[webkit-changes] [WebKit/WebKit] c0fea8: Branch WebKitGTK for 2.26
Jonathan Bedard
noreply at github.com
Thu Dec 1 11:05:02 PST 2022
Branch: refs/heads/webkitgtk/2.26
Home: https://github.com/WebKit/WebKit
Commit: c0fea8439801a13eace6395f23284be3735e7d58
https://github.com/WebKit/WebKit/commit/c0fea8439801a13eace6395f23284be3735e7d58
Author: Carlos Garcia Campos <carlosgc at webkit.org>
Date: 2019-08-28 (Wed, 28 Aug 2019)
Changed paths:
Log Message:
-----------
Branch WebKitGTK for 2.26
Commit: 22bf39d0e3382a0ff762a5cb3c2c05d0a0631e92
https://github.com/WebKit/WebKit/commit/22bf39d0e3382a0ff762a5cb3c2c05d0a0631e92
Author: Claudio Saavedra <csaavedra at igalia.com>
Date: 2019-08-29 (Thu, 29 Aug 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/network/soup/SoupNetworkSession.cpp
Log Message:
-----------
Merge r249196 - [SOUP] Fix the debug build after r249192
Unreviewed build fix.
* platform/network/soup/SoupNetworkSession.cpp:
(WebCore::SoupNetworkSession::setupHSTSEnforcer):
Commit: 95ddeaec990ac57265e914af9de8c48e764df47a
https://github.com/WebKit/WebKit/commit/95ddeaec990ac57265e914af9de8c48e764df47a
Author: Claudio Saavedra <csaavedra at igalia.com>
Date: 2019-08-29 (Thu, 29 Aug 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/network/soup/SoupNetworkSession.cpp
Log Message:
-----------
Merge r249197 - [SOUP] Shut compilation warning
Unreviewed. RELEASE_LOG_ERROR() needs a channel.
* platform/network/soup/SoupNetworkSession.cpp:
(WebCore::SoupNetworkSession::setupHSTSEnforcer):
Commit: cdfed173b20c6097087bcdb97dfa25a7b5244607
https://github.com/WebKit/WebKit/commit/cdfed173b20c6097087bcdb97dfa25a7b5244607
Author: Ryosuke Niwa <rniwa at webkit.org>
Date: 2019-08-29 (Thu, 29 Aug 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/dom/ElementRareData.h
M Source/WebCore/dom/Node.cpp
M Source/WebCore/dom/Node.h
M Source/WebCore/dom/NodeRareData.cpp
M Source/WebCore/dom/NodeRareData.h
Log Message:
-----------
Merge r249198 - REGRESSION (r248807): Objects stored in ElementRareData are leaked
https://bugs.webkit.org/show_bug.cgi?id=200954
Reviewed by Antti Koivisto.
Use a custom deleter in std::unique_ptr to call the correct destructor instead of making
NodeRareData's destructor virtual. Added NodeRareData::isElementRareData to differentiate
ElementRareData and NodeRareData by borrowing 1 bit from the frame count.
No new tests since there should be no behavioral change.
* dom/ElementRareData.h:
(WebCore::ElementRareData::ElementRareData):
* dom/Node.cpp:
(WebCore::Node::materializeRareData): Call the constructors of unique_ptr directly since
make_unique does not take a custom deleter. We can't add the support to makeUnique either
without making it three arguments since we need to cast ElementRareData to NodeRareData
in addition to specifying a custom deleter (normal casting wouldn't work due to
the presence of a custom deleter).
(WebCore::Node::NodeRareDataDeleter::operator() const): Added.
* dom/Node.h:
(WebCore::Node::NodeRareDataDeleter): Added.
* dom/NodeRareData.cpp:
* dom/NodeRareData.h:
(WebCore::NodeRareData::NodeRareData): Makes newly added Type.
(WebCore::NodeRareData::isElementRareData): Added.
(WebCore::NodeRareData::~NodeRareData): Deleted.
Commit: 927ca96b3de1901a02992a15775c8e9a7522cb1d
https://github.com/WebKit/WebKit/commit/927ca96b3de1901a02992a15775c8e9a7522cb1d
Author: Simon Fraser <simon.fraser at apple.com>
Date: 2019-08-29 (Thu, 29 Aug 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/rendering/svg/RenderSVGBlock.cpp
M Source/WebCore/rendering/svg/RenderSVGBlock.h
Log Message:
-----------
Merge r249203 - Have RenderSVGBlock compute visual overflow just like everyone else
https://bugs.webkit.org/show_bug.cgi?id=201211
Reviewed by Zalan Bujtas.
RenderSVGBlock overrode visualOverflowRect() just to account for text shadow. This prevents callers
optimizing calls to visualOverflowRect(), so instead have RenderSVGBlock implement computeOverflow()
and call addVisualOverflow().
* rendering/svg/RenderSVGBlock.cpp:
(WebCore::RenderSVGBlock::computeOverflow):
(WebCore::RenderSVGBlock::visualOverflowRect const): Deleted.
* rendering/svg/RenderSVGBlock.h:
Commit: 8919659dd3671edf2110f066f73d1ee529a3a3ca
https://github.com/WebKit/WebKit/commit/8919659dd3671edf2110f066f73d1ee529a3a3ca
Author: Alicia Boya Garcia <aboya at igalia.com>
Date: 2019-08-29 (Thu, 29 Aug 2019)
Changed paths:
M LayoutTests/ChangeLog
M LayoutTests/imported/w3c/ChangeLog
A LayoutTests/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-video-element/timeout_on_seek.py
A LayoutTests/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-video-element/video_timeupdate_on_seek-expected.txt
A LayoutTests/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-video-element/video_timeupdate_on_seek.html
A LayoutTests/imported/w3c/web-platform-tests/media-source/mediasource-buffered-seek-expected.txt
A LayoutTests/imported/w3c/web-platform-tests/media-source/mediasource-buffered-seek.html
M LayoutTests/platform/gtk/TestExpectations
M LayoutTests/platform/ios-simulator/TestExpectations
M LayoutTests/platform/mac/TestExpectations
A LayoutTests/platform/mac/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-video-element/video_timeupdate_on_seek-expected.txt
M Source/WebCore/ChangeLog
M Source/WebCore/platform/GStreamer.cmake
M Source/WebCore/platform/graphics/gstreamer/GRefPtrGStreamer.cpp
M Source/WebCore/platform/graphics/gstreamer/GRefPtrGStreamer.h
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h
M Source/WebCore/platform/graphics/gstreamer/MediaSampleGStreamer.cpp
M Source/WebCore/platform/graphics/gstreamer/mse/AppendPipeline.cpp
M Source/WebCore/platform/graphics/gstreamer/mse/AppendPipeline.h
M Source/WebCore/platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp
M Source/WebCore/platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.h
M Source/WebCore/platform/graphics/gstreamer/mse/MediaSourceClientGStreamerMSE.cpp
M Source/WebCore/platform/graphics/gstreamer/mse/MediaSourceClientGStreamerMSE.h
M Source/WebCore/platform/graphics/gstreamer/mse/MediaSourceGStreamer.cpp
M Source/WebCore/platform/graphics/gstreamer/mse/MediaSourceGStreamer.h
R Source/WebCore/platform/graphics/gstreamer/mse/PlaybackPipeline.cpp
R Source/WebCore/platform/graphics/gstreamer/mse/PlaybackPipeline.h
M Source/WebCore/platform/graphics/gstreamer/mse/SourceBufferPrivateGStreamer.cpp
M Source/WebCore/platform/graphics/gstreamer/mse/SourceBufferPrivateGStreamer.h
M Source/WebCore/platform/graphics/gstreamer/mse/WebKitMediaSourceGStreamer.cpp
M Source/WebCore/platform/graphics/gstreamer/mse/WebKitMediaSourceGStreamer.h
R Source/WebCore/platform/graphics/gstreamer/mse/WebKitMediaSourceGStreamerPrivate.h
M Source/cmake/GStreamerChecks.cmake
M Tools/ChangeLog
M Tools/Scripts/webkitpy/style/checker.py
Log Message:
-----------
Merge r249205 - [MSE][GStreamer] WebKitMediaSrc rework
https://bugs.webkit.org/show_bug.cgi?id=199719
Reviewed by Xabier Rodriguez-Calvar.
LayoutTests/imported/w3c:
* web-platform-tests/html/semantics/embedded-content/the-video-element/timeout_on_seek.py: Added.
(parse_range):
(main):
* web-platform-tests/html/semantics/embedded-content/the-video-element/video_timeupdate_on_seek.html: Added.
* web-platform-tests/html/semantics/embedded-content/the-video-element/video_timeupdate_on_seek-expected.txt: Added.
* web-platform-tests/media-source/mediasource-buffered-seek-expected.txt: Added.
* web-platform-tests/media-source/mediasource-buffered-seek.html: Added.
Source/WebCore:
This patch reworks the WebKitMediaSrc element and many of the player
private methods that interacted with it.
In comparison with the old WebKitMediaSrc, in the new one seeks have
been massively simplified.
The new WebKitMediaSrc no longer relies on a bin or appsrc, having
greater control over its operation. This made it comparatively much
easier to implement features such as seek before playback or
single-stream flushing.
stream-collection events are emitted from the WebKitMediaSrc to reuse
the track handling in MediaPlayerPrivateGStreamer for playbin3, which
is now used for MSE pipelines.
Additional tests have been added to check some assumptions, and some
bugs that have surfaced with the changes have been fixed but no new
features (like multi-track support) are implemented in this patch.
One instance of these bugs is `resized` events, which were previously
being emitted when frames with different resolutions where appended.
This is a wrong behavior that has not been preserved in the rework, as
resize events should be emitted when the frames are shown, not
just appended.
There are subtler bugfixes, such as ignoring PTS-less frames in
AppendPipeline::appsinkNewSample(). These frames are problematic for
MSE, yet they were somehow passing through the pipelines. Since
WebKitMediaSrc is stricter with assertions, these have to be filtered.
This test gets rid of !m_mseSeekCompleted assertion failures in tests
and potentially other hard to debug bugs in the previous seek
algorithm.
This patch makes the following existing tests pass:
imported/w3c/web-platform-tests/media-source/mediasource-config-change-webm-a-bitrate.html
imported/w3c/web-platform-tests/media-source/mediasource-config-change-webm-v-framesize.html
New test: imported/w3c/web-platform-tests/media-source/mediasource-buffered-seek.html
New test: LayoutTests/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-video-element/video_timeupdate_on_seek.html (non-MSE related)
* Headers.cmake:
* platform/GStreamer.cmake:
* platform/graphics/gstreamer/GRefPtrGStreamer.cpp:
(WTF::adoptGRef):
(WTF::refGPtr<GstMiniObject>):
(WTF::derefGPtr<GstMiniObject>):
* platform/graphics/gstreamer/GRefPtrGStreamer.h:
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
(WebCore::MediaPlayerPrivateGStreamer::playbackPosition const):
(WebCore::MediaPlayerPrivateGStreamer::paused const):
(WebCore::MediaPlayerPrivateGStreamer::updateTracks):
(WebCore::MediaPlayerPrivateGStreamer::enableTrack):
(WebCore::MediaPlayerPrivateGStreamer::notifyPlayerOfVideo):
(WebCore::MediaPlayerPrivateGStreamer::sourceSetup):
(WebCore::MediaPlayerPrivateGStreamer::handleSyncMessage):
(WebCore::MediaPlayerPrivateGStreamer::createGSTPlayBin):
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h:
(WebCore::MediaPlayerPrivateGStreamer::invalidateCachedPosition):
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
(WebCore::MediaPlayerPrivateGStreamerBase::naturalSize const):
(WebCore::MediaPlayerPrivateGStreamerBase::naturalSizeFromCaps const):
(WebCore::MediaPlayerPrivateGStreamerBase::samplesHaveDifferentNaturalSize const):
(WebCore::MediaPlayerPrivateGStreamerBase::triggerRepaint):
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:
* platform/graphics/gstreamer/MediaSampleGStreamer.cpp:
(WebCore::MediaSampleGStreamer::MediaSampleGStreamer):
* platform/graphics/gstreamer/mse/AppendPipeline.cpp:
(WebCore::AppendPipeline::appsinkNewSample):
(WebCore::AppendPipeline::connectDemuxerSrcPadToAppsink):
* platform/graphics/gstreamer/mse/AppendPipeline.h:
(WebCore::AppendPipeline::appsinkCaps):
(WebCore::AppendPipeline::streamType):
(WebCore::AppendPipeline::demuxerSrcPadCaps):
* platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp:
(WebCore::MediaPlayerPrivateGStreamerMSE::~MediaPlayerPrivateGStreamerMSE):
(WebCore::MediaPlayerPrivateGStreamerMSE::load):
(WebCore::MediaPlayerPrivateGStreamerMSE::play):
(WebCore::MediaPlayerPrivateGStreamerMSE::pause):
(WebCore::MediaPlayerPrivateGStreamerMSE::seek):
(WebCore::MediaPlayerPrivateGStreamerMSE::seekCompleted):
(WebCore::MediaPlayerPrivateGStreamerMSE::setReadyState):
(WebCore::MediaPlayerPrivateGStreamerMSE::sourceSetup):
(WebCore::MediaPlayerPrivateGStreamerMSE::updateStates):
(WebCore::MediaPlayerPrivateGStreamerMSE::didEnd):
(WebCore::MediaPlayerPrivateGStreamerMSE::unblockDurationChanges):
(WebCore::MediaPlayerPrivateGStreamerMSE::durationChanged):
(WebCore::MediaPlayerPrivateGStreamerMSE::trackDetected):
* platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.h:
* platform/graphics/gstreamer/mse/MediaSourceClientGStreamerMSE.cpp:
(WebCore::MediaSourceClientGStreamerMSE::addSourceBuffer):
(WebCore::MediaSourceClientGStreamerMSE::removedFromMediaSource):
(WebCore::MediaSourceClientGStreamerMSE::flush):
(WebCore::MediaSourceClientGStreamerMSE::enqueueSample):
(WebCore::MediaSourceClientGStreamerMSE::isReadyForMoreSamples):
(WebCore::MediaSourceClientGStreamerMSE::notifyClientWhenReadyForMoreSamples):
(WebCore::MediaSourceClientGStreamerMSE::allSamplesInTrackEnqueued):
* platform/graphics/gstreamer/mse/MediaSourceClientGStreamerMSE.h:
* platform/graphics/gstreamer/mse/MediaSourceGStreamer.cpp:
(WebCore::MediaSourceGStreamer::markEndOfStream):
(WebCore::MediaSourceGStreamer::unmarkEndOfStream):
(WebCore::MediaSourceGStreamer::waitForSeekCompleted):
* platform/graphics/gstreamer/mse/MediaSourceGStreamer.h:
* platform/graphics/gstreamer/mse/PlaybackPipeline.cpp: Removed.
* platform/graphics/gstreamer/mse/PlaybackPipeline.h: Removed.
* platform/graphics/gstreamer/mse/SourceBufferPrivateGStreamer.cpp:
(WebCore::SourceBufferPrivateGStreamer::enqueueSample):
(WebCore::SourceBufferPrivateGStreamer::isReadyForMoreSamples):
(WebCore::SourceBufferPrivateGStreamer::notifyClientWhenReadyForMoreSamples):
* platform/graphics/gstreamer/mse/SourceBufferPrivateGStreamer.h:
* platform/graphics/gstreamer/mse/WebKitMediaSourceGStreamer.cpp:
(WebKitMediaSrcPrivate::streamByName):
(Stream::Stream):
(Stream::StreamingMembers::StreamingMembers):
(Stream::StreamingMembers::durationEnqueued const):
(findPipeline):
(webkit_media_src_class_init):
(webkit_media_src_init):
(webKitMediaSrcFinalize):
(debugProbe):
(collectionPlusStream):
(collectionMinusStream):
(gstStreamType):
(webKitMediaSrcAddStream):
(webKitMediaSrcRemoveStream):
(webKitMediaSrcActivateMode):
(webKitMediaSrcPadLinked):
(webKitMediaSrcStreamNotifyLowWaterLevel):
(webKitMediaSrcLoop):
(webKitMediaSrcEnqueueObject):
(webKitMediaSrcEnqueueSample):
(webKitMediaSrcEnqueueEvent):
(webKitMediaSrcEndOfStream):
(webKitMediaSrcIsReadyForMoreSamples):
(webKitMediaSrcNotifyWhenReadyForMoreSamples):
(webKitMediaSrcChangeState):
(webKitMediaSrcStreamFlushStart):
(webKitMediaSrcStreamFlushStop):
(webKitMediaSrcFlush):
(webKitMediaSrcSeek):
(countStreamsOfType):
(webKitMediaSrcGetProperty):
(webKitMediaSrcUriGetType):
(webKitMediaSrcGetProtocols):
(webKitMediaSrcGetUri):
(webKitMediaSrcSetUri):
(webKitMediaSrcUriHandlerInit):
* platform/graphics/gstreamer/mse/WebKitMediaSourceGStreamer.h:
* platform/graphics/gstreamer/mse/WebKitMediaSourceGStreamerPrivate.h: Removed.
Tools:
Added WebKitMediaSourceGStreamer.cpp to the GStreamer-style coding
whitelist.
* Scripts/webkitpy/style/checker.py:
LayoutTests:
Updated expectations.
* platform/gtk/TestExpectations:
* platform/mac/TestExpectations:
* platform/ios-simulator/TestExpectations:
* platform/mac/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-video-element/video_timeupdate_on_seek-expected.txt: Added.
Commit: f9002a8538fd9749a0edbc3de149ad979ac9638d
https://github.com/WebKit/WebKit/commit/f9002a8538fd9749a0edbc3de149ad979ac9638d
Author: Chris Dumez <cdumez at apple.com>
Date: 2019-08-29 (Thu, 29 Aug 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/ServiceWorkerProcessProxy.cpp
M Source/WebKit/UIProcess/WebPageProxy.cpp
M Source/WebKit/UIProcess/WebPageProxy.h
M Source/WebKit/UIProcess/WebProcessProxy.cpp
M Source/WebKit/UIProcess/WebProcessProxy.h
Log Message:
-----------
Merge r249206 - Have WebPageProxy generate the page identifier by itself
https://bugs.webkit.org/show_bug.cgi?id=201223
Reviewed by Ryosuke Niwa.
Have WebPageProxy generate the page identifier by itself instead of
having the WebProcessProxy do it.
* UIProcess/ServiceWorkerProcessProxy.cpp:
(WebKit::m_serviceWorkerPageID):
* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::create):
(WebKit::WebPageProxy::WebPageProxy):
* UIProcess/WebPageProxy.h:
* UIProcess/WebProcessProxy.cpp:
(WebKit::WebProcessProxy::createWebPage):
(WebKit::WebProcessProxy::generatePageID): Deleted.
* UIProcess/WebProcessProxy.h:
Commit: 3b6062d03582d4175cdd8ba8ef5001823e844dfe
https://github.com/WebKit/WebKit/commit/3b6062d03582d4175cdd8ba8ef5001823e844dfe
Author: Chris Dumez <cdumez at apple.com>
Date: 2019-08-29 (Thu, 29 Aug 2019)
Changed paths:
M LayoutTests/ChangeLog
M LayoutTests/fast/dom/Geolocation/dataURL-getCurrentPosition-expected.txt
M LayoutTests/fast/dom/Geolocation/dataURL-getCurrentPosition.html
M LayoutTests/fast/dom/Geolocation/dataURL-watchPosition-expected.txt
M LayoutTests/fast/dom/Geolocation/dataURL-watchPosition.html
M LayoutTests/http/tests/security/resources/checkThatPositionErrorCallbackIsCalledWithPositionUnavailableForGeolocationMethod.js
M LayoutTests/http/tests/security/sandboxed-iframe-geolocation-getCurrentPosition-expected.txt
M LayoutTests/http/tests/security/sandboxed-iframe-geolocation-getCurrentPosition.html
M LayoutTests/http/tests/security/sandboxed-iframe-geolocation-watchPosition-expected.txt
M LayoutTests/http/tests/security/sandboxed-iframe-geolocation-watchPosition.html
M Source/WebCore/ChangeLog
M Source/WebCore/Modules/geolocation/Geolocation.cpp
Log Message:
-----------
Merge r249207 - geolocation.watchPosition() / getCurrentPosition() should return PERMISSION_DENIED when context is not secure
https://bugs.webkit.org/show_bug.cgi?id=201221
Reviewed by Ryosuke Niwa.
Source/WebCore:
geolocation.watchPosition() / getCurrentPosition() should return PERMISSION_DENIED when context is not secure,
not POSITION_UNAVAILABLE. Both Gecko and Blink agree on PERMISSION_DENIED.
No new tests, updated existing tests.
* Modules/geolocation/Geolocation.cpp:
(WebCore::Geolocation::startRequest):
LayoutTests:
Update layout tests to reflect behavior change.
* fast/dom/Geolocation/dataURL-getCurrentPosition-expected.txt:
* fast/dom/Geolocation/dataURL-getCurrentPosition.html:
* fast/dom/Geolocation/dataURL-watchPosition-expected.txt:
* fast/dom/Geolocation/dataURL-watchPosition.html:
* http/tests/security/resources/checkThatPositionErrorCallbackIsCalledWithPositionUnavailableForGeolocationMethod.js:
(didReceiveError):
(checkThatPositionErrorCallbackIsCalledWithPositionUnavailableForGeolocationMethod):
* http/tests/security/sandboxed-iframe-geolocation-getCurrentPosition-expected.txt:
* http/tests/security/sandboxed-iframe-geolocation-getCurrentPosition.html:
* http/tests/security/sandboxed-iframe-geolocation-watchPosition-expected.txt:
* http/tests/security/sandboxed-iframe-geolocation-watchPosition.html:
Commit: c58e1363d585d9068a4c3cd6e11d6f19a4a1c8f9
https://github.com/WebKit/WebKit/commit/c58e1363d585d9068a4c3cd6e11d6f19a4a1c8f9
Author: Said Abou-Hallawa <sabouhallawa at apple.com>
Date: 2019-08-29 (Thu, 29 Aug 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/svg/custom/href-svg-namespace-animate-target-expected.svg
A LayoutTests/svg/custom/href-svg-namespace-animate-target.svg
M Source/WebCore/ChangeLog
M Source/WebCore/svg/animation/SVGSMILElement.cpp
Log Message:
-----------
Merge r249216 - XLinkNames namespace is required before the 'href' attribute of SVG animate elements
https://bugs.webkit.org/show_bug.cgi?id=201227
Patch by Said Abou-Hallawa <sabouhallawa at apple.com> on 2019-08-28
Reviewed by Ryosuke Niwa.
Source/WebCore:
To get the animation target element, get the value of the "href" attribute
or the "xlink:href" attribute.
Tests: svg/custom/href-svg-namespace-animate-target.svg
* svg/animation/SVGSMILElement.cpp:
(WebCore::SVGSMILElement::buildPendingResource):
LayoutTests:
* svg/custom/href-svg-namespace-animate-target-expected.svg: Added.
* svg/custom/href-svg-namespace-animate-target.svg: Added.
Commit: 764bce3b3c4521ea6d0178fe002d198e6a111164
https://github.com/WebKit/WebKit/commit/764bce3b3c4521ea6d0178fe002d198e6a111164
Author: Said Abou-Hallawa <sabouhallawa at apple.com>
Date: 2019-08-29 (Thu, 29 Aug 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/Headers.cmake
M Source/WebCore/WebCore.xcodeproj/project.pbxproj
M Source/WebCore/html/ImageBitmap.cpp
M Source/WebCore/html/canvas/CanvasRenderingContext2DBase.cpp
M Source/WebCore/platform/graphics/BitmapImage.cpp
M Source/WebCore/platform/graphics/BitmapImage.h
M Source/WebCore/platform/graphics/CrossfadeGeneratedImage.cpp
M Source/WebCore/platform/graphics/CrossfadeGeneratedImage.h
M Source/WebCore/platform/graphics/CustomPaintImage.cpp
M Source/WebCore/platform/graphics/CustomPaintImage.h
M Source/WebCore/platform/graphics/GeneratedImage.h
M Source/WebCore/platform/graphics/GradientImage.cpp
M Source/WebCore/platform/graphics/GradientImage.h
M Source/WebCore/platform/graphics/GraphicsContext.cpp
M Source/WebCore/platform/graphics/GraphicsContext.h
M Source/WebCore/platform/graphics/GraphicsContextImpl.cpp
M Source/WebCore/platform/graphics/GraphicsContextImpl.h
M Source/WebCore/platform/graphics/Image.cpp
M Source/WebCore/platform/graphics/Image.h
M Source/WebCore/platform/graphics/ImageBuffer.h
A Source/WebCore/platform/graphics/ImagePaintingOptions.h
M Source/WebCore/platform/graphics/NamedImageGeneratedImage.cpp
M Source/WebCore/platform/graphics/NamedImageGeneratedImage.h
M Source/WebCore/platform/graphics/NativeImage.h
M Source/WebCore/platform/graphics/cairo/CairoOperations.cpp
M Source/WebCore/platform/graphics/cairo/CairoOperations.h
M Source/WebCore/platform/graphics/cairo/GraphicsContextCairo.cpp
M Source/WebCore/platform/graphics/cairo/GraphicsContextImplCairo.cpp
M Source/WebCore/platform/graphics/cairo/GraphicsContextImplCairo.h
M Source/WebCore/platform/graphics/cairo/ImageBufferCairo.cpp
M Source/WebCore/platform/graphics/cairo/NativeImageCairo.cpp
M Source/WebCore/platform/graphics/cg/GraphicsContext3DCG.cpp
M Source/WebCore/platform/graphics/cg/GraphicsContextCG.cpp
M Source/WebCore/platform/graphics/cg/ImageBufferCG.cpp
M Source/WebCore/platform/graphics/cg/NativeImageCG.cpp
M Source/WebCore/platform/graphics/cg/PDFDocumentImage.cpp
M Source/WebCore/platform/graphics/cg/PDFDocumentImage.h
M Source/WebCore/platform/graphics/displaylists/DisplayListItems.cpp
M Source/WebCore/platform/graphics/displaylists/DisplayListItems.h
M Source/WebCore/platform/graphics/displaylists/DisplayListRecorder.cpp
M Source/WebCore/platform/graphics/displaylists/DisplayListRecorder.h
M Source/WebCore/platform/graphics/filters/FEBlend.cpp
M Source/WebCore/platform/graphics/filters/FEComposite.cpp
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp
M Source/WebCore/platform/graphics/nicosia/cairo/NicosiaCairoOperationRecorder.cpp
M Source/WebCore/platform/graphics/nicosia/cairo/NicosiaCairoOperationRecorder.h
M Source/WebCore/platform/graphics/win/Direct2DOperations.cpp
M Source/WebCore/platform/graphics/win/GraphicsContextImplDirect2D.h
M Source/WebCore/platform/graphics/win/ImageCGWin.cpp
M Source/WebCore/platform/graphics/win/ImageCairoWin.cpp
M Source/WebCore/platform/graphics/win/NativeImageDirect2D.cpp
M Source/WebCore/platform/ios/DragImageIOS.mm
M Source/WebCore/rendering/RenderBoxModelObject.cpp
M Source/WebCore/rendering/RenderEmbeddedObject.cpp
M Source/WebCore/rendering/RenderImage.cpp
M Source/WebCore/rendering/RenderSnapshottedPlugIn.cpp
M Source/WebCore/rendering/RenderThemeMac.mm
M Source/WebCore/svg/graphics/SVGImage.cpp
M Source/WebCore/svg/graphics/SVGImage.h
M Source/WebCore/svg/graphics/SVGImageForContainer.cpp
M Source/WebCore/svg/graphics/SVGImageForContainer.h
M Source/WebKit/ChangeLog
M Source/WebKit/WebProcess/WebPage/ios/WebPageIOS.mm
Log Message:
-----------
Merge r249217 - All image drawing functions should take an argument of type ImagePaintingOptions
https://bugs.webkit.org/show_bug.cgi?id=201059
Patch by Said Abou-Hallawa <sabouhallawa at apple.com> on 2019-08-28
Reviewed by Simon Fraser.
Source/WebCore:
In this patch:
-- All the image drawing function will take an argument of type
ImagePaintingOptions instead of passing individual options.
-- ImagePaintingOptions is made like a set of options. It can be
initialized with any number of options and the order does not matter
-- Image::originalSize() is deleted because it returns size() and none
of the Image concrete classes overrides this implementation.
* Headers.cmake:
* WebCore.xcodeproj/project.pbxproj:
* html/ImageBitmap.cpp:
(WebCore::ImageBitmap::createPromise):
(WebCore::ImageBitmap::createFromBuffer):
* html/canvas/CanvasRenderingContext2DBase.cpp:
(WebCore::CanvasRenderingContext2DBase::drawImage):
(WebCore::drawImageToContext):
(WebCore::CanvasRenderingContext2DBase::fullCanvasCompositedDrawImage):
* platform/graphics/BitmapImage.cpp:
(WebCore::BitmapImage::draw):
(WebCore::BitmapImage::drawPattern):
* platform/graphics/BitmapImage.h:
* platform/graphics/CrossfadeGeneratedImage.cpp:
(WebCore::drawCrossfadeSubimage):
(WebCore::CrossfadeGeneratedImage::draw):
(WebCore::CrossfadeGeneratedImage::drawPattern):
* platform/graphics/CrossfadeGeneratedImage.h:
* platform/graphics/CustomPaintImage.cpp:
(WebCore::CustomPaintImage::draw):
(WebCore::CustomPaintImage::drawPattern):
* platform/graphics/CustomPaintImage.h:
* platform/graphics/GeneratedImage.h:
(WebCore::GeneratedImage::draw):
(WebCore::GeneratedImage::drawPattern):
* platform/graphics/GradientImage.cpp:
(WebCore::GradientImage::draw):
(WebCore::GradientImage::drawPattern):
* platform/graphics/GradientImage.h:
* platform/graphics/GraphicsContext.cpp:
(WebCore::GraphicsContext::drawImage):
(WebCore::GraphicsContext::drawTiledImage):
(WebCore::GraphicsContext::drawImageBuffer):
(WebCore::GraphicsContext::drawConsumingImageBuffer):
* platform/graphics/GraphicsContext.h:
(WebCore::GraphicsContext::drawNativeImage):
(WebCore::GraphicsContext::drawImage):
(WebCore::GraphicsContext::drawTiledImage):
(WebCore::GraphicsContext::drawImageBuffer):
(WebCore::GraphicsContext::drawPattern):
(WebCore::GraphicsContext::drawConsumingImageBuffer):
(WebCore::ImagePaintingOptions::ImagePaintingOptions): Deleted.
(WebCore::ImagePaintingOptions::usesDefaultInterpolation const): Deleted.
* platform/graphics/GraphicsContextImpl.cpp:
(WebCore::GraphicsContextImpl::drawImageImpl):
(WebCore::GraphicsContextImpl::drawTiledImageImpl):
* platform/graphics/GraphicsContextImpl.h:
* platform/graphics/Image.cpp:
(WebCore::Image::drawPattern):
(WebCore::Image::drawTiled):
(WebCore::Image::computeIntrinsicDimensions):
* platform/graphics/Image.h:
(WebCore::Image::drawPattern):
(WebCore::Image::draw):
(WebCore::Image::drawTiled):
(WebCore::Image::originalSize const): Deleted.
* platform/graphics/ImageBuffer.h:
(WebCore::ImageBuffer::draw):
(WebCore::ImageBuffer::drawPattern):
(WebCore::ImageBuffer::drawConsuming):
* platform/graphics/ImagePaintingOptions.h: Added.
(WebCore::ImagePaintingOptions::ImagePaintingOptions):
(WebCore::ImagePaintingOptions::compositeOperator const):
(WebCore::ImagePaintingOptions::blendMode const):
(WebCore::ImagePaintingOptions::decodingMode const):
(WebCore::ImagePaintingOptions::orientation const):
(WebCore::ImagePaintingOptions::interpolationQuality const):
(WebCore::ImagePaintingOptions::setOption):
* platform/graphics/NamedImageGeneratedImage.cpp:
(WebCore::NamedImageGeneratedImage::draw):
(WebCore::NamedImageGeneratedImage::drawPattern):
* platform/graphics/NamedImageGeneratedImage.h:
* platform/graphics/NativeImage.h:
* platform/graphics/cairo/CairoOperations.cpp:
(WebCore::Cairo::drawShadowLayerBuffer):
(WebCore::Cairo::drawShadowImage):
(WebCore::Cairo::drawNativeImage):
(WebCore::Cairo::drawPattern):
* platform/graphics/cairo/CairoOperations.h:
* platform/graphics/cairo/GraphicsContextCairo.cpp:
(WebCore::GraphicsContext::drawNativeImage):
(WebCore::GraphicsContext::drawPattern):
* platform/graphics/cairo/GraphicsContextImplCairo.cpp:
(WebCore::GraphicsContextImplCairo::drawNativeImage):
(WebCore::GraphicsContextImplCairo::drawPattern):
* platform/graphics/cairo/GraphicsContextImplCairo.h:
* platform/graphics/cairo/ImageBufferCairo.cpp:
(WebCore::ImageBuffer::drawConsuming):
(WebCore::ImageBuffer::draw):
(WebCore::ImageBuffer::drawPattern):
* platform/graphics/cairo/NativeImageCairo.cpp:
(WebCore::drawNativeImage):
* platform/graphics/cg/GraphicsContext3DCG.cpp:
(WebCore::GraphicsContext3D::paintToCanvas):
* platform/graphics/cg/GraphicsContextCG.cpp:
(WebCore::GraphicsContext::drawNativeImage):
(WebCore::GraphicsContext::drawPattern):
* platform/graphics/cg/ImageBufferCG.cpp:
(WebCore::ImageBuffer::drawConsuming):
(WebCore::ImageBuffer::draw):
(WebCore::ImageBuffer::drawPattern):
* platform/graphics/cg/NativeImageCG.cpp:
(WebCore::drawNativeImage):
* platform/graphics/cg/PDFDocumentImage.cpp:
(WebCore::PDFDocumentImage::draw):
* platform/graphics/cg/PDFDocumentImage.h:
* platform/graphics/displaylists/DisplayListItems.cpp:
(WebCore::DisplayList::DrawNativeImage::DrawNativeImage):
(WebCore::DisplayList::DrawNativeImage::apply const):
(WebCore::DisplayList::DrawPattern::DrawPattern):
(WebCore::DisplayList::DrawPattern::apply const):
* platform/graphics/displaylists/DisplayListItems.h:
(WebCore::DisplayList::DrawNativeImage::create):
(WebCore::DisplayList::DrawPattern::create):
(WebCore::DisplayList::DrawPattern::DrawPattern):
* platform/graphics/displaylists/DisplayListRecorder.cpp:
(WebCore::DisplayList::Recorder::drawNativeImage):
(WebCore::DisplayList::Recorder::drawPattern):
* platform/graphics/displaylists/DisplayListRecorder.h:
* platform/graphics/filters/FEBlend.cpp:
(WebCore::FEBlend::platformApplySoftware):
* platform/graphics/filters/FEComposite.cpp:
(WebCore::FEComposite::platformApplySoftware):
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
(WebCore::MediaPlayerPrivateGStreamerBase::paint):
* platform/graphics/nicosia/cairo/NicosiaCairoOperationRecorder.cpp:
(Nicosia::CairoOperationRecorder::drawNativeImage):
(Nicosia::CairoOperationRecorder::drawPattern):
* platform/graphics/nicosia/cairo/NicosiaCairoOperationRecorder.h:
* platform/graphics/win/Direct2DOperations.cpp:
(WebCore::Direct2D::drawNativeImage):
(WebCore::Direct2D::drawPattern):
* platform/graphics/win/Direct2DOperations.h:
* platform/graphics/win/GraphicsContextImplDirect2D.h:
* platform/graphics/win/ImageCGWin.cpp:
(WebCore::BitmapImage::getHBITMAPOfSize):
(WebCore::BitmapImage::drawFrameMatchingSourceSize):
* platform/graphics/win/ImageCairoWin.cpp:
(WebCore::BitmapImage::getHBITMAPOfSize):
(WebCore::BitmapImage::drawFrameMatchingSourceSize):
* platform/graphics/win/NativeImageDirect2D.cpp:
(WebCore::drawNativeImage):
* platform/ios/DragImageIOS.mm:
(WebCore::createDragImageFromImage):
* rendering/RenderBoxModelObject.cpp:
(WebCore::RenderBoxModelObject::paintFillLayerExtended):
* rendering/RenderEmbeddedObject.cpp:
(WebCore::RenderEmbeddedObject::paintSnapshotImage):
* rendering/RenderImage.cpp:
(WebCore::RenderImage::paintReplaced):
(WebCore::RenderImage::paintIntoRect):
* rendering/RenderSnapshottedPlugIn.cpp:
(WebCore::RenderSnapshottedPlugIn::paintSnapshot):
* rendering/RenderThemeMac.mm:
(WebCore::RenderThemeMac::paintSnapshottedPluginOverlay):
* svg/graphics/SVGImage.cpp:
(WebCore::SVGImage::drawForContainer):
(WebCore::SVGImage::nativeImageForCurrentFrame):
(WebCore::SVGImage::nativeImage):
(WebCore::SVGImage::drawPatternForContainer):
(WebCore::SVGImage::draw):
* svg/graphics/SVGImage.h:
* svg/graphics/SVGImageForContainer.cpp:
(WebCore::SVGImageForContainer::draw):
(WebCore::SVGImageForContainer::drawPattern):
* svg/graphics/SVGImageForContainer.h:
Source/WebKit:
GraphicsContext::drawImage() now takes an ImagePaintingOptions.
* WebProcess/WebPage/ios/WebPageIOS.mm:
(WebKit::imagePositionInformation):
Commit: 121c8d7240b3dc02a22314ceeebb7ecb2db7999e
https://github.com/WebKit/WebKit/commit/121c8d7240b3dc02a22314ceeebb7ecb2db7999e
Author: Mark Lam <mark.lam at apple.com>
Date: 2019-08-29 (Thu, 29 Aug 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/wasm/WasmAirIRGenerator.cpp
M Source/JavaScriptCore/wasm/WasmB3IRGenerator.cpp
M Source/JavaScriptCore/wasm/WasmValidate.cpp
Log Message:
-----------
Merge r249221 - Wasm's AirIRGenerator::addLocal() and B3IRGenerator::addLocal() are doing unnecessary overflow checks.
https://bugs.webkit.org/show_bug.cgi?id=201006
<rdar://problem/52053991>
Reviewed by Yusuke Suzuki.
We already ensured that it is not possible to overflow in Wasm::FunctionParser's
parse(). It is unnecessary and misleading to do those overflow checks in
AirIRGenerator and B3IRGenerator. The only check that is necessary is that
m_locals.tryReserveCapacity() is successful, otherwise, we have an out of memory
situation.
This patch changes these unnecessary checks to assertions instead.
* wasm/WasmAirIRGenerator.cpp:
(JSC::Wasm::AirIRGenerator::addLocal):
* wasm/WasmB3IRGenerator.cpp:
(JSC::Wasm::B3IRGenerator::addLocal):
* wasm/WasmValidate.cpp:
(JSC::Wasm::Validate::addLocal):
Commit: 97bdf5043a3ad2970e4a1851f0d0fc0002324648
https://github.com/WebKit/WebKit/commit/97bdf5043a3ad2970e4a1851f0d0fc0002324648
Author: Simon Fraser <simon.fraser at apple.com>
Date: 2019-08-29 (Thu, 29 Aug 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/rendering/RenderBox.h
M Source/WebCore/rendering/RenderLayer.cpp
M Source/WebCore/rendering/RenderView.cpp
M Source/WebCore/rendering/RenderView.h
Log Message:
-----------
Merge r249222 - Devirtualize RenderBox::visualOverflowRect()
https://bugs.webkit.org/show_bug.cgi?id=201231
Reviewed by Zalan Bujtas.
The only override of RenderBox::visualOverflowRect() was in RenderView, for "paintsEntireContents" views, and as
far as I can tell this is not necessary. visualOverflowRect() is hot when called from RenderLayer::localBoundingBox() --
this shows in profiles when scrolling large patch reviews, so making it non-virtual is a performance enhancement.
RenderLayer::localBoundingBox() can also just call visualOverflowRect(), since that returns borderBoxRect()
when there is no overflow.
* rendering/RenderBox.h:
(WebCore::RenderBox::visualOverflowRect const):
* rendering/RenderLayer.cpp:
(WebCore::performOverlapTests): Minor optimization to avoid a call to boundingBox().
(WebCore::RenderLayer::calculateClipRects const):
* rendering/RenderView.cpp:
(WebCore::RenderView::visualOverflowRect const): Deleted.
* rendering/RenderView.h:
Commit: 7b969b2eab0b837beb766cda0f0b92a4f49bad1a
https://github.com/WebKit/WebKit/commit/7b969b2eab0b837beb766cda0f0b92a4f49bad1a
Author: Ross Kirsling <ross.kirsling at sony.com>
Date: 2019-08-29 (Thu, 29 Aug 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/runtime/PropertySlot.h
M Source/WebCore/ChangeLog
M Source/WebCore/inspector/agents/WebConsoleAgent.h
M Source/WebCore/loader/ResourceLoadObserver.h
Log Message:
-----------
Merge r249223 - Unreviewed. Restabilize non-unified build.
Source/JavaScriptCore:
* runtime/PropertySlot.h:
Source/WebCore:
* inspector/agents/WebConsoleAgent.h:
* loader/ResourceLoadObserver.h:
Commit: 0f00e6af2c831316a8699e87bdb4a748a0aa1309
https://github.com/WebKit/WebKit/commit/0f00e6af2c831316a8699e87bdb4a748a0aa1309
Author: Mark Lam <mark.lam at apple.com>
Date: 2019-08-29 (Thu, 29 Aug 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/missing-exception-check-in-operationHasGenericProperty.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/dfg/DFGOperations.cpp
Log Message:
-----------
Merge r249225 - Placate exception check validation in DFG's operationHasGenericProperty().
https://bugs.webkit.org/show_bug.cgi?id=201245
<rdar://problem/54777512>
Reviewed by Robin Morisset.
JSTests:
* stress/missing-exception-check-in-operationHasGenericProperty.js: Added.
Source/JavaScriptCore:
* dfg/DFGOperations.cpp:
Commit: 070f064d41be971ce2991f060514e02e5f3f6905
https://github.com/WebKit/WebKit/commit/070f064d41be971ce2991f060514e02e5f3f6905
Author: Simon Fraser <simon.fraser at apple.com>
Date: 2019-08-29 (Thu, 29 Aug 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/rendering/PaintFrequencyTracker.h
Log Message:
-----------
Merge r249232 - PaintFrequencyTracker triggers too many calls to MonotonicTime::now() on layer painting
https://bugs.webkit.org/show_bug.cgi?id=201261
Reviewed by Zalan Bujtas.
MonotonicTime::now() shows up as expensive when painting layer-heavy content, because PaintFrequencyTracker
makes two calls per layer paint.
Halve the number of calls by storing m_lastPaintTime at the start of the paint; doing so doesn't substantially
change the behavior of the tracker.
* rendering/PaintFrequencyTracker.h:
(WebCore::PaintFrequencyTracker::begin):
(WebCore::PaintFrequencyTracker::end):
Commit: a714e1c9a04b5e26af6718cad94dbb8e20e0f679
https://github.com/WebKit/WebKit/commit/a714e1c9a04b5e26af6718cad94dbb8e20e0f679
Author: Simon Fraser <simon.fraser at apple.com>
Date: 2019-08-29 (Thu, 29 Aug 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/rendering/style/FillLayer.cpp
M Source/WebCore/rendering/style/FillLayer.h
Log Message:
-----------
Merge r249236 - Make FillLayer::hasImage() inline
https://bugs.webkit.org/show_bug.cgi?id=201265
Reviewed by Zalan Bujtas.
FillLayer::hasImage() shows up on profiles because it's called from hot functions like
isTransparent() and hasMask(), so make a basic inline version that doens't have
to walk the list.
* rendering/style/FillLayer.cpp:
(WebCore::FillLayer::hasImageInAnyLayer const):
(WebCore::FillLayer::hasImage const): Deleted.
* rendering/style/FillLayer.h:
(WebCore::FillLayer::hasImage const):
Commit: fc97ab0b95228c34a1925b908c069ae835ddfbfc
https://github.com/WebKit/WebKit/commit/fc97ab0b95228c34a1925b908c069ae835ddfbfc
Author: Devin Rousso <drousso at apple.com>
Date: 2019-08-29 (Thu, 29 Aug 2019)
Changed paths:
M Source/WebInspectorUI/ChangeLog
M Source/WebInspectorUI/UserInterface/Controllers/JavaScriptRuntimeCompletionProvider.js
M Source/WebInspectorUI/UserInterface/Models/CallFrame.js
Log Message:
-----------
Merge r249246 - Web Inspector: REGRESSION(r249078): JavaScript autocomplete doesn't work when evaluating properties of values
https://bugs.webkit.org/show_bug.cgi?id=201226
Reviewed by Joseph Pecoraro.
r249078 modified `WI.JavaScriptRuntimeCompletionProvider` to use arrays of property names
instead of objects for completion, but a few code paths were missed.
* UserInterface/Controllers/JavaScriptRuntimeCompletionProvider.js:
(WI.JavaScriptRuntimeCompletionProvider.prototype.completionControllerCompletionsNeeded.evaluated):
(WI.JavaScriptRuntimeCompletionProvider.prototype.completionControllerCompletionsNeeded.receivedPropertyNamesFromEvaluate):
(WI.JavaScriptRuntimeCompletionProvider.prototype.completionControllerCompletionsNeeded.receivedObjectPropertyNames): Added.
(WI.JavaScriptRuntimeCompletionProvider.prototype.completionControllerCompletionsNeeded.receivedArrayPropertyNames):
* UserInterface/Models/CallFrame.js:
(WI.CallFrame.prototype.collectScopeChainVariableNames):
(WI.CallFrame.prototype.collectScopeChainVariableNames.propertiesCollected):
Commit: f6fe054fa9799a3fa0557420b1a27b82d14950cb
https://github.com/WebKit/WebKit/commit/f6fe054fa9799a3fa0557420b1a27b82d14950cb
Author: Mark Lam <mark.lam at apple.com>
Date: 2019-08-29 (Thu, 29 Aug 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/structure-storedPrototype-should-only-assert-on-the-mutator-thread.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/dfg/DFGSpeculativeJIT.cpp
M Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp
M Source/JavaScriptCore/runtime/StructureInlines.h
Log Message:
-----------
Merge r249247 - DFG/FTL: We should prefetch structures and do a loadLoadFence before doing PrototypeChainIsSane checks.
https://bugs.webkit.org/show_bug.cgi?id=201281
<rdar://problem/54028228>
Reviewed by Yusuke Suzuki and Saam Barati.
JSTests:
* stress/structure-storedPrototype-should-only-assert-on-the-mutator-thread.js: Added.
Source/JavaScriptCore:
This (see title above) is already the preferred idiom used in most places in our
compiler, except for 2: DFG's SpeculativeJIT::compileGetByValOnString() and FTL's
compileStringCharAt(). Consider the following:
bool prototypeChainIsSane = false;
if (globalObject->stringPrototypeChainIsSane()) {
...
m_graph.registerAndWatchStructureTransition(globalObject->stringPrototype()->structure(vm()));
m_graph.registerAndWatchStructureTransition(globalObject->objectPrototype()->structure(vm()));
prototypeChainIsSane = globalObject->stringPrototypeChainIsSane();
}
What's essential for correctness here is that the stringPrototype and objectPrototype
structures be loaded before the loads in the second stringPrototypeChainIsSane()
check. Without a loadLoadFence before the second stringPrototypeChainIsSane()
check, we can't guarantee that. Elsewhere in the compiler, the preferred idiom
for doing this right is to pre-load the structures first, do a loadLoadFence, and
then do the IsSane check just once after e.g.
Structure* arrayPrototypeStructure = globalObject->arrayPrototype()->structure(m_vm);
Structure* objectPrototypeStructure = globalObject->objectPrototype()->structure(m_vm);
if (arrayPrototypeStructure->transitionWatchpointSetIsStillValid() // has loadLoadFences.
&& objectPrototypeStructure->transitionWatchpointSetIsStillValid() // has loadLoadFences.
&& globalObject->arrayPrototypeChainIsSane()) {
m_graph.registerAndWatchStructureTransition(arrayPrototypeStructure);
m_graph.registerAndWatchStructureTransition(objectPrototypeStructure);
...
}
This patch changes DFG's SpeculativeJIT::compileGetByValOnString() and FTL's
compileStringCharAt() to follow the same idiom.
We also fix a bad assertion in Structure::storedPrototype() and
Structure::storedPrototypeObject(). The assertion is only correct when those
methods are called from the mutator thread. The assertion has been updated to
only check its test condition if the current thread is the mutator thread.
* dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileGetByValOnString):
* ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileStringCharAt):
* runtime/StructureInlines.h:
(JSC::Structure::storedPrototype const):
(JSC::Structure::storedPrototypeObject const):
Commit: 99cf41be454e337da0284d2f8bbb5456d8b439b9
https://github.com/WebKit/WebKit/commit/99cf41be454e337da0284d2f8bbb5456d8b439b9
Author: Joseph Pecoraro <joepeck at webkit.org>
Date: 2019-08-29 (Thu, 29 Aug 2019)
Changed paths:
M Source/WebInspectorUI/ChangeLog
M Source/WebInspectorUI/UserInterface/Base/FileUtilities.js
Log Message:
-----------
Merge r249248 - Web Inspector: Import file pickers sometimes do not import
https://bugs.webkit.org/show_bug.cgi?id=201290
<rdar://problem/54826117>
Reviewed by Devin Rousso.
* UserInterface/Base/FileUtilities.js:
(WI.FileUtilities.importText):
(WI.FileUtilities.importJSON):
Keep the input element alive so it doesn't get garbage collected,
which makes the file chooser do nothing.
(WI.FileUtilities.save):
(WI.FileUtilities.async.readText):
Place read operations after event handlers are setup in case the
read operations can happen synchronously and events may not fire.
Commit: 3981c97536eb084bfef4f1bdaf8a3bb9978af7ef
https://github.com/WebKit/WebKit/commit/3981c97536eb084bfef4f1bdaf8a3bb9978af7ef
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-08-29 (Thu, 29 Aug 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/Modules/websockets/ThreadableWebSocketChannel.cpp
Log Message:
-----------
Merge r249252 - WebSockets: first-party for cookies not set in handshake request when using platform APIs
https://bugs.webkit.org/show_bug.cgi?id=200165
Reviewed by Youenn Fablet.
* Modules/websockets/ThreadableWebSocketChannel.cpp:
(WebCore::ThreadableWebSocketChannel::webSocketConnectRequest):
Commit: 50212bda696b58c621d943dd5047d1a557ca3b2b
https://github.com/WebKit/WebKit/commit/50212bda696b58c621d943dd5047d1a557ca3b2b
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-08-30 (Fri, 30 Aug 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/dom/StaticRange.h
M Source/WebCore/inspector/agents/WebConsoleAgent.cpp
M Source/WebCore/inspector/agents/WebConsoleAgent.h
Log Message:
-----------
Unreviewed build fix for ENABLE_UNIFIED_BUILDS=OFF.
No new tests needed.
* dom/StaticRange.h: Add missing inclusions of ExceptioOr.h and wtf/RefPtr.h.
* inspector/agents/WebConsoleAgent.cpp: Add missing inclusion of InspectorWebAgentBase.h.
* inspector/agents/WebConsoleAgent.h: Add forward declaration of the WebAgentContext struct.
Commit: a1c2a1ad50becbff90d34743691188109b6e3cc5
https://github.com/WebKit/WebKit/commit/a1c2a1ad50becbff90d34743691188109b6e3cc5
Author: Chris Dumez <cdumez at apple.com>
Date: 2019-09-02 (Mon, 02 Sep 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/Launcher/ProcessLauncher.cpp
M Source/WebKit/UIProcess/Launcher/ProcessLauncher.h
Log Message:
-----------
Merge r249274 - Use inline data member initialization in ProcessLauncher
https://bugs.webkit.org/show_bug.cgi?id=201247
Reviewed by Ryosuke Niwa.
* UIProcess/Launcher/ProcessLauncher.cpp:
(WebKit::ProcessLauncher::ProcessLauncher):
* UIProcess/Launcher/ProcessLauncher.h:
Commit: a8c0544d515959da0628a22512a1deb51a133012
https://github.com/WebKit/WebKit/commit/a8c0544d515959da0628a22512a1deb51a133012
Author: Charlie Turner <cturner at igalia.com>
Date: 2019-09-02 (Mon, 02 Sep 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h
Log Message:
-----------
Merge r249276 - [GStreamer] Do not use makeWeakPtr from streaming thread.
https://bugs.webkit.org/show_bug.cgi?id=201220
Reviewed by Xabier Rodriguez-Calvar.
Test: imported/w3c/web-platform-tests/encrypted-media/clearkey-mp4-playback-retrieve-persistent-license.https.html
Recently some asserts were added that you can't create WeakPtr's
from streaming threads when the factory is created on the
main-thread. The fix is to eagerly create the WeakPtr at player
initialization time, rather than lazily when the streaming thread
first asks for it.
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:
Commit: c2f700aea35e1b482700dbb9a96c30d7528718b5
https://github.com/WebKit/WebKit/commit/c2f700aea35e1b482700dbb9a96c30d7528718b5
Author: Mark Lam <mark.lam at apple.com>
Date: 2019-09-02 (Mon, 02 Sep 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/dfg/DFGByteCodeParser.cpp
Log Message:
-----------
Merge r249279 - Remove a bad assertion in ByteCodeParser::inlineCall().
https://bugs.webkit.org/show_bug.cgi?id=201292
<rdar://problem/54121659>
Reviewed by Michael Saboff.
In the DFG bytecode parser, we've already computed the inlining cost of a candidate
inlining target, and determine that it is worth inlining before invoking
ByteCodeParser::inlineCall(). However, in ByteCodeParser::inlineCall(), it
recomputes the inlining cost again only for the purpose of asserting that it isn't
too high.
Not consider a badly written test that does the following:
function bar() {
...
foo(); // Call in a hot loop here.
...
}
bar(); // <===== foo is inlineable into bar here.
noInline(foo); // <===== Change mind, and make foo not inlineable.
bar();
With this bad test, the following racy scenario can occur:
1. the first invocation of bar() gets hot, and a concurrent compile is kicked off.
2. the compiler thread computes foo()'s inliningCost() and determines that it is
worthy to be inlined, and will imminently call inlineCall().
3. the mutator calls the noInline() test utility on foo(), thereby making it NOT
inlineable.
4. the compiler thread calls inlineCall(). In inlineCall(), it re-computes the
inliningCost for foo() and now finds that it is not inlineable. An assertion
failure follows.
Technically, the test is in error because noInline() shouldn't be used that way.
However, fuzzers that are not clued into noInline()'s proper usage may generate
code like this.
On the other hand, ByteCodeParser::inlineCall() should not be recomputing that the
inlining cost and asserting on it. The only reason inlineCall() is invoked is
because it was already previously determined that a target function is inlineable
based on its inlining cost. Today, in practice, I don't think we have any real
world condition where the mutator can affect the inlining cost of a target
function midway through execution. So, this assertion isn't a problem if no one
writes a test that abuses noInline(). However, should things change such that the
mutator is able to affect the inlining cost of a target function, then it is
incorrect for the compiler to assume that the inlining cost is immutable. Once
the compiler decides to inline a function, it should just follow through.
This patch removes this assertion in ByteCodeParser::inlineCall(). It is an
annoyance at best (for fuzzers), and at worst, incorrect if the mutator gains the
ability to affect the inlining cost of a target function.
* dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::inlineCall):
Commit: 27ffd6122fa6c5aa6ebdeec1b3ddb2a0fc1d49aa
https://github.com/WebKit/WebKit/commit/27ffd6122fa6c5aa6ebdeec1b3ddb2a0fc1d49aa
Author: Chris Dumez <cdumez at apple.com>
Date: 2019-09-02 (Mon, 02 Sep 2019)
Changed paths:
M Source/WTF/ChangeLog
M Source/WTF/wtf/CompletionHandler.h
Log Message:
-----------
Merge r249280 - CompletionHandler default constructor does not initialize `m_wasConstructedOnMainThread`
https://bugs.webkit.org/show_bug.cgi?id=201249
Reviewed by Joseph Pecoraro and Alex Christensen.
* wtf/CompletionHandler.h:
(WTF::CompletionHandler<Out):
Commit: 28c2bf24db8f85618f66876764e477a1dc09baae
https://github.com/WebKit/WebKit/commit/28c2bf24db8f85618f66876764e477a1dc09baae
Author: Devin Rousso <drousso at apple.com>
Date: 2019-09-02 (Mon, 02 Sep 2019)
Changed paths:
M Source/WebInspectorUI/ChangeLog
M Source/WebInspectorUI/UserInterface/Views/BreakpointTreeElement.js
M Source/WebInspectorUI/UserInterface/Views/DOMBreakpointTreeElement.js
M Source/WebInspectorUI/UserInterface/Views/DOMNodeTreeElement.js
M Source/WebInspectorUI/UserInterface/Views/DebuggerSidebarPanel.js
M Source/WebInspectorUI/UserInterface/Views/EventBreakpointTreeElement.js
M Source/WebInspectorUI/UserInterface/Views/SourcesNavigationSidebarPanel.js
M Source/WebInspectorUI/UserInterface/Views/URLBreakpointTreeElement.js
Log Message:
-----------
Merge r249291 - Web Inspector: REGRESSION (r248873): Debugger: pressing delete on a breakpoint will also delete any resource/element parent immediately before it in the list
https://bugs.webkit.org/show_bug.cgi?id=200939
Reviewed by Joseph Pecoraro.
* UserInterface/Views/DebuggerSidebarPanel.js:
(WI.DebuggerSidebarPanel.prototype._breakpointTreeOutlineDeleteTreeElement):
(WI.DebuggerSidebarPanel.prototype._handleBreakpointElementAddedOrRemoved):
(WI.DebuggerSidebarPanel.prototype._breakpointTreeOutlineDeleteTreeElement.checkIfSelectionAdjustmentNeeded): Deleted.
* UserInterface/Views/SourcesNavigationSidebarPanel.js:
(WI.SourcesNavigationSidebarPanel):
(WI.SourcesNavigationSidebarPanel.prototype._handleBreakpointElementAddedOrRemoved):
(WI.SourcesNavigationSidebarPanel.this._breakpointsTreeOutline.ondelete.checkIfSelectionAdjustmentNeeded): Deleted.
When the `WI.TreeOutline`'s own `ondelete` is called, that means we must be handling a
delete that was _not_ handled by a `WI.TreeElement`. This means that the `selectedTreeElement`
has to be a resource/script, the `window` object, or one of the non-deletable breakpoints.
In the case of a non-deletable breakpoint, since they're never removed from their parent
`WI.TreeOutline`, we just shift the selection to the next selectable `WI.TreeElement`.
Otherwise, wait for the `WI.TreeOutline.Event.ElementRemoved` event to be fired, and adjust
the selection then based on whether the new `selectedTreeElement` is one of the "top" items,
namely the "All Exceptions", "Uncaught Exceptions", and "Assertion Failures" breakpoints.
* UserInterface/Views/BreakpointTreeElement.js:
(WI.BreakpointTreeElement.prototype.ondelete):
* UserInterface/Views/DOMBreakpointTreeElement.js:
(WI.DOMBreakpointTreeElement.prototype.ondelete):
* UserInterface/Views/DOMNodeTreeElement.js:
(WI.DOMNodeTreeElement.prototype.ondelete):
* UserInterface/Views/EventBreakpointTreeElement.js:
(WI.EventBreakpointTreeElement.prototype.ondelete):
* UserInterface/Views/URLBreakpointTreeElement.js:
(WI.URLBreakpointTreeElement.prototype.ondelete):
Add `return true;` to let the parent `WI.TreeOutline` know that the delete event was handled.
This prevents the parent `WI.TreeOutline`'s own `ondelete` from being called, which would
cause a double-delete as there would be a different `selectedTreeElement`.
Commit: ef1003bc1dd3262b3a76e91d64ee4bd668e5d73e
https://github.com/WebKit/WebKit/commit/ef1003bc1dd3262b3a76e91d64ee4bd668e5d73e
Author: Youenn Fablet <youennf at gmail.com>
Date: 2019-09-02 (Mon, 02 Sep 2019)
Changed paths:
M LayoutTests/imported/w3c/ChangeLog
A LayoutTests/imported/w3c/web-platform-tests/fonts/ahem.css
A LayoutTests/imported/w3c/web-platform-tests/infrastructure/assumptions/document-fonts-ready-expected.txt
A LayoutTests/imported/w3c/web-platform-tests/infrastructure/assumptions/document-fonts-ready.html
M Source/WebCore/ChangeLog
M Source/WebCore/css/CSSFontSelector.cpp
M Source/WebCore/css/CSSFontSelector.h
M Source/WebCore/css/FontFaceSet.cpp
M Source/WebCore/css/FontFaceSet.h
M Source/WebCore/dom/Document.cpp
Log Message:
-----------
Merge r249295 - document.fonts.ready is resolved too quickly
https://bugs.webkit.org/show_bug.cgi?id=174030
<rdar://problem/33083550>
Reviewed by Frédéric Wang.
LayoutTests/imported/w3c:
Test from https://github.com/web-platform-tests/wpt/pull/18489.
* web-platform-tests/fonts/ahem.css: Added.
(@font-face):
* web-platform-tests/infrastructure/assumptions/document-fonts-ready-expected.txt: Added.
* web-platform-tests/infrastructure/assumptions/document-fonts-ready.html: Added.
Source/WebCore:
As described in https://drafts.csswg.org/css-font-loading/#font-face-set-ready, the ready promise
is only fulfilled after layout operations complete and no additional font loads are necessary.
This patch implements this by notifying the FontFaceSet created for the document when the document
is finished loading. At that time, the promise will be resolved as soon as fonts are finished loading if any.
Test: imported/w3c/web-platform-tests/infrastructure/assumptions/document-fonts-ready.html
* css/CSSFontSelector.cpp:
(WebCore::CSSFontSelector::optionalFontFaceSet):
* css/CSSFontSelector.h:
* css/FontFaceSet.cpp:
(WebCore::FontFaceSet::FontFaceSet):
(WebCore::FontFaceSet::startedLoading):
(WebCore::FontFaceSet::didFirstLayout):
(WebCore::FontFaceSet::completedLoading):
* css/FontFaceSet.h:
* dom/Document.cpp:
(WebCore::Document::implicitClose):
Commit: 6b7b48affad4e87f2ec89ee5d1a8acb1a47de1d5
https://github.com/WebKit/WebKit/commit/6b7b48affad4e87f2ec89ee5d1a8acb1a47de1d5
Author: Devin Rousso <drousso at apple.com>
Date: 2019-09-02 (Mon, 02 Sep 2019)
Changed paths:
M LayoutTests/ChangeLog
M LayoutTests/inspector/unit-tests/array-utilities-expected.txt
M LayoutTests/inspector/unit-tests/array-utilities.html
M Source/WebInspectorUI/ChangeLog
M Source/WebInspectorUI/UserInterface/Base/Utilities.js
M Source/WebInspectorUI/UserInterface/Controllers/DOMDebuggerManager.js
M Source/WebInspectorUI/UserInterface/Controllers/JavaScriptRuntimeCompletionProvider.js
M Source/WebInspectorUI/UserInterface/Models/CSSCompletions.js
M Source/WebInspectorUI/UserInterface/Models/CSSKeywordCompletions.js
M Source/WebInspectorUI/UserInterface/Models/Canvas.js
M Source/WebInspectorUI/UserInterface/Models/DOMNodeStyles.js
M Source/WebInspectorUI/UserInterface/Models/TimelineRecording.js
M Source/WebInspectorUI/UserInterface/Protocol/RemoteObject.js
M Source/WebInspectorUI/UserInterface/Views/ConsoleMessageView.js
M Source/WebInspectorUI/UserInterface/Views/ContentBrowser.js
M Source/WebInspectorUI/UserInterface/Views/DOMTreeElement.js
M Source/WebInspectorUI/UserInterface/Views/DataGridNode.js
M Source/WebInspectorUI/UserInterface/Views/HeapAllocationsTimelineView.js
M Source/WebInspectorUI/UserInterface/Views/IndexedDatabaseObjectStoreContentView.js
M Source/WebInspectorUI/UserInterface/Views/NavigationItem.js
M Source/WebInspectorUI/UserInterface/Views/ObjectTreeView.js
M Source/WebInspectorUI/UserInterface/Views/OpenResourceDialog.js
M Source/WebInspectorUI/UserInterface/Views/OverviewTimelineView.js
M Source/WebInspectorUI/UserInterface/Views/ResourceCollectionContentView.js
M Source/WebInspectorUI/UserInterface/Views/ResourceHeadersContentView.js
M Source/WebInspectorUI/UserInterface/Views/ResourceSecurityContentView.js
M Source/WebInspectorUI/UserInterface/Views/ScriptClusterTimelineView.js
M Source/WebInspectorUI/UserInterface/Views/ScrubberNavigationItem.js
M Source/WebInspectorUI/UserInterface/Views/SpreadsheetStyleProperty.js
M Source/WebInspectorUI/UserInterface/Views/TreeOutline.js
M Source/WebInspectorUI/UserInterface/Views/View.js
Log Message:
-----------
Merge r249301 - Web Inspector: replace uses of `Array.prototype.concat` with `Array.prototype.push`
https://bugs.webkit.org/show_bug.cgi?id=201082
Reviewed by Joseph Pecoraro.
Source/WebInspectorUI:
`x = x.concat(y)` is very slow, as `x` has to be fully copied in order to add `y` to it.
Introduce `Array.prototype.pushIterable`, which iterates the given `iterable` and adds each
item to the `this` array.
* UserInterface/Controllers/DOMDebuggerManager.js:
(WI.DOMDebuggerManager.prototype.get domBreakpoints):
(WI.DOMDebuggerManager.prototype.domBreakpointsInSubtree):
* UserInterface/Controllers/JavaScriptRuntimeCompletionProvider.js:
(WI.JavaScriptRuntimeCompletionProvider.completionControllerCompletionsNeeded.receivedPropertyNames):
* UserInterface/Models/CSSCompletions.js:
(WI.CSSCompletions):
* UserInterface/Models/CSSKeywordCompletions.js:
(WI.CSSKeywordCompletions.forProperty):
(WI.CSSKeywordCompletions.forProperty.addKeywordsForName):
(WI.CSSKeywordCompletions.forFunction):
* UserInterface/Models/Canvas.js:
(WI.Canvas.prototype.recordingProgress):
* UserInterface/Models/DOMNodeStyles.js:
(WI.DOMNodeStyles.prototype._updateStyleCascade):
(WI.DOMNodeStyles.prototype._collectStylesInCascadeOrder):
* UserInterface/Models/TimelineRecording.js:
(WI.TimelineRecording.prototype.get sourceCodeTimelines):
(WI.TimelineRecording.prototype.initializeCallingContextTrees):
* UserInterface/Protocol/RemoteObject.js:
(WI.RemoteObject.prototype._getPropertyDescriptorsResolver):
* UserInterface/Views/ConsoleMessageView.js:
(WI.ConsoleMessageView.prototype._appendMessageTextAndArguments):
* UserInterface/Views/ContentBrowser.js:
(WI.ContentBrowser.prototype.get currentRepresentedObjects):
* UserInterface/Views/DOMTreeElement.js:
(WI.DOMTreeElement.prototype._visibleChildren):
* UserInterface/Views/DataGridNode.js:
(WI.DataGridNode.prototype.get filterableData):
* UserInterface/Views/HeapAllocationsTimelineView.js:
(WI.HeapAllocationsTimelineView.prototype.get selectionPathComponents):
* UserInterface/Views/IndexedDatabaseObjectStoreContentView.js:
(WI.IndexedDatabaseObjectStoreContentView.prototype._fetchMoreData.processEntries):
* UserInterface/Views/NavigationItem.js:
(WI.NavigationItem.prototype.get _classNames):
* UserInterface/Views/ObjectTreeView.js:
(WI.ObjectTreeView.prototype._updateProperties):
* UserInterface/Views/OpenResourceDialog.js:
(WI.OpenResourceDialog.prototype._addResourcesForFrame):
* UserInterface/Views/OverviewTimelineView.js:
(WI.OverviewTimelineView.prototype._loadExistingRecords):
* UserInterface/Views/ResourceCollectionContentView.js:
(WI.ResourceCollectionContentView.prototype.get navigationItems):
* UserInterface/Views/ResourceHeadersContentView.js:
(WI.ResourceHeadersContentView.prototype._perfomSearchOnKeyValuePairs):
* UserInterface/Views/ResourceSecurityContentView.js:
(WI.ResourceSecurityContentView.prototype._perfomSearchOnKeyValuePairs):
* UserInterface/Views/ScriptClusterTimelineView.js:
(WI.ScriptClusterTimelineView.prototype.get selectionPathComponents):
* UserInterface/Views/ScrubberNavigationItem.js:
(WI.ScrubberNavigationItem.prototype.get additionalClassNames):
* UserInterface/Views/SpreadsheetStyleProperty.js:
(WI.SpreadsheetStyleProperty.prototype._addGradientTokens):
(WI.SpreadsheetStyleProperty.prototype._addColorTokens.pushPossibleColorToken):
(WI.SpreadsheetStyleProperty.prototype._addTimingFunctionTokens):
(WI.SpreadsheetStyleProperty.prototype._addVariableTokens):
* UserInterface/Views/TreeOutline.js:
(WI.TreeOutline.prototype.selfOrDescendant):
* UserInterface/Views/View.js:
(WI.View._visitViewTreeForLayout):
LayoutTests:
* inspector/unit-tests/array-utilities.html:
* inspector/unit-tests/array-utilities-expected.txt:
Add tests for added utility `Array.prototype.pushIterable`.
Commit: cd4d41376f7dd262cf2f01c92a74f1fcf9b28e4f
https://github.com/WebKit/WebKit/commit/cd4d41376f7dd262cf2f01c92a74f1fcf9b28e4f
Author: Alex Christensen <achristensen at webkit.org>
Date: 2019-09-02 (Mon, 02 Sep 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/NetworkProcess/NetworkSession.cpp
M Source/WebKit/NetworkProcess/cache/NetworkCache.cpp
M Source/WebKit/NetworkProcess/cache/NetworkCache.h
M Source/WebKit/NetworkProcess/cache/NetworkCacheSpeculativeLoad.cpp
Log Message:
-----------
Merge r249303 - Speculative loads should use the NetworkSession owning their Cache
https://bugs.webkit.org/show_bug.cgi?id=201314
Patch by Alex Christensen <achristensen at webkit.org> on 2019-08-29
Reviewed by Chris Dumez.
This provides a performance improvement when using non-default persistent WKWebsiteDataStores.
* NetworkProcess/NetworkSession.cpp:
(WebKit::NetworkSession::NetworkSession):
* NetworkProcess/cache/NetworkCache.cpp:
(WebKit::NetworkCache::Cache::open):
(WebKit::NetworkCache::Cache::Cache):
* NetworkProcess/cache/NetworkCache.h:
(WebKit::NetworkCache::Cache::sessionID const):
* NetworkProcess/cache/NetworkCacheSpeculativeLoad.cpp:
(WebKit::NetworkCache::SpeculativeLoad::SpeculativeLoad):
Commit: 310ca748ea75518c44892781f7628e502581c20d
https://github.com/WebKit/WebKit/commit/310ca748ea75518c44892781f7628e502581c20d
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-09-02 (Mon, 02 Sep 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/object-allocation-sinking-interpretation-can-interpret-edges-that-can-be-proven-unreachable-in-ai.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/dfg/DFGObjectAllocationSinkingPhase.cpp
Log Message:
-----------
Merge r249306 - [JSC] ObjectAllocationSinkingPhase wrongly deals with always-taken branches during interpretation
https://bugs.webkit.org/show_bug.cgi?id=198650
Reviewed by Saam Barati.
JSTests:
* stress/object-allocation-sinking-interpretation-can-interpret-edges-that-can-be-proven-unreachable-in-ai.js:
(main.v0):
(main):
Source/JavaScriptCore:
Object Allocation Sinking phase has a lightweight abstract interpreter which interprets DFG nodes related to allocations and properties.
This interpreter is lightweight since it does not track abstract values and conditions as deeply as AI does. It can happen that this
interpreter interpret the control-flow edge that AI proved that is never taken.
AI already knows some control-flow edges are never taken, and based on this information, AI can remove CheckStructure nodes. But
ObjectAllocationSinking phase can trace this never-taken edges and propagate structure information that contradicts to the analysis
done in ObjectAllocationSinking.
Let's see the example.
BB#0
35: NewObject([%AM:Object])
...
47: Branch(ConstantTrue, T:#1, F:#2)
BB#1 // This basic block is never taken due to @47's jump.
...
71: PutByOffset(@35, @66, id2{a}, 0, W:NamedProperties(2))
72: PutStructure(@35, %AM:Object -> %Dx:Object, ID:60066)
...
XX: Jump(#2)
BB#2
...
92: CheckStructure(@35, [%Dx:Object])
93: PutByOffset(@35, @35, id2{a}, 0, W:NamedProperties(2))
...
AI removes @92 because AI knows BB#0 only takes BB#1 branch. @35's Structure is always %Dx so @92 is redundant.
AI proved that @71 and @72 are always executed while BB#0 -> BB#2 edge is never taken so that @35 object's structure is proven at @92.
After AI removes @92, ObjectAllocationSinking starts looking into this graph.
BB#0
35: NewObject([%AM:Object])
...
47: Branch(ConstantTrue, T:#1, F:#2)
BB#1 // This basic block is never taken due to @47's jump.
...
71: PutByOffset(@35, @66, id2{a}, 0, W:NamedProperties(2))
72: PutStructure(@35, %AM:Object -> %Dx:Object, ID:60066)
...
XX: Jump(#2)
BB#2
...
93: PutByOffset(@35, @35, id2{a}, 0, W:NamedProperties(2))
...
YY: Jump(#3)
BB#3
...
ZZ: <HERE> want to materialize @35's sunk object.
Since AI does not change the @47 Branch to Jump (it is OK anyway), BB#0 -> BB#2 edge remains and ObjectAllocationSinking phase propagates information in
BB#0's %AM structure information to BB#2. ObjectAllocationSinking phase converts @35 to PhantomNewObject, removes PutByOffset and PutStructure, and
insert MaterializeNewObject in @ZZ. At this point, ObjectAllocationSinking lightweight interpreter gets two structures while AI gets one: @35's original
one (%AM) and @72's replaced one (%Dx). Since AI already proved @ZZ only gets %Dx, AI removed @92 CheckStructure. But this is not known to ObjectAllocationSinking
phase's interpretation. So when creating recovery data, MultiPutByOffset includes two structures, %AM and %Dx. This is OK since MultiPutByOffset takes
conservative set of structures and performs switching. But the problem here is that %AM's id2{a} offset is -1 since %AM does not have such a property.
So when creating MultiPutByOffset in ObjectAllocationSinking, we accidentally create MultiPutByOffset with -1 offset data, and lowering phase hits the debug
assertion.
187: MultiPutByOffset(@138, @138, id2{a}, <Replace: [%AM:Object], offset = -1, >, <Replace: [%Dx:Object], offset = 0, >)
This bug is harmless since %AM structure comparison never meets at runtime. But we are not considering the case including `-1` offset property in MultiPutByOffset data.
In this patch, we just filter out apparently wrong structures when creating MultiPutByOffset in ObjectAllocationSinking. This is OK since it never comes at runtime.
* dfg/DFGObjectAllocationSinkingPhase.cpp:
Commit: 3891c46ddb00fba84b578d83dfe317949005d537
https://github.com/WebKit/WebKit/commit/3891c46ddb00fba84b578d83dfe317949005d537
Author: Timothy Hatcher <timothy at apple.com>
Date: 2019-09-02 (Mon, 02 Sep 2019)
Changed paths:
M LayoutTests/ChangeLog
M LayoutTests/editing/pasteboard/paste-without-nesting-expected.txt
M LayoutTests/editing/pasteboard/paste-without-nesting.html
M Source/WebCore/ChangeLog
M Source/WebCore/editing/ReplaceSelectionCommand.cpp
Log Message:
-----------
Merge r249307 - Copying and pasting two paragraphs with a newline between them results in stray paragraph with newline inside.
https://bugs.webkit.org/show_bug.cgi?id=201306
Reviewed by Wenson Hsieh.
Source/WebCore:
Test: editing/pasteboard/paste-without-nesting.html
* editing/ReplaceSelectionCommand.cpp:
(WebCore::ReplaceSelectionCommand::moveNodeOutOfAncestor): Consider the ancestor node safe to remove
if there is no rendered text inside, not just if there are any child nodes.
LayoutTests:
* editing/pasteboard/paste-without-nesting-expected.txt: Updated results.
* editing/pasteboard/paste-without-nesting.html: Added new test case.
Commit: c6d542753e2af921e5af3ceff19a7c2ca4acddfb
https://github.com/WebKit/WebKit/commit/c6d542753e2af921e5af3ceff19a7c2ca4acddfb
Author: Simon Fraser <simon.fraser at apple.com>
Date: 2019-09-02 (Mon, 02 Sep 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/rendering/RenderElement.cpp
M Source/WebCore/rendering/RenderLayer.cpp
M Source/WebCore/rendering/RenderView.h
Log Message:
-----------
Merge r249309 - Avoid running the outline painting phase if no renderers have outlines
https://bugs.webkit.org/show_bug.cgi?id=201284
Reviewed by Said Abou-Hallawa.
The outline painting phase (paintOutlineForFragments()) can take up to 20% of the painting time
even when there are no outlines. Keep track of which renderers have outlines, and only run the phase
when printing (for hasOutlineAnnotation()) or if there are any renderers with outlines.
* rendering/RenderElement.cpp:
(WebCore::RenderElement::styleWillChange):
(WebCore::RenderElement::styleDidChange):
(WebCore::RenderElement::willBeDestroyed):
* rendering/RenderLayer.cpp:
(WebCore::RenderLayer::paintLayerContents):
* rendering/RenderView.h:
Commit: 454339268c0f790e87f802d3888d95d582daef70
https://github.com/WebKit/WebKit/commit/454339268c0f790e87f802d3888d95d582daef70
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-09-02 (Mon, 02 Sep 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/repatch-switch.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/jit/Repatch.cpp
Log Message:
-----------
Merge r249310 - [JSC] Repatch should construct CallCases and CasesValue at the same time
https://bugs.webkit.org/show_bug.cgi?id=201325
Reviewed by Saam Barati.
JSTests:
* stress/repatch-switch.js: Added.
(main.f2.f0):
(main.f2.f3):
(main.f2.f1):
(main.f2):
(main):
Source/JavaScriptCore:
In linkPolymorphicCall, we should create callCases and casesValue at the same time to assert `callCases.size() == casesValue.size()`.
If the call variant is isClosureCall and InternalFunction, we skip adding it to casesValue. So we should not add this variant to callCases too.
* jit/Repatch.cpp:
(JSC::linkPolymorphicCall):
Commit: ce4139513e20a6767f3d36b9ef6bee5e59b952e6
https://github.com/WebKit/WebKit/commit/ce4139513e20a6767f3d36b9ef6bee5e59b952e6
Author: Chris Dumez <cdumez at apple.com>
Date: 2019-09-02 (Mon, 02 Sep 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/Modules/indexeddb/server/IDBServer.cpp
M Source/WebCore/Modules/indexeddb/server/IDBServer.h
M Source/WebCore/Modules/indexeddb/server/SQLiteIDBBackingStore.cpp
M Source/WebCore/Modules/indexeddb/server/SQLiteIDBBackingStore.h
M Source/WebCore/Modules/webdatabase/Database.cpp
M Source/WebCore/Modules/webdatabase/Database.h
M Source/WebCore/Modules/webdatabase/DatabaseTracker.cpp
M Source/WebCore/Modules/webdatabase/SQLError.h
M Source/WebCore/Modules/webdatabase/SQLError.idl
M Source/WebCore/Modules/webdatabase/SQLTransaction.cpp
M Source/WebCore/inspector/agents/InspectorDatabaseAgent.cpp
M Source/WebCore/workers/service/server/RegistrationDatabase.cpp
M Source/WebCore/workers/service/server/RegistrationDatabase.h
M Source/WebKit/ChangeLog
M Source/WebKit/NetworkProcess/Classifier/ResourceLoadStatisticsPersistentStorage.cpp
M Source/WebKit/NetworkProcess/Classifier/ResourceLoadStatisticsPersistentStorage.h
M Source/WebKit/NetworkProcess/cache/NetworkCache.cpp
M Source/WebKit/NetworkProcess/cache/NetworkCache.h
M Source/WebKit/NetworkProcess/cache/NetworkCacheBlobStorage.cpp
M Source/WebKit/NetworkProcess/cache/NetworkCacheBlobStorage.h
M Source/WebKit/NetworkProcess/cache/NetworkCacheStorage.cpp
M Source/WebKit/NetworkProcess/cache/NetworkCacheStorage.h
Log Message:
-----------
Merge r249313 - Add "IsolatedCopy" in the name of String getters that call isolatedCopy() on the string
https://bugs.webkit.org/show_bug.cgi?id=201318
Reviewed by Alex Christensen.
Add "IsolatedCopy" in the name of String getters that call isolatedCopy() on the string, for clarity.
Source/WebCore:
* Modules/indexeddb/server/IDBServer.cpp:
(WebCore::IDBServer::IDBServer::createBackingStore):
(WebCore::IDBServer::IDBServer::performGetAllDatabaseNames):
(WebCore::IDBServer::IDBServer::removeDatabasesModifiedSinceForVersion):
(WebCore::IDBServer::IDBServer::performCloseAndDeleteDatabasesModifiedSince):
(WebCore::IDBServer::IDBServer::removeDatabasesWithOriginsForVersion):
(WebCore::IDBServer::IDBServer::performCloseAndDeleteDatabasesForOrigins):
(WebCore::IDBServer::IDBServer::computeSpaceUsedForOrigin):
(WebCore::IDBServer::IDBServer::upgradeFilesIfNecessary):
* Modules/indexeddb/server/IDBServer.h:
(WebCore::IDBServer::IDBServer::databaseDirectoryPathIsolatedCopy const):
* Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:
(WebCore::IDBServer::SQLiteIDBBackingStore::fullDatabaseDirectoryWithUpgrade):
(WebCore::IDBServer::SQLiteIDBBackingStore::databasesSizeForOrigin const):
(WebCore::IDBServer::SQLiteIDBBackingStore::deleteBackingStore):
* Modules/indexeddb/server/SQLiteIDBBackingStore.h:
(WebCore::IDBServer::SQLiteIDBBackingStore::databaseRootDirectoryIsolatedCopy const):
* Modules/webdatabase/Database.cpp:
(WebCore::Database::markAsDeletedAndClose):
(WebCore::Database::stringIdentifierIsolatedCopy const):
(WebCore::Database::displayNameIsolatedCopy const):
(WebCore::Database::expectedVersionIsolatedCopy const):
(WebCore::Database::fileNameIsolatedCopy const):
(WebCore::Database::details const):
(WebCore::Database::didCommitWriteTransaction):
(WebCore::Database::didExceedQuota):
* Modules/webdatabase/Database.h:
* Modules/webdatabase/DatabaseTracker.cpp:
(WebCore::DatabaseTracker::maximumSize):
(WebCore::DatabaseTracker::doneCreatingDatabase):
(WebCore::DatabaseTracker::addOpenDatabase):
(WebCore::DatabaseTracker::removeOpenDatabase):
* Modules/webdatabase/SQLError.h:
(WebCore::SQLError::messageIsolatedCopy const):
* Modules/webdatabase/SQLError.idl:
* Modules/webdatabase/SQLTransaction.cpp:
(WebCore::SQLTransaction::openTransactionAndPreflight):
* workers/service/server/RegistrationDatabase.cpp:
(WebCore::RegistrationDatabase::openSQLiteDatabase):
(WebCore::RegistrationDatabase::clearAll):
* workers/service/server/RegistrationDatabase.h:
(WebCore::RegistrationDatabase::databaseDirectoryIsolatedCopy const):
Source/WebKit:
* NetworkProcess/Classifier/ResourceLoadStatisticsPersistentStorage.cpp:
(WebKit::ResourceLoadStatisticsPersistentStorage::storageDirectoryPathIsolatedCopy const):
(WebKit::ResourceLoadStatisticsPersistentStorage::resourceLogFilePath const):
(WebKit::ResourceLoadStatisticsPersistentStorage::monitorDirectoryForNewStatistics):
* NetworkProcess/Classifier/ResourceLoadStatisticsPersistentStorage.h:
* NetworkProcess/cache/NetworkCacheBlobStorage.cpp:
(WebKit::NetworkCache::BlobStorage::blobDirectoryPathIsolatedCopy const):
(WebKit::NetworkCache::BlobStorage::synchronize):
(WebKit::NetworkCache::BlobStorage::blobPathForHash const):
* NetworkProcess/cache/NetworkCacheBlobStorage.h:
* NetworkProcess/cache/NetworkCacheStorage.cpp:
(WebKit::NetworkCache::Storage::basePathIsolatedCopy const):
(WebKit::NetworkCache::Storage::versionPath const):
(WebKit::NetworkCache::Storage::recordsPathIsolatedCopy const):
(WebKit::NetworkCache::Storage::synchronize):
(WebKit::NetworkCache::Storage::recordDirectoryPathForKey const):
(WebKit::NetworkCache::Storage::traverse):
(WebKit::NetworkCache::Storage::clear):
(WebKit::NetworkCache::Storage::shrink):
(WebKit::NetworkCache::Storage::deleteOldVersions):
* NetworkProcess/cache/NetworkCacheStorage.h:
Commit: abf5f0e6dfd38717102b08a1bddcb94e3fefe221
https://github.com/WebKit/WebKit/commit/abf5f0e6dfd38717102b08a1bddcb94e3fefe221
Author: Sihui Liu <sihui_liu at apple.com>
Date: 2019-09-02 (Mon, 02 Sep 2019)
Changed paths:
M LayoutTests/ChangeLog
M LayoutTests/platform/gtk/TestExpectations
M LayoutTests/platform/ios-wk2/TestExpectations
M LayoutTests/platform/mac-wk2/TestExpectations
M Source/WebCore/ChangeLog
M Source/WebCore/Modules/indexeddb/IDBTransaction.cpp
Log Message:
-----------
Merge r249316 - [wk2] LayoutTest imported/w3c/web-platform-tests/IndexedDB/fire-error-event-exception.html is a flaky failure
https://bugs.webkit.org/show_bug.cgi?id=169621
Reviewed by Alex Christensen.
Source/WebCore:
Event handlers of IDB objects were called in unexpected order because of race, which made the console messages
in the tests come out of order.
Usually, an operation/request result is handled as follows:
1. IDBServer sends IDBResultData to IDBClient.
2. IDBClient receives IDBResultData and finishes a IDBTransaction operation with that result.
3. IDBTransaction schedules operation completed timer.
4. (Some time later) Timer fires, and IDBTransaction completes a request with the result and dispatches event.
5. (Some time later) IDBTransaction is notified that event is dispatched. If there are other results received,
IDBTransaction schedules operation completed timer.
In previous implementation, if the IDBClient received a second IDBResultData for the same IDBTransaction between
step 3 and step 4, it would not schedule timer because timer was still active; if it received the result between
step 4 and step 5, it would schedule timer again.
Consider a flow like this:
result1 of transaction1 received, timer of transaction1 scheduled
result2 of transaction2 received, timer of transaction2 scheduled
result3 of transaction1 is received, timer of transaction1 active so no scheduling
timer of transaction1 fired, event1 to be dispatched to request1
timer of transaction2 fired, event2 to be dispatched to request2
result4 of transaction2 received, timer of transaction2 scheduled
event1 dispatched, timer of transaction1 scheduled (for handling result3)
event2 dispatched, timer of transaction2 active so no scheduling
timer of transaction2 fired, event3 to dispatch to request4
timer of transaction1 fired, event4 to dispatch to request3
request4 would get event before request3, though result3 was received before result4. We should stop scheduling
event if an IDBTransaction is in between step 4 and 5, which means its m_currentlyCompletingRequest is not null.
* Modules/indexeddb/IDBTransaction.cpp:
(WebCore::IDBTransaction::operationCompletedOnServer):
LayoutTests:
Update test expectations to PASS.
* platform/gtk/TestExpectations:
* platform/ios-wk2/TestExpectations:
* platform/mac-wk2/TestExpectations:
Commit: d94f84a7deda679be33c56e5f750c8e1a466433e
https://github.com/WebKit/WebKit/commit/d94f84a7deda679be33c56e5f750c8e1a466433e
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-09-02 (Mon, 02 Sep 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/setter-inlining-resulting-bad-cell-result-virtual-register-should-be-invalid.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/dfg/DFGByteCodeParser.cpp
Log Message:
-----------
Merge r249317 - [JSC] DFG inlining CheckBadCell slow path does not assume result VirtualRegister can be invalid
https://bugs.webkit.org/show_bug.cgi?id=201332
Reviewed by Mark Lam.
JSTests:
This test is very flaky, it is hard to reproduce.
* stress/setter-inlining-resulting-bad-cell-result-virtual-register-should-be-invalid.js: Added.
(code):
Source/JavaScriptCore:
When inlining setter calls in DFG, result VirtualRegister becomes invalid one. While other call-related DFG code correctly assumes
that `result` may be invalid, only CheckBadCell slow path missed this case. Since this is OSR exit path and VirtualRegister result
does not exist, set BottomValue only when "result" is valid as the other DFG code is doing.
* dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::handleInlining):
Commit: f9d936c4025524822ab31cdb6474d45aee0f2a72
https://github.com/WebKit/WebKit/commit/f9d936c4025524822ab31cdb6474d45aee0f2a72
Author: Philippe Normand <pnormand at igalia.com>
Date: 2019-09-02 (Mon, 02 Sep 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/API/wpe/qt/WPEQtView.h
M Tools/ChangeLog
M Tools/MiniBrowser/wpe/qt/main.qml
M Tools/Scripts/webkitpy/style/checker.py
Log Message:
-----------
Merge r249318 - [WPE][Qt] loadingChanged signal parameter is unusable
https://bugs.webkit.org/show_bug.cgi?id=201301
Reviewed by Carlos Garcia Campos.
Source/WebKit:
* UIProcess/API/wpe/qt/WPEQtView.h: Explicitely name signal
parameter. It is a runtime requirement for QML.
Tools:
* MiniBrowser/wpe/qt/main.qml: Add a basic loadingChange signal handler.
* Scripts/webkitpy/style/checker.py: White-list WPEQtView.h for
readablity/parameter_name code styl checker rule.
Commit: 18ec646e5f442a4fc8e1c1ed6ff059badabffd20
https://github.com/WebKit/WebKit/commit/18ec646e5f442a4fc8e1c1ed6ff059badabffd20
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-09-02 (Mon, 02 Sep 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/simple-jump-table-copy.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/bytecode/CodeBlock.h
M Source/JavaScriptCore/bytecode/JumpTable.h
M Source/JavaScriptCore/dfg/DFGByteCodeParser.cpp
Log Message:
-----------
Merge r249319 - [JSC] DFG ByteCodeParser should not copy JIT-related part of SimpleJumpTable
https://bugs.webkit.org/show_bug.cgi?id=201331
Reviewed by Mark Lam.
JSTests:
* stress/simple-jump-table-copy.js: Added.
(let.code):
(g2):
Source/JavaScriptCore:
SimpleJumpTable's non-JIT part is not changed after CodeBlock is finalized well. On the other hand, JIT related part is allocated on-demand.
For example, ctiOffsets can be grown by Baseline JIT compiler. There is race condition as follows.
1. DFG ByteCodeParser is inlining and copying SimpleJumpTable
2. Baseline JIT compiler is expanding JIT-related part of SimpleJumpTable
Then, (1) reads the broken Vector, and crashes. Since JIT-related part is unnecessary in (1), we should not clone that.
This patch adds CodeBlock::addSwitchJumpTableFromProfiledCodeBlock, which only copies non JIT-related part of the given SimpleJumpTable offered
by profiled CodeBlock.
* bytecode/CodeBlock.h:
(JSC::CodeBlock::addSwitchJumpTableFromProfiledCodeBlock):
* bytecode/JumpTable.h:
(JSC::SimpleJumpTable::cloneNonJITPart const):
(JSC::SimpleJumpTable::clear):
* dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::InlineStackEntry::InlineStackEntry):
Commit: 32c9e3315cab42b1b82ab1a32d64becbc12d8a64
https://github.com/WebKit/WebKit/commit/32c9e3315cab42b1b82ab1a32d64becbc12d8a64
Author: Charlie Turner <cturner at igalia.com>
Date: 2019-09-02 (Mon, 02 Sep 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h
M Source/WebCore/platform/graphics/gstreamer/eme/WebKitCommonEncryptionDecryptorGStreamer.cpp
Log Message:
-----------
Merge r249321 - [GStreamer] Do not ref the player count from background threads.
https://bugs.webkit.org/show_bug.cgi?id=201222
Reviewed by Xabier Rodriguez-Calvar.
Test: imported/w3c/web-platform-tests/encrypted-media/clearkey-mp4-playback-retrieve-persistent-license.https.html
In the sync-message handler, a ref() was being taken waiting for a
CDM instance to be attached. This hits asserts since you are not
allowed to ref() an object created on the main thread
(BasePlayer) on a background thread.
The protection condition was overly scoped, tidied up the locking
and made it more granular. To avoid needing to hold a ref() in the
background thread, use instead a semaphore to signal when a CDM
instance is attached, or the player has been destroyed.
Also remove an erroneous safe-guard, the operator= in
isCDMInstanceAvailable will ref() the CDMInstance for us. This use
of holding a reference to CDMInstance in the decryptors is not
thread-safe, and now we have a problem since there's no clean way
to communicate with CDMInstance from background threads without
being thread unsafe. For ClearKey and Widevine, a thread safe
ProxyCDM needs to be designed and passed to background
threads (upcoming patch).
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
(WebCore::MediaPlayerPrivateGStreamerBase::~MediaPlayerPrivateGStreamerBase):
(WebCore::MediaPlayerPrivateGStreamerBase::handleSyncMessage):
(WebCore::MediaPlayerPrivateGStreamerBase::cdmInstanceAttached):
(WebCore::MediaPlayerPrivateGStreamerBase::cdmInstanceDetached):
(WebCore::MediaPlayerPrivateGStreamerBase::handleProtectionEvent):
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:
* platform/graphics/gstreamer/eme/WebKitCommonEncryptionDecryptorGStreamer.cpp:
(isCDMInstanceAvailable):
Commit: 46dcad0614b04de3ffb8a9d5a028cb72506537b8
https://github.com/WebKit/WebKit/commit/46dcad0614b04de3ffb8a9d5a028cb72506537b8
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-09-02 (Mon, 02 Sep 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/API/glib/WebKitUserContentManager.cpp
M Source/WebKit/UIProcess/API/gtk/WebKitUserContentManager.h
M Source/WebKit/UIProcess/API/gtk/docs/webkit2gtk-4.0-sections.txt
M Source/WebKit/UIProcess/API/wpe/WebKitUserContentManager.h
M Source/WebKit/UIProcess/API/wpe/docs/wpe-1.0-sections.txt
M Tools/ChangeLog
M Tools/TestWebKitAPI/Tests/WebKitGLib/TestWebKitUserContentManager.cpp
Log Message:
-----------
Merge r249324 - [WPE][GTK] New API to remove a filter from an user content manager given its identifier
https://bugs.webkit.org/show_bug.cgi?id=200479
Reviewed by Carlos Garcia Campos.
Source/WebKit:
* UIProcess/API/glib/WebKitUserContentManager.cpp:
(webkit_user_content_manager_remove_filter_by_id): Add new public API function.
* UIProcess/API/gtk/WebKitUserContentManager.h: Add declaration for
webkit_user_content_manager_remove_filter_by_id().
* UIProcess/API/gtk/docs/webkit2gtk-4.0-sections.txt: List new function.
* UIProcess/API/wpe/WebKitUserContentManager.h: Add declaration for
webkit_user_content_manager_remove_filter_by_id().
* UIProcess/API/wpe/docs/wpe-1.0-sections.txt: List new function.
Tools:
* TestWebKitAPI/Tests/WebKitGLib/TestWebKitUserContentManager.cpp:
(testUserContentManagerContentFilter): Test also the new
webkit_user_content_manager_remove_filter_by_id() public API function.
Commit: 51889bec799f5af59ade0a41544c9334a4d13f5e
https://github.com/WebKit/WebKit/commit/51889bec799f5af59ade0a41544c9334a4d13f5e
Author: Alicia Boya Garcia <aboya at igalia.com>
Date: 2019-09-02 (Mon, 02 Sep 2019)
Changed paths:
M LayoutTests/ChangeLog
M LayoutTests/platform/gtk/TestExpectations
M LayoutTests/platform/wpe/TestExpectations
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/gstreamer/mse/AppendPipeline.cpp
M Source/WebCore/platform/graphics/gstreamer/mse/AppendPipeline.h
Log Message:
-----------
Merge r249325 - [MSE][GStreamer] Gracefully fail on invalid non-first initialization segment
https://bugs.webkit.org/show_bug.cgi?id=201322
Reviewed by Xabier Rodriguez-Calvar.
Source/WebCore:
In normal operation of AppendPipeline, except during tear down,
qtdemux never removes a pad. Even if a new initialization segment is
appended, the pad is reused.
There is an exception though: when the new initialization segment has
an incompatible set of tracks. This is invalid under the MSE spec and
should produce an error, but in this case this was making an assertion
fail -- in particular by sending an EOS to the to-be-removed pad, which
AppendPipeline doesn't expect.
This patch changes the assertion with graceful error handling for that
error.
Fixes media/media-source/media-source-seek-detach-crash.html
* platform/graphics/gstreamer/mse/AppendPipeline.cpp:
(WebCore::AppendPipeline::AppendPipeline):
(WebCore::AppendPipeline::handleErrorConditionFromStreamingThread):
(WebCore::AppendPipeline::handleErrorSyncMessage):
* platform/graphics/gstreamer/mse/AppendPipeline.h:
LayoutTests:
* platform/gtk/TestExpectations:
* platform/wpe/TestExpectations:
Commit: a9c3c1358a79e3850e2650cb474c8924ec5509b6
https://github.com/WebKit/WebKit/commit/a9c3c1358a79e3850e2650cb474c8924ec5509b6
Author: Alicia Boya Garcia <aboya at igalia.com>
Date: 2019-09-02 (Mon, 02 Sep 2019)
Changed paths:
M LayoutTests/imported/w3c/ChangeLog
A LayoutTests/imported/w3c/web-platform-tests/media-source/mediasource-replay-expected.txt
A LayoutTests/imported/w3c/web-platform-tests/media-source/mediasource-replay.html
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp
Log Message:
-----------
Merge r249332 - [MSE][GStreamer] Replaying the video should update currentTime
https://bugs.webkit.org/show_bug.cgi?id=201307
Reviewed by Xabier Rodriguez-Calvar.
LayoutTests/imported/w3c:
* web-platform-tests/media-source/mediasource-replay-expected.txt: Added.
* web-platform-tests/media-source/mediasource-replay.html: Added.
Source/WebCore:
While writing a test to confirm that https://bugs.webkit.org/show_bug.cgi?id=190050
has indeed been fixed I noticed a non-conformity: when the video has
ended, right after calling .play() for a second playback currentTime
did not return zero, but the video duration.
This turned to be due to the m_isEndReached flag not being reseted on
seeks (replaying a video incurs in a seek done from multi-platform
code).
Test: imported/w3c/web-platform-tests/media-source/mediasource-replay.html
* platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp:
(WebCore::MediaPlayerPrivateGStreamerMSE::seek):
Commit: e1dd206757238178c0aa659e4c1e6334f14f8ec6
https://github.com/WebKit/WebKit/commit/e1dd206757238178c0aa659e4c1e6334f14f8ec6
Author: Sihui Liu <sihui_liu at apple.com>
Date: 2019-09-02 (Mon, 02 Sep 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/Modules/indexeddb/server/IDBBackingStore.h
M Source/WebCore/Modules/indexeddb/server/IDBServer.cpp
M Source/WebCore/Modules/indexeddb/server/IDBServer.h
M Source/WebCore/Modules/indexeddb/server/MemoryIDBBackingStore.cpp
M Source/WebCore/Modules/indexeddb/server/MemoryIDBBackingStore.h
M Source/WebCore/Modules/indexeddb/server/SQLiteIDBBackingStore.cpp
M Source/WebCore/Modules/indexeddb/server/SQLiteIDBBackingStore.h
M Source/WebCore/Modules/indexeddb/server/UniqueIDBDatabase.cpp
M Source/WebCore/Modules/indexeddb/server/UniqueIDBDatabase.h
Log Message:
-----------
Merge r249333 - IndexedDB: update size of database when database operation is completed
https://bugs.webkit.org/show_bug.cgi?id=201057
Reviewed by Youenn Fablet.
Currently when a database operation was completed, we re-computed the disk usage of the origin. This computation
listed all databases in the origin directory and read the size of each database file, which was very inefficient
because the completed operation should only affect one database.
This patch makes UniqueIDBDatabase keep track of database size and reports size change to QuotaUser.
Tested PerformanceTests/IndexedDB/basic/objectstore-add.html on release build minibrowser. This change makes
the test over 50% faster.
* Modules/indexeddb/server/IDBBackingStore.h:
* Modules/indexeddb/server/IDBServer.cpp:
(WebCore::IDBServer::IDBServer::QuotaUser::increaseSpaceUsed):
(WebCore::IDBServer::IDBServer::QuotaUser::decreaseSpaceUsed):
(WebCore::IDBServer::IDBServer::computeSpaceUsedForOrigin):
(WebCore::IDBServer::IDBServer::increaseSpaceUsed):
(WebCore::IDBServer::IDBServer::decreaseSpaceUsed):
(WebCore::IDBServer::IDBServer::setSpaceUsed): Deleted.
* Modules/indexeddb/server/IDBServer.h:
* Modules/indexeddb/server/MemoryIDBBackingStore.cpp:
(WebCore::IDBServer::MemoryIDBBackingStore::databaseSize const):
(WebCore::IDBServer::MemoryIDBBackingStore::close):
(WebCore::IDBServer::MemoryIDBBackingStore::databasesSizeForOrigin const): Deleted.
* Modules/indexeddb/server/MemoryIDBBackingStore.h:
* Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:
(WebCore::IDBServer::SQLiteIDBBackingStore::databasesSizeForDirectory):
(WebCore::IDBServer::SQLiteIDBBackingStore::databaseSize const):
(WebCore::IDBServer::SQLiteIDBBackingStore::close):
(WebCore::IDBServer::SQLiteIDBBackingStore::databasesSizeForFolder): Deleted.
(WebCore::IDBServer::SQLiteIDBBackingStore::databasesSizeForOrigin const): Deleted.
* Modules/indexeddb/server/SQLiteIDBBackingStore.h:
* Modules/indexeddb/server/UniqueIDBDatabase.cpp:
(WebCore::IDBServer::UniqueIDBDatabase::deleteBackingStore):
(WebCore::IDBServer::UniqueIDBDatabase::shutdownForClose):
(WebCore::IDBServer::UniqueIDBDatabase::didShutdownForClose):
(WebCore::IDBServer::UniqueIDBDatabase::didDeleteBackingStore):
(WebCore::IDBServer::UniqueIDBDatabase::openBackingStore):
(WebCore::IDBServer::UniqueIDBDatabase::didOpenBackingStore):
(WebCore::IDBServer::UniqueIDBDatabase::postDatabaseTaskReply):
(WebCore::IDBServer::UniqueIDBDatabase::updateSpaceUsedIfNeeded):
* Modules/indexeddb/server/UniqueIDBDatabase.h:
Commit: 8c00bcd1ccaf11692d532838cbe8b68088b0f579
https://github.com/WebKit/WebKit/commit/8c00bcd1ccaf11692d532838cbe8b68088b0f579
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-09-02 (Mon, 02 Sep 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/ensure-new-register-allocated.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/bytecompiler/BytecodeGenerator.cpp
M Source/JavaScriptCore/bytecompiler/BytecodeGenerator.h
M Source/JavaScriptCore/parser/Nodes.h
Log Message:
-----------
Merge r249337 - [JSC] Generate new.target register only when it is used
https://bugs.webkit.org/show_bug.cgi?id=201335
Reviewed by Mark Lam.
JSTests:
* stress/ensure-new-register-allocated.js: Added.
(shouldBe):
(basic):
(arrow):
(Base):
(Derived):
(evaluate):
Source/JavaScriptCore:
Since bytecode generator knows whether new.target register can be used, we should emit and use new.target register
only when it is actually required.
* bytecompiler/BytecodeGenerator.cpp:
(JSC::BytecodeGenerator::BytecodeGenerator):
* bytecompiler/BytecodeGenerator.h:
(JSC::BytecodeGenerator::newTarget):
* parser/Nodes.h:
(JSC::ScopeNode::needsNewTargetRegisterForThisScope const):
Commit: c9e34da7d0f11a59c1f2b3110a3aac19c4a0f414
https://github.com/WebKit/WebKit/commit/c9e34da7d0f11a59c1f2b3110a3aac19c4a0f414
Author: Alex Christensen <achristensen at apple.com>
Date: 2019-09-02 (Mon, 02 Sep 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/WebProcessCache.cpp
M Source/WebKit/UIProcess/WebProcessPool.cpp
Log Message:
-----------
Merge r249341 - Allow process cache to cache processes when using a non-default persistent WebsiteDataStore
https://bugs.webkit.org/show_bug.cgi?id=201329
Reviewed by Chris Dumez.
Treat all persistent sessions the same when deciding whether to clear all cached web processes using a particular website data store.
This removes a huge performance regression on warm plt when switching to using a non-default persistent session.
I also removed a call to removeSession which is redundant with the one in the WebsiteDataStore destructor, which is where it should be.
* UIProcess/WebProcessCache.cpp:
(WebKit::WebProcessCache::canCacheProcess const):
* UIProcess/WebProcessPool.cpp:
(WebKit::WebProcessPool::pageBeginUsingWebsiteDataStore):
(WebKit::WebProcessPool::pageEndUsingWebsiteDataStore):
Commit: 99abbd8d22e2ee878f36c2195ae9de9b00bb7050
https://github.com/WebKit/WebKit/commit/99abbd8d22e2ee878f36c2195ae9de9b00bb7050
Author: Mark Lam <mark.lam at apple.com>
Date: 2019-09-02 (Mon, 02 Sep 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/heap/SlotVisitor.cpp
Log Message:
-----------
Merge r249345 - Fix a bug in SlotVisitor::reportZappedCellAndCrash() and also capture more information.
https://bugs.webkit.org/show_bug.cgi?id=201345
Reviewed by Yusuke Suzuki.
This patch fixes a bug where SlotVisitor::reportZappedCellAndCrash() was using
the wrong pointer for capture the cell headerWord and zapReason. As a result,
we get junk for those 2 values.
Previously, we were only capturing the upper 32-bits of the cell header slot,
and the lower 32-bit of the next slot in the zapped cell. We now capture the
full 64-bits of both slots. If the second slot did not contain a zapReason as we
expect, the upper 32-bits might give us a clue as to what type of value the slot
contains.
This patch also adds capturing of the found MarkedBlock address for the zapped
cell, as well as some state bit values.
* heap/SlotVisitor.cpp:
(JSC::SlotVisitor::reportZappedCellAndCrash):
Commit: 82b44df364d3f854c484f962dd413c1d9daaecf3
https://github.com/WebKit/WebKit/commit/82b44df364d3f854c484f962dd413c1d9daaecf3
Author: Simon Fraser <simon.fraser at apple.com>
Date: 2019-09-02 (Mon, 02 Sep 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/rendering/RenderLayer.cpp
Log Message:
-----------
Merge r249352 - Minor optimization in determineNonLayerDescendantsPaintedContent()
https://bugs.webkit.org/show_bug.cgi?id=201352
Reviewed by Antti Koivisto.
It's cheaper to call renderText.hasRenderedText() than renderText.linesBoundingBox(), because
the latter has to traverse all the InlineTextBoxes. This code path is fairly hot when
scrolling twitter feeds, since it's called from RenderLayer::updateLayerPositionsAfterScroll()
which calls RenderLayer::isVisuallyNonEmpty().
* rendering/RenderLayer.cpp:
(WebCore::RenderLayer::calculateClipRects const):
Commit: 84dd3ad19b6892eb2b81c09a1808e701c469503c
https://github.com/WebKit/WebKit/commit/84dd3ad19b6892eb2b81c09a1808e701c469503c
Author: Frédéric Wang <fwang at igalia.com>
Date: 2019-09-02 (Mon, 02 Sep 2019)
Changed paths:
M LayoutTests/ChangeLog
M LayoutTests/TestExpectations
M LayoutTests/imported/w3c/ChangeLog
A LayoutTests/imported/w3c/web-platform-tests/fonts/math/fraction-denominatordisplaystyleshiftdown6000-axisheight1000-rulethickness1000.woff
A LayoutTests/imported/w3c/web-platform-tests/fonts/math/fraction-denominatorshiftdown3000-axisheight1000-rulethickness1000.woff
A LayoutTests/imported/w3c/web-platform-tests/fonts/math/fraction-numeratordisplaystyleshiftup2000-axisheight1000-rulethickness1000.woff
A LayoutTests/imported/w3c/web-platform-tests/fonts/math/fraction-numeratorshiftup11000-axisheight1000-rulethickness1000.woff
A LayoutTests/imported/w3c/web-platform-tests/fonts/math/stack-bottomdisplaystyleshiftdown5000-axisheight1000.woff
A LayoutTests/imported/w3c/web-platform-tests/fonts/math/stack-bottomshiftdown6000-axisheight1000.woff
A LayoutTests/imported/w3c/web-platform-tests/fonts/math/stack-topdisplaystyleshiftup3000-axisheight1000.woff
A LayoutTests/imported/w3c/web-platform-tests/fonts/math/stack-topshiftup9000-axisheight1000.woff
M LayoutTests/imported/w3c/web-platform-tests/mathml/presentation-markup/fractions/frac-parameters-1.html
M LayoutTests/imported/w3c/web-platform-tests/mathml/presentation-markup/fractions/frac-parameters-2-expected.txt
M LayoutTests/imported/w3c/web-platform-tests/mathml/presentation-markup/fractions/frac-parameters-2.html
A LayoutTests/imported/w3c/web-platform-tests/mathml/support/feature-detection.js
M LayoutTests/platform/win/mathml/presentation/roots-expected.txt
M Source/WebCore/ChangeLog
M Source/WebCore/rendering/mathml/RenderMathMLFraction.cpp
M Source/WebCore/rendering/mathml/RenderMathMLFraction.h
Log Message:
-----------
Merge r249360 - Fix interpretation of fraction shifts
https://bugs.webkit.org/show_bug.cgi?id=201242
Patch by Frederic Wang <fwang at igalia.com> on 2019-08-31
Reviewed by Rob Buis.
LayoutTests/imported/w3c:
Update tests and support files for fractions/stacks parameters.
* web-platform-tests/mathml/presentation-markup/fractions/frac-parameters-2-expected.txt:
Update expectation now that AxisHeight is no longer involved in stacks.
* web-platform-tests/fonts/math/fraction-denominatordisplaystyleshiftdown6000-axisheight1000-rulethickness1000.woff: Added.
* web-platform-tests/fonts/math/fraction-denominatorshiftdown3000-axisheight1000-rulethickness1000.woff: Added.
* web-platform-tests/fonts/math/fraction-numeratordisplaystyleshiftup2000-axisheight1000-rulethickness1000.woff: Added.
* web-platform-tests/fonts/math/fraction-numeratorshiftup11000-axisheight1000-rulethickness1000.woff: Added.
* web-platform-tests/fonts/math/stack-bottomdisplaystyleshiftdown5000-axisheight1000.woff: Added.
* web-platform-tests/fonts/math/stack-bottomshiftdown6000-axisheight1000.woff: Added.
* web-platform-tests/fonts/math/stack-topdisplaystyleshiftup3000-axisheight1000.woff: Added.
* web-platform-tests/fonts/math/stack-topshiftup9000-axisheight1000.woff: Added.
* web-platform-tests/mathml/presentation-markup/fractions/frac-parameters-1.html:
* web-platform-tests/mathml/presentation-markup/fractions/frac-parameters-2.html:
* web-platform-tests/mathml/support/feature-detection.js: Added.
(MathMLFeatureDetection.has_mspace):
(MathMLFeatureDetection.has_operator_spacing):
(MathMLFeatureDetection.has_mfrac):
(MathMLFeatureDetection.has_msqrt):
(MathMLFeatureDetection.has_menclose):
(MathMLFeatureDetection.has_dir):
(MathMLFeatureDetection.ensure_for_match_reftest):
Source/WebCore:
In fractions, numerator/denominator shifts are currently interpreted relative to the math
axis while they should be relative to the baseline [1]. This patch refactors the
RenderMathMLFraction to do that and aligns more on MathML Core [2] [3]. This fixes serious
rendering bugs in fractions.
[1] https://github.com/mathml-refresh/mathml/issues/123
[2] https://mathml-refresh.github.io/mathml-core/#fraction-with-nonzero-line-thickness
[3] https://mathml-refresh.github.io/mathml-core/#fraction-with-zero-line-thickness
No new tests, existing tests updated.
* rendering/mathml/RenderMathMLFraction.h: ascentOverHorizontalAxis() is replaced with
fractionAscent() which gives the actual baseline position rather than the math axis position.
fractionParameters() and stackParameters() are modified so that they only return the shifts,
now stored in a shared FractionParameters struct.
* rendering/mathml/RenderMathMLFraction.cpp:
(WebCore::RenderMathMLFraction::fractionParameters const): Store existing parameters in local
variables and perform adjustments to the shift values so that the minimal gap constraints
are satisfied. Return them as a FractionParameters.
(WebCore::RenderMathMLFraction::stackParameters const): Ditto.
(WebCore::RenderMathMLFraction::fractionAscent const): This calculates the ascent above
the baseline as described in [2] [3] and replaces ascentOverHorizontalAxis. To minimize
changeset, this continues to ignore contribution of denominator size and not to distinguish
ink or non-ink metrics.
(WebCore::RenderMathMLFraction::layoutBlock): The position of the denominator is now just
calculated as a shift from the baseline. The height is given by the bottom of the
denominator. The old "ascent + mathAxisHeight() + denominatorDescent" does not make any
sense.
(WebCore::RenderMathMLFraction::paint): Use fractionAscent() instead of
ascentOverHorizontalAxis().
(WebCore::RenderMathMLFraction::firstLineBaseline const): Ditto.
LayoutTests:
* TestExpectations: Skip mathml/presentation/stretchy-depth-height-symmetric.html since it
cannot work in a reliable way and should be rewritten. Equivalent checks seem essentially
covered by WPT test mathml/presentation-markup/operators/mo-axis-height-1.html.
See bug 201356.
* platform/win/mathml/presentation/roots-expected.txt: Update windows expectation.
Commit: 2f2ed8f085e616d3ca489f31c6fb83898eb2161c
https://github.com/WebKit/WebKit/commit/2f2ed8f085e616d3ca489f31c6fb83898eb2161c
Author: Rob Buis <rbuis at igalia.com>
Date: 2019-09-02 (Mon, 02 Sep 2019)
Changed paths:
M LayoutTests/ChangeLog
M LayoutTests/http/tests/xmlhttprequest/supported-xml-content-types-expected.txt
M LayoutTests/http/tests/xmlhttprequest/supported-xml-content-types.html
M LayoutTests/imported/w3c/ChangeLog
M LayoutTests/imported/w3c/web-platform-tests/xhr/responsexml-media-type-expected.txt
M Source/WebCore/ChangeLog
M Source/WebCore/xml/XMLHttpRequest.cpp
Log Message:
-----------
Merge r249361 - XMLHttpRequest: responseXML returns null if the Content-Type is valid (end in +xml) in some cases
https://bugs.webkit.org/show_bug.cgi?id=46146
Patch by Rob Buis <rbuis at igalia.com> on 2019-08-31
Reviewed by Youenn Fablet.
LayoutTests/imported/w3c:
Updated expected result.
* web-platform-tests/xhr/responsexml-media-type-expected.txt:
Source/WebCore:
Make response MIME type fallback to text/xml in case mimeType could
not be extracted [1] and use the stricter ParsedContentType for that.
Behavior matches Firefox.
Test: web-platform-tests/xhr/responsexml-media-type.htm
[1] https://xhr.spec.whatwg.org/#response-mime-type
* xml/XMLHttpRequest.cpp:
(WebCore::XMLHttpRequest::responseMIMEType const):
LayoutTests:
Adjust test to match the specification: make response MIME type fallback to
text/xml in case mimeType could not be extracted.
Behavior matches Firefox.
* http/tests/xmlhttprequest/supported-xml-content-types-expected.txt:
* http/tests/xmlhttprequest/supported-xml-content-types.html:
Commit: 9ee4e2bfeb05a2e335e2f0d27e63571491341fe0
https://github.com/WebKit/WebKit/commit/9ee4e2bfeb05a2e335e2f0d27e63571491341fe0
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-09-02 (Mon, 02 Sep 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/llint/LowLevelInterpreter.asm
Log Message:
-----------
Merge r249362 - [JSC] LLInt op should not emit the same code three times
https://bugs.webkit.org/show_bug.cgi?id=201370
Reviewed by Mark Lam.
LLInt op macro (not llintOp macro) is used to generate some stub code like llint_program_prologue.
But now it generates the same code three times for narrow, wide16, and wide32. We should emit code only once.
* llint/LowLevelInterpreter.asm:
Commit: 76d4247a3f598da9a35818c4d6ed3b40f4a00152
https://github.com/WebKit/WebKit/commit/76d4247a3f598da9a35818c4d6ed3b40f4a00152
Author: Mark Lam <mark.lam at apple.com>
Date: 2019-09-02 (Mon, 02 Sep 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/bytecode/CodeBlock.cpp
Log Message:
-----------
Merge r249365 - Speculative build fix for ARMv7 and MIPS.
https://bugs.webkit.org/show_bug.cgi?id=201389
Not reviewed.
* bytecode/CodeBlock.cpp:
(JSC::CodeBlock::jettison):
Commit: 4a42ac632b1f40f719744405d0eaee3190c273d9
https://github.com/WebKit/WebKit/commit/4a42ac632b1f40f719744405d0eaee3190c273d9
Author: Said Abou-Hallawa <sabouhallawa at apple.com>
Date: 2019-09-02 (Mon, 02 Sep 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/fast/images/decode-non-bitmap-image-resolve-expected.txt
A LayoutTests/fast/images/decode-non-bitmap-image-resolve.html
A LayoutTests/fast/images/resources/green-100x100.svg
M LayoutTests/imported/w3c/ChangeLog
M LayoutTests/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-img-element/decode/image-decode-picture-expected.txt
M Source/WebCore/ChangeLog
M Source/WebCore/loader/ImageLoader.cpp
M Source/WebCore/loader/ImageLoader.h
Log Message:
-----------
Merge r249367 - HTMLImageElement::decode() should return a resolved promise for decoding non bitmap images
https://bugs.webkit.org/show_bug.cgi?id=201243
Patch by Said Abou-Hallawa <sabouhallawa at apple.com> on 2019-09-01
Reviewed by Youenn Fablet.
LayoutTests/imported/w3c:
* web-platform-tests/html/semantics/embedded-content/the-img-element/decode/image-decode-picture-expected.txt:
Source/WebCore:
The specs: https://html.spec.whatwg.org/multipage/embedded-content.html#dom-img-decode
states that, decode() should resolve the pending promise if the decoding
was requested for a non bitmap image.
Test: fast/images/decode-non-bitmap-image-resolve.html
* loader/ImageLoader.cpp:
(WebCore::resolveDecodePromises):
(WebCore::rejectDecodePromises):
(WebCore::ImageLoader::notifyFinished):
(WebCore::ImageLoader::decode):
(WebCore::ImageLoader::decodeError): Deleted.
* loader/ImageLoader.h:
(WebCore::ImageLoader::hasPendingDecodePromises const):
LayoutTests:
* fast/images/decode-non-bitmap-image-resolve-expected.txt: Added.
* fast/images/decode-non-bitmap-image-resolve.html: Added.
* fast/images/resources/green-100x100.svg: Added.
Commit: 0e88506083903a38bddddb442611d78498f645fa
https://github.com/WebKit/WebKit/commit/0e88506083903a38bddddb442611d78498f645fa
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-09-02 (Mon, 02 Sep 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/b3/testb3_8.cpp
Log Message:
-----------
Merge r249370 - [JSC] Fix testb3 debug failures
https://bugs.webkit.org/show_bug.cgi?id=201382
Reviewed by Mark Lam.
Fix testb3 debug failures due to incorrect types of operations like pointer + int32.
* b3/testb3_8.cpp:
(testByteCopyLoop):
(testByteCopyLoopStartIsLoopDependent):
(testByteCopyLoopBoundIsLoopDependent):
Commit: 119a53fb1888d659c787f8ca9df1f65d24a554a1
https://github.com/WebKit/WebKit/commit/119a53fb1888d659c787f8ca9df1f65d24a554a1
Author: Yusuke Suzuki <ysuzuki at apple.com>
Date: 2019-09-02 (Mon, 02 Sep 2019)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/bytecode/BytecodeList.rb
M Source/JavaScriptCore/bytecode/BytecodeUseDef.h
M Source/JavaScriptCore/bytecompiler/BytecodeGenerator.cpp
M Source/JavaScriptCore/bytecompiler/BytecodeGenerator.h
M Source/JavaScriptCore/dfg/DFGByteCodeParser.cpp
M Source/JavaScriptCore/dfg/DFGCapabilities.cpp
M Source/JavaScriptCore/jit/JIT.cpp
M Source/JavaScriptCore/jit/JIT.h
M Source/JavaScriptCore/jit/JITOpcodes.cpp
M Source/JavaScriptCore/jit/JITOpcodes32_64.cpp
M Source/JavaScriptCore/llint/LowLevelInterpreter.asm
M Source/JavaScriptCore/llint/LowLevelInterpreter32_64.asm
M Source/JavaScriptCore/llint/LowLevelInterpreter64.asm
M Source/JavaScriptCore/runtime/CommonSlowPaths.cpp
M Source/JavaScriptCore/runtime/CommonSlowPaths.h
Log Message:
-----------
Merge r249372 - [JSC] Merge op_check_traps into op_enter and op_loop_hint
https://bugs.webkit.org/show_bug.cgi?id=201373
Reviewed by Mark Lam.
This patch removes op_check_traps. Previously we were conditionally emitting op_check_traps based on Options and Platform configurations.
But now we are always emitting op_check_traps. So it is not necessary to have separate bytecode as op_check_traps. We can do checking in
op_enter and op_loop_hint.
While this patch moves check_traps implementation to op_enter and op_loop_hint, we keep separate DFG nodes (CheckTraps or InvalidationPoint),
since inserted nodes are different based on configurations and options. And emitting multiple DFG nodes from one bytecode is easy.
We also inline op_enter's slow path's write-barrier emission in LLInt.
* bytecode/BytecodeList.rb:
* bytecode/BytecodeUseDef.h:
(JSC::computeUsesForBytecodeOffset):
(JSC::computeDefsForBytecodeOffset):
* bytecompiler/BytecodeGenerator.cpp:
(JSC::BytecodeGenerator::BytecodeGenerator):
(JSC::BytecodeGenerator::emitLoopHint):
(JSC::BytecodeGenerator::emitCheckTraps): Deleted.
* bytecompiler/BytecodeGenerator.h:
* dfg/DFGByteCodeParser.cpp:
(JSC::DFG::ByteCodeParser::handleRecursiveTailCall):
(JSC::DFG::ByteCodeParser::parseBlock):
* dfg/DFGCapabilities.cpp:
(JSC::DFG::capabilityLevel):
* jit/JIT.cpp:
(JSC::JIT::privateCompileMainPass):
(JSC::JIT::privateCompileSlowCases):
(JSC::JIT::emitEnterOptimizationCheck): Deleted.
* jit/JIT.h:
* jit/JITOpcodes.cpp:
(JSC::JIT::emit_op_loop_hint):
(JSC::JIT::emitSlow_op_loop_hint):
(JSC::JIT::emit_op_enter):
(JSC::JIT::emitSlow_op_enter):
(JSC::JIT::emit_op_check_traps): Deleted.
(JSC::JIT::emitSlow_op_check_traps): Deleted.
* jit/JITOpcodes32_64.cpp:
(JSC::JIT::emit_op_enter): Deleted.
* llint/LowLevelInterpreter.asm:
* llint/LowLevelInterpreter32_64.asm:
* llint/LowLevelInterpreter64.asm:
* runtime/CommonSlowPaths.cpp:
* runtime/CommonSlowPaths.h:
Commit: 929a5cc77257fa06fcc9983d753f87759b57a913
https://github.com/WebKit/WebKit/commit/929a5cc77257fa06fcc9983d753f87759b57a913
Author: Fujii Hironori <Hironori.Fujii at sony.com>
Date: 2019-09-02 (Mon, 02 Sep 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/Shared/cairo/ShareableBitmapCairo.cpp
Log Message:
-----------
Merge r249375 - [Cairo] out-of-bounds read in ShareableBitmap::paint if a fractional device scale factor is used
https://bugs.webkit.org/show_bug.cgi?id=196340
Reviewed by Brent Fulgham.
In ShareableBitmap::paint, srcRectScaled can be out-of-bounds of
the surface if a fractional device scale factor is used.
* Shared/cairo/ShareableBitmapCairo.cpp:
(WebKit::ShareableBitmap::paint): Use cairoSurfaceSetDeviceScale
to set a device scale factor to the surface instead of multiplying
srcRect with a device scale factor.
Commit: 0f908fa4a69259e8b2eeb57932db826f15224289
https://github.com/WebKit/WebKit/commit/0f908fa4a69259e8b2eeb57932db826f15224289
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-09-03 (Tue, 03 Sep 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/API/glib/WebKitWebContext.cpp
M Source/WebKit/UIProcess/API/gtk/WebKitWebContext.h
M Source/WebKit/UIProcess/API/wpe/WebKitWebContext.h
M Tools/ChangeLog
M Tools/MiniBrowser/gtk/main.c
M Tools/TestWebKitAPI/Tests/WebKitGLib/TestMultiprocess.cpp
Log Message:
-----------
Merge r249419 - [WPE][GTK] Deprecate nonfunctional process limit APIs
https://bugs.webkit.org/show_bug.cgi?id=193749
Reviewed by Žan Doberšek.
Source/WebKit:
* UIProcess/API/glib/WebKitWebContext.cpp:
(webkitWebContextConstructed):
(webkit_web_context_set_process_model):
(webkit_web_context_get_process_model):
(webkit_web_context_set_web_process_count_limit):
(webkit_web_context_get_web_process_count_limit):
* UIProcess/API/gtk/WebKitWebContext.h:
* UIProcess/API/wpe/WebKitWebContext.h:
Tools:
* MiniBrowser/gtk/main.c:
(main):
* TestWebKitAPI/Tests/WebKitGLib/TestMultiprocess.cpp:
(beforeAll):
(testWebProcessLimit): Deleted.
Commit: 50f30d04e96b5f6a3f8f9bea839dd3d464bf723c
https://github.com/WebKit/WebKit/commit/50f30d04e96b5f6a3f8f9bea839dd3d464bf723c
Author: Carlos Garcia Campos <carlosgc at webkit.org>
Date: 2019-09-03 (Tue, 03 Sep 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/API/glib/WebKitWebContext.cpp
Log Message:
-----------
Unreviewed. Add an env var to force single process model
WEBKIT_USE_SINGLE_WEB_PROCESS=1 can now be used to force the single process model. This is a temporary solution
for applications still depending on the single process mode behavior. It will be only available in 2.26 series.
* UIProcess/API/glib/WebKitWebContext.cpp:
(webkitWebContextConstructed):
Commit: 6cbfc2a9b4ce4413eea093363a9933502eaab43b
https://github.com/WebKit/WebKit/commit/6cbfc2a9b4ce4413eea093363a9933502eaab43b
Author: Carlos Garcia Campos <carlosgc at webkit.org>
Date: 2019-09-03 (Tue, 03 Sep 2019)
Changed paths:
M ChangeLog
M Source/WebKit/ChangeLog
M Source/WebKit/gtk/NEWS
M Source/cmake/OptionsGTK.cmake
Log Message:
-----------
Unreviewed. Update OptionsGTK.cmake and NEWS for 2.25.92 release
.:
* Source/cmake/OptionsGTK.cmake: Bump version numbers
Source/WebKit:
* gtk/NEWS: Add release notes for 2.25.92.
Commit: 78b398d41639a2143b2e6f91cda0f8f01729e662
https://github.com/WebKit/WebKit/commit/78b398d41639a2143b2e6f91cda0f8f01729e662
Author: Carlos Garcia Campos <carlosgc at webkit.org>
Date: 2019-09-06 (Fri, 06 Sep 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/Shared/WebPreferencesDefaultValues.h
Log Message:
-----------
Unreviewed. Disable PSON in GTK port
There are some issues causing problems in applications.
* Shared/WebPreferencesDefaultValues.h:
Commit: 1a51c33bf8ae5a862e3344a4e801c03a1e261186
https://github.com/WebKit/WebKit/commit/1a51c33bf8ae5a862e3344a4e801c03a1e261186
Author: Christian Kirbach <Christian.Kirbach at googlemail.com>
Date: 2019-09-09 (Mon, 09 Sep 2019)
Changed paths:
M Source/WebCore/platform/gtk/po/ChangeLog
M Source/WebCore/platform/gtk/po/de.po
Log Message:
-----------
Merged r249634 - Updated German translation
https://bugs.webkit.org/show_bug.cgi?id=201582
Patch by Christian Kirbach <Christian.Kirbach at googlemail.com> on 2019-09-07
Rubber-stamped by Adrian Perez de Castro.
* de.po:
Commit: ae6f8c3d321ef596cbf9249b27c6d0dc26ed9ce9
https://github.com/WebKit/WebKit/commit/ae6f8c3d321ef596cbf9249b27c6d0dc26ed9ce9
Author: Rafael Fontenelle <rafaelff at gnome.org>
Date: 2019-09-09 (Mon, 09 Sep 2019)
Changed paths:
M Source/WebCore/platform/gtk/po/ChangeLog
M Source/WebCore/platform/gtk/po/pt_BR.po
Log Message:
-----------
Merged r249633 - [l10n] [pt_BR] Updated Brazilian Portuguese translation
https://bugs.webkit.org/show_bug.cgi?id=201592
Patch by Rafael Fontenelle <rafaelff at gnome.org> on 2019-09-09
Rubber-stamped by Carlos Garcia Campos.
* pt_BR.po:
Commit: 8012ac0bfe0064e92df8c89359f9fa539d1bf188
https://github.com/WebKit/WebKit/commit/8012ac0bfe0064e92df8c89359f9fa539d1bf188
Author: Patrick Griffis <pgriffis at igalia.com>
Date: 2019-09-09 (Mon, 09 Sep 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp
Log Message:
-----------
Merge r249487 - [WPE][GTK] Fix sandbox parsing DISPLAY on X11
https://bugs.webkit.org/show_bug.cgi?id=201462
Reviewed by Michael Catanzaro.
On some setups the DISPLAY env var was incorrectly parsed.
* UIProcess/Launcher/glib/BubblewrapLauncher.cpp:
(WebKit::bindX11):
Commit: a1f59075691bf1bc05a8bc1c7043b9eb5116432a
https://github.com/WebKit/WebKit/commit/a1f59075691bf1bc05a8bc1c7043b9eb5116432a
Author: Patrick Griffis <pgriffis at igalia.com>
Date: 2019-09-09 (Mon, 09 Sep 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/Launcher/glib/ProcessLauncherGLib.cpp
Log Message:
-----------
Merge r249569 - [GTK][WPE] Do not enable the sandbox in Snap
https://bugs.webkit.org/show_bug.cgi?id=201486
Reviewed by Carlos Garcia Campos.
Running inside of Snap adds its own complications and is simply
not supported for now.
Also update isInsideFlatpak() for consistency.
* UIProcess/Launcher/glib/ProcessLauncherGLib.cpp:
(WebKit::isInsideFlatpak):
(WebKit::isInsideSnap):
(WebKit::ProcessLauncher::launchProcess):
Commit: 863f08f36cce512ca0c37947e99708f80df0d4e4
https://github.com/WebKit/WebKit/commit/863f08f36cce512ca0c37947e99708f80df0d4e4
Author: Carlos Garcia Campos <carlosgc at webkit.org>
Date: 2019-09-09 (Mon, 09 Sep 2019)
Changed paths:
M ChangeLog
M Source/WebKit/ChangeLog
M Source/WebKit/gtk/NEWS
M Source/cmake/OptionsGTK.cmake
Log Message:
-----------
Unreviewed. Update OptionsGTK.cmake and NEWS for 2.26.0 release
.:
* Source/cmake/OptionsGTK.cmake: Bump version numbers
Source/WebKit:
* gtk/NEWS: Add release notes for 2.26.0.
Commit: 49c4b9546282a2f159978a37d5d8eff05ddf78dd
https://github.com/WebKit/WebKit/commit/49c4b9546282a2f159978a37d5d8eff05ddf78dd
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-09-09 (Mon, 09 Sep 2019)
Changed paths:
M ChangeLog
M Source/WebKit/ChangeLog
M Source/WebKit/wpe/NEWS
M Source/cmake/OptionsWPE.cmake
Log Message:
-----------
Unreviewed. Update OptionsWPE.cmake and NEWS for the 2.25.91 release
.:
* Source/cmake/OptionsWPE.cmake: Bump version numbers.
Source/WebKit:
* wpe/NEWS: Add release notes for 2.25.91.
Commit: 1a7cde9085f6b9f55700d144890f79d68aedfb1d
https://github.com/WebKit/WebKit/commit/1a7cde9085f6b9f55700d144890f79d68aedfb1d
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-09-20 (Fri, 20 Sep 2019)
Changed paths:
M ChangeLog
M Source/WebKit/ChangeLog
M Source/WebKit/wpe/NEWS
M Source/cmake/OptionsWPE.cmake
Log Message:
-----------
Unreviewed. Update OptionsWPE.cmake and NEWS for the 2.26.0 release
.:
* Source/cmake/OptionsWPE.cmake: Bump version numbers.
Source/WebKit:
* wpe/NEWS: Add release notes for 2.26.0
Commit: 5d3488270d931d5918c154e4a9dcc71c18a846a4
https://github.com/WebKit/WebKit/commit/5d3488270d931d5918c154e4a9dcc71c18a846a4
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-09-23 (Mon, 23 Sep 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/glib/UserAgentGLib.cpp
M Source/WebCore/platform/network/HTTPParsers.cpp
M Source/WebCore/platform/network/HTTPParsers.h
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/API/glib/WebKitSettings.cpp
M Tools/ChangeLog
M Tools/TestWebKitAPI/CMakeLists.txt
M Tools/TestWebKitAPI/Tests/WebCore/HTTPParsers.cpp
Log Message:
-----------
Merge r249810 - [GTK][WPE] webkit_settings_set_user_agent() allows content forbidden in HTTP headers
https://bugs.webkit.org/show_bug.cgi?id=201077
Reviewed by Carlos Garcia Campos.
Source/WebCore:
Add a function to validate whether a string contains a valid value
which can be used in a HTTP User-Agent header.
Covered by new WebCore API test HTTPParsers.ValidateUserAgentValues.
* platform/glib/UserAgentGLib.cpp:
(WebCore::standardUserAgent): Assert that the returned string is a valid User-Agent.
(WebCore::standardUserAgentForURL): Ditto.
* platform/network/HTTPParsers.cpp: Added a series of helper functions which skip over
characters of a string, which can be used to scan over the different elements of an
User-Agent value; all of them receive the position from the input string where to start
scanning, updating it to the position right after the scanned item (this follow the
convention already in use by other functions in the source file). Each of them has
been annotated with the RFC number and section which contains the definition of the
scanned item, and the corresponding BNF rules to make the code easier to follow.
(WebCore::skipWhile): Added.
(WebCore::isVisibleCharacter): Added.
(WebCore::isOctectInFieldContentCharacter): Added.
(WebCore::isCommentTextCharacter): Added.
(WebCore::isHTTPTokenCharacter): Added.
(WebCore::isValidHTTPToken): Refactored to use the new isHTTPTokenCharacter()
helper function instead of having the test inside the loop.
(WebCore::skipCharacter): Added.
(WebCore::skipQuotedPair): Added.
(WebCore::skipComment): Added.
(WebCore::skipHTTPToken): Added.
(WebCore::skipUserAgentProduct): Added.
(WebCore::isValidUserAgentHeaderValue): Added.
* platform/network/HTTPParsers.h: Add prototype for isValidUserAgentHeaderValue().
Source/WebKit:
* UIProcess/API/glib/WebKitSettings.cpp:
(webkit_settings_set_user_agent): Check the passed string using the new
WebCore::isValidUserAgentHeaderValue() function, and return early without
changing the setting if the string is not usable in the User-Agent HTTP
header.
Tools:
* TestWebKitAPI/CMakeLists.txt: Add missing HTTPParsers.cpp to be built into TestWebCore.
* TestWebKitAPI/Tests/WebCore/HTTPParsers.cpp:
(TestWebKitAPI::TEST): Add tests for WebCore::isValidUserAgentHeaderValue().
Commit: 1b6e871008bcc5a3fae1362259c45074b95a5e7f
https://github.com/WebKit/WebKit/commit/1b6e871008bcc5a3fae1362259c45074b95a5e7f
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-09-23 (Mon, 23 Sep 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/WebPageProxy.cpp
M Tools/ChangeLog
M Tools/TestWebKitAPI/Tests/WebKitGLib/TestLoaderClient.cpp
M Tools/TestWebKitAPI/glib/WebKitGLib/LoadTrackingTest.cpp
M Tools/TestWebKitAPI/glib/WebKitGLib/LoadTrackingTest.h
Log Message:
-----------
Merge r249890 - REGRESSION(r249142): [GTK] Epiphany delayed page loads continue indefinitely
https://bugs.webkit.org/show_bug.cgi?id=201544
Reviewed by Michael Catanzaro.
Source/WebKit:
WebPageProxy::loadAlternateHTML() is an exception, because it's an API request but always sets the navigationID
to 0. We always want to reset the pending API request URL when alternate HTML load starts.
* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::didStartProvisionalLoadForFrameShared): Check also that it's an API alternate HTML load
to reset the pending API request URL.
Tools:
Add new test cases.
* TestWebKitAPI/Tests/WebKitGLib/TestLoaderClient.cpp:
(testWebViewActiveURI):
(testWebViewIsLoading):
* TestWebKitAPI/glib/WebKitGLib/LoadTrackingTest.cpp:
(loadChangedCallback):
(LoadTrackingTest::loadAlternateHTML):
(LoadTrackingTest::reset):
* TestWebKitAPI/glib/WebKitGLib/LoadTrackingTest.h:
Commit: 317b9c95009719c5ad8ba854eb295ff3c4eb6243
https://github.com/WebKit/WebKit/commit/317b9c95009719c5ad8ba854eb295ff3c4eb6243
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-09-23 (Mon, 23 Sep 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/API/gtk/WebKitWebViewBase.cpp
M Source/WebKit/UIProcess/gtk/AcceleratedBackingStore.h
M Source/WebKit/UIProcess/gtk/AcceleratedBackingStoreWayland.cpp
M Source/WebKit/UIProcess/gtk/AcceleratedBackingStoreWayland.h
M Source/WebKit/UIProcess/gtk/WaylandCompositor.cpp
M Source/WebKit/UIProcess/gtk/WaylandCompositor.h
M Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/DrawingAreaCoordinatedGraphics.cpp
Log Message:
-----------
Merge r249947 - [GTK] Crash closing web view while hardware acceleration is enabled
https://bugs.webkit.org/show_bug.cgi?id=200856
Reviewed by Michael Catanzaro.
The crash happens when destroying the WaylandCompositor::Surface because the web view GL context is used to
release the texture, but the GL context is no longer valid after web view
unrealize. AcceleratedBackingStoreWayland should handle the web view unrealize to destroy the GL context. It
will be created on demand again after the web view is realized.
* UIProcess/API/gtk/WebKitWebViewBase.cpp:
(webkitWebViewBaseRealize): Notify AcceleratedBackingStore.
(webkitWebViewBaseUnrealize): Ditto.
* UIProcess/gtk/AcceleratedBackingStore.h:
(WebKit::AcceleratedBackingStore::realize): Added.
(WebKit::AcceleratedBackingStore::unrealize): Added.
* UIProcess/gtk/AcceleratedBackingStoreWayland.cpp:
(WebKit::AcceleratedBackingStoreWayland::realize): In case of using WaylandCompositor, call
WaylandCompositor::bindWebPage() to bind the WebPageProxy to the Wayland surface.
(WebKit::AcceleratedBackingStoreWayland::unrealize): Destroy GL resources and the GL context.
(WebKit::AcceleratedBackingStoreWayland::tryEnsureGLContext): Do not try to create the GL context if the web
view is not realized.
(WebKit::AcceleratedBackingStoreWayland::displayBuffer): Remove the code to initialize the texture.
(WebKit::AcceleratedBackingStoreWayland::paint): And add it here.
* UIProcess/gtk/AcceleratedBackingStoreWayland.h:
* UIProcess/gtk/WaylandCompositor.cpp:
(WebKit::WaylandCompositor::Surface::setWebPage): Return early if given page is the current one already.
(WebKit::WaylandCompositor::bindWebPage): Set the surface WebPageProxy.
(WebKit::WaylandCompositor::unbindWebPage): Unset the surface WebPageProxy.
* UIProcess/gtk/WaylandCompositor.h:
* WebProcess/WebPage/CoordinatedGraphics/DrawingAreaCoordinatedGraphics.cpp:
(WebKit::DrawingAreaCoordinatedGraphics::enterAcceleratedCompositingMode): When restoring a previous layer tree
host, always call resumeRendering() to balance the suspendRendering() called in exitAcceleratedCompositingMode().
Commit: e7fda006bf9af3d7ce2a74d8cfe947b9ea463c34
https://github.com/WebKit/WebKit/commit/e7fda006bf9af3d7ce2a74d8cfe947b9ea463c34
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-09-23 (Mon, 23 Sep 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/egl/GLContextEGL.cpp
Log Message:
-----------
Merge r249951 - [GTK] Cannot create EGL window surface: EGL_BAD_ALLOC
https://bugs.webkit.org/show_bug.cgi?id=201505
Reviewed by Žan Doberšek.
This happens because eglCreateWindowSurface() is called twice for the same window when not using the WPE
renderer. New versions of Mesa fail the second time with a EGL_BAD_ALLOC.
* platform/graphics/egl/GLContextEGL.cpp:
(WebCore::GLContextEGL::createWindowContext): Check surface is nullptr before falling back to use
eglCreateWindowSurface().
Commit: 17263ebfa85c2bb34f3c6cfd23cac22e2dce8f2c
https://github.com/WebKit/WebKit/commit/17263ebfa85c2bb34f3c6cfd23cac22e2dce8f2c
Author: Carlos Alberto Lopez Perez <clopez at igalia.com>
Date: 2019-09-23 (Mon, 23 Sep 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/Launcher/glib/ProcessLauncherGLib.cpp
Log Message:
-----------
Merge r250036 - [GTK][WPE] bubblewrap sandbox should be disabled when running inside docker
https://bugs.webkit.org/show_bug.cgi?id=201914
Reviewed by Michael Catanzaro.
Detect if running inside Docker by checking the file /.dockerenv
In that case, disable the sandbox.
* UIProcess/Launcher/glib/ProcessLauncherGLib.cpp:
(WebKit::isInsideDocker):
(WebKit::ProcessLauncher::launchProcess):
Commit: b7a306f43f6222bccf2dc46ac55805b99d23939d
https://github.com/WebKit/WebKit/commit/b7a306f43f6222bccf2dc46ac55805b99d23939d
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-09-23 (Mon, 23 Sep 2019)
Changed paths:
M ChangeLog
M Source/cmake/BubblewrapSandboxChecks.cmake
Log Message:
-----------
Merge r249883 - [GTK][WPE] Do not run the Bubblewrap executable when configuring for cross-compilation
https://bugs.webkit.org/show_bug.cgi?id=201340
Reviewed by Konstantin Tokarev.
* Source/cmake/BubblewrapSandboxChecks.cmake: Do not run the
Bubblewrap executable when cross-compiling to guess its version.
Emit a warning instead and trust that valid run-time paths will
be set using the BWRAP_EXECUTABLE and DBUS_PROXY_EXECUTABLE
variables. While at it, fix the regular expression used to match
the version string in the Bubblewrap output when not cross-compiling.
Commit: 3f542835cae6fd692fb62f9a6899fdd9f3622d4f
https://github.com/WebKit/WebKit/commit/3f542835cae6fd692fb62f9a6899fdd9f3622d4f
Author: Alicia Boya Garcia <aboya at igalia.com>
Date: 2019-09-23 (Mon, 23 Sep 2019)
Changed paths:
M LayoutTests/ChangeLog
M LayoutTests/imported/w3c/ChangeLog
R LayoutTests/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-video-element/timeout_on_seek.py
R LayoutTests/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-video-element/video_timeupdate_on_seek-expected.txt
R LayoutTests/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-video-element/video_timeupdate_on_seek.html
R LayoutTests/imported/w3c/web-platform-tests/media-source/mediasource-buffered-seek-expected.txt
R LayoutTests/imported/w3c/web-platform-tests/media-source/mediasource-buffered-seek.html
R LayoutTests/imported/w3c/web-platform-tests/media-source/mediasource-replay-expected.txt
R LayoutTests/imported/w3c/web-platform-tests/media-source/mediasource-replay.html
M LayoutTests/platform/gtk/TestExpectations
M LayoutTests/platform/ios-simulator/TestExpectations
M LayoutTests/platform/mac/TestExpectations
R LayoutTests/platform/mac/imported/w3c/web-platform-tests/html/semantics/embedded-content/the-video-element/video_timeupdate_on_seek-expected.txt
M LayoutTests/platform/wpe/TestExpectations
M Source/WebCore/ChangeLog
M Source/WebCore/platform/GStreamer.cmake
M Source/WebCore/platform/graphics/gstreamer/GRefPtrGStreamer.cpp
M Source/WebCore/platform/graphics/gstreamer/GRefPtrGStreamer.h
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h
M Source/WebCore/platform/graphics/gstreamer/MediaSampleGStreamer.cpp
M Source/WebCore/platform/graphics/gstreamer/mse/AppendPipeline.cpp
M Source/WebCore/platform/graphics/gstreamer/mse/AppendPipeline.h
M Source/WebCore/platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp
M Source/WebCore/platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.h
M Source/WebCore/platform/graphics/gstreamer/mse/MediaSourceClientGStreamerMSE.cpp
M Source/WebCore/platform/graphics/gstreamer/mse/MediaSourceClientGStreamerMSE.h
M Source/WebCore/platform/graphics/gstreamer/mse/MediaSourceGStreamer.cpp
M Source/WebCore/platform/graphics/gstreamer/mse/MediaSourceGStreamer.h
A Source/WebCore/platform/graphics/gstreamer/mse/PlaybackPipeline.cpp
A Source/WebCore/platform/graphics/gstreamer/mse/PlaybackPipeline.h
M Source/WebCore/platform/graphics/gstreamer/mse/SourceBufferPrivateGStreamer.cpp
M Source/WebCore/platform/graphics/gstreamer/mse/SourceBufferPrivateGStreamer.h
M Source/WebCore/platform/graphics/gstreamer/mse/WebKitMediaSourceGStreamer.cpp
M Source/WebCore/platform/graphics/gstreamer/mse/WebKitMediaSourceGStreamer.h
A Source/WebCore/platform/graphics/gstreamer/mse/WebKitMediaSourceGStreamerPrivate.h
M Source/cmake/GStreamerChecks.cmake
M Tools/ChangeLog
M Tools/Scripts/webkitpy/style/checker.py
Log Message:
-----------
Revert "Merge r249332, r249325, r249205"
Revert "Merge r249332 - [MSE][GStreamer] Replaying the video should update currentTime"
Revert "Merge r249325 - [MSE][GStreamer] Gracefully fail on invalid non-first initialization segment"
Revert "Merge r249205 - [MSE][GStreamer] WebKitMediaSrc rework"
Commit: 824407017bd8b8378d0f30bce9f23d797a5e9703
https://github.com/WebKit/WebKit/commit/824407017bd8b8378d0f30bce9f23d797a5e9703
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-09-23 (Mon, 23 Sep 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/WebPageProxy.cpp
M Source/WebKit/UIProcess/WebPageProxy.h
Log Message:
-----------
Merge r249953 - [GTK] Initial view loading is slow
https://bugs.webkit.org/show_bug.cgi?id=201451
Reviewed by Sergio Villar Senin.
The problem is that now we are always calling DrawingAreaProxy::waitForBackingStoreUpdateOnNextPaint() after a
new process is launched and we used to do that only when launching a new process after a crash. This makes
m_hasReceivedFirstUpdate useless, because it's always set to true right after a process is launched. Then, we
wait up to half a second (which is usually the case for the initial load) until the first update. We only want
to do that when recovering from a crash or when swapping processes to avoid flashing effect.
* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::launchProcess): Add ProcessLaunchReason parameter and pass it to
finishAttachingToWebProcess instead of IsProcessSwap.
(WebKit::WebPageProxy::swapToWebProcess): Pass ProcessLaunchReason::ProcessSwap to
finishAttachingToWebProcess().
(WebKit::WebPageProxy::finishAttachingToWebProcess): Do not call
DrawingAreaProxy::waitForBackingStoreUpdateOnNextPaint() when process launch reason is ProcessLaunchReason::InitialProcess.
(WebKit::WebPageProxy::launchProcessForReload): Pass ProcessLaunchReason::Reload to launchProcess().
* UIProcess/WebPageProxy.h: Remove IsProcessSwap and add ProcessLaunchReason instead that is passed to
launchProcess and finishAttachingToWebProcess.
Commit: d8e9eb3689bd710424edcf9276a574493ccd8074
https://github.com/WebKit/WebKit/commit/d8e9eb3689bd710424edcf9276a574493ccd8074
Author: Carlos Garcia Campos <carlosgc at webkit.org>
Date: 2019-09-23 (Mon, 23 Sep 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/dom/Position.cpp
M Source/WebCore/layout/Verification.cpp
M Source/WebCore/rendering/InlineFlowBox.cpp
M Source/WebCore/rendering/InlineTextBox.cpp
M Source/WebCore/rendering/InlineTextBox.h
M Source/WebCore/rendering/RenderText.cpp
M Source/WebCore/rendering/RenderTextLineBoxes.cpp
Log Message:
-----------
Revert r249160 - "InlineTextBox::end() should return first-past-end offset"
Commit: 877665b28c60a6130327261723ffcd4620ff6f0e
https://github.com/WebKit/WebKit/commit/877665b28c60a6130327261723ffcd4620ff6f0e
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-09-23 (Mon, 23 Sep 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/Launcher/glib/ProcessLauncherGLib.cpp
Log Message:
-----------
Merge r249882 - [GTK][WPE] Check for a Snap sandbox a bit harder
https://bugs.webkit.org/show_bug.cgi?id=201793
Reviewed by Michael Catanzaro.
* UIProcess/Launcher/glib/ProcessLauncherGLib.cpp:
(WebKit::isInsideSnap): Check whether the SNAP_NAME and SNAP_REVISION
environment variables are defined as well.
Commit: c7098daf97d386f0d452202c7d5c367e606de145
https://github.com/WebKit/WebKit/commit/c7098daf97d386f0d452202c7d5c367e606de145
Author: Philippe Normand <pnormand at igalia.com>
Date: 2019-09-23 (Mon, 23 Sep 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/gstreamer/GStreamerCommon.cpp
Log Message:
-----------
Merge r249477 - [GStreamer] Sound is down-pitched when playing video from YLE Areena
https://bugs.webkit.org/show_bug.cgi?id=201399
Reviewed by Xabier Rodriguez-Calvar.
If the FDK-AAC decoder is available, promote it and downrank the
libav AAC decoders, due to their broken LC support, as reported in:
https://ffmpeg.org/pipermail/ffmpeg-devel/2019-July/247063.html
* platform/graphics/gstreamer/GStreamerCommon.cpp:
(WebCore::initializeGStreamer):
Commit: cfbf792ac921d8f1bc77588d934f9ba858292bad
https://github.com/WebKit/WebKit/commit/cfbf792ac921d8f1bc77588d934f9ba858292bad
Author: Charlie Turner <cturner at igalia.com>
Date: 2019-09-23 (Mon, 23 Sep 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/gstreamer/GStreamerCommon.cpp
Log Message:
-----------
Merge r249761 - [GStreamer] Do not adopt floating references.
https://bugs.webkit.org/show_bug.cgi?id=201685
Reviewed by Carlos Garcia Campos.
Covered by existing tests.
* platform/graphics/gstreamer/GStreamerCommon.cpp:
(WebCore::initializeGStreamer): gst_element_factory_make returns
floating references, you do not adopt such references, rather you
sink them.
Commit: a87f796e7dff55348aaece2ead37ec10a549b772
https://github.com/WebKit/WebKit/commit/a87f796e7dff55348aaece2ead37ec10a549b772
Author: Fujii Hironori <Hironori.Fujii at sony.com>
Date: 2019-09-23 (Mon, 23 Sep 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/cairo/CairoOperations.cpp
Log Message:
-----------
Merge r249937 - [Cairo] Image::drawTiled → Cairo::drawSurface → cairo_paint_with_alpha → segfault happens in pixman
https://bugs.webkit.org/show_bug.cgi?id=201755
Reviewed by Don Olmstead.
Segmentation faults happened in pixman while painting a image. In
Cairo::drawSurface, originalSrcRect can be slightly larger than
the surface size because of floating number calculations.
Cairo::drawSurface created a subsurface which is running over the
parent surface boundaries.
* platform/graphics/cairo/CairoOperations.cpp:
(WebCore::Cairo::drawSurface): Calculated a intersection with
expandedSrcRect and the parent surface size for subsurface size.
Commit: d9ae731928c0d71d13bfbf9c083f6b60d7848add
https://github.com/WebKit/WebKit/commit/d9ae731928c0d71d13bfbf9c083f6b60d7848add
Author: Fujii Hironori <Hironori.Fujii at sony.com>
Date: 2019-09-23 (Mon, 23 Sep 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/cairo/BackingStoreBackendCairoImpl.cpp
Log Message:
-----------
Merge r250027 - [cairo] Incorrect targetRect in BackingStoreBackendCairoImpl::scroll
https://bugs.webkit.org/show_bug.cgi?id=201895
Reviewed by Carlos Garcia Campos.
In BackingStoreBackendCairoImpl::scroll, targetRect is calculated
wrongly by shifting maxX and maxY. Bug 59655 fixed the issue by
removing the shifting, but only for BackingStoreBackendCairoX11::scroll.
No new tests, no behavior change.
* platform/graphics/cairo/BackingStoreBackendCairoImpl.cpp:
(WebCore::BackingStoreBackendCairoImpl::scroll): Take intersection of targetRect and scrollRect.
Commit: aaca85d56f2196c74725ff2705ccdcfb68c09e3a
https://github.com/WebKit/WebKit/commit/aaca85d56f2196c74725ff2705ccdcfb68c09e3a
Author: Said Abou-Hallawa <sabouhallawa at apple.com>
Date: 2019-09-23 (Mon, 23 Sep 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/fast/images/decode-resolve-reject-no-leak-expected.txt
A LayoutTests/fast/images/decode-resolve-reject-no-leak.html
M Source/WebCore/ChangeLog
M Source/WebCore/html/HTMLImageElement.h
M Source/WebCore/loader/ImageLoader.cpp
M Source/WebCore/loader/ImageLoader.h
M Source/WebCore/testing/Internals.cpp
M Source/WebCore/testing/Internals.h
M Source/WebCore/testing/Internals.idl
Log Message:
-----------
Merge r249594 - REGRESSION (r249367): m_decodingPromises grows indefinitely until ImageLoader destruction
https://bugs.webkit.org/show_bug.cgi?id=201402
Patch by Said Abou-Hallawa <sabouhallawa at apple.com> on 2019-09-06
Reviewed by Youenn Fablet and Daniel Bates.
Source/WebCore:
Add the static functions resolvePromises() and rejectPromises(). These
functions take an lvalue reference to a Vector of promises. Inside them,
the lvalue reference argument are exchanged with an empty Vector of
promises then the promises are processed. This clears m_decodingPromises
and fixes the leak.
Add an internal API which returns the count of the pending promises of
an HTMLImageElement. This internal API will be used in the attached test.
Test: fast/images/decode-resolve-reject-no-leak.html
* html/HTMLImageElement.h:
(WebCore::HTMLImageElement::pendingDecodePromisesCountForTesting const):
* loader/ImageLoader.cpp:
(WebCore::resolvePromises):
ImageLoader::decode() calls BitmapImage::decode() and moves m_decodingPromises
in capture. When decoding finishes, this function is called to resolve the
promises. But ImageLoader might get deleted before the image decoding
finishes. So this function has to be static.
(WebCore::rejectPromises):
(WebCore::ImageLoader::resolveDecodePromises):
(WebCore::ImageLoader::rejectDecodePromises):
(WebCore::ImageLoader::notifyFinished):
(WebCore::ImageLoader::decode):
(WebCore::resolveDecodePromises): Deleted.
(WebCore::rejectDecodePromises): Deleted.
* loader/ImageLoader.h:
(WebCore::ImageLoader::pendingDecodePromisesCountForTesting const):
* testing/Internals.cpp:
(WebCore::Internals::imagePendingDecodePromisesCountForTesting):
* testing/Internals.h:
* testing/Internals.idl:
LayoutTests:
* fast/images/decode-resolve-reject-no-leak-expected.txt: Added.
* fast/images/decode-resolve-reject-no-leak.html: Added.
Commit: cd5b54a972d9d482ce97eadbfcc7c66f08797477
https://github.com/WebKit/WebKit/commit/cd5b54a972d9d482ce97eadbfcc7c66f08797477
Author: Devin Rousso <drousso at apple.com>
Date: 2019-09-23 (Mon, 23 Sep 2019)
Changed paths:
M LayoutTests/ChangeLog
M LayoutTests/inspector/debugger/resources/tail-deleted-frames-this-value.js
M LayoutTests/inspector/debugger/tail-deleted-frames-this-value-expected.txt
M LayoutTests/inspector/debugger/tail-deleted-frames-this-value.html
M LayoutTests/inspector/timeline/line-column-expected.txt
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/inspector/InjectedScriptModule.cpp
M Source/JavaScriptCore/inspector/InjectedScriptSource.js
M Source/WebCore/ChangeLog
M Source/WebCore/inspector/CommandLineAPIModuleSource.js
Log Message:
-----------
Merge r249445 - REGRESSION (r249078): Flaky crash in com.apple.JavaScriptCore: Inspector::InjectedScriptModule::ensureInjected
https://bugs.webkit.org/show_bug.cgi?id=201201
<rdar://problem/54771560>
Reviewed by Joseph Pecoraro.
Source/JavaScriptCore:
* inspector/InjectedScriptSource.js:
(let.InjectedScript.prototype.injectModule):
(let.InjectedScript.prototype._evaluateOn):
(CommandLineAPI):
(let.InjectedScript.prototype.setInspectObject): Deleted.
(let.InjectedScript.prototype.addCommandLineAPIGetter): Deleted.
(let.InjectedScript.prototype.addCommandLineAPIMethod.func.toString): Deleted.
(let.InjectedScript.prototype.addCommandLineAPIMethod): Deleted.
(InjectedScript.CommandLineAPI): Deleted.
Allow injected script "extensions" (e.g. CommandLineAPIModuleSource.js) to modify objects
directly, instead of having them call functions.
* inspector/InjectedScriptModule.cpp:
(Inspector::InjectedScriptModule::ensureInjected):
Make sure to reset `hadException` to `false` before making another call.
Source/WebCore:
Tests: inspector/debugger/tail-deleted-frames-this-value.html
inspector/heap/getRemoteObject.html
* inspector/CommandLineAPIModuleSource.js:
Avoid executing functions when injecting. Instead, modify the `CommandLineAPI` directly.
LayoutTests:
* inspector/debugger/tail-deleted-frames-this-value.html:
* inspector/debugger/tail-deleted-frames-this-value-expected.txt:
* inspector/debugger/resources/tail-deleted-frames-this-value.js:
* inspector/timeline/line-column-expected.txt:
Commit: 2bae950a7195fa8f4567077001178289de3d4067
https://github.com/WebKit/WebKit/commit/2bae950a7195fa8f4567077001178289de3d4067
Author: Ali Juma <ajuma at chromium.org>
Date: 2019-09-23 (Mon, 23 Sep 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/loader/FrameLoader.cpp
M Source/WebCore/loader/FrameLoader.h
M Source/WebCore/loader/FrameLoaderTypes.h
Log Message:
-----------
Merge r249762 - Prevent reentrancy FrameLoader::dispatchUnloadEvents()
https://bugs.webkit.org/show_bug.cgi?id=200738
Reviewed by Brady Eidson.
Reentrancy causes m_pageDismissalEventBeingDispatched to be incorrectly
updated, so don't allow reentrancy.
Since this prevents m_pageDismissalEventBeingDispatched from being reset
inside a reentrant call, it can have the unintended effect of causing
FrameLoader::stopAllLoaders to early-out when called from
FrameLoader::detachFromParent while a frame's unload event handler
calls document.open() on a parent frame and causes itself to become
detached. Allowing a load to continue in a detached frame will lead to
a crash. To prevent this, add a new argument to FrameLoader::stopAllLoaders
that FrameLoader::detachFromParent can use to prevent an early-out.
* loader/FrameLoader.cpp:
(WebCore::FrameLoader::stopAllLoaders):
(WebCore::FrameLoader::detachFromParent):
(WebCore::FrameLoader::dispatchUnloadEvents):
(WebCore::FrameLoader::dispatchBeforeUnloadEvent):
Ensure that m_pageDismissalEventBeingDispatched is reset to its previous value, even if this is not None.
* loader/FrameLoader.h:
* loader/FrameLoaderTypes.h:
Add a StopLoadingPolicy enum.
Commit: acd6c772a8408a3a7dfd02998ef3692c448cd3b1
https://github.com/WebKit/WebKit/commit/acd6c772a8408a3a7dfd02998ef3692c448cd3b1
Author: Michael Saboff <msaboff at apple.com>
Date: 2019-09-23 (Mon, 23 Sep 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/regexp-bol-optimize-out-of-stack.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/yarr/YarrPattern.cpp
Log Message:
-----------
Merge r249777 - JSC crashes due to stack overflow while building RegExp
https://bugs.webkit.org/show_bug.cgi?id=201649
Reviewed by Yusuke Suzuki.
JSTests:
New regression test.
* stress/regexp-bol-optimize-out-of-stack.js: Added.
(test):
(catch):
Source/JavaScriptCore:
Check for running out of stack when we are optimizing RegExp containing BOL terms or
other deep copying of disjunctions.
* yarr/YarrPattern.cpp:
(JSC::Yarr::YarrPatternConstructor::copyDisjunction):
(JSC::Yarr::YarrPatternConstructor::copyTerm):
(JSC::Yarr::YarrPatternConstructor::error):
(JSC::Yarr::YarrPattern::compile):
Commit: 56225632a74817f040108d3a8f8db334cdc674af
https://github.com/WebKit/WebKit/commit/56225632a74817f040108d3a8f8db334cdc674af
Author: Chris Dumez <cdumez at apple.com>
Date: 2019-09-23 (Mon, 23 Sep 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/editing/InsertTextCommand.cpp
Log Message:
-----------
Merge r249854 - Crash under WebCore::firstPositionInNode()
https://bugs.webkit.org/show_bug.cgi?id=201764
<rdar://problem/54823754>
Reviewed by Wenson Hsieh and Geoff Garen.
Make sure to keep a Ref<> to the textNode when we call insertNodeAtTabSpanPosition()
or insertNodeAt().
Test: editing/firstPositionInNode-crash.html
* editing/InsertTextCommand.cpp:
(WebCore::InsertTextCommand::positionInsideTextNode):
Commit: 47f2f0a92dd4a49e4b4ffc3617e69b1449af4f9c
https://github.com/WebKit/WebKit/commit/47f2f0a92dd4a49e4b4ffc3617e69b1449af4f9c
Author: Michael Saboff <msaboff at apple.com>
Date: 2019-09-23 (Mon, 23 Sep 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/regexp-unicode-surrogate-pair-increment-should-involve-length-check.js
M JSTests/stress/regexp-unicode-within-string.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/yarr/YarrJIT.cpp
M Source/JavaScriptCore/yarr/YarrPattern.h
Log Message:
-----------
Merge r249926 - [JSC] Perform check again when we found non-BMP characters
https://bugs.webkit.org/show_bug.cgi?id=201647
Reviewed by Yusuke Suzuki.
JSTests:
* stress/regexp-unicode-surrogate-pair-increment-should-involve-length-check.js: Added.
* stress/regexp-unicode-within-string.js: Updated test to eliminate the bogus print().
(testRegExpInbounds):
Source/JavaScriptCore:
We need to check for end of input for non-BMP characters when matching a character class that contains
both BMP and non-BMP characters. In advanceIndexAfterCharacterClassTermMatch() we were checking for
end of input for both BMP and non-BMP characters. For BMP characters, this check is redundant.
After moving the check to after the "is BMP check", we need to decrement index after reaching the failure
label to back out the index++ for the first surrogate of the non-BMP character.
Added the same kind of check in generateCharacterClassOnce(). In that case, we have pre-checked the
first character (surrogate) for a non-BMP codepoint, so we just need to check for end of input before
we increment for the second surrogate.
While writing tests, I found an off by one error in backtrackCharacterClassGreedy() and changed the
loop to check the count at loop top instead of loop bottom.
* yarr/YarrJIT.cpp:
(JSC::Yarr::YarrGenerator::advanceIndexAfterCharacterClassTermMatch):
(JSC::Yarr::YarrGenerator::generateCharacterClassOnce):
(JSC::Yarr::YarrGenerator::generateCharacterClassGreedy):
(JSC::Yarr::YarrGenerator::backtrackCharacterClassGreedy):
(JSC::Yarr::YarrGenerator::backtrackCharacterClassNonGreedy):
Commit: d79c51128a4f3c1894125fbe7b7564273d8a577c
https://github.com/WebKit/WebKit/commit/d79c51128a4f3c1894125fbe7b7564273d8a577c
Author: Alan Bujtas <zalan at apple.com>
Date: 2019-09-23 (Mon, 23 Sep 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/fast/text/first-letter-with-columns-crash-expected.txt
A LayoutTests/fast/text/first-letter-with-columns-crash.html
M Source/WebCore/ChangeLog
M Source/WebCore/rendering/updating/RenderTreeBuilderFirstLetter.cpp
Log Message:
-----------
Merge r249954 - [First-letter] Use WeakPtr for the first-letter insertion point.
https://bugs.webkit.org/show_bug.cgi?id=201842
<rdar://problem/51373788>
Reviewed by Antti Koivisto.
Source/WebCore:
The about-to-be-removed first letter renderer's sibling could potentially be destroyed too as the result of the anonymous subtree collapsing logic (when the next sibling is a generated anonymous block and it is not needed anymore.)
Test: fast/text/first-letter-with-columns-crash.html
* rendering/updating/RenderTreeBuilderFirstLetter.cpp:
(WebCore::RenderTreeBuilder::FirstLetter::updateStyle):
LayoutTests:
* fast/text/first-letter-with-columns-crash-expected.txt: Added.
* fast/text/first-letter-with-columns-crash.html: Added.
Commit: 83ff3fa23add56b036e63927956cc60904c4a671
https://github.com/WebKit/WebKit/commit/83ff3fa23add56b036e63927956cc60904c4a671
Author: Saam Barati <sbarati at apple.com>
Date: 2019-09-23 (Mon, 23 Sep 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/phantom-insertion-live-range-should-agree-with-arguments-forwarding.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/dfg/DFGPhantomInsertionPhase.cpp
Log Message:
-----------
Merge r250058 - Phantom insertion phase may disagree with arguments forwarding about live ranges
https://bugs.webkit.org/show_bug.cgi?id=200715
<rdar://problem/54301717>
Reviewed by Yusuke Suzuki.
JSTests:
* stress/phantom-insertion-live-range-should-agree-with-arguments-forwarding.js: Added.
(main.v23):
(main.try.v43):
(main.):
(main):
Source/JavaScriptCore:
The issue is that Phantom insertion phase was disagreeing about live ranges
from the arguments forwarding phase. The effect is that Phantom insertion
would insert a Phantom creating a longer live range than what arguments
forwarding was analyzing. Arguments forwarding will look for the last DFG
use or the last bytecode use of a variable it wants to eliminate. It then
does an interference analysis to ensure that nothing clobbers other variables
it needs to recover the sunken allocation during OSR exit.
Phantom insertion works by ordering the program into OSR exit epochs. If a value was used
in the current epoch, there is no need to insert a phantom for it. We
determine where we might need a Phantom by looking at bytecode kills. In this
analysis, we have a mapping from bytecode local to DFG node. However, we
sometimes forgot to remove the entry when a local is killed. So, if the first
kill of a variable is in the same OSR exit epoch, we won't insert a Phantom by design.
However, if the variable gets killed again, we might errantly insert a Phantom
for the prior variable which should've already been killed. The solution is to
clear the entry in our mapping when a variable is killed.
The program in question was like this:
1: DirectArguments
...
2: MovHint(@1, loc1) // arguments forwarding treats this as the final kill for @1
...
clobber things needed for recovery
...
Arguments elimination would transform the program since between @1 and
@2, nothing clobbers values needed for exit and nothing escapes @1. The
program becomes:
1: PhantomDirectArguments
...
2: MovHint(@1, loc1) // arguments forwarding treats this as the final kill for @1
...
clobber things needed for recovery of @1
...
Phantom insertion would then transform the program into:
1: PhantomDirectArguments
...
2: MovHint(@1, loc1) // arguments forwarding treats this as the final kill for @1
...
clobber things needed for recovery of @1
...
3: Phantom(@1)
...
This is wrong because Phantom insertion and arguments forwarding must agree on live
ranges, otherwise the interference analysis performed by arguments forwarding will
not correctly analyze up until where the value might be recovered.
* dfg/DFGPhantomInsertionPhase.cpp:
Commit: 16c0f66aaa337d4c16dfa91e8ade537e5c06d92b
https://github.com/WebKit/WebKit/commit/16c0f66aaa337d4c16dfa91e8ade537e5c06d92b
Author: Michael Catanzaro <mcatanzaro at gnome.org>
Date: 2019-09-23 (Mon, 23 Sep 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/NetworkProcess/EntryPoint/unix/NetworkProcessMain.cpp
M Source/WebKit/WebProcess/EntryPoint/unix/WebProcessMain.cpp
Log Message:
-----------
Merge r250217 - [SOUP] Stop setting G_TLS_GNUTLS_PRIORITY
https://bugs.webkit.org/show_bug.cgi?id=172154
Reviewed by Carlos Garcia Campos.
Nowadays, I maintain glib-networking. WebKit doesn't need to override its defaults to be
secure anymore. By overriding glib-networking's default priority, WebKit is force-reenabling
TLS 1.0 and TLS 1.1 even when glib-networking has disabled them.
* NetworkProcess/EntryPoint/unix/NetworkProcessMain.cpp:
(main):
* WebProcess/EntryPoint/unix/WebProcessMain.cpp:
(main):
Commit: 4d672209e8611713db9590d4836386ef6790266c
https://github.com/WebKit/WebKit/commit/4d672209e8611713db9590d4836386ef6790266c
Author: Libor Bukata <libor.bukata at oracle.com>
Date: 2019-09-23 (Mon, 23 Sep 2019)
Changed paths:
M Source/WTF/ChangeLog
M Source/WTF/wtf/generic/MainThreadGeneric.cpp
Log Message:
-----------
Merge r250126 - UI process crash when using callOnMainThread() after the main thread dispatcher has been destroyed
https://bugs.webkit.org/show_bug.cgi?id=197266
Patch by Libor Bukata <libor.bukata at oracle.com> on 2019-09-20
Reviewed by Carlos Garcia Campos.
* wtf/generic/MainThreadGeneric.cpp:
(WTF::scheduleDispatchFunctionsOnMainThread):
Commit: 1234984f2ee9ec755306bbb6c33ca5db3f90e6cf
https://github.com/WebKit/WebKit/commit/1234984f2ee9ec755306bbb6c33ca5db3f90e6cf
Author: Carlos Garcia Campos <carlosgc at webkit.org>
Date: 2019-09-23 (Mon, 23 Sep 2019)
Changed paths:
M ChangeLog
M Source/WebKit/ChangeLog
M Source/WebKit/gtk/NEWS
M Source/cmake/OptionsGTK.cmake
Log Message:
-----------
Unreviewed. Update OptionsGTK.cmake and NEWS for 2.26.1 release
.:
* Source/cmake/OptionsGTK.cmake: Bump version numbers.
Source/WebKit:
* gtk/NEWS: Add release notes for 2.26.1.
Commit: d1ed367482ecb72f6fe82d252c126ae1dda9f74e
https://github.com/WebKit/WebKit/commit/d1ed367482ecb72f6fe82d252c126ae1dda9f74e
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-09-24 (Tue, 24 Sep 2019)
Changed paths:
M Source/WebKit/wpe/NEWS
M Source/cmake/OptionsWPE.cmake
Log Message:
-----------
wip
Commit: eb99c387d99444b1e0940010e8d6730a1fb16e2a
https://github.com/WebKit/WebKit/commit/eb99c387d99444b1e0940010e8d6730a1fb16e2a
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-09-24 (Tue, 24 Sep 2019)
Changed paths:
M ChangeLog
M Source/WebKit/ChangeLog
Log Message:
-----------
Unreviewed. Update OptionsWPE.cmake and NEWS for the 2.26.1 release
build-nouni-wpe/..:
* Source/cmake/OptionsWPE.cmake: Bump version numbers.
build-nouni-wpe/../Source/WebKit:
* wpe/NEWS: Add release notes for 2.26.1.
Commit: bf47309a1f452af30061311ed62615977ce55587
https://github.com/WebKit/WebKit/commit/bf47309a1f452af30061311ed62615977ce55587
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-10-29 (Tue, 29 Oct 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/Automation/gtk/WebAutomationSessionGtk.cpp
M Source/WebKit/UIProcess/Automation/wpe/WebAutomationSessionWPE.cpp
Log Message:
-----------
Merge r250818 - [WPE][GTK] Build fails with ENABLE_WEBDRIVER=OFF
https://bugs.webkit.org/show_bug.cgi?id=202658
Reviewed by Carlos Garcia Campos.
* UIProcess/Automation/gtk/WebAutomationSessionGtk.cpp: Add missing
ENABLE(WEBDRIVER_MOUSE_INTERACTIONS) and ENABLE(WEBDRIVER_KEYBOARD_INTERACTIONS)
preprocessor guards.
* UIProcess/Automation/wpe/WebAutomationSessionWPE.cpp: Ditto.
Commit: f96bc76f68cfcd9ecfdfd7cc9ff7359abf6a63d1
https://github.com/WebKit/WebKit/commit/f96bc76f68cfcd9ecfdfd7cc9ff7359abf6a63d1
Author: Philippe Normand <pnormand at igalia.com>
Date: 2019-11-05 (Tue, 05 Nov 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp
Log Message:
-----------
Merge r250901 - REGRESSION(r246399): [GStreamer] Problems playing AAC streams
https://bugs.webkit.org/show_bug.cgi?id=202204
Reviewed by Xabier Rodriguez-Calvar.
Push the EOS event in the WebKitWebSrc element when the internal
queue is empty only for non-live resources. In the live case the
queue might drain temporarily but that's OK because data would
still be queued in downstream elements.
No new tests, the EOS event was pushed too early because of this
regression but there's no way to differentiate it from an expected
event in a layout test.
* platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
(webKitWebSrcCreate):
Commit: d28ddb9130f915002e9201f61c8b6f86f65833d8
https://github.com/WebKit/WebKit/commit/d28ddb9130f915002e9201f61c8b6f86f65833d8
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-11-05 (Tue, 05 Nov 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/WebProcess/WebCoreSupport/WebChromeClient.cpp
M Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/CompositingCoordinator.cpp
M Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/CompositingCoordinator.h
M Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/DrawingAreaCoordinatedGraphics.cpp
M Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/LayerTreeHost.cpp
M Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/LayerTreeHost.h
Log Message:
-----------
Merge r250717 - [GTK] Crash in WebChromeClient::createDisplayRefreshMonitor
https://bugs.webkit.org/show_bug.cgi?id=202551
Patch by Carlos Garcia Campos <cgarcia at igalia.com> on 2019-10-04
Reviewed by Žan Doberšek.
The crash happens when the drawing area is destroyed due to a page close. The layer tree host is invalidated
causing a layer flush that ends up trying to create a display refresh monitor, which requires the drawing
area. We need to null-check the drawing area in WebChromeClient::createDisplayRefreshMonitor() but we should
also ensure that layer flush is not performed after layer tree host is destroyed.
* WebProcess/WebCoreSupport/WebChromeClient.cpp:
(WebKit::WebChromeClient::createDisplayRefreshMonitor const): Null-check drawing area before using it.
* WebProcess/WebPage/CoordinatedGraphics/CompositingCoordinator.cpp:
(WebKit::CompositingCoordinator::CompositingCoordinator): Receive a WebPage instead of a WebCore::Page and
create the root layer here.
(WebKit::CompositingCoordinator::~CompositingCoordinator): Do not purge backing stores again, invalidate should
always be called right before the object is destroyed.
(WebKit::CompositingCoordinator::flushPendingLayerChanges): Get WebCore::Page from WebPage.
(WebKit::CompositingCoordinator::timestamp const): Ditto.
(WebKit::CompositingCoordinator::syncDisplayState): Ditto.
(WebKit::CompositingCoordinator::notifyFlushRequired): Do not continue if m_rootLayer is nullptr.
(WebKit::CompositingCoordinator::deviceScaleFactor const): Get WebCore::Page from WebPage.
(WebKit::CompositingCoordinator::pageScaleFactor const): Ditto.
(WebKit::CompositingCoordinator::createGraphicsLayer): Call attachLayer() instead of duplicating the code.
(WebKit::CompositingCoordinator::setVisibleContentsRect): Get WebCore::Page from WebPage.
* WebProcess/WebPage/CoordinatedGraphics/CompositingCoordinator.h:
* WebProcess/WebPage/CoordinatedGraphics/DrawingAreaCoordinatedGraphics.cpp:
(WebKit::DrawingAreaCoordinatedGraphics::discardPreviousLayerTreeHost): Do not call LayerTreeHost::invalidate()
that has been removed.
* WebProcess/WebPage/CoordinatedGraphics/LayerTreeHost.cpp:
(WebKit::LayerTreeHost::LayerTreeHost): Construct the coordinator after the sceneIntegration.
(WebKit::LayerTreeHost::~LayerTreeHost): Invalidate everything here now. We don't really need invalidate()
method since LayerTreeHost is not refcounted and we always called invalidate right before deleting the object.
(WebKit::LayerTreeHost::layerFlushTimerFired): This can't happen on invalid state anymore.
* WebProcess/WebPage/CoordinatedGraphics/LayerTreeHost.h:
Commit: 8f9c9fd535452ab94b04b716b164b07fec77bc57
https://github.com/WebKit/WebKit/commit/8f9c9fd535452ab94b04b716b164b07fec77bc57
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-11-05 (Tue, 05 Nov 2019)
Changed paths:
M Source/ThirdParty/ANGLE/ChangeLog
M Source/ThirdParty/ANGLE/PlatformGTK.cmake
Log Message:
-----------
Merge r250298 - [GTK] ANGLE's eglplatform.h is build broken with -DENABLE_X11_PLATFORM=OFF
https://bugs.webkit.org/show_bug.cgi?id=198621
Reviewed by Carlos Garcia Campos.
* PlatformGTK.cmake: Define WL_EGL_PLATFORM to prefer Wayland type
definitions with ENABLE_WAYLAND_TARGET=ON and ENABLE_X11_TARGET=OFF
to avoid ANGLE's eglplatform.h from trying to include the X11 headers.
Commit: 31e3429862fe1e7e28d7a0cc137d787b4229849d
https://github.com/WebKit/WebKit/commit/31e3429862fe1e7e28d7a0cc137d787b4229849d
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-11-05 (Tue, 05 Nov 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp
Log Message:
-----------
[GTK][WPE] Don't use prgname in dbus-proxy socket path
https://bugs.webkit.org/show_bug.cgi?id=201979
The path length for the socket is limited to 108 bytes so it is easy for a long
prgname to cause it to get truncated and fail. Since we only allow the socket
path into the sandbox the unique directory isn't necessary.
Reviewed by Michael Catanzaro.
* UIProcess/Launcher/glib/BubblewrapLauncher.cpp:
(WebKit::XDGDBusProxyLauncher::setAddress):
Commit: 4bab01b21fe043f229c5bd500ef4285f302b4604
https://github.com/WebKit/WebKit/commit/4bab01b21fe043f229c5bd500ef4285f302b4604
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-11-05 (Tue, 05 Nov 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/FontCache.h
M Source/WebCore/platform/graphics/freetype/FontCacheFreeType.cpp
Log Message:
-----------
Merge r252044 - [FreeType] Too slow running encoding/legacy-mb-korean/euc-kr WPT tests
https://bugs.webkit.org/show_bug.cgi?id=203544
Reviewed by Carlos Alberto Lopez Perez.
Use a cache for system fallbacks to keep the fonts sorted by font description. When a system fallback is needed
again for the same font description, but different characters, we just iterate the cached font set comparing the
charsets to get the best one. This avoids using FcFontMatch and FcFontSort is only called once per font description.
* platform/graphics/FontCache.h:
* platform/graphics/freetype/FontCacheFreeType.cpp:
(WebCore::CachedFontSet::CachedFontSet):
(WebCore::CachedFontSet::bestForCharacters):
(WebCore::FallbackFontDescriptionKey::FallbackFontDescriptionKey):
(WebCore::FallbackFontDescriptionKey::operator== const):
(WebCore::FallbackFontDescriptionKey::operator!= const):
(WebCore::FallbackFontDescriptionKey::isHashTableDeletedValue const):
(WebCore::FallbackFontDescriptionKey::computeHash const):
(WebCore::FallbackFontDescriptionKeyHash::hash):
(WebCore::FallbackFontDescriptionKeyHash::equal):
(WebCore::systemFallbackCache):
(WebCore::FontCache::systemFallbackForCharacters):
(WebCore::FontCache::platformPurgeInactiveFontData):
Commit: 782de9a10640b75a60f3c0f2f29ec46d6d386c18
https://github.com/WebKit/WebKit/commit/782de9a10640b75a60f3c0f2f29ec46d6d386c18
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-11-05 (Tue, 05 Nov 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/image-decoders/ScalableImageDecoder.h
M Source/WebCore/platform/image-decoders/bmp/BMPImageDecoder.cpp
M Source/WebCore/platform/image-decoders/bmp/BMPImageDecoder.h
M Source/WebCore/platform/image-decoders/bmp/BMPImageReader.h
M Source/WebCore/platform/image-decoders/gif/GIFImageDecoder.cpp
M Source/WebCore/platform/image-decoders/gif/GIFImageReader.h
M Source/WebCore/platform/image-decoders/ico/ICOImageDecoder.cpp
M Source/WebCore/platform/image-decoders/ico/ICOImageDecoder.h
M Source/WebCore/platform/image-decoders/jpeg/JPEGImageDecoder.cpp
M Source/WebCore/platform/image-decoders/jpeg2000/JPEG2000ImageDecoder.cpp
M Source/WebCore/platform/image-decoders/png/PNGImageDecoder.cpp
M Source/WebCore/platform/image-decoders/webp/WEBPImageDecoder.cpp
Log Message:
-----------
Merge r251836 - [GTK][WPE] ImageDecoders: use SharedBuffer::DataSegment instead of SharedBuffer
https://bugs.webkit.org/show_bug.cgi?id=202807
Reviewed by Adrian Perez de Castro.
Because SharedBuffer::DataSegment is ThreadSafeRefCounted.
* platform/image-decoders/ScalableImageDecoder.h:
* platform/image-decoders/bmp/BMPImageDecoder.cpp:
(WebCore::BMPImageDecoder::setData):
(WebCore::BMPImageDecoder::decodeHelper):
* platform/image-decoders/bmp/BMPImageDecoder.h:
* platform/image-decoders/bmp/BMPImageReader.h:
(WebCore::BMPImageReader::readUint16):
(WebCore::BMPImageReader::readUint32):
(WebCore::BMPImageReader::setData):
(WebCore::BMPImageReader::readUint16 const):
(WebCore::BMPImageReader::readUint32 const):
* platform/image-decoders/gif/GIFImageDecoder.cpp:
(WebCore::GIFImageDecoder::setData):
(WebCore::GIFImageDecoder::decode):
* platform/image-decoders/gif/GIFImageReader.h:
(GIFImageReader::setData):
* platform/image-decoders/ico/ICOImageDecoder.cpp:
(WebCore::ICOImageDecoder::setData):
(WebCore::ICOImageDecoder::decodeAtIndex):
* platform/image-decoders/ico/ICOImageDecoder.h:
* platform/image-decoders/jpeg/JPEGImageDecoder.cpp:
(WebCore::JPEGImageReader::decode):
* platform/image-decoders/jpeg2000/JPEG2000ImageDecoder.cpp:
(WebCore::JPEG2000ImageDecoder::decode):
* platform/image-decoders/png/PNGImageDecoder.cpp:
(WebCore::PNGImageReader::decode):
* platform/image-decoders/webp/WEBPImageDecoder.cpp:
(WebCore::WEBPImageDecoder::decode):
Commit: 9edf2f68f4bd8e1bfa62284b3c2c1e78ba8f74f9
https://github.com/WebKit/WebKit/commit/9edf2f68f4bd8e1bfa62284b3c2c1e78ba8f74f9
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-11-05 (Tue, 05 Nov 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/ImageBackingStore.h
M Source/WebCore/platform/image-decoders/cairo/ImageBackingStoreCairo.cpp
Log Message:
-----------
Merge r251771 - ImageDecoders: use a thread safe data buffer for Cairo backing store
https://bugs.webkit.org/show_bug.cgi?id=201727
<rdar://problem/56665041>
Reviewed by Fujii Hironori.
Use SharedBuffer::dataSegment which is ThreadSafeRefCounted.
* platform/graphics/ImageBackingStore.h:
(WebCore::ImageBackingStore::setSize):
(WebCore::ImageBackingStore::ImageBackingStore):
* platform/image-decoders/cairo/ImageBackingStoreCairo.cpp:
(WebCore::ImageBackingStore::image const):
Commit: 64062dca79cb623a3bda90cdd37c9d222f586c38
https://github.com/WebKit/WebKit/commit/64062dca79cb623a3bda90cdd37c9d222f586c38
Author: Saam Barati <sbarati at apple.com>
Date: 2019-11-05 (Tue, 05 Nov 2019)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/proxy-__proto__-in-prototype-chain.js
A JSTests/stress/proxy-property-replace-structure-transition.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/runtime/JSObject.cpp
Log Message:
-----------
Merge r249911 - JSObject::putInlineSlow should not ignore "__proto__" for Proxy
https://bugs.webkit.org/show_bug.cgi?id=200386
<rdar://problem/53854946>
Reviewed by Yusuke Suzuki.
JSTests:
* stress/proxy-__proto__-in-prototype-chain.js: Added.
* stress/proxy-property-replace-structure-transition.js: Added.
Source/JavaScriptCore:
We used to ignore '__proto__' in putInlineSlow when the object in question
was Proxy. There is no reason for this, and it goes against the spec. So
I've removed that condition. This also has the effect that it fixes an
assertion firing inside our inline caching code which dictates that for a
property replace that the base value's structure must be equal to the
structure when we grabbed the structure prior to the put operation.
The old code caused a weird edge case where we broke this invariant.
* runtime/JSObject.cpp:
(JSC::JSObject::putInlineSlow):
Commit: ad25a84ccf6ba2f18f6568890fc1bf1629efaf58
https://github.com/WebKit/WebKit/commit/ad25a84ccf6ba2f18f6568890fc1bf1629efaf58
Author: Said Abou-Hallawa <sabouhallawa at apple.com>
Date: 2019-11-05 (Tue, 05 Nov 2019)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/svg/animations/animate-and-remove-target-element-expected.txt
A LayoutTests/svg/animations/animate-and-remove-target-element.html
M Source/WebCore/ChangeLog
M Source/WebCore/svg/SVGAnimateElementBase.cpp
M Source/WebCore/svg/SVGAnimateElementBase.h
M Source/WebCore/svg/SVGElement.cpp
M Source/WebCore/svg/SVGElement.h
M Source/WebCore/svg/animation/SMILTimeContainer.cpp
M Source/WebCore/svg/animation/SMILTimeContainer.h
M Source/WebCore/svg/animation/SVGSMILElement.cpp
M Source/WebCore/svg/properties/SVGAnimatedPropertyAccessorImpl.h
M Source/WebCore/svg/properties/SVGAnimatedPropertyAnimatorImpl.h
M Source/WebCore/svg/properties/SVGAnimatedPropertyPairAccessorImpl.h
M Source/WebCore/svg/properties/SVGAnimatedPropertyPairAnimator.h
M Source/WebCore/svg/properties/SVGAnimatedPropertyPairAnimatorImpl.h
M Source/WebCore/svg/properties/SVGAttributeAnimator.h
M Source/WebCore/svg/properties/SVGMemberAccessor.h
M Source/WebCore/svg/properties/SVGPrimitivePropertyAnimator.h
M Source/WebCore/svg/properties/SVGPropertyAnimatorFactory.h
M Source/WebCore/svg/properties/SVGPropertyOwnerRegistry.h
M Source/WebCore/svg/properties/SVGPropertyRegistry.h
M Source/WebCore/svg/properties/SVGValuePropertyAnimatorImpl.h
M Source/WebCore/svg/properties/SVGValuePropertyListAnimatorImpl.h
Log Message:
-----------
Merge r250488 - Crash when removing the target element while animating its attributes
https://bugs.webkit.org/show_bug.cgi?id=202247
Reviewed by Darin Adler.
Source/WebCore:
If SMIL is animating a CSS attribute, there is a chance the animation is
ended while it is being started or progressed. For that reason, the member
SVGAnimateElementBase::m_animator has to be made RefPtr and it has to be
be protected in resetAnimatedType() and calculateAnimatedValue().
While SMILTimeContainer::updateAnimations() is calling progress() for the
scheduled animation elements, SMILTimeContainer::unschedule() might get
called if processing an animation causes events to be dispatched. For that
reason we need to copy the scheduled animations Vector before processing
them so we avoid changing the Vector while looping through its items.
Remove the guard SMILTimeContainer::m_preventScheduledAnimationsChanges
which was added in r129670 for debugging purposes. In some situations,
the scheduled animations map could be modified out from under some of the
functions of SMILTimeContainer.
Test: svg/animations/animate-and-remove-target-element.html
* svg/SVGAnimateElementBase.cpp:
(WebCore::SVGAnimateElementBase::resetAnimatedType):
(WebCore::SVGAnimateElementBase::calculateAnimatedValue):
* svg/SVGAnimateElementBase.h:
* svg/SVGElement.cpp:
(WebCore::SVGElement::createAnimator):
* svg/SVGElement.h:
* svg/animation/SMILTimeContainer.cpp:
(WebCore::SMILTimeContainer::schedule):
(WebCore::SMILTimeContainer::unschedule):
(WebCore::SMILTimeContainer::setElapsed):
(WebCore::SMILTimeContainer::sortByPriority):
(WebCore::SMILTimeContainer::processAnimations):
(WebCore::SMILTimeContainer::processScheduledAnimations):
(WebCore::SMILTimeContainer::updateAnimations):
(WebCore::SMILTimeContainer::~SMILTimeContainer): Deleted.
* svg/animation/SMILTimeContainer.h:
* svg/animation/SVGSMILElement.cpp:
(WebCore::SVGSMILElement::calculateNextProgressTime const):
* svg/properties/SVGAnimatedPropertyAccessorImpl.h:
* svg/properties/SVGAnimatedPropertyAnimatorImpl.h:
* svg/properties/SVGAnimatedPropertyPairAccessorImpl.h:
* svg/properties/SVGAnimatedPropertyPairAnimator.h:
* svg/properties/SVGAnimatedPropertyPairAnimatorImpl.h:
* svg/properties/SVGAttributeAnimator.h:
* svg/properties/SVGMemberAccessor.h:
(WebCore::SVGMemberAccessor::createAnimator const):
* svg/properties/SVGPrimitivePropertyAnimator.h:
(WebCore::SVGPrimitivePropertyAnimator::create):
* svg/properties/SVGPropertyAnimatorFactory.h:
(WebCore::SVGPropertyAnimatorFactory::createAnimator):
* svg/properties/SVGPropertyOwnerRegistry.h:
* svg/properties/SVGPropertyRegistry.h:
* svg/properties/SVGValuePropertyAnimatorImpl.h:
* svg/properties/SVGValuePropertyListAnimatorImpl.h:
LayoutTests:
* svg/animations/animate-and-remove-target-element-expected.txt: Added.
* svg/animations/animate-and-remove-target-element.html: Added.
Commit: 386d60b9528b3728e3f493a1b0d41e2304a41f97
https://github.com/WebKit/WebKit/commit/386d60b9528b3728e3f493a1b0d41e2304a41f97
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-11-06 (Wed, 06 Nov 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/API/glib/WebKitUIClient.cpp
Log Message:
-----------
Merge r250707 - [GTK] WebAutomation: make setWindowRect synchronous
https://bugs.webkit.org/show_bug.cgi?id=202530
Reviewed by Carlos Alberto Lopez Perez.
Move/resize window is asynchronous in GTK, but automation expects it to be synchronous so that get window rect
after setting it always returns the value set. Use a nested run loop to wait for the configure events after the
move/resize.
* UIProcess/API/glib/WebKitUIClient.cpp:
(UIClient::windowConfigureEventCallback):
(UIClient::setWindowFrameTimerFired):
Commit: 5fdd0a37b07aaa1c09574d81e79d63f7851a105e
https://github.com/WebKit/WebKit/commit/5fdd0a37b07aaa1c09574d81e79d63f7851a105e
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-11-06 (Wed, 06 Nov 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/PlatformDisplay.cpp
M Source/WebCore/platform/graphics/libwpe/PlatformDisplayLibWPE.cpp
M Source/WebCore/platform/graphics/libwpe/PlatformDisplayLibWPE.h
M Source/WebKit/ChangeLog
M Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/DrawingAreaCoordinatedGraphics.cpp
M Source/WebKit/WebProcess/glib/WebProcessGLib.cpp
Log Message:
-----------
Merge r251122 - [GTK] White pages in AC mode: Cannot get default EGL display: EGL_BAD_PARAMETER
https://bugs.webkit.org/show_bug.cgi?id=202362
Reviewed by Carlos Alberto Lopez Perez.
Source/WebCore:
The problem is that PlatformDisplayLibWPE::initialize() is failing to initialize the EGL display for some
reason. We need to understand why, but we should also handle the case of failing to initialize the EGL display
and simply disable accelerated compositing mode to avoid white pages and crashes in websites using WebGL. This
patch doesn't actually fix the bug, it just handles the EGL display initialization failure.
* platform/graphics/PlatformDisplay.cpp:
(WebCore::PlatformDisplay::~PlatformDisplay): Set s_sharedDisplayForCompositing to nullptr when the shared
display for compositing is destroyed.
* platform/graphics/libwpe/PlatformDisplayLibWPE.cpp:
(WebCore::PlatformDisplayLibWPE::initialize): Return false when EGL display initialization fails.
* platform/graphics/libwpe/PlatformDisplayLibWPE.h:
Source/WebKit:
* WebProcess/WebPage/CoordinatedGraphics/DrawingAreaCoordinatedGraphics.cpp:
(WebKit::DrawingAreaCoordinatedGraphics::updatePreferences): Disable accelerated compositing mode when we failed
to reate the shared display for compositing.
* WebProcess/glib/WebProcessGLib.cpp:
(WebKit::WebProcess::platformInitializeWebProcess): Destroy the wpe display when initialization fails.
Commit: d51d3534bada591fc4caf43c9e6957521f45723d
https://github.com/WebKit/WebKit/commit/d51d3534bada591fc4caf43c9e6957521f45723d
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-11-06 (Wed, 06 Nov 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/API/gtk/WebKitEmojiChooser.cpp
Log Message:
-----------
Merge r251363 - [GTK] Objects category in emoji picker is empty
https://bugs.webkit.org/show_bug.cgi?id=203189
Reviewed by Adrian Perez de Castro.
There's a typo in the first emopi name of objects section.
* UIProcess/API/gtk/WebKitEmojiChooser.cpp:
(webkitEmojiChooserSetupEmojiSections): uted speaker -> muted speaker
Commit: 54432771380682b7ccbf88e7e625ed147ea64857
https://github.com/WebKit/WebKit/commit/54432771380682b7ccbf88e7e625ed147ea64857
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2019-11-06 (Wed, 06 Nov 2019)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/API/gtk/WebKitAutocleanups.h
M Source/WebKit/UIProcess/API/gtk/WebKitDefines.h
M Source/WebKit/UIProcess/API/gtk/WebKitForwardDeclarations.h
M Source/WebKit/UIProcess/API/gtk/WebKitWebViewBase.h
M Source/WebKit/UIProcess/API/wpe/WebKitAutocleanups.h
M Source/WebKit/UIProcess/API/wpe/WebKitDefines.h
M Source/WebKit/WebProcess/InjectedBundle/API/gtk/WebKitWebEditor.h
M Source/WebKit/WebProcess/InjectedBundle/API/gtk/WebKitWebExtensionAutocleanups.h
M Source/WebKit/WebProcess/InjectedBundle/API/wpe/WebKitWebEditor.h
M Source/WebKit/WebProcess/InjectedBundle/API/wpe/WebKitWebExtensionAutocleanups.h
Log Message:
-----------
Merge r251423 - [GTK] C++ comments used in C header files
https://bugs.webkit.org/show_bug.cgi?id=203191
Reviewed by Žan Doberšek.
* UIProcess/API/gtk/WebKitAutocleanups.h:
* UIProcess/API/gtk/WebKitDefines.h:
* UIProcess/API/gtk/WebKitForwardDeclarations.h:
* UIProcess/API/gtk/WebKitWebViewBase.h:
* UIProcess/API/wpe/WebKitAutocleanups.h:
* UIProcess/API/wpe/WebKitDefines.h:
* WebProcess/InjectedBundle/API/gtk/WebKitWebEditor.h:
* WebProcess/InjectedBundle/API/gtk/WebKitWebExtensionAutocleanups.h:
* WebProcess/InjectedBundle/API/wpe/WebKitWebEditor.h:
* WebProcess/InjectedBundle/API/wpe/WebKitWebExtensionAutocleanups.h:
Commit: 65f6a74adbc6bffec12e2e18fd89b3cf7a9ef89c
https://github.com/WebKit/WebKit/commit/65f6a74adbc6bffec12e2e18fd89b3cf7a9ef89c
Author: Carlos Garcia Campos <carlosgc at webkit.org>
Date: 2019-11-06 (Wed, 06 Nov 2019)
Changed paths:
M ChangeLog
M Source/WebKit/ChangeLog
M Source/WebKit/gtk/NEWS
M Source/cmake/OptionsGTK.cmake
Log Message:
-----------
Unreviewed. Update OptionsGTK.cmake and NEWS for 2.26.2 release
.:
* Source/cmake/OptionsGTK.cmake: Bump version numbers.
Source/WebKit:
* gtk/NEWS: Add release notes for 2.26.2.
Commit: a41a0658989b1b54631d7f66f1abe9090f714f96
https://github.com/WebKit/WebKit/commit/a41a0658989b1b54631d7f66f1abe9090f714f96
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-11-07 (Thu, 07 Nov 2019)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/Modules/indexeddb/shared/IDBGetAllRecordsData.cpp
M Source/WebCore/Modules/indexeddb/shared/IDBIterateCursorData.cpp
M Source/WebCore/page/DOMWindowExtension.cpp
M Source/WebCore/platform/glib/UserAgentGLib.cpp
M Source/WebKit/ChangeLog
M Source/WebKit/NetworkProcess/NetworkConnectionToWebProcess.cpp
Log Message:
-----------
Unreviewed build fixed for non-unified builds.
Source/WebCore:
No new tests needed.
* Modules/indexeddb/shared/IDBGetAllRecordsData.cpp: Add missing inclusion of the
wtf/text/StringConcatenateNumbers.h header.
* Modules/indexeddb/shared/IDBIterateCursorData.cpp: Ditto.
* page/DOMWindowExtension.cpp: Add missing inclusion of the Document.h header.
* platform/glib/UserAgentGLib.cpp: Add missing inclusion of the HTTPParsers.h header.
Source/WebKit:
* NetworkProcess/NetworkConnectionToWebProcess.cpp: Add missin inclusion of the Logging.h header
Commit: 7d5374248834996a5275bcc7668b260ed0ff0d2f
https://github.com/WebKit/WebKit/commit/7d5374248834996a5275bcc7668b260ed0ff0d2f
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2019-11-07 (Thu, 07 Nov 2019)
Changed paths:
M ChangeLog
M Source/WebKit/ChangeLog
M Source/WebKit/wpe/NEWS
M Source/cmake/OptionsWPE.cmake
Log Message:
-----------
Unreviewed. Update OptionsWPE.cmake and NEWS for the 2.26.2 release
.:
* Source/cmake/OptionsWPE.cmake: Bump version numbers.
Source/WebKit:
* wpe/NEWS: Add release notes for 2.26.2.
Commit: 8a22f111d1beaea8282fca77c85f3900034d18b7
https://github.com/WebKit/WebKit/commit/8a22f111d1beaea8282fca77c85f3900034d18b7
Author: Ross Kirsling <ross.kirsling at sony.com>
Date: 2020-01-22 (Wed, 22 Jan 2020)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/LayerTreeHost.h
Log Message:
-----------
Merge r250743 - Unreviewed WinCairo build fix for r250717.
* WebProcess/WebPage/CoordinatedGraphics/LayerTreeHost.h:
(WebKit::LayerTreeHost::invalidate): Deleted.
Commit: 978d691d24f6ac71dc675dfd5863315b118dab23
https://github.com/WebKit/WebKit/commit/978d691d24f6ac71dc675dfd5863315b118dab23
Author: Heiko Becker <heirecka at exherbo.org>
Date: 2020-01-22 (Wed, 22 Jan 2020)
Changed paths:
M Source/WTF/ChangeLog
M Source/WTF/wtf/URLHelpers.cpp
M Source/WebCore/ChangeLog
M Source/WebCore/dom/Document.cpp
Log Message:
-----------
Merge r250747 - Fix build with icu 65.1
https://bugs.webkit.org/show_bug.cgi?id=202600
Patch by Heiko Becker <heirecka at exherbo.org> on 2019-10-04
Reviewed by Konstantin Tokarev.
Source/WebCore:
* dom/Document.cpp:
(WebCore::isValidNameNonASCII):
(WebCore::Document::parseQualifiedName):
Source/WTF:
* wtf/URLHelpers.cpp:
(WTF::URLHelpers::allCharactersInIDNScriptWhiteList):
Commit: b51cb525e6dbd61d1ad5c95e7149b74ca5ff7746
https://github.com/WebKit/WebKit/commit/b51cb525e6dbd61d1ad5c95e7149b74ca5ff7746
Author: Alan Bujtas <zalan at apple.com>
Date: 2020-01-22 (Wed, 22 Jan 2020)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/fast/frames/hidden-frameset-expected.txt
A LayoutTests/fast/frames/hidden-frameset.html
M Source/WebCore/ChangeLog
M Source/WebCore/rendering/RenderFrameSet.cpp
Log Message:
-----------
Merge r251680 - Hidden framesets should provide default edgeInfo value
https://bugs.webkit.org/show_bug.cgi?id=203506
<rdar://problem/56233726>
Reviewed by Simon Fraser.
Source/WebCore:
The grid information (and certain associated structures e.g. edegeInfo) for a frameset is updated through the layout() call.
When the used height/width computes to zero on a frameset child (frame or nested frameset), we don't run layout on the renderer thus
hidden nested framesets can only provide the default edge info.
This patch changes this behaviour and we now call layout on those hidden renderers the same way we do it on iOS.
Test: fast/frames/hidden-frameset.html
* rendering/RenderFrameSet.cpp:
(WebCore::RenderFrameSet::edgeInfo const):
LayoutTests:
* fast/frames/hidden-frameset-expected.txt: Added.
* fast/frames/hidden-frameset.html: Added.
Commit: 8fd8864d32445dde4ff7b7c9041c136a849a374e
https://github.com/WebKit/WebKit/commit/8fd8864d32445dde4ff7b7c9041c136a849a374e
Author: Philippe Normand <pnormand at igalia.com>
Date: 2020-01-22 (Wed, 22 Jan 2020)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp
Log Message:
-----------
Merge r253284 - [GStreamer] Crashes in MediaPlayerPrivateGStreamer::ensureGstGLContext
https://bugs.webkit.org/show_bug.cgi?id=204848
Reviewed by Michael Catanzaro.
Make sure the GL video sink uses a valid WebKit shared GL context.
* platform/graphics/gstreamer/GLVideoSinkGStreamer.cpp:
(ensureGstGLContext):
(webKitGLVideoSinkProbePlatform):
Commit: 596264d49f347ccc8db61b9ac83466c718719c0f
https://github.com/WebKit/WebKit/commit/596264d49f347ccc8db61b9ac83466c718719c0f
Author: Xabier Rodriguez-Calvar <calvaris at igalia.com>
Date: 2020-01-22 (Wed, 22 Jan 2020)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp
M Source/WebCore/platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp
M Source/WebCore/platform/graphics/gstreamer/WebKitWebSourceGStreamer.h
Log Message:
-----------
Merge r252398 - [GStreamer] Several issues while trying to play a video on NextCloud
https://bugs.webkit.org/show_bug.cgi?id=203194
Reviewed by Philippe Normand.
First problem was the loader not being restarted in PAUSED, so
sometimes playback never started since buffering never reached
100%.
Then, after investigating blocksizes and not being a viable
solution, reducing the 200_ms to 100_ms wait for new data was the
trick to avoid choppyness.
During investigation several issues were fixed like turning
GstQuery* into GRefPtr for MediaPlayerPrivateGStreamer::buffered,
making blocksize unsigned instead of uint64_t as it is in
GStreamer and creating and using WEBKIT_WEB_SRC_CAST since many
uses of WEBKIT_WEB_SRC cast were already protected by
WEBKIT_IS_WEB_SRC.
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
(WebCore::MediaPlayerPrivateGStreamer::buffered const): GRefPtr<GstQuery>.
(WebCore::MediaPlayerPrivateGStreamer::handleMessage):
(WebCore::MediaPlayerPrivateGStreamer::sourceSetup):
(WebCore::MediaPlayerPrivateGStreamer::didPassCORSAccessCheck const):
Use WEBKIT_WEB_SRC_CAST.
* platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
(webKitWebSrcCreate): Reduce wait for data down to 100_ms and
request download restart also in PAUSED.
(CachedResourceStreamingClient::checkUpdateBlocksize): Turn
blocksize to unsigned.
* platform/graphics/gstreamer/WebKitWebSourceGStreamer.h: Add
WEBKIT_WEB_SRC_CAST.
Commit: 985f0fc9b089f16d0cd9027e902f48654b5f7b64
https://github.com/WebKit/WebKit/commit/985f0fc9b089f16d0cd9027e902f48654b5f7b64
Author: Saam Barati <sbarati at apple.com>
Date: 2020-01-22 (Wed, 22 Jan 2020)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/allocation-sinking-hints-are-valid-ssa-2.js
A JSTests/stress/allocation-sinking-hints-are-valid-ssa.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/dfg/DFGObjectAllocationSinkingPhase.cpp
M Source/JavaScriptCore/dfg/DFGValidate.cpp
Log Message:
-----------
Merge r250585 - ObjectAllocationSinkingPhase shouldn't insert hints for allocations which are no longer valid
https://bugs.webkit.org/show_bug.cgi?id=199361
<rdar://problem/52454940>
Reviewed by Yusuke Suzuki.
JSTests:
* stress/allocation-sinking-hints-are-valid-ssa-2.js: Added.
(main.fn):
(main.executor):
(main):
* stress/allocation-sinking-hints-are-valid-ssa.js: Added.
(main.fn):
(main.executor):
(main):
Source/JavaScriptCore:
In a prior fix to the object allocation sinking phase, I added code where we
made sure to insert PutHints over Phis for fields of an object at control flow
merge points. However, that code didn't consider that the base of the PutHint
may no longer be a valid heap location. This could cause us to emit invalid
SSA code by referring to a node which does not dominate the PutHint location.
This patch fixes the bug to only emit the PutHints when valid.
This patch also makes it so that DFGValidate actually validates that the graph
is in valid SSA form. E.g, any use of a node N must be dominated by N.
* dfg/DFGObjectAllocationSinkingPhase.cpp:
* dfg/DFGValidate.cpp:
Commit: d7ce7bd6552c77b53f81dda59f98ad551212e3aa
https://github.com/WebKit/WebKit/commit/d7ce7bd6552c77b53f81dda59f98ad551212e3aa
Author: Alan Bujtas <zalan at apple.com>
Date: 2020-01-22 (Wed, 22 Jan 2020)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/fast/text/simple-line-layout-range-check-end-expected.txt
A LayoutTests/fast/text/simple-line-layout-range-check-end.html
M Source/WebCore/ChangeLog
M Source/WebCore/rendering/SimpleLineLayoutResolver.cpp
Log Message:
-----------
Merge r250929 - RunResolver::rangeForRendererWithOffsets should check for range end
https://bugs.webkit.org/show_bug.cgi?id=202761
<rdar://problem/55917924>
Reviewed by Antti Koivisto.
Source/WebCore:
This patch ensures that when rangeForRenderer comes back with a collapsed run (empty range), rangeForRendererWithOffsets returns an empty range as well.
Test: fast/text/simple-line-layout-range-check-end.html
* rendering/SimpleLineLayoutResolver.cpp:
(WebCore::SimpleLineLayout::RunResolver::rangeForRendererWithOffsets const):
LayoutTests:
* fast/text/simple-line-layout-range-check-end-expected.txt: Added.
* fast/text/simple-line-layout-range-check-end.html: Added.
Commit: a72a355cc2ce3e3596efab4c95300ccfeee6db47
https://github.com/WebKit/WebKit/commit/a72a355cc2ce3e3596efab4c95300ccfeee6db47
Author: Said Abou-Hallawa <sabouhallawa at apple.com>
Date: 2020-01-22 (Wed, 22 Jan 2020)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/svg/custom/pair-properties-detach-expected.txt
A LayoutTests/svg/custom/pair-properties-detach.html
M Source/WebCore/ChangeLog
M Source/WebCore/svg/properties/SVGAnimatedPropertyPairAccessor.h
Log Message:
-----------
Merge r251957 - SVG pair properties must be detached from their owner before it's deleted
https://bugs.webkit.org/show_bug.cgi?id=203545
Reviewed by Simon Fraser.
Source/WebCore:
SVGAnimatedPropertyPairAccessor needs to override its detach() method so
each of its pair properties detaches itself from the owner.
SVGPointerMemberAccessor does the same thing but for a single property
which covers all the list properties as well.
Test: svg/custom/pair-properties-detach.html
* svg/properties/SVGAnimatedPropertyPairAccessor.h:
LayoutTests:
* svg/custom/pair-properties-detach-expected.txt: Added.
* svg/custom/pair-properties-detach.html: Added.
Commit: 2cfacbc56b8d7dd6f97f5b092daeebb983be71bb
https://github.com/WebKit/WebKit/commit/2cfacbc56b8d7dd6f97f5b092daeebb983be71bb
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2020-01-22 (Wed, 22 Jan 2020)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/NetworkProcess/soup/NetworkDataTaskSoup.cpp
Log Message:
-----------
Merge r254119 - [SOUP] HSTS Support causes page loading to fail with "Operation was cancelled"
https://bugs.webkit.org/show_bug.cgi?id=203620
Reviewed by Michael Catanzaro.
The problem is that we are assuming that request cancellation happens synchronously, but it can happen that the
async ready callback for the previous request is called after the new one has started.
* NetworkProcess/soup/NetworkDataTaskSoup.cpp:
(WebKit::NetworkDataTaskSoup::sendRequestCallback): Return early if this is a previous request already cancelled.
Commit: 7ff7fcf610a5142927852a405cae6f1abfb678a1
https://github.com/WebKit/WebKit/commit/7ff7fcf610a5142927852a405cae6f1abfb678a1
Author: Carlos Garcia Campos <cgarcia at igalia.com>
Date: 2020-01-22 (Wed, 22 Jan 2020)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/freetype/FontPlatformDataFreeType.cpp
Log Message:
-----------
Merge r253470 - [HarfBuzz] WebKitWebProcess crashes when displaying a KaTeX formula
https://bugs.webkit.org/show_bug.cgi?id=204689
Reviewed by Carlos Alberto Lopez Perez.
We are creating and caching an hb_font_t for the given FontPlatformData's FT_Face, but the face is not
referenced so it is destroyed eventually while the hb_font_t is still alive. We need to keep a reference of the
FT_Face while the hb_font_t is alive.
* platform/graphics/freetype/FontPlatformDataFreeType.cpp:
(WebCore::FontPlatformData::createOpenTypeMathHarfBuzzFont const): Create the hb_face_t with
hb_ft_face_create_referenced() instead of hb_ft_face_create_cached().
Commit: c6c0cece600fe5f9568d6ff21fa8dee3f255b1de
https://github.com/WebKit/WebKit/commit/c6c0cece600fe5f9568d6ff21fa8dee3f255b1de
Author: Fujii Hironori <Hironori.Fujii at sony.com>
Date: 2020-01-22 (Wed, 22 Jan 2020)
Changed paths:
M LayoutTests/ChangeLog
M LayoutTests/platform/gtk/TestExpectations
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/cairo/FontCairo.cpp
M Source/WebCore/platform/graphics/cairo/GraphicsContextImplCairo.cpp
M Source/WebCore/platform/graphics/harfbuzz/ComplexTextControllerHarfBuzz.cpp
Log Message:
-----------
Merge r254190 - [HarfBuzz][GTK] fast/text/complex-first-glyph-with-initial-advance.html is failing
https://bugs.webkit.org/show_bug.cgi?id=118221
Reviewed by Carlos Garcia Campos.
Source/WebCore:
Arabic diacritics made glyphs vertically unaligned if the first
glyph had a vertical offset.
The initial advance should be same with the first glyph origin for
HarfBuzz. See the diagram in ComplexTextController.h for details.
<https://trac.webkit.org/browser/webkit/trunk/Source/WebCore/platform/graphics/ComplexTextController.h?rev=224007#L109>
drawGlyphs of Cairo port was assuming upward y-axis for glyph
advances even though those of Mac and AppleWin port are assuming
downward y-axis. This is a problem for Windows ports because
AppleWin and WinCairo port are sharing the code calculating
advances.
Covered by existing tests.
* platform/graphics/cairo/FontCairo.cpp:
(WebCore::FontCascade::drawGlyphs):
* platform/graphics/cairo/GraphicsContextImplCairo.cpp:
(WebCore::GraphicsContextImplCairo::drawGlyphs):
Sum up the height of advances into yOffset instead of subtraction.
* platform/graphics/harfbuzz/ComplexTextControllerHarfBuzz.cpp:
(WebCore::ComplexTextController::ComplexTextRun::ComplexTextRun):
Don't negate offsetY. Set m_initialAdvance as the first item of
m_glyphOrigins.
LayoutTests:
* platform/gtk/TestExpectations: Unmarked
fast/text/complex-first-glyph-with-initial-advance.html and
fast/text/initial-advance-in-intermediate-run-complex.html.
* platform/wincairo/TestExpectations: Unmarked
fast/text/complex-first-glyph-with-initial-advance.html and
fast/text/complex-initial-advance.html.
Commit: d214e1727ae9b57fb7760e56f8b10123960c4645
https://github.com/WebKit/WebKit/commit/d214e1727ae9b57fb7760e56f8b10123960c4645
Author: Fujii Hironori <Hironori.Fujii at sony.com>
Date: 2020-01-22 (Wed, 22 Jan 2020)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/fast/dom/Document/CaretRangeFromPoint/rtl-expected.txt
A LayoutTests/fast/dom/Document/CaretRangeFromPoint/rtl.html
M LayoutTests/platform/gtk/TestExpectations
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/ComplexTextController.cpp
Log Message:
-----------
Merge r254114 - ComplexTextController::offsetForPosition returns a wrong offset for a glyph boundary in a RTL text
https://bugs.webkit.org/show_bug.cgi?id=205486
Reviewed by Ross Kirsling.
Source/WebCore:
ComplexTextController::offsetForPosition had the following code:
> unsigned hitIndex = hitGlyphStart + (hitGlyphEnd - hitGlyphStart) * (m_run.ltr() ? x / adjustedAdvance : 1 - x / adjustedAdvance);
If m_run.ltr() was false and x == 0, hitIndex would become hitGlyphEnd.
This is not expected. It expects hitIndex < hitGlyphEnd if hitGlyphStart ≠ hitGlyphEnd.
Let hitIndex be hitGlyphStart-1 in the such condition.
Above change makes fast/text/ellipsis-text-rtl.html starting to
fail because offsetForPosition returns the character offset of the
next glyph if the argument 'h' is in a glyph boundary. In RTL
text, offsetForPosition should return a character offset of the
previous glyph in case of a glyph boundary. Use '<=' instead of '<'
for RTL text in order to select previous glyphs for glyph
boundaries.
Test: fast/dom/Document/CaretRangeFromPoint/rtl.html
* platform/graphics/ComplexTextController.cpp:
(WebCore::ComplexTextController::offsetForPosition): Compute correct hitGlyphEnd for RTL.
LayoutTests:
* fast/dom/Document/CaretRangeFromPoint/rtl-expected.txt: Added.
* fast/dom/Document/CaretRangeFromPoint/rtl.html: Added.
* platform/gtk/TestExpectations: Unmarked imported/blink/editing/selection/offset-from-point-complex-scripts.html.
Commit: 7590742f1b8a2f85bf951d53640cfd340779bdd4
https://github.com/WebKit/WebKit/commit/7590742f1b8a2f85bf951d53640cfd340779bdd4
Author: Fujii Hironori <fujii.hironori at gmail.com>
Date: 2020-01-22 (Wed, 22 Jan 2020)
Changed paths:
M LayoutTests/ChangeLog
M LayoutTests/platform/gtk/fast/text/atsui-rtl-override-selection-expected.png
M LayoutTests/platform/gtk/fast/text/atsui-rtl-override-selection-expected.txt
Log Message:
-----------
Merge r254185 - [GTK] fast/text/atsui-rtl-override-selection.html is failing since r254114
https://bugs.webkit.org/show_bug.cgi?id=205898
Unreviewed test gardening.
Patch by Fujii Hironori <fujii.hironori at gmail.com> on 2020-01-07
* platform/gtk/fast/text/atsui-rtl-override-selection-expected.png:
* platform/gtk/fast/text/atsui-rtl-override-selection-expected.txt:
Commit: 65dfc4cf4f1908032316d477f4e7122353200cee
https://github.com/WebKit/WebKit/commit/65dfc4cf4f1908032316d477f4e7122353200cee
Author: Carlos Garcia Campos <carlosgc at webkit.org>
Date: 2020-01-22 (Wed, 22 Jan 2020)
Changed paths:
M ChangeLog
M Source/WebKit/ChangeLog
M Source/WebKit/gtk/NEWS
M Source/cmake/OptionsGTK.cmake
Log Message:
-----------
Unreviewed. Update OptionsGTK.cmake and NEWS for 2.26.3 release
.:
* Source/cmake/OptionsGTK.cmake: Bump version numbers.
Source/WebKit:
* gtk/NEWS: Add release notes for 2.26.3.
Commit: 5e3038eebc70098c79127e40726ad7e1a0d9ce57
https://github.com/WebKit/WebKit/commit/5e3038eebc70098c79127e40726ad7e1a0d9ce57
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2020-01-22 (Wed, 22 Jan 2020)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/offlineasm/parser.rb
Log Message:
-----------
Merged r254637 - Offlineasm warnings with newer Ruby versions
https://bugs.webkit.org/show_bug.cgi?id=206233
Reviewed by Yusuke Suzuki.
Avoid a warning about using Object#=~ on Annotation instances, which
has been deprecated in Ruby 2.7.
* offlineasm/parser.rb: Swap checks to prevent applying the =~ operator
to Annotation instances, which do not define it.
Commit: 2101139d69a7b8f19b24934802d7e1d9de904c7f
https://github.com/WebKit/WebKit/commit/2101139d69a7b8f19b24934802d7e1d9de904c7f
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2020-01-22 (Wed, 22 Jan 2020)
Changed paths:
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/runtime/NativeErrorConstructor.h
Log Message:
-----------
Unreviewed. Fix non-unified build
* runtime/NativeErrorConstructor.h: Add missing inclusion of JSGlobalObject.h.
Commit: f64a61315c6465c42c095cdb5224666d536ce203
https://github.com/WebKit/WebKit/commit/f64a61315c6465c42c095cdb5224666d536ce203
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2020-01-23 (Thu, 23 Jan 2020)
Changed paths:
M ChangeLog
M Source/WebKit/ChangeLog
M Source/WebKit/wpe/NEWS
M Source/cmake/OptionsWPE.cmake
Log Message:
-----------
Unreviewed. Update OptionsWPE.cmake and NEWS for the 2.26.3 release
.:
* Source/cmake/OptionsWPE.cmake: Bump version numbers.
Source/WebKit:
* wpe/NEWS: Add release notes 2.26.3.
Commit: 9ee4785708ce95d2d94282fc59b7c66da9d7557a
https://github.com/WebKit/WebKit/commit/9ee4785708ce95d2d94282fc59b7c66da9d7557a
Author: Carlos Garcia Campos <carlosgc at webkit.org>
Date: 2020-01-29 (Wed, 29 Jan 2020)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/NetworkProcess/soup/WebSocketTaskSoup.cpp
Log Message:
-----------
[GTK][WPE] QR code not loaded in web.whatsapp.com
https://bugs.webkit.org/show_bug.cgi?id=203404
Reviewed by Michael Catanzaro.
This is a regression of the switch to use libsoup API for the WebSockets implementation. The QR code is loaded
using a WebSocket connection, but the server is always replying with a 400 Bad Request to the Upgrade requests
coming from an existing HTTP connection. We need to ensure a new dedicated connection is used for WebSockets.
* NetworkProcess/soup/WebSocketTaskSoup.cpp:
(WebKit::WebSocketTask::WebSocketTask): Set the SOUP_MESSAGE_NEW_CONNECTION flag to the SoupMessage before
starting the connection.
Commit: a84ea24e62df057661878896e1fb3c44db9926bc
https://github.com/WebKit/WebKit/commit/a84ea24e62df057661878896e1fb3c44db9926bc
Author: Carlos Garcia Campos <carlosgc at webkit.org>
Date: 2020-01-29 (Wed, 29 Jan 2020)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/API/gtk/PageClientImpl.cpp
Log Message:
-----------
[GTK] Fix logic of dark theme detection
https://bugs.webkit.org/show_bug.cgi?id=202276
- If GTK_THEME is set it has a higher priority to GtkSettings.
- GTK_THEME may be a -dark theme or :dark variant, handle both.
Reviewed by Michael Catanzaro.
* UIProcess/API/gtk/PageClientImpl.cpp:
(WebKit::PageClientImpl::effectiveAppearanceIsDark const):
Commit: ab4cd96b8fe548b8da43d4b301408d209227b1f9
https://github.com/WebKit/WebKit/commit/ab4cd96b8fe548b8da43d4b301408d209227b1f9
Author: Carlos Garcia Campos <carlosgc at webkit.org>
Date: 2020-01-29 (Wed, 29 Jan 2020)
Changed paths:
M ChangeLog
M LayoutTests/ChangeLog
A LayoutTests/platform/gtk/css-dark-mode/color-scheme-priority-expected.txt
M LayoutTests/platform/gtk/css-dark-mode/default-colors-expected.txt
M LayoutTests/platform/gtk/css-dark-mode/prefers-color-scheme-expected.txt
M Source/WTF/ChangeLog
M Source/WTF/wtf/Platform.h
M Source/WebCore/ChangeLog
M Source/WebCore/dom/Document.cpp
M Source/WebCore/page/FrameView.cpp
M Source/WebCore/page/Page.cpp
M Source/WebCore/rendering/RenderThemeGtk.cpp
M Source/WebCore/rendering/RenderThemeGtk.h
M Source/WebCore/testing/InternalSettings.cpp
M Source/WebKit/ChangeLog
M Source/WebKit/Shared/WebPageCreationParameters.cpp
M Source/WebKit/Shared/WebPageCreationParameters.h
M Source/WebKit/UIProcess/API/gtk/PageClientImpl.cpp
M Source/WebKit/UIProcess/API/gtk/PageClientImpl.h
M Source/WebKit/UIProcess/API/gtk/WebKitWebViewBase.cpp
M Source/WebKit/UIProcess/PageClient.h
M Source/WebKit/UIProcess/WebPageProxy.cpp
M Source/WebKit/UIProcess/WebPageProxy.h
M Source/WebKit/UIProcess/gtk/WebPageProxyGtk.cpp
M Source/WebKit/WebProcess/EntryPoint/unix/WebProcessMain.cpp
M Source/WebKit/WebProcess/WebPage/WebPage.cpp
M Source/WebKit/WebProcess/WebPage/WebPage.h
M Source/WebKit/WebProcess/WebPage/WebPage.messages.in
M Source/WebKit/WebProcess/WebPage/gtk/WebPageGtk.cpp
M Source/cmake/OptionsGTK.cmake
Log Message:
-----------
[GTK] Should use light theme unless website declares support for dark themes in color-schemes property
https://bugs.webkit.org/show_bug.cgi?id=197947
Reviewed by Michael Catanzaro.
.:
Do not define HAVE_OS_DARK_MODE_SUPPORT.
* Source/cmake/OptionsGTK.cmake:
Source/WebCore:
* dom/Document.cpp:
(WebCore::Document::useDarkAppearance const): Remove HAVE(OS_DARK_MODE_SUPPORT) because ENABLE(DARK_MODE_CSS)
guards should be enough.
* page/FrameView.cpp:
(WebCore::FrameView::updateBackgroundRecursively): Revert changes made in r244635.
* page/Page.cpp:
(WebCore::Page::effectiveAppearanceDidChange): Use ENABLE(DARK_MODE_CSS) instead of HAVE(OS_DARK_MODE_SUPPORT).
(WebCore::Page::useDarkAppearance const): Ditto.
* rendering/RenderThemeGtk.cpp:
(WebCore::RenderThemeGtk::systemColor const): Revert changes made in r244635.
* rendering/RenderThemeGtk.h:
* testing/InternalSettings.cpp:
(WebCore::InternalSettings::setUseDarkAppearanceInternal): Revert changes made in r244635.
Source/WebKit:
Handle the theme changes in the UI process, converting dark variant to the light one before sending the theme
name to the web process. The web process is still notified when a dark theme is in use, so that if website
prefers a dark color scheme it will be used, but the gtk theme that will be used for controls styling will
always be light.
* Shared/WebPageCreationParameters.cpp:
(WebKit::WebPageCreationParameters::encode const): Encode themeName.
(WebKit::WebPageCreationParameters::decode): Decode themeName.
* Shared/WebPageCreationParameters.h:
* UIProcess/API/gtk/PageClientImpl.cpp:
(WebKit::PageClientImpl::themeName const): Get the theme name that should be used by the web process.
* UIProcess/API/gtk/PageClientImpl.h:
* UIProcess/API/gtk/WebKitWebViewBase.cpp:
(themeChanged): Call WebPageProxy::themeDidChange().
(applicationPreferDarkThemeChanged):
(webkitWebViewBaseSetToplevelOnScreenWindow): Use a different callback for the theme name change.
* UIProcess/PageClient.h:
* UIProcess/WebPageProxy.cpp:
* UIProcess/WebPageProxy.h:
* UIProcess/gtk/WebPageProxyGtk.cpp:
(WebKit::WebPageProxy::themeDidChange): Send ThemeDidChange message to the web process with the theme name to use.
* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::WebPage): Initialize the theme name.
(WebKit::WebPage::effectiveAppearanceDidChange): Use this now for GTK port too.
* WebProcess/WebPage/WebPage.h:
* WebProcess/WebPage/WebPage.messages.in: Add ThemeDidChange message.
* WebProcess/WebPage/gtk/WebPageGtk.cpp:
(WebKit::WebPage::themeDidChange): Set the theme given name in gtk settings.
* WebProcess/gtk/WebProcessMainGtk.cpp:
Source/WTF:
Do not define HAVE_OS_DARK_MODE_SUPPORT for the GTK port.
* wtf/PlatformHave.h:
LayoutTests:
Rebaseline several tests for the new behavior.
* platform/gtk/css-dark-mode/color-scheme-priority-expected.txt: Added.
* platform/gtk/css-dark-mode/default-colors-expected.txt:
* platform/gtk/css-dark-mode/prefers-color-scheme-expected.txt:
Commit: efc7ea38618eec82547f0fbea700b9b223c45a2b
https://github.com/WebKit/WebKit/commit/efc7ea38618eec82547f0fbea700b9b223c45a2b
Author: Emilio Cobos Alvarez <emilio at crisal.io>
Date: 2020-01-29 (Wed, 29 Jan 2020)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/gtk/WaylandCompositor.cpp
Log Message:
-----------
Merge r253553 - [GTK] Build with USE_WPE_RENDERER=No fails with undefined EGL_WAYLAND_BUFFER_WL
https://bugs.webkit.org/show_bug.cgi?id=205250
Reviewed by Carlos Garcia Campos.
Define the enum if not present.
No new tests, just a build fix.
* UIProcess/gtk/WaylandCompositor.cpp:
Commit: 086ab4a07c03f7acce537684928d5a83091d6609
https://github.com/WebKit/WebKit/commit/086ab4a07c03f7acce537684928d5a83091d6609
Author: Charlie Turner <cturner at igalia.com>
Date: 2020-01-31 (Fri, 31 Jan 2020)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/NetworkProcess/cache/CacheStorageEngine.cpp
Log Message:
-----------
Merge r249802 - [GTK] Allow CacheStore::destroyEngine to destroy default engine for soup.
https://bugs.webkit.org/show_bug.cgi?id=201690
Reviewed by Carlos Garcia Campos.
* NetworkProcess/cache/CacheStorageEngine.cpp:
(WebKit::CacheStorage::Engine::destroyEngine): As we do for
NetworkProcess::destroySession, also allow destroying the engine
for the default session for the same reason.
Commit: af943717ab57e25d6b099ac758bd360b1dd64140
https://github.com/WebKit/WebKit/commit/af943717ab57e25d6b099ac758bd360b1dd64140
Author: Yury Semikhatsky <yurys at chromium.org>
Date: 2020-02-14 (Fri, 14 Feb 2020)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/glib/WebProcessPoolGLib.cpp
Log Message:
-----------
Merge r250077 - [GTK] Compilation errors when GL is disabled
https://bugs.webkit.org/show_bug.cgi?id=200223
Fix following compilation error when building with ENABLE_OPENGL=OFF
../../Source/WebKit/UIProcess/glib/WebProcessPoolGLib.cpp:123:51: error: use of undeclared identifier 'WaylandCompositor'
parameters.waylandCompositorDisplayName = WaylandCompositor::singleton().displayName();
^
Patch by Yury Semikhatsky <yurys at chromium.org> on 2019-09-18
Reviewed by Philippe Normand.
* UIProcess/glib/WebProcessPoolGLib.cpp:
(WebKit::WebProcessPool::platformInitializeWebProcess): only make a call when using EGL, this matches
guards in WaylandCompositor.h. The condition was changed in r245807.
Commit: b66a1a893f16b09701f9ba5cbd54fbf751665459
https://github.com/WebKit/WebKit/commit/b66a1a893f16b09701f9ba5cbd54fbf751665459
Author: Michael Catanzaro <mcatanzaro at gnome.org>
Date: 2020-02-14 (Fri, 14 Feb 2020)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/page/SecurityOrigin.cpp
Log Message:
-----------
Merge r255824 - [GTK] Cannot perform most local loads with sandbox enabled
https://bugs.webkit.org/show_bug.cgi?id=202071
Patch by Michael Catanzaro <mcatanzaro at gnome.org> on 2020-02-05
Reviewed by Carlos Garcia Campos.
SecurityOrigin::canDisplay is improperly checking whether the target file URL points to a
file on the same "volume" (mount point) as the source file. That can't happen here because
this code is running in the web process, but only the network process has access to the
unsandboxed filesystem. This code can only check whether the target file exists within the
sandbox's mount namespace, but that's not what we want to do because we're not going to load
that file, we're going to ask the network process to load the file with the same path
outside the mount namespace.
We can probably live without this check. But if bringing it back is desired, it has to be
done someplace totally different, in network process code rather than web process code.
* page/SecurityOrigin.cpp:
(WebCore::SecurityOrigin::canDisplay const):
Commit: 9f04b6120216dbd971f35c2315e4911884178dec
https://github.com/WebKit/WebKit/commit/9f04b6120216dbd971f35c2315e4911884178dec
Author: Patrick Griffis <pgriffis at igalia.com>
Date: 2020-02-14 (Fri, 14 Feb 2020)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp
Log Message:
-----------
Merge r255865 - [GTK][WPE] Add more fontconfig paths into the sandbox
https://bugs.webkit.org/show_bug.cgi?id=207293
Reviewed by Michael Catanzaro.
These paths were reported to be used on Debian.
* UIProcess/Launcher/glib/BubblewrapLauncher.cpp:
(WebKit::bindFonts):
Commit: 8526630830b5a20fa018802a7a95f210ed59972f
https://github.com/WebKit/WebKit/commit/8526630830b5a20fa018802a7a95f210ed59972f
Author: Michael Catanzaro <mcatanzaro at gnome.org>
Date: 2020-02-14 (Fri, 14 Feb 2020)
Changed paths:
M Source/ThirdParty/ANGLE/ChangeLog
M Source/ThirdParty/ANGLE/include/platform/Platform.h
M Source/ThirdParty/ANGLE/src/common/PackedEnums.h
Log Message:
-----------
Merge r256491 - Multiple GCC 10 build failures in ANGLE
https://bugs.webkit.org/show_bug.cgi?id=207365
Patch by Michael Catanzaro <mcatanzaro at gnome.org> on 2020-02-12
Reviewed by Carlos Alberto Lopez Perez.
* changes.diff: Updated.
* include/platform/Platform.h: Add missing #include to get size_t.
* src/common/PackedEnums.h: Remove problematic const_casts.
Commit: 5f63c51c16a98aed518aab9dd1574b8a9490e7b0
https://github.com/WebKit/WebKit/commit/5f63c51c16a98aed518aab9dd1574b8a9490e7b0
Author: Youenn Fablet <youennf at gmail.com>
Date: 2020-02-14 (Fri, 14 Feb 2020)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/http/tests/security/blob-null-url-location-origin-expected.txt
A LayoutTests/http/tests/security/blob-null-url-location-origin.html
M LayoutTests/platform/win/TestExpectations
M Source/WebCore/ChangeLog
M Source/WebCore/fileapi/ThreadableBlobRegistry.cpp
Log Message:
-----------
Merge r253544 - SecurityOrigin should be unique for null blob URLs that have been unregistered
https://bugs.webkit.org/show_bug.cgi?id=205169
Reviewed by Darin Adler.
Source/WebCore:
In case we cannot retrieve a cached origin for a null origin, just create a unique one.
This is better than having an origin with an empty host and empty scheme.
Test: http/tests/security/blob-null-url-location-origin.html
* fileapi/ThreadableBlobRegistry.cpp:
(WebCore::ThreadableBlobRegistry::unregisterBlobURL):
(WebCore::ThreadableBlobRegistry::getCachedOrigin):
LayoutTests:
* http/tests/security/blob-null-url-location-origin-expected.txt: Added.
* http/tests/security/blob-null-url-location-origin.html: Added.
* platform/win/TestExpectations: Skipping test as timing out in windows.
Commit: 9d1ea2dc39d60bf4fa46419d27cddc711c3b7c03
https://github.com/WebKit/WebKit/commit/9d1ea2dc39d60bf4fa46419d27cddc711c3b7c03
Author: Youenn Fablet <youennf at gmail.com>
Date: 2020-02-14 (Fri, 14 Feb 2020)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/http/tests/security/top-level-unique-origin.https-expected.txt
A LayoutTests/http/tests/security/top-level-unique-origin.https.html
A LayoutTests/http/tests/security/top-level-unique-origin2.https-expected.txt
A LayoutTests/http/tests/security/top-level-unique-origin2.https.html
M LayoutTests/platform/win/TestExpectations
M Source/WebCore/ChangeLog
M Source/WebCore/dom/Document.cpp
M Tools/ChangeLog
M Tools/TestWebKitAPI/Tests/WebKitCocoa/DeviceOrientation.mm
Log Message:
-----------
Merge r253563 - Consider top-level context whose origin is unique as insecure
https://bugs.webkit.org/show_bug.cgi?id=205111
Source/WebCore:
Reviewed by Brent Fulgham.
Tests: http/tests/security/top-level-unique-origin.https.html
http/tests/security/top-level-unique-origin2.https.html
* dom/Document.cpp:
(WebCore::Document::isSecureContext const):
There is no guarantee that top level unique origin contexts like data URL are SecureContext.
This patch makes them no longer SecureContext.
This helps getting closer to https://w3c.github.io/webappsec-secure-contexts/#is-url-trustworthy
which identifies all unique origins as "Not Trustworthy".
Child unique origin contexts will stay SecureContext if their parents are.
Tools:
<rdar://problem/57834967>
Reviewed by Brent Fulgham.
* TestWebKitAPI/Tests/WebKitCocoa/DeviceOrientation.mm:
(TEST):
Disable secure context checks so that loading directly about:blank from the API test
can call DeviceOrientationEvent.requestPermission() successfully.
LayoutTests:
Reviewed by Brent Fulgham.
* http/tests/security/top-level-unique-origin.https-expected.txt: Added.
* http/tests/security/top-level-unique-origin.https.html: Added.
* http/tests/security/top-level-unique-origin2.https-expected.txt: Added.
* http/tests/security/top-level-unique-origin2.https.html: Added.
* platform/win/TestExpectations: Skipping second test as timing out in windows.
Commit: f16bd439edf376bbe4c3b5fdc48d0dd8e41a882d
https://github.com/WebKit/WebKit/commit/f16bd439edf376bbe4c3b5fdc48d0dd8e41a882d
Author: Ryosuke Niwa <rniwa at webkit.org>
Date: 2020-02-14 (Fri, 14 Feb 2020)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/bindings/js/ScriptController.cpp
M Source/WebCore/bindings/js/ScriptController.h
M Source/WebCore/loader/FrameLoader.cpp
Log Message:
-----------
Merge r253654 - executeIfJavaScriptURL should check requester's security origin
https://bugs.webkit.org/show_bug.cgi?id=205324
Reviewed by Brent Fulgham.
Don't execute the JavaScript in ScriptController::executeIfJavaScriptURL if the security origin
of the current document is no longer accessible from the request originator's security origin.
* bindings/js/ScriptController.cpp:
(WebCore::ScriptController::executeIfJavaScriptURL): Added a check.
* bindings/js/ScriptController.h:
* loader/FrameLoader.cpp:
(WebCore::FrameLoader::urlSelected): Pass around the security origin of the requester.
(WebCore::FrameLoader::submitForm):
Commit: 5b5d18dcd5d4809f13fb5309d0eee7b085b9327e
https://github.com/WebKit/WebKit/commit/5b5d18dcd5d4809f13fb5309d0eee7b085b9327e
Author: Myles C. Maxfield <mmaxfield at apple.com>
Date: 2020-02-14 (Fri, 14 Feb 2020)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/fast/text/font-loading-global-keyword-expected.txt
A LayoutTests/fast/text/font-loading-global-keyword.html
M Source/WebCore/ChangeLog
M Source/WebCore/css/CSSFontFaceSet.cpp
Log Message:
-----------
Merge r254220 - Fix specification violation in Font Loading API
https://bugs.webkit.org/show_bug.cgi?id=205901
<rdar://problem/58083743>
Reviewed by Brent Fulgham.
Source/WebCore:
Our Font Loading API does not comply with the spec:
> If the parsed value is a CSS-wide keyword, return a syntax error.
Rather than crashing, we should return a syntax error.
Test: fast/text/font-loading-global-keyword.html
* css/CSSFontFaceSet.cpp:
(WebCore::computeFontSelectionRequest):
(WebCore::CSSFontFaceSet::matchingFacesExcludingPreinstalledFonts):
LayoutTests:
Test all the entry points to the CSS Font Loading API that accept CSS keywords.
* fast/text/font-loading-global-keyword-expected.txt: Added.
* fast/text/font-loading-global-keyword.html: Added.
Commit: a6e3e7e27b2e3c3d97f23ecf35498a40625869a3
https://github.com/WebKit/WebKit/commit/a6e3e7e27b2e3c3d97f23ecf35498a40625869a3
Author: Brent Fulgham <bfulgham at webkit.org>
Date: 2020-02-14 (Fri, 14 Feb 2020)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/page/SecurityOrigin.cpp
Log Message:
-----------
Merge r253662 - Limit URL to reasonable size
https://bugs.webkit.org/show_bug.cgi?id=203825
<rdar://problem/56878680>
Reviewed by Ryosuke Niwa.
* page/SecurityOrigin.cpp:
(WebCore::SecurityOrigin::canDisplay const): Place an upper bound on the amount of
memory a URL may consume.
Commit: 0a44fa21eed3113d0e1208ed7efc337c7c1dbec5
https://github.com/WebKit/WebKit/commit/0a44fa21eed3113d0e1208ed7efc337c7c1dbec5
Author: Brent Fulgham <bfulgham at webkit.org>
Date: 2020-02-14 (Fri, 14 Feb 2020)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/fast/url/data-url-large-expected.txt
A LayoutTests/fast/url/data-url-large.html
M Source/WebCore/ChangeLog
M Source/WebCore/page/SecurityOrigin.cpp
Log Message:
-----------
Merge r254301 - REGRESSION (r253662): Large Data URLs are not being handled properly
https://bugs.webkit.org/show_bug.cgi?id=205979
<rdar://problem/58346124>
Reviewed by Youenn Fablet.
Source/WebCore:
The URL size limitation added in r253662 was too low. We should bump it to handle
reasonable data URI sizes.
Test: fast/url/data-url-large.html.
* page/SecurityOrigin.cpp:
LayoutTests:
* fast/url/data-url-large-expected.txt: Added.
* fast/url/data-url-large.html: Added.
Commit: e63b784e79572ada3d17cb1bdca7ee29dbf97dda
https://github.com/WebKit/WebKit/commit/e63b784e79572ada3d17cb1bdca7ee29dbf97dda
Author: Carlos Garcia Campos <carlosgc at webkit.org>
Date: 2020-02-14 (Fri, 14 Feb 2020)
Changed paths:
M ChangeLog
M Source/WebKit/ChangeLog
M Source/WebKit/gtk/NEWS
M Source/cmake/OptionsGTK.cmake
Log Message:
-----------
Unreviewed. Update OptionsGTK.cmake and NEWS for 2.26.4 release
.:
* Source/cmake/OptionsGTK.cmake: Bump version numbers.
Source/WebKit:
* gtk/NEWS: Add release notes for 2.26.4.
Commit: e3662846338cc54f399c29a80062172302439206
https://github.com/WebKit/WebKit/commit/e3662846338cc54f399c29a80062172302439206
Author: Adrian Perez de Castro <aperez at igalia.com>
Date: 2020-02-14 (Fri, 14 Feb 2020)
Changed paths:
M ChangeLog
M Source/WebKit/ChangeLog
M Source/WebKit/wpe/NEWS
M Source/cmake/OptionsWPE.cmake
Log Message:
-----------
Unreviewed. Update OptionsWPE.cmake and NEWS for the 2.26.4 release
.:
* Source/cmake/OptionsWPE.cmake: Bump version numbers.
Source/WebKit:
* wpe/NEWS: Add release notes for 2.26.4.
Commit: 6ea694fcc557266dcab92d955c777ee8520b03d0
https://github.com/WebKit/WebKit/commit/6ea694fcc557266dcab92d955c777ee8520b03d0
Author: Tomoki Imai <Tomoki.Imai at sony.com>
Date: 2020-03-13 (Fri, 13 Mar 2020)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/platform/graphics/nicosia/NicosiaAnimation.cpp
M Source/WebCore/platform/graphics/nicosia/NicosiaAnimation.h
M Source/WebCore/platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp
Log Message:
-----------
Merge r254680 - Do not detect the stopped animations in Nicosia::Animation to avoid flashback
https://bugs.webkit.org/show_bug.cgi?id=206280
Patch by Tomoki Imai <Tomoki.Imai at sony.com> on 2020-01-16
Reviewed by Carlos Garcia Campos.
This fixes the animation flashback issue found in https://webkit.org/blog-files/3d-transforms/morphing-cubes.html.
The flashback was caused by using the old layer transform matrix saved when the animation has been started.
The root cause is an inconsistency of animation state in Nicosia::Animation and CoordinatedGraphicsLayer.
For Nicosia::Animation, ThreadedCompositor increases MonitonicTime for animation every frame, and calls Nicosia::Animation::apply.
For CoordinatedGraphicsLayer, CSSAnimationController updates animations list and if the animation has been finished it updates CSS value.
There is a chance to use old layer state while the Nicosia::Animation stopped, but CoordinatedGraphicsLayer still obtains old CSS value and animations.
In this patch, all the Nicosia::Animation is considered to have "AnimationFillMode::Forwards" or "AnimationFillMode::Both",
which means they are active and use the last position when the animation is stopped.
Stopping and removing animations should be only done by CSSAnimationController and CoordinatedGraphicsScene
as they can remove the animation from the list and update the CSS value at the same time.
Mac implementation GraphicsLayerCA has a similar logic, it replaces AnimationFillMode with Forwards or Both.
https://trac.webkit.org/browser/webkit/trunk/Source/WebCore/platform/graphics/ca/GraphicsLayerCA.cpp?rev=254502#L3248
Tested manually with https://webkit.org/blog-files/3d-transforms/morphing-cubes.html
* platform/graphics/nicosia/NicosiaAnimation.cpp:
(Nicosia::Animation::apply): Return the last value for stopped animations to avoid flickering
(Nicosia::Animation::isActive const): Removed. It should always return true because
all the animations are considered as fillsForwards in Nicosia::Animation to avoid flashback.
(Nicosia::Animations::hasActiveAnimationsOfType const): Remove isActive check.
(Nicosia::Animations::getActiveAnimations() const): Removed. It returns whole animations list because all the animations are active.
* platform/graphics/nicosia/NicosiaAnimation.h:
* platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
(WebCore::CoordinatedGraphicsLayer::flushCompositingStateForThisLayerOnly):
Commit: d95ba8834a6864de66490261ebd4d05698517475
https://github.com/WebKit/WebKit/commit/d95ba8834a6864de66490261ebd4d05698517475
Author: Caio Araujo Neponoceno de Lima <ticaiolima at gmail.com>
Date: 2020-03-13 (Fri, 13 Mar 2020)
Changed paths:
M JSTests/ChangeLog
A JSTests/stress/tail-call-with-spilled-registers.js
M Source/JavaScriptCore/ChangeLog
M Source/JavaScriptCore/bytecode/AccessCase.cpp
Log Message:
-----------
Merge r258143 - Tail calls are broken on ARM_THUMB2 and MIPS
https://bugs.webkit.org/show_bug.cgi?id=197797
Reviewed by Yusuke Suzuki.
JSTests:
* stress/tail-call-with-spilled-registers.js: Added.
Source/JavaScriptCore:
`prepareForTailCall` operation expects that header size + parameters
size is aligned with stack (alignment is 16-bytes for every architecture).
This means that headerSizeInBytes + argumentsIncludingThisInBytes needs
to be multiple of 16. This was not being preserved during getter IC code
for 32-bits. The code generated was taking in account only
headerSizeInRegisters (it is 4 on 32-bits) and argumentsIncludingThis
(that is always 1 for getters) and allocating 32-bytes when applying
operation `(headerSize + argumentsIncludingThis) * 8 - sizeof(CallerFrameAndPC)`.
This results in a stack frame with size of 40 bytes (after we push
`lr` and `sp`). Since `prepareForTailCall` expects frames to be
16-bytes aligned, it will then calculate the top of such frame
considering it is 48 bytes, cloberring values of previous frame and
causing unexpected behavior. This patch is fixing how this IC code
calculates the stack frame using `roundArgumentCountToAlignFrame(numberOfParameters)`
aligning with what we do on code without IC installed.
This was not a problem for getter and setter IC on 64-bits because
`roundArgumentCountToAlignFrame(1) == 1` and `roundArgumentCountToAlignFrame(2) == 3`
while it is `roundArgumentCountToAlignFrame(1) == 2` and
`roundArgumentCountToAlignFrame(2) == 2` for MIPS and ARMv7.
* bytecode/AccessCase.cpp:
(JSC::AccessCase::generateImpl):
Commit: d8eb3c916dc15043e8ba3ef020c7f6fe081fe370
https://github.com/WebKit/WebKit/commit/d8eb3c916dc15043e8ba3ef020c7f6fe081fe370
Author: Pavel Feldman <pfeldman at chromium.org>
Date: 2020-03-13 (Fri, 13 Mar 2020)
Changed paths:
M Source/WebKit/ChangeLog
M Source/WebKit/UIProcess/geoclue/GeoclueGeolocationProvider.cpp
Log Message:
-----------
Merge r256703 - [Geoclue] Avoid usage of provider in callbacks after it has been destroyed
https://bugs.webkit.org/show_bug.cgi?id=207420
GeoclueGeolocationProvider was making non-cancelable g_dbus_proxy_call(s) with
bare |this| pointer.
Patch by Pavel Feldman <pavel.feldman at gmail.com> on 2020-02-15
Reviewed by Carlos Garcia Campos.
* UIProcess/geoclue/GeoclueGeolocationProvider.cpp:
(WebKit::GeoclueGeolocationProvider::start):
(WebKit::GeoclueGeolocationProvider::stop):
(WebKit::GeoclueGeolocationProvider::setupManager):
(WebKit::GeoclueGeolocationProvider::createClient):
(WebKit::GeoclueGeolocationProvider::startClient):
(WebKit::GeoclueGeolocationProvider::didFail):
* UIProcess/geoclue/GeoclueGeolocationProvider.h:
Commit: af115d3002d5633b7f11881db212bde179b67078
https://github.com/WebKit/WebKit/commit/af115d3002d5633b7f11881db212bde179b67078
Author: ChangSeok Oh <changseok at webkit.org>
Date: 2020-03-13 (Fri, 13 Mar 2020)
Changed paths:
M Source/WebCore/ChangeLog
M Source/WebCore/accessibility/AXObjectCache.cpp
Log Message:
-----------
Merge r257292 - PS-2019-006: [GTK] WebKit - AXObjectCache - m_deferredFocusedNodeChange - UaF
https://bugs.webkit.org/show_bug.cgi?id=204342
Reviewed by Carlos Garcia Campos.
m_deferredFocusedNodeChange keeps pairs of a old node and a new one
to update a focused node later. When a node is removed in the document,
it is also removed from the pair vector. The problem is only comparing
the new node in each pair with a removed node decides the removal.
In the case where the removed node lives in m_deferredFocusedNodeChange
as an old node, a crash happens while we get a renderer of the removed node
to handle focused elements. To fix this, we find all entries of which old node
is matched to the removed node, and set their first value null.
No new tests since no functionality changed.
* accessibility/AXObjectCache.cpp:
(WebCore::AXObjectCache::remove):
Commit: 2f24e408343e4be68f37e47e668dfd7ac4a237e9
https://github.com/WebKit/WebKit/commit/2f24e408343e4be68f37e47e668dfd7ac4a237e9
Author: Mike Gorse <mgorse at suse.com>
Date: 2020-03-14 (Sat, 14 Mar 2020)
Changed paths:
M Source/bmalloc/ChangeLog
M Source/bmalloc/bmalloc/BPlatform.h
Log Message:
-----------
Merge r258142 - Build failure on ppc64le if __unix is undefined
https://bugs.webkit.org/show_bug.cgi?id=207906
Patch by Mike Gorse <mgorse at suse.com> on 2020-03-09
Reviewed by Yusuke Suzuki.
* bmalloc/BPlatform.h: Check for __unix__ along with __unix.
Commit: 27b191d7f209a4f7119a439621acc761f103a5f8
https://github.com/WebKit/WebKit/commit/27b191d7f209a4f7119a439621acc761f103a5f8
Author: Doug Kelly <dougk at apple.com>
Date: 2020-03-14 (Sat, 14 Mar 2020)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/fast/events/detached-svg-parent-window-events-expected.txt
A LayoutTests/fast/events/detached-svg-parent-window-events.html
A LayoutTests/fast/events/onerror-svg-symbol-expected.txt
A LayoutTests/fast/events/onerror-svg-symbol.html
M Source/WebCore/ChangeLog
M Source/WebCore/svg/SVGSVGElement.cpp
Log Message:
-----------
Merge r257897 - Crash in SVGElement::removeEventListener with symbol element
https://bugs.webkit.org/show_bug.cgi?id=207920
Patch by Doug Kelly <dougk at apple.com> on 2020-03-04
Reviewed by Ryosuke Niwa.
Source/WebCore:
Resolves a crash in SVGElement::removeEventListener by only attaching the events to the window if the SVG element is both the outermost
SVG element, in addition to ensuring the SVG element is attached to the tree. The symbol element's behavior when referenced by a use
tag actually creates an svg tag instead, so the SVGSVGElement's special behavior for copying attributes is vital.
Note that Chrome and Firefox have a similar behavior for detached SVG elements as to what this change creates: in both other browsers,
onerror is not fired for a detached svg element, and in Firefox, onresize is not fired for a detached svg element (it is however fired
in Chrome).
Tests: fast/events/detached-svg-parent-window-events.html
fast/events/onerror-svg-symbol.html
* svg/SVGSVGElement.cpp:
(WebCore::SVGSVGElement::parseAttribute):
LayoutTests:
* fast/events/detached-svg-parent-window-events-expected.txt: Added.
* fast/events/detached-svg-parent-window-events.html: Added.
* fast/events/onerror-svg-symbol-expected.txt: Added.
* fast/events/onerror-svg-symbol.html: Added.
Commit: 1e7ef8dd387751e2a6c3d531ef26c42da9a7e541
https://github.com/WebKit/WebKit/commit/1e7ef8dd387751e2a6c3d531ef26c42da9a7e541
Author: Doug Kelly <dougk at apple.com>
Date: 2020-03-14 (Sat, 14 Mar 2020)
Changed paths:
M LayoutTests/ChangeLog
A LayoutTests/fast/table/insert-cell-invisible-parent-expected.txt
A LayoutTests/fast/table/insert-cell-invisible-parent.html
M Source/WebCore/ChangeLog
M Source/WebCore/rendering/RenderElement.cpp
Log Message:
-----------
Merge r257720 - ASSERT(m_column != unsetColumnIndex) in RenderTable::cellBefore
https://bugs.webkit.org/show_bug.cgi?id=208397
Patch by Doug Kelly <dougk at apple.com> on 2020-03-02
Reviewed by Zalan Bujtas.
Source/WebCore:
When inserting a cell into a table row which is not visible, this can lead to attempting to compute the repaint
rects during tree building. Instead, mark the layer as dirty using dirtyVisibleContentStatus(), and the visibility
will be recomputed at a later time.
Test: fast/table/insert-cell-invisible-parent.html
* rendering/RenderElement.cpp:
(WebCore::RenderElement::insertedIntoTree):
LayoutTests:
* fast/table/insert-cell-invisible-parent-expected.txt: Added.
* fast/table/insert-cell-invisible-parent.html: Added.
Compare: https://github.com/WebKit/WebKit/compare/c0fea8439801%5E...1e7ef8dd3877
More information about the webkit-changes
mailing list