3e459147390666bc5e6d3e44aa348a29972e7e4d
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2017-05-18  Daniel Bates  <dabates@apple.com>
2
3         Bindings: Require value for extended attributes EnabledAtRuntime and EnabledForWorld
4         https://bugs.webkit.org/show_bug.cgi?id=172252
5
6         Reviewed by Sam Weinig.
7
8         According to Sam Weinig it is an anti-feature that EnabledAtRuntime can be specified
9         without a value. We should make it require a value for the name of the RuntimeEnabledFeatures
10         function to use in the generated code. For similar reasons we should also require
11         a value for the extended attribute EnabledForWorld.
12
13         * Modules/websockets/WebSocket.idl: Substitute EnabledAtRuntime=WebSocket for EnabledAtRuntime.
14         * bindings/scripts/CodeGeneratorJS.pm:
15         (GetRuntimeEnableFunctionName):
16         * html/HTMLAudioElement.idl: Substitute EnabledAtRuntime=Audio for EnabledAtRuntime.
17         * page/RuntimeEnabledFeatures.cpp:
18         (WebCore::RuntimeEnabledFeatures::audioEnabled):
19         (WebCore::RuntimeEnabledFeatures::htmlAudioElementEnabled): Deleted. This function duplicated
20         the functionality of RuntimeEnabledFeatures::audioEnabled(). Instead we explicitly
21         write EnabledAtRuntime=Audio in HTMLAudioElement.idl to use RuntimeEnabledFeatures::audioEnabled()
22         to determine whether to expose/conceal the HTMLAudioElement global constructor at runtime.
23         * page/RuntimeEnabledFeatures.h:
24
25 2017-05-18  Jer Noble  <jer.noble@apple.com>
26
27         Allow nested timers to propagate user gestures so long as the total nested interval is less than 1s.
28         https://bugs.webkit.org/show_bug.cgi?id=172173
29
30         Reviewed by Andy Estes.
31
32         Test: media/restricted-audio-playback-with-multiple-settimeouts.html
33
34         Store the current nested timer interval in DOMTimerFireState, and use that value to propagate the
35         nested interval through multiple invocations of setTimeout().
36
37         Drive-by fix: instead of manually resetting the nesting level in DOMTimer::fired(), add the
38         nesting level to the DOMTimerFireState, and reset the nesting level on the state's destruction.
39         This fixes one place in DOMTimer::fire() where an early return lead to the timer's nesting level
40         not being reset.
41
42         * page/DOMTimer.cpp:
43         (WebCore::DOMTimerFireState::DOMTimerFireState):
44         (WebCore::DOMTimerFireState::~DOMTimerFireState):
45         (WebCore::DOMTimerFireState::nestedTimerInterval):
46         (WebCore::shouldForwardUserGesture):
47         (WebCore::userGestureTokenToForward):
48         (WebCore::currentNestedTimerInterval):
49         (WebCore::DOMTimer::DOMTimer):
50         (WebCore::DOMTimer::fired):
51         * page/DOMTimer.h:
52
53 2017-05-18  Youenn Fablet  <youenn@apple.com>
54
55         RealtimeOutgoingAudioSource should use the source sample rate
56         https://bugs.webkit.org/show_bug.cgi?id=172297
57
58         Reviewed by Eric Carlson.
59
60         Covered by manual tests.
61
62         * platform/mediastream/mac/RealtimeOutgoingAudioSource.cpp:
63         (WebCore::RealtimeOutgoingAudioSource::audioSamplesAvailable): Using the audio source sample rate so that the converter does the right conversion.
64
65 2017-05-18  Andy Estes  <aestes@apple.com>
66
67         Add "countryCode" to ApplePayErrorContactField
68         https://bugs.webkit.org/show_bug.cgi?id=172264
69         <rdar://problem/32004909>
70
71         Reviewed by Anders Carlsson.
72
73         Added ApplePayError tests to http/tests/ssl/applepay/ApplePaySession.html
74
75         * Modules/applepay/ApplePayError.idl:
76         * Modules/applepay/PaymentRequest.h:
77
78 2017-05-18  Daniel Bates  <dabates@apple.com>
79
80         Cleanup: Remove unnecessary call to AddToImplIncludes("RuntimeEnabledFeatures.h") in GenerateImplementation()
81         https://bugs.webkit.org/show_bug.cgi?id=172236
82
83         Reviewed by Chris Dumez.
84
85         It is unnecessary for GenerateImplementation() to explicitly call AddToImplIncludes("RuntimeEnabledFeatures.h")
86         to add the header RuntimeEnabledFeatures.h to the list of headers in the generated implementation
87         as this header is added when GetRuntimeEnableFunctionName() is called. And GenerateImplementation()
88         calls GetRuntimeEnableFunctionName().
89
90         No functionality changed. So, no new tests.
91
92         * bindings/scripts/CodeGeneratorJS.pm:
93         (GenerateImplementation):
94
95 2017-05-18  Daniel Bates  <dabates@apple.com>
96
97         REGRESSION (r209608): Cross-origin plugin document opened in child window blocked by parent
98         window CSP when object-src 'none' is set
99         https://bugs.webkit.org/show_bug.cgi?id=172038
100         <rdar://problem/32258262>
101
102         Reviewed by Andy Estes.
103
104         Fixes an issue where a cross-origin plugin document opened in a child window would inherit
105         the Content Security Policy (CSP) of its opener. In particular, a cross-origin plugin
106         document opened in a child window would be blocked when the CSP of its opener disallows
107         plugins (e.g. object-source 'none').
108
109         Prior to r209608 a document opened in a child window never inherited the CSP from its opener
110         and a plugin document loaded in a subframe would unconditionally inherit the CSP from its
111         parent frame. So, a plugin document opened in a child window would be allowed to load
112         regardless of whether its opener had a CSP that prevented plugins. Following r209608 a
113         document opened in a child window would inherit its CSP from its opener if and only if it
114         would inherit the security origin from its opener (e.g. about:blank) or was a plugin
115         document. The latter condition makes plugin documents opened in a child window unconditionally
116         inherit the CSP from their opener and is the cause of this bug. It seems reasonable to exempt
117         cross-origin plugin documents opened in a child window from the CSP inheritance rule because
118         such documents cannot compromise the origin of their opener. Same-origin plugin documents
119         opened in a child window will continue to inherit the CSP from their opener because such
120         documents can compromise the origin of their opener.
121
122         Tests: http/tests/security/contentSecurityPolicy/cross-origin-plugin-document-allowed-in-child-window.html
123                http/tests/security/contentSecurityPolicy/plugin-blocked-in-about-blank-window.html
124                http/tests/security/contentSecurityPolicy/same-origin-plugin-document-blocked-in-child-window.html
125
126         * dom/Document.cpp:
127         (WebCore::Document::shouldInheritContentSecurityPolicyFromOwner): Added.
128         (WebCore::Document::initContentSecurityPolicy):
129         * dom/Document.h:
130
131 2017-05-18  Keith Miller  <keith_miller@apple.com>
132
133         WebAssembly API: test with neutered inputs
134         https://bugs.webkit.org/show_bug.cgi?id=163899
135
136         Reviewed by JF Bastien.
137
138         Make it not possible to transfer an ArrayBuffer that is backed by a
139         wasm memory.
140
141         Test: workers/wasm-mem-post-message.html
142
143         * bindings/js/SerializedScriptValue.cpp:
144         (WebCore::SerializedScriptValue::create):
145
146 2017-05-18  Commit Queue  <commit-queue@webkit.org>
147
148         Unreviewed, rolling out r217031, r217032, and r217037.
149         https://bugs.webkit.org/show_bug.cgi?id=172293
150
151         cause linking errors in Windows (Requested by yusukesuzuki on
152         #webkit).
153
154         Reverted changesets:
155
156         "[JSC][DFG][DOMJIT] Extend CheckDOM to CheckSubClass"
157         https://bugs.webkit.org/show_bug.cgi?id=172098
158         http://trac.webkit.org/changeset/217031
159
160         "Unreviewed, rebaseline for newly added ClassInfo"
161         https://bugs.webkit.org/show_bug.cgi?id=172098
162         http://trac.webkit.org/changeset/217032
163
164         "Unreviewed, fix debug and non-JIT build"
165         https://bugs.webkit.org/show_bug.cgi?id=172098
166         http://trac.webkit.org/changeset/217037
167
168 2017-05-18  Per Arne Vollan  <pvollan@apple.com>
169
170         Protect MediaDeviceRequest instance during context destruction.
171         https://bugs.webkit.org/show_bug.cgi?id=172285
172         <rdar://problem/30369017>
173
174         Reviewed by Brent Fulgham.
175
176         In MediaDevicesRequest::contextDestroyed(), the call to m_enumerationRequest->cancel() might
177         end up deleting itself (MediaDevicesRequest). The std::function member m_completionHandler
178         in MediaDevicesEnumerationRequest contains a captured variable of type
179         RefPtr<MediaDevicesRequest>. When m_completionHandler is set to null in the cancel() method,
180         the MediaDevicesRequest object will be deleted if the m_completionHandler member is holding
181         the last reference.
182
183         No new tests, since I am unable to reproduce.
184
185         * Modules/mediastream/MediaDevicesRequest.cpp:
186         (WebCore::MediaDevicesRequest::contextDestroyed):
187
188 2017-05-18  Antti Koivisto  <antti@apple.com>
189
190         Design mode should not affect UA shadow trees
191         https://bugs.webkit.org/show_bug.cgi?id=171854
192         <rdar://problem/32071037>
193
194         Reviewed by Zalan Bujtas.
195
196         Test: editing/deleting/search-shadow-tree-delete.html
197
198         * html/HTMLElement.cpp:
199         (WebCore::HTMLElement::editabilityFromContentEditableAttr):
200
201             Ignore design mode for UA shadow trees.
202
203         * html/SearchInputType.cpp:
204         (WebCore::SearchInputType::~SearchInputType):
205         (WebCore::SearchInputType::createShadowSubtree):
206         (WebCore::SearchInputType::resultsButtonElement):
207         (WebCore::SearchInputType::cancelButtonElement):
208         * html/SearchInputType.h:
209
210             Use RefPtr.
211
212 2017-05-18  Vanessa Chipirrás Navalón  <vchipirras@igalia.com>
213
214         [GTK][GStreamer][MSE] Crash on youtube when MSE is enabled but gstreamer cant find the decoder element.
215         https://bugs.webkit.org/show_bug.cgi?id=167120
216
217         Reviewed by Žan Doberšek.
218
219         This is because supportCodecs() doesn't check in runtime which plugins the player has.
220         So, a static function which returns a map with the plugins has been created. That map is later
221         used in the supportsCodecs() method to check if the requested codec matches any of the map.
222
223         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
224         (WebCore::MediaPlayerPrivateGStreamerBase::initializeGStreamerAndRegisterWebKitElements):
225         The declaration is moved into this class.
226         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
227         (WebCore::MediaPlayerPrivateGStreamer::isAvailable): This function calls the implementation of
228         initializeGstreamerAndRegisterWebKitElements function.
229         (WebCore::MediaPlayerPrivateGStreamer::load): Ditto
230         (WebCore::mimeTypeSet): Ditto
231         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h: It is static type to expose
232         initializeGStreamerAndRegisterWebKitElements() function to be called from internal function
233         "which runs before MediaPlayerPrivateGStreamerBase initialization but needs to have GStreamer initialized".
234         * platform/graphics/gstreamer/mse/MediaPlayerPrivateGStreamerMSE.cpp:
235         (WebCore::codecSet): It returns a map with the plugins has been created.
236         (WebCore::MediaPlayerPrivateGStreamerMSE::supportsCodecs): To check if the requested codec
237         matches any of the map from codecSet().
238
239 2017-05-18  Romain Bellessort  <romain.bellessort@crf.canon.fr>
240
241         [Readable Streams API] Align getDesiredSize with spec
242         https://bugs.webkit.org/show_bug.cgi?id=172220
243
244         Reviewed by Chris Dumez.
245
246         Aligned implementation of getDesiredSize operation for both controllers:
247         - https://streams.spec.whatwg.org/#readable-stream-default-controller-get-desired-size
248         - https://streams.spec.whatwg.org/#readable-byte-stream-controller-get-desired-size
249
250         Implementation slightly differs from spec as queueTotalSize refactoring is not
251         yet implemented, but behavior is now similar.
252
253         No new tests (already covered by WPT tests, corresponding expectations have been updated).
254
255         * Modules/streams/ReadableByteStreamInternals.js:
256         (readableByteStreamControllerGetDesiredSize): Updated.
257         * Modules/streams/ReadableStreamInternals.js:
258         (readableStreamDefaultControllerGetDesiredSize): Updated.
259
260 2017-05-18  Tim Horton  <timothy_horton@apple.com>
261
262         More WebKit2 header cleanup
263         https://bugs.webkit.org/show_bug.cgi?id=172214
264
265         Reviewed by Simon Fraser.
266
267         * Modules/mediastream/UserMediaController.cpp:
268         * Modules/mediastream/UserMediaController.h:
269
270 2017-05-16  Yusuke Suzuki  <utatane.tea@gmail.com>
271
272         [JSC][DFG][DOMJIT] Extend CheckDOM to CheckSubClass
273         https://bugs.webkit.org/show_bug.cgi?id=172098
274
275         Reviewed by Saam Barati.
276
277         Add DOMJIT interface IDL attribute. Which allows us to define checkSubClassPatchpoint function
278         for that ClassInfo. And we move CheckSubClass patchpoint implementation to ClassInfo's member.
279
280         * CMakeLists.txt:
281         * WebCore.xcodeproj/project.pbxproj:
282         * bindings/js/JSDOMGlobalObject.cpp:
283         * bindings/js/JSDOMWindowBase.cpp:
284         * bindings/js/JSDOMWindowProperties.cpp:
285         * bindings/js/JSDOMWindowShell.cpp:
286         * bindings/js/JSReadableStreamPrivateConstructors.cpp:
287         * bindings/js/JSWorkerGlobalScopeBase.cpp:
288         * bindings/scripts/CodeGeneratorJS.pm:
289         (GenerateHeader):
290         (GenerateImplementation):
291         (GenerateImplementationIterableFunctions):
292         (GenerateConstructorHelperMethods):
293         * bindings/scripts/IDLAttributes.json:
294         * bindings/scripts/test/JS/JSInterfaceName.cpp:
295         * bindings/scripts/test/JS/JSMapLike.cpp:
296         * bindings/scripts/test/JS/JSReadOnlyMapLike.cpp:
297         * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
298         * bindings/scripts/test/JS/JSTestCEReactions.cpp:
299         * bindings/scripts/test/JS/JSTestCEReactionsStringifier.cpp:
300         * bindings/scripts/test/JS/JSTestCallbackInterface.cpp:
301         * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.cpp:
302         * bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.cpp:
303         * bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp:
304         * bindings/scripts/test/JS/JSTestDOMJIT.cpp:
305         * bindings/scripts/test/JS/JSTestDOMJIT.h:
306         * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
307         * bindings/scripts/test/JS/JSTestEventTarget.cpp:
308         * bindings/scripts/test/JS/JSTestException.cpp:
309         * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:
310         * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
311         * bindings/scripts/test/JS/JSTestInterface.cpp:
312         * bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.cpp:
313         * bindings/scripts/test/JS/JSTestIterable.cpp:
314         * bindings/scripts/test/JS/JSTestJSBuiltinConstructor.cpp:
315         * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
316         * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
317         * bindings/scripts/test/JS/JSTestNode.cpp:
318         * bindings/scripts/test/JS/JSTestObj.cpp:
319         * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
320         * bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.cpp:
321         * bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp:
322         * bindings/scripts/test/JS/JSTestPromiseRejectionEvent.cpp:
323         * bindings/scripts/test/JS/JSTestSerialization.cpp:
324         * bindings/scripts/test/JS/JSTestSerializationInherit.cpp:
325         * bindings/scripts/test/JS/JSTestSerializationInheritFinal.cpp:
326         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
327         * bindings/scripts/test/JS/JSTestTypedefs.cpp:
328         * bridge/c/CRuntimeObject.cpp:
329         * bridge/c/c_instance.cpp:
330         * bridge/objc/ObjCRuntimeObject.mm:
331         * bridge/objc/objc_instance.mm:
332         * bridge/objc/objc_runtime.mm:
333         * bridge/runtime_array.cpp:
334         * bridge/runtime_method.cpp:
335         * bridge/runtime_object.cpp:
336         * dom/Document.idl:
337         * dom/DocumentFragment.idl:
338         * dom/Element.idl:
339         * dom/Event.idl:
340         * dom/Node.idl:
341         * domjit/JSDocumentDOMJIT.cpp:
342         (WebCore::JSDocument::checkSubClassPatchpoint):
343         (WebCore::DocumentDocumentElementDOMJIT::checkDOM): Deleted.
344         (WebCore::DocumentBodyDOMJIT::checkDOM): Deleted.
345         * domjit/JSDocumentFragmentDOMJIT.cpp: Copied from Source/JavaScriptCore/runtime/JSMap.cpp.
346         (WebCore::JSDocumentFragment::checkSubClassPatchpoint):
347         * domjit/JSElementDOMJIT.cpp: Copied from Source/JavaScriptCore/tools/JSDollarVM.cpp.
348         (WebCore::JSElement::checkSubClassPatchpoint):
349         * domjit/JSEventDOMJIT.cpp: Copied from Source/JavaScriptCore/tools/JSDollarVM.cpp.
350         (WebCore::JSEvent::checkSubClassPatchpoint):
351         * domjit/JSNodeDOMJIT.cpp:
352         (WebCore::JSNode::checkSubClassPatchpoint):
353         (WebCore::NodeFirstChildDOMJIT::checkDOM): Deleted.
354         (WebCore::NodeLastChildDOMJIT::checkDOM): Deleted.
355         (WebCore::NodeNextSiblingDOMJIT::checkDOM): Deleted.
356         (WebCore::NodePreviousSiblingDOMJIT::checkDOM): Deleted.
357         (WebCore::NodeParentNodeDOMJIT::checkDOM): Deleted.
358         (WebCore::NodeNodeTypeDOMJIT::checkDOM): Deleted.
359         (WebCore::NodeOwnerDocumentDOMJIT::checkDOM): Deleted.
360
361 2017-05-17  Youenn Fablet  <youenn@apple.com>
362
363         r216999 broke win build
364         https://bugs.webkit.org/show_bug.cgi?id=172257
365
366         Unreviewed.
367
368         * testing/Internals.cpp:
369         (WebCore::Internals::setPageVisibility): Moving setPageVisibility out of MEDIA_STREAM compilation flag.
370
371 2017-05-17  Andy Estes  <aestes@apple.com>
372
373         [Cocoa] errors are not propagated to PassKit when calling ApplePaySession.completePayment()
374         https://bugs.webkit.org/show_bug.cgi?id=172253
375         <rdar://problem/32258020>
376
377         Reviewed by Dan Bernstein.
378
379         In ApplePaySession::completePayment(), releaseReturnValue() was being called twice on the
380         same convertedResult. Since the first call moved the errors vector out of convertedResult,
381         the vector is empty in the second call. It's the second call that sends the result to the
382         UI process, so we end up with an empty arary when we call PassKit's delegate completion
383         handler.
384
385         * Modules/applepay/ApplePaySession.cpp:
386         (WebCore::ApplePaySession::completePayment):
387
388 2017-05-17  Ryan Haddad  <ryanhaddad@apple.com>
389
390         Unreviewed, rolling out r217014.
391
392         This change caused mac-wk2 LayoutTests to exit early due to
393         crashes.
394
395         Reverted changeset:
396
397         "Resource Load Statistics: Grandfather domains for existing
398         data records"
399         https://bugs.webkit.org/show_bug.cgi?id=172155
400         http://trac.webkit.org/changeset/217014
401
402 2017-05-17  Zalan Bujtas  <zalan@apple.com>
403
404         Tighten TextIterator::handleTextNode run-renderer mapping logic.
405         https://bugs.webkit.org/show_bug.cgi?id=172174
406
407         Reviewed by Antti Koivisto.
408
409         This patch ensure that when runs and renderers are getting out of sync
410         we don't run into problems like webkit.org/b/172113 (where we end up
411         using incorrect content start/end positions).
412
413         * editing/TextIterator.cpp:
414         (WebCore::TextIterator::handleTextNode):
415
416 2017-05-17  John Wilander  <wilander@apple.com>
417
418         Resource Load Statistics: Grandfather domains for existing data records
419         https://bugs.webkit.org/show_bug.cgi?id=172155
420         <rdar://problem/24913532>
421
422         Reviewed by Alex Christensen.
423
424         Test: http/tests/loading/resourceLoadStatistics/grandfathering.html
425
426         * loader/ResourceLoadObserver.cpp:
427         (WebCore::ResourceLoadObserver::setGrandfathered):
428         (WebCore::ResourceLoadObserver::isGrandfathered):
429         (WebCore::ResourceLoadObserver::setMinimumTimeBetweeenDataRecordsRemoval):
430         (WebCore::ResourceLoadObserver::setGrandfatheringTime):
431             Functions for testing and configuration.
432             ResourceLoadObserver::setMinimumTimeBetweeenDataRecordsRemoval() changed as a result of moving
433             WebKit::WebResourceLoadStatisticsStore::setMinimumTimeBetweeenDataRecordsRemoval() here.
434         * loader/ResourceLoadObserver.h:
435         * loader/ResourceLoadStatisticsStore.cpp:
436         (WebCore::ResourceLoadStatisticsStore::createEncoderFromData):
437         (WebCore::ResourceLoadStatisticsStore::readDataFromDecoder):
438             Now contains endOfGrandfatheringTimestamp.
439         (WebCore::ResourceLoadStatisticsStore::clearInMemoryAndPersistent):
440             Now makes a call to m_grandfatherExistingWebsiteDataHandler().
441         (WebCore::ResourceLoadStatisticsStore::setGrandfatherExistingWebsiteDataCallback):
442         (WebCore::ResourceLoadStatisticsStore::setMinimumTimeBetweeenDataRecordsRemoval):
443             Changed as a result of moving
444             WebKit::WebResourceLoadStatisticsStore::setMinimumTimeBetweeenDataRecordsRemoval() here.
445         (WebCore::ResourceLoadStatisticsStore::setGrandfatheringTime):
446         (WebCore::ResourceLoadStatisticsStore::topPrivatelyControlledDomainsToRemoveWebsiteDataFor):
447             Renamed since it now also takes grandfathering into account.
448         (WebCore::ResourceLoadStatisticsStore::updateStatisticsForRemovedDataRecords):
449             Fixed typo in local variable name.
450         (WebCore::ResourceLoadStatisticsStore::handleFreshStartWithEmptyOrNoStore):
451         (WebCore::ResourceLoadStatisticsStore::shouldRemoveDataRecords):
452             Convenience function added.
453         (WebCore::ResourceLoadStatisticsStore::dataRecordsBeingRemoved):
454             Convenience function added.
455         (WebCore::ResourceLoadStatisticsStore::dataRecordsWereRemoved):
456             Convenience function added.
457         (WebCore::ResourceLoadStatisticsStore::prevalentResourceDomainsWithoutUserInteraction): Deleted.
458             Replaced by ResourceLoadStatisticsStore::topPrivatelyControlledDomainsToRemoveWebsiteDataFor().
459         * loader/ResourceLoadStatisticsStore.h:
460
461 2017-05-17  Zalan Bujtas  <zalan@apple.com>
462
463         Debug ASSERT: WebCore::RenderImageResource::shutdown
464         https://bugs.webkit.org/show_bug.cgi?id=172238
465         <rdar://problem/30064601>
466
467         Reviewed by Simon Fraser.
468
469         While constructing new renderers, as part of the render tree update, we check if the insertion point is valid for them. 
470         When this newly constructed child renderer can't be injected to a specific place, we destroy it right away.
471         This assert was added with the assumption that the image resource object gets initialized
472         (through RenderObject::initializeStyle) even when the renderer turns out to be invalid.
473
474         Test: fast/images/assert-when-insertion-point-is-incorrect.html
475
476         * rendering/RenderImageResource.cpp:
477         (WebCore::RenderImageResource::RenderImageResource):
478         (WebCore::RenderImageResource::shutdown):
479         * rendering/RenderImageResource.h:
480
481 2017-05-17  Per Arne Vollan  <pvollan@apple.com>
482
483         Crash under WebCore::AudioSourceProviderAVFObjC::process().
484         https://bugs.webkit.org/show_bug.cgi?id=172101
485         rdar://problem/27446589
486
487         Reviewed by Jer Noble.
488
489         Calling the function MTAudioProcessingTapGetSourceAudio when the value of the
490         MTAudioProcessingTapRef parameter is null, will lead to a null dereference.
491         This can for example happen if MediaPlayerPrivateAVFoundationObjC::cancelLoad()
492         is called on the main thread while MediaToolbox is calling the
493         WebCore::AudioSourceProviderAVFObjC::processCallback function on a secondary
494         thread. MediaPlayerPrivateAVFoundationObjC::cancelLoad() will then call
495         AudioSourceProviderAVFObjC::setPlayerItem(nullptr), which will call
496         AudioSourceProviderAVFObjC::destroyMix(), which will set m_tap to null. When
497         AudioSourceProviderAVFObjC::process is called on the secondary thread, using
498         the m_tap member in the call to MTAudioProcessingTapGetSourceAudio, the process
499         will crash.
500
501         No new tests since I am not able to reproduce.
502
503         * platform/graphics/avfoundation/AudioSourceProviderAVFObjC.mm:
504         (WebCore::AudioSourceProviderAVFObjC::initCallback):
505         (WebCore::AudioSourceProviderAVFObjC::process):
506
507 2017-05-17  Chris Dumez  <cdumez@apple.com>
508
509         Setting URL.search to '' results in a stringified URL ending in '?'
510         https://bugs.webkit.org/show_bug.cgi?id=162345
511         <rdar://problem/31800441>
512
513         Reviewed by Alex Christensen.
514
515         As per the specification for the URL.search setter [1], if the given value is
516         the empty string, then we should set the URL's query to null. We would
517         previously set the URL's query to the empty string in this case. This aligns
518         our behavior with Firefox and Chrome.
519
520         [1] https://url.spec.whatwg.org/#dom-url-search
521
522         No new tests, updated existing tests.
523
524         * html/URLUtils.h:
525         (WebCore::URLUtils<T>::setSearch):
526
527 2017-05-17  Eric Carlson  <eric.carlson@apple.com>
528
529         [MediaStream] videoWidth and videoHeight should be set when 'loadedmetadata' event fires
530         https://bugs.webkit.org/show_bug.cgi?id=172223
531         <rdar://problem/31899755>
532
533         Reviewed by Jer Noble.
534
535         Test: fast/mediastream/get-user-media-on-loadedmetadata.html
536
537         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
538         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::currentReadyState): If a stream has
539         a video track, return HaveNothing until we have a sample.
540        
541         * platform/mediastream/RealtimeMediaSource.h:
542         * platform/mock/MockRealtimeAudioSource.cpp:
543         (WebCore::MockRealtimeAudioSource::tick): Optionally delay the next sample.
544         (WebCore::MockRealtimeAudioSource::delaySamples):
545         * platform/mock/MockRealtimeAudioSource.h:
546
547         * platform/mock/MockRealtimeVideoSource.cpp:
548         (WebCore::MockRealtimeVideoSource::delaySamples):
549         (WebCore::MockRealtimeVideoSource::generateFrame): Optionally delay the next sample.
550         * platform/mock/MockRealtimeVideoSource.h:
551
552         * testing/Internals.cpp:
553         (WebCore::Internals::delayMediaStreamTrackSamples):
554         * testing/Internals.h:
555         * testing/Internals.idl:
556
557 2017-05-17  Youenn Fablet  <youenn@apple.com>
558
559         iOS WebRTC Media Capture should not allow camera capture from background tab
560         https://bugs.webkit.org/show_bug.cgi?id=172200
561
562         Reviewed by Eric Carlson.
563
564         Test: platform/ios/mediastream/getUserMedia-disabled-in-background-tabs.html and manual tests.
565
566         Making Video Capture Factory aware of Document visibility changes.
567         On iOS, muting/unmuting the current video source according Document visibility.
568         Not using Document visibility change observer as factories are platform and cannot implement
569         the visibility observer interface without moving the visibility observer interface.
570
571         Introducing internals API to switch on/off the page visibility.
572
573         * dom/Document.cpp:
574         (WebCore::Document::visibilityStateChanged):
575         (WebCore::Document::notifyVisibilityChangedToMediaCapture):
576         * dom/Document.h:
577         * platform/mediastream/RealtimeMediaSource.h:
578         * platform/mediastream/RealtimeMediaSourceCenter.cpp:
579         (WebCore::RealtimeMediaSourceCenter::setVisibility):
580         * platform/mediastream/RealtimeMediaSourceCenter.h:
581         * platform/mediastream/mac/AVVideoCaptureSource.mm:
582         (WebCore::AVVideoCaptureSourceFactory::setVisibility):
583         * testing/Internals.cpp:
584         (WebCore::Internals::setPageVisibility):
585         * testing/Internals.h:
586         * testing/Internals.idl:
587
588 2017-05-17  Said Abou-Hallawa  <sabouhallawa@apple.com>
589
590         When the image decoding thread makes a callOnMainThread(), ensure all the objects it needs are protected
591         https://bugs.webkit.org/show_bug.cgi?id=171614
592
593         Reviewed by David Kilzer.
594
595         The asynchronous image decoding was designed to not block the main thread if
596         the image is deleted. To achieve that we allow decoding the current frame
597         even if it is not going to be used after closing the decoding queue. We 
598         protect all the objects which the decoding thread uses. But when a frame
599         finishes decoding the native image frame is cached on the main thread. Not
600         all of the objects are protected when the callOnMainThread() is dispatched.
601         The ImageFrameCache and the ImageDecoder objects are not protected.
602
603         This might lead to two kinds of crashes:
604         1. A segfault inside the ImageDecoder trying to access one of its member
605         2. A segfault inside the ImageFrameCache trying to access one of its frames
606
607         The fix is to protect the ImageFrameCache and the ImageDecoder when the
608         decoding thread makes a callOnMainThread(). Also switch all the pointers
609         the decoding threads protect to be ThreadSafeRefCounted.
610
611         * platform/graphics/ImageFrameCache.cpp:
612         (WebCore::ImageFrameCache::startAsyncDecodingQueue):
613         * platform/graphics/ImageFrameCache.h:
614         * platform/graphics/cg/ImageDecoderCG.h:
615         * platform/graphics/win/ImageDecoderDirect2D.h:
616         * platform/image-decoders/ImageDecoder.h:
617
618 2017-05-17  Wenson Hsieh  <wenson_hsieh@apple.com>
619
620         A URL type is vended for a non-URL plain text string when starting data interaction
621         https://bugs.webkit.org/show_bug.cgi?id=172228
622         <rdar://problem/32166729>
623
624         Reviewed by Andy Estes.
625
626         Previously, when writing a plain text string to WebItemProviderPasteboard, we would write an NSString directly
627         to the item provider by using built-in functionality in NSString+UIItemProvider. However, this causes plain
628         strings such as "apple" to be considered URLs, since -[NSURL URLWithString:] creates a non-null NSURL. To fix
629         this, we instead write the string as UTF8 data, for the UTI kUTTypeUTF8PlainText, if the plain text is not a
630         URL. If the plain text is clearly a URL (determined by constructing a new WebCore URL with no base URL and the
631         plaintext string as the absolute URL) then we additionally write an NSURL to the pasteboard.
632
633         2 new API tests:
634         DataInteractionTests.SinglePlainTextWordTypeIdentifiers
635         DataInteractionTests.SinglePlainTextURLTypeIdentifiers
636
637         * platform/ios/PlatformPasteboardIOS.mm:
638         (WebCore::addRepresentationsForPlainText):
639         (WebCore::PlatformPasteboard::writeObjectRepresentations):
640
641 2017-05-15  Jiewen Tan  <jiewen_tan@apple.com>
642
643         Replace CryptoOperationData with BufferSource for WebKitSubtleCrypto
644         https://bugs.webkit.org/show_bug.cgi?id=172146
645         <rdar://problem/32122256>
646
647         Reviewed by Brent Fulgham.
648
649         In this patch, we replaces CryptoOperationData with BufferSource for WebKitSubtleCrypto in
650         the custom binding codes.
651
652         Test: crypto/webkitSubtle/import-export-raw-key-leak.html
653
654         * bindings/js/JSWebKitSubtleCryptoCustom.cpp:
655         (WebCore::JSWebKitSubtleCrypto::encrypt):
656         (WebCore::JSWebKitSubtleCrypto::decrypt):
657         (WebCore::JSWebKitSubtleCrypto::sign):
658         (WebCore::JSWebKitSubtleCrypto::verify):
659         (WebCore::JSWebKitSubtleCrypto::digest):
660         (WebCore::JSWebKitSubtleCrypto::importKey):
661         (WebCore::JSWebKitSubtleCrypto::unwrapKey):
662         * crypto/WebKitSubtleCrypto.idl:
663
664 2017-05-17  Youenn Fablet  <youenn@apple.com>
665
666         Move-related refactoring on UserMediaPermissionRequestProxy
667         https://bugs.webkit.org/show_bug.cgi?id=172195
668
669         Reviewed by Alex Christensen.
670
671         No behavioral change.
672
673         * platform/mediastream/RealtimeMediaSourceCenter.h: Cleaning the function definition.
674
675 2017-05-17  David Kilzer  <ddkilzer@apple.com>
676
677         BlobDataFileReference::generateReplacementFile() should use mkstemp()
678         <https://webkit.org/b/172192>
679
680         Reviewed by Brent Fulgham.
681
682         * platform/network/mac/BlobDataFileReferenceMac.mm:
683         (WebCore::BlobDataFileReference::generateReplacementFile): Use
684         mkstemp().
685
686 2017-05-17  Matt Lewis  <jlewis3@apple.com>
687
688         Unreviewed, rolling out r216974.
689
690         Revision caused consistent timeouts on all platforms.
691
692         Reverted changeset:
693
694         "Add a RuntimeEnabledFeature for display: contents, defaulted
695         to false."
696         https://bugs.webkit.org/show_bug.cgi?id=171984
697         http://trac.webkit.org/changeset/216974
698
699 2017-05-17  Nan Wang  <n_wang@apple.com>
700
701         ASSERTION FAILED in WebCore::AccessibilityNodeObject::insertChild()
702         https://bugs.webkit.org/show_bug.cgi?id=171927
703         <rdar://problem/32109781>
704
705         Reviewed by Chris Fleizach.
706
707         The nextSibling() logic might include the continuation sibling that's not
708         the child of the current renderer. Make sure we only insert the valid child.
709
710         Test: accessibility/insert-children-assert.html
711
712         * accessibility/AccessibilityObject.cpp:
713         (WebCore::AccessibilityObject::setIsIgnoredFromParentDataForChild):
714         * accessibility/AccessibilityRenderObject.cpp:
715         (WebCore::AccessibilityRenderObject::nextSibling):
716
717 2017-05-17  Ryosuke Niwa  <rniwa@webkit.org>
718
719         getElementById can return a wrong elemnt when a matching element is removed during beforeload event
720         https://bugs.webkit.org/show_bug.cgi?id=171374
721
722         Reviewed by Brent Fulgham.
723
724         The bug was caused by HTMLLinkElement firing beforeload event inside insertedInto before the tree state is updated.
725         Delay the event dispatch to the post insertion callback.
726
727         Test: fast/html/link-element-removal-during-beforeload.html
728
729         * html/HTMLLinkElement.cpp:
730         (WebCore::HTMLLinkElement::insertedInto):
731         (WebCore::HTMLLinkElement::finishedInsertingSubtree):
732         * html/HTMLLinkElement.h:
733
734 2017-05-17  Alex Christensen  <achristensen@webkit.org>
735
736         Interacting with WKHTTPCookieStores before creating WKWebViews and WKProcessPools should affect cookies used
737         https://bugs.webkit.org/show_bug.cgi?id=171987
738
739         Reviewed by Brady Eidson.
740
741         Covered by new API tests.
742
743         * CMakeLists.txt:
744         * platform/Cookie.h:
745         (WebCore::Cookie::Cookie):
746         (WebCore::Cookie::isNull):
747         (WebCore::CookieHash::hash):
748         (WebCore::CookieHash::equal):
749         (WTF::HashTraits<WebCore::Cookie>::emptyValue):
750         (WTF::HashTraits<WebCore::Cookie>::constructDeletedValue):
751         (WTF::HashTraits<WebCore::Cookie>::isDeletedValue):
752         * platform/network/Cookie.cpp: Added.
753         (WebCore::Cookie::operator==):
754         (WebCore::Cookie::hash):
755         * platform/network/cocoa/CookieCocoa.mm:
756         (WebCore::Cookie::operator NSHTTPCookie *):
757         (WebCore::Cookie::operator==):
758         (WebCore::Cookie::hash):
759         * platform/network/cocoa/NetworkStorageSessionCocoa.mm:
760         (WebCore::NetworkStorageSession::setCookies):
761         Use NSHTTPCookie's hash and equality comparison to more closely match the NSHTTPCookie behavior.
762
763 2017-05-17  Emilio Cobos Álvarez  <ecobos@igalia.com>
764
765         Add a RuntimeEnabledFeature for display: contents, defaulted to false.
766         https://bugs.webkit.org/show_bug.cgi?id=171984
767
768         Reviewed by Antti Koivisto.
769
770         The "defaulted to false" is not only because there are spec issues,
771         but because I ran the WPT suite, and there was a fair amount of
772         crashes and messed render trees.
773
774         * css/StyleResolver.cpp:
775         (WebCore::StyleResolver::adjustRenderStyle):
776         * page/RuntimeEnabledFeatures.h:
777         (WebCore::RuntimeEnabledFeatures::setDisplayContentsEnabled):
778         (WebCore::RuntimeEnabledFeatures::displayContentsEnabled):
779
780 2017-05-17  Antti Koivisto  <antti@apple.com>
781
782         Regression (198943): <marquee> shouldn't wrap text
783         https://bugs.webkit.org/show_bug.cgi?id=172217
784
785         Reviewed by Andreas Kling.
786
787         RenderMarquee::updateMarqueeStyle mutated the style and then expected it to inherit to children.
788         This doesn't work anymore because render tree construction is now separated from style resolution
789         where inheritance happens.
790
791         Test: fast/html/marquee-child-wrap.html
792
793         * css/StyleResolver.cpp:
794         (WebCore::StyleResolver::adjustRenderStyle):
795
796             Implement marquee hacks in adjustRenderStyle instead. This can't do the childrenInline check
797             the previous code had but it wasn't working anyway (there are no children when updateMarqueeStyle
798             gets called).
799
800         * rendering/RenderMarquee.cpp:
801         (WebCore::RenderMarquee::updateMarqueeStyle):
802
803             This no longer needs mutable style.
804
805 2017-05-16  David Kilzer  <ddkilzer@apple.com>
806
807         Remove C-style casts by using xmlDocPtr instead of void*
808         <https://webkit.org/b/172189>
809
810         Reviewed by Alex Christensen.
811
812         * dom/TransformSource.h: Fix whitespace indentation.
813         (typedef PlatformTransformSource): Use xmlDocPtr not void*.
814         * dom/TransformSourceLibxslt.cpp:
815         (WebCore::TransformSource::~TransformSource): Remove cast.
816         * xml/XSLStyleSheetLibxslt.cpp:
817         (WebCore::XSLStyleSheet::document): Remove cast.
818         * xml/XSLTProcessorLibxslt.cpp:
819         (WebCore::xmlDocPtrFromNode): Remove casts.
820         * xml/parser/XMLDocumentParser.h:
821         (WebCore::xmlDocPtrForString): Update declaration to return
822         xmlDocPtr not void*.
823         * xml/parser/XMLDocumentParserLibxml2.cpp:
824         (WebCore::XMLDocumentParser::doEnd): Change type of local
825         variable from void* to xmlDocPtr.
826         (WebCore::xmlDocPtrForString): Update to return xmlDocPtr
827         not void*.
828
829 2017-05-16  Sam Weinig  <sam@webkit.org>
830
831         Bring Notification.idl up to spec
832         https://bugs.webkit.org/show_bug.cgi?id=172156
833
834         Reviewed by Chris Dumez.
835
836         Test: http/tests/notifications/notification.html
837
838         * CMakeLists.txt:
839         * DerivedSources.make:
840         * WebCore.xcodeproj/project.pbxproj:
841         Add new files.
842
843         * Modules/notifications/Notification.cpp:
844         (WebCore::Notification::create):
845         (WebCore::Notification::Notification):
846         (WebCore::Notification::show):
847         (WebCore::directionString): Deleted.
848         (WebCore::Notification::permission): Deleted.
849         (WebCore::Notification::permissionString): Deleted.
850         * Modules/notifications/Notification.h:
851         * Modules/notifications/Notification.idl:
852         * Modules/notifications/NotificationClient.h:
853         * Modules/notifications/NotificationDirection.h: Added.
854         * Modules/notifications/NotificationPermission.h: Added.
855         * Modules/notifications/NotificationPermission.idl: Added.
856         * Modules/notifications/NotificationPermissionCallback.h:
857         * Modules/notifications/NotificationPermissionCallback.idl:
858         Bring up to spec, replacing DOMStrings with enums where appropriate and adding
859         additional readonly properties to Notification to mirror options provided
860         in construction.
861
862 2017-05-16  Zalan Bujtas  <zalan@apple.com>
863
864         Do not skip <slot> children when collecting content for innerText.
865         https://bugs.webkit.org/show_bug.cgi?id=172113
866         <rdar://problem/30362324>
867
868         Reviewed by Ryosuke Niwa and Brent Fulgham.
869
870         "display: contents" elements do not generate renderers but their children might.
871         This patch ensure that we don't skip them while collecting text content.  
872
873         Test: fast/text/inner-text-should-include-slot-subtree.html
874
875         * editing/TextIterator.cpp:
876         (WebCore::TextIterator::advance):
877
878 2017-05-16  Filip Pizlo  <fpizlo@apple.com>
879
880         GCController::garbageCollectNowIfNotDoneRecently should request Async Full GCs
881         https://bugs.webkit.org/show_bug.cgi?id=172204
882
883         Reviewed by Saam Barati.
884
885         No new tests because existing tests will tell us if there is a problem.
886         
887         The goal of this change is to reduce the likelihood that we block for a GC. We want it to be
888         benchmark-neutral.
889         
890         It's a 0.14% speed-up on JetStream with 24% probability.
891         
892         It's a 0.12% slow-down on PLT3 with 43% probability.
893         
894         So it's neutral on my machine.
895
896         * bindings/js/GCController.cpp:
897         (WebCore::GCController::garbageCollectNowIfNotDoneRecently):
898
899 2017-05-16  Tim Horton  <timothy_horton@apple.com>
900
901         [macOS] REGRESSION: Drag images for links with right-to-left titles are incorrect (172006)
902         https://bugs.webkit.org/show_bug.cgi?id=172006
903         <rdar://problem/32165137>
904
905         Reviewed by Dean Jackson.
906
907         * platform/mac/DragImageMac.mm:
908         (WebCore::LinkImageLayout::LinkImageLayout):
909         (WebCore::createDragImageForLink):
910         (WebCore::LinkImageLayout::addLine): Deleted.
911         * platform/spi/cocoa/CoreTextSPI.h:
912         Set and paint the entire frame as a single unit, making use of the
913         CTFrameMaximumNumberOfLines attribute to limit the number of lines.
914         This gives CoreText power over text alignment and makes RTL text lay
915         out correctly.
916
917 2017-05-16  Chris Dumez  <cdumez@apple.com>
918
919         Implement DOMMatrix / DOMMatrixReadOnly
920         https://bugs.webkit.org/show_bug.cgi?id=110001
921
922         Reviewed by Sam Weinig and Simon Fraser.
923
924         Implement DOMMatrix / DOMMatrixReadOnly as per:
925         - https://drafts.fxtf.org/geometry/#DOMMatrix
926
927         For now, these new types co-exist with WebKitCSSMatrix / SVGMatrix. However, in the future,
928         WebKitCSSMatrix / SVGMatrix are supposed to become aliases to DOMMatrix.
929
930         Most of it has been implemented. What remaining to be implemented is:
931         - Make WebKitCSSMatrix / SVGMatrix aliases to DOMMatrix
932         - DOMMatrix.fromFloat32Array() / fromFloat64Array()
933         - DOMMatrixReadOnly.fromFloat32Array() / fromFloat64Array() / toFloat32Array() / toFloat64Array()
934         - DOMMatrixReadOnly.transformPoint().
935
936         Tests: imported/w3c/web-platform-tests/css/geometry-1/*
937
938         * CMakeLists.txt:
939         * DerivedSources.make:
940         * WebCore.xcodeproj/project.pbxproj:
941
942         * bindings/scripts/CodeGeneratorJS.pm:
943         * bindings/scripts/test/JS/JSTestObj.cpp:
944         Fix a bug in the bindings generator causing the generator code for
945         "Constructor(optional (DOMString or sequence<unrestricted double>) init)" to be wrong
946         and not build.
947
948         * css/DOMMatrix.cpp: Added.
949         (WebCore::DOMMatrix::DOMMatrix):
950         (WebCore::DOMMatrix::fromMatrix):
951         (WebCore::DOMMatrix::multiplySelf):
952         (WebCore::DOMMatrix::preMultiplySelf):
953         (WebCore::DOMMatrix::translateSelf):
954         (WebCore::DOMMatrix::scaleSelf):
955         (WebCore::DOMMatrix::scale3dSelf):
956         (WebCore::DOMMatrix::rotateSelf):
957         (WebCore::DOMMatrix::rotateFromVectorSelf):
958         (WebCore::DOMMatrix::rotateAxisAngleSelf):
959         (WebCore::DOMMatrix::skewXSelf):
960         (WebCore::DOMMatrix::skewYSelf):
961         (WebCore::DOMMatrix::invertSelf):
962         (WebCore::DOMMatrix::setMatrixValueForBindings):
963         * css/DOMMatrix.h: Added.
964         (WebCore::DOMMatrix::create):
965         (WebCore::DOMMatrix::setA):
966         (WebCore::DOMMatrix::setB):
967         (WebCore::DOMMatrix::setC):
968         (WebCore::DOMMatrix::setD):
969         (WebCore::DOMMatrix::setE):
970         (WebCore::DOMMatrix::setF):
971         (WebCore::DOMMatrix::setM11):
972         (WebCore::DOMMatrix::setM12):
973         (WebCore::DOMMatrix::setM13):
974         (WebCore::DOMMatrix::setM14):
975         (WebCore::DOMMatrix::setM21):
976         (WebCore::DOMMatrix::setM22):
977         (WebCore::DOMMatrix::setM23):
978         (WebCore::DOMMatrix::setM24):
979         (WebCore::DOMMatrix::setM31):
980         (WebCore::DOMMatrix::setM32):
981         (WebCore::DOMMatrix::setM33):
982         (WebCore::DOMMatrix::setM34):
983         (WebCore::DOMMatrix::setM41):
984         (WebCore::DOMMatrix::setM42):
985         (WebCore::DOMMatrix::setM43):
986         (WebCore::DOMMatrix::setM44):
987         * css/DOMMatrix.idl: Added.
988         * css/DOMMatrixInit.h: Added.
989         * css/DOMMatrixInit.idl: Added.
990         * css/DOMMatrixReadOnly.cpp: Added.
991         (WebCore::DOMMatrixReadOnly::DOMMatrixReadOnly):
992         (WebCore::DOMMatrixReadOnly::validateAndFixup):
993         (WebCore::DOMMatrixReadOnly::fromMatrix):
994         (WebCore::DOMMatrixReadOnly::isIdentity):
995         (WebCore::DOMMatrixReadOnly::setMatrixValue):
996         (WebCore::DOMMatrixReadOnly::translate):
997         (WebCore::DOMMatrixReadOnly::flipX):
998         (WebCore::DOMMatrixReadOnly::flipY):
999         (WebCore::DOMMatrixReadOnly::multiply):
1000         (WebCore::DOMMatrixReadOnly::scale):
1001         (WebCore::DOMMatrixReadOnly::scale3d):
1002         (WebCore::DOMMatrixReadOnly::rotate):
1003         (WebCore::DOMMatrixReadOnly::rotateFromVector):
1004         (WebCore::DOMMatrixReadOnly::rotateAxisAngle):
1005         (WebCore::DOMMatrixReadOnly::skewX):
1006         (WebCore::DOMMatrixReadOnly::skewY):
1007         (WebCore::DOMMatrixReadOnly::inverse):
1008         (WebCore::DOMMatrixReadOnly::toString):
1009         * css/DOMMatrixReadOnly.h: Added.
1010         (WebCore::DOMMatrixReadOnly::create):
1011         (WebCore::DOMMatrixReadOnly::a):
1012         (WebCore::DOMMatrixReadOnly::b):
1013         (WebCore::DOMMatrixReadOnly::c):
1014         (WebCore::DOMMatrixReadOnly::d):
1015         (WebCore::DOMMatrixReadOnly::e):
1016         (WebCore::DOMMatrixReadOnly::f):
1017         (WebCore::DOMMatrixReadOnly::m11):
1018         (WebCore::DOMMatrixReadOnly::m12):
1019         (WebCore::DOMMatrixReadOnly::m13):
1020         (WebCore::DOMMatrixReadOnly::m14):
1021         (WebCore::DOMMatrixReadOnly::m21):
1022         (WebCore::DOMMatrixReadOnly::m22):
1023         (WebCore::DOMMatrixReadOnly::m23):
1024         (WebCore::DOMMatrixReadOnly::m24):
1025         (WebCore::DOMMatrixReadOnly::m31):
1026         (WebCore::DOMMatrixReadOnly::m32):
1027         (WebCore::DOMMatrixReadOnly::m33):
1028         (WebCore::DOMMatrixReadOnly::m34):
1029         (WebCore::DOMMatrixReadOnly::m41):
1030         (WebCore::DOMMatrixReadOnly::m42):
1031         (WebCore::DOMMatrixReadOnly::m43):
1032         (WebCore::DOMMatrixReadOnly::m44):
1033         (WebCore::DOMMatrixReadOnly::is2D):
1034         (WebCore::DOMMatrixReadOnly::fromMatrixHelper):
1035         * css/DOMMatrixReadOnly.idl: Added.
1036         * css/WebKitCSSMatrix.h:
1037         * css/WebKitCSSMatrix.idl:
1038         * svg/SVGMatrix.h:
1039         * svg/SVGMatrix.idl:
1040
1041 2017-05-16  Eric Carlson  <eric.carlson@apple.com>
1042
1043         [MediaStream] AudioSampleBufferList::zeroABL takes byte count, not sample count
1044         https://bugs.webkit.org/show_bug.cgi?id=172194
1045         <rdar://problem/32233799>
1046
1047         Reviewed by Jer Noble.
1048
1049         * platform/mediastream/mac/AudioTrackPrivateMediaStreamCocoa.cpp:
1050         (WebCore::AudioTrackPrivateMediaStreamCocoa::render): Pass number of bytes to zero,
1051         not number of samples.
1052
1053 2017-05-16  Mark Lam  <mark.lam@apple.com>
1054
1055         WorkerRunLoop::Task::performTask() needs to null check context->script() before use.
1056         https://bugs.webkit.org/show_bug.cgi?id=172193
1057         <rdar://problem/32225346>
1058
1059         Reviewed by Filip Pizlo.
1060
1061         According to https://build-safari.apple.com/results/Trunk%20Fuji%20GuardMalloc%20Production%20WK2%20Tests/r216929_459760e0918316187c8e52c6585a3a9ba9181204%20(12066)/results.html,
1062         we see a crash with this crash trace:
1063
1064         Thread 13 Crashed:: WebCore: Worker
1065         0 com.apple.WebCore        0x00000001099607b2 WebCore::WorkerScriptController::isTerminatingExecution() const + 18
1066         1 com.apple.WebCore        0x000000010995ebbf WebCore::WorkerRunLoop::runCleanupTasks(WebCore::WorkerGlobalScope*) + 143
1067         2 com.apple.WebCore        0x000000010995e80f WebCore::WorkerRunLoop::run(WebCore::WorkerGlobalScope*) + 111
1068         3 com.apple.WebCore        0x00000001099621b6 WebCore::WorkerThread::workerThread() + 742
1069         4 com.apple.JavaScriptCore 0x000000010a964b92 WTF::threadEntryPoint(void*) + 178
1070         5 com.apple.JavaScriptCore 0x000000010a964a69 WTF::wtfThreadEntryPoint(void*) + 121
1071         6 libsystem_pthread.dylib  0x00007fffbdb5caab _pthread_body + 180
1072         7 libsystem_pthread.dylib  0x00007fffbdb5c9f7 _pthread_start + 286
1073         8 libsystem_pthread.dylib  0x00007fffbdb5c1fd thread_start + 13
1074
1075         ... and the crashing address is:
1076
1077         Exception Codes: KERN_INVALID_ADDRESS at 0x0000000000000022
1078
1079         0x0000000000000022 is the offset of m_scheduledTerminationMutex in the
1080         WorkerScriptController.  This means that WorkerScriptController::isTerminatingExecution()
1081         is passed a NULL this pointer.  This means that it's possible to have a race
1082         where a WorkerRunLoop::Task gets enqueued beyond the Cleanup task that deletes the
1083         context->script().  As a result, WorkerRunLoop::Task::performTask() (called by
1084         runCleanupTasks()) may see a null context->script().
1085
1086         Hence, WorkerRunLoop::Task::performTask() should null check context->script()
1087         before invoking the isTerminatingExecution() query on it.
1088
1089         No new tests because this is already covered by existing tests.
1090
1091         * workers/WorkerRunLoop.cpp:
1092         (WebCore::WorkerRunLoop::Task::performTask):
1093
1094 2017-05-16  Youenn Fablet  <youenn@apple.com>
1095
1096         Modernize WebKit2 getUserMedia passing of parameters
1097         https://bugs.webkit.org/show_bug.cgi?id=172161
1098
1099         Reviewed by Eric Carlson.
1100
1101         No change of behavior.
1102
1103         * platform/mediastream/RealtimeMediaSourceCenter.h: Using WTF::Function to enable capture Ref<>.
1104
1105 2017-05-16  Jeremy Jones  <jeremyj@apple.com>
1106
1107         Captions and subtitles not showing up in picture-in-picture for MSE content.
1108         https://bugs.webkit.org/show_bug.cgi?id=172145
1109
1110         Reviewed by Eric Carlson.
1111
1112         No new tests as this has no affect on the DOM.
1113
1114         Add TextTrackRepresentation code from MediaPlayerPrivateAVFoundationObj to MediaPlayerPrivateMediaSourceAVFObjc.
1115         This moves the TextTrackRepresentation platfrom layer into the fullscreen container layer when going into
1116         pip for fullscreen, allowing the captions to be visible.
1117
1118         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
1119         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
1120         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::ensureLayer):
1121         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setVideoFullscreenLayer):
1122         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setVideoFullscreenFrame):
1123         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::requiresTextTrackRepresentation):
1124         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::syncTextTrackBounds):
1125         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setTextTrackRepresentation):
1126
1127 2017-05-16  David Kilzer  <ddkilzer@apple.com>
1128
1129         WebCore::leakCGColor() needs CF_RETURNS_RETAINED annotation
1130         <https://webkit.org/b/172190>
1131
1132         Reviewed by Simon Fraser.
1133
1134         * platform/graphics/cg/ColorCG.cpp:
1135         (WebCore::leakCGColor): Annotate with CF_RETURNS_RETAINED since
1136         it does not follow the CF naming convention, which means the
1137         expected behavior can't be inferred by the clang static
1138         analyzer.
1139
1140 2017-05-16  Youenn Fablet  <youenn@apple.com>
1141
1142         RealtimeOutgoingVideoSource should support sinkWants for rotation
1143         https://bugs.webkit.org/show_bug.cgi?id=172123
1144         <rdar://problem/32200017>
1145
1146         Reviewed by Eric Carlson.
1147
1148         Covered by manual testing.
1149
1150         * platform/mediastream/mac/RealtimeOutgoingVideoSource.cpp:
1151         (WebCore::RealtimeOutgoingVideoSource::AddOrUpdateSink): Triggering pixel rotation based on sink.
1152         (WebCore::RealtimeOutgoingVideoSource::sendFrame): Doing the rotation using libwebrtc API.
1153         * platform/mediastream/mac/RealtimeOutgoingVideoSource.h:
1154
1155 2017-05-16  Myles C. Maxfield  <mmaxfield@apple.com>
1156
1157         REGRESSION(r212513): LastResort is platform-dependent, so its semantics should not be required to perform font loading correctly.
1158         https://bugs.webkit.org/show_bug.cgi?id=168487
1159
1160         Reviewed by Antti Koivisto.
1161
1162         There are three ways a Web author can chain multiple font files together:
1163         1. Multiple entries in the "src" descriptor in an @font-face rule
1164         2. Multiple @font-face rules with the same "font-family" descriptor
1165         3. Multiple entries in the "font-family" property on an element
1166
1167         Before r212513, the code which iterated across #2 and #3 above could have
1168         triggered each item in the chain to download. r212513 tried to solve this
1169         by using LastResort as the interstitial font used during downloads, because
1170         LastResort supports every character and therefore solves #3 above. However,
1171         this change had a few problems:
1172
1173         1. Previously, our code would try to avoid using the interstitial font for
1174         layout or rendering whenever possible (because one of the chains above may
1175         have named a local font which would be better to use). In order to use the
1176         benefits of LastResort, I had to remove this avoidance logic and make
1177         WebKit try to use the interstitial font as often as possible. However, due
1178         to the large metrics of LastResort, this means that offsetWidth queries
1179         during font loading would be wildly inaccurate, causing Google Docs to break.
1180         2. It also means that canvas drawing during font loading would actually draw
1181         LastResort, causing Bing maps to break.
1182         3. LastResort is platform-specific, so only platforms which have it would
1183         actually be able to load fonts correctly.
1184
1185         Instead, we should keep the older logic about avoiding using the
1186         interstitial font so that loading has a better experience for the user.
1187         We solve the unnecessary download problem by giving our loading code a
1188         downloading policy enum, which has two values: allow downloads or forbid
1189         downloads. Whenever our loading code returns the interstitial font, we
1190         continue our search, but we change the policy to forbid downloads.
1191
1192         There is one piece of subtlety, though: It is more common for web authors
1193         to put good fallbacks in the "font-family" property than in the "src"
1194         descriptor inside @font-face. This means that we shouldn't exhaustively
1195         search through the @font-face src list first. Instead, we should look
1196         through the src list until we hit a non-local font, and then immediately
1197         start looking through the other other chains.
1198
1199         Tests: fast/text/font-download-font-face-src-list.html
1200                fast/text/font-download-font-family-property.html
1201                fast/text/font-download-remote-fallback-all.html
1202                fast/text/font-interstitial-invisible-width-while-loading.html
1203                fast/text/font-weight-download-3.html
1204                fast/text/web-font-load-fallback-during-loading-2.html
1205                fast/text/web-font-load-invisible-during-loading.html
1206
1207         * css/CSSFontFace.cpp:
1208         (WebCore::CSSFontFace::fontLoadEventOccurred): Implement support for
1209         the font download policy.
1210         (WebCore::CSSFontFace::setStatus): After 3 seconds of loading, we
1211         will start drawing the fallback font. However, for testing, we have an
1212         internal setting to make this switch happen immediately. This patch now
1213         requires that this internal switch happen synchronously.
1214         (WebCore::CSSFontFace::pump): Implement support for the font download
1215         policy.
1216         (WebCore::CSSFontFace::load): Ditto.
1217         (WebCore::CSSFontFace::font): Ditto.
1218         * css/CSSFontFace.h: Ditto.
1219         * css/CSSFontSelector.cpp:
1220         (WebCore::CSSFontSelector::beginLoadingFontSoon): Implement support for
1221         synchronous font download timeouts.
1222         * css/CSSSegmentedFontFace.cpp:
1223         (WebCore::CSSSegmentedFontFace::fontRanges): Implement support for the
1224         font download policy.
1225         * platform/graphics/Font.cpp: Add new flag which represents if the
1226         interstitial font was created after the 3 second timeout or before.
1227         Previously, we would distinguish between these two cases by knowing
1228         that one font was LastResort and the other font was a fallback. Now that
1229         we're using fallback fonts on both sides of the 3 second timeout, we
1230         now no longer know which one should be invisible. This new enum solves
1231         this problem.
1232         (WebCore::Font::Font):
1233         (WebCore::Font::verticalRightOrientationFont):
1234         (WebCore::Font::uprightOrientationFont):
1235         * platform/graphics/Font.h: Ditto.
1236         (WebCore::Font::create):
1237         (WebCore::Font::origin):
1238         (WebCore::Font::visibility):
1239         * platform/graphics/FontCache.h:
1240         * platform/graphics/FontCascade.cpp: We try to fall back to a local() font
1241         during downloads, but there might not be one that we can use. Therefore, we
1242         can't use the presence of the interstitial font to detect if we should paint
1243         invisibly. Instead, we can move this logic into the font-specific part of
1244         painting, and consult with the specific font to know if it was created from
1245         a timed-out @font-face rule or not.
1246         (WebCore::FontCascade::drawText):
1247         (WebCore::shouldDrawIfLoading):
1248         (WebCore::FontCascade::drawGlyphBuffer):
1249         (WebCore::FontCascade::drawEmphasisMarks):
1250         * platform/graphics/FontCascade.h:
1251         * platform/graphics/FontCascadeFonts.cpp:
1252         (WebCore::FontCascadeFonts::glyphDataForVariant): Implement the logic
1253         described above where we switch the policy if we encounter the intestitial
1254         font.
1255         (WebCore::FontCascadeFonts::glyphDataForNormalVariant): Ditto.
1256         (WebCore::glyphPageFromFontRanges): Ditto.
1257         * platform/graphics/FontRanges.cpp: Implement support for the font download
1258         policy.
1259         (WebCore::FontRanges::Range::font):
1260         (WebCore::FontRanges::glyphDataForCharacter):
1261         (WebCore::FontRanges::fontForCharacter):
1262         (WebCore::FontRanges::fontForFirstRange):
1263         * platform/graphics/FontRanges.h:
1264         * platform/graphics/FontSelector.h:
1265         * platform/graphics/freetype/FontCacheFreeType.cpp:
1266         (WebCore::FontCache::lastResortFallbackFontForEveryCharacter): Deleted.
1267         * platform/graphics/mac/FontCacheMac.mm:
1268         (WebCore::FontCache::lastResortFallbackFontForEveryCharacter): Deleted.
1269         * platform/graphics/win/FontCacheWin.cpp:
1270         (WebCore::FontCache::lastResortFallbackFontForEveryCharacter): Deleted.
1271
1272 2017-05-16  Zalan Bujtas  <zalan@apple.com>
1273
1274         Simple line layout: Move setCollapedWhitespaceWidth call to updateLineConstrains.
1275         https://bugs.webkit.org/show_bug.cgi?id=172178
1276
1277         Reviewed by Antti Koivisto.
1278
1279         No change in functionality.
1280
1281         * rendering/SimpleLineLayout.cpp:
1282         (WebCore::SimpleLineLayout::updateLineConstrains):
1283         (WebCore::SimpleLineLayout::createLineRuns):
1284
1285 2017-05-16  Eric Carlson  <eric.carlson@apple.com>
1286
1287         [MediaStream] Return default device list until user gives permission to capture
1288         https://bugs.webkit.org/show_bug.cgi?id=172168
1289         <rdar://problem/31816884>
1290
1291         Reviewed by Youenn Fablet.
1292
1293         Test: fast/mediastream/media-devices-enumerate-devices.html
1294
1295         * Modules/mediastream/MediaDevicesRequest.cpp:
1296         (WebCore::MediaDevicesRequest::filterDeviceList): Remove all but the "default" number of
1297         devices of each type.
1298         (WebCore::MediaDevicesRequest::start): Call filterDeviceList.
1299         * Modules/mediastream/MediaDevicesRequest.h:
1300
1301 2017-05-16  Claudio Saavedra  <csaavedra@igalia.com>
1302
1303         Silent a few warnings about unused parameters
1304         https://bugs.webkit.org/show_bug.cgi?id=172169
1305
1306         Reviewed by Sam Weinig.
1307
1308         * page/Page.cpp:
1309         (WebCore::Page::mainFrameLoadStarted):
1310         * platform/graphics/cairo/ImageBufferCairo.cpp:
1311         (WebCore::ImageBuffer::toData):
1312         * platform/network/ResourceRequestBase.cpp:
1313         (WebCore::ResourceRequestBase::partitionName):
1314
1315 2017-05-16  Wenson Hsieh  <wenson_hsieh@apple.com>
1316
1317         WebItemProviderPasteboard should be robust when temporary files are missing path extensions
1318         https://bugs.webkit.org/show_bug.cgi?id=172170
1319
1320         Reviewed by Tim Horton.
1321
1322         Makes a slight adjustment to the temporary file URLs are handled when using WebItemProviderPasteboard to load
1323         data off of item providers. Previously, we would bail early and not load any data if the temporary URL is
1324         missing an extension. Since the switch to NSItemProviders from UIItemProviders, some types of temporary files
1325         generated by item providers are missing extensions, so this extra check is meaningless.
1326
1327         Covered by existing data interaction unit tests.
1328
1329         * platform/ios/WebItemProviderPasteboard.mm:
1330         (temporaryFileURLForDataInteractionContent):
1331         (-[WebItemProviderPasteboard doAfterLoadingProvidedContentIntoFileURLs:synchronousTimeout:]):
1332
1333 2017-05-16  Zan Dobersek  <zdobersek@igalia.com>
1334
1335         [WPE] GLContextEGL::createWPEContext() should fall back to pbuffer-based contexts when offscreen target provides no native window
1336         https://bugs.webkit.org/show_bug.cgi?id=172162
1337
1338         Reviewed by Carlos Garcia Campos.
1339
1340         When creating an offscreen GLContext, the underlying implementation might
1341         provide a mock native window that's to be used as the window target upon
1342         which a window-based GLContext should be created. But we should also support
1343         falling back to pbuffer-based GLContexts when the underlying implementation
1344         can't provide such mock targets.
1345
1346         * platform/graphics/egl/GLContextEGLWPE.cpp:
1347         (WebCore::GLContextEGL::createWPEContext):
1348
1349 2017-05-16  Zan Dobersek  <zdobersek@igalia.com>
1350
1351         [GLib] Name more GSource-based RunLoop::Timers
1352         https://bugs.webkit.org/show_bug.cgi?id=172158
1353
1354         Reviewed by Carlos Garcia Campos.
1355
1356         * platform/glib/MainThreadSharedTimerGLib.cpp:
1357         (WebCore::MainThreadSharedTimer::MainThreadSharedTimer):
1358         Specify 'MainThreadSharedTimer' as the name of this GSource-based RunLoop::Timer.
1359
1360 2017-05-16  Romain Bellessort  <romain.bellessort@crf.canon.fr>
1361
1362         [Readable Streams API] Implement ReadableStreamBYOBReader releaseLock()
1363         https://bugs.webkit.org/show_bug.cgi?id=172111
1364
1365         Reviewed by Chris Dumez.
1366
1367         Implemented ReadableStreamBYOBReader releaseLock():
1368         - https://streams.spec.whatwg.org/#byob-reader-release-lock;
1369         - https://streams.spec.whatwg.org/#readable-stream-reader-generic-release.
1370
1371         Added tests to check releaseLock behavior.
1372
1373         * Modules/streams/ReadableStreamBYOBReader.js:
1374         (releaseLock): Implemented.
1375         * Modules/streams/ReadableStreamInternals.js:
1376         (readableStreamReaderGenericRelease): Aligned with spec.
1377
1378 2017-05-16  Carlos Garcia Campos  <cgarcia@igalia.com>
1379
1380         Unreviewed. Try to fix GTK+ build with MEDIA_STREAM enabled after r216918.
1381
1382         * platform/mediastream/openwebrtc/RealtimeMediaSourceCenterOwr.cpp:
1383         (WebCore::RealtimeMediaSourceCenterOwr::validateRequestConstraints):
1384
1385 2017-05-16  Youenn Fablet  <youenn@apple.com>
1386
1387         Remove MediaConstraintsData and MediaConstraintsImpl
1388         https://bugs.webkit.org/show_bug.cgi?id=172132
1389
1390         Reviewed by Eric Carlson.
1391
1392         No observable change of behavior.
1393
1394         Removing MediaConstraintsData and MediaConstraintsImpl allows simplifying the code.
1395         Further simplified the code by making MediaConstraints no longer ref counted and now a struct.
1396         Simplified some RealtimeMediaSource subclasses by removing unused MediaConstraints class members.
1397
1398         * CMakeLists.txt: Removing MediaConstraintsImpl.cpp.
1399         * Modules/mediastream/MediaConstraintsImpl.cpp: Removed.
1400         * Modules/mediastream/MediaConstraintsImpl.h: Removed.
1401         * Modules/mediastream/MediaDevices.cpp:
1402         (WebCore::createMediaConstraints):
1403         (WebCore::MediaDevices::getUserMedia):
1404         (WebCore::createMediaConstraintsImpl): Deleted.
1405         * Modules/mediastream/MediaStreamTrack.cpp:
1406         (WebCore::createMediaConstraints):
1407         (WebCore::MediaStreamTrack::applyConstraints):
1408         (WebCore::createMediaConstraintsImpl): Deleted.
1409         * Modules/mediastream/MediaTrackConstraints.cpp:
1410         (WebCore::createMediaConstraints):
1411         (WebCore::createMediaConstraintsImpl): Deleted.
1412         * Modules/mediastream/MediaTrackConstraints.h:
1413         * Modules/mediastream/UserMediaRequest.cpp:
1414         (WebCore::UserMediaRequest::start):
1415         (WebCore::UserMediaRequest::UserMediaRequest):
1416         (WebCore::UserMediaRequest::allow):
1417         * Modules/mediastream/UserMediaRequest.h:
1418         (WebCore::UserMediaRequest::audioConstraints):
1419         (WebCore::UserMediaRequest::videoConstraints):
1420         * WebCore.xcodeproj/project.pbxproj:
1421         * platform/mediastream/MediaConstraints.cpp:
1422         (WebCore::addDefaultVideoConstraints):
1423         (WebCore::MediaConstraints::isConstraintSet):
1424         (WebCore::MediaConstraints::setDefaultVideoConstraints):
1425         * platform/mediastream/MediaConstraints.h:
1426         (WebCore::MediaConstraints::~MediaConstraints): Deleted.
1427         (WebCore::MediaConstraints::MediaConstraints): Deleted.
1428         * platform/mediastream/MediaStreamConstraintsValidationClient.h:
1429         * platform/mediastream/RealtimeMediaSource.cpp:
1430         (WebCore::RealtimeMediaSource::selectSettings):
1431         (WebCore::RealtimeMediaSource::supportsConstraints):
1432         (WebCore::RealtimeMediaSource::applyConstraints):
1433         * platform/mediastream/RealtimeMediaSourceCenter.cpp:
1434         (WebCore::RealtimeMediaSourceCenter::validateRequestConstraints):
1435         * platform/mediastream/RealtimeMediaSourceCenter.h:
1436         * platform/mediastream/mac/RealtimeIncomingAudioSource.cpp:
1437         (WebCore::RealtimeIncomingAudioSource::supportedConstraints): Deleted.
1438         * platform/mediastream/mac/RealtimeIncomingAudioSource.h:
1439         * platform/mediastream/mac/RealtimeIncomingVideoSource.cpp:
1440         (WebCore::RealtimeIncomingVideoSource::supportedConstraints): Deleted.
1441         * platform/mediastream/mac/RealtimeIncomingVideoSource.h:
1442         * platform/mock/MockRealtimeMediaSource.h:
1443         (WebCore::MockRealtimeMediaSource::constraints): Deleted.
1444
1445 2017-05-16  Andy Estes  <aestes@apple.com>
1446
1447         [Cocoa] Tell NEFilterSource about the presenting app's PID
1448         https://bugs.webkit.org/show_bug.cgi?id=172152
1449         <rdar://problem/32197740>
1450
1451         Reviewed by Dan Bernstein.
1452
1453         * platform/cocoa/NetworkExtensionContentFilter.mm:
1454         (WebCore::NetworkExtensionContentFilter::initialize):
1455         * platform/spi/cocoa/NEFilterSourceSPI.h:
1456
1457 2017-05-16  Manuel Rego Casasnovas  <rego@igalia.com>
1458
1459         [css-grid] Fix static position of positioned grid items
1460         https://bugs.webkit.org/show_bug.cgi?id=172108
1461
1462         Reviewed by Sergio Villar Senin.
1463
1464         This patch makes us follow the text on the spec
1465         (https://drafts.csswg.org/css-grid/#static-position):
1466         "The static position of an absolutely-positioned child
1467          of a grid container is determined as if it were the sole grid item
1468          in a grid area whose edges coincide with the padding edges
1469          of the grid container."
1470
1471         Test: fast/css-grid-layout/absolute-positioning-grid-container-parent.html
1472
1473         * rendering/RenderGrid.cpp:
1474         (WebCore::RenderGrid::prepareChildForPositionedLayout): Modified to avoid
1475         including padding to match the spec behavior.
1476
1477 2017-05-16  Per Arne Vollan  <pvollan@apple.com>
1478
1479         Compile error, include file is not found.
1480         https://bugs.webkit.org/show_bug.cgi?id=172105
1481
1482         Reviewed by Brent Fulgham.
1483
1484         Use __has_include to detect if include file exists.
1485
1486         * platform/mediastream/libwebrtc/H264VideoToolBoxEncoder.mm:
1487
1488 2017-05-15  Andy Estes  <aestes@apple.com>
1489
1490         Make the application PID available to WebCore
1491         https://bugs.webkit.org/show_bug.cgi?id=172133
1492
1493         Reviewed by Andreas Kling.
1494
1495         * CMakeLists.txt:
1496         * PlatformMac.cmake:
1497         * WebCore.xcodeproj/project.pbxproj:
1498         * platform/RuntimeApplicationChecks.cpp: Added.
1499         (WebCore::presentingApplicationPIDOverride):
1500         (WebCore::presentingApplicationPID): Returns the override PID if set, or getCurrentProcessID()
1501         otherwise.
1502         (WebCore::setPresentingApplicationPID):
1503         * platform/RuntimeApplicationChecks.h:
1504         * platform/cocoa/RuntimeApplicationChecksCocoa.mm: Renamed from Source/WebCore/platform/RuntimeApplicationChecks.mm.
1505
1506 2017-05-15  Antti Koivisto  <antti@apple.com>
1507
1508         RenderTheme does not need to be per-page
1509         https://bugs.webkit.org/show_bug.cgi?id=172116
1510         <rdar://problem/30426457>
1511
1512         Reviewed by Zalan Bujtas.
1513
1514         There are no implementations of RenderTheme::themeForPage that actually care about the page.
1515         It can be replaced with a singleton, simplifying a bunch of code.
1516
1517         * Modules/mediacontrols/MediaControlsHost.cpp:
1518         (WebCore::MediaControlsHost::shadowRootCSSText):
1519         (WebCore::MediaControlsHost::base64StringForIconNameAndType):
1520         * css/CSSDefaultStyleSheets.cpp:
1521         (WebCore::CSSDefaultStyleSheets::loadFullDefaultStyle):
1522         (WebCore::CSSDefaultStyleSheets::ensureDefaultStyleSheetsForElement):
1523
1524             Fix a potential crash if we get here when page is null (though it doesn't appear to repro on trunk).
1525
1526         * css/StyleColor.cpp:
1527         (WebCore::StyleColor::colorFromKeyword):
1528         * css/StyleResolver.cpp:
1529         (WebCore::StyleResolver::adjustRenderStyle):
1530         * css/parser/CSSParser.cpp:
1531         (WebCore::CSSParser::parseSystemColor):
1532         * css/parser/CSSParser.h:
1533         * css/parser/CSSPropertyParser.cpp:
1534         (WebCore::CSSPropertyParser::consumeSystemFont):
1535         * editing/FrameSelection.cpp:
1536         (WebCore::FrameSelection::updateAppearance):
1537         * html/HTMLMediaElement.cpp:
1538         (WebCore::HTMLMediaElement::ensureMediaControlsInjectedScript):
1539         * html/HTMLMeterElement.cpp:
1540         (WebCore::HTMLMeterElement::createElementRenderer):
1541         * html/HTMLSelectElement.cpp:
1542         (WebCore::HTMLSelectElement::usesMenuList):
1543         (WebCore::HTMLSelectElement::platformHandleKeydownEvent):
1544         (WebCore::HTMLSelectElement::menuListDefaultEventHandler):
1545         * html/HTMLTextFormControlElement.cpp:
1546         (WebCore::HTMLTextFormControlElement::adjustInnerTextStyle):
1547         * html/InputType.cpp:
1548         (WebCore::InputType::themeSupportsDataListUI):
1549         * html/TextFieldInputType.cpp:
1550         (WebCore::TextFieldInputType::shouldHaveSpinButton):
1551         (WebCore::TextFieldInputType::shouldHaveCapsLockIndicator):
1552         * html/canvas/CanvasRenderingContext2D.cpp:
1553         (WebCore::CanvasRenderingContext2D::setStrokeColor):
1554         (WebCore::CanvasRenderingContext2D::setFillColor):
1555         * html/canvas/CanvasStyle.cpp:
1556         (WebCore::parseColor):
1557         (WebCore::parseColorOrCurrentColor):
1558         (WebCore::CanvasStyle::createFromString):
1559         * html/canvas/CanvasStyle.h:
1560         * html/shadow/MediaControlElements.cpp:
1561         (WebCore::MediaControlPanelElement::startTimer):
1562         (WebCore::MediaControlPanelElement::makeOpaque):
1563         (WebCore::MediaControlPanelElement::makeTransparent):
1564         * html/shadow/MediaControls.cpp:
1565         (WebCore::MediaControls::reset):
1566         (WebCore::MediaControls::reportedError):
1567         (WebCore::MediaControls::updateCurrentTimeDisplay):
1568         * html/shadow/mac/ImageControlsButtonElementMac.cpp:
1569         (WebCore::ImageControlsButtonElementMac::tryCreate):
1570         * page/MemoryRelease.cpp:
1571         (WebCore::releaseNoncriticalMemory):
1572         * page/Page.cpp:
1573         (WebCore::Page::Page):
1574         * page/Page.h:
1575         (WebCore::Page::theme): Deleted.
1576         * platform/wpe/RenderThemeWPE.cpp:
1577         (WebCore::RenderTheme::singleton):
1578         (WebCore::RenderTheme::themeForPage): Deleted.
1579         * rendering/RenderEmbeddedObject.cpp:
1580         (WebCore::RenderEmbeddedObject::getReplacementTextGeometry):
1581         * rendering/RenderObject.cpp:
1582         (WebCore::RenderObject::theme):
1583         * rendering/RenderTheme.cpp:
1584         (WebCore::RenderTheme::focusRingColor):
1585         * rendering/RenderTheme.h:
1586         (WebCore::RenderTheme::defaultTheme): Deleted.
1587         * rendering/RenderThemeGtk.cpp:
1588         (WebCore::RenderTheme::singleton):
1589         (WebCore::RenderTheme::themeForPage): Deleted.
1590         * rendering/RenderThemeIOS.mm:
1591         (WebCore::RenderTheme::singleton):
1592         (WebCore::RenderTheme::themeForPage): Deleted.
1593         * rendering/RenderThemeMac.mm:
1594         (WebCore::RenderTheme::singleton):
1595         (WebCore::RenderTheme::themeForPage): Deleted.
1596         * rendering/RenderThemeWin.cpp:
1597         (WebCore::RenderTheme::singleton):
1598         (WebCore::RenderTheme::themeForPage): Deleted.
1599         * rendering/TextPaintStyle.cpp:
1600         (WebCore::computeTextPaintStyle):
1601
1602 2017-05-15  Said Abou-Hallawa  <sabouhallawa@apple.com>
1603
1604         Do not delete asynchronously decoded frames for large images if their clients are in the viewport
1605         https://bugs.webkit.org/show_bug.cgi?id=170640
1606
1607         Reviewed by Simon Fraser.
1608
1609         The image flickering problem happens when a large image is visible in the
1610         view port and for some reason, the decoded frame gets destroyed. When this
1611         image is repainted, BitmapImage::draw() does not find a valid decoded frame
1612         for that image. It then requests an async decoding for the image and just
1613         draws nothing in the image rectangle. Drawing no content between two drawing
1614         phases in which the image is drawn causes the unwanted flickering.
1615
1616         To fix this issue we need to protect the decoded frames of all the images
1617         in the view port from being destroyed. When BitmapImage::destroyDecodedData()
1618         is called, it is going to check, through the ImageObserver, whether any
1619         of its clients is visible. And if so, the current decoded frame won't be
1620         destroyed.
1621
1622         Tests: Modifying existing tests.
1623
1624         * loader/cache/CachedImage.cpp:
1625         (WebCore::CachedImage::CachedImageObserver::decodedSizeChanged):
1626         (WebCore::CachedImage::CachedImageObserver::didDraw):
1627         (WebCore::CachedImage::CachedImageObserver::canDestroyDecodedData):
1628         (WebCore::CachedImage::CachedImageObserver::imageFrameAvailable):
1629         (WebCore::CachedImage::CachedImageObserver::changedInRect):
1630         (WebCore::CachedImage::decodedSizeChanged):
1631         (WebCore::CachedImage::didDraw):
1632         (WebCore::CachedImage::canDestroyDecodedData): Finds out whether it's okay
1633         to discard the image decoded data or not.
1634         (WebCore::CachedImage::imageFrameAvailable):
1635         (WebCore::CachedImage::changedInRect):
1636         * loader/cache/CachedImage.h:
1637         * loader/cache/CachedImageClient.h:
1638         (WebCore::CachedImageClient::canDestroyDecodedData):
1639         * loader/cache/MemoryCache.cpp:
1640         (WebCore::MemoryCache::destroyDecodedDataForAllImages): This function is
1641         currently not used. Use in the internal destroyDecodedDataForAllImages()
1642         but unlike what CachedImage::destroyDecodedData() does, make it destroy
1643         the decoded frames without deleting the image itself.
1644         * loader/cache/MemoryCache.h:
1645         * platform/graphics/BitmapImage.cpp:
1646         (WebCore::BitmapImage::destroyDecodedData):
1647         (WebCore::BitmapImage::draw):
1648         (WebCore::BitmapImage::canDestroyCurrentFrameDecodedData): 
1649         (WebCore::BitmapImage::advanceAnimation):
1650         (WebCore::BitmapImage::internalAdvanceAnimation):
1651         (WebCore::BitmapImage::imageFrameAvailableAtIndex):
1652         * platform/graphics/BitmapImage.h:
1653         * platform/graphics/GraphicsContext3D.cpp:
1654         (WebCore::GraphicsContext3D::packImageData):
1655         * platform/graphics/ImageFrameCache.cpp:
1656         (WebCore::ImageFrameCache::decodedSizeChanged):
1657         (ImageFrameCache::cacheAsyncFrameNativeImageAtIndex): The assertion in this
1658         function is wrong. frameIsCompleteAtIndex() can be false when the an image
1659         decoding is requested but can be true when the decoding finishes.
1660         * platform/graphics/ImageObserver.h:
1661         * platform/graphics/cairo/ImageCairo.cpp:
1662         (WebCore::Image::drawPattern):
1663         * platform/graphics/cg/ImageCG.cpp:
1664         (WebCore::Image::drawPattern):
1665         * platform/graphics/cg/ImageDecoderCG.cpp:
1666         (WebCore::ImageDecoder::frameIsCompleteAtIndex):
1667         * platform/graphics/cg/PDFDocumentImage.cpp:
1668         (WebCore::PDFDocumentImage::decodedSizeChanged):
1669         (WebCore::PDFDocumentImage::draw):
1670         * platform/graphics/texmap/TextureMapperTiledBackingStore.cpp:
1671         (WebCore::TextureMapperTiledBackingStore::updateContentsFromImageIfNeeded):
1672         * platform/graphics/win/ImageDirect2D.cpp:
1673         (WebCore::Image::drawPattern):
1674         * rendering/RenderElement.cpp:
1675         (WebCore::RenderElement::isVisibleInDocumentRect):
1676         (WebCore::RenderElement::isVisibleInViewport):
1677         (WebCore::RenderElement::imageFrameAvailable):
1678         (WebCore::RenderElement::repaintForPausedImageAnimationsIfNeeded):
1679         (WebCore::RenderElement::shouldRepaintInVisibleRect): Deleted. Function
1680         is renamed to isVisibleInViewport() for better readability.
1681         * rendering/RenderElement.h:
1682         * svg/graphics/SVGImage.cpp:
1683         (WebCore::SVGImage::draw):
1684         * svg/graphics/SVGImageClients.h:
1685         * testing/Internals.cpp:
1686         (WebCore::Internals::destroyDecodedDataForAllImages):
1687         * testing/Internals.h:
1688         * testing/Internals.idl:
1689
1690 2017-05-15  Youenn Fablet  <youenn@apple.com>
1691
1692         Simplify RealtimeMediaSource data production and state
1693         https://bugs.webkit.org/show_bug.cgi?id=171999
1694
1695         Reviewed by Eric Carlson.
1696
1697         RealtimeMediaSource takes 3 booleans:
1698         - m_isProducingData tells whether data is produced or not. In the case of capturing, it tells whether capture
1699           happens.
1700         - m_muted/m_enabled allows JS or WebKit level to start/stop the source.
1701
1702         Changed MediaStream capture state computation so that capture is reported as follows:
1703         - m_isProducing is true, capture is happenning and is active
1704         - m_muted is true, capture is happening but is inactive.
1705
1706         Except in the case of WebRTC incoming sources, for which sources may be created as muted as per the spec,
1707         all sources are unmuted, enabled and not producing data when created.
1708
1709         RealtimeMediaSource is now activable either by calling start/stop or by calling setMuted/setEnabled.
1710         This in turns will set the boolean values accordingly and will call the underlying
1711         startProducingData/stopProducingData methods doing the actual stuff.
1712
1713         Removing from all RealtimeMediaSource subclasses the handling of producing data.
1714         Making more methods non-virtual/member fields private to simplify the model.
1715
1716         * Modules/mediastream/CanvasCaptureMediaStreamTrack.cpp:
1717         (WebCore::CanvasCaptureMediaStreamTrack::Source::create):
1718         (WebCore::CanvasCaptureMediaStreamTrack::Source::startProducingData):
1719         (WebCore::CanvasCaptureMediaStreamTrack::Source::stopProducingData):
1720         (WebCore::CanvasCaptureMediaStreamTrack::Source::canvasDestroyed):
1721         (WebCore::CanvasCaptureMediaStreamTrack::Source::captureCanvas):
1722         * Modules/mediastream/CanvasCaptureMediaStreamTrack.h:
1723         * Modules/mediastream/MediaStream.cpp:
1724         (WebCore::MediaStream::mediaState):
1725         * platform/mediastream/MediaStreamTrackPrivate.h:
1726         (WebCore::MediaStreamTrackPrivate::startProducingData):
1727         (WebCore::MediaStreamTrackPrivate::stopProducingData):
1728         * platform/mediastream/RealtimeMediaSource.cpp:
1729         (WebCore::RealtimeMediaSource::setMuted):
1730         (WebCore::RealtimeMediaSource::notifyMutedChange):
1731         (WebCore::RealtimeMediaSource::setEnabled):
1732         (WebCore::RealtimeMediaSource::start):
1733         (WebCore::RealtimeMediaSource::stop):
1734         (WebCore::RealtimeMediaSource::requestStop):
1735         (WebCore::RealtimeMediaSource::reset): Deleted.
1736         * platform/mediastream/RealtimeMediaSource.h:
1737         * platform/mediastream/mac/AVMediaCaptureSource.h:
1738         * platform/mediastream/mac/AVMediaCaptureSource.mm:
1739         (WebCore::AVMediaCaptureSource::AVMediaCaptureSource):
1740         (WebCore::AVMediaCaptureSource::captureSessionIsRunningDidChange):
1741         (WebCore::AVMediaCaptureSource::reset): Deleted.
1742         (WebCore::AVMediaCaptureSource::isProducingData): Deleted.
1743         * platform/mediastream/mac/CoreAudioCaptureSource.cpp:
1744         (WebCore::CoreAudioCaptureSource::CoreAudioCaptureSource):
1745         (WebCore::CoreAudioCaptureSource::startProducingData):
1746         (WebCore::CoreAudioCaptureSource::stopProducingData):
1747         (WebCore::CoreAudioCaptureSource::audioSourceProvider):
1748         * platform/mediastream/mac/CoreAudioCaptureSource.h:
1749         * platform/mediastream/mac/MockRealtimeAudioSourceMac.mm:
1750         (WebCore::MockRealtimeAudioSourceMac::render):
1751         (WebCore::MockRealtimeAudioSource::createMuted): Deleted.
1752         * platform/mediastream/mac/MockRealtimeVideoSourceMac.mm:
1753         (WebCore::MockRealtimeVideoSource::createMuted): Deleted.
1754         * platform/mediastream/mac/RealtimeIncomingAudioSource.cpp:
1755         (WebCore::RealtimeIncomingAudioSource::create):
1756         (WebCore::RealtimeIncomingAudioSource::RealtimeIncomingAudioSource):
1757         (WebCore::RealtimeIncomingAudioSource::~RealtimeIncomingAudioSource):
1758         (WebCore::RealtimeIncomingAudioSource::startProducingData):
1759         (WebCore::RealtimeIncomingAudioSource::stopProducingData):
1760         (WebCore::RealtimeIncomingAudioSource::setSourceTrack):
1761         * platform/mediastream/mac/RealtimeIncomingAudioSource.h:
1762         * platform/mediastream/mac/RealtimeIncomingVideoSource.cpp:
1763         (WebCore::RealtimeIncomingVideoSource::create):
1764         (WebCore::RealtimeIncomingVideoSource::RealtimeIncomingVideoSource):
1765         (WebCore::RealtimeIncomingVideoSource::startProducingData):
1766         (WebCore::RealtimeIncomingVideoSource::setSourceTrack):
1767         (WebCore::RealtimeIncomingVideoSource::stopProducingData):
1768         (WebCore::RealtimeIncomingVideoSource::OnFrame):
1769         * platform/mediastream/mac/RealtimeIncomingVideoSource.h:
1770         * platform/mediastream/mac/WebAudioSourceProviderAVFObjC.mm:
1771         (WebCore::WebAudioSourceProviderAVFObjC::setClient):
1772         * platform/mock/MockMediaEndpoint.cpp:
1773         (WebCore::MockMediaEndpoint::createMutedRemoteSource):
1774         (WebCore::MockMediaEndpoint::unmuteTimerFired):
1775         * platform/mock/MockRealtimeAudioSource.cpp:
1776         (WebCore::MockRealtimeAudioSource::createMuted):
1777         (WebCore::MockRealtimeAudioSource::startProducingData):
1778         (WebCore::MockRealtimeAudioSource::stopProducingData):
1779         * platform/mock/MockRealtimeAudioSource.h:
1780         * platform/mock/MockRealtimeMediaSource.cpp:
1781         (WebCore::MockRealtimeMediaSource::startProducingData): Deleted.
1782         (WebCore::MockRealtimeMediaSource::stopProducingData): Deleted.
1783         * platform/mock/MockRealtimeMediaSource.h:
1784         * platform/mock/MockRealtimeVideoSource.cpp:
1785         (WebCore::MockRealtimeVideoSource::createMuted):
1786         (WebCore::MockRealtimeVideoSource::startProducingData):
1787         (WebCore::MockRealtimeVideoSource::stopProducingData):
1788         (WebCore::MockRealtimeVideoSource::generateFrame):
1789         * platform/mock/MockRealtimeVideoSource.h:
1790
1791 2017-05-15  Myles C. Maxfield  <mmaxfield@apple.com>
1792
1793         Migrate Font constructor from bools to enums
1794         https://bugs.webkit.org/show_bug.cgi?id=172140
1795
1796         Reviewed by Tim Horton.
1797
1798         In https://bugs.webkit.org/show_bug.cgi?id=168487, I'm adding a new flag to Font. We can't
1799         keep having just a pile of bools in this class. Instead, we should be using enums.
1800
1801         No new tests because there is no behavior change.
1802
1803         * css/CSSFontFace.cpp:
1804         (WebCore::CSSFontFace::font):
1805         * css/CSSFontFaceSource.cpp:
1806         (WebCore::CSSFontFaceSource::font):
1807         * css/CSSSegmentedFontFace.cpp:
1808         * loader/cache/CachedFont.cpp:
1809         (WebCore::CachedFont::createFont):
1810         * platform/graphics/Font.cpp:
1811         (WebCore::Font::Font):
1812         (WebCore::Font::verticalRightOrientationFont):
1813         (WebCore::Font::uprightOrientationFont):
1814         (WebCore::Font::brokenIdeographFont):
1815         (WebCore::Font::description):
1816         (WebCore::Font::mathData):
1817         * platform/graphics/Font.h:
1818         (WebCore::Font::create):
1819         (WebCore::Font::origin):
1820         (WebCore::Font::isInterstitial):
1821         (WebCore::Font::widthForGlyph):
1822         (WebCore::Font::isCustomFont): Deleted.
1823         (WebCore::Font::isLoading): Deleted.
1824         * platform/graphics/FontRanges.cpp:
1825         * platform/graphics/cocoa/FontCocoa.mm:
1826         (WebCore::Font::platformInit):
1827         * platform/graphics/freetype/SimpleFontDataFreeType.cpp:
1828         (WebCore::Font::platformCreateScaledFont):
1829         * platform/graphics/win/SimpleFontDataCGWin.cpp:
1830         (WebCore::Font::platformInit):
1831         * platform/graphics/win/SimpleFontDataDirect2D.cpp:
1832         (WebCore::Font::platformInit):
1833         * platform/graphics/win/SimpleFontDataWin.cpp:
1834         (WebCore::Font::platformCreateScaledFont):
1835         (WebCore::Font::determinePitch):
1836         * rendering/SimpleLineLayout.cpp:
1837         (WebCore::SimpleLineLayout::canUseForFontAndText):
1838
1839 2017-05-15  Youenn Fablet  <youenn@apple.com>
1840
1841         WebRTC outgoing muted video sources should send black frames
1842         https://bugs.webkit.org/show_bug.cgi?id=170627
1843         <rdar://problem/31513869>
1844
1845         Reviewed by Eric Carlson.
1846
1847         Covered by updated test.
1848
1849         Instead of sending one black frame and then another one asynchronously,
1850         we use the timer to send a black frame every second when outgoing source is muted.
1851
1852         * platform/mediastream/mac/RealtimeOutgoingVideoSource.cpp:
1853         (WebCore::RealtimeOutgoingVideoSource::sourceMutedChanged):
1854         (WebCore::RealtimeOutgoingVideoSource::sourceEnabledChanged):
1855         (WebCore::RealtimeOutgoingVideoSource::sendBlackFrames):
1856         (WebCore::RealtimeOutgoingVideoSource::sendBlackFrame): Deleted.
1857         * platform/mediastream/mac/RealtimeOutgoingVideoSource.h:
1858         * testing/Internals.cpp:
1859         (WebCore::Internals::videoSampleAvailable):
1860
1861 2017-05-15  David Kilzer  <ddkilzer@apple.com>
1862
1863         Crash in libxml2.2.dylib: xmlDictReference
1864         <https://webkit.org/b/172086>
1865         <rdar://problem/23643436>
1866
1867         Reviewed by Daniel Bates.
1868
1869         Speculative fix and code clean-up based on source code
1870         inspection.  The fix for the crash is in two parts that change
1871         XSLStyleSheet::parseString():
1872         1. Always set m_stylesheetDoc to nullptr after freeing it via
1873            XSLStyleSheet::clearXSLStylesheetDocument().
1874         2. Add nullptr check before using m_stylesheetDoc from parent.
1875
1876         Broadly speaking, the changes are:
1877         - Extract code to reset m_stylesheetDoc into new private
1878           XSLStyleSheet::clearXSLStylesheetDocument() method.  There is
1879           a special contract between m_stylesheetDoc and
1880           m_stylesheetDocTaken that wasn't being followed every time.
1881           See comment in XSLStyleSheet::compileStyleSheet().
1882         - XSLStyleSheet::clearDocuments() now calls new
1883           clearXSLStylesheetDocument() method.  Previously, it was not
1884           checking or resetting m_stylesheetDocTaken, and it might have
1885           leaked an xmlDocPtr if m_stylesheetDoc was set and
1886           m_stylesheetDocTaken was false.
1887         - XSLStyleSheet::parseString() now calls new
1888           clearXSLStylesheetDocument() method.  Previously, it did not
1889           clear m_stylesheetDoc after freeing it, and it could return
1890           early due to a failure in xmlCreateMemoryParserCtxt().
1891         - In XSLStyleSheet::parseString() use checked arithmetic when
1892           calculating 'size' for xmlCreateMemoryParserCtxt() and
1893           xmlCtxtReadMemory().  This code used to do an implicit
1894           unsigned -> signed integer conversion that could overflow.
1895         - Always iterate m_children using an 'auto& import' variable.
1896
1897         * xml/XSLStyleSheet.h:
1898         (WebCore::XSLStyleSheet::clearXSLStylesheetDocument): Add declaration.
1899         (WebCore::XSLStyleSheet::m_disabled): Add default initializer.
1900         (WebCore::XSLStyleSheet::m_stylesheetDoc): Ditto.
1901         (WebCore::XSLStyleSheet::m_stylesheetDocTaken): Ditto.
1902         (WebCore::XSLStyleSheet::m_parentStyleSheet): Ditto.
1903
1904         * xml/XSLStyleSheetLibxslt.cpp:
1905         (WebCore::XSLStyleSheet::XSLStyleSheet): Get rid of redundant
1906         initializers.  Set m_parentStyleSheet if needed.
1907         (WebCore::XSLStyleSheet::~XSLStyleSheet): Call
1908         clearXSLStylesheetDocument() instead of custom code.  Switch
1909         m_children fast iteration to use 'auto& import' variable.
1910         (WebCore::XSLStyleSheet::isLoading): Switch m_children fast
1911         iteration to use 'auto& import' variable.
1912         (WebCore::XSLStyleSheet::clearDocuments): Call
1913         clearXSLStylesheetDocument() instead of setting m_stylesheetDoc
1914         to nullptr.  This might fix an occasional xmlDocPtr leak.
1915         (WebCore::XSLStyleSheet::clearXSLStylesheetDocument): Add.  This
1916         method always sets m_stylesheetDoc to nullptr (after freeing it
1917         if necessary) and sets m_stylesheetDocTaken to false.
1918         (WebCore::XSLStyleSheet::parseString): Call
1919         clearXSLStylesheetDocument().  Prior to this, m_stylesheetDoc
1920         might be left pointing to a freed value, and this method could
1921         return early if xmlCreateMemoryParserCtxt() failed.  Switch to
1922         using Checked<> to compute required buffer size to parse XSL
1923         stylesheet, and return early on overflow.  Clean up existing
1924         return statements to use boolean expressions.  Add nullptr check
1925         for m_parentStyleSheet->m_stylesheetDoc before using it.
1926         (WebCore::XSLStyleSheet::loadChildSheet): Get rid of local
1927         variable by calling loadSheet() from last array element.
1928         (WebCore::XSLStyleSheet::compileStyleSheet): Add debug assert
1929         that m_stylesheetDoc is not nullptr.
1930
1931 2017-05-15  Jer Noble  <jer.noble@apple.com>
1932
1933         Add experimental setting to allow document gesture interaction to fulfill media playback gesture requirement
1934         https://bugs.webkit.org/show_bug.cgi?id=172131
1935
1936         Reviewed by Eric Carlson.
1937
1938         Test: media/restricted-audio-playback-with-document-gesture.html
1939
1940         Move all calls to ScriptController::processingUserGestureForMedia() to the new Document equivalent. In Document,
1941         if the new setting is enabled, return true from processingUserGestureForMedia() if the top-level document has had
1942         a user gesture interaction.
1943
1944         * Modules/mediastream/MediaStream.cpp:
1945         (WebCore::MediaStream::processingUserGestureForMedia):
1946         * Modules/mediastream/MediaStream.h:
1947         * Modules/webaudio/AudioContext.cpp:
1948         (WebCore::AudioContext::processingUserGestureForMedia):
1949         (WebCore::AudioContext::willBeginPlayback):
1950         (WebCore::AudioContext::willPausePlayback):
1951         * Modules/webaudio/AudioContext.h:
1952         * dom/Document.cpp:
1953         (WebCore::Document::processingUserGestureForMedia):
1954         * dom/Document.h:
1955         * html/HTMLMediaElement.cpp:
1956         (WebCore::HTMLMediaElement::load):
1957         (WebCore::HTMLMediaElement::audioTrackEnabledChanged):
1958         (WebCore::HTMLMediaElement::seekWithTolerance):
1959         (WebCore::HTMLMediaElement::play):
1960         (WebCore::HTMLMediaElement::playInternal):
1961         (WebCore::HTMLMediaElement::pause):
1962         (WebCore::HTMLMediaElement::pauseInternal):
1963         (WebCore::HTMLMediaElement::setMuted):
1964         (WebCore::HTMLMediaElement::webkitShowPlaybackTargetPicker):
1965         (WebCore::HTMLMediaElement::processingUserGestureForMedia):
1966         * html/HTMLMediaElement.h:
1967         * html/MediaElementSession.cpp:
1968         (WebCore::MediaElementSession::playbackPermitted):
1969         (WebCore::MediaElementSession::dataLoadingPermitted):
1970         (WebCore::MediaElementSession::fullscreenPermitted):
1971         (WebCore::MediaElementSession::canShowControlsManager):
1972         (WebCore::MediaElementSession::showPlaybackTargetPicker):
1973         * page/Settings.in:
1974         * platform/audio/PlatformMediaSession.h:
1975
1976 2017-05-15  Jer Noble  <jer.noble@apple.com>
1977
1978         Only ever initialize LibWebRTCProvider's staticFactoryAndThreads() factories once.
1979         https://bugs.webkit.org/show_bug.cgi?id=172047
1980
1981         Reviewed by Youenn Fablet.
1982
1983         Wrap the initilization of the factories contained in staticFactoryAndThreads() in a call_once to ensure
1984         new factories aren't created every time it's called.
1985
1986         * platform/mediastream/libwebrtc/LibWebRTCProvider.cpp:
1987         (WebCore::staticFactoryAndThreads):
1988
1989 2017-05-15  Joseph Pecoraro  <pecoraro@apple.com>
1990
1991         Web Inspector: CRASH seen with DOM.setOuterHTML when there is no documentElement
1992         https://bugs.webkit.org/show_bug.cgi?id=172135
1993         <rdar://problem/32175860>
1994
1995         Reviewed by Brian Burg.
1996
1997         Test: inspector/dom/setOuterHTML-no-document-element.html
1998
1999         * inspector/DOMPatchSupport.cpp:
2000         (WebCore::DOMPatchSupport::patchDocument):
2001         Null check the document element which might not exist.
2002
2003 2017-05-15  Said Abou-Hallawa  <sabouhallawa@apple.com>
2004
2005         REGRESSION (216471): Infinite repaint-drawing loop when asynchronously decoding incomplete image frames
2006         https://bugs.webkit.org/show_bug.cgi?id=171900
2007
2008         Reviewed by Tim Horton.
2009
2010         -- Don't destroy incomplete decoded image frames for large images. This
2011         is to avoid flickering while decoding another image frame with the new
2012         data. The old incomplete image frame will be destroyed once the newer one
2013         finishes decoding.
2014
2015         -- Extend the enum ImageFrame::DecodingStatus by adding a new value called
2016         'Decoding'. This new value will never be cached in the ImageFrame::
2017         m_decodingStatus. Add a member m_currentFrameDecodingStatus to BitmapImage.
2018         The purpose of this member is to invalidate the current frame, without
2019         deleting it, when new encoded data is received.
2020
2021         -- Don't wait until the native image is decoded to cache the ImageFrame
2022         decodingStatus. There is a big chance that more data arrives between
2023         starting the decoding and finishing it such that the decoding changes
2024         from Partial to Complete. We need to prevent keeping incomplete ImageFrames
2025         cached because we mistakenly assume they are complete. To fix this issue
2026         we need to know the ImageFrame decodingStatus when the decoding is requested.
2027
2028         * platform/graphics/BitmapImage.cpp:
2029         (WebCore::BitmapImage::destroyDecodedData):
2030         (WebCore::BitmapImage::dataChanged):
2031         (WebCore::BitmapImage::draw):
2032         (WebCore::BitmapImage::internalStartAnimation): At the beginning of this 
2033         function we check whether the next frame is being decoded or not and we 
2034         return DecodingActive if it is. Let's handle the second check here also 
2035         before requesting the decoding of nextFrame. We need to check whether the
2036         nextFrame has a native image with decoded with the native size or not.
2037         (WebCore::BitmapImage::internalAdvanceAnimation):
2038         (WebCore::BitmapImage::imageFrameAvailableAtIndex):
2039         * platform/graphics/BitmapImage.h:
2040         * platform/graphics/ImageFrame.cpp:
2041         (WebCore::ImageFrame::operator=):
2042         (WebCore::ImageFrame::setDecodingStatus):
2043         (WebCore::ImageFrame::decodingStatus):
2044         * platform/graphics/ImageFrame.h:
2045         (WebCore::ImageFrame::isInvalid):
2046         (WebCore::ImageFrame::isPartial):
2047         (WebCore::ImageFrame::isComplete):
2048         (WebCore::ImageFrame::setDecoding): Deleted.
2049         (WebCore::ImageFrame::decoding): Deleted.
2050         (WebCore::ImageFrame::isEmpty): Deleted.
2051         * platform/graphics/ImageFrameCache.cpp:
2052         (WebCore::ImageFrameCache::setNativeImage):
2053         (WebCore::ImageFrameCache::cacheMetadataAtIndex):
2054         (WebCore::ImageFrameCache::cacheNativeImageAtIndex):
2055         (WebCore::ImageFrameCache::cacheNativeImageAtIndexAsync):
2056         (WebCore::ImageFrameCache::startAsyncDecodingQueue):
2057         (WebCore::ImageFrameCache::requestFrameAsyncDecodingAtIndex):
2058         (WebCore::ImageFrameCache::stopAsyncDecodingQueue):
2059         (WebCore::ImageFrameCache::frameAtIndexCacheIfNeeded):
2060         (WebCore::ImageFrameCache::frameDecodingStatusAtIndex):
2061         (WebCore::ImageFrameCache::cacheFrameMetadataAtIndex): Deleted.
2062         (WebCore::ImageFrameCache::cacheFrameNativeImageAtIndex): Deleted.
2063         (WebCore::ImageFrameCache::cacheAsyncFrameNativeImageAtIndex): Deleted.
2064         (WebCore::ImageFrameCache::frameIsCompleteAtIndex): Deleted.
2065         * platform/graphics/ImageFrameCache.h:
2066         (WebCore::ImageFrameCache::ImageFrameRequest::operator==):
2067         * platform/graphics/ImageSource.cpp:
2068         (WebCore::ImageSource::dataChanged):
2069         * platform/graphics/ImageSource.h:
2070         (WebCore::ImageSource::destroyIncompleteDecodedData):
2071         (WebCore::ImageSource::requestFrameAsyncDecodingAtIndex): Let the caller
2072         decide whether another request for the same image frame is allowed or not.
2073         (WebCore::ImageSource::frameDecodingStatusAtIndex):
2074         (WebCore::ImageSource::frameIsCompleteAtIndex): Deleted.
2075         * platform/image-decoders/ImageDecoder.cpp:
2076         (WebCore::ImageDecoder::frameDurationAtIndex):
2077         (WebCore::ImageDecoder::createFrameImageAtIndex):
2078         * platform/image-decoders/bmp/BMPImageReader.cpp:
2079         (WebCore::BMPImageReader::decodeBMP):
2080         * platform/image-decoders/gif/GIFImageDecoder.cpp:
2081         (WebCore::GIFImageDecoder::clearFrameBufferCache):
2082         (WebCore::GIFImageDecoder::haveDecodedRow):
2083         (WebCore::GIFImageDecoder::frameComplete):
2084         (WebCore::GIFImageDecoder::initFrameBuffer):
2085         * platform/image-decoders/jpeg/JPEGImageDecoder.cpp:
2086         (WebCore::JPEGImageDecoder::outputScanlines):
2087         (WebCore::JPEGImageDecoder::jpegComplete):
2088         * platform/image-decoders/png/PNGImageDecoder.cpp:
2089         (WebCore::PNGImageDecoder::rowAvailable):
2090         (WebCore::PNGImageDecoder::pngComplete):
2091         (WebCore::PNGImageDecoder::clearFrameBufferCache):
2092         (WebCore::PNGImageDecoder::frameComplete):
2093         * platform/image-decoders/webp/WEBPImageDecoder.cpp:
2094         (WebCore::WEBPImageDecoder::decode):
2095
2096 2017-05-15  Chris Dumez  <cdumez@apple.com>
2097
2098         Align WebKitCSSMatrix stringifier with spec for DOMMatrix
2099         https://bugs.webkit.org/show_bug.cgi?id=172114
2100
2101         Reviewed by Simon Fraser.
2102
2103         Align WebKitCSSMatrix stringifier with spec for DOMMatrix after:
2104         - https://github.com/w3c/fxtf-drafts/pull/148
2105
2106         The following changes were made:
2107         - Use EcmaScript's ToString() to convert floating point values to string
2108         - Throw an invalid state error if the matrix contains non-finite values
2109         - Made WebKitCSSMatrix.toString enumerable as per [1].
2110
2111         [1] https://heycam.github.io/webidl/#es-stringifier
2112
2113         Test: fast/css/matrix-stringifier.html
2114
2115         * css/WebKitCSSMatrix.cpp:
2116         (WebCore::WebKitCSSMatrix::toString):
2117         * css/WebKitCSSMatrix.h:
2118         * css/WebKitCSSMatrix.idl:
2119         * platform/graphics/transforms/TransformationMatrix.cpp:
2120         (WebCore::TransformationMatrix::containsOnlyFiniteValues):
2121         * platform/graphics/transforms/TransformationMatrix.h:
2122
2123 2017-05-15  Mark Lam  <mark.lam@apple.com>
2124
2125         WorkerRunLoop::Task::performTask() should check !scriptController->isTerminatingExecution().
2126         https://bugs.webkit.org/show_bug.cgi?id=171775
2127         <rdar://problem/30975761>
2128
2129         Reviewed by Filip Pizlo.
2130
2131         Currently, WorkerThread::stop() calls scheduleExecutionTermination() to terminate
2132         JS execution first, followed by posting a cleanup task to the worker, and lastly,
2133         it invokes terminate() on the WorkerRunLoop.
2134
2135         As a result, before the run loop is terminated, the worker thread may observe the
2136         TerminatedExecutionException in JS code, bail out, see another JS task to run,
2137         re-enters the VM to run said JS code, and fails with an assertion due to the
2138         TerminatedExecutionException still being pending on VM entry.
2139
2140         WorkerRunLoop::Task::performTask() already has a check to only allow a task to
2141         run if and only if !runLoop.terminated() and the task is not a clean up task.
2142         We'll fix the above race by changing WorkerRunLoop::Task::performTask() to check
2143         !context->script()->isTerminatingExecution() instead of !runLoop.terminated().
2144         Since WorkerThread::stop() always scheduleExecutionTermination() before it
2145         terminates the run loop, !context->script()->isTerminatingExecution() implies
2146         !runLoop.terminated().
2147
2148         The only time that runLoop is terminated without scheduleExecutionTermination()
2149         being called is when WorkerThread::stop() is called before the WorkerThread has
2150         finished creating its WorkerGlobalScope.  In this scenario, WorkerThread::stop()
2151         will still terminate the run loop.  Hence, after the WorkerGlobalScope is created
2152         (in WorkerThread::workerThread()), we will check if the run loop has been
2153         terminated (i.e. stop() was called).  If so, we'll scheduleExecutionTermination()
2154         there, and guarantee that if runloop.terminated() is true, then
2155         context->script()->isTerminatingExecution() is also true.
2156
2157         Solutions that were considered but did not work (recorded for future reference):
2158
2159         1. In WorkerThread::stop(), call scheduleExecutionTermination() only after it
2160            posts the cleanup task and terminate the run loop.
2161
2162            This did not work because this creates a race where the worker thread may run
2163            the cleanup task before WorkerThread::stop() finishes.  As a result, the
2164            scriptController may be deleted before we get to invoke scheduleExecutionTermination()
2165            on it, thereby resulting in a use after free.
2166
2167            To make this work, we would have to change the life cycle management strategy
2168            of the WorkerScriptController.  This is a more risky change that we would
2169            want to take on at this time, and may also not be worth the gain.
2170
2171         2. Break scheduleExecutionTermination() up into 2 parts i.e. WorkerThread::stop()
2172            will:
2173            1. set the scriptControllers m_isTerminatingExecution flag before
2174               posting the cleanup task and terminating the run loop, and
2175            2. invoke VM::notifyNeedsTermination() after posting the cleanup task and
2176               terminating the run loop.
2177
2178            This requires that we protect the liveness of the VM until we can invoke
2179            notifyNeedsTermination() on it.
2180
2181            This did not work because:
2182            1. We may end up destructing the VM in WorkerThread::stop() i.e. in the main
2183               web frame, but only the worker thread holds the JS lock for the VM.
2184
2185               We can make the WorkerThread::stop() acquire the JS lock just before it
2186               releases the protected VM's RefPtr, but that would mean the main thread
2187               may be stuck waiting a bit for the worker thread to release its JSLock.
2188               This is not desirable.
2189
2190            2. In practice, changing the liveness period of the Worker VM relative to its
2191               WorkerScriptController and WorkerGlobalScope also has unexpected
2192               ramifications.  We observed many worker tests failing with assertion
2193               failures and crashes due to this change.
2194
2195            Hence, this approach is also a more risky change than it appears on the
2196            surface, and is not worth exploring at this time.
2197
2198         In the end, changing WorkerRunLoop::Task::performTask() to check for
2199         !scriptController->isTerminatingExecution() is the most straight forward solution
2200         that is easy to prove correct.
2201
2202         Also fixed a race in WorkerThread::workerThread() where it can delete the
2203         WorkerGlobalScope while WorkerThread::stop() is in the midst of accessing it.
2204         We now guard the the nullifying of m_workerGlobalScope with the
2205         m_threadCreationAndWorkerGlobalScopeMutex as well.
2206
2207         UPDATE: the only new thing in this patch for re-landing (vs one previously landed)
2208         is that instead of nullifying m_workerGlobalScope directly (thereby deleting the
2209         WorkerGlobalScope context), we'll swap it out and delete it only after we've
2210         unlocked the m_threadCreationAndWorkerGlobalScopeMutex.  This is needed because
2211         the destruction of the WorkerGlobalScope will cause the main thread to race against
2212         the worker thread to delete the WorkerThread object, and the WorkerThread object
2213         owns the mutex that we need to unlock after nullifying the m_workerGlobalScope
2214         field.
2215
2216         This issue is covered by an existing test that I just unskipped in TestExpectations.
2217
2218         * bindings/js/JSDOMPromiseDeferred.cpp:
2219         (WebCore::DeferredPromise::callFunction):
2220
2221         * bindings/js/WorkerScriptController.cpp:
2222         (WebCore::WorkerScriptController::scheduleExecutionTermination):
2223         - Added a check to do nothing and return early if the scriptController is already
2224           terminating execution.
2225
2226         * workers/WorkerRunLoop.cpp:
2227         (WebCore::WorkerRunLoop::runInMode):
2228         (WebCore::WorkerRunLoop::runCleanupTasks):
2229         (WebCore::WorkerRunLoop::Task::performTask):
2230
2231         * workers/WorkerRunLoop.h:
2232         - Made Task::performTask() private and make Task befriend the WorkerRunLoop class.
2233           This ensures that only the WorkerRunLoop may call performTask().
2234           Note: this change only formalizes and hardens a relationship that was already
2235           in place before this.
2236
2237         * workers/WorkerThread.cpp:
2238         (WebCore::WorkerThread::start):
2239         (WebCore::WorkerThread::workerThread):
2240         (WebCore::WorkerThread::stop):
2241         * workers/WorkerThread.h:
2242         - Renamed m_threadCreationMutex to m_threadCreationAndWorkerGlobalScopeMutex so
2243           that it more accurately describes what it guards.
2244
2245 2017-05-15  Myles C. Maxfield  <mmaxfield@apple.com>
2246
2247         Unicode characters which can't be rendered in any font are invisible
2248         https://bugs.webkit.org/show_bug.cgi?id=171942
2249         <rdar://problem/32054234>
2250
2251         Reviewed by Tim Horton.
2252
2253         There are some Unicode characters which don't have any font on the system which can render them.
2254         These characters should be drawn as the .notdef "tofu." This is for security and usability, as
2255         well as what Firefox and Chrome do. However, we still shouldn't draw characters with the
2256         Default_Ignorable_Code_Point property, because this is what CoreText does.
2257
2258         This behavior is also what the Unicode spec recommends: In UTR #36 Unicode Security Considerations:
2259         http://www.unicode.org/reports/tr36/#Recommendations_General
2260         "If there is no available glyph for a character, never show a simple "?" or omit the character."
2261
2262         Also relevant is the Unicode Standard section 5.3 Unknown and MIssing Characters, starting at page
2263         marked 203 in the following: http://www.unicode.org/versions/Unicode9.0.0/ch05.pdf
2264
2265         Tests: fast/text/default-ignorable.html
2266                fast/text/unknown-char-notdef.html
2267
2268         * platform/graphics/WidthIterator.cpp:
2269         (WebCore::characterMustDrawSomething):
2270
2271 2017-05-15  Timothy Horton  <timothy_horton@apple.com>
2272
2273         Null deref under WebContentReader::readURL when interacting with a file URL
2274         https://bugs.webkit.org/show_bug.cgi?id=172045
2275         <rdar://problem/25880647>
2276
2277         Reviewed by Wenson Hsieh.
2278
2279         * editing/ios/EditorIOS.mm:
2280         (WebCore::Editor::WebContentReader::readURL):
2281         The AppSupport soft link was wrong, as there is no such framework in /System/Library/Frameworks.
2282         Thus, any time we hit this codepath, the soft linked function would be null, and calling it would crash.
2283         Instead of just fixing the soft link, remove the code, because it does not seem necessary to
2284         special-case fileURLs to images in the media directory.
2285
2286 2017-05-15  Eric Carlson  <eric.carlson@apple.com>
2287
2288         ASSERTION FAILED: wasRemoved in WebCore::RealtimeMediaSourceCenter::removeDevicesChangedObserver(DevicesChangedObserverToken)
2289         https://bugs.webkit.org/show_bug.cgi?id=171529
2290         <rdar://problem/31945791>
2291
2292         Reviewed by Jer Noble.
2293
2294         No new tests, fixes a crash in existing tests.
2295
2296         * Modules/mediastream/MediaDevices.cpp:
2297         (WebCore::MediaDevices::MediaDevices): Use a weak ptr.
2298
2299         * platform/mediastream/RealtimeMediaSourceCenter.cpp:
2300         * platform/mediastream/RealtimeMediaSourceCenter.cpp:
2301         (WebCore::observerMap):  Use a static hash map for observers because the
2302         source center can change at runtime.
2303         (WebCore::RealtimeMediaSourceCenter::addDevicesChangedObserver):
2304         (WebCore::RealtimeMediaSourceCenter::removeDevicesChangedObserver):
2305         (WebCore::RealtimeMediaSourceCenter::captureDevicesChanged):
2306
2307 2017-05-15  Brent Fulgham  <bfulgham@apple.com>
2308
2309         [iOS WK1] Do not try to dispatch messages to subframes if their documents have not been constructed yet.
2310         https://bugs.webkit.org/show_bug.cgi?id=172059
2311         <rdar://problem/31963192>
2312
2313         Reviewed by Zalan Bujtas.
2314
2315         On iOS WK1 we can end up in an inconsistent state, where
2316         1. The web thread is inside a newly-injected iframe's document's constructor and
2317         2. waiting on a delegate callback on the main thread
2318         while the main thread
2319         (a) Evaluates arbitrary JavaScript that modifies storage which
2320         (b) Triggers an event dispatch.
2321  
2322         * storage/StorageEventDispatcher.cpp:
2323         (WebCore::StorageEventDispatcher::dispatchSessionStorageEvents): If the sub-frame's document
2324         is in an inconsistent state, skip it.
2325         (WebCore::StorageEventDispatcher::dispatchLocalStorageEvents): Ditto.
2326         (WebCore::StorageEventDispatcher::dispatchSessionStorageEventsToFrames): Ditto.
2327         (WebCore::StorageEventDispatcher::dispatchLocalStorageEventsToFrames): Ditto.
2328
2329 2017-05-15  Zalan Bujtas  <zalan@apple.com>
2330
2331         Simple line layout: Leading whitespace followed by a <br> produces an extra linebreak.
2332         https://bugs.webkit.org/show_bug.cgi?id=172076
2333
2334         Reviewed by Antti Koivisto.
2335
2336         When the collapsed whitespace does not fit the line, we need to push it to the next line
2337         so that we can decide whether any soft/hard linebreak should be skipped (to avoid double line breaks) or not.
2338
2339         Test: fast/text/simple-line-layout-leading-whitespace-with-soft-hard-linebreak.html
2340
2341         * rendering/SimpleLineLayout.cpp:
2342         (WebCore::SimpleLineLayout::consumeLineBreakIfNeeded): special handling <br>
2343         (WebCore::SimpleLineLayout::firstFragment): Now we need to deal with leading collapsed whitespace.
2344         (WebCore::SimpleLineLayout::createLineRuns): We need to push even the collapsed whitespace to the next line.
2345
2346 2017-05-15  Nael Ouedraogo  <nael.ouedraogo@crf.canon.fr>
2347
2348         Invalid MediaSource duration value should throw TyperError instead of InvalidStateError
2349         https://bugs.webkit.org/show_bug.cgi?id=171653
2350
2351         Reviewed by Chris Dumez.
2352
2353         Modify MediaSource::setDuration to throw a TypeError when duration value is invalid as per MSE specification
2354         (https://www.w3.org/TR/2016/REC-media-source-20161117/#dom-mediasource-duration).
2355
2356         Update expectations of corresponding WPT test.
2357
2358         * Modules/mediasource/MediaSource.cpp:
2359         (WebCore::MediaSource::setDuration):
2360         (WebCore::MediaSource::setDurationInternal):
2361
2362 2017-05-15  Gwang Yoon Hwang  <yoon@igalia.com>
2363
2364         [CAIRO] Painting an image mask with a matrix above Pixman's limit breaks internal states of Cairo
2365         https://bugs.webkit.org/show_bug.cgi?id=169094
2366
2367         Reviewed by Žan Doberšek.
2368
2369         It is the same problem which addressed in r212431.
2370         In HiDPI situation, it happens easily due to the size of coordinates.
2371         Also, if this bug happens, it will break the rendering continuously
2372         since we are reusing graphics contexts to render webpages in same
2373         webview.
2374
2375         Test: fast/hidpi/hidpi-long-page-with-inset-element.html
2376
2377         * platform/graphics/cairo/PlatformContextCairo.cpp:
2378         (WebCore::PlatformContextCairo::pushImageMask):
2379         We can avoid the limit of the Pixman by reducing the source surface's
2380         size, and it will create a minimal pattern matrix.
2381
2382 2017-05-14  Zan Dobersek  <zdobersek@igalia.com>
2383
2384         Unreviewed build fix with newer Perl versions.
2385
2386         * bindings/scripts/CodeGeneratorJS.pm:
2387         (AddLegacyCallerOperationIfNeeded): Support for experimental push on scalar (and
2388         other auto-dereferencing) was removed in Perl 5.24. Instead, the LegacyCallers array
2389         has to be dereferenced when pushing new values to it.
2390
2391 2017-05-14  Sam Weinig  <sam@webkit.org>
2392
2393         [WebIDL/DOM] Remove need for custom bindings for HTMLAllCollection and bring up to spec
2394         https://bugs.webkit.org/show_bug.cgi?id=172095
2395
2396         Reviewed by Darin Adler.
2397
2398         - Adds support for the legacycaller WebIDL special annotation.
2399         - Updates implementation of HTMLAllCollection to match the current HTML spec.
2400
2401         Test: fast/dom/document-all.html
2402
2403         * CMakeLists.txt:
2404         * WebCore.xcodeproj/project.pbxproj:
2405         * bindings/js/JSBindingsAllInOne.cpp:
2406         * bindings/js/JSHTMLAllCollectionCustom.cpp: Removed.
2407         Removed JSHTMLAllCollectionCustom.cpp
2408
2409         * bindings/scripts/CodeGeneratorJS.pm:
2410         (GenerateInterface):
2411         (AddLegacyCallerOperationIfNeeded):
2412         Before code generation, clone all the legacycaller operations and put them
2413         in their own set, so they can form an overload set.
2414         
2415         (AddStringifierOperationIfNeeded):
2416         Use IDLParser::cloneType as the FIXME suggested.
2417
2418         (GenerateHeader):
2419         Group call related functionality together and use new IsCallable predicate.
2420
2421         (GenerateOverloadedFunctionOrConstructor):
2422         Generalize a little bit to allow the function being overloaded to be an overloaded legacycaller.
2423
2424         (GenerateImplementation):
2425         Add call to generate the legacycaller code.
2426
2427         (GenerateLegacyCallerDefinitions):
2428         (GenerateLegacyCallerDefinition):
2429         Generate the legacycaller definition, using GenerateArgumentsCountCheck, GenerateParametersCheck
2430         and GenerateImplementationFunctionCall to do all the heavy lifting.
2431
2432         (IsCallable):
2433         Add helper predicate for both custom calls and legacycaller.
2434
2435         * bindings/scripts/IDLParser.pm:
2436         (cloneType):.
2437         (cloneArgument):.
2438         (cloneOperation):
2439         Add cloning functions for IDLArgument and IDLOperation, and make IDLType's
2440         clone feasible for calling outside the package by removing the unneeded 
2441         self parameter.
2442
2443         * bindings/scripts/test/JS/JSTestObj.cpp
2444         * bindings/scripts/test/JS/JSTestObj.h
2445         * bindings/scripts/test/TestObj.idl:
2446         Add testing of legacycaller overloading.
2447
2448         * dom/Document.cpp:
2449         (WebCore::Document::allFilteredByName):
2450         * dom/Document.h:
2451         Add new collection access for the HTMLAllNamedSubCollection.
2452
2453         * html/CachedHTMLCollection.h:
2454         (WebCore::nameShouldBeVisibleInDocumentAll):
2455         Update list of tags to match the current spec.
2456
2457         * html/CollectionType.h:
2458         Add new type for HTMLAllNamedSubCollection.
2459
2460         * html/GenericCachedHTMLCollection.cpp:
2461         (WebCore::GenericCachedHTMLCollection<traversalType>::elementMatches):
2462         Specify that DocumentAllNamedItems does not want
2463         the default elementMatches.
2464  
2465         * html/HTMLAllCollection.cpp:
2466         (WebCore::HTMLAllCollection::namedOrIndexedItemOrItems):
2467         (WebCore::HTMLAllCollection::namedItemOrItems):
2468         (WebCore::HTMLAllNamedSubCollection::~HTMLAllNamedSubCollection):
2469         (WebCore::HTMLAllNamedSubCollection::elementMatches):
2470         * html/HTMLAllCollection.h:
2471         Move implementations from the custom binding, and re-implement to
2472         match the spec. Alternate names to item/namedItem were needed to not
2473         shadow the existing ones in HTMLCollection. HTMLAllNamedSubCollection
2474         is a simple HTMLCollection that matches on a name, following the rules
2475         of document.all about which tags can have name attributes.
2476
2477         * html/HTMLAllCollection.idl:
2478         Remove custom annotations and add legacycaller which is now supported.
2479
2480         * html/HTMLCollection.cpp:
2481         (WebCore::invalidationTypeExcludingIdAndNameAttributes):
2482         (WebCore::HTMLCollection::~HTMLCollection):
2483         Add DocumentAllNamedItems.
2484
2485 2017-05-14  Zalan Bujtas  <zalan@apple.com>
2486
2487         Remove unused lambda in TextFragmentIterator::TextFragment::split() and cleanup dependencies.
2488         https://bugs.webkit.org/show_bug.cgi?id=172089
2489
2490         Reviewed by David Kilzer.
2491
2492         * rendering/SimpleLineLayout.cpp:
2493         (WebCore::SimpleLineLayout::splitFragmentToFitLine):
2494         * rendering/SimpleLineLayoutTextFragmentIterator.h:
2495         (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::split):
2496         (WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::splitWithHyphen):
2497
2498 2017-05-13  David Kilzer  <ddkilzer@apple.com>
2499
2500         Unused lambda in JSWebKitSubtleCrypto::wrapKey()
2501         <https://webkit.org/b/172087>
2502
2503         Reviewed by Chris Dumez.
2504
2505         Fixes the following warning with newer clang:
2506
2507             Source/WebCore/bindings/js/JSWebKitSubtleCryptoCustom.cpp:594:35: error: lambda capture 'keyFormat' is not used [-Werror,-Wunused-lambda-capture]
2508                 auto exportSuccessCallback = [keyFormat, algorithm, parameters, wrappingKey, wrapper](const Vector<uint8_t>& exportedKeyData) mutable {
2509                                               ^
2510
2511         * bindings/js/JSWebKitSubtleCryptoCustom.cpp:
2512         (WebCore::JSWebKitSubtleCrypto::wrapKey): Remove unused lambda.
2513
2514 2017-05-13  Eric Carlson  <eric.carlson@apple.com>
2515
2516         [MediaStream] deviceId constraint doesn't work with getUserMedia
2517         https://bugs.webkit.org/show_bug.cgi?id=171877
2518         <rdar://problem/31899730>
2519
2520         Reviewed by Jer Noble.
2521
2522         Test: fast/mediastream/get-user-media-device-id.html
2523
2524         * Modules/mediastream/MediaConstraintsImpl.h:
2525         (WebCore::MediaConstraintsData::MediaConstraintsData): Add a constructor that 
2526         takes a const MediaConstraints&.
2527
2528         * Modules/mediastream/MediaDevices.cpp:
2529         (WebCore::MediaDevices::~MediaDevices): m_deviceChangedToken is a std::optional<>.
2530         * Modules/mediastream/MediaDevices.h:
2531
2532         * Modules/mediastream/MediaDevicesEnumerationRequest.cpp:
2533         (WebCore::MediaDevicesEnumerationRequest::topLevelDocumentOrigin): Don't return
2534         NULL for the main frame so the origin matches that returned for a UserMediaRequest.
2535
2536         * Modules/mediastream/UserMediaController.h:
2537         (WebCore::UserMediaController::setDeviceIDHashSalt): Deleted, not used.
2538         (WebCore::UserMediaController::deviceIDHashSalt): Deleted, not used.
2539
2540         * Modules/mediastream/UserMediaRequest.cpp:
2541         (WebCore::UserMediaRequest::allow): Add device ID hash salt parameter, set it on
2542         constraints.
2543         * Modules/mediastream/UserMediaRequest.h:
2544
2545         * platform/mediastream/MediaConstraints.h:
2546         * platform/mediastream/RealtimeMediaSource.cpp:
2547         (WebCore::RealtimeMediaSource::fitnessDistance): ASSERT if called for DeviceId.
2548         (WebCore::RealtimeMediaSource::selectSettings): Special case DeviceId because it
2549         we have to hash the device ID before comparing, and because the DeviceId can't be
2550         changed so it should never be added to the flattened constraints.
2551         (WebCore::RealtimeMediaSource::supportsConstraints):
2552         (WebCore::RealtimeMediaSource::applyConstraints):
2553         * platform/mediastream/RealtimeMediaSource.h:
2554
2555         * platform/mediastream/RealtimeMediaSourceCenter.cpp:
2556         (WebCore::RealtimeMediaSourceCenter::validateRequestConstraints): Implement.
2557         * platform/mediastream/RealtimeMediaSourceCenter.h:
2558
2559         * platform/mediastream/RealtimeMediaSourceSupportedConstraints.cpp:
2560         (WebCore::RealtimeMediaSourceSupportedConstraints::nameForConstraint): Deleted, unused.
2561         (WebCore::RealtimeMediaSourceSupportedConstraints::constraintFromName): Deleted, unused.
2562         * platform/mediastream/RealtimeMediaSourceSupportedConstraints.h:
2563
2564         * platform/mediastream/mac/AVVideoCaptureSource.mm:
2565         * platform/mediastream/mac/RealtimeMediaSourceCenterMac.cpp:
2566         (WebCore::RealtimeMediaSourceCenterMac::bestSourcesForTypeAndConstraints): Pass device
2567         id, not empty string.
2568         (WebCore::RealtimeMediaSourceCenterMac::validateRequestConstraints): Deleted.
2569         * platform/mediastream/mac/RealtimeMediaSourceCenterMac.h:
2570
2571         * platform/mock/MockRealtimeMediaSourceCenter.cpp:
2572         (WebCore::MockRealtimeMediaSourceCenter::validateRequestConstraints): Deleted.
2573         * platform/mock/MockRealtimeMediaSourceCenter.h:
2574
2575 2017-05-13  Chris Dumez  <cdumez@apple.com>
2576
2577         Stop using RefPtr::release()
2578         https://bugs.webkit.org/show_bug.cgi?id=172074
2579
2580         Reviewed by Geoffrey Garen.
2581
2582         * css/parser/CSSPropertyParser.cpp:
2583         (WebCore::FontVariantLigaturesParser::finalizeValue):
2584         (WebCore::FontVariantNumericParser::finalizeValue):
2585         * css/parser/CSSPropertyParserHelpers.cpp:
2586         (WebCore::CSSPropertyParserHelpers::CalcParser::consumeValue):
2587         * loader/SubresourceLoader.cpp:
2588         (WebCore::SubresourceLoader::create):
2589         * loader/archive/mhtml/MHTMLArchive.cpp:
2590         (WebCore::MHTMLArchive::generateMHTMLData):
2591         * loader/archive/mhtml/MHTMLArchive.h:
2592         * loader/archive/mhtml/MHTMLParser.cpp:
2593         (WebCore::MHTMLParser::parseArchiveWithHeader):
2594         * platform/audio/ios/AudioFileReaderIOS.cpp:
2595         (WebCore::AudioFileReader::createBus):
2596         * platform/glib/SharedBufferGlib.cpp:
2597         (WebCore::SharedBuffer::createFromReadingFile):
2598         * platform/graphics/ca/win/CACFLayerTreeHost.cpp:
2599         (WebCore::CACFLayerTreeHost::create):
2600         * platform/graphics/cairo/CairoUtilities.cpp:
2601         (WebCore::copyCairoImageSurface):
2602         * platform/graphics/cairo/ImageBufferCairo.cpp:
2603         (WebCore::getImageData):
2604         * platform/graphics/gtk/IconGtk.cpp:
2605         (WebCore::Icon::createIconForFiles):
2606         * platform/graphics/win/FontCacheWin.cpp:
2607         (WebCore::FontCache::systemFallbackForCharacters):
2608         * platform/win/SharedBufferWin.cpp:
2609         (WebCore::SharedBuffer::createFromReadingFile):
2610
2611 2017-05-13  Javier Fernandez  <jfernandez@igalia.com>
2612
2613         [css-align] Implement the place-self shorthand
2614         https://bugs.webkit.org/show_bug.cgi?id=168846
2615
2616         Reviewed by Zalan Bujtas.
2617
2618         The CSS Box Alignment specification defines a new shorthand to set the
2619         Content Alignment properties (align-self and justify-self) at the
2620         same time.
2621
2622         This patch provides the implementation of the CSS parsing logic and the
2623         required regression tests.
2624
2625         Test: css3/parse-place-self.html
2626
2627         * css/CSSComputedStyleDeclaration.cpp:
2628         (WebCore::ComputedStyleExtractor::propertyValue):
2629         * css/CSSProperties.json:
2630         * css/StyleProperties.cpp:
2631         (WebCore::StyleProperties::getPropertyValue):
2632         * css/parser/CSSPropertyParser.cpp:
2633         (WebCore::CSSPropertyParser::consumePlaceSelfShorthand):
2634         (WebCore::CSSPropertyParser::parseShorthand):
2635         * css/parser/CSSPropertyParser.h:
2636
2637 2017-05-13  Commit Queue  <commit-queue@webkit.org>
2638
2639         Unreviewed, rolling out r216801.
2640         https://bugs.webkit.org/show_bug.cgi?id=172072
2641
2642         Many memory corruption crashes on worker threads (Requested by
2643         ap on #webkit).
2644
2645         Reverted changeset:
2646
2647         "WorkerRunLoop::Task::performTask() should check
2648         !scriptController->isTerminatingExecution()."
2649         https://bugs.webkit.org/show_bug.cgi?id=171775
2650         http://trac.webkit.org/changeset/216801
2651
2652 2017-05-13  Zalan Bujtas  <zalan@apple.com>
2653
2654         AccessibilityRenderObject::textUnderElement needs to assert on unclean tree.
2655         https://bugs.webkit.org/show_bug.cgi?id=172065
2656
2657         Reviewed by Simon Fraser.
2658
2659         r192103 changed the assert logic incorrectly. If the tree is dirty, regardless of the renderer's type,
2660         TextIterator will end up forcing style update/layout on the render tree.
2661         The original assert would have hit with bug 171546 prior to r216726.
2662
2663         * accessibility/AccessibilityRenderObject.cpp:
2664         (WebCore::AccessibilityRenderObject::textUnderElement):
2665
2666 2017-05-12  Simon Fraser  <simon.fraser@apple.com>
2667
2668         event.clientX/clientY should be in layout viewport coordinates
2669         https://bugs.webkit.org/show_bug.cgi?id=172018
2670
2671         Reviewed by Zalan Bujtas.
2672
2673         Fix clientX and clientY on mouse events to be relative to the layout viewport, to match
2674         getBoundingClientRect(), getClientRects() and fixed-position objects.
2675
2676         Also minor cleanup of MouseRelatedEvent to use initializers.
2677
2678         Test: fast/visual-viewport/client-coordinates-relative-to-layout-viewport.html
2679
2680         * dom/MouseRelatedEvent.cpp:
2681         (WebCore::MouseRelatedEvent::MouseRelatedEvent):
2682         (WebCore::MouseRelatedEvent::init):
2683         (WebCore::MouseRelatedEvent::initCoordinates):
2684         (WebCore::contentsScrollOffset): Deleted.
2685         * dom/MouseRelatedEvent.h:
2686
2687 2017-05-12  Sam Weinig  <sam@webkit.org>
2688
2689         [WebIDL] Remove need for custom binding for Worker constructor
2690         https://bugs.webkit.org/show_bug.cgi?id=172050
2691
2692         Reviewed by Chris Dumez.
2693
2694         * CMakeLists.txt:
2695         * WebCore.xcodeproj/project.pbxproj:
2696         * bindings/js/JSWorkerCustom.cpp: Removed.
2697         Remove JSWorkerCustom.cpp
2698
2699         * bindings/scripts/CodeGeneratorJS.pm:
2700         (GenerateCallWith):
2701         * bindings/scripts/IDLAttributes.json:
2702         Add RuntimeFlags as a new option for the ConstructorCallWith extended attribute.
2703
2704         * workers/Worker.cpp:
2705         (WebCore::Worker::create):
2706         * workers/Worker.h:
2707         Update order of arguments to appease the generator.
2708
2709         * workers/Worker.idl:
2710         Add extended attributes for the constructor.
2711
2712 2017-05-12  Simon Fraser  <simon.fraser@apple.com>
2713
2714         The rects returned by Element/Range.getClientRects() should not be rounded
2715         https://bugs.webkit.org/show_bug.cgi?id=172057
2716
2717         Reviewed by Chris Dumez.
2718
2719         Fix createDOMRectVector() to not expand the rects to integer boundaries (which
2720         quad.enclosingBoundingBox() does), but to return rects with floating point
2721         values. This matches Chrome and Firefox, and matches getBoundingClientRect(),
2722         which does not integral snap.
2723
2724         * dom/DOMRect.cpp:
2725         (WebCore::createDOMRectVector):
2726
2727 2017-05-12  Jiewen Tan  <jiewen_tan@apple.com>
2728
2729         Elements should be inserted into a template element as its content's last child
2730         https://bugs.webkit.org/show_bug.cgi?id=171373
2731         <rdar://problem/31862949>
2732
2733         Reviewed by Ryosuke Niwa.
2734
2735         Before this change, our HTML parser obeys the following premises:
2736         1) A fostering child whose parent is a table should be inserted before its parent and under its grandparent.
2737         2) When inserting into a template element, an element should be inserted into its content.
2738
2739         Let's walk through the example:
2740         a) Before eventhandler takes place
2741         template
2742         table
2743             svg <- parser
2744         b) After eventhandler takes place
2745         template
2746             table
2747                 svg <- parser
2748         c) after parsing svg
2749         template
2750             content
2751                 svg
2752                 (table)
2753             table
2754
2755         Finally, in the example, the svg element will be inserted into the content of the template element while
2756         having its next sibling point to the table element. However, the table element is actually under the
2757         template element not its content.
2758
2759         This messy tree is constructed because the second premise is incompleted. It should be: When inserting into
2760         a template element, an element should be inserted into its content as its last child.
2761         Quoted from Step 3 of https://html.spec.whatwg.org/multipage/syntax.html#appropriate-place-for-inserting-a-node
2762         A correct tree will then looks like:
2763         template
2764             content
2765                 svg
2766             table
2767
2768         Tests: fast/dom/HTMLTemplateElement/insert-fostering-child-crash.html
2769                fast/dom/HTMLTemplateElement/insert-fostering-child.html
2770
2771         * html/parser/HTMLConstructionSite.cpp:
2772         (WebCore::insert):
2773         By nullifying task.nextChild, it will force the parser to append the element as task.parent's last child.
2774
2775 2017-05-12  Alex Christensen  <achristensen@webkit.org>
2776
2777         Rename WKContentExtension to WKContentRuleList
2778         https://bugs.webkit.org/show_bug.cgi?id=172053
2779         <rdar://problem/32141005>
2780
2781         Reviewed by Geoffrey Garen.
2782
2783         Covered by existing API tests.
2784
2785         * English.lproj/Localizable.strings:
2786
2787 2017-05-12  Timothy Horton  <timothy_horton@apple.com>
2788
2789         Don't use LinkPresentation URL shortening if it's not available
2790         https://bugs.webkit.org/show_bug.cgi?id=172064
2791         <rdar://problem/32169232>
2792
2793         Rubber-stamped by Wenson Hsieh.
2794
2795         * platform/mac/DragImageMac.mm:
2796         (WebCore::LinkImageLayout::LinkImageLayout):
2797         * platform/spi/cocoa/LinkPresentationSPI.h:
2798
2799 2017-05-11  Simon Fraser  <simon.fraser@apple.com>
2800
2801         Incorrect position when dragging jQuery Draggable elements with position fixed after pinch zoom
2802         https://bugs.webkit.org/show_bug.cgi?id=171113
2803         rdar://problem/31746516
2804
2805         Reviewed by Tim Horton.
2806
2807         Make getBoundingClientRect() and getClientRects() return rects which are relative to the layout
2808         viewport, rather than the visual viewport. This goes part of the way to fixing webkit.org/b/170981,
2809         which aims to make pinch-zoom invisible to web pages ("inert visual viewport"). It fixes issues on various
2810         sites like Facebook when zoomed.
2811
2812         Factor coordinate conversion code into functions on FrameView, which now documents
2813         the various coordinate systems in a big comment. Document::adjustFloatQuadsForScrollAndAbsoluteZoomAndFrameScale()
2814         and Document::adjustFloatRectForScrollAndAbsoluteZoomAndFrameScale() are renamed and factored
2815         to use these helpers.
2816
2817         There are two behavior changes here:
2818
2819         1. FrameView::documentToClientOffset() now uses the origin of the layout viewport in the "document to client"
2820            coordinate mapping.
2821            
2822         2. The two document functions would apply the scale and offset in the wrong order. We need
2823            to first undo the effects of CSS zoom, page zoom and page scale, and then map from document
2824            to client coordinates.
2825
2826         Tests: fast/visual-viewport/client-rects-relative-to-layout-viewport.html
2827                fast/zooming/client-rects-with-css-and-page-zoom.html
2828
2829         * dom/Document.cpp:
2830         (WebCore::Document::convertAbsoluteToClientQuads):
2831         (WebCore::Document::convertAbsoluteToClientRect):
2832         (WebCore::Document::adjustFloatQuadsForScrollAndAbsoluteZoomAndFrameScale): Deleted.
2833         (WebCore::Document::adjustFloatRectForScrollAndAbsoluteZoomAndFrameScale): Deleted.
2834         * dom/Document.h:
2835         * dom/Element.cpp:
2836         (WebCore::Element::getClientRects):
2837         (WebCore::Element::getBoundingClientRect):
2838         * dom/Range.cpp:
2839         (WebCore::Range::borderAndTextQuads):
2840         * page/FrameView.cpp:
2841         (WebCore::FrameView::absoluteToDocumentScaleFactor):
2842         (WebCore::FrameView::absoluteToDocumentRect):
2843         (WebCore::FrameView::absoluteToDocumentPoint):
2844         (WebCore::FrameView::documentToClientOffset):
2845         (WebCore::FrameView::documentToClientRect):
2846         (WebCore::FrameView::documentToClientPoint):
2847         * page/FrameView.h:
2848         * platform/ScrollableArea.h: #pragma once
2849         * platform/Scrollbar.h: #pragma once
2850         * platform/Widget.h: #pragma once
2851
2852 2017-05-12  Mark Lam  <mark.lam@apple.com>
2853
2854         WorkerRunLoop::Task::performTask() should check !scriptController->isTerminatingExecution().
2855         https://bugs.webkit.org/show_bug.cgi?id=171775
2856         <rdar://problem/30975761>
2857
2858         Reviewed by Saam Barati.
2859
2860         Currently, WorkerThread::stop() calls scheduleExecutionTermination() to terminate
2861         JS execution first, followed by posting a cleanup task to the worker, and lastly,
2862         it invokes terminate() on the WorkerRunLoop.
2863
2864         As a result, before the run loop is terminated, the worker thread may observe the
2865         TerminatedExecutionException in JS code, bail out, see another JS task to run,
2866         re-enters the VM to run said JS code, and fails with an assertion due to the
2867         TerminatedExecutionException still being pending on VM entry.
2868
2869         WorkerRunLoop::Task::performTask() already has a check to only allow a task to
2870         run if and only if !runLoop.terminated() and the task is not a clean up task.
2871         We'll fix the above race by changing WorkerRunLoop::Task::performTask() to check
2872         !context->script()->isTerminatingExecution() instead of !runLoop.terminated().
2873         Since WorkerThread::stop() always scheduleExecutionTermination() before it
2874         terminates the run loop, !context->script()->isTerminatingExecution() implies
2875         !runLoop.terminated().
2876
2877         The only time that runLoop is terminated without scheduleExecutionTermination()
2878         being called is when WorkerThread::stop() is called before the WorkerThread has
2879         finished creating its WorkerGlobalScope.  In this scenario, WorkerThread::stop()
2880         will still terminate the run loop.  Hence, after the WorkerGlobalScope is created
2881         (in WorkerThread::workerThread()), we will check if the run loop has been
2882         terminated (i.e. stop() was called).  If so, we'll scheduleExecutionTermination()
2883         there, and guarantee that if runloop.terminated() is true, then
2884         context->script()->isTerminatingExecution() is also true.
2885
2886         Solutions that were considered but did not work (recorded for future reference):
2887
2888         1. In WorkerThread::stop(), call scheduleExecutionTermination() only after it
2889            posts the cleanup task and terminate the run loop.
2890
2891            This did not work because this creates a race where the worker thread may run
2892            the cleanup task before WorkerThread::stop() finishes.  As a result, the
2893            scriptController may be deleted before we get to invoke scheduleExecutionTermination()
2894            on it, thereby resulting in a use after free.
2895
2896            To make this work, we would have to change the life cycle management strategy
2897            of the WorkerScriptController.  This is a more risky change that we would
2898            want to take on at this time, and may also not be worth the gain.
2899
2900         2. Break scheduleExecutionTermination() up into 2 parts i.e. WorkerThread::stop()
2901            will:
2902            1. set the scriptControllers m_isTerminatingExecution flag before
2903               posting the cleanup task and terminating the run loop, and
2904            2. invoke VM::notifyNeedsTermination() after posting the cleanup task and
2905               terminating the run loop.
2906
2907            This requires that we protect the liveness of the VM until we can invoke
2908            notifyNeedsTermination() on it.
2909
2910            This did not work because:
2911            1. We may end up destructing the VM in WorkerThread::stop() i.e. in the main
2912               web frame, but only the worker thread holds the JS lock for the VM.
2913
2914               We can make the WorkerThread::stop() acquire the JS lock just before it
2915               releases the protected VM's RefPtr, but that would mean the main thread
2916               may be stuck waiting a bit for the worker thread to release its JSLock.
2917               This is not desirable.
2918
2919            2. In practice, changing the liveness period of the Worker VM relative to its
2920               WorkerScriptController and WorkerGlobalScope also has unexpected
2921               ramifications.  We observed many worker tests failing with assertion
2922               failures and crashes due to this change.
2923
2924            Hence, this approach is also a more risky change than it appears on the
2925            surface, and is not worth exploring at this time.
2926
2927         In the end, changing WorkerRunLoop::Task::performTask() to check for
2928         !scriptController->isTerminatingExecution() is the most straight forward solution
2929         that is easy to prove correct.
2930
2931         Also fixed a race in WorkerThread::workerThread() where it can delete the
2932         WorkerGlobalScope while WorkerThread::stop() is in the midst of accessing it.
2933         We now guard the the nullifying of m_workerGlobalScope with the
2934         m_threadCreationAndWorkerGlobalScopeMutex as well.
2935
2936         This issue is covered by an existing test that I just unskipped in TestExpectations.
2937
2938         * bindings/js/JSDOMPromiseDeferred.cpp:
2939         (WebCore::DeferredPromise::callFunction):
2940
2941         * bindings/js/WorkerScriptController.cpp:
2942         (WebCore::WorkerScriptController::scheduleExecutionTermination):
2943         - Added a check to do nothing and return early if the scriptController is already
2944           terminating execution.
2945
2946         * workers/WorkerRunLoop.cpp:
2947         (WebCore::WorkerRunLoop::runInMode):
2948         (WebCore::WorkerRunLoop::runCleanupTasks):
2949         (WebCore::WorkerRunLoop::Task::performTask):
2950
2951         * workers/WorkerRunLoop.h:
2952         - Made Task::performTask() private and make Task befriend the WorkerRunLoop class.
2953           This ensures that only the WorkerRunLoop may call performTask().
2954           Note: this change only formalizes and hardens a relationship that was already
2955           in place before this.
2956
2957         * workers/WorkerThread.cpp:
2958         (WebCore::WorkerThread::start):
2959         (WebCore::WorkerThread::workerThread):
2960         (WebCore::WorkerThread::stop):
2961         * workers/WorkerThread.h:
2962         - Renamed m_threadCreationMutex to m_threadCreationAndWorkerGlobalScopeMutex so
2963           that it more accurately describes what it guards.
2964
2965 2017-05-12  Zalan Bujtas  <zalan@apple.com>
2966
2967         [iOS WK1] Do not try to layout a subframe if its document has not been constructed yet.
2968         https://bugs.webkit.org/show_bug.cgi?id=172042
2969         <rdar://problem/32084098>
2970
2971         Reviewed by Antti Koivisto.
2972
2973         On iOS WK1 we can end up in an inconsistent state, where 
2974         1. the web thread is inside a newly injected iframe's document's c'tor and 
2975         2. waiting on a delegate callback on the main thread
2976         while the main thread
2977         1. executes a pending didLayout() task
2978         2. triggers layout on the newly injected iframe.
2979
2980         * rendering/RenderWidget.cpp:
2981         (WebCore::RenderWidget::updateWidgetPosition):
2982
2983 2017-05-11  Jiewen Tan  <jiewen_tan@apple.com>
2984
2985         Check existence of a page before accessing its plugins
2986         https://bugs.webkit.org/show_bug.cgi?id=171712
2987         <rdar://problem/32007806>
2988
2989         Reviewed by Brent Fulgham.
2990
2991         Test: plugins/navigator-plugin-crash.html
2992
2993         * plugins/DOMPlugin.cpp:
2994         (WebCore::DOMPlugin::item):
2995         (WebCore::DOMPlugin::namedItem):
2996
2997 2017-05-12  Simon Fraser  <simon.fraser@apple.com>
2998
2999         Add some logging for layer tree commits, and resize and orientation change events
3000         https://bugs.webkit.org/show_bug.cgi?id=172041
3001
3002         Reviewed by Tim Horton.
3003
3004         Add some logging that's useful during rotation investigations.
3005
3006         * dom/Document.cpp:
3007         (WebCore::Document::orientationChanged):
3008         * page/FrameView.cpp:
3009         (WebCore::FrameView::sendResizeEventIfNeeded):
3010
3011 2017-05-12  Romain Bellessort  <romain.bellessort@crf.canon.fr>
3012
3013         [Readable Streams API] Add ReadableStreamBYOBReader closed getter
3014         https://bugs.webkit.org/show_bug.cgi?id=172024
3015
3016         Reviewed by Youenn Fablet.
3017
3018         Added tests to check closed getter behaviour.
3019
3020         * Modules/streams/ReadableStreamBYOBReader.js:
3021         (closed): Implemented.
3022
3023 2017-05-12  Andreas Kling  <akling@apple.com>
3024
3025         MediaResourceLoader shouldn't keep its HTMLMediaElement alive.
3026         https://bugs.webkit.org/show_bug.cgi?id=172032
3027         <rdar://problem/30816144>
3028
3029         Reviewed by Joseph Pecoraro.
3030
3031         Use a WeakPtr<HTMLMediaElement> in MediaResourceLoader instead, since the loader
3032         is retained by a NSURLSession object we hand over to AVFoundation.
3033
3034         This prevents AVFoundation from keeping entire documents alive outside our control.
3035
3036         * html/HTMLMediaElement.cpp:
3037         (WebCore::HTMLMediaElement::HTMLMediaElement):
3038         * html/HTMLMediaElement.h:
3039         (WebCore::HTMLMediaElement::createWeakPtr):
3040         * loader/MediaResourceLoader.cpp:
3041         (WebCore::MediaResourceLoader::MediaResourceLoader):
3042         (WebCore::MediaResourceLoader::requestResource):
3043         * loader/MediaResourceLoader.h:
3044
3045 2017-05-12  Andreas Kling  <akling@apple.com>
3046
3047         Memory pressure response should only do sync bmalloc scavenge in sync mode.
3048         https://bugs.webkit.org/show_bug.cgi?id=172035
3049
3050         Reviewed by Michael Saboff.
3051
3052         Only call WTF::releaseFastMallocFreeMemory() and his threading-related friends
3053         when releaseMemory() is invoked with Synchronous::Yes, or if it's a critical
3054         pressure response (maintaining the behavior added in r215775.)
3055
3056         * page/MemoryRelease.cpp:
3057         (WebCore::releaseMemory):
3058
3059 2017-05-12  Daniel Bates  <dabates@apple.com>
3060
3061         Cleanup: Use Ref instead of RefPtr to hold DOMWrapperWorld
3062         https://bugs.webkit.org/show_bug.cgi?id=171988
3063
3064         Reviewed by Chris Dumez.
3065
3066         * bindings/js/JSCustomElementInterface.cpp:
3067         (WebCore::JSCustomElementInterface::JSCustomElementInterface):
3068         (WebCore::JSCustomElementInterface::upgradeElement):
3069         (WebCore::JSCustomElementInterface::invokeCallback):
3070         * bindings/js/JSCustomElementInterface.h:
3071         * bindings/js/JSMutationCallback.cpp:
3072         (WebCore::JSMutationCallback::JSMutationCallback):
3073         (WebCore::JSMutationCallback::call):
3074         * bindings/js/JSMutationCallback.h:
3075         * bindings/js/ScheduledAction.cpp:
3076         (WebCore::ScheduledAction::ScheduledAction):
3077         (WebCore::ScheduledAction::execute):
3078         * bindings/js/ScheduledAction.h:
3079         (WebCore::ScheduledAction::ScheduledAction):
3080         * page/DOMWindowExtension.cpp:
3081         (WebCore::DOMWindowExtension::DOMWindowExtension):
3082         * page/DOMWindowExtension.h:
3083         (WebCore::DOMWindowExtension::world):
3084
3085 2017-05-12  Daniel Bates  <dabates@apple.com>
3086
3087         Cleanup: Make QueueTaskToEventLoopFunctionPtr take JSGlobalObject&
3088         https://bugs.webkit.org/show_bug.cgi?id=172021
3089
3090         Reviewed by Mark Lam.
3091
3092         * bindings/js/JSDOMGlobalObjectTask.cpp: Include header JSDOMGlobalObject.h.
3093         (WebCore::JSGlobalObjectTask::JSGlobalObjectTask): Change type of first argument from JSDOMGlobalObject*
3094         to JSDOMGlobalObject& and update code as necessary. Also, use C++11 brace initialization syntax
3095         for member initializer list.
3096         * bindings/js/JSDOMGlobalObjectTask.h: Remove header JSDOMGlobalObject.h and forward declare
3097         JSDOMGlobalObject and JSC::Microtask.
3098         * bindings/js/JSDOMWindowBase.cpp:
3099         (WebCore::JSDOMWindowMicrotaskCallback::create):
3100         (WebCore::JSDOMWindowMicrotaskCallback::JSDOMWindowMicrotaskCallback): Change type of first argument
3101         from JSDOMWindowBase* to JSDOMWindowBase& and update code as necessary. Also, use C++11 brace
3102         initialization syntax for member initializer list.
3103         (WebCore::JSDOMWindowBase::queueTaskToEventLoop):
3104         * bindings/js/JSDOMWindowBase.h:
3105         * bindings/js/JSWorkerGlobalScopeBase.cpp:
3106         (WebCore::JSWorkerGlobalScopeBase::queueTaskToEventLoop):
3107         * bindings/js/JSWorkerGlobalScopeBase.h:
3108
3109 2017-05-12  Jer Noble  <jer.noble@apple.com>
3110
3111         [MediaStream] Streams while play while page is in background can get "stuck" when page is forgrounded.
3112         https://bugs.webkit.org/show_bug.cgi?id=172022
3113
3114         Reviewed by Youenn Fablet.
3115
3116         When an AVSampleBufferDisplayLayer is disconnected from the CA renderer, none of its samples will be decoded
3117         and enqueued for rendering. Once the layer is attached to a renderer again, it's stuffed full of samples which
3118         will never be decoded as their decode time has long passed.
3119
3120         Pass the visibility state of the element through to the MediaPlayer so that MediaPlayerPrivateMediaStreamAVFObjC
3121         can flush its renderers when going from not visible -> visible.
3122
3123         * html/HTMLMediaElement.cpp:
3124         (WebCore::HTMLMediaElement::visibilityStateChanged):
3125         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h:
3126         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
3127         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::setVisible):
3128         * rendering/RenderVideo.cpp:
3129         (WebCore::RenderVideo::updatePlayer):
3130
3131 2017-05-12  Per Arne Vollan  <pvollan@apple.com>
3132
3133         Unreviewed Windows build fix.
3134
3135         * bindings/js/JSWebGLRenderingContextCustom.cpp:
3136
3137 2017-05-12  Antti Koivisto  <antti@apple.com>
3138
3139         Updating class name of a shadow host does not update the style applied by descendants of :host()
3140         https://bugs.webkit.org/show_bug.cgi?id=170762
3141         <rdar://problem/31572668>
3142
3143         Reviewed by Ryosuke Niwa.
3144
3145         We need to invalidate shadow tree style when host classes or attributes change if it may be
3146         affected by host rules.
3147
3148         Test: fast/shadow-dom/css-scoping-host-class-and-attribute-mutation.html
3149
3150         * css/RuleSet.cpp:
3151         (WebCore::isHostSelectorMatchingInShadowTree):
3152         (WebCore::RuleSet::addRule):
3153
3154             Check if we have :host selectors that affect shadow tree.
3155
3156         * css/RuleSet.h:
3157         (WebCore::RuleSet::hasHostPseudoClassRulesMatchingInShadowTree):
3158         * style/AttributeChangeInvalidation.cpp:
3159         (WebCore::Style::mayBeAffectedByHostRules):
3160         (WebCore::Style::AttributeChangeInvalidation::invalidateStyle):
3161
3162             Invalidate the whole subtree if there is a class change that may affect shadow tree style.
3163
3164         * style/ClassChangeInvalidation.cpp:
3165         (WebCore::Style::mayBeAffectedByHostRules):
3166         (WebCore::Style::ClassChangeInvalidation::invalidateStyle):
3167         * style/IdChangeInvalidation.cpp:
3168         (WebCore::Style::mayBeAffectedByHostRules):
3169         (WebCore::Style::IdChangeInvalidation::invalidateStyle):
3170
3171             Same for classes and ids.
3172             This should be refactored at some point to reduce copy-code.
3173
3174 2017-05-12  Carlos Garcia Campos  <cgarcia@igalia.com>
3175
3176         [GTK] ASSERTION FAILED: !m_flushingLayers
3177         https://bugs.webkit.org/show_bug.cgi?id=172025
3178
3179         Reviewed by Žan Doberšek.
3180
3181         The problem is that syncImageBacking() is calling didChangeLayerState(). All sync methods are called by
3182         flushCompositingStateForThisLayerOnly() while flushing layers, so none of them should call didChange method that
3183         will schedule a new flush while flushing.
3184
3185         * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
3186         (WebCore::CoordinatedGraphicsLayer::syncImageBacking):
3187
3188 2017-05-12  Carlos Garcia Campos  <cgarcia@igalia.com>
3189
3190         [GTK] GIF images are not properly loaded the first time
3191         https://bugs.webkit.org/show_bug.cgi?id=170432
3192
3193         Reviewed by Carlos Alberto Lopez Perez.
3194
3195         When the GIF image is loaded for the first time, it's always read from the network, and the decoder is usually
3196         fetched with chunks of data. Then the data is cached in disk by the network process, so that when loaded from
3197         the cache, the whole encoded data is available to fetch the encoder. The problem is that we are failing to
3198         decode the image when giving chunks of data, that's why it only happens the first time loaded. If the first
3199         chunk of data provided is enough to get some metadata, including the size, but not frame contents, the load fails
3200         in CachedImage::addIncrementalDataBuffer() because the EncodedDataStatus reported is SizeAvailable but
3201         Image::isNull() returns true. An Image is considered to be Null when its size is empty, and the size is
3202         calculated always using the first frame in ImageFrameCache. Since we still don't have frames, the image is
3203         always Null in this case. It is not expected that EncodedDataStatus returns SizeAvailable and the image is Null,
3204         that's why it's considered an error and the load finishes with a decode error. However, the non CG ImageDecoder
3205         has a m_size member to handle this particular case, and it's when m_size is set when EncodedDataStatus changes
3206         to SizeAvailable. We should return the ImageEncoder size as the ImageSize when we have a decoder but
3207         not frames yet.
3208
3209         Test: http/tests/images/gif-progressive-load.html
3210
3211         * platform/graphics/ImageFrameCache.cpp:
3212         (WebCore::ImageFrameCache::size): Return ImageDecoder::size() without caching it, if frame list is empty.
3213
3214 2017-05-12  Per Arne Vollan  <pvollan@apple.com>
3215
3216         The iBooks application is not able to get current position.
3217         https://bugs.webkit.org/show_bug.cgi?id=171982
3218         rdar://problem/29318409
3219
3220         Reviewed by Brent Fulgham.
3221
3222         Geolocation requests from iBooks are currently blocked. Make an exemption from the policy for iBooks.
3223
3224         No new tests since we currently can't mock the iBooks application bundle ID.
3225
3226         * Modules/geolocation/Geolocation.cpp:
3227         (WebCore::isRequestFromIBooks):
3228         (WebCore::Geolocation::shouldBlockGeolocationRequests):
3229
3230 2017-05-11  Per Arne Vollan  <pvollan@apple.com>
3231
3232         Geolocation requests should not be blocked when the security origin is local.
3233         https://bugs.webkit.org/show_bug.cgi?id=171857
3234         rdar://problem/29318409
3235
3236         Reviewed by Brent Fulgham.
3237
3238         Geolocation requests from security origins where the url scheme is registered as local,
3239         should not be blocked. This applies to the file url scheme, but also to other local url
3240         schemes.
3241
3242         Test: fast/misc/geolocation-local-security-origin.html
3243
3244         * Modules/geolocation/Geolocation.cpp:
3245         (WebCore::Geolocation::shouldBlockGeolocationRequests):
3246
3247 2017-05-11  Chris Dumez  <cdumez@apple.com>
3248
3249         Drop remaining uses of PassRefPtr in WebCore
3250         https://bugs.webkit.org/show_bug.cgi?id=172013
3251
3252         Reviewed by Yusuke Suzuki.
3253
3254         * bindings/js/ScriptController.cpp:
3255         (WebCore::ScriptController::createRootObject):
3256         * bindings/js/ScriptController.h:
3257         * bindings/js/ScriptControllerMac.mm:
3258         * bridge/objc/WebScriptObject.mm:
3259         (WebCore::createJSWrapper):
3260         (-[WebScriptObject _setImp:originRootObject:rootObject:]):
3261         (-[WebScriptObject _setOriginRootObject:andRootObject:]):
3262         (-[WebScriptObject _initWithJSObject:originRootObject:rootObject:]):
3263         * bridge/objc/WebScriptObjectPrivate.h:
3264
3265 2017-05-11  Zalan Bujtas  <zalan@apple.com>
3266
3267         RenderImageResource::hasImage is redundant and RenderImageResourceStyleImage's override is incorrect.
3268         https://bugs.webkit.org/show_bug.cgi?id=172010
3269         <rdar://problem/31086735>
3270
3271         Reviewed by Simon Fraser.
3272
3273         RenderImageResourceStyleImage::hasImage() always returns true even when ::cachedImage()
3274         returns nullptr (e.g. image is pending).
3275         Remove it and use cachedImage() instead.
3276
3277         Test: fast/images/missing-content-image-crash.html
3278
3279         * html/HTMLImageElement.cpp:
3280         (WebCore::HTMLImageElement::didAttachRenderers):
3281         * rendering/RenderImage.cpp:
3282         (WebCore::RenderImage::updateIntrinsicSizeIfNeeded):
3283         (WebCore::RenderImage::isShowingMissingOrImageError):
3284         (WebCore::RenderImage::hasNonBitmapImage):
3285         (WebCore::RenderImage::paintReplaced):
3286         (WebCore::RenderImage::paintIntoRect):
3287         (WebCore::RenderImage::foregroundIsKnownToBeOpaqueInRect):
3288         * rendering/RenderImageResource.h:
3289         (WebCore::RenderImageResource::cachedImage):
3290         (WebCore::RenderImageResource::hasImage): Deleted.
3291         * rendering/RenderImageResourceStyleImage.h:
3292         * rendering/svg/RenderSVGImage.cpp:
3293         (WebCore::RenderSVGImage::paint):
3294         * svg/SVGImageElement.cpp:
3295         (WebCore::SVGImageElement::hasSingleSecurityOrigin):
3296         (WebCore::SVGImageElement::didAttachRenderers):
3297
3298 2017-05-11  Zalan Bujtas  <zalan@apple.com>
3299
3300         AX: Defer text changes until after the tree is clean if needed.
3301         https://bugs.webkit.org/show_bug.cgi?id=171546
3302         <rdar://problem/31934942>
3303
3304         Reviewed by Simon Fraser.
3305
3306         While updating an accessibility object state, we might
3307         trigger unintentional style updates. This style update could
3308         end up destroying renderes that are still referenced by functions
3309         on the callstack.
3310         To avoid that, defer such changes and let AXObjectCache operate on a clean tree.         
3311
3312         Test: accessibility/crash-when-render-tree-is-not-clean.html
3313
3314         * accessibility/AXObjectCache.cpp:
3315         (WebCore::AXObjectCache::remove):
3316         (WebCore::AXObjectCache::handleAttributeChanged):
3317         (WebCore::AXObjectCache::labelChanged):
3318         (WebCore::AXObjectCache::performDeferredCacheUpdate):
3319         (WebCore::AXObjectCache::deferRecomputeIsIgnored):
3320         (WebCore::AXObjectCache::deferTextChangedIfNeeded):
3321         (WebCore::AXObjectCache::recomputeDeferredIsIgnored): Deleted.
3322         (WebCore::AXObjectCache::deferTextChanged): Deleted.
3323         * accessibility/AXObjectCache.h: Decouple different type of changes.
3324         (WebCore::AXObjectCache::deferRecomputeIsIgnored):
3325         (WebCore::AXObjectCache::deferTextChangedIfNeeded):
3326         (WebCore::AXObjectCache::recomputeDeferredIsIgnored): Deleted.
3327         (WebCore::AXObjectCache::deferTextChanged): Deleted.
3328         * rendering/RenderBlock.cpp:
3329         (WebCore::RenderBlock::deleteLines):
3330         * rendering/RenderBlockLineLayout.cpp:
3331         (WebCore::RenderBlockFlow::createAndAppendRootInlineBox):
3332         * rendering/RenderText.cpp:
3333         (WebCore::RenderText::setText):
3334
3335 2017-05-11  Chris Dumez  <cdumez@apple.com>
3336
3337         Drop remaining uses of PassRefPtr under platform/
3338         https://bugs.webkit.org/show_bug.cgi?id=172007
3339
3340         Reviewed by Geoffrey Garen.
3341
3342         * platform/graphics/wpe/ImageWPE.cpp:
3343         (WebCore::Image::loadPlatformResource):
3344         * platform/ios/LegacyTileGrid.h:
3345         * platform/ios/LegacyTileGrid.mm:
3346         (WebCore::LegacyTileGrid::tileForIndex):
3347         (WebCore::LegacyTileGrid::tileForPoint):
3348         * platform/ios/LegacyTileGridTile.h:
3349         (WebCore::LegacyTileGridTile::create):
3350         * platform/mediastream/RTCIceCandidateDescriptor.cpp:
3351         (WebCore::RTCIceCandidateDescriptor::create):
3352         * platform/mediastream/RTCIceCandidateDescriptor.h:
3353         * platform/mediastream/RTCPeerConnectionHandlerClient.h:
3354         * platform/mediastream/RTCSessionDescriptionDescriptor.cpp:
3355         (WebCore::RTCSessionDescriptionDescriptor::create):
3356         * platform/mediastream/RTCSessionDescriptionDescriptor.h:
3357         * platform/mediastream/RTCSessionDescriptionRequest.h:
3358         (WebCore::RTCSessionDescriptionRequest::extraData):
3359         (WebCore::RTCSessionDescriptionRequest::setExtraData):
3360         * platform/mediastream/RealtimeMediaSourceCenter.h:
3361         * platform/mediastream/mac/RealtimeMediaSourceCenterMac.h:
3362         * platform/mediastream/openwebrtc/RealtimeMediaSourceCenterOwr.cpp:
3363         (WebCore::RealtimeMediaSourceCenterOwr::firstSource):
3364         * platform/mediastream/openwebrtc/RealtimeMediaSourceCenterOwr.h:
3365         * platform/mock/DeviceOrientationClientMock.cpp:
3366         (WebCore::DeviceOrientationClientMock::setOrientation):
3367         * platform/mock/DeviceOrientationClientMock.h:
3368         * platform/mock/GeolocationClientMock.cpp:
3369         (WebCore::GeolocationClientMock::setPosition):
3370         * platform/mock/GeolocationClientMock.h:
3371         * platform/mock/RTCNotifiersMock.cpp:
3372         (WebCore::SessionRequestNotifier::SessionRequestNotifier):
3373         (WebCore::SessionRequestNotifier::fire):
3374         (WebCore::VoidRequestNotifier::VoidRequestNotifier):
3375         * platform/mock/RTCNotifiersMock.h:
3376         * platform/mock/TimerEventBasedMock.h:
3377         (WebCore::TimerEventBasedMock::removeEvent):
3378         (WebCore::TimerEvent::TimerEvent):
3379         (WebCore::TimerEvent::timerFired):
3380         * platform/mock/mediasource/MockMediaSourcePrivate.cpp:
3381         (WebCore::MockSourceBufferPrivateHasAudio):
3382         (WebCore::MockSourceBufferPrivateHasVideo):
3383         * platform/wpe/RenderThemeWPE.h:
3384
3385 2017-05-11  Carlos Alberto Lopez Perez  <clopez@igalia.com>
3386
3387         [WPE] Stop using PassRefPtr in platform/graphics/wpe
3388         https://bugs.webkit.org/show_bug.cgi?id=171977
3389
3390         Unreviewed build fix after r216702.
3391
3392         * platform/graphics/wpe/ImageWPE.cpp:
3393         (WebCore::Image::loadPlatformResource):
3394
3395 2017-05-11  Youenn Fablet  <youenn@apple.com>
3396
3397         [iOS] Unset active media capture source when stopped capturing
3398         https://bugs.webkit.org/show_bug.cgi?id=171815
3399         <rdar://problem/32117885>
3400
3401         Reviewed by Eric Carlson.
3402
3403         Test: platform/ios/mediastream/getUserMedia-single-capture.html
3404
3405         Introducing SingleSourceFactory template class to be used by capture factories for iOS.
3406         This class ensures that only one source is active at a time.
3407         Update all capture sources accordingly.
3408         Ensure sources are no longer considered as active sources when being destroyed.
3409         Add support for mock sources and introducing m_isProducingData for them as well.
3410
3411         Update WebRTC outgoing source classes to handle the case of replaced track and resetting the enabled/mute
3412         state according the new source.
3413
3414         Update the way we handle timestamps for audio data. We now consider that we read/write as a flow.
3415         This allows smooth audio track replacing.
3416
3417         * platform/mediastream/RealtimeMediaSource.h:
3418         * platform/mediastream/mac/AVAudioCaptureSource.mm:
3419         (WebCore::AVAudioCaptureSource::~AVAudioCaptureSource):
3420         (WebCore::AVAudioCaptureSourceFactory::setActiveSource): Deleted.
3421         * platform/mediastream/mac/AVVideoCaptureSource.mm:
3422         (WebCore::AVVideoCaptureSource::~AVVideoCaptureSource):
3423         (WebCore::AVVideoCaptureSourceFactory::setActiveSource): Deleted.
3424         * platform/mediastream/mac/CoreAudioCaptureSource.cpp:
3425         (WebCore::CoreAudioCaptureSource::~CoreAudioCaptureSource):
3426         (WebCore::CoreAudioCaptureSource::stopProducingData):
3427         (WebCore::CoreAudioCaptureSourceFactory::setActiveSource): Deleted.
3428         * platform/mediastream/mac/RealtimeOutgoingAudioSource.cpp:
3429         (WebCore::RealtimeOutgoingAudioSource::setSource):
3430         (WebCore::RealtimeOutgoingAudioSource::audioSamplesAvailable):
3431         (WebCore::RealtimeOutgoingAudioSource::pullAudioData):
3432         * platform/mediastream/mac/RealtimeOutgoingAudioSource.h:
3433         * platform/mediastream/mac/RealtimeOutgoingVideoSource.cpp:
3434         (WebCore::RealtimeOutgoingVideoSource::setSource):
3435         (WebCore::RealtimeOutgoingVideoSource::sourceMutedChanged):
3436         (WebCore::RealtimeOutgoingVideoSource::sourceEnabledChanged):
3437         * platform/mock/MockRealtimeAudioSource.cpp:
3438         (WebCore::mockAudioCaptureSourceFactory):
3439         (WebCore::MockRealtimeAudioSource::factory):
3440         (WebCore::MockRealtimeAudioSource::~MockRealtimeAudioSource):
3441         (WebCore::MockRealtimeAudioSource::startProducingData):
3442         (WebCore::MockRealtimeAudioSource::stopProducingData):
3443         * platform/mock/MockRealtimeAudioSource.h:
3444         * platform/mock/MockRealtimeVideoSource.cpp:
3445         (WebCore::mockVideoCaptureSourceFactory):
3446         (WebCore::MockRealtimeVideoSource::factory):
3447         (WebCore::MockRealtimeVideoSource::~MockRealtimeVideoSource):
3448         (WebCore::MockRealtimeVideoSource::startProducingData):
3449         (WebCore::MockRealtimeVideoSource::stopProducingData):
3450         * platform/mock/MockRealtimeVideoSource.h:
3451         (WebCore::MockRealtimeVideoSource::~MockRealtimeVideoSource): Deleted.
3452
3453 2017-05-11  Timothy Horton  <timothy_horton@apple.com>
3454
3455         Fix the iOS build
3456
3457         * platform/spi/mac/NSSpellCheckerSPI.h:
3458
3459 2017-05-11  Matt Lewis  <jlewis3@apple.com>
3460
3461         Unreviewed, rolling out r216677.
3462
3463         Patch caused layout test crashes.
3464
3465         Reverted changeset:
3466
3467         "WorkerThread::stop() should call
3468         scheduleExecutionTermination() last."
3469         https://bugs.webkit.org/show_bug.cgi?id=171775
3470         http://trac.webkit.org/changeset/216677
3471
3472 2017-05-11  Don Olmstead  <don.olmstead@am.sony.com>
3473
3474         [CMake] Add HAVE check for regex.h
3475         https://bugs.webkit.org/show_bug.cgi?id=171950
3476
3477         Reviewed by Michael Catanzaro.
3478
3479         No new tests. No change in behavior.
3480
3481         * WebCorePrefix.h:
3482         * testing/js/WebCoreTestSupportPrefix.h:
3483
3484 2017-05-11  Tim Horton  <timothy_horton@apple.com>
3485
3486         Mail spins launching spell checker when typing
3487         https://bugs.webkit.org/show_bug.cgi?id=171986
3488         <rdar://problem/26305327>
3489
3490         Reviewed by Beth Dakin.
3491
3492         * platform/spi/mac/NSSpellCheckerSPI.h:
3493
3494 2017-05-11  Chris Dumez  <cdumez@apple.com>
3495
3496         Stop using PassRefPtr in platform/graphics
3497         https://bugs.webkit.org/show_bug.cgi?id=171977
3498
3499         Reviewed by Alex Christensen.
3500
3501         Stop using PassRefPtr in platform/graphics.
3502
3503         * css/CSSCrossfadeValue.cpp:
3504         (WebCore::CSSCrossfadeValue::image):
3505         * css/CSSFilterImageValue.cpp:
3506         (WebCore::CSSFilterImageValue::image):
3507         * loader/cache/CachedImage.cpp:
3508         (WebCore::CachedImage::brokenImage):
3509         (WebCore::CachedImage::image):
3510         (WebCore::CachedImage::imageForRenderer):
3511         * page/PageSerializer.cpp:
3512         (WebCore::PageSerializer::addImageToResources):
3513         * platform/ScrollView.cpp:
3514         (WebCore::ScrollView::paintPanScrollIcon):
3515         * platform/graphics/CrossfadeGeneratedImage.cpp:
3516         (WebCore::CrossfadeGeneratedImage::drawCrossfade):
3517         * platform/graphics/FontPlatformData.h:
3518         * platform/graphics/GraphicsContext.h:
3519         * platform/graphics/Image.cpp:
3520         (WebCore::Image::nullImage):
3521         * platform/graphics/Image.h:
3522         * platform/graphics/MediaPlayer.cpp:
3523         (WebCore::MediaPlayer::createResourceLoader):
3524         * platform/graphics/MediaPlayer.h:
3525         * platform/graphics/Pattern.cpp:
3526         (WebCore::Pattern::create):
3527         (WebCore::Pattern::Pattern):
3528         * platform/graphics/Pattern.h:
3529         * platform/graphics/PlatformTextTrack.h:
3530         (WebCore::PlatformTextTrack::create):
3531         (WebCore::PlatformTextTrack::createOutOfBand):
3532         (WebCore::PlatformTextTrack::captionMenuOffItem):
3533         (WebCore::PlatformTextTrack::captionMenuAutomaticItem):
3534         * platform/graphics/avfoundation/InbandMetadataTextTrackPrivateAVF.cpp:
3535         (WebCore::InbandMetadataTextTrackPrivateAVF::create):
3536         (WebCore::InbandMetadataTextTrackPrivateAVF::addDataCue):
3537         * platform/graphics/avfoundation/InbandMetadataTextTrackPrivateAVF.h:
3538         * platform/graphics/avfoundation/InbandTextTrackPrivateAVF.cpp:
3539         (WebCore::InbandTextTrackPrivateAVF::processAttributedStrings):
3540         * platform/graphics/avfoundation/MediaSelectionGroupAVFObjC.h:
3541         * platform/graphics/avfoundation/MediaSelectionGroupAVFObjC.mm:
3542         (WebCore::MediaSelectionOptionAVFObjC::create):
3543         (WebCore::MediaSelectionGroupAVFObjC::create):
3544         (WebCore::MediaSelectionGroupAVFObjC::updateOptions):
3545         * platform/graphics/avfoundation/cf/InbandTextTrackPrivateAVCF.h:
3546         (WebCore::InbandTextTrackPrivateAVCF::create):
3547         * platform/graphics/avfoundation/cf/InbandTextTrackPrivateLegacyAVCF.h:
3548         (WebCore::InbandTextTrackPrivateLegacyAVCF::create):
3549         * platform/graphics/avfoundation/cf/WebCoreAVCFResourceLoader.cpp:
3550         (WebCore::WebCoreAVCFResourceLoader::create):
3551         * platform/graphics/avfoundation/cf/WebCoreAVCFResourceLoader.h:
3552         * platform/graphics/avfoundation/objc/CDMSessionAVContentKeySession.h:
3553         * platform/graphics/avfoundation/objc/CDMSessionAVContentKeySession.mm:
3554         (WebCore::CDMSessionAVContentKeySession::generateKeyReleaseMessage):
3555         * platform/graphics/avfoundation/objc/CDMSessionAVStreamSession.h:
3556         * platform/graphics/avfoundation/objc/CDMSessionAVStreamSession.mm:
3557         (WebCore::CDMSessionAVStreamSession::generateKeyReleaseMessage):
3558         * platform/graphics/avfoundation/objc/InbandTextTrackPrivateAVFObjC.h:
3559         (WebCore::InbandTextTrackPrivateAVFObjC::create):
3560         * platform/graphics/avfoundation/objc/InbandTextTrackPrivateLegacyAVFObjC.h:
3561         (WebCore::InbandTextTrackPrivateLegacyAVFObjC::create):
3562         * platform/graphics/avfoundation/objc/OutOfBandTextTrackPrivateAVF.h:
3563         (WebCore::OutOfBandTextTrackPrivateAVF::create):
3564         * platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.h:
3565         * platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.mm:
3566         (WebCore::WebCoreAVFResourceLoader::create):
3567         * platform/graphics/ca/GraphicsLayerCA.cpp:
3568         (WebCore::GraphicsLayerCA::createPlatformCALayer):
3569         (WebCore::GraphicsLayerCA::createPlatformCAAnimation):
3570         (WebCore::GraphicsLayerCA::setContentsToPlatformLayer):
3571         (WebCore::GraphicsLayerCA::replicatedLayerRoot):
3572         (WebCore::GraphicsLayerCA::createAnimationFromKeyframes):
3573         (WebCore::GraphicsLayerCA::appendToUncommittedAnimations):
3574         (WebCore::GraphicsLayerCA::createBasicAnimation):
3575         (WebCore::GraphicsLayerCA::createKeyframeAnimation):
3576         (WebCore::GraphicsLayerCA::createSpringAnimation):
3577         * platform/graphics/ca/GraphicsLayerCA.h:
3578         (WebCore::GraphicsLayerCA::LayerPropertyAnimation::LayerPropertyAnimation):
3579         * platform/graphics/ca/PlatformCAAnimation.h:
3580         * platform/graphics/ca/cocoa/PlatformCAAnimationCocoa.h:
3581         * platform/graphics/ca/cocoa/PlatformCAAnimationCocoa.mm:
3582         (PlatformCAAnimationCocoa::create):
3583         (PlatformCAAnimationCocoa::copy):
3584         * platform/graphics/ca/win/AbstractCACFLayerTreeHost.h:
3585         * platform/graphics/ca/win/CACFLayerTreeHost.cpp:
3586         (WebCore::CACFLayerTreeHost::create):
3587         (WebCore::CACFLayerTreeHost::addPendingAnimatedLayer):
3588         * platform/graphics/ca/win/CACFLayerTreeHost.h:
3589         * platform/graphics/ca/win/PlatformCAAnimationWin.cpp:
3590         (PlatformCAAnimationWin::create):
3591         (PlatformCAAnimationWin::copy):
3592         * platform/graphics/ca/win/PlatformCAAnimationWin.h:
3593         * platform/graphics/ca/win/PlatformCALayerWin.cpp:
3594         (PlatformCALayerWin::addAnimationForKey):
3595         * platform/graphics/ca/win/WKCACFViewLayerTreeHost.cpp:
3596         (WebCore::WKCACFViewLayerTreeHost::create):
3597         * platform/graphics/ca/win/WKCACFViewLayerTreeHost.h:
3598         * platform/graphics/cairo/PatternCairo.cpp:
3599         (WebCore::Pattern::createPlatformPattern):
3600         * platform/graphics/cairo/PlatformContextCairo.cpp:
3601         (WebCore::PlatformContextCairo::clipForPatternFilling):
3602         * platform/graphics/cg/PDFDocumentImage.h:
3603         * platform/graphics/cg/PatternCG.cpp:
3604         (WebCore::Pattern::createPlatformPattern):
3605         * platform/graphics/filters/FEDiffuseLighting.cpp:
3606         (WebCore::FEDiffuseLighting::FEDiffuseLighting):
3607         (WebCore::FEDiffuseLighting::create):
3608         (WebCore::FEDiffuseLighting::lightSource):
3609         * platform/graphics/filters/FEDiffuseLighting.h:
3610         * platform/graphics/filters/FELighting.cpp:
3611         (WebCore::FELighting::FELighting):
3612         (WebCore::FELighting::drawLighting):
3613         * platform/graphics/filters/FELighting.h:
3614         * platform/graphics/filters/FESpecularLighting.cpp:
3615         (WebCore::FESpecularLighting::FESpecularLighting):
3616         (WebCore::FESpecularLighting::create):
3617         (WebCore::FESpecularLighting::lightSource):
3618         * platform/graphics/filters/FESpecularLighting.h:
3619         * platform/graphics/filters/FETile.cpp:
3620         (WebCore::FETile::platformApplySoftware):
3621         * platform/graphics/filters/FilterEffect.cpp:
3622         (WebCore::FilterEffect::asUnmultipliedImage):
3623         (WebCore::FilterEffect::asPremultipliedImage):
3624         * platform/graphics/filters/FilterEffect.h:
3625         * platform/graphics/filters/FilterOperation.cpp:
3626         (WebCore::ReferenceFilterOperation::setFilterEffect):
3627         (WebCore::BasicColorMatrixFilterOperation::blend):
3628         (WebCore::BasicComponentTransferFilterOperation::blend):
3629         (WebCore::BlurFilterOperation::blend):
3630         (WebCore::DropShadowFilterOperation::blend):
3631         * platform/graphics/filters/FilterOperation.h:
3632         (WebCore::FilterOperation::blend):
3633         (WebCore::PassthroughFilterOperation::create):
3634         (WebCore::ReferenceFilterOperation::create):
3635         * platform/graphics/gpu/Texture.cpp:
3636         (WebCore::Texture::create):
3637         * platform/graphics/gpu/Texture.h:
3638         * platform/graphics/gstreamer/AudioTrackPrivateGStreamer.h:
3639         * platform/graphics/gstreamer/ImageGStreamer.h:
3640         (WebCore::ImageGStreamer::createImage):
3641         (WebCore::ImageGStreamer::image):
3642         * platform/graphics/gstreamer/InbandMetadataTextTrackPrivateGStreamer.h:
3643         (WebCore::InbandMetadataTextTrackPrivateGStreamer::create):
3644         (WebCore::InbandMetadataTextTrackPrivateGStreamer::addGenericCue):
3645         * platform/graphics/gstreamer/InbandTextTrackPrivateGStreamer.h:
3646         (WebCore::InbandTextTrackPrivateGStreamer::create):
3647         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
3648         (WebCore::MediaPlayerPrivateGStreamer::processTableOfContentsEntry):
3649         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
3650         (WebCore::MediaPlayerPrivateGStreamerBase::paint):
3651         * platform/graphics/gstreamer/VideoTrackPrivateGStreamer.h:
3652         * platform/graphics/gstreamer/mse/MediaSourceClientGStreamerMSE.cpp:
3653         (WebCore::MediaSourceClientGStreamerMSE::enqueueSample):
3654         * platform/graphics/gstreamer/mse/MediaSourceClientGStreamerMSE.h:
3655         * platform/graphics/gstreamer/mse/MediaSourceGStreamer.cpp:
3656         * platform/graphics/gstreamer/mse/PlaybackPipeline.cpp:
3657         (WebCore::PlaybackPipeline::enqueueSample):
3658         * platform/graphics/gstreamer/mse/PlaybackPipeline.h:
3659         * platform/graphics/gtk/ImageGtk.cpp:
3660         (WebCore::loadImageFromGResource):
3661         (WebCore::loadResourceSharedBuffer):
3662         (WebCore::loadMissingImageIconFromTheme):
3663         (WebCore::Image::loadPlatformResource):
3664         * platform/graphics/harfbuzz/HarfBuzzFace.cpp:
3665         (WebCore::FaceCacheEntry::create):
3666         * platform/graphics/harfbuzz/HarfBuzzFace.h:
3667         (WebCore::HarfBuzzFace::create):
3668         * platform/graphics/mac/ImageMac.mm:
3669         (WebCore::Image::loadPlatformResource):
3670         * platform/graphics/opentype/OpenTypeMathData.h:
3671         (WebCore::OpenTypeMathData::create):
3672         * platform/graphics/texmap/BitmapTexture.h:
3673         (WebCore::BitmapTexture::applyFilters):
3674         * platform/graphics/texmap/BitmapTextureGL.cpp:
3675         (WebCore::BitmapTextureGL::applyFilters):
3676         * platform/graphics/texmap/BitmapTextureGL.h:
3677         (WebCore::BitmapTextureGL::FilterInfo::FilterInfo):
3678         * platform/graphics/texmap/GraphicsLayerTextureMapper.cpp:
3679         (WebCore::GraphicsLayerTextureMapper::commitLayerChanges):
3680         * platform/graphics/texmap/TextureMapper.cpp:
3681         (WebCore::TextureMapper::acquireTextureFromPool):
3682         * platform/graphics/texmap/TextureMapper.h:
3683         * platform/graphics/texmap/TextureMapperGL.cpp:
3684         (WebCore::TextureMapperGL::createTexture):
3685         * platform/graphics/texmap/TextureMapperGL.h:
3686         * platform/graphics/texmap/TextureMapperLayer.cpp:
3687         (WebCore::TextureMapperLayer::paintIntoSurface):
3688         (WebCore::commitSurface):
3689         (WebCore::TextureMapperLayer::paintWithIntermediateSurface):
3690         (WebCore::TextureMapperLayer::setBackingStore):
3691         * platform/graphics/texmap/TextureMapperLayer.h:
3692         * platform/graphics/texmap/TextureMapperTiledBackingStore.h:
3693         (WebCore::TextureMapperTiledBackingStore::create):
3694         * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
3695         (WebCore::CoordinatedGraphicsLayer::syncImageBacking):
3696         * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:
3697         * platform/graphics/texmap/coordinated/CoordinatedImageBacking.cpp:
3698         (WebCore::CoordinatedImageBacking::create):
3699         (WebCore::CoordinatedImageBacking::CoordinatedImageBacking):
3700         * platform/graphics/texmap/coordinated/CoordinatedImageBacking.h:
3701         * platform/graphics/win/ImageWin.cpp:
3702         (WebCore::Image::loadPlatformResource):
3703         * platform/graphics/win/MediaPlayerPrivateFullscreenWindow.cpp:
3704         (WebCore::MediaPlayerPrivateFullscreenWindow::setRootChildLayer):
3705         * platform/graphics/win/MediaPlayerPrivateFullscreenWindow.h:
3706         * platform/graphics/win/PatternDirect2D.cpp:
3707         (WebCore::Pattern::createPlatformPattern):
3708         * platform/graphics/win/SharedGDIObject.h:
3709         (WebCore::SharedGDIObject::create):
3710         * rendering/FilterEffectRenderer.cpp:
3711         (WebCore::FilterEffectRenderer::build):
3712         * rendering/RenderImageResource.cpp:
3713         (WebCore::RenderImageResource::image):
3714         * rendering/RenderLayer.cpp:
3715         (WebCore::RenderLayer::drawPlatformResizerImage):
3716         * rendering/svg/RenderSVGResourcePattern.cpp:
3717         (WebCore::RenderSVGResourcePattern::buildPattern):
3718         * svg/SVGFEDiffuseLightingElement.cpp:
3719         (WebCore::SVGFEDiffuseLightingElement::setFilterEffectAttribute):
3720         (WebCore::SVGFEDiffuseLightingElement::build):
3721         * svg/SVGFESpecularLightingElement.cpp:
3722         (WebCore::SVGFESpecularLightingElement::setFilterEffectAttribute):
3723         (WebCore::SVGFESpecularLightingElement::build):
3724         * svg/graphics/SVGImageCache.cpp:
3725         (WebCore::SVGImageCache::imageForRenderer):
3726
3727 2017-05-11  Joseph Pecoraro  <pecoraro@apple.com>
3728
3729         Remove Vibration API
3730         https://bugs.webkit.org/show_bug.cgi?id=171766
3731
3732         Rubber-stamped by Alexey Proskuryakov.
3733
3734         * features.json:
3735         Mark the Vibration API as removed.
3736
3737         * CMakeLists.txt:
3738         * DerivedSources.cpp:
3739         * Modules/vibration/NavigatorVibration.cpp: Removed.
3740         * Modules/vibration/NavigatorVibration.h: Removed.
3741         * Modules/vibration/NavigatorVibration.idl: Removed.
3742         * Modules/vibration/Vibration.cpp: Removed.
3743         * Modules/vibration/Vibration.h: Removed.
3744         * Modules/vibration/VibrationClient.h: Removed.
3745         * testing/Internals.cpp:
3746         (WebCore::Internals::isVibrating): Deleted.
3747         * testing/Internals.h:
3748         * testing/Internals.idl:
3749
3750 2017-05-11  Dean Jackson  <dino@apple.com>
3751
3752         WebGLRenderingContext should implement WebGLRenderingContextBase
3753         https://bugs.webkit.org/show_bug.cgi?id=171961
3754         <rdar://problem/32124920>
3755
3756         Reviewed by Sam Weinig.
3757
3758         WebGLRenderingContext and WebGL2RenderingContext are both
3759         defined to "implement" WebGLRenderingContextBase. However, we
3760         were doing it via inheritance, which meant that some things
3761         were not visible on the WebGLRenderingContext prototype.
3762
3763         Test: fast/canvas/webgl/constants-on-interface.html
3764
3765         * WebCore.xcodeproj/project.pbxproj: Move the Custom.cpp files
3766         out of the GC-only area now they have real content.
3767
3768         * bindings/js/JSDocumentCustom.cpp: Handle the fact that we
3769         don't use the base class from the bindings, so we need to
3770         translate WebGL1 and WebGL2 contexts into the right JS classes.
3771         (WebCore::JSDocument::getCSSCanvasContext):
3772         * bindings/js/JSHTMLCanvasElementCustom.cpp:
3773         (WebCore::JSHTMLCanvasElement::getContext):
3774
3775         * bindings/js/JSWebGL2RenderingContextCustom.cpp: Implement the
3776         custom methods. In this case, we don't yet expose any
3777         extensions for WebGL 2.
3778         (WebCore::toJS):
3779         (WebCore::JSWebGL2RenderingContext::getExtension):
3780
3781         * bindings/js/JSWebGLRenderingContextBaseCustom.cpp: Removed.
3782
3783         * bindings/js/JSWebGLRenderingContextCustom.cpp:
3784         (WebCore::toJS):
3785         (WebCore::JSWebGLRenderingContext::getExtension):
3786
3787         * html/canvas/WebGL2RenderingContext.h: Make some things public.
3788         * html/canvas/WebGLRenderingContext.h: Ditto.
3789
3790         * html/canvas/WebGL2RenderingContext.idl: Use implements.
3791         * html/canvas/WebGLRenderingContext.idl: Ditto.
3792
3793         * testing/Internals.cpp: This now takes a WebGLRenderingContext.
3794         (WebCore::Internals::simulateWebGLContextChanged):
3795         * testing/Internals.h:
3796         * testing/Internals.idl:
3797
3798 2017-05-11  Andy Estes  <aestes@apple.com>
3799
3800         Fix a spelling mistake in ApplePayErrorCode
3801         https://bugs.webkit.org/show_bug.cgi?id=171981
3802         <rdar://problem/32136567>
3803
3804         Reviewed by Beth Dakin.
3805
3806         * Modules/applepay/ApplePayError.idl:
3807         * Modules/applepay/PaymentRequest.h:
3808
3809 2017-05-11  John Wilander  <wilander@apple.com>
3810
3811         Resource Load Statistics: Enable configuration through preferences
3812         https://bugs.webkit.org/show_bug.cgi?id=171949
3813         <rdar://problem/31894518>
3814
3815         Reviewed by Alex Christensen.
3816
3817         No new tests. Just an added setter.
3818
3819         * loader/ResourceLoadObserver.cpp:
3820         (WebCore::ResourceLoadObserver::setReducedTimestampResolution):
3821
3822 2017-05-11  Frederic Wang  <fwang@igalia.com>
3823
3824         Unify hasTouchScrollableOverflow/needsCompositedScrolling concepts
3825         https://bugs.webkit.org/show_bug.cgi?id=171974
3826
3827         Reviewed by Simon Fraser.
3828
3829         This commit moves the following pattern in a single RenderLayer::usesAcceleratedScrolling function:
3830         #if PLATFORM(IOS)
3831         ...hasTouchScrollableOverflow()...
3832         #else
3833         ...needsCompositedScrolling()...
3834         #endif
3835
3836         No new tests, behavior unchanged.
3837
3838         * rendering/RenderLayer.cpp:
3839         (WebCore::RenderLayer::usesAcceleratedScrolling): Introduce helper function.
3840         * rendering/RenderLayer.h: Declare the function.
3841         * rendering/RenderLayerBacking.cpp:
3842         (WebCore::layerOrAncestorIsTransformedOrUsingCompositedScrolling): Use the new function.
3843         (WebCore::RenderLayerBacking::updateConfiguration): Ditto.
3844         * rendering/RenderLayerCompositor.cpp:
3845         (WebCore::useCoordinatedScrollingForLayer): Ditto.
3846
3847 2017-05-11  Romain Bellessort  <romain.bellessort@crf.canon.fr>
3848
3849         [Readable Streams API] Implement ReadableStreamBYOBReader cancel()
3850         https://bugs.webkit.org/show_bug.cgi?id=171919
3851
3852         Reviewed by Youenn Fablet.
3853
3854         Implemented ReadableStreamBYOBReader cancel() method.
3855
3856         Added tests checking cancel().
3857
3858         * Modules/streams/ReadableStreamBYOBReader.js:
3859         (cancel): Implemented.
3860         * Modules/streams/ReadableStreamInternals.js:
3861         (readableStreamError): Updated to support ReadableStreamBYOBReader case.
3862
3863 2017-05-11  Chris Dumez  <cdumez@apple.com>
3864
3865         Stop using PassRefPtr in WebGPU code
3866         https://bugs.webkit.org/show_bug.cgi?id=171965
3867
3868         Reviewed by Alex Christensen.
3869
3870         Stop using PassRefPtr in WebGPU code.
3871
3872         * html/canvas/WebGPUDrawable.cpp:
3873         (WebCore::WebGPUDrawable::WebGPUDrawable):
3874         * html/canvas/WebGPURenderingContext.cpp:
3875         (WebCore::WebGPURenderingContext::create):
3876         (WebCore::WebGPURenderingContext::WebGPURenderingContext):
3877         * html/canvas/WebGPURenderingContext.h:
3878         * html/canvas/WebGPUTexture.cpp:
3879         (WebCore::WebGPUTexture::createFromDrawableTexture):
3880         (WebCore::WebGPUTexture::WebGPUTexture):
3881         * html/canvas/WebGPUTexture.h:
3882
3883 2017-05-11  Youenn Fablet  <youenn@apple.com>
3884
3885         Name WebRTC Threads
3886         https://bugs.webkit.org/show_bug.cgi?id=171975
3887
3888         Reviewed by Eric Carlson.
3889
3890         No change of behavior.
3891
3892         * platform/mediastream/libwebrtc/LibWebRTCAudioModule.cpp:
3893         (WebCore::LibWebRTCAudioModule::LibWebRTCAudioModule): Setting audio module thread name.
3894         * platform/mediastream/libwebrtc/LibWebRTCProvider.cpp:
3895         (WebCore::initializePeerConnectionFactoryAndThreads): Setting signaling and networking thread names.
3896
3897 2017-05-11  Chris Dumez  <cdumez@apple.com>
3898
3899         Stop using PassRefPtr in platform/audio
3900         https://bugs.webkit.org/show_bug.cgi?id=171966
3901
3902         Reviewed by Ryosuke Niwa.
3903
3904         Stop using PassRefPtr in platform/audio.
3905
3906         * platform/audio/AudioBus.h:
3907         (WebCore::AudioBus::AudioBus):
3908         * platform/audio/AudioFileReader.h:
3909         * platform/audio/HRTFDatabaseLoader.cpp:
3910         (WebCore::HRTFDatabaseLoader::createAndLoadAsynchronouslyIfNecessary):
3911         * platform/audio/HRTFDatabaseLoader.h:
3912         * platform/audio/HRTFKernel.cpp:
3913         (WebCore::HRTFKernel::createInterpolatedKernel):
3914         * platform/audio/HRTFKernel.h:
3915         (WebCore::HRTFKernel::create):
3916         * platform/audio/glib/AudioBusGLib.cpp:
3917         (WebCore::AudioBus::loadPlatformResource):
3918         * platform/audio/gstreamer/AudioFileReaderGStreamer.cpp:
3919         (WebCore::AudioFileReader::createBus):
3920         (WebCore::createBusFromAudioFile):
3921         (WebCore::createBusFromInMemoryAudioFile):
3922         * platform/audio/ios/AudioFileReaderIOS.cpp:
3923         (WebCore::AudioFileReader::createBus):
3924         (WebCore::createBusFromAudioFile):
3925         (WebCore::createBusFromInMemoryAudioFile):
3926         * platform/audio/ios/AudioFileReaderIOS.h:
3927         * platform/audio/mac/AudioBusMac.mm:
3928         (WebCore::AudioBus::loadPlatformResource):
3929         * platform/audio/mac/AudioFileReaderMac.cpp:
3930         (WebCore::AudioFileReader::createBus):
3931         (WebCore::createBusFromAudioFile):
3932         (WebCore::createBusFromInMemoryAudioFile):
3933         * platform/audio/mac/AudioFileReaderMac.h:
3934
3935 2017-05-11  Mark Lam  <mark.lam@apple.com>
3936
3937         WorkerThread::stop() should call scheduleExecutionTermination() last.
3938         https://bugs.webkit.org/show_bug.cgi?id=171775
3939         <rdar://problem/30975761>
3940
3941         Reviewed by Geoffrey Garen.
3942
3943         Currently, WorkerThread::stop() calls scheduleExecutionTermination() to terminate
3944         JS execution first, followed by posting a cleanup task to the worker, and lastly,
3945         it invokes terminate() on the WorkerRunLoop.
3946
3947         As a result, before run loop is terminate, the worker thread may observe the
3948         TerminatedExecutionException in JS code, bail out, see another JS task to run,
3949         re-enters the VM to run said JS code, and fails with an assertion due to the
3950         TerminatedExecutionException still being pending on VM entry.
3951
3952         WorkerRunLoop::Task::performTask() already has a check to only allow a task to
3953         run if and only if !runLoop.terminated() and the task is not a clean up task.
3954         We'll fix the above race by ensuring that having WorkerThread::stop() terminate
3955         the run loop before it scheduleExecutionTermination() which throws the
3956         TerminatedExecutionException.  This way, by the time JS code unwinds out of the
3957         VM due to the TerminatedExecutionException, runLoop.terminated() is guaranteed
3958         to be true and thereby prevents re-entry into the VM.
3959
3960         This issue is covered by an existing test that I just unskipped in TestExpectations.
3961
3962         * bindings/js/JSDOMPromiseDeferred.cpp:
3963         (WebCore::DeferredPromise::callFunction):
3964         * workers/WorkerThread.cpp:
3965         (WebCore::WorkerThread::stop):
3966
3967 2017-05-11  Chris Dumez  <cdumez@apple.com>
3968
3969         Drop custom bindings code for HTMLFormControlsCollection's named property getter
3970         https://bugs.webkit.org/show_bug.cgi?id=171964
3971
3972         Reviewed by Sam Weinig.
3973
3974         Drop custom bindings code for HTMLFormControlsCollection's named property getter as
3975         we are able to generate it.
3976
3977         No new tests, no expected Web-facing behavior change.
3978
3979         * CMakeLists.txt:
3980         * WebCore.xcodeproj/project.pbxproj:
3981         * bindings/js/JSBindingsAllInOne.cpp:
3982         * bindings/js/JSHTMLFormControlsCollectionCustom.cpp: Removed.
3983         *