[Streams API] Implement pulling of a source by a ReadableStream

[WebKit-https.git] / Source / WebCore / ChangeLog

2015-06-10  Xabier Rodriguez Calvar  <calvaris@igalia.com> and Youenn Fablet <youenn.fablet@crf.canon.fr>

        [Streams API] Implement pulling of a source by a ReadableStream
        https://bugs.webkit.org/show_bug.cgi?id=145262

        Reviewed by Darin Adler

        Introduced abstract ReadableStream::doPull() which is overriden in ReadableJSStream.
        Added support to call the "pull" JS callback in ReadableJSStream::doPull().
        Added calls to pull as requested by the spec (when resolving a read callback, at start time...).

        Fixed issue in ReadableStreamReader::read() (use of successCallback(JSValue()) in lieu of endCallback())

        Covered by rebased tests.

        * Modules/streams/ReadableStream.cpp:
        (WebCore::ReadableStream::start): calling pull() once start.
        (WebCore::ReadableStream::pull): calling doPull() if readableStream states requires to.
        (WebCore::ReadableStream::read): calling pull() after resolving a read callback.
        * Modules/streams/ReadableStream.h:
        * Modules/streams/ReadableStreamReader.cpp:
        (WebCore::ReadableStreamReader::read): fixed JSValue() bug.
        * bindings/js/ReadableJSStream.cpp:
        (WebCore::ReadableJSStream::doPull): calling of JS callback.
        (WebCore::ReadableJSStream::storeException): catches exception and store them.
        (WebCore::ReadableJSStream::storeError): refactoring for checkForException.
        (WebCore::ReadableJSStream::enqueue):
        * bindings/js/ReadableJSStream.h:

2015-06-09  Youenn Fablet  <youenn.fablet@crf.canon.fr>

        DeferredWrapper should clear its JS strong references once its promise is resolved/rejected
        https://bugs.webkit.org/show_bug.cgi?id=145753

        Reviewed by Darin Adler.

        Clear strong references at the end of DeferredWrapper::resolve and DeferredWrapper::reject.
        Added assertions to check that resolve or reject is called only once.

        Removed DeferredWrapper constructor that creates internally its promise.
        Reason is DeferredWrapper can be resolved synchronously and promise
        will be lost when returning it at the end of the binding promise function.
        Updated all custom bindings accordingly.

        Covered by existing tests.

        * bindings/js/JSAudioContextCustom.cpp:
        (WebCore::JSAudioContext::suspend): Updated DeferredWrapper constructor to properly return the promise.
        (WebCore::JSAudioContext::resume): Ditto.
        (WebCore::JSAudioContext::close): Ditto.
        * bindings/js/JSDOMPromise.cpp:
        (WebCore::DeferredWrapper::resolve): Cleared strong references after promise resolution.
        (WebCore::DeferredWrapper::reject): Cleared strong references after promise rejection.
        * bindings/js/JSDOMPromise.h:
        (WebCore::DeferredWrapper::resolve): Added ASSERT to check promise is not yet rejected/resolved.
        (WebCore::DeferredWrapper::reject): Ditto.
        (WebCore::DeferredWrapper::reject<ExceptionCode>): Ditto.
        (WebCore::DeferredWrapper::resolve<String>): Ditto.
        (WebCore::DeferredWrapper::resolve<bool>): Ditto.
        (WebCore::DeferredWrapper::resolve<JSC::JSValue>): Ditto.
        (WebCore::char>>):
        (WebCore::DeferredWrapper::reject<String>): Ditto.
        * bindings/js/JSMediaDevicesCustom.cpp:
        (WebCore::JSMediaDevices::getUserMedia): Updated DeferredWrapper constructor to properly return the promise.
        * bindings/js/JSReadableStreamReaderCustom.cpp:
        (WebCore::JSReadableStreamReader::read): Ditto.
        (WebCore::JSReadableStreamReader::closed): Ditto.
        * bindings/js/JSSubtleCryptoCustom.cpp:
        (WebCore::JSSubtleCrypto::encrypt): Ditto.
        (WebCore::JSSubtleCrypto::decrypt): Ditto.
        (WebCore::JSSubtleCrypto::sign): Ditto.
        (WebCore::JSSubtleCrypto::verify): Ditto.
        (WebCore::JSSubtleCrypto::digest): Ditto.
        (WebCore::JSSubtleCrypto::generateKey): Ditto.
        (WebCore::JSSubtleCrypto::importKey): Ditto.
        (WebCore::JSSubtleCrypto::exportKey): Ditto.
        (WebCore::JSSubtleCrypto::wrapKey): Ditto.
        (WebCore::JSSubtleCrypto::unwrapKey): Ditto.

2015-06-09  Zalan Bujtas  <zalan@apple.com>

        Protect FrameView from being destroyed in Document::recalcStyle()
        https://bugs.webkit.org/show_bug.cgi?id=143033
        rdar://problem/20326871

        Reviewed by Andreas Kling.

        This patch ensures that FrameView stays valid in Document::recalcStyle().
        It follows the defensive pattern we use to deal with the refcounted FrameView (see EventDispatcher::dispatchEvent)

        When the iframe destroys itself in the onBeforeLoad callback (as the result of
        PostResolutionCallbackDisabler -> HTMLObjectElement::updateWidget -> guardedDispatchBeforeLoadEvent),
        we detach the frame and release the FrameView. However Document::recalcStyle() expects
        the FrameView to stay valid.

        Covered by fast/frames/flattening/crash-remove-iframe-during-object-beforeload.html.

        * dom/Document.cpp:
        (WebCore::Document::recalcStyle):

2015-06-09  Daegyu Lee  <daegyu.lee@navercorp.com>

        3D-transformed video does not display on platforms without accelerated video rendering
        https://bugs.webkit.org/show_bug.cgi?id=144782

        Reviewed by Simon Fraser.

        Video element does not get GraphicsLayer when MediaPlayerPrivate::supportsAcceleratedRendering() returns false
        which means not using accelerated video decoding.
        Although the video element gets GraphicsLayer by changing the CSS style of video element by javascript,
        there is no way to set GraphicsLayer::setDrawsContent(true) for updating the video content.
        As a result, after changing the CSS style, the video content does not show.
        To avoid missing setDrawsContent(true), add conditions(!supportsAcceleratedRendering() && m_requiresOwnBackingStore).

        Test: media/video-transformed-by-javascript.html
              media/video-transformed-by-javascript-expected.html

        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::containsPaintedContent):

2015-06-09  Ryosuke Niwa  <rniwa@webkit.org>

        REGRESSION(r180867): Tabbing to login field on iCloud.com doesn't have highlight for text
        https://bugs.webkit.org/show_bug.cgi?id=145830

        Reviewed by Darin Adler.

        The bug was caused by setSelection not updating RenderView when there is a style recalc scheduled
        that doesn't trigger a layout. Fixed the bug by explicitly updating the selection in
        Document::recalcStyle in that case.

        Test: editing/selection/update-selection-by-style-change.html

        * dom/Document.cpp:
        (WebCore::Document::recalcStyle):
        * editing/FrameSelection.cpp:
        (WebCore::FrameSelection::updateAppearanceAfterLayout): Renamed from didLayout.
        * editing/FrameSelection.h:
        * page/FrameView.cpp:
        (WebCore::FrameView::performPostLayoutTasks):

2015-06-09  Dean Jackson  <dino@apple.com>

        MediaControls: Reenable resize of controls on pinch zoom
        https://bugs.webkit.org/show_bug.cgi?id=145824
        <rdar://problem/21212778>

        Reviewed by Darin Adler.

        Reinstate the code that updated the scaling of the
        controls in response to changes in page scale.
        This time around we have to change both the controls
        panel, and its blurry background.

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.set pageScaleFactor): Deleted a comment.
        * Modules/mediacontrols/mediaControlsiOS.css:
        (video::-webkit-media-controls-panel-background): Set the background to pin
        to the bottom of its view.
        * Modules/mediacontrols/mediaControlsiOS.js:
        (ControllerIOS.prototype.get pageScaleFactor): Basic getter, copied from mediaControlsApple.
        (ControllerIOS.prototype.set pageScaleFactor): The setter that reacts to the page scale
        and applies an inverse scaling on the control panel using a transform, and adjusts the
        height on the background similarly.

2015-06-09  Andreas Kling  <akling@apple.com>

        GraphicsContext state stack wasting lots of memory when empty.
        <https://webkit.org/b/145817>

        Reviewed by Geoffrey Garen.

        Give the GraphicsContextState stack an inline capacity of 1, and make sure
        to free any heap-allocated backing store when the stack goes empty.

        The 1 is because HTMLCanvasElement keeps one "save" on the underlying
        GraphicsContext at all times, and this prevents those canvases from always
        sitting on an empty stack with 16 capacity.

        This saves ~520 kB on cnet.com video pages.

        * platform/graphics/GraphicsContext.cpp:
        (WebCore::GraphicsContext::restore):
        * platform/graphics/GraphicsContext.h:

2015-06-09  Said Abou-Hallawa  <sabouhallawa@apple.com>

        SVG Fragment is not rendered if it is the css background image of an HTML element
        https://bugs.webkit.org/show_bug.cgi?id=91790

        Reviewed by Darin Adler.

        To show an SVG fragment, the SVGImage has to scrollToFragment() using
        the resource url. The changes http://trac.webkit.org/changeset/164804
        and http://trac.webkit.org/changeset/164983 set the url of SVGImage to
        to be used later in SVGImage::draw(). The problem is the SVGImage url
        is only set when it is the src of an <img> tag. We did not do the same
        thing when the SVGImage is the css background image of an HTML element.
        
        The fix is to set the url of the SVGImage always when it's created by 
        the CachedImage. The CachedImage must have a valid url when the SVGImage
        is created.

        Test: svg/css/svg-resource-fragment-identifier-background.html

        * loader/cache/CachedImage.cpp:
        (WebCore::CachedImage::load):
        (WebCore::CachedImage::checkShouldPaintBrokenImage):
        Replace the calls resourceRequest().url() and m_resourceRequest.url() by
        calling url() since they are all the same.
        
        (WebCore::CachedImage::createImage): Pass the resource url to SVGImage
        and change ImageObserver& by ImageObserver*, since null is not legal.
        
        * svg/graphics/SVGImage.cpp:
        (WebCore::SVGImage::SVGImage):
        * svg/graphics/SVGImage.h: Add a url parameter to SVGImage constructor.
        
        * svg/graphics/SVGImageCache.cpp:
        (WebCore::SVGImageCache::findImageForRenderer): Add a new helper function.
        
        (WebCore::SVGImageCache::imageSizeForRenderer):
        (WebCore::SVGImageCache::imageForRenderer): Code clean up.
        
        * svg/graphics/SVGImageCache.h: Make imageForRenderer() const.

        * svg/graphics/SVGImageForContainer.cpp: Remove unneeded header file.

2015-06-09  Matt Rajca  <mrajca@apple.com>

        Add support for toggling playback in MediaSessions and MediaSessionManagers.
        https://bugs.webkit.org/show_bug.cgi?id=145822

        Reviewed by Eric Carlson.

        * Modules/mediasession/MediaSession.cpp: Toggle playback of all active media elements.
        (WebCore::MediaSession::togglePlayback):
        * Modules/mediasession/MediaSession.h:
        * Modules/mediasession/MediaSessionManager.cpp: Toggle playback of all media sessions as described in the
          Media Session spec.
        (WebCore::MediaSessionManager::togglePlayback):
        * Modules/mediasession/MediaSessionManager.h:

2015-06-09  Darin Adler  <darin@apple.com>

        Takes two delete key presses to delete pasted emoji up-pointing index finger with skin tone
        https://bugs.webkit.org/show_bug.cgi?id=145823

        Reviewed by Anders Carlsson.

        Tests: editing/deleting/delete-emoji.html

        * rendering/RenderText.cpp:
        (WebCore::isHangulLVT): Use constants instead of macros. Also changed to take a UChar since
        the Hangul processing can work on UTF-16 code unit at a time and doesn't have to handle
        surrogate pairs.
        (WebCore::isMark): Use U_GC_M_MASK instead of writing the algorithm out another way.
        (WebCore::isInArmenianToLimbuRange): Added.
        (WebCore::RenderText::previousOffsetForBackwardDeletion): Refactored for clarity and to use
        the U16_PREV macro instead of doing what it does in a sloppier way. Added code to allow a
        variation selector before an emoji modifier to fix the bug. Changed Hangul logic to work a
        code unit at a time, since it can, to use an enum class, and to use constants rather than
        all capital macros. Also changed the "dumb" case to use a more appropriate ICU macro.

2015-06-09  Said Abou-Hallawa  <sabouhallawa@apple.com>

        feComposite filter does not clip the paint rect to its effect rect when the operator is 'in' or 'atop'
        https://bugs.webkit.org/show_bug.cgi?id=137856

        Reviewed by Darin Adler.

        There was bug in calculating the absolutePaintRect of the feComposite filter
        when the operator is equal to 'in' or 'atop'. The absolutePaintRect was set
        to the absolutePaintRect of the background FilterEffect which is correct.
        What was missing is clipping this rectangle to the maxEffectRect of the
        filter which we do for other operators.

        Tests: svg/filters/feComposite-background-rect-control-operators.svg

        * platform/graphics/IntRect.h:
        (WebCore::operator-=):
        (WebCore::operator-): Add new operators to IntRect.

        * platform/graphics/filters/FEComposite.cpp:
        (WebCore::FEComposite::determineAbsolutePaintRect): Make sure the filter
        absolutePaintRect is clipped to maxEffectRect for all operators.
        
        (WebCore::FEComposite::platformApplySoftware): Code clean-up.
        
        * platform/graphics/filters/FilterEffect.cpp:
        (WebCore::FilterEffect::determineAbsolutePaintRect): Move the clipping
        part to a separate function.
        
        (WebCore::FilterEffect::clipAbsolutePaintRect): Clip the absolutePaintRect
        to the maxEffectRect of the filter.
        
        * platform/graphics/filters/FilterEffect.h:

2015-06-09  Matt Rajca  <mrajca@apple.com>

        Implement MediaSessionManager to keep track of all MediaSessions.
        https://bugs.webkit.org/show_bug.cgi?id=145806

        Reviewed by Eric Carlson.

        * Modules/mediasession/MediaSession.cpp:
        (WebCore::MediaSession::MediaSession): Add ourselves to the MediaSessionManager upon construction.
        (WebCore::MediaSession::~MediaSession): Remove ourselves from the MediaSessionManager before destruction.
        * Modules/mediasession/MediaSessionManager.cpp: Added to keep track of all living MediaSessions.
        (WebCore::MediaSessionManager::singleton):
        (WebCore::MediaSessionManager::addMediaSession):
        (WebCore::MediaSessionManager::removeMediaSession):
        * Modules/mediasession/MediaSessionManager.h: Added.
        * WebCore.xcodeproj/project.pbxproj: Added new MediaSessionManager sources.

2015-06-09  Ryuan Choi  <ryuan.choi@navercorp.com>

        [CoordinatedGraphics] Remove RefCounted from Tile
        https://bugs.webkit.org/show_bug.cgi?id=145788

        Reviewed by Darin Adler.

        Since r185140, Tile does not need to be RefCounted.

        No new tests, no behavior changes.

        * platform/graphics/texmap/coordinated/Tile.cpp:
        (WebCore::Tile::create): Deleted.
        * platform/graphics/texmap/coordinated/Tile.h:
        * platform/graphics/texmap/coordinated/TiledBackingStore.cpp:
        (WebCore::TiledBackingStore::invalidate):
        (WebCore::TiledBackingStore::updateTileBuffers): Simplifies not to use unnecessary Vector.
        (WebCore::TiledBackingStore::coverageRatio):
        (WebCore::TiledBackingStore::createTiles):
        (WebCore::TiledBackingStore::resizeEdgeTiles):
        (WebCore::TiledBackingStore::setKeepRect):
        (WebCore::TiledBackingStore::tileAt): Deleted one line wrapper.
        (WebCore::TiledBackingStore::setTile): Ditto.
        (WebCore::TiledBackingStore::removeTile): Ditto.
        * platform/graphics/texmap/coordinated/TiledBackingStore.h:

2015-06-09  Chris Dumez  <cdumez@apple.com>

        Allow one sync GC per gcTimer interval on critical memory pressure warning
        https://bugs.webkit.org/show_bug.cgi?id=145773

        Reviewed by Geoffrey Garen.

        * bindings/js/GCController.cpp:
        (WebCore::GCController::garbageCollectNowIfNotDoneRecently):

        Add new GCController::garbageCollectNowIfNotDoneRecently() API that
        allows one synchronous GC per full GC timer interval. If called more
        than once per interval, it becomes equivalent to garbageCollectSoon()
        and merely accelerates the next collection.

        * bindings/js/GCController.h:
        * platform/MemoryPressureHandler.cpp:
        (WebCore::MemoryPressureHandler::releaseCriticalMemory):

        Call the new GCController::garbageCollectNowIfNotDoneRecently() on
        critical memory pressure instead of garbageCollectionSoon() to try
        as do a synchronous GC if one wasn't already done recently.
        Also drop call to fullSweep() as GCController::garbageCollectNow*()
        already do a sweep after the collection.

2015-06-09  Darin Adler  <darin@apple.com>

        Follow-up fix for:
        JavaScript bindings are unnecessarily checking for impossible empty JSValue arguments
        https://bugs.webkit.org/show_bug.cgi?id=145811

        There was one unusual case in the bindings generator that was depending on this.

        * bindings/js/JSDOMBinding.h:
        (WebCore::argumentOrNull): Deleted.
        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateParametersCheck): Stop using argumentOrNull.
        * bindings/scripts/test/JS/JSTestNamedConstructor.cpp: Updated.
        * bindings/scripts/test/JS/JSTestObj.cpp: Updated.

2015-06-09  Darin Adler  <darin@apple.com>

        JavaScript bindings are unnecessarily checking for impossible empty JSValue arguments
        https://bugs.webkit.org/show_bug.cgi?id=145811

        Reviewed by Antti Koivisto.

        At some point, someone who didn't understand JSValue very well added checks for
        isEmpty (and the function isEmpty itself) in JavaScript bindings. But the engine
        never would pass an empty JSValue to a binding; that's used only inside the
        engine itself. I think this was done by some Google V8 experts a while back, so
        it's not entirely surprising they didn't understand this. But we don't want to
        keep all that unneeded code.

        * bindings/js/JSAudioTrackCustom.cpp:
        (WebCore::JSAudioTrack::setKind): Removed the isEmpty clause here. I presume this
        was copied and pasted from script-generated bindings. While I was at it, I used a
        slightly more efficient code path that avoids doing a ref/deref on the string by
        using auto&. That's trickier to do correctly for functions with more than one
        argument, so I didn't do it in the bindings generator yet.
        (WebCore::JSAudioTrack::setLanguage): Ditto.
        * bindings/js/JSTextTrackCustom.cpp:
        (WebCore::JSTextTrack::setKind): Ditto.
        (WebCore::JSTextTrack::setLanguage): Ditto.
        * bindings/js/JSVideoTrackCustom.cpp:
        (WebCore::JSVideoTrack::setKind): Ditto.
        (WebCore::JSVideoTrack::setLanguage): Ditto.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateImplementation): Use "=" syntax instead of constructor style syntax for
        the argument processing. I think this is more readable.
        (GenerateParametersCheck): For the enum code path, did the more efficient auto&
        idiom to avoid ref/deref on a string. For the toExistingAtomicString path,
        restructured so we don't have to check the flag indicating that something is atomic.
        Later we could also avoid the ref/deref; added a FIXME about that.
        (GetNativeType): Use String, not const String, for local variables. Sure, the
        string is const, but so is every other local variable type we use! No need to be
        wordy about it.
        (JSValueToNative): Removed the uneeded calls to isEmpty. Since the call sites no
        longer use construction syntax, used initializer syntax style for a couple classes
        that are constructed with multiple arguments.

        * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp: Updated.
        * bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp: Ditto.
        * bindings/scripts/test/JS/JSTestEventTarget.cpp: Ditto.
        * bindings/scripts/test/JS/JSTestInterface.cpp: Ditto.
        * bindings/scripts/test/JS/JSTestNamedConstructor.cpp: Ditto.
        * bindings/scripts/test/JS/JSTestNondeterministic.cpp: Ditto.
        * bindings/scripts/test/JS/JSTestObj.cpp: Ditto.
        * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp: Ditto.
        * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp: Ditto.
        * bindings/scripts/test/JS/JSTestTypedefs.cpp: Ditto.

2015-06-09  Csaba Osztrogonác  <ossy@webkit.org>

        Fix unused private field warning in GraphicsLayerUpdater.h
        https://bugs.webkit.org/show_bug.cgi?id=145757

        Reviewed by Darin Adler.

        * platform/graphics/GraphicsLayerUpdater.cpp:
        (WebCore::GraphicsLayerUpdater::GraphicsLayerUpdater):
        * platform/graphics/GraphicsLayerUpdater.h:

2015-06-09  Yusuke Suzuki  <utatane.tea@gmail.com>

        Crash when passing Symbol to NPAPI plugin objects
        https://bugs.webkit.org/show_bug.cgi?id=145798

        Reviewed by Darin Adler.

        Test: plugins/npruntime/script-object-with-symbols.html

        For C bridge APIs, we add guards for symbols.
        This is the same to the existing guards in Objective-C APIs.

        * bridge/c/c_class.cpp:
        (JSC::Bindings::CClass::methodNamed):
        (JSC::Bindings::CClass::fieldNamed):
        * bridge/objc/objc_class.mm:
        (JSC::Bindings::ObjcClass::methodNamed):
        (JSC::Bindings::ObjcClass::fieldNamed):
        (JSC::Bindings::ObjcClass::fallbackObject):

2015-06-09  Csaba Osztrogonác  <ossy@webkit.org>

        [cmake] Fix the style issues in cmake project files
        https://bugs.webkit.org/show_bug.cgi?id=145755

        Reviewed by Darin Adler.

        * CMakeLists.txt:
        * PlatformEfl.cmake:
        * PlatformGTK.cmake:
        * PlatformMac.cmake:
        * PlatformWin.cmake:
        * PlatformWinCairo.cmake:

2015-06-09  Xabier Rodriguez Calvar  <calvaris@igalia.com> and Youenn Fablet <youenn.fablet@crf.canon.fr>

        [Streams API] ReadableJSStream should handle JS source getters that throw
        https://bugs.webkit.org/show_bug.cgi?id=145600

        Reviewed by Darin Adler.

        Checking whether there is an exception when trying to access to a source method.
        If so, rethrowing it in case of "start".

        Refactoring of code to prepare pulling, cancelling and additional parameter handling in ReadableStream construtor.

        Fixed the case of ReadableStream constructor called with an undefined parameter.

        Covered by rebased test expectation.

        * bindings/js/JSReadableStreamCustom.cpp:
        (WebCore::constructJSReadableStream): Refactoring to group all parameter check and exception handling in ReadableJSStream::create.
        * bindings/js/ReadableJSStream.cpp:
        (WebCore::getPropertyFromObject):
        (WebCore::callFunction):
        (WebCore::ReadableJSStream::invoke): Added method to be used also for pulling and cancelling.
        (WebCore::ReadableJSStream::doStart):
        (WebCore::ReadableJSStream::create):
        * bindings/js/ReadableJSStream.h:

2015-06-08  Dan Bernstein  <mitz@apple.com>

        Made MicroTask.h a project header.

        Rubber-stamped by Anders Carlsson.

        * WebCore.xcodeproj/project.pbxproj: Demoted MicroTask.h from Public to Project. WebCore
        doesn’t have public headers, and this header isn’t used by WebKit.

2015-06-08  Gyuyoung Kim  <gyuyoung.kim@webkit.org>

        Purge PassRefPtr in JavaScriptCore
        https://bugs.webkit.org/show_bug.cgi?id=145750

        Reviewed by Darin Adler.

        As a step to purge PassRefPtr, this patch replaces PassRefPtr with Ref or RefPtr.

        No new tests, no behavior changes.

        * bindings/js/JSDOMWindowBase.cpp:
        (WebCore::JSDOMWindowBase::commonVM):

2015-06-08  Zalan Bujtas  <zalan@apple.com>

        Subpixel rendering: Clip-path does not work properly on subpixel positions.
        https://bugs.webkit.org/show_bug.cgi?id=145749
        rdar://problem/20824305

        Reviewed by Simon Fraser.

        This patch ensures that clip-path is device pixel snapped both for composited and
        non-composited content.

        Tests: compositing/masks/compositing-clip-path-on-subpixel-position.html
               fast/masking/clip-path-on-subpixel-position.html

        * rendering/RenderLayer.cpp:
        (WebCore::RenderLayer::setupClipPath):
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::updateMaskingLayerGeometry):

2015-06-08  Chris Dumez  <cdumez@apple.com>

        Access GCController instance via GCController::singleton() instead of a free function
        https://bugs.webkit.org/show_bug.cgi?id=145776

        Reviewed by Darin Adler.

        Access GCController instance via GCController::singleton() instead of a
        free function as per coding style and for consistency with other
        singleton classes in the codebase.

        * bindings/js/GCController.cpp:
        (WebCore::GCController::singleton):
        (WebCore::gcController): Deleted.
        * bindings/js/GCController.h:
        * bindings/js/JSDOMWindowShell.cpp:
        (WebCore::JSDOMWindowShell::setWindow):
        * bindings/js/ScriptCachedFrameData.cpp:
        (WebCore::ScriptCachedFrameData::clear):
        * bindings/js/ScriptController.cpp:
        (WebCore::collectGarbageAfterWindowShellDestruction):
        * platform/MemoryPressureHandler.cpp:
        (WebCore::MemoryPressureHandler::releaseCriticalMemory):

2015-06-08  Daniel Bates  <dabates@apple.com>

        Mouse release on AutoFill button activates it; should only activate on click
        https://bugs.webkit.org/show_bug.cgi?id=145774
        <rdar://problem/21069245>

        Reviewed by Ryosuke Niwa.

        Fixes an issue where a click event was dispatched to a shadow tree node regardless of whether
        both the mouse press and mouse release were targeted at it. In particular, releasing the mouse
        on the AutoFill button activates it regardless of whether the mouse was pressed on it.

        Currently we always dispatch a click event to a node n where the mouse was released when n is
        in a shadow tree regardless of whether the mouse was pressed on n. Instead we should only
        dispatch a click event to n if the mouse was pressed and released on n. If n is a shadow tree
        descendant, the mouse was released on n, and n never received a mouse press then we should
        dispatch the click event at the shadow host element of n to preserve the illusion to web
        developers that the shadow host element is a single element.

        Test: fast/forms/auto-fill-button/mouse-down-input-mouse-release-auto-fill-button.html

        * page/EventHandler.cpp:
        (WebCore::targetNodeForClickEvent): Added; returns the target node for the DOM click event.
        (WebCore::EventHandler::handleMouseReleaseEvent): Modified to use dispatch the DOM click event
        at the node returned by targetNodeForClickEvent().
        (WebCore::mouseIsReleasedOnPressedElement): Deleted.

2015-06-08  Chris Dumez  <cdumez@apple.com>

        WebContent crash in WebCore::Page::sessionID() const + 0 (Page.cpp:1660)
        https://bugs.webkit.org/show_bug.cgi?id=145748
        <rdar://problem/21226577>

        Reviewed by Brady Eidson.

        We would sometimes crash when pruning the PageCache because it was
        possible for frames to still be loading while in the PageCache and
        we would try to stop the load when the CachedFrame is destroyed. This
        code path was not supposed to be exercised as we were not supposed to
        have pages still loading inside the PageCache.

        r185017 made sure we don't insert into the PageCache pages that are
        still loading. However, nothing was preventing content from starting
        new loads in their 'pagehide' event handlers, *after* the decision
        to put the page in the PageCache was made.

        This patch prevents content from starting loads from a 'pagehide'
        event handler so that we can no longer have content that is loading
        inside the PageCache. 'ping' image loads still go through though as
        these are specially handled and use PingLoaders.

        Tests: http/tests/navigation/image-load-in-pagehide-handler.html
               http/tests/navigation/subframe-pagehide-handler-starts-load.html
               http/tests/navigation/subframe-pagehide-handler-starts-load2.html

        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::FrameLoader):
        (WebCore::FrameLoader::stopLoading):
        (WebCore::FrameLoader::loadURL):
        (WebCore::FrameLoader::loadWithDocumentLoader):
        (WebCore::FrameLoader::stopAllLoaders):
        (WebCore::FrameLoader::handleBeforeUnloadEvent):
        * loader/FrameLoader.h:
        (WebCore::FrameLoader::pageDismissalEventBeingDispatched):
        (WebCore::FrameLoader::PageDismissalEventType::PageDismissalEventType):
        (WebCore::FrameLoader::PageDismissalEventType::operator Page::DismissalType):

        Add wrapper class for m_pageDismissalEventBeingDispatched member type.
        The wrapper takes care of updating the m_dismissalEventBeingDispatched
        member on the Page every time the member on FrameLoader is updated. We
        now cache this information on the Page so that clients can cheaply
        query if a dismissal event is being dispatched in any of the Page's
        frame, without having to traverse the frame tree.

        * loader/ImageLoader.cpp:
        (WebCore::pageIsBeingDismissed):

        * loader/cache/CachedResource.cpp:
        (WebCore::CachedResource::load):

        Abort the load early if we are currently dispatching a 'pagehide'
        event. We don't allow new loads at such point because we've already
        made the decision to add the Page to the PageCache.

        * loader/cache/CachedResourceLoader.cpp:
        (WebCore::CachedResourceLoader::requestImage):

        * page/Chrome.cpp:
        (WebCore::Chrome::runModal): Deleted.
        (WebCore::Chrome::setToolbarsVisible): Deleted.
        (WebCore::Chrome::toolbarsVisible): Deleted.
        (WebCore::Chrome::runJavaScriptConfirm): Deleted.
        (WebCore::Chrome::runJavaScriptPrompt): Deleted.
        (WebCore::Chrome::shouldInterruptJavaScript): Deleted.
        * page/Chrome.h:
        * page/ChromeClient.h:
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::canShowModalDialogNow):

        Drop ChromeClient::shouldRunModalDialogDuringPageDismissal() and code
        using it as it is unused and I did not think it was worth updating
        this code.

        * page/Page.h:
        (WebCore::Page::dismissalEventBeingDispatched):
        (WebCore::Page::setDismissalEventBeingDispatched):

        Add a m_dismissalEventBeingDispatched member to the Page so that we can
        easily query if a dismissal event is being dispatched in any of the
        frames, without having to traverse the frame tree. I suspect more call
        sites of FrameLoader::pageDismissalEventBeingDispatched() may actually
        want this but I did not make such change in this patch. It is important
        to check all the frames and not simply the current one because a frame's
        pagehide event handler may trigger a load in another frame.

2015-06-08  Hunseop Jeong  <hs85.jeong@samsung.com>

        Replaced 0 with nullptr in WebCore/Modules.
        https://bugs.webkit.org/show_bug.cgi?id=145758

        Reviewed by Darin Adler.

        No new tests, no behavior changes.

        * Modules/battery/BatteryManager.cpp:
        (WebCore::BatteryManager::BatteryManager):
        * Modules/encryptedmedia/CDM.cpp:
        (WebCore::CDM::CDM):
        * Modules/encryptedmedia/MediaKeys.cpp:
        (WebCore::MediaKeys::MediaKeys):
        (WebCore::MediaKeys::~MediaKeys):
        * Modules/indexeddb/IDBCursor.h:
        (WebCore::IDBCursor::continueFunction):
        * Modules/indexeddb/IDBCursorBackendOperations.cpp:
        (WebCore::CursorAdvanceOperation::perform):
        (WebCore::CursorIterationOperation::perform):
        * Modules/indexeddb/IDBDatabase.cpp:
        (WebCore::IDBDatabase::transactionFinished):
        * Modules/indexeddb/IDBDatabaseCallbacksImpl.cpp:
        (WebCore::IDBDatabaseCallbacksImpl::IDBDatabaseCallbacksImpl):
        * Modules/indexeddb/IDBEventDispatcher.cpp:
        (WebCore::IDBEventDispatcher::dispatch):
        * Modules/indexeddb/IDBIndex.h:
        (WebCore::IDBIndex::openCursor):
        (WebCore::IDBIndex::count):
        (WebCore::IDBIndex::openKeyCursor):
        * Modules/indexeddb/IDBObjectStore.cpp:
        (WebCore::IDBObjectStore::add):
        (WebCore::IDBObjectStore::put):
        (WebCore::IDBObjectStore::index):
        (WebCore::IDBObjectStore::openCursor):
        * Modules/indexeddb/IDBObjectStore.h:
        (WebCore::IDBObjectStore::count):
        * Modules/indexeddb/IDBOpenDBRequest.cpp:
        (WebCore::IDBOpenDBRequest::onUpgradeNeeded):
        (WebCore::IDBOpenDBRequest::onSuccess):
        * Modules/indexeddb/IDBRequest.cpp:
        (WebCore::IDBRequest::IDBRequest):
        * Modules/indexeddb/IDBTransaction.cpp:
        (WebCore::IDBTransaction::OpenCursorNotifier::cursorFinished):
        * Modules/indexeddb/IDBTransactionBackend.cpp:
        (WebCore::IDBTransactionBackend::commit):
        * Modules/indexeddb/IDBTransactionBackendOperations.cpp:
        (WebCore::OpenCursorOperation::perform):
        * Modules/indieui/UIRequestEvent.cpp:
        (WebCore::UIRequestEventInit::UIRequestEventInit):
        (WebCore::UIRequestEvent::UIRequestEvent):
        * Modules/mediasource/MediaSource.cpp:
        (WebCore::MediaSource::MediaSource):
        (WebCore::MediaSource::setReadyState):
        (WebCore::MediaSource::removeSourceBuffer):
        * Modules/mediasource/SourceBuffer.cpp:
        (WebCore::SourceBuffer::~SourceBuffer):
        (WebCore::SourceBuffer::removedFromMediaSource):
        * Modules/mediastream/MediaStream.cpp:
        (WebCore::MediaStream::~MediaStream):
        * Modules/mediastream/MediaStreamEvent.cpp:
        (WebCore::MediaStreamEventInit::MediaStreamEventInit):
        * Modules/mediastream/MediaStreamTrackEvent.cpp:
        (WebCore::MediaStreamTrackEventInit::MediaStreamTrackEventInit):
        * Modules/mediastream/RTCDataChannel.cpp:
        (WebCore::RTCDataChannel::stop):
        * Modules/mediastream/UserMediaRequest.cpp:
        (WebCore::UserMediaRequest::contextDestroyed):
        * Modules/notifications/Notification.cpp:
        (WebCore::Notification::Notification):
        * Modules/notifications/Notification.h:
        * Modules/speech/SpeechSynthesis.cpp:
        (WebCore::SpeechSynthesis::SpeechSynthesis):
        (WebCore::SpeechSynthesis::setPlatformSynthesizer):
        (WebCore::SpeechSynthesis::cancel):
        (WebCore::SpeechSynthesis::handleSpeakingCompleted):
        * Modules/speech/SpeechSynthesisUtterance.cpp:
        (WebCore::SpeechSynthesisUtterance::~SpeechSynthesisUtterance):
        * Modules/webaudio/AudioBufferSourceNode.cpp:
        (WebCore::AudioBufferSourceNode::AudioBufferSourceNode):
        (WebCore::AudioBufferSourceNode::clearPannerNode):
        * Modules/webaudio/AudioContext.cpp:
        (WebCore::AudioContext::createMediaStreamSource):
        * Modules/webaudio/MediaElementAudioSourceNode.cpp:
        (WebCore::MediaElementAudioSourceNode::~MediaElementAudioSourceNode):
        * Modules/webaudio/OscillatorNode.cpp:
        (WebCore::OscillatorNode::setType):
        (WebCore::OscillatorNode::process):
        * Modules/webdatabase/DatabaseManager.cpp:
        (WebCore::DatabaseManager::DatabaseManager):
        * Modules/webdatabase/DatabaseThread.cpp:
        (WebCore::DatabaseThread::DatabaseThread):
        (WebCore::DatabaseThread::databaseThread):
        * Modules/webdatabase/DatabaseThread.h:
        * Modules/webdatabase/DatabaseTracker.cpp:
        (WebCore::DatabaseTracker::DatabaseTracker):
        * Modules/webdatabase/SQLCallbackWrapper.h:
        (WebCore::SQLCallbackWrapper::clear):
        (WebCore::SQLCallbackWrapper::unwrap):
        * Modules/webdatabase/SQLStatementBackend.cpp:
        (WebCore::SQLStatementBackend::clearFailureDueToQuota):
        * Modules/webdatabase/SQLTransaction.cpp:
        (WebCore::SQLTransaction::deliverTransactionErrorCallback):
        * Modules/webdatabase/SQLTransactionBackend.cpp:
        (WebCore::SQLTransactionBackend::doCleanup):
        (WebCore::SQLTransactionBackend::getNextStatement):
        * Modules/webdatabase/SQLTransactionCoordinator.cpp:
        (WebCore::SQLTransactionCoordinator::releaseLock):
        * Modules/websockets/ThreadableWebSocketChannelClientWrapper.cpp:
        (WebCore::ThreadableWebSocketChannelClientWrapper::ThreadableWebSocketChannelClientWrapper):
        (WebCore::ThreadableWebSocketChannelClientWrapper::clearPeer):
        (WebCore::ThreadableWebSocketChannelClientWrapper::clearClient):
        * Modules/websockets/WebSocket.cpp:
        (WebCore::WebSocket::stop):
        * Modules/websockets/WebSocketChannel.cpp:
        (WebCore::WebSocketChannel::disconnect):
        (WebCore::WebSocketChannel::didCloseSocketStream):
        * Modules/websockets/WebSocketFrame.h:
        * Modules/websockets/WebSocketHandshake.cpp:
        (WebCore::WebSocketHandshake::clearScriptExecutionContext):
        (WebCore::WebSocketHandshake::readStatusLine):
        * Modules/websockets/WorkerThreadableWebSocketChannel.cpp:
        (WebCore::WorkerThreadableWebSocketChannel::Peer::disconnect):
        (WebCore::WorkerThreadableWebSocketChannel::Peer::didClose):
        (WebCore::WorkerThreadableWebSocketChannel::Bridge::Bridge):

2015-06-08  Chris Fleizach  <cfleizach@apple.com>

        AX: improve list heuristics (presentational use versus actual lists)
       ​https://bugs.webkit.org/show_bug.cgi?id=134187

        Unreviewed. Rolling this change out temporarily.

        * accessibility/AccessibilityList.cpp:
        (WebCore::AccessibilityList::isDescriptionList):
        (WebCore::AccessibilityList::determineAccessibilityRole):
        (WebCore::AccessibilityList::childHasPseudoVisibleListItemMarkers): Deleted.
        * accessibility/AccessibilityList.h:

2015-06-08  Eric Carlson  <eric.carlson@apple.com>

        [Mac] Enable AVFoundation by default when QTKit is disabled by default
        https://bugs.webkit.org/show_bug.cgi?id=145760

        Reviewed by Alexey Proskuryakov.

        No new tests, this change makes existing tests pass.

        Settings::gAVFoundationEnabled defaults to true.

        * page/Settings.cpp:
        (WebCore::invalidateAfterGenericFamilyChange):

2015-06-08  Ryosuke Niwa  <rniwa@webkit.org>

        Explicitly dismiss correction panel when user types a new character
        https://bugs.webkit.org/show_bug.cgi?id=145732
        <rdar://problem/19596892>

        Reviewed by Darin Adler.

        Explicitly dismiss the correction panel when the user types a new character.
        This patch shouldn't change any behavior we're currently relying on AppKit to do the same.

        Manually ran tests in ManualTests/autocorrection.

        * editing/AlternativeTextController.cpp:
        (WebCore::AlternativeTextController::respondToAppliedEditing):

2015-06-08  Javier Fernandez  <jfernandez@igalia.com>

        [CSS Grid Layout] Setting height on a grid item doesn't have any effect
        https://bugs.webkit.org/show_bug.cgi?id=145604

        Reviewed by Sergio Villar Senin.

        Box Alignment spec states that stretch is only possible when height is
        'auto' and no 'auto' margins are used.

        It might be the case that style changes so that stretching is not allowed,
        hence we need to detect it and clear the override height the stretching
        algorithm previously set. The new layout triggered by the style change
        will then set grid item's height according to the new style rules.

        Test: fast/css-grid-layout/grid-item-should-not-be-stretched-when-height-or-margin-change.html

        * rendering/RenderGrid.cpp:
        (WebCore::RenderGrid::applyStretchAlignmentToChildIfNeeded):

2015-06-08  Brady Eidson  <beidson@apple.com>

        Completely remove all IDB properties/constructors when it is disabled at runtime.
        rdar://problem/18429374 and https://bugs.webkit.org/show_bug.cgi?id=137034

        Reviewed by Geoffrey Garen.

        Test: storage/indexeddb/properties-disabled-at-runtime.html

        - Make constructors all runtime enabled.
        - Remove autogeneration of the window.(webkit)indexedDB accessors.
        - Add manual overrides for the (webkit)indexedDB accessors at runtime.
        
        * Modules/indexeddb/DOMWindowIndexedDatabase.idl:
        * Modules/indexeddb/IDBAny.idl:
        * Modules/indexeddb/IDBCursor.idl:
        * Modules/indexeddb/IDBCursorWithValue.idl:
        * Modules/indexeddb/IDBDatabase.idl:
        * Modules/indexeddb/IDBFactory.idl:
        * Modules/indexeddb/IDBIndex.idl:
        * Modules/indexeddb/IDBKeyRange.idl:
        * Modules/indexeddb/IDBObjectStore.idl:
        * Modules/indexeddb/IDBOpenDBRequest.idl:
        * Modules/indexeddb/IDBRequest.idl:
        * Modules/indexeddb/IDBTransaction.idl:
        * Modules/indexeddb/IDBVersionChangeEvent.idl:
        * page/DOMWindow.idl:

        * bindings/js/JSDOMWindowCustom.cpp:
        (WebCore::jsDOMWindowIndexedDB):
        (WebCore::JSDOMWindow::getOwnPropertySlot):

2015-06-08  Michael Catanzaro  <mcatanzaro@igalia.com>

        [SOUP] Performs DNS prefetch when a proxy is configured (information leak)
        https://bugs.webkit.org/show_bug.cgi?id=145542

        Reviewed by Alexey Proskuryakov.

        No new tests, because it's hard to test whether a DNS request has been sent. We could do
        this by adding new API to modify the GProxyResolver and GResolver used by the SoupSession in
        the network process, but even if such API were desirable, it would be a big job. Tests
        should not be allowed to dictate our public API.

        * platform/network/DNSResolveQueue.cpp:
        (WebCore::DNSResolveQueue::add): Do not check whether the system is using a proxy, since
        this can't be determined for all ports here.
        (WebCore::DNSResolveQueue::timerFired): Do not check whether the system is using a proxy,
        since this can't be determined for all ports here.
        (WebCore::DNSResolveQueue::DNSResolveQueue): Remove member variables and member functions
        that are only needed by the CF backend. Rename platformResolve to
        platformMaybeResolveHost.
        (WebCore::DNSResolveQueue::isUsingProxy): Moved to DNSCFNet.cpp.
        * platform/network/DNSResolveQueue.h: Remove member variables that are only needed by the
        CF backend.
        * platform/network/cf/DNSCFNet.cpp:
        (WebCore::proxyIsEnabledInSystemPreferences): Renamed from
        platformProxyIsEnabledInSystemPreferences.
        (WebCore::isUsingProxy): Moved from DNSResolveQueue.cpp. The member variables removed from
        DNSResolveQueue are not static here. This is safe since it's a singleton.
        (WebCore::DNSResolveQueue::platformMaybeResolveHost): Renamed from platformResolve.
        Bail early from here if a proxy is configured.
        (WebCore::DNSResolveQueue::platformProxyIsEnabledInSystemPreferences): Renamed to
        proxyIsEnabledInSystemPreferences.
        (WebCore::DNSResolveQueue::platformResolve): Renamed to platformMaybeResolveHost.
        * platform/network/soup/DNSSoup.cpp:
        (WebCore::gotProxySettingsCallback): Added. Call soup_session_prefetch_dns from here only
        if a proxy would not be used to resolve the host.
        (WebCore::DNSResolveQueue::platformMaybeResolveHost): Renamed from platformResolve.
        Look up proxy settings using g_proxy_resolver_lookup_async rather than calling
        soup_session_prefetch_dns directly.
        (WebCore::DNSResolveQueue::platformProxyIsEnabledInSystemPreferences): Deleted.
        (WebCore::DNSResolveQueue::platformResolve): Renamed to platformMaybeResolveHost.

2015-06-08  Hunseop Jeong  <hs85.jeong@samsung.com>

        Use modern for-loops in WebCore/Modules - 2
        https://bugs.webkit.org/show_bug.cgi?id=145541

        Reviewed by Darin Adler.

        No new tests, no behavior changes.

        * Modules/mediastream/RTCConfiguration.h:
        (WebCore::RTCConfiguration::iceServers):
        * Modules/mediastream/RTCDTMFSender.cpp:
        (WebCore::RTCDTMFSender::scheduledEventTimerFired):
        * Modules/mediastream/RTCDataChannel.cpp:
        (WebCore::RTCDataChannel::scheduledEventTimerFired):
        * Modules/mediastream/RTCPeerConnection.cpp:
        (WebCore::processIceServer):
        (WebCore::RTCPeerConnection::~RTCPeerConnection):
        (WebCore::RTCPeerConnection::getStreamById):
        (WebCore::RTCPeerConnection::hasLocalStreamWithTrackId):
        (WebCore::RTCPeerConnection::stop):
        (WebCore::RTCPeerConnection::scheduledEventTimerFired):
        * Modules/mediastream/RTCStatsReport.cpp:
        (WebCore::RTCStatsReport::names):
        * Modules/navigatorcontentutils/NavigatorContentUtils.cpp:
        (WebCore::initProtocolHandlerWhitelist):
        * Modules/speech/SpeechSynthesis.cpp:
        (WebCore::SpeechSynthesis::getVoices):
        * Modules/webaudio/AudioBuffer.cpp:
        (WebCore::AudioBuffer::memoryCost):
        * Modules/webaudio/AudioContext.cpp:
        (WebCore::AudioContext::createMediaStreamSource):
        (WebCore::AudioContext::derefFinishedSourceNodes):
        (WebCore::AudioContext::derefUnfinishedSourceNodes):
        (WebCore::AudioContext::handleDeferredFinishDerefs):
        (WebCore::AudioContext::handleDirtyAudioSummingJunctions):
        (WebCore::AudioContext::handleDirtyAudioNodeOutputs):
        (WebCore::AudioContext::updateAutomaticPullNodes):
        (WebCore::AudioContext::processAutomaticPullNodes):
        * Modules/webaudio/AudioNode.cpp:
        (WebCore::AudioNode::updateChannelsForInputs):
        (WebCore::AudioNode::checkNumberOfChannelsForInput):
        (WebCore::AudioNode::pullInputs):
        (WebCore::AudioNode::inputsAreSilent):
        (WebCore::AudioNode::silenceOutputs):
        (WebCore::AudioNode::unsilenceOutputs):
        (WebCore::AudioNode::enableOutputsIfNecessary):
        (WebCore::AudioNode::disableOutputsIfNecessary):
        (WebCore::AudioNode::finishDeref):
        * Modules/webaudio/AudioNodeInput.cpp:
        (WebCore::AudioNodeInput::numberOfChannels):
        (WebCore::AudioNodeInput::sumAllConnections):
        * Modules/webaudio/AudioNodeOutput.cpp:
        (WebCore::AudioNodeOutput::propagateChannelCount):
        (WebCore::AudioNodeOutput::disable):
        (WebCore::AudioNodeOutput::enable):
        * Modules/webaudio/AudioParam.cpp:
        (WebCore::AudioParam::calculateFinalValues):
        * Modules/webaudio/AudioParamTimeline.cpp:
        (WebCore::AudioParamTimeline::insertEvent):
        * Modules/webaudio/AudioSummingJunction.cpp:
        (WebCore::AudioSummingJunction::updateRenderingState):
        * Modules/webaudio/MediaStreamAudioSource.cpp:
        (WebCore::MediaStreamAudioSource::setAudioFormat):
        (WebCore::MediaStreamAudioSource::consumeAudio):
        * Modules/webaudio/WaveShaperProcessor.cpp:
        (WebCore::WaveShaperProcessor::setOversample):
        * Modules/webdatabase/DatabaseThread.cpp:
        (WebCore::DatabaseThread::handlePausedQueue):
        (WebCore::DatabaseThread::databaseThread):
        * Modules/webdatabase/DatabaseTracker.cpp:
        (WebCore::DatabaseTracker::interruptAllDatabasesForContext):
        (WebCore::DatabaseTracker::databaseNamesForOrigin):
        (WebCore::DatabaseTracker::getOpenDatabases):
        (WebCore::DatabaseTracker::usageForOrigin):
        (WebCore::DatabaseTracker::deleteAllDatabases):
        (WebCore::DatabaseTracker::deleteOrigin):
        (WebCore::DatabaseTracker::deleteDatabaseFile):
        (WebCore::DatabaseTracker::removeDeletedOpenedDatabases):
        (WebCore::DatabaseTracker::setDatabasesPaused):
        * Modules/webdatabase/SQLTransactionCoordinator.cpp:
        (WebCore::SQLTransactionCoordinator::shutdown):
        * Modules/websockets/WebSocket.cpp:
        (WebCore::WebSocket::connect):
        * Modules/websockets/WebSocketExtensionDispatcher.cpp:
        (WebCore::WebSocketExtensionDispatcher::addProcessor):
        (WebCore::WebSocketExtensionDispatcher::appendAcceptedExtension):
        (WebCore::WebSocketExtensionDispatcher::processHeaderValue):
        * Modules/websockets/WebSocketHandshake.cpp:
        (WebCore::WebSocketHandshake::clientHandshakeMessage):

2015-06-07  Darin Adler  <darin@apple.com>

        REGRESSION (r181720): Unnecessary layout triggered any time animated GIF advances to a new frame
        https://bugs.webkit.org/show_bug.cgi?id=145733

        Reviewed by Andreas Kling.

        Test: fast/images/animated-gif-no-layout.html

        * rendering/RenderImage.cpp:
        (WebCore::RenderImage::styleDidChange): Correctly pass ImageSizeChangeNone in cases
        where we don't need to report a change in intrinsic size that happened outside the
        repaintOrMarkForLayout function.
        (WebCore::RenderImage::repaintOrMarkForLayout): Move work that should only be done
        when size changed inside the if statement.

        * testing/Internals.cpp:
        (WebCore::Internals::layoutCount): Added.
        * testing/Internals.h: Added layoutCount.
        * testing/Internals.idl: Ditto.

2015-06-07  Michael Catanzaro  <mcatanzaro@igalia.com>

        Fix strncpy use in WebCore::Text::formatForDebugger
        https://bugs.webkit.org/show_bug.cgi?id=145608

        Reviewed by Darin Adler.

        r185137 replaced a call to strncpy with a call to strlcpy, which broke the build on Linux
        since strlcpy does not exist there. r185148 reverted this to use strncpy again, but got the
        size argument off by one, "introducing" a buffer overrun. But this code has always been
        wrong, since it used strncpy without ensuring that the buffer is null-terminated after the
        call to strncpy. Fix this as well.

        * dom/Text.cpp:
        (WebCore::Text::formatForDebugger):

2015-06-07  Antti Koivisto  <antti@apple.com>

        CrashTracer: [USER] com.apple.WebKit.WebContent.Development at com.apple.WebCore: WebCore::FrameLoader::subresourceCachePolicy const + 11
        https://bugs.webkit.org/show_bug.cgi?id=145736
        rdar://problem/21246971

        Reviewed by David Kilzer.

        No repro, no test.

        * html/HTMLLinkElement.cpp:
        (WebCore::HTMLLinkElement::setCSSStyleSheet):

            Null check frame. It may be null during frame teardown.

2015-06-06  Anders Carlsson  <andersca@apple.com>

        Remove support from getting plug-in information from Carbon resources
        https://bugs.webkit.org/show_bug.cgi?id=145730

        Reviewed by Dan Bernstein.

        Remove a now unused function.

        * platform/mac/WebCoreNSStringExtras.h:
        * platform/mac/WebCoreNSStringExtras.mm:
        (stringEncodingForResource): Deleted.

2015-06-06  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r185284.
        https://bugs.webkit.org/show_bug.cgi?id=145723

        it needs some discussion before landing (Requested by dino on
        #webkit).

        Reverted changeset:

        "[iOS] Don't force compositing layers for no-op 3D transforms
        on low-memory devices."
        https://bugs.webkit.org/show_bug.cgi?id=145719
        http://trac.webkit.org/changeset/185284

2015-06-06  Ryosuke Niwa  <rniwa@webkit.org>

        Typing is slow in Gmail on iPads
        https://bugs.webkit.org/show_bug.cgi?id=145686

        Reviewed by Enrica Casucci.

        The bug was caused by nextCandidate and nextVisuallyDistinctCandidate traversing through each character
        in a text node without a renderer. Skip any node that doesn't have a renderer in both of those functions
        and corresponding previous* functions.

        It's fine to skip unrendered nodes in PositionIterator because only other clients of PositionIterator
        are Position::upstream and Position::downstream and they don't care about un-rendered nodes either.

        * dom/PositionIterator.cpp:
        (WebCore::PositionIterator::increment):
        (WebCore::PositionIterator::decrement):
        * editing/htmlediting.cpp:
        (WebCore::nextVisuallyDistinctCandidate):
        (WebCore::previousVisuallyDistinctCandidate):

2015-06-06  Mark Lam  <mark.lam@apple.com>

        Returned Exception* values need to be initialized to nullptr when no exceptions are thrown.
        https://bugs.webkit.org/show_bug.cgi?id=145720

        Reviewed by Dan Bernstein.

        No new tests because this issue is already covered by the existing inspector-protocol tests.

        * bindings/js/WorkerScriptController.cpp:
        (WebCore::WorkerScriptController::evaluate):

2015-06-05  Andreas Kling  <akling@apple.com>

        [iOS] Don't force compositing layers for no-op 3D transforms on low-memory devices.
        <https://webkit.org/b/145719>
        <rdar://problem/19973042>

        Reviewed by Geoffrey Garen.

        We put elements with 3D identity transforms onto compositing layers because
        we anticipate that they will somehow animate in the future.

        This can get extremely expensive, especially on low-memory devices.
        This patch makes WebKit stop handing out compositing layers for this kinda thing:

            -webkit-transform: translate3d(0,0,0)

        ..on devices with 512MB or less. This dramatically improves stability on some
        web pages.

        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::requiresCompositingForTransform):

2015-06-05  Matt Baker  <mattbaker@apple.com>

        Web Inspector: "Other" time in the framerate table is often negative
        https://bugs.webkit.org/show_bug.cgi?id=145712

        Reviewed by Timothy Hatcher.

        The Inspector frontend flattens the timeline event tree it receives from the backend, which can contain nested
        paint records. The nested records represent a single paint event, but were being interpreted as two separate
        events for purposes of calculating total layout time. This caused the calculated "other" time to be less than
        it should be (and in some cases negative).

        * inspector/InspectorTimelineAgent.cpp:
        (WebCore::InspectorTimelineAgent::addRecordToTimeline):
        Paint records are no longer nested, we simply drop the child paint event.

2015-06-05  Chris Dumez  <cdumez@apple.com>

        Unreviewed, speculative Windows build fix after r185273.

        * platform/VNodeTracker.h:

2015-06-05  Chris Dumez  <cdumez@apple.com>

        [WK2][iOS] Limit the number of vnodes used by the WebContent processes
        https://bugs.webkit.org/show_bug.cgi?id=145672
        <rdar://problem/21126637>

        Reviewed by Antti Koivisto.

        Limit the number of vnodes used by the WebContent processes to reduce
        the chance of getting killed due to the system running out of vnodes.
        We sometimes see the WebContent process use up to 50% of the system's
        vnode limit on some tests on iOS, which seems excessive. Most vnodes
        are due to CachedResources which are mmap'd from the WebKit disk cache
        and kept alive due to caches such as the Memory Cache / PageCache.

        This patch adds tracking for the number of SharedBuffer objects that are
        backed by a CFDataRef as this should track most of the vnodes used by
        the process. The WebContent process registers a vnode pressure handler
        upon initialization (likely it already does for memory pressure
        handling). This handler gets called when the process uses over 15% of
        of system's vnode limit and the "critical" flag is set if it uses over
        20% of the system limit. The vnode pressure handler currently calls the
        memory pressure handler as freeing our caches (especially PageCache,
        MemoryCache) and doing a JS GC frees up vnodes.

        On iPhone 6 Plus, the system limit is at 3000, which would lead to the
        following limits being used:
        soft: 450 / hard: 600

        However, on older hardware, the system limit can be as low as 2000,
        which would lead to the following limits being used:
        soft: 300 / hard: 400

        vnode tracking is currently only enabled on iOS because system vnode
        limits are usually much higher on Mac (e.g. 473695 on Mac Pro, 9984
        on a 2011 MacBook Air) and we normally don't get killed.

        * WebCore.xcodeproj/project.pbxproj:

        Add new files to the XCode project.

        * platform/SharedBuffer.h:

        Add a VNodeTracker::Token member next to the CFDataRef member that we
        initialize if the SharedBuffer is constructed from a CFDataRef.

        * platform/VNodeTracker.cpp: Added.
        (WebCore::VNodeTracker::singleton):
        (WebCore::VNodeTracker::VNodeTracker):
        (WebCore::VNodeTracker::checkPressureState):
        (WebCore::VNodeTracker::pressureWarningTimerFired):
        (WebCore::VNodeTracker::nextPressureWarningInterval):
        (WebCore::VNodeTracker::platformInitialize):
        * platform/VNodeTracker.h: Added.
        (WebCore::VNodeTracker::setPressureHandler):

        Add a new VNodeTracker singleton to keep track the number of vnodes
        used by the process since the system does not issue warnings before
        reaching its vnode limit. Call sites should request Tokens for
        every vnode they use for tracking purposes. Each process can then
        set a vnode pressure handler function that will be called when the
        process is over the designated limits.

        * platform/cf/SharedBufferCF.cpp:
        (WebCore::SharedBuffer::SharedBuffer):

        Take a VNodeToken from the VNodeTracker when constructing the
        SharedBuffer from a CFDataRef as these usually use mmap.

        * platform/cocoa/VNodeTrackerCocoa.cpp: Added.
        (WebCore::VNodeTracker::platformInitialize):

        Get the system's vnode limit and uses 15% of that value as soft
        limit for the process and 20% of that value as hard limit.

2015-06-05  Dean Jackson  <dino@apple.com>

        Lingering checkbox animations when rapidly switching between views on WK1
        https://bugs.webkit.org/show_bug.cgi?id=145715
        <rdar://problem/17381121>

        Reviewed by Simon Fraser.

        On WK1, the NSView we use for NSButtonCells is parented in the ScrollView.
        Our checkbox and radiobutton animations cause AppKit to create a CALayer which
        is parented into that view. As we render the animations, we see the CALayer getting
        drawn also.

        The fix was to use an unparented layer on WK1 when drawing these controls, the same
        way WK2 does. This technique may apply to all controls, but restricting it
        to just the buttons at the moment is less risky.

        This only happens during the swap between a checked and non-checked state,
        and we have no way to test it :(

        * platform/mac/ThemeMac.h: New optional parameter to ensuredView.
        * platform/mac/ThemeMac.mm:
        (WebCore::paintToggleButton): If we're on Yosemite or highter, use an unparented view.
        (WebCore::ThemeMac::ensuredView): Return either a parented or unparented view.

2015-06-05  Matt Rajca  <mrajca@apple.com>

        MediaSessions should keep track of their participating media elements.
        https://bugs.webkit.org/show_bug.cgi?id=145703

        Reviewed by Eric Carlson.

        * Modules/mediasession/MediaSession.cpp:
        (WebCore::MediaSession::addMediaElement): Add the given media element to the media session.
        (WebCore::MediaSession::removeMediaElement): Remove the given media element from the media session.
        (WebCore::MediaSession::activeParticipatingElements): Dynamically build a vector of actively-playing media
          elements.
        * Modules/mediasession/MediaSession.h:
        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::~HTMLMediaElement): Ensure the element is removed from its media session.
        (WebCore::HTMLMediaElement::setSession): Update sessions' references to their media elements.

2015-06-05  Chris Dumez  <cdumez@apple.com>

        Regression(r176212): Broke app switching on iCloud.com
        https://bugs.webkit.org/show_bug.cgi?id=145708
        <rdar://problem/21235277>

        Reviewed by Simon Fraser.

        Roll out r176212 and follow-up fixes for now, to fix iCloud.com.
        We can reconsider later how to do this in a safer way.

        * bindings/js/JSCSSStyleDeclarationCustom.cpp:
        (WebCore::JSCSSStyleDeclaration::putDelegate): Deleted.
        (WebCore::JSCSSStyleDeclaration::getOwnPropertyNames): Deleted.
        * dom/Element.cpp:
        * dom/Element.h:
        * dom/ElementRareData.cpp:
        * dom/ElementRareData.h:
        (WebCore::ElementRareData::ElementRareData):
        (WebCore::ElementRareData::~ElementRareData): Deleted.
        * dom/Node.cpp:
        (WebCore::Node::materializeRareData):
        * html/HTMLCanvasElement.cpp:
        (WebCore::HTMLCanvasElement::notifyObserversCanvasChanged): Deleted.
        * page/DOMTimer.cpp:
        (WebCore::DOMTimerFireState::scriptMadeNonUserObservableChanges): Deleted.
        (WebCore::DOMTimerFireState::scriptMadeUserObservableChanges): Deleted.
        (WebCore::NestedTimersMap::instanceForContext): Deleted.
        (WebCore::DOMTimer::install): Deleted.
        (WebCore::DOMTimer::fired): Deleted.
        (WebCore::DOMTimer::alignedFireTime): Deleted.
        (WebCore::DOMTimer::activeDOMObjectName): Deleted.
        * page/DOMTimer.h:
        * page/FrameView.cpp:
        (WebCore::FrameView::reset): Deleted.
        (WebCore::FrameView::viewportContentsChanged): Deleted.
        (WebCore::FrameView::autoSizeIfEnabled): Deleted.
        * page/FrameView.h:

2015-06-05  Myles C. Maxfield  <mmaxfield@apple.com>

        [iOS] Emoji overlap preceeding lines
        https://bugs.webkit.org/show_bug.cgi?id=145678
        <rdar://problem/10684914>

        Reviewed by Enrica Casucci.

        In WebKit, we first lay out lines, and then we lay out text inside those lines. Text is vertically centered in
        its containing line. If the author has not specified a particular line-height, the height of a line comes from
        the font metrics for the primary font of the line.

        In iOS, we were specifically hardcoding the line height metric of Apple Color Emoji to be 0. This means that,
        if Apple Color Emoji is the primary font for a line, and an explicit line-height was not specified, the lines
        are laid out with 0 height. Then, when we vertically center the text inside the line, the top half of the text
        overlaps the preceeding line.

        I'm not sure exactly why were were hardcoding this value to 0, as it is surely wrong. I'm going to ask Enrica
        to review this patch; hopefully she knows the answer.

        Test: fast/text/emoji.html

        * platform/graphics/cocoa/FontCocoa.mm:
        (WebCore::Font::platformInit):

2015-06-05  Alex Christensen  <achristensen@webkit.org>

        [Web Timing] Use new SPI to enable data collection.
        https://bugs.webkit.org/show_bug.cgi?id=145650
        rdar://problem/21203358

        Reviewed by Chris Dumez.

        * platform/network/cf/ResourceHandleCFNet.cpp:
        (WebCore::ResourceHandle::createCFURLConnection):
        Gather web timing data on iOS.
        * platform/network/mac/ResourceHandleMac.mm:
        (WebCore::ResourceHandle::createNSURLConnection):
        (WebCore::ResourceHandle::setCollectsTimingData):
        Gather web timing data on Mac.

2015-06-05  Xabier Rodriguez Calvar  <calvaris@igalia.com> and Youenn Fablet <youenn.fablet@crf.canon.fr>

        [Streams API] ReadableStream should store callbacks as a Deque
        https://bugs.webkit.org/show_bug.cgi?id=145641

        Reviewed by Darin Adler.

        Covered by existing tests.

        * Modules/streams/ReadableStream.cpp:
        (WebCore::ReadableStream::resolveReadCallback): Use of Deque.takeFirst
        * Modules/streams/ReadableStream.h: Using Deque in lieu of Vector for storing callbacks.

2015-06-05  Mark Lam  <mark.lam@apple.com>

        finally blocks should not set the exception stack trace when re-throwing the exception.
        https://bugs.webkit.org/show_bug.cgi?id=145525

        Reviewed by Geoffrey Garen.

        Update to use the new JSC::Exception object.

        Test: inspector/debugger/break-on-exceptions.html

        * ForwardingHeaders/runtime/Exception.h: Added.
        * bindings/js/JSCallbackData.cpp:
        (WebCore::JSCallbackData::invokeCallback):
        * bindings/js/JSCustomXPathNSResolver.cpp:
        (WebCore::JSCustomXPathNSResolver::lookupNamespaceURI):
        * bindings/js/JSDOMBinding.cpp:
        (WebCore::jsArray):
        (WebCore::reportException):
        (WebCore::reportCurrentException):
        * bindings/js/JSDOMBinding.h:
        * bindings/js/JSErrorHandler.cpp:
        (WebCore::JSErrorHandler::handleEvent):
        * bindings/js/JSEventListener.cpp:
        (WebCore::JSEventListener::handleEvent):
        * bindings/js/JSMainThreadExecState.cpp:
        (WebCore::JSMainThreadExecState::didLeaveScriptContext):
        (WebCore::functionCallHandlerFromAnyThread):
        (WebCore::evaluateHandlerFromAnyThread):
        * bindings/js/JSMainThreadExecState.h:
        (WebCore::JSMainThreadExecState::currentState):
        (WebCore::JSMainThreadExecState::call):
        (WebCore::JSMainThreadExecState::evaluate):
        (WebCore::JSMainThreadExecState::runTask):

        * bindings/js/JSMediaDevicesCustom.cpp:
        (WebCore::JSMediaDevices::getUserMedia):
        - Fixed a bug where the exception was not cleared before entering the VM to
          call JS code.

        * bindings/js/JSMutationCallback.cpp:
        (WebCore::JSMutationCallback::call):
        * bindings/js/ReadableJSStream.cpp:
        (WebCore::getPropertyFromObject):
        (WebCore::callFunction):
        (WebCore::ReadableJSStream::Source::start):
        * bindings/js/ScheduledAction.cpp:
        (WebCore::ScheduledAction::executeFunctionInContext):
        * bindings/js/ScriptController.cpp:
        (WebCore::ScriptController::evaluateInWorld):
        * bindings/js/SerializedScriptValue.cpp:
        (WebCore::SerializedScriptValue::create):
        (WebCore::SerializedScriptValue::deserialize):
        * bindings/js/WorkerScriptController.cpp:
        (WebCore::WorkerScriptController::evaluate):
        (WebCore::WorkerScriptController::setException):
        (WebCore::WorkerScriptController::scheduleExecutionTermination):
        * bindings/js/WorkerScriptController.h:
        (WebCore::WorkerScriptController::workerGlobalScopeWrapper):
        * bindings/js/WorkerScriptDebugServer.cpp:
        (WebCore::WorkerScriptDebugServer::runEventLoopWhilePaused):
        (WebCore::WorkerScriptDebugServer::reportException):
        * bindings/js/WorkerScriptDebugServer.h:
        * bindings/objc/WebScriptObject.mm:
        (WebCore::createJSWrapper):
        (WebCore::addExceptionToConsole):
        (-[WebScriptObject callWebScriptMethod:withArguments:]):
        (-[WebScriptObject evaluateWebScript:]):
        - Changed to call a version of JSMainThreadExecState::evaluate() that provides
          a stub returnedException because evaluateWebScript: doesn't need the exception.

        * inspector/PageScriptDebugServer.cpp:
        (WebCore::PageScriptDebugServer::isContentScript):
        (WebCore::PageScriptDebugServer::reportException):
        * inspector/PageScriptDebugServer.h:
        * workers/WorkerGlobalScope.cpp:
        (WebCore::WorkerGlobalScope::importScripts):

2015-06-05  Eric Carlson  <eric.carlson@apple.com>

        Layout tests fullscreen/video-controls-drag.html and media/video-fullscreeen-only-controls.html
        fail on WK1 and WK2
        https://bugs.webkit.org/show_bug.cgi?id=145675

        Reviewed by Dean Jackson.

        No new tests, changes covered by existing tests.

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.updateControls): Use shouldHaveControls() to test if controls should
          be visible.
        (Controller.prototype.handleWrapperMouseMove): Don't return early when in fullscreen.
        (Controller.prototype.updateFullscreenButtons): Drive-by fix: always show the (exit) fullscreen
          button when in fullscreen.
          

2015-06-04  David Hyatt  <hyatt@apple.com>

        Underlines too close in vertical Chinese text.
        https://bugs.webkit.org/show_bug.cgi?id=145651
        <rdar://problem/11105920>

        Reviewed by Simon Fraser.

        Added fast/text/decorations-vertical-underline.html

        * style/InlineTextBoxStyle.cpp:
        (WebCore::computeUnderlineOffset):
        Make sure the to map text-underline-position: auto to under when a line has an ideographic baseline.

2015-06-05  Carlos Alberto Lopez Perez  <clopez@igalia.com>

        [GTK] [Wayland] The MiniBrowser crashes inside Weston.
        https://bugs.webkit.org/show_bug.cgi?id=145645

        Reviewed by Žan Doberšek.

        No new tests, no behavior changes.

        The issue was caused because we were not properly initializing the
        Wayland display, and we were returning a nullptr in PlatformDisplayWayland::create(),
        therefore a crash was happening on WebKit2/UIProcess/API/gtk/WebKitWebViewBase.cpp:1136
        <http://trac.webkit.org/browser/trunk/Source/WebKit2/UIProcess/API/gtk/WebKitWebViewBase.cpp?rev=185245#L1136>

        * platform/graphics/wayland/PlatformDisplayWayland.cpp:
        (WebCore::PlatformDisplayWayland::create): When connecting to the Wayland
        server socket we should use the default value (NULL). This allows the value
        to be overwritten at run-time by the environment variables WAYLAND_DISPLAY or
        WAYLAND_SOCKET that the Wayland compositor should define. Also add a couple
        of warnings to get information about what is going wrong when we fail to
        initialize the display instead of just crashing without giving more information.
        * platform/graphics/wayland/PlatformDisplayWayland.h:
        (WebCore::PlatformDisplayWayland::isInitialized): Not longer check for m_webkitgtk
        to signal that the display is ready because the UIProcess embedded Wayland
        subcompositer is still not implemented. Added a FIXME note about it.

2015-06-05  Dean Jackson  <dino@apple.com>

        [Mac] Popup focus is cut off
        https://bugs.webkit.org/show_bug.cgi?id=145688
        <rdar://problem/18313375>

        Reviewed by Brent Fulgham.

        Yosemite increased the width of focus rings, causing
        some ugly clipping on Yosemite. The solution was to
        not set a clip (which was code introduced for Leopard).

        Test: fast/forms/select-element-focus-ring.html

        * rendering/RenderThemeMac.mm:
        (WebCore::RenderThemeMac::paintMenuList): Don't clip on Yosemite.

2015-06-05  Manuel Rego Casasnovas  <rego@igalia.com>

        [CSS Grid Layout] Support dots sequences in grid-template-areas
        https://bugs.webkit.org/show_bug.cgi?id=145693

        Reviewed by Sergio Villar Senin.

        The CSS WG agreed to consider a sequence of "." characters a single null
        cell token for grid-template-areas. That way authors can match the
        number of dots to the width of the column.

        For more information see:
        https://lists.w3.org/Archives/Public/www-style/2015May/0175.html

        Added new test cases to check the new behavior.

        * css/CSSParser.cpp:
        (WebCore::containsOnlyDots): New helper function to check that the grid
        area name is composed by only dots.
        (WebCore::CSSParser::parseGridTemplateAreasRow): Use the new helper
        function to look for unnamed areas.

2015-06-04  Joonghun Park  <jh718.park@samsung.com>

        Purge PassRefPtr create() factory functions in WebCore/css
        https://bugs.webkit.org/show_bug.cgi?id=144905

        Reviewed by Darin Adler.

        Return Ref instead of PassRefPtr in create() factory functions in css,
        because the factory can't return null.

        No new tests, no new behaviours.

        * css/BasicShapeFunctions.cpp:
        (WebCore::valueForCenterCoordinate):
        (WebCore::basicShapeRadiusToCSSValue):
        (WebCore::valueForBasicShape):
        * css/BasicShapeFunctions.h:
        * css/CSSBasicShapes.h:
        * css/CSSCalculationValue.cpp:
        (WebCore::createCSS):
        (WebCore::CSSCalcValue::create):
        * css/CSSCalculationValue.h:
        * css/CSSCharsetRule.h:
        * css/CSSComputedStyleDeclaration.cpp:
        (WebCore::valueForNinePieceImageSlice):
        (WebCore::valueForNinePieceImageQuad):
        (WebCore::zoomAdjustedPixelValue):
        (WebCore::zoomAdjustedNumberValue):
        (WebCore::zoomAdjustedPixelValueForLength):
        (WebCore::valueForReflection):
        (WebCore::createPositionListForLayer):
        (WebCore::positionOffsetValue):
        (WebCore::percentageOrZoomAdjustedValue):
        (WebCore::autoOrZoomAdjustedValue):
        (WebCore::getBorderRadiusCornerValues):
        (WebCore::getBorderRadiusCornerValue):
        (WebCore::getBorderRadiusShorthandValue):
        (WebCore::matrixTransformValue):
        (WebCore::computedTransform):
        (WebCore::adjustLengthForZoom):
        (WebCore::ComputedStyleExtractor::valueForShadow):
        (WebCore::ComputedStyleExtractor::valueForFilter):
        (WebCore::specifiedValueForGridTrackBreadth):
        (WebCore::specifiedValueForGridTrackSize):
        (WebCore::valueForGridTrackList):
        (WebCore::scrollSnapDestination):
        (WebCore::scrollSnapPoints):
        (WebCore::scrollSnapCoordinates):
        (WebCore::createAnimationTriggerValue):
        (WebCore::getAnimationTriggerValue):
        (WebCore::ComputedStyleExtractor::getFontSizeCSSValuePreferringKeyword):
        (WebCore::fillSizeToCSSValue):
        (WebCore::lineHeightFromStyle):
        (WebCore::fontSizeFromStyle):
        (WebCore::zoomAdjustedPaddingOrMarginPixelValue):
        (WebCore::shapePropertyValue):
        (WebCore::ComputedStyleExtractor::propertyValue):
        * css/CSSComputedStyleDeclaration.h:
        * css/CSSFontFace.h:
        (WebCore::CSSFontFace::create):
        * css/CSSFontFaceLoadEvent.h:
        * css/CSSFontFaceRule.h:
        * css/CSSGrammar.y.in:
        * css/CSSGridLineNamesValue.cpp:
        (WebCore::CSSGridLineNamesValue::cloneForCSSOM):
        * css/CSSGridLineNamesValue.h:
        (WebCore::CSSGridLineNamesValue::create):
        * css/CSSImportRule.h:
        * css/CSSKeyframeRule.h:
        (WebCore::StyleKeyframe::create):
        * css/CSSKeyframesRule.h:
        * css/CSSMediaRule.h:
        * css/CSSPageRule.h:
        * css/CSSParser.cpp:
        (WebCore::CSSParser::parseGridLineNames):
        (WebCore::CSSParser::parseDashboardRegions):
        (WebCore::CSSParser::parseClipShape):
        (WebCore::CSSParser::parseBasicShape):
        (WebCore::BorderImageSliceParseContext::commitBorderImageSlice):
        (WebCore::BorderImageQuadParseContext::commitBorderImageQuad):
        * css/CSSParser.h:
        (WebCore::CSSParser::ValueWithCalculation::calculation):
        * css/CSSPrimitiveValue.cpp:
        (WebCore::CSSPrimitiveValue::CSSPrimitiveValue):
        (WebCore::CSSPrimitiveValue::init):
        (WebCore::CSSPrimitiveValue::cloneForCSSOM):
        * css/CSSPrimitiveValue.h:
        (WebCore::CSSPrimitiveValue::create):
        (WebCore::CSSPrimitiveValue::CSSPrimitiveValue):
        * css/CSSPropertySourceData.h:
        (WebCore::CSSStyleSourceData::create):
        (WebCore::CSSRuleSourceData::create):
        (WebCore::CSSRuleSourceData::createUnknown):
        * css/CSSRuleList.h:
        * css/CSSSegmentedFontFace.h:
        (WebCore::CSSSegmentedFontFace::create):
        * css/CSSSelector.cpp:
        (WebCore::CSSSelector::createRareData):
        * css/CSSSelector.h:
        (WebCore::CSSSelector::RareData::create):
        * css/CSSStyleRule.h:
        * css/CSSSupportsRule.h:
        * css/CSSValuePool.h:
        (WebCore::CSSValuePool::createValue):
        * css/FontLoader.cpp:
        (WebCore::LoadFontCallback::create):
        * css/LengthRepeat.h:
        (WebCore::LengthRepeat::create):
        (WebCore::LengthRepeat::cloneForCSSOM):
        * css/MediaList.h:
        (WebCore::MediaQuerySet::create):
        (WebCore::MediaQuerySet::createAllowingDescriptionSyntax):
        (WebCore::MediaList::create):
        * css/MediaQueryList.cpp:
        (WebCore::MediaQueryList::create):
        * css/MediaQueryList.h:
        * css/MediaQueryMatcher.h:
        (WebCore::MediaQueryMatcher::create):
        * css/Pair.h:
        (WebCore::Pair::create):
        * css/Rect.h:
        (WebCore::Rect::create):
        (WebCore::Rect::cloneForCSSOM):
        (WebCore::Quad::create):
        (WebCore::Quad::cloneForCSSOM):
        * css/SVGCSSComputedStyleDeclaration.cpp:
        (WebCore::paintOrder):
        (WebCore::ComputedStyleExtractor::svgPropertyValue):
        * css/StyleMedia.h:
        (WebCore::StyleMedia::create):
        * css/StyleResolver.cpp:
        (WebCore::StyleResolver::keyframeStylesForAnimation):
        * css/StyleSheetList.h:
        (WebCore::StyleSheetList::create):
        * css/ViewportStyleResolver.h:
        (WebCore::ViewportStyleResolver::create):
        * css/WebKitCSSMatrix.h:
        * css/WebKitCSSRegionRule.h:
        * css/WebKitCSSViewportRule.h:
        * page/animation/CSSPropertyAnimation.cpp:
        (WebCore::blendFilter):
        * rendering/style/RenderStyle.h:
        (WebCore::adjustFloatForAbsoluteZoom):
        * rendering/style/StyleInheritedData.h:

2015-06-04  Benjamin Poulain  <bpoulain@apple.com>

        The last 2 merged DFAs are not minimized by DFACombiner

        * contentextensions/DFACombiner.cpp:
        (WebCore::ContentExtensions::DFACombiner::combineDFAs):
        I introduced a bug when I made minimization conditional: the last merge
        does not minimize if we do not reach the minimum size.

2015-06-04  Brent Fulgham  <bfulgham@apple.com>

        Latching algorithm in findEnclosingOverflowScroll is broken
        https://bugs.webkit.org/show_bug.cgi?id=145642
        <rdar://problem/21242308>

        Reviewed by Simon Fraser.

        Test: platform/mac-wk2/tiled-drawing/scrolling/iframe_in_iframe.html

        * page/mac/EventHandlerMac.mm:
        (WebCore::scrollableAreaForBox): Added helper function.
        (WebCore::findEnclosingScrollableContainer): Renamed from findEnclosingOverflowScroll.
        Only identify something as our scroll element if it can be scrolled in either
        axis of the gesture's motion.
        (WebCore::scrollableAreaForContainerNode): Use new helper function.
        (WebCore::EventHandler::platformPrepareForWheelEvents): Use new function
        name, and pass horizontal and vertical deltas.
        (WebCore::findEnclosingOverflowScroll): Deleted.

2015-06-04  Gyuyoung Kim  <gyuyoung.kim@webkit.org>

        REGRESSION(r185091): Crash happens on indexdb tests
        https://bugs.webkit.org/show_bug.cgi?id=145549

        Reviewed by Darin Adler.

        * Modules/indexeddb/IDBDatabaseError.h:
        (WebCore::IDBDatabaseError::create): Revert Ref usage of IDBDatabaseError::create().

2015-06-04  Simon Fraser  <simon.fraser@apple.com>

        Crash in EventDispatcher::dispatchEvent entering a location on Google Maps
        https://bugs.webkit.org/show_bug.cgi?id=145677
        rdar://problem/20698280

        Reviewed by Dean Jackson.

        If a transition is running on a pseudo-element, and the host element is removed
        from the DOM just as the transition ends, and there is a transition event listener,
        then we'd crash with a null dereference in event dispatch code.
        
        AnimationController tries to clean up running animations when renderers are destroyed,
        but omitted to remove the element from two vectors that store element references.
        Elements are only added to these vectors briefly on animation end, before firing
        events, but failure to remove the vector entries could result in attempting
        to fire an event on a pseudo-element with no host element.
        
        Also convert EventDispatcher code to be more robust to potentially null event
        targets, since it's not clear that eventTargetRespectingTargetRules() can always
        manage to return a non-null node.
        
        Hard to make a test because this is timing sensitive.

        * dom/EventDispatcher.cpp:
        (WebCore::eventTargetRespectingTargetRules):
        (WebCore::EventDispatcher::dispatchScopedEvent):
        (WebCore::EventDispatcher::dispatchEvent):
        (WebCore::EventPath::EventPath):
        * page/animation/AnimationController.cpp:
        (WebCore::AnimationControllerPrivate::clear):

2015-06-04  Hunseop Jeong  <hs85.jeong@samsung.com>

        Replace 0 with nullptr in WebCore/Page.
        https://bugs.webkit.org/show_bug.cgi?id=145631

        Reviewed by Darin Adler.

        No new tests, no behavior changes.

        * page/AutoscrollController.cpp:
        (WebCore::AutoscrollController::AutoscrollController):
        (WebCore::AutoscrollController::stopAutoscrollTimer):
        * page/ContentSecurityPolicy.cpp:
        (WebCore::CSPSourceList::parseSource):
        * page/ContentSecurityPolicy.h:
        * page/ContextMenuController.cpp:
        (WebCore::ContextMenuController::clearContextMenu):
        * page/DOMSelection.cpp:
        (WebCore::DOMSelection::clearTreeScope):
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::resetDOMWindowProperties):
        (WebCore::DOMWindow::localStorage):
        (WebCore::DOMWindow::focus):
        * page/DOMWindow.h:
        * page/DOMWindowExtension.cpp:
        (WebCore::DOMWindowExtension::reconnectFrameFromPageCache):
        (WebCore::DOMWindowExtension::willDestroyGlobalObjectInCachedFrame):
        * page/DOMWindowProperty.cpp:
        (WebCore::DOMWindowProperty::DOMWindowProperty):
        (WebCore::DOMWindowProperty::~DOMWindowProperty):
        (WebCore::DOMWindowProperty::disconnectFrameForPageCache):
        (WebCore::DOMWindowProperty::willDestroyGlobalObjectInCachedFrame):
        (WebCore::DOMWindowProperty::willDestroyGlobalObjectInFrame):
        * page/DragController.cpp:
        (WebCore::DragController::dragEnded):
        (WebCore::DragController::performDragOperation):
        (WebCore::DragController::tryDocumentDrag):
        (WebCore::DragController::concludeEditDrag):
        (WebCore::DragController::startDrag):
        * page/EventHandler.cpp:
        (WebCore::EventHandler::EventHandler):
        (WebCore::EventHandler::resizeLayerDestroyed):
        (WebCore::EventHandler::freeDataTransfer):
        (WebCore::EventHandler::dragSourceEndedAt):
        (WebCore::EventHandler::handleDrag):
        * page/EventHandler.h:
        * page/FocusController.cpp:
        (WebCore::FocusController::advanceFocusInDocumentOrder):
        * page/Frame.cpp:
        (WebCore::Frame::~Frame):
        (WebCore::Frame::searchForLabelsBeforeElement):
        (WebCore::Frame::willDetachPage):
        (WebCore::Frame::createView):
        * page/Frame.h:
        (WebCore::Frame::detachFromPage):
        * page/FrameDestructionObserver.cpp:
        (WebCore::FrameDestructionObserver::FrameDestructionObserver):
        (WebCore::FrameDestructionObserver::~FrameDestructionObserver):
        (WebCore::FrameDestructionObserver::frameDestroyed):
        * page/FrameTree.cpp:
        (WebCore::FrameTree::~FrameTree):
        (WebCore::FrameTree::removeChild):
        * page/FrameTree.h:
        (WebCore::FrameTree::FrameTree):
        (WebCore::FrameTree::detachFromParent):
        * page/History.cpp:
        (WebCore::History::History):
        * page/Page.cpp:
        (WebCore::Page::Page):
        (WebCore::Page::~Page):
        (WebCore::Page::findStringMatchingRanges):
        * page/PageGroup.cpp:
        * page/Performance.cpp:
        (WebCore::Performance::Performance):
        * page/PointerLockController.cpp:
        (WebCore::PointerLockController::didLosePointerLock):
        (WebCore::PointerLockController::clearElement):
        * page/SecurityOrigin.h:
        (WebCore::SecurityOrigin::canAccessDatabase):
        * page/Settings.cpp:
        (WebCore::Settings::Settings):
        * page/SpatialNavigation.cpp:
        (WebCore::FocusCandidate::FocusCandidate):
        * page/SpatialNavigation.h:
        (WebCore::FocusCandidate::FocusCandidate):
        * page/scrolling/ScrollingTreeNode.cpp:
        (WebCore::ScrollingTreeNode::ScrollingTreeNode):
        * page/scrolling/coordinatedgraphics/ScrollingCoordinatorCoordinatedGraphics.cpp:
        (WebCore::ScrollingCoordinatorCoordinatedGraphics::willDestroyScrollableArea):

2015-06-04  Benjamin Poulain  <bpoulain@apple.com>

        Combine tiny DFAs into slightly larger ones
        https://bugs.webkit.org/show_bug.cgi?id=145572

        Reviewed by Alex Christensen.

        This patch changes the ContentExtensions compiler to combine tiny DFA
        until they reach a minimum size.

        The main tool introduced here is DFAMerger. It combines 2 DFAs into
        a single DFA that represent the union of the two machines.
        That is done by a simple subset construction on the "name" of the nodes
        in each DFAs.

        Since we only merge 2 machines, and they are both deterministic, we know that
        we can only be in one state of each machine, or a state in one machine without
        equivalent in the other machine.
        We exploit that to identify the mapping between nodes. To identify a node in
        the new machine from nodes in the original machines, we just concatenate the node
        IDs into a single 64 bits number. If there is no node in one of the machine, we
        use a special tag.

        The current algorithm does not have any subgraph pruning, machines grow very very
        quickly. Because of that, we only merge very small DFAs at the moment.

        Test: http/tests/contentextensions/filters-with-quantifiers-combined.html

        * WebCore.xcodeproj/project.pbxproj:
        * contentextensions/ContentExtensionCompiler.cpp:
        (WebCore::ContentExtensions::compileRuleList):
        * contentextensions/ContentExtensionsDebugging.h:
        * contentextensions/DFA.cpp:
        (WebCore::ContentExtensions::DFA::graphSize):
        (WebCore::ContentExtensions::DFA::debugPrintDot):
        * contentextensions/DFA.h:
        * contentextensions/DFACombiner.cpp: Added.
        (WebCore::ContentExtensions::DFAMerger::DFAMerger):
        (WebCore::ContentExtensions::DFAMerger::merge):
        (WebCore::ContentExtensions::DFAMerger::signatureForIndices):
        (WebCore::ContentExtensions::DFAMerger::extractIndexA):
        (WebCore::ContentExtensions::DFAMerger::extractIndexB):
        (WebCore::ContentExtensions::DFAMerger::getOrCreateCombinedNode):
        (WebCore::ContentExtensions::DFAMerger::setHalfSignature):
        (WebCore::ContentExtensions::DFAMerger::populateTransitions):
        (WebCore::ContentExtensions::DFAMerger::populateFromFallbackTransitions):
        (WebCore::ContentExtensions::DFAMerger::createTransitions):
        (WebCore::ContentExtensions::DFAMerger::createFallbackTransitionIfNeeded):
        (WebCore::ContentExtensions::DFACombiner::combineDFAs):
        * contentextensions/DFACombiner.h: Copied from Source/WebCore/contentextensions/DFA.h.
        (WebCore::ContentExtensions::DFACombiner::addDFA):

2015-06-04  Matt Rajca  <mrajca@apple.com>

        Rename MediaSessionManager to PlatformMediaSessionManager for consistency with PlatformMediaSession.
        https://bugs.webkit.org/show_bug.cgi?id=145648

        Reviewed by Eric Carlson.

        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * WebCore.xcodeproj/project.pbxproj:
        * html/HTMLMediaElement.cpp:
        * html/MediaElementSession.cpp:
        (WebCore::MediaElementSession::effectivePreloadForElement):
        (WebCore::MediaElementSession::requiresFullscreenForVideoPlayback):
        * platform/audio/PlatformMediaSession.cpp:
        (WebCore::PlatformMediaSession::PlatformMediaSession):
        (WebCore::PlatformMediaSession::~PlatformMediaSession):
        (WebCore::PlatformMediaSession::clientWillBeginPlayback):
        (WebCore::PlatformMediaSession::clientWillPausePlayback):
        (WebCore::PlatformMediaSession::clientDataBufferingTimerFired):
        (WebCore::PlatformMediaSession::updateClientDataBuffering):
        * platform/audio/PlatformMediaSessionManager.cpp: Renamed from Source/WebCore/platform/audio/MediaSessionManager.cpp.
        (WebCore::PlatformMediaSessionManager::sharedManager):
        (WebCore::PlatformMediaSessionManager::PlatformMediaSessionManager):
        (WebCore::PlatformMediaSessionManager::resetRestrictions):
        (WebCore::PlatformMediaSessionManager::has):
        (WebCore::PlatformMediaSessionManager::activeAudioSessionRequired):
        (WebCore::PlatformMediaSessionManager::count):
        (WebCore::PlatformMediaSessionManager::beginInterruption):
        (WebCore::PlatformMediaSessionManager::endInterruption):
        (WebCore::PlatformMediaSessionManager::addSession):
        (WebCore::PlatformMediaSessionManager::removeSession):
        (WebCore::PlatformMediaSessionManager::addRestriction):
        (WebCore::PlatformMediaSessionManager::removeRestriction):
        (WebCore::PlatformMediaSessionManager::restrictions):
        (WebCore::PlatformMediaSessionManager::sessionWillBeginPlayback):
        (WebCore::PlatformMediaSessionManager::sessionWillEndPlayback):
        (WebCore::PlatformMediaSessionManager::setCurrentSession):
        (WebCore::PlatformMediaSessionManager::currentSession):
        (WebCore::PlatformMediaSessionManager::sessionRestrictsInlineVideoPlayback):
        (WebCore::PlatformMediaSessionManager::sessionCanLoadMedia):
        (WebCore::PlatformMediaSessionManager::applicationWillEnterBackground):
        (WebCore::PlatformMediaSessionManager::applicationWillEnterForeground):
        (WebCore::PlatformMediaSessionManager::updateSessionState):
        (WebCore::PlatformMediaSessionManager::didReceiveRemoteControlCommand):
        (WebCore::PlatformMediaSessionManager::systemWillSleep):
        (WebCore::PlatformMediaSessionManager::systemDidWake):
        (WebCore::PlatformMediaSessionManager::audioOutputDeviceChanged):
        * platform/audio/PlatformMediaSessionManager.h: Renamed from Source/WebCore/platform/audio/MediaSessionManager.h.
        (WebCore::PlatformMediaSessionManager::~PlatformMediaSessionManager):
        (WebCore::PlatformMediaSessionManager::configureWireLessTargetMonitoring):
        (WebCore::PlatformMediaSessionManager::hasWirelessTargetsAvailable):
        (WebCore::PlatformMediaSessionManager::sessions):
        * platform/audio/mac/AudioDestinationMac.cpp:
        * platform/audio/mac/MediaSessionManagerMac.cpp:
        (PlatformMediaSessionManager::updateSessionState):
        (MediaSessionManager::updateSessionState): Deleted.
        * testing/Internals.cpp:

2015-06-04  Eric Carlson  <eric.carlson@apple.com>

        [Mac] Don't show default controls after playing to wireless target, again
        https://bugs.webkit.org/show_bug.cgi?id=145620
        <rdar://problem/21145806>

        Reviewed by Dean Jackson.

        Follow up to fix two tests broken by r185207.

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.updateControls): Always show controls when the video element
          is the fullscreen element because custom controls aren't possible.

2015-06-04  Myles C. Maxfield  <mmaxfield@apple.com>

        [Cocoa] Add ASSERT to FontPlatformData::ctFont()
        https://bugs.webkit.org/show_bug.cgi?id=145659

        Reviewed by Dean Jackson.

        The new ASSERT needs to be guarded with CORETEXT_WEB_FONTS, which is defined in FontCustomPlatformData.h,
        and is not accessible to FontPlatformData. Therefore, I've moved the definition into TextFlags.h, which
        both files include.

        No new tests because there is no behavior change.

        * platform/graphics/cocoa/FontPlatformDataCocoa.mm:
        (WebCore::FontPlatformData::ctFont): Add the ASSERT.
        * platform/graphics/mac/FontCustomPlatformData.h: Move the CORETEXT_WEB_FONTS preprocessor
        macro from here ...
        * platform/text/TextFlags.h: ... to here.

2015-06-04  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r185208.
        https://bugs.webkit.org/show_bug.cgi?id=145655

        platform/mac-wk2/tiled-drawing/scrolling/fast-scroll-iframe-
        latched-select.html (Requested by shallawa on #webkit).

        Reverted changeset:

        "Latching algorithm in findEnclosingOverflowScroll is broken"
        https://bugs.webkit.org/show_bug.cgi?id=145642
        http://trac.webkit.org/changeset/185208

2015-06-04  Myles C. Maxfield  <mmaxfield@apple.com>

        [Cocoa] Remove unnecessary code from FontPlatformData::ctFont()
        https://bugs.webkit.org/show_bug.cgi?id=145652

        Hoefler Text Italic no longer has initial and final swashes by default, so there
        is no reason to explicitly disable them.

        Reviewed by Andreas Kling.

        No new tests because there is no behavior change.

        * platform/graphics/cocoa/FontPlatformDataCocoa.mm:
        (WebCore::FontPlatformData::ctFont):
        (WebCore::createFeatureSettingDictionary): Deleted.
        (WebCore::cascadeToLastResortAndDisableSwashesFontDescriptor): Deleted.

2015-06-04  Brent Fulgham  <bfulgham@apple.com>

        Latching algorithm in findEnclosingOverflowScroll is broken
        https://bugs.webkit.org/show_bug.cgi?id=145642
        <rdar://problem/21242308>

        Reviewed by Simon Fraser.

        Test: platform/mac-wk2/tiled-drawing/scrolling/iframe_in_iframe.html

        * page/mac/EventHandlerMac.mm:
        (WebCore::findEnclosingOverflowScrollForDominantDirection): Renamed from
        'findEnclosingOverflowScroll'. Only identify element as our overflow
        scroll element if it can be scrolled in either axis of the gesture's
        motion.
        (WebCore::scrolledToEdgeInDominantDirection): Renamed.
        (WebCore::EventHandler::platformPrepareForWheelEvents): Use new function
        name, and pass horizontal and vertical deltas.
        (WebCore::findEnclosingOverflowScroll): Deleted.

2015-06-04  Eric Carlson  <eric.carlson@apple.com>

        [Mac] Don't show default controls after playing to wireless target, again
        https://bugs.webkit.org/show_bug.cgi?id=145620
        <rdar://problem/21145806>

        Reviewed by Dean Jackson.

        * Modules/mediacontrols/mediaControlsApple.js:
        (Controller.prototype.updateControls): Show or hide the panel as appropriate.
        (Controller.prototype.handleWrapperMouseMove): Early return if !video.controls.
        (Controller.prototype.addControls): Call updateControls instead of this.setNeedsTimelineMetricsUpdate
          so all needed setup is done.
        (Controller.prototype.resetHideControlsTimer): Only start the hide timer if playing.

2015-06-04  Chris Dumez  <cdumez@apple.com>

        [WK2] Prune more resources from the MemoryCache before process suspension
        https://bugs.webkit.org/show_bug.cgi?id=145633

        Reviewed by Andreas Kling.

        Prune more resources from the MemoryCache before process suspension or
        on simulated memory warning by doing a synchronous JS garbage collection
        and sweep *before* pruning dead resources from the memory cache.
        Previously, we would do the garbage collection after pruning the
        MemoryCache which meant that a lot of resources became dead after we
        tried to prune them.

        At the end a basic browsing on apple.com, we are able to remove ~17%
        more resources from the MemoryCache on simulated memory warning with this
        change.

        Pruning as much as we can from the memory cache on critical memory
        pressure or before process suspension is not only useful to free up
        memory but also to make room in the vnode table as a lot of
        CachedResources are mmmap'd from the network disk cache.

        * platform/MemoryPressureHandler.cpp:
        (WebCore::MemoryPressureHandler::MemoryPressureHandler):
        (WebCore::MemoryPressureHandler::releaseCriticalMemory):

        - Pass 'synchronous' argument so that we know if we need to do a
          synchronous JS garbage collection.
        - Move here code from in the Cocoa handler that is doing a JS garbage
          collection as well as a sweep, and make this code cross-platform.
          This code used to be iOS specific but I see no reason we shouldn't
          do this on Mac.

        (WebCore::MemoryPressureHandler::releaseMemory):
        * platform/MemoryPressureHandler.h:

        Use enum class arguments for critical / synchronous. The 'synchronous'
        argument is new so that the call site can let us know if memory needs
        to be freed synchronously (e.g. in case of imminent process suspension).

        * platform/cocoa/MemoryPressureHandlerCocoa.mm:
        (WebCore::MemoryPressureHandler::platformReleaseMemory):

        Remove iOS-specific code that was doing a JS garbage collection and
        sweep as this code is now in the generic memory pressure handler.

        (WebCore::MemoryPressureHandler::install):

        On simulated memory pressure, set 'synchronous' argument to Yes so that
        a synchronous GC is done by the generic memory pressure handler. This
        way, we no longer need to do a sync GC after calling the memory pressure
        handler. This avoids code duplication and makes sure the GC is done
        before pruning the memory cache.


2015-06-04  Myles C. Maxfield  <mmaxfield@apple.com>

        [Cocoa] Clean up m_isEmoji in FontPlatformData
        https://bugs.webkit.org/show_bug.cgi?id=145644

        Reviewed by Andreas Kling.

        m_isEmoji used to be a public member variable only defined on iOS. This
        means that, whenever it was consulted, the sites were surrounded by
        PLATFORM(IOS) guards. A cleaner design is to use a getter and setter,
        which on non-iOS platforms, always return false / do nothing. Then, the
        use sites can just use these functions without having ugly guards.

        No new tests because there is no behavior change.

        * platform/graphics/FontPlatformData.h:
        (WebCore::FontPlatformData::hash): Simplify isEmoji use site.
        (WebCore::FontPlatformData::isEmoji): Getter. Returns false on Mac.
        (WebCore::FontPlatformData::setIsEmoji): Setter. Does nothing on Mac.
        * platform/graphics/cocoa/FontCascadeCocoa.mm:
        (WebCore::pointAdjustedForEmoji): Simplify isEmoji use site.
        (WebCore::FontCascade::drawGlyphs): Ditto.
        * platform/graphics/cocoa/FontCocoa.mm:
        (WebCore::Font::platformInit): Ditto.
        (WebCore::canUseFastGlyphAdvanceGetter): Ditto.
        (WebCore::isEmoji): Deleted.
        * platform/graphics/cocoa/FontPlatformDataCocoa.mm:
        (WebCore::FontPlatformData::platformDataInit): Simplify isEmoji use
        site.
        (WebCore::FontPlatformData::platformDataAssign): Ditto.
        (WebCore::FontPlatformData::platformIsEqual): Ditto.
        (WebCore::FontPlatformData::ctFontSize): Ditto.
        * platform/graphics/ios/FontCacheIOS.mm:
        (WebCore::FontCache::getSystemFontFallbackForCharacters): Ditto.
        (WebCore::FontCache::createFontPlatformData): Ditto.
        * platform/graphics/mac/ComplexTextController.cpp:
        (WebCore::ComplexTextController::adjustGlyphsAndAdvances): Ditto.

2015-06-03  Brent Fulgham  <bfulgham@apple.com>

        REGRESSION (r181879): Scrolling order on pages with focused iframe is broken.
        https://bugs.webkit.org/show_bug.cgi?id=145637
        <rdar://problem/20635581>

        Reviewed by Zalan Bujtas.

        Test: platform/mac-wk2/tiled-drawing/scrolling/iframe_in_iframe.html

        This page revealed a bug in our RenderBox code caused by the mismatch between
        our scrolling units, which are all integrally snapped, with our client height
        and widths, which are not snapped at all. 
        
        In certain cases, the client height would have a small subpixel difference compared
        to the scroll height, which would cause WebKit to believe it was scrollable. When
        this happened, it would get stuck latched to this element and block scrolling events. 

        * page/Frame.cpp:
        (WebCore::Frame::scrollOverflowLayer): Use roundToInt for clientWidth and clientHeight,
        rather than integer truncation.
        * rendering/RenderBox.cpp:
        (WebCore::RenderBox::canBeScrolledAndHasScrollableArea): Need to round clientWidth
        and clientHeight to compare with scrollWidth/scrollHeight.
        * rendering/RenderBox.h:
        (WebCore::RenderBox::hasScrollableOverflowX): Ditto.
        (WebCore::RenderBox::hasScrollableOverflowY): Ditto.
        * rendering/RenderMarquee.cpp:
        (WebCore::RenderMarquee::computePosition): Use roundToInt for clientWidth and
        clientHeight, rather than integer truncation.

2015-06-04  Myles C. Maxfield  <mmaxfield@apple.com>

        [Cocoa] Clean up m_font inside FontPlatformData
        https://bugs.webkit.org/show_bug.cgi?id=145634

        Reviewed by Andreas Kling.

        FontPlatformDatas are used as keys in a HashMap. This means that they need
        to be able to represent a "deleted" value. Previously, this "deleted" value
        was represented as setting the pointer value of m_font to -1, and guarding
        all uses of m_font to make sure it wasn't -1 before dereferencing it.

        This patch simplifies FontPlatformData to represent a "deleted" value using
        a separate boolean member variable. This class is already big enough that
        the increased space is negligable (the class already contains two CoreText
        fonts in addition to a CoreGraphics font). Because of this simplification,
        m_font can now be a RetainPtr, instead of being manually retained and
        released.

        There is still a long way to go before FontPlatformData is acceptably
        clean and understandable. This patch improves one aspect of it, and more
        improvements will eventually follow.

        No new tests because there is no behavior change.

        * platform/graphics/FontCache.cpp: Remove unused variable.
        * platform/graphics/FontPlatformData.cpp:
        (WebCore::FontPlatformData::FontPlatformData): Clean up all the PLATFORM
        macros in favor of a single bool. Also, update to include new state.
        (WebCore::FontPlatformData::operator=): Update to include new state.
        * platform/graphics/FontPlatformData.h:
        (WebCore::FontPlatformData::font): Update to account for RetainPtr.
        (WebCore::FontPlatformData::nsFont): Ditto.
        (WebCore::FontPlatformData::setNSFont): Ditto.
        (WebCore::FontPlatformData::hash): Update to include new state.
        (WebCore::FontPlatformData::operator==): Ditto.
        (WebCore::FontPlatformData::isHashTableDeletedValue): Use new state.
        (WebCore::FontPlatformData::hashTableDeletedFontValue): Deleted.
        (WebCore::FontPlatformData::isValidCTFontRef): Deleted.
        * platform/graphics/cocoa/FontPlatformDataCocoa.mm:
        (WebCore::FontPlatformData::platformDataInit): No need for manual retain
        and release.
        (WebCore::FontPlatformData::platformDataAssign): Ditto.
        (WebCore::FontPlatformData::platformIsEqual): Update to account for
        RetanPtr.
        (WebCore::FontPlatformData::setFont): No need for manual retain and
        release.
        (WebCore::FontPlatformData::FontPlatformData): Deleted.
        (WebCore::FontPlatformData::~FontPlatformData): Deleted.
        * platform/graphics/win/FontPlatformDataCairoWin.cpp:
        (WebCore::FontPlatformData::~FontPlatformData): m_scaledFont is always
        valid.
        (WebCore::FontPlatformData::platformDataAssign): Ditto.

2015-06-03  Carlos Alberto Lopez Perez  <clopez@igalia.com>

        [GTK] [Wayland] Build is broken on trunk
        https://bugs.webkit.org/show_bug.cgi?id=142879

        Reviewed by Carlos Garcia Campos.

        No new tests, no behavior changes.

        Patch on GLContext.h picked from bug 136831 by
        Iago Toral <itoral@igalia.com> and Zan Dobersek <zdobersek@igalia.com>

        * platform/graphics/GLContext.h: Include wayland-egl.h before eglplatform.h
        to use the Wayland platform when building for Wayland.
        * platform/graphics/PlatformDisplay.cpp: Fix the include of GDK
        headers for the different targets.
        * platform/graphics/wayland/WaylandSurface.cpp: Fix build after r183731.
        (WebCore::WaylandSurface::~WaylandSurface):

2015-06-04  Xabier Rodriguez Calvar  <calvaris@igalia.com> and Youenn Fablet <youenn.fablet@crf.canon.fr>

        [Streams API] Implement ReadableStreamController enqueue
        https://bugs.webkit.org/show_bug.cgi?id=145210

        Reviewed by Darin Adler.

        Added possibility to enqueue any JSValue within ReadableJSStream.
        They are stored in a Vector of strongified JSValue.

        Added support for streams that contain data but are asked to close.
        This is done through m_closeRequested boolean and splitting actual closing of the stream from changeStateToClosed().

        Chunk size and backpressure mechanism is not yet implemented.
        Neither is pulling once enqueued data is processed.

        Covered by rebased tests.

        * Modules/streams/ReadableStream.cpp:
        (WebCore::ReadableStream::changeStateToClosed): Split method with newly added close().
        (WebCore::ReadableStream::close): Does the actual closing of stream once stream has no more values.
        (WebCore::ReadableStream::read): Close the stream when stream is emptied and close is requested.
        (WebCore::ReadableStream::resolveReadCallback): Added to enable ReadableJSStream to resolve read callbacks immediatly at enqueue time.
        * Modules/streams/ReadableStream.h:
        (WebCore::ReadableStream::isErrored): Getter added for the custom binding code.
        (WebCore::ReadableStream::isCloseRequested): Ditto.
        * bindings/js/JSReadableStreamControllerCustom.cpp:
        (WebCore::JSReadableStreamController::enqueue): binding code for enqueue, taking care of raising exception if readable stream cannot enqueue.
        * bindings/js/ReadableJSStream.cpp:
        (WebCore::ReadableJSStream::hasValue):
        (WebCore::ReadableJSStream::read):
        (WebCore::ReadableJSStream::enqueue):
        * bindings/js/ReadableJSStream.h:

2015-06-04  Xabier Rodriguez Calvar  <calvaris@igalia.com> and Youenn Fablet <youenn.fablet@crf.canon.fr>

        [Streams API] ReadableJSStream does not need a ReadableStreamSource
        https://bugs.webkit.org/show_bug.cgi?id=145601

        Reviewed by Darin Adler.

        Covered by existing tests.

        * Modules/streams/ReadableStream.cpp:
        (WebCore::ReadableStream::ReadableStream): Remoed m_source.
        * Modules/streams/ReadableStream.h: Ditto
        * Modules/streams/ReadableStreamSource.h: Deleted.
        * WebCore.vcxproj/WebCore.vcxproj: Removing Modules/streams/ReadableStreamSource.h.
        * WebCore.vcxproj/WebCore.vcxproj.filters: Ditto.
        * WebCore.xcodeproj/project.pbxproj: Ditto.
        * bindings/js/ReadableJSStream.cpp:
        (WebCore::ReadableJSStream::globalObject):
        (WebCore::ReadableJSStream::doStart): Equivalent of ReadableJSStream::Source::start().
        (WebCore::ReadableJSStream::create): Updated according new constructor.
        (WebCore::ReadableJSStream::ReadableJSStream):
        (WebCore::startReadableStreamAsync): Deleted.
        (WebCore::ReadableJSStream::jsController): Deleted.
        (WebCore::ReadableJSStream::storeError): Deleted.
        * bindings/js/ReadableJSStream.h: Added m_source member to store the JS source as a JS object.

2015-06-04  Zan Dobersek  <zdobersek@igalia.com>

        Shrink the ArabicCharShapingMode enum in SVGGlyph.cpp
        https://bugs.webkit.org/show_bug.cgi?id=145564

        Reviewed by Darin Adler.

        Shrink the ArabicCharShapingMode enum to just one byte.
        This drops the size of the static s_arabicCharShapingMode
        array of  ArabicCharShapingMode values from 888 bytes to 222.

        * platform/graphics/SVGGlyph.cpp:
        (WebCore::processArabicFormDetection):

2015-06-03  Zalan Bujtas  <zalan@apple.com>

        Use borderBoxRect instead of contentBoxRect for backdrop filter.
        https://bugs.webkit.org/show_bug.cgi?id=145606

        Reviewed by Simon Fraser.

        Backdrop filter should use border box rect. It also needs to take css clip into account.

        Tests: css3/filters/backdrop/backdrop-filter-with-cliprect.html
               css3/filters/backdrop/backdrop-filter-with-mask.html

        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::updateBackdropFiltersGeometry):

2015-06-03  Youenn Fablet  <youenn.fablet@crf.canon.fr>

        MediaDevices.getUserMedia should put promises in resolve/reject state synchronously
        https://bugs.webkit.org/show_bug.cgi?id=145308

        Reviewed by Darin Adler.

        Removed the calls to callToMainThread in which were resolved and rejected promises.
        Cleaned up the code to remove unneeded callback copies.

        Covered by existing tests.

        * Modules/mediastream/UserMediaRequest.cpp:
        (WebCore::UserMediaRequest::create):
        (WebCore::UserMediaRequest::UserMediaRequest):
        (WebCore::UserMediaRequest::didCreateStream):
        (WebCore::UserMediaRequest::failedToCreateStreamWithConstraintsError):
        (WebCore::UserMediaRequest::failedToCreateStreamWithPermissionError):
        * Modules/mediastream/UserMediaRequest.h:

2015-06-03  Simon Fraser  <simon.fraser@apple.com>

        REGRESSION (r184968): missing media player buttons (control bar exists, but no buttons)
        https://bugs.webkit.org/show_bug.cgi?id=145630

        Reviewed by Zalan Bujtas.

        r184968 changed the initial value of m_intersectsCoverageRect to false. However,
        this triggered a bug with mask layers, whose value of m_intersectsCoverageRect was never
        updated.

        Fix by copying the value of m_intersectsCoverageRect from the main layer to its
        mask layer, just as we do for m_visibleRect and m_coverageRect.

        Test: compositing/visible-rect/mask-layer-coverage.html

        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::setVisibleAndCoverageRects):

2015-06-03  Simon Fraser  <simon.fraser@apple.com>

        Layer tree dumps should include mask layers
        https://bugs.webkit.org/show_bug.cgi?id=145629

        Reviewed by Zalan Bujtas.

        Dumping the layer tree omitted to dump the mask layer, so fix 
        GraphicsLayer::dumpProperties() to dump this layer.

        * platform/graphics/GraphicsLayer.cpp:
        (WebCore::GraphicsLayer::dumpProperties):

2015-06-03  Greg Hughes  <ghughes@apple.com>

        AX: Expose field sets to accessibility clients
        https://bugs.webkit.org/show_bug.cgi?id=145585
   
        Expose fieldsets to the accessibility API via a subrole of AXFieldset.

        Reviewed by Chris Fleizach.

        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper subrole]):

2015-06-03  Myles C. Maxfield  <mmaxfield@apple.com>

        Remove dead code FontPlatformData::roundsGlyphAdvances()
        https://bugs.webkit.org/show_bug.cgi?id=145628

        Reviewed by Simon Fraser.

        No new tests because there is no behavior change.

        * WebCore.order:
        * platform/graphics/FontPlatformData.h:
        * platform/graphics/cocoa/FontPlatformDataCocoa.mm:
        (WebCore::FontPlatformData::roundsGlyphAdvances): Deleted.

2015-06-03  Ryuan Choi  <ryuan.choi@navercorp.com>

        [CoordinatedGraphics] Merge CoordinatedTile into Tile
        https://bugs.webkit.org/show_bug.cgi?id=145602

        Reviewed by Darin Adler.

        CoordinatedTile only implements Tile since Qt and WebKit1/Efl were dropped.
        So, there is no reason that CoordinatedTile inherits Tile interface.

        No new tests, no behavior changes.

        * PlatformEfl.cmake:
        * PlatformGTK.cmake:
        * WebCore.vcxproj/WebCore.vcxproj:
        * WebCore.vcxproj/WebCore.vcxproj.filters:
        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:
        * platform/graphics/texmap/coordinated/CoordinatedTile.cpp: Renamed to Tile.cpp
        * platform/graphics/texmap/coordinated/CoordinatedTile.h: Merged into Tile.h
        (WebCore::CoordinatedTile::coordinate): Deleted.
        (WebCore::CoordinatedTile::rect): Deleted.
        * platform/graphics/texmap/coordinated/Tile.cpp: Renamed from CoordinatedTile.cpp.
        * platform/graphics/texmap/coordinated/Tile.h:
        * platform/graphics/texmap/coordinated/TiledBackingStore.cpp:
        (WebCore::TiledBackingStore::createTiles):

2015-06-03  Matt Rajca  <mrajca@apple.com>

        Add basic Media Session support to HTMLMediaElement.
        https://bugs.webkit.org/show_bug.cgi?id=145581

        Reviewed by Eric Carlson.

        HTMLMediaElements now have:

        - a 'kind' attribute representing the intrinsic media category
        - a 'session' attribute representing the current media session, if any

        * CMakeLists.txt: Include the new HTMLMediaElementMediaSession sources.
        * DerivedSources.make: Include the new IDL file.
        * Modules/mediasession/HTMLMediaElementMediaSession.cpp: Added.
        (WebCore::HTMLMediaElementMediaSession::session):
        * Modules/mediasession/HTMLMediaElementMediaSession.h: Added basic translation of the IDL file.
        (WebCore::HTMLMediaElementMediaSession::kind):
        (WebCore::HTMLMediaElementMediaSession::setKind):
        (WebCore::HTMLMediaElementMediaSession::setSession):
        * Modules/mediasession/HTMLMediaElementMediaSession.idl: Added from the Media Session spec.
        * PlatformMac.cmake: Include DOMHTMLMediaElementMediaSession.cpp.
        * WebCore.xcodeproj/project.pbxproj: Include the new HTMLMediaElementMediaSession sources.
        * html/HTMLMediaElement.h: Added accessors for 'kind' and 'session'.
        (WebCore::HTMLMediaElement::kind):
        (WebCore::HTMLMediaElement::setKind):
        (WebCore::HTMLMediaElement::session):
        (WebCore::HTMLMediaElement::setSession):

2015-06-03  Myles C. Maxfield  <mmaxfield@apple.com>

        Cleanup after r185175.
        https://bugs.webkit.org/show_bug.cgi?id=145569
        <rdar://problem/20671711>

        Unreviewed.

        No new tests because there is no behavior change.

        * platform/graphics/WidthIterator.h:

2015-06-02  Myles C. Maxfield  <mmaxfield@apple.com>

        SoftBank Emoji are not transformed by shaping when in a run of their own
        https://bugs.webkit.org/show_bug.cgi?id=145569
        <rdar://problem/20671711>

        Reviewed by Dean Jackson.

        Normally, we don't perform shaping on single glyphs. However, these particular codepoints
        need to have shaping run on them, even if they are alone.

        Test: fast/text/softbank-emoji.html Note that this test may fail in different locales on
        different platforms. This patch disables the test on iOS.

        * Source/WebCore/platform/graphics/WidthIterator.cpp:
        (WebCore::applyFontTransforms): Move the length-of-1 check into shouldApplyFontTransforms()
        (WebCore::shouldApplyFontTransforms): Return true if we have one of these emoji characters in
        a run of its own
        (WebCore::advanceInternal): Keep track of the previous character, and use it to call
        shouldApplyFontTransforms. 
        * Source/WebCore/platform/graphics/WidthIterator.h: shouldApplyFontTransforms() needs
        some more information to perform its duties.

2015-06-03  Daniel Bates  <dabates@apple.com>

        Caps lock indicator should not be shown in read-only or disabled field
        https://bugs.webkit.org/show_bug.cgi?id=145612
        <rdar://problem/21227454>

        Reviewed by Darin Adler.

        * html/TextFieldInputType.cpp:
        (WebCore::TextFieldInputType::disabledAttributeChanged): Update caps lock indicator state.
        (WebCore::TextFieldInputType::readonlyAttributeChanged): Ditto.
        (WebCore::TextFieldInputType::shouldDrawCapsLockIndicator): Do not draw the caps lock indicator
        when the field is read-only or disabled.

2015-06-03  Dean Jackson  <dino@apple.com>

        Crash in GraphicsContext3D::getInternalFramebufferSize
        https://bugs.webkit.org/show_bug.cgi?id=145479
        <rdar://problem/16461048>

        Reviewed by Eric Carlson.

        If we are in an unitialized or lost state, don't try to access the context.

        In order to test this, I added an Internal setting that always
        forces WebGL into a pending state.

        Test: fast/canvas/webgl/useWhilePending.html

        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::WebGLRenderingContextBase::create): Check internal settings for
        a forced pending state.
        (WebCore::WebGLRenderingContextBase::drawingBufferWidth): Guard against a pending state.
        (WebCore::WebGLRenderingContextBase::drawingBufferHeight): Ditto.
        * page/Settings.cpp: New Internal setting for forcing a pending policy.
        (WebCore::Settings::Settings):
        (WebCore::Settings::setForcePendingWebGLPolicy):
        * page/Settings.h:
        (WebCore::Settings::isForcePendingWebGLPolicy):
        * testing/InternalSettings.cpp:
        (WebCore::InternalSettings::Backup::Backup):
        (WebCore::InternalSettings::Backup::restoreTo):
        (WebCore::InternalSettings::setForcePendingWebGLPolicy):
        * testing/InternalSettings.h:
        * testing/InternalSettings.idl:

2015-06-03  Hunseop Jeong  <hs85.jeong@samsung.com>

        Use modern for-loops in WebCore/page.
        https://bugs.webkit.org/show_bug.cgi?id=145455

        Reviewed by Darin Adler.

        No new tests, no behavior changes.

        * page/Chrome.cpp:
        (WebCore::Chrome::notifyPopupOpeningObservers):
        * page/ContentSecurityPolicy.cpp:
        (WebCore::CSPSourceList::matches):
        (WebCore::CSPDirectiveList::gatherReportURIs):
        (WebCore::ContentSecurityPolicy::copyStateFrom):
        (WebCore::isAllowedByAll):
        (WebCore::isAllowedByAllWithState):
        (WebCore::isAllowedByAllWithContext):
        (WebCore::isAllowedByAllWithURL):
        (WebCore::ContentSecurityPolicy::evalDisabledErrorMessage):
        (WebCore::ContentSecurityPolicy::allowPluginType):
        (WebCore::ContentSecurityPolicy::reflectedXSSDisposition):
        (WebCore::ContentSecurityPolicy::gatherReportURIs):
        * page/ContextMenuController.cpp:
        (WebCore::ContextMenuController::populate):
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::dispatchAllPendingBeforeUnloadEvents):
        (WebCore::DOMWindow::dispatchAllPendingUnloadEvents):
        (WebCore::DOMWindow::willDestroyCachedFrame):
        (WebCore::DOMWindow::willDestroyDocumentInFrame):
        (WebCore::DOMWindow::willDetachDocumentFromFrame):
        (WebCore::DOMWindow::disconnectDOMWindowProperties):
        (WebCore::DOMWindow::reconnectDOMWindowProperties):
        (WebCore::DOMWindow::getMatchedCSSRules):
        * page/DeviceController.cpp:
        (WebCore::DeviceController::dispatchDeviceEvent):
        (WebCore::DeviceController::fireDeviceEvent):
        * page/EventHandler.cpp:
        (WebCore::EventHandler::updateMouseEventTargetNode):
        (WebCore::EventHandler::handleTouchEvent):
        * page/FocusController.cpp:
        (WebCore::FocusController::setIsVisibleAndActiveInternal):
        * page/Frame.cpp:
        (WebCore::Frame::orientationChanged):
        (WebCore::Frame::injectUserScriptsForWorld):
        * page/FrameView.cpp:
        (WebCore::FrameView::scrollContentsFastPath):
        (WebCore::FrameView::serviceScriptedAnimations):
        (WebCore::FrameView::trackedRepaintRectsAsText):
        (WebCore::FrameView::updateWidgetPositions):
        (WebCore::FrameView::notifyWidgets):
        * page/Page.cpp:
        (WebCore::networkStateChanged):
        (WebCore::Page::stringToViewMode):
        (WebCore::Page::updateStyleForAllPagesAfterGlobalChangeInEnvironment):
        (WebCore::Page::refreshPlugins):
        (WebCore::Page::lockAllOverlayScrollbarsToHidden):
        (WebCore::Page::pluginViews):
        (WebCore::Page::storageBlockingStateChanged):
        (WebCore::Page::setIsVisibleInternal):
        * page/PageGroup.cpp:
        (WebCore::PageGroup::captionPreferencesChanged):
        * page/PageGroupLoadDeferrer.cpp:
        (WebCore::PageGroupLoadDeferrer::PageGroupLoadDeferrer):
        (WebCore::PageGroupLoadDeferrer::~PageGroupLoadDeferrer):
        * page/PageSerializer.cpp:
        (WebCore::PageSerializer::serializeFrame):
        * page/Performance.cpp:
        (WebCore::Performance::webkitGetEntriesByType):
        (WebCore::Performance::webkitGetEntriesByName):
        * page/PerformanceResourceTiming.cpp:
        (WebCore::passesTimingAllowCheck):
        * page/PerformanceUserTiming.cpp:
        (WebCore::convertToEntrySequence):
        * page/SecurityPolicy.cpp:
        (WebCore::SecurityPolicy::isAccessWhiteListed):
        * page/UserContentURLPattern.cpp:
        (WebCore::UserContentURLPattern::matchesPatterns):
        * page/WindowFeatures.cpp:
        (WebCore::WindowFeatures::parseDialogFeatures):
        * page/animation/AnimationController.cpp:
        (WebCore::AnimationControllerPrivate::updateAnimations):
        (WebCore::AnimationControllerPrivate::fireEventsAndUpdateStyle):
        (WebCore::AnimationControllerPrivate::suspendAnimationsForDocument):
        (WebCore::AnimationControllerPrivate::resumeAnimationsForDocument):
        (WebCore::AnimationControllerPrivate::numberOfActiveAnimations):
        * page/animation/CSSPropertyAnimation.cpp:
        (WebCore::ShorthandPropertyWrapper::equals):
        (WebCore::ShorthandPropertyWrapper::blend):
        * page/scrolling/AsyncScrollingCoordinator.cpp:
        (WebCore::setStateScrollingNodeSnapOffsetsAsFloat):
        * page/scrolling/ScrollingCoordinator.cpp:
        (WebCore::ScrollingCoordinator::absoluteNonFastScrollableRegionForFrame):
        (WebCore::ScrollingCoordinator::hasVisibleSlowRepaintViewportConstrainedObjects):

2015-06-03  Daniel Bates  <dabates@apple.com>

        AutoFill button should not be shown in read-only or disabled field
        https://bugs.webkit.org/show_bug.cgi?id=145579
        <rdar://problem/21212494>

        Reviewed by Darin Adler.

        Fixes an issue where the AutoFill button is shown in a read-only or disabled
        field. We should not show the AutoFill button in such cases.

        Tests: fast/forms/auto-fill-button/hide-auto-fill-button-when-input-becomes-disabled.html
               fast/forms/auto-fill-button/hide-auto-fill-button-when-input-becomes-readonly.html
               fast/forms/auto-fill-button/input-auto-fill-button.html
               fast/forms/auto-fill-button/input-disabled-auto-fill-button.html
               fast/forms/auto-fill-button/input-readonly-auto-fill-button.html
               fast/forms/auto-fill-button/input-readonly-non-empty-auto-fill-button.html

        * html/TextFieldInputType.cpp:
        (WebCore::TextFieldInputType::disabledAttributeChanged): Update AutoFill button state.
        (WebCore::TextFieldInputType::readonlyAttributeChanged): Ditto.
        (WebCore::TextFieldInputType::shouldDrawAutoFillButton): Do not draw AutoFill button
        when the field is disabled or read-only.

2015-06-03  Brent Fulgham  <bfulgham@apple.com>

        REGRESSION: (r181879): Scrolling in select/option region in iFrame scrolls both select and iframe
        https://bugs.webkit.org/show_bug.cgi?id=145574
        <rdar://problem/20966828>

        Reviewed by Simon Fraser.

        Tested by platform/mac-wk2/tiled-drawing/scrolling/fast-scroll-iframe-latched-select.html

        When the scroll gesture is started when the latched scrollable container is not at the limit of its
        scroll region, we are NOT supposed to propagate the scroll event to the enclosing region. However,
        we were doing two things wrong:
        (1) When we recognized we were latching, we were using the right wheel event target, but not using
            the latched scrollable container.
        (2) Likewise, we were not using latched ScrollableArea when handling wheel events.

        Instead, we were using the current scrollable container and ScrollableArea under the mouse pointer,
        which could be different from the point we started latching as the content scrolled.
        
        The fix was to properly track the scrollable container and scrollable area during latching.

        I attempted to store the latched ScrollableArea in the latchingState object, like we already do for the
        scrollable container, but found that this did not work properly. I think the life cycle of the
        ScrollableArea may not match the scrollable container, and since they are not reference counted I
        simply retrieve the ScrollableArea when needed.

        * page/mac/EventHandlerMac.mm:
        (WebCore::scrollableAreaForContainerNode): Helper function to return the correct ScrollableArea
        for the two types of RenderBox elements.
        (WebCore::latchedToFrameOrBody): Helper predicate to identify Frame and Body elements.
        (WebCore::EventHandler::platformPrepareForWheelEvents): Use the correct ScrollableArea for the given
        ContainerNode. When latching, make sure to use the ScrollableArea that is related to the latched scrollable
        container, not the area currently underneath the mouse pointer.

2015-06-03  Brady Eidson  <beidson@apple.com>

        REGRESSION (r183498): Certain types of frame loads in iframes with <base target="_blank"> can open urls in new window/tabs
        https://bugs.webkit.org/show_bug.cgi?id=145580

        Reviewed by Mark Lam.

        Tests: fast/loader/fragment-navigation-base-blank.html
               fast/loader/iframe-meta-refresh-base-blank.html
               fast/loader/iframe-set-location-base-blank.html
               fast/loader/refresh-iframe-base-blank.html

        Before 183498, callers of FrameLoader::changeLocation() got automatically assigned a frame name of "_self".
        After 183498, many remained without a frame name.
        
        Later on, FrameLoader applies the <base> target as their frame name if they don't already have one. 
        
        When the <base> target is "_blank", that causes a new window/tab.
        
        Restoring "_self" to these call sites fixes this.

        * inspector/InspectorFrontendClientLocal.cpp:
        (WebCore::InspectorFrontendClientLocal::openInNewTab):
        
        * inspector/InspectorPageAgent.cpp:
        (WebCore::InspectorPageAgent::navigate):
        
        * loader/FrameLoadRequest.h:
        (WebCore::FrameLoadRequest::FrameLoadRequest):
        
        * loader/NavigationScheduler.cpp:
        (WebCore::NavigationScheduler::scheduleLocationChange):
        
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::createWindow):

2015-06-03  Alexey Proskuryakov  <ap@apple.com>

        More iOS build fixing.

        * platform/spi/mac/AVFoundationSPI.h:

2015-06-03  Zalan Bujtas  <zalan@apple.com>

        Subpixel rendering: Composited layer with subpixel gap does not get painted properly when its position changes.
        https://bugs.webkit.org/show_bug.cgi?id=145587

        Reviewed by Simon Fraser.

        The composited layer always snaps to an enclosing device pixel (floors) while the renderer rounds.
        At certain positions (for example 0.5px on a 1x display), a gap is formed between the layer(0px) and its renderer(1px).
        In such cases, when the the renderer moves to a position (1.1px) where the gap is closed, we need to issue repaint on the layer
        in order to get the renderering right.

        Test: compositing/child-layer-with-subpixel-gap-needs-repaint-when-parent-moves.html

        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::updateAfterLayout):
        (WebCore::devicePixelFractionGapFromRendererChanged):
        (WebCore::RenderLayerBacking::updateGeometry):
        * rendering/RenderLayerBacking.h:

2015-06-03  Xabier Rodriguez Calvar  <calvaris@igalia.com> and Youenn Fablet <youenn.fablet@crf.canon.fr>

        [Streams API] ReadableStreamReader::closed() should be called once by binding code
        https://bugs.webkit.org/show_bug.cgi?id=145551

        Reviewed by Darin Adler.

        Covered by existing tests.

        * bindings/js/JSReadableStreamReaderCustom.cpp:
        (WebCore::JSReadableStreamReader::closed): Calling ReadableStreamReader::closed only at creation of the promise.

2015-06-02  Gyuyoung Kim  <gyuyoung.kim@webkit.org>

        [EFL][GTK] Fix build error since r185137
        https://bugs.webkit.org/show_bug.cgi?id=145596

        Unreviewed, fix build break on EFL and GTK port.

        * dom/Text.cpp:
        (WebCore::Text::formatForDebugger): Use strncpy() instead of strlcpy().

2015-06-02  Sergio Villar Senin  <svillar@igalia.com>

        [CSS Grid Layout] Switch from parenthesis to brackets for grid line names
        https://bugs.webkit.org/show_bug.cgi?id=144996

        Reviewed by Darin Adler.

        Grid line names are now enclosed by brackets instead of parentheses
        as mentioned in the latest version of the spec. Appartently the CSS
        code is now more readable and avoids issues with tools like SASS.

        * css/CSSGrammar.y.in:
        * css/CSSGridLineNamesValue.cpp:
        (WebCore::CSSGridLineNamesValue::customCSSText):

2015-06-02  Alexey Proskuryakov  <ap@apple.com>

        iOS build fix

        * platform/spi/mac/AVFoundationSPI.h:

2015-06-02  Commit Queue  <commit-queue@webkit.org>

        Unreviewed, rolling out r185128 and r185132.
        https://bugs.webkit.org/show_bug.cgi?id=145597

        The new test hits a bad assertion (Requested by ap on
        #webkit).

        Reverted changesets:

        "Crash in GraphicsContext3D::getInternalFramebufferSize"
        https://bugs.webkit.org/show_bug.cgi?id=145479
        http://trac.webkit.org/changeset/185128

        "Skip webgl/useWhilePending.html on WebKit 1."
        http://trac.webkit.org/changeset/185132

2015-06-02  Ryuan Choi  <ryuan.choi@navercorp.com>

        [CoordinatedGraphics] Refactor TiledBackingStoreClient
        https://bugs.webkit.org/show_bug.cgi?id=145577

        Reviewed by Gyuyoung Kim.

        This patch removes and simplifies unnecessary virtual methods of TiledBackingStoreClient.

        No new tests, no behavior changes.

        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.cpp:
        (WebCore::CoordinatedGraphicsLayer::didUpdateTileBuffers): Renamed from tiledBackingStorePaintEnd.
        (WebCore::CoordinatedGraphicsLayer::tiledBackingStorePaintBegin): Deleted.
        (WebCore::CoordinatedGraphicsLayer::tiledBackingStorePaintEnd): Deleted.
        (WebCore::CoordinatedGraphicsLayer::tiledBackingStoreBackgroundColor):
        Deleted because tiledBackingStoreBackgroundColor() is not used anywhere.
        * platform/graphics/texmap/coordinated/CoordinatedGraphicsLayer.h:
        * platform/graphics/texmap/coordinated/CoordinatedTile.cpp:
        (WebCore::CoordinatedTile::updateBackBuffer):
        Simplified not to call unnecessary methods. In addition, used modern for loop.
        (WebCore::CoordinatedTile::swapBackBufferToFront): Deleted.
        * platform/graphics/texmap/coordinated/CoordinatedTile.h:
        * platform/graphics/texmap/coordinated/Tile.h:
        * platform/graphics/texmap/coordinated/TiledBackingStore.cpp:
        (WebCore::TiledBackingStore::updateTileBuffers):
        * platform/graphics/texmap/coordinated/TiledBackingStoreClient.h:

2015-06-02  Doug Russell  <d_russell@apple.com>

        AX: debugging attributes for text markers
        https://bugs.webkit.org/show_bug.cgi?id=145283

        Reviewed by Chris Fleizach.

        AXTextMarkerDebugDescription: returns the result of
        VisiblePosition::formatForDebugger() for the visible position that a text marker
        represents.
        AXTextMarkerNodeDebugDescription: calls Node::showNode() and
        Node::showNodePathForThis() for the visible position that a text marker
        represents.
        AXTextMarkerNodeTreeDebugDescription: calls Node::showTreeForThis() for the
        visible position that a text marker represents.
        AXTextMarkerRangeDebugDescription: returns the result of
        formatForDebugger(VisiblePositionRange) for the visible position range that a text
        marker range represents.

        This is debug only tooling. Tests would be flakey and not very helpful.

        * accessibility/mac/WebAccessibilityObjectWrapperMac.mm:
        (-[WebAccessibilityObjectWrapper debugDescriptionForTextMarker:]):
        (-[WebAccessibilityObjectWrapper debugDescriptionForTextMarkerRange:]):
        (-[WebAccessibilityObjectWrapper showNodeForTextMarker:]):
        (-[WebAccessibilityObjectWrapper showNodeTreeForTextMarker:]):
        (formatForDebugger):
        (-[WebAccessibilityObjectWrapper accessibilityAttributeValue:forParameter:]):
        * dom/Text.cpp:
        (WebCore::Text::formatForDebugger):

2015-06-02  Matt Rajca  <mrajca@apple.com>

        MediaSessions should keep track of their current state.
        https://bugs.webkit.org/show_bug.cgi?id=145575

        Reviewed by Alex Christensen.

        * Modules/mediasession/MediaSession.h: Per the Media Session spec, the state can be 'Idle', 'Active', or
          'Interrupted'. Sessions are created in an 'Idle' state.

2015-06-02  Jon Lee  <jonlee@apple.com>

        Build fix when building with internal SDKs
        https://bugs.webkit.org/show_bug.cgi?id=145576
        rdar://problem/21089476

        Reviewed by Alexey Proskuryakov.

        * platform/spi/mac/AVFoundationSPI.h: Include the right header.

2015-06-02  Dean Jackson  <dino@apple.com>

        No need to guard the sizes attribute against PICTURE_SIZES in preload scanner.
        https://bugs.webkit.org/show_bug.cgi?id=145573
        <rdar://problem/21210038>

        Reviewed by Myles Maxfield.

        The PICTURE_SIZES feature flag doesn't need to be used to
        guard preloading of the sizes attribute.

        * html/parser/HTMLPreloadScanner.cpp:
        (WebCore::TokenPreloadScanner::StartTagScanner::processAttributes): Deleted.
        (WebCore::TokenPreloadScanner::StartTagScanner::processAttribute): Deleted.

2015-06-02  Anders Carlsson  <andersca@apple.com>

        Use UUIDs for WebSQL database filenames instead of a sequential number
        https://bugs.webkit.org/show_bug.cgi?id=145571

        Reviewed by Dan Bernstein.

        This is a first step towards getting rid of the iOS specific code path where we truncate
        database files instead of deleting them (in order to avoid file corruption).

        * Modules/webdatabase/DatabaseTracker.cpp:
        (WebCore::generateDatabaseFileName):
        (WebCore::DatabaseTracker::fullPathForDatabaseNoLock):
        * platform/sql/SQLiteFileSystem.cpp:
        (WebCore::SQLiteFileSystem::getFileNameForNewDatabase): Deleted.
        * platform/sql/SQLiteFileSystem.h:

2015-06-02  Dean Jackson  <dino@apple.com>

        Crash in GraphicsContext3D::getInternalFramebufferSize
        https://bugs.webkit.org/show_bug.cgi?id=145479
        <rdar://problem/16461048>

        Reviewed by Eric Carlson.

        If we are in an unitialized or lost state, don't try to access the context.

        In order to test this, I added an Internal setting that always
        forces WebGL into a pending state.

        Test: fast/canvas/webgl/useWhilePending.html

        * html/canvas/WebGLRenderingContextBase.cpp:
        (WebCore::WebGLRenderingContextBase::create): Check internal settings for
        a forced pending state.
        (WebCore::WebGLRenderingContextBase::drawingBufferWidth): Guard against a pending state.
        (WebCore::WebGLRenderingContextBase::drawingBufferHeight): Ditto.
        * page/Settings.cpp: New Internal setting for forcing a pending policy.
        (WebCore::Settings::Settings):
        (WebCore::Settings::setForcePendingWebGLPolicy):
        * page/Settings.h:
        (WebCore::Settings::isForcePendingWebGLPolicy):
        * testing/InternalSettings.cpp:
        (WebCore::InternalSettings::Backup::Backup):
        (WebCore::InternalSettings::Backup::restoreTo):
        (WebCore::InternalSettings::setForcePendingWebGLPolicy):
        * testing/InternalSettings.h:
        * testing/InternalSettings.idl:

2015-06-02  Matt Rajca  <mrajca@apple.com>

        Added a stub implementation of MediaSession, part of the Media Session spec.
        https://bugs.webkit.org/show_bug.cgi?id=145530

        Reviewed by Eric Carlson.

        * CMakeLists.txt: Added new MediaSession sources.
        * DerivedSources.make:
        * Modules/mediasession/MediaSession.cpp: Added stub implementation.
        (WebCore::MediaSession::MediaSession): Per the Media Session spec, a Media Remote Controls object should only be
          set for 'content' sessions; it is null otherwise.
        (WebCore::MediaSession::~MediaSession):
        (WebCore::MediaSession::controls):
        (WebCore::MediaSession::releaseSession):
        * Modules/mediasession/MediaSession.h: Added basic translation of IDL file.
        * Modules/mediasession/MediaSession.idl: Added from the Media Session spec.
        * WebCore.xcodeproj/project.pbxproj: Added new MediaSession sources.

2015-06-02  Zalan Bujtas  <zalan@apple.com>

        Backdrop filter is pulling in content from behind the window.
        https://bugs.webkit.org/show_bug.cgi?id=145561
        rdar://problem/20909309

        Reviewed by Simon Fraser.

        This patch ensures that the backdrop filter layer is positioned and sized properly.

        The backdrop filter layer should take its size and position from its renderer and not
        directly from the composited layer.
        In certain cases the composited layer's size is expanded to cover items like box shadow or an absolute positioned descendant.
        In such cases, we ended up applying the backdrop filter to those areas as well.

        Tests: css3/filters/backdrop/backdrop-filter-does-not-size-properly-absolute.html
               css3/filters/backdrop/backdrop-filter-does-not-size-properly-border-and-padding.html

        * platform/graphics/GraphicsLayer.h:
        (WebCore::GraphicsLayer::setBackdropFiltersRect):
        (WebCore::GraphicsLayer::backdropFiltersRect):
        * platform/graphics/ca/GraphicsLayerCA.cpp:
        (WebCore::GraphicsLayerCA::setBackdropFiltersRect):
        (WebCore::GraphicsLayerCA::commitLayerChangesBeforeSublayers):
        (WebCore::GraphicsLayerCA::updateBackdropFilters):
        (WebCore::GraphicsLayerCA::updateBackdropFiltersRect):
        (WebCore::GraphicsLayerCA::updateContentsRects):
        (WebCore::GraphicsLayerCA::updateGeometry): Deleted.
        * platform/graphics/ca/GraphicsLayerCA.h:
        * rendering/RenderLayerBacking.cpp:
        (WebCore::RenderLayerBacking::updateBackdropFiltersGeometry):
        (WebCore::RenderLayerBacking::updateGeometry):
        * rendering/RenderLayerBacking.h:

2015-06-02  Eric Carlson  <eric.carlson@apple.com>

        [Mac] occasional crash in Document::playbackTargetAvailabilityDidChange
        https://bugs.webkit.org/show_bug.cgi?id=145559

        Reviewed by Darin Adler.

        No new tests, covered by existing tests.

        * html/HTMLMediaElement.cpp:
        (WebCore::HTMLMediaElement::registerWithDocument): Pass document to m_mediaSession->registerWithDocument.
        (WebCore::HTMLMediaElement::unregisterWithDocument): Pass document to m_mediaSession->unRegisterWithDocument.
        (WebCore::HTMLMediaElement::documentWillSuspendForPageCache): Ditto.
        (WebCore::HTMLMediaElement::documentDidResumeFromPageCache): Ditto.

        * html/MediaElementSession.cpp:
        (WebCore::MediaElementSession::registerWithDocument): Take a document.
        (WebCore::MediaElementSession::unregisterWithDocument): Ditto.
        * html/MediaElementSession.h:

2015-06-02  Chris Dumez  <cdumez@apple.com>

        Calling FrameView::viewportContentsChanged() after style recalcs is too expensive
        https://bugs.webkit.org/show_bug.cgi?id=145554
        <rdar://problem/21189478>

        Reviewed by Darin Adler and Simon Fraser.

        Only call FrameView::viewportContentsChanged() after a style recalc if
        composited layers have been updated (and there is no pending layout).

        We already viewportContentsChanged() after layout so we only need to
        call viewportContentsChanged() after a style recalc if it did not cause
        a layout but may have caused an element to become visible. In
        particular, this can happen in the case of composited animations (e.g.
        using -webkit-transform to move an element inside the viewport).
        Therefore, we now only call viewportContentsChanged() after a style
        recalc if it caused composited layers to be updated. This avoids a lot
        of unnecessary calls to viewportContentsChanged(), which is expensive.

        No new tests, already covered by:
        fast/images/animated-gif-webkit-transform.html

        * dom/Document.cpp:
        (WebCore::Document::recalcStyle):
        * page/FrameView.cpp:
        (WebCore::FrameView::updateCompositingLayersAfterStyleChange):
        * page/FrameView.h:
        * rendering/RenderLayerCompositor.cpp:
        (WebCore::RenderLayerCompositor::didRecalcStyleWithNoPendingLayout):
        (WebCore::RenderLayerCompositor::updateCompositingLayers):
        * rendering/RenderLayerCompositor.h:

2015-06-02  Myles C. Maxfield  <mmaxfield@apple.com>

        Remove use of CTFontSetRenderingParameters()
        https://bugs.webkit.org/show_bug.cgi?id=145560

        Reviewed by Simon Fraser.

        Instead, always use CTFontSetRenderingStyle().

        No new tests because there is no behavior change.

        * platform/graphics/cocoa/FontCascadeCocoa.mm:
        (WebCore::RenderingStyleSaver::RenderingStyleSaver): Deleted.
        (WebCore::RenderingStyleSaver::~RenderingStyleSaver): Deleted.

2015-06-02  Anders Carlsson  <andersca@apple.com>

        Move WKFontAntialiasingStateSaver to its own file
        https://bugs.webkit.org/show_bug.cgi?id=145557
        rdar://problem/21134776

        Reviewed by Dan Bernstein.

        Also rename it to FontAntialiasingStateSaver. Also, change it to use the CoreGraphicsSPI.h header for its
        CGFontAntialiasingStyle definition instead of using an explicit typedef.

        * WebCore.xcodeproj/project.pbxproj:
        * platform/graphics/ca/mac/PlatformCALayerMac.mm:
        (PlatformCALayer::drawLayerContents):
        * platform/graphics/ios/FontAntialiasingStateSaver.h: Copied from Source/WebCore/platform/ios/wak/WKGraphics.h.
        (WebCore::FontAntialiasingStateSaver::FontAntialiasingStateSaver):
        (WebCore::FontAntialiasingStateSaver::setup):
        (WebCore::FontAntialiasingStateSaver::restore):
        * platform/ios/LegacyTileCache.mm:
        (WebCore::LegacyTileCache::drawWindowContent):
        * platform/ios/wak/WKGraphics.h:
        (WKFontAntialiasingStateSaver::WKFontAntialiasingStateSaver): Deleted.
        * platform/ios/wak/WKGraphics.mm:
        (WKFontAntialiasingStateSaver::setup): Deleted.
        (WKFontAntialiasingStateSaver::restore): Deleted.

2015-06-02  Xabier Rodriguez Calvar  <calvaris@igalia.com> and Youenn Fablet <youenn.fablet@crf.canon.fr>

        [Streams API] Implement ReadableStreamReader read method in closed and errored state
        https://bugs.webkit.org/show_bug.cgi?id=144790

        Reviewed by Darin Adler.

        Reader delegates read() promise handling to its stream except if reader is no longer locking the stream and stream is readable.
        Storing of reader read() promise callbacks as a Vector in ReadableStream.
        Added resolution/rejection of read() promises in case of errored/closed streams.

        Test: streams/readable-stream-reader-read.html

        * ForwardingHeaders/runtime/IteratorOperations.h: Added.
        * Modules/streams/ReadableStream.cpp:
        (WebCore::ReadableStream::cleanCallbacks): Clean the read requests.
        (WebCore::ReadableStream::changeStateToClosed): Run success callbacks with undefined for read requests.
        (WebCore::ReadableStream::changeStateToErrored): Run failure callbacks with the errors for read requests.
        (WebCore::ReadableStream::closed): Parameter name changed.
        (WebCore::ReadableStream::read): Added. Succeeds with empty when closed, fails with error when errored, reads a
        value if there is one and pushes the callbacks to the queue otherwise.
        * Modules/streams/ReadableStream.h:
        (WebCore::ReadableStream::ReadCallbacks::ReadCallbacks): Struct containing success and failure callbacks.
        * Modules/streams/ReadableStreamReader.cpp:
        (WebCore::ReadableStreamReader::closed): Parameter name changed.
        (WebCore::ReadableStreamReader::read): Invoke success with empty if we streams if we don't have the right reader
        and call the stream otherwise to read.
        * Modules/streams/ReadableStreamReader.h:
        * bindings/js/JSReadableStreamReaderCustom.cpp:
        (WebCore::JSReadableStreamReader::read): Create the callback lambdas and invoke read. Failure rejects the
        promise and success creates the result from the read value.
        * bindings/js/ReadableJSStream.cpp:
        (WebCore::ReadableJSStream::hasValue):
        (WebCore::ReadableJSStream::read): Not implemented yet.
        * bindings/js/ReadableJSStream.h:

2015-06-01  Myles C. Maxfield  <mmaxfield@apple.com>

        [Cocoa] FontPlatformData's equality check should always use reference URLs
        https://bugs.webkit.org/show_bug.cgi?id=144168

        Reviewed by Tim Horton.

        <rdar://problem/18985642> is not fixed, so we need to continue using the older
        objectForEqualityCheck().

        No new tests because there is no behavior change.

        * platform/graphics/cocoa/FontPlatformDataCocoa.mm:
        (WebCore::FontPlatformData::objectForEqualityCheck):

2015-06-02  Andy Estes  <aestes@apple.com>

        [Mac] REGRESSION (r175941): Max.app crashes when adding a sound file to a patch due to removing cursor resources from WebCore.framework
        https://bugs.webkit.org/show_bug.cgi?id=145555

        Reviewed by Darin Adler.

        Re-added the cursor resources used by Max.app and ran sort-Xcode-project-file.

        * Resources/copyCursor.png: Added.
        * Resources/moveCursor.png: Added.
        * Resources/northEastSouthWestResizeCursor.png: Added.
        * Resources/northSouthResizeCursor.png: Added.
        * Resources/northWestSouthEastResizeCursor.png: Added.
        * WebCore.xcodeproj/project.pbxproj:

2015-06-02  Brady Eidson  <beidson@apple.com>

        WebKit policy delegate should suggest if a navigation should be allowed to open URLs externally.
        rdar://problem/21025301 and https://bugs.webkit.org/show_bug.cgi?id=145280

        Reviewed by Alex Christensen.

        Tests: loader/navigation-policy/should-open-external-urls/main-frame-click.html
               loader/navigation-policy/should-open-external-urls/main-frame-navigated-programatically-by-subframe.html
               loader/navigation-policy/should-open-external-urls/main-frame-with-flag-progamatic.html
               loader/navigation-policy/should-open-external-urls/main-frame-without-flag-programatic.html
               loader/navigation-policy/should-open-external-urls/subframe-click-target-self.html
               loader/navigation-policy/should-open-external-urls/subframe-click-target-top.html
               loader/navigation-policy/should-open-external-urls/user-gesture-target-blank-with-flag-from-subframe.html
               loader/navigation-policy/should-open-external-urls/user-gesture-target-blank-with-flag.html
               loader/navigation-policy/should-open-external-urls/user-gesture-target-blank-without-flag-from-subframe.html
               loader/navigation-policy/should-open-external-urls/user-gesture-target-blank-without-flag.html
               loader/navigation-policy/should-open-external-urls/user-gesture-window-open-with-flag-from-subframe.html
               loader/navigation-policy/should-open-external-urls/user-gesture-window-open-with-flag.html
               loader/navigation-policy/should-open-external-urls/user-gesture-window-open-without-flag-from-subframe.html
               loader/navigation-policy/should-open-external-urls/user-gesture-window-open-without-flag.html
               loader/navigation-policy/should-open-external-urls/window-open-with-flag-from-subframe.html
               loader/navigation-policy/should-open-external-urls/window-open-with-flag.html
               loader/navigation-policy/should-open-external-urls/window-open-without-flag-from-subframe.html
               loader/navigation-policy/should-open-external-urls/window-open-without-flag.html

        The "should open external URLs" flag is only for main frames.
        It doesn't enforce any sort of policy internal to WebKit, but rather is for notifications to the policy delegate.
        
        It is set from one of two places:
        1 - A main frame is navigated by any frame as the result of a user gesture.
        2 - WebKit2 API explicitly states the flag is true.
        
        The flag value propagates when:
        1 - When a main frame document is navigated to a new main frame document.
        2 - When a new window is opened from a page whose main frame had the flag set.
        3 - When a new window is opened as the result of a user gesture.
        
        The flag resets to false when:
        1 - A subframe navigates a main frame without a user gesture.
        
        This patch is large, but does little more than the following:
        1 - Adds a ShouldOpenExternalURLs flag to both FrameLoadRequest and NavigationAction.
        2 - Makes sure anybody who creates either of those objects sets a sensible for that flag.
        3 - When FrameLoader creates a new DocumentLoader, it sets its flag based on whether or not the load is in a main frame,
            whether or not the load is from a user gesture, and based on the initiator's value of the flag. 
            
        * dom/Document.cpp:
        (WebCore::Document::processHttpEquiv):
        (WebCore::Document::shouldOpenExternalURLsPolicyToPropagate):
        * dom/Document.h:
        
        * html/HTMLAnchorElement.cpp:
        (WebCore::HTMLAnchorElement::handleClick):
        
        * html/HTMLLinkElement.cpp:
        (WebCore::HTMLLinkElement::handleClick):
        
        * html/parser/XSSAuditorDelegate.cpp:
        (WebCore::XSSAuditorDelegate::didBlockScript):
        
        * inspector/InspectorFrontendClientLocal.cpp:
        (WebCore::InspectorFrontendClientLocal::openInNewTab):
        
        * inspector/InspectorPageAgent.cpp:
        (WebCore::InspectorPageAgent::navigate):
        
        * loader/DocumentLoader.cpp:
        (WebCore::DocumentLoader::setTriggeringAction):
        (WebCore::DocumentLoader::shouldOpenExternalURLsPolicyToPropagate):
        * loader/DocumentLoader.h:
        (WebCore::DocumentLoader::shouldOpenExternalURLsPolicy): Deleted.
        
        * loader/FrameLoadRequest.cpp:
        (WebCore::FrameLoadRequest::FrameLoadRequest):
        * loader/FrameLoadRequest.h:
        (WebCore::FrameLoadRequest::FrameLoadRequest):
        
        * loader/FrameLoader.cpp:
        (WebCore::FrameLoader::urlSelected):
        (WebCore::FrameLoader::receivedFirstData):
        (WebCore::FrameLoader::loadURLIntoChildFrame):
        (WebCore::FrameLoader::loadURL):
        (WebCore::FrameLoader::load):
        (WebCore::FrameLoader::loadWithNavigationAction):
        (WebCore::FrameLoader::reloadWithOverrideEncoding):
        (WebCore::FrameLoader::reload):
        (WebCore::FrameLoader::loadPostRequest):
        (WebCore::FrameLoader::continueLoadAfterNewWindowPolicy):
        (WebCore::FrameLoader::applyShouldOpenExternalURLsPolicyToNewDocumentLoader):
        * loader/FrameLoader.h:
        
        * loader/NavigationAction.cpp:
        (WebCore::NavigationAction::NavigationAction):
        (WebCore::NavigationAction::copyWithShouldOpenExternalURLsPolicy):
        * loader/NavigationAction.h:
        (WebCore::NavigationAction::setShouldOpenExternalURLsPolicy): Deleted.
        
        * loader/NavigationScheduler.cpp:
        (WebCore::ScheduledURLNavigation::ScheduledURLNavigation):
        (WebCore::ScheduledRedirect::ScheduledRedirect):
        (WebCore::ScheduledLocationChange::ScheduledLocationChange):
        (WebCore::ScheduledRefresh::ScheduledRefresh):
        (WebCore::ScheduledFormSubmission::ScheduledFormSubmission):
        (WebCore::NavigationScheduler::scheduleRedirect):
        (WebCore::NavigationScheduler::scheduleLocationChange):
        (WebCore::NavigationScheduler::scheduleRefresh):
        * loader/NavigationScheduler.h:
        
        * loader/PolicyChecker.cpp:
        (WebCore::PolicyChecker::checkNavigationPolicy):
        
        * loader/SubframeLoader.cpp:
        (WebCore::SubframeLoader::loadOrRedirectSubframe):
        
        * loader/appcache/ApplicationCacheGroup.cpp:
        (WebCore::ApplicationCacheGroup::selectCache):
        
        * page/ContextMenuController.cpp:
        (WebCore::openNewWindow):
        (WebCore::ContextMenuController::contextMenuItemSelected):
        
        * page/DOMWindow.cpp:
        (WebCore::DOMWindow::setLocation):
        (WebCore::DOMWindow::createWindow):
        (WebCore::DOMWindow::open):
        
        * page/DragController.cpp:
        (WebCore::DragController::performDragOperation):
        
        * page/Location.cpp:
        (WebCore::Location::reload):
        
        * replay/ReplayInputDispatchMethods.cpp:
        (WebCore::InitialNavigation::dispatch):
        
        * svg/SVGAElement.cpp:
        (WebCore::SVGAElement::defaultEventHandler):

2015-06-02  Yusuke Suzuki  <utatane.tea@gmail.com>

        Heap-use-after-free read of size 4 in JavaScriptCore: WTF::StringImpl::isSymbol() (StringImpl.h:496)
        https://bugs.webkit.org/show_bug.cgi?id=145532

        Reviewed by Geoffrey Garen.

        Hold the ownership of AtomicStringImpl*.

        * bindings/scripts/CodeGeneratorJS.pm:
        (GenerateParametersCheck):
        * dom/TreeScope.cpp:
        (WebCore::TreeScope::getElementById):

2015-06-02  Youenn Fablet  <youenn.fablet@crf.canon.fr>

        SharedBuffer::copy should return a Ref<SharedBuffer>
        https://bugs.webkit.org/show_bug.cgi?id=145499

        Reviewed by Andreas Kling.

        Changing SharedBuffer::copy to return a Ref<> and adapting some code accordingly.

        Covered by existing tests.

        * loader/SubresourceLoader.cpp:
        (WebCore::SubresourceLoader::didReceiveResponse):
        * loader/appcache/ApplicationCacheResource.cpp:
        (WebCore::ApplicationCacheResource::deliver):
        * platform/SharedBuffer.cpp:
        (WebCore::SharedBuffer::copy):
        * platform/SharedBuffer.h:

2015-06-01  Hunseop Jeong  <hs85.jeong@samsung.com>

        Use modern for-loops in WebCore/Modules - 1