Unreviewed, rolling out r207783.

[WebKit-https.git] / Source / WebCore / ChangeLog

2016-10-24  Ryan Haddad  <ryanhaddad@apple.com>

        Unreviewed, rolling out r207783.

        This change appears to have caused fast/selectors/invalid-
        functional-pseudo-class.html to crash on iOS and macOS

        Reverted changeset:

        "[CSS Parser] Fix :lang argument parsing"
        https://bugs.webkit.org/show_bug.cgi?id=163913
        http://trac.webkit.org/changeset/207783

2016-10-24  Brady Eidson  <beidson@apple.com>

        IndexedDB 2.0: Support new IDBKeyRange interfaces.
        <rdar://problem/28806929> and https://bugs.webkit.org/show_bug.cgi?id=163910

        Reviewed by Andy Estes.

        No new tests (Covered by additions to existing test)

        The "new IDBKeyRanges interfaces" really just means adding the instance method IDBKeyRange.contains.

        * Modules/indexeddb/IDBKeyRange.cpp:
        (WebCore::IDBKeyRange::contains):
        * Modules/indexeddb/IDBKeyRange.h:
        * Modules/indexeddb/IDBKeyRange.idl:

2016-10-23  Yusuke Suzuki  <utatane.tea@gmail.com>

        [DOMJIT] Add a way for DOMJIT::Patchpoint to express effects
        https://bugs.webkit.org/show_bug.cgi?id=163657

        Reviewed by Saam Barati.

        CallDOMPatchpoint now has the way to tell its effects to DFG and FTL compilers.
        WebCore DOMJIT::AbstractHeapRepository will construct the hierarchy of the abstract
        heap. And then it encodes these information into the pairs of the integers.

        And this patch also changes the DOMJIT::PatchpointParams' parameter order.
        So we change them in all the DOMJIT::CallDOMPatchpoint sites.

        * CMakeLists.txt:
        * ForwardingHeaders/domjit/DOMJITAbstractHeap.h: Copied from Source/JavaScriptCore/domjit/DOMJITCallDOMPatchpoint.h.
        * ForwardingHeaders/domjit/DOMJITEffect.h: Copied from Source/JavaScriptCore/domjit/DOMJITCallDOMPatchpoint.h.
        * ForwardingHeaders/domjit/DOMJITHeapRange.h: Copied from Source/JavaScriptCore/domjit/DOMJITCallDOMPatchpoint.h.
        * WebCore.xcodeproj/project.pbxproj:
        * domjit/DOMJITAbstractHeapRepository.cpp: Copied from Source/JavaScriptCore/domjit/DOMJITCallDOMPatchpoint.h.
        (WebCore::DOMJIT::AbstractHeapRepository::AbstractHeapRepository):
        (WebCore::DOMJIT::AbstractHeapRepository::instance):
        * domjit/DOMJITAbstractHeapRepository.h: Copied from Source/JavaScriptCore/domjit/DOMJITCallDOMPatchpoint.h.
        * domjit/DOMJITHelpers.h:
        (WebCore::DOMJITHelpers::branchIfNotWorldIsNormal): Deleted.
        (WebCore::DOMJITHelpers::branchIfNotWeakIsLive): Deleted.
        (WebCore::DOMJITHelpers::tryLookUpWrapperCache): Deleted.
        (WebCore::DOMJITHelpers::toWrapper): Deleted.
        (WebCore::DOMJITHelpers::branchIfDOMWrapper): Deleted.
        (WebCore::DOMJITHelpers::branchIfNotDOMWrapper): Deleted.
        (WebCore::DOMJITHelpers::branchIfNode): Deleted.
        (WebCore::DOMJITHelpers::branchIfNotNode): Deleted.
        (WebCore::DOMJITHelpers::branchIfElement): Deleted.
        (WebCore::DOMJITHelpers::branchIfNotElement): Deleted.
        (WebCore::DOMJITHelpers::branchIfDocumentWrapper): Deleted.
        (WebCore::DOMJITHelpers::branchIfNotDocumentWrapper): Deleted.
        * domjit/JSNodeDOMJIT.cpp:
        (WebCore::createCallDOMForOffsetAccess):
        (WebCore::checkNode):
        (WebCore::NodeFirstChildDOMJIT::checkDOM):
        (WebCore::NodeFirstChildDOMJIT::callDOM):
        (WebCore::NodeLastChildDOMJIT::checkDOM):
        (WebCore::NodeLastChildDOMJIT::callDOM):
        (WebCore::NodeNextSiblingDOMJIT::checkDOM):
        (WebCore::NodeNextSiblingDOMJIT::callDOM):
        (WebCore::NodePreviousSiblingDOMJIT::checkDOM):
        (WebCore::NodePreviousSiblingDOMJIT::callDOM):
        (WebCore::NodeParentNodeDOMJIT::checkDOM):
        (WebCore::NodeParentNodeDOMJIT::callDOM):
        (WebCore::NodeNodeTypeDOMJIT::checkDOM):
        (WebCore::NodeNodeTypeDOMJIT::callDOM):

2016-10-24  Dave Hyatt  <hyatt@apple.com>

        [CSS Parser] Fix :lang argument parsing
        https://bugs.webkit.org/show_bug.cgi?id=163913

        Reviewed by Zalan Bujtas.

        * css/SelectorPseudoClassAndCompatibilityElementMap.in:
        Modify the map to support versions of the function pseudos
        without the left paren included.

        * css/parser/CSSParserValues.cpp:
        (WebCore::CSSParserSelector::setLangArgumentList):
        * css/parser/CSSParserValues.h:
        Add a helper to just directly pass an AtomicString Vector through.

        * css/parser/CSSSelectorParser.cpp:
        (WebCore::consumeLangArgumentList):
        (WebCore::CSSSelectorParser::consumePseudo):
        Add a new consumeLangArgumentList to collect the languages into
        an AtomicString Vector.

2016-10-24  Alex Christensen  <achristensen@webkit.org>

        Fix AppleWin build after r207720.

        * html/canvas/OESVertexArrayObject.cpp:

2016-10-24  Alex Christensen  <achristensen@webkit.org>

        Fix AppleWin build after r207720.

        * bindings/js/JSWebGLRenderingContextBaseCustom.cpp:

2016-10-24  Alex Christensen  <achristensen@webkit.org>

        Fix Windows build after r207767 and r207769

        * css/CSSAllInOne.cpp:
        * platform/network/curl/ResourceHandleManager.cpp:
        (WebCore::getProtectionSpace):

2016-10-24  Per Arne Vollan  <pvollan@apple.com>

        [Win] AVCF based media engine does not block cross-site/cross-domain loads.
        https://bugs.webkit.org/show_bug.cgi?id=163783

        Reviewed by Brent Fulgham.

        Prevent cross-site/cross-domain loads by setting appropriate AVCF options.

        No new tests; covered by media/video-canvas-source.html. Media tests are
        currently skipped on Windows.

        * platform/graphics/avfoundation/cf/AVFoundationCFSoftLinking.h:
        * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.cpp:
        (WebCore::MediaPlayerPrivateAVFoundationCF::resolvedURL):
        (WebCore::MediaPlayerPrivateAVFoundationCF::hasSingleSecurityOrigin):
        (WebCore::AVFWrapper::createAssetForURL):
        * platform/graphics/avfoundation/cf/MediaPlayerPrivateAVFoundationCF.h:

2016-10-24  Anders Carlsson  <andersca@apple.com>

        Fix build with newer versions of clang
        https://bugs.webkit.org/show_bug.cgi?id=163908
        rdar://problem/28852016

        Reviewed by Tim Horton.

        Use the macros that names the soft-linked functions in such a way that they won't conflict with actual functions.

        * platform/ios/PlatformScreenIOS.mm:
        (WebCore::screenIsMonochrome):
        (WebCore::screenHasInvertedColors):
        (WebCore::screenSize):
        (WebCore::availableScreenSize):
        (WebCore::screenScaleFactor):

2016-10-24  Joseph Pecoraro  <pecoraro@apple.com>

        Remove unnecessary unused variable stubs
        https://bugs.webkit.org/show_bug.cgi?id=163688

        Reviewed by Simon Fraser.

        * Modules/applepay/cocoa/PaymentCocoa.mm:
        (WebCore::toDictionary):
        * Modules/applepay/cocoa/PaymentContactCocoa.mm:
        (WebCore::toDictionary):

2016-10-24  Alex Christensen  <achristensen@webkit.org>

        Try to fix Windows build after r207767
        https://bugs.webkit.org/show_bug.cgi?id=163891

        * DerivedSources.cpp:

2016-10-24  Zan Dobersek  <zdobersek@igalia.com>

        [CodeGenerator] Only allow a single interface or standalone dictionary per WebIDL file
        https://bugs.webkit.org/show_bug.cgi?id=163889

        Reviewed by Chris Dumez.

        Assert that there's only one interface or standalone dictionary
        per WebIDL input file, and exit from the generator otherwise.

        This avoids potential linking issues where multiple enumeration
        and dictionary bindings code can be generated if the source
        WebIDL for them is specified in a file that contains multiple
        interfaces or standalone dictionaries.

        Additionally, the generator now also exits if it fails to
        generate code for any interface of standalone dictionary. This
        should avoid processing WebIDL files that are empty in
        substance.

        TestException.idl and TestInterface.idl files have their second
        interfaces removed. In place of those a new testing IDL file is
        added, TestInterfaceLeadingUnderscore.idl. Like the two removed
        interfaces, it tests that the leading underscode in the
        identifier is removed by the generator.

        * bindings/scripts/CodeGenerator.pm:
        (ProcessDocument):
        * bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.cpp: Added.
        (WebCore::JSTestInterfaceLeadingUnderscorePrototype::create):
        (WebCore::JSTestInterfaceLeadingUnderscorePrototype::createStructure):
        (WebCore::JSTestInterfaceLeadingUnderscorePrototype::JSTestInterfaceLeadingUnderscorePrototype):
        (WebCore::JSTestInterfaceLeadingUnderscoreConstructor::prototypeForStructure):
        (WebCore::JSTestInterfaceLeadingUnderscoreConstructor::initializeProperties):
        (WebCore::JSTestInterfaceLeadingUnderscorePrototype::finishCreation):
        (WebCore::JSTestInterfaceLeadingUnderscore::JSTestInterfaceLeadingUnderscore):
        (WebCore::JSTestInterfaceLeadingUnderscore::createPrototype):
        (WebCore::JSTestInterfaceLeadingUnderscore::prototype):
        (WebCore::JSTestInterfaceLeadingUnderscore::destroy):
        (WebCore::BindingCaller<JSTestInterfaceLeadingUnderscore>::castForAttribute):
        (WebCore::jsTestInterfaceLeadingUnderscoreReadonly):
        (WebCore::jsTestInterfaceLeadingUnderscoreReadonlyGetter):
        (WebCore::jsTestInterfaceLeadingUnderscoreConstructor):
        (WebCore::setJSTestInterfaceLeadingUnderscoreConstructor):
        (WebCore::JSTestInterfaceLeadingUnderscore::getConstructor):
        (WebCore::JSTestInterfaceLeadingUnderscoreOwner::isReachableFromOpaqueRoots):
        (WebCore::JSTestInterfaceLeadingUnderscoreOwner::finalize):
        (WebCore::toJSNewlyCreated):
        (WebCore::toJS):
        (WebCore::JSTestInterfaceLeadingUnderscore::toWrapped):
        * bindings/scripts/test/JS/JSTestInterfaceLeadingUnderscore.h: Renamed from Source/WebCore/bindings/scripts/test/JS/JSreadonly.h.
        (WebCore::JSTestInterfaceLeadingUnderscore::create):
        (WebCore::JSTestInterfaceLeadingUnderscore::createStructure):
        (WebCore::JSTestInterfaceLeadingUnderscore::finishCreation):
        (WebCore::wrapperOwner):
        (WebCore::wrapperKey):
        (WebCore::toJS):
        (WebCore::toJSNewlyCreated):
        * bindings/scripts/test/JS/JSattribute.cpp: Removed.
        * bindings/scripts/test/JS/JSattribute.h: Removed.
        * bindings/scripts/test/JS/JSreadonly.cpp: Removed.
        * bindings/scripts/test/TestException.idl:
        * bindings/scripts/test/TestInterface.idl:
        * bindings/scripts/test/TestInterfaceLeadingUnderscore.idl: Copied from Source/WebCore/bindings/scripts/test/TestException.idl.

2016-10-21  Alex Christensen  <achristensen@webkit.org>

        URL::port should return Optional<uint16_t>
        https://bugs.webkit.org/show_bug.cgi?id=163806

        Reviewed by Darin Adler.

        A URL without a port is different than a URL with port 0.
        This matches the spec, Chrome, and Firefox.

        Covered by newly-passing web platform tests.

        * Modules/indexeddb/IDBDatabaseIdentifier.h:
        (WebCore::IDBDatabaseIdentifier::IDBDatabaseIdentifier):
        (WebCore::IDBDatabaseIdentifier::isHashTableDeletedValue):
        (WebCore::IDBDatabaseIdentifier::hash):
        (WebCore::IDBDatabaseIdentifier::isValid):
        (WebCore::IDBDatabaseIdentifier::isEmpty):
        * Modules/websockets/WebSocket.cpp:
        (WebCore::WebSocket::connect):
        * Modules/websockets/WebSocketHandshake.cpp:
        (WebCore::hostName):
        * contentextensions/ContentExtensionsBackend.cpp:
        (WebCore::ContentExtensions::ContentExtensionsBackend::processContentExtensionRulesForLoad):
        (WebCore::ContentExtensions::applyBlockedStatusToRequest):
        * html/HTMLPlugInImageElement.cpp:
        (WebCore::HTMLPlugInImageElement::userDidClickSnapshot):
        (WebCore::HTMLPlugInImageElement::subframeLoaderWillCreatePlugIn):
        * html/URLUtils.h:
        (WebCore::URLUtils<T>::protocol):
        (WebCore::URLUtils<T>::host):
        (WebCore::URLUtils<T>::port):
        * loader/CrossOriginAccessControl.cpp:
        (WebCore::isValidCrossOriginRedirectionURL):
        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::responseReceived):
        (WebCore::isRemoteWebArchive):
        (WebCore::DocumentLoader::maybeLoadEmpty):
        * loader/DocumentThreadableLoader.cpp:
        (WebCore::DocumentThreadableLoader::makeSimpleCrossOriginAccessRequest):
        * loader/ResourceLoader.cpp:
        (WebCore::ResourceLoader::didReceiveResponse):
        * loader/cache/CachedResource.cpp:
        (WebCore::shouldCacheSchemeIndefinitely):
        (WebCore::CachedResource::freshnessLifetime):
        * page/Location.cpp:
        (WebCore::Location::protocol):
        (WebCore::Location::host):
        (WebCore::Location::port):
        * page/Page.cpp:
        (WebCore::Page::userStyleSheetLocationChanged):
        * page/SecurityOrigin.cpp:
        (WebCore::shouldTreatAsUniqueOrigin):
        (WebCore::SecurityOrigin::SecurityOrigin):
        (WebCore::SecurityOrigin::isSecure):
        (WebCore::SecurityOrigin::canDisplay):
        (WebCore::SecurityOrigin::toRawString):
        (WebCore::SecurityOrigin::create):
        (WebCore::SecurityOrigin::databaseIdentifier):
        * page/SecurityOrigin.h:
        (WebCore::SecurityOrigin::port):
        * page/SecurityOriginData.cpp:
        (WebCore::SecurityOriginData::debugString):
        * page/SecurityOriginData.h:
        (): Deleted.
        * page/SecurityOriginHash.h:
        (WebCore::SecurityOriginHash::hash):
        * page/csp/ContentSecurityPolicy.cpp:
        (WebCore::ContentSecurityPolicy::allowObjectFromSource):
        (WebCore::ContentSecurityPolicy::allowChildFrameFromSource):
        (WebCore::ContentSecurityPolicy::allowResourceFromSource):
        (WebCore::ContentSecurityPolicy::allowConnectToSource):
        (WebCore::ContentSecurityPolicy::allowBaseURI):
        (WebCore::stripURLForUseInReport):
        (WebCore::ContentSecurityPolicy::upgradeInsecureRequestIfNeeded):
        * page/csp/ContentSecurityPolicySource.cpp:
        (WebCore::ContentSecurityPolicySource::ContentSecurityPolicySource):
        (WebCore::ContentSecurityPolicySource::portMatches):
        * page/csp/ContentSecurityPolicySource.h:
        * page/csp/ContentSecurityPolicySourceList.cpp:
        (WebCore::ContentSecurityPolicySourceList::parse):
        (WebCore::ContentSecurityPolicySourceList::parseSource):
        (WebCore::ContentSecurityPolicySourceList::parsePort):
        * page/csp/ContentSecurityPolicySourceList.h:
        * platform/SchemeRegistry.h:
        * platform/URL.cpp:
        (WebCore::URL::protocol):
        (WebCore::URL::port):
        (WebCore::URL::serialize):
        (WebCore::portAllowed):
        (WebCore::defaultPortsMap): Deleted.
        (WebCore::defaultPortForProtocol): Deleted.
        (WebCore::isDefaultPortForProtocol): Deleted.
        * platform/URL.h:
        (WebCore::URL::hasPort): Deleted.
        * platform/URLParser.cpp:
        (WebCore::defaultPortForProtocol):
        (WebCore::isDefaultPortForProtocol):
        (WebCore::URLParser::parsePort):
        (WebCore::isDefaultPort): Deleted.
        * platform/network/CredentialStorage.cpp:
        (WebCore::originStringFromURL):
        * platform/network/ResourceHandle.cpp:
        (WebCore::ResourceHandle::create):
        (WebCore::ResourceHandle::loadResourceSynchronously):
        * platform/network/cf/SocketStreamHandleImplCFNet.cpp:
        (WebCore::SocketStreamHandleImpl::platformClose):
        (WebCore::SocketStreamHandleImpl::port):
        * workers/WorkerLocation.cpp:
        (WebCore::WorkerLocation::protocol):
        (WebCore::WorkerLocation::host):
        (WebCore::WorkerLocation::port):

2016-10-24  Zan Dobersek  <zdobersek@igalia.com>

        [CodeGeneratorJS] Support enums for standalone dictionaries
        https://bugs.webkit.org/show_bug.cgi?id=163885

        Reviewed by Youenn Fablet.

        Add support for enumerations in WebIDL files that specify
        standalone dictionaries. Implementation of this is pretty
        straight-forward and mirrors interface and callback generators
        by calling GenerateEnumerations{Header,Implementation}Content()
        functions in GenerateDictionary{Header,Implementation}().

        In GenerateEnumerationsImplementationContent(), the
        NeverDestroyed.h header is added to the implementation includes
        since that class is used to hold an array of possible enum
        values.

        A test enum is added to the TestStandaloneDictionary.idl file
        and the baselines are updated to reflect the new capability.

        * bindings/scripts/CodeGenerator.pm:
        (ProcessDocument):
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateDictionary):
        (GenerateEnumerationsImplementationContent):
        (GenerateDictionaryHeader):
        (GenerateDictionaryImplementation):
        * bindings/scripts/test/JS/JSTestStandaloneDictionary.cpp:
        (WebCore::convertEnumerationToJS):
        (WebCore::parseEnumeration<TestStandaloneDictionary::EnumInStandaloneDictionaryFile>):
        (WebCore::convertEnumeration<TestStandaloneDictionary::EnumInStandaloneDictionaryFile>):
        (WebCore::expectedEnumerationValues<TestStandaloneDictionary::EnumInStandaloneDictionaryFile>):
        (WebCore::convertDictionary<DictionaryImplName>):
        * bindings/scripts/test/JS/JSTestStandaloneDictionary.h:
        * bindings/scripts/test/TestStandaloneDictionary.idl:

2016-10-24  Dave Hyatt  <hyatt@apple.com>

        Remove CSSCharsetRule from the CSS OM
        https://bugs.webkit.org/show_bug.cgi?id=163891

        Reviewed by Darin Adler.

        Remove CSSCharsetRule from the CSS OM. All other browser engines have made this
        change. This eliminates the weird overloading of isCharsetRule to match both
        CSSCharsetRule and StyleRuleCharset (only used by the new parser).

        Fix the destroy() method in StyleRuleBase to clean up StyleRuleCharsets created
        by the new parser properly.

        * CMakeLists.txt:
        * DerivedSources.make:
        * WebCore.xcodeproj/project.pbxproj:
        * bindings/js/JSCSSRuleCustom.cpp:
        (WebCore::toJSNewlyCreated):
        * css/CSSCharsetRule.cpp: Removed.
        * css/CSSCharsetRule.h: Removed.
        * css/CSSCharsetRule.idl: Removed.
        * css/CSSPropertySourceData.h:
        * css/CSSStyleSheet.cpp:
        (WebCore::CSSStyleSheet::item):
        (WebCore::CSSStyleSheet::rules):
        * css/CSSStyleSheet.h:
        * css/StyleRule.cpp:
        (WebCore::StyleRuleBase::destroy):
        * inspector/InspectorStyleSheet.cpp:
        (WebCore::asCSSRuleList):

2016-10-24  Zan Dobersek  <zdobersek@igalia.com>

        [CodeGeneratorJS] Standalone dictionaries have misplaced build guards
        https://bugs.webkit.org/show_bug.cgi?id=163881

        Reviewed by Chris Dumez.

        Build guards that are generated from the Conditional attribute
        on WebIDL dictionary declarations properly guard the relevant
        convertDictionary() functions for WebIDL files that also specify
        interfaces. But for standalone dictionaries these build guards
        should guard the complete header and implementation files, much
        like this is done for files that originate from interfaces or
        callbacks.

        Before this patch, guarding a standalone dictionary resulted in
        malformed output because GenerateHeaderContentHeader() and
        GenerateImplementationContentHeader() functions both generated
        the #if macro that would guard the whole file, but
        GenerateDictionary{Header,Implementation}() didn't generate the
        closing #endif.

        CodeGeneratorJS.pm now passes the conditional string, if any,
        to GenerateDictionary{Header,Implementation}Content() functions
        in case of a non-standalone dictionary. Otherwise, the
        conditional string, if any, is used to guard the complete
        header and implementation files.

        Generator tests are updated to cover various build guard
        combinations on dictionaries in TestObj.idl, and the standalone
        dictionary WebIDL file now has a Conditional attribute to check
        that the build guards cover complete generated header and
        implementation files.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateDictionaryHeaderContent):
        (GenerateDictionariesHeaderContent):
        (GenerateDictionaryImplementationContent):
        (GenerateDictionariesImplementationContent):
        (GenerateDictionaryHeader):
        (GenerateDictionaryImplementation):
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::convertDictionary<TestObj::ConditionalDictionaryA>):
        (WebCore::convertDictionary<TestObj::ConditionalDictionaryB>):
        (WebCore::convertDictionary<TestObj::ConditionalDictionaryC>):
        * bindings/scripts/test/JS/JSTestObj.h:
        * bindings/scripts/test/JS/JSTestStandaloneDictionary.cpp:
        * bindings/scripts/test/JS/JSTestStandaloneDictionary.h:
        * bindings/scripts/test/TestObj.idl:
        * bindings/scripts/test/TestStandaloneDictionary.idl:

2016-10-24  Eric Carlson  <eric.carlson@apple.com>

        [MediaStream] Separate media capture and audio playback muting
        https://bugs.webkit.org/show_bug.cgi?id=163855
        <rdar://problem/28827186>

        Reviewed by Darin Adler.

        Test: fast/mediastream/MediaStream-page-muted.html

        Change page.muted from a bool to a bitfield so audio and media capture muted are independent.
        Fix a couple of bugs in the mock media capture device uncovered by new test case.
        
        * Modules/mediastream/MediaStream.cpp:
        (WebCore::MediaStream::pageMutedStateDidChange): page.isMuted -> page.mutedState.

        * Modules/webaudio/AudioContext.cpp:
        (WebCore::AudioContext::pageMutedStateDidChange): Ditto.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::updateVolume): Ditto.
        (WebCore::HTMLMediaElement::effectiveMuted): Ditto.

        * page/MediaProducer.h: Add MutedState enum.

        * page/Page.cpp:
        (WebCore::Page::Page):
        (WebCore::Page::setMuted): Take MutedStateFlags instead of bool. m_muted -> m_mutedState.
        * page/Page.h:

        * platform/mock/MockRealtimeMediaSource.cpp:
        (WebCore::MockRealtimeMediaSource::startProducingData): Call setMuted.
        (WebCore::MockRealtimeMediaSource::stopProducingData): Ditto.
        * platform/mock/MockRealtimeMediaSource.h:

        * platform/mock/MockRealtimeVideoSource.cpp:
        (WebCore::MockRealtimeVideoSource::stopProducingData): Call correct base class method.

        * testing/Internals.cpp:
        (WebCore::Internals::setPageMuted): Change parameter from a bool to a string.
        * testing/Internals.h:

        * testing/Internals.idl:

2016-10-24  Darin Adler  <darin@apple.com>

        Try to fix Windows build.

        * bindings/js/JSWebGL2RenderingContextCustom.cpp: Rearranged includes
        so they are inside the conditional as they should be.

2016-10-24  Youenn Fablet  <youenn@apple.com>

        Activate WEB_RTC compilation flags for Mac bots
        https://bugs.webkit.org/show_bug.cgi?id=163886

        Reviewed by Eric Carlson.

        Covered by existing tests.

        Fixing compilation errors due to missing WEBCORE_EXPORT, missing method and missing override keywords.

        * Configurations/FeatureDefines.xcconfig:
        * DerivedSources.make:
        * Modules/mediastream/MediaEndpointPeerConnection.h:
        * Modules/mediastream/RTCPeerConnection.h:
        * Modules/mediastream/RTCPeerConnection.idl:
        * Modules/mediastream/SDPProcessor.cpp:
        (WebCore::SDPProcessor::generate):
        (WebCore::SDPProcessor::parse):
        * WebCore.xcodeproj/project.pbxproj:
        * platform/mediastream/mac/MockRealtimeVideoSourceMac.mm:
        (WebCore::MockRealtimeVideoSource::createMuted):

2016-10-24  Brady Eidson  <beidson@apple.com>

        IndexedDB 2.0: Support IDBIndex name assignment.
        <rdar://problem/28806932> and https://bugs.webkit.org/show_bug.cgi?id=163805

        Reviewed by Alex Christensen.

        Tests: storage/indexeddb/modern/index-rename-1-private.html
               storage/indexeddb/modern/index-rename-1.html

        Touches a *lot* of code sites, but none of them are particularly interesting.
        They are all just getting the new name spread out to all of the various objects that need it.

        * Modules/indexeddb/IDBDatabase.cpp:
        (WebCore::IDBDatabase::renameIndex):
        * Modules/indexeddb/IDBDatabase.h:

        * Modules/indexeddb/IDBIndex.cpp:
        (WebCore::IDBIndex::IDBIndex):
        (WebCore::IDBIndex::setName):
        (WebCore::IDBIndex::rollbackInfoForVersionChangeAbort):
        * Modules/indexeddb/IDBIndex.h:
        * Modules/indexeddb/IDBIndex.idl:

        * Modules/indexeddb/IDBObjectStore.cpp:
        (WebCore::IDBObjectStore::rollbackForVersionChangeAbort):
        (WebCore::IDBObjectStore::renameReferencedIndex):
        (WebCore::IDBObjectStore::rollbackInfoForVersionChangeAbort): Deleted.
        * Modules/indexeddb/IDBObjectStore.h:

        * Modules/indexeddb/IDBTransaction.cpp:
        (WebCore::IDBTransaction::internalAbort):
        (WebCore::IDBTransaction::renameIndex):
        (WebCore::IDBTransaction::renameIndexOnServer):
        (WebCore::IDBTransaction::didRenameIndexOnServer):
        * Modules/indexeddb/IDBTransaction.h:

        * Modules/indexeddb/client/IDBConnectionProxy.cpp:
        (WebCore::IDBClient::IDBConnectionProxy::renameIndex):
        * Modules/indexeddb/client/IDBConnectionProxy.h:

        * Modules/indexeddb/client/IDBConnectionToServer.cpp:
        (WebCore::IDBClient::IDBConnectionToServer::renameIndex):
        (WebCore::IDBClient::IDBConnectionToServer::didRenameIndex):
        * Modules/indexeddb/client/IDBConnectionToServer.h:
        * Modules/indexeddb/client/IDBConnectionToServerDelegate.h:

        * Modules/indexeddb/client/TransactionOperation.h:
        (WebCore::IDBClient::createTransactionOperation):

        * Modules/indexeddb/server/IDBBackingStore.h:

        * Modules/indexeddb/server/IDBConnectionToClient.cpp:
        (WebCore::IDBServer::IDBConnectionToClient::didRenameIndex):
        * Modules/indexeddb/server/IDBConnectionToClient.h:
        * Modules/indexeddb/server/IDBConnectionToClientDelegate.h:

        * Modules/indexeddb/server/IDBServer.cpp:
        (WebCore::IDBServer::IDBServer::renameIndex):
        * Modules/indexeddb/server/IDBServer.h:

        * Modules/indexeddb/server/MemoryBackingStoreTransaction.cpp:
        (WebCore::IDBServer::MemoryBackingStoreTransaction::indexRenamed):
        (WebCore::IDBServer::MemoryBackingStoreTransaction::abort):
        * Modules/indexeddb/server/MemoryBackingStoreTransaction.h:

        * Modules/indexeddb/server/MemoryIDBBackingStore.cpp:
        (WebCore::IDBServer::MemoryIDBBackingStore::renameIndex):
        * Modules/indexeddb/server/MemoryIDBBackingStore.h:

        * Modules/indexeddb/server/MemoryIndex.h:
        (WebCore::IDBServer::MemoryIndex::rename):

        * Modules/indexeddb/server/MemoryObjectStore.cpp:
        (WebCore::IDBServer::MemoryObjectStore::renameIndex):
        * Modules/indexeddb/server/MemoryObjectStore.h:

        * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:
        (WebCore::IDBServer::SQLiteIDBBackingStore::renameIndex):
        * Modules/indexeddb/server/SQLiteIDBBackingStore.h:

        * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
        (WebCore::IDBServer::UniqueIDBDatabase::renameIndex):
        (WebCore::IDBServer::UniqueIDBDatabase::performRenameIndex):
        (WebCore::IDBServer::UniqueIDBDatabase::didPerformRenameIndex):
        * Modules/indexeddb/server/UniqueIDBDatabase.h:

        * Modules/indexeddb/server/UniqueIDBDatabaseConnection.cpp:
        (WebCore::IDBServer::UniqueIDBDatabaseConnection::didRenameIndex):
        * Modules/indexeddb/server/UniqueIDBDatabaseConnection.h:

        * Modules/indexeddb/server/UniqueIDBDatabaseTransaction.cpp:
        (WebCore::IDBServer::UniqueIDBDatabaseTransaction::renameIndex):
        * Modules/indexeddb/server/UniqueIDBDatabaseTransaction.h:

        * Modules/indexeddb/shared/IDBIndexInfo.h:
        (WebCore::IDBIndexInfo::rename):

        * Modules/indexeddb/shared/IDBObjectStoreInfo.cpp:
        (WebCore::IDBObjectStoreInfo::infoForExistingIndex):
        * Modules/indexeddb/shared/IDBObjectStoreInfo.h:

        * Modules/indexeddb/shared/IDBResultData.cpp:
        (WebCore::IDBResultData::renameIndexSuccess):
        * Modules/indexeddb/shared/IDBResultData.h:

        * Modules/indexeddb/shared/InProcessIDBServer.cpp:
        (WebCore::InProcessIDBServer::didRenameIndex):
        (WebCore::InProcessIDBServer::renameIndex):
        * Modules/indexeddb/shared/InProcessIDBServer.h:

2016-10-24  Dave Hyatt  <hyatt@apple.com>

        [CSS Parser] Fix -webkit-box-reflect parsing
        https://bugs.webkit.org/show_bug.cgi?id=163890

        Reviewed by Zalan Bujtas.

        * css/parser/CSSPropertyParser.cpp:
        (WebCore::consumeReflect):
        Do a WTFMove on the mask instead of a .releaseNonNull(), since mask can be a nullptr.
        Exactly matches the old parser.

        * css/parser/CSSPropertyParserHelpers.cpp:
        (WebCore::CSSPropertyParserHelpers::CalcParser::consumeValue):
        (WebCore::CSSPropertyParserHelpers::CalcParser::consumeNumber):
        (WebCore::CSSPropertyParserHelpers::consumeInteger):
        (WebCore::CSSPropertyParserHelpers::consumeNumber):
        (WebCore::CSSPropertyParserHelpers::consumeLength):
        (WebCore::CSSPropertyParserHelpers::consumePercent):
        (WebCore::CSSPropertyParserHelpers::consumeAngle):
        (WebCore::CSSPropertyParserHelpers::consumeTime):
        (WebCore::CSSPropertyParserHelpers::consumeUrl):
        (WebCore::CSSPropertyParserHelpers::consumeColor):
        (WebCore::CSSPropertyParserHelpers::consumeDeprecatedGradientPoint):
        (WebCore::CSSPropertyParserHelpers::consumeDeprecatedGradientColorStop):
        (WebCore::CSSPropertyParserHelpers::consumeCrossFade):
        (WebCore::CSSPropertyParserHelpers::consumeImageSet):
        Clean up all instances of CSSPrimitiveValue::create to use the CSSValuePool.

2016-10-21  Antoine Quint  <graouts@apple.com>

        [Modern Media Controls] Concatenate JS and CSS files into a single JS and CSS resources
        https://bugs.webkit.org/show_bug.cgi?id=163785
        <rdar://problem/28890058>

        Reviewed by Darin Adler.

        Concatenate CSS and JS resources for modern media controls into single JS and CSS files
        during build and load these single resources alone at runtime.

        * Modules/modern-media-controls/js-files: Added.
        * WebCore.xcodeproj/project.pbxproj:
        * rendering/RenderThemeMac.mm:
        (WebCore::RenderThemeMac::mediaControlsStyleSheet):
        (WebCore::RenderThemeMac::mediaControlsScript):

2016-10-24  Dave Hyatt  <hyatt@apple.com>

        [CSS Parser] Unprefix -webkit-writing-mode
        https://bugs.webkit.org/show_bug.cgi?id=163870

        Reviewed by Zalan Bujtas.

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::ComputedStyleExtractor::propertyValue):
        Change -webkit-writing mode to writing-mode.

        * css/CSSPrimitiveValueMappings.h:
        (WebCore::CSSPrimitiveValue::operator WritingMode):
        (WebCore::CSSPrimitiveValue::operator SVGWritingMode): Deleted.
        Eliminate the SVGWritingMode converters. Add support for the unique SVG-specific
        values to the WritingMode converters.

        * css/CSSPropertyNames.in:
        Alias -webkit-writing-mode to writing-mode. Move writing-mode up to be
        high priority like -webkit-writing mode was. Alias -epub-writing-mode to writing-mode
        instead of to -webkit-writing-mode.

        * css/SVGCSSComputedStyleDeclaration.cpp:
        (WebCore::ComputedStyleExtractor::svgPropertyValue):
        Remove writing-mode from SVG computed style, since the base CSSComputedStyleDeclaration handles it.

        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderCustom::applyValueWritingMode):
        (WebCore::StyleBuilderCustom::applyValueWebkitWritingMode): Deleted.
        Renamed applyValueWebkitWritingMode to applyValueWritingMode. Removed the SVG code, since
        the underlying converter for WritingMode now handles those values.

        * css/StyleResolver.cpp:
        (WebCore::extractDirectionAndWritingMode):
        Rename -webkit-writing-mode to writing-mode.

        * css/parser/CSSParser.cpp:
        (WebCore::isValidKeywordPropertyAndValue):
        Eliminate -webkit-writing-mode and make sure writing-mode handles both the SVG values
        and the normal values.

        * css/parser/CSSParserFastPaths.cpp:
        (WebCore::CSSParserFastPaths::isValidKeywordPropertyAndValue):
        (WebCore::CSSParserFastPaths::isKeywordPropertyID):
        Same deal here.

        * html/track/TextTrackCueGeneric.cpp:
        (WebCore::TextTrackCueGenericBoxElement::applyCSSProperties):
        * html/track/VTTCue.cpp:
        (WebCore::VTTCueBox::applyCSSProperties):
        Cue stuff was setting -webkit-writing-mode, so make it set writing-mode instead now.

        * rendering/RenderLineBreak.cpp:
        (WebCore::RenderLineBreak::collectSelectionRects):
        * rendering/RenderText.cpp:
        (WebCore::RenderText::collectSelectionRects):
        Switch the SVG-specific code here over to accessing the RenderStyle writing-mode and not
        the SVG-specific one.

        * rendering/style/RenderStyle.h:
        (WebCore::RenderStyle::isVerticalWritingMode):
        Add a helper function for asking if something is vertical writing mode.

        * rendering/style/SVGRenderStyle.cpp:
        * rendering/style/SVGRenderStyle.h:
        * rendering/style/SVGRenderStyleDefs.h:
        (WebCore::SVGRenderStyle::diff):
        Remove the SVG writing mode code.

        * rendering/svg/RenderSVGInlineText.cpp:
        (WebCore::RenderSVGInlineText::computeNewScaledFontForStyle):
        Make sure to force SVG font descriptions to be horizontal, since SVG controls
        its own glyph orientation.

        * rendering/svg/SVGRenderTreeAsText.cpp:
        (WebCore::writeSVGInlineTextBox):
        * rendering/svg/SVGTextChunk.cpp:
        (WebCore::SVGTextChunk::SVGTextChunk):
        * rendering/svg/SVGTextLayoutEngine.cpp:
        (WebCore::SVGTextLayoutEngine::layoutInlineTextBox):
        * rendering/svg/SVGTextQuery.cpp:
        (WebCore::SVGTextQuery::executeQuery):
        Changed to access the RenderStyle writing mode instead of the SVG-specific one.

2016-10-23  Antti Koivisto  <antti@apple.com>

        Avoid unnecessary full style resolution in getComputedStyle for non-inherited properties
        https://bugs.webkit.org/show_bug.cgi?id=163875

        Reviewed by Andreas Kling.

        Test: fast/css/getComputedStyle/getComputedStyle-style-resolution.html

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::hasValidStyleForProperty):

            For non-inherited properties we don't need to update style even if some ancestor style is invalid
            as long as explicit 'inherit' is not being used.
            We still need to update if we find out that the whole subtree we are in is invalid.

        (WebCore::updateStyleIfNeededForProperty):

            Pass the property.

        (WebCore::ComputedStyleExtractor::customPropertyValue):
        (WebCore::ComputedStyleExtractor::propertyValue):
        (WebCore::CSSComputedStyleDeclaration::length):
        (WebCore::elementOrItsAncestorNeedsStyleRecalc): Deleted.
        (WebCore::updateStyleIfNeededForElement): Deleted.
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::colorFromPrimitiveValue):

            Mark style as using explicit inheritance if 'currentcolor' value is used.

2016-10-24  Youenn Fablet  <youenn@apple.com>

        ASSERTION FAILED: canvas()->securityOrigin()->toString() == cachedImage.origin()->toString()
        https://bugs.webkit.org/show_bug.cgi?id=163242

        Reviewed by Darin Adler.

        Test: http/tests/security/cross-origin-cached-images-canvas.html

        We were previously on Origin HTTP header to check whether requests were made from different origins.
        This is fine for CORS enabled requests but not for GET no CORS requests since they will not have any Origin header.

        Now that CachedResource and CachedResourceRequest own their origin, it is best to use these directly.

        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::isRequestMatchingResourceOrigin):
        (WebCore::CachedResourceLoader::shouldUpdateCachedResourceWithCurrentRequest):

2016-10-24  Youenn Fablet  <youenn@apple.com>

        Remove CachedResource::passesSameOriginPolicyCheck
        https://bugs.webkit.org/show_bug.cgi?id=163593

        Reviewed by Andreas Kling.

        No change of behavior.

        Removing no-longer used code.

        * loader/cache/CachedResource.cpp:
        (WebCore::CachedResource::redirectReceived):
        (WebCore::CachedResource::passesAccessControlCheck): Deleted.
        (WebCore::CachedResource::passesSameOriginPolicyCheck): Deleted.
        (WebCore::CachedResource::responseForSameOriginPolicyChecks): Deleted.
        * loader/cache/CachedResource.h:
        (WebCore::CachedResource::response):

2016-10-24  Youenn Fablet  <youenn@apple.com>

        Redirections should be upgraded if CSP policy says so
        https://bugs.webkit.org/show_bug.cgi?id=163544

        Reviewed by Darin Adler.

        Test: http/tests/security/contentSecurityPolicy/upgrade-insecure-requests/basic-upgrade-after-redirect.https.html

        Introducing CachedResourceLoader::updateRequestAfterRedirection to do the checks that CachedResourceLoader is doing
        to the initial request, but for redirection requests.

        Implemented URL upgrade according CSP policy, as specified by fetch algorithm.
        Minor refactoring in CachedResourceRequest to share some code.
        Fixing some constness issues.

        * loader/SubresourceLoader.cpp:
        (WebCore::SubresourceLoader::willSendRequestInternal):
        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::allowedByContentSecurityPolicy):
        (WebCore::CachedResourceLoader::canRequestAfterRedirection):
        (WebCore::CachedResourceLoader::updateRequestAfterRedirection):
        * loader/cache/CachedResourceLoader.h:
        * loader/cache/CachedResourceRequest.cpp:
        (WebCore::upgradeInsecureResourceRequestIfNeeded):
        (WebCore::CachedResourceRequest::upgradeInsecureRequestIfNeeded):
        * loader/cache/CachedResourceRequest.h:

2016-10-22  Sam Weinig  <sam@webkit.org>

        [WebIDL] Add IDLType based toJS conversion
        https://bugs.webkit.org/show_bug.cgi?id=163861

        Reviewed by Darin Adler.

        Adds toJS<IDLType>() functions to be the new way of converting
        from implementation types to JS types. These are implemented via
        a similar mechanism to the convert<IDL>() functions, though specializations
        of a JSConverter struct (rather than the Converter structs). This allows
        us to support arbitrarily complex aggregate types easily (e.g. sequence<(Node or DOMString?)>).

        * Modules/geolocation/Geoposition.idl:
        * dom/Event.idl:
        Add typedef for DOMTimeStamp. Eventually, our IDLParser should do this for us, but
        for now it allows us to simplify the type system.

        * bindings/js/JSDOMBinding.h:
        (WebCore::JSValueTraits::arrayJSValue): Deleted.
        (WebCore::JSValueTraits<String>::arrayJSValue): Deleted.
        (WebCore::JSValueTraits<double>::arrayJSValue): Deleted.
        (WebCore::JSValueTraits<float>::arrayJSValue): Deleted.
        (WebCore::jsArray): Deleted.
        (WebCore::jsFrozenArray): Deleted.
        (WebCore::NativeValueTraits<String>::nativeValue): Deleted.
        (WebCore::NativeValueTraits<unsigned>::nativeValue): Deleted.
        (WebCore::NativeValueTraits<float>::nativeValue): Deleted.
        (WebCore::NativeValueTraits<double>::nativeValue): Deleted.
        (WebCore::toNullableJSNumber): Deleted.
        (WebCore::toJSArray): Deleted.
        (WebCore::toJSBoolean): Deleted.
        (WebCore::toJSNumber): Deleted.
        (WebCore::toJSString): Deleted.
        Remove many now-unneeded conversion functions.

        * bindings/js/JSDOMConvert.h:
        (WebCore::toJS):
        Add 5 primary toJS functions which take combinations of the following
        arguments: ExecState, JSDOMGlobalObject, ThrowScope.  All take the value 
        to be converted as well, except in the case of the throwScope ones, where
        they take the value in an ExceptionOr<>.

        To simplify the implementations of the JSConverter specializations, avoiding
        the need for each one to implement their conversion up to 3 times (one for just
        the value, one for the value and the ExecState, and one for the value, the ExecState
        and the global object), each JSConverter instead specifies whether it's converter
        needs an ExecState or global object via a static constexpr. We then use the 
        JSConverterOverloader template, to call the correct function. This can probably be
        improved in the future, by inferring the number of arguments needed via SFINAE, but
        this seemed like a more straightforward first cut.

        (WebCore::JSConverter<IDLNullable<T>>::convert):
        (WebCore::JSConverter<IDLBoolean>::convert):
        (WebCore::JSConverter<IDLInterface<T>>::convert):
        (WebCore::JSConverter<IDLAny>::convert):
        (WebCore::JSConverter<IDLByte>::convert):
        (WebCore::JSConverter<IDLOctet>::convert):
        (WebCore::JSConverter<IDLShort>::convert):
        (WebCore::JSConverter<IDLUnsignedShort>::convert):
        (WebCore::JSConverter<IDLLong>::convert):
        (WebCore::JSConverter<IDLUnsignedLong>::convert):
        (WebCore::JSConverter<IDLLongLong>::convert):
        (WebCore::JSConverter<IDLUnsignedLongLong>::convert):
        (WebCore::JSConverter<IDLFloat>::convert):
        (WebCore::JSConverter<IDLUnrestrictedFloat>::convert):
        (WebCore::JSConverter<IDLDouble>::convert):
        (WebCore::JSConverter<IDLUnrestrictedDouble>::convert):
        (WebCore::JSConverter<IDLDOMString>::convert):
        (WebCore::JSConverter<IDLUSVString>::convert):
        (WebCore::JSConverter<IDLSequence<T>>::convert):
        (WebCore::JSConverter<IDLFrozenArray<T>>::convert):
        (WebCore::JSConverter<IDLEnumeration<T>>::convert):
        (WebCore::JSConverter<IDLUnion<T...>>::convert):
        There is slightly more duplication than I would have liked, for instance we have a
        specialization for each numeric type, even though they are all the same, but that is
        something that can be improved going forward.

        (WebCore::Converter<IDLUnion<T...>>::convert)
        Fix the normal IDLUnion converter to work with boolean types. This was caught by the
        test case I added via TypeConversions.idl.
        
        * bindings/js/JSDOMStringMapCustom.cpp:
        (WebCore::JSDOMStringMap::getOwnPropertySlotDelegate):
        * bindings/js/JSDOMWindowCustom.cpp:
        (WebCore::JSDOMWindow::setTimeout):
        (WebCore::JSDOMWindow::setInterval):
        * bindings/js/JSDataTransferCustom.cpp:
        (WebCore::JSDataTransfer::types):
        * bindings/js/JSMediaStreamTrackCustom.cpp:
        (WebCore::JSMediaStreamTrack::getCapabilities):
        * bindings/js/JSMutationCallback.cpp:
        (WebCore::JSMutationCallback::call):
        * bindings/js/JSSVGLengthCustom.cpp:
        (WebCore::JSSVGLength::value):
        Switch to use new toJS<> functions.

        * bindings/scripts/CodeGeneratorJS.pm:
        (AddStringifierOperationIfNeeded):
        Fix stringifier function signature to contain an idlType.

        (GenerateEnumerationsHeaderContent):
        Remove now unnecessary JSValueTraits specializations.

        (JSValueToNativeIsHandledByDOMConvert):
        Renamed from IsHandledByDOMConvert, since that name is now ambiguous.

        (JSValueToNative):
        Update for new name of IsHandledByDOMConvert.

        (NativeToJSValueIsHandledByDOMConvert):
        Predicate guarding what types currently work with the new conversion system.

        (NativeToJSValueDOMConvertNeedsState):
        Predicate for determining if the ExecState is needed in the conversion function.

        (NativeToJSValueDOMConvertNeedsGlobalObject):
        Predicate for determining if the global object is needed in the conversion function.

        (NativeToJSValue):
        Move things around a little bit and start converting use the new toJS<> when possible.

        * bindings/scripts/IDLParser.pm:
        (parseAttributeOrOperationRest):
        Fix a missing place where were not setting the idlType.
 
        * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
        * bindings/scripts/test/JS/JSTestCEReactions.cpp:
        * bindings/scripts/test/JS/JSTestCEReactionsStringifier.cpp:
        * bindings/scripts/test/JS/JSTestCallback.cpp:
        * bindings/scripts/test/JS/JSTestCallbackFunction.cpp:
        * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
        * bindings/scripts/test/JS/JSTestException.cpp:
        * bindings/scripts/test/JS/JSTestGlobalObject.cpp:
        * bindings/scripts/test/JS/JSTestInterface.cpp:
        * bindings/scripts/test/JS/JSTestNode.cpp:
        * bindings/scripts/test/JS/JSTestNondeterministic.cpp:
        * bindings/scripts/test/JS/JSTestObj.cpp:
        * bindings/scripts/test/JS/JSTestObj.h:
        * bindings/scripts/test/JS/JSTestSerialization.cpp:
        * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
        * bindings/scripts/test/JS/JSTestTypedefs.cpp:
        * bindings/scripts/test/JS/JSattribute.cpp:
        Update test results.

        * testing/TypeConversions.h:
        (WebCore::TypeConversions::testUnion):
        (WebCore::TypeConversions::setTestUnion):
        (WebCore::TypeConversions::typeConversionsDictionarySequenceValue):
        (WebCore::TypeConversions::typeConversionsDictionaryUnionValue):
        * testing/TypeConversions.idl:
        Add a testUnion attribute, now that we can return unions to JS.

2016-10-23  Zalan Bujtas  <zalan@apple.com>

        Unreviewed, rolling out r207727.

        broke 15 selection test cases.

        Reverted changeset:

        "Do not update selection rect on dirty lineboxes."
        https://bugs.webkit.org/show_bug.cgi?id=163862
        http://trac.webkit.org/changeset/207727

2016-10-23  Chris Dumez  <cdumez@apple.com>

        addEventListener() / removeEventListener() should use a union for last parameter
        https://bugs.webkit.org/show_bug.cgi?id=163863

        Reviewed by Darin Adler.

        addEventListener() / removeEventListener() should use a union for last parameter:
        - https://dom.spec.whatwg.org/#eventtarget

        No new tests, no Web-exposed behavior change.

        * bindings/js/JSDOMConvert.h:
        * dom/EventTarget.cpp:
        (WebCore::EventTarget::addEventListenerForBindings):
        (WebCore::EventTarget::removeEventListenerForBindings):
        * dom/EventTarget.h:
        * dom/EventTarget.idl:

2016-10-23  Zalan Bujtas  <zalan@apple.com>

        Do not update selection rect on dirty lineboxes.
        https://bugs.webkit.org/show_bug.cgi?id=163862
        <rdar://problem/28813156>

        Reviewed by Simon Fraser.

        In addition to checking whether the renderer needs layout, we also need to check if its preferred
        width is clean and stop computing the selection rects, if needed (while adding a renderer to the tree,
        there's a transition phase where the parent's preferred width dirty bit is already set, but it does
        not yet need layout).

        Tests: fast/css-generated-content/dynamic-first-letter-selection-clear-crash.html

        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::canUpdateSelectionOnRootLineBoxes):

2016-10-22  Myles C. Maxfield  <mmaxfield@apple.com>

        ASSERTION FAILED: m_fonts in &WebCore::FontCascade::primaryFont
        https://bugs.webkit.org/show_bug.cgi?id=163459

        Reviewed by Darin Adler.

        The CSS Units and Values spec states that font-relative units, when used
        in the font-size property, are resolved against the parent element. When
        calc() is specified, we were trying to resolve them against the current
        element, which is impossible because of the circular dependency. Instead,
        we should resolve against the parent style the same way as when calc() 
        isn't specified.

        Test: fast/text/font-size-calc.html

        * css/StyleBuilderCustom.h:
        (WebCore::StyleBuilderCustom::applyValueFontSize):

2016-10-22  Chris Dumez  <cdumez@apple.com>

        [Web IDL] Two types are distinguishable for overload resolution if at most one of the two includes a nullable type
        https://bugs.webkit.org/show_bug.cgi?id=163791

        Reviewed by Sam Weinig.

        Update overload resolution in the bindings generator so that 2 nullable types
        are no longer considered as distinguishable, as per Web IDL:
        - https://heycam.github.io/webidl/#dfn-distinguishable

        * bindings/scripts/CodeGeneratorJS.pm:
        (AreTypesDistinguishableForOverloadResolution):
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::jsTestObjPrototypeFunctionOverloadWithNullableNonDistinguishingParameter1):
        (WebCore::jsTestObjPrototypeFunctionOverloadWithNullableNonDistinguishingParameter1Caller):
        (WebCore::jsTestObjPrototypeFunctionOverloadWithNullableNonDistinguishingParameter2):
        (WebCore::jsTestObjPrototypeFunctionOverloadWithNullableNonDistinguishingParameter2Caller):
        (WebCore::jsTestObjPrototypeFunctionOverloadWithNullableNonDistinguishingParameter):
        * bindings/scripts/test/TestObj.idl:

2016-10-22  Chris Dumez  <cdumez@apple.com>

        WebGLRenderingContextBase.texSubImage2D() should use a union instead of overloading
        https://bugs.webkit.org/show_bug.cgi?id=163859

        Reviewed by Darin Adler.

        WebGLRenderingContextBase.texSubImage2D() should use a union instead of overloading:
        - https://www.khronos.org/registry/webgl/specs/latest/1.0/#5.14

        No new tests, no Web-exposed behavior change.

        * html/canvas/WebGL2RenderingContext.cpp:
        (WebCore::WebGL2RenderingContext::texSubImage2D):
        * html/canvas/WebGL2RenderingContext.h:
        * html/canvas/WebGLRenderingContext.cpp:
        (WebCore::WebGLRenderingContext::texSubImage2D):
        * html/canvas/WebGLRenderingContext.h:
        * html/canvas/WebGLRenderingContextBase.h:
        * html/canvas/WebGLRenderingContextBase.idl:

2016-10-22  Dan Bernstein  <mitz@apple.com>

        Dynamically-added backdrop filter to clip-path'd element with 3D transform renders incorrectly (without clip)
        https://bugs.webkit.org/show_bug.cgi?id=163497

        Reviewed by Simon Fraser.

        Test: css3/filters/backdrop/dynamic-with-clip-path.html

        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::ensureStructuralLayer): Added MaskLayerChanged to
          structuralLayerChangeFlags to ensure that the mask layer is updated.

2016-10-22  Simon Fraser  <simon.fraser@apple.com>

        Backdrop filter doesn't show if removed then re-added
        https://bugs.webkit.org/show_bug.cgi?id=163860

        Reviewed by Dan Bernstein.

        When a backdrop filter is removed the re-added, updateBackdropFiltersRect() never
        runs the second time because m_backdropFiltersRect doesn't change. However, we need
        to run that code to size and position the newly re-created backdrop layer, so run
        it explicitly if we just created the backdrop layer. This is similar to how
        updateContentsImage() calls updateContentsRects().

        Test: css3/filters/backdrop/add-remove-add-backdrop-filter.html

        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::setBackdropFilters):
        (WebCore::GraphicsLayerCA::updateBackdropFilters):

2016-10-22  Simon Fraser  <simon.fraser@apple.com>

        Fix repainting of slow repaint objects in WK1 when page scale is applied
        https://bugs.webkit.org/show_bug.cgi?id=163854

        Reviewed by Zalan Bujtas.
        
        RenderObject::repaintSlowRepaintObject() always set the repaint container to the RenderView
        if it was null. This is before the call to clippedOverflowRectForRepaint(). If that function
        is called with a null repaintContainer, it maps the rect up through the RenderView's transform
        (which represents page scale), which is what we want here. Passing the RenderView itself
        stops the transform from being applied, which led to the bug.
        
        WebKit2 doesn't suffer from this bug because containerForRepaint() always returns the
        composited RenderView.

        Test: fast/repaint/zoomed-fixed-background.html

        * rendering/RenderObject.cpp:
        (WebCore::RenderObject::repaintSlowRepaintObject):

2016-10-22  Darin Adler  <darin@apple.com>

        Move HTML canvas and tracks from ExceptionCode to Exception
        https://bugs.webkit.org/show_bug.cgi?id=163853

        Reviewed by Chris Dumez.

        * WebCore.xcodeproj/project.pbxproj: Added CanvasPath.idl.

        * bindings/js/JSWebGL2RenderingContextCustom.cpp: Tweaked a bit.

        * bindings/js/JSWebGLRenderingContextBaseCustom.cpp:
        (WebCore::JSWebGLRenderingContextBase::getExtension): Tweaked a bit.
        (WebCore::JSWebGLRenderingContextBase::getFramebufferAttachmentParameter):
        Removed unneeded exception handling.
        (WebCore::JSWebGLRenderingContextBase::getParameter): Ditto.
        (WebCore::JSWebGLRenderingContextBase::getProgramParameter): Ditto.
        (WebCore::JSWebGLRenderingContextBase::getShaderParameter): Ditto.
        (WebCore::JSWebGLRenderingContextBase::getSupportedExtensions): Use a
        modern for loop.
        (WebCore::JSWebGLRenderingContextBase::getUniform): Removed unneeded
        exception handling.

        * html/HTMLCanvasElement.cpp:
        (WebCore::HTMLCanvasElement::getContext): Pass a reference.
        (WebCore::HTMLCanvasElement::reset): Use is<CanvasRenderingContext2D>.
        (WebCore::HTMLCanvasElement::setUsesDisplayListDrawing): Ditto.
        (WebCore::HTMLCanvasElement::setTracksDisplayListReplay) Ditto.:
        (WebCore::HTMLCanvasElement::displayListAsText): Ditto.
        (WebCore::HTMLCanvasElement::replayDisplayListAsText): Ditto.
        (WebCore::HTMLCanvasElement::clearImageBuffer): Ditto.

        * html/canvas/CanvasGradient.cpp:
        (WebCore::CanvasGradient::CanvasGradient): Streamlined.
        (WebCore::CanvasGradient::addColorStop): Use ExceptionOr.
        * html/canvas/CanvasGradient.h: Updated for above changes.
        * html/canvas/CanvasGradient.idl: Use non-legacy exception.

        * html/canvas/CanvasPath.cpp:
        (WebCore::CanvasPath::arcTo): Use ExceptionOr.
        (WebCore::CanvasPath::arc): Ditto.
        (WebCore::CanvasPath::ellipse): Ditto.
        * html/canvas/CanvasPath.h: Updated for above changes.
        * html/canvas/CanvasPath.idl: Use non-legacy exceptions.

        * html/canvas/CanvasPattern.cpp:
        (WebCore::CanvasPattern::create): Use Ref&&.
        (WebCore::CanvasPattern::CanvasPattern): Ditto.
        (WebCore::CanvasPattern::parseRepetitionType): Return a boolean
        instead of using an ExceptionCode.
        * html/canvas/CanvasPattern.h: Updated for above changes.

        * html/canvas/CanvasRenderingContext.cpp:
        (CanvasRenderingContext::wouldTaintOrigin): Reordered function so
        that it's safe to call it on an image element without a cached
        image, or a cached image without an underlying image.

        * html/canvas/CanvasRenderingContext2D.cpp:
        (WebCore::CanvasRenderingContext2D::CanvasRenderingContext2D):
        Take a reference.
        (WebCore::CanvasRenderingContext2D::drawImage): Use ExceptionOr.
        (WebCore::CanvasRenderingContext2D::drawImageFromRect): Ditto.
        (WebCore::CanvasRenderingContext2D::createLinearGradient): Ditto.
        (WebCore::CanvasRenderingContext2D::createRadialGradient): Ditto.
        (WebCore::CanvasRenderingContext2D::createPattern): Ditto.
        (WebCore::CanvasRenderingContext2D::createImageData): Ditto.
        (WebCore::CanvasRenderingContext2D::getImageData): Ditto.
        (WebCore::CanvasRenderingContext2D::webkitGetImageDataHD): Ditto.
        (WebCore::CanvasRenderingContext2D::putImageData): Removed unneeded
        ExceptionCode because this does not throw exceptions; the only one
        was for non-finite numeric values but this is now handled by bindings.
        (WebCore::CanvasRenderingContext2D::webkitPutImageDataHD): Ditto.
        * html/canvas/CanvasRenderingContext2D.h: Updated for above.
        * html/canvas/CanvasRenderingContext2D.idl: Use non-legacy exceptions
        and removed exceptions entirely in other cases.

        * html/canvas/OESVertexArrayObject.cpp:
        (WebCore::OESVertexArrayObject::OESVertexArrayObject): Take a reference.
        (WebCore::OESVertexArrayObject::~OESVertexArrayObject): Deleted.
        (WebCore::OESVertexArrayObject::isVertexArrayOES): Use && instead of
        multiple return statements.
        (WebCore::OESVertexArrayObject::bindVertexArrayOES): Removed unneeded
        ExceptionCode since this does not throw an exception.
        * html/canvas/OESVertexArrayObject.h: Updated for above.
        * html/canvas/OESVertexArrayObject.idl: Removed unneeded exception.

        * html/canvas/WebGL2RenderingContext.cpp:
        (WebCore::WebGL2RenderingContext::getFramebufferAttachmentParameter):
        Removed unneeded ExceptionCode since this does not throw an exception.
        (WebCore::WebGL2RenderingContext::texSubImage2DBase): Ditto.
        (WebCore::WebGL2RenderingContext::texSubImage2DImpl): Ditto.
        (WebCore::WebGL2RenderingContext::texSubImage2D): Removed unneeded
        ExceptionCode for some overloads, for the others, use ExceptionOr
        for the security exception. Moved security exception code here from
        the validate functions.
        (WebCore::WebGL2RenderingContext::validateTexFuncParameters): Removed
        unneeded ExceptionCode.
        (WebCore::WebGL2RenderingContext::getParameter): Ditto.
        * html/canvas/WebGL2RenderingContext.h: Updated for above.

        * html/canvas/WebGLRenderingContext.cpp:
        (WebCore::WebGLRenderingContext::getExtension): Pass a reference.
        (WebCore::WebGLRenderingContext::getFramebufferAttachmentParameter):
        Remvoed unneeded ExceptionCode since this does not throw an exception.
        (WebCore::WebGLRenderingContext::texSubImage2DBase): Ditto.
        (WebCore::WebGLRenderingContext::texSubImage2DImpl): Ditto.
        (WebCore::WebGLRenderingContext::texSubImage2D): Removed unneeded
        ExceptionCode for some overloads, for the others, use ExceptionOr
        for the security exception. Moved security exception code here from
        the validate functions.
        (WebCore::WebGLRenderingContext::getParameter): Removed unneeded
        ExceptionCode.
        * html/canvas/WebGLRenderingContext.h: Updated for above changes.

        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::WebGLRenderingContextBase::texImage2DBase):
        Remvoed unneeded ExceptionCode since this does not throw an exception.
        (WebCore::WebGLRenderingContextBase::texImage2DImpl): Ditto.
        (WebCore::WebGLRenderingContextBase::texImage2D): Removed unneeded
        ExceptionCode for some overloads, for the others, use ExceptionOr
        for the security exception. Moved security exception code here from
        the validate functions.
        (WebCore::WebGLRenderingContextBase::validateHTMLImageElement):
        Moved the security exception out of here to the call sites.
        (WebCore::WebGLRenderingContextBase::validateHTMLCanvasElement): Ditto.
        (WebCore::WebGLRenderingContextBase::validateHTMLVideoElement): Ditto.
        * html/canvas/WebGLRenderingContextBase.h: Updated for above changes.
        * html/canvas/WebGLRenderingContextBase.idl: Use non-legacy exceptions
        in some cases and no exceptions at all in many others.

        * html/shadow/MediaControlElements.cpp:
        (WebCore::MediaControlTextTrackContainerElement::updateDisplay):
        Use a reference instead of a pointer.

        * html/track/DataCue.h: Use pragma once.
        * html/track/DataCue.idl: Use non-legacy exception for constructor
        attribute, even though it is custom and so it has no effect.

        * html/track/InbandDataTextTrack.cpp:
        (WebCore::InbandDataTextTrack::create): Use RefPtr&&.
        (WebCore::InbandDataTextTrack::InbandDataTextTrack): Ditto.
        (WebCore::InbandDataTextTrack::addDataCue): Stop using
        ASSERT_NO_EXCEPTION.
        (WebCore::InbandDataTextTrack::removeDataCue): Stop using
        IGNORE_EXCEPTION.
        (WebCore::InbandDataTextTrack::removeCue): Use ExceptionOr.
        Also use remove instead of find/remove.
        * html/track/InbandDataTextTrack.h: Updated for above changes.

        * html/track/InbandGenericTextTrack.cpp:
        (WebCore::GenericTextTrackCueMap::GenericTextTrackCueMap): Deleted.
        (WebCore::GenericTextTrackCueMap::~GenericTextTrackCueMap): Deleted.
        (WebCore::GenericTextTrackCueMap::add): Take references intead of
        pointers.
        (WebCore::GenericTextTrackCueMap::find): Ditto. Also use get
        instead of find.
        (WebCore::GenericTextTrackCueMap::remove): Ditto. Also use take
        instead of double hashing to both find and remove.
        (WebCore::InbandGenericTextTrack::updateCueFromCueData): Stop using
        IGNORE_EXCEPTION. Also got rid of code that is converting a double
        to a long and then back to a double by using lround. Instead just
        use std::round, which keeps it a double. But also, why does this need
        to round?!
        (WebCore::InbandGenericTextTrack::addGenericCue): Updated to use
        reference to work with m_cueMap.
        (WebCore::InbandGenericTextTrack::updateGenericCue): Ditto.
        (WebCore::InbandGenericTextTrack::removeGenericCue): Ditto.
        (WebCore::InbandGenericTextTrack::removeCue): Use ExceptionOr.
        (WebCore::InbandGenericTextTrack::newCuesParsed): Removed
        ASSERT_NO_EXCEPTION.
        * html/track/InbandGenericTextTrack.h: Updated for above changes.

        * html/track/InbandWebVTTTextTrack.cpp:
        (WebCore::InbandWebVTTTextTrack::newCuesParsed): Removed
        ASSERT_NO_EXCEPTION.

        * html/track/TextTrack.cpp:
        (WebCore::TextTrack::addCue): Use ExcepctionOr.
        (WebCore::TextTrack::removeCue): Ditto.
        (WebCore::TextTrack::addRegion): Ditto.
        (WebCore::TextTrack::removeRegion): Ditto.
        * html/track/TextTrack.h: Updated for above changes.
        * html/track/TextTrack.idl: Ditto.

        * html/track/TextTrackCue.cpp:
        (WebCore::TextTrackCue::cueShadowPseudoId): Moved this here
        since it does not need to be inlined in the header.
        (WebCore::TextTrackCue::~TextTrackCue): Deleted.
        (WebCore::TextTrackCue::setStartTime): Removed ExceptionCode&
        since the exceptions were for non-finite values, but this is
        now handled by the bindings.
        (WebCore::TextTrackCue::setEndTime): Ditto.
        * html/track/TextTrackCue.h: Updated for the above.
        * html/track/TextTrackCue.idl: Removed SetterMayThrowLegacyException
        and made startTime and endTime be double rather than unrestricted double.

        * html/track/TextTrackCueGeneric.cpp:
        (WebCore::TextTrackCueGenericBoxElement::applyCSSProperties):
        Use a reference instead of a pointer.
        (WebCore::TextTrackCueGeneric::TextTrackCueGeneric): Initialize
        m_defaultPosition in the class definition instead of here.
        (WebCore::TextTrackCueGeneric::createDisplayTree): Return a Ref.
        (WebCore::TextTrackCueGeneric::setLine): Use ExceptionOr.
        (WebCore::TextTrackCueGeneric::setPosition): Ditto.
        (WebCore::TextTrackCueGeneric::setFontSize): Updated since
        displayTreeInternal() now returns a reference.
        * html/track/TextTrackCueGeneric.h: Updated for above changes.
        Also fixed some arguument types and made some more things private.

        * html/track/VTTCue.cpp:
        (WebCore::VTTCue::createDisplayTree): Return a Ref.
        (WebCore::VTTCue::displayTreeInternal): Return a reference.
        (WebCore::VTTCue::setVertical): Use ExceptionOr.
        (WebCore::VTTCue::setLine): Ditto.
        (WebCore::VTTCue::setPosition): Ditto.
        (WebCore::VTTCue::setSize): Ditto.
        (WebCore::VTTCue::setAlign): Ditto.
        (WebCore::VTTCue::getDisplayTree): Return a reference.
        (WebCore::VTTCue::removeDisplayTree): Updated since
        displayTreeInternal returns a reference.
        (WebCore::VTTCue::setFontSize): Ditto.
        * html/track/VTTCue.h: Updated for the above.
        * html/track/VTTCue.idl: Use non-legacy exceptions and also
        restricted doubles.

        * html/track/VTTRegion.cpp:
        (WebCore::VTTRegion::VTTRegion): Moved default values all into
        the class definition.
        (WebCore::VTTRegion::setWidth): Removed the check for non-finite
        since the bindings now handle that. Use ExcpetionOr.
        (WebCore::VTTRegion::setHeight): Ditto.
        (WebCore::VTTRegion::setRegionAnchorX): Ditto.
        (WebCore::VTTRegion::setRegionAnchorY): Ditto.
        (WebCore::VTTRegion::setViewportAnchorX): Ditto.
        (WebCore::VTTRegion::setViewportAnchorY): Ditto.
        (WebCore::upKeyword): Added. Shared by the code below.
        (WebCore::VTTRegion::scroll): Rewrote to be simpler.
        (WebCore::VTTRegion::setScroll): Rewrote to be simpler.
        (WebCore::VTTRegion::updateParametersFromRegion): Read and
        write data members directly to avoid awkward code that is otherwise
        required just to copy from one object to the other. Also take a
        const& instead of a pointer for the thing to update from.
        (WebCore::VTTRegion::parseSettingValue): Use upKeyword.
        (WebCore::VTTRegion::appendTextTrackCueBox): Take a Ref&&.
        (WebCore::VTTRegion::getDisplayTree): Do the downcast to Document
        here instead of using the helper function.
        (WebCore::VTTRegion::prepareRegionDisplayTree): Ditto.
        * html/track/VTTRegion.h: Updated for the above.
        * html/track/VTTRegion.idl: Use non-legacy exceptions and also
        use restricted dobules, not unrestricted.

2016-10-22  Chris Dumez  <cdumez@apple.com>

        WebGLRenderingContextBase.texImage2D() should use a union instead of overloading
        https://bugs.webkit.org/show_bug.cgi?id=163856

        Reviewed by Darin Adler.

        WebGLRenderingContextBase.texImage2D() should use a union instead of overloading:
        - https://www.khronos.org/registry/webgl/specs/latest/1.0/#5.14

        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::WebGLRenderingContextBase::texImage2D):
        * html/canvas/WebGLRenderingContextBase.h:
        * html/canvas/WebGLRenderingContextBase.idl:

2016-10-22  Antti Koivisto  <antti@apple.com>

        REGRESSION(r207669): Dromaeo/jslib-style-jquery.html regressed >20%
        https://bugs.webkit.org/show_bug.cgi?id=163851

        Reviewed by Darin Adler.

        The test calls Scope::flushPendingUpdate a lot and nothing ever happens there.

        Add a separate invalidity bit for descendant scopes and inline the fast path.

        * style/StyleScope.cpp:
        (WebCore::Style::Scope::flushPendingSelfUpdate):
        (WebCore::Style::Scope::flushPendingDescendantUpdates):
        (WebCore::Style::Scope::scheduleUpdate):
        (WebCore::Style::Scope::flushPendingUpdate): Deleted.
        * style/StyleScope.h:
        (WebCore::Style::Scope::hasPendingUpdate):
        (WebCore::Style::Scope::flushPendingUpdate):

2016-10-22  Darin Adler  <darin@apple.com>

        Move SVG from ExceptionCode to Exception
        https://bugs.webkit.org/show_bug.cgi?id=163837

        Reviewed by Chris Dumez.

        * WebCore.xcodeproj/project.pbxproj: Added SVGGraphicsElement.idl.

        * bindings/js/JSSVGLengthCustom.cpp:
        (WebCore::JSSVGLength::value): Use toJSNumber.
        (WebCore::JSSVGLength::setValue): Use propagateException.
        (WebCore::JSSVGLength::convertToSpecifiedUnits): Ditto.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateImplementation): Properly handle SetterMayThrowException
        in the special case for SVG setters.

        * rendering/style/SVGRenderStyle.h:
        (WebCore::SVGRenderStyle::initialBaselineShiftValue): Removed
        ASSERT_NO_EXCEPTION, no longer needed.
        (WebCore::SVGRenderStyle::initialKerning): Ditto.

        * svg/SVGAltGlyphElement.cpp:
        (WebCore::SVGAltGlyphElement::setGlyphRef): Use ExceptionOr.
        (WebCore::SVGAltGlyphElement::setFormat): Ditto.
        (WebCore::SVGAltGlyphElement::hasValidGlyphElements): Tweaked a bit.
        * svg/SVGAltGlyphElement.h: Updated for above changes.
        * svg/SVGAltGlyphElement.idl: Use non-legacy exceptions.

        * svg/SVGAngle.cpp:
        (WebCore::SVGAngle::valueAsString): Removed unneeded String globals.
        (WebCore::parseAngleType): Rewrote to be simpler and more direct.
        (WebCore::SVGAngle::setValueAsString): Use ExceptionOr.
        (WebCore::SVGAngle::newValueSpecifiedUnits): Ditto.
        (WebCore::SVGAngle::convertToSpecifiedUnits): Ditto.
        * svg/SVGAngle.h: Updated for above changes. Initialized data members
        here in the class definite and removed constructor; default now works.
        * svg/SVGAngle.idl: Use non-legacy exceptions.

        * svg/SVGAnimateElementBase.cpp:
        (WebCore::SVGAnimateElementBase::calculateAnimatedValue): Update since
        CalcMode is now an enum class.
        * svg/SVGAnimateMotionElement.cpp:
        (WebCore::SVGAnimateMotionElement::SVGAnimateMotionElement): Ditto.

        * svg/SVGAnimateTransformElement.cpp:
        (WebCore::SVGAnimateTransformElement::hasValidAttributeType): Update
        since AttributeType is now an enum class.

        * svg/SVGAnimatedAngle.cpp:
        (WebCore::SVGAnimatedAngleAnimator::calculateDistance): Removed
        ASSERT_NO_EXCEPTION, no longer needed.

        * svg/SVGAnimatedBoolean.idl: Use non-legacy exception.
        * svg/SVGAnimatedEnumeration.idl: Ditto.
        * svg/SVGAnimatedInteger.idl: Ditto.

        * svg/SVGAnimatedLength.cpp:
        (WebCore::sharedSVGLength): Deleted.
        (WebCore::SVGAnimatedLengthAnimator::addAnimatedTypes): Removed
        ASSERT_NO_EXCEPTION, no longer needed.
        (WebCore::parseLengthFromString): Ditto. Also rewrote to not use
        a shared SVGLength; no benefit to doing that.
        (WebCore::SVGAnimatedLengthAnimator::calculateAnimatedValue): Ditto.
        * svg/SVGAnimatedLengthList.cpp:
        (WebCore::SVGAnimatedLengthListAnimator::addAnimatedTypes): Ditto.
        (WebCore::SVGAnimatedLengthListAnimator::calculateAnimatedValue): Ditto.

        * svg/SVGAnimatedNumber.idl: Use non-legacy exception.
        * svg/SVGAnimatedString.idl: Ditto.

        * svg/SVGAnimatedType.cpp:
        (WebCore::SVGAnimatedType::setValueAsString): Updated since
        setValueAsString now uses ExceptionOr.

        * svg/SVGAnimationElement.cpp:
        (WebCore::SVGAnimationElement::SVGAnimationElement): Initialized scalars
        in the class definition instead of here.
        (WebCore::SVGAnimationElement::getSimpleDuration): Removed uneeded ExceptionCode&.
        (WebCore::SVGAnimationElement::setCalcMode): Updated since CalcMode is now an enum class.
        (WebCore::SVGAnimationElement::setAttributeType): Updated since AttributeType
        is now an enum class.
        (WebCore::SVGAnimationElement::shouldApplyAnimation): Ditto.
        (WebCore::SVGAnimationElement::calculateKeyTimesForCalcModePaced): Ditto.
        (WebCore::SVGAnimationElement::calculatePercentForSpline): Ditto.
        (WebCore::SVGAnimationElement::calculatePercentFromKeyPoints): Ditto.
        (WebCore::SVGAnimationElement::calculatePercentForFromTo): Ditto.
        (WebCore::SVGAnimationElement::currentValuesFromKeyPoints): Ditto.
        (WebCore::SVGAnimationElement::currentValuesForValuesAnimation): Ditto.
        (WebCore::SVGAnimationElement::startedActiveInterval): Ditto.
        (WebCore::SVGAnimationElement::updateAnimation): Ditto.
        (WebCore::SVGAnimationElement::checkInvalidCSSAttributeType): Ditto.

        * svg/SVGAnimationElement.h: Changed CalcMode into an enum class.
        Updated for above changes.

        * svg/SVGAnimationElement.idl: Removed MayThrowLegacyException from
        getSimpleDuration.

        * svg/SVGColor.cpp:
        (WebCore::SVGColor::SVGColor): Updated to take scalar in the straightforward
        manner instead of constt SVGColorType&.
        (WebCore::SVGColor::setRGBColor): Use ExceptionOr.
        (WebCore::SVGColor::setRGBColorICCColor): Ditto.
        (WebCore::SVGColor::setColor): Ditto.
        * svg/SVGColor.h: Updated for above changes. Removed unneeded destructor.
        * svg/SVGColor.idl: Use non-legacy exceptions.

        * svg/SVGGlyphRefElement.cpp:
        (WebCore::SVGGlyphRefElement::SVGGlyphRefElement): Initialize data members
        in class definition, not here.
        (WebCore::parseFloat): Added helper. Used in parseAttribute.
        (WebCore::SVGGlyphRefElement::parseAttribute): Updated to use parseFloat helper.
        (WebCore::SVGGlyphRefElement::glyphRef): Deleted.
        (WebCore::SVGGlyphRefElement::setGlyphRef): Deleted.
        (WebCore::SVGGlyphRefElement::setX): Removed unused Exception& argument.
        (WebCore::SVGGlyphRefElement::setY): Ditto.
        (WebCore::SVGGlyphRefElement::setDx): Ditto.
        (WebCore::SVGGlyphRefElement::setDy): Ditto.
        * svg/SVGGlyphRefElement.h: Updated for above changes.
        * svg/SVGGlyphRefElement.idl: Use Reflect on glyphRef. Removed incorrect
        SetterMayThrowLegacyException attributes for x, y, dx, and dy. Longer term
        it might be nice to use [Reflect] on these too.

        * svg/SVGGraphicsElement.idl: Use non-legacy exception.

        * svg/SVGLength.cpp:
        (WebCore::parseLengthType): Changed argument type since caller does not
        need to know how many characters are consumed.
        (WebCore::SVGLength::SVGLength): Removed IGNORE_EXCEPTION and ASSERT_NO_EXCEPTION.
        Also removed the copy constructor, letting the compiler generate the default.
        (WebCore::SVGLength::setValueAsString): Use ExceptionOr.
        (WebCore::SVGLength::construct): Updated since setValueAsString uses ExceptionOr.
        (WebCore::SVGLength::value): Ditto.
        (WebCore::SVGLength::valueForBindings): Use ExceptionOr. Also renamed to
        disambiguate with the version used outside of bindings.
        (WebCore::SVGLength::setValue): Use ExceptionOr.
        (WebCore::SVGLength::newValueSpecifiedUnits): Ditto.
        (WebCore::SVGLength::convertToSpecifiedUnits): Ditto.
        (WebCore::SVGLength::fromCSSPrimitiveValue): Updated since newValueSpecifiedUnits
        uses ExceptionOr.
        (WebCore::SVGLength::lengthModeForAnimatedLengthAttribute): Rewrote map generation
        code to be more efficient and not unrolled. Only do one hash table lookup.
        * svg/SVGLength.h: Updated for above changes.
        * svg/SVGLength.idl: Use non-legacy exceptions.

        * svg/SVGLengthContext.cpp:
        (WebCore::SVGLengthContext::valueForLength): Update since function
        uses ExceptionOr.
        (WebCore::SVGLengthContext::convertValueToUserUnits): Use ExceptionOr.
        (WebCore::SVGLengthContext::convertValueFromUserUnits): Ditto.
        (WebCore::SVGLengthContext::convertValueFromUserUnitsToPercentage): Ditto.
        (WebCore::SVGLengthContext::convertValueFromPercentageToUserUnits): Ditto.
        (WebCore::SVGLengthContext::convertValueFromUserUnitsToEMS): Ditto.
        (WebCore::SVGLengthContext::convertValueFromEMSToUserUnits): Ditto.
        (WebCore::SVGLengthContext::convertValueFromUserUnitsToEXS): Ditto.
        (WebCore::SVGLengthContext::convertValueFromEXSToUserUnits): Ditto.
        * svg/SVGLengthContext.h: Updatedfor above changes.

        * svg/SVGLengthList.cpp:
        (WebCore::SVGLengthList::parse): Updated since setValueAsString uses
        ExceptionOr now.
        * svg/SVGLengthList.h: Removed unneeded constructor.
        * svg/SVGLengthList.idl: Use non-legacy exceptions.

        * svg/SVGLocatable.cpp:
        (WebCore::SVGLocatable::getTransformToElement): Use ExceptionOr.
        * svg/SVGLocatable.h: Updated for above change.

        * svg/SVGMarkerElement.h:
        (WebCore::SVGPropertyTraits<SVGMarkerOrientType>::fromString):
        Updated since setValueAsString uses ExceptionOr now.

        * svg/SVGMatrix.h: Use ExceptionOr.
        * svg/SVGMatrix.idl: Use non-legacy exceptions.

        * svg/SVGNumberList.h: Removed unneeded constructor.
        * svg/SVGNumberList.idl: Use non-legacy exceptions.

        * svg/SVGPaint.cpp:
        (WebCore::SVGPaint::setPaint): Use ExceptionOr.
        * svg/SVGPaint.h: Updated for above chagne.
        * svg/SVGPaint.idl: Use non-legacy exception.

        * svg/SVGPathSegList.h: Tweaked a bit.
        * svg/SVGPathSegList.idl: Use non-legacy exceptions.

        * svg/SVGPointList.h: Removed unneeded constructor.
        * svg/SVGPointList.idl: Use non-legacy exceptions.

        * svg/SVGPreserveAspectRatio.cpp:
        (WebCore::SVGPreserveAspectRatio::setAlign): Use ExceptionOr.
        (WebCore::SVGPreserveAspectRatio::setMeetOrSlice): Ditto.
        * svg/SVGPreserveAspectRatio.h: Updated for above changes.
        * svg/SVGPreserveAspectRatio.idl: Use non-legacy exceptions.

        * svg/SVGSVGElement.cpp:
        (WebCore::SVGSVGElement::currentView): Pass a reference.

        * svg/SVGStringList.h: Tweaked a bit.
        * svg/SVGStringList.idl: Use non-legacy exceptions.

        * svg/SVGStyleElement.cpp:
        (WebCore::SVGStyleElement::setType): Removed unneeded ExceptionCode&.
        (WebCore::SVGStyleElement::setMedia): Ditto.
        (WebCore::SVGStyleElement::setTitle): Deleted.
        * svg/SVGStyleElement.h: Updated for above changes, and made the title
        function override be private.
        * svg/SVGStyleElement.idl: Use Reflect for title. Removed unneeded
        SetterMayThrowLegacyException on all attributes.

        * svg/SVGTextContentElement.cpp:
        (WebCore::SVGTextContentElement::textLengthAnimated): Removed
        ASSERT_NO_EXCEPTION, won't work any more.
        (WebCore::SVGTextContentElement::getSubStringLength): Use ExceptionOr.
        Also remove redundant call to updateLayoutIgnorePendingStylesheets,
        called by getNumberOfChars.
        (WebCore::SVGTextContentElement::getStartPositionOfChar): Ditto.
        (WebCore::SVGTextContentElement::getEndPositionOfChar): Ditto.
        (WebCore::SVGTextContentElement::getExtentOfChar): Ditto.
        (WebCore::SVGTextContentElement::getRotationOfChar): Ditto.
        (WebCore::SVGTextContentElement::selectSubString): Ditto.
        * svg/SVGTextContentElement.h: Updated for above changes.
        * svg/SVGTextContentElement.idl: Use non-legacy exceptions.

        * svg/SVGTransformList.h: Removed unneeded constructor.
        * svg/SVGTransformList.idl: Use non-legacy exceptions.

        * svg/SVGViewSpec.cpp:
        (WebCore::SVGViewSpec::SVGViewSpec): Updated to take a reference.
        (WebCore::SVGViewSpec::setZoomAndPan): Use ExceptionOr.
        (WebCore::SVGViewSpec::setTransformString): Deleted.
        (WebCore::SVGViewSpec::viewBoxString): Use m_viewBox directly.
        (WebCore::SVGViewSpec::preserveAspectRatioString): Use
        m_preserveAspectRatio directly.
        (WebCore::SVGViewSpec::viewTarget): Use is<SVGElement>.
        (WebCore::SVGViewSpec::lookupOrCreateViewBoxWrapper): Use
        m_contextElement directly.
        (WebCore::SVGViewSpec::lookupOrCreatePreserveAspectRatioWrapper):
        Ditto.
        (WebCore::SVGViewSpec::lookupOrCreateTransformWrapper): Ditto.
        (WebCore::SVGViewSpec::parseViewSpec): Set m_viewTargetString directly.
        * svg/SVGViewSpec.h: Updated for above changes. Removed unneeded virtual
        destructor, unneeded using for ref/deref, unused functions including
        setTransformString, setViewTargetString, non-exception setZoomAndPan,
        contextElement, viewBoxBaseValue, and preserveAspectRatioBaseValue.
        * svg/SVGViewSpec.idl: Use non-legacy exceptions. Also specify
        ImplementationLacksVTable.

        * svg/properties/SVGAnimatedEnumerationPropertyTearOff.h:
        Use ExceptionOr.
        * svg/properties/SVGAnimatedStaticPropertyTearOff.h: Ditto.
        * svg/properties/SVGListProperty.h: Ditto.
        * svg/properties/SVGListPropertyTearOff.h: Ditto.
         * svg/properties/SVGPathSegListPropertyTearOff.cpp:
        (WebCore::SVGPathSegListPropertyTearOff::clear): Ditto.
        (WebCore::SVGPathSegListPropertyTearOff::getItem): Ditto.
        (WebCore::SVGPathSegListPropertyTearOff::replaceItem): Ditto.
        (WebCore::SVGPathSegListPropertyTearOff::removeItem): Ditto.
        * svg/properties/SVGPathSegListPropertyTearOff.h: Ditto.
        * svg/properties/SVGPropertyTearOff.h: Ditto. Also added an overload
        of create that knows how to deal with exceptions.
        * svg/properties/SVGStaticListPropertyTearOff.h: Ditto.
        * svg/properties/SVGTransformListPropertyTearOff.h: Ditto.

2016-10-22  Chris Dumez  <cdumez@apple.com>

        WebGLRenderingContextBase.bufferData() should use a union instead of overloading
        https://bugs.webkit.org/show_bug.cgi?id=163795

        Reviewed by Darin Adler.

        WebGLRenderingContextBase.bufferData() / bufferSubData() should use a union
        instead of overloading:
        - https://www.khronos.org/registry/webgl/specs/latest/1.0/#5.14

        No new tests, no web-exposed behavior change.

        * bindings/js/JSDOMConvert.h:
        (WebCore::Converter<IDLInterface<T>>::convert):
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateHeader):
        * bindings/scripts/test/JS/JSInterfaceName.h:
        * bindings/scripts/test/JS/JSTestActiveDOMObject.h:
        * bindings/scripts/test/JS/JSTestCEReactions.h:
        * bindings/scripts/test/JS/JSTestCEReactionsStringifier.h:
        * bindings/scripts/test/JS/JSTestClassWithJSBuiltinConstructor.h:
        * bindings/scripts/test/JS/JSTestCustomConstructorWithNoInterfaceObject.h:
        * bindings/scripts/test/JS/JSTestCustomNamedGetter.h:
        * bindings/scripts/test/JS/JSTestEventConstructor.h:
        * bindings/scripts/test/JS/JSTestEventTarget.h:
        * bindings/scripts/test/JS/JSTestException.h:
        * bindings/scripts/test/JS/JSTestGenerateIsReachable.h:
        * bindings/scripts/test/JS/JSTestGlobalObject.h:
        * bindings/scripts/test/JS/JSTestInterface.h:
        * bindings/scripts/test/JS/JSTestIterable.h:
        * bindings/scripts/test/JS/JSTestMediaQueryListListener.h:
        * bindings/scripts/test/JS/JSTestNamedConstructor.h:
        * bindings/scripts/test/JS/JSTestNode.h:
        * bindings/scripts/test/JS/JSTestNondeterministic.h:
        * bindings/scripts/test/JS/JSTestObj.h:
        * bindings/scripts/test/JS/JSTestOverloadedConstructors.h:
        * bindings/scripts/test/JS/JSTestOverloadedConstructorsWithSequence.h:
        * bindings/scripts/test/JS/JSTestOverrideBuiltins.h:
        * bindings/scripts/test/JS/JSTestSerialization.h:
        * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.h:
        * bindings/scripts/test/JS/JSTestTypedefs.h:
        * bindings/scripts/test/JS/JSattribute.h:
        * bindings/scripts/test/JS/JSreadonly.h:
        * html/canvas/WebGL2RenderingContext.cpp:
        (WebCore::WebGL2RenderingContext::bufferData):
        (WebCore::WebGL2RenderingContext::bufferSubData):
        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::WebGLRenderingContextBase::bufferData):
        (WebCore::WebGLRenderingContextBase::bufferSubData):
        * html/canvas/WebGLRenderingContextBase.h:
        * html/canvas/WebGLRenderingContextBase.idl:

2016-10-22  Darin Adler  <darin@apple.com>

        [Cocoa] REGRESSION (r204508): Crash in init_WebCreateFragment when pasting (seen in multiple apps using legacy WebKit)
        https://bugs.webkit.org/show_bug.cgi?id=163839

        Reviewed by Dan Bernstein.

        * editing/cocoa/EditorCocoa.mm: Use the appropriate SOFT_LINK macros to find
        the WebKitLegacy platform in the correct location for iOS and macOS.

2016-10-22  Nael Ouedraogo  <nael.ouedraogo@crf.canon.fr>

        Bindings error message for missing required dictionary member should be more explicit
        https://bugs.webkit.org/show_bug.cgi?id=163665

        Reviewed by Darin Adler.

        Add throwRequiredMemberTypeError function to throw a TypeError exception with an error
        message indicating the missing required member.

        No new test required, rebase existing tests.

        * bindings/js/JSDOMBinding.cpp:
        (WebCore::throwRequiredMemberTypeError):
        * bindings/js/JSDOMBinding.h:
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateDictionaryImplementationContent):
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::convertDictionary<TestObj::DictionaryThatShouldNotTolerateNull>):

2016-10-22  Ryosuke Niwa  <rniwa@webkit.org>

        Upgrading custom element should enqueue attributeChanged and connected callbacks
        https://bugs.webkit.org/show_bug.cgi?id=163840

        Reviewed by Darin Adler.

        When upgrading a custom element, enqueue attributeChanged and connectedCallbacks as needed as specified
        in step 3 and 4 of: https://html.spec.whatwg.org/multipage/scripting.html#concept-upgrade-an-element

        Test: fast/custom-elements/upgrading-enqueue-reactions.html

        * bindings/js/JSCustomElementInterface.cpp:
        (WebCore::JSCustomElementInterface::upgradeElement): Enqueue 
        * dom/CustomElementReactionQueue.cpp:
        (WebCore::CustomElementReactionQueueItem::invoke): Don't invoke callbacks when the custom element had
        failed to upgrade.
        (WebCore::CustomElementReactionQueue::enqueuePostUpgradeReactions): Added.
        (WebCore::CustomElementReactionQueue::invokeAll): Upgrading a custom element may enqueue more reactions.
        Keep invoking reactions until the queue becomes empty.
        * dom/CustomElementReactionQueue.h:
        * dom/Range.idl: Added a forgotten CEReactions here.

2016-10-21  David Kilzer  <ddkilzer@apple.com>

        Bug 163762: IntSize::area() should used checked arithmetic
        <https://webkit.org/b/163762>

        Reviewed by Darin Adler.

        No new tests since no change in nominal behavior.

        * platform/graphics/IntSize.h:
        (WebCore::IntSize::area): Change to return a
        Checked<unsigned, T> value. Use WTF:: namespace to avoid
        including another header.

        * platform/graphics/IntRect.h:
        (WebCore::IntRect::area): Ditto.

        The remaining changes are to use the Checked<unsigned> return
        value of IntSize::area() and IntRect::area() correctly in
        context, in addition to items noted below.

        * html/HTMLPlugInImageElement.cpp:
        (WebCore::HTMLPlugInImageElement::isTopLevelFullPagePlugin):
        Declare contentWidth and contentHeight as float values to
        prevent overflow when computing the area, and to make the
        inequality comparison in the return statement uses the same type
        for both sides.
        * html/ImageData.cpp:
        (WebCore::ImageData::ImageData):
        * html/MediaElementSession.cpp:
        (WebCore::isElementRectMostlyInMainFrame):
        * platform/graphics/ImageBackingStore.h:
        (WebCore::ImageBackingStore::setSize): Restructure logic to
        compute area only once.
        (WebCore::ImageBackingStore::clear):
        * platform/graphics/ImageFrame.h:
        (WebCore::ImageFrame::frameBytes):
        * platform/graphics/ImageSource.cpp:
        (WebCore::ImageSource::maximumSubsamplingLevel):
        * platform/graphics/ca/LayerPool.cpp:
        (WebCore::LayerPool::backingStoreBytesForSize):
        * platform/graphics/cg/ImageDecoderCG.cpp:
        (WebCore::ImageDecoder::frameBytesAtIndex):
        * platform/graphics/filters/FEGaussianBlur.cpp:
        (WebCore::FEGaussianBlur::platformApplySoftware):
        * platform/graphics/filters/FilterEffect.cpp:
        (WebCore::FilterEffect::asUnmultipliedImage):
        (WebCore::FilterEffect::asPremultipliedImage):
        (WebCore::FilterEffect::copyUnmultipliedImage):
        (WebCore::FilterEffect::copyPremultipliedImage):
        (WebCore::FilterEffect::createUnmultipliedImageResult):
        (WebCore::FilterEffect::createPremultipliedImageResult):
        * platform/graphics/win/ImageBufferDataDirect2D.cpp:
        (WebCore::ImageBufferData::getData): Update overflow check,
        rename local variable to numBytes, and compute numBytes once.
        * platform/graphics/win/ImageDecoderDirect2D.cpp:
        (WebCore::ImageDecoder::frameBytesAtIndex):
        * platform/image-decoders/ImageDecoder.cpp:
        (WebCore::ImageDecoder::frameBytesAtIndex):
        * platform/ios/LegacyTileLayerPool.mm:
        (WebCore::LegacyTileLayerPool::bytesBackingLayerWithPixelSize):
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::requiresCompositingForCanvas):
        * rendering/shapes/Shape.cpp:
        (WebCore::Shape::createRasterShape):

2016-10-21  Gavin Barraclough  <barraclough@apple.com>

        WebPageProxy should not need PageActivityState
        https://bugs.webkit.org/show_bug.cgi?id=163821

        Reviewed by Geoff Garen.

        The PageActivityState is currently plumbed back from WebCore up to the UI process, to
        determine whether to enabled process suppression. However the information it contains
        (whether a page load is ongoing, whether audio is playing) is already available via
        other means. Remove this use of PageActivityState.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::mediaState):
            - Fix a bug in how we compute IsPlayingAudio - if the volume of the MediaElement is
              set to zero, then audio is not playing (we were already checking muted).
        * page/ChromeClient.h:
            - removed setPageActivityState
        * page/Page.cpp:
        (WebCore::Page::setPageActivityState): Deleted.
            - setPageActivityState -> pageActivityStateChanged, remove call to ChromeClient
        * page/Page.h:
        (WebCore::Page::pageActivityStateChanged):
            - setPageActivityState -> pageActivityStateChanged
        * page/PageThrottler.cpp:
        (WebCore::PageThrottler::setActivityFlag):
            - setPageActivityState -> pageActivityStateChanged

2016-10-21  Chris Dumez  <cdumez@apple.com>

        [Web ID] Overload resolution is wrong if one of the types is a nullable union
        https://bugs.webkit.org/show_bug.cgi?id=163816

        Reviewed by Alex Christensen.

        Overload resolution was wrong if one of the types was a nullable union. This
        is because we never considered the union type itself, only its subtypes.
        Therefore, we checked if any of the union's subtypes were nullable but we
        failed to check if the union itself was nullable.

        See:
        - https://heycam.github.io/webidl/#es-overloads (Step 11.3.)

        No new tests, extended bindings tests.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GetOverloadThatMatchesIgnoringUnionSubtypes):
        (GenerateOverloadedFunctionOrConstructor):
        * bindings/scripts/test/JS/JSTestObj.cpp:
        (WebCore::jsTestObjPrototypeFunctionOverloadWithNullableUnion1):
        (WebCore::jsTestObjPrototypeFunctionOverloadWithNullableUnion1Caller):
        (WebCore::jsTestObjPrototypeFunctionOverloadWithNullableUnion2):
        (WebCore::jsTestObjPrototypeFunctionOverloadWithNullableUnion2Caller):
        (WebCore::jsTestObjPrototypeFunctionOverloadWithNullableUnion):
        (WebCore::jsTestObjPrototypeFunctionOverloadWithOptionalUnion1):
        (WebCore::jsTestObjPrototypeFunctionOverloadWithOptionalUnion1Caller):
        (WebCore::jsTestObjPrototypeFunctionOverloadWithOptionalUnion2):
        (WebCore::jsTestObjPrototypeFunctionOverloadWithOptionalUnion2Caller):
        (WebCore::jsTestObjPrototypeFunctionOverloadWithOptionalUnion):
        * bindings/scripts/test/TestObj.idl:

2016-10-21  Eric Carlson  <eric.carlson@apple.com>

        [MediaStream] Dynamically generate media capture sandbox extensions
        https://bugs.webkit.org/show_bug.cgi?id=154861
        <rdar://problem/24909411>

        Reviewed by Tim Horton.

        No new tests, some of these changes are covered by existing tests and some can only be tested
        with physical capture devices.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm: AVSampleBufferAudioRenderer
          and AVSampleBufferRenderSynchronizer are now declared in AVFoundationSPI.h.

        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h:
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::MediaPlayerPrivateMediaStreamAVFObjC): Initialize 
          AVSampleBufferRenderSynchronizer.
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::isAvailable): Fail if AVSampleBufferRenderSynchronizer
          isn't available.
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::enqueueAudioSampleBufferFromTrack): Take a MediaSample&
          instead of a PlatformSample&.
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::enqueueVideoSampleBufferFromTrack): Ditto.
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::ensureLayer): Add the sample buffer display 
          later to the synchronizer.
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::destroyLayer): Remove the sample buffer display 
          later from the synchronizer.
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::play): Start the synchronizer.
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::pause): Stash the current clock time in 
          m_pausedTime, but leave the clock running. Pause the synchronizer.
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::currentMediaTime): Return the clock time
          when playing, m_pausedTime time when paused because we leave the clock running forever.
        (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::sampleBufferUpdated):

        * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm: AVSampleBufferAudioRenderer
          is now declared in AVFoundationSPI.h.

        * platform/spi/mac/AVFoundationSPI.h: Add AVSampleBufferAudioRenderer and AVSampleBufferRenderSynchronizer.

2016-10-21  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r207582.
        https://bugs.webkit.org/show_bug.cgi?id=163819

        Not quite ready rdar://problem/28897179 (Requested by
        alexchristensen on #webkit).

        Reverted changeset:

        "Re-enable URLParser for non-Safari Cocoa apps after r207321"
        https://bugs.webkit.org/show_bug.cgi?id=163690
        http://trac.webkit.org/changeset/207582

2016-10-21  Gavin Barraclough  <barraclough@apple.com>

        WebPage should take UserActivity directly for user input
        https://bugs.webkit.org/show_bug.cgi?id=163813

        Reviewed by Anders Carlsson.

        When we receive mouse/keyboard events in a page, we want to prevent AppNap. We currently do so
        via the PageThrottler. This patch is to just make the WebPage drive the UserActivity directly.

        Two reasons to do so: (1) to cleanup & simplify for further refactoring. (2) The current code
        isn't really achieving the desired effect. The page setting the flag in the throttler to get
        the activity to be set is now a less effective way of achieving this goal, since the
        PageActivityState bounces back across to the UI process & then messages back to the WebContent
        process to take the UserActivity. These extra hops defeat the purpose of making sure the boost
        from the initial message isn't lost.

        * page/PageThrottler.cpp:
        (WebCore::PageThrottler::PageThrottler):
        (WebCore::m_userInputHysteresis): Deleted.
        * page/PageThrottler.h:
        (WebCore::PageThrottler::didReceiveUserInput): Deleted.
            - removed PageActivityState::UserInputActivity, didReceiveUserInput, m_userInputHysteresis.

2016-10-21  Wenson Hsieh  <wenson_hsieh@apple.com>

        Support (insertFrom|deleteBy)Composition and (insert|delete)CompositionText inputTypes for InputEvents
        https://bugs.webkit.org/show_bug.cgi?id=163460
        <rdar://problem/28784142>

        Reviewed by Darin Adler.

        Adds basic support for the composition inputTypes in the InputEvent spec. See w3.org/TR/input-events,
        github.com/w3c/input-events/issues/41 and github.com/w3c/input-events/issues/42 for more details. While input
        events are fired in the correct order with respect to each other, additional work will be required to ensure
        that input events are fired in the correct order with respect to composition(start|update|end) events and
        textInput events. This is held off until the expected ordering of events is officially defined in the spec.

        Tests: fast/events/before-input-events-prevent-insert-composition.html
               fast/events/before-input-events-prevent-recomposition.html
               fast/events/input-events-ime-composition.html
               fast/events/input-events-ime-recomposition.html

        * editing/CompositeEditCommand.cpp:
        (WebCore::CompositeEditCommand::apply):
        * editing/CompositeEditCommand.h:
        (WebCore::CompositeEditCommand::isBeforeInputEventCancelable):

        Adds a new virtual method hook for subclasses to mark their `beforeinput` events as non-cancelable (see
        TypingCommand::isBeforeInputEventCancelable). By default, `beforeinput` events are cancelable.

        * editing/EditAction.h:

        Adds 4 new EditActions corresponding to the 4 composition-related inputTypes. These are:
        EditActionTypingDeletePendingComposition    => "deleteCompositionText"
        EditActionTypingDeleteFinalComposition      => "deleteByComposition"
        EditActionTypingInsertPendingComposition    => "insertCompositionText"
        EditActionTypingInsertFinalComposition      => "insertFromComposition"

        * editing/EditCommand.cpp:
        (WebCore::inputTypeNameForEditingAction):
        * editing/Editor.cpp:
        (WebCore::dispatchBeforeInputEvent):
        (WebCore::dispatchBeforeInputEvents):
        (WebCore::Editor::willApplyEditing):
        (WebCore::Editor::insertTextWithoutSendingTextEvent):
        (WebCore::Editor::setComposition):

        In setComposition(text, mode), tweak the logic for committing a composition to always delete the selection
        before inserting the final composition text. In setComposition(text, underlines, start, end), catch the case
        where we're beginning to recompose an existing range in the DOM and delete the recomposed text first.

        * editing/TypingCommand.cpp:
        (WebCore::editActionForTypingCommand):
        (WebCore::TypingCommand::TypingCommand):
        (WebCore::TypingCommand::deleteSelection):

        Adds a TextCompositionType parameter so that call sites (see Editor::setComposition) can indicate what state the
        edited composition is in. This allows us to differentiate between deletion of finalized composition text in
        preparation of recomposing a range in the DOM, and deletion of composition text that has not yet been committed
        in preparation for inserting a finalized composition into the DOM.

        (WebCore::TypingCommand::deleteKeyPressed):
        (WebCore::TypingCommand::forwardDeleteKeyPressed):
        (WebCore::TypingCommand::insertText):
        (WebCore::TypingCommand::insertLineBreak):
        (WebCore::TypingCommand::insertParagraphSeparatorInQuotedContent):
        (WebCore::TypingCommand::insertParagraphSeparator):
        (WebCore::TypingCommand::isBeforeInputEventCancelable):
        (WebCore::TypingCommand::inputEventData):
        (WebCore::TypingCommand::willAddTypingToOpenCommand):
        * editing/TypingCommand.h:

2016-10-21  Dave Hyatt  <hyatt@apple.com>

        [CSS Parser] Make sure shadow user agent sheets parse in UASheetMode
        https://bugs.webkit.org/show_bug.cgi?id=163810

        Reviewed by Dean Jackson.

        * dom/InlineStyleSheetOwner.cpp:
        (WebCore::parserContextForElement):
        (WebCore::makeInlineStyleSheetCacheKey):
        (WebCore::InlineStyleSheetOwner::createSheet):
        (WebCore::parserContextForForElement): Deleted.

2016-10-21  Jer Noble  <jer.noble@apple.com>

        YouTube stalls when seeking beyond buffered range
        https://bugs.webkit.org/show_bug.cgi?id=162813

        Reviewed by Eric Carlson.

        When seeking a MediaPlayerPrivateMediaSourceAVFObjC, we will first seek the AVSampleBufferRenderSynchronizer,
        flush and enqueue non-displaying frames, enqueue regular frames, then begin playback. The above stall will occur
        when we enqueue so many non- displaying frames that the display layer is not ready for normal ones before
        playback begins. Then, when the synchronizer attempts to synchronize the enqueued audio and video renderers, the
        only available samples are back at the original media time, and so it "seeks" by updating the CMTimebase back to
        the original media time, causing playback to appear "stalled".  The overall solution is to "flush" the contents
        of the renderers before the seek, so that the synchronizer doesn't reset the currentTime, and to only restart
        the synchronizer when there are visible (or audible) samples available for display.

        Breaking the fix down into sections:

        = Don't enqueue too many non-displaying samples at once:
        - Rename SourceBufferPrivate::flushAndEnqueueNonDisplayingSamples() to SourceBufferPrivate::flush(), and no longer
          pass in an array of non-displaying samples.
        - Add a new virtual method to MediaSample, createNonDisplayingCopy(), used by SourceBuffer to enqueue non-displaying
          samples.
        - in SourceBuffer::reenqueueMediaForTime(), use that new createNonDisplayingCopy() method to enqueue non-displaying
          samples in the same queue as regular samples.

        * Modules/mediasource/SourceBuffer.cpp:
        (WebCore::SourceBuffer::provideMediaData):
        (WebCore::SourceBuffer::reenqueueMediaForTime):
        * platform/MediaSample.h:
        (WebCore::MediaSample::isNonDisplaying):
        * platform/graphics/SourceBufferPrivate.h:
        (WebCore::SourceBufferPrivate::flush):
        (WebCore::SourceBufferPrivate::flushAndEnqueueNonDisplayingSamples): Renamed -> flush().
        * platform/graphics/avfoundation/MediaSampleAVFObjC.h:
        * platform/graphics/avfoundation/objc/MediaSampleAVFObjC.mm:
        (WebCore::CMSampleBufferIsNonDisplaying):
        (WebCore::MediaSampleAVFObjC::flags):
        (WebCore::MediaSampleAVFObjC::createNonDisplayingCopy):
        * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
        (WebCore::SourceBufferPrivateAVFObjC::trackDidChangeEnabled):
        (WebCore::SourceBufferPrivateAVFObjC::willSeek):
        (WebCore::createNonDisplayingCopy): Moved to MediaSampleAVFObjC.
        (WebCore::SourceBufferPrivateAVFObjC::flushAndEnqueueNonDisplayingSamples): Renamed -> flush().
        * platform/mock/mediasource/MockBox.h:
        * platform/mock/mediasource/MockSourceBufferPrivate.cpp:
        (WebCore::MockMediaSample::flags):
        (WebCore::MockMediaSample::createNonDisplayingCopy):
        * platform/mock/mediasource/MockSourceBufferPrivate.h:

        = Don't start playing until all renderers have visible/audible samples:
        - SourceBufferPrivateAVFObjC will notify its associated MediaPlayerPrivateMediaSourceAVFObjC when
          it flushes and receives visible/audible samples.
        - The MediaPlayer will store audio renderers as keys to a HashMap which allows it to track which
          have available samples.
        - This requires changing all the places where we loop over the available renderers.

        * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.mm:
        (WebCore::SourceBufferPrivateAVFObjC::trackDidChangeEnabled):
        (WebCore::SourceBufferPrivateAVFObjC::enqueueSample):
        (WebCore::SourceBufferPrivateAVFObjC::flush):
        (WebCore::SourceBufferPrivateAVFObjC::willSeek):
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.h:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::allRenderersHaveAvailableSamples):
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setHasAvailableVideoFrame): Deleted.
        * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::MediaPlayerPrivateMediaSourceAVFObjC):
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setVolume):
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setMuted):
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setHasAvailableVideoFrame):
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setHasAvailableAudioSample):
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::updateAllRenderersHaveAvailableSamples):
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::addAudioRenderer):
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::removeAudioRenderer):
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::setPreservesPitch):
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::seeking):
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::shouldBePlaying):
        (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::seekInternal):
        * platform/graphics/avfoundation/objc/MediaSourcePrivateAVFObjC.h:
        * platform/graphics/avfoundation/objc/MediaSourcePrivateAVFObjC.mm:
        (WebCore::MediaSourcePrivateAVFObjC::willSeek):
        * platform/graphics/avfoundation/objc/SourceBufferPrivateAVFObjC.h:

        = Don't display new samples mid-seek.
        - MediaSource should clear its m_pendingSeekTime ivar, which is used whyn SourceBuffer queries whether or not a
          seek is pending, when instructing its SourceBuffers to seekToTime().
        - This allows SourceBuffer to decline to enqueue new samples during a MediaSource seek operation.

        * Modules/mediasource/MediaSource.cpp:
        (WebCore::MediaSource::completeSeek):

2016-10-20  Dean Jackson  <dino@apple.com>

        SVG should not paint selection within a mask
        https://bugs.webkit.org/show_bug.cgi?id=163772
        <rdar://problem/28705129>

        Reviewed by Simon Fraser.

        When masking content, we shouldn't paint the text
        selection as we are rendering into the masking
        offscreen buffer.

        Test: svg/masking/mask-should-not-paint-selection.html

        * rendering/PaintPhase.h: Add a new behavior - PaintBehaviorSkipSelectionHighlight.
        * rendering/svg/SVGInlineTextBox.cpp:
        (WebCore::SVGInlineTextBox::paint): Don't update the selectionStyle if
        PaintBehaviorSkipSelectionHighlight is true.
        * rendering/svg/SVGRenderingContext.cpp:
        (WebCore::SVGRenderingContext::renderSubtreeToImageBuffer): Add PaintBehaviorSkipSelectionHighlight
        to the PaintInfo.

2016-10-21  Chris Dumez  <cdumez@apple.com>

        [Web IDL] MediaControlsHost has invalid operation overloads
        https://bugs.webkit.org/show_bug.cgi?id=163793

        Reviewed by Darin Adler.

        MediaControlsHost has invalid operation overloads:
        - sortedTrackListForMenu()
        - displayNameForTrack()

        The parameter is nullable for both overloads which is not valid IDL.

        - sortedTrackListForMenu(): The parameter is no longer nullable. This is a minor
          behavior change and it should be safe since this is Apple-specific and only
          called from mediaControlsApple.js which uses HTMLMediaElement.videoTracks and
          HTMLMediaElement.audioTracks as input, both of which are not nullable.
          Note that we could have also kept one of the parameters as nullable to not
          change behavior but allowing null does not seem useful here.
        - displayNameForTrack(): Use a union instead of overloading, no behavior change.

        * Modules/mediacontrols/MediaControlsHost.cpp:
        (WebCore::MediaControlsHost::sortedTrackListForMenu):
        (WebCore::MediaControlsHost::displayNameForTrack):
        * Modules/mediacontrols/MediaControlsHost.h:
        * Modules/mediacontrols/MediaControlsHost.idl:

2016-10-21  Jeremy Jones  <jeremyj@apple.com>

        Implement basic pointer lock behavior for WebKit and WebKit2.
        https://bugs.webkit.org/show_bug.cgi?id=162745

        Reviewed by Simon Fraser.

        When ENABLE_POINTER_LOCK is enabled, these tests now pass with DumpRenderTree.
        LayoutTests/pointer-lock/lock-already-locked.html
        LayoutTests/pointer-lock/lock-element-not-in-dom.html
        LayoutTests/pointer-lock/locked-element-iframe-removed-from-dom.html
        LayoutTests/pointer-lock/mouse-event-api.html

        Export pointer lock symbols and cancel pointer lock on "escape".

        * dom/Document.h: Export symbols.
        * dom/Element.h: Export symbols.
        * page/EventHandler.cpp:
        (WebCore::EventHandler::keyEvent): Cancel pointer lock on "escape".
        * page/PointerLockController.cpp: Add missing include.
        * page/PointerLockController.h: Export symbols.

2016-10-21  Jer Noble  <jer.noble@apple.com>

        WebCore::PlatformMediaSession::stopSession + 13
        https://bugs.webkit.org/show_bug.cgi?id=163799

        Reviewed by Eric Carlson.

        Because m_sessions can be mutated by removeSession() while iterating over m_sessions, and because
        PlatformMediaSessions are not refcounted, it is not enough to copy m_sessions into a copied Vector
        before iterating. Instead, wrap iteration of m_sessions in a convenience function, which sets an
        iteration counter which, when cleared, removes all null entries from m_session. In parallel, modify
        removeSession() to check this iteration counter, and replace the session with a null value rather
        than mutating the m_sessions vector itself.

        * platform/audio/PlatformMediaSessionManager.cpp:
        (WebCore::PlatformMediaSessionManager::has):
        (WebCore::PlatformMediaSessionManager::activeAudioSessionRequired):
        (WebCore::PlatformMediaSessionManager::canProduceAudio):
        (WebCore::PlatformMediaSessionManager::removeSession):
        (WebCore::PlatformMediaSessionManager::sessionWillBeginPlayback):
        (WebCore::PlatformMediaSessionManager::sessionWillEndPlayback):
        (WebCore::PlatformMediaSessionManager::currentSessionsMatching):
        (WebCore::PlatformMediaSessionManager::applicationWillEnterBackground):
        (WebCore::PlatformMediaSessionManager::applicationDidEnterForeground):
        (WebCore::PlatformMediaSessionManager::systemWillSleep):
        (WebCore::PlatformMediaSessionManager::systemDidWake):
        (WebCore::PlatformMediaSessionManager::stopAllMediaPlaybackForDocument):
        (WebCore::PlatformMediaSessionManager::stopAllMediaPlaybackForProcess):
        (WebCore::PlatformMediaSessionManager::forEachSession):
        (WebCore::PlatformMediaSessionManager::anyOfSessions):
        * platform/audio/PlatformMediaSessionManager.h:

2016-10-21  Darin Adler  <darin@apple.com>

        Move some more assorted classes from ExceptionCode to Exception
        https://bugs.webkit.org/show_bug.cgi?id=163775

        Reviewed by Chris Dumez.

        * Modules/fetch/WorkerGlobalScopeFetch.cpp:
        (WebCore::WorkerGlobalScopeFetch::fetch): Remove unnecessary calls to
        WorkerGlobalScope::scriptExcutionObject, which just returns the scope itself.

        * Modules/notifications/Notification.cpp: Added now-needed include.
        * Modules/webdatabase/DOMWindowWebDatabase.cpp: Ditto.

        * WebCore.xcodeproj/project.pbxproj: Added WindowOrWorkerGlobalScope.idl.

        * bindings/js/JSDedicatedWorkerGlobalScopeCustom.cpp:
        (WebCore::JSDedicatedWorkerGlobalScope::postMessage): Pass a reference instead
        of a pointer to handlePostMessage.
        * bindings/js/JSMessagePortCustom.cpp:
        (WebCore::JSMessagePort::postMessage): Ditto.

        * bindings/js/JSMessagePortCustom.h: Use pragma once. Change handlePostMessage
        to take a reference to the object instead of a pointer, and also to use
        propagateException since postMessage now uses ExceptionOr.

        * bindings/js/JSWorkerCustom.cpp:
        (WebCore::JSWorker::postMessage): Pass a reference instead of a pointer to
        handlePostMessage.
        (WebCore::constructJSWorker): Use the version of toJSNewlyCreated that handles
        propagating an exception from ExceptionOr.

        * bindings/js/JSWorkerGlobalScopeCustom.cpp:
        (WebCore::JSWorkerGlobalScope::visitAdditionalChildren): Use auto.
        Remove unnecessary round trip through the scriptExecutionContext function.
        (WebCore::JSWorkerGlobalScope::importScripts): Use reserveInitialCapacity and
        uncheckedAppend to build up the vector of strings. Use propagateException
        to deal with ExceptionOr result.

        * dom/MessagePort.cpp:
        (WebCore::MessagePort::MessagePort): Initialize boolean data members in the
        class definition instead of here.
        (WebCore::MessagePort::postMessage): Use ExceptionOr.
        (WebCore::MessagePort::entangle): Use an rvalue reference.
        (WebCore::MessagePort::dispatchMessages): Use ExceptionOr.
        (WebCore::MessagePort::disentanglePorts): Ditto. Also use a more efficient
        idiom that does half as much hashing as the old algorithm, and got rid an
        unneeded local variable.
        (WebCore::MessagePort::entanglePorts): Use an rvalue reference.
        * dom/MessagePort.h: Updated for above changes.

        * fileapi/FileReader.cpp:
        (WebCore::FileReader::create): Use auto.
        (WebCore::FileReader::FileReader): Initialize scalars in the class definition.
        (WebCore::FileReader::~FileReader): Call cancel on the loader directly
        instead of sharing code with the stop function.
        (WebCore::FileReader::stop): Moved the body of the terminate function here.
        (WebCore::FileReader::readAsArrayBuffer): Use ExceptionOr.
        (WebCore::FileReader::readAsBinaryString): Ditto.
        (WebCore::FileReader::readAsText): Ditto.
        (WebCore::FileReader::readAsDataURL): Ditto.
        (WebCore::FileReader::readInternal): Ditto. Also add a cast now that
        we derive privately from FileReaderLoaderClient.
        (WebCore::FileReader::abort): Call stop instead of terminate.
        (WebCore::FileReader::terminate): Deleted. Moved code into stop.
        (WebCore::FileReader::didReceiveData): Moved comment to where the constant is.
        * fileapi/FileReader.h: Updated for above changes. Made more functions private
        and used final instead of override.
        * fileapi/FileReader.idl: Use non-legacy exceptions.

        * fileapi/FileReaderSync.cpp:
        (WebCore::FileReaderSync::readAsArrayBuffer): Use ExceptionOr.
        (WebCore::FileReaderSync::readAsBinaryString): Ditto.
        (WebCore::FileReaderSync::readAsText): Ditto.
        (WebCore::FileReaderSync::readAsDataURL): Ditto.
        (WebCore::FileReaderSync::startLoading): Ditto.
        (WebCore::FileReaderSync::startLoadingString): Added. Helper to cut down on
        repeated code in functions above.
        * fileapi/FileReaderSync.h: Updated for above changes.
        * fileapi/FileReaderSync.idl: Use non-legacy exceptions.

        * page/Base64Utilities.cpp:
        (WebCore::Base64Utilities::btoa): Use ExceptionOr.
        (WebCore::Base64Utilities::atob): Ditto.
        * page/Base64Utilities.h: Updated for above changes.

        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::navigator): Pass a reference to the frame.
        (WebCore::DOMWindow::postMessage): Use ExceptionOr when calling
        MessagePort::disentanglePorts. Also udpated for changes to the
        PostMessageTimer.

        * page/Navigator.cpp:
        (WebCore::Navigator::Navigator): Take a reference.
        (WebCore::shouldHideFourDot): Ditto
        (WebCore::Navigator::appVersion): Pass a reference.
        (WebCore::Navigator::plugins): Return a reference.
        (WebCore::Navigator::mimeTypes): Ditto.
        * page/Navigator.h: Updated for above changes. Also marked the
        class final and moved derivation from RefCounted to NavigatorBase.

        * page/NavigatorBase.h: Addded derivation from RefCounted since
        both derived classes want that, and the destructor is already virtual.

        * page/WindowOrWorkerGlobalScope.idl: Use non-legacy exceptions.

        * page/WorkerNavigator.cpp:
        (WebCore::WorkerNavigator::~WorkerNavigator): Deleted.

        * page/WorkerNavigator.h: Moved derivation from RefCounted to
        NavigatorBase. Also marked class final.

        * workers/AbstractWorker.cpp:
        (WebCore::AbstractWorker::resolveURL): Use ExceptionOr.
        * workers/AbstractWorker.h: Updated for above changes.

        * workers/DedicatedWorkerGlobalScope.cpp:
        (WebCore::DedicatedWorkerGlobalScope::create): Use RefPtr&&
        instead of PassRefPtr.
        (WebCore::DedicatedWorkerGlobalScope::DedicatedWorkerGlobalScope):
        Ditto.
        (WebCore::DedicatedWorkerGlobalScope::postMessage): Use ExceptionOr.
        (WebCore::DedicatedWorkerGlobalScope::importScripts): Ditto.
        * workers/DedicatedWorkerGlobalScope.h: Updated for above changes.
        * workers/DedicatedWorkerGlobalScope.idl: Use non-legacy exceptions.

        * workers/Worker.cpp:
        (WebCore::Worker::create): Use ExceptionOr.
        (WebCore::Worker::postMessage): Ditto.
        * workers/Worker.h: Updated for above changes.
        * workers/Worker.idl: Use non-legacy exception.

        * workers/WorkerGlobalScope.cpp:
        (WebCore::WorkerGlobalScope::WorkerGlobalScope): Moved initialization
        of m_closing to class definition.
        (WebCore::WorkerGlobalScope::~WorkerGlobalScope): Removed call to
        deleted notifyObserversOfStop function.
        (WebCore::WorkerGlobalScope::importScripts): Use ExceptionOr. Also use
        reserveInitialCapacity and uncheckedAppend to build a vector.
        (WebCore::WorkerGlobalScope::addConsoleMessage): Use an rvalue reference.
        Also moved the body of one of the addMessageToWorkerConsole overloads into
        one of the overloads of this function, and changed the other to call addMessage.
        (WebCore::WorkerGlobalScope::addMessage): Moved the body of the other
        addMessageToWorkerConsole here.
        (WebCore::WorkerGlobalScope::addMessageToWorkerConsole): Deleted.
        (WebCore::WorkerGlobalScope::Observer::Observer): Deleted.
        (WebCore::WorkerGlobalScope::Observer::~Observer): Deleted.
        (WebCore::WorkerGlobalScope::Observer::stopObserving): Deleted.
        (WebCore::WorkerGlobalScope::registerObserver): Deleted.
        (WebCore::WorkerGlobalScope::unregisterObserver): Deleted.
        (WebCore::WorkerGlobalScope::notifyObserversOfStop): Deleted.
        * workers/WorkerGlobalScope.h: Removed unneeded includes. Moved many virtual
        function overrides into the private section. Marked many functions final instead
        of just override. Removed unused Observer class and m_workerObservers set.

        * workers/WorkerThread.cpp:
        (WebCore::WorkerThread::stop): Removed call to deleted
        WorkerGlobalScope::notifyObserversOfStop function.

2016-10-21  Antti Koivisto  <antti@apple.com>

        Tighten ComputedStyleExtractor to use Element instead of Node
        https://bugs.webkit.org/show_bug.cgi?id=163798

        Reviewed by Andreas Kling.

        Also make its functions non-const as they may compute style.

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::styleElementForNode):
        (WebCore::ComputedStyleExtractor::ComputedStyleExtractor):

            If we are called with a Node figure out the style Element in constructor.

        (WebCore::ComputedStyleExtractor::getFontSizeCSSValuePreferringKeyword):
        (WebCore::ComputedStyleExtractor::useFixedFontDefaultSize):
        (WebCore::ComputedStyleExtractor::styledElement):
        (WebCore::CSSComputedStyleDeclaration::getPropertyCSSValue):
        (WebCore::CSSComputedStyleDeclaration::copyProperties):
        (WebCore::elementOrItsAncestorNeedsStyleRecalc):

            Use composed tree iterator for increased correctness in shadow trees.

        (WebCore::updateStyleIfNeededForElement):
        (WebCore::computeRenderStyleForProperty):
        (WebCore::ComputedStyleExtractor::customPropertyValue):
        (WebCore::ComputedStyleExtractor::customPropertyText):
        (WebCore::ComputedStyleExtractor::propertyValue):
        (WebCore::CSSComputedStyleDeclaration::length):
        (WebCore::CSSComputedStyleDeclaration::item):
        (WebCore::ComputedStyleExtractor::propertyMatches):
        (WebCore::ComputedStyleExtractor::copyProperties):
        (WebCore::ComputedStyleExtractor::getCSSPropertyValuesForShorthandProperties):
        (WebCore::ComputedStyleExtractor::getCSSPropertyValuesForSidesShorthand):
        (WebCore::ComputedStyleExtractor::getCSSPropertyValuesForGridShorthand):
        (WebCore::ComputedStyleExtractor::copyPropertiesInSet):
        (WebCore::CSSComputedStyleDeclaration::getPropertyValue):
        (WebCore::ComputedStyleExtractor::getBackgroundShorthandValue):
        (WebCore::ComputedStyleExtractor::styledNode): Deleted.
        (WebCore::nodeOrItsAncestorNeedsStyleRecalc): Deleted.
        (WebCore::updateStyleIfNeededForNode): Deleted.
        * css/CSSComputedStyleDeclaration.h:
        * css/SVGCSSComputedStyleDeclaration.cpp:
        (WebCore::ComputedStyleExtractor::svgPropertyValue):
        * editing/EditingStyle.cpp:
        (WebCore::EditingStyle::removeEquivalentProperties):
        * editing/EditingStyle.h:

2016-10-21  Chris Dumez  <cdumez@apple.com>

        WebGL2RenderingContext.texSubImage3D() should use a union instead of overloading
        https://bugs.webkit.org/show_bug.cgi?id=163792

        Reviewed by Darin Adler.

        WebGL2RenderingContext.texSubImage3D() should use a union instead of overloading for 
        - https://www.khronos.org/registry/webgl/specs/latest/2.0/#3.7 (for texSubImage3D)
        - https://www.khronos.org/registry/webgl/specs/latest/1.0/#5.14 (for TexImageSource)

        * html/canvas/WebGL2RenderingContext.cpp:
        (WebCore::WebGL2RenderingContext::texSubImage3D):
        * html/canvas/WebGL2RenderingContext.h:
        * html/canvas/WebGL2RenderingContext.idl:

2016-10-21  Zalan Bujtas  <zalan@apple.com>

        Do not mutate the render tree while collecting selection repaint rects.
        https://bugs.webkit.org/show_bug.cgi?id=163800
        <rdar://problem/28806886>

        Reviewed by David Hyatt.

        RenderListItem not only mutates the tree while in layout but it also uses
        the old descendant context to find the insertion point.
        This patch strictly ensures that we only do it while in layout and never
        in other cases such as collecting repaint rects.
        This gets redundant when webkit.org/b/163789 is fixed.

        Test: fast/lists/crash-when-list-marker-is-moved-during-selection.html

        * rendering/RenderListItem.cpp:
        (WebCore::RenderListItem::insertOrMoveMarkerRendererIfNeeded):

2016-10-21  Dave Hyatt  <hyatt@apple.com>

        [CSS Parser] Support horizontal-bt writing mode
        https://bugs.webkit.org/show_bug.cgi?id=163797

        Reviewed by Zalan Bujtas.

        * css/parser/CSSParserFastPaths.cpp:
        (WebCore::CSSParserFastPaths::isValidKeywordPropertyAndValue):

2016-10-20  Brent Fulgham  <bfulgham@apple.com>

        [Win][Direct2D] Correct some memory leaks and other minor bugs
        https://bugs.webkit.org/show_bug.cgi?id=163769

        Reviewed by Alex Christensen.

        Several D2D handles were being leaked.
 
        Direct2D sometimes returns an infinite rect containing { -inf, -inf, FloatMax, FloatMax },
        sometimes { -FloatMax, -FloatMax, inf, inf }, and various combinations thereof. This caused
        most SVG drawing to decide no screen rect was contained in the "infinite rect" so nothing
        would be drawn.
        
        Tested by existing layout tests. 

        * platform/graphics/GraphicsContext.h:
        * platform/graphics/win/FloatRectDirect2D.cpp:
        (WebCore::isInfiniteRect): Recognize various infinite rects in Windows.
        (WebCore::FloatRect::FloatRect): Convert a Windows infinite rect to the style
        we use inside WebKit.
        * platform/graphics/win/FontCascadeDirect2D.cpp:
        (WebCore::FontCascade::drawGlyphs): Use cached brushes if possible.
        * platform/graphics/win/GlyphPageTreeNodeDirect2D.cpp:
        (WebCore::GlyphPage::fill): Don't terminate on this error case.
        * platform/graphics/win/GradientDirect2D.cpp:
        (WebCore::Gradient::generateGradient): Don't leak gradients.
        * platform/graphics/win/GraphicsContextDirect2D.cpp:
        (WebCore::GraphicsContextPlatformPrivate::brushWithColor): Added.
        (WebCore::GraphicsContext::brushWithColor): Added.
        (WebCore::GraphicsContextPlatformPrivate::concatCTM): Perform transform multiplication
        in the right order (hint: it's not distributive).
        (WebCore::GraphicsContext::drawWithShadow): Use convenience method.
        (WebCore::GraphicsContext::fillRect): Ditto.
        (WebCore::GraphicsContext::platformFillRoundedRect): Ditto.
        (WebCore::GraphicsContext::clearRect): Ditto.
        (WebCore::GraphicsContext::setPlatformStrokeColor): Ditto.
        (WebCore::GraphicsContext::setPlatformFillColor): Ditto.
        * platform/graphics/win/PathDirect2D.cpp:
        (WebCore::Path::polygonPathFromPoints): No need to convert manually.
        (WebCore::Path::~Path): Don't leak ID2D1Geometry entities.
        (WebCore::Path::appendGeometry): Ditto.
        (WebCore::Path::createGeometryWithFillMode): Ditto.
        (WebCore::Path::Path): Ditto.
        (WebCore::Path::operator=): Ditto.
        (WebCore::Path::strokeBoundingRect): Provide an implementation.
        (WebCore::Path::addRect): No need for manual casting here.

2016-10-21  Wenson Hsieh  <wenson_hsieh@apple.com>

        Fix minor style issue in the signature of StaticRange::create
        https://bugs.webkit.org/show_bug.cgi?id=163786
        <rdar://problem/28853079>

        Reviewed by Alex Christensen.

        Change `Ref<WebCore::Node> &&` to `Ref<Node>&&`.

        * dom/StaticRange.cpp:
        (WebCore::StaticRange::create):

2016-10-21  Dave Hyatt  <hyatt@apple.com>

        [CSS Parser] Add support for -webkit-line-box-contain
        https://bugs.webkit.org/show_bug.cgi?id=163794

        Reviewed by Zalan Bujtas.

        * css/parser/CSSPropertyParser.cpp:
        (WebCore::consumeLineBoxContain):
        (WebCore::CSSPropertyParser::parseSingleValue):

2016-10-21  Dave Hyatt  <hyatt@apple.com>

        [CSS Parser] Add support for @-webkit-region rules
        https://bugs.webkit.org/show_bug.cgi?id=163787

        Reviewed by Zalan Bujtas.

        * css/StyleRule.cpp:
        (WebCore::StyleRuleRegion::StyleRuleRegion):
        * css/StyleRule.h:
        * css/parser/CSSAtRuleID.cpp:
        (WebCore::cssAtRuleID):
        * css/parser/CSSAtRuleID.h:
        * css/parser/CSSParserImpl.cpp:
        (WebCore::CSSParserImpl::consumeAtRule):
        (WebCore::CSSParserImpl::consumePageRule):
        (WebCore::CSSParserImpl::consumeRegionRule):
        * css/parser/CSSParserImpl.h:

2016-10-21  David Kilzer  <ddkilzer@apple.com>

        Bug 163757: Use IntSize::unclampedArea() in PDFDocumentImage::updateCachedImageIfNeeded()
        <https://webkit.org/b/163757>

        Reviewed by Brent Fulgham.

        No new tests since there is no change in nominal behavior.

        * platform/graphics/cg/PDFDocumentImage.cpp:
        (WebCore::PDFDocumentImage::updateCachedImageIfNeeded): Use
        IntSize::unclampedArea() where manual calculations were used
        previously.  Also gets rid of more safeCast<size_t>() use.

2016-10-21  Chris Dumez  <cdumez@apple.com>

        [Web IDL] Support unions in our overload resolution algorithm
        https://bugs.webkit.org/show_bug.cgi?id=163764

        Reviewed by Darin Adler.

        Support unions in our overload resolution algorithm as per:
        - https://heycam.github.io/webidl/#es-overloads
        - https://heycam.github.io/webidl/#dfn-distinguishable

        * bindings/scripts/CodeGeneratorJS.pm:
        (IsIDLTypeDistinguishableWithUnionForOverloadResolution):
        (AreTypesDistinguishableForOverloadResolution):
        (GetOverloadThatMatches):
        (GenerateOverloadedFunctionOrConstructor):
        * bindings/scripts/test/JS/JSTestObj.cpp:
        * bindings/scripts/test/TestObj.idl:

2016-10-21  Chris Dumez  <cdumez@apple.com>

        AudioNode.connect(): First parameter should not be nullable
        https://bugs.webkit.org/show_bug.cgi?id=163773

        Reviewed by Darin Adler.

        AudioNode.connect()'s first parameter should not be nullable:
        - https://webaudio.github.io/web-audio-api/#idl-def-AudioNode.

        We were throwing a SYNTAX_ERR when passing null, we now throw
        a TypeError instead.

        No new tests, updated existing test.

        * Modules/webaudio/AudioBasicInspectorNode.cpp:
        (WebCore::AudioBasicInspectorNode::connect):
        * Modules/webaudio/AudioBasicInspectorNode.h:
        * Modules/webaudio/AudioNode.cpp:
        (WebCore::AudioNode::connect):
        * Modules/webaudio/AudioNode.h:
        * Modules/webaudio/AudioNode.idl:

2016-10-21  Wenson Hsieh  <wenson_hsieh@apple.com>

        Implement InputEvent.getTargetRanges() for the input events spec
        https://bugs.webkit.org/show_bug.cgi?id=162947
        <rdar://problem/28853079>

        Reviewed by Darin Adler.

        Implements InputEvent.getTargetRanges(). See individual method changes below for more details. Adds a new hook
        for subclasses of CompositeEditCommand to vend a list of target StaticRanges when retrieving target ranges for
        an editing command on a contenteditable area.

        Tests: fast/events/before-input-delete-empty-list-target-ranges.html
               fast/events/before-input-delete-text-target-ranges.html
               fast/events/before-input-replace-text-target-ranges.html

        * CMakeLists.txt:
        * DerivedSources.make:
        * WebCore.xcodeproj/project.pbxproj:

        Add StaticRange.idl, StaticRange.cpp and StaticRange.h.

        * bindings/generic/RuntimeEnabledFeatures.h:
        (WebCore::RuntimeEnabledFeatures::setInputEventsEnabled):
        (WebCore::RuntimeEnabledFeatures::inputEventsEnabled):

        Add a new runtime bindings flag for InputEvents and guard both InputEvent and StaticRange behind it.

        * dom/DOMAllInOne.cpp:
        * dom/InputEvent.cpp:
        (WebCore::InputEvent::InputEvent):
        * dom/InputEvent.h:
        * dom/InputEvent.idl:
        * dom/StaticRange.cpp: Copied from Source/WebCore/dom/InputEvent.cpp.
        (WebCore::StaticRange::StaticRange):
        (WebCore::StaticRange::create):
        (WebCore::StaticRange::createFromRange):

        Convenience method for creating a StaticRange from a Range's start/end container and offset.

        (WebCore::StaticRange::startContainer):
        (WebCore::StaticRange::endContainer):
        (WebCore::StaticRange::collapsed):
        * dom/StaticRange.h: Copied from Source/WebCore/dom/InputEvent.cpp.
        (WebCore::StaticRange::startOffset):
        (WebCore::StaticRange::endOffset):
        * dom/StaticRange.idl: Copied from Source/WebCore/editing/ReplaceRangeWithTextCommand.h.
        * editing/CompositeEditCommand.cpp:
        (WebCore::CompositeEditCommand::willApplyCommand):
        (WebCore::CompositeEditCommand::targetRanges):

        Virtual method that returns a list of target ranges which are associated with this command.

        (WebCore::CompositeEditCommand::targetRangesForBindings):

        Non-virtual method that calls the above targetRanges(). Takes whether or not the CompositeEditCommand is editing
        a textarea or plain text input into account.

        (WebCore::CompositeEditCommand::moveParagraphs):
        * editing/CompositeEditCommand.h:
        * editing/EditCommand.cpp:
        (WebCore::EditCommand::frame):
        * editing/EditCommand.h:
        (WebCore::EditCommand::document):
        * editing/Editor.cpp:
        (WebCore::dispatchBeforeInputEvent):
        (WebCore::dispatchInputEvent):
        (WebCore::dispatchBeforeInputEvents):

        Changed the `beforeinput` event dispatch to use the regular Node::dispatchEvent instead of dispatchScopedEvent.
        This is because if the page prevents the `beforeinput` event, we need to know immediately in order to bail from
        the default action.

        (WebCore::dispatchInputEvents):
        (WebCore::Editor::willApplyEditing):

        Added a list of static ranges as a parameter when calling on the Editor to dispatch `beforeinput` events.
        By default, this uses the composite edit command's targetRangesForBindings(), though it may be special cased
        by subclasses of CompositeEditCommand (see ReplaceRangeWithTextCommand, SpellingCorrectionCommand, and
        TypingCommand).

        * editing/Editor.h:
        * editing/ReplaceRangeWithTextCommand.cpp:
        (WebCore::ReplaceRangeWithTextCommand::targetRanges):
        * editing/ReplaceRangeWithTextCommand.h:
        * editing/SpellingCorrectionCommand.cpp:
        (WebCore::SpellingCorrectionCommand::targetRanges):
        * editing/SpellingCorrectionCommand.h:
        * editing/TypingCommand.cpp:
        (WebCore::editActionIsDeleteByTyping):
        (WebCore::TypingCommand::shouldDeferWillApplyCommandUntilAddingTypingCommand):
        (WebCore::TypingCommand::willApplyCommand):
        (WebCore::TypingCommand::willAddTypingToOpenCommand):
        (WebCore::TypingCommand::deleteKeyPressed):
        (WebCore::TypingCommand::forwardDeleteKeyPressed):

        Moves the firing of the `beforeinput` until after the selection range to delete has been computed.

        * editing/TypingCommand.h:

2016-10-21  Antti Koivisto  <antti@apple.com>

        Style resolver should be updated lazily
        https://bugs.webkit.org/show_bug.cgi?id=163721

        Reviewed by Andreas Kling.

        Currently when stylesheets change in some way we generally update style resolvers and
        invalidate style immediately. We should do this lazily to avoid unnecessary work.

        Also improve naming of the stylesheet invalidation functions and use more optimal functions in some places.

        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::updateStyleIfNeededForNode):
        * css/CSSStyleSheet.cpp:
        (WebCore::CSSStyleSheet::didMutateRules):
        (WebCore::CSSStyleSheet::didMutate):
        (WebCore::CSSStyleSheet::setDisabled):
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::StyleResolver):

            Initialize root style font with null font selector.
            This avoids hitting a CSSFontSelector assert in fast/media/mq-relative-constraints-08.html where
            media query evaluation requires font information before it is ready.
            Exposed by increased laziness in this patch.

        * dom/Document.cpp:
        (WebCore::Document::setContentLanguage):
        (WebCore::Document::updateLayoutIgnorePendingStylesheets):
        (WebCore::Document::isPageBoxVisible):
        (WebCore::Document::pageSizeAndMarginsInPixels):
        (WebCore::Document::processHttpEquiv):
        (WebCore::Document::setSelectedStylesheetSet):
        (WebCore::Document::didInsertInDocumentShadowRoot):
        (WebCore::Document::didRemoveInDocumentShadowRoot):
        * dom/Document.h:
        (WebCore::Document::inDocumentShadowRoots):

            Track all shadow roots in the document. This allows us to find and flush style scopes cheaply.

        * dom/Element.cpp:
        (WebCore::Element::computedStyle):
        * dom/ExtensionStyleSheets.cpp:
        (WebCore::ExtensionStyleSheets::ExtensionStyleSheets):
        (WebCore::ExtensionStyleSheets::clearPageUserSheet):
        (WebCore::ExtensionStyleSheets::updatePageUserSheet):
        (WebCore::ExtensionStyleSheets::invalidateInjectedStyleSheetCache):
        (WebCore::ExtensionStyleSheets::addUserStyleSheet):
        (WebCore::ExtensionStyleSheets::addAuthorStyleSheetForTesting):
        (WebCore::ExtensionStyleSheets::addDisplayNoneSelector):
        (WebCore::ExtensionStyleSheets::maybeAddContentExtensionSheet):
        (WebCore::ExtensionStyleSheets::styleResolverChangedTimerFired): Deleted.

            Since updates are now done lazily we don't need a special timer for extension stylesheets.

        * dom/ExtensionStyleSheets.h:
        * dom/ProcessingInstruction.cpp:
        (WebCore::ProcessingInstruction::checkStyleSheet):
        (WebCore::ProcessingInstruction::sheetLoaded):
        (WebCore::ProcessingInstruction::removedFrom):
        * dom/ShadowRoot.cpp:
        (WebCore::ShadowRoot::ShadowRoot):
        (WebCore::ShadowRoot::insertedInto):
        (WebCore::ShadowRoot::removedFrom):
        (WebCore::ShadowRoot::styleScope):
        * dom/ShadowRoot.h:
        * html/HTMLLinkElement.cpp:
        (WebCore::HTMLLinkElement::setDisabledState):
        (WebCore::HTMLLinkElement::parseAttribute):
        (WebCore::HTMLLinkElement::process):
        (WebCore::HTMLLinkElement::removePendingSheet):
        * html/HTMLStyleElement.cpp:
        (WebCore::HTMLStyleElement::parseAttribute):
        * inspector/InspectorCSSAgent.cpp:
        (WebCore::InspectorCSSAgent::createInspectorStyleSheetForDocument):
        (WebCore::InspectorCSSAgent::forcePseudoState):
        (WebCore::InspectorCSSAgent::resetPseudoStates):
        * inspector/InspectorPageAgent.cpp:
        (WebCore::InspectorPageAgent::setEmulatedMedia):
        * page/Frame.cpp:
        (WebCore::Frame::setPrinting):
        * page/FrameView.cpp:
        (WebCore::FrameView::layout):
        (WebCore::FrameView::setPagination):
        (WebCore::FrameView::setViewportSizeForCSSViewportUnits):
        * page/Page.cpp:
        (WebCore::Page::setViewMode):
        (WebCore::Page::setNeedsRecalcStyleInAllFrames):
        (WebCore::Page::invalidateInjectedStyleSheetCacheInAllFrames):
        * style/StyleScope.cpp:
        (WebCore::Style::Scope::setPreferredStylesheetSetName):
        (WebCore::Style::Scope::setSelectedStylesheetSetName):
        (WebCore::Style::Scope::removePendingSheet):
        (WebCore::Style::Scope::removeStyleSheetCandidateNode):
        (WebCore::Style::Scope::activeStyleSheetsForInspector):
        (WebCore::Style::Scope::flushPendingUpdate):

            Also flush descendant shadow roots.

        (WebCore::Style::Scope::scheduleUpdate):
        (WebCore::Style::Scope::didChangeActiveStyleSheetCandidates):

            Make lazy.

        (WebCore::Style::Scope::didChangeStyleSheetContents):

            Make lazy.

        (WebCore::Style::Scope::didChangeStyleSheetEnvironment):

            Environment changes also affect author shadow roots.

        (WebCore::Style::Scope::styleSheetsForStyleSheetList):
        (WebCore::Style::Scope::scheduleActiveSetUpdate): Deleted.
        (WebCore::Style::Scope::didChangeCandidatesForActiveSet): Deleted.
        (WebCore::Style::Scope::didChangeContentsOrInterpretation): Deleted.

            Improved naming of these and split didChangeContentsOrInterpretation into two separate functions.

        * style/StyleScope.h:
        (WebCore::Style::Scope::styleSheetsForStyleSheetList): Deleted.
        (WebCore::Style::Scope::setPreferredStylesheetSetName): Deleted.
        (WebCore::Style::Scope::setSelectedStylesheetSetName): Deleted.
        * svg/SVGFontFaceElement.cpp:
        (WebCore::SVGFontFaceElement::rebuildFontFace):
        (WebCore::SVGFontFaceElement::removedFrom):
        * testing/Internals.cpp:
        (WebCore::Internals::resetToConsistentState):

            Ensure that cationsStyleSheetOverride really becomes empty. Some tests rely on not having suprise
            inserted stylesheets. Previously this was racy and the patch affected order of things.

        (WebCore::Internals::styleChangeType):
        * xml/XMLTreeViewer.cpp:
        (WebCore::XMLTreeViewer::transformDocumentToTreeView):
        * xml/parser/XMLDocumentParser.cpp:
        (WebCore::XMLDocumentParser::end):
        * xml/parser/XMLDocumentParserLibxml2.cpp:
        (WebCore::XMLDocumentParser::doEnd):

2016-10-21  Xabier Rodriguez Calvar  <calvaris@igalia.com> and Adam Bergkvist  <adam.bergkvist@ericsson.com>

        WebRTC: [OpenWebRTC] Move SDPProcessorScriptResource(Gtk) to openwebrtc directory
        https://bugs.webkit.org/show_bug.cgi?id=163778

        Reviewed by Philippe Normand.

        Move SDPProcessorScriptResourceGtk from the platform gtk directory to the port generic
        openwebrtc directory to make it usable by other ports. Also drop the Gtk-suffix.

        No change of behavior.

        * PlatformGTK.cmake:
        * platform/mediastream/gtk/SDPProcessorScriptResourceGtk.cpp:
        (WebCore::SDPProcessorScriptResource::scriptString): Deleted.
        * platform/mediastream/openwebrtc/SDPProcessorScriptResource.cpp: Renamed from Source/WebCore/platform/mediastream/gtk/SDPProcessorScriptResourceGtk.cpp.
        (WebCore::SDPProcessorScriptResource::scriptString):

2016-10-21  Miguel Gomez  <magomez@igalia.com>

        [GTK] Several tests crashing on debug bot in (anonymous namespace)::MediaPlayerPrivateGStreamerBase::repaint
        https://bugs.webkit.org/show_bug.cgi?id=163511

        Reviewed by Carlos Garcia Campos.

        Perform the video repaint in the main thread when accelerated compositing is disabled. Added a new method to
        MediaPlayerClient to get whether accelerated compositing is enabled from the MediaPlayer. This is needed
        because mediaPlayerAcceleratedCompositingEnabled() will return false while HTMLMediaElement doesn't have a
        RenderVideo, even when accelerated compositing is enabled.

        Covered by existent tests.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::mediaPlayerAcceleratedCompositingEnabled):
        * html/HTMLMediaElement.h:
        * platform/graphics/MediaPlayer.h:
        (WebCore::MediaPlayerClient::mediaPlayerAcceleratedCompositingEnabled):
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
        (WebCore::MediaPlayerPrivateGStreamerBase::MediaPlayerPrivateGStreamerBase):
        (WebCore::MediaPlayerPrivateGStreamerBase::repaint):
        (WebCore::MediaPlayerPrivateGStreamerBase::triggerRepaint):
        * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.h:

2016-10-21  Adam Bergkvist  <adam.bergkvist@ericsson.com>

        WebRTC: [GTK] Add MediaEndpointOwr - an OpenWebRTC WebRTC backend
        https://bugs.webkit.org/show_bug.cgi?id=163327

        Reviewed by Philippe Normand.

        Add MediaEndpointOwr which is a MediaEndpoint implementation (WebRTC backend) based on
        OpenWebRTC [1]. The WebRTC backend can be tested with a manual test. Automatic testing
        is still done with MockMediaEndpoint.

        [1] http://www.openwebrtc.org/

        Testing: Added manual test (webrtc-one-tab-p2p.html)

        * CMakeLists.txt:
        * platform/GStreamer.cmake:
        * platform/mediastream/openwebrtc/MediaEndpointOwr.cpp: Added.
        (WebCore::createMediaEndpointOwr):
        (WebCore::MediaEndpointOwr::MediaEndpointOwr):
        (WebCore::MediaEndpointOwr::~MediaEndpointOwr):
        (WebCore::MediaEndpointOwr::setConfiguration):
        (WebCore::cryptoDataCallback):
        (WebCore::MediaEndpointOwr::generateDtlsInfo):
        (WebCore::MediaEndpointOwr::getDefaultAudioPayloads):
        (WebCore::MediaEndpointOwr::getDefaultVideoPayloads):
        (WebCore::payloadsContainType):
        (WebCore::MediaEndpointOwr::filterPayloads):
        (WebCore::MediaEndpointOwr::updateReceiveConfiguration):
        (WebCore::findRtxPayload):
        (WebCore::MediaEndpointOwr::updateSendConfiguration):
        (WebCore::MediaEndpointOwr::addRemoteCandidate):
        (WebCore::MediaEndpointOwr::replaceMutedRemoteSourceMid):
        (WebCore::MediaEndpointOwr::createMutedRemoteSource):
        (WebCore::MediaEndpointOwr::replaceSendSource):
        (WebCore::MediaEndpointOwr::stop):
        (WebCore::MediaEndpointOwr::transceiverIndexForSession):
        (WebCore::MediaEndpointOwr::sessionMid):
        (WebCore::MediaEndpointOwr::matchTransceiverByMid):
        (WebCore::MediaEndpointOwr::dispatchNewIceCandidate):
        (WebCore::MediaEndpointOwr::dispatchGatheringDone):
        (WebCore::MediaEndpointOwr::processIceTransportStateChange):
        (WebCore::MediaEndpointOwr::dispatchDtlsFingerprint):
        (WebCore::MediaEndpointOwr::unmuteRemoteSource):
        (WebCore::MediaEndpointOwr::prepareSession):
        (WebCore::MediaEndpointOwr::prepareMediaSession):
        (WebCore::parseHelperServerUrl):
        (WebCore::MediaEndpointOwr::ensureTransportAgentAndTransceivers):
        (WebCore::MediaEndpointOwr::internalAddRemoteCandidate):
        (WebCore::gotCandidate):
        (WebCore::candidateGatheringDone):
        (WebCore::iceConnectionStateChange):
        (WebCore::gotIncomingSource):
        * platform/mediastream/openwebrtc/MediaEndpointOwr.h: Added.
        (WebCore::OwrTransceiver::create):
        (WebCore::OwrTransceiver::~OwrTransceiver):
        (WebCore::OwrTransceiver::mid):
        (WebCore::OwrTransceiver::session):
        (WebCore::OwrTransceiver::owrIceState):
        (WebCore::OwrTransceiver::setOwrIceState):
        (WebCore::OwrTransceiver::gotEndOfRemoteCandidates):
        (WebCore::OwrTransceiver::markGotEndOfRemoteCandidates):
        (WebCore::OwrTransceiver::OwrTransceiver):
        * platform/mediastream/openwebrtc/RealtimeMediaSourceOwr.h:
        (WebCore::RealtimeMediaSourceOwr::RealtimeMediaSourceOwr):
        (WebCore::RealtimeMediaSourceOwr::swapOutShallowSource):
        Add support for an initially muted source. This is used for early
        creation of remote sources.

2016-10-21  Javier Fernandez  <jfernandez@igalia.com>

        [css-grid] Content Alignment broken with indefinite sized grid container
        https://bugs.webkit.org/show_bug.cgi?id=163724

        Reviewed by Manuel Rego Casasnovas.

        The Grid Tracks sizing algorithm receives as parameter the
        available space to be used as space for tracks. We hold a variable
        to store the remaining free space for each dimension.

        When the grid container size is indefinite we can't compute the
        available free space after computing track sizes until such
        indefinite size is resolved.

        No new tests, just added some additional test cases.

        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::layoutBlock): Compute freeSpace for Rows
        after doing layout and resolving the indefinite height.

2016-10-21  Jer Noble  <jer.noble@apple.com>

        CRASH in SourceBuffer::sourceBufferPrivateDidReceiveSample + 2169
        https://bugs.webkit.org/show_bug.cgi?id=163735

        Reviewed by Eric Carlson.

        Test: media/media-source/media-source-sample-wrong-track-id.html

        When SourceBuffer receives a sample in sourceBufferPrivateDidReceiveSample() containing
        a trackID not previously seen in an initialization segment, it creates a default TrackBuffer
        object to contain that track's samples. One of the fields in TrackBuffer, description, is
        normally filled out when an initialization segment is received, but with this default
        TrackBuffer, it's still null when it's checked later in sourceBufferPrivateDidReceiveSample().

        Rather than adding a null-check on trackBuffer.description, drop any sample that has a 
        trackID which was not present during a previous initialization segment.

        * Modules/mediasource/SourceBuffer.cpp:
        (WebCore::SourceBuffer::sourceBufferPrivateDidReceiveSample):

2016-10-20  Carlos Garcia Campos  <cgarcia@igalia.com>

        [GTK] Configures but fails to link with ENABLE_OPENGL=OFF
        https://bugs.webkit.org/show_bug.cgi?id=163449

        Reviewed by Michael Catanzaro.

        Only define sharingGLContext in PlatformDisplay if EGL or GLX are enabled.

        * platform/graphics/PlatformDisplay.cpp:
        * platform/graphics/PlatformDisplay.h:
        * platform/graphics/wayland/PlatformDisplayWayland.cpp:
        (WebCore::PlatformDisplayWayland::initialize):
        * platform/graphics/x11/PlatformDisplayX11.cpp:
        (WebCore::PlatformDisplayX11::~PlatformDisplayX11):

2016-10-20  Filip Pizlo  <fpizlo@apple.com>

        The tracking of the coarse-grain Heap state (allocating or not, collector or not, eden vs full) should respect the orthogonality between allocating and collecting
        https://bugs.webkit.org/show_bug.cgi?id=163738

        Reviewed by Geoffrey Garen.

        No new tests because no change in behavior.

        * bindings/js/GCController.cpp:
        (WebCore::GCController::garbageCollectNow):

2016-10-20  Chris Dumez  <cdumez@apple.com>

        [Bindings] Start using signature->idlType instead of signature->type in the overload resolution code
        https://bugs.webkit.org/show_bug.cgi?id=163767

        Reviewed by Darin Adler.

        Start using signature->idlType instead of signature->type in the overload resolution code
        to prepare for union type support.

        * bindings/scripts/CodeGeneratorJS.pm:
        (ComputeEffectiveOverloadSet):
        (AreTypesDistinguishableForOverloadResolution):
        (GetDistinguishingArgumentIndex):
        (GetOverloadThatMatches):
        (GenerateOverloadedFunctionOrConstructor):

2016-10-20  Myles C. Maxfield  <mmaxfield@apple.com>

        Implement WebGL2 bufferData() and bufferSubData() methods
        https://bugs.webkit.org/show_bug.cgi?id=163759

        Reviewed by Dean Jackson.

        These new overloads simply clip the input array buffer.

        Test: fast/canvas/webgl/bufferData-offset-length.html

        * html/canvas/WebGL2RenderingContext.cpp:
        (WebCore::WebGL2RenderingContext::bufferData):
        (WebCore::WebGL2RenderingContext::bufferSubData):
        * html/canvas/WebGL2RenderingContext.h:
        * html/canvas/WebGL2RenderingContext.idl:

2016-10-20  Chris Dumez  <cdumez@apple.com>

        "Download Linked File" context menu action should use 'download' attribute as suggested filename
        https://bugs.webkit.org/show_bug.cgi?id=163742
        <rdar://problem/28840734>

        Reviewed by Darin Adler.

        Add convenience method to HitTestResult to return the URL element's
        download attribute.

        * rendering/HitTestResult.cpp:
        (WebCore::HitTestResult::URLElementDownloadAttribute):
        * rendering/HitTestResult.h:

2016-10-20  Nan Wang  <n_wang@apple.com>

        AX: VoiceOver is not detecting ARIA treeview if it contains role="presentation"
        https://bugs.webkit.org/show_bug.cgi?id=163763

        Reviewed by Chris Fleizach.

        Test: accessibility/mac/aria-tree-with-presentation-role.html

        Web authors sometimes use presentation role in the aria tree to hide elements. We should
        consider this a valid case if they specify tree items and groups correctly.

        * accessibility/AccessibilityNodeObject.cpp:
        (WebCore::AccessibilityNodeObject::hierarchicalLevel):
        * accessibility/AccessibilityTree.cpp:
        (WebCore::AccessibilityTree::nodeHasTreeItemChild):
        (WebCore::AccessibilityTree::isTreeValid):
        * accessibility/AccessibilityTree.h:

2016-10-20  Myles C. Maxfield  <mmaxfield@apple.com>

        Many WebGL functions which don't throw are marked as possibly throwing
        https://bugs.webkit.org/show_bug.cgi?id=163747

        Reviewed by Dean Jackson.

        Mechanically remove the exception code.

        No new tests because there is no behavior change.

        * bindings/js/JSWebGLRenderingContextBaseCustom.cpp:
        (WebCore::getObjectParameter):
        (WebCore::JSWebGLRenderingContextBase::getAttachedShaders):
        (WebCore::JSWebGLRenderingContextBase::getProgramParameter):
        (WebCore::JSWebGLRenderingContextBase::getShaderParameter):
        (WebCore::JSWebGLRenderingContextBase::getUniform):
        (WebCore::dataFunctionf):
        (WebCore::dataFunctioni):
        (WebCore::dataFunctionMatrix):
        * html/canvas/WebGL2RenderingContext.cpp:
        (WebCore::WebGL2RenderingContext::texSubImage2D):
        * html/canvas/WebGLRenderingContext.cpp:
        (WebCore::WebGLRenderingContext::texSubImage2D):
        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::WebGLRenderingContextBase::activeTexture):
        (WebCore::WebGLRenderingContextBase::attachShader):
        (WebCore::WebGLRenderingContextBase::bindAttribLocation):
        (WebCore::WebGLRenderingContextBase::bindBuffer):
        (WebCore::WebGLRenderingContextBase::bindFramebuffer):
        (WebCore::WebGLRenderingContextBase::bindRenderbuffer):
        (WebCore::WebGLRenderingContextBase::bindTexture):
        (WebCore::WebGLRenderingContextBase::bufferData):
        (WebCore::WebGLRenderingContextBase::bufferSubData):
        (WebCore::WebGLRenderingContextBase::compileShader):
        (WebCore::WebGLRenderingContextBase::createShader):
        (WebCore::WebGLRenderingContextBase::detachShader):
        (WebCore::WebGLRenderingContextBase::disableVertexAttribArray):
        (WebCore::WebGLRenderingContextBase::drawArrays):
        (WebCore::WebGLRenderingContextBase::drawElements):
        (WebCore::WebGLRenderingContextBase::enableVertexAttribArray):
        (WebCore::WebGLRenderingContextBase::framebufferRenderbuffer):
        (WebCore::WebGLRenderingContextBase::framebufferTexture2D):
        (WebCore::WebGLRenderingContextBase::getActiveAttrib):
        (WebCore::WebGLRenderingContextBase::getActiveUniform):
        (WebCore::WebGLRenderingContextBase::getAttachedShaders):
        (WebCore::WebGLRenderingContextBase::getBufferParameter):
        (WebCore::WebGLRenderingContextBase::getProgramParameter):
        (WebCore::WebGLRenderingContextBase::getProgramInfoLog):
        (WebCore::WebGLRenderingContextBase::getRenderbufferParameter):
        (WebCore::WebGLRenderingContextBase::getShaderParameter):
        (WebCore::WebGLRenderingContextBase::getShaderInfoLog):
        (WebCore::WebGLRenderingContextBase::getShaderPrecisionFormat):
        (WebCore::WebGLRenderingContextBase::getShaderSource):
        (WebCore::WebGLRenderingContextBase::getTexParameter):
        (WebCore::WebGLRenderingContextBase::getUniform):
        (WebCore::WebGLRenderingContextBase::getUniformLocation):
        (WebCore::WebGLRenderingContextBase::getVertexAttrib):
        (WebCore::WebGLRenderingContextBase::linkProgram):
        (WebCore::WebGLRenderingContextBase::readPixels):
        (WebCore::WebGLRenderingContextBase::shaderSource):
        (WebCore::WebGLRenderingContextBase::videoFrameToImage):
        (WebCore::WebGLRenderingContextBase::texImage2D):
        (WebCore::WebGLRenderingContextBase::uniform1f):
        (WebCore::WebGLRenderingContextBase::uniform1fv):
        (WebCore::WebGLRenderingContextBase::uniform1i):
        (WebCore::WebGLRenderingContextBase::uniform1iv):
        (WebCore::WebGLRenderingContextBase::uniform2f):
        (WebCore::WebGLRenderingContextBase::uniform2fv):
        (WebCore::WebGLRenderingContextBase::uniform2i):
        (WebCore::WebGLRenderingContextBase::uniform2iv):
        (WebCore::WebGLRenderingContextBase::uniform3f):
        (WebCore::WebGLRenderingContextBase::uniform3fv):
        (WebCore::WebGLRenderingContextBase::uniform3i):
        (WebCore::WebGLRenderingContextBase::uniform3iv):
        (WebCore::WebGLRenderingContextBase::uniform4f):
        (WebCore::WebGLRenderingContextBase::uniform4fv):
        (WebCore::WebGLRenderingContextBase::uniform4i):
        (WebCore::WebGLRenderingContextBase::uniform4iv):
        (WebCore::WebGLRenderingContextBase::uniformMatrix2fv):
        (WebCore::WebGLRenderingContextBase::uniformMatrix3fv):
        (WebCore::WebGLRenderingContextBase::uniformMatrix4fv):
        (WebCore::WebGLRenderingContextBase::useProgram):
        (WebCore::WebGLRenderingContextBase::validateProgram):
        (WebCore::WebGLRenderingContextBase::vertexAttribPointer):
        (WebCore::WebGLRenderingContextBase::restoreCurrentFramebuffer):
        (WebCore::WebGLRenderingContextBase::restoreCurrentTexture2D):
        * html/canvas/WebGLRenderingContextBase.h:
        * html/canvas/WebGLRenderingContextBase.idl:

2016-10-19  Myles C. Maxfield  <mmaxfield@apple.com>

        [macOS] [iOS] Disable variation fonts on macOS El Capitan and iOS 9
        https://bugs.webkit.org/show_bug.cgi?id=163374

        Reviewed by Darin Adler.

        Because of platform lack of support for variations in in-memory fonts,
        this feature should be disabled on the affected OSes.

        No tests because there is no behavior change (on the relevant platforms).

        * Configurations/FeatureDefines.xcconfig:

2016-10-20  Brady Eidson  <beidson@apple.com>

        IndexedDB 2.0: Support IDBObjectStore name assignment.
        <rdar://problem/28806931> and https://bugs.webkit.org/show_bug.cgi?id=163749

        Reviewed by Alex Christensen.

        Tests: storage/indexeddb/modern/objectstore-rename-1-private.html
               storage/indexeddb/modern/objectstore-rename-1.html

        Touches a *lot* of code sites, but none of them are particularly interesting.
        They are all just getting the new name spread out to all of the various objects that need it.

        * Modules/indexeddb/IDBDatabase.cpp:
        (WebCore::IDBDatabase::renameObjectStore):
        * Modules/indexeddb/IDBDatabase.h:

        * Modules/indexeddb/IDBObjectStore.cpp:
        (WebCore::IDBObjectStore::setName):
        * Modules/indexeddb/IDBObjectStore.h:
        * Modules/indexeddb/IDBObjectStore.idl:

        * Modules/indexeddb/IDBTransaction.cpp:
        (WebCore::IDBTransaction::renameObjectStore):
        (WebCore::IDBTransaction::renameObjectStoreOnServer):
        (WebCore::IDBTransaction::didRenameObjectStoreOnServer):
        * Modules/indexeddb/IDBTransaction.h:

        * Modules/indexeddb/client/IDBConnectionProxy.cpp:
        (WebCore::IDBClient::IDBConnectionProxy::renameObjectStore):
        * Modules/indexeddb/client/IDBConnectionProxy.h:

        * Modules/indexeddb/client/IDBConnectionToServer.cpp:
        (WebCore::IDBClient::IDBConnectionToServer::renameObjectStore):
        (WebCore::IDBClient::IDBConnectionToServer::didRenameObjectStore):
        * Modules/indexeddb/client/IDBConnectionToServer.h:
        * Modules/indexeddb/client/IDBConnectionToServerDelegate.h:

        * Modules/indexeddb/server/IDBBackingStore.h:

        * Modules/indexeddb/server/IDBConnectionToClient.cpp:
        (WebCore::IDBServer::IDBConnectionToClient::didDeleteObjectStore):
        (WebCore::IDBServer::IDBConnectionToClient::didRenameObjectStore):
        * Modules/indexeddb/server/IDBConnectionToClient.h:
        * Modules/indexeddb/server/IDBConnectionToClientDelegate.h:

        * Modules/indexeddb/server/IDBServer.cpp:
        (WebCore::IDBServer::IDBServer::renameObjectStore):
        * Modules/indexeddb/server/IDBServer.h:

        * Modules/indexeddb/server/MemoryBackingStoreTransaction.cpp:
        (WebCore::IDBServer::MemoryBackingStoreTransaction::objectStoreRenamed):
        (WebCore::IDBServer::MemoryBackingStoreTransaction::abort):
        * Modules/indexeddb/server/MemoryBackingStoreTransaction.h:

        * Modules/indexeddb/server/MemoryIDBBackingStore.cpp:
        (WebCore::IDBServer::MemoryIDBBackingStore::renameObjectStore):
        * Modules/indexeddb/server/MemoryIDBBackingStore.h:

        * Modules/indexeddb/server/MemoryObjectStore.h:
        (WebCore::IDBServer::MemoryObjectStore::rename):

        * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:
        (WebCore::IDBServer::SQLiteIDBBackingStore::renameObjectStore):
        * Modules/indexeddb/server/SQLiteIDBBackingStore.h:

        * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
        (WebCore::IDBServer::UniqueIDBDatabase::renameObjectStore):
        (WebCore::IDBServer::UniqueIDBDatabase::performRenameObjectStore):
        (WebCore::IDBServer::UniqueIDBDatabase::didPerformRenameObjectStore):
        * Modules/indexeddb/server/UniqueIDBDatabase.h:

        * Modules/indexeddb/server/UniqueIDBDatabaseConnection.cpp:
        (We