Fullscreen media controls are unusable in pagination mode
[WebKit-https.git] / Source / WebCore / ChangeLog
1 2014-04-15  Jer Noble  <jer.noble@apple.com>
2
3         Fullscreen media controls are unusable in pagination mode
4         https://bugs.webkit.org/show_bug.cgi?id=131705
5
6         Reviewed by Darin Adler.
7
8         When pagination mode is enabled, the full screen media will (depending on the width of the
9         pagination columns) overflow its column, and hit testing will be clipped to the column. In extreme
10         cases, where the column width < 0.5 * media element width, the media controls will be entirely
11         unclickable.
12
13         Rather than making the RenderFullScreen a child of the full screen element's parent's renderer,
14         make it a child of the RenderView, putting it outside of the columns entirely. Always create and
15         insert the fullscreenRenderer's placeholder, using it as the remembered insertion point for the
16         fullscreen element's renderer when we exit full screen.
17
18         Drive-by fix: don't wrap the full screen element's renderer in webkitWillEnterFullScreenForElement();
19         it will just be re-wrapped in createRendererIfNeeded().
20
21         * dom/Document.cpp:
22         (WebCore::Document::webkitWillEnterFullScreenForElement): Don't wrap the full screen element's renderer.
23         (WebCore::Document::setFullScreenRenderer): Call setPlaceholderStyle.
24         * rendering/RenderFullScreen.cpp:
25         (WebCore::RenderFullScreenPlaceholder::willBeDestroyed): Call clearPlaceholder.
26         (WebCore::RenderFullScreen::wrapRenderer): Make fullscreenRenderer a child of the view().
27         (WebCore::RenderFullScreen::unwrapRenderer): Return the children to the parent of the placeholder().
28         (WebCore::RenderFullScreen::clearPlaceholder): Renamed from setPlaceholder().
29         (WebCore::RenderFullScreen::ensurePlaceholder): Added. 
30         (WebCore::RenderFullScreen::setPlaceholderStyle): Renamed from createPlaceholder().
31         (WebCore::RenderFullScreen::setPlaceholder): Deleted.
32         (WebCore::RenderFullScreen::createPlaceholder): Deleted.
33         * rendering/RenderFullScreen.h:
34
35 2014-04-16  Jer Noble  <jer.noble@apple.com>
36
37         [MSE] Multiple initialization segments with same codecs in tracks fail validation.
38         https://bugs.webkit.org/show_bug.cgi?id=131768
39
40         Additional initialization segments added to the same SourceBuffer with the same
41         codec values will fail validation. Update the validation check to add the correct
42         codec information for the initial segment, and check against the correct codecs during
43         the validation step.
44
45         Additionally, after validation, if successful update the Audio, Video, and TextTracks
46         for the SourceBuffer with the updated initialization segment information.
47
48         Reviewed by Eric Carlson.
49
50         Test: media/media-source/media-source-multiple-initialization-segments.html
51
52         * Modules/mediasource/SourceBuffer.cpp:
53         (WebCore::SourceBuffer::appendBufferTimerFired): m_source may have been cleared
54             as a result of the append, so check it before using.
55         (WebCore::SourceBuffer::sourceBufferPrivateDidEndStream): Call streamEndedWithError
56             instead of endOfStream as the latter is safe to call within an update.
57         (WebCore::SourceBuffer::sourceBufferPrivateDidReceiveInitializationSegment): Ditto.
58             Update the track lists if validation succeeds.
59         (WebCore::SourceBuffer::validateInitializationSegment): Switch the audio and video
60             codec checks.
61
62         Add the ability for Audio, Video, and InbandTextTracks to replace their private tracks:
63         * html/track/AudioTrack.cpp:
64         (WebCore::AudioTrack::AudioTrack): Call updateKindFromPrivate().
65         (WebCore::AudioTrack::setPrivate):
66         (WebCore::AudioTrack::updateKindFromPrivate): Split out from constructor.
67         * html/track/AudioTrack.h:
68         * html/track/InbandTextTrack.cpp:
69         (WebCore::InbandTextTrack::InbandTextTrack): Call updateKindFromPrivate().
70         (WebCore::InbandTextTrack::setPrivate):
71         (WebCore::InbandTextTrack::setMode): Split up into setModeInternal().
72         (WebCore::InbandTextTrack::setModeInternal): Broke out from setMode().
73         (WebCore::InbandTextTrack::updateKindFromPrivate): Split out from constructor.
74         * html/track/InbandTextTrack.h:
75         * html/track/TextTrack.h:
76         (WebCore::TextTrack::isInband): Added, returns false.
77         * html/track/VideoTrack.cpp:
78         (WebCore::VideoTrack::VideoTrack): Call updateKindFromPrivate().
79         (WebCore::VideoTrack::setPrivate):
80         (WebCore::VideoTrack::updateKindFromPrivate):  Split out from constructor.
81         * html/track/VideoTrack.h:
82
83 2014-04-17  David Hyatt  <hyatt@apple.com>
84
85         [New Multicolumn] Column sets below spanners don't repaint properly.
86         https://bugs.webkit.org/show_bug.cgi?id=131778
87
88         Reviewed by Beth Dakin.
89
90         Added fast/repaint/spanner-with-margins.html.
91
92         * rendering/RenderBox.cpp:
93         (WebCore::RenderBox::computeRectForRepaint):
94         Turn off some code that was running for in-flow RenderFlowThreads that made no sense.
95         I'm not convinced the code is right for other types of RenderFlowThreads either,
96         but will leave that to the named flow thread experts. :)
97
98 2014-04-17  Koji Ishii  <kojishi@gmail.com>
99
100         Catch up ruby and its tag omission rule changes in HTML5 CR Feb 2014
101         https://bugs.webkit.org/show_bug.cgi?id=131175
102
103         Reviewed by Darin Adler.
104
105         Tests: html5lib/resources/ruby.dat
106                html5lib/resources/tests19.dat
107
108         This patch makes WebKit HTML parser to match to the tag omission rules of HTML5 CR Feb 2014:
109         http://www.w3.org/TR/2014/CR-html5-20140204/syntax.html#syntax-tag-omission
110         with the support for two new elements (rb, rtc) which were also defined in the spec:
111         http://www.w3.org/TR/2014/CR-html5-20140204/text-level-semantics.html#the-rb-element
112         http://www.w3.org/TR/2014/CR-html5-20140204/text-level-semantics.html#the-rtc-element
113         to better support use cases presented by W3C I18N WG:
114         http://www.w3.org/TR/ruby-use-cases/
115
116         * html/HTMLTagNames.in: rb and rtc added as HTMLElement interfaces.
117         * html/parser/HTMLConstructionSite.cpp:
118         (WebCore::hasImpliedEndTag): the spec says rb and rtc have implied end tags.
119         * html/parser/HTMLTreeBuilder.cpp:
120         (WebCore::HTMLTreeBuilder::processStartTagForInBody): rb and rtc added. rt excludes rtc from its implied end tags.
121
122 2014-04-17  Darin Adler  <darin@apple.com>
123
124         Try to fix EFL and GTK builds.
125
126         * workers/WorkerGlobalScope.idl: Touch file to make it rebuild, assuming that
127         module dependencies aren't working right with CMake. Tweaked formatting quite a
128         bit while I was in here.
129
130 2014-04-17  David Hyatt  <hyatt@apple.com>
131
132         [New Multicolumn] REGRESSION: Column set styles don't update when zooming etc.
133         https://bugs.webkit.org/show_bug.cgi?id=131777
134
135         Reviewed by Enrica Casucci.
136
137         Added fast/multicol/zoom-test.html
138
139         * rendering/RenderBlockFlow.cpp:
140         (WebCore::RenderBlockFlow::styleDidChange):
141         Put back in the code that propagates new styles to the flow thread and column sets
142         when styles change. This propagation was removed when the column span code landed.
143         This patch puts it back in but qualifies the types of objects that get styles
144         propagated to avoid accidentally propagating the wrong style to column spans.
145
146 2014-04-17  Darin Adler  <darin@apple.com>
147
148         Add separate flag for IndexedDatabase in workers since the current implementation is not threadsafe
149         https://bugs.webkit.org/show_bug.cgi?id=131785
150         rdar://problem/16003108
151
152         Reviewed by Brady Eidson.
153
154         * Configurations/FeatureDefines.xcconfig: Added INDEXED_DATABASE_IN_WORKERS.
155
156         * Modules/indexeddb/WorkerGlobalScopeIndexedDatabase.cpp: Use the new conditional
157         instead of the old one.
158         * Modules/indexeddb/WorkerGlobalScopeIndexedDatabase.h: Ditto.
159         * Modules/indexeddb/WorkerGlobalScopeIndexedDatabase.idl: Ditto.
160
161 2014-04-17  Dan Bernstein  <mitz@apple.com>
162
163         WebCore part of <rdar://problem/16601336> [Cocoa] _userInitiated is always NO in WKNavigationAction passed to -webView:createWebViewWithConfiguration:forNavigationAction:windowFeatures:
164         https://bugs.webkit.org/show_bug.cgi?id=131783
165
166         Reviewed by Tim Horton.
167
168         * loader/NavigationAction.cpp:
169         (WebCore::NavigationAction::NavigationAction): Initialize m_processingUserGesture to
170         ScriptController::processingUserGesture() at the time the NavigationAction is constructed.
171         * loader/NavigationAction.h:
172         Added boolean member variable m_processionUserGesture
173         (WebCore::NavigationAction::processingUserGesture): Added this getter.
174
175 2014-04-17  Ion Rosca  <rosca@adobe.com>
176
177         [CSS Blending] Isolation descendant dependent flags are not updated correctly
178         https://bugs.webkit.org/show_bug.cgi?id=130892
179
180         Reviewed by Dean Jackson.
181
182         The isolation descendant dependent flag (m_hasUnisolatedBlendingDescendants)
183         will help us to determine if a layer should isolate blending descendants or not.
184         The m_hasUnisolatedBlendingDescendants flag should be set for layers that have blending descendant layers
185         not isolated by descendant stacking contexts.
186         An element isolatesBlending() if it has this flag set and creates stacking context.
187
188         Tests: css3/compositing/blend-mode-isolation-flags-append-non-stacking-context-blending.html
189                css3/compositing/blend-mode-isolation-flags-append-stacking-context-blending.html
190                css3/compositing/blend-mode-isolation-flags-remove-non-stacking-context-blending.html
191                css3/compositing/blend-mode-isolation-flags-remove-stacking-context-blending.html
192                css3/compositing/blend-mode-isolation-flags-turn-off-blending-no-isolation.html
193                css3/compositing/blend-mode-isolation-flags-turn-off-blending.html
194                css3/compositing/blend-mode-isolation-flags-turn-off-stacking-context.html
195                css3/compositing/blend-mode-isolation-flags-turn-on-blending.html
196                css3/compositing/blend-mode-isolation-flags-turn-on-stacking-context.html
197
198         * rendering/RenderLayer.cpp:
199         (WebCore::RenderLayer::RenderLayer):
200         (WebCore::RenderLayer::updateBlendMode):
201         (WebCore::RenderLayer::updateAncestorChainHasBlendingDescendants):
202             When a layer has blending and it hasn't had it before, we set the isolation
203         flag for all its ancestors up to the first layer creating stacking context.
204         I removed the isComposited() check here. Isolation flags should be correct regardless
205         of compositing state. Moreover, if this method is called from styleChanged(),
206         the compositing state might not be accurate, it's going to be recalculated afterwards.  
207         (WebCore::RenderLayer::dirtyAncestorChainHasBlendingDescendants):
208             When a layer doesn't have blending, but it used to have it before, we mark
209         the isolation flag as dirty for all its ancestors up to the first layer
210         creating stacking context. The isolation flags will be recalculated by
211         RenderLayer::updateDescendantDependentFlags.
212         (WebCore::RenderLayer::updateDescendantDependentFlags):
213             Evaluates if the layer has unisolated blending descendants by traversing
214         the layer subtree.
215         (WebCore::RenderLayer::addChild):
216             When adding a subtree that has blending or has some unisolated descendants,
217         we set the flag for all the ancestors, up to the stacking context layer.
218         (WebCore::RenderLayer::removeChild):
219             When removing a subtree that had blending or had some unisolated descendants,
220         we dirty the flag so that it could be reevaluated.
221         (WebCore::RenderLayer::calculateClipRects):
222         (WebCore::RenderLayer::updateTransform):
223         * rendering/RenderLayer.h:
224             Rename m_hasBlendedElementInChildStackingContext => m_hasUnisolatedBlendingDescendants
225         and m_hasBlendedElementInChildStackingContextStatusDirty => m_hasUnisolatedBlendingDescendantsStatusDirty,
226         * rendering/RenderLayerCompositor.cpp:
227         (WebCore::RenderLayerCompositor::computeCompositingRequirements):
228             Add an assert to make sure that if m_hasUnisolatedCompositedBlendingDescendants is true,
229         then m_hasUnisolatedBlendingDescendants is true as well.
230
231 2014-04-17  Tim Horton  <timothy_horton@apple.com>
232
233         Uninline blend(Color, Color) to get AnimationUtilities out of Color.h
234         https://bugs.webkit.org/show_bug.cgi?id=131781
235
236         Reviewed by Simon Fraser.
237
238         * platform/graphics/Color.cpp:
239         (WebCore::blend):
240         Un-inline.
241
242         * platform/graphics/Color.h:
243         No more AnimationUtilities.
244
245 2014-04-16  Benjamin Poulain  <bpoulain@apple.com>
246
247         Fix the build after r167412
248
249         * platform/ScrollView.cpp:
250         (WebCore::ScrollView::updateScrollbars):
251
252 2014-04-16  Benjamin Poulain  <bpoulain@apple.com>
253
254         [iOS][WK2] Fix annoying scrolling bugs
255         https://bugs.webkit.org/show_bug.cgi?id=131722
256
257         Reviewed by Simon Fraser.
258
259         * platform/ScrollView.cpp:
260         (WebCore::ScrollView::updateScrollbars):
261         Since ScrollingStateScrollingNode::setRequestedScrollPosition() was added, we see ScrollView::updateScrollbars()
262         keep changing the scroll position to incorrect values.
263
264         On iOS, the scrollbars are handled by the native UI, the code just compute incorrect scroll position. On WebKit1,
265         the code does not run because there is a platformWidget().
266
267         Just #ifdef the whole useless code.
268
269 2014-04-16  Alexandru Chiculita  <achicu@adobe.com>
270
271         Improve performance of the RenderLayerCompositor::OverlapMap
272         https://bugs.webkit.org/show_bug.cgi?id=115063
273
274         Reviewed by Simon Fraser.
275
276         No new tests, no new functionality or behavior.
277
278         Do not use the OverlapMap in RenderLayerCompositor::computeCompositingRequirements if the layer already
279         has a 3D transform. This way we can avoid a potential expensive lookups when we know for sure the layer
280         is already supposed to be composited. 
281
282         Also, added a bounding box of the overlap map, so that it can catch cases when the new layer is not overlapping
283         any of the previous layers. This is pretty common when having composited layers laid out in a vertical/horizontal list.
284
285
286         * rendering/RenderLayerCompositor.cpp:
287         (OverlapMapContainer):
288         (WebCore::OverlapMapContainer::add):
289         (WebCore::OverlapMapContainer::overlapsLayers):
290         (WebCore::OverlapMapContainer::unite):
291         (WebCore):
292         (WebCore::RenderLayerCompositor::OverlapMap::add):
293         (WebCore::RenderLayerCompositor::OverlapMap::overlapsLayers):
294         (WebCore::RenderLayerCompositor::OverlapMap::pushCompositingContainer):
295         (WebCore::RenderLayerCompositor::OverlapMap::popCompositingContainer):
296         (RenderLayerCompositor::OverlapMap):
297         (WebCore::RenderLayerCompositor::computeCompositingRequirements):
298
299 2014-04-16  Brian J. Burg  <burg@cs.washington.edu>
300
301         Web Replay: memoize fallback time values for document.lastModified
302         https://bugs.webkit.org/show_bug.cgi?id=131318
303
304         Reviewed by Joseph Pecoraro.
305
306         If a document's Last-Modified header can't be found or used, then 
307         document.lastModified is derived from the current system time or
308         from filesystem data, which is obviously nondeterministic.
309
310         It's better to handle this inside Document::lastModified rather than using
311         MemoizedDOMResult, because only the fallback case is nondeterministic.
312
313         Test: http/tests/inspector/replay/document-last-modified-fallback-value.html
314
315         The test is skipped for now, as it will be very flaky without the
316         functionality introduced by bugs 130728 and 129391.
317
318         * dom/Document.cpp:
319         (WebCore::Document::lastModified): Save or reuse memoized fallback value.
320         * replay/WebInputs.json: Add input DocumentLastModifiedDate.
321
322 2014-04-16  David Hyatt  <hyatt@apple.com>
323
324         [New Multicolumn] Selection gets confused when the mouse is in the column gaps.
325         https://bugs.webkit.org/show_bug.cgi?id=131739
326
327         Reviewed by Enrica Casucci.
328
329         * rendering/RenderBlock.cpp:
330         (WebCore::RenderBlock::selectionGaps):
331         Make sure not to paint selection gaps. This matches the old multi-column behavior. Even though
332         selection gaps *nearly* work with the new multi-column code, I am disabling them so that we
333         can turn them on without visual regressions.
334         
335         (WebCore::isChildHitTestCandidate):
336         Don't allow in-flow RenderFlowThreads to be descended into from positionForPoint. We always want
337         to look only at the spanners and at the sets.
338
339         * rendering/RenderMultiColumnFlowThread.cpp:
340         (WebCore::RenderMultiColumnFlowThread::nodeAtPoint):
341         * rendering/RenderMultiColumnFlowThread.h:
342         Override nodeAtPoint to disallow the RenderMultiColumnFlowThread from being considered for hit
343         testing when no DOM node is found. It's better to just let RenderBlock's positionForPoint run
344         to drill back down into the appropriate column set.
345
346         * rendering/RenderMultiColumnSet.cpp:
347         (WebCore::RenderMultiColumnSet::positionForPoint):
348         Implement positionForPoint for RenderMultiColumnSets. This is a straight-up port of the
349         old multi-column code's adjustPointToColumnContents function.
350
351         * rendering/RenderMultiColumnSet.h:
352         Add override of positionForPoint.
353
354 2014-04-16  Dean Jackson  <dino@apple.com>
355
356         MediaDocument on iOS should be full page
357         https://bugs.webkit.org/show_bug.cgi?id=131774
358
359         Reviewed by Jer Noble.
360
361         A MediaDocument on iOS has two problems. It can't rely
362         on intrinsic size, since it doesn't load the content until
363         a user gesture. Secondly, on a small screen you want the
364         media to fill the page.
365
366         Add width/height 100% for iOS documents.
367
368         Test: platform/iphone-simulator/media/media-document-controls-size.html
369
370         * html/MediaDocument.cpp:
371         (WebCore::MediaDocumentParser::createDocumentStructure):
372
373 2014-04-16  Roger Fong  <roger_fong@apple.com>
374
375         Add a way for layout tests to determine whether or not a plugin is snapshotted.
376         https://bugs.webkit.org/show_bug.cgi?id=131650.
377         <rdar://problem/16615528>
378
379         Reviewed by Dean Jackson.
380
381         * testing/Internals.cpp:
382         (WebCore::Internals::isPluginSnapshotted):
383         * testing/Internals.h:
384         * testing/Internals.idl:
385
386 2014-04-16  Zoltan Horvath  <zoltan@webkit.org>
387
388         Vanish unnecessary includes from Shapes.{h|cpp}
389         https://bugs.webkit.org/show_bug.cgi?id=131762
390
391         Reviewed by Andreas Kling.
392
393         No new tests, no behavior change.
394
395         * rendering/shapes/BoxShape.h:
396         * rendering/shapes/Shape.cpp:
397         * rendering/shapes/Shape.h:
398         * rendering/shapes/ShapeOutsideInfo.h:
399
400 2014-04-16  Andreas Kling  <akling@apple.com>
401
402         Revert direct caching of tagName and nodeName from r167383.
403
404         Ryosuke tells me this is not entirely safe, will need to rethink.
405
406         * dom/Element.idl:
407         * dom/Node.idl:
408
409 2014-04-16  Peter Molnar  <pmolnar.u-szeged@partner.samsung.com>
410
411         Improve security mitigation added in webkit r94001.
412         We missed the case where attachLine was called when we already had an inline box wrapper.
413         https://bugs.webkit.org/show_bug.cgi?id=127285
414
415         Reviewed by Brent Fulgham.
416
417         Merged from Blink: https://src.chromium.org/viewvc/blink?revision=150697&view=revision
418
419         * rendering/RenderBox.cpp:
420         (WebCore::RenderBox::positionLineBox):
421         * rendering/RenderBox.h:
422         (WebCore::RenderBox::setInlineBoxWrapper):
423
424 2014-04-16  Bem Jones-Bey  <bjonesbe@adobe.com>
425
426         Fix CodeGenerator.pm to only write files if the generated content has changed
427         https://bugs.webkit.org/show_bug.cgi?id=131756
428
429         Reviewed by Sam Weinig.
430
431         To improve build speed, don't touch generated files unless the newly
432         generated content is actually different.
433
434         * bindings/scripts/CodeGenerator.pm:
435         (UpdateFile):
436
437 2014-04-16  Andreas Kling  <akling@apple.com>
438
439         Add a way to cache never-changing IDL attributes in the wrapper.
440         <https://webkit.org/b/131759>
441
442         Some IDL attributes will always return the same value when queried
443         on an object, so let's have a way to avoid calling into C++ code
444         every time they are queried.
445
446         This patch adds a custom IDL thingy called "ReturnsCacheableValue"
447         which causes the code generator to emit code to cache the returned
448         value directly in the JS wrapper object.
449
450         Reviewed by Oliver Hunt.
451
452         * bindings/scripts/IDLAttributes.txt:
453         * bindings/scripts/CodeGeneratorJS.pm:
454         (GenerateImplementation):
455
456             Add ReturnsCacheableValue custom attribute.
457
458         * dom/Element.idl:
459         * dom/Node.idl:
460
461             Annotate some attributes that return fully cacheable values.
462
463         * bindings/scripts/test/*:
464
465             Rebaseline.
466
467 2014-04-16  Noel Gordon  <noel.gordon@gmail.com>
468
469         Progressive JPEG outputScanlines() calls should handle failure
470         https://bugs.webkit.org/show_bug.cgi?id=116701
471
472         Reviewed by Brent Fulgham.
473
474         outputScanlines() can fail and delete |this|. Copy the decoder pointer
475         member and use that copy to detect and handle the failure case.
476
477         * platform/image-decoders/jpeg/JPEGImageDecoder.cpp:
478         (WebCore::JPEGImageReader::decode):
479
480 2014-04-16  Robert Sipka  <sipka@inf.u-szeged.hu>
481
482         [curl] Add WEB_TIMING support
483         https://bugs.webkit.org/show_bug.cgi?id=127555
484
485         Reviewed by Brent Fulgham.
486
487         Access timing information related to navigation.
488
489         * platform/network/curl/ResourceHandleManager.cpp:
490         (WebCore::milisecondsSinceRequest):
491         (WebCore::calculateWebTimingInformations):
492         (WebCore::sockoptfunction):
493         (WebCore::headerCallback):
494         (WebCore::ResourceHandleManager::downloadTimerCallback):
495         (WebCore::ResourceHandleManager::dispatchSynchronousJob):
496         (WebCore::ResourceHandleManager::initializeHandle):
497
498 2014-04-16  Zoltan Horvath  <zoltan@webkit.org>
499
500         Cleanup header includes in ShapeOutsideInfo.h
501         https://bugs.webkit.org/show_bug.cgi?id=131750
502
503         Reviewed by Antti Koivisto.
504
505         Make the build faster by removing unnecessary header includes.
506
507         No new tests, no behavior change.
508
509         * rendering/shapes/ShapeOutsideInfo.h:
510
511 2014-04-16  Simon Fraser  <simon.fraser@apple.com>
512
513         Fix the iOS build.
514
515         * platform/graphics/cg/BitmapImageCG.cpp:
516         (WebCore::BitmapImage::draw):
517
518 2014-04-16  Alexey Proskuryakov  <ap@apple.com>
519
520         DataTransfer should cache its FileList
521         https://bugs.webkit.org/show_bug.cgi?id=131694
522
523         Reviewed by Darin Adler.
524
525         Test: fast/events/data-transfer-files-attribute-identity.html
526
527         * bindings/js/SerializedScriptValue.cpp: (WebCore::CloneDeserializer::readTerminal):
528         Switched to a new FileList constructor, CloneDeserializer doesn't really need to modify
529         the FileList with append().
530
531         * dom/DataTransfer.h:
532         * dom/DataTransfer.cpp:
533         (WebCore::DataTransfer::types): Added a FIXME.
534         (WebCore::DataTransfer::files): Changed to reuse a cached FileList. It's currently
535         easy, because we don't support DataTransferItemList. Once we do, making any changes
536         through it will also require updating the FileList in a way that doesn't replace
537         File objects for unchanged files.
538
539         * fileapi/FileList.h:
540         (WebCore::FileList::create):
541         (WebCore::FileList::isEmpty):
542         (WebCore::FileList::FileList):
543         (WebCore::FileList::append):
544         (WebCore::FileList::clear):
545         Made non-const functions private, because neither DataTransfer nor FileInputType
546         expect the list to be modified without their knowledge. Added a new Vector based
547         constructor so that a FileList could be created without the use of append().
548
549         * html/FileInputType.cpp: (WebCore::FileInputType::createFileList): Simplified
550         the code a little bit. FileInputType still needs to modify the list for clear(),
551         but doesn't need to add to it dynamically - unlike with DataTransfer, it's expected
552         to create a new FileList when it's modified.
553
554 2014-04-15  Brent Fulgham  <bfulgham@apple.com>
555
556         [Win] Eliminate use of deleteAllValues in Windows Files
557         https://bugs.webkit.org/show_bug.cgi?id=131631
558
559         Reviewed by Darin Adler.
560
561         Update to use std::unique_ptr for object lifetime. Get rid of
562         deleteAllValues now that it is no loner needed. Use ranged for
563         loops where possible.
564
565         * platform/win/WCDataObject.cpp:
566         (WebCore::WCEnumFormatEtc::WCEnumFormatEtc):
567         (WebCore::WCDataObject::~WCDataObject):
568         (WebCore::WCDataObject::GetData):
569         (WebCore::WCDataObject::QueryGetData):
570         (WebCore::WCDataObject::SetData):
571         (WebCore::WCDataObject::clearData):
572         * platform/win/WCDataObject.h:
573
574 2014-04-16  Chris Fleizach  <cfleizach@apple.com>
575
576         AX: Accessing a table cell with an invalid column header crashes
577         https://bugs.webkit.org/show_bug.cgi?id=131719
578
579         Reviewed by Darin Adler.
580
581         If no tableCell is available as a column/row header, then do not continue processing.
582
583         Test: accessibility/table-missing-column-header-crash.html
584
585         * accessibility/AccessibilityTableCell.cpp:
586         (WebCore::AccessibilityTableCell::columnHeaders):
587         (WebCore::AccessibilityTableCell::rowHeaders):
588
589 2014-04-16  Brendan Long  <b.long@cablelabs.com>
590
591         [GTK] Fix unused parameter warnings
592         https://bugs.webkit.org/show_bug.cgi?id=131721
593
594         Reviewed by Darin Adler.
595
596         * bindings/js/JSMediaStreamCapabilitiesCustom.cpp:
597         (WebCore::toJS): Remove unused 'exec' parameter.
598
599 2014-04-16  Simon Fraser  <simon.fraser@apple.com>
600
601         Convert the boolean param of Image::startAnimation() to an enum
602         https://bugs.webkit.org/show_bug.cgi?id=131742
603
604         Reviewed by Tim Horton.
605
606         Use an enum to make the code more readable.
607
608         * platform/graphics/BitmapImage.cpp:
609         (WebCore::BitmapImage::startAnimation):
610         * platform/graphics/BitmapImage.h:
611         * platform/graphics/Image.cpp:
612         (WebCore::Image::drawTiled):
613         * platform/graphics/Image.h:
614         (WebCore::Image::startAnimation):
615         * svg/graphics/SVGImage.cpp:
616         (WebCore::SVGImage::startAnimation):
617         * svg/graphics/SVGImage.h:
618
619 2014-04-16  David Hyatt  <hyatt@apple.com>
620
621         Make sure to skip the RenderMultiColumnFlowThread when resolving percentage heights inside columns against
622         containing blocks. The flow thread's auto height should not interfere if a fixed height is specified on
623         an ancestor.
624
625         https://bugs.webkit.org/show_bug.cgi?id=131741
626
627         Reviewed by Simon Fraser.
628
629         Added fast/multicol/percent-height.html.
630
631         * rendering/RenderBox.cpp:
632         (WebCore::RenderBox::skipContainingBlockForPercentHeightCalculation):
633         Add an isInFlowRenderFlowThread check so that we skip those blocks and don't consider them at all
634         when resolving percentage heights.
635
636 2014-04-16  Daewoong Jang  <daewoong.jang@navercorp.com>
637
638         [WinCairo][cURL] Build fix for WinCairo build with USE(CURL).
639         https://bugs.webkit.org/show_bug.cgi?id=131614
640
641         Reviewed by Brent Fulgham.
642
643         Build fix, no new tests needed.
644
645         * platform/network/curl/CurlCacheEntry.cpp:
646         (WebCore::CurlCacheEntry::loadResponseHeaders):
647         * platform/network/curl/CurlCacheManager.cpp:
648         (WebCore::CurlCacheManager::loadIndex):
649         * platform/network/soup/ResourceError.h:
650         * platform/network/soup/SocketStreamHandle.h:
651
652 2014-04-16  Martin Hodovan  <mhodovan@inf.u-szeged.hu>
653
654         ASSERTION FAILED: x2 >= x1 in WebCore::RenderObject::drawLineForBoxSide
655         https://bugs.webkit.org/show_bug.cgi?id=127835
656
657         In some cases when a negative margin and a positive padding are applied
658         together to the right and/or left side of the box, the logical width of
659         the borders can be set to a negative value, making the assertion fire.
660         The fix checks if the width or height of the box is negative, and if so,
661         it will not display the borders and shadows of the box.
662
663         Reviewed by Darin Adler.
664
665         Test: fast/css/padding-margin-negative-border.html
666
667         * rendering/RenderBoxModelObject.cpp:
668         (WebCore::RenderBoxModelObject::paintBorder):
669
670 2014-04-16  Jer Noble  <jer.noble@apple.com>
671
672         [MSE] Seeks into buffered ranges will never complete.
673         https://bugs.webkit.org/show_bug.cgi?id=131717
674
675         Reviewed by Eric Carlson.
676
677         Test: media/media-source/media-source-seek-complete.html
678
679         Run the SourceBuffer Monitoring step after initiating a seek.
680
681         * Modules/mediasource/SourceBuffer.cpp:
682         (WebCore::SourceBuffer::sourceBufferPrivateSeekToTime):
683
684 2014-04-15  Hyowon Kim  <hw1008.kim@samsung.com>
685
686         [EFL] Fix problems with the pixel dump.
687         https://bugs.webkit.org/show_bug.cgi?id=131265
688
689         Reviewed by Gyuyoung Kim.
690
691         Painting and compositing paths of WebKit-EFL were totally modified from r166768.
692         However pixel dump codes still call deprecated functions like ewk_view_paint(),
693         which causes that nothing is drawn.
694
695         This patch adds new member functions to AcceleratedCompositingContext to support pixel dump.
696         One of new functions is AcceleratedCompositingContext::extractImageData(),
697         which replaces deprecated function calls. Besides the extractImageData() is invoked by
698         ewk_view_screenshot_contents_get() in order to take the visible content displayed on the EFL webview.
699
700         * platform/graphics/cairo/CairoUtilities.cpp:
701         (WebCore::flipImageSurfaceVertically): Flip pixel data of given cairo_surface_t vertically up/down.
702         Whereas Cairo uses the top-left corner as being 0,0 of the coordinate system,
703         OpenGL uses the bottom-left corner being 0,0.
704         So we need to vertically flip resultant images taken by glReadPixels().
705         * platform/graphics/cairo/CairoUtilities.h:
706
707 2014-04-15  Hyowon Kim  <hw1008.kim@samsung.com>
708
709         Make page overlay functionality working on coordinated graphics.
710         https://bugs.webkit.org/show_bug.cgi?id=131425
711
712         Reviewed by Darin Adler.
713
714         Page overlay functionality did not work on coordinated graphics since r166975.
715         This patch removes deprecated code related to the PageOverlay GraphicsLayer management.
716         and makes CoordinatedLayerTreeHost use PageOverlayController.
717
718         * platform/graphics/texmap/coordinated/CompositingCoordinator.cpp:
719         (WebCore::CompositingCoordinator::setRootCompositingLayer):
720         (WebCore::CompositingCoordinator::flushPendingLayerChanges):
721         * platform/graphics/texmap/coordinated/CompositingCoordinator.h:
722
723 2014-04-10  Roger Fong  <roger_fong@apple.com>
724
725         Snapshotted plugins may need to be restarted if style properties are changed after initial load of plugin.
726         https://bugs.webkit.org/show_bug.cgi?id=131553.
727         <rdar://problem/15443375>
728
729         Reviewed by Timothy Horton.
730
731         Test: plugins/snapshotting/set-plugin-size-to-tiny.html
732
733         When updating embedded objects during our post layout checks, check for certain style changes
734         that may result in the plugin needing to be restarted.
735
736         * html/HTMLPlugInImageElement.h: 
737         Add m_plugInDimensionsSpecified field to keep track of whether or not dimensions on the plugin’s renderer have been specified.
738         * html/HTMLPlugInImageElement.cpp:
739         (WebCore::HTMLPlugInImageElement::HTMLPlugInImageElement):
740         Initialize m_plugInDimensionsSpecified.
741         (WebCore::isSmallerThanTinySizingThreshold):
742         Refactoring, move check for whether or not plugin is smaller than the tiny plugin size threshold to this method.
743         (WebCore::HTMLPlugInImageElement::isTopLevelFullPage): 
744         Refactoring, move check for whether or not plugin is top level full page to this method.
745         (WebCore::HTMLPlugInImageElement::checkSnapshotStatus): 
746         Use refactored checks here as well to determine whether or not we need to restart the snapshotted plugin.
747         (WebCore::HTMLPlugInImageElement::subframeLoaderWillCreatePlugIn): Use refactored checks.
748         If plugin dimensions were specified, set m_plugInDimensionsSpecified to true.
749
750 2014-04-15  Andreas Kling  <akling@apple.com>
751
752         [iOS WebKit2] Listen for system memory pressure notifications.
753         <https://webkit.org/b/131653>
754         <rdar://problem/16208123>
755
756         Reviewed by Antti Koivisto.
757
758         * platform/cocoa/MemoryPressureHandlerCocoa.mm:
759         (WebCore::MemoryPressureHandler::install):
760
761             Use the right invocation to summon the memory pressure handler.
762
763         (WebCore::MemoryPressureHandler::install):
764         (WebCore::MemoryPressureHandler::uninstall):
765         (WebCore::MemoryPressureHandler::holdOff):
766         (WebCore::MemoryPressureHandler::respondToMemoryPressure):
767
768             Make stubbed out functions !PLATFORM(COCOA)
769
770 2014-04-14  Morten Stenshorne  <mstensho@opera.com>
771
772         [New Multicolumn] Add support for column-span:all
773         https://bugs.webkit.org/show_bug.cgi?id=129330
774
775         Reviewed by Dave Hyatt.
776
777         Column spanners are implemented as siblings of RenderMultiColumnSet
778         objects (i.e. the regions for the column rows). This means that they
779         are pulled out from the flow thread tree where they would otherwise
780         live. This causes some complexity, most of which is contained within
781         the multicol code.
782
783         A placeholder is put in the flow thread tree where the spanner's
784         renderer would otherwise live. This is needed in order make sure that
785         we interrupt line layout before after the spanner. We also need this
786         to be able to switch from one multicol set to the next.
787
788         Some extra logic is required when dynamically inserting and removing
789         flow thread descendants now, because we need to figure out if the
790         renderer added should trigger creation of new multi column sets. If
791         a spanner is inserted in the middle of a multi column set, we need to
792         detect this, split the set and put the spanner in the middle.
793
794         Wrote a bunch of tests. A few of the tests were copied from existing
795         (old-impl) tests and put in a separate directory. That directory can
796         be wiped when we turn on the new multicol implementation by default.
797
798         Tests: fast/multicol/newmulticol/adjacent-spanners.html
799                fast/multicol/newmulticol/block-becomes-spanner.html
800                fast/multicol/newmulticol/change-spanner-display.html
801                fast/multicol/newmulticol/change-spanner-parent-display.html
802                fast/multicol/newmulticol/compare-with-old-impl/anonymous-block-split-crash.html
803                fast/multicol/newmulticol/compare-with-old-impl/before-child-anonymous-column-block.html
804                fast/multicol/newmulticol/compare-with-old-impl/clone-before-after-content-crash.html
805                fast/multicol/newmulticol/compare-with-old-impl/clone-block-children-inline-mismatch-crash.html
806                fast/multicol/newmulticol/compare-with-old-impl/clone-flexbox.html
807                fast/multicol/newmulticol/compare-with-old-impl/clone-summary.html
808                fast/multicol/newmulticol/compare-with-old-impl/column-span-inside-multicol-webkit-box.html
809                fast/multicol/newmulticol/compare-with-old-impl/continuation-crash.html
810                fast/multicol/newmulticol/compare-with-old-impl/double-merge-anonymous-block-crash.html
811                fast/multicol/newmulticol/compare-with-old-impl/empty-anonymous-block-split-crash.html
812                fast/multicol/newmulticol/compare-with-old-impl/float-not-removed-crash.html
813                fast/multicol/newmulticol/compare-with-old-impl/list-multi-column-crash.html
814                fast/multicol/newmulticol/compare-with-old-impl/positioned-child-not-removed-crash.html
815                fast/multicol/newmulticol/compare-with-old-impl/positioned-objects-not-removed-crash.html
816                fast/multicol/newmulticol/compare-with-old-impl/recursive-split-flow-crash.html
817                fast/multicol/newmulticol/compare-with-old-impl/removal-of-multicol-span-crash.html
818                fast/multicol/newmulticol/compare-with-old-impl/remove-child-split-flow-crash.html
819                fast/multicol/newmulticol/compare-with-old-impl/runin-continuation-crash.html
820                fast/multicol/newmulticol/compare-with-old-impl/span-as-immediate-child-complex-splitting.html
821                fast/multicol/newmulticol/compare-with-old-impl/span-as-nested-inline-block-child.html
822                fast/multicol/newmulticol/compare-with-old-impl/split-flow-anonymous-wrapper-crash.html
823                fast/multicol/newmulticol/compare-with-old-impl/split-inline-wrong-post-block-crash.html
824                fast/multicol/newmulticol/compare-with-old-impl/table-multi-column-crash.html
825                fast/multicol/newmulticol/compare-with-old-impl/textbox-not-removed-crash.html
826                fast/multicol/newmulticol/compare-with-old-impl/update-after-content-before-child-crash.html
827                fast/multicol/newmulticol/insert-row-content1.html
828                fast/multicol/newmulticol/insert-row-content2.html
829                fast/multicol/newmulticol/insert-row-content3.html
830                fast/multicol/newmulticol/insert-row-content4.html
831                fast/multicol/newmulticol/insert-row-content5.html
832                fast/multicol/newmulticol/insert-row-content6.html
833                fast/multicol/newmulticol/insert-row-content7.html
834                fast/multicol/newmulticol/insert-row-content8.html
835                fast/multicol/newmulticol/insert-row-content9.html
836                fast/multicol/newmulticol/insert-spanner-child1.html
837                fast/multicol/newmulticol/insert-spanner-child2.html
838                fast/multicol/newmulticol/insert-spanner-child3.html
839                fast/multicol/newmulticol/insert-spanner1.html
840                fast/multicol/newmulticol/insert-spanner2.html
841                fast/multicol/newmulticol/insert-spanner3.html
842                fast/multicol/newmulticol/insert-spanner4.html
843                fast/multicol/newmulticol/insert-spanner5.html
844                fast/multicol/newmulticol/insert-spanner6.html
845                fast/multicol/newmulticol/insert-spanner7.html
846                fast/multicol/newmulticol/insert-spanner8.html
847                fast/multicol/newmulticol/multicol-with-spanner-becomes-regular-block.html
848                fast/multicol/newmulticol/remove-row-content1.html
849                fast/multicol/newmulticol/remove-row-content2.html
850                fast/multicol/newmulticol/remove-row-content3.html
851                fast/multicol/newmulticol/remove-row-content4.html
852                fast/multicol/newmulticol/remove-row-content5.html
853                fast/multicol/newmulticol/remove-row-content6.html
854                fast/multicol/newmulticol/remove-row-content7.html
855                fast/multicol/newmulticol/remove-row-content8.html
856                fast/multicol/newmulticol/remove-row-content9.html
857                fast/multicol/newmulticol/remove-spanner1.html
858                fast/multicol/newmulticol/remove-spanner2.html
859                fast/multicol/newmulticol/remove-spanner3.html
860                fast/multicol/newmulticol/remove-spanner4.html
861                fast/multicol/newmulticol/remove-spanner5.html
862                fast/multicol/newmulticol/remove-spanner6.html
863                fast/multicol/newmulticol/sole-spanner.html
864                fast/multicol/newmulticol/span-between-text.html
865                fast/multicol/newmulticol/spanner-becomes-regular-block.html
866                fast/multicol/newmulticol/spanner-first.html
867                fast/multicol/newmulticol/spanner-img.html
868                fast/multicol/newmulticol/spanner-inline-block.html
869                fast/multicol/newmulticol/spanner-last.html
870                fast/multicol/newmulticol/spanner-nested-dynamic.html
871                fast/multicol/newmulticol/spanner-nested.html
872                fast/multicol/newmulticol/spanner-pseudo-after1.html
873                fast/multicol/newmulticol/spanner-pseudo-after2.html
874                fast/multicol/newmulticol/spanner-pseudo-after3.html
875                fast/multicol/newmulticol/spanner-pseudo-after4.html
876                fast/multicol/newmulticol/spanner-pseudo-before-after1.html
877                fast/multicol/newmulticol/spanner-pseudo-before-after2.html
878                fast/multicol/newmulticol/spanner-pseudo-before-after3.html
879                fast/multicol/newmulticol/spanner-pseudo-before-after4.html
880                fast/multicol/newmulticol/spanner-pseudo-before1.html
881                fast/multicol/newmulticol/spanner-pseudo-before2.html
882                fast/multicol/newmulticol/spanner-pseudo-before3.html
883                fast/multicol/newmulticol/spanner-pseudo-before4.html
884                fast/multicol/newmulticol/spanner-table.html
885                fast/multicol/newmulticol/spanner-with-margin.html
886                fast/multicol/newmulticol/spanner1.html
887                fast/multicol/newmulticol/spanner2.html
888                fast/multicol/newmulticol/spanner3.html
889                fast/multicol/newmulticol/spanner4.html
890                fast/multicol/newmulticol/spanner5.html
891                fast/multicol/newmulticol/spanner6.html
892                fast/multicol/newmulticol/spanner7.html
893                fast/multicol/newmulticol/spanner8.html
894                fast/multicol/newmulticol/spanner9.html
895                fast/multicol/newmulticol/trailing-margin-with-spanner.html
896                fast/multicol/newmulticol/trailing-margin-with-spanner2.html
897
898         * CMakeLists.txt:
899         * WebCore.vcxproj/WebCore.vcxproj:
900         * WebCore.vcxproj/WebCore.vcxproj.filters:
901         * rendering/RenderBlock.cpp:
902         (WebCore::RenderBlock::addChildIgnoringAnonymousColumnBlocks):
903         Disable the old anonymous multicol container and spanner anonymous
904         block generation machinery when the new multicol implementation is
905         enabled.
906         * rendering/RenderBlockFlow.cpp:
907         (WebCore::RenderBlockFlow::createMultiColumnFlowThread):
908         (WebCore::RenderBlockFlow::destroyMultiColumnFlowThread):
909         (WebCore::RenderBlockFlow::layoutBlockChild): Need to notify the
910         flow thread when a descendant's final position is known. Spanner
911         placeholders need to know where to terminate the column set that
912         it follows.
913         (WebCore::RenderBlockFlow::styleDidChange): Remove old code that
914         isn't needed anymore. The renderers in question (flow thread and
915         column sets) set display:block on themselves already. This code
916         caused problems for spanners, which got all their style wiped.
917         (WebCore::RenderBlockFlow::setMultiColumnFlowThread): If setting
918         the flow thread to nullptr, there's no need to create the "rare
919         data" structure.
920         (WebCore::RenderBlockFlow::relayoutForPagination):
921         (WebCore::RenderBlockFlow::layoutSpecialExcludedChild):
922         (WebCore::RenderBlockFlow::addChild): beforeChild is retrieved via
923         the DOM. If it is a spanner, we need to locate the placeholder
924         here, because that's the correct location to insert siblings,
925         DOM-wise.
926         (WebCore::RenderBlockFlow::removeChild): The multicol flow thread
927         needs to know when children disappear.
928         (WebCore::RenderBlockFlow::checkForPaginationLogicalHeightChange):
929         Don't modify the height back and forth when calculating the
930         multicol container's final height, as that messes up balancing.
931         (WebCore::RenderBlockFlow::insertedIntoTree): Deleted.
932         (WebCore::RenderBlockFlow::willBeDestroyed): Deleted.
933         (WebCore::RenderBlockFlow::styleWillChange): Deleted.
934         (WebCore::RenderBlockFlow::lineAtIndex): Deleted.
935         * rendering/RenderBlockFlow.h:
936         * rendering/RenderElement.cpp:
937         (WebCore::RenderElement::insertedIntoTree): Set up an element's
938         layer before notifying the flow thread. The multicol flow thread
939         may decide to move the element (if it's a spanner), which may
940         involve re-insertion of layers.  Calling
941         RenderObject::insertedIntoTree() last instead of first also better
942         matches the order we used to have prior to the introduction of
943         RenderElement, FWIW.
944         * rendering/RenderFlowThread.cpp:
945         (WebCore::RenderFlowThread::layout):
946         (WebCore::RenderFlowThread::removeRegionFromThread): Deleted.
947         (WebCore::RenderFlowThread::invalidateRegions): Deleted.
948         * rendering/RenderFlowThread.h:
949         * rendering/RenderMultiColumnFlowThread.cpp:
950         (WebCore::RenderMultiColumnFlowThread::RenderMultiColumnFlowThread):
951         (WebCore::RenderMultiColumnFlowThread::removeFlowChildInfo): When
952         a flow thread descendant is inserted, the multicol flow thread
953         needs to be notified.
954         (WebCore::RenderMultiColumnFlowThread::firstMultiColumnSet):
955         (WebCore::RenderMultiColumnFlowThread::lastMultiColumnSet):
956         (WebCore::RenderMultiColumnFlowThread::firstColumnSetOrSpanner):
957         (WebCore::RenderMultiColumnFlowThread::nextColumnSetOrSpannerSiblingOf):
958         (WebCore::RenderMultiColumnFlowThread::previousColumnSetOrSpannerSiblingOf):
959         (WebCore::RenderMultiColumnFlowThread::layout):
960         (WebCore::RenderMultiColumnFlowThread::findSetRendering):
961         (WebCore::RenderMultiColumnFlowThread::populate):
962         (WebCore::RenderMultiColumnFlowThread::evacuateAndDestroy):
963         (WebCore::RenderMultiColumnFlowThread::addRegionToThread):
964         (WebCore::RenderMultiColumnFlowThread::willBeRemovedFromTree):
965         Need to detach column sets here, since they have pointers to their
966         flow thread.
967         (WebCore::RenderMultiColumnFlowThread::resolveMovedChild):
968         (WebCore::isValidColumnSpanner):
969         (WebCore::RenderMultiColumnFlowThread::flowThreadDescendantInserted):
970         (WebCore::RenderMultiColumnFlowThread::flowThreadRelativeWillBeRemoved):
971         (WebCore::RenderMultiColumnFlowThread::flowThreadDescendantBoxLaidOut):
972         (WebCore::RenderMultiColumnFlowThread::autoGenerateRegionsToBlockOffset):
973         Nothing to be done here for the time being. Column sets are now
974         created during box creation. We are going to need to add some code
975         here again once multicol properly supports nested fragmentation
976         contexts (and you get adjacent column rows because of that).
977         (WebCore::RenderMultiColumnFlowThread::regionAtBlockOffset):
978         During layout, don't trust the region interval tree, as that one
979         depends on the resulting layout.
980         (WebCore::RenderMultiColumnFlowThread::setRegionRangeForBox): With
981         a convenience method to get the last column set, and column sets
982         now being created during normal box creation, this young method
983         needs an overhaul.
984         (WebCore::RenderMultiColumnFlowThread::setRegionRangeForBox):
985         (WebCore::RenderMultiColumnFlowThread::isPageLogicalHeightKnown):
986         * rendering/RenderMultiColumnFlowThread.h:
987         * rendering/RenderMultiColumnSet.cpp:
988         (WebCore::RenderMultiColumnSet::nextSiblingMultiColumnSet):
989         (WebCore::RenderMultiColumnSet::previousSiblingMultiColumnSet):
990         (WebCore::RenderMultiColumnSet::firstRendererInFlowThread):
991         (WebCore::RenderMultiColumnSet::lastRendererInFlowThread):
992         (WebCore::precedesRenderer):
993         (WebCore::RenderMultiColumnSet::containsRendererInFlowThread):
994         (WebCore::RenderMultiColumnSet::setLogicalTopInFlowThread):
995         (WebCore::RenderMultiColumnSet::setLogicalBottomInFlowThread):
996         (WebCore::RenderMultiColumnSet::pageLogicalTopForOffset):
997         (WebCore::RenderMultiColumnSet::distributeImplicitBreaks):
998         (WebCore::RenderMultiColumnSet::calculateBalancedHeight):
999         (WebCore::RenderMultiColumnSet::addForcedBreak):
1000         (WebCore::RenderMultiColumnSet::recalculateColumnHeight):
1001         Previously only needed if columns were to be balanced, now it's
1002         also needed when not balancing.
1003         (WebCore::RenderMultiColumnSet::recordSpaceShortage): Some layout
1004         elements actually have 0 height. Skip them, since they're not
1005         taking us anywhere.
1006         (WebCore::RenderMultiColumnSet::updateLogicalWidth):
1007         (WebCore::RenderMultiColumnSet::requiresBalancing): Column sets
1008         now have individual balancing needs. If they precede a spanner,
1009         they must always be balanced. For the last column set, see if
1010         height is unspecified or column-fill is 'balance' (like before).
1011         (WebCore::RenderMultiColumnSet::prepareForLayout):
1012         (WebCore::RenderMultiColumnSet::beginFlow):
1013         (WebCore::RenderMultiColumnSet::endFlow):
1014         (WebCore::RenderMultiColumnSet::layout):
1015         (WebCore::RenderMultiColumnSet::calculateMaxColumnHeight):
1016         (WebCore::RenderMultiColumnSet::columnRectAt):
1017         (WebCore::RenderMultiColumnSet::flowThreadPortionOverflowRect):
1018         (WebCore::RenderMultiColumnSet::paintColumnRules):
1019         (WebCore::RenderMultiColumnSet::initialBlockOffsetForPainting):
1020         (WebCore::RenderMultiColumnSet::collectLayerFragments):
1021         (WebCore::RenderMultiColumnSet::columnTranslationForOffset):
1022         (WebCore::RenderMultiColumnSet::setAndConstrainColumnHeight): Deleted.
1023         (WebCore::RenderMultiColumnSet::findRunWithTallestColumns): Deleted.
1024         (WebCore::RenderMultiColumnSet::clearForcedBreaks): Deleted.
1025         (WebCore::RenderMultiColumnSet::repaintFlowThreadContent): Deleted.
1026         * rendering/RenderMultiColumnSet.h:
1027         * rendering/RenderMultiColumnSpannerPlaceholder.cpp: Added.
1028         (WebCore::RenderMultiColumnSpannerPlaceholder::createAnonymous):
1029         (WebCore::RenderMultiColumnSpannerPlaceholder::RenderMultiColumnSpannerPlaceholder):
1030         (WebCore::RenderMultiColumnSpannerPlaceholder::renderName):
1031         * rendering/RenderMultiColumnSpannerPlaceholder.h: Added.
1032         * rendering/RenderObject.cpp:
1033         (WebCore::RenderObject::insertedIntoTree): Need to notify the
1034         multicol flow thread when descendants are inserted. That may
1035         trigger insertion of column sets, or, in the case of spanners,
1036         they need to be moved out from the flow thread.
1037         * rendering/RenderObject.h:
1038         (WebCore::RenderObject::isRenderMultiColumnSpannerPlaceholder):
1039         (WebCore::RenderObject::isAnonymousBlock): Exclude column sets
1040         here, so that they don't get involved in anonymous block merging
1041         and other kinds of fun.
1042         * rendering/RenderRegion.h:
1043         * rendering/RenderRegionSet.h:
1044
1045 2014-04-15  Simon Fraser  <simon.fraser@apple.com>
1046
1047         LayerTreeAsTextBehavior should be in the WebCore namespace
1048         https://bugs.webkit.org/show_bug.cgi?id=131683
1049
1050         Reviewed by Andrei Bucur.
1051
1052         Move LayerTreeAsTextBehavior and the bit flags into the WebCore namespace.
1053
1054         * platform/graphics/GraphicsLayer.cpp:
1055         (showGraphicsLayerTree):
1056         * platform/graphics/GraphicsLayer.h:
1057
1058 2014-04-15  Benjamin Poulain  <bpoulain@apple.com>
1059
1060         ViewportConfiguration handles userZoom incorrectly
1061         https://bugs.webkit.org/show_bug.cgi?id=131657
1062
1063         Reviewed by Darin Adler.
1064
1065         * page/ViewportConfiguration.cpp:
1066         (WebCore::viewportArgumentUserZoomIsSet):
1067         (WebCore::ViewportConfiguration::updateConfiguration):
1068         The other viewport values must be strictly positive, userZoom is always either zero, one or minus one.
1069         As a result, the value zero was never set.
1070
1071 2014-04-15  Simon Fraser  <simon.fraser@apple.com>
1072
1073         [iOS WK2] Pages often blank on first load if page loaded by typing the URL
1074         https://bugs.webkit.org/show_bug.cgi?id=131665
1075
1076         Reviewed by Tim Horton.
1077
1078         The document overlay-related code in RemoteLayerTreeDrawingArea::setRootCompositingLayer()
1079         was triggering a compositing layer flush when called with a null rootLayer, which happens
1080         for pages going into the page cache. This would trigger a layer flush that would clobber
1081         the root layer for the visible page, resulting in missing content.
1082         
1083         Also, rebuildCompositingLayerTree() is called recursively and the m_documentOverlayRootLayer
1084         was being added to (and then removed from) every single compositing layers.
1085         
1086         Fix both these by changing to a pull model, where RenderLayerCompositor requests
1087         the overlay layer via ChromeClient, and gets it at the end of every flush,
1088         adding to the children of the root layer.
1089
1090         * WebCore.exp.in:
1091         * page/ChromeClient.h:
1092         (WebCore::ChromeClient::documentOverlayLayerForFrame):
1093         * rendering/RenderLayerCompositor.cpp:
1094         (WebCore::RenderLayerCompositor::RenderLayerCompositor):
1095         (WebCore::RenderLayerCompositor::flushPendingLayerChanges): Put visibleRect
1096         into a variable for ease of debugging.
1097         (WebCore::RenderLayerCompositor::updateCompositingLayers): Asser
1098         that we're not in the page cache (this would have caught the bug).
1099         (WebCore::RenderLayerCompositor::appendOverlayLayers):
1100         (WebCore::RenderLayerCompositor::rebuildCompositingLayerTree):
1101         (WebCore::RenderLayerCompositor::setDocumentOverlayRootLayer): Deleted.
1102         * rendering/RenderLayerCompositor.h:
1103
1104 2014-04-15  Commit Queue  <commit-queue@webkit.org>
1105
1106         Unreviewed, rolling out r167199 and r167251.
1107         https://bugs.webkit.org/show_bug.cgi?id=131678
1108
1109         Caused a DYEBench regression and does not seem to improve perf
1110         on relevant websites (Requested by rniwa on #webkit).
1111
1112         Reverted changesets:
1113
1114         "Rewrite Function.bind as a builtin"
1115         https://bugs.webkit.org/show_bug.cgi?id=131083
1116         http://trac.webkit.org/changeset/167199
1117
1118         "Update test result"
1119         http://trac.webkit.org/changeset/167251
1120
1121 2014-04-15  Gyuyoung Kim  <gyuyoung.kim@samsung.com>
1122
1123         Remove unnecessary null checking in NavigatorContentUtils
1124         https://bugs.webkit.org/show_bug.cgi?id=131652
1125
1126         Reviewed by Darin Adler.
1127
1128         Some functions have checked if document is null. However, document is always not
1129         null when frame is existed.
1130
1131         No new tests, no behavior changes.
1132
1133         * Modules/navigatorcontentutils/NavigatorContentUtils.cpp:
1134         (WebCore::NavigatorContentUtils::registerProtocolHandler):
1135         (WebCore::NavigatorContentUtils::isProtocolHandlerRegistered):
1136         (WebCore::NavigatorContentUtils::unregisterProtocolHandler):
1137
1138 2014-04-15  Commit Queue  <commit-queue@webkit.org>
1139
1140         Unreviewed, rolling out r167298.
1141         https://bugs.webkit.org/show_bug.cgi?id=131670
1142
1143         Broke CSS filters (17 test crashes) (Requested by ap on
1144         #webkit).
1145
1146         Reverted changeset:
1147
1148         "[iOS WK2] Pages often blank on first load if page loaded by
1149         typing the URL"
1150         https://bugs.webkit.org/show_bug.cgi?id=131665
1151         http://trac.webkit.org/changeset/167298
1152
1153 2014-04-14  Pratik Solanki  <psolanki@apple.com>
1154
1155         Unreviewed. Attempt to fix Windows build after r167277.
1156
1157         * page/FrameView.cpp:
1158         (WebCore::FrameView::willPaintContents):
1159
1160 2014-04-14  Commit Queue  <commit-queue@webkit.org>
1161
1162         Unreviewed, rolling out r167261.
1163         https://bugs.webkit.org/show_bug.cgi?id=131667
1164
1165         broke many navigation tests (Requested by ap on #webkit).
1166
1167         Reverted changeset:
1168
1169         "Web Replay: memoize fallback time values for
1170         document.lastModified"
1171         https://bugs.webkit.org/show_bug.cgi?id=131318
1172         http://trac.webkit.org/changeset/167261
1173
1174 2014-04-14  Simon Fraser  <simon.fraser@apple.com>
1175
1176         [iOS WK2] Pages often blank on first load if page loaded by typing the URL
1177         https://bugs.webkit.org/show_bug.cgi?id=131665
1178
1179         Reviewed by Tim Horton.
1180
1181         The document overlay-related code in RemoteLayerTreeDrawingArea::setRootCompositingLayer()
1182         was triggering a compositing layer flush when called with a null rootLayer, which happens
1183         for pages going into the page cache. This would trigger a layer flush that would clobber
1184         the root layer for the visible page, resulting in missing content.
1185         
1186         Also, rebuildCompositingLayerTree() is called recursively and the m_documentOverlayRootLayer
1187         was being added to (and then removed from) every single compositing layers.
1188         
1189         Fix both these by changing to a pull model, where RenderLayerCompositor requests
1190         the overlay layer via ChromeClient, and gets it at the end of every flush,
1191         adding to the children of the root layer.
1192
1193         * WebCore.exp.in:
1194         * page/ChromeClient.h:
1195         (WebCore::ChromeClient::documentOverlayLayerForFrame):
1196         * rendering/RenderLayerCompositor.cpp:
1197         (WebCore::RenderLayerCompositor::RenderLayerCompositor):
1198         (WebCore::RenderLayerCompositor::flushPendingLayerChanges): Put visibleRect
1199         into a variable for ease of debugging.
1200         (WebCore::RenderLayerCompositor::updateCompositingLayers): Asser
1201         that we're not in the page cache (this would have caught the bug).
1202         (WebCore::RenderLayerCompositor::appendOverlayLayers):
1203         (WebCore::RenderLayerCompositor::rebuildCompositingLayerTree):
1204         (WebCore::RenderLayerCompositor::setDocumentOverlayRootLayer): Deleted.
1205         * rendering/RenderLayerCompositor.h:
1206
1207 2014-04-14  Jon Honeycutt  <jhoneycutt@apple.com>
1208
1209         Assertion failure under FEImage::determineAbsolutePaintRect()
1210
1211         <https://bugs.webkit.org/show_bug.cgi?id=131660>
1212         <rdar://problem/15669294>
1213
1214         This patch merges Chromium r149536 (see
1215         <https://chromiumcodereview.appspot.com/14701012>), which moves
1216         m_absoluteTransform out of SVGFilter and into the base Filter class, so
1217         that it isn't necessary to cast a Filter to SVGFilter to get the
1218         absolute transform.
1219
1220         Reviewed by Geoffrey Garen.
1221
1222         Test: svg/filters/feImage-filter-assertion.html
1223
1224         * platform/graphics/filters/Filter.h:
1225         (WebCore::Filter::Filter):
1226         Changed to take the absolute transform.
1227         (WebCore::Filter::absoluteTransform):
1228         Moved from SVGFilter.
1229         (WebCore::Filter::mapAbsolutePointToLocalPoint):
1230         Ditto.
1231
1232         * rendering/FilterEffectRenderer.cpp:
1233         (WebCore::FilterEffectRenderer::FilterEffectRenderer):
1234         Pass a default AffineTransform() to the Filter base class.
1235
1236         * svg/graphics/filters/SVGFEImage.cpp:
1237         (WebCore::FEImage::determineAbsolutePaintRect):
1238         Use the Filter without casting it to SVGFilter.
1239         (WebCore::FEImage::platformApplySoftware):
1240         Ditto.
1241
1242         * svg/graphics/filters/SVGFilter.cpp:
1243         (WebCore::SVGFilter::SVGFilter):
1244         Pass the transform to the base class, and remove initialization of a
1245         removed member var.
1246
1247         * svg/graphics/filters/SVGFilter.h:
1248         Member var moved to Filter.h.
1249
1250 2014-04-14  Darin Adler  <darin@apple.com>
1251
1252         REGRESSION (r158617): Find on Page can get stuck in a loop when the search string occurs in an <input> in a <fieldset>
1253         https://bugs.webkit.org/show_bug.cgi?id=126322
1254
1255         Reviewed by Ryosuke Niwa.
1256
1257         One additional tweak to the fix for the bug above.
1258         Fixes crash in editing/editability/ignored-content.html test.
1259
1260         * html/HTMLObjectElement.cpp:
1261         (WebCore::HTMLObjectElement::canContainRangeEndPoint): Call through to
1262         HTMLElement::canContainRangeEndPoint, bypassing HTMLPlugInElement override
1263         that always returns false. Without this change, this function was always
1264         returning false.
1265
1266 2014-04-14  Simon Fraser  <simon.fraser@apple.com>
1267
1268         Crash in TileController::tileRevalidationTimerFired
1269         https://bugs.webkit.org/show_bug.cgi?id=131656
1270         <rdar://problem/16583166>
1271
1272         Reviewed by Sam Weinig.
1273
1274         It's possible for the TileController revalidation timer to fire after
1275         the GraphicsLayer has been destroyed, so the PlatformCALayer no longer
1276         has an owningGraphicsLayer.
1277         
1278         Bail from the timer callback if owningGraphicsLayer() is null.
1279         
1280         Also some drive-by 0 -> nullptr changes.
1281
1282         * platform/graphics/ca/GraphicsLayerCA.cpp:
1283         (WebCore::GraphicsLayerCA::willBeDestroyed):
1284         * platform/graphics/ca/PlatformCALayer.cpp:
1285         (WebCore::PlatformCALayer::~PlatformCALayer):
1286         * platform/graphics/ca/mac/TileController.mm:
1287         (WebCore::TileController::tileRevalidationTimerFired):
1288
1289 2014-04-14  Bem Jones-Bey  <bjonesbe@adobe.com>
1290
1291         [CSS Shapes] Remove some leftover shape-inside code
1292         https://bugs.webkit.org/show_bug.cgi?id=131641
1293
1294         Reviewed by Dean Jackson.
1295
1296         I discovered that some code had been leftover from the shape-inside
1297         removal. This removes that leftover code.
1298
1299         No new tests, no behavior change.
1300
1301         * platform/text/BidiResolver.h:
1302         * rendering/BidiRun.cpp:
1303         (WebCore::BidiRun::BidiRun):
1304         * rendering/RenderBlockFlow.h:
1305         * rendering/RenderBlockLineLayout.cpp:
1306         (WebCore::RenderBlockFlow::createLineBoxes):
1307         (WebCore::RenderBlockFlow::constructLine):
1308         (WebCore::computeExpansionForJustifiedText):
1309         (WebCore::RenderBlockFlow::computeInlineDirectionPositionsForSegment):
1310
1311 2014-04-14  Jer Noble  <jer.noble@apple.com>
1312
1313         [MSE][Mac] video.currentTime is sometimes negative.
1314         https://bugs.webkit.org/show_bug.cgi?id=131644
1315
1316         Reviewed by Eric Carlson.
1317
1318         AVSampleBufferRenderSynchronizer will occasionally return slightly negative values
1319         when beginning playback. Clamp the return value to 0.
1320
1321         * platform/graphics/avfoundation/objc/MediaPlayerPrivateMediaSourceAVFObjC.mm:
1322         (WebCore::MediaPlayerPrivateMediaSourceAVFObjC::currentTimeDouble):
1323
1324 2014-04-14  Bem Jones-Bey  <bjonesbe@adobe.com>
1325
1326         [CSSExclusions] Remove FIXME referencing closed bug
1327         https://bugs.webkit.org/show_bug.cgi?id=131645
1328
1329         Reviewed by Dean Jackson.
1330
1331         This is silly, but the comment is really confusing as it's entirely
1332         wrong now.
1333
1334         No new tests, no behavior change.
1335
1336         * rendering/style/RenderStyle.cpp:
1337         (WebCore::RenderStyle::changeRequiresRepaint):
1338
1339 2014-04-14  Andreas Kling  <akling@apple.com>
1340
1341         Build fixage.
1342
1343         * page/FrameView.cpp:
1344
1345 2014-04-14  Jon Honeycutt  <jhoneycutt@apple.com>
1346
1347         Assertion failure !node || node->isElementNode() in
1348         WebCore::RenderBlock::inlineElementContinuation
1349   
1350         https://bugs.webkit.org/show_bug.cgi?id=108829
1351         <rdar://problem/13666405>
1352   
1353         I can't reproduce this assertion failure, but there seems to be an
1354         invalid assumption in RenderBlock::inlineElementContinuation() that
1355         anything with the "isInline()" bit set is a RenderInline.
1356         
1357         No new test because the test case in the bug does not repro for me.
1358
1359         Reviewed by Brent Fulgham.
1360
1361         * rendering/RenderBlock.cpp:
1362         (WebCore::RenderBlock::inlineElementContinuation):
1363         Dave Hyatt says that this function should only return RenderInline
1364         objects (not non-RenderInline inline objects), so update the checks
1365         from isInline() to isRenderInline() before casting with
1366         toRenderInline().
1367
1368         * rendering/RenderInline.cpp:
1369         (WebCore::RenderInline::inlineElementContinuation):
1370         Ditto.
1371
1372 2014-04-14  Andreas Kling  <akling@apple.com>
1373
1374         Do more things under memory pressure on non-iOS platforms.
1375         <https://webkit.org/b/131625>
1376
1377         Reviewed by Antti Koivisto.
1378
1379         Rename hasReceivedMemoryPressure() to isUnderMemoryPressure() and
1380         make it use std::atomic<bool> instead of OSAtomic primitives.
1381
1382         Unmask most of the PLATFORM(IOS) blocks so all platforms can take
1383         advantage of optimizations done while under pressure. Note that
1384         isUnderMemoryPressure() will still always return false on platforms
1385         other than iOS/WK1, but this will change soon.
1386
1387         * history/PageCache.cpp:
1388         (WebCore::PageCache::canCache):
1389         * loader/FrameLoader.cpp:
1390         (WebCore::FrameLoader::commitProvisionalLoad):
1391         * page/FrameView.cpp:
1392         (WebCore::FrameView::willPaintContents):
1393         (WebCore::FrameView::didPaintContents):
1394         * platform/MemoryPressureHandler.cpp:
1395         (WebCore::MemoryPressureHandler::MemoryPressureHandler):
1396         * platform/MemoryPressureHandler.h:
1397         (WebCore::MemoryPressureHandler::isUnderMemoryPressure):
1398         * platform/cocoa/MemoryPressureHandlerCocoa.mm:
1399         (WebCore::MemoryPressureHandler::setReceivedMemoryPressure):
1400         (WebCore::MemoryPressureHandler::clearMemoryPressure):
1401         (WebCore::MemoryPressureHandler::respondToMemoryPressureIfNeeded):
1402         (WebCore::MemoryPressureHandler::hasReceivedMemoryPressure): Deleted.
1403         * platform/graphics/FontCache.cpp:
1404         (WebCore::FontCache::purgeInactiveFontDataIfNeeded):
1405         * platform/ios/LegacyTileCache.mm:
1406         (WebCore::LegacyTileCache::createTilesInActiveGrid):
1407         * platform/ios/LegacyTileGrid.mm:
1408         (WebCore::LegacyTileGrid::shouldUseMinimalTileCoverage):
1409         * platform/ios/LegacyTileLayerPool.mm:
1410         (WebCore::LegacyTileLayerPool::addLayer):
1411         * platform/ios/TileControllerMemoryHandlerIOS.cpp:
1412         (WebCore::TileControllerMemoryHandler::tileControllerGainedUnparentedTiles):
1413
1414 2014-04-14  Beth Dakin  <bdakin@apple.com>
1415
1416         RenderLayerCompositor's m_layerForOverhangAreas should be offset by the 
1417         topContentInset
1418         https://bugs.webkit.org/show_bug.cgi?id=131632
1419         -and corresponding-
1420         <rdar://problem/16609602>
1421
1422         Reviewed by Tim Horton.
1423
1424         Offset m_layerForOverhangAreas by the topContentInset. 
1425         * rendering/RenderLayerCompositor.cpp:
1426         (WebCore::RenderLayerCompositor::updateOverflowControlsLayers):
1427
1428 2014-04-14  Alexey Proskuryakov  <ap@apple.com>
1429
1430         Eliminate CachedFrame::m_mousePressNode
1431         https://bugs.webkit.org/show_bug.cgi?id=131626
1432
1433         Reviewed by Brady Eidson.
1434
1435         I couldn't find any observable effect of this change.
1436
1437         * history/CachedFrame.cpp:
1438         (WebCore::CachedFrameBase::CachedFrameBase):
1439         (WebCore::CachedFrameBase::restore):
1440         (WebCore::CachedFrame::clear):
1441         * history/CachedFrame.h:
1442         (WebCore::CachedFrame::documentLoader):
1443         (WebCore::CachedFrame::mousePressNode): Deleted.
1444         Eliminated m_mousePressNode, accessor, and code that reached out to EventHandler.
1445
1446         * page/EventHandler.cpp:
1447         (WebCore::EventHandler::mousePressNode): Deleted.
1448         (WebCore::EventHandler::setMousePressNode): Deleted.
1449         * page/EventHandler.h:
1450         (WebCore::EventHandler::setMousePressed): Deleted. This function was already unused.
1451
1452 2014-04-14  Simon Fraser  <simon.fraser@apple.com>
1453
1454         Run filter animations in the UI process with UI-side compositing
1455         https://bugs.webkit.org/show_bug.cgi?id=131199
1456         <rdar://problem/16479487>
1457
1458         Reviewed by Sam Weinig.
1459
1460         Add FilterOperation::clone() which is used during decoding.
1461         Export some things.
1462
1463         * WebCore.exp.in:
1464         * platform/graphics/filters/FilterOperation.h:
1465
1466 2014-04-14  Jer Noble  <jer.noble@apple.com>
1467
1468         Use after free in WebCore::CachedResourceHandleBase::~CachedResourceHandleBase / WebCore::removeDetachedChildrenInContainer
1469         https://bugs.webkit.org/show_bug.cgi?id=131169
1470
1471         Reviewed by Eric Carlson.
1472
1473         Invalidate the WebCoreAVFResourceLoader owned by MediaPlayerPrivateAVFoundationObjC
1474         in its destructor, to prevent a private function being called in response to the
1475         WebCoreAVFResourceLoader being stopped.
1476
1477         * platform/graphics/avfoundation/objc/MediaPlayerPrivateAVFoundationObjC.mm:
1478         (WebCore::MediaPlayerPrivateAVFoundationObjC::~MediaPlayerPrivateAVFoundationObjC):
1479         * platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.h:
1480         * platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.mm:
1481         (WebCore::WebCoreAVFResourceLoader::invalidate):
1482
1483 2014-04-14  Simon Fraser  <simon.fraser@apple.com>
1484
1485         [WK2 iOS] Scrolling to anchor links is broken
1486         https://bugs.webkit.org/show_bug.cgi?id=131618
1487         <rdar://problem/16599144>
1488
1489         Reviewed by Tim Horton.
1490
1491         Have ScrollingTreeScrollingNode pass RequestedScrollPosition updates
1492         to the scrolling tree, so that the scrolling tree can have custom behavior
1493         for them if necessary.
1494
1495         * page/scrolling/ScrollingTree.h:
1496         (WebCore::ScrollingTree::scrollingTreeNodeRequestsScroll):
1497         * page/scrolling/ScrollingTreeScrollingNode.cpp:
1498         (WebCore::ScrollingTreeScrollingNode::updateAfterChildren):
1499         * page/scrolling/ScrollingTreeScrollingNode.h:
1500
1501 2014-04-14  Brian J. Burg  <burg@cs.washington.edu>
1502
1503         Web Replay: memoize fallback time values for document.lastModified
1504         https://bugs.webkit.org/show_bug.cgi?id=131318
1505
1506         Reviewed by Joseph Pecoraro.
1507
1508         If a document's Last-Modified header can't be found or used, then 
1509         document.lastModified is derived from the current system time or
1510         from filesystem data, which is obviously nondeterministic.
1511
1512         It's better to handle this inside Document::lastModified rather than using
1513         MemoizedDOMResult, because only the fallback case is nondeterministic.
1514
1515         Test: http/tests/inspector/replay/document-last-modified-fallback-value.html
1516
1517         * dom/Document.cpp:
1518         (WebCore::Document::lastModified): Save or reuse memoized fallback value.
1519         * replay/WebInputs.json: Add input DocumentLastModifiedDate.
1520
1521 2014-04-12  Antti Koivisto  <antti@apple.com>
1522
1523         Keep secondary tile grid for zoomed-out scale
1524         https://bugs.webkit.org/show_bug.cgi?id=131586
1525
1526         Reviewed by Darin Adler.
1527
1528         * platform/graphics/ca/GraphicsLayerCA.cpp:
1529         (WebCore::GraphicsLayerCA::updateContentsScale):
1530         
1531             Don't repaint tiled backing with setNeedsDisplay, it invalidates itself correctly in setContentsScale.
1532             Update custom child layers when tiled backing scale changes.
1533
1534         * platform/graphics/ca/mac/TileController.h:
1535         * platform/graphics/ca/mac/TileController.mm:
1536         (WebCore::TileController::TileController):
1537         (WebCore::TileController::setNeedsDisplay):
1538         
1539             Drop the whole zoomed-out grid on full repaint.
1540
1541         (WebCore::TileController::setNeedsDisplayInRect):
1542             
1543             Drop changed zoomed-out tiles. A more sophisticated strategy is possible.
1544
1545         (WebCore::TileController::setContentsScale):
1546         
1547             Swap the zoomed-out grid in and out as needed.
1548             Repaint the active grid after scale change so the client does not have to.
1549
1550         (WebCore::TileController::contentsScale):
1551         
1552             Get the content scale from the tile grid so it is not kept in two places.
1553
1554         (WebCore::TileController::zoomedOutContentsScale):
1555         (WebCore::TileController::setZoomedOutContentsScale):
1556         
1557             Drop the zoomed-out grid if it no longer matches the zoomed-out scale.
1558
1559         (WebCore::TileController::tileRevalidationTimerFired):
1560         (WebCore::TileController::retainedTileBackingStoreMemory):
1561         (WebCore::TileController::containerLayers):
1562         
1563             Return both zoomed-out tiles and the active tiles. Active tiles are on top.
1564
1565         (WebCore::TileController::numberOfUnparentedTiles):
1566         (WebCore::TileController::removeUnparentedTilesNow):
1567         * platform/graphics/ca/mac/TileGrid.h:
1568         * platform/graphics/ca/mac/TileGrid.mm:
1569         (WebCore::TileGrid::dropTilesInRect):
1570         
1571             Add a function for dropping tiles.
1572
1573         (WebCore::TileGrid::revalidateTiles):
1574
1575 2014-04-14  Oliver Hunt  <oliver@apple.com>
1576
1577         Update test result
1578
1579         * bindings/scripts/test/JS/JSTestNondeterministic.cpp:
1580         (WebCore::JSTestNondeterministicConstructor::finishCreation):
1581
1582 2014-04-14  Dirk Schulze  <krit@webkit.org>
1583
1584         Optimize Canvas fill and drawImage with SourceIn, DestinationIn, SourceOut, and DestinationAtop using transparencyLayer.
1585         https://bugs.webkit.org/show_bug.cgi?id=79659
1586
1587         Reviewed by Darin Adler.
1588
1589         Optimize fill() and fillRect() operations in Canvas on composited contexts by
1590         10 to 20 times on CG.
1591
1592         Replacing the ImageBuffer code by transparency layers allows the
1593         graphics library to optimize the drawing.
1594
1595         Doing the same for drawImage() would give performance regressions.
1596
1597         An inline function will create a transparency layer for CG. Cairo graphics
1598         does not composite correctly when a transparency layer gets created. 
1599         The inline function is just a NOOP for Cairo.
1600
1601         This fixes bug 131303 as well.
1602
1603         Added performance tests with r167124 already.
1604
1605         * html/canvas/CanvasRenderingContext2D.cpp:
1606         (WebCore::CanvasRenderingContext2D::fillInternal):
1607         (WebCore::CanvasRenderingContext2D::strokeInternal):
1608         (WebCore::CanvasRenderingContext2D::beginCompositeLayer):
1609         (WebCore::CanvasRenderingContext2D::endCompositeLayer):
1610         (WebCore::CanvasRenderingContext2D::fillRect):
1611         (WebCore::CanvasRenderingContext2D::strokeRect):
1612         (WebCore::CanvasRenderingContext2D::drawTextInternal):
1613         (WebCore::CanvasRenderingContext2D::fullCanvasCompositedFill): Deleted.
1614         * html/canvas/CanvasRenderingContext2D.h:
1615
1616 2014-04-14  Tim Horton  <timothy_horton@apple.com>
1617
1618         Lots of compositing test failures after r167152
1619         https://bugs.webkit.org/show_bug.cgi?id=131574
1620
1621         Reviewed by Darin Adler.
1622
1623         * platform/graphics/GraphicsLayer.cpp:
1624         (WebCore::dumpChildren):
1625         (WebCore::GraphicsLayer::dumpProperties):
1626         Make child-dumping recursive so that we can easily skip layers up to any depth.
1627
1628 2014-04-14  Peter Molnar  <pmolnar.u-szeged@partner.samsung.com>
1629
1630         Fix incorrect indentations in CodeGeneratorJS.pm introduced in r165521
1631         https://bugs.webkit.org/show_bug.cgi?id=131613
1632
1633         Reviewed by Csaba Osztrogonác.
1634
1635         * bindings/scripts/CodeGeneratorJS.pm:
1636         (GenerateImplementation):
1637         Fixed 5-space indentation.
1638         * bindings/scripts/test/JS/JSTestNondeterministic.cpp:
1639         Updated the tests accordingly.
1640
1641 2014-04-14  Manuel Rego Casasnovas  <rego@igalia.com>
1642
1643         [JSC] CSSStyleDeclaration report incorrect descriptor
1644         https://bugs.webkit.org/show_bug.cgi?id=89697
1645
1646         Reviewed by Benjamin Poulain.
1647
1648         Change descriptor of CSSStyleDeclaration properties in order to have
1649         writable and enumerable attributes set to true. Configurable is kept to
1650         false since the property is not deleteable.
1651
1652         Test: fast/dom/CSSStyleDeclaration/cssstyledeclaration-properties-descriptor.html
1653
1654         * bindings/js/JSCSSStyleDeclarationCustom.cpp:
1655         (WebCore::JSCSSStyleDeclaration::getOwnPropertySlotDelegate): Only set
1656         DontDelete attribute when creating the descriptor for
1657         CSSStyleDeclaration properties.
1658
1659 2014-04-14  Benjamin Poulain  <benjamin@webkit.org>
1660
1661         [JSC] Improve the call site of string comparison in some hot path
1662         https://bugs.webkit.org/show_bug.cgi?id=131605
1663
1664         Reviewed by Darin Adler.
1665
1666         * dom/NodeRareData.h:
1667         (WebCore::NodeListsNodeData::NodeListCacheMapEntryHash::equal):
1668         We should use the right comparison operation depending on the Hash Traits.
1669
1670 2014-04-14  Andreas Kling  <akling@apple.com>
1671
1672         Merge MemoryPressureHandler{Mac,IOS}.mm
1673         <https://webkit.org/b/131603>
1674
1675         Join the iOS and Mac platform implementations of MemoryPressureHandler
1676         under the shared Cocoa banner. Each platform still has its own quirky
1677         behavior, but this puts them in the same file so we can start sharing.
1678
1679         Reviewed by Darin Adler.
1680
1681         * WebCore.xcodeproj/project.pbxproj:
1682         * platform/cocoa/MemoryPressureHandlerCocoa.mm: Renamed from Source/WebCore/platform/mac/MemoryPressureHandlerMac.mm.
1683         (WebCore::MemoryPressureHandler::platformReleaseMemory):
1684         (WebCore::MemoryPressureHandler::install):
1685         (WebCore::MemoryPressureHandler::uninstall):
1686         (WebCore::MemoryPressureHandler::holdOff):
1687         (WebCore::MemoryPressureHandler::respondToMemoryPressure):
1688         (WebCore::respondToMemoryPressureCallback):
1689         (WebCore::MemoryPressureHandler::installMemoryReleaseBlock):
1690         (WebCore::MemoryPressureHandler::setReceivedMemoryPressure):
1691         (WebCore::MemoryPressureHandler::hasReceivedMemoryPressure):
1692         (WebCore::MemoryPressureHandler::clearMemoryPressure):
1693         (WebCore::MemoryPressureHandler::shouldWaitForMemoryClearMessage):
1694         (WebCore::MemoryPressureHandler::respondToMemoryPressureIfNeeded):
1695         * platform/ios/MemoryPressureHandlerIOS.mm: Removed.
1696
1697 2014-04-14  Benjamin Poulain  <benjamin@webkit.org>
1698
1699         CSS JIT: compile the :nth-child() pseudo class
1700         https://bugs.webkit.org/show_bug.cgi?id=131602
1701
1702         Reviewed by Andreas Kling.
1703
1704         Tests: fast/selectors/nth-child-bounds.html
1705                fast/selectors/nth-child-with-backtracking.html
1706
1707         Compile the :nth-child() pseudo class function + some related clean up.
1708
1709         * css/CSSSelector.cpp:
1710         (WebCore::CSSSelector::nthA):
1711         (WebCore::CSSSelector::nthB):
1712         Expose the parsed value of an+b filters. Those values are used to compile
1713         the selector.
1714
1715         (WebCore::CSSSelector::RareData::parseNth):
1716         While working on the patch, I discovered some severe issues with the parsing of large
1717         values of a and/or b. The problem comes from the way the CSS parser handle the values:
1718         the values are parsed as a double then converted to an AtomicString for CSSSelector.
1719
1720         There are many problems related to large values but we never got bug reports because
1721         they are very uncommon. Fixing those problem would require changing the parser.
1722
1723         Here, CSSSelector::RareData::parseNth() is hardened a little bit to avoid absurd values
1724         of a and b.
1725
1726         * css/CSSSelector.h:
1727         * cssjit/RegisterAllocator.h:
1728         It looks like I forgot RDX in the list of register. Add it now since it is required
1729         for SelectorCodeGenerator::modulo().
1730
1731         * cssjit/SelectorCompiler.cpp:
1732         (WebCore::SelectorCompiler::addPseudoType):
1733         (WebCore::SelectorCompiler::SelectorCodeGenerator::SelectorCodeGenerator):
1734         (WebCore::SelectorCompiler::SelectorCodeGenerator::modulo):
1735         (WebCore::SelectorCompiler::SelectorCodeGenerator::moduloIsZero):
1736         There is no modulo() operation exposed on the macro assemblers. This is a basic
1737         implementation on top of idiv for x86_64.
1738
1739         Since idiv works exclusively with RAX and RDX, most of the code is about getting
1740         those registers efficiently.
1741
1742         (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementMatching):
1743         (WebCore::SelectorCompiler::setElementChildIndex):
1744         (WebCore::SelectorCompiler::setElementChildIndexAndUpdateStyle):
1745         (WebCore::SelectorCompiler::SelectorCodeGenerator::generateElementIsNthChild):
1746         This is pretty much a straightforward implementation of :nth-child().
1747         The first part counts the number of previous elements.
1748         The second part updates the tree if this is style resolution.
1749         The last part compares the number of previous siblings to an+b to find if the filter matches.
1750
1751         The only part that diverges from SelectorChecker is how childIndex is used. Instead of testing it
1752         at every iteration, only the first iteration handle the cache.
1753
1754         * dom/ElementRareData.h:
1755         (WebCore::ElementRareData::childIndexMemoryOffset):
1756         * dom/Node.h:
1757         (WebCore::Node::rareDataMemoryOffset):
1758         (WebCore::Node::flagHasRareData):
1759         * rendering/style/RenderStyle.h:
1760
1761 2014-04-14  Tim Horton  <timothy_horton@apple.com>
1762
1763         Support setting a background color on page overlays
1764         https://bugs.webkit.org/show_bug.cgi?id=131600
1765
1766         Reviewed by Darin Adler.
1767
1768         * rendering/RenderLayerCompositor.cpp:
1769         (WebCore::RenderLayerCompositor::setDocumentOverlayRootLayer):
1770         Mark the compositing tree as needing a rebuild when we get a new document-relative
1771         overlay layer; otherwise we were depending on something else coming along and
1772         requiring a rebuild, which didn't always happen.
1773
1774 2014-04-14  Mihnea Ovidenie  <mihnea@adobe.com>
1775
1776         [CSS Regions] Hit testing doesn't work in video
1777         https://bugs.webkit.org/show_bug.cgi?id=131485
1778
1779         Reviewed by Andrei Bucur.
1780
1781         When hit testing flow thread layer through the region layer,
1782         we have to pass the depth sorting information and take that
1783         into account for the situation in which an ancestor of the region
1784         has preserve-3d transform style.
1785
1786         Test: fast/regions/hit-test-region-preserve3d-container.html
1787
1788         * rendering/RenderLayer.cpp:
1789         (WebCore::RenderLayer::hitTestLayer):
1790         (WebCore::RenderLayer::hitTestFlowThreadIfRegionForFragments):
1791         * rendering/RenderLayer.h:
1792
1793 2014-04-13  Darin Adler  <darin@apple.com>
1794
1795         userVisibleString should not try to "encode" host names
1796         https://bugs.webkit.org/show_bug.cgi?id=131587
1797         rdar://problem/14686849
1798
1799         Reviewed by Alexey Proskuryakov.
1800
1801         * WebCore.exp.in: Updated for WebCoreNSURLExtras argument type changes.
1802
1803         * platform/mac/WebCoreNSURLExtras.h: Removed unneeded code to make this
1804         Objective-C++ header compile in plain C++ files, which we never need to do.
1805         Added missing argument name, baseURL, and changed mysterious CFIndex arguments
1806         to the correct type, CFURLComponentType.
1807
1808         * platform/mac/WebCoreNSURLExtras.mm:
1809         (WebCore::isLookalikeCharacter): Removed the inline keyword from this, and added
1810         more lookalike characters from the Mozilla list referenced here.
1811         (WebCore::URLByTruncatingOneCharacterBeforeComponent): Updated argument type.
1812         (WebCore::dataForURLComponentType): Ditto.
1813         (WebCore::userVisibleString): Only call mapHostNames if host name decoding is
1814         needed; no encoding here.
1815
1816 2014-04-13  Darin Adler  <darin@apple.com>
1817
1818         REGRESSION (r158617): Find on Page can get stuck in a loop when the search string occurs in an <input> in a <fieldset>
1819         https://bugs.webkit.org/show_bug.cgi?id=126322
1820
1821         Reviewed by Ryosuke Niwa.
1822
1823         * dom/Element.cpp:
1824         (WebCore::Element::canContainRangeEndPoint): Now returns false when the role of the element
1825         is "img". This is the same rule that's hard-coded in isRenderReplacedElement for the same
1826         reason. Need more test coverage to make sure this role feature works consistently.
1827
1828         * dom/Element.h: Made canContainRangeEndPoint no longer inline since it's not just a
1829         return statement any more.
1830
1831         * dom/Position.cpp:
1832         (WebCore::Position::isCandidate): Took out code that calls isRendererReplacedElement
1833         that was added in r158617; not needed now that we updated canContainRangeEndPoint.
1834
1835         * dom/Range.cpp:
1836         (WebCore::Range::firstNode): Removed code here that called isRendererReplacedElement.
1837         This was the wrong level to be adding editing logic, and there's a FIXME here to that
1838         effect, which we are now deleting. This was the change that broke Find.
1839
1840         * editing/TextIterator.cpp: Added a comment about the redundancy between the
1841         isRendererReplacedElement and editingIgnoresContent functions.
1842
1843         * html/HTMLHRElement.cpp:
1844         (WebCore::HTMLHRElement::canContainRangeEndPoint): Call through to base class instead
1845         of just returning true when we have child nodes. Lets Element::canContainRangeEndPoint
1846         do its thing.
1847         * html/HTMLHRElement.h: Ditto.
1848
1849         * html/HTMLObjectElement.cpp:
1850         (WebCore::HTMLObjectElement::canContainRangeEndPoint): Call through to base class instead
1851         of just returning true when we have fallback content. Lets Element::canContainRangeEndPoint
1852         do its thing.
1853         * html/HTMLObjectElement.h: Ditto.
1854
1855         * testing/Internals.cpp:
1856         (WebCore::Internals::countMatchesForText): Set the limit to 1000 instead of infinite.
1857
1858 2014-04-12  Darin Adler  <darin@apple.com>
1859
1860         Use unique_ptr for FillLayer::m_next
1861         https://bugs.webkit.org/show_bug.cgi?id=75222
1862
1863         Reviewed by Dan Bernstein.
1864
1865         * css/DeprecatedStyleBuilder.cpp:
1866         (WebCore::ApplyPropertyFillLayer::applyInheritValue):
1867         Renamed currChild to just child and prevChild to previousChild.
1868         Changed code to pass ownership of the new FillLayer immediately.
1869         Changed some loops to be for loops.
1870         (WebCore::ApplyPropertyFillLayer::applyInitialValue): Ditto.
1871         (WebCore::ApplyPropertyFillLayer::applyValue): Ditto.
1872
1873         * rendering/RenderBox.cpp:
1874         (WebCore::RenderBox::backgroundHasOpaqueTopLayer): Use reference
1875         instead of pointer.
1876         (WebCore::RenderBox::paintFillLayers): Ditto.
1877         * rendering/RenderBoxModelObject.cpp:
1878         (WebCore::RenderBoxModelObject::paintFillLayerExtended): Ditto.
1879
1880         * rendering/style/FillLayer.cpp:
1881         (WebCore::FillLayer::FillLayer): Removed m_next initializer since it is now an
1882         OwnPtr and initializes automatically. In a couple other places, changed m_next
1883         initializer to use make_unique.
1884         (WebCore::FillLayer::~FillLayer): Wrote loop for deletion of m_next.
1885         (WebCore::FillLayer::operator=): Removed unneeded explicit deletion of m_next.
1886         (WebCore::FillLayer::cullEmptyLayers): Ditto.
1887         (WebCore::clipMax): Marked inline.
1888         (WebCore::FillLayer::computeClipMax): Rewrote to use a loop instead of recursion.
1889         (WebCore::FillLayer::containsImage): Ditto.
1890         (WebCore::FillLayer::imagesAreLoaded): Ditto.
1891         (WebCore::FillLayer::hasOpaqueImage): Rewrote to use && instead of multiple if.
1892         (WebCore::FillLayer::hasImage): Rewrote to use a loop instead of recursion.
1893         (WebCore::FillLayer::hasFixedImage): Ditto.
1894
1895         * rendering/style/FillLayer.h: Changed m_next to be a unique_ptr.
1896
1897 2014-04-13  Andy Estes  <aestes@apple.com>
1898
1899         [QuickLook] Move file system-related code into WebKit
1900         https://bugs.webkit.org/show_bug.cgi?id=131597
1901
1902         Reviewed by Dan Bernstein.
1903
1904         QuickLookHandle should not be responsible for saving a copy of the
1905         original document to disk as it might be running in a process that
1906         either can't write to disk or can only write into a sandboxed
1907         container. To account for this, we need to separate the concern of
1908         quick look conversion from that of original document saving so that
1909         each activity can run in the appropriate process.
1910
1911         Created a new interface between WebCore and WebKit by adding a client
1912         (QuickLookHandleClient) to QuickLookHandle which is notified of incoming
1913         bytes. A new function on FrameLoaderClient tells WebKit when a new
1914         QuickLookHandle is created, giving WebKit the opportunity to register a
1915         handle client. Moved the existing file system-related code as well as
1916         code only needed by WebKit1 in QuickLookHandle into a new WebKit1
1917         QuickLookHandleClient subclass.
1918
1919         * WebCore.exp.in:
1920         * WebCore.xcodeproj/project.pbxproj: Made QuickLookHandleClient.h Private.
1921         * loader/FrameLoaderClient.h:
1922         (WebCore::FrameLoaderClient::didCreateQuickLookHandle): Added.
1923         * loader/ResourceLoader.cpp:
1924         (WebCore::ResourceLoader::didCreateQuickLookHandle): Called FrameLoaderClient::didCreateQuickLookHandle().
1925         * loader/ResourceLoader.h:
1926         * platform/network/ResourceHandle.h: Made m_quickLook a unique_ptr.
1927         (WebCore::ResourceHandle::setQuickLookHandle): Changed to take a unique_ptr.
1928         * platform/network/ResourceHandleClient.h:
1929         (WebCore::ResourceHandleClient::didCreateQuickLookHandle): Added.
1930         * platform/network/ios/QuickLook.h: Added m_client, gave m_converter a stronger type, and made m_nsResponse a RetainPtr.
1931         (WebCore::QuickLookHandle::setClient): Added.
1932         (WebCore::QuickLookHandle::firstRequestURL): Added.
1933         (WebCore::QuickLookHandle::converter): Added.
1934         * platform/network/ios/QuickLook.mm:
1935         (WebCore::registerQLPreviewConverterIfNeeded):
1936         (WebCore::createTemporaryFileForQuickLook): Made non-static.
1937         (WebCore::emptyClient): Returned a shared empty QuickLookHandleClient.
1938         (WebCore::QuickLookHandle::QuickLookHandle): Removed file system and WebKit1-only code.
1939         (WebCore::QuickLookHandle::create): Changed to return a unique_ptr.
1940         (WebCore::QuickLookHandle::nsResponse):
1941         (WebCore::QuickLookHandle::didReceiveDataArray): Removed file system code and called QuickLookHandleClient::didReceiveDataArray() instead.
1942         (WebCore::QuickLookHandle::didReceiveData): Removed file system code and called QuickLookHandleClient::didReceiveData() instead.
1943         (WebCore::QuickLookHandle::didFinishLoading): Removed file system code and called QuickLookHandleClient::didFinishLoading() instead.
1944         (WebCore::QuickLookHandle::didFail): Removed file system and WebKit1-only code, calling QuickLookHandleClient::didFail() instead.
1945         (WebCore::QuickLookHandle::~QuickLookHandle): Removed file system and WebKit1-only code. Cleared our reference to m_client.
1946         (WebCore::QuickLookHandle::previewFileName): Retrieved from m_converter.
1947         (WebCore::QuickLookHandle::previewRequestURL): Ditto.
1948         * platform/network/ios/QuickLookHandleClient.h: Added.
1949         (WebCore::QuickLookHandleClient::~QuickLookHandleClient):
1950         (WebCore::QuickLookHandleClient::didReceiveDataArray):
1951         (WebCore::QuickLookHandleClient::didReceiveData):
1952         (WebCore::QuickLookHandleClient::didFinishLoading):
1953         (WebCore::QuickLookHandleClient::didFail):
1954
1955 2014-04-10  Pratik Solanki  <psolanki@apple.com>
1956
1957         Move early return out of dispatch_async() block so we can return from willSendRequest quickly
1958         https://bugs.webkit.org/show_bug.cgi?id=131478
1959         <rdar://problem/16575535>
1960
1961         Reviewed by Alexey Proskuryakov.
1962
1963         Do a quick check to see if we need to synthesize the redirect response on the dispatch queue
1964         and return from willSendRequest callback quickly instead of always doing an effectively synchronous
1965         call to the main thread. We can't call synthesizeRedirectResponseIfNecessary on the dispatch
1966         queue since that accesses the ResourceRequest.
1967
1968         No new tests because no change in functionality.
1969
1970         * platform/network/cf/ResourceHandleCFURLConnectionDelegate.h:
1971         * platform/network/cf/ResourceHandleCFURLConnectionDelegateWithOperationQueue.cpp:
1972         (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::setupRequest): Save the
1973         request scheme to use later for early return from willSendRequest.
1974         (WebCore::ResourceHandleCFURLConnectionDelegateWithOperationQueue::willSendRequest):
1975
1976 2014-04-08  Oliver Hunt  <oliver@apple.com>
1977
1978         Rewrite Function.bind as a builtin
1979         https://bugs.webkit.org/show_bug.cgi?id=131083
1980
1981         Reviewed by Geoffrey Garen.
1982
1983         Switch WebCore to use the helper functions when defining the
1984         prototype properties on DOM constructors, and update bindings
1985         tests accordingly.
1986
1987         * bindings/js/JSImageConstructor.cpp:
1988         (WebCore::JSImageConstructor::finishCreation):
1989         * bindings/scripts/CodeGeneratorJS.pm:
1990         (GenerateConstructorHelperMethods):
1991         * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
1992         (WebCore::JSTestActiveDOMObjectConstructor::finishCreation):
1993         * bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp:
1994         (WebCore::JSTestCustomNamedGetterConstructor::finishCreation):
1995         * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
1996         (WebCore::JSTestEventConstructorConstructor::finishCreation):
1997         * bindings/scripts/test/JS/JSTestEventTarget.cpp:
1998         (WebCore::JSTestEventTargetConstructor::finishCreation):
1999         * bindings/scripts/test/JS/JSTestException.cpp:
2000         (WebCore::JSTestExceptionConstructor::finishCreation):
2001         * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:
2002         (WebCore::JSTestGenerateIsReachableConstructor::finishCreation):
2003         * bindings/scripts/test/JS/JSTestInterface.cpp:
2004         (WebCore::JSTestInterfaceConstructor::finishCreation):
2005         * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
2006         (WebCore::JSTestMediaQueryListListenerConstructor::finishCreation):
2007         * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
2008         (WebCore::JSTestNamedConstructorConstructor::finishCreation):
2009         (WebCore::JSTestNamedConstructorNamedConstructor::finishCreation):
2010         * bindings/scripts/test/JS/JSTestNode.cpp:
2011         (WebCore::JSTestNodeConstructor::finishCreation):
2012         * bindings/scripts/test/JS/JSTestObj.cpp:
2013         (WebCore::JSTestObjConstructor::finishCreation):
2014         * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
2015         (WebCore::JSTestOverloadedConstructorsConstructor::finishCreation):
2016         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
2017         (WebCore::JSTestSerializedScriptValueInterfaceConstructor::finishCreation):
2018         * bindings/scripts/test/JS/JSTestTypedefs.cpp:
2019         (WebCore::JSTestTypedefsConstructor::finishCreation):
2020         * bindings/scripts/test/JS/JSattribute.cpp:
2021         (WebCore::JSattributeConstructor::finishCreation):
2022         * bindings/scripts/test/JS/JSreadonly.cpp:
2023         (WebCore::JSreadonlyConstructor::finishCreation):
2024
2025 2014-04-13  Simon Fraser  <simon.fraser@apple.com>
2026
2027         [iOS WK2] Hook up scrolling tree nodes when coming out of the page cache
2028         https://bugs.webkit.org/show_bug.cgi?id=131577
2029
2030         Reviewed by Tim Horton.
2031
2032         The call to scrollingCoordinator->frameViewRootLayerDidChange() was inside
2033         a #if !PLATFORM(IOS) block, but now that we use the ScrollingCoordinator
2034         for WK2 we want to call this.
2035
2036         * loader/HistoryController.cpp:
2037         (WebCore::HistoryController::restoreScrollPositionAndViewState):
2038
2039 2014-04-13  Zan Dobersek  <zdobersek@igalia.com>
2040
2041         Unreviewed build fix after r167196.
2042
2043         * platform/RemoteCommandListener.cpp:
2044         (WebCore::RemoteCommandListener::create): Fall back to using the new operator
2045         for allocating RemoteCommandListener object. Using std::make_unique() requires
2046         for the operator to be public, which doesn't work well with the static create()
2047         method.
2048
2049 2014-04-13  Zan Dobersek  <zdobersek@igalia.com>
2050
2051         Remove unnecessary uses of std::move() in return statements
2052         https://bugs.webkit.org/show_bug.cgi?id=131457
2053
2054         Reviewed by Darin Adler.
2055
2056         Don't use std::move() in return statements unless necessary as it inhibits
2057         named return value optimizations as performed by compilers.
2058
2059         * Modules/battery/BatteryManager.cpp:
2060         (WebCore::BatteryManager::create):
2061         * html/FormController.cpp:
2062         (WebCore::FormController::createSavedFormStateMap):
2063         * html/canvas/WebGLRenderingContext.cpp:
2064         (WebCore::WebGLRenderingContext::create):
2065         * platform/RemoteCommandListener.cpp:
2066         (WebCore::RemoteCommandListener::create):
2067         * platform/graphics/ca/GraphicsLayerCA.cpp:
2068         (WebCore::GraphicsLayer::create):
2069         * platform/ios/RemoteCommandListenerIOS.mm:
2070         (WebCore::RemoteCommandListener::create):
2071         * rendering/RenderGrid.cpp:
2072         (WebCore::RenderGrid::GridIterator::nextEmptyGridArea):
2073         * rendering/RenderLayer.cpp:
2074         (WebCore::RenderLayer::setupFilters):
2075         * rendering/style/CounterDirectives.cpp:
2076         (WebCore::clone):
2077
2078 2014-04-13  Commit Queue  <commit-queue@webkit.org>
2079
2080         Unreviewed, rolling out r167168 and r167194.
2081         https://bugs.webkit.org/show_bug.cgi?id=131589
2082
2083         Caused massive ASSERTION failures on the GTK Debug bot
2084         (Requested by philn on #webkit).
2085
2086         Reverted changesets:
2087
2088         "[GTK] Add HighDPI support for non-accelerated compositing
2089         contents"
2090         https://bugs.webkit.org/show_bug.cgi?id=131562
2091         http://trac.webkit.org/changeset/167168
2092
2093         "Unreviewed. Fix GTK+ build with recent cairo and GTK+ after
2094         r167168."
2095         http://trac.webkit.org/changeset/167194
2096
2097 2014-04-13  Youenn Fablet  <youenn.fablet@crf.canon.fr>
2098
2099         [GStreamer] No CORS support for media elements
2100         https://bugs.webkit.org/show_bug.cgi?id=99037
2101
2102         Reviewed by Philippe Normand.
2103
2104         Added CORS access control check to media sources when crossorigin attribute is set.
2105
2106         Added getter to CORS access control check status (used to compute whether the stream is tainted or not).
2107         Related test is http/tests/security/video-cross-origin-readback.html.
2108
2109         Disabled access to cross-origin streams that fail CORS check when crossorigin attribute is set.
2110         Related test is http/tests/security/video-cross-origin-accessfailure.html.
2111
2112         Tests: http/tests/security/video-cross-origin-accessfailure.html
2113                http/tests/security/video-cross-origin-accesssameorigin.html
2114
2115         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
2116         (WebCore::MediaPlayerPrivateGStreamer::didPassCORSAccessCheck): Return whether media is cross-origin (tainted) or not by querying the gstreamer source layer.
2117         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h: Added MediaPlayerPrivateGStreamer::didPassCORSAccessCheck declaration.
2118         * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
2119         (webKitWebSrcStart): Passed CORS mode parameter to the streaming client. In case of CORS check failure, stop the resource loading.
2120         (webKitSrcPassedCORSAccessCheck): Return whether CORS access control check was done and successful.
2121         (StreamingClient::handleResponseReceived): Take a parameter to assign the CORS access control check result.
2122         (CachedResourceStreamingClient::CachedResourceStreamingClient): Updated setting of the ResourceLoaderOptions according CORS mode.
2123         (CachedResourceStreamingClient::responseReceived): Check CORS and pass result to handleResponseReceived.
2124         (ResourceHandleStreamingClient::didReceiveResponse): No CORS check.
2125         * platform/graphics/gstreamer/WebKitWebSourceGStreamer.h: Added webKitSrcPassedCORSAccessCheck declaration.
2126
2127 2014-04-12  Darin Adler  <darin@apple.com>
2128
2129         REGRESSION (r166860): ASSERTION FAILED: !isCalculated() on fast/css/image-set-value-not-removed-crash.html
2130         https://bugs.webkit.org/show_bug.cgi?id=131480
2131
2132         Reviewed by Andreas Kling.
2133
2134         Fixes intermittent assertion failure in fast/css/image-set-value-not-removed-crash.html.
2135
2136         * css/CSSComputedStyleDeclaration.cpp:
2137         (WebCore::valueForImageSliceSide): Added. Helper used below in valueForNinePieceImageSlice.
2138         Handles calculated values by returning 0; incorrect but predictable.
2139         (WebCore::valueForNinePieceImageSlice): Updated to call valueForImageSliceSide.
2140         (WebCore::positionOffsetValue): Use nullptr.
2141         (WebCore::ComputedStyleExtractor::propertyValue): Updated to call positionOffsetValue
2142         by its new name. Removed "get" from the name.
2143         (WebCore::positionOffsetValue): Renamed from getPositionOffsetValue.
2144
2145         * platform/Length.h: Made isCalculated public.
2146
2147 2014-04-12  Andy Estes  <aestes@apple.com>
2148
2149         Fix the iOS build after r167183.
2150
2151         * platform/network/ResourceHandle.h:
2152         * platform/network/cf/ResourceHandleCFNet.cpp:
2153         (WebCore::ResourceHandle::schedule):
2154         (WebCore::ResourceHandle::unschedule):
2155
2156 2014-04-12  Andy Estes  <aestes@apple.com>
2157
2158         [iOS] Move QuickLookHandle from ResourceLoader to WebResourceLoader
2159         https://bugs.webkit.org/show_bug.cgi?id=131580
2160
2161         Reviewed by Darin Adler.
2162
2163         There's no need to bloat WebKit1's ResourceLoader with a pointer that
2164         only WebKit2's WebResourceLoader cares about.
2165
2166         * loader/ResourceLoader.h:
2167         (WebCore::ResourceLoader::quickLookHandle): Deleted.
2168         (WebCore::ResourceLoader::setQuickLookHandle): Deleted.
2169
2170 2014-04-12  Chris Fleizach  <cfleizach@apple.com>
2171
2172         AX: Cleanup AccessibilityObject::getAttribute
2173         https://bugs.webkit.org/show_bug.cgi?id=131555
2174
2175         Reviewed by Darin Adler.
2176
2177         No new functionality.
2178
2179         * accessibility/AccessibilityObject.cpp:
2180         (WebCore::AccessibilityObject::getAttribute):
2181
2182 2014-04-12  Youenn Fablet  <youenn.fablet@crf.canon.fr>
2183
2184         [SOUP] Libsoup internal credential setting should be controlled by loader decision
2185         https://bugs.webkit.org/show_bug.cgi?id=130963
2186
2187         Reviewed by Darin Adler.
2188
2189         Disabled libsoup internal authentication manager for messages for which no credential is available and no stored credentials should be used.
2190         Updated synchronous loader to return whether using credentials or not according StoredCredential loader option parameter.
2191         Unskipped test http/tests/xmlhttprequest/cross-origin-no-authorization.html covers the patch.
2192
2193         * platform/network/ResourceHandleInternal.h:
2194         (WebCore::ResourceHandleInternal::ResourceHandleInternal): Added m_useAuthenticationManager boolean to control whether disable authentication manager or not.
2195         * platform/network/soup/ResourceHandleSoup.cpp:
2196         (WebCore::WebCoreSynchronousLoader::WebCoreSynchronousLoader): Added m_storedCredentials member.
2197         (WebCore::WebCoreSynchronousLoader::shouldUseCredentialStorage): Return true if stored credentials are allowed.
2198         (WebCore::applyAuthenticationToRequest): Set m_useAuthenticationManager value to disable authentication manager if cannot use stored credentials and ResourceHandleInternal has no username and password.
2199         (WebCore::createSoupMessageForHandleAndRequest): Disable authentication mananger according m_useAuthenticationManager value.
2200         (WebCore::ResourceHandle::platformLoadResourceSynchronously): Added StoredCredentials loader option to the sync loader constructor.
2201
2202 2014-04-11  Darin Adler  <darin@apple.com>
2203
2204         Some small loader refinements and refactoring
2205         https://bugs.webkit.org/show_bug.cgi?id=131541
2206
2207         Reviewed by Alexey Proskuryakov.
2208
2209         Cut down on use of ResourceLoader::handle, which always returns null when
2210         using a network process. Also streamlined conditionals and did some other
2211         small refactoring.
2212
2213         * loader/DocumentLoader.h: Use references rather than pointers for SchedulePair.
2214
2215         * loader/ResourceLoader.cpp:
2216         (WebCore::ResourceLoader::didChangePriority): Use m_handle instead of handle(),
2217         since we'd like to delete handle() entirely soon.
2218         (WebCore::ResourceLoader::didReceiveAuthenticationChallenge): Ditto.
2219         (WebCore::ResourceLoader::schedule): Added.
2220         (WebCore::ResourceLoader::unschedule): Ditto.
2221         * loader/ResourceLoader.h: Rearranged header to eliminate nested conditionals.
2222         Added schedule and unschedule functions for Mac.
2223
2224         * loader/mac/DocumentLoaderMac.cpp:
2225         (WebCore::scheduleAll): Changed to take a reference and call ResourceLoader::schedule.
2226         (WebCore::unscheduleAll): Ditto.
2227         (WebCore::DocumentLoader::schedule): Ditto.
2228         (WebCore::DocumentLoader::unschedule): Ditto.
2229
2230         * page/mac/PageMac.cpp:
2231         (WebCore::Page::addSchedulePair): Pass a reference rather than a pointer to schedule.
2232         (WebCore::Page::removeSchedulePair): Ditto.
2233
2234         * platform/network/ResourceHandle.h: Did a bit of reformatting and reorganizing of
2235         conditionals.
2236
2237         * platform/network/ResourceHandleInternal.h: Removed a tiny bit of unneeded declaration.
2238
2239         * platform/network/mac/ResourceHandleMac.mm:
2240         (WebCore::ResourceHandle::schedule): Updated to take a reference rather than a pointer.
2241         (WebCore::ResourceHandle::unschedule): Ditto.
2242
2243 2014-04-11  Andreas Kling  <akling@apple.com>
2244
2245         Make NodeList.length inline-cacheable by JSC.
2246         <https://webkit.org/b/131579>
2247
2248         For objects with custom index or name getters, we have to make sure
2249         that builtin properties take precedence. We do this by scanning the
2250         ancestor chain for a suitable property slot before moving on to
2251         named items.
2252
2253         With this patch, we now mark such builtins as cacheable. This is
2254         safe since the whole point of doing this before processing named
2255         items is to ensure the same slot is returned consistently.
2256
2257         Reviewed by Benjamin Poulain.
2258
2259         * bindings/scripts/CodeGeneratorJS.pm:
2260         (GenerateGetOwnPropertySlotBody):
2261
2262 2014-04-11  Tim Horton  <timothy_horton@apple.com>
2263
2264         Lots of compositing test failures after r167152
2265         https://bugs.webkit.org/show_bug.cgi?id=131574
2266
2267         Reviewed by Simon Fraser.
2268
2269         * platform/graphics/GraphicsLayer.cpp:
2270         (WebCore::GraphicsLayer::dumpProperties):
2271         We were asking the parent's client whether the child should be dumped,
2272         but really the child's client is the one who should decide.
2273
2274 2014-04-11  Benjamin Poulain  <bpoulain@apple.com>
2275
2276         ViewportConfiguration::layoutWidth() compute the width incorrectly when initial-scale+width do not fit in view
2277         https://bugs.webkit.org/show_bug.cgi?id=131575
2278
2279         Reviewed by Enrica Casucci.
2280
2281         I made a mistake when writing the new viewport code: ViewportConfiguration::layoutWidth() uses m_contentSize in one place.
2282         That make no sense, contentSize depends on the layout width.
2283
2284         * page/ViewportConfiguration.cpp:
2285         (WebCore::ViewportConfiguration::layoutWidth):
2286
2287 2014-04-11  Andreas Kling  <akling@apple.com>
2288
2289         Remove "numeric index getter" stuff from bindings code generator.
2290         <https://webkit.org/b/131565>
2291
2292         This was used for an earlier generation of typed arrays. Now that JSC
2293         has native typed array support, we're not using this functionality and
2294         can just remove it.
2295
2296         Reviewed by Geoffrey Garen.
2297
2298         * bindings/scripts/CodeGeneratorJS.pm:
2299         (GenerateGetOwnPropertySlotBody):
2300         (HasComplexGetOwnProperty):
2301         (InterfaceRequiresAttributesOnInstance):
2302         (InstanceOverridesGetOwnPropertySlot):
2303         (GenerateHeader):
2304         (GenerateImplementation):
2305
2306 2014-04-11  Brian J. Burg  <burg@cs.washington.edu>
2307
2308         Web Replay: consolidate decoding macros used in SerializationMethods
2309         https://bugs.webkit.org/show_bug.cgi?id=131564
2310
2311         Reviewed by Timothy Hatcher.
2312
2313         We can use EncodingTraits<T>::DecodedType to create a local variable
2314         with the appropriate decoded type, rather than special casing.
2315
2316         * replay/SerializationMethods.cpp:
2317         (JSC::EncodingTraits<NondeterministicInputBase>::decodeValue):
2318         (JSC::EncodingTraits<KeypressCommand>::decodeValue):
2319         (JSC::EncodingTraits<PlatformKeyboardEvent>::decodeValue):
2320         (JSC::EncodingTraits<PlatformMouseEvent>::decodeValue):
2321         (JSC::EncodingTraits<PlatformWheelEvent>::decodeValue):
2322         (JSC::EncodingTraits<PluginData>::decodeValue):
2323
2324 2014-04-11  Beth Dakin  <bdakin@apple.com>
2325
2326         Need WK2 API to disable rubber-banding
2327         https://bugs.webkit.org/show_bug.cgi?id=131567
2328
2329         Reviewed by Simon Fraser.
2330
2331         Page will now store a vertical and horizontal ScrollElasticity in case the API has 
2332         been called before the FrameView even exists.
2333
2334         New Page functions.
2335         * WebCore.exp.in:
2336
2337         Use Page’s cached ScrollElasticity.
2338         * page/FrameView.cpp:
2339         (WebCore::FrameView::FrameView):
2340
2341         If there is already a FrameView, then assign it the new ScrollElasticity.
2342         * page/Page.cpp:
2343         (WebCore::Page::Page):
2344         (WebCore::Page::setVerticalScrollElasticity):
2345         (WebCore::Page::setHorizontalScrollElasticity):
2346         * page/Page.h:
2347         (WebCore::Page::verticalScrollElasticity):
2348         (WebCore::Page::horizontalScrollElasticity):
2349
2350 2014-04-11  Martin Robinson  <mrobinson@igalia.com>
2351
2352         REGRESSION(167145): Many media tests fail
2353         https://bugs.webkit.org/show_bug.cgi?id=131569
2354
2355         Reviewed by Brent Fulgham.
2356
2357         * PlatformGTK.cmake: Add the localized strings file to the list of user agent scripts.
2358         * platform/gtk/RenderThemeGtk.cpp:
2359         (WebCore::RenderThemeGtk::mediaControlsScript): Include the localized strings file in the script body.
2360
2361 2014-04-11  Tim Horton  <timothy_horton@apple.com>
2362
2363         [iOS WebKit2] Find-in-page indicator
2364         https://bugs.webkit.org/show_bug.cgi?id=131510
2365         <rdar://problem/16547777>
2366
2367         Reviewed by Simon Fraser and Enrica Casucci.
2368
2369         * editing/Editor.cpp:
2370         (WebCore::Editor::findString):
2371         * editing/FindOptions.h:
2372         Add a find option which prevents WebCore from revealing the selection
2373         after selecting a successful find match.
2374
2375 2014-04-11  Owen Taylor  <otaylor@redhat.com>
2376
2377         [GTK] Add HighDPI support for non-accelerated compositing contents
2378         https://bugs.webkit.org/show_bug.cgi?id=131562
2379
2380         Reviewed by Martin Robinson.
2381
2382         No new tests. This will be tested once we have the proper dependencies in the WebKit testing
2383         JHBuild.
2384
2385         * platform/cairo/WidgetBackingStore.h:
2386         (WebCore::WidgetBackingStore::WidgetBackingStore): Accept a device scale argument.
2387         * platform/cairo/WidgetBackingStoreCairo.cpp: Use the device scale argument to make the surface the proper size and set the surface device scale.
2388         * platform/cairo/WidgetBackingStoreCairo.h: Accept a device scale argument.
2389         * platform/graphics/cairo/CairoUtilities.cpp: Add a new helper to set the device scale if Cairo built against is new enough.
2390         * platform/graphics/cairo/CairoUtilities.h:
2391         * platform/gtk/GtkVersioning.h: Add the HAVE_GTK_SCALE_FACTOR macro.
2392         * platform/gtk/WidgetBackingStoreGtkX11.cpp: Use the device scale argument to make the surface the proper size and set the surface device scale.
2393         * platform/gtk/WidgetBackingStoreGtkX11.h: Accept a device scale argument.
2394
2395 2014-04-11  Jon Honeycutt  <jhoneycutt@apple.com>
2396
2397         Assertion failure changing select element size during focus event
2398         dispatch
2399         <https://bugs.webkit.org/show_bug.cgi?id=131566>
2400         <rdar://problem/16400735>
2401
2402         Reviewed by Andy Estes.
2403
2404         Test: fast/forms/select-change-size-during-focus.html
2405
2406         * html/HTMLSelectElement.cpp:
2407         (WebCore::HTMLSelectElement::listBoxDefaultEventHandler):
2408         Adopt the fix from Chromium r171216; check that the renderer is still
2409         of the expected type, and return early if it is not.
2410
2411 2014-04-11  Bem Jones-Bey  <bjonesbe@adobe.com>
2412
2413         Clear sibling floats while splitting inline flow
2414         https://bugs.webkit.org/show_bug.cgi?id=130905
2415
2416         Reviewed by David Hyatt.
2417
2418         This is a port of a Blink patch by kenrb@chromium.org.
2419         (https://src.chromium.org/viewvc/blink?revision=169658&view=revision)
2420
2421         During RenderInline::splitFlow(), floats are cleared on an anonymous
2422         containingBlock() for the inline being split. This is a problem if
2423         siblings of the block contain references to the same floats, since the
2424         float removal code in markSiblingsWithFloatsForLayout() will not later
2425         find them.
2426
2427         This change also affects RenderBlock::splitFlow() and
2428         RenderBoxModelObject::moveChildrenTo, since those are called in
2429         similar situations as RenderInline::splitFlow().
2430
2431         Test: fast/block/float/split-inline-sibling-of-float-crash.html
2432
2433         * rendering/RenderBlockFlow.cpp:
2434         (WebCore::RenderBlockFlow::removeFloatingObjects): Add call to
2435             markSiblingsWithFloatsForLayout() before removing floats.
2436
2437 2014-04-11  Gavin Barraclough  <baraclough@apple.com>
2438
2439         Rollout - Rewrite Function.bind as a builtin
2440         https://bugs.webkit.org/show_bug.cgi?id=131083
2441
2442         Unreviewed.
2443
2444         Rolling out r167020 while investigating a performance regression.
2445
2446         * bindings/js/JSImageConstructor.cpp:
2447         (WebCore::JSImageConstructor::finishCreation):
2448         * bindings/scripts/CodeGeneratorJS.pm:
2449         (GenerateConstructorHelperMethods):
2450         * bindings/scripts/test/JS/JSTestActiveDOMObject.cpp:
2451         (WebCore::JSTestActiveDOMObjectConstructor::finishCreation):
2452         * bindings/scripts/test/JS/JSTestCustomNamedGetter.cpp:
2453         (WebCore::JSTestCustomNamedGetterConstructor::finishCreation):
2454         * bindings/scripts/test/JS/JSTestEventConstructor.cpp:
2455         (WebCore::JSTestEventConstructorConstructor::finishCreation):
2456         * bindings/scripts/test/JS/JSTestEventTarget.cpp:
2457         (WebCore::JSTestEventTargetConstructor::finishCreation):
2458         * bindings/scripts/test/JS/JSTestException.cpp:
2459         (WebCore::JSTestExceptionConstructor::finishCreation):
2460         * bindings/scripts/test/JS/JSTestGenerateIsReachable.cpp:
2461         (WebCore::JSTestGenerateIsReachableConstructor::finishCreation):
2462         * bindings/scripts/test/JS/JSTestInterface.cpp:
2463         (WebCore::JSTestInterfaceConstructor::finishCreation):
2464         * bindings/scripts/test/JS/JSTestMediaQueryListListener.cpp:
2465         (WebCore::JSTestMediaQueryListListenerConstructor::finishCreation):
2466         * bindings/scripts/test/JS/JSTestNamedConstructor.cpp:
2467         (WebCore::JSTestNamedConstructorConstructor::finishCreation):
2468         (WebCore::JSTestNamedConstructorNamedConstructor::finishCreation):
2469         * bindings/scripts/test/JS/JSTestNode.cpp:
2470         (WebCore::JSTestNodeConstructor::finishCreation):
2471         * bindings/scripts/test/JS/JSTestObj.cpp:
2472         (WebCore::JSTestObjConstructor::finishCreation):
2473         * bindings/scripts/test/JS/JSTestOverloadedConstructors.cpp:
2474         (WebCore::JSTestOverloadedConstructorsConstructor::finishCreation):
2475         * bindings/scripts/test/JS/JSTestSerializedScriptValueInterface.cpp:
2476         (WebCore::JSTestSerializedScriptValueInterfaceConstructor::finishCreation):
2477         * bindings/scripts/test/JS/JSTestTypedefs.cpp:
2478         (WebCore::JSTestTypedefsConstructor::finishCreation):
2479         * bindings/scripts/test/JS/JSattribute.cpp:
2480         (WebCore::JSattributeConstructor::finishCreation):
2481         * bindings/scripts/test/JS/JSreadonly.cpp:
2482         (WebCore::JSreadonlyConstructor::finishCreation):
2483
2484 2014-04-11  Myles C. Maxfield  <mmaxfield@apple.com>
2485
2486         Build Fix after r167151.
2487
2488         Unreviewed.
2489
2490         * editing/AlternativeTextController.cpp:
2491         (WebCore::AlternativeTextController::applyAlternativeTextToRange):
2492
2493 2014-04-10  Jer Noble  <jer.noble@apple.com>
2494
2495         [EME][Mac] Using KeySession.update([renew]) should trigger KeyMessage event instead of NeedKey event
2496         https://bugs.webkit.org/show_bug.cgi?id=131527
2497
2498         Reviewed by Eric Carlson.
2499
2500         Rather than triggering a needKey() event, necessatating the creation
2501         of an entirely new MediaKeySession, cause a new key request to be
2502         created by sending the same initData back into the AVSampleDataParser.
2503
2504         Also, do some drive-by clean up suggested by Darin in the review for
2505         r166509.
2506
2507         * platform/graphics/avfoundation/objc/CDMSessionMediaSourceAVFObjC.mm:
2508         (WebCore::isEqual): Support an alloc-free equality check between
2509             Uint8Array and static strings.
2510         (WebCore::CDMSessionMediaSourceAVFObjC::update):
2511
2512 2014-04-11  David Kilzer  <ddkilzer@apple.com>
2513
2514         Build fix (r167151): Do not dereference Node::document() before passing to Range::create()
2515         <https://webkit.org/b/131475>
2516
2517         Fixes the following build failure:
2518
2519             WebCore/editing/AlternativeTextController.cpp:275:71: error: indirection requires pointer operand ('WebCore::Document' invalid)
2520                 int paragraphStartIndex = TextIterator::rangeLength(Range::create(*rootNode.document(), &rootNode, 0, paragraphRangeContainingCorrection.get()->startContainer(), paragraphRangeContainingCorrection.get()->startOffset()).get());
2521                                                                                   ^~~~~~~~~~~~~~~~~~~~
2522
2523         * editing/AlternativeTextController.cpp:
2524         (WebCore::AlternativeTextController::applyAlternativeTextToRange):
2525         Remove unneeded '*' operator since Node::document() returns a
2526         Document& and Range::create() accepts a Document& for its first
2527         argument.
2528
2529 2014-04-11  Brian J. Burg  <burg@cs.washington.edu>
2530
2531         Web Replay: memoize nondeterministic attributes of the Navigator interface
2532         https://bugs.webkit.org/show_bug.cgi?id=131340
2533
2534         Reviewed by Timothy Hatcher.
2535
2536         Most attributes of window.navigator do not change very often, but they
2537         could be easily changed by the user or embedder. So, memoize attribute values.
2538
2539         This change does not include navigator.mimeTypes and navigator.plugins,
2540         which will be handled at a different level. <https://webkit.org/b/131341>
2541
2542         Test: ManualTests/inspector/replay-window-navigator-basic.html
2543
2544         * page/Navigator.idl: Add Nondeterministic attribute.
2545
2546 2014-04-10  Jer Noble  <jer.noble@apple.com>
2547
2548         [iOS][WK2] Videos should animate into and out of fullscreen.
2549         https://bugs.webkit.org/show_bug.cgi?id=131497
2550
2551         Reviewed by Simon Fraser.
2552
2553         Use AVPlayerViewController's new enterFullScreenWithCompletionHandler: and exitFullScreenWithCompletionHandler:
2554         methods to animate into and out of full screen. To do so, use the provided initialFrame and finalFrame screen
2555         rects to correctly place the AVPlayerViewController's view before entering or exiting fullscreen.
2556
2557         * platform/ios/WebVideoFullscreenControllerAVKit.mm:
2558         (-[WebVideoFullscreenController enterFullscreen:]): Pass the media element's screen rect.
2559         (-[WebVideoFullscreenController exitFullscreen]): Ditto.
2560         * platform/ios/WebVideoFullscreenInterfaceAVKit.h:
2561         * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
2562         (-[WebAVPlayerController playerViewController:shouldExitFullScreenWithReason:]): Renamed from shouldDismissWithReason.
2563         (WebVideoFullscreenInterfaceAVKit::enterFullscreen): Use the new AVKit APIs.
2564         (WebVideoFullscreenInterfaceAVKit::exitFullscreen): Ditto.
2565         * WebCore.exp.in: Modify the exported symbols for enter and exitFullscreen.
2566
2567 2014-04-11  Tim Horton  <timothy_horton@apple.com>
2568
2569         Support document-relative and custom-frame page overlays
2570         https://bugs.webkit.org/show_bug.cgi?id=131560
2571         <rdar://problem/16595556>
2572
2573         Reviewed by Simon Fraser.
2574
2575         * WebCore.exp.in:
2576         * rendering/RenderLayerCompositor.cpp:
2577         (WebCore::RenderLayerCompositor::RenderLayerCompositor):
2578         (WebCore::RenderLayerCompositor::rebuildCompositingLayerTree):
2579         (WebCore::RenderLayerCompositor::setDocumentOverlayRootLayer):
2580         * rendering/RenderLayerCompositor.h:
2581         Add the concept of a document overlay layer, which is plugged in as the
2582         last child of the root content layer. Expose it to WebKit2.
2583
2584 2014-04-09  Myles C. Maxfield  <mmaxfield@apple.com>
2585
2586         Autocorrection causes ASSERT when replacing alternative string
2587         https://bugs.webkit.org/show_bug.cgi?id=131475
2588
2589         Reviewed by Ryosuke Niwa.
2590
2591         In AlternativeTextController::applyAlternativeTextToRange(), we attempt to create
2592         a Range that crosses from outside of a shadow root to inside of one. Instead,
2593         we should keep the Range entirely within the shadow root.
2594
2595         Test: ManualTests/autocorrection/autocorrection-accept-crash.html
2596
2597         * editing/AlternativeTextController.cpp:
2598         (WebCore::AlternativeTextController::applyAlternativeTextToRange):
2599
2600 2014-04-11  Hans Muller  <hmuller@adobe.com>
2601
2602         [CSS Shapes] shape-outside from image doesn't load properly
2603         https://bugs.webkit.org/show_bug.cgi?id=131491
2604
2605         Reviewed by Bem Jones-Bey.
2606
2607         Make RenderImage::imageChanged() call super if there's a shape-outside
2608         image because the shape-outside imageChanged() logic is in RenderBox.
2609
2610         Test: http/tests/css/shape-image-file.html
2611
2612         * rendering/RenderElement.h:
2613         (WebCore::RenderElement::hasShapeOutside):
2614         * rendering/RenderImage.cpp:
2615         (WebCore::RenderImage::imageChanged):
2616
2617 2014-04-11  Brady Eidson  <beidson@apple.com>
2618
2619         Aggregate multiple "respondToChangedSelection" calls to one scan for telephone numbers
2620         https://bugs.webkit.org/show_bug.cgi?id=131559
2621
2622         Reviewed by Gavin Barraclough.
2623
2624         No new tests (Perf-only change to an untested feature)
2625
2626         * editing/Editor.cpp:
2627         (WebCore::Editor::Editor):
2628         (WebCore::Editor::respondToChangedSelection): Start a one shot timer for scanSelectionForTelephoneNumbers
2629           instead of scanning synchronously.
2630         (WebCore::Editor::scanSelectionForTelephoneNumbers):
2631         * editing/Editor.h:
2632
2633 2014-04-11  Antti Koivisto  <antti@apple.com>
2634
2635         Try to fix windows build.
2636         
2637         * platform/graphics/ca/GraphicsLayerCA.h:
2638
2639 2014-04-11  Brent Fulgham  <bfulgham@apple.com>
2640
2641         Unreviewed follow-up for r167145
2642
2643         * English.lproj/mediaControlsLocalizedStringsiOS.js:
2644         (mediaControlsLocalizedStringsiOS): Use smart-quote in
2645         message string.
2646
2647 2014-04-11  Brent Fulgham  <bfulgham@apple.com>
2648
2649         Regression: media controls and status messages are no longer localized.
2650         https://bugs.webkit.org/show_bug.cgi?id=120956
2651
2652         Reviewed by Jer Noble.
2653
2654         * English.lproj/mediaControlsLocalizedStrings.js: Added.
2655         (mediaControlsLocalizedStrings): Moved from mediaControlsApple.js.
2656         * English.lproj/mediaControlsLocalizedStringsiOS.js: Added.
2657         (mediaControlsLocalizedStringsiOS): Moved from mediaControlsiOS.js.
2658         * Modules/mediacontrols/mediaControlsApple.js:
2659         (Controller.prototype.UIString): Get strings from external file.
2660         * Modules/mediacontrols/mediaControlsiOS.js:
2661         (ControllerIOS.prototype.UIString): Ditto.
2662         * WebCore.vcxproj/copyWebCoreResourceFiles.cmd: Copy to Windows bundle.
2663         * WebCore.xcodeproj/project.pbxproj: Copy new files to bundle.
2664         * rendering/RenderThemeIOS.mm:
2665         (WebCore::RenderThemeIOS::mediaControlsScript): Load the locale-specific
2666         string resource when loading the media controls.
2667         * rendering/RenderThemeMac.mm:
2668         (WebCore::RenderThemeMac::mediaControlsScript): Ditto.
2669         * rendering/RenderThemeWin.cpp:
2670         (WebCore::RenderThemeWin::mediaControlsScript): Ditto.
2671
2672 2014-04-11  Brent Fulgham  <bfulgham@apple.com>
2673
2674         [Win] Build fix after r167138
2675
2676         * platform/graphics/ca/GraphicsLayerCA.h: The TileController is
2677         only available on Mac/Cocoa builds.
2678
2679 2014-04-11  Mark Lam  <mark.lam@apple.com>
2680
2681         JSMainThreadExecState::call() should clear exceptions before returning.
2682         <https://webkit.org/b/131530>
2683
2684         Reviewed by Geoffrey Garen.
2685
2686         Test: fast/dom/regress-131530.html
2687
2688         Previously, JSMainThreadExecState::call() did not clear any pending
2689         exceptions in the VM before returning.  On returning, the
2690         JSMainThreadExecState destructor may re-enter the VM to notify
2691         MutationObservers.  This may result in a crash because the VM expects
2692         exceptions to be cleared at entry.
2693
2694         We now change JSMainThreadExecState::call() to return the exception
2695         (if present) via an argument, and clear it from the VM before returning.
2696
2697         As part of this change, I updated various parts of the code base to use the
2698         new API as needed.
2699
2700         * bindings/js/JSCallbackData.cpp:
2701         (WebCore::JSCallbackData::invokeCallback):
2702         * bindings/js/JSCustomXPathNSResolver.cpp:
2703         (WebCore::JSCustomXPathNSResolver::lookupNamespaceURI):
2704         * bindings/js/JSDOMGlobalObjectTask.cpp:
2705         - Assert that there's no unhandled exception after the Microtask returns.
2706           See comment for WebCore::JSMainThreadExecState::runTask below for more
2707           details.
2708
2709         * bindings/js/JSErrorHandler.cpp:
2710         (WebCore::JSErrorHandler::handleEvent):
2711         * bindings/js/JSEventListener.cpp:
2712         (WebCore::JSEventListener::handleEvent):
2713         * bindings/js/JSHTMLDocumentCustom.cpp:
2714         (WebCore::JSHTMLDocument::open):
2715         - Document.open() cannot be the first function on the JS stack.  Hence,
2716           there is no need to use JSMainThreadExecState to call into the VM, as
2717           this is only needed to catch the event of returning from the first
2718           function for the purpose of notifying MutationObservers.  Change to
2719           call JSC::call() directly.
2720
2721         * bindings/js/JSMainThreadExecState.cpp:
2722         (WebCore::functionCallHandlerFromAnyThread):
2723         * bindings/js/JSMainThreadExecState.h:
2724         (WebCore::JSMainThreadExecState::call):
2725         (WebCore::JSMainThreadExecState::evaluate):
2726         - Remove the explicitly acquisition of the JSLock here because we now
2727           acquire the JSLock as part of the JSMainThreadExecState instance.
2728         (WebCore::JSMainThreadExecState::runTask):
2729         - Added an assert to verify that the task does not return with an
2730           unhandled exception.  Currently, the only Microtask in use is for the
2731           Promise implementation, which will eat the exception before returning.
2732           This assertion is added here to verify that this contract does not
2733           inadvertantly change in the future.
2734         (WebCore::JSMainThreadExecState::JSMainThreadExecState):
2735         - Now acquires the JSLock as well since by definition, we're only
2736           instantiating the JSMainThreadExecState because we're about to enter
2737           the VM.
2738
2739         * bindings/js/JSMutationCallback.cpp:
2740         (WebCore::JSMutationCallback::call):
2741         * bindings/js/JSNodeFilterCondition.cpp:
2742         (WebCore::JSNodeFilterCondition::acceptNode):
2743         - acceptNode() is only used in the TreeWalker and NodeIterator APIs which
2744           cannot be the first function on the JS stack.  Hence, we should call
2745           JSC::call() directly instead of going through JSMainThreadExecState.
2746
2747         * bindings/js/ScheduledAction.cpp:
2748         (WebCore::ScheduledAction::executeFunctionInContext):
2749         * bindings/objc/WebScriptObject.mm:
2750         (WebCore::addExceptionToConsole):
2751         (-[WebScriptObject callWebScriptMethod:withArguments:]):
2752
2753 2014-04-11  Brian J. Burg  <burg@cs.washington.edu>
2754
2755         Web Replay: CodeGeneratorJS should guard includes of replay-related headers
2756         https://bugs.webkit.org/show_bug.cgi?id=131407
2757
2758         Reviewed by Timothy Hatcher.
2759
2760         This patch adds guards to headers that are only required by generated replay code
2761         that is itself guarded. Other ports probably haven't added the headers to their
2762         build files, so we don't want to emit the unused header includes.
2763
2764         This patch also converts generated uses of DEFINE_STATIC_LOCAL to NeverDestroyed<T>.
2765         Finally, a new bindings test was added to document changes to generated replay code.
2766
2767         Test: Source/WebCore/bindings/scripts/test/TestNondeterministic.idl
2768
2769         * bindings/scripts/CodeGeneratorJS.pm:
2770         (GenerateImplementation):
2771         (GenerateImplementationFunctionCall):
2772
2773         * bindings/scripts/test/GObject/WebKitDOMTestNondeterministic.cpp: Added.
2774         * bindings/scripts/test/GObject/WebKitDOMTestNondeterministic.h: Added.
2775         * bindings/scripts/test/GObject/WebKitDOMTestNondeterministic.symbols: Added.
2776         * bindings/scripts/test/GObject/WebKitDOMTestNondeterministicPrivate.h: Added.
2777         * bindings/scripts/test/JS/JSTestNondeterministic.cpp: Added.
2778         * bindings/scripts/test/JS/JSTestNondeterministic.h: Added.
2779         * bindings/scripts/test/ObjC/DOMTestNondeterministic.h: Added.
2780         * bindings/scripts/test/ObjC/DOMTestNondeterministic.mm: Added.
2781         * bindings/scripts/test/ObjC/DOMTestNondeterministicInternal.h: Added.
2782         * bindings/scripts/test/TestNondeterministic.idl: Added.
2783
2784 2014-04-11  Antti Koivisto  <antti@apple.com>
2785
2786         Pipe initial scale factor to TileController
2787         https://bugs.webkit.org/show_bug.cgi?id=131521
2788
2789         Reviewed by Tim Horton.
2790
2791         * WebCore.exp.in:
2792         * page/Page.cpp:
2793         (WebCore::Page::Page):
2794         (WebCore::Page::setZoomedOutPageScaleFactor):
2795         * page/Page.h:
2796         (WebCore::Page::zoomedOutPageScaleFactor):
2797         * platform/graphics/GraphicsLayerClient.h:
2798         (WebCore::GraphicsLayerClient::zoomedOutPageScaleFactor):
2799         * platform/graphics/TiledBacking.h:
2800         * platform/graphics/ca/GraphicsLayerCA.cpp:
2801         (WebCore::GraphicsLayerCA::updateContentsScale):
2802         * platform/graphics/ca/GraphicsLayerCA.h:
2803         * platform/graphics/ca/mac/TileController.h:
2804         * platform/graphics/ca/mac/TileController.mm:
2805         (WebCore::TileController::TileController):
2806         (WebCore::TileController::setContentsScale):
2807         (WebCore::TileController::setZoomedOutContentsScale):
2808         * rendering/RenderLayerBacking.cpp:
2809         (WebCore::RenderLayerBacking::zoomedOutPageScaleFactor):
2810         * rendering/RenderLayerBacking.h:
2811         * rendering/RenderLayerCompositor.cpp:
2812         (WebCore::RenderLayerCompositor::zoomedOutPageScaleFactor):
2813         * rendering/RenderLayerCompositor.h:
2814
2815 2014-04-10  Chris Fleizach  <cfleizach@apple.com>
2816
2817         Heap-use-after-free in WebCore::SpeechSynthesisUtterance::startTime
2818         https://bugs.webkit.org/show_bug.cgi?id=131482
2819
2820         Reviewed by David Kilzer.
2821
2822         Hold onto the utterance until it has time to fire, in case other references have been removed.
2823
2824         Merged from Blink r171077 by <dmazzoni@chromium.org>
2825
2826         Test: platform/mac/fast/speechsynthesis/speech-synthesis-gc-utterance-crash.html
2827
2828         * Modules/speech/SpeechSynthesis.cpp:
2829         (WebCore::SpeechSynthesis::handleSpeakingCompleted):
2830
2831 2014-04-11  Zan Dobersek  <zdobersek@igalia.com>
2832
2833         Avoid Vector copies in RenderGrid::placeItemsOnGrid()
2834         https://bugs.webkit.org/show_bug.cgi?id=131452
2835
2836         Reviewed by Sergio Villar Senin.
2837
2838         * rendering/RenderGrid.cpp:
2839         (WebCore::RenderGrid::placeSpecifiedMajorAxisItemsOnGrid): Take in a const reference to the
2840         Vector object. Make the for-loop that iterates through it range-based.
2841         (WebCore::RenderGrid::placeAutoMajorAxisItemsOnGrid): Ditto.
2842         * rendering/RenderGrid.h:
2843
2844 2014-04-11  Joseph Pecoraro  <pecoraro@apple.com>
2845
2846         Web Inspector: Remove shared PageScriptDebugServer, create per-Page
2847         https://bugs.webkit.org/show_bug.cgi?id=131523
2848
2849         Reviewed by Timothy Hatcher.
2850
2851         Having a shared PageScriptDebugServer was causing issues when we called
2852         JSC::Debugger::clearBreakpoints() closing one inspector while another
2853         is open for another WebCore::Page in the same process. Having the same
2854         JSC::Debugger underlying multiple InspectorDebuggerAgent instances
2855         means that when clearBreakpoints is called, the real JSC breakpoints
2856         underlying other InspectorDebuggerAgent's get removed. When those
2857         InspectorDebuggerAgents attempt to remove their breakpoints they
2858         encounter unexpected issues.
2859
2860         This entirely rebuilds PageScriptDebugServer to be per-Page instead
2861         of shared across all pages. So take this opportunity to move the
2862         file from WebCore/bindings/js to WebCore/inspector.
2863
2864         * CMakeLists.txt:
2865         * WebCore.vcxproj/WebCore.vcxproj:
2866         * WebCore.vcxproj/WebCore.vcxproj.filters:
2867         * WebCore.xcodeproj/project.pbxproj:
2868         * bindings/js/JSBindingsAllInOne.cpp:
2869         * bindings/js/PageScriptDebugServer.h: Removed.
2870         * inspector/InspectorAllInOne.cpp:
2871         Move PageScriptDebugServer.
2872
2873         * inspector/InspectorController.h:
2874         * inspector/InspectorController.cpp:
2875         (WebCore::InspectorController::InspectorController):
2876         Set the ScriptDebugServer directly on some other agents that
2877         were previously using the global debug server.
2878
2879         * inspector/InspectorProfilerAgent.h:
2880         (WebCore::InspectorProfilerAgent::scriptDebugServer):
2881         * inspector/InspectorProfilerAgent.cpp:
2882         (WebCore::InspectorProfilerAgent::InspectorProfilerAgent):
2883         (WebCore::InspectorProfilerAgent::setScriptDebugServer):
2884         (WebCore::InspectorProfilerAgent::start):
2885         (WebCore::InspectorProfilerAgent::willDestroyFrontendAndBackend): Deleted.
2886         * inspector/InspectorTimelineAgent.h:
2887         * inspector/InspectorTimelineAgent.cpp:
2888         (WebCore::InspectorTimelineAgent::start):
2889         (WebCore::InspectorTimelineAgent::stop):
2890         (WebCore::InspectorTimelineAgent::setPageScriptDebugServer):
2891         (WebCore::InspectorTimelineAgent::InspectorTimelineAgent):
2892         Refactor these two agents to take in a script debug server.
2893         The server is expected to be set during initialization and
2894         to always be valid (like debug server on RuntimeAgent).
2895
2896         * inspector/PageDebuggerAgent.h:
2897         * inspector/PageDebuggerAgent.cpp:
2898         (WebCore::PageDebuggerAgent::PageDebuggerAgent):
2899         (WebCore::PageDebuggerAgent::startListeningScriptDebugServer):
2900         (WebCore::PageDebuggerAgent::stopListeningScriptDebugServer):
2901         (WebCore::PageDebuggerAgent::scriptDebugServer):
2902         Have PageDebuggerAgent hold the PageScriptDebugServer.
2903         Update for the simplified interfaces.
2904
2905         * inspector/PageScriptDebugServer.h: Added.
2906         * inspector/PageScriptDebugServer.cpp: Renamed from Source/WebCore/bindings/js/PageScriptDebugServer.cpp.
2907         (WebCore::PageScriptDebugServer::PageScriptDebugServer):
2908         (WebCore::PageScriptDebugServer::addListener):
2909         (WebCore::PageScriptDebugServer::removeListener):
2910         (WebCore::PageScriptDebugServer::recompileAllJSFunctions):
2911         (WebCore::PageScriptDebugServer::didPause):
2912         (WebCore::PageScriptDebugServer::didContinue):
2913         (WebCore::PageScriptDebugServer::runEventLoopWhilePaused):
2914         (WebCore::PageScriptDebugServer::runEventLoopWhilePausedInternal):
2915         (WebCore::PageScriptDebugServer::isContentScript):
2916         (WebCore::PageScriptDebugServer::reportException):
2917         (WebCore::PageScriptDebugServer::setJavaScriptPaused):
2918         Model after JSGlobalObjectScriptDebugServer, the PageScriptDebugServer
2919         holds a reference to a Page.
2920
2921 2014-04-11  Bear Travis  <betravis@adobe.com>
2922
2923         [CSS Shapes] inset args and radial args should serialize to the simplest form
2924         https://bugs.webkit.org/show_bug.cgi?id=129825
2925
2926         Reviewed by Dirk Schulze.
2927
2928         Modify inset serialization to omit components where possible. The insets simplify
2929         according to the margin shorthand, while the corner radii simplify according to
2930         the border-radius shorthand.
2931
2932         Modifying existing parsing tests.
2933
2934         * css/CSSBasicShapes.cpp:
2935         (WebCore::buildInsetRadii): Add the necessary radii, omitting components where possible.
2936         (WebCore::buildInsetString): Omit components where possible.
2937
2938 2014-04-11  Praveen R Jadhav  <praveen.j@samsung.com>
2939
2940         "playbackTime" parameter is not present in AudioProcessingEvent Interface as per W3C spec
2941         https://bugs.webkit.org/show_bug.cgi?id=105518
2942
2943         Reviewed by Jer Noble.
2944
2945         Attribute "playbackTime" in AudioProcessingEvent implemented to pass playback time of
2946         audiobuffer associated with ScriptProcessorNode of the context.
2947  
2948         Reference: https://codereview.chromium.org/210973002
2949
2950         Spec: http://www.w3.org/TR/webaudio/#AudioProcessingEvent
2951
2952         Test: webaudio/audioprocessingevent.html
2953
2954         * Modules/webaudio/AudioProcessingEvent.cpp:
2955         (WebCore::AudioProcessingEvent::create):
2956         (WebCore::AudioProcessingEvent::AudioProcessingEvent):
2957         * Modules/webaudio/AudioProcessingEvent.h:
2958         (WebCore::AudioProcessingEvent::playbackTime):
2959         * Modules/webaudio/AudioProcessingEvent.idl:
2960         * Modules/webaudio/ScriptProcessorNode.cpp:
2961         (WebCore::ScriptProcessorNode::fireProcessEvent):
2962
2963 2014-04-11  Zalan Bujtas  <zalan@apple.com>
2964
2965         Subpixel rendering: WK1: Trail of cruft in redraw during animations.
2966         https://bugs.webkit.org/show_bug.cgi?id=131525
2967
2968         Reviewed by Simon Fraser.
2969
2970         Use enclosing rect instead of snapping to make sure the repaint rect always
2971         covers the dirty area when painting is requested in a non-compositing RenderView.
2972         This only applies to WK1 as WK2 has compositing RenderView and the repainting 
2973         is managed by RenderLayerBacking.
2974
2975         This is a temporary solution until after ScrollView/FrameView/RenderView
2976         is transitioned to device pixels. (tracked here: webkit.org/b/131526).
2977
2978         Test: fast/repaint/hidpi-block-width-change-leaves-cruft.html
2979
2980         * rendering/RenderView.cpp:
2981         (WebCore::RenderView::repaintViewRectangle):
2982
2983 2014-04-10  Dean Jackson  <dino@apple.com>
2984
2985         WebGL: need error checking after texture uploads
2986         https://bugs.webkit.org/show_bug.cgi?id=62902
2987         rdar://problem/9640309
2988
2989         Reviewed by Brent Fulgham.
2990
2991         A followup to Darin's r167109. We need to also check for errors
2992         in the texImage2D case.
2993
2994         This is difficult to reproducibly test because it would require
2995         attempting to exhaust GPU memory.
2996
2997         * html/canvas/WebGLRenderingContext.cpp:
2998         (WebCore::WebGLRenderingContext::compressedTexImage2D): Check for errors by calling
2999         moveErrorsToSyntheticErrorList twice, once before and once after. If an error
3000         occurred, explicitly mark the texture as invalid.
3001         (WebCore::WebGLRenderingContext::texImage2DBase): Ditto.
3002         * html/canvas/WebGLTexture.cpp:
3003         (WebCore::WebGLTexture::markInvalid): If the LevelInfo exists for this
3004         mipmap level, then set the valid flag to false. There is a chance that
3005         a previous call to texImage2D succeeded for this level, but it's probably
3006         better to assume that is now invalid.
3007         * html/canvas/WebGLTexture.h: New markInvalid method.
3008
3009 2014-04-10  Darin Adler  <darin@apple.com>
3010
3011         WebGL: need error checking after texture and buffer uploads in some cases
3012         https://bugs.webkit.org/show_bug.cgi?id=62902
3013         rdar://problem/9640309
3014
3015         Reviewed by Dean Jackson.
3016
3017         Not clear how to write a test for this.
3018
3019         * html/canvas/WebGLBuffer.cpp:
3020         (WebCore::WebGLBuffer::disassociateBufferData): Added.
3021         * html/canvas/WebGLBuffer.h: Added disassociateBufferData.
3022
3023         * html/canvas/WebGLRenderingContext.cpp:
3024         (WebCore::WebGLRenderingContext::bufferData): Check for errors by calling
3025         moveErrorsToSyntheticErrorList twice, once before and once after. If an error
3026         occurred, call the WebGLBuffer so it doesn't think it has data.
3027         (WebCore::WebGLRenderingContext::bufferSubData): Ditto.
3028
3029         * platform/graphics/GraphicsContext3D.h: Added moveErrorsToSyntheticErrorList.
3030
3031         * platform/graphics/opengl/GraphicsContext3DOpenGLCommon.cpp:
3032         (WebCore::GraphicsContext3D::moveErrorsToSyntheticErrorList): Added. Calls
3033         glError and moves any errors to the synthetic error list.
3034         (WebCore::GraphicsContext3D::getError): Added call to moveErrorsToSyntheticErrorList
3035         to preserve error ordering.
3036         (WebCore::GraphicsContext3D::synthesizeGLError): Ditto.
3037
3038 2014-04-10  Enrica Casucci  <enrica@apple.com>
3039
3040         iOS build fix to deal with CoreText changes.
3041         
3042         Reviewed by Benjamin Poulain.
3043         
3044         This is a temporary fix until CT fixes the issue.
3045
3046         * rendering/RenderThemeIOS.mm:
3047
3048 2014-04-10  Commit Queue  <commit-queue@webkit.org>
3049
3050         Unreviewed, rolling out r167073.
3051         https://bugs.webkit.org/show_bug.cgi?id=131516
3052
3053         This patch caused crashes in video tests. (Requested by
3054         mrobinson on #webkit).
3055
3056         Reverted changeset:
3057
3058         "[GStreamer] No CORS support for media elements"
3059         https://bugs.webkit.org/show_bug.cgi?id=99037
3060         http://trac.webkit.org/changeset/167073
3061
3062 2014-04-10  Beth Dakin  <bdakin@apple.com>
3063
3064         Radio buttons are using the wrong sizes and margins
3065         https://bugs.webkit.org/show_bug.cgi?id=131503
3066
3067         Reviewed by Jer Noble.
3068
3069         This is a regression that I caused recently when I combined radio button and 
3070         checkbox code. 
3071         * platform/mac/ThemeMac.mm:
3072         (WebCore::paintToggleButton):
3073
3074 2014-04-08  Jon Honeycutt  <jhoneycutt@apple.com>
3075
3076         Assertion failure in WebCore::FlexBoxIterator::next()
3077         <https://bugs.webkit.org/show_bug.cgi?id=117176>
3078         <rdar://problem/14054549>
3079
3080         Code added in r115687 began removing anonymous wrappers when children
3081         become inline. However, there are some objects, like
3082         RenderDeprecatedFlexBox, whose children should always be blocks.
3083
3084         Reviewed by Tim Horton.
3085
3086         * rendering/RenderBlock.h:
3087         (WebCore::RenderBlock::canCollapseAnonymousBlockChild):
3088         Made public.
3089
3090         * rendering/RenderObject.cpp:
3091         (WebCore::RenderObject::removeAnonymousWrappersForInlinesIfNecessary):
3092         Return early if we can't collapse anonymous block children.
3093
3094 2014-04-07  Jon Honeycutt  <jhoneycutt@apple.com>
3095
3096         Assertion failure, !node || node->isElementNode(), in
3097         WebCore::RenderBlock::clone()
3098         <https://bugs.webkit.org/show_bug.cgi?id=110489>
3099         <rdar://problem/13666425>
3100
3101         Reviewed by Antti Koivisto.
3102
3103         We're ending up in RenderBlock::splitBlocks() with |this| ==
3104         |fromBlock|.  We then try to climb the ancestor block chain from
3105         this->parent() to |fromBlock|, but this->parent() is already above
3106         |fromBlock|, so we end up climbing up to the RenderView and trying to
3107         clone it, causing the assertion failure.
3108
3109         Adopt Chromium's mitigation for this from
3110         <https://codereview.chromium.org/13852041>. This is not intended as a
3111         fix for the underlying issue.
3112
3113         Also, fix another issue that occurs with this fuzzed test case that's
3114         not handled by the Chromium fix.
3115
3116         * rendering/RenderBlock.cpp:
3117         (WebCore::RenderBlock::splitBlocks):
3118         Ensure while we're in the loop that |curr| is a descendant of
3119         |fromBlock|. From the Chromium patch:
3120
3121             We need to check in every iteration of the loop because
3122             moveChildrenTo could have moved |curr|. This is a mitigation and
3123             not really a fix against a class of tree craziness.
3124
3125         Finally, before moving children from |fromBlock| to |toBlock|, ensure
3126         that the children are children of |fromBlock|. If we never entered the
3127         loop, they will be siblings of |fromBlock|, not children.
3128
3129 2014-04-10  Enrica Casucci  <enrica@apple.com>
3130
3131         Build fix after http://trac.webkit.org/changeset/167085.
3132
3133         Reviewed by Timothy Hatcher.
3134
3135         * plugins/PluginData.h:
3136
3137 2014-04-10  Zalan Bujtas  <zalan@apple.com>
3138
3139         Web Inspector: Breakpoint in gutter has clipped / broken border image.
3140         https://bugs.webkit.org/show_bug.cgi?id=131500
3141
3142         Reviewed by Joseph Pecoraro.
3143
3144         Typo in r166925.
3145
3146         Test: fast/borders/border-image-slice-missing-right.html
3147
3148         * rendering/RenderBoxModelObject.cpp:
3149         (WebCore::RenderBoxModelObject::paintNinePieceImage):
3150
3151 2014-04-10  James Craig  <jcraig@apple.com>
3152
3153         Web Inspector: AXI: expose aria-busy state of current and ancestor nodes
3154         https://bugs.webkit.org/show_bug.cgi?id=130826
3155
3156         Reviewed by Timothy Hatcher.
3157
3158         Test: inspector-protocol/dom/getAccessibilityPropertiesForNode.html
3159
3160         Expose if node is contained by any "busy" ancestor nodes, too.
3161
3162         * inspector/InspectorDOMAgent.cpp:
3163         (WebCore::InspectorDOMAgent::buildObjectForAccessibilityProperties):
3164
3165 2014-04-10  Joseph Pecoraro  <pecoraro@apple.com>
3166
3167         Web Inspector: Remove unused ruler in overlay code
3168         https://bugs.webkit.org/show_bug.cgi?id=131507
3169
3170         Reviewed by Timothy Hatcher.
3171
3172         * inspector/InspectorDOMAgent.cpp:
3173         (WebCore::InspectorDOMAgent::highlightConfigFromInspectorObject):
3174         * inspector/InspectorOverlay.cpp:
3175         (WebCore::buildObjectForHighlight):
3176         * inspector/InspectorOverlay.h:
3177         (WebCore::Highlight::Highlight):
3178         (WebCore::Highlight::setDataFromConfig):
3179         * inspector/InspectorOverlayPage.js:
3180         (_drawFragmentHighlight):
3181         (_drawRegionNumber): Deleted.
3182         (quadToPath): Deleted.
3183         (drawOutlinedQuad): Deleted.
3184         (pathCommand): Deleted.
3185         (drawPath): Deleted.
3186         (drawOutlinedQuadWithClip): Deleted.
3187         (quadEquals): Deleted.
3188         (drawGutter): Deleted.
3189         (drawNodeHighlight): Deleted.
3190         (drawQuadHighlight): Deleted.
3191         (setPlatform): Deleted.
3192         (dispatch): Deleted.
3193         (log): Deleted.
3194
3195 2014-04-10  Brian J. Burg  <burg@cs.washington.edu>
3196
3197         Web Replay: memoize plugin data for navigator.mimeTypes and navigator.plugins
3198         https://bugs.webkit.org/show_bug.cgi?id=131341
3199
3200         Reviewed by Timothy Hatcher.
3201
3202         Information about plugins and mime types is nondeterministic and can change
3203         at any time, whether by system events, browser settings changes, or
3204         triggered by script. To avoid interposing on all those code paths, just
3205         memoize the plugin data used by DOMPluginArray and DOMMimeTypeArray.
3206
3207         This is less efficient than controlling mutations to the underlying PluginData
3208         of a Page, but that can be done later if better plugin support is desired.
3209         The point of this change is to make analytics trackers deterministic across
3210         enabling/disabling of plugins.
3211
3212         Test: LayoutTests/inspector/window-navigator-plugins-memoized.hml
3213
3214         * plugins/DOMMimeTypeArray.cpp:
3215         (WebCore::DOMMimeTypeArray::getPluginData):
3216         * plugins/DOMPluginArray.cpp:
3217         (WebCore::DOMPluginArray::pluginData): Save or restore memoized plugin
3218         data during capture and replay, respectively.
3219
3220         * plugins/PluginData.h:
3221         (WebCore::PluginData::PluginData): Add a constructor that uses the
3222         provided plugin data rather than fetching live plugin data. This is
3223         marked protected so it's only used by a subclass specifically for
3224         deserialization.
3225
3226         * replay/SerializationMethods.cpp: Add encoder specializations.
3227         (JSC::EncodingTraits<MimeClassInfo>::encodeValue):
3228         (JSC::EncodingTraits<MimeClassInfo>::decodeValue):
3229         (JSC::EncodingTraits<PluginInfo>::encodeValue):
3230         (JSC::EncodingTraits<PluginInfo>::decodeValue):
3231         (JSC::EncodingTraits<PluginData>::encodeValue):
3232         (JSC::DeserializedPluginData::DeserializedPluginData): Add a custom
3233         subclass of PluginData that can be initialized from deserialized data.
3234         (JSC::EncodingTraits<PluginData>::decodeValue):
3235         * replay/SerializationMethods.h:
3236         * replay/WebInputs.json: Add new input FetchPluginData.
3237
3238 2014-04-10  Myles C. Maxfield  <mmaxfield@apple.com>
3239
3240         Remove "System Font" from character width calculations
3241         https://bugs.webkit.org/show_bug.cgi?id=131411
3242
3243         Reviewed by Tim Horton.
3244
3245         Covered by existing tests
3246
3247         * platform/graphics/Font.cpp:
3248         (WebCore::Font::hasValidAverageCharWidth):
3249
3250 2014-04-10  Bem Jones-Bey  <bjonesbe@adobe.com>
3251
3252         Invalid cast in WebCore::RenderLayer::setupClipPath
3253         https://bugs.webkit.org/show_bug.cgi?id=131368
3254
3255         Reviewed by Dirk Schulze.
3256
3257         Only attempt to clip to a box shape if the renderer being clipped is
3258         actually a box.
3259
3260         Test: css3/masking/clip-path-box-shape-on-inline-crash.html
3261
3262         * rendering/RenderLayer.cpp:
3263         (WebCore::RenderLayer::setupClipPath): Add isBox() check.
3264
3265 2014-04-10  Owen Taylor  <otaylor@redhat.com>
3266
3267         [GTK] Remove a comment that was incorrectly cut-and-pasted from WidgetBackingStoreCairo
3268         https://bugs.webkit.org/show_bug.cgi?id=131499
3269
3270         Reviewed by Martin Robinson.
3271
3272         * platform/gtk/WidgetBackingStoreGtkX11.cpp: Remove a comment that was incorrectly copy and pasted
3273         from the Cairo implementation.
3274
3275 2014-04-09  Alexey Proskuryakov  <ap@apple.com>
3276
3277         Eliminate DragSession structure
3278         https://bugs.webkit.org/show_bug.cgi?id=131465
3279
3280         Reviewed by Benjamin Poulain.
3281
3282         DragSession is really just a transient response to NSDragDestination delegate methods.
3283         The "session" name was quite misleading, and thankfully, we don't need a class for this
3284         bag of data at all.
3285
3286         * WebCore.xcodeproj/project.pbxproj:
3287         * page/DragController.cpp:
3288         (WebCore::DragController::DragController):
3289         (WebCore::DragController::dragEntered):
3290         (WebCore::DragController::dragUpdated):
3291         (WebCore::DragController::dragEnteredOrUpdated):
3292         (WebCore::DragController::tryDocumentDrag):
3293         * page/DragController.h:
3294         (WebCore::DragController::mouseIsOverFileInput):
3295         (WebCore::DragController::numberOfItemsToBeAccepted):
3296         * page/DragSession.h: Removed.
3297
3298 2014-04-10  Youenn Fablet  <youenn.fablet@crf.canon.fr>
3299
3300         [GStreamer] No CORS support for media elements
3301         https://bugs.webkit.org/show_bug.cgi?id=99037
3302
3303         Reviewed by Philippe Normand.
3304
3305         Added CORS access control check to media sources when crossorigin attribute is set.
3306
3307         Added getter to CORS access control check status (used to compute whether the stream is tainted or not).
3308         Related test is http/tests/security/video-cross-origin-readback.html.
3309
3310         Disabled access to cross-origin streams that fail CORS check when crossorigin attribute is set.
3311         Related test is http/tests/security/video-cross-origin-accessfailure.html.
3312
3313         Tests: http/tests/security/video-cross-origin-accessfailure.html
3314                http/tests/security/video-cross-origin-accesssameorigin.html
3315
3316         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.cpp:
3317         (WebCore::MediaPlayerPrivateGStreamer::didPassCORSAccessCheck): Return whether media is cross-origin (tainted) or not by querying the gstreamer source layer.
3318         * platform/graphics/gstreamer/MediaPlayerPrivateGStreamer.h: Added MediaPlayerPrivateGStreamer::didPassCORSAccessCheck declaration.
3319         * platform/graphics/gstreamer/WebKitWebSourceGStreamer.cpp:
3320         (webKitWebSrcStart): Passed CORS mode parameter to the streaming client. In case of CORS check failure, stop the resource loading.
3321         (webKitSrcPassedCORSAccessCheck): Return whether CORS access control check was done and successful.
3322         (StreamingClient::handleResponseReceived): Take a parameter to assign the CORS access control check result.
3323         (CachedResourceStreamingClient::CachedResourceStreamingClient): Updated setting of the ResourceLoaderOptions according CORS mode.
3324         (CachedResourceStreamingClient::responseReceived): Check CORS and pass result to handleResponseReceived.
3325         (ResourceHandleStreamingClient::didReceiveResponse): No CORS check.
3326         * platform/graphics/gstreamer/WebKitWebSourceGStreamer.h: Added webKitSrcPassedCORSAccessCheck declaration.
3327
3328 2014-04-10  Eva Balazsfalvi  <evab.u-szeged@partner.samsung.com>
3329
3330         Move UseJSC.cmake back to CMakeLists.txt
3331         https://bugs.webkit.org/show_bug.cgi?id=130834
3332
3333         Reviewed by Csaba Osztrogonác.
3334
3335         No new tests required.
3336
3337         * CMakeLists.txt:
3338         * UseJSC.cmake: Removed.
3339
3340 2014-04-09  Commit Queue  <commit-queue@webkit.org>
3341
3342         Unreviewed, rolling out r167046.
3343         https://bugs.webkit.org/show_bug.cgi?id=131479
3344
3345         Caused 300+ failures on Mavericks WK1 tester (Requested by ap
3346         on #webkit).
3347
3348         Reverted changeset:
3349
3350         "Remove "System Font" from whitelisted DRT fonts and char
3351         width calculations"
3352         https://bugs.webkit.org/show_bug.cgi?id=131411
3353         http://trac.webkit.org/changeset/167046
3354
3355 2014-04-09  Jeremy Jones  <jeremyj@apple.com>
3356
3357         Fix build failure.
3358         https://bugs.webkit.org/show_bug.cgi?id=131473
3359
3360         Reviewed by Dan Bernstein.
3361
3362         Fix build failure.
3363
3364         * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
3365         (mediaSelectionOptions):
3366
3367 2014-04-09  Enrica Casucci  <enrica@apple.com>
3368
3369         Unreviewed build fix after http://trac.webkit.org/changeset/167045
3370
3371         The file contained an invalid character.
3372
3373         * platform/ios/WebVideoFullscreenInterfaceAVKit.mm:
3374         (WebVideoFullscreenInterfaceAVKit::enterFullscreen):
3375
3376 2014-04-09  Dean Jackson  <dino@apple.com>
3377
3378         [iOS] Media controls should resize as the user zooms
3379         https://bugs.webkit.org/show_bug.cgi?id=131322
3380
3381         Reviewed by Eric Carlson.
3382
3383         On iOS the media controls should remain the same size
3384         independent of user zoom. Have the HTMLMediaElement optionally
3385         register for updates in the page scale to apply an inverse
3386         scale.
3387
3388         * Modules/mediacontrols/MediaControlsHost.cpp: New exposed property that calls
3389         back into HTMLMediaElement::mediaControlsDependOnPageScaleFactor.
3390         (WebCore::MediaControlsHost::controlsDependOnPageScaleFactor):
3391         (WebCore::MediaControlsHost::setControlsDependOnPageScaleFactor):
3392         * Modules/mediacontrols/MediaControlsHost.h: Keep a reference to the actual
3393         controls from the JavaScript side so we can talk to it later.
3394         (WebCore::MediaControlsHost::controllerJSValue):
3395         (WebCore::MediaControlsHost::setControllerJSValue):
3396         * Modules/mediacontrols/MediaControlsHost.idl: Expose controlsDependOnPageScaleFactor.
3397
3398         * Modules/mediacontrols/mediaControlsiOS.css:
3399         (audio::-webkit-media-controls-panel): Specify the transform origin so that
3400         scaling will keep the controls pinned to the bottom left corner.
3401         (audio::-webkit-media-controls-start-playback-button): Update to the correct size
3402         and provide new artwork.
3403         (audio::-webkit-media-controls-start-playback-button.failed): New artwork.
3404         * Modules/mediacontrols/mediaControlsiOS.js:
3405         (ControllerIOS): Tell the host that these controls care about the page scale.
3406         (ControllerIOS.prototype.get pageScaleFactor): New getter.
3407         (ControllerIOS.prototype.set pageScaleFactor): When set, update the play button and the panel.
3408
3409         * html/HTMLMediaElement.cpp:
3410         (WebCore::HTMLMediaElement::ensureMediaControlsInjectedScript): Small naming cleanup.
3411         (setPageScaleFactorProperty): Static helper to set a JS property value.
3412         (WebCore::HTMLMediaElement::didAddUserAgentShadowRoot): Keep a reference to the controls object,
3413         and make sure to set the page scale factor on the controls.
3414         (WebCore::HTMLMediaElement::pageScaleFactorChanged): Implement the callback, telling
3415         the controls object that it needs to relayout.
3416
3417 2014-04-09  Antti Koivisto  <antti@apple.com>
3418
3419         Tr