IndexedDB 2.0: REGRESSION(r208467) Fix flaky crashes in IDB GC-related code.
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2016-11-10  Brady Eidson  <beidson@apple.com>
2
3         IndexedDB 2.0: REGRESSION(r208467) Fix flaky crashes in IDB GC-related code.
4         https://bugs.webkit.org/show_bug.cgi?id=164596
5
6         Reviewed by Eric Carlson.
7
8         No new tests (Covered by existing tests).
9
10         We can't just WTFMove the pointers from the deleted-IDBObject maps...
11         We need to remove the entries, too.
12
13         * Modules/indexeddb/IDBObjectStore.cpp:
14         (WebCore::IDBObjectStore::rollbackForVersionChangeAbort):
15
16         * Modules/indexeddb/IDBTransaction.cpp:
17         (WebCore::IDBTransaction::internalAbort):
18
19 2016-11-10  Youenn Fablet  <youennf@gmail.com>
20
21         MediaStreamTrack should use more Ref<> and less RefPtr<>
22         https://bugs.webkit.org/show_bug.cgi?id=164560
23
24         Reviewed by Eric Carlson.
25
26         No change of behavior.
27
28         Make MediaStreamTrack take a Ref<>& instead of a reference.
29         Using Ref<>&& instead of RefPtr<>&& in MediaStreamTrackPrivate.
30         Updating constness of some methods accordingly.
31
32         * Modules/mediastream/MediaEndpointPeerConnection.cpp:
33         (WebCore::MediaEndpointPeerConnection::createReceiver):
34         * Modules/mediastream/MediaStreamTrack.cpp:
35         (WebCore::MediaStreamTrack::create):
36         (WebCore::MediaStreamTrack::MediaStreamTrack):
37         (WebCore::MediaStreamTrack::clone):
38         * Modules/mediastream/MediaStreamTrack.h:
39         * Modules/webaudio/MediaStreamAudioSource.cpp:
40         (WebCore::MediaStreamAudioSource::capabilities):
41         (WebCore::MediaStreamAudioSource::settings):
42         * Modules/webaudio/MediaStreamAudioSource.h:
43         * platform/mediastream/MediaEndpoint.cpp:
44         * platform/mediastream/MediaStreamPrivate.cpp:
45         (WebCore::MediaStreamPrivate::create):
46         * platform/mediastream/MediaStreamTrackPrivate.cpp:
47         (WebCore::MediaStreamTrackPrivate::create):
48         (WebCore::MediaStreamTrackPrivate::MediaStreamTrackPrivate):
49         (WebCore::MediaStreamTrackPrivate::clone):
50         * platform/mediastream/MediaStreamTrackPrivate.h:
51         (WebCore::MediaStreamTrackPrivate::setMuted):
52         (WebCore::MediaStreamTrackPrivate::source):
53         * platform/mediastream/RealtimeMediaSource.h:
54         * platform/mediastream/mac/AVMediaCaptureSource.h:
55         * platform/mediastream/mac/AVMediaCaptureSource.mm:
56         (WebCore::AVMediaCaptureSource::initializeSettings):
57         (WebCore::AVMediaCaptureSource::settings):
58         (WebCore::AVMediaCaptureSource::initializeCapabilities):
59         (WebCore::AVMediaCaptureSource::capabilities):
60         * platform/mediastream/openwebrtc/RealtimeMediaSourceOwr.h:
61         (WebCore::RealtimeMediaSourceOwr::capabilities):
62         (WebCore::RealtimeMediaSourceOwr::settings):
63         * platform/mock/MockRealtimeMediaSource.cpp:
64         (WebCore::MockRealtimeMediaSource::initializeCapabilities):
65         (WebCore::MockRealtimeMediaSource::capabilities):
66         (WebCore::MockRealtimeMediaSource::initializeSettings):
67         (WebCore::MockRealtimeMediaSource::settings):
68         * platform/mock/MockRealtimeMediaSource.h:
69
70 2016-11-10  Per Arne Vollan  <pvollan@apple.com>
71
72         [Win32] Crash in layout tests.
73         https://bugs.webkit.org/show_bug.cgi?id=164411
74
75         Reviewed by Mark Lam.
76
77         Use the calling convention expected by the callers of the generated functions.
78
79         * bindings/scripts/CodeGeneratorJS.pm:
80         (GenerateImplementation):
81         * bindings/scripts/test/JS/JSTestDOMJIT.cpp:
82         (WebCore::unsafeJsTestDOMJITPrototypeFunctionGetAttribute):
83         (WebCore::unsafeJsTestDOMJITPrototypeFunctionItem):
84         (WebCore::unsafeJsTestDOMJITPrototypeFunctionHasAttribute):
85         (WebCore::unsafeJsTestDOMJITPrototypeFunctionGetElementById):
86         (WebCore::unsafeJsTestDOMJITPrototypeFunctionGetElementsByName):
87
88 2016-11-10  Aaron Chu  <aaron_chu@apple.com>
89
90         Web Inspector: AXI: clarify button roles (e.g. toggle or popup button)
91         https://bugs.webkit.org/show_bug.cgi?id=130726
92         <rdar://problem/16420420>
93
94         Reviewed by Brian Burg.
95
96         Test: accessibility/ax-differentiate-button-types.html
97
98         Added special case logic to make sure PopUpButtonRole and ToggleButtonRole to user ButtonRole as role.
99         Added an "isPopUpButton" property to be exposed to the Inspector's use.
100
101         * accessibility/AccessibilityObject.cpp:
102         (WebCore::AccessibilityObject::computedRoleString):
103         * inspector/InspectorDOMAgent.cpp:
104         (WebCore::InspectorDOMAgent::buildObjectForAccessibilityProperties):
105
106 2016-11-10  Zan Dobersek  <zdobersek@igalia.com>
107
108         [EME] Add no-op Web-facing APIs
109         https://bugs.webkit.org/show_bug.cgi?id=164028
110
111         Reviewed by Jer Noble.
112
113         Add no-op implementation of the Web-facing APIs as defined in
114         the EME specification. This will be the basis for implementing
115         the various algorithms the same specification defines, and for
116         implementing the relevant platform abstractions.
117
118         Dictionaries and enumerations defined by the specification are
119         defined in separate headers, and not in the implementation files
120         for the class where they are used. This will ease their use
121         across different implementation files.
122
123         BufferSource now exposes the Variant object it holds. This is
124         needed to support the iterable property on the MediaKeyStatusMap
125         class.
126
127         CodeGeneratorJS is fixed to support JS-to-native conversion of
128         sequences of dictionaries.
129
130         * CMakeLists.txt:
131         * DerivedSources.cpp:
132         * DerivedSources.make:
133         * Modules/encryptedmedia/MediaKeyMessageEvent.cpp: Added.
134         (WebCore::MediaKeyMessageEvent::MediaKeyMessageEvent):
135         (WebCore::MediaKeyMessageEvent::eventInterface):
136         * Modules/encryptedmedia/MediaKeyMessageEvent.h: Added.
137         * Modules/encryptedmedia/MediaKeyMessageEvent.idl: Added.
138         * Modules/encryptedmedia/MediaKeyMessageEventInit.h: Added.
139         (WebCore::MediaKeyMessageEventInit::MediaKeyMessageEventInit):
140         * Modules/encryptedmedia/MediaKeyMessageType.h: Added.
141         * Modules/encryptedmedia/MediaKeySession.cpp: Added.
142         (WebCore::MediaKeySession::create):
143         (WebCore::MediaKeySession::MediaKeySession):
144         (WebCore::MediaKeySession::sessionId):
145         (WebCore::MediaKeySession::expiration):
146         (WebCore::MediaKeySession::keyStatuses):
147         (WebCore::MediaKeySession::generateRequest):
148         (WebCore::MediaKeySession::load):
149         (WebCore::MediaKeySession::update):
150         (WebCore::MediaKeySession::close):
151         (WebCore::MediaKeySession::remove):
152         (WebCore::MediaKeySession::hasPendingActivity):
153         (WebCore::MediaKeySession::activeDOMObjectName):
154         (WebCore::MediaKeySession::canSuspendForDocumentSuspension):
155         (WebCore::MediaKeySession::stop):
156         * Modules/encryptedmedia/MediaKeySession.h: Added.
157         * Modules/encryptedmedia/MediaKeySession.idl: Added.
158         * Modules/encryptedmedia/MediaKeySessionType.h: Added.
159         * Modules/encryptedmedia/MediaKeyStatus.h: Added.
160         * Modules/encryptedmedia/MediaKeyStatusMap.cpp: Added.
161         (WebCore::MediaKeyStatusMap::size):
162         (WebCore::MediaKeyStatusMap::has):
163         (WebCore::MediaKeyStatusMap::get):
164         (WebCore::MediaKeyStatusMap::Iterator::Iterator):
165         (WebCore::MediaKeyStatusMap::Iterator::next):
166         * Modules/encryptedmedia/MediaKeyStatusMap.h: Added.
167         (WebCore::MediaKeyStatusMap::create):
168         (WebCore::MediaKeyStatusMap::createIterator):
169         * Modules/encryptedmedia/MediaKeyStatusMap.idl: Added.
170         * Modules/encryptedmedia/MediaKeySystemAccess.cpp: Added.
171         (WebCore::MediaKeySystemAccess::keySystem):
172         (WebCore::MediaKeySystemAccess::getConfiguration):
173         (WebCore::MediaKeySystemAccess::createMediaKeys):
174         * Modules/encryptedmedia/MediaKeySystemAccess.h: Added.
175         (WebCore::MediaKeySystemAccess::create):
176         * Modules/encryptedmedia/MediaKeySystemAccess.idl: Added.
177         * Modules/encryptedmedia/MediaKeySystemConfiguration.h: Added.
178         * Modules/encryptedmedia/MediaKeySystemConfiguration.idl: Added.
179         * Modules/encryptedmedia/MediaKeySystemMediaCapability.h: Added.
180         * Modules/encryptedmedia/MediaKeySystemMediaCapability.idl: Added.
181         * Modules/encryptedmedia/MediaKeys.cpp: Added.
182         (WebCore::MediaKeys::createSession):
183         (WebCore::MediaKeys::setServerCertificate):
184         * Modules/encryptedmedia/MediaKeys.h: Added.
185         (WebCore::MediaKeys::create):
186         * Modules/encryptedmedia/MediaKeys.idl: Added.
187         * Modules/encryptedmedia/MediaKeysRequirement.h: Added.
188         * Modules/encryptedmedia/NavigatorEME.cpp: Added.
189         (WebCore::NavigatorEME::requestMediaKeySystemAccess):
190         * Modules/encryptedmedia/NavigatorEME.h: Added.
191         * Modules/encryptedmedia/NavigatorEME.idl: Added.
192         * WebCore.xcodeproj/project.pbxproj:
193         * bindings/js/BufferSource.h:
194         (WebCore::BufferSource::BufferSource):
195         (WebCore::BufferSource::variant):
196         * bindings/js/JSMediaKeySessionCustom.cpp: Added.
197         (WebCore::JSMediaKeySession::closed):
198         * bindings/js/JSMediaKeySystemAccessCustom.cpp: Added.
199         (WebCore::JSMediaKeySystemAccess::getConfiguration):
200         * bindings/scripts/CodeGeneratorJS.pm:
201         (GetNativeVectorInnerType):
202         * dom/EventNames.h:
203         * dom/EventNames.in:
204         * dom/EventTargetFactory.in:
205         * html/HTMLMediaElement.cpp:
206         (WebCore::HTMLMediaElement::mediaKeys):
207         (WebCore::HTMLMediaElement::setMediaKeys):
208         * html/HTMLMediaElement.h:
209         * html/HTMLMediaElement.idl:
210         * html/MediaEncryptedEvent.cpp: Added.
211         (WebCore::MediaEncryptedEvent::MediaEncryptedEvent):
212         (WebCore::MediaEncryptedEvent::eventInterface):
213         (WebCore::MediaEncryptedEvent::initDataType):
214         (WebCore::MediaEncryptedEvent::initData):
215         * html/MediaEncryptedEvent.h: Added.
216         * html/MediaEncryptedEvent.idl: Added.
217         * html/MediaEncryptedEventInit.h: Added.
218         (WebCore::MediaEncryptedEventInit::MediaEncryptedEventInit):
219
220 2016-11-10  Antoine Quint  <graouts@apple.com>
221
222         [Modern Media Controls] Media Controller: update controls based on fullscreen playback on macOS
223         https://bugs.webkit.org/show_bug.cgi?id=164554
224         <rdar://problem/29183439>
225
226         Reviewed by Dean Jackson.
227
228         When toggling fullscreen on macOS, toggle between MacOSInlineMediaControls and MacOSFullscreenMediaControls.
229         To facilitate this, support objects are created and destroyed when changing the controls in order for the
230         right control objects to be hooked up to the media controller. A new destroy() method on MediaControllerSupport
231         subclasses can be overridden to remove event listeners added by support objects in their constructor.
232
233         Test: media/modern-media-controls/media-controller/media-controller-fullscreen-change.html
234
235         * Modules/modern-media-controls/media/fullscreen-support.js:
236         (FullscreenSupport.prototype.destroy):
237         * Modules/modern-media-controls/media/media-controller-support.js:
238         (MediaControllerSupport.prototype.destroy):
239         * Modules/modern-media-controls/media/media-controller.js:
240         (MediaController):
241         (MediaController.prototype.get layoutTraits):
242         (MediaController.prototype.handleEvent):
243         (MediaController.prototype._updateControlsIfNeeded):
244         (MediaController.prototype._controlsClass):
245
246 2016-11-10  Carlos Garcia Campos  <cgarcia@igalia.com>
247
248         [Linux] Memory values shown by memory pressure handler logger are not useful
249         https://bugs.webkit.org/show_bug.cgi?id=164589
250
251         Reviewed by Michael Catanzaro.
252
253         We are currently using the VmSize field from /proc/self/status which is the virtual memory size of the process
254         and doesn't normally change even when the memory pressure handler manages to release memory. So, most of the
255         time we see that there's no changes in memory usage in the logs.
256         We should use the actual memory used by the process, memory that the process can release and then it's relevant
257         for the memory pressure handler. Using other fields from /proc/self/status we could do something like VmRSS -
258         (RssFile + RssShme), but there's also /proc/self/statm that provides the same information in a single. The main
259         different is that statm provides both resident and shared memory directly, but in number of pages, so we need to
260         multiply by the size of the page.
261         This patch adds a method to parse /proc/self/statm in its given file, because I plan to use this for the linux
262         memory sampler that is incorrectly parsing /proc/self/statm.
263
264         * platform/Linux.cmake: Add new files to compilation.
265         * platform/linux/CurrentProcessMemoryStatus.cpp: Added.
266         (WebCore::systemPageSize): Return the page size.
267         (WebCore::currentProcessMemoryStatus): Parse /proc/self/statm and fill the given ProcessMemoryStatus.
268         * platform/linux/CurrentProcessMemoryStatus.h: Added.
269         * platform/linux/MemoryPressureHandlerLinux.cpp:
270         (WebCore::MemoryPressureHandler::processMemoryUsage(): Helper function to return the memory used by the process
271         in bytes.
272         (WebCore::MemoryPressureHandler::ReliefLogger::platformMemoryUsage): Use processMemoryUsage().
273
274 2016-10-14  Carlos Garcia Campos  <cgarcia@igalia.com>
275
276         MemoryPressureHandler shouldn't know how to release WebCore memory
277         https://bugs.webkit.org/show_bug.cgi?id=160497
278
279         Reviewed by Michael Catanzaro.
280
281         All processes should set their own low memory handler, instead of leaving the web process using the default one
282         that needs to access APIs that are not in platform layer. This patch fixes all the layering violations in the
283         MemoryPressureHandler. Since the default implementation, that releases the WebCore memory, is shared by the
284         WebProcess in WebKit2 and WebKit1 ports, it has been moved to its own file to the WebCore layer.
285
286         * CMakeLists.txt: Add new files to compilation.
287         * PlatformMac.cmake: Ditto.
288         * WebCore.xcodeproj/project.pbxproj: Ditto.
289         * loader/FrameLoader.cpp:
290         (WebCore::FrameLoader::commitProvisionalLoad): Use WebCore::jettisonExpensiveObjectsOnTopLevelNavigation().
291         * page/MemoryRelease.cpp: Added.
292         (WebCore::releaseNoncriticalMemory):
293         (WebCore::releaseCriticalMemory):
294         (WebCore::releaseMemory):
295         (WebCore::platformReleaseMemory):
296         (WebCore::jettisonExpensiveObjectsOnTopLevelNavigation):
297         (WebCore::registerMemoryReleaseNotifyCallbacks):
298         * page/MemoryRelease.h: Added.
299         * page/cocoa/MemoryReleaseCocoa.mm: Added.
300         (WebCore::platformReleaseMemory):
301         (WebCore::jettisonExpensiveObjectsOnTopLevelNavigation):
302         (WebCore::registerMemoryReleaseNotifyCallbacks):
303         * platform/MemoryPressureHandler.cpp:
304         (WebCore::MemoryPressureHandler::MemoryPressureHandler):
305         (WebCore::MemoryPressureHandler::beginSimulatedMemoryPressure):
306         (WebCore::MemoryPressureHandler::releaseMemory): Use the current handler if it has been set.
307         (WebCore::MemoryPressureHandler::platformReleaseMemory): Deleted.
308         * platform/MemoryPressureHandler.h:
309         (WebCore::MemoryPressureHandler::setLowMemoryHandler):
310         (WebCore::MemoryPressureHandler::m_releaseMemoryBlock):
311         * platform/cocoa/MemoryPressureHandlerCocoa.mm:
312         (WebCore::MemoryPressureHandler::respondToMemoryPressure): Call releaseMemory() instead of using the handler directly.
313         (WebCore::MemoryPressureHandler::platformReleaseMemory): Deleted.
314         * platform/linux/MemoryPressureHandlerLinux.cpp:
315         * platform/win/MemoryPressureHandlerWin.cpp:
316         (WebCore::MemoryPressureHandler::respondToMemoryPressure): Call releaseMemory() instead of using the handler directly.
317
318 2016-11-08  Sergio Villar Senin  <svillar@igalia.com>
319
320         [css-grid] Fix fr tracks sizing under min|max-size constraints
321         https://bugs.webkit.org/show_bug.cgi?id=150674
322
323         Reviewed by Darin Adler.
324
325         The min|max-sizes must be used to compute the flex fraction for indefinite free
326         spaces. According to the spec "If using this flex fraction would cause the grid to be
327         smaller than the grid container’s min-width/height (or larger than the grid container’s
328         max-width/height), then redo this step, treating the free space as definite and the
329         available grid space as equal to the grid container’s content box size when it’s sized to
330         its min-width/height (max-width/height)."
331
332         This only affects indefinite heights because during layout both definite sizes and any kind
333         of widths are properly constrained by min|max-width restrictions.
334
335         Tests: fast/css-grid-layout/flex-sizing-columns-min-max-width.html
336                fast/css-grid-layout/flex-sizing-rows-min-max-height.html
337
338         * rendering/RenderGrid.cpp:
339         (WebCore::RenderGrid::computeUsedBreadthOfGridTracks):
340         (WebCore::RenderGrid::computeFlexSizedTracksGrowth):
341         * rendering/RenderGrid.h:
342
343 2016-11-10  Alejandro G. Castro  <alex@igalia.com>
344
345         [WebRTC] [OpenWebRTC] RTX default parameters broken after r207952
346         https://bugs.webkit.org/show_bug.cgi?id=164541
347
348         Reviewed by Philippe Normand.
349
350         Fixed typo in refactoring.
351
352         * platform/mediastream/openwebrtc/MediaEndpointOwr.cpp:
353         (WebCore::MediaEndpointOwr::getDefaultVideoPayloads):
354
355 2016-11-08  Philippe Normand  <pnormand@igalia.com>
356
357         [WebRTC] white-list turns urls from the RTCConfiguration
358         https://bugs.webkit.org/show_bug.cgi?id=164506
359
360         Reviewed by Alejandro G. Castro.
361
362         * Modules/mediastream/RTCConfiguration.cpp:
363         (WebCore::validateIceServerURL): Add the turns URL scheme to the
364         list of supported relay and signaling server protocols.
365
366 2016-11-09  Joseph Pecoraro  <pecoraro@apple.com>
367
368         Web Inspector: DebuggerManager.Event.Resumed introduces test flakiness
369         https://bugs.webkit.org/show_bug.cgi?id=161951
370         <rdar://problem/28295767>
371
372         Reviewed by Brian Burg.
373
374         Covered by existing tests that would ASSERT otherwise.
375
376         * inspector/InspectorClient.cpp:
377         (WebCore::InspectorClient::doDispatchMessageOnFrontendPage):
378         When paused on an exception in the inspected page and evaluating
379         commands in the inspector frontend page (which evaluates JavaScript)
380         we ASSERT when entering the Global DOM VM with an existing exception.
381         This makes it so when we evaluate JavaScript in the frontend we
382         suspend / ignore the state of the VM for the inspected page, and
383         restore it when we return from the inspector.
384
385 2016-11-09  Joseph Pecoraro  <pecoraro@apple.com>
386
387         Web Inspector: Associate Worker Resources with the Worker and not the Page
388         https://bugs.webkit.org/show_bug.cgi?id=164342
389         <rdar://problem/29075775>
390
391         Reviewed by Timothy Hatcher.
392
393         Test: inspector/worker/resources-in-worker.html
394
395         Provide a way to associate an initiator identifier with a ResourceRequest.
396         This will allow Web Inspector to identify who started particular resource
397         loads. This is important to associate Worker(...), importScript(...), and
398         XMLHttpRequest / Fetch loads with that specific Worker.
399
400         * platform/network/ResourceRequestBase.cpp:
401         (WebCore::ResourceRequestBase::setAsIsolatedCopy):
402         * platform/network/ResourceRequestBase.h:
403         (WebCore::ResourceRequestBase::initiatorIdentifier):
404         (WebCore::ResourceRequestBase::setInitiatorIdentifier):
405         Optional initiator identifier. Currently used only be Web Inspector.
406
407         * dom/ScriptExecutionContext.h:
408         (WebCore::ScriptExecutionContext::resourceRequestIdentifier):
409         Non-page execution contexts, like WorkerGlobalScope, should provide
410         a unique identifier that may be used to distinguish loads initiated
411         from within that context.
412
413         * xml/XMLHttpRequest.cpp:
414         (WebCore::XMLHttpRequest::createRequest):
415         * Modules/fetch/FetchLoader.cpp:
416         (WebCore::FetchLoader::start):
417         * Modules/fetch/FetchRequest.cpp:
418         (WebCore::FetchRequest::initializeWith):
419         XHR / Fetch loads should include the ScriptExecutionContext's
420         initiator identifier.
421
422         * workers/WorkerScriptLoader.cpp:
423         (WebCore::WorkerScriptLoader::WorkerScriptLoader):
424         (WebCore::WorkerScriptLoader::loadSynchronously):
425         (WebCore::WorkerScriptLoader::loadAsynchronously):
426         (WebCore::WorkerScriptLoader::createResourceRequest):
427         * workers/WorkerScriptLoader.h:
428         Provide a way to provide initiator identifier information for
429         Worker script loads. Currently this is `new Worker(...)` and
430         `importScripts(...)` resource loads.
431
432         * workers/Worker.cpp:
433         (WebCore::Worker::Worker):
434         (WebCore::Worker::create):
435         * workers/Worker.h:
436         * workers/WorkerGlobalScope.cpp:
437         (WebCore::WorkerGlobalScope::WorkerGlobalScope):
438         (WebCore::WorkerGlobalScope::importScripts):
439         * workers/WorkerGlobalScope.h:
440         Give Worker itself the unique identifier, because `new Worker(...)`
441         loads happen before the WorkerGlobalScript (ScriptExecutionContext)
442         is actually created, but we want to associate it with this Worker.
443
444         * workers/DedicatedWorkerGlobalScope.cpp:
445         (WebCore::DedicatedWorkerGlobalScope::create):
446         (WebCore::DedicatedWorkerGlobalScope::DedicatedWorkerGlobalScope):
447         * workers/DedicatedWorkerGlobalScope.h:
448         * workers/DedicatedWorkerThread.cpp:
449         (WebCore::DedicatedWorkerThread::DedicatedWorkerThread):
450         (WebCore::DedicatedWorkerThread::createWorkerGlobalScope):
451         * workers/DedicatedWorkerThread.h:
452         * workers/WorkerInspectorProxy.cpp:
453         (WebCore::WorkerInspectorProxy::WorkerInspectorProxy):
454         * workers/WorkerInspectorProxy.h:
455         * workers/WorkerMessagingProxy.cpp:
456         (WebCore::WorkerMessagingProxy::WorkerMessagingProxy):
457         (WebCore::WorkerMessagingProxy::startWorkerGlobalScope):
458         * workers/WorkerThread.cpp:
459         (WebCore::WorkerThreadStartupData::WorkerThreadStartupData):
460         (WebCore::WorkerThread::WorkerThread):
461         (WebCore::WorkerThread::workerThread):
462         * workers/WorkerThread.h:
463         Pass the MainThread's Worker identifier through to the WorkerGlobalScope
464         created on the WorkerThread. They should be the same identifier.
465
466         * inspector/InspectorNetworkAgent.cpp:
467         (WebCore::InspectorNetworkAgent::willSendRequest):
468         * inspector/InspectorPageAgent.cpp:
469         (WebCore::InspectorPageAgent::buildObjectForFrameTree):
470         Pass the initiator identifier data to the frontend. This identifier is
471         equivalent to a "target identifier" in the frontend. Currently the only
472         non-Page targets are Workers.
473
474         * loader/cache/CachedResourceLoader.cpp:
475         (WebCore::CachedResourceLoader::shouldContinueAfterNotifyingLoadedFromMemoryCache):
476         When using the memory cache we create a new resource request. Be sure
477         to copy over useful inspector data, like the initiator identifier,
478         from the original request.
479
480         * platform/network/cf/ResourceRequestCFNet.cpp:
481         (WebCore::ResourceRequest::updateFromDelegatePreservingOldProperties):
482         When rebuilding a ResourceRequest from NSURLRequest, copy over the
483         initiator identifier property that wouldn't otherwise have survived
484         the transition.
485
486 2016-11-09  Brady Eidson  <beidson@apple.com>
487
488         IndexedDB 2.0: Clean up some exception ordering.
489         https://bugs.webkit.org/show_bug.cgi?id=164566
490
491         Reviewed by Alex Christensen.
492
493         No new tests (Covered by existing tests).
494
495         * Modules/indexeddb/IDBCursor.cpp:
496         (WebCore::IDBCursor::advance):
497         (WebCore::IDBCursor::continueFunction):
498
499         * Modules/indexeddb/IDBObjectStore.cpp:
500         (WebCore::IDBObjectStore::createIndex):
501
502 2016-11-09  Alex Christensen  <achristensen@webkit.org>
503
504         Unreviewed, rolling out r208438.
505
506         crashes
507
508         Reverted changeset:
509
510         "[WK2][NETWORK_SESSION] Add support for downloading file
511         backed blobs"
512         https://bugs.webkit.org/show_bug.cgi?id=164458
513         http://trac.webkit.org/changeset/208438
514
515 2016-11-09  Said Abou-Hallawa  <sabouhallawa@apple.com>
516
517         Change the decoding for some animated images to be asynchronous
518         https://bugs.webkit.org/show_bug.cgi?id=161566
519
520         Reviewed by Simon Fraser.
521
522         Tests: fast/images/slower-animation-than-decoding-image.html
523                fast/images/slower-decoding-than-animation-image.html
524                fast/images/stopped-animation-deleted-image.html
525                
526         Request the next frame before firing the animation timer. The asynchronous
527         image decoding work queue notifies the BitmapImage when the frame finishes
528         decoding. If the timer fires before the frame is decoded, no repaint will
529         be requested. Only when the image frame is ready, the animation will be
530         advanced and the image will be repainted.
531
532         * loader/cache/CachedImage.cpp:
533         (WebCore::CachedImage::load): Cache the image settings in CachedImage.
534         (WebCore::CachedImage::createImage): No need to pass allowSubsampling to BitmapImage. It can be retrieved through Image::imageObserver().
535         (WebCore::CachedImage::changedInRect): Change the parameter to notifyObservers() to be a pointer.
536         * loader/cache/CachedImage.h: Cache the settings: allowSubsampling, allowAsyncImageDecoding and showDebugBackground through m_loader.
537         * platform/graphics/BitmapImage.cpp:
538         (WebCore::BitmapImage::dataChanged): Fix a logging message.
539         (WebCore::BitmapImage::draw): Store the current SubsamplingLevel to be used when requesting decoding the image of the next frame.
540         Draw a debug rectangle if the next frame is missed because it is being decoded and the setting showDebugBackground is on.
541         (WebCore::BitmapImage::startAnimation): Deleted. Moved to the header file.
542         (WebCore::BitmapImage::internalStartAnimation): Added. Request asynchronous image decoding for the next frame if required. Return the
543         result of starting the animation.
544         (WebCore::BitmapImage::advanceAnimation): Call internalAdvanceAnimation() if the frame image is not being decoded. If it is being decoded
545         and the setting showDebugBackground is on, force repaint so the debug rectangle is drawn.
546         (WebCore::BitmapImage::internalAdvanceAnimation): This is the old body of advanceAnimation().
547         (WebCore::BitmapImage::stopAnimation): Stop the asynchronous image decoding if it is started.
548         (WebCore::BitmapImage::newFrameNativeImageAvailableAtIndex): This function is called from the async image decoding work queue when finishing decoding a native image frame.
549         * platform/graphics/BitmapImage.h:
550         (WebCore::BitmapImage::startAnimation): Added. It is now calls internalStartAnimation().
551         * platform/graphics/Color.h: Define a constant for the yellow color.
552         * platform/graphics/ImageFrameCache.cpp:
553         (WebCore::ImageFrameCache::clearMetadata): Delete unreferenced member.
554         (WebCore::ImageFrameCache::requestFrameAsyncDecodingAtIndex): Return true if the frame is requested for async decoding.
555         * platform/graphics/ImageFrameCache.h:
556         * platform/graphics/ImageObserver.h:  Add virtual functions for allowSubsampling, allowAsyncImageDecoding and showDebugBackground.
557         * platform/graphics/ImageSource.cpp:
558         (WebCore::ImageSource::maximumSubsamplingLevel): Move checking allowSubsampling() to the caller BitmapImage::draw().
559         * platform/graphics/ImageSource.h: Remove the setting allowSubsampling(); it can be retrieved from imageObserver().
560         (WebCore::ImageSource::setAllowSubsampling): Deleted.
561         * rendering/RenderImageResource.cpp:
562         (WebCore::RenderImageResource::shutdown): Stop the animation of an image when shutting down the resource.
563         * rendering/RenderImageResourceStyleImage.cpp:
564         (WebCore::RenderImageResourceStyleImage::shutdown): Ditto.
565         svg/graphics/SVGImageClients.h: Change the parameter to ImageObserver::changedInRect() to be a pointer.
566         (WebCore::SVGImageChromeClient::invalidateContentsAndRootView):
567         * testing/Internals.cpp:
568         (WebCore::Internals::setImageFrameDecodingDuration): Sets a fixed frame decoding duration for testing.
569         * testing/Internals.h:
570         * testing/Internals.idl: Adds an internal option for ImageFrameDecodingDuration.
571
572 2016-11-04  Brent Fulgham  <bfulgham@apple.com>
573
574         Local HTML should be blocked from localStorage access unless "Disable Local File Restrictions" is checked
575         https://bugs.webkit.org/show_bug.cgi?id=155185
576         <rdar://problem/11101440>
577
578         Reviewed by Brady Eidson.
579
580         Add a new quirk for localStorage that defaults to 'on'. When active, this quirk says that
581         localStorage access should be granted, without needing to grant universal file access.
582
583         If the quirk is turned off, then localStorage is blocked unless the WebKit client explicitly
584         grants universal file access.
585
586         Tests: storage/domstorage/localstorage/blocked-file-access-permitted-by-quirk.html
587                storage/domstorage/localstorage/blocked-file-access.html
588
589         * dom/Document.cpp:
590         (WebCore::Document::initSecurityContext): Set localStorage quirk mode based on settings.
591         * page/SecurityOrigin.cpp:
592         (WebCore::SecurityOrigin::SecurityOrigin): Use more C++11 initializers.
593         (WebCore::SecurityOrigin::canAccessStorage): If the origin is a local file, and we are NOT in
594         localStorage quirks mode, and we have not been granted universal file access, prevent access
595         to DOM localStorage.
596         (WebCore::SecurityOrigin::setNeedsLocalStorageQuirk): Added.
597         * page/SecurityOrigin.h:
598         (WebCore::SecurityOrigin::needsLocalStorageQuirk): Added.
599         * page/Settings.in:
600         * workers/WorkerGlobalScope.cpp:
601         (WebCore::WorkerGlobalScope::WorkerGlobalScope): Make sure Workers know what the
602         localStorage quirks mode is set to.
603
604 2016-11-09  Alex Christensen  <achristensen@webkit.org>
605
606         URLParser should not consider path of URLs with no host to start at the first slash after the colon
607         https://bugs.webkit.org/show_bug.cgi?id=164555
608
609         Reviewed by Tim Horton.
610
611         When we see a url that is only scheme:// we treated the // as the path.  Firefox did this with unrecognized schemes,
612         but based on https://github.com/whatwg/url/issues/148 they seem willing to change.  We had added similar behavior to
613         URL::parse, and I added this to URLParser in r206783 which this effectively reverts.
614
615         Covered by API and layout tests.
616
617         * platform/URLParser.cpp:
618         (WebCore::URLParser::parse):
619         Don't move m_userStart to m_pathStart back by two when we see an empty host.
620
621 2016-11-09  Alex Christensen  <achristensen@webkit.org>
622
623         Simplify logic of SecurityOrigin::databaseIdentifier
624         https://bugs.webkit.org/show_bug.cgi?id=164565
625
626         Reviewed by Brady Eidson.
627
628         No change in behavior.
629
630         SecurityOrigins with the file scheme need a special database identifier to be backwards-compatible with existing storage.
631         Instead of determining whether this is a file SecurityOrigin at parsing time and only using that information when
632         making the database identifier, just determine whether we need this quirk when making the database identifier.
633         I'm planning to move this logic to SecurityOriginData in another patch.
634
635         * page/SecurityOrigin.cpp:
636         (WebCore::SecurityOrigin::SecurityOrigin):
637         (WebCore::SecurityOrigin::create):
638         (WebCore::SecurityOrigin::databaseIdentifier):
639         * page/SecurityOrigin.h:
640
641 2016-11-09  Jaehun Lim  <ljaehun.lim@samsung.com>
642
643         Unreviewed, build fix after r208460
644
645         isValidColorString() was renamed isValidSimpleColorString().
646
647         * html/ColorInputType.cpp:
648         (WebCore::ColorInputType::suggestions):
649
650 2016-11-09  Anders Carlsson  <andersca@apple.com>
651
652         Fix STP build.
653
654         * WebCorePrefix.h:
655
656 2016-11-09  Simon Fraser  <simon.fraser@apple.com>
657
658         Implement visual-viewport based position:fixed handling for Mac async scrolling
659         https://bugs.webkit.org/show_bug.cgi?id=164495
660
661         Reviewed by Tim Horton.
662
663         Educate the scrolling tree about visual and layout viewports. This is runtime-switchable,
664         so we push the enable flag to via the root state node, then push the layout viewport,
665         and the min/max scroll position that contstrain it, through frame state nodes.
666
667         When a scroll happens, we compute a new layout viewport when the visual viewport hits
668         an edge, and push that down through setScrollLayerPosition() since it's used to position
669         fixed and sticky layers.
670
671         When the main thread gets notified about an async scroll, we set the new layout viewport
672         on the FrameView, but do so in such a way that does not trigger layout. This is OK because
673         we do a RenderLayer update which udpates all the layoutViewport-dependent state, and is
674         necessary to avoid repaints every main thread update.
675
676         The iOS code is made to compile, but not work yet.
677
678         Tests: compositing/tiling/visiblerect-accumulated-offset.html
679                fast/visual-viewport/tiled-drawing/zoomed-fixed-scrolled-down-then-up.html
680                fast/visual-viewport/tiled-drawing/zoomed-fixed-scrolled-down.html
681                fast/visual-viewport/tiled-drawing/zoomed-fixed-scrolling-layers-state.html
682
683         * page/FrameView.cpp:
684         (WebCore::FrameView::setLayoutViewportOrigin):
685         (WebCore::FrameView::updateLayoutViewport):
686         (WebCore::FrameView::visualViewportRect):
687         (WebCore::FrameView::unscaledMinimumScrollPosition):
688         (WebCore::FrameView::scrollPositionChanged):
689         * page/FrameView.h:
690         * page/scrolling/AsyncScrollingCoordinator.cpp:
691         (WebCore::AsyncScrollingCoordinator::frameViewLayoutUpdated):
692         (WebCore::AsyncScrollingCoordinator::requestScrollPositionUpdate):
693         (WebCore::AsyncScrollingCoordinator::scheduleUpdateScrollPositionAfterAsyncScroll):
694         (WebCore::AsyncScrollingCoordinator::updateScrollPositionAfterAsyncScrollTimerFired):
695         (WebCore::AsyncScrollingCoordinator::updateScrollPositionAfterAsyncScroll):
696         (WebCore::AsyncScrollingCoordinator::visualViewportEnabled):
697         * page/scrolling/AsyncScrollingCoordinator.h:
698         (WebCore::AsyncScrollingCoordinator::ScheduledScrollUpdate::ScheduledScrollUpdate):
699         * page/scrolling/ScrollingStateFrameScrollingNode.cpp:
700         (WebCore::ScrollingStateFrameScrollingNode::ScrollingStateFrameScrollingNode):
701         (WebCore::ScrollingStateFrameScrollingNode::setLayoutViewport):
702         (WebCore::ScrollingStateFrameScrollingNode::setMinLayoutViewportOrigin):
703         (WebCore::ScrollingStateFrameScrollingNode::setMaxLayoutViewportOrigin):
704         (WebCore::ScrollingStateFrameScrollingNode::setVisualViewportEnabled):
705         (WebCore::ScrollingStateFrameScrollingNode::dumpProperties):
706         * page/scrolling/ScrollingStateFrameScrollingNode.h:
707         * page/scrolling/ScrollingTree.cpp:
708         (WebCore::ScrollingTree::viewportChangedViaDelegatedScrolling):
709         (WebCore::ScrollingTree::scrollPositionChangedViaDelegatedScrolling):
710         (WebCore::ScrollingTree::commitTreeState):
711         * page/scrolling/ScrollingTree.h:
712         (WebCore::ScrollingTree::visualViewportEnabled):
713         (WebCore::ScrollingTree::setVisualViewportEnabled):
714         * page/scrolling/ScrollingTreeFrameScrollingNode.cpp:
715         (WebCore::ScrollingTreeFrameScrollingNode::commitStateBeforeChildren):
716         (WebCore::ScrollingTreeFrameScrollingNode::layoutViewportForScrollPosition):
717         * page/scrolling/ScrollingTreeFrameScrollingNode.h:
718         (WebCore::ScrollingTreeFrameScrollingNode::layoutViewport):
719         (WebCore::ScrollingTreeFrameScrollingNode::minLayoutViewportOrigin):
720         (WebCore::ScrollingTreeFrameScrollingNode::maxLayoutViewportOrigin):
721         * page/scrolling/ScrollingTreeScrollingNode.cpp:
722         (WebCore::ScrollingTreeScrollingNode::setScrollPositionWithoutContentEdgeConstraints):
723         * page/scrolling/ScrollingTreeScrollingNode.h:
724         * page/scrolling/ThreadedScrollingTree.cpp:
725         (WebCore::ThreadedScrollingTree::scrollingTreeNodeDidScroll):
726         * page/scrolling/ThreadedScrollingTree.h:
727         * page/scrolling/ios/ScrollingTreeFrameScrollingNodeIOS.h:
728         * page/scrolling/ios/ScrollingTreeFrameScrollingNodeIOS.mm:
729         (WebCore::ScrollingTreeFrameScrollingNodeIOS::setScrollPositionWithoutContentEdgeConstraints):
730         (WebCore::ScrollingTreeFrameScrollingNodeIOS::setScrollLayerPosition):
731         * page/scrolling/ios/ScrollingTreeIOS.cpp:
732         (WebCore::ScrollingTreeIOS::scrollingTreeNodeDidScroll):
733         * page/scrolling/ios/ScrollingTreeIOS.h:
734         * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.h:
735         * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:
736         (WebCore::ScrollingTreeFrameScrollingNodeMac::setScrollPositionWithoutContentEdgeConstraints):
737         (WebCore::ScrollingTreeFrameScrollingNodeMac::setScrollLayerPosition):
738
739 2016-11-09  Brady Eidson  <beidson@apple.com>
740
741         IndexedDB 2.0: W3C test IndexedDB/idbtransaction_objectStoreNames.html fails.
742         https://bugs.webkit.org/show_bug.cgi?id=164528
743
744         Reviewed by Alex Christensen.
745
746         No new tests (Covered by existing test).
747
748         * Modules/indexeddb/IDBDatabase.cpp:
749         (WebCore::IDBDatabase::transaction): De-dupe the input names.
750
751 2016-11-09  Brady Eidson  <beidson@apple.com>
752
753         IndexedDB 2.0: Implement new IDBCursor.continuePrimaryKey function.
754         https://bugs.webkit.org/show_bug.cgi?id=164404
755
756         Reviewed by Alex Christensen.
757
758         Tests: storage/indexeddb/modern/idbcursor-continue-primary-key-1-private.html
759                storage/indexeddb/modern/idbcursor-continue-primary-key-1.html
760                Also covered by existing tests.
761
762         * Modules/indexeddb/IDBCursor.cpp:
763         (WebCore::IDBCursor::continuePrimaryKey):
764         (WebCore::IDBCursor::uncheckedIterateCursor):
765         * Modules/indexeddb/IDBCursor.h:
766         * Modules/indexeddb/IDBCursor.idl:
767
768         * Modules/indexeddb/IDBKeyData.h:
769         (WebCore::IDBKeyData::operator>):
770         (WebCore::IDBKeyData::operator<=):
771         (WebCore::IDBKeyData::operator>=):
772
773         * Modules/indexeddb/server/MemoryCursor.h:
774
775         * Modules/indexeddb/server/MemoryIDBBackingStore.cpp:
776         (WebCore::IDBServer::MemoryIDBBackingStore::iterateCursor):
777
778         * Modules/indexeddb/server/MemoryIndexCursor.cpp:
779         (WebCore::IDBServer::MemoryIndexCursor::iterate):
780         * Modules/indexeddb/server/MemoryIndexCursor.h:
781
782         * Modules/indexeddb/server/MemoryObjectStoreCursor.cpp:
783         (WebCore::IDBServer::MemoryObjectStoreCursor::iterate):
784         * Modules/indexeddb/server/MemoryObjectStoreCursor.h:
785
786         * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:
787         (WebCore::IDBServer::SQLiteIDBBackingStore::iterateCursor):
788
789         * Modules/indexeddb/server/SQLiteIDBCursor.cpp:
790         (WebCore::IDBServer::SQLiteIDBCursor::iterate):
791         * Modules/indexeddb/server/SQLiteIDBCursor.h:
792
793         * Modules/indexeddb/shared/IDBIterateCursorData.cpp:
794         (WebCore::IDBIterateCursorData::isolatedCopy):
795         * Modules/indexeddb/shared/IDBIterateCursorData.h:
796         (WebCore::IDBIterateCursorData::encode):
797         (WebCore::IDBIterateCursorData::decode):
798
799 2016-11-09  Antoine Quint  <graouts@apple.com>
800
801         [Modern Media Controls] Media Controller: set status label according to media state
802         https://bugs.webkit.org/show_bug.cgi?id=164557
803         <rdar://problem/29184097>
804
805         Reviewed by Dean Jackson.
806
807         Correctly set the StatusLabel text based on the media loading and network state.
808
809         Tests: http/tests/media/modern-media-controls/status-support/status-support-live-broadcast.html
810                http/tests/media/modern-media-controls/status-support/status-support-loading.html
811                media/modern-media-controls/status-support/status-support-error.html
812
813         * Modules/modern-media-controls/js-files:
814         * Modules/modern-media-controls/media/media-controller.js:
815         (MediaController):
816         * Modules/modern-media-controls/media/status-support.js: Added.
817         (StatusSupport.prototype.get control):
818         (StatusSupport.prototype.get mediaEvents):
819         (StatusSupport.prototype.syncControl):
820         (StatusSupport):
821         * WebCore.xcodeproj/project.pbxproj:
822
823 2016-11-09  Zalan Bujtas  <zalan@apple.com>
824
825         No need to set setFlowThreadState on RenderText in createTextRenderer.
826         https://bugs.webkit.org/show_bug.cgi?id=164559
827
828         Reviewed by Antti Koivisto.
829
830        setFlowThreadState in create*Renderer ensures that by the time we issue the initial call to
831        styleWillChange/styleDidChange through initializeStyle, the state is already set.
832        However since RenderText does not have its own style, it's sufficient to have the flow state set
833        through the normal RenderElement::insertChildInternal code path.
834
835         No change in functionality.
836
837         * style/RenderTreeUpdater.cpp:
838         (WebCore::createTextRenderer):
839
840 2016-11-09  Brady Eidson  <beidson@apple.com>
841
842         IndexedDB 2.0: Encapsulate cursor iteration parameters for easy future expansion.
843         https://bugs.webkit.org/show_bug.cgi?id=164504
844
845         Reviewed by Darin Adler.
846
847         No new tests (Refactor, no behavior change).
848
849         This patch literally just takes the "key" and "count" arguments and encapsulates them in a struct.
850         That struct will then be easily expandable in the future (e.g. bug 164404).
851
852         * Modules/indexeddb/IDBCursor.cpp:
853         (WebCore::IDBCursor::uncheckedIterateCursor):
854         
855         * Modules/indexeddb/IDBTransaction.cpp:
856         (WebCore::IDBTransaction::iterateCursor):
857         (WebCore::IDBTransaction::iterateCursorOnServer):
858         * Modules/indexeddb/IDBTransaction.h:
859         
860         * Modules/indexeddb/client/IDBConnectionProxy.cpp:
861         (WebCore::IDBClient::IDBConnectionProxy::iterateCursor):
862         * Modules/indexeddb/client/IDBConnectionProxy.h:
863         
864         * Modules/indexeddb/client/IDBConnectionToServer.cpp:
865         (WebCore::IDBClient::IDBConnectionToServer::iterateCursor):
866         * Modules/indexeddb/client/IDBConnectionToServer.h:
867         * Modules/indexeddb/client/IDBConnectionToServerDelegate.h:
868         
869         * Modules/indexeddb/server/IDBBackingStore.h:
870         
871         * Modules/indexeddb/server/IDBServer.cpp:
872         (WebCore::IDBServer::IDBServer::iterateCursor):
873         * Modules/indexeddb/server/IDBServer.h:
874         
875         * Modules/indexeddb/server/MemoryIDBBackingStore.cpp:
876         (WebCore::IDBServer::MemoryIDBBackingStore::iterateCursor):
877         * Modules/indexeddb/server/MemoryIDBBackingStore.h:
878         
879         * Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:
880         (WebCore::IDBServer::SQLiteIDBBackingStore::iterateCursor):
881         * Modules/indexeddb/server/SQLiteIDBBackingStore.h:
882         
883         * Modules/indexeddb/server/UniqueIDBDatabase.cpp:
884         (WebCore::IDBServer::UniqueIDBDatabase::iterateCursor):
885         (WebCore::IDBServer::UniqueIDBDatabase::performIterateCursor):
886         * Modules/indexeddb/server/UniqueIDBDatabase.h:
887         
888         * Modules/indexeddb/server/UniqueIDBDatabaseTransaction.cpp:
889         (WebCore::IDBServer::UniqueIDBDatabaseTransaction::iterateCursor):
890         * Modules/indexeddb/server/UniqueIDBDatabaseTransaction.h:
891         
892         * Modules/indexeddb/shared/IDBIterateCursorData.cpp: Added.
893         (WebCore::IDBIterateCursorData::isolatedCopy):
894         * Modules/indexeddb/shared/IDBIterateCursorData.h: Added.
895         (WebCore::IDBIterateCursorData::encode):
896         (WebCore::IDBIterateCursorData::decode):
897
898         * Modules/indexeddb/shared/InProcessIDBServer.cpp:
899         (WebCore::InProcessIDBServer::iterateCursor):
900         * Modules/indexeddb/shared/InProcessIDBServer.h:
901
902         * CMakeLists.txt:
903         * WebCore.xcodeproj/project.pbxproj:
904
905 2016-11-09  Ryosuke Niwa  <rniwa@webkit.org>
906
907         StyledElement::attributeChanged shouldn't do any work when the attribute value didn't change
908         https://bugs.webkit.org/show_bug.cgi?id=129476
909
910         Reviewed by Andreas Kling.
911
912         Avoid calling styleAttributeChanged and setPresentationAttributeStyleIsDirty
913         when the attribute value didn't change as in r164856.
914
915         * dom/StyledElement.cpp:
916         (WebCore::StyledElement::attributeChanged):
917
918 2016-11-09  Yusuke Suzuki  <utatane.tea@gmail.com>
919
920         [DOMJIT] Implement Node::ownerDocument
921         https://bugs.webkit.org/show_bug.cgi?id=164004
922
923         Reviewed by Darin Adler.
924
925         Test: js/dom/domjit-accessor-owner-document.html
926
927         Still I cannot reproduce this crash in x64 environment, according to the crash log, it accesses 0x8 address.
928         This can happen if document() accidentally returns nullptr. In the C++ ownerDocument implementation,
929         if document() returns nullptr, it just returns nullptr. But in the DOMJIT implementation, we assume that
930         document() won't return nullptr and access the member of it.
931
932         This patch aligns the DOMJIT implementation strictly to the C++ one.
933
934         * dom/Node.idl:
935         * domjit/JSNodeDOMJIT.cpp:
936         (WebCore::NodeOwnerDocumentDOMJIT::checkDOM):
937         (WebCore::NodeOwnerDocumentDOMJIT::callDOMGetter):
938
939 2016-11-09  Sam Weinig  <sam@webkit.org>
940
941         [SVG] Start moving special casing of SVG out of the bindings - SVGAngle
942         https://bugs.webkit.org/show_bug.cgi?id=164496
943
944         Reviewed by Darin Adler.
945
946         There is quite a bit of special casing of SVG types in the bindings that adds
947         a lot of complexity and is relatively fragile, as it is based on type naming.
948
949         Instead of keeping the complexity in the bindings, I am going to move it into
950         the implementation, where it has also longed to be. 
951
952         Starting small, with just SVGAngle. It has been split in two, with the existing
953         SVGAngle being renamed SVGAngleValue, and the bound instance, which used to be name
954         SVGPropertyTearOff<SVGAngle>, taking the name SVGAngle (and inheriting from 
955         SVGPropertyTearOff<SVGAngleValue>).
956
957         * CMakeLists.txt:
958         * WebCore.xcodeproj/project.pbxproj:
959         Add SVGAngleValue.cpp
960
961         * bindings/scripts/CodeGenerator.pm:
962         Remove SVGAngle as a special case.
963
964         * svg/SVGAngle.cpp: Removed.
965         * svg/SVGAngle.h:
966         Added. Implements the SVGAngle interface explicitly, getting to
967         the SVGAngleValue through propertyReference().
968
969         * svg/SVGAngle.idl:
970         * svg/SVGAngleValue.cpp: Copied from Source/WebCore/svg/SVGAngle.cpp.
971         * svg/SVGAngleValue.h: Copied from Source/WebCore/svg/SVGAngle.h.
972         Move old SVGAngle implementation to SVGAngleValue.
973
974         * svg/SVGAnimatedAngle.cpp:
975         Replace SVGAngle usage with SVGAngleValue.
976
977         * svg/SVGAnimatedAngle.h:
978         Switch SVGAnimatedAngle to be a type alias. This remains SVGAnimatedPropertyTearOff<SVGAngle>
979         as SVGAnimatedPropertyTearOff has been changed to take the TearOff type as its parameter.
980
981         * svg/SVGAnimatedLength.h:
982         * svg/SVGAnimatedPreserveAspectRatio.h:
983         * svg/SVGAnimatedRect.h:
984         Switch to using type aliases and pass the TearOff to SVGAnimatedPropertyTearOff.
985
986         * svg/SVGAnimatedType.cpp:
987         (WebCore::SVGAnimatedType::createAngleAndEnumeration):
988         * svg/SVGAnimatedType.h:
989         (WebCore::SVGAnimatedType::angleAndEnumeration):
990         Use SVGAngleValue.
991
992         * svg/SVGComponentTransferFunctionElement.h:
993         Add missing include of SVGElement.h (need because it removed from SVGPropertyTearOff).
994
995         * svg/SVGMarkerElement.cpp:
996         (WebCore::SVGMarkerElement::parseAttribute):
997         (WebCore::SVGMarkerElement::setOrient):
998         Switch to take an SVGAngleValue.
999
1000         (WebCore::SVGMarkerElement::setOrientToAngle):
1001         Update to pull the value out via propertyReference().
1002
1003         * svg/SVGMarkerElement.h:
1004         Switch to take an SVGAngleValue.
1005
1006         * svg/SVGLengthList.h:
1007         * svg/SVGNumberList.h:
1008         * svg/SVGPathSegList.h:
1009         * svg/SVGPointList.h:
1010         * svg/SVGStringList.h:
1011         * svg/SVGTransformList.h:
1012         Switch to using type aliases in SVGPropertyTraits and add an alias for
1013         ListItemTearOff.
1014
1015         * svg/SVGSVGElement.cpp:
1016         (WebCore::SVGSVGElement::createSVGAngle):
1017         * svg/SVGSVGElement.h:
1018         Change createSVGAngle to return a Ref<SVGAngle> and create one.
1019
1020         * svg/SVGSVGElement.idl:
1021         Annotate IDL to indicate that a new value is being returned.
1022
1023         * svg/SVGTransform.cpp:
1024         Remove unnecessary include of SVGAngle.h.
1025
1026         * svg/SVGViewSpec.cpp:
1027         Add missing include of SVGElement.h (need because it removed from SVGPropertyTearOff).
1028
1029         * svg/properties/SVGAnimatedPropertyTearOff.h:
1030         Change to be parameterized on the TearOffType, rather than the PropertyType itself. Get the
1031         Property type from the TearOffType.
1032
1033         * svg/properties/SVGListProperty.h:
1034         * svg/properties/SVGListPropertyTearOff.h:
1035         Fix assumption that all TearOffTypes are just a SVGPropertyTearOff templatized on a property
1036         type. This is no longer true for SVGAngle. Instead, get the TearOffType for lists via SVGPropertyTraits.
1037
1038         * svg/properties/SVGPropertyTearOff.h:
1039         Make the PropertyType available by exposing it as a type alias.
1040
1041 2016-11-09  Darin Adler  <darin@apple.com>
1042
1043         Move Range from ExceptionCode to ExceptionOr
1044         https://bugs.webkit.org/show_bug.cgi?id=164457
1045
1046         Reviewed by Alex Christensen.
1047
1048         * accessibility/AXObjectCache.cpp:
1049         (WebCore::AXObjectCache::rangeForNodeContents): Update to use ExceptionOr,
1050         keeping behavior the same.
1051         (WebCore::characterOffsetsInOrder): Ditto.
1052         (WebCore::setRangeStartOrEndWithCharacterOffset): Changed argument to a
1053         reference instead of a pointer. Use a boolean return value to indicate
1054         success rather than an exception, since the callers don't need to know
1055         which exception it is.
1056         (WebCore::AXObjectCache::rangeForUnorderedCharacterOffsets): Updated for
1057         the above.
1058         (WebCore::AXObjectCache::nextBoundary): Ditto.
1059         (WebCore::AXObjectCache::previousBoundary): Ditto.
1060
1061         * accessibility/AccessibilityObject.cpp:
1062         (WebCore::AccessibilityObject::rangeOfStringClosestToRangeInDirection):
1063         Update to use ExceptionOr, keeping behavior the same.
1064         * accessibility/AccessibilityRenderObject.cpp:
1065         (WebCore::AccessibilityRenderObject::documentBasedSelectedTextRange): Ditto.
1066         * accessibility/atk/WebKitAccessibleUtil.cpp:
1067         (selectionBelongsToObject): Ditto.
1068         * accessibility/ios/WebAccessibilityObjectWrapperIOS.mm:
1069         (-[WebAccessibilityObjectWrapper _convertToNSRange:]): Ditto.
1070         * dom/Node.cpp:
1071         (WebCore::Node::textRects): Ditto.
1072
1073         * dom/Range.cpp:
1074         (WebCore::Range::~Range): Remove old comment that no longer makes sense now
1075         that the detach function no longer does anything.
1076         (WebCore::checkForDifferentRootContainer): Updated to use ExceptionOr,
1077         keeping behavior the same.
1078         (WebCore::Range::setStart): Ditto.
1079         (WebCore::Range::setEnd): Ditto.
1080         (WebCore::Range::isPointInRange): Ditto.
1081         (WebCore::Range::comparePoint): Ditto.
1082         (WebCore::Range::compareNode): Ditto.
1083         (WebCore::top): Added helper function so that compareBoundaryPoints doesn't
1084         need to have two identical loops in it.
1085         (WebCore::Range::compareBoundaryPoints): Updated to use ExceptionOr,
1086         keeping behavior the same.
1087         (WebCore::Range::compareBoundaryPointsForBindings): Ditto. Also use a switch
1088         instead of relying on the order of the values to check for unsupported values.
1089         (WebCore::Range::boundaryPointsValid): Ditto.
1090         (WebCore::Range::deleteContents): Ditto.
1091         (WebCore::Range::intersectsNode): Ditto.
1092         (WebCore::Range::processContents): Ditto.
1093         (WebCore::deleteCharacterData): Ditto.
1094         (WebCore::processContentsBetweenOffsets): Ditto. Also changed to be a
1095         non-member function and private to this file instead of in the class.
1096         (WebCore::processNodes): Ditto. Also changed one argument to be a RefPtr
1097         since the code relies on using it after mutating the DOM.
1098         (WebCore::processAncestorsAndTheirSiblings): Ditto. Changed one argument type
1099         to use ExceptionOr so the caller doesn't have to check the exception first.
1100         (WebCore::Range::extractContents): Ditto.
1101         (WebCore::Range::cloneContents): Ditto.
1102         (WebCore::Range::insertNode): Ditto. Also fixed to only call nodeType once
1103         instead of three times.
1104         (WebCore::Range::toString): Ditto. Also fixed to call nodeType only once
1105         per node instead of twice, to use downcast instead of static_cast, and to
1106         use the word "node" instead of "n" for the local variable name.
1107         (WebCore::Range::createContextualFragment): Ditto.
1108         (WebCore::Range::checkNodeWOffset): Ditto.
1109         (WebCore::Range::setStartAfter): Ditto.
1110         (WebCore::Range::setEndBefore): Ditto.
1111         (WebCore::Range::setEndAfter): Ditto.
1112         (WebCore::Range::selectNode): Ditto.
1113         (WebCore::Range::selectNodeContents): Ditto.
1114         (WebCore::Range::surroundContents): Ditto.
1115         (WebCore::Range::setStartBefore): Ditto.
1116         (WebCore::Range::contains): Ditto. Except added code to handle exception
1117         case to return false without asserting because I saw at least one crash
1118         that seemed to imply this behavior was needed.
1119         (WebCore::rangesOverlap): Ditto.
1120         (WebCore::rangeOfContents): Ditto.
1121         (WebCore::Range::expand): Ditto.
1122         (WebCore::Range::getClientRects): Ditto.
1123         (WebCore::Range::getBoundingClientRect): Ditto.
1124         (WebCore::Range::borderAndTextQuads): Changed to use return value
1125         instead of out argument, since it's a private function used only
1126         within this class so it was easy to update all call sites.
1127         (WebCore::Range::boundingRect): Updated for above. Also renamed since
1128         there was no need for the name "internal" in this.
1129         (WebCore::Range::absoluteBoundingRect): Ditto.
1130         * dom/Range.h: Updated for above.
1131         * dom/Range.idl: Use non-legacy exceptions. Also changed the default value
1132         of the string argument to the expand function to the empty string rather
1133         than "undefined", because the function silently does nothing when passed
1134         any unrecognized string, and so this leaves behavior unchanged. I removed
1135         the comment saying that the "undefined" default is wrong.
1136
1137         * editing/AlternativeTextController.cpp:
1138         (WebCore::AlternativeTextController::applyAlternativeTextToRange): Updated
1139         to use ExceptionOr but behave the same.
1140         * editing/Editor.cpp:
1141         (WebCore::Editor::advanceToNextMisspelling): Ditto.
1142         (WebCore::Editor::markAndReplaceFor): Ditto.
1143         (WebCore::isFrameInRange): Ditto. Also made a few style tweaks.
1144         (WebCore::Editor::countMatchesForText): Ditto.
1145         * editing/EditorCommand.cpp:
1146         (WebCore::unionDOMRanges): Ditto.
1147         * editing/FrameSelection.cpp:
1148         (WebCore::FrameSelection::respondToNodeModification): Ditto.
1149         * editing/InsertListCommand.cpp:
1150         (WebCore::InsertListCommand::doApplyForSingleParagraph): Ditto.
1151         * editing/TextCheckingHelper.cpp:
1152         (WebCore::TextCheckingParagraph::offsetTo): Ditto.
1153         * editing/TextCheckingHelper.h: Updated for above and also deleted
1154         unneeded private function checkingRange, which just churned the
1155         reference count unnecessarily; instead use m_checkingRange directly.
1156         * editing/TextIterator.cpp:
1157         (WebCore::TextIterator::getLocationAndLengthFromRange): Ditto.
1158         * editing/VisiblePosition.cpp:
1159         (WebCore::setStart): Ditto.
1160         (WebCore::setEnd): Ditto.
1161         * editing/VisibleSelection.cpp:
1162         (WebCore::makeSearchRange): Ditto.
1163
1164         * editing/VisibleUnits.cpp:
1165         (WebCore::suffixLengthForRange): Changed argument from RefPtr to
1166         a reference.
1167         (WebCore::prefixLengthForRange): Ditto.
1168         (WebCore::previousBoundary): Updated for ExceptionOr and the change
1169         above.
1170         (WebCore::nextBoundary): Ditto.
1171         * editing/VisibleUnits.h: Updated for above.
1172
1173         * editing/htmlediting.cpp:
1174         (WebCore::comparePositions): Updated to use ExceptionOr but behave
1175         the same.
1176         (WebCore::visiblePositionForIndexUsingCharacterIterator): Ditto.
1177         (WebCore::isNodeVisiblyContainedWithin): Ditto.
1178         * editing/ios/EditorIOS.mm:
1179         (WebCore::Editor::setDictationPhrasesAsChildOfElement): Ditto.
1180         (WebCore::Editor::setTextAsChildOfElement): Ditto.
1181         * editing/mac/EditorMac.mm:
1182         (WebCore::Editor::adjustedSelectionRange): Ditto.
1183         * editing/markup.cpp:
1184         (WebCore::createMarkupInternal): Ditto.
1185         * page/ContextMenuController.cpp:
1186         (WebCore::ContextMenuController::contextMenuItemSelected): Ditto.
1187         * page/DOMSelection.cpp:
1188         (WebCore::DOMSelection::addRange): Ditto.
1189         (WebCore::DOMSelection::deleteFromDocument): Ditto.
1190         (WebCore::DOMSelection::containsNode): Ditto.
1191
1192         * page/EventHandler.cpp:
1193         (WebCore::EventHandler::dispatchMouseEvent): Updated for change to
1194         use ExceptionOr in Ragne::compareNode. Also refactored the function
1195         to make the logic a little mroe straightforward and nest less of it
1196         inside a loop.
1197
1198         * page/Page.cpp:
1199         (WebCore::Page::findStringMatchingRanges): Updated for ExceptionOr
1200         without changing behavior.
1201         * page/TextIndicator.cpp:
1202         (WebCore::hasNonInlineOrReplacedElements): Ditto.
1203         * rendering/RenderNamedFlowThread.cpp:
1204         (WebCore::RenderNamedFlowThread::getRanges): Ditto.
1205
1206 2016-11-09  Dave Hyatt  <hyatt@apple.com>
1207
1208         [CSS Parser] Fix grid layout parsing
1209         https://bugs.webkit.org/show_bug.cgi?id=164489
1210
1211         Reviewed by Dean Jackson.
1212
1213         * css/CSSValueKeywords.in:
1214         * css/parser/CSSPropertyParser.cpp:
1215         (WebCore::consumeFitContent):
1216         (WebCore::isGridTrackFixedSized):
1217         (WebCore::consumeGridTrackSize):
1218         (WebCore::consumeGridTrackRepeatFunction):
1219         (WebCore::consumeGridTrackList):
1220         (WebCore::isCustomIdentValue):
1221         (WebCore::CSSPropertyParser::consumeGridItemPositionShorthand):
1222         (WebCore::CSSPropertyParser::consumeGridAreaShorthand):
1223         (WebCore::consumeImplicitGridAutoFlow):
1224         (WebCore::CSSPropertyParser::consumeGridShorthand):
1225
1226 2016-11-09  Darin Adler  <darin@apple.com>
1227
1228         Move EventTarget from ExceptionCode to ExceptionOr
1229         https://bugs.webkit.org/show_bug.cgi?id=164465
1230
1231         Reviewed by Youenn Fablet.
1232
1233         * Modules/indexeddb/IDBRequest.h: Added now-needed forward
1234         class declarations.
1235         * Modules/webaudio/AudioContext.h: Ditto.
1236
1237         * bindings/js/JSEventListener.cpp:
1238         (WebCore::eventHandlerAttribute): Updated for name change of the
1239         attributeEventListener function.
1240         (WebCore::documentEventHandlerAttribute): Ditto.
1241         * dom/Document.cpp:
1242         (WebCore::Document::getWindowAttributeEventListener): Ditto.
1243
1244         * dom/EventTarget.cpp:
1245         (WebCore::EventTarget::setAttributeEventListener): Updated for
1246         name change.
1247         (WebCore::EventTarget::attributeEventListener): Ditto.
1248         (WebCore::EventTarget::dispatchEventForBindings): Use ExceptionOr.
1249         (WebCore::legacyType): Use null instead of empty for no type, since
1250         it's more efficient to check for null.
1251         (WebCore::EventTarget::fireEventListeners): Check for null.
1252         Also streamlined logic a little bit and removed a very old comment.
1253         (WebCore::EventTarget::eventListeners): Renamed from getEventListeners.
1254         * dom/EventTarget.h: Removed lots of unneeded declarations. Renamed
1255         some functions to remove get prefix. Updated for above changes.
1256         Moved one inline function out of the class header. Made the destructor
1257         for EventTarget be inline to make the destructors for derived classes
1258         slightly more efficient.
1259         * dom/EventTarget.idl: Use non-legacy exception.
1260
1261         * dom/Node.cpp:
1262         (WebCore::Node::didMoveToNewDocument): Updated for name change.
1263         * editing/ReplaceSelectionCommand.cpp:
1264         (WebCore::ReplacementFragment::ReplacementFragment): Ditto.
1265
1266         * inspector/InspectorCSSAgent.h: Added now-needed forward declaration.
1267
1268         * inspector/InspectorDOMAgent.cpp:
1269         (WebCore::InspectorDOMAgent::getEventListeners): Updated for name change.
1270
1271         * inspector/InspectorInstrumentation.h: Added now-needed forward declaration.
1272         * page/DOMWindow.h: Ditto.
1273         * xml/XMLHttpRequest.h: Ditto.
1274
1275 2016-11-09  Daniel Bates  <dabates@apple.com>
1276
1277         Add test infrastructure and tests for existing HTTP 0.9 sandbox machinery
1278         https://bugs.webkit.org/show_bug.cgi?id=164389
1279         <rdar://problem/29101072>
1280
1281         Reviewed by Alex Christensen.
1282
1283         Add test infrastructure to support registering an arbitrary port as the default port
1284         for a protocol. The behavior of various machinery, including the HTTP 0.9 machinery,
1285         can be effected by whether the resource request was made using the default port for
1286         the protocol. We expose window.internals.registerDefaultPortForProtocol() to allow
1287         a test to override the default port associated with a protocol so as to support
1288         testing these code paths using the existing port 8000 server started by run-webkit-httpd.
1289         Without window.internals.registerDefaultPortForProtocol() we would need to teach
1290         run-webkit-httpd to run a web server on port 80, which requires superuser privileges
1291         (since it is a privileged port number) and is more likely to interfere with an
1292         existing web server setup.
1293
1294         Tests: http/tests/security/http-0.9/default-port-plugin-blocked.html
1295                http/tests/security/http-0.9/default-port-script-blocked.html
1296                http/tests/security/http-0.9/iframe-blocked.html
1297                http/tests/security/http-0.9/image-blocked.html
1298                http/tests/security/http-0.9/image-on-HTTP-0.9-default-port-page-allowed-ref-test.html
1299                http/tests/security/http-0.9/image-on-HTTP-0.9-default-port-page-allowed.html
1300                http/tests/security/http-0.9/image-on-HTTP-0.9-page-blocked.html
1301                http/tests/security/http-0.9/worker-connect-src-blocked.html
1302                http/tests/security/http-0.9/worker-importScripts-blocked.html
1303                http/tests/security/http-0.9/xhr-asynchronous-blocked.html
1304
1305         * platform/URL.cpp:
1306         (WebCore::defaultPortForProtocolMapForTesting): Added.
1307         (WebCore::registerDefaultPortForProtocolForTesting): Adds the specified (protocol, port) to the
1308         mapping used for testing.
1309         (WebCore::clearDefaultPortForProtocolMapForTesting): Clears the protocol to default port testing map.
1310         We call this function from Internals::resetToConsistentState() so that the mapping is cleared between
1311         test runs.
1312         (WebCore::defaultPortForProtocol): Modified to check the protocol to default port map for testing
1313         before consulting URLParser::defaultPortForProtocol().
1314         * platform/URL.h:
1315         * testing/Internals.cpp:
1316         (WebCore::Internals::resetToConsistentState): Clear the default port mapping used for testing.
1317         (WebCore::Internals::registerDefaultPortForProtocol): Added.
1318         * testing/Internals.h:
1319         * testing/Internals.idl: Added declaration for registerDefaultPortForProtocol().
1320
1321 2016-11-09  Sam Weinig  <sam@webkit.org>
1322
1323         [WebIDL] Add proper parsing for Promises
1324         https://bugs.webkit.org/show_bug.cgi?id=164497
1325
1326         Reviewed by Tim Horton.
1327
1328         * bindings/scripts/IDLParser.pm:
1329         (parseNonAnyType):
1330         (parseStringType):
1331         Require Promise types to declare the type they resolve to.
1332         
1333         * bindings/js/JSDOMPromise.h:
1334         Allow DOMPromise to be be parameterized on void. Add an SFINAE guarded
1335         overload of resolve that takes no arguments when in a DOMPromise<void>.
1336
1337         * Modules/applepay/ApplePaySession.idl:
1338         * Modules/fetch/DOMWindowFetch.idl:
1339         * Modules/fetch/FetchBody.idl:
1340         * Modules/fetch/FetchResponse.idl:
1341         * Modules/fetch/WorkerGlobalScopeFetch.idl:
1342         * Modules/mediastream/MediaDevices.idl:
1343         * Modules/mediastream/MediaStreamTrack.idl:
1344         * Modules/mediastream/RTCPeerConnection.idl:
1345         * Modules/mediastream/RTCRtpSender.idl:
1346         * Modules/mediastream/RTCStatsReport.idl:
1347         * Modules/streams/ReadableStream.idl:
1348         * Modules/streams/ReadableStreamDefaultReader.idl:
1349         * Modules/streams/ReadableStreamSource.idl:
1350         * Modules/streams/WritableStream.idl:
1351         * Modules/webaudio/AudioContext.idl:
1352         * bindings/scripts/test/TestNode.idl:
1353         * bindings/scripts/test/TestObj.idl:
1354         * crypto/SubtleCrypto.idl:
1355         * crypto/WebKitSubtleCrypto.idl:
1356         * css/FontFace.idl:
1357         * css/FontFaceSet.idl:
1358         * dom/CustomElementRegistry.idl:
1359         * html/HTMLMediaElement.idl:
1360         Update IDLs to specify the resolve type of promise types.
1361
1362         * Modules/mediastream/MediaEndpointPeerConnection.cpp:
1363         (WebCore::MediaEndpointPeerConnection::replaceTrack):
1364         (WebCore::MediaEndpointPeerConnection::replaceTrackTask):
1365         * Modules/mediastream/MediaStreamTrack.cpp:
1366         (WebCore::MediaStreamTrack::applyConstraints):
1367         * Modules/mediastream/MediaStreamTrack.h:
1368         * Modules/mediastream/PeerConnectionBackend.cpp:
1369         (WebCore::PeerConnectionBackend::setLocalDescriptionSucceeded):
1370         (WebCore::PeerConnectionBackend::setRemoteDescriptionSucceeded):
1371         (WebCore::PeerConnectionBackend::addIceCandidateSucceeded):
1372         * Modules/mediastream/PeerConnectionBackend.h:
1373         * Modules/streams/ReadableStreamSource.h:
1374         (WebCore::ReadableStreamSource::start):
1375         (WebCore::ReadableStreamSource::pull):
1376         (WebCore::ReadableStreamSource::startFinished):
1377         (WebCore::ReadableStreamSource::pullFinished):
1378         * Modules/webaudio/AudioContext.cpp:
1379         (WebCore::AudioContext::addReaction):
1380         (WebCore::AudioContext::setState):
1381         (WebCore::AudioContext::suspend):
1382         (WebCore::AudioContext::resume):
1383         (WebCore::AudioContext::close):
1384         * Modules/webaudio/AudioContext.h:
1385         * html/HTMLMediaElement.cpp:
1386         (WebCore::HTMLMediaElement::rejectPendingPlayPromises):
1387         (WebCore::HTMLMediaElement::resolvePendingPlayPromises):
1388         (WebCore::HTMLMediaElement::play):
1389         * html/HTMLMediaElement.h:
1390         Update implementations to use DOMPromise<void> rather than DOMPromise<nullptr_t>
1391         and use the new resolve() overload.
1392
1393 2016-11-07  Brady Eidson  <beidson@apple.com>
1394
1395         Followup to https://bugs.webkit.org/show_bug.cgi?id=164466 - Make an IDBTransaction* be an IDBTransaction&
1396
1397         Rubberstamped by Alex Christensen.
1398
1399         No new tests (No behavior change).
1400
1401         * Modules/indexeddb/IDBObjectStore.cpp:
1402         (WebCore::IDBObjectStore::IDBObjectStore):
1403         (WebCore::IDBObjectStore::~IDBObjectStore):
1404         (WebCore::IDBObjectStore::hasPendingActivity):
1405         (WebCore::IDBObjectStore::name):
1406         (WebCore::IDBObjectStore::setName):
1407         (WebCore::IDBObjectStore::keyPath):
1408         (WebCore::IDBObjectStore::indexNames):
1409         (WebCore::IDBObjectStore::transaction):
1410         (WebCore::IDBObjectStore::autoIncrement):
1411         (WebCore::IDBObjectStore::openCursor):
1412         (WebCore::IDBObjectStore::openKeyCursor):
1413         (WebCore::IDBObjectStore::get):
1414         (WebCore::IDBObjectStore::putOrAdd):
1415         (WebCore::IDBObjectStore::doDelete):
1416         (WebCore::IDBObjectStore::clear):
1417         (WebCore::IDBObjectStore::createIndex):
1418         (WebCore::IDBObjectStore::index):
1419         (WebCore::IDBObjectStore::deleteIndex):
1420         (WebCore::IDBObjectStore::doCount):
1421         (WebCore::IDBObjectStore::getAll):
1422         (WebCore::IDBObjectStore::getAllKeys):
1423         (WebCore::IDBObjectStore::markAsDeleted):
1424         (WebCore::IDBObjectStore::rollbackForVersionChangeAbort):
1425         (WebCore::IDBObjectStore::ref):
1426         (WebCore::IDBObjectStore::deref):
1427         * Modules/indexeddb/IDBObjectStore.h:
1428
1429 2016-11-09  Zalan Bujtas  <zalan@apple.com>
1430
1431         Move RenderNamedFlowThread nextRendererForElement logic to RenderTreeUpdater.
1432         https://bugs.webkit.org/show_bug.cgi?id=164503
1433
1434         Reviewed by Antti Koivisto.
1435
1436         When we insert a renderer into the render tree, we need to know both its parent
1437         and its next sibling. Normally the parent and the sibling are based on the DOM, but
1438         when this renderer is part of a flow thread, its insertion sibling is not necessarily the DOM sibling.
1439         To find the correct sibling, we call RenderNamedFlowThread's nextRendererForElement().
1440         RenderNamedFlowThread keeps track of its children so that it can compute the next sibling
1441         for the insertion point.
1442
1443         This patch eliminates the need for keeping track of the child renderers of each
1444         flow by moving the 'next sibling' logic to RenderTreePosition.
1445
1446         No change in functionality.
1447
1448         * rendering/RenderElement.cpp:
1449         (WebCore::RenderElement::insertedIntoTree):
1450         (WebCore::RenderElement::willBeDestroyed):
1451         (WebCore::RenderElement::removeFromRenderFlowThread):
1452         (WebCore::RenderElement::renderNamedFlowThreadWrapper): Deleted.
1453         * rendering/RenderElement.h:
1454         * rendering/RenderNamedFlowThread.cpp:
1455         (WebCore::RenderNamedFlowThread::nextRendererForElement): Deleted.
1456         (WebCore::RenderNamedFlowThread::addFlowChild): Deleted.
1457         (WebCore::RenderNamedFlowThread::removeFlowChild): Deleted.
1458         * rendering/RenderNamedFlowThread.h:
1459         * style/RenderTreePosition.cpp:
1460         (WebCore::RenderTreePosition::previousSiblingRenderer):
1461         (WebCore::RenderTreePosition::flowThreadInsertionContext):
1462         * style/RenderTreePosition.h:
1463         (WebCore::RenderTreePosition::RenderTreePosition):
1464         (WebCore::RenderTreePosition::parent):
1465         * style/RenderTreeUpdater.cpp:
1466         (WebCore::registerElementForFlowThreadIfNeeded): We need to registed the element even when it does not create renderer (display: none).
1467         (WebCore::RenderTreeUpdater::createRenderer):
1468         (WebCore::moveToFlowThreadIfNeeded): Deleted.
1469
1470 2016-11-09  Per Arne Vollan  <pvollan@apple.com>
1471
1472         [Win][Direct2D] Incomplete image decoding.
1473         https://bugs.webkit.org/show_bug.cgi?id=164511
1474
1475         Reviewed by Darin Adler.
1476
1477         Create native decoder when all image data has been received.
1478
1479         * platform/graphics/win/ImageDecoderDirect2D.cpp:
1480         (WebCore::ImageDecoder::setData):
1481
1482 2016-11-09  Beth Dakin  <bdakin@apple.com>
1483
1484         Attempted build fix.
1485
1486         * platform/spi/cocoa/AVKitSPI.h:
1487
1488 2016-11-09  Brady Eidson  <beidson@apple.com>
1489
1490         IndexedDB 2.0: Clean up more transaction abort behavior, including tweaks to Index/ObjectStore lifetime.
1491         https://bugs.webkit.org/show_bug.cgi?id=164466
1492
1493         Reviewed by Alex Christensen.
1494
1495         No new tests (Covered by existing tests that now pass).
1496         
1497         Previously, IDBIndex ref/deref didn't track a traditional ref count but instead kept the owning object store alive.
1498         Now, IDBObjectStore ref/deref do the same thing for the owning transaction.
1499         
1500         Now when a version change transaction is rolled back, some object stores and indexes get pulled out of the "deleted"
1501         set and get promoted back up into the "referenced" set.
1502         
1503         Now deleted object stores/indexes are considered opaque roots, as live objects in the deleted state *can* get back
1504         to the owning objects.
1505
1506         * CMakeLists.txt:
1507         * WebCore.xcodeproj/project.pbxproj:
1508
1509         * Modules/indexeddb/IDBIndex.cpp:
1510         (WebCore::IDBIndex::rollbackInfoForVersionChangeAbort):
1511
1512         * Modules/indexeddb/IDBObjectStore.cpp:
1513         (WebCore::IDBObjectStore::IDBObjectStore):
1514         (WebCore::IDBObjectStore::indexNames):
1515         (WebCore::IDBObjectStore::transaction):
1516         (WebCore::IDBObjectStore::openCursor):
1517         (WebCore::IDBObjectStore::openKeyCursor):
1518         (WebCore::IDBObjectStore::deleteIndex):
1519         (WebCore::IDBObjectStore::rollbackForVersionChangeAbort):
1520         (WebCore::IDBObjectStore::visitReferencedIndexes):
1521         (WebCore::IDBObjectStore::ref):
1522         (WebCore::IDBObjectStore::deref):
1523         (WebCore::IDBObjectStore::create): Deleted.
1524         * Modules/indexeddb/IDBObjectStore.h:
1525
1526         * Modules/indexeddb/IDBTransaction.cpp:
1527         (WebCore::IDBTransaction::objectStore):
1528         (WebCore::IDBTransaction::transitionedToFinishing):
1529         (WebCore::IDBTransaction::internalAbort):
1530         (WebCore::IDBTransaction::createObjectStore):
1531         (WebCore::IDBTransaction::deleteObjectStore):
1532         (WebCore::IDBTransaction::visitReferencedObjectStores):
1533         * Modules/indexeddb/IDBTransaction.h:
1534         * Modules/indexeddb/IDBTransaction.idl:
1535
1536         * bindings/js/JSIDBTransactionCustom.cpp: Added.
1537         (WebCore::JSIDBTransaction::visitAdditionalChildren):
1538
1539 2016-11-09  Simon Fraser  <simon.fraser@apple.com>
1540
1541         Allow customization of TextStream-based logging for geometry types
1542         https://bugs.webkit.org/show_bug.cgi?id=164460
1543
1544         Reviewed by Zalan Bujtas.
1545
1546         TextStream-based logging was constrained by the requirement to maintain compatibility
1547         with DRT-style output, which includes cumbersome rect logging ("at (5,0) size 40x40")
1548         and dumping LayoutRects as IntRects.
1549         
1550         Add some formatting flags so that other TextStream clients (e.g. logging) can have
1551         more readable output, and opt into automatic FormatNumberRespectingIntegers behavior.
1552         
1553         TextStreams whose output appears in test results are given flags to avoid behavior
1554         changes, but in the longer term test results should be updated.
1555
1556         * html/canvas/CanvasRenderingContext2D.cpp:
1557         (WebCore::CanvasRenderingContext2D::replayDisplayListAsText):
1558         * page/scrolling/ScrollingStateNode.cpp:
1559         (WebCore::ScrollingStateNode::scrollingStateTreeAsText):
1560         * platform/graphics/FloatPoint.cpp:
1561         (WebCore::operator<<):
1562         * platform/graphics/FloatRect.cpp:
1563         (WebCore::operator<<):
1564         * platform/graphics/GraphicsLayer.cpp:
1565         (WebCore::GraphicsLayer::layerTreeAsText):
1566         * platform/graphics/IntRect.cpp:
1567         (WebCore::operator<<):
1568         * platform/graphics/LayoutPoint.cpp:
1569         (WebCore::operator<<):
1570         * platform/graphics/LayoutRect.cpp:
1571         (WebCore::operator<<):
1572         * platform/graphics/ca/GraphicsLayerCA.cpp:
1573         (WebCore::GraphicsLayerCA::replayDisplayListAsText):
1574         * platform/graphics/displaylists/DisplayList.cpp:
1575         (WebCore::DisplayList::DisplayList::asText):
1576         * platform/text/TextStream.cpp:
1577         (WebCore::TextStream::operator<<):
1578         * platform/text/TextStream.h:
1579         (WebCore::TextStream::TextStream):
1580         (WebCore::TextStream::formattingFlags):
1581         (WebCore::TextStream::setFormattingFlags):
1582         (WebCore::TextStream::hasFormattingFlag):
1583         (WebCore::TextStream::increaseIndent):
1584         (WebCore::TextStream::decreaseIndent):
1585         * rendering/RenderTreeAsText.cpp:
1586         (WebCore::externalRepresentation):
1587         (WebCore::counterValueForElement):
1588
1589 2016-11-09  Zalan Bujtas  <zalan@apple.com>
1590
1591         RenderFlowThread::flowThreadRelativeWillBeRemoved should take RenderObject& instead of RenderObject*
1592         https://bugs.webkit.org/show_bug.cgi?id=164543
1593
1594         Reviewed by Simon Fraser.
1595
1596         No change in functionality.
1597
1598         * rendering/RenderBlockFlow.cpp:
1599         (WebCore::RenderBlockFlow::removeChild):
1600         * rendering/RenderFlowThread.h:
1601         * rendering/RenderMultiColumnFlowThread.cpp:
1602         (WebCore::RenderMultiColumnFlowThread::handleSpannerRemoval):
1603         (WebCore::RenderMultiColumnFlowThread::flowThreadRelativeWillBeRemoved):
1604         * rendering/RenderMultiColumnFlowThread.h:
1605
1606 2016-11-09  Jer Noble  <jer.noble@apple.com>
1607
1608         REGRESSION (r208149): Media scrubber is not displayed in media controls
1609         https://bugs.webkit.org/show_bug.cgi?id=164514
1610
1611         Reviewed by Darin Adler.
1612
1613         Fixes broken Media Controls API tests.
1614
1615         Added a new PlatformMediaSessionType; need to add that same type to the TYPE_TRAITS section of 
1616         MediaElementSession.h so that is<> and downcast<> work correctly.
1617
1618         * html/MediaElementSession.h:
1619         (isType):
1620
1621 2016-11-09  Wenson Hsieh  <wenson_hsieh@apple.com>
1622
1623         When editing IME, `compositionend` events should fire after input events
1624         https://bugs.webkit.org/show_bug.cgi?id=164324
1625         <rdar://problem/29050438>
1626
1627         Reviewed by Darin Adler.
1628
1629         Moves where we dispatch `compositionend` events to after applying editing commands that fire `beforeinput` or
1630         `input` events. Also augments existing layout tests to verify the change.
1631
1632         * editing/Editor.cpp:
1633         (WebCore::Editor::setComposition):
1634
1635 2016-11-09  Wenson Hsieh  <wenson_hsieh@apple.com>
1636
1637         Setting foreground color when text is selected should fire an input event with color data
1638         https://bugs.webkit.org/show_bug.cgi?id=164241
1639         <rdar://problem/29032759>
1640
1641         Reviewed by Darin Adler.
1642
1643         Refactors Editor::applyStyle and Editor::applyParagraphStyle to handle beforeinput and input event dispatch.
1644         Instead of going through the ApplyStyleCommand to dispatch input events, override shouldDispatchInputEvents to
1645         return false. This strategy also has the effect of unifying the way input events are dispatched in applyStyle,
1646         in both codepaths where we computeAndSetTypingStyle and where we create and then apply a style command.
1647
1648         Test: fast/events/input-events-selection-forecolor-data.html
1649
1650         * editing/ApplyStyleCommand.h:
1651         * editing/Editor.cpp:
1652         (WebCore::inputEventDataForEditingStyleAndAction):
1653         (WebCore::Editor::applyStyle):
1654         (WebCore::Editor::applyParagraphStyle):
1655         (WebCore::Editor::computeAndSetTypingStyle):
1656
1657 2016-11-08  Dean Jackson  <dino@apple.com>
1658
1659         Rendering support for ExtendedColors
1660         https://bugs.webkit.org/show_bug.cgi?id=164443
1661         <rdar://problems/29123243>
1662
1663         Reviewed by Simon Fraser and Darin Adler.
1664
1665         Add support for rendering the new color() syntax, which
1666         ends up as an ExtendedColor.
1667
1668         In order to make rendering code a little more readable, I
1669         changed Color::hasAlpha to Color::isOpaque (since an alpha
1670         of 100% is still an alpha), and added a Color::isVisible
1671         helper (the color isn't completely transparent). These new
1672         helpers support ExtendedColor forms.
1673
1674         Support for painting gradients and blending between colors
1675         is still to come. I also added some FIXME comments
1676         to show other places that don't handle ExtendedColors yet.
1677
1678         Tests: css3/color/backgrounds-and-borders.html
1679                css3/color/box-shadows.html
1680                css3/color/canvas.html
1681                css3/color/composited-solid-backgrounds.html
1682                css3/color/text.html
1683
1684         * css/CSSGradientValue.cpp: Add some notes that this is broken.
1685         (WebCore::interpolate):
1686         (WebCore::CSSGradientValue::knownToBeOpaque):
1687
1688         * editing/EditingStyle.cpp: Use new Color helpers.
1689         (WebCore::isTransparentColorValue):
1690
1691         * editing/mac/EditorMac.mm: Use new Color helpers.
1692         (WebCore::Editor::fontAttributesForSelectionStart):
1693
1694         * html/ColorInputType.cpp: No need to use the Color class at all here.
1695         (WebCore::isValidSimpleColorString): Renamed from isValidColorString.
1696         (WebCore::ColorInputType::sanitizeValue):
1697         (WebCore::ColorInputType::typeMismatchFor):
1698         (WebCore::isValidColorString): Deleted.
1699
1700         * html/canvas/CanvasRenderingContext2D.cpp: New helpers.
1701         (WebCore::CanvasRenderingContext2D::shouldDrawShadows):
1702         (WebCore::CanvasRenderingContext2D::didDraw):
1703
1704         * page/FrameView.cpp: Ditto.
1705         (WebCore::FrameView::recalculateScrollbarOverlayStyle):
1706         (WebCore::FrameView::hasOpaqueBackground):
1707         (WebCore::FrameView::setBaseBackgroundColor):
1708
1709         * platform/graphics/Color.cpp:
1710         (WebCore::differenceSquared): Support ExtendedColor, but also
1711         add a note to indicate that this method and its call sites
1712         should use floats.
1713         (WebCore::Color::serialized): New helper.
1714         (WebCore::Color::cssText): Ditto.
1715         (WebCore::Color::blend): Ditto.
1716         (WebCore::Color::blendWithWhite):
1717         (WebCore::Color::colorWithAlphaMultipliedBy): Implementation of new function.
1718         (WebCore::Color::colorWithAlpha): Ditto.
1719         (WebCore::Color::opaqueColor): New method to return an opaque version of the given color.
1720         (WebCore::blend):
1721         * platform/graphics/Color.h:
1722         (WebCore::Color::isOpaque): New helper that is !hasAlpha().
1723         (WebCore::Color::isVisible): New helper.
1724         (WebCore::Color::alphaAsFloat): Gets the alpha value as a float. This replaces
1725         a bunch of places that were calculating it manually each time. Meanwhile, we
1726         might consider always exposing the primaries as floats... or at least
1727         have that option.
1728         (WebCore::isBlackColor): New helper - it was used in a couple of places.
1729         (WebCore::isWhiteColor): Ditto.
1730         (WebCore::Color::hasAlpha): Deleted.
1731
1732         * platform/graphics/Gradient.cpp: Add FIXME.
1733         (WebCore::Gradient::addColorStop):
1734         * platform/graphics/Gradient.h:
1735
1736         * platform/graphics/GraphicsContext.cpp: Use new helpers.
1737         (WebCore::GraphicsContext::computeLineBoundsAndAntialiasingModeForText):
1738         * platform/graphics/GraphicsContext.h:
1739         (WebCore::GraphicsContext::hasVisibleShadow):
1740
1741         * platform/graphics/Image.cpp: Ditto.
1742         (WebCore::Image::fillWithSolidColor):
1743
1744         * platform/graphics/ShadowBlur.cpp: Ditto.
1745         (WebCore::ShadowBlur::updateShadowBlurValues):
1746
1747         * platform/graphics/ca/GraphicsLayerCA.cpp: Ditto.
1748         (WebCore::GraphicsLayerCA::setContentsToSolidColor):
1749
1750         * platform/graphics/cg/GradientCG.cpp:
1751         (WebCore::Gradient::platformGradient): Add a FIXME to note that we can
1752         add ExtendedColor support simply by using CGColors, rather than fetching
1753         the components ourselves.
1754
1755         * platform/graphics/cg/GraphicsContextCG.cpp: New helpers.
1756         (WebCore::calculateDrawingMode):
1757
1758         * platform/graphics/cocoa/FontCascadeCocoa.mm: New helpers.
1759         (WebCore::FontCascade::drawGlyphs):
1760
1761         * platform/graphics/mac/ColorMac.mm: Use the new helpers and Color::hash().
1762         (WebCore::nsColor):
1763
1764         * platform/graphics/texmap/TextureMapperGL.cpp: New helpers.
1765         (WebCore::TextureMapperGL::drawBorder):
1766
1767         * rendering/BorderEdge.cpp: Ditto.
1768         (WebCore::BorderEdge::obscuresBackgroundEdge):
1769         (WebCore::BorderEdge::obscuresBackground):
1770
1771         * rendering/RenderBox.cpp: Ditto.
1772         (WebCore::RenderBox::getBackgroundPaintedExtent):
1773         (WebCore::RenderBox::backgroundIsKnownToBeOpaqueInRect):
1774         (WebCore::RenderBox::backgroundHasOpaqueTopLayer):
1775
1776         * rendering/RenderBoxModelObject.cpp: Ditto.
1777         (WebCore::RenderBoxModelObject::paintFillLayerExtended):
1778         (WebCore::colorNeedsAntiAliasAtCorner):
1779         (WebCore::willBeOverdrawn):
1780         (WebCore::RenderBoxModelObject::paintTranslucentBorderSides):
1781         (WebCore::RenderBoxModelObject::paintBorder):
1782         (WebCore::RenderBoxModelObject::boxShadowShouldBeAppliedToBackground):
1783         (WebCore::RenderBoxModelObject::paintBoxShadow):
1784         * rendering/RenderElement.cpp:
1785         (WebCore::RenderElement::paintOutline):
1786         * rendering/RenderInline.cpp:
1787         (WebCore::RenderInline::paintOutline):
1788         * rendering/RenderLayerBacking.cpp:
1789         (WebCore::canCreateTiledImage):
1790         * rendering/RenderLayerCompositor.cpp:
1791         (WebCore::RenderLayerCompositor::viewHasTransparentBackground):
1792         * rendering/RenderMenuList.cpp:
1793         (RenderMenuList::getItemBackgroundColor):
1794         * rendering/RenderTheme.cpp:
1795         (WebCore::RenderTheme::disabledTextColor):
1796         * rendering/RenderView.cpp:
1797         (WebCore::RenderView::paintBoxDecorations):
1798         * rendering/TextDecorationPainter.cpp:
1799         (WebCore::TextDecorationPainter::paintTextDecoration):
1800         * rendering/TextPainter.cpp:
1801         (WebCore::TextPainter::paintTextWithShadows):
1802         * rendering/style/BorderValue.h:
1803         (WebCore::BorderValue::isTransparent):
1804         * rendering/style/RenderStyle.cpp:
1805         (WebCore::RenderStyle::visitedDependentColor):
1806         * rendering/style/RenderStyle.h:
1807         (WebCore::RenderStyle::hasBackground):
1808         * rendering/svg/RenderSVGResource.cpp:
1809         (WebCore::requestPaintingResource):
1810         * rendering/svg/SVGInlineTextBox.cpp:
1811         (WebCore::SVGInlineTextBox::paintSelectionBackground):
1812
1813         * svg/SVGAnimatedColor.cpp: Add a FIXME to note this is broken.
1814         (WebCore::SVGAnimatedColorAnimator::calculateAnimatedValue):
1815
1816 2016-11-09  Antoine Quint  <graouts@apple.com>
1817
1818         [Modern Media Controls] UI Library: StatusLabel
1819         https://bugs.webkit.org/show_bug.cgi?id=164544
1820         <rdar://problem/29179541>
1821
1822         Reviewed by Dean Jackson.
1823
1824         We add a new StatusLabel class to display a string of text in place of the TimeControl.
1825         A followup patch will add the logic to display "Error", "Loading" and "Live Broadcast"
1826         test under the right media state.
1827
1828         Tests: media/modern-media-controls/macos-inline-media-controls/macos-inline-media-controls-status-label.html
1829                media/modern-media-controls/status-label/status-label.html
1830
1831         * Modules/modern-media-controls/controls/macos-inline-media-controls.css:
1832         (.media-controls.mac.inline .time-label,):
1833         (.media-controls.mac.inline .time-label): Deleted.
1834         * Modules/modern-media-controls/controls/macos-inline-media-controls.js:
1835         (MacOSInlineMediaControls.prototype.layout):
1836         * Modules/modern-media-controls/controls/media-controls.js:
1837         (MediaControls.):
1838         * Modules/modern-media-controls/controls/status-label.css: Added.
1839         (.status-label):
1840         * Modules/modern-media-controls/controls/status-label.js: Added.
1841         (StatusLabel.prototype.get text):
1842         (StatusLabel.prototype.set text):
1843         (StatusLabel.prototype.commitProperty):
1844         * Modules/modern-media-controls/js-files:
1845         * WebCore.xcodeproj/project.pbxproj:
1846
1847 2016-11-09  Chris Dumez  <cdumez@apple.com>
1848
1849         [Mac] Stop using deprecated AppKit enumeration values
1850         https://bugs.webkit.org/show_bug.cgi?id=164494
1851
1852         Reviewed by Darin Adler.
1853
1854         Stop using deprecated AppKit enumeration values.
1855
1856         * editing/cocoa/HTMLConverter.mm:
1857         (HTMLConverter::computedAttributesForElement):
1858         (HTMLConverter::_processElement):
1859         (HTMLConverter::_addMarkersToList):
1860         * page/mac/EventHandlerMac.mm:
1861         (WebCore::EventHandler::keyEvent):
1862         (WebCore::lastEventIsMouseUp):
1863         (WebCore::EventHandler::passSubframeEventToSubframe):
1864         (WebCore::EventHandler::widgetDidHandleWheelEvent):
1865         (WebCore::EventHandler::sendFakeEventsAfterWidgetTracking):
1866         * page/mac/TextIndicatorWindow.mm:
1867         (WebCore::TextIndicatorWindow::setTextIndicator):
1868         * platform/graphics/mac/IconMac.mm:
1869         (WebCore::Icon::paint):
1870         * platform/mac/CursorMac.mm:
1871         (WebCore::createCustomCursor):
1872         * platform/mac/DragImageMac.mm:
1873         (WebCore::dissolveDragImageToFraction):
1874         (WebCore::createDragImageFromImage):
1875         * platform/mac/EventLoopMac.mm:
1876         (WebCore::EventLoop::cycle):
1877         * platform/mac/PasteboardMac.mm:
1878         (WebCore::Pasteboard::setDragImage):
1879         * platform/mac/PlatformEventFactoryMac.mm:
1880         (WebCore::globalPointForEvent):
1881         (WebCore::pointForEvent):
1882         (WebCore::mouseButtonForEvent):
1883         (WebCore::mouseEventTypeForEvent):
1884         (WebCore::clickCountForEvent):
1885         (WebCore::isKeypadEvent):
1886         (WebCore::windowsKeyCodeForKeyEvent):
1887         (WebCore::isKeyUpEvent):
1888         (WebCore::PlatformKeyboardEventBuilder::PlatformKeyboardEventBuilder):
1889         * platform/mac/ScrollbarThemeMac.mm:
1890         (WebCore::scrollbarControlSizeToNSControlSize):
1891         * platform/mac/ThemeMac.mm:
1892         (-[WebCoreThemeView window]):
1893         (WebCore::controlSizeForFont):
1894         (WebCore::controlSizeFromPixelSize):
1895         (WebCore::setUpButtonCell):
1896         (WebCore::stepperControlSizeForFont):
1897         (WebCore::paintStepper):
1898         (WebCore::ThemeMac::minimumControlSize):
1899         * platform/mac/WebVideoFullscreenHUDWindowController.mm:
1900         (-[WebVideoFullscreenHUDWindow initWithContentRect:styleMask:backing:defer:]):
1901         (-[WebVideoFullscreenHUDWindow performKeyEquivalent:]):
1902         (-[WebVideoFullscreenHUDWindowController init]):
1903         (-[WebVideoFullscreenHUDWindowController keyDown:]):
1904         (-[WebVideoFullscreenHUDWindowController windowDidLoad]):
1905         * platform/mac/WebWindowAnimation.mm:
1906         (WebWindowAnimationDurationFromDuration):
1907         * rendering/RenderThemeMac.mm:
1908         (WebCore::RenderThemeMac::updateCachedSystemFontDescription):
1909         (WebCore::RenderThemeMac::controlSizeForFont):
1910         (WebCore::RenderThemeMac::controlSizeForCell):
1911         (WebCore::RenderThemeMac::controlSizeForSystemFont):
1912         (WebCore::RenderThemeMac::paintProgressBar):
1913         (WebCore::RenderThemeMac::popupMenuSize):
1914         (WebCore::RenderThemeMac::sliderThumbHorizontal):
1915         (WebCore::RenderThemeMac::sliderThumbVertical):
1916
1917 2016-11-08  Antoine Quint  <graouts@apple.com>
1918
1919         [Modern Media Controls] UI Library: iOS inline controls
1920         https://bugs.webkit.org/show_bug.cgi?id=164513
1921         <rdar://problem/27989475>
1922
1923         Reviewed by Dean Jackson.
1924
1925         We introduce a new IOSInlineMediaControls class which can be used to instantiate media controls
1926         for inline playback on iOS.
1927
1928         Tests: media/modern-media-controls/ios-inline-media-controls/ios-inline-media-controls-buttons-styles.html
1929                media/modern-media-controls/ios-inline-media-controls/ios-inline-media-controls-constructor.html
1930                media/modern-media-controls/ios-inline-media-controls/ios-inline-media-controls-controls-bar-styles.html
1931                media/modern-media-controls/ios-inline-media-controls/ios-inline-media-controls-layout.html
1932                media/modern-media-controls/ios-inline-media-controls/ios-inline-media-controls-time-control-styles.html
1933                media/modern-media-controls/ios-inline-media-controls/ios-inline-media-dropping-controls.html
1934
1935         * Modules/modern-media-controls/controls/ios-inline-media-controls.css: Added.
1936         (.media-controls.ios.inline > .controls-bar):
1937         (.media-controls.ios.inline .time-control):
1938         (.media-controls.ios.inline button):
1939         (.media-controls.ios.inline button:active):
1940         (.media-controls.ios.inline > .controls-bar button):
1941         (.media-controls.ios.inline .buttons-container.right):
1942         (.media-controls.ios.inline button.play-pause):
1943         (.media-controls.ios.inline button.skip-back):
1944         (.media-controls.ios.inline .scrubber.slider):
1945         (.media-controls.ios.inline button.airplay):
1946         (.media-controls.ios.inline button.pip):
1947         (.media-controls.ios.inline button.fullscreen):
1948         (.media-controls.ios.inline .time-label):
1949         (.media-controls.ios.inline .scrubber.slider > .fill):
1950         (.media-controls.ios.inline .scrubber.slider > input::-webkit-slider-thumb):
1951         * Modules/modern-media-controls/controls/ios-inline-media-controls.js: Added.
1952         (IOSInlineMediaControls.prototype.layout):
1953         (IOSInlineMediaControls):
1954         * Modules/modern-media-controls/images/iOS/slider-thumb@2x.png: Added.
1955         * Modules/modern-media-controls/js-files:
1956         * WebCore.xcodeproj/project.pbxproj:
1957
1958 2016-11-09  Beth Dakin  <bdakin@apple.com>
1959
1960         Support TouchBar in WebKit
1961         https://bugs.webkit.org/show_bug.cgi?id=164437
1962         -and corresponding-
1963         rdar://problem/28876524
1964
1965         Reviewed by Darin Adler.
1966
1967         * WebCore.xcodeproj/project.pbxproj:
1968         * platform/spi/cocoa/AVKitSPI.h:
1969         * platform/spi/cocoa/NSTouchBarSPI.h: Added.
1970         * platform/spi/mac/NSSpellCheckerSPI.h:
1971
1972 2016-11-09  Chris Dumez  <cdumez@apple.com>
1973
1974         Use Blob URL instead of webkit-fake-url when pasting an image
1975         https://bugs.webkit.org/show_bug.cgi?id=49141
1976
1977         Reviewed by Darin Adler.
1978
1979         Use Blob URL instead of webkit-fake-url when pasting an image.
1980
1981         Tests: editing/pasteboard/paste-image-as-blob-url.html
1982                editing/pasteboard/paste-image-using-image-data.html
1983
1984         * editing/Editor.h:
1985         * editing/mac/EditorMac.mm:
1986         (WebCore::Editor::WebContentReader::readImage):
1987         (WebCore::Editor::createFragmentForImageAndURL):
1988
1989 2016-11-09  Michael Catanzaro  <mcatanzaro@igalia.com>
1990
1991         Fix error message when SQLite initialization fails
1992         https://bugs.webkit.org/show_bug.cgi?id=164462
1993
1994         Reviewed by Darin Adler.
1995
1996         * platform/sql/SQLiteDatabase.cpp:
1997         (WebCore::initializeSQLiteIfNecessary):
1998
1999 2016-11-08  Antoine Quint  <graouts@apple.com>
2000
2001         [Modern Media Controls] UI Library: macOS fullscreen controls
2002         https://bugs.webkit.org/show_bug.cgi?id=164414
2003         <rdar://problem/27989474>
2004
2005         Reviewed by Dean Jackson.
2006
2007         We introduce a new MacOSFullscreenMediaControls class which can be used to instantiate media controls
2008         for fullscreen playback on macOS. These controls can be dragged by the user.
2009
2010         Tests: media/modern-media-controls/macos-fullscreen-media-controls/macos-fullscreen-media-controls-buttons-containers-styles.html
2011                media/modern-media-controls/macos-fullscreen-media-controls/macos-fullscreen-media-controls-buttons-styles.html
2012                media/modern-media-controls/macos-fullscreen-media-controls/macos-fullscreen-media-controls-constructor.html
2013                media/modern-media-controls/macos-fullscreen-media-controls/macos-fullscreen-media-controls-controls-bar-styles.html
2014                media/modern-media-controls/macos-fullscreen-media-controls/macos-fullscreen-media-controls-right-container-margin.html
2015                media/modern-media-controls/macos-fullscreen-media-controls/macos-fullscreen-media-controls-time-control-styles.html
2016                media/modern-media-controls/macos-fullscreen-media-controls/macos-fullscreen-media-controls-volume-styles.html
2017
2018         * Modules/modern-media-controls/controls/button.js:
2019         (Button.prototype.set enabled):
2020
2021             Correctly notify the layoutDelegate when the enabled property changes, regardless of whether
2022             the flag is on.
2023
2024         * Modules/modern-media-controls/controls/icon-button.js:
2025         (IconButton.prototype._updateImage):
2026         (IconButton):
2027
2028             Correctly notify the layout delegate when the image metrics have changed so that it may perform
2029             a layout. This issues became apparent with the new tests on Yosemite and caused some flakyness.
2030
2031         * Modules/modern-media-controls/controls/icon-service.js:
2032         (const.iconService.new.IconService.prototype._fileNameAndPlatformForIconNameAndLayoutTraits):
2033         (const.iconService.new.IconService):
2034
2035             Fix a typo.
2036
2037         * Modules/modern-media-controls/controls/macos-fullscreen-media-controls.css: Added.
2038         (.media-controls.mac.fullscreen > .controls-bar):
2039         (.media-controls.mac.fullscreen .volume.slider):
2040         (.media-controls.mac.fullscreen .buttons-container):
2041         (.media-controls.mac.fullscreen .buttons-container.center):
2042         (.media-controls.mac.fullscreen > .controls-bar button):
2043         (.media-controls.mac.fullscreen button.rewind):
2044         (.media-controls.mac.fullscreen button.play-pause):
2045         (.media-controls.mac.fullscreen button.forward):
2046         (.media-controls.mac.fullscreen .buttons-container.right):
2047         (.media-controls.mac.fullscreen button.airplay):
2048         (.media-controls.mac.fullscreen button.aspect-ratio):
2049         (.media-controls.mac.fullscreen button.pip):
2050         (.media-controls.mac.fullscreen button.tracks):
2051         (.media-controls.mac.fullscreen button.fullscreen):
2052         (.media-controls.mac.fullscreen .time-control):
2053         (.media-controls.mac.fullscreen .time-label):
2054         (.media-controls.mac.fullscreen .scrubber):
2055         * Modules/modern-media-controls/controls/macos-fullscreen-media-controls.js: Added.
2056         (MacOSFullscreenMediaControls.prototype.layout):
2057         (MacOSFullscreenMediaControls):
2058         * Modules/modern-media-controls/controls/macos-media-controls.js:
2059         (MacOSMediaControls):
2060         
2061             Allow the layoutTraits property to be set to something other than just LayoutTraits.macOS
2062             so that MacOSFullscreenMediaControls may set the LayoutTraits.Fullscreen bit.
2063         
2064         * Modules/modern-media-controls/js-files:
2065         
2066             Add a reference to the new macos-fullscreen-media-controls.js file.
2067         
2068         * WebCore.xcodeproj/project.pbxproj:
2069
2070             Add references to the new macos-fullscreen-media-controls.js and
2071             macos-fullscreen-media-controls.css files.
2072
2073 2016-11-09  Chris Dumez  <cdumez@apple.com>
2074
2075         Shave 16 bytes off HTMLInputElement
2076         https://bugs.webkit.org/show_bug.cgi?id=164488
2077
2078         Reviewed by Sam Weinig.
2079
2080         Shave 16 bytes off HTMLInputElement (232 -> 216) by packing data members
2081         better.
2082
2083         * html/HTMLFormControlElement.h:
2084         * html/HTMLTextFormControlElement.cpp:
2085         (WebCore::HTMLTextFormControlElement::HTMLTextFormControlElement):
2086         * html/HTMLTextFormControlElement.h:
2087
2088 2016-11-09  Youenn Fablet  <youenn@apple.com>
2089
2090         [WebRTC] Introduce asynchronous backend for other RTCPeerConnection API
2091         https://bugs.webkit.org/show_bug.cgi?id=164409
2092
2093         Reviewed by Eric Carlson.
2094
2095         Covered by existing tests.
2096
2097         Following on createOffer changes, applying the same changes to createAnswer, setLocalDescription, setRemoteDescription and addIceCandidate.
2098         Also refactored ICE candidate event generation (done at PeerConnectionBackend).
2099         Updated stop implementation to clean any promise that may be stored in PeerConnectionBackend.
2100
2101         The goal of this is to be more aligned with https://www.w3.org/TR/webrtc/.
2102         Implementation of the various functions such as //www.w3.org/TR/webrtc/#set-description would be done in PeerConnectionBackend.
2103         This will require additional code moved from MediaEndpointPeerConnection up to PeerConnectionBackend.
2104
2105         * Modules/mediastream/MediaEndpointPeerConnection.cpp:
2106         (WebCore::MediaEndpointPeerConnection::createOfferTask):
2107         (WebCore::MediaEndpointPeerConnection::doCreateAnswer):
2108         (WebCore::MediaEndpointPeerConnection::createAnswerTask):
2109         (WebCore::MediaEndpointPeerConnection::doSetLocalDescription):
2110         (WebCore::MediaEndpointPeerConnection::setLocalDescriptionTask):
2111         (WebCore::MediaEndpointPeerConnection::doSetRemoteDescription):
2112         (WebCore::MediaEndpointPeerConnection::setRemoteDescriptionTask):
2113         (WebCore::MediaEndpointPeerConnection::doAddIceCandidate):
2114         (WebCore::MediaEndpointPeerConnection::addIceCandidateTask):
2115         (WebCore::MediaEndpointPeerConnection::doStop):
2116         (WebCore::MediaEndpointPeerConnection::gotIceCandidate):
2117         (WebCore::MediaEndpointPeerConnection::doneGatheringCandidates):
2118         (WebCore::MediaEndpointPeerConnection::createAnswer): Deleted.
2119         (WebCore::MediaEndpointPeerConnection::setLocalDescription): Deleted.
2120         (WebCore::MediaEndpointPeerConnection::setRemoteDescription): Deleted.
2121         (WebCore::MediaEndpointPeerConnection::addIceCandidate): Deleted.
2122         (WebCore::MediaEndpointPeerConnection::stop): Deleted.
2123         (WebCore::MediaEndpointPeerConnection::localDescriptionTypeValidForState): Deleted.
2124         (WebCore::MediaEndpointPeerConnection::remoteDescriptionTypeValidForState): Deleted.
2125         * Modules/mediastream/MediaEndpointPeerConnection.h:
2126         * Modules/mediastream/PeerConnectionBackend.cpp:
2127         (WebCore::PeerConnectionBackend::createOffer):
2128         (WebCore::PeerConnectionBackend::createOfferFailed):
2129         (WebCore::PeerConnectionBackend::createAnswer):
2130         (WebCore::PeerConnectionBackend::createAnswerSucceeded):
2131         (WebCore::PeerConnectionBackend::createAnswerFailed):
2132         (WebCore::isLocalDescriptionTypeValidForState):
2133         (WebCore::PeerConnectionBackend::setLocalDescription):
2134         (WebCore::PeerConnectionBackend::setLocalDescriptionSucceeded):
2135         (WebCore::PeerConnectionBackend::setLocalDescriptionFailed):
2136         (WebCore::isRemoteDescriptionTypeValidForState):
2137         (WebCore::PeerConnectionBackend::setRemoteDescription):
2138         (WebCore::PeerConnectionBackend::setRemoteDescriptionSucceeded):
2139         (WebCore::PeerConnectionBackend::setRemoteDescriptionFailed):
2140         (WebCore::PeerConnectionBackend::addIceCandidate):
2141         (WebCore::PeerConnectionBackend::addIceCandidateSucceeded):
2142         (WebCore::PeerConnectionBackend::addIceCandidateFailed):
2143         (WebCore::PeerConnectionBackend::fireICECandidateEvent):
2144         (WebCore::PeerConnectionBackend::doneGatheringCandidates):
2145         (WebCore::PeerConnectionBackend::stop):
2146         * Modules/mediastream/PeerConnectionBackend.h:
2147
2148 2016-11-09  Eric Carlson  <eric.carlson@apple.com>
2149
2150         [MediaStream][Mac] Mark captured video frames as ready for display immediately
2151         https://bugs.webkit.org/show_bug.cgi?id=164482
2152         <rdar://problem/29139073>
2153
2154         Reviewed by Jer Noble.
2155
2156         * platform/cf/CoreMediaSoftLink.cpp: Add new constant.
2157         * platform/cf/CoreMediaSoftLink.h:
2158
2159         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.h:
2160         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaStreamAVFObjC.mm:
2161         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::requestNotificationWhenReadyForMediaData):
2162           New, ask register for a callback when the sample buffer display layer is ready
2163           for more media data.
2164         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::enqueueVideoSampleBuffer): Don't change
2165           the sample timestamps, assume the caller has configured the sample correctly.
2166         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::prepareVideoSampleBufferFromTrack): Don't
2167           drop frames when the display layer isn't ready.
2168         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::destroyLayer): Call stopRequestingMediaData.
2169         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::sampleBufferUpdated):
2170         (WebCore::MediaPlayerPrivateMediaStreamAVFObjC::enqueueVideoSampleBufferFromTrack): Deleted.
2171
2172         * platform/mediastream/mac/AVVideoCaptureSource.mm:
2173         (WebCore::AVVideoCaptureSource::setupCaptureSession): Tell the video output to always discard
2174           late video frames, we don't need them.
2175         (WebCore::AVVideoCaptureSource::processNewFrame): Add a kCMSampleAttachmentKey_DisplayImmediately
2176           attachment.
2177
2178 2016-11-09  Joanmarie Diggs  <jdiggs@igalia.com>
2179
2180         AX: [ATK] Wrong selected element at a given index in a list box (redux)
2181         https://bugs.webkit.org/show_bug.cgi?id=164430
2182
2183         Reviewed by Darin Adler.
2184
2185         This essentially undoes the implementation change resulting from r164577.
2186         As stated in the ATK documentation, atk_selection_ref_selection() takes
2187         "a gint specifying the index in the selection set. (e.g. the ith selection
2188         as opposed to the ith child)." r164577 deliberately modified that, causing
2189         atk_selection_ref_selection() to treat the index as if it were the position
2190         with respect to all of the children. There is different API in ATK, namely
2191         atk_object_ref_accessible_child(), when the ith child from the set of all
2192         children is sought.
2193
2194         Tests: accessibility/aria-listbox-no-selection.html
2195                accessibility/native-listbox-no-selection.html
2196
2197         * accessibility/atk/WebKitAccessibleInterfaceSelection.cpp:
2198         (optionFromSelection):
2199
2200 2016-11-09  Gyuyoung Kim  <gyuyoung.kim@webkit.org>
2201
2202         [EFL] Use libgcrypt instead of GnuTLS for CryptoDigest
2203         https://bugs.webkit.org/show_bug.cgi?id=164461
2204
2205         Reviewed by Michael Catanzaro.
2206
2207         As GTK port in r208297, EFL port starts to use libgcrypt instead of GnuTLS as well.
2208
2209         No new tests, no behavior change.
2210
2211         * PlatformEfl.cmake:
2212
2213 2016-11-09  Ryan Haddad  <ryanhaddad@apple.com>
2214
2215         Unreviewed, rolling out r208422.
2216
2217         Roll r208382 back in since it was not responsible for the API
2218         test failures seen on macOS.
2219
2220         Reverted changeset:
2221
2222         "Unreviewed, rolling out r208382."
2223         https://bugs.webkit.org/show_bug.cgi?id=164319
2224         http://trac.webkit.org/changeset/208422
2225
2226 2016-11-09  Csaba Osztrogonác  <ossy@webkit.org>
2227
2228         One more URTBF after r208361.
2229
2230         * PlatformMac.cmake:
2231
2232 2016-11-09  Csaba Osztrogonác  <ossy@webkit.org>
2233
2234         Typo fix after r162782
2235         https://bugs.webkit.org/show_bug.cgi?id=164473
2236
2237         Unreviewed trivial fix.
2238
2239         * platform/ThreadGlobalData.cpp:
2240
2241 2016-11-07  Ryan Haddad  <ryanhaddad@apple.com>
2242
2243         Unreviewed, rolling out r208382.
2244
2245         This change appears to have caused 3
2246         SerializedCryptoKeyWrapTest API tests to fail on macOS.
2247
2248         Reverted changeset:
2249
2250         "[Readable Streams API] Implement ByteStreamController
2251         error()"
2252         https://bugs.webkit.org/show_bug.cgi?id=164319
2253         http://trac.webkit.org/changeset/208382
2254
2255 2016-11-04  Filip Pizlo  <fpizlo@apple.com>
2256
2257         WTF::ParkingLot should stop using std::chrono because std::chrono::duration casts are prone to overflows
2258         https://bugs.webkit.org/show_bug.cgi?id=152045
2259
2260         Reviewed by Andy Estes.
2261
2262         No new layout tests because no new behavior. The new WTF time classes have some unit tests
2263         in TestWebKitAPI.
2264
2265         * fileapi/ThreadableBlobRegistry.cpp:
2266         (WebCore::ThreadableBlobRegistry::blobSize):
2267         * platform/MainThreadSharedTimer.h:
2268         * platform/SharedTimer.h:
2269         * platform/ThreadTimers.cpp:
2270         (WebCore::ThreadTimers::updateSharedTimer):
2271         * platform/cf/MainThreadSharedTimerCF.cpp:
2272         (WebCore::MainThreadSharedTimer::setFireInterval):
2273         * platform/efl/MainThreadSharedTimerEfl.cpp:
2274         (WebCore::MainThreadSharedTimer::setFireInterval):
2275         * platform/glib/MainThreadSharedTimerGLib.cpp:
2276         (WebCore::MainThreadSharedTimer::setFireInterval):
2277         * platform/win/MainThreadSharedTimerWin.cpp:
2278         (WebCore::MainThreadSharedTimer::setFireInterval):
2279         * workers/WorkerRunLoop.cpp:
2280         (WebCore::WorkerRunLoop::runInMode):
2281
2282 2016-11-04  Zalan Bujtas  <zalan@apple.com>
2283
2284         RenderFlowThread state reset cleanup.
2285         https://bugs.webkit.org/show_bug.cgi?id=164426
2286
2287         Reviewed by Simon Fraser.
2288
2289         RenderFlowThread state reset is spread across several functions. This patch groups them
2290         together in RenderObject::resetFlowThreadState().
2291
2292         No change in functionality.
2293
2294         * rendering/RenderBlock.cpp:
2295         (WebCore::RenderBlock::removeLeftoverAnonymousBlock):
2296         (WebCore::RenderBlock::dropAnonymousBoxChild): This is now part of resetFlowThreadState() since resetFlowThreadState
2297         gets called even when NotifyChildren is false.
2298         * rendering/RenderElement.cpp:
2299         (WebCore::RenderElement::insertChildInternal): Initialize the thread state before we notify the child.
2300         (WebCore::RenderElement::removeChildInternal): Reset the state even when NotifyChildren is false.
2301         (WebCore::RenderElement::willBeRemovedFromTree): This code is moved to removeFromRenderFlowThread().
2302         (WebCore::RenderElement::removeFromRenderFlowThread):
2303         * rendering/RenderObject.cpp:
2304         (WebCore::RenderObject::initializeFlowThreadState): This is in transition for webkit.org/b/164428 (RenderFlowThread state initialization cleanup.)
2305         (WebCore::RenderObject::resetFlowThreadState):
2306         (WebCore::RenderObject::setParent): This was seemingly a random place to put flow state initialization. 
2307         (WebCore::RenderObject::willBeRemovedFromTree): resetFlowThreadState() takes care of it now.
2308         * rendering/RenderObject.h:
2309
2310 2016-11-04  Yusuke Suzuki  <utatane.tea@gmail.com>
2311
2312         [DOMJIT] Add DOMJIT::Signature annotation to Document::getElementById
2313         https://bugs.webkit.org/show_bug.cgi?id=164356
2314
2315         Reviewed by Filip Pizlo.
2316
2317         This patch implements DOMJIT::Signature annotation for getElementById.
2318         Since getElementById is also implemented in DocumentFragment, we implement
2319         the branchIfDocumentFragment/branchIfNotDocumentFragment for that.
2320
2321         In dromaeo, we have a test like this.
2322
2323         test( "getElementById", function(){
2324             for ( var i = 0; i < num * 30; i++ ) {
2325                 ret = document.getElementById("testA" + num).nodeType;
2326                 ret = document.getElementById("testB" + num).nodeType;
2327                 ret = document.getElementById("testC" + num).nodeType;
2328                 ret = document.getElementById("testD" + num).nodeType;
2329                 ret = document.getElementById("testE" + num).nodeType;
2330                 ret = document.getElementById("testF" + num).nodeType;
2331             }
2332         });
2333
2334         In the above test, JSC already knows the following things.
2335
2336         1. Since nodeType is now handled as CallDOMGetter, we know that it is pure.
2337         2. getElementById look up becomes PureGetById since document is impure object. But it is kept as PureGetById. So it does not write DOMState.
2338         3. `"testA" + num` will be converted to constant string.
2339         4. CallDOM for getElementById said it just reads(DOMState:DOM). And it saids that it returns the same value as long as DOMState is not clobbered.
2340         5. CheckCell leading CallDOM ensures the inlined getElementById node. (CallDOM node).
2341
2342         The key thing is that no node clobbers DOMState during the loop. So CallDOM & CallDOMGetter can be hoisted.
2343         This improves dom-query significantly. Dromaeo dom-query getElementById becomes 40x faster (247796 v.s. 6197).
2344         Dromaeo dom-query getElementById (not in document) becomes 89x faster (630317.8 v.s. 7066.).
2345
2346         Tests: js/dom/domjit-function-get-element-by-id-changed.html
2347                js/dom/domjit-function-get-element-by-id-licm.html
2348                js/dom/domjit-function-get-element-by-id.html
2349
2350         * dom/NonElementParentNode.idl:
2351         * domjit/DOMJITCheckDOM.h:
2352         (WebCore::DOMJIT::TypeChecker<DocumentFragment>::branchIfFail):
2353         * domjit/DOMJITHelpers.h:
2354         (WebCore::DOMJIT::branchIfDocumentFragment):
2355         (WebCore::DOMJIT::branchIfNotDocumentFragment):
2356
2357 2016-11-04  Simon Fraser  <simon.fraser@apple.com>
2358
2359         Rename unscaledUnobscuredVisibleContentSize and unscaledVisibleContentSizeIncludingObscuredArea for attempted clarity
2360         https://bugs.webkit.org/show_bug.cgi?id=164438
2361
2362         Reviewed by Tim Horton.
2363
2364         unscaledUnobscuredVisibleContentSize() and unscaledVisibleContentSizeIncludingObscuredArea() were an endless source
2365         of confusion.
2366         
2367         Functions with "VisibleContent" in the name are usually expected to return document coordinates (affected by zooming),
2368         so unscaledUnobscuredVisibleContentSize caused cognitive dissonance because of "unscaled" vs "visibleContent", and
2369         "unobscured" vs "visible".
2370         
2371         So rename:
2372             unscaledUnobscuredVisibleContentSize -> sizeForUnobscuredContent
2373             unscaledVisibleContentSizeIncludingObscuredArea -> sizeForVisibleContent
2374         
2375         sizeForUnobscuredContent() can also be private to ScrollView.
2376
2377         * inspector/InspectorOverlay.cpp:
2378         (WebCore::InspectorOverlay::update):
2379         * platform/ScrollView.cpp:
2380         (WebCore::ScrollView::unobscuredContentRectInternal):
2381         (WebCore::ScrollView::sizeForVisibleContent):
2382         (WebCore::ScrollView::sizeForUnobscuredContent): Don't compute unscaledVisibleContentSizeIncludingObscuredArea
2383         before testing whether we have a platform widget.
2384         (WebCore::ScrollView::layoutSize):
2385         (WebCore::ScrollView::unscaledVisibleContentSizeIncludingObscuredArea): Deleted.
2386         (WebCore::ScrollView::unscaledUnobscuredVisibleContentSize): Deleted.
2387         * platform/ScrollView.h:
2388         * rendering/RenderBoxModelObject.cpp:
2389         (WebCore::RenderBoxModelObject::calculateBackgroundImageGeometry):
2390         * rendering/RenderLayerCompositor.cpp:
2391         (WebCore::RenderLayerCompositor::flushPendingLayerChanges):
2392         (WebCore::RenderLayerCompositor::frameViewDidChangeSize):
2393         (WebCore::RenderLayerCompositor::updateRootLayerPosition):
2394         (WebCore::RenderLayerCompositor::ensureRootLayer):
2395
2396 2016-11-04  Simon Fraser  <simon.fraser@apple.com>
2397
2398         Layout viewport wrong with RTL documents
2399         https://bugs.webkit.org/show_bug.cgi?id=164434
2400
2401         Reviewed by Tim Horton.
2402
2403         The layoutViewportRect was computed incorrectly in RTL documents, because 
2404         FrameView::unscaledMaximumScrollPosition() was wrong; it erroneously mapped
2405         what it thought was a scrollOffset to a scrollPosition.
2406
2407         Unscaled scroll positions are in the same coordinate space as unscaledDocumentRect,
2408         so we should not call scrollPositionFromOffset() in FrameView::unscaledMaximumScrollPosition().
2409
2410         Changed FrameView::unscaledMinimumScrollPosition() to also just grab the location of
2411         unscaledDocumentRect, for symmetry.
2412
2413         Finally fixed the tiled scrolling indicator's viewport rect for zoomed RTL documents
2414         by using the unscaled scroll origin.
2415
2416         Tests: fast/visual-viewport/rtl-nonzoomed-rects.html
2417                fast/visual-viewport/rtl-zoomed-rects.html
2418
2419         * page/FrameView.cpp:
2420         (WebCore::FrameView::setLayoutViewportOrigin):
2421         (WebCore::FrameView::unscaledScrollOrigin):
2422         (WebCore::FrameView::unscaledMinimumScrollPosition):
2423         (WebCore::FrameView::unscaledMaximumScrollPosition):
2424         * page/FrameView.h:
2425
2426 2016-11-04  Sam Weinig  <sam@webkit.org>
2427
2428         [WebIDL] Add support for modern callback syntax
2429         https://bugs.webkit.org/show_bug.cgi?id=164435
2430
2431         Reviewed by Chris Dumez.
2432
2433         Support new callback syntax:
2434             callback Function = void (DOMString arg1, long arg2);
2435
2436         This replaces "callback interface" types with a Callback=FunctionOnly
2437         extended attribute.
2438
2439         * Modules/geolocation/PositionCallback.idl:
2440         * Modules/geolocation/PositionErrorCallback.idl:
2441         * Modules/notifications/NotificationPermissionCallback.idl:
2442         * Modules/quota/StorageErrorCallback.idl:
2443         * Modules/quota/StorageQuotaCallback.idl:
2444         * Modules/quota/StorageUsageCallback.idl:
2445         * Modules/webaudio/AudioBufferCallback.idl:
2446         * Modules/webdatabase/DatabaseCallback.idl:
2447         * Modules/webdatabase/SQLStatementCallback.idl:
2448         * Modules/webdatabase/SQLStatementErrorCallback.idl:
2449         * Modules/webdatabase/SQLTransactionCallback.idl:
2450         * Modules/webdatabase/SQLTransactionErrorCallback.idl:
2451         * dom/RequestAnimationFrameCallback.idl:
2452         * dom/StringCallback.idl:
2453         * html/VoidCallback.idl:
2454         * page/IntersectionObserverCallback.idl:
2455         * css/MediaQueryListListener.idl:
2456         Update to new syntax.
2457
2458         * css/MediaQueryListListener.h:
2459         * css/MediaQueryMatcher.cpp:
2460         (WebCore::MediaQueryMatcher::styleResolverChanged):
2461         Switch to using the now required 'handleEvent' name. This is an implementation detail
2462         that we should change.
2463
2464         * bindings/scripts/CodeGenerator.pm:
2465         Update document processing to allow a callback only file. Update callback
2466         type checks to look for a regex that matches in the new format.
2467
2468         * bindings/scripts/CodeGeneratorJS.pm:
2469         (AddToImplIncludesForIDLType):
2470         (AddToIncludesForIDLType):
2471         (AddToImplIncludes):
2472         (AddToIncludes):
2473         Abstract includes functions to allow passing in an include hash.
2474
2475         (GenerateCallbackFunctionHeader):
2476         (GenerateCallbackFunctionImplementation):
2477         (GenerateCallbackInterfaceHeader):
2478         (GenerateCallbackInterfaceImplementation):
2479         (GenerateCallbackHeaderContent):
2480         (GenerateCallbackImplementationContent):
2481         Refactor callback generation code into GenerateCallbackHeaderContent and GenerateCallbackImplementationContent
2482         to allow using it for both the new callbacks as well as the old callback interfaces.
2483
2484         * bindings/scripts/IDLParser.pm:
2485         (Parse):
2486         (applyTypedefs):
2487         (applyTypedefsToOperation):
2488         (parseCallbackRest):
2489         Parse callbacks into the new IDLCallbackFunction type. Ensure that typedefs are applied as well.
2490
2491         * bindings/scripts/IDLAttributes.txt:
2492         Remove support for Callback=FunctionOnly.
2493
2494         * bindings/scripts/test/JS/JSTestCallback.cpp: Removed.
2495         * bindings/scripts/test/JS/JSTestCallback.h: Removed.
2496         * bindings/scripts/test/JS/JSTestCallbackFunction.cpp:
2497         * bindings/scripts/test/JS/JSTestCallbackFunction.h:
2498         * bindings/scripts/test/JS/JSTestCallbackFunctionWithTypedefs.cpp: Added.
2499         * bindings/scripts/test/JS/JSTestCallbackFunctionWithTypedefs.h: Added.
2500         * bindings/scripts/test/JS/JSTestCallbackInterface.cpp: Copied from Source/WebCore/bindings/scripts/test/JS/JSTestCallback.cpp.
2501         * bindings/scripts/test/JS/JSTestCallbackInterface.h: Copied from Source/WebCore/bindings/scripts/test/JS/JSTestCallback.h.
2502         * bindings/scripts/test/JS/JSTestObj.cpp:
2503         * bindings/scripts/test/JS/JSTestTypedefs.cpp:
2504         * bindings/scripts/test/TestCallback.idl: Removed.
2505         * bindings/scripts/test/TestCallbackFunction.idl:
2506         * bindings/scripts/test/TestCallbackFunctionWithTypedefs.idl: Added.
2507         * bindings/scripts/test/TestCallbackInterface.idl: Copied from Source/WebCore/bindings/scripts/test/TestCallback.idl.
2508         * bindings/scripts/test/TestObj.idl:
2509         * bindings/scripts/test/TestTypedefs.idl:
2510         Update existing tests and add new ones to test callback functions specifically.
2511
2512 2016-11-04  Alex Christensen  <achristensen@webkit.org>
2513
2514         Move isDefaultPortForProtocol from URLParser.cpp back to URL.cpp
2515         https://bugs.webkit.org/show_bug.cgi?id=164439
2516
2517         Reviewed by Daniel Bates.
2518
2519         No change in behaviour.
2520
2521         * platform/URL.cpp:
2522         (WebCore::defaultPortForProtocol):
2523         (WebCore::isDefaultPortForProtocol):
2524         * platform/URLParser.cpp:
2525         (WebCore::URLParser::defaultPortForProtocol):
2526         (WebCore::URLParser::parsePort):
2527         (WebCore::defaultPortForProtocol): Deleted.
2528         (WebCore::isDefaultPortForProtocol): Deleted.
2529         * platform/URLParser.h:
2530
2531 2016-11-04  Wenson Hsieh  <wenson_hsieh@apple.com>
2532
2533         Safari does not emit composition end if blurred for dead key / Japanese IME
2534         https://bugs.webkit.org/show_bug.cgi?id=164369
2535         <rdar://problem/29050439>
2536
2537         Reviewed by Ryosuke Niwa.
2538
2539         On Mac, _before_ changing selection, try to finalize the composition by calling Editor::cancelComposition early.
2540         This is because the focused element may have changed after performing the selection change, so we would
2541         otherwise be dispatching the `compositionend` to the new focused element (or no compositionend at all) instead
2542         of the element with the composition.
2543
2544         Doing this allows us to match Chrome and Firefox behavior. After canceling the composition, we then need to also
2545         clear the system IME state. We do this on Mac WK1/WK2 through the cancelComposition() codepath, which ends up
2546         calling into -discardMarkedText, which resets the marked text state. Some minor refactoring was performed to
2547         accomplish this -- currently, discardedComposition sends a CompositionWasCanceled message over to the UI process
2548         that discards the marked text, and then updates the editor state. This patch splits this into two separate
2549         steps -- see the WebKit2 ChangeLog for more details.
2550
2551         Test: fast/events/ime-compositionend-on-selection-change.html
2552
2553         * editing/Editor.cpp:
2554         (WebCore::Editor::selectionWillChange):
2555         * editing/Editor.h:
2556         * editing/FrameSelection.cpp:
2557         (WebCore::FrameSelection::setSelectionWithoutUpdatingAppearance):
2558         * editing/mac/EditorMac.mm:
2559         (WebCore::Editor::selectionWillChange):
2560         * loader/EmptyClients.h:
2561         * page/EditorClient.h:
2562
2563 2016-11-04  Brady Eidson  <beidson@apple.com>
2564
2565         IndexedDB 2.0: Clean up more transaction abort and exception throwing behavior from IDBObjectStore.
2566         https://bugs.webkit.org/show_bug.cgi?id=164424
2567
2568         Reviewed by Alex Christensen.
2569
2570         No new tests (Covered by existing tests).
2571
2572         This patch actually turns a handful of PASS to FAIL in the imported tests, but those are parts of the
2573         spec in flux/under discussion.
2574
2575         We'll update either source or the tests as things are resolved.
2576
2577         * Modules/indexeddb/IDBIndex.cpp:
2578         (WebCore::IDBIndex::rollbackInfoForVersionChangeAbort):
2579
2580         * Modules/indexeddb/IDBObjectStore.cpp:
2581         (WebCore::IDBObjectStore::get):
2582         (WebCore::IDBObjectStore::putOrAdd):
2583         (WebCore::IDBObjectStore::rollbackForVersionChangeAbort):
2584
2585 2016-11-04  Ryosuke Niwa  <rniwa@webkit.org>
2586
2587         Load stylesheets in link elements inside a connected shadow tree
2588         https://bugs.webkit.org/show_bug.cgi?id=160683
2589         <rdar://problem/29040652>
2590
2591         Reviewed by Antti Koivisto.
2592
2593         Allow external stylesheets within a shadow tree by storing the appropriate style scope in HTMLLinkElement
2594         when it's connected to a document instead of always talking to document's style scope.
2595
2596         Tests: fast/shadow-dom/link-element-in-shadow-tree.html
2597                fast/shadow-dom/selected-stylesheet-in-shadow-tree.html
2598
2599        * html/HTMLLinkElement.cpp:
2600        (WebCore::HTMLLinkElement::HTMLLinkElement):
2601        (WebCore::HTMLLinkElement::~HTMLLinkElement):
2602        (WebCore::HTMLLinkElement::setDisabledState): Exit early when the element is not in a document as invoking
2603        didChangeActiveStyleSheetCandidates would require having a valid m_styleScope and process() already exits
2604        early when inDocument() is false.
2605        (WebCore::HTMLLinkElement::parseAttribute):
2606        (WebCore::HTMLLinkElement::process): Removed the early exit for when the element is in a shadow tree.
2607        (WebCore::HTMLLinkElement::insertedInto): Exit early unless this element has just become connected to
2608        a document instead of whenever its self-inclusive ancestor is inserted into a container.
2609        (WebCore::HTMLLinkElement::removedFrom): Ditto for removal. Also call removeStyleSheetCandidateNode after
2610        calling removePendingSheet since the latter depends on m_styleScope being not null.
2611        (WebCore::HTMLLinkElement::addPendingSheet):
2612        (WebCore::HTMLLinkElement::removePendingSheet):
2613        * html/HTMLLinkElement.h:
2614        * html/HTMLStyleElement.cpp:
2615        (WebCore::HTMLStyleElement::insertedInto): Only call inline style owner's insertedIntoDocument if this
2616        element has just become connected to a document.
2617        (WebCore::HTMLStyleElement::removedFrom): Ditto for the removal.
2618        * style/StyleScope.h:
2619        * svg/SVGStyleElement.cpp:
2620        (WebCore::SVGStyleElement::insertedInto): Ditto.
2621        (WebCore::SVGStyleElement::removedFrom): Ditto for the removal.
2622
2623 2016-11-04  Said Abou-Hallawa  <sabouhallawa@apple.com>
2624
2625         Add a setting and preferences to enable/disable async image decoding
2626         https://bugs.webkit.org/show_bug.cgi?id=164417
2627
2628         Reviewed by Simon Fraser.
2629
2630         Add an asyncImageDecodingEnabled setting. This setting controls whether an
2631         image "can" be asynchronously decoded on a separate thread or not. The
2632         function ImageSource::isAsyncDecodingRequired() will be used in conjunction
2633         with this setting to decide whether an image "should" be asynchronously
2634         decoded or not.
2635
2636         * page/Settings.in:
2637
2638 2016-11-04  Tim Horton  <timothy_horton@apple.com>
2639
2640         Apply post-landing review comments for r208347
2641
2642         * dom/Element.cpp:
2643         (WebCore::Element::findAnchorElementForLink):
2644         Use attributeWithoutSynchronization.
2645
2646         * page/PrintContext.cpp:
2647         (WebCore::PrintContext::spoolPage):
2648         (WebCore::PrintContext::spoolRect):
2649         (WebCore::PrintContext::collectLinkedDestinations):
2650         (WebCore::PrintContext::outputLinkedDestinations):
2651         * page/PrintContext.h:
2652         Pass Document by reference instead of Node by pointer,
2653         use ElementTraversal instead of NodeTraversal to avoid
2654         having to locally check the type, and null-check renderers.
2655
2656 2016-11-04  Myles C. Maxfield  <mmaxfield@apple.com>
2657
2658         Implement WebGL2RenderingContext::copyBufferSubData()
2659         https://bugs.webkit.org/show_bug.cgi?id=164008
2660
2661         Reviewed by Dean Jackson.
2662
2663         Similar to previous work regarding WebGL 2 buffers, this method implements
2664         the ability to copy from one buffer to another without the data leaving
2665         the GPU.
2666
2667         Test: fast/canvas/webgl/copyBufferSubData.html
2668
2669         * html/canvas/WebGL2RenderingContext.cpp:
2670         (WebCore::WebGL2RenderingContext::copyBufferSubData):
2671         * html/canvas/WebGLBuffer.cpp:
2672         (WebCore::WebGLBuffer::associateCopyBufferSubData):
2673         * html/canvas/WebGLBuffer.h:
2674         * platform/graphics/GraphicsContext3D.h:
2675         * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
2676         (WebCore::GraphicsContext3D::copyBufferSubData):
2677
2678 2016-11-04  Simon Fraser  <simon.fraser@apple.com>
2679
2680         Rename some ScrollingTree/Node-related functions to reduce the number of uses of "update"
2681         https://bugs.webkit.org/show_bug.cgi?id=164420
2682
2683         Reviewed by Tim Horton.
2684
2685         Rename:
2686             commitNewTreeState -> commitTreeState ("new" was redundant)
2687             updateBeforeChildren -> commitStateBeforeChildren
2688             updateAfterChildren -> commitStateAfterChildren
2689
2690         * page/scrolling/ScrollingTree.cpp:
2691         (WebCore::ScrollingTree::commitTreeState):
2692         (WebCore::ScrollingTree::updateTreeFromStateNode):
2693         (WebCore::ScrollingTree::commitNewTreeState): Deleted.
2694         * page/scrolling/ScrollingTree.h:
2695         * page/scrolling/ScrollingTreeFrameScrollingNode.cpp:
2696         (WebCore::ScrollingTreeFrameScrollingNode::commitStateBeforeChildren):
2697         (WebCore::ScrollingTreeFrameScrollingNode::updateBeforeChildren): Deleted.
2698         * page/scrolling/ScrollingTreeFrameScrollingNode.h:
2699         * page/scrolling/ScrollingTreeNode.h:
2700         (WebCore::ScrollingTreeNode::commitStateAfterChildren):
2701         (WebCore::ScrollingTreeNode::updateAfterChildren): Deleted.
2702         * page/scrolling/ScrollingTreeScrollingNode.cpp:
2703         (WebCore::ScrollingTreeScrollingNode::commitStateBeforeChildren):
2704         (WebCore::ScrollingTreeScrollingNode::commitStateAfterChildren):
2705         (WebCore::ScrollingTreeScrollingNode::updateBeforeChildren): Deleted.
2706         (WebCore::ScrollingTreeScrollingNode::updateAfterChildren): Deleted.
2707         * page/scrolling/ScrollingTreeScrollingNode.h:
2708         * page/scrolling/ThreadedScrollingTree.cpp:
2709         (WebCore::ThreadedScrollingTree::commitTreeState):
2710         (WebCore::ThreadedScrollingTree::commitNewTreeState): Deleted.
2711         * page/scrolling/ThreadedScrollingTree.h:
2712         * page/scrolling/ios/ScrollingTreeFrameScrollingNodeIOS.h:
2713         * page/scrolling/ios/ScrollingTreeFrameScrollingNodeIOS.mm:
2714         (WebCore::ScrollingTreeFrameScrollingNodeIOS::commitStateBeforeChildren):
2715         (WebCore::ScrollingTreeFrameScrollingNodeIOS::commitStateAfterChildren):
2716         (WebCore::ScrollingTreeFrameScrollingNodeIOS::updateBeforeChildren): Deleted.
2717         (WebCore::ScrollingTreeFrameScrollingNodeIOS::updateAfterChildren): Deleted.
2718         * page/scrolling/ios/ScrollingTreeIOS.cpp:
2719         (WebCore::ScrollingTreeIOS::commitNewTreeState): Deleted.
2720         * page/scrolling/ios/ScrollingTreeIOS.h:
2721         * page/scrolling/mac/ScrollingCoordinatorMac.mm:
2722         (WebCore::ScrollingCoordinatorMac::commitTreeState):
2723         * page/scrolling/mac/ScrollingTreeFixedNode.h:
2724         * page/scrolling/mac/ScrollingTreeFixedNode.mm:
2725         (WebCore::ScrollingTreeFixedNode::commitStateBeforeChildren):
2726         (WebCore::ScrollingTreeFixedNode::updateBeforeChildren): Deleted.
2727         * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.h:
2728         * page/scrolling/mac/ScrollingTreeFrameScrollingNodeMac.mm:
2729         (WebCore::ScrollingTreeFrameScrollingNodeMac::commitStateBeforeChildren):
2730         (WebCore::ScrollingTreeFrameScrollingNodeMac::commitStateAfterChildren):
2731         (WebCore::ScrollingTreeFrameScrollingNodeMac::updateBeforeChildren): Deleted.
2732         (WebCore::ScrollingTreeFrameScrollingNodeMac::updateAfterChildren): Deleted.
2733         * page/scrolling/mac/ScrollingTreeStickyNode.h:
2734         * page/scrolling/mac/ScrollingTreeStickyNode.mm:
2735         (WebCore::ScrollingTreeStickyNode::commitStateBeforeChildren):
2736         (WebCore::ScrollingTreeStickyNode::updateBeforeChildren): Deleted.
2737
2738 2016-11-03  Anders Carlsson  <andersca@apple.com>
2739
2740         Add new 'other' Apple Pay button style
2741         https://bugs.webkit.org/show_bug.cgi?id=164384
2742         rdar://problem/28302528
2743
2744         Reviewed by Dean Jackson.
2745
2746         * DerivedSources.make:
2747         * WebCorePrefix.h:
2748         Add extension points.
2749
2750         * css/CSSPrimitiveValueMappings.h:
2751         (WebCore::CSSPrimitiveValue::CSSPrimitiveValue):
2752         Add ApplePayButtonType::Other.
2753
2754         (WebCore::CSSPrimitiveValue::operator ApplePayButtonType):
2755         Add CSSValueOther.
2756
2757         * css/CSSValueKeywords.in:
2758         Add other.
2759
2760         * css/parser/CSSParser.cpp:
2761         (WebCore::isValidKeywordPropertyAndValue):
2762         Add CSSValueOther.
2763
2764         * css/parser/CSSParserFastPaths.cpp:
2765         (WebCore::CSSParserFastPaths::isValidKeywordPropertyAndValue):
2766         Add CSSValueOther.
2767
2768         * rendering/RenderThemeCocoa.mm:
2769         (WebCore::toPKPaymentButtonType):
2770         Handle ApplePayButtonType::Other.
2771
2772         * rendering/style/RenderStyleConstants.h:
2773         Add ApplePayButtonType::Other.
2774
2775 2016-11-04  Antti Koivisto  <antti@apple.com>
2776
2777         slotted() pseudo does not work with ID selector
2778         https://bugs.webkit.org/show_bug.cgi?id=160538
2779         <rdar://problem/28534529>
2780
2781         Reviewed by Andreas Kling.
2782
2783         When we saw an id selector while addin rules we immediately threw it into the m_idRules
2784         optimization bucket and bailed out. However selectors containing ::slotted must always end
2785         up in m_slottedPseudoElementRules list no matter what else is there.
2786
2787         Fix by treating id like other selectors and only choosing the bucket after analysing all
2788         the selector components.
2789
2790         Test: fast/shadow-dom/css-scoping-slot-with-id.html
2791
2792         * css/RuleSet.cpp:
2793         (WebCore::RuleSet::addRule): Also made this use switch instead of a series of ifs.
2794
2795 2016-11-04  Brady Eidson  <beidson@apple.com>
2796
2797         IndexedDB 2.0: Handle IDBObjectStore rename behavior properly when version change transaction aborts.
2798         https://bugs.webkit.org/show_bug.cgi?id=164416
2799
2800         Reviewed by Beth Dakin.
2801
2802         No new tests (Covered by existing tests).
2803
2804         * Modules/indexeddb/IDBObjectStore.cpp:
2805         (WebCore::IDBObjectStore::rollbackForVersionChangeAbort):
2806
2807 2016-11-04  Keith Rollin  <krollin@apple.com>
2808
2809         NetworkSession: Add NetworkDataTask implementation for blobs
2810         https://bugs.webkit.org/show_bug.cgi?id=163939
2811
2812         Reviewed by Alex Christensen.
2813
2814         * WebCore.xcodeproj/project.pbxproj: Mark HTTPParsers.h and AsyncFileStream.h as private.
2815         * fileapi/AsyncFileStream.h: Add WEBCORE_EXPORT to AsyncFileStream class.
2816         * platform/network/BlobData.h: Add WEBCORE_EXPORT to length().
2817         * platform/network/HTTPParsers.h: Add WEBCORE_EXPORT to parseRange().
2818         * platform/network/ResourceResponseBase.h: Add WEBCORE_EXPORT to setHTTPHeaderField().
2819
2820 2016-11-04  Brady Eidson  <beidson@apple.com>
2821
2822         IndexedDB 2.0: Use IDB-specific exceptions in places where the generic exceptions are currently used.
2823         https://bugs.webkit.org/show_bug.cgi?id=164406
2824
2825         Reviewed by Alex Christensen.
2826
2827         No new tests (Covered by existing tests).
2828
2829         * Modules/indexeddb/IDBIndex.cpp:
2830         (WebCore::IDBIndex::setName):
2831
2832         * Modules/indexeddb/IDBObjectStore.cpp:
2833         (WebCore::IDBObjectStore::setName):
2834
2835 2016-11-04  Joanmarie Diggs  <jdiggs@igalia.com>
2836
2837         AX: [ATK] Attempting to clear selection on ARIA listboxes results in crash
2838         https://bugs.webkit.org/show_bug.cgi?id=164331
2839
2840         Reviewed by Chris Fleizach.
2841
2842         The ATK code is using is<AccessibilityListBox>() to identify native listboxes.
2843         But is<AccessibilityListBox>() returns the value of isListBox() which returns
2844         true both for AccessibilityListBox instances as well as for AccessibilityObject
2845         instances which have an AccessibilityRole value of ListBoxRole. Because only
2846         native listboxes should be AccessibilityListBoxes, add isNativeListBox() so
2847         that we can distinguish native and ARIA listboxes.
2848
2849         Tests: accessibility/aria-listbox-clear-selection-crash.html
2850                accessibility/listbox-clear-selection.html
2851
2852         * accessibility/AccessibilityListBox.h:
2853         * accessibility/AccessibilityObject.h:
2854         (WebCore::AccessibilityObject::isNativeListBox):
2855         (WebCore::AccessibilityObject::isListBox):
2856
2857 2016-11-04  Brady Eidson  <beidson@apple.com>
2858
2859         IndexedDB 2.0: Throw the correct exceptions during IDBObjectStore/IDBIndex renaming.
2860         https://bugs.webkit.org/show_bug.cgi?id=164405
2861
2862         Reviewed by Alex Christensen.
2863
2864         No new tests (Covered by existing tests).
2865
2866         * Modules/indexeddb/IDBIndex.cpp:
2867         (WebCore::IDBIndex::setName):
2868
2869         * Modules/indexeddb/IDBObjectStore.cpp:
2870         (WebCore::IDBObjectStore::setName):
2871
2872 2016-11-04  Romain Bellessort  <romain.bellessort@crf.canon.fr>
2873
2874         [Readable Streams API] Implement ByteStreamController error()
2875         https://bugs.webkit.org/show_bug.cgi?id=164319
2876
2877         Reviewed by Youenn Fablet.
2878
2879         Implemented error() method of ReadableByteStreamController.
2880
2881         Updated test expectations for error() and added IDL-related tests.
2882
2883         * Modules/streams/ReadableByteStreamController.js:
2884         (error): Implemented.
2885         * Modules/streams/ReadableByteStreamInternals.js:
2886         (privateInitializeReadableByteStreamController):
2887         (isReadableByteStreamController): Added.
2888         (readableByteStreamControllerError): Added.
2889         (readableByteStreamControllerClearPendingPullIntos): Added.
2890         * Modules/streams/ReadableStream.js:
2891         (initializeReadableStream): More detailed error message.
2892         * Modules/streams/ReadableStreamDefaultController.js:
2893         (error): Removed unnecessary variable declaration.
2894         * bindings/js/WebCoreBuiltinNames.h: Added totalQueuedBytes.
2895
2896 2016-11-03  Brady Eidson  <beidson@apple.com>
2897
2898         IndexedDB 2.0: Handle IDBIndex rename behavior properly when version change transaction aborts.
2899         https://bugs.webkit.org/show_bug.cgi?id=164403
2900
2901         Reviewed by Alex Christensen.
2902
2903         No new tests (Covered by existing test).
2904
2905         * Modules/indexeddb/IDBIndex.cpp:
2906         (WebCore::IDBIndex::rollbackInfoForVersionChangeAbort): Only rollback the info if this index
2907           already existed before this version change transaction.
2908
2909 2016-11-03  Youenn Fablet  <youenn@apple.com>
2910
2911         [WebRTC] Introduce asynchronous backend createOffer API
2912         https://bugs.webkit.org/show_bug.cgi?id=164365
2913
2914         Reviewed by Sam Weinig.
2915
2916         Covered by existing tests.
2917
2918         Removing PeerEndpointBackendClient as it is only RTCPeerConnection.
2919         This allows removing virtual for some functions.
2920
2921         Moving MediaEndpointPeerClient::m_client to PeerEndpointBackendClient::m_peerConnection and making it a reference.
2922
2923         Implementing createOffer at PeerConnectionBackend by splitting it in four sub-functions:
2924         - main createOffer, implemented at PeerConnectionBackend.
2925         - doCreateOffer implemented by subclasses (MediaEndpointPeerConnection).
2926         - createOfferSucceeded/createOfferFailed implemented by PeerConnectionBackend.
2927
2928         * CMakeLists.txt:
2929         * Modules/mediastream/MediaEndpointPeerConnection.cpp:
2930         (WebCore::createMediaEndpointPeerConnection):
2931         (WebCore::MediaEndpointPeerConnection::MediaEndpointPeerConnection):
2932         (WebCore::MediaEndpointPeerConnection::doCreateOffer):
2933         (WebCore::MediaEndpointPeerConnection::createOfferTask):
2934         (WebCore::MediaEndpointPeerConnection::createAnswerTask):
2935         (WebCore::MediaEndpointPeerConnection::setLocalDescriptionTask):
2936         (WebCore::MediaEndpointPeerConnection::setRemoteDescriptionTask):
2937         (WebCore::MediaEndpointPeerConnection::addIceCandidateTask):
2938         (WebCore::MediaEndpointPeerConnection::createReceiver):
2939         (WebCore::MediaEndpointPeerConnection::replaceTrack):
2940         (WebCore::MediaEndpointPeerConnection::replaceTrackTask):
2941         (WebCore::MediaEndpointPeerConnection::markAsNeedingNegotiation):
2942         (WebCore::MediaEndpointPeerConnection::localDescriptionTypeValidForState):
2943         (WebCore::MediaEndpointPeerConnection::remoteDescriptionTypeValidForState):
2944         (WebCore::MediaEndpointPeerConnection::gotIceCandidate):
2945         (WebCore::MediaEndpointPeerConnection::doneGatheringCandidates):
2946         (WebCore::MediaEndpointPeerConnection::iceTransportStateChanged):
2947         (WebCore::MediaEndpointPeerConnection::createOffer): Deleted.
2948         * Modules/mediastream/MediaEndpointPeerConnection.h:
2949         * Modules/mediastream/PeerConnectionBackend.cpp:
2950         (WebCore::PeerConnectionBackend::createOffer):
2951         (WebCore::PeerConnectionBackend::createOfferSucceeded):
2952         (WebCore::PeerConnectionBackend::createOfferFailed):
2953         (WebCore::createPeerConnectionBackend): Deleted.
2954         * Modules/mediastream/PeerConnectionBackend.h:
2955         (WebCore::PeerConnectionBackend::PeerConnectionBackend):
2956         (WebCore::PeerConnectionBackendClient::~PeerConnectionBackendClient): Deleted.
2957         * Modules/mediastream/RTCPeerConnection.cpp:
2958         (WebCore::RTCPeerConnection::RTCPeerConnection):
2959         * Modules/mediastream/RTCPeerConnection.h:
2960         * WebCore.xcodeproj/project.pbxproj:
2961
2962 2016-11-03  Antti Koivisto  <antti@apple.com>
2963
2964         REGRESSION (r207717): DumpRenderTree crashed in com.apple.WebCore: WebCore::Style::Scope::flushPendingUpdate + 16
2965         https://bugs.webkit.org/show_bug.cgi?id=164397
2966         <rdar://problem/29100135>
2967
2968         Reviewed by Ryosuke Niwa.
2969
2970         The problem here was that we were leaving stale pointers to Document::m_inDocumentShadowRoots set when
2971         using fast-path document teardown.
2972
2973         (Patch and stories mostly by rniwa).
2974
2975         * dom/Document.cpp:
2976         (WebCore::Document::~Document):
2977         (WebCore::Document::didInsertInDocumentShadowRoot):
2978         (WebCore::Document::didRemoveInDocumentShadowRoot):
2979
2980             Improve asserts.
2981
2982         * dom/Element.cpp:
2983         (WebCore::Element::removeShadowRoot):
2984
2985             Remove the superfluous call to notifyChildNodeRemoved in Element::removeShadowRoot to
2986             avoid invoking notifyChildNodeRemoved during a document teardown, which is incorrect. It's sufficient that
2987             ~ShadowRoot calls ContainerNode::removeDetachedChildren(), and in turn removeDetachedChildrenInContainer()
2988             since the latter function tears down nodes via the deletion queue during a document destruction and use
2989             notifyChildNodeRemoved() on nodes that outlive the shadow root.
2990
2991         * dom/ShadowRoot.cpp:
2992         (WebCore::ShadowRoot::~ShadowRoot):
2993
2994             Take care to clean up inDocumentShadowRoots for fast-pathed destruction too.
2995
2996         (WebCore::ShadowRoot::insertedInto):
2997         (WebCore::ShadowRoot::removedFrom):
2998
2999             Improve ShadowRoot's insertedInto and removedFrom so that they only try to add and remove itself from
3000             m_inDocumentShadowRoots when the connected-ness changes.
3001
3002 2016-11-03  Simon Fraser  <simon.fraser@apple.com>
3003
3004         Give all the geometry classes a single-argument scale() function for consistency
3005         https://bugs.webkit.org/show_bug.cgi?id=164400
3006
3007         Reviewed by Zalan Bujtas.
3008
3009         Add single-argument scale() to FloatPoint, FloatQuad, FloatSize and LayoutPoint, as well
3010         as adding one to GraphicsContext. Switch callers who passed the same value for sx and sy
3011         to the new functions.
3012
3013         * dom/Document.cpp:
3014         (WebCore::Document::adjustFloatQuadsForScrollAndAbsoluteZoomAndFrameScale):
3015         * dom/MouseRelatedEvent.cpp:
3016         (WebCore::MouseRelatedEvent::init):
3017         (WebCore::MouseRelatedEvent::computeRelativePosition):
3018         * dom/TreeScope.cpp:
3019         (WebCore::TreeScope::nodeFromPoint):
3020         * page/PrintContext.cpp:
3021         (WebCore::PrintContext::spoolPage):
3022         * platform/cocoa/ThemeCocoa.mm:
3023         (WebCore::fitContextToBox):
3024         * platform/graphics/FloatPoint.h:
3025         (WebCore::FloatPoint::scale):
3026         * platform/graphics/FloatQuad.h:
3027         (WebCore::FloatQuad::scale):
3028         * platform/graphics/FloatSize.h:
3029         (WebCore::FloatSize::scale):
3030         * platform/graphics/GraphicsContext.cpp:
3031         (WebCore::GraphicsContext::applyDeviceScaleFactor):
3032         * platform/graphics/GraphicsContext.h:
3033         (WebCore::GraphicsContext::scale):
3034         * platform/graphics/LayoutPoint.h:
3035         (WebCore::LayoutPoint::scale):
3036         * platform/graphics/ca/TileCoverageMap.cpp:
3037         (WebCore::TileCoverageMap::update):
3038         * platform/graphics/ca/TileGrid.cpp:
3039         (WebCore::TileGrid::platformCALayerPaintContents):
3040         * platform/graphics/cg/ImageBufferCG.cpp:
3041         (WebCore::ImageBuffer::drawConsuming):
3042         (WebCore::ImageBuffer::draw):
3043         (WebCore::ImageBuffer::drawPattern):
3044         * platform/mac/ThemeMac.mm:
3045         (WebCore::paintToggleButton):
3046         (WebCore::paintButton):
3047         (WebCore::paintStepper):
3048         * rendering/RenderImage.cpp:
3049         (WebCore::RenderImage::nodeAtPoint):
3050         * rendering/RenderMediaControls.cpp:
3051         (WebCore::getUnzoomedRectAndAdjustCurrentContext):
3052         * rendering/RenderThemeMac.mm:
3053         (WebCore::RenderThemeMac::paintMenuList):
3054         (WebCore::RenderThemeMac::paintSliderThumb):
3055         (WebCore::RenderThemeMac::paintSearchField):
3056         (WebCore::RenderThemeMac::paintSearchFieldCancelButton):
3057         (WebCore::RenderThemeMac::paintSearchFieldResultsButton):
3058         * rendering/svg/SVGInlineTextBox.cpp:
3059         (WebCore::SVGInlineTextBox::selectionRectForTextFragment):
3060         (WebCore::SVGInlineTextBox::paintDecorationWithStyle):
3061         (WebCore::SVGInlineTextBox::paintTextWithShadows):
3062         * svg/SVGPathBlender.cpp:
3063         (WebCore::SVGPathBlender::blendAnimatedFloatPoint):
3064         (WebCore::SVGPathBlender::blendArcToSegment):
3065         * svg/SVGPathParser.cpp:
3066         (WebCore::SVGPathParser::parseCurveToCubicSmoothSegment):
3067         (WebCore::SVGPathParser::parseCurveToQuadraticSegment):
3068         (WebCore::SVGPathParser::parseCurveToQuadraticSmoothSegment):
3069         (WebCore::SVGPathParser::decomposeArcToCubic):
3070         * svg/SVGSVGElement.cpp:
3071         (WebCore::SVGSVGElement::localCoordinateSpaceTransform):
3072
3073 2016-11-03  Antti Koivisto  <antti@apple.com>
3074
3075         REGRESSION (r207669): Crash under media controls shadow root construction
3076         https://bugs.webkit.org/show_bug.cgi?id=164381
3077         <rdar://problem/28935401>
3078
3079         Reviewed by Simon Fraser.
3080
3081         The problem is that we are running a script for media control UA shadow tree in HTMLMediaElement::insertedInto.
3082         It is not safe to run scripts in insertedInto as the tree is in inconsistent state. Instead finishedInsertingSubtree
3083         callback should be used.
3084
3085         Test: media/media-controls-shadow-construction-crash.html
3086
3087         Seen on https://www.theguardian.com/artanddesign/video/2013/oct/14/banksy-central-park-new-york-video
3088
3089         * html/HTMLMediaElement.cpp:
3090         (WebCore::HTMLMediaElement::insertedInto):
3091         (WebCore::HTMLMediaElement::finishedInsertingSubtree):
3092
3093             Move configureMediaControls() to finishedInsertingSubtree().
3094
3095         * html/HTMLMediaElement.h:
3096         * style/StyleTreeResolver.cpp:
3097         (WebCore::Style::TreeResolver::resolveComposedTree):
3098
3099             Add an assert to make the bad state easier to hit in tests.
3100
3101 2016-11-03  Ryosuke Niwa  <rniwa@webkit.org>
3102
3103         Add an assertion to diagnose stress GC bots test failures
3104         https://bugs.webkit.org/show_bug.cgi?id=164396
3105
3106         Reviewed by Antti Koivisto.
3107
3108         Added an assertion for calling ElementQueue::add while ElementQueue::invokeAll is in progress.
3109         This should never happen as long as all DOM API has an appropriate CEReactions IDL attribute.
3110
3111         * dom/CustomElementReactionQueue.cpp:
3112         (WebCore::CustomElementReactionStack::ElementQueue::add):
3113         (WebCore::CustomElementReactionStack::ElementQueue::invokeAll):
3114         * dom/CustomElementReactionQueue.h:
3115
3116 2016-11-03  Said Abou-Hallawa  <sabouhallawa@apple.com>
3117
3118         Add the asynchronous image decoding mode
3119         https://bugs.webkit.org/show_bug.cgi?id=155546
3120
3121         Reviewed by Simon Fraser.
3122
3123         The asynchronous image decoding feature targets enhancing the rendering
3124         in two scenarios: the animated images and scrolling a page which large
3125         images. Enabling this feature for these two scenarios will be landed
3126         separately. 
3127
3128         The goal of the asynchronous image decoding is to have the decoded image
3129         frame ready before it has to be drawn. Drawing an image does not have to
3130         wait the image frame to be decoded.
3131
3132         * platform/graphics/BitmapImage.cpp:
3133         (WebCore::BitmapImage::frameImageAtIndex): Use the negation of frameHasValidNativeImageAtIndex().
3134         * platform/graphics/BitmapImage.h:
3135         (WebCore::BitmapImage::frameIsBeingDecodedAtIndex): Answers whether a frame is being decoded.
3136         (WebCore::BitmapImage::frameHasValidNativeImageAtIndex): Checks the validity of a frame.
3137         (WebCore::BitmapImage::frameHasInvalidNativeImageAtIndex): Deleted.
3138         * platform/graphics/Image.h:
3139         (WebCore::Image::newFrameNativeImageAvailableAtIndex): Notifies the image with the availability of a frame NativeImage.
3140         * platform/graphics/ImageFrame.h:
3141         (WebCore::ImageFrame::isBeingDecoded): Answers whether the frame is being decoded.
3142         (WebCore::ImageFrame::hasValidNativeImage): Checks the validity of the frame.
3143         (WebCore::ImageFrame::hasInvalidNativeImage): Deleted.
3144         * platform/graphics/ImageFrameCache.cpp:
3145         (WebCore::ImageFrameCache::~ImageFrameCache): Asserts the decoding loop was ended before deleting the ImageFrameCache.
3146         (WebCore::ImageFrameCache::setFrameNativeImageAtIndex): Rename this function to matches the other which take the frame index.
3147         (WebCore::ImageFrameCache::setFrameMetadataAtIndex): Ditto.
3148         (WebCore::ImageFrameCache::replaceFrameNativeImageAtIndex): It setts the ImageFrame's members and updates the decoded size.
3149         (WebCore::ImageFrameCache::cacheFrameNativeImageAtIndex): Replaces the frame NativeImage and notifies the Image with the new frame.
3150         (WebCore::ImageFrameCache::decodingQueue): Ensures the decoding WorkQueue is created and returns it.
3151         (WebCore::ImageFrameCache::startAsyncDecodingQueue): Starts a decoding WorkQueue which loops until m_frameRequestQueue is closed.
3152         (WebCore::ImageFrameCache::requestFrameAsyncDecodingAtIndex): Allows ImageSource to send a request to start asynchronous frame image decoding.
3153         (WebCore::ImageFrameCache::stopAsyncDecodingQueue): Stops the decoding WorkQueue by closing m_frameRequestQueue.
3154         (WebCore::ImageFrameCache::frameAtIndex): Call replaceFrameNativeImageAtIndex().
3155         (WebCore::ImageFrameCache::frameIsBeingDecodedAtIndex): Returns true if a request for the image frame is issued but not finished yet.
3156         (WebCore::ImageFrameCache::frameHasValidNativeImageAtIndex): Checks the validity of a frame.
3157         (WebCore::ImageFrameCache::setFrameNativeImage): Deleted. Was renamed to be setFrameNativeImageAtIndex.
3158         (WebCore::ImageFrameCache::setFrameMetadata): Deleted. Was renamed to be setFrameMetadataAtIndex
3159         (WebCore::ImageFrameCache::frameHasInvalidNativeImageAtIndex): Deleted. Was renamed to be frameHasValidNativeImageAtIndex.
3160         * platform/graphics/ImageFrameCache.h:
3161         (WebCore::ImageFrameCache::create): The decoding queue needs to hold a reference to this class so it can stop decoding safely without blocking.
3162         (WebCore::ImageFrameCache::hasDecodingQueue): Returns true if a decoding queue has started.
3163         * platform/graphics/ImageSource.cpp:
3164         (WebCore::ImageSource::ImageSource): Call ImageFrameCache::create().
3165         (WebCore::ImageSource::clear): Deleting the decoder is unnecessary for asynchronous decoding because ImageFrameCache manages all the memory.
3166         
3167         (WebCore::ImageSource::destroyDecodedData):
3168         (WebCore::ImageSource::destroyDecodedDataIfNecessary):
3169         (WebCore::ImageSource::ensureDecoderAvailable):
3170         (WebCore::ImageSource::dataChanged):
3171         (WebCore::ImageSource::isAllDataReceived):
3172         (WebCore::ImageSource::isAsyncDecodingRequired): Answers the question whether the async image decoding is required for this ImageSource.
3173         (WebCore::ImageSource::frameImageAtIndex):
3174         * platform/graphics/ImageSource.h:
3175         (WebCore::ImageSource::decodedSize):
3176         (WebCore::ImageSource::requestFrameAsyncDecodingAtIndex):
3177         (WebCore::ImageSource::stopAsyncDecodingQueue):
3178         (WebCore::ImageSource::isSizeAvailable):
3179         (WebCore::ImageSource::frameCount):
3180         (WebCore::ImageSource::repetitionCount):
3181         (WebCore::ImageSource::filenameExtension):
3182         (WebCore::ImageSource::hotSpot):
3183         (WebCore::ImageSource::size):
3184         (WebCore::ImageSource::sizeRespectingOrientation):
3185         (WebCore::ImageSource::singlePixelSolidColor):
3186         (WebCore::ImageSource::frameIsBeingDecodedAtIndex):
3187         (WebCore::ImageSource::frameIsCompleteAtIndex):
3188         (WebCore::ImageSource::frameHasAlphaAtIndex):
3189         (WebCore::ImageSource::frameHasImageAtIndex):
3190         (WebCore::ImageSource::frameSubsamplingLevelAtIndex):
3191         (WebCore::ImageSource::frameSizeAtIndex):
3192         (WebCore::ImageSource::frameBytesAtIndex):
3193         (WebCore::ImageSource::frameDurationAtIndex):
3194         (WebCore::ImageSource::frameOrientationAtIndex):
3195          Make m_frameCache a type Ref<ImageFrameCache>. Use '->' instead of '.' when accessing its members.
3196
3197         (WebCore::ImageSource::frameHasValidNativeImageAtIndex): Checks the validity of a frame.
3198         (WebCore::ImageSource::frameHasInvalidNativeImageAtIndex): Deleted. Was renamed to be frameHasValidNativeImageAtIndex.
3199
3200 2016-11-03  Myles C. Maxfield  <mmaxfield@apple.com>
3201
3202         [WebGL2] Implement getBufferSubData()
3203         https://bugs.webkit.org/show_bug.cgi?id=164111
3204
3205         Reviewed by Dean Jackson.
3206
3207         The call exists in OpenGL 3.2 but in order to have parity with
3208         OpenGL ES 3 we back it with glMapBufferRange() instead.
3209
3210         This patch simply adds surface area to GraphicsContext3D
3211         until we can get an ANGLE implementation of it.
3212
3213         When testing this patch I discovered that r207649 incorrectly
3214         interpreted arguments to bufferData() and bufferSubData() as
3215         byte offsets. Instead, they should be element indices. This
3216         patch fixes those functions to work correctly so that
3217         getBufferSubData() can be tested correctly.
3218
3219         Tests: fast/canvas/webgl/webgl2-buffers.html
3220                fast/canvas/webgl/getBufferSubData-webgl1.html
3221
3222         * html/canvas/WebGL2RenderingContext.cpp:
3223         (WebCore::arrayBufferViewElementSize):
3224         (WebCore::WebGL2RenderingContext::bufferData):
3225         (WebCore::WebGL2RenderingContext::bufferSubData):
3226         (WebCore::WebGL2RenderingContext::getBufferSubData):
3227         * html/canvas/WebGL2RenderingContext.h:
3228         * html/canvas/WebGL2RenderingContext.idl:
3229         * platform/graphics/GraphicsContext3D.h:
3230         * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
3231         (WebCore::GraphicsContext3D::getBufferSubData):
3232         (WebCore::GraphicsContext3D::mapBufferRange):
3233         (WebCore::GraphicsContext3D::unmapBuffer):
3234
3235 2016-11-03  Chris Dumez  <cdumez@apple.com>
3236
3237         Unreviewed, mark support for the 'download' attribute as 'Done'.
3238
3239         * features.json:
3240
3241 2016-11-03  Chris Dumez  <cdumez@apple.com>
3242
3243         [WK2][Cocoa] Implement user interface for HTML form validation
3244         https://bugs.webkit.org/show_bug.cgi?id=164143
3245         <rdar://problem/28944652>
3246
3247         Reviewed by Simon Fraser.
3248
3249         Add ValidationBubble class to show HTML form validation messages
3250         using native dialogs. It currently has an implementation for both
3251         Mac and iOS. It is in WebCore under platform/ so that it can be
3252         used by both WebKit1 and WebKit2.
3253
3254         Update ownership of ValidationMessageClient so that is is owned
3255         by the Page using a unique_ptr<>, which seems to be the modern
3256         way of handling lifetime for page clients.
3257
3258         Test: fast/forms/validation-messages.html
3259
3260         * WebCore.xcodeproj/project.pbxproj:
3261         * html/HTMLFormControlElement.cpp:
3262         (WebCore::HTMLFormControlElement::focusAndShowValidationMessage):
3263         * html/ValidationMessage.cpp:
3264         (WebCore::ValidationMessage::updateValidationMessage):
3265         * page/Page.cpp:
3266         (WebCore::Page::Page):
3267         (WebCore::Page::~Page):
3268         * page/Page.h:
3269         (WebCore::Page::validationMessageClient):
3270         * page/PageConfiguration.cpp:
3271         * page/PageConfiguration.h:
3272         * platform/ValidationBubble.h: Copied from Tools/DumpRenderTree/mac/UIScriptControllerMac.mm.
3273         (WebCore::ValidationBubble::message):
3274         * platform/ios/ValidationBubbleIOS.mm: Added.
3275         (-[WebValidationBubbleDelegate adaptivePresentationStyleForPresentationController:traitCollection:]):
3276         (WebCore::ValidationBubble::ValidationBubble):
3277         (WebCore::ValidationBubble::~ValidationBubble):
3278         (WebCore::ValidationBubble::show):
3279         (WebCore::ValidationBubble::setAnchorRect):
3280         * platform/mac/ValidationBubbleMac.mm: Added.
3281         (WebCore::ValidationBubble::ValidationBubble):
3282         (WebCore::ValidationBubble::~ValidationBubble):
3283         (WebCore::ValidationBubble::showRelativeTo):
3284
3285 2016-11-03  Brady Eidson  <beidson@apple.com>
3286
3287         IndexedDB 2.0: Rename IDBKeyRange.contains to IDBKeyRange.includes.
3288         https://bugs.webkit.org/show_bug.cgi?id=164383
3289
3290         Reviewed by Beth Dakin.
3291
3292         No new tests (Updated existing tests).
3293
3294         * Modules/indexeddb/IDBKeyRange.cpp:
3295         (WebCore::IDBKeyRange::includes):
3296         (WebCore::IDBKeyRange::contains): Deleted.
3297         * Modules/indexeddb/IDBKeyRange.h:
3298         * Modules/indexeddb/IDBKeyRange.idl:
3299
3300 2016-11-03  Ryan Haddad  <ryanhaddad@apple.com>
3301
3302         Unreviewed, rolling out r208302.
3303
3304         This change causes LayoutTest crashes under GuardMalloc.
3305
3306         Reverted changeset:
3307
3308         "Load stylesheets in link elements inside a connected shadow
3309         tree"
3310         https://bugs.webkit.org/show_bug.cgi?id=160683
3311         http://trac.webkit.org/changeset/208302
3312
3313 2016-11-03  Chris Dumez  <cdumez@apple.com>
3314
3315         Unreviewed, add HTML5 specification for HTML Interactive Form Validation feature.
3316
3317         * features.json:
3318
3319 2016-11-03  Chris Dumez  <cdumez@apple.com>
3320
3321         Unreviewed, add HTML Interactive Form Validation to features.json
3322
3323         * features.json:
3324
3325 2016-11-03  Yusuke Suzuki  <utatane.tea@gmail.com>
3326
3327         Unreviewed, rolling out due to crash in Amazon web site
3328         https://bugs.webkit.org/show_bug.cgi?id=164380
3329         <rdar://problem/29094221>
3330
3331         * dom/Node.idl:
3332         * domjit/JSNodeDOMJIT.cpp:
3333         (WebCore::NodeOwnerDocumentDOMJIT::checkDOM): Deleted.
3334         (WebCore::NodeOwnerDocumentDOMJIT::callDOMGetter): Deleted.
3335
3336 2016-11-03  Brady Eidson  <beidson@apple.com>
3337
3338         IndexedDB 2.0: Support binary keys.
3339         <rdar://problem/28806927> and https://bugs.webkit.org/show_bug.cgi?id=164359
3340
3341         Reviewed by Alex Christensen.
3342
3343         Tests: storage/indexeddb/modern/binary-keys-1-private.html
3344                storage/indexeddb/modern/binary-keys-1.html
3345                Changes to other existing tests.
3346
3347         * Modules/indexeddb/IDBKey.cpp:
3348         (WebCore::IDBKey::createBinary):
3349         (WebCore::IDBKey::IDBKey):
3350         (WebCore::IDBKey::compare):
3351         * Modules/indexeddb/IDBKey.h:
3352         (WebCore::IDBKey::binary):
3353         (WebCore::compareBinaryKeyData):
3354
3355         * Modules/indexeddb/IDBKeyData.cpp:
3356         (WebCore::IDBKeyData::IDBKeyData):
3357         (WebCore::IDBKeyData::maybeCreateIDBKey):
3358         (WebCore::IDBKeyData::isolatedCopy):
3359         (WebCore::IDBKeyData::encode):
3360         (WebCore::IDBKeyData::decode):
3361         (WebCore::IDBKeyData::compare):
3362         (WebCore::IDBKeyData::loggingString):
3363         (WebCore::IDBKeyData::operator==):
3364         * Modules/indexeddb/IDBKeyData.h:
3365         (WebCore::IDBKeyData::hash):
3366         (WebCore::IDBKeyData::encode):
3367         (WebCore::IDBKeyData::decode):
3368
3369         * Modules/indexeddb/IndexedDB.h: Add new enum for the new key type.
3370
3371         * bindings/js/IDBBindingUtilities.cpp:
3372         (WebCore::toJS):
3373         (WebCore::createIDBKeyFromValue):
3374
3375         * platform/ThreadSafeDataBuffer.h:
3376         (WebCore::ThreadSafeDataBufferImpl::ThreadSafeDataBufferImpl):
3377         (WebCore::ThreadSafeDataBuffer::copyData):
3378         (WebCore::ThreadSafeDataBuffer::size):
3379         (WebCore::ThreadSafeDataBuffer::operator==):
3380         (WebCore::ThreadSafeDataBuffer::ThreadSafeDataBuffer):
3381
3382 2016-11-03  Tim Horton  <timothy_horton@apple.com>
3383
3384         Printing to PDF should produce internal links when HTML has internal links
3385         https://bugs.webkit.org/show_bug.cgi?id=112081
3386         <rdar://problem/5955705>
3387
3388         Reviewed by Simon Fraser.
3389         Patch originally by David Lattimore.
3390
3391         No new tests, as it's unclear how to test PDF output.
3392
3393         * dom/Element.cpp:
3394         (WebCore::Element::findAnchorElementForLink):
3395         * dom/Element.h:
3396         Add findAnchorElementForLink, which looks up the anchor element corresponding
3397         to the current element's href, and also returns the fragment name as an out parameter.
3398
3399         * page/PrintContext.cpp:
3400         (WebCore::PrintContext::PrintContext):
3401         (WebCore::PrintContext::spoolPage):
3402         (WebCore::PrintContext::spoolRect):
3403         (WebCore::PrintContext::end):
3404         (WebCore::PrintContext::collectLinkedDestinations):
3405         (WebCore::PrintContext::outputLinkedDestinations):
3406         * rendering/RenderObject.cpp:
3407         (WebCore::RenderObject::addPDFURLRect):
3408         Plumb internal links (fragment links) through to GraphicsContext, using
3409         the fragment name from the page.
3410
3411         * page/PrintContext.h:
3412         * platform/graphics/GraphicsContext.cpp:
3413         (WebCore::GraphicsContext::supportsInternalLinks):
3414         (WebCore::GraphicsContext::setDestinationForRect):
3415         (WebCore::GraphicsContext::addDestinationAtPoint):
3416         * platform/graphics/GraphicsContext.h:
3417         * platform/graphics/cg/GraphicsContextCG.cpp:
3418         (WebCore::GraphicsContext::supportsInternalLinks):
3419         (WebCore::GraphicsContext::setDestinationForRect):
3420         (WebCore::GraphicsContext::addDestinationAtPoint):
3421         Plumb internal links through to the CGContext. Apply the CTM, because
3422         these functions expect positions in global coordinates.
3423
3424         * platform/graphics/win/GraphicsContextDirect2D.cpp:
3425         (WebCore::GraphicsContext::setURLForRect):
3426         * platform/graphics/cairo/GraphicsContextCairo.cpp:
3427         (WebCore::GraphicsContext::setURLForRect):
3428         Adjust setURLForRect to take a FloatRect, like everything else, and
3429         stop rounding.
3430
3431 2016-11-03  Alex Christensen  <achristensen@webkit.org>
3432
3433         Unreviewed, rolling out r208298.
3434         https://bugs.webkit.org/show_bug.cgi?id=163939
3435
3436         caused asan crashes
3437
3438         Reverted changeset:
3439
3440         "NetworkSession: Add NetworkDataTask implementation for blobs"
3441         https://bugs.webkit.org/show_bug.cgi?id=163939
3442         http://trac.webkit.org/changeset/208298
3443
3444 2016-11-03  Brent Fulgham  <bfulgham@apple.com>
3445
3446         [Win][Direct2D] Native Windows widgets are drawn upside-down
3447         https://bugs.webkit.org/show_bug.cgi?id=164370
3448
3449         Reviewed by Alex Christensen.
3450
3451         When we return from drawing in GDI code, we need to flip the resulting
3452         bitmap so that it draws in the proper orientation in Direct2D.
3453
3454         Tested by existing widget tests.
3455
3456         * platform/graphics/win/GraphicsContextDirect2D.cpp:
3457         (WebCore::GraphicsContext::releaseWindowsContext): Flip before drawing
3458         to our Direct2D context.
3459
3460 2016-11-01  Gavin Barraclough  <barraclough@apple.com>
3461
3462         Remove PageThrottler & all related code
3463         https://bugs.webkit.org/show_bug.cgi?id=164302
3464
3465         Reviewed by Ryosuke Niwa.
3466
3467         All relevant information now available from the ActivityState.
3468
3469         * CMakeLists.txt:
3470         * WebCore.xcodeproj/project.pbxproj:
3471         * html/HTMLMediaElement.cpp:
3472         (WebCore::HTMLMediaElement::setMuted):
3473         (WebCore::HTMLMediaElement::updateVolume):
3474         (WebCore::HTMLMediaElement::updatePlayState):
3475         (WebCore::HTMLMediaElement::updateAudioAssertionState): Deleted.
3476         * html/HTMLMediaElement.h:
3477         * loader/FrameLoader.cpp:
3478         (WebCore::FrameLoader::completed):
3479         (WebCore::FrameLoader::started):
3480         * loader/FrameLoader.h:
3481         * page/ChromeClient.h:
3482         * page/Page.cpp:
3483         (WebCore::Page::Page):
3484         * page/Page.h:
3485         (WebCore::Page::pageActivityStateChanged): Deleted.
3486         (WebCore::Page::pageThrottler): Deleted.
3487         * page/PageThrottler.cpp: Removed.
3488         * page/PageThrottler.h: Removed.
3489
3490 2016-11-03  Dan Bernstein  <mitz@apple.com>
3491
3492         REGRESSION (r206247): Painting milestones can be delayed until the next layer flush
3493         https://bugs.webkit.org/show_bug.cgi?id=164340
3494         <rdar://problem/29074344>
3495
3496         Reviewed by Tim Horton.
3497
3498         To give WebKit a chance to deliver the painting milestones to its client after the commit,
3499         we must tell it about them before or during the commit. To that end, we should not defer
3500         the call to firePaintRelatedMilestonesIfNeeded until after the commit.
3501
3502         * rendering/RenderLayerCompositor.cpp:
3503         (WebCore::RenderLayerCompositor::RenderLayerCompositor): Removed
3504           m_paintRelatedMilestonesTimer initializer.
3505         (WebCore::RenderLayerCompositor::didPaintBacking): Call
3506           FrameView::firePaintRelatedMilestonesIfNeeded directly from here.
3507         (WebCore::RenderLayerCompositor::paintRelatedMilestonesTimerFired): Deleted.
3508         * rendering/RenderLayerCompositor.h:
3509
3510 2016-11-03  Antti Koivisto  <antti@apple.com>
3511
3512         imported/mozilla/svg/paint-order-01.svg and imported/mozilla/svg/paint-order-02.svg are flaky failures
3513         https://bugs.webkit.org/show_bug.cgi?id=164355
3514
3515         Reviewed by Ryosuke Niwa.
3516
3517         Revert one change from https://trac.webkit.org/changeset/207669 to see if it is causing flakiness in
3518         some XML based tests.
3519
3520         * xml/parser/XMLDocumentParser.cpp:
3521         (WebCore::XMLDocumentParser::end):
3522
3523 2016-11-02  Yusuke Suzuki  <utatane.tea@gmail.com>
3524
3525         Unreviewed, fix CLoop build after r208320.
3526         https://bugs.webkit.org/show_bug.cgi?id=162980
3527
3528         Guard with ENABLE(JIT).
3529
3530         * bindings/scripts/CodeGeneratorJS.pm:
3531         (GenerateImplementation):
3532         * bindings/scripts/test/JS/JSTestDOMJIT.cpp:
3533
3534 2016-11-02  Brady Eidson  <beidson@apple.com>
3535
3536         Expand upon IndexedDB status in features.json.
3537         
3538         * features.json:
3539
3540 2016-11-02  Myles C. Maxfield  <mmaxfield@apple.com>
3541
3542         CSS.supports("font-variation-settings", "'wght' 500") erroneously returns false
3543         https://bugs.webkit.org/show_bug.cgi?id=164244
3544
3545         Reviewed by Michael Catanzaro.
3546
3547         Because we weren't passing a Document into CSSParserContext's constructor,
3548         there was no way for our parser to know whether the runtime switch was on
3549         or not. Instead, we can use the CallWith attribute in the IDL file to pass
3550         in a Document.
3551
3552         Test: fast/text/variations/css-supports-runtime-switch.html
3553
3554         * css/DOMCSSNamespace.cpp:
3555         (WebCore::DOMCSSNamespace::supports):
3556         * css/DOMCSSNamespace.h:
3557         * css/DOMCSSNamespace.idl:
3558
3559 2016-11-02  Yusuke Suzuki  <utatane.tea@gmail.com>
3560
3561         [DOMJIT] Add DOMJIT::Signature
3562         https://bugs.webkit.org/show_bug.cgi?id=162980
3563
3564         Reviewed by Saam Barati and Sam Weinig.
3565
3566         We introduce DOMJIT::Signature. This signature object is automatically generated by IDL code generator.
3567         It holds (1) types, (2) pointer to the unsafe function (the function without checks), and (3) the effect
3568         of the function. We use constexpr to initialize DOMJIT::Signature without invoking global constructors.
3569         Thus the content is embedded into the binary as the constant values.
3570
3571         We also clean up the IDL code generator related to DOMJIT part. Instead of switching things inside IDL
3572         code generator, we use C++ template to dispatch things at compile time. This template meta programming
3573         is highly utilized in IDL these days.
3574
3575         To make DOMJIT::Signature constexpr, we also need to define DOMJIT abstract heap things in the build time.
3576         To do so, we introduce a tiny Ruby script to calculate the range of abstract heaps. We can offer the abstract
3577         heap tree as YAML format and the script will produce a C++ header holding the calculated abstract heap ranges
3578
3579         * CMakeLists.txt:
3580         * DerivedSources.make:
3581         * ForwardingHeaders/bytecode/SpeculatedType.h: Renamed from Source/WebCore/domjit/DOMJITAbstractHeapRepository.h.
3582         * ForwardingHeaders/domjit/DOMJITSignature.h: Renamed from Source/WebCore/domjit/DOMJITAbstractHeapRepository.cpp.
3583         * WebCore.xcodeproj/project.pbxproj:
3584         * bindings/js/JSDOMGlobalObject.h:
3585         * bindings/scripts/CodeGeneratorJS.pm:
3586         (GenerateHeader):
3587         (GeneratePropertiesHashTable):
3588         (GetUnsafeArgumentType):
3589         (GetArgumentTypeFilter):
3590         (GetResultTypeFilter):
3591         (GenerateImplementation):
3592         (UnsafeToNative):
3593         (GenerateHashTableValueArray):
3594         (ComputeFunctionSpecial):
3595         * bindings/scripts/IDLAttributes.txt:
3596         * bindings/scripts/test/JS/JSTestDOMJIT.cpp:
3597         (WebCore::BindingCaller<JSTestDOMJIT>::castForOperation):
3598         (WebCore::TestDOMJITAnyAttrDOMJIT::TestDOMJITAnyAttrDOMJIT):
3599         (WebCore::TestDOMJITBooleanAttrDOMJIT::TestDOMJITBooleanAttrDOMJIT):
3600         (WebCore::TestDOMJITByteAttrDOMJIT::TestDOMJITByteAttrDOMJIT):
3601         (WebCore::TestDOMJITOctetAttrDOMJIT::TestDOMJITOctetAttrDOMJIT):
3602         (WebCore::TestDOMJITShortAttrDOMJIT::TestDOMJITShortAttrDOMJIT):
3603         (WebCore::TestDOMJITUnsignedShortAttrDOMJIT::TestDOMJITUnsignedShortAttrDOMJIT):
3604         (WebCore::TestDOMJITLongAttrDOMJIT::TestDOMJITLongAttrDOMJIT):
3605         (WebCore::TestDOMJITUnsignedLongAttrDOMJIT::TestDOMJITUnsignedLongAttrDOMJIT):
3606         (WebCore::TestDOMJITLongLongAttrDOMJIT::TestDOMJITLongLongAttrDOMJIT):
3607         (WebCore::TestDOMJITUnsignedLongLongAttrDOMJIT::TestDOMJITUnsignedLongLongAttrDOMJIT):
3608         (WebCore::TestDOMJITFloatAttrDOMJIT::TestDOMJITFloatAttrDOMJIT):
3609         (WebCore::TestDOMJITUnrestrictedFloatAttrDOMJIT::TestDOMJITUnrestrictedFloatAttrDOMJIT):
3610         (WebCore::TestDOMJITDoubleAttrDOMJIT::TestDOMJITDoubleAttrDOMJIT):
3611         (WebCore::TestDOMJITUnrestrictedDoubleAttrDOMJIT::TestDOMJITUnrestrictedDoubleAttrDOMJIT):
3612         (WebCore::TestDOMJITDomStringAttrDOMJIT::TestDOMJITDomStringAttrDOMJIT):
3613         (WebCore::TestDOMJITByteStringAttrDOMJIT::TestDOMJITByteStringAttrDOMJIT):
3614         (WebCore::TestDOMJITUsvStringAttrDOMJIT::TestDOMJITUsvStringAttrDOMJIT):
3615         (WebCore::TestDOMJITNodeAttrDOMJIT::TestDOMJITNodeAttrDOMJIT):
3616         (WebCore::TestDOMJITBooleanNullableAttrDOMJIT::TestDOMJITBooleanNullableAttrDOMJIT):
3617         (WebCore::TestDOMJITByteNullableAttrDOMJIT::TestDOMJITByteNullableAttrDOMJIT):
3618         (WebCore::TestDOMJITOctetNullableAttrDOMJIT::TestDOMJITOctetNullableAttrDOMJIT):
3619         (WebCore::TestDOMJITShortNullableAttrDOMJIT::TestDOMJITShortNullableAttrDOMJIT):
3620         (WebCore::TestDOMJITUnsignedShortNullableAttrDOMJIT::TestDOMJITUnsignedShortNullableAttrDOMJIT):
3621         (WebCore::TestDOMJITLongNullableAttrDOMJIT::TestDOMJITLongNullableAttrDOMJIT):
3622         (WebCore::TestDOMJITUnsignedLongNullableAttrDOMJIT::TestDOMJITUnsignedLongNullableAttrDOMJIT):
3623         (WebCore::TestDOMJITLongLongNullableAttrDOMJIT::TestDOMJITLongLongNullableAttrDOMJIT):
3624         (WebCore::TestDOMJITUnsignedLongLongNullableAttrDOMJIT::TestDOMJITUnsignedLongLongNullableAttrDOMJIT):
3625         (WebCore::TestDOMJITFloatNullableAttrDOMJIT::TestDOMJITFloatNullableAttrDOMJIT):
3626         (WebCore::TestDOMJITUnrestrictedFloatNullableAttrDOMJIT::TestDOMJITUnrestrictedFloatNullableAttrDOMJIT):
3627         (WebCore::TestDOMJITDoubleNullableAttrDOMJIT::TestDOMJITDoubleNullableAttrDOMJIT):
3628         (WebCore::TestDOMJITUnrestrictedDoubleNullableAttrDOMJIT::TestDOMJITUnrestrictedDoubleNullableAttrDOMJIT):
3629         (WebCore::TestDOMJITDomStringNullableAttrDOMJIT::TestDOMJITDomStringNullableAttrDOMJIT):
3630         (WebCore::TestDOMJITByteStringNullableAttrDOMJIT::TestDOMJITByteStringNullableAttrDOMJIT):
3631         (WebCore::TestDOMJITUsvStringNullableAttrDOMJIT::TestDOMJITUsvStringNullableAttrDOMJIT):
3632         (WebCore::TestDOMJITNodeNullableAttrDOMJIT::TestDOMJITNodeNullableAttrDOMJIT):
3633         (WebCore::jsTestDOMJITPrototypeFunctionGetAttribute):
3634         (WebCore::jsTestDOMJITPrototypeFunctionGetAttributeCaller):
3635         (WebCore::unsafeJsTestDOMJITPrototypeFunctionGetAttribute):
3636         (WebCore::jsTestDOMJITPrototypeFunctionItem):
3637         (WebCore::jsTestDOMJITPrototypeFunctionItemCaller):
3638         (WebCore::unsafeJsTestDOMJITPrototypeFunctionItem):
3639         (WebCore::jsTestDOMJITPrototypeFunctionHasAttribute):
3640         (WebCore::jsTestDOMJITPrototypeFunctionHasAttributeCaller):
3641         (WebCore::unsafeJsTestDOMJITPrototypeFunctionHasAttribute):
3642         (WebCore::jsTestDOMJITPrototypeFunctionGetElementById):
3643         (WebCore::jsTestDOMJITPrototypeFunctionGetElementByIdCaller):
3644         (WebCore::unsafeJsTestDOMJITPrototypeFunctionGetElementById):
3645         (WebCore::jsTestDOMJITPrototypeFunctionGetElementsByName):
3646         (WebCore::jsTestDOMJITPrototypeFunctionGetElementsByNameCaller):
3647         (WebCore::unsafeJsTestDOMJITPrototypeFunctionGetElementsByName):
3648         * bindings/scripts/test/TestDOMJIT.idl:
3649         * dom/Element.idl:
3650         * domjit/DOMJITAbstractHeapRepository.yaml: Added.
3651         * domjit/DOMJITIDLConvert.h: Added.
3652         (WebCore::DOMJIT::DirectConverter<IDLDOMString>::directConvert<StringConversionConfiguration::Normal>):
3653         * domjit/DOMJITIDLType.h: Added.
3654         * domjit/DOMJITIDLTypeFilter.h: Added.
3655         * domjit/JSDocumentDOMJIT.cpp:
3656         (WebCore::DocumentDocumentElementDOMJIT::callDOMGetter):
3657         * domjit/JSNodeDOMJIT.cpp:
3658         (WebCore::NodeFirstChildDOMJIT::callDOMGetter):
3659         (WebCore::NodeLastChildDOMJIT::callDOMGetter):
3660         (WebCore::NodeNextSiblingDOMJIT::callDOMGetter):
3661         (WebCore::NodePreviousSiblingDOMJIT::callDOMGetter):
3662         (WebCore::NodeParentNodeDOMJIT::callDOMGetter):
3663         (WebCore::NodeOwnerDocumentDOMJIT::callDOMGetter):
3664         * domjit/generate-abstract-heap.rb: Added.
3665
3666 2016-11-02  Simon Fraser  <simon.fraser@apple.com>
3667
3668         Followup after r208314.
3669
3670         The style created for reflections contains transforms and a mask, so needs to get explicit
3671         z-index on it. This doesn't change rendering, since this layer has no children.
3672
3673         Fixes assertions in various reflection tests.
3674
3675         * rendering/RenderLayer.cpp:
3676         (WebCore::RenderLayer::calculateClipRects):
3677
3678 2016-11-02  Simon Fraser  <simon.fraser@apple.com>
3679
3680         REGRESSION (r208025) GraphicsContext state stack assertions loading webkit.org
3681         https://bugs.webkit.org/show_bug.cgi?id=164350
3682         rdar://problem/29053414
3683
3684         Reviewed by Dean Jackson.
3685
3686         After r208025 it as possible for KeyframeAnimation::animate() to produce a RenderStyle
3687         with a non-1 opacity, but without the explicit z-index that triggers stacking context.
3688         This confused the RenderLayer paintWithTransparency code, triggering mismsatched GraphicsContext
3689         save/restores.
3690
3691         This occurred when the runningOrFillingForwards state was mis-computed. keyframeAnim->animate()
3692         can spit out a new style when in the StartWaitTimer sometimes, so "!keyframeAnim->waitingToStart() && !keyframeAnim->postActive()"
3693         gave the wrong answser.
3694
3695         Rather than depend on the super-confusing animation state, use a bool out param from animate() to say
3696         when it actually produced a new style, and when true, do the setZIndex(0).
3697
3698         Test: animations/stacking-during-opacity-animation.html
3699
3700         * page/animation/AnimationBase.h:
3701         * page/animation/CSSPropertyAnimation.cpp:
3702         (WebCore::CSSPropertyAnimation::blendProperties): Log after blending so the log shows the blended style.
3703         * page/animation/CompositeAnimation.cpp:
3704         (WebCore::CompositeAnimation::animate):
3705         * page/animation/ImplicitAnimation.cpp:
3706         (WebCore::ImplicitAnimation::animate):
3707         * page/animation/ImplicitAnimation.h:
3708         * page/animation/KeyframeAnimation.cpp:
3709         (WebCore::KeyframeAnimation::animate):
3710         * page/animation/KeyframeAnimation.h:
3711         * platform/graphics/GraphicsContext.cpp:
3712         (WebCore::GraphicsContext::restore):
3713         * platform/graphics/ca/cocoa/PlatformCALayerCocoa.mm:
3714         (PlatformCALayer::drawLayerContents): No functional change, but created scope for the
3715         GraphicsContext so that it didn't outlive the CGContextRestoreGState(context).
3716         * rendering/RenderLayer.cpp:
3717         (WebCore::RenderLayer::beginTransparencyLayers): New assertion that catches the problem earlier.
3718
3719 2016-11-02  Myles C. Maxfield  <mmaxfield@apple.com>
3720
3721         [iOS] [WebGL] Multisample resolve step may operate on stale data
3722         https://bugs.webkit.org/show_bug.cgi?id=164347
3723
3724         Reviewed by Dean Jackson.
3725
3726         When antialiasing is enabled, WebKit internally creates a multisampled FBO
3727         and uses that as the target of all the drawing commands. Then, just before
3728         we actually put the image on the glass, we perform a “resolve” step which
3729         averages all the samples to create the final image. However, it appears
3730         that this resolve step only waits for commands to complete which were
3731         already submitted to the hardware. OpenGL is allowed (indeed, expected) to
3732         batch up drawing commands in main memory so it can submit them to the
3733         hardware in fewer batches, but this means that the hardware may not know
3734         about all the commands that the application submitted. Because of this,
3735         the data the resolve step saw is the result of only some of the previous
3736         draw calls - not all of them.
3737
3738         This doesn’t occur on macOS because we have a different code path there
3739         for performing the resolve step. On iOS 9 and below, WebKit didn’t
3740         implement multisampling in WebGL at all, which explains why this only
3741         occurs on iOS 10. 
3742
3743         Luckily, the OpenGL command glFlush() is exactly designed to submit any
3744         pending commands to the hardware.
3745
3746         Test: fast/canvas/webgl/multisample-resolve-consistency.html
3747
3748         * platform/graphics/opengl/GraphicsContext3DOpenGL.cpp:
3749         (WebCore::GraphicsContext3D::resolveMultisamplingIfNecessary):
3750
3751 2016-11-02  Brady Eidson  <beidson@apple.com>
3752
3753         Give IDBKey(Data) a WTF::Variant overhaul.
3754         https://bugs.webkit.org/show_bug.cgi?id=164332
3755
3756         Reviewed by Alex Christensen and Andy Estes.
3757
3758         No new tests (Refactor, no behavior change).
3759
3760         * Modules/indexeddb/IDBKey.cpp:
3761         (WebCore::IDBKey::IDBKey):
3762         (WebCore::IDBKey::isValid):
3763         (WebCore::IDBKey::compare):
3764         * Modules/indexeddb/IDBKey.h:
3765         (WebCore::IDBKey::array):
3766         (WebCore::IDBKey::string):
3767         (WebCore::IDBKey::date):
3768         (WebCore::IDBKey::number):
3769         (WebCore::IDBKey::IDBKey): Deleted.
3770
3771         * Modules/indexeddb/IDBKeyData.cpp:
3772         (WebCore::IDBKeyData::IDBKeyData):
3773         (WebCore::IDBKeyData::maybeCreateIDBKey):
3774         (WebCore::IDBKeyData::isolatedCopy):
3775         (WebCore::IDBKeyData::encode):
3776         (WebCore::IDBKeyData::decode):
3777         (WebCore::IDBKeyData::compare):
3778         (WebCore::IDBKeyData::loggingString):
3779         (WebCore::IDBKeyData::setArrayValue):
3780         (WebCore::IDBKeyData::setStringValue):
3781         (WebCore::IDBKeyData::setDateValue):
3782         (WebCore::IDBKeyData::setNumberValue):
3783         (WebCore::IDBKeyData::operator==):
3784         * Modules/indexeddb/IDBKeyData.h:
3785         (WebCore::IDBKeyData::hash):
3786         (WebCore::IDBKeyData::string):
3787         (WebCore::IDBKeyData::date):
3788         (WebCore::IDBKeyData::number):
3789         (WebCore::IDBKeyData::array):
3790         (WebCore::IDBKeyData::encode):
3791         (WebCore::IDBKeyData::decode):
3792
3793 2016-11-01  Sam Weinig  <sam@webkit.org>
3794
3795         [WebIDL] Move interfaces and typed arrays over to JSDOMConvert
3796         https://bugs.webkit.org/show_bug.cgi?id=164256
3797
3798         Reviewed by Alex Christensen.
3799
3800         - Add the ability to pass an "exception thrower" functor to the convert functions.
3801           This is only implemented for convert<IDLInterface<T>> and convert<IDLNullable<IDLInterface<T>>>
3802           for now, but can be extended for more types as necessary to improve exception messages.
3803         - Add support for using toJSNewlyCreated in JSDOMConvert.
3804
3805         * bindings/generic/IDLTypes.h:
3806         (WebCore::IDLString::extractValueFromNullable):
3807         Use forwarding to simplify extraction function.
3808
3809         (WebCore::IDLInterface::nullValue):
3810         Update nullValue to work for both RefPtr<T> and T*.
3811
3812         (WebCore::IDLInterface::extractValueFromNullable):
3813         Use forwarding to simplify extraction function.
3814
3815         * bindings/js/JSDOMConvert.h:
3816         (WebCore::DefaultExceptionThrower::operator()):
3817         Add a default "exception thrower" which throws a normal type error.
3818
3819         (WebCore::convert):
3820         Add an overload of convert which takes an "exception thrower".
3821
3822         (WebCore::toJSNewlyCreated):
3823         Add new overloaded function toJSNewlyCreated, matching the toJS overload set,
3824         which will return "newly created" values. This only works for types that implement
3825         a toJSNewlyCreated function for themselves.
3826
3827         (WebCore::Converter<IDLNullable<T>>::convert):
3828         Fix the return type of Converter<IDLNullable<T>> to be specialized when
3829         T is an IDLInterface. In that case, we want to match the return type of
3830         inner converter.
3831         
3832         Also add implementation of convert overload that takes an "exception thrower".
3833
3834         (WebCore::JSConverter<IDLNullable<T>>::convert):
3835         (WebCore::JSConverter<IDLNullable<T>>::convertNewlyCreated):
3836         Reimplement conversion to use forwarding of the value.
3837
3838         (WebCore::Converter<IDLInterface<T>>::convert):
3839         Add support for an "exception thrower".
3840
3841         (WebCore::Detail::getPtrOrRef):
3842         Add helper functions that extract either a pointer or reference, depending on the type,
3843         and const_casts it allowing the value to be used with toJS functions.
3844
3845         (WebCore::JSConverter<IDLInterface<T>>::convert):
3846         Re-implement to support more varied input values.
3847
3848         (WebCore::JSConverter<IDLInterface<T>>::convertNewlyCreated):
3849         Added. Forwards to overloaded toJSNewlyCreated functions.
3850
3851         * bindings/scripts/CodeGeneratorJS.pm:
3852         (AddToImplIncludesForIDLType):
3853         Add support for adding the right includes for SerializedScriptValue and Dictionary.
3854
3855         (GetArgumentExceptionThrower):
3856         (GetAttributeExceptionThrower):
3857         Add helpers to generate "exception thrower" lambdas for wrappers and typed arrays
3858         being passed to setters and functions.
3859
3860         (GenerateParametersCheck):
3861         Move around special cases so it is clear that it's not wrappers and typed arrays that
3862         need specialization here, it is now just EventListener and XPathNSResolver.
3863
3864         (GetIDLInterfaceName):
3865         Add helper to get the InterfaceName for use in IDLInterface template.
3866
3867         (GetBaseIDLType):
3868         Use new GetIDLInterfaceName helper.
3869
3870         (IsValidContextForJSValueToNative):
3871         Remove IDLOperation as a valid context. It is not.
3872
3873         (JSValueToNative):
3874         Move JSDOMConvert based conversion to the bottom, to show that everything above it
3875         is a special case that should be fixed. I have used explicit c-style if-statements
3876         to make it clear what the types of the exceptional cases are.
3877
3878         (NativeToJSValueDOMConvertNeedsState):
3879         (NativeToJSValueDOMConvertNeedsGlobalObject):
3880         Add wrapper types and typed arrays to the list needing state and globalObject.
3881
3882         (NativeToJSValue):
3883         Move JSDOMConvert based conversion to the bottom, to show that everything above it
3884         is a special case that should be fixed. I have used explicit c-style if-statements
3885         to make it clear what the types of the exceptional cases are.
3886
3887         (JSValueToNativeIsHandledByDOMConvert): Deleted.
3888         (NativeToJSValueIsHandledByDOMConvert): Deleted.
3889         Remove predicates protecting use of JSDOMConvert now that it is the default.
3890
3891         * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
3892         * bindings/scripts/test/JS/JSTestCEReactions.cpp:
3893         * bindings/scripts/test/JS/JSTestCallback.cpp:
3894         * bindings/scripts/test/JS/JSTestCallbackFunction.cpp:
3895         * bindings/scripts/test/JS/JSTestDOMJIT.cpp:
3896         * bindings/scripts/test/JS/JSTestEventTarget.cpp:
3897         * bindings/scripts/test/JS/JSTestInterface.cpp:
3898         * bindings/scripts/test/JS/JSTestObj.cpp:
3899         * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
3900         * bindings/scripts/test/JS/JSTestOverrideBuiltins.cpp:
3901         * bindings/scripts/test/JS/JSTestSerialization.cpp:
3902         * bindings/scripts/test/JS/JSTestTypedefs.cpp:
3903         Update test results.
3904
3905 2016-11-02  David Kilzer  <ddkilzer@apple.com>
3906
3907         Bug 164333: Add logging for "WebKit encountered an internal error" messages due to Network process crashes
3908         <https://webkit.org/b/164333>
3909         <rdar://problem/29072727>
3910
3911         Reviewed by Alex Christensen.
3912
3913         * page/DiagnosticLoggingKeys.cpp:
3914         (WebCore::DiagnosticLoggingKeys::networkProcessCrashedKey):
3915         - Add implementation for new key method.
3916         * page/DiagnosticLoggingKeys.h:
3917         (WebCore::DiagnosticLoggingKeys::networkProcessCrashedKey):
3918         - Add declaration for new key method.
3919
3920 2016-11-02  Filip Pizlo  <fpizlo@apple.com>
3921
3922         The GC should be in a thread
3923         https://bugs.webkit.org/show_bug.cgi?id=163562
3924
3925         Reviewed by Geoffrey Garen and Andreas Kling.
3926
3927         No new tests because existing tests cover this.
3928         
3929         We now need to be more careful about using JSLock. This fixes some places that were not
3930         holding it. New assertions in the GC are more likely to catch this than before.
3931
3932         * bindings/js/WorkerScriptController.cpp:
3933         (WebCore::WorkerScriptController::WorkerScriptController):
3934
3935 2016-11-02  Joseph Pecoraro  <pecoraro@apple.com>
3936
3937         Web Inspector: Include DebuggerAgent in Workers - see, pause, and step through scripts
3938         https://bugs.webkit.org/show_bug.cgi?id=164136
3939         <rdar://problem/29028462>
3940
3941         Reviewed by Brian Burg.
3942
3943         Tests: inspector/worker/debugger-pause.html
3944                inspector/worker/debugger-scripts.html
3945
3946         * CMakeLists.txt:
3947         * WebCore.xcodeproj/project.pbxproj:
3948         * inspector/InspectorAllInOne.cpp:
3949         New file.
3950
3951         * inspector/PageDebuggerAgent.h:
3952         * inspector/WorkerDebuggerAgent.cpp: Added.
3953         (WebCore::WorkerDebuggerAgent::WorkerDebuggerAgent):
3954         (WebCore::WorkerDebuggerAgent::~WorkerDebuggerAgent):
3955         (WebCore::WorkerDebuggerAgent::breakpointActionLog):
3956         (WebCore::WorkerDebuggerAgent::injectedScriptForEval):
3957         * inspector/WorkerDebuggerAgent.h: Added.
3958         DebuggerAgent customizations for Workers.