These operations should still apply even if they are off screen, because
they affect painting of things outside of their bounding rectangles.
This commit makes us always apply these, regardless of if they are in
the visible region. However, if they are outside that region, we
replace them with simple clip-rect commands, which have the same
effect (not painting anything) but are cheaper than computing a full
mask bitmap.
The insertion steps for iframes were following an old version of the
spec, where it was checking if the iframe was "in a document tree",
which doesn't cross shadow root boundaries. The spec has since been
updated to check the shadow including root instead.
This is now needed for Cloudflare Turnstile iframe widgets to appear,
as they are now inserted into a shadow root.
Previously, the inclusive descendant, which is the node that
for_each_shadow_including_inclusive_descendant was called on, would not
have it's shadow root traversed if it had one.
This is because the shadow root traversal was in the `for` loop, which
begins with the node's first child. The fix here is to move the shadow
root traversal outside of the loop, and check if the current node is an
element instead.
While this does mean that we keep one copy of the stack info in the VM,
and another in the Heap; keeping a separate instance removes one more
instance of coupling between the heap and LibJS specific details.
There is definitely a possibility I am misunderstanding the reason
behind it - but this does not appear neccessary. The VM owns both the
string cache and Heap. On destruction, the VM should clear out both
the heap and its string cache.
While this is used in the implementation of Runtime objects itself, Heap
seems like a more appropriate home. This will also help in factoring out
the GC implementation into it's own library as the heap explicitly has
knowledge of WeakContainer.
When the cached value was not an accessor, it was simply ignored.
This is the value we really want, so we can just return it.
Shows up to 5x improvements on some benchmarks,
and 1.4x in general js-benchmarks.
Async functions whose promise is never resolved were leaking, since they
had a strong root JS::Handle on themselves.
This doesn't appear to actually be necessary, since the wrapper will be
kept alive as long as it's reachable (and if it's not reachable, nobody
is going to resolve/reject the promise either).
This fixes the vast majority of leaks on Speedometer, bringing memory
usage at the end of a full run from ~12 GiB to ~3 GiB.
This fixes an issue where a badly-timed garbage collection could swallow
a static field initializer.
Caught by running test262 in GC-on-every-allocation mode.
We were miscalculating the length of the buffer in pointer-sized chunks,
which is what the conservative root scan cares about.
This could cause some values to be prematurely garbage-collected.
This was preventing https://ubereats.com/ from fully loading, because
they are attempting to overwrite setItem. They seem to be trying to add
error logging to setItem if it throws, as all they do is add a
try/catch block that emits an error log to their monitoring service if
it throws.
However, because Storage is a legacy platform object with a named
property setter (setItem), it will call setItem with the stringified
version of the function. This is actually expected as per the spec,
Firefox (Gecko) and Epiphany (WebKit) does this too, but Chromium does
not as it actually overwrites the function with the new function and
does not store the stringified function.
The problem is that we had the LegacyOverrideBuiltIns flag accidentally
set, so it would return the stored string instead of the built-in
function (hence the name), then it would try and call it and throw a
"not a function" error. This prevented their JS from going any further.
This fix allows their UI to fully load and be fully interactive, though
it is quite slow at the moment!
This change removes the append_without_space, append_with_space,
prepend_without_space, and prepend_with_space functions from DOM::Node.
All those methods were added with the initial “Implement Accessible Name
and Description Calculation” commit in da5c918 and were only used in the
code related to accessible-name computation. But subsequent changes to
that code have removed all the calls to those functions — so now they’re
all completely unused.
This change ensures that when the aria-labelledby attribute is used, the
expected text from the element referenced in the aria-labelledby value
appears in the computed accessible name. Otherwise, without this change,
the expected text doesn’t appear in the computed accessible name.
This change fixes handling for substep ii of the “F. Name From Content”
step at https://w3c.github.io/accname/#step2F in the “Accessible Name
and Description Computation” spec — to correctly include any ::before
and ::after pseudo-element content in the computation of accessible
names. Otherwise, without this change, accessible names unexpectedly
don’t include that pseudo-element content.
This change implements the https://w3c.github.io/accname/#comp_append
step in the “Accessible Name and Description Computation” spec — so that
when an accessible name is computed from multiple sources in a document
subtree, the parts of the computed text are joined together with spaces.
Otherwise without this change, in accessible names computed from
multiple sources in a document subtree, the parts of the computed text
are unexpectedly run together, with no spaces between the parts.
This is really just a type alias for NonnullGCPtr<T>, but it provides
a way to have non-owning non-visited NonnullGCPtr<T> without getting
yelled at by the Clang plugin for catching GC errors.
