test result
for now.
* http/tests/cookies/same-site/user-load-cross-site-redirect-expected.txt:
* http/tests/cookies/same-site/user-load-cross-site-redirect.php:
Commit: 74ca032f72c2e0242ac7095545f9fe4d07394bb9
https://github.com/WebKit/WebKit/commit/74ca032f72c2e0242ac7095545f9fe4d07394bb9
Author: Saam Barati <sbarati at apple.com>
Date: 2019-05-17 (Fri, 17 May 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/get-by-offset-should-use-correct-child.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/dfg/DFGSafeToExecute.h
Log Message:
-----------
Merge r244314 - SafeToExecute for GetByOffset/GetGetterByOffset/PutByOffset is using the wrong child for the base
https://bugs.webkit.org/show_bug.cgi?id=196945
<rdar://problem/49802750>
Reviewed by Filip Pizlo.
JSTests:
* stress/get-by-offset-should-use-correct-child.js: Added.
(foo.bar):
(foo):
Source/JavaScriptCore:
* dfg/DFGSafeToExecute.h:
(JSC::DFG::safeToExecute):
Commit: 9b9dc27b4dabff5115de4e47b6a52199371accd6
https://github.com/WebKit/WebKit/commit/9b9dc27b4dabff5115de4e47b6a52199371accd6
Author: Chris Dumez <cdumez at apple.com>
Date: 2019-05-17 (Fri, 17 May 2019)
Changed paths:
M LayoutTests/ChangeLog
M LayoutTests/fast/dom/Element/id-in-frameset-expected.txt
M LayoutTests/fast/dom/Element/id-in-frameset.html
A LayoutTests/fast/dom/frame-src-javascript-url-async-expected.txt
A LayoutTests/fast/dom/frame-src-javascript-url-async.html
M LayoutTests/fast/dom/insertedIntoDocument-iframe-expected.txt
M LayoutTests/fast/dom/javascript-url-exception-isolation-expected.txt
M LayoutTests/fast/dom/javascript-url-exception-isolation.html
M LayoutTests/fast/dom/no-assert-for-malformed-js-url-attribute-expected.txt
M LayoutTests/fast/dom/resources/javascript-url-crash-function-iframe.html
M LayoutTests/fast/frames/adopt-from-created-document.html
M LayoutTests/fast/frames/out-of-document-iframe-has-child-frame.html
M LayoutTests/fast/loader/javascript-url-iframe-remove-on-navigate-async-delegate.html
M LayoutTests/fast/loader/javascript-url-iframe-remove-on-navigate.html
M LayoutTests/fast/loader/unload-mutation-crash.html
M LayoutTests/fast/parser/resources/set-parent-to-javascript-url.html
M LayoutTests/fast/parser/xml-error-adopted.xml
M LayoutTests/http/tests/navigation/lockedhistory-iframe-expected.txt
M LayoutTests/http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-image-in-javascript-url-iframe-in-iframe-expected.txt
M LayoutTests/http/tests/security/contentSecurityPolicy/javascript-url-allowed-expected.txt
M LayoutTests/http/tests/security/contentSecurityPolicy/javascript-url-blocked-by-default-src-star-expected.txt
M LayoutTests/http/tests/security/contentSecurityPolicy/javascript-url-blocked-expected.txt
M LayoutTests/http/tests/security/javascriptURL/xss-ALLOWED-from-javascript-url-sub-frame-2-level.html
M LayoutTests/http/tests/security/javascriptURL/xss-ALLOWED-from-javascript-url-sub-frame.html
M LayoutTests/http/tests/security/javascriptURL/xss-ALLOWED-to-javascript-url-from-javscript-url.html
M LayoutTests/imported/blink/fast/frames/navigation-in-pagehide.html
M LayoutTests/imported/blink/loader/iframe-sync-loads-expected.txt
M LayoutTests/js/dom/call-base-resolution.html
M LayoutTests/platform/wk2/http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-image-in-javascript-url-iframe-in-iframe-expected.txt
M Source/WebCore/ChangeLog
M Source/WebCore/loader/NavigationScheduler.cpp
M Source/WebCore/loader/NavigationScheduler.h
M Source/WebCore/loader/SubframeLoader.cpp
Log Message:
-----------
Merge r244892 - Setting a frame's src to a javascript URL should not run it synchronously
https://bugs.webkit.org/show_bug.cgi?id=197466
Reviewed by Darin Adler.
Source/WebCore:
When an iframe's src attribute is set to a javascript URL, whether when parsing
or later on via JS, we now execute the URL's JavaScript asynchronously. We used
to execute it synchronously, which was a source of bugs and also did not match
other browsers.
I have verified that our new behavior is aligned with both Firefox and Chrome.
Note that for backward-compatibility and interoperability with Blink
(https://bugs.chromium.org/p/chromium/issues/detail?id=923585), the
"javascript:''" URL will still run synchronously. We should consider dropping
this quirk at some point.
Test: fast/dom/frame-src-javascript-url-async.html
* loader/NavigationScheduler.cpp:
(WebCore::ScheduledLocationChange::ScheduledLocationChange):
(WebCore::ScheduledLocationChange::~ScheduledLocationChange):
(WebCore::NavigationScheduler::scheduleLocationChange):
* loader/NavigationScheduler.h:
(WebCore::NavigationScheduler::scheduleLocationChange):
* loader/SubframeLoader.cpp:
(WebCore::SubframeLoader::requestFrame):
LayoutTests:
* fast/dom/frame-src-javascript-url-async-expected.txt: Added.
* fast/dom/frame-src-javascript-url-async.html: Added.
Add layout test coverage for the fact that the javascript URL is executed asynchronously
whether set during parsing or later via JS. Also makes sure that executing the javascript
URL asynchronously does not replace the frame's window. This test passes in both Chrome
and Firefox.
* imported/blink/fast/frames/navigation-in-pagehide.html:
Re-sync this test from the Blink repository.
* fast/dom/Element/id-in-frameset-expected.txt:
* fast/dom/Element/id-in-frameset.html:
* fast/dom/insertedIntoDocument-iframe-expected.txt:
* fast/dom/javascript-url-exception-isolation-expected.txt:
* fast/dom/javascript-url-exception-isolation.html:
* fast/dom/no-assert-for-malformed-js-url-attribute-expected.txt:
* fast/dom/resources/javascript-url-crash-function-iframe.html:
* fast/frames/adopt-from-created-document.html:
* fast/frames/out-of-document-iframe-has-child-frame.html:
* fast/loader/javascript-url-iframe-remove-on-navigate-async-delegate.html:
* fast/loader/javascript-url-iframe-remove-on-navigate.html:
* fast/loader/unload-mutation-crash.html:
* fast/parser/resources/set-parent-to-javascript-url.html:
* fast/parser/xml-error-adopted.xml:
* http/tests/navigation/lockedhistory-iframe-expected.txt:
* http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-image-in-javascript-url-iframe-in-iframe-expected.txt:
* http/tests/security/contentSecurityPolicy/javascript-url-allowed-expected.txt:
* http/tests/security/contentSecurityPolicy/javascript-url-blocked-by-default-src-star-expected.txt:
* http/tests/security/contentSecurityPolicy/javascript-url-blocked-expected.txt:
* http/tests/security/javascriptURL/xss-ALLOWED-from-javascript-url-sub-frame-2-level.html:
* http/tests/security/javascriptURL/xss-ALLOWED-from-javascript-url-sub-frame.html:
* http/tests/security/javascriptURL/xss-ALLOWED-to-javascript-url-from-javscript-url.html:
* imported/blink/loader/iframe-sync-loads-expected.txt:
* js/dom/call-base-resolution.html:
* platform/wk2/http/tests/security/contentSecurityPolicy/block-all-mixed-content/insecure-image-in-javascript-url-iframe-in-iframe-expected.txt:
Update / Rebaseline existing tests to reflect behavior change. I ran those tests in Firefox and Chrome to confirm that our behavior
is indeed aligned.
Commit: 4f458eee6c11fa8f34b3f99a421da688fb9c1aa5
https://github.com/WebKit/WebKit/commit/4f458eee6c11fa8f34b3f99a421da688fb9c1aa5
Author: Tadeu Zagallo <tzagallo at apple.com>
Date: 2019-05-17 (Fri, 17 May 2019)
Changed paths:
M JSTests/ChangeLog
M JSTests/stress/array-species-config-array-constructor.js
M JSTests/stress/put-direct-index-broken-2.js
A JSTests/stress/typed-array-canonical-numeric-index-string.js
M JSTests/stress/typedarray-access-monomorphic-neutered.js
M JSTests/stress/typedarray-access-neutered.js
M JSTests/stress/typedarray-getownproperty-not-configurable.js
M JSTests/test262/expectations.yaml
M LayoutTests/ChangeLog
M LayoutTests/fast/canvas/canvas-ImageData-behaviour-expected.txt
M LayoutTests/fast/canvas/canvas-ImageData-behaviour.js
M Source/JavaScriptCore/CMakeLists.txt
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/JavaScriptCore.xcodeproj/project.pbxproj
M Source/JavaScriptCore/runtime/JSGenericTypedArrayViewInlines.h
M Source/JavaScriptCore/runtime/PropertyName.h
Log Message:
-----------
Merge r244950 - TypedArrays should not store properties that are canonical numeric indices
https://bugs.webkit.org/show_bug.cgi?id=197228
<rdar://problem/49557381>
Reviewed by Saam Barati.
JSTests:
* stress/array-species-config-array-constructor.js:
(test):
* stress/put-direct-index-broken-2.js:
* stress/typed-array-canonical-numeric-index-string.js: Added.
(makeTest.assert):
(makeTest):
(const.testInvalidIndices.makeTest.set assert):
(const.testInvalidIndices.makeTest):
(const.makeTestValidIndex.configurable.set assert):
(const.makeTestValidIndex.configurable):
* stress/typedarray-access-monomorphic-neutered.js:
(checkNoException):
(testNoException):
(testFTLNoException):
* stress/typedarray-access-neutered.js:
(testNoException):
* stress/typedarray-getownproperty-not-configurable.js:
(foo):
* test262/expectations.yaml:
Source/JavaScriptCore:
According to the spec[1]:
- TypedArrays should not perform an ordinary GetOwnProperty/SetOwnProperty if the index is a
CanonicalNumericIndexString, but invalid according to IntegerIndexedElementGet and similar
functions. I.e., there are a few properties that should not be set in a TypedArray, like NaN,
Infinity and -0.
- On DefineOwnProperty, the out-of-bounds check should be performed before validating the property
descriptor.
- On GetOwnProperty, the returned descriptor for numeric properties should have writable set to true.
[1]: https://www.ecma-international.org/ecma-262/9.0/index.html#sec-integer-indexed-exotic-objects-defineownproperty-p-desc
* CMakeLists.txt:
* JavaScriptCore.xcodeproj/project.pbxproj:
* runtime/JSGenericTypedArrayViewInlines.h:
(JSC::JSGenericTypedArrayView<Adaptor>::getOwnPropertySlot):
(JSC::JSGenericTypedArrayView<Adaptor>::put):
(JSC::JSGenericTypedArrayView<Adaptor>::defineOwnProperty):
(JSC::JSGenericTypedArrayView<Adaptor>::getOwnPropertySlotByIndex):
(JSC::JSGenericTypedArrayView<Adaptor>::putByIndex):
* runtime/PropertyName.h:
(JSC::isCanonicalNumericIndexString):
LayoutTests:
* fast/canvas/canvas-ImageData-behaviour-expected.txt:
* fast/canvas/canvas-ImageData-behaviour.js:
Commit: d3808ff099e503b26de4d94fd1aee46260a9fc8c
https://github.com/WebKit/WebKit/commit/d3808ff099e503b26de4d94fd1aee46260a9fc8c
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-05-17 (Fri, 17 May 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/check-symbol-description-oom.js
M Source/JavaScriptCore/API/JSValueRef.cpp
M Source/JavaScriptCore/API/tests/testapi.cpp
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/dfg/DFGOperations.cpp
M Source/JavaScriptCore/runtime/Symbol.cpp
M Source/JavaScriptCore/runtime/Symbol.h
M Source/JavaScriptCore/runtime/SymbolConstructor.cpp
Log Message:
-----------
Merge r244996 - [JSC] We should check OOM for description string of Symbol
https://bugs.webkit.org/show_bug.cgi?id=197634
Reviewed by Keith Miller.
JSTests:
* stress/check-symbol-description-oom.js: Added.
(shouldThrow):
Source/JavaScriptCore:
When resoling JSString for description of Symbol, we should check OOM error.
We also change JSValueMakeSymbol(..., nullptr) to returning a symbol value
without description, (1) to simplify the code and (2) give a way for JSC API
to create a symbol value without description.
* API/JSValueRef.cpp:
(JSValueMakeSymbol):
* API/tests/testapi.cpp:
(TestAPI::symbolsTypeof):
(TestAPI::symbolsDescription):
(testCAPIViaCpp):
* dfg/DFGOperations.cpp:
* runtime/Symbol.cpp:
(JSC::Symbol::createWithDescription):
* runtime/Symbol.h:
* runtime/SymbolConstructor.cpp:
(JSC::callSymbol):
Commit: e7d06c4db9fe0ccb904bc4e29260c123a1803d3c
https://github.com/WebKit/WebKit/commit/e7d06c4db9fe0ccb904bc4e29260c123a1803d3c
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-05-17 (Fri, 17 May 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/getstack-int52.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp
Log Message:
-----------
Merge r245051 - [JSC] DFG_ASSERT failed in lowInt52
https://bugs.webkit.org/show_bug.cgi?id=197569
Reviewed by Saam Barati.
JSTests:
* stress/getstack-int52.js: Added.
(opt):
(main):
Source/JavaScriptCore:
GetStack with FlushedInt52 should load the flushed value in Int52 form and put the result in m_int52Values / m_strictInt52Values. Previously,
we load it in JSValue / Int32 form and lowInt52 fails to get appropriate one since GetStack does not put the result in m_int52Values / m_strictInt52Values.
* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileGetStack):
Commit: 8f0844bf7e61a46f11f4fbb129be71230cd34b92
https://github.com/WebKit/WebKit/commit/8f0844bf7e61a46f11f4fbb129be71230cd34b92
Author: Brent Fulgham <bfulgham at webkit.org>
Date: 2019-05-17 (Fri, 17 May 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/dom/Document.cpp
Log Message:
-----------
Merge r245056 - Correct delayed load event handling
https://bugs.webkit.org/show_bug.cgi?id=197679
<rdar://problem/50423334>
Reviewed by Alex Christensen.
We need to properly account for the fact that JavaScript might run
while performing loads.
* dom/Document.cpp:
(WebCore::Document::loadEventDelayTimerFired):
Commit: d1193d452b7167cdbcc18c784d02e740d257dc4c
https://github.com/WebKit/WebKit/commit/d1193d452b7167cdbcc18c784d02e740d257dc4c
Author: Brent Fulgham <bfulgham at webkit.org>
Date: 2019-05-17 (Fri, 17 May 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/dom/Document.cpp
Log Message:
-----------
Merge r245142 - Correct delayed load event handling
https://bugs.webkit.org/show_bug.cgi?id=197679
<rdar://problem/50423334>
Reviewed by Alex Christensen.
We need to properly account for the fact that JavaScript might run
while performing loads.
* dom/Document.cpp:
(WebCore::Document::loadEventDelayTimerFired):
Commit: 4c4a96e514d2176625f45a54b1dfcc3414b15baf
https://github.com/WebKit/WebKit/commit/4c4a96e514d2176625f45a54b1dfcc3414b15baf
Author: Charlie Turner <cturner at igalia.com>
Date: 2019-05-17 (Fri, 17 May 2019)
Changed paths:
M Tools/ChangeLog
M Tools/wpe/backends/CMakeLists.txt
Log Message:
-----------
Merge r245182 - [WPE] Forward libepoxy cflags
https://bugs.webkit.org/show_bug.cgi?id=197784
Reviewed by Žan Doberšek.
* wpe/backends/CMakeLists.txt: This is required to keep
-DMESA_EGL_NO_X11_HEADERS in the build, if we don't do this, EGL ends
up trying to include X11 headers even when they're not present in the
environment.
Commit: ca044c8a14e2b9a64b53922696ea0e9375ed748b
https://github.com/WebKit/WebKit/commit/ca044c8a14e2b9a64b53922696ea0e9375ed748b
Author: Brent Fulgham <bfulgham at webkit.org>
Date: 2019-05-17 (Fri, 17 May 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/WebProcess/WebPage/WebPage.cpp
Log Message:
-----------
Merge r245196 - Streamline test-and-clear operation for ContextMenu
https://bugs.webkit.org/show_bug.cgi?id=197795
<rdar://problem/50473746>
Reviewed by Wenson Hsieh.
Rather than performing a check when entering the function, doing work,
then clearing the member variable, perform the check and clear in
a single operation. Only perform the selection if the menu exists.
* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::didSelectItemFromActiveContextMenu):
Commit: fe1ef531983ba33db28af32eac3ba5943229e7b9
https://github.com/WebKit/WebKit/commit/fe1ef531983ba33db28af32eac3ba5943229e7b9
Author: Brent Fulgham <bfulgham at webkit.org>
Date: 2019-05-17 (Fri, 17 May 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/WebProcess/WebPage/WebFrame.cpp
Log Message:
-----------
Merge r245284 - Protect current WebFrame during form submission
https://bugs.webkit.org/show_bug.cgi?id=197459
<rdar://problem/50368618>
Reviewed by Alex Christensen.
The 'continueWillSubmitForm' method calls a completion handler that
might affect the state of the current frame. Ensure the frame is valid
for the scope of the function.
* WebProcess/WebPage/WebFrame.cpp:
(WebKit::WebFrame::continueWillSubmitForm):
Commit: ac52a25d047fca38240e31fb67a848ec4558e7b2
https://github.com/WebKit/WebKit/commit/ac52a25d047fca38240e31fb67a848ec4558e7b2
Author: Alan Bujtas <zalan at apple.com>
Date: 2019-05-17 (Fri, 17 May 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/http/tests/svg/crash-on-reload-with-filter-expected.txt
A LayoutTests/http/tests/svg/crash-on-reload-with-filter.html
A LayoutTests/http/tests/svg/resources/finishTest.html
M Source/WebCore/ChangeLog
M Source/WebCore/rendering/svg/RenderSVGResourceContainer.cpp
Log Message:
-----------
Merge r245300 - Do not try to issue repaint while the render tree is being destroyed.
https://bugs.webkit.org/show_bug.cgi?id=197461
<rdar://problem/50368992>
Reviewed by Simon Fraser.
Source/WebCore:
Test: http/tests/svg/crash-on-reload-with-filter.html
We don't need to compute repaint rects when the render tree is getting torn down. We'll issue a full repaint at some point.
Also during full render tree destruction the inline tree state is undefined. We should avoid accessing it.
* rendering/svg/RenderSVGResourceContainer.cpp:
(WebCore::RenderSVGResourceContainer::markAllClientLayersForInvalidation):
LayoutTests:
* http/tests/svg/crash-on-reload-with-filter-expected.txt: Added.
* http/tests/svg/crash-on-reload-with-filter.html: Added.
* http/tests/svg/resources/finishTest.html: Added.
Commit: f9cd0d54e02c4c9f0cec4841468c15e0dc7cb5f0
https://github.com/WebKit/WebKit/commit/f9cd0d54e02c4c9f0cec4841468c15e0dc7cb5f0
Author: Alan Bujtas <zalan at apple.com>
Date: 2019-05-17 (Fri, 17 May 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/fast/block/float/float-with-shape-outside-crash-expected.txt
A LayoutTests/fast/block/float/float-with-shape-outside-crash.html
M Source/WebCore/ChangeLog
M Source/WebCore/rendering/FloatingObjects.cpp
M Source/WebCore/rendering/shapes/ShapeOutsideInfo.cpp
Log Message:
-----------
Merge r245361 - Do not create a shape object outside of the layout context
https://bugs.webkit.org/show_bug.cgi?id=197926
<rdar://problem/50627858>
Reviewed by Simon Fraser.
Source/WebCore:
ShapeOutside objects are used to compute line constrains during layout (in a strict sense, they are part of the layout context and should only be mutated during layout).
If we don't create one during layout, we probably don't need to know its geometry during paint (or any other non-layout activity) either.
Test: fast/block/float/float-with-shape-outside-crash.html
* rendering/FloatingObjects.cpp:
(WebCore::ComputeFloatOffsetForLineLayoutAdapter<FloatingObject::FloatLeft>::updateOffsetIfNeeded):
(WebCore::ComputeFloatOffsetForLineLayoutAdapter<FloatingObject::FloatRight>::updateOffsetIfNeeded):
* rendering/shapes/ShapeOutsideInfo.cpp:
(WebCore::ShapeOutsideInfo::computeDeltasForContainingBlockLine):
LayoutTests:
* fast/block/float/float-with-shape-outside-crash-expected.txt: Added.
* fast/block/float/float-with-shape-outside-crash.html: Added.
Commit: eca9f9721e0ed693d83e1f09db51d6117f21ffb7
https://github.com/WebKit/WebKit/commit/eca9f9721e0ed693d83e1f09db51d6117f21ffb7
Author: Darin Adler <darin at apple.com>
Date: 2019-05-17 (Fri, 17 May 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/runtime/JSString.h
M Source/JavaScriptCore/runtime/StringPrototype.cpp
M Source/WTF/ChangeLog
M Source/WTF/wtf/URLHelpers.cpp
M Source/WTF/wtf/text/StringView.cpp
M Source/WTF/wtf/text/StringView.h
M Source/WebCore/ChangeLog
M Source/WebCore/editing/TextIterator.cpp
M Source/WebCore/platform/graphics/SurrogatePairAwareTextIterator.cpp
M Source/WebCore/platform/graphics/cairo/FontCairoHarfbuzzNG.cpp
M Source/WebCore/platform/graphics/freetype/SimpleFontDataFreeType.cpp
M Source/WebCore/platform/text/TextEncoding.cpp
Log Message:
-----------
Merge r243049 - Improve normalization code, including moving from unorm.h to unorm2.h
https://bugs.webkit.org/show_bug.cgi?id=195330
Reviewed by Michael Catanzaro.
Source/JavaScriptCore:
* runtime/JSString.h: Move StringViewWithUnderlyingString to StringView.h.
* runtime/StringPrototype.cpp: Include unorm2.h instead of unorm.h.
(JSC::normalizer): Added. Function to create normalizer object given
enumeration value indicating which is selected. Simplified because we
know the function will not fail and so we don't need error handling code.
(JSC::normalize): Changed this function to take a JSString* so we can
optimize the case where no normalization is needed. Added an early exit
if the string is stored as 8-bit and another if the string is already
normalized, using unorm2_isNormalized. Changed error handling to only
check cases that can actually fail in practice. Also did other small
optimizations like passing VM rather than ExecState.
(JSC::stringProtoFuncNormalize): Used smaller enumeration names that are
identical to the names used in the API and normalization parlance rather
than longer ones that expand the acronyms. Updated to pass JSString* to
the normalize function, so we can optimize 8-bit and already-normalized
cases, rather than callling the expensive String::upconvertedCharacters
function. Use throwVMRangeError.
Source/WebCore:
* editing/TextIterator.cpp: Include unorm2.h.
(WebCore::normalizeCharacters): Rewrote to use unorm2_normalize rather than
unorm_normalize, but left the logic otherwise the same.
* platform/graphics/SurrogatePairAwareTextIterator.cpp: Include unorm2.h.
(WebCore::SurrogatePairAwareTextIterator::normalizeVoicingMarks):
Use unorm2_composePair instead of unorm_normalize.
* platform/graphics/cairo/FontCairoHarfbuzzNG.cpp:
(characterSequenceIsEmoji): Changed to use existing SurrogatePairAwareTextIterator.
(FontCascade::fontForCombiningCharacterSequence): Use normalizedNFC instead of
calling unorm2_normalize directly.
* WebCore/platform/graphics/freetype/SimpleFontDataFreeType.cpp:
Removed unneeded include of <unicode/normlzr.h>.
* platform/text/TextEncoding.cpp:
(WebCore::TextEncoding::encode const): Use normalizedNFC instead of the
code that was here. The normalizedNFC function is better in multiple ways,
but primarily it handles 8-bit strings and other already-normalized
strings much more efficiently.
Source/WTF:
* wtf/URLHelpers.cpp: Removed unneeded include of unorm.h since the
normalization code is now in StringView.cpp.
(WTF::URLHelpers::escapeUnsafeCharacters): Renamed from
createStringWithEscapedUnsafeCharacters since it now only creates
a new string if one is needed. Use unsigned for string lengths, since
that's what WTF::String uses, not size_t. Added a first loop so that
we can return the string unmodified if no lookalike characters are
found. Removed unnecessary round trip from UTF-16 and then back in
the case where the character is not a lookalike.
(WTF::URLHelpers::toNormalizationFormC): Deleted. Moved this logic
into the WTF::normalizedNFC function in StringView.cpp.
(WTF::URLHelpers::userVisibleURL): Call escapeUnsafeCharacters and
normalizedNFC. The normalizedNFC function is better in multiple ways,
but primarily it handles 8-bit strings and other already-normalized
strings much more efficiently.
* wtf/text/StringView.cpp:
(WTF::normalizedNFC): Added. This has two overloads. One is for when
we already have a String, and want to re-use it if no normalization
is needed, and another is when we only have a StringView, and may need
to allocate a String to hold the result. Includes a fast special case
for 8-bit and already-normalized strings, and uses the same strategy
that JSC::normalize was already using: calls unorm2_normalize twice,
first just to determine the length.
* wtf/text/StringView.h: Added normalizedNFC, which can be called with
either a StringView or a String. Also moved StringViewWithUnderlyingString
here from JSString.h, here for use as the return value of normalizedNFC;
it is used for a similar purpose in the JavaScriptCore rope implementation.
Also removed an inaccurate comment.
Commit: 4bcf4cd744ad689ba8d0661d3fd7da8a44da3fbf
https://github.com/WebKit/WebKit/commit/4bcf4cd744ad689ba8d0661d3fd7da8a44da3fbf
Author: Diego Pino Garcia <dpino at igalia.com>
Date: 2019-05-17 (Fri, 17 May 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/runtime/StringPrototype.cpp
Log Message:
-----------
Merge r243052 - Fix WPE and GTK Debug builds after r243049
https://bugs.webkit.org/show_bug.cgi?id=195860
Unreviewed, build fix after r243049.
* runtime/StringPrototype.cpp:
(JSC::normalizationAffects8Bit):
Commit: 3c196ef15ab184ca225db5d8ca051269208e38a7
https://github.com/WebKit/WebKit/commit/3c196ef15ab184ca225db5d8ca051269208e38a7
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-05-17 (Fri, 17 May 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/Font.cpp
M Source/WebCore/platform/graphics/Font.h
M Source/WebCore/platform/graphics/cairo/FontCairoHarfbuzzNG.cpp
M Source/WebCore/platform/graphics/cocoa/FontCocoa.mm
M Source/WebCore/platform/graphics/freetype/SimpleFontDataFreeType.cpp
M Source/WebCore/platform/graphics/harfbuzz/ComplexTextControllerHarfBuzz.cpp
Log Message:
-----------
Merge r245393 - [FreeType] Some character sequences with a variation selector are not rendered
https://bugs.webkit.org/show_bug.cgi?id=197838
Reviewed by Michael Catanzaro.
We get the invalid glyph instead. See http://mts.io/2015/04/21/unicode-symbol-render-text-emoji/. In the table at
the end the Emoji and Text columns are not correctly rendered. It happens also when copying an emoji from
GtkEmojiChooser and pasting in WebKit text field, because GTK appends U+FE0F to all emojis to force the emoji
style. We need to take into account the variation selector when checking if a font can render a combining
sequence, using FT_Face_GetCharVariantIndex to get the right glyph in case of variation character present.
* platform/graphics/Font.cpp:
(WebCore::Font::platformSupportsCodePoint const): Add optional variation parameter.
(WebCore::Font::canRenderCombiningCharacterSequence const): Take into account variation selector characters
* platform/graphics/Font.h:
* platform/graphics/cairo/FontCairoHarfbuzzNG.cpp:
(WebCore::FontCascade::fontForCombiningCharacterSequence const): Check variation selectors 0xFE0E and 0xFE0F to
decide whether to use the emoji or text style.
* platform/graphics/cocoa/FontCocoa.mm:
(WebCore::Font::platformSupportsCodePoint const): Return false when a variation character is passed so that
characters are checked individually.
* platform/graphics/freetype/SimpleFontDataFreeType.cpp:
(WebCore::Font::platformSupportsCodePoint const): Use FT_Face_GetCharVariantIndex when a variation character is
passed.
* platform/graphics/harfbuzz/ComplexTextControllerHarfBuzz.cpp:
(WebCore::harfBuzzFontFunctions): Do not return true when FT_Face_GetCharVariantIndex returns 0.
Commit: 136965ac4e0dee372a45f260ad5e62c1d692caf0
https://github.com/WebKit/WebKit/commit/136965ac4e0dee372a45f260ad5e62c1d692caf0
Author: Carlos Garcia Campos <carlosgc at webkit.org>
Date: 2019-05-17 (Fri, 17 May 2019)
Changed paths:
M ChangeLog
M Source/WebKit/ChangeLog
M Source/WebKit/gtk/NEWS
M Source/cmake/OptionsGTK.cmake
Log Message:
-----------
Unreviewed. Update OptionsGTK.cmake and NEWS for 2.24.2 release
.:
* Source/cmake/OptionsGTK.cmake: Bump version numbers.
Source/WebKit:
* gtk/NEWS: Add release notes for 2.24.2.
Commit: 677588e2f81ddaa88156d43f7d427156fea6f6bc
https://github.com/WebKit/WebKit/commit/677588e2f81ddaa88156d43f7d427156fea6f6bc
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-05-20 (Mon, 20 May 2019)
Changed paths:
M Tools/ChangeLog
M Tools/gtkdoc/gtkdoc.py
Log Message:
-----------
Merged r243062 - [GTK][WPE] Cryptic error from Tools/gtkdoc/generate-gtkdoc
https://bugs.webkit.org/show_bug.cgi?id=195883
Reviewed by Carlos Garcia Campos.
* gtkdoc/gtkdoc.py:
(GTKDoc._run_command): When commands fail to run, include the full command line for
the program invocation and the output it has generated on the standard error stream.
Commit: 89e4fadf3efcd0bdc5ba8a63369a24e8da1539b4
https://github.com/WebKit/WebKit/commit/89e4fadf3efcd0bdc5ba8a63369a24e8da1539b4
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-05-20 (Mon, 20 May 2019)
Changed paths:
M ChangeLog
M Source/WebKit/ChangeLog
M Source/WebKit/wpe/NEWS
M Source/cmake/OptionsWPE.cmake
Log Message:
-----------
Unreviewed. Update OptionsWPE.cmake and NEWS for the 2.24.2 release
build-wpe-releng/..:
* Source/cmake/OptionsWPE.cmake: Bump version numbers.
build-wpe-releng/../Source/WebKit:
* wpe/NEWS: Add release notes for 2.24.2.
Commit: 86f234f23d690bc3f9b99e044eda026003bc568f
https://github.com/WebKit/WebKit/commit/86f234f23d690bc3f9b99e044eda026003bc568f
Author: Pablo Saavedra <psaavedra at igalia.com>
Date: 2019-05-20 (Mon, 20 May 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp
Log Message:
-----------
Merged r243690 - Build failure after r243644 in GTK Linux 64-bit stable builds
https://bugs.webkit.org/show_bug.cgi?id=196440
Patch by Pablo Saavedra <psaavedra at igalia.com> on 2019-04-01
Reviewed by Philippe Normand.
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
(WebCore::MediaPlayerPrivateGStreamerBase::updateTextureMapperFlags):
Commit: a2687771be3b279581b3898da6993ae3ba6f0317
https://github.com/WebKit/WebKit/commit/a2687771be3b279581b3898da6993ae3ba6f0317
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-06-10 (Mon, 10 Jun 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/glib/WebProcessPoolGLib.cpp
M Source/WebKit/WebProcess/glib/WebProcessGLib.cpp
Log Message:
-----------
Merged r245676 - [WPE] Build fails with ENABLE_VIDEO=OFF and ENABLE_WEB_AUDIO=OFF
https://bugs.webkit.org/show_bug.cgi?id=198125
Reviewed by Philippe Normand.
* UIProcess/glib/WebProcessPoolGLib.cpp: Guard the inclusion of GStreamerCommon.h with USE(GSTREAMER).
* WebProcess/glib/WebProcessGLib.cpp: Ditto.
Commit: 0754373c0497bbb3b818b487d01185214a2bec49
https://github.com/WebKit/WebKit/commit/0754373c0497bbb3b818b487d01185214a2bec49
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-06-10 (Mon, 10 Jun 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/assembler/PerfLog.cpp
M Source/JavaScriptCore/wasm/WasmBinding.cpp
M Source/WebCore/ChangeLog
M Source/WebCore/editing/markup.h
M Source/WebCore/platform/text/TextCodec.cpp
Log Message:
-----------
Merged r245681 - Fix a few missing header inclusions often masked by by unified sources
https://bugs.webkit.org/show_bug.cgi?id=198180
Reviewed by Eric Carlson.
Source/JavaScriptCore:
* assembler/PerfLog.cpp: Add missing <array> header inclusion.
* wasm/WasmBinding.cpp: Add missing "WasmCallingConvention.h" inclusion.
Source/WebCore:
* editing/markup.h: Add missing "FloatSize.h" inclusion.
* html/FeaturePolicy.cpp: Add missing "HTMLParserIdioms.h" inclusion.
* platform/text/TextCodec.cpp: Add missing <cstdio> inclusion.
Commit: edf61f670c082472aa2cd47072e6de1b8b29dcb7
https://github.com/WebKit/WebKit/commit/edf61f670c082472aa2cd47072e6de1b8b29dcb7
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-06-10 (Mon, 10 Jun 2019)
Changed paths:
M Source/JavaScriptCore/API/glib/JSCCallbackFunction.cpp
M Source/JavaScriptCore/API/glib/JSCClass.cpp
M Source/JavaScriptCore/API/glib/JSCClassPrivate.h
M Source/JavaScriptCore/API/glib/JSCContext.cpp
M Source/JavaScriptCore/API/glib/JSCValue.cpp
M Source/JavaScriptCore/ChangeLog
M Tools/ChangeLog
M Tools/TestWebKitAPI/Tests/WebKitGLib/TestWebExtensions.cpp
M Tools/TestWebKitAPI/Tests/WebKitGLib/WebExtensionTest.cpp
Log Message:
-----------
Merged r245514 - [GLIB] Crash when instantiating a js object registered with jsc_context_register_class on window object cleared
https://bugs.webkit.org/show_bug.cgi?id=198037
Reviewed by Michael Catanzaro.
Source/JavaScriptCore:
This happens because JSCClass is keeping a pointer to the JSCContext used when the class is registered, and the
context can be destroyed before the class. We can't a reference to the context, because we don't really want to
keep it alive. The life of the JSCClass is not attached to the JSCContext, but to its wrapped global context, so
we can keep a pointer to the JSGlobalContextRef instead and create a new JSCContext wrapping it when
needed. This patch is also making the context property of JSCClass non-readable, which was always the intention,
that's why there isn't a public getter in the API.
* API/glib/JSCCallbackFunction.cpp:
(JSC::JSCCallbackFunction::construct): Pass the context to jscClassGetOrCreateJSWrapper().
* API/glib/JSCClass.cpp:
(jscClassGetProperty): Remove the getter for context property.
(jscClassSetProperty): Get the JSGlobalContextRef from the given JSCContext.
(jsc_class_class_init): Make context writable only.
(jscClassCreate): Use the passed in context instead of the member.
(jscClassGetOrCreateJSWrapper): It receives now the context as parameter.
(jscClassCreateContextWithJSWrapper): Ditto.
(jscClassCreateConstructor): Get or create a JSCContext for our JSGlobalContextRef.
(jscClassAddMethod): Ditto.
(jsc_class_add_property): Ditto.
* API/glib/JSCClassPrivate.h:
* API/glib/JSCContext.cpp:
(jsc_context_evaluate_in_object): Pass the context to jscClassCreateContextWithJSWrapper().
* API/glib/JSCValue.cpp:
(jsc_value_new_object): Pass the context to jscClassGetOrCreateJSWrapper().
Tools:
Add a test case to check the crash is fixed.
* TestWebKitAPI/Tests/WebKitGLib/TestWebExtensions.cpp:
(testWebExtensionWindowObjectCleared):
* TestWebKitAPI/Tests/WebKitGLib/WebExtensionTest.cpp:
(windowObjectCleared):
Commit: 903a02b41226aff0db505bc90ca5c10b71ef37c1
https://github.com/WebKit/WebKit/commit/903a02b41226aff0db505bc90ca5c10b71ef37c1
Author: Yacine Bandou <yacine.bandou at softathome.com>
Date: 2019-06-10 (Mon, 10 Jun 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/media/media-source/media-source-canplaythrough-event-expected.txt
A LayoutTests/media/media-source/media-source-canplaythrough-event.html
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp
Log Message:
-----------
Merged r245848 - [MSE][GStreamer] update the readyState correctly in MediaPlayerPrivateGStreamerMSE
https://bugs.webkit.org/show_bug.cgi?id=197834
Patch by Yacine Bandou <yacine.bandou at softathome.com> on 2019-05-28
Reviewed by Xabier Rodriguez-Calvar.
Source/WebCore:
The buffering state and the m_downloadFinished boolean aren't supported in the MSE case.
When the readyState is already "HaveEnoughData", we don't want to revert it to "HaveFutureData",
or else the MediaPlayer would send a "canplay" event instead of a "canplaythrough".
Test: media/media-source/media-source-canplaythrough-event.html
* platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp:
(WebCore::MediaPlayerPrivateGStreamerMSE::updateStates):
LayoutTests:
Add a new test that checks if the MediaElement receives the "canplaythrough"
event when the media content is entirely injected to MSE sourceBuffer.
* media/media-source/media-source-canplaythrough-event-expected.txt: Added.
* media/media-source/media-source-canplaythrough-event.html: Added.
Commit: 51fc47a55b3ea40acd01e69984ccbe960386bcdc
https://github.com/WebKit/WebKit/commit/51fc47a55b3ea40acd01e69984ccbe960386bcdc
Author: Michael Catanzaro <mcatanzaro at gnome.org>
Date: 2019-07-01 (Mon, 01 Jul 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/assembler/ARM64Assembler.h
Log Message:
-----------
Merge r246151 - aarch64: ‘JSC::ARM64Assembler::LinkRecord::<unnamed union>::RealTypes::m_compareRegister’ is too small to hold all values of ‘JSC::ARM64Assembler::RegisterID’ {aka ‘enum JSC::ARM64Registers::RegisterID’}
https://bugs.webkit.org/show_bug.cgi?id=198014
Reviewed by Yusuke Suzuki.
When building for aarch64, there is a huge warning spam here. It's impossible to see any
other warnings. This has been ongoing for so long I've begun to suspect that nobody works
on this architecture.
Anyway, the problem is because we need eight bits to store all possible RegisterID values,
but the bitfield is only six bits wide. Fix it. The COMPILE_ASSERT checking the size of this
struct is still happy, so I presume the change is OK.
* assembler/ARM64Assembler.h:
Commit: 16cb51832085242e05699465eed91bc6c14d2d50
https://github.com/WebKit/WebKit/commit/16cb51832085242e05699465eed91bc6c14d2d50
Author: Michael Catanzaro <mcatanzaro at gnome.org>
Date: 2019-07-01 (Mon, 01 Jul 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/API/glib/WebKitSettings.cpp
M Source/WebKit/UIProcess/API/glib/WebKitWebContext.cpp
M Source/WebKit/UIProcess/API/glib/WebKitWebsiteDataManager.cpp
M Source/WebKit/UIProcess/API/gtk/WebKitWebsiteData.h
M Source/WebKit/UIProcess/API/gtk/WebKitWebsiteDataManager.h
M Source/WebKit/UIProcess/API/wpe/WebKitWebsiteData.h
M Source/WebKit/UIProcess/API/wpe/WebKitWebsiteDataManager.h
M Tools/ChangeLog
M Tools/MiniBrowser/gtk/main.c
M Tools/TestWebKitAPI/Tests/WebKitGLib/TestWebsiteData.cpp
Log Message:
-----------
Merge r246353 - [WPE][GTK] Deprecate WebSQL APIs
https://bugs.webkit.org/show_bug.cgi?id=195011
Reviewed by Carlos Garcia Campos.
Source/WebKit:
* UIProcess/API/glib/WebKitSettings.cpp:
(webkit_settings_class_init):
* UIProcess/API/glib/WebKitWebContext.cpp:
(webkitWebContextConstructed):
* UIProcess/API/glib/WebKitWebsiteDataManager.cpp:
(webkitWebsiteDataManagerGetProperty):
(webkit_website_data_manager_class_init):
* UIProcess/API/gtk/WebKitWebsiteData.h:
* UIProcess/API/gtk/WebKitWebsiteDataManager.h:
* UIProcess/API/wpe/WebKitWebsiteData.h:
* UIProcess/API/wpe/WebKitWebsiteDataManager.h:
Tools:
* MiniBrowser/gtk/main.c:
(gotWebsiteDataCallback):
* TestWebKitAPI/Tests/WebKitGLib/TestWebsiteData.cpp:
(testWebsiteDataConfiguration):
(testWebsiteDataEphemeral):
(testWebsiteDataDatabases):
Commit: 9e306f457049372d8a7a83a6b8b6ad844b555cac
https://github.com/WebKit/WebKit/commit/9e306f457049372d8a7a83a6b8b6ad844b555cac
Author: Philippe Normand <pnormand at igalia.com>
Date: 2019-07-01 (Mon, 01 Jul 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp
Log Message:
-----------
Merge r246399 - [GStreamer] HLS stream slow start
https://bugs.webkit.org/show_bug.cgi?id=198377
Reviewed by Xabier Rodriguez-Calvar.
* platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
(webKitWebSrcCreate): Cut down the adapter condition to 200 ms to
improve start-up times for HLS playback.
Commit: f8fc049207905bfcd3ec7c320cc02af51f6080e4
https://github.com/WebKit/WebKit/commit/f8fc049207905bfcd3ec7c320cc02af51f6080e4
Author: Mike Gorse <mgorse at suse.com>
Date: 2019-07-01 (Mon, 01 Jul 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h
Log Message:
-----------
Merge r246710 - webkitgtk 2.24.2 fails to build w/gstreamer 1.12.5
https://bugs.webkit.org/show_bug.cgi?id=198080
Patch by Mike Gorse <mgorse at suse.com> on 2019-06-22
Reviewed by Philippe Normand.
No new tests (build fix only).
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:
Move includes of gst/gl/gl.h and epoxy/gl.h into
MediaPlayerPrivateGStreamerBase.h.
Commit: 23844b075e6d5eb91b3102398e5e7b41088b0e55
https://github.com/WebKit/WebKit/commit/23844b075e6d5eb91b3102398e5e7b41088b0e55
Author: Charlie Turner <cturner at igalia.com>
Date: 2019-07-01 (Mon, 01 Jul 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp
Log Message:
-----------
Merge r246730 - [GStreamer] Volume level sometimes changes inappropriately
https://bugs.webkit.org/show_bug.cgi?id=197358
Reviewed by Xabier Rodriguez-Calvar.
Be consistent with our application of volume scaling. We were
setting volumes using cubic interpolation in setVolume() and using
the inverse in volume(); however setting initial volumes was done
linearly in setStreamVolumeElement, which was causing strange
jumps in the volume level at non-deterministic times. The fix
looks to be that we should use linear interpolation consistently,
since PulseAudio already applies cubic scaling to software
volumes.
Covered by existing tests.
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
(WebCore::MediaPlayerPrivateGStreamer::paused const): Bump the
logging here to LOG level, it's very spammy at DEBUG.
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
(WebCore::MediaPlayerPrivateGStreamerBase::setVolume): Switch to
linear interpolation.
(WebCore::MediaPlayerPrivateGStreamerBase::volume const): Ditto.
(WebCore::MediaPlayerPrivateGStreamerBase::notifyPlayerOfVolumeChange):
Ditto.
(WebCore::MediaPlayerPrivateGStreamerBase::setStreamVolumeElement):
Ditto, and be consistent here with the API, do not set the raw
volume managed by MediaElement.
Commit: a219959b70d5eeef93c4353c69a5b9b22e3dbe98
https://github.com/WebKit/WebKit/commit/a219959b70d5eeef93c4353c69a5b9b22e3dbe98
Author: Charlie Turner <cturner at igalia.com>
Date: 2019-07-01 (Mon, 01 Jul 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp
Log Message:
-----------
Merge r246731 - [GStreamer][MSE] Pausing video sometimes causes skip to finish
https://bugs.webkit.org/show_bug.cgi?id=197355
Reviewed by Philippe Normand.
Covered by existing tests.
* platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp:
(WebCore::MediaPlayerPrivateGStreamerMSE::currentMediaTime const):
Assuming that when m_eosPending is on and we're paused() that the
network resource is fully loaded and the end is reached is clearly
wrong. Whether this is now correct is unclear...
Commit: 9606e2320ab439b91ff618071e4f44695cfd0217
https://github.com/WebKit/WebKit/commit/9606e2320ab439b91ff618071e4f44695cfd0217
Author: Andres Gonzalez <andresg_22 at apple.com>
Date: 2019-07-01 (Mon, 01 Jul 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/accessibility/ios-simulator/set-selected-text-range-after-newline-expected.txt
A LayoutTests/accessibility/ios-simulator/set-selected-text-range-after-newline.html
M LayoutTests/accessibility/ios-simulator/text-marker-list-item-expected.txt
A LayoutTests/accessibility/set-selected-text-range-after-newline-expected.txt
A LayoutTests/accessibility/set-selected-text-range-after-newline.html
M LayoutTests/platform/win/TestExpectations
M Source/WebCore/ChangeLog
M Source/WebCore/accessibility/AccessibilityRenderObject.cpp
M Source/WebCore/accessibility/ios/WebAccessibilityObjectWrapperIOS.mm
M Source/WebCore/accessibility/mac/WebAccessibilityObjectWrapperMac.mm
M Source/WebCore/editing/Editing.cpp
M Source/WebCore/editing/markup.cpp
M Tools/ChangeLog
Log Message:
-----------
Merge r245912 - Inserting a newline in contenteditable causes two characters to be added instead of one
https://bugs.webkit.org/show_bug.cgi?id=197894
<rdar://problem/49700998>
Patch by Andres Gonzalez <andresg_22 at apple.com> on 2019-05-30
Reviewed by Wenson Hsieh and Chris Fleizach.
Source/WebCore:
There were two issues with inserting a newline character at the end of
a line that caused problems for accessibility:
- the first '\n' inserted after text would result in two line breaks
inserted instead of one. createFragmentFromText in markup.cpp was
splitting the string "\n" into two empty strings and creating a <div>
and a <br> respectively. Then the emission code would emit a '\n' for
the empty div and another for the <br>.
- the second problem is a consequence of <rdar://problem/5192593> and
the workaround is the change in editing.cpp in the function
visiblePositionForIndexUsingCharacterIterator, similar to what is done
in VisibleUnits.cpp for nextBoundary.
The rest of the changes in this patch are accessibility changes to
execute the layout tests.
Tests: accessibility/ios-simulator/set-selected-text-range-after-newline.html
accessibility/set-selected-text-range-after-newline.html
* accessibility/AccessibilityRenderObject.cpp:
(WebCore::AccessibilityRenderObject::setSelectedTextRange):
* accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
(-[WebAccessibilityObjectWrapper stringForRange:]):
(-[WebAccessibilityObjectWrapper _accessibilitySelectedTextRange]):
(-[WebAccessibilityObjectWrapper accessibilityReplaceRange:withText:]):
* accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
(-[WebAccessibilityObjectWrapper accessibilityAttributeValue:]):
* editing/Editing.cpp:
(WebCore::visiblePositionForIndexUsingCharacterIterator):
* editing/markup.cpp:
(WebCore::createFragmentFromText):
Tools:
iOS implementation of several AccessibilityUIElement methods to execute
LayoutTests.
* WebKitTestRunner/InjectedBundle/ios/AccessibilityUIElementIOS.mm:
(WTR::AccessibilityUIElement::selectedTextRange):
(WTR::AccessibilityUIElement::setSelectedTextRange):
(WTR::AccessibilityUIElement::replaceTextInRange):
LayoutTests:
* accessibility/ios-simulator/set-selected-text-range-after-newline-expected.txt: Added.
* accessibility/ios-simulator/set-selected-text-range-after-newline.html: Added.
* accessibility/ios-simulator/text-marker-list-item-expected.txt:
* accessibility/set-selected-text-range-after-newline-expected.txt: Added.
* accessibility/set-selected-text-range-after-newline.html: Added.
* platform/win/TestExpectations:
Commit: 8b11f8f22e1ff5564c376d3f5194606a425418de
https://github.com/WebKit/WebKit/commit/8b11f8f22e1ff5564c376d3f5194606a425418de
Author: Ryosuke Niwa <rniwa at webkit.org>
Date: 2019-07-01 (Mon, 01 Jul 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/editing/Editing.cpp
Log Message:
-----------
Merge r246653 - REGRESSION(r245912): Crash in TextIterator::range via visiblePositionForIndexUsingCharacterIterator
https://bugs.webkit.org/show_bug.cgi?id=199061
Reviewed by Wenson Hsieh.
Avoid calling CharacterIterator::range when it's at the end. Otherwise, we'd crash with null pointer dereferencing.
Unfortunately no new tests since we don't have any reproducible test case.
* editing/Editing.cpp:
(WebCore::visiblePositionForIndexUsingCharacterIterator):
Commit: f8891d3b114859c3b61d2556b242dd80a17e6f74
https://github.com/WebKit/WebKit/commit/f8891d3b114859c3b61d2556b242dd80a17e6f74
Author: Žan Doberšek <zdobersek at igalia.com>
Date: 2019-07-01 (Mon, 01 Jul 2019)
Changed paths:
M Source/bmalloc/ChangeLog
M Source/bmalloc/bmalloc/AvailableMemory.cpp
M Source/bmalloc/bmalloc/AvailableMemory.h
M Source/bmalloc/bmalloc/bmalloc.h
Log Message:
-----------
Merge r244244 - [bmalloc][Linux] Add support for memory status calculation
https://bugs.webkit.org/show_bug.cgi?id=195938
Reviewed by Carlos Garcia Campos.
Memory status and under-memory-pressure capabilities in bmalloc can be
implemented on Linux by reading and parsing the statm file under the
proc filesystem.
We retrieve the resident set size from the statm file and multiply it
with the page size. This gives an upper-bound estimate of the memory
that's being consumed by the process.
The statm-based estimate seems preferable to other alternatives. One
such alternative would be reading and parsing more-detailed smaps file,
also exposed under the proc filesystem. This is at the moment being done
in WTF's MemoryFootprint implementation for Linux systems, but on Linux
ports this operation is being throttled to only execute once per second
because of the big computing expense required to read and parse out the
data. A future MemoryFootprint implementation could simply retrieve the
memory footprint value from bmalloc.
Another alternative is the Linux taskstats interface. This one would
require utilizing a netlink socket to retrieve the necessary statistics,
but it requires the process to have elevated privileges, which is a
blocker.
* bmalloc/AvailableMemory.cpp:
(bmalloc::LinuxMemory::singleton):
(bmalloc::LinuxMemory::footprint const):
(bmalloc::computeAvailableMemory):
(bmalloc::memoryStatus):
* bmalloc/AvailableMemory.h:
(bmalloc::isUnderMemoryPressure):
* bmalloc/bmalloc.h:
Commit: 72530a38116b217190dac1f5bf28bd0751a364fe
https://github.com/WebKit/WebKit/commit/72530a38116b217190dac1f5bf28bd0751a364fe
Author: Yoshiaki Jitsukawa <yoshiaki.jitsukawa at sony.com>
Date: 2019-07-01 (Mon, 01 Jul 2019)
Changed paths:
M Source/bmalloc/ChangeLog
M Source/bmalloc/bmalloc/AvailableMemory.cpp
Log Message:
-----------
Merge r244316 - Unreviewed. Build fix after r244244.
* Source/bmalloc/bmalloc/AvailableMemory.cpp
Commit: 96045689f3693d6ae256b6a382898e2bb12c5153
https://github.com/WebKit/WebKit/commit/96045689f3693d6ae256b6a382898e2bb12c5153
Author: Carlos Garcia Campos <carlosgc at webkit.org>
Date: 2019-07-01 (Mon, 01 Jul 2019)
Changed paths:
M Source/WTF/ChangeLog
M Source/WTF/wtf/PlatformWPE.cmake
M Source/WTF/wtf/generic/MemoryFootprintGeneric.cpp
Log Message:
-----------
[WTF] Generic memoryFootprint() implementation should use bmalloc on Linux
https://bugs.webkit.org/show_bug.cgi?id=196963
Reviewed by Don Olmstead.
Have the generic memoryFootprint() implementation use bmalloc's
memoryFootprint() API on Linux, whenever the system malloc option is
not enabled. Limitation to Linux platforms is due to the bmalloc
implementation being limited to those configurations (excluding iOS
which doesn't use MemoryFootprintGeneric.cpp).
* wtf/PlatformWPE.cmake: Switch to building MemoryFootprintGeneric.cpp.
* wtf/generic/MemoryFootprintGeneric.cpp:
(WTF::memoryFootprint):
Commit: 9589f9178a43c4b06e2c3ded89a8238b6571f7f1
https://github.com/WebKit/WebKit/commit/9589f9178a43c4b06e2c3ded89a8238b6571f7f1
Author: Žan Doberšek <zdobersek at igalia.com>
Date: 2019-07-01 (Mon, 01 Jul 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/image-decoders/ScalableImageDecoder.cpp
Log Message:
-----------
Merge r244372 - ScalableImageDecoder: don't forcefully decode image data when querying frame completeness, duration
https://bugs.webkit.org/show_bug.cgi?id=191354
<rdar://problem/46123406>
Reviewed by Michael Catanzaro.
ScalableImageDecoder::frameIsCompleteAtIndex() should only check the
index validity and, if the index is valid, check for completeness of the
corresponding frame. ScalableImageDecoder::frameDurationAtIndex() should
also only retrieve duration for already-complete frames, or expand the
default 0-second value according to the flashing-protection rule when
the target frame is not yet complete.
Both methods avoid calling ScalableImageDecoder::frameBufferAtIndex()
as that method goes on and decodes image data to determine specific
information. The ImageSource class that's querying this information
doesn't anticipate this, and doesn't handle the increased memory
consumption of the decoded data, leaving MemoryCache in the blind about
the image resource's actual amount of consumed memory. ImageSource can
instead gracefully handle any incomplete frame by marking the decoding
status for this frame as only partial.
* platform/image-decoders/ScalableImageDecoder.cpp:
(WebCore::ScalableImageDecoder::frameIsCompleteAtIndex const):
(WebCore::ScalableImageDecoder::frameHasAlphaAtIndex const):
(WebCore::ScalableImageDecoder::frameDurationAtIndex const):
Commit: ef6bab6d6853f8124c08bce1d60b789e7225a8cd
https://github.com/WebKit/WebKit/commit/ef6bab6d6853f8124c08bce1d60b789e7225a8cd
Author: Žan Doberšek <zdobersek at igalia.com>
Date: 2019-07-01 (Mon, 01 Jul 2019)
Changed paths:
M LayoutTests/ChangeLog
M LayoutTests/platform/wpe/TestExpectations
M LayoutTests/platform/wpe/webgl/2.0.0/conformance/extensions/oes-vertex-array-object-expected.txt
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/opengl/Extensions3DOpenGLES.cpp
Log Message:
-----------
Merge r246536 - [WebGL] Extensions3DOpenGLES::bindVertexArrayOES() should allow zero array object
https://bugs.webkit.org/show_bug.cgi?id=198929
Reviewed by Carlos Garcia Campos.
Source/WebCore:
A 0 object parameter for the glBindVertexArrayOES() call is a valid
value since it binds the default vertex array object for any updates and
draws. As such the Extensions3DOpenGLES implementation shouldn't return
early if the object value is 0.
No new tests -- covered by existing tests.
* platform/graphics/opengl/Extensions3DOpenGLES.cpp:
(WebCore::Extensions3DOpenGLES::bindVertexArrayOES):
LayoutTests:
Enable the passing tests and update one baseline.
* platform/wpe/TestExpectations:
* platform/wpe/webgl/2.0.0/conformance/extensions/oes-vertex-array-object-expected.txt:
Commit: bd0303012c93d49c64ace258eb835d844e71a247
https://github.com/WebKit/WebKit/commit/bd0303012c93d49c64ace258eb835d844e71a247
Author: Fujii Hironori <Hironori.Fujii at sony.com>
Date: 2019-07-01 (Mon, 01 Jul 2019)
Changed paths:
M LayoutTests/ChangeLog
M LayoutTests/platform/gtk/TestExpectations
M LayoutTests/platform/wpe/TestExpectations
A LayoutTests/svg/clip-path/clip-opacity-expected.html
A LayoutTests/svg/clip-path/clip-opacity.html
A LayoutTests/svg/clip-path/svg-in-html-expected.html
A LayoutTests/svg/clip-path/svg-in-html.html
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/cairo/PlatformContextCairo.cpp
Log Message:
-----------
Merge r246309 - [cairo][SVG] Putting multiple path elements in clippath causes rendering artifacts
https://bugs.webkit.org/show_bug.cgi?id=198701
Source/WebCore:
PlatformContextCairo::pushImageMask blits wrong position of the
surface to the background of masking objects. And, I don't know
the reason why this blitting is needed. Removed the blitting.
Reviewed by Carlos Garcia Campos.
Tests: svg/clip-path/clip-opacity.html
svg/clip-path/svg-in-html.html
* platform/graphics/cairo/PlatformContextCairo.cpp:
(WebCore::PlatformContextCairo::pushImageMask): Don't blit the
surface to the background.
LayoutTests:
Reviewed by Carlos Garcia Campos.
* platform/gtk/TestExpectations:
* platform/wpe/TestExpectations:
Unskipped svg/gradients/spreadMethodDiagonal3.svg and svg/gradients/spreadMethodDiagonal4.svg.
* svg/clip-path/clip-opacity-expected.html: Added.
* svg/clip-path/clip-opacity.html: Added.
* svg/clip-path/svg-in-html-expected.html: Added.
* svg/clip-path/svg-in-html.html: Added.
Commit: ae4f2de50b81c1812034085ca665a64af6da004a
https://github.com/WebKit/WebKit/commit/ae4f2de50b81c1812034085ca665a64af6da004a
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-07-01 (Mon, 01 Jul 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/svg/clip-path/clip-hidpi-expected.svg
A LayoutTests/svg/clip-path/clip-hidpi.svg
A LayoutTests/svg/clip-path/clip-opacity-translate-expected.svg
A LayoutTests/svg/clip-path/clip-opacity-translate.svg
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/cairo/PlatformContextCairo.cpp
Log Message:
-----------
Merge r246350 - [cairo][SVG] Putting multiple path elements in clippath causes rendering artifacts
https://bugs.webkit.org/show_bug.cgi?id=198701
<rdar://problem/51620347>
Reviewed by Don Olmstead.
Source/WebCore:
We need to save the current transformation matrix at the moment the image mask is set and set it again on
restore right before applying the mask. This patch also creates a pattern for the image mask surface and set its
transformation matrix according to the mask position, so that we don't need to save the mask rectangle too.
Tests: svg/clip-path/clip-hidpi-expected.svg
svg/clip-path/clip-hidpi.svg
svg/clip-path/clip-opacity-translate-expected.svg
svg/clip-path/clip-opacity-translate.svg
* platform/graphics/cairo/PlatformContextCairo.cpp:
(WebCore::PlatformContextCairo::restore):
(WebCore::PlatformContextCairo::pushImageMask):
LayoutTests:
* svg/clip-path/clip-hidpi-expected.svg: Added.
* svg/clip-path/clip-hidpi.svg: Added.
* svg/clip-path/clip-opacity-translate-expected.svg: Added.
* svg/clip-path/clip-opacity-translate.svg: Added.
Commit: b426cf7e51cc15339cbe21d529a564d46f8db80d
https://github.com/WebKit/WebKit/commit/b426cf7e51cc15339cbe21d529a564d46f8db80d
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-07-01 (Mon, 01 Jul 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/cairo/CairoOperations.cpp
Log Message:
-----------
Merge r246431 - [cairo] Entering text into forms on github.com creates a trapezoid artifact
https://bugs.webkit.org/show_bug.cgi?id=126124
Reviewed by Michael Catanzaro.
Mixing antialiasing modes in the same clip is not actually supported by cairo. In the case of rectangle clips we
are already ignoring the current antialiasing to not do any antialiasing. We could do the opposite for clips
receiving a path, we want to enforce antialiasing in that case since the paths might contain curves. Doing that
we ensure all calls to clip with a path use the same antialiasing, which is the case of the github bug.
* platform/graphics/cairo/CairoOperations.cpp:
(WebCore::Cairo::doClipWithAntialias): Helper to call cairo_clip() with the given antialising mode.
(WebCore::Cairo::clip): Use doClipWithAntialias().
(WebCore::Cairo::clipOut): Ditto.
(WebCore::Cairo::clipPath): Ditto.
Commit: bb72269c9b83403a6bfce8d212bb2e993820dc4c
https://github.com/WebKit/WebKit/commit/bb72269c9b83403a6bfce8d212bb2e993820dc4c
Author: Charlie Turner <cturner at igalia.com>
Date: 2019-07-01 (Mon, 01 Jul 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/WebProcess/gtk/WebProcessMainGtk.cpp
Log Message:
-----------
Merge r246638 - [GTK] Make startup pause available in DEVELOPER_MODE rather than DEBUG.
https://bugs.webkit.org/show_bug.cgi?id=199069
Reviewed by Michael Catanzaro.
* WebProcess/gtk/WebProcessMainGtk.cpp: Allow developers to pause
the web process in DEVELOPER_MODE rather than only DEBUG, matching
the WPE behaviour and also the purpose of DEVELOPER_MODE.
Commit: 3bf22576462ee2f7125ab828e0ac1409b6000953
https://github.com/WebKit/WebKit/commit/3bf22576462ee2f7125ab828e0ac1409b6000953
Author: Alexander Mikhaylenko <alexm at gnome.org>
Date: 2019-07-01 (Mon, 01 Jul 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/API/gtk/PageClientImpl.cpp
M Source/WebKit/UIProcess/API/gtk/PageClientImpl.h
M Source/WebKit/UIProcess/gtk/ViewGestureControllerGtk.cpp
Log Message:
-----------
Merge r246635 - [GTK] The Previous/Next gesture should handle RTL
https://bugs.webkit.org/show_bug.cgi?id=198707
Patch by Alexander Mikhaylenko <exalm7659 at gmail.com> on 2019-06-20
Reviewed by Michael Catanzaro.
The gesture uses PageClientImpl::userInterfaceLayoutDirection() to determine the text
direction. Implement that method, then adjust drawing so that the pages move from/to
the left instead of right side for RTL locales.
* UIProcess/API/gtk/PageClientImpl.cpp:
(WebKit::): Implemented.
* UIProcess/API/gtk/PageClientImpl.h:
* UIProcess/gtk/ViewGestureControllerGtk.cpp:
(WebKit::ViewGestureController::draw):
Commit: b67288e7766dff6510b7f2610562bf5d7033762d
https://github.com/WebKit/WebKit/commit/b67288e7766dff6510b7f2610562bf5d7033762d
Author: Yacine Bandou <yacine.bandou at softathome.com>
Date: 2019-07-01 (Mon, 01 Jul 2019)
Changed paths:
M LayoutTests/ChangeLog
M Source/WebCore/ChangeLog
Log Message:
-----------
Merge r245848 - [MSE][GStreamer] update the readyState correctly in MediaPlayerPrivateGStreamerMSE
https://bugs.webkit.org/show_bug.cgi?id=197834
Patch by Yacine Bandou <yacine.bandou at softathome.com> on 2019-05-28
Reviewed by Xabier Rodriguez-Calvar.
Source/WebCore:
The buffering state and the m_downloadFinished boolean aren't supported in the MSE case.
When the readyState is already "HaveEnoughData", we don't want to revert it to "HaveFutureData",
or else the MediaPlayer would send a "canplay" event instead of a "canplaythrough".
Test: media/media-source/media-source-canplaythrough-event.html
* platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp:
(WebCore::MediaPlayerPrivateGStreamerMSE::updateStates):
LayoutTests:
Add a new test that checks if the MediaElement receives the "canplaythrough"
event when the media content is entirely injected to MSE sourceBuffer.
* media/media-source/media-source-canplaythrough-event-expected.txt: Added.
* media/media-source/media-source-canplaythrough-event.html: Added.
Commit: 8e70a1e1eccea8b5c940d44e5bddb133154d9933
https://github.com/WebKit/WebKit/commit/8e70a1e1eccea8b5c940d44e5bddb133154d9933
Author: Philippe Normand <pnormand at igalia.com>
Date: 2019-07-01 (Mon, 01 Jul 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/mediastream/gstreamer/GStreamerVideoCapturer.cpp
Log Message:
-----------
Merge r246192 - [GStreamer] videorate issues with v4l2src
https://bugs.webkit.org/show_bug.cgi?id=198614
Reviewed by Xabier Rodriguez-Calvar.
Configure videorate to cope with the live stream provided by the
source element. Not doing so might lead to errors in the v4l2
buffer allocator.
* platform/mediastream/gstreamer/GStreamerVideoCapturer.cpp:
(WebCore::GStreamerVideoCapturer::createConverter):
Commit: eb46835f8ecd3fdb4ef1bc509295416ed2611697
https://github.com/WebKit/WebKit/commit/eb46835f8ecd3fdb4ef1bc509295416ed2611697
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-07-01 (Mon, 01 Jul 2019)
Changed paths:
M Source/WTF/ChangeLog
M Source/WTF/wtf/glib/RunLoopGLib.cpp
Log Message:
-----------
Merge r245512 - [GLIB] Repeating timer is not stopped when stop is called from the callback
https://bugs.webkit.org/show_bug.cgi?id=197986
Reviewed by Michael Catanzaro.
Source/WTF:
In case of repeating timers we always update the ready time to fire interval after the user callback is called.
* wtf/glib/RunLoopGLib.cpp:
(WTF::RunLoop::TimerBase::stop): Reset m_fireInterval and m_isRepeating.
Commit: 70b7fa6e04734f2a9b7973a6078633b13079c019
https://github.com/WebKit/WebKit/commit/70b7fa6e04734f2a9b7973a6078633b13079c019
Author: Rafael Fontenelle <rafaelff at gnome.org>
Date: 2019-07-01 (Mon, 01 Jul 2019)
Changed paths:
M Source/WebCore/platform/gtk/po/ChangeLog
M Source/WebCore/platform/gtk/po/pt_BR.po
Log Message:
-----------
Merge r245770 - [l10n] [pt_BR] Updated Brazilian Portuguese translation
https://bugs.webkit.org/show_bug.cgi?id=198245
Patch by Rafael Fontenelle <rafaelff at gnome.org> on 2019-05-25
Rubber-stamped by Michael Catanzaro.
* pt_BR.po:
Commit: 326db9f477bd5e38c2d8882676026bc2efbc0b70
https://github.com/WebKit/WebKit/commit/326db9f477bd5e38c2d8882676026bc2efbc0b70
Author: Miguel Gomez <magomez at igalia.com>
Date: 2019-07-01 (Mon, 01 Jul 2019)
Changed paths:
M Source/WebCore/ChangeLog
A Source/WebCore/platform/graphics/nicosia/NicosiaAnimatedBackingStoreClient.h
M Source/WebCore/platform/graphics/nicosia/NicosiaPlatformLayer.h
M Source/WebCore/platform/graphics/texmap/TextureMapperAnimation.cpp
M Source/WebCore/platform/graphics/texmap/TextureMapperAnimation.h
M Source/WebCore/platform/graphics/texmap/TextureMapperLayer.cpp
M Source/WebCore/platform/graphics/texmap/TextureMapperLayer.h
M Source/WebCore/platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp
M Source/WebCore/platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h
M Source/WebKit/ChangeLog
M Source/WebKit/Shared/CoordinatedGraphics/CoordinatedGraphicsScene.cpp
Log Message:
-----------
Merge r246963 - [WPE][GTK] Content disappearing when using CSS transforms
https://bugs.webkit.org/show_bug.cgi?id=181757
Reviewed by Žan Doberšek.
Source/WebCore:
During each layer flush, create an AnimatedBackingStoreClient instance for each layer that
has a backingStore and is to be animated, and send that client to the appropriate
TextureMapperLayer on the compositor thread. During each frame rendering, the client will
use the future layer position (currently 50ms in the future) to check whether new tiles are
required to keep the animation ongoing, and notify the appropriate CoordinatedGraphicsLayer so
it can perform a layer flush and provide new tiles.
* platform/TextureMapper.cmake:
* platform/graphics/nicosia/NicosiaAnimatedBackingStoreClient.h: Added.
* platform/graphics/nicosia/NicosiaPlatformLayer.h:
(Nicosia::CompositionLayer::flushState):
* platform/graphics/texmap/TextureMapperAnimation.cpp:
(WebCore::TextureMapperAnimation::applyKeepingInternalState):
(WebCore::TextureMapperAnimations::applyKeepingInternalState):
* platform/graphics/texmap/TextureMapperAnimation.h:
* platform/graphics/texmap/TextureMapperLayer.cpp:
(WebCore::TextureMapperLayer::computeTransformsRecursive):
(WebCore::TextureMapperLayer::setAnimatedBackingStoreClient):
(WebCore::TextureMapperLayer::syncAnimations):
* platform/graphics/texmap/TextureMapperLayer.h:
* platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
(WebCore::CoordinatedGraphicsLayer::~CoordinatedGraphicsLayer):
(WebCore::clampToContentsRectIfRectIsInfinite):
(WebCore::CoordinatedGraphicsLayer::flushCompositingStateForThisLayerOnly):
(WebCore::CoordinatedGraphicsLayer::requestBackingStoreUpdate):
(WebCore::CoordinatedGraphicsLayer::updateContentBuffers):
* platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:
Source/WebKit:
Set the appropriate AnimatedBackingStoreClient to the TextureMapperLayers when required.
* Shared/CoordinatedGraphics/CoordinatedGraphicsScene.cpp:
(WebKit::CoordinatedGraphicsScene::updateSceneState):
Commit: efd7fa780db66e510905dabd37dfb3776152236f
https://github.com/WebKit/WebKit/commit/efd7fa780db66e510905dabd37dfb3776152236f
Author: Brent Fulgham <bfulgham at webkit.org>
Date: 2019-07-01 (Mon, 01 Jul 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/loader/FrameLoader.cpp
Log Message:
-----------
Merge r245464 - Hardening: Prevent FrameLoader crash due to SetForScope
https://bugs.webkit.org/show_bug.cgi?id=197458
<rdar://problem/50368338>
Reviewed by Chris Dumez.
Since SetForScope takes action during a function returns, it might cause
a crash if its scope is broader than the value it is resetting.
* loader/FrameLoader.cpp:
(WebCore::FrameLoader::loadDifferentDocumentItem):
Commit: 137d5eead1f27a9cfce6706cd815ba159cc303bc
https://github.com/WebKit/WebKit/commit/137d5eead1f27a9cfce6706cd815ba159cc303bc
Author: Brent Fulgham <bfulgham at webkit.org>
Date: 2019-07-01 (Mon, 01 Jul 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/fast/dom/window-inner-width-crash-expected.txt
A LayoutTests/fast/dom/window-inner-width-crash.html
M Source/WebCore/ChangeLog
M Source/WebCore/page/DOMWindow.cpp
Log Message:
-----------
Merge r245509 - Wait to get frame until after layout has been run
https://bugs.webkit.org/show_bug.cgi?id=197999
<rdar://problem/50800345>
Reviewed by Alex Christensen.
Source/WebCore:
The current frame can change when layout runs, so don't bother retrieving
the frame until the final layout pass is complete.
Test: fast/dom/window-inner-width-crash.html
* page/DOMWindow.cpp:
(WebCore::DOMWindow::innerHeight const): Move frame access past the
layout operation.
(WebCore::DOMWindow::innerWidth const): Ditto.
(WebCore::DOMWindow::scrollX const): Ditto.
(WebCore::DOMWindow::scrollY const): Ditto.
LayoutTests:
* fast/dom/window-inner-width-crash-expected.txt: Added.
* fast/dom/window-inner-width-crash.html: Added.
Commit: f8758a77262fbb3d98f1600c0f71e241b28c0ea6
https://github.com/WebKit/WebKit/commit/f8758a77262fbb3d98f1600c0f71e241b28c0ea6
Author: Antti Koivisto <koivisto at iki.fi>
Date: 2019-07-01 (Mon, 01 Jul 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/fast/lists/marker-style-subselector-whitelist-expected.txt
A LayoutTests/fast/lists/marker-style-subselector-whitelist.html
M Source/WebCore/ChangeLog
M Source/WebCore/css/RuleSet.cpp
Log Message:
-----------
Merge r245664 - Subselectors not searched when determining property whitelist for selector
https://bugs.webkit.org/show_bug.cgi?id=198147
<rdar://problem/50405208>
Reviewed by Zalan Bujtas.
Source/WebCore:
This can cause marker elements get style they shouldn't.
Test: fast/lists/marker-style-subselector-whitelist.html
* css/RuleSet.cpp:
(WebCore::determinePropertyWhitelistType):
Check subselectors too.
LayoutTests:
* fast/lists/marker-style-subselector-whitelist-expected.txt: Added.
* fast/lists/marker-style-subselector-whitelist.html: Added.
Commit: ad32f7b7cc9d77173bc9052f027da43c00c1cb66
https://github.com/WebKit/WebKit/commit/ad32f7b7cc9d77173bc9052f027da43c00c1cb66
Author: Alan Bujtas <zalan at apple.com>
Date: 2019-07-01 (Mon, 01 Jul 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/accessibility/AccessibilityObject.cpp
M Source/WebCore/accessibility/AccessibilityRenderObject.cpp
M Source/WebCore/dom/Document.cpp
M Source/WebCore/dom/Document.h
M Source/WebCore/dom/TreeScope.cpp
M Source/WebCore/editing/FrameSelection.cpp
M Source/WebCore/html/HTMLPlugInElement.cpp
M Source/WebCore/html/MediaElementSession.cpp
M Source/WebCore/page/DragController.cpp
M Source/WebCore/page/EventHandler.cpp
M Source/WebCore/page/FrameViewLayoutContext.cpp
M Source/WebCore/rendering/RenderView.cpp
M Source/WebCore/rendering/RenderView.h
M Source/WebCore/rendering/RenderWidget.cpp
M Source/WebCore/testing/Internals.cpp
M Source/WebKit/ChangeLog
M Source/WebKit/WebProcess/WebPage/ViewGestureGeometryCollector.cpp
M Source/WebKit/WebProcess/WebPage/WebPage.cpp
M Source/WebKit/WebProcess/WebPage/ios/WebPageIOS.mm
Log Message:
-----------
Merge r245716 - [Hittest] Move hittesting from RenderView to Document
https://bugs.webkit.org/show_bug.cgi?id=198192
<rdar://problem/51077762>
Reviewed by Antti Koivisto.
Source/WebCore:
RenderView is not refcounted and may be destroyed in updateLayout(), so enter hit-testing from Document.
* accessibility/AccessibilityObject.cpp:
(WebCore::AccessibilityObject::press):
* accessibility/AccessibilityRenderObject.cpp:
(WebCore::AccessibilityRenderObject::visiblePositionForPoint const):
* dom/Document.cpp:
(WebCore::FrameFlatteningLayoutDisallower::FrameFlatteningLayoutDisallower):
(WebCore::FrameFlatteningLayoutDisallower::~FrameFlatteningLayoutDisallower):
(WebCore::Document::scheduleStyleRecalc):
(WebCore::Document::prepareMouseEvent):
(WebCore::Document::hitTest):
* dom/Document.h:
(WebCore::Document::inHitTesting const):
* dom/TreeScope.cpp:
(WebCore::TreeScope::nodeFromPoint):
(WebCore::TreeScope::elementsFromPoint):
* editing/FrameSelection.cpp:
(WebCore::FrameSelection::contains const):
* html/HTMLPlugInElement.cpp:
(WebCore::HTMLPlugInElement::isReplacementObscured):
* html/MediaElementSession.cpp:
(WebCore::isElementMainContentForPurposesOfAutoplay):
* page/DragController.cpp:
(WebCore::elementUnderMouse):
* page/EventHandler.cpp:
(WebCore::EventHandler::handleMouseDraggedEvent):
(WebCore::EventHandler::eventMayStartDrag const):
(WebCore::EventHandler::updateSelectionForMouseDrag):
(WebCore::EventHandler::hitTestResultAtPoint const):
(WebCore::EventHandler::updateCursor):
(WebCore::EventHandler::isInsideScrollbar const):
(WebCore::EventHandler::handleWheelEvent):
(WebCore::EventHandler::hoverTimerFired):
(WebCore::EventHandler::handleDrag):
(WebCore::hitTestResultInFrame):
* page/FrameViewLayoutContext.cpp:
(WebCore::FrameViewLayoutContext::setNeedsLayoutAfterViewConfigurationChange):
* rendering/RenderView.cpp:
(WebCore::FrameFlatteningLayoutDisallower::FrameFlatteningLayoutDisallower): Deleted.
(WebCore::FrameFlatteningLayoutDisallower::~FrameFlatteningLayoutDisallower): Deleted.
(): Deleted.
(WebCore::RenderView::hitTest): Deleted.
* rendering/RenderView.h:
* rendering/RenderWidget.cpp:
(WebCore::RenderWidget::nodeAtPoint):
* testing/Internals.cpp:
(WebCore::Internals::nodesFromRect const):
Source/WebKit:
* WebProcess/WebPage/ViewGestureGeometryCollector.cpp:
(WebKit::ViewGestureGeometryCollector::collectGeometryForSmartMagnificationGesture):
* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::determinePrimarySnapshottedPlugIn):
* WebProcess/WebPage/ios/WebPageIOS.mm:
(WebKit::WebPage::dynamicViewportSizeUpdate):
Commit: e999fc677c4a4667a17f4959883af34e029d14a9
https://github.com/WebKit/WebKit/commit/e999fc677c4a4667a17f4959883af34e029d14a9
Author: Brent Fulgham <bfulgham at webkit.org>
Date: 2019-07-01 (Mon, 01 Jul 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/accessibility/AXObjectCache.cpp
M Source/WebCore/accessibility/AccessibilityRenderObject.cpp
M Source/WebCore/css/CSSComputedStyleDeclaration.cpp
M Source/WebCore/css/CSSComputedStyleDeclaration.h
M Source/WebCore/css/SVGCSSComputedStyleDeclaration.cpp
M Source/WebCore/dom/Document.cpp
M Source/WebCore/editing/TypingCommand.cpp
M Source/WebCore/editing/ios/EditorIOS.mm
M Source/WebCore/html/HTMLLabelElement.cpp
M Source/WebCore/html/HTMLTextAreaElement.cpp
M Source/WebCore/html/ImageDocument.cpp
M Source/WebCore/page/FrameView.cpp
M Source/WebCore/page/PrintContext.cpp
M Source/WebKitLegacy/mac/ChangeLog
M Source/WebKitLegacy/mac/DOM/DOM.mm
M Source/WebKitLegacy/mac/WebView/WebHTMLView.mm
Log Message:
-----------
Merge r245823 - Protect frames during style and layout changes
https://bugs.webkit.org/show_bug.cgi?id=198047
<rdar://problem/50954082>
Reviewed by Zalan Bujtas.
Be more careful about the scope and lifetime of objects that participate in layout or
style updates. If a method decides a layout or style update is needed, it needs to
confirm that the elements it was operating on are still valid and needed in the
current operation.
Source/WebCore:
* accessibility/AXObjectCache.cpp:
(WebCore::AXObjectCache::getOrCreate):
* accessibility/AccessibilityRenderObject.cpp:
(WebCore::AccessibilityRenderObject::accessibilityHitTest const):
* css/CSSComputedStyleDeclaration.cpp:
(WebCore::ComputedStyleExtractor::valueForPropertyinStyle):
* css/CSSComputedStyleDeclaration.h:
* css/SVGCSSComputedStyleDeclaration.cpp:
(WebCore::ComputedStyleExtractor::svgPropertyValue):
* dom/Document.cpp:
(WebCore::Document::setFocusedElement):
* editing/TypingCommand.cpp:
(WebCore::TypingCommand::insertTextRunWithoutNewlines):
(WebCore::TypingCommand::insertLineBreak):
(WebCore::TypingCommand::insertParagraphSeparator):
(WebCore::TypingCommand::insertParagraphSeparatorInQuotedContent):
* editing/ios/EditorIOS.mm:
(WebCore::Editor::setDictationPhrasesAsChildOfElement):
* html/HTMLLabelElement.cpp:
(WebCore::HTMLLabelElement::focus):
* html/HTMLTextAreaElement.cpp:
(WebCore::HTMLTextAreaElement::appendFormData):
* html/ImageDocument.cpp:
(WebCore::ImageDocument::imageClicked):
* html/ValidationMessage.cpp:
(WebCore::ValidationMessage::buildBubbleTree):
* page/FrameView.cpp:
(WebCore::FrameView::autoSizeIfEnabled):
(WebCore::FrameView::trackedRepaintRectsAsText const):
* page/PrintContext.cpp:
(WebCore::PrintContext::pageProperty):
(WebCore::PrintContext::numberOfPages):
(WebCore::PrintContext::spoolAllPagesWithBoundaries):
Source/WebKitLegacy/mac:
* DOM/DOM.mm:
(-[DOMRange renderedImageForcingBlackText:renderedImageForcingBlackText:]):
* WebView/WebHTMLView.mm:
(-[WebHTMLView _selectionDraggingImage]):
(-[WebHTMLView selectionImageForcingBlackText:selectionImageForcingBlackText:]):
Commit: 0775f91fb377bb64d039fd41354b5474e92fa799
https://github.com/WebKit/WebKit/commit/0775f91fb377bb64d039fd41354b5474e92fa799
Author: Daniel Bates <dbates at webkit.org>
Date: 2019-07-01 (Mon, 01 Jul 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/http/tests/security/contentSecurityPolicy/subframe-with-data-url-inheritance-expected.txt
A LayoutTests/http/tests/security/contentSecurityPolicy/subframe-with-data-url-inheritance.html
M Source/WebCore/ChangeLog
M Source/WebCore/dom/Document.cpp
Log Message:
-----------
Merge r246129 - [CSP] Data URLs should inherit their CSP policy
https://bugs.webkit.org/show_bug.cgi?id=198572
<rdar://problem/50660927>
Reviewed by Brent Fulgham.
Source/WebCore:
As per <https://w3c.github.io/webappsec-csp/#security-inherit-csp> (Editor's Draft, 28 February 2019) data
URLs should inherit their CSP policy from their parent (if they have one).
Test: http/tests/security/contentSecurityPolicy/subframe-with-data-url-inheritance.html
* dom/Document.cpp:
(WebCore::Document::shouldInheritContentSecurityPolicyFromOwner const):
LayoutTests:
Add a test to ensure that a framed data URL inherits its CSP policy from its parent document.
* http/tests/security/contentSecurityPolicy/subframe-with-data-url-inheritance-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/subframe-with-data-url-inheritance.html: Added.
Commit: 16d962b0d69500e6df81425710cb614e6b1c65d0
https://github.com/WebKit/WebKit/commit/16d962b0d69500e6df81425710cb614e6b1c65d0
Author: Brent Fulgham <bfulgham at webkit.org>
Date: 2019-07-01 (Mon, 01 Jul 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/dom/Document.cpp
Log Message:
-----------
Merge r246182 - Avoid generating new XSLT-based document when already changing the document.
https://bugs.webkit.org/show_bug.cgi?id=198525
<rdar://problem/51393787>
Reviewed by Ryosuke Niwa.
We should not allow a pending XSLT transform to change the current document when
that current document is int he process of being replaced.
* dom/Document.cpp:
(WebCore::Document::applyPendingXSLTransformsTimerFired):
Commit: a4e3b8aef073b49e5ba841e10f73292ef9a9fdc6
https://github.com/WebKit/WebKit/commit/a4e3b8aef073b49e5ba841e10f73292ef9a9fdc6
Author: Daniel Bates <dbates at webkit.org>
Date: 2019-07-01 (Mon, 01 Jul 2019)
Changed paths:
M LayoutTests/ChangeLog
M Source/WebCore/ChangeLog
M Source/WebCore/dom/Document.cpp
M Source/WebCore/dom/Document.h
M Source/WebCore/loader/DocumentWriter.cpp
M Source/WebCore/loader/FrameLoader.cpp
M Source/WebCore/loader/FrameLoader.h
Log Message:
-----------
Merge r246277 - [CSP] Blob URLs should inherit their CSP policy
https://bugs.webkit.org/show_bug.cgi?id=198579
<rdar://problem/51366878>
Reviewed by Brent Fulgham.
Source/WebCore:
As per <https://w3c.github.io/webappsec-csp/#security-inherit-csp> (Editor's Draft, 28 February 2019) blob
URLs should inherit their CSP policy from their parent (if they have one).
Test: http/tests/security/contentSecurityPolicy/navigate-self-to-blob.html
http/tests/security/contentSecurityPolicy/navigate-self-to-data-url.html
* dom/Document.cpp:
(WebCore::Document::shouldInheritContentSecurityPolicyFromOwner const): Return true if the document's URL
is a Blob URL.
(WebCore::Document::initContentSecurityPolicy): Take a pointer to a ContentSecurityPolicy object that
represents the previous document's CSP. We only make us of this if the current URL is a Blob URL or a data
URL. Otherwise, do what we do now and take the policy from the owner frame.
* dom/Document.h:
* loader/DocumentWriter.cpp:
(WebCore::DocumentWriter::begin): Extend the lifetime of the previous document temporarily so that we can
pass its CSP to FrameLoader::didBeginDocument(). We need to do this extension because this function calls
FrameLoader::clear(), which can destroy the previous document and its ContentSecurityPolicy object. This
extension is also no different than if this function was called with a non-null ownerDocument except that
in that case it is the caller that extends the previous document's lifetime. Although it is tempting to
make use of ownerDocument to fix this bug by having the caller of begin() pass the previous document as
the ownerDocument when the new document's url (the one we are begin()ing) is a Blob URL. The ownerDocument
concept would privilege the Blob URL more than necessary; we only need to inherit the CSP policy from the
previous document for a Blob URL, not inherit the cookie URL or strict mixed content checking bit, etc.
We could make ContentSecurityPolicy ref-counted or even steal the ContentSecurityPolicy object from the
previous document. The latter is not of the question as a future enhancement, but the former seemed excessive
as a way to avoid extending the lifetime of the previous document because this would be the *only* call site
that actaully takes out a second ref of a ContentSecurityPolicy object. In general, shared ownership of
a ContentSecurityPolicy object does not make sense.
* loader/FrameLoader.cpp:
(WebCore::FrameLoader::didBeginDocument): Pass the specified content security policy through to
Document::initContentSecurityPolicy().
* loader/FrameLoader.h:
LayoutTests:
Add tests to ensure that a self navigation to a Blob or Data URL inherits its CSP policy from
its parent document.
* http/tests/security/contentSecurityPolicy/navigate-self-to-blob-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/navigate-self-to-blob.html: Added.
* http/tests/security/contentSecurityPolicy/navigate-self-to-data-url-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/navigate-self-to-data-url.html: Added.
Commit: 7e90c1d5d89d952a253aee5a5099bfa35f2f29b3
https://github.com/WebKit/WebKit/commit/7e90c1d5d89d952a253aee5a5099bfa35f2f29b3
Author: Daniel Bates <dbates at webkit.org>
Date: 2019-07-01 (Mon, 01 Jul 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/http/tests/security/contentSecurityPolicy/navigate-self-to-blob-expected.txt
A LayoutTests/http/tests/security/contentSecurityPolicy/navigate-self-to-blob.html
A LayoutTests/http/tests/security/contentSecurityPolicy/navigate-self-to-data-url-expected.txt
A LayoutTests/http/tests/security/contentSecurityPolicy/navigate-self-to-data-url.html
Log Message:
-----------
Merge r246287 - [CSP] Blob URLs should inherit their CSP policy
https://bugs.webkit.org/show_bug.cgi?id=198579
<rdar://problem/51366878>
Reviewed by Brent Fulgham.
Actually add the tests that I inadvertently omitted from r246277.
* http/tests/security/contentSecurityPolicy/navigate-self-to-blob-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/navigate-self-to-blob.html: Added.
* http/tests/security/contentSecurityPolicy/navigate-self-to-data-url-expected.txt: Added.
* http/tests/security/contentSecurityPolicy/navigate-self-to-data-url.html: Added.
Commit: 0f65eba586009bbac4ea8c3b6fa822dae2e6b6fe
https://github.com/WebKit/WebKit/commit/0f65eba586009bbac4ea8c3b6fa822dae2e6b6fe
Author: Tadeu Zagallo <tzagallo at apple.com>
Date: 2019-07-01 (Mon, 01 Jul 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/urshift-int32-overflow.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/dfg/DFGAbstractInterpreterInlines.h
Log Message:
-----------
Merge r246332 - AI BitURShift's result should not be unsigned
https://bugs.webkit.org/show_bug.cgi?id=198689
<rdar://problem/51550063>
Reviewed by Saam Barati.
JSTests:
* stress/urshift-int32-overflow.js: Added.
(foo.):
(foo):
Source/JavaScriptCore:
Treating BitURShift's result as unsigned in the abstract interpreter incorrectly overflows it.
This breaks the DFG and FTL, since they assume that BitURShift's result is an int32 value, but
get a double constant from AI. Since the result will be converted to unsigned by UInt32ToNumber,
all we have to do is store the result as a signed int32.
* dfg/DFGAbstractInterpreterInlines.h:
Commit: e93ef1193ba654a5482f0699a8e19ae92fbcdb50
https://github.com/WebKit/WebKit/commit/e93ef1193ba654a5482f0699a8e19ae92fbcdb50
Author: Tadeu Zagallo <tzagallo at apple.com>
Date: 2019-07-01 (Mon, 01 Jul 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/eliminate-arguments-negative-rest-access.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/dfg/DFGArgumentsEliminationPhase.cpp
M Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp
Log Message:
-----------
Merge r246071 - Argument elimination should check for negative indices in GetByVal
https://bugs.webkit.org/show_bug.cgi?id=198302
<rdar://problem/51188095>
Reviewed by Filip Pizlo.
JSTests:
* stress/eliminate-arguments-negative-rest-access.js: Added.
(inlinee):
(opt):
Source/JavaScriptCore:
In DFG::ArgumentEliminationPhase, the index is treated as unsigned, but there's no check
for overflow in the addition. In compileGetMyArgumentByVal, there's a check for overflow,
but the index is treated as signed, resulting in an index lower than numberOfArgumentsToSkip.
* dfg/DFGArgumentsEliminationPhase.cpp:
* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileGetMyArgumentByVal):
Commit: b6e37967ff7eb77bce0d183e6f2c5fb3f3f02c5d
https://github.com/WebKit/WebKit/commit/b6e37967ff7eb77bce0d183e6f2c5fb3f3f02c5d
Author: Mark Lam <mark.lam at apple.com>
Date: 2019-07-01 (Mon, 01 Jul 2019)
Changed paths:
M JSTests/ChangeLog
M Source/JavaScriptCore/ChangeLog
Log Message:
-----------
Merge r242114 - wasmToJS() should purify incoming NaNs.
https://bugs.webkit.org/show_bug.cgi?id=194807
<rdar://problem/48189132>
Reviewed by Saam Barati.
JSTests:
* wasm/regress/wasmToJS-should-purify-NaNs.js: Added.
Source/JavaScriptCore:
* runtime/JSCJSValue.h:
(JSC::jsNumber):
* runtime/TypedArrayAdaptors.h:
(JSC::IntegralTypedArrayAdaptor::toJSValue):
* wasm/js/WasmToJS.cpp:
(JSC::Wasm::wasmToJS):
Commit: bd9611ef2eef9d879d1d2bc3f8879b3514bb2c05
https://github.com/WebKit/WebKit/commit/bd9611ef2eef9d879d1d2bc3f8879b3514bb2c05
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-07-01 (Mon, 01 Jul 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/regexp-bytecode-compilation-fail.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/inspector/ContentSearchUtilities.cpp
M Source/JavaScriptCore/runtime/RegExp.cpp
M Source/JavaScriptCore/runtime/RegExpInlines.h
M Source/JavaScriptCore/yarr/RegularExpression.cpp
M Source/JavaScriptCore/yarr/YarrInterpreter.cpp
M Source/JavaScriptCore/yarr/YarrInterpreter.h
Log Message:
-----------
Merge r246408 - Yarr bytecode compilation failure should be gracefully handled
https://bugs.webkit.org/show_bug.cgi?id=198700
Reviewed by Michael Saboff.
JSTests:
* stress/regexp-bytecode-compilation-fail.js: Added.
(shouldThrow):
Source/JavaScriptCore:
Currently, we assume that Yarr bytecode compilation does not fail. But in fact it can fail.
We should gracefully handle this failure as a runtime error, as we did for parse errors in [1].
We also harden Yarr's consumed character calculation by using Checked.
[1]: https://bugs.webkit.org/show_bug.cgi?id=185755
* inspector/ContentSearchUtilities.cpp:
(Inspector::ContentSearchUtilities::findMagicComment):
* runtime/RegExp.cpp:
(JSC::RegExp::byteCodeCompileIfNecessary):
(JSC::RegExp::compile):
(JSC::RegExp::compileMatchOnly):
* runtime/RegExpInlines.h:
(JSC::RegExp::matchInline):
* yarr/YarrErrorCode.cpp:
(JSC::Yarr::errorMessage):
(JSC::Yarr::errorToThrow):
* yarr/YarrErrorCode.h:
* yarr/YarrInterpreter.cpp:
(JSC::Yarr::ByteCompiler::ByteCompiler):
(JSC::Yarr::ByteCompiler::compile):
(JSC::Yarr::ByteCompiler::atomCharacterClass):
(JSC::Yarr::ByteCompiler::atomBackReference):
(JSC::Yarr::ByteCompiler::atomParenthesesOnceBegin):
(JSC::Yarr::ByteCompiler::atomParenthesesTerminalBegin):
(JSC::Yarr::ByteCompiler::atomParenthesesSubpatternBegin):
(JSC::Yarr::ByteCompiler::atomParentheticalAssertionBegin):
(JSC::Yarr::ByteCompiler::popParenthesesStack):
(JSC::Yarr::ByteCompiler::closeAlternative):
(JSC::Yarr::ByteCompiler::closeBodyAlternative):
(JSC::Yarr::ByteCompiler::alternativeBodyDisjunction):
(JSC::Yarr::ByteCompiler::alternativeDisjunction):
(JSC::Yarr::ByteCompiler::emitDisjunction):
Commit: 479d0bc00ff954de815ccba2f34e1401c0c0cd7b
https://github.com/WebKit/WebKit/commit/479d0bc00ff954de815ccba2f34e1401c0c0cd7b
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-07-01 (Mon, 01 Jul 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/disposable-call-site-index-with-call-and-this.js
A JSTests/stress/disposable-call-site-index.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/bytecode/CodeBlock.cpp
M Source/JavaScriptCore/bytecode/CodeBlock.h
M Source/JavaScriptCore/bytecode/PolymorphicAccess.cpp
M Source/JavaScriptCore/bytecode/PolymorphicAccess.h
M Source/JavaScriptCore/dfg/DFGCommonData.cpp
M Source/JavaScriptCore/dfg/DFGCommonData.h
M Source/JavaScriptCore/interpreter/CallFrame.h
M Source/JavaScriptCore/jit/GCAwareJITStubRoutine.cpp
M Source/JavaScriptCore/jit/GCAwareJITStubRoutine.h
M Source/JavaScriptCore/jit/JITInlineCacheGenerator.h
Log Message:
-----------
Merge r246505 - [JSC] Introduce DisposableCallSiteIndex to enforce type-safety
https://bugs.webkit.org/show_bug.cgi?id=197378
Reviewed by Saam Barati.
JSTests:
* stress/disposable-call-site-index-with-call-and-this.js: Added.
(foo):
(bar):
* stress/disposable-call-site-index.js: Added.
(foo):
(bar):
Source/JavaScriptCore:
Some of CallSiteIndex are disposable. This is because some of CallSiteIndex are allocated and freed at runtime (not DFG/FTL compile time).
The example is CallSiteIndex for exception handler in GCAwareJITStubRoutineWithExceptionHandler. If we do not allocate and free CallSiteIndex,
we will create a new CallSiteIndex continuously and leak memory.
The other CallSiteIndex are not simply disposable because the ownership model is not unique one. They can be shared between multiple clients.
But not disposing them is OK because they are static one: they are allocated when compiling DFG/FTL, and we do not allocate such CallSiteIndex
at runtime.
To make this difference explicit and avoid disposing non-disposable CallSiteIndex accidentally, we introduce DisposableCallSiteIndex type, and
enforce type-safety to some degree.
We also correctly update the DisposableCallSiteIndex => CodeOrigin table when we are reusing the previously used DisposableCallSiteIndex.
* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::newExceptionHandlingCallSiteIndex):
(JSC::CodeBlock::removeExceptionHandlerForCallSite):
* bytecode/CodeBlock.h:
* bytecode/PolymorphicAccess.cpp:
(JSC::AccessGenerationState::callSiteIndexForExceptionHandling):
(JSC::PolymorphicAccess::regenerate):
* bytecode/PolymorphicAccess.h:
(JSC::AccessGenerationState::callSiteIndexForExceptionHandling): Deleted.
* dfg/DFGCommonData.cpp:
(JSC::DFG::CommonData::addUniqueCallSiteIndex):
(JSC::DFG::CommonData::addDisposableCallSiteIndex):
(JSC::DFG::CommonData::removeDisposableCallSiteIndex):
(JSC::DFG::CommonData::removeCallSiteIndex): Deleted.
* dfg/DFGCommonData.h:
* interpreter/CallFrame.h:
(JSC::DisposableCallSiteIndex::DisposableCallSiteIndex):
(JSC::DisposableCallSiteIndex::fromCallSiteIndex):
* jit/GCAwareJITStubRoutine.cpp:
(JSC::GCAwareJITStubRoutineWithExceptionHandler::GCAwareJITStubRoutineWithExceptionHandler):
(JSC::GCAwareJITStubRoutineWithExceptionHandler::observeZeroRefCount):
(JSC::createJITStubRoutine):
* jit/GCAwareJITStubRoutine.h:
* jit/JITInlineCacheGenerator.h:
Commit: c8a69dd3f799581d2909ba0c9d7534a8fcec605c
https://github.com/WebKit/WebKit/commit/c8a69dd3f799581d2909ba0c9d7534a8fcec605c
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-07-01 (Mon, 01 Jul 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/class-expression-should-store-result-at-last.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/bytecompiler/NodesCodegen.cpp
Log Message:
-----------
Merge r246708 - [JSC] ClassExpr should not store result in the middle of evaluation
https://bugs.webkit.org/show_bug.cgi?id=199106
Reviewed by Tadeu Zagallo.
JSTests:
* stress/class-expression-should-store-result-at-last.js: Added.
(shouldThrow):
(shouldThrow.let.a):
Source/JavaScriptCore:
Let's consider the case,
let a = class A {
static get[a=0x12345678]() {
}
};
When evaluating `class A` expression, we should not use the local register for `let a`
until we finally store it to that register. Otherwise, `a=0x12345678` will override it.
Out BytecodeGenerator does that this by using tempDestination and finalDestination, but
we did not do that in ClassExprNode.
This patch leverages tempDestination and finalDestination to store `class A` result finally,
while we attempt to reduce mov.
* bytecompiler/NodesCodegen.cpp:
(JSC::ClassExprNode::emitBytecode):
Commit: 4d29dcefc1d41440b6802524c452ce608e985dcc
https://github.com/WebKit/WebKit/commit/4d29dcefc1d41440b6802524c452ce608e985dcc
Author: Mark Lam <mark.lam at apple.com>
Date: 2019-07-01 (Mon, 01 Jul 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/array-slice-must-keep-source-array-alive.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp
M Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp
M Source/JavaScriptCore/runtime/ArrayPrototype.cpp
Log Message:
-----------
Merge r246740 - ArraySlice needs to keep the source array alive.
https://bugs.webkit.org/show_bug.cgi?id=197374
<rdar://problem/50304429>
Reviewed by Michael Saboff and Filip Pizlo.
JSTests:
* stress/array-slice-must-keep-source-array-alive.js: Added.
Source/JavaScriptCore:
The implementation of the FTL ArraySlice intrinsics may GC while allocating the
result array and its butterfly. Previously, ArraySlice already keeps the source
butterfly alive in order to copy from it to the new butterfly after the allocation.
Unfortunately, this is not enough. We also need to keep the source array alive
so that GC will scan the values in the butterfly as well. Note: the butterfly
does not have a visitChildren() method to do this scan. It's the parent object's
responsibility to do the scanning.
This patch fixes this by introducing a keepAlive() utility method, and we use it
to keep the source array alive while allocating the result array and butterfly.
keepAlive() works by using a patchpoint to communicate to B3 that a value (the
source array in this case) is still in use. It also uses a fence to keep B3 from
relocating the patchpoint, which may defeat the fix.
For the DFG's SpeculativeJIT::compileArraySlice(), we may have lucked out and the
source array cell is kept alive. This patch makes it explicit that we should
keep its cell alive till after the result array has been allocated.
For the Baseline JIT and LLInt, we use the arrayProtoFuncSlice() runtime function
and there is no issue because the source array (in "thisObj") is in the element
copying loop that follows the allocation of the result array. However, for
documentation purposes, this patch adds a call to HeapCell::use() to indicate that
the source array need to kept alive at least until after the allocation of the
result array.
* dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileArraySlice):
* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileArraySlice):
(JSC::FTL::DFG::LowerDFGToB3::allocateJSArray):
(JSC::FTL::DFG::LowerDFGToB3::keepAlive):
* runtime/ArrayPrototype.cpp:
(JSC::arrayProtoFuncSlice):
Commit: 58ce93b2a5be04dea71ee26497937e4216307c8c
https://github.com/WebKit/WebKit/commit/58ce93b2a5be04dea71ee26497937e4216307c8c
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-07-01 (Mon, 01 Jul 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h
Log Message:
-----------
Merge r247005 - Unreviewed. Fix GTK build with GSTREAMER_GL disabled after r246710
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:
Commit: d54e15781c89594a063aab113ecc198708444aab
https://github.com/WebKit/WebKit/commit/d54e15781c89594a063aab113ecc198708444aab
Author: Miguel Gomez <magomez at igalia.com>
Date: 2019-07-01 (Mon, 01 Jul 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/nicosia/NicosiaAnimatedBackingStoreClient.h
M Source/WebCore/platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp
Log Message:
-----------
Merge r247007 - REGRESSION(r246963) GTK's debug build is broken
https://bugs.webkit.org/show_bug.cgi?id=199358
Reviewed by Michael Catanzaro.
Add traits to be able to downcast AnimatedBackingStoreClient.
* platform/graphics/nicosia/NicosiaAnimatedBackingStoreClient.h:
(Nicosia::AnimatedBackingStoreClient::AnimatedBackingStoreClient):
(Nicosia::AnimatedBackingStoreClient::type const):
* platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
(WebCore::CoordinatedGraphicsLayer::updateContentBuffers):
Commit: bca08905682662d14735bfd1598c20d374129646
https://github.com/WebKit/WebKit/commit/bca08905682662d14735bfd1598c20d374129646
Author: Carlos Garcia Campos <carlosgc at webkit.org>
Date: 2019-07-02 (Tue, 02 Jul 2019)
Changed paths:
M Source/WTF/ChangeLog
M Source/WTF/wtf/glib/GLibUtilities.cpp
M Source/WTF/wtf/glib/GLibUtilities.h
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h
M Source/WebCore/platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp
M Source/WebCore/platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.h
Log Message:
-----------
[GStreamer] Cannot play Bert's Bytes radio stream from http://radio.dos.nl/
https://bugs.webkit.org/show_bug.cgi?id=198376
Reviewed by Xabier Rodriguez-Calvar.
Source/WebCore:
The delayed startup was due to a mix of buffering feedback
messages not handled correctly by the player. We were handling
download and streaming buffering metrics without distinction.
Range requests (used for seeking) were also triggering on-disk
buffering in some cases. The buffering percentage estimation based
on network read position was not working either because uint64_t
division doesn't return a floating point value.
No new tests, existing media tests cover this patch.
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
(WebCore::MediaPlayerPrivateGStreamer::commitLoad):
(WebCore::MediaPlayerPrivateGStreamer::play):
(WebCore::MediaPlayerPrivateGStreamer::handleMessage):
(WebCore::MediaPlayerPrivateGStreamer::processBufferingStats):
(WebCore::MediaPlayerPrivateGStreamer::updateBufferingStatus):
(WebCore::MediaPlayerPrivateGStreamer::fillTimerFired):
(WebCore::MediaPlayerPrivateGStreamer::maxTimeLoaded const):
(WebCore::MediaPlayerPrivateGStreamer::didLoadingProgress const):
(WebCore::MediaPlayerPrivateGStreamer::updateStates):
(WebCore::MediaPlayerPrivateGStreamer::updateDownloadBufferingFlag):
(WebCore::MediaPlayerPrivateGStreamer::setPreload):
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
* platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
(webkitWebSrcReset):
* platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.h:
Source/WTF:
* wtf/glib/GLibUtilities.h:
(enumToString): Utility function to get a string representation of of a GLib enum.
Commit: 53d263b5ca82ac722c91eaf1d653960a391af851
https://github.com/WebKit/WebKit/commit/53d263b5ca82ac722c91eaf1d653960a391af851
Author: Carlos Garcia Campos <carlosgc at webkit.org>
Date: 2019-07-02 (Tue, 02 Jul 2019)
Changed paths:
M ChangeLog
M Source/WebKit/ChangeLog
M Source/WebKit/gtk/NEWS
M Source/cmake/OptionsGTK.cmake
Log Message:
-----------
Unreviewed. Update OptionsGTK.cmake and NEWS for 2.24.3 release
.:
* Source/cmake/OptionsGTK.cmake: Bump version numbers.
Source/WebKit:
* gtk/NEWS: Add release notes for 2.24.3.
Commit: 33ded8038986d60fc53fccd1eec0e474bb3f27b1
https://github.com/WebKit/WebKit/commit/33ded8038986d60fc53fccd1eec0e474bb3f27b1
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-07-16 (Tue, 16 Jul 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/bytecode/Opcode.cpp
M Source/JavaScriptCore/bytecode/Opcode.h
Log Message:
-----------
Merged r243633 - Opcode.h(159,27): warning: adding 'unsigned int' to a string does not append to the string [-Wstring-plus-int]
https://bugs.webkit.org/show_bug.cgi?id=196343
Reviewed by Saam Barati.
Clang reports a compilation warning and recommend '&PADDING_STRING[PADDING_STRING_LENGTH]'
instead of 'PADDING_STRING + PADDING_STRING_LENGTH'.
* bytecode/Opcode.cpp:
(JSC::padOpcodeName): Moved padOpcodeName from Opcode.h because
this function is used only in Opcode.cpp. Changed macros
PADDING_STRING and PADDING_STRING_LENGTH to simple variables.
(JSC::compareOpcodePairIndices): Replaced pair with std::pair.
* bytecode/Opcode.h:
(JSC::padOpcodeName): Moved.
Commit: 4a7100cd89f7aadd0bf973057786e7ab372d8b69
https://github.com/WebKit/WebKit/commit/4a7100cd89f7aadd0bf973057786e7ab372d8b69
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-07-16 (Tue, 16 Jul 2019)
Changed paths:
M Source/bmalloc/ChangeLog
M Source/bmalloc/bmalloc/AvailableMemory.cpp
Log Message:
-----------
Merged r244422 - Unreviewed, fix build failure
https://bugs.webkit.org/show_bug.cgi?id=195938
Including <array>.
* bmalloc/AvailableMemory.cpp:
Commit: 2b9f7110d425969d7ade19ccbeaf1b772e38ae3c
https://github.com/WebKit/WebKit/commit/2b9f7110d425969d7ade19ccbeaf1b772e38ae3c
Author: Michael Catanzaro <mcatanzaro at gnome.org>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/b3/B3ValueRep.h
M Source/JavaScriptCore/bindings/ScriptValue.cpp
M Source/JavaScriptCore/bytecode/GetterSetterAccessCase.cpp
M Source/JavaScriptCore/bytecode/InstanceOfAccessCase.cpp
M Source/JavaScriptCore/bytecode/IntrinsicGetterAccessCase.cpp
M Source/JavaScriptCore/bytecode/ModuleNamespaceAccessCase.cpp
M Source/JavaScriptCore/bytecode/ProxyableAccessCase.cpp
M Source/JavaScriptCore/bytecode/StructureSet.h
M Source/JavaScriptCore/debugger/Breakpoint.h
M Source/JavaScriptCore/dfg/DFGRegisteredStructureSet.h
M Source/JavaScriptCore/inspector/agents/InspectorDebuggerAgent.cpp
M Source/JavaScriptCore/inspector/scripts/codegen/cpp_generator_templates.py
M Source/JavaScriptCore/parser/UnlinkedSourceCode.h
M Source/JavaScriptCore/wasm/WasmAirIRGenerator.cpp
M Source/JavaScriptCore/wasm/WasmB3IRGenerator.cpp
M Source/JavaScriptCore/wasm/WasmNameSectionParser.cpp
M Source/JavaScriptCore/wasm/WasmStreamingParser.cpp
M Source/WTF/ChangeLog
M Source/WTF/wtf/CheckedArithmetic.h
M Source/WTF/wtf/MetaAllocator.cpp
M Source/WTF/wtf/URLParser.cpp
M Source/WTF/wtf/text/StringView.h
M Source/WebCore/ChangeLog
M Source/WebCore/Modules/encryptedmedia/CDM.cpp
M Source/WebCore/Modules/encryptedmedia/MediaKeys.cpp
M Source/WebCore/Modules/entriesapi/DOMFileSystem.cpp
M Source/WebCore/Modules/fetch/FetchBody.cpp
M Source/WebCore/Modules/fetch/FetchRequest.cpp
M Source/WebCore/Modules/fetch/FetchResponse.cpp
M Source/WebCore/Modules/indexeddb/IDBCursor.cpp
M Source/WebCore/Modules/indexeddb/IDBDatabase.cpp
M Source/WebCore/Modules/indexeddb/IDBDatabaseIdentifier.h
M Source/WebCore/Modules/indexeddb/IDBKeyData.h
M Source/WebCore/Modules/indexeddb/IDBObjectStore.cpp
M Source/WebCore/Modules/indexeddb/IDBValue.h
M Source/WebCore/Modules/indexeddb/shared/IDBError.cpp
M Source/WebCore/Modules/indexeddb/shared/IDBError.h
M Source/WebCore/Modules/indexeddb/shared/IDBResultData.h
M Source/WebCore/Modules/mediarecorder/MediaRecorder.cpp
M Source/WebCore/Modules/mediasource/MediaSource.cpp
M Source/WebCore/Modules/mediastream/RTCPeerConnection.cpp
M Source/WebCore/Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp
M Source/WebCore/Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.cpp
M Source/WebCore/Modules/webaudio/AudioBuffer.cpp
M Source/WebCore/Modules/webaudio/AudioContext.cpp
M Source/WebCore/Modules/webaudio/OfflineAudioContext.cpp
M Source/WebCore/Modules/webdatabase/DatabaseManager.cpp
M Source/WebCore/Modules/webdatabase/DatabaseTracker.cpp
M Source/WebCore/Modules/webdatabase/SQLResultSetRowList.cpp
M Source/WebCore/Modules/websockets/WebSocket.cpp
M Source/WebCore/accessibility/AXObjectCache.cpp
M Source/WebCore/animation/KeyframeEffect.cpp
M Source/WebCore/bindings/js/JSCustomElementInterface.cpp
M Source/WebCore/bindings/js/JSDOMConvertVariadic.h
M Source/WebCore/bindings/js/SerializedScriptValue.cpp
M Source/WebCore/bindings/scripts/CodeGeneratorJS.pm
M Source/WebCore/bindings/scripts/test/JS/JSTestCallbackFunction.cpp
M Source/WebCore/bindings/scripts/test/JS/JSTestCallbackFunctionRethrow.cpp
M Source/WebCore/bindings/scripts/test/JS/JSTestCallbackInterface.cpp
M Source/WebCore/contentextensions/ContentExtensionParser.cpp
M Source/WebCore/crypto/SubtleCrypto.cpp
M Source/WebCore/crypto/gcrypt/CryptoAlgorithmHMACGCrypt.cpp
M Source/WebCore/crypto/keys/CryptoKeyEC.cpp
M Source/WebCore/css/CSSComputedStyleDeclaration.cpp
M Source/WebCore/css/CSSFontFaceSet.cpp
M Source/WebCore/css/CSSGradientValue.cpp
M Source/WebCore/css/CSSStyleSheet.cpp
M Source/WebCore/css/DOMMatrixReadOnly.cpp
M Source/WebCore/css/FontFace.cpp
M Source/WebCore/css/FontVariantBuilder.cpp
M Source/WebCore/css/PropertySetCSSStyleDeclaration.cpp
M Source/WebCore/css/SVGCSSComputedStyleDeclaration.cpp
M Source/WebCore/css/StyleBuilderConverter.h
M Source/WebCore/css/WebKitCSSMatrix.cpp
M Source/WebCore/css/parser/CSSPropertyParser.cpp
M Source/WebCore/cssjit/StackAllocator.h
M Source/WebCore/dom/DOMImplementation.cpp
M Source/WebCore/dom/Document.cpp
M Source/WebCore/dom/DocumentFragment.cpp
M Source/WebCore/dom/Element.cpp
M Source/WebCore/dom/MessagePort.cpp
M Source/WebCore/dom/NodeIterator.cpp
M Source/WebCore/dom/Range.cpp
M Source/WebCore/dom/RangeBoundaryPoint.h
M Source/WebCore/dom/ScriptDisallowedScope.h
M Source/WebCore/dom/Text.cpp
M Source/WebCore/dom/TextDecoder.cpp
M Source/WebCore/editing/CompositeEditCommand.cpp
M Source/WebCore/editing/Editing.cpp
M Source/WebCore/editing/EditingStyle.cpp
M Source/WebCore/editing/TextIterator.cpp
M Source/WebCore/editing/VisibleSelection.cpp
M Source/WebCore/editing/markup.cpp
M Source/WebCore/html/FormController.cpp
M Source/WebCore/html/HTMLCanvasElement.cpp
M Source/WebCore/html/HTMLMediaElement.cpp
M Source/WebCore/html/HTMLOptionElement.cpp
M Source/WebCore/html/HTMLPlugInImageElement.cpp
M Source/WebCore/html/HTMLTableElement.cpp
M Source/WebCore/html/HTMLTableRowElement.cpp
M Source/WebCore/html/ImageData.cpp
M Source/WebCore/html/OffscreenCanvas.cpp
M Source/WebCore/html/canvas/CanvasRenderingContext2DBase.cpp
M Source/WebCore/html/canvas/OESVertexArrayObject.cpp
M Source/WebCore/html/canvas/WebGLRenderingContextBase.cpp
M Source/WebCore/html/shadow/TextControlInnerElements.cpp
M Source/WebCore/html/track/BufferedLineReader.cpp
M Source/WebCore/html/track/VTTCue.cpp
M Source/WebCore/html/track/WebVTTElement.cpp
M Source/WebCore/inspector/InspectorStyleSheet.cpp
M Source/WebCore/inspector/agents/InspectorCSSAgent.cpp
M Source/WebCore/inspector/agents/InspectorDOMAgent.cpp
M Source/WebCore/inspector/agents/InspectorNetworkAgent.cpp
M Source/WebCore/loader/FetchOptions.h
M Source/WebCore/loader/MediaResourceLoader.cpp
M Source/WebCore/loader/appcache/ApplicationCacheStorage.cpp
M Source/WebCore/loader/archive/mhtml/MHTMLParser.cpp
M Source/WebCore/loader/cache/CachedResourceLoader.cpp
M Source/WebCore/page/DOMWindow.cpp
M Source/WebCore/page/DragController.cpp
M Source/WebCore/page/EventSource.cpp
M Source/WebCore/page/PerformanceUserTiming.cpp
M Source/WebCore/page/SecurityOrigin.h
M Source/WebCore/page/scrolling/ScrollingConstraints.h
M Source/WebCore/platform/Length.h
M Source/WebCore/platform/animation/TimingFunction.cpp
M Source/WebCore/platform/encryptedmedia/clearkey/CDMClearKey.cpp
M Source/WebCore/platform/graphics/FloatPoint3D.h
M Source/WebCore/platform/graphics/Font.cpp
M Source/WebCore/platform/graphics/GLContext.cpp
M Source/WebCore/platform/graphics/GraphicsContext.cpp
M Source/WebCore/platform/graphics/HEVCUtilities.cpp
M Source/WebCore/platform/graphics/gtk/ImageGtk.cpp
M Source/WebCore/platform/graphics/wayland/PlatformDisplayWayland.cpp
M Source/WebCore/platform/mediastream/MediaConstraints.h
M Source/WebCore/platform/mediastream/MediaStreamRequest.h
M Source/WebCore/platform/mediastream/gstreamer/GStreamerVideoFrameLibWebRTC.cpp
M Source/WebCore/platform/mediastream/gstreamer/RealtimeIncomingAudioSourceLibWebRTC.cpp
M Source/WebCore/platform/mediastream/gstreamer/RealtimeIncomingVideoSourceLibWebRTC.cpp
M Source/WebCore/platform/mock/MockRealtimeMediaSourceCenter.cpp
M Source/WebCore/platform/mock/mediasource/MockSourceBufferPrivate.cpp
M Source/WebCore/platform/network/BlobRegistryImpl.cpp
M Source/WebCore/platform/network/CookieRequestHeaderFieldProxy.h
M Source/WebCore/platform/network/FormData.h
M Source/WebCore/platform/network/MIMEHeader.cpp
M Source/WebCore/platform/network/ResourceHandle.cpp
M Source/WebCore/platform/network/soup/DNSResolveQueueSoup.cpp
M Source/WebCore/rendering/RenderElement.cpp
M Source/WebCore/rendering/shapes/Shape.cpp
M Source/WebCore/rendering/style/BasicShapes.cpp
M Source/WebCore/rendering/style/BasicShapes.h
M Source/WebCore/rendering/style/ContentData.cpp
M Source/WebCore/rendering/style/ContentData.h
M Source/WebCore/rendering/svg/RenderSVGInline.cpp
M Source/WebCore/rendering/svg/RenderSVGInlineText.cpp
M Source/WebCore/rendering/svg/RenderSVGText.cpp
M Source/WebCore/svg/SVGFEBlendElement.cpp
M Source/WebCore/svg/SVGFEColorMatrixElement.cpp
M Source/WebCore/svg/SVGFEComponentTransferElement.cpp
M Source/WebCore/svg/SVGFECompositeElement.cpp
M Source/WebCore/svg/SVGFEConvolveMatrixElement.cpp
M Source/WebCore/svg/SVGFEDiffuseLightingElement.cpp
M Source/WebCore/svg/SVGFEDisplacementMapElement.cpp
M Source/WebCore/svg/SVGFEDropShadowElement.cpp
M Source/WebCore/svg/SVGFEGaussianBlurElement.cpp
M Source/WebCore/svg/SVGFEMergeElement.cpp
M Source/WebCore/svg/SVGFEMorphologyElement.cpp
M Source/WebCore/svg/SVGFEOffsetElement.cpp
M Source/WebCore/svg/SVGFESpecularLightingElement.cpp
M Source/WebCore/svg/SVGFETileElement.cpp
M Source/WebCore/svg/SVGTransformList.h
M Source/WebCore/svg/properties/SVGListProperty.h
M Source/WebCore/testing/Internals.cpp
M Source/WebCore/workers/AbstractWorker.cpp
M Source/WebCore/workers/Worker.cpp
M Source/WebCore/workers/service/ServiceWorkerJobData.h
M Source/WebCore/xml/DOMParser.cpp
M Source/WebCore/xml/XPathExpression.cpp
M Source/WebKit/ChangeLog
M Source/WebKit/NetworkProcess/cache/CacheStorageEngineCache.cpp
M Source/WebKit/Platform/IPC/ArgumentCoders.h
M Source/WebKit/Shared/CallbackID.h
M Source/WebKit/Shared/OptionalCallbackID.h
M Source/WebKit/Shared/Plugins/NPIdentifierData.cpp
M Source/WebKit/Shared/Plugins/NPVariantData.cpp
M Source/WebKit/Shared/Plugins/Netscape/NetscapePluginModule.cpp
M Source/WebKit/Shared/RTCNetwork.cpp
M Source/WebKit/Shared/SessionState.cpp
M Source/WebKit/Shared/WebCompiledContentRuleListData.cpp
M Source/WebKit/Shared/WebCoreArgumentCoders.cpp
M Source/WebKit/Shared/WebPageCreationParameters.cpp
M Source/WebKit/Shared/WebPlatformTouchPoint.cpp
M Source/WebKit/Shared/WebsiteData/WebsiteData.cpp
M Source/WebKit/Shared/WebsiteDataStoreParameters.cpp
M Source/WebKit/UIProcess/WebPageProxy.cpp
M Source/WebKit/WebProcess/InjectedBundle/DOM/InjectedBundleCSSStyleDeclarationHandle.cpp
M Source/WebKit/WebProcess/InjectedBundle/DOM/InjectedBundleRangeHandle.cpp
M Source/WebKit/WebProcess/InjectedBundle/InjectedBundle.cpp
M Source/WebKit/WebProcess/Network/WebLoaderStrategy.cpp
M Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/CompositingCoordinator.cpp
M Source/WebKit/WebProcess/WebPage/WebPage.cpp
M Source/WebKit/WebProcess/WebStorage/StorageNamespaceImpl.cpp
Log Message:
-----------
Merge r243163 - Build cleanly with GCC 9
https://bugs.webkit.org/show_bug.cgi?id=195920
Reviewed by Chris Dumez.
WebKit triggers three new GCC 9 warnings:
"""
-Wdeprecated-copy, implied by -Wextra, warns about the C++11 deprecation of implicitly
declared copy constructor and assignment operator if one of them is user-provided.
"""
Solution is to either add a copy constructor or copy assignment operator, if required, or
else remove one if it is redundant.
"""
-Wredundant-move, implied by -Wextra, warns about redundant calls to std::move.
-Wpessimizing-move, implied by -Wall, warns when a call to std::move prevents copy elision.
"""
These account for most of this patch. Solution is to just remove the bad WTFMove().
Additionally, -Wclass-memaccess has been enhanced to catch a few cases that GCC 8 didn't.
These are solved by casting nontrivial types to void* before using memcpy. (Of course, it
would be safer to not use memcpy on nontrivial types, but that's too complex for this
patch. Searching for memcpy used with static_cast<void*> will reveal other cases to fix.)
Source/JavaScriptCore:
* b3/B3ValueRep.h:
* bindings/ScriptValue.cpp:
(Inspector::jsToInspectorValue):
* bytecode/GetterSetterAccessCase.cpp:
(JSC::GetterSetterAccessCase::create):
(JSC::GetterSetterAccessCase::clone const):
* bytecode/InstanceOfAccessCase.cpp:
(JSC::InstanceOfAccessCase::clone const):
* bytecode/IntrinsicGetterAccessCase.cpp:
(JSC::IntrinsicGetterAccessCase::clone const):
* bytecode/ModuleNamespaceAccessCase.cpp:
(JSC::ModuleNamespaceAccessCase::clone const):
* bytecode/ProxyableAccessCase.cpp:
(JSC::ProxyableAccessCase::clone const):
* bytecode/StructureSet.h:
* debugger/Breakpoint.h:
* dfg/DFGRegisteredStructureSet.h:
* inspector/agents/InspectorDebuggerAgent.cpp:
(Inspector::buildDebuggerLocation):
* inspector/scripts/codegen/cpp_generator_templates.py:
* parser/UnlinkedSourceCode.h:
* wasm/WasmAirIRGenerator.cpp:
(JSC::Wasm::parseAndCompileAir):
* wasm/WasmB3IRGenerator.cpp:
(JSC::Wasm::parseAndCompile):
* wasm/WasmNameSectionParser.cpp:
(JSC::Wasm::NameSectionParser::parse):
* wasm/WasmStreamingParser.cpp:
(JSC::Wasm::StreamingParser::consume):
Source/WebCore:
* Modules/encryptedmedia/CDM.cpp:
(WebCore::CDM::getSupportedConfiguration):
* Modules/encryptedmedia/MediaKeys.cpp:
(WebCore::MediaKeys::createSession):
* Modules/entriesapi/DOMFileSystem.cpp:
(WebCore::listDirectoryWithMetadata):
(WebCore::toFileSystemEntries):
* Modules/fetch/FetchBody.cpp:
(WebCore::FetchBody::fromFormData):
(WebCore::FetchBody::bodyAsFormData const):
(WebCore::FetchBody::take):
* Modules/fetch/FetchRequest.cpp:
(WebCore::FetchRequest::create):
(WebCore::FetchRequest::clone):
* Modules/fetch/FetchResponse.cpp:
(WebCore::FetchResponse::create):
(WebCore::FetchResponse::redirect):
(WebCore::FetchResponse::clone):
* Modules/indexeddb/IDBCursor.cpp:
(WebCore::IDBCursor::update):
(WebCore::IDBCursor::deleteFunction):
* Modules/indexeddb/IDBDatabase.cpp:
(WebCore::IDBDatabase::transaction):
* Modules/indexeddb/IDBDatabaseIdentifier.h:
* Modules/indexeddb/IDBKeyData.h:
(WebCore::IDBKeyData::decode):
* Modules/indexeddb/IDBObjectStore.cpp:
(WebCore::IDBObjectStore::createIndex):
(WebCore::IDBObjectStore::index):
* Modules/indexeddb/IDBValue.h:
(WebCore::IDBValue::decode):
* Modules/indexeddb/shared/IDBError.cpp:
(WebCore::IDBError::operator=): Deleted.
* Modules/indexeddb/shared/IDBError.h:
* Modules/indexeddb/shared/IDBResultData.h:
(WebCore::IDBResultData::decode):
* Modules/mediarecorder/MediaRecorder.cpp:
(WebCore::MediaRecorder::create):
* Modules/mediasource/MediaSource.cpp:
(WebCore::MediaSource::addSourceBuffer):
* Modules/mediastream/RTCPeerConnection.cpp:
(WebCore::iceServersFromConfiguration):
(WebCore::RTCPeerConnection::certificatesFromConfiguration):
(WebCore::certificateTypeFromAlgorithmIdentifier):
* Modules/mediastream/libwebrtc/LibWebRTCMediaEndpoint.cpp:
(WebCore::LibWebRTCMediaEndpoint::getStats):
* Modules/mediastream/libwebrtc/LibWebRTCPeerConnectionBackend.cpp:
(WebCore::LibWebRTCPeerConnectionBackend::addTrack):
(WebCore::LibWebRTCPeerConnectionBackend::addUnifiedPlanTransceiver):
* Modules/webaudio/AudioBuffer.cpp:
(WebCore::AudioBuffer::create):
* Modules/webaudio/AudioContext.cpp:
(WebCore::AudioContext::createMediaElementSource):
(WebCore::AudioContext::createMediaStreamSource):
(WebCore::AudioContext::createScriptProcessor):
* Modules/webaudio/OfflineAudioContext.cpp:
(WebCore::OfflineAudioContext::create):
* Modules/webdatabase/DatabaseManager.cpp:
(WebCore::DatabaseManager::tryToOpenDatabaseBackend):
* Modules/webdatabase/DatabaseTracker.cpp:
(WebCore::DatabaseTracker::canEstablishDatabase):
(WebCore::DatabaseTracker::retryCanEstablishDatabase):
* Modules/webdatabase/SQLResultSetRowList.cpp:
(WebCore::SQLResultSetRowList::item const):
* Modules/websockets/WebSocket.cpp:
(WebCore::WebSocket::create):
* accessibility/AXObjectCache.cpp:
(WebCore::AXObjectCache::rangeForNodeContents):
(WebCore::AXObjectCache::rangeForUnorderedCharacterOffsets):
* animation/KeyframeEffect.cpp:
(WebCore::KeyframeEffect::create):
(WebCore::KeyframeEffect::backingAnimationForCompositedRenderer const):
* bindings/js/JSCustomElementInterface.cpp:
(WebCore::JSCustomElementInterface::constructElementWithFallback):
* bindings/js/JSDOMConvertVariadic.h:
(WebCore::VariadicConverter::convert):
(WebCore::convertVariadicArguments):
* bindings/js/SerializedScriptValue.cpp:
(WebCore::CloneDeserializer::readDOMPointInit):
(WebCore::transferArrayBuffers):
* bindings/scripts/CodeGeneratorJS.pm:
(GenerateCallbackImplementationContent):
* bindings/scripts/test/JS/JSTestCallbackFunction.cpp:
(WebCore::JSTestCallbackFunction::handleEvent):
* bindings/scripts/test/JS/JSTestCallbackFunctionRethrow.cpp:
(WebCore::JSTestCallbackFunctionRethrow::handleEvent):
* bindings/scripts/test/JS/JSTestCallbackInterface.cpp:
(WebCore::JSTestCallbackInterface::callbackWithAReturnValue):
(WebCore::JSTestCallbackInterface::callbackThatRethrowsExceptions):
(WebCore::JSTestCallbackInterface::callbackThatSkipsInvokeCheck):
(WebCore::JSTestCallbackInterface::callbackWithThisObject):
* contentextensions/ContentExtensionParser.cpp:
(WebCore::ContentExtensions::getStringList):
(WebCore::ContentExtensions::loadTrigger):
(WebCore::ContentExtensions::loadEncodedRules):
(WebCore::ContentExtensions::parseRuleList):
* crypto/SubtleCrypto.cpp:
(WebCore::normalizeCryptoAlgorithmParameters):
* crypto/gcrypt/CryptoAlgorithmHMACGCrypt.cpp:
(WebCore::calculateSignature):
* crypto/keys/CryptoKeyEC.cpp:
(WebCore::CryptoKeyEC::exportJwk const):
* css/CSSComputedStyleDeclaration.cpp:
(WebCore::computedTransform):
(WebCore::ComputedStyleExtractor::valueForShadow):
(WebCore::ComputedStyleExtractor::valueForFilter):
(WebCore::specifiedValueForGridTrackSize):
(WebCore::valueForGridTrackList):
(WebCore::valueForGridPosition):
(WebCore::willChangePropertyValue):
(WebCore::fontVariantLigaturesPropertyValue):
(WebCore::fontVariantNumericPropertyValue):
(WebCore::fontVariantEastAsianPropertyValue):
(WebCore::touchActionFlagsToCSSValue):
(WebCore::renderTextDecorationFlagsToCSSValue):
(WebCore::renderEmphasisPositionFlagsToCSSValue):
(WebCore::speakAsToCSSValue):
(WebCore::hangingPunctuationToCSSValue):
(WebCore::fillRepeatToCSSValue):
(WebCore::fillSizeToCSSValue):
(WebCore::counterToCSSValue):
(WebCore::fontVariantFromStyle):
(WebCore::fontSynthesisFromStyle):
(WebCore::shapePropertyValue):
(WebCore::paintOrder):
(WebCore::ComputedStyleExtractor::valueForPropertyinStyle):
(WebCore::ComputedStyleExtractor::getCSSPropertyValuesFor2SidesShorthand):
(WebCore::ComputedStyleExtractor::getCSSPropertyValuesFor4SidesShorthand):
* css/CSSFontFaceSet.cpp:
(WebCore::CSSFontFaceSet::matchingFacesExcludingPreinstalledFonts):
* css/CSSGradientValue.cpp:
(WebCore::CSSGradientValue::image):
* css/CSSStyleSheet.cpp:
(WebCore::CSSStyleSheet::rules):
* css/DOMMatrixReadOnly.cpp:
(WebCore::DOMMatrixReadOnly::parseStringIntoAbstractMatrix):
* css/FontFace.cpp:
(WebCore::FontFace::create):
* css/FontVariantBuilder.cpp:
(WebCore::computeFontVariant):
* css/PropertySetCSSStyleDeclaration.cpp:
(WebCore::PropertySetCSSStyleDeclaration::removeProperty):
* css/SVGCSSComputedStyleDeclaration.cpp:
(WebCore::strokeDashArrayToCSSValueList):
(WebCore::ComputedStyleExtractor::adjustSVGPaintForCurrentColor const):
* css/StyleBuilderConverter.h:
(WebCore::StyleBuilderConverter::convertReflection):
* css/WebKitCSSMatrix.cpp:
(WebCore::WebKitCSSMatrix::create):
(WebCore::WebKitCSSMatrix::multiply const):
* css/parser/CSSPropertyParser.cpp:
(WebCore::consumeFontVariationSettings):
(WebCore::consumeBasicShapePath):
(WebCore::consumeImplicitGridAutoFlow):
* cssjit/StackAllocator.h:
* dom/DOMImplementation.cpp:
(WebCore::DOMImplementation::createDocument):
* dom/Document.cpp:
(WebCore::Document::cloneNodeInternal):
* dom/DocumentFragment.cpp:
(WebCore::DocumentFragment::cloneNodeInternal):
* dom/Element.cpp:
(WebCore::Element::setAttributeNode):
(WebCore::Element::setAttributeNodeNS):
(WebCore::Element::removeAttributeNode):
(WebCore::Element::parseAttributeName):
(WebCore::Element::animate):
* dom/MessagePort.cpp:
(WebCore::MessagePort::disentanglePorts):
* dom/NodeIterator.cpp:
(WebCore::NodeIterator::nextNode):
(WebCore::NodeIterator::previousNode):
* dom/Range.cpp:
(WebCore::Range::processContents):
(WebCore::processContentsBetweenOffsets):
(WebCore::processAncestorsAndTheirSiblings):
* dom/RangeBoundaryPoint.h:
* dom/ScriptDisallowedScope.h:
(WebCore::ScriptDisallowedScope::operator=):
* dom/Text.cpp:
(WebCore::Text::splitText):
* dom/TextDecoder.cpp:
(WebCore::TextDecoder::create):
(WebCore::TextDecoder::decode):
* editing/CompositeEditCommand.cpp:
(WebCore::CompositeEditCommand::insertBlockPlaceholder):
(WebCore::CompositeEditCommand::moveParagraphContentsToNewBlockIfNecessary):
* editing/Editing.cpp:
(WebCore::createTabSpanElement):
* editing/EditingStyle.cpp:
(WebCore::EditingStyle::styleAtSelectionStart):
* editing/TextIterator.cpp:
(WebCore::TextIterator::rangeFromLocationAndLength):
* editing/VisibleSelection.cpp:
(WebCore::makeSearchRange):
* editing/markup.cpp:
(WebCore::styleFromMatchedRulesAndInlineDecl):
(WebCore::createFragmentForInnerOuterHTML):
(WebCore::createContextualFragment):
* html/FormController.cpp:
(WebCore::deserializeFormControlState):
* html/HTMLCanvasElement.cpp:
(WebCore::HTMLCanvasElement::captureStream):
* html/HTMLMediaElement.cpp:
(WebCore::HTMLMediaElement::mediaPlayerCreateResourceLoader):
* html/HTMLOptionElement.cpp:
(WebCore::HTMLOptionElement::createForJSConstructor):
* html/HTMLPlugInImageElement.cpp:
(WebCore::HTMLPlugInImageElement::createElementRenderer):
* html/HTMLTableElement.cpp:
(WebCore::HTMLTableElement::createSharedCellStyle):
* html/HTMLTableRowElement.cpp:
(WebCore::HTMLTableRowElement::insertCell):
* html/ImageData.cpp:
(WebCore::ImageData::create):
* html/OffscreenCanvas.cpp:
(WebCore::OffscreenCanvas::transferToImageBitmap):
* html/canvas/CanvasRenderingContext2DBase.cpp:
(WebCore::CanvasRenderingContext2DBase::createLinearGradient):
(WebCore::CanvasRenderingContext2DBase::createRadialGradient):
* html/canvas/OESVertexArrayObject.cpp:
(WebCore::OESVertexArrayObject::createVertexArrayOES):
* html/canvas/WebGLRenderingContextBase.cpp:
(WebCore::WebGLRenderingContextBase::createBuffer):
(WebCore::WebGLRenderingContextBase::createFramebuffer):
(WebCore::WebGLRenderingContextBase::createTexture):
(WebCore::WebGLRenderingContextBase::createProgram):
(WebCore::WebGLRenderingContextBase::createRenderbuffer):
(WebCore::WebGLRenderingContextBase::createShader):
(WebCore::WebGLRenderingContextBase::getContextAttributes):
(WebCore::WebGLRenderingContextBase::getUniform):
* html/shadow/TextControlInnerElements.cpp:
(WebCore::TextControlInnerContainer::resolveCustomStyle):
(WebCore::TextControlPlaceholderElement::resolveCustomStyle):
* html/track/BufferedLineReader.cpp:
(WebCore::BufferedLineReader::nextLine):
* html/track/VTTCue.cpp:
(WebCore::VTTCue::getCueAsHTML):
(WebCore::VTTCue::createCueRenderingTree):
* html/track/WebVTTElement.cpp:
(WebCore::WebVTTElement::cloneElementWithoutAttributesAndChildren):
* inspector/InspectorStyleSheet.cpp:
(WebCore::asCSSRuleList):
(WebCore::InspectorStyle::buildObjectForStyle const):
(WebCore::InspectorStyleSheet::buildObjectForStyleSheet):
(WebCore::InspectorStyleSheet::buildObjectForRule):
* inspector/agents/InspectorCSSAgent.cpp:
(WebCore::InspectorCSSAgent::buildArrayForMatchedRuleList):
* inspector/agents/InspectorDOMAgent.cpp:
(WebCore::InspectorDOMAgent::buildArrayForPseudoElements):
(WebCore::InspectorDOMAgent::buildObjectForAccessibilityProperties):
* inspector/agents/InspectorNetworkAgent.cpp:
(WebCore::InspectorNetworkAgent::buildObjectForResourceResponse):
* loader/FetchOptions.h:
(WebCore::FetchOptions::decode):
* loader/MediaResourceLoader.cpp:
(WebCore::MediaResourceLoader::requestResource):
* loader/appcache/ApplicationCacheStorage.cpp:
(WebCore::ApplicationCacheStorage::loadCache):
(WebCore::ApplicationCacheStorage::manifestURLs):
* loader/archive/mhtml/MHTMLParser.cpp:
(WebCore::MHTMLParser::parseArchiveWithHeader):
* loader/cache/CachedResourceLoader.cpp:
(WebCore::CachedResourceLoader::requestResource):
* page/DOMWindow.cpp:
(WebCore::DOMWindow::getMatchedCSSRules const):
* page/DragController.cpp:
(WebCore::documentFragmentFromDragData):
* page/EventSource.cpp:
(WebCore::EventSource::create):
* page/PerformanceUserTiming.cpp:
(WebCore::UserTiming::mark):
(WebCore::UserTiming::measure):
* page/SecurityOrigin.h:
(WebCore::SecurityOrigin::decode):
* page/scrolling/ScrollingConstraints.h:
(WebCore::FixedPositionViewportConstraints::FixedPositionViewportConstraints):
(WebCore::LayoutConstraints::LayoutConstraints): Deleted.
* platform/Length.h:
(WebCore::Length::Length):
* platform/animation/TimingFunction.cpp:
(WebCore::TimingFunction::createFromCSSText):
* platform/encryptedmedia/clearkey/CDMClearKey.cpp:
(WebCore::parseLicenseFormat):
* platform/graphics/FloatPoint3D.h:
* platform/graphics/Font.cpp:
(WebCore::createAndFillGlyphPage):
* platform/graphics/GLContext.cpp:
(WebCore::GLContext::createContextForWindow):
(WebCore::GLContext::createSharingContext):
* platform/graphics/GraphicsContext.cpp:
* platform/graphics/HEVCUtilities.cpp:
(WebCore::parseHEVCCodecParameters):
* platform/graphics/gtk/ImageGtk.cpp:
(WebCore::loadImageFromGResource):
(WebCore::loadMissingImageIconFromTheme):
* platform/graphics/wayland/PlatformDisplayWayland.cpp:
(WebCore::PlatformDisplayWayland::create):
* platform/mediastream/MediaConstraints.h:
(WebCore::MediaTrackConstraintSetMap::decode):
* platform/mediastream/MediaStreamRequest.h:
(WebCore::MediaStreamRequest::decode):
* platform/mediastream/gstreamer/GStreamerVideoFrameLibWebRTC.cpp:
(WebCore::GStreamerSampleFromLibWebRTCVideoFrame):
* platform/mediastream/gstreamer/RealtimeIncomingAudioSourceLibWebRTC.cpp:
(WebCore::RealtimeIncomingAudioSource::create):
* platform/mediastream/gstreamer/RealtimeIncomingVideoSourceLibWebRTC.cpp:
(WebCore::RealtimeIncomingVideoSource::create):
* platform/mock/MockRealtimeMediaSourceCenter.cpp:
(WebCore::MockRealtimeMediaSourceCenter::captureDeviceWithPersistentID):
* platform/mock/mediasource/MockSourceBufferPrivate.cpp:
(WebCore::MockMediaSample::createNonDisplayingCopy const):
* platform/network/BlobRegistryImpl.cpp:
(WebCore::BlobRegistryImpl::createResourceHandle):
* platform/network/CookieRequestHeaderFieldProxy.h:
(WebCore::CookieRequestHeaderFieldProxy::decode):
* platform/network/FormData.h:
(WebCore::FormData::decode):
* platform/network/MIMEHeader.cpp:
(WebCore::MIMEHeader::parseHeader):
* platform/network/ResourceHandle.cpp:
(WebCore::ResourceHandle::create):
* platform/network/soup/DNSResolveQueueSoup.cpp:
(WebCore::DNSResolveQueueSoup::takeCompletionAndCancelHandlers):
* rendering/RenderElement.cpp:
(WebCore::RenderElement::createFor):
* rendering/shapes/Shape.cpp:
(WebCore::Shape::createRasterShape):
(WebCore::Shape::createBoxShape):
* rendering/style/BasicShapes.cpp:
(WebCore::BasicShapeCircle::blend const):
(WebCore::BasicShapeEllipse::blend const):
(WebCore::BasicShapePolygon::blend const):
(WebCore::BasicShapePath::blend const):
(WebCore::BasicShapeInset::blend const):
* rendering/style/BasicShapes.h:
(WebCore::BasicShapeRadius::BasicShapeRadius):
* rendering/style/ContentData.cpp:
(WebCore::ImageContentData::createContentRenderer const):
(WebCore::TextContentData::createContentRenderer const):
(WebCore::QuoteContentData::createContentRenderer const):
* rendering/style/ContentData.h:
* rendering/svg/RenderSVGInline.cpp:
(WebCore::RenderSVGInline::createInlineFlowBox):
* rendering/svg/RenderSVGInlineText.cpp:
(WebCore::RenderSVGInlineText::createTextBox):
* rendering/svg/RenderSVGText.cpp:
(WebCore::RenderSVGText::createRootInlineBox):
* svg/SVGFEBlendElement.cpp:
(WebCore::SVGFEBlendElement::build):
* svg/SVGFEColorMatrixElement.cpp:
(WebCore::SVGFEColorMatrixElement::build):
* svg/SVGFEComponentTransferElement.cpp:
(WebCore::SVGFEComponentTransferElement::build):
* svg/SVGFECompositeElement.cpp:
(WebCore::SVGFECompositeElement::build):
* svg/SVGFEConvolveMatrixElement.cpp:
(WebCore::SVGFEConvolveMatrixElement::build):
* svg/SVGFEDiffuseLightingElement.cpp:
(WebCore::SVGFEDiffuseLightingElement::build):
* svg/SVGFEDisplacementMapElement.cpp:
(WebCore::SVGFEDisplacementMapElement::build):
* svg/SVGFEDropShadowElement.cpp:
(WebCore::SVGFEDropShadowElement::build):
* svg/SVGFEGaussianBlurElement.cpp:
(WebCore::SVGFEGaussianBlurElement::build):
* svg/SVGFEMergeElement.cpp:
(WebCore::SVGFEMergeElement::build):
* svg/SVGFEMorphologyElement.cpp:
(WebCore::SVGFEMorphologyElement::build):
* svg/SVGFEOffsetElement.cpp:
(WebCore::SVGFEOffsetElement::build):
* svg/SVGFESpecularLightingElement.cpp:
(WebCore::SVGFESpecularLightingElement::build):
* svg/SVGFETileElement.cpp:
(WebCore::SVGFETileElement::build):
* svg/SVGTransformList.h:
* svg/properties/SVGList.h:
(WebCore::SVGList::initialize):
(WebCore::SVGList::insertItemBefore):
(WebCore::SVGList::replaceItem):
(WebCore::SVGList::removeItem):
(WebCore::SVGList::appendItem):
* svg/properties/SVGListProperty.h:
(WebCore::SVGListProperty::initializeValuesAndWrappers):
(WebCore::SVGListProperty::insertItemBeforeValuesAndWrappers):
(WebCore::SVGListProperty::replaceItemValuesAndWrappers):
(WebCore::SVGListProperty::removeItemValues):
(WebCore::SVGListProperty::appendItemValuesAndWrappers):
* svg/properties/SVGPrimitiveList.h:
* testing/Internals.cpp:
(WebCore::Internals::elementRenderTreeAsText):
(WebCore::parseFindOptions):
* workers/AbstractWorker.cpp:
(WebCore::AbstractWorker::resolveURL):
* workers/Worker.cpp:
(WebCore::Worker::create):
* workers/service/ServiceWorkerJobData.h:
(WebCore::ServiceWorkerJobData::decode):
* xml/DOMParser.cpp:
(WebCore::DOMParser::parseFromString):
* xml/XPathExpression.cpp:
(WebCore::XPathExpression::evaluate):
Source/WebKit:
* NetworkProcess/cache/CacheStorageEngineCache.cpp:
(WebKit::CacheStorage::Cache::decode):
* Platform/IPC/ArgumentCoders.h:
* Shared/CallbackID.h:
(WebKit::CallbackID::operator=):
* Shared/OptionalCallbackID.h:
(WebKit::OptionalCallbackID::operator=):
* Shared/Plugins/NPIdentifierData.cpp:
(WebKit::NPIdentifierData::decode):
* Shared/Plugins/NPVariantData.cpp:
(WebKit::NPVariantData::decode):
* Shared/Plugins/Netscape/NetscapePluginModule.cpp:
(WebKit::NetscapePluginModule::getOrCreate):
* Shared/RTCNetwork.cpp:
(WebKit::RTCNetwork::IPAddress::decode):
* Shared/SessionState.cpp:
(WebKit::HTTPBody::Element::decode):
(WebKit::FrameState::decode):
(WebKit::BackForwardListItemState::decode):
* Shared/WebCompiledContentRuleListData.cpp:
(WebKit::WebCompiledContentRuleListData::decode):
* Shared/WebCoreArgumentCoders.cpp:
(IPC::ArgumentCoder<FloatPoint>::decode):
(IPC::ArgumentCoder<FloatRect>::decode):
(IPC::ArgumentCoder<FloatQuad>::decode):
(IPC::ArgumentCoder<ViewportArguments>::decode):
(IPC::ArgumentCoder<IntPoint>::decode):
(IPC::ArgumentCoder<IntRect>::decode):
(IPC::ArgumentCoder<IntSize>::decode):
(IPC::ArgumentCoder<MimeClassInfo>::decode):
(IPC::ArgumentCoder<PluginInfo>::decode):
(IPC::ArgumentCoder<SelectionRect>::decode):
(IPC::ArgumentCoder<CompositionUnderline>::decode):
(IPC::ArgumentCoder<BlobPart>::decode):
(IPC::ArgumentCoder<TextIndicatorData>::decode):
(IPC::ArgumentCoder<ResourceLoadStatistics>::decode):
(IPC::ArgumentCoder<ScrollOffsetRange<float>>::decode):
* Shared/WebPageCreationParameters.cpp:
(WebKit::WebPageCreationParameters::decode):
* Shared/WebPlatformTouchPoint.cpp:
(WebKit::WebPlatformTouchPoint::decode):
* Shared/WebsiteData/WebsiteData.cpp:
(WebKit::WebsiteData::Entry::decode):
* Shared/WebsiteDataStoreParameters.cpp:
(WebKit::WebsiteDataStoreParameters::decode):
* UIProcess/API/APIContentRuleListStore.cpp:
(API::decodeContentRuleListMetaData):
* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::launchProcessForReload):
(WebKit::WebPageProxy::launchProcessWithItem):
(WebKit::WebPageProxy::loadRequest):
(WebKit::WebPageProxy::loadFile):
(WebKit::WebPageProxy::loadData):
(WebKit::WebPageProxy::reload):
* UIProcess/WebProcessCache.cpp:
(WebKit::WebProcessCache::takeProcess):
* UIProcess/WebProcessPool.cpp:
(WebKit::WebProcessPool::findReusableSuspendedPageProcess):
* WebProcess/InjectedBundle/DOM/InjectedBundleCSSStyleDeclarationHandle.cpp:
(WebKit::InjectedBundleCSSStyleDeclarationHandle::getOrCreate):
* WebProcess/InjectedBundle/DOM/InjectedBundleRangeHandle.cpp:
(WebKit::InjectedBundleRangeHandle::getOrCreate):
* WebProcess/InjectedBundle/InjectedBundle.cpp:
(WebKit::InjectedBundle::create):
* WebProcess/Network/WebLoaderStrategy.cpp:
(WebKit::WebLoaderStrategy::tryLoadingSynchronouslyUsingURLSchemeHandler):
* WebProcess/WebPage/CoordinatedGraphics/CompositingCoordinator.cpp:
(WebKit::CompositingCoordinator::createGraphicsLayer):
* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::pdfSnapshotAtSize):
(WebKit::WebPage::createDocumentLoader):
* WebProcess/WebStorage/StorageNamespaceImpl.cpp:
(WebKit::StorageNamespaceImpl::copy):
Source/WTF:
* wtf/CheckedArithmetic.h:
(WTF::Checked::Checked):
* wtf/MetaAllocator.cpp:
(WTF::MetaAllocator::allocate):
* wtf/URLParser.cpp:
(WTF::CodePointIterator::operator!= const):
(WTF::CodePointIterator::operator=): Deleted.
* wtf/text/StringView.h:
(WTF::StringView::CodePoints::Iterator::operator=): Deleted.
Commit: 25ad21df61f321c8792e7a5115e2c28b872a8580
https://github.com/WebKit/WebKit/commit/25ad21df61f321c8792e7a5115e2c28b872a8580
Author: Chris Dumez <cdumez at apple.com>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/Shared/CallbackID.h
M Source/WebKit/Shared/OptionalCallbackID.h
Log Message:
-----------
Merge r243203 - Unreviewed, drop invalid assertions landed in r243163.
Those assertions were causing some API tests to crash.
Also include some post-review suggestions from Darin.
* Shared/CallbackID.h:
(WebKit::CallbackID::operator=):
* Shared/OptionalCallbackID.h:
(WebKit::OptionalCallbackID::operator=):
Commit: 39bd734247802040e19f21bda6ccb0c8d9ef418d
https://github.com/WebKit/WebKit/commit/39bd734247802040e19f21bda6ccb0c8d9ef418d
Author: Michael Catanzaro <mcatanzaro at igalia.com>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/inspector/scripts/codegen/cpp_generator_templates.py
M Source/WebCore/ChangeLog
M Source/WebCore/Modules/fetch/FetchBody.cpp
Log Message:
-----------
Merge r243204 - Remove copyRef() calls added in r243163
https://bugs.webkit.org/show_bug.cgi?id=195962
Patch by Michael Catanzaro <mcatanzaro at igalia.com> on 2019-03-20
Reviewed by Chris Dumez.
Source/JavaScriptCore:
As best I can tell, may be a GCC 9 bug. It shouldn't warn about this case because the return
value is noncopyable and the WTFMove() is absolutely required. We can avoid the warning
without refcount churn by introducing an intermediate variable.
* inspector/scripts/codegen/cpp_generator_templates.py:
Source/WebCore:
The first two cases here can just directly return the RefPtr.
In the third case, we have to work around a GCC 6 bug because GCC 6 is unable to pick the
right constructor to use, unlike modern compilers.
* Modules/fetch/FetchBody.cpp:
(WebCore::FetchBody::bodyAsFormData const):
(WebCore::FetchBody::take):
Commit: 15329888ba62f1a00a05d3c44edd15bef9dacb40
https://github.com/WebKit/WebKit/commit/15329888ba62f1a00a05d3c44edd15bef9dacb40
Author: Xan Lopez <xan at igalia.com>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M Source/WTF/ChangeLog
M Source/WTF/wtf/text/StringConcatenate.h
Log Message:
-----------
Merge r243115 - [WTF] Remove redundant std::move in StringConcatenate
https://bugs.webkit.org/show_bug.cgi?id=195798
Patch by Xan Lopez <xan at igalia.com> on 2019-03-18
Reviewed by Darin Adler.
Remove redundant calls to WTFMove in return values for this
method. C++ will already do an implicit move here since we are
returning a local value where copy/move elision is not applicable.
* wtf/text/StringConcatenate.h:
(WTF::tryMakeStringFromAdapters):
Commit: 40aebfcc6ec5bdf9ae00bb4875744baef4323858
https://github.com/WebKit/WebKit/commit/40aebfcc6ec5bdf9ae00bb4875744baef4323858
Author: Michael Catanzaro <mcatanzaro at gnome.org>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M Source/WTF/ChangeLog
M Source/WTF/wtf/URLHelpers.cpp
Log Message:
-----------
Merge r245234 - Unreviewed, fix unused variable warnings in release builds
Source/WebKit:
* UIProcess/WebProcessPool.cpp:
(WebKit::WebProcessPool::clearWebProcessHasUploads):
Source/WTF:
* wtf/URLHelpers.cpp:
(WTF::URLHelpers::escapeUnsafeCharacters):
Commit: 39ac51918f170ca71afd8d1a06fbc2faffd754b3
https://github.com/WebKit/WebKit/commit/39ac51918f170ca71afd8d1a06fbc2faffd754b3
Author: Michael Catanzaro <mcatanzaro at gnome.org>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/jsc.cpp
Log Message:
-----------
Merge r241995 - Unreviewed, fix -Wunused-param warning
* jsc.cpp:
Commit: 136ec9c6eda7942a3c615f90d85236cc7208d71e
https://github.com/WebKit/WebKit/commit/136ec9c6eda7942a3c615f90d85236cc7208d71e
Author: Michael Catanzaro <mcatanzaro at igalia.com>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M Source/WebCore/inspector/InspectorOverlay.cpp
Log Message:
-----------
Unreviewed, fix build warnings in InspectorOverlay.cpp
* inspector/InspectorOverlay.cpp:
(WebCore::buildArrayForRendererFragments):
(WebCore::buildObjectForShapeOutside):
(WebCore::buildObjectForElementData):
(WebCore::InspectorOverlay::buildHighlightObjectForNode const):
Commit: a557bdd86c7a7df84e575b1e87567e5d455c6147
https://github.com/WebKit/WebKit/commit/a557bdd86c7a7df84e575b1e87567e5d455c6147
Author: Michael Catanzaro <mcatanzaro at igalia.com>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M Source/WebKit/Shared/WebCoreArgumentCoders.cpp
Log Message:
-----------
Unreviewed, fix build warning in WebCoreArgumentCoders
* Shared/WebCoreArgumentCoders.cpp:
(IPC::ArgumentCoder<Region::Span>::decode):
Commit: 6876c9e0b16e9006333b5541b1f2c0b3be75a83a
https://github.com/WebKit/WebKit/commit/6876c9e0b16e9006333b5541b1f2c0b3be75a83a
Author: Mark Lam <mark.lam at apple.com>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/offlineasm/cloop.rb
Log Message:
-----------
Merge r242215 - cloop.rb shift mask should depend on the word size being shifted.
https://bugs.webkit.org/show_bug.cgi?id=195181
<rdar://problem/48484164>
Reviewed by Yusuke Suzuki.
Previously, we're always masking the shift amount with 0x1f. This is only correct
for 32-bit words. For 64-bit words, the mask should be 0x3f. For pointer sized
shifts, the mask depends on sizeof(uintptr_t).
* offlineasm/cloop.rb:
Commit: b19438691cdabe59b1c1f03fe8ca2c5f31145fee
https://github.com/WebKit/WebKit/commit/b19438691cdabe59b1c1f03fe8ca2c5f31145fee
Author: Michael Saboff <msaboff at apple.com>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/yarr/YarrInterpreter.cpp
M Source/JavaScriptCore/yarr/YarrJIT.cpp
M Source/JavaScriptCore/yarr/YarrJIT.h
Log Message:
-----------
Merge r243237 - JSC test crash: stress/dont-strength-reduce-regexp-with-compile-error.js.default
https://bugs.webkit.org/show_bug.cgi?id=195906
Reviewed by Mark Lam.
The problem here as that we may successfully parsed a RegExp without running out of stack,
but later run out of stack when trying to JIT compile the same expression.
Added a check for available stack space when we call into one of the parenthesis compilation
functions that recurse. When we don't have enough stack space to recurse, we fail the JIT
compilation and let the interpreter handle the expression.
>From code inspection of the YARR interpreter it has the same issue, but I couldn't cause a failure.
Filed a new bug and added a FIXME comment for the Interpreter to have similar checks.
Given that we can reproduce a failure, this is sufficient for now.
This change is covered by the previously added failing test,
JSTests/stress/dont-strength-reduce-regexp-with-compile-error.js.
* yarr/YarrInterpreter.cpp:
(JSC::Yarr::Interpreter::interpret):
* yarr/YarrJIT.cpp:
(JSC::Yarr::YarrGenerator::opCompileParenthesesSubpattern):
(JSC::Yarr::YarrGenerator::opCompileParentheticalAssertion):
(JSC::Yarr::YarrGenerator::opCompileBody):
(JSC::Yarr::dumpCompileFailure):
* yarr/YarrJIT.h:
Commit: d4f3f261efe944be74dde01447ce461131c5e5f0
https://github.com/WebKit/WebKit/commit/d4f3f261efe944be74dde01447ce461131c5e5f0
Author: Tadeu Zagallo <tzagallo at apple.com>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/call-link-info-osrexit-repatch.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/bytecode/CallLinkInfo.cpp
M Source/JavaScriptCore/bytecode/CallLinkInfo.h
M Source/JavaScriptCore/bytecode/CodeBlock.cpp
M Source/JavaScriptCore/jit/Repatch.cpp
Log Message:
-----------
Merge r243626 - CodeBlock::jettison() should disallow repatching its own calls
https://bugs.webkit.org/show_bug.cgi?id=196359
<rdar://problem/48973663>
Reviewed by Saam Barati.
JSTests:
* stress/call-link-info-osrexit-repatch.js: Added.
(foo):
Source/JavaScriptCore:
CodeBlock::jettison() calls CommonData::invalidate, which replaces the `hlt`
instruction with the jump to OSR exit. However, if the `hlt` was immediately
followed by a call to the CodeBlock being jettisoned, we would write over the
OSR exit address while unlinking all the incoming CallLinkInfos later in
CodeBlock::jettison().
Change it so that we set a flag, `clearedByJettison`, in all the CallLinkInfos
owned by the CodeBlock being jettisoned. If the flag is set, we will avoid
repatching the call during unlinking. This is safe because this call will never
be reachable again after the CodeBlock is jettisoned.
* bytecode/CallLinkInfo.cpp:
(JSC::CallLinkInfo::CallLinkInfo):
(JSC::CallLinkInfo::setCallee):
(JSC::CallLinkInfo::clearCallee):
(JSC::CallLinkInfo::setCodeBlock):
(JSC::CallLinkInfo::clearCodeBlock):
* bytecode/CallLinkInfo.h:
(JSC::CallLinkInfo::clearedByJettison):
(JSC::CallLinkInfo::setClearedByJettison):
* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::jettison):
* jit/Repatch.cpp:
(JSC::revertCall):
Commit: eec325f8c37b5406e6a3ef3b87097e1a59da71dc
https://github.com/WebKit/WebKit/commit/eec325f8c37b5406e6a3ef3b87097e1a59da71dc
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/clear-callee-or-codeblock-in-calllinkinfo-even-cleared-by-jettison.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/bytecode/CallLinkInfo.cpp
M Source/JavaScriptCore/jit/Repatch.cpp
Log Message:
-----------
Merge r243966 - [JSC] CallLinkInfo should clear Callee or CodeBlock even if it is unlinked by jettison
https://bugs.webkit.org/show_bug.cgi?id=196683
Reviewed by Saam Barati.
JSTests:
* stress/clear-callee-or-codeblock-in-calllinkinfo-even-cleared-by-jettison.js: Added.
(foo):
Source/JavaScriptCore:
In r243626, we stop repatching CallLinkInfo when the CallLinkInfo is held by jettisoned CodeBlock.
But we still need to clear the Callee or CodeBlock since they are now dead. Otherwise, CodeBlock's
visitWeak eventually accesses this dead cells and crashes because the owner CodeBlock of CallLinkInfo
can be still live.
We also move all repatching operations from CallLinkInfo.cpp to Repatch.cpp for consistency because the
other repatching operations in CallLinkInfo are implemented in Repatch.cpp side.
* bytecode/CallLinkInfo.cpp:
(JSC::CallLinkInfo::setCallee):
(JSC::CallLinkInfo::clearCallee):
* jit/Repatch.cpp:
(JSC::linkFor):
(JSC::revertCall):
Commit: 6019e93f04df4bbfce904d6236aff84edf1b84c7
https://github.com/WebKit/WebKit/commit/6019e93f04df4bbfce904d6236aff84edf1b84c7
Author: Tadeu Zagallo <tzagallo at apple.com>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M JSTests/ChangeLog
M LayoutTests/ChangeLog
M Source/JavaScriptCore/ChangeLog
Log Message:
-----------
Merge r244950 - TypedArrays should not store properties that are canonical numeric indices
https://bugs.webkit.org/show_bug.cgi?id=197228
<rdar://problem/49557381>
Patch by Tadeu Zagallo <tzagallo at apple.com> on 2019-05-04
Reviewed by Saam Barati.
JSTests:
* stress/array-species-config-array-constructor.js:
(test):
* stress/put-direct-index-broken-2.js:
* stress/typed-array-canonical-numeric-index-string.js: Added.
(makeTest.assert):
(makeTest):
(const.testInvalidIndices.makeTest.set assert):
(const.testInvalidIndices.makeTest):
(const.makeTestValidIndex.configurable.set assert):
(const.makeTestValidIndex.configurable):
* stress/typedarray-access-monomorphic-neutered.js:
(checkNoException):
(testNoException):
(testFTLNoException):
* stress/typedarray-access-neutered.js:
(testNoException):
* stress/typedarray-getownproperty-not-configurable.js:
(foo):
* test262/expectations.yaml:
Source/JavaScriptCore:
According to the spec[1]:
- TypedArrays should not perform an ordinary GetOwnProperty/SetOwnProperty if the index is a
CanonicalNumericIndexString, but invalid according to IntegerIndexedElementGet and similar
functions. I.e., there are a few properties that should not be set in a TypedArray, like NaN,
Infinity and -0.
- On DefineOwnProperty, the out-of-bounds check should be performed before validating the property
descriptor.
- On GetOwnProperty, the returned descriptor for numeric properties should have writable set to true.
[1]: https://www.ecma-international.org/ecma-262/9.0/index.html#sec-integer-indexed-exotic-objects-defineownproperty-p-desc
* CMakeLists.txt:
* JavaScriptCore.xcodeproj/project.pbxproj:
* runtime/JSGenericTypedArrayViewInlines.h:
(JSC::JSGenericTypedArrayView<Adaptor>::getOwnPropertySlot):
(JSC::JSGenericTypedArrayView<Adaptor>::put):
(JSC::JSGenericTypedArrayView<Adaptor>::defineOwnProperty):
(JSC::JSGenericTypedArrayView<Adaptor>::getOwnPropertySlotByIndex):
(JSC::JSGenericTypedArrayView<Adaptor>::putByIndex):
* runtime/PropertyName.h:
(JSC::isCanonicalNumericIndexString):
LayoutTests:
* fast/canvas/canvas-ImageData-behaviour-expected.txt:
* fast/canvas/canvas-ImageData-behaviour.js:
Commit: 434ef5e2c7528fa67c1e96462d02a6d7b1671ddc
https://github.com/WebKit/WebKit/commit/434ef5e2c7528fa67c1e96462d02a6d7b1671ddc
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M JSTests/ChangeLog
M Source/JavaScriptCore/ChangeLog
Log Message:
-----------
Merge r244996 - [JSC] We should check OOM for description string of Symbol
https://bugs.webkit.org/show_bug.cgi?id=197634
Reviewed by Keith Miller.
JSTests:
* stress/check-symbol-description-oom.js: Added.
(shouldThrow):
Source/JavaScriptCore:
When resoling JSString for description of Symbol, we should check OOM error.
We also change JSValueMakeSymbol(..., nullptr) to returning a symbol value
without description, (1) to simplify the code and (2) give a way for JSC API
to create a symbol value without description.
* API/JSValueRef.cpp:
(JSValueMakeSymbol):
* API/tests/testapi.cpp:
(TestAPI::symbolsTypeof):
(TestAPI::symbolsDescription):
(testCAPIViaCpp):
* dfg/DFGOperations.cpp:
* runtime/Symbol.cpp:
(JSC::Symbol::createWithDescription):
* runtime/Symbol.h:
* runtime/SymbolConstructor.cpp:
(JSC::callSymbol):
Commit: 4bc941b66f9a4686cac9d9fe6fe7647953172be8
https://github.com/WebKit/WebKit/commit/4bc941b66f9a4686cac9d9fe6fe7647953172be8
Author: Tadeu Zagallo <tzagallo at apple.com>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/cache-put-by-id-delete-prototype.js
A JSTests/stress/cache-put-by-id-different-__proto__.js
A JSTests/stress/cache-put-by-id-different-attributes.js
A JSTests/stress/cache-put-by-id-different-offset.js
A JSTests/stress/cache-put-by-id-insert-prototype.js
A JSTests/stress/cache-put-by-id-poly-proto.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/jit/Repatch.cpp
Log Message:
-----------
Merge r245018 - tryCachePutByID should not crash if target offset changes
https://bugs.webkit.org/show_bug.cgi?id=197311
<rdar://problem/48033612>
Reviewed by Filip Pizlo.
JSTests:
Add a series of tests related tryCachePutByID. Two of these tests used to crash and were fixed
by this patch: `cache-put-by-id-different-attributes.js` and `cache-put-by-id-different-offset.js`
* stress/cache-put-by-id-delete-prototype.js: Added.
(A.prototype.set y):
(A):
(B.prototype.set y):
(B):
(C):
* stress/cache-put-by-id-different-__proto__.js: Added.
(A.prototype.set y):
(A):
(B1):
(B2.prototype.set y):
(B2):
(C):
(D):
* stress/cache-put-by-id-different-attributes.js: Added.
(Foo):
(set x):
* stress/cache-put-by-id-different-offset.js: Added.
(Foo):
(set x):
* stress/cache-put-by-id-insert-prototype.js: Added.
(A.prototype.set y):
(A):
(C):
* stress/cache-put-by-id-poly-proto.js: Added.
(Foo):
(set _):
(createBar.Bar):
(createBar):
Source/JavaScriptCore:
When tryCachePutID is called with a cacheable setter, if the target object where the setter was
found is still in the prototype chain and there's no poly protos in the chain, we use
generateConditionsForPrototypePropertyHit to validate that the target object remains the same.
It checks for the absence of the property in every object in the prototype chain from the base
down to the target object and checks that the property is still present in the target object. It
also bails if there are any uncacheable objects, proxies or dictionary objects in the prototype
chain. However, it does not consider two edge cases:
- It asserts that the property should still be at the same offset in the target object, but this
assertion does not hold if the setter deletes properties of the object and causes the structure
to be flattened after the deletion. Instead of asserting, we just use the updated offset.
- It does not check whether the new slot is also a setter, which leads to a crash in case it's not.
* jit/Repatch.cpp:
(JSC::tryCachePutByID):
Commit: 0b2e10caf2573a202292923001cdab0af2121687
https://github.com/WebKit/WebKit/commit/0b2e10caf2573a202292923001cdab0af2121687
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/do-not-perform-bytecode-peephole-optimization-in-jump-target.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/bytecompiler/BytecodeGenerator.cpp
M Source/JavaScriptCore/bytecompiler/BytecodeGenerator.h
Log Message:
-----------
Merge r245047 - JSC: A bug in BytecodeGenerator::emitEqualityOpImpl
https://bugs.webkit.org/show_bug.cgi?id=197479
Patch by Yusuke Suzuki <ysuzuki at apple.com> on 2019-05-07
Reviewed by Saam Barati.
JSTests:
* stress/do-not-perform-bytecode-peephole-optimization-in-jump-target.js: Added.
(shouldBe):
Source/JavaScriptCore:
Our peephole optimization in BytecodeGenerator is (1) rewinding the previous instruction and (2) emit optimized instruction instead.
If we have jump target between the previous instruction and the subsequent instruction, this peephole optimization breaks the jump target.
To prevent it, we had a mechanism disabling peephole optimization, setting m_lastOpcodeID = op_end and checking m_lastOpcodeID when performing
peephole optimization. However, BytecodeGenerator::emitEqualityOpImpl checks `m_lastInstruction->is<OpTypeof>` instead of `m_lastOpcodeID == op_typeof`,
and miss `op_end` case.
This patch makes the following changes.
1. Add canDoPeepholeOptimization method to clarify the intent of `m_lastInstruction = op_end`.
2. Check canDoPeepholeOptimization status before performing peephole optimization in emitJumpIfTrue, emitJumpIfFalse, and emitEqualityOpImpl.
3. Add `ASSERT(canDoPeepholeOptimization())` in fuseCompareAndJump and fuseTestAndJmp to ensure that peephole optimization is allowed.
* bytecompiler/BytecodeGenerator.cpp:
(JSC::BytecodeGenerator::fuseCompareAndJump):
(JSC::BytecodeGenerator::fuseTestAndJmp):
(JSC::BytecodeGenerator::emitJumpIfTrue):
(JSC::BytecodeGenerator::emitJumpIfFalse):
(JSC::BytecodeGenerator::emitEqualityOpImpl):
* bytecompiler/BytecodeGenerator.h:
(JSC::BytecodeGenerator::canDoPeepholeOptimization const):
Commit: 88af82a30b14f2d433b2e1becff08e75842391d9
https://github.com/WebKit/WebKit/commit/88af82a30b14f2d433b2e1becff08e75842391d9
Author: Kocsen Chung <kocsen_chung at apple.com>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M Source/JavaScriptCore/bytecompiler/BytecodeGenerator.cpp
M Source/JavaScriptCore/bytecompiler/BytecodeGenerator.h
Log Message:
-----------
Merge r245403 from safari-607-branch
This fixes the build after the r245047 merge.
* bytecompiler/BytecodeGenerator.cpp:
(JSC::BytecodeGenerator::emitEqualityOpImpl):
(JSC::BytecodeGenerator::emitEqualityOp): Deleted.
* bytecompiler/BytecodeGenerator.h:
(JSC::BytecodeGenerator::emitEqualityOp):
Commit: 36298f1452bce0c3a77a674a152f709ac31dcf37
https://github.com/WebKit/WebKit/commit/36298f1452bce0c3a77a674a152f709ac31dcf37
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/string-ident-use-clears-abstract-value-if-rope-string-constant-is-held.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/dfg/DFGAbstractValue.cpp
Log Message:
-----------
Merge r245071 - Invalid DFG JIT genereation in high CPU usage state
https://bugs.webkit.org/show_bug.cgi?id=197453
Reviewed by Saam Barati.
JSTests:
* stress/string-ident-use-clears-abstract-value-if-rope-string-constant-is-held.js: Added.
(trigger):
(main):
Source/JavaScriptCore:
We have a DFG graph like this.
a: JSConstant(rope JSString)
b: CheckStringIdent(Check:StringUse:@a)
... AI think this is unreachable ...
When executing StringUse edge filter onto @a, AbstractValue::filterValueByType clears AbstractValue and makes it None.
This is because @a constant produces SpecString (SpecStringVar | SpecStringIdent) while StringUse edge filter requires
SpecStringIdent. AbstractValue::filterValueByType has an assumption that the JS constant always produces the same
SpeculatedType. So it clears AbstractValue completely.
But this assumption is wrong. JSString can produce SpecStringIdent later if the string is resolved to AtomicStringImpl.
AI think that we always fail. But once the string is resolved to AtomicStringImpl, we pass this check. So we execute
the breakpoint emitted by DFG since DFG think this is unreachable.
In this patch, we just clear the `m_value` if AbstractValue type filter fails with the held constant, since the constant
may produce a narrower type which can meet the type filter later.
* dfg/DFGAbstractValue.cpp:
(JSC::DFG::AbstractValue::filterValueByType):
Commit: 7e0c908b67c84c1dc962eedd7b288203c74a56e9
https://github.com/WebKit/WebKit/commit/7e0c908b67c84c1dc962eedd7b288203c74a56e9
Author: Alan Bujtas <zalan at apple.com>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/fast/ruby/continuation-and-column-spanner-crash-expected.txt
A LayoutTests/fast/ruby/continuation-and-column-spanner-crash.html
M Source/WebCore/ChangeLog
M Source/WebCore/rendering/updating/RenderTreeBuilder.cpp
M Source/WebCore/rendering/updating/RenderTreeBuilderContinuation.cpp
Log Message:
-----------
Merge r245158 - Do not mix inline and block level boxes.
https://bugs.webkit.org/show_bug.cgi?id=197462
<rdar://problem/50369362>
Reviewed by Antti Koivisto.
Source/WebCore:
This patch tightens the remove-anonymous-wrappers logic by checking if the removal would
produce an inline-block sibling mix.
When a block level box is removed from the tree, we check if after the removal the anonymous sibling block
boxes are still needed or whether we can removed them as well (and have only inline level child boxes).
In addition to checking if the container is anonymous and is part of a continuation, we also need to check
if collapsing it (and by that moving its children one level up) would cause a inline-block box mix.
Test: fast/ruby/continuation-and-column-spanner-crash.html
* rendering/updating/RenderTreeBuilder.cpp:
(WebCore::RenderTreeBuilder::removeAnonymousWrappersForInlineChildrenIfNeeded):
* rendering/updating/RenderTreeBuilderContinuation.cpp:
(WebCore::RenderTreeBuilder::Continuation::cleanupOnDestroy):
LayoutTests:
* fast/ruby/continuation-and-column-spanner-crash-expected.txt: Added.
* fast/ruby/continuation-and-column-spanner-crash.html: Added.
Commit: fad4e2e7769e5e466dd70f5aa726acc1ad97066c
https://github.com/WebKit/WebKit/commit/fad4e2e7769e5e466dd70f5aa726acc1ad97066c
Author: Brent Fulgham <bfulgham at webkit.org>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/css/CSSFontFace.cpp
Log Message:
-----------
Merge r245190 - Gracefully handle inaccessible font face data
https://bugs.webkit.org/show_bug.cgi?id=197762
<rdar://problem/50433861>
Reviewed by Per Arne Vollan.
Make sure CSS Font Face handling gracefully recovers from
missing font data.
Test: fast/text/missing-font-crash.html
* css/CSSFontFace.cpp:
(WebCore::CSSFontFace::fontLoadEventOccurred):
(WebCore::CSSFontFace::timeoutFired):
(WebCore::CSSFontFace::fontLoaded):
(WebCore::CSSFontFace::font):
Commit: 06c0088746b3afff7827a145897dae46c0950159
https://github.com/WebKit/WebKit/commit/06c0088746b3afff7827a145897dae46c0950159
Author: Chris Dumez <cdumez at apple.com>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/WebProcessProxy.cpp
Log Message:
-----------
Merge r245298 - Crash under WebKit::WebProcessProxy::didBecomeUnresponsive()
https://bugs.webkit.org/show_bug.cgi?id=197883
<rdar://problem/50665984>
Reviewed by Alex Christensen.
Protect |this| in didBecomeUnresponsive() and didExceedCPULimit() since we call client
delegates and those may cause |this| to get destroyed.
* UIProcess/WebProcessProxy.cpp:
(WebKit::WebProcessProxy::didBecomeUnresponsive):
(WebKit::WebProcessProxy::didExceedCPULimit):
Commit: 98471340832e148c496a4abb39cc3364683edff4
https://github.com/WebKit/WebKit/commit/98471340832e148c496a4abb39cc3364683edff4
Author: Alex Christensen <achristensen at webkit.org>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/WebPageProxy.cpp
Log Message:
-----------
Merge r244970 - Null check m_mainFrame in WebPageProxy.cpp
https://bugs.webkit.org/show_bug.cgi?id=197618
<rdar://problem/47463054>
Patch by Alex Christensen <achristensen at webkit.org> on 2019-05-06
Reviewed by Geoffrey Garen.
It's already null checked in some places, and the places where it isn't are causing crashes.
Let's fix all of them.
* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::decidePolicyForNavigationAction):
(WebKit::WebPageProxy::decidePolicyForNewWindowAction):
(WebKit::WebPageProxy::createNewPage):
Commit: afcb36f1834f256818dcfe0e8923b92fba850c85
https://github.com/WebKit/WebKit/commit/afcb36f1834f256818dcfe0e8923b92fba850c85
Author: Chris Dumez <cdumez at apple.com>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/http/tests/security/showModalDialog-sync-cross-origin-page-load2-expected.txt
A LayoutTests/http/tests/security/showModalDialog-sync-cross-origin-page-load2.html
M Source/WebCore/ChangeLog
M Source/WebCore/bindings/js/ScriptController.cpp
M Source/WebCore/bindings/js/ScriptController.h
M Source/WebCore/html/HTMLFrameElementBase.cpp
Log Message:
-----------
Merge r245538 - Fix security check in ScriptController::canAccessFromCurrentOrigin()
https://bugs.webkit.org/show_bug.cgi?id=196730
<rdar://problem/49731231>
Reviewed by Ryosuke Niwa.
Source/WebCore:
Fix security check in ScriptController::canAccessFromCurrentOrigin() when there is no
current JS exec state. Instead of returning true unconditionally, we now fall back to
using the accessing document's origin for the security check. The new behavior is
aligned with Blink:
https://cs.chromium.org/chromium/src/third_party/blink/renderer/core/html/html_frame_element_base.cc?rcl=d3f22423d512b45466f1694020e20da9e0c6ee6a&l=62
This fix is based on a patch from Sergei Glazunov <glazunov at google.com>.
Test: http/tests/security/showModalDialog-sync-cross-origin-page-load2.html
* bindings/js/ScriptController.cpp:
(WebCore::ScriptController::canAccessFromCurrentOrigin):
* bindings/js/ScriptController.h:
* html/HTMLFrameElementBase.cpp:
(WebCore::HTMLFrameElementBase::isURLAllowed const):
LayoutTests:
Add layout test coverage.
* http/tests/security/showModalDialog-sync-cross-origin-page-load2-expected.txt: Added.
* http/tests/security/showModalDialog-sync-cross-origin-page-load2.html: Added.
Commit: ca5abfc58db9d65e868efc68c2cfc456fe1da1a7
https://github.com/WebKit/WebKit/commit/ca5abfc58db9d65e868efc68c2cfc456fe1da1a7
Author: Alan Coon <alancoon at apple.com>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/regexp-many-named-sequential-capture-groups.js
A JSTests/stress/regexp-many-unnamed-sequential-capture-groups.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/runtime/MatchResult.h
M Source/JavaScriptCore/runtime/RegExpInlines.h
M Source/JavaScriptCore/runtime/VM.h
M Source/JavaScriptCore/yarr/YarrJIT.cpp
M Source/JavaScriptCore/yarr/YarrJIT.h
Log Message:
-----------
Merge r245926 - Cleanup Yarr regexp code around paren contexts.
https://bugs.webkit.org/show_bug.cgi?id=198063
Reviewed by Yusuke Suzuki.
JSTests:
* stress/regexp-many-named-sequential-capture-groups.js: Added.
(i.s):
* stress/regexp-many-unnamed-sequential-capture-groups.js: Added.
Source/JavaScriptCore:
There are three refactoring changes around paren contexts:
1. Make EncodedMatchResult the same type as MatchResult on X86_64 and arm64 and uint64_t elsewhere.
2. All function pointer types for Yarr JIT generated code reserve space for paren contexts.
3. initParenContextFreeList should bail based on VM::patternContextBufferSize as that's the buffer size anyway.
* runtime/MatchResult.h:
(JSC::MatchResult::MatchResult):
* runtime/RegExpInlines.h:
(JSC::PatternContextBufferHolder::PatternContextBufferHolder):
(JSC::PatternContextBufferHolder::~PatternContextBufferHolder):
(JSC::PatternContextBufferHolder::size):
(JSC::RegExp::matchInline):
* runtime/VM.h:
* yarr/YarrJIT.cpp:
(JSC::Yarr::YarrGenerator::initParenContextFreeList):
* yarr/YarrJIT.h:
(JSC::Yarr::YarrCodeBlock::execute):
Commit: 065089c156383491e43f5dcf05265e2e05fb2452
https://github.com/WebKit/WebKit/commit/065089c156383491e43f5dcf05265e2e05fb2452
Author: Michael Saboff <msaboff at apple.com>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/regexp-large-paren-context.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/yarr/YarrJIT.cpp
Log Message:
-----------
Merge r245815 - [YARR] Properly handle RegExp's that require large ParenContext space
https://bugs.webkit.org/show_bug.cgi?id=198065
Reviewed by Keith Miller.
JSTests:
New test.
* stress/regexp-large-paren-context.js: Added.
(testLargeRegExp):
Source/JavaScriptCore:
Changed what happens when we exceed VM::patternContextBufferSize when compiling a RegExp
that needs ParenCOntextSpace to fail the RegExp JIT compilation and fall back to the YARR
interpreter. This can save large amounts of JIT memory for a
JIT'ed function that cannot ever succeed.
* yarr/YarrJIT.cpp:
(JSC::Yarr::YarrGenerator::initParenContextFreeList):
(JSC::Yarr::YarrGenerator::compile):
Commit: fcb1cbc875ec6aca9cf829f5981023c1055ca5f4
https://github.com/WebKit/WebKit/commit/fcb1cbc875ec6aca9cf829f5981023c1055ca5f4
Author: Michael Catanzaro <mcatanzaro at gnome.org>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/runtime/MatchResult.h
Log Message:
-----------
Merge r246792 - REGRESSION(r245586): static assertion failed: Match result and EncodedMatchResult should be the same size
https://bugs.webkit.org/show_bug.cgi?id=198518
Reviewed by Keith Miller.
r245586 made some bad assumptions about the size of size_t, which we can solve using the
CPU(ADDRESS32) guard that I didn't know about.
This solution was developed by Mark Lam and Keith Miller. I'm just preparing the patch.
* runtime/MatchResult.h:
Commit: 71cc05f35e279ef409534f5267a5d3fa5c6a9671
https://github.com/WebKit/WebKit/commit/71cc05f35e279ef409534f5267a5d3fa5c6a9671
Author: Keith Miller <keith_miller at apple.com>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M Source/bmalloc/ChangeLog
M Source/bmalloc/bmalloc/IsoDirectory.h
M Source/bmalloc/bmalloc/IsoDirectoryInlines.h
M Source/bmalloc/bmalloc/IsoHeapImpl.h
M Source/bmalloc/bmalloc/IsoHeapImplInlines.h
M Source/bmalloc/bmalloc/IsoTLS.cpp
M Source/bmalloc/bmalloc/ProcessCheck.mm
R Source/bmalloc/test/testbmalloc.cpp
M Tools/ChangeLog
A Tools/TestWebKitAPI/Tests/WTF/bmalloc/IsoHeap.cpp
Log Message:
-----------
Merge r245908 - IsoHeaps don't notice uncommitted VA becoming the first eligible.
https://bugs.webkit.org/show_bug.cgi?id=198301
Reviewed by Yusuke Suzuki.
Source/bmalloc:
IsoDirectory has a firstEligible member that is used as an
optimization to help find the first fit. However if the scavenger
decommitted a page before firstEligible then we wouldn't move
firstEligible. Thus, if no space is ever freed below firstEligible
we will never reused the decommitted memory (e.g. if the VA page
is decommitted). The fix is to make IsoDirectory::didDecommit move
the firstEligible page back if the decommitted page is smaller
than the current firstEligible. As such, this patch renames
firstEligible to firstEligibleOrDecommitted.
Also, this patch changes gigacageEnabledForProcess to check if the
process starts with Test rather than just test as TestWTF does.
Lastly, unbeknownst to me IsoHeaps are dependent on gigacage, so
by removing gigacage from arm64 I accidentally disabled
IsoHeaps...
* bmalloc.xcodeproj/project.pbxproj:
* bmalloc/IsoDirectory.h:
* bmalloc/IsoDirectoryInlines.h:
(bmalloc::passedNumPages>::takeFirstEligible):
(bmalloc::passedNumPages>::didBecome):
(bmalloc::passedNumPages>::didDecommit):
* bmalloc/IsoHeapImpl.h:
* bmalloc/IsoHeapImplInlines.h:
(bmalloc::IsoHeapImpl<Config>::takeFirstEligible):
(bmalloc::IsoHeapImpl<Config>::didBecomeEligibleOrDecommited):
(bmalloc::IsoHeapImpl<Config>::didCommit):
(bmalloc::IsoHeapImpl<Config>::didBecomeEligible): Deleted.
* bmalloc/IsoTLS.cpp:
(bmalloc::IsoTLS::determineMallocFallbackState):
* bmalloc/ProcessCheck.mm:
(bmalloc::gigacageEnabledForProcess):
Tools:
Move testbmalloc.cpp to TestWTF so it runs in automation.
* TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
* TestWebKitAPI/Tests/WTF/bmalloc/IsoHeap.cpp: Renamed from Source/bmalloc/test/testbmalloc.cpp.
(TEST):
Commit: 1966f92b6eba4d000457bae2f6b149e57e4af11c
https://github.com/WebKit/WebKit/commit/1966f92b6eba4d000457bae2f6b149e57e4af11c
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/http/tests/security/cross-frame-access-object-getPrototypeOf-in-put-expected.txt
A LayoutTests/http/tests/security/cross-frame-access-object-getPrototypeOf-in-put.html
A LayoutTests/http/tests/security/resources/cross-frame-iframe-for-object-getPrototypeOf-in-put-test.html
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/runtime/JSArrayInlines.h
M Source/JavaScriptCore/runtime/JSObject.cpp
Log Message:
-----------
Merge r246040 - [JSC] JSObject::attemptToInterceptPutByIndexOnHole should use getPrototype instead of getPrototypeDirect
https://bugs.webkit.org/show_bug.cgi?id=198477
<rdar://problem/51299504>
Reviewed by Saam Barati.
Source/JavaScriptCore:
JSObject::attemptToInterceptPutByIndexOnHole uses getPrototypeDirect, but it should use getPrototype to
handle getPrototype methods in derived JSObject classes correctly.
* runtime/JSArrayInlines.h:
(JSC::JSArray::pushInline):
* runtime/JSObject.cpp:
(JSC::JSObject::putByIndex):
(JSC::JSObject::attemptToInterceptPutByIndexOnHoleForPrototype):
(JSC::JSObject::attemptToInterceptPutByIndexOnHole):
(JSC::JSObject::putByIndexBeyondVectorLength):
LayoutTests:
Ensure that JSWindow::getPrototype is used.
* http/tests/security/cross-frame-access-object-getPrototypeOf-in-put-expected.txt: Added.
* http/tests/security/cross-frame-access-object-getPrototypeOf-in-put.html: Added.
* http/tests/security/resources/cross-frame-iframe-for-object-getPrototypeOf-in-put-test.html: Added.
Commit: fcfa1a39b44b3bdfc526ab089d2c97151c4afe50
https://github.com/WebKit/WebKit/commit/fcfa1a39b44b3bdfc526ab089d2c97151c4afe50
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/runtime/JSObject.cpp
Log Message:
-----------
Merge r246084 - Unreviewed, update exception scope for putByIndexBeyondVectorLength
https://bugs.webkit.org/show_bug.cgi?id=198477
* runtime/JSObject.cpp:
(JSC::JSObject::putByIndexBeyondVectorLength):
Commit: f35367579c79ed4541e4cfddf76a3597791ee8ce
https://github.com/WebKit/WebKit/commit/f35367579c79ed4541e4cfddf76a3597791ee8ce
Author: Tadeu Zagallo <tzagallo at apple.com>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M JSTests/ChangeLog
M Source/JavaScriptCore/ChangeLog
Log Message:
-----------
Merge r246071 - Argument elimination should check for negative indices in GetByVal
https://bugs.webkit.org/show_bug.cgi?id=198302
<rdar://problem/51188095>
Reviewed by Filip Pizlo.
JSTests:
* stress/eliminate-arguments-negative-rest-access.js: Added.
(inlinee):
(opt):
Source/JavaScriptCore:
In DFG::ArgumentEliminationPhase, the index is treated as unsigned, but there's no check
for overflow in the addition. In compileGetMyArgumentByVal, there's a check for overflow,
but the index is treated as signed, resulting in an index lower than numberOfArgumentsToSkip.
* dfg/DFGArgumentsEliminationPhase.cpp:
* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileGetMyArgumentByVal):
Commit: 66c48fbfa6dd8da20dfb39cc2c5d39f7feb6d89b
https://github.com/WebKit/WebKit/commit/66c48fbfa6dd8da20dfb39cc2c5d39f7feb6d89b
Author: Kocsen Chung <kocsen_chung at apple.com>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/argument-elimination-inline-rest-past-kill.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/dfg/DFGArgumentsEliminationPhase.cpp
Log Message:
-----------
Merge r246420 - Argument elimination should check transitive dependents for interference
https://bugs.webkit.org/show_bug.cgi?id=198520
<rdar://problem/50863343>
Reviewed by Filip Pizlo.
JSTests:
* stress/argument-elimination-inline-rest-past-kill.js: Added.
(f2):
(f3):
Source/JavaScriptCore:
Consider the following program:
a: CreateRest
-->
b: CreateRest
<--
c: Spread(@a)
d: Spread(@b)
e: NewArrayWithSpread(@a, @b)
f: KillStack(locX)
g: LoadVarargs(@e)
Suppose @b reads locX, then we cannot transform @e to PhantomNewArraySpread, since that would
move the stack access from @b into @g, and that stack location is no longer valid at that point.
We fix that by computing a set of all inline call frames that any argument elimination candidate
depends on and checking each of them for interference in `eliminateCandidatesThatInterfere`.
* dfg/DFGArgumentsEliminationPhase.cpp:
Commit: b24a5a0d6312f71461775871da730f80a8157cd1
https://github.com/WebKit/WebKit/commit/b24a5a0d6312f71461775871da730f80a8157cd1
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/poly-call-stub-slow-path-should-restore-callee-saves-when-doing-tail-call-apply.js
A JSTests/stress/poly-call-stub-slow-path-should-restore-callee-saves-when-doing-tail-call-no-builtin.js
A JSTests/stress/poly-call-stub-slow-path-should-restore-callee-saves-when-doing-tail-call-non-cell.js
A JSTests/stress/poly-call-stub-slow-path-should-restore-callee-saves-when-doing-tail-call.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/bytecode/CallLinkInfo.cpp
M Source/JavaScriptCore/bytecode/CallLinkInfo.h
M Source/JavaScriptCore/jit/Repatch.cpp
M Source/JavaScriptCore/jit/Repatch.h
M Source/JavaScriptCore/jit/ThunkGenerators.cpp
Log Message:
-----------
Merge r246372 - [JSC] Polymorphic call stub's slow path should restore callee saves before performing tail call
https://bugs.webkit.org/show_bug.cgi?id=198770
Reviewed by Saam Barati.
JSTests:
* stress/poly-call-stub-slow-path-should-restore-callee-saves-when-doing-tail-call.js: Added.
(test):
Source/JavaScriptCore:
Polymorphic call stub is a bit specially patched in JS call site. Typical JS call site for tail calls
are the following.
if (callee == patchableCallee) {
restore callee saves for tail call
prepare for tail call
jump to the target function
}
restore callee saves for slow path
call the slow path function
And linking patches patchableCallee, target function, and slow path function. But polymorphic call stub
patches the above `if` statement with the jump to the stub.
jump to the polymorphic call stub
This is because polymorphic call stub wants to use CallFrameShuffler to get scratch registers. As a result,
"restore callee saves for tail call" thing needs to be done in the polymorphic call stubs. While it is
correctly done for the major cases, we have `slowPath` skips, and that path missed restoring callee saves.
This skip happens if the callee is non JSCell or non JS function, so typically, InternalFunction is handled
in that path.
This patch does that skips after restoring callee saves.
* bytecode/CallLinkInfo.cpp:
(JSC::CallLinkInfo::CallLinkInfo):
* bytecode/CallLinkInfo.h:
(JSC::CallLinkInfo::setUpCall):
(JSC::CallLinkInfo::calleeGPR):
(JSC::CallLinkInfo::setCalleeGPR): Deleted.
* jit/Repatch.cpp:
(JSC::revertCall):
(JSC::linkVirtualFor):
(JSC::linkPolymorphicCall):
* jit/Repatch.h:
* jit/ThunkGenerators.cpp:
(JSC::virtualThunkFor):
Commit: 5ebcbfa7fc6079738854061129eafcbbad07ce9c
https://github.com/WebKit/WebKit/commit/5ebcbfa7fc6079738854061129eafcbbad07ce9c
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M JSTests/ChangeLog
M Source/JavaScriptCore/ChangeLog
Log Message:
-----------
Merge r246505 - [JSC] Introduce DisposableCallSiteIndex to enforce type-safety
https://bugs.webkit.org/show_bug.cgi?id=197378
Reviewed by Saam Barati.
JSTests:
* stress/disposable-call-site-index-with-call-and-this.js: Added.
(foo):
(bar):
* stress/disposable-call-site-index.js: Added.
(foo):
(bar):
Source/JavaScriptCore:
Some of CallSiteIndex are disposable. This is because some of CallSiteIndex are allocated and freed at runtime (not DFG/FTL compile time).
The example is CallSiteIndex for exception handler in GCAwareJITStubRoutineWithExceptionHandler. If we do not allocate and free CallSiteIndex,
we will create a new CallSiteIndex continuously and leak memory.
The other CallSiteIndex are not simply disposable because the ownership model is not unique one. They can be shared between multiple clients.
But not disposing them is OK because they are static one: they are allocated when compiling DFG/FTL, and we do not allocate such CallSiteIndex
at runtime.
To make this difference explicit and avoid disposing non-disposable CallSiteIndex accidentally, we introduce DisposableCallSiteIndex type, and
enforce type-safety to some degree.
We also correctly update the DisposableCallSiteIndex => CodeOrigin table when we are reusing the previously used DisposableCallSiteIndex.
* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::newExceptionHandlingCallSiteIndex):
(JSC::CodeBlock::removeExceptionHandlerForCallSite):
* bytecode/CodeBlock.h:
* bytecode/PolymorphicAccess.cpp:
(JSC::AccessGenerationState::callSiteIndexForExceptionHandling):
(JSC::PolymorphicAccess::regenerate):
* bytecode/PolymorphicAccess.h:
(JSC::AccessGenerationState::callSiteIndexForExceptionHandling): Deleted.
* dfg/DFGCommonData.cpp:
(JSC::DFG::CommonData::addUniqueCallSiteIndex):
(JSC::DFG::CommonData::addDisposableCallSiteIndex):
(JSC::DFG::CommonData::removeDisposableCallSiteIndex):
(JSC::DFG::CommonData::removeCallSiteIndex): Deleted.
* dfg/DFGCommonData.h:
* interpreter/CallFrame.h:
(JSC::DisposableCallSiteIndex::DisposableCallSiteIndex):
(JSC::DisposableCallSiteIndex::fromCallSiteIndex):
* jit/GCAwareJITStubRoutine.cpp:
(JSC::GCAwareJITStubRoutineWithExceptionHandler::GCAwareJITStubRoutineWithExceptionHandler):
(JSC::GCAwareJITStubRoutineWithExceptionHandler::observeZeroRefCount):
(JSC::createJITStubRoutine):
* jit/GCAwareJITStubRoutine.h:
* jit/JITInlineCacheGenerator.h:
Commit: 7b1f14bb22c68512fde6d8969282eeab740de769
https://github.com/WebKit/WebKit/commit/7b1f14bb22c68512fde6d8969282eeab740de769
Author: Tadeu Zagallo <tzagallo at apple.com>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/heap/Heap.cpp
Log Message:
-----------
Merge r246507 - Concurrent GC should check the conn before starting a new collection cycle
https://bugs.webkit.org/show_bug.cgi?id=198913
<rdar://problem/49515149>
Reviewed by Filip Pizlo.
Heap::requestCollection tries to steal the conn as an optimization to avoid waking up the collector
thread if it's idle. We determine if the collector is idle by ensuring that there are no pending collections
and that the current GC phase is NotRunning. However, that's not safe immediately after the concurrent
GC has finished processing the last pending request. The collector thread will runEndPhase and immediately
start runNotRunningPhase, without checking if it still has the conn. If the mutator has stolen the conn in
the mean time, this will lead to both threads collecting concurrently, and eventually we'll crash in checkConn,
since the collector is running but doesn't have the conn anymore.
To solve this, we check if we still have the conn after holding the lock in runNotRunningPhase, in case the mutator
has stolen the conn. Ideally, we wouldn't let the mutator steal the conn in the first place, but that doesn't seem
trivial to determine.
* heap/Heap.cpp:
(JSC::Heap::runNotRunningPhase):
Commit: d361157fc74726027c7f68bd6619f30b255ee191
https://github.com/WebKit/WebKit/commit/d361157fc74726027c7f68bd6619f30b255ee191
Author: Tadeu Zagallo <tzagallo at apple.com>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/heap/Heap.cpp
M Source/JavaScriptCore/heap/Heap.h
Log Message:
-----------
Merge r247426 - Concurrent GC should not rely on current phase to determine if it's safe to steal conn
https://bugs.webkit.org/show_bug.cgi?id=199786
<rdar://problem/52505197>
Reviewed by Saam Barati.
In r246507, we fixed a race condition in the concurrent GC where the mutator might steal
the conn from the collector thread while it transitions from the End phase to NotRunning.
However, that fix was not sufficient. In the case that the mutator steals the conn, and the
execution interleaves long enough for the mutator to progress to a different collection phase,
the collector will resume in a phase other than NotRunning, and hence the check added to
NotRunning will not suffice. To fix that, we add a new variable to track whether the collector
thread is running (m_collectorThreadIsRunning) and use it to determine whether it's safe to
steal the conn, rather than relying on m_currentPhase.
* heap/Heap.cpp:
(JSC::Heap::runNotRunningPhase):
(JSC::Heap::requestCollection):
* heap/Heap.h:
Commit: d50b3f76ffefa8c091d7718fe6ed47ac51ab4f78
https://github.com/WebKit/WebKit/commit/d50b3f76ffefa8c091d7718fe6ed47ac51ab4f78
Author: Keith Miller <keith_miller at apple.com>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/runtime/JSObject.h
M Source/JavaScriptCore/runtime/Structure.cpp
M Source/JavaScriptCore/runtime/Structure.h
M Source/JavaScriptCore/runtime/StructureInlines.h
Log Message:
-----------
Merge r246801 - Structure::create should call didBecomePrototype()
https://bugs.webkit.org/show_bug.cgi?id=196315
Reviewed by Filip Pizlo.
Structure::create should also assert that the indexing type makes sense
for the prototype being used.
* runtime/JSObject.h:
* runtime/Structure.cpp:
(JSC::Structure::isValidPrototype):
(JSC::Structure::changePrototypeTransition):
* runtime/Structure.h:
(JSC::Structure::create): Deleted.
* runtime/StructureInlines.h:
(JSC::Structure::create):
(JSC::Structure::setPrototypeWithoutTransition):
Commit: 8e3d21434dcbef87e8c7bb27e90b85a492be53b0
https://github.com/WebKit/WebKit/commit/8e3d21434dcbef87e8c7bb27e90b85a492be53b0
Author: Keith Miller <keith_miller at apple.com>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/bindings/js/JSWindowProxy.cpp
M Source/WebCore/bindings/js/WorkerScriptController.cpp
M Source/WebCore/worklets/WorkletScriptController.cpp
Log Message:
-----------
Merge r246801 - Add didBecomePrototype() calls to global context prototypes
https://bugs.webkit.org/show_bug.cgi?id=199202
Reviewed by Mark Lam.
This fixes some crashes related to asserting that all prototypes
have been marked as such in JSC from
https://trac.webkit.org/changeset/246801. It's ok to call
didBecomePrototype here as we setting up the world state right now
so we won't be having a bad time.
We don't automatically call didBecomePrototype() for
setPrototypeWithoutTransition because existing objects may already
have this structure so it seems more reasonable to be explicit
there.
* bindings/js/JSWindowProxy.cpp:
(WebCore::JSWindowProxy::setWindow):
* bindings/js/WorkerScriptController.cpp:
(WebCore::WorkerScriptController::initScript):
* worklets/WorkletScriptController.cpp:
(WebCore::WorkletScriptController::initScriptWithSubclass):
Commit: f2119a01da7423e622e52f39021ae2732df5777e
https://github.com/WebKit/WebKit/commit/f2119a01da7423e622e52f39021ae2732df5777e
Author: Keith Miller <keith_miller at apple.com>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M Source/WebCore/ChangeLog
Log Message:
-----------
Merge r246808 - Add didBecomePrototype() calls to global context prototypes
https://bugs.webkit.org/show_bug.cgi?id=199202
Reviewed by Mark Lam.
This fixes some crashes related to asserting that all prototypes
have been marked as such in JSC from
https://trac.webkit.org/changeset/246801. It's ok to call
didBecomePrototype here as we setting up the world state right now
so we won't be having a bad time.
We don't automatically call didBecomePrototype() for
setPrototypeWithoutTransition because existing objects may already
have this structure so it seems more reasonable to be explicit
there.
* bindings/js/JSWindowProxy.cpp:
(WebCore::JSWindowProxy::setWindow):
* bindings/js/WorkerScriptController.cpp:
(WebCore::WorkerScriptController::initScript):
* worklets/WorkletScriptController.cpp:
(WebCore::WorkletScriptController::initScriptWithSubclass):
Commit: 14d995d4261271b0043381d991ac93def9eb3e42
https://github.com/WebKit/WebKit/commit/14d995d4261271b0043381d991ac93def9eb3e42
Author: Ryosuke Niwa <rniwa at webkit.org>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/editing/pasteboard/paste-contents-with-side-effects-expected.txt
A LayoutTests/editing/pasteboard/paste-contents-with-side-effects.html
M Source/WebCore/ChangeLog
M Source/WebCore/editing/ReplaceSelectionCommand.cpp
Log Message:
-----------
Merge r246868 - ReplacementFragment should not have script observable side effects
https://bugs.webkit.org/show_bug.cgi?id=199147
Reviewed by Wenson Hsieh.
Source/WebCore:
Fixed the bug that ReplacementFragment has script observable side effects.
Use a brand new document for sanitization where the script is disabled for test rendering,
and remove style and script elements as well as event handlers before the test rendering
and the actual pasting.
Test: editing/pasteboard/paste-contents-with-side-effects.html
* editing/ReplaceSelectionCommand.cpp:
(WebCore::ReplacementFragment::document): Deleted.
(WebCore::ReplacementFragment::ReplacementFragment): Use createPageForSanitizingWebContent
to create our own document for test rendering. We need to copy over the computed style
from the root editable element (editing host) to respect whitespace treatment, etc...
(WebCore::ReplacementFragment::removeContentsWithSideEffects): Moved from removeHeadContents.
Now removes event handlers and JavaScript URLs.
(WebCore::ReplacementFragment::insertFragmentForTestRendering): Renamed variable names.
(WebCore::ReplaceSelectionCommand::willApplyCommand): Create the plain text and HTML markup
for beforeinput and input events before ReplacementFragment removes contents with side effects.
(WebCore::ReplaceSelectionCommand::ensureReplacementFragment): The removal of head elements
is now done in ReplacementFragment's constructor.
LayoutTests:
Added regression tests.
* editing/pasteboard/paste-contents-with-side-effects-expected.txt: Added.
* editing/pasteboard/paste-contents-with-side-effects.html: Added.
Commit: 5957d1ad9760de6945fa51e8c17b3796185e5ffb
https://github.com/WebKit/WebKit/commit/5957d1ad9760de6945fa51e8c17b3796185e5ffb
Author: Brady Eidson <beidson at apple.com>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/bindings/js/ScriptController.cpp
M Source/WebCore/loader/DocumentWriter.cpp
M Source/WebCore/loader/DocumentWriter.h
M Source/WebCore/loader/FrameLoader.cpp
M Source/WebCore/loader/FrameLoader.h
Log Message:
-----------
Merge r247017 - More judiciously handle clearing/creation of DOMWindows for new Documents.
<rdar://problem/51665406> and https://bugs.webkit.org/show_bug.cgi?id=198786
Reviewed by Chris Dumez.
* bindings/js/ScriptController.cpp:
(WebCore::ScriptController::executeIfJavaScriptURL):
* loader/DocumentWriter.cpp:
(WebCore::DocumentWriter::replaceDocumentWithResultOfExecutingJavascriptURL): Rename for clarity.
(WebCore::DocumentWriter::begin): Handle DOMWindow taking/creation inside FrameLoader::clear via a lambda.
(WebCore::DocumentWriter::replaceDocument): Deleted.
* loader/DocumentWriter.h:
* loader/FrameLoader.cpp:
(WebCore::FrameLoader::clear): Take a "handleDOMWindowCreation" lambda to run after clearing the previous document.
* loader/FrameLoader.h:
Commit: baba70e4dfb929b7c134b43b437e44ca4eaf2431
https://github.com/WebKit/WebKit/commit/baba70e4dfb929b7c134b43b437e44ca4eaf2431
Author: Chris Dumez <cdumez at apple.com>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/http/tests/security/navigate-when-restoring-cached-page-expected.txt
A LayoutTests/http/tests/security/navigate-when-restoring-cached-page.html
A LayoutTests/http/tests/security/resources/navigate-when-restoring-cached-page-frame.html
A LayoutTests/http/tests/security/resources/navigate-when-restoring-cached-page-victim.html
M Source/WebCore/ChangeLog
M Source/WebCore/history/CachedFrame.cpp
M Source/WebCore/loader/FrameLoader.cpp
Log Message:
-----------
Merge r247025 - It should not be possible to trigger a load while in the middle of restoring a page in PageCache
https://bugs.webkit.org/show_bug.cgi?id=199190
<rdar://problem/52114552>
Reviewed by Brady Eidson.
Source/WebCore:
Test: http/tests/security/navigate-when-restoring-cached-page.html
* history/CachedFrame.cpp:
(WebCore::CachedFrame::open):
Stop attaching the cached document before calling FrameLoader::open() given that the previous document
is still attached to the frame at this point. This avoids having 2 documents attached to the same frame
during a short period of time.
* loader/FrameLoader.cpp:
(WebCore::FrameLoader::open):
We now attach the cached document to the frame *after* calling FrameLoader::clear(), which means that
the previous document now has been detached from this frame.
(WebCore::FrameLoader::detachChildren):
As per the HTML specification [1], an attempt to navigate should fail if the prompt to unload algorithm
is being run for the active document of browsingContext. Note that the "prompt to unload" algorithm [2]
includes firing the 'unload' event in the current document and in all the documents in the subframes.
As a result, FrameLoader::detachChildren() is the right prevent such navigations. We were actually trying
to do this via the SubframeLoadingDisabler stack variable inside detachChildren(). The issue is that this
only prevents navigation in the subframes (i.e. <iframe> elements), not the main frame. As a result,
script would be able to navigate the top-frame even though detachChildren() is being called on the top
frame. To address the issue, I now create a NavigationDisabler variable in the scope of detachChildren()
when detachChildren() is called on the top frame. NavigationDisabler prevents all navigations within the
page, including navigations on the main/top frame.
[1] https://html.spec.whatwg.org/multipage/browsing-the-web.html#navigate
[2] https://html.spec.whatwg.org/multipage/browsing-the-web.html#prompt-to-unload-a-document
LayoutTests:
Add layout test coverage.
* http/tests/security/navigate-when-restoring-cached-page-expected.txt: Added.
* http/tests/security/navigate-when-restoring-cached-page.html: Added.
* http/tests/security/resources/navigate-when-restoring-cached-page-frame.html: Added.
* http/tests/security/resources/navigate-when-restoring-cached-page-victim.html: Added.
Commit: e5016783d27c9bf211215e300c4893a4211f8453
https://github.com/WebKit/WebKit/commit/e5016783d27c9bf211215e300c4893a4211f8453
Author: Said Abou-Hallawa <sabouhallawa at apple.com>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/page/animation/CSSAnimationController.cpp
Log Message:
-----------
Merge r247121 - The destructor of CSSAnimationControllerPrivate must explicitly clear the composite animations
https://bugs.webkit.org/show_bug.cgi?id=199415
Reviewed by Simon Fraser.
After the destructor of CSSAnimationControllerPrivate exists, the non
static members are deleted. When the HashMap m_compositeAnimations is
deleted, its entries are deleted. The destructor of CompositeAnimation
calls the method CSSAnimationControllerPrivate::animationWillBeRemoved()
back through its back reference m_animationController. The non static
members of CSSAnimationControllerPrivate are being deleted and it is
incorrect to try to use any of these members after exiting the destructor.
We need to explicitly clear the composite animations before exiting the
destructor of CSSAnimationControllerPrivate.
* page/animation/CSSAnimationController.cpp:
(WebCore::CSSAnimationControllerPrivate::~CSSAnimationControllerPrivate):
Commit: f847c7037fa8df87a4672c4b1a873ad492129de7
https://github.com/WebKit/WebKit/commit/f847c7037fa8df87a4672c4b1a873ad492129de7
Author: Philippe Normand <pnormand at igalia.com>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp
Log Message:
-----------
Merge r247204 - [GStreamer] The CREATE_TRACK macro is messed up
https://bugs.webkit.org/show_bug.cgi?id=199356
Reviewed by Xabier Rodriguez-Calvar.
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
(WebCore::MediaPlayerPrivateGStreamer::updateTracks): Fix the
CREATE_TRACK macro for !VIDEO_TRACK builds.
Commit: 3a8d0d21d460600f4db57f62ad9da863b947f971
https://github.com/WebKit/WebKit/commit/3a8d0d21d460600f4db57f62ad9da863b947f971
Author: Charlie Turner <cturner at igalia.com>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M LayoutTests/ChangeLog
M LayoutTests/media/video-volume-expected.txt
M LayoutTests/media/video-volume.html
Log Message:
-----------
Merge r247207 - [GStreamer] media/video-volume.html broken after switching from cubic to linear scaling
https://bugs.webkit.org/show_bug.cgi?id=199505
Reviewed by Xabier Rodriguez-Calvar.
PulseAudio has a conversion process from volume's in
double-precision to uint32_t volumes. Depending on the environment
can introduce rounding errors. Be more lenient in our comparison
code.
* media/video-volume-expected.txt: Update baseline
* media/video-volume.html: Compare volume values within a
reasonable tolerance.
Commit: ecb1272061c619c7904058858a99aa048cc00649
https://github.com/WebKit/WebKit/commit/ecb1272061c619c7904058858a99aa048cc00649
Author: Charlie Turner <cturner at igalia.com>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp
M Tools/ChangeLog
A Tools/gstreamer/patches/gst-plugins-bad-do-not-retry-downloads-during-shutdown.patch
Log Message:
-----------
Merge r247215 - REGRESSION(r243197): [GStreamer] Web process hangs when scrolling twitter timeline which contains HLS videos
https://bugs.webkit.org/show_bug.cgi?id=197558
Reviewed by Xabier Rodriguez-Calvar.
Source/WebCore:
Not covered, I have a test locally that would probably trigger the
deadlock if the network requests took a realistic amount of time,
but from a local webserver the window of time to hit this deadlock
is too narrow.
* platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
(webkit_web_src_init): Make the websrc start asynchronously, this
allows the main thread to be free to complete resource loader
setup.
(webKitWebSrcCreate): Calling start() from the create() vfunc is a
recipe for deadlock, since BaseSrc holds the streaming lock during
seeks, and then calls create(). In these cases, we do not want to
notify async-completion, since we've already completed from the
necessarily preceeding start() vfunc, and calling it again would
require the stream-lock and deadlock us.
(webKitWebSrcStart): Refactor to use webKitWebSrcMakeRequest, but
ensuring that we do perform an async-complete notification.
(webKitWebSrcMakeRequest): What Start() used to be, but now can be
toggled when to notify of async-completion. Start() no longer
blocks, since the return value of initiating a resource loader is
of no interest to the callers.
(webKitWebSrcCloseSession): Similarly to Start(), we do not need
to wait for the completion of cancelled net requests.
Tools:
On shutdown we can easily deadlock the web process if we don't
ensure all network operations are completed before comitting state
changes. In HLS, make sure the network operations are cancelled,
and also prevent hlsdemux's retry logic from scuppering our
efforts.
* gstreamer/jhbuild.modules: Include the patch.
* gstreamer/patches/gst-plugins-bad-do-not-retry-downloads-during-shutdown.patch: Added.
Commit: 3c14320cd30c48a8f0331475f327f983ba33dfaf
https://github.com/WebKit/WebKit/commit/3c14320cd30c48a8f0331475f327f983ba33dfaf
Author: Enrique Ocaña González <eocanha at igalia.com>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp
Log Message:
-----------
Merge r247298 - [GStreamer] Protect against null samples and samples with null buffers
https://bugs.webkit.org/show_bug.cgi?id=199619
Reviewed by Philippe Normand.
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
(WebCore::GstVideoFrameHolder::GstVideoFrameHolder): Assert to enforce non-null samples.
(WebCore::GstVideoFrameHolder::updateTexture): Protect against null m_buffer and improperly mapped video frame.
Commit: 7f087e6b6a14e08310836cc5687d7a65e72f0872
https://github.com/WebKit/WebKit/commit/7f087e6b6a14e08310836cc5687d7a65e72f0872
Author: Michael Catanzaro <mcatanzaro at gnome.org>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/UserAgentQuirks.cpp
M Source/WebCore/platform/glib/UserAgentGLib.cpp
Log Message:
-----------
Merge r247427 - [GTK] GitHub breaks on FreeBSD because of "unsupported browser"
https://bugs.webkit.org/show_bug.cgi?id=199745
Reviewed by Carlos Garcia Campos.
It's been a while since I last updated the fake version numbers in our user agent, both for
the user agent quirks for naughty websites and also the Safari version in our standard user
agent. Update them. This should fix github.com on FreeBSD at least. I also noticed some
wonkiness on Google Docs recently that I thought required this update, but I didn't do
anything about it at the time because I wasn't able to reproduce the issue when I tried
again later.
This could absolutely break websites, because the web is awful, but that's calculated risk.
* platform/UserAgentQuirks.cpp:
(WebCore::UserAgentQuirks::stringForQuirk):
* platform/glib/UserAgentGLib.cpp:
(WebCore::buildUserAgentString):
Commit: 65f6dac653fa41693bd89df9bc2a54b2c0c2108e
https://github.com/WebKit/WebKit/commit/65f6dac653fa41693bd89df9bc2a54b2c0c2108e
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/API/glib/WebKitInjectedBundleClient.cpp
Log Message:
-----------
Merge r247507 - [GTK][WPE] Do not assert when receiving invalid data in injected bundle messages
https://bugs.webkit.org/show_bug.cgi?id=199830
Reviewed by Michael Catanzaro.
Just silently ignore them to avoid UI process crashes.
* UIProcess/API/glib/WebKitInjectedBundleClient.cpp:
Commit: 8e5cb23bf47f2c98fa402e80ae66062cb4725e88
https://github.com/WebKit/WebKit/commit/8e5cb23bf47f2c98fa402e80ae66062cb4725e88
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/API/glib/WebKitInjectedBundleClient.cpp
M Source/WebKit/UIProcess/API/glib/WebKitWebResource.cpp
M Source/WebKit/UIProcess/API/glib/WebKitWebResourcePrivate.h
M Source/WebKit/UIProcess/API/glib/WebKitWebView.cpp
M Source/WebKit/UIProcess/API/glib/WebKitWebViewPrivate.h
Log Message:
-----------
Merge r247508 - [WPE][GTK] UI process crash due to NULL dereference in webkitWebViewResourceLoadStarted()
https://bugs.webkit.org/show_bug.cgi?id=199621
Reviewed by Michael Catanzaro.
Null-check frame received in injected bundle message to ensure the frame hasn't been destroyed.
* UIProcess/API/glib/WebKitInjectedBundleClient.cpp:
* UIProcess/API/glib/WebKitWebResource.cpp:
(webkitWebResourceCreate): Receive a reference to the frame instead of a pointer.
* UIProcess/API/glib/WebKitWebResourcePrivate.h:
* UIProcess/API/glib/WebKitWebView.cpp:
(webkitWebViewResourceLoadStarted): Ditto.
* UIProcess/API/glib/WebKitWebViewPrivate.h:
Commit: 9450fdc8438f2f86fb857e5331767380b79cc5fa
https://github.com/WebKit/WebKit/commit/9450fdc8438f2f86fb857e5331767380b79cc5fa
Author: Olivier Blin <olivier.blin at softathome.com>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M LayoutTests/ChangeLog
M LayoutTests/inspector/unit-tests/mimetype-utilities-expected.txt
M LayoutTests/inspector/unit-tests/mimetype-utilities.html
M Source/WebInspectorUI/ChangeLog
M Source/WebInspectorUI/UserInterface/Base/MIMETypeUtilities.js
Log Message:
-----------
Merge r247533 - Web Inspector: application/xml content not shown
https://bugs.webkit.org/show_bug.cgi?id=199861
Patch by Olivier Blin <olivier.blin at softathome.com> on 2019-07-17
Reviewed by Devin Rousso.
Source/WebInspectorUI:
application/xml content from XHR requests was not shown in the
inspector, an error message was displayed instead.
application/xml content should be treated as text, since
application/xml is the standard mimetype for XML content.
Apache serves XML content with the application/xml mimetype by
default.
* UserInterface/Base/MIMETypeUtilities.js:
(WI.fileExtensionForMIMEType):
Report "xml" extension for "application/xml" mimetype.
(WI.shouldTreatMIMETypeAsText):
Treat XML files as text.
LayoutTests:
* inspector/unit-tests/mimetype-utilities-expected.txt:
* inspector/unit-tests/mimetype-utilities.html:
Test for shouldTreatMIMETypeAsText.
Commit: e24680b54008d81a7ccdf67b9eacace13de37c9a
https://github.com/WebKit/WebKit/commit/e24680b54008d81a7ccdf67b9eacace13de37c9a
Author: Charlie Turner <cturner at igalia.com>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp
Log Message:
-----------
Merge r247643 - [GStreamer] Flush get_range calls during PAUSED->READY in WebKitWebSource
https://bugs.webkit.org/show_bug.cgi?id=199934
Reviewed by Xabier Rodriguez-Calvar.
Unit testing not applicable.
* platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
(webKitWebSrcChangeState): A well-behaved element should unblock streaming threads
during a PAUSED->READY transition, so do that here.
Commit: 4b0dfe3b3d75fd89363d10fc9be347b3fb9f8371
https://github.com/WebKit/WebKit/commit/4b0dfe3b3d75fd89363d10fc9be347b3fb9f8371
Author: Alicia Boya Garcia <aboya at igalia.com>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M LayoutTests/imported/w3c/ChangeLog
A LayoutTests/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-video-element/video_crash_empty_src.html
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp
Log Message:
-----------
Merge r247778 - [GStreamer] Don't crash with empty video src
https://bugs.webkit.org/show_bug.cgi?id=200081
LayoutTests/imported/w3c:
Reviewed by Philippe Normand.
* web-platform-tests/html/semantics/embedded-content/the-video-element/video_crash_empty_src.html: Added.
Source/WebCore:
When a <video> element is set to load empty or about:blank, a player is still
created, but no pipeline is loaded. This patch fixes some assertion errors that
manifested in that case.
Reviewed by Philippe Normand.
Test: imported/w3c/web-platform-tests/html/semantics/embedded-content/the-video-element/video_crash_empty_src.html
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
(WebCore::MediaPlayerPrivateGStreamer::loadFull):
(WebCore::MediaPlayerPrivateGStreamer::platformDuration const):
(WebCore::MediaPlayerPrivateGStreamer::paused const):
Commit: 4b44d06dbe17a6903b8dcb8a63e506b78196630d
https://github.com/WebKit/WebKit/commit/4b44d06dbe17a6903b8dcb8a63e506b78196630d
Author: Philippe Normand <pnormand at igalia.com>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp
Log Message:
-----------
Merge r247903 - REGRESSION(r243058): [GStreamer] WebKitWebSrc's internal queue can exhaust the WebProcess memory
https://bugs.webkit.org/show_bug.cgi?id=199998
Reviewed by Xabier Rodriguez-Calvar.
With the webkitwebsrc rewrite the element lost its ability to tell
the resource loader when to pause and resume downloading because
we don't use appsrc and its enough-data/need-data signals anymore.
So new heuristics are introduced with this patch. Downloading of
resources bigger than 2MiB might pause when the internal adapter
has enough data (2% of the full resource) and resume when the
adapter size goes below 20% of those 2%.
No new tests, the media element spec doesn't clearly mandate how
the resource loading should behave when the element is paused or
how aggressively the resource should be downloaded during
playback.
This patch was functionally tested with a 1.3GiB resource loaded
over the local network, the resource was downloaded in ~30MiB
chunks, stopping and resuming every 20 seconds, approximately.
* platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
(webkit_web_src_class_init):
(webKitWebSrcCreate):
(CachedResourceStreamingClient::responseReceived):
(CachedResourceStreamingClient::dataReceived):
Commit: b6787b1c824fef02368355129a5f78bb8390075f
https://github.com/WebKit/WebKit/commit/b6787b1c824fef02368355129a5f78bb8390075f
Author: Michael Catanzaro <mcatanzaro at gnome.org>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp
Log Message:
-----------
Merge r248009 - [GTK] Compilation errors when GL is disabled
https://bugs.webkit.org/show_bug.cgi?id=200223
Unreviewed, fix build with -DENABLE_OPENGL=OFF.
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
(WebCore::MediaPlayerPrivateGStreamer::createGSTPlayBin):
Commit: 862e38994a1a8092a8d8f8219d9df6ef48988123
https://github.com/WebKit/WebKit/commit/862e38994a1a8092a8d8f8219d9df6ef48988123
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/cse-propagated-constant-may-not-follow-structure-restrictions.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/dfg/DFGAbstractInterpreterInlines.h
M Source/JavaScriptCore/dfg/DFGNode.h
M Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp
Log Message:
-----------
Merge r248149 - GetterSetter type confusion during DFG compilation
https://bugs.webkit.org/show_bug.cgi?id=199903
Reviewed by Mark Lam.
JSTests:
* stress/cse-propagated-constant-may-not-follow-structure-restrictions.js: Added.
Source/JavaScriptCore:
In AI, we are strongly assuming that GetGetter's child constant value should be GetterSetter if it exists.
However, this can be wrong since nobody ensures that. AI assumed so because the control-flow and preceding
CheckStructure ensures that. But this preceding check can be eliminated if the node becomes (at runtime) unreachable.
Let's consider the following graph.
129:<!0:-> PutByOffset(KnownCell:@115, KnownCell:@115, Check:Untyped:@124, MustGen, id5{length}, 0, W:NamedProperties(5), ClobbersExit, bc#154, ExitValid)
130:<!0:-> PutStructure(KnownCell:@115, MustGen, %C8:Object -> %C3:Object, ID:7726, R:JSObject_butterfly, W:JSCell_indexingType,JSCell_structureID,JSCell_typeInfoFlags,JSCell_typeInfoType, ClobbersExit, bc#154, ExitInvalid)
...
158:<!0:-> GetLocal(Check:Untyped:@197, JS|MustGen|UseAsOther, Final, loc7(R<Final>/FlushedCell), R:Stack(-8), bc#187, ExitValid) predicting Final
210:< 1:-> DoubleRep(Check:NotCell:@158, Double|PureInt, BytecodeDouble, Exits, bc#187, ExitValid)
...
162:<!0:-> CheckStructure(Cell:@158, MustGen, [%Ad:Object], R:JSCell_structureID, Exits, bc#192, ExitValid)
163:< 1:-> GetGetterSetterByOffset(KnownCell:@158, KnownCell:@158, JS|UseAsOther, OtherCell, id5{length}, 0, R:NamedProperties(5), Exits, bc#192, ExitValid)
164:< 1:-> GetGetter(KnownCell:@163, JS|UseAsOther, Function, R:GetterSetter_getter, Exits, bc#192, ExitValid)
At @163 and @164, AI proves that @158's AbstractValue is None because @210's edge filters out Cells @158 is a cell. But we do not invalidate graph status as "Invalid" even if edge filters out all possible value.
This is because the result of edge can be None in a valid program. For example, we can put a dependency edge between a consuming node and a producing node, where the producing node is just like a check and it
does not produce a value actually. So, @163 and @164 are not invalidated. This is totally fine in our compiler pipeline right now.
But after that, global CSE phase found that @115 and @158 are same and @129 dominates @158. As a result, we can replace GetGetter child's @163 with @124. Since CheckStructure is already removed (and now, at runtime,
@163 and @164 are never executed), we do not have any structure guarantee on @158 and the result of @163. This means that @163's CSE result can be non-GetterSetter value.
124:< 2:-> JSConstant(JS|UseAsOther, Final, Weak:Object: 0x1199e82a0 with butterfly 0x0 (Structure %B4:Object), StructureID: 49116, bc#0, ExitValid)
...
126:< 2:-> GetGetter(KnownCell:Kill:@124, JS|UseAsOther, Function, R:GetterSetter_getter, Exits, bc#192, ExitValid)
AI filters out @124's non-cell values. But @126 can get non-GetterSetter cell at AI phase. But our AI code is like the following.
JSValue base = forNode(node->child1()).m_value;
if (base) {
GetterSetter* getterSetter = jsCast<GetterSetter*>(base);
...
Then, jsCast casts the above object with GetterSetter accidentally.
In general, DFG AI can get a proven constant value, which could not be shown at runtime. This happens if the processing node is unreachable at runtime while the graph is not invalid yet, because preceding edge
filters already filter out all the possible execution. DFG AI already considered about this possibility, and it attempts to fold a node into a constant only when the constant input matches against the expected one.
But several DFG nodes are not handling this correctly: GetGetter, GetSetter, and SkipScope.
In this patch, we use `jsDynamicCast` to ensure that the constant input matches against the expected (foldable) one, and fold it only when the expectation is met.
We also remove DFG::Node::castConstant and its use. We should not rely on the constant folded value based on graph's control-flow.
* dfg/DFGAbstractInterpreterInlines.h:
(JSC::DFG::AbstractInterpreter<AbstractStateType>::executeEffects):
* dfg/DFGNode.h:
(JSC::DFG::Node::castConstant): Deleted.
* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileMaterializeCreateActivation):
Commit: 8052139cc37cd8ae6ce41718e2a4d0c3d522fd8a
https://github.com/WebKit/WebKit/commit/8052139cc37cd8ae6ce41718e2a4d0c3d522fd8a
Author: Ryosuke Niwa <rniwa at webkit.org>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/fast/frames/restoring-page-cache-should-not-run-scripts-expected.txt
A LayoutTests/fast/frames/restoring-page-cache-should-not-run-scripts.html
M Source/WebCore/ChangeLog
M Source/WebCore/html/HTMLFormElement.cpp
M Source/WebCore/html/HTMLInputElement.cpp
Log Message:
-----------
Merge r248172 - Document::resume should delay resetting of form control elements.
https://bugs.webkit.org/show_bug.cgi?id=200376
Reviewed by Geoffrey Garen.
Source/WebCore:
Delay the execution of form control element resets until the next task
to avoid synchronously mutating DOM during page cache restoration.
Test: fast/frames/restoring-page-cache-should-not-run-scripts.html
* html/HTMLFormElement.cpp:
(WebCore::HTMLFormElement::resumeFromDocumentSuspension):
* html/HTMLInputElement.cpp:
(WebCore::HTMLInputElement::resumeFromDocumentSuspension):
LayoutTests:
Added a regression test.
* fast/frames/restoring-page-cache-should-not-run-scripts-expected.txt: Added.
* fast/frames/restoring-page-cache-should-not-run-scripts.html: Added.
* platform/win/TestExpectations: Skip this test on Windows since navigating to blob fails on Windows.
Commit: 7900f036bc54676b8929620e8acd8ec29f77c911
https://github.com/WebKit/WebKit/commit/7900f036bc54676b8929620e8acd8ec29f77c911
Author: Ryosuke Niwa <rniwa at webkit.org>
Date: 2019-08-04 (Sun, 04 Aug 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/dom/Node.cpp
M Source/WebCore/dom/NodeRareData.h
Log Message:
-----------
Merge r248173 - Harden NodeRareData::m_connectedFrameCount
https://bugs.webkit.org/show_bug.cgi?id=200300
Reviewed by Geoffrey Garen.
Use unsinged integer type in NodeRareData::m_connectedFrameCount since it's padded anyway.
* dom/Node.cpp:
(WebCore::Node::decrementConnectedSubframeCount): Check that hasRareNode() is true in release builds.
* dom/NodeRareData.h:
Commit: 4ee5c2f5b81a09d91dca40ca3190cf8067ca8a4e
https://github.com/WebKit/WebKit/commit/4ee5c2f5b81a09d91dca40ca3190cf8067ca8a4e
Author: Charlie Turner <cturner at igalia.com>
Date: 2019-08-08 (Thu, 08 Aug 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp
Log Message:
-----------
Merge r248405 - [GTK] WebKitWebProcess crashes when viewing an HTML with a <video> element referencing unknown file
https://bugs.webkit.org/show_bug.cgi?id=200530
Reviewed by Xabier Rodriguez-Calvar.
Not amenable to unit testing.
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
(WebCore::MediaPlayerPrivateGStreamer::fillTimerFired):
Commit: 9b69af639f060ec8568af2d5688fcb24e6c15b1b
https://github.com/WebKit/WebKit/commit/9b69af639f060ec8568af2d5688fcb24e6c15b1b
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-08-19 (Mon, 19 Aug 2019)
Changed paths:
M Tools/ChangeLog
M Tools/DumpRenderTree/TestNetscapePlugIn/CMakeLists.txt
Log Message:
-----------
Unreviewed build fix for missing WebCore library when linking TestNetscapePlugIn
Using LDFLAGS='-Wl,--no-undefined' would cause TestNetscapePlugIn to
fail linking as it uses WTF::Sleep() but the WTF library is not
directly listed for linking. While the library would be linked
indirectly, passing --no-undefined to the linker disallows that, so
it is needed to list it explicitly for it to succeed.
* DumpRenderTree/TestNetscapePlugIn/CMakeLists.txt: Add dependency on
the WTF library.
Commit: d9cc1556acfe25ce3915ec71a2afa5093f45953d
https://github.com/WebKit/WebKit/commit/d9cc1556acfe25ce3915ec71a2afa5093f45953d
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-08-20 (Tue, 20 Aug 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/bindings/js/ScriptController.cpp
M Source/WebCore/bindings/js/ScriptController.h
M Source/WebCore/loader/FrameLoader.cpp
M Tools/ChangeLog
M Tools/TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj
A Tools/TestWebKitAPI/Tests/mac/JavascriptURLNavigation.mm
Log Message:
-----------
Merged r248410 - Do not allow navigations of frames about to get replaced by the result of evaluating javascript: URLs
<rdar://problem/53788893> and https://bugs.webkit.org/show_bug.cgi?id=198786
Reviewed by Geoff Garen.
Source/WebCore:
Covered by API Test
Add a "willReplaceWithResultOfExecutingJavascriptURL" flag which is respected inside FrameLoader::isNavigationAllowed
* bindings/js/ScriptController.cpp:
(WebCore::ScriptController::executeIfJavaScriptURL):
* bindings/js/ScriptController.h:
(WebCore::ScriptController::willReplaceWithResultOfExecutingJavascriptURL const):
* loader/FrameLoader.cpp:
(WebCore::FrameLoader::isNavigationAllowed const):
Tools:
* TestWebKitAPI/TestWebKitAPI.xcodeproj/project.pbxproj:
* TestWebKitAPI/Tests/mac/JavascriptURLNavigation.mm: Added.
Commit: 26e105fd498ed1bb27eb2cfc03dfc7810295eb0d
https://github.com/WebKit/WebKit/commit/26e105fd498ed1bb27eb2cfc03dfc7810295eb0d
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-08-26 (Mon, 26 Aug 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/Scripts/jsmin.py
M Source/JavaScriptCore/Scripts/make-js-file-arrays.py
Log Message:
-----------
Merged r249095 - Missing media controls when WebKit is built with Python3
https://bugs.webkit.org/show_bug.cgi?id=194367
Reviewed by Carlos Garcia Campos.
The JavaScript minifier script jsmin.py expects a text stream
with text type as input, but the script make-js-file-arrays.py
was passing to it a FileIO() object. So, when the jsmin script
called read() over this object, python3 was returning a type of
bytes, but for python2 it returns type str.
This caused two problems: first that jsmin failed to do any minifying
because it was comparing strings with a variable of type bytes.
The second major problem was in the write() function, when the
jsmin script tried to convert a byte character to text by calling
str() on it. Because what this does is not to convert from byte
type to string, but to simply generate a string with the format b'c'.
So the jsmin script was returning back as minified JS complete
garbage in the form of "b't'b'h'b'h'b'i" for python3.
Therefore, when WebKit was built with python3 this broke everything
that depended on the embedded JS code that make-js-file-arrays.py
was supposed to generate, like the media controls and the WebDriver
atoms.
Fix this by reworking the code in make-js-file-arrays script to
read the data from the file using a TextIOWrapper in python 3
with decoding for 'utf-8'. This ensures that the jsmin receives
a text type. For python2 keep using the same FileIO class.
On the jsmin.py script remove the problematic call to str() inside
the write() function when running with python3.
On top of that, add an extra check in jsmin.py script to make it
fail if the character type read is not the one expected. This
will cause the build to fail instead of failing silently like
now. I did some tests and the runtime cost of this extra check
is almost zero.
* Scripts/jsmin.py:
(JavascriptMinify.minify.write):
(JavascriptMinify):
* Scripts/make-js-file-arrays.py:
(main):
Commit: 76a674e5f56971f5d8341ccef256922621a72304
https://github.com/WebKit/WebKit/commit/76a674e5f56971f5d8341ccef256922621a72304
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-08-27 (Tue, 27 Aug 2019)
Changed paths:
M ChangeLog
M Source/cmake/GtkDoc.cmake
Log Message:
-----------
Merged r248954 - [GTK][WPE] Gtk-Doc fails with build options which need cooperation between CFLAGS and LDFLAGS
https://bugs.webkit.org/show_bug.cgi?id=200987
Reviewed by Philippe Normand.
Only CFLAGS was being set before trying to generate the documentation
but not LDFLAGS, which could cause errors when gtk-doc tries to link
a generated program when the compiler flags would also require usage
of certain linker flags later on.
* Source/cmake/GtkDoc.cmake: Also set LDFLAGS in the environment when
invoking Tools/gtkdoc/generate-gtkdoc.
Commit: 30c7a84af59dfdadd83727464f6f069bdd661b5c
https://github.com/WebKit/WebKit/commit/30c7a84af59dfdadd83727464f6f069bdd661b5c
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-08-27 (Tue, 27 Aug 2019)
Changed paths:
M ChangeLog
M Source/WebKit/ChangeLog
M Source/WebKit/gtk/NEWS
M Source/cmake/OptionsGTK.cmake
Log Message:
-----------
Unreviewed. Update OptionsGTK.cmake and NEWS for the 2.24.4 release
.:
* Source/cmake/OptionsGTK.cmake: Bump version numbers.
Source/WebKit:
* gtk/NEWS: Add release notes for 2.24.4
Commit: cc1e09efb1aaa159924082ba26787d0d9eb1fb36
https://github.com/WebKit/WebKit/commit/cc1e09efb1aaa159924082ba26787d0d9eb1fb36
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-08-27 (Tue, 27 Aug 2019)
Changed paths:
M ChangeLog
M Source/WebKit/ChangeLog
M Source/WebKit/wpe/NEWS
M Source/cmake/OptionsWPE.cmake
Log Message:
-----------
Unreviewed. Update OptionsWPE.cmake and NEWS for the 2.24.3 release
.:
* Source/cmake/OptionsWPE.cmake: Bump version numbers.
Source/WebKit:
* wpe/NEWS: Add release noes for 2.24.3
Compare: https://github.com/WebKit/WebKit/compare/e1aadee31cc3%5E...cc1e09efb1aa
More information about the webkit-changes
mailing list