import webkit2gtk3-2.38.5-1.el8

This commit is contained in:
CentOS Sources 2023-05-16 06:08:37 +00:00 committed by Stepan Oksanichenko
parent ba9d97f722
commit 8ad4c33562
11 changed files with 110 additions and 909 deletions

2
.gitignore vendored
View File

@ -1,2 +1,2 @@
SOURCES/webkitgtk-2.36.7.tar.xz
SOURCES/webkitgtk-2.38.5.tar.xz
SOURCES/webkitgtk-keys.gpg

View File

@ -1,2 +1,2 @@
36078148b6e0ef002f0279b25b1caf173f851ac8 SOURCES/webkitgtk-2.36.7.tar.xz
1774390c628bb3a524d4ed76f11de4a878078db6 SOURCES/webkitgtk-2.38.5.tar.xz
cf57cbbadf2a07c6ede1c886f9742b7d352460c0 SOURCES/webkitgtk-keys.gpg

View File

@ -1,78 +0,0 @@
From 98940f219ba0e3eb6d958af483b73dd9cc75c28c Mon Sep 17 00:00:00 2001
From: Mark Lam <mark.lam@apple.com>
Date: Mon, 19 Dec 2022 17:32:15 -0800
Subject: [PATCH] Cherry-pick 252432.839@safari-7614-branch (71cdc1c09ef1).
rdar://102531234
The provenType filtering in FTL's speculateRealNumber is incorrect.
https://bugs.webkit.org/show_bug.cgi?id=248266
<rdar://problem/102531234>
Reviewed by Justin Michaud.
speculateRealNumber does a doubleEqual compare, which filters out double values which
are not NaN. NaN values will fall through to the `intCase` block. In the `intCase` block,
the isNotInt32() check there was given a proven type that wrongly filters out ~SpecFullDouble.
Consider a scenario where the edge was proven to be { SpecInt32Only, SpecDoubleReal,
SpecDoublePureNaN }. SpecFullDouble is defined as SpecDoubleReal | SpecDoubleNaN, and
SpecDoubleNaN is defined as SpecDoublePureNaN | SpecDoubleImpureNaN. Hence, the filtering
of the proven type with ~SpecFullDouble means that isNotInt32() will effectively be given
a proven type of
{ SpecInt32Only, SpecDoubleReal, SpecDoublePureNaN } - { SpecDoubleReal, SpecDoublePureNaN }
which yields
{ SpecInt32Only }.
As a result, the compiler will think that that isNotIn32() check will always fail. This
is not correct if the actual incoming value for that edge is actually a PureNaN. In this
case, speculateRealNumber should have OSR exited, but it doesn't because it thinks that
the isNotInt32() check will always fail and elide the check altogether.
In this patch, we fix this by replacing the ~SpecFullDouble with ~SpecDoubleReal. We also
rename the `intCase` block to `intOrNaNCase` to document what it actually handles.
* JSTests/stress/speculate-real-number-in-object-is.js: Added.
(test.object_is_opt):
(test):
* Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp:
(JSC::FTL::DFG::LowerDFGToB3::compileCompareStrictEq):
Canonical link: https://commits.webkit.org/252432.839@safari-7614-branch
Canonical link: https://commits.webkit.org/258113@main
---
.../speculate-real-number-in-object-is.js | 22 +++++++++++++++++++
Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp | 8 +++----
2 files changed, 26 insertions(+), 4 deletions(-)
create mode 100644 JSTests/stress/speculate-real-number-in-object-is.js
diff --git a/Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp b/Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp
index 3ba2d21b8072..18d13f1941bb 100644
--- a/Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp
+++ b/Source/JavaScriptCore/ftl/FTLLowerDFGToB3.cpp
@@ -20574,18 +20574,18 @@ IGNORE_CLANG_WARNINGS_END
LValue value = lowJSValue(edge, ManualOperandSpeculation);
LValue doubleValue = unboxDouble(value);
- LBasicBlock intCase = m_out.newBlock();
+ LBasicBlock intOrNaNCase = m_out.newBlock();
LBasicBlock continuation = m_out.newBlock();
m_out.branch(
m_out.doubleEqual(doubleValue, doubleValue),
- usually(continuation), rarely(intCase));
+ usually(continuation), rarely(intOrNaNCase));
- LBasicBlock lastNext = m_out.appendTo(intCase, continuation);
+ LBasicBlock lastNext = m_out.appendTo(intOrNaNCase, continuation);
typeCheck(
jsValueValue(value), m_node->child1(), SpecBytecodeRealNumber,
- isNotInt32(value, provenType(m_node->child1()) & ~SpecFullDouble));
+ isNotInt32(value, provenType(m_node->child1()) & ~SpecDoubleReal));
m_out.jump(continuation);
m_out.appendTo(continuation, lastNext);

View File

@ -1,55 +0,0 @@
From d44ded97d14cdb5ac2eb011203e5f4c45dfd94b9 Mon Sep 17 00:00:00 2001
From: Yusuke Suzuki <ysuzuki@apple.com>
Date: Wed, 8 Feb 2023 15:32:00 -0800
Subject: [PATCH] Cherry-pick 1b2eb138ef92. rdar://problem/105236768
[JSC] ToThis object folding should check if AbstractValue is always an object
https://bugs.webkit.org/show_bug.cgi?id=251944
rdar://105175786
Reviewed by Geoffrey Garen and Mark Lam.
ToThis can become Identity for strict mode if it is just primitive values or its object does not have toThis function overriding.
This is correct, but folding ToThis to Undefined etc. (not Identity) needs to check that an input only contains objects.
This patch adds appropriate checks to prevent from converting ToThis(GlobalObject | Int32) to Undefined for example.
* Source/JavaScriptCore/dfg/DFGAbstractInterpreterInlines.h:
(JSC::DFG::isToThisAnIdentity):
Canonical link: https://commits.webkit.org/259548.63@safari-7615-branch
---
.../JavaScriptCore/dfg/DFGAbstractInterpreterInlines.h | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/Source/JavaScriptCore/dfg/DFGAbstractInterpreterInlines.h b/Source/JavaScriptCore/dfg/DFGAbstractInterpreterInlines.h
index ea7bcd6b7b31..ef3f6bbe376e 100644
--- a/Source/JavaScriptCore/dfg/DFGAbstractInterpreterInlines.h
+++ b/Source/JavaScriptCore/dfg/DFGAbstractInterpreterInlines.h
@@ -209,7 +209,8 @@ inline ToThisResult isToThisAnIdentity(VM& vm, ECMAMode ecmaMode, AbstractValue&
}
}
- if ((ecmaMode.isStrict() || (valueForNode.m_type && !(valueForNode.m_type & ~SpecObject))) && valueForNode.m_structure.isFinite()) {
+ bool onlyObjects = valueForNode.m_type && !(valueForNode.m_type & ~SpecObject);
+ if ((ecmaMode.isStrict() || onlyObjects) && valueForNode.m_structure.isFinite()) {
bool allStructuresAreJSScope = !valueForNode.m_structure.isClear();
bool overridesToThis = false;
valueForNode.m_structure.forEach([&](RegisteredStructure structure) {
@@ -226,9 +227,13 @@ inline ToThisResult isToThisAnIdentity(VM& vm, ECMAMode ecmaMode, AbstractValue&
// If all the structures are JSScope's ones, we know the details of JSScope::toThis() operation.
allStructuresAreJSScope &= structure->classInfo()->methodTable.toThis == JSScope::info()->methodTable.toThis;
});
+
+ // This is correct for strict mode even if this can have non objects, since the right semantics is Identity.
if (!overridesToThis)
return ToThisResult::Identity;
- if (allStructuresAreJSScope) {
+
+ // But this folding is available only if input is always an object.
+ if (onlyObjects && allStructuresAreJSScope) {
if (ecmaMode.isStrict())
return ToThisResult::Undefined;
return ToThisResult::GlobalThis;
--
2.39.1

View File

@ -1,664 +0,0 @@
From 162f94957f5a65aa0177bdea2b5810d44b637b5a Mon Sep 17 00:00:00 2001
From: Mark Lam <mark.lam@apple.com>
Date: Fri, 31 Mar 2023 10:49:49 -0700
Subject: [PATCH] Cherry-pick 259548.395@safari-7615.1.26.11-branch
(1039f0c3235f). <bug>
Cherry-pick 2c49ff7b0481. rdar://problem/107369977
CloneDeserializer::deserialize() should store cell pointers in a MarkedVector.
https://bugs.webkit.org/show_bug.cgi?id=254797
rdar://107369977
Reviewed by Justin Michaud.
Previously, CloneDeserializer::deserialize() was storing pointers to newly created objects
in a few Vectors. This is problematic because the GC is not aware of Vectors, and cannot
scan them. In this patch, we refactor the MarkedArgumentBuffer class into a MarkedVector
template class that offer 2 enhancements:
1. It can be configured to store specific types of cell pointer types. This avoids us
having to constantly cast JSValues into these pointers.
2. It allows us to specify the type of OverflowHandler we want to use. In this case,
we want to use CrashOnOverflow. The previous MarkedArgumentBuffer always assumes
RecordOnOverflow. This allows us to avoid having to manually check for overflows,
or have to use appendWithCrashOnOverflow. For our current needs, MarkedVector can be
used as a drop in replacement for Vector.
And we fix the CloneDeserializer::deserialize() issue by replacing the use of Vectors
with MarkedVector instead.
* Source/JavaScriptCore/heap/Heap.cpp:
(JSC::Heap::addCoreConstraints):
* Source/JavaScriptCore/heap/Heap.h:
* Source/JavaScriptCore/heap/HeapInlines.h:
* Source/JavaScriptCore/runtime/ArgList.cpp:
(JSC::MarkedVectorBase::addMarkSet):
(JSC::MarkedVectorBase::markLists):
(JSC::MarkedVectorBase::slowEnsureCapacity):
(JSC::MarkedVectorBase::expandCapacity):
(JSC::MarkedVectorBase::slowAppend):
(JSC::MarkedArgumentBufferBase::addMarkSet): Deleted.
(JSC::MarkedArgumentBufferBase::markLists): Deleted.
(JSC::MarkedArgumentBufferBase::slowEnsureCapacity): Deleted.
(JSC::MarkedArgumentBufferBase::expandCapacity): Deleted.
(JSC::MarkedArgumentBufferBase::slowAppend): Deleted.
* Source/JavaScriptCore/runtime/ArgList.h:
(JSC::MarkedVectorWithSize::MarkedVectorWithSize):
(JSC::MarkedVectorWithSize::at const):
(JSC::MarkedVectorWithSize::clear):
(JSC::MarkedVectorWithSize::append):
(JSC::MarkedVectorWithSize::appendWithCrashOnOverflow):
(JSC::MarkedVectorWithSize::last const):
(JSC::MarkedVectorWithSize::takeLast):
(JSC::MarkedVectorWithSize::ensureCapacity):
(JSC::MarkedVectorWithSize::hasOverflowed):
(JSC::MarkedVectorWithSize::fill):
(JSC::MarkedArgumentBufferWithSize::MarkedArgumentBufferWithSize): Deleted.
* Source/WebCore/Modules/webaudio/AudioWorkletProcessor.cpp:
(WebCore::AudioWorkletProcessor::buildJSArguments):
* Source/WebCore/Modules/webaudio/AudioWorkletProcessor.h:
* Source/WebCore/bindings/js/SerializedScriptValue.cpp:
(WebCore::CloneDeserializer::deserialize):
Canonical link: https://commits.webkit.org/259548.530@safari-7615-branch
Identifier: 259548.395@safari-7615.1.26.11-branch
---
Source/JavaScriptCore/heap/Heap.cpp | 6 +-
Source/JavaScriptCore/heap/Heap.h | 8 +-
Source/JavaScriptCore/heap/HeapInlines.h | 6 +-
Source/JavaScriptCore/runtime/ArgList.cpp | 46 ++--
Source/JavaScriptCore/runtime/ArgList.h | 206 ++++++++++--------
.../webaudio/AudioWorkletProcessor.cpp | 4 +-
.../Modules/webaudio/AudioWorkletProcessor.h | 7 +-
.../bindings/js/SerializedScriptValue.cpp | 11 +-
8 files changed, 160 insertions(+), 134 deletions(-)
diff --git a/Source/JavaScriptCore/heap/Heap.cpp b/Source/JavaScriptCore/heap/Heap.cpp
index 8e53ddead1fd..7e3f8487f3db 100644
--- a/Source/JavaScriptCore/heap/Heap.cpp
+++ b/Source/JavaScriptCore/heap/Heap.cpp
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2003-2022 Apple Inc. All rights reserved.
+ * Copyright (C) 2003-2023 Apple Inc. All rights reserved.
* Copyright (C) 2007 Eric Seidel <eric@webkit.org>
*
* This library is free software; you can redistribute it and/or
@@ -2836,9 +2836,9 @@ void Heap::addCoreConstraints()
visitor.appendUnbarriered(pair.key);
}
- if (m_markListSet && m_markListSet->size()) {
+ if (!m_markListSet.isEmpty()) {
SetRootMarkReasonScope rootScope(visitor, RootMarkReason::ConservativeScan);
- MarkedArgumentBufferBase::markLists(visitor, *m_markListSet);
+ MarkedVectorBase::markLists(visitor, m_markListSet);
}
{
diff --git a/Source/JavaScriptCore/heap/Heap.h b/Source/JavaScriptCore/heap/Heap.h
index af0e4c46a6ce..fd8cf668baae 100644
--- a/Source/JavaScriptCore/heap/Heap.h
+++ b/Source/JavaScriptCore/heap/Heap.h
@@ -1,7 +1,7 @@
/*
* Copyright (C) 1999-2000 Harri Porten (porten@kde.org)
* Copyright (C) 2001 Peter Kelly (pmk@post.com)
- * Copyright (C) 2003-2022 Apple Inc. All rights reserved.
+ * Copyright (C) 2003-2023 Apple Inc. All rights reserved.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
@@ -85,7 +85,7 @@ class MarkStackArray;
class MarkStackMergingConstraint;
class MarkedJSValueRefArray;
class BlockDirectory;
-class MarkedArgumentBufferBase;
+class MarkedVectorBase;
class MarkingConstraint;
class MarkingConstraintSet;
class MutatorScheduler;
@@ -410,7 +410,7 @@ public:
JS_EXPORT_PRIVATE std::unique_ptr<TypeCountSet> protectedObjectTypeCounts();
JS_EXPORT_PRIVATE std::unique_ptr<TypeCountSet> objectTypeCounts();
- HashSet<MarkedArgumentBufferBase*>& markListSet();
+ HashSet<MarkedVectorBase*>& markListSet();
void addMarkedJSValueRefArray(MarkedJSValueRefArray*);
template<typename Functor> void forEachProtectedCell(const Functor&);
@@ -779,7 +779,7 @@ private:
size_t m_deprecatedExtraMemorySize { 0 };
ProtectCountSet m_protectedValues;
- std::unique_ptr<HashSet<MarkedArgumentBufferBase*>> m_markListSet;
+ HashSet<MarkedVectorBase*> m_markListSet;
SentinelLinkedList<MarkedJSValueRefArray, BasicRawSentinelNode<MarkedJSValueRefArray>> m_markedJSValueRefArrays;
std::unique_ptr<MachineThreads> m_machineThreads;
diff --git a/Source/JavaScriptCore/heap/HeapInlines.h b/Source/JavaScriptCore/heap/HeapInlines.h
index 39c06b659d9c..4d767a564d5f 100644
--- a/Source/JavaScriptCore/heap/HeapInlines.h
+++ b/Source/JavaScriptCore/heap/HeapInlines.h
@@ -206,11 +206,9 @@ inline void Heap::decrementDeferralDepthAndGCIfNeeded()
}
}
-inline HashSet<MarkedArgumentBufferBase*>& Heap::markListSet()
+inline HashSet<MarkedVectorBase*>& Heap::markListSet()
{
- if (!m_markListSet)
- m_markListSet = makeUnique<HashSet<MarkedArgumentBufferBase*>>();
- return *m_markListSet;
+ return m_markListSet;
}
inline void Heap::reportExtraMemoryAllocated(size_t size)
diff --git a/Source/JavaScriptCore/runtime/ArgList.cpp b/Source/JavaScriptCore/runtime/ArgList.cpp
index f2815b80c8c7..a72dea74a56f 100644
--- a/Source/JavaScriptCore/runtime/ArgList.cpp
+++ b/Source/JavaScriptCore/runtime/ArgList.cpp
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2003-2021 Apple Inc. All rights reserved.
+ * Copyright (C) 2003-2023 Apple Inc. All rights reserved.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Library General Public
@@ -27,7 +27,7 @@ using std::min;
namespace JSC {
-void MarkedArgumentBufferBase::addMarkSet(JSValue v)
+void MarkedVectorBase::addMarkSet(JSValue v)
{
if (m_markSet)
return;
@@ -52,47 +52,47 @@ void ArgList::getSlice(int startIndex, ArgList& result) const
}
template<typename Visitor>
-void MarkedArgumentBufferBase::markLists(Visitor& visitor, ListSet& markSet)
+void MarkedVectorBase::markLists(Visitor& visitor, ListSet& markSet)
{
ListSet::iterator end = markSet.end();
for (ListSet::iterator it = markSet.begin(); it != end; ++it) {
- MarkedArgumentBufferBase* list = *it;
+ MarkedVectorBase* list = *it;
for (int i = 0; i < list->m_size; ++i)
visitor.appendUnbarriered(JSValue::decode(list->slotFor(i)));
}
}
-template void MarkedArgumentBufferBase::markLists(AbstractSlotVisitor&, ListSet&);
-template void MarkedArgumentBufferBase::markLists(SlotVisitor&, ListSet&);
+template void MarkedVectorBase::markLists(AbstractSlotVisitor&, ListSet&);
+template void MarkedVectorBase::markLists(SlotVisitor&, ListSet&);
-void MarkedArgumentBufferBase::slowEnsureCapacity(size_t requestedCapacity)
+auto MarkedVectorBase::slowEnsureCapacity(size_t requestedCapacity) -> Status
{
setNeedsOverflowCheck();
auto checkedNewCapacity = CheckedInt32(requestedCapacity);
if (UNLIKELY(checkedNewCapacity.hasOverflowed()))
- return this->overflowed();
- expandCapacity(checkedNewCapacity);
+ return Status::Overflowed;
+ return expandCapacity(checkedNewCapacity);
}
-void MarkedArgumentBufferBase::expandCapacity()
+auto MarkedVectorBase::expandCapacity() -> Status
{
setNeedsOverflowCheck();
auto checkedNewCapacity = CheckedInt32(m_capacity) * 2;
if (UNLIKELY(checkedNewCapacity.hasOverflowed()))
- return this->overflowed();
- expandCapacity(checkedNewCapacity);
+ return Status::Overflowed;
+ return expandCapacity(checkedNewCapacity);
}
-void MarkedArgumentBufferBase::expandCapacity(int newCapacity)
+auto MarkedVectorBase::expandCapacity(int newCapacity) -> Status
{
setNeedsOverflowCheck();
ASSERT(m_capacity < newCapacity);
auto checkedSize = CheckedSize(newCapacity) * sizeof(EncodedJSValue);
if (UNLIKELY(checkedSize.hasOverflowed()))
- return this->overflowed();
+ return Status::Overflowed;
EncodedJSValue* newBuffer = static_cast<EncodedJSValue*>(Gigacage::tryMalloc(Gigacage::JSValue, checkedSize));
if (!newBuffer)
- return this->overflowed();
+ return Status::Overflowed;
for (int i = 0; i < m_size; ++i) {
newBuffer[i] = m_buffer[i];
addMarkSet(JSValue::decode(m_buffer[i]));
@@ -103,21 +103,23 @@ void MarkedArgumentBufferBase::expandCapacity(int newCapacity)
m_buffer = newBuffer;
m_capacity = newCapacity;
+ return Status::Success;
}
-void MarkedArgumentBufferBase::slowAppend(JSValue v)
+auto MarkedVectorBase::slowAppend(JSValue v) -> Status
{
ASSERT(m_size <= m_capacity);
- if (m_size == m_capacity)
- expandCapacity();
- if (UNLIKELY(Base::hasOverflowed())) {
- ASSERT(m_needsOverflowCheck);
- return;
+ if (m_size == m_capacity) {
+ auto status = expandCapacity();
+ if (status == Status::Overflowed) {
+ ASSERT(m_needsOverflowCheck);
+ return status;
+ }
}
-
slotFor(m_size) = JSValue::encode(v);
++m_size;
addMarkSet(v);
+ return Status::Success;
}
} // namespace JSC
diff --git a/Source/JavaScriptCore/runtime/ArgList.h b/Source/JavaScriptCore/runtime/ArgList.h
index 8ea9b0e308b8..07632263266b 100644
--- a/Source/JavaScriptCore/runtime/ArgList.h
+++ b/Source/JavaScriptCore/runtime/ArgList.h
@@ -28,20 +28,20 @@
namespace JSC {
-class alignas(alignof(EncodedJSValue)) MarkedArgumentBufferBase : public RecordOverflow {
- WTF_MAKE_NONCOPYABLE(MarkedArgumentBufferBase);
- WTF_MAKE_NONMOVABLE(MarkedArgumentBufferBase);
+class alignas(alignof(EncodedJSValue)) MarkedVectorBase {
+ WTF_MAKE_NONCOPYABLE(MarkedVectorBase);
+ WTF_MAKE_NONMOVABLE(MarkedVectorBase);
WTF_FORBID_HEAP_ALLOCATION;
friend class VM;
friend class ArgList;
+protected:
+ enum class Status { Success, Overflowed };
public:
- using Base = RecordOverflow;
- typedef HashSet<MarkedArgumentBufferBase*> ListSet;
+ typedef HashSet<MarkedVectorBase*> ListSet;
- ~MarkedArgumentBufferBase()
+ ~MarkedVectorBase()
{
- ASSERT(!m_needsOverflowCheck);
if (m_markSet)
m_markSet->remove(this);
@@ -52,92 +52,20 @@ public:
size_t size() const { return m_size; }
bool isEmpty() const { return !m_size; }
- JSValue at(int i) const
- {
- if (i >= m_size)
- return jsUndefined();
-
- return JSValue::decode(slotFor(i));
- }
-
- void clear()
- {
- ASSERT(!m_needsOverflowCheck);
- clearOverflow();
- m_size = 0;
- }
-
- enum OverflowCheckAction {
- CrashOnOverflow,
- WillCheckLater
- };
- template<OverflowCheckAction action>
- void appendWithAction(JSValue v)
- {
- ASSERT(m_size <= m_capacity);
- if (m_size == m_capacity || mallocBase()) {
- slowAppend(v);
- if (action == CrashOnOverflow)
- RELEASE_ASSERT(!hasOverflowed());
- return;
- }
-
- slotFor(m_size) = JSValue::encode(v);
- ++m_size;
- }
- void append(JSValue v) { appendWithAction<WillCheckLater>(v); }
- void appendWithCrashOnOverflow(JSValue v) { appendWithAction<CrashOnOverflow>(v); }
-
void removeLast()
{
ASSERT(m_size);
m_size--;
}
- JSValue last()
- {
- ASSERT(m_size);
- return JSValue::decode(slotFor(m_size - 1));
- }
-
- JSValue takeLast()
- {
- JSValue result = last();
- removeLast();
- return result;
- }
-
template<typename Visitor> static void markLists(Visitor&, ListSet&);
- void ensureCapacity(size_t requestedCapacity)
- {
- if (requestedCapacity > static_cast<size_t>(m_capacity))
- slowEnsureCapacity(requestedCapacity);
- }
-
- bool hasOverflowed()
- {
- clearNeedsOverflowCheck();
- return Base::hasOverflowed();
- }
-
void overflowCheckNotNeeded() { clearNeedsOverflowCheck(); }
- template<typename Functor>
- void fill(size_t count, const Functor& func)
- {
- ASSERT(!m_size);
- ensureCapacity(count);
- if (Base::hasOverflowed())
- return;
- m_size = count;
- func(reinterpret_cast<JSValue*>(&slotFor(0)));
- }
-
protected:
// Constructor for a read-write list, to which you may append values.
// FIXME: Remove all clients of this API, then remove this API.
- MarkedArgumentBufferBase(size_t capacity)
+ MarkedVectorBase(size_t capacity)
: m_size(0)
, m_capacity(capacity)
, m_buffer(inlineBuffer())
@@ -147,17 +75,16 @@ protected:
EncodedJSValue* inlineBuffer()
{
- return bitwise_cast<EncodedJSValue*>(bitwise_cast<uint8_t*>(this) + sizeof(MarkedArgumentBufferBase));
+ return bitwise_cast<EncodedJSValue*>(bitwise_cast<uint8_t*>(this) + sizeof(MarkedVectorBase));
}
-private:
- void expandCapacity();
- void expandCapacity(int newCapacity);
- void slowEnsureCapacity(size_t requestedCapacity);
+ Status expandCapacity();
+ Status expandCapacity(int newCapacity);
+ Status slowEnsureCapacity(size_t requestedCapacity);
void addMarkSet(JSValue);
- JS_EXPORT_PRIVATE void slowAppend(JSValue);
+ JS_EXPORT_PRIVATE Status slowAppend(JSValue);
EncodedJSValue& slotFor(int item) const
{
@@ -172,11 +99,14 @@ private:
}
#if ASSERT_ENABLED
- void setNeedsOverflowCheck() { m_needsOverflowCheck = true; }
+ void disableNeedsOverflowCheck() { m_overflowCheckEnabled = false; }
+ void setNeedsOverflowCheck() { m_needsOverflowCheck = m_overflowCheckEnabled; }
void clearNeedsOverflowCheck() { m_needsOverflowCheck = false; }
bool m_needsOverflowCheck { false };
+ bool m_overflowCheckEnabled { true };
#else
+ void disableNeedsOverflowCheck() { }
void setNeedsOverflowCheck() { }
void clearNeedsOverflowCheck() { }
#endif // ASSERT_ENABLED
@@ -186,22 +116,114 @@ private:
ListSet* m_markSet;
};
-template<size_t passedInlineCapacity = 8>
-class MarkedArgumentBufferWithSize : public MarkedArgumentBufferBase {
+template<typename T, size_t passedInlineCapacity = 8, class OverflowHandler = CrashOnOverflow>
+class MarkedVector : public OverflowHandler, public MarkedVectorBase {
public:
static constexpr size_t inlineCapacity = passedInlineCapacity;
- MarkedArgumentBufferWithSize()
- : MarkedArgumentBufferBase(inlineCapacity)
+ MarkedVector()
+ : MarkedVectorBase(inlineCapacity)
{
ASSERT(inlineBuffer() == m_inlineBuffer);
+ if constexpr (std::is_same_v<OverflowHandler, CrashOnOverflow>) {
+ // CrashOnOverflow handles overflows immediately. So, we do not
+ // need to check for it after.
+ disableNeedsOverflowCheck();
+ }
+ }
+
+ auto at(int i) const -> decltype(auto)
+ {
+ if constexpr (std::is_same_v<T, JSValue>) {
+ if (i >= m_size)
+ return jsUndefined();
+ return JSValue::decode(slotFor(i));
+ } else {
+ if (i >= m_size)
+ return static_cast<T>(nullptr);
+ return jsCast<T>(JSValue::decode(slotFor(i)).asCell());
+ }
+ }
+
+ void clear()
+ {
+ ASSERT(!m_needsOverflowCheck);
+ OverflowHandler::clearOverflow();
+ m_size = 0;
+ }
+
+ void append(T v)
+ {
+ ASSERT(m_size <= m_capacity);
+ if (m_size == m_capacity || mallocBase()) {
+ if (slowAppend(v) == Status::Overflowed)
+ this->overflowed();
+ return;
+ }
+
+ slotFor(m_size) = JSValue::encode(v);
+ ++m_size;
+ }
+
+ void appendWithCrashOnOverflow(T v)
+ {
+ append(v);
+ if constexpr (!std::is_same<OverflowHandler, CrashOnOverflow>::value)
+ RELEASE_ASSERT(!this->hasOverflowed());
+ }
+
+ auto last() const -> decltype(auto)
+ {
+ if constexpr (std::is_same_v<T, JSValue>) {
+ ASSERT(m_size);
+ return JSValue::decode(slotFor(m_size - 1));
+ } else {
+ ASSERT(m_size);
+ return jsCast<T>(JSValue::decode(slotFor(m_size - 1)).asCell());
+ }
+ }
+
+ JSValue takeLast()
+ {
+ JSValue result = last();
+ removeLast();
+ return result;
+ }
+
+ void ensureCapacity(size_t requestedCapacity)
+ {
+ if (requestedCapacity > static_cast<size_t>(m_capacity)) {
+ if (slowEnsureCapacity(requestedCapacity) == Status::Overflowed)
+ this->overflowed();
+ }
+ }
+
+ bool hasOverflowed()
+ {
+ clearNeedsOverflowCheck();
+ return OverflowHandler::hasOverflowed();
+ }
+
+ template<typename Functor>
+ void fill(size_t count, const Functor& func)
+ {
+ ASSERT(!m_size);
+ ensureCapacity(count);
+ if (OverflowHandler::hasOverflowed())
+ return;
+ m_size = count;
+ func(reinterpret_cast<JSValue*>(&slotFor(0)));
}
private:
EncodedJSValue m_inlineBuffer[inlineCapacity] { };
};
-using MarkedArgumentBuffer = MarkedArgumentBufferWithSize<>;
+template<size_t passedInlineCapacity>
+class MarkedArgumentBufferWithSize : public MarkedVector<JSValue, passedInlineCapacity, RecordOverflow> {
+};
+
+using MarkedArgumentBuffer = MarkedVector<JSValue, 8, RecordOverflow>;
class ArgList {
WTF_MAKE_FAST_ALLOCATED;
diff --git a/Source/WebCore/Modules/webaudio/AudioWorkletProcessor.cpp b/Source/WebCore/Modules/webaudio/AudioWorkletProcessor.cpp
index c8c486a6e9a6..4f0a26574132 100644
--- a/Source/WebCore/Modules/webaudio/AudioWorkletProcessor.cpp
+++ b/Source/WebCore/Modules/webaudio/AudioWorkletProcessor.cpp
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2020 Apple Inc. All rights reserved.
+ * Copyright (C) 2020-2023 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -218,7 +218,7 @@ AudioWorkletProcessor::AudioWorkletProcessor(AudioWorkletGlobalScope& globalScop
ASSERT(!isMainThread());
}
-void AudioWorkletProcessor::buildJSArguments(VM& vm, JSGlobalObject& globalObject, MarkedArgumentBufferBase& args, const Vector<RefPtr<AudioBus>>& inputs, Vector<Ref<AudioBus>>& outputs, const HashMap<String, std::unique_ptr<AudioFloatArray>>& paramValuesMap)
+void AudioWorkletProcessor::buildJSArguments(VM& vm, JSGlobalObject& globalObject, MarkedArgumentBuffer& args, const Vector<RefPtr<AudioBus>>& inputs, Vector<Ref<AudioBus>>& outputs, const HashMap<String, std::unique_ptr<AudioFloatArray>>& paramValuesMap)
{
// For performance reasons, we cache the arrays passed to JS and reconstruct them only when the topology changes.
if (!copyDataFromBusesToJSArray(vm, globalObject, inputs, toJSArray(m_jsInputs)))
diff --git a/Source/WebCore/Modules/webaudio/AudioWorkletProcessor.h b/Source/WebCore/Modules/webaudio/AudioWorkletProcessor.h
index 7d256ea557bb..9ad78225ee51 100644
--- a/Source/WebCore/Modules/webaudio/AudioWorkletProcessor.h
+++ b/Source/WebCore/Modules/webaudio/AudioWorkletProcessor.h
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2020 Apple Inc. All rights reserved.
+ * Copyright (C) 2020-2023 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -40,7 +40,8 @@
namespace JSC {
class JSArray;
-class MarkedArgumentBufferBase;
+template<typename T, size_t, class> class MarkedVector;
+using MarkedArgumentBuffer = MarkedVector<JSValue, 8, RecordOverflow>;
}
namespace WebCore {
@@ -69,7 +70,7 @@ public:
private:
explicit AudioWorkletProcessor(AudioWorkletGlobalScope&, const AudioWorkletProcessorConstructionData&);
- void buildJSArguments(JSC::VM&, JSC::JSGlobalObject&, JSC::MarkedArgumentBufferBase&, const Vector<RefPtr<AudioBus>>& inputs, Vector<Ref<AudioBus>>& outputs, const HashMap<String, std::unique_ptr<AudioFloatArray>>& paramValuesMap);
+ void buildJSArguments(JSC::VM&, JSC::JSGlobalObject&, JSC::MarkedArgumentBuffer&, const Vector<RefPtr<AudioBus>>& inputs, Vector<Ref<AudioBus>>& outputs, const HashMap<String, std::unique_ptr<AudioFloatArray>>& paramValuesMap);
AudioWorkletGlobalScope& m_globalScope;
String m_name;
diff --git a/Source/WebCore/bindings/js/SerializedScriptValue.cpp b/Source/WebCore/bindings/js/SerializedScriptValue.cpp
index 2e6038948a8a..a9841fe057b8 100644
--- a/Source/WebCore/bindings/js/SerializedScriptValue.cpp
+++ b/Source/WebCore/bindings/js/SerializedScriptValue.cpp
@@ -539,6 +539,7 @@ static const unsigned StringDataIs8BitFlag = 0x80000000;
using DeserializationResult = std::pair<JSC::JSValue, SerializationReturnCode>;
class CloneBase {
+ WTF_FORBID_HEAP_ALLOCATION;
protected:
CloneBase(JSGlobalObject* lexicalGlobalObject)
: m_lexicalGlobalObject(lexicalGlobalObject)
@@ -616,6 +617,7 @@ template <> bool writeLittleEndian<uint8_t>(Vector<uint8_t>& buffer, const uint8
}
class CloneSerializer : CloneBase {
+ WTF_FORBID_HEAP_ALLOCATION;
public:
static SerializationReturnCode serialize(JSGlobalObject* lexicalGlobalObject, JSValue value, Vector<RefPtr<MessagePort>>& messagePorts, Vector<RefPtr<JSC::ArrayBuffer>>& arrayBuffers, const Vector<RefPtr<ImageBitmap>>& imageBitmaps,
#if ENABLE(OFFSCREEN_CANVAS_IN_WORKERS)
@@ -2148,6 +2150,7 @@ SerializationReturnCode CloneSerializer::serialize(JSValue in)
}
class CloneDeserializer : CloneBase {
+ WTF_FORBID_HEAP_ALLOCATION;
public:
static String deserializeString(const Vector<uint8_t>& buffer)
{
@@ -3920,10 +3923,10 @@ DeserializationResult CloneDeserializer::deserialize()
Vector<uint32_t, 16> indexStack;
Vector<Identifier, 16> propertyNameStack;
- Vector<JSObject*, 32> outputObjectStack;
- Vector<JSValue, 4> mapKeyStack;
- Vector<JSMap*, 4> mapStack;
- Vector<JSSet*, 4> setStack;
+ MarkedVector<JSObject*, 32> outputObjectStack;
+ MarkedVector<JSValue, 4> mapKeyStack;
+ MarkedVector<JSMap*, 4> mapStack;
+ MarkedVector<JSSet*, 4> setStack;
Vector<WalkerState, 16> stateStack;
WalkerState lexicalGlobalObject = StateUnknown;
JSValue outValue;
--
2.40.0
diff --git a/Source/JavaScriptCore/runtime/ArgList.h b/Source/JavaScriptCore/runtime/ArgList.h
index 8ea9b0e308b8..04cbc452f846 100644
--- a/Source/JavaScriptCore/runtime/ArgList.h
+++ b/Source/JavaScriptCore/runtime/ArgList.h
@@ -22,6 +22,7 @@
#pragma once
#include "CallFrame.h"
+#include "JSCast.h"
#include <wtf/CheckedArithmetic.h>
#include <wtf/ForbidHeapAllocation.h>
#include <wtf/HashSet.h>

View File

@ -1,19 +0,0 @@
diff --git a/Source/WTF/wtf/PageBlock.h b/Source/WTF/wtf/PageBlock.h
index 9bb7fffcc1ae..3e1e24aa69f5 100644
--- a/Source/WTF/wtf/PageBlock.h
+++ b/Source/WTF/wtf/PageBlock.h
@@ -45,11 +45,11 @@ namespace WTF {
// On Linux, Power systems normally use 64 KiB pages.
//
// Use 64 KiB for any unknown CPUs to be conservative.
-#if OS(DARWIN) || PLATFORM(PLAYSTATION) || CPU(MIPS) || CPU(MIPS64) || (OS(LINUX) && CPU(ARM64))
+#if OS(DARWIN) || PLATFORM(PLAYSTATION) || CPU(MIPS) || CPU(MIPS64)
constexpr size_t CeilingOnPageSize = 16 * KB;
-#elif CPU(PPC) || CPU(PPC64) || CPU(PPC64LE) || CPU(UNKNOWN)
+#elif CPU(PPC) || CPU(PPC64) || CPU(PPC64LE) || CPU(UNKNOWN) || CPU(ARM64)
constexpr size_t CeilingOnPageSize = 64 * KB;
-#elif OS(WINDOWS) || CPU(X86) || CPU(X86_64) || CPU(ARM) || CPU(ARM64) || CPU(RISCV64)
+#elif OS(WINDOWS) || CPU(X86) || CPU(X86_64) || CPU(ARM) || CPU(RISCV64)
constexpr size_t CeilingOnPageSize = 4 * KB;
#else
#error Must set CeilingOnPageSize in PageBlock.h when adding a new CPU architecture!

View File

@ -1,10 +1,19 @@
From ffe84688fc8a91b1e6d1c4462120fc44349a7c05 Mon Sep 17 00:00:00 2001
From: Michael Catanzaro <mcatanzaro@redhat.com>
Date: Thu, 27 Oct 2022 19:12:43 -0500
Subject: [PATCH] Force Evolution to use single secondary process
---
Source/WebKit/UIProcess/API/glib/WebKitWebContext.cpp | 3 +++
1 file changed, 3 insertions(+)
diff --git a/Source/WebKit/UIProcess/API/glib/WebKitWebContext.cpp b/Source/WebKit/UIProcess/API/glib/WebKitWebContext.cpp
index bd2d4d20206f..0fe471bde384 100644
index 6bb6767869af..2a05a69d9b0d 100644
--- a/Source/WebKit/UIProcess/API/glib/WebKitWebContext.cpp
+++ b/Source/WebKit/UIProcess/API/glib/WebKitWebContext.cpp
@@ -415,6 +415,9 @@ static void webkitWebContextConstructed(GObject* object)
g_clear_pointer(&priv->memoryPressureSettings, webkit_memory_pressure_settings_free);
@@ -431,6 +431,9 @@ static void webkitWebContextConstructed(GObject* object)
}
configuration.setTimeZoneOverride(String::fromUTF8(priv->timeZoneOverride.data(), priv->timeZoneOverride.length()));
+ if (!g_strcmp0(g_get_prgname(), "evolution"))
+ configuration.setUsesSingleWebProcess(true);
@ -12,3 +21,6 @@ index bd2d4d20206f..0fe471bde384 100644
if (!priv->websiteDataManager)
priv->websiteDataManager = adoptGRef(webkit_website_data_manager_new("local-storage-directory", priv->localStorageDirectory.data(), nullptr));
--
2.31.1

View File

@ -1,5 +1,21 @@
From 833cfdd150b6f7f0fb021ac5de7890dff158f5fd Mon Sep 17 00:00:00 2001
From: Michael Catanzaro <mcatanzaro@redhat.com>
Date: Thu, 27 Oct 2022 16:32:43 -0500
Subject: [PATCH] Build against ICU 60
---
Source/JavaScriptCore/runtime/IntlCache.cpp | 3 +++
Source/JavaScriptCore/runtime/IntlCache.h | 3 +++
Source/JavaScriptCore/runtime/IntlDisplayNames.cpp | 11 +++++++++++
Source/JavaScriptCore/runtime/IntlDisplayNames.h | 7 +++++++
Source/JavaScriptCore/runtime/IntlObject.cpp | 6 +++++-
Source/cmake/OptionsGTK.cmake | 2 +-
6 files changed, 30 insertions(+), 2 deletions(-)
diff --git a/Source/JavaScriptCore/runtime/IntlCache.cpp b/Source/JavaScriptCore/runtime/IntlCache.cpp
index b17d7340df56..94a5474059b6 100644
--- a/Source/JavaScriptCore/runtime/IntlCache.cpp
+++ a/Source/JavaScriptCore/runtime/IntlCache.cpp
+++ b/Source/JavaScriptCore/runtime/IntlCache.cpp
@@ -26,6 +26,7 @@
#include "config.h"
#include "IntlCache.h"
@ -23,8 +39,10 @@
+#endif
} // namespace JSC
diff --git a/Source/JavaScriptCore/runtime/IntlCache.h b/Source/JavaScriptCore/runtime/IntlCache.h
index 058b2423786d..e7a8c82f392b 100644
--- a/Source/JavaScriptCore/runtime/IntlCache.h
+++ a/Source/JavaScriptCore/runtime/IntlCache.h
+++ b/Source/JavaScriptCore/runtime/IntlCache.h
@@ -25,6 +25,7 @@
#pragma once
@ -43,8 +61,10 @@
private:
UDateTimePatternGenerator* getSharedPatternGenerator(const CString& locale, UErrorCode& status)
diff --git a/Source/JavaScriptCore/runtime/IntlDisplayNames.cpp b/Source/JavaScriptCore/runtime/IntlDisplayNames.cpp
index c281f796eaee..1bc3c0c8a8c6 100644
--- a/Source/JavaScriptCore/runtime/IntlDisplayNames.cpp
+++ a/Source/JavaScriptCore/runtime/IntlDisplayNames.cpp
+++ b/Source/JavaScriptCore/runtime/IntlDisplayNames.cpp
@@ -110,6 +110,7 @@ void IntlDisplayNames::initializeDisplayNames(JSGlobalObject* globalObject, JSVa
m_languageDisplay = intlOption<LanguageDisplay>(globalObject, options, vm.propertyNames->languageDisplay, { { "dialect"_s, LanguageDisplay::Dialect }, { "standard"_s, LanguageDisplay::Standard } }, "languageDisplay must be either \"dialect\" or \"standard\""_s, LanguageDisplay::Dialect);
RETURN_IF_EXCEPTION(scope, void());
@ -58,7 +78,7 @@
return;
}
+#else
+ throwTypeError(globalObject, scope, "Failed to initialize Intl.DisplayNames since used feature is not supported in the linked ICU version"_s);
+ throwTypeError(globalObject, scope, "failed to initialize Intl.DisplayNames since feature is not supported by the ICU version"_s);
+ return;
+#endif
}
@ -75,20 +95,22 @@
@@ -350,6 +356,11 @@ JSValue IntlDisplayNames::of(JSGlobalObject* globalObject, JSValue codeValue) co
return throwTypeError(globalObject, scope, "Failed to query a display name."_s);
}
return jsString(vm, String(buffer));
return jsString(vm, String(WTFMove(buffer)));
+#else
+ UNUSED_PARAM(codeValue);
+ throwTypeError(globalObject, scope, "Failed to initialize Intl.DisplayNames since used feature is not supported in the linked ICU version"_s);
+ throwTypeError(globalObject, scope, "failed to initialize Intl.DisplayNames since feature is not supported by the ICU version"_s);
+ return { };
+#endif
}
// https://tc39.es/proposal-intl-displaynames/#sec-Intl.DisplayNames.prototype.resolvedOptions
diff --git a/Source/JavaScriptCore/runtime/IntlDisplayNames.h b/Source/JavaScriptCore/runtime/IntlDisplayNames.h
index d80dc3d83a15..f2bf36275c79 100644
--- a/Source/JavaScriptCore/runtime/IntlDisplayNames.h
+++ a/Source/JavaScriptCore/runtime/IntlDisplayNames.h
@@ -31,6 +31,13 @@
namespace JSC {
+++ b/Source/JavaScriptCore/runtime/IntlDisplayNames.h
@@ -29,6 +29,13 @@
#include <unicode/uldnames.h>
#include <wtf/unicode/icu/ICUHelpers.h>
+#if !defined(HAVE_ICU_U_LOCALE_DISPLAY_NAMES)
+// We need 61 or later since part of implementation uses UCURR_NARROW_SYMBOL_NAME.
@ -97,11 +119,13 @@
+#endif
+#endif
+
enum class RelevantExtensionKey : uint8_t;
namespace JSC {
class IntlDisplayNames final : public JSNonFinalObject {
enum class RelevantExtensionKey : uint8_t;
diff --git a/Source/JavaScriptCore/runtime/IntlObject.cpp b/Source/JavaScriptCore/runtime/IntlObject.cpp
index f7dc4d578d77..a6ccbe1b9f74 100644
--- a/Source/JavaScriptCore/runtime/IntlObject.cpp
+++ a/Source/JavaScriptCore/runtime/IntlObject.cpp
+++ b/Source/JavaScriptCore/runtime/IntlObject.cpp
@@ -153,7 +153,6 @@ namespace JSC {
getCanonicalLocales intlObjectFuncGetCanonicalLocales DontEnum|Function 1
Collator createCollatorConstructor DontEnum|PropertyCallback
@ -112,7 +136,7 @@
PluralRules createPluralRulesConstructor DontEnum|PropertyCallback
@@ -239,6 +238,11 @@ void IntlObject::finishCreation(VM& vm, JSGlobalObject* globalObject)
Base::finishCreation(vm);
ASSERT(inherits(vm, info()));
ASSERT(inherits(info()));
JSC_TO_STRING_TAG_WITHOUT_TRANSITION();
+#if HAVE(ICU_U_LOCALE_DISPLAY_NAMES)
+ putDirectWithoutTransition(vm, vm.propertyNames->DisplayNames, createDisplayNamesConstructor(vm, this), static_cast<unsigned>(PropertyAttribute::DontEnum));
@ -122,9 +146,11 @@
#if HAVE(ICU_U_LIST_FORMATTER)
putDirectWithoutTransition(vm, vm.propertyNames->ListFormat, createListFormatConstructor(vm, this), static_cast<unsigned>(PropertyAttribute::DontEnum));
#else
diff --git a/Source/cmake/OptionsGTK.cmake b/Source/cmake/OptionsGTK.cmake
index 5e653a9e0b5a..0977f2c49037 100644
--- a/Source/cmake/OptionsGTK.cmake
+++ a/Source/cmake/OptionsGTK.cmake
@@ -14,7 +14,7 @@ find_package(Freetype 2.4.2 REQUIRED)
+++ b/Source/cmake/OptionsGTK.cmake
@@ -19,7 +19,7 @@ find_package(Freetype 2.4.2 REQUIRED)
find_package(LibGcrypt 1.6.0 REQUIRED)
find_package(GLIB 2.56.4 REQUIRED COMPONENTS gio gio-unix gobject gthread gmodule)
find_package(HarfBuzz 0.9.18 REQUIRED COMPONENTS ICU)
@ -133,3 +159,6 @@
find_package(JPEG REQUIRED)
find_package(LibXml2 2.8.0 REQUIRED)
find_package(PNG REQUIRED)
--
2.31.1

View File

@ -1,6 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iF0EABECAB0WIQRao7wzT9fjNp58d7KRxVnb5MkSOwUCYwaNMwAKCRCRxVnb5MkS
OwFGAJ9cz5+l3fKydXxOgJWDLBvlavsI1ACfbkmK0bmhBExS7febO1y16Ftd91Q=
=Zhg7
-----END PGP SIGNATURE-----

View File

@ -0,0 +1,6 @@
-----BEGIN PGP SIGNATURE-----
iF0EABEDAB0WIQTX/PYc+aLeqzHYG9Pz0yLQ7EWCwwUCY+yu2QAKCRDz0yLQ7EWC
w7UkAKCS0EoptKZRn3/Z+WgGerHQEQXaFQCg51h2++dwb1bqVZ05Q1YtHmoT2gk=
=or/S
-----END PGP SIGNATURE-----

View File

@ -5,14 +5,9 @@
mkdir -p _license_files ; \
cp -p %1 _license_files/$(echo '%1' | sed -e 's!/!.!g')
# Build documentation by default (use `rpmbuild --without docs` to override it).
# This is used by Coverity. Coverity injects custom compiler warnings, but
# any warning during WebKit docs build is fatal!
%bcond_without docs
Name: webkit2gtk3
Version: 2.36.7
Release: 1%{?dist}.3
Version: 2.38.5
Release: 1%{?dist}
Summary: GTK Web content engine library
License: LGPLv2
@ -27,19 +22,8 @@ Source2: webkitgtk-keys.gpg
# https://bugs.webkit.org/show_bug.cgi?id=193749
Patch0: evolution-shared-secondary-process.patch
# https://bugs.webkit.org/show_bug.cgi?id=217989
# https://bugs.webkit.org/show_bug.cgi?id=227905
Patch1: aarch64-page-size.patch
# https://bugs.webkit.org/show_bug.cgi?id=235367
Patch2: icu60.patch
# https://bugzilla.redhat.com/show_bug.cgi?id=2153683
Patch3: CVE-2022-42856.patch
# https://bugzilla.redhat.com/show_bug.cgi?id=2169934
Patch4: CVE-2023-23529.patch
# https://bugzilla.redhat.com/show_bug.cgi?id=2185744
Patch5: CVE-2023-28205.patch
Patch1: icu60.patch
BuildRequires: bison
BuildRequires: cmake
@ -48,7 +32,6 @@ BuildRequires: gcc-c++
BuildRequires: gettext
BuildRequires: git
BuildRequires: gperf
BuildRequires: gtk-doc
BuildRequires: hyphen-devel
BuildRequires: libatomic
BuildRequires: ninja-build
@ -100,6 +83,8 @@ BuildRequires: pkgconfig(wayland-client)
BuildRequires: pkgconfig(wayland-egl)
BuildRequires: pkgconfig(wayland-protocols)
BuildRequires: pkgconfig(wayland-server)
BuildRequires: pkgconfig(wpe-1.0)
BuildRequires: pkgconfig(wpebackend-fdo-1.0)
BuildRequires: pkgconfig(xt)
# If Geoclue is not running, the geolocation API will not work.
@ -123,6 +108,10 @@ Provides: webkit2gtk3-plugin-process-gtk2 = %{version}-%{release}
Obsoletes: webkitgtk4-plugin-process-gtk2 < %{version}-%{release}
Provides: webkitgtk4-plugin-process-gtk2 = %{version}-%{release}
# Don't build documentation anymore to avoid gi-docgen dependency
Obsoletes: webkit2gtk3-doc < %{version}-%{release}
Provides: webkit2gtk3-doc = %{version}-%{release}
# We're supposed to specify versions here, but these libraries don't do
# normal releases. Accordingly, they're not suitable to be system libs.
Provides: bundled(angle)
@ -152,18 +141,6 @@ Provides: webkitgtk4-devel = %{version}-%{release}
The %{name}-devel package contains libraries, build data, and header
files for developing applications that use %{name}.
%if %{with docs}
%package doc
Summary: Documentation files for %{name}
BuildArch: noarch
Requires: %{name} = %{version}-%{release}
Obsoletes: webkitgtk4-doc < %{version}-%{release}
Provides: webkitgtk4-doc = %{version}-%{release}
%description doc
This package contains developer documentation for %{name}.
%endif
%package jsc
Summary: JavaScript engine from %{name}
Obsoletes: webkitgtk4-jsc < %{version}-%{release}
@ -218,16 +195,11 @@ pushd %{_target_platform}
-DCMAKE_BUILD_TYPE=Release \
-DENABLE_BUBBLEWRAP_SANDBOX=OFF \
-DUSE_SOUP2=ON \
%if %{with docs}
-DENABLE_GTKDOC=ON \
%endif
-DENABLE_MINIBROWSER=ON \
-DUSE_WPE_RENDERER=OFF \
-DENABLE_DOCUMENTATION=OFF \
-DENABLE_GAMEPAD=OFF \
%if 0%{?rhel}
%ifarch aarch64
-DENABLE_JIT=OFF \
-DUSE_SYSTEM_MALLOC=ON \
-DUSE_64KB_PAGE_BLOCK=ON \
%endif
%endif
..
@ -300,27 +272,31 @@ export NINJA_STATUS="[%f/%t][%e] "
%dir %{_datadir}/gir-1.0
%{_datadir}/gir-1.0/JavaScriptCore-4.0.gir
%if %{with docs}
%files doc
%dir %{_datadir}/gtk-doc
%dir %{_datadir}/gtk-doc/html
%{_datadir}/gtk-doc/html/jsc-glib-4.0/
%{_datadir}/gtk-doc/html/webkit2gtk-4.0/
%{_datadir}/gtk-doc/html/webkitdomgtk-4.0/
%endif
%changelog
* Wed Apr 12 2023 Michael Catanzaro <mcatanzaro@redhat.com> - 2.36.7-1.3
- Add patch for CVE-2023-28205
Resolves: #2185740
* Wed Feb 15 2023 Michael Catanzaro <mcatanzaro@redhat.com> - 2.38.5-1
- Update to 2.38.5
Related: #2127468
* Wed Feb 15 2023 Michael Catanzaro <mcatanzaro@redhat.com> - 2.36.7-1.2
- Add patch for CVE-2023-23529
Resolves: #2170007
* Thu Feb 02 2023 Michael Catanzaro <mcatanzaro@redhat.com> - 2.38.4-1
- Update to 2.38.4
Related: #2127468
* Wed Dec 21 2022 Michael Catanzaro <mcatanzaro@redhat.com> - 2.36.7-1.1
- Add patch for CVE-2022-42856
Resolves: #2153735
* Thu Dec 22 2022 Michael Catanzaro <mcatanzaro@redhat.com> - 2.38.3-1
- Update to 2.38.3
Related: #2127468
* Fri Nov 04 2022 Michael Catanzaro <mcatanzaro@redhat.com> - 2.38.2-1
- Update to 2.38.2
Related: #2127468
* Wed Nov 02 2022 Michael Catanzaro <mcatanzaro@redhat.com> - 2.38.1-2
- Fix crashes on aarch64
Enable WPE renderer
Related: #2127468
* Thu Oct 27 2022 Michael Catanzaro <mcatanzaro@redhat.com> - 2.38.1-1
- Update to 2.38.1
Related: #2127468
* Wed Aug 24 2022 Michael Catanzaro <mcatanzaro@redhat.com> - 2.36.7-1
- Update to 2.36.7