6444060f26034d5d013de31dff3e27aaf6b46d1b
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2016-10-14  Carlos Garcia Campos  <cgarcia@igalia.com>
2
3         MemoryPressureHandler shouldn't know how to release WebCore memory
4         https://bugs.webkit.org/show_bug.cgi?id=160497
5
6         Reviewed by Michael Catanzaro.
7
8         All processes should set their own low memory handler, instead of leaving the web process using the default one
9         that needs to access APIs that are not in platform layer. This patch fixes all the layering violations in the
10         MemoryPressureHandler. Since the default implementation, that releases the WebCore memory, is shared by the
11         WebProcess in WebKit2 and WebKit1 ports, it has been moved to its own file to the WebCore layer.
12
13         * CMakeLists.txt: Add new files to compilation.
14         * PlatformMac.cmake: Ditto.
15         * WebCore.xcodeproj/project.pbxproj: Ditto.
16         * loader/FrameLoader.cpp:
17         (WebCore::FrameLoader::commitProvisionalLoad): Use WebCore::jettisonExpensiveObjectsOnTopLevelNavigation().
18         * page/MemoryRelease.cpp: Added.
19         (WebCore::releaseNoncriticalMemory):
20         (WebCore::releaseCriticalMemory):
21         (WebCore::releaseMemory):
22         (WebCore::platformReleaseMemory):
23         (WebCore::jettisonExpensiveObjectsOnTopLevelNavigation):
24         (WebCore::registerMemoryReleaseNotifyCallbacks):
25         * page/MemoryRelease.h: Added.
26         * page/cocoa/MemoryReleaseCocoa.mm: Added.
27         (WebCore::platformReleaseMemory):
28         (WebCore::jettisonExpensiveObjectsOnTopLevelNavigation):
29         (WebCore::registerMemoryReleaseNotifyCallbacks):
30         * platform/MemoryPressureHandler.cpp:
31         (WebCore::MemoryPressureHandler::MemoryPressureHandler):
32         (WebCore::MemoryPressureHandler::beginSimulatedMemoryPressure):
33         (WebCore::MemoryPressureHandler::releaseMemory): Use the current handler if it has been set.
34         (WebCore::MemoryPressureHandler::platformReleaseMemory): Deleted.
35         * platform/MemoryPressureHandler.h:
36         (WebCore::MemoryPressureHandler::setLowMemoryHandler):
37         (WebCore::MemoryPressureHandler::m_releaseMemoryBlock):
38         * platform/cocoa/MemoryPressureHandlerCocoa.mm:
39         (WebCore::MemoryPressureHandler::respondToMemoryPressure): Call releaseMemory() instead of using the handler directly.
40         (WebCore::MemoryPressureHandler::platformReleaseMemory): Deleted.
41         * platform/linux/MemoryPressureHandlerLinux.cpp:
42         * platform/win/MemoryPressureHandlerWin.cpp:
43         (WebCore::MemoryPressureHandler::respondToMemoryPressure): Call releaseMemory() instead of using the handler directly.
44
45 2016-11-08  Sergio Villar Senin  <svillar@igalia.com>
46
47         [css-grid] Fix fr tracks sizing under min|max-size constraints
48         https://bugs.webkit.org/show_bug.cgi?id=150674
49
50         Reviewed by Darin Adler.
51
52         The min|max-sizes must be used to compute the flex fraction for indefinite free
53         spaces. According to the spec "If using this flex fraction would cause the grid to be
54         smaller than the grid container’s min-width/height (or larger than the grid container’s
55         max-width/height), then redo this step, treating the free space as definite and the
56         available grid space as equal to the grid container’s content box size when it’s sized to
57         its min-width/height (max-width/height)."
58
59         This only affects indefinite heights because during layout both definite sizes and any kind
60         of widths are properly constrained by min|max-width restrictions.
61
62         Tests: fast/css-grid-layout/flex-sizing-columns-min-max-width.html
63                fast/css-grid-layout/flex-sizing-rows-min-max-height.html
64
65         * rendering/RenderGrid.cpp:
66         (WebCore::RenderGrid::computeUsedBreadthOfGridTracks):
67         (WebCore::RenderGrid::computeFlexSizedTracksGrowth):
68         * rendering/RenderGrid.h:
69
70 2016-11-10  Alejandro G. Castro  <alex@igalia.com>
71
72         [WebRTC] [OpenWebRTC] RTX default parameters broken after r207952
73         https://bugs.webkit.org/show_bug.cgi?id=164541
74
75         Reviewed by Philippe Normand.
76
77         Fixed typo in refactoring.
78
79         * platform/mediastream/openwebrtc/MediaEndpointOwr.cpp:
80         (WebCore::MediaEndpointOwr::getDefaultVideoPayloads):
81
82 2016-11-08  Philippe Normand  <pnormand@igalia.com>
83
84         [WebRTC] white-list turns urls from the RTCConfiguration
85         https://bugs.webkit.org/show_bug.cgi?id=164506
86
87         Reviewed by Alejandro G. Castro.
88
89         * Modules/mediastream/RTCConfiguration.cpp:
90         (WebCore::validateIceServerURL): Add the turns URL scheme to the
91         list of supported relay and signaling server protocols.
92
93 2016-11-09  Joseph Pecoraro  <pecoraro@apple.com>
94
95         Web Inspector: DebuggerManager.Event.Resumed introduces test flakiness
96         https://bugs.webkit.org/show_bug.cgi?id=161951
97         <rdar://problem/28295767>
98
99         Reviewed by Brian Burg.
100
101         Covered by existing tests that would ASSERT otherwise.
102
103         * inspector/InspectorClient.cpp:
104         (WebCore::InspectorClient::doDispatchMessageOnFrontendPage):
105         When paused on an exception in the inspected page and evaluating
106         commands in the inspector frontend page (which evaluates JavaScript)
107         we ASSERT when entering the Global DOM VM with an existing exception.
108         This makes it so when we evaluate JavaScript in the frontend we
109         suspend / ignore the state of the VM for the inspected page, and
110         restore it when we return from the inspector.
111
112 2016-11-09  Joseph Pecoraro  <pecoraro@apple.com>
113
114         Web Inspector: Associate Worker Resources with the Worker and not the Page
115         https://bugs.webkit.org/show_bug.cgi?id=164342
116         <rdar://problem/29075775>
117
118         Reviewed by Timothy Hatcher.
119
120         Test: inspector/worker/resources-in-worker.html
121
122         Provide a way to associate an initiator identifier with a ResourceRequest.
123         This will allow Web Inspector to identify who started particular resource
124         loads. This is important to associate Worker(...), importScript(...), and
125         XMLHttpRequest / Fetch loads with that specific Worker.
126
127         * platform/network/ResourceRequestBase.cpp:
128         (WebCore::ResourceRequestBase::setAsIsolatedCopy):
129         * platform/network/ResourceRequestBase.h:
130         (WebCore::ResourceRequestBase::initiatorIdentifier):
131         (WebCore::ResourceRequestBase::setInitiatorIdentifier):
132         Optional initiator identifier. Currently used only be Web Inspector.
133
134         * dom/ScriptExecutionContext.h:
135         (WebCore::ScriptExecutionContext::resourceRequestIdentifier):
136         Non-page execution contexts, like WorkerGlobalScope, should provide
137         a unique identifier that may be used to distinguish loads initiated
138         from within that context.
139
140         * xml/XMLHttpRequest.cpp:
141         (WebCore::XMLHttpRequest::createRequest):
142         * Modules/fetch/FetchLoader.cpp:
143         (WebCore::FetchLoader::start):
144         * Modules/fetch/FetchRequest.cpp:
145         (WebCore::FetchRequest::initializeWith):
146         XHR / Fetch loads should include the ScriptExecutionContext's
147         initiator identifier.
148
149         * workers/WorkerScriptLoader.cpp:
150         (WebCore::WorkerScriptLoader::WorkerScriptLoader):
151         (WebCore::WorkerScriptLoader::loadSynchronously):
152         (WebCore::WorkerScriptLoader::loadAsynchronously):
153         (WebCore::WorkerScriptLoader::createResourceRequest):
154         * workers/WorkerScriptLoader.h:
155         Provide a way to provide initiator identifier information for
156         Worker script loads. Currently this is `new Worker(...)` and
157         `importScripts(...)` resource loads.
158
159         * workers/Worker.cpp:
160         (WebCore::Worker::Worker):
161         (WebCore::Worker::create):
162         * workers/Worker.h:
163         * workers/WorkerGlobalScope.cpp:
164         (WebCore::WorkerGlobalScope::WorkerGlobalScope):
165         (WebCore::WorkerGlobalScope::importScripts):
166         * workers/WorkerGlobalScope.h:
167         Give Worker itself the unique identifier, because `new Worker(...)`
168         loads happen before the WorkerGlobalScript (ScriptExecutionContext)
169         is actually created, but we want to associate it with this Worker.
170
171         * workers/DedicatedWorkerGlobalScope.cpp:
172         (WebCore::DedicatedWorkerGlobalScope::create):
173         (WebCore::DedicatedWorkerGlobalScope::DedicatedWorkerGlobalScope):
174         * workers/DedicatedWorkerGlobalScope.h:
175         * workers/DedicatedWorkerThread.cpp:
176         (WebCore::DedicatedWorkerThread::DedicatedWorkerThread):
177         (WebCore::DedicatedWorkerThread::createWorkerGlobalScope):
178         * workers/DedicatedWorkerThread.h:
179         * workers/WorkerInspectorProxy.cpp:
180         (WebCore::WorkerInspectorProxy::WorkerInspectorProxy):
181         * workers/WorkerInspectorProxy.h:
182         * workers/WorkerMessagingProxy.cpp:
183         (WebCore::WorkerMessagingProxy::WorkerMessagingProxy):
184         (WebCore::WorkerMessagingProxy::startWorkerGlobalScope):
185         * workers/WorkerThread.cpp:
186         (WebCore::WorkerThreadStartupData::WorkerThreadStartupData):
187         (WebCore::WorkerThread::WorkerThread):
188         (WebCore::WorkerThread::workerThread):
189         * workers/WorkerThread.h:
190         Pass the MainThread's Worker identifier through to the WorkerGlobalScope
191         created on the WorkerThread. They should be the same identifier.
192
193         * inspector/InspectorNetworkAgent.cpp:
194         (WebCore::InspectorNetworkAgent::willSendRequest):
195         * inspector/InspectorPageAgent.cpp:
196         (WebCore::InspectorPageAgent::buildObjectForFrameTree):
197         Pass the initiator identifier data to the frontend. This identifier is
198         equivalent to a "target identifier" in the frontend. Currently the only
199         non-Page targets are Workers.
200
201         * loader/cache/CachedResourceLoader.cpp:
202         (WebCore::CachedResourceLoader::shouldContinueAfterNotifyingLoadedFromMemoryCache):
203         When using the memory cache we create a new resource request. Be sure
204         to copy over useful inspector data, like the initiator identifier,
205         from the original request.
206
207         * platform/network/cf/ResourceRequestCFNet.cpp:
208         (WebCore::ResourceRequest::updateFromDelegatePreservingOldProperties):
209         When rebuilding a ResourceRequest from NSURLRequest, copy over the
210         initiator identifier property that wouldn't otherwise have survived
211         the transition.
212
213 2016-11-09  Brady Eidson  <beidson@apple.com>
214
215         IndexedDB 2.0: Clean up some exception ordering.
216         https://bugs.webkit.org/show_bug.cgi?id=164566
217
218         Reviewed by Alex Christensen.
219
220         No new tests (Covered by existing tests).
221
222         * Modules/indexeddb/IDBCursor.cpp:
223         (WebCore::IDBCursor::advance):
224         (WebCore::IDBCursor::continueFunction):
225
226         * Modules/indexeddb/IDBObjectStore.cpp:
227         (WebCore::IDBObjectStore::createIndex):
228
229 2016-11-09  Alex Christensen  <achristensen@webkit.org>
230
231         Unreviewed, rolling out r208438.
232
233         crashes
234
235         Reverted changeset:
236
237         "[WK2][NETWORK_SESSION] Add support for downloading file
238         backed blobs"
239         https://bugs.webkit.org/show_bug.cgi?id=164458
240         http://trac.webkit.org/changeset/208438
241
242 2016-11-09  Said Abou-Hallawa  <sabouhallawa@apple.com>
243
244         Change the decoding for some animated images to be asynchronous
245         https://bugs.webkit.org/show_bug.cgi?id=161566
246
247         Reviewed by Simon Fraser.
248
249         Tests: fast/images/slower-animation-than-decoding-image.html
250                fast/images/slower-decoding-than-animation-image.html
251                fast/images/stopped-animation-deleted-image.html
252                
253         Request the next frame before firing the animation timer. The asynchronous
254         image decoding work queue notifies the BitmapImage when the frame finishes
255         decoding. If the timer fires before the frame is decoded, no repaint will
256         be requested. Only when the image frame is ready, the animation will be
257         advanced and the image will be repainted.
258
259         * loader/cache/CachedImage.cpp:
260         (WebCore::CachedImage::load): Cache the image settings in CachedImage.
261         (WebCore::CachedImage::createImage): No need to pass allowSubsampling to BitmapImage. It can be retrieved through Image::imageObserver().
262         (WebCore::CachedImage::changedInRect): Change the parameter to notifyObservers() to be a pointer.
263         * loader/cache/CachedImage.h: Cache the settings: allowSubsampling, allowAsyncImageDecoding and showDebugBackground through m_loader.
264         * platform/graphics/BitmapImage.cpp:
265         (WebCore::BitmapImage::dataChanged): Fix a logging message.
266         (WebCore::BitmapImage::draw): Store the current SubsamplingLevel to be used when requesting decoding the image of the next frame.
267         Draw a debug rectangle if the next frame is missed because it is being decoded and the setting showDebugBackground is on.
268         (WebCore::BitmapImage::startAnimation): Deleted. Moved to the header file.
269         (WebCore::BitmapImage::internalStartAnimation): Added. Request asynchronous image decoding for the next frame if required. Return the
270         result of starting the animation.
271         (WebCore::BitmapImage::advanceAnimation): Call internalAdvanceAnimation() if the frame image is not being decoded. If it is being decoded
272         and the setting showDebugBackground is on, force repaint so the debug rectangle is drawn.
273         (WebCore::BitmapImage::internalAdvanceAnimation): This is the old body of advanceAnimation().
274         (WebCore::BitmapImage::stopAnimation): Stop the asynchronous image decoding if it is started.
275         (WebCore::BitmapImage::newFrameNativeImageAvailableAtIndex): This function is called from the async image decoding work queue when finishing decoding a native image frame.
276         * platform/graphics/BitmapImage.h:
277         (WebCore::BitmapImage::startAnimation): Added. It is now calls internalStartAnimation().
278         * platform/graphics/Color.h: Define a constant for the yellow color.
279         * platform/graphics/ImageFrameCache.cpp:
280         (WebCore::ImageFrameCache::clearMetadata): Delete unreferenced member.
281         (WebCore::ImageFrameCache::requestFrameAsyncDecodingAtIndex): Return true if the frame is requested for async decoding.
282         * platform/graphics/ImageFrameCache.h:
283         * platform/graphics/ImageObserver.h:  Add virtual functions for allowSubsampling, allowAsyncImageDecoding and showDebugBackground.
284         * platform/graphics/ImageSource.cpp:
285         (WebCore::ImageSource::maximumSubsamplingLevel): Move checking allowSubsampling() to the caller BitmapImage::draw().
286         * platform/graphics/ImageSource.h: Remove the setting allowSubsampling(); it can be retrieved from imageObserver().
287         (WebCore::ImageSource::setAllowSubsampling): Deleted.
288         * rendering/RenderImageResource.cpp:
289         (WebCore::RenderImageResource::shutdown): Stop the animation of an image when shutting down the resource.
290         * rendering/RenderImageResourceStyleImage.cpp:
291         (WebCore::RenderImageResourceStyleImage::shutdown): Ditto.
292         svg/graphics/SVGImageClients.h: Change the parameter to ImageObserver::changedInRect() to be a pointer.
293         (WebCore::SVGImageChromeClient::invalidateContentsAndRootView):
294         * testing/Internals.cpp:
295         (WebCore::Internals::setImageFrameDecodingDuration): Sets a fixed frame decoding duration for testing.
296         * testing/Internals.h:
297         * testing/Internals.idl: Adds an internal option for ImageFrameDecodingDuration.
298
299 2016-11-04  Brent Fulgham  <bfulgham@apple.com>
300
301         Local HTML should be blocked from localStorage access unless "Disable Local File Restrictions" is checked
302         https://bugs.webkit.org/show_bug.cgi?id=155185
303         <rdar://problem/11101440>
304
305         Reviewed by Brady Eidson.
306
307         Add a new quirk for localStorage that defaults to 'on'. When active, this quirk says that
308         localStorage access should be granted, without needing to grant universal file access.
309
310         If the quirk is turned off, then localStorage is blocked unless the WebKit client explicitly
311         grants universal file access.
312
313         Tests: storage/domstorage/localstorage/blocked-file-access-permitted-by-quirk.html
314                storage/domstorage/localstorage/blocked-file-access.html
315
316         * dom/Document.cpp:
317         (WebCore::Document::initSecurityContext): Set localStorage quirk mode based on settings.
318         * page/SecurityOrigin.cpp:
319         (WebCore::SecurityOrigin::SecurityOrigin): Use more C++11 initializers.
320         (WebCore::SecurityOrigin::canAccessStorage): If the origin is a local file, and we are NOT in
321         localStorage quirks mode, and we have not been granted universal file access, prevent access
322         to DOM localStorage.
323         (WebCore::SecurityOrigin::setNeedsLocalStorageQuirk): Added.
324         * page/SecurityOrigin.h:
325         (WebCore::SecurityOrigin::needsLocalStorageQuirk): Added.
326         * page/Settings.in:
327         * workers/WorkerGlobalScope.cpp:
328         (WebCore::WorkerGlobalScope::WorkerGlobalScope): Make sure Workers know what the
329         localStorage quirks mode is set to.
330
331 2016-11-09  Alex Christensen  <achristensen@webkit.org>
332
333         URLParser should not consider path of URLs with no host to start at the first slash after the colon
334         https://bugs.webkit.org/show_bug.cgi?id=164555
335
336         Reviewed by Tim Horton.
337
338         When we see a url that is only scheme:// we treated the // as the path.  Firefox did this with unrecognized schemes,
339         but based on https://github.com/whatwg/url/issues/148 they seem willing to change.  We had added similar behavior to
340         URL::parse, and I added this to URLParser in r206783 which this effectively reverts.
341
342         Covered by API and layout tests.
343
344         * platform/URLParser.cpp:
345         (WebCore::URLParser::parse):
346         Don't move m_userStart to m_pathStart back by two when we see an empty host.
347
348 2016-11-09  Alex Christensen  <achristensen@webkit.org>
349
350         Simplify logic of SecurityOrigin::databaseIdentifier
351         https://bugs.webkit.org/show_bug.cgi?id=164565
352
353         Reviewed by Brady Eidson.
354
355         No change in behavior.
356
357         SecurityOrigins with the file scheme need a special database identifier to be backwards-compatible with existing storage.
358         Instead of determining whether this is a file SecurityOrigin at parsing time and only using that information when
359         making the database identifier, just determine whether we need this quirk when making the database identifier.
360         I'm planning to move this logic to SecurityOriginData in another patch.
361
362         * page/SecurityOrigin.cpp:
363         (WebCore::SecurityOrigin::SecurityOrigin):
364         (WebCore::SecurityOrigin::create):
365         (WebCore::SecurityOrigin::databaseIdentifier):
366         * page/SecurityOrigin.h:
367
368 2016-11-09  Jaehun Lim  <ljaehun.lim@samsung.com>
369
370         Unreviewed, build fix after r208460
371
372         isValidColorString() was renamed isValidSimpleColorString().
373
374         * html/ColorInputType.cpp:
375         (WebCore::ColorInputType::suggestions):
376
377 2016-11-09  Anders Carlsson  <andersca@apple.com>
378
379         Fix STP build.
380
381         * WebCorePrefix.h:
382
383 2016-11-09  Simon Fraser  <simon.fraser@apple.com>
384
385         Implement visual-viewport based position:fixed handling for Mac async scrolling
386         https://bugs.webkit.org/show_bug.cgi?id=164495
387
388         Reviewed by Tim Horton.
389
390         Educate the scrolling tree about visual and layout viewports. This is runtime-switchable,
391         so we push the enable flag to via the root state node, then push the layout viewport,
392         and the min/max scroll position that contstrain it, through frame state nodes.
393
394         When a scroll happens, we compute a new layout viewport when the visual viewport hits
395         an edge, and push that down through setScrollLayerPosition() since it's used to position
396         fixed and sticky layers.
397
398         When the main thread gets notified about an async scroll, we set the new layout viewport
399         on the FrameView, but do so in such a way that does not trigger layout. This is OK because
400         we do a RenderLayer update which udpates all the layoutViewport-dependent state, and is
401         necessary to avoid repaints every main thread update.
402
403         The iOS code is made to compile, but not work yet.
404
405         Tests: compositing/tiling/visiblerect-accumulated-offset.html
406                fast/visual-viewport/tiled-drawing/zoomed-fixed-scrolled-down-then-up.html
407                fast/visual-viewport/tiled-drawing/zoomed-fixed-scrolled-down.html
408                fast/visual-viewport/tiled-drawing/zoomed-fixed-scrolling-layers-state.html
409
410         * page/FrameView.cpp:
411         (WebCore::FrameView::setLayoutViewportOrigin):
412         (WebCore::FrameView::updateLayoutViewport):
413         (WebCore::FrameView::visualViewportRect):
414         (WebCore::FrameView::unscaledMinimumScrollPosition):
415         (WebCore::FrameView::scrollPositionChanged):
416         * page/FrameView.h:
417         * page/scrolling/AsyncScrollingCoordinator.cpp:
418         (WebCore::AsyncScrollingCoordinator::frameViewLayoutUpdated):
419         (WebCore::AsyncScrollingCoordinator::requestScrollPositionUpdate):
420         (WebCore::AsyncScrollingCoordinator::scheduleUpdateScrollPositionAfterAsyncScroll):
421         (WebCore::AsyncScrollingCoordinator::updateScrollPositionAfterAsyncScrollTimerFired):
422         (WebCore::AsyncScrollingCoordinator::updateScrollPositionAfterAsyncScroll):
423         (WebCore::AsyncScrollingCoordinator::visualViewportEnabled):
424         * page/scrolling/AsyncScrollingCoordinator.h:
425         (WebCore::AsyncScrollingCoordinator::ScheduledScrollUpdate::ScheduledScrollUpdate):
426         * page/scrolling/ScrollingStateFrameScrollingNode.cpp:
427         (WebCore::ScrollingStateFrameScrollingNode::ScrollingStateFrameScrollingNode):
428         (WebCore::ScrollingStateFrameScrollingNode::setLayoutViewport):
429         (WebCore::ScrollingStateFrameScrollingNode::setMinLayoutViewportOrigin):
430         (WebCore::ScrollingStateFrameScrollingNode::setMaxLayoutViewportOrigin):
431         (WebCore::ScrollingStateFrameScrollingNode::setVisualViewportEnabled):
432         (WebCore::ScrollingStateFrameScrollingNode::dumpProperties):
433         * page/scrolling/ScrollingStateFrameScrollingNode.h:
434         * page/scrolling/ScrollingTree.cpp:
435         (WebCore::ScrollingTree::viewportChangedViaDelegatedScrolling):
436         (WebCore::ScrollingTree::scrollPositionChangedViaDelegatedScrolling):
437         (WebCore::ScrollingTree::commitTreeState):
438         * page/scrolling/ScrollingTree.h:
439         (WebCore::ScrollingTree::visualViewportEnabled):
440         (WebCore::ScrollingTree::setVisualViewportEnabled):
441         * page/scrolling/ScrollingTreeFrameScrollingNode.cpp:
442         (WebCore::ScrollingTreeFrameScrollingNode::commitStateBeforeChildren):
443         (WebCore::ScrollingTreeFrameScrollingNode::layoutViewportForScrollPosition):
444         * page/scrolling/ScrollingTreeFrameScrollingNode.h:
445         (WebCore::ScrollingTreeFrameScrollingNode::layoutViewport):
446         (WebCore::ScrollingTreeFrameScrollingNode::minLayoutViewportOrigin):
447         (WebCore::ScrollingTreeFrameScrollingNode::maxLayoutViewportOrigin):
448         * page/scrolling/ScrollingTreeScrollingNode.cpp:
449         (WebCore::ScrollingTreeScrollingNode::setScrollPositionWithoutContentEdgeConstraints):
450         * page/scrolling/ScrollingTreeScrollingNode.h:
451         * page/scrolling/ThreadedScrollingTree.cpp:
452         (WebCore::ThreadedScrollingTree::scrollingTreeNodeDidScroll):
453         * page/scrolling/ThreadedScrollingTree.h:
454         * page/scrolling/ios/ScrollingTreeFrameScrollingNodeIOS.h:
455         * page/scrolling/ios/ScrollingTreeFrameScrollingNodeIOS.mm:
456         (WebCore::ScrollingTreeFrameScrollingNodeIOS::setScrollPositionWithoutContentEdgeConstraints):
457         (WebCore::ScrollingTreeFrameScrollingNodeIOS::setScrollLayerPosition):
458         * page/scrolling/ios/ScrollingTreeIOS.cpp:
459         (WebCore::ScrollingTreeIOS::scrollingTreeNodeDidScroll):
460         * page/scrolling/ios/ScrollingTreeIOS.h:
461         * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.h:
462         * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:
463         (WebCore::ScrollingTreeFrameScrollingNodeMac::setScrollPositionWithoutContentEdgeConstraints):
464         (WebCore::ScrollingTreeFrameScrollingNodeMac::setScrollLayerPosition):
465
466 2016-11-09  Brady Eidson  <beidson@apple.com>
467
468         IndexedDB 2.0: W3C test IndexedDB/idbtransaction_objectStoreNames.html fails.
469         https://bugs.webkit.org/show_bug.cgi?id=164528
470
471         Reviewed by Alex Christensen.
472
473         No new tests (Covered by existing test).
474
475         * Modules/indexeddb/IDBDatabase.cpp:
476         (WebCore::IDBDatabase::transaction): De-dupe the input names.
477
478 2016-11-09  Brady Eidson  <beidson@apple.com>
479
480         IndexedDB 2.0: Implement new IDBCursor.continuePrimaryKey function.
481         https://bugs.webkit.org/show_bug.cgi?id=164404
482
483         Reviewed by Alex Christensen.
484
485         Tests: storage/indexeddb/modern/idbcursor-continue-primary-key-1-private.html
486                storage/indexeddb/modern/idbcursor-continue-primary-key-1.html
487                Also covered by existing tests.
488
489         * Modules/indexeddb/IDBCursor.cpp:
490         (WebCore::IDBCursor::continuePrimaryKey):
491         (WebCore::IDBCursor::uncheckedIterateCursor):
492         * Modules/indexeddb/IDBCursor.h:
493         * Modules/indexeddb/IDBCursor.idl:
494
495         * Modules/indexeddb/IDBKeyData.h:
496         (WebCore::IDBKeyData::operator>):
497         (WebCore::IDBKeyData::operator<=):
498         (WebCore::IDBKeyData::operator>=):
499
500         * Modules/indexeddb/server/MemoryCursor.h:
501
502         * Modules/indexeddb/server/MemoryIDBBackingStore.cpp:
503         (WebCore::IDBServer::MemoryIDBBackingStore::iterateCursor):
504
505         * Modules/indexeddb/server/MemoryIndexCursor.cpp:
506         (WebCore::IDBServer::MemoryIndexCursor::iterate):
507         * Modules/indexeddb/server/MemoryIndexCursor.h:
508
509         * Modules/indexeddb/server/MemoryObjectStoreCursor.cpp:
510         (WebCore::IDBServer::MemoryObjectStoreCursor::iterate):
511         * Modules/indexeddb/server/MemoryObjectStoreCursor.h:
512
513         * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:
514         (WebCore::IDBServer::SQLiteIDBBackingStore::iterateCursor):
515
516         * Modules/indexeddb/server/SQLiteIDBCursor.cpp:
517         (WebCore::IDBServer::SQLiteIDBCursor::iterate):
518         * Modules/indexeddb/server/SQLiteIDBCursor.h:
519
520         * Modules/indexeddb/shared/IDBIterateCursorData.cpp:
521         (WebCore::IDBIterateCursorData::isolatedCopy):
522         * Modules/indexeddb/shared/IDBIterateCursorData.h:
523         (WebCore::IDBIterateCursorData::encode):
524         (WebCore::IDBIterateCursorData::decode):
525
526 2016-11-09  Antoine Quint  <graouts@apple.com>
527
528         [Modern Media Controls] Media Controller: set status label according to media state
529         https://bugs.webkit.org/show_bug.cgi?id=164557
530         <rdar://problem/29184097>
531
532         Reviewed by Dean Jackson.
533
534         Correctly set the StatusLabel text based on the media loading and network state.
535
536         Tests: http/tests/media/modern-media-controls/status-support/status-support-live-broadcast.html
537                http/tests/media/modern-media-controls/status-support/status-support-loading.html
538                media/modern-media-controls/status-support/status-support-error.html
539
540         * Modules/modern-media-controls/js-files:
541         * Modules/modern-media-controls/media/media-controller.js:
542         (MediaController):
543         * Modules/modern-media-controls/media/status-support.js: Added.
544         (StatusSupport.prototype.get control):
545         (StatusSupport.prototype.get mediaEvents):
546         (StatusSupport.prototype.syncControl):
547         (StatusSupport):
548         * WebCore.xcodeproj/project.pbxproj:
549
550 2016-11-09  Zalan Bujtas  <zalan@apple.com>
551
552         No need to set setFlowThreadState on RenderText in createTextRenderer.
553         https://bugs.webkit.org/show_bug.cgi?id=164559
554
555         Reviewed by Antti Koivisto.
556
557        setFlowThreadState in create*Renderer ensures that by the time we issue the initial call to
558        styleWillChange/styleDidChange through initializeStyle, the state is already set.
559        However since RenderText does not have its own style, it's sufficient to have the flow state set
560        through the normal RenderElement::insertChildInternal code path.
561
562         No change in functionality.
563
564         * style/RenderTreeUpdater.cpp:
565         (WebCore::createTextRenderer):
566
567 2016-11-09  Brady Eidson  <beidson@apple.com>
568
569         IndexedDB 2.0: Encapsulate cursor iteration parameters for easy future expansion.
570         https://bugs.webkit.org/show_bug.cgi?id=164504
571
572         Reviewed by Darin Adler.
573
574         No new tests (Refactor, no behavior change).
575
576         This patch literally just takes the "key" and "count" arguments and encapsulates them in a struct.
577         That struct will then be easily expandable in the future (e.g. bug 164404).
578
579         * Modules/indexeddb/IDBCursor.cpp:
580         (WebCore::IDBCursor::uncheckedIterateCursor):
581         
582         * Modules/indexeddb/IDBTransaction.cpp:
583         (WebCore::IDBTransaction::iterateCursor):
584         (WebCore::IDBTransaction::iterateCursorOnServer):
585         * Modules/indexeddb/IDBTransaction.h:
586         
587         * Modules/indexeddb/client/IDBConnectionProxy.cpp:
588         (WebCore::IDBClient::IDBConnectionProxy::iterateCursor):
589         * Modules/indexeddb/client/IDBConnectionProxy.h:
590         
591         * Modules/indexeddb/client/IDBConnectionToServer.cpp:
592         (WebCore::IDBClient::IDBConnectionToServer::iterateCursor):
593         * Modules/indexeddb/client/IDBConnectionToServer.h:
594         * Modules/indexeddb/client/IDBConnectionToServerDelegate.h:
595         
596         * Modules/indexeddb/server/IDBBackingStore.h:
597         
598         * Modules/indexeddb/server/IDBServer.cpp:
599         (WebCore::IDBServer::IDBServer::iterateCursor):
600         * Modules/indexeddb/server/IDBServer.h:
601         
602         * Modules/indexeddb/server/MemoryIDBBackingStore.cpp:
603         (WebCore::IDBServer::MemoryIDBBackingStore::iterateCursor):
604         * Modules/indexeddb/server/MemoryIDBBackingStore.h:
605         
606         * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:
607         (WebCore::IDBServer::SQLiteIDBBackingStore::iterateCursor):
608         * Modules/indexeddb/server/SQLiteIDBBackingStore.h:
609         
610         * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
611         (WebCore::IDBServer::UniqueIDBDatabase::iterateCursor):
612         (WebCore::IDBServer::UniqueIDBDatabase::performIterateCursor):
613         * Modules/indexeddb/server/UniqueIDBDatabase.h:
614         
615         * Modules/indexeddb/server/UniqueIDBDatabaseTransaction.cpp:
616         (WebCore::IDBServer::UniqueIDBDatabaseTransaction::iterateCursor):
617         * Modules/indexeddb/server/UniqueIDBDatabaseTransaction.h:
618         
619         * Modules/indexeddb/shared/IDBIterateCursorData.cpp: Added.
620         (WebCore::IDBIterateCursorData::isolatedCopy):
621         * Modules/indexeddb/shared/IDBIterateCursorData.h: Added.
622         (WebCore::IDBIterateCursorData::encode):
623         (WebCore::IDBIterateCursorData::decode):
624
625         * Modules/indexeddb/shared/InProcessIDBServer.cpp:
626         (WebCore::InProcessIDBServer::iterateCursor):
627         * Modules/indexeddb/shared/InProcessIDBServer.h:
628
629         * CMakeLists.txt:
630         * WebCore.xcodeproj/project.pbxproj:
631
632 2016-11-09  Ryosuke Niwa  <rniwa@webkit.org>
633
634         StyledElement::attributeChanged shouldn't do any work when the attribute value didn't change
635         https://bugs.webkit.org/show_bug.cgi?id=129476
636
637         Reviewed by Andreas Kling.
638
639         Avoid calling styleAttributeChanged and setPresentationAttributeStyleIsDirty
640         when the attribute value didn't change as in r164856.
641
642         * dom/StyledElement.cpp:
643         (WebCore::StyledElement::attributeChanged):
644
645 2016-11-09  Yusuke Suzuki  <utatane.tea@gmail.com>
646
647         [DOMJIT] Implement Node::ownerDocument
648         https://bugs.webkit.org/show_bug.cgi?id=164004
649
650         Reviewed by Darin Adler.
651
652         Test: js/dom/domjit-accessor-owner-document.html
653
654         Still I cannot reproduce this crash in x64 environment, according to the crash log, it accesses 0x8 address.
655         This can happen if document() accidentally returns nullptr. In the C++ ownerDocument implementation,
656         if document() returns nullptr, it just returns nullptr. But in the DOMJIT implementation, we assume that
657         document() won't return nullptr and access the member of it.
658
659         This patch aligns the DOMJIT implementation strictly to the C++ one.
660
661         * dom/Node.idl:
662         * domjit/JSNodeDOMJIT.cpp:
663         (WebCore::NodeOwnerDocumentDOMJIT::checkDOM):
664         (WebCore::NodeOwnerDocumentDOMJIT::callDOMGetter):
665
666 2016-11-09  Sam Weinig  <sam@webkit.org>
667
668         [SVG] Start moving special casing of SVG out of the bindings - SVGAngle
669         https://bugs.webkit.org/show_bug.cgi?id=164496
670
671         Reviewed by Darin Adler.
672
673         There is quite a bit of special casing of SVG types in the bindings that adds
674         a lot of complexity and is relatively fragile, as it is based on type naming.
675
676         Instead of keeping the complexity in the bindings, I am going to move it into
677         the implementation, where it has also longed to be. 
678
679         Starting small, with just SVGAngle. It has been split in two, with the existing
680         SVGAngle being renamed SVGAngleValue, and the bound instance, which used to be name
681         SVGPropertyTearOff<SVGAngle>, taking the name SVGAngle (and inheriting from 
682         SVGPropertyTearOff<SVGAngleValue>).
683
684         * CMakeLists.txt:
685         * WebCore.xcodeproj/project.pbxproj:
686         Add SVGAngleValue.cpp
687
688         * bindings/scripts/CodeGenerator.pm:
689         Remove SVGAngle as a special case.
690
691         * svg/SVGAngle.cpp: Removed.
692         * svg/SVGAngle.h:
693         Added. Implements the SVGAngle interface explicitly, getting to
694         the SVGAngleValue through propertyReference().
695
696         * svg/SVGAngle.idl:
697         * svg/SVGAngleValue.cpp: Copied from Source/WebCore/svg/SVGAngle.cpp.
698         * svg/SVGAngleValue.h: Copied from Source/WebCore/svg/SVGAngle.h.
699         Move old SVGAngle implementation to SVGAngleValue.
700
701         * svg/SVGAnimatedAngle.cpp:
702         Replace SVGAngle usage with SVGAngleValue.
703
704         * svg/SVGAnimatedAngle.h:
705         Switch SVGAnimatedAngle to be a type alias. This remains SVGAnimatedPropertyTearOff<SVGAngle>
706         as SVGAnimatedPropertyTearOff has been changed to take the TearOff type as its parameter.
707
708         * svg/SVGAnimatedLength.h:
709         * svg/SVGAnimatedPreserveAspectRatio.h:
710         * svg/SVGAnimatedRect.h:
711         Switch to using type aliases and pass the TearOff to SVGAnimatedPropertyTearOff.
712
713         * svg/SVGAnimatedType.cpp:
714         (WebCore::SVGAnimatedType::createAngleAndEnumeration):
715         * svg/SVGAnimatedType.h:
716         (WebCore::SVGAnimatedType::angleAndEnumeration):
717         Use SVGAngleValue.
718
719         * svg/SVGComponentTransferFunctionElement.h:
720         Add missing include of SVGElement.h (need because it removed from SVGPropertyTearOff).
721
722         * svg/SVGMarkerElement.cpp:
723         (WebCore::SVGMarkerElement::parseAttribute):
724         (WebCore::SVGMarkerElement::setOrient):
725         Switch to take an SVGAngleValue.
726
727         (WebCore::SVGMarkerElement::setOrientToAngle):
728         Update to pull the value out via propertyReference().
729
730         * svg/SVGMarkerElement.h:
731         Switch to take an SVGAngleValue.
732
733         * svg/SVGLengthList.h:
734         * svg/SVGNumberList.h:
735         * svg/SVGPathSegList.h:
736         * svg/SVGPointList.h:
737         * svg/SVGStringList.h:
738         * svg/SVGTransformList.h:
739         Switch to using type aliases in SVGPropertyTraits and add an alias for
740         ListItemTearOff.
741
742         * svg/SVGSVGElement.cpp:
743         (WebCore::SVGSVGElement::createSVGAngle):
744         * svg/SVGSVGElement.h:
745         Change createSVGAngle to return a Ref<SVGAngle> and create one.
746
747         * svg/SVGSVGElement.idl:
748         Annotate IDL to indicate that a new value is being returned.
749
750         * svg/SVGTransform.cpp:
751         Remove unnecessary include of SVGAngle.h.
752
753         * svg/SVGViewSpec.cpp:
754         Add missing include of SVGElement.h (need because it removed from SVGPropertyTearOff).
755
756         * svg/properties/SVGAnimatedPropertyTearOff.h:
757         Change to be parameterized on the TearOffType, rather than the PropertyType itself. Get the
758         Property type from the TearOffType.
759
760         * svg/properties/SVGListProperty.h:
761         * svg/properties/SVGListPropertyTearOff.h:
762         Fix assumption that all TearOffTypes are just a SVGPropertyTearOff templatized on a property
763         type. This is no longer true for SVGAngle. Instead, get the TearOffType for lists via SVGPropertyTraits.
764
765         * svg/properties/SVGPropertyTearOff.h:
766         Make the PropertyType available by exposing it as a type alias.
767
768 2016-11-09  Darin Adler  <darin@apple.com>
769
770         Move Range from ExceptionCode to ExceptionOr
771         https://bugs.webkit.org/show_bug.cgi?id=164457
772
773         Reviewed by Alex Christensen.
774
775         * accessibility/AXObjectCache.cpp:
776         (WebCore::AXObjectCache::rangeForNodeContents): Update to use ExceptionOr,
777         keeping behavior the same.
778         (WebCore::characterOffsetsInOrder): Ditto.
779         (WebCore::setRangeStartOrEndWithCharacterOffset): Changed argument to a
780         reference instead of a pointer. Use a boolean return value to indicate
781         success rather than an exception, since the callers don't need to know
782         which exception it is.
783         (WebCore::AXObjectCache::rangeForUnorderedCharacterOffsets): Updated for
784         the above.
785         (WebCore::AXObjectCache::nextBoundary): Ditto.
786         (WebCore::AXObjectCache::previousBoundary): Ditto.
787
788         * accessibility/AccessibilityObject.cpp:
789         (WebCore::AccessibilityObject::rangeOfStringClosestToRangeInDirection):
790         Update to use ExceptionOr, keeping behavior the same.
791         * accessibility/AccessibilityRenderObject.cpp:
792         (WebCore::AccessibilityRenderObject::documentBasedSelectedTextRange): Ditto.
793         * accessibility/atk/WebKitAccessibleUtil.cpp:
794         (selectionBelongsToObject): Ditto.
795         * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
796         (-[WebAccessibilityObjectWrapper _convertToNSRange:]): Ditto.
797         * dom/Node.cpp:
798         (WebCore::Node::textRects): Ditto.
799
800         * dom/Range.cpp:
801         (WebCore::Range::~Range): Remove old comment that no longer makes sense now
802         that the detach function no longer does anything.
803         (WebCore::checkForDifferentRootContainer): Updated to use ExceptionOr,
804         keeping behavior the same.
805         (WebCore::Range::setStart): Ditto.
806         (WebCore::Range::setEnd): Ditto.
807         (WebCore::Range::isPointInRange): Ditto.
808         (WebCore::Range::comparePoint): Ditto.
809         (WebCore::Range::compareNode): Ditto.
810         (WebCore::top): Added helper function so that compareBoundaryPoints doesn't
811         need to have two identical loops in it.
812         (WebCore::Range::compareBoundaryPoints): Updated to use ExceptionOr,
813         keeping behavior the same.
814         (WebCore::Range::compareBoundaryPointsForBindings): Ditto. Also use a switch
815         instead of relying on the order of the values to check for unsupported values.
816         (WebCore::Range::boundaryPointsValid): Ditto.
817         (WebCore::Range::deleteContents): Ditto.
818         (WebCore::Range::intersectsNode): Ditto.
819         (WebCore::Range::processContents): Ditto.
820         (WebCore::deleteCharacterData): Ditto.
821         (WebCore::processContentsBetweenOffsets): Ditto. Also changed to be a
822         non-member function and private to this file instead of in the class.
823         (WebCore::processNodes): Ditto. Also changed one argument to be a RefPtr
824         since the code relies on using it after mutating the DOM.
825         (WebCore::processAncestorsAndTheirSiblings): Ditto. Changed one argument type
826         to use ExceptionOr so the caller doesn't have to check the exception first.
827         (WebCore::Range::extractContents): Ditto.
828         (WebCore::Range::cloneContents): Ditto.
829         (WebCore::Range::insertNode): Ditto. Also fixed to only call nodeType once
830         instead of three times.
831         (WebCore::Range::toString): Ditto. Also fixed to call nodeType only once
832         per node instead of twice, to use downcast instead of static_cast, and to
833         use the word "node" instead of "n" for the local variable name.
834         (WebCore::Range::createContextualFragment): Ditto.
835         (WebCore::Range::checkNodeWOffset): Ditto.
836         (WebCore::Range::setStartAfter): Ditto.
837         (WebCore::Range::setEndBefore): Ditto.
838         (WebCore::Range::setEndAfter): Ditto.
839         (WebCore::Range::selectNode): Ditto.
840         (WebCore::Range::selectNodeContents): Ditto.
841         (WebCore::Range::surroundContents): Ditto.
842         (WebCore::Range::setStartBefore): Ditto.
843         (WebCore::Range::contains): Ditto. Except added code to handle exception
844         case to return false without asserting because I saw at least one crash
845         that seemed to imply this behavior was needed.
846         (WebCore::rangesOverlap): Ditto.
847         (WebCore::rangeOfContents): Ditto.
848         (WebCore::Range::expand): Ditto.
849         (WebCore::Range::getClientRects): Ditto.
850         (WebCore::Range::getBoundingClientRect): Ditto.
851         (WebCore::Range::borderAndTextQuads): Changed to use return value
852         instead of out argument, since it's a private function used only
853         within this class so it was easy to update all call sites.
854         (WebCore::Range::boundingRect): Updated for above. Also renamed since
855         there was no need for the name "internal" in this.
856         (WebCore::Range::absoluteBoundingRect): Ditto.
857         * dom/Range.h: Updated for above.
858         * dom/Range.idl: Use non-legacy exceptions. Also changed the default value
859         of the string argument to the expand function to the empty string rather
860         than "undefined", because the function silently does nothing when passed
861         any unrecognized string, and so this leaves behavior unchanged. I removed
862         the comment saying that the "undefined" default is wrong.
863
864         * editing/AlternativeTextController.cpp:
865         (WebCore::AlternativeTextController::applyAlternativeTextToRange): Updated
866         to use ExceptionOr but behave the same.
867         * editing/Editor.cpp:
868         (WebCore::Editor::advanceToNextMisspelling): Ditto.
869         (WebCore::Editor::markAndReplaceFor): Ditto.
870         (WebCore::isFrameInRange): Ditto. Also made a few style tweaks.
871         (WebCore::Editor::countMatchesForText): Ditto.
872         * editing/EditorCommand.cpp:
873         (WebCore::unionDOMRanges): Ditto.
874         * editing/FrameSelection.cpp:
875         (WebCore::FrameSelection::respondToNodeModification): Ditto.
876         * editing/InsertListCommand.cpp:
877         (WebCore::InsertListCommand::doApplyForSingleParagraph): Ditto.
878         * editing/TextCheckingHelper.cpp:
879         (WebCore::TextCheckingParagraph::offsetTo): Ditto.
880         * editing/TextCheckingHelper.h: Updated for above and also deleted
881         unneeded private function checkingRange, which just churned the
882         reference count unnecessarily; instead use m_checkingRange directly.
883         * editing/TextIterator.cpp:
884         (WebCore::TextIterator::getLocationAndLengthFromRange): Ditto.
885         * editing/VisiblePosition.cpp:
886         (WebCore::setStart): Ditto.
887         (WebCore::setEnd): Ditto.
888         * editing/VisibleSelection.cpp:
889         (WebCore::makeSearchRange): Ditto.
890
891         * editing/VisibleUnits.cpp:
892         (WebCore::suffixLengthForRange): Changed argument from RefPtr to
893         a reference.
894         (WebCore::prefixLengthForRange): Ditto.
895         (WebCore::previousBoundary): Updated for ExceptionOr and the change
896         above.
897         (WebCore::nextBoundary): Ditto.
898         * editing/VisibleUnits.h: Updated for above.
899
900         * editing/htmlediting.cpp:
901         (WebCore::comparePositions): Updated to use ExceptionOr but behave
902         the same.
903         (WebCore::visiblePositionForIndexUsingCharacterIterator): Ditto.
904         (WebCore::isNodeVisiblyContainedWithin): Ditto.
905         * editing/ios/EditorIOS.mm:
906         (WebCore::Editor::setDictationPhrasesAsChildOfElement): Ditto.
907         (WebCore::Editor::setTextAsChildOfElement): Ditto.
908         * editing/mac/EditorMac.mm:
909         (WebCore::Editor::adjustedSelectionRange): Ditto.
910         * editing/markup.cpp:
911         (WebCore::createMarkupInternal): Ditto.
912         * page/ContextMenuController.cpp:
913         (WebCore::ContextMenuController::contextMenuItemSelected): Ditto.
914         * page/DOMSelection.cpp:
915         (WebCore::DOMSelection::addRange): Ditto.
916         (WebCore::DOMSelection::deleteFromDocument): Ditto.
917         (WebCore::DOMSelection::containsNode): Ditto.
918
919         * page/EventHandler.cpp:
920         (WebCore::EventHandler::dispatchMouseEvent): Updated for change to
921         use ExceptionOr in Ragne::compareNode. Also refactored the function
922         to make the logic a little mroe straightforward and nest less of it
923         inside a loop.
924
925         * page/Page.cpp:
926         (WebCore::Page::findStringMatchingRanges): Updated for ExceptionOr
927         without changing behavior.
928         * page/TextIndicator.cpp:
929         (WebCore::hasNonInlineOrReplacedElements): Ditto.
930         * rendering/RenderNamedFlowThread.cpp:
931         (WebCore::RenderNamedFlowThread::getRanges): Ditto.
932
933 2016-11-09  Dave Hyatt  <hyatt@apple.com>
934
935         [CSS Parser] Fix grid layout parsing
936         https://bugs.webkit.org/show_bug.cgi?id=164489
937
938         Reviewed by Dean Jackson.
939
940         * css/CSSValueKeywords.in:
941         * css/parser/CSSPropertyParser.cpp:
942         (WebCore::consumeFitContent):
943         (WebCore::isGridTrackFixedSized):
944         (WebCore::consumeGridTrackSize):
945         (WebCore::consumeGridTrackRepeatFunction):
946         (WebCore::consumeGridTrackList):
947         (WebCore::isCustomIdentValue):
948         (WebCore::CSSPropertyParser::consumeGridItemPositionShorthand):
949         (WebCore::CSSPropertyParser::consumeGridAreaShorthand):
950         (WebCore::consumeImplicitGridAutoFlow):
951         (WebCore::CSSPropertyParser::consumeGridShorthand):
952
953 2016-11-09  Darin Adler  <darin@apple.com>
954
955         Move EventTarget from ExceptionCode to ExceptionOr
956         https://bugs.webkit.org/show_bug.cgi?id=164465
957
958         Reviewed by Youenn Fablet.
959
960         * Modules/indexeddb/IDBRequest.h: Added now-needed forward
961         class declarations.
962         * Modules/webaudio/AudioContext.h: Ditto.
963
964         * bindings/js/JSEventListener.cpp:
965         (WebCore::eventHandlerAttribute): Updated for name change of the
966         attributeEventListener function.
967         (WebCore::documentEventHandlerAttribute): Ditto.
968         * dom/Document.cpp:
969         (WebCore::Document::getWindowAttributeEventListener): Ditto.
970
971         * dom/EventTarget.cpp:
972         (WebCore::EventTarget::setAttributeEventListener): Updated for
973         name change.
974         (WebCore::EventTarget::attributeEventListener): Ditto.
975         (WebCore::EventTarget::dispatchEventForBindings): Use ExceptionOr.
976         (WebCore::legacyType): Use null instead of empty for no type, since
977         it's more efficient to check for null.
978         (WebCore::EventTarget::fireEventListeners): Check for null.
979         Also streamlined logic a little bit and removed a very old comment.
980         (WebCore::EventTarget::eventListeners): Renamed from getEventListeners.
981         * dom/EventTarget.h: Removed lots of unneeded declarations. Renamed
982         some functions to remove get prefix. Updated for above changes.
983         Moved one inline function out of the class header. Made the destructor
984         for EventTarget be inline to make the destructors for derived classes
985         slightly more efficient.
986         * dom/EventTarget.idl: Use non-legacy exception.
987
988         * dom/Node.cpp:
989         (WebCore::Node::didMoveToNewDocument): Updated for name change.
990         * editing/ReplaceSelectionCommand.cpp:
991         (WebCore::ReplacementFragment::ReplacementFragment): Ditto.
992
993         * inspector/InspectorCSSAgent.h: Added now-needed forward declaration.
994
995         * inspector/InspectorDOMAgent.cpp:
996         (WebCore::InspectorDOMAgent::getEventListeners): Updated for name change.
997
998         * inspector/InspectorInstrumentation.h: Added now-needed forward declaration.
999         * page/DOMWindow.h: Ditto.
1000         * xml/XMLHttpRequest.h: Ditto.
1001
1002 2016-11-09  Daniel Bates  <dabates@apple.com>
1003
1004         Add test infrastructure and tests for existing HTTP 0.9 sandbox machinery
1005         https://bugs.webkit.org/show_bug.cgi?id=164389
1006         <rdar://problem/29101072>
1007
1008         Reviewed by Alex Christensen.
1009
1010         Add test infrastructure to support registering an arbitrary port as the default port
1011         for a protocol. The behavior of various machinery, including the HTTP 0.9 machinery,
1012         can be effected by whether the resource request was made using the default port for
1013         the protocol. We expose window.internals.registerDefaultPortForProtocol() to allow
1014         a test to override the default port associated with a protocol so as to support
1015         testing these code paths using the existing port 8000 server started by run-webkit-httpd.
1016         Without window.internals.registerDefaultPortForProtocol() we would need to teach
1017         run-webkit-httpd to run a web server on port 80, which requires superuser privileges
1018         (since it is a privileged port number) and is more likely to interfere with an
1019         existing web server setup.
1020
1021         Tests: http/tests/security/http-0.9/default-port-plugin-blocked.html
1022                http/tests/security/http-0.9/default-port-script-blocked.html
1023                http/tests/security/http-0.9/iframe-blocked.html
1024                http/tests/security/http-0.9/image-blocked.html
1025                http/tests/security/http-0.9/image-on-HTTP-0.9-default-port-page-allowed-ref-test.html
1026                http/tests/security/http-0.9/image-on-HTTP-0.9-default-port-page-allowed.html
1027                http/tests/security/http-0.9/image-on-HTTP-0.9-page-blocked.html
1028                http/tests/security/http-0.9/worker-connect-src-blocked.html
1029                http/tests/security/http-0.9/worker-importScripts-blocked.html
1030                http/tests/security/http-0.9/xhr-asynchronous-blocked.html
1031
1032         * platform/URL.cpp:
1033         (WebCore::defaultPortForProtocolMapForTesting): Added.
1034         (WebCore::registerDefaultPortForProtocolForTesting): Adds the specified (protocol, port) to the
1035         mapping used for testing.
1036         (WebCore::clearDefaultPortForProtocolMapForTesting): Clears the protocol to default port testing map.
1037         We call this function from Internals::resetToConsistentState() so that the mapping is cleared between
1038         test runs.
1039         (WebCore::defaultPortForProtocol): Modified to check the protocol to default port map for testing
1040         before consulting URLParser::defaultPortForProtocol().
1041         * platform/URL.h:
1042         * testing/Internals.cpp:
1043         (WebCore::Internals::resetToConsistentState): Clear the default port mapping used for testing.
1044         (WebCore::Internals::registerDefaultPortForProtocol): Added.
1045         * testing/Internals.h:
1046         * testing/Internals.idl: Added declaration for registerDefaultPortForProtocol().
1047
1048 2016-11-09  Sam Weinig  <sam@webkit.org>
1049
1050         [WebIDL] Add proper parsing for Promises
1051         https://bugs.webkit.org/show_bug.cgi?id=164497
1052
1053         Reviewed by Tim Horton.
1054
1055         * bindings/scripts/IDLParser.pm:
1056         (parseNonAnyType):
1057         (parseStringType):
1058         Require Promise types to declare the type they resolve to.
1059         
1060         * bindings/js/JSDOMPromise.h:
1061         Allow DOMPromise to be be parameterized on void. Add an SFINAE guarded
1062         overload of resolve that takes no arguments when in a DOMPromise<void>.
1063
1064         * Modules/applepay/ApplePaySession.idl:
1065         * Modules/fetch/DOMWindowFetch.idl:
1066         * Modules/fetch/FetchBody.idl:
1067         * Modules/fetch/FetchResponse.idl:
1068         * Modules/fetch/WorkerGlobalScopeFetch.idl:
1069         * Modules/mediastream/MediaDevices.idl:
1070         * Modules/mediastream/MediaStreamTrack.idl:
1071         * Modules/mediastream/RTCPeerConnection.idl:
1072         * Modules/mediastream/RTCRtpSender.idl:
1073         * Modules/mediastream/RTCStatsReport.idl:
1074         * Modules/streams/ReadableStream.idl:
1075         * Modules/streams/ReadableStreamDefaultReader.idl:
1076         * Modules/streams/ReadableStreamSource.idl:
1077         * Modules/streams/WritableStream.idl:
1078         * Modules/webaudio/AudioContext.idl:
1079         * bindings/scripts/test/TestNode.idl:
1080         * bindings/scripts/test/TestObj.idl:
1081         * crypto/SubtleCrypto.idl:
1082         * crypto/WebKitSubtleCrypto.idl:
1083         * css/FontFace.idl:
1084         * css/FontFaceSet.idl:
1085         * dom/CustomElementRegistry.idl:
1086         * html/HTMLMediaElement.idl:
1087         Update IDLs to specify the resolve type of promise types.
1088
1089         * Modules/mediastream/MediaEndpointPeerConnection.cpp:
1090         (WebCore::MediaEndpointPeerConnection::replaceTrack):
1091         (WebCore::MediaEndpointPeerConnection::replaceTrackTask):
1092         * Modules/mediastream/MediaStreamTrack.cpp:
1093         (WebCore::MediaStreamTrack::applyConstraints):
1094         * Modules/mediastream/MediaStreamTrack.h:
1095         * Modules/mediastream/PeerConnectionBackend.cpp:
1096         (WebCore::PeerConnectionBackend::setLocalDescriptionSucceeded):
1097         (WebCore::PeerConnectionBackend::setRemoteDescriptionSucceeded):
1098         (WebCore::PeerConnectionBackend::addIceCandidateSucceeded):
1099         * Modules/mediastream/PeerConnectionBackend.h:
1100         * Modules/streams/ReadableStreamSource.h:
1101         (WebCore::ReadableStreamSource::start):
1102         (WebCore::ReadableStreamSource::pull):
1103         (WebCore::ReadableStreamSource::startFinished):
1104         (WebCore::ReadableStreamSource::pullFinished):
1105         * Modules/webaudio/AudioContext.cpp:
1106         (WebCore::AudioContext::addReaction):
1107         (WebCore::AudioContext::setState):
1108         (WebCore::AudioContext::suspend):
1109         (WebCore::AudioContext::resume):
1110         (WebCore::AudioContext::close):
1111         * Modules/webaudio/AudioContext.h:
1112         * html/HTMLMediaElement.cpp:
1113         (WebCore::HTMLMediaElement::rejectPendingPlayPromises):
1114         (WebCore::HTMLMediaElement::resolvePendingPlayPromises):
1115         (WebCore::HTMLMediaElement::play):
1116         * html/HTMLMediaElement.h:
1117         Update implementations to use DOMPromise<void> rather than DOMPromise<nullptr_t>
1118         and use the new resolve() overload.
1119
1120 2016-11-07  Brady Eidson  <beidson@apple.com>
1121
1122         Followup to https://bugs.webkit.org/show_bug.cgi?id=164466 - Make an IDBTransaction* be an IDBTransaction&
1123
1124         Rubberstamped by Alex Christensen.
1125
1126         No new tests (No behavior change).
1127
1128         * Modules/indexeddb/IDBObjectStore.cpp:
1129         (WebCore::IDBObjectStore::IDBObjectStore):
1130         (WebCore::IDBObjectStore::~IDBObjectStore):
1131         (WebCore::IDBObjectStore::hasPendingActivity):
1132         (WebCore::IDBObjectStore::name):
1133         (WebCore::IDBObjectStore::setName):
1134         (WebCore::IDBObjectStore::keyPath):
1135         (WebCore::IDBObjectStore::indexNames):
1136         (WebCore::IDBObjectStore::transaction):
1137         (WebCore::IDBObjectStore::autoIncrement):
1138         (WebCore::IDBObjectStore::openCursor):
1139         (WebCore::IDBObjectStore::openKeyCursor):
1140         (WebCore::IDBObjectStore::get):
1141         (WebCore::IDBObjectStore::putOrAdd):
1142         (WebCore::IDBObjectStore::doDelete):
1143         (WebCore::IDBObjectStore::clear):
1144         (WebCore::IDBObjectStore::createIndex):
1145         (WebCore::IDBObjectStore::index):
1146         (WebCore::IDBObjectStore::deleteIndex):
1147         (WebCore::IDBObjectStore::doCount):
1148         (WebCore::IDBObjectStore::getAll):
1149         (WebCore::IDBObjectStore::getAllKeys):
1150         (WebCore::IDBObjectStore::markAsDeleted):
1151         (WebCore::IDBObjectStore::rollbackForVersionChangeAbort):
1152         (WebCore::IDBObjectStore::ref):
1153         (WebCore::IDBObjectStore::deref):
1154         * Modules/indexeddb/IDBObjectStore.h:
1155
1156 2016-11-09  Zalan Bujtas  <zalan@apple.com>
1157
1158         Move RenderNamedFlowThread nextRendererForElement logic to RenderTreeUpdater.
1159         https://bugs.webkit.org/show_bug.cgi?id=164503
1160
1161         Reviewed by Antti Koivisto.
1162
1163         When we insert a renderer into the render tree, we need to know both its parent
1164         and its next sibling. Normally the parent and the sibling are based on the DOM, but
1165         when this renderer is part of a flow thread, its insertion sibling is not necessarily the DOM sibling.
1166         To find the correct sibling, we call RenderNamedFlowThread's nextRendererForElement().
1167         RenderNamedFlowThread keeps track of its children so that it can compute the next sibling
1168         for the insertion point.
1169
1170         This patch eliminates the need for keeping track of the child renderers of each
1171         flow by moving the 'next sibling' logic to RenderTreePosition.
1172
1173         No change in functionality.
1174
1175         * rendering/RenderElement.cpp:
1176         (WebCore::RenderElement::insertedIntoTree):
1177         (WebCore::RenderElement::willBeDestroyed):
1178         (WebCore::RenderElement::removeFromRenderFlowThread):
1179         (WebCore::RenderElement::renderNamedFlowThreadWrapper): Deleted.
1180         * rendering/RenderElement.h:
1181         * rendering/RenderNamedFlowThread.cpp:
1182         (WebCore::RenderNamedFlowThread::nextRendererForElement): Deleted.
1183         (WebCore::RenderNamedFlowThread::addFlowChild): Deleted.
1184         (WebCore::RenderNamedFlowThread::removeFlowChild): Deleted.
1185         * rendering/RenderNamedFlowThread.h:
1186         * style/RenderTreePosition.cpp:
1187         (WebCore::RenderTreePosition::previousSiblingRenderer):
1188         (WebCore::RenderTreePosition::flowThreadInsertionContext):
1189         * style/RenderTreePosition.h:
1190         (WebCore::RenderTreePosition::RenderTreePosition):
1191         (WebCore::RenderTreePosition::parent):
1192         * style/RenderTreeUpdater.cpp:
1193         (WebCore::registerElementForFlowThreadIfNeeded): We need to registed the element even when it does not create renderer (display: none).
1194         (WebCore::RenderTreeUpdater::createRenderer):
1195         (WebCore::moveToFlowThreadIfNeeded): Deleted.
1196
1197 2016-11-09  Per Arne Vollan  <pvollan@apple.com>
1198
1199         [Win][Direct2D] Incomplete image decoding.
1200         https://bugs.webkit.org/show_bug.cgi?id=164511
1201
1202         Reviewed by Darin Adler.
1203
1204         Create native decoder when all image data has been received.
1205
1206         * platform/graphics/win/ImageDecoderDirect2D.cpp:
1207         (WebCore::ImageDecoder::setData):
1208
1209 2016-11-09  Beth Dakin  <bdakin@apple.com>
1210
1211         Attempted build fix.
1212
1213         * platform/spi/cocoa/AVKitSPI.h:
1214
1215 2016-11-09  Brady Eidson  <beidson@apple.com>
1216
1217         IndexedDB 2.0: Clean up more transaction abort behavior, including tweaks to Index/ObjectStore lifetime.
1218         https://bugs.webkit.org/show_bug.cgi?id=164466
1219
1220         Reviewed by Alex Christensen.
1221
1222         No new tests (Covered by existing tests that now pass).
1223         
1224         Previously, IDBIndex ref/deref didn't track a traditional ref count but instead kept the owning object store alive.
1225         Now, IDBObjectStore ref/deref do the same thing for the owning transaction.
1226         
1227         Now when a version change transaction is rolled back, some object stores and indexes get pulled out of the "deleted"
1228         set and get promoted back up into the "referenced" set.
1229         
1230         Now deleted object stores/indexes are considered opaque roots, as live objects in the deleted state *can* get back
1231         to the owning objects.
1232
1233         * CMakeLists.txt:
1234         * WebCore.xcodeproj/project.pbxproj:
1235
1236         * Modules/indexeddb/IDBIndex.cpp:
1237         (WebCore::IDBIndex::rollbackInfoForVersionChangeAbort):
1238
1239         * Modules/indexeddb/IDBObjectStore.cpp:
1240         (WebCore::IDBObjectStore::IDBObjectStore):
1241         (WebCore::IDBObjectStore::indexNames):
1242         (WebCore::IDBObjectStore::transaction):
1243         (WebCore::IDBObjectStore::openCursor):
1244         (WebCore::IDBObjectStore::openKeyCursor):
1245         (WebCore::IDBObjectStore::deleteIndex):
1246         (WebCore::IDBObjectStore::rollbackForVersionChangeAbort):
1247         (WebCore::IDBObjectStore::visitReferencedIndexes):
1248         (WebCore::IDBObjectStore::ref):
1249         (WebCore::IDBObjectStore::deref):
1250         (WebCore::IDBObjectStore::create): Deleted.
1251         * Modules/indexeddb/IDBObjectStore.h:
1252
1253         * Modules/indexeddb/IDBTransaction.cpp:
1254         (WebCore::IDBTransaction::objectStore):
1255         (WebCore::IDBTransaction::transitionedToFinishing):
1256         (WebCore::IDBTransaction::internalAbort):
1257         (WebCore::IDBTransaction::createObjectStore):
1258         (WebCore::IDBTransaction::deleteObjectStore):
1259         (WebCore::IDBTransaction::visitReferencedObjectStores):
1260         * Modules/indexeddb/IDBTransaction.h:
1261         * Modules/indexeddb/IDBTransaction.idl:
1262
1263         * bindings/js/JSIDBTransactionCustom.cpp: Added.
1264         (WebCore::JSIDBTransaction::visitAdditionalChildren):
1265
1266 2016-11-09  Simon Fraser  <simon.fraser@apple.com>
1267
1268         Allow customization of TextStream-based logging for geometry types
1269         https://bugs.webkit.org/show_bug.cgi?id=164460
1270
1271         Reviewed by Zalan Bujtas.
1272
1273         TextStream-based logging was constrained by the requirement to maintain compatibility
1274         with DRT-style output, which includes cumbersome rect logging ("at (5,0) size 40x40")
1275         and dumping LayoutRects as IntRects.
1276         
1277         Add some formatting flags so that other TextStream clients (e.g. logging) can have
1278         more readable output, and opt into automatic FormatNumberRespectingIntegers behavior.
1279         
1280         TextStreams whose output appears in test results are given flags to avoid behavior
1281         changes, but in the longer term test results should be updated.
1282
1283         * html/canvas/CanvasRenderingContext2D.cpp:
1284         (WebCore::CanvasRenderingContext2D::replayDisplayListAsText):
1285         * page/scrolling/ScrollingStateNode.cpp:
1286         (WebCore::ScrollingStateNode::scrollingStateTreeAsText):
1287         * platform/graphics/FloatPoint.cpp:
1288         (WebCore::operator<<):
1289         * platform/graphics/FloatRect.cpp:
1290         (WebCore::operator<<):
1291         * platform/graphics/GraphicsLayer.cpp:
1292         (WebCore::GraphicsLayer::layerTreeAsText):
1293         * platform/graphics/IntRect.cpp:
1294         (WebCore::operator<<):
1295         * platform/graphics/LayoutPoint.cpp:
1296         (WebCore::operator<<):
1297         * platform/graphics/LayoutRect.cpp:
1298         (WebCore::operator<<):
1299         * platform/graphics/ca/GraphicsLayerCA.cpp:
1300         (WebCore::GraphicsLayerCA::replayDisplayListAsText):
1301         * platform/graphics/displaylists/DisplayList.cpp:
1302         (WebCore::DisplayList::DisplayList::asText):
1303         * platform/text/TextStream.cpp:
1304         (WebCore::TextStream::operator<<):
1305         * platform/text/TextStream.h:
1306         (WebCore::TextStream::TextStream):
1307         (WebCore::TextStream::formattingFlags):
1308         (WebCore::TextStream::setFormattingFlags):
1309         (WebCore::TextStream::hasFormattingFlag):
1310         (WebCore::TextStream::increaseIndent):
1311         (WebCore::TextStream::decreaseIndent):
1312         * rendering/RenderTreeAsText.cpp:
1313         (WebCore::externalRepresentation):
1314         (WebCore::counterValueForElement):
1315
1316 2016-11-09  Zalan Bujtas  <zalan@apple.com>
1317
1318         RenderFlowThread::flowThreadRelativeWillBeRemoved should take RenderObject& instead of RenderObject*
1319         https://bugs.webkit.org/show_bug.cgi?id=164543
1320
1321         Reviewed by Simon Fraser.
1322
1323         No change in functionality.
1324
1325         * rendering/RenderBlockFlow.cpp:
1326         (WebCore::RenderBlockFlow::removeChild):
1327         * rendering/RenderFlowThread.h:
1328         * rendering/RenderMultiColumnFlowThread.cpp:
1329         (WebCore::RenderMultiColumnFlowThread::handleSpannerRemoval):
1330         (WebCore::RenderMultiColumnFlowThread::flowThreadRelativeWillBeRemoved):
1331         * rendering/RenderMultiColumnFlowThread.h:
1332
1333 2016-11-09  Jer Noble  <jer.noble@apple.com>
1334
1335         REGRESSION (r208149): Media scrubber is not displayed in media controls
1336         https://bugs.webkit.org/show_bug.cgi?id=164514
1337
1338         Reviewed by Darin Adler.
1339
1340         Fixes broken Media Controls API tests.
1341
1342         Added a new PlatformMediaSessionType; need to add that same type to the TYPE_TRAITS section of 
1343         MediaElementSession.h so that is<> and downcast<> work correctly.
1344
1345         * html/MediaElementSession.h:
1346         (isType):
1347
1348 2016-11-09  Wenson Hsieh  <wenson_hsieh@apple.com>
1349
1350         When editing IME, `compositionend` events should fire after input events
1351         https://bugs.webkit.org/show_bug.cgi?id=164324
1352         <rdar://problem/29050438>
1353
1354         Reviewed by Darin Adler.
1355
1356         Moves where we dispatch `compositionend` events to after applying editing commands that fire `beforeinput` or
1357         `input` events. Also augments existing layout tests to verify the change.
1358
1359         * editing/Editor.cpp:
1360         (WebCore::Editor::setComposition):
1361
1362 2016-11-09  Wenson Hsieh  <wenson_hsieh@apple.com>
1363
1364         Setting foreground color when text is selected should fire an input event with color data
1365         https://bugs.webkit.org/show_bug.cgi?id=164241
1366         <rdar://problem/29032759>
1367
1368         Reviewed by Darin Adler.
1369
1370         Refactors Editor::applyStyle and Editor::applyParagraphStyle to handle beforeinput and input event dispatch.
1371         Instead of going through the ApplyStyleCommand to dispatch input events, override shouldDispatchInputEvents to
1372         return false. This strategy also has the effect of unifying the way input events are dispatched in applyStyle,
1373         in both codepaths where we computeAndSetTypingStyle and where we create and then apply a style command.
1374
1375         Test: fast/events/input-events-selection-forecolor-data.html
1376
1377         * editing/ApplyStyleCommand.h:
1378         * editing/Editor.cpp:
1379         (WebCore::inputEventDataForEditingStyleAndAction):
1380         (WebCore::Editor::applyStyle):
1381         (WebCore::Editor::applyParagraphStyle):
1382         (WebCore::Editor::computeAndSetTypingStyle):
1383
1384 2016-11-08  Dean Jackson  <dino@apple.com>
1385
1386         Rendering support for ExtendedColors
1387         https://bugs.webkit.org/show_bug.cgi?id=164443
1388         <rdar://problems/29123243>
1389
1390         Reviewed by Simon Fraser and Darin Adler.
1391
1392         Add support for rendering the new color() syntax, which
1393         ends up as an ExtendedColor.
1394
1395         In order to make rendering code a little more readable, I
1396         changed Color::hasAlpha to Color::isOpaque (since an alpha
1397         of 100% is still an alpha), and added a Color::isVisible
1398         helper (the color isn't completely transparent). These new
1399         helpers support ExtendedColor forms.
1400
1401         Support for painting gradients and blending between colors
1402         is still to come. I also added some FIXME comments
1403         to show other places that don't handle ExtendedColors yet.
1404
1405         Tests: css3/color/backgrounds-and-borders.html
1406                css3/color/box-shadows.html
1407                css3/color/canvas.html
1408                css3/color/composited-solid-backgrounds.html
1409                css3/color/text.html
1410
1411         * css/CSSGradientValue.cpp: Add some notes that this is broken.
1412         (WebCore::interpolate):
1413         (WebCore::CSSGradientValue::knownToBeOpaque):
1414
1415         * editing/EditingStyle.cpp: Use new Color helpers.
1416         (WebCore::isTransparentColorValue):
1417
1418         * editing/mac/EditorMac.mm: Use new Color helpers.
1419         (WebCore::Editor::fontAttributesForSelectionStart):
1420
1421         * html/ColorInputType.cpp: No need to use the Color class at all here.
1422         (WebCore::isValidSimpleColorString): Renamed from isValidColorString.
1423         (WebCore::ColorInputType::sanitizeValue):
1424         (WebCore::ColorInputType::typeMismatchFor):
1425         (WebCore::isValidColorString): Deleted.
1426
1427         * html/canvas/CanvasRenderingContext2D.cpp: New helpers.
1428         (WebCore::CanvasRenderingContext2D::shouldDrawShadows):
1429         (WebCore::CanvasRenderingContext2D::didDraw):
1430
1431         * page/FrameView.cpp: Ditto.
1432         (WebCore::FrameView::recalculateScrollbarOverlayStyle):
1433         (WebCore::FrameView::hasOpaqueBackground):
1434         (WebCore::FrameView::setBaseBackgroundColor):
1435
1436         * platform/graphics/Color.cpp:
1437         (WebCore::differenceSquared): Support ExtendedColor, but also
1438         add a note to indicate that this method and its call sites
1439         should use floats.
1440         (WebCore::Color::serialized): New helper.
1441         (WebCore::Color::cssText): Ditto.
1442         (WebCore::Color::blend): Ditto.
1443         (WebCore::Color::blendWithWhite):
1444         (WebCore::Color::colorWithAlphaMultipliedBy): Implementation of new function.
1445         (WebCore::Color::colorWithAlpha): Ditto.
1446         (WebCore::Color::opaqueColor): New method to return an opaque version of the given color.
1447         (WebCore::blend):
1448         * platform/graphics/Color.h:
1449         (WebCore::Color::isOpaque): New helper that is !hasAlpha().
1450         (WebCore::Color::isVisible): New helper.
1451         (WebCore::Color::alphaAsFloat): Gets the alpha value as a float. This replaces
1452         a bunch of places that were calculating it manually each time. Meanwhile, we
1453         might consider always exposing the primaries as floats... or at least
1454         have that option.
1455         (WebCore::isBlackColor): New helper - it was used in a couple of places.
1456         (WebCore::isWhiteColor): Ditto.
1457         (WebCore::Color::hasAlpha): Deleted.
1458
1459         * platform/graphics/Gradient.cpp: Add FIXME.
1460         (WebCore::Gradient::addColorStop):
1461         * platform/graphics/Gradient.h:
1462
1463         * platform/graphics/GraphicsContext.cpp: Use new helpers.
1464         (WebCore::GraphicsContext::computeLineBoundsAndAntialiasingModeForText):
1465         * platform/graphics/GraphicsContext.h:
1466         (WebCore::GraphicsContext::hasVisibleShadow):
1467
1468         * platform/graphics/Image.cpp: Ditto.
1469         (WebCore::Image::fillWithSolidColor):
1470
1471         * platform/graphics/ShadowBlur.cpp: Ditto.
1472         (WebCore::ShadowBlur::updateShadowBlurValues):
1473
1474         * platform/graphics/ca/GraphicsLayerCA.cpp: Ditto.
1475         (WebCore::GraphicsLayerCA::setContentsToSolidColor):
1476
1477         * platform/graphics/cg/GradientCG.cpp:
1478         (WebCore::Gradient::platformGradient): Add a FIXME to note that we can
1479         add ExtendedColor support simply by using CGColors, rather than fetching
1480         the components ourselves.
1481
1482         * platform/graphics/cg/GraphicsContextCG.cpp: New helpers.
1483         (WebCore::calculateDrawingMode):
1484
1485         * platform/graphics/cocoa/FontCascadeCocoa.mm: New helpers.
1486         (WebCore::FontCascade::drawGlyphs):
1487
1488         * platform/graphics/mac/ColorMac.mm: Use the new helpers and Color::hash().
1489         (WebCore::nsColor):
1490
1491         * platform/graphics/texmap/TextureMapperGL.cpp: New helpers.
1492         (WebCore::TextureMapperGL::drawBorder):
1493
1494         * rendering/BorderEdge.cpp: Ditto.
1495         (WebCore::BorderEdge::obscuresBackgroundEdge):
1496         (WebCore::BorderEdge::obscuresBackground):
1497
1498         * rendering/RenderBox.cpp: Ditto.
1499         (WebCore::RenderBox::getBackgroundPaintedExtent):
1500         (WebCore::RenderBox::backgroundIsKnownToBeOpaqueInRect):
1501         (WebCore::RenderBox::backgroundHasOpaqueTopLayer):
1502
1503         * rendering/RenderBoxModelObject.cpp: Ditto.
1504         (WebCore::RenderBoxModelObject::paintFillLayerExtended):
1505         (WebCore::colorNeedsAntiAliasAtCorner):
1506         (WebCore::willBeOverdrawn):
1507         (WebCore::RenderBoxModelObject::paintTranslucentBorderSides):
1508         (WebCore::RenderBoxModelObject::paintBorder):
1509         (WebCore::RenderBoxModelObject::boxShadowShouldBeAppliedToBackground):
1510         (WebCore::RenderBoxModelObject::paintBoxShadow):
1511         * rendering/RenderElement.cpp:
1512         (WebCore::RenderElement::paintOutline):
1513         * rendering/RenderInline.cpp:
1514         (WebCore::RenderInline::paintOutline):
1515         * rendering/RenderLayerBacking.cpp:
1516         (WebCore::canCreateTiledImage):
1517         * rendering/RenderLayerCompositor.cpp:
1518         (WebCore::RenderLayerCompositor::viewHasTransparentBackground):
1519         * rendering/RenderMenuList.cpp:
1520         (RenderMenuList::getItemBackgroundColor):
1521         * rendering/RenderTheme.cpp:
1522         (WebCore::RenderTheme::disabledTextColor):
1523         * rendering/RenderView.cpp:
1524         (WebCore::RenderView::paintBoxDecorations):
1525         * rendering/TextDecorationPainter.cpp:
1526         (WebCore::TextDecorationPainter::paintTextDecoration):
1527         * rendering/TextPainter.cpp:
1528         (WebCore::TextPainter::paintTextWithShadows):
1529         * rendering/style/BorderValue.h:
1530         (WebCore::BorderValue::isTransparent):
1531         * rendering/style/RenderStyle.cpp:
1532         (WebCore::RenderStyle::visitedDependentColor):
1533         * rendering/style/RenderStyle.h:
1534         (WebCore::RenderStyle::hasBackground):
1535         * rendering/svg/RenderSVGResource.cpp:
1536         (WebCore::requestPaintingResource):
1537         * rendering/svg/SVGInlineTextBox.cpp:
1538         (WebCore::SVGInlineTextBox::paintSelectionBackground):
1539
1540         * svg/SVGAnimatedColor.cpp: Add a FIXME to note this is broken.
1541         (WebCore::SVGAnimatedColorAnimator::calculateAnimatedValue):
1542
1543 2016-11-09  Antoine Quint  <graouts@apple.com>
1544
1545         [Modern Media Controls] UI Library: StatusLabel
1546         https://bugs.webkit.org/show_bug.cgi?id=164544
1547         <rdar://problem/29179541>
1548
1549         Reviewed by Dean Jackson.
1550
1551         We add a new StatusLabel class to display a string of text in place of the TimeControl.
1552         A followup patch will add the logic to display "Error", "Loading" and "Live Broadcast"
1553         test under the right media state.
1554
1555         Tests: media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-status-label.html
1556                media/modern-media-controls/status-label/status-label.html
1557
1558         * Modules/modern-media-controls/controls/macos-inline-media-controls.css:
1559         (.media-controls.mac.inline .time-label,):
1560         (.media-controls.mac.inline .time-label): Deleted.
1561         * Modules/modern-media-controls/controls/macos-inline-media-controls.js:
1562         (MacOSInlineMediaControls.prototype.layout):
1563         * Modules/modern-media-controls/controls/media-controls.js:
1564         (MediaControls.):
1565         * Modules/modern-media-controls/controls/status-label.css: Added.
1566         (.status-label):
1567         * Modules/modern-media-controls/controls/status-label.js: Added.
1568         (StatusLabel.prototype.get text):
1569         (StatusLabel.prototype.set text):
1570         (StatusLabel.prototype.commitProperty):
1571         * Modules/modern-media-controls/js-files:
1572         * WebCore.xcodeproj/project.pbxproj:
1573
1574 2016-11-09  Chris Dumez  <cdumez@apple.com>
1575
1576         [Mac] Stop using deprecated AppKit enumeration values
1577         https://bugs.webkit.org/show_bug.cgi?id=164494
1578
1579         Reviewed by Darin Adler.
1580
1581         Stop using deprecated AppKit enumeration values.
1582
1583         * editing/cocoa/HTMLConverter.mm:
1584         (HTMLConverter::computedAttributesForElement):
1585         (HTMLConverter::_processElement):
1586         (HTMLConverter::_addMarkersToList):
1587         * page/mac/EventHandlerMac.mm:
1588         (WebCore::EventHandler::keyEvent):
1589         (WebCore::lastEventIsMouseUp):
1590         (WebCore::EventHandler::passSubframeEventToSubframe):
1591         (WebCore::EventHandler::widgetDidHandleWheelEvent):
1592         (WebCore::EventHandler::sendFakeEventsAfterWidgetTracking):
1593         * page/mac/TextIndicatorWindow.mm:
1594         (WebCore::TextIndicatorWindow::setTextIndicator):
1595         * platform/graphics/mac/IconMac.mm:
1596         (WebCore::Icon::paint):
1597         * platform/mac/CursorMac.mm:
1598         (WebCore::createCustomCursor):
1599         * platform/mac/DragImageMac.mm:
1600         (WebCore::dissolveDragImageToFraction):
1601         (WebCore::createDragImageFromImage):
1602         * platform/mac/EventLoopMac.mm:
1603         (WebCore::EventLoop::cycle):
1604         * platform/mac/PasteboardMac.mm:
1605         (WebCore::Pasteboard::setDragImage):
1606         * platform/mac/PlatformEventFactoryMac.mm:
1607         (WebCore::globalPointForEvent):
1608         (WebCore::pointForEvent):
1609         (WebCore::mouseButtonForEvent):
1610         (WebCore::mouseEventTypeForEvent):
1611         (WebCore::clickCountForEvent):
1612         (WebCore::isKeypadEvent):
1613         (WebCore::windowsKeyCodeForKeyEvent):
1614         (WebCore::isKeyUpEvent):
1615         (WebCore::PlatformKeyboardEventBuilder::PlatformKeyboardEventBuilder):
1616         * platform/mac/ScrollbarThemeMac.mm:
1617         (WebCore::scrollbarControlSizeToNSControlSize):
1618         * platform/mac/ThemeMac.mm:
1619         (-[WebCoreThemeView window]):
1620         (WebCore::controlSizeForFont):
1621         (WebCore::controlSizeFromPixelSize):
1622         (WebCore::setUpButtonCell):
1623         (WebCore::stepperControlSizeForFont):
1624         (WebCore::paintStepper):
1625         (WebCore::ThemeMac::minimumControlSize):
1626         * platform/mac/WebVideoFullscreenHUDWindowController.mm:
1627         (-[WebVideoFullscreenHUDWindow initWithContentRect:styleMask:backing:defer:]):
1628         (-[WebVideoFullscreenHUDWindow performKeyEquivalent:]):
1629         (-[WebVideoFullscreenHUDWindowController init]):
1630         (-[WebVideoFullscreenHUDWindowController keyDown:]):
1631         (-[WebVideoFullscreenHUDWindowController windowDidLoad]):
1632         * platform/mac/WebWindowAnimation.mm:
1633         (WebWindowAnimationDurationFromDuration):
1634         * rendering/RenderThemeMac.mm:
1635         (WebCore::RenderThemeMac::updateCachedSystemFontDescription):
1636         (WebCore::RenderThemeMac::controlSizeForFont):
1637         (WebCore::RenderThemeMac::controlSizeForCell):
1638         (WebCore::RenderThemeMac::controlSizeForSystemFont):
1639         (WebCore::RenderThemeMac::paintProgressBar):
1640         (WebCore::RenderThemeMac::popupMenuSize):
1641         (WebCore::RenderThemeMac::sliderThumbHorizontal):
1642         (WebCore::RenderThemeMac::sliderThumbVertical):
1643
1644 2016-11-08  Antoine Quint  <graouts@apple.com>
1645
1646         [Modern Media Controls] UI Library: iOS inline controls
1647         https://bugs.webkit.org/show_bug.cgi?id=164513
1648         <rdar://problem/27989475>
1649
1650         Reviewed by Dean Jackson.
1651
1652         We introduce a new IOSInlineMediaControls class which can be used to instantiate media controls
1653         for inline playback on iOS.
1654
1655         Tests: media/modern-media-controls/ios-inline-media-controls/ios-inline-media-controls-buttons-styles.html
1656                media/modern-media-controls/ios-inline-media-controls/ios-inline-media-controls-constructor.html
1657                media/modern-media-controls/ios-inline-media-controls/ios-inline-media-controls-controls-bar-styles.html
1658                media/modern-media-controls/ios-inline-media-controls/ios-inline-media-controls-layout.html
1659                media/modern-media-controls/ios-inline-media-controls/ios-inline-media-controls-time-control-styles.html
1660                media/modern-media-controls/ios-inline-media-controls/ios-inline-media-dropping-controls.html
1661
1662         * Modules/modern-media-controls/controls/ios-inline-media-controls.css: Added.
1663         (.media-controls.ios.inline > .controls-bar):
1664         (.media-controls.ios.inline .time-control):
1665         (.media-controls.ios.inline button):
1666         (.media-controls.ios.inline button:active):
1667         (.media-controls.ios.inline > .controls-bar button):
1668         (.media-controls.ios.inline .buttons-container.right):
1669         (.media-controls.ios.inline button.play-pause):
1670         (.media-controls.ios.inline button.skip-back):
1671         (.media-controls.ios.inline .scrubber.slider):
1672         (.media-controls.ios.inline button.airplay):
1673         (.media-controls.ios.inline button.pip):
1674         (.media-controls.ios.inline button.fullscreen):
1675         (.media-controls.ios.inline .time-label):
1676         (.media-controls.ios.inline .scrubber.slider > .fill):
1677         (.media-controls.ios.inline .scrubber.slider > input::-webkit-slider-thumb):
1678         * Modules/modern-media-controls/controls/ios-inline-media-controls.js: Added.
1679         (IOSInlineMediaControls.prototype.layout):
1680         (IOSInlineMediaControls):
1681         * Modules/modern-media-controls/images/iOS/slider-thumb@2x.png: Added.
1682         * Modules/modern-media-controls/js-files:
1683         * WebCore.xcodeproj/project.pbxproj:
1684
1685 2016-11-09  Beth Dakin  <bdakin@apple.com>
1686
1687         Support TouchBar in WebKit
1688         https://bugs.webkit.org/show_bug.cgi?id=164437
1689         -and corresponding-
1690         rdar://problem/28876524
1691
1692         Reviewed by Darin Adler.
1693
1694         * WebCore.xcodeproj/project.pbxproj:
1695         * platform/spi/cocoa/AVKitSPI.h:
1696         * platform/spi/cocoa/NSTouchBarSPI.h: Added.
1697         * platform/spi/mac/NSSpellCheckerSPI.h:
1698
1699 2016-11-09  Chris Dumez  <cdumez@apple.com>
1700
1701         Use Blob URL instead of webkit-fake-url when pasting an image
1702         https://bugs.webkit.org/show_bug.cgi?id=49141
1703
1704         Reviewed by Darin Adler.
1705
1706         Use Blob URL instead of webkit-fake-url when pasting an image.
1707
1708         Tests: editing/pasteboard/paste-image-as-blob-url.html
1709                editing/pasteboard/paste-image-using-image-data.html
1710
1711         * editing/Editor.h:
1712         * editing/mac/EditorMac.mm:
1713         (WebCore::Editor::WebContentReader::readImage):
1714         (WebCore::Editor::createFragmentForImageAndURL):
1715
1716 2016-11-09  Michael Catanzaro  <mcatanzaro@igalia.com>
1717
1718         Fix error message when SQLite initialization fails
1719         https://bugs.webkit.org/show_bug.cgi?id=164462
1720
1721         Reviewed by Darin Adler.
1722
1723         * platform/sql/SQLiteDatabase.cpp:
1724         (WebCore::initializeSQLiteIfNecessary):
1725
1726 2016-11-08  Antoine Quint  <graouts@apple.com>
1727
1728         [Modern Media Controls] UI Library: macOS fullscreen controls
1729         https://bugs.webkit.org/show_bug.cgi?id=164414
1730         <rdar://problem/27989474>
1731
1732         Reviewed by Dean Jackson.
1733
1734         We introduce a new MacOSFullscreenMediaControls class which can be used to instantiate media controls
1735         for fullscreen playback on macOS. These controls can be dragged by the user.
1736
1737         Tests: media/modern-media-controls/macos-fullscreen-media-controls/macos-fullscreen-media-controls-buttons-containers-styles.html
1738                media/modern-media-controls/macos-fullscreen-media-controls/macos-fullscreen-media-controls-buttons-styles.html
1739                media/modern-media-controls/macos-fullscreen-media-controls/macos-fullscreen-media-controls-constructor.html
1740                media/modern-media-controls/macos-fullscreen-media-controls/macos-fullscreen-media-controls-controls-bar-styles.html
1741                media/modern-media-controls/macos-fullscreen-media-controls/macos-fullscreen-media-controls-right-container-margin.html
1742                media/modern-media-controls/macos-fullscreen-media-controls/macos-fullscreen-media-controls-time-control-styles.html
1743                media/modern-media-controls/macos-fullscreen-media-controls/macos-fullscreen-media-controls-volume-styles.html
1744
1745         * Modules/modern-media-controls/controls/button.js:
1746         (Button.prototype.set enabled):
1747
1748             Correctly notify the layoutDelegate when the enabled property changes, regardless of whether
1749             the flag is on.
1750
1751         * Modules/modern-media-controls/controls/icon-button.js:
1752         (IconButton.prototype._updateImage):
1753         (IconButton):
1754
1755             Correctly notify the layout delegate when the image metrics have changed so that it may perform
1756             a layout. This issues became apparent with the new tests on Yosemite and caused some flakyness.
1757
1758         * Modules/modern-media-controls/controls/icon-service.js:
1759         (const.iconService.new.IconService.prototype._fileNameAndPlatformForIconNameAndLayoutTraits):
1760         (const.iconService.new.IconService):
1761
1762             Fix a typo.
1763
1764         * Modules/modern-media-controls/controls/macos-fullscreen-media-controls.css: Added.
1765         (.media-controls.mac.fullscreen > .controls-bar):
1766         (.media-controls.mac.fullscreen .volume.slider):
1767         (.media-controls.mac.fullscreen .buttons-container):
1768         (.media-controls.mac.fullscreen .buttons-container.center):
1769         (.media-controls.mac.fullscreen > .controls-bar button):
1770         (.media-controls.mac.fullscreen button.rewind):
1771         (.media-controls.mac.fullscreen button.play-pause):
1772         (.media-controls.mac.fullscreen button.forward):
1773         (.media-controls.mac.fullscreen .buttons-container.right):
1774         (.media-controls.mac.fullscreen button.airplay):
1775         (.media-controls.mac.fullscreen button.aspect-ratio):
1776         (.media-controls.mac.fullscreen button.pip):
1777         (.media-controls.mac.fullscreen button.tracks):
1778         (.media-controls.mac.fullscreen button.fullscreen):
1779         (.media-controls.mac.fullscreen .time-control):
1780         (.media-controls.mac.fullscreen .time-label):
1781         (.media-controls.mac.fullscreen .scrubber):
1782         * Modules/modern-media-controls/controls/macos-fullscreen-media-controls.js: Added.
1783         (MacOSFullscreenMediaControls.prototype.layout):
1784         (MacOSFullscreenMediaControls):
1785         * Modules/modern-media-controls/controls/macos-media-controls.js:
1786         (MacOSMediaControls):
1787         
1788             Allow the layoutTraits property to be set to something other than just LayoutTraits.macOS
1789             so that MacOSFullscreenMediaControls may set the LayoutTraits.Fullscreen bit.
1790         
1791         * Modules/modern-media-controls/js-files:
1792         
1793             Add a reference to the new macos-fullscreen-media-controls.js file.
1794         
1795         * WebCore.xcodeproj/project.pbxproj:
1796
1797             Add references to the new macos-fullscreen-media-controls.js and
1798             macos-fullscreen-media-controls.css files.
1799
1800 2016-11-09  Chris Dumez  <cdumez@apple.com>
1801
1802         Shave 16 bytes off HTMLInputElement
1803         https://bugs.webkit.org/show_bug.cgi?id=164488
1804
1805         Reviewed by Sam Weinig.
1806
1807         Shave 16 bytes off HTMLInputElement (232 -> 216) by packing data members
1808         better.
1809
1810         * html/HTMLFormControlElement.h:
1811         * html/HTMLTextFormControlElement.cpp:
1812         (WebCore::HTMLTextFormControlElement::HTMLTextFormControlElement):
1813         * html/HTMLTextFormControlElement.h:
1814
1815 2016-11-09  Youenn Fablet  <youenn@apple.com>
1816
1817         [WebRTC] Introduce asynchronous backend for other RTCPeerConnection API
1818         https://bugs.webkit.org/show_bug.cgi?id=164409
1819
1820         Reviewed by Eric Carlson.
1821
1822         Covered by existing tests.
1823
1824         Following on createOffer changes, applying the same changes to createAnswer, setLocalDescription, setRemoteDescription and addIceCandidate.
1825         Also refactored ICE candidate event generation (done at PeerConnectionBackend).
1826         Updated stop implementation to clean any promise that may be stored in PeerConnectionBackend.
1827
1828         The goal of this is to be more aligned with https://www.w3.org/TR/webrtc/.
1829         Implementation of the various functions such as //www.w3.org/TR/webrtc/#set-description would be done in PeerConnectionBackend.
1830         This will require additional code moved from MediaEndpointPeerConnection up to PeerConnectionBackend.
1831
1832         * Modules/mediastream/MediaEndpointPeerConnection.cpp:
1833         (WebCore::MediaEndpointPeerConnection::createOfferTask):
1834         (WebCore::MediaEndpointPeerConnection::doCreateAnswer):
1835         (WebCore::MediaEndpointPeerConnection::createAnswerTask):
1836         (WebCore::MediaEndpointPeerConnection::doSetLocalDescription):
1837         (WebCore::MediaEndpointPeerConnection::setLocalDescriptionTask):
1838         (WebCore::MediaEndpointPeerConnection::doSetRemoteDescription):
1839         (WebCore::MediaEndpointPeerConnection::setRemoteDescriptionTask):
1840         (WebCore::MediaEndpointPeerConnection::doAddIceCandidate):
1841         (WebCore::MediaEndpointPeerConnection::addIceCandidateTask):
1842         (WebCore::MediaEndpointPeerConnection::doStop):
1843         (WebCore::MediaEndpointPeerConnection::gotIceCandidate):
1844         (WebCore::MediaEndpointPeerConnection::doneGatheringCandidates):
1845         (WebCore::MediaEndpointPeerConnection::createAnswer): Deleted.
1846         (WebCore::MediaEndpointPeerConnection::setLocalDescription): Deleted.
1847         (WebCore::MediaEndpointPeerConnection::setRemoteDescription): Deleted.
1848         (WebCore::MediaEndpointPeerConnection::addIceCandidate): Deleted.
1849         (WebCore::MediaEndpointPeerConnection::stop): Deleted.
1850         (WebCore::MediaEndpointPeerConnection::localDescriptionTypeValidForState): Deleted.
1851         (WebCore::MediaEndpointPeerConnection::remoteDescriptionTypeValidForState): Deleted.
1852         * Modules/mediastream/MediaEndpointPeerConnection.h:
1853         * Modules/mediastream/PeerConnectionBackend.cpp:
1854         (WebCore::PeerConnectionBackend::createOffer):
1855         (WebCore::PeerConnectionBackend::createOfferFailed):
1856         (WebCore::PeerConnectionBackend::createAnswer):
1857         (WebCore::PeerConnectionBackend::createAnswerSucceeded):
1858         (WebCore::PeerConnectionBackend::createAnswerFailed):
1859         (WebCore::isLocalDescriptionTypeValidForState):
1860         (WebCore::PeerConnectionBackend::setLocalDescription):
1861         (WebCore::PeerConnectionBackend::setLocalDescriptionSucceeded):
1862         (WebCore::PeerConnectionBackend::setLocalDescriptionFailed):
1863         (WebCore::isRemoteDescriptionTypeValidForState):
1864         (WebCore::PeerConnectionBackend::setRemoteDescription):
1865         (WebCore::PeerConnectionBackend::setRemoteDescriptionSucceeded):
1866         (WebCore::PeerConnectionBackend::setRemoteDescriptionFailed):
1867         (WebCore::PeerConnectionBackend::addIceCandidate):
1868         (WebCore::PeerConnectionBackend::addIceCandidateSucceeded):
1869         (WebCore::PeerConnectionBackend::addIceCandidateFailed):
1870         (WebCore::PeerConnectionBackend::fireICECandidateEvent):
1871         (WebCore::PeerConnectionBackend::doneGatheringCandidates):
1872         (WebCore::PeerConnectionBackend::stop):
1873         * Modules/mediastream/PeerConnectionBackend.h:
1874
1875 2016-11-09  Eric Carlson  <eric.carlson@apple.com>
1876
1877         [MediaStream][Mac] Mark captured video frames as ready for display immediately
1878         https://bugs.webkit.org/show_bug.cgi?id=164482
1879         <rdar://problem/29139073>
1880
1881         Reviewed by Jer Noble.
1882
1883         * platform/cf/CoreMediaSoftLink.cpp: Add new constant.
1884         * platform/cf/CoreMediaSoftLink.h:
1885
1886         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h:
1887         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
1888         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::requestNotificationWhenReadyForMediaData):
1889           New, ask register for a callback when the sample buffer display layer is ready
1890           for more media data.
1891         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::enqueueVideoSampleBuffer): Don't change
1892           the sample timestamps, assume the caller has configured the sample correctly.
1893         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::prepareVideoSampleBufferFromTrack): Don't
1894           drop frames when the display layer isn't ready.
1895         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::destroyLayer): Call stopRequestingMediaData.
1896         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::sampleBufferUpdated):
1897         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::enqueueVideoSampleBufferFromTrack): Deleted.
1898
1899         * platform/mediastream/mac/AVVideoCaptureSource.mm:
1900         (WebCore::AVVideoCaptureSource::setupCaptureSession): Tell the video output to always discard
1901           late video frames, we don't need them.
1902         (WebCore::AVVideoCaptureSource::processNewFrame): Add a kCMSampleAttachmentKey_DisplayImmediately
1903           attachment.
1904
1905 2016-11-09  Joanmarie Diggs  <jdiggs@igalia.com>
1906
1907         AX: [ATK] Wrong selected element at a given index in a list box (redux)
1908         https://bugs.webkit.org/show_bug.cgi?id=164430
1909
1910         Reviewed by Darin Adler.
1911
1912         This essentially undoes the implementation change resulting from r164577.
1913         As stated in the ATK documentation, atk_selection_ref_selection() takes
1914         "a gint specifying the index in the selection set. (e.g. the ith selection
1915         as opposed to the ith child)." r164577 deliberately modified that, causing
1916         atk_selection_ref_selection() to treat the index as if it were the position
1917         with respect to all of the children. There is different API in ATK, namely
1918         atk_object_ref_accessible_child(), when the ith child from the set of all
1919         children is sought.
1920
1921         Tests: accessibility/aria-listbox-no-selection.html
1922                accessibility/native-listbox-no-selection.html
1923
1924         * accessibility/atk/WebKitAccessibleInterfaceSelection.cpp:
1925         (optionFromSelection):
1926
1927 2016-11-09  Gyuyoung Kim  <gyuyoung.kim@webkit.org>
1928
1929         [EFL] Use libgcrypt instead of GnuTLS for CryptoDigest
1930         https://bugs.webkit.org/show_bug.cgi?id=164461
1931
1932         Reviewed by Michael Catanzaro.
1933
1934         As GTK port in r208297, EFL port starts to use libgcrypt instead of GnuTLS as well.
1935
1936         No new tests, no behavior change.
1937
1938         * PlatformEfl.cmake:
1939
1940 2016-11-09  Ryan Haddad  <ryanhaddad@apple.com>
1941
1942         Unreviewed, rolling out r208422.
1943
1944         Roll r208382 back in since it was not responsible for the API
1945         test failures seen on macOS.
1946
1947         Reverted changeset:
1948
1949         "Unreviewed, rolling out r208382."
1950         https://bugs.webkit.org/show_bug.cgi?id=164319
1951         http://trac.webkit.org/changeset/208422
1952
1953 2016-11-09  Csaba Osztrogonác  <ossy@webkit.org>
1954
1955         One more URTBF after r208361.
1956
1957         * PlatformMac.cmake:
1958
1959 2016-11-09  Csaba Osztrogonác  <ossy@webkit.org>
1960
1961         Typo fix after r162782
1962         https://bugs.webkit.org/show_bug.cgi?id=164473
1963
1964         Unreviewed trivial fix.
1965
1966         * platform/ThreadGlobalData.cpp:
1967
1968 2016-11-07  Ryan Haddad  <ryanhaddad@apple.com>
1969
1970         Unreviewed, rolling out r208382.
1971
1972         This change appears to have caused 3
1973         SerializedCryptoKeyWrapTest API tests to fail on macOS.
1974
1975         Reverted changeset:
1976
1977         "[Readable Streams API] Implement ByteStreamController
1978         error()"
1979         https://bugs.webkit.org/show_bug.cgi?id=164319
1980         http://trac.webkit.org/changeset/208382
1981
1982 2016-11-04  Filip Pizlo  <fpizlo@apple.com>
1983
1984         WTF::ParkingLot should stop using std::chrono because std::chrono::duration casts are prone to overflows
1985         https://bugs.webkit.org/show_bug.cgi?id=152045
1986
1987         Reviewed by Andy Estes.
1988
1989         No new layout tests because no new behavior. The new WTF time classes have some unit tests
1990         in TestWebKitAPI.
1991
1992         * fileapi/ThreadableBlobRegistry.cpp:
1993         (WebCore::ThreadableBlobRegistry::blobSize):
1994         * platform/MainThreadSharedTimer.h:
1995         * platform/SharedTimer.h:
1996         * platform/ThreadTimers.cpp:
1997         (WebCore::ThreadTimers::updateSharedTimer):
1998         * platform/cf/MainThreadSharedTimerCF.cpp:
1999         (WebCore::MainThreadSharedTimer::setFireInterval):
2000         * platform/efl/MainThreadSharedTimerEfl.cpp:
2001         (WebCore::MainThreadSharedTimer::setFireInterval):
2002         * platform/glib/MainThreadSharedTimerGLib.cpp:
2003         (WebCore::MainThreadSharedTimer::setFireInterval):
2004         * platform/win/MainThreadSharedTimerWin.cpp:
2005         (WebCore::MainThreadSharedTimer::setFireInterval):
2006         * workers/WorkerRunLoop.cpp:
2007         (WebCore::WorkerRunLoop::runInMode):
2008
2009 2016-11-04  Zalan Bujtas  <zalan@apple.com>
2010
2011         RenderFlowThread state reset cleanup.
2012         https://bugs.webkit.org/show_bug.cgi?id=164426
2013
2014         Reviewed by Simon Fraser.
2015
2016         RenderFlowThread state reset is spread across several functions. This patch groups them
2017         together in RenderObject::resetFlowThreadState().
2018
2019         No change in functionality.
2020
2021         * rendering/RenderBlock.cpp:
2022         (WebCore::RenderBlock::removeLeftoverAnonymousBlock):
2023         (WebCore::RenderBlock::dropAnonymousBoxChild): This is now part of resetFlowThreadState() since resetFlowThreadState
2024         gets called even when NotifyChildren is false.
2025         * rendering/RenderElement.cpp:
2026         (WebCore::RenderElement::insertChildInternal): Initialize the thread state before we notify the child.
2027         (WebCore::RenderElement::removeChildInternal): Reset the state even when NotifyChildren is false.
2028         (WebCore::RenderElement::willBeRemovedFromTree): This code is moved to removeFromRenderFlowThread().
2029         (WebCore::RenderElement::removeFromRenderFlowThread):
2030         * rendering/RenderObject.cpp:
2031         (WebCore::RenderObject::initializeFlowThreadState): This is in transition for webkit.org/b/164428 (RenderFlowThread state initialization cleanup.)
2032         (WebCore::RenderObject::resetFlowThreadState):
2033         (WebCore::RenderObject::setParent): This was seemingly a random place to put flow state initialization. 
2034         (WebCore::RenderObject::willBeRemovedFromTree): resetFlowThreadState() takes care of it now.
2035         * rendering/RenderObject.h:
2036
2037 2016-11-04  Yusuke Suzuki  <utatane.tea@gmail.com>
2038
2039         [DOMJIT] Add DOMJIT::Signature annotation to Document::getElementById
2040         https://bugs.webkit.org/show_bug.cgi?id=164356
2041
2042         Reviewed by Filip Pizlo.
2043
2044         This patch implements DOMJIT::Signature annotation for getElementById.
2045         Since getElementById is also implemented in DocumentFragment, we implement
2046         the branchIfDocumentFragment/branchIfNotDocumentFragment for that.
2047
2048         In dromaeo, we have a test like this.
2049
2050         test( "getElementById", function(){
2051             for ( var i = 0; i < num * 30; i++ ) {
2052                 ret = document.getElementById("testA" + num).nodeType;
2053                 ret = document.getElementById("testB" + num).nodeType;
2054                 ret = document.getElementById("testC" + num).nodeType;
2055                 ret = document.getElementById("testD" + num).nodeType;
2056                 ret = document.getElementById("testE" + num).nodeType;
2057                 ret = document.getElementById("testF" + num).nodeType;
2058             }
2059         });
2060
2061         In the above test, JSC already knows the following things.
2062
2063         1. Since nodeType is now handled as CallDOMGetter, we know that it is pure.
2064         2. getElementById look up becomes PureGetById since document is impure object. But it is kept as PureGetById. So it does not write DOMState.
2065         3. `"testA" + num` will be converted to constant string.
2066         4. CallDOM for getElementById said it just reads(DOMState:DOM). And it saids that it returns the same value as long as DOMState is not clobbered.
2067         5. CheckCell leading CallDOM ensures the inlined getElementById node. (CallDOM node).
2068
2069         The key thing is that no node clobbers DOMState during the loop. So CallDOM & CallDOMGetter can be hoisted.
2070         This improves dom-query significantly. Dromaeo dom-query getElementById becomes 40x faster (247796 v.s. 6197).
2071         Dromaeo dom-query getElementById (not in document) becomes 89x faster (630317.8 v.s. 7066.).
2072
2073         Tests: js/dom/domjit-function-get-element-by-id-changed.html
2074                js/dom/domjit-function-get-element-by-id-licm.html
2075                js/dom/domjit-function-get-element-by-id.html
2076
2077         * dom/NonElementParentNode.idl:
2078         * domjit/DOMJITCheckDOM.h:
2079         (WebCore::DOMJIT::TypeChecker<DocumentFragment>::branchIfFail):
2080         * domjit/DOMJITHelpers.h:
2081         (WebCore::DOMJIT::branchIfDocumentFragment):
2082         (WebCore::DOMJIT::branchIfNotDocumentFragment):
2083
2084 2016-11-04  Simon Fraser  <simon.fraser@apple.com>
2085
2086         Rename unscaledUnobscuredVisibleContentSize and unscaledVisibleContentSizeIncludingObscuredArea for attempted clarity
2087         https://bugs.webkit.org/show_bug.cgi?id=164438
2088
2089         Reviewed by Tim Horton.
2090
2091         unscaledUnobscuredVisibleContentSize() and unscaledVisibleContentSizeIncludingObscuredArea() were an endless source
2092         of confusion.
2093         
2094         Functions with "VisibleContent" in the name are usually expected to return document coordinates (affected by zooming),
2095         so unscaledUnobscuredVisibleContentSize caused cognitive dissonance because of "unscaled" vs "visibleContent", and
2096         "unobscured" vs "visible".
2097         
2098         So rename:
2099             unscaledUnobscuredVisibleContentSize -> sizeForUnobscuredContent
2100             unscaledVisibleContentSizeIncludingObscuredArea -> sizeForVisibleContent
2101         
2102         sizeForUnobscuredContent() can also be private to ScrollView.
2103
2104         * inspector/InspectorOverlay.cpp:
2105         (WebCore::InspectorOverlay::update):
2106         * platform/ScrollView.cpp:
2107         (WebCore::ScrollView::unobscuredContentRectInternal):
2108         (WebCore::ScrollView::sizeForVisibleContent):
2109         (WebCore::ScrollView::sizeForUnobscuredContent): Don't compute unscaledVisibleContentSizeIncludingObscuredArea
2110         before testing whether we have a platform widget.
2111         (WebCore::ScrollView::layoutSize):
2112         (WebCore::ScrollView::unscaledVisibleContentSizeIncludingObscuredArea): Deleted.
2113         (WebCore::ScrollView::unscaledUnobscuredVisibleContentSize): Deleted.
2114         * platform/ScrollView.h:
2115         * rendering/RenderBoxModelObject.cpp:
2116         (WebCore::RenderBoxModelObject::calculateBackgroundImageGeometry):
2117         * rendering/RenderLayerCompositor.cpp:
2118         (WebCore::RenderLayerCompositor::flushPendingLayerChanges):
2119         (WebCore::RenderLayerCompositor::frameViewDidChangeSize):
2120         (WebCore::RenderLayerCompositor::updateRootLayerPosition):
2121         (WebCore::RenderLayerCompositor::ensureRootLayer):
2122
2123 2016-11-04  Simon Fraser  <simon.fraser@apple.com>
2124
2125         Layout viewport wrong with RTL documents
2126         https://bugs.webkit.org/show_bug.cgi?id=164434
2127
2128         Reviewed by Tim Horton.
2129
2130         The layoutViewportRect was computed incorrectly in RTL documents, because 
2131         FrameView::unscaledMaximumScrollPosition() was wrong; it erroneously mapped
2132         what it thought was a scrollOffset to a scrollPosition.
2133
2134         Unscaled scroll positions are in the same coordinate space as unscaledDocumentRect,
2135         so we should not call scrollPositionFromOffset() in FrameView::unscaledMaximumScrollPosition().
2136
2137         Changed FrameView::unscaledMinimumScrollPosition() to also just grab the location of
2138         unscaledDocumentRect, for symmetry.
2139
2140         Finally fixed the tiled scrolling indicator's viewport rect for zoomed RTL documents
2141         by using the unscaled scroll origin.
2142
2143         Tests: fast/visual-viewport/rtl-nonzoomed-rects.html
2144                fast/visual-viewport/rtl-zoomed-rects.html
2145
2146         * page/FrameView.cpp:
2147         (WebCore::FrameView::setLayoutViewportOrigin):
2148         (WebCore::FrameView::unscaledScrollOrigin):
2149         (WebCore::FrameView::unscaledMinimumScrollPosition):
2150         (WebCore::FrameView::unscaledMaximumScrollPosition):
2151         * page/FrameView.h:
2152
2153 2016-11-04  Sam Weinig  <sam@webkit.org>
2154
2155         [WebIDL] Add support for modern callback syntax
2156         https://bugs.webkit.org/show_bug.cgi?id=164435
2157
2158         Reviewed by Chris Dumez.
2159
2160         Support new callback syntax:
2161             callback Function = void (DOMString arg1, long arg2);
2162
2163         This replaces "callback interface" types with a Callback=FunctionOnly
2164         extended attribute.
2165
2166         * Modules/geolocation/PositionCallback.idl:
2167         * Modules/geolocation/PositionErrorCallback.idl:
2168         * Modules/notifications/NotificationPermissionCallback.idl:
2169         * Modules/quota/StorageErrorCallback.idl:
2170         * Modules/quota/StorageQuotaCallback.idl:
2171         * Modules/quota/StorageUsageCallback.idl:
2172         * Modules/webaudio/AudioBufferCallback.idl:
2173         * Modules/webdatabase/DatabaseCallback.idl:
2174         * Modules/webdatabase/SQLStatementCallback.idl:
2175         * Modules/webdatabase/SQLStatementErrorCallback.idl:
2176         * Modules/webdatabase/SQLTransactionCallback.idl:
2177         * Modules/webdatabase/SQLTransactionErrorCallback.idl:
2178         * dom/RequestAnimationFrameCallback.idl:
2179         * dom/StringCallback.idl:
2180         * html/VoidCallback.idl:
2181         * page/IntersectionObserverCallback.idl:
2182         * css/MediaQueryListListener.idl:
2183         Update to new syntax.
2184
2185         * css/MediaQueryListListener.h:
2186         * css/MediaQueryMatcher.cpp:
2187         (WebCore::MediaQueryMatcher::styleResolverChanged):
2188         Switch to using the now required 'handleEvent' name. This is an implementation detail
2189         that we should change.
2190
2191         * bindings/scripts/CodeGenerator.pm:
2192         Update document processing to allow a callback only file. Update callback
2193         type checks to look for a regex that matches in the new format.
2194
2195         * bindings/scripts/CodeGeneratorJS.pm:
2196         (AddToImplIncludesForIDLType):
2197         (AddToIncludesForIDLType):
2198         (AddToImplIncludes):
2199         (AddToIncludes):
2200         Abstract includes functions to allow passing in an include hash.
2201
2202         (GenerateCallbackFunctionHeader):
2203         (GenerateCallbackFunctionImplementation):
2204         (GenerateCallbackInterfaceHeader):
2205         (GenerateCallbackInterfaceImplementation):
2206         (GenerateCallbackHeaderContent):
2207         (GenerateCallbackImplementationContent):
2208         Refactor callback generation code into GenerateCallbackHeaderContent and GenerateCallbackImplementationContent
2209         to allow using it for both the new callbacks as well as the old callback interfaces.
2210
2211         * bindings/scripts/IDLParser.pm:
2212         (Parse):
2213         (applyTypedefs):
2214         (applyTypedefsToOperation):
2215         (parseCallbackRest):
2216         Parse callbacks into the new IDLCallbackFunction type. Ensure that typedefs are applied as well.
2217
2218         * bindings/scripts/IDLAttributes.txt:
2219         Remove support for Callback=FunctionOnly.
2220
2221         * bindings/scripts/test/JS/JSTestCallback.cpp: Removed.
2222         * bindings/scripts/test/JS/JSTestCallback.h: Removed.
2223         * bindings/scripts/test/JS/JSTestCallbackFunction.cpp:
2224         * bindings/scripts/test/JS/JSTestCallbackFunction.h:
2225         * bindings/scripts/test/JS/JSTestCallbackFunctionWithTypedefs.cpp: Added.
2226         * bindings/scripts/test/JS/JSTestCallbackFunctionWithTypedefs.h: Added.
2227         * bindings/scripts/test/JS/JSTestCallbackInterface.cpp: Copied from Source/WebCore/bindings/scripts/test/JS/JSTestCallback.cpp.
2228         * bindings/scripts/test/JS/JSTestCallbackInterface.h: Copied from Source/WebCore/bindings/scripts/test/JS/JSTestCallback.h.
2229         * bindings/scripts/test/JS/JSTestObj.cpp:
2230         * bindings/scripts/test/JS/JSTestTypedefs.cpp:
2231         * bindings/scripts/test/TestCallback.idl: Removed.
2232         * bindings/scripts/test/TestCallbackFunction.idl:
2233         * bindings/scripts/test/TestCallbackFunctionWithTypedefs.idl: Added.
2234         * bindings/scripts/test/TestCallbackInterface.idl: Copied from Source/WebCore/bindings/scripts/test/TestCallback.idl.
2235         * bindings/scripts/test/TestObj.idl:
2236         * bindings/scripts/test/TestTypedefs.idl:
2237         Update existing tests and add new ones to test callback functions specifically.
2238
2239 2016-11-04  Alex Christensen  <achristensen@webkit.org>
2240
2241         Move isDefaultPortForProtocol from URLParser.cpp back to URL.cpp
2242         https://bugs.webkit.org/show_bug.cgi?id=164439
2243
2244         Reviewed by Daniel Bates.
2245
2246         No change in behaviour.
2247
2248         * platform/URL.cpp:
2249         (WebCore::defaultPortForProtocol):
2250         (WebCore::isDefaultPortForProtocol):
2251         * platform/URLParser.cpp:
2252         (WebCore::URLParser::defaultPortForProtocol):
2253         (WebCore::URLParser::parsePort):
2254         (WebCore::defaultPortForProtocol): Deleted.
2255         (WebCore::isDefaultPortForProtocol): Deleted.
2256         * platform/URLParser.h:
2257
2258 2016-11-04  Wenson Hsieh  <wenson_hsieh@apple.com>
2259
2260         Safari does not emit composition end if blurred for dead key / Japanese IME
2261         https://bugs.webkit.org/show_bug.cgi?id=164369
2262         <rdar://problem/29050439>
2263
2264         Reviewed by Ryosuke Niwa.
2265
2266         On Mac, _before_ changing selection, try to finalize the composition by calling Editor::cancelComposition early.
2267         This is because the focused element may have changed after performing the selection change, so we would
2268         otherwise be dispatching the `compositionend` to the new focused element (or no compositionend at all) instead
2269         of the element with the composition.
2270
2271         Doing this allows us to match Chrome and Firefox behavior. After canceling the composition, we then need to also
2272         clear the system IME state. We do this on Mac WK1/WK2 through the cancelComposition() codepath, which ends up
2273         calling into -discardMarkedText, which resets the marked text state. Some minor refactoring was performed to
2274         accomplish this -- currently, discardedComposition sends a CompositionWasCanceled message over to the UI process
2275         that discards the marked text, and then updates the editor state. This patch splits this into two separate
2276         steps -- see the WebKit2 ChangeLog for more details.
2277
2278         Test: fast/events/ime-compositionend-on-selection-change.html
2279
2280         * editing/Editor.cpp:
2281         (WebCore::Editor::selectionWillChange):
2282         * editing/Editor.h:
2283         * editing/FrameSelection.cpp:
2284         (WebCore::FrameSelection::setSelectionWithoutUpdatingAppearance):
2285         * editing/mac/EditorMac.mm:
2286         (WebCore::Editor::selectionWillChange):
2287         * loader/EmptyClients.h:
2288         * page/EditorClient.h:
2289
2290 2016-11-04  Brady Eidson  <beidson@apple.com>
2291
2292         IndexedDB 2.0: Clean up more transaction abort and exception throwing behavior from IDBObjectStore.
2293         https://bugs.webkit.org/show_bug.cgi?id=164424
2294
2295         Reviewed by Alex Christensen.
2296
2297         No new tests (Covered by existing tests).
2298
2299         This patch actually turns a handful of PASS to FAIL in the imported tests, but those are parts of the
2300         spec in flux/under discussion.
2301
2302         We'll update either source or the tests as things are resolved.
2303
2304         * Modules/indexeddb/IDBIndex.cpp:
2305         (WebCore::IDBIndex::rollbackInfoForVersionChangeAbort):
2306
2307         * Modules/indexeddb/IDBObjectStore.cpp:
2308         (WebCore::IDBObjectStore::get):
2309         (WebCore::IDBObjectStore::putOrAdd):
2310         (WebCore::IDBObjectStore::rollbackForVersionChangeAbort):
2311
2312 2016-11-04  Ryosuke Niwa  <rniwa@webkit.org>
2313
2314         Load stylesheets in link elements inside a connected shadow tree
2315         https://bugs.webkit.org/show_bug.cgi?id=160683
2316         <rdar://problem/29040652>
2317
2318         Reviewed by Antti Koivisto.
2319
2320         Allow external stylesheets within a shadow tree by storing the appropriate style scope in HTMLLinkElement
2321         when it's connected to a document instead of always talking to document's style scope.
2322
2323         Tests: fast/shadow-dom/link-element-in-shadow-tree.html
2324                fast/shadow-dom/selected-stylesheet-in-shadow-tree.html
2325
2326        * html/HTMLLinkElement.cpp:
2327        (WebCore::HTMLLinkElement::HTMLLinkElement):
2328        (WebCore::HTMLLinkElement::~HTMLLinkElement):
2329        (WebCore::HTMLLinkElement::setDisabledState): Exit early when the element is not in a document as invoking
2330        didChangeActiveStyleSheetCandidates would require having a valid m_styleScope and process() already exits
2331        early when inDocument() is false.
2332        (WebCore::HTMLLinkElement::parseAttribute):
2333        (WebCore::HTMLLinkElement::process): Removed the early exit for when the element is in a shadow tree.
2334        (WebCore::HTMLLinkElement::insertedInto): Exit early unless this element has just become connected to
2335        a document instead of whenever its self-inclusive ancestor is inserted into a container.
2336        (WebCore::HTMLLinkElement::removedFrom): Ditto for removal. Also call removeStyleSheetCandidateNode after
2337        calling removePendingSheet since the latter depends on m_styleScope being not null.
2338        (WebCore::HTMLLinkElement::addPendingSheet):
2339        (WebCore::HTMLLinkElement::removePendingSheet):
2340        * html/HTMLLinkElement.h:
2341        * html/HTMLStyleElement.cpp:
2342        (WebCore::HTMLStyleElement::insertedInto): Only call inline style owner's insertedIntoDocument if this
2343        element has just become connected to a document.
2344        (WebCore::HTMLStyleElement::removedFrom): Ditto for the removal.
2345        * style/StyleScope.h:
2346        * svg/SVGStyleElement.cpp:
2347        (WebCore::SVGStyleElement::insertedInto): Ditto.
2348        (WebCore::SVGStyleElement::removedFrom): Ditto for the removal.
2349
2350 2016-11-04  Said Abou-Hallawa  <sabouhallawa@apple.com>
2351
2352         Add a setting and preferences to enable/disable async image decoding
2353         https://bugs.webkit.org/show_bug.cgi?id=164417
2354
2355         Reviewed by Simon Fraser.
2356
2357         Add an asyncImageDecodingEnabled setting. This setting controls whether an
2358         image "can" be asynchronously decoded on a separate thread or not. The
2359         function ImageSource::isAsyncDecodingRequired() will be used in conjunction
2360         with this setting to decide whether an image "should" be asynchronously
2361         decoded or not.
2362
2363         * page/Settings.in:
2364
2365 2016-11-04  Tim Horton  <timothy_horton@apple.com>
2366
2367         Apply post-landing review comments for r208347
2368
2369         * dom/Element.cpp:
2370         (WebCore::Element::findAnchorElementForLink):
2371         Use attributeWithoutSynchronization.
2372
2373         * page/PrintContext.cpp:
2374         (WebCore::PrintContext::spoolPage):
2375         (WebCore::PrintContext::spoolRect):
2376         (WebCore::PrintContext::collectLinkedDestinations):
2377         (WebCore::PrintContext::outputLinkedDestinations):
2378         * page/PrintContext.h:
2379         Pass Document by reference instead of Node by pointer,
2380         use ElementTraversal instead of NodeTraversal to avoid
2381         having to locally check the type, and null-check renderers.
2382
2383 2016-11-04  Myles C. Maxfield  <mmaxfield@apple.com>
2384
2385         Implement WebGL2RenderingContext::copyBufferSubData()
2386         https://bugs.webkit.org/show_bug.cgi?id=164008
2387
2388         Reviewed by Dean Jackson.
2389
2390         Similar to previous work regarding WebGL 2 buffers, this method implements
2391         the ability to copy from one buffer to another without the data leaving
2392         the GPU.
2393
2394         Test: fast/canvas/webgl/copyBufferSubData.html
2395
2396         * html/canvas/WebGL2RenderingContext.cpp:
2397         (WebCore::WebGL2RenderingContext::copyBufferSubData):
2398         * html/canvas/WebGLBuffer.cpp:
2399         (WebCore::WebGLBuffer::associateCopyBufferSubData):
2400         * html/canvas/WebGLBuffer.h:
2401         * platform/graphics/GraphicsContext3D.h:
2402         * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
2403         (WebCore::GraphicsContext3D::copyBufferSubData):
2404
2405 2016-11-04  Simon Fraser  <simon.fraser@apple.com>
2406
2407         Rename some ScrollingTree/Node-related functions to reduce the number of uses of "update"
2408         https://bugs.webkit.org/show_bug.cgi?id=164420
2409
2410         Reviewed by Tim Horton.
2411
2412         Rename:
2413             commitNewTreeState -> commitTreeState ("new" was redundant)
2414             updateBeforeChildren -> commitStateBeforeChildren
2415             updateAfterChildren -> commitStateAfterChildren
2416
2417         * page/scrolling/ScrollingTree.cpp:
2418         (WebCore::ScrollingTree::commitTreeState):
2419         (WebCore::ScrollingTree::updateTreeFromStateNode):
2420         (WebCore::ScrollingTree::commitNewTreeState): Deleted.
2421         * page/scrolling/ScrollingTree.h:
2422         * page/scrolling/ScrollingTreeFrameScrollingNode.cpp:
2423         (WebCore::ScrollingTreeFrameScrollingNode::commitStateBeforeChildren):
2424         (WebCore::ScrollingTreeFrameScrollingNode::updateBeforeChildren): Deleted.
2425         * page/scrolling/ScrollingTreeFrameScrollingNode.h:
2426         * page/scrolling/ScrollingTreeNode.h:
2427         (WebCore::ScrollingTreeNode::commitStateAfterChildren):
2428         (WebCore::ScrollingTreeNode::updateAfterChildren): Deleted.
2429         * page/scrolling/ScrollingTreeScrollingNode.cpp:
2430         (WebCore::ScrollingTreeScrollingNode::commitStateBeforeChildren):
2431         (WebCore::ScrollingTreeScrollingNode::commitStateAfterChildren):
2432         (WebCore::ScrollingTreeScrollingNode::updateBeforeChildren): Deleted.
2433         (WebCore::ScrollingTreeScrollingNode::updateAfterChildren): Deleted.
2434         * page/scrolling/ScrollingTreeScrollingNode.h:
2435         * page/scrolling/ThreadedScrollingTree.cpp:
2436         (WebCore::ThreadedScrollingTree::commitTreeState):
2437         (WebCore::ThreadedScrollingTree::commitNewTreeState): Deleted.
2438         * page/scrolling/ThreadedScrollingTree.h:
2439         * page/scrolling/ios/ScrollingTreeFrameScrollingNodeIOS.h:
2440         * page/scrolling/ios/ScrollingTreeFrameScrollingNodeIOS.mm:
2441         (WebCore::ScrollingTreeFrameScrollingNodeIOS::commitStateBeforeChildren):
2442         (WebCore::ScrollingTreeFrameScrollingNodeIOS::commitStateAfterChildren):
2443         (WebCore::ScrollingTreeFrameScrollingNodeIOS::updateBeforeChildren): Deleted.
2444         (WebCore::ScrollingTreeFrameScrollingNodeIOS::updateAfterChildren): Deleted.
2445         * page/scrolling/ios/ScrollingTreeIOS.cpp:
2446         (WebCore::ScrollingTreeIOS::commitNewTreeState): Deleted.
2447         * page/scrolling/ios/ScrollingTreeIOS.h:
2448         * page/scrolling/mac/ScrollingCoordinatorMac.mm:
2449         (WebCore::ScrollingCoordinatorMac::commitTreeState):
2450         * page/scrolling/mac/ScrollingTreeFixedNode.h:
2451         * page/scrolling/mac/ScrollingTreeFixedNode.mm:
2452         (WebCore::ScrollingTreeFixedNode::commitStateBeforeChildren):
2453         (WebCore::ScrollingTreeFixedNode::updateBeforeChildren): Deleted.
2454         * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.h:
2455         * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:
2456         (WebCore::ScrollingTreeFrameScrollingNodeMac::commitStateBeforeChildren):
2457         (WebCore::ScrollingTreeFrameScrollingNodeMac::commitStateAfterChildren):
2458         (WebCore::ScrollingTreeFrameScrollingNodeMac::updateBeforeChildren): Deleted.
2459         (WebCore::ScrollingTreeFrameScrollingNodeMac::updateAfterChildren): Deleted.
2460         * page/scrolling/mac/ScrollingTreeStickyNode.h:
2461         * page/scrolling/mac/ScrollingTreeStickyNode.mm:
2462         (WebCore::ScrollingTreeStickyNode::commitStateBeforeChildren):
2463         (WebCore::ScrollingTreeStickyNode::updateBeforeChildren): Deleted.
2464
2465 2016-11-03  Anders Carlsson  <andersca@apple.com>
2466
2467         Add new 'other' Apple Pay button style
2468         https://bugs.webkit.org/show_bug.cgi?id=164384
2469         rdar://problem/28302528
2470
2471         Reviewed by Dean Jackson.
2472
2473         * DerivedSources.make:
2474         * WebCorePrefix.h:
2475         Add extension points.
2476
2477         * css/CSSPrimitiveValueMappings.h:
2478         (WebCore::CSSPrimitiveValue::CSSPrimitiveValue):
2479         Add ApplePayButtonType::Other.
2480
2481         (WebCore::CSSPrimitiveValue::operator ApplePayButtonType):
2482         Add CSSValueOther.
2483
2484         * css/CSSValueKeywords.in:
2485         Add other.
2486
2487         * css/parser/CSSParser.cpp:
2488         (WebCore::isValidKeywordPropertyAndValue):
2489         Add CSSValueOther.
2490
2491         * css/parser/CSSParserFastPaths.cpp:
2492         (WebCore::CSSParserFastPaths::isValidKeywordPropertyAndValue):
2493         Add CSSValueOther.
2494
2495         * rendering/RenderThemeCocoa.mm:
2496         (WebCore::toPKPaymentButtonType):
2497         Handle ApplePayButtonType::Other.
2498
2499         * rendering/style/RenderStyleConstants.h:
2500         Add ApplePayButtonType::Other.
2501
2502 2016-11-04  Antti Koivisto  <antti@apple.com>
2503
2504         slotted() pseudo does not work with ID selector
2505         https://bugs.webkit.org/show_bug.cgi?id=160538
2506         <rdar://problem/28534529>
2507
2508         Reviewed by Andreas Kling.
2509
2510         When we saw an id selector while addin rules we immediately threw it into the m_idRules
2511         optimization bucket and bailed out. However selectors containing ::slotted must always end
2512         up in m_slottedPseudoElementRules list no matter what else is there.
2513
2514         Fix by treating id like other selectors and only choosing the bucket after analysing all
2515         the selector components.
2516
2517         Test: fast/shadow-dom/css-scoping-slot-with-id.html
2518
2519         * css/RuleSet.cpp:
2520         (WebCore::RuleSet::addRule): Also made this use switch instead of a series of ifs.
2521
2522 2016-11-04  Brady Eidson  <beidson@apple.com>
2523
2524         IndexedDB 2.0: Handle IDBObjectStore rename behavior properly when version change transaction aborts.
2525         https://bugs.webkit.org/show_bug.cgi?id=164416
2526
2527         Reviewed by Beth Dakin.
2528
2529         No new tests (Covered by existing tests).
2530
2531         * Modules/indexeddb/IDBObjectStore.cpp:
2532         (WebCore::IDBObjectStore::rollbackForVersionChangeAbort):
2533
2534 2016-11-04  Keith Rollin  <krollin@apple.com>
2535
2536         NetworkSession: Add NetworkDataTask implementation for blobs
2537         https://bugs.webkit.org/show_bug.cgi?id=163939
2538
2539         Reviewed by Alex Christensen.
2540
2541         * WebCore.xcodeproj/project.pbxproj: Mark HTTPParsers.h and AsyncFileStream.h as private.
2542         * fileapi/AsyncFileStream.h: Add WEBCORE_EXPORT to AsyncFileStream class.
2543         * platform/network/BlobData.h: Add WEBCORE_EXPORT to length().
2544         * platform/network/HTTPParsers.h: Add WEBCORE_EXPORT to parseRange().
2545         * platform/network/ResourceResponseBase.h: Add WEBCORE_EXPORT to setHTTPHeaderField().
2546
2547 2016-11-04  Brady Eidson  <beidson@apple.com>
2548
2549         IndexedDB 2.0: Use IDB-specific exceptions in places where the generic exceptions are currently used.
2550         https://bugs.webkit.org/show_bug.cgi?id=164406
2551
2552         Reviewed by Alex Christensen.
2553
2554         No new tests (Covered by existing tests).
2555
2556         * Modules/indexeddb/IDBIndex.cpp:
2557         (WebCore::IDBIndex::setName):
2558
2559         * Modules/indexeddb/IDBObjectStore.cpp:
2560         (WebCore::IDBObjectStore::setName):
2561
2562 2016-11-04  Joanmarie Diggs  <jdiggs@igalia.com>
2563
2564         AX: [ATK] Attempting to clear selection on ARIA listboxes results in crash
2565         https://bugs.webkit.org/show_bug.cgi?id=164331
2566
2567         Reviewed by Chris Fleizach.
2568
2569         The ATK code is using is<AccessibilityListBox>() to identify native listboxes.
2570         But is<AccessibilityListBox>() returns the value of isListBox() which returns
2571         true both for AccessibilityListBox instances as well as for AccessibilityObject
2572         instances which have an AccessibilityRole value of ListBoxRole. Because only
2573         native listboxes should be AccessibilityListBoxes, add isNativeListBox() so
2574         that we can distinguish native and ARIA listboxes.
2575
2576         Tests: accessibility/aria-listbox-clear-selection-crash.html
2577                accessibility/listbox-clear-selection.html
2578
2579         * accessibility/AccessibilityListBox.h:
2580         * accessibility/AccessibilityObject.h:
2581         (WebCore::AccessibilityObject::isNativeListBox):
2582         (WebCore::AccessibilityObject::isListBox):
2583
2584 2016-11-04  Brady Eidson  <beidson@apple.com>
2585
2586         IndexedDB 2.0: Throw the correct exceptions during IDBObjectStore/IDBIndex renaming.
2587         https://bugs.webkit.org/show_bug.cgi?id=164405
2588
2589         Reviewed by Alex Christensen.
2590
2591         No new tests (Covered by existing tests).
2592
2593         * Modules/indexeddb/IDBIndex.cpp:
2594         (WebCore::IDBIndex::setName):
2595
2596         * Modules/indexeddb/IDBObjectStore.cpp:
2597         (WebCore::IDBObjectStore::setName):
2598
2599 2016-11-04  Romain Bellessort  <romain.bellessort@crf.canon.fr>
2600
2601         [Readable Streams API] Implement ByteStreamController error()
2602         https://bugs.webkit.org/show_bug.cgi?id=164319
2603
2604         Reviewed by Youenn Fablet.
2605
2606         Implemented error() method of ReadableByteStreamController.
2607
2608         Updated test expectations for error() and added IDL-related tests.
2609
2610         * Modules/streams/ReadableByteStreamController.js:
2611         (error): Implemented.
2612         * Modules/streams/ReadableByteStreamInternals.js:
2613         (privateInitializeReadableByteStreamController):
2614         (isReadableByteStreamController): Added.
2615         (readableByteStreamControllerError): Added.
2616         (readableByteStreamControllerClearPendingPullIntos): Added.
2617         * Modules/streams/ReadableStream.js:
2618         (initializeReadableStream): More detailed error message.
2619         * Modules/streams/ReadableStreamDefaultController.js:
2620         (error): Removed unnecessary variable declaration.
2621         * bindings/js/WebCoreBuiltinNames.h: Added totalQueuedBytes.
2622
2623 2016-11-03  Brady Eidson  <beidson@apple.com>
2624
2625         IndexedDB 2.0: Handle IDBIndex rename behavior properly when version change transaction aborts.
2626         https://bugs.webkit.org/show_bug.cgi?id=164403
2627
2628         Reviewed by Alex Christensen.
2629
2630         No new tests (Covered by existing test).
2631
2632         * Modules/indexeddb/IDBIndex.cpp:
2633         (WebCore::IDBIndex::rollbackInfoForVersionChangeAbort): Only rollback the info if this index
2634           already existed before this version change transaction.
2635
2636 2016-11-03  Youenn Fablet  <youenn@apple.com>
2637
2638         [WebRTC] Introduce asynchronous backend createOffer API
2639         https://bugs.webkit.org/show_bug.cgi?id=164365
2640
2641         Reviewed by Sam Weinig.
2642
2643         Covered by existing tests.
2644
2645         Removing PeerEndpointBackendClient as it is only RTCPeerConnection.
2646         This allows removing virtual for some functions.
2647
2648         Moving MediaEndpointPeerClient::m_client to PeerEndpointBackendClient::m_peerConnection and making it a reference.
2649
2650         Implementing createOffer at PeerConnectionBackend by splitting it in four sub-functions:
2651         - main createOffer, implemented at PeerConnectionBackend.
2652         - doCreateOffer implemented by subclasses (MediaEndpointPeerConnection).
2653         - createOfferSucceeded/createOfferFailed implemented by PeerConnectionBackend.
2654
2655         * CMakeLists.txt:
2656         * Modules/mediastream/MediaEndpointPeerConnection.cpp:
2657         (WebCore::createMediaEndpointPeerConnection):
2658         (WebCore::MediaEndpointPeerConnection::MediaEndpointPeerConnection):
2659         (WebCore::MediaEndpointPeerConnection::doCreateOffer):
2660         (WebCore::MediaEndpointPeerConnection::createOfferTask):
2661         (WebCore::MediaEndpointPeerConnection::createAnswerTask):
2662         (WebCore::MediaEndpointPeerConnection::setLocalDescriptionTask):
2663         (WebCore::MediaEndpointPeerConnection::setRemoteDescriptionTask):
2664         (WebCore::MediaEndpointPeerConnection::addIceCandidateTask):
2665         (WebCore::MediaEndpointPeerConnection::createReceiver):
2666         (WebCore::MediaEndpointPeerConnection::replaceTrack):
2667         (WebCore::MediaEndpointPeerConnection::replaceTrackTask):
2668         (WebCore::MediaEndpointPeerConnection::markAsNeedingNegotiation):
2669         (WebCore::MediaEndpointPeerConnection::localDescriptionTypeValidForState):
2670         (WebCore::MediaEndpointPeerConnection::remoteDescriptionTypeValidForState):
2671         (WebCore::MediaEndpointPeerConnection::gotIceCandidate):
2672         (WebCore::MediaEndpointPeerConnection::doneGatheringCandidates):
2673         (WebCore::MediaEndpointPeerConnection::iceTransportStateChanged):
2674         (WebCore::MediaEndpointPeerConnection::createOffer): Deleted.
2675         * Modules/mediastream/MediaEndpointPeerConnection.h:
2676         * Modules/mediastream/PeerConnectionBackend.cpp:
2677         (WebCore::PeerConnectionBackend::createOffer):
2678         (WebCore::PeerConnectionBackend::createOfferSucceeded):
2679         (WebCore::PeerConnectionBackend::createOfferFailed):
2680         (WebCore::createPeerConnectionBackend): Deleted.
2681         * Modules/mediastream/PeerConnectionBackend.h:
2682         (WebCore::PeerConnectionBackend::PeerConnectionBackend):
2683         (WebCore::PeerConnectionBackendClient::~PeerConnectionBackendClient): Deleted.
2684         * Modules/mediastream/RTCPeerConnection.cpp:
2685         (WebCore::RTCPeerConnection::RTCPeerConnection):
2686         * Modules/mediastream/RTCPeerConnection.h:
2687         * WebCore.xcodeproj/project.pbxproj:
2688
2689 2016-11-03  Antti Koivisto  <antti@apple.com>
2690
2691         REGRESSION (r207717): DumpRenderTree crashed in com.apple.WebCore: WebCore::Style::Scope::flushPendingUpdate + 16
2692         https://bugs.webkit.org/show_bug.cgi?id=164397
2693         <rdar://problem/29100135>
2694
2695         Reviewed by Ryosuke Niwa.
2696
2697         The problem here was that we were leaving stale pointers to Document::m_inDocumentShadowRoots set when
2698         using fast-path document teardown.
2699
2700         (Patch and stories mostly by rniwa).
2701
2702         * dom/Document.cpp:
2703         (WebCore::Document::~Document):
2704         (WebCore::Document::didInsertInDocumentShadowRoot):
2705         (WebCore::Document::didRemoveInDocumentShadowRoot):
2706
2707             Improve asserts.
2708
2709         * dom/Element.cpp:
2710         (WebCore::Element::removeShadowRoot):
2711
2712             Remove the superfluous call to notifyChildNodeRemoved in Element::removeShadowRoot to
2713             avoid invoking notifyChildNodeRemoved during a document teardown, which is incorrect. It's sufficient that
2714             ~ShadowRoot calls ContainerNode::removeDetachedChildren(), and in turn removeDetachedChildrenInContainer()
2715             since the latter function tears down nodes via the deletion queue during a document destruction and use
2716             notifyChildNodeRemoved() on nodes that outlive the shadow root.
2717
2718         * dom/ShadowRoot.cpp:
2719         (WebCore::ShadowRoot::~ShadowRoot):
2720
2721             Take care to clean up inDocumentShadowRoots for fast-pathed destruction too.
2722
2723         (WebCore::ShadowRoot::insertedInto):
2724         (WebCore::ShadowRoot::removedFrom):
2725
2726             Improve ShadowRoot's insertedInto and removedFrom so that they only try to add and remove itself from
2727             m_inDocumentShadowRoots when the connected-ness changes.
2728
2729 2016-11-03  Simon Fraser  <simon.fraser@apple.com>
2730
2731         Give all the geometry classes a single-argument scale() function for consistency
2732         https://bugs.webkit.org/show_bug.cgi?id=164400
2733
2734         Reviewed by Zalan Bujtas.
2735
2736         Add single-argument scale() to FloatPoint, FloatQuad, FloatSize and LayoutPoint, as well
2737         as adding one to GraphicsContext. Switch callers who passed the same value for sx and sy
2738         to the new functions.
2739
2740         * dom/Document.cpp:
2741         (WebCore::Document::adjustFloatQuadsForScrollAndAbsoluteZoomAndFrameScale):
2742         * dom/MouseRelatedEvent.cpp:
2743         (WebCore::MouseRelatedEvent::init):
2744         (WebCore::MouseRelatedEvent::computeRelativePosition):
2745         * dom/TreeScope.cpp:
2746         (WebCore::TreeScope::nodeFromPoint):
2747         * page/PrintContext.cpp:
2748         (WebCore::PrintContext::spoolPage):
2749         * platform/cocoa/ThemeCocoa.mm:
2750         (WebCore::fitContextToBox):
2751         * platform/graphics/FloatPoint.h:
2752         (WebCore::FloatPoint::scale):
2753         * platform/graphics/FloatQuad.h:
2754         (WebCore::FloatQuad::scale):
2755         * platform/graphics/FloatSize.h:
2756         (WebCore::FloatSize::scale):
2757         * platform/graphics/GraphicsContext.cpp:
2758         (WebCore::GraphicsContext::applyDeviceScaleFactor):
2759         * platform/graphics/GraphicsContext.h:
2760         (WebCore::GraphicsContext::scale):
2761         * platform/graphics/LayoutPoint.h:
2762         (WebCore::LayoutPoint::scale):
2763         * platform/graphics/ca/TileCoverageMap.cpp:
2764         (WebCore::TileCoverageMap::update):
2765         * platform/graphics/ca/TileGrid.cpp:
2766         (WebCore::TileGrid::platformCALayerPaintContents):
2767         * platform/graphics/cg/ImageBufferCG.cpp:
2768         (WebCore::ImageBuffer::drawConsuming):
2769         (WebCore::ImageBuffer::draw):
2770         (WebCore::ImageBuffer::drawPattern):
2771         * platform/mac/ThemeMac.mm:
2772         (WebCore::paintToggleButton):
2773         (WebCore::paintButton):
2774         (WebCore::paintStepper):
2775         * rendering/RenderImage.cpp:
2776         (WebCore::RenderImage::nodeAtPoint):
2777         * rendering/RenderMediaControls.cpp:
2778         (WebCore::getUnzoomedRectAndAdjustCurrentContext):
2779         * rendering/RenderThemeMac.mm:
2780         (WebCore::RenderThemeMac::paintMenuList):
2781         (WebCore::RenderThemeMac::paintSliderThumb):
2782         (WebCore::RenderThemeMac::paintSearchField):
2783         (WebCore::RenderThemeMac::paintSearchFieldCancelButton):
2784         (WebCore::RenderThemeMac::paintSearchFieldResultsButton):
2785         * rendering/svg/SVGInlineTextBox.cpp:
2786         (WebCore::SVGInlineTextBox::selectionRectForTextFragment):
2787         (WebCore::SVGInlineTextBox::paintDecorationWithStyle):
2788         (WebCore::SVGInlineTextBox::paintTextWithShadows):
2789         * svg/SVGPathBlender.cpp:
2790         (WebCore::SVGPathBlender::blendAnimatedFloatPoint):
2791         (WebCore::SVGPathBlender::blendArcToSegment):
2792         * svg/SVGPathParser.cpp:
2793         (WebCore::SVGPathParser::parseCurveToCubicSmoothSegment):
2794         (WebCore::SVGPathParser::parseCurveToQuadraticSegment):
2795         (WebCore::SVGPathParser::parseCurveToQuadraticSmoothSegment):
2796         (WebCore::SVGPathParser::decomposeArcToCubic):
2797         * svg/SVGSVGElement.cpp:
2798         (WebCore::SVGSVGElement::localCoordinateSpaceTransform):
2799
2800 2016-11-03  Antti Koivisto  <antti@apple.com>
2801
2802         REGRESSION (r207669): Crash under media controls shadow root construction
2803         https://bugs.webkit.org/show_bug.cgi?id=164381
2804         <rdar://problem/28935401>
2805
2806         Reviewed by Simon Fraser.
2807
2808         The problem is that we are running a script for media control UA shadow tree in HTMLMediaElement::insertedInto.
2809         It is not safe to run scripts in insertedInto as the tree is in inconsistent state. Instead finishedInsertingSubtree
2810         callback should be used.
2811
2812         Test: media/media-controls-shadow-construction-crash.html
2813
2814         Seen on https://www.theguardian.com/artanddesign/video/2013/oct/14/banksy-central-park-new-york-video
2815
2816         * html/HTMLMediaElement.cpp:
2817         (WebCore::HTMLMediaElement::insertedInto):
2818         (WebCore::HTMLMediaElement::finishedInsertingSubtree):
2819
2820             Move configureMediaControls() to finishedInsertingSubtree().
2821
2822         * html/HTMLMediaElement.h:
2823         * style/StyleTreeResolver.cpp:
2824         (WebCore::Style::TreeResolver::resolveComposedTree):
2825
2826             Add an assert to make the bad state easier to hit in tests.
2827
2828 2016-11-03  Ryosuke Niwa  <rniwa@webkit.org>
2829
2830         Add an assertion to diagnose stress GC bots test failures
2831         https://bugs.webkit.org/show_bug.cgi?id=164396
2832
2833         Reviewed by Antti Koivisto.
2834
2835         Added an assertion for calling ElementQueue::add while ElementQueue::invokeAll is in progress.
2836         This should never happen as long as all DOM API has an appropriate CEReactions IDL attribute.
2837
2838         * dom/CustomElementReactionQueue.cpp:
2839         (WebCore::CustomElementReactionStack::ElementQueue::add):
2840         (WebCore::CustomElementReactionStack::ElementQueue::invokeAll):
2841         * dom/CustomElementReactionQueue.h:
2842
2843 2016-11-03  Said Abou-Hallawa  <sabouhallawa@apple.com>
2844
2845         Add the asynchronous image decoding mode
2846         https://bugs.webkit.org/show_bug.cgi?id=155546
2847
2848         Reviewed by Simon Fraser.
2849
2850         The asynchronous image decoding feature targets enhancing the rendering
2851         in two scenarios: the animated images and scrolling a page which large
2852         images. Enabling this feature for these two scenarios will be landed
2853         separately. 
2854
2855         The goal of the asynchronous image decoding is to have the decoded image
2856         frame ready before it has to be drawn. Drawing an image does not have to
2857         wait the image frame to be decoded.
2858
2859         * platform/graphics/BitmapImage.cpp:
2860         (WebCore::BitmapImage::frameImageAtIndex): Use the negation of frameHasValidNativeImageAtIndex().
2861         * platform/graphics/BitmapImage.h:
2862         (WebCore::BitmapImage::frameIsBeingDecodedAtIndex): Answers whether a frame is being decoded.
2863         (WebCore::BitmapImage::frameHasValidNativeImageAtIndex): Checks the validity of a frame.
2864         (WebCore::BitmapImage::frameHasInvalidNativeImageAtIndex): Deleted.
2865         * platform/graphics/Image.h:
2866         (WebCore::Image::newFrameNativeImageAvailableAtIndex): Notifies the image with the availability of a frame NativeImage.
2867         * platform/graphics/ImageFrame.h:
2868         (WebCore::ImageFrame::isBeingDecoded): Answers whether the frame is being decoded.
2869         (WebCore::ImageFrame::hasValidNativeImage): Checks the validity of the frame.
2870         (WebCore::ImageFrame::hasInvalidNativeImage): Deleted.
2871         * platform/graphics/ImageFrameCache.cpp:
2872         (WebCore::ImageFrameCache::~ImageFrameCache): Asserts the decoding loop was ended before deleting the ImageFrameCache.
2873         (WebCore::ImageFrameCache::setFrameNativeImageAtIndex): Rename this function to matches the other which take the frame index.
2874         (WebCore::ImageFrameCache::setFrameMetadataAtIndex): Ditto.
2875         (WebCore::ImageFrameCache::replaceFrameNativeImageAtIndex): It setts the ImageFrame's members and updates the decoded size.
2876         (WebCore::ImageFrameCache::cacheFrameNativeImageAtIndex): Replaces the frame NativeImage and notifies the Image with the new frame.
2877         (WebCore::ImageFrameCache::decodingQueue): Ensures the decoding WorkQueue is created and returns it.
2878         (WebCore::ImageFrameCache::startAsyncDecodingQueue): Starts a decoding WorkQueue which loops until m_frameRequestQueue is closed.
2879         (WebCore::ImageFrameCache::requestFrameAsyncDecodingAtIndex): Allows ImageSource to send a request to start asynchronous frame image decoding.
2880         (WebCore::ImageFrameCache::stopAsyncDecodingQueue): Stops the decoding WorkQueue by closing m_frameRequestQueue.
2881         (WebCore::ImageFrameCache::frameAtIndex): Call replaceFrameNativeImageAtIndex().
2882         (WebCore::ImageFrameCache::frameIsBeingDecodedAtIndex): Returns true if a request for the image frame is issued but not finished yet.
2883         (WebCore::ImageFrameCache::frameHasValidNativeImageAtIndex): Checks the validity of a frame.
2884         (WebCore::ImageFrameCache::setFrameNativeImage): Deleted. Was renamed to be setFrameNativeImageAtIndex.
2885         (WebCore::ImageFrameCache::setFrameMetadata): Deleted. Was renamed to be setFrameMetadataAtIndex
2886         (WebCore::ImageFrameCache::frameHasInvalidNativeImageAtIndex): Deleted. Was renamed to be frameHasValidNativeImageAtIndex.
2887         * platform/graphics/ImageFrameCache.h:
2888         (WebCore::ImageFrameCache::create): The decoding queue needs to hold a reference to this class so it can stop decoding safely without blocking.
2889         (WebCore::ImageFrameCache::hasDecodingQueue): Returns true if a decoding queue has started.
2890         * platform/graphics/ImageSource.cpp:
2891         (WebCore::ImageSource::ImageSource): Call ImageFrameCache::create().
2892         (WebCore::ImageSource::clear): Deleting the decoder is unnecessary for asynchronous decoding because ImageFrameCache manages all the memory.
2893         
2894         (WebCore::ImageSource::destroyDecodedData):
2895         (WebCore::ImageSource::destroyDecodedDataIfNecessary):
2896         (WebCore::ImageSource::ensureDecoderAvailable):
2897         (WebCore::ImageSource::dataChanged):
2898         (WebCore::ImageSource::isAllDataReceived):
2899         (WebCore::ImageSource::isAsyncDecodingRequired): Answers the question whether the async image decoding is required for this ImageSource.
2900         (WebCore::ImageSource::frameImageAtIndex):
2901         * platform/graphics/ImageSource.h:
2902         (WebCore::ImageSource::decodedSize):
2903         (WebCore::ImageSource::requestFrameAsyncDecodingAtIndex):
2904         (WebCore::ImageSource::stopAsyncDecodingQueue):
2905         (WebCore::ImageSource::isSizeAvailable):
2906         (WebCore::ImageSource::frameCount):
2907         (WebCore::ImageSource::repetitionCount):
2908         (WebCore::ImageSource::filenameExtension):
2909         (WebCore::ImageSource::hotSpot):
2910         (WebCore::ImageSource::size):
2911         (WebCore::ImageSource::sizeRespectingOrientation):
2912         (WebCore::ImageSource::singlePixelSolidColor):
2913         (WebCore::ImageSource::frameIsBeingDecodedAtIndex):
2914         (WebCore::ImageSource::frameIsCompleteAtIndex):
2915         (WebCore::ImageSource::frameHasAlphaAtIndex):
2916         (WebCore::ImageSource::frameHasImageAtIndex):
2917         (WebCore::ImageSource::frameSubsamplingLevelAtIndex):
2918         (WebCore::ImageSource::frameSizeAtIndex):
2919         (WebCore::ImageSource::frameBytesAtIndex):
2920         (WebCore::ImageSource::frameDurationAtIndex):
2921         (WebCore::ImageSource::frameOrientationAtIndex):
2922          Make m_frameCache a type Ref<ImageFrameCache>. Use '->' instead of '.' when accessing its members.
2923
2924         (WebCore::ImageSource::frameHasValidNativeImageAtIndex): Checks the validity of a frame.
2925         (WebCore::ImageSource::frameHasInvalidNativeImageAtIndex): Deleted. Was renamed to be frameHasValidNativeImageAtIndex.
2926
2927 2016-11-03  Myles C. Maxfield  <mmaxfield@apple.com>
2928
2929         [WebGL2] Implement getBufferSubData()
2930         https://bugs.webkit.org/show_bug.cgi?id=164111
2931
2932         Reviewed by Dean Jackson.
2933
2934         The call exists in OpenGL 3.2 but in order to have parity with
2935         OpenGL ES 3 we back it with glMapBufferRange() instead.
2936
2937         This patch simply adds surface area to GraphicsContext3D
2938         until we can get an ANGLE implementation of it.
2939
2940         When testing this patch I discovered that r207649 incorrectly
2941         interpreted arguments to bufferData() and bufferSubData() as
2942         byte offsets. Instead, they should be element indices. This
2943         patch fixes those functions to work correctly so that
2944         getBufferSubData() can be tested correctly.
2945
2946         Tests: fast/canvas/webgl/webgl2-buffers.html
2947                fast/canvas/webgl/getBufferSubData-webgl1.html
2948
2949         * html/canvas/WebGL2RenderingContext.cpp:
2950         (WebCore::arrayBufferViewElementSize):
2951         (WebCore::WebGL2RenderingContext::bufferData):
2952         (WebCore::WebGL2RenderingContext::bufferSubData):
2953         (WebCore::WebGL2RenderingContext::getBufferSubData):
2954         * html/canvas/WebGL2RenderingContext.h:
2955         * html/canvas/WebGL2RenderingContext.idl:
2956         * platform/graphics/GraphicsContext3D.h:
2957         * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
2958         (WebCore::GraphicsContext3D::getBufferSubData):
2959         (WebCore::GraphicsContext3D::mapBufferRange):
2960         (WebCore::GraphicsContext3D::unmapBuffer):
2961
2962 2016-11-03  Chris Dumez  <cdumez@apple.com>
2963
2964         Unreviewed, mark support for the 'download' attribute as 'Done'.
2965
2966         * features.json:
2967
2968 2016-11-03  Chris Dumez  <cdumez@apple.com>
2969
2970         [WK2][Cocoa] Implement user interface for HTML form validation
2971         https://bugs.webkit.org/show_bug.cgi?id=164143
2972         <rdar://problem/28944652>
2973
2974         Reviewed by Simon Fraser.
2975
2976         Add ValidationBubble class to show HTML form validation messages
2977         using native dialogs. It currently has an implementation for both
2978         Mac and iOS. It is in WebCore under platform/ so that it can be
2979         used by both WebKit1 and WebKit2.
2980
2981         Update ownership of ValidationMessageClient so that is is owned
2982         by the Page using a unique_ptr<>, which seems to be the modern
2983         way of handling lifetime for page clients.
2984
2985         Test: fast/forms/validation-messages.html
2986
2987         * WebCore.xcodeproj/project.pbxproj:
2988         * html/HTMLFormControlElement.cpp:
2989         (WebCore::HTMLFormControlElement::focusAndShowValidationMessage):
2990         * html/ValidationMessage.cpp:
2991         (WebCore::ValidationMessage::updateValidationMessage):
2992         * page/Page.cpp:
2993         (WebCore::Page::Page):
2994         (WebCore::Page::~Page):
2995         * page/Page.h:
2996         (WebCore::Page::validationMessageClient):
2997         * page/PageConfiguration.cpp:
2998         * page/PageConfiguration.h:
2999         * platform/ValidationBubble.h: Copied from Tools/DumpRenderTree/mac/UIScriptControllerMac.mm.
3000         (WebCore::ValidationBubble::message):
3001         * platform/ios/ValidationBubbleIOS.mm: Added.
3002         (-[WebValidationBubbleDelegate adaptivePresentationStyleForPresentationController:traitCollection:]):
3003         (WebCore::ValidationBubble::ValidationBubble):
3004         (WebCore::ValidationBubble::~ValidationBubble):
3005         (WebCore::ValidationBubble::show):
3006         (WebCore::ValidationBubble::setAnchorRect):
3007         * platform/mac/ValidationBubbleMac.mm: Added.
3008         (WebCore::ValidationBubble::ValidationBubble):
3009         (WebCore::ValidationBubble::~ValidationBubble):
3010         (WebCore::ValidationBubble::showRelativeTo):
3011
3012 2016-11-03  Brady Eidson  <beidson@apple.com>
3013
3014         IndexedDB 2.0: Rename IDBKeyRange.contains to IDBKeyRange.includes.
3015         https://bugs.webkit.org/show_bug.cgi?id=164383
3016
3017         Reviewed by Beth Dakin.
3018
3019         No new tests (Updated existing tests).
3020
3021         * Modules/indexeddb/IDBKeyRange.cpp:
3022         (WebCore::IDBKeyRange::includes):
3023         (WebCore::IDBKeyRange::contains): Deleted.
3024         * Modules/indexeddb/IDBKeyRange.h:
3025         * Modules/indexeddb/IDBKeyRange.idl:
3026
3027 2016-11-03  Ryan Haddad  <ryanhaddad@apple.com>
3028
3029         Unreviewed, rolling out r208302.
3030
3031         This change causes LayoutTest crashes under GuardMalloc.
3032
3033         Reverted changeset:
3034
3035         "Load stylesheets in link elements inside a connected shadow
3036         tree"
3037         https://bugs.webkit.org/show_bug.cgi?id=160683
3038         http://trac.webkit.org/changeset/208302
3039
3040 2016-11-03  Chris Dumez  <cdumez@apple.com>
3041
3042         Unreviewed, add HTML5 specification for HTML Interactive Form Validation feature.
3043
3044         * features.json:
3045
3046 2016-11-03  Chris Dumez  <cdumez@apple.com>
3047
3048         Unreviewed, add HTML Interactive Form Validation to features.json
3049
3050         * features.json:
3051
3052 2016-11-03  Yusuke Suzuki  <utatane.tea@gmail.com>
3053
3054         Unreviewed, rolling out due to crash in Amazon web site
3055         https://bugs.webkit.org/show_bug.cgi?id=164380
3056         <rdar://problem/29094221>
3057
3058         * dom/Node.idl:
3059         * domjit/JSNodeDOMJIT.cpp:
3060         (WebCore::NodeOwnerDocumentDOMJIT::checkDOM): Deleted.
3061         (WebCore::NodeOwnerDocumentDOMJIT::callDOMGetter): Deleted.
3062
3063 2016-11-03  Brady Eidson  <beidson@apple.com>
3064
3065         IndexedDB 2.0: Support binary keys.
3066         <rdar://problem/28806927> and https://bugs.webkit.org/show_bug.cgi?id=164359
3067
3068         Reviewed by Alex Christensen.
3069
3070         Tests: storage/indexeddb/modern/binary-keys-1-private.html
3071                storage/indexeddb/modern/binary-keys-1.html
3072                Changes to other existing tests.
3073
3074         * Modules/indexeddb/IDBKey.cpp:
3075         (WebCore::IDBKey::createBinary):
3076         (WebCore::IDBKey::IDBKey):
3077         (WebCore::IDBKey::compare):
3078         * Modules/indexeddb/IDBKey.h:
3079         (WebCore::IDBKey::binary):
3080         (WebCore::compareBinaryKeyData):
3081
3082         * Modules/indexeddb/IDBKeyData.cpp:
3083         (WebCore::IDBKeyData::IDBKeyData):
3084         (WebCore::IDBKeyData::maybeCreateIDBKey):
3085         (WebCore::IDBKeyData::isolatedCopy):
3086         (WebCore::IDBKeyData::encode):
3087         (WebCore::IDBKeyData::decode):
3088         (WebCore::IDBKeyData::compare):
3089         (WebCore::IDBKeyData::loggingString):
3090         (WebCore::IDBKeyData::operator==):
3091         * Modules/indexeddb/IDBKeyData.h:
3092         (WebCore::IDBKeyData::hash):
3093         (WebCore::IDBKeyData::encode):
3094         (WebCore::IDBKeyData::decode):
3095
3096         * Modules/indexeddb/IndexedDB.h: Add new enum for the new key type.
3097
3098         * bindings/js/IDBBindingUtilities.cpp:
3099         (WebCore::toJS):
3100         (WebCore::createIDBKeyFromValue):
3101
3102         * platform/ThreadSafeDataBuffer.h:
3103         (WebCore::ThreadSafeDataBufferImpl::ThreadSafeDataBufferImpl):
3104         (WebCore::ThreadSafeDataBuffer::copyData):
3105         (WebCore::ThreadSafeDataBuffer::size):
3106         (WebCore::ThreadSafeDataBuffer::operator==):
3107         (WebCore::ThreadSafeDataBuffer::ThreadSafeDataBuffer):
3108
3109 2016-11-03  Tim Horton  <timothy_horton@apple.com>
3110
3111         Printing to PDF should produce internal links when HTML has internal links
3112         https://bugs.webkit.org/show_bug.cgi?id=112081
3113         <rdar://problem/5955705>
3114
3115         Reviewed by Simon Fraser.
3116         Patch originally by David Lattimore.
3117
3118         No new tests, as it's unclear how to test PDF output.
3119
3120         * dom/Element.cpp:
3121         (WebCore::Element::findAnchorElementForLink):
3122         * dom/Element.h:
3123         Add findAnchorElementForLink, which looks up the anchor element corresponding
3124         to the current element's href, and also returns the fragment name as an out parameter.
3125
3126         * page/PrintContext.cpp:
3127         (WebCore::PrintContext::PrintContext):
3128         (WebCore::PrintContext::spoolPage):
3129         (WebCore::PrintContext::spoolRect):
3130         (WebCore::PrintContext::end):
3131         (WebCore::PrintContext::collectLinkedDestinations):
3132         (WebCore::PrintContext::outputLinkedDestinations):
3133         * rendering/RenderObject.cpp:
3134         (WebCore::RenderObject::addPDFURLRect):
3135         Plumb internal links (fragment links) through to GraphicsContext, using
3136         the fragment name from the page.
3137
3138         * page/PrintContext.h:
3139         * platform/graphics/GraphicsContext.cpp:
3140         (WebCore::GraphicsContext::supportsInternalLinks):
3141         (WebCore::GraphicsContext::setDestinationForRect):
3142         (WebCore::GraphicsContext::addDestinationAtPoint):
3143         * platform/graphics/GraphicsContext.h:
3144         * platform/graphics/cg/GraphicsContextCG.cpp:
3145         (WebCore::GraphicsContext::supportsInternalLinks):
3146         (WebCore::GraphicsContext::setDestinationForRect):
3147         (WebCore::GraphicsContext::addDestinationAtPoint):
3148         Plumb internal links through to the CGContext. Apply the CTM, because
3149         these functions expect positions in global coordinates.
3150
3151         * platform/graphics/win/GraphicsContextDirect2D.cpp:
3152         (WebCore::GraphicsContext::setURLForRect):
3153         * platform/graphics/cairo/GraphicsContextCairo.cpp:
3154         (WebCore::GraphicsContext::setURLForRect):
3155         Adjust setURLForRect to take a FloatRect, like everything else, and
3156         stop rounding.
3157
3158 2016-11-03  Alex Christensen  <achristensen@webkit.org>
3159
3160         Unreviewed, rolling out r208298.
3161         https://bugs.webkit.org/show_bug.cgi?id=163939
3162
3163         caused asan crashes
3164
3165         Reverted changeset:
3166
3167         "NetworkSession: Add NetworkDataTask implementation for blobs"
3168         https://bugs.webkit.org/show_bug.cgi?id=163939
3169         http://trac.webkit.org/changeset/208298
3170
3171 2016-11-03  Brent Fulgham  <bfulgham@apple.com>
3172
3173         [Win][Direct2D] Native Windows widgets are drawn upside-down
3174         https://bugs.webkit.org/show_bug.cgi?id=164370
3175
3176         Reviewed by Alex Christensen.
3177
3178         When we return from drawing in GDI code, we need to flip the resulting
3179         bitmap so that it draws in the proper orientation in Direct2D.
3180
3181         Tested by existing widget tests.
3182
3183         * platform/graphics/win/GraphicsContextDirect2D.cpp:
3184         (WebCore::GraphicsContext::releaseWindowsContext): Flip before drawing
3185         to our Direct2D context.
3186
3187 2016-11-01  Gavin Barraclough  <barraclough@apple.com>
3188
3189         Remove PageThrottler & all related code
3190         https://bugs.webkit.org/show_bug.cgi?id=164302
3191
3192         Reviewed by Ryosuke Niwa.
3193
3194         All relevant information now available from the ActivityState.
3195
3196         * CMakeLists.txt:
3197         * WebCore.xcodeproj/project.pbxproj:
3198         * html/HTMLMediaElement.cpp:
3199         (WebCore::HTMLMediaElement::setMuted):
3200         (WebCore::HTMLMediaElement::updateVolume):
3201         (WebCore::HTMLMediaElement::updatePlayState):
3202         (WebCore::HTMLMediaElement::updateAudioAssertionState): Deleted.
3203         * html/HTMLMediaElement.h:
3204         * loader/FrameLoader.cpp:
3205         (WebCore::FrameLoader::completed):
3206         (WebCore::FrameLoader::started):
3207         * loader/FrameLoader.h:
3208         * page/ChromeClient.h:
3209         * page/Page.cpp:
3210         (WebCore::Page::Page):
3211         * page/Page.h:
3212         (WebCore::Page::pageActivityStateChanged): Deleted.
3213         (WebCore::Page::pageThrottler): Deleted.
3214         * page/PageThrottler.cpp: Removed.
3215         * page/PageThrottler.h: Removed.
3216
3217 2016-11-03  Dan Bernstein  <mitz@apple.com>
3218
3219         REGRESSION (r206247): Painting milestones can be delayed until the next layer flush
3220         https://bugs.webkit.org/show_bug.cgi?id=164340
3221         <rdar://problem/29074344>
3222
3223         Reviewed by Tim Horton.
3224
3225         To give WebKit a chance to deliver the painting milestones to its client after the commit,
3226         we must tell it about them before or during the commit. To that end, we should not defer
3227         the call to firePaintRelatedMilestonesIfNeeded until after the commit.
3228
3229         * rendering/RenderLayerCompositor.cpp:
3230         (WebCore::RenderLayerCompositor::RenderLayerCompositor): Removed
3231           m_paintRelatedMilestonesTimer initializer.
3232         (WebCore::RenderLayerCompositor::didPaintBacking): Call
3233           FrameView::firePaintRelatedMilestonesIfNeeded directly from here.
3234         (WebCore::RenderLayerCompositor::paintRelatedMilestonesTimerFired): Deleted.
3235         * rendering/RenderLayerCompositor.h:
3236
3237 2016-11-03  Antti Koivisto  <antti@apple.com>
3238
3239         imported/mozilla/svg/paint-order-01.svg and imported/mozilla/svg/paint-order-02.svg are flaky failures
3240         https://bugs.webkit.org/show_bug.cgi?id=164355
3241
3242         Reviewed by Ryosuke Niwa.
3243
3244         Revert one change from https://trac.webkit.org/changeset/207669 to see if it is causing flakiness in
3245         some XML based tests.
3246
3247         * xml/parser/XMLDocumentParser.cpp:
3248         (WebCore::XMLDocumentParser::end):
3249
3250 2016-11-02  Yusuke Suzuki  <utatane.tea@gmail.com>
3251
3252         Unreviewed, fix CLoop build after r208320.
3253         https://bugs.webkit.org/show_bug.cgi?id=162980
3254
3255         Guard with ENABLE(JIT).
3256
3257         * bindings/scripts/CodeGeneratorJS.pm:
3258         (GenerateImplementation):
3259         * bindings/scripts/test/JS/JSTestDOMJIT.cpp:
3260
3261 2016-11-02  Brady Eidson  <beidson@apple.com>
3262
3263         Expand upon IndexedDB status in features.json.
3264         
3265         * features.json:
3266
3267 2016-11-02  Myles C. Maxfield  <mmaxfield@apple.com>
3268
3269         CSS.supports("font-variation-settings", "'wght' 500") erroneously returns false
3270         https://bugs.webkit.org/show_bug.cgi?id=164244
3271
3272         Reviewed by Michael Catanzaro.
3273
3274         Because we weren't passing a Document into CSSParserContext's constructor,
3275         there was no way for our parser to know whether the runtime switch was on
3276         or not. Instead, we can use the CallWith attribute in the IDL file to pass
3277         in a Document.
3278
3279         Test: fast/text/variations/css-supports-runtime-switch.html
3280
3281         * css/DOMCSSNamespace.cpp:
3282         (WebCore::DOMCSSNamespace::supports):
3283         * css/DOMCSSNamespace.h:
3284         * css/DOMCSSNamespace.idl:
3285
3286 2016-11-02  Yusuke Suzuki  <utatane.tea@gmail.com>
3287
3288         [DOMJIT] Add DOMJIT::Signature
3289         https://bugs.webkit.org/show_bug.cgi?id=162980
3290
3291         Reviewed by Saam Barati and Sam Weinig.
3292
3293         We introduce DOMJIT::Signature. This signature object is automatically generated by IDL code generator.
3294         It holds (1) types, (2) pointer to the unsafe function (the function without checks), and (3) the effect
3295         of the function. We use constexpr to initialize DOMJIT::Signature without invoking global constructors.
3296         Thus the content is embedded into the binary as the constant values.
3297
3298         We also clean up the IDL code generator related to DOMJIT part. Instead of switching things inside IDL
3299         code generator, we use C++ template to dispatch things at compile time. This template meta programming
3300         is highly utilized in IDL these days.
3301
3302         To make DOMJIT::Signature constexpr, we also need to define DOMJIT abstract heap things in the build time.
3303         To do so, we introduce a tiny Ruby script to calculate the range of abstract heaps. We can offer the abstract
3304         heap tree as YAML format and the script will produce a C++ header holding the calculated abstract heap ranges
3305
3306         * CMakeLists.txt:
3307         * DerivedSources.make:
3308         * ForwardingHeaders/bytecode/SpeculatedType.h: Renamed from Source/WebCore/domjit/DOMJITAbstractHeapRepository.h.
3309         * ForwardingHeaders/domjit/DOMJITSignature.h: Renamed from Source/WebCore/domjit/DOMJITAbstractHeapRepository.cpp.
3310         * WebCore.xcodeproj/project.pbxproj:
3311         * bindings/js/JSDOMGlobalObject.h:
3312         * bindings/scripts/CodeGeneratorJS.pm:
3313         (GenerateHeader):
3314         (GeneratePropertiesHashTable):
3315         (GetUnsafeArgumentType):
3316         (GetArgumentTypeFilter):
3317         (GetResultTypeFilter):
3318         (GenerateImplementation):
3319         (UnsafeToNative):
3320         (GenerateHashTableValueArray):
3321         (ComputeFunctionSpecial):
3322         * bindings/scripts/IDLAttributes.txt:
3323         * bindings/scripts/test/JS/JSTestDOMJIT.cpp:
3324         (WebCore::BindingCaller<JSTestDOMJIT>::castForOperation):
3325         (WebCore::TestDOMJITAnyAttrDOMJIT::TestDOMJITAnyAttrDOMJIT):
3326         (WebCore::TestDOMJITBooleanAttrDOMJIT::TestDOMJITBooleanAttrDOMJIT):
3327         (WebCore::TestDOMJITByteAttrDOMJIT::TestDOMJITByteAttrDOMJIT):
3328         (WebCore::TestDOMJITOctetAttrDOMJIT::TestDOMJITOctetAttrDOMJIT):
3329         (WebCore::TestDOMJITShortAttrDOMJIT::TestDOMJITShortAttrDOMJIT):
3330         (WebCore::TestDOMJITUnsignedShortAttrDOMJIT::TestDOMJITUnsignedShortAttrDOMJIT):
3331         (WebCore::TestDOMJITLongAttrDOMJIT::TestDOMJITLongAttrDOMJIT):
3332         (WebCore::TestDOMJITUnsignedLongAttrDOMJIT::TestDOMJITUnsignedLongAttrDOMJIT):
3333         (WebCore::TestDOMJITLongLongAttrDOMJIT::TestDOMJITLongLongAttrDOMJIT):
3334         (WebCore::TestDOMJITUnsignedLongLongAttrDOMJIT::TestDOMJITUnsignedLongLongAttrDOMJIT):
3335         (WebCore::TestDOMJITFloatAttrDOMJIT::TestDOMJITFloatAttrDOMJIT):
3336         (WebCore::TestDOMJITUnrestrictedFloatAttrDOMJIT::TestDOMJITUnrestrictedFloatAttrDOMJIT):
3337         (WebCore::TestDOMJITDoubleAttrDOMJIT::TestDOMJITDoubleAttrDOMJIT):
3338         (WebCore::TestDOMJITUnrestrictedDoubleAttrDOMJIT::TestDOMJITUnrestrictedDoubleAttrDOMJIT):
3339         (WebCore::TestDOMJITDomStringAttrDOMJIT::TestDOMJITDomStringAttrDOMJIT):
3340         (WebCore::TestDOMJITByteStringAttrDOMJIT::TestDOMJITByteStringAttrDOMJIT):
3341         (WebCore::TestDOMJITUsvStringAttrDOMJIT::TestDOMJITUsvStringAttrDOMJIT):
3342         (WebCore::TestDOMJITNodeAttrDOMJIT::TestDOMJITNodeAttrDOMJIT):
3343         (WebCore::TestDOMJITBooleanNullableAttrDOMJIT::TestDOMJITBooleanNullableAttrDOMJIT):
3344         (WebCore::TestDOMJITByteNullableAttrDOMJIT::TestDOMJITByteNullableAttrDOMJIT):
3345         (WebCore::TestDOMJITOctetNullableAttrDOMJIT::TestDOMJITOctetNullableAttrDOMJIT):
3346         (WebCore::TestDOMJITShortNullableAttrDOMJIT::TestDOMJITShortNullableAttrDOMJIT):
3347         (WebCore::TestDOMJITUnsignedShortNullableAttrDOMJIT::TestDOMJITUnsignedShortNullableAttrDOMJIT):
3348         (WebCore::TestDOMJITLongNullableAttrDOMJIT::TestDOMJITLongNullableAttrDOMJIT):
3349         (WebCore::TestDOMJITUnsignedLongNullableAttrDOMJIT::TestDOMJITUnsignedLongNullableAttrDOMJIT):
3350         (WebCore::TestDOMJITLongLongNullableAttrDOMJIT::TestDOMJITLongLongNullableAttrDOMJIT):
3351         (WebCore::TestDOMJITUnsignedLongLongNullableAttrDOMJIT::TestDOMJITUnsignedLongLongNullableAttrDOMJIT):
3352         (WebCore::TestDOMJITFloatNullableAttrDOMJIT::TestDOMJITFloatNullableAttrDOMJIT):
3353         (WebCore::TestDOMJITUnrestrictedFloatNullableAttrDOMJIT::TestDOMJITUnrestrictedFloatNullableAttrDOMJIT):
3354         (WebCore::TestDOMJITDoubleNullableAttrDOMJIT::TestDOMJITDoubleNullableAttrDOMJIT):
3355         (WebCore::TestDOMJITUnrestrictedDoubleNullableAttrDOMJIT::TestDOMJITUnrestrictedDoubleNullableAttrDOMJIT):
3356         (WebCore::TestDOMJITDomStringNullableAttrDOMJIT::TestDOMJITDomStringNullableAttrDOMJIT):
3357         (WebCore::TestDOMJITByteStringNullableAttrDOMJIT::TestDOMJITByteStringNullableAttrDOMJIT):
3358         (WebCore::TestDOMJITUsvStringNullableAttrDOMJIT::TestDOMJITUsvStringNullableAttrDOMJIT):
3359         (WebCore::TestDOMJITNodeNullableAttrDOMJIT::TestDOMJITNodeNullableAttrDOMJIT):
3360         (WebCore::jsTestDOMJITPrototypeFunctionGetAttribute):
3361         (WebCore::jsTestDOMJITPrototypeFunctionGetAttributeCaller):
3362         (WebCore::unsafeJsTestDOMJITPrototypeFunctionGetAttribute):
3363         (WebCore::jsTestDOMJITPrototypeFunctionItem):
3364         (WebCore::jsTestDOMJITPrototypeFunctionItemCaller):
3365         (WebCore::unsafeJsTestDOMJITPrototypeFunctionItem):
3366         (WebCore::jsTestDOMJITPrototypeFunctionHasAttribute):
3367         (WebCore::jsTestDOMJITPrototypeFunctionHasAttributeCaller):
3368         (WebCore::unsafeJsTestDOMJITPrototypeFunctionHasAttribute):
3369         (WebCore::jsTestDOMJITPrototypeFunctionGetElementById):
3370         (WebCore::jsTestDOMJITPrototypeFunctionGetElementByIdCaller):
3371         (WebCore::unsafeJsTestDOMJITPrototypeFunctionGetElementById):
3372         (WebCore::jsTestDOMJITPrototypeFunctionGetElementsByName):
3373         (WebCore::jsTestDOMJITPrototypeFunctionGetElementsByNameCaller):
3374         (WebCore::unsafeJsTestDOMJITPrototypeFunctionGetElementsByName):
3375         * bindings/scripts/test/TestDOMJIT.idl:
3376         * dom/Element.idl:
3377         * domjit/DOMJITAbstractHeapRepository.yaml: Added.
3378         * domjit/DOMJITIDLConvert.h: Added.
3379         (WebCore::DOMJIT::DirectConverter<IDLDOMString>::directConvert<StringConversionConfiguration::Normal>):
3380         * domjit/DOMJITIDLType.h: Added.
3381         * domjit/DOMJITIDLTypeFilter.h: Added.
3382         * domjit/JSDocumentDOMJIT.cpp:
3383         (WebCore::DocumentDocumentElementDOMJIT::callDOMGetter):
3384         * domjit/JSNodeDOMJIT.cpp:
3385         (WebCore::NodeFirstChildDOMJIT::callDOMGetter):
3386         (WebCore::NodeLastChildDOMJIT::callDOMGetter):
3387         (WebCore::NodeNextSiblingDOMJIT::callDOMGetter):
3388         (WebCore::NodePreviousSiblingDOMJIT::callDOMGetter):
3389         (WebCore::NodeParentNodeDOMJIT::callDOMGetter):
3390         (WebCore::NodeOwnerDocumentDOMJIT::callDOMGetter):
3391         * domjit/generate-abstract-heap.rb: Added.
3392
3393 2016-11-02  Simon Fraser  <simon.fraser@apple.com>
3394
3395         Followup after r208314.
3396
3397         The style created for reflections contains transforms and a mask, so needs to get explicit
3398         z-index on it. This doesn't change rendering, since this layer has no children.
3399
3400         Fixes assertions in various reflection tests.
3401
3402         * rendering/RenderLayer.cpp:
3403         (WebCore::RenderLayer::calculateClipRects):
3404
3405 2016-11-02  Simon Fraser  <simon.fraser@apple.com>
3406
3407         REGRESSION (r208025) GraphicsContext state stack assertions loading webkit.org
3408         https://bugs.webkit.org/show_bug.cgi?id=164350
3409         rdar://problem/29053414
3410
3411         Reviewed by Dean Jackson.
3412
3413         After r208025 it as possible for KeyframeAnimation::animate() to produce a RenderStyle
3414         with a non-1 opacity, but without the explicit z-index that triggers stacking context.
3415         This confused the RenderLayer paintWithTransparency code, triggering mismsatched GraphicsContext
3416         save/restores.
3417
3418         This occurred when the runningOrFillingForwards state was mis-computed. keyframeAnim->animate()
3419         can spit out a new style when in the StartWaitTimer sometimes, so "!keyframeAnim->waitingToStart() && !keyframeAnim->postActive()"
3420         gave the wrong answser.
3421
3422         Rather than depend on the super-confusing animation state, use a bool out param from animate() to say
3423         when it actually produced a new style, and when true, do the setZIndex(0).
3424
3425         Test: animations/stacking-during-opacity-animation.html
3426
3427         * page/animation/AnimationBase.h:
3428         * page/animation/CSSPropertyAnimation.cpp:
3429         (WebCore::CSSPropertyAnimation::blendProperties): Log after blending so the log shows the blended style.
3430         * page/animation/CompositeAnimation.cpp:
3431         (WebCore::CompositeAnimation::animate):
3432         * page/animation/ImplicitAnimation.cpp:
3433         (WebCore::ImplicitAnimation::animate):
3434         * page/animation/ImplicitAnimation.h:
3435         * page/animation/KeyframeAnimation.cpp:
3436         (WebCore::KeyframeAnimation::animate):
3437         * page/animation/KeyframeAnimation.h:
3438         * platform/graphics/GraphicsContext.cpp:
3439         (WebCore::GraphicsContext::restore):
3440         * platform/graphics/ca/cocoa/PlatformCALayerCocoa.mm:
3441         (PlatformCALayer::drawLayerContents): No functional change, but created scope for the
3442         GraphicsContext so that it didn't outlive the CGContextRestoreGState(context).
3443         * rendering/RenderLayer.cpp:
3444         (WebCore::RenderLayer::beginTransparencyLayers): New assertion that catches the problem earlier.
3445
3446 2016-11-02  Myles C. Maxfield  <mmaxfield@apple.com>
3447
3448         [iOS] [WebGL] Multisample resolve step may operate on stale data
3449         https://bugs.webkit.org/show_bug.cgi?id=164347
3450
3451         Reviewed by Dean Jackson.
3452
3453         When antialiasing is enabled, WebKit internally creates a multisampled FBO
3454         and uses that as the target of all the drawing commands. Then, just before
3455         we actually put the image on the glass, we perform a “resolve” step which
3456         averages all the samples to create the final image. However, it appears
3457         that this resolve step only waits for commands to complete which were
3458         already submitted to the hardware. OpenGL is allowed (indeed, expected) to
3459         batch up drawing commands in main memory so it can submit them to the
3460         hardware in fewer batches, but this means that the hardware may not know
3461         about all the commands that the application submitted. Because of this,
3462         the data the resolve step saw is the result of only some of the previous
3463         draw calls - not all of them.
3464
3465         This doesn’t occur on macOS because we have a different code path there
3466         for performing the resolve step. On iOS 9 and below, WebKit didn’t
3467         implement multisampling in WebGL at all, which explains why this only
3468         occurs on iOS 10. 
3469
3470         Luckily, the OpenGL command glFlush() is exactly designed to submit any
3471         pending commands to the hardware.
3472
3473         Test: fast/canvas/webgl/multisample-resolve-consistency.html
3474
3475         * platform/graphics/opengl/GraphicsContext3DOpenGL.cpp:
3476         (WebCore::GraphicsContext3D::resolveMultisamplingIfNecessary):
3477
3478 2016-11-02  Brady Eidson  <beidson@apple.com>
3479
3480         Give IDBKey(Data) a WTF::Variant overhaul.
3481         https://bugs.webkit.org/show_bug.cgi?id=164332
3482
3483         Reviewed by Alex Christensen and Andy Estes.
3484
3485         No new tests (Refactor, no behavior change).
3486
3487         * Modules/indexeddb/IDBKey.cpp:
3488         (WebCore::IDBKey::IDBKey):
3489         (WebCore::IDBKey::isValid):
3490         (WebCore::IDBKey::compare):
3491         * Modules/indexeddb/IDBKey.h:
3492         (WebCore::IDBKey::array):
3493         (WebCore::IDBKey::string):
3494         (WebCore::IDBKey::date):
3495         (WebCore::IDBKey::number):
3496         (WebCore::IDBKey::IDBKey): Deleted.
3497
3498         * Modules/indexeddb/IDBKeyData.cpp:
3499         (WebCore::IDBKeyData::IDBKeyData):
3500         (WebCore::IDBKeyData::maybeCreateIDBKey):
3501         (WebCore::IDBKeyData::isolatedCopy):
3502         (WebCore::IDBKeyData::encode):
3503         (WebCore::IDBKeyData::decode):
3504         (WebCore::IDBKeyData::compare):
3505         (WebCore::IDBKeyData::loggingString):
3506         (WebCore::IDBKeyData::setArrayValue):
3507         (WebCore::IDBKeyData::setStringValue):
3508         (WebCore::IDBKeyData::setDateValue):
3509         (WebCore::IDBKeyData::setNumberValue):
3510         (WebCore::IDBKeyData::operator==):
3511         * Modules/indexeddb/IDBKeyData.h:
3512         (WebCore::IDBKeyData::hash):
3513         (WebCore::IDBKeyData::string):
3514         (WebCore::IDBKeyData::date):
3515         (WebCore::IDBKeyData::number):
3516         (WebCore::IDBKeyData::array):
3517         (WebCore::IDBKeyData::encode):
3518         (WebCore::IDBKeyData::decode):
3519
3520 2016-11-01  Sam Weinig  <sam@webkit.org>
3521
3522         [WebIDL] Move interfaces and typed arrays over to JSDOMConvert
3523         https://bugs.webkit.org/show_bug.cgi?id=164256
3524
3525         Reviewed by Alex Christensen.
3526
3527         - Add the ability to pass an "exception thrower" functor to the convert functions.
3528           This is only implemented for convert<IDLInterface<T>> and convert<IDLNullable<IDLInterface<T>>>
3529           for now, but can be extended for more types as necessary to improve exception messages.
3530         - Add support for using toJSNewlyCreated in JSDOMConvert.
3531
3532         * bindings/generic/IDLTypes.h:
3533         (WebCore::IDLString::extractValueFromNullable):
3534         Use forwarding to simplify extraction function.
3535
3536         (WebCore::IDLInterface::nullValue):
3537         Update nullValue to work for both RefPtr<T> and T*.
3538
3539         (WebCore::IDLInterface::extractValueFromNullable):
3540         Use forwarding to simplify extraction function.
3541
3542         * bindings/js/JSDOMConvert.h:
3543         (WebCore::DefaultExceptionThrower::operator()):
3544         Add a default "exception thrower" which throws a normal type error.
3545
3546         (WebCore::convert):
3547         Add an overload of convert which takes an "exception thrower".
3548
3549         (WebCore::toJSNewlyCreated):
3550         Add new overloaded function toJSNewlyCreated, matching the toJS overload set,
3551         which will return "newly created" values. This only works for types that implement
3552         a toJSNewlyCreated function for themselves.
3553
3554         (WebCore::Converter<IDLNullable<T>>::convert):
3555         Fix the return type of Converter<IDLNullable<T>> to be specialized when
3556         T is an IDLInterface. In that case, we want to match the return type of
3557         inner converter.
3558         
3559         Also add implementation of convert overload that takes an "exception thrower".
3560
3561         (WebCore::JSConverter<IDLNullable<T>>::convert):
3562         (WebCore::JSConverter<IDLNullable<T>>::convertNewlyCreated):
3563         Reimplement conversion to use forwarding of the value.
3564
3565         (WebCore::Converter<IDLInterface<T>>::convert):
3566         Add support for an "exception thrower".
3567
3568         (WebCore::Detail::getPtrOrRef):
3569         Add helper functions that extract either a pointer or reference, depending on the type,
3570         and const_casts it allowing the value to be used with toJS functions.
3571
3572         (WebCore::JSConverter<IDLInterface<T>>::convert):
3573         Re-implement to support more varied input values.
3574
3575         (WebCore::JSConverter<IDLInterface<T>>::convertNewlyCreated):
3576         Added. Forwards to overloaded toJSNewlyCreated functions.
3577
3578         * bindings/scripts/CodeGeneratorJS.pm:
3579         (AddToImplIncludesForIDLType):
3580         Add support for adding the right includes for SerializedScriptValue and Dictionary.
3581
3582         (GetArgumentExceptionThrower):
3583         (GetAttributeExceptionThrower):
3584         Add helpers to generate "exception thrower" lambdas for wrappers and typed arrays
3585         being passed to setters and functions.
3586
3587         (GenerateParametersCheck):
3588         Move around special cases so it is clear that it's not wrappers and typed arrays that
3589         need specialization here, it is now just EventListener and XPathNSResolver.
3590
3591         (GetIDLInterfaceName):
3592         Add helper to get the InterfaceName for use in IDLInterface template.
3593
3594         (GetBaseIDLType):
3595         Use new GetIDLInterfaceName helper.
3596
3597         (IsValidContextForJSValueToNative):
3598         Remove IDLOperation as a valid context. It is not.
3599
3600         (JSValueToNative):
3601         Move JSDOMConvert based conversion to the bottom, to show that everything above it
3602         is a special case that should be fixed. I have used explicit c-style if-statements
3603         to make it clear what the types of the exceptional cases are.
3604
3605         (NativeToJSValueDOMConvertNeedsState):
3606         (NativeToJSValueDOMConvertNeedsGlobalObject):
3607         Add wrapper types and typed arrays to the list needing state and globalObject.
3608
3609         (NativeToJSValue):
3610         Move JSDOMConvert based conversion to the bottom, to show that everything above it
3611         is a special case that should be fixed. I have used explicit c-style if-statements
3612         to make it clear what the types of the exceptional cases are.
3613
3614         (JSValueToNativeIsHandledByDOMConvert): Deleted.
3615         (NativeToJSValueIsHandledByDOMConvert): Deleted.
3616         Remove predicates protecting use of JSDOMConvert now that it is the default.
3617
3618         * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
3619         * bindings/scripts/test/JS/JSTestCEReactions.cpp:
3620         * bindings/scripts/test/JS/JSTestCallback.cpp:
3621         * bindings/scripts/test/JS/JSTestCallbackFunction.cpp:
3622         * bindings/scripts/test/JS/JSTestDOMJIT.cpp:
3623         * bindings/scripts/test/JS/JSTestEventTarget.cpp:
3624         * bindings/scripts/test/JS/JSTestInterface.cpp:
3625         * bindings/scripts/test/JS/JSTestObj.cpp:
3626         * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
3627         * bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp:
3628         * bindings/scripts/test/JS/JSTestSerialization.cpp:
3629         * bindings/scripts/test/JS/JSTestTypedefs.cpp:
3630         Update test results.
3631
3632 2016-11-02  David Kilzer  <ddkilzer@apple.com>
3633
3634         Bug 164333: Add logging for "WebKit encountered an internal error" messages due to Network process crashes
3635         <https://webkit.org/b/164333>
3636         <rdar://problem/29072727>
3637
3638         Reviewed by Alex Christensen.
3639
3640         * page/DiagnosticLoggingKeys.cpp:
3641         (WebCore::DiagnosticLoggingKeys::networkProcessCrashedKey):
3642         - Add implementation for new key method.
3643         * page/DiagnosticLoggingKeys.h:
3644         (WebCore::DiagnosticLoggingKeys::networkProcessCrashedKey):
3645         - Add declaration for new key method.
3646
3647 2016-11-02  Filip Pizlo  <fpizlo@apple.com>
3648
3649         The GC should be in a thread
3650         https://bugs.webkit.org/show_bug.cgi?id=163562
3651
3652         Reviewed by Geoffrey Garen and Andreas Kling.
3653
3654         No new tests because existing tests cover this.
3655         
3656         We now need to be more careful about using JSLock. This fixes some places that were not
3657         holding it. New assertions in the GC are more likely to catch this than before.
3658
3659         * bindings/js/WorkerScriptController.cpp:
3660         (WebCore::WorkerScriptController::WorkerScriptController):
3661
3662 2016-11-02  Joseph Pecoraro  <pecoraro@apple.com>
3663
3664         Web Inspector: Include DebuggerAgent in Workers - see, pause, and step through scripts
3665         https://bugs.webkit.org/show_bug.cgi?id=164136
3666         <rdar://problem/29028462>
3667
3668         Reviewed by Brian Burg.
3669
3670         Tests: inspector/worker/debugger-pause.html
3671                inspector/worker/debugger-scripts.html
3672
3673         * CMakeLists.txt:
3674         * WebCore.xcodeproj/project.pbxproj:
3675         * inspector/InspectorAllInOne.cpp:
3676         New file.
3677
3678         * inspector/PageDebuggerAgent.h:
3679         * inspector/WorkerDebuggerAgent.cpp: Added.
3680         (WebCore::WorkerDebuggerAgent::WorkerDebuggerAgent):
3681         (WebCore::WorkerDebuggerAgent::~WorkerDebuggerAgent):
3682         (WebCore::WorkerDebuggerAgent::breakpointActionLog):
3683         (WebCore::WorkerDebuggerAgent::injectedScriptForEval):
3684         * inspector/WorkerDebuggerAgent.h: Added.
3685         DebuggerAgent customizations for Workers.
3686
3687         * inspector/WorkerInspectorController.cpp:
3688         (WebCore::WorkerInspectorController::WorkerInspectorController):
3689         Add the new agent.
3690
3691         * inspector/WorkerScriptDebugServer.cpp:
3692         (WebCore::WorkerScriptDebugServer::runEventLoopWhilePaused):
3693         Implement the nested run loop for Workers.
3694
3695 2016-11-02  Simon Fraser  <simon.fraser@apple.com>
3696
3697         Add Battery Status to features.json, marked as "Removed".
3698
3699         * features.json:
3700
3701 2016-11-02  Ryosuke Niwa  <rniwa@webkit.org>
3702
3703         Load stylesheets in link elements inside a connected shadow tree
3704         https://bugs.webkit.org/show_bug.cgi?id=160683
3705         <rdar://problem/29040652>
3706
3707         Reviewed by Antti Koivisto.
3708
3709         Allow external stylesheets within a shadow tree by storing the appropriate style scope in HTMLLinkElement
3710         when it's connected to a document instead of always talking to document's style scope.
3711
3712         Also improve ShadowRoot's insertedInto and removedFrom so that they only try to add and remove itself from
3713         m_inDocumentShadowRoots when the connected-ness changes.
3714
3715         This patch also removes the superfluous call to notifyChildNodeRemoved in Element::removeShadowRoot to
3716         avoid invoking notifyChildNodeRemoved during a document teardown, which is incorrect. It's sufficient that
3717         ~ShadowRoot calls ContainerNode::removeDetachedChildren(), and in turn removeDetachedChildrenInContainer()
3718         since the latter function tears down nodes via the deletion queue during a document destruction and use
3719         notifyChildNodeRemoved() on nodes that outlive the shadow root.
3720
3721         Tests: fast/shadow-dom/link-element-in-shadow-tree.html
3722                fast/shadow-dom/selected-stylesheet-in-shadow-tree.html
3723
3724        * dom/Document.cpp:
3725        (WebCore::Document::didInsertInDocumentShadowRoot): Assert that the shadow root is not in the set.
3726        (WebCore::Document::didRemoveInDocumentShadowRoot): Assert that the shadow root is not in the document as
3727        this function is now called after Node::removedFrom in ShadowRoot::removedFrom.
3728        * dom/Element.cpp:
3729        (WebCore::Element::removeShadowRoot): See the description above.
3730        * dom/ShadowRoot.cpp:
3731        (WebCore::ShadowRoot::insertedInto): Only call didInsertInDocumentShadowRoot when the this shadow root is
3732        newly connected to a document so we can add assertions in didInsertInDocumentShadowRoot.
3733        (WebCore::ShadowRoot::removedFrom): Ditto for the removal.
3734        * html/HTMLLinkElement.cpp:
3735        (WebCore::HTMLLinkElement::HTMLLinkElement):
3736        (WebCore::HTMLLinkElement::~HTMLLinkElement):
3737        (WebCore::HTMLLinkElement::setDisabledState): Exit early when the element is not in a document as invoking
3738        didChangeActiveStyleSheetCandidates would require having a valid m_styleScope and process() already exits
3739        early when inDocument() is false.
3740        (WebCore::HTMLLinkElement::parseAttribute):
3741        (WebCore::HTMLLinkElement::process): Removed the early exit for when the element is in a shadow tree.
3742        (WebCore::HTMLLinkElement::insertedInto): Exit early unless this element has just become connected to
3743        a document instead of whenever its self-inclusive ancestor is inserted into a container.
3744        (WebCore::HTMLLinkElement::removedFrom): Ditto for removal. Also call removeStyleSheetCandidateNode after
3745        calling removePendingSheet since the latter depends on m_styleScope being not null.
3746        (WebCore::HTMLLinkElement::addPendingSheet):
3747        (WebCore::HTMLLinkElement::removePendingSheet):
3748        * html/HTMLLinkElement.h:
3749        * html/HTMLStyleElement.cpp:
3750        (WebCore::HTMLStyleElement::insertedInto): Only call inline style owner's insertedIntoDocument if this
3751        element has just become connected to a document.
3752        (WebCore::HTMLStyleElement::removedFrom): Ditto for the removal.
3753        * style/StyleScope.h:
3754        * svg/SVGStyleElement.cpp:
3755        (WebCore::SVGStyleElement::insertedInto): Ditto.
3756        (WebCore::SVGStyleElement::removedFrom): Ditto for the removal.
3757
3758 2016-11-02  Dave Hyatt  <hyatt@apple.com>
3759
3760         [CSS Parser] Clean up new parser's grid layout ifdefs/runtime checking
3761         https://bugs.webkit.org/show_bug.cgi?id=164341
3762
3763         Reviewed by Dean Jackson.
3764
3765         * css/parser/CSSPropertyParser.cpp:
3766         (WebCore::consumeGridTrackRepeatFunction):
3767         (WebCore::consumeGridTrackList):
3768         (WebCore::CSSPropertyParser::parseSingleValue):
3769
3770 2016-11-02  Alex Christensen  <achristensen@webkit.org>
3771
3772         Remove Battery Status API from the tree
3773         https://bugs.webkit.org/show_bug.cgi?id=164213
3774
3775         Reviewed by Sam Weinig.
3776
3777         * CMakeLists.txt:
3778         * DerivedSources.cpp:
3779         * Modules/battery: Removed.
3780         * Modules/battery/BatteryClient.h: Removed.
3781         * Modules/battery/BatteryController.cpp: Removed.
3782         * Modules/battery/BatteryController.h: Removed.
3783         * Modules/battery/BatteryManager.cpp: Removed.
3784         * Modules/battery/BatteryManager.h: Removed.
3785         * Modules/battery/BatteryManager.idl: Removed.
3786         * Modules/battery/BatteryStatus.cpp: Removed.
3787         * Modules/battery/BatteryStatus.h: Removed.
3788         * Modules/battery/NavigatorBattery.cpp: Removed.
3789         * Modules/battery/NavigatorBattery.h: Removed.
3790         * Modules/battery/NavigatorBattery.idl: Removed.
3791         * PlatformEfl.cmake:
3792         * dom/EventTargetFactory.in:
3793         * platform/efl/BatteryProviderEfl.cpp: Removed.
3794         * platform/efl/BatteryProviderEfl.h: Removed.
3795         * platform/efl/BatteryProviderEflClient.h: Removed.
3796         * platform/glib/BatteryProviderUPower.cpp: Removed.
3797         * platform/glib/BatteryProviderUPower.h: Removed.
3798         * platform/glib/BatteryProviderUPowerClient.h: Removed.
3799         * testing/Internals.cpp:
3800         (WebCore::Internals::setBatteryStatus): Deleted.
3801         * testing/Internals.h:
3802         * testing/Internals.idl:
3803
3804 2016-11-02  Keith Rollin  <krollin@apple.com>
3805
3806         NetworkSession: Add NetworkDataTask implementation for blobs
3807         https://bugs.webkit.org/show_bug.cgi?id=163939
3808
3809         Reviewed by Alex Christensen.
3810
3811         * WebCore.xcodeproj/project.pbxproj: Mark HTTPParsers.h and AsyncFileStream.h as private.
3812         * fileapi/AsyncFileStream.h: Add WEBCORE_EXPORT to AsyncFileStream class.
3813         * platform/network/BlobData.h: Add WEBCORE_EXPORT to length().
3814         * platform/network/HTTPParsers.h: Add WEBCORE_EXPORT to parseRange().
3815         * platform/network/ResourceResponseBase.h: Add WEBCORE_EXPORT to setHTTPHeaderField().
3816
3817 2016-11-02  Olivier Blin  <olivier.blin@softathome.com>
3818
3819         [GTK] Use libgcrypt instead of GnuTLS for CryptoDigest and SubtleCrypto HMAC implementation
3820         https://bugs.webkit.org/show_bug.cgi?id=163125
3821
3822         Reviewed by Michael Catanzaro.
3823
3824         No new tests, already covered by existing SubtleCrypto tests.
3825
3826         * PlatformGTK.cmake: Use libgcrypt instead of gnutls.
3827         * crypto/gcrypt/CryptoAlgorithmHMACGCrypt.cpp: Added. Adapted from the GnuTLS backend.
3828         (WebCore::getGCryptDigestAlgorithm):
3829         (WebCore::calculateSignature):
3830         (WebCore::CryptoAlgorithmHMAC::platformSign):
3831         (WebCore::CryptoAlgorithmHMAC::platformVerify):
3832         * platform/crypto/gcrypt/CryptoDigestGCrypt.cpp: Added. Adapted from the GnuTLS backend.
3833         (WebCore::CryptoDigest::CryptoDigest):
3834         (WebCore::CryptoDigest::~CryptoDigest):
3835         (WebCore::CryptoDigest::create):
3836         (WebCore::CryptoDigest::addBytes):
3837         (WebCore::CryptoDigest::computeHash):
3838
3839 2016-11-02  Brent Fulgham  <bfulgham@apple.com>
3840
3841         REGRESSION(r203289):Assertion in MathOperator::stretchTo() on Wikipedia Page
3842         https://bugs.webkit.org/show_bug.cgi?id=162933
3843         <rdar://problem/28570590>
3844
3845         Reviewed by Dean Jackson.
3846
3847         A debug assertion is triggered when an empty <mo> tag is used with a "stretchy" flag.
3848
3849         We shouldn't be trying to apply stretch operations on an empty MathML element. Create a
3850         helper function (isStretchy) to encapsulate the fact that only non-empty elements with
3851         the 'MathMLOperatorDictionary::Stretchy' operator flag should have stretching applied.
3852
3853         Test: mathml/empty-mo.html
3854
3855         * rendering/mathml/RenderMathMLOperator.cpp:
3856         (WebCore::RenderMathMLOperator::stretchTo): Revise assertion to use new 'isStretchy' predicate.
3857         * rendering/mathml/RenderMathMLOperator.h:
3858         (WebCore::RenderMathMLOperator::isStretchy): Added.
3859         * rendering/mathml/RenderMathMLRow.cpp:
3860         (WebCore::RenderMathMLRow::computeLineVerticalStretch): Use new 'isStretchy' predicate.
3861         (WebCore::RenderMathMLRow::layoutRowItems): Ditto.
3862         * rendering/mathml/RenderMathMLUnderOver.cpp:
3863         (WebCore::RenderMathMLUnderOver::computeOperatorsHorizontalStretch): Ditto.
3864         (WebCore::RenderMathMLUnderOver::verticalParameters): Ditto.
3865
3866 2016-11-01  Dean Jackson  <dino@apple.com>
3867
3868         Filter functions grayscale/invert/opacity/sepia should clamp values over 100%, not fail
3869         https://bugs.webkit.org/show_bug.cgi?id=164310
3870
3871         Reviewed by Sam Weinig.
3872
3873         When bringing up the new CSS parser, I discovered that our old parser was
3874         not conforming to the specification.
3875
3876         Covered by existing tests.
3877
3878         * css/parser/CSSParser.cpp:
3879         (WebCore::CSSParser::parseBuiltinFilterArguments): For these functions, clamp to
3880         100% rather than fail.
3881
3882 2016-11-02  Brent Fulgham  <bfulgham@apple.com>
3883
3884         WebKit nullptr dereference Archive Subframe
3885         https://bugs.webkit.org/show_bug.cgi?id=164281
3886         <rdar://problem/28943006>
3887
3888         Reviewed by Andy Estes.
3889
3890         If the page is torn down during a load, we can attempt to use a deallocated
3891         (and nulled) document loader. Most places that use the "active document loader"
3892         null-check it before using, but there was one place that did not. This patch
3893         fixes that oversight.
3894
3895         Test: fast/dom/crash-with-bad-url.html
3896
3897         * loader/FrameLoader.cpp:
3898         (WebCore::FrameLoader::loadURLIntoChildFrame): Check that the active document
3899         loader is non-null before using.
3900
3901 2016-11-02  Dave Hyatt  <hyatt@apple.com>
3902
3903         [CSS Parser] Support scroll-snap-* properties
3904         https://bugs.webkit.org/show_bug.cgi?id=164321
3905
3906         Reviewed by Simon Fraser.
3907
3908         * css/CSSPrimitiveValue.h:
3909         * css/StyleBuilderConverter.h:
3910         (WebCore::StyleBuilderConverter::convertScrollSnapPoints):
3911         (WebCore::StyleBuilderConverter::convertSnapCoordinatePair):
3912         (WebCore::StyleBuilderConverter::convertScrollSnapCoordinates):
3913         * css/parser/CSSPropertyParser.cpp:
3914         (WebCore::consumePositionLonghand):
3915         (WebCore::consumePositionX):
3916         (WebCore::consumePositionY):
3917         (WebCore::consumePositionList):
3918         (WebCore::consumeScrollSnapDestination):
3919         (WebCore::consumeScrollSnapPoints):
3920         (WebCore::CSSPropertyParser::parseSingleValue):
3921
3922 2016-11-02  David Kilzer  <ddkilzer@apple.com>
3923
3924         Add logging for "WebKit encountered an internal error" messages
3925         <https://webkit.org/b/164272>
3926         <rdar://problem/28546064>
3927
3928         Reviewed by Alex Christensen.
3929
3930         * page/DiagnosticLoggingKeys.cpp:
3931         (WebCore::DiagnosticLoggingKeys::internalErrorKey):
3932         (WebCore::DiagnosticLoggingKeys::invalidSessionIDKey):
3933         (WebCore::DiagnosticLoggingKeys::createSharedBufferFailedKey):
3934         (WebCore::DiagnosticLoggingKeys::synchronousMessageFailedKey):
3935         - Add implementations for new key methods.
3936
3937         * page/DiagnosticLoggingKeys.h:
3938         (WebCore::DiagnosticLoggingKeys::internalErrorKey):
3939         (WebCore::DiagnosticLoggingKeys::invalidSessionIDKey):
3940         (WebCore::DiagnosticLoggingKeys::createSharedBufferFailedKey):
3941         (WebCore::DiagnosticLoggingKeys::synchronousMessageFailedKey):
3942         - Add declarations for new key methods.
3943
3944 2016-11-02  Zalan Bujtas  <zalan@apple.com>
3945
3946         [Tables] Simplified layout skips captions.
3947         https://bugs.webkit.org/show_bug.cgi?id=164284
3948
3949         Reviewed by David Hyatt.
3950
3951         This patch ensures that we take care of simplified normalflow captions during layout.    
3952
3953         Covered by fast/regions/table-caption-as-region.html
3954
3955         * rendering/RenderTable.cpp:
3956         (WebCore::RenderTable::layoutCaption):
3957         (WebCore::RenderTable::layoutCaptions): _caption_side is 2bits, can't use bitmask. 
3958         (WebCore::RenderTable::simplifiedNormalFlowLayout):
3959         (WebCore::RenderTable::layout):
3960         * rendering/RenderTable.h:
3961
3962 2016-11-02  Youenn Fablet  <youenn@apple.com>
3963
3964         REGRESSION(r207753-207755): ASSERTION FAILED: m_parsedStyleSheetCache->isInMemoryCache()
3965         https://bugs.webkit.org/show_bug.cgi?id=163905
3966
3967         Reviewed by Antti Koivisto.
3968
3969         Covered by existing tests and http/tests/security/cached-cross-origin-shared-css-stylesheet.html
3970
3971         Small refactoring to do more member fields initialization in StyleSheetContents header.
3972         Refactored StyleSheetContents::m_isInMemoryCache to be a counter instead of a boolean.
3973         This allows StyleSheetContents to be linked to several CachedCSSStyleSheets.
3974
3975         * css/StyleSheetContents.cpp:
3976         (WebCore::StyleSheetContents::StyleSheetContents):
3977         (WebCore::StyleSheetContents::addedToMemoryCache):
3978         (WebCore::StyleSheetContents::removedFromMemoryCache):
3979         * css/StyleSheetContents.h:
3980         * loader/cache/CachedCSSStyleSheet.cpp:
3981         (WebCore::CachedCSSStyleSheet::setBodyDataFrom): Making reuse of saveParsedStyleSheet to handle update of StyleSheetContents cache count.
3982
3983 2016-11-02  Carlos Garcia Campos  <cgarcia@igalia.com>
3984