Branch: refs/heads/webkitglib/2.52
Home: https://github.com/WebKit/WebKit
Commit: a21dbcab8d695204fdf6d5103d3cf6e9e5f34f7b
https://github.com/WebKit/WebKit/commit/a21dbcab8d695204fdf6d5103d3cf6e9e5f34f7b
Author: Chris Dumez <[email protected]>
Date: 2026-03-26 (Thu, 26 Mar 2026)
Changed paths:
M Source/WebCore/platform/SharedBuffer.h
M Tools/TestWebKitAPI/Tests/WebCore/SharedBuffer.cpp
Log Message:
-----------
Cherry-pick 309975@main (5d2a8a719f04).
https://bugs.webkit.org/show_bug.cgi?id=310769
Fix SharedBuffer:isSpanWithinBounds()
https://bugs.webkit.org/show_bug.cgi?id=310769
Reviewed by Kimmo Kinnunen.
The function only checked that otherSpan.end() falls within
`[thisSpan.begin(), thisSpan.end()]``. It never checks that
`otherSpan.begin() >= thisSpan.begin()`. A span that starts before the
buffer but ends within it would incorrectly return true.
Test: Tools/TestWebKitAPI/Tests/WebCore/SharedBuffer.cpp
* Source/WebCore/platform/SharedBuffer.h:
(WebCore::SharedBuffer::isSpanWithinBounds const):
* Tools/TestWebKitAPI/Tests/WebCore/SharedBuffer.cpp:
(TestWebKitAPI::TEST_F(FragmentedSharedBufferTest, isSpanWithinBounds)):
Canonical link: https://commits.webkit.org/309975@main
Canonical link: https://commits.webkit.org/305877.316@webkitglib/2.52
Commit: 0a92fdb0e82ac3357e0d2b6b7c9e2d70e86f7cd4
https://github.com/WebKit/WebKit/commit/0a92fdb0e82ac3357e0d2b6b7c9e2d70e86f7cd4
Author: Chris Dumez <[email protected]>
Date: 2026-03-26 (Thu, 26 Mar 2026)
Changed paths:
M Source/WebKit/Platform/IPC/StreamConnectionBuffer.h
Log Message:
-----------
Cherry-pick 309973@main (942635d3ce50).
https://bugs.webkit.org/show_bug.cgi?id=310766
Fix copy/paste mistake in StreamConnectionBuffer::maximumSize()
https://bugs.webkit.org/show_bug.cgi?id=310766
Reviewed by Kimmo Kinnunen.
The code was using `ClientOffset::serverIsSleepingTag` twice in std::min(),
which did not make sense. No impact at the moment but still a copy/paste
mistake which could cause trouble in the future.
* Source/WebKit/Platform/IPC/StreamConnectionBuffer.h:
(IPC::StreamConnectionBuffer::maximumSize):
Canonical link: https://commits.webkit.org/309973@main
Canonical link: https://commits.webkit.org/305877.317@webkitglib/2.52
Commit: 03af30047d1a568ab1e1776f163ef19963478769
https://github.com/WebKit/WebKit/commit/03af30047d1a568ab1e1776f163ef19963478769
Author: Chris Dumez <[email protected]>
Date: 2026-03-26 (Thu, 26 Mar 2026)
Changed paths:
M Source/WebKit/Platform/IPC/MessageSender.cpp
Log Message:
-----------
Cherry-pick 309971@main (f3460ec3053a).
https://bugs.webkit.org/show_bug.cgi?id=310764
Guard against null dereference in MessageSender::sendMessage()
https://bugs.webkit.org/show_bug.cgi?id=310764
Reviewed by Kimmo Kinnunen.
Guard against null dereference (which is UB) in MessageSender::sendMessage()
and MessageSender::sendMessageWithAsyncReply() by null checking the
connection in release builds.
* Source/WebKit/Platform/IPC/MessageSender.cpp:
(IPC::MessageSender::sendMessage):
(IPC::MessageSender::sendMessageWithAsyncReply):
Canonical link: https://commits.webkit.org/309971@main
Canonical link: https://commits.webkit.org/305877.318@webkitglib/2.52
Commit: 64555637d9b48f0bac4d752e2f644bea31d8fe8d
https://github.com/WebKit/WebKit/commit/64555637d9b48f0bac4d752e2f644bea31d8fe8d
Author: Fujii Hironori <[email protected]>
Date: 2026-03-26 (Thu, 26 Mar 2026)
Changed paths:
A LayoutTests/compositing/accelerated-layers-after-back-2-expected.html
A LayoutTests/compositing/accelerated-layers-after-back-2.html
M LayoutTests/platform/ios-site-isolation/TestExpectations
M Source/WebCore/page/LocalFrameView.cpp
Log Message:
-----------
Cherry-pick 309966@main (c757260acf90).
https://bugs.webkit.org/show_bug.cgi?id=310153
Fixed missing tiles after history back
https://bugs.webkit.org/show_bug.cgi?id=310153
Reviewed by Simon Fraser.
A blank page was shown after history back if the focused element was placed
in
far down the page. LocalFrameView::scrollToFocusedElementInternal()
scrolled to
the focused element. However, a RenderLayerBacking wasn't created when
scrolling to the focused element, and GraphicsLayer::setPosition() was not
called. Then, the coverage area was miscomputed, and tiles were missing.
scrollToFocusedElementInternal() should update compositing layers before
scrolling.
Test: compositing/accelerated-layers-after-back-2.html
* LayoutTests/compositing/accelerated-layers-after-back-2-expected.html:
Added.
* LayoutTests/compositing/accelerated-layers-after-back-2.html: Added.
* LayoutTests/platform/ios-site-isolation/TestExpectations:
* LayoutTests/platform/mac-site-isolation/TestExpectations:
* Source/WebCore/page/LocalFrameView.cpp:
(WebCore::LocalFrameView::scrollToFocusedElementInternal):
Canonical link: https://commits.webkit.org/309966@main
Canonical link: https://commits.webkit.org/305877.319@webkitglib/2.52
Compare: https://github.com/WebKit/WebKit/compare/7204e3502eea...64555637d9b4
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
